Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
c24ef821 by Salvatore Bonaccorso at 2026-02-12T22:31:04+01:00
Process some NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -65,25 +65,25 @@ CVE-2025-69752 (An issue in the "My Details" user profile
functionality of Ideag
CVE-2025-69634 (Cross Site Request Forgery vulnerability in Dolibarr ERP & CRM
v.22.0. ...)
- dolibarr <removed>
CVE-2025-67433 (A heap buffer overflow in the processRequest function of Open
TFTP Ser ...)
- TODO: check
+ NOT-FOR-US: Open TFTP Server MultiThreaded
CVE-2025-67432 (A stack overflow in the ZBarcode_Encode function of
Monkeybread Softwa ...)
- TODO: check
+ NOT-FOR-US: Monkeybread Software MBS DynaPDF Plugin
CVE-2025-63421 (An issue in filosoft Comerc.32 Commercial Invoicing v.16.0.0.3
allows ...)
- TODO: check
+ NOT-FOR-US: filosoft Comerc.32 Commercial Invoicing
CVE-2025-61880 (In Infoblox NIOS through 9.0.7, insecure deserialization can
result in ...)
- TODO: check
+ NOT-FOR-US: Infoblox NIOS
CVE-2025-61879 (In Infoblox NIOS through 9.0.7, a High-Privileged User Can
Trigger an ...)
- TODO: check
+ NOT-FOR-US: Infoblox NIOS
CVE-2025-56647 (npm @farmfe/core before 1.7.6 is Missing Origin Validation in
WebSocke ...)
- TODO: check
+ NOT-FOR-US: Farm
CVE-2025-55210 (FreePBX is an open-source web-based graphical user interface
(GUI) tha ...)
- TODO: check
+ NOT-FOR-US: FreePBX
CVE-2025-54756 (BrightSign players running BrightSign OS series 4 prior to
v8.5.53.1 o ...)
- TODO: check
+ NOT-FOR-US: BrightSign
CVE-2025-54519 (A DLL hijacking vulnerability in Doc Nav could allow a local
attacker ...)
- TODO: check
+ NOT-FOR-US: AMD
CVE-2025-52533 (Improper Access Control in an on-chip debug interface could
allow a pr ...)
- TODO: check
+ NOT-FOR-US: AMD
CVE-2025-41117 (Stack traces in Grafana's Explore Traces view can be rendered
as raw H ...)
TODO: check
CVE-2025-15575 (The firmware update functionality does not verify the
authenticity of ...)
@@ -686,13 +686,13 @@ CVE-2025-66277 (A link following vulnerability has been
reported to affect sever
CVE-2025-66274 (A NULL pointer dereference vulnerability has been reported to
affect s ...)
NOT-FOR-US: QNAP
CVE-2025-65480 (An issue was discovered in Pacom Unison Client 5.13.1.
Authenticated u ...)
- TODO: check
+ NOT-FOR-US: Pacom Unison Client
CVE-2025-65128 (A missing authentication mechanism in the web management API
component ...)
- TODO: check
+ NOT-FOR-US: Shenzhen Zhibotong Electronics ZBT WE2001
CVE-2025-65127 (A lack of session validation in the web API component of
Shenzhen Zhib ...)
- TODO: check
+ NOT-FOR-US: Shenzhen Zhibotong Electronics ZBT WE2001
CVE-2025-64075 (A path traversal vulnerability in the check_token function of
Shenzhen ...)
- TODO: check
+ NOT-FOR-US: Shenzhen Zhibotong Electronics ZBT WE2001
CVE-2025-62856 (A path traversal vulnerability has been reported to affect
File Statio ...)
NOT-FOR-US: QNAP
CVE-2025-62855 (A path traversal vulnerability has been reported to affect
File Statio ...)
@@ -702,7 +702,7 @@ CVE-2025-62854 (An uncontrolled resource consumption
vulnerability has been repo
CVE-2025-62853 (A path traversal vulnerability has been reported to affect
File Statio ...)
NOT-FOR-US: QNAP
CVE-2025-61969 (Incorrect permission assignment in AMD \xb5Prof may allow a
local user ...)
- TODO: check
+ NOT-FOR-US: AMD
CVE-2025-59386 (A NULL pointer dereference vulnerability has been reported to
affect s ...)
NOT-FOR-US: QNAP
CVE-2025-58472 (A NULL pointer dereference vulnerability has been reported to
affect Q ...)
@@ -762,7 +762,7 @@ CVE-2025-52869 (A buffer overflow vulnerability has been
reported to affect Qsyn
CVE-2025-52868 (A buffer overflow vulnerability has been reported to affect
Qsync Cent ...)
NOT-FOR-US: QNAP
CVE-2025-52541 (A DLL hijacking vulnerability in Vivado could allow a local
attacker t ...)
- TODO: check
+ NOT-FOR-US: AMD
CVE-2025-48725 (A buffer overflow vulnerability has been reported to affect
several QN ...)
NOT-FOR-US: QNAP
CVE-2025-48724 (A buffer overflow vulnerability has been reported to affect
Qsync Cent ...)
@@ -772,11 +772,11 @@ CVE-2025-48723 (A buffer overflow vulnerability has been
reported to affect Qsyn
CVE-2025-48722 (A NULL pointer dereference vulnerability has been reported to
affect Q ...)
NOT-FOR-US: QNAP
CVE-2025-48518 (Improper input validation in AMD Graphics Driver could allow a
local a ...)
- TODO: check
+ NOT-FOR-US: AMD
CVE-2025-48508 (Improper Hardware reset flow logic in the GPU GFX Hardware IP
block co ...)
- TODO: check
+ NOT-FOR-US: AMD
CVE-2025-48503 (A DLL hijacking vulnerability in the AMD Software Installer
could allo ...)
- TODO: check
+ NOT-FOR-US: AMD
CVE-2025-47209 (A NULL pointer dereference vulnerability has been reported to
affect Q ...)
NOT-FOR-US: QNAP
CVE-2025-47205 (A NULL pointer dereference vulnerability has been reported to
affect s ...)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/c24ef82122fdeb4a72a4d3c2d7533b99c3ba91fa
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/c24ef82122fdeb4a72a4d3c2d7533b99c3ba91fa
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
