Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
396cb1f4 by Salvatore Bonaccorso at 2025-08-05T22:02:56+02:00
Process some NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -80,35 +80,35 @@ CVE-2025-54975
CVE-2025-54974
REJECTED
CVE-2025-54871 (Electron Capture facilitates video playback for screen-sharing
and cap ...)
- TODO: check
+ NOT-FOR-US: Electron Capture
CVE-2025-54870 (VTun-ng is a Virtual Tunnel over TCP/IP network. In versions
3.0.17 an ...)
- TODO: check
+ NOT-FOR-US: VTun-ng
CVE-2025-54868 (LibreChat is a ChatGPT clone with additional features. In
versions 0.0 ...)
NOT-FOR-US: LibreChat
CVE-2025-54865 (Tilesheets MediaWiki Extension adds a table lookup parser
function for ...)
NOT-FOR-US: MediaWiki Extension
CVE-2025-54804 (Russh is a Rust SSH client & server library. In versions
0.54.0 and be ...)
- TODO: check
+ NOT-FOR-US: russh
CVE-2025-54803 (js-toml is a TOML parser for JavaScript, fully compliant with
the TOML ...)
- TODO: check
+ NOT-FOR-US: js-toml
CVE-2025-54802 (pyLoad is the free and open-source Download Manager written in
pure Py ...)
TODO: check
CVE-2025-54797
REJECTED
CVE-2025-54795 (Claude Code is an agentic coding tool. In versions below
1.0.20, an er ...)
- TODO: check
+ NOT-FOR-US: Claude Code
CVE-2025-54794 (Claude Code is an agentic coding tool. In versions below
0.2.111, a pa ...)
- TODO: check
+ NOT-FOR-US: Claude Code
CVE-2025-54780 (The glpi-screenshot-plugin allows users to take screenshots or
screens ...)
- TODO: check
+ NOT-FOR-US: GLPI plugin
CVE-2025-54554 (tiaudit in Tera Insights tiCrypt before 2025-07-17 allows
unauthentica ...)
- TODO: check
+ NOT-FOR-US: Tera Insights tiCrypt
CVE-2025-54387 (IPX is an image optimizer powered by sharp and svgo. In
versions 1.3.1 ...)
- TODO: check
+ NOT-FOR-US: IPX
CVE-2025-54135 (Cursor is a code editor built for programming with AI. Cursor
allows w ...)
- TODO: check
+ NOT-FOR-US: Cursor
CVE-2025-54130 (Cursor is a code editor built for programming with AI. Cursor
allows w ...)
- TODO: check
+ NOT-FOR-US: Cursor
CVE-2025-54119 (ADOdb is a PHP database class library that provides
abstractions for p ...)
TODO: check
CVE-2025-53544 (Trilium Notes is an open-source, cross-platform hierarchical
note taki ...)
@@ -263,7 +263,7 @@ CVE-2013-10054 (An unauthenticated arbitrary file upload
vulnerability exists in
CVE-2013-10052 (ZPanel includes a helper binary named zsudo, intended to allow
restric ...)
NOT-FOR-US: ZPanel
CVE-2025-54962 (/edit-user in webserver in OpenPLC Runtime 3 through 9cd8f1b
allows au ...)
- TODO: check
+ NOT-FOR-US: OpenPLC
CVE-2025-48499 (Out-of-bounds write vulnerability exists in FUJIFILM Business
Innovati ...)
NOT-FOR-US: FUJIFILM
CVE-2025-20702 (In the Airoha Bluetooth audio SDK, there is a possible
unauthorized ac ...)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/396cb1f43fe97f2b57a44d01c436133f936607da
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/396cb1f43fe97f2b57a44d01c436133f936607da
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
