[Git][security-tracker-team/security-tracker][master] automatic NOT-FOR-US entries update

Salvatore Bonaccorso (@carnil) Thu, 21 Aug 2025 14:30:59 -0700


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker



Commits:
14ad1181 by security tracker role at 2025-08-21T20:13:46+00:00
automatic NOT-FOR-US entries update

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,39 +1,39 @@
 CVE-2025-9311 (A vulnerability was identified in itsourcecode Apartment 
Management Sy ...)
-       TODO: check
+       NOT-FOR-US: itsourcecode System
 CVE-2025-9310 (A vulnerability was determined in yeqifu carRental up to 
3fabb7eae93d2 ...)
        TODO: check
 CVE-2025-9309 (A vulnerability was found in Tenda AC10 16.03.10.13. Affected 
is an un ...)
-       TODO: check
+       NOT-FOR-US: Tenda
 CVE-2025-9308 (A vulnerability has been found in yarnpkg Yarn up to 1.22.22. 
This imp ...)
        TODO: check
 CVE-2025-9307 (A flaw has been found in PHPGurukul Online Course Registration 
3.1. Th ...)
-       TODO: check
+       NOT-FOR-US: PHPGurukul
 CVE-2025-9306 (A vulnerability was detected in SourceCodester Advanced School 
Managem ...)
-       TODO: check
+       NOT-FOR-US: SourceCodester
 CVE-2025-9305 (A security vulnerability has been detected in SourceCodester 
Online Ba ...)
-       TODO: check
+       NOT-FOR-US: SourceCodester
 CVE-2025-9304 (A weakness has been identified in SourceCodester Online Bank 
Managemen ...)
-       TODO: check
+       NOT-FOR-US: SourceCodester
 CVE-2025-9303 (A security flaw has been discovered in TOTOLINK A720R 
4.1.5cu.630_B202 ...)
-       TODO: check
+       NOT-FOR-US: TOTOLINK
 CVE-2025-9302 (A vulnerability was identified in PHPGurukul User Management 
System 1. ...)
-       TODO: check
+       NOT-FOR-US: PHPGurukul
 CVE-2025-9301 (A vulnerability was determined in cmake 4.1.20250725-gb5cce23. 
This af ...)
        TODO: check
 CVE-2025-9300 (A vulnerability was found in saitoha libsixel up to 1.10.3. 
Affected b ...)
        TODO: check
 CVE-2025-9299 (A vulnerability has been found in Tenda M3 1.0.0.12. Affected 
by this  ...)
-       TODO: check
+       NOT-FOR-US: Tenda
 CVE-2025-9298 (A flaw has been found in Tenda M3 1.0.0.12. Affected is the 
function f ...)
-       TODO: check
+       NOT-FOR-US: Tenda
 CVE-2025-9297 (A vulnerability was detected in Tenda i22 1.0.0.3(4687). This 
impacts  ...)
-       TODO: check
+       NOT-FOR-US: Tenda
 CVE-2025-9296 (A security vulnerability has been detected in Emlog Pro up to 
2.5.18.  ...)
        TODO: check
 CVE-2025-8402 (Mattermost versions 10.8.x <= 10.8.3, 10.5.x <= 10.5.8, 9.11.x 
<= 9.11 ...)
        TODO: check
 CVE-2025-8064 (The Bible SuperSearch plugin for WordPress is vulnerable to 
Stored Cro ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2025-7969 (Improper Neutralization of Input During Web Page Generation 
(XSS or 'C ...)
        TODO: check
 CVE-2025-7051 (On N-central, it is possible for any authenticated user to 
read, write ...)
@@ -43,15 +43,15 @@ CVE-2025-6465 (Mattermost versions 10.8.x <= 10.8.3, 10.5.x 
<= 10.5.8, 10.10.x <
 CVE-2025-57768 (Phproject is a high performance full-featured project 
management syste ...)
        TODO: check
 CVE-2025-57765 (WeGIA is a Web manager for charitable institutions. Prior to 
3.4.7, a  ...)
-       TODO: check
+       NOT-FOR-US: WeGIA
 CVE-2025-57764 (WeGIA is a Web manager for charitable institutions. Prior to 
3.4.7, a  ...)
-       TODO: check
+       NOT-FOR-US: WeGIA
 CVE-2025-57763 (WeGIA is a Web manager for charitable institutions. Prior to 
3.4.7, th ...)
-       TODO: check
+       NOT-FOR-US: WeGIA
 CVE-2025-57762 (WeGIA is a Web manager for charitable institutions. Prior to 
3.4.7, th ...)
-       TODO: check
+       NOT-FOR-US: WeGIA
 CVE-2025-57761 (WeGIA is a Web manager for charitable institutions. Prior to 
3.4.10, t ...)
-       TODO: check
+       NOT-FOR-US: WeGIA
 CVE-2025-57755 (claude-code-router is a powerful tool to route Claude Code 
requests to ...)
        TODO: check
 CVE-2025-57754 (eslint-ban-moment is an Eslint plugin for final assignment in 
VIHU. In ...)
@@ -67,7 +67,7 @@ CVE-2025-55743 (UnoPim is an open-source Product Information 
Management (PIM) sy
 CVE-2025-55742 (UnoPim is an open-source Product Information Management (PIM) 
system b ...)
        TODO: check
 CVE-2025-55564 (Tenda AC15 v15.03.05.19_multi_TD01 has a stack overflow via 
the list p ...)
-       TODO: check
+       NOT-FOR-US: Tenda
 CVE-2025-55524 (Insecure permissions in Agent-Zero v0.8.* allow attackers to 
arbitrari ...)
        TODO: check
 CVE-2025-55523 (An issue in the component /api/download_work_dir_file.py of 
Agent-Zero ...)
@@ -111,11 +111,11 @@ CVE-2025-55103 (There is a stored Cross-site Scripting 
vulnerability in Esri Por
 CVE-2025-54460 (The vulnerability, if exploited, could allow an authenticated 
miscrean ...)
        TODO: check
 CVE-2025-53795 (Improper authorization in Microsoft PC Manager allows an 
unauthorized  ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2025-53763 (Improper access control in Azure Databricks allows an 
unauthorized att ...)
        TODO: check
 CVE-2025-53251 (Unrestricted Upload of File with Dangerous Type vulnerability 
in An-Th ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin or theme
 CVE-2025-52395 (An issue in Roadcute API v.1 allows a remote attacker to 
execute arbit ...)
        TODO: check
 CVE-2025-52352 (Aikaan IoT management platform v3.25.0325-5-g2e9c59796 
provides a conf ...)
@@ -135,19 +135,19 @@ CVE-2025-48956 (vLLM is an inference and serving engine 
for large language model
 CVE-2025-47184 (An XML external entities (XXE) injection vulnerability in the 
/init AP ...)
        TODO: check
 CVE-2025-43756 (<!--td {border: 1px solid #cccccc;}br 
{mso-data-placement:same-cell;}- ...)
-       TODO: check
+       NOT-FOR-US: Liferay
 CVE-2025-43755 (A Stored cross-site scripting vulnerability in the Liferay 
Portal 7.4. ...)
-       TODO: check
+       NOT-FOR-US: Liferay
 CVE-2025-43754 (Username enumeration vulnerability in Liferay Portal 7.4.0 
through 7.4 ...)
-       TODO: check
+       NOT-FOR-US: Liferay
 CVE-2025-41415 (The vulnerability, if exploited, could allow an authenticated 
miscrean ...)
        TODO: check
 CVE-2025-3128 (A remote unauthenticated attacker who has bypassed 
authentication coul ...)
        TODO: check
 CVE-2025-38743 (Dell iDRAC Service Module (iSM), versions prior to 6.0.3.0, 
contains a ...)
-       TODO: check
+       NOT-FOR-US: Dell / EMC
 CVE-2025-38742 (Dell iDRAC Service Module (iSM), versions prior to 6.0.3.0, 
contains a ...)
-       TODO: check
+       NOT-FOR-US: Dell / EMC
 CVE-2025-34158 (Plex Media Server (PMS) versions 1.41.7.x through 1.42.0.x are 
affecte ...)
        TODO: check
 CVE-2025-27721 (Unauthorized users can access INFINITT PACS System 
Managerwithout prop ...)



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/14ad11813becd7ce3f5cac087e682b19722d0a08

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/14ad11813becd7ce3f5cac087e682b19722d0a08
You're receiving this email because of your account on salsa.debian.org.

_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

[Git][security-tracker-team/security-tracker][master] automatic NOT-FOR-US entries update

Reply via email to