Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
f97edde5 by security tracker role at 2025-12-01T20:13:33+00:00
automatic NOT-FOR-US entries update
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -69,7 +69,7 @@ CVE-2025-61228 (An issue in Shirt Pocket SuperDuper! V.3.10
and before allows a
CVE-2025-59789 (Uncontrolled recursion in the json2pb component in Apache bRPC
(versio ...)
TODO: check
CVE-2025-58408 (Software installed and run as a non-privileged user may
conduct improp ...)
- TODO: check
+ NOT-FOR-US: Imagination Technologies
CVE-2025-57489 (Incorrect access control in the SDAgent component of Shirt
Pocket Supe ...)
TODO: check
CVE-2025-55222 (A denial of service vulnerability exists in the Modbus TCP and
Modbus ...)
@@ -93,11 +93,11 @@ CVE-2025-49643 (An authenticated Zabbix user (including
Guest) is able to cause
CVE-2025-49642 (Library loading on AIX Zabbix Agent builds can be hijacked by
local us ...)
TODO: check
CVE-2025-41739 (An unauthenticated remote attacker, who beats a race
condition, can ex ...)
- TODO: check
+ NOT-FOR-US: CODESYS
CVE-2025-41738 (An unauthenticated remote attacker may cause the visualisation
server ...)
- TODO: check
+ NOT-FOR-US: CODESYS
CVE-2025-41700 (An unauthenticated attacker can trick a local user into
executing arbi ...)
- TODO: check
+ NOT-FOR-US: CODESYS
CVE-2025-41070 (Reflected Cross-site Scripting (XSS) vulnerability in Sanoma's
Clicked ...)
TODO: check
CVE-2025-3500 (Integer Overflow or Wraparound vulnerability in Avast Antivirus
(25.1. ...)
@@ -119,7 +119,7 @@ CVE-2025-13837 (When loading a plist file, the plistlib
module reads data in siz
CVE-2025-13836 (When reading an HTTP response from a server, if no read amount
is spec ...)
TODO: check
CVE-2025-13835 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-13829 (Incorrect Authorization vulnerability in Data Illusion
Zumbrunn NGSurv ...)
TODO: check
CVE-2025-13819 (Open redirect in the web server component of MiR Robot and
Fleet softw ...)
@@ -137,7 +137,7 @@ CVE-2025-13129 (Improper Enforcement of Behavioral Workflow
vulnerability in Sen
CVE-2025-12756 (Mattermost versions 11.0.x <= 11.0.2, 10.12.x <= 10.12.1,
10.11.x <= 1 ...)
TODO: check
CVE-2025-11772 (A carefully crafted DLL, copied to C:\ProgramData\Synaptics
folder ...)
- TODO: check
+ NOT-FOR-US: Synaptics
CVE-2025-11699 (nopCommerce v4.70 and prior, and version 4.80.3, does not
invalidate s ...)
TODO: check
CVE-2025-10101 (Heap-based Buffer Overflow, Out-of-bounds Write vulnerability
in Avast ...)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/f97edde59c8c33e5c6ed928a491cc7287bb6cef6
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/f97edde59c8c33e5c6ed928a491cc7287bb6cef6
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
