[Git][security-tracker-team/security-tracker][master] Process some NFUs

Salvatore Bonaccorso (@carnil) Thu, 07 Aug 2025 12:00:42 -0700


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker



Commits:
33f83df9 by Salvatore Bonaccorso at 2025-08-07T21:00:14+02:00
Process some NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -141,17 +141,17 @@ CVE-2025-48394 (An attacker with authenticated and 
privileged access could modif
 CVE-2025-48393 (The server identity check mechanism for firmware upgrade 
performed via ...)
        NOT-FOR-US: Eaton
 CVE-2025-46391 (CWE-284: Improper Access Control)
-       TODO: check
+       NOT-FOR-US: Emby MediaBrowser
 CVE-2025-46390 (CWE-204: Observable Response Discrepancy)
-       TODO: check
+       NOT-FOR-US: Emby MediaBrowser
 CVE-2025-46389 (CWE-620: Unverified Password Change)
-       TODO: check
+       NOT-FOR-US: Emby MediaBrowser
 CVE-2025-46388 (CWE-200 Exposure of Sensitive Information to an Unauthorized 
Actor)
-       TODO: check
+       NOT-FOR-US: Emby MediaBrowser
 CVE-2025-46387 (CWE-639 Authorization Bypass Through User-Controlled Key)
-       TODO: check
+       NOT-FOR-US: Emby MediaBrowser
 CVE-2025-46386 (CWE-639 Authorization Bypass Through User-Controlled Key)
-       TODO: check
+       NOT-FOR-US: Emby MediaBrowser
 CVE-2025-45766 (poco v1.14.1-release was discovered to contain weak 
encryption.)
        - poco <undetermined>
        NOTE: https://github.com/pocoproject/poco/issues/4921
@@ -171,7 +171,7 @@ CVE-2025-36020 (IBM Guardium Data Protection could allow a 
remote attacker to ob
 CVE-2025-30127 (An issue was discovered on Marbella KR8s Dashcam FF 2.0.8 
devices. Onc ...)
        NOT-FOR-US: Marbella KR8s Dashcam FF
 CVE-2025-2028 (Lack of TLS validation when downloading a CSV file including 
mapping f ...)
-       TODO: check
+       NOT-FOR-US: Check Point
 CVE-2025-23335 (NVIDIA Triton Inference Server for Windows and Linux and the 
Tensor RT ...)
        NOT-FOR-US: NVIDIA
 CVE-2025-23334 (NVIDIA Triton Inference Server for Windows and Linux contains 
a vulner ...)



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/33f83df9e977ad58633529d061ba24d67520f094

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/33f83df9e977ad58633529d061ba24d67520f094
You're receiving this email because of your account on salsa.debian.org.

_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

[Git][security-tracker-team/security-tracker][master] Process some NFUs

Reply via email to