Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
ce4510bd by Salvatore Bonaccorso at 2025-06-12T10:35:53+02:00
Process some NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,15 +1,15 @@
CVE-2025-6009 (A vulnerability was found in kiCode111 like-girl 5.2.0 and
classified ...)
- TODO: check
+ NOT-FOR-US: kiCode111 like-girl
CVE-2025-6008 (A vulnerability has been found in kiCode111 like-girl 5.2.0 and
classi ...)
- TODO: check
+ NOT-FOR-US: kiCode111 like-girl
CVE-2025-6007 (A vulnerability, which was classified as critical, was found in
kiCode ...)
- TODO: check
+ NOT-FOR-US: kiCode111 like-girl
CVE-2025-6006 (A vulnerability, which was classified as critical, has been
found in k ...)
- TODO: check
+ NOT-FOR-US: kiCode111 like-girl
CVE-2025-6005 (A vulnerability classified as critical was found in kiCode111
like-gir ...)
- TODO: check
+ NOT-FOR-US: kiCode111 like-girl
CVE-2025-5301 (ONLYOFFICE Docs (DocumentServer) in versions equal and below
8.3.1 are ...)
- TODO: check
+ NOT-FOR-US: ONLYOFFICE
CVE-2025-5012 (The Workreap plugin for WordPress, used by the Workreap -
Freelance Ma ...)
NOT-FOR-US: WordPress plugin
CVE-2025-4973 (The Workreap plugin for WordPress, used by the Workreap -
Freelance Ma ...)
@@ -33,7 +33,7 @@ CVE-2025-49815
CVE-2025-49814
REJECTED
CVE-2025-35978 (Improper restriction of communication channel to intended
endpoints is ...)
- TODO: check
+ NOT-FOR-US: UpdateNavi
CVE-2023-36636
REJECTED
CVE-2022-4976 (Archive::Unzip::Burst from 0.01 through 0.09 for Perl contains
a bundl ...)
@@ -43,7 +43,7 @@ CVE-2025-6002 (An unrestricted file upload vulnerability
exists in the Product I
CVE-2025-6001 (A Cross-Site Request Forgery (CSRF) vulnerability exists in the
produc ...)
TODO: check
CVE-2025-5687 (A vulnerability in Mozilla VPN on macOS allows privilege
escalation fr ...)
- TODO: check
+ NOT-FOR-US: Mozilla VPN on macOS
CVE-2025-5144 (The The Events Calendar plugin for WordPress is vulnerable to
Stored C ...)
NOT-FOR-US: WordPress plugin
CVE-2025-4922 (Nomad Community and Nomad Enterprise (\u201cNomad\u201d)
prefix-based ...)
@@ -106,7 +106,7 @@ CVE-2025-3302 (The Xagio SEO \u2013 AI Powered SEO plugin
for WordPress is vulne
CVE-2025-35941 (A password is exposed locally.)
TODO: check
CVE-2025-32711 (Ai command injection in M365 Copilot allows an unauthorized
attacker t ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2025-32466 (A SQL injection vulnerability in RSMediaGallery! component
1.7.4 - 2.1 ...)
NOT-FOR-US: Joomla
CVE-2025-32465 (A stored XSS vulnerability in RSTickets! component 1.9.12 -
3.3.0 for ...)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/ce4510bd3ad15048cc32ed12546a9ae759c5770b
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/ce4510bd3ad15048cc32ed12546a9ae759c5770b
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
