[Git][security-tracker-team/security-tracker][master] Process some NFUs

[Salvatore Bonaccorso (@carnil)]

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
dcd97901 by Salvatore Bonaccorso at 2025-11-04T09:34:53+01:00
Process some NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,5 +1,5 @@
 CVE-2025-63293 (FairSketch Rise Ultimate Project Manager & CRM 3.9.4 is 
vulnerable to  ...)
-       TODO: check
+       NOT-FOR-US: FairSketch Rise Ultimate Project Manager & CRM
 CVE-2025-47370 (Transient DOS when a remote device sends an invalid connection 
request ...)
        NOT-FOR-US: Qualcomm
 CVE-2025-47368 (Memory corruption when dereferencing an invalid userspace 
address in a ...)
@@ -235,9 +235,9 @@ CVE-2025-43288 (This issue was addressed with improved 
validation of symlinks. T
 CVE-2025-36172 (IBM Cloud Pak for Business Automation 25.0.0 through 25.0.0 
Interim Fi ...)
        NOT-FOR-US: IBM
 CVE-2025-35021 (By failing to authenticate three times to an unconfigured 
Abilis CPX d ...)
-       TODO: check
+       NOT-FOR-US: Abilis
 CVE-2025-34501 (Deck Mate 2 is distributed with static, hard-coded credentials 
for the ...)
-       TODO: check
+       NOT-FOR-US: Deck Mate 2
 CVE-2025-27074 (Memory corruption while processing a GP command response.)
        NOT-FOR-US: Qualcomm
 CVE-2025-27070 (Memory corruption while performing encryption and decryption 
commands.)
@@ -373,13 +373,13 @@ CVE-2025-11007 (The CE21 Suite plugin for WordPress is 
vulnerable to unauthorize
 CVE-2025-10896 (Multiple plugins for WordPress with the Jewel Theme 
Recommended Plugin ...)
        NOT-FOR-US: WordPress plugin
 CVE-2024-13998 (Nagios XI versions prior to2024R1.1.3, under certain 
circumstances, di ...)
-       TODO: check
+       NOT-FOR-US: Nagios XI
 CVE-2024-13997 (Nagios XI versions prior to2024R1.1.3contain a privilege 
escalation vu ...)
-       TODO: check
+       NOT-FOR-US: Nagios XI
 CVE-2021-47698 (Nagios XI versions prior to5.8.7using embedded Nagios Core are 
vulnera ...)
-       TODO: check
+       NOT-FOR-US: Nagios XI
 CVE-2016-15054 (Nagios XI versions prior to5.4.0 are vulnerable to cross-site 
scriptin ...)
-       TODO: check
+       NOT-FOR-US: Nagios XI
 CVE-2025-8900 (The Doccure Core plugin for WordPress is vulnerable to 
privilege escal ...)
        NOT-FOR-US: WordPress plugin
 CVE-2025-8558 (Insider Threat Management (ITM) Serverversions prior to 
7.17.2contain  ...)



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/dcd97901f908fa07480a64a751732034d551c5a4

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/dcd97901f908fa07480a64a751732034d551c5a4
You're receiving this email because of your account on salsa.debian.org.



_______________________________________________
debian-security-tracker-commits mailing list
debian-security-tracker-commits@alioth-lists.debian.net
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits