[Git][security-tracker-team/security-tracker][master] NFUs

Moritz Muehlenhoff (@jmm) Sun, 07 Sep 2025 09:01:16 -0700


Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / 
security-tracker



Commits:
03291532 by Moritz Muehlenhoff at 2025-09-05T10:15:31+02:00
NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -77,7 +77,7 @@ CVE-2025-58353 (Promptcraft Forge Studio is a toolkit for 
evaluating, optimizing
 CVE-2025-57576 (PHPGurukul Online Shopping Portal 2.1 is vulnerable to Cross 
Site Scri ...)
        NOT-FOR-US: PHPGurukul
 CVE-2025-57263 (An authenticated SQL injection vulnerability in VX Guestbook 
1.07 allo ...)
-       TODO: check
+       NOT-FOR-US: VX Guestbook
 CVE-2025-48581 (In VerifyNoOverlapInSessions of apexd.cpp, there is a possible 
way to  ...)
        NOT-FOR-US: Android
 CVE-2025-48563 (In onNullBinding of RemoteFillService.java, there is a 
possible backgr ...)
@@ -157,69 +157,69 @@ CVE-2025-48523 (In onCreate of 
SelectAccountActivity.java, there is a possible w
 CVE-2025-48522 (In setDisplayName of AssociationRequest.java, there is a 
possible way  ...)
        NOT-FOR-US: Android
 CVE-2025-41063 (A vulnerability has been discovered in version 4.0.5 of 
appRain CMF, c ...)
-       TODO: check
+       NOT-FOR-US: appRain CMF
 CVE-2025-41062 (A vulnerability has been discovered in version 4.0.5 of 
appRain CMF, c ...)
-       TODO: check
+       NOT-FOR-US: appRain CMF
 CVE-2025-41061 (A vulnerability has been discovered in appRain CMF version 
4.0.5, cons ...)
-       TODO: check
+       NOT-FOR-US: appRain CMF
 CVE-2025-41060 (A vulnerability has been discovered in appRain CMF version 
4.0.5, cons ...)
-       TODO: check
+       NOT-FOR-US: appRain CMF
 CVE-2025-41059 (A vulnerability has been discovered in appRain CMF version 
4.0.5, cons ...)
-       TODO: check
+       NOT-FOR-US: appRain CMF
 CVE-2025-41058 (A vulnerability has been discovered in appRain CMF version 
4.0.5, cons ...)
-       TODO: check
+       NOT-FOR-US: appRain CMF
 CVE-2025-41057 (A vulnerability has been discovered in appRain CMF version 
4.0.5, cons ...)
-       TODO: check
+       NOT-FOR-US: appRain CMF
 CVE-2025-41056 (A vulnerability has been discovered in appRain CMF version 
4.0.5, cons ...)
-       TODO: check
+       NOT-FOR-US: appRain CMF
 CVE-2025-41055 (A vulnerability has been discovered in appRain CMF version 
4.0.5, cons ...)
-       TODO: check
+       NOT-FOR-US: appRain CMF
 CVE-2025-41054 (A vulnerability has been discovered in appRain CMF version 
4.0.5, cons ...)
-       TODO: check
+       NOT-FOR-US: appRain CMF
 CVE-2025-41053 (A vulnerability has been discovered in appRain CMF version 
4.0.5, cons ...)
-       TODO: check
+       NOT-FOR-US: appRain CMF
 CVE-2025-41052 (A vulnerability has been discovered in appRain CMF version 
4.0.5, cons ...)
-       TODO: check
+       NOT-FOR-US: appRain CMF
 CVE-2025-41051 (A vulnerability has been discovered in appRain CMF version 
4.0.5, cons ...)
-       TODO: check
+       NOT-FOR-US: appRain CMF
 CVE-2025-41050 (A vulnerability has been discovered in appRain CMF version 
4.0.5, cons ...)
-       TODO: check
+       NOT-FOR-US: appRain CMF
 CVE-2025-41049 (A vulnerability has been discovered in appRain CMF version 
4.0.5, cons ...)
-       TODO: check
+       NOT-FOR-US: appRain CMF
 CVE-2025-41048 (A vulnerability has been discovered in appRain CMF version 
4.0.5, cons ...)
-       TODO: check
+       NOT-FOR-US: appRain CMF
 CVE-2025-41047 (A vulnerability has been discovered in appRain CMF version 
4.0.5, cons ...)
-       TODO: check
+       NOT-FOR-US: appRain CMF
 CVE-2025-41046 (A vulnerability has been discovered in appRain CMF version 
4.0.5, cons ...)
-       TODO: check
+       NOT-FOR-US: appRain CMF
 CVE-2025-41045 (A vulnerability has been discovered in appRain CMF version 
4.0.5, cons ...)
-       TODO: check
+       NOT-FOR-US: appRain CMF
 CVE-2025-41044 (A vulnerability has been discovered in appRain CMF version 
4.0.5, cons ...)
-       TODO: check
+       NOT-FOR-US: appRain CMF
 CVE-2025-41043 (A vulnerability has been discovered in appRain CMF version 
4.0.5, cons ...)
-       TODO: check
+       NOT-FOR-US: appRain CMF
 CVE-2025-41042 (A vulnerability has been discovered in appRain CMF version 
4.0.5, cons ...)
-       TODO: check
+       NOT-FOR-US: appRain CMF
 CVE-2025-41041 (A vulnerability has been discovered in appRain CMF version 
4.0.5, cons ...)
-       TODO: check
+       NOT-FOR-US: appRain CMF
 CVE-2025-41040 (A vulnerability has been discovered in appRain CMF version 
4.0.5, cons ...)
-       TODO: check
+       NOT-FOR-US: appRain CMF
 CVE-2025-41039 (A vulnerability has been discovered in appRain CMF version 
4.0.5, cons ...)
-       TODO: check
+       NOT-FOR-US: appRain CMF
 CVE-2025-41038 (A vulnerability has been discovered in appRain CMF version 
4.0.5, cons ...)
-       TODO: check
+       NOT-FOR-US: appRain CMF
 CVE-2025-41037 (A vulnerability has been discovered in appRain CMF version 
4.0.5, cons ...)
-       TODO: check
+       NOT-FOR-US: appRain CMF
 CVE-2025-41036 (A vulnerability has been discovered in appRain CMF version 
4.0.5, cons ...)
-       TODO: check
+       NOT-FOR-US: appRain CMF
 CVE-2025-41035 (A problem has been discovered in appRain CMF 4.0.5. An 
authenticated P ...)
-       TODO: check
+       NOT-FOR-US: appRain CMF
 CVE-2025-41034 (An SQL injection vulnerability has been found in appRain CMF 
4.0.5. Th ...)
-       TODO: check
+       NOT-FOR-US: appRain CMF
 CVE-2025-41033 (An SQL injection vulnerability has been found in appRain CMF 
4.0.5. Th ...)
-       TODO: check
+       NOT-FOR-US: appRain CMF
 CVE-2025-41032 (An SQL injection vulnerability has been found in appRain CMF 
4.0.5. Th ...)
-       TODO: check
+       NOT-FOR-US: appRain CMF
 CVE-2025-32350 (In maybeShowDialog of ControlsSettingsDialogManager.kt, there 
is a pos ...)
        NOT-FOR-US: Android
 CVE-2025-32349 (In multiple locations, there is a possible privilege 
escalation due to ...)
@@ -259,7 +259,7 @@ CVE-2025-2694 (IBM Sterling B2B Integrator 6.0.0.0 through 
6.1.2.7_1 and 6.2.0.0
 CVE-2025-2667 (IBM Sterling B2B Integrator 6.0.0.0 through 6.1.2.7_1 and 
6.2.0.0 thro ...)
        NOT-FOR-US: IBM
 CVE-2025-2411 (Improper Restriction of Excessive Authentication Attempts 
vulnerabilit ...)
-       TODO: check
+       NOT-FOR-US: Akinsoft
 CVE-2025-26464 (In executeAppFunction of AppSearchManagerService.java, there 
is a poss ...)
        NOT-FOR-US: Android
 CVE-2025-26463 (In allowPackageAccess of multiple files, resource exhaustion 
is possib ...)
@@ -337,21 +337,21 @@ CVE-2025-26419 (In initPhoneSwitch of 
SystemSettingsFragment.java, there is a po
 CVE-2025-25048 (IBM Jazz Foundation 7.0.2 through 7.0.2 iFix033, 7.0.3 through 
7.0.3 i ...)
        NOT-FOR-US: IBM
 CVE-2025-23302 (NVIDIA HGX and DGX contain a vulnerability where a 
misconfiguration of ...)
-       TODO: check
+       NOT-FOR-US: NVIDIA
 CVE-2025-23301 (NVIDIA HGX and DGX contain a vulnerability where a 
misconfiguration of ...)
-       TODO: check
+       NOT-FOR-US: NVIDIA
 CVE-2025-23262 (NVIDIA ConnectX contains a vulnerability in the management 
interface,  ...)
-       TODO: check
+       NOT-FOR-US: NVIDIA
 CVE-2025-23261 (NVIDIA Cumulus Linux and NVOS products contain a 
vulnerability, where  ...)
-       TODO: check
+       NOT-FOR-US: NVIDIA
 CVE-2025-23259 (NVIDIA Mellanox DPDK contains a vulnerability in Poll Mode 
Driver (PMD ...)
-       TODO: check
+       NOT-FOR-US: NVIDIA
 CVE-2025-23258 (NVIDIA DOCA contains a vulnerability in the collectx-dpeserver 
Debian  ...)
-       TODO: check
+       NOT-FOR-US: NVIDIA
 CVE-2025-23257 (NVIDIA DOCA contains a vulnerability in the collectx-clxapidev 
Debian  ...)
-       TODO: check
+       NOT-FOR-US: NVIDIA
 CVE-2025-23256 (NVIDIA BlueField contains a vulnerability in the management 
interface, ...)
-       TODO: check
+       NOT-FOR-US: NVIDIA
 CVE-2025-22441 (In getContextForResourcesEnsuringCorrectCachedApkPaths of 
RemoteViews. ...)
        NOT-FOR-US: Android
 CVE-2025-22425 (In onCreate of InstallStart.java, there is a possible 
permissions bypa ...)
@@ -381,7 +381,7 @@ CVE-2024-40664 (In setupAccessibilityServices of 
AccessibilityFragment.java , th
 CVE-2024-34598 (Improper export of component in GoodLock prior to version 
2.2.04.95 al ...)
        NOT-FOR-US: Samsung Mobile
 CVE-2024-13073 (Improper Neutralization of Input During Web Page Generation 
(XSS or 'C ...)
-       TODO: check
+       NOT-FOR-US: Akinsoft
 CVE-2023-35657 (In bta_av_config_ind of bta_av_aact.cc, there is a possible 
out of bou ...)
        NOT-FOR-US: Android
 CVE-2025-38730 (In the Linux kernel, the following vulnerability has been 
resolved:  i ...)
@@ -726,13 +726,13 @@ CVE-2025-36890 (Elevation of Privilege)
 CVE-2025-36887 (In wl_cfgscan_update_v3_schedscan_results() of  wl_cfgscan.c, 
there is ...)
        NOT-FOR-US: Google devices
 CVE-2025-2417 (Improper Restriction of Excessive Authentication Attempts 
vulnerabilit ...)
-       TODO: check
+       NOT-FOR-US: Akinsoft
 CVE-2024-56190 (In wl_update_hidden_ap_ie() of wl_cfgscan.c, there is a 
possible out o ...)
        NOT-FOR-US: Google devices
 CVE-2024-56189 (In SAEMM_DiscloseMsId of SAEMM_RadioMessageCodec.c, there is a 
possibl ...)
        NOT-FOR-US: Google devices
 CVE-2024-13071 (Improper Neutralization of Input During Web Page Generation 
(XSS or 'C ...)
-       TODO: check
+       NOT-FOR-US: Akinsoft
 CVE-2025-9959 (Incomplete validation of dunder attributes allows an attacker 
to escap ...)
        NOT-FOR-US: huggingface/smolagents
 CVE-2025-9926 (A vulnerability was determined in projectworlds Travel 
Management Syst ...)
@@ -901,7 +901,7 @@ CVE-2025-56435 (SQL Injection vulnerability in FoxCMS 
v1.2.6 and before allows a
 CVE-2025-56139 (LinkedIn Mobile Application for Android version 4.1.1087.2 
fails to up ...)
        NOT-FOR-US: LinkedIn Mobile Application for Android
 CVE-2025-55944 (Slink v1.4.9 allows stored cross-site scripting (XSS) via 
crafted SVG  ...)
-       TODO: check
+       NOT-FOR-US: Slink
 CVE-2025-55852 (Tenda AC8 v16.03.34.06 is vulnerable to Buffer Overflow in the 
formWif ...)
        NOT-FOR-US: Tenda
 CVE-2025-55162 (Envoy is an open source L7 proxy and communication bus 
designed for la ...)
@@ -933,7 +933,7 @@ CVE-2025-2416 (Improper Restriction of Excessive 
Authentication Attempts vulnera
 CVE-2025-2415 (Improper Restriction of Excessive Authentication Attempts 
vulnerabilit ...)
        NOT-FOR-US: Akinsoft
 CVE-2025-26210 (An Cross-Site Scripting (XSS) vulnerability in DeepSeek R1 
through V3. ...)
-       TODO: check
+       NOT-FOR-US: DeepSeek
 CVE-2025-20336 (A vulnerability in the directory permissions of Cisco Desk 
Phone 9800  ...)
        NOT-FOR-US: Cisco
 CVE-2025-20335 (A vulnerability in the directory permissions of Cisco Desk 
Phone 9800  ...)



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/03291532d179cab67b6d3bde73f239e04a813f94

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/03291532d179cab67b6d3bde73f239e04a813f94
You're receiving this email because of your account on salsa.debian.org.

_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

[Git][security-tracker-team/security-tracker][master] NFUs

Reply via email to