[Git][security-tracker-team/security-tracker][master] Process some NFUs

Salvatore Bonaccorso (@carnil) Tue, 18 Mar 2025 15:57:31 -0700


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker



Commits:
193dc8f5 by Salvatore Bonaccorso at 2025-03-18T21:27:41+01:00
Process some NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,51 +1,51 @@
 CVE-2025-30142 (An issue was discovered on G-Net Dashcam BB GONX devices. 
Bypassing of ...)
-       TODO: check
+       NOT-FOR-US: G-Net
 CVE-2025-30141 (An issue was discovered on G-Net Dashcam BB GONX devices. One 
can Remo ...)
-       TODO: check
+       NOT-FOR-US: G-Net
 CVE-2025-30139 (An issue was discovered on G-Net Dashcam BB GONX devices. 
Default cred ...)
-       TODO: check
+       NOT-FOR-US: G-Net
 CVE-2025-30138 (An issue was discovered on G-Net Dashcam BB GONX devices. 
Managing Set ...)
-       TODO: check
+       NOT-FOR-US: G-Net
 CVE-2025-30137 (An issue was discovered in the G-Net GNET APK 2.6.2. Hardcoded 
credent ...)
-       TODO: check
+       NOT-FOR-US: G-Net
 CVE-2025-30132 (An issue was discovered on IROAD Dashcam V devices. It uses an 
unregis ...)
-       TODO: check
+       NOT-FOR-US: IROAD
 CVE-2025-30123 (An issue was discovered on ROADCAM X3 devices. The mobile app 
APK (Vii ...)
-       TODO: check
+       NOT-FOR-US: ROADCAM
 CVE-2025-30122 (An issue was discovered on ROADCAM X3 devices. It has a 
uniform defaul ...)
-       TODO: check
+       NOT-FOR-US: ROADCAM
 CVE-2025-30117 (An issue was discovered on the Forvia Hella HELLA Driving 
Recorder DR  ...)
-       TODO: check
+       NOT-FOR-US: Forvia Hella HELLA Driving Recorder DR 820
 CVE-2025-30116 (An issue was discovered on the Forvia Hella HELLA Driving 
Recorder DR  ...)
-       TODO: check
+       NOT-FOR-US: Forvia Hella HELLA Driving Recorder DR 820
 CVE-2025-30115 (An issue was discovered on the Forvia Hella HELLA Driving 
Recorder DR  ...)
-       TODO: check
+       NOT-FOR-US: Forvia Hella HELLA Driving Recorder DR 820
 CVE-2025-30114 (An issue was discovered on the Forvia Hella HELLA Driving 
Recorder DR  ...)
-       TODO: check
+       NOT-FOR-US: Forvia Hella HELLA Driving Recorder DR 820
 CVE-2025-30113 (An issue was discovered on the Forvia Hella HELLA Driving 
Recorder DR  ...)
-       TODO: check
+       NOT-FOR-US: Forvia Hella HELLA Driving Recorder DR 820
 CVE-2025-30111 (On IROAD v9 devices, one can Remotely Dump Video Footage and 
the Live  ...)
-       TODO: check
+       NOT-FOR-US: IROAD
 CVE-2025-30110 (On IROAD X5 devices, a Bypass of Device Pairing can occur via 
MAC Addr ...)
-       TODO: check
+       NOT-FOR-US: IROAD
 CVE-2025-30109 (In the IROAD APK 5.2.5, there are Hardcoded Credentials in the 
APK for ...)
-       TODO: check
+       NOT-FOR-US: IROAD
 CVE-2025-30107 (On IROAD V9 devices, Managing Settings and Obtaining Sensitive 
Data an ...)
-       TODO: check
+       NOT-FOR-US: IROAD
 CVE-2025-30106 (On IROAD v9 devices, the dashcam has hardcoded default 
credentials ("q ...)
-       TODO: check
+       NOT-FOR-US: IROAD
 CVE-2025-2495 (Stored Cross-Site Scripting (XSS) in Softdial Contact Center of 
Sytel  ...)
-       TODO: check
+       NOT-FOR-US: Softdial Contact Center of Sytel Ltd
 CVE-2025-2494 (Unrestricted file upload to Softdial Contact Center of Sytel 
Ltd. This ...)
-       TODO: check
+       NOT-FOR-US: Softdial Contact Center of Sytel Ltd
 CVE-2025-2493 (Path Traversal vulnerability in Softdial Contact Center of 
Sytel Ltd.  ...)
-       TODO: check
+       NOT-FOR-US: Softdial Contact Center of Sytel Ltd
 CVE-2025-2491 (A vulnerability classified as problematic has been found in 
Dromara uj ...)
-       TODO: check
+       NOT-FOR-US: Dromara ujcms
 CVE-2025-2490 (A vulnerability was found in Dromara ujcms 9.7.5. It has been 
rated as ...)
-       TODO: check
+       NOT-FOR-US: Dromara ujcms
 CVE-2025-2489 (Insecure information storage vulnerability in NTFS Tools 
version 3.5.1 ...)
-       TODO: check
+       NOT-FOR-US: NTFS Tools
 CVE-2025-2487 (A flaw was found in the 389-ds-base LDAP Server. This issue 
occurs whe ...)
        TODO: check
 CVE-2025-2450 (NI Vision Builder AI VBAI File Processing Missing Warning 
Remote Code  ...)
@@ -53,37 +53,37 @@ CVE-2025-2450 (NI Vision Builder AI VBAI File Processing 
Missing Warning Remote
 CVE-2025-2449 (NI FlexLogger usiReg URI File Parsing Directory Traversal 
Remote Code  ...)
        TODO: check
 CVE-2025-29930 (imFAQ is an advanced questions and answers management system 
for Impre ...)
-       TODO: check
+       NOT-FOR-US: ImpressCMS
 CVE-2025-29907 (jsPDF is a library to generate PDFs in JavaScript. Prior to 
3.0.1, use ...)
        TODO: check
 CVE-2025-29790 (Contao is an Open Source CMS. Users can upload SVG files with 
maliciou ...)
-       TODO: check
+       NOT-FOR-US: Contao CMS
 CVE-2025-27688 (Dell ThinOS 2408 and prior, contains an improper permissions 
vulnerabi ...)
        NOT-FOR-US: Dell / EMC
 CVE-2025-27080 (Vulnerabilities in the command line interface of AOS-CX could 
allow an ...)
        TODO: check
 CVE-2025-26138 (Systemic Risk Value <=2.8.0 is vulnerable to improper access 
control i ...)
-       TODO: check
+       NOT-FOR-US: Systemic Risk Value
 CVE-2025-26137 (Systemic Risk Value <=2.8.0 is vulnerable to Local File 
Inclusion via  ...)
-       TODO: check
+       NOT-FOR-US: Systemic Risk Value
 CVE-2025-25595 (A lack of rate limiting in the login page of Safe App version 
a3.0.9 a ...)
-       TODO: check
+       NOT-FOR-US: Safe App
 CVE-2025-25590 (yimioa before v2024.07.04 was discovered to contain a SQL 
injection vu ...)
-       TODO: check
+       NOT-FOR-US: yimioa
 CVE-2025-25589 (An XML external entity (XXE) injection vulnerability in the 
component  ...)
-       TODO: check
+       NOT-FOR-US: yimioa
 CVE-2025-25586 (yimioa before v2024.07.04 was discovered to contain an 
information dis ...)
-       TODO: check
+       NOT-FOR-US: yimioa
 CVE-2025-25585 (Incorrect access control in the component 
/config/WebSecurityConfig.ja ...)
-       TODO: check
+       NOT-FOR-US: yimioa
 CVE-2025-25582 (yimioa before v2024.07.04 was discovered to contain a SQL 
injection vu ...)
-       TODO: check
+       NOT-FOR-US: yimioa
 CVE-2025-25580 (yimioa before v2024.07.04 was discovered to contain a SQL 
injection vu ...)
-       TODO: check
+       NOT-FOR-US: yimioa
 CVE-2025-25500 (An issue in CosmWasm prior to v2.2.0 allows attackers to 
bypass capabi ...)
        TODO: check
 CVE-2025-25220 (Improper neutralization of special elements used in an OS 
command ('OS ...)
-       TODO: check
+       NOT-FOR-US: +F FS010M
 CVE-2025-25042 (A vulnerability in the AOS-CX REST interface could allow an 
authentica ...)
        TODO: check
 CVE-2025-25040 (A vulnerability has been identified in the port ACL 
functionality of A ...)



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/193dc8f510e262c4fb4a28326e4f0bf21ab519ff

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/193dc8f510e262c4fb4a28326e4f0bf21ab519ff
You're receiving this email because of your account on salsa.debian.org.

_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

[Git][security-tracker-team/security-tracker][master] Process some NFUs

Reply via email to