[Git][security-tracker-team/security-tracker][master] Process some NFUs

Salvatore Bonaccorso (@carnil) carnil at debian.org
Tue Jan 20 20:47:59 GMT 2026 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
4b528b37 by Salvatore Bonaccorso at 2026-01-20T21:47:32+01:00
Process some NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -43,89 +43,89 @@ CVE-2025-67263 (Abacre Retail Point of Sale 14.0.0.396 is affected by a stored c
 CVE-2025-67261 (Abacre Retail Point of Sale 14.0.0.396 is vulnerable to content-based  ...)
 	NOT-FOR-US: Abacre Retail Point of Sale
 CVE-2025-66803 (Race condition in the turbo-frame element handler in Hotwired Turbo be ...)
-	TODO: check
+	NOT-FOR-US: Hotwired Turbo
 CVE-2025-65482 (An XML External Entity (XXE) vulnerability in opensagres XDocReport v0 ...)
-	TODO: check
+	NOT-FOR-US: xdocreport
 CVE-2025-64087 (A Server-Side Template Injection (SSTI) vulnerability in the FreeMarke ...)
-	TODO: check
+	NOT-FOR-US: xdocreport
 CVE-2025-58095 (Multiple reflected cross-site scripting (xss) vulnerabilities exist in ...)
-	TODO: check
+	NOT-FOR-US: MedDream PACS Premium
 CVE-2025-58094 (Multiple reflected cross-site scripting (xss) vulnerabilities exist in ...)
-	TODO: check
+	NOT-FOR-US: MedDream PACS Premium
 CVE-2025-58093 (Multiple reflected cross-site scripting (xss) vulnerabilities exist in ...)
-	TODO: check
+	NOT-FOR-US: MedDream PACS Premium
 CVE-2025-58092 (Multiple reflected cross-site scripting (xss) vulnerabilities exist in ...)
-	TODO: check
+	NOT-FOR-US: MedDream PACS Premium
 CVE-2025-58091 (Multiple reflected cross-site scripting (xss) vulnerabilities exist in ...)
-	TODO: check
+	NOT-FOR-US: MedDream PACS Premium
 CVE-2025-58090 (Multiple reflected cross-site scripting (xss) vulnerabilities exist in ...)
-	TODO: check
+	NOT-FOR-US: MedDream PACS Premium
 CVE-2025-58089 (Multiple reflected cross-site scripting (xss) vulnerabilities exist in ...)
-	TODO: check
+	NOT-FOR-US: MedDream PACS Premium
 CVE-2025-58088 (Multiple reflected cross-site scripting (xss) vulnerabilities exist in ...)
-	TODO: check
+	NOT-FOR-US: MedDream PACS Premium
 CVE-2025-58087 (Multiple reflected cross-site scripting (xss) vulnerabilities exist in ...)
-	TODO: check
+	NOT-FOR-US: MedDream PACS Premium
 CVE-2025-58080 (A reflected cross-site scripting (xss) vulnerability exists in the mod ...)
-	TODO: check
+	NOT-FOR-US: MedDream PACS Premium
 CVE-2025-57881 (A reflected cross-site scripting (xss) vulnerability exists in the mod ...)
-	TODO: check
+	NOT-FOR-US: MedDream PACS Premium
 CVE-2025-57787 (A reflected cross-site scripting (xss) vulnerability exists in the mod ...)
-	TODO: check
+	NOT-FOR-US: MedDream PACS Premium
 CVE-2025-57786 (A reflected cross-site scripting (xss) vulnerability exists in the not ...)
-	TODO: check
+	NOT-FOR-US: MedDream PACS Premium
 CVE-2025-56353 (In tinyMQTT commit 6226ade15bd4f97be2d196352e64dd10937c1962 (2024-02-1 ...)
-	TODO: check
+	NOT-FOR-US: tinyMQTT
 CVE-2025-56005 (An undocumented and unsafe feature in the PLY (Python Lex-Yacc) librar ...)
 	TODO: check
 CVE-2025-55423 (ipTIME routers A2003NS-MU 10.00.6 to 12.16.2 , N600 10.00.8 to 12.16.2 ...)
-	TODO: check
+	NOT-FOR-US: ipTIME
 CVE-2025-55071 (A reflected cross-site scripting (xss) vulnerability exists in the mod ...)
-	TODO: check
+	NOT-FOR-US: MedDream PACS Premium
 CVE-2025-54861 (A reflected cross-site scripting (xss) vulnerability exists in the mod ...)
-	TODO: check
+	NOT-FOR-US: MedDream PACS Premium
 CVE-2025-54853 (A reflected cross-site scripting (xss) vulnerability exists in the mod ...)
-	TODO: check
+	NOT-FOR-US: MedDream PACS Premium
 CVE-2025-54852 (A reflected cross-site scripting (xss) vulnerability exists in the mod ...)
-	TODO: check
+	NOT-FOR-US: MedDream PACS Premium
 CVE-2025-54817 (A reflected cross-site scripting (xss) vulnerability exists in the aut ...)
-	TODO: check
+	NOT-FOR-US: MedDream PACS Premium
 CVE-2025-54814 (A reflected cross-site scripting (xss) vulnerability exists in the mod ...)
-	TODO: check
+	NOT-FOR-US: MedDream PACS Premium
 CVE-2025-54778 (A reflected cross-site scripting (xss) vulnerability exists in the exi ...)
-	TODO: check
+	NOT-FOR-US: MedDream PACS Premium
 CVE-2025-54495 (A reflected cross-site scripting (xss) vulnerability exists in the ema ...)
-	TODO: check
+	NOT-FOR-US: MedDream PACS Premium
 CVE-2025-54157 (A reflected cross-site scripting (xss) vulnerability exists in the enc ...)
-	TODO: check
+	NOT-FOR-US: MedDream PACS Premium
 CVE-2025-53912 (An arbitrary file read vulnerability exists in the encapsulatedDoc fun ...)
-	TODO: check
+	NOT-FOR-US: MedDream PACS Premium
 CVE-2025-53854 (A reflected cross-site scripting (xss) vulnerability exists in the mod ...)
-	TODO: check
+	NOT-FOR-US: MedDream PACS Premium
 CVE-2025-53707 (A reflected cross-site scripting (xss) vulnerability exists in the mod ...)
-	TODO: check
+	NOT-FOR-US: MedDream PACS Premium
 CVE-2025-53516 (A reflected cross-site scripting (xss) vulnerability exists in the dow ...)
-	TODO: check
+	NOT-FOR-US: MedDream PACS Premium
 CVE-2025-46270 (A reflected cross-site scripting (xss) vulnerability exists in the fet ...)
-	TODO: check
+	NOT-FOR-US: MedDream PACS Premium
 CVE-2025-44000 (A reflected cross-site scripting (xss) vulnerability exists in the sen ...)
-	TODO: check
+	NOT-FOR-US: MedDream PACS Premium
 CVE-2025-41768 (On an instance of TwinCAT 3 HMI Server running on a device an authenti ...)
-	TODO: check
+	NOT-FOR-US: TwinCAT 3 HMI Server
 CVE-2025-41084 (Stored Cross-Site Scripting (XSS) vulnerability in Sesame web applicat ...)
-	TODO: check
+	NOT-FOR-US: Sesame web application
 CVE-2025-41081 (Reflected Cross-Site Scripting (XSS) vulnerability in IsMyGym by Zuinq ...)
-	TODO: check
+	NOT-FOR-US: IsMyGym
 CVE-2025-41025 (Stored Cross-Site Scripting (XSS) in Poultry Farm Management System v1 ...)
-	TODO: check
+	NOT-FOR-US: Poultry Farm Management System
 CVE-2025-41024 (Stored Cross-Site Scripting (XSS) in Poultry Farm Management System v1 ...)
-	TODO: check
+	NOT-FOR-US: Poultry Farm Management System
 CVE-2025-40679 (HTML   Injection vulnerability in  Isshue by Bdtask, consisting os an  ...)
-	TODO: check
+	NOT-FOR-US: Bdtask
 CVE-2025-40644 (Reflected Cross-Site Scripting (XSS) vulnerability in Riftzilla's QRGe ...)
-	TODO: check
+	NOT-FOR-US: QRGen
 CVE-2025-36556 (A reflected cross-site scripting (xss) vulnerability exists in the lda ...)
-	TODO: check
+	NOT-FOR-US: MedDream PACS Premium
 CVE-2025-36419 (IBM ApplinX 11.1 could disclose sensitive information about server arc ...)
 	NOT-FOR-US: IBM
 CVE-2025-36418 (IBM ApplinX 11.1 is vulnerable due to a privilege escalation vulnerabi ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/4b528b379fb5642bc82b0ea2a7c900a65b567038

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/4b528b379fb5642bc82b0ea2a7c900a65b567038
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20260120/5d42bd09/attachment-0001.htm>

More information about the debian-security-tracker-commits mailing list