Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
f0beade3 by security tracker role at 2025-12-10T08:14:15+00:00
automatic NOT-FOR-US entries update
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,7 +1,7 @@
CVE-2025-9571 (A remote code execution (RCE) vulnerability exists in Google
Cloud Dat ...)
TODO: check
CVE-2025-9056 (Unprotected service in the AudioLink component allows a local
attacker ...)
- TODO: check
+ NOT-FOR-US: TECNO Mobile
CVE-2025-67613
REJECTED
CVE-2025-67612
@@ -29,7 +29,7 @@ CVE-2025-67503
CVE-2025-67502 (Taguette is an open source qualitative research tool. In
versions 1.5. ...)
TODO: check
CVE-2025-67501 (WeGIA is an open source Web Manager for Institutions with a
focus on P ...)
- TODO: check
+ NOT-FOR-US: WeGIA
CVE-2025-67500 (Mastodon is a free, open-source social network server based on
Activit ...)
TODO: check
CVE-2025-67499 (The CNI portmap plugin allows containers to emulate opening a
host por ...)
@@ -39,7 +39,7 @@ CVE-2025-67498
CVE-2025-67497
REJECTED
CVE-2025-67496 (WeGIA is an open source Web Manager for Institutions with a
focus on P ...)
- TODO: check
+ NOT-FOR-US: WeGIA
CVE-2025-67495 (ZITADEL is an open-source identity infrastructure tool.
Versions 4.0.0 ...)
TODO: check
CVE-2025-67494 (ZITADEL is an open-source identity infrastructure tool.
Versions 4.7.0 ...)
@@ -55,7 +55,7 @@ CVE-2025-66645 (NiceGUI is a Python-based UI framework.
Versions 3.3.1 and below
CVE-2025-66626 (Argo Workflows is an open source container-native workflow
engine for ...)
TODO: check
CVE-2025-66625 (Umbraco is an ASP.NET CMS. Due to unsafe handling and deletion
of temp ...)
- TODO: check
+ NOT-FOR-US: Umbraco CMS
CVE-2025-66457 (Elysia is a Typescript framework for request validation, type
inferenc ...)
TODO: check
CVE-2025-66039 (FreePBX Endpoint Manager is a module for managing telephony
endpoints ...)
@@ -63,55 +63,55 @@ CVE-2025-66039 (FreePBX Endpoint Manager is a module for
managing telephony endp
CVE-2025-65513 (fetch-mcp v1.0.2 and before is vulnerable to Server-Side
Request Forge ...)
TODO: check
CVE-2025-64899 (Acrobat Reader versions 24.001.30264, 20.005.30793,
25.001.20982, 24.0 ...)
- TODO: check
+ NOT-FOR-US: Adobe
CVE-2025-64898 (ColdFusion versions 2025.4, 2023.16, 2021.22 and earlier are
affected ...)
- TODO: check
+ NOT-FOR-US: Adobe
CVE-2025-64897 (ColdFusion versions 2025.4, 2023.16, 2021.22 and earlier are
affected ...)
- TODO: check
+ NOT-FOR-US: Adobe
CVE-2025-64896 (Creative Cloud Desktop versions 6.4.0.361 and earlier are
affected by ...)
- TODO: check
+ NOT-FOR-US: Adobe
CVE-2025-64787 (Acrobat Reader versions 24.001.30264, 20.005.30793,
25.001.20982, 24.0 ...)
- TODO: check
+ NOT-FOR-US: Adobe
CVE-2025-64786 (Acrobat Reader versions 24.001.30264, 20.005.30793,
25.001.20982, 24.0 ...)
- TODO: check
+ NOT-FOR-US: Adobe
CVE-2025-64785 (Acrobat Reader versions 24.001.30264, 20.005.30793,
25.001.20982, 24.0 ...)
- TODO: check
+ NOT-FOR-US: Adobe
CVE-2025-61823 (ColdFusion versions 2025.4, 2023.16, 2021.22 and earlier are
affected ...)
- TODO: check
+ NOT-FOR-US: Adobe
CVE-2025-61822 (ColdFusion versions 2025.4, 2023.16, 2021.22 and earlier are
affected ...)
- TODO: check
+ NOT-FOR-US: Adobe
CVE-2025-61821 (ColdFusion versions 2025.4, 2023.16, 2021.22 and earlier are
affected ...)
- TODO: check
+ NOT-FOR-US: Adobe
CVE-2025-61813 (ColdFusion versions 2025.4, 2023.16, 2021.22 and earlier are
affected ...)
- TODO: check
+ NOT-FOR-US: Adobe
CVE-2025-61812 (ColdFusion versions 2025.4, 2023.16, 2021.22 and earlier are
affected ...)
- TODO: check
+ NOT-FOR-US: Adobe
CVE-2025-61811 (ColdFusion versions 2025.4, 2023.16, 2021.22 and earlier are
affected ...)
- TODO: check
+ NOT-FOR-US: Adobe
CVE-2025-61810 (ColdFusion versions 2025.4, 2023.16, 2021.22 and earlier are
affected ...)
- TODO: check
+ NOT-FOR-US: Adobe
CVE-2025-61809 (ColdFusion versions 2025.4, 2023.16, 2021.22 and earlier are
affected ...)
- TODO: check
+ NOT-FOR-US: Adobe
CVE-2025-61808 (ColdFusion versions 2025.4, 2023.16, 2021.22 and earlier are
affected ...)
- TODO: check
+ NOT-FOR-US: Adobe
CVE-2025-36437 (IBM Planning Analytics Local2.1.0 -2.1.15 could disclose
sensitive inf ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2025-34425 (MailEnable versions prior to 10.54 contain a reflected
cross-site scri ...)
- TODO: check
+ NOT-FOR-US: MailEnable
CVE-2025-13760
REJECTED
CVE-2025-13743 (Docker Desktop diagnostics bundles were found to include
expired Hub P ...)
- TODO: check
+ NOT-FOR-US: Docker products not packaged in Debian
CVE-2025-13677 (The Simple Download Counter plugin for WordPress is vulnerable
to Path ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-13613 (The Elated Membership plugin for WordPress is vulnerable to
Authentica ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-13339 (The Hippoo Mobile App for WooCommerce plugin for WordPress is
vulnerab ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-13073 (The HandL UTM Grabber / Tracker WordPress plugin before 2.8.1
does not ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-13072 (The HandL UTM Grabber / Tracker WordPress plugin before 2.8.1
does not ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-12952 (A privilege escalation vulnerability exists in Google Cloud's
Dialogfl ...)
TODO: check
CVE-2023-53774 (MiniDVBLinux 5.4 contains a remote code execution
vulnerability in the ...)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/f0beade35e296d343289a10a937c544e33ce6b24
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/f0beade35e296d343289a10a937c544e33ce6b24
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
