[Git][security-tracker-team/security-tracker][master] Process some NFUs

[Salvatore Bonaccorso (@carnil)]

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
160f4430 by Salvatore Bonaccorso at 2025-05-08T22:43:12+02:00
Process some NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -5,57 +5,57 @@ CVE-2025-4208 (The NEX-Forms \u2013 Ultimate Form Builder 
\u2013 Contact forms a
 CVE-2025-4207 (Buffer over-read in PostgreSQL GB18030 encoding validation 
allows a da ...)
        TODO: check
 CVE-2025-4132 (Rapid7 Corporate Website prior to May 2nd 2025, suffered from a 
URL Re ...)
-       TODO: check
+       NOT-FOR-US: Rapid7
 CVE-2025-4098 (Horner Automation Cscape version 10.0 (10.0.415.2) SP1 is 
vulnerable t ...)
-       TODO: check
+       NOT-FOR-US: Horner Automation Cscape
 CVE-2025-47730 (The TeleMessage archiving backend through 2025-05-05 accepts 
API calls ...)
-       TODO: check
+       NOT-FOR-US: TeleMessage (a insecure Signal app clone)
 CVE-2025-47729 (The TeleMessage archiving backend through 2025-05-05 holds 
cleartext c ...)
-       TODO: check
+       NOT-FOR-US: TeleMessage (a insecure Signal app clone)
 CVE-2025-46833 (Programs/P73_SimplePythonEncryption.py illustrates a simple 
Python enc ...)
-       TODO: check
+       NOT-FOR-US: Programs/P73_SimplePythonEncryption.py
 CVE-2025-46812 (Trix is a what-you-see-is-what-you-get rich text editor for 
everyday w ...)
-       TODO: check
+       NOT-FOR-US: Trix
 CVE-2025-46712 (Erlang/OTP is a set of libraries for the Erlang programming 
language.  ...)
        TODO: check
 CVE-2025-45847 (ALFA AIP-W512 v3.2.2.2.3 was discovered to contain an 
authenticated st ...)
-       TODO: check
+       NOT-FOR-US: ALFA AIP-W512
 CVE-2025-45846 (ALFA AIP-W512 v3.2.2.2.3 was discovered to contain an 
authenticated st ...)
-       TODO: check
+       NOT-FOR-US: ALFA AIP-W512
 CVE-2025-45845 (TOTOLINK NR1800X V9.1.0u.6681_B20230703 was discovered to 
contain an a ...)
-       TODO: check
+       NOT-FOR-US: TOTOLINK
 CVE-2025-45844 (TOTOLINK NR1800X V9.1.0u.6681_B20230703 was discovered to 
contain an a ...)
-       TODO: check
+       NOT-FOR-US: TOTOLINK
 CVE-2025-45843 (TOTOLINK NR1800X V9.1.0u.6681_B20230703 was discovered to 
contain an a ...)
-       TODO: check
+       NOT-FOR-US: TOTOLINK
 CVE-2025-45842 (TOTOLINK NR1800X V9.1.0u.6681_B20230703 was discovered to 
contain an a ...)
-       TODO: check
+       NOT-FOR-US: TOTOLINK
 CVE-2025-45841 (TOTOLINK NR1800X V9.1.0u.6681_B20230703 was discovered to 
contain an a ...)
-       TODO: check
+       NOT-FOR-US: TOTOLINK
 CVE-2025-45820 (Slims (Senayan Library Management Systems) 9 Bulian 9.6.1 is 
vulnerabl ...)
-       TODO: check
+       NOT-FOR-US: Slims (Senayan Library Management Systems) 9 Bulian
 CVE-2025-45819 (Slims (Senayan Library Management Systems) 9 Bulian 9.6.1 is 
vulnerabl ...)
-       TODO: check
+       NOT-FOR-US: Slims (Senayan Library Management Systems) 9 Bulian
 CVE-2025-45818 (Slims (Senayan Library Management Systems) 9 Bulian 9.6.1 is 
vulnerabl ...)
-       TODO: check
+       NOT-FOR-US: Slims (Senayan Library Management Systems) 9 Bulian
 CVE-2025-45798 (A command execution vulnerability exists in the TOTOLINK 
A950RG V4.1.2 ...)
-       TODO: check
+       NOT-FOR-US: TOTOLINK
 CVE-2025-45797 (TOTOlink A950RG V4.1.2cu.5204_B20210112 contains a buffer 
overflow vul ...)
-       TODO: check
+       NOT-FOR-US: TOTOLINK
 CVE-2025-45790 (TOTOLINK A3100R V5.9c.1527 is vulnerable to Buffer Overflow 
via the pr ...)
-       TODO: check
+       NOT-FOR-US: TOTOLINK
 CVE-2025-45789 (TOTOLINK A3100R V5.9c.1527 is vulnerable to buffer overflow 
via the ur ...)
-       TODO: check
+       NOT-FOR-US: TOTOLINK
 CVE-2025-45788 (TOTOLINK A3100R V5.9c.1527 is vulnerable to Buffer Overflow 
via the co ...)
-       TODO: check
+       NOT-FOR-US: TOTOLINK
 CVE-2025-45787 (TOTOLINK A3100R V5.9c.1527 is vulnerable to Buffer Overflow 
viathe com ...)
-       TODO: check
+       NOT-FOR-US: TOTOLINK
 CVE-2025-44023 (An issue in dlink DNS-320 v.1.00 and DNS-320LW 
v.1.01.0914.20212 allow ...)
-       TODO: check
+       NOT-FOR-US: D-Link
 CVE-2025-44021 (OpenStack Ironic before 29.0.1 can write unintended files to a 
target  ...)
        TODO: check
 CVE-2025-41450 (Improper Authentication vulnerability in Danfoss AKSM8xxA 
Series.This  ...)
-       TODO: check
+       NOT-FOR-US: Danfoss
 CVE-2025-40846 (Improper Input Validation, the returnUrl parameter in Account 
Security ...)
        TODO: check
 CVE-2025-3862 (Contest Gallery plugin for WordPress is vulnerable to Stored 
Cross-Sit ...)



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/160f4430b715fccda7d6ecb6d3e81bd828e47f7c

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/160f4430b715fccda7d6ecb6d3e81bd828e47f7c
You're receiving this email because of your account on salsa.debian.org.



_______________________________________________
debian-security-tracker-commits mailing list
debian-security-tracker-commits@alioth-lists.debian.net
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits