[Git][security-tracker-team/security-tracker][master] automatic NOT-FOR-US entries update

Salvatore Bonaccorso (@carnil) Mon, 16 Jun 2025 13:13:55 -0700


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker



Commits:
3821b50f by security tracker role at 2025-06-16T20:13:38+00:00
automatic NOT-FOR-US entries update

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -3,23 +3,23 @@ CVE-2025-6179 (Permissions Bypass in Extension Management in 
Google ChromeOS
 CVE-2025-6177 (Privilege Escalation in MiniOS in Google ChromeOS (16063.45.2 
and pote ...)
        TODO: check
 CVE-2025-6172 (Permission vulnerability in the mobile application 
(com.afmobi.boompla ...)
-       TODO: check
+       NOT-FOR-US: TECNO Mobile
 CVE-2025-6170 (A flaw was found in the interactive shell of the xmllint 
command-line  ...)
        TODO: check
 CVE-2025-6137 (A vulnerability classified as critical has been found in 
TOTOLINK T10  ...)
        TODO: check
 CVE-2025-6136 (A vulnerability was found in Projectworlds Life Insurance 
Management S ...)
-       TODO: check
+       NOT-FOR-US: Project Worlds
 CVE-2025-6135 (A vulnerability was found in Projectworlds Life Insurance 
Management S ...)
-       TODO: check
+       NOT-FOR-US: Project Worlds
 CVE-2025-6134 (A vulnerability was found in Projectworlds Life Insurance 
Management S ...)
-       TODO: check
+       NOT-FOR-US: Project Worlds
 CVE-2025-6133 (A vulnerability was found in Projectworlds Life Insurance 
Management S ...)
-       TODO: check
+       NOT-FOR-US: Project Worlds
 CVE-2025-6132 (A vulnerability has been found in Chanjet CRM 1.0 and 
classified as cr ...)
        TODO: check
 CVE-2025-6131 (A vulnerability, which was classified as problematic, was found 
in Cod ...)
-       TODO: check
+       NOT-FOR-US: CodeAstro
 CVE-2025-6130 (A vulnerability, which was classified as critical, has been 
found in T ...)
        TODO: check
 CVE-2025-6129 (A vulnerability classified as critical was found in TOTOLINK 
EX1200T 4 ...)
@@ -27,19 +27,19 @@ CVE-2025-6129 (A vulnerability classified as critical was 
found in TOTOLINK EX12
 CVE-2025-6128 (A vulnerability classified as critical has been found in 
TOTOLINK EX12 ...)
        TODO: check
 CVE-2025-6127 (A vulnerability was found in PHPGurukul Nipah Virus Testing 
Management ...)
-       TODO: check
+       NOT-FOR-US: PHPGurukul
 CVE-2025-6126 (A vulnerability was found in PHPGurukul Rail Pass Management 
System 1. ...)
-       TODO: check
+       NOT-FOR-US: PHPGurukul
 CVE-2025-6125 (A vulnerability was found in PHPGurukul Rail Pass Management 
System 1. ...)
-       TODO: check
+       NOT-FOR-US: PHPGurukul
 CVE-2025-6124 (A vulnerability was found in code-projects Restaurant Order 
System 1.0 ...)
-       TODO: check
+       NOT-FOR-US: code-projects
 CVE-2025-6123 (A vulnerability has been found in code-projects Restaurant 
Order Syste ...)
-       TODO: check
+       NOT-FOR-US: code-projects
 CVE-2025-6122 (A vulnerability, which was classified as critical, was found in 
code-p ...)
-       TODO: check
+       NOT-FOR-US: code-projects
 CVE-2025-6121 (A vulnerability, which was classified as critical, has been 
found in D ...)
-       TODO: check
+       NOT-FOR-US: D-Link
 CVE-2025-6120 (A vulnerability classified as critical was found in Open Asset 
Import  ...)
        TODO: check
 CVE-2025-6119 (A vulnerability classified as critical has been found in Open 
Asset Im ...)
@@ -51,17 +51,17 @@ CVE-2025-6117 (A vulnerability was found in Das Parking 
Management System \u505c
 CVE-2025-6116 (A vulnerability was found in Das Parking Management System 
\u505c\u8f6 ...)
        TODO: check
 CVE-2025-6115 (A vulnerability was found in D-Link DIR-619L 2.06B01 and 
classified as ...)
-       TODO: check
+       NOT-FOR-US: D-Link
 CVE-2025-6114 (A vulnerability has been found in D-Link DIR-619L 2.06B01 and 
classifi ...)
-       TODO: check
+       NOT-FOR-US: D-Link
 CVE-2025-6113 (A vulnerability, which was classified as critical, was found in 
Tenda  ...)
-       TODO: check
+       NOT-FOR-US: Tenda
 CVE-2025-6087 (A Server-Side Request Forgery (SSRF) vulnerability was 
identified in t ...)
        TODO: check
 CVE-2025-5689 (A flaw was found in the temporary user record that authd uses 
in the p ...)
        TODO: check
 CVE-2025-5309 (The chat feature within Remote Support (RS) and Privileged 
Remote Acce ...)
-       TODO: check
+       NOT-FOR-US: BeyondTrust
 CVE-2025-4748 (Improper Limitation of a Pathname to a Restricted Directory 
('Path Tra ...)
        TODO: check
 CVE-2025-4565 (Any project that uses Protobuf Pure-Python backendto parse 
untrusted P ...)
@@ -75,7 +75,7 @@ CVE-2025-48988 (Allocation of Resources Without Limits or 
Throttling vulnerabili
 CVE-2025-48976 (Allocation of resources for multipart headers with 
insufficient limits ...)
        TODO: check
 CVE-2025-46710 (Possible kernel exceptions caused by reading and writing 
kernel heap d ...)
-       TODO: check
+       NOT-FOR-US: Imagination Technologies
 CVE-2025-40729 (Reflected Cross-Site Scripting (XSS) in 
/customer_support/index.php in ...)
        TODO: check
 CVE-2025-40728 (SQL injection vulnerability in Customer Support System v1.0. 
This vuln ...)
@@ -85,23 +85,23 @@ CVE-2025-40727 (A Reflected Cross Site Scripting (XSS) 
vulnerability was found i
 CVE-2025-40726 (Reflected Cross-Site Scripting (XSS) vulnerability in 
/pages/search-re ...)
        TODO: check
 CVE-2025-3602 (Liferay Portal 7.4.0 through 7.4.3.97, and Liferay DXP 
2023.Q3.1 throu ...)
-       TODO: check
+       NOT-FOR-US: Liferay
 CVE-2025-3594 (Path traversal vulnerability with the downloading and 
installation of  ...)
-       TODO: check
+       NOT-FOR-US: Liferay
 CVE-2025-3526 (SessionClicks in Liferay Portal 7.0.0 through 7.4.3.21, and 
Liferay DX ...)
-       TODO: check
+       NOT-FOR-US: Liferay
 CVE-2025-3464 (A race condition vulnerability exists in Armoury Crate. This 
vulnerabi ...)
-       TODO: check
+       NOT-FOR-US: ASUS
 CVE-2025-36632 (In Tenable Agent versions prior to 10.8.5 on a Windows host, 
it was fo ...)
-       TODO: check
+       NOT-FOR-US: Tenable
 CVE-2025-32798 (Conda-build contains commands and tools to build conda 
packages. Prior ...)
        TODO: check
 CVE-2025-32797 (Conda-build contains commands and tools to build conda 
packages. Prior ...)
        TODO: check
 CVE-2025-2327 (A flaw exists in FlashArray whereby the Key Encryption Key 
(KEK) is lo ...)
-       TODO: check
+       NOT-FOR-US: Pure Storage
 CVE-2025-2091 (An open redirection vulnerability in M-Files mobile 
applications for A ...)
-       TODO: check
+       NOT-FOR-US: M-Files
 CVE-2025-25265 (A web application for configuring the controller is accessible 
at a sp ...)
        TODO: check
 CVE-2025-25264 (An unauthenticated remote attacker can take advantage of the 
current o ...)



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/3821b50fdbfd9c6c474bbd274d48fcece3e2c18d

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/3821b50fdbfd9c6c474bbd274d48fcece3e2c18d
You're receiving this email because of your account on salsa.debian.org.

_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

[Git][security-tracker-team/security-tracker][master] automatic NOT-FOR-US entries update

Reply via email to