[Git][security-tracker-team/security-tracker][master] Process some NFUs

Tue Sep 9 21:27:48 BST 2025


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
726afff5 by Salvatore Bonaccorso at 2025-09-09T22:27:22+02:00
Process some NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,5 +1,5 @@
 CVE-2025-9994 (The Amp\u2019ed RF BT-AP 111 Bluetooth access point's HTTP admin inter ...)
-	TODO: check
+	NOT-FOR-US: Amped RF
 CVE-2025-9951 (A heap-buffer-overflow write exists in jpeg2000dec FFmpeg which allows ...)
 	TODO: check
 CVE-2025-9872 (Insufficient filename validation in Ivanti Endpoint Manager before 202 ...)
@@ -31,7 +31,7 @@ CVE-2025-8007 (A security issue exists in the protected mode of 1756-EN4TR and 1
 CVE-2025-7970 (A security issue exists within FactoryTalk Activation Manager.  An err ...)
 	NOT-FOR-US: Rockwell Automation
 CVE-2025-7635 (Unauthenticated Telnet access vulnerability in Calix GigaCenter ONT al ...)
-	TODO: check
+	NOT-FOR-US: Calix
 CVE-2025-7350 (A security issue affecting multiple Cisco devices also directly impact ...)
 	NOT-FOR-US: Rockwell Automation
 CVE-2025-5500 (A flaw has been found in ZhenShi Mibro Fit App 1.6.3.17499 on Android. ...)
@@ -39,19 +39,19 @@ CVE-2025-5500 (A flaw has been found in ZhenShi Mibro Fit App 1.6.3.17499 on And
 CVE-2025-5005 (A vulnerability was detected in Shanghai Lingdang Information Technolo ...)
 	TODO: check
 CVE-2025-59019 (Missing authorization checks in the CSV download feature of TYPO3 CMS  ...)
-	TODO: check
+	NOT-FOR-US: Typo3 extension
 CVE-2025-59018 (Missing authorization checks in the Workspace Module of TYPO3 CMS vers ...)
-	TODO: check
+	NOT-FOR-US: Typo3 extension
 CVE-2025-59017 (Missing authorization checks in the Backend Routing of TYPO3 CMS versi ...)
-	TODO: check
+	NOT-FOR-US: Typo3 extension
 CVE-2025-59016 (Error messages containing sensitive information in the File Abstractio ...)
-	TODO: check
+	NOT-FOR-US: Typo3 extension
 CVE-2025-59015 (A deterministic three\u2011character prefix in the Password Generation ...)
-	TODO: check
+	NOT-FOR-US: Typo3 extension
 CVE-2025-59014 (An uncaught exception in the Bookmark Toolbar of TYPO3 CMS versions 11 ...)
-	TODO: check
+	NOT-FOR-US: Typo3 extension
 CVE-2025-59013 (An open\u2011redirect vulnerability in GeneralUtility::sanitizeLocalUr ...)
-	TODO: check
+	NOT-FOR-US: Typo3 extension
 CVE-2025-59008 (Improper Neutralization of Special Elements used in an SQL Command ('S ...)
 	NOT-FOR-US: WordPress plugin or theme
 CVE-2025-59005 (Missing Authorization vulnerability in frenify Categorify allows Explo ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/726afff5f6b7e028c5e3ad30ca62acc66c11c2d2

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/726afff5f6b7e028c5e3ad30ca62acc66c11c2d2
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20250909/fb1b0842/attachment-0001.htm>
