[Git][security-tracker-team/security-tracker][master] automatic NOT-FOR-US entries update

Salvatore Bonaccorso (@carnil) carnil at debian.org
Fri Aug 22 21:14:29 BST 2025 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
01c3cd81 by security tracker role at 2025-08-22T20:14:22+00:00
automatic NOT-FOR-US entries update

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -3,7 +3,7 @@ CVE-2025-9341 (Uncontrolled Resource Consumption vulnerability in Legion of the
 CVE-2025-9340 (Out-of-bounds Write vulnerability in Legion of the Bouncy Castle Inc.  ...)
 	TODO: check
 CVE-2025-9331 (The Spacious theme for WordPress is vulnerable to unauthorized modific ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2025-9259 (WebITR developed by Uniong has an Arbitrary File Reading vulnerability ...)
 	TODO: check
 CVE-2025-9258 (WebITR developed by Uniong has an Arbitrary File Reading vulnerability ...)
@@ -17,31 +17,31 @@ CVE-2025-9255 (WebITR developed by Uniong has a SQL Injection vulnerability, all
 CVE-2025-9254 (WebITR developed by Uniong has a Missing Authentication vulnerability, ...)
 	TODO: check
 CVE-2025-6791 (On the monitoring event logs page, it is possible to alter the http re ...)
-	TODO: check
+	NOT-FOR-US: Centreon
 CVE-2025-57896 (Missing Authorization vulnerability in andy_moyle Church Admin allows  ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin or theme
 CVE-2025-57895 (Cross-Site Request Forgery (CSRF) vulnerability in Hossni Mubarak JobW ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin or theme
 CVE-2025-57894 (Missing Authorization vulnerability in ollybach WPPizza allows Exploit ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin or theme
 CVE-2025-57893 (Cross-Site Request Forgery (CSRF) vulnerability in Epsiloncool WP Fast ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin or theme
 CVE-2025-57892 (Cross-Site Request Forgery (CSRF) vulnerability in Jeff Starr Simple S ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin or theme
 CVE-2025-57891 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin or theme
 CVE-2025-57890 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin or theme
 CVE-2025-57888 (Exposure of Sensitive System Information to an Unauthorized Control Sp ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin or theme
 CVE-2025-57887 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin or theme
 CVE-2025-57886 (Authorization Bypass Through User-Controlled Key vulnerability in Equa ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin or theme
 CVE-2025-57885 (Cross-Site Request Forgery (CSRF) vulnerability in Shahjahan Jewel Flu ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin or theme
 CVE-2025-57884 (Missing Authorization vulnerability in wpsoul Greenshift allows Exploi ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin or theme
 CVE-2025-57801 (gnark is a zero-knowledge proof system framework. In versions prior to ...)
 	TODO: check
 CVE-2025-57800 (Audiobookshelf is an open-source self-hosted audiobook server. In vers ...)
@@ -85,21 +85,21 @@ CVE-2025-55620 (A cross-site scripting (XSS) vulnerability in the valuateJavascr
 CVE-2025-55619 (Reolink v4.54.0.4.20250526 was discovered to contain a hardcoded encry ...)
 	TODO: check
 CVE-2025-55613 (Tenda O3V2 1.0.0.12(3880) is vulnerable to Buffer Overflow in the from ...)
-	TODO: check
+	NOT-FOR-US: Tenda
 CVE-2025-55611 (D-Link DIR-619L 2.06B01 is vulnerable to Buffer Overflow in the formLa ...)
-	TODO: check
+	NOT-FOR-US: D-Link
 CVE-2025-55606 (Tenda AX3 V16.03.12.10_CN is vulnerable to Buffer Overflow in the from ...)
-	TODO: check
+	NOT-FOR-US: Tenda
 CVE-2025-55605 (Tenda AX3 V16.03.12.10_CN is vulnerable to Buffer Overflow in the save ...)
-	TODO: check
+	NOT-FOR-US: Tenda
 CVE-2025-55603 (Tenda AX3 V16.03.12.10_CN is vulnerable to Buffer Overflow in the from ...)
-	TODO: check
+	NOT-FOR-US: Tenda
 CVE-2025-55602 (D-Link DIR-619L 2.06B01 is vulnerable to Buffer Overflow in the formSy ...)
-	TODO: check
+	NOT-FOR-US: D-Link
 CVE-2025-55599 (D-Link DIR-619L 2.06B01 is vulnerable to Buffer Overflow in the formWl ...)
-	TODO: check
+	NOT-FOR-US: D-Link
 CVE-2025-55581 (D-Link DCS-825L firmware version 1.08.01 and possibly prior versions c ...)
-	TODO: check
+	NOT-FOR-US: D-Link
 CVE-2025-55573 (QuantumNous new-api v.0.8.5.2 is vulnerable to Cross Site Scripting (X ...)
 	TODO: check
 CVE-2025-55454 (An authenticated arbitrary file upload vulnerability in the component  ...)
@@ -137,21 +137,21 @@ CVE-2025-50691 (MCSManager 10.5.3 daemon process runs as a root account by defau
 CVE-2025-50674 (An issue was discovered in the changePassword method in file /usr/shar ...)
 	TODO: check
 CVE-2025-4650 (User with high privileges is able to introduce a SQLi using the Meta S ...)
-	TODO: check
+	NOT-FOR-US: Centreon
 CVE-2025-43762 (Liferay Portal 7.4.0 through 7.4.3.132, and Liferay DXP 2025.Q1.0 thro ...)
-	TODO: check
+	NOT-FOR-US: Liferay
 CVE-2025-43760 (A reflected cross-site scripting (XSS) vulnerability in the Liferay Po ...)
-	TODO: check
+	NOT-FOR-US: Liferay
 CVE-2025-43759 (Liferay Portal 7.4.0 through 7.4.3.132, and Liferay DXP 2025.Q1.0, 202 ...)
-	TODO: check
+	NOT-FOR-US: Liferay
 CVE-2025-43758 (Liferay Portal 7.4.0 through 7.4.3.132, and Liferay DXP 2025.Q1.0 thro ...)
-	TODO: check
+	NOT-FOR-US: Liferay
 CVE-2025-43751 (User enumeration vulnerability in Liferay Portal 7.4.0 through 7.4.3.1 ...)
-	TODO: check
+	NOT-FOR-US: Liferay
 CVE-2025-36042 (IBM QRadar SIEM 7.5 through 7.5.0Dashboard is vulnerable to cross-site ...)
-	TODO: check
+	NOT-FOR-US: IBM
 CVE-2025-33120 (IBM QRadar SIEM 7.5 through 7.5.0 UP13 could allow an authenticated us ...)
-	TODO: check
+	NOT-FOR-US: IBM
 CVE-2025-29366 (In mupen64plus v2.6.0 there is an array overflow vulnerability in the  ...)
 	TODO: check
 CVE-2025-29365 (spimsimulator spim v9.1.24 and before is vulnerable to Buffer Overflow ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/01c3cd81e6c5b7c486dd9cac3aef8f5df769e0a5

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/01c3cd81e6c5b7c486dd9cac3aef8f5df769e0a5
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20250822/fa9b812f/attachment.htm>

More information about the debian-security-tracker-commits mailing list