[Git][security-tracker-team/security-tracker][master] Process some NFUs
Salvatore Bonaccorso (@carnil)
carnil at debian.org
Fri May 23 21:26:26 BST 2025
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
9ab77aeb by Salvatore Bonaccorso at 2025-05-23T22:26:04+02:00
Process some NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,31 +1,31 @@
CVE-2025-5114 (A vulnerability has been found in easysoft zentaopms 21.5_20250307 and ...)
- TODO: check
+ NOT-FOR-US: easysoft zentaopms
CVE-2025-5112 (A vulnerability, which was classified as critical, was found in FreeFl ...)
- TODO: check
+ NOT-FOR-US: FreeFloat FTP Server
CVE-2025-5111 (A vulnerability, which was classified as critical, has been found in F ...)
- TODO: check
+ NOT-FOR-US: FreeFloat FTP Server
CVE-2025-5110 (A vulnerability classified as critical was found in FreeFloat FTP Serv ...)
- TODO: check
+ NOT-FOR-US: FreeFloat FTP Server
CVE-2025-5109 (A vulnerability classified as critical has been found in FreeFloat FTP ...)
- TODO: check
+ NOT-FOR-US: FreeFloat FTP Server
CVE-2025-5108 (A vulnerability was found in zongzhige ShopXO 6.5.0. It has been rated ...)
- TODO: check
+ NOT-FOR-US: zongzhige ShopXO
CVE-2025-5107 (A vulnerability was found in Fujian Kelixun 1.0. It has been declared ...)
- TODO: check
+ NOT-FOR-US: Fujian Kelixun
CVE-2025-5106 (A vulnerability was found in Fujian Kelixun 1.0. It has been classifie ...)
- TODO: check
+ NOT-FOR-US: Fujian Kelixun
CVE-2025-5105 (A vulnerability was found in TOZED ZLT W51 up to 1.4.2 and classified ...)
- TODO: check
+ NOT-FOR-US: TOZED ZLT W51
CVE-2025-5100 (A double-free condition occurs during the cleanup of temporary image f ...)
- TODO: check
+ NOT-FOR-US: Mobile Dynamix
CVE-2025-5099 (An Out of Bounds Write occurs when the native library attempts PDF ren ...)
- TODO: check
+ NOT-FOR-US: Mobile Dynamix
CVE-2025-5098 (PrinterShare Android application allows the capture of Gmail authentic ...)
- TODO: check
+ NOT-FOR-US: Mobile Dynamix
CVE-2025-5096 (The TablePress plugin for WordPress is vulnerable to DOM-Based Stored ...)
NOT-FOR-US: WordPress plugin
CVE-2025-4975 (When a notification relating to low battery appears for a user with wh ...)
- TODO: check
+ NOT-FOR-US: TP-Link
CVE-2025-4692 (Actors can use a maliciously crafted JavaScript object notation (JSON) ...)
TODO: check
CVE-2025-4642
@@ -39,33 +39,33 @@ CVE-2025-4379 (DobryCMS in versions 2.* and lower is vulnerable to Reflected Cro
CVE-2025-4338 (Lantronix Device installer is vulnerable to XML external entity (XXE) ...)
TODO: check
CVE-2025-48741 (A Broken Access Control vulnerability in StrangeBee TheHive 5.2.0 befo ...)
- TODO: check
+ NOT-FOR-US: StrangeBee TheHive
CVE-2025-48740 (A Cross-Site Request Forgery (CSRF) vulnerability in StrangeBee TheHiv ...)
- TODO: check
+ NOT-FOR-US: StrangeBee TheHive
CVE-2025-48735 (A SQL Injection issue in the request body processing in BOS IPCs with ...)
- TODO: check
+ NOT-FOR-US: BOS
CVE-2025-48708 (gs_lib_ctx_stash_sanitized_arg in base/gslibctx.c in Artifex Ghostscri ...)
TODO: check
CVE-2025-48701 (openDCIM through 23.04 allows SQL injection in people_depts.php becaus ...)
- TODO: check
+ NOT-FOR-US: openDCIM
CVE-2025-48695 (An issue was discovered in CyberDAVA before 1.1.20. A privilege escala ...)
- TODO: check
+ NOT-FOR-US: CyberDAVA
CVE-2025-48378 (DNN (formerly DotNetNuke) is an open-source web content management pla ...)
- TODO: check
+ NOT-FOR-US: DNN (formerly DotNetNuke)
CVE-2025-48377 (DNN (formerly DotNetNuke) is an open-source web content management pla ...)
- TODO: check
+ NOT-FOR-US: DNN (formerly DotNetNuke)
CVE-2025-48376 (DNN (formerly DotNetNuke) is an open-source web content management pla ...)
- TODO: check
+ NOT-FOR-US: DNN (formerly DotNetNuke)
CVE-2025-48375 (Schule is open-source school management system software. Prior to vers ...)
- TODO: check
+ NOT-FOR-US: Schule open-source school management system
CVE-2025-48374 (zot is ancontainer image/artifact registry based on the Open Container ...)
TODO: check
CVE-2025-48373 (Schule is open-source school management system software. The applicati ...)
- TODO: check
+ NOT-FOR-US: Schule open-source school management system
CVE-2025-48372 (Schule is open-source school management system software. The generateO ...)
- TODO: check
+ NOT-FOR-US: Schule open-source school management system
CVE-2025-48371 (OpenFGA is an authorization/permission engine. OpenFGA versions 1.8.0 ...)
- TODO: check
+ NOT-FOR-US: OpenFGA
CVE-2025-48292 (Improper Control of Filename for Include/Require Statement in PHP Prog ...)
NOT-FOR-US: WordPress plugin or theme
CVE-2025-48289 (Deserialization of Untrusted Data vulnerability in AncoraThemes Kids P ...)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/9ab77aebe775bcf9dc9e3260c486715fd5b3337d
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/9ab77aebe775bcf9dc9e3260c486715fd5b3337d
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20250523/cb444dba/attachment.htm>
More information about the debian-security-tracker-commits
mailing list