[Git][security-tracker-team/security-tracker][master] Process some NFUs

Tue Aug 19 21:47:12 BST 2025


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
f956c0bd by Salvatore Bonaccorso at 2025-08-19T22:46:43+02:00
Process some NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -118,23 +118,23 @@ CVE-2025-50938 (Cross site scripting (XSS) vulnerability in Hustoj 2025-01-31 vi
 CVE-2025-50926 (Easy Hosting Control Panel EHCP v20.04.1.b was discovered to contain a ...)
 	NOT-FOR-US: Easy Hosting Control Panel EHCP
 CVE-2025-50897 (A vulnerability exists in riscv-boom SonicBOOM 1.2 (BOOMv1.2) processo ...)
-	TODO: check
+	NOT-FOR-US: riscv-boom SonicBOOM
 CVE-2025-50891 (Adform Site Tracking 1.1 allows attackers to inject HTML or execute ar ...)
-	TODO: check
+	NOT-FOR-US: Adform Site Tracking
 CVE-2025-50579 (A CORS misconfiguration in Nginx Proxy Manager v2.12.3 allows unauthor ...)
-	TODO: check
+	NOT-FOR-US: Nginx Proxy Manager
 CVE-2025-50567 (Saurus CMS Community Edition 4.7.1 contains a vulnerability in the cus ...)
 	TODO: check
 CVE-2025-50461 (A deserialization vulnerability exists in Volcengine's verl 3.0.0, spe ...)
-	TODO: check
+	NOT-FOR-US: Volcengine verl
 CVE-2025-50434 (A security issue has been identified in Appian Enterprise Business Pro ...)
-	TODO: check
+	NOT-FOR-US: Appian Enterprise Business Process Management
 CVE-2025-4690 (A regular expression used by AngularJS' linky https://docs.angularjs.o ...)
 	TODO: check
 CVE-2025-4046 (A missing authorization vulnerability in Lexmark Cloud Services badge  ...)
-	TODO: check
+	NOT-FOR-US: Lexmark
 CVE-2025-4044 (Improper Restriction of XML External Entity Reference in various Lexma ...)
-	TODO: check
+	NOT-FOR-US: Lexmark
 CVE-2025-43745 (A CSRF vulnerability in Liferay Portal 7.4.0 through 7.4.3.132, and Li ...)
 	NOT-FOR-US: Liferay
 CVE-2025-43744 (A stored DOM-based Cross-Site Scripting (XSS) vulnerability in Liferay ...)
@@ -150,9 +150,9 @@ CVE-2025-43738 (A reflected cross-site scripting (XSS) vulnerability in the Life
 CVE-2025-43737 (A reflected cross-site scripting (XSS) vulnerability in the Liferay Po ...)
 	NOT-FOR-US: Liferay
 CVE-2025-41689 (An unauthenticated remote attacker can grant access without password p ...)
-	TODO: check
+	NOT-FOR-US: Motherbox
 CVE-2025-41685 (A low-privileged remote attacker can obtain the username of another re ...)
-	TODO: check
+	NOT-FOR-US: SMA Solar Technology
 CVE-2025-33008 (IBM Sterling B2B Integrator 6.2.1.0 and IBM Sterling File Gateway6.2.1 ...)
 	NOT-FOR-US: IBM
 CVE-2025-31988 (HCL Digital Experience is susceptible to cross site scripting (XSS) in ...)
@@ -162,7 +162,7 @@ CVE-2025-2988 (IBM Sterling B2B Integrator and IBM Sterling File Gateway 6.0.0.0
 CVE-2024-45062 (A stack based buffer overflow vulnerability is present in OpenPrinting ...)
 	TODO: check
 CVE-2024-44373 (A Path Traversal vulnerability in AllSky v2023.05.01_04 allows an unau ...)
-	TODO: check
+	NOT-FOR-US: AllSky
 CVE-2025-38615 (In the Linux kernel, the following vulnerability has been resolved:  f ...)
 	- linux <unfixed>
 	[bullseye] - linux <not-affected> (Vulnerable code not present)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/f956c0bd1718141275882ecb9a52475a52b30a77

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/f956c0bd1718141275882ecb9a52475a52b30a77
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20250819/8598baa8/attachment.htm>
