[Git][security-tracker-team/security-tracker][master] Process some NFUs

Salvatore Bonaccorso (@carnil) Wed, 03 Dec 2025 13:08:28 -0800


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker



Commits:
851eb257 by Salvatore Bonaccorso at 2025-12-03T22:07:24+01:00
Process some NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -18,21 +18,21 @@ CVE-2025-66222 (DeepChat is a smart assistant uses 
artificial intelligence. In 0
 CVE-2025-66220 (Envoy is a high-performance edge/middle/service proxy. In 
1.33.12, 1.3 ...)
        - envoyproxy <itp> (bug #987544)
 CVE-2025-66208 (Collabora Online - Built-in CODE Server (richdocumentscode) 
provides a ...)
-       TODO: check
+       NOT-FOR-US: Collabora Online - Built-in CODE Server
 CVE-2025-66032 (Claude Code is an agentic coding tool. Prior to 1.0.93, Due to 
errors  ...)
-       TODO: check
+       NOT-FOR-US: Claude Code
 CVE-2025-65843 (Aquarius Desktop 3.0.069 for macOS contains an insecure file 
handling  ...)
-       TODO: check
+       NOT-FOR-US: Aquarius Desktop
 CVE-2025-65842 (The Aquarius HelperTool (1.0.003) privileged XPC service on 
macOS cont ...)
-       TODO: check
+       NOT-FOR-US: Aquarius HelperTool
 CVE-2025-65841 (Aquarius Desktop 3.0.069 for macOS stores user authentication 
credenti ...)
-       TODO: check
+       NOT-FOR-US: Aquarius Desktop
 CVE-2025-65345 (alexusmai laravel-file-manager 3.3.1 and below is vulnerable 
to Direct ...)
        TODO: check
 CVE-2025-65320 (Abacre Restaurant Point of Sale (POS) up to 15.0.0.1656 are 
vulnerable ...)
-       TODO: check
+       NOT-FOR-US: Abacre Restaurant Point of Sale (POS)
 CVE-2025-65267 (In ERPNext v15.83.2 and Frappe Framework v15.86.0, improper 
validation ...)
-       TODO: check
+       NOT-FOR-US: ERPNext
 CVE-2025-65097 (RomM (ROM Manager) allows users to scan, enrich, browse and 
play their ...)
        TODO: check
 CVE-2025-65096 (RomM (ROM Manager) allows users to scan, enrich, browse and 
play their ...)
@@ -44,35 +44,35 @@ CVE-2025-64763 (Envoy is a high-performance 
edge/middle/service proxy. In 1.33.1
 CVE-2025-64527 (Envoy is a high-performance edge/middle/service proxy. In 
1.33.12, 1.3 ...)
        - envoyproxy <itp> (bug #987544)
 CVE-2025-64443 (MCP Gateway allows easy and secure running and deployment of 
MCP serve ...)
-       TODO: check
+       NOT-FOR-US: MCP Gateway
 CVE-2025-63402 (An issue in HCL Technologies Limited HCLTech GRAGON before 
v.7.6.0 all ...)
-       TODO: check
+       NOT-FOR-US: HCL
 CVE-2025-63401 (Cross Site Scripting vulnerability in HCL Technologies Limited 
HCLTech ...)
-       TODO: check
+       NOT-FOR-US: HCL
 CVE-2025-62686 (A local privilege escalation vulnerability exists in the 
Plugin Allian ...)
        TODO: check
 CVE-2025-57202 (A stored cross-site scripting (XSS) vulnerability in the 
PwdGrp.cgi en ...)
-       TODO: check
+       NOT-FOR-US: AVTECH
 CVE-2025-57201 (AVTECH SECURITY Corporation DGM1104 
FullImg-1015-1004-1006-1003 was di ...)
-       TODO: check
+       NOT-FOR-US: AVTECH
 CVE-2025-57200 (AVTECH SECURITY Corporation DGM1104 
FullImg-1015-1004-1006-1003 was di ...)
-       TODO: check
+       NOT-FOR-US: AVTECH
 CVE-2025-57199 (AVTECH SECURITY Corporation DGM1104 
FullImg-1015-1004-1006-1003 was di ...)
-       TODO: check
+       NOT-FOR-US: AVTECH
 CVE-2025-57198 (AVTECH SECURITY Corporation DGM1104 
FullImg-1015-1004-1006-1003 was di ...)
-       TODO: check
+       NOT-FOR-US: AVTECH
 CVE-2025-55182 (A pre-authentication remote code execution vulnerability 
exists in Rea ...)
        TODO: check
 CVE-2025-55076 (A local privilege escalation vulnerability exists in the 
InstallationH ...)
        TODO: check
 CVE-2025-54326 (An issue was discovered in Camera in Samsung Mobile Processor 
Exynos 1 ...)
-       TODO: check
+       NOT-FOR-US: Samsung
 CVE-2025-54065 (GZDoom is a feature centric port for all Doom engine games. 
GZDoom is  ...)
        TODO: check
 CVE-2025-53965 (An issue was discovered in Samsung Mobile Processor, Wearable 
Processo ...)
-       TODO: check
+       NOT-FOR-US: Samsung
 CVE-2025-53841 (Akamai Guardicore Platform Agent before 52.1.1 allows an 
unprivileged  ...)
-       TODO: check
+       NOT-FOR-US: Akamai Guardicore Platform Agent
 CVE-2025-50361 (Buffer Overflow was found in SmallBASIC community SmallBASIC 
with SDL  ...)
        TODO: check
 CVE-2025-50360 (A heap buffer overflow in compiler.c and compiler.h in Pepper 
language ...)
@@ -110,7 +110,7 @@ CVE-2025-20381 (In Splunk MCP Server app versions below 
0.2.4, a user with acces
 CVE-2025-13992 (Side-channel information leakage in Navigation and Loading in 
Google C ...)
        TODO: check
 CVE-2025-13949 (A vulnerability was identified in ProudMuBai GoFilm 
1.0.0/1.0.1. Impac ...)
-       TODO: check
+       NOT-FOR-US: ProudMuBai GoFilm
 CVE-2025-13948 (A vulnerability was determined in opsre go-ldap-admin up to 
20251011.  ...)
        TODO: check
 CVE-2025-13947 (A flaw was found in WebKitGTK. This vulnerability allows 
remote, user- ...)



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/851eb2570a498d39afd7f37ae743190e71068862

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/851eb2570a498d39afd7f37ae743190e71068862
You're receiving this email because of your account on salsa.debian.org.

_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

[Git][security-tracker-team/security-tracker][master] Process some NFUs

Reply via email to