[Git][security-tracker-team/security-tracker][master] Process some NFUs
Salvatore Bonaccorso (@carnil)
carnil at debian.org
Wed Aug 6 19:00:08 BST 2025
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
83f84a88 by Salvatore Bonaccorso at 2025-08-06T19:59:38+02:00
Process some NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -117,13 +117,13 @@ CVE-2025-54879 (Mastodon is a free, open-source social network server based on A
CVE-2025-54876 (The Janssen Project is an open-source identity and access management ( ...)
NOT-FOR-US: Janssen Project
CVE-2025-54873 (RISC Zero is a zero-knowledge verifiable general computing platform ba ...)
- TODO: check
+ NOT-FOR-US: RISC Zero
CVE-2025-54872 (onion-site-template is a complete, scalable tor hidden service self-ho ...)
NOT-FOR-US: onion-site-template
CVE-2025-54869 (FPDI is a collection of PHP classes that facilitate reading pages from ...)
TODO: check
CVE-2025-54801 (Fiber is an Express inspired web framework written in Go. In versions ...)
- TODO: check
+ NOT-FOR-US: Fiber
CVE-2025-54655 (Race condition vulnerability in the virtualization base module. Succes ...)
NOT-FOR-US: Huawei
CVE-2025-54653 (Path traversal vulnerability in the virtualization file module. Succes ...)
@@ -223,7 +223,7 @@ CVE-2025-54607 (Authentication management vulnerability in the ArkWeb module. Im
CVE-2025-54606 (Status verification vulnerability in the lock screen module. Impact: S ...)
NOT-FOR-US: Huawei
CVE-2025-54594 (react-native-bottom-tabs is a library of Native Bottom Tabs for React ...)
- TODO: check
+ NOT-FOR-US: react-native-bottom-tabs
CVE-2025-54571 (ModSecurity is an open source, cross platform web application firewall ...)
TODO: check
CVE-2025-54125 (XWiki Platform is a generic wiki platform offering runtime services fo ...)
@@ -397,7 +397,7 @@ CVE-2025-51627 (Incorrect access control in CaricaVerbale in Agenzia Impresa Ecc
CVE-2025-51541 (A stored cross-site scripting (XSS) vulnerability exists in the Shopwa ...)
NOT-FOR-US: Shopware
CVE-2025-51060 (An issue was discovered in CPUID cpuz.sys 1.0.5.4. An attacker can use ...)
- TODO: check
+ NOT-FOR-US: CPUID cpuz.sys
CVE-2025-50707 (An issue in thinkphp3 v.3.2.5 allows a remote attacker to execute arbi ...)
NOT-FOR-US: thinkphp
CVE-2025-50706 (An issue in thinkphp v.5.1 allows a remote attacker to execute arbitra ...)
@@ -599,7 +599,7 @@ CVE-2025-52892 (EspoCRM is a web application with a frontend designed as a singl
CVE-2025-51726 (CyberGhostVPNSetup.exe (Windows installer) is signed using the weak cr ...)
NOT-FOR-US: CyberGhostVPNSetup.exe (Windows installer)
CVE-2025-51387 (The GitKraken Desktop 10.8.0 and 11.1.0 is susceptible to code injecti ...)
- TODO: check
+ NOT-FOR-US: GitKraken Desktop
CVE-2025-50754 (Unisite CMS version 5.0 contains a stored Cross-Site Scripting (XSS) v ...)
NOT-FOR-US: Unisite CMS
CVE-2025-50341 (A Boolean-based SQL injection vulnerability was discovered in Axelor 5 ...)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/83f84a884aa6520fbb924a0e068476727f206e42
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/83f84a884aa6520fbb924a0e068476727f206e42
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20250806/b493373c/attachment.htm>
More information about the debian-security-tracker-commits
mailing list