Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
43ab6121 by Salvatore Bonaccorso at 2025-08-27T11:02:22+02:00
Process some NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -31,9 +31,9 @@ CVE-2025-8490 (The All-in-One WP Migration and Backup plugin
for WordPress is vu
CVE-2025-7732 (The Lazy Load for Videos plugin for WordPress is vulnerable to
Stored ...)
NOT-FOR-US: WordPress plugin
CVE-2025-57846 (Multiple i-\u30d5\u30a3\u30eb\u30bf\u30fc products contain an
issue wi ...)
- TODO: check
+ NOT-FOR-US: DAI.jp product
CVE-2025-57820 (Svelte devalue is a utility library. Prior to version 5.3.2, a
string ...)
- TODO: check
+ NOT-FOR-US: Svelte devalue
CVE-2025-57797 (Incorrect privilege assignment vulnerability exists in
ScanSnap Manage ...)
NOT-FOR-US: ScanSnap Manager installers
CVE-2025-49040 (Cross-Site Request Forgery (CSRF) vulnerability in Backup Bolt
allows ...)
@@ -53,55 +53,55 @@ CVE-2025-35113 (Agiloft Release 28 does not properly
neutralize special elements
CVE-2025-35112 (Agiloft Release 28 contains an XML External Entities
vulnerability in ...)
NOT-FOR-US: Agiloft
CVE-2025-26417 (In checkWhetherCallingAppHasAccess of DownloadProvider.java,
there is ...)
- TODO: check
+ NOT-FOR-US: Android
CVE-2025-22413 (In multiple functions of hyp-main.c, there is a possible
privilege esc ...)
TODO: check
CVE-2025-22412 (In multiple functions of sdp_server.cc, there is a possible
use after ...)
- TODO: check
+ NOT-FOR-US: Android
CVE-2025-22411 (In process_service_attr_rsp of sdp_discovery.cc, there is a
possible u ...)
- TODO: check
+ NOT-FOR-US: Android
CVE-2025-22410 (In multiple locations, there is a possible way to execute
arbitrary co ...)
- TODO: check
+ NOT-FOR-US: Android
CVE-2025-22409 (In rfc_send_buf_uih of rfc_ts_frames.cc, there is a possible
way to ex ...)
- TODO: check
+ NOT-FOR-US: Android
CVE-2025-22408 (In rfc_check_send_cmd of rfc_utils.cc, there is a possible way
to exec ...)
- TODO: check
+ NOT-FOR-US: Android
CVE-2025-22407 (In hidd_check_config_done of hidd_conn.cc, there is a possible
way to ...)
- TODO: check
+ NOT-FOR-US: Android
CVE-2025-22406 (In bnepu_check_send_packet of bnep_utils.cc, there is a
possible way t ...)
- TODO: check
+ NOT-FOR-US: Android
CVE-2025-22405 (In multiple locations, there is a possible way to execute
arbitrary co ...)
- TODO: check
+ NOT-FOR-US: Android
CVE-2025-22404 (In avct_lcb_msg_ind of avct_lcb_act.cc, there is a possible
way to exe ...)
- TODO: check
+ NOT-FOR-US: Android
CVE-2025-22403 (In sdp_snd_service_search_req of sdp_discovery.cc, there is a
possible ...)
- TODO: check
+ NOT-FOR-US: Android
CVE-2025-0093 (In handleBondStateChanged of AdapterService.java, there is a
possible ...)
- TODO: check
+ NOT-FOR-US: Android
CVE-2025-0092 (In handleBondStateChanged of AdapterService.java, there is a
possible ...)
- TODO: check
+ NOT-FOR-US: Android
CVE-2025-0086 (In onResult of AccountManagerService.java, there is a possible
way to ...)
- TODO: check
+ NOT-FOR-US: Android
CVE-2025-0084 (In multiple locations, there is a possible out of bounds write
due to ...)
- TODO: check
+ NOT-FOR-US: Android
CVE-2025-0083 (In multiple locations, there is a possible way to access
content acros ...)
- TODO: check
+ NOT-FOR-US: Android
CVE-2025-0082 (In multiple functions of StatusHint.java and
TelecomServiceImpl.java, ...)
- TODO: check
+ NOT-FOR-US: Android
CVE-2025-0081 (In dng_lossless_decoder::HuffDecode of dng_lossless_jpeg.cpp,
there is ...)
- TODO: check
+ NOT-FOR-US: Android
CVE-2025-0080 (In multiple locations, there is a possible way to overlay the
installa ...)
- TODO: check
+ NOT-FOR-US: Android
CVE-2025-0079 (In multiple locations, there is a possible way that avdtp and
avctp ch ...)
- TODO: check
+ NOT-FOR-US: Android
CVE-2025-0078 (In main of main.cpp, there is a possible way to bypass SELinux
due to ...)
- TODO: check
+ NOT-FOR-US: Android
CVE-2025-0075 (In process_service_search_attr_req of sdp_server.cc, there is a
possib ...)
- TODO: check
+ NOT-FOR-US: Android
CVE-2025-0074 (In process_service_attr_rsp of sdp_discovery.cc, there is a
possible w ...)
- TODO: check
+ NOT-FOR-US: Android
CVE-2024-49740 (In multiple locations, there is a possible crash loop due to
resource ...)
- TODO: check
+ NOT-FOR-US: Android
CVE-2024-47192 (An issue was discovered in Mahara 23.04.8 and 24.04.4. The use
of a ma ...)
TODO: check
CVE-2024-35203 (Mahara before 22.10.6, 23.04.6, and 24.04.1 allows cross-site
scriptin ...)
@@ -253936,7 +253936,7 @@ CVE-2023-21127 (In readSampleData of
NuMediaExtractor.cpp, there is a possible o
CVE-2023-21126 (In bindOutputSwitcherAndBroadcastButton of
MediaControlPanel.java, the ...)
NOT-FOR-US: Android
CVE-2023-21125 (In btif_hh_hsdata_rpt_copy_cb of bta_hh.cc, there is a
possible way to ...)
- TODO: check
+ NOT-FOR-US: Android
CVE-2023-21124 (In run of multiple files, there is a possible escalation of
privilege ...)
NOT-FOR-US: Android
CVE-2023-21123 (In multiple functions of multiple files, there is a possible
way to by ...)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/43ab61210d4d62716a39119b8896e7b63266d179
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/43ab61210d4d62716a39119b8896e7b63266d179
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
