[Git][security-tracker-team/security-tracker][master] Process some NFUs

Salvatore Bonaccorso (@carnil) Wed, 13 Aug 2025 22:31:03 -0700


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker



Commits:
5b0c4a33 by Salvatore Bonaccorso at 2025-08-14T07:29:51+02:00
Process some NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -121,41 +121,41 @@ CVE-2025-52386 (CycloneDX Sunshine v0.9 is vulnerable to 
CSV Formula Injection v
 CVE-2025-52385 (An issue in Studio 3T v.2025.1.0 and before allows a remote 
attacker t ...)
        NOT-FOR-US: Studio 3T
 CVE-2025-51691 (Cross-Site Scripting (XSS) vulnerability found in MarkTwo 
commit e3a1d ...)
-       TODO: check
+       NOT-FOR-US: MarkTwoMarkTwo
 CVE-2025-51452 (In TOTOLINK A7000R firmware 9.1.0u.6115_B20201022, an attacker 
can byp ...)
        NOT-FOR-US: TOTOLINK
 CVE-2025-51451 (In TOTOLINK EX1200T firmware 4.1.2cu.5215, an attacker can 
bypass logi ...)
        NOT-FOR-US: TOTOLINK
 CVE-2025-50946 (OS Command Injection in Olivetin 2025.4.22 Custom Themes via 
the Parse ...)
-       TODO: check
+       NOT-FOR-US: Olivetin
 CVE-2025-50690 (A Cross-Site Scripting (XSS) vulnerability exists in 
SpatialReference. ...)
-       TODO: check
+       NOT-FOR-US: SpatialReference.org (OSGeo/spatialreference.org)
 CVE-2025-50635 (A null pointer dereference vulnerability was discovered in 
Netis WF278 ...)
-       TODO: check
+       NOT-FOR-US: Netis
 CVE-2025-50617 (A buffer overflow vulnerability has been discovered in Netis 
WF2880 v2 ...)
-       TODO: check
+       NOT-FOR-US: Netis
 CVE-2025-50616 (A buffer overflow vulnerability has been discovered in Netis 
WF2880 v2 ...)
-       TODO: check
+       NOT-FOR-US: Netis
 CVE-2025-50615 (A buffer overflow vulnerability has been discovered in Netis 
WF2880 v2 ...)
-       TODO: check
+       NOT-FOR-US: Netis
 CVE-2025-50614 (A buffer overflow vulnerability has been discovered in the 
Netis WF288 ...)
-       TODO: check
+       NOT-FOR-US: Netis
 CVE-2025-50613 (A buffer overflow vulnerability has been discovered in Netis 
WF2880 v2 ...)
-       TODO: check
+       NOT-FOR-US: Netis
 CVE-2025-50612 (A buffer overflow vulnerability has been discovered in the 
Netis WF288 ...)
-       TODO: check
+       NOT-FOR-US: Netis
 CVE-2025-50611 (A buffer overflow vulnerability has been discovered in Netis 
WF2880 v2 ...)
-       TODO: check
+       NOT-FOR-US: Netis
 CVE-2025-50610 (A buffer overflow vulnerability has been discovered in Netis 
WF2880 v2 ...)
-       TODO: check
+       NOT-FOR-US: Netis
 CVE-2025-50609 (A buffer overflow vulnerability has been discovered in Netis 
WF2880 v2 ...)
-       TODO: check
+       NOT-FOR-US: Netis
 CVE-2025-50608 (A buffer overflow vulnerability has been discovered in Netis 
WF2880 v2 ...)
-       TODO: check
+       NOT-FOR-US: Netis
 CVE-2025-50594 (An issue was discovered in 
/Code/Websites/DanpheEMR/Controllers/Settin ...)
-       TODO: check
+       NOT-FOR-US: Danphe Health Hospital Management System EMR
 CVE-2025-50251 (Server side request forgery (SSRF) vulnerability in makeplane 
plane 0. ...)
-       TODO: check
+       NOT-FOR-US: makeplane plane
 CVE-2025-48989 (Improper Resource Shutdown or Release vulnerability in Apache 
Tomcat m ...)
        - tomcat11 <unfixed>
        - tomcat10 <unfixed>
@@ -165,21 +165,21 @@ CVE-2025-48989 (Improper Resource Shutdown or Release 
vulnerability in Apache To
        NOTE: 
https://github.com/apache/tomcat/commit/73c04a10395774bda71a0b37802cf983662ce255
 (10.1.44)
        NOTE: 
https://github.com/apache/tomcat/commit/f36b8a4eea4ce8a0bc035079e1d259d29f5eb7bf
 (9.0.108)
 CVE-2025-48500 (A missing file integrity check vulnerability exists on MacOS 
F5 VPN br ...)
-       TODO: check
+       NOT-FOR-US: MacOS F5 VPN browser client installer
 CVE-2025-46405 (When Network Access is configured on a BIG-IP APM virtual 
server, undi ...)
        NOT-FOR-US: F5
 CVE-2025-45317 (A zip slip vulnerability in the /modules/ImportModule.php 
component of ...)
-       TODO: check
+       NOT-FOR-US: hortusfox-web
 CVE-2025-45316 (A cross-site scripting (XSS) vulnerability in the 
TextBlockModule.php  ...)
-       TODO: check
+       NOT-FOR-US: hortusfox-web
 CVE-2025-45315 (A cross-site scripting (XSS) vulnerability in the 
/controller/admin.ph ...)
-       TODO: check
+       NOT-FOR-US: hortusfox-web
 CVE-2025-45314 (A cross-site scripting (XSS) vulnerability in the /Calendar 
endpoint o ...)
-       TODO: check
+       NOT-FOR-US: hortusfox-web
 CVE-2025-45313 (A cross-site scripting (XSS) vulnerability in the /tasks 
endpoint of h ...)
-       TODO: check
+       NOT-FOR-US: hortusfox-web
 CVE-2025-43989 (The /goform/formJsonAjaxReq POST endpoint of Shenzhen Tuoshi 
NR500-EA  ...)
-       TODO: check
+       NOT-FOR-US: Shenzhen Tuoshi
 CVE-2025-43988 (KuWFi 5G01-X55 FL2020_V0.0.12 devices expose an 
unauthenticated API en ...)
        TODO: check
 CVE-2025-43986 (An issue was discovered on KuWFi GC111 
GC111-GL-LM321_V3.0_20191211 de ...)



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/5b0c4a3309922f03aed5c6041b27320da59ef8ca

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/5b0c4a3309922f03aed5c6041b27320da59ef8ca
You're receiving this email because of your account on salsa.debian.org.

_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

[Git][security-tracker-team/security-tracker][master] Process some NFUs

Reply via email to