Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
2964fc47 by Salvatore Bonaccorso at 2025-08-15T22:35:57+02:00
Process some more NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -71,9 +71,9 @@ CVE-2025-5046 (A maliciously crafted DGN file, when linked or
imported into Auto
CVE-2025-55285 (@backstage/plugin-scaffolder-backend is the backend for the
default Ba ...)
TODO: check
CVE-2025-55207 (Astro is a web framework for content-driven websites.
Following CVE-20 ...)
- TODO: check
+ NOT-FOR-US: Astro
CVE-2025-55203 (Plane is open-source project management software. Prior to
version 0.2 ...)
- TODO: check
+ NOT-FOR-US: Plane
CVE-2025-54989 (Firebird is a relational database. Prior to versions 3.0.13,
4.0.6, an ...)
TODO: check
CVE-2025-54475 (A SQL injection vulnerability in the JS Jobs plugin versions
1.3.2-1.4 ...)
@@ -83,7 +83,7 @@ CVE-2025-54474 (A SQLi vulnerability in DJ-Classifieds
component 3.9.2-3.10.1 fo
CVE-2025-54473 (An authenticated RCE vulnerability in Phoca Commander
component 1.0.0- ...)
NOT-FOR-US: Joomla
CVE-2025-54466 (Improper Control of Generation of Code ('Code Injection')
vulnerabilit ...)
- TODO: check
+ NOT-FOR-US: Apache OFBiz scrum plugin
CVE-2025-49898 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
NOT-FOR-US: WordPress plugin or theme
CVE-2025-49897 (Improper Neutralization of Special Elements used in an SQL
Command ('S ...)
@@ -99,7 +99,7 @@ CVE-2025-26709 (There is an unauthorized access vulnerability
in ZTE F50. Due to
CVE-2025-24975 (Firebird is a relational database. Prior to snapshot versions
4.0.6.31 ...)
TODO: check
CVE-2025-1929 (Improper Neutralization of Special Elements used in an SQL
Command ('S ...)
- TODO: check
+ NOT-FOR-US: Reel SEktor hazine ve Risk Yonetimi Yazilimi
CVE-2024-12573
REJECTED
CVE-2025-9022 (A vulnerability was identified in SourceCodester Online Bank
Managemen ...)
@@ -876,7 +876,7 @@ CVE-2012-10059 (Dolibarr ERP/CRM versions <= 3.1.1 and <=
3.2.0 contain a post-a
CVE-2012-10058 (RabidHamster R4 v1.25 contains astack-based buffer overflow
vulnerabil ...)
NOT-FOR-US: RabidHamster
CVE-2012-10057 (Lattice Semiconductor ispVM System v18.0.2 contains a buffer
overflow ...)
- TODO: check
+ NOT-FOR-US: Lattice Semiconductor ispVM System
CVE-2012-10056 (PHP Volunteer Management System v1.0.2 contains an arbitrary
file uplo ...)
NOT-FOR-US: PHP Volunteer Management System
CVE-2012-10055 (ComSndFTP FTP Server version 1.3.7 Beta contains a format
string vulne ...)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/2964fc47a9d3b5e0b2f0625a086bc8def639f37e
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/2964fc47a9d3b5e0b2f0625a086bc8def639f37e
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
