[Git][security-tracker-team/security-tracker][master] automatic NOT-FOR-US entries update

Salvatore Bonaccorso (@carnil) carnil at debian.org
Wed Aug 13 21:13:19 BST 2025 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
9c51dbac by security tracker role at 2025-08-13T20:13:13+00:00
automatic NOT-FOR-US entries update

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -3,11 +3,11 @@ CVE-2025-8941 (A flaw was found in linux-pam. The pam_namespace module may impro
 CVE-2025-8927 (A vulnerability was determined in mtons mblog up to 3.5.0. Affected by ...)
 	TODO: check
 CVE-2025-8926 (A vulnerability was found in SourceCodester COVID 19 Testing Managemen ...)
-	TODO: check
+	NOT-FOR-US: SourceCodester
 CVE-2025-8925 (A vulnerability has been found in itsourcecode Sports Management Syste ...)
-	TODO: check
+	NOT-FOR-US: itsourcecode System
 CVE-2025-8924 (A vulnerability was identified in Campcodes Online Water Billing Syste ...)
-	TODO: check
+	NOT-FOR-US: Campcodes
 CVE-2025-8923 (A vulnerability was determined in code-projects Job Diary 1.0. This vu ...)
 	TODO: check
 CVE-2025-8922 (A vulnerability was found in code-projects Job Diary 1.0. This affects ...)
@@ -15,11 +15,11 @@ CVE-2025-8922 (A vulnerability was found in code-projects Job Diary 1.0. This af
 CVE-2025-8921 (A vulnerability has been found in code-projects Job Diary 1.0. Affecte ...)
 	TODO: check
 CVE-2025-8920 (A vulnerability was identified in Portabilis i-Diario 1.6. Affected by ...)
-	TODO: check
+	NOT-FOR-US: Portabilis
 CVE-2025-8919 (A vulnerability was determined in Portabilis i-Diario up to 1.6. Affec ...)
-	TODO: check
+	NOT-FOR-US: Portabilis
 CVE-2025-8918 (A vulnerability was found in Portabilis i-Educar up to 2.10. This issu ...)
-	TODO: check
+	NOT-FOR-US: Portabilis
 CVE-2025-8916 (Allocation of Resources Without Limits or Throttling vulnerability in  ...)
 	TODO: check
 CVE-2025-8914 (Organization Portal System developed by WellChoose has a SQL Injection ...)
@@ -39,11 +39,11 @@ CVE-2025-8908 (A vulnerability was determined in Shanghai Lingdang Information T
 CVE-2025-8907 (A vulnerability was found in H3C M2 NAS V100R006. Affected by this vul ...)
 	TODO: check
 CVE-2025-8904 (Amazon EMR Secret Agent creates a keytab file containing Kerberos cred ...)
-	TODO: check
+	NOT-FOR-US: Amazon
 CVE-2025-8770 (An issue has been discovered in GitLab EE affecting all versions from  ...)
 	TODO: check
 CVE-2025-8754 (Missing Authentication for Critical Function vulnerability in ABB ABB  ...)
-	TODO: check
+	NOT-FOR-US: ABB group
 CVE-2025-8671 (A mismatch caused by client-triggered server-sent stream resets betwee ...)
 	TODO: check
 CVE-2025-7739 (An issue has been discovered in GitLab CE/EE affecting all versions fr ...)
@@ -87,7 +87,7 @@ CVE-2025-54382 (Cherry Studio is a desktop client that supports for multiple LLM
 CVE-2025-54074 (Cherry Studio is a desktop client that supports for multiple LLM provi ...)
 	TODO: check
 CVE-2025-52585 (When a BIG-IP LTM Client SSL profile is configured on a virtual server ...)
-	TODO: check
+	NOT-FOR-US: F5
 CVE-2025-52392 (Soosyze CMS 2.0 allows brute-force login attacks via the /user/login e ...)
 	TODO: check
 CVE-2025-52386 (CycloneDX Sunshine v0.9 is vulnerable to CSV Formula Injection via a c ...)
@@ -97,9 +97,9 @@ CVE-2025-52385 (An issue in Studio 3T v.2025.1.0 and before allows a remote atta
 CVE-2025-51691 (Cross-Site Scripting (XSS) vulnerability found in MarkTwo commit e3a1d ...)
 	TODO: check
 CVE-2025-51452 (In TOTOLINK A7000R firmware 9.1.0u.6115_B20201022, an attacker can byp ...)
-	TODO: check
+	NOT-FOR-US: TOTOLINK
 CVE-2025-51451 (In TOTOLINK EX1200T firmware 4.1.2cu.5215, an attacker can bypass logi ...)
-	TODO: check
+	NOT-FOR-US: TOTOLINK
 CVE-2025-50946 (OS Command Injection in Olivetin 2025.4.22 Custom Themes via the Parse ...)
 	TODO: check
 CVE-2025-50690 (A Cross-Site Scripting (XSS) vulnerability exists in SpatialReference. ...)
@@ -135,7 +135,7 @@ CVE-2025-48989 (Improper Resource Shutdown or Release vulnerability in Apache To
 CVE-2025-48500 (A missing file integrity check vulnerability exists on MacOS F5 VPN br ...)
 	TODO: check
 CVE-2025-46405 (When Network Access is configured on a BIG-IP APM virtual server, undi ...)
-	TODO: check
+	NOT-FOR-US: F5
 CVE-2025-45317 (A zip slip vulnerability in the /modules/ImportModule.php component of ...)
 	TODO: check
 CVE-2025-45316 (A cross-site scripting (XSS) vulnerability in the TextBlockModule.php  ...)
@@ -165,15 +165,15 @@ CVE-2025-2614 (An issue has been discovered in GitLab CE/EE affecting all versio
 CVE-2025-2498 (An improper access control in Gitlab EE affecting all versions from 12 ...)
 	TODO: check
 CVE-2025-2184 (A credential management flaw in Palo Alto Networks Cortex XDR\xae Brok ...)
-	TODO: check
+	NOT-FOR-US: Palo Alto Networks
 CVE-2025-2183 (An insufficient certificate validation issue in the Palo Alto Networks ...)
-	TODO: check
+	NOT-FOR-US: Palo Alto Networks
 CVE-2025-2182 (A problem with the implementation of the MACsec protocol in Palo Alto  ...)
-	TODO: check
+	NOT-FOR-US: Palo Alto Networks
 CVE-2025-2181 (A sensitive information disclosure vulnerability in Palo Alto Networks ...)
-	TODO: check
+	NOT-FOR-US: Palo Alto Networks
 CVE-2025-2180 (An unsafe deserialization vulnerability in Palo Alto Networks Checkov  ...)
-	TODO: check
+	NOT-FOR-US: Palo Alto Networks
 CVE-2025-23306 (NVIDIA Megatron-LM for all platforms contains a vulnerability in the m ...)
 	TODO: check
 CVE-2025-23305 (NVIDIA Megatron-LM for all platforms contains a vulnerability in the t ...)
@@ -193,7 +193,7 @@ CVE-2025-23294 (NVIDIA WebDataset for all platforms contains a vulnerability whe
 CVE-2025-1477 (An issue has been discovered in GitLab CE/EE affecting all versions fr ...)
 	TODO: check
 CVE-2024-5477 (A potential security vulnerability has been identified in the System B ...)
-	TODO: check
+	NOT-FOR-US: HP
 CVE-2024-12303 (An issue has been discovered in GitLab CE/EE affecting all versions fr ...)
 	TODO: check
 CVE-2024-10219 (An issue has been discovered in GitLab CE/EE affecting all versions fr ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/9c51dbac255181b78961f1a73a4cb23579df0985

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/9c51dbac255181b78961f1a73a4cb23579df0985
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20250813/b3d5780e/attachment.htm>

More information about the debian-security-tracker-commits mailing list