Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
83f84a88 by Salvatore Bonaccorso at 2025-08-06T19:59:38+02:00
Process some NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -117,13 +117,13 @@ CVE-2025-54879 (Mastodon is a free, open-source social
network server based on A
CVE-2025-54876 (The Janssen Project is an open-source identity and access
management ( ...)
NOT-FOR-US: Janssen Project
CVE-2025-54873 (RISC Zero is a zero-knowledge verifiable general computing
platform ba ...)
- TODO: check
+ NOT-FOR-US: RISC Zero
CVE-2025-54872 (onion-site-template is a complete, scalable tor hidden service
self-ho ...)
NOT-FOR-US: onion-site-template
CVE-2025-54869 (FPDI is a collection of PHP classes that facilitate reading
pages from ...)
TODO: check
CVE-2025-54801 (Fiber is an Express inspired web framework written in Go. In
versions ...)
- TODO: check
+ NOT-FOR-US: Fiber
CVE-2025-54655 (Race condition vulnerability in the virtualization base
module. Succes ...)
NOT-FOR-US: Huawei
CVE-2025-54653 (Path traversal vulnerability in the virtualization file
module. Succes ...)
@@ -223,7 +223,7 @@ CVE-2025-54607 (Authentication management vulnerability in
the ArkWeb module. Im
CVE-2025-54606 (Status verification vulnerability in the lock screen module.
Impact: S ...)
NOT-FOR-US: Huawei
CVE-2025-54594 (react-native-bottom-tabs is a library of Native Bottom Tabs
for React ...)
- TODO: check
+ NOT-FOR-US: react-native-bottom-tabs
CVE-2025-54571 (ModSecurity is an open source, cross platform web application
firewall ...)
TODO: check
CVE-2025-54125 (XWiki Platform is a generic wiki platform offering runtime
services fo ...)
@@ -397,7 +397,7 @@ CVE-2025-51627 (Incorrect access control in CaricaVerbale
in Agenzia Impresa Ecc
CVE-2025-51541 (A stored cross-site scripting (XSS) vulnerability exists in
the Shopwa ...)
NOT-FOR-US: Shopware
CVE-2025-51060 (An issue was discovered in CPUID cpuz.sys 1.0.5.4. An attacker
can use ...)
- TODO: check
+ NOT-FOR-US: CPUID cpuz.sys
CVE-2025-50707 (An issue in thinkphp3 v.3.2.5 allows a remote attacker to
execute arbi ...)
NOT-FOR-US: thinkphp
CVE-2025-50706 (An issue in thinkphp v.5.1 allows a remote attacker to execute
arbitra ...)
@@ -599,7 +599,7 @@ CVE-2025-52892 (EspoCRM is a web application with a
frontend designed as a singl
CVE-2025-51726 (CyberGhostVPNSetup.exe (Windows installer) is signed using the
weak cr ...)
NOT-FOR-US: CyberGhostVPNSetup.exe (Windows installer)
CVE-2025-51387 (The GitKraken Desktop 10.8.0 and 11.1.0 is susceptible to code
injecti ...)
- TODO: check
+ NOT-FOR-US: GitKraken Desktop
CVE-2025-50754 (Unisite CMS version 5.0 contains a stored Cross-Site Scripting
(XSS) v ...)
NOT-FOR-US: Unisite CMS
CVE-2025-50341 (A Boolean-based SQL injection vulnerability was discovered in
Axelor 5 ...)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/83f84a884aa6520fbb924a0e068476727f206e42
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/83f84a884aa6520fbb924a0e068476727f206e42
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
