Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
d61862e2 by Salvatore Bonaccorso at 2025-07-12T22:25:41+02:00
Process some more NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -80,7 +80,7 @@ CVE-2025-6058 (The WPBookit plugin for WordPress is
vulnerable to arbitrary file
CVE-2025-6057 (The WPBookit plugin for WordPress is vulnerable to arbitrary
file uplo ...)
NOT-FOR-US: WordPress plugin
CVE-2025-5199 (In Canonical Multipass up to and including version 1.15.1 on
macOS, in ...)
- TODO: check
+ NOT-FOR-US: Canonical Multipass
CVE-2025-53879
REJECTED
CVE-2025-53878
@@ -110,7 +110,7 @@ CVE-2024-38648 (A hardcoded secret in Ivanti DSM before
2024.2 allows an authent
CVE-2023-39339 (A vulnerability exists on all versions of Ivanti Policy Secure
below 2 ...)
NOT-FOR-US: Ivanti
CVE-2023-39338 (Enables an authenticated user (enrolled device) to access a
service pr ...)
- TODO: check
+ NOT-FOR-US: Ivanti
CVE-2023-38036 (A security vulnerability within Ivanti Avalanche Manager
before versio ...)
NOT-FOR-US: Ivanti
CVE-2025-7503 (An OEM IP camera manufactured by Shenzhen Liandian
Communication Techn ...)
@@ -128,13 +128,13 @@ CVE-2025-7452 (A vulnerability was found in kone-net
go-chat up to f9e58d0afa9bb
CVE-2025-7450 (A vulnerability was found in letseeqiji gorobbs up to 1.0.8. It
has be ...)
NOT-FOR-US: letseeqiji gorobbs
CVE-2025-7029 (A vulnerability in the Software SMI handler (SwSmiInputValue
0xB2) all ...)
- TODO: check
+ NOT-FOR-US: Gigabyte UEFI firmware
CVE-2025-7028 (A vulnerability in the Software SMI handler (SwSmiInputValue
0x20) all ...)
- TODO: check
+ NOT-FOR-US: Gigabyte UEFI firmware
CVE-2025-7027 (A vulnerability in the Software SMI handler (SwSmiInputValue
0xB2) all ...)
- TODO: check
+ NOT-FOR-US: Gigabyte UEFI firmware
CVE-2025-7026 (A vulnerability in the Software SMI handler (SwSmiInputValue
0xB2) all ...)
- TODO: check
+ NOT-FOR-US: Gigabyte UEFI firmware
CVE-2025-6851 (The Broken Link Notifier plugin for WordPress is vulnerable to
Server- ...)
NOT-FOR-US: WordPress plugin
CVE-2025-6838 (The Broken Link Notifier plugin for WordPress is vulnerable to
CSV Inj ...)
@@ -222,7 +222,7 @@ CVE-2025-45582 (GNU Tar through 1.35 allows file overwrite
via directory travers
CVE-2025-43856 (immich is a high performance self-hosted photo and video
management so ...)
NOT-FOR-US: immich
CVE-2025-3933 (A Regular Expression Denial of Service (ReDoS) vulnerability
was disco ...)
- TODO: check
+ NOT-FOR-US: Hugging Face Transformers
CVE-2025-3631 (An IBM MQ 9.3 and 9.4 Client connecting to an MQ Queue Manager
can cau ...)
NOT-FOR-US: IBM
CVE-2025-30661 (An Incorrect Permission Assignment for Critical Resource
vulnerability ...)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/d61862e20c19b041fb61a2ac9675096bc7a16c54
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/d61862e20c19b041fb61a2ac9675096bc7a16c54
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
