[Git][security-tracker-team/security-tracker][master] Process some NFUs

Salvatore Bonaccorso (@carnil) Thu, 08 Jan 2026 14:07:41 -0800


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker



Commits:
14e2378b by Salvatore Bonaccorso at 2026-01-08T23:07:12+01:00
Process some NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -210,57 +210,57 @@ CVE-2025-67911 (Deserialization of Untrusted Data 
vulnerability in Tribulant Sof
 CVE-2025-67910 (Unrestricted Upload of File with Dangerous Type vulnerability 
in conte ...)
        NOT-FOR-US: WordPress plugin or theme
 CVE-2025-67825 (An issue was discovered in Nitro PDF Pro for Windows before 
14.42.0.34 ...)
-       TODO: check
+       NOT-FOR-US: Nitro PDF Pro for Windows
 CVE-2025-67325 (Unrestricted file upload in the hotel review feature in 
QloApps versio ...)
-       TODO: check
+       NOT-FOR-US: QloApps
 CVE-2025-67091 (An issue in GL Inet GL.Inet AX1800 Version 4.6.4 & 4.6.8 are 
vulnerabl ...)
-       TODO: check
+       NOT-FOR-US: GL Inet GL.Inet AX1800
 CVE-2025-67090 (The LuCI web interface on Gl Inet GL.Inet AX1800 Version 4.6.4 
& 4.6.8 ...)
-       TODO: check
+       NOT-FOR-US: Gl Inet GL.Inet AX1800
 CVE-2025-67089 (A command injection vulnerability exists in the GL-iNet 
GL-AXT1800 rou ...)
-       TODO: check
+       NOT-FOR-US: GL-iNet
 CVE-2025-66916 (The snailjob component in RuoYi-Vue-Plus versions 5.5.1 and 
earlier, i ...)
-       TODO: check
+       NOT-FOR-US: RuoYi-Vue-Plus
 CVE-2025-66913 (JimuReport thru version 2.1.3 is vulnerable to remote code 
execution w ...)
-       TODO: check
+       NOT-FOR-US: JimuReport
 CVE-2025-66001 (NeuVector supports login authentication through OpenID 
Connect. Howeve ...)
-       TODO: check
+       NOT-FOR-US: NeuVector
 CVE-2025-65731 (An issue was discovered in D-Link Router DIR-605L (Hardware 
version F1 ...)
        NOT-FOR-US: D-Link
 CVE-2025-65518 (Plesk Obsidian versions 8.0.1 through 18.0.73 are vulnerable 
to a Deni ...)
-       TODO: check
+       NOT-FOR-US: Plesk Obsidian
 CVE-2025-63611 (Cross-Site Scripting in phpgurukul Hostel Management System 
v2.1 user- ...)
        NOT-FOR-US: PHPGurukul
 CVE-2025-62877 (Projects using the SUSE Virtualization (Harvester) environment 
mayexpo ...)
        TODO: check
 CVE-2025-61550 (Cross-Site Scripting (XSS) is present on the 
ctl00_Content01_fieldValu ...)
-       TODO: check
+       NOT-FOR-US: edu Business Solutions Print Shop Pro WebDesk
 CVE-2025-61549 (Cross-Site Scripting (XSS) is present on the LoginID parameter 
on the  ...)
-       TODO: check
+       NOT-FOR-US: edu Business Solutions Print Shop Pro WebDesk
 CVE-2025-61548 (SQL Injection is present on the hfInventoryDistFormID 
parameter in the ...)
-       TODO: check
+       NOT-FOR-US: edu Business Solutions Print Shop Pro WebDesk
 CVE-2025-61547 (Cross-Site Request Forgery (CSRF) is present on all functions 
in edu B ...)
-       TODO: check
+       NOT-FOR-US: edu Business Solutions Print Shop Pro WebDesk
 CVE-2025-61546 (There is an issue on the 
/PSP/appNET/Store/CartV12.aspx/GetUnitPrice e ...)
-       TODO: check
+       NOT-FOR-US: edu Business Solutions Print Shop Pro WebDesk
 CVE-2025-61246 (indieka900 online-shopping-system-php 1.0 is vulnerable to SQL 
Injecti ...)
-       TODO: check
+       NOT-FOR-US: indieka900 online-shopping-system-php
 CVE-2025-59470 (This vulnerability allows a Backup Operator to perform remote 
code exe ...)
-       TODO: check
+       NOT-FOR-US: Veeam
 CVE-2025-59469 (This vulnerability allows a Backup or Tape Operator to write 
files as  ...)
-       TODO: check
+       NOT-FOR-US: Veeam
 CVE-2025-59468 (This vulnerability allows a Backup Administrator to perform 
remote cod ...)
-       TODO: check
+       NOT-FOR-US: Veeam
 CVE-2025-56425 (An issue was discovered in the AppConnector component version 
10.10.0. ...)
-       TODO: check
+       NOT-FOR-US: enaio
 CVE-2025-56424 (An issue in Insiders Technologies GmbH e-invoice pro before 
release 1  ...)
-       TODO: check
+       NOT-FOR-US: Insiders Technologies GmbH e-invoice
 CVE-2025-55125 (This vulnerability allows a Backup or Tape Operator to perform 
remote  ...)
-       TODO: check
+       NOT-FOR-US: Veeam
 CVE-2025-50334 (An issue in Technitium DNS Server v.13.5 allows a remote 
attacker to c ...)
-       TODO: check
+       NOT-FOR-US: Technitium DNS Server
 CVE-2025-4596 (Asseco ADMX system is used for processing medical records. It 
allows l ...)
-       TODO: check
+       NOT-FOR-US: Asseco ADMX system
 CVE-2025-27004 (Improper Neutralization of Input During Web Page Generation 
('Cross-si ...)
        NOT-FOR-US: WordPress plugin or theme
 CVE-2025-27002 (Improper Neutralization of Input During Web Page Generation 
('Cross-si ...)



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/14e2378bbecff74f0b8ecedabde5863155141354

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/14e2378bbecff74f0b8ecedabde5863155141354
You're receiving this email because of your account on salsa.debian.org.

_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

[Git][security-tracker-team/security-tracker][master] Process some NFUs

Reply via email to