[Git][security-tracker-team/security-tracker][master] Process some NFUs

Salvatore Bonaccorso (@carnil) carnil at debian.org
Mon Dec 1 20:23:47 GMT 2025 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
e0e2e638 by Salvatore Bonaccorso at 2025-12-01T21:23:09+01:00
Process some NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,15 +1,15 @@
 CVE-2025-8351 (Heap-based Buffer Overflow, Out-of-bounds Read vulnerability in Avast  ...)
-	TODO: check
+	NOT-FOR-US: Avast Antivirus on MacOS
 CVE-2025-8045 (Use After Free vulnerability in Arm Ltd Valhall GPU Kernel Driver, Arm ...)
 	TODO: check
 CVE-2025-7007 (NULL Pointer Dereference vulnerability in Avast Antivirus on MacOS, Av ...)
-	TODO: check
+	NOT-FOR-US: Avast Antivirus on MacOS
 CVE-2025-6349 (Use After Free vulnerability in Arm Ltd Valhall GPU Kernel Driver, Arm ...)
 	TODO: check
 CVE-2025-65838 (PublicCMS V5.202506.b is vulnerable to path traversal via the doUpload ...)
-	TODO: check
+	NOT-FOR-US: PublicCMS
 CVE-2025-65836 (PublicCMS V5.202506.b is vulnerable to SSRF. in the chat interface of  ...)
-	TODO: check
+	NOT-FOR-US: PublicCMS
 CVE-2025-65794
 	REJECTED
 CVE-2025-65793
@@ -25,37 +25,37 @@ CVE-2025-65405 (A use-after-free in the ADTSAudioFileSource::samplingFrequency()
 CVE-2025-65404 (A buffer overflow in the getSideInfo2() function of Live555 Streaming  ...)
 	TODO: check
 CVE-2025-65403 (A buffer overflow in the g_cfg.MaxUsers component of LightFTP v2.0 all ...)
-	TODO: check
+	NOT-FOR-US: LightFTP
 CVE-2025-64775 (Denial of Service vulnerability in Apache Struts, file leak in multipa ...)
 	TODO: check
 CVE-2025-64030 (Eximbills Enterprise 4.1.5 (Built on 2020-10-30) is vulnerable to auth ...)
-	TODO: check
+	NOT-FOR-US: Eximbills Enterprise
 CVE-2025-63535 (A SQL injection vulnerability exists in the Blood Bank Management Syst ...)
-	TODO: check
+	NOT-FOR-US: Blood Bank Management System
 CVE-2025-63534 (A cross-site scripting (XSS) vulnerability exists in the Blood Bank Ma ...)
-	TODO: check
+	NOT-FOR-US: Blood Bank Management System
 CVE-2025-63533 (A cross-site scripting (XSS) vulnerability exists in the Blood Bank Ma ...)
-	TODO: check
+	NOT-FOR-US: Blood Bank Management System
 CVE-2025-63532 (A SQL injection vulnerability exists in the Blood Bank Management Syst ...)
-	TODO: check
+	NOT-FOR-US: Blood Bank Management System
 CVE-2025-63531 (A SQL injection vulnerability exists in the Blood Bank Management Syst ...)
-	TODO: check
+	NOT-FOR-US: Blood Bank Management System
 CVE-2025-63529 (A session fixation vulnerability exists in Blood Bank Management Syste ...)
-	TODO: check
+	NOT-FOR-US: Blood Bank Management System
 CVE-2025-63528 (A cross-site scripting (XSS) vulnerability exists in the Blood Bank Ma ...)
-	TODO: check
+	NOT-FOR-US: Blood Bank Management System
 CVE-2025-63527 (A cross-site scripting (XSS) vulnerability exists in the Blood Bank Ma ...)
-	TODO: check
+	NOT-FOR-US: Blood Bank Management System
 CVE-2025-63526 (A cross-site scripting (XSS) vulnerability exists in the Blood Bank Ma ...)
-	TODO: check
+	NOT-FOR-US: Blood Bank Management System
 CVE-2025-63525 (An issue was discovered in Blood Bank Management System 1.0 allowing a ...)
-	TODO: check
+	NOT-FOR-US: Blood Bank Management System
 CVE-2025-63523 (FeehiCMS version 2.1.1 fails to enforce server-side immutability for p ...)
-	TODO: check
+	NOT-FOR-US: FeehiCMS
 CVE-2025-63522 (Reverse Tabnabbing vulnerability in FeehiCMS 2.1.1 in the Comments Man ...)
-	TODO: check
+	NOT-FOR-US: FeehiCMS
 CVE-2025-63520 (Cross Site Scripting (XSS) vulnerability in FeehiCMS 2.1.1 via the id  ...)
-	TODO: check
+	NOT-FOR-US: FeehiCMS
 CVE-2025-63365 (SoftSea EPUB File Reader 1.0.0.0 is vulnerable to Directory Traversal. ...)
 	TODO: check
 CVE-2025-63317 (Todoist v8896 is vulnerable to Cross Site Scripting (XSS) in /api/v1/u ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/e0e2e638cbbe38078d1df0783e8e074fbc6bac05

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/e0e2e638cbbe38078d1df0783e8e074fbc6bac05
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20251201/070dc8d1/attachment-0001.htm>

More information about the debian-security-tracker-commits mailing list