[Git][security-tracker-team/security-tracker][master] Process some NFUs

Mon, 04 Aug 2025 13:24:19 -0700 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
5bbf10b7 by Salvatore Bonaccorso at 2025-08-04T22:23:44+02:00
Process some NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,25 +1,25 @@
 CVE-2025-8524 (A vulnerability was found in Boquan DotWallet App 2.15.2 on 
Android an ...)
-       TODO: check
+       NOT-FOR-US: Boquan DotWallet App
 CVE-2025-8523 (A vulnerability has been found in RiderLike Fruit Crush-Brain 
App 1.0  ...)
-       TODO: check
+       NOT-FOR-US: RiderLike Fruit Crush-Brain App
 CVE-2025-8522 (A vulnerability, which was classified as critical, was found in 
givanz ...)
-       TODO: check
+       NOT-FOR-US: givanz Vvvebjs
 CVE-2025-8521 (A vulnerability, which was classified as problematic, has been 
found i ...)
-       TODO: check
+       NOT-FOR-US: givanz Vvveb
 CVE-2025-8520 (A vulnerability classified as critical was found in givanz 
Vvveb up to ...)
-       TODO: check
+       NOT-FOR-US: givanz Vvveb
 CVE-2025-8519 (A vulnerability classified as problematic has been found in 
givanz Vvv ...)
-       TODO: check
+       NOT-FOR-US: givanz Vvveb
 CVE-2025-8518 (A vulnerability was found in givanz Vvveb 1.0.5. It has been 
rated as  ...)
-       TODO: check
+       NOT-FOR-US: givanz Vvveb
 CVE-2025-8517 (A vulnerability was found in givanz Vvveb 1.0.6.1. It has been 
declare ...)
-       TODO: check
+       NOT-FOR-US: givanz Vvveb
 CVE-2025-8516 (A vulnerability was found in Kingdee Cloud-Starry-Sky 
Enterprise Editi ...)
-       TODO: check
+       NOT-FOR-US: Kingdee Cloud-Starry-Sky Enterprise Edition
 CVE-2025-8515 (A vulnerability was found in Intelbras InControl 2.21.60.9 and 
classif ...)
        NOT-FOR-US: Intelbras
 CVE-2025-8341 (Grafana is an open-source platform for monitoring and 
observability. T ...)
-       TODO: check
+       NOT-FOR-US: Grafana plugin
 CVE-2025-8109 (Software installed and run as a non-privileged user may conduct 
ptrace ...)
        NOT-FOR-US: Imagination Technologies
 CVE-2025-6205 (A missing authorization vulnerability affecting DELMIA Apriso 
from Rel ...)
@@ -27,21 +27,21 @@ CVE-2025-6205 (A missing authorization vulnerability 
affecting DELMIA Apriso fro
 CVE-2025-6204 (An Improper Control of Generation of Code (Code Injection) 
vulnerabili ...)
        NOT-FOR-US: Dassault Systemes
 CVE-2025-5988 (A flaw was found in the Ansible aap-gateway. Cross-site request 
forger ...)
-       TODO: check
+       NOT-FOR-US: Ansible Automation Platform
 CVE-2025-55014 (The YouDao plugin for StarDict, as used in stardict 
3.0.7+git20220909+ ...)
-       TODO: check
+       NOT-FOR-US: YouDao plugin for StarDict
 CVE-2025-53395 (Paramount Macrium Reflect through 2025-06-26 allows local 
attackers to ...)
-       TODO: check
+       NOT-FOR-US: Paramount Macrium Reflect
 CVE-2025-53394 (Paramount Macrium Reflect through 2025-06-26 allows attackers 
to execu ...)
-       TODO: check
+       NOT-FOR-US: Paramount Macrium Reflect
 CVE-2025-52239 (An arbitrary file upload vulnerability in ZKEACMS v4.1 allows 
attacker ...)
-       TODO: check
+       NOT-FOR-US: ZKEACMS
 CVE-2025-51536 (Austrian Archaeological Institute (AI) OpenAtlas v8.11.0 as 
discovered ...)
-       TODO: check
+       NOT-FOR-US: Austrian Archaeological Institute (AI) OpenAtlas
 CVE-2025-51535 (Austrian Archaeological Institute (AI) OpenAtlas v8.11.0 as 
discovered ...)
-       TODO: check
+       NOT-FOR-US: Austrian Archaeological Institute (AI) OpenAtlas
 CVE-2025-51534 (A cross-site scripting (XSS) vulnerability in Austrian 
Archaeological  ...)
-       TODO: check
+       NOT-FOR-US: Austrian Archaeological Institute (AI) OpenAtlas
 CVE-2025-51390 (TOTOLINK N600R V4.3.0cu.7647_B20210106 was discovered to 
contain a com ...)
        NOT-FOR-US: TOTOLINK
 CVE-2025-50422 (An issue was discovered in freedesktop poppler v25.04.0. The 
heap memo ...)
@@ -53,23 +53,23 @@ CVE-2025-50340 (An Insecure Direct Object Reference (IDOR) 
vulnerability was dis
 CVE-2025-46206 (An issue in Artifex mupdf 1.25.6, 1.25.5 allows a remote 
attacker to c ...)
        TODO: check
 CVE-2025-44963 (RUCKUS Network Director (RND) before 4.5 allows spoofing of an 
adminis ...)
-       TODO: check
+       NOT-FOR-US: Ruckus
 CVE-2025-44962 (RUCKUS SmartZone (SZ) before 6.1.2p3 Refresh Build allows ../ 
director ...)
-       TODO: check
+       NOT-FOR-US: Ruckus
 CVE-2025-44961 (In RUCKUS SmartZone (SZ) before 6.1.2p3 Refresh Build, OS 
command inje ...)
-       TODO: check
+       NOT-FOR-US: Ruckus
 CVE-2025-44960 (RUCKUS SmartZone (SZ) before 6.1.2p3 Refresh Build allows OS 
command i ...)
-       TODO: check
+       NOT-FOR-US: Ruckus
 CVE-2025-44958 (RUCKUS Network Director (RND) before 4.5 stores passwords in a 
recover ...)
-       TODO: check
+       NOT-FOR-US: Ruckus
 CVE-2025-44957 (Ruckus SmartZone (SZ) before 6.1.2p3 Refresh Build allows 
authenticati ...)
-       TODO: check
+       NOT-FOR-US: Ruckus
 CVE-2025-44955 (RUCKUS Network Director (RND) before 4.5 allows jailed users 
to obtain ...)
-       TODO: check
+       NOT-FOR-US: Ruckus
 CVE-2025-44954 (RUCKUS SmartZone (SZ) before 6.1.2p3 Refresh Build has a 
hardcoded SSH ...)
-       TODO: check
+       NOT-FOR-US: Ruckus
 CVE-2025-44643 (Certain Draytek products are affected by Insecure 
Configuration. This  ...)
-       TODO: check
+       NOT-FOR-US: Draytek
 CVE-2025-41691 (An unauthenticated remote attacker may trigger a NULL pointer 
derefere ...)
        NOT-FOR-US: CODESYS
 CVE-2025-41659 (A low-privileged attacker can remotely access the PKI folder 
of the CO ...)
@@ -91,7 +91,7 @@ CVE-2025-36604 (Dell Unity, version(s) 5.5 and prior, 
contain(s) an Improper Neu
 CVE-2025-36594 (Dell PowerProtect Data Domain with Data Domain Operating 
System (DD OS ...)
        NOT-FOR-US: Dell / EMC
 CVE-2025-34147 (An unauthenticated OS command injection vulnerability exists 
in the Sh ...)
-       TODO: check
+       NOT-FOR-US: Shenzhen Aitemi M300 Wi-Fi Repeater
 CVE-2025-30099 (Dell PowerProtect Data Domain with Data Domain Operating 
System (DD OS ...)
        NOT-FOR-US: Dell / EMC
 CVE-2025-30098 (Dell PowerProtect Data Domain with Data Domain Operating 
System (DD OS ...)
@@ -107,13 +107,13 @@ CVE-2025-26065 (A cross-site scripting (XSS) 
vulnerability in Intelbras RX1500 v
 CVE-2025-21120 (Dell Avamar, versions prior to 19.12 with patch 338905, 
excluding vers ...)
        NOT-FOR-US: Dell / EMC
 CVE-2025-0932 (Use After Free vulnerability in Arm Ltd Bifrost GPU Userspace 
Driver,  ...)
-       TODO: check
+       NOT-FOR-US: ARM
 CVE-2024-45183 (An issue was discovered in Samsung Mobile Processor Exynos 
2100, 1280, ...)
-       TODO: check
+       NOT-FOR-US: Samsung
 CVE-2013-10054 (An unauthenticated arbitrary file upload vulnerability exists 
in Libre ...)
-       TODO: check
+       NOT-FOR-US: LibrettoCMS
 CVE-2013-10052 (ZPanel includes a helper binary named zsudo, intended to allow 
restric ...)
-       TODO: check
+       NOT-FOR-US: ZPanel
 CVE-2025-54962 (/edit-user in webserver in OpenPLC Runtime 3 through 9cd8f1b 
allows au ...)
        TODO: check
 CVE-2025-48499 (Out-of-bounds write vulnerability exists in FUJIFILM Business 
Innovati ...)



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/5bbf10b7957fabf1ef70da06ee664db5b06e5429

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/5bbf10b7957fabf1ef70da06ee664db5b06e5429
You're receiving this email because of your account on salsa.debian.org.



_______________________________________________
debian-security-tracker-commits mailing list
debian-security-tracker-commits@alioth-lists.debian.net
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

Reply via email to