Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
8abed432 by Salvatore Bonaccorso at 2025-12-04T07:47:38+01:00
Process some NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -33,7 +33,7 @@ CVE-2025-65842 (The Aquarius HelperTool (1.0.003) privileged
XPC service on macO
CVE-2025-65841 (Aquarius Desktop 3.0.069 for macOS stores user authentication
credenti ...)
NOT-FOR-US: Aquarius Desktop
CVE-2025-65345 (alexusmai laravel-file-manager 3.3.1 and below is vulnerable
to Direct ...)
- TODO: check
+ NOT-FOR-US: alexusmai laravel-file-manager
CVE-2025-65320 (Abacre Restaurant Point of Sale (POS) up to 15.0.0.1656 are
vulnerable ...)
NOT-FOR-US: Abacre Restaurant Point of Sale (POS)
CVE-2025-65267 (In ERPNext v15.83.2 and Frappe Framework v15.86.0, improper
validation ...)
@@ -55,7 +55,7 @@ CVE-2025-63402 (An issue in HCL Technologies Limited HCLTech
GRAGON before v.7.6
CVE-2025-63401 (Cross Site Scripting vulnerability in HCL Technologies Limited
HCLTech ...)
NOT-FOR-US: HCL
CVE-2025-62686 (A local privilege escalation vulnerability exists in the
Plugin Allian ...)
- TODO: check
+ NOT-FOR-US: Plugin Alliance Installation Manager
CVE-2025-57202 (A stored cross-site scripting (XSS) vulnerability in the
PwdGrp.cgi en ...)
NOT-FOR-US: AVTECH
CVE-2025-57201 (AVTECH SECURITY Corporation DGM1104
FullImg-1015-1004-1006-1003 was di ...)
@@ -69,7 +69,7 @@ CVE-2025-57198 (AVTECH SECURITY Corporation DGM1104
FullImg-1015-1004-1006-1003
CVE-2025-55182 (A pre-authentication remote code execution vulnerability
exists in Rea ...)
TODO: check
CVE-2025-55076 (A local privilege escalation vulnerability exists in the
InstallationH ...)
- TODO: check
+ NOT-FOR-US: Plugin Alliance Installation Manager
CVE-2025-54326 (An issue was discovered in Camera in Samsung Mobile Processor
Exynos 1 ...)
NOT-FOR-US: Samsung
CVE-2025-54065 (GZDoom is a feature centric port for all Doom engine games.
GZDoom is ...)
@@ -93,7 +93,7 @@ CVE-2025-33208 (NVIDIA TAO contains a vulnerability where an
attacker may cause
CVE-2025-33201 (NVIDIA Triton Inference Server contains a vulnerability where
an attac ...)
NOT-FOR-US: NVIDIA
CVE-2025-29864 (Protection Mechanism Failure vulnerability in ESTsoft ALZip on
Windows ...)
- TODO: check
+ NOT-FOR-US: ALZip
CVE-2025-20389 (In Splunk Enterprise versions below 10.0.2, 9.4.6, 9.3.8, and
9.2.10, ...)
NOT-FOR-US: Cisco
CVE-2025-20388 (In Splunk Enterprise versions below 10.0.1, 9.4.6, 9.3.8, and
9.2.10, ...)
@@ -117,7 +117,7 @@ CVE-2025-13992 (Side-channel information leakage in
Navigation and Loading in Go
CVE-2025-13949 (A vulnerability was identified in ProudMuBai GoFilm
1.0.0/1.0.1. Impac ...)
NOT-FOR-US: ProudMuBai GoFilm
CVE-2025-13948 (A vulnerability was determined in opsre go-ldap-admin up to
20251011. ...)
- TODO: check
+ NOT-FOR-US: opsre go-ldap-admin
CVE-2025-13947 (A flaw was found in WebKitGTK. This vulnerability allows
remote, user- ...)
TODO: check
CVE-2025-13756 (The Fluent Booking plugin for WordPress is vulnerable to
unauthorized ...)
@@ -127,7 +127,7 @@ CVE-2025-13751 (Interactive service agent in OpenVPN
version 2.5.0 through 2.7_r
CVE-2025-13492 (A potential security vulnerability has been identified in HP
Image Ass ...)
NOT-FOR-US: HP
CVE-2025-13472 (A fix was made in BlazeMeter Jenkins Plugin version 4.27 to
allow user ...)
- TODO: check
+ NOT-FOR-US: BlazeMeter Jenkins Plugin
CVE-2025-13401 (The Autoptimize plugin for WordPress is vulnerable to Stored
Cross-Sit ...)
NOT-FOR-US: WordPress plugin
CVE-2025-13390 (The WP Directory Kit plugin for WordPress is vulnerable to
authenticat ...)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/8abed43298e30ea1826bc2c21a81efc78fcb14f7
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/8abed43298e30ea1826bc2c21a81efc78fcb14f7
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
