[Git][security-tracker-team/security-tracker][master] automatic NOT-FOR-US entries update

Salvatore Bonaccorso (@carnil) carnil at debian.org
Tue Jun 24 21:17:47 BST 2025 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
5437404c by security tracker role at 2025-06-24T20:17:40+00:00
automatic NOT-FOR-US entries update

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,19 +1,19 @@
 CVE-2025-6579 (A vulnerability was found in code-projects Car Rental System 1.0. It h ...)
-	TODO: check
+	NOT-FOR-US: code-projects
 CVE-2025-6578 (A vulnerability was found in code-projects Simple Online Hotel Reserva ...)
-	TODO: check
+	NOT-FOR-US: code-projects
 CVE-2025-6570 (A vulnerability, which was classified as critical, has been found in P ...)
-	TODO: check
+	NOT-FOR-US: PHPGurukul
 CVE-2025-6569 (A vulnerability classified as problematic was found in code-projects S ...)
-	TODO: check
+	NOT-FOR-US: code-projects
 CVE-2025-6568 (A vulnerability classified as critical has been found in TOTOLINK EX12 ...)
 	TODO: check
 CVE-2025-6567 (A vulnerability was found in Campcodes Online Recruitment Management S ...)
-	TODO: check
+	NOT-FOR-US: Campcodes
 CVE-2025-6566 (A vulnerability was found in oatpp Oat++ up to 1.3.1. It has been decl ...)
 	TODO: check
 CVE-2025-6565 (A vulnerability was found in Netgear WNCE3001 1.0.0.50. It has been cl ...)
-	TODO: check
+	NOT-FOR-US: Netgear
 CVE-2025-6557 (Insufficient data validation in DevTools in Google Chrome on Windows p ...)
 	TODO: check
 CVE-2025-6556 (Insufficient policy enforcement in Loader in Google Chrome prior to 13 ...)
@@ -21,7 +21,7 @@ CVE-2025-6556 (Insufficient policy enforcement in Loader in Google Chrome prior
 CVE-2025-6555 (Use after free in Animation in Google Chrome prior to 138.0.7204.49 al ...)
 	TODO: check
 CVE-2025-6206 (The Aiomatic - Automatic AI Content Writer & Editor, GPT-3 & GPT-4, Ch ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2025-6032 (A flaw was found in Podman. The podman machine init command fails to v ...)
 	TODO: check
 CVE-2025-5318 (A flaw was found in the libssh library. An out-of-bounds read can be t ...)
@@ -43,11 +43,11 @@ CVE-2025-52571 (Hikka is a Telegram userbot. A vulnerability affects all users o
 CVE-2025-52471 (ESF-IDF is the Espressif Internet of Things (IOT) Development Framewor ...)
 	TODO: check
 CVE-2025-50699 (PHPGurukul Online DJ Booking Management System 2.0 is vulnerable to Cr ...)
-	TODO: check
+	NOT-FOR-US: PHPGurukul
 CVE-2025-50695 (PHPGurukul Online DJ Booking Management System 2.0 is vulnerable to Cr ...)
-	TODO: check
+	NOT-FOR-US: PHPGurukul
 CVE-2025-50693 (PHPGurukul Online DJ Booking Management System 2.0 is vulnerable to In ...)
-	TODO: check
+	NOT-FOR-US: PHPGurukul
 CVE-2025-4383 (Improper Restriction of Excessive Authentication Attempts vulnerabilit ...)
 	TODO: check
 CVE-2025-4378 (Cleartext Transmission of Sensitive Information, Use of Hard-coded Cre ...)
@@ -67,15 +67,15 @@ CVE-2025-3092 (An unauthenticated remote attacker can enumerate valid user names
 CVE-2025-3091 (An low privileged remote attacker in possession of the second factor f ...)
 	TODO: check
 CVE-2025-39205 (A vulnerability exists in the IEC 61850 in MicroSCADA X SYS600 product ...)
-	TODO: check
+	NOT-FOR-US: Hitachi Energy
 CVE-2025-39204 (A vulnerability exists in the Web interface of the MicroSCADA X SYS600 ...)
-	TODO: check
+	NOT-FOR-US: Hitachi Energy
 CVE-2025-39203 (A vulnerability exists in the IEC 61850 of the MicroSCADA X SYS600 pro ...)
-	TODO: check
+	NOT-FOR-US: Hitachi Energy
 CVE-2025-39202 (A vulnerability exists in in the Monitor Pro interface of the MicroSCA ...)
-	TODO: check
+	NOT-FOR-US: Hitachi Energy
 CVE-2025-39201 (A vulnerability exists in MicroSCADA X SYS600 product. If exploited th ...)
-	TODO: check
+	NOT-FOR-US: Hitachi Energy
 CVE-2025-36537 (Incorrect Permission Assignment for Critical Resource in the TeamViewe ...)
 	TODO: check
 CVE-2025-32978 (Quest KACE Systems Management Appliance (SMA) 13.0.x before 13.0.385,  ...)
@@ -89,7 +89,7 @@ CVE-2025-32975 (Quest KACE Systems Management Appliance (SMA) 13.0.x before 13.0
 CVE-2025-2566 (Kaleris NAVIS N4 ULC (Ultra Light Client) contains an unsafe Java dese ...)
 	TODO: check
 CVE-2025-2403 (A denial-of-service vulnerability due to improper prioritization of ne ...)
-	TODO: check
+	NOT-FOR-US: Hitachi Energy
 CVE-2025-27828 (A vulnerability in the legacy chat component of Mitel MiContact Center ...)
 	TODO: check
 CVE-2025-27827 (A vulnerability in the legacy chat component of Mitel MiContact Center ...)
@@ -101,7 +101,7 @@ CVE-2025-23264 (NVIDIA Megatron-LM for all platforms contains a vulnerability in
 CVE-2025-23260 (NVIDIA AIStore contains a vulnerability in the AIS Operator where a us ...)
 	TODO: check
 CVE-2025-1718 (An authenticated user with file access privilege via FTP access can ca ...)
-	TODO: check
+	NOT-FOR-US: Hitachi Energy
 CVE-2024-56918 (In Netbox Community 4.1.7, the login page is vulnerable to cross-site  ...)
 	TODO: check
 CVE-2024-56917 (Netbox Community 4.1.7 is vulnerable to Cross Site Scripting (XSS) via ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/5437404cd279219152024769659d95f3295cea9b

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/5437404cd279219152024769659d95f3295cea9b
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20250624/6af96f0c/attachment.htm>

More information about the debian-security-tracker-commits mailing list