Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
ea2845c9 by Salvatore Bonaccorso at 2025-08-21T22:44:38+02:00
Process some NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -62,9 +62,9 @@ CVE-2025-57761 (WeGIA is a Web manager for charitable
institutions. Prior to 3.4
CVE-2025-57755 (claude-code-router is a powerful tool to route Claude Code
requests to ...)
NOT-FOR-US: claude-code-router
CVE-2025-57754 (eslint-ban-moment is an Eslint plugin for final assignment in
VIHU. In ...)
- TODO: check
+ NOT-FOR-US: eslint-ban-moment Eslint plugin
CVE-2025-57753 (vite-plugin-static-copy is rollup-plugin-copy for Vite with
dev server ...)
- TODO: check
+ NOT-FOR-US: vite-plugin-static-copy rollup-plugin-copy for Vite
CVE-2025-57751 (pyLoad is the free and open-source Download Manager written in
pure Py ...)
- pyload <itp> (bug #1001980)
CVE-2025-55744 (UnoPim is an open-source Product Information Management (PIM)
system b ...)
@@ -76,27 +76,27 @@ CVE-2025-55742 (UnoPim is an open-source Product
Information Management (PIM) sy
CVE-2025-55564 (Tenda AC15 v15.03.05.19_multi_TD01 has a stack overflow via
the list p ...)
NOT-FOR-US: Tenda
CVE-2025-55524 (Insecure permissions in Agent-Zero v0.8.* allow attackers to
arbitrari ...)
- TODO: check
+ NOT-FOR-US: Agent-Zero
CVE-2025-55523 (An issue in the component /api/download_work_dir_file.py of
Agent-Zero ...)
- TODO: check
+ NOT-FOR-US: Agent-Zero
CVE-2025-55522 (Cross-site scripting (XSS) vulnerability in the component
/common/repo ...)
- TODO: check
+ NOT-FOR-US: Akaunting
CVE-2025-55521 (An issue in the component /settings/localisation of Akaunting
v3.1.18 ...)
- TODO: check
+ NOT-FOR-US: Akaunting
CVE-2025-55420 (A Reflected Cross Site Scripting (XSS) vulnerability was found
in /ind ...)
- TODO: check
+ NOT-FOR-US: FoxCMS
CVE-2025-55383 (Moss before v0.15 has a file upload vulnerability. The
"upload" functi ...)
TODO: check
CVE-2025-55371 (Incorrect access control in the component
/controller/PersonController ...)
- TODO: check
+ NOT-FOR-US: jshERP
CVE-2025-55370 (Incorrect access control in the component
\controller\ResourceControll ...)
- TODO: check
+ NOT-FOR-US: jshERP
CVE-2025-55368 (Incorrect access control in the component
\controller\RoleController.j ...)
- TODO: check
+ NOT-FOR-US: jshERP
CVE-2025-55367 (Incorrect access control in the component
\controller\SupplierControll ...)
- TODO: check
+ NOT-FOR-US: jshERP
CVE-2025-55366 (Incorrect access control in the component
\controller\UserController.j ...)
- TODO: check
+ NOT-FOR-US: jshERP
CVE-2025-55297 (ESF-IDF is the Espressif Internet of Things (IOT) Development
Framewor ...)
TODO: check
CVE-2025-55231 (Concurrent execution using shared resource with improper
synchronizati ...)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/ea2845c9002b9dcfa0dc168d3b50645becd1d7ce
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/ea2845c9002b9dcfa0dc168d3b50645becd1d7ce
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
