[Git][security-tracker-team/security-tracker][master] Process some NFUs

Salvatore Bonaccorso (@carnil) carnil at debian.org
Thu May 8 21:43:43 BST 2025 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
160f4430 by Salvatore Bonaccorso at 2025-05-08T22:43:12+02:00
Process some NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -5,57 +5,57 @@ CVE-2025-4208 (The NEX-Forms \u2013 Ultimate Form Builder \u2013 Contact forms a
 CVE-2025-4207 (Buffer over-read in PostgreSQL GB18030 encoding validation allows a da ...)
 	TODO: check
 CVE-2025-4132 (Rapid7 Corporate Website prior to May 2nd 2025, suffered from a URL Re ...)
-	TODO: check
+	NOT-FOR-US: Rapid7
 CVE-2025-4098 (Horner Automation Cscape version 10.0 (10.0.415.2) SP1 is vulnerable t ...)
-	TODO: check
+	NOT-FOR-US: Horner Automation Cscape
 CVE-2025-47730 (The TeleMessage archiving backend through 2025-05-05 accepts API calls ...)
-	TODO: check
+	NOT-FOR-US: TeleMessage (a insecure Signal app clone)
 CVE-2025-47729 (The TeleMessage archiving backend through 2025-05-05 holds cleartext c ...)
-	TODO: check
+	NOT-FOR-US: TeleMessage (a insecure Signal app clone)
 CVE-2025-46833 (Programs/P73_SimplePythonEncryption.py illustrates a simple Python enc ...)
-	TODO: check
+	NOT-FOR-US: Programs/P73_SimplePythonEncryption.py
 CVE-2025-46812 (Trix is a what-you-see-is-what-you-get rich text editor for everyday w ...)
-	TODO: check
+	NOT-FOR-US: Trix
 CVE-2025-46712 (Erlang/OTP is a set of libraries for the Erlang programming language.  ...)
 	TODO: check
 CVE-2025-45847 (ALFA AIP-W512 v3.2.2.2.3 was discovered to contain an authenticated st ...)
-	TODO: check
+	NOT-FOR-US: ALFA AIP-W512
 CVE-2025-45846 (ALFA AIP-W512 v3.2.2.2.3 was discovered to contain an authenticated st ...)
-	TODO: check
+	NOT-FOR-US: ALFA AIP-W512
 CVE-2025-45845 (TOTOLINK NR1800X V9.1.0u.6681_B20230703 was discovered to contain an a ...)
-	TODO: check
+	NOT-FOR-US: TOTOLINK
 CVE-2025-45844 (TOTOLINK NR1800X V9.1.0u.6681_B20230703 was discovered to contain an a ...)
-	TODO: check
+	NOT-FOR-US: TOTOLINK
 CVE-2025-45843 (TOTOLINK NR1800X V9.1.0u.6681_B20230703 was discovered to contain an a ...)
-	TODO: check
+	NOT-FOR-US: TOTOLINK
 CVE-2025-45842 (TOTOLINK NR1800X V9.1.0u.6681_B20230703 was discovered to contain an a ...)
-	TODO: check
+	NOT-FOR-US: TOTOLINK
 CVE-2025-45841 (TOTOLINK NR1800X V9.1.0u.6681_B20230703 was discovered to contain an a ...)
-	TODO: check
+	NOT-FOR-US: TOTOLINK
 CVE-2025-45820 (Slims (Senayan Library Management Systems) 9 Bulian 9.6.1 is vulnerabl ...)
-	TODO: check
+	NOT-FOR-US: Slims (Senayan Library Management Systems) 9 Bulian
 CVE-2025-45819 (Slims (Senayan Library Management Systems) 9 Bulian 9.6.1 is vulnerabl ...)
-	TODO: check
+	NOT-FOR-US: Slims (Senayan Library Management Systems) 9 Bulian
 CVE-2025-45818 (Slims (Senayan Library Management Systems) 9 Bulian 9.6.1 is vulnerabl ...)
-	TODO: check
+	NOT-FOR-US: Slims (Senayan Library Management Systems) 9 Bulian
 CVE-2025-45798 (A command execution vulnerability exists in the TOTOLINK A950RG V4.1.2 ...)
-	TODO: check
+	NOT-FOR-US: TOTOLINK
 CVE-2025-45797 (TOTOlink A950RG V4.1.2cu.5204_B20210112 contains a buffer overflow vul ...)
-	TODO: check
+	NOT-FOR-US: TOTOLINK
 CVE-2025-45790 (TOTOLINK A3100R V5.9c.1527 is vulnerable to Buffer Overflow via the pr ...)
-	TODO: check
+	NOT-FOR-US: TOTOLINK
 CVE-2025-45789 (TOTOLINK A3100R V5.9c.1527 is vulnerable to buffer overflow via the ur ...)
-	TODO: check
+	NOT-FOR-US: TOTOLINK
 CVE-2025-45788 (TOTOLINK A3100R V5.9c.1527 is vulnerable to Buffer Overflow via the co ...)
-	TODO: check
+	NOT-FOR-US: TOTOLINK
 CVE-2025-45787 (TOTOLINK A3100R V5.9c.1527 is vulnerable to Buffer Overflow viathe com ...)
-	TODO: check
+	NOT-FOR-US: TOTOLINK
 CVE-2025-44023 (An issue in dlink DNS-320 v.1.00 and DNS-320LW v.1.01.0914.20212 allow ...)
-	TODO: check
+	NOT-FOR-US: D-Link
 CVE-2025-44021 (OpenStack Ironic before 29.0.1 can write unintended files to a target  ...)
 	TODO: check
 CVE-2025-41450 (Improper Authentication vulnerability in Danfoss AKSM8xxA Series.This  ...)
-	TODO: check
+	NOT-FOR-US: Danfoss
 CVE-2025-40846 (Improper Input Validation, the returnUrl parameter in Account Security ...)
 	TODO: check
 CVE-2025-3862 (Contest Gallery plugin for WordPress is vulnerable to Stored Cross-Sit ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/160f4430b715fccda7d6ecb6d3e81bd828e47f7c

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/160f4430b715fccda7d6ecb6d3e81bd828e47f7c
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20250508/36a979d4/attachment.htm>

More information about the debian-security-tracker-commits mailing list