[Git][security-tracker-team/security-tracker][master] Process some NFUs

Tue Dec 2 21:12:29 GMT 2025


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
bcfeb86f by Salvatore Bonaccorso at 2025-12-02T22:12:00+01:00
Process some NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -18,27 +18,27 @@ CVE-2025-66399 (Cacti is an open source performance and fault management framewo
 	- cacti 1.2.30+ds1-1
 	NOTE: https://github.com/Cacti/cacti/security/advisories/GHSA-c7rr-2h93-7gjf
 CVE-2025-65896 (SQL injection vulnerability in long2ice assyncmy thru 0.2.10 allows at ...)
-	TODO: check
+	NOT-FOR-US: long2ice assyncmy
 CVE-2025-65881 (Sourcecodester Zoo Management System v1.0 is vulnerable to Cross Site  ...)
 	NOT-FOR-US: SourceCodester
 CVE-2025-65877 (Lvzhou CMS before commit c4ea0eb9cab5f6739b2c87e77d9ef304017ed615 (202 ...)
-	TODO: check
+	NOT-FOR-US: Lvzhou CMS
 CVE-2025-65858 (A Stored Cross-Site Scripting (XSS) vulnerability in Calibre-Web v0.6. ...)
 	TODO: check
 CVE-2025-65844 (EverShop 2.0.1 allows an unauthenticated user to upload files and crea ...)
-	TODO: check
+	NOT-FOR-US: EverShop
 CVE-2025-65656 (dcat-admin v2.2.3-beta and before is vulnerable to file inclusion in a ...)
-	TODO: check
+	NOT-FOR-US: dcat-admin
 CVE-2025-65379 (PHPGurukul Billing System 1.0 is vulnerable to SQL Injection in the /a ...)
 	NOT-FOR-US: PHPGurukul
 CVE-2025-65358 (Edoc-doctor-appointment-system v1.0.1 was discovered to contain SQl in ...)
-	TODO: check
+	NOT-FOR-US: Edoc-doctor-appointment-system
 CVE-2025-65215 (Sourcecodester Web-based Pharmacy Product Management System v1.0 is vu ...)
 	NOT-FOR-US: SourceCodester
 CVE-2025-65187 (A Stored Cross Site Scripting vulnerability exists in CiviCRM before v ...)
 	TODO: check
 CVE-2025-65186 (Grav CMS 1.7.49 is vulnerable to Cross Site Scripting (XSS). The page  ...)
-	TODO: check
+	NOT-FOR-US: Grav CMS
 CVE-2025-65105 (Apptainer is an open source container platform. In Apptainer versions  ...)
 	TODO: check
 CVE-2025-64750 (SingularityCE and SingularityPRO are open source container platforms.  ...)
@@ -46,13 +46,13 @@ CVE-2025-64750 (SingularityCE and SingularityPRO are open source container platf
 CVE-2025-64070 (Sourcecodester Student Grades Management System v1.0 is vulnerable to  ...)
 	NOT-FOR-US: SourceCodester
 CVE-2025-63872 (DeepSeek V3.2 has a Cross Site Scripting (XSS) vulnerability, which al ...)
-	TODO: check
+	NOT-FOR-US: DeepSeek
 CVE-2025-61729 (Within HostnameError.Error(), when constructing an error string, there ...)
 	TODO: check
 CVE-2025-60854 (A vulnerability has been found in D-Link R15 (AX1500) 1.20.01 and belo ...)
 	NOT-FOR-US: D-Link
 CVE-2025-60736 (code-projects Online Medicine Guide 1.0 is vulnerable to SQL Injection ...)
-	TODO: check
+	NOT-FOR-US: code-projects Online Medicine Guide
 CVE-2025-59705 (Entrust nShield Connect XC, nShield 5c, and nShield HSMi through 13.6. ...)
 	TODO: check
 CVE-2025-59704 (Entrust nShield Connect XC, nShield 5c, and nShield HSMi through 13.6. ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/bcfeb86f2beab9bb8664f7fddf2c59f63d3f157b

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/bcfeb86f2beab9bb8664f7fddf2c59f63d3f157b
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20251202/a9f7276c/attachment.htm>
