[Git][security-tracker-team/security-tracker][master] Process some NFUs
Salvatore Bonaccorso (@carnil)
carnil at debian.org
Fri Oct 3 21:54:01 BST 2025
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
5fdc449f by Salvatore Bonaccorso at 2025-10-03T22:53:35+02:00
Process some NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -109,13 +109,13 @@ CVE-2025-57714 (An unquoted search path or element vulnerability has been report
CVE-2025-57423 (A SQL injection vulnerability was discovered in the /articles endpoint ...)
NOT-FOR-US: MyClub
CVE-2025-56551 (An issue in DirectAdmin v1.680 allows unauthorized attackers to manipu ...)
- TODO: check
+ NOT-FOR-US: DirectAdmin
CVE-2025-55972 (A TCL Smart TV running a vulnerable UPnP/DLNA MediaRenderer implementa ...)
- TODO: check
+ NOT-FOR-US: TCL Smart TV
CVE-2025-55971 (TCL 65C655 Smart TV, running firmware version V8-R75PT01-LF1V269.00111 ...)
- TODO: check
+ NOT-FOR-US: TCL 65C655 Smart TV
CVE-2025-54374 (Eidos is an extensible framework for Personal Data Management. Version ...)
- TODO: check
+ NOT-FOR-US: Eidos
CVE-2025-54154 (An improper authentication vulnerability has been reported to affect Q ...)
NOT-FOR-US: QNAP
CVE-2025-54153 (An SQL injection vulnerability has been reported to affect Qsync Centr ...)
@@ -127,7 +127,7 @@ CVE-2025-53407 (A use of externally-controlled format string vulnerability has b
CVE-2025-53406 (A use of externally-controlled format string vulnerability has been re ...)
NOT-FOR-US: QNAP
CVE-2025-53354 (NiceGUI is a Python-based UI framework. Versions 2.24.2 and below are ...)
- TODO: check
+ NOT-FOR-US: NiceGUI
CVE-2025-52867 (An uncontrolled resource consumption vulnerability has been reported t ...)
NOT-FOR-US: QNAP
CVE-2025-52866 (A NULL pointer dereference vulnerability has been reported to affect s ...)
@@ -215,9 +215,9 @@ CVE-2025-44007 (An allocation of resources without limits or throttling vulnerab
CVE-2025-44006 (An allocation of resources without limits or throttling vulnerability ...)
NOT-FOR-US: QNAP
CVE-2025-40636 (SQL injection vulnerability in Joomla module mod_vvisit_counter v2.0.4 ...)
- TODO: check
+ NOT-FOR-US: Joomla
CVE-2025-34226 (OpenPLC Runtime v3 contains an input validation flaw in the /upload-pr ...)
- TODO: check
+ NOT-FOR-US: OpenPLC
CVE-2025-33040 (An allocation of resources without limits or throttling vulnerability ...)
NOT-FOR-US: QNAP
CVE-2025-33039 (An allocation of resources without limits or throttling vulnerability ...)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/5fdc449fcaef1b319c9a0f68f70528897bf65537
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/5fdc449fcaef1b319c9a0f68f70528897bf65537
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20251003/1bad6280/attachment.htm>
More information about the debian-security-tracker-commits
mailing list