[Git][security-tracker-team/security-tracker][master] Process some NFUs

Salvatore Bonaccorso (@carnil) Thu, 31 Jul 2025 01:20:21 -0700


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker



Commits:
238e00b7 by Salvatore Bonaccorso at 2025-07-31T10:19:52+02:00
Process some NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,33 +1,33 @@
 CVE-2025-8373 (A vulnerability was found in code-projects Vehicle Management 
1.0. It  ...)
-       TODO: check
+       NOT-FOR-US: code-projects Vehicle Management
 CVE-2025-8372 (A vulnerability was found in code-projects Exam Form Submission 
1.0 an ...)
        NOT-FOR-US: code-projects
 CVE-2025-8371 (A vulnerability has been found in code-projects Exam Form 
Submission 1 ...)
        NOT-FOR-US: code-projects
 CVE-2025-8370 (A vulnerability, which was classified as problematic, was found 
in Por ...)
-       TODO: check
+       NOT-FOR-US: Portabilis i-Educar
 CVE-2025-8369 (A vulnerability, which was classified as problematic, has been 
found i ...)
-       TODO: check
+       NOT-FOR-US: Portabilis i-Educar
 CVE-2025-8368 (A vulnerability classified as problematic was found in 
Portabilis i-Ed ...)
-       TODO: check
+       NOT-FOR-US: Portabilis i-Educar
 CVE-2025-8367 (A vulnerability classified as problematic has been found in 
Portabilis ...)
-       TODO: check
+       NOT-FOR-US: Portabilis i-Educar
 CVE-2025-8366 (A vulnerability was found in Portabilis i-Educar 2.9. It has 
been rate ...)
-       TODO: check
+       NOT-FOR-US: Portabilis i-Educar
 CVE-2025-8365 (A vulnerability was found in Portabilis i-Educar 2.10. It has 
been dec ...)
-       TODO: check
+       NOT-FOR-US: Portabilis i-Educar
 CVE-2025-8348 (A vulnerability has been found in Kehua Charging Pile Cloud 
Platform 1 ...)
-       TODO: check
+       NOT-FOR-US: Kehua Charging Pile Cloud Platform
 CVE-2025-8347 (A vulnerability, which was classified as critical, was found in 
Kehua  ...)
-       TODO: check
+       NOT-FOR-US: Kehua Charging Pile Cloud Platform
 CVE-2025-8346 (A vulnerability, which was classified as problematic, has been 
found i ...)
-       TODO: check
+       NOT-FOR-US: Portabilis i-Educar
 CVE-2025-8345 (A vulnerability classified as critical was found in Shanghai 
Lingdang  ...)
-       TODO: check
+       NOT-FOR-US: Shanghai Lingdang Information Technology Lingdang CRM
 CVE-2025-8344 (A vulnerability classified as critical has been found in 
openviglet sh ...)
-       TODO: check
+       NOT-FOR-US: openviglet shio
 CVE-2025-8343 (A vulnerability was found in openviglet shio up to 0.3.8. It 
has been  ...)
-       TODO: check
+       NOT-FOR-US: openviglet shio
 CVE-2025-8340 (A vulnerability was found in code-projects Intern Membership 
Managemen ...)
        NOT-FOR-US: code-projects
 CVE-2025-8339 (A vulnerability was found in code-projects Intern Membership 
Managemen ...)
@@ -69,17 +69,17 @@ CVE-2025-54824
 CVE-2025-54823
        REJECTED
 CVE-2025-54757 (Multiple versions of PowerCMS allow unrestricted upload of 
dangerous f ...)
-       TODO: check
+       NOT-FOR-US: PowerCMS
 CVE-2025-54752 (Multiple versions of PowerCMS improperly neutralize formula 
elements i ...)
-       TODO: check
+       NOT-FOR-US: PowerCMS
 CVE-2025-54586 (GitProxy is an application that stands between developers and 
a Git re ...)
-       TODO: check
+       NOT-FOR-US: GitProxy
 CVE-2025-54585 (GitProxy is an application that stands between developers and 
a Git re ...)
-       TODO: check
+       NOT-FOR-US: GitProxy
 CVE-2025-54085 (CVE-2025-54085 is a vulnerability in the management console of 
Absolut ...)
        NOT-FOR-US: Absolute Software
 CVE-2025-53558 (ZXHN-F660T and ZXHN-F660A provided by ZTE Japan K.K. use a 
common cred ...)
-       TODO: check
+       NOT-FOR-US: ZTE
 CVE-2025-49084 (CVE-2025-49084 is a vulnerability in the management console of 
Absolut ...)
        NOT-FOR-US: Absolute Software
 CVE-2025-49083 (CVE-2025-49083 is a vulnerability in the management console of 
Absolut ...)
@@ -87,13 +87,13 @@ CVE-2025-49083 (CVE-2025-49083 is a vulnerability in the 
management console of A
 CVE-2025-49082 (CVE-2025-49082 is a vulnerability in the management console of 
Absolut ...)
        NOT-FOR-US: Absolute Software
 CVE-2025-46359 (A path traversal issue exists in backup and restore feature of 
multipl ...)
-       TODO: check
+       NOT-FOR-US: PowerCMS
 CVE-2025-41396 (A path traversal issue exists in file uploading feature of 
multiple ve ...)
-       TODO: check
+       NOT-FOR-US: PowerCMS
 CVE-2025-41391 (Stored cross-site scripting vulnerability exists in multiple 
versions  ...)
-       TODO: check
+       NOT-FOR-US: PowerCMS
 CVE-2025-36563 (Reflected cross-site scripting vulnerability exists in 
multiple versio ...)
-       TODO: check
+       NOT-FOR-US: PowerCMS
 CVE-2025-36040 (IBM Aspera Faspex 5.0.0 through 5.0.12.1 could allow an 
authenticated  ...)
        NOT-FOR-US: IBM
 CVE-2025-36039 (IBM Aspera Faspex 5.0.0 through 5.0.12.1 could allow an 
authenticated  ...)



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/238e00b7627861e032eeb946bb78afa58bee9738

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/238e00b7627861e032eeb946bb78afa58bee9738
You're receiving this email because of your account on salsa.debian.org.

_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

[Git][security-tracker-team/security-tracker][master] Process some NFUs

Reply via email to