Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
bcfeb86f by Salvatore Bonaccorso at 2025-12-02T22:12:00+01:00
Process some NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -18,27 +18,27 @@ CVE-2025-66399 (Cacti is an open source performance and
fault management framewo
- cacti 1.2.30+ds1-1
NOTE:
https://github.com/Cacti/cacti/security/advisories/GHSA-c7rr-2h93-7gjf
CVE-2025-65896 (SQL injection vulnerability in long2ice assyncmy thru 0.2.10
allows at ...)
- TODO: check
+ NOT-FOR-US: long2ice assyncmy
CVE-2025-65881 (Sourcecodester Zoo Management System v1.0 is vulnerable to
Cross Site ...)
NOT-FOR-US: SourceCodester
CVE-2025-65877 (Lvzhou CMS before commit
c4ea0eb9cab5f6739b2c87e77d9ef304017ed615 (202 ...)
- TODO: check
+ NOT-FOR-US: Lvzhou CMS
CVE-2025-65858 (A Stored Cross-Site Scripting (XSS) vulnerability in
Calibre-Web v0.6. ...)
TODO: check
CVE-2025-65844 (EverShop 2.0.1 allows an unauthenticated user to upload files
and crea ...)
- TODO: check
+ NOT-FOR-US: EverShop
CVE-2025-65656 (dcat-admin v2.2.3-beta and before is vulnerable to file
inclusion in a ...)
- TODO: check
+ NOT-FOR-US: dcat-admin
CVE-2025-65379 (PHPGurukul Billing System 1.0 is vulnerable to SQL Injection
in the /a ...)
NOT-FOR-US: PHPGurukul
CVE-2025-65358 (Edoc-doctor-appointment-system v1.0.1 was discovered to
contain SQl in ...)
- TODO: check
+ NOT-FOR-US: Edoc-doctor-appointment-system
CVE-2025-65215 (Sourcecodester Web-based Pharmacy Product Management System
v1.0 is vu ...)
NOT-FOR-US: SourceCodester
CVE-2025-65187 (A Stored Cross Site Scripting vulnerability exists in CiviCRM
before v ...)
TODO: check
CVE-2025-65186 (Grav CMS 1.7.49 is vulnerable to Cross Site Scripting (XSS).
The page ...)
- TODO: check
+ NOT-FOR-US: Grav CMS
CVE-2025-65105 (Apptainer is an open source container platform. In Apptainer
versions ...)
TODO: check
CVE-2025-64750 (SingularityCE and SingularityPRO are open source container
platforms. ...)
@@ -46,13 +46,13 @@ CVE-2025-64750 (SingularityCE and SingularityPRO are open
source container platf
CVE-2025-64070 (Sourcecodester Student Grades Management System v1.0 is
vulnerable to ...)
NOT-FOR-US: SourceCodester
CVE-2025-63872 (DeepSeek V3.2 has a Cross Site Scripting (XSS) vulnerability,
which al ...)
- TODO: check
+ NOT-FOR-US: DeepSeek
CVE-2025-61729 (Within HostnameError.Error(), when constructing an error
string, there ...)
TODO: check
CVE-2025-60854 (A vulnerability has been found in D-Link R15 (AX1500) 1.20.01
and belo ...)
NOT-FOR-US: D-Link
CVE-2025-60736 (code-projects Online Medicine Guide 1.0 is vulnerable to SQL
Injection ...)
- TODO: check
+ NOT-FOR-US: code-projects Online Medicine Guide
CVE-2025-59705 (Entrust nShield Connect XC, nShield 5c, and nShield HSMi
through 13.6. ...)
TODO: check
CVE-2025-59704 (Entrust nShield Connect XC, nShield 5c, and nShield HSMi
through 13.6. ...)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/bcfeb86f2beab9bb8664f7fddf2c59f63d3f157b
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/bcfeb86f2beab9bb8664f7fddf2c59f63d3f157b
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
