[Git][security-tracker-team/security-tracker][master] Process some NFUs

Salvatore Bonaccorso (@carnil) carnil at debian.org
Mon May 26 21:22:43 BST 2025 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
b5c03bfd by Salvatore Bonaccorso at 2025-05-26T22:22:19+02:00
Process some NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -19,57 +19,57 @@ CVE-2025-5200 (A vulnerability was found in Open Asset Import Library Assimp 5.4
 	[bookworm] - assimp <postponed> (Minor issue, revisit when/if fixed upstream)
 	NOTE: https://github.com/assimp/assimp/issues/6172
 CVE-2025-5196 (A vulnerability has been found in Wing FTP Server up to 7.4.3 and clas ...)
-	TODO: check
+	NOT-FOR-US: Wing FTP Server
 CVE-2025-5186 (A vulnerability was found in thinkgem JeeSite up to 5.11.1. It has bee ...)
 	TODO: check
 CVE-2025-5185 (A vulnerability was found in Summer Pearl Group Vacation Rental Manage ...)
-	TODO: check
+	NOT-FOR-US: Summer Pearl Group Vacation Rental Management Platform
 CVE-2025-5184 (A vulnerability was found in Summer Pearl Group Vacation Rental Manage ...)
-	TODO: check
+	NOT-FOR-US: Summer Pearl Group Vacation Rental Management Platform
 CVE-2025-5183 (A vulnerability was found in Summer Pearl Group Vacation Rental Manage ...)
-	TODO: check
+	NOT-FOR-US: Summer Pearl Group Vacation Rental Management Platform
 CVE-2025-5182 (A vulnerability has been found in Summer Pearl Group Vacation Rental M ...)
-	TODO: check
+	NOT-FOR-US: Summer Pearl Group Vacation Rental Management Platform
 CVE-2025-5181 (A vulnerability, which was classified as problematic, was found in Sum ...)
-	TODO: check
+	NOT-FOR-US: Summer Pearl Group Vacation Rental Management Platform
 CVE-2025-5180 (A vulnerability, which was classified as critical, has been found in W ...)
-	TODO: check
+	NOT-FOR-US: Wondershare Filmora
 CVE-2025-5179 (A vulnerability classified as problematic was found in Realce Tecnolog ...)
-	TODO: check
+	NOT-FOR-US: Realce Tecnologia Queue Ticket Kiosk
 CVE-2025-5178 (A vulnerability classified as critical has been found in Realce Tecnol ...)
-	TODO: check
+	NOT-FOR-US: Realce Tecnologia Queue Ticket Kiosk
 CVE-2025-5177 (A vulnerability was found in Realce Tecnologia Queue Ticket Kiosk up t ...)
-	TODO: check
+	NOT-FOR-US: Realce Tecnologia Queue Ticket Kiosk
 CVE-2025-5176 (A vulnerability was found in Realce Tecnologia Queue Ticket Kiosk up t ...)
-	TODO: check
+	NOT-FOR-US: Realce Tecnologia Queue Ticket Kiosk
 CVE-2025-4057 (A flaw was found in ActiveMQ Artemis. The password generated by active ...)
 	TODO: check
 CVE-2025-4053 (The datastored inBe-Tech Mifare Classic cardis stored in cleartext.An  ...)
-	TODO: check
+	NOT-FOR-US: Be-Tech Mifare Classic card
 CVE-2025-41655 (An unauthenticated remote attacker can access a URL which causes the d ...)
-	TODO: check
+	NOT-FOR-US: Pepperl+Fuchs SE
 CVE-2025-41654 (An unauthenticated remote attacker can access information about runnin ...)
-	TODO: check
+	NOT-FOR-US: Pepperl+Fuchs SE
 CVE-2025-40672 (A Privilege Escalation vulnerability has been found in ProactivaNet v3 ...)
-	TODO: check
+	NOT-FOR-US: ProactivaNet
 CVE-2025-40671 (SQL injection vulnerability in AES Multimedia's Gestnet v1.07. This vu ...)
-	TODO: check
+	NOT-FOR-US: AES Multimedia's Gestnet
 CVE-2025-40667 (Missing authorization vulnerability in TCMAN's GIM v11. This allows an ...)
-	TODO: check
+	NOT-FOR-US: TCMAN's GIM
 CVE-2025-40666 (Time-based blind SQL injection vulnerabilities in TCMAN's GIM v11. The ...)
-	TODO: check
+	NOT-FOR-US: TCMAN's GIM
 CVE-2025-40665 (Time-based blind SQL injection vulnerabilities in TCMAN's GIM v11. The ...)
-	TODO: check
+	NOT-FOR-US: TCMAN's GIM
 CVE-2025-40664 (Missing authentication vulnerability in TCMAN GIM v11. This allows an  ...)
-	TODO: check
+	NOT-FOR-US: TCMAN's GIM
 CVE-2025-40663 (Stored Cross-Site Scripting (XSS) vulnerability in i2A-Cronos version  ...)
-	TODO: check
+	NOT-FOR-US: i2A-Cronos
 CVE-2025-40653 (User enumeration vulnerability in M3M Printer Server Web. This issue o ...)
-	TODO: check
+	NOT-FOR-US: M3M Printer Server Web
 CVE-2025-40652 (Stored Cross-Site Scripting (XSS) vulnerability in the CoverManager bo ...)
-	TODO: check
+	NOT-FOR-US: CoverManager booking software
 CVE-2025-40650 (Insecure Direct Object Reference (IDOR) vulnerability in Clickedu. Thi ...)
-	TODO: check
+	NOT-FOR-US: Clickedu
 CVE-2025-39498 (Insertion of Sensitive Information Into Sent Data vulnerability in Spo ...)
 	NOT-FOR-US: WordPress plugin or theme
 CVE-2025-23394 (A UNIX Symbolic Link (Symlink) Following vulnerability in openSUSE Tum ...)
@@ -77,7 +77,7 @@ CVE-2025-23394 (A UNIX Symbolic Link (Symlink) Following vulnerability in openSU
 CVE-2025-23392 (A Improper Neutralization of Script-Related HTML Tags in a Web Page (B ...)
 	TODO: check
 CVE-2025-1985 (Due to improper neutralization of input during web page generation (XS ...)
-	TODO: check
+	NOT-FOR-US: Pepperl+Fuchs SE
 CVE-2025-37992 (In the Linux kernel, the following vulnerability has been resolved:  n ...)
 	- linux <unfixed>
 	[bookworm] - linux 6.1.140-1



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/b5c03bfd2e0b0b45650a7d84a438ecf0e22dc263

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/b5c03bfd2e0b0b45650a7d84a438ecf0e22dc263
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20250526/4a2b8f61/attachment.htm>

More information about the debian-security-tracker-commits mailing list