[Git][security-tracker-team/security-tracker][master] Process some NFUs

[Salvatore Bonaccorso (@carnil)]

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
a552c89f by Salvatore Bonaccorso at 2025-05-13T22:45:26+02:00
Process some NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -15,7 +15,7 @@ CVE-2025-4428 (Remote Code Execution in API component in Ivanti Endpoint Manager
 CVE-2025-4427 (An authentication bypass in the API component of Ivanti Endpoint Manag ...)
 	NOT-FOR-US: Ivanti
 CVE-2025-47280 (Umbraco Forms is a form builder that integrates with the Umbraco conte ...)
-	TODO: check
+	NOT-FOR-US: Umbraco Forms
 CVE-2025-47278 (Flask is a web server gateway interface (WSGI) web application framewo ...)
 	- flask <unfixed>
 	[bookworm] - flask <not-affected> (Vulnerable code introduced later)
@@ -29,29 +29,29 @@ CVE-2025-47204 (An issue was discovered in post.php in bootstrap-multiselect (ak
 CVE-2025-46721 (nosurf is cross-site request forgery (CSRF) protection middleware for  ...)
 	TODO: check
 CVE-2025-45867 (TOTOLINK A3002R v4.0.0-B20230531.1404 was discovered to contain a buff ...)
-	TODO: check
+	NOT-FOR-US: TOTOLINK
 CVE-2025-45866 (TOTOLINK A3002R v4.0.0-B20230531.1404 was discovered to contain a buff ...)
-	TODO: check
+	NOT-FOR-US: TOTOLINK
 CVE-2025-45865 (TOTOLINK A3002R v4.0.0-B20230531.1404 was discovered to contain a buff ...)
-	TODO: check
+	NOT-FOR-US: TOTOLINK
 CVE-2025-45864 (TOTOLINK A3002R v4.0.0-B20230531.1404 was discovered to contain a buff ...)
-	TODO: check
+	NOT-FOR-US: TOTOLINK
 CVE-2025-45863 (TOTOLINK A3002R v4.0.0-B20230531.1404 was discovered to contain a buff ...)
-	TODO: check
+	NOT-FOR-US: TOTOLINK
 CVE-2025-45861 (TOTOLINK A3002R v4.0.0-B20230531.1404 was discovered to contain a buff ...)
-	TODO: check
+	NOT-FOR-US: TOTOLINK
 CVE-2025-45859 (TOTOLINK A3002R v4.0.0-B20230531.1404 was discovered to contain a buff ...)
-	TODO: check
+	NOT-FOR-US: TOTOLINK
 CVE-2025-45858 (TOTOLINK A3002R v4.0.0-B20230531.1404 was discovered to contain a comm ...)
-	TODO: check
+	NOT-FOR-US: TOTOLINK
 CVE-2025-45857 (EDIMAX CV7428NS v1.20 was discovered to contain a remote code executio ...)
-	TODO: check
+	NOT-FOR-US: EDIMAX CV7428NS
 CVE-2025-45746 (In ZKT ZKBio CVSecurity 6.4.1_R an unauthenticated attacker can craft  ...)
-	TODO: check
+	NOT-FOR-US: ZKT ZKBio CVSecurity
 CVE-2025-44831 (EngineerCMS v1.02 through v2.0.5 has a SQL injection vulnerability in  ...)
-	TODO: check
+	NOT-FOR-US: EngineerCMS
 CVE-2025-44039 (CP-XR-DE21-S -4G Router Firmware version 1.031.022 was discovered to c ...)
-	TODO: check
+	NOT-FOR-US: CP-XR-DE21-S -4G Router Firmware
 CVE-2025-43557 (Animate versions 24.0.8, 23.0.11 and earlier are affected by an Access ...)
 	NOT-FOR-US: Adobe
 CVE-2025-43556 (Animate versions 24.0.8, 23.0.11 and earlier are affected by an Intege ...)
@@ -67,7 +67,7 @@ CVE-2025-43545 (Bridge versions 15.0.3, 14.1.6 and earlier are affected by an Ac
 CVE-2025-41645 (An unauthenticated remote attacker could use a demo account of the por ...)
 	TODO: check
 CVE-2025-40628 (SQL injection vulnerability in DomainsPRO 1.2. This vulnerability coul ...)
-	TODO: check
+	NOT-FOR-US: DomainsPRO
 CVE-2025-40583 (A vulnerability has been identified in SCALANCE LPE9403 (6GK5998-3GS00 ...)
 	NOT-FOR-US: Siemens
 CVE-2025-40582 (A vulnerability has been identified in SCALANCE LPE9403 (6GK5998-3GS00 ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/a552c89f034bdad3741f46b82b20ddc9fb1ac525

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/a552c89f034bdad3741f46b82b20ddc9fb1ac525
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20250513/eaf0547c/attachment.htm>