[Git][security-tracker-team/security-tracker][master] automatic NOT-FOR-US entries update

Salvatore Bonaccorso (@carnil) carnil at debian.org
Mon Aug 4 21:14:20 BST 2025 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
be031f53 by security tracker role at 2025-08-04T20:14:13+00:00
automatic NOT-FOR-US entries update

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -17,15 +17,15 @@ CVE-2025-8517 (A vulnerability was found in givanz Vvveb 1.0.6.1. It has been de
 CVE-2025-8516 (A vulnerability was found in Kingdee Cloud-Starry-Sky Enterprise Editi ...)
 	TODO: check
 CVE-2025-8515 (A vulnerability was found in Intelbras InControl 2.21.60.9 and classif ...)
-	TODO: check
+	NOT-FOR-US: Intelbras
 CVE-2025-8341 (Grafana is an open-source platform for monitoring and observability. T ...)
 	TODO: check
 CVE-2025-8109 (Software installed and run as a non-privileged user may conduct ptrace ...)
-	TODO: check
+	NOT-FOR-US: Imagination Technologies
 CVE-2025-6205 (A missing authorization vulnerability affecting DELMIA Apriso from Rel ...)
-	TODO: check
+	NOT-FOR-US: Dassault Systemes
 CVE-2025-6204 (An Improper Control of Generation of Code (Code Injection) vulnerabili ...)
-	TODO: check
+	NOT-FOR-US: Dassault Systemes
 CVE-2025-5988 (A flaw was found in the Ansible aap-gateway. Cross-site request forger ...)
 	TODO: check
 CVE-2025-55014 (The YouDao plugin for StarDict, as used in stardict 3.0.7+git20220909+ ...)
@@ -43,7 +43,7 @@ CVE-2025-51535 (Austrian Archaeological Institute (AI) OpenAtlas v8.11.0 as disc
 CVE-2025-51534 (A cross-site scripting (XSS) vulnerability in Austrian Archaeological  ...)
 	TODO: check
 CVE-2025-51390 (TOTOLINK N600R V4.3.0cu.7647_B20210106 was discovered to contain a com ...)
-	TODO: check
+	NOT-FOR-US: TOTOLINK
 CVE-2025-50422 (An issue was discovered in freedesktop poppler v25.04.0. The heap memo ...)
 	TODO: check
 CVE-2025-50420 (An issue in the pdfseparate utility of freedesktop poppler v25.04.0 al ...)
@@ -71,41 +71,41 @@ CVE-2025-44954 (RUCKUS SmartZone (SZ) before 6.1.2p3 Refresh Build has a hardcod
 CVE-2025-44643 (Certain Draytek products are affected by Insecure Configuration. This  ...)
 	TODO: check
 CVE-2025-41691 (An unauthenticated remote attacker may trigger a NULL pointer derefere ...)
-	TODO: check
+	NOT-FOR-US: CODESYS
 CVE-2025-41659 (A low-privileged attacker can remotely access the PKI folder of the CO ...)
-	TODO: check
+	NOT-FOR-US: CODESYS
 CVE-2025-41658 (CODESYS Runtime Toolkit-based products may expose sensitive files to l ...)
-	TODO: check
+	NOT-FOR-US: CODESYS
 CVE-2025-38741 (Dell Enterprise SONiC OS, version 4.5.0, contains a cryptographic key  ...)
-	TODO: check
+	NOT-FOR-US: Dell / EMC
 CVE-2025-38739 (Dell Digital Delivery, versions prior to 5.6.1.0, contains an Insuffic ...)
-	TODO: check
+	NOT-FOR-US: Dell / EMC
 CVE-2025-36607 (Dell Unity, version(s) 5.5 and prior, contain(s) an OS Command Injecti ...)
-	TODO: check
+	NOT-FOR-US: Dell / EMC
 CVE-2025-36606 (Dell Unity, version(s) 5.5 and prior, contain(s) an OS Command Injecti ...)
-	TODO: check
+	NOT-FOR-US: Dell / EMC
 CVE-2025-36605 (Dell Unity, version(s) 5.5 and prior, contain(s) an Improper Neutraliz ...)
-	TODO: check
+	NOT-FOR-US: Dell / EMC
 CVE-2025-36604 (Dell Unity, version(s) 5.5 and prior, contain(s) an Improper Neutraliz ...)
-	TODO: check
+	NOT-FOR-US: Dell / EMC
 CVE-2025-36594 (Dell PowerProtect Data Domain with Data Domain Operating System (DD OS ...)
-	TODO: check
+	NOT-FOR-US: Dell / EMC
 CVE-2025-34147 (An unauthenticated OS command injection vulnerability exists in the Sh ...)
 	TODO: check
 CVE-2025-30099 (Dell PowerProtect Data Domain with Data Domain Operating System (DD OS ...)
-	TODO: check
+	NOT-FOR-US: Dell / EMC
 CVE-2025-30098 (Dell PowerProtect Data Domain with Data Domain Operating System (DD OS ...)
-	TODO: check
+	NOT-FOR-US: Dell / EMC
 CVE-2025-30097 (Dell PowerProtect Data Domain with Data Domain Operating System (DD OS ...)
-	TODO: check
+	NOT-FOR-US: Dell / EMC
 CVE-2025-30096 (Dell PowerProtect Data Domain with Data Domain Operating System (DD OS ...)
-	TODO: check
+	NOT-FOR-US: Dell / EMC
 CVE-2025-26476 (Dell ECS versions prior to 3.8.1.5/ ObjectScale version 4.0.0.0, conta ...)
-	TODO: check
+	NOT-FOR-US: Dell / EMC
 CVE-2025-26065 (A cross-site scripting (XSS) vulnerability in Intelbras RX1500 v2.2.9  ...)
-	TODO: check
+	NOT-FOR-US: Intelbras
 CVE-2025-21120 (Dell Avamar, versions prior to 19.12 with patch 338905, excluding vers ...)
-	TODO: check
+	NOT-FOR-US: Dell / EMC
 CVE-2025-0932 (Use After Free vulnerability in Arm Ltd Bifrost GPU Userspace Driver,  ...)
 	TODO: check
 CVE-2024-45183 (An issue was discovered in Samsung Mobile Processor Exynos 2100, 1280, ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/be031f5331513a040b8656bfde6e9b7a066cc289

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/be031f5331513a040b8656bfde6e9b7a066cc289
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20250804/9d40db97/attachment-0001.htm>

More information about the debian-security-tracker-commits mailing list