Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
2b85b721 by Salvatore Bonaccorso at 2025-11-08T09:39:42+01:00
Process some NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -3,53 +3,53 @@ CVE-2025-9334 (The Better Find and Replace \u2013 AI-Powered
Suggestions plugin
CVE-2025-7663 (The Ovatheme Events Manager plugin for WordPress is vulnerable
to unau ...)
NOT-FOR-US: WordPress plugin
CVE-2025-64496 (Open WebUI is a self-hosted artificial intelligence platform
designed ...)
- TODO: check
+ NOT-FOR-US: Open WebUI
CVE-2025-64495 (Open WebUI is a self-hosted artificial intelligence platform
designed ...)
- TODO: check
+ NOT-FOR-US: Open WebUI
CVE-2025-64494 (Soft Serve is a self-hostable Git server for the command line.
In vers ...)
- TODO: check
+ NOT-FOR-US: Soft Serve
CVE-2025-64493 (SuiteCRM is an open-source, enterprise-ready Customer
Relationship Man ...)
- TODO: check
+ NOT-FOR-US: SuiteCRM
CVE-2025-64492 (SuiteCRM is an open-source, enterprise-ready Customer
Relationship Man ...)
- TODO: check
+ NOT-FOR-US: SuiteCRM
CVE-2025-64491 (SuiteCRM is an open-source, enterprise-ready Customer
Relationship Man ...)
- TODO: check
+ NOT-FOR-US: SuiteCRM
CVE-2025-64490 (SuiteCRM is an open-source, enterprise-ready Customer
Relationship Man ...)
- TODO: check
+ NOT-FOR-US: SuiteCRM
CVE-2025-64489 (SuiteCRM is an open-source, enterprise-ready Customer
Relationship Man ...)
- TODO: check
+ NOT-FOR-US: SuiteCRM
CVE-2025-64488 (SuiteCRM is an open-source, enterprise-ready Customer
Relationship Man ...)
- TODO: check
+ NOT-FOR-US: SuiteCRM
CVE-2025-64486 (calibre is an e-book manager. In versions 8.13.0 and prior,
calibre do ...)
TODO: check
CVE-2025-64485 (CVAT is an open source interactive video and image annotation
tool for ...)
- TODO: check
+ NOT-FOR-US: Computer Vision Annotation Tool (CVAT)
CVE-2025-64481 (Datasette is an open source multi-tool for exploring and
publishing da ...)
- TODO: check
+ NOT-FOR-US: Datasette
CVE-2025-64442 (HumHub is an Open Source Enterprise Social Network. Versions
below 1.1 ...)
- TODO: check
+ NOT-FOR-US: HumHub
CVE-2025-64439 (LangGraph SQLite Checkpoint is an implementation of LangGraph
Checkpoi ...)
- TODO: check
+ NOT-FOR-US: LangGraph SQLite Checkpoint
CVE-2025-64437 (KubeVirt is a virtual machine management add-on for
Kubernetes. In ver ...)
- TODO: check
+ NOT-FOR-US: KubeVirt
CVE-2025-64436 (KubeVirt is a virtual machine management add-on for
Kubernetes. In 1.5 ...)
- TODO: check
+ NOT-FOR-US: KubeVirt
CVE-2025-64435 (KubeVirt is a virtual machine management add-on for
Kubernetes. Prior ...)
- TODO: check
+ NOT-FOR-US: KubeVirt
CVE-2025-64434 (KubeVirt is a virtual machine management add-on for
Kubernetes. Prior ...)
- TODO: check
+ NOT-FOR-US: KubeVirt
CVE-2025-64433 (KubeVirt is a virtual machine management add-on for
Kubernetes. Prior ...)
- TODO: check
+ NOT-FOR-US: KubeVirt
CVE-2025-63544 (TechStore 1.0 is vulnerable to Cross Site Scripting (XSS) in
/order_no ...)
- TODO: check
+ NOT-FOR-US: TechStore
CVE-2025-63543 (TechStore 1.0 is vulnerable to Cross Site Scripting (XSS) in
the /sear ...)
- TODO: check
+ NOT-FOR-US: TechStore
CVE-2025-63420 (A stored cross-site scripting (XSS) vulnerability in the
CrushFTP 11.3 ...)
- TODO: check
+ NOT-FOR-US: CrushFTP
CVE-2025-60574 (A Local File Inclusion (LFI) vulnerability has been identified
in tQua ...)
- TODO: check
+ NOT-FOR-US: tQuadra CMS
CVE-2025-37736 (Improper Authorization in Elastic Cloud Enterprise can lead to
Privile ...)
- TODO: check
+ NOT-FOR-US: Elastic Cloud Enterprise
CVE-2025-12911 (Inappropriate implementation in Permissions in Google Chrome
prior to ...)
TODO: check
CVE-2025-12910 (Inappropriate implementation in Passkeys in Google Chrome
prior to 140 ...)
@@ -65,9 +65,9 @@ CVE-2025-12906 (Inappropriate implementation in Permissions
in Google Chrome pri
CVE-2025-12905 (Inappropriate implementation in Downloads in Google Chrome on
Windows ...)
TODO: check
CVE-2025-12902 (Improper resource management in firmware of some Solidigm DC
Products ...)
- TODO: check
+ NOT-FOR-US: Solidigm DC
CVE-2025-12896 (Improper resource management in firmware of some Solidigm DC
Products ...)
- TODO: check
+ NOT-FOR-US: Solidigm DC
CVE-2025-12875 (A weakness has been identified in mruby 3.4.0. This
vulnerability affe ...)
TODO: check
CVE-2025-12863 (A flaw was found in the xmlSetTreeDoc() function of the
libxml2 XML pa ...)
@@ -79,7 +79,7 @@ CVE-2025-12583 (The Simple Downloads List plugin for
WordPress is vulnerable to
CVE-2025-12498 (The EventPrime \u2013 Events Calendar, Bookings and Tickets
plugin for ...)
NOT-FOR-US: WordPress plugin
CVE-2025-12418 (Potential Denial of Service issue in all supported versions of
Revener ...)
- TODO: check
+ NOT-FOR-US: Revenera InstallShield
CVE-2025-12353 (The WPFunnels \u2013 The Easiest Funnel Builder For WordPress
And WooC ...)
NOT-FOR-US: WordPress plugin
CVE-2025-12193 (The Mang Board WP plugin for WordPress is vulnerable to
Reflected Cros ...)
@@ -107,7 +107,7 @@ CVE-2025-11748 (The Groups plugin for WordPress is
vulnerable to Insecure Direct
CVE-2025-11452 (The Asgaros Forum plugin for WordPress is vulnerable to SQL
Injection ...)
NOT-FOR-US: WordPress plugin
CVE-2020-36870 (Various Ruijie Gateway EG and NBR models firmware versions
11.1(6)B9P1 ...)
- TODO: check
+ NOT-FOR-US: Ruijie
CVE-2025-9458 (A maliciously crafted PRT file, when parsed through certain
Autodesk p ...)
NOT-FOR-US: Autodesk
CVE-2025-7719 (Improper Limitation of a Pathname to a Restricted Directory
('Path Tra ...)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/2b85b721985a8a4e93142acc0ddec197768c74c4
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/2b85b721985a8a4e93142acc0ddec197768c74c4
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
