[Git][security-tracker-team/security-tracker][master] Process some NFUs

Salvatore Bonaccorso (@carnil) carnil at debian.org
Tue Aug 26 21:43:36 BST 2025 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
6039f4cd by Salvatore Bonaccorso at 2025-08-26T22:43:13+02:00
Process some NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -43,37 +43,37 @@ CVE-2025-56432 (A cross-site scripting (XSS) vulnerability exists in Nagios XI 2
 CVE-2025-55526 (n8n-workflows Main Commit ee25413 allows attackers to execute a direct ...)
 	TODO: check
 CVE-2025-55443 (Telpo MDM 1.4.6 thru 1.4.9 for Android contains sensitive administrato ...)
-	TODO: check
+	NOT-FOR-US: Telpo MDM
 CVE-2025-53813 (The configuration of Nozbe on macOS, specifically the "RunAsNode" fuse ...)
-	TODO: check
+	NOT-FOR-US: Nozbe
 CVE-2025-53811 (The configuration of Mosh-Pro on macOS, specifically the "RunAsNode" f ...)
-	TODO: check
+	NOT-FOR-US: Mosh-Pro on MacOS
 CVE-2025-52353 (An arbitrary code execution vulnerability in Badaso CMS 2.9.11. The Me ...)
-	TODO: check
+	NOT-FOR-US: Badaso CMS
 CVE-2025-52219 (SelectZero SelectZero Data Observability Platform before 2025.5.2 cont ...)
-	TODO: check
+	NOT-FOR-US: SelectZero
 CVE-2025-52218 (SelectZero Data Observability Platform before 2025.5.2 is vulnerable t ...)
-	TODO: check
+	NOT-FOR-US: SelectZero
 CVE-2025-52217 (SelectZero Data Observability Platform before 2025.5.2 is vulnerable t ...)
-	TODO: check
+	NOT-FOR-US: SelectZero
 CVE-2025-52184 (Cross Site Scripting vulnerability in Helpy.io v.2.8.0 allows a remote ...)
 	TODO: check
 CVE-2025-52037 (A vulnerability has been found in NotesCMS and classified as medium. A ...)
-	TODO: check
+	NOT-FOR-US: NotesCMS
 CVE-2025-52036 (A vulnerability has been found in NotesCMS and classified as medium. A ...)
-	TODO: check
+	NOT-FOR-US: NotesCMS
 CVE-2025-52035 (A vulnerability in NotesCMS and specifically in the page /index.php?ro ...)
-	TODO: check
+	NOT-FOR-US: NotesCMS
 CVE-2025-50976 (IPFire 2.29 DNS management interface (dns.cgi) fails to properly sanit ...)
-	TODO: check
+	NOT-FOR-US: IPFire
 CVE-2025-50975 (IPFire 2.29 web-based firewall interface (firewall.cgi) fails to sanit ...)
-	TODO: check
+	NOT-FOR-US: IPFire
 CVE-2025-50974 (The Calamaris log exporter CGI (/cgi-bin/logs.cgi/calamaris.dat) in IP ...)
-	TODO: check
+	NOT-FOR-US: IPFire
 CVE-2025-50971 (Directory traversal vulnerability in AbanteCart version 1.4.2 allows u ...)
-	TODO: check
+	NOT-FOR-US: AbanteCart
 CVE-2025-50753 (Mitrastar GPT-2741GNAC-N2 devices are provided with access through ssh ...)
-	TODO: check
+	NOT-FOR-US: Mitrastar
 CVE-2025-48108 (Missing Authorization vulnerability in Mojoomla School Management allo ...)
 	NOT-FOR-US: WordPress plugin or theme
 CVE-2025-44002 (Race Condition in the Directory Validation Logic in the TeamViewer Ful ...)
@@ -87,17 +87,17 @@ CVE-2025-29992 (Mahara before 24.04.9 exposes database connection information if
 CVE-2025-29901 (A NULL pointer dereference vulnerability has been reported to affect F ...)
 	NOT-FOR-US: QNAP
 CVE-2025-25737 (Kapsch TrafficCom RIS-9160 & RIS-9260 Roadside Units (RSUs) v3.2.0.829 ...)
-	TODO: check
+	NOT-FOR-US: Kapsch
 CVE-2025-25736 (Kapsch TrafficCom RIS-9260 RSU LEO v3.2.0.829.23, v3.8.0.1119.42, and  ...)
-	TODO: check
+	NOT-FOR-US: Kapsch
 CVE-2025-25735 (Kapsch TrafficCom RIS-9160 & RIS-9260 Roadside Units (RSUs) v3.2.0.829 ...)
-	TODO: check
+	NOT-FOR-US: Kapsch
 CVE-2025-25734 (Kapsch TrafficCom RIS-9160 & RIS-9260 Roadside Units (RSUs) v3.2.0.829 ...)
-	TODO: check
+	NOT-FOR-US: Kapsch
 CVE-2025-25733 (Incorrect access control in the SPI Flash Chip of Kapsch TrafficCom RI ...)
-	TODO: check
+	NOT-FOR-US: Kapsch
 CVE-2025-25732 (Incorrect access control in the EEPROM component of Kapsch TrafficCom  ...)
-	TODO: check
+	NOT-FOR-US: Kapsch
 CVE-2025-23315 (NVIDIA NeMo Framework for all platforms contains a vulnerability in th ...)
 	TODO: check
 CVE-2025-23314 (NVIDIA NeMo Framework for all platforms contains a vulnerability in th ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/6039f4cdbb827c4fe1cf4073bcc0f44b1809137e

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/6039f4cdbb827c4fe1cf4073bcc0f44b1809137e
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20250826/3b9a3fc1/attachment.htm>

More information about the debian-security-tracker-commits mailing list