[Git][security-tracker-team/security-tracker][master] NFUs

Moritz Muehlenhoff (@jmm) Wed, 25 Jun 2025 02:21:22 -0700


Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / 
security-tracker



Commits:
17eb6b71 by Moritz Muehlenhoff at 2025-06-25T11:20:49+02:00
NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -101,7 +101,7 @@ CVE-2025-6568 (A vulnerability classified as critical has 
been found in TOTOLINK
 CVE-2025-6567 (A vulnerability was found in Campcodes Online Recruitment 
Management S ...)
        NOT-FOR-US: Campcodes
 CVE-2025-6566 (A vulnerability was found in oatpp Oat++ up to 1.3.1. It has 
been decl ...)
-       TODO: check
+       NOT-FOR-US: oatpp
 CVE-2025-6565 (A vulnerability was found in Netgear WNCE3001 1.0.0.50. It has 
been cl ...)
        NOT-FOR-US: Netgear
 CVE-2025-6557 (Insufficient data validation in DevTools in Google Chrome on 
Windows p ...)
@@ -156,21 +156,21 @@ CVE-2025-4877
        NOTE: https://www.libssh.org/security/advisories/CVE-2025-4877.txt
        NOTE: Fixed by: 
https://git.libssh.org/projects/libssh.git/commit/?id=6fd9cc8ce3958092a1aae11f1f2e911b2747732d
 (libssh-0.11.2)
 CVE-2025-5087 (Kaleris NAVIS N4 ULC (Ultra Light Client) communicates 
insecurely usin ...)
-       TODO: check
+       NOT-FOR-US: Kaleris NAVIS N4 ULC
 CVE-2025-53073 (In Sentry 25.1.0 through 25.5.1, an authenticated attacker can 
access  ...)
        NOT-FOR-US: Sentry
 CVE-2025-53021 (A session fixation vulnerability in Moodle 3.x through 3.11.18 
allows  ...)
        - moodle <removed>
 CVE-2025-52888 (Allure 2 is the version 2.x branch of Allure Report, a 
multi-language  ...)
-       TODO: check
+       NOT-FOR-US: Allure
 CVE-2025-52882 (Claude Code is an agentic coding tool. Claude Code extensions 
in VSCod ...)
-       TODO: check
+       NOT-FOR-US: Claude Code
 CVE-2025-52880 (Komga is a media server for comics, mangas, BDs, magazines and 
eBooks. ...)
-       TODO: check
+       NOT-FOR-US: Komga
 CVE-2025-52571 (Hikka is a Telegram userbot. A vulnerability affects all users 
of vers ...)
-       TODO: check
+       NOT-FOR-US: Hikka
 CVE-2025-52471 (ESF-IDF is the Espressif Internet of Things (IOT) Development 
Framewor ...)
-       TODO: check
+       NOT-FOR-US: ESF-IDF
 CVE-2025-50699 (PHPGurukul Online DJ Booking Management System 2.0 is 
vulnerable to Cr ...)
        NOT-FOR-US: PHPGurukul
 CVE-2025-50695 (PHPGurukul Online DJ Booking Management System 2.0 is 
vulnerable to Cr ...)
@@ -178,23 +178,23 @@ CVE-2025-50695 (PHPGurukul Online DJ Booking Management 
System 2.0 is vulnerable
 CVE-2025-50693 (PHPGurukul Online DJ Booking Management System 2.0 is 
vulnerable to In ...)
        NOT-FOR-US: PHPGurukul
 CVE-2025-4383 (Improper Restriction of Excessive Authentication Attempts 
vulnerabilit ...)
-       TODO: check
+       NOT-FOR-US: Wi-Fi Cloud Hotspot
 CVE-2025-4378 (Cleartext Transmission of Sensitive Information, Use of 
Hard-coded Cre ...)
-       TODO: check
+       NOT-FOR-US: ATA-AOF Mobile Application
 CVE-2025-49853 (ControlID iDSecure On-premises versions 4.7.48.0 and prior are 
vulnera ...)
-       TODO: check
+       NOT-FOR-US: ControlID iDSecure
 CVE-2025-49852 (ControlID iDSecure On-premises versions 4.7.48.0 and prior are 
vulnera ...)
-       TODO: check
+       NOT-FOR-US: ControlID iDSecure
 CVE-2025-49851 (ControlID iDSecure On-premises versions 4.7.48.0 and prior are 
vulnera ...)
-       TODO: check
+       NOT-FOR-US: ControlID iDSecure
 CVE-2025-49147 (Umbraco, a free and open source .NET content management 
system, has a  ...)
        TODO: check
 CVE-2025-44531 (An issue in Realtek RTL8762EKF-EVB RTL8762E SDK v1.4.0 allows 
attacker ...)
-       TODO: check
+       NOT-FOR-US: Realtek
 CVE-2025-3092 (An unauthenticated remote attacker can enumerate valid user 
names from ...)
-       TODO: check
+       NOT-FOR-US: myREX24
 CVE-2025-3091 (An low privileged remote attacker in possession of the second 
factor f ...)
-       TODO: check
+       NOT-FOR-US: mbCONNECT24
 CVE-2025-39205 (A vulnerability exists in the IEC 61850 in MicroSCADA X SYS600 
product ...)
        NOT-FOR-US: Hitachi Energy
 CVE-2025-39204 (A vulnerability exists in the Web interface of the MicroSCADA 
X SYS600 ...)



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/17eb6b712a1e0e8c3038ca154c3d0913318b2e96

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/17eb6b712a1e0e8c3038ca154c3d0913318b2e96
You're receiving this email because of your account on salsa.debian.org.

_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

[Git][security-tracker-team/security-tracker][master] NFUs

Reply via email to