[Git][security-tracker-team/security-tracker][master] Process some NFUs

Fri Feb 14 09:11:51 GMT 2025


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
ea235b98 by Salvatore Bonaccorso at 2025-02-14T10:11:29+01:00
Process some NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,45 +1,45 @@
 CVE-2025-26789 (An issue was discovered in Logpoint AgentX before 1.5.0. A vulnerabili ...)
-	TODO: check
+	NOT-FOR-US: Logpoint AgentX
 CVE-2025-26788 (StrongKey FIDO Server before 4.15.1 treats a non-discoverable (namedcr ...)
-	TODO: check
+	NOT-FOR-US: StrongKey FIDO Server
 CVE-2025-26519 (musl libc 0.9.13 through 1.2.5 before 1.2.6 has an out-of-bounds write ...)
 	TODO: check
 CVE-2025-26473 (The Mojave Inverter uses the GET method for sensitive information.)
-	TODO: check
+	NOT-FOR-US: Mojave Inverter
 CVE-2025-25281 (An attacker may modify the URL to discover sensitive information about ...)
-	TODO: check
+	NOT-FOR-US: Mojave Inverter
 CVE-2025-25195 (Zulip is an open source team chat application. A weekly cron job (adde ...)
 	TODO: check
 CVE-2025-25067 (mySCADA myPRO Manager   is vulnerable to an OS command injection which ...)
-	TODO: check
+	NOT-FOR-US: mySCADA myPRO Manager
 CVE-2025-24865 (The administrative web interface of  mySCADA myPRO Manager  can be acc ...)
-	TODO: check
+	NOT-FOR-US: mySCADA myPRO Manager
 CVE-2025-24861 (An attacker may inject commands via specially-crafted post requests.)
-	TODO: check
+	NOT-FOR-US: Mojave Inverter
 CVE-2025-24836 (With a specially crafted Python script, an attacker could send  contin ...)
-	TODO: check
+	NOT-FOR-US: Siemens
 CVE-2025-23421 (An attacker could obtain firmware files and reverse engineer their  in ...)
-	TODO: check
+	NOT-FOR-US: Siemens
 CVE-2025-23411 (mySCADA myPRO Manager  is vulnerable to cross-site request forgery (CS ...)
-	TODO: check
+	NOT-FOR-US: mySCADA
 CVE-2025-23406 (Out-of-bounds read vulnerability caused by improper checking of TCP MS ...)
-	TODO: check
+	NOT-FOR-US: Cente middleware TCP/IP Network Series
 CVE-2025-22962 (A critical remote code execution (RCE) vulnerability exists in the web ...)
-	TODO: check
+	NOT-FOR-US: GatesAir Maxiva UAXT
 CVE-2025-22961 (A critical information disclosure vulnerability exists in the web-base ...)
-	TODO: check
+	NOT-FOR-US: GatesAir Maxiva UAXT
 CVE-2025-22960 (A session hijacking vulnerability exists in the web-based management i ...)
-	TODO: check
+	NOT-FOR-US: GatesAir Maxiva UAXT
 CVE-2025-22896 (mySCADA myPRO Manager   stores credentials in cleartext, which could a ...)
-	TODO: check
+	NOT-FOR-US: mySCADA myPRO Manager
 CVE-2025-22630 (Improper Neutralization of Special Elements used in a Command ('Comman ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2025-20615 (The Qardio Arm iOS application exposes sensitive data such as username ...)
-	TODO: check
+	NOT-FOR-US: Qardio Arm iOS application
 CVE-2025-1298 (Logic vulnerability in the mobile application (com.transsion.carlcare) ...)
-	TODO: check
+	NOT-FOR-US: mobile application (com.transsion.carlcare)
 CVE-2025-1283 (The Dingtian DT-R0 Series is vulnerable to an exploit that allows  att ...)
-	TODO: check
+	NOT-FOR-US: Dingtian DT-R0 Series
 CVE-2025-1053 (Under certain error conditions at time of SANnav installation or upgra ...)
 	TODO: check
 CVE-2024-9601 (The Qubely \u2013 Advanced Gutenberg Blocks plugin for WordPress is vu ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/ea235b98ea6b7632382822634b9d54cd47c8d9b5

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/ea235b98ea6b7632382822634b9d54cd47c8d9b5
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20250214/5289781e/attachment-0001.htm>
