[Git][security-tracker-team/security-tracker][master] Process some NFUs

Salvatore Bonaccorso (@carnil) carnil at debian.org
Wed May 21 09:40:30 BST 2025 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
b09db4bf by Salvatore Bonaccorso at 2025-05-21T10:38:48+02:00
Process some NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,19 +1,19 @@
 CVE-2025-5013 (A vulnerability, which was classified as problematic, was found in HkC ...)
-	TODO: check
+	NOT-FOR-US: HkCms
 CVE-2025-5011 (A vulnerability classified as problematic was found in moonlightL hexo ...)
-	TODO: check
+	NOT-FOR-US: moonlightL hexo-boot
 CVE-2025-5010 (A vulnerability classified as problematic has been found in moonlightL ...)
-	TODO: check
+	NOT-FOR-US: moonlightL hexo-boot
 CVE-2025-5008 (A vulnerability was found in projectworlds Online Time Table Generator ...)
-	TODO: check
+	NOT-FOR-US: projectworlds Online Time Table Generator
 CVE-2025-5007 (A vulnerability was found in Part-DB up to 1.17.0. It has been declare ...)
 	TODO: check
 CVE-2025-5006 (A vulnerability was found in Campcodes Online Shopping Portal 1.0. It  ...)
 	NOT-FOR-US: Campcodes
 CVE-2025-5004 (A vulnerability was found in projectworlds Online Time Table Generator ...)
-	TODO: check
+	NOT-FOR-US: projectworlds Online Time Table Generator
 CVE-2025-5003 (A vulnerability has been found in projectworlds Online Time Table Gene ...)
-	TODO: check
+	NOT-FOR-US: projectworlds Online Time Table Generator
 CVE-2025-5002 (A vulnerability, which was classified as critical, was found in Source ...)
 	NOT-FOR-US: SourceCodester
 CVE-2025-5001 (A vulnerability was found in GNU PSPP 82fb509fb2fedd33e7ac0c46ca99e108 ...)
@@ -23,7 +23,7 @@ CVE-2025-5000 (A vulnerability was found in Linksys FGW3000-AH and FGW3000-HK up
 CVE-2025-4999 (A vulnerability was found in Linksys FGW3000-AH and FGW3000-HK up to 1 ...)
 	NOT-FOR-US: Linksys
 CVE-2025-4998 (A vulnerability has been found in H3C Magic R200G up to 100R002 and cl ...)
-	TODO: check
+	NOT-FOR-US: H3C
 CVE-2025-4969 (A vulnerability was found in the libsoup package. This flaw stems from ...)
 	TODO: check
 CVE-2025-4949 (In Eclipse JGit versions 7.2.0.202503040940-r and older, the ManifestP ...)
@@ -53,25 +53,25 @@ CVE-2025-48420
 CVE-2025-48419
 	REJECTED
 CVE-2025-44898 (FW-WGS-804HPT v1.305b241111 was discovered to contain a stack overflow ...)
-	TODO: check
+	NOT-FOR-US: FW-WGS-804HPT
 CVE-2025-44897 (FW-WGS-804HPT v1.305b241111 was discovered to contain a stack overflow ...)
-	TODO: check
+	NOT-FOR-US: FW-WGS-804HPT
 CVE-2025-44896 (FW-WGS-804HPT v1.305b241111 was discovered to contain a stack overflow ...)
-	TODO: check
+	NOT-FOR-US: FW-WGS-804HPT
 CVE-2025-44894 (FW-WGS-804HPT v1.305b241111 was discovered to contain a stack overflow ...)
-	TODO: check
+	NOT-FOR-US: FW-WGS-804HPT
 CVE-2025-44891 (FW-WGS-804HPT v1.305b241111 was discovered to contain a stack overflow ...)
-	TODO: check
+	NOT-FOR-US: FW-WGS-804HPT
 CVE-2025-44888 (FW-WGS-804HPT v1.305b241111 was discovered to contain a stack overflow ...)
-	TODO: check
+	NOT-FOR-US: FW-WGS-804HPT
 CVE-2025-44887 (FW-WGS-804HPT v1.305b241111 was discovered to contain a stack overflow ...)
-	TODO: check
+	NOT-FOR-US: FW-WGS-804HPT
 CVE-2025-44886 (FW-WGS-804HPT v1.305b241111 was discovered to contain a stack overflow ...)
-	TODO: check
+	NOT-FOR-US: FW-WGS-804HPT
 CVE-2025-44884 (FW-WGS-804HPT v1.305b241111 was discovered to contain a stack overflow ...)
-	TODO: check
+	NOT-FOR-US: FW-WGS-804HPT
 CVE-2025-44883 (FW-WGS-804HPT v1.305b241111 was discovered to contain a stack overflow ...)
-	TODO: check
+	NOT-FOR-US: FW-WGS-804HPT
 CVE-2025-44882 (A command injection vulnerability in the component /cgi-bin/firewall.c ...)
 	NOT-FOR-US: Wavlink
 CVE-2025-44881 (A command injection vulnerability in the component /cgi-bin/qos.cgi of ...)
@@ -352305,7 +352305,7 @@ CVE-2021-25264 (In multiple versions of Sophos Endpoint products for MacOS, a lo
 CVE-2021-25263 (Local privilege vulnerability in Yandex Browser for Windows prior to 2 ...)
 	NOT-FOR-US: Yandex Browser
 CVE-2021-25262 (Yandex Browser for Android prior to version 21.3.0 allows remote attac ...)
-	TODO: check
+	NOT-FOR-US: Yandex Browser for Android
 CVE-2021-25261 (Local privilege vulnerability in Yandex Browser for Windows prior to 2 ...)
 	NOT-FOR-US: Yandex Browser
 CVE-2021-25260
@@ -352319,9 +352319,9 @@ CVE-2021-25257
 CVE-2021-25256
 	RESERVED
 CVE-2021-25255 (Yandex Browser Lite for Android prior to version 21.1.0 allows remote  ...)
-	TODO: check
+	NOT-FOR-US: Yandex Browser Lite for Android
 CVE-2021-25254 (Yandex Browser Lite for Android before 21.1.0 allows remote attackers  ...)
-	TODO: check
+	NOT-FOR-US: Yandex Browser Lite for Android
 CVE-2021-25253 (An improper access control vulnerability in Trend Micro Apex One, Tren ...)
 	NOT-FOR-US: Trend Micro
 CVE-2021-25252 (Trend Micro's Virus Scan API (VSAPI) and Advanced Threat Scan Engine ( ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/b09db4bf74ec4dbc044dfc6a6de4990debb7819e

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/b09db4bf74ec4dbc044dfc6a6de4990debb7819e
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20250521/89a006ce/attachment.htm>

More information about the debian-security-tracker-commits mailing list