[Git][security-tracker-team/security-tracker][master] Process some NFUs

Salvatore Bonaccorso (@carnil) Fri, 20 Jun 2025 13:41:06 -0700


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker



Commits:
4f562e01 by Salvatore Bonaccorso at 2025-06-20T22:39:40+02:00
Process some NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -281,11 +281,11 @@ CVE-2025-49964 (Cross-Site Request Forgery (CSRF) 
vulnerability in indgeek ClipL
 CVE-2025-49873 (Improper Neutralization of Input During Web Page Generation 
('Cross-si ...)
        NOT-FOR-US: WordPress plugin
 CVE-2025-49132 (Pterodactyl is a free, open-source game server management 
panel. Prior ...)
-       TODO: check
+       NOT-FOR-US: Pterodactyl
 CVE-2025-48706 (An issue was discovered in COROS PACE 3 through 3.0808.0. Due 
to an ou ...)
-       TODO: check
+       NOT-FOR-US: COROS PACE
 CVE-2025-48705 (An issue was discovered in COROS PACE 3 through 3.0808.0. Due 
to a NUL ...)
-       TODO: check
+       NOT-FOR-US: COROS PACE
 CVE-2025-48059 (PowSyBl (Power System Blocks) is a framework to build power 
system ori ...)
        NOT-FOR-US: PowSyBl (Power System Blocks)
 CVE-2025-46179 (A SQL Injection vulnerability was discovered in the 
askquery.php file  ...)
@@ -293,9 +293,9 @@ CVE-2025-46179 (A SQL Injection vulnerability was 
discovered in the askquery.php
 CVE-2025-46158 (An issue in redoxOS kernel before commit 5d41cd7c allows a 
local attac ...)
        NOT-FOR-US: redoxOS kernel
 CVE-2025-45890 (Directory Traversal vulnerability in novel plus before v.5.1.0 
allows  ...)
-       TODO: check
+       NOT-FOR-US: novel plus
 CVE-2025-45331 (brplot v420.69.1 contains a Null Pointer Dereference (NPD) 
vulnerabili ...)
-       TODO: check
+       NOT-FOR-US: brplot
 CVE-2025-44635 (There are multiple unauthorized remote command execution 
vulnerabiliti ...)
        NOT-FOR-US: H3C
 CVE-2025-44203 (In HotelDruid 3.0.7, an unauthenticated attacker can exploit 
verbose S ...)
@@ -313,33 +313,33 @@ CVE-2025-34029 (An OS command injection vulnerability 
exists in the Edimax EW-74
 CVE-2025-34024 (An OS command injection vulnerability exists in the Edimax 
EW-7438RPn  ...)
        NOT-FOR-US: Edimax
 CVE-2025-34023 (A path traversal vulnerability exists in the Karel IP1211 IP 
Phone's w ...)
-       TODO: check
+       NOT-FOR-US: Karel IP1211 IP Phone's web management panel
 CVE-2025-34022 (A path traversal vulnerability exists in multiple models of 
Selea Targ ...)
-       TODO: check
+       NOT-FOR-US: Selea Targa
 CVE-2025-34021 (A server-side request forgery (SSRF) vulnerability exists in 
multiple  ...)
-       TODO: check
+       NOT-FOR-US: Selea Targa
 CVE-2025-32880 (An issue was discovered on COROS PACE 3 devices through 
3.0808.0. It i ...)
-       TODO: check
+       NOT-FOR-US: COROS PACE
 CVE-2025-32879 (An issue was discovered on COROS PACE 3 devices through 
3.0808.0. It s ...)
-       TODO: check
+       NOT-FOR-US: COROS PACE
 CVE-2025-32878 (An issue was discovered on COROS PACE 3 devices through 
3.0808.0. It i ...)
-       TODO: check
+       NOT-FOR-US: COROS PACE
 CVE-2025-32877 (An issue was discovered on COROS PACE 3 devices through 
3.0808.0. It i ...)
-       TODO: check
+       NOT-FOR-US: COROS PACE
 CVE-2025-32876 (An issue was discovered on COROS PACE 3 devices through 
3.0808.0. The  ...)
-       TODO: check
+       NOT-FOR-US: COROS PACE
 CVE-2025-32875 (An issue was discovered in the COROS application through 
3.8.12 for An ...)
-       TODO: check
+       NOT-FOR-US: COROS application
 CVE-2025-32753 (Dell PowerScale OneFS, versions 9.5.0.0 through 9.10.0.1, 
contains an  ...)
        NOT-FOR-US: Dell / EMC
 CVE-2025-2443 (An issue has been discovered in GitLab EE that allows for 
cross-site-s ...)
        TODO: check
 CVE-2025-25038 (An OS command injection vulnerability exists in MiniDVBLinux 
version 5 ...)
-       TODO: check
+       NOT-FOR-US: MiniDVBLinux
 CVE-2025-25037 (An information disclosure vulnerability exists in Aquatronica 
Controll ...)
-       TODO: check
+       NOT-FOR-US: Aquatronica Controller System firmware
 CVE-2025-25034 (A PHP object injection vulnerability exists in SugarCRM 
versions prior ...)
-       TODO: check
+       NOT-FOR-US: SugarCRM
 CVE-2024-7586 (An issue was discovered in GitLab EE affecting all versions 
starting f ...)
        TODO: check
 CVE-2024-53298 (Dell PowerScale OneFS, versions 9.5.0.0 through 9.10.0.1, 
contains a m ...)
@@ -432,7 +432,7 @@ CVE-2025-6278 (A vulnerability classified as critical was 
found in Upsonic up to
 CVE-2025-6277 (A vulnerability classified as critical has been found in 
Brilliance Go ...)
        NOT-FOR-US: Brilliance Golden Link Secondary System
 CVE-2025-6264 (Velociraptor allows collection of VQL queries packaged into 
Artifacts  ...)
-       TODO: check
+       NOT-FOR-US: Velociraptor
 CVE-2025-5125 (The Custom Post Carousels with Owl WordPress plugin before 
1.4.12 uses ...)
        NOT-FOR-US: WordPress plugin
 CVE-2025-50054 (Buffer overflow in OpenVPN ovpn-dco-win version 1.3.0 and 
earlier and  ...)



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/4f562e01b1fd575bcfb6743d9d2733c9aebcb665

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/4f562e01b1fd575bcfb6743d9d2733c9aebcb665
You're receiving this email because of your account on salsa.debian.org.

_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

[Git][security-tracker-team/security-tracker][master] Process some NFUs

Reply via email to