[Git][security-tracker-team/security-tracker][master] automatic NOT-FOR-US entries update

Salvatore Bonaccorso (@carnil) Wed, 13 Aug 2025 13:13:34 -0700


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker



Commits:
9c51dbac by security tracker role at 2025-08-13T20:13:13+00:00
automatic NOT-FOR-US entries update

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -3,11 +3,11 @@ CVE-2025-8941 (A flaw was found in linux-pam. The 
pam_namespace module may impro
 CVE-2025-8927 (A vulnerability was determined in mtons mblog up to 3.5.0. 
Affected by ...)
        TODO: check
 CVE-2025-8926 (A vulnerability was found in SourceCodester COVID 19 Testing 
Managemen ...)
-       TODO: check
+       NOT-FOR-US: SourceCodester
 CVE-2025-8925 (A vulnerability has been found in itsourcecode Sports 
Management Syste ...)
-       TODO: check
+       NOT-FOR-US: itsourcecode System
 CVE-2025-8924 (A vulnerability was identified in Campcodes Online Water 
Billing Syste ...)
-       TODO: check
+       NOT-FOR-US: Campcodes
 CVE-2025-8923 (A vulnerability was determined in code-projects Job Diary 1.0. 
This vu ...)
        TODO: check
 CVE-2025-8922 (A vulnerability was found in code-projects Job Diary 1.0. This 
affects ...)
@@ -15,11 +15,11 @@ CVE-2025-8922 (A vulnerability was found in code-projects 
Job Diary 1.0. This af
 CVE-2025-8921 (A vulnerability has been found in code-projects Job Diary 1.0. 
Affecte ...)
        TODO: check
 CVE-2025-8920 (A vulnerability was identified in Portabilis i-Diario 1.6. 
Affected by ...)
-       TODO: check
+       NOT-FOR-US: Portabilis
 CVE-2025-8919 (A vulnerability was determined in Portabilis i-Diario up to 
1.6. Affec ...)
-       TODO: check
+       NOT-FOR-US: Portabilis
 CVE-2025-8918 (A vulnerability was found in Portabilis i-Educar up to 2.10. 
This issu ...)
-       TODO: check
+       NOT-FOR-US: Portabilis
 CVE-2025-8916 (Allocation of Resources Without Limits or Throttling 
vulnerability in  ...)
        TODO: check
 CVE-2025-8914 (Organization Portal System developed by WellChoose has a SQL 
Injection ...)
@@ -39,11 +39,11 @@ CVE-2025-8908 (A vulnerability was determined in Shanghai 
Lingdang Information T
 CVE-2025-8907 (A vulnerability was found in H3C M2 NAS V100R006. Affected by 
this vul ...)
        TODO: check
 CVE-2025-8904 (Amazon EMR Secret Agent creates a keytab file containing 
Kerberos cred ...)
-       TODO: check
+       NOT-FOR-US: Amazon
 CVE-2025-8770 (An issue has been discovered in GitLab EE affecting all 
versions from  ...)
        TODO: check
 CVE-2025-8754 (Missing Authentication for Critical Function vulnerability in 
ABB ABB  ...)
-       TODO: check
+       NOT-FOR-US: ABB group
 CVE-2025-8671 (A mismatch caused by client-triggered server-sent stream resets 
betwee ...)
        TODO: check
 CVE-2025-7739 (An issue has been discovered in GitLab CE/EE affecting all 
versions fr ...)
@@ -87,7 +87,7 @@ CVE-2025-54382 (Cherry Studio is a desktop client that 
supports for multiple LLM
 CVE-2025-54074 (Cherry Studio is a desktop client that supports for multiple 
LLM provi ...)
        TODO: check
 CVE-2025-52585 (When a BIG-IP LTM Client SSL profile is configured on a 
virtual server ...)
-       TODO: check
+       NOT-FOR-US: F5
 CVE-2025-52392 (Soosyze CMS 2.0 allows brute-force login attacks via the 
/user/login e ...)
        TODO: check
 CVE-2025-52386 (CycloneDX Sunshine v0.9 is vulnerable to CSV Formula Injection 
via a c ...)
@@ -97,9 +97,9 @@ CVE-2025-52385 (An issue in Studio 3T v.2025.1.0 and before 
allows a remote atta
 CVE-2025-51691 (Cross-Site Scripting (XSS) vulnerability found in MarkTwo 
commit e3a1d ...)
        TODO: check
 CVE-2025-51452 (In TOTOLINK A7000R firmware 9.1.0u.6115_B20201022, an attacker 
can byp ...)
-       TODO: check
+       NOT-FOR-US: TOTOLINK
 CVE-2025-51451 (In TOTOLINK EX1200T firmware 4.1.2cu.5215, an attacker can 
bypass logi ...)
-       TODO: check
+       NOT-FOR-US: TOTOLINK
 CVE-2025-50946 (OS Command Injection in Olivetin 2025.4.22 Custom Themes via 
the Parse ...)
        TODO: check
 CVE-2025-50690 (A Cross-Site Scripting (XSS) vulnerability exists in 
SpatialReference. ...)
@@ -135,7 +135,7 @@ CVE-2025-48989 (Improper Resource Shutdown or Release 
vulnerability in Apache To
 CVE-2025-48500 (A missing file integrity check vulnerability exists on MacOS 
F5 VPN br ...)
        TODO: check
 CVE-2025-46405 (When Network Access is configured on a BIG-IP APM virtual 
server, undi ...)
-       TODO: check
+       NOT-FOR-US: F5
 CVE-2025-45317 (A zip slip vulnerability in the /modules/ImportModule.php 
component of ...)
        TODO: check
 CVE-2025-45316 (A cross-site scripting (XSS) vulnerability in the 
TextBlockModule.php  ...)
@@ -165,15 +165,15 @@ CVE-2025-2614 (An issue has been discovered in GitLab 
CE/EE affecting all versio
 CVE-2025-2498 (An improper access control in Gitlab EE affecting all versions 
from 12 ...)
        TODO: check
 CVE-2025-2184 (A credential management flaw in Palo Alto Networks Cortex 
XDR\xae Brok ...)
-       TODO: check
+       NOT-FOR-US: Palo Alto Networks
 CVE-2025-2183 (An insufficient certificate validation issue in the Palo Alto 
Networks ...)
-       TODO: check
+       NOT-FOR-US: Palo Alto Networks
 CVE-2025-2182 (A problem with the implementation of the MACsec protocol in 
Palo Alto  ...)
-       TODO: check
+       NOT-FOR-US: Palo Alto Networks
 CVE-2025-2181 (A sensitive information disclosure vulnerability in Palo Alto 
Networks ...)
-       TODO: check
+       NOT-FOR-US: Palo Alto Networks
 CVE-2025-2180 (An unsafe deserialization vulnerability in Palo Alto Networks 
Checkov  ...)
-       TODO: check
+       NOT-FOR-US: Palo Alto Networks
 CVE-2025-23306 (NVIDIA Megatron-LM for all platforms contains a vulnerability 
in the m ...)
        TODO: check
 CVE-2025-23305 (NVIDIA Megatron-LM for all platforms contains a vulnerability 
in the t ...)
@@ -193,7 +193,7 @@ CVE-2025-23294 (NVIDIA WebDataset for all platforms 
contains a vulnerability whe
 CVE-2025-1477 (An issue has been discovered in GitLab CE/EE affecting all 
versions fr ...)
        TODO: check
 CVE-2024-5477 (A potential security vulnerability has been identified in the 
System B ...)
-       TODO: check
+       NOT-FOR-US: HP
 CVE-2024-12303 (An issue has been discovered in GitLab CE/EE affecting all 
versions fr ...)
        TODO: check
 CVE-2024-10219 (An issue has been discovered in GitLab CE/EE affecting all 
versions fr ...)



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/9c51dbac255181b78961f1a73a4cb23579df0985

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/9c51dbac255181b78961f1a73a4cb23579df0985
You're receiving this email because of your account on salsa.debian.org.

_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

[Git][security-tracker-team/security-tracker][master] automatic NOT-FOR-US entries update

Reply via email to