[Git][security-tracker-team/security-tracker][master] Process some NFUs

Salvatore Bonaccorso (@carnil) Thu, 30 Oct 2025 13:32:39 -0700


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker



Commits:
5d47c54c by Salvatore Bonaccorso at 2025-10-30T21:32:08+01:00
Process some NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -27,9 +27,9 @@ CVE-2025-63298 (A path traversal vulnerability was identified 
in SourceCodester
 CVE-2025-62795 (JumpServer is an open source bastion host and an operation and 
mainten ...)
        NOT-FOR-US: JumpServer
 CVE-2025-62726 (n8n is an open source workflow automation platform. Prior to 
1.113.0,  ...)
-       TODO: check
+       NOT-FOR-US: n8n
 CVE-2025-62712 (JumpServer is an open source bastion host and an operation and 
mainten ...)
-       TODO: check
+       NOT-FOR-US: JumpServer
 CVE-2025-62266 (By default, Liferay Portal 7.4.0 through 7.4.3.119, and older 
unsuppor ...)
        NOT-FOR-US: Liferay
 CVE-2025-62265 (Cross-site scripting (XSS) vulnerability in the Blogs widget 
in Lifera ...)
@@ -37,29 +37,29 @@ CVE-2025-62265 (Cross-site scripting (XSS) vulnerability in 
the Blogs widget in
 CVE-2025-61498 (A buffer overflow in the UPnP service of Tenda AC8 Hardware 
v03.03.10. ...)
        NOT-FOR-US: Tenda
 CVE-2025-61196 (An issue in BusinessNext CRMnext v.10.8.3.0 allows a remote 
attacker t ...)
-       TODO: check
+       NOT-FOR-US: BusinessNext CRMnext
 CVE-2025-61121 (Mobile Scanner Android App version 2.12.38 (package name 
com.glority.e ...)
-       TODO: check
+       NOT-FOR-US: Mobile Scanner Android App
 CVE-2025-61120 (AG Life Logger Android App version v1.0.2.72 and before 
(package name  ...)
-       TODO: check
+       NOT-FOR-US: AG Life Logger Android App
 CVE-2025-61119 (Kanova Android App version 1.0.27 (package name com.karelane), 
develop ...)
-       TODO: check
+       NOT-FOR-US: Kanova Android App
 CVE-2025-61118 (mCarFix Motorists App version 2.3 (package name 
com.skytop.mcarfix), d ...)
-       TODO: check
+       NOT-FOR-US: mCarFix Motorists App
 CVE-2025-61117 (Senza: Keto & Fasting Android App version 2.10.15 (package 
name com.gl ...)
-       TODO: check
+       NOT-FOR-US: Senza: Keto & Fasting Android App
 CVE-2025-61116 (AdForest - Classified Android App version 4.0.12 (package name 
scripts ...)
-       TODO: check
+       NOT-FOR-US: AdForest - Classified Android App
 CVE-2025-61115 (ABC Fine Wine & Spirits Android App version v.11.27.5 and 
before (pack ...)
-       TODO: check
+       NOT-FOR-US: ABC Fine Wine & Spirits Android App
 CVE-2025-61114 (2nd Line Android App version v1.2.92 and before (package name 
com.myse ...)
-       TODO: check
+       NOT-FOR-US: 2nd Line Android App
 CVE-2025-61113 (TalkTalk 3.3.6 Android App contains improper access control 
vulnerabil ...)
-       TODO: check
+       NOT-FOR-US: TalkTalk
 CVE-2025-60950 (An arbitrary file upload vulnerability in the Data Preparation 
functio ...)
-       TODO: check
+       NOT-FOR-US: AIxBlock
 CVE-2025-60319 (PerfreeBlog v4.0.11 is vulnerable to Server-Side Request 
Forgery due t ...)
-       TODO: check
+       NOT-FOR-US: PerfreeBlog
 CVE-2025-5347 (Zohocorp ManageEngine Exchange Reporter Plus versions before 
5723 are  ...)
        NOT-FOR-US: Zoho
 CVE-2025-5343 (Zohocorp ManageEngine Exchange Reporter Plus versions through 
5721 are ...)
@@ -69,13 +69,13 @@ CVE-2025-5342 (Zohocorp ManageEngine Exchange Reporter Plus 
through 5721 are vul
 CVE-2025-57109 (Kitware VTK (Visualization Toolkit) 9.5.0 is vulnerable to 
Heap Use-Af ...)
        TODO: check
 CVE-2025-56313 (A Reflected Cross-Site Scripting (XSS) vulnerability was 
discovered in ...)
-       TODO: check
+       NOT-FOR-US: JATOS
 CVE-2025-54471 (NeuVector used a hard-coded cryptographic key embedded in the 
source   ...)
-       TODO: check
+       NOT-FOR-US: NeuVector
 CVE-2025-54470 (This vulnerability affects NeuVector deployments only when the 
Report  ...)
-       TODO: check
+       NOT-FOR-US: NeuVector
 CVE-2025-54469 (A vulnerability was identified in NeuVector, where the 
enforcer used e ...)
-       TODO: check
+       NOT-FOR-US: NeuVector
 CVE-2025-53883 (A Improper Neutralization of Script-Related HTML Tags in a Web 
Page (B ...)
        TODO: check
 CVE-2025-53880 (A Path Traversal vulnerability in the tftpsync/add and 
tftpsync/delete ...)



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/5d47c54c4667fee6cb80f3c010a93579530c28a2

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/5d47c54c4667fee6cb80f3c010a93579530c28a2
You're receiving this email because of your account on salsa.debian.org.

_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

[Git][security-tracker-team/security-tracker][master] Process some NFUs

Reply via email to