[Git][security-tracker-team/security-tracker][master] 3 commits: Process some NFUs
Salvatore Bonaccorso (@carnil)
carnil at debian.org
Tue Jul 15 22:12:38 BST 2025
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
3974303b by Salvatore Bonaccorso at 2025-07-15T23:12:19+02:00
Process some NFUs
- - - - -
1a431c1f by Salvatore Bonaccorso at 2025-07-15T23:12:21+02:00
Add new CVEs for Oracle MySQL
- - - - -
8783da8d by Salvatore Bonaccorso at 2025-07-15T23:12:23+02:00
Add two Tiki Wiki CMS issues
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -29,15 +29,15 @@ CVE-2025-53903 (The Scratch Channel is a news website that is under development
CVE-2025-53895 (ZITADEL is an open source identity management system. Starting in vers ...)
NOT-FOR-US: Zitadel
CVE-2025-53893 (File Browser provides a file managing interface within a specified dir ...)
- TODO: check
+ NOT-FOR-US: filebrowser
CVE-2025-53826 (File Browser provides a file managing interface within a specified dir ...)
- TODO: check
+ NOT-FOR-US: filebrowser
CVE-2025-53622 (DSpace open source software is a repository application which provides ...)
- TODO: check
+ NOT-FOR-US: DSpace
CVE-2025-53621 (DSpace open source software is a repository application which provides ...)
- TODO: check
+ NOT-FOR-US: DSpace
CVE-2025-53032 (Vulnerability in the MySQL Server product of Oracle MySQL (component: ...)
- TODO: check
+ - mysql-8.0 <not-affected> (Only affects MySQL 9)
CVE-2025-53031 (Vulnerability in the Oracle Financial Services Analytical Applications ...)
NOT-FOR-US: Oracle
CVE-2025-53030 (Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualiza ...)
@@ -62,7 +62,7 @@ CVE-2025-53024 (Vulnerability in the Oracle VM VirtualBox product of Oracle Virt
- virtualbox <unfixed>
NOTE: https://www.oracle.com/security-alerts/cpujul2025.html#AppendixOVIR
CVE-2025-53023 (Vulnerability in the MySQL Server product of Oracle MySQL (component: ...)
- TODO: check
+ - mysql-8.0 <unfixed>
CVE-2025-52379 (Nexxt Solutions NCM-X1800 Mesh Router firmware UV1.2.7 and below conta ...)
NOT-FOR-US: Nexxt Solutions NCM-X1800 Mesh Router firmware
CVE-2025-52378 (Cross-Site Scripting (XSS) vulnerability in Nexxt Solutions NCM-X1800 ...)
@@ -88,63 +88,63 @@ CVE-2025-50106 (Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Ora
CVE-2025-50105 (Vulnerability in the Oracle Universal Work Queue product of Oracle E-B ...)
NOT-FOR-US: Oracle
CVE-2025-50104 (Vulnerability in the MySQL Server product of Oracle MySQL (component: ...)
- TODO: check
+ - mysql-8.0 <unfixed>
CVE-2025-50103 (Vulnerability in the MySQL Server product of Oracle MySQL (component: ...)
- TODO: check
+ - mysql-8.0 <not-affected> (Only affects MySQL 9)
CVE-2025-50102 (Vulnerability in the MySQL Server product of Oracle MySQL (component: ...)
- TODO: check
+ - mysql-8.0 <unfixed>
CVE-2025-50101 (Vulnerability in the MySQL Server product of Oracle MySQL (component: ...)
- TODO: check
+ - mysql-8.0 <unfixed>
CVE-2025-50100 (Vulnerability in the MySQL Server product of Oracle MySQL (component: ...)
- TODO: check
+ - mysql-8.0 <unfixed>
CVE-2025-50099 (Vulnerability in the MySQL Server product of Oracle MySQL (component: ...)
- TODO: check
+ - mysql-8.0 <unfixed>
CVE-2025-50098 (Vulnerability in the MySQL Server product of Oracle MySQL (component: ...)
- TODO: check
+ - mysql-8.0 <unfixed>
CVE-2025-50097 (Vulnerability in the MySQL Server product of Oracle MySQL (component: ...)
- TODO: check
+ - mysql-8.0 <unfixed>
CVE-2025-50096 (Vulnerability in the MySQL Server product of Oracle MySQL (component: ...)
- TODO: check
+ - mysql-8.0 <unfixed>
CVE-2025-50095 (Vulnerability in the MySQL Server product of Oracle MySQL (component: ...)
- TODO: check
+ - mysql-8.0 <not-affected> (Only affects MySQL 9)
CVE-2025-50094 (Vulnerability in the MySQL Server product of Oracle MySQL (component: ...)
- TODO: check
+ - mysql-8.0 <unfixed>
CVE-2025-50093 (Vulnerability in the MySQL Server product of Oracle MySQL (component: ...)
- TODO: check
+ - mysql-8.0 <unfixed>
CVE-2025-50092 (Vulnerability in the MySQL Server product of Oracle MySQL (component: ...)
- TODO: check
+ - mysql-8.0 <unfixed>
CVE-2025-50091 (Vulnerability in the MySQL Server product of Oracle MySQL (component: ...)
- TODO: check
+ - mysql-8.0 <unfixed>
CVE-2025-50090 (Vulnerability in the Oracle Applications Framework product of Oracle E ...)
NOT-FOR-US: Oracle
CVE-2025-50089 (Vulnerability in the MySQL Server product of Oracle MySQL (component: ...)
- TODO: check
+ - mysql-8.0 <not-affected> (Only affects MySQL 9)
CVE-2025-50088 (Vulnerability in the MySQL Server product of Oracle MySQL (component: ...)
- TODO: check
+ - mysql-8.0 <unfixed>
CVE-2025-50087 (Vulnerability in the MySQL Server product of Oracle MySQL (component: ...)
- TODO: check
+ - mysql-8.0 <unfixed>
CVE-2025-50086 (Vulnerability in the MySQL Server product of Oracle MySQL (component: ...)
- TODO: check
+ - mysql-8.0 <unfixed>
CVE-2025-50085 (Vulnerability in the MySQL Server product of Oracle MySQL (component: ...)
- TODO: check
+ - mysql-8.0 <unfixed>
CVE-2025-50084 (Vulnerability in the MySQL Server product of Oracle MySQL (component: ...)
- TODO: check
+ - mysql-8.0 <unfixed>
CVE-2025-50083 (Vulnerability in the MySQL Server product of Oracle MySQL (component: ...)
- TODO: check
+ - mysql-8.0 <unfixed>
CVE-2025-50082 (Vulnerability in the MySQL Server product of Oracle MySQL (component: ...)
- TODO: check
+ - mysql-8.0 <unfixed>
CVE-2025-50081 (Vulnerability in the MySQL Client product of Oracle MySQL (component: ...)
- TODO: check
+ - mysql-8.0 <unfixed>
CVE-2025-50080 (Vulnerability in the MySQL Server product of Oracle MySQL (component: ...)
- TODO: check
+ - mysql-8.0 <unfixed>
CVE-2025-50079 (Vulnerability in the MySQL Server product of Oracle MySQL (component: ...)
- TODO: check
+ - mysql-8.0 <unfixed>
CVE-2025-50078 (Vulnerability in the MySQL Server product of Oracle MySQL (component: ...)
- TODO: check
+ - mysql-8.0 <unfixed>
CVE-2025-50077 (Vulnerability in the MySQL Server product of Oracle MySQL (component: ...)
- TODO: check
+ - mysql-8.0 <unfixed>
CVE-2025-50076 (Vulnerability in the MySQL Server product of Oracle MySQL (component: ...)
- TODO: check
+ - mysql-8.0 8.0.28-1
CVE-2025-50073 (Vulnerability in the Oracle WebLogic Server product of Oracle Fusion M ...)
NOT-FOR-US: Oracle
CVE-2025-50072 (Vulnerability in the Oracle WebLogic Server product of Oracle Fusion M ...)
@@ -196,17 +196,17 @@ CVE-2025-41237 (VMware ESXi,Workstation, and Fusioncontain an integer-underflow
CVE-2025-41236 (VMware ESXi, Workstation, and Fusion contain an integer-overflow vulne ...)
TODO: check
CVE-2025-34116 (A remote command execution vulnerability exists in IPFire before versi ...)
- TODO: check
+ NOT-FOR-US: IPFire
CVE-2025-34115 (An authenticated command injection vulnerability exists in OP5 Monitor ...)
TODO: check
CVE-2025-34113 (An authenticated command injection vulnerability exists in Tiki Wiki C ...)
- TODO: check
+ - tikiwiki <removed>
CVE-2025-34112 (An authenticated multi-stage remote code execution vulnerability exist ...)
- TODO: check
+ NOT-FOR-US: Riverbed SteelCentral NetProfiler and NetExpress
CVE-2025-34111 (An unauthenticated arbitrary file upload vulnerability exists in Tiki ...)
- TODO: check
+ - tikiwiki <removed>
CVE-2025-34110 (A directory traversal vulnerability exists in ColoradoFTP Server \u226 ...)
- TODO: check
+ NOT-FOR-US: ColoradoFTP Server
CVE-2025-34109 (PSEvents.exe in multiple Panda Security products runs hourly with SYST ...)
TODO: check
CVE-2025-34108 (A stack-based buffer overflow vulnerability exists in the login functi ...)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/bfd33bdc3148f0a0ab4326687faea725bbf66ad1...8783da8db791cdcaf86d02b5d48b5b7efc85d4d2
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/bfd33bdc3148f0a0ab4326687faea725bbf66ad1...8783da8db791cdcaf86d02b5d48b5b7efc85d4d2
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20250715/1796229a/attachment-0001.htm>
More information about the debian-security-tracker-commits
mailing list