Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
335af0d5 by Salvatore Bonaccorso at 2025-09-05T22:30:40+02:00
Process some NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,15 +1,15 @@
CVE-2025-9999 (Some payload elements of the messages sent between two stations
in a n ...)
- TODO: check
+ NOT-FOR-US: PcVue
CVE-2025-9998 (The sequence of packets received by a Networking server are not
correc ...)
- TODO: check
+ NOT-FOR-US: PcVue
CVE-2025-9709 (On-Chip Debug and Test Interface With Improper Access Control
and Impr ...)
- TODO: check
+ NOT-FOR-US: Nordic Semiconductor nRF52810
CVE-2025-9566 (There's a vulnerability in podman where an attacker may use the
kube p ...)
TODO: check
CVE-2025-9057 (The Biagiotti Core plugin for WordPress is vulnerable to Stored
Cross- ...)
NOT-FOR-US: WordPress plugin
CVE-2025-8695 (Improper Neutralization of Input During Web Page Generation
(XSS or 'C ...)
- TODO: check
+ NOT-FOR-US: NetGIS Server
CVE-2025-58887 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
NOT-FOR-US: WordPress plugin or theme
CVE-2025-58886 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
@@ -213,7 +213,7 @@ CVE-2025-58784 (Improper Neutralization of Input During Web
Page Generation ('Cr
CVE-2025-58783 (Missing Authorization vulnerability in gutentor Gutentor
allows Exploi ...)
NOT-FOR-US: WordPress plugin or theme
CVE-2025-58780 (index.em7 in ScienceLogic SL1 before 12.1.1 allows SQL
Injection via a ...)
- TODO: check
+ NOT-FOR-US: ScienceLogic SL1
CVE-2025-58628 (Improper Neutralization of Special Elements used in an SQL
Command ('S ...)
NOT-FOR-US: WordPress plugin or theme
CVE-2025-58440
@@ -536,11 +536,11 @@ CVE-2025-8944 (The OceanWP WordPress theme before 4.1.2
is vulnerable to an opti
CVE-2025-8684 (The Flatsome Theme for WordPress is vulnerable to Stored
Cross-Site Sc ...)
NOT-FOR-US: WordPress plugin
CVE-2025-7445 (Kubernetes secrets-store-sync-controller in versions before
0.0.2 disc ...)
- TODO: check
+ NOT-FOR-US: Kubernetes secrets-store-sync-controller
CVE-2025-58401 (Obsidian GitHub Copilot Plugin versions prior to 1.1.7 store
Github AP ...)
- TODO: check
+ NOT-FOR-US: Obsidian GitHub Copilot Plugin
CVE-2025-58400 (RATOC RAID Monitoring Manager for Windows provided by RATOC
Systems, I ...)
- TODO: check
+ NOT-FOR-US: RATOC RAID Monitoring Manager for Windows
CVE-2025-58362 (Hono is a Web application framework that provides support for
any Java ...)
TODO: check
CVE-2025-58359 (ZF FROST is a Rust implementation of FROST (Flexible
Round-Optimised S ...)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/335af0d5cc87092af742344ba22c0b746a1a4110
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/335af0d5cc87092af742344ba22c0b746a1a4110
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
