Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
8189d910 by Salvatore Bonaccorso at 2025-09-12T10:51:51+02:00
Process NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -13,7 +13,7 @@ CVE-2025-8575 (The LWS Cleaner plugin for WordPress is
vulnerable to arbitrary f
CVE-2025-8280 (The Contact Form 7 reCAPTCHA WordPress plugin through 1.2.0
does not e ...)
NOT-FOR-US: WordPress plugin
CVE-2025-58781 (WTW-EAGLE App does not properly validate server certificates,
which ma ...)
- TODO: check
+ NOT-FOR-US: WTW-EAGLE App
CVE-2025-58754 (Axios is a promise based HTTP client for the browser and
Node.js. When ...)
TODO: check
CVE-2025-55319 (Ai command injection in Agentic AI and Visual Studio Code
allows an un ...)
@@ -35,27 +35,27 @@ CVE-2025-21042 (Out-of-bounds write in
libimagecodec.quram.so prior to SMR Apr-2
CVE-2025-10298
REJECTED
CVE-2025-10291 (A weakness has been identified in linlinjava litemall up to
1.8.0. Thi ...)
- TODO: check
+ NOT-FOR-US: linlinjava litemall
CVE-2025-10288 (A vulnerability was found in roncoo roncoo-pay up to
9428382af21cd5568 ...)
- TODO: check
+ NOT-FOR-US: roncoo roncoo-pay
CVE-2025-10287 (A vulnerability has been found in roncoo roncoo-pay up to
9428382af21c ...)
- TODO: check
+ NOT-FOR-US: roncoo roncoo-pay
CVE-2025-10278 (A flaw has been found in YunaiV ruoyi-vue-pro up to 2025.09.
Impacted ...)
- TODO: check
+ NOT-FOR-US: YunaiV ruoyi-vue-pro
CVE-2025-10277 (A vulnerability was detected in YunaiV yudao-cloud up to
2025.09. This ...)
- TODO: check
+ NOT-FOR-US: YunaiV yudao-cloud
CVE-2025-10276 (A security vulnerability has been detected in YunaiV
ruoyi-vue-pro up ...)
- TODO: check
+ NOT-FOR-US: YunaiV ruoyi-vue-pro
CVE-2025-10275 (A weakness has been identified in YunaiV yudao-cloud up to
2025.09. Th ...)
- TODO: check
+ NOT-FOR-US: YunaiV yudao-cloud
CVE-2025-10274 (A security flaw has been discovered in erjinzhi 10OA 1.0.
Affected by ...)
- TODO: check
+ NOT-FOR-US: erjinzhi 10OA
CVE-2025-10273 (A vulnerability was identified in erjinzhi 10OA 1.0. Affected
by this ...)
- TODO: check
+ NOT-FOR-US: erjinzhi 10OA
CVE-2025-10272 (A vulnerability was determined in erjinzhi 10OA 1.0. Affected
is an un ...)
- TODO: check
+ NOT-FOR-US: erjinzhi 10OA
CVE-2025-10271 (A vulnerability was found in erjinzhi 10OA 1.0. This impacts
an unknow ...)
- TODO: check
+ NOT-FOR-US: erjinzhi 10OA
CVE-2025-10269 (The Spirit Framework plugin for WordPress is vulnerable to
Local File ...)
NOT-FOR-US: WordPress plugin
CVE-2025-9319 (A potential vulnerability was reported in the Lenovo Wallpaper
Client ...)
@@ -77,7 +77,7 @@ CVE-2025-59055 (InstantCMS is a free and open source content
management system.
CVE-2025-59053 (AIRI is a self-hosted, artificial intelligence based Grok
Companion. I ...)
NOT-FOR-US: AIRI
CVE-2025-59047 (matrix-sdk-base is the base component to build a Matrix client
library ...)
- TODO: check
+ NOT-FOR-US: matrix-sdk-base
CVE-2025-58321 (Delta Electronics DIALink has an Directory Traversal
Authentication By ...)
NOT-FOR-US: Delta Electronics
CVE-2025-58320 (Delta Electronics DIALink has an Directory Traversal
Authentication By ...)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/8189d910a87add49c8f68d8ade3520cc8606ffd6
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/8189d910a87add49c8f68d8ade3520cc8606ffd6
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
