[Git][security-tracker-team/security-tracker][master] Process some NFUs

Thu Mar 13 20:50:42 GMT 2025


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
d68906da by Salvatore Bonaccorso at 2025-03-13T21:50:04+01:00
Process some NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,5 +1,5 @@
 CVE-2025-2284 (A denial-of-service vulnerability exists in the "GetWebLoginCredential ...)
-	TODO: check
+	NOT-FOR-US: Tenable
 CVE-2025-2280 (Improper access control in web extension restriction feature in Devolu ...)
 	NOT-FOR-US: Devolutions
 CVE-2025-2278 (Improper access control in temporary access requests and checkout requ ...)
@@ -9,21 +9,21 @@ CVE-2025-2277 (Exposure of password in web-based SSH authentication component in
 CVE-2025-2275
 	REJECTED
 CVE-2025-2265 (The password of a web user in "Sante PACS Server.exe" is zero-padded t ...)
-	TODO: check
+	NOT-FOR-US: Tenable
 CVE-2025-2264 (A Path Traversal Information Disclosure vulnerability exists in "Sante ...)
-	TODO: check
+	NOT-FOR-US: Tenable
 CVE-2025-2263 (During login to the web server in "Sante PACS Server.exe", OpenSSL fun ...)
-	TODO: check
+	NOT-FOR-US: Tenable
 CVE-2025-2230 (A flaw exists in the Windows login flow where an AuthContext token can ...)
-	TODO: check
+	NOT-FOR-US: Philips
 CVE-2025-2229 (A token is created using the username, current date/time, and a fixed  ...)
-	TODO: check
+	NOT-FOR-US: Philips
 CVE-2025-2081 (Optigo Networks Visual BACnet Capture Tool and Optigo Visual Networks  ...)
-	TODO: check
+	NOT-FOR-US: Optigo
 CVE-2025-2080 (Optigo Networks Visual BACnet Capture Tool and Optigo Visual Networks  ...)
-	TODO: check
+	NOT-FOR-US: Optigo
 CVE-2025-2079 (Optigo Networks Visual BACnet Capture Tool and Optigo Visual Networks  ...)
-	TODO: check
+	NOT-FOR-US: Optigo
 CVE-2025-29998 (This vulnerability exists in the CAP back office application due to mi ...)
 	NOT-FOR-US: CAP back office application
 CVE-2025-29997 (This vulnerability exists in the CAP back office application due to im ...)
@@ -73,7 +73,7 @@ CVE-2025-25625 (FS Inc S3150 8T2F Switch s3150-8t2f-switch-fsos-220d_118101 has
 CVE-2025-25598 (Incorrect access control in the scheduled tasks console of Inova Logic ...)
 	NOT-FOR-US: Inova Logic CUSTOMER MONITOR (CM)
 CVE-2025-25363 (An authenticated stored cross-site scripting (XSS) vulnerability in Th ...)
-	TODO: check
+	NOT-FOR-US: Atlaassian
 CVE-2025-25175 (A vulnerability has been identified in Simcenter Femap V2401 (All vers ...)
 	NOT-FOR-US: Siemens
 CVE-2025-24974 (DataEase is an open source business intelligence and data visualizatio ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/d68906daa027eb01fc32a08bef9350097bd04b9f

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/d68906daa027eb01fc32a08bef9350097bd04b9f
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20250313/adab3747/attachment.htm>
