[Git][security-tracker-team/security-tracker][master] Process some NFUs

Salvatore Bonaccorso (@carnil) Thu, 13 Mar 2025 13:16:25 -0700


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker



Commits:
06f09d47 by Salvatore Bonaccorso at 2025-03-13T21:15:53+01:00
Process some NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,11 +1,11 @@
 CVE-2025-2284 (A denial-of-service vulnerability exists in the 
"GetWebLoginCredential ...)
        TODO: check
 CVE-2025-2280 (Improper access control in web extension restriction feature in 
Devolu ...)
-       TODO: check
+       NOT-FOR-US: Devolutions
 CVE-2025-2278 (Improper access control in temporary access requests and 
checkout requ ...)
-       TODO: check
+       NOT-FOR-US: Devolutions
 CVE-2025-2277 (Exposure of password in web-based SSH authentication component 
in Devo ...)
-       TODO: check
+       NOT-FOR-US: Devolutions
 CVE-2025-2275
        REJECTED
 CVE-2025-2265 (The password of a web user in "Sante PACS Server.exe" is 
zero-padded t ...)
@@ -39,23 +39,23 @@ CVE-2025-29773 (Froxlor is open-source server 
administration software. A vulnera
 CVE-2025-29768 (Vim, a text editor, is vulnerable to potential data loss with 
zip.vim  ...)
        TODO: check
 CVE-2025-29363 (Tenda RX3 US_RX3V1.0br_V16.03.13.11_multi_TDE01 is vulnerable 
to buffe ...)
-       TODO: check
+       NOT-FOR-US: Tenda
 CVE-2025-29362 (Tenda RX3 US_RX3V1.0br_V16.03.13.11_multi_TDE01 is vulnerable 
to Buffe ...)
-       TODO: check
+       NOT-FOR-US: Tenda
 CVE-2025-29361 (Tenda RX3 US_RX3V1.0br_V16.03.13.11_multi_TDE01 is vulnerable 
to Buffe ...)
-       TODO: check
+       NOT-FOR-US: Tenda
 CVE-2025-29360 (Tenda RX3 US_RX3V1.0br_V16.03.13.11_multi_TDE01 is vulnerable 
to Buffe ...)
-       TODO: check
+       NOT-FOR-US: Tenda
 CVE-2025-29359 (Tenda RX3 US_RX3V1.0br_V16.03.13.11_multi_TDE01 is vulnerable 
to Buffe ...)
-       TODO: check
+       NOT-FOR-US: Tenda
 CVE-2025-29358 (Tenda RX3 US_RX3V1.0br_V16.03.13.11_multi_TDE01 is vulnerable 
to Buffe ...)
-       TODO: check
+       NOT-FOR-US: Tenda
 CVE-2025-29357 (Tenda RX3 US_RX3V1.0br_V16.03.13.11_multi_TDE01 is vulnerable 
to Buffe ...)
-       TODO: check
+       NOT-FOR-US: Tenda
 CVE-2025-28015 (A HTML Injection vulnerability was found in 
loginsystem/edit-profile.p ...)
-       TODO: check
+       NOT-FOR-US: PHPGurukul
 CVE-2025-28011 (A SQL Injection was found in loginsystem/change-password.php 
in PHPGur ...)
-       TODO: check
+       NOT-FOR-US: PHPGurukul
 CVE-2025-28010 (A cross-site scripting (XSS) vulnerability has been identified 
in MODX ...)
        TODO: check
 CVE-2025-27496 (Snowflake, a platform for using artificial intelligence in the 
context ...)
@@ -73,13 +73,13 @@ CVE-2025-25598 (Incorrect access control in the scheduled 
tasks console of Inova
 CVE-2025-25363 (An authenticated stored cross-site scripting (XSS) 
vulnerability in Th ...)
        TODO: check
 CVE-2025-25175 (A vulnerability has been identified in Simcenter Femap V2401 
(All vers ...)
-       TODO: check
+       NOT-FOR-US: Siemens
 CVE-2025-24974 (DataEase is an open source business intelligence and data 
visualizatio ...)
        TODO: check
 CVE-2025-24053 (Improper authentication in Microsoft Dataverse allows an 
authorized at ...)
        TODO: check
 CVE-2025-21104 (Dell NetWorker, 19.11.0.3 and below versions, contain(s) an 
Open Redir ...)
-       TODO: check
+       NOT-FOR-US: Dell / EMC
 CVE-2025-1767 (This CVE only affects Kubernetes clusters that utilize the 
in-tree git ...)
        TODO: check
 CVE-2025-1652 (A maliciously crafted MODEL file, when parsed through Autodesk 
AutoCAD ...)
@@ -91,9 +91,9 @@ CVE-2025-1650 (A maliciously crafted CATPRODUCT file, when 
parsed through Autode
 CVE-2025-1649 (A maliciously crafted CATPRODUCT file, when parsed through 
Autodesk Au ...)
        TODO: check
 CVE-2025-1636 (Exposure of sensitive information in My Personal Credentials 
password  ...)
-       TODO: check
+       NOT-FOR-US: Devolutions
 CVE-2025-1635 (Exposure of sensitive information in hub data source export 
feature in ...)
-       TODO: check
+       NOT-FOR-US: Devolutions
 CVE-2025-1433 (A maliciously crafted MODEL file, when parsed through Autodesk 
AutoCAD ...)
        TODO: check
 CVE-2025-1432 (A maliciously crafted 3DM file, when parsed through Autodesk 
AutoCAD,  ...)
@@ -125,7 +125,7 @@ CVE-2024-22880 (Cross Site Scripting vulnerability in 
Zadarma Zadarma extension
 CVE-2024-12858 (Delta Electronics CNCSoft-G2 Version 2.1.0.16 and prior lacks 
proper   ...)
        TODO: check
 CVE-2024-10942 (The All-in-One WP Migration and Backup plugin for WordPress is 
vulnera ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2025-2271 (A vulnerability exists in Issuetrak v17.2.2 and prior that 
allows a lo ...)
        TODO: check
 CVE-2025-2250 (The WordPress Report Brute Force Attacks and Login Protection 
ReportAt ...)



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/06f09d475036b7794cb7e8d43677bea33c927032

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/06f09d475036b7794cb7e8d43677bea33c927032
You're receiving this email because of your account on salsa.debian.org.

_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

[Git][security-tracker-team/security-tracker][master] Process some NFUs

Reply via email to