[Git][security-tracker-team/security-tracker][master] Process some NFUs
Salvatore Bonaccorso (@carnil)
carnil at debian.org
Thu Dec 11 20:38:35 GMT 2025
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
1254c45b by Salvatore Bonaccorso at 2025-12-11T21:38:09+01:00
Process some NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -45,13 +45,13 @@ CVE-2025-66043 (Several stack-based buffer overflow vulnerabilities exists in th
NOTE: https://sourceforge.net/p/biosig/mailman/message/59271419/
NOTE: https://talosintelligence.com/vulnerability_reports/TALOS-2025-2296
CVE-2025-65474 (An arbitrary file rename vulnerability in the /admin/manager.php compo ...)
- TODO: check
+ NOT-FOR-US: EasyImages
CVE-2025-65473 (An arbitrary file rename vulnerability in the /admin/filer.php compone ...)
- TODO: check
+ NOT-FOR-US: EasyImages
CVE-2025-65472 (A Cross-Site Request Forgery (CSRF) in the /admin/admin.inc.php compon ...)
- TODO: check
+ NOT-FOR-US: EasyImages
CVE-2025-65471 (An arbitrary file upload vulnerability in the /admin/manager.php compo ...)
- TODO: check
+ NOT-FOR-US: EasyImages
CVE-2025-64995 (A privilege escalation vulnerability was discovered in TeamViewer DEX ...)
NOT-FOR-US: TeamViewer
CVE-2025-64994 (A privilege escalation vulnerability was discovered in TeamViewer DEX ...)
@@ -73,91 +73,91 @@ CVE-2025-64987 (A command injection vulnerability was discovered in TeamViewer D
CVE-2025-64986 (A command injection vulnerability was discovered in TeamViewer DEX (fo ...)
NOT-FOR-US: TeamViewer
CVE-2025-64701 (QND Premium/Advance/Standard Ver.11.0.9i and prior contains a privileg ...)
- TODO: check
+ NOT-FOR-US: QND Premium/Advance/Standard
CVE-2025-64669 (Improper access control in Windows Admin Center allows an authorized a ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2025-59803 (Foxit PDF Editor and Reader before 2025.2.1 allow signature spoofing v ...)
NOT-FOR-US: Foxit
CVE-2025-59802 (Foxit PDF Editor and Reader before 2025.2.1 allow signature spoofing v ...)
NOT-FOR-US: Foxit
CVE-2025-56130 (OS Command Injection vulnerability in Ruijie RG-S1930 S1930SWITCH_3.0( ...)
- TODO: check
+ NOT-FOR-US: Ruijie
CVE-2025-56129 (OS Command Injection vulnerability in Ruijie RG-BCR RG-BCR860 allowing ...)
- TODO: check
+ NOT-FOR-US: Ruijie
CVE-2025-56127 (OS Command Injection vulnerability in Ruijie RG-BCR RG-BCR600W allowin ...)
- TODO: check
+ NOT-FOR-US: Ruijie
CVE-2025-56124 (OS Command Injection vulnerability in Ruijie X60 PRO X60_10212014RG-X6 ...)
- TODO: check
+ NOT-FOR-US: Ruijie
CVE-2025-56123 (OS Command Injection vulnerability in Ruijie RG-EW1200G PRO RG-EW1200G ...)
- TODO: check
+ NOT-FOR-US: Ruijie
CVE-2025-56122 (OS Command Injection vulnerability in Ruijie RG-EW1800GX PRO B11P226_E ...)
- TODO: check
+ NOT-FOR-US: Ruijie
CVE-2025-56120 (OS Command Injection vulnerability in Ruijie X60 PRO X60_10212014RG-X6 ...)
- TODO: check
+ NOT-FOR-US: Ruijie
CVE-2025-56118 (OS Command Injection vulnerability in Ruijie X60 PRO X60_10212014RG-X6 ...)
- TODO: check
+ NOT-FOR-US: Ruijie
CVE-2025-56117 (OS Command Injection vulnerability in Ruijie X30-PRO X30-PRO-V1_092415 ...)
- TODO: check
+ NOT-FOR-US: Ruijie
CVE-2025-56114 (OS Command Injection vulnerability in Ruijie M18 EW_3.0(1)B11P226_M18_ ...)
- TODO: check
+ NOT-FOR-US: Ruijie
CVE-2025-56113 (OS Command Injection vulnerability in Ruijie RG-YST EST, YSTAP_3.0(1)B ...)
- TODO: check
+ NOT-FOR-US: Ruijie
CVE-2025-56111 (OS Command Injection vulnerability in Ruijie RG-BCR RG-BCR860 allowing ...)
- TODO: check
+ NOT-FOR-US: Ruijie
CVE-2025-56110 (OS Command Injection vulnerability in Ruijie RG-BCR RG-BCR860 allowing ...)
- TODO: check
+ NOT-FOR-US: Ruijie
CVE-2025-56109 (OS Command Injection vulnerability in Ruijie RG-BCR RG-BCR860 allowing ...)
- TODO: check
+ NOT-FOR-US: Ruijie
CVE-2025-56108 (OS Command Injection vulnerability in Ruijie X30-PRO X30-PRO-V1_092415 ...)
- TODO: check
+ NOT-FOR-US: Ruijie
CVE-2025-56107 (OS Command Injection vulnerability in Ruijie RG-BCR RG-BCR600W allowin ...)
- TODO: check
+ NOT-FOR-US: Ruijie
CVE-2025-56106 (OS Command Injection vulnerability in Ruijie RG-EW1800GX B11P226_EW180 ...)
- TODO: check
+ NOT-FOR-US: Ruijie
CVE-2025-56102 (OS Command Injection vulnerability in Ruijie RG-EW1800GX B11P226_EW180 ...)
- TODO: check
+ NOT-FOR-US: Ruijie
CVE-2025-56101 (OS Command Injection vulnerability in Ruijie M18 EW_3.0(1)B11P226_M18_ ...)
- TODO: check
+ NOT-FOR-US: Ruijie
CVE-2025-56099 (OS Command Injection vulnerability in Ruijie RG-YST AP_3.0(1)B11P280YS ...)
- TODO: check
+ NOT-FOR-US: Ruijie
CVE-2025-56098 (OS Command Injection vulnerability in Ruijie X30-PRO X30-PRO-V1_092415 ...)
- TODO: check
+ NOT-FOR-US: Ruijie
CVE-2025-56097 (OS Command Injection vulnerability in Ruijie RG-EW1800GX PRO B11P226_E ...)
- TODO: check
+ NOT-FOR-US: Ruijie
CVE-2025-56096 (OS Command Injection vulnerability in Ruijie RG-BCR RG-BCR600W allowin ...)
- TODO: check
+ NOT-FOR-US: Ruijie
CVE-2025-56095 (OS Command Injection vulnerability in Ruijie RG-EW1200G PRO RG-EW1200G ...)
- TODO: check
+ NOT-FOR-US: Ruijie
CVE-2025-56094 (OS Command Injection vulnerability in Ruijie X30-PRO X30-PRO-V1_092415 ...)
- TODO: check
+ NOT-FOR-US: Ruijie
CVE-2025-56093 (OS Command Injection vulnerability in Ruijie X30-PRO X30-PRO-V1_092415 ...)
- TODO: check
+ NOT-FOR-US: Ruijie
CVE-2025-56092 (OS Command Injection vulnerability in Ruijie X30 PRO V1 X30-PRO-V1_092 ...)
- TODO: check
+ NOT-FOR-US: Ruijie
CVE-2025-56091 (OS Command Injection vulnerability in Ruijie RG-EW1800GX B11P226_EW180 ...)
- TODO: check
+ NOT-FOR-US: Ruijie
CVE-2025-56090 (OS Command Injection vulnerability in Ruijie RG-EW1200G PRO RG-EW1200G ...)
- TODO: check
+ NOT-FOR-US: Ruijie
CVE-2025-56089 (OS Command Injection vulnerability in Ruijie M18 EW_3.0(1)B11P226_M18_ ...)
- TODO: check
+ NOT-FOR-US: Ruijie
CVE-2025-56088 (OS Command Injection vulnerability in Ruijie RG-BCR RG-BCR860 allowing ...)
- TODO: check
+ NOT-FOR-US: Ruijie
CVE-2025-56087 (OS Command Injection vulnerability in Ruijie RG-BCR RG-BCR600W allowin ...)
- TODO: check
+ NOT-FOR-US: Ruijie
CVE-2025-56086 (OS Command Injection vulnerability in Ruijie RG-EW1200 EW_3.0(1)B11P22 ...)
- TODO: check
+ NOT-FOR-US: Ruijie
CVE-2025-56085 (OS Command Injection vulnerability in Ruijie RG-EW1200 EW_3.0(1)B11P22 ...)
- TODO: check
+ NOT-FOR-US: Ruijie
CVE-2025-56084 (OS Command Injection vulnerability in Ruijie RG-EW1800GX PRO B11P226_E ...)
- TODO: check
+ NOT-FOR-US: Ruijie
CVE-2025-56083 (OS Command Injection vulnerability in Ruijie X30-PRO X30-PRO-V1_092415 ...)
- TODO: check
+ NOT-FOR-US: Ruijie
CVE-2025-56082 (OS Command Injection vulnerability in Ruijie RG-BCR RG-BCR600W allowin ...)
- TODO: check
+ NOT-FOR-US: Ruijie
CVE-2025-56079 (OS Command Injection vulnerability in Ruijie RG-EW1300G EW1300G V1.00/ ...)
- TODO: check
+ NOT-FOR-US: Ruijie
CVE-2025-56077 (OS Command Injection vulnerability in Ruijie RG-RAP2200(E) 247 2200 al ...)
- TODO: check
+ NOT-FOR-US: Ruijie
CVE-2025-55314 (An issue was discovered in Foxit PDF and Editor for Windows and macOS ...)
NOT-FOR-US: Foxit
CVE-2025-55313 (An issue was discovered in Foxit PDF and Editor for Windows and macOS ...)
@@ -223,15 +223,15 @@ CVE-2025-36912 (In cellular modem, there is a possible denial of service due to
CVE-2025-36889 (In onCreateTasks of CameraActivity.java, there is a possible permissio ...)
NOT-FOR-US: Google devices
CVE-2025-14535 (A vulnerability was identified in UTT \u8fdb\u53d6 512W up to 3.1.7.7- ...)
- TODO: check
+ NOT-FOR-US: UTT
CVE-2025-14534 (A vulnerability was determined in UTT \u8fdb\u53d6 512W up to 3.1.7.7- ...)
- TODO: check
+ NOT-FOR-US: UTT
CVE-2025-14531 (A vulnerability was found in code-projects Rental Management System 2. ...)
NOT-FOR-US: code-projects
CVE-2025-14530 (A vulnerability has been found in SourceCodester Real Estate Property ...)
NOT-FOR-US: SourceCodester
CVE-2025-14529 (A flaw has been found in Campcodes Retro Basketball Shoes Online Store ...)
- TODO: check
+ NOT-FOR-US: Campcodes Retro Basketball Shoes Online Store
CVE-2025-14528 (A vulnerability was detected in D-Link DIR-803 up to 1.04. Impacted is ...)
NOT-FOR-US: D-Link
CVE-2025-14527 (A weakness has been identified in projectworlds Advanced Library Manag ...)
@@ -241,19 +241,19 @@ CVE-2025-14526 (A security flaw has been discovered in Tenda CH22 1.0.0.1. This
CVE-2025-14523 (A flaw in libsoup\u2019s HTTP header handling allows multiple Host: he ...)
TODO: check
CVE-2025-14522 (A vulnerability was detected in baowzh hfly up to 638ff9abe9078bc977c1 ...)
- TODO: check
+ NOT-FOR-US: baowzh hfly
CVE-2025-14521 (A security vulnerability has been detected in baowzh hfly up to 638ff9 ...)
- TODO: check
+ NOT-FOR-US: baowzh hfly
CVE-2025-14520 (A weakness has been identified in baowzh hfly up to 638ff9abe9078bc977 ...)
- TODO: check
+ NOT-FOR-US: baowzh hfly
CVE-2025-14519 (A security flaw has been discovered in baowzh hfly up to 638ff9abe9078 ...)
- TODO: check
+ NOT-FOR-US: baowzh hfly
CVE-2025-14518 (A vulnerability was identified in PowerJob up to 5.1.2. This vulnerabi ...)
- TODO: check
+ NOT-FOR-US: PowerJob
CVE-2025-14517 (A vulnerability was determined in Yalantis uCrop 2.2.11. This affects ...)
- TODO: check
+ NOT-FOR-US: Yalantis uCrop
CVE-2025-14516 (A vulnerability was found in Yalantis uCrop 2.2.11. Affected by this i ...)
- TODO: check
+ NOT-FOR-US: Yalantis uCrop
CVE-2025-14515 (A vulnerability has been found in Campcodes Supplier Management System ...)
NOT-FOR-US: Campcodes
CVE-2025-14514 (A flaw has been found in Campcodes Supplier Management System 1.0. Aff ...)
@@ -261,7 +261,7 @@ CVE-2025-14514 (A flaw has been found in Campcodes Supplier Management System 1.
CVE-2025-14281
REJECTED
CVE-2025-14265 (In versions of ScreenConnect\u2122 prior to 25.8, server-side validati ...)
- TODO: check
+ NOT-FOR-US: ScreenConnect
CVE-2025-14046 (An improper neutralization of input vulnerability was identified in Gi ...)
NOT-FOR-US: Github Enterprise Server
CVE-2025-13912 (Multiple constant-time implementations in wolfSSL before version 5.8.4 ...)
@@ -277,9 +277,9 @@ CVE-2025-13211 (IBM Aspera Orchestrator 4.0.0 through 4.1.0 could allow an authe
CVE-2025-13148 (IBM Aspera Orchestrator 4.0.0 through 4.1.0 could allow could an authe ...)
NOT-FOR-US: IBM
CVE-2025-13124 (Authorization Bypass Through User-Controlled Key vulnerability in Neti ...)
- TODO: check
+ NOT-FOR-US: ApplyLogic
CVE-2025-13003 (Authorization Bypass Through User-Controlled Key vulnerability in Aksi ...)
- TODO: check
+ NOT-FOR-US: AxOnboard
CVE-2025-12687 (A vulnerability in TeamViewer DEX Client (former 1E Client) - Content ...)
NOT-FOR-US: TeamViewer
CVE-2025-12532
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/1254c45bc0351afb13c74633e2d5a6f702bb9620
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/1254c45bc0351afb13c74633e2d5a6f702bb9620
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20251211/ce69deea/attachment.htm>
More information about the debian-security-tracker-commits
mailing list