[Git][security-tracker-team/security-tracker][master] Process some NFUs

Salvatore Bonaccorso (@carnil) carnil at debian.org
Mon Mar 17 20:46:51 GMT 2025 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
101f31d2 by Salvatore Bonaccorso at 2025-03-17T21:45:44+01:00
Process some NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,7 +1,7 @@
 CVE-2025-30143 (Rule 3000216 (before version 2) in Akamai App & API Protector (with Ak ...)
 	NOT-FOR-US: Akamai
 CVE-2025-2401 (Buffer overflow vulnerability in Immunity Debugger affecting version 1 ...)
-	TODO: check
+	NOT-FOR-US: Immunity Debugger
 CVE-2025-2392 (A vulnerability, which was classified as critical, has been found in c ...)
 	NOT-FOR-US: code-projects
 CVE-2025-2391 (A vulnerability classified as critical was found in code-projects Bloo ...)
@@ -11,13 +11,13 @@ CVE-2025-2390 (A vulnerability classified as critical has been found in code-pro
 CVE-2025-2389 (A vulnerability was found in code-projects Blood Bank Management Syste ...)
 	NOT-FOR-US: code-projects
 CVE-2025-2388 (A vulnerability was found in Keytop \u8def\u5185\u505c\u8f66\u6536\u8d ...)
-	TODO: check
+	NOT-FOR-US: Keytop
 CVE-2025-2387 (A vulnerability was found in SourceCodester Online Food Ordering Syste ...)
 	NOT-FOR-US: SourceCodester
 CVE-2025-2386 (A vulnerability was found in PHPGurukul Local Services Search Engine M ...)
 	NOT-FOR-US: PHPGurukul
 CVE-2025-2385 (A vulnerability has been found in code-projects Modern Bag 1.0 and cla ...)
-	TODO: check
+	NOT-FOR-US: code-projects
 CVE-2025-2384 (A vulnerability, which was classified as critical, was found in code-p ...)
 	NOT-FOR-US: code-projects
 CVE-2025-2383 (A vulnerability, which was classified as critical, has been found in P ...)
@@ -35,7 +35,7 @@ CVE-2025-2378 (A vulnerability was found in PHPGurukul Medical Card Generation S
 CVE-2025-2377 (A vulnerability was found in SourceCodester Vehicle Management System  ...)
 	NOT-FOR-US: SourceCodester
 CVE-2025-2376 (A vulnerability has been found in viames Pair Framework up to 1.9.11 a ...)
-	TODO: check
+	NOT-FOR-US: viames Pair Framework
 CVE-2025-2375 (A vulnerability, which was classified as problematic, was found in PHP ...)
 	NOT-FOR-US: PHPGurukul
 CVE-2025-2374 (A vulnerability, which was classified as critical, has been found in P ...)
@@ -86,25 +86,25 @@ CVE-2025-27102 (Agate is central authentication server software for OBiBa epidem
 CVE-2025-26393 (SolarWinds Service Desk is affected by a broken access control vulnera ...)
 	NOT-FOR-US: SolarWinds
 CVE-2025-26127 (A stored cross-site scripting (XSS) vulnerability in the Send for Appr ...)
-	TODO: check
+	NOT-FOR-US: FileCloud
 CVE-2025-26125 (An exposed ioctl in the IMFForceDelete driver of IObit Malware Fighter ...)
-	TODO: check
+	NOT-FOR-US: IObit Malware Fighter
 CVE-2025-26042 (Uptime Kuma >== 1.23.0 has a ReDoS vulnerability, specifically when an ...)
-	TODO: check
+	NOT-FOR-US: Uptime Kuma
 CVE-2025-25914 (SQL injection vulnerability in Online Exam Mastering System v.1.0 allo ...)
-	TODO: check
+	NOT-FOR-US: Online Exam Mastering System
 CVE-2025-25685 (An issue was discovered in GL-INet Beryl AX GL-MT3000 v4.7.0. Attacker ...)
-	TODO: check
+	NOT-FOR-US: GL-INet Beryl AX GL-MT3000
 CVE-2025-25684 (A lack of validation in the path parameter (/download) of GL-INet Bery ...)
-	TODO: check
+	NOT-FOR-US: GL-INet Beryl AX GL-MT3000
 CVE-2025-25650 (An issue in the storage of NFC card data in Dorset DG 201 Digital Lock ...)
-	TODO: check
+	NOT-FOR-US: Dorset DG 201 Digital Lock
 CVE-2025-25621 (Unifiedtransform 2.0 is vulnerable to Incorrect Access Control, which  ...)
-	TODO: check
+	NOT-FOR-US: Unifiedtransform
 CVE-2025-25618 (Incorrect Access Control in Unifiedtransform 2.0 leads to Privilege Es ...)
-	TODO: check
+	NOT-FOR-US: Unifiedtransform
 CVE-2025-25612 (FS Inc S3150-8T2F prior to version S3150-8T2F_2.2.0D_135103 is vulnera ...)
-	TODO: check
+	NOT-FOR-US: FS Inc S3150-8T2F
 CVE-2025-24185 (An out-of-bounds write issue was addressed with improved input validat ...)
 	NOT-FOR-US: Apple
 CVE-2025-22474 (Dell SmartFabric OS10 Software, version(s) 10.5.4.x, 10.5.5.x, 10.5.6. ...)
@@ -114,7 +114,7 @@ CVE-2025-22473 (Dell SmartFabric OS10 Software, version(s) 10.5.4.x, 10.5.5.x, 1
 CVE-2025-22472 (Dell SmartFabric OS10 Software, version(s) 10.5.4.x, 10.5.5.x, 10.5.6. ...)
 	NOT-FOR-US: Dell / EMC
 CVE-2025-1774 (Incorrect string encodingvulnerability in NASK - PIB BotSense allows i ...)
-	TODO: check
+	NOT-FOR-US: NASK - PIB BotSense
 CVE-2025-1398 (Mattermost Desktop App versions <=5.10.0 explicitly declared unnecessa ...)
 	TODO: check
 CVE-2025-0833 (A stored Cross-site Scripting (XSS) vulnerability affecting Route Mana ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/101f31d2b618f74be983ae5e3c353f1f5e6cf3a6

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/101f31d2b618f74be983ae5e3c353f1f5e6cf3a6
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20250317/975eb1ad/attachment.htm>

More information about the debian-security-tracker-commits mailing list