[Git][security-tracker-team/security-tracker][master] Process some NFUs

Salvatore Bonaccorso (@carnil) carnil at debian.org
Tue Jun 3 21:29:00 BST 2025 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
d68ad4db by Salvatore Bonaccorso at 2025-06-03T22:28:35+02:00
Process some NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,53 +1,53 @@
 CVE-2025-5525 (A vulnerability was found in Jrohy trojan up to 2.15.3. It has been de ...)
-	TODO: check
+	NOT-FOR-US: Jrohy trojan
 CVE-2025-5523 (A vulnerability classified as problematic has been found in enilu web- ...)
-	TODO: check
+	NOT-FOR-US: enilu web-flash
 CVE-2025-5522 (A vulnerability was found in jack0240 \u9b4f bskms \u84dd\u5929\u5e7c\ ...)
-	TODO: check
+	NOT-FOR-US: jack0240 bskms
 CVE-2025-5521 (A vulnerability was found in WuKongOpenSource WukongCRM 9.0. It has be ...)
-	TODO: check
+	NOT-FOR-US: WuKongOpenSource WukongCRM
 CVE-2025-5520 (A vulnerability was found in Open5GS up to 2.7.3. It has been classifi ...)
 	TODO: check
 CVE-2025-5516 (A vulnerability, which was classified as problematic, was found in TOT ...)
-	TODO: check
+	NOT-FOR-US: TOTOLINK
 CVE-2025-5515 (A vulnerability, which was classified as critical, has been found in T ...)
-	TODO: check
+	NOT-FOR-US: TOTOLINK
 CVE-2025-5513 (A vulnerability has been found in quequnlong shiyi-blog up to 1.2.1 an ...)
-	TODO: check
+	NOT-FOR-US: quequnlong shiyi-blog
 CVE-2025-5512 (A vulnerability, which was classified as critical, was found in quequn ...)
-	TODO: check
+	NOT-FOR-US: quequnlong shiyi-blog
 CVE-2025-5511 (A vulnerability, which was classified as critical, has been found in q ...)
-	TODO: check
+	NOT-FOR-US: quequnlong shiyi-blog
 CVE-2025-5510 (A vulnerability classified as critical was found in quequnlong shiyi-b ...)
-	TODO: check
+	NOT-FOR-US: quequnlong shiyi-blog
 CVE-2025-5509 (A vulnerability classified as critical has been found in quequnlong sh ...)
-	TODO: check
+	NOT-FOR-US: quequnlong shiyi-blog
 CVE-2025-5508 (A vulnerability was found in TOTOLINK A3002RU 2.1.1-B20230720.1011. It ...)
-	TODO: check
+	NOT-FOR-US: TOTOLINK
 CVE-2025-5507 (A vulnerability was found in TOTOLINK A3002RU 2.1.1-B20230720.1011. It ...)
-	TODO: check
+	NOT-FOR-US: TOTOLINK
 CVE-2025-5506 (A vulnerability was found in TOTOLINK A3002RU 2.1.1-B20230720.1011. It ...)
-	TODO: check
+	NOT-FOR-US: TOTOLINK
 CVE-2025-5505 (A vulnerability was found in TOTOLINK A3002RU 2.1.1-B20230720.1011 and ...)
-	TODO: check
+	NOT-FOR-US: TOTOLINK
 CVE-2025-5504 (A vulnerability has been found in TOTOLINK X2000R 1.0.0-B20230726.1108 ...)
-	TODO: check
+	NOT-FOR-US: TOTOLINK
 CVE-2025-5503 (A vulnerability, which was classified as critical, was found in TOTOLI ...)
-	TODO: check
+	NOT-FOR-US: TOTOLINK
 CVE-2025-5502 (A vulnerability, which was classified as critical, has been found in T ...)
-	TODO: check
+	NOT-FOR-US: TOTOLINK
 CVE-2025-5501 (A vulnerability classified as problematic was found in Open5GS up to 2 ...)
 	TODO: check
 CVE-2025-5499 (A vulnerability classified as critical has been found in slackero phpw ...)
-	TODO: check
+	NOT-FOR-US: slackero phpwcms
 CVE-2025-5498 (A vulnerability was found in slackero phpwcms up to 1.9.45/1.10.8. It  ...)
-	TODO: check
+	NOT-FOR-US: slackero phpwcms
 CVE-2025-5497 (A vulnerability was found in slackero phpwcms up to 1.9.45/1.10.8. It  ...)
-	TODO: check
+	NOT-FOR-US: slackero phpwcms
 CVE-2025-5495 (A vulnerability was found in Netgear WNR614 1.1.0.28_1.0.1WW. It has b ...)
 	NOT-FOR-US: Netgear
 CVE-2025-5493 (A vulnerability was found in Baison Channel Middleware Product 2.0.1 a ...)
-	TODO: check
+	NOT-FOR-US: Baison Channel Middleware Product
 CVE-2025-5492 (A vulnerability has been found in D-Link DI-500WF-WT up to 20250511 an ...)
 	NOT-FOR-US: D-Link
 CVE-2025-5340 (The Music Player for Elementor plugin for WordPress is vulnerable to S ...)
@@ -73,21 +73,21 @@ CVE-2025-4205 (The Popup Maker plugin for WordPress is vulnerable to Stored Cros
 CVE-2025-4138 (Allows the extraction filter to be ignored, allowing symlink targets t ...)
 	TODO: check
 CVE-2025-48998 (DataEase is an open source business intelligence and data visualizatio ...)
-	TODO: check
+	NOT-FOR-US: DataEase
 CVE-2025-48997 (Multer is a node.js middleware for handling `multipart/form-data`. A v ...)
-	TODO: check
+	NOT-FOR-US: Node multer
 CVE-2025-48953 (Umbraco is an ASP.NET content management system (CMS). Starting in ver ...)
-	TODO: check
+	NOT-FOR-US: Umbraco CMS
 CVE-2025-48950 (MaxKB is an open-source AI assistant for enterprise. Prior to version  ...)
-	TODO: check
+	NOT-FOR-US: MaxKB
 CVE-2025-46355 (Incorrect default permissions issue in PC Time Tracer prior to 5.2. If ...)
-	TODO: check
+	NOT-FOR-US: PC Time Tracer
 CVE-2025-46154 (Foxcms v1.25 has a SQL time injection in the $_POST['dbname'] paramete ...)
-	TODO: check
+	NOT-FOR-US: Foxcms
 CVE-2025-45855 (An arbitrary file upload vulnerability in the component /upload/GoodsC ...)
-	TODO: check
+	NOT-FOR-US: erupt
 CVE-2025-45854 (An arbitrary file upload vulnerability in the component /server/execut ...)
-	TODO: check
+	NOT-FOR-US: JEHC-BPM
 CVE-2025-44148 (Cross Site Scripting (XSS) vulnerability in MailEnable before v10 allo ...)
 	TODO: check
 CVE-2025-43925 (An issue was discovered in Unicom Focal Point 7.6.1. The database is e ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/d68ad4dbfcc572535f1e5fd01ef3a3232e960e3c

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/d68ad4dbfcc572535f1e5fd01ef3a3232e960e3c
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20250603/07adb66d/attachment.htm>

More information about the debian-security-tracker-commits mailing list