[Git][security-tracker-team/security-tracker][master] Process some NFUs

Salvatore Bonaccorso (@carnil) carnil at debian.org
Wed Jan 14 22:03:23 GMT 2026 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
cb507364 by Salvatore Bonaccorso at 2026-01-14T23:03:03+01:00
Process some NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -77,15 +77,15 @@ CVE-2026-21889 (Weblate is a web based localization tool. Prior to 5.15.2, the s
 CVE-2026-0532 (External Control of File Name or Path (CWE-73) combined with Server-Si ...)
 	- kibana <itp> (bug #700337)
 CVE-2026-0529 (Improper Validation of Array Index (CWE-129) in Packetbeat\u2019s Mong ...)
-	TODO: check
+	NOT-FOR-US: Packetbeat
 CVE-2025-9142 (A local user can trigger Harmony SASE Windows client to write or delet ...)
-	TODO: check
+	NOT-FOR-US: Harmony SASE Windows client
 CVE-2025-71166 (Typesetter CMS versions up to and including 5.1 contain a reflected cr ...)
-	TODO: check
+	NOT-FOR-US: Typesetter CMS
 CVE-2025-71165 (Typesetter CMS versions up to and including 5.1 contain a reflected cr ...)
-	TODO: check
+	NOT-FOR-US: Typesetter CMS
 CVE-2025-71164 (Typesetter CMS versions up to and including 5.1 contain a reflected cr ...)
-	TODO: check
+	NOT-FOR-US: Typesetter CMS
 CVE-2025-71021 (Tenda AX-1806 v1.0.0.1 was discovered to contain a stack overflow in t ...)
 	NOT-FOR-US: Tenda
 CVE-2025-70968 (FreeImage 3.18.0 contains a Use After Free in PluginTARGA.cpp;loadRLE( ...)
@@ -93,21 +93,21 @@ CVE-2025-70968 (FreeImage 3.18.0 contains a Use After Free in PluginTARGA.cpp;lo
 CVE-2025-70747 (Tenda AX-1806 v1.0.0.1 was discovered to contain a stack overflow in t ...)
 	NOT-FOR-US: Tenda
 CVE-2025-67835 (Paessler PRTG Network Monitor before 25.4.114 allows Denial-of-Service ...)
-	TODO: check
+	NOT-FOR-US: Paessler PRTG Network Monitor
 CVE-2025-67834 (Paessler PRTG Network Monitor before 25.4.114 allows XSS by an unauthe ...)
-	TODO: check
+	NOT-FOR-US: Paessler PRTG Network Monitor
 CVE-2025-67833 (Paessler PRTG Network Monitor before 25.4.114 allows XSS by an unauthe ...)
-	TODO: check
+	NOT-FOR-US: Paessler PRTG Network Monitor
 CVE-2025-67399 (An issue in AIRTH SMART HOME AQI MONITOR Bootloader v.1.005 allows a p ...)
-	TODO: check
+	NOT-FOR-US: AIRTH SMART HOME AQI MONITOR Bootloader
 CVE-2025-66169 (Cypher Injection vulnerability in Apache Camel camel-neo4j component.  ...)
 	TODO: check
 CVE-2025-65397 (An insecure authentication mechanism in the safe_exec.sh startup scrip ...)
-	TODO: check
+	NOT-FOR-US: Blurams Flare Camera
 CVE-2025-65396 (A vulnerability in the boot process of Blurams Flare Camera version 24 ...)
-	TODO: check
+	NOT-FOR-US: Blurams Flare Camera
 CVE-2025-63644 (A stored cross-site scripting (XSS) vulnerability exists in pH7Softwar ...)
-	TODO: check
+	NOT-FOR-US: pH7Software pH7-Social-Dating-CMS
 CVE-2025-56226 (Libsndfile <=1.2.2 contains a memory leak vulnerability in the mpeg_l3 ...)
 	TODO: check
 CVE-2025-37185 (Vulnerabilities in the web-based management interface of EdgeConnect S ...)
@@ -127,11 +127,11 @@ CVE-2025-14557 (Improper Neutralization of Input During Web Page Generation (XSS
 CVE-2025-14556 (Improper Neutralization of Input During Web Page Generation (XSS or 'C ...)
 	NOT-FOR-US: Drupal core and addons
 CVE-2025-14317 (In Crazy Bubble Tea mobile application authenticated attacker canobtai ...)
-	TODO: check
+	NOT-FOR-US: Crazy Bubble Tea mobile application
 CVE-2025-14242 (A flaw was found in vsftpd. This vulnerability allows a denial of serv ...)
 	TODO: check
 CVE-2025-13175 (Y Soft SafeQ 6 renders the Workflow Connector password field in a way  ...)
-	TODO: check
+	NOT-FOR-US: Y Soft
 CVE-2025-0647 (In certain Arm CPUs, a CPP RCTX instruction executed on one Processing ...)
 	TODO: check
 CVE-2025-71144 (In the Linux kernel, the following vulnerability has been resolved:  m ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/cb507364a3b1d58c4a9059645724a106519c8051

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/cb507364a3b1d58c4a9059645724a106519c8051
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20260114/c55f605b/attachment.htm>

More information about the debian-security-tracker-commits mailing list