[Git][security-tracker-team/security-tracker][master] Process some NFUs

Salvatore Bonaccorso (@carnil) Wed, 30 Jul 2025 13:58:54 -0700


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker



Commits:
2c2b5e6d by Salvatore Bonaccorso at 2025-07-30T22:58:21+02:00
Process some NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -3,9 +3,9 @@ CVE-2025-8353 (UI synchronization issue in the Just-in-Time 
(JIT) access request
 CVE-2025-8331 (A vulnerability was found in code-projects Online Farm System 
1.0 and  ...)
        NOT-FOR-US: code-projects
 CVE-2025-8330 (A vulnerability has been found in code-projects Vehicle 
Management 1.0 ...)
-       TODO: check
+       NOT-FOR-US: code-projects Vehicle Management
 CVE-2025-8329 (A vulnerability, which was classified as critical, was found in 
code-p ...)
-       TODO: check
+       NOT-FOR-US: code-projects Vehicle Management
 CVE-2025-8328 (A vulnerability, which was classified as critical, has been 
found in c ...)
        NOT-FOR-US: code-projects
 CVE-2025-8327 (A vulnerability classified as critical was found in 
code-projects Exam ...)
@@ -19,23 +19,23 @@ CVE-2025-6348 (The Smart Slider 3 plugin for WordPress is 
vulnerable to time-bas
 CVE-2025-54656 (** UNSUPPORTED WHEN ASSIGNED ** Improper Output Neutralization 
for Log ...)
        TODO: check
 CVE-2025-54584 (GitProxy is an application that stands between developers and 
a Git re ...)
-       TODO: check
+       NOT-FOR-US: GitProxy
 CVE-2025-54583 (GitProxy is an application that stands between developers and 
a Git re ...)
-       TODO: check
+       NOT-FOR-US: GitProxy
 CVE-2025-54582
        REJECTED
 CVE-2025-54581 (vproxy is an HTTP/HTTPS/SOCKS5 proxy server. In versions 2.3.3 
and bel ...)
-       TODO: check
+       NOT-FOR-US: vproxy
 CVE-2025-54576 (OAuth2-Proxy is an open-source tool that can act as either a 
standalon ...)
        TODO: check
 CVE-2025-54575 (ImageSharp is a 2D graphics library. In versions below 2.1.11 
and 3.0. ...)
-       TODO: check
+       NOT-FOR-US: ImageSharp
 CVE-2025-54573 (CVAT is an open source interactive video and image annotation 
tool for ...)
-       TODO: check
+       NOT-FOR-US: Computer Vision Annotation Tool (CVAT)
 CVE-2025-54572 (The Ruby SAML library is for implementing the client side of a 
SAML au ...)
        TODO: check
 CVE-2025-54433 (Bugsink is a self-hosted error tracking service. In versions 
1.4.2 and ...)
-       TODO: check
+       NOT-FOR-US: Bugsink
 CVE-2025-54430 (dedupe is a python library that uses machine learning to 
perform fuzzy ...)
        TODO: check
 CVE-2025-54425 (Umbraco is an ASP.NET CMS. In versions 13.0.0 through 13.9.2, 
15.0.0 t ...)
@@ -45,7 +45,7 @@ CVE-2025-54410 (Moby is an open source container framework 
developed by Docker I
 CVE-2025-54388 (Moby is an open source container framework developed by Docker 
Inc. th ...)
        TODO: check
 CVE-2025-53944 (AutoGPT is a platform that allows users to create, deploy, and 
manage  ...)
-       TODO: check
+       NOT-FOR-US: AutoGPT
 CVE-2025-53357 (GLPI, which stands for Gestionnaire Libre de Parc 
Informatique, is a F ...)
        TODO: check
 CVE-2025-53113 (GLPI, which stands for Gestionnaire Libre de Parc 
Informatique, is a F ...)
@@ -63,25 +63,25 @@ CVE-2025-52897 (GLPI is a Free Asset and IT Management 
Software package. In vers
 CVE-2025-52567 (GLPI is a Free Asset and IT Management Software package, Data 
center m ...)
        TODO: check
 CVE-2025-52187 (GetProjectsIdea Create School Management System 1.0 is 
vulnerable to C ...)
-       TODO: check
+       NOT-FOR-US: GetProjectsIdea Create School Management System
 CVE-2025-51954 (playground.electronhub.ai v1.1.9 was discovered to contain a 
cross-sit ...)
-       TODO: check
+       NOT-FOR-US: playground.electronhub.ai
 CVE-2025-51951 (andisearch v0.5.249 was discovered to contain a cross-site 
scripting ( ...)
-       TODO: check
+       NOT-FOR-US: andisearch
 CVE-2025-50777 (The firmware of the AZIOT 2MP Full HD Smart Wi-Fi CCTV Home 
Security C ...)
-       TODO: check
+       NOT-FOR-US: AZIOT
 CVE-2025-50578 (LinuxServer.io heimdall 2.6.3-ls307 contains a vulnerability 
in how it ...)
-       TODO: check
+       NOT-FOR-US: Linux Server Heimdall
 CVE-2025-50464 (A buffer overflow vulnerability exists in the upload.cgi 
module of the ...)
-       TODO: check
+       NOT-FOR-US: iptime NAS firmware
 CVE-2025-47001 (Adobe Experience Manager versions 6.5.22 and earlier are 
affected by a ...)
        NOT-FOR-US: Adobe
 CVE-2025-46811 (A Missing Authentication for Critical Function vulnerability 
in SUSE M ...)
        TODO: check
 CVE-2025-45620 (An issue in Aver PTC310UV2 v.0.1.0000.59 allows a remote 
attacker to o ...)
-       TODO: check
+       NOT-FOR-US: Aver
 CVE-2025-45619 (An issue in Aver PTC310UV2 firmware v.0.1.0000.59 allows a 
remote atta ...)
-       TODO: check
+       NOT-FOR-US: Aver
 CVE-2025-43018 (Certain HP LaserJet Pro printers may be vulnerable to 
information disc ...)
        NOT-FOR-US: HP
 CVE-2025-36611 (Dell Encryption and Dell Security Management Server, versions 
prior to ...)
@@ -99,15 +99,15 @@ CVE-2025-30103 (Dell SmartFabric OS10 Software, versions 
prior to 10.6.0.5 conta
 CVE-2025-26332 (TechAdvisor versions 2.6 through 3.37-30 for Dell XtremIO X2, 
contain( ...)
        NOT-FOR-US: Dell / EMC
 CVE-2025-25692 (A PHAR deserialization vulnerability in the _getHeaders 
function of Pr ...)
-       TODO: check
+       NOT-FOR-US: PrestaShop
 CVE-2025-25691 (A PHAR deserialization vulnerability in the component 
/themes/import o ...)
-       TODO: check
+       NOT-FOR-US: PrestaShop
 CVE-2025-1394 (Failure to handle the error status returned by the buffer 
management A ...)
        NOT-FOR-US: Silicon Labs
 CVE-2025-1221 (A Zigbee Radio Co-Processor (RCP), which is using SiLabs 
EmberZNet Zig ...)
        NOT-FOR-US: Silicon Labs
 CVE-2024-45955 (Rocket Software Rocket Zena 4.4.1.26 is vulnerable to SQL 
Injection vi ...)
-       TODO: check
+       NOT-FOR-US: Rocket Software Rocket Zena
 CVE-2024-45515 (An issue was discovered in Zimbra Collaboration (ZCS) through 
10.1. A  ...)
        NOT-FOR-US: Zimbra
 CVE-2023-2593 (A flaw exists within the Linux kernel's handling of new TCP 
connection ...)



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/2c2b5e6deece2f12b570ca3dbdf5137a3536908e

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/2c2b5e6deece2f12b570ca3dbdf5137a3536908e
You're receiving this email because of your account on salsa.debian.org.

_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

[Git][security-tracker-team/security-tracker][master] Process some NFUs

Reply via email to