[Git][security-tracker-team/security-tracker][master] Process some NFUs

Salvatore Bonaccorso (@carnil) carnil at debian.org
Wed Aug 27 10:02:43 BST 2025 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
43ab6121 by Salvatore Bonaccorso at 2025-08-27T11:02:22+02:00
Process some NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -31,9 +31,9 @@ CVE-2025-8490 (The All-in-One WP Migration and Backup plugin for WordPress is vu
 CVE-2025-7732 (The Lazy Load for Videos plugin for WordPress is vulnerable to Stored  ...)
 	NOT-FOR-US: WordPress plugin
 CVE-2025-57846 (Multiple i-\u30d5\u30a3\u30eb\u30bf\u30fc products contain an issue wi ...)
-	TODO: check
+	NOT-FOR-US: DAI.jp product
 CVE-2025-57820 (Svelte devalue is a utility library. Prior to version 5.3.2, a string  ...)
-	TODO: check
+	NOT-FOR-US: Svelte devalue
 CVE-2025-57797 (Incorrect privilege assignment vulnerability exists in ScanSnap Manage ...)
 	NOT-FOR-US: ScanSnap Manager installers
 CVE-2025-49040 (Cross-Site Request Forgery (CSRF) vulnerability in Backup Bolt allows  ...)
@@ -53,55 +53,55 @@ CVE-2025-35113 (Agiloft Release 28 does not properly neutralize special elements
 CVE-2025-35112 (Agiloft Release 28 contains an XML External Entities vulnerability in  ...)
 	NOT-FOR-US: Agiloft
 CVE-2025-26417 (In checkWhetherCallingAppHasAccess of DownloadProvider.java, there is  ...)
-	TODO: check
+	NOT-FOR-US: Android
 CVE-2025-22413 (In multiple functions of hyp-main.c, there is a possible privilege esc ...)
 	TODO: check
 CVE-2025-22412 (In multiple functions of sdp_server.cc, there is a possible use after  ...)
-	TODO: check
+	NOT-FOR-US: Android
 CVE-2025-22411 (In process_service_attr_rsp of sdp_discovery.cc, there is a possible u ...)
-	TODO: check
+	NOT-FOR-US: Android
 CVE-2025-22410 (In multiple locations, there is a possible way to execute arbitrary co ...)
-	TODO: check
+	NOT-FOR-US: Android
 CVE-2025-22409 (In rfc_send_buf_uih of rfc_ts_frames.cc, there is a possible way to ex ...)
-	TODO: check
+	NOT-FOR-US: Android
 CVE-2025-22408 (In rfc_check_send_cmd of rfc_utils.cc, there is a possible way to exec ...)
-	TODO: check
+	NOT-FOR-US: Android
 CVE-2025-22407 (In hidd_check_config_done of hidd_conn.cc, there is a possible way to  ...)
-	TODO: check
+	NOT-FOR-US: Android
 CVE-2025-22406 (In bnepu_check_send_packet of bnep_utils.cc, there is a possible way t ...)
-	TODO: check
+	NOT-FOR-US: Android
 CVE-2025-22405 (In multiple locations, there is a possible way to execute arbitrary co ...)
-	TODO: check
+	NOT-FOR-US: Android
 CVE-2025-22404 (In avct_lcb_msg_ind of avct_lcb_act.cc, there is a possible way to exe ...)
-	TODO: check
+	NOT-FOR-US: Android
 CVE-2025-22403 (In sdp_snd_service_search_req of sdp_discovery.cc, there is a possible ...)
-	TODO: check
+	NOT-FOR-US: Android
 CVE-2025-0093 (In handleBondStateChanged of AdapterService.java, there is a possible  ...)
-	TODO: check
+	NOT-FOR-US: Android
 CVE-2025-0092 (In handleBondStateChanged of AdapterService.java, there is a possible  ...)
-	TODO: check
+	NOT-FOR-US: Android
 CVE-2025-0086 (In onResult of AccountManagerService.java, there is a possible way to  ...)
-	TODO: check
+	NOT-FOR-US: Android
 CVE-2025-0084 (In multiple locations, there is a possible out of bounds write due to  ...)
-	TODO: check
+	NOT-FOR-US: Android
 CVE-2025-0083 (In multiple locations, there is a possible way to access content acros ...)
-	TODO: check
+	NOT-FOR-US: Android
 CVE-2025-0082 (In multiple functions of StatusHint.java and TelecomServiceImpl.java,  ...)
-	TODO: check
+	NOT-FOR-US: Android
 CVE-2025-0081 (In dng_lossless_decoder::HuffDecode of dng_lossless_jpeg.cpp, there is ...)
-	TODO: check
+	NOT-FOR-US: Android
 CVE-2025-0080 (In multiple locations, there is a possible way to overlay the installa ...)
-	TODO: check
+	NOT-FOR-US: Android
 CVE-2025-0079 (In multiple locations, there is a possible way that avdtp and avctp ch ...)
-	TODO: check
+	NOT-FOR-US: Android
 CVE-2025-0078 (In main of main.cpp, there is a possible way to bypass SELinux due to  ...)
-	TODO: check
+	NOT-FOR-US: Android
 CVE-2025-0075 (In process_service_search_attr_req of sdp_server.cc, there is a possib ...)
-	TODO: check
+	NOT-FOR-US: Android
 CVE-2025-0074 (In process_service_attr_rsp of sdp_discovery.cc, there is a possible w ...)
-	TODO: check
+	NOT-FOR-US: Android
 CVE-2024-49740 (In multiple locations, there is a possible crash loop due to resource  ...)
-	TODO: check
+	NOT-FOR-US: Android
 CVE-2024-47192 (An issue was discovered in Mahara 23.04.8 and 24.04.4. The use of a ma ...)
 	TODO: check
 CVE-2024-35203 (Mahara before 22.10.6, 23.04.6, and 24.04.1 allows cross-site scriptin ...)
@@ -253936,7 +253936,7 @@ CVE-2023-21127 (In readSampleData of NuMediaExtractor.cpp, there is a possible o
 CVE-2023-21126 (In bindOutputSwitcherAndBroadcastButton of MediaControlPanel.java, the ...)
 	NOT-FOR-US: Android
 CVE-2023-21125 (In btif_hh_hsdata_rpt_copy_cb of bta_hh.cc, there is a possible way to ...)
-	TODO: check
+	NOT-FOR-US: Android
 CVE-2023-21124 (In run of multiple files, there is a possible escalation of privilege  ...)
 	NOT-FOR-US: Android
 CVE-2023-21123 (In multiple functions of multiple files, there is a possible way to by ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/43ab61210d4d62716a39119b8896e7b63266d179

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/43ab61210d4d62716a39119b8896e7b63266d179
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20250827/57e1c5b2/attachment.htm>

More information about the debian-security-tracker-commits mailing list