Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
206f47df by security tracker role at 2025-08-26T20:13:44+00:00
automatic NOT-FOR-US entries update
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,11 +1,11 @@
CVE-2025-9491 (Microsoft Windows LNK File UI Misrepresentation Remote Code
Execution ...)
TODO: check
CVE-2025-9483 (A flaw has been found in Linksys RE6250, RE6300, RE6350,
RE6500, RE700 ...)
- TODO: check
+ NOT-FOR-US: Linksys
CVE-2025-9482 (A vulnerability was detected in Linksys RE6250, RE6300, RE6350,
RE6500 ...)
- TODO: check
+ NOT-FOR-US: Linksys
CVE-2025-9481 (A security vulnerability has been detected in Linksys RE6250,
RE6300, ...)
- TODO: check
+ NOT-FOR-US: Linksys
CVE-2025-9478 (Use after free in ANGLE in Google Chrome prior to
139.0.7258.154 allow ...)
TODO: check
CVE-2025-9190 (The configuration of Cursor on macOS, specifically the
"RunAsNode" fus ...)
@@ -15,15 +15,15 @@ CVE-2025-8700 (Invoice Ninja's configuration on macOS,
specifically the presence
CVE-2025-8597 (MacVim's configuration on macOS, specifically the presence of
entitlem ...)
TODO: check
CVE-2025-8424 (Improper access control on the NetScaler Management Interface
in NetSc ...)
- TODO: check
+ NOT-FOR-US: Citrix
CVE-2025-7776 (Memory overflow vulnerability leading to unpredictable or
erroneous be ...)
- TODO: check
+ NOT-FOR-US: Citrix
CVE-2025-7775 (Memory overflow vulnerability leading to Remote Code Execution
and/or ...)
- TODO: check
+ NOT-FOR-US: Citrix
CVE-2025-6366 (The Event List plugin for WordPress is vulnerable to privilege
escalat ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-6247 (The WordPress Automatic Plugin plugin for WordPress is
vulnerable to C ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-57818 (Firecrawl turns entire websites into LLM-ready markdown or
structured ...)
TODO: check
CVE-2025-57813 (traQ is a messenger application built for Digital Creators
Club traP. ...)
@@ -33,7 +33,7 @@ CVE-2025-57810 (jsPDF is a library to generate PDFs in
JavaScript. Prior to 3.0.
CVE-2025-57803 (ImageMagick is free and open-source software used for editing
and mani ...)
TODO: check
CVE-2025-57425 (A Stored Cross-Site Scripting (XSS) vulnerability in
SourceCodester FA ...)
- TODO: check
+ NOT-FOR-US: SourceCodester
CVE-2025-56432 (A cross-site scripting (XSS) vulnerability exists in Nagios XI
2024R2. ...)
TODO: check
CVE-2025-55526 (n8n-workflows Main Commit ee25413 allows attackers to execute
a direct ...)
@@ -75,17 +75,17 @@ CVE-2025-50971 (Directory traversal vulnerability in
AbanteCart version 1.4.2 al
CVE-2025-50753 (Mitrastar GPT-2741GNAC-N2 devices are provided with access
through ssh ...)
TODO: check
CVE-2025-48108 (Missing Authorization vulnerability in Mojoomla School
Management allo ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-44002 (Race Condition in the Directory Validation Logic in the
TeamViewer Ful ...)
- TODO: check
+ NOT-FOR-US: TeamViewer
CVE-2025-36729 (A non-primary administrator user with admin rights to the web
interfac ...)
TODO: check
CVE-2025-2697 (IBM Cognos Command Center 10.2.4.1 and 10.2.5 could allow a
remote a ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2025-29992 (Mahara before 24.04.9 exposes database connection information
if the d ...)
TODO: check
CVE-2025-29901 (A NULL pointer dereference vulnerability has been reported to
affect F ...)
- TODO: check
+ NOT-FOR-US: QNAP
CVE-2025-25737 (Kapsch TrafficCom RIS-9160 & RIS-9260 Roadside Units (RSUs)
v3.2.0.829 ...)
TODO: check
CVE-2025-25736 (Kapsch TrafficCom RIS-9260 RSU LEO v3.2.0.829.23,
v3.8.0.1119.42, and ...)
@@ -109,11 +109,11 @@ CVE-2025-23312 (NVIDIA NeMo Framework for all platforms
contains a vulnerability
CVE-2025-23307 (NVIDIA NeMo Curator for all platforms contains a vulnerability
where a ...)
TODO: check
CVE-2025-1994 (IBM Cognos Command Center 10.2.4.1 and 10.2.5 could allow a
local ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2025-1501 (An access control vulnerability was discovered in the Request
Trace an ...)
TODO: check
CVE-2025-1494 (IBM Cognos Command Center 10.2.4.1 and 10.2.5 could allow a
remote att ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2024-47853 (An issue was discovered in Mahara 23.04.8 and 24.04.4.
Attackers may u ...)
TODO: check
CVE-2024-45753 (In Mahara 23.04.8 and 24.04.4, the external RSS feed block can
cause X ...)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/206f47df32ff7a02a852544920fba932ecaf4ec2
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/206f47df32ff7a02a852544920fba932ecaf4ec2
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
