[Git][security-tracker-team/security-tracker][master] NFUs

[Moritz Muehlenhoff (@jmm)]

Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker


Commits:
84a02ec4 by Moritz Muehlenhoff at 2025-02-26T12:21:36+01:00
NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -23,17 +23,17 @@ CVE-2025-22868 (An attacker can pass a malicious malformed token which causes un
 CVE-2025-22211 (A SQL injection vulnerability in the JoomShopping component versions 1 ...)
 	NOT-FOR-US: JoomShopping
 CVE-2025-1091 (A Broken Authorization schema exists where any authenticated user coul ...)
-	TODO: check
+	NOT-FOR-US: Tenable
 CVE-2025-0889 (Prior to 25.2, a local authenticated attacker can elevate privileges o ...)
-	TODO: check
+	NOT-FOR-US: BeyondTrust
 CVE-2025-0760 (A Credential Disclosure vulnerability exists where an administrator co ...)
-	TODO: check
+	NOT-FOR-US: Tenable
 CVE-2025-0236 (Out-of-bounds vulnerability in slope processing during curve rendering ...)
-	TODO: check
+	NOT-FOR-US: Canon
 CVE-2025-0235 (Out-of-bounds vulnerability due to improper memory release during imag ...)
-	TODO: check
+	NOT-FOR-US: Canon
 CVE-2025-0234 (Out-of-bounds vulnerability in curve segmentation processing of Generi ...)
-	TODO: check
+	NOT-FOR-US: Canon
 CVE-2024-53879 (NVIDIA CUDA toolkit for Linux and Windows contains a vulnerability in  ...)
 	- nvidia-cuda-toolkit <unfixed> (unimportant)
 	NOTE: Crash in CLI tool, no security impact
@@ -59,7 +59,8 @@ CVE-2024-53874 (NVIDIA CUDA toolkit for all platforms contains a vulnerability i
 	NOTE: Crash in CLI tool, no security impact
 	NOTE: https://nvidia.custhelp.com/app/answers/detail/a_id/5594
 CVE-2024-53873 (NVIDIA CUDA toolkit for Windows contains a vulnerability in the cuobjd ...)
-	TODO: check
+	- nvidia-cuda-toolkit <not-affected> (Windows-specific)
+	NOTE: https://nvidia.custhelp.com/app/answers/detail/a_id/5594
 CVE-2024-53872 (NVIDIA CUDA toolkit for all platforms contains a vulnerability in the  ...)
 	- nvidia-cuda-toolkit <unfixed> (unimportant)
 	NOTE: Crash in CLI tool, no security impact
@@ -121,7 +122,7 @@ CVE-2024-10483 (The Simple:Press Forum WordPress plugin before 6.10.11 does not
 CVE-2024-10152 (The Simple Certain Time to Show Content WordPress plugin before 1.3.1  ...)
 	NOT-FOR-US: WordPress plugin
 CVE-2024-0148 (NVIDIA Jetson Linux and IGX OS image contains a vulnerability in the U ...)
-	TODO: check
+	NOT-FOR-US: NVIDIA
 CVE-2025-25209
 	NOT-FOR-US: RedHat RHCL
 CVE-2025-25208
@@ -3031,7 +3032,7 @@ CVE-2025-1676 (A vulnerability classified as critical was found in hzmanyun Educ
 CVE-2025-1262 (The Advanced Google reCaptcha plugin for WordPress is vulnerable to CA ...)
 	NOT-FOR-US: WordPress plugin
 CVE-2025-1204 (The "update" binary in the firmware of the affected product sends atte ...)
-	TODO: check
+	NOT-FOR-US: Contec Health CMS8000 Patient Monitor
 CVE-2025-1068 (There is an untrusted search path vulnerability in Esri ArcGIS AllSour ...)
 	NOT-FOR-US: Esri ArcGIS
 CVE-2025-1067 (There is an untrusted search path vulnerability in Esri ArcGIS Pro 3.3 ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/84a02ec46167f09bb1600556e35815640e5e38a3

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/84a02ec46167f09bb1600556e35815640e5e38a3
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20250226/de567c1c/attachment-0001.htm>