[Git][security-tracker-team/security-tracker][master] automatic NOT-FOR-US entries update

Salvatore Bonaccorso (@carnil) carnil at debian.org
Mon Jun 16 21:13:46 BST 2025 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
3821b50f by security tracker role at 2025-06-16T20:13:38+00:00
automatic NOT-FOR-US entries update

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -3,23 +3,23 @@ CVE-2025-6179 (Permissions Bypass in Extension Management in Google ChromeOS
 CVE-2025-6177 (Privilege Escalation in MiniOS in Google ChromeOS (16063.45.2 and pote ...)
 	TODO: check
 CVE-2025-6172 (Permission vulnerability in the mobile application (com.afmobi.boompla ...)
-	TODO: check
+	NOT-FOR-US: TECNO Mobile
 CVE-2025-6170 (A flaw was found in the interactive shell of the xmllint command-line  ...)
 	TODO: check
 CVE-2025-6137 (A vulnerability classified as critical has been found in TOTOLINK T10  ...)
 	TODO: check
 CVE-2025-6136 (A vulnerability was found in Projectworlds Life Insurance Management S ...)
-	TODO: check
+	NOT-FOR-US: Project Worlds
 CVE-2025-6135 (A vulnerability was found in Projectworlds Life Insurance Management S ...)
-	TODO: check
+	NOT-FOR-US: Project Worlds
 CVE-2025-6134 (A vulnerability was found in Projectworlds Life Insurance Management S ...)
-	TODO: check
+	NOT-FOR-US: Project Worlds
 CVE-2025-6133 (A vulnerability was found in Projectworlds Life Insurance Management S ...)
-	TODO: check
+	NOT-FOR-US: Project Worlds
 CVE-2025-6132 (A vulnerability has been found in Chanjet CRM 1.0 and classified as cr ...)
 	TODO: check
 CVE-2025-6131 (A vulnerability, which was classified as problematic, was found in Cod ...)
-	TODO: check
+	NOT-FOR-US: CodeAstro
 CVE-2025-6130 (A vulnerability, which was classified as critical, has been found in T ...)
 	TODO: check
 CVE-2025-6129 (A vulnerability classified as critical was found in TOTOLINK EX1200T 4 ...)
@@ -27,19 +27,19 @@ CVE-2025-6129 (A vulnerability classified as critical was found in TOTOLINK EX12
 CVE-2025-6128 (A vulnerability classified as critical has been found in TOTOLINK EX12 ...)
 	TODO: check
 CVE-2025-6127 (A vulnerability was found in PHPGurukul Nipah Virus Testing Management ...)
-	TODO: check
+	NOT-FOR-US: PHPGurukul
 CVE-2025-6126 (A vulnerability was found in PHPGurukul Rail Pass Management System 1. ...)
-	TODO: check
+	NOT-FOR-US: PHPGurukul
 CVE-2025-6125 (A vulnerability was found in PHPGurukul Rail Pass Management System 1. ...)
-	TODO: check
+	NOT-FOR-US: PHPGurukul
 CVE-2025-6124 (A vulnerability was found in code-projects Restaurant Order System 1.0 ...)
-	TODO: check
+	NOT-FOR-US: code-projects
 CVE-2025-6123 (A vulnerability has been found in code-projects Restaurant Order Syste ...)
-	TODO: check
+	NOT-FOR-US: code-projects
 CVE-2025-6122 (A vulnerability, which was classified as critical, was found in code-p ...)
-	TODO: check
+	NOT-FOR-US: code-projects
 CVE-2025-6121 (A vulnerability, which was classified as critical, has been found in D ...)
-	TODO: check
+	NOT-FOR-US: D-Link
 CVE-2025-6120 (A vulnerability classified as critical was found in Open Asset Import  ...)
 	TODO: check
 CVE-2025-6119 (A vulnerability classified as critical has been found in Open Asset Im ...)
@@ -51,17 +51,17 @@ CVE-2025-6117 (A vulnerability was found in Das Parking Management System \u505c
 CVE-2025-6116 (A vulnerability was found in Das Parking Management System \u505c\u8f6 ...)
 	TODO: check
 CVE-2025-6115 (A vulnerability was found in D-Link DIR-619L 2.06B01 and classified as ...)
-	TODO: check
+	NOT-FOR-US: D-Link
 CVE-2025-6114 (A vulnerability has been found in D-Link DIR-619L 2.06B01 and classifi ...)
-	TODO: check
+	NOT-FOR-US: D-Link
 CVE-2025-6113 (A vulnerability, which was classified as critical, was found in Tenda  ...)
-	TODO: check
+	NOT-FOR-US: Tenda
 CVE-2025-6087 (A Server-Side Request Forgery (SSRF) vulnerability was identified in t ...)
 	TODO: check
 CVE-2025-5689 (A flaw was found in the temporary user record that authd uses in the p ...)
 	TODO: check
 CVE-2025-5309 (The chat feature within Remote Support (RS) and Privileged Remote Acce ...)
-	TODO: check
+	NOT-FOR-US: BeyondTrust
 CVE-2025-4748 (Improper Limitation of a Pathname to a Restricted Directory ('Path Tra ...)
 	TODO: check
 CVE-2025-4565 (Any project that uses Protobuf Pure-Python backendto parse untrusted P ...)
@@ -75,7 +75,7 @@ CVE-2025-48988 (Allocation of Resources Without Limits or Throttling vulnerabili
 CVE-2025-48976 (Allocation of resources for multipart headers with insufficient limits ...)
 	TODO: check
 CVE-2025-46710 (Possible kernel exceptions caused by reading and writing kernel heap d ...)
-	TODO: check
+	NOT-FOR-US: Imagination Technologies
 CVE-2025-40729 (Reflected Cross-Site Scripting (XSS) in /customer_support/index.php in ...)
 	TODO: check
 CVE-2025-40728 (SQL injection vulnerability in Customer Support System v1.0. This vuln ...)
@@ -85,23 +85,23 @@ CVE-2025-40727 (A Reflected Cross Site Scripting (XSS) vulnerability was found i
 CVE-2025-40726 (Reflected Cross-Site Scripting (XSS) vulnerability in /pages/search-re ...)
 	TODO: check
 CVE-2025-3602 (Liferay Portal 7.4.0 through 7.4.3.97, and Liferay DXP 2023.Q3.1 throu ...)
-	TODO: check
+	NOT-FOR-US: Liferay
 CVE-2025-3594 (Path traversal vulnerability with the downloading and installation of  ...)
-	TODO: check
+	NOT-FOR-US: Liferay
 CVE-2025-3526 (SessionClicks in Liferay Portal 7.0.0 through 7.4.3.21, and Liferay DX ...)
-	TODO: check
+	NOT-FOR-US: Liferay
 CVE-2025-3464 (A race condition vulnerability exists in Armoury Crate. This vulnerabi ...)
-	TODO: check
+	NOT-FOR-US: ASUS
 CVE-2025-36632 (In Tenable Agent versions prior to 10.8.5 on a Windows host, it was fo ...)
-	TODO: check
+	NOT-FOR-US: Tenable
 CVE-2025-32798 (Conda-build contains commands and tools to build conda packages. Prior ...)
 	TODO: check
 CVE-2025-32797 (Conda-build contains commands and tools to build conda packages. Prior ...)
 	TODO: check
 CVE-2025-2327 (A flaw exists in FlashArray whereby the Key Encryption Key (KEK) is lo ...)
-	TODO: check
+	NOT-FOR-US: Pure Storage
 CVE-2025-2091 (An open redirection vulnerability in M-Files mobile applications for A ...)
-	TODO: check
+	NOT-FOR-US: M-Files
 CVE-2025-25265 (A web application for configuring the controller is accessible at a sp ...)
 	TODO: check
 CVE-2025-25264 (An unauthenticated remote attacker can take advantage of the current o ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/3821b50fdbfd9c6c474bbd274d48fcece3e2c18d

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/3821b50fdbfd9c6c474bbd274d48fcece3e2c18d
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20250616/799ab815/attachment.htm>

More information about the debian-security-tracker-commits mailing list