Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
85166f91 by Salvatore Bonaccorso at 2025-09-25T09:35:10+02:00
Process some more NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -52,47 +52,47 @@ CVE-2025-57350 (The csvtojson package, a tool for
converting CSV data to JSON wi
CVE-2025-57349 (The messageformat package, an implementation of the Unicode
MessageFor ...)
NOT-FOR-US: messageformat package for Node.js
CVE-2025-57348 (The node-cube package (prior to version 5.0.0) contains a
vulnerabilit ...)
- TODO: check
+ NOT-FOR-US: node-cube package for Node.js
CVE-2025-57347 (A vulnerability exists in the 'dagre-d3-es' Node.js package
version 7. ...)
- TODO: check
+ NOT-FOR-US: dagre-d3-es Node.js package
CVE-2025-57330 (The web3-core-subscriptions is a package designed to manages
web3 subs ...)
- TODO: check
+ NOT-FOR-US: web3-core-subscriptions Node.js package
CVE-2025-57329 (web3-core-method is a package designed to creates the methods
on the w ...)
- TODO: check
+ NOT-FOR-US: web3-core-method package for Node.js
CVE-2025-57328 (toggle-array is a package designed to enables a property on
the object ...)
- TODO: check
+ NOT-FOR-US: toggle-array Node.js package
CVE-2025-57327 (spmrc is a package that provides the rc manager for spm. A
Prototype P ...)
TODO: check
CVE-2025-57326 (A Prototype Pollution vulnerability in the byGroupAndType
function of ...)
TODO: check
CVE-2025-57325 (rollbar is a package designed to effortlessly track and debug
errors i ...)
- TODO: check
+ NOT-FOR-US: rollbar package for Node.js
CVE-2025-57323 (mpregular is a package that provides a small program
development frame ...)
- TODO: check
+ NOT-FOR-US: mpregular package for Node.js
CVE-2025-57321 (A Prototype Pollution vulnerability in the
util-deps.addFileDepend fun ...)
TODO: check
CVE-2025-56819 (An issue in Datart v.1.0.0-rc.3 allows a remote attacker to
execute ar ...)
- TODO: check
+ NOT-FOR-US: Datart
CVE-2025-56816 (Datart 1.0.0-rc.3 is vulnerable to Directory Traversal. The
configurat ...)
- TODO: check
+ NOT-FOR-US: Datart
CVE-2025-56815 (Datart 1.0.0-rc.3 is vulnerable to Directory Traversal in the
POST /vi ...)
- TODO: check
+ NOT-FOR-US: Datart
CVE-2025-56241 (Aztech DSL5005EN firmware 1.00.AZ_2013-05-10 and possibly
other versio ...)
- TODO: check
+ NOT-FOR-US: Aztech firmware
CVE-2025-55322 (Binding to an unrestricted ip address in GitHub allows an
unauthorized ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2025-55178 (Llama Stack prior to version v0.2.20 accepted unverified
parameters in ...)
- TODO: check
+ NOT-FOR-US: Llama Stack
CVE-2025-52907 (Improper Input Validation vulnerability in TOTOLINK X6000R
allows Comm ...)
NOT-FOR-US: Palo Alto Networks
CVE-2025-52906 (Improper Neutralization of Special Elements used in an OS
Command ('OS ...)
NOT-FOR-US: Palo Alto Networks
CVE-2025-48869 (Horilla is a free and open source Human Resource Management
System (HR ...)
- TODO: check
+ NOT-FOR-US: Horilla
CVE-2025-48868 (Horilla is a free and open source Human Resource Management
System (HR ...)
- TODO: check
+ NOT-FOR-US: Horilla
CVE-2025-48867 (Horilla is a free and open source Human Resource Management
System (HR ...)
- TODO: check
+ NOT-FOR-US: Horilla
CVE-2025-47329 (Memory corruption while handling invalid inputs in application
info se ...)
NOT-FOR-US: Qualcomm
CVE-2025-47328 (Transient DOS while processing power control requests with
invalid ant ...)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/85166f91c55926353d4f7d6af363d239249fa169
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/85166f91c55926353d4f7d6af363d239249fa169
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
