Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
9e4d2247 by Salvatore Bonaccorso at 2026-05-26T07:46:28+02:00
Process some NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -173,45 +173,45 @@ CVE-2018-25380 (Joomla Component eXtroForms 2.1.5
contains an SQL injection vuln
CVE-2018-25379 (Collectric CMU 1.0 contains a boolean-based blind SQL
injection vulner ...)
NOT-FOR-US: Collectric CMU
CVE-2018-25378 (Notebook Pro 2.0 contains a denial of service vulnerability
that allow ...)
- TODO: check
+ NOT-FOR-US: Notebook Pro
CVE-2018-25377 (Flash Slideshow Maker Professional 5.20 contains a buffer
overflow vul ...)
- TODO: check
+ NOT-FOR-US: Flash Slideshow Maker Professional
CVE-2018-25376 (Socusoft 3GP Photo Slideshow 8.05 contains a buffer overflow
vulnerabi ...)
- TODO: check
+ NOT-FOR-US: Socusoft 3GP Photo Slideshow
CVE-2018-25375 (SocuSoft iPod Photo Slideshow 8.05 contains a buffer overflow
vulnerab ...)
- TODO: check
+ NOT-FOR-US: SocuSoft iPod Photo Slideshow
CVE-2018-25374 (Softneta MedDream PACS Server Premium 6.7.1.1 contains a
directory tra ...)
- TODO: check
+ NOT-FOR-US: Softneta MedDream PACS Server Premium
CVE-2018-25373 (SocuSoft DVD Photo Slideshow Professional 8.07 contains a
stack-based ...)
- TODO: check
+ NOT-FOR-US: SocuSoft DVD Photo Slideshow Professional
CVE-2018-25372 (MedDream PACS Server Premium 6.7.1.1 contains an SQL injection
vulnera ...)
- TODO: check
+ NOT-FOR-US: MedDream PACS Server Premium
CVE-2018-25371 (mooSocial Store Plugin 2.6 contains a blind SQL injection
vulnerabilit ...)
- TODO: check
+ NOT-FOR-US: mooSocial Store Plugin
CVE-2018-25370 (Admidio 3.3.5 contains a cross-site request forgery
vulnerability that ...)
- TODO: check
+ NOT-FOR-US: Admidio
CVE-2018-25369 (Visual Ping 0.8.0.0 contains a buffer overflow vulnerability
in input ...)
- TODO: check
+ NOT-FOR-US: Visual Ping
CVE-2018-25368 (Nord VPN 6.14.31 contains a denial of service vulnerability
that allow ...)
- TODO: check
+ NOT-FOR-US: Nord VPN
CVE-2018-25367 (NASA openVSP 3.16.1 contains a buffer overflow vulnerability
that allo ...)
- TODO: check
+ NOT-FOR-US: NASA openVSP
CVE-2018-25366 (CuteFTP 5.0 XP contains a buffer overflow vulnerability that
allows lo ...)
- TODO: check
+ NOT-FOR-US: CuteFTP
CVE-2018-25365 (PCViewer vt1000 contains a directory traversal vulnerability
that allo ...)
- TODO: check
+ NOT-FOR-US: PCViewer vt1000
CVE-2018-25364 (Twitter-Clone 1 contains a SQL injection vulnerability that
allows una ...)
- TODO: check
+ NOT-FOR-US: Twitter-Clone
CVE-2018-25363 (Twitter-Clone 1 contains a cross-site request forgery
vulnerability th ...)
- TODO: check
+ NOT-FOR-US: Twitter-Clone
CVE-2018-25362 (Twitter-Clone 1 contains a SQL injection vulnerability in
follow.php t ...)
- TODO: check
+ NOT-FOR-US: Twitter-Clone
CVE-2018-25361 (Soroush IM Desktop App 0.17.0 contains an authentication
bypass vulner ...)
- TODO: check
+ NOT-FOR-US: Soroush IM Desktop App
CVE-2018-25360 (AgataSoft Auto PingMaster 1.5 contains a stack-based buffer
overflow v ...)
- TODO: check
+ NOT-FOR-US: AgataSoft Auto PingMaster
CVE-2018-25359 (Splinterware System Scheduler Pro 5.12 contains an insecure
file permi ...)
- TODO: check
+ NOT-FOR-US: Splinterware System Scheduler Pro
CVE-2026-46745 (Apache Airflow FAB Auth Manager contains an LDAP filter
injection vuln ...)
NOT-FOR-US: Airflow provider
CVE-2026-45361 (Apache Airflow providers-google's `ComputeEngineSSHHook`
disables SSH ...)
@@ -6686,11 +6686,11 @@ CVE-2025-40833 (The affected devices contain a null
pointer dereference vulnerab
CVE-2025-36515 (Uncontrolled search path for some AI Playground software
before versio ...)
NOT-FOR-US: Intel
CVE-2025-36510 (Improper buffer restrictions for some Display Virtualization
for Windo ...)
- TODO: check
+ NOT-FOR-US: Intel
CVE-2025-35991 (Improper initialization in the UEFI firmware for some Intel
platforms ...)
- TODO: check
+ NOT-FOR-US: Intel
CVE-2025-35990 (Improper input validation for some Intel Endpoint Management
Assistant ...)
- TODO: check
+ NOT-FOR-US: Intel
CVE-2025-35979 (Exposure of sensitive information caused by shared
microarchitectural ...)
- intel-microcode <unfixed> (bug #1137032)
[trixie] - intel-microcode <postponed> (As usual fixed top-down, expose
first in unstable, then likely point release)
@@ -6699,7 +6699,7 @@ CVE-2025-35979 (Exposure of sensitive information caused
by shared microarchitec
NOTE:
https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-01420.html
NOTE:
https://github.com/intel/Intel-Linux-Processor-Microcode-Data-Files/releases/tag/microcode-20260512
CVE-2025-35969 (Uncontrolled search path for some Intel(R) Server Firmware
Update Util ...)
- TODO: check
+ NOT-FOR-US: Intel
CVE-2025-27723 (Use after free for some Linux kernel driver for the Intel(R)
Ethernet ...)
TODO: check
CVE-2025-12659 (The affected applications contains a memory corruption
vulnerability w ...)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/9e4d22479e0c8cfbc77589865446a6885b88ea92
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/9e4d22479e0c8cfbc77589865446a6885b88ea92
You're receiving this email because of your account on salsa.debian.org. Manage
all notifications: https://salsa.debian.org/-/profile/notifications | Help:
https://salsa.debian.org/help
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
