[Git][security-tracker-team/security-tracker][master] NFUs

Moritz Muehlenhoff (@jmm) jmm at debian.org
Fri Apr 25 09:35:59 BST 2025 


Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker


Commits:
e4559e73 by Moritz Muehlenhoff at 2025-04-25T10:35:38+02:00
NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -5,9 +5,9 @@ CVE-2025-46616 (Quantum StorNext Web GUI API before 7.2.4 allows potential Arbit
 CVE-2025-46613 (OpenPLC 3 through 64f9c11 has server.cpp Memory Corruption because a t ...)
 	NOT-FOR-US: OpenPLC
 CVE-2025-46599 (CNCF K3s 1.32 before 1.32.4-rc1+k3s1 has a Kubernetes kubelet configur ...)
-	TODO: check
+	NOT-FOR-US: K3s
 CVE-2025-46595 (An XSS issue was discovered in the Flag module before 1.x-3.6.2 for Ba ...)
-	TODO: check
+	NOT-FOR-US: Backdrop CMS plugin
 CVE-2025-46547 (In Sherpa Orchestrator 141851, the web application lacks protection ag ...)
 	NOT-FOR-US: Sherpa Orchestrator
 CVE-2025-46546 (In Sherpa Orchestrator 141851, multiple time-based blind SQL injection ...)
@@ -55,7 +55,7 @@ CVE-2025-3743 (The Upsell Funnel Builder for WooCommerce plugin for WordPress is
 CVE-2025-3606 (Vestel AC Charger  version   3.75.0 contains a vulnerability that  cou ...)
 	NOT-FOR-US: Vestel AC Charger
 CVE-2025-3511 (Improper Validation of Specified Quantity in Input vulnerability in Mi ...)
-	TODO: check
+	NOT-FOR-US: Mitsubishi
 CVE-2025-2580 (The Contact Form by Bit Form plugin for WordPress is vulnerable to Sto ...)
 	NOT-FOR-US: WordPress plugin
 CVE-2025-2238 (The Vikinger theme for WordPress is vulnerable to privilege in all ver ...)
@@ -63,7 +63,7 @@ CVE-2025-2238 (The Vikinger theme for WordPress is vulnerable to privilege in al
 CVE-2025-2185 (ALBEDO Telecom Net.Time - PTP/NTP clock (Serial No. NBC0081P) software ...)
 	NOT-FOR-US: ALBEDO Telecom Net.Time
 CVE-2025-29529 (ITC Systems Multiplan/Matrix OneCard platform v3.7.4.1002 was discover ...)
-	TODO: check
+	NOT-FOR-US: ITC Systems Multiplan/Matrix OneCard
 CVE-2025-25777 (Insecure Direct Object Reference (IDOR) in Codeastro Bus Ticket Bookin ...)
 	NOT-FOR-US: CodeAstro
 CVE-2025-1294 (The eForm - WordPress Form Builder plugin for WordPress is vulnerable  ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/e4559e7385938782fd9fd462af9f45983cdb48f7

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/e4559e7385938782fd9fd462af9f45983cdb48f7
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20250425/bd64455e/attachment.htm>

More information about the debian-security-tracker-commits mailing list