Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
1254c45b by Salvatore Bonaccorso at 2025-12-11T21:38:09+01:00
Process some NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -45,13 +45,13 @@ CVE-2025-66043 (Several stack-based buffer overflow
vulnerabilities exists in th
NOTE: https://sourceforge.net/p/biosig/mailman/message/59271419/
NOTE:
https://talosintelligence.com/vulnerability_reports/TALOS-2025-2296
CVE-2025-65474 (An arbitrary file rename vulnerability in the
/admin/manager.php compo ...)
- TODO: check
+ NOT-FOR-US: EasyImages
CVE-2025-65473 (An arbitrary file rename vulnerability in the /admin/filer.php
compone ...)
- TODO: check
+ NOT-FOR-US: EasyImages
CVE-2025-65472 (A Cross-Site Request Forgery (CSRF) in the
/admin/admin.inc.php compon ...)
- TODO: check
+ NOT-FOR-US: EasyImages
CVE-2025-65471 (An arbitrary file upload vulnerability in the
/admin/manager.php compo ...)
- TODO: check
+ NOT-FOR-US: EasyImages
CVE-2025-64995 (A privilege escalation vulnerability was discovered in
TeamViewer DEX ...)
NOT-FOR-US: TeamViewer
CVE-2025-64994 (A privilege escalation vulnerability was discovered in
TeamViewer DEX ...)
@@ -73,91 +73,91 @@ CVE-2025-64987 (A command injection vulnerability was
discovered in TeamViewer D
CVE-2025-64986 (A command injection vulnerability was discovered in TeamViewer
DEX (fo ...)
NOT-FOR-US: TeamViewer
CVE-2025-64701 (QND Premium/Advance/Standard Ver.11.0.9i and prior contains a
privileg ...)
- TODO: check
+ NOT-FOR-US: QND Premium/Advance/Standard
CVE-2025-64669 (Improper access control in Windows Admin Center allows an
authorized a ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2025-59803 (Foxit PDF Editor and Reader before 2025.2.1 allow signature
spoofing v ...)
NOT-FOR-US: Foxit
CVE-2025-59802 (Foxit PDF Editor and Reader before 2025.2.1 allow signature
spoofing v ...)
NOT-FOR-US: Foxit
CVE-2025-56130 (OS Command Injection vulnerability in Ruijie RG-S1930
S1930SWITCH_3.0( ...)
- TODO: check
+ NOT-FOR-US: Ruijie
CVE-2025-56129 (OS Command Injection vulnerability in Ruijie RG-BCR RG-BCR860
allowing ...)
- TODO: check
+ NOT-FOR-US: Ruijie
CVE-2025-56127 (OS Command Injection vulnerability in Ruijie RG-BCR RG-BCR600W
allowin ...)
- TODO: check
+ NOT-FOR-US: Ruijie
CVE-2025-56124 (OS Command Injection vulnerability in Ruijie X60 PRO
X60_10212014RG-X6 ...)
- TODO: check
+ NOT-FOR-US: Ruijie
CVE-2025-56123 (OS Command Injection vulnerability in Ruijie RG-EW1200G PRO
RG-EW1200G ...)
- TODO: check
+ NOT-FOR-US: Ruijie
CVE-2025-56122 (OS Command Injection vulnerability in Ruijie RG-EW1800GX PRO
B11P226_E ...)
- TODO: check
+ NOT-FOR-US: Ruijie
CVE-2025-56120 (OS Command Injection vulnerability in Ruijie X60 PRO
X60_10212014RG-X6 ...)
- TODO: check
+ NOT-FOR-US: Ruijie
CVE-2025-56118 (OS Command Injection vulnerability in Ruijie X60 PRO
X60_10212014RG-X6 ...)
- TODO: check
+ NOT-FOR-US: Ruijie
CVE-2025-56117 (OS Command Injection vulnerability in Ruijie X30-PRO
X30-PRO-V1_092415 ...)
- TODO: check
+ NOT-FOR-US: Ruijie
CVE-2025-56114 (OS Command Injection vulnerability in Ruijie M18
EW_3.0(1)B11P226_M18_ ...)
- TODO: check
+ NOT-FOR-US: Ruijie
CVE-2025-56113 (OS Command Injection vulnerability in Ruijie RG-YST EST,
YSTAP_3.0(1)B ...)
- TODO: check
+ NOT-FOR-US: Ruijie
CVE-2025-56111 (OS Command Injection vulnerability in Ruijie RG-BCR RG-BCR860
allowing ...)
- TODO: check
+ NOT-FOR-US: Ruijie
CVE-2025-56110 (OS Command Injection vulnerability in Ruijie RG-BCR RG-BCR860
allowing ...)
- TODO: check
+ NOT-FOR-US: Ruijie
CVE-2025-56109 (OS Command Injection vulnerability in Ruijie RG-BCR RG-BCR860
allowing ...)
- TODO: check
+ NOT-FOR-US: Ruijie
CVE-2025-56108 (OS Command Injection vulnerability in Ruijie X30-PRO
X30-PRO-V1_092415 ...)
- TODO: check
+ NOT-FOR-US: Ruijie
CVE-2025-56107 (OS Command Injection vulnerability in Ruijie RG-BCR RG-BCR600W
allowin ...)
- TODO: check
+ NOT-FOR-US: Ruijie
CVE-2025-56106 (OS Command Injection vulnerability in Ruijie RG-EW1800GX
B11P226_EW180 ...)
- TODO: check
+ NOT-FOR-US: Ruijie
CVE-2025-56102 (OS Command Injection vulnerability in Ruijie RG-EW1800GX
B11P226_EW180 ...)
- TODO: check
+ NOT-FOR-US: Ruijie
CVE-2025-56101 (OS Command Injection vulnerability in Ruijie M18
EW_3.0(1)B11P226_M18_ ...)
- TODO: check
+ NOT-FOR-US: Ruijie
CVE-2025-56099 (OS Command Injection vulnerability in Ruijie RG-YST
AP_3.0(1)B11P280YS ...)
- TODO: check
+ NOT-FOR-US: Ruijie
CVE-2025-56098 (OS Command Injection vulnerability in Ruijie X30-PRO
X30-PRO-V1_092415 ...)
- TODO: check
+ NOT-FOR-US: Ruijie
CVE-2025-56097 (OS Command Injection vulnerability in Ruijie RG-EW1800GX PRO
B11P226_E ...)
- TODO: check
+ NOT-FOR-US: Ruijie
CVE-2025-56096 (OS Command Injection vulnerability in Ruijie RG-BCR RG-BCR600W
allowin ...)
- TODO: check
+ NOT-FOR-US: Ruijie
CVE-2025-56095 (OS Command Injection vulnerability in Ruijie RG-EW1200G PRO
RG-EW1200G ...)
- TODO: check
+ NOT-FOR-US: Ruijie
CVE-2025-56094 (OS Command Injection vulnerability in Ruijie X30-PRO
X30-PRO-V1_092415 ...)
- TODO: check
+ NOT-FOR-US: Ruijie
CVE-2025-56093 (OS Command Injection vulnerability in Ruijie X30-PRO
X30-PRO-V1_092415 ...)
- TODO: check
+ NOT-FOR-US: Ruijie
CVE-2025-56092 (OS Command Injection vulnerability in Ruijie X30 PRO V1
X30-PRO-V1_092 ...)
- TODO: check
+ NOT-FOR-US: Ruijie
CVE-2025-56091 (OS Command Injection vulnerability in Ruijie RG-EW1800GX
B11P226_EW180 ...)
- TODO: check
+ NOT-FOR-US: Ruijie
CVE-2025-56090 (OS Command Injection vulnerability in Ruijie RG-EW1200G PRO
RG-EW1200G ...)
- TODO: check
+ NOT-FOR-US: Ruijie
CVE-2025-56089 (OS Command Injection vulnerability in Ruijie M18
EW_3.0(1)B11P226_M18_ ...)
- TODO: check
+ NOT-FOR-US: Ruijie
CVE-2025-56088 (OS Command Injection vulnerability in Ruijie RG-BCR RG-BCR860
allowing ...)
- TODO: check
+ NOT-FOR-US: Ruijie
CVE-2025-56087 (OS Command Injection vulnerability in Ruijie RG-BCR RG-BCR600W
allowin ...)
- TODO: check
+ NOT-FOR-US: Ruijie
CVE-2025-56086 (OS Command Injection vulnerability in Ruijie RG-EW1200
EW_3.0(1)B11P22 ...)
- TODO: check
+ NOT-FOR-US: Ruijie
CVE-2025-56085 (OS Command Injection vulnerability in Ruijie RG-EW1200
EW_3.0(1)B11P22 ...)
- TODO: check
+ NOT-FOR-US: Ruijie
CVE-2025-56084 (OS Command Injection vulnerability in Ruijie RG-EW1800GX PRO
B11P226_E ...)
- TODO: check
+ NOT-FOR-US: Ruijie
CVE-2025-56083 (OS Command Injection vulnerability in Ruijie X30-PRO
X30-PRO-V1_092415 ...)
- TODO: check
+ NOT-FOR-US: Ruijie
CVE-2025-56082 (OS Command Injection vulnerability in Ruijie RG-BCR RG-BCR600W
allowin ...)
- TODO: check
+ NOT-FOR-US: Ruijie
CVE-2025-56079 (OS Command Injection vulnerability in Ruijie RG-EW1300G
EW1300G V1.00/ ...)
- TODO: check
+ NOT-FOR-US: Ruijie
CVE-2025-56077 (OS Command Injection vulnerability in Ruijie RG-RAP2200(E) 247
2200 al ...)
- TODO: check
+ NOT-FOR-US: Ruijie
CVE-2025-55314 (An issue was discovered in Foxit PDF and Editor for Windows
and macOS ...)
NOT-FOR-US: Foxit
CVE-2025-55313 (An issue was discovered in Foxit PDF and Editor for Windows
and macOS ...)
@@ -223,15 +223,15 @@ CVE-2025-36912 (In cellular modem, there is a possible
denial of service due to
CVE-2025-36889 (In onCreateTasks of CameraActivity.java, there is a possible
permissio ...)
NOT-FOR-US: Google devices
CVE-2025-14535 (A vulnerability was identified in UTT \u8fdb\u53d6 512W up to
3.1.7.7- ...)
- TODO: check
+ NOT-FOR-US: UTT
CVE-2025-14534 (A vulnerability was determined in UTT \u8fdb\u53d6 512W up to
3.1.7.7- ...)
- TODO: check
+ NOT-FOR-US: UTT
CVE-2025-14531 (A vulnerability was found in code-projects Rental Management
System 2. ...)
NOT-FOR-US: code-projects
CVE-2025-14530 (A vulnerability has been found in SourceCodester Real Estate
Property ...)
NOT-FOR-US: SourceCodester
CVE-2025-14529 (A flaw has been found in Campcodes Retro Basketball Shoes
Online Store ...)
- TODO: check
+ NOT-FOR-US: Campcodes Retro Basketball Shoes Online Store
CVE-2025-14528 (A vulnerability was detected in D-Link DIR-803 up to 1.04.
Impacted is ...)
NOT-FOR-US: D-Link
CVE-2025-14527 (A weakness has been identified in projectworlds Advanced
Library Manag ...)
@@ -241,19 +241,19 @@ CVE-2025-14526 (A security flaw has been discovered in
Tenda CH22 1.0.0.1. This
CVE-2025-14523 (A flaw in libsoup\u2019s HTTP header handling allows multiple
Host: he ...)
TODO: check
CVE-2025-14522 (A vulnerability was detected in baowzh hfly up to
638ff9abe9078bc977c1 ...)
- TODO: check
+ NOT-FOR-US: baowzh hfly
CVE-2025-14521 (A security vulnerability has been detected in baowzh hfly up
to 638ff9 ...)
- TODO: check
+ NOT-FOR-US: baowzh hfly
CVE-2025-14520 (A weakness has been identified in baowzh hfly up to
638ff9abe9078bc977 ...)
- TODO: check
+ NOT-FOR-US: baowzh hfly
CVE-2025-14519 (A security flaw has been discovered in baowzh hfly up to
638ff9abe9078 ...)
- TODO: check
+ NOT-FOR-US: baowzh hfly
CVE-2025-14518 (A vulnerability was identified in PowerJob up to 5.1.2. This
vulnerabi ...)
- TODO: check
+ NOT-FOR-US: PowerJob
CVE-2025-14517 (A vulnerability was determined in Yalantis uCrop 2.2.11. This
affects ...)
- TODO: check
+ NOT-FOR-US: Yalantis uCrop
CVE-2025-14516 (A vulnerability was found in Yalantis uCrop 2.2.11. Affected
by this i ...)
- TODO: check
+ NOT-FOR-US: Yalantis uCrop
CVE-2025-14515 (A vulnerability has been found in Campcodes Supplier
Management System ...)
NOT-FOR-US: Campcodes
CVE-2025-14514 (A flaw has been found in Campcodes Supplier Management System
1.0. Aff ...)
@@ -261,7 +261,7 @@ CVE-2025-14514 (A flaw has been found in Campcodes Supplier
Management System 1.
CVE-2025-14281
REJECTED
CVE-2025-14265 (In versions of ScreenConnect\u2122 prior to 25.8, server-side
validati ...)
- TODO: check
+ NOT-FOR-US: ScreenConnect
CVE-2025-14046 (An improper neutralization of input vulnerability was
identified in Gi ...)
NOT-FOR-US: Github Enterprise Server
CVE-2025-13912 (Multiple constant-time implementations in wolfSSL before
version 5.8.4 ...)
@@ -277,9 +277,9 @@ CVE-2025-13211 (IBM Aspera Orchestrator 4.0.0 through 4.1.0
could allow an authe
CVE-2025-13148 (IBM Aspera Orchestrator 4.0.0 through 4.1.0 could allow could
an authe ...)
NOT-FOR-US: IBM
CVE-2025-13124 (Authorization Bypass Through User-Controlled Key vulnerability
in Neti ...)
- TODO: check
+ NOT-FOR-US: ApplyLogic
CVE-2025-13003 (Authorization Bypass Through User-Controlled Key vulnerability
in Aksi ...)
- TODO: check
+ NOT-FOR-US: AxOnboard
CVE-2025-12687 (A vulnerability in TeamViewer DEX Client (former 1E Client) -
Content ...)
NOT-FOR-US: TeamViewer
CVE-2025-12532
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/1254c45bc0351afb13c74633e2d5a6f702bb9620
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/1254c45bc0351afb13c74633e2d5a6f702bb9620
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
