[Git][security-tracker-team/security-tracker][master] Process some NFUs

Salvatore Bonaccorso (@carnil) carnil at debian.org
Tue Aug 26 21:26:40 BST 2025 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
ac73cb1b by Salvatore Bonaccorso at 2025-08-26T22:26:17+02:00
Process some NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,5 +1,5 @@
 CVE-2025-9491 (Microsoft Windows LNK File UI Misrepresentation Remote Code Execution  ...)
-	TODO: check
+	NOT-FOR-US: Microsoft
 CVE-2025-9483 (A flaw has been found in Linksys RE6250, RE6300, RE6350, RE6500, RE700 ...)
 	NOT-FOR-US: Linksys
 CVE-2025-9482 (A vulnerability was detected in Linksys RE6250, RE6300, RE6350, RE6500 ...)
@@ -10,11 +10,11 @@ CVE-2025-9478 (Use after free in ANGLE in Google Chrome prior to 139.0.7258.154
 	- chromium <unfixed>
 	[bullseye] - chromium <end-of-life> (see #1061268)
 CVE-2025-9190 (The configuration of Cursor on macOS, specifically the "RunAsNode" fus ...)
-	TODO: check
+	NOT-FOR-US: Cursor
 CVE-2025-8700 (Invoice Ninja's configuration on macOS, specifically the presence of e ...)
-	TODO: check
+	NOT-FOR-US: Invoice Ninja
 CVE-2025-8597 (MacVim's configuration on macOS, specifically the presence of entitlem ...)
-	TODO: check
+	NOT-FOR-US: MacVim
 CVE-2025-8424 (Improper access control on the NetScaler Management Interface in NetSc ...)
 	NOT-FOR-US: Citrix
 CVE-2025-7776 (Memory overflow vulnerability leading to unpredictable or erroneous be ...)
@@ -36,7 +36,7 @@ CVE-2025-57803 (ImageMagick is free and open-source software used for editing an
 CVE-2025-57425 (A Stored Cross-Site Scripting (XSS) vulnerability in SourceCodester FA ...)
 	NOT-FOR-US: SourceCodester
 CVE-2025-56432 (A cross-site scripting (XSS) vulnerability exists in Nagios XI 2024R2. ...)
-	TODO: check
+	NOT-FOR-US: Nagios XI
 CVE-2025-55526 (n8n-workflows Main Commit ee25413 allows attackers to execute a direct ...)
 	TODO: check
 CVE-2025-55443 (Telpo MDM 1.4.6 thru 1.4.9 for Android contains sensitive administrato ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/ac73cb1b9903344c36877f5731951a297f071fe7

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/ac73cb1b9903344c36877f5731951a297f071fe7
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20250826/48ac7b74/attachment.htm>

More information about the debian-security-tracker-commits mailing list