[Git][security-tracker-team/security-tracker][master] Process some NFUs

Tue Jul 15 22:27:33 BST 2025


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
281739f8 by Salvatore Bonaccorso at 2025-07-15T23:27:05+02:00
Process some NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -25,7 +25,7 @@ CVE-2025-6558 (Insufficient validation of untrusted input in ANGLE and GPU in Go
 CVE-2025-53959 (In JetBrains YouTrack before 2025.2.86069,  2024.3.85077,  2025.1.8619 ...)
 	NOT-FOR-US: JetBrains
 CVE-2025-53903 (The Scratch Channel is a news website that is under development as of  ...)
-	TODO: check
+	NOT-FOR-US: The Scratch Channel
 CVE-2025-53895 (ZITADEL is an open source identity management system. Starting in vers ...)
 	NOT-FOR-US: Zitadel
 CVE-2025-53893 (File Browser provides a file managing interface within a specified dir ...)
@@ -152,7 +152,7 @@ CVE-2025-50072 (Vulnerability in the Oracle WebLogic Server product of Oracle Fu
 CVE-2025-50071 (Vulnerability in the Oracle Applications Framework product of Oracle E ...)
 	NOT-FOR-US: Oracle
 CVE-2025-50070 (Vulnerability in the JDBC component of Oracle Database Server.  Suppor ...)
-	TODO: check
+	NOT-FOR-US: Oracle Database
 CVE-2025-50069 (Vulnerability in the Java VM component of Oracle Database Server.  Sup ...)
 	NOT-FOR-US: Oracle
 CVE-2025-50068 (Vulnerability in the MySQL Cluster product of Oracle MySQL (component: ...)
@@ -178,23 +178,23 @@ CVE-2025-50059 (Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Ora
 CVE-2025-4369 (The Companion Auto Update plugin for WordPress is vulnerable to Stored ...)
 	NOT-FOR-US: WordPress plugin
 CVE-2025-49830 (Conjur provides secrets management and application identity for infras ...)
-	TODO: check
+	NOT-FOR-US: Conjur
 CVE-2025-49829 (Conjur provides secrets management and application identity for infras ...)
-	TODO: check
+	NOT-FOR-US: Conjur
 CVE-2025-49828 (Conjur provides secrets management and application identity for infras ...)
-	TODO: check
+	NOT-FOR-US: Conjur
 CVE-2025-49827 (Conjur provides secrets management and application identity for infras ...)
-	TODO: check
+	NOT-FOR-US: Conjur
 CVE-2025-48795 (Apache CXF stores large stream based messages as temporary files on th ...)
-	TODO: check
+	NOT-FOR-US: Apache CXF
 CVE-2025-41239 (VMware ESXi, Workstation, Fusion, and VMware Tools contains an informa ...)
-	TODO: check
+	NOT-FOR-US: VMware
 CVE-2025-41238 (VMware ESXi, Workstation, and Fusion contain a heap-overflow vulnerabi ...)
-	TODO: check
+	NOT-FOR-US: VMware
 CVE-2025-41237 (VMware ESXi,Workstation, and Fusioncontain an integer-underflow in VMC ...)
-	TODO: check
+	NOT-FOR-US: VMware
 CVE-2025-41236 (VMware ESXi, Workstation, and Fusion contain an integer-overflow vulne ...)
-	TODO: check
+	NOT-FOR-US: VMware
 CVE-2025-34116 (A remote command execution vulnerability exists in IPFire before versi ...)
 	NOT-FOR-US: IPFire
 CVE-2025-34115 (An authenticated command injection vulnerability exists in OP5 Monitor ...)
@@ -208,21 +208,21 @@ CVE-2025-34111 (An unauthenticated arbitrary file upload vulnerability exists in
 CVE-2025-34110 (A directory traversal vulnerability exists in ColoradoFTP Server \u226 ...)
 	NOT-FOR-US: ColoradoFTP Server
 CVE-2025-34109 (PSEvents.exe in multiple Panda Security products runs hourly with SYST ...)
-	TODO: check
+	NOT-FOR-US: Panda Security
 CVE-2025-34108 (A stack-based buffer overflow vulnerability exists in the login functi ...)
-	TODO: check
+	NOT-FOR-US: Disk Pulse Enterprise
 CVE-2025-34107 (A buffer overflow vulnerability exists in the WinaXe FTP Client versio ...)
-	TODO: check
+	NOT-FOR-US: WinaXe FTP Client
 CVE-2025-34106 (A buffer overflow vulnerability exists in PDF Shaper versions 3.5 and  ...)
-	TODO: check
+	NOT-FOR-US: PDF Shaper
 CVE-2025-34105 (A stack-based buffer overflow vulnerability exists in the built-in web ...)
-	TODO: check
+	NOT-FOR-US: DiskBoss Enterprise
 CVE-2025-34104 (An authenticated remote code execution vulnerability exists in Piwik ( ...)
 	TODO: check
 CVE-2025-34103 (An unauthenticated command injection vulnerability exists in WePresent ...)
-	TODO: check
+	NOT-FOR-US: WePresent WiPG-1000 firmware
 CVE-2025-34068 (An unauthenticated remote command execution vulnerability exists in Sa ...)
-	TODO: check
+	NOT-FOR-US: Samsung WLAN AP WEA453e firmware
 CVE-2025-33097 (IBM QRadar SIEM 7.5 - 7.5.0 UP12 IF02 is vulnerable to stored cross-si ...)
 	NOT-FOR-US: IBM
 CVE-2025-30762 (Vulnerability in the Oracle WebLogic Server product of Oracle Fusion M ...)
@@ -264,13 +264,13 @@ CVE-2025-30739 (Vulnerability in the Oracle CRM Technical Foundation product of
 CVE-2025-30483 (Dell ECS versions prior to 3.8.1.5/ ObjectScale version 4.0.0.0 contai ...)
 	NOT-FOR-US: Dell / EMC
 CVE-2025-26186 (SQL Injection vulnerability in openSIS v.9.1 allows a remote attacker  ...)
-	TODO: check
+	NOT-FOR-US: openSIS
 CVE-2025-24477 (A heap-based buffer overflow in Fortinet FortiOS versions 7.6.0 throug ...)
 	NOT-FOR-US: Fortinet
 CVE-2025-0831 (Out-Of-Bounds Read vulnerability exists in the JT file reading procedu ...)
 	NOT-FOR-US: Dassault Systemes
 CVE-2024-42650 (NanoMQ 0.17.5 was discovered to contain a segmentation fault via the c ...)
-	TODO: check
+	NOT-FOR-US: NanoMQ
 CVE-2025-7672 (The improper default setting in JiranSoft CrossEditor4 on Windows, Lin ...)
 	NOT-FOR-US: JiranSoft CrossEditor4
 CVE-2025-7367 (The Strong Testimonials plugin for WordPress is vulnerable to Stored C ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/281739f8c971171b33e7bfc49a277c10e820769e

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/281739f8c971171b33e7bfc49a277c10e820769e
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20250715/b93e3c51/attachment.htm>
