Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
d2f44900 by Salvatore Bonaccorso at 2025-07-28T22:40:04+02:00
Process some NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -6,35 +6,35 @@ CVE-2025-8283 (A vulnerability was found in the netavark
package, a network stac
CVE-2025-8279 (Insufficient input validation within GitLab Language Server
7.6.0 and ...)
TODO: check
CVE-2025-8275 (A vulnerability, which was classified as problematic, has been
found i ...)
- TODO: check
+ NOT-FOR-US: bsc Peru Cocktails App
CVE-2025-8274 (A vulnerability classified as critical was found in Campcodes
Online R ...)
NOT-FOR-US: Campcodes
CVE-2025-8273 (A vulnerability classified as critical has been found in
code-projects ...)
- TODO: check
+ NOT-FOR-US: code-projects
CVE-2025-8272 (A vulnerability was found in code-projects Exam Form Submission
1.0. I ...)
- TODO: check
+ NOT-FOR-US: code-projects
CVE-2025-8271 (A vulnerability was found in code-projects Exam Form Submission
1.0. I ...)
- TODO: check
+ NOT-FOR-US: code-projects
CVE-2025-8270 (A vulnerability was found in code-projects Exam Form Submission
1.0. I ...)
- TODO: check
+ NOT-FOR-US: code-projects
CVE-2025-8269 (A vulnerability was found in code-projects Exam Form Submission
1.0 an ...)
- TODO: check
+ NOT-FOR-US: code-projects
CVE-2025-8266 (A vulnerability has been found in yanyutao0402 ChanCMS up to
3.1.2 and ...)
- TODO: check
+ NOT-FOR-US: yanyutao0402 ChanCMS
CVE-2025-8265 (A vulnerability classified as critical has been found in 299Ko
CMS 2.0 ...)
- TODO: check
+ NOT-FOR-US: 299Ko CMS
CVE-2025-8194 (There is a defect in the CPython \u201ctarfile\u201d module
affecting ...)
TODO: check
CVE-2025-7676 (DLL hijacking of all PE32 executables when run on Windows for
ARM64 CP ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2025-6918 (Improper Neutralization of Special Elements used in an SQL
Command ('S ...)
- TODO: check
+ NOT-FOR-US: Ncvav Virtual PBX Software
CVE-2025-6250 (Prior to 25.4.270.0, when wmic.exe is elevated with a full
admin token ...)
NOT-FOR-US: BeyondTrust
CVE-2025-5997 (Incorrect Use of Privileged APIs vulnerability in Beamsec
PhishPro all ...)
- TODO: check
+ NOT-FOR-US: Beamsec PhishPro
CVE-2025-54569 (In Malwarebytes Binisoft Windows Firewall Control before
6.16.0.0, the ...)
- TODO: check
+ NOT-FOR-US: Malwarebytes Binisoft Windows Firewall Control
CVE-2025-54538 (In JetBrains TeamCity before 2025.07 password exposure was
possible vi ...)
NOT-FOR-US: JetBrains
CVE-2025-54537 (In JetBrains TeamCity before 2025.07 user credentials were
stored in p ...)
@@ -70,9 +70,9 @@ CVE-2025-54299 (A stored XSS vulnerability in No Boss
Testimonials component 1.0
CVE-2025-54298 (A stored XSS vulnerability in CommentBox component 1.0.0-1.1.0
for Joo ...)
NOT-FOR-US: Joomla
CVE-2025-53696 (iSTAR Ultra performs a firmware verification on boot, however
the veri ...)
- TODO: check
+ NOT-FOR-US: iSTAR Ultra
CVE-2025-53695 (OS Command Injection in iSTAR Ultra products web application
allows an ...)
- TODO: check
+ NOT-FOR-US: iSTAR Ultra
CVE-2025-50494 (Improper session invalidation in the component
/doctor/change-password ...)
NOT-FOR-US: PHPGurukul
CVE-2025-50493 (Improper session invalidation in the component
/doctor/change-password ...)
@@ -98,33 +98,33 @@ CVE-2025-50484 (Improper session invalidation in the
component /crm/change-passw
CVE-2025-43023 (A potential security vulnerability has been identified in the
HP Linux ...)
TODO: check
CVE-2025-40730 (HTML injection in Vox Media's Chorus CMS. This vulnerability
allows an ...)
- TODO: check
+ NOT-FOR-US: Vox Media's Chorus CMS
CVE-2025-32731 (A reflected cross-site scripting (xss) vulnerability exists in
the rad ...)
- TODO: check
+ NOT-FOR-US: meddream MedDream PACS Premium
CVE-2025-30133 (An issue was discovered on IROAD Dashcam FX2 devices. Bypass
of Device ...)
- TODO: check
+ NOT-FOR-US: IROAD Dashcam FX2 devices
CVE-2025-30126 (An issue was discovered on Marbella KR8s Dashcam FF 2.0.8
devices. Via ...)
- TODO: check
+ NOT-FOR-US: Marbella KR8s Dashcam FF
CVE-2025-30125 (An issue was discovered on Marbella KR8s Dashcam FF 2.0.8
devices. All ...)
- TODO: check
+ NOT-FOR-US: Marbella KR8s Dashcam FF
CVE-2025-30124 (An issue was discovered on Marbella KR8s Dashcam FF 2.0.8
devices. Whe ...)
- TODO: check
+ NOT-FOR-US: Marbella KR8s Dashcam FF
CVE-2025-2297 (Prior to version 25.4.270.0, a local authenticated attacker can
manipu ...)
NOT-FOR-US: BeyondTrust
CVE-2025-29534 (An authenticated remote code execution vulnerability in
PowerStick Wav ...)
- TODO: check
+ NOT-FOR-US: PowerStick Wave Dual-Band Wifi Extender
CVE-2025-27802 (The Episerver Content Management System (CMS) by Optimizely
was affect ...)
- TODO: check
+ NOT-FOR-US: Episerver Content Management System (CMS)
CVE-2025-27801 (The Episerver Content Management System (CMS) by Optimizely
was affect ...)
- TODO: check
+ NOT-FOR-US: Episerver Content Management System (CMS)
CVE-2025-27800 (The Episerver Content Management System (CMS) by Optimizely
was affect ...)
- TODO: check
+ NOT-FOR-US: Episerver Content Management System (CMS)
CVE-2025-27724 (A privilege escalation vulnerability exists in the login.php
functiona ...)
- TODO: check
+ NOT-FOR-US: meddream MedDream PACS Premium
CVE-2025-26469 (An incorrect default permissions vulnerability exists in the
CServerSe ...)
- TODO: check
+ NOT-FOR-US: meddream MedDream PACS Premium
CVE-2025-24485 (A server-side request forgery vulnerability exists in the
cecho.php fu ...)
- TODO: check
+ NOT-FOR-US: meddream MedDream PACS Premium
CVE-2024-49343 (IBM Informix Dynamic Server 12.10 and 14.10 is vulnerable to
HTML inje ...)
NOT-FOR-US: IBM
CVE-2024-49342 (IBM Informix Dynamic Server 12.10 and 14.10 uses an inadequate
account ...)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/d2f4490050d83067a2637038476d0853a4f60c46
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/d2f4490050d83067a2637038476d0853a4f60c46
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
