[Git][security-tracker-team/security-tracker][master] automatic NOT-FOR-US entries update

Salvatore Bonaccorso (@carnil) Wed, 03 Sep 2025 01:14:18 -0700


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker



Commits:
ae23e5f8 by security tracker role at 2025-09-03T08:14:04+00:00
automatic NOT-FOR-US entries update

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -3,39 +3,39 @@ CVE-2025-9848 (A security vulnerability has been detected in 
ScriptAndTools Real
 CVE-2025-9847 (A weakness has been identified in ScriptAndTools Real Estate 
Managemen ...)
        TODO: check
 CVE-2025-9845 (A vulnerability has been found in code-projects Fruit Shop 
Management  ...)
-       TODO: check
+       NOT-FOR-US: code-projects
 CVE-2025-9843 (A flaw has been found in Das Parking Management System 
\u505c\u8f66\u5 ...)
        TODO: check
 CVE-2025-9842 (A vulnerability was detected in Das Parking Management System 
\u505c\u ...)
        TODO: check
 CVE-2025-9841 (A security vulnerability has been detected in code-projects 
Mobile Sho ...)
-       TODO: check
+       NOT-FOR-US: code-projects
 CVE-2025-9840 (A weakness has been identified in itsourcecode Sports 
Management Syste ...)
-       TODO: check
+       NOT-FOR-US: itsourcecode System
 CVE-2025-9839 (A security flaw has been discovered in itsourcecode Student 
Informatio ...)
-       TODO: check
+       NOT-FOR-US: itsourcecode System
 CVE-2025-9838 (A vulnerability was identified in itsourcecode Student 
Information Man ...)
-       TODO: check
+       NOT-FOR-US: itsourcecode System
 CVE-2025-9837 (A vulnerability was determined in itsourcecode Student 
Information Man ...)
-       TODO: check
+       NOT-FOR-US: itsourcecode System
 CVE-2025-9836 (A vulnerability was found in macrozheng mall up to 1.0.3. This 
vulnera ...)
        TODO: check
 CVE-2025-9835 (A vulnerability has been found in macrozheng mall up to 1.0.3. 
This af ...)
        TODO: check
 CVE-2025-9834 (A flaw has been found in PHPGurukul Small CRM 4.0. Affected by 
this is ...)
-       TODO: check
+       NOT-FOR-US: PHPGurukul
 CVE-2025-9833 (A vulnerability was detected in SourceCodester Online Farm 
Management  ...)
-       TODO: check
+       NOT-FOR-US: SourceCodester
 CVE-2025-9832 (A security vulnerability has been detected in SourceCodester 
Food Orde ...)
-       TODO: check
+       NOT-FOR-US: SourceCodester
 CVE-2025-9831 (A weakness has been identified in PHPGurukul Beauty Parlour 
Management ...)
-       TODO: check
+       NOT-FOR-US: PHPGurukul
 CVE-2025-9817 (SSH dissector crash in Wireshark 4.4.0 to 4.4.8 allows denial 
of servi ...)
        TODO: check
 CVE-2025-9785 (PaperCut Print Deploy is an optional component that integrates 
with Pa ...)
        TODO: check
 CVE-2025-9378 (The Vayu Blocks \u2013 Website Builder for the Block Editor 
plugin for ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2025-9330 (Foxit PDF Reader Update Service Uncontrolled Search Path 
Element Local ...)
        TODO: check
 CVE-2025-9329 (Foxit PDF Reader PRC File Parsing Out-Of-Bounds Read Remote 
Code Execu ...)
@@ -53,7 +53,7 @@ CVE-2025-9324 (Foxit PDF Reader PRC File Parsing 
Out-Of-Bounds Read Information
 CVE-2025-9323 (Foxit PDF Reader JP2 File Parsing Out-Of-Bounds Read 
Information Discl ...)
        TODO: check
 CVE-2025-9260 (The Fluent Forms \u2013 Customizable Contact Forms, Survey, 
Quiz, & Co ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2025-8663 (Insertion of Sensitive Information into Log File vulnerability 
in upKe ...)
        TODO: check
 CVE-2025-58351 (Outline is a service that allows for collaborative 
documentation. In v ...)
@@ -61,7 +61,7 @@ CVE-2025-58351 (Outline is a service that allows for 
collaborative documentation
 CVE-2025-58272 (Cross-site request forgery vulnerability exists in Web Caster 
V130 ver ...)
        TODO: check
 CVE-2025-58210 (Missing Authorization vulnerability in ThemeMove Makeaholic 
allows Exp ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin or theme
 CVE-2025-58176 (Dive is an open-source MCP Host Desktop Application that 
enables integ ...)
        TODO: check
 CVE-2025-58170
@@ -125,39 +125,39 @@ CVE-2025-22417 (In finishTransition of Transition.java, 
there is a possible way
 CVE-2025-22416 (In onCreate of ChooserActivity.java , there is a possible way 
to view  ...)
        TODO: check
 CVE-2025-21041 (Insecure Storage of Sensitive Information in Secure Folder 
prior to An ...)
-       TODO: check
+       NOT-FOR-US: Samsung Mobile
 CVE-2025-21040 (Improper verification of intent by ExternalBroadcastReceiver 
in S Assi ...)
-       TODO: check
+       NOT-FOR-US: Samsung Mobile
 CVE-2025-21039 (Improper verification of intent by 
SystemExceptionalBroadcastReceiver  ...)
-       TODO: check
+       NOT-FOR-US: Samsung Mobile
 CVE-2025-21038 (Improper verification of intent by 
SamsungExceptionalBroadcastReceiver ...)
-       TODO: check
+       NOT-FOR-US: Samsung Mobile
 CVE-2025-21037 (Improper access control in Samsung Notes prior to version 
4.4.30.63 al ...)
-       TODO: check
+       NOT-FOR-US: Samsung Mobile
 CVE-2025-21036 (Improper access control in Samsung Notes prior to version 
4.4.30.63 al ...)
-       TODO: check
+       NOT-FOR-US: Samsung Mobile
 CVE-2025-21035 (Improper access control in Samsung Calendar prior to version 
12.5.06.5 ...)
-       TODO: check
+       NOT-FOR-US: Samsung Mobile
 CVE-2025-21034 (Out-of-bounds write in libsavsvc.so prior to SMR Sep-2025 
Release 1 al ...)
-       TODO: check
+       NOT-FOR-US: Samsung Mobile
 CVE-2025-21033 (Improper access control in ContactProvider prior to SMR 
Sep-2025 Relea ...)
-       TODO: check
+       NOT-FOR-US: Samsung Mobile
 CVE-2025-21032 (Improper access control in One UI Home prior to SMR Sep-2025 
Release 1 ...)
-       TODO: check
+       NOT-FOR-US: Samsung Mobile
 CVE-2025-21031 (Improper access control in ImsService prior to SMR Sep-2025 
Release 1  ...)
-       TODO: check
+       NOT-FOR-US: Samsung Mobile
 CVE-2025-21030 (Improper handling of insufficient permission in 
AppPrelaunchManagerSer ...)
-       TODO: check
+       NOT-FOR-US: Samsung Mobile
 CVE-2025-21029 (Improper handling of insufficient permission in System UI 
prior to SMR ...)
-       TODO: check
+       NOT-FOR-US: Samsung Mobile
 CVE-2025-21028 (Improper privilege management in ThemeManager prior to SMR 
Sep-2025 Re ...)
-       TODO: check
+       NOT-FOR-US: Samsung Mobile
 CVE-2025-21027 (Improper verification of intent by broadcast receiver in 
ImsService pr ...)
-       TODO: check
+       NOT-FOR-US: Samsung Mobile
 CVE-2025-21026 (Improper handling of insufficient permission in ImsService 
prior to SM ...)
-       TODO: check
+       NOT-FOR-US: Samsung Mobile
 CVE-2025-21025 (Improper access control in MARsExemptionManager prior to SMR 
Sep-2025  ...)
-       TODO: check
+       NOT-FOR-US: Samsung Mobile
 CVE-2024-49730 (In FuseDaemon.cpp, there is a possible out of bounds write due 
to memo ...)
        TODO: check
 CVE-2024-49728 (In generateFileInfo of BluetoothOppSendFileInfo.java, there is 
a possi ...)
@@ -169,9 +169,9 @@ CVE-2024-49720 (In multiple functions of Permissions.java, 
there is a possible w
 CVE-2024-40653 (In multiple functions of ConnectionServiceWrapper.java, there 
is a pos ...)
        TODO: check
 CVE-2024-32444 (Incorrect Privilege Assignment vulnerability in InspiryThemes 
RealHome ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin or theme
 CVE-2023-3666 (The Sticky Side Buttons WordPress plugin before 2.0.0 does not 
sanitis ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2025-9714
        - libxml2 2.14.5+dfsg-0.1
        NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=2392605
@@ -253194,41 +253194,41 @@ CVE-2023-21485 (Improper export of android 
application components vulnerability
 CVE-2023-21484 (Improper access control vulnerability in AppLock prior to SMR 
May-2023 ...)
        NOT-FOR-US: Samsung
 CVE-2023-21483 (Improper Access Control vulnerability in Galaxy Store prior to 
version ...)
-       TODO: check
+       NOT-FOR-US: Samsung Mobile
 CVE-2023-21482 (Missing authorization vulnerability in Camera prior to 
versions 11.1.0 ...)
-       TODO: check
+       NOT-FOR-US: Samsung Mobile
 CVE-2023-21481 (Improper URL input validation vulnerability in Samsung Account 
applica ...)
-       TODO: check
+       NOT-FOR-US: Samsung Mobile
 CVE-2023-21480 (Improper input validation vulnerability in CertByte prior to 
SMR Apr-2 ...)
-       TODO: check
+       NOT-FOR-US: Samsung Mobile
 CVE-2023-21479 (Improper authorization in Smart suggestions prior to SMR 
Apr-2023 Rele ...)
-       TODO: check
+       NOT-FOR-US: Samsung Mobile
 CVE-2023-21478 (Improper input validation vulnerability in TIGERF trustlet 
prior to SM ...)
-       TODO: check
+       NOT-FOR-US: Samsung Mobile
 CVE-2023-21477 (Access of Memory Location After End of Buffer vulnerability in 
TIGERF  ...)
-       TODO: check
+       NOT-FOR-US: Samsung Mobile
 CVE-2023-21476 (Out-of-bounds Write vulnerability in libaudiosaplus_sec.so 
library pri ...)
-       TODO: check
+       NOT-FOR-US: Samsung Mobile
 CVE-2023-21475 (Out-of-bounds Write vulnerability in libaudiosaplus_sec.so 
library pri ...)
-       TODO: check
+       NOT-FOR-US: Samsung Mobile
 CVE-2023-21474 (Intent redirection vulnerability in SecSettings prior to SMR 
Apr-2022  ...)
-       TODO: check
+       NOT-FOR-US: Samsung Mobile
 CVE-2023-21473 (Improper input validation with Exynos Fastboot USB Interface 
prior to  ...)
-       TODO: check
+       NOT-FOR-US: Samsung Mobile
 CVE-2023-21472 (Improper input validation with Exynos Fastboot USB Interface 
prior to  ...)
-       TODO: check
+       NOT-FOR-US: Samsung Mobile
 CVE-2023-21471 (Improper access control vulnerability in SemClipboard prior to 
SMR Apr ...)
-       TODO: check
+       NOT-FOR-US: Samsung Mobile
 CVE-2023-21470 (Improper access control vulnerability in SLocation prior to 
SMR Apr-20 ...)
-       TODO: check
+       NOT-FOR-US: Samsung Mobile
 CVE-2023-21469 (Improper access control vulnerability in SLocation prior to 
SMR Apr-20 ...)
-       TODO: check
+       NOT-FOR-US: Samsung Mobile
 CVE-2023-21468 (Improper access control vulnerability in Telephony prior to 
SMR Apr-20 ...)
-       TODO: check
+       NOT-FOR-US: Samsung Mobile
 CVE-2023-21467 (Error in 3GPP specification implementation in Exynos baseband 
prior to ...)
-       TODO: check
+       NOT-FOR-US: Samsung Mobile
 CVE-2023-21466 (PendingIntent hijacking vulnerability in CertificatePolicy in 
framewor ...)
-       TODO: check
+       NOT-FOR-US: Samsung Mobile
 CVE-2023-21465 (Improper access control vulnerability in BixbyTouch prior to 
version 3 ...)
        NOT-FOR-US: Samsung
 CVE-2023-21464 (Improper access control in Samsung Calendar prior to versions 
12.4.02. ...)



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/ae23e5f85818eeacac0712ec87cf89d63146fc18

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/ae23e5f85818eeacac0712ec87cf89d63146fc18
You're receiving this email because of your account on salsa.debian.org.

_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

[Git][security-tracker-team/security-tracker][master] automatic NOT-FOR-US entries update

Reply via email to