Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
0bffab6a by Salvatore Bonaccorso at 2025-09-11T10:54:45+02:00
Process some NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,7 +1,7 @@
CVE-2025-9918 (A Path Traversal vulnerability in the archive extraction
component in ...)
- TODO: check
+ NOT-FOR-US: Google SecOps SOAR Server
CVE-2025-9910 (Versions of the package jsondiffpatch before 0.7.2 are
vulnerable to C ...)
- TODO: check
+ NOT-FOR-US: jsondiffpatch
CVE-2025-9874 (The Ultimate Classified Listings plugin for WordPress is
vulnerable to ...)
NOT-FOR-US: WordPress plugin
CVE-2025-9861 (The ThemeLoom Widgets plugin for WordPress is vulnerable to
Stored Cro ...)
@@ -93,27 +93,27 @@ CVE-2025-5801 (The Digital Events Calendar plugin for
WordPress is vulnerable to
CVE-2025-59052 (Angular is a development platform for building mobile and
desktop web ...)
TODO: check
CVE-2025-10247 (A security vulnerability has been detected in JEPaaS 7.2.8.
This vulne ...)
- TODO: check
+ NOT-FOR-US: JEPaaS
CVE-2025-10246 (A weakness has been identified in lokibhardwaj
PHP-Code-For-Unlimited- ...)
- TODO: check
+ NOT-FOR-US: lokibhardwaj PHP-Code-For-Unlimited-File-Upload
CVE-2025-10245 (A security flaw has been discovered in Display Pain\xe9is TGA
up to 7. ...)
- TODO: check
+ NOT-FOR-US: Display Paineis TGA
CVE-2025-10236 (A vulnerability has been found in binary-husky gpt_academic up
to 3.91 ...)
- TODO: check
+ NOT-FOR-US: binary-husky gpt_academic
CVE-2025-10235 (A flaw has been found in Scada-LTS up to 2.7.8.1. This issue
affects s ...)
- TODO: check
+ NOT-FOR-US: Scada-LTS
CVE-2025-10234 (A vulnerability was detected in Scada-LTS up to 2.7.8.1. This
vulnerab ...)
- TODO: check
+ NOT-FOR-US: Scada-LTS
CVE-2025-10233 (A security vulnerability has been detected in kalcaddle kodbox
1.61. T ...)
- TODO: check
+ NOT-FOR-US: kalcaddle kodbox
CVE-2025-10232 (A weakness has been identified in 299ko up to 2.0.0. Affected
by this ...)
- TODO: check
+ NOT-FOR-US: 299ko
CVE-2025-10229 (A vulnerability has been found in Freshwork up to 1.2.3. This
impacts ...)
- TODO: check
+ NOT-FOR-US: Freshwork
CVE-2025-10218 (A flaw has been found in lostvip-com ruoyi-go 2.1. This
affects the fu ...)
- TODO: check
+ NOT-FOR-US: lostvip-com ruoyi-go
CVE-2025-10216 (A vulnerability was detected in GrandNode up to 2.3.0. The
impacted el ...)
- TODO: check
+ NOT-FOR-US: GrandNode
CVE-2025-0763 (The Ultimate Classified Listings plugin for WordPress is
vulnerable to ...)
NOT-FOR-US: WordPress plugin
CVE-2025-9997 (CWE-78: Improper Neutralization of Special Elements used in an
OS Comm ...)
@@ -217,7 +217,7 @@ CVE-2025-57520 (A Cross Site Scripting (XSS) vulnerability
exists in Decap CMS t
CVE-2025-57392 (BenimPOS Masaustu 3.0.x is affected by insecure file
permissions. The ...)
NOT-FOR-US: BenimPOS Masaustu
CVE-2025-56578 (An issue in RTSPtoWeb v.2.4.3 allows a remote attacker to
obtain sensi ...)
- TODO: check
+ NOT-FOR-US: RTSPtoWeb (not the python client library for RTSPtoWeb and
RTSPtoWebRTC)
CVE-2025-56466 (Hardcoded credentials in Dietly v1.25.0 for android allows
attackers t ...)
TODO: check
CVE-2025-56413 (OS Command injection vulnerability in function OperateSSH in
1panel 2. ...)
@@ -349,11 +349,11 @@ CVE-2025-10220 (Use of Unmaintained Third Party
Components (CWE-1104) in the NuG
CVE-2025-10219
REJECTED
CVE-2025-10215 (DLL search path hijacking vulnerability in the UPDF.exe
executable for ...)
- TODO: check
+ NOT-FOR-US: UPDF
CVE-2025-10214 (DLL search path hijacking vulnerability in the UPDF.exe
executable for ...)
- TODO: check
+ NOT-FOR-US: UPDF
CVE-2025-10213 (DLL search path hijacking vulnerability in the UPDF.exe
executable for ...)
- TODO: check
+ NOT-FOR-US: UPDF
CVE-2025-10211 (A security vulnerability has been detected in yanyutao0402
ChanCMS 3.3 ...)
NOT-FOR-US: yanyutao0402 ChanCMS
CVE-2025-10210 (A weakness has been identified in yanyutao0402 ChanCMS up to
3.3.0. Im ...)
@@ -365,13 +365,13 @@ CVE-2025-10197 (A vulnerability was found in HJSoft HCM
Human Resources Manageme
CVE-2025-10195 (A vulnerability has been found in Seismic App 2.4.2 on
Android. Affect ...)
NOT-FOR-US: Seismic App
CVE-2025-10172 (A flaw has been found in UTT 750W up to 3.2.2-191225. This
issue affec ...)
- TODO: check
+ NOT-FOR-US: UTT
CVE-2025-10171 (A vulnerability was detected in UTT 1250GW up to 3.2.2-200710.
This vu ...)
- TODO: check
+ NOT-FOR-US: UTT
CVE-2025-10170 (A security vulnerability has been detected in UTT 1200GW up to
3.0.0-1 ...)
- TODO: check
+ NOT-FOR-US: UTT
CVE-2025-10169 (A weakness has been identified in UTT 1200GW up to
3.0.0-170831. Affec ...)
- TODO: check
+ NOT-FOR-US: UTT
CVE-2025-10159 (An authentication bypass vulnerability allows remote attackers
to gain ...)
NOT-FOR-US: Sophos
CVE-2025-10142 (The PagBank / PagSeguro Connect para WooCommerce plugin for
WordPress ...)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/0bffab6a0f30c1fee1efa4fc6d8082f305076978
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/0bffab6a0f30c1fee1efa4fc6d8082f305076978
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
