Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
59cdb015 by Salvatore Bonaccorso at 2025-06-11T14:29:45+02:00
Process some NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -22,7 +22,7 @@ CVE-2025-4798 (The WP-DownloadManager plugin for WordPress is
vulnerable to arbi
CVE-2025-4666 (The Zotpress plugin for WordPress is vulnerable to Stored
Cross-Site S ...)
NOT-FOR-US: WordPress plugin
CVE-2025-4275 (Running the provided utility changes the certificate on any
Insyde BIO ...)
- TODO: check
+ NOT-FOR-US: Insyde
CVE-2025-49793
REJECTED
CVE-2025-49792
@@ -42,9 +42,9 @@ CVE-2025-49786
CVE-2025-49785
REJECTED
CVE-2025-47849 (A privilege escalation vulnerability exists in Apache
CloudStack versi ...)
- TODO: check
+ NOT-FOR-US: Apache CloudStack
CVE-2025-47713 (A privilege escalation vulnerability exists in Apache
CloudStack versi ...)
- TODO: check
+ NOT-FOR-US: Apache CloudStack
CVE-2025-47117 (Adobe Experience Manager versions 6.5.22 and earlier are
affected by a ...)
NOT-FOR-US: Adobe
CVE-2025-47116 (Adobe Experience Manager versions 6.5.22 and earlier are
affected by a ...)
@@ -500,17 +500,17 @@ CVE-2025-46837 (Adobe Experience Manager versions 6.5.22
and earlier are affecte
CVE-2025-35940 (The ArchiverSpaApiASP.NET application uses a hard-coded JWT
signing k ...)
TODO: check
CVE-2025-32717 (Heap-based buffer overflow in Microsoft Office Word allows an
unauthor ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2025-30675 (In Apache CloudStack, a flaw in access control affects the
listTemplat ...)
- TODO: check
+ NOT-FOR-US: Apache CloudStack
CVE-2025-29756 (SunGrow's back end users system iSolarCloud
https://isolarcloud.com u ...)
- TODO: check
+ NOT-FOR-US: iSolarCloud
CVE-2025-26521 (When an Apache CloudStack user-account creates a CKS-based
Kubernetes ...)
- TODO: check
+ NOT-FOR-US: Apache CloudStack
CVE-2025-22829 (The CloudStack Quota plugin has an improper privilege
management logic ...)
- TODO: check
+ NOT-FOR-US: Apache CloudStack (CloudStack Quota plugin)
CVE-2025-1055 (A vulnerability in the K7RKScan.sys driver, part of the K7
Security An ...)
- TODO: check
+ NOT-FOR-US: K7 Security Anti-Malware suite
CVE-2024-9062 (The Archify application contains a local privilege escalation
vulnerab ...)
TODO: check
CVE-2024-8270 (The macOS Rocket.Chat application is affected by a
vulnerability that ...)
@@ -522,7 +522,7 @@ CVE-2024-35295 (A vulnerability has been identified in
Perfect Harmony GH180 (Al
CVE-2024-1244 (Improper input validation in the OSSEC HIDS agent for Windows
prior to ...)
TODO: check
CVE-2024-1243 (Improper input validation in the Wazuh agent for Windows prior
to vers ...)
- TODO: check
+ NOT-FOR-US: Wazuh agent for Windows
CVE-2025-5986
- thunderbird <unfixed>
[bookworm] - thunderbird <postponed> (Minor issue, fix along with June
update)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/59cdb0156b280837c90ebae2ece239195698d268
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/59cdb0156b280837c90ebae2ece239195698d268
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
