[Git][security-tracker-team/security-tracker][master] Process some NFUs

Salvatore Bonaccorso (@carnil) carnil at debian.org
Thu Oct 30 20:32:30 GMT 2025 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
5d47c54c by Salvatore Bonaccorso at 2025-10-30T21:32:08+01:00
Process some NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -27,9 +27,9 @@ CVE-2025-63298 (A path traversal vulnerability was identified in SourceCodester
 CVE-2025-62795 (JumpServer is an open source bastion host and an operation and mainten ...)
 	NOT-FOR-US: JumpServer
 CVE-2025-62726 (n8n is an open source workflow automation platform. Prior to 1.113.0,  ...)
-	TODO: check
+	NOT-FOR-US: n8n
 CVE-2025-62712 (JumpServer is an open source bastion host and an operation and mainten ...)
-	TODO: check
+	NOT-FOR-US: JumpServer
 CVE-2025-62266 (By default, Liferay Portal 7.4.0 through 7.4.3.119, and older unsuppor ...)
 	NOT-FOR-US: Liferay
 CVE-2025-62265 (Cross-site scripting (XSS) vulnerability in the Blogs widget in Lifera ...)
@@ -37,29 +37,29 @@ CVE-2025-62265 (Cross-site scripting (XSS) vulnerability in the Blogs widget in
 CVE-2025-61498 (A buffer overflow in the UPnP service of Tenda AC8 Hardware v03.03.10. ...)
 	NOT-FOR-US: Tenda
 CVE-2025-61196 (An issue in BusinessNext CRMnext v.10.8.3.0 allows a remote attacker t ...)
-	TODO: check
+	NOT-FOR-US: BusinessNext CRMnext
 CVE-2025-61121 (Mobile Scanner Android App version 2.12.38 (package name com.glority.e ...)
-	TODO: check
+	NOT-FOR-US: Mobile Scanner Android App
 CVE-2025-61120 (AG Life Logger Android App version v1.0.2.72 and before (package name  ...)
-	TODO: check
+	NOT-FOR-US: AG Life Logger Android App
 CVE-2025-61119 (Kanova Android App version 1.0.27 (package name com.karelane), develop ...)
-	TODO: check
+	NOT-FOR-US: Kanova Android App
 CVE-2025-61118 (mCarFix Motorists App version 2.3 (package name com.skytop.mcarfix), d ...)
-	TODO: check
+	NOT-FOR-US: mCarFix Motorists App
 CVE-2025-61117 (Senza: Keto & Fasting Android App version 2.10.15 (package name com.gl ...)
-	TODO: check
+	NOT-FOR-US: Senza: Keto & Fasting Android App
 CVE-2025-61116 (AdForest - Classified Android App version 4.0.12 (package name scripts ...)
-	TODO: check
+	NOT-FOR-US: AdForest - Classified Android App
 CVE-2025-61115 (ABC Fine Wine & Spirits Android App version v.11.27.5 and before (pack ...)
-	TODO: check
+	NOT-FOR-US: ABC Fine Wine & Spirits Android App
 CVE-2025-61114 (2nd Line Android App version v1.2.92 and before (package name com.myse ...)
-	TODO: check
+	NOT-FOR-US: 2nd Line Android App
 CVE-2025-61113 (TalkTalk 3.3.6 Android App contains improper access control vulnerabil ...)
-	TODO: check
+	NOT-FOR-US: TalkTalk
 CVE-2025-60950 (An arbitrary file upload vulnerability in the Data Preparation functio ...)
-	TODO: check
+	NOT-FOR-US: AIxBlock
 CVE-2025-60319 (PerfreeBlog v4.0.11 is vulnerable to Server-Side Request Forgery due t ...)
-	TODO: check
+	NOT-FOR-US: PerfreeBlog
 CVE-2025-5347 (Zohocorp ManageEngine Exchange Reporter Plus versions before 5723 are  ...)
 	NOT-FOR-US: Zoho
 CVE-2025-5343 (Zohocorp ManageEngine Exchange Reporter Plus versions through 5721 are ...)
@@ -69,13 +69,13 @@ CVE-2025-5342 (Zohocorp ManageEngine Exchange Reporter Plus through 5721 are vul
 CVE-2025-57109 (Kitware VTK (Visualization Toolkit) 9.5.0 is vulnerable to Heap Use-Af ...)
 	TODO: check
 CVE-2025-56313 (A Reflected Cross-Site Scripting (XSS) vulnerability was discovered in ...)
-	TODO: check
+	NOT-FOR-US: JATOS
 CVE-2025-54471 (NeuVector used a hard-coded cryptographic key embedded in the source   ...)
-	TODO: check
+	NOT-FOR-US: NeuVector
 CVE-2025-54470 (This vulnerability affects NeuVector deployments only when the Report  ...)
-	TODO: check
+	NOT-FOR-US: NeuVector
 CVE-2025-54469 (A vulnerability was identified in NeuVector, where the enforcer used e ...)
-	TODO: check
+	NOT-FOR-US: NeuVector
 CVE-2025-53883 (A Improper Neutralization of Script-Related HTML Tags in a Web Page (B ...)
 	TODO: check
 CVE-2025-53880 (A Path Traversal vulnerability in the tftpsync/add and tftpsync/delete ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/5d47c54c4667fee6cb80f3c010a93579530c28a2

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/5d47c54c4667fee6cb80f3c010a93579530c28a2
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20251030/e8f7bbbb/attachment-0001.htm>

More information about the debian-security-tracker-commits mailing list