[Git][security-tracker-team/security-tracker][master] NFUs

Moritz Muehlenhoff (@jmm) jmm at debian.org
Wed Jun 25 10:21:13 BST 2025 


Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker


Commits:
17eb6b71 by Moritz Muehlenhoff at 2025-06-25T11:20:49+02:00
NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -101,7 +101,7 @@ CVE-2025-6568 (A vulnerability classified as critical has been found in TOTOLINK
 CVE-2025-6567 (A vulnerability was found in Campcodes Online Recruitment Management S ...)
 	NOT-FOR-US: Campcodes
 CVE-2025-6566 (A vulnerability was found in oatpp Oat++ up to 1.3.1. It has been decl ...)
-	TODO: check
+	NOT-FOR-US: oatpp
 CVE-2025-6565 (A vulnerability was found in Netgear WNCE3001 1.0.0.50. It has been cl ...)
 	NOT-FOR-US: Netgear
 CVE-2025-6557 (Insufficient data validation in DevTools in Google Chrome on Windows p ...)
@@ -156,21 +156,21 @@ CVE-2025-4877
 	NOTE: https://www.libssh.org/security/advisories/CVE-2025-4877.txt
 	NOTE: Fixed by: https://git.libssh.org/projects/libssh.git/commit/?id=6fd9cc8ce3958092a1aae11f1f2e911b2747732d (libssh-0.11.2)
 CVE-2025-5087 (Kaleris NAVIS N4 ULC (Ultra Light Client) communicates insecurely usin ...)
-	TODO: check
+	NOT-FOR-US: Kaleris NAVIS N4 ULC
 CVE-2025-53073 (In Sentry 25.1.0 through 25.5.1, an authenticated attacker can access  ...)
 	NOT-FOR-US: Sentry
 CVE-2025-53021 (A session fixation vulnerability in Moodle 3.x through 3.11.18 allows  ...)
 	- moodle <removed>
 CVE-2025-52888 (Allure 2 is the version 2.x branch of Allure Report, a multi-language  ...)
-	TODO: check
+	NOT-FOR-US: Allure
 CVE-2025-52882 (Claude Code is an agentic coding tool. Claude Code extensions in VSCod ...)
-	TODO: check
+	NOT-FOR-US: Claude Code
 CVE-2025-52880 (Komga is a media server for comics, mangas, BDs, magazines and eBooks. ...)
-	TODO: check
+	NOT-FOR-US: Komga
 CVE-2025-52571 (Hikka is a Telegram userbot. A vulnerability affects all users of vers ...)
-	TODO: check
+	NOT-FOR-US: Hikka
 CVE-2025-52471 (ESF-IDF is the Espressif Internet of Things (IOT) Development Framewor ...)
-	TODO: check
+	NOT-FOR-US: ESF-IDF
 CVE-2025-50699 (PHPGurukul Online DJ Booking Management System 2.0 is vulnerable to Cr ...)
 	NOT-FOR-US: PHPGurukul
 CVE-2025-50695 (PHPGurukul Online DJ Booking Management System 2.0 is vulnerable to Cr ...)
@@ -178,23 +178,23 @@ CVE-2025-50695 (PHPGurukul Online DJ Booking Management System 2.0 is vulnerable
 CVE-2025-50693 (PHPGurukul Online DJ Booking Management System 2.0 is vulnerable to In ...)
 	NOT-FOR-US: PHPGurukul
 CVE-2025-4383 (Improper Restriction of Excessive Authentication Attempts vulnerabilit ...)
-	TODO: check
+	NOT-FOR-US: Wi-Fi Cloud Hotspot
 CVE-2025-4378 (Cleartext Transmission of Sensitive Information, Use of Hard-coded Cre ...)
-	TODO: check
+	NOT-FOR-US: ATA-AOF Mobile Application
 CVE-2025-49853 (ControlID iDSecure On-premises versions 4.7.48.0 and prior are vulnera ...)
-	TODO: check
+	NOT-FOR-US: ControlID iDSecure
 CVE-2025-49852 (ControlID iDSecure On-premises versions 4.7.48.0 and prior are vulnera ...)
-	TODO: check
+	NOT-FOR-US: ControlID iDSecure
 CVE-2025-49851 (ControlID iDSecure On-premises versions 4.7.48.0 and prior are vulnera ...)
-	TODO: check
+	NOT-FOR-US: ControlID iDSecure
 CVE-2025-49147 (Umbraco, a free and open source .NET content management system, has a  ...)
 	TODO: check
 CVE-2025-44531 (An issue in Realtek RTL8762EKF-EVB RTL8762E SDK v1.4.0 allows attacker ...)
-	TODO: check
+	NOT-FOR-US: Realtek
 CVE-2025-3092 (An unauthenticated remote attacker can enumerate valid user names from ...)
-	TODO: check
+	NOT-FOR-US: myREX24
 CVE-2025-3091 (An low privileged remote attacker in possession of the second factor f ...)
-	TODO: check
+	NOT-FOR-US: mbCONNECT24
 CVE-2025-39205 (A vulnerability exists in the IEC 61850 in MicroSCADA X SYS600 product ...)
 	NOT-FOR-US: Hitachi Energy
 CVE-2025-39204 (A vulnerability exists in the Web interface of the MicroSCADA X SYS600 ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/17eb6b712a1e0e8c3038ca154c3d0913318b2e96

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/17eb6b712a1e0e8c3038ca154c3d0913318b2e96
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20250625/812b75b4/attachment.htm>

More information about the debian-security-tracker-commits mailing list