[Git][security-tracker-team/security-tracker][master] Process some NFUs

Salvatore Bonaccorso (@carnil) carnil at debian.org
Tue Sep 30 21:30:34 BST 2025 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
87ecea5d by Salvatore Bonaccorso at 2025-09-30T22:29:40+02:00
Process some NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -27,11 +27,11 @@ CVE-2025-6033 (There is a memory corruption vulnerability due to an out of bound
 CVE-2025-57852 (A container privilege escalation flaw was found in KServe ModelMesh co ...)
 	TODO: check
 CVE-2025-57254 (An SQL injection vulnerability in user-login.php and index.php of Kart ...)
-	TODO: check
+	NOT-FOR-US: Karthikg1908 Hospital Management System (HMS)
 CVE-2025-56676 (TitanSystems Zender v3.9.7 contains an account takeover vulnerability  ...)
-	TODO: check
+	NOT-FOR-US: TitanSystems Zender
 CVE-2025-56675 (The EKEN video doorbell T6 BT60PLUS_MAIN_V1.0_GC1084_20230531 periodic ...)
-	TODO: check
+	NOT-FOR-US: EKEN video doorbell
 CVE-2025-56572 (An issue in finance.js v.4.1.0 allows a remote attacker to cause a den ...)
 	TODO: check
 CVE-2025-56571 (Finance.js v4.1.0 contains a Denial of Service (DoS) vulnerability via ...)
@@ -39,11 +39,11 @@ CVE-2025-56571 (Finance.js v4.1.0 contains a Denial of Service (DoS) vulnerabili
 CVE-2025-56520 (Dify v1.6.0 was discovered to contain a Server-Side Request Forgery (S ...)
 	TODO: check
 CVE-2025-56513 (NiceHash QuickMiner 6.12.0 perform software updates over HTTP without  ...)
-	TODO: check
+	NOT-FOR-US: NiceHash QuickMiner
 CVE-2025-56392 (An Insecure Direct Object Reference (IDOR) in the /dashboard/notes end ...)
-	TODO: check
+	NOT-FOR-US: Syaqui Collegetivity
 CVE-2025-56301 (An issue was discovered in Chipsalliance Rocket-Chip commit f517abbf41 ...)
-	TODO: check
+	NOT-FOR-US: Chipsalliance Rocket-Chip
 CVE-2025-56207 (A security flaw in the '_transfer' function of a smart contract implem ...)
 	TODO: check
 CVE-2025-56200 (A URL validation bypass vulnerability exists in validator.js through v ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/87ecea5d605be908448a9f79d0b8f5670089f5d6

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/87ecea5d605be908448a9f79d0b8f5670089f5d6
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20250930/2f73aafa/attachment.htm>

More information about the debian-security-tracker-commits mailing list