[Git][security-tracker-team/security-tracker][master] automatic NOT-FOR-US entries update

Salvatore Bonaccorso (@carnil) carnil at debian.org
Tue Aug 26 21:13:53 BST 2025 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
206f47df by security tracker role at 2025-08-26T20:13:44+00:00
automatic NOT-FOR-US entries update

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,11 +1,11 @@
 CVE-2025-9491 (Microsoft Windows LNK File UI Misrepresentation Remote Code Execution  ...)
 	TODO: check
 CVE-2025-9483 (A flaw has been found in Linksys RE6250, RE6300, RE6350, RE6500, RE700 ...)
-	TODO: check
+	NOT-FOR-US: Linksys
 CVE-2025-9482 (A vulnerability was detected in Linksys RE6250, RE6300, RE6350, RE6500 ...)
-	TODO: check
+	NOT-FOR-US: Linksys
 CVE-2025-9481 (A security vulnerability has been detected in Linksys RE6250, RE6300,  ...)
-	TODO: check
+	NOT-FOR-US: Linksys
 CVE-2025-9478 (Use after free in ANGLE in Google Chrome prior to 139.0.7258.154 allow ...)
 	TODO: check
 CVE-2025-9190 (The configuration of Cursor on macOS, specifically the "RunAsNode" fus ...)
@@ -15,15 +15,15 @@ CVE-2025-8700 (Invoice Ninja's configuration on macOS, specifically the presence
 CVE-2025-8597 (MacVim's configuration on macOS, specifically the presence of entitlem ...)
 	TODO: check
 CVE-2025-8424 (Improper access control on the NetScaler Management Interface in NetSc ...)
-	TODO: check
+	NOT-FOR-US: Citrix
 CVE-2025-7776 (Memory overflow vulnerability leading to unpredictable or erroneous be ...)
-	TODO: check
+	NOT-FOR-US: Citrix
 CVE-2025-7775 (Memory overflow vulnerability leading to Remote Code Execution and/or  ...)
-	TODO: check
+	NOT-FOR-US: Citrix
 CVE-2025-6366 (The Event List plugin for WordPress is vulnerable to privilege escalat ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2025-6247 (The WordPress Automatic Plugin plugin for WordPress is vulnerable to C ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2025-57818 (Firecrawl turns entire websites into LLM-ready markdown or structured  ...)
 	TODO: check
 CVE-2025-57813 (traQ is a messenger application built for Digital Creators Club traP.  ...)
@@ -33,7 +33,7 @@ CVE-2025-57810 (jsPDF is a library to generate PDFs in JavaScript. Prior to 3.0.
 CVE-2025-57803 (ImageMagick is free and open-source software used for editing and mani ...)
 	TODO: check
 CVE-2025-57425 (A Stored Cross-Site Scripting (XSS) vulnerability in SourceCodester FA ...)
-	TODO: check
+	NOT-FOR-US: SourceCodester
 CVE-2025-56432 (A cross-site scripting (XSS) vulnerability exists in Nagios XI 2024R2. ...)
 	TODO: check
 CVE-2025-55526 (n8n-workflows Main Commit ee25413 allows attackers to execute a direct ...)
@@ -75,17 +75,17 @@ CVE-2025-50971 (Directory traversal vulnerability in AbanteCart version 1.4.2 al
 CVE-2025-50753 (Mitrastar GPT-2741GNAC-N2 devices are provided with access through ssh ...)
 	TODO: check
 CVE-2025-48108 (Missing Authorization vulnerability in Mojoomla School Management allo ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin or theme
 CVE-2025-44002 (Race Condition in the Directory Validation Logic in the TeamViewer Ful ...)
-	TODO: check
+	NOT-FOR-US: TeamViewer
 CVE-2025-36729 (A non-primary administrator user with admin rights to the web interfac ...)
 	TODO: check
 CVE-2025-2697 (IBM Cognos Command Center 10.2.4.1 and 10.2.5   could allow a remote a ...)
-	TODO: check
+	NOT-FOR-US: IBM
 CVE-2025-29992 (Mahara before 24.04.9 exposes database connection information if the d ...)
 	TODO: check
 CVE-2025-29901 (A NULL pointer dereference vulnerability has been reported to affect F ...)
-	TODO: check
+	NOT-FOR-US: QNAP
 CVE-2025-25737 (Kapsch TrafficCom RIS-9160 & RIS-9260 Roadside Units (RSUs) v3.2.0.829 ...)
 	TODO: check
 CVE-2025-25736 (Kapsch TrafficCom RIS-9260 RSU LEO v3.2.0.829.23, v3.8.0.1119.42, and  ...)
@@ -109,11 +109,11 @@ CVE-2025-23312 (NVIDIA NeMo Framework for all platforms contains a vulnerability
 CVE-2025-23307 (NVIDIA NeMo Curator for all platforms contains a vulnerability where a ...)
 	TODO: check
 CVE-2025-1994 (IBM Cognos Command Center 10.2.4.1 and 10.2.5     could allow a local  ...)
-	TODO: check
+	NOT-FOR-US: IBM
 CVE-2025-1501 (An access control vulnerability was discovered in the Request Trace an ...)
 	TODO: check
 CVE-2025-1494 (IBM Cognos Command Center 10.2.4.1 and 10.2.5 could allow a remote att ...)
-	TODO: check
+	NOT-FOR-US: IBM
 CVE-2024-47853 (An issue was discovered in Mahara 23.04.8 and 24.04.4. Attackers may u ...)
 	TODO: check
 CVE-2024-45753 (In Mahara 23.04.8 and 24.04.4, the external RSS feed block can cause X ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/206f47df32ff7a02a852544920fba932ecaf4ec2

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/206f47df32ff7a02a852544920fba932ecaf4ec2
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20250826/f2e6bb4c/attachment.htm>

More information about the debian-security-tracker-commits mailing list