[Git][security-tracker-team/security-tracker][master] Process NFUs

Salvatore Bonaccorso (@carnil) Sat, 18 Oct 2025 12:04:27 -0700


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker



Commits:
dd76270d by Salvatore Bonaccorso at 2025-10-07T09:23:32+02:00
Process NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -66,27 +66,27 @@ CVE-2025-59729 (When parsing the header for a DHAV file, 
there's an integer unde
 CVE-2025-59728 (When calculating the content path in handling of MPEG-DASH 
manifests,  ...)
        TODO: check
 CVE-2025-59452 (The YoSmart YoLink API through 2025-10-02 uses an endpoint URL 
that is ...)
-       TODO: check
+       NOT-FOR-US: YoSmart YoLink API
 CVE-2025-59451 (The YoSmart YoLink application through 2025-10-02 has session 
tokens w ...)
-       TODO: check
+       NOT-FOR-US: YoSmart YoLink application
 CVE-2025-59450 (The YoSmart YoLink Smart Hub firmware 0382 is unencrypted, and 
data ex ...)
-       TODO: check
+       NOT-FOR-US: YoSmart YoLink Smart Hub firmware
 CVE-2025-59449 (The YoSmart YoLink MQTT broker through 2025-10-02 does not 
enforce suf ...)
-       TODO: check
+       NOT-FOR-US: YoSmart YoLink
 CVE-2025-59448 (Components of the YoSmart YoLink ecosystem through 2025-10-02 
leverage ...)
-       TODO: check
+       NOT-FOR-US: YoSmart YoLink
 CVE-2025-59447 (The YoSmart YoLink Smart Hub device 0382 exposes a UART debug 
interfac ...)
-       TODO: check
+       NOT-FOR-US: YoSmart YoLink
 CVE-2025-59159 (SillyTavern is a locally installed user interface that allows 
users to ...)
-       TODO: check
+       NOT-FOR-US: SillyTavern
 CVE-2025-59152 (Litestar is an Asynchronous Server Gateway Interface (ASGI) 
framework. ...)
-       TODO: check
+       NOT-FOR-US: Litestar
 CVE-2025-57515 (A SQL injection vulnerability has been identified in Uniclare 
Student  ...)
-       TODO: check
+       NOT-FOR-US: Uniclare Student Portal
 CVE-2025-57247 (The BATBToken smart contract (address 
0xfbf1388408670c02f0dbbb74251d8d ...)
-       TODO: check
+       NOT-FOR-US: BATBToken smart contract
 CVE-2025-56382 (A stored Cross-site scripting (XSS) vulnerability exists in 
the Custom ...)
-       TODO: check
+       NOT-FOR-US: LionCoders SalePro POS
 CVE-2025-52472 (XWiki Platform is a generic wiki platform offering runtime 
services fo ...)
        NOT-FOR-US: XWiki
 CVE-2025-49594 (XWiki OIDC has various tools to manipulate OpenID Connect 
protocol in  ...)



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/dd76270d9e26ab131d08b9b9d84b73d51e210523

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/dd76270d9e26ab131d08b9b9d84b73d51e210523
You're receiving this email because of your account on salsa.debian.org.

_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

[Git][security-tracker-team/security-tracker][master] Process NFUs

Reply via email to