[Git][security-tracker-team/security-tracker][master] automatic NOT-FOR-US entries update

Salvatore Bonaccorso (@carnil) carnil at debian.org
Tue Aug 12 09:13:10 BST 2025 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
f4ec7c70 by security tracker role at 2025-08-12T08:13:03+00:00
automatic NOT-FOR-US entries update

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,35 +1,35 @@
 CVE-2025-8874 (The Master Addons \u2013 Elementor Addons with White Label, Free Widge ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2025-8767 (The AnWP Football Leagues plugin for WordPress is vulnerable to CSV In ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2025-8690 (The Simple Responsive Slider plugin for WordPress is vulnerable to Sto ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2025-8688 (The Inline Stock Quotes plugin for WordPress is vulnerable to Stored C ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2025-8685 (The Wp chart generator plugin for WordPress is vulnerable to Stored Cr ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2025-8621 (The Mosaic Generator plugin for WordPress is vulnerable to Stored Cros ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2025-8568 (The GMap Generator plugin for WordPress is vulnerable to Stored Cross- ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2025-8482 (The Simple Local Avatars plugin for WordPress is vulnerable to unautho ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2025-8462 (The RT Easy Builder \u2013 Advanced addons for Elementor plugin for Wo ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2025-8418 (The B Slider- Gutenberg Slider Block for WP plugin for WordPress is vu ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2025-8314 (The Software Issue Manager plugin for WordPress is vulnerable to Store ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2025-8081 (The Elementor plugin for WordPress is vulnerable to Arbitrary File Rea ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2025-8059 (The B Blocks plugin for WordPress is vulnerable to Privilege Escalatio ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2025-7622 (During an internal security assessment, a Server-Side Request Forgery  ...)
-	TODO: check
+	NOT-FOR-US: Axis Communication
 CVE-2025-6253 (The UiCore Elements \u2013 Free Elementor widgets and templates plugin ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2025-5391 (The WooCommerce Purchase Orders plugin for WordPress is vulnerable to  ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2025-55161 (Stirling-PDF is a locally hosted web application that performs various ...)
 	TODO: check
 CVE-2025-55159 (slab is a pre-allocated storage for a uniform data type. In version 0. ...)
@@ -51,47 +51,47 @@ CVE-2025-54992 (OpenKilda is an open-source OpenFlow controller. Prior to versio
 CVE-2025-54878 (CryptoLib provides a software-only solution using the CCSDS Space Data ...)
 	TODO: check
 CVE-2025-4390 (The WP Private Content Plus plugin for WordPress is vulnerable to Sens ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2025-47444 (Insertion of Sensitive Information Into Sent Data vulnerability in Liq ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin or theme
 CVE-2025-42976 (SAP NetWeaver Application Server ABAP (BIC Document) allows an authent ...)
-	TODO: check
+	NOT-FOR-US: SAP
 CVE-2025-42975 (SAP NetWeaver Application Server ABAP (BIC Document) allows an unauthe ...)
-	TODO: check
+	NOT-FOR-US: SAP
 CVE-2025-42957 (SAP S/4HANA allows an attacker with user privileges to exploit a vulne ...)
-	TODO: check
+	NOT-FOR-US: SAP
 CVE-2025-42955 (Due to a missing authorization check in SAP Cloud Connector, an attack ...)
-	TODO: check
+	NOT-FOR-US: SAP
 CVE-2025-42951 (Due to broken authorization, SAP Business One (SLD) allows an authenti ...)
-	TODO: check
+	NOT-FOR-US: SAP
 CVE-2025-42950 (SAP Landscape Transformation (SLT) allows an attacker with user privil ...)
-	TODO: check
+	NOT-FOR-US: SAP
 CVE-2025-42949 (Due to a missing authorization check in the ABAP Platform, an authenti ...)
-	TODO: check
+	NOT-FOR-US: SAP
 CVE-2025-42948 (Due to a Cross-Site Scripting (XSS) vulnerability in SAP NetWeaver ABA ...)
-	TODO: check
+	NOT-FOR-US: SAP
 CVE-2025-42946 (Due to directory traversal vulnerability in SAP S/4HANA (Bank Communic ...)
-	TODO: check
+	NOT-FOR-US: SAP
 CVE-2025-42945 (SAP NetWeaver Application Server ABAP has HTML injection vulnerability ...)
-	TODO: check
+	NOT-FOR-US: SAP
 CVE-2025-42943 (SAP GUI for Windows may allow the leak of NTML hashes when specific AB ...)
-	TODO: check
+	NOT-FOR-US: SAP
 CVE-2025-42942 (SAP NetWeaver Application Server for ABAP has cross-site scripting vul ...)
-	TODO: check
+	NOT-FOR-US: SAP
 CVE-2025-42941 (SAP Fiori (Launchpad) is vulnerable to Reverse Tabnabbing vulnerabilit ...)
-	TODO: check
+	NOT-FOR-US: SAP
 CVE-2025-42936 (The SAP NetWeaver Application Server for ABAP does not enable an admin ...)
-	TODO: check
+	NOT-FOR-US: SAP
 CVE-2025-42935 (The SAP NetWeaver Application Server ABAP and ABAP Platform Internet C ...)
-	TODO: check
+	NOT-FOR-US: SAP
 CVE-2025-42934 (SAP S/4HANA Supplier invoice is vulnerable to CRLF Injection. An attac ...)
-	TODO: check
+	NOT-FOR-US: SAP
 CVE-2025-41686 (A low-privileged local attacker can exploit improper permissions on ns ...)
 	TODO: check
 CVE-2025-3892 (ACAP applications can be executed with elevated privileges, potentiall ...)
-	TODO: check
+	NOT-FOR-US: Axis Communication
 CVE-2025-30027 (An ACAP configuration file lacked sufficient input validation, which c ...)
-	TODO: check
+	NOT-FOR-US: Axis Communication
 CVE-2025-25235 (Server-Side Request Forgery (SSRF) in Omnissa Secure Email Gateway (SE ...)
 	TODO: check
 CVE-2024-32640 (MASA CMS is an Enterprise Content Management platform based on open so ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/f4ec7c7025c1106f89900a9d3b8d0c7d295d8137

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/f4ec7c7025c1106f89900a9d3b8d0c7d295d8137
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20250812/86dbc4d7/attachment.htm>

More information about the debian-security-tracker-commits mailing list