[Git][security-tracker-team/security-tracker][master] Process some NFUs

Mon, 17 Nov 2025 13:06:50 -0800 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
d6cf9e07 by Salvatore Bonaccorso at 2025-11-17T22:06:08+01:00
Process some NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,29 +1,29 @@
 CVE-2025-65083 (GoSign Desktop through 2.4.1 disables TLS certificate 
validation when  ...)
-       TODO: check
+       NOT-FOR-US: GoSign Desktop
 CVE-2025-64758 (@dependencytrack/frontend is a Single Page Application (SPA) 
used in D ...)
-       TODO: check
+       NOT-FOR-US: DependencyTrack/frontend
 CVE-2025-64756 (Glob matches files using patterns the shell uses. From 
versions 10.3.7 ...)
        TODO: check
 CVE-2025-64342 (ESF-IDF is the Espressif Internet of Things (IOT) Development 
Framewor ...)
-       TODO: check
+       NOT-FOR-US: ESF-IDF
 CVE-2025-64046 (OpenRapid RapidCMS 1.3.1 is vulnerable to Cross Site Scripting 
(XSS) i ...)
-       TODO: check
+       NOT-FOR-US: OpenRapid RapidCMS
 CVE-2025-63918 (PDFPatcher executable does not validate user-supplied file 
paths, allo ...)
-       TODO: check
+       NOT-FOR-US: PDFPatcher
 CVE-2025-63917 (PDFPatcher thru 1.1.3.4663 executable's XML bookmark import 
functional ...)
-       TODO: check
+       NOT-FOR-US: PDFPatcher
 CVE-2025-63916 (MyScreenTools v2.2.1.0 contains a critical OS command 
injection vulner ...)
-       TODO: check
+       NOT-FOR-US: MyScreenTools
 CVE-2025-63748 (QaTraq 6.9.2 allows authenticated users to upload arbitrary 
files via  ...)
-       TODO: check
+       NOT-FOR-US: QaTraq
 CVE-2025-63747 (QaTraq 6.9.2 ships with administrative account credentials 
which are e ...)
-       TODO: check
+       NOT-FOR-US: QaTraq
 CVE-2025-63708 (Cross-Site Scripting (XSS) vulnerability exists in 
SourceCodester AI F ...)
        NOT-FOR-US: SourceCodester
 CVE-2025-63292 (Freebox v5 HD (firmware = 1.7.20), Freebox v5 Crystal 
(firmware = 1.7. ...)
-       TODO: check
+       NOT-FOR-US: Freebox
 CVE-2025-62519 (phpMyFAQ is an open source FAQ web application. Prior to 
version 4.0.1 ...)
-       TODO: check
+       NOT-FOR-US: phpMyFAQ
 CVE-2025-58410 (Software installed and run as a non-privileged user may 
conduct improp ...)
        NOT-FOR-US: Imagination Technologies
 CVE-2025-58407 (Kernel or driver software installed on a Guest VM may post 
improper co ...)



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/d6cf9e07ee60dc2b663b7993f527fc2395d97a70

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/d6cf9e07ee60dc2b663b7993f527fc2395d97a70
You're receiving this email because of your account on salsa.debian.org.



_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

Reply via email to