[Git][security-tracker-team/security-tracker][master] Process some NFUs
Salvatore Bonaccorso (@carnil)
carnil at debian.org
Fri Sep 5 21:31:20 BST 2025
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
335af0d5 by Salvatore Bonaccorso at 2025-09-05T22:30:40+02:00
Process some NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,15 +1,15 @@
CVE-2025-9999 (Some payload elements of the messages sent between two stations in a n ...)
- TODO: check
+ NOT-FOR-US: PcVue
CVE-2025-9998 (The sequence of packets received by a Networking server are not correc ...)
- TODO: check
+ NOT-FOR-US: PcVue
CVE-2025-9709 (On-Chip Debug and Test Interface With Improper Access Control and Impr ...)
- TODO: check
+ NOT-FOR-US: Nordic Semiconductor nRF52810
CVE-2025-9566 (There's a vulnerability in podman where an attacker may use the kube p ...)
TODO: check
CVE-2025-9057 (The Biagiotti Core plugin for WordPress is vulnerable to Stored Cross- ...)
NOT-FOR-US: WordPress plugin
CVE-2025-8695 (Improper Neutralization of Input During Web Page Generation (XSS or 'C ...)
- TODO: check
+ NOT-FOR-US: NetGIS Server
CVE-2025-58887 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
NOT-FOR-US: WordPress plugin or theme
CVE-2025-58886 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
@@ -213,7 +213,7 @@ CVE-2025-58784 (Improper Neutralization of Input During Web Page Generation ('Cr
CVE-2025-58783 (Missing Authorization vulnerability in gutentor Gutentor allows Exploi ...)
NOT-FOR-US: WordPress plugin or theme
CVE-2025-58780 (index.em7 in ScienceLogic SL1 before 12.1.1 allows SQL Injection via a ...)
- TODO: check
+ NOT-FOR-US: ScienceLogic SL1
CVE-2025-58628 (Improper Neutralization of Special Elements used in an SQL Command ('S ...)
NOT-FOR-US: WordPress plugin or theme
CVE-2025-58440
@@ -536,11 +536,11 @@ CVE-2025-8944 (The OceanWP WordPress theme before 4.1.2 is vulnerable to an opti
CVE-2025-8684 (The Flatsome Theme for WordPress is vulnerable to Stored Cross-Site Sc ...)
NOT-FOR-US: WordPress plugin
CVE-2025-7445 (Kubernetes secrets-store-sync-controller in versions before 0.0.2 disc ...)
- TODO: check
+ NOT-FOR-US: Kubernetes secrets-store-sync-controller
CVE-2025-58401 (Obsidian GitHub Copilot Plugin versions prior to 1.1.7 store Github AP ...)
- TODO: check
+ NOT-FOR-US: Obsidian GitHub Copilot Plugin
CVE-2025-58400 (RATOC RAID Monitoring Manager for Windows provided by RATOC Systems, I ...)
- TODO: check
+ NOT-FOR-US: RATOC RAID Monitoring Manager for Windows
CVE-2025-58362 (Hono is a Web application framework that provides support for any Java ...)
TODO: check
CVE-2025-58359 (ZF FROST is a Rust implementation of FROST (Flexible Round-Optimised S ...)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/335af0d5cc87092af742344ba22c0b746a1a4110
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/335af0d5cc87092af742344ba22c0b746a1a4110
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20250905/8f6bcb25/attachment.htm>
More information about the debian-security-tracker-commits
mailing list