Moritz Muehlenhoff pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
3edffe04 by Moritz Muehlenhoff at 2025-08-29T10:34:23+02:00
NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,7 +1,7 @@
CVE-2025-9639 (The QbiCRMGateway developed by Ai3 has an Arbitrary File
Reading vulne ...)
- TODO: check
+ NOT-FOR-US: Ai3 QbiCRMGateway
CVE-2025-9619 (A security flaw has been discovered in E4 Sistemas Mercatus ERP
2.00.0 ...)
- TODO: check
+ NOT-FOR-US: E4 Sistemas Mercatus ERP
CVE-2025-9610 (A vulnerability was determined in code-projects Online Event
Judging S ...)
NOT-FOR-US: code-projects
CVE-2025-9609 (A vulnerability was found in Portabilis i-Educar up to 2.10.
This vuln ...)
@@ -15,11 +15,11 @@ CVE-2025-9606 (A vulnerability was detected in Portabilis
i-Educar up to 2.10. A
CVE-2025-9605 (A security vulnerability has been detected in Tenda AC21 and
AC23 16.0 ...)
NOT-FOR-US: Tenda
CVE-2025-9604 (A vulnerability was identified in coze-studio up to 0.2.4. The
impacte ...)
- TODO: check
+ NOT-FOR-US: coze-studio
CVE-2025-9603 (A vulnerability was determined in Telesquare TLR-2005KSH 1.2.4.
The af ...)
- TODO: check
+ NOT-FOR-US: Telesquare TLR-2005KSH
CVE-2025-9602 (A vulnerability was found in Xinhu RockOA up to 2.6.9. Impacted
is the ...)
- TODO: check
+ NOT-FOR-US: E4 Sistemas Mercatus ERPRockOA
CVE-2025-9601 (A vulnerability was detected in itsourcecode Apartment
Management Syst ...)
NOT-FOR-US: itsourcecode System
CVE-2025-9600 (A security vulnerability has been detected in itsourcecode
Apartment M ...)
@@ -41,25 +41,25 @@ CVE-2025-9593 (A flaw has been found in itsourcecode
Apartment Management System
CVE-2025-9592 (A vulnerability was detected in itsourcecode Apartment
Management Syst ...)
NOT-FOR-US: itsourcecode System
CVE-2025-9591 (A security vulnerability has been detected in ZrLog up to
3.1.5. This ...)
- TODO: check
+ NOT-FOR-US: ZrLog
CVE-2025-9590 (A vulnerability was identified in Weaver E-Mobile Mobile
Management Pl ...)
- TODO: check
+ NOT-FOR-US: Weaver E-Mobile Mobile Management
CVE-2025-9589 (A vulnerability was determined in Cudy WR1200EA
2.3.7-20250113-121810. ...)
- TODO: check
+ NOT-FOR-US: Cudy WR1200EA
CVE-2025-9586 (A vulnerability was identified in Comfast CF-N1 2.6.0. This
vulnerabil ...)
- TODO: check
+ NOT-FOR-US: Comfast CF-N1
CVE-2025-9585 (A vulnerability was determined in Comfast CF-N1 2.6.0. This
affects th ...)
- TODO: check
+ NOT-FOR-US: Comfast CF-N1
CVE-2025-9441 (The iATS Online Forms plugin for WordPress is vulnerable to
time-based ...)
NOT-FOR-US: WordPress plugin
CVE-2025-9374 (The Ultimate Tag Warrior Importer plugin for WordPress is
vulnerable t ...)
NOT-FOR-US: WordPress plugin
CVE-2025-8861 (TSA developed by Changing has a Missing Authentication
vulnerability, ...)
- TODO: check
+ NOT-FOR-US: Changing TSA
CVE-2025-8858 (Clinic Image System developed by Changing has a SQL Injection
vulnerab ...)
- TODO: check
+ NOT-FOR-US: Changing Clinic Image System
CVE-2025-8857 (Clinic Image System developed by Changing contains hard-coded
Credenti ...)
- TODO: check
+ NOT-FOR-US: Changing Clinic Image System
CVE-2025-8619 (The OSM Map Widget for Elementor plugin for WordPress is
vulnerable to ...)
NOT-FOR-US: WordPress plugin
CVE-2025-8290 (The List Subpages plugin for WordPress is vulnerable to Stored
Cross-S ...)
@@ -83,23 +83,23 @@ CVE-2025-58327
CVE-2025-58326
REJECTED
CVE-2025-58323 (NAVER MYBOX Explorer for Windows before 3.0.8.133 allows a
local attac ...)
- TODO: check
+ NOT-FOR-US: NAVER MYBOX Explorer
CVE-2025-58062 (LSTM-Kirigaya's openmcp-client is a vscode plugin for mcp
developer. P ...)
- TODO: check
+ NOT-FOR-US: vscode plugin
CVE-2025-58061 (OpenEBS Local PV RawFile allows dynamic deployment of Stateful
Persist ...)
- TODO: check
+ NOT-FOR-US: OpenEBS
CVE-2025-58058 (xz is a pure golang package for reading and writing
xz-compressed file ...)
TODO: check
CVE-2025-54777 (Uncaught exception issue exists in Multiple products in bizhub
series. ...)
- TODO: check
+ NOT-FOR-US: buzhub
CVE-2025-54142 (Akamai Ghost before 2025-07-21 allows HTTP Request Smuggling
via an OP ...)
- TODO: check
+ NOT-FOR-US: Akamai Ghost
CVE-2025-53508 (Multiple products provided by iND Co.,Ltd contain an OS
command inject ...)
- TODO: check
+ NOT-FOR-US: iND
CVE-2025-53507 (Multiple products provided by iND Co.,Ltd contain an insecure
storage ...)
- TODO: check
+ NOT-FOR-US: iND
CVE-2025-48979 (An Improper Input Validation in UISP Application could allow a
Command ...)
- TODO: check
+ NOT-FOR-US: Ubiquiti
CVE-2025-43284 (An out-of-bounds read was addressed with improved bounds
checking. Thi ...)
NOT-FOR-US: Apple
CVE-2025-43268 (A permissions issue was addressed with additional
restrictions. This i ...)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/3edffe044d1096af73b7bc942146df7594cab692
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/3edffe044d1096af73b7bc942146df7594cab692
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
debian-security-tracker-commits@alioth-lists.debian.net
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
