[Git][security-tracker-team/security-tracker][master] Process some NFUs

Wed, 16 Apr 2025 11:28:39 -0700 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
67babd04 by Salvatore Bonaccorso at 2025-04-16T20:27:23+02:00
Process some NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -508,9 +508,9 @@ CVE-2024-58092 [nfsd: fix legacy client tracking 
initialization]
        [bullseye] - linux <not-affected> (Vulnerable code not present)
        NOTE: 
https://git.kernel.org/linus/de71d4e211eddb670b285a0ea477a299601ce1ca (6.14-rc1)
 CVE-2025-3698 (Interface exposure vulnerability in the mobile application 
(com.transs ...)
-       TODO: check
+       NOT-FOR-US: com.transsion.carlcare mobile application
 CVE-2025-3676 (A vulnerability classified as critical has been found in 
xxyopen Novel ...)
-       TODO: check
+       NOT-FOR-US: xxyopen Novel-Plus
 CVE-2025-3675 (A vulnerability was found in TOTOLINK A3700R 
9.1.2u.5822_B20200513. It ...)
        NOT-FOR-US: TOTOLINK
 CVE-2025-3674 (A vulnerability was found in TOTOLINK A3700R 
9.1.2u.5822_B20200513. It ...)
@@ -720,7 +720,7 @@ CVE-2025-2497 (A maliciously crafted DWG file, when parsed 
through Autodesk Revi
 CVE-2025-2314 (The User Profile Builder \u2013 Beautiful User Registration 
Forms, Use ...)
        NOT-FOR-US: WordPress plugin
 CVE-2025-29471 (Cross Site Scripting vulnerability in Nagios Log Server 
v.2024R1.3.1 a ...)
-       TODO: check
+       NOT-FOR-US: Nagios Log Server
 CVE-2025-27939 (An attacker can change registered email addresses of other 
users and t ...)
        NOT-FOR-US: Growatt Cloud portal
 CVE-2025-27938 (Unauthenticated attackers can obtain restricted information 
about a us ...)
@@ -806,7 +806,7 @@ CVE-2025-24315 (Unauthenticated attackers can add devices 
of other users to thei
 CVE-2025-24297 (Due to lack of server-side input validation, attackers can 
inject mali ...)
        NOT-FOR-US: Growatt Cloud portal
 CVE-2025-22911 (RE11S v1.11 was discovered to contain a stack overflow via the 
rootAPm ...)
-       TODO: check
+       NOT-FOR-US: RE11S
 CVE-2025-22269 (Improper Neutralization of Input During Web Page Generation 
('Cross-si ...)
        NOT-FOR-US: WordPress plugin or theme
 CVE-2025-22268 (Improper Neutralization of Input During Web Page Generation 
('Cross-si ...)



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/67babd047e70423e120ccabdd78ee8d331ce24c1

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/67babd047e70423e120ccabdd78ee8d331ce24c1
You're receiving this email because of your account on salsa.debian.org.



_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

Reply via email to