[Git][security-tracker-team/security-tracker][master] automatic NOT-FOR-US entries update

Salvatore Bonaccorso (@carnil) Fri, 25 Jul 2025 01:13:36 -0700


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker



Commits:
68276762 by security tracker role at 2025-07-25T08:13:22+00:00
automatic NOT-FOR-US entries update

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,17 +1,17 @@
 CVE-2025-8137 (A vulnerability has been found in TOTOLINK A702R 
4.0.0-B20230721.1521  ...)
-       TODO: check
+       NOT-FOR-US: TOTOLINK
 CVE-2025-8136 (A vulnerability, which was classified as critical, was found in 
TOTOLI ...)
-       TODO: check
+       NOT-FOR-US: TOTOLINK
 CVE-2025-8135 (A vulnerability, which was classified as critical, has been 
found in i ...)
-       TODO: check
+       NOT-FOR-US: itsourcecode System
 CVE-2025-8134 (A vulnerability classified as critical was found in PHPGurukul 
BP Moni ...)
-       TODO: check
+       NOT-FOR-US: PHPGurukul
 CVE-2025-8133 (A vulnerability classified as critical has been found in 
yanyutao0402  ...)
        TODO: check
 CVE-2025-8132 (A vulnerability was found in yanyutao0402 ChanCMS up to 3.1.2. 
It has  ...)
        TODO: check
 CVE-2025-8131 (A vulnerability was found in Tenda AC20 16.03.08.05. It has 
been decla ...)
-       TODO: check
+       NOT-FOR-US: Tenda
 CVE-2025-8129 (A vulnerability, which was classified as problematic, was found 
in Koa ...)
        TODO: check
 CVE-2025-8128 (A vulnerability, which was classified as critical, has been 
found in z ...)
@@ -31,13 +31,13 @@ CVE-2025-7742 (An authentication vulnerability exists in 
the LG Innotek camera m
 CVE-2025-7404 (Improper Neutralization of Special Elements used in an OS 
Command ('OS ...)
        TODO: check
 CVE-2025-7022 (The My Reservation System WordPress plugin through 2.3 does not 
saniti ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2025-6260 (The embedded web server on the thermostat listed version ranges 
contai ...)
        TODO: check
 CVE-2025-5835 (The Droip plugin for WordPress is vulnerable to unauthorized 
modificat ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2025-5831 (The Droip plugin for WordPress is vulnerable to arbitrary file 
uploads ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2025-54568 (Akamai Rate Control alpha before 2025 allows attackers to send 
request ...)
        TODO: check
 CVE-2025-54558 (OpenAI Codex CLI before 0.9.0 auto-approves ripgrep (aka rg) 
execution ...)
@@ -49,33 +49,33 @@ CVE-2025-54369
 CVE-2025-53940 (Quiet is an alternative to team chat apps like Slack, Discord, 
and Ele ...)
        TODO: check
 CVE-2025-3614 (The ElementsKit Elementor Addons and Templates plugin for 
WordPress is ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2025-32429 (XWiki Platform is a generic wiki platform offering runtime 
services fo ...)
-       TODO: check
+       NOT-FOR-US: XWiki
 CVE-2025-31955 (HCL iAutomate is affected by a sensitive data exposure 
vulnerability.  ...)
-       TODO: check
+       NOT-FOR-US: HCL
 CVE-2025-31953 (HCL iAutomate includes hardcoded credentials which may result 
in poten ...)
-       TODO: check
+       NOT-FOR-US: HCL
 CVE-2025-31952 (HCL iAutomate is affected by an insufficient session 
expiration.  This ...)
-       TODO: check
+       NOT-FOR-US: HCL
 CVE-2025-22165 (This Medium severity ACE (Arbitrary Code Execution) 
vulnerability was  ...)
-       TODO: check
+       NOT-FOR-US: Atlassian
 CVE-2025-0253 (HCL IEM is affected by a cookie attribute not set vulnerability 
due to ...)
-       TODO: check
+       NOT-FOR-US: HCL
 CVE-2025-0252 (HCL IEM is affected by a password in cleartext vulnerability. 
Sensitiv ...)
-       TODO: check
+       NOT-FOR-US: HCL
 CVE-2025-0251 (HCL IEM is affected by a concurrent login vulnerability. The 
applicati ...)
-       TODO: check
+       NOT-FOR-US: HCL
 CVE-2025-0250 (HCL IEM is affected by an authorization token sent in cookie 
vulnerabi ...)
-       TODO: check
+       NOT-FOR-US: HCL
 CVE-2025-0249 (HCL IEM is affected by an improper invalidation of access or 
JWT token ...)
-       TODO: check
+       NOT-FOR-US: HCL
 CVE-2019-25224 (The WP Database Backup plugin for WordPress is vulnerable to 
OS Comman ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2015-10144 (The Responsive Thumbnail Slider plugin for WordPress is 
vulnerable to  ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2015-10143 (The Platform theme for WordPress is vulnerable to unauthorized 
modific ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2025-54567 (hw/pci/pcie_sriov.c in QEMU through 10.0.3 mishandles the VF 
Enable bi ...)
        - qemu <unfixed>
        NOTE: 
https://lore.kernel.org/qemu-devel/[email protected]/



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/68276762253c70f8ee24e9cc77fa1515218adc0d

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/68276762253c70f8ee24e9cc77fa1515218adc0d
You're receiving this email because of your account on salsa.debian.org.

_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

[Git][security-tracker-team/security-tracker][master] automatic NOT-FOR-US entries update

Reply via email to