[Git][security-tracker-team/security-tracker][master] Process some NFUs

Salvatore Bonaccorso (@carnil) carnil at debian.org
Tue Jul 8 21:44:04 BST 2025



Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
81a59a35 by Salvatore Bonaccorso at 2025-07-08T22:43:44+02:00
Process some NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -88,141 +88,141 @@ CVE-2025-53480 (The CheckUser extension\u2019s Special:Investigate page has a vu
 CVE-2025-53479 (The CheckUser extension\u2019s Special:CheckUser interface is vulnerab ...)
 	TODO: check
 CVE-2025-53372 (node-code-sandbox-mcp is a Node.js\u2013based Model Context Protocol s ...)
-	TODO: check
+	NOT-FOR-US: node-code-sandbox-mcp
 CVE-2025-53355 (MCP Server Kubernetes is an MCP Server that can connect to a Kubernete ...)
-	TODO: check
+	NOT-FOR-US: MCP Server Kubernetes
 CVE-2025-50130 (A heap-based buffer overflow vulnerability exists in VS6Sim.exe contai ...)
-	TODO: check
+	NOT-FOR-US: Fuji Electric
 CVE-2025-4663 (An Improper Check for Unusual or  Exceptional Conditions vulnerability ...)
 	NOT-FOR-US: Brocade
 CVE-2025-49760 (External control of file name or path in Windows Storage allows an aut ...)
-	TODO: check
+	NOT-FOR-US: Microsoft
 CVE-2025-49756 (Use of a broken or risky cryptographic algorithm in Office Developer P ...)
 	NOT-FOR-US: Microsoft
 CVE-2025-49753 (Heap-based buffer overflow in Windows Routing and Remote Access Servic ...)
-	TODO: check
+	NOT-FOR-US: Microsoft
 CVE-2025-49744 (Heap-based buffer overflow in Microsoft Graphics Component allows an a ...)
-	TODO: check
+	NOT-FOR-US: Microsoft
 CVE-2025-49742 (Integer overflow or wraparound in Microsoft Graphics Component allows  ...)
-	TODO: check
+	NOT-FOR-US: Microsoft
 CVE-2025-49740 (Protection mechanism failure in Windows SmartScreen allows an unauthor ...)
-	TODO: check
+	NOT-FOR-US: Microsoft
 CVE-2025-49739 (Improper link resolution before file access ('link following') in Visu ...)
-	TODO: check
+	NOT-FOR-US: Microsoft
 CVE-2025-49738 (Improper link resolution before file access ('link following') in Micr ...)
-	TODO: check
+	NOT-FOR-US: Microsoft
 CVE-2025-49737 (Concurrent execution using shared resource with improper synchronizati ...)
-	TODO: check
+	NOT-FOR-US: Microsoft
 CVE-2025-49735 (Use after free in Windows KDC Proxy Service (KPSSVC) allows an unautho ...)
-	TODO: check
+	NOT-FOR-US: Microsoft
 CVE-2025-49733 (Use after free in Windows Win32K - ICOMP allows an authorized attacker ...)
-	TODO: check
+	NOT-FOR-US: Microsoft
 CVE-2025-49732 (Heap-based buffer overflow in Microsoft Graphics Component allows an a ...)
-	TODO: check
+	NOT-FOR-US: Microsoft
 CVE-2025-49731 (Improper handling of insufficient permissions or privileges in Microso ...)
-	TODO: check
+	NOT-FOR-US: Microsoft
 CVE-2025-49730 (Time-of-check time-of-use (toctou) race condition in Microsoft Windows ...)
-	TODO: check
+	NOT-FOR-US: Microsoft
 CVE-2025-49729 (Heap-based buffer overflow in Windows Routing and Remote Access Servic ...)
-	TODO: check
+	NOT-FOR-US: Microsoft
 CVE-2025-49727 (Heap-based buffer overflow in Windows Win32K - GRFX allows an authoriz ...)
-	TODO: check
+	NOT-FOR-US: Microsoft
 CVE-2025-49726 (Use after free in Windows Notification allows an authorized attacker t ...)
-	TODO: check
+	NOT-FOR-US: Microsoft
 CVE-2025-49725 (Use after free in Windows Notification allows an authorized attacker t ...)
-	TODO: check
+	NOT-FOR-US: Microsoft
 CVE-2025-49724 (Use after free in Windows Connected Devices Platform Service allows an ...)
-	TODO: check
+	NOT-FOR-US: Microsoft
 CVE-2025-49723 (Missing authorization in Windows StateRepository API allows an authori ...)
-	TODO: check
+	NOT-FOR-US: Microsoft
 CVE-2025-49722 (Uncontrolled resource consumption in Windows Print Spooler Components  ...)
-	TODO: check
+	NOT-FOR-US: Microsoft
 CVE-2025-49721 (Heap-based buffer overflow in Windows Fast FAT Driver allows an unauth ...)
-	TODO: check
+	NOT-FOR-US: Microsoft
 CVE-2025-49719 (Improper input validation in SQL Server allows an unauthorized attacke ...)
-	TODO: check
+	NOT-FOR-US: Microsoft
 CVE-2025-49718 (Use of uninitialized resource in SQL Server allows an unauthorized att ...)
-	TODO: check
+	NOT-FOR-US: Microsoft
 CVE-2025-49717 (Heap-based buffer overflow in SQL Server allows an authorized attacker ...)
-	TODO: check
+	NOT-FOR-US: Microsoft
 CVE-2025-49716 (Uncontrolled resource consumption in Windows Netlogon allows an unauth ...)
-	TODO: check
+	NOT-FOR-US: Microsoft
 CVE-2025-49714 (Trust boundary violation in Visual Studio Code - Python extension allo ...)
-	TODO: check
+	NOT-FOR-US: Microsoft
 CVE-2025-49711 (Use after free in Microsoft Office Excel allows an unauthorized attack ...)
-	TODO: check
+	NOT-FOR-US: Microsoft
 CVE-2025-49706 (Improper authentication in Microsoft Office SharePoint allows an autho ...)
-	TODO: check
+	NOT-FOR-US: Microsoft
 CVE-2025-49705 (Heap-based buffer overflow in Microsoft Office PowerPoint allows an un ...)
-	TODO: check
+	NOT-FOR-US: Microsoft
 CVE-2025-49704 (Improper control of generation of code ('code injection') in Microsoft ...)
-	TODO: check
+	NOT-FOR-US: Microsoft
 CVE-2025-49703 (Use after free in Microsoft Office Word allows an unauthorized attacke ...)
-	TODO: check
+	NOT-FOR-US: Microsoft
 CVE-2025-49702 (Access of resource using incompatible type ('type confusion') in Micro ...)
-	TODO: check
+	NOT-FOR-US: Microsoft
 CVE-2025-49701 (Improper authorization in Microsoft Office SharePoint allows an author ...)
-	TODO: check
+	NOT-FOR-US: Microsoft
 CVE-2025-49700 (Use after free in Microsoft Office Word allows an unauthorized attacke ...)
-	TODO: check
+	NOT-FOR-US: Microsoft
 CVE-2025-49699 (Use after free in Microsoft Office allows an unauthorized attacker to  ...)
-	TODO: check
+	NOT-FOR-US: Microsoft
 CVE-2025-49698 (Use after free in Microsoft Office Word allows an unauthorized attacke ...)
-	TODO: check
+	NOT-FOR-US: Microsoft
 CVE-2025-49697 (Heap-based buffer overflow in Microsoft Office allows an unauthorized  ...)
-	TODO: check
+	NOT-FOR-US: Microsoft
 CVE-2025-49696 (Out-of-bounds read in Microsoft Office allows an unauthorized attacker ...)
-	TODO: check
+	NOT-FOR-US: Microsoft
 CVE-2025-49695 (Use after free in Microsoft Office allows an unauthorized attacker to  ...)
-	TODO: check
+	NOT-FOR-US: Microsoft
 CVE-2025-49694 (Null pointer dereference in Microsoft Brokering File System allows an  ...)
-	TODO: check
+	NOT-FOR-US: Microsoft
 CVE-2025-49693 (Double free in Microsoft Brokering File System allows an authorized at ...)
-	TODO: check
+	NOT-FOR-US: Microsoft
 CVE-2025-49691 (Heap-based buffer overflow in Windows Media allows an unauthorized att ...)
-	TODO: check
+	NOT-FOR-US: Microsoft
 CVE-2025-49690 (Concurrent execution using shared resource with improper synchronizati ...)
-	TODO: check
+	NOT-FOR-US: Microsoft
 CVE-2025-49689 (Integer overflow or wraparound in Virtual Hard Disk (VHDX) allows an u ...)
-	TODO: check
+	NOT-FOR-US: Microsoft
 CVE-2025-49688 (Double free in Windows Routing and Remote Access Service (RRAS) allows ...)
-	TODO: check
+	NOT-FOR-US: Microsoft
 CVE-2025-49687 (Out-of-bounds read in Microsoft Input Method Editor (IME) allows an au ...)
-	TODO: check
+	NOT-FOR-US: Microsoft
 CVE-2025-49686 (Null pointer dereference in Windows TCP/IP allows an authorized attack ...)
-	TODO: check
+	NOT-FOR-US: Microsoft
 CVE-2025-49685 (Use after free in Microsoft Windows Search Component allows an authori ...)
-	TODO: check
+	NOT-FOR-US: Microsoft
 CVE-2025-49684 (Buffer over-read in Storage Port Driver allows an authorized attacker  ...)
-	TODO: check
+	NOT-FOR-US: Microsoft
 CVE-2025-49683 (Integer overflow or wraparound in Virtual Hard Disk (VHDX) allows an u ...)
-	TODO: check
+	NOT-FOR-US: Microsoft
 CVE-2025-49682 (Use after free in Windows Media allows an authorized attacker to eleva ...)
-	TODO: check
+	NOT-FOR-US: Microsoft
 CVE-2025-49681 (Out-of-bounds read in Windows Routing and Remote Access Service (RRAS) ...)
-	TODO: check
+	NOT-FOR-US: Microsoft
 CVE-2025-49680 (Improper link resolution before file access ('link following') in Wind ...)
-	TODO: check
+	NOT-FOR-US: Microsoft
 CVE-2025-49679 (Numeric truncation error in Windows Shell allows an authorized attacke ...)
-	TODO: check
+	NOT-FOR-US: Microsoft
 CVE-2025-49678 (Null pointer dereference in Windows NTFS allows an authorized attacker ...)
-	TODO: check
+	NOT-FOR-US: Microsoft
 CVE-2025-49677 (Use after free in Microsoft Brokering File System allows an authorized ...)
-	TODO: check
+	NOT-FOR-US: Microsoft
 CVE-2025-49676 (Heap-based buffer overflow in Windows Routing and Remote Access Servic ...)
-	TODO: check
+	NOT-FOR-US: Microsoft
 CVE-2025-49675 (Use after free in Kernel Streaming WOW Thunk Service Driver allows an  ...)
-	TODO: check
+	NOT-FOR-US: Microsoft
 CVE-2025-49674 (Heap-based buffer overflow in Windows Routing and Remote Access Servic ...)
-	TODO: check
+	NOT-FOR-US: Microsoft
 CVE-2025-49673 (Heap-based buffer overflow in Windows Routing and Remote Access Servic ...)
-	TODO: check
+	NOT-FOR-US: Microsoft
 CVE-2025-49672 (Heap-based buffer overflow in Windows Routing and Remote Access Servic ...)
-	TODO: check
+	NOT-FOR-US: Microsoft
 CVE-2025-49671 (Exposure of sensitive information to an unauthorized actor in Windows  ...)
-	TODO: check
+	NOT-FOR-US: Microsoft
 CVE-2025-49670 (Heap-based buffer overflow in Windows Routing and Remote Access Servic ...)
-	TODO: check
+	NOT-FOR-US: Microsoft
 CVE-2025-49669 (Heap-based buffer overflow in Windows Routing and Remote Access Servic ...)
 	TODO: check
 CVE-2025-49668 (Heap-based buffer overflow in Windows Routing and Remote Access Servic ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/81a59a352bba3f94083ed0d431fdc741fe956f63

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/81a59a352bba3f94083ed0d431fdc741fe956f63
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20250708/67853ada/attachment-0001.htm>


More information about the debian-security-tracker-commits mailing list