Moritz Muehlenhoff pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
f7759c12 by Moritz Mühlenhoff at 2025-10-16T11:12:10+02:00
NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,15 +1,15 @@
CVE-2025-62585 (Whale browser before 4.33.325.17 allows an attacker to bypass
the Cont ...)
- TODO: check
+ NOT-FOR-US: Whale Browser
CVE-2025-62584 (Whale browser before 4.33.325.17 allows an attacker to bypass
the Same ...)
- TODO: check
+ NOT-FOR-US: Whale Browser
CVE-2025-62583 (Whale Browser before 4.33.325.17 allows an attacker to escape
the ifra ...)
- TODO: check
+ NOT-FOR-US: Whale Browser
CVE-2025-62580 (ASDA-Soft Stack-based Buffer Overflow Vulnerability)
NOT-FOR-US: Delta Electronics
CVE-2025-62579 (ASDA-Soft Stack-based Buffer Overflow Vulnerability)
NOT-FOR-US: Delta Electronics
CVE-2025-58778 (Multiple versions of RG-EST300 provided by Ruijie Networks
provide SSH ...)
- TODO: check
+ NOT-FOR-US: Ruijie
CVE-2025-55091 (In NetX Duo before 6.4.4, the networking support module for
Eclipse Fo ...)
TODO: check
CVE-2025-55090 (In NetX Duo before 6.4.4, the networking support module for
Eclipse Fo ...)
@@ -27,13 +27,13 @@ CVE-2025-43281 (The issue was addressed with improved
authentication. This issue
CVE-2025-43280 (The issue was resolved by not loading remote images This issue
is fixe ...)
NOT-FOR-US: Apple
CVE-2025-41021 (Stored Cross-Site Scripting (XSS) in Sergestec's Exito v8.0,
consistin ...)
- TODO: check
+ NOT-FOR-US: Sergestec
CVE-2025-41020 (Insecure direct object reference (IDOR) vulnerability in
Sergestec's E ...)
- TODO: check
+ NOT-FOR-US: Sergestec
CVE-2025-41019 (SQL injection in Sergestec's SISTICK v7.2. This vulnerability
allows a ...)
- TODO: check
+ NOT-FOR-US: Sergestec
CVE-2025-41018 (SQL injection in Sergestec's Exito v8.0. This vulnerability
allows an ...)
- TODO: check
+ NOT-FOR-US: Sergestec
CVE-2025-11814 (The Ultimate Addons for WPBakery plugin for WordPress is
vulnerable to ...)
NOT-FOR-US: WordPress plugin
CVE-2025-10850 (The Felan Framework plugin for WordPress is vulnerable to
improper aut ...)
@@ -73,7 +73,7 @@ CVE-2025-62381 (sveltekit-superforms makes SvelteKit forms a
pleasure to use. sv
CVE-2025-62380 (mailgen is a Node.js package that generates responsive HTML
e-mails fo ...)
NOT-FOR-US: Node mailgen
CVE-2025-62379 (Reflex is a library to build full-stack web apps in pure
Python. In ve ...)
- TODO: check
+ NOT-FOR-US: Reflex (different from src:reflex)
CVE-2025-62378 (CommandKit is the discord.js meta-framework for building
Discord bots. ...)
NOT-FOR-US: CommandKit
CVE-2025-62375 (go-witness and witness are Go modules for generating
attestations. In ...)
@@ -83,7 +83,7 @@ CVE-2025-62375 (go-witness and witness are Go modules for
generating attestation
CVE-2025-62371 (OpenSearch Data Prepper as an open source data collector for
observabi ...)
NOT-FOR-US: OpenSearch Data Prepper
CVE-2025-62370 (Alloy Core libraries at the root of the Rust Ethereum
ecosystem. Prior ...)
- TODO: check
+ NOT-FOR-US: Alloy
CVE-2025-61990 (When using a multi-bladed platform with more than one blade,
undisclos ...)
NOT-FOR-US: F5
CVE-2025-61974 (When a client SSL profile is configured on a virtual server,
undisclos ...)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/f7759c121e97d9a1c53ae79f9ad837e2b8a0a424
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/f7759c121e97d9a1c53ae79f9ad837e2b8a0a424
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
