[Git][security-tracker-team/security-tracker][master] NFUs

Moritz Muehlenhoff (@jmm) jmm at debian.org
Tue Mar 11 08:57:12 GMT 2025 


Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker


Commits:
fb37a607 by Moritz Muehlenhoff at 2025-03-11T09:56:55+01:00
NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,5 +1,5 @@
 CVE-2025-2190 (The mobile application (com.transsnet.store) has a man-in-the-middle a ...)
-	TODO: check
+	NOT-FOR-US: com.transsnet.store
 CVE-2025-2177 (A vulnerability classified as critical was found in libzvbi up to 0.2. ...)
 	- zvbi <unfixed>
 	[bookworm] - zvbi <no-dsa> (Minor issue)
@@ -36,17 +36,17 @@ CVE-2025-2135 (Type Confusion in V8 in Google Chrome prior to 134.0.6998.88 allo
 	- chromium <unfixed>
 	[bullseye] - chromium <end-of-life> (see #1061268)
 CVE-2025-27926 (In Nintex Automation 5.6 and 5.7 before 5.8, the K2 SmartForms Designe ...)
-	TODO: check
+	NOT-FOR-US: Nintex Automation
 CVE-2025-27925 (Nintex Automation 5.6 and 5.7 before 5.8 has insecure deserialization  ...)
-	TODO: check
+	NOT-FOR-US: Nintex Automation
 CVE-2025-27924 (Nintex Automation 5.6 and 5.7 before 5.8 has a stored XSS issue associ ...)
-	TODO: check
+	NOT-FOR-US: Nintex Automation
 CVE-2025-27912 (An issue was discovered in Datalust Seq before 2024.3.13545. Missing C ...)
-	TODO: check
+	NOT-FOR-US: Datalust Seq
 CVE-2025-27911 (An issue was discovered in Datalust Seq before 2024.3.13545. Expansion ...)
-	TODO: check
+	NOT-FOR-US: Datalust Seq
 CVE-2025-27910 (tianti v2.3 was discovered to contain a Cross-Site Request Forgery (CS ...)
-	TODO: check
+	NOT-FOR-US: tianti
 CVE-2025-27610 (Rack provides an interface for developing web applications in Ruby. Pr ...)
 	TODO: check
 CVE-2025-27436 (The Manage Bank Statements in SAP S/4HANA does not perform required ac ...)
@@ -86,9 +86,9 @@ CVE-2025-26656 (OData Service in Manage Purchasing Info Records does not perform
 CVE-2025-26655 (SAP Just In Time(JIT) does not perform necessary authorization checks  ...)
 	NOT-FOR-US: SAP
 CVE-2025-25908 (A stored cross-site scripting (XSS) vulnerability in tianti v2.3 allow ...)
-	TODO: check
+	NOT-FOR-US: tianti
 CVE-2025-25907 (tianti v2.3 was discovered to contain a Cross-Site Request Forgery (CS ...)
-	TODO: check
+	NOT-FOR-US: tianti
 CVE-2025-25245 (SAP BusinessObjects Business Intelligence Platform (Web Intelligence)  ...)
 	NOT-FOR-US: SAP
 CVE-2025-25244 (SAP Business Warehouse (Process Chains) allows an attacker to manipula ...)
@@ -107,9 +107,9 @@ CVE-2025-1920 (Type Confusion in V8 in Google Chrome prior to 134.0.6998.88 allo
 CVE-2025-1661 (The HUSKY \u2013 Products Filter Professional for WooCommerce plugin f ...)
 	NOT-FOR-US: WordPress plugin
 CVE-2025-1434 (The Spreadsheet view is vulnerable to a XSS attack, where a remote una ...)
-	TODO: check
+	NOT-FOR-US: Topkapi Vision Webserv2
 CVE-2025-0660 (Concrete CMS versions 9.0.0 through 9.3.9 are affected by a stored XSS ...)
-	TODO: check
+	NOT-FOR-US: Concrete CMS
 CVE-2025-0629 (The Coronavirus (COVID-19) Notice Message WordPress plugin through 1.1 ...)
 	NOT-FOR-US: WordPress plugin
 CVE-2025-0071 (SAP Web Dispatcher and Internet Communication Manager allow an attacke ...)
@@ -117,7 +117,7 @@ CVE-2025-0071 (SAP Web Dispatcher and Internet Communication Manager allow an at
 CVE-2025-0062 (SAP BusinessObjects Business Intelligence Platform allows an attacker  ...)
 	NOT-FOR-US: SAP
 CVE-2024-58102 (An issue was discovered in Datalust Seq before 2024.3.13545. An insecu ...)
-	TODO: check
+	NOT-FOR-US: Datalust Seq
 CVE-2024-56192 (In wl_notify_gscan_event of wl_cfgscan.c, there is a possible out of b ...)
 	TODO: check
 CVE-2024-56191 (In dhd_process_full_gscan_result of dhd_pno.c, there is a possible EoP ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/fb37a607f7f8e26b516659a7b6df82308ee4add1

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/fb37a607f7f8e26b516659a7b6df82308ee4add1
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20250311/1a108289/attachment-0001.htm>

More information about the debian-security-tracker-commits mailing list