[Git][security-tracker-team/security-tracker][master] NFUs

Moritz Muehlenhoff (@jmm) jmm at debian.org
Wed Jul 9 13:34:53 BST 2025 


Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker


Commits:
3a75c12e by Moritz Mühlenhoff at 2025-07-09T14:34:32+02:00
NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -684,27 +684,27 @@ CVE-2025-40736 (A vulnerability has been identified in SINEC NMS (All versions <
 CVE-2025-40735 (A vulnerability has been identified in SINEC NMS (All versions < V4.0) ...)
 	NOT-FOR-US: Siemens
 CVE-2025-40721 (Reflected Cross-site Scripting (XSS) vulnerability in versions prior t ...)
-	TODO: check
+	NOT-FOR-US: Quiter
 CVE-2025-40720 (Reflected Cross-site Scripting (XSS) vulnerability in versions prior t ...)
-	TODO: check
+	NOT-FOR-US: Quiter
 CVE-2025-40719 (Reflected Cross-site Scripting (XSS) vulnerability in versions prior t ...)
-	TODO: check
+	NOT-FOR-US: Quiter
 CVE-2025-40718 (Improper error handling vulnerability in versions prior to 4.7.0 of Qu ...)
-	TODO: check
+	NOT-FOR-US: Quiter
 CVE-2025-40717 (SQL injection vulnerability in versions prior to 4.7.0 of Quiter Gatew ...)
-	TODO: check
+	NOT-FOR-US: Quiter
 CVE-2025-40716 (SQL injection vulnerability in versions prior to 4.7.0 of Quiter Gatew ...)
-	TODO: check
+	NOT-FOR-US: Quiter
 CVE-2025-40715 (SQL injection vulnerability in versions prior to 4.7.0 of Quiter Gatew ...)
-	TODO: check
+	NOT-FOR-US: Quiter
 CVE-2025-40714 (SQL injection vulnerability in versions prior to 4.7.0 of Quiter Gatew ...)
-	TODO: check
+	NOT-FOR-US: Quiter
 CVE-2025-40713 (SQL injection vulnerability in versions prior to 4.7.0 of Quiter Gatew ...)
-	TODO: check
+	NOT-FOR-US: Quiter
 CVE-2025-40712 (SQL injection vulnerability in versions prior to 4.7.0 of Quiter Gatew ...)
-	TODO: check
+	NOT-FOR-US: Quiter
 CVE-2025-40711 (SQL injection vulnerability in versions prior to 4.7.0 of Quiter Gatew ...)
-	TODO: check
+	NOT-FOR-US: Quiter
 CVE-2025-40593 (A vulnerability has been identified in SIMATIC CN 4100 (All versions < ...)
 	NOT-FOR-US: Siemens
 CVE-2025-3648 (A vulnerability has been identified in the Now Platform that could res ...)
@@ -718,7 +718,7 @@ CVE-2025-37102 (An authenticated command injection vulnerability exists in the C
 CVE-2025-36600 (Dell Client Platform BIOS contains an Improper Access Control Applied  ...)
 	NOT-FOR-US: Dell / EMC
 CVE-2025-33054 (Insufficient UI warning of dangerous operations in Remote Desktop Clie ...)
-	TODO: check
+	NOT-FOR-US: Microsoft
 CVE-2025-30312 (Dimension versions 4.1.2 and earlier are affected by an out-of-bounds  ...)
 	NOT-FOR-US: Adobe
 CVE-2025-2827 (IBM Sterling File Gateway   6.0.0.0 through 6.1.2.6, and 6.2.0.0 throu ...)
@@ -726,7 +726,7 @@ CVE-2025-2827 (IBM Sterling File Gateway   6.0.0.0 through 6.1.2.6, and 6.2.0.0
 CVE-2025-2793 (IBM Sterling B2B Integrator 6.0.0.0 through 6.1.2.6, 6.2.0.0 through 6 ...)
 	NOT-FOR-US: IBM
 CVE-2025-29267 (SQL Injection vulnerability in Abis, Inc Adjutant Core Accounting ERP  ...)
-	TODO: check
+	NOT-FOR-US: Abis
 CVE-2025-27369 (IBM OpenPages with Watson 8.3 and 9.0         is vulnerable to informa ...)
 	NOT-FOR-US: IBM
 CVE-2025-27367 (IBM OpenPages with Watson 8.3 and 9.0       is vulnerable to improper  ...)
@@ -760,7 +760,7 @@ CVE-2025-27043 (Memory corruption while processing manipulated payload in video
 CVE-2025-27042 (Memory corruption while processing video packets received from video f ...)
 	NOT-FOR-US: Qualcomm
 CVE-2025-26636 (Processor optimization removal or modification of security-critical co ...)
-	TODO: check
+	NOT-FOR-US: Microsoft
 CVE-2025-24474 (An Improper Neutralization of Special Elements used in an SQL Command  ...)
 	NOT-FOR-US: Fortinet
 CVE-2025-23365 (A vulnerability has been identified in TIA Administrator (All versions ...)
@@ -834,7 +834,7 @@ CVE-2025-20983 (Out-of-bounds write in checking auth secret in KnoxVault trustle
 CVE-2025-20982 (Out-of-bounds write in setting auth secret in KnoxVault trustlet prior ...)
 	NOT-FOR-US: Samsung Mobile
 CVE-2025-0928 (In Juju versions prior to 3.6.8 and 2.9.52, any authenticated controll ...)
-	TODO: check
+	- juju <removed>
 CVE-2025-0293 (CLRF injection in Ivanti Connect Secure before version 22.7R2.8 and Iv ...)
 	NOT-FOR-US: Ivanti
 CVE-2025-0292 (SSRF in Ivanti Connect Secure before version 22.7R2.8 and Ivanti Polic ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/3a75c12ecc4639650c6073787a3a708bbcec52bf

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/3a75c12ecc4639650c6073787a3a708bbcec52bf
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20250709/cff8f9bd/attachment.htm>

More information about the debian-security-tracker-commits mailing list