[Git][security-tracker-team/security-tracker][master] Process some NFUs

Salvatore Bonaccorso (@carnil) carnil at debian.org
Tue Oct 21 09:35:17 BST 2025 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
0a0a01cf by Salvatore Bonaccorso at 2025-10-21T10:34:57+02:00
Process some NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -3,13 +3,13 @@ CVE-2025-9133 (A missing authorization vulnerability in Zyxel ATP series firmwar
 CVE-2025-8078 (A post-authentication command injection vulnerability in Zyxel ATP ser ...)
 	NOT-FOR-US: Zyxel
 CVE-2025-7851 (An attacker may obtain the root shell on the underlying OS system with ...)
-	TODO: check
+	NOT-FOR-US: TP-Link
 CVE-2025-7850 (A command injection vulnerability may be exploited after the admin's a ...)
-	TODO: check
+	NOT-FOR-US: TP-Link
 CVE-2025-6542 (An arbitrary OS command may be executed on the product by a remote una ...)
-	TODO: check
+	NOT-FOR-US: TP-Link
 CVE-2025-6541 (An arbitrary OS command may be executed on the product by the user who ...)
-	TODO: check
+	NOT-FOR-US: TP-Link
 CVE-2025-62702 (Improper Neutralization of Input During Web Page Generation (XSS or 'C ...)
 	TODO: check
 CVE-2025-62701 (Improper Neutralization of Input During Web Page Generation (XSS or 'C ...)
@@ -45,13 +45,13 @@ CVE-2025-62657 (Improper Neutralization of Input During Web Page Generation (XSS
 CVE-2025-62656 (Improper Neutralization of Input During Web Page Generation (XSS or 'C ...)
 	TODO: check
 CVE-2025-61303 (Hatching Triage Sandbox Windows 10 build 2004 (2025-08-14) and Windows ...)
-	TODO: check
+	NOT-FOR-US: Hatching Triage Sandbox
 CVE-2025-61301 (Denial-of-analysis in reporting/mongodb.py and reporting/jsondump.py i ...)
-	TODO: check
+	NOT-FOR-US: CAPEv2
 CVE-2025-60783 (There is a SQL injection vulnerability in Restaurant Management System ...)
-	TODO: check
+	NOT-FOR-US: Restaurant Management System DBMS Project
 CVE-2025-60781 (PHP Education Manager v1.0 is vulnerable to Cross Site Scripting (XSS) ...)
-	TODO: check
+	NOT-FOR-US: PHP Education Manager
 CVE-2025-54764 (Mbed TLS before 3.6.5 allows a local timing attack against certain RSA ...)
 	TODO: check
 CVE-2025-26392 (SolarWinds Observability Self-Hosted is susceptible to SQL injection v ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/0a0a01cfe50594ed292e8e03660764d56991828b

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/0a0a01cfe50594ed292e8e03660764d56991828b
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20251021/bc97dc64/attachment.htm>

More information about the debian-security-tracker-commits mailing list