Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
cb507364 by Salvatore Bonaccorso at 2026-01-14T23:03:03+01:00
Process some NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -77,15 +77,15 @@ CVE-2026-21889 (Weblate is a web based localization tool.
Prior to 5.15.2, the s
CVE-2026-0532 (External Control of File Name or Path (CWE-73) combined with
Server-Si ...)
- kibana <itp> (bug #700337)
CVE-2026-0529 (Improper Validation of Array Index (CWE-129) in
Packetbeat\u2019s Mong ...)
- TODO: check
+ NOT-FOR-US: Packetbeat
CVE-2025-9142 (A local user can trigger Harmony SASE Windows client to write
or delet ...)
- TODO: check
+ NOT-FOR-US: Harmony SASE Windows client
CVE-2025-71166 (Typesetter CMS versions up to and including 5.1 contain a
reflected cr ...)
- TODO: check
+ NOT-FOR-US: Typesetter CMS
CVE-2025-71165 (Typesetter CMS versions up to and including 5.1 contain a
reflected cr ...)
- TODO: check
+ NOT-FOR-US: Typesetter CMS
CVE-2025-71164 (Typesetter CMS versions up to and including 5.1 contain a
reflected cr ...)
- TODO: check
+ NOT-FOR-US: Typesetter CMS
CVE-2025-71021 (Tenda AX-1806 v1.0.0.1 was discovered to contain a stack
overflow in t ...)
NOT-FOR-US: Tenda
CVE-2025-70968 (FreeImage 3.18.0 contains a Use After Free in
PluginTARGA.cpp;loadRLE( ...)
@@ -93,21 +93,21 @@ CVE-2025-70968 (FreeImage 3.18.0 contains a Use After Free
in PluginTARGA.cpp;lo
CVE-2025-70747 (Tenda AX-1806 v1.0.0.1 was discovered to contain a stack
overflow in t ...)
NOT-FOR-US: Tenda
CVE-2025-67835 (Paessler PRTG Network Monitor before 25.4.114 allows
Denial-of-Service ...)
- TODO: check
+ NOT-FOR-US: Paessler PRTG Network Monitor
CVE-2025-67834 (Paessler PRTG Network Monitor before 25.4.114 allows XSS by an
unauthe ...)
- TODO: check
+ NOT-FOR-US: Paessler PRTG Network Monitor
CVE-2025-67833 (Paessler PRTG Network Monitor before 25.4.114 allows XSS by an
unauthe ...)
- TODO: check
+ NOT-FOR-US: Paessler PRTG Network Monitor
CVE-2025-67399 (An issue in AIRTH SMART HOME AQI MONITOR Bootloader v.1.005
allows a p ...)
- TODO: check
+ NOT-FOR-US: AIRTH SMART HOME AQI MONITOR Bootloader
CVE-2025-66169 (Cypher Injection vulnerability in Apache Camel camel-neo4j
component. ...)
TODO: check
CVE-2025-65397 (An insecure authentication mechanism in the safe_exec.sh
startup scrip ...)
- TODO: check
+ NOT-FOR-US: Blurams Flare Camera
CVE-2025-65396 (A vulnerability in the boot process of Blurams Flare Camera
version 24 ...)
- TODO: check
+ NOT-FOR-US: Blurams Flare Camera
CVE-2025-63644 (A stored cross-site scripting (XSS) vulnerability exists in
pH7Softwar ...)
- TODO: check
+ NOT-FOR-US: pH7Software pH7-Social-Dating-CMS
CVE-2025-56226 (Libsndfile <=1.2.2 contains a memory leak vulnerability in the
mpeg_l3 ...)
TODO: check
CVE-2025-37185 (Vulnerabilities in the web-based management interface of
EdgeConnect S ...)
@@ -127,11 +127,11 @@ CVE-2025-14557 (Improper Neutralization of Input During
Web Page Generation (XSS
CVE-2025-14556 (Improper Neutralization of Input During Web Page Generation
(XSS or 'C ...)
NOT-FOR-US: Drupal core and addons
CVE-2025-14317 (In Crazy Bubble Tea mobile application authenticated attacker
canobtai ...)
- TODO: check
+ NOT-FOR-US: Crazy Bubble Tea mobile application
CVE-2025-14242 (A flaw was found in vsftpd. This vulnerability allows a denial
of serv ...)
TODO: check
CVE-2025-13175 (Y Soft SafeQ 6 renders the Workflow Connector password field
in a way ...)
- TODO: check
+ NOT-FOR-US: Y Soft
CVE-2025-0647 (In certain Arm CPUs, a CPP RCTX instruction executed on one
Processing ...)
TODO: check
CVE-2025-71144 (In the Linux kernel, the following vulnerability has been
resolved: m ...)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/cb507364a3b1d58c4a9059645724a106519c8051
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/cb507364a3b1d58c4a9059645724a106519c8051
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
