[Git][security-tracker-team/security-tracker][master] automatic NOT-FOR-US entries update

Salvatore Bonaccorso (@carnil) Thu, 24 Jul 2025 13:15:32 -0700


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker



Commits:
f9597ff8 by security tracker role at 2025-07-24T20:14:08+00:00
automatic NOT-FOR-US entries update

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,61 +1,61 @@
 CVE-2025-8115 (A vulnerability has been found in PHPGurukul Taxi Stand 
Management Sys ...)
-       TODO: check
+       NOT-FOR-US: PHPGurukul
 CVE-2025-8114 (A flaw was found in libssh, a library that implements the SSH 
protocol ...)
        TODO: check
 CVE-2025-8071 (Mine CloudVod plugin for WordPress is vulnerable to Stored 
Cross-Site  ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2025-7966 (The Get Youtube Subs plugin for WordPress is vulnerable to 
Stored Cros ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2025-7959 (The Station Pro plugin for WordPress is vulnerable to Stored 
Cross-Sit ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2025-7835 (The iThoughts Advanced Code Editor plugin for WordPress is 
vulnerable  ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2025-7822 (The WP Wallcreeper plugin for WordPress is vulnerable to 
unauthorized  ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2025-7780 (The AI Engine plugin for WordPress is vulnerable to Sensitive 
Informat ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2025-7695 (The Dataverse Integration plugin for WordPress is vulnerable to 
Privil ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2025-7690 (The Affiliate Plus plugin for WordPress is vulnerable to 
Cross-Site Re ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2025-7640 (The hiWeb Export Posts plugin for WordPress is vulnerable to 
Cross-Sit ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2025-6998 (ReDoS in strip_whitespaces() function in cps/string_helper.py 
in janec ...)
        TODO: check
 CVE-2025-6588 (The FunnelCockpit plugin for WordPress is vulnerable to 
Reflected Cros ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2025-6539 (The Voltax Video Player plugin for WordPress is vulnerable to 
Stored C ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2025-6441 (The Webinar Solution: Create live/evergreen/automated/instant 
webinars ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2025-6387 (The WP Get The Table plugin for WordPress is vulnerable to 
Stored Cros ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2025-6385 (The WP Applink plugin for WordPress is vulnerable to Stored 
Cross-Site ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2025-6382 (The Taeggie Feed plugin for WordPress is vulnerable to Stored 
Cross-Si ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2025-6380 (The ONLYOFFICE Docs plugin for WordPress is vulnerable to 
Privilege Es ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2025-6262 (The muse.ai video embedding plugin for WordPress is vulnerable 
to Stor ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2025-5243 (Unrestricted Upload of File with Dangerous Type, Improper 
Neutralizati ...)
        TODO: check
 CVE-2025-5084 (The Post Grid Master plugin for WordPress is vulnerable to 
Reflected C ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2025-5039 (A maliciously crafted binary file, when present while loading 
files in ...)
-       TODO: check
+       NOT-FOR-US: Autodesk
 CVE-2025-53084 (A cross-site scripting (xss) vulnerability exists in the 
videosList pa ...)
        TODO: check
 CVE-2025-51089 (Tenda AC8V4 V16.03.34.06` was discovered to contain heap 
overflow at / ...)
-       TODO: check
+       NOT-FOR-US: Tenda
 CVE-2025-51088 (Tenda AC8V4 V16.03.34.06` was discovered to contain stack 
overflow at  ...)
-       TODO: check
+       NOT-FOR-US: Tenda
 CVE-2025-51087 (Tenda AC8V4 V16.03.34.06` was discovered to contain stack 
overflow at  ...)
-       TODO: check
+       NOT-FOR-US: Tenda
 CVE-2025-51085 (Tenda AC8V4 V16.03.34.06` was discovered to contain stack 
overflow at  ...)
-       TODO: check
+       NOT-FOR-US: Tenda
 CVE-2025-51082 (Tenda AC8V4 V16.03.34.06` was discovered to contain stack 
overflow at  ...)
-       TODO: check
+       NOT-FOR-US: Tenda
 CVE-2025-50128 (A cross-site scripting (xss) vulnerability exists in the 
videoNotFound ...)
        TODO: check
 CVE-2025-4822 (Improper Neutralization of Special Elements used in an SQL 
Command ('S ...)
@@ -63,15 +63,15 @@ CVE-2025-4822 (Improper Neutralization of Special Elements 
used in an SQL Comman
 CVE-2025-4784 (Improper Neutralization of Special Elements used in an SQL 
Command ('S ...)
        TODO: check
 CVE-2025-4608 (The Structured Content plugin for WordPress is vulnerable to 
Stored Cr ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2025-48732 (An incomplete blacklist exists in the .htaccess sample of WWBN 
AVideo  ...)
        TODO: check
 CVE-2025-47061 (Adobe Experience Manager versions 6.5.22 and earlier are 
affected by a ...)
-       TODO: check
+       NOT-FOR-US: Adobe
 CVE-2025-46996 (Adobe Experience Manager versions 6.5.22 and earlier are 
affected by a ...)
-       TODO: check
+       NOT-FOR-US: Adobe
 CVE-2025-46993 (Adobe Experience Manager versions 6.5.22 and earlier are 
affected by a ...)
-       TODO: check
+       NOT-FOR-US: Adobe
 CVE-2025-46410 (A cross-site scripting (xss) vulnerability exists in the 
managerPlayli ...)
        TODO: check
 CVE-2025-45731 (A group deletion race condition in 2FAuth v5.5.0 causes data 
inconsist ...)
@@ -83,15 +83,15 @@ CVE-2025-41420 (A cross-site scripting (xss) vulnerability 
exists in the userLog
 CVE-2025-40680 (Lack of sensitive data encryption in CapillaryScope v2.5.0 of 
Capillar ...)
        TODO: check
 CVE-2025-3669 (The Supreme Addons for Beaver Builder plugin for WordPress is 
vulnerab ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2025-36548 (A cross-site scripting (xss) vulnerability exists in the 
LoginWordPres ...)
        TODO: check
 CVE-2025-36005 (IBM MQ Operator LTS 2.0.0 through 2.0.29, MQ Operator CD 
3.0.0, 3.0.1, ...)
-       TODO: check
+       NOT-FOR-US: IBM
 CVE-2025-33109 (IBM i 7.2, 7.3, 7.4, 7.5, and 7.6 is vulnerable to a privilege 
escalat ...)
-       TODO: check
+       NOT-FOR-US: IBM
 CVE-2025-33013 (IBM MQ Operator LTS 2.0.0 through 2.0.29, MQ Operator CD 
3.0.0, 3.0.1, ...)
-       TODO: check
+       NOT-FOR-US: IBM
 CVE-2025-25214 (A race condition vulnerability exists in the 
aVideoEncoder.json.php un ...)
        TODO: check
 CVE-2025-8107 (In OceanBase's Oracle tenant mode, a malicious user with 
specific priv ...)



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/f9597ff8f8e3c283f19001b13cd855fecb2d8e7d

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/f9597ff8f8e3c283f19001b13cd855fecb2d8e7d
You're receiving this email because of your account on salsa.debian.org.

_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

[Git][security-tracker-team/security-tracker][master] automatic NOT-FOR-US entries update

Reply via email to