[Git][security-tracker-team/security-tracker][master] 2 commits: auto-nfu: Add rule for ZTE

Moritz Muehlenhoff (@jmm) Fri, 07 Mar 2025 00:33:22 -0800


Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / 
security-tracker



Commits:
21665c72 by Moritz Muehlenhoff at 2025-03-07T09:30:23+01:00
auto-nfu: Add rule for ZTE

- - - - -
936944c0 by Moritz Muehlenhoff at 2025-03-07T09:32:18+01:00
NFUs

- - - - -


2 changed files:

- data/CVE/list
- data/packages/nfu.yaml


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,15 +1,15 @@
 CVE-2025-2067 (A vulnerability was found in projectworlds Life Insurance 
Management S ...)
-       TODO: check
+       NOT-FOR-US: rojectworlds Life Insurance Management System
 CVE-2025-2066 (A vulnerability has been found in projectworlds Life Insurance 
Managem ...)
-       TODO: check
+       NOT-FOR-US: rojectworlds Life Insurance Management System
 CVE-2025-2065 (A vulnerability, which was classified as critical, was found in 
projec ...)
-       TODO: check
+       NOT-FOR-US: rojectworlds Life Insurance Management System
 CVE-2025-2064 (A vulnerability, which was classified as critical, has been 
found in p ...)
-       TODO: check
+       NOT-FOR-US: rojectworlds Life Insurance Management System
 CVE-2025-2063 (A vulnerability classified as critical was found in 
projectworlds Life ...)
-       TODO: check
+       NOT-FOR-US: rojectworlds Life Insurance Management System
 CVE-2025-2062 (A vulnerability classified as critical has been found in 
projectworlds ...)
-       TODO: check
+       NOT-FOR-US: rojectworlds Life Insurance Management System
 CVE-2025-2061 (A vulnerability was found in code-projects Online Ticket 
Reservation S ...)
        NOT-FOR-US: code-projects
 CVE-2025-2060 (A vulnerability was found in PHPGurukul Emergency Ambulance 
Hiring Por ...)
@@ -39,23 +39,23 @@ CVE-2025-2046 (A vulnerability was found in SourceCodester 
Best Employee Managem
 CVE-2025-2044 (A vulnerability was found in code-projects Blood Bank 
Management Syste ...)
        NOT-FOR-US: code-projects
 CVE-2025-2043 (A vulnerability was found in LinZhaoguan pb-cms 1.0.0 and 
classified a ...)
-       TODO: check
+       NOT-FOR-US: LinZhaoguan pb-cms
 CVE-2025-2042 (A vulnerability has been found in huang-yk student-manage 1.0 
and clas ...)
-       TODO: check
+       NOT-FOR-US: huang-yk student-manage
 CVE-2025-2041 (A vulnerability, which was classified as critical, has been 
found in s ...)
-       TODO: check
+       NOT-FOR-US: s-a-zhd Ecommerce-Website-using-PHP
 CVE-2025-27816 (A vulnerability was discovered in the Arctera InfoScale 7.0 
through 8. ...)
-       TODO: check
+       NOT-FOR-US: Arctera InfoScale
 CVE-2025-27796 (WPG in GraphicsMagick before 1.3.46 mishandles palette buffer 
allocati ...)
        TODO: check
 CVE-2025-27795 (JXL in GraphicsMagick before 1.3.46 lacks image dimension 
resource lim ...)
        TODO: check
 CVE-2025-27598 (ImageSharp is a 2D graphics API. An Out-of-bounds Write 
vulnerability  ...)
-       TODO: check
+       NOT-FOR-US: ImageSharp
 CVE-2025-26708 (There is a configuration defect vulnerability in ZTELink 5.4.9 
for iOS ...)
-       TODO: check
+       NOT-FOR-US: ZTE
 CVE-2025-25763 (crmeb CRMEB-KY v5.4.0 and before has a SQL Injection 
vulnerability at  ...)
-       TODO: check
+       NOT-FOR-US: crmeb CRMEB-KY
 CVE-2025-1475 (The WPCOM Member plugin for WordPress is vulnerable to 
authentication  ...)
        NOT-FOR-US: WordPress plugin
 CVE-2025-1309 (The UiPress lite | Effortless custom dashboards, admin themes 
and page ...)
@@ -69,7 +69,7 @@ CVE-2025-0749 (The Homey theme for WordPress is vulnerable to 
authentication byp
 CVE-2025-0748 (The Homey theme for WordPress is vulnerable to Cross-Site 
Request Forg ...)
        NOT-FOR-US: WordPress plugin
 CVE-2024-57972 (The pairing API request handler in Microsoft HoloLens 1 
(Windows Holog ...)
-       TODO: check
+       NOT-FOR-US: Microsoft HoloLens
 CVE-2024-13906 (The Gallery by BestWebSoft \u2013 Customizable Image and Photo 
Galleri ...)
        NOT-FOR-US: WordPress plugin
 CVE-2024-13655 (The Flex Mag - Responsive WordPress News Theme theme for 
WordPress is  ...)


=====================================
data/packages/nfu.yaml
=====================================
@@ -23,6 +23,8 @@
   cna: WPScan
 - reason: MediaTek
   cna: MediaTek
+- reason: ZTE
+  cna: zte
 # Complex rules (Hint: allOf, anyOf, not)
 - reason: Esri
   allOf:



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/9831cc4a23d5637512772aa6eda65905ccd05877...936944c08e07f886a02c2daafee41338545e5c59

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/9831cc4a23d5637512772aa6eda65905ccd05877...936944c08e07f886a02c2daafee41338545e5c59
You're receiving this email because of your account on salsa.debian.org.

_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

[Git][security-tracker-team/security-tracker][master] 2 commits: auto-nfu: Add rule for ZTE

Reply via email to