[Git][security-tracker-team/security-tracker][master] Process some NFUs

Tue Nov 25 09:48:38 GMT 2025


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
1a994352 by Salvatore Bonaccorso at 2025-11-25T10:46:47+01:00
Process some NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -45,7 +45,7 @@ CVE-2025-62497 (Cross-site request forgery vulnerability exists in SNC-CX600W ve
 CVE-2025-62155 (New API is a large language mode (LLM) gateway and artificial intellig ...)
 	TODO: check
 CVE-2025-59485 (Incorrect default permissions issue exists in Security Point (Windows) ...)
-	TODO: check
+	NOT-FOR-US: MaLion
 CVE-2025-59373 (A local privilege escalation vulnerability exists in    the restore me ...)
 	NOT-FOR-US: ASUS
 CVE-2025-59372 (A path traversal vulnerability has been identified in certain router m ...)
@@ -63,13 +63,13 @@ CVE-2025-59366 (An authentication-bypass vulnerability exists in AiCloud. This v
 CVE-2025-59365 (A stack buffer overflow vulnerability has been identified in certain r ...)
 	NOT-FOR-US: ASUS
 CVE-2025-54563 (An Incorrect Access Control vulnerability was found in the Application ...)
-	TODO: check
+	NOT-FOR-US: Desktop Alert PingAlert
 CVE-2025-54347 (A Directory Traversal vulnerability was found in the Application Serve ...)
-	TODO: check
+	NOT-FOR-US: Desktop Alert PingAlert
 CVE-2025-54341 (A vulnerability was found in the Application Server of Desktop Alert P ...)
-	TODO: check
+	NOT-FOR-US: Desktop Alert PingAlert
 CVE-2025-54338 (An Incorrect Access Control vulnerability was found in the Application ...)
-	TODO: check
+	NOT-FOR-US: Desktop Alert PingAlert
 CVE-2025-52538 (Improper input validation within the XOCL driver may allow a local att ...)
 	TODO: check
 CVE-2025-36150 (IBM Concert 1.0.0 through 2.0.0 uses weaker than expected cryptographi ...)
@@ -115,7 +115,7 @@ CVE-2025-13068 (The Telegram Bot & Channel plugin for WordPress is vulnerable to
 CVE-2025-12893 (Clients may successfully perform a TLS handshake with a MongoDB server ...)
 	TODO: check
 CVE-2025-12742 (A Looker user with a Developer role could cause Looker to execute a ma ...)
-	TODO: check
+	NOT-FOR-US: Looker
 CVE-2025-12645 (The Inline frame \u2013 Iframe plugin for WordPress is vulnerable to S ...)
 	NOT-FOR-US: WordPress plugin
 CVE-2025-12634 (The Refund Request for WooCommerce plugin for WordPress is vulnerable  ...)
@@ -145,13 +145,13 @@ CVE-2025-0007 (Insufficient validation within Xilinx Run Time framework could al
 CVE-2025-0003 (Inadequate lock protection within Xilinx Run time may allow a local at ...)
 	TODO: check
 CVE-2024-47856 (In RSA Authentication Agent before 7.4.7, service paths and shortcut p ...)
-	TODO: check
+	NOT-FOR-US: RSA Authentication Agent
 CVE-2024-14007 (Shenzhen TVT Digital Technology Co., Ltd. NVMS-9000 firmware (used by  ...)
-	TODO: check
+	NOT-FOR-US: Shenzhen TVT Digital Technology Co., Ltd. NVMS-9000 firmware
 CVE-2023-7330 (Ruijie NBR series routers contain an unauthenticated arbitrary file up ...)
-	TODO: check
+	NOT-FOR-US: Ruijie
 CVE-2018-25126 (Shenzhen TVT Digital Technology Co., Ltd. NVMS-9000 firmware (used by  ...)
-	TODO: check
+	NOT-FOR-US: Shenzhen TVT Digital Technology Co., Ltd. NVMS-9000 firmware
 CVE-2025-65998 (Apache Syncope can be configured to store the user password values in  ...)
 	NOT-FOR-US: Apache software not packaged in Debian
 CVE-2025-65503 (Use after free in endpoint destructors in Redboltz async_mqtt 10.2.5 a ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/1a9943528fe7ce73012b4b5e99296b10ea88b147

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/1a9943528fe7ce73012b4b5e99296b10ea88b147
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20251125/6eb5ce02/attachment.htm>
