Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
e0e2e638 by Salvatore Bonaccorso at 2025-12-01T21:23:09+01:00
Process some NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,15 +1,15 @@
CVE-2025-8351 (Heap-based Buffer Overflow, Out-of-bounds Read vulnerability in
Avast ...)
- TODO: check
+ NOT-FOR-US: Avast Antivirus on MacOS
CVE-2025-8045 (Use After Free vulnerability in Arm Ltd Valhall GPU Kernel
Driver, Arm ...)
TODO: check
CVE-2025-7007 (NULL Pointer Dereference vulnerability in Avast Antivirus on
MacOS, Av ...)
- TODO: check
+ NOT-FOR-US: Avast Antivirus on MacOS
CVE-2025-6349 (Use After Free vulnerability in Arm Ltd Valhall GPU Kernel
Driver, Arm ...)
TODO: check
CVE-2025-65838 (PublicCMS V5.202506.b is vulnerable to path traversal via the
doUpload ...)
- TODO: check
+ NOT-FOR-US: PublicCMS
CVE-2025-65836 (PublicCMS V5.202506.b is vulnerable to SSRF. in the chat
interface of ...)
- TODO: check
+ NOT-FOR-US: PublicCMS
CVE-2025-65794
REJECTED
CVE-2025-65793
@@ -25,37 +25,37 @@ CVE-2025-65405 (A use-after-free in the
ADTSAudioFileSource::samplingFrequency()
CVE-2025-65404 (A buffer overflow in the getSideInfo2() function of Live555
Streaming ...)
TODO: check
CVE-2025-65403 (A buffer overflow in the g_cfg.MaxUsers component of LightFTP
v2.0 all ...)
- TODO: check
+ NOT-FOR-US: LightFTP
CVE-2025-64775 (Denial of Service vulnerability in Apache Struts, file leak in
multipa ...)
TODO: check
CVE-2025-64030 (Eximbills Enterprise 4.1.5 (Built on 2020-10-30) is vulnerable
to auth ...)
- TODO: check
+ NOT-FOR-US: Eximbills Enterprise
CVE-2025-63535 (A SQL injection vulnerability exists in the Blood Bank
Management Syst ...)
- TODO: check
+ NOT-FOR-US: Blood Bank Management System
CVE-2025-63534 (A cross-site scripting (XSS) vulnerability exists in the Blood
Bank Ma ...)
- TODO: check
+ NOT-FOR-US: Blood Bank Management System
CVE-2025-63533 (A cross-site scripting (XSS) vulnerability exists in the Blood
Bank Ma ...)
- TODO: check
+ NOT-FOR-US: Blood Bank Management System
CVE-2025-63532 (A SQL injection vulnerability exists in the Blood Bank
Management Syst ...)
- TODO: check
+ NOT-FOR-US: Blood Bank Management System
CVE-2025-63531 (A SQL injection vulnerability exists in the Blood Bank
Management Syst ...)
- TODO: check
+ NOT-FOR-US: Blood Bank Management System
CVE-2025-63529 (A session fixation vulnerability exists in Blood Bank
Management Syste ...)
- TODO: check
+ NOT-FOR-US: Blood Bank Management System
CVE-2025-63528 (A cross-site scripting (XSS) vulnerability exists in the Blood
Bank Ma ...)
- TODO: check
+ NOT-FOR-US: Blood Bank Management System
CVE-2025-63527 (A cross-site scripting (XSS) vulnerability exists in the Blood
Bank Ma ...)
- TODO: check
+ NOT-FOR-US: Blood Bank Management System
CVE-2025-63526 (A cross-site scripting (XSS) vulnerability exists in the Blood
Bank Ma ...)
- TODO: check
+ NOT-FOR-US: Blood Bank Management System
CVE-2025-63525 (An issue was discovered in Blood Bank Management System 1.0
allowing a ...)
- TODO: check
+ NOT-FOR-US: Blood Bank Management System
CVE-2025-63523 (FeehiCMS version 2.1.1 fails to enforce server-side
immutability for p ...)
- TODO: check
+ NOT-FOR-US: FeehiCMS
CVE-2025-63522 (Reverse Tabnabbing vulnerability in FeehiCMS 2.1.1 in the
Comments Man ...)
- TODO: check
+ NOT-FOR-US: FeehiCMS
CVE-2025-63520 (Cross Site Scripting (XSS) vulnerability in FeehiCMS 2.1.1 via
the id ...)
- TODO: check
+ NOT-FOR-US: FeehiCMS
CVE-2025-63365 (SoftSea EPUB File Reader 1.0.0.0 is vulnerable to Directory
Traversal. ...)
TODO: check
CVE-2025-63317 (Todoist v8896 is vulnerable to Cross Site Scripting (XSS) in
/api/v1/u ...)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/e0e2e638cbbe38078d1df0783e8e074fbc6bac05
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/e0e2e638cbbe38078d1df0783e8e074fbc6bac05
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
