[Git][security-tracker-team/security-tracker][master] Process some more NFUs

Salvatore Bonaccorso (@carnil) Tue, 11 Nov 2025 13:20:42 -0800


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker



Commits:
58fe2706 by Salvatore Bonaccorso at 2025-11-11T22:20:00+01:00
Process some more NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -185,23 +185,23 @@ CVE-2025-59505 (Double free in Windows Smart Card allows 
an authorized attacker
 CVE-2025-59504 (Heap-based buffer overflow in Azure Monitor Agent allows an 
unauthoriz ...)
        NOT-FOR-US: Microsoft
 CVE-2025-59499 (Improper neutralization of special elements used in an sql 
command ('s ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2025-59240 (Exposure of sensitive information to an unauthorized actor in 
Microsof ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2025-47179 (Improper access control in Microsoft Configuration Manager 
allows an a ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2025-41106 (HTML injection vulnerability found in Fairsketch's RISE CRM 
Framework  ...)
-       TODO: check
+       NOT-FOR-US: Fairsketch's RISE CRM Framework
 CVE-2025-41105 (HTML injection vulnerability found in Fairsketch's RISE CRM 
Framework  ...)
-       TODO: check
+       NOT-FOR-US: Fairsketch's RISE CRM Framework
 CVE-2025-41104 (HTML injection vulnerability found in Fairsketch's RISE CRM 
Framework  ...)
-       TODO: check
+       NOT-FOR-US: Fairsketch's RISE CRM Framework
 CVE-2025-41103 (HTML injection vulnerability found in Fairsketch's RISE CRM 
Framework  ...)
-       TODO: check
+       NOT-FOR-US: Fairsketch's RISE CRM Framework
 CVE-2025-41102 (HTML injection vulnerability found in Fairsketch's RISE CRM 
Framework  ...)
-       TODO: check
+       NOT-FOR-US: Fairsketch's RISE CRM Framework
 CVE-2025-41101 (HTML injection vulnerability found in Fairsketch's RISE CRM 
Framework  ...)
-       TODO: check
+       NOT-FOR-US: Fairsketch's RISE CRM Framework
 CVE-2025-35972 (Uncontrolled search path for the Intel MPI Library before 
version 2021 ...)
        TODO: check
 CVE-2025-35971 (Out-of-bounds write for some Intel(R) PROSet/Wireless WiFi 
Software fo ...)
@@ -215,21 +215,21 @@ CVE-2025-35963 (Insufficient control flow management for 
some Intel(R) PROSet/Wi
 CVE-2025-33202 (NVIDIA Triton Inference Server for Linux and Windows contains 
a vulner ...)
        NOT-FOR-US: NVIDIA
 CVE-2025-33186 (NVIDIA AIStore contains a vulnerability in AuthN. A successful 
exploit ...)
-       TODO: check
+       NOT-FOR-US: NVIDIA AIStore
 CVE-2025-33185 (NVIDIA AIStore contains a vulnerability in AuthN where an 
unauthentica ...)
-       TODO: check
+       NOT-FOR-US: NVIDIA AIStore
 CVE-2025-33178 (NVIDIA NeMo Framework for all platforms contains a 
vulnerability in th ...)
        NOT-FOR-US: NVIDIA
 CVE-2025-33029 (Out-of-bounds write for some Intel(R) PROSet/Wireless WiFi 
Software fo ...)
        NOT-FOR-US: Intel
 CVE-2025-33000 (Improper input validation for some Intel QuickAssist 
Technology before ...)
-       TODO: check
+       NOT-FOR-US: Intel
 CVE-2025-32732 (Buffer overflow for some Intel(R) QAT Windows software before 
version  ...)
        NOT-FOR-US: Intel
 CVE-2025-32449 (Unquoted search path for some PRI Driver software before 
version 03.03 ...)
        TODO: check
 CVE-2025-32446 (Untrusted pointer dereference for some Intel QuickAssist 
Technology so ...)
-       TODO: check
+       NOT-FOR-US: Intel
 CVE-2025-32091 (Incorrect default permissions in some firmware for the 
Intel(R) Arc(TM ...)
        TODO: check
 CVE-2025-32088 (Improper conditions check for some Intel(R) QAT Windows 
software befor ...)
@@ -257,11 +257,11 @@ CVE-2025-31146 (Time-of-check time-of-use race condition 
for some Intel Ethernet
 CVE-2025-30518 (Incorrect default permissions for some Intel(R) PresentMon 
before vers ...)
        NOT-FOR-US: Intel
 CVE-2025-30509 (Improper input validation for some Intel QuickAssist 
Technology softwa ...)
-       TODO: check
+       NOT-FOR-US: Intel
 CVE-2025-30506 (Uncontrolled search path for some Intel Driver and Support 
Assistant b ...)
        NOT-FOR-US: Intel
 CVE-2025-30398 (Missing authorization in Nuance PowerScribe allows an 
unauthorized att ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2025-30255 (Out-of-bounds write for some Intel(R) PROSet/Wireless WiFi 
Software fo ...)
        NOT-FOR-US: Intel
 CVE-2025-30185 (Active debug code for some Intel UEFI reference platforms 
within Ring  ...)
@@ -343,7 +343,7 @@ CVE-2025-20050 (Uncontrolled search path for some Intel(R) 
CIP software before v
 CVE-2025-20010 (Use of unmaintained third party components for some Intel(R) 
Processor ...)
        NOT-FOR-US: Intel
 CVE-2025-13032 (Double fetch in sandbox kernel driver in Avast/AVG Antivirus 
<25.3 on  ...)
-       TODO: check
+       NOT-FOR-US: Avast/AVG Antivirus
 CVE-2025-13027 (Memory safety bugs present in Firefox 144 and Thunderbird 144. 
Some of ...)
        TODO: check
 CVE-2025-12953 (The Classified Listing \u2013 AI-Powered Classified ads & 
Business Dir ...)
@@ -369,9 +369,9 @@ CVE-2025-12539 (The TNC Toolbox: Web Performance plugin for 
WordPress is vulnera
 CVE-2025-12101 (Cross-Site Scripting (XSS)inNetScaler ADC and NetScaler 
Gateway whenth ...)
        NOT-FOR-US: Citrix
 CVE-2025-11960 (Improper Neutralization of Input During Web Page Generation 
(XSS or 'C ...)
-       TODO: check
+       NOT-FOR-US: KVKNET
 CVE-2025-11959 (Files or Directories Accessible to External Parties, Exposure 
of Priva ...)
-       TODO: check
+       NOT-FOR-US: Excavation Management Information System
 CVE-2025-11862 (A security issue was discovered within Verve Asset Manager 
allowing un ...)
        NOT-FOR-US: Rockwell Automation
 CVE-2025-11697 (A local code execution security issue exists within Studio 
5000\xae Si ...)
@@ -385,11 +385,11 @@ CVE-2025-11084 (A security issue exists within 
DataMosaix\u2122 Private Cloud, a
 CVE-2025-10918 (Insecure default permissions in the agent of Ivanti Endpoint 
Manager b ...)
        NOT-FOR-US: Ivanti
 CVE-2025-10905 (Collision in MiniFilter driverin Avast Software Avast Free 
Antivirus b ...)
-       TODO: check
+       NOT-FOR-US: Avast Software Avast Free Antivirus
 CVE-2025-10161 (Improper Restriction of Excessive Authentication Attempts, 
Client-Side ...)
-       TODO: check
+       NOT-FOR-US: Perfektive
 CVE-2024-57695 (An issue in Agnitum Outpost Security Suite 7.5.3 
(3942.608.1810) and 7 ...)
-       TODO: check
+       NOT-FOR-US: Agnitum Outpost Security Suite
 CVE-2017-20210 (Photo Station 5.4.1 & 5.2.7 include the security fix for the 
vulnerabi ...)
        NOT-FOR-US: QNAP
 CVE-2025-13015 (Spoofing issue in Firefox. This vulnerability affects Firefox 
< 145, F ...)



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/58fe270612c2791214a182b745629d28d89bcc2a

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/58fe270612c2791214a182b745629d28d89bcc2a
You're receiving this email because of your account on salsa.debian.org.

_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

[Git][security-tracker-team/security-tracker][master] Process some more NFUs

Reply via email to