[Git][security-tracker-team/security-tracker][master] NFUs
Moritz Muehlenhoff (@jmm)
jmm at debian.org
Fri Sep 5 09:16:01 BST 2025
Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker
Commits:
03291532 by Moritz Muehlenhoff at 2025-09-05T10:15:31+02:00
NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -77,7 +77,7 @@ CVE-2025-58353 (Promptcraft Forge Studio is a toolkit for evaluating, optimizing
CVE-2025-57576 (PHPGurukul Online Shopping Portal 2.1 is vulnerable to Cross Site Scri ...)
NOT-FOR-US: PHPGurukul
CVE-2025-57263 (An authenticated SQL injection vulnerability in VX Guestbook 1.07 allo ...)
- TODO: check
+ NOT-FOR-US: VX Guestbook
CVE-2025-48581 (In VerifyNoOverlapInSessions of apexd.cpp, there is a possible way to ...)
NOT-FOR-US: Android
CVE-2025-48563 (In onNullBinding of RemoteFillService.java, there is a possible backgr ...)
@@ -157,69 +157,69 @@ CVE-2025-48523 (In onCreate of SelectAccountActivity.java, there is a possible w
CVE-2025-48522 (In setDisplayName of AssociationRequest.java, there is a possible way ...)
NOT-FOR-US: Android
CVE-2025-41063 (A vulnerability has been discovered in version 4.0.5 of appRain CMF, c ...)
- TODO: check
+ NOT-FOR-US: appRain CMF
CVE-2025-41062 (A vulnerability has been discovered in version 4.0.5 of appRain CMF, c ...)
- TODO: check
+ NOT-FOR-US: appRain CMF
CVE-2025-41061 (A vulnerability has been discovered in appRain CMF version 4.0.5, cons ...)
- TODO: check
+ NOT-FOR-US: appRain CMF
CVE-2025-41060 (A vulnerability has been discovered in appRain CMF version 4.0.5, cons ...)
- TODO: check
+ NOT-FOR-US: appRain CMF
CVE-2025-41059 (A vulnerability has been discovered in appRain CMF version 4.0.5, cons ...)
- TODO: check
+ NOT-FOR-US: appRain CMF
CVE-2025-41058 (A vulnerability has been discovered in appRain CMF version 4.0.5, cons ...)
- TODO: check
+ NOT-FOR-US: appRain CMF
CVE-2025-41057 (A vulnerability has been discovered in appRain CMF version 4.0.5, cons ...)
- TODO: check
+ NOT-FOR-US: appRain CMF
CVE-2025-41056 (A vulnerability has been discovered in appRain CMF version 4.0.5, cons ...)
- TODO: check
+ NOT-FOR-US: appRain CMF
CVE-2025-41055 (A vulnerability has been discovered in appRain CMF version 4.0.5, cons ...)
- TODO: check
+ NOT-FOR-US: appRain CMF
CVE-2025-41054 (A vulnerability has been discovered in appRain CMF version 4.0.5, cons ...)
- TODO: check
+ NOT-FOR-US: appRain CMF
CVE-2025-41053 (A vulnerability has been discovered in appRain CMF version 4.0.5, cons ...)
- TODO: check
+ NOT-FOR-US: appRain CMF
CVE-2025-41052 (A vulnerability has been discovered in appRain CMF version 4.0.5, cons ...)
- TODO: check
+ NOT-FOR-US: appRain CMF
CVE-2025-41051 (A vulnerability has been discovered in appRain CMF version 4.0.5, cons ...)
- TODO: check
+ NOT-FOR-US: appRain CMF
CVE-2025-41050 (A vulnerability has been discovered in appRain CMF version 4.0.5, cons ...)
- TODO: check
+ NOT-FOR-US: appRain CMF
CVE-2025-41049 (A vulnerability has been discovered in appRain CMF version 4.0.5, cons ...)
- TODO: check
+ NOT-FOR-US: appRain CMF
CVE-2025-41048 (A vulnerability has been discovered in appRain CMF version 4.0.5, cons ...)
- TODO: check
+ NOT-FOR-US: appRain CMF
CVE-2025-41047 (A vulnerability has been discovered in appRain CMF version 4.0.5, cons ...)
- TODO: check
+ NOT-FOR-US: appRain CMF
CVE-2025-41046 (A vulnerability has been discovered in appRain CMF version 4.0.5, cons ...)
- TODO: check
+ NOT-FOR-US: appRain CMF
CVE-2025-41045 (A vulnerability has been discovered in appRain CMF version 4.0.5, cons ...)
- TODO: check
+ NOT-FOR-US: appRain CMF
CVE-2025-41044 (A vulnerability has been discovered in appRain CMF version 4.0.5, cons ...)
- TODO: check
+ NOT-FOR-US: appRain CMF
CVE-2025-41043 (A vulnerability has been discovered in appRain CMF version 4.0.5, cons ...)
- TODO: check
+ NOT-FOR-US: appRain CMF
CVE-2025-41042 (A vulnerability has been discovered in appRain CMF version 4.0.5, cons ...)
- TODO: check
+ NOT-FOR-US: appRain CMF
CVE-2025-41041 (A vulnerability has been discovered in appRain CMF version 4.0.5, cons ...)
- TODO: check
+ NOT-FOR-US: appRain CMF
CVE-2025-41040 (A vulnerability has been discovered in appRain CMF version 4.0.5, cons ...)
- TODO: check
+ NOT-FOR-US: appRain CMF
CVE-2025-41039 (A vulnerability has been discovered in appRain CMF version 4.0.5, cons ...)
- TODO: check
+ NOT-FOR-US: appRain CMF
CVE-2025-41038 (A vulnerability has been discovered in appRain CMF version 4.0.5, cons ...)
- TODO: check
+ NOT-FOR-US: appRain CMF
CVE-2025-41037 (A vulnerability has been discovered in appRain CMF version 4.0.5, cons ...)
- TODO: check
+ NOT-FOR-US: appRain CMF
CVE-2025-41036 (A vulnerability has been discovered in appRain CMF version 4.0.5, cons ...)
- TODO: check
+ NOT-FOR-US: appRain CMF
CVE-2025-41035 (A problem has been discovered in appRain CMF 4.0.5. An authenticated P ...)
- TODO: check
+ NOT-FOR-US: appRain CMF
CVE-2025-41034 (An SQL injection vulnerability has been found in appRain CMF 4.0.5. Th ...)
- TODO: check
+ NOT-FOR-US: appRain CMF
CVE-2025-41033 (An SQL injection vulnerability has been found in appRain CMF 4.0.5. Th ...)
- TODO: check
+ NOT-FOR-US: appRain CMF
CVE-2025-41032 (An SQL injection vulnerability has been found in appRain CMF 4.0.5. Th ...)
- TODO: check
+ NOT-FOR-US: appRain CMF
CVE-2025-32350 (In maybeShowDialog of ControlsSettingsDialogManager.kt, there is a pos ...)
NOT-FOR-US: Android
CVE-2025-32349 (In multiple locations, there is a possible privilege escalation due to ...)
@@ -259,7 +259,7 @@ CVE-2025-2694 (IBM Sterling B2B Integrator 6.0.0.0 through 6.1.2.7_1 and 6.2.0.0
CVE-2025-2667 (IBM Sterling B2B Integrator 6.0.0.0 through 6.1.2.7_1 and 6.2.0.0 thro ...)
NOT-FOR-US: IBM
CVE-2025-2411 (Improper Restriction of Excessive Authentication Attempts vulnerabilit ...)
- TODO: check
+ NOT-FOR-US: Akinsoft
CVE-2025-26464 (In executeAppFunction of AppSearchManagerService.java, there is a poss ...)
NOT-FOR-US: Android
CVE-2025-26463 (In allowPackageAccess of multiple files, resource exhaustion is possib ...)
@@ -337,21 +337,21 @@ CVE-2025-26419 (In initPhoneSwitch of SystemSettingsFragment.java, there is a po
CVE-2025-25048 (IBM Jazz Foundation 7.0.2 through 7.0.2 iFix033, 7.0.3 through 7.0.3 i ...)
NOT-FOR-US: IBM
CVE-2025-23302 (NVIDIA HGX and DGX contain a vulnerability where a misconfiguration of ...)
- TODO: check
+ NOT-FOR-US: NVIDIA
CVE-2025-23301 (NVIDIA HGX and DGX contain a vulnerability where a misconfiguration of ...)
- TODO: check
+ NOT-FOR-US: NVIDIA
CVE-2025-23262 (NVIDIA ConnectX contains a vulnerability in the management interface, ...)
- TODO: check
+ NOT-FOR-US: NVIDIA
CVE-2025-23261 (NVIDIA Cumulus Linux and NVOS products contain a vulnerability, where ...)
- TODO: check
+ NOT-FOR-US: NVIDIA
CVE-2025-23259 (NVIDIA Mellanox DPDK contains a vulnerability in Poll Mode Driver (PMD ...)
- TODO: check
+ NOT-FOR-US: NVIDIA
CVE-2025-23258 (NVIDIA DOCA contains a vulnerability in the collectx-dpeserver Debian ...)
- TODO: check
+ NOT-FOR-US: NVIDIA
CVE-2025-23257 (NVIDIA DOCA contains a vulnerability in the collectx-clxapidev Debian ...)
- TODO: check
+ NOT-FOR-US: NVIDIA
CVE-2025-23256 (NVIDIA BlueField contains a vulnerability in the management interface, ...)
- TODO: check
+ NOT-FOR-US: NVIDIA
CVE-2025-22441 (In getContextForResourcesEnsuringCorrectCachedApkPaths of RemoteViews. ...)
NOT-FOR-US: Android
CVE-2025-22425 (In onCreate of InstallStart.java, there is a possible permissions bypa ...)
@@ -381,7 +381,7 @@ CVE-2024-40664 (In setupAccessibilityServices of AccessibilityFragment.java , th
CVE-2024-34598 (Improper export of component in GoodLock prior to version 2.2.04.95 al ...)
NOT-FOR-US: Samsung Mobile
CVE-2024-13073 (Improper Neutralization of Input During Web Page Generation (XSS or 'C ...)
- TODO: check
+ NOT-FOR-US: Akinsoft
CVE-2023-35657 (In bta_av_config_ind of bta_av_aact.cc, there is a possible out of bou ...)
NOT-FOR-US: Android
CVE-2025-38730 (In the Linux kernel, the following vulnerability has been resolved: i ...)
@@ -726,13 +726,13 @@ CVE-2025-36890 (Elevation of Privilege)
CVE-2025-36887 (In wl_cfgscan_update_v3_schedscan_results() of wl_cfgscan.c, there is ...)
NOT-FOR-US: Google devices
CVE-2025-2417 (Improper Restriction of Excessive Authentication Attempts vulnerabilit ...)
- TODO: check
+ NOT-FOR-US: Akinsoft
CVE-2024-56190 (In wl_update_hidden_ap_ie() of wl_cfgscan.c, there is a possible out o ...)
NOT-FOR-US: Google devices
CVE-2024-56189 (In SAEMM_DiscloseMsId of SAEMM_RadioMessageCodec.c, there is a possibl ...)
NOT-FOR-US: Google devices
CVE-2024-13071 (Improper Neutralization of Input During Web Page Generation (XSS or 'C ...)
- TODO: check
+ NOT-FOR-US: Akinsoft
CVE-2025-9959 (Incomplete validation of dunder attributes allows an attacker to escap ...)
NOT-FOR-US: huggingface/smolagents
CVE-2025-9926 (A vulnerability was determined in projectworlds Travel Management Syst ...)
@@ -901,7 +901,7 @@ CVE-2025-56435 (SQL Injection vulnerability in FoxCMS v1.2.6 and before allows a
CVE-2025-56139 (LinkedIn Mobile Application for Android version 4.1.1087.2 fails to up ...)
NOT-FOR-US: LinkedIn Mobile Application for Android
CVE-2025-55944 (Slink v1.4.9 allows stored cross-site scripting (XSS) via crafted SVG ...)
- TODO: check
+ NOT-FOR-US: Slink
CVE-2025-55852 (Tenda AC8 v16.03.34.06 is vulnerable to Buffer Overflow in the formWif ...)
NOT-FOR-US: Tenda
CVE-2025-55162 (Envoy is an open source L7 proxy and communication bus designed for la ...)
@@ -933,7 +933,7 @@ CVE-2025-2416 (Improper Restriction of Excessive Authentication Attempts vulnera
CVE-2025-2415 (Improper Restriction of Excessive Authentication Attempts vulnerabilit ...)
NOT-FOR-US: Akinsoft
CVE-2025-26210 (An Cross-Site Scripting (XSS) vulnerability in DeepSeek R1 through V3. ...)
- TODO: check
+ NOT-FOR-US: DeepSeek
CVE-2025-20336 (A vulnerability in the directory permissions of Cisco Desk Phone 9800 ...)
NOT-FOR-US: Cisco
CVE-2025-20335 (A vulnerability in the directory permissions of Cisco Desk Phone 9800 ...)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/03291532d179cab67b6d3bde73f239e04a813f94
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/03291532d179cab67b6d3bde73f239e04a813f94
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20250905/f8354c89/attachment.htm>
More information about the debian-security-tracker-commits
mailing list