[Git][security-tracker-team/security-tracker][master] Process some NFUs

Salvatore Bonaccorso (@carnil) carnil at debian.org
Tue Oct 7 08:47:50 BST 2025 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
e864785c by Salvatore Bonaccorso at 2025-10-07T09:47:25+02:00
Process some NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -100,55 +100,55 @@ CVE-2025-36354 (IBM Security Verify Access and IBM Security Verify Access Docker
 CVE-2025-28129 (Phpgurukul Hostel Management System 2.1 is vulnerable to clickjacking.)
 	NOT-FOR-US: PHPGurukul
 CVE-2025-11346 (A vulnerability has been found in ILIAS up to 8.23/9.13/10.1. This aff ...)
-	TODO: check
+	NOT-FOR-US: ILIAS
 CVE-2025-11345 (A flaw has been found in ILIAS up to 8.23/9.13/10.1. Affected by this  ...)
-	TODO: check
+	NOT-FOR-US: ILIAS
 CVE-2025-11344 (A vulnerability was detected in ILIAS up to 8.23/9.13/10.1. Affected b ...)
-	TODO: check
+	NOT-FOR-US: ILIAS
 CVE-2025-11343 (A security vulnerability has been detected in code-projects Student Cr ...)
-	TODO: check
+	NOT-FOR-US: code-projects Student Crud Operation
 CVE-2025-11342 (A weakness has been identified in code-projects Online Course Registra ...)
-	TODO: check
+	NOT-FOR-US: code-projects Online Course Registration
 CVE-2025-11341 (A security flaw has been discovered in Jinher OA up to 2.0. This affec ...)
-	TODO: check
+	NOT-FOR-US: Jinher OA
 CVE-2025-11339 (A vulnerability has been found in D-Link DI-7100G C1 up to 20250928. T ...)
 	NOT-FOR-US: D-Link
 CVE-2025-11338 (A flaw has been found in D-Link DI-7100G C1 up to 20250928. This vulne ...)
 	NOT-FOR-US: D-Link
 CVE-2025-11337 (A vulnerability was detected in Four-Faith Water Conservancy Informati ...)
-	TODO: check
+	NOT-FOR-US: Four-Faith Water Conservancy Information Platform
 CVE-2025-11336 (A security vulnerability has been detected in Four-Faith Water Conserv ...)
-	TODO: check
+	NOT-FOR-US: Four-Faith Water Conservancy Information Platform
 CVE-2025-11335 (A weakness has been identified in D-Link DI-7100G C1 up to 20250928. A ...)
 	NOT-FOR-US: D-Link
 CVE-2025-11334 (A security flaw has been discovered in Campcodes Online Apartment Visi ...)
 	NOT-FOR-US: Campcodes
 CVE-2025-11333 (A vulnerability was identified in langleyfcu Online Banking System up  ...)
-	TODO: check
+	NOT-FOR-US: langleyfcu Online Banking System
 CVE-2025-11332 (A vulnerability was determined in CmsEasy up to 7.7.7. This affects an ...)
-	TODO: check
+	NOT-FOR-US: CmsEasy
 CVE-2025-11331 (A vulnerability was found in IdeaCMS up to 1.8. The impacted element i ...)
-	TODO: check
+	NOT-FOR-US: IdeaCMS
 CVE-2025-11330 (A vulnerability has been found in PHPGurukul Beauty Parlour Management ...)
 	NOT-FOR-US: PHPGurukul
 CVE-2025-11329 (A flaw has been found in code-projects Online Course Registration 1.0. ...)
-	TODO: check
+	NOT-FOR-US: code-projects Online Course Registration
 CVE-2025-11328 (A vulnerability was detected in Tenda AC18 15.03.05.19(6318). This iss ...)
 	NOT-FOR-US: Tenda
 CVE-2025-11327 (A security vulnerability has been detected in Tenda AC18 15.03.05.19(6 ...)
 	NOT-FOR-US: Tenda
 CVE-2025-10363 (Deserialization of Untrusted Data vulnerability in Topal Solutions AG  ...)
-	TODO: check
+	NOT-FOR-US: Topal
 CVE-2025-0609 (Improper Neutralization of Input During Web Page Generation (XSS or 'C ...)
-	TODO: check
+	NOT-FOR-US: Logo Cloud
 CVE-2025-0608 (URL Redirection to Untrusted Site ('Open Redirect') vulnerability in L ...)
-	TODO: check
+	NOT-FOR-US: Logo Cloud
 CVE-2025-0607 (Improper Encoding or Escaping of Output vulnerability in Logo Software ...)
-	TODO: check
+	NOT-FOR-US: Logo Cloud
 CVE-2025-0606 (Authorization Bypass Through User-Controlled Key vulnerability in Logo ...)
-	TODO: check
+	NOT-FOR-US: Logo Cloud
 CVE-2025-0038 (In AMD Zynq UltraScale+ devices, the lack of address validation when e ...)
-	TODO: check
+	NOT-FOR-US: AMD Zynq UltraScale+ devices
 CVE-2023-49886 (IBM Standards Processing Engine 10.0.1.10 could allow a remote attacke ...)
 	NOT-FOR-US: IBM
 CVE-2025-9914 (The credentials of the users stored in the system's local database can ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/e864785c77efa5f8e15bdd17ec74c30e99c68ace

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/e864785c77efa5f8e15bdd17ec74c30e99c68ace
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20251007/4b792015/attachment.htm>

More information about the debian-security-tracker-commits mailing list