[Git][security-tracker-team/security-tracker][master] automatic NOT-FOR-US entries update

Salvatore Bonaccorso (@carnil) carnil at debian.org
Thu Sep 18 21:14:04 BST 2025 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
7332a3e0 by security tracker role at 2025-09-18T20:13:56+00:00
automatic NOT-FOR-US entries update

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,7 +1,7 @@
 CVE-2025-9992 (The Ghost Kit \u2013 Page Builder Blocks, Motion Effects & Extensions  ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2025-8565 (The Privacy Policy Generator, Terms & Conditions Generator WordPress P ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2025-6237 (A vulnerability in invokeai version v6.0.0a1 and below allows attacker ...)
 	TODO: check
 CVE-2025-59424 (LinkAce is a self-hosted archive to collect website links. Prior to 2. ...)
@@ -11,7 +11,7 @@ CVE-2025-59421 (Press, a Frappe custom app that runs Frappe Cloud, manages infra
 CVE-2025-59417 (Lobe Chat is an open-source artificial intelligence chat framework. Pr ...)
 	TODO: check
 CVE-2025-59040 (Tuleap is an Open Source Suite to improve management of software devel ...)
-	TODO: check
+	NOT-FOR-US: Tuleap
 CVE-2025-57452 (In realme BackupRestore app v15.1.12_2810c08_250314, improper URI sche ...)
 	TODO: check
 CVE-2025-55912 (An issue in ClipBucket 5.5.0 and prior versions allows an unauthentica ...)
@@ -27,17 +27,17 @@ CVE-2025-40678 (Unrestricted upload vulnerability for dangerous file types on Su
 CVE-2025-40677 (SQL injection vulnerability in Summar Software\xb4s Portal del Emplead ...)
 	TODO: check
 CVE-2025-36146 (IBM Lakehouse (watsonx.data 2.2) could allow an authenticated user to  ...)
-	TODO: check
+	NOT-FOR-US: IBM
 CVE-2025-36143 (IBM Lakehouse (watsonx.data 2.2) could allow an authenticated privileg ...)
-	TODO: check
+	NOT-FOR-US: IBM
 CVE-2025-36139 (IBM Lakehouse (watsonx.data 2.2) is vulnerable to stored cross-site sc ...)
-	TODO: check
+	NOT-FOR-US: IBM
 CVE-2025-26503 (A crafted system call argument can cause memory corruption.)
 	TODO: check
 CVE-2025-10688 (A vulnerability was determined in SourceCodester Pet Grooming Manageme ...)
-	TODO: check
+	NOT-FOR-US: SourceCodester
 CVE-2025-10687 (A vulnerability was found in SourceCodester Responsive E-Learning Syst ...)
-	TODO: check
+	NOT-FOR-US: SourceCodester
 CVE-2025-10676 (A weakness has been identified in fuyang_lipengjun platform 1.0. Affec ...)
 	TODO: check
 CVE-2025-10675 (A security flaw has been discovered in fuyang_lipengjun platform 1.0.  ...)
@@ -45,13 +45,13 @@ CVE-2025-10675 (A security flaw has been discovered in fuyang_lipengjun platform
 CVE-2025-10674 (A vulnerability was identified in fuyang_lipengjun platform 1.0. This  ...)
 	TODO: check
 CVE-2025-10673 (A vulnerability was determined in itsourcecode Student Information Man ...)
-	TODO: check
+	NOT-FOR-US: itsourcecode System
 CVE-2025-10672 (A vulnerability was found in whuan132 AIBattery up to 1.0.9. The affec ...)
 	TODO: check
 CVE-2025-10671 (A vulnerability has been found in youth-is-as-pale-as-poetry e-learnin ...)
 	TODO: check
 CVE-2025-10670 (A flaw has been found in itsourcecode E-Logbook with Health Monitoring ...)
-	TODO: check
+	NOT-FOR-US: itsourcecode System
 CVE-2025-10669 (A vulnerability was detected in Airsonic-Advanced up to 10.6.0. This v ...)
 	TODO: check
 CVE-2025-10668 (A security vulnerability has been detected in itsourcecode Online Disc ...)
@@ -59,25 +59,25 @@ CVE-2025-10668 (A security vulnerability has been detected in itsourcecode Onlin
 CVE-2025-10667 (A weakness has been identified in itsourcecode Online Discussion Forum ...)
 	TODO: check
 CVE-2025-10666 (A security flaw has been discovered in D-Link DIR-825 up to 2.10. Affe ...)
-	TODO: check
+	NOT-FOR-US: D-Link
 CVE-2025-10665 (A vulnerability was identified in kidaze CourseSelectionSystem up to 4 ...)
 	TODO: check
 CVE-2025-10664 (A vulnerability was determined in PHPGurukul Small CRM 4.0. This impac ...)
-	TODO: check
+	NOT-FOR-US: PHPGurukul
 CVE-2025-10663 (A vulnerability was found in PHPGurukul Online Course Registration 3.1 ...)
-	TODO: check
+	NOT-FOR-US: PHPGurukul
 CVE-2025-10662 (A vulnerability has been found in SeaCMS up to 13.3. The impacted elem ...)
 	TODO: check
 CVE-2025-10650 (SoftIron HyperCloud 2.5.0 through 2.6.3 may incorrectly add user SSH k ...)
 	TODO: check
 CVE-2025-10207 (Improper Validation of Specified Type of Input vulnerability in ABB FL ...)
-	TODO: check
+	NOT-FOR-US: ABB group
 CVE-2025-0547 (Improper Neutralization of Input During Web Page Generation (XSS or 'C ...)
 	TODO: check
 CVE-2024-48851 (Improper Validation of Specified Type of Input vulnerability in ABB FL ...)
-	TODO: check
+	NOT-FOR-US: ABB group
 CVE-2024-25011 (Ericsson Catalog Manager and Ericsson Order Care APIs do not have auth ...)
-	TODO: check
+	NOT-FOR-US: Ericsson
 CVE-2024-13151 (Authorization Bypass Through User-Controlled SQL Primary Key, CWE - 89 ...)
 	TODO: check
 CVE-2023-49367 (An issue in user interface in Kyocera Command Center RX EXOSYS M5521cd ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/7332a3e012e3d43284b5f8952c4d839dc845879b

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/7332a3e012e3d43284b5f8952c4d839dc845879b
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20250918/01258494/attachment.htm>

More information about the debian-security-tracker-commits mailing list