[Git][security-tracker-team/security-tracker][master] Process new NFUs

Salvatore Bonaccorso (@carnil) carnil at debian.org
Sat Aug 30 09:25:54 BST 2025 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
f3b9fe7d by Salvatore Bonaccorso at 2025-08-30T10:25:31+02:00
Process new NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,17 +1,17 @@
 CVE-2025-9680 (A vulnerability was detected in O2OA up to 10.0-410. This impacts an u ...)
-	TODO: check
+	NOT-FOR-US: O2OA
 CVE-2025-9679 (A security vulnerability has been detected in itsourcecode Student Inf ...)
 	NOT-FOR-US: itsourcecode System
 CVE-2025-9678 (A weakness has been identified in Campcodes Online Loan Management Sys ...)
 	NOT-FOR-US: Campcodes
 CVE-2025-9677 (A security flaw has been discovered in Modo Legend of the Phoenix up t ...)
-	TODO: check
+	NOT-FOR-US: Modo Legend of the Phoenix
 CVE-2025-9676 (A vulnerability was identified in NCSOFT Universe App up to 1.3.0. Imp ...)
-	TODO: check
+	NOT-FOR-US: NCSOFT Universe App
 CVE-2025-9675 (A vulnerability was determined in Voice Changer App up to 1.1.0. This  ...)
-	TODO: check
+	NOT-FOR-US: Voice Changer App
 CVE-2025-9674 (A flaw has been found in Transbyte Scooper News App up to 1.2 on Andro ...)
-	TODO: check
+	NOT-FOR-US: Transbyte Scooper News App
 CVE-2025-9618 (The Related Posts Lite plugin for WordPress is vulnerable to Cross-Sit ...)
 	NOT-FOR-US: WordPress plugin
 CVE-2025-9500 (The TablePress plugin for WordPress is vulnerable to Stored Cross-Site ...)
@@ -23,13 +23,13 @@ CVE-2025-58160 (tracing is a framework for instrumenting Rust programs to collec
 CVE-2025-58159 (WeGIA is a Web manager for charitable institutions. Prior to version 3 ...)
 	NOT-FOR-US: WeGIA
 CVE-2025-58157 (gnark is a zero-knowledge proof system framework. In version 0.12.0, t ...)
-	TODO: check
+	NOT-FOR-US: gnark
 CVE-2025-58156 (Centurion ERP is an ERP with a focus on ITSM and automation. In versio ...)
-	TODO: check
+	NOT-FOR-US: Centurion ERP
 CVE-2025-58068 (Eventlet is a concurrent networking library for Python. Prior to versi ...)
 	TODO: check
 CVE-2025-58067 (Basecamp's Google Sign-In adds Google sign-in to Rails applications. P ...)
-	TODO: check
+	NOT-FOR-US: Basecamp's Google Sign-In
 CVE-2025-58066 (nptd-rs is a tool for synchronizing your computer's clock, implementin ...)
 	TODO: check
 CVE-2025-57822 (Next.js is a React framework for building full-stack web applications. ...)
@@ -39,15 +39,15 @@ CVE-2025-57752 (Next.js is a React framework for building full-stack web applica
 CVE-2025-55173 (Next.js is a React framework for building full-stack web applications. ...)
 	NOT-FOR-US: Next.js
 CVE-2025-54946 (A SQL injection vulnerability in SUNNET Corporate Training Management  ...)
-	TODO: check
+	NOT-FOR-US: SUNNET Corporate Training Management System
 CVE-2025-54945 (An external control of file name or path vulnerability in SUNNET Corpo ...)
-	TODO: check
+	NOT-FOR-US: SUNNET Corporate Training Management System
 CVE-2025-54944 (An unrestricted upload of file with dangerous type vulnerability in SU ...)
-	TODO: check
+	NOT-FOR-US: SUNNET Corporate Training Management System
 CVE-2025-54943 (A missing authorization vulnerability in SUNNET Corporate Training Man ...)
-	TODO: check
+	NOT-FOR-US: SUNNET Corporate Training Management System
 CVE-2025-54942 (A missing authentication for critical function vulnerability in SUNNET ...)
-	TODO: check
+	NOT-FOR-US: SUNNET Corporate Training Management System
 CVE-2025-4956 (Path Traversal: '.../...//' vulnerability in AA-Team Pro Bulk Watermar ...)
 	NOT-FOR-US: WordPress plugin or theme
 CVE-2025-34165 (A stack-based buffer overflow vulnerability in NetSupport Manager14.x  ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/f3b9fe7d7ec3e94e11c3f2134cefae1596c842b8

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/f3b9fe7d7ec3e94e11c3f2134cefae1596c842b8
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20250830/ce94d84d/attachment.htm>

More information about the debian-security-tracker-commits mailing list