[Git][security-tracker-team/security-tracker][master] automatic NOT-FOR-US entries update
Salvatore Bonaccorso (@carnil)
carnil at debian.org
Mon Nov 10 20:14:07 GMT 2025
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
9dd6d042 by security tracker role at 2025-11-10T20:13:43+00:00
automatic NOT-FOR-US entries update
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,61 +1,61 @@
CVE-2025-8768
REJECTED
CVE-2025-64690 (In JetBrains YouTrack before 2025.3.104432 insecure Junie configuratio ...)
- TODO: check
+ NOT-FOR-US: JetBrains
CVE-2025-64689 (In JetBrains YouTrack before 2025.3.104432 misconfiguration in the Jun ...)
- TODO: check
+ NOT-FOR-US: JetBrains
CVE-2025-64688 (In JetBrains YouTrack before 2025.3.104432 missing VCS URL validation ...)
- TODO: check
+ NOT-FOR-US: JetBrains
CVE-2025-64687 (In JetBrains YouTrack before 2025.3.104432 improper access control all ...)
- TODO: check
+ NOT-FOR-US: JetBrains
CVE-2025-64686 (In JetBrains YouTrack before 2025.3.104432 missing user principal clea ...)
- TODO: check
+ NOT-FOR-US: JetBrains
CVE-2025-64685 (In JetBrains YouTrack before 2025.3.104432 missing TLS certificate val ...)
- TODO: check
+ NOT-FOR-US: JetBrains
CVE-2025-64684 (In JetBrains YouTrack before 2025.3.104432 information disclosure was ...)
- TODO: check
+ NOT-FOR-US: JetBrains
CVE-2025-64683 (In JetBrains Hub before 2025.3.104432 information disclosure was possi ...)
- TODO: check
+ NOT-FOR-US: JetBrains
CVE-2025-64682 (In JetBrains Hub before 2025.3.104432 a race condition allowed bypass ...)
- TODO: check
+ NOT-FOR-US: JetBrains
CVE-2025-64681 (In JetBrains Hub before 2025.3.104992 a race condition allowed bypass ...)
- TODO: check
+ NOT-FOR-US: JetBrains
CVE-2025-64457 (In JetBrains dotTrace before 2025.2.5 local privilege escalation possi ...)
- TODO: check
+ NOT-FOR-US: JetBrains
CVE-2025-64456 (In JetBrains ReSharper before 2025.2.4 missing signature verification ...)
- TODO: check
+ NOT-FOR-US: JetBrains
CVE-2025-63835 (A stack-based buffer overflow vulnerability was discovered in Tenda AC ...)
- TODO: check
+ NOT-FOR-US: Tenda
CVE-2025-63834 (A stored cross-site scripting (XSS) vulnerability was discovered in Te ...)
- TODO: check
+ NOT-FOR-US: Tenda
CVE-2025-63712 (Cross-Site Request Forgery (CSRF) in SourceCodester Product Expiry Man ...)
- TODO: check
+ NOT-FOR-US: SourceCodester
CVE-2025-63711 (A Cross-Site Request Forgery (CSRF) vulnerability in the SourceCodeste ...)
- TODO: check
+ NOT-FOR-US: SourceCodester
CVE-2025-63710 (The send_message.php endpoint in SourceCodester Simple Public Chat Roo ...)
- TODO: check
+ NOT-FOR-US: SourceCodester
CVE-2025-63709 (A Cross-Site Scripting (XSS) vulnerability exists in SourceCodester Si ...)
- TODO: check
+ NOT-FOR-US: SourceCodester
CVE-2025-63497 (The patient prescription viewing functionality in his_doc_view_single_ ...)
TODO: check
CVE-2025-63457 (Tenda AX-1803 v1.0.0.1 was discovered to contain a stack overflow via ...)
- TODO: check
+ NOT-FOR-US: Tenda
CVE-2025-63456 (Tenda AX-1803 v1.0.0.1 was discovered to contain a stack overflow via ...)
- TODO: check
+ NOT-FOR-US: Tenda
CVE-2025-63455 (Tenda AX-3 v16.03.12.10_CN was discovered to contain a stack overflow ...)
- TODO: check
+ NOT-FOR-US: Tenda
CVE-2025-63288 (In Open5GS 2.7.6, AMF crashes when receiving an abnormal NGSetupReques ...)
TODO: check
CVE-2025-63154 (TOTOLink A7000R V9.1.0u.6115_B20201022 was discovered to contain a sta ...)
- TODO: check
+ NOT-FOR-US: TOTOLINK
CVE-2025-63153 (TOTOLink A7000R V9.1.0u.6115_B20201022 was discovered to contain a sta ...)
- TODO: check
+ NOT-FOR-US: TOTOLINK
CVE-2025-63152 (Tenda AX3 V16.03.12.10_CN was discovered to contain a stack overflow i ...)
- TODO: check
+ NOT-FOR-US: Tenda
CVE-2025-63149 (Tenda AX3 V16.03.12.10_CN was discovered to contain a stack overflow i ...)
- TODO: check
+ NOT-FOR-US: Tenda
CVE-2025-63147 (Tenda AX3 V16.03.12.10_CN was discovered to contain a stack overflow i ...)
- TODO: check
+ NOT-FOR-US: Tenda
CVE-2025-60876 (BusyBox wget thru 1.3.7 accepted raw CR (0x0D)/LF (0x0A) and other C0 ...)
TODO: check
CVE-2025-56503 (An issue in Sublime HQ Pty Ltd Sublime Text 4 4200 allows authenticate ...)
@@ -67,9 +67,9 @@ CVE-2025-47773 (Combodo iTop is a web based IT service management tool. Versions
CVE-2025-47286 (Combodo iTop is a web based IT service management tool. In versions pr ...)
TODO: check
CVE-2025-46430 (Dell Display and Peripheral Manager, versions prior to 2.1.2.12, conta ...)
- TODO: check
+ NOT-FOR-US: Dell / EMC
CVE-2025-43723 (Dell PowerScale OneFS, versions prior to 9.10.1.3 and versions 9.11.0. ...)
- TODO: check
+ NOT-FOR-US: Dell / EMC
CVE-2025-43079 (The Qualys Cloud Agent included a bundled uninstall script (qagent_uni ...)
TODO: check
CVE-2025-41107 (Stored Cross Site Scripting (XSS) vulnerability in Smart School 7.0 du ...)
@@ -77,13 +77,13 @@ CVE-2025-41107 (Stored Cross Site Scripting (XSS) vulnerability in Smart School
CVE-2025-41001 (Cross Site Scripting (XSS) vulnerability stored in SOPlanning v1.53.02 ...)
TODO: check
CVE-2025-33150 (IBM Cognos Analytics Certified Containers 12.1.0 could disclose packag ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2025-12967 (An issue in AWS Wrappers for Amazon Aurora PostgreSQL may allow for pr ...)
- TODO: check
+ NOT-FOR-US: Amazon
CVE-2025-12939 (A security flaw has been discovered in SourceCodester Interview Manage ...)
- TODO: check
+ NOT-FOR-US: SourceCodester
CVE-2025-12938 (A vulnerability was identified in projectworlds Online Admission Syste ...)
- TODO: check
+ NOT-FOR-US: Project Worlds
CVE-2025-12480 (Triofox versions prior to 16.7.10368.56560, are vulnerable to an Impro ...)
TODO: check
CVE-2025-12409 (A SQL injection vulnerability was discovered in Looker Studio that all ...)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/9dd6d04213108ba12941ca99e4515d1af7c6002c
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/9dd6d04213108ba12941ca99e4515d1af7c6002c
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20251110/08dcaf53/attachment.htm>
More information about the debian-security-tracker-commits
mailing list