[Git][security-tracker-team/security-tracker][master] automatic NOT-FOR-US entries update

[Salvatore Bonaccorso (@carnil)]

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
f4528464 by security tracker role at 2025-11-20T20:14:04+00:00
automatic NOT-FOR-US entries update

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,13 +1,13 @@
 CVE-2025-65226 (Tenda AC21 V16.03.08.16 is vulnerable to Buffer Overflow via the devic ...)
-	TODO: check
+	NOT-FOR-US: Tenda
 CVE-2025-65223 (Tenda AC21 V16.03.08.16 is vulnerable to Buffer Overflow via the urls  ...)
-	TODO: check
+	NOT-FOR-US: Tenda
 CVE-2025-65222 (Tenda AC21 V16.03.08.16 is vulnerable to Buffer Overflow via the reboo ...)
-	TODO: check
+	NOT-FOR-US: Tenda
 CVE-2025-65221 (Tenda AC21 V16.03.08.16 is vulnerable to Buffer Overflow via the list  ...)
-	TODO: check
+	NOT-FOR-US: Tenda
 CVE-2025-65220 (Tenda AC21 V16.03.08.16 is vulnerable to Buffer Overflow in: /goform/S ...)
-	TODO: check
+	NOT-FOR-US: Tenda
 CVE-2025-64428 (Dataease is an open source data visualization analysis tool. Versions  ...)
 	TODO: check
 CVE-2025-64185 (Open OnDemand is an open-source HPC portal. Prior to versions 4.0.8 an ...)
@@ -33,7 +33,7 @@ CVE-2025-62724 (Open OnDemand is an open-source HPC portal. Prior to versions 4.
 CVE-2025-62709 (ClipBucket v5 is an open source video sharing platform. In ClipBucket  ...)
 	TODO: check
 CVE-2025-62346 (A Cross-Site Request Forgery (CSRF) vulnerability was identified in HC ...)
-	TODO: check
+	NOT-FOR-US: HCL
 CVE-2025-62297 (SOPlanning is vulnerable to Stored XSS in /projetsendpoint. Malicious  ...)
 	TODO: check
 CVE-2025-62296 (SOPlanning is vulnerable to Stored XSS in /tachesendpoint. Malicious a ...)
@@ -93,13 +93,13 @@ CVE-2025-41075 (Vulnerability in LimeSurvey 6.13.0 in the endpoint /optinthat ca
 CVE-2025-41074 (Vulnerability in LimeSurvey 6.13.0  in the endpoint /optout that cause ...)
 	TODO: check
 CVE-2025-40605 (A Path Traversal vulnerability has been identified in the Email Securi ...)
-	TODO: check
+	NOT-FOR-US: SonicWall
 CVE-2025-40604 (Download of Code Without Integrity Check Vulnerability in the SonicWal ...)
-	TODO: check
+	NOT-FOR-US: SonicWall
 CVE-2025-40601 (A Stack-based buffer overflow vulnerability in the SonicOS SSLVPN serv ...)
-	TODO: check
+	NOT-FOR-US: SonicWall
 CVE-2025-36161 (IBM Concert 1.0.0 through 2.0.0 could allow a remote attacker to obtai ...)
-	TODO: check
+	NOT-FOR-US: IBM
 CVE-2025-35029 (Medical Informatics Engineering Enterprise Health has a stored cross s ...)
 	TODO: check
 CVE-2025-34320 (BASIS BBj versions prior to 25.00 contain a Jetty-served web endpoint  ...)
@@ -107,7 +107,7 @@ CVE-2025-34320 (BASIS BBj versions prior to 25.00 contain a Jetty-served web end
 CVE-2025-13469 (A security vulnerability has been detected in Public Knowledge Project ...)
 	TODO: check
 CVE-2025-13468 (A weakness has been identified in SourceCodester Alumni Management Sys ...)
-	TODO: check
+	NOT-FOR-US: SourceCodester
 CVE-2025-13437 (When zx is invoked with --prefer-local=<path>, the CLI creates a symli ...)
 	TODO: check
 CVE-2025-13425 (A bug in the filesystem traversal fallback path causes fs/diriterate/d ...)
@@ -119,9 +119,9 @@ CVE-2025-12121 (Lite XL versions 2.1.8 and prior contain a vulnerability in the
 CVE-2025-12120 (Lite XL versions 2.1.8 and prior automatically execute the .lite_proje ...)
 	TODO: check
 CVE-2025-11676 (Improper input validation vulnerability in TP-Link System Inc. TL-WR94 ...)
-	TODO: check
+	NOT-FOR-US: TP-Link
 CVE-2025-10571 (Authentication Bypass Using an Alternate Path or Channel vulnerability ...)
-	TODO: check
+	NOT-FOR-US: ABB group
 CVE-2025-0645 (Unrestricted Upload of File with Dangerous Type vulnerability in Narko ...)
 	TODO: check
 CVE-2025-0643 (Improper Neutralization of Input During Web Page Generation (XSS or 'C ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/f4528464735abc6e1b2f4cc40cd2f5307ce4a4d1

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/f4528464735abc6e1b2f4cc40cd2f5307ce4a4d1
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20251120/0eb5f8c9/attachment.htm>