[Git][security-tracker-team/security-tracker][master] automatic NOT-FOR-US entries update

Salvatore Bonaccorso (@carnil) Fri, 17 Oct 2025 16:58:51 -0700


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker



Commits:
c0d0cb15 by security tracker role at 2025-10-06T08:13:46+00:00
automatic NOT-FOR-US entries update

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,37 +1,37 @@
 CVE-2025-9914 (The credentials of the users stored in the system's local 
database can ...)
-       TODO: check
+       NOT-FOR-US: SICK AG
 CVE-2025-9913 (JavaScript can be ran inside the address bar via the dashboard 
"Open i ...)
-       TODO: check
+       NOT-FOR-US: SICK AG
 CVE-2025-9710 (The Responsive Lightbox & Gallery WordPress plugin before 2.5.3 
does n ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2025-9703 (The Ultimate Addons for Elementor (Formerly Elementor Header & 
Footer  ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2025-58591 (A remote, unauthorized attacker can brute force folders and 
files and  ...)
-       TODO: check
+       NOT-FOR-US: SICK AG
 CVE-2025-58590 (It's possible to brute force folders and files, what can be 
used by an ...)
-       TODO: check
+       NOT-FOR-US: SICK AG
 CVE-2025-58589 (When an error occurs in the application a full stacktrace is 
provided  ...)
-       TODO: check
+       NOT-FOR-US: SICK AG
 CVE-2025-58587 (The application does not implement sufficient measures to 
prevent mult ...)
-       TODO: check
+       NOT-FOR-US: SICK AG
 CVE-2025-58586 (For failed login attempts, the application returns different 
error mes ...)
-       TODO: check
+       NOT-FOR-US: SICK AG
 CVE-2025-58585 (Multiple endpoints with sensitive information do not require 
authentic ...)
-       TODO: check
+       NOT-FOR-US: SICK AG
 CVE-2025-58584 (In the HTTP request, the username and password are transferred 
directl ...)
-       TODO: check
+       NOT-FOR-US: SICK AG
 CVE-2025-58583 (The  application  provides  access  to  a  login  protected  
H2  datab ...)
-       TODO: check
+       NOT-FOR-US: SICK AG
 CVE-2025-58582 (If a user tries to login but the provided credentials are 
incorrect a  ...)
-       TODO: check
+       NOT-FOR-US: SICK AG
 CVE-2025-58581 (When an error occurs in the application a full stacktrace is  
provided ...)
-       TODO: check
+       NOT-FOR-US: SICK AG
 CVE-2025-58580 (An API  endpoint  allows  arbitrary  log  entries  to  be  
created  vi ...)
-       TODO: check
+       NOT-FOR-US: SICK AG
 CVE-2025-58579 (Due to a lack of authentication, it is possible for an 
unauthenticated ...)
-       TODO: check
+       NOT-FOR-US: SICK AG
 CVE-2025-58578 (A user with the appropriate authorization can create any 
number of use ...)
-       TODO: check
+       NOT-FOR-US: SICK AG
 CVE-2025-57781 (The installers of DENSO TEN drive recorder viewer contain an 
issue wit ...)
        TODO: check
 CVE-2025-50538 (Flowise before 3.0.5 allows XSS via an IFRAME element when an 
admin vi ...)
@@ -39,11 +39,11 @@ CVE-2025-50538 (Flowise before 3.0.5 allows XSS via an 
IFRAME element when an ad
 CVE-2025-29192 (Flowise before 3.0.5 allows XSS via a FORM element and an 
INPUT elemen ...)
        TODO: check
 CVE-2025-11326 (A weakness has been identified in Tenda AC18 
15.03.05.19(6318). This a ...)
-       TODO: check
+       NOT-FOR-US: Tenda
 CVE-2025-11325 (A security flaw has been discovered in Tenda AC18 
15.03.05.19(6318). A ...)
-       TODO: check
+       NOT-FOR-US: Tenda
 CVE-2025-11324 (A vulnerability was identified in Tenda AC18 
15.03.05.19(6318). Affect ...)
-       TODO: check
+       NOT-FOR-US: Tenda
 CVE-2025-11323 (A vulnerability was determined in UTT 1250GW up to 
v2v3.2.2-200710. Af ...)
        TODO: check
 CVE-2025-11322 (A flaw has been found in Mangati NovoSGA up to 2.2.12. The 
impacted el ...)
@@ -83,7 +83,7 @@ CVE-2025-11305 (A vulnerability has been found in UTT HiPER 
840G up to 3.1.1-190
 CVE-2025-11304 (A flaw has been found in CodeCanyon/ui-lib Mentor LMS up to 
1.1.1. Aff ...)
        TODO: check
 CVE-2025-11303 (A vulnerability was detected in Belkin F9K1015 1.00.10. 
Affected is an ...)
-       TODO: check
+       NOT-FOR-US: Belkin
 CVE-2025-8917 (A vulnerability in allegroai/clearml version v2.0.1 allows for 
path tr ...)
        NOT-FOR-US: allegroai/clearml
 CVE-2025-8406 (ZenML version 0.83.1 is affected by a path traversal 
vulnerability in  ...)



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/c0d0cb157a3b42a8db5bb3eb357b9ea84d606823

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/c0d0cb157a3b42a8db5bb3eb357b9ea84d606823
You're receiving this email because of your account on salsa.debian.org.

_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

[Git][security-tracker-team/security-tracker][master] automatic NOT-FOR-US entries update

Reply via email to