[Git][security-tracker-team/security-tracker][master] Process some NFUs

Salvatore Bonaccorso (@carnil) carnil at debian.org
Tue Jun 3 21:55:48 BST 2025 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
d1970548 by Salvatore Bonaccorso at 2025-06-03T22:55:11+02:00
Process some NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -137,25 +137,25 @@ CVE-2025-45855 (An arbitrary file upload vulnerability in the component /upload/
 CVE-2025-45854 (An arbitrary file upload vulnerability in the component /server/execut ...)
 	NOT-FOR-US: JEHC-BPM
 CVE-2025-44148 (Cross Site Scripting (XSS) vulnerability in MailEnable before v10 allo ...)
-	TODO: check
+	NOT-FOR-US: MailEnable
 CVE-2025-43925 (An issue was discovered in Unicom Focal Point 7.6.1. The database is e ...)
-	TODO: check
+	NOT-FOR-US: Unicom Focal Point
 CVE-2025-43924 (Cross Site Scripting vulnerability was discovered in Unicom Focal Poin ...)
-	TODO: check
+	NOT-FOR-US: Unicom Focal Point
 CVE-2025-43923 (An issue was discovered in ReportController in Unicom Focal Point 7.6. ...)
-	TODO: check
+	NOT-FOR-US: Unicom Focal Point
 CVE-2025-41428 (Improper limitation of a pathname to a restricted directory ('Path Tra ...)
-	TODO: check
+	NOT-FOR-US: TimeWorks
 CVE-2025-36564 (Dell Encryption Admin Utilities versions prior to 11.10.2 contain an I ...)
 	NOT-FOR-US: Dell / EMC
 CVE-2025-35036 (Hibernate Validator before 6.2.0 and 7.0.0, by default and depending h ...)
 	TODO: check
 CVE-2025-32106 (In Audiocodes Mediapack MP-11x through 6.60A.369.002, a crafted POST r ...)
-	TODO: check
+	NOT-FOR-US: Audiocodes Mediapack MP-11x
 CVE-2025-32105 (A buffer overflow in the the Sangoma IMG2020 HTTP server through 2.3.9 ...)
-	TODO: check
+	NOT-FOR-US: Sangoma IMG2020 HTTP server
 CVE-2025-31359 (A directory traversal vulnerability exists in the PVMP package unpacki ...)
-	TODO: check
+	NOT-FOR-US: Parallels Desktop for Mac
 CVE-2025-30360 (webpack-dev-server allows users to use webpack with a development serv ...)
 	TODO: check
 CVE-2025-30359 (webpack-dev-server allows users to use webpack with a development serv ...)
@@ -171,29 +171,29 @@ CVE-2025-25020 (IBM QRadar Suite Software 1.10.12.0 through 1.11.2.0 and IBM Clo
 CVE-2025-25019 (IBM QRadar Suite Software 1.10.12.0 through 1.11.2.0 and IBM Cloud Pak ...)
 	NOT-FOR-US: IBM
 CVE-2025-23107 (An issue was discovered in Samsung Mobile Processor Exynos 1480 and 24 ...)
-	TODO: check
+	NOT-FOR-US: Samsung
 CVE-2025-23103 (An issue was discovered in Samsung Mobile Processor Exynos 1480 and 24 ...)
-	TODO: check
+	NOT-FOR-US: Samsung
 CVE-2025-23102 (An issue was discovered in Samsung Mobile Processor Exynos 9820, 9825, ...)
-	TODO: check
+	NOT-FOR-US: Samsung
 CVE-2025-23100 (An issue was discovered in Samsung Mobile Processor Exynos 1280, 2200, ...)
-	TODO: check
+	NOT-FOR-US: Samsung
 CVE-2025-23098 (An issue was discovered in Samsung Mobile Processor Exynos 980, 990, 1 ...)
-	TODO: check
+	NOT-FOR-US: Samsung
 CVE-2025-23097 (An issue was discovered in Samsung Mobile Processor Exynos 1380. The l ...)
-	TODO: check
+	NOT-FOR-US: Samsung
 CVE-2025-1725 (The Bit File Manager \u2013 100% Free & Open Source File Manager and C ...)
 	NOT-FOR-US: WordPress plugin
 CVE-2025-1334 (IBM QRadar Suite Software 1.10.12.0 through 1.11.2.0 and IBM Cloud Pak ...)
 	NOT-FOR-US: IBM
 CVE-2024-54189 (A privilege escalation vulnerability exists in the Snapshot functional ...)
-	TODO: check
+	NOT-FOR-US: Parallels Desktop for Mac
 CVE-2024-52561 (A privilege escalation vulnerability exists in the Snapshot functional ...)
-	TODO: check
+	NOT-FOR-US: Parallels Desktop for Mac
 CVE-2024-45655 (IBM Application Gateway 19.12 through 24.09 could allow a local privil ...)
 	NOT-FOR-US: IBM
 CVE-2024-36486 (A privilege escalation vulnerability exists in the virtual machine arc ...)
-	TODO: check
+	NOT-FOR-US: Parallels Desktop for Mac
 CVE-2024-12718 (Allows modifying some file metadata (e.g. last modified) with filter=" ...)
 	- python3.13 3.13.4-1
 	- python3.12 <unfixed>



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/d1970548a571631b38a9956b83dbcfe89a8dbfde

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/d1970548a571631b38a9956b83dbcfe89a8dbfde
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20250603/074bfb84/attachment.htm>

More information about the debian-security-tracker-commits mailing list