[Git][security-tracker-team/security-tracker][master] automatic NOT-FOR-US entries update

Salvatore Bonaccorso (@carnil) carnil at debian.org
Thu Sep 18 09:13:13 BST 2025 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
807baa1f by security tracker role at 2025-09-18T08:12:48+00:00
automatic NOT-FOR-US entries update

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,7 +1,7 @@
 CVE-2025-9083 (The Ninja Forms  WordPress plugin before 3.11.1 unserializes user inpu ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2025-8942 (The WP Hotel Booking WordPress plugin before 2.2.3 lacks proper server ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2025-8006 (Ashlar-Vellum Cobalt XE File Parsing Out-Of-Bounds Read Remote Code Ex ...)
 	TODO: check
 CVE-2025-8005 (Ashlar-Vellum Cobalt XE File Parsing Type Confusion Remote Code Execut ...)
@@ -63,21 +63,21 @@ CVE-2025-7978 (Ashlar-Vellum Graphite VC6 File Parsing Uninitialized Variable Re
 CVE-2025-7977 (Ashlar-Vellum Cobalt LI File Parsing Out-Of-Bounds Read Remote Code Ex ...)
 	TODO: check
 CVE-2025-5305 (The Password Reset with Code for WordPress REST API WordPress plugin b ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2025-59415 (Frappe Learning is a learning system that helps users structure their  ...)
 	TODO: check
 CVE-2025-23337 (NVIDIA HGX & DGX GB200, GB300, B300  contain a vulnerability in the HG ...)
 	TODO: check
 CVE-2025-23336 (NVIDIA Triton Inference Server for Windows and Linux contains a vulner ...)
-	TODO: check
+	NOT-FOR-US: NVIDIA
 CVE-2025-23329 (NVIDIA Triton Inference Server for Windows and Linux contains a vulner ...)
-	TODO: check
+	NOT-FOR-US: NVIDIA
 CVE-2025-23328 (NVIDIA Triton Inference Server for Windows and Linux contains a vulner ...)
-	TODO: check
+	NOT-FOR-US: NVIDIA
 CVE-2025-23316 (NVIDIA Triton Inference Server for Windows and Linux contains a vulner ...)
-	TODO: check
+	NOT-FOR-US: NVIDIA
 CVE-2025-23268 (NVIDIA Triton Inference Server contains a vulnerability in the DALI ba ...)
-	TODO: check
+	NOT-FOR-US: NVIDIA
 CVE-2025-10644 (Wondershare Repairit SAS Token Incorrect Permission Assignment Authent ...)
 	TODO: check
 CVE-2025-10643 (Wondershare Repairit Incorrect Permission Assignment Authentication By ...)
@@ -85,43 +85,43 @@ CVE-2025-10643 (Wondershare Repairit Incorrect Permission Assignment Authenticat
 CVE-2025-10642 (A vulnerability has been found in wangchenyi1996 chat_forum up to 80bd ...)
 	TODO: check
 CVE-2025-10634 (A weakness has been identified in D-Link DIR-823X 240126/240802/250416 ...)
-	TODO: check
+	NOT-FOR-US: D-Link
 CVE-2025-10632 (A security flaw has been discovered in itsourcecode Online Petshop Man ...)
-	TODO: check
+	NOT-FOR-US: itsourcecode System
 CVE-2025-10631 (A vulnerability was identified in itsourcecode Online Petshop Manageme ...)
-	TODO: check
+	NOT-FOR-US: itsourcecode System
 CVE-2025-10629 (A vulnerability was determined in D-Link DIR-852 1.00CN B09. This issu ...)
-	TODO: check
+	NOT-FOR-US: D-Link
 CVE-2025-10628 (A vulnerability was found in D-Link DIR-852 1.00CN B09. This vulnerabi ...)
-	TODO: check
+	NOT-FOR-US: D-Link
 CVE-2025-10627 (A vulnerability has been found in SourceCodester Online Exam Form Subm ...)
-	TODO: check
+	NOT-FOR-US: SourceCodester
 CVE-2025-10626 (A flaw has been found in SourceCodester Online Exam Form Submission 1. ...)
-	TODO: check
+	NOT-FOR-US: SourceCodester
 CVE-2025-10625 (A vulnerability was detected in SourceCodester Online Exam Form Submis ...)
-	TODO: check
+	NOT-FOR-US: SourceCodester
 CVE-2025-10624 (A security flaw has been discovered in PHPGurukul User Management Syst ...)
-	TODO: check
+	NOT-FOR-US: PHPGurukul
 CVE-2025-10623 (A vulnerability was identified in SourceCodester Hotel Reservation Sys ...)
-	TODO: check
+	NOT-FOR-US: SourceCodester
 CVE-2025-10621 (A vulnerability was determined in SourceCodester Hotel Reservation Sys ...)
-	TODO: check
+	NOT-FOR-US: SourceCodester
 CVE-2025-10620 (A flaw has been found in itsourcecode Online Clinic Management System  ...)
-	TODO: check
+	NOT-FOR-US: itsourcecode System
 CVE-2025-10619 (A vulnerability was detected in sequa-ai sequa-mcp up to 1.0.13. This  ...)
 	TODO: check
 CVE-2025-10618 (A security vulnerability has been detected in itsourcecode Online Clin ...)
-	TODO: check
+	NOT-FOR-US: itsourcecode System
 CVE-2025-10617 (A weakness has been identified in SourceCodester Online Polling System ...)
-	TODO: check
+	NOT-FOR-US: SourceCodester
 CVE-2025-10616 (A security flaw has been discovered in itsourcecode E-Commerce Website ...)
 	TODO: check
 CVE-2025-10493 (The Chained Quiz plugin for WordPress is vulnerable to Insecure Direct ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2023-49565 (The cbis_manager Podman container is vulnerable to remote command exec ...)
-	TODO: check
+	NOT-FOR-US: Nokia
 CVE-2023-49564 (The CBIS/NCS Manager API is vulnerable to an authentication bypass. By ...)
-	TODO: check
+	NOT-FOR-US: Nokia
 CVE-2025-9862 (Server-Side Request Forgery (SSRF) vulnerability in Ghost allows an at ...)
 	- ghost <itp> (bug #892150)
 CVE-2025-8999 (The Sydney theme for WordPress is vulnerable to unauthorized modificat ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/807baa1f83a586091f3205d98d63ec79c32e0c40

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/807baa1f83a586091f3205d98d63ec79c32e0c40
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20250918/00bd6ab7/attachment.htm>

More information about the debian-security-tracker-commits mailing list