[Git][security-tracker-team/security-tracker][master] 2 commits: Process some NFUs

Salvatore Bonaccorso (@carnil) Wed, 03 Sep 2025 12:34:23 -0700


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker



Commits:
26e919c5 by Salvatore Bonaccorso at 2025-09-03T21:34:00+02:00
Process some NFUs

- - - - -
9aff4b2a by Salvatore Bonaccorso at 2025-09-03T21:34:00+02:00
Add CVE-2025-54588/envoyproxy

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -79,13 +79,13 @@ CVE-2025-9260 (The Fluent Forms \u2013 Customizable Contact 
Forms, Survey, Quiz,
 CVE-2025-8663 (Insertion of Sensitive Information into Log File vulnerability 
in upKe ...)
        NOT-FOR-US: upKeeper Solutions upKeeper Manager
 CVE-2025-58351 (Outline is a service that allows for collaborative 
documentation. In v ...)
-       TODO: check
+       NOT-FOR-US: Outline
 CVE-2025-58272 (Cross-site request forgery vulnerability exists in Web Caster 
V130 ver ...)
-       TODO: check
+       NOT-FOR-US: Web Caster V130
 CVE-2025-58210 (Missing Authorization vulnerability in ThemeMove Makeaholic 
allows Exp ...)
        NOT-FOR-US: WordPress plugin or theme
 CVE-2025-58176 (Dive is an open-source MCP Host Desktop Application that 
enables integ ...)
-       TODO: check
+       NOT-FOR-US: Dive
 CVE-2025-58170
        REJECTED
 CVE-2025-58169
@@ -101,11 +101,11 @@ CVE-2025-58165
 CVE-2025-58164
        REJECTED
 CVE-2025-58163 (FreeScout is a free help desk and shared inbox built with 
PHP's Larave ...)
-       TODO: check
+       NOT-FOR-US: FreeScout
 CVE-2025-57806 (Local Deep Research is an AI-powered research assistant for 
deep, iter ...)
-       TODO: check
+       NOT-FOR-US: Local Deep Research
 CVE-2025-54588 (Envoy is an open source L7 proxy and communication bus 
designed for la ...)
-       TODO: check
+       - envoyproxy <itp> (bug #987544)
 CVE-2025-26416 (In initializeSwizzler of SkBmpStandardCodec.cpp, there is a 
possible o ...)
        TODO: check
 CVE-2025-22442 (In multiple functions of DevicePolicyManagerService.java, 
there is a p ...)
@@ -232,15 +232,15 @@ CVE-2025-8614 (NoMachine Uncontrolled Search Path Element 
Local Privilege Escala
 CVE-2025-8613 (Vacron Camera ping Command Injection Remote Code Execution 
Vulnerabili ...)
        NOT-FOR-US: Vacron Camera
 CVE-2025-8302 (Realtek rtl81xx SDK Wi-Fi Driver rtwlanu Heap-based Buffer 
Overflow Lo ...)
-       TODO: check
+       NOT-FOR-US: Realtek rtl81xx SDK Wi-Fi driver
 CVE-2025-8301 (Realtek RTL8811AU rtwlanu.sys N6CSet_DOT11_CIPHER_DEFAULT_KEY 
Heap-bas ...)
-       TODO: check
+       NOT-FOR-US: Realtek RTL8811AU drivers
 CVE-2025-8300 (Realtek rtl81xx SDK Wi-Fi Driver rtwlanu Heap-based Buffer 
Overflow Lo ...)
-       TODO: check
+       NOT-FOR-US: Realtek rtl81xx SDK Wi-Fi driver
 CVE-2025-8299 (Realtek rtl81xx SDK Wi-Fi Driver 
MgntActSet_TEREDO_SET_RS_PACKET Heap- ...)
-       TODO: check
+       NOT-FOR-US: Realtek rtl81xx SDK Wi-Fi driver
 CVE-2025-8298 (Realtek RTL8811AU rtwlanu.sys 
N6CQueryInformationHandleCustomized11nOi ...)
-       TODO: check
+       NOT-FOR-US: Realtek RTL8811AU drivers
 CVE-2025-7976 (Anritsu ShockLine CHX File Parsing Deserialization of Untrusted 
Data R ...)
        NOT-FOR-US: Anritsu ShockLine
 CVE-2025-7975 (Anritsu ShockLine CHX File Parsing Directory Traversal Remote 
Code Exe ...)
@@ -314,7 +314,7 @@ CVE-2025-52544 (E3 Site Supervisor Control (firmware 
version < 2.31F01) has a fl
 CVE-2025-52543 (E3 Site Supervisor Control (firmware version < 2.31F01) 
application se ...)
        NOT-FOR-US: E3 Site Supervisor Control
 CVE-2025-51966 (A cross-site scripting (XSS) vulnerability exists in the PDF 
preview f ...)
-       TODO: check
+       NOT-FOR-US: uTools
 CVE-2025-50757 (Wavlink WN535K3 20191010 was found to contain a command 
injection vuln ...)
        NOT-FOR-US: Wavlink
 CVE-2025-50755 (Wavlink WN535K3 20191010 was found to contain a command 
injection vuln ...)



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/003c0ca3eab53d38cbdfa92f6f170d5574d1698a...9aff4b2aa086299dab8d19acd8360166ffc0eba1

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/003c0ca3eab53d38cbdfa92f6f170d5574d1698a...9aff4b2aa086299dab8d19acd8360166ffc0eba1
You're receiving this email because of your account on salsa.debian.org.

_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

[Git][security-tracker-team/security-tracker][master] 2 commits: Process some NFUs

Reply via email to