Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
b8255c2b by Salvatore Bonaccorso at 2025-05-16T13:14:03+02:00
Process some NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -90,15 +90,15 @@ CVE-2025-48174 (In libavif before 1.3.0, makeRoom in
stream.c has an integer ove
CVE-2025-47930 (Zulip is an open-source team chat application. Starting in
version 10. ...)
- zulip-server <itp> (bug #800052)
CVE-2025-47929 (DumbDrop, a file upload application that provides an interface
for dra ...)
- TODO: check
+ NOT-FOR-US: DumbDrop
CVE-2025-47928 (Spotipy is a Python library for the Spotify Web API. As of
commit 4f57 ...)
TODO: check
CVE-2025-47809 (Wibu CodeMeter before 8.30a sometimes allows privilege
escalation imme ...)
- TODO: check
+ NOT-FOR-US: Wibu CodeMeter
CVE-2025-47287 (Tornado is a Python web framework and asynchronous networking
library. ...)
TODO: check
CVE-2025-47275 (Auth0-PHP provides the PHP SDK for Auth0 Authentication and
Management ...)
- TODO: check
+ NOT-FOR-US: Auth0-PHP
CVE-2025-3624 (Missing Authorization vulnerability in Hitachi Ops Center
Analyzer (Hi ...)
NOT-FOR-US: Hitachi
CVE-2025-3516 (The Simple Lightbox WordPress plugin before 2.9.4 does not
validate an ...)
@@ -300,7 +300,7 @@ CVE-2024-5440 (The If-So Dynamic Content Personalization
WordPress plugin before
CVE-2024-5026 (The CM Tooltip Glossary WordPress plugin before 4.3.4 does not
sanitis ...)
NOT-FOR-US: WordPress plugin
CVE-2024-53827 (Ericsson Packet Core Controller (PCC) contains a vulnerability
where a ...)
- TODO: check
+ NOT-FOR-US: Ericsson
CVE-2024-51475 (IBM Content Navigator 3.0.11, 3.0.15, and 3.1.0 is vulnerable
to HTML ...)
NOT-FOR-US: IBM
CVE-2024-4665 (The EventPrime WordPress plugin before 3.5.0 does not properly
valida ...)
@@ -1077,7 +1077,7 @@ CVE-2025-20095 (Incorrect Default Permissions for some
Intel(R) RealSense\u2122
CVE-2025-20084 (Uncontrolled resource consumption for some Edge Orchestrator
software ...)
NOT-FOR-US: Intel
CVE-2025-20083 (Improper authentication in the firmware for the Intel(R) Slim
Bootload ...)
- TODO: check
+ NOT-FOR-US: Intel
CVE-2025-20082 (Time-of-check time-of-use race condition in the UEFI firmware
SmiVaria ...)
NOT-FOR-US: Intel
CVE-2025-20079 (Uncontrolled search path for some Intel(R) Advisor software
may allow ...)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/b8255c2be1deac100a936872c994b09b0361e832
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/b8255c2be1deac100a936872c994b09b0361e832
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
