[Git][security-tracker-team/security-tracker][master] Process some NFUs

Salvatore Bonaccorso (@carnil) carnil at debian.org
Wed Aug 6 15:42:27 BST 2025 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
6e0d0e88 by Salvatore Bonaccorso at 2025-08-06T16:42:01+02:00
Process some NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -119,7 +119,7 @@ CVE-2025-54876 (The Janssen Project is an open-source identity and access manage
 CVE-2025-54873 (RISC Zero is a zero-knowledge verifiable general computing platform ba ...)
 	TODO: check
 CVE-2025-54872 (onion-site-template is a complete, scalable tor hidden service self-ho ...)
-	TODO: check
+	NOT-FOR-US: onion-site-template
 CVE-2025-54869 (FPDI is a collection of PHP classes that facilitate reading pages from ...)
 	TODO: check
 CVE-2025-54801 (Fiber is an Express inspired web framework written in Go. In versions  ...)
@@ -231,9 +231,9 @@ CVE-2025-54125 (XWiki Platform is a generic wiki platform offering runtime servi
 CVE-2025-54124 (XWiki Platform is a generic wiki platform offering runtime services fo ...)
 	NOT-FOR-US: XWiki
 CVE-2025-53534 (RatPanel is a server operation and maintenance management panel. In ve ...)
-	TODO: check
+	NOT-FOR-US: RatPanel
 CVE-2025-52237 (An issue in the component /stl/actions/download?filePath of SSCMS v7.3 ...)
-	TODO: check
+	NOT-FOR-US: SSCMS
 CVE-2025-47324 (Information disclosure while accessing and modifying the PIB file of a ...)
 	NOT-FOR-US: Qualcomm
 CVE-2025-32430 (XWiki Platform is a generic wiki platform offering runtime services fo ...)
@@ -317,35 +317,35 @@ CVE-2025-21010 (Improper privilege management in SamsungAccount prior to SMR Aug
 CVE-2025-20990 (Improper access control in accessing system device node prior to SMR A ...)
 	NOT-FOR-US: Samsung Mobile
 CVE-2013-10070 (PHP-Charts v1.0 contains a PHP code execution vulnerability in wizard/ ...)
-	TODO: check
+	NOT-FOR-US: PHP-Charts
 CVE-2013-10067 (Glossword versions 1.8.8 through 1.8.12 contain an authenticated arbit ...)
-	TODO: check
+	NOT-FOR-US: Glossword
 CVE-2013-10066 (An unauthenticated arbitrary file upload vulnerability exists inKordil ...)
-	TODO: check
+	NOT-FOR-US: Kordil EDMS
 CVE-2013-10065 (A denial-of-service vulnerability exists inSysax Multi-Server version  ...)
-	TODO: check
+	NOT-FOR-US: Sysax Multi-Server
 CVE-2012-10035 (Turbo FTP Server versions 1.30.823 and 1.30.826 contain a buffer overf ...)
-	TODO: check
+	NOT-FOR-US: Turbo FTP Server
 CVE-2012-10033 (Narcissus is vulnerable to remote code execution via improper input ha ...)
-	TODO: check
+	NOT-FOR-US: Narcissus
 CVE-2012-10032 (Maxthon3 versions prior to 3.3 are vulnerable to cross context scripti ...)
-	TODO: check
+	NOT-FOR-US: Maxthon3
 CVE-2012-10030 (FreeFloat FTP Server contains multiple critical design flaws that allo ...)
-	TODO: check
+	NOT-FOR-US: FreeFloat FTP Server
 CVE-2012-10029 (Nagios XI Network Monitor prior to Graph Explorer component version 1. ...)
-	TODO: check
+	NOT-FOR-US: Nagios XI
 CVE-2012-10028 (Netwin SurgeFTP version 23c8 and prior contains a vulnerability in its ...)
-	TODO: check
+	NOT-FOR-US: Netwin SurgeFTP
 CVE-2012-10027 (WP-Property plugin for WordPress through version 1.35.0 contains an un ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2012-10026 (The WordPress plugin Asset-Manager version 2.0 and below contains an u ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2012-10025 (The WordPress plugin Advanced Custom Fields (ACF) version 3.5.1 and be ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2012-10024 (XBMC version 11, including builds up to the 2012-11-04 nightly release ...)
 	TODO: check
 CVE-2012-10023 (A stack-based buffer overflow vulnerability exists in FreeFloat FTP Se ...)
-	TODO: check
+	NOT-FOR-US: FreeFloat FTP Server
 CVE-2025-8556
 	- golang-github-cloudflare-circl 1.6.1-1
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=2371624



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/6e0d0e88955eb9cfab7445102826825dcbc25ecc

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/6e0d0e88955eb9cfab7445102826825dcbc25ecc
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20250806/b9f8e333/attachment.htm>

More information about the debian-security-tracker-commits mailing list