Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
057125c1 by Salvatore Bonaccorso at 2025-10-10T11:40:07+02:00
Process some NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,39 +1,39 @@
CVE-2025-62292 (In SonarQube before 25.6, 2025.3 Commercial, and 2025.1.3 LTA,
authent ...)
- TODO: check
+ NOT-FOR-US: SonarQube
CVE-2025-62240 (Multiple cross-site scripting (XSS) vulnerabilities with
Calendar even ...)
NOT-FOR-US: Liferay
CVE-2025-61928 (Better Auth is an authentication and authorization library for
TypeScr ...)
- TODO: check
+ NOT-FOR-US: Better Auth library
CVE-2025-61926 (Allstar is a GitHub App to set and enforce security policies.
In versi ...)
- TODO: check
+ NOT-FOR-US: Allstar
CVE-2025-61871 (NAS Navigator2 Windows version by BUFFALO INC. registers a
Windows ser ...)
- TODO: check
+ NOT-FOR-US: NAS Navigator2 Windows (Buffalo)
CVE-2025-61783 (Python Social Auth is a social authentication/registration
mechanism. ...)
TODO: check
CVE-2025-61779 (Confidential Containers's Trustee project contains tools and
component ...)
- TODO: check
+ NOT-FOR-US: Confidential Containers
CVE-2025-61773 (pyLoad is a free and open-source download manager written in
Python. I ...)
TODO: check
CVE-2025-61602 (BigBlueButton is an open-source virtual classroom. A
denial-of-service ...)
- TODO: check
+ NOT-FOR-US: BigBlueButton
CVE-2025-61601 (BigBlueButton is an open-source virtual classroom. A Denial of
Service ...)
- TODO: check
+ NOT-FOR-US: BigBlueButton
CVE-2025-60375 (The authentication mechanism in Perfex CRM before 3.3.1 allows
attacke ...)
- TODO: check
+ NOT-FOR-US: Perfex CRM
CVE-2025-59286 (Copilot Spoofing Vulnerability)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2025-59272 (Copilot Spoofing Vulnerability)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2025-59271 (Redis Enterprise Elevation of Privilege Vulnerability)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2025-59252 (M365 Copilot Spoofing Vulnerability)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2025-59247 (Azure PlayFab Elevation of Privilege Vulnerability)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2025-59246 (Azure Entra ID Elevation of Privilege Vulnerability)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2025-59218 (Azure Entra ID Elevation of Privilege Vulnerability)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2025-55321 (Improper neutralization of input during web page generation
('cross-si ...)
NOT-FOR-US: Microsoft
CVE-2025-43296 (A logic issue was addressed with improved validation. This
issue is fi ...)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/057125c16642d1c243d584beec518d871cfc5c7f
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/057125c16642d1c243d584beec518d871cfc5c7f
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
