[Git][security-tracker-team/security-tracker][master] Process some NFUs
Salvatore Bonaccorso (@carnil)
carnil at debian.org
Sun Jul 20 21:26:31 BST 2025
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
9e0b3911 by Salvatore Bonaccorso at 2025-07-20T22:26:06+02:00
Process some NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,61 +1,61 @@
CVE-2025-7906 (A vulnerability was found in yangzongzhuan RuoYi up to 4.8.1 and class ...)
- TODO: check
+ NOT-FOR-US: yangzongzhuan RuoYi
CVE-2025-7905 (A vulnerability has been found in itsourcecode Insurance Management Sy ...)
NOT-FOR-US: itsourcecode System
CVE-2025-7904 (A vulnerability, which was classified as critical, was found in itsour ...)
NOT-FOR-US: itsourcecode System
CVE-2025-7903 (A vulnerability classified as problematic was found in yangzongzhuan R ...)
- TODO: check
+ NOT-FOR-US: yangzongzhuan RuoYi
CVE-2025-7902 (A vulnerability classified as problematic has been found in yangzongzh ...)
- TODO: check
+ NOT-FOR-US: yangzongzhuan RuoYi
CVE-2025-7901 (A vulnerability was found in yangzongzhuan RuoYi up to 4.8.1. It has b ...)
- TODO: check
+ NOT-FOR-US: yangzongzhuan RuoYi
CVE-2025-7898 (A vulnerability was found in Codecanyon iDentSoft 2.0. It has been cla ...)
- TODO: check
+ NOT-FOR-US: Codecanyon iDentSoft
CVE-2025-7897 (A vulnerability was found in harry0703 MoneyPrinterTurbo up to 1.2.6 a ...)
- TODO: check
+ NOT-FOR-US: harry0703 MoneyPrinterTurbo
CVE-2025-7896 (A vulnerability has been found in harry0703 MoneyPrinterTurbo up to 1. ...)
- TODO: check
+ NOT-FOR-US: harry0703 MoneyPrinterTurbo
CVE-2025-7895 (A vulnerability, which was classified as critical, was found in harry0 ...)
- TODO: check
+ NOT-FOR-US: harry0703 MoneyPrinterTurbo
CVE-2025-7894 (A vulnerability, which was classified as critical, has been found in O ...)
- TODO: check
+ NOT-FOR-US: Onyx
CVE-2025-7893 (A vulnerability classified as problematic was found in Foresight News ...)
- TODO: check
+ NOT-FOR-US: Foresight News App
CVE-2025-7892 (A vulnerability classified as problematic has been found in IDnow App ...)
- TODO: check
+ NOT-FOR-US: IDnow App
CVE-2025-7891 (A vulnerability was found in InstantBits Web Video Cast App up to 5.12 ...)
- TODO: check
+ NOT-FOR-US: InstantBits Web Video Cast App
CVE-2025-7890 (A vulnerability was found in Dunamu StockPlus App up to 7.62.10 on And ...)
- TODO: check
+ NOT-FOR-US: Dunamu StockPlus App
CVE-2025-7889 (A vulnerability was found in CallApp Caller ID App up to 2.0.4 on Andr ...)
- TODO: check
+ NOT-FOR-US: CallApp Caller ID App
CVE-2025-7888 (A vulnerability was found in TDuckCloud tduck-platform 5.1 and classif ...)
- TODO: check
+ NOT-FOR-US: TDuckCloud tduck-platform
CVE-2025-7887 (A vulnerability has been found in Zavy86 WikiDocs up to 1.0.78 and cla ...)
- TODO: check
+ NOT-FOR-US: Zavy86 WikiDocs
CVE-2025-7886 (A vulnerability, which was classified as critical, was found in pmTick ...)
- TODO: check
+ NOT-FOR-US: pmTicket Project-Management-Software
CVE-2025-7885 (A vulnerability, which was classified as problematic, has been found i ...)
- TODO: check
+ NOT-FOR-US: Huashengdun WebSSH
CVE-2025-7884 (A vulnerability classified as problematic was found in Eluktronics Con ...)
- TODO: check
+ NOT-FOR-US: Eluktronics Control Center
CVE-2025-7883 (A vulnerability classified as critical has been found in Eluktronics C ...)
- TODO: check
+ NOT-FOR-US: Eluktronics Control Center
CVE-2025-7882 (A vulnerability was found in Mercusys MW301R 1.0.2 Build 190726 Rel.59 ...)
- TODO: check
+ NOT-FOR-US: Mercusys MW301R
CVE-2025-7881 (A vulnerability was found in Mercusys MW301R 1.0.2 Build 190726 Rel.59 ...)
- TODO: check
+ NOT-FOR-US: Mercusys MW301R
CVE-2025-7880 (A vulnerability was found in Metasoft \u7f8e\u7279\u8f6f\u4ef6 MetaCRM ...)
- TODO: check
+ NOT-FOR-US: Metasoft
CVE-2025-7879 (A vulnerability has been found in Metasoft \u7f8e\u7279\u8f6f\u4ef6 Me ...)
- TODO: check
+ NOT-FOR-US: Metasoft
CVE-2025-7878 (A vulnerability, which was classified as critical, was found in Metaso ...)
- TODO: check
+ NOT-FOR-US: Metasoft
CVE-2025-54317 (An issue was discovered in Logpoint before 7.6.0. An attacker with ope ...)
- TODO: check
+ NOT-FOR-US: Logpoint
CVE-2025-54316 (An issue was discovered in Logpoint before 7.6.0. When creating report ...)
- TODO: check
+ NOT-FOR-US: Logpoint
CVE-2025-46385 (CWE-918 Server-Side Request Forgery (SSRF))
TODO: check
CVE-2025-46384 (CWE-434 Unrestricted Upload of File with Dangerous Type)
@@ -117,7 +117,7 @@ CVE-2025-7854 (A vulnerability classified as critical has been found in Tenda FH
CVE-2025-54314 (Thor before 1.4.0 can construct an unsafe shell command from library i ...)
TODO: check
CVE-2025-53770 (Deserialization of untrusted data in on-premises Microsoft SharePoint ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2025-XXXX [exposes .zip passwords while (un)archiving]
- krusader <unfixed> (bug #1108942)
CVE-2025-7853 (A vulnerability was found in Tenda FH451 1.0.0.9. It has been rated as ...)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/9e0b39117aaa2fb3819b080ecbf820187147b21e
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/9e0b39117aaa2fb3819b080ecbf820187147b21e
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20250720/ac82fa76/attachment.htm>
More information about the debian-security-tracker-commits
mailing list