[Git][security-tracker-team/security-tracker][master] automatic NOT-FOR-US entries update

Salvatore Bonaccorso (@carnil) Mon, 10 Nov 2025 12:14:19 -0800


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker



Commits:
9dd6d042 by security tracker role at 2025-11-10T20:13:43+00:00
automatic NOT-FOR-US entries update

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,61 +1,61 @@
 CVE-2025-8768
        REJECTED
 CVE-2025-64690 (In JetBrains YouTrack before 2025.3.104432 insecure Junie 
configuratio ...)
-       TODO: check
+       NOT-FOR-US: JetBrains
 CVE-2025-64689 (In JetBrains YouTrack before 2025.3.104432 misconfiguration in 
the Jun ...)
-       TODO: check
+       NOT-FOR-US: JetBrains
 CVE-2025-64688 (In JetBrains YouTrack before 2025.3.104432 missing VCS URL 
validation  ...)
-       TODO: check
+       NOT-FOR-US: JetBrains
 CVE-2025-64687 (In JetBrains YouTrack before 2025.3.104432 improper access 
control all ...)
-       TODO: check
+       NOT-FOR-US: JetBrains
 CVE-2025-64686 (In JetBrains YouTrack before 2025.3.104432 missing user 
principal clea ...)
-       TODO: check
+       NOT-FOR-US: JetBrains
 CVE-2025-64685 (In JetBrains YouTrack before 2025.3.104432 missing TLS 
certificate val ...)
-       TODO: check
+       NOT-FOR-US: JetBrains
 CVE-2025-64684 (In JetBrains YouTrack before 2025.3.104432 information 
disclosure was  ...)
-       TODO: check
+       NOT-FOR-US: JetBrains
 CVE-2025-64683 (In JetBrains Hub before 2025.3.104432 information disclosure 
was possi ...)
-       TODO: check
+       NOT-FOR-US: JetBrains
 CVE-2025-64682 (In JetBrains Hub before 2025.3.104432 a race condition allowed 
bypass  ...)
-       TODO: check
+       NOT-FOR-US: JetBrains
 CVE-2025-64681 (In JetBrains Hub before 2025.3.104992 a race condition allowed 
bypass  ...)
-       TODO: check
+       NOT-FOR-US: JetBrains
 CVE-2025-64457 (In JetBrains dotTrace before 2025.2.5 local privilege 
escalation possi ...)
-       TODO: check
+       NOT-FOR-US: JetBrains
 CVE-2025-64456 (In JetBrains ReSharper before 2025.2.4 missing signature 
verification  ...)
-       TODO: check
+       NOT-FOR-US: JetBrains
 CVE-2025-63835 (A stack-based buffer overflow vulnerability was discovered in 
Tenda AC ...)
-       TODO: check
+       NOT-FOR-US: Tenda
 CVE-2025-63834 (A stored cross-site scripting (XSS) vulnerability was 
discovered in Te ...)
-       TODO: check
+       NOT-FOR-US: Tenda
 CVE-2025-63712 (Cross-Site Request Forgery (CSRF) in SourceCodester Product 
Expiry Man ...)
-       TODO: check
+       NOT-FOR-US: SourceCodester
 CVE-2025-63711 (A Cross-Site Request Forgery (CSRF) vulnerability in the 
SourceCodeste ...)
-       TODO: check
+       NOT-FOR-US: SourceCodester
 CVE-2025-63710 (The send_message.php endpoint in SourceCodester Simple Public 
Chat Roo ...)
-       TODO: check
+       NOT-FOR-US: SourceCodester
 CVE-2025-63709 (A Cross-Site Scripting (XSS) vulnerability exists in 
SourceCodester Si ...)
-       TODO: check
+       NOT-FOR-US: SourceCodester
 CVE-2025-63497 (The patient prescription viewing functionality in 
his_doc_view_single_ ...)
        TODO: check
 CVE-2025-63457 (Tenda AX-1803 v1.0.0.1 was discovered to contain a stack 
overflow via  ...)
-       TODO: check
+       NOT-FOR-US: Tenda
 CVE-2025-63456 (Tenda AX-1803 v1.0.0.1 was discovered to contain a stack 
overflow via  ...)
-       TODO: check
+       NOT-FOR-US: Tenda
 CVE-2025-63455 (Tenda AX-3 v16.03.12.10_CN was discovered to contain a stack 
overflow  ...)
-       TODO: check
+       NOT-FOR-US: Tenda
 CVE-2025-63288 (In Open5GS 2.7.6, AMF crashes when receiving an abnormal 
NGSetupReques ...)
        TODO: check
 CVE-2025-63154 (TOTOLink A7000R V9.1.0u.6115_B20201022 was discovered to 
contain a sta ...)
-       TODO: check
+       NOT-FOR-US: TOTOLINK
 CVE-2025-63153 (TOTOLink A7000R V9.1.0u.6115_B20201022 was discovered to 
contain a sta ...)
-       TODO: check
+       NOT-FOR-US: TOTOLINK
 CVE-2025-63152 (Tenda AX3 V16.03.12.10_CN was discovered to contain a stack 
overflow i ...)
-       TODO: check
+       NOT-FOR-US: Tenda
 CVE-2025-63149 (Tenda AX3 V16.03.12.10_CN was discovered to contain a stack 
overflow i ...)
-       TODO: check
+       NOT-FOR-US: Tenda
 CVE-2025-63147 (Tenda AX3 V16.03.12.10_CN was discovered to contain a stack 
overflow i ...)
-       TODO: check
+       NOT-FOR-US: Tenda
 CVE-2025-60876 (BusyBox wget thru 1.3.7 accepted raw CR (0x0D)/LF (0x0A) and 
other C0  ...)
        TODO: check
 CVE-2025-56503 (An issue in Sublime HQ Pty Ltd Sublime Text 4 4200 allows 
authenticate ...)
@@ -67,9 +67,9 @@ CVE-2025-47773 (Combodo iTop is a web based IT service 
management tool. Versions
 CVE-2025-47286 (Combodo iTop is a web based IT service management tool. In 
versions pr ...)
        TODO: check
 CVE-2025-46430 (Dell Display and Peripheral Manager, versions prior to 
2.1.2.12, conta ...)
-       TODO: check
+       NOT-FOR-US: Dell / EMC
 CVE-2025-43723 (Dell PowerScale OneFS, versions prior to 9.10.1.3 and versions 
9.11.0. ...)
-       TODO: check
+       NOT-FOR-US: Dell / EMC
 CVE-2025-43079 (The Qualys Cloud Agent included a bundled uninstall script 
(qagent_uni ...)
        TODO: check
 CVE-2025-41107 (Stored Cross Site Scripting (XSS) vulnerability in Smart 
School 7.0 du ...)
@@ -77,13 +77,13 @@ CVE-2025-41107 (Stored Cross Site Scripting (XSS) 
vulnerability in Smart School
 CVE-2025-41001 (Cross Site Scripting (XSS) vulnerability stored in SOPlanning 
v1.53.02 ...)
        TODO: check
 CVE-2025-33150 (IBM Cognos Analytics Certified Containers 12.1.0 could 
disclose packag ...)
-       TODO: check
+       NOT-FOR-US: IBM
 CVE-2025-12967 (An issue in AWS Wrappers for Amazon Aurora PostgreSQL may 
allow for pr ...)
-       TODO: check
+       NOT-FOR-US: Amazon
 CVE-2025-12939 (A security flaw has been discovered in SourceCodester 
Interview Manage ...)
-       TODO: check
+       NOT-FOR-US: SourceCodester
 CVE-2025-12938 (A vulnerability was identified in projectworlds Online 
Admission Syste ...)
-       TODO: check
+       NOT-FOR-US: Project Worlds
 CVE-2025-12480 (Triofox versions prior to 16.7.10368.56560, are vulnerable to 
an Impro ...)
        TODO: check
 CVE-2025-12409 (A SQL injection vulnerability was discovered in Looker Studio 
that all ...)



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/9dd6d04213108ba12941ca99e4515d1af7c6002c

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/9dd6d04213108ba12941ca99e4515d1af7c6002c
You're receiving this email because of your account on salsa.debian.org.

_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

[Git][security-tracker-team/security-tracker][master] automatic NOT-FOR-US entries update

Reply via email to