[Git][security-tracker-team/security-tracker][master] automatic NOT-FOR-US entries update

Salvatore Bonaccorso (@carnil) carnil at debian.org
Fri Aug 29 09:13:50 BST 2025 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
ea61183a by security tracker role at 2025-08-29T08:13:42+00:00
automatic NOT-FOR-US entries update

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -3,17 +3,17 @@ CVE-2025-9639 (The QbiCRMGateway developed by Ai3 has an Arbitrary File Reading
 CVE-2025-9619 (A security flaw has been discovered in E4 Sistemas Mercatus ERP 2.00.0 ...)
 	TODO: check
 CVE-2025-9610 (A vulnerability was determined in code-projects Online Event Judging S ...)
-	TODO: check
+	NOT-FOR-US: code-projects
 CVE-2025-9609 (A vulnerability was found in Portabilis i-Educar up to 2.10. This vuln ...)
-	TODO: check
+	NOT-FOR-US: Portabilis
 CVE-2025-9608 (A vulnerability has been found in Portabilis i-Educar up to 2.10. This ...)
-	TODO: check
+	NOT-FOR-US: Portabilis
 CVE-2025-9607 (A flaw has been found in Portabilis i-Educar up to 2.10. Affected by t ...)
-	TODO: check
+	NOT-FOR-US: Portabilis
 CVE-2025-9606 (A vulnerability was detected in Portabilis i-Educar up to 2.10. Affect ...)
-	TODO: check
+	NOT-FOR-US: Portabilis
 CVE-2025-9605 (A security vulnerability has been detected in Tenda AC21 and AC23 16.0 ...)
-	TODO: check
+	NOT-FOR-US: Tenda
 CVE-2025-9604 (A vulnerability was identified in coze-studio up to 0.2.4. The impacte ...)
 	TODO: check
 CVE-2025-9603 (A vulnerability was determined in Telesquare TLR-2005KSH 1.2.4. The af ...)
@@ -21,25 +21,25 @@ CVE-2025-9603 (A vulnerability was determined in Telesquare TLR-2005KSH 1.2.4. T
 CVE-2025-9602 (A vulnerability was found in Xinhu RockOA up to 2.6.9. Impacted is the ...)
 	TODO: check
 CVE-2025-9601 (A vulnerability was detected in itsourcecode Apartment Management Syst ...)
-	TODO: check
+	NOT-FOR-US: itsourcecode System
 CVE-2025-9600 (A security vulnerability has been detected in itsourcecode Apartment M ...)
-	TODO: check
+	NOT-FOR-US: itsourcecode System
 CVE-2025-9599 (A weakness has been identified in itsourcecode Apartment Management Sy ...)
-	TODO: check
+	NOT-FOR-US: itsourcecode System
 CVE-2025-9598 (A security flaw has been discovered in itsourcecode Apartment Manageme ...)
-	TODO: check
+	NOT-FOR-US: itsourcecode System
 CVE-2025-9597 (A vulnerability was identified in itsourcecode Apartment Management Sy ...)
-	TODO: check
+	NOT-FOR-US: itsourcecode System
 CVE-2025-9596 (A vulnerability was determined in itsourcecode Sports Management Syste ...)
-	TODO: check
+	NOT-FOR-US: itsourcecode System
 CVE-2025-9595 (A vulnerability was found in code-projects Student Information Managem ...)
-	TODO: check
+	NOT-FOR-US: code-projects
 CVE-2025-9594 (A vulnerability has been found in itsourcecode Apartment Management Sy ...)
-	TODO: check
+	NOT-FOR-US: itsourcecode System
 CVE-2025-9593 (A flaw has been found in itsourcecode Apartment Management System 1.0. ...)
-	TODO: check
+	NOT-FOR-US: itsourcecode System
 CVE-2025-9592 (A vulnerability was detected in itsourcecode Apartment Management Syst ...)
-	TODO: check
+	NOT-FOR-US: itsourcecode System
 CVE-2025-9591 (A security vulnerability has been detected in ZrLog up to 3.1.5. This  ...)
 	TODO: check
 CVE-2025-9590 (A vulnerability was identified in Weaver E-Mobile Mobile Management Pl ...)
@@ -51,9 +51,9 @@ CVE-2025-9586 (A vulnerability was identified in Comfast CF-N1 2.6.0. This vulne
 CVE-2025-9585 (A vulnerability was determined in Comfast CF-N1 2.6.0. This affects th ...)
 	TODO: check
 CVE-2025-9441 (The iATS Online Forms plugin for WordPress is vulnerable to time-based ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2025-9374 (The Ultimate Tag Warrior Importer plugin for WordPress is vulnerable t ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2025-8861 (TSA developed by Changing has a Missing Authentication vulnerability,  ...)
 	TODO: check
 CVE-2025-8858 (Clinic Image System developed by Changing has a SQL Injection vulnerab ...)
@@ -61,11 +61,11 @@ CVE-2025-8858 (Clinic Image System developed by Changing has a SQL Injection vul
 CVE-2025-8857 (Clinic Image System developed by Changing contains hard-coded Credenti ...)
 	TODO: check
 CVE-2025-8619 (The OSM Map Widget for Elementor plugin for WordPress is vulnerable to ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2025-8290 (The List Subpages plugin for WordPress is vulnerable to Stored Cross-S ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2025-8147 (The LWSCache plugin for WordPress is vulnerable to unauthorized modifi ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2025-58333
 	REJECTED
 CVE-2025-58332
@@ -101,27 +101,27 @@ CVE-2025-53507 (Multiple products provided by iND Co.,Ltd contain an insecure st
 CVE-2025-48979 (An Improper Input Validation in UISP Application could allow a Command ...)
 	TODO: check
 CVE-2025-43284 (An out-of-bounds read was addressed with improved bounds checking. Thi ...)
-	TODO: check
+	NOT-FOR-US: Apple
 CVE-2025-43268 (A permissions issue was addressed with additional restrictions. This i ...)
-	TODO: check
+	NOT-FOR-US: Apple
 CVE-2025-43255 (An out-of-bounds read was addressed with improved bounds checking. Thi ...)
-	TODO: check
+	NOT-FOR-US: Apple
 CVE-2025-43187 (This issue was addressed by removing the vulnerable code. This issue i ...)
-	TODO: check
+	NOT-FOR-US: Apple
 CVE-2025-39247 (There is an Access Control Vulnerability in some HikCentral Profession ...)
-	TODO: check
+	NOT-FOR-US: Hikvision
 CVE-2025-39246 (There is an Unquoted Service Path Vulnerability in some HikCentral Foc ...)
-	TODO: check
+	NOT-FOR-US: Hikvision
 CVE-2025-39245 (There is a CSV Injection Vulnerability in some HikCentral Master Lite  ...)
-	TODO: check
+	NOT-FOR-US: Hikvision
 CVE-2024-54568 (The issue was addressed with improved memory handling. This issue is f ...)
-	TODO: check
+	NOT-FOR-US: Apple
 CVE-2024-54554 (This issue was addressed with improved handling of symlinks. This issu ...)
-	TODO: check
+	NOT-FOR-US: Apple
 CVE-2024-44271 (The issue was addressed with improved checks. This issue is fixed in m ...)
-	TODO: check
+	NOT-FOR-US: Apple
 CVE-2024-13987 (Improper neutralization of input during web page generation ('Cross-si ...)
-	TODO: check
+	NOT-FOR-US: Synology
 CVE-2025-40927 (CGI::Simple versions before 1.282 for Perl has a HTTP response splitti ...)
 	- libcgi-simple-perl 1.282-1
 	[trixie] - libcgi-simple-perl <no-dsa> (Minor issue)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/ea61183a5de00fd02ca73026634e9d477db69228

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/ea61183a5de00fd02ca73026634e9d477db69228
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20250829/65224874/attachment.htm>

More information about the debian-security-tracker-commits mailing list