[Git][security-tracker-team/security-tracker][master] Process some NFUs

Salvatore Bonaccorso (@carnil) carnil at debian.org
Wed Apr 30 13:20:49 BST 2025 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
b56736ac by Salvatore Bonaccorso at 2025-04-30T14:19:12+02:00
Process some NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -3,15 +3,15 @@ CVE-2025-4095 (Registry Access Management (RAM) is a security feature allowing a
 CVE-2025-4080 (A vulnerability has been found in PHPGurukul Online Nurse Hiring Syste ...)
 	NOT-FOR-US: PHPGurukul
 CVE-2025-4079 (A vulnerability, which was classified as critical, was found in PCMan  ...)
-	TODO: check
+	NOT-FOR-US: PCMan FTP Server
 CVE-2025-4078 (A vulnerability, which was classified as problematic, has been found i ...)
-	TODO: check
+	NOT-FOR-US: Wangshen SecGate 3600 2400
 CVE-2025-4077 (A vulnerability classified as critical was found in code-projects Scho ...)
 	NOT-FOR-US: code-projects
 CVE-2025-4076 (A vulnerability classified as critical has been found in LB-LINK BL-AC ...)
-	TODO: check
+	NOT-FOR-US: LB-LINK BL-AC3600
 CVE-2025-4075 (A vulnerability was found in VMSMan up to 20250416. It has been rated  ...)
-	TODO: check
+	NOT-FOR-US: VMSMan
 CVE-2025-4074 (A vulnerability was found in PHPGurukul Curfew e-Pass Management Syste ...)
 	NOT-FOR-US: PHPGurukul
 CVE-2025-4073 (A vulnerability was found in PHPGurukul Student Record System 3.20. It ...)
@@ -27,13 +27,13 @@ CVE-2025-4069 (A vulnerability, which was classified as critical, has been found
 CVE-2025-4068 (A vulnerability classified as critical was found in code-projects Simp ...)
 	NOT-FOR-US: code-projects
 CVE-2025-4067 (A vulnerability classified as critical has been found in ScriptAndTool ...)
-	TODO: check
+	NOT-FOR-US: ScriptAndTools Online-Travling-System
 CVE-2025-4066 (A vulnerability was found in ScriptAndTools Online-Travling-System 1.0 ...)
-	TODO: check
+	NOT-FOR-US: ScriptAndTools Online-Travling-System
 CVE-2025-4065 (A vulnerability was found in ScriptAndTools Online-Travling-System 1.0 ...)
-	TODO: check
+	NOT-FOR-US: ScriptAndTools Online-Travling-System
 CVE-2025-4064 (A vulnerability was found in ScriptAndTools Online-Travling-System 1.0 ...)
-	TODO: check
+	NOT-FOR-US: ScriptAndTools Online-Travling-System
 CVE-2025-4063 (A vulnerability was found in code-projects Student Information Managem ...)
 	NOT-FOR-US: code-projects
 CVE-2025-4062 (A vulnerability has been found in code-projects Theater Seat Booking S ...)
@@ -59,39 +59,39 @@ CVE-2025-46778
 CVE-2025-46560 (vLLM is a high-throughput and memory-efficient inference and serving e ...)
 	TODO: check
 CVE-2025-46552 (KHC-INVITATION-AUTOMATION is a GitHub automation script that automatic ...)
-	TODO: check
+	NOT-FOR-US: KHC-INVITATION-AUTOMATION
 CVE-2025-46550 (YesWiki is a wiki system written in PHP. Prior to version 4.5.4, the ` ...)
-	TODO: check
+	NOT-FOR-US: YesWiki
 CVE-2025-46549 (YesWiki is a wiki system written in PHP. Prior to version 4.5.4, an at ...)
-	TODO: check
+	NOT-FOR-US: YesWiki
 CVE-2025-46350 (YesWiki is a wiki system written in PHP. Prior to version 4.5.4, an at ...)
 	TODO: check
 CVE-2025-46349 (YesWiki is a wiki system written in PHP. Prior to version 4.5.4, YesWi ...)
-	TODO: check
+	NOT-FOR-US: YesWiki
 CVE-2025-46348 (YesWiki is a wiki system written in PHP. Prior to version 4.5.4, the r ...)
-	TODO: check
+	NOT-FOR-US: YesWiki
 CVE-2025-46347 (YesWiki is a wiki system written in PHP. Prior to version 4.5.4, YesWi ...)
-	TODO: check
+	NOT-FOR-US: YesWiki
 CVE-2025-46346 (YesWiki is a wiki system written in PHP. Prior to version 4.5.4, a sto ...)
-	TODO: check
+	NOT-FOR-US: YesWiki
 CVE-2025-46344 (The Auth0 Next.js SDK is a library for implementing user authenticatio ...)
-	TODO: check
+	NOT-FOR-US: Auth0 Next.js SDK
 CVE-2025-45956 (A SQL injection vulnerability in manage_damage.php in Sourcecodester C ...)
 	NOT-FOR-US: SourceCodester
 CVE-2025-40619 (Bookgy does not provide for proper authorisation control in multiple a ...)
-	TODO: check
+	NOT-FOR-US: Bookgy
 CVE-2025-40618 (SQL injection vulnerability in Bookgy. This vulnerability could allow  ...)
-	TODO: check
+	NOT-FOR-US: Bookgy
 CVE-2025-40617 (SQL injection vulnerability in Bookgy. This vulnerability could allow  ...)
-	TODO: check
+	NOT-FOR-US: Bookgy
 CVE-2025-40616 (Reflected Cross-Site Scripting (XSS) vulnerability in Bookgy. This vul ...)
-	TODO: check
+	NOT-FOR-US: Bookgy
 CVE-2025-40615 (Reflected Cross-Site Scripting (XSS) vulnerability in Bookgy. This vul ...)
-	TODO: check
+	NOT-FOR-US: Bookgy
 CVE-2025-3953 (The WP Statistics \u2013 The Most Popular Privacy-Friendly Analytics P ...)
 	NOT-FOR-US: WordPress plugin
 CVE-2025-3929 (An XSS issue was discovered in MDaemon Email Server version 25.0.1 and ...)
-	TODO: check
+	NOT-FOR-US: MDaemon Email Server
 CVE-2025-3911 (Recording of environment variables, configured for running containers, ...)
 	TODO: check
 CVE-2025-3910 (A flaw was found in Keycloak. The org.keycloak.authorization package m ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/b56736ac6a9ad3bead8d90a1a94676775a821a58

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/b56736ac6a9ad3bead8d90a1a94676775a821a58
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20250430/7a9069a4/attachment.htm>

More information about the debian-security-tracker-commits mailing list