[Git][security-tracker-team/security-tracker][master] NFUs

Moritz Muehlenhoff (@jmm) jmm at debian.org
Wed Jun 11 14:51:41 BST 2025 


Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker


Commits:
6f55b8ae by Moritz Muehlenhoff at 2025-06-11T15:46:54+02:00
NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -498,7 +498,7 @@ CVE-2025-46838 (Adobe Experience Manager versions 6.5.22 and earlier are affecte
 CVE-2025-46837 (Adobe Experience Manager versions 6.5.22 and earlier are affected by a ...)
 	NOT-FOR-US: Adobe
 CVE-2025-35940 (The ArchiverSpaApiASP.NET  application uses a hard-coded JWT signing k ...)
-	TODO: check
+	NOT-FOR-US: GFI Archiver
 CVE-2025-32717 (Heap-based buffer overflow in Microsoft Office Word allows an unauthor ...)
 	NOT-FOR-US: Microsoft
 CVE-2025-30675 (In Apache CloudStack, a flaw in access control affects the listTemplat ...)
@@ -512,15 +512,15 @@ CVE-2025-22829 (The CloudStack Quota plugin has an improper privilege management
 CVE-2025-1055 (A vulnerability in the K7RKScan.sys driver, part of the K7 Security An ...)
 	NOT-FOR-US: K7 Security Anti-Malware suite
 CVE-2024-9062 (The Archify application contains a local privilege escalation vulnerab ...)
-	TODO: check
+	NOT-FOR-US: Archify application
 CVE-2024-8270 (The macOS Rocket.Chat application is affected by a vulnerability that  ...)
-	TODO: check
+	NOT-FOR-US: macOS Rocket.Chat application
 CVE-2024-7457 (The ws.stash.app.mac.daemon.helper tool contains a vulnerability cause ...)
-	TODO: check
+	NOT-FOR-US: Stash
 CVE-2024-35295 (A vulnerability has been identified in Perfect Harmony GH180 (All vers ...)
 	NOT-FOR-US: Siemens
 CVE-2024-1244 (Improper input validation in the OSSEC HIDS agent for Windows prior to ...)
-	TODO: check
+	NOT-FOR-US: OSSEC-HIDS Agent
 CVE-2024-1243 (Improper input validation in the Wazuh agent for Windows prior to vers ...)
 	NOT-FOR-US: Wazuh agent for Windows
 CVE-2025-5986
@@ -607,7 +607,7 @@ CVE-2025-49143 (Nautobot is a Network Source of Truth and Network Automation Pla
 CVE-2025-49142 (Nautobot is a Network Source of Truth and Network Automation Platform. ...)
 	NOT-FOR-US: Nautobot
 CVE-2025-48937 (matrix-rust-sdk is an implementation of a Matrix client-server library ...)
-	TODO: check
+	NOT-FOR-US: matrix-rust-sdk
 CVE-2025-48879 (OctoPrint versions up until and including 1.11.1 contain a vulnerabili ...)
 	- octoprint <itp> (bug #718591)
 CVE-2025-48067 (OctoPrint provides a web interface for controlling consumer 3D printer ...)
@@ -771,7 +771,7 @@ CVE-2025-3052 (An arbitrary write vulnerability in Microsoft signed UEFI firmwar
 CVE-2025-37100 (A vulnerability in the APIs of HPE Aruba Networking Private 5G Corecou ...)
 	NOT-FOR-US: HPE
 CVE-2025-36852 (A critical security vulnerability exists in remote cache extensions fo ...)
-	TODO: check
+	NOT-FOR-US: various bucket-based remote caches
 CVE-2025-36580 (Dell Wyse Management Suite, versions prior to WMS 5.2, contain an Impr ...)
 	NOT-FOR-US: Dell / EMC
 CVE-2025-36578 (Dell Wyse Management Suite, versions prior to WMS 5.2, contain an Inco ...)
@@ -953,7 +953,7 @@ CVE-2024-32119 (An improper authentication vulnerability [CWE-287] in Fortinet F
 CVE-2024-29198 (GeoServer is an open source software server written in Java that allow ...)
 	NOT-FOR-US: GeoServer
 CVE-2024-13090 (A privilege escalation vulnerability may enable a service account to e ...)
-	TODO: check
+	NOT-FOR-US: Nozomi Networks CMC
 CVE-2024-13089 (An OS command injection vulnerability within the update functionality  ...)
 	NOT-FOR-US: Guardian/CMC
 CVE-2023-48786 (A server-side request forgery vulnerability [CWE-918] in Fortinet Fort ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/6f55b8ae6071d3d2a3259a013114c6c5d63dcce7

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/6f55b8ae6071d3d2a3259a013114c6c5d63dcce7
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20250611/bb04085b/attachment-0001.htm>

More information about the debian-security-tracker-commits mailing list