[Git][security-tracker-team/security-tracker][master] automatic NOT-FOR-US entries update

Salvatore Bonaccorso (@carnil) carnil at debian.org
Tue Sep 2 21:13:48 BST 2025 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
cbc1147f by security tracker role at 2025-09-02T20:13:42+00:00
automatic NOT-FOR-US entries update

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,9 +1,9 @@
 CVE-2025-9830 (A security flaw has been discovered in PHPGurukul Beauty Parlour Manag ...)
-	TODO: check
+	NOT-FOR-US: PHPGurukul
 CVE-2025-9829 (A vulnerability was identified in PHPGurukul Beauty Parlour Management ...)
-	TODO: check
+	NOT-FOR-US: PHPGurukul
 CVE-2025-9828 (A vulnerability was determined in Tenda CP6 11.10.00.243. The affected ...)
-	TODO: check
+	NOT-FOR-US: Tenda
 CVE-2025-9784 (A flaw was found in Undertow where malformed client requests can trigg ...)
 	TODO: check
 CVE-2025-9696 (The SunPower PVS6's BluetoothLE interface is vulnerable due to its use ...)
@@ -19,9 +19,9 @@ CVE-2025-9274 (Oxford Instruments Imaris Viewer IMS File Parsing Uninitialized P
 CVE-2025-9273 (CData API Server MySQL Misconfiguration Information Disclosure Vulnera ...)
 	TODO: check
 CVE-2025-9189 (There is an out of bounds write vulnerability due to improper bounds c ...)
-	TODO: check
+	NOT-FOR-US: National Instruments
 CVE-2025-9188 (There is a deserialization of untrusted data vulnerability in Digilent ...)
-	TODO: check
+	NOT-FOR-US: National Instruments
 CVE-2025-8614 (NoMachine Uncontrolled Search Path Element Local Privilege Escalation  ...)
 	TODO: check
 CVE-2025-8613 (Vacron Camera ping Command Injection Remote Code Execution Vulnerabili ...)
@@ -49,15 +49,15 @@ CVE-2025-6519 (E3 Site Supervisor (firmware version < 2.31F01) has a default adm
 CVE-2025-5662 (A deserialization vulnerability exists in the H2O-3 REST API (POST /99 ...)
 	TODO: check
 CVE-2025-57778 (There is an out of bounds write vulnerability due to improper bounds c ...)
-	TODO: check
+	NOT-FOR-US: National Instruments
 CVE-2025-57777 (There is an out of bounds write vulnerability due to improper bounds c ...)
-	TODO: check
+	NOT-FOR-US: National Instruments
 CVE-2025-57776 (There is an out of bounds write vulnerability due to improper bounds c ...)
-	TODO: check
+	NOT-FOR-US: National Instruments
 CVE-2025-57775 (There is a heap-based Buffer Overflow vulnerability due to improper bo ...)
-	TODO: check
+	NOT-FOR-US: National Instruments
 CVE-2025-57774 (There is an out of bounds write vulnerability due to improper bounds c ...)
-	TODO: check
+	NOT-FOR-US: National Instruments
 CVE-2025-57616 (An issue was discovered in rust-ffmpeg 0.3.0 (after comit 5ac0527) A u ...)
 	TODO: check
 CVE-2025-57615 (An issue was discovered in rust-ffmpeg 0.3.0 (after comit 5ac0527) An  ...)
@@ -73,7 +73,7 @@ CVE-2025-57611 (An issue was discovered in rust-ffmpeg 0.3.0 (after comit 5ac052
 CVE-2025-57140 (rsbi-pom 4.7 is vulnerable to SQL Injection in the /bi/service/model/D ...)
 	TODO: check
 CVE-2025-56254 (PHPGurukul Employee Leave Management System 2.1 contains an Insecure D ...)
-	TODO: check
+	NOT-FOR-US: PHPGurukul
 CVE-2025-55824 (ModStartCMS v9.5.0 has an arbitrary file write vulnerability, which al ...)
 	TODO: check
 CVE-2025-55476 (FireShare FileShare 1.2.25 contains a time-based blind SQL injection v ...)
@@ -111,9 +111,9 @@ CVE-2025-52543 (E3 Site Supervisor Control (firmware version < 2.31F01) applicat
 CVE-2025-51966 (A cross-site scripting (XSS) vulnerability exists in the PDF preview f ...)
 	TODO: check
 CVE-2025-50757 (Wavlink WN535K3 20191010 was found to contain a command injection vuln ...)
-	TODO: check
+	NOT-FOR-US: Wavlink
 CVE-2025-50755 (Wavlink WN535K3 20191010 was found to contain a command injection vuln ...)
-	TODO: check
+	NOT-FOR-US: Wavlink
 CVE-2025-50565 (Doubo ERP 1.0 has an SQL injection vulnerability due to a lack of filt ...)
 	TODO: check
 CVE-2025-46810 (A UNIX Symbolic Link (Symlink) Following vulnerability in the packagin ...)
@@ -121,7 +121,7 @@ CVE-2025-46810 (A UNIX Symbolic Link (Symlink) Following vulnerability in the pa
 CVE-2025-46047 (A User enumeration vulnerability in the /CredentialsServlet/ForgotPass ...)
 	TODO: check
 CVE-2025-43726 (Dell Alienware Command Center 5.x (AWCC), versions prior to 5.10.2.0,  ...)
-	TODO: check
+	NOT-FOR-US: Dell / EMC
 CVE-2025-41690 (A low-privileged attacker in bluetooth range may be able to access the ...)
 	TODO: check
 CVE-2025-41031 (Lack of authorisation in Deporsite by T-INNOVA. This vulnerability all ...)
@@ -129,7 +129,7 @@ CVE-2025-41031 (Lack of authorisation in Deporsite by T-INNOVA. This vulnerabili
 CVE-2025-41030 (Lack of authorisation in Deporsite by T-INNOVA. This vulnerability all ...)
 	TODO: check
 CVE-2025-36162 (IBM DevOps Deploy / IBM UrbanCode Deploy (UCD) 8.1 before 8.1.2.2 coul ...)
-	TODO: check
+	NOT-FOR-US: IBM
 CVE-2025-32100 (An issue was discovered in Samsung Mobile Processor, Wearable Processo ...)
 	TODO: check
 CVE-2025-32098 (An issue was discovered in Samsung Magician 6.3 through 8.3 on Windows ...)
@@ -149,7 +149,7 @@ CVE-2024-52284 (Unauthorized disclosure of sensitive data: Any user with `GET` o
 CVE-2024-51423 (Cross Site Scripting vulnerability in Infor Global HR GHR v.11.23.03.0 ...)
 	TODO: check
 CVE-2024-48705 (Wavlink AC1200 with firmware versions M32A3_V1410_230602 and M32A3_V14 ...)
-	TODO: check
+	NOT-FOR-US: Wavlink
 CVE-2024-12974 (Improper Neutralization of Input During Web Page Generation (XSS or 'C ...)
 	TODO: check
 CVE-2024-12973 (Origin Validation Error vulnerability in Akinsoft OctoCloud allows HTT ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/cbc1147fc979c5d3ac267169851fee339dde01e4

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/cbc1147fc979c5d3ac267169851fee339dde01e4
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20250902/d3a8ae31/attachment.htm>

More information about the debian-security-tracker-commits mailing list