[Git][security-tracker-team/security-tracker][master] NFUs

Moritz Muehlenhoff (@jmm) jmm at debian.org
Tue Sep 23 13:22:49 BST 2025 


Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker


Commits:
5dd15cd6 by Moritz Muehlenhoff at 2025-09-23T14:22:29+02:00
NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -111,23 +111,23 @@ CVE-2025-10824 (A vulnerability was determined in axboe fio up to 3.41. This imp
 CVE-2025-10823 (A vulnerability was found in axboe fio up to 3.41. This affects the fu ...)
 	TODO: check
 CVE-2025-10822 (A vulnerability has been found in fuyang_lipengjun platform 1.0. The i ...)
-	TODO: check
+	NOT-FOR-US: fuyang_lipengjun platform
 CVE-2025-10821 (A flaw has been found in fuyang_lipengjun platform 1.0. The affected e ...)
-	TODO: check
+	NOT-FOR-US: fuyang_lipengjun platform
 CVE-2025-10820 (A vulnerability was detected in fuyang_lipengjun platform 1.0. Impacte ...)
-	TODO: check
+	NOT-FOR-US: fuyang_lipengjun platform
 CVE-2025-10819 (A security vulnerability has been detected in fuyang_lipengjun platfor ...)
-	TODO: check
+	NOT-FOR-US: fuyang_lipengjun platform
 CVE-2025-10817 (A weakness has been identified in Campcodes Online Learning Management ...)
 	NOT-FOR-US: Campcodes
 CVE-2025-10816 (A security flaw has been discovered in Jinher OA 2.0. This affects an  ...)
-	TODO: check
+	NOT-FOR-US: Jinher OA 2.0
 CVE-2025-10815 (A vulnerability was identified in Tenda AC20 up to 16.03.08.12. Affect ...)
 	NOT-FOR-US: Tenda
 CVE-2025-10814 (A vulnerability was determined in D-Link DIR-823X 240126/240802/250416 ...)
 	NOT-FOR-US: D-Link
 CVE-2025-10548 (The CleverControl employee monitoring software (v11.5.1041.6) fails to ...)
-	TODO: check
+	NOT-FOR-US: CleverControl employee monitoring software
 CVE-2025-10380 (The Advanced Views \u2013 Display Posts, Custom Fields, and More plugi ...)
 	NOT-FOR-US: WordPress plugin
 CVE-2025-39888 (In the Linux kernel, the following vulnerability has been resolved:  f ...)
@@ -338,17 +338,17 @@ CVE-2025-59528 (Flowise is a drag & drop user interface to build a customized la
 CVE-2025-59527 (Flowise is a drag & drop user interface to build a customized large la ...)
 	NOT-FOR-US: Flowise
 CVE-2025-59526 (mailgen is a Node.js package that generates responsive HTML e-mails fo ...)
-	NOT-FOR-US: mailgen Node.js module
+	NOT-FOR-US: Node mailgen
 CVE-2025-59434 (Flowise is a drag & drop user interface to build a customized large la ...)
 	NOT-FOR-US: Flowise
 CVE-2025-59433 (Conventional Changelog generates changelogs and release notes from a p ...)
-	TODO: check
+	NOT-FOR-US: Node conventional-changelog
 CVE-2025-59432 (SCRAM (Salted Challenge Response Authentication Mechanism) is part of  ...)
 	- libscram-java <unfixed>
 	NOTE: https://github.com/ongres/scram/security/advisories/GHSA-3wfh-36rx-9537
 	NOTE: https://github.com/ongres/scram/commit/e0b0cf99f05406a0d26682c72fcb5728e95124b3 (3.2)
 CVE-2025-59430 (Mesh Connect JS SDK contains JS libraries for integrating with Mesh Co ...)
-	TODO: check
+	NOT-FOR-US: Node @meshconnect/web-link-sdk
 CVE-2025-59420 (Authlib is a Python library which builds OAuth and OpenID Connect serv ...)
 	- python-authlib 1.6.4-1
 	NOTE: https://github.com/authlib/authlib/security/advisories/GHSA-9ggr-2464-2j32
@@ -858,33 +858,33 @@ CVE-2025-57685 (The LB-Link routers, including the BL-AC2100_AZ3 V1.0.4, BL-WR40
 CVE-2025-57682 (Directory Traversal vulnerability in Papermark 0.20.0 and prior allows ...)
 	NOT-FOR-US: Papermark
 CVE-2025-57605 (Lack of server-side authorisation on department admin assignment APIs  ...)
-	TODO: check
+	NOT-FOR-US: AiKaan
 CVE-2025-57602 (Insufficient hardening of the proxyuser account in the AiKaan IoT mana ...)
-	TODO: check
+	NOT-FOR-US: AiKaan
 CVE-2025-57601 (AiKaan Cloud Controller uses a single hardcoded SSH private key and th ...)
-	TODO: check
+	NOT-FOR-US: AiKaan
 CVE-2025-57441 (The Blackmagic ATEM Mini Pro 2.7 exposes sensitive device and stream c ...)
-	TODO: check
+	NOT-FOR-US: Blackmagic ATEM Mini Pro
 CVE-2025-57440 (The Blackmagic ATEM Mini Pro 2.7 exposes an undocumented Telnet servic ...)
-	TODO: check
+	NOT-FOR-US: Blackmagic ATEM Mini Pro
 CVE-2025-57439 (Creacast Creabox Manager 4.4.4 contains a critical Remote Code Executi ...)
-	TODO: check
+	NOT-FOR-US: Creacast Creabox Manager
 CVE-2025-57438 (The 2wcom IP-4c 2.15.5 device suffers from a Broken Access Control vul ...)
-	TODO: check
+	NOT-FOR-US: 2wcom IP-4c
 CVE-2025-57437 (The Blackmagic Web Presenter HD firmware version 3.3 exposes sensitive ...)
-	TODO: check
+	NOT-FOR-US: Blackmagic Web Presenter
 CVE-2025-57434 (Creacast Creabox Manager contains a critical authentication flaw that  ...)
-	TODO: check
+	NOT-FOR-US: Creacast Creabox Manager
 CVE-2025-57433 (The 2wcom IP-4c 2.15.5 device's web interface includes an information  ...)
 	TODO: check
 CVE-2025-57432 (Blackmagic Web Presenter version 3.3 exposes a Telnet service on port  ...)
-	TODO: check
+	NOT-FOR-US: Blackmagic Web Presenter
 CVE-2025-57431 (The Sound4 PULSE-ECO AES67 1.22 web-based management interface is vuln ...)
 	TODO: check
 CVE-2025-57430 (Creacast Creabox Manager 4.4.4 exposes sensitive configuration data vi ...)
-	TODO: check
+	NOT-FOR-US: Creacast Creabox Manager
 CVE-2025-57203 (MagicProject AI version 9.1 is affected by a Cross-Site Scripting (XSS ...)
-	TODO: check
+	NOT-FOR-US: MagicProject AI
 CVE-2025-56075 (A SQL Injection vulnerability was discovered in the normal-bwdates-rep ...)
 	NOT-FOR-US: PHPGurukul
 CVE-2025-56074 (A SQL Injection vulnerability was discovered in the foreigner-bwdates- ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/5dd15cd604c9962163b3d0281f9dcb7d2d72262c

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/5dd15cd604c9962163b3d0281f9dcb7d2d72262c
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20250923/0be640ef/attachment-0001.htm>

More information about the debian-security-tracker-commits mailing list