Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
1a622ab7 by Salvatore Bonaccorso at 2025-09-27T12:16:06+02:00
Process some NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -21,9 +21,9 @@ CVE-2025-59939 (WeGIA is a Web manager for charitable
institutions. Prior to ver
CVE-2025-59938 (Wazuh is a free and open source platform used for threat
prevention, d ...)
NOT-FOR-US: Wazuh
CVE-2025-59936 (get-jwks contains fetch utils for JWKS keys. In versions prior
to 11.0 ...)
- TODO: check
+ NOT-FOR-US: get-jwks
CVE-2025-59934 (Formbricks is an open source qualtrics alternative. Prior to
version 4 ...)
- TODO: check
+ NOT-FOR-US: Formbricks
CVE-2025-59932 (Flag Forge is a Capture The Flag (CTF) platform. From versions
2.0.0 t ...)
NOT-FOR-US: Flag Forge
CVE-2025-59845 (Apollo Studio Embeddable Explorer & Embeddable Sandbox are
website emb ...)
@@ -31,13 +31,13 @@ CVE-2025-59845 (Apollo Studio Embeddable Explorer &
Embeddable Sandbox are websi
CVE-2025-50879
REJECTED
CVE-2025-3193 (Versions of the package algoliasearch-helper from 2.0.0-rc1 and
before ...)
- TODO: check
+ NOT-FOR-US: algoliasearch-helper package for Node.js
CVE-2025-36239 (IBM Storage TS4500 Library 1.11.0.0 and 2.11.0.0 is
vulnerable to cr ...)
NOT-FOR-US: IBM
CVE-2025-36144 (IBM Lakehouse (watsonx.data 2.2) stores potentially sensitive
informat ...)
NOT-FOR-US: IBM
CVE-2025-11052 (A security flaw has been discovered in kidaze
CourseSelectionSystem 1. ...)
- TODO: check
+ NOT-FOR-US: kidaze CourseSelectionSystem
CVE-2025-11051 (A vulnerability has been found in SourceCodester Pet Grooming
Manageme ...)
NOT-FOR-US: SourceCodester
CVE-2025-11050 (A flaw has been found in Portabilis i-Educar up to 2.10. This
affects ...)
@@ -49,15 +49,15 @@ CVE-2025-11048 (A security vulnerability has been detected
in Portabilis i-Educa
CVE-2025-11047 (A weakness has been identified in Portabilis i-Educar up to
2.10. Affe ...)
NOT-FOR-US: Portabilis
CVE-2025-11046 (A security flaw has been discovered in Tencent WeKnora 0.1.0.
This imp ...)
- TODO: check
+ NOT-FOR-US: Tencent WeKnora
CVE-2025-11045 (A vulnerability was identified in WAYOS LQ_04, LQ_05, LQ_06,
LQ_07 and ...)
- TODO: check
+ NOT-FOR-US: WAYOS
CVE-2025-11041 (A vulnerability has been found in itsourcecode Open Source Job
Portal ...)
- TODO: check
+ NOT-FOR-US: itsourcecode Open Source Job Portal
CVE-2025-11040 (A vulnerability was detected in code-projects Hostel
Management System ...)
NOT-FOR-US: code-projects
CVE-2025-10954 (Versions of the package github.com/nyaruka/phonenumbers before
1.2.2 a ...)
- TODO: check
+ NOT-FOR-US: phonenumbers Go package (github.com/nyaruka/phonenumbers)
CVE-2025-10657 (In a hardened Docker environment, with Enhanced Container
Isolation ( ...)
NOT-FOR-US: Docker products not packaged in Debian
CVE-2025-10499 (The Ninja Forms \u2013 The Contact Form Builder That Grows
With You pl ...)
@@ -360,11 +360,11 @@ CVE-2025-11015 (A weakness has been identified in
OGRECave Ogre up to 14.4.1. Im
CVE-2025-11014 (A security flaw has been discovered in OGRECave Ogre up to
14.4.1. Thi ...)
TODO: check
CVE-2025-11013 (A vulnerability was identified in BehaviorTree up to 4.7.0.
This vulne ...)
- TODO: check
+ NOT-FOR-US: BehaviorTree
CVE-2025-11012 (A vulnerability was determined in BehaviorTree up to 4.7.0.
This affec ...)
- TODO: check
+ NOT-FOR-US: BehaviorTree
CVE-2025-11011 (A vulnerability was found in BehaviorTree up to 4.7.0.
Affected by thi ...)
- TODO: check
+ NOT-FOR-US: BehaviorTree
CVE-2025-11010 (A vulnerability has been found in vstakhov libucl up to 0.9.2.
Affecte ...)
TODO: check
CVE-2025-10871 (An issue has been discovered in GitLab EE affecting all
versions from ...)
@@ -376,7 +376,7 @@ CVE-2025-10867 (An issue has been discovered in GitLab
CE/EE affecting all versi
CVE-2025-10858 (An issue was discovered in GitLab CE/EE affecting all versions
before ...)
TODO: check
CVE-2025-10544 (Unrestricted file upload vulnerability in DocAve 6.13.2,
Perimeter 1.1 ...)
- TODO: check
+ NOT-FOR-US: DocAve
CVE-2025-10925 [ZDI-CAN-27793: GIMP ILBM File Parsing Stack-based Buffer
Overflow Remote Code Execution Vulnerability]
- gimp <unfixed>
NOTE: https://gitlab.gnome.org/GNOME/gimp/-/issues/14816
@@ -735,7 +735,7 @@ CVE-2025-10949 (A vulnerability was found in Changsha
Developer Technology iView
CVE-2025-10948 (A vulnerability has been found in MikroTik RouterOS 7. This
affects th ...)
NOT-FOR-US: MikroTik
CVE-2025-10947 (A flaw has been found in Sistemas Pleno Gest\xe3o de
Loca\xe7\xe3o up ...)
- TODO: check
+ NOT-FOR-US: Sistemas Pleno Gestao de Locaco
CVE-2025-10946 (A vulnerability was detected in nuz007 smsboom up to
01b2f35bbbc23f3e0 ...)
NOT-FOR-US: nuz007 smsboom
CVE-2025-10945 (A security vulnerability has been detected in nuz007 smsboom
up to 01b ...)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/1a622ab7880b9271db0d4203b38aaa28200141e7
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/1a622ab7880b9271db0d4203b38aaa28200141e7
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
