[Git][security-tracker-team/security-tracker][master] Process some NFUs
Salvatore Bonaccorso (@carnil)
carnil at debian.org
Wed Dec 17 21:26:53 GMT 2025
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
9af3e090 by Salvatore Bonaccorso at 2025-12-17T22:26:27+01:00
Process some NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,23 +1,23 @@
CVE-2025-67895 (Edge3 Worker RPC RCE on Airflow 2. This issue affects Apache Airflow ...)
- TODO: check
+ NOT-FOR-US: Apache Airflow Providers Edge3
CVE-2025-67285 (A SQL injection vulnerability was found in the '/cts/admin/?page=zone' ...)
NOT-FOR-US: itsourcecode System
CVE-2025-67174 (A local file inclusion (LFI) vulnerability in RiteCMS v3.1.0 allows at ...)
- TODO: check
+ NOT-FOR-US: RiteCMS
CVE-2025-67173 (A Cross-Site Request Forgery (CSRF) in the page creation/editing funct ...)
- TODO: check
+ NOT-FOR-US: RiteCMS
CVE-2025-67172 (RiteCMS v3.1.0 was discovered to contain an authenticated remote code ...)
- TODO: check
+ NOT-FOR-US: RiteCMS
CVE-2025-67171 (Incorrect access control in the /templates/ component of RiteCMS v3.1. ...)
- TODO: check
+ NOT-FOR-US: RiteCMS
CVE-2025-67170 (A reflected cross-site scripting (XSS) vulnerability in RiteCMS v3.1.0 ...)
- TODO: check
+ NOT-FOR-US: RiteCMS
CVE-2025-67168 (RiteCMS v3.1.0 was discovered to use insecure encryption to store pass ...)
- TODO: check
+ NOT-FOR-US: RiteCMS
CVE-2025-67165 (An Insecure Direct Object Reference (IDOR) in Pagekit CMS v1.0.18 allo ...)
- TODO: check
+ NOT-FOR-US: Pagekit CMS
CVE-2025-67164 (An authenticated arbitrary file upload vulnerability in the /storage/p ...)
- TODO: check
+ NOT-FOR-US: Pagekit CMS
CVE-2025-67074 (A Buffer overflow vulnerability in function fromAdvSetMacMtuWan of bin ...)
NOT-FOR-US: Tenda
CVE-2025-67073 (A Buffer overflow vulnerability in function fromAdvSetMacMtuWan of bin ...)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/9af3e09095cbc5dad86eb4fd747b09c959d79b4d
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/9af3e09095cbc5dad86eb4fd747b09c959d79b4d
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20251217/e3b590c0/attachment-0001.htm>
More information about the debian-security-tracker-commits
mailing list