[Git][security-tracker-team/security-tracker][master] NFUs

Moritz Muehlenhoff (@jmm) Fri, 19 Dec 2025 07:00:50 -0800


Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / 
security-tracker



Commits:
770d74fe by Moritz Muehlenhoff at 2025-12-19T16:00:11+01:00
NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -37,7 +37,7 @@ CVE-2025-68385 (Improper neutralization of input during web 
page generation ('Cr
 CVE-2025-68384 (Allocation of Resources Without Limits or Throttling (CWE-770) 
in Elas ...)
        - elasticsearch <removed>
 CVE-2025-68383 (Improper Validation of Specified Index, Position, or Offset in 
Input ( ...)
-       TODO: check
+       NOT-FOR-US: Elastic Filebeat
 CVE-2025-68382 (Out-of-bounds read (CWE-125) allows an unauthenticated remote 
attacker ...)
        - packetbeat <itp> (bug #806484)
 CVE-2025-68381 (Improper Bounds Check (CWE-787) in Packetbeat can allow a 
remote unaut ...)
@@ -117,15 +117,15 @@ CVE-2025-63948 (A SQL Injection vulnerability exists in 
phpMsAdmin version 2.2 i
 CVE-2025-63947 (A Reflected Cross-Site Scripting (XSS) vulnerability exists in 
phpMsAd ...)
        NOT-FOR-US: phpMsAdmin
 CVE-2025-62004 (BullWall Server Intrusion Protection services are initialized 
after lo ...)
-       TODO: check
+       NOT-FOR-US: BullWall
 CVE-2025-62003 (BullWall Server Intrusion Protection has a noticeable delay 
before the ...)
-       TODO: check
+       NOT-FOR-US: BullWall
 CVE-2025-62002 (BullWall Ransomware Containment relies on the number of file 
modificat ...)
-       TODO: check
+       NOT-FOR-US: BullWall
 CVE-2025-62001 (BullWall Ransomware Containment contains excluded file paths, 
such as  ...)
-       TODO: check
+       NOT-FOR-US: BullWall
 CVE-2025-62000 (BullWall Ransomware Containment does not entirely inspect a 
file to de ...)
-       TODO: check
+       NOT-FOR-US: BullWall
 CVE-2025-59529 (Avahi is a system which facilitates service discovery on a 
local netwo ...)
        - avahi <unfixed>
        NOTE: 
https://github.com/avahi/avahi/security/advisories/GHSA-73wf-3xmj-x82q
@@ -133,11 +133,11 @@ CVE-2025-59529 (Avahi is a system which facilitates 
service discovery on a local
 CVE-2025-53710 (Due to a product misconfiguration in certain deployment types, 
it was  ...)
        NOT-FOR-US: Palantir
 CVE-2025-52692 (Successful exploitation of the vulnerability could allow an 
attacker w ...)
-       TODO: check
+       NOT-FOR-US: Linksys
 CVE-2025-46268 (Advantech WebAccess/SCADA is vulnerable to SQL injection, 
which may al ...)
        NOT-FOR-US: Advantech
 CVE-2025-34452 (Streama versions 1.10.0 through 1.10.5 and prior to commit 
b7c8767 con ...)
-       TODO: check
+       NOT-FOR-US: Streama
 CVE-2025-34451 (rofl0r/proxychains-ng versions up to and including 4.17 and 
prior to c ...)
        TODO: check
 CVE-2025-34450 (merbanan/rtl_433 versions up to and including 25.02 and prior 
to commi ...)



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/770d74fe1bdfb8b1c269b4bc87d29b7f3011a61b

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/770d74fe1bdfb8b1c269b4bc87d29b7f3011a61b
You're receiving this email because of your account on salsa.debian.org.

_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

[Git][security-tracker-team/security-tracker][master] NFUs

Reply via email to