Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
22275591 by Salvatore Bonaccorso at 2025-11-15T09:43:20+01:00
Process some NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,9 +1,9 @@
CVE-2025-9317 (The vulnerability, if exploited, could allow a miscreant with
read ac ...)
- TODO: check
+ NOT-FOR-US: AVEVA
CVE-2025-8994 (The Project Management, Team Collaboration, Kanban Board, Gantt
Charts ...)
NOT-FOR-US: WordPress plugin
CVE-2025-8386 (The vulnerability, if exploited, could allow an authenticated
miscrean ...)
- TODO: check
+ NOT-FOR-US: AVEVA
CVE-2025-65072
REJECTED
CVE-2025-65071
@@ -23,13 +23,13 @@ CVE-2025-65065
CVE-2025-65064
REJECTED
CVE-2025-64309 (Brightpick Mission Control discloses device telemetry,
configuration, ...)
- TODO: check
+ NOT-FOR-US: Brightpick Mission Control
CVE-2025-64308 (The Brightpick Mission Control web application exposes
hardcoded crede ...)
- TODO: check
+ NOT-FOR-US: Brightpick Mission Control
CVE-2025-64307 (The Brightpick Internal Logic Control web interface is
accessible wit ...)
- TODO: check
+ NOT-FOR-US: Brightpick
CVE-2025-64084 (An authenticated SQL injection vulnerability exists in
Cloudlog 2.7.5 ...)
- TODO: check
+ NOT-FOR-US: Cloudlog
CVE-2025-63891 (Information Disclosure in web-accessible backup file in
SourceCodester ...)
NOT-FOR-US: SourceCodester
CVE-2025-63745 (A NULL pointer dereference vulnerability was discovered in
radare2 6.0 ...)
@@ -37,13 +37,13 @@ CVE-2025-63745 (A NULL pointer dereference vulnerability
was discovered in radar
CVE-2025-63744 (A NULL pointer dereference vulnerability was discovered in
radare2 6.0 ...)
TODO: check
CVE-2025-62765 (General Industrial Controls Lynx+ Gatewayis vulnerable to a
cleartext ...)
- TODO: check
+ NOT-FOR-US: General Industrial Controls Lynx+ Gateway
CVE-2025-59780 (General Industrial Controls Lynx+ Gatewayis missing critical
authentic ...)
- TODO: check
+ NOT-FOR-US: General Industrial Controls Lynx+ Gateway
CVE-2025-58083 (General Industrial Controls Lynx+ Gateway is missing critical
authent ...)
- TODO: check
+ NOT-FOR-US: General Industrial Controls Lynx+ Gateway
CVE-2025-55034 (General Industrial Controls Lynx+ Gatewayis vulnerable to a
weak passw ...)
- TODO: check
+ NOT-FOR-US: General Industrial Controls Lynx+ Gateway
CVE-2025-1256
REJECTED
CVE-2025-13191 (A vulnerability was determined in D-Link DIR-816L
2_06_b09_beta. This ...)
@@ -57,13 +57,13 @@ CVE-2025-13188 (A vulnerability was detected in D-Link
DIR-816L 2_06_b09_beta. A
CVE-2025-13187 (A security vulnerability has been detected in Intelbras ICIP
2.0.20. A ...)
NOT-FOR-US: Intelbras
CVE-2025-13186 (A weakness has been identified in Bdtask/CodeCanyon Isshue
Multi Store ...)
- TODO: check
+ NOT-FOR-US: Bdtask/CodeCanyon Isshue Multi Store eCommerce Shopping
Cart Solution
CVE-2025-13185 (A security flaw has been discovered in Bdtask/CodeCanyon
News365 up to ...)
- TODO: check
+ NOT-FOR-US: Bdtask/CodeCanyon News365
CVE-2025-13182 (A vulnerability was identified in pojoin h3blog 1.0. The
impacted elem ...)
- TODO: check
+ NOT-FOR-US: pojoin h3blog
CVE-2025-13181 (A vulnerability was determined in pojoin h3blog 1.0. The
affected elem ...)
- TODO: check
+ NOT-FOR-US: pojoin h3blog
CVE-2025-12849 (The Contest Gallery plugin for WordPress is vulnerable to
authorizatio ...)
NOT-FOR-US: WordPress plugin
CVE-2025-12847 (The All in One SEO \u2013 Powerful SEO Plugin to Boost SEO
Rankings & ...)
@@ -73,27 +73,27 @@ CVE-2025-12494 (The Image Gallery \u2013 Photo Grid & Video
Gallery plugin for W
CVE-2025-12182 (The Qi Blocks plugin for WordPress is vulnerable to
unauthorized acces ...)
NOT-FOR-US: WordPress plugin
CVE-2023-7328 (Screen SFT DAB 600/C firmware versions up to and including
1.9.3 conta ...)
- TODO: check
+ NOT-FOR-US: Screen SFT DAB 600/C firmware
CVE-2022-4985 (Vodafone H500s devices running firmware v3.5.10 (hardware model
Sercom ...)
- TODO: check
+ NOT-FOR-US: Vodafone
CVE-2021-4471 (TG8 Firewall exposes a directory such as /data/ over HTTP
without auth ...)
- TODO: check
+ NOT-FOR-US: TG8 Firewall
CVE-2021-4470 (TG8 Firewall contains a pre-authentication remote code
execution vulne ...)
- TODO: check
+ NOT-FOR-US: TG8 Firewall
CVE-2021-4469 (Denver SHO-110 IP cameras expose a secondary HTTP service on
TCP port ...)
- TODO: check
+ NOT-FOR-US: Denver SHO-110 IP cameras
CVE-2021-4468 (PLANEX CS-QP50F-ING2 smart cameras expose a configuration
backup inter ...)
- TODO: check
+ NOT-FOR-US: PLANEX CS-QP50F-ING2 smart cameras
CVE-2021-4467 (Positive Technologies MaxPatrol 8 and XSpider contain a remote
denial- ...)
- TODO: check
+ NOT-FOR-US: Positive Technologies MaxPatrol 8 and XSpider
CVE-2021-4466 (IPCop versions up to and including 2.1.9 contain an
authenticated remo ...)
- TODO: check
+ NOT-FOR-US: IPCop
CVE-2021-4465 (ReQuest Serious Play F3 Media Server versions 7.0.3.4968 (Pro),
7.0.2. ...)
- TODO: check
+ NOT-FOR-US: ReQuest Serious Play F3 Media Server
CVE-2018-25125 (Netis ADSL Router DL4322D firmware RTK 2.1.1 contains a buffer
overflo ...)
- TODO: check
+ NOT-FOR-US: Netis ADSL Router DL4322D firmware RTK
CVE-2016-15056 (Ubee EVW3226 cable modem/routers firmware versions up to and
including ...)
- TODO: check
+ NOT-FOR-US: Ubee EVW3226 cable modem/routers firmware
CVE-2025-9982 (A vulnerability exists in QuickCMS version 6.8 where sensitive
admin c ...)
NOT-FOR-US: QuickCMS
CVE-2025-8870 (On affected platforms running Arista EOS, certain serial
console input ...)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/2227559140f920410a18f84efa36fdb7421cdae7
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/2227559140f920410a18f84efa36fdb7421cdae7
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
