[Git][security-tracker-team/security-tracker][master] NFUs

Moritz Muehlenhoff (@jmm) jmm at debian.org
Mon Jun 2 09:21:36 BST 2025 


Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker


Commits:
b4cf999a by Moritz Muehlenhoff at 2025-06-02T10:21:15+02:00
NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,53 +1,53 @@
 CVE-2025-5436 (A vulnerability was found in Multilaser Sirius RE016 MLT1.0. It has be ...)
-	TODO: check
+	NOT-FOR-US: Multilaser Sirius RE016
 CVE-2025-5435 (A vulnerability was found in Marwal Infotech CMS 1.0. It has been decl ...)
-	TODO: check
+	NOT-FOR-US: Marwal Infotech CMS
 CVE-2025-5434 (A vulnerability was found in Aem Solutions CMS up to 1.0. It has been  ...)
-	TODO: check
+	NOT-FOR-US: Aem Solutions CMS
 CVE-2025-5433 (A vulnerability was found in Fengoffice Feng Office 3.5.1.5 and classi ...)
-	TODO: check
+	NOT-FOR-US: Fengoffice Feng Office
 CVE-2025-5432 (A vulnerability has been found in AssamLook CMS 1.0 and classified as  ...)
-	TODO: check
+	NOT-FOR-US: AssamLook CMS
 CVE-2025-5431 (A vulnerability, which was classified as critical, was found in AssamL ...)
-	TODO: check
+	NOT-FOR-US: AssamLook CMS
 CVE-2025-5430 (A vulnerability, which was classified as critical, has been found in A ...)
-	TODO: check
+	NOT-FOR-US: AssamLook CMS
 CVE-2025-5429 (A vulnerability classified as critical was found in juzaweb CMS up to  ...)
-	TODO: check
+	NOT-FOR-US: juzaweb CMS
 CVE-2025-5428 (A vulnerability classified as critical has been found in juzaweb CMS u ...)
-	TODO: check
+	NOT-FOR-US: juzaweb CMS
 CVE-2025-5427 (A vulnerability was found in juzaweb CMS up to 3.4.2. It has been rate ...)
-	TODO: check
+	NOT-FOR-US: juzaweb CMS
 CVE-2025-5426 (A vulnerability was found in juzaweb CMS up to 3.4.2. It has been decl ...)
-	TODO: check
+	NOT-FOR-US: juzaweb CMS
 CVE-2025-5425 (A vulnerability was found in juzaweb CMS up to 3.4.2. It has been clas ...)
-	TODO: check
+	NOT-FOR-US: juzaweb CMS
 CVE-2025-5424 (A vulnerability was found in juzaweb CMS up to 3.4.2 and classified as ...)
-	TODO: check
+	NOT-FOR-US: juzaweb CMS
 CVE-2025-5423 (A vulnerability has been found in juzaweb CMS up to 3.4.2 and classifi ...)
-	TODO: check
+	NOT-FOR-US: juzaweb CMS
 CVE-2025-5422 (A vulnerability, which was classified as problematic, was found in juz ...)
-	TODO: check
+	NOT-FOR-US: juzaweb CMS
 CVE-2025-5421 (A vulnerability, which was classified as critical, has been found in j ...)
-	TODO: check
+	NOT-FOR-US: juzaweb CMS
 CVE-2025-5420 (A vulnerability classified as problematic was found in juzaweb CMS up  ...)
-	TODO: check
+	NOT-FOR-US: juzaweb CMS
 CVE-2025-5412 (A vulnerability classified as problematic has been found in Mist Commu ...)
-	TODO: check
+	NOT-FOR-US: Mist Community Edition
 CVE-2025-5411 (A vulnerability was found in Mist Community Edition up to 4.7.1. It ha ...)
-	TODO: check
+	NOT-FOR-US: Mist Community Edition
 CVE-2025-5410 (A vulnerability was found in Mist Community Edition up to 4.7.1. It ha ...)
-	TODO: check
+	NOT-FOR-US: Mist Community Edition
 CVE-2025-5409 (A vulnerability was found in Mist Community Edition up to 4.7.1. It ha ...)
-	TODO: check
+	NOT-FOR-US: Mist Community Edition
 CVE-2025-5408 (A vulnerability was found in WAVLINK QUANTUM D2G, QUANTUM D3G, WL-WN53 ...)
 	NOT-FOR-US: Wavlink
 CVE-2025-5407 (A vulnerability has been found in chaitak-gorai Blogbook up to 92f5cf9 ...)
-	TODO: check
+	NOT-FOR-US: chaitak-gorai Blogbook
 CVE-2025-5113 (The Diviotec professional series exposes a web interface. One endpoint ...)
-	TODO: check
+	NOT-FOR-US: Diviotec
 CVE-2025-4010 (The Netcom NTC 6200 and NWL 222 series expose a web interface to be co ...)
-	TODO: check
+	NOT-FOR-US: Netcom NTC 6200 and NWL 222 series
 CVE-2025-49113 (Roundcube Webmail before 1.5.10 and 1.6.x before 1.6.11 allows remote  ...)
 	TODO: check
 CVE-2025-49112 (setDeferredReply in networking.c in Valkey through 8.1.1 has an intege ...)
@@ -73,7 +73,7 @@ CVE-2025-20672 (In Bluetooth driver, there is a possible out of bounds write due
 CVE-2025-1485 (The Real Cookie Banner: GDPR & ePrivacy Cookie Consent WordPress plugi ...)
 	NOT-FOR-US: WordPress plugin
 CVE-2025-1235 (A low privileged attacker can set the date of the devices to the 19th  ...)
-	TODO: check
+	NOT-FOR-US: WAGO
 CVE-2025-0358 (During an annual penetration test conducted on behalf of Axis Communic ...)
 	NOT-FOR-US: Axis Communication
 CVE-2025-0325 (A Guard Tour VAPIX API parameter allowed the use of arbitrary values a ...)
@@ -81,7 +81,7 @@ CVE-2025-0325 (A Guard Tour VAPIX API parameter allowed the use of arbitrary val
 CVE-2025-0324 (The VAPIX Device Configuration framework allowed a privilege escalatio ...)
 	NOT-FOR-US: Axis Communication
 CVE-2024-11857 (Bluetooth HCI Adaptor from Realtek has a Link Following vulnerability. ...)
-	TODO: check
+	NOT-FOR-US: Realtek
 CVE-2025-XXXX [Post-Auth RCE via PHP Object Deserialization]
 	- roundcube 1.6.11+dfsg-1 (bug #1107073)
 	NOTE: https://roundcube.net/news/2025/06/01/security-updates-1.6.11-and-1.5.10



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/b4cf999aa83dcab90c5d9898f3d00dcc7a5a4b7e

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/b4cf999aa83dcab90c5d9898f3d00dcc7a5a4b7e
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20250602/ad67b2c1/attachment-0001.htm>

More information about the debian-security-tracker-commits mailing list