Moritz Muehlenhoff pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
3899b052 by Moritz Muehlenhoff at 2025-11-13T11:56:47+01:00
NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -227,7 +227,7 @@ CVE-2025-63353 (A vulnerability in FiberHome GPON ONU
HG6145F1 RP4423 allows the
CVE-2025-63289 (Sogexia Android App Compile Affected SDK v35, Max SDK 32 and
fixed in ...)
NOT-FOR-US: Sogexia Android App Compile Affected SDK
CVE-2025-62876 (A Execution with Unnecessary Privileges vulnerability in
lightdm-kde-g ...)
- TODO: check
+ NOT-FOR-US: lightdm-kde-greeter
CVE-2025-61667 (The Datadog Agent collects events and metrics from hosts and
sends the ...)
NOT-FOR-US: Datadog Agent
CVE-2025-61623 (Reflected cross-site scripting vulnerability in Apache OFBiz.
This is ...)
@@ -267,7 +267,7 @@ CVE-2025-57812 (CUPS is a standards-based, open-source
printing system, and `lib
NOTE: Fixed by:
https://github.com/OpenPrinting/cups-filters/commit/7bd588a1fc5c99ac0b1951beb1b54b438137a7b5
NOTE: Fixed by:
https://github.com/OpenPrinting/cups-filters/commit/5e5f1c5d46a043c57cbbe6e043aa95896d9c40fa
CVE-2025-57310 (A Cross-Site Request Forgery (CSRF) vulnerability in
Salmen2/Simple-Fa ...)
- TODO: check
+ NOT-FOR-US: Simple-Faucet-Script
CVE-2025-56385 (A SQL injection vulnerability exists in the login
functionality of Wel ...)
NOT-FOR-US: WellSky Harmony
CVE-2025-52331 (Cross-site scripting (XSS) vulnerability in the generate
report functi ...)
@@ -285,7 +285,7 @@ CVE-2025-20379 (In Splunk Enterprise versions below 10.0.1,
9.4.5, 9.3.7, and 9.
CVE-2025-20378 (In Splunk Enterprise versions below 10.0.1, 9.4.5, 9.3.7,
9.2.9, and S ...)
NOT-FOR-US: Cisco
CVE-2025-13058 (A security flaw has been discovered in soerennb eXtplorer up
to 2.1.15 ...)
- TODO: check
+ - extplorer <removed>
CVE-2025-13057 (A vulnerability was identified in Campcodes School Fees
Payment Manage ...)
NOT-FOR-US: Campcodes
CVE-2025-12998 (Improper Authentication vulnerability in TYPO3 Extension
"Modules" cod ...)
@@ -1260,7 +1260,7 @@ CVE-2025-63384 (A vulnerability was discovered in RISC-V
Rocket-Chip v1.6 and be
CVE-2025-63296 (KERUI K259 5MP Wi-Fi / Tuya Smart Security Camera firmware
v33.53.87 c ...)
NOT-FOR-US: KERUI K259 5MP Wi-Fi / Tuya Smart Security Camera firmware
CVE-2025-62780 (changedetection.io is a free open source web page change
detection too ...)
- TODO: check
+ NOT-FOR-US: changedetection.io
CVE-2025-5718 (The ACAP Application framework could allow privilege escalation
throug ...)
NOT-FOR-US: Axis Communication
CVE-2025-5454 (An ACAP configuration file lacked sufficient input validation,
which c ...)
@@ -1546,7 +1546,7 @@ CVE-2025-12405 (An improper privilege management
vulnerability was found in Look
CVE-2025-12397 (A SQL injection vulnerability was found in Looker Studio. A
Looker St ...)
NOT-FOR-US: Looker Studio
CVE-2025-12155 (A Command Injection vulnerability, resulting from improper
file path s ...)
- TODO: check
+ NOT-FOR-US: Looker
CVE-2025-64170 [GHSA-c978-wq47-pvvw]
{DSA-6052-1}
- rust-sudo-rs 0.2.10-1
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/3899b052a4985539f0ab87818211467d24b132ef
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/3899b052a4985539f0ab87818211467d24b132ef
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
