[Git][security-tracker-team/security-tracker][master] NFUs

Moritz Muehlenhoff (@jmm) jmm at debian.org
Sun Apr 13 22:42:26 BST 2025 


Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker


Commits:
5fa2af0e by Moritz Muehlenhoff at 2025-04-13T23:41:53+02:00
NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,17 +1,17 @@
 CVE-2025-3538 (A vulnerability was found in D-Link DI-8100 16.07.26A1. It has been ra ...)
-	TODO: check
+	NOT-FOR-US: D-Link
 CVE-2025-3537 (A vulnerability was found in Tutorials-Website Employee Management Sys ...)
-	TODO: check
+	NOT-FOR-US: Tutorials-Website Employee Management System
 CVE-2025-3536 (A vulnerability was found in Tutorials-Website Employee Management Sys ...)
-	TODO: check
+	NOT-FOR-US: Tutorials-Website Employee Management System
 CVE-2025-3535 (A vulnerability has been found in shuanx BurpAPIFinder up to 2.0.2 and ...)
-	TODO: check
+	NOT-FOR-US: BurpAPIFinder
 CVE-2025-3534 (A vulnerability, which was classified as critical, was found in PowerC ...)
-	TODO: check
+	NOT-FOR-US: PowerCreator CMS
 CVE-2025-3533 (A vulnerability, which was classified as problematic, has been found i ...)
-	TODO: check
+	NOT-FOR-US: YouDianCMS
 CVE-2025-3423 (IBM Aspera Faspex 5.0.0 through 5.0.11 is vulnerable to cross-site scr ...)
-	TODO: check
+	NOT-FOR-US: IBM
 CVE-2025-32896
 	NOT-FOR-US: Apache SeaTunnel
 CVE-2025-24859
@@ -180,13 +180,13 @@ CVE-2025-32143 (Deserialization of Untrusted Data vulnerability in PickPlugins A
 CVE-2025-32107 (OS command injection vulnerability exists in Deco BE65 Pro firmware ve ...)
 	NOT-FOR-US: Deco BE65 Pro firmware
 CVE-2025-32080 (Exposure of Sensitive Information to an Unauthorized Actor vulnerabili ...)
-	TODO: check
+	NOT-FOR-US: MobileFrontend MediaWiki extension
 CVE-2025-32079 (Improper Input Validation vulnerability in The Wikimedia Foundation Me ...)
-	TODO: check
+	NOT-FOR-US: GrowthExperiments MediaWiki extension
 CVE-2025-32078 (Improper Encoding or Escaping of Output vulnerability in The Wikimedia ...)
-	TODO: check
+	NOT-FOR-US: Version Compare MediaWiki extension
 CVE-2025-32077 (Improper Input Validation vulnerability in The Wikimedia Foundation Me ...)
-	TODO: check
+	NOT-FOR-US: SimpleCalendar MediaWiki extension
 CVE-2025-32076 (Improper Input Validation vulnerability in The Wikimedia Foundation Me ...)
 	NOT-FOR-US: Visual Data MediaWiki extension
 CVE-2025-32075 (Improper Input Validation vulnerability in The Wikimedia Foundation Me ...)
@@ -198,15 +198,15 @@ CVE-2025-32073 (Improper Input Validation vulnerability in The Wikimedia Foundat
 CVE-2025-32072 (Improper Encoding or Escaping of Output vulnerability in The Wikimedia ...)
 	TODO: check
 CVE-2025-32071 (Improper Input Validation vulnerability in The Wikimedia Foundation Me ...)
-	TODO: check
+	NOT-FOR-US: Wikidata MediaWiki extension
 CVE-2025-32070 (Improper Input Validation vulnerability in The Wikimedia Foundation Me ...)
-	TODO: check
+	NOT-FOR-US: AJAX Poll MediaWiki extension
 CVE-2025-32069 (Improper Input Validation vulnerability in The Wikimedia Foundation Me ...)
-	TODO: check
+	NOT-FOR-US: Wikibase Media MediaWiki extension
 CVE-2025-32068 (Incorrect Authorization vulnerability in The Wikimedia Foundation Medi ...)
-	TODO: check
+	NOT-FOR-US: OAuth MediaWiki extension
 CVE-2025-32067 (Improper Input Validation vulnerability in The Wikimedia Foundation Me ...)
-	TODO: check
+	NOT-FOR-US: GrowthExperiments MediaWiki extension
 CVE-2025-31935 (Subnet Solutions   PowerSYSTEM Center is affected by a mishandling of  ...)
 	NOT-FOR-US: Subnet Solutions PowerSYSTEM Center
 CVE-2025-31932 (Deserialization of untrusted data issue exists in BizRobo! all version ...)
@@ -340,7 +340,7 @@ CVE-2025-2636 (The InstaWP Connect \u2013 1-click WP Staging & Migration plugin
 CVE-2025-26335 (Dell PowerProtect Cyber Recovery, versions prior to 19.18.0.2, contain ...)
 	NOT-FOR-US: Dell / EMC
 CVE-2025-1386 (When using the ch-go library, under a specific condition when the quer ...)
-	TODO: check
+	NOT-FOR-US: ch-go
 CVE-2025-0128 (A denial-of-service (DoS) vulnerability in the Simple Certificate Enro ...)
 	NOT-FOR-US: Palo Alto Networks
 CVE-2025-0127 (A command injection vulnerability in Palo Alto Networks PAN-OS\xae sof ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/5fa2af0e215f573a237441c4b4ffe70104cdb5b4

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/5fa2af0e215f573a237441c4b4ffe70104cdb5b4
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20250413/e62c6581/attachment.htm>

More information about the debian-security-tracker-commits mailing list