[Git][security-tracker-team/security-tracker][master] automatic NOT-FOR-US entries update

Salvatore Bonaccorso (@carnil) carnil at debian.org
Fri Jul 25 21:13:58 BST 2025 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
bc2e0e9a by security tracker role at 2025-07-25T20:13:52+00:00
automatic NOT-FOR-US entries update

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -3,13 +3,13 @@ CVE-2025-8197 (A global buffer overflow vulnerability was found in the soup_head
 CVE-2025-8183 (NULL Pointer Dereference in \xb5D3TN via non-singleton destination End ...)
 	TODO: check
 CVE-2025-8168 (A vulnerability was found in D-Link DIR-513 1.10. It has been rated as ...)
-	TODO: check
+	NOT-FOR-US: D-Link
 CVE-2025-8167 (A vulnerability was found in code-projects Church Donation System 1.0. ...)
-	TODO: check
+	NOT-FOR-US: code-projects
 CVE-2025-8166 (A vulnerability was found in code-projects Church Donation System 1.0. ...)
-	TODO: check
+	NOT-FOR-US: code-projects
 CVE-2025-8165 (A vulnerability was found in code-projects Food Review System 1.0 and  ...)
-	TODO: check
+	NOT-FOR-US: code-projects
 CVE-2025-8164 (A vulnerability has been found in code-projects Public Chat Room 1.0 a ...)
 	TODO: check
 CVE-2025-8163 (A vulnerability, which was classified as critical, was found in deerwm ...)
@@ -19,23 +19,23 @@ CVE-2025-8162 (A vulnerability, which was classified as critical, has been found
 CVE-2025-8161 (A vulnerability classified as critical was found in deerwms deer-wms-2 ...)
 	TODO: check
 CVE-2025-8160 (A vulnerability classified as critical has been found in Tenda AC20 up ...)
-	TODO: check
+	NOT-FOR-US: Tenda
 CVE-2025-8159 (A vulnerability was found in D-Link DIR-513 1.0. It has been rated as  ...)
-	TODO: check
+	NOT-FOR-US: D-Link
 CVE-2025-8158 (A vulnerability was found in PHPGurukul Login and User Management Syst ...)
-	TODO: check
+	NOT-FOR-US: PHPGurukul
 CVE-2025-8157 (A vulnerability was found in PHPGurukul User Registration & Login and  ...)
-	TODO: check
+	NOT-FOR-US: PHPGurukul
 CVE-2025-8156 (A vulnerability was found in PHPGurukul User Registration & Login and  ...)
-	TODO: check
+	NOT-FOR-US: PHPGurukul
 CVE-2025-8155 (A vulnerability has been found in D-Link DCS-6010L 1.15.03 and classif ...)
-	TODO: check
+	NOT-FOR-US: D-Link
 CVE-2025-8140 (A vulnerability was found in TOTOLINK A702R 4.0.0-B20230721.1521. It h ...)
-	TODO: check
+	NOT-FOR-US: TOTOLINK
 CVE-2025-8139 (A vulnerability was found in TOTOLINK A702R 4.0.0-B20230721.1521. It h ...)
-	TODO: check
+	NOT-FOR-US: TOTOLINK
 CVE-2025-8138 (A vulnerability was found in TOTOLINK A702R 4.0.0-B20230721.1521 and c ...)
-	TODO: check
+	NOT-FOR-US: TOTOLINK
 CVE-2025-5254 (Improper Neutralization of Input During Web Page Generation (XSS or 'C ...)
 	TODO: check
 CVE-2025-5253 (Allocation of Resources Without Limits or Throttling vulnerability in  ...)
@@ -43,21 +43,21 @@ CVE-2025-5253 (Allocation of Resources Without Limits or Throttling vulnerabilit
 CVE-2025-54596 (Abnormal Security /v1.0/rbac/users_v2/{USER_ID}/ before 2025-02-19 all ...)
 	TODO: check
 CVE-2025-52455 (Server-Side Request Forgery (SSRF) vulnerability in Salesforce Tableau ...)
-	TODO: check
+	NOT-FOR-US: Salesforce
 CVE-2025-52454 (Server-Side Request Forgery (SSRF) vulnerability in Salesforce Tableau ...)
-	TODO: check
+	NOT-FOR-US: Salesforce
 CVE-2025-52453 (Server-Side Request Forgery (SSRF) vulnerability in Salesforce Tableau ...)
-	TODO: check
+	NOT-FOR-US: Salesforce
 CVE-2025-52452 (Improper Limitation of a Pathname to a Restricted Directory ('Path Tra ...)
-	TODO: check
+	NOT-FOR-US: Salesforce
 CVE-2025-52449 (Unrestricted Upload of File with Dangerous Type vulnerability in Sales ...)
-	TODO: check
+	NOT-FOR-US: Salesforce
 CVE-2025-52448 (Authorization Bypass Through User-Controlled Key vulnerability in Sale ...)
-	TODO: check
+	NOT-FOR-US: Salesforce
 CVE-2025-52447 (Authorization Bypass Through User-Controlled Key vulnerability in Sale ...)
-	TODO: check
+	NOT-FOR-US: Salesforce
 CVE-2025-52446 (Authorization Bypass Through User-Controlled Key vulnerability in Sale ...)
-	TODO: check
+	NOT-FOR-US: Salesforce
 CVE-2025-52360 (A Cross-Site Scripting (XSS) vulnerability exists in the OPAC search f ...)
 	TODO: check
 CVE-2025-51411 (A reflected cross-site scripting (XSS) vulnerability exists in Institu ...)
@@ -87,9 +87,9 @@ CVE-2025-44608 (CloudClassroom-PHP Project v1.0 was discovered to contain a SQL
 CVE-2025-43712 (JHipster before v.8.9.0 allows privilege escalation via a modified aut ...)
 	TODO: check
 CVE-2025-3873 (The following APIs for the Silcon Labs SiWx91x prior to vesion 3.4.0 f ...)
-	TODO: check
+	NOT-FOR-US: Silicon Labs
 CVE-2025-3508 (Certain HP DesignJet products may be vulnerable to information disclos ...)
-	TODO: check
+	NOT-FOR-US: HP
 CVE-2025-38467 (In the Linux kernel, the following vulnerability has been resolved:  d ...)
 	TODO: check
 CVE-2025-38466 (In the Linux kernel, the following vulnerability has been resolved:  p ...)
@@ -181,7 +181,7 @@ CVE-2025-30135 (An issue was discovered on IROAD Dashcam FX2 devices. Dumping Fi
 CVE-2025-30086 (CNCF Harbor 2.13.x before 2.13.1 and 2.12.x before 2.12.4 allows infor ...)
 	TODO: check
 CVE-2025-2329 (In high traffic environments, a Silicon Labs OpenThread RCP (see impac ...)
-	TODO: check
+	NOT-FOR-US: Silicon Labs
 CVE-2025-29631 (An issue in Gardyn 4 allows a remote attacker execute arbitrary code)
 	TODO: check
 CVE-2025-29630 (An issue in Gardyn 4 allows a remote attacker with the corresponding s ...)
@@ -199,7 +199,7 @@ CVE-2024-13976 (A DLL injection vulnerability exists in Commvault for Windows 11
 CVE-2024-13975 (A local privilege escalation vulnerability exists in Commvault for Win ...)
 	TODO: check
 CVE-2023-7306 (The Frontend File Manager Plugin plugin for WordPress is vulnerable to ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2023-53155 (goform/formTest in EmbedThis GoAhead 2.5 allows HTML injection via the ...)
 	TODO: check
 CVE-2022-4979 (A cross-site scripting (XSS) vulnerability exists in Sitecore Experien ...)
@@ -215,7 +215,7 @@ CVE-2014-125119 (A filename spoofing vulnerability exists in WinRAR when opening
 CVE-2014-125118 (A command injection vulnerability exists in the eScan Web Management C ...)
 	TODO: check
 CVE-2014-125117 (A stack-based buffer overflow vulnerability in the my_cgi.cgi componen ...)
-	TODO: check
+	NOT-FOR-US: D-Link
 CVE-2014-125116 (A remote code execution vulnerability exists in HybridAuth versions 2. ...)
 	TODO: check
 CVE-2014-125115 (An unauthenticated SQL injection vulnerability exists in Pandora FMS v ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/bc2e0e9a710fb30cfb6d557976b225da9cace58e

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/bc2e0e9a710fb30cfb6d557976b225da9cace58e
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20250725/02c173ec/attachment.htm>

More information about the debian-security-tracker-commits mailing list