[Git][security-tracker-team/security-tracker][master] automatic NOT-FOR-US entries update

Salvatore Bonaccorso (@carnil) Tue, 12 Aug 2025 01:13:18 -0700


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker



Commits:
f4ec7c70 by security tracker role at 2025-08-12T08:13:03+00:00
automatic NOT-FOR-US entries update

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,35 +1,35 @@
 CVE-2025-8874 (The Master Addons \u2013 Elementor Addons with White Label, 
Free Widge ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2025-8767 (The AnWP Football Leagues plugin for WordPress is vulnerable to 
CSV In ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2025-8690 (The Simple Responsive Slider plugin for WordPress is vulnerable 
to Sto ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2025-8688 (The Inline Stock Quotes plugin for WordPress is vulnerable to 
Stored C ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2025-8685 (The Wp chart generator plugin for WordPress is vulnerable to 
Stored Cr ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2025-8621 (The Mosaic Generator plugin for WordPress is vulnerable to 
Stored Cros ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2025-8568 (The GMap Generator plugin for WordPress is vulnerable to Stored 
Cross- ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2025-8482 (The Simple Local Avatars plugin for WordPress is vulnerable to 
unautho ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2025-8462 (The RT Easy Builder \u2013 Advanced addons for Elementor plugin 
for Wo ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2025-8418 (The B Slider- Gutenberg Slider Block for WP plugin for 
WordPress is vu ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2025-8314 (The Software Issue Manager plugin for WordPress is vulnerable 
to Store ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2025-8081 (The Elementor plugin for WordPress is vulnerable to Arbitrary 
File Rea ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2025-8059 (The B Blocks plugin for WordPress is vulnerable to Privilege 
Escalatio ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2025-7622 (During an internal security assessment, a Server-Side Request 
Forgery  ...)
-       TODO: check
+       NOT-FOR-US: Axis Communication
 CVE-2025-6253 (The UiCore Elements \u2013 Free Elementor widgets and templates 
plugin ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2025-5391 (The WooCommerce Purchase Orders plugin for WordPress is 
vulnerable to  ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2025-55161 (Stirling-PDF is a locally hosted web application that performs 
various ...)
        TODO: check
 CVE-2025-55159 (slab is a pre-allocated storage for a uniform data type. In 
version 0. ...)
@@ -51,47 +51,47 @@ CVE-2025-54992 (OpenKilda is an open-source OpenFlow 
controller. Prior to versio
 CVE-2025-54878 (CryptoLib provides a software-only solution using the CCSDS 
Space Data ...)
        TODO: check
 CVE-2025-4390 (The WP Private Content Plus plugin for WordPress is vulnerable 
to Sens ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2025-47444 (Insertion of Sensitive Information Into Sent Data 
vulnerability in Liq ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin or theme
 CVE-2025-42976 (SAP NetWeaver Application Server ABAP (BIC Document) allows an 
authent ...)
-       TODO: check
+       NOT-FOR-US: SAP
 CVE-2025-42975 (SAP NetWeaver Application Server ABAP (BIC Document) allows an 
unauthe ...)
-       TODO: check
+       NOT-FOR-US: SAP
 CVE-2025-42957 (SAP S/4HANA allows an attacker with user privileges to exploit 
a vulne ...)
-       TODO: check
+       NOT-FOR-US: SAP
 CVE-2025-42955 (Due to a missing authorization check in SAP Cloud Connector, 
an attack ...)
-       TODO: check
+       NOT-FOR-US: SAP
 CVE-2025-42951 (Due to broken authorization, SAP Business One (SLD) allows an 
authenti ...)
-       TODO: check
+       NOT-FOR-US: SAP
 CVE-2025-42950 (SAP Landscape Transformation (SLT) allows an attacker with 
user privil ...)
-       TODO: check
+       NOT-FOR-US: SAP
 CVE-2025-42949 (Due to a missing authorization check in the ABAP Platform, an 
authenti ...)
-       TODO: check
+       NOT-FOR-US: SAP
 CVE-2025-42948 (Due to a Cross-Site Scripting (XSS) vulnerability in SAP 
NetWeaver ABA ...)
-       TODO: check
+       NOT-FOR-US: SAP
 CVE-2025-42946 (Due to directory traversal vulnerability in SAP S/4HANA (Bank 
Communic ...)
-       TODO: check
+       NOT-FOR-US: SAP
 CVE-2025-42945 (SAP NetWeaver Application Server ABAP has HTML injection 
vulnerability ...)
-       TODO: check
+       NOT-FOR-US: SAP
 CVE-2025-42943 (SAP GUI for Windows may allow the leak of NTML hashes when 
specific AB ...)
-       TODO: check
+       NOT-FOR-US: SAP
 CVE-2025-42942 (SAP NetWeaver Application Server for ABAP has cross-site 
scripting vul ...)
-       TODO: check
+       NOT-FOR-US: SAP
 CVE-2025-42941 (SAP Fiori (Launchpad) is vulnerable to Reverse Tabnabbing 
vulnerabilit ...)
-       TODO: check
+       NOT-FOR-US: SAP
 CVE-2025-42936 (The SAP NetWeaver Application Server for ABAP does not enable 
an admin ...)
-       TODO: check
+       NOT-FOR-US: SAP
 CVE-2025-42935 (The SAP NetWeaver Application Server ABAP and ABAP Platform 
Internet C ...)
-       TODO: check
+       NOT-FOR-US: SAP
 CVE-2025-42934 (SAP S/4HANA Supplier invoice is vulnerable to CRLF Injection. 
An attac ...)
-       TODO: check
+       NOT-FOR-US: SAP
 CVE-2025-41686 (A low-privileged local attacker can exploit improper 
permissions on ns ...)
        TODO: check
 CVE-2025-3892 (ACAP applications can be executed with elevated privileges, 
potentiall ...)
-       TODO: check
+       NOT-FOR-US: Axis Communication
 CVE-2025-30027 (An ACAP configuration file lacked sufficient input validation, 
which c ...)
-       TODO: check
+       NOT-FOR-US: Axis Communication
 CVE-2025-25235 (Server-Side Request Forgery (SSRF) in Omnissa Secure Email 
Gateway (SE ...)
        TODO: check
 CVE-2024-32640 (MASA CMS is an Enterprise Content Management platform based on 
open so ...)



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/f4ec7c7025c1106f89900a9d3b8d0c7d295d8137

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/f4ec7c7025c1106f89900a9d3b8d0c7d295d8137
You're receiving this email because of your account on salsa.debian.org.

_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

[Git][security-tracker-team/security-tracker][master] automatic NOT-FOR-US entries update

Reply via email to