[Git][security-tracker-team/security-tracker][master] Process some NFUs

Salvatore Bonaccorso (@carnil) carnil at debian.org
Wed Nov 12 20:58:35 GMT 2025 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
6a58578b by Salvatore Bonaccorso at 2025-11-12T21:58:05+01:00
Process some NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,13 +1,13 @@
 CVE-2025-9316 (N-central < 2025.4 can generate sessionIDs for unauthenticated users   ...)
-	TODO: check
+	NOT-FOR-US: N-central
 CVE-2025-8485 (An improper permissions vulnerability was reported in Lenovo App Store ...)
 	NOT-FOR-US: Lenovo
 CVE-2025-8421 (An improper default permission vulnerability was reported in Lenovo Do ...)
 	NOT-FOR-US: Lenovo
 CVE-2025-65002 (Fujitsu iRMC S6 on M5 before 1.37S mishandles Redfish/WebUI access if  ...)
-	TODO: check
+	NOT-FOR-US: Fujitsu
 CVE-2025-65001 (Fujitsu fbiosdrv.sys before 2.5.0.0 allows an attacker to potentially  ...)
-	TODO: check
+	NOT-FOR-US: Fujitsu
 CVE-2025-64407 (Apache OpenOffice documents can contain links. A missing Authorization ...)
 	NOT-FOR-US: Apache software not packaged in Debian
 CVE-2025-64406 (An out-of-bounds Write vulnerability in Apache OpenOffice could allow  ...)
@@ -25,17 +25,17 @@ CVE-2025-64401 (Apache OpenOffice documents can contain links. A missing Authori
 CVE-2025-64293 (Improper Neutralization of Special Elements used in an SQL Command ('S ...)
 	NOT-FOR-US: WordPress plugin or theme
 CVE-2025-64281 (An Authentication Bypass issue in CentralSquare Community Development  ...)
-	TODO: check
+	NOT-FOR-US: CentralSquare Community Development
 CVE-2025-64280 (A SQL Injection Vulnerability in CentralSquare Community Development 1 ...)
-	TODO: check
+	NOT-FOR-US: CentralSquare Community Development
 CVE-2025-64117 (Tuleap is an Open Source Suite to improve management of software devel ...)
 	NOT-FOR-US: Tuleap
 CVE-2025-64099 (Open Access Management (OpenAM) is an access management solution. In v ...)
-	TODO: check
+	NOT-FOR-US: OpenAM
 CVE-2025-63929 (A null pointer dereference vulnerability exists in airpig2011 IEC104 t ...)
-	TODO: check
+	NOT-FOR-US: airpig2011 IEC104
 CVE-2025-63927 (A heap-use-after-free vulnerability exists in airpig2011 IEC104 thru C ...)
-	TODO: check
+	NOT-FOR-US: airpig2011 IEC104
 CVE-2025-63811 (An issue was discovered in dvsekhvalnov jose2go 1.5.0 thru 1.7.0 allow ...)
 	TODO: check
 CVE-2025-63679 (free5gc v4.1.0 and before is vulnerable to Buffer Overflow. When AMF r ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/6a58578bbb6116ef75ee9bf12830ecb045b7d70f

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/6a58578bbb6116ef75ee9bf12830ecb045b7d70f
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20251112/38d8b1b9/attachment.htm>

More information about the debian-security-tracker-commits mailing list