Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
ea702303 by Salvatore Bonaccorso at 2025-08-07T22:27:34+02:00
Process some NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,47 +1,47 @@
CVE-2025-8697 (A vulnerability was found in agentUniverse up to 0.0.18 and
classified ...)
- TODO: check
+ NOT-FOR-US: agentUniverse
CVE-2025-8533 (A vulnerability was identified in the XPC services of
Fantastical. The ...)
- TODO: check
+ NOT-FOR-US: Fantastical
CVE-2025-7195 (Early versions of Operator-SDK provided an insecure method to
allow op ...)
- TODO: check
+ NOT-FOR-US: Red Hat Operator-SDK
CVE-2025-7054 (Cloudflare quiche was discovered to be vulnerable to an
infinite loop ...)
TODO: check
CVE-2025-55138 (LinkJoin through 882f196 mishandles token ownership in
password reset.)
- TODO: check
+ NOT-FOR-US: LinkJoin
CVE-2025-55137 (LinkJoin through 882f196 mishandles lacks type checking in
password re ...)
- TODO: check
+ NOT-FOR-US: LinkJoin
CVE-2025-55136 (ERC (aka Emotion Recognition in Conversation) through 0.3 has
insecure ...)
- TODO: check
+ NOT-FOR-US: ERC (aka Emotion Recognition in Conversation)
CVE-2025-55135 (In Agora Foundation Agora fall23-Alpha1 before 690ce56, there
is XSS v ...)
- TODO: check
+ NOT-FOR-US: Agora
CVE-2025-55134 (In Agora Foundation Agora fall23-Alpha1 before b087490, there
is XSS v ...)
- TODO: check
+ NOT-FOR-US: Agora
CVE-2025-55133 (In Agora Foundation Agora fall23-Alpha1 before b087490, there
is XSS v ...)
- TODO: check
+ NOT-FOR-US: Agora
CVE-2025-55077 (Tyler Technologies ERP Pro 9 SaaS allows an authenticated user
to esca ...)
- TODO: check
+ NOT-FOR-US: Tyler Technologies ERP Pro 9 SaaS
CVE-2025-54397 (Netwrix Directory Manager (formerly Imanami GroupID) 11.0.0.0
before 1 ...)
- TODO: check
+ NOT-FOR-US: Netwrix Directory Manager
CVE-2025-54396 (Netwrix Directory Manager (formerly Imanami GroupID) 11.0.0.0
before 1 ...)
- TODO: check
+ NOT-FOR-US: Netwrix Directory Manager
CVE-2025-54395 (Netwrix Directory Manager (formerly Imanami GroupID) 11.0.0.0
before 1 ...)
- TODO: check
+ NOT-FOR-US: Netwrix Directory Manager
CVE-2025-54394 (Netwrix Directory Manager (formerly Imanami GroupID) 11.0.0.0
before 1 ...)
- TODO: check
+ NOT-FOR-US: Netwrix Directory Manager
CVE-2025-54393 (Netwrix Directory Manager (formerly Imanami GroupID) 11.0.0.0
before 1 ...)
- TODO: check
+ NOT-FOR-US: Netwrix Directory Manager
CVE-2025-54392 (Netwrix Directory Manager (formerly Imanami GroupID) 11.0.0.0
before 1 ...)
- TODO: check
+ NOT-FOR-US: Netwrix Directory Manager
CVE-2025-51629 (A cross-site scripting (XSS) vulnerability in the PdfViewer
component ...)
- TODO: check
+ NOT-FOR-US: Agenzia Impresa Eccobook
CVE-2025-51533 (An Insecure Direct Object Reference (IDOR) in Sage DPW
v2024_12_004 an ...)
TODO: check
CVE-2025-50952 (openjpeg v 2.5.0 was discovered to contain a NULL pointer
dereference ...)
TODO: check
CVE-2025-50692 (FoxCMS <=v1.2.5 is vulnerable to Code Execution in
admin/template_file ...)
- TODO: check
+ NOT-FOR-US: FoxCMS
CVE-2025-50675 (GPMAW 14, a bioinformatics software, has a critical
vulnerability rela ...)
- TODO: check
+ NOT-FOR-US: GPMAW
CVE-2025-47808 (In GStreamer through 1.26.1, the subparse plugin's
tmplayer_parse_line ...)
TODO: check
CVE-2025-47807 (In GStreamer through 1.26.1, the subparse plugin's
subrip_unescape_for ...)
@@ -51,61 +51,61 @@ CVE-2025-47806 (In GStreamer through 1.26.1, the subparse
plugin's parse_subrip_
CVE-2025-47219 (In GStreamer through 1.26.1, the isomp4 plugin's
qtdemux_parse_trak fu ...)
TODO: check
CVE-2025-47188 (A vulnerability in the Mitel 6800 Series, 6900 Series, and
6900w Serie ...)
- TODO: check
+ NOT-FOR-US: Mitel
CVE-2025-47183 (In GStreamer through 1.26.1, the isomp4 plugin's
qtdemux_parse_tree fu ...)
TODO: check
CVE-2025-44779 (An issue in Ollama v0.1.33 allows attackers to delete
arbitrary files ...)
TODO: check
CVE-2025-34152 (An unauthenticated OS command injection vulnerability exists
in the Sh ...)
- TODO: check
+ NOT-FOR-US: Shenzhen Aitemi M300 Wi-Fi Repeater
CVE-2025-34151 (A command injection vulnerability exists in the 'passwd'
parameter of ...)
- TODO: check
+ NOT-FOR-US: Shenzhen Aitemi M300 Wi-Fi Repeater
CVE-2025-34150 (The PPPoE configuration interface of the Shenzhen Aitemi M300
Wi-Fi Re ...)
- TODO: check
+ NOT-FOR-US: Shenzhen Aitemi M300 Wi-Fi Repeater
CVE-2025-34149 (A command injection vulnerability affects the Shenzhen Aitemi
M300 Wi- ...)
- TODO: check
+ NOT-FOR-US: Shenzhen Aitemi M300 Wi-Fi Repeater
CVE-2025-34148 (An unauthenticated OS command injection vulnerability exists
in the Sh ...)
- TODO: check
+ NOT-FOR-US: Shenzhen Aitemi M300 Wi-Fi Repeater
CVE-2025-24000 (Authentication Bypass Using an Alternate Path or Channel
vulnerability ...)
NOT-FOR-US: WordPress plugin or theme
CVE-2024-56339 (IBM WebSphere Application Server 9.0 and WebSphere Application
Server ...)
NOT-FOR-US: IBM
CVE-2024-55401 (An issue in 4C Strategies Exonaut before v22.4 allows
attackers to exe ...)
- TODO: check
+ NOT-FOR-US: 4C Strategies
CVE-2024-52680 (EyouCMS 1.6.7 is vulnerable to Cross Site Scripting (XSS) in
/login.ph ...)
- TODO: check
+ NOT-FOR-US: EyouCMS
CVE-2024-42048 (OpenOrange Business Framework 1.15.5 provides unprivileged
users with ...)
- TODO: check
+ NOT-FOR-US: OpenOrange Business Framework
CVE-2023-41532 (Hospital Management System v4 was discovered to contain a SQL
injectio ...)
- TODO: check
+ NOT-FOR-US: Hospital Management System
CVE-2023-41531 (Hospital Management System v4 was discovered to contain
multiple SQL i ...)
- TODO: check
+ NOT-FOR-US: Hospital Management System
CVE-2023-41530 (Hospital Management System v4 was discovered to contain a SQL
injectio ...)
- TODO: check
+ NOT-FOR-US: Hospital Management System
CVE-2023-41529 (Hospital Management System v4 was discovered to contain
multiple cross ...)
- TODO: check
+ NOT-FOR-US: Hospital Management System
CVE-2023-41528 (Hospital Management System v4 was discovered to contain
multiple SQL i ...)
- TODO: check
+ NOT-FOR-US: Hospital Management System
CVE-2023-41527 (Hospital Management System v4 was discovered to contain a SQL
injectio ...)
- TODO: check
+ NOT-FOR-US: Hospital Management System
CVE-2023-41526 (Hospital Management System v4 was discovered to contain
multiple SQL i ...)
- TODO: check
+ NOT-FOR-US: Hospital Management System
CVE-2023-41525 (Hospital Management System v4 was discovered to contain a SQL
injectio ...)
- TODO: check
+ NOT-FOR-US: Hospital Management System
CVE-2023-41524 (Student Attendance Management System v1 was discovered to
contain a SQ ...)
- TODO: check
+ NOT-FOR-US: Student Attendance Management System
CVE-2023-41523 (Student Attendance Management System v1 was discovered to
contain a SQ ...)
- TODO: check
+ NOT-FOR-US: Student Attendance Management System
CVE-2023-41522 (Student Attendance Management System v1 was discovered to
contain mult ...)
- TODO: check
+ NOT-FOR-US: Student Attendance Management System
CVE-2023-41521 (Student Attendance Management System v1 was discovered to
contain mult ...)
- TODO: check
+ NOT-FOR-US: Student Attendance Management System
CVE-2023-41520 (Student Attendance Management System v1 was discovered to
contain mult ...)
- TODO: check
+ NOT-FOR-US: Student Attendance Management System
CVE-2023-41519 (Student Attendance Management System v1 was discovered to
contain a cr ...)
- TODO: check
+ NOT-FOR-US: Student Attendance Management System
CVE-2023-40992 (Hospital Management System 4 is vulnerable to a SQL injection
in /Hosp ...)
- TODO: check
+ NOT-FOR-US: Hospital Management System
CVE-2025-47907 (Cancelling a query (e.g. by cancelling the context passed to
one of th ...)
- golang-1.24 <unfixed>
- golang-1.23 <unfixed>
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/ea70230344cf5a3cb20b8b77e01fedaa5a746f11
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/ea70230344cf5a3cb20b8b77e01fedaa5a746f11
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
