[Git][security-tracker-team/security-tracker][master] automatic NOT-FOR-US entries update

Salvatore Bonaccorso (@carnil) carnil at debian.org
Mon Jun 23 21:13:07 BST 2025 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
40e8ebe5 by security tracker role at 2025-06-23T20:13:00+00:00
automatic NOT-FOR-US entries update

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -9,13 +9,13 @@ CVE-2025-6517 (A vulnerability was found in Dromara MaxKey up to 4.1.7 and class
 CVE-2025-6516 (A vulnerability has been found in HDF5 up to 1.14.6 and classified as  ...)
 	TODO: check
 CVE-2025-6513 (Standard Windows users can access the configuration file for database  ...)
-	TODO: check
+	NOT-FOR-US: Bizerba
 CVE-2025-6512 (On a client with a non-admin user, a script can be integrated into a r ...)
-	TODO: check
+	NOT-FOR-US: Bizerba
 CVE-2025-6511 (A vulnerability classified as critical has been found in Netgear EX615 ...)
-	TODO: check
+	NOT-FOR-US: Netgear
 CVE-2025-6510 (A vulnerability was found in Netgear EX6100 1.0.2.28_1.1.138. It has b ...)
-	TODO: check
+	NOT-FOR-US: Netgear
 CVE-2025-6509 (A vulnerability was found in seaswalker spring-analysis up to 4379cce8 ...)
 	TODO: check
 CVE-2025-52969 (ClickHouse 25.7.1.557 allows low-privileged users to execute shell com ...)
@@ -41,21 +41,21 @@ CVE-2025-52921 (In Innoshop through 0.4.1, an authenticated attacker could explo
 CVE-2025-52920 (Innoshop through 0.4.1 allows Insecure Direct Object Reference (IDOR)  ...)
 	TODO: check
 CVE-2025-52879 (In JetBrains TeamCity before 2025.03.3 reflected XSS in the NPM Regist ...)
-	TODO: check
+	NOT-FOR-US: JetBrains
 CVE-2025-52878 (In JetBrains TeamCity before 2025.03.3 usernames were exposed to the u ...)
-	TODO: check
+	NOT-FOR-US: JetBrains
 CVE-2025-52877 (In JetBrains TeamCity before 2025.03.3 reflected XSS on diskUsageBuild ...)
-	TODO: check
+	NOT-FOR-US: JetBrains
 CVE-2025-52876 (In JetBrains TeamCity before 2025.03.3 reflected XSS on the favoriteIc ...)
-	TODO: check
+	NOT-FOR-US: JetBrains
 CVE-2025-52875 (In JetBrains TeamCity before 2025.03.3 a DOM-based XSS at the Performa ...)
-	TODO: check
+	NOT-FOR-US: JetBrains
 CVE-2025-52542
 	REJECTED
 CVE-2025-50349 (PHPGurukul Pre-School Enrollment System Project V1.0 is vulnerable to  ...)
-	TODO: check
+	NOT-FOR-US: PHPGurukul
 CVE-2025-50348 (PHPGurukul Pre-School Enrollment System Project V1.0 is vulnerable to  ...)
-	TODO: check
+	NOT-FOR-US: PHPGurukul
 CVE-2025-49574 (Quarkus is a Cloud Native, (Linux) Container First framework for writi ...)
 	TODO: check
 CVE-2025-49144 (Notepad++ is a free and open-source source code editor. In versions 8. ...)
@@ -63,7 +63,7 @@ CVE-2025-49144 (Notepad++ is a free and open-source source code editor. In versi
 CVE-2025-49126 (Visionatrix is an AI Media processing tool using ComfyUI. In versions  ...)
 	TODO: check
 CVE-2025-48700 (An issue was discovered in Zimbra Collaboration (ZCS) 8.8.15 and 9.0 a ...)
-	TODO: check
+	NOT-FOR-US: Zimbra
 CVE-2025-48026 (A vulnerability in the WebApl component of Mitel OpenScape Xpressions  ...)
 	TODO: check
 CVE-2025-46101 (SQL Injection vulnerability in Beakon Software Beakon Learning Managem ...)
@@ -79,9 +79,9 @@ CVE-2025-27387 (OPPO Clone Phone uses a weak password WiFi hotspot to transfer f
 CVE-2025-23049 (Meridian Technique Materialise OrthoView through 7.5.1 allows OS Comma ...)
 	TODO: check
 CVE-2024-45347 (An unauthorized access vulnerability exists in the Xiaomi Mi Connect S ...)
-	TODO: check
+	NOT-FOR-US: Xiaomi
 CVE-2024-3511 (An incorrect authorization vulnerability exists in multiple WSO2 produ ...)
-	TODO: check
+	NOT-FOR-US: WSO2
 CVE-2023-50450 (An issue was discovered in Sensopart VISOR Vision Sensors before 2.10. ...)
 	TODO: check
 CVE-2023-48978 (An issue in NCR ITM Web terminal v.4.4.0 and v.4.4.4 allows a remote a ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/40e8ebe5b75b9fd13c9cbd3d80f27d595ecd73a6

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/40e8ebe5b75b9fd13c9cbd3d80f27d595ecd73a6
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20250623/abf544b3/attachment.htm>

More information about the debian-security-tracker-commits mailing list