[Git][security-tracker-team/security-tracker][master] Process new NFUs

Salvatore Bonaccorso (@carnil) carnil at debian.org
Tue Mar 11 20:16:30 GMT 2025 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
fd5994d3 by Salvatore Bonaccorso at 2025-03-11T21:16:09+01:00
Process new NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -59,45 +59,45 @@ CVE-2025-27392 (A vulnerability has been identified in SCALANCE LPE9403 (6GK5998
 CVE-2025-27363 (An out of bounds write exists in FreeType versions 2.13.0 and below wh ...)
 	TODO: check
 CVE-2025-27179 (InDesign Desktop versions ID20.1, ID19.5.2 and earlier are affected by ...)
-	TODO: check
+	NOT-FOR-US: Adobe
 CVE-2025-27178 (InDesign Desktop versions ID20.1, ID19.5.2 and earlier are affected by ...)
-	TODO: check
+	NOT-FOR-US: Adobe
 CVE-2025-27177 (InDesign Desktop versions ID20.1, ID19.5.2 and earlier are affected by ...)
-	TODO: check
+	NOT-FOR-US: Adobe
 CVE-2025-27176 (InDesign Desktop versions ID20.1, ID19.5.2 and earlier are affected by ...)
-	TODO: check
+	NOT-FOR-US: Adobe
 CVE-2025-27175 (InDesign Desktop versions ID20.1, ID19.5.2 and earlier are affected by ...)
-	TODO: check
+	NOT-FOR-US: Adobe
 CVE-2025-27174 (Acrobat Reader versions 24.001.30225, 20.005.30748, 25.001.20428 and e ...)
-	TODO: check
+	NOT-FOR-US: Adobe
 CVE-2025-27172 (Substance3D - Designer versions 14.1 and earlier are affected by an ou ...)
-	TODO: check
+	NOT-FOR-US: Adobe
 CVE-2025-27171 (InDesign Desktop versions ID20.1, ID19.5.2 and earlier are affected by ...)
-	TODO: check
+	NOT-FOR-US: Adobe
 CVE-2025-27170 (Illustrator versions 29.2.1, 28.7.4 and earlier are affected by a NULL ...)
-	TODO: check
+	NOT-FOR-US: Adobe
 CVE-2025-27169 (Illustrator versions 29.2.1, 28.7.4 and earlier are affected by an out ...)
-	TODO: check
+	NOT-FOR-US: Adobe
 CVE-2025-27168 (Illustrator versions 29.2.1, 28.7.4 and earlier are affected by a Stac ...)
-	TODO: check
+	NOT-FOR-US: Adobe
 CVE-2025-27167 (Illustrator versions 29.2.1, 28.7.4 and earlier are affected by an Unt ...)
-	TODO: check
+	NOT-FOR-US: Adobe
 CVE-2025-27166 (InDesign Desktop versions ID20.1, ID19.5.2 and earlier are affected by ...)
-	TODO: check
+	NOT-FOR-US: Adobe
 CVE-2025-27164 (Acrobat Reader versions 24.001.30225, 20.005.30748, 25.001.20428 and e ...)
-	TODO: check
+	NOT-FOR-US: Adobe
 CVE-2025-27163 (Acrobat Reader versions 24.001.30225, 20.005.30748, 25.001.20428 and e ...)
-	TODO: check
+	NOT-FOR-US: Adobe
 CVE-2025-27162 (Acrobat Reader versions 24.001.30225, 20.005.30748, 25.001.20428 and e ...)
-	TODO: check
+	NOT-FOR-US: Adobe
 CVE-2025-27161 (Acrobat Reader versions 24.001.30225, 20.005.30748, 25.001.20428 and e ...)
-	TODO: check
+	NOT-FOR-US: Adobe
 CVE-2025-27160 (Acrobat Reader versions 24.001.30225, 20.005.30748, 25.001.20428 and e ...)
-	TODO: check
+	NOT-FOR-US: Adobe
 CVE-2025-27159 (Acrobat Reader versions 24.001.30225, 20.005.30748, 25.001.20428 and e ...)
-	TODO: check
+	NOT-FOR-US: Adobe
 CVE-2025-27158 (Acrobat Reader versions 24.001.30225, 20.005.30748, 25.001.20428 and e ...)
-	TODO: check
+	NOT-FOR-US: Adobe
 CVE-2025-26701 (An issue was discovered in Percona PMM Server (OVA) before 3.0.0-1.ova ...)
 	TODO: check
 CVE-2025-26645 (Relative path traversal in Remote Desktop Client allows an unauthorize ...)
@@ -167,35 +167,35 @@ CVE-2025-24984 (Insertion of sensitive information into log file in Windows NTFS
 CVE-2025-24983 (Use after free in Windows Win32 Kernel Subsystem allows an authorized  ...)
 	TODO: check
 CVE-2025-24453 (InDesign Desktop versions ID20.1, ID19.5.2 and earlier are affected by ...)
-	TODO: check
+	NOT-FOR-US: Adobe
 CVE-2025-24452 (InDesign Desktop versions ID20.1, ID19.5.2 and earlier are affected by ...)
-	TODO: check
+	NOT-FOR-US: Adobe
 CVE-2025-24451 (Substance3D - Painter versions 10.1.2 and earlier are affected by an o ...)
-	TODO: check
+	NOT-FOR-US: Adobe
 CVE-2025-24450 (Substance3D - Painter versions 10.1.2 and earlier are affected by an o ...)
-	TODO: check
+	NOT-FOR-US: Adobe
 CVE-2025-24449 (Illustrator versions 29.2.1, 28.7.4 and earlier are affected by an out ...)
-	TODO: check
+	NOT-FOR-US: Adobe
 CVE-2025-24448 (Illustrator versions 29.2.1, 28.7.4 and earlier are affected by an out ...)
-	TODO: check
+	NOT-FOR-US: Adobe
 CVE-2025-24445 (Substance3D - Sampler versions 4.5.2 and earlier are affected by an ou ...)
-	TODO: check
+	NOT-FOR-US: Adobe
 CVE-2025-24444 (Substance3D - Sampler versions 4.5.2 and earlier are affected by an ou ...)
-	TODO: check
+	NOT-FOR-US: Adobe
 CVE-2025-24443 (Substance3D - Sampler versions 4.5.2 and earlier are affected by a Hea ...)
-	TODO: check
+	NOT-FOR-US: Adobe
 CVE-2025-24442 (Substance3D - Sampler versions 4.5.2 and earlier are affected by an ou ...)
-	TODO: check
+	NOT-FOR-US: Adobe
 CVE-2025-24441 (Substance3D - Sampler versions 4.5.2 and earlier are affected by an ou ...)
-	TODO: check
+	NOT-FOR-US: Adobe
 CVE-2025-24440 (Substance3D - Sampler versions 4.5.2 and earlier are affected by an ou ...)
-	TODO: check
+	NOT-FOR-US: Adobe
 CVE-2025-24439 (Substance3D - Sampler versions 4.5.2 and earlier are affected by a Hea ...)
-	TODO: check
+	NOT-FOR-US: Adobe
 CVE-2025-24431 (Acrobat Reader versions 24.001.30225, 20.005.30748, 25.001.20428 and e ...)
-	TODO: check
+	NOT-FOR-US: Adobe
 CVE-2025-24201 (An out-of-bounds write issue was addressed with improved checks to pre ...)
-	TODO: check
+	NOT-FOR-US: Apple
 CVE-2025-24084 (Untrusted pointer dereference in Windows Subsystem for Linux allows an ...)
 	TODO: check
 CVE-2025-24083 (Untrusted pointer dereference in Microsoft Office allows an unauthoriz ...)
@@ -301,7 +301,7 @@ CVE-2025-21199 (Improper privilege management in Azure Agent Installer allows an
 CVE-2025-21180 (Heap-based buffer overflow in Windows exFAT File System allows an unau ...)
 	TODO: check
 CVE-2025-21169 (Substance3D - Designer versions 14.1 and earlier are affected by a Hea ...)
-	TODO: check
+	NOT-FOR-US: Adobe
 CVE-2025-1550 (The Keras Model.load_model function permits arbitrary code execution,  ...)
 	TODO: check
 CVE-2025-0151 (Use after free in some Zoom Workplace Apps may allow an authenticated  ...)
@@ -313,7 +313,7 @@ CVE-2025-0149 (Insufficient verification of data authenticity in some Zoom Workp
 CVE-2024-9157 (** UNSUPPORTED WHEN ASSIGNED **  A privilege escalation vulnerability  ...)
 	TODO: check
 CVE-2024-56338 (IBM Sterling B2B Integrator Standard Edition 6.0.0.0 through 6.1.2.6 a ...)
-	TODO: check
+	NOT-FOR-US: IBM
 CVE-2024-56336 (A vulnerability has been identified in SINAMICS S200 (All versions wit ...)
 	TODO: check
 CVE-2024-56182 (A vulnerability has been identified in SIMATIC Field PG M5 (All versio ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/fd5994d36b00b376e7fc795699fd57f0afdf4176

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/fd5994d36b00b376e7fc795699fd57f0afdf4176
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20250311/2e4b6317/attachment.htm>

More information about the debian-security-tracker-commits mailing list