[Git][security-tracker-team/security-tracker][master] Process more NFUs

Salvatore Bonaccorso (@carnil) carnil at debian.org
Tue Apr 8 10:11:34 BST 2025 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
2a3b5e6a by Salvatore Bonaccorso at 2025-04-08T11:11:14+02:00
Process more NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -11,11 +11,11 @@ CVE-2025-3427 (The 3DPrint Lite plugin for WordPress is vulnerable to SQL Inject
 CVE-2025-3413 (A vulnerability has been found in opplus springboot-admin up to a2d531 ...)
 	TODO: check
 CVE-2025-3412 (A vulnerability, which was classified as critical, was found in mymagi ...)
-	TODO: check
+	NOT-FOR-US: mymagicpower AIAS
 CVE-2025-3411 (A vulnerability, which was classified as critical, has been found in m ...)
-	TODO: check
+	NOT-FOR-US: mymagicpower AIAS
 CVE-2025-3410 (A vulnerability classified as critical was found in mymagicpower AIAS  ...)
-	TODO: check
+	NOT-FOR-US: mymagicpower AIAS
 CVE-2025-3409 (A vulnerability classified as critical has been found in Nothings stb  ...)
 	TODO: check
 CVE-2025-3408 (A vulnerability was found in Nothings stb up to f056911. It has been r ...)
@@ -25,11 +25,11 @@ CVE-2025-3407 (A vulnerability was found in Nothings stb up to f056911. It has b
 CVE-2025-3406 (A vulnerability was found in Nothings stb up to f056911. It has been c ...)
 	TODO: check
 CVE-2025-3405 (A vulnerability was found in FCJ Venture Builder appclientefiel 3.0.27 ...)
-	TODO: check
+	NOT-FOR-US: FCJ Venture Builder appclientefiel
 CVE-2025-3403 (A vulnerability was found in Vivotek NVR ND8422P, NVR ND9525P and NVR  ...)
-	TODO: check
+	NOT-FOR-US: Vivotek
 CVE-2025-3402 (A vulnerability was found in Seeyon Zhiyuan Interconnect FE Collaborat ...)
-	TODO: check
+	NOT-FOR-US: Seeyon Zhiyuan Interconnect FE Collaborative Office Platform
 CVE-2025-3401 (A vulnerability has been found in ESAFENET CDG 5.6.3.154.205_20250114  ...)
 	NOT-FOR-US: ESAFENET
 CVE-2025-3400 (A vulnerability, which was classified as critical, was found in ESAFEN ...)
@@ -37,45 +37,45 @@ CVE-2025-3400 (A vulnerability, which was classified as critical, was found in E
 CVE-2025-3399 (A vulnerability, which was classified as critical, has been found in E ...)
 	NOT-FOR-US: ESAFENET
 CVE-2025-3398 (A vulnerability classified as critical was found in lenve VBlog up to  ...)
-	TODO: check
+	NOT-FOR-US: lenve VBlog
 CVE-2025-3397 (A vulnerability classified as problematic has been found in YzmCMS 7.1 ...)
-	TODO: check
+	NOT-FOR-US: YzmCMS
 CVE-2025-3393 (A vulnerability was found in mrcen springboot-ucan-admin up to 5f35162 ...)
 	TODO: check
 CVE-2025-3392 (A vulnerability was found in hailey888 oa_system up to 2025.01.01 and  ...)
-	TODO: check
+	NOT-FOR-US: hailey888 oa_system
 CVE-2025-3391 (A vulnerability has been found in hailey888 oa_system up to 2025.01.01 ...)
-	TODO: check
+	NOT-FOR-US: hailey888 oa_system
 CVE-2025-3390 (A vulnerability, which was classified as problematic, was found in hai ...)
-	TODO: check
+	NOT-FOR-US: hailey888 oa_system
 CVE-2025-3389 (A vulnerability, which was classified as problematic, has been found i ...)
-	TODO: check
+	NOT-FOR-US: hailey888 oa_system
 CVE-2025-3388 (A vulnerability classified as problematic was found in hailey888 oa_sy ...)
-	TODO: check
+	NOT-FOR-US: hailey888 oa_system
 CVE-2025-3387 (A vulnerability classified as problematic has been found in renrenio r ...)
-	TODO: check
+	NOT-FOR-US: renrenio renren-security
 CVE-2025-3386 (A vulnerability was found in LinZhaoguan pb-cms 2.0. It has been rated ...)
-	TODO: check
+	NOT-FOR-US: LinZhaoguan pb-cms
 CVE-2025-3385 (A vulnerability was found in LinZhaoguan pb-cms 2.0. It has been decla ...)
-	TODO: check
+	NOT-FOR-US: LinZhaoguan pb-cms
 CVE-2025-3384 (A vulnerability was found in 1000 Projects Human Resource Management S ...)
-	TODO: check
+	NOT-FOR-US: 1000 Projects Human Resource Management System
 CVE-2025-3383 (A vulnerability was found in SourceCodester Web-based Pharmacy Product ...)
 	NOT-FOR-US: SourceCodester
 CVE-2025-3364 (The SSH service of PowerStation from HGiga has a Chroot Escape vulnera ...)
-	TODO: check
+	NOT-FOR-US: HGiga
 CVE-2025-3363 (The web service of iSherlock from HGiga has an OS Command Injection vu ...)
-	TODO: check
+	NOT-FOR-US: HGiga
 CVE-2025-3362 (The web service of iSherlock from HGiga has an OS Command Injection vu ...)
-	TODO: check
+	NOT-FOR-US: HGiga
 CVE-2025-3361 (The web service of iSherlock from HGiga has an OS Command Injection vu ...)
-	TODO: check
+	NOT-FOR-US: HGiga
 CVE-2025-32414 (In libxml2 before 2.13.8 and 2.14.x before 2.14.2, out-of-bounds memor ...)
 	TODO: check
 CVE-2025-32413 (Vulnerability-Lookup before 2.7.1 allows stored XSS via a user bio in  ...)
 	TODO: check
 CVE-2025-32409 (Ratta SuperNote A6 X2 Nomad before December 2024 allows remote code ex ...)
-	TODO: check
+	NOT-FOR-US: Ratta SuperNote A6 X2 Nomad
 CVE-2025-32034 (The Apollo Router Core is a configurable, high-performance graph route ...)
 	TODO: check
 CVE-2025-32033 (The Apollo Router Core is a configurable, high-performance graph route ...)
@@ -345,7 +345,7 @@ CVE-2025-0050 (Improper Restriction of Operations within the Bounds of a Memory
 CVE-2024-49848 (Memory corruption while processing multiple IOCTL calls from HLOS to D ...)
 	NOT-FOR-US: Qualcomm
 CVE-2024-46494 (A cross-site scripting (XSS) vulnerability in Typecho v1.2.1 allows at ...)
-	TODO: check
+	NOT-FOR-US: Typecho
 CVE-2024-45557 (Memory corruption can occur when TME processes addresses from TZ and M ...)
 	NOT-FOR-US: Qualcomm
 CVE-2024-45556 (Cryptographic issue may arise because the access control configuration ...)
@@ -377,7 +377,7 @@ CVE-2024-38797 (EDK2 contains a vulnerability in the HashPeImageByType(). A user
 CVE-2024-33058 (Memory corruption while assigning memory from the source DDR memory(HL ...)
 	NOT-FOR-US: Qualcomm
 CVE-2024-11859 (DLL Search Order Hijacking vulnerability potentially allowed an attack ...)
-	TODO: check
+	NOT-FOR-US: ESET
 CVE-2025-30195 (An attacker can publish a zone containing specific Resource Record Set ...)
 	- pdns-recursor 5.2.1-1
 	[bookworm] - pdns-recursor <not-affected> (Vulnerable code not present)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/2a3b5e6a23f569d123e31973bedef5f4ee8545c8

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/2a3b5e6a23f569d123e31973bedef5f4ee8545c8
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20250408/fa837b62/attachment.htm>

More information about the debian-security-tracker-commits mailing list