[Git][security-tracker-team/security-tracker][master] Process some NFUs
Salvatore Bonaccorso (@carnil)
carnil at debian.org
Tue Jul 8 21:44:04 BST 2025
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
81a59a35 by Salvatore Bonaccorso at 2025-07-08T22:43:44+02:00
Process some NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -88,141 +88,141 @@ CVE-2025-53480 (The CheckUser extension\u2019s Special:Investigate page has a vu
CVE-2025-53479 (The CheckUser extension\u2019s Special:CheckUser interface is vulnerab ...)
TODO: check
CVE-2025-53372 (node-code-sandbox-mcp is a Node.js\u2013based Model Context Protocol s ...)
- TODO: check
+ NOT-FOR-US: node-code-sandbox-mcp
CVE-2025-53355 (MCP Server Kubernetes is an MCP Server that can connect to a Kubernete ...)
- TODO: check
+ NOT-FOR-US: MCP Server Kubernetes
CVE-2025-50130 (A heap-based buffer overflow vulnerability exists in VS6Sim.exe contai ...)
- TODO: check
+ NOT-FOR-US: Fuji Electric
CVE-2025-4663 (An Improper Check for Unusual or Exceptional Conditions vulnerability ...)
NOT-FOR-US: Brocade
CVE-2025-49760 (External control of file name or path in Windows Storage allows an aut ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2025-49756 (Use of a broken or risky cryptographic algorithm in Office Developer P ...)
NOT-FOR-US: Microsoft
CVE-2025-49753 (Heap-based buffer overflow in Windows Routing and Remote Access Servic ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2025-49744 (Heap-based buffer overflow in Microsoft Graphics Component allows an a ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2025-49742 (Integer overflow or wraparound in Microsoft Graphics Component allows ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2025-49740 (Protection mechanism failure in Windows SmartScreen allows an unauthor ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2025-49739 (Improper link resolution before file access ('link following') in Visu ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2025-49738 (Improper link resolution before file access ('link following') in Micr ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2025-49737 (Concurrent execution using shared resource with improper synchronizati ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2025-49735 (Use after free in Windows KDC Proxy Service (KPSSVC) allows an unautho ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2025-49733 (Use after free in Windows Win32K - ICOMP allows an authorized attacker ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2025-49732 (Heap-based buffer overflow in Microsoft Graphics Component allows an a ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2025-49731 (Improper handling of insufficient permissions or privileges in Microso ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2025-49730 (Time-of-check time-of-use (toctou) race condition in Microsoft Windows ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2025-49729 (Heap-based buffer overflow in Windows Routing and Remote Access Servic ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2025-49727 (Heap-based buffer overflow in Windows Win32K - GRFX allows an authoriz ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2025-49726 (Use after free in Windows Notification allows an authorized attacker t ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2025-49725 (Use after free in Windows Notification allows an authorized attacker t ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2025-49724 (Use after free in Windows Connected Devices Platform Service allows an ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2025-49723 (Missing authorization in Windows StateRepository API allows an authori ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2025-49722 (Uncontrolled resource consumption in Windows Print Spooler Components ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2025-49721 (Heap-based buffer overflow in Windows Fast FAT Driver allows an unauth ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2025-49719 (Improper input validation in SQL Server allows an unauthorized attacke ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2025-49718 (Use of uninitialized resource in SQL Server allows an unauthorized att ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2025-49717 (Heap-based buffer overflow in SQL Server allows an authorized attacker ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2025-49716 (Uncontrolled resource consumption in Windows Netlogon allows an unauth ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2025-49714 (Trust boundary violation in Visual Studio Code - Python extension allo ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2025-49711 (Use after free in Microsoft Office Excel allows an unauthorized attack ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2025-49706 (Improper authentication in Microsoft Office SharePoint allows an autho ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2025-49705 (Heap-based buffer overflow in Microsoft Office PowerPoint allows an un ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2025-49704 (Improper control of generation of code ('code injection') in Microsoft ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2025-49703 (Use after free in Microsoft Office Word allows an unauthorized attacke ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2025-49702 (Access of resource using incompatible type ('type confusion') in Micro ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2025-49701 (Improper authorization in Microsoft Office SharePoint allows an author ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2025-49700 (Use after free in Microsoft Office Word allows an unauthorized attacke ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2025-49699 (Use after free in Microsoft Office allows an unauthorized attacker to ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2025-49698 (Use after free in Microsoft Office Word allows an unauthorized attacke ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2025-49697 (Heap-based buffer overflow in Microsoft Office allows an unauthorized ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2025-49696 (Out-of-bounds read in Microsoft Office allows an unauthorized attacker ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2025-49695 (Use after free in Microsoft Office allows an unauthorized attacker to ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2025-49694 (Null pointer dereference in Microsoft Brokering File System allows an ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2025-49693 (Double free in Microsoft Brokering File System allows an authorized at ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2025-49691 (Heap-based buffer overflow in Windows Media allows an unauthorized att ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2025-49690 (Concurrent execution using shared resource with improper synchronizati ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2025-49689 (Integer overflow or wraparound in Virtual Hard Disk (VHDX) allows an u ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2025-49688 (Double free in Windows Routing and Remote Access Service (RRAS) allows ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2025-49687 (Out-of-bounds read in Microsoft Input Method Editor (IME) allows an au ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2025-49686 (Null pointer dereference in Windows TCP/IP allows an authorized attack ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2025-49685 (Use after free in Microsoft Windows Search Component allows an authori ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2025-49684 (Buffer over-read in Storage Port Driver allows an authorized attacker ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2025-49683 (Integer overflow or wraparound in Virtual Hard Disk (VHDX) allows an u ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2025-49682 (Use after free in Windows Media allows an authorized attacker to eleva ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2025-49681 (Out-of-bounds read in Windows Routing and Remote Access Service (RRAS) ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2025-49680 (Improper link resolution before file access ('link following') in Wind ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2025-49679 (Numeric truncation error in Windows Shell allows an authorized attacke ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2025-49678 (Null pointer dereference in Windows NTFS allows an authorized attacker ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2025-49677 (Use after free in Microsoft Brokering File System allows an authorized ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2025-49676 (Heap-based buffer overflow in Windows Routing and Remote Access Servic ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2025-49675 (Use after free in Kernel Streaming WOW Thunk Service Driver allows an ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2025-49674 (Heap-based buffer overflow in Windows Routing and Remote Access Servic ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2025-49673 (Heap-based buffer overflow in Windows Routing and Remote Access Servic ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2025-49672 (Heap-based buffer overflow in Windows Routing and Remote Access Servic ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2025-49671 (Exposure of sensitive information to an unauthorized actor in Windows ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2025-49670 (Heap-based buffer overflow in Windows Routing and Remote Access Servic ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2025-49669 (Heap-based buffer overflow in Windows Routing and Remote Access Servic ...)
TODO: check
CVE-2025-49668 (Heap-based buffer overflow in Windows Routing and Remote Access Servic ...)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/81a59a352bba3f94083ed0d431fdc741fe956f63
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/81a59a352bba3f94083ed0d431fdc741fe956f63
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20250708/67853ada/attachment-0001.htm>
More information about the debian-security-tracker-commits
mailing list