Moritz Muehlenhoff pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
12b63cdd by Moritz Mühlenhoff at 2025-10-14T23:01:15+02:00
NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -57,133 +57,133 @@ CVE-2025-61799 (Dimension versions 4.1.4 and earlier are
affected by an out-of-b
CVE-2025-61798 (Dimension versions 4.1.4 and earlier are affected by an
out-of-bounds ...)
NOT-FOR-US: Adobe
CVE-2025-61678 (FreePBX Endpoint Manager is a module for managing telephony
endpoints ...)
- TODO: check
+ NOT-FOR-US: FreePBX Endpoint Manager
CVE-2025-61675 (FreePBX Endpoint Manager is a module for managing telephony
endpoints ...)
- TODO: check
+ NOT-FOR-US: FreePBX Endpoint Manager
CVE-2025-60540 (karakeep v0.26.0 to v0.7.0 was discovered to contain a
Server-Side Req ...)
- TODO: check
+ NOT-FOR-US: karakeep
CVE-2025-60537 (Improper input validation in the component
/kafka/ui/serdes/CustomSerd ...)
- TODO: check
+ NOT-FOR-US: kafka-ui
CVE-2025-60536 (An issue in the Configure New Cluster interface of kafka-ui
v0.6.0 to ...)
- TODO: check
+ NOT-FOR-US: kafka-ui
CVE-2025-60535 (A Cross-Site Request Forgery (CSRF) in the component
/endpoints/curren ...)
- TODO: check
+ NOT-FOR-US: Wallos
CVE-2025-60374 (Stored Cross-Site Scripting (XSS) in Perfex CRM chatbot before
3.3.1 a ...)
- TODO: check
+ NOT-FOR-US: Perfex CRM
CVE-2025-5946 (Improper Neutralization of Special Elements used in an OS
Command ('OS ...)
NOT-FOR-US: Centreon
CVE-2025-59921 (An exposure of sensitive information to an unauthorized actor
vulnerab ...)
NOT-FOR-US: Fortinet
CVE-2025-59502 (Uncontrolled resource consumption in Windows Remote Procedure
Call all ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2025-59497 (Time-of-check time-of-use (toctou) race condition in Microsoft
Defende ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2025-59494 (Improper access control in Azure Monitor Agent allows an
authorized at ...)
NOT-FOR-US: Microsoft
CVE-2025-59429 (FreePBX is an open source GUI for managing Asterisk. In
versions prior ...)
- TODO: check
+ NOT-FOR-US: FreePBX
CVE-2025-59428 (EspoCRM is an open source customer relationship management
application ...)
- TODO: check
+ NOT-FOR-US: EspoCRM
CVE-2025-59295 (Heap-based buffer overflow in Internet Explorer allows an
unauthorized ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2025-59294 (Exposure of sensitive information to an unauthorized actor in
Windows ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2025-59292 (External control of file name or path in Confidential Azure
Container ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2025-59291 (External control of file name or path in Confidential Azure
Container ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2025-59290 (Use after free in Windows Bluetooth Service allows an
authorized attac ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2025-59289 (Double free in Windows Bluetooth Service allows an authorized
attacker ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2025-59288 (Improper verification of cryptographic signature in GitHub
allows an u ...)
- TODO: check
+ NOT-FOR-US: Github
CVE-2025-59287 (Deserialization of untrusted data in Windows Server Update
Service all ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2025-59285 (Deserialization of untrusted data in Azure Monitor Agent
allows an aut ...)
NOT-FOR-US: Microsoft
CVE-2025-59284 (Exposure of sensitive information to an unauthorized actor in
Windows ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2025-59282 (Concurrent execution using shared resource with improper
synchronizati ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2025-59281 (Improper link resolution before file access ('link following')
in XBox ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2025-59280 (Improper authentication in Windows SMB Client allows an
unauthorized a ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2025-59278 (Improper validation of specified type of input in Windows
Authenticati ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2025-59277 (Improper validation of specified type of input in Windows
Authenticati ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2025-59275 (Improper validation of specified type of input in Windows
Authenticati ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2025-59261 (Time-of-check time-of-use (toctou) race condition in Microsoft
Graphic ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2025-59260 (Exposure of sensitive information to an unauthorized actor in
Microsof ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2025-59259 (Improper validation of specified type of input in Windows
Local Sessio ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2025-59258 (Insertion of sensitive information into log file in Active
Directory F ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2025-59257 (Improper validation of specified type of input in Windows
Local Sessio ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2025-59255 (Heap-based buffer overflow in Windows DWM Core Library allows
an autho ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2025-59254 (Heap-based buffer overflow in Windows DWM Core Library allows
an autho ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2025-59253 (Improper access control in Microsoft Windows Search Component
allows a ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2025-59250 (Improper input validation in JDBC Driver for SQL Server allows
an unau ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2025-59249 (Weak authentication in Microsoft Exchange Server allows an
authorized ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2025-59248 (Improper input validation in Microsoft Exchange Server allows
an unaut ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2025-59244 (External control of file name or path in Windows Core Shell
allows an ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2025-59243 (Use after free in Microsoft Office Excel allows an
unauthorized attack ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2025-59242 (Heap-based buffer overflow in Windows Ancillary Function
Driver for Wi ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2025-59241 (Improper link resolution before file access ('link following')
in Wind ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2025-59238 (Use after free in Microsoft Office PowerPoint allows an
unauthorized a ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2025-59237 (Deserialization of untrusted data in Microsoft Office
SharePoint allow ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2025-59236 (Use after free in Microsoft Office Excel allows an
unauthorized attack ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2025-59235 (Out-of-bounds read in Microsoft Office Excel allows an
unauthorized at ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2025-59234 (Use after free in Microsoft Office allows an unauthorized
attacker to ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2025-59233 (Access of resource using incompatible type ('type confusion')
in Micro ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2025-59232 (Out-of-bounds read in Microsoft Office Excel allows an
unauthorized at ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2025-59231 (Access of resource using incompatible type ('type confusion')
in Micro ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2025-59230 (Improper access control in Windows Remote Access Connection
Manager al ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2025-59229 (Uncaught exception in Microsoft Office allows an unauthorized
attacker ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2025-59228 (Improper input validation in Microsoft Office SharePoint
allows an aut ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2025-59227 (Use after free in Microsoft Office allows an unauthorized
attacker to ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2025-59226 (Use after free in Microsoft Office Visio allows an
unauthorized attack ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2025-59225 (Use after free in Microsoft Office Excel allows an
unauthorized attack ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2025-59224 (Use after free in Microsoft Office Excel allows an
unauthorized attack ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2025-59223 (Use after free in Microsoft Office Excel allows an
unauthorized attack ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2025-59222 (Use after free in Microsoft Office Word allows an unauthorized
attacke ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2025-59221 (Use after free in Microsoft Office Word allows an unauthorized
attacke ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2025-59214 (Exposure of sensitive information to an unauthorized actor in
Windows ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2025-59213 (Improper neutralization of special elements used in an sql
command ('s ...)
TODO: check
CVE-2025-59211 (Exposure of sensitive information to an unauthorized actor in
Windows ...)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/12b63cdd5a107ee850aeb3040dbf3bdd64fdaefb
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/12b63cdd5a107ee850aeb3040dbf3bdd64fdaefb
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
