[Git][security-tracker-team/security-tracker][master] automatic NOT-FOR-US entries update

Salvatore Bonaccorso (@carnil) carnil at debian.org
Thu Sep 11 21:15:51 BST 2025 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
d29b7091 by security tracker role at 2025-09-11T20:13:32+00:00
automatic NOT-FOR-US entries update

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,17 +1,17 @@
 CVE-2025-9319 (A potential vulnerability was reported in the Lenovo Wallpaper Client  ...)
-	TODO: check
+	NOT-FOR-US: Lenovo
 CVE-2025-9214 (A missing authentication vulnerability was reported in some Lenovo pri ...)
-	TODO: check
+	NOT-FOR-US: Lenovo
 CVE-2025-9201 (A potential DLL hijacking vulnerability was discovered in Lenovo Brows ...)
-	TODO: check
+	NOT-FOR-US: Lenovo
 CVE-2025-9018 (The Time Tracker plugin for WordPress is vulnerable to unauthorized mo ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2025-8716 (In Content Management versions 20.4- 25.3 authenticated attackers may  ...)
-	TODO: check
+	NOT-FOR-US: OpenText
 CVE-2025-8557 (An internal product security audit of Lenovo XClarity Orchestrator (LX ...)
-	TODO: check
+	NOT-FOR-US: Lenovo
 CVE-2025-8061 (A potential insufficient access control vulnerability was reported in  ...)
-	TODO: check
+	NOT-FOR-US: Lenovo
 CVE-2025-59055 (InstantCMS is a free and open source content management system. A blin ...)
 	TODO: check
 CVE-2025-59053 (AIRI is a self-hosted, artificial intelligence based Grok Companion. I ...)
@@ -19,9 +19,9 @@ CVE-2025-59053 (AIRI is a self-hosted, artificial intelligence based Grok Compan
 CVE-2025-59047 (matrix-sdk-base is the base component to build a Matrix client library ...)
 	TODO: check
 CVE-2025-58321 (Delta Electronics DIALink has an Directory Traversal Authentication By ...)
-	TODO: check
+	NOT-FOR-US: Delta Electronics
 CVE-2025-58320 (Delta Electronics DIALink has an Directory Traversal Authentication By ...)
-	TODO: check
+	NOT-FOR-US: Delta Electronics
 CVE-2025-58065 (Flask-AppBuilder is an application development framework. Prior to ver ...)
 	TODO: check
 CVE-2025-56556 (An issue was discovered in Subrion CMS 4.2.1, allowing authenticated a ...)
@@ -35,27 +35,27 @@ CVE-2025-48039 (Allocation of Resources Without Limits or Throttling vulnerabili
 CVE-2025-48038 (Allocation of Resources Without Limits or Throttling vulnerability in  ...)
 	TODO: check
 CVE-2025-43790 (Insecure Direct Object Reference (IDOR) vulnerability in Liferay Porta ...)
-	TODO: check
+	NOT-FOR-US: Liferay
 CVE-2025-43782 (Insecure Direct Object Reference (IDOR) vulnerability in Liferay Porta ...)
-	TODO: check
+	NOT-FOR-US: Liferay
 CVE-2025-40696 (Stored Cross Site Scripting in Online Fire Reporting System v1.2 by PH ...)
-	TODO: check
+	NOT-FOR-US: PHPGurukul
 CVE-2025-40695 (Stored Cross Site Scripting in Online Fire Reporting System v1.2 by PH ...)
-	TODO: check
+	NOT-FOR-US: PHPGurukul
 CVE-2025-40694 (Stored Cross Site Scripting in Online Fire Reporting System v1.2 by PH ...)
-	TODO: check
+	NOT-FOR-US: PHPGurukul
 CVE-2025-40693 (Stored Cross Site Scripting in Online Fire Reporting System v1.2 by PH ...)
-	TODO: check
+	NOT-FOR-US: PHPGurukul
 CVE-2025-40692 (SQL Injection in Online Fire Reporting System v1.2 by PHPGurukul. This ...)
-	TODO: check
+	NOT-FOR-US: PHPGurukul
 CVE-2025-40691 (SQL Injection in Online Fire Reporting System v1.2 by PHPGurukul. This ...)
-	TODO: check
+	NOT-FOR-US: PHPGurukul
 CVE-2025-40690 (SQL Injection in Online Fire Reporting System v1.2 by PHPGurukul. This ...)
-	TODO: check
+	NOT-FOR-US: PHPGurukul
 CVE-2025-40689 (SQL Injection in Online Fire Reporting System v1.2 by PHPGurukul. This ...)
-	TODO: check
+	NOT-FOR-US: PHPGurukul
 CVE-2025-40687 (SQL Injection in Online Fire Reporting System v1.2 by PHPGurukul. This ...)
-	TODO: check
+	NOT-FOR-US: PHPGurukul
 CVE-2025-26499 (Under heavy system utilization a random race condition can occur durin ...)
 	TODO: check
 CVE-2025-10255 (A vulnerability was determined in Ascensio System SIA OnlyOffice up to ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/d29b709103f20c7baf5d2829ee04da3536d339a8

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/d29b709103f20c7baf5d2829ee04da3536d339a8
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20250911/053d667b/attachment.htm>

More information about the debian-security-tracker-commits mailing list