[Git][security-tracker-team/security-tracker][master] automatic NOT-FOR-US entries update

Salvatore Bonaccorso (@carnil) carnil at debian.org
Mon Oct 6 21:13:51 BST 2025 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
08fca5aa by security tracker role at 2025-10-06T20:13:44+00:00
automatic NOT-FOR-US entries update

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -83,17 +83,17 @@ CVE-2025-57247 (The BATBToken smart contract (address 0xfbf1388408670c02f0dbbb74
 CVE-2025-56382 (A stored Cross-site scripting (XSS) vulnerability exists in the Custom ...)
 	TODO: check
 CVE-2025-52472 (XWiki Platform is a generic wiki platform offering runtime services fo ...)
-	TODO: check
+	NOT-FOR-US: XWiki
 CVE-2025-49594 (XWiki OIDC has various tools to manipulate OpenID Connect protocol in  ...)
-	TODO: check
+	NOT-FOR-US: XWiki
 CVE-2025-36356 (IBM Security Verify Access and IBM Security Verify Access Docker 10.0. ...)
-	TODO: check
+	NOT-FOR-US: IBM
 CVE-2025-36355 (IBM Security Verify Access and IBM Security Verify Access Docker 10.0. ...)
-	TODO: check
+	NOT-FOR-US: IBM
 CVE-2025-36354 (IBM Security Verify Access and IBM Security Verify Access Docker 10.0. ...)
-	TODO: check
+	NOT-FOR-US: IBM
 CVE-2025-28129 (Phpgurukul Hostel Management System 2.1 is vulnerable to clickjacking.)
-	TODO: check
+	NOT-FOR-US: PHPGurukul
 CVE-2025-11346 (A vulnerability has been found in ILIAS up to 8.23/9.13/10.1. This aff ...)
 	TODO: check
 CVE-2025-11345 (A flaw has been found in ILIAS up to 8.23/9.13/10.1. Affected by this  ...)
@@ -107,17 +107,17 @@ CVE-2025-11342 (A weakness has been identified in code-projects Online Course Re
 CVE-2025-11341 (A security flaw has been discovered in Jinher OA up to 2.0. This affec ...)
 	TODO: check
 CVE-2025-11339 (A vulnerability has been found in D-Link DI-7100G C1 up to 20250928. T ...)
-	TODO: check
+	NOT-FOR-US: D-Link
 CVE-2025-11338 (A flaw has been found in D-Link DI-7100G C1 up to 20250928. This vulne ...)
-	TODO: check
+	NOT-FOR-US: D-Link
 CVE-2025-11337 (A vulnerability was detected in Four-Faith Water Conservancy Informati ...)
 	TODO: check
 CVE-2025-11336 (A security vulnerability has been detected in Four-Faith Water Conserv ...)
 	TODO: check
 CVE-2025-11335 (A weakness has been identified in D-Link DI-7100G C1 up to 20250928. A ...)
-	TODO: check
+	NOT-FOR-US: D-Link
 CVE-2025-11334 (A security flaw has been discovered in Campcodes Online Apartment Visi ...)
-	TODO: check
+	NOT-FOR-US: Campcodes
 CVE-2025-11333 (A vulnerability was identified in langleyfcu Online Banking System up  ...)
 	TODO: check
 CVE-2025-11332 (A vulnerability was determined in CmsEasy up to 7.7.7. This affects an ...)
@@ -125,13 +125,13 @@ CVE-2025-11332 (A vulnerability was determined in CmsEasy up to 7.7.7. This affe
 CVE-2025-11331 (A vulnerability was found in IdeaCMS up to 1.8. The impacted element i ...)
 	TODO: check
 CVE-2025-11330 (A vulnerability has been found in PHPGurukul Beauty Parlour Management ...)
-	TODO: check
+	NOT-FOR-US: PHPGurukul
 CVE-2025-11329 (A flaw has been found in code-projects Online Course Registration 1.0. ...)
 	TODO: check
 CVE-2025-11328 (A vulnerability was detected in Tenda AC18 15.03.05.19(6318). This iss ...)
-	TODO: check
+	NOT-FOR-US: Tenda
 CVE-2025-11327 (A security vulnerability has been detected in Tenda AC18 15.03.05.19(6 ...)
-	TODO: check
+	NOT-FOR-US: Tenda
 CVE-2025-10363 (Deserialization of Untrusted Data vulnerability in Topal Solutions AG  ...)
 	TODO: check
 CVE-2025-0609 (Improper Neutralization of Input During Web Page Generation (XSS or 'C ...)
@@ -145,7 +145,7 @@ CVE-2025-0606 (Authorization Bypass Through User-Controlled Key vulnerability in
 CVE-2025-0038 (In AMD Zynq UltraScale+ devices, the lack of address validation when e ...)
 	TODO: check
 CVE-2023-49886 (IBM Standards Processing Engine 10.0.1.10 could allow a remote attacke ...)
-	TODO: check
+	NOT-FOR-US: IBM
 CVE-2025-9914 (The credentials of the users stored in the system's local database can ...)
 	NOT-FOR-US: SICK AG
 CVE-2025-9913 (JavaScript can be ran inside the address bar via the dashboard "Open i ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/08fca5aa25b497c3005ef111a9dc17bb7cdb94d5

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/08fca5aa25b497c3005ef111a9dc17bb7cdb94d5
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20251006/2977138c/attachment.htm>

More information about the debian-security-tracker-commits mailing list