[Git][security-tracker-team/security-tracker][master] NFus

Moritz Muehlenhoff (@jmm) jmm at debian.org
Wed Oct 8 16:15:25 BST 2025 


Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker


Commits:
4e548b9d by Moritz Muehlenhoff at 2025-10-08T16:55:50+02:00
NFus

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -3,73 +3,73 @@ CVE-2025-8291 (The 'zipfile' module would not check the validity of the ZIP64 En
 CVE-2025-6046
 	REJECTED
 CVE-2025-62187 (In Ankitects Anki before 25.02.6, crafted sound file references could  ...)
-	TODO: check
+	NOT-FOR-US: Ankitects Anki
 CVE-2025-62186 (Ankitects Anki before 25.02.5 allows a crafted shared deck on Windows  ...)
-	TODO: check
+	NOT-FOR-US: Ankitects Anki
 CVE-2025-62185 (In Ankitects Anki before 25.02.5, a crafted shared deck can place a Yo ...)
-	TODO: check
+	NOT-FOR-US: Ankitects Anki
 CVE-2025-61999 (OPEXUS FOIAXpress before 11.13.3.0 allows an administrative user to up ...)
-	TODO: check
+	NOT-FOR-US: OPEXUS FOIAXpress
 CVE-2025-61998 (OPEXUS FOIAXpress before 11.13.3.0 allows an administrative user to in ...)
-	TODO: check
+	NOT-FOR-US: OPEXUS FOIAXpress
 CVE-2025-61997 (OPEXUS FOIAXpress before 11.13.3.0 allows an administrative user to in ...)
-	TODO: check
+	NOT-FOR-US: OPEXUS FOIAXpress
 CVE-2025-61996 (OPEXUS FOIAXpress before 11.13.3.0 allows an administrative user to in ...)
-	TODO: check
+	NOT-FOR-US: OPEXUS FOIAXpress
 CVE-2025-61910 (The NASA\u2019s Interplanetary Overlay Network (ION) is an implementat ...)
-	TODO: check
+	NOT-FOR-US: NASA ION
 CVE-2025-61787 (Deno is a JavaScript, TypeScript, and WebAssembly runtime. Versions pr ...)
-	TODO: check
+	NOT-FOR-US: Deno
 CVE-2025-61786 (Deno is a JavaScript, TypeScript, and WebAssembly runtime. In versions ...)
-	TODO: check
+	NOT-FOR-US: Deno
 CVE-2025-61785 (Deno is a JavaScript, TypeScript, and WebAssembly runtime. In versions ...)
-	TODO: check
+	NOT-FOR-US: Deno
 CVE-2025-61784 (LLaMA-Factory is a tuning library for large language models. Prior to  ...)
-	TODO: check
+	NOT-FOR-US: LLaMA-Factory
 CVE-2025-61776 (Dependency-Track is a component analysis platform that allows organiza ...)
-	TODO: check
+	NOT-FOR-US: Dependency-Track
 CVE-2025-61670 (Wasmtime is a runtime for WebAssembly. Wasmtime 37.0.0 and 37.0.1 have ...)
 	TODO: check
 CVE-2025-60312 (Sourcecodester Markdown to HTML Converter v1.0 is vulnerable to a Cros ...)
 	NOT-FOR-US: SourceCodester
 CVE-2025-57564 (CubeAPM nightly-2025-08-01-1 allow unauthenticated attackers to inject ...)
-	TODO: check
+	NOT-FOR-US: CubeAPM
 CVE-2025-56243 (A Cross-Site Scripting (XSS) vulnerability was found in the register.p ...)
-	TODO: check
+	NOT-FOR-US: PuneethReddyHC Event Management System
 CVE-2025-54406 (Multiple OS command injection vulnerabilities exist in the formPingCmd ...)
-	TODO: check
+	NOT-FOR-US: Planet WGR-500
 CVE-2025-54405 (Multiple OS command injection vulnerabilities exist in the formPingCmd ...)
-	TODO: check
+	NOT-FOR-US: Planet WGR-500
 CVE-2025-54404 (Multiple OS command injection vulnerabilities exist in the swctrl func ...)
-	TODO: check
+	NOT-FOR-US: Planet WGR-500
 CVE-2025-54403 (Multiple OS command injection vulnerabilities exist in the swctrl func ...)
-	TODO: check
+	NOT-FOR-US: Planet WGR-500
 CVE-2025-54402 (Multiple stack-based buffer overflow vulnerabilities exist in the form ...)
-	TODO: check
+	NOT-FOR-US: Planet WGR-500
 CVE-2025-54401 (Multiple stack-based buffer overflow vulnerabilities exist in the form ...)
-	TODO: check
+	NOT-FOR-US: Planet WGR-500
 CVE-2025-54400 (Multiple stack-based buffer overflow vulnerabilities exist in the form ...)
-	TODO: check
+	NOT-FOR-US: Planet WGR-500
 CVE-2025-54399 (Multiple stack-based buffer overflow vulnerabilities exist in the form ...)
-	TODO: check
+	NOT-FOR-US: Planet WGR-500
 CVE-2025-53476 (A denial of service vulnerability exists in the ModbusTCP server funct ...)
-	TODO: check
+	NOT-FOR-US: OpenPLC
 CVE-2025-52021 (A SQL Injection vulnerability exists in the edit_product.php file of P ...)
-	TODO: check
+	NOT-FOR-US: PuneethReddyHC Online Shopping System Advanced
 CVE-2025-50505 (Clash Verge Rev thru 2.2.3 forces the installation of system services( ...)
-	TODO: check
+	NOT-FOR-US: Clash Verge
 CVE-2025-48981 (An insecure implementation of the proprietary protocol DNET in Product ...)
-	TODO: check
+	NOT-FOR-US: CGM MEDICOI
 CVE-2025-48826 (A format string vulnerability exists in the formPingCmd functionality  ...)
-	TODO: check
+	NOT-FOR-US: Planet WGR-500
 CVE-2025-48464 (Successful exploitation of the vulnerability could allow an unauthenti ...)
-	TODO: check
+	NOT-FOR-US: DuckDuckGo Browser
 CVE-2025-45375 (Dell PowerProtect Data Domain with Data Domain Operating System (DD OS ...)
 	NOT-FOR-US: Dell / EMC
 CVE-2025-44824 (Nagios Log Server before 2024R1.3.2 allows authenticated users (with r ...)
-	TODO: check
+	NOT-FOR-US: Nagios Log Server
 CVE-2025-44823 (Nagios Log Server before 2024R1.3.2 allows authenticated users to retr ...)
-	TODO: check
+	NOT-FOR-US: Nagios Log Server
 CVE-2025-43934 (Dell PowerProtect Data Domain with Data Domain Operating System (DD OS ...)
 	NOT-FOR-US: Dell / EMC
 CVE-2025-43914 (Dell PowerProtect Data Domain BoostFS for Linux Ubuntu systems of Feat ...)
@@ -147,23 +147,23 @@ CVE-2025-1826 (IBM Engineering Requirements Management DOORS Next (IBM Jazz Foun
 CVE-2025-11462 (Improper Link Resolution Before File Access in the AWS VPN Client for  ...)
 	NOT-FOR-US: Amazon
 CVE-2025-11443 (A weakness has been identified in JhumanJ OpnForm up to 1.9.3. This af ...)
-	TODO: check
+	NOT-FOR-US: JhumanJ OpnForm
 CVE-2025-11442 (A security flaw has been discovered in JhumanJ OpnForm up to 1.9.3. Th ...)
-	TODO: check
+	NOT-FOR-US: JhumanJ OpnForm
 CVE-2025-11441 (A vulnerability was identified in JhumanJ OpnForm up to 1.9.3. The aff ...)
-	TODO: check
+	NOT-FOR-US: JhumanJ OpnForm
 CVE-2025-11440 (A vulnerability was determined in JhumanJ OpnForm up to 1.9.3. Impacte ...)
-	TODO: check
+	NOT-FOR-US: JhumanJ OpnForm
 CVE-2025-11439 (A vulnerability was found in JhumanJ OpnForm up to 1.9.3. This issue a ...)
-	TODO: check
+	NOT-FOR-US: JhumanJ OpnForm
 CVE-2025-11438 (A vulnerability has been found in JhumanJ OpnForm up to 1.9.3. This vu ...)
-	TODO: check
+	NOT-FOR-US: JhumanJ OpnForm
 CVE-2025-11437 (A flaw has been found in JhumanJ OpnForm up to 1.9.3. This affects an  ...)
-	TODO: check
+	NOT-FOR-US: JhumanJ OpnForm
 CVE-2025-11436 (A vulnerability was detected in JhumanJ OpnForm up to 1.9.3. Affected  ...)
-	TODO: check
+	NOT-FOR-US: JhumanJ OpnForm
 CVE-2025-11435 (A security vulnerability has been detected in JhumanJ OpnForm up to 1. ...)
-	TODO: check
+	NOT-FOR-US: JhumanJ OpnForm
 CVE-2025-11434 (A weakness has been identified in itsourcecode Student Transcript Proc ...)
 	NOT-FOR-US: itsourcecode System
 CVE-2025-11433 (A security flaw has been discovered in itsourcecode Leave Management S ...)
@@ -187,7 +187,7 @@ CVE-2025-11422 (A vulnerability has been found in Campcodes Advanced Online Voti
 CVE-2025-11421 (A flaw has been found in code-projects Voting System 1.0. The affected ...)
 	NOT-FOR-US: code-projects
 CVE-2025-11420 (A vulnerability was detected in code-projects E-Commerce Website 1.0.  ...)
-	TODO: check
+	NOT-FOR-US: code-projects
 CVE-2025-11418 (A security vulnerability has been detected in Tenda CH22 up to 1.0.0.1 ...)
 	NOT-FOR-US: Tenda
 CVE-2025-11417 (A weakness has been identified in Campcodes Advanced Online Voting Man ...)
@@ -211,7 +211,7 @@ CVE-2025-11408 (A security vulnerability has been detected in D-Link DI-7001 MIN
 CVE-2025-11407 (A weakness has been identified in D-Link DI-7001 MINI 24.04.18B1. Impa ...)
 	NOT-FOR-US: D-Link
 CVE-2025-11406 (A security flaw has been discovered in kaifangqian kaifangqian-base up ...)
-	TODO: check
+	NOT-FOR-US: kaifangqian-base
 CVE-2025-11405 (A vulnerability was identified in SourceCodester Hotel and Lodge Manag ...)
 	NOT-FOR-US: SourceCodester
 CVE-2025-11404 (A vulnerability was determined in SourceCodester Hotel and Lodge Manag ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/4e548b9dcbd3bc564ad16e7d34e496d1177a41c4

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/4e548b9dcbd3bc564ad16e7d34e496d1177a41c4
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20251008/7a55912b/attachment.htm>

More information about the debian-security-tracker-commits mailing list