[Git][security-tracker-team/security-tracker][master] Process some NFUs

Thu Jul 17 13:16:33 BST 2025


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
318169ea by Salvatore Bonaccorso at 2025-07-17T14:16:06+02:00
Process some NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,9 +1,9 @@
 CVE-2025-7735 (The Hospital Information System developed by UNIMAX has a SQL Injectio ...)
-	TODO: check
+	NOT-FOR-US: Hospital Information System developed by UNIMAX
 CVE-2025-7729 (A vulnerability classified as problematic was found in Scada-LTS up to ...)
-	TODO: check
+	NOT-FOR-US: Scada-LTS
 CVE-2025-7728 (A vulnerability classified as problematic has been found in Scada-LTS  ...)
-	TODO: check
+	NOT-FOR-US: Scada-LTS
 CVE-2025-7712 (The Madara - Core plugin for WordPress is vulnerable to arbitrary file ...)
 	NOT-FOR-US: WordPress plugin
 CVE-2025-6983 (A   Clickjackingvulnerability in TP-Link Archer C1200 web management p ...)
@@ -13,33 +13,33 @@ CVE-2025-5396 (The Bears Backup plugin for WordPress is vulnerable to Remote Cod
 CVE-2025-4302 (The Stop User Enumeration WordPress plugin before version 1.7.3 blocks ...)
 	NOT-FOR-US: WordPress plugin
 CVE-2025-34132 (A command injection vulnerability exists in LILIN Digital Video Record ...)
-	TODO: check
+	NOT-FOR-US: LILIN Digital Video Recorder (DVR) devices
 CVE-2025-34130 (An unauthenticated arbitrary file read exists in LILIN Digital Video R ...)
-	TODO: check
+	NOT-FOR-US: LILIN Digital Video Recorder (DVR) devices
 CVE-2025-34129 (A command injection vulnerability exists in LILIN LILIN Digital Video  ...)
-	TODO: check
+	NOT-FOR-US: LILIN Digital Video Recorder (DVR) devices
 CVE-2025-34128 (A buffer overflow vulnerability exists in the X360 VideoPlayer ActiveX ...)
-	TODO: check
+	NOT-FOR-US: X360 VideoPlayer ActiveX control (VideoPlayer.ocx)
 CVE-2025-34127 (A stack-based buffer overflow exists in Achat v0.150 in its default co ...)
-	TODO: check
+	NOT-FOR-US: Achat
 CVE-2025-34126 (A path traversal vulnerability exists in RIPS Scanner version 0.54. Th ...)
-	TODO: check
+	NOT-FOR-US: RIPS Scanner
 CVE-2025-34125 (An unauthenticated command injection vulnerability exists in the cooki ...)
 	NOT-FOR-US: D-Link
 CVE-2025-34124 (A buffer overflow vulnerability exists in Heroes of Might and Magic II ...)
-	TODO: check
+	NOT-FOR-US: Heroes of Might and Magic III Complete
 CVE-2025-34123 (A stack-based buffer overflow vulnerability exists in VideoCharge Stud ...)
-	TODO: check
+	NOT-FOR-US: VideoCharge Studio
 CVE-2025-34121 (An unauthenticated arbitrary file upload vulnerability exists in Idera ...)
-	TODO: check
+	NOT-FOR-US: Idera Up.Time Monitoring Station
 CVE-2025-34120 (An unauthenticated file download vulnerability exists in LimeSurvey ve ...)
 	TODO: check
 CVE-2025-34119 (A remote file disclosure vulnerability exists in EasyCafe Server 2.2.1 ...)
-	TODO: check
+	NOT-FOR-US: EasyCafe Server
 CVE-2025-34118 (A path traversal vulnerability exists in Linknat VOS Manager versions  ...)
-	TODO: check
+	NOT-FOR-US: Linknat VOS Manager
 CVE-2025-34117 (A remote code execution vulnerability exists in multiple Netcore and N ...)
-	TODO: check
+	NOT-FOR-US: Netcore and Netis routers
 CVE-2024-12498
 	REJECTED
 CVE-2025-7703 (Authentication vulnerability in the mobile application\uff08tech.palm. ...)
@@ -322,13 +322,13 @@ CVE-2025-24779 (Deserialization of Untrusted Data vulnerability in NooTheme Yogi
 CVE-2025-24777 (Deserialization of Untrusted Data vulnerability in awethemes Hillter a ...)
 	NOT-FOR-US: WordPress plugin or theme
 CVE-2025-24759 (Improper Neutralization of Special Elements used in an SQL Command ('S ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2025-22227 (In some specific scenarios with chained redirects, Reactor Netty HTTP  ...)
 	TODO: check
 CVE-2025-20337 (A vulnerability in a specific API of Cisco ISE and Cisco ISE-PIC could ...)
-	TODO: check
+	NOT-FOR-US: Cisco
 CVE-2025-20288 (A vulnerability in the web-based management interface of Cisco Unified ...)
-	TODO: check
+	NOT-FOR-US: Cisco
 CVE-2025-20285 (A vulnerability in the IP Access Restriction feature of Cisco ISE and  ...)
 	NOT-FOR-US: Cisco
 CVE-2025-20284 (A vulnerability in a specific API of Cisco ISE and Cisco ISE-PIC could ...)
@@ -336,9 +336,9 @@ CVE-2025-20284 (A vulnerability in a specific API of Cisco ISE and Cisco ISE-PIC
 CVE-2025-20283 (A vulnerability in a specific API of Cisco ISE and Cisco ISE-PIC could ...)
 	NOT-FOR-US: Cisco
 CVE-2025-20274 (A vulnerability in the web-based management interface of Cisco Unified ...)
-	TODO: check
+	NOT-FOR-US: Cisco
 CVE-2025-20272 (A vulnerability in a subset of REST APIs of Cisco Prime Infrastructure ...)
-	TODO: check
+	NOT-FOR-US: Cisco
 CVE-2024-9408 (In Eclipse GlassFish since version 6.2.5 it is possible to perform a S ...)
 	TODO: check
 CVE-2024-9343 (In Eclipse GlassFish version 7.0.15 is possible to perform Stored Cros ...)
@@ -346,7 +346,7 @@ CVE-2024-9343 (In Eclipse GlassFish version 7.0.15 is possible to perform Stored
 CVE-2024-9342 (In Eclipse GlassFish version 7.0.16 or earlier it is possible to perfo ...)
 	TODO: check
 CVE-2024-42912 (A cross-site scripting (XSS) vulnerability in META-INF Kft. Email This ...)
-	TODO: check
+	NOT-FOR-US: META-INF Kft. Email This Issue (Data Center)
 CVE-2024-10032 (In Eclipse GlassFish version 7.0.15 is possible to perform Stored Cros ...)
 	TODO: check
 CVE-2024-10031 (In Eclipse GlassFish version 7.0.15 is possible to perform Stored Cros ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/318169ea4ffeb3067e65789417dafc8818547f2e

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/318169ea4ffeb3067e65789417dafc8818547f2e
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20250717/5b8f417a/attachment.htm>
