[Git][security-tracker-team/security-tracker][master] Process some NFUs

Salvatore Bonaccorso (@carnil) carnil at debian.org
Tue Nov 4 08:35:17 GMT 2025 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
dcd97901 by Salvatore Bonaccorso at 2025-11-04T09:34:53+01:00
Process some NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,5 +1,5 @@
 CVE-2025-63293 (FairSketch Rise Ultimate Project Manager & CRM 3.9.4 is vulnerable to  ...)
-	TODO: check
+	NOT-FOR-US: FairSketch Rise Ultimate Project Manager & CRM
 CVE-2025-47370 (Transient DOS when a remote device sends an invalid connection request ...)
 	NOT-FOR-US: Qualcomm
 CVE-2025-47368 (Memory corruption when dereferencing an invalid userspace address in a ...)
@@ -235,9 +235,9 @@ CVE-2025-43288 (This issue was addressed with improved validation of symlinks. T
 CVE-2025-36172 (IBM Cloud Pak for Business Automation 25.0.0 through 25.0.0 Interim Fi ...)
 	NOT-FOR-US: IBM
 CVE-2025-35021 (By failing to authenticate three times to an unconfigured Abilis CPX d ...)
-	TODO: check
+	NOT-FOR-US: Abilis
 CVE-2025-34501 (Deck Mate 2 is distributed with static, hard-coded credentials for the ...)
-	TODO: check
+	NOT-FOR-US: Deck Mate 2
 CVE-2025-27074 (Memory corruption while processing a GP command response.)
 	NOT-FOR-US: Qualcomm
 CVE-2025-27070 (Memory corruption while performing encryption and decryption commands.)
@@ -373,13 +373,13 @@ CVE-2025-11007 (The CE21 Suite plugin for WordPress is vulnerable to unauthorize
 CVE-2025-10896 (Multiple plugins for WordPress with the Jewel Theme Recommended Plugin ...)
 	NOT-FOR-US: WordPress plugin
 CVE-2024-13998 (Nagios XI versions prior to2024R1.1.3, under certain circumstances, di ...)
-	TODO: check
+	NOT-FOR-US: Nagios XI
 CVE-2024-13997 (Nagios XI versions prior to2024R1.1.3contain a privilege escalation vu ...)
-	TODO: check
+	NOT-FOR-US: Nagios XI
 CVE-2021-47698 (Nagios XI versions prior to5.8.7using embedded Nagios Core are vulnera ...)
-	TODO: check
+	NOT-FOR-US: Nagios XI
 CVE-2016-15054 (Nagios XI versions prior to5.4.0 are vulnerable to cross-site scriptin ...)
-	TODO: check
+	NOT-FOR-US: Nagios XI
 CVE-2025-8900 (The Doccure Core plugin for WordPress is vulnerable to privilege escal ...)
 	NOT-FOR-US: WordPress plugin
 CVE-2025-8558 (Insider Threat Management (ITM) Serverversions prior to 7.17.2contain  ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/dcd97901f908fa07480a64a751732034d551c5a4

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/dcd97901f908fa07480a64a751732034d551c5a4
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20251104/34bb0b8e/attachment.htm>

More information about the debian-security-tracker-commits mailing list