Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
f5c3bed1 by security tracker role at 2025-12-02T08:13:48+00:00
automatic NOT-FOR-US entries update
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -65,133 +65,133 @@ CVE-2025-65622 (Snipe-IT before 8.3.4 allows stored XSS
via the Locations "Count
CVE-2025-65621 (Snipe-IT before 8.3.4 allows stored XSS, allowing a
low-privileged aut ...)
TODO: check
CVE-2025-58488 (Improper verification of source of a communication channel in
SmartTou ...)
- TODO: check
+ NOT-FOR-US: Samsung Mobile
CVE-2025-58487 (Improper authorization in Samsung Account prior to version
15.5.01.1 a ...)
- TODO: check
+ NOT-FOR-US: Samsung Mobile
CVE-2025-58486 (Improper input validation in Samsung Account prior to version
15.5.01. ...)
- TODO: check
+ NOT-FOR-US: Samsung Mobile
CVE-2025-58485 (Improper input validation in Samsung Internet prior to version
29.0.0. ...)
- TODO: check
+ NOT-FOR-US: Samsung Mobile
CVE-2025-58484 (Incorrect default permissions in Samsung Cloud Assistant prior
to vers ...)
- TODO: check
+ NOT-FOR-US: Samsung Mobile
CVE-2025-58483 (Improper export of android application components in Galaxy
Store for ...)
- TODO: check
+ NOT-FOR-US: Samsung Mobile
CVE-2025-58482 (Improper access control in MPLocalService of MotionPhoto prior
to vers ...)
- TODO: check
+ NOT-FOR-US: Samsung Mobile
CVE-2025-58481 (Improper access control in MPRemoteService of MotionPhoto
prior to ver ...)
- TODO: check
+ NOT-FOR-US: Samsung Mobile
CVE-2025-58480 (Heap-based buffer overflow in libimagecodec.quram.so prior to
SMR Dec- ...)
- TODO: check
+ NOT-FOR-US: Samsung Mobile
CVE-2025-58479 (Out-of-bounds read in libimagecodec.quram.so prior to SMR
Dec-2025 Rel ...)
- TODO: check
+ NOT-FOR-US: Samsung Mobile
CVE-2025-58478 (Out-of-bounds write in libimagecodec.quram.so prior to SMR
Dec-2025 Re ...)
- TODO: check
+ NOT-FOR-US: Samsung Mobile
CVE-2025-58477 (Out-of-bounds write in parsing IFD tag in
libimagecodec.quram.so prior ...)
- TODO: check
+ NOT-FOR-US: Samsung Mobile
CVE-2025-58476 (Out-of-bounds read vulnerability in bootloader prior to SMR
Dec-2025 R ...)
- TODO: check
+ NOT-FOR-US: Samsung Mobile
CVE-2025-58475 (Improper input validation in libsec-ril.so prior to SMR
Dec-2025 Relea ...)
- TODO: check
+ NOT-FOR-US: Samsung Mobile
CVE-2025-58044 (JumpServer is an open source bastion host and an operation and
mainten ...)
TODO: check
CVE-2025-55749 (XWiki is an open-source wiki software platform. From 16.7.0 to
16.10.1 ...)
- TODO: check
+ NOT-FOR-US: XWiki
CVE-2025-55129 (HackerOne community member Kassem S.(kassem_s94) has reported
that use ...)
TODO: check
CVE-2025-21080 (Improper export of android application components in Dynamic
Lockscree ...)
- TODO: check
+ NOT-FOR-US: Samsung Mobile
CVE-2025-21072 (Out-of-bounds write in decoding metadata in fingerprint
trustlet prior ...)
- TODO: check
+ NOT-FOR-US: Samsung Mobile
CVE-2025-20792 (In Modem, there is a possible system crash due to improper
input valid ...)
- TODO: check
+ NOT-FOR-US: MediaTek
CVE-2025-20791 (In Modem, there is a possible system crash due to incorrect
error hand ...)
- TODO: check
+ NOT-FOR-US: MediaTek
CVE-2025-20790 (In Modem, there is a possible system crash due to improper
input valid ...)
- TODO: check
+ NOT-FOR-US: MediaTek
CVE-2025-20789 (In GPU pdma, there is a possible information disclosure due to
a missi ...)
- TODO: check
+ NOT-FOR-US: MediaTek
CVE-2025-20788 (In GPU pdma, there is a possible memory corruption due to a
missing pe ...)
- TODO: check
+ NOT-FOR-US: MediaTek
CVE-2025-20777 (In display, there is a possible out of bounds write due to a
missing b ...)
- TODO: check
+ NOT-FOR-US: MediaTek
CVE-2025-20776 (In display, there is a possible out of bounds read due to a
missing bo ...)
- TODO: check
+ NOT-FOR-US: MediaTek
CVE-2025-20775 (In display, there is a possible memory corruption due to use
after fre ...)
- TODO: check
+ NOT-FOR-US: MediaTek
CVE-2025-20774 (In display, there is a possible out of bounds write due to a
missing b ...)
- TODO: check
+ NOT-FOR-US: MediaTek
CVE-2025-20773 (In display, there is a possible memory corruption due to use
after fre ...)
- TODO: check
+ NOT-FOR-US: MediaTek
CVE-2025-20772 (In display, there is a possible memory corruption due to use
after fre ...)
- TODO: check
+ NOT-FOR-US: MediaTek
CVE-2025-20771 (In display, there is a possible escalation of privilege due to
imprope ...)
- TODO: check
+ NOT-FOR-US: MediaTek
CVE-2025-20770 (In display, there is a possible memory corruption due to use
after fre ...)
- TODO: check
+ NOT-FOR-US: MediaTek
CVE-2025-20769 (In display, there is a possible out of bounds write due to a
missing b ...)
- TODO: check
+ NOT-FOR-US: MediaTek
CVE-2025-20768 (In display, there is a possible out of bounds read due to a
missing bo ...)
- TODO: check
+ NOT-FOR-US: MediaTek
CVE-2025-20767 (In display, there is a possible out of bounds write due to an
integer ...)
- TODO: check
+ NOT-FOR-US: MediaTek
CVE-2025-20766 (In display, there is a possible memory corruption due to
improper inpu ...)
- TODO: check
+ NOT-FOR-US: MediaTek
CVE-2025-20765 (In aee daemon, there is a possible system crash due to a race
conditio ...)
- TODO: check
+ NOT-FOR-US: MediaTek
CVE-2025-20764 (In smi, there is a possible out of bounds write due to a
missing bound ...)
- TODO: check
+ NOT-FOR-US: MediaTek
CVE-2025-20763 (In mmdvfs, there is a possible out of bounds write due to a
missing bo ...)
- TODO: check
+ NOT-FOR-US: MediaTek
CVE-2025-20759 (In Modem, there is a possible out of bounds read due to a
missing boun ...)
- TODO: check
+ NOT-FOR-US: MediaTek
CVE-2025-20758 (In Modem, there is a possible system crash due to an uncaught
exceptio ...)
- TODO: check
+ NOT-FOR-US: MediaTek
CVE-2025-20757 (In Modem, there is a possible system crash due to improper
input valid ...)
- TODO: check
+ NOT-FOR-US: MediaTek
CVE-2025-20756 (In Modem, there is a possible system crash due to a logic
error. This ...)
- TODO: check
+ NOT-FOR-US: MediaTek
CVE-2025-20755 (In Modem, there is a possible application crash due to
improper input ...)
- TODO: check
+ NOT-FOR-US: MediaTek
CVE-2025-20754 (In Modem, there is a possible system crash due to an incorrect
bounds ...)
- TODO: check
+ NOT-FOR-US: MediaTek
CVE-2025-20753 (In Modem, there is a possible system crash due to an uncaught
exceptio ...)
- TODO: check
+ NOT-FOR-US: MediaTek
CVE-2025-20752 (In Modem, there is a possible system crash due to a missing
bounds che ...)
- TODO: check
+ NOT-FOR-US: MediaTek
CVE-2025-20751 (In Modem, there is a possible system crash due to a missing
bounds che ...)
- TODO: check
+ NOT-FOR-US: MediaTek
CVE-2025-20750 (In Modem, there is a possible system crash due to improper
input valid ...)
- TODO: check
+ NOT-FOR-US: MediaTek
CVE-2025-13697 (The BlockArt Blocks \u2013 Gutenberg Blocks, Page Builder
Blocks ,Word ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-13696 (The Zigaform plugin for WordPress is vulnerable to Sensitive
Informati ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-13685 (The Photo Gallery by Ays plugin for WordPress is vulnerable to
Cross-S ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-13606 (The Export All Posts, Products, Orders, Refunds & Users plugin
for Wor ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-13387 (The Kadence WooCommerce Email Designer plugin for WordPress is
vulnera ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-13140 (The SurveyJS: Drag & Drop WordPress Form Builder plugin for
WordPress ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-13007 (The WP Social Ninja \u2013 Embed Social Feeds, Customer
Reviews, Chat ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-13001 (The donation WordPress plugin through 1.0 does not sanitize
and escape ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-13000 (The db-access WordPress plugin through 0.8.7 does not have
authorizati ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-12529 (The Cost Calculator Builder plugin for WordPress is vulnerable
to arbi ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-12483 (The Visualizer: Tables and Charts Manager for WordPress plugin
for Wor ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-11726 (The Beaver Builder \u2013 WordPress Page Builder plugin for
WordPress ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-10971 (Insecure Storage of Sensitive Information vulnerability in
MeetMe on i ...)
TODO: check
CVE-2024-51999 (Express.js minimalist web framework for node. Prior to 5.2.0
and 4.22. ...)
TODO: check
CVE-2024-45675 (IBM Informix Dynamic Server 14.10 could allow a local user on
the syst ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2025-8351 (Heap-based Buffer Overflow, Out-of-bounds Read vulnerability in
Avast ...)
NOT-FOR-US: Avast Antivirus on MacOS
CVE-2025-8045 (Use After Free vulnerability in Arm Ltd Valhall GPU Kernel
Driver, Arm ...)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/f5c3bed1c1b14433e02f84ef26a488861586449e
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/f5c3bed1c1b14433e02f84ef26a488861586449e
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
