[Git][security-tracker-team/security-tracker][master] automatic NOT-FOR-US entries update

Salvatore Bonaccorso (@carnil) Tue, 22 Jul 2025 13:14:25 -0700


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker



Commits:
52085303 by security tracker role at 2025-07-22T20:14:09+00:00
automatic NOT-FOR-US entries update

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,17 +1,17 @@
 CVE-2025-8019 (A vulnerability was found in Shenzhen Libituo Technology 
LBT-T300-T310 ...)
        TODO: check
 CVE-2025-8018 (A vulnerability was found in code-projects Food Ordering Review 
System ...)
-       TODO: check
+       NOT-FOR-US: code-projects
 CVE-2025-8017 (A vulnerability was found in Tenda AC7 15.03.06.44. It has been 
classi ...)
-       TODO: check
+       NOT-FOR-US: Tenda
 CVE-2025-8015 (The WP Shortcodes Plugin \u2014 Shortcodes Ultimate plugin for 
WordPre ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2025-7953 (A vulnerability, which was classified as problematic, has been 
found i ...)
        TODO: check
 CVE-2025-7952 (A vulnerability classified as critical was found in TOTOLINK T6 
4.1.5c ...)
        TODO: check
 CVE-2025-7951 (A vulnerability classified as problematic has been found in 
code-proje ...)
-       TODO: check
+       NOT-FOR-US: code-projects
 CVE-2025-7950 (A vulnerability was found in code-projects Public Chat Room 
1.0. It ha ...)
        TODO: check
 CVE-2025-7949 (A vulnerability was found in Sanluan PublicCMS up to 
5.202506.a. It ha ...)
@@ -21,17 +21,17 @@ CVE-2025-7948 (A vulnerability classified as problematic 
was found in jshERP up
 CVE-2025-7947 (A vulnerability classified as critical has been found in jshERP 
up to  ...)
        TODO: check
 CVE-2025-7946 (A vulnerability was found in PHPGurukul Apartment Visitors 
Management  ...)
-       TODO: check
+       NOT-FOR-US: PHPGurukul
 CVE-2025-7945 (A vulnerability was found in D-Link DIR-513 up to 20190831. It 
has bee ...)
-       TODO: check
+       NOT-FOR-US: D-Link
 CVE-2025-7944 (A vulnerability was found in PHPGurukul Taxi Stand Management 
System 1 ...)
-       TODO: check
+       NOT-FOR-US: PHPGurukul
 CVE-2025-7943 (A vulnerability was found in PHPGurukul Taxi Stand Management 
System 1 ...)
-       TODO: check
+       NOT-FOR-US: PHPGurukul
 CVE-2025-7942 (A vulnerability has been found in PHPGurukul Taxi Stand 
Management Sys ...)
-       TODO: check
+       NOT-FOR-US: PHPGurukul
 CVE-2025-7941 (A vulnerability, which was classified as problematic, was found 
in PHP ...)
-       TODO: check
+       NOT-FOR-US: PHPGurukul
 CVE-2025-7940 (A vulnerability was found in Genshin Albedo Cat House App 1.0.2 
on And ...)
        TODO: check
 CVE-2025-7939 (A vulnerability was found in jerryshensjf JPACookieShop 
\u86cb\u7cd5\u ...)
@@ -41,43 +41,43 @@ CVE-2025-7900 (The femanager extension for TYPO3 allows 
Insecure Direct Object R
 CVE-2025-7899 (The powermail extension for TYPO3 allows Insecure Direct Object 
Refere ...)
        TODO: check
 CVE-2025-7705 (: Active Debug Code vulnerability in ABB Switch Actuator 4 
DU-83330, A ...)
-       TODO: check
+       NOT-FOR-US: ABB group
 CVE-2025-7692 (The Orion Login with SMS plugin for WordPress is vulnerable to 
Authent ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2025-7687 (The Latest Post Accordian Slider plugin for WordPress is 
vulnerable to ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2025-7685 (The Like & Share My Site plugin for WordPress is vulnerable to 
Cross-S ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2025-7645 (The Extensions For CF7 (Contact form 7 Database, Conditional 
Fields an ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2025-7644 (The Pixel Gallery Addons for Elementor \u2013 Easy Grid, 
Creative Gall ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2025-7495 (The WP-Members Membership Plugin plugin for WordPress is 
vulnerable to ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2025-7486 (The Ebook Store plugin for WordPress is vulnerable to Stored 
Cross-Sit ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2025-7427 (Uncontrolled Search Path Element in Arm Development Studio 
before 2025 ...)
        TODO: check
 CVE-2025-7371 (Okta On-Premises Provisioning (OPP) agents log certain user 
data durin ...)
        TODO: check
 CVE-2025-6831 (The User Registration plugin for WordPress is vulnerable to 
Stored Cro ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2025-6741 (Improper access control in secure message component in 
Devolutions Ser ...)
-       TODO: check
+       NOT-FOR-US: Devolutions
 CVE-2025-6585 (The WP JobHunt plugin for WordPress is vulnerable to Insecure 
Direct O ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2025-6523 (Use of weak credentials in emergency authentication component 
in Devol ...)
-       TODO: check
+       NOT-FOR-US: Devolutions
 CVE-2025-6213 (The Nginx Cache Purge Preload plugin for WordPress is 
vulnerable to Re ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2025-6187 (The bSecure plugin for WordPress is vulnerable to Privilege 
Escalation ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2025-6082 (The Birth Chart Compatibility plugin for WordPress is 
vulnerable to Fu ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2025-5240 (The CRM and Lead Management by vcita plugin for WordPress is 
vulnerabl ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2025-5042 (A maliciously crafted RFA file, when parsed through Autodesk 
Revit, ca ...)
-       TODO: check
+       NOT-FOR-US: Autodesk
 CVE-2025-54362
        REJECTED
 CVE-2025-54361
@@ -189,13 +189,13 @@ CVE-2025-31512 (An issue was discovered in 
AlertEnterprise Guardian 4.1.14.2.2.1
 CVE-2025-31511 (An issue was discovered in AlertEnterprise Guardian 
4.1.14.2.2.1. One  ...)
        TODO: check
 CVE-2024-38335 (IBM Security QRadar Network Threat Analytics 1.0.0 through 
1.3.1 could ...)
-       TODO: check
+       NOT-FOR-US: IBM
 CVE-2015-10140 (The Ajax Load More plugin before 2.8.1.2 does not have 
authorisation i ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2015-10137 (The Website Contact Form With File Upload plugin for WordPress 
is vuln ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2012-10020 (The FoxyPress plugin for WordPress is vulnerable to arbitrary 
file upl ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2025-38352 (In the Linux kernel, the following vulnerability has been 
resolved:  p ...)
        - linux 6.12.35-1
        NOTE: 
https://git.kernel.org/linus/f90fff1e152dedf52b932240ebbd670d83330eca (6.16-rc2)



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/52085303752603ae5aa699c9f6a3f5d5c7bb058b

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/52085303752603ae5aa699c9f6a3f5d5c7bb058b
You're receiving this email because of your account on salsa.debian.org.

_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

[Git][security-tracker-team/security-tracker][master] automatic NOT-FOR-US entries update

Reply via email to