[Git][security-tracker-team/security-tracker][master] Process some NFUs

Salvatore Bonaccorso (@carnil) carnil at debian.org
Mon Nov 10 09:08:27 GMT 2025 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
cbf5cbfa by Salvatore Bonaccorso at 2025-11-10T10:07:57+01:00
Process some NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -5,7 +5,7 @@ CVE-2025-59777 (NULL pointer dereference vulnerability exists in GNU libmicrohtt
 	- libmicrohttpd <unfixed>
 	NOTE: Fixed by: https://git.gnunet.org/libmicrohttpd.git/commit/?id=ff13abc1c1d7d2b30d69d5c0bd4a237e1801c50b
 CVE-2025-41731 (A vulnerability was identified in the password generation algorithm wh ...)
-	TODO: check
+	NOT-FOR-US: Jumo
 CVE-2025-12933 (A vulnerability was identified in SourceCodester Baby Care System 1.0. ...)
 	NOT-FOR-US: SourceCodester
 CVE-2025-12932 (A vulnerability was determined in SourceCodester Baby Care System 1.0. ...)
@@ -17,33 +17,33 @@ CVE-2025-12930 (A vulnerability has been found in SourceCodester Food Ordering S
 CVE-2025-12929 (A flaw has been found in SourceCodester Survey Application System 1.0. ...)
 	NOT-FOR-US: SourceCodester
 CVE-2025-12928 (A vulnerability was detected in code-projects Online Job Search Engine ...)
-	TODO: check
+	NOT-FOR-US: code-projects Online Job Search Engine
 CVE-2025-12927 (A security vulnerability has been detected in DedeBIZ up to 6.3.2. The ...)
-	TODO: check
+	NOT-FOR-US: DedeBIZ
 CVE-2025-12926 (A weakness has been identified in SourceCodester Farm Management Syste ...)
 	NOT-FOR-US: SourceCodester
 CVE-2025-12925 (A security flaw has been discovered in rymcu forest up to de53ce79db9f ...)
-	TODO: check
+	NOT-FOR-US: rymcu
 CVE-2025-12924 (A vulnerability was identified in rymcu forest up to de53ce79db9faa2ef ...)
-	TODO: check
+	NOT-FOR-US: rymcu
 CVE-2025-12923 (A vulnerability was determined in liweiyi ChestnutCMS up to 1.5.8. Thi ...)
-	TODO: check
+	NOT-FOR-US: ChestnutCMS
 CVE-2025-12922 (A vulnerability was found in OpenClinica Community Edition up to 3.12. ...)
-	TODO: check
+	NOT-FOR-US: OpenClinica Community Edition
 CVE-2025-12921 (A vulnerability has been found in OpenClinica Community Edition up to  ...)
-	TODO: check
+	NOT-FOR-US: OpenClinica Community Edition
 CVE-2025-12920 (A flaw has been found in qianfox FoxCMS up to 1.2.16. Affected by this ...)
-	TODO: check
+	NOT-FOR-US: qianfox FoxCMS
 CVE-2025-12868 (New Site Server developed by CyberTutor has a Use of Client-Side Authe ...)
-	TODO: check
+	NOT-FOR-US: CyberTutor
 CVE-2025-12867 (EIP Plus developed by Hundred Plus has an Arbitrary File Uplaod vulner ...)
-	TODO: check
+	NOT-FOR-US: EIP Plus
 CVE-2025-12866 (EIP Plus developed by Hundred Plus has a Weak Password Recovery Mechan ...)
-	TODO: check
+	NOT-FOR-US: EIP Plus
 CVE-2025-12865 (U-Office Force developed by e-Excellence has a SQL Injection vulnerabi ...)
-	TODO: check
+	NOT-FOR-US: U-Office Force
 CVE-2025-12864 (U-Office Force developed by e-Excellence has a SQL Injection vulnerabi ...)
-	TODO: check
+	NOT-FOR-US: U-Office Force
 CVE-2025-12613 (Versions of the package cloudinary before 2.7.0 are vulnerable to Arbi ...)
 	TODO: check
 CVE-2025-XXXX [GHSA-56mx-8g9f-5crf]
@@ -53,7 +53,7 @@ CVE-2025-XXXX [GHSA-56mx-8g9f-5crf]
 	NOTE: https://github.com/lxc/incus/issues/2641
 	NOTE: https://github.com/lxc/incus/pull/2642
 CVE-2025-12919 (A vulnerability was detected in EverShop up to 2.0.1. Affected is an u ...)
-	TODO: check
+	NOT-FOR-US: EverShop
 CVE-2025-12918 (A security flaw has been discovered in yungifez Skuul School Managemen ...)
 	NOT-FOR-US: yungifez Skuul School Management System
 CVE-2025-12917 (A vulnerability was identified in TOZED ZLT T10 T10PLUS_3.04.15. The a ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/cbf5cbfa71317ba4e1a68b0d5732cb1bfda9b168

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/cbf5cbfa71317ba4e1a68b0d5732cb1bfda9b168
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20251110/2e439a4c/attachment.htm>

More information about the debian-security-tracker-commits mailing list