Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
2c9ea9af by Salvatore Bonaccorso at 2025-10-02T22:36:43+02:00
Process some more NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -105,33 +105,33 @@ CVE-2025-59736 (Operating system command injection
vulnerability in AndSoft's e-
CVE-2025-59735 (Operating system command injection vulnerability in AndSoft's
e-TMS v2 ...)
NOT-FOR-US: AndSoft
CVE-2025-59409 (Flock Safety Falcon and Sparrow License Plate Readers
OPM1.171019.026 ...)
- TODO: check
+ NOT-FOR-US: Flock Safety Falcon and Sparrow License Plate Readers
CVE-2025-59407 (The Flock Safety DetectionProcessing
com.flocksafety.android.objects a ...)
- TODO: check
+ NOT-FOR-US: Flock Safety
CVE-2025-59406 (The Flock Safety Pisco com.flocksafety.android.pisco
application 6.21. ...)
- TODO: check
+ NOT-FOR-US: Flock Safety
CVE-2025-59405 (The Flock Safety Peripheral com.flocksafety.android.peripheral
applica ...)
- TODO: check
+ NOT-FOR-US: Flock Safety
CVE-2025-59403 (The Flock Safety Android Collins application (aka
com.flocksafety.andr ...)
- TODO: check
+ NOT-FOR-US: Flock Safety
CVE-2025-57443 (FrostWire 6.14.0-build-326 for macOS contains permissive
entitlements ...)
- TODO: check
+ NOT-FOR-US: FrostWire
CVE-2025-57305 (VitaraCharts 5.3.5 is vulnerable to Server-Side Request
Forgery in fil ...)
- TODO: check
+ NOT-FOR-US: VitaraCharts
CVE-2025-56381 (ERPNEXT v15.67.0 was discovered to contain multiple SQL
injection vuln ...)
- TODO: check
+ NOT-FOR-US: ERPNEXT
CVE-2025-56380 (Frappe Framework v15.72.4 was discovered to contain a SQL
injection vu ...)
- TODO: check
+ NOT-FOR-US: Frappe Framework
CVE-2025-56379 (A stored cross-site scripting (XSS) vulnerability in the blog
post fea ...)
- TODO: check
+ NOT-FOR-US: ERPNEXT
CVE-2025-56162 (YOSHOP 2.0 suffers from an unauthenticated SQL injection in
the goodsI ...)
- TODO: check
+ NOT-FOR-US: YOSHOP
CVE-2025-56161 (YOSHOP 2.0 allows unauthenticated information disclosure via
comment-l ...)
- TODO: check
+ NOT-FOR-US: YOSHOP
CVE-2025-56154 (htmly v3.0.8 is vulnerable to Cross Site Scripting (XSS) in
the /autho ...)
TODO: check
CVE-2025-56019 (An insecure permission vulnerability exists in the Agasta
Easytouch+ v ...)
- TODO: check
+ NOT-FOR-US: Agasta Easytouch+
CVE-2025-54468 (A vulnerability has been identified within Rancher Manager
whereby `Im ...)
TODO: check
CVE-2025-54315 (The Matrix specification before 1.16 (i.e., with a room
version before ...)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/2c9ea9af3a69f7bb60c25c6f2868871b76c7eded
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/2c9ea9af3a69f7bb60c25c6f2868871b76c7eded
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
