[Git][security-tracker-team/security-tracker][master] NFUs

Moritz Muehlenhoff (@jmm) jmm at debian.org
Mon Mar 3 11:44:22 GMT 2025 


Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker


Commits:
9e15bdb8 by Moritz Muehlenhoff at 2025-03-03T12:44:07+01:00
NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,45 +1,45 @@
 CVE-2025-27590 (In oxidized-web (aka Oxidized Web) before 0.15.0, the RANCID migration ...)
 	TODO: check
 CVE-2025-27585 (A stored cross-site scripting (XSS) vulnerability in Serosoft Solution ...)
-	TODO: check
+	NOT-FOR-US: Serosoft Solutions
 CVE-2025-27584 (A stored cross-site scripting (XSS) vulnerability in Serosoft Solution ...)
-	TODO: check
+	NOT-FOR-US: Serosoft Solutions
 CVE-2025-27583 (Incorrect access control in the component /rest/staffResource/findAllU ...)
-	TODO: check
+	NOT-FOR-US: Serosoft Solutions
 CVE-2025-27579 (In Bitaxe ESP-Miner before 2.5.0 with AxeOS, one can use an /api/syste ...)
 	TODO: check
 CVE-2025-25953 (Serosoft Solutions Pvt Ltd Academia Student Information System (SIS) E ...)
-	TODO: check
+	NOT-FOR-US: Serosoft Solutions
 CVE-2025-25952 (An Insecure Direct Object References (IDOR) in the component /getStude ...)
-	TODO: check
+	NOT-FOR-US: Serosoft Solutions
 CVE-2025-25951 (An information disclosure vulnerability in the component /rest/cb/exec ...)
-	TODO: check
+	NOT-FOR-US: Serosoft Solutions
 CVE-2025-25950 (Incorrect access control in the component /rest/staffResource/update o ...)
-	TODO: check
+	NOT-FOR-US: Serosoft Solutions
 CVE-2025-25949 (A stored cross-site scripting (XSS) vulnerability in Serosoft Solution ...)
-	TODO: check
+	NOT-FOR-US: Serosoft Solutions
 CVE-2025-25948 (Incorrect access control in the component /rest/staffResource/create o ...)
-	TODO: check
+	NOT-FOR-US: Serosoft Solutions
 CVE-2025-20653 (In da, there is a possible out of bounds read due to an integer overfl ...)
-	TODO: check
+	NOT-FOR-US: MediaTek
 CVE-2025-20652 (In V5 DA, there is a possible out of bounds read due to a missing boun ...)
-	TODO: check
+	NOT-FOR-US: MediaTek
 CVE-2025-20651 (In da, there is a possible out of bounds read due to a missing bounds  ...)
-	TODO: check
+	NOT-FOR-US: MediaTek
 CVE-2025-20650 (In da, there is a possible out of bounds write due to a missing bounds ...)
-	TODO: check
+	NOT-FOR-US: MediaTek
 CVE-2025-20649 (In Bluetooth Stack SW, there is a possible information disclosure due  ...)
-	TODO: check
+	NOT-FOR-US: MediaTek
 CVE-2025-20648 (In apu, there is a possible out of bounds read due to a missing bounds ...)
-	TODO: check
+	NOT-FOR-US: MediaTek
 CVE-2025-20647 (In Modem, there is a possible system crash due to a missing bounds che ...)
-	TODO: check
+	NOT-FOR-US: MediaTek
 CVE-2025-20646 (In wlan AP FW, there is a possible out of bounds write due to improper ...)
-	TODO: check
+	NOT-FOR-US: MediaTek
 CVE-2025-20645 (In KeyInstall, there is a possible out of bounds write due to a missin ...)
-	TODO: check
+	NOT-FOR-US: MediaTek
 CVE-2025-20644 (In Modem, there is a possible memory corruption due to incorrect error ...)
-	TODO: check
+	NOT-FOR-US: MediaTek
 CVE-2025-1857 (A vulnerability classified as critical has been found in PHPGurukul Ni ...)
 	TODO: check
 CVE-2025-1856 (A vulnerability was found in Codezips Gym Management System 1.0. It ha ...)
@@ -49,11 +49,11 @@ CVE-2025-1855 (A vulnerability was found in PHPGurukul Online Shopping Portal 2.
 CVE-2025-1854 (A vulnerability was found in Codezips Gym Management System 1.0. It ha ...)
 	TODO: check
 CVE-2025-1853 (A vulnerability was found in Tenda AC8 16.03.34.06 and classified as c ...)
-	TODO: check
+	NOT-FOR-US: Tenda
 CVE-2025-1852 (A vulnerability has been found in Totolink EX1800T 9.1.0cu.2112_B20220 ...)
-	TODO: check
+	NOT-FOR-US: TOTOLINK
 CVE-2025-1851 (A vulnerability, which was classified as critical, was found in Tenda  ...)
-	TODO: check
+	NOT-FOR-US: Tenda
 CVE-2025-1850 (A vulnerability, which was classified as critical, has been found in C ...)
 	TODO: check
 CVE-2025-1849 (A vulnerability classified as critical was found in zj1983 zz up to 20 ...)
@@ -65,17 +65,17 @@ CVE-2025-1847 (A vulnerability was found in zj1983 zz up to 2024-8. It has been
 CVE-2025-1846 (A vulnerability was found in zj1983 zz up to 2024-8. It has been decla ...)
 	TODO: check
 CVE-2025-1845 (A vulnerability has been found in ESAFENET DSM 3.1.2 and classified as ...)
-	TODO: check
+	NOT-FOR-US: ESAFENET
 CVE-2025-1844 (A vulnerability, which was classified as critical, was found in ESAFEN ...)
-	TODO: check
+	NOT-FOR-US: ESAFENET
 CVE-2025-1843 (A vulnerability, which was classified as critical, has been found in M ...)
 	TODO: check
 CVE-2025-1842 (A vulnerability classified as problematic was found in FITSTATS Techno ...)
 	TODO: check
 CVE-2025-1841 (A vulnerability classified as critical has been found in ESAFENET CDG  ...)
-	TODO: check
+	NOT-FOR-US: ESAFENET
 CVE-2025-1840 (A vulnerability was found in ESAFENET CDG 5.6.3.154.205. It has been r ...)
-	TODO: check
+	NOT-FOR-US: ESAFENET
 CVE-2025-1836 (A vulnerability was found in Incorta 2023.4.3. It has been classified  ...)
 	TODO: check
 CVE-2025-1835 (A vulnerability has been found in osuuu LightPicture 1.2.2 and classif ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/9e15bdb87f8bd29255dd5db975b60c256379f1d8

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/9e15bdb87f8bd29255dd5db975b60c256379f1d8
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20250303/96e950b5/attachment-0001.htm>

More information about the debian-security-tracker-commits mailing list