[Git][security-tracker-team/security-tracker][master] automatic NOT-FOR-US entries update

Fri, 25 Jul 2025 13:14:12 -0700 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
bc2e0e9a by security tracker role at 2025-07-25T20:13:52+00:00
automatic NOT-FOR-US entries update

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -3,13 +3,13 @@ CVE-2025-8197 (A global buffer overflow vulnerability was 
found in the soup_head
 CVE-2025-8183 (NULL Pointer Dereference in \xb5D3TN via non-singleton 
destination End ...)
        TODO: check
 CVE-2025-8168 (A vulnerability was found in D-Link DIR-513 1.10. It has been 
rated as ...)
-       TODO: check
+       NOT-FOR-US: D-Link
 CVE-2025-8167 (A vulnerability was found in code-projects Church Donation 
System 1.0. ...)
-       TODO: check
+       NOT-FOR-US: code-projects
 CVE-2025-8166 (A vulnerability was found in code-projects Church Donation 
System 1.0. ...)
-       TODO: check
+       NOT-FOR-US: code-projects
 CVE-2025-8165 (A vulnerability was found in code-projects Food Review System 
1.0 and  ...)
-       TODO: check
+       NOT-FOR-US: code-projects
 CVE-2025-8164 (A vulnerability has been found in code-projects Public Chat 
Room 1.0 a ...)
        TODO: check
 CVE-2025-8163 (A vulnerability, which was classified as critical, was found in 
deerwm ...)
@@ -19,23 +19,23 @@ CVE-2025-8162 (A vulnerability, which was classified as 
critical, has been found
 CVE-2025-8161 (A vulnerability classified as critical was found in deerwms 
deer-wms-2 ...)
        TODO: check
 CVE-2025-8160 (A vulnerability classified as critical has been found in Tenda 
AC20 up ...)
-       TODO: check
+       NOT-FOR-US: Tenda
 CVE-2025-8159 (A vulnerability was found in D-Link DIR-513 1.0. It has been 
rated as  ...)
-       TODO: check
+       NOT-FOR-US: D-Link
 CVE-2025-8158 (A vulnerability was found in PHPGurukul Login and User 
Management Syst ...)
-       TODO: check
+       NOT-FOR-US: PHPGurukul
 CVE-2025-8157 (A vulnerability was found in PHPGurukul User Registration & 
Login and  ...)
-       TODO: check
+       NOT-FOR-US: PHPGurukul
 CVE-2025-8156 (A vulnerability was found in PHPGurukul User Registration & 
Login and  ...)
-       TODO: check
+       NOT-FOR-US: PHPGurukul
 CVE-2025-8155 (A vulnerability has been found in D-Link DCS-6010L 1.15.03 and 
classif ...)
-       TODO: check
+       NOT-FOR-US: D-Link
 CVE-2025-8140 (A vulnerability was found in TOTOLINK A702R 
4.0.0-B20230721.1521. It h ...)
-       TODO: check
+       NOT-FOR-US: TOTOLINK
 CVE-2025-8139 (A vulnerability was found in TOTOLINK A702R 
4.0.0-B20230721.1521. It h ...)
-       TODO: check
+       NOT-FOR-US: TOTOLINK
 CVE-2025-8138 (A vulnerability was found in TOTOLINK A702R 
4.0.0-B20230721.1521 and c ...)
-       TODO: check
+       NOT-FOR-US: TOTOLINK
 CVE-2025-5254 (Improper Neutralization of Input During Web Page Generation 
(XSS or 'C ...)
        TODO: check
 CVE-2025-5253 (Allocation of Resources Without Limits or Throttling 
vulnerability in  ...)
@@ -43,21 +43,21 @@ CVE-2025-5253 (Allocation of Resources Without Limits or 
Throttling vulnerabilit
 CVE-2025-54596 (Abnormal Security /v1.0/rbac/users_v2/{USER_ID}/ before 
2025-02-19 all ...)
        TODO: check
 CVE-2025-52455 (Server-Side Request Forgery (SSRF) vulnerability in Salesforce 
Tableau ...)
-       TODO: check
+       NOT-FOR-US: Salesforce
 CVE-2025-52454 (Server-Side Request Forgery (SSRF) vulnerability in Salesforce 
Tableau ...)
-       TODO: check
+       NOT-FOR-US: Salesforce
 CVE-2025-52453 (Server-Side Request Forgery (SSRF) vulnerability in Salesforce 
Tableau ...)
-       TODO: check
+       NOT-FOR-US: Salesforce
 CVE-2025-52452 (Improper Limitation of a Pathname to a Restricted Directory 
('Path Tra ...)
-       TODO: check
+       NOT-FOR-US: Salesforce
 CVE-2025-52449 (Unrestricted Upload of File with Dangerous Type vulnerability 
in Sales ...)
-       TODO: check
+       NOT-FOR-US: Salesforce
 CVE-2025-52448 (Authorization Bypass Through User-Controlled Key vulnerability 
in Sale ...)
-       TODO: check
+       NOT-FOR-US: Salesforce
 CVE-2025-52447 (Authorization Bypass Through User-Controlled Key vulnerability 
in Sale ...)
-       TODO: check
+       NOT-FOR-US: Salesforce
 CVE-2025-52446 (Authorization Bypass Through User-Controlled Key vulnerability 
in Sale ...)
-       TODO: check
+       NOT-FOR-US: Salesforce
 CVE-2025-52360 (A Cross-Site Scripting (XSS) vulnerability exists in the OPAC 
search f ...)
        TODO: check
 CVE-2025-51411 (A reflected cross-site scripting (XSS) vulnerability exists in 
Institu ...)
@@ -87,9 +87,9 @@ CVE-2025-44608 (CloudClassroom-PHP Project v1.0 was 
discovered to contain a SQL
 CVE-2025-43712 (JHipster before v.8.9.0 allows privilege escalation via a 
modified aut ...)
        TODO: check
 CVE-2025-3873 (The following APIs for the Silcon Labs SiWx91x prior to vesion 
3.4.0 f ...)
-       TODO: check
+       NOT-FOR-US: Silicon Labs
 CVE-2025-3508 (Certain HP DesignJet products may be vulnerable to information 
disclos ...)
-       TODO: check
+       NOT-FOR-US: HP
 CVE-2025-38467 (In the Linux kernel, the following vulnerability has been 
resolved:  d ...)
        TODO: check
 CVE-2025-38466 (In the Linux kernel, the following vulnerability has been 
resolved:  p ...)
@@ -181,7 +181,7 @@ CVE-2025-30135 (An issue was discovered on IROAD Dashcam 
FX2 devices. Dumping Fi
 CVE-2025-30086 (CNCF Harbor 2.13.x before 2.13.1 and 2.12.x before 2.12.4 
allows infor ...)
        TODO: check
 CVE-2025-2329 (In high traffic environments, a Silicon Labs OpenThread RCP 
(see impac ...)
-       TODO: check
+       NOT-FOR-US: Silicon Labs
 CVE-2025-29631 (An issue in Gardyn 4 allows a remote attacker execute 
arbitrary code)
        TODO: check
 CVE-2025-29630 (An issue in Gardyn 4 allows a remote attacker with the 
corresponding s ...)
@@ -199,7 +199,7 @@ CVE-2024-13976 (A DLL injection vulnerability exists in 
Commvault for Windows 11
 CVE-2024-13975 (A local privilege escalation vulnerability exists in Commvault 
for Win ...)
        TODO: check
 CVE-2023-7306 (The Frontend File Manager Plugin plugin for WordPress is 
vulnerable to ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2023-53155 (goform/formTest in EmbedThis GoAhead 2.5 allows HTML injection 
via the ...)
        TODO: check
 CVE-2022-4979 (A cross-site scripting (XSS) vulnerability exists in Sitecore 
Experien ...)
@@ -215,7 +215,7 @@ CVE-2014-125119 (A filename spoofing vulnerability exists 
in WinRAR when opening
 CVE-2014-125118 (A command injection vulnerability exists in the eScan Web 
Management C ...)
        TODO: check
 CVE-2014-125117 (A stack-based buffer overflow vulnerability in the my_cgi.cgi 
componen ...)
-       TODO: check
+       NOT-FOR-US: D-Link
 CVE-2014-125116 (A remote code execution vulnerability exists in HybridAuth 
versions 2. ...)
        TODO: check
 CVE-2014-125115 (An unauthenticated SQL injection vulnerability exists in 
Pandora FMS v ...)



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/bc2e0e9a710fb30cfb6d557976b225da9cace58e

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/bc2e0e9a710fb30cfb6d557976b225da9cace58e
You're receiving this email because of your account on salsa.debian.org.



_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

Reply via email to