[Git][security-tracker-team/security-tracker][master] Process some more NFUs
Salvatore Bonaccorso (@carnil)
carnil at debian.org
Tue Nov 11 21:20:32 GMT 2025
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
58fe2706 by Salvatore Bonaccorso at 2025-11-11T22:20:00+01:00
Process some more NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -185,23 +185,23 @@ CVE-2025-59505 (Double free in Windows Smart Card allows an authorized attacker
CVE-2025-59504 (Heap-based buffer overflow in Azure Monitor Agent allows an unauthoriz ...)
NOT-FOR-US: Microsoft
CVE-2025-59499 (Improper neutralization of special elements used in an sql command ('s ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2025-59240 (Exposure of sensitive information to an unauthorized actor in Microsof ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2025-47179 (Improper access control in Microsoft Configuration Manager allows an a ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2025-41106 (HTML injection vulnerability found in Fairsketch's RISE CRM Framework ...)
- TODO: check
+ NOT-FOR-US: Fairsketch's RISE CRM Framework
CVE-2025-41105 (HTML injection vulnerability found in Fairsketch's RISE CRM Framework ...)
- TODO: check
+ NOT-FOR-US: Fairsketch's RISE CRM Framework
CVE-2025-41104 (HTML injection vulnerability found in Fairsketch's RISE CRM Framework ...)
- TODO: check
+ NOT-FOR-US: Fairsketch's RISE CRM Framework
CVE-2025-41103 (HTML injection vulnerability found in Fairsketch's RISE CRM Framework ...)
- TODO: check
+ NOT-FOR-US: Fairsketch's RISE CRM Framework
CVE-2025-41102 (HTML injection vulnerability found in Fairsketch's RISE CRM Framework ...)
- TODO: check
+ NOT-FOR-US: Fairsketch's RISE CRM Framework
CVE-2025-41101 (HTML injection vulnerability found in Fairsketch's RISE CRM Framework ...)
- TODO: check
+ NOT-FOR-US: Fairsketch's RISE CRM Framework
CVE-2025-35972 (Uncontrolled search path for the Intel MPI Library before version 2021 ...)
TODO: check
CVE-2025-35971 (Out-of-bounds write for some Intel(R) PROSet/Wireless WiFi Software fo ...)
@@ -215,21 +215,21 @@ CVE-2025-35963 (Insufficient control flow management for some Intel(R) PROSet/Wi
CVE-2025-33202 (NVIDIA Triton Inference Server for Linux and Windows contains a vulner ...)
NOT-FOR-US: NVIDIA
CVE-2025-33186 (NVIDIA AIStore contains a vulnerability in AuthN. A successful exploit ...)
- TODO: check
+ NOT-FOR-US: NVIDIA AIStore
CVE-2025-33185 (NVIDIA AIStore contains a vulnerability in AuthN where an unauthentica ...)
- TODO: check
+ NOT-FOR-US: NVIDIA AIStore
CVE-2025-33178 (NVIDIA NeMo Framework for all platforms contains a vulnerability in th ...)
NOT-FOR-US: NVIDIA
CVE-2025-33029 (Out-of-bounds write for some Intel(R) PROSet/Wireless WiFi Software fo ...)
NOT-FOR-US: Intel
CVE-2025-33000 (Improper input validation for some Intel QuickAssist Technology before ...)
- TODO: check
+ NOT-FOR-US: Intel
CVE-2025-32732 (Buffer overflow for some Intel(R) QAT Windows software before version ...)
NOT-FOR-US: Intel
CVE-2025-32449 (Unquoted search path for some PRI Driver software before version 03.03 ...)
TODO: check
CVE-2025-32446 (Untrusted pointer dereference for some Intel QuickAssist Technology so ...)
- TODO: check
+ NOT-FOR-US: Intel
CVE-2025-32091 (Incorrect default permissions in some firmware for the Intel(R) Arc(TM ...)
TODO: check
CVE-2025-32088 (Improper conditions check for some Intel(R) QAT Windows software befor ...)
@@ -257,11 +257,11 @@ CVE-2025-31146 (Time-of-check time-of-use race condition for some Intel Ethernet
CVE-2025-30518 (Incorrect default permissions for some Intel(R) PresentMon before vers ...)
NOT-FOR-US: Intel
CVE-2025-30509 (Improper input validation for some Intel QuickAssist Technology softwa ...)
- TODO: check
+ NOT-FOR-US: Intel
CVE-2025-30506 (Uncontrolled search path for some Intel Driver and Support Assistant b ...)
NOT-FOR-US: Intel
CVE-2025-30398 (Missing authorization in Nuance PowerScribe allows an unauthorized att ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2025-30255 (Out-of-bounds write for some Intel(R) PROSet/Wireless WiFi Software fo ...)
NOT-FOR-US: Intel
CVE-2025-30185 (Active debug code for some Intel UEFI reference platforms within Ring ...)
@@ -343,7 +343,7 @@ CVE-2025-20050 (Uncontrolled search path for some Intel(R) CIP software before v
CVE-2025-20010 (Use of unmaintained third party components for some Intel(R) Processor ...)
NOT-FOR-US: Intel
CVE-2025-13032 (Double fetch in sandbox kernel driver in Avast/AVG Antivirus <25.3 on ...)
- TODO: check
+ NOT-FOR-US: Avast/AVG Antivirus
CVE-2025-13027 (Memory safety bugs present in Firefox 144 and Thunderbird 144. Some of ...)
TODO: check
CVE-2025-12953 (The Classified Listing \u2013 AI-Powered Classified ads & Business Dir ...)
@@ -369,9 +369,9 @@ CVE-2025-12539 (The TNC Toolbox: Web Performance plugin for WordPress is vulnera
CVE-2025-12101 (Cross-Site Scripting (XSS)inNetScaler ADC and NetScaler Gateway whenth ...)
NOT-FOR-US: Citrix
CVE-2025-11960 (Improper Neutralization of Input During Web Page Generation (XSS or 'C ...)
- TODO: check
+ NOT-FOR-US: KVKNET
CVE-2025-11959 (Files or Directories Accessible to External Parties, Exposure of Priva ...)
- TODO: check
+ NOT-FOR-US: Excavation Management Information System
CVE-2025-11862 (A security issue was discovered within Verve Asset Manager allowing un ...)
NOT-FOR-US: Rockwell Automation
CVE-2025-11697 (A local code execution security issue exists within Studio 5000\xae Si ...)
@@ -385,11 +385,11 @@ CVE-2025-11084 (A security issue exists within DataMosaix\u2122 Private Cloud, a
CVE-2025-10918 (Insecure default permissions in the agent of Ivanti Endpoint Manager b ...)
NOT-FOR-US: Ivanti
CVE-2025-10905 (Collision in MiniFilter driverin Avast Software Avast Free Antivirus b ...)
- TODO: check
+ NOT-FOR-US: Avast Software Avast Free Antivirus
CVE-2025-10161 (Improper Restriction of Excessive Authentication Attempts, Client-Side ...)
- TODO: check
+ NOT-FOR-US: Perfektive
CVE-2024-57695 (An issue in Agnitum Outpost Security Suite 7.5.3 (3942.608.1810) and 7 ...)
- TODO: check
+ NOT-FOR-US: Agnitum Outpost Security Suite
CVE-2017-20210 (Photo Station 5.4.1 & 5.2.7 include the security fix for the vulnerabi ...)
NOT-FOR-US: QNAP
CVE-2025-13015 (Spoofing issue in Firefox. This vulnerability affects Firefox < 145, F ...)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/58fe270612c2791214a182b745629d28d89bcc2a
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/58fe270612c2791214a182b745629d28d89bcc2a
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20251111/894365ca/attachment-0001.htm>
More information about the debian-security-tracker-commits
mailing list