[Git][security-tracker-team/security-tracker][master] Process some NFUs

Salvatore Bonaccorso (@carnil) carnil at debian.org
Mon Dec 29 08:25:11 GMT 2025 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
358c0f40 by Salvatore Bonaccorso at 2025-12-29T09:24:27+01:00
Process some NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,13 +1,13 @@
 CVE-2025-52691 (Successful exploitation of the vulnerability could allow an unauthenti ...)
-	TODO: check
+	NOT-FOR-US: SmarterTools SmarterMail
 CVE-2025-15228 (BPMFlowWebkit developed by WELLTEND TECHNOLOGY has a Arbitrary File Up ...)
-	TODO: check
+	NOT-FOR-US: WELLTEND TECHNOLOGY
 CVE-2025-15227 (BPMFlowWebkit developed by WELLTEND TECHNOLOGY has a Arbitrary File Re ...)
-	TODO: check
+	NOT-FOR-US: WELLTEND TECHNOLOGY
 CVE-2025-15226 (WMPro developed by Sunnet has a Arbitrary File Upload vulnerability, a ...)
-	TODO: check
+	NOT-FOR-US: Sunnet
 CVE-2025-15225 (WMPro developed by Sunnet has an Arbitrary File Read vulnerability, al ...)
-	TODO: check
+	NOT-FOR-US: Sunnet
 CVE-2025-15179 (A vulnerability was determined in Tenda WH450 1.0.0.18. Impacted is an ...)
 	NOT-FOR-US: Tenda
 CVE-2025-15178 (A vulnerability was found in Tenda WH450 1.0.0.18. This issue affects  ...)
@@ -17,19 +17,19 @@ CVE-2025-15177 (A vulnerability has been found in Tenda WH450 1.0.0.18. This vul
 CVE-2025-15176 (A flaw has been found in Open5GS up to 2.7.5. This affects the functio ...)
 	TODO: check
 CVE-2025-15175 (A vulnerability was detected in SohuTV CacheCloud up to 3.2.0. Affecte ...)
-	TODO: check
+	NOT-FOR-US: SohuTV CacheCloud
 CVE-2025-15174 (A security vulnerability has been detected in SohuTV CacheCloud up to  ...)
-	TODO: check
+	NOT-FOR-US: SohuTV CacheCloud
 CVE-2025-15173 (A weakness has been identified in SohuTV CacheCloud up to 3.2.0. Affec ...)
-	TODO: check
+	NOT-FOR-US: SohuTV CacheCloud
 CVE-2025-15172 (A security flaw has been discovered in SohuTV CacheCloud up to 3.2.0.  ...)
-	TODO: check
+	NOT-FOR-US: SohuTV CacheCloud
 CVE-2025-15171 (A vulnerability was identified in SohuTV CacheCloud up to 3.2.0. This  ...)
-	TODO: check
+	NOT-FOR-US: SohuTV CacheCloud
 CVE-2025-15170 (A security vulnerability has been detected in Advaya Softech GEMS ERP  ...)
-	TODO: check
+	NOT-FOR-US: Advaya Softech GEMS ERP Portal
 CVE-2025-15169 (A weakness has been identified in BiggiDroid Simple PHP CMS 1.0. Affec ...)
-	TODO: check
+	NOT-FOR-US: BiggiDroid Simple PHP CMS
 CVE-2025-15168 (A vulnerability was identified in itsourcecode Student Management Syst ...)
 	NOT-FOR-US: itsourcecode System
 CVE-2025-15167 (A vulnerability was determined in itsourcecode Online Cake Ordering Sy ...)
@@ -49,25 +49,25 @@ CVE-2025-15161 (A vulnerability was found in Tenda WH450 1.0.0.18. Affected is a
 CVE-2025-15160 (A vulnerability has been found in Tenda WH450 1.0.0.18. This impacts a ...)
 	NOT-FOR-US: Tenda
 CVE-2025-15156 (A flaw has been found in omec-project UPF up to 2.1.3-dev. This affect ...)
-	TODO: check
+	NOT-FOR-US: omec-project UPF
 CVE-2025-15155 (A vulnerability was detected in floooh sokol up to 16cbcc864012898793c ...)
-	TODO: check
+	NOT-FOR-US: floooh sokol
 CVE-2025-15154 (A security vulnerability has been detected in PbootCMS up to 3.2.12. T ...)
-	TODO: check
+	NOT-FOR-US: PbootCMS
 CVE-2025-15153 (A weakness has been identified in PbootCMS up to 3.2.12. Impacted is a ...)
-	TODO: check
+	NOT-FOR-US: PbootCMS
 CVE-2025-15070 (Exposure of Sensitive Information to an Unauthorized Actor, Missing Au ...)
-	TODO: check
+	NOT-FOR-US: Web Fax
 CVE-2025-15069 (Improper Authentication vulnerability in Gmission Web Fax allows Privi ...)
-	TODO: check
+	NOT-FOR-US: Web Fax
 CVE-2025-15068 (Missing Authorization vulnerability in Gmission Web Fax allows Privile ...)
-	TODO: check
+	NOT-FOR-US: Web Fax
 CVE-2025-15067 (Unrestricted Upload of File with Dangerous Type vulnerability in Innor ...)
-	TODO: check
+	NOT-FOR-US: Innorix
 CVE-2025-15066 (Improper Limitation of a Pathname to a Restricted Directory ('Path Tra ...)
-	TODO: check
+	NOT-FOR-US: Innorix
 CVE-2025-15065 (Exposure of Sensitive Information to an Unauthorized Actor, Missing En ...)
-	TODO: check
+	NOT-FOR-US: KESS Enterprise
 CVE-2025-13958 (The YaMaps for WordPress Plugin WordPress plugin before 0.6.40 does no ...)
 	NOT-FOR-US: WordPress plugin
 CVE-2025-13417 (The Plugin Organizer WordPress plugin before 10.2.4 does not sanitize  ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/358c0f40cad61db2ab816577a861eb7a8beadec1

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/358c0f40cad61db2ab816577a861eb7a8beadec1
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20251229/7db4d31f/attachment.htm>

More information about the debian-security-tracker-commits mailing list