Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
3f487839 by Salvatore Bonaccorso at 2025-12-15T09:37:54+01:00
Process some NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,67 +1,67 @@
CVE-2025-67907
REJECTED
CVE-2025-67906 (In MISP before 2.5.28,
app/View/Elements/Workflows/executionPath.ctp a ...)
- TODO: check
+ NOT-FOR-US: MISP
CVE-2025-67901 (openrsync through 0.5.0, as used in OpenBSD through 7.8 and on
other p ...)
- TODO: check
+ NOT-FOR-US: openrsync
CVE-2025-67900 (NXLog Agent before 6.11 can load a file specified by the
OPENSSL_CONF ...)
- TODO: check
+ NOT-FOR-US: NXLog Agent
CVE-2025-67899 (uriparser through 0.9.9 allows unbounded recursion and stack
consumpti ...)
- uriparser <unfixed>
NOTE: https://github.com/uriparser/uriparser/issues/282
NOTE: https://github.com/uriparser/uriparser/pull/284
CVE-2025-67898 (MJML through 4.18.0 allows mj-include directory traversal to
test file ...)
- TODO: check
+ NOT-FOR-US: MJML
CVE-2025-14712 (Student Learning Assessment and Support System developed by
JHENG GAO ...)
- TODO: check
+ NOT-FOR-US: Student Learning Assessment and Support System
CVE-2025-14710 (A vulnerability was detected in FantasticLBP Hotels Server up
to 67b44 ...)
- TODO: check
+ NOT-FOR-US: FantasticLBP Hotels Server
CVE-2025-14709 (A security vulnerability has been detected in Shiguangwu
sgwbox N3 2.0 ...)
- TODO: check
+ NOT-FOR-US: Shiguangwu sgwbox N3
CVE-2025-14708 (A weakness has been identified in Shiguangwu sgwbox N3 2.0.25.
Affecte ...)
- TODO: check
+ NOT-FOR-US: Shiguangwu sgwbox
CVE-2025-14707 (A security flaw has been discovered in Shiguangwu sgwbox N3
2.0.25. Af ...)
- TODO: check
+ NOT-FOR-US: Shiguangwu sgwbox
CVE-2025-14706 (A vulnerability was identified in Shiguangwu sgwbox N3 2.0.25.
This im ...)
- TODO: check
+ NOT-FOR-US: Shiguangwu sgwbox
CVE-2025-14705 (A vulnerability was determined in Shiguangwu sgwbox N3 2.0.25.
This af ...)
- TODO: check
+ NOT-FOR-US: Shiguangwu sgwbox
CVE-2025-14704 (A vulnerability was found in Shiguangwu sgwbox N3 2.0.25. The
impacted ...)
- TODO: check
+ NOT-FOR-US: Shiguangwu sgwbox
CVE-2025-14703 (A vulnerability has been found in Shiguangwu sgwbox N3 2.0.25.
The aff ...)
- TODO: check
+ NOT-FOR-US: Shiguangwu sgwbox
CVE-2025-14702 (A flaw has been found in Smartbit CommV Smartschool App up to
10.4.4. ...)
- TODO: check
+ NOT-FOR-US: Smartbit CommV Smartschool App
CVE-2025-14699 (A security vulnerability has been detected in Municorn FAX App
3.27.0 ...)
- TODO: check
+ NOT-FOR-US: Municorn FAX App
CVE-2025-14698 (A weakness has been identified in atlaszz AI Photo Team
Galleryit App ...)
- TODO: check
+ NOT-FOR-US: atlaszz AI Photo Team Galleryit App
CVE-2025-14697 (A security flaw has been discovered in Shenzhen Sixun Software
Sixun S ...)
- TODO: check
+ NOT-FOR-US: Shenzhen Sixun Software Sixun Shanghui Group Business
Management System
CVE-2025-14696 (A vulnerability was identified in Shenzhen Sixun Software
Sixun Shangh ...)
- TODO: check
+ NOT-FOR-US: Shenzhen Sixun Software Sixun Shanghui Group Business
Management System
CVE-2025-14695 (A vulnerability was determined in SamuNatsu HaloBot up to
026b01d4a896 ...)
- TODO: check
+ NOT-FOR-US: SamuNatsu HaloBot
CVE-2025-14694 (A vulnerability was found in ketr JEPaaS up to 7.2.8. This
impacts the ...)
- TODO: check
+ NOT-FOR-US: ketr JEPaaS
CVE-2025-14693 (A vulnerability has been found in Ugreen DH2100+ up to 5.3.0.
This aff ...)
- TODO: check
+ NOT-FOR-US: Ugreen DH2100+
CVE-2025-14692 (A flaw has been found in Mayan EDMS up to 4.10.1. The impacted
element ...)
- TODO: check
+ NOT-FOR-US: Mayan EDMS
CVE-2025-14691 (A vulnerability was detected in Mayan EDMS up to 4.10.1. The
affected ...)
- TODO: check
+ NOT-FOR-US: Mayan EDMS
CVE-2025-14549 (In the Eclipse OMR compiler component, since release 0.7.0, an
optimiz ...)
TODO: check
CVE-2025-14023 (LINE client for iOS prior to 15.19 allows UI spoofing due to
inconsist ...)
- TODO: check
+ NOT-FOR-US: LINE client for iOS
CVE-2025-14022 (LINE client for iOS prior to 15.4 allows man-in-the-middle
attacks due ...)
- TODO: check
+ NOT-FOR-US: LINE client for iOS
CVE-2025-14021 (The in-app browser in LINE client for iOS versions prior to
14.14 is v ...)
- TODO: check
+ NOT-FOR-US: LINE client for iOS
CVE-2025-14020 (LINE client for Android versions prior to 14.20 contains a UI
spoofing ...)
- TODO: check
+ NOT-FOR-US: LINE client for Android
CVE-2025-14019 (LINE client for Android versions from 13.8 to 15.5 is
vulnerable to UI ...)
- TODO: check
+ NOT-FOR-US: LINE client for Android
CVE-2025-13740 (The Lightweight Accordion plugin for WordPress is vulnerable
to Stored ...)
NOT-FOR-US: WordPress plugin
CVE-2025-13355 (The URL Shortify WordPress plugin before 1.11.4 does not
sanitise and ...)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/3f487839415301d1b304e39757366a95b93e0793
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/3f487839415301d1b304e39757366a95b93e0793
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
