[Git][security-tracker-team/security-tracker][master] NFUs

[Moritz Muehlenhoff (@jmm)]

Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker


Commits:
c9b63808 by Moritz Mühlenhoff at 2025-07-10T15:22:26+02:00
NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -128,7 +128,7 @@ CVE-2025-53747
 CVE-2025-53746
 	REJECTED
 CVE-2025-53624 (The Docusaurus gists plugin adds a page to your Docusaurus instance, d ...)
-	TODO: check
+	NOT-FOR-US: Docusaurus
 CVE-2025-4406 (The wpForo Forum plugin for WordPress is vulnerable to Stored Cross-Si ...)
 	NOT-FOR-US: WordPress plugin
 CVE-2025-46406 (A Privilege Context Switching Error (CWE-270) in the Command Center Se ...)
@@ -365,7 +365,7 @@ CVE-2025-0139 (An incorrect privilege assignment vulnerability in Palo Alto Netw
 CVE-2024-10391
 	REJECTED
 CVE-2023-50458 (In Dradis before 4.11.0, the Output Console shows a job queue that may ...)
-	TODO: check
+	NOT-FOR-US: Dradis
 CVE-2025-7370 [Null Pointer Dereference on libsoup through function "soup_cookie_jar_add_cookie" in soup-cookie-jar.c]
 	- libsoup3 <unfixed> (unimportant)
 	NOTE: https://gitlab.gnome.org/GNOME/libsoup/-/issues/430
@@ -462,37 +462,37 @@ CVE-2025-53650 (Jenkins Credentials Binding Plugin 687.v619cb_15e923f and earlie
 CVE-2025-53645 (Zimbra Collaboration Suite (ZCS) before 9.0.0 Patch 46, 10.0.x before  ...)
 	NOT-FOR-US: Zimbra
 CVE-2025-53620 (@builder.io/qwik-city is the meta-framework for Qwik. When a Qwik Serv ...)
-	TODO: check
+	NOT-FOR-US: @builder.io/qwik-city
 CVE-2025-53548 (Clerk helps developers build user management. Applications that use th ...)
-	TODO: check
+	NOT-FOR-US: Clerk
 CVE-2025-53546 (Folo organizes feeds content into one timeline. Using pull_request_tar ...)
-	TODO: check
+	NOT-FOR-US: Folo
 CVE-2025-52364 (Insecure Permissions vulnerability in Tenda CP3 Pro Firmware V22.5.4.9 ...)
 	NOT-FOR-US: Tenda
 CVE-2025-52357 (Cross-Site Scripting (XSS) vulnerability exists in the ping diagnostic ...)
 	NOT-FOR-US: FiberHome FD602GW-DX-R410 router
 CVE-2025-49604 (For Realtek AmebaD devices, a heap-based buffer overflow was discovere ...)
-	TODO: check
+	NOT-FOR-US: Realtek
 CVE-2025-44526 (Realtek RTL8762EKF-EVB RTL8762E SDK V1.4.0 was discovered to utilize i ...)
-	TODO: check
+	NOT-FOR-US: Realtek
 CVE-2025-44525 (Texas Instruments CC2652RB LaunchPad SimpleLink CC13XX CC26XX SDK 7.41 ...)
 	NOT-FOR-US: Texas Instruments CC2652RB LaunchPad SimpleLink CC13XX CC26XX SDK
 CVE-2025-44177 (A directory traversal vulnerability was discovered in White Star Softw ...)
 	NOT-FOR-US: White Star Software Protop
 CVE-2025-3499 (The device has two web servers that expose unauthenticated REST APIs o ...)
-	TODO: check
+	NOT-FOR-US: Radiflow
 CVE-2025-3498 (An unauthenticated user with management network access can get and  mo ...)
-	TODO: check
+	NOT-FOR-US: Radiflow
 CVE-2025-3497 (The Linux distribution underlying the Radiflow iSAP Smart Collector  ( ...)
-	TODO: check
+	NOT-FOR-US: Radiflow
 CVE-2025-36599 (Dell PowerFlex Manager VM, versions prior to 4.6.2.1, contains an Inse ...)
 	NOT-FOR-US: Dell / EMC
 CVE-2025-2670 (IBM OpenPages 9.0 is vulnerable to information disclosure of sensitive ...)
 	NOT-FOR-US: IBM
 CVE-2025-27028 (The Linux deprivileged user vpuserin Radiflow iSAP Smart Collector (Ce ...)
-	TODO: check
+	NOT-FOR-US: Radiflow
 CVE-2025-27027 (A user with vpusercredentials that opens an SSH connection to the devi ...)
-	TODO: check
+	NOT-FOR-US: Radiflow
 CVE-2025-1112 (IBM OpenPages with Watson 8.3 and 9.0 could allow an authenticated use ...)
 	NOT-FOR-US: IBM
 CVE-2025-38264 (In the Linux kernel, the following vulnerability has been resolved:  n ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/c9b63808970e45e09113194a7d87ddf9742b51f0

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/c9b63808970e45e09113194a7d87ddf9742b51f0
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20250710/3a9d86ea/attachment.htm>