[Git][security-tracker-team/security-tracker][master] automatic NOT-FOR-US entries update

Salvatore Bonaccorso (@carnil) carnil at debian.org
Sat Aug 23 09:13:06 BST 2025 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
4e4df59b by security tracker role at 2025-08-23T08:12:53+00:00
automatic NOT-FOR-US entries update

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,43 +1,43 @@
 CVE-2025-9358 (A security flaw has been discovered in Linksys RE6250, RE6300, RE6350, ...)
-	TODO: check
+	NOT-FOR-US: Linksys
 CVE-2025-9357 (A vulnerability was identified in Linksys RE6250, RE6300, RE6350, RE65 ...)
-	TODO: check
+	NOT-FOR-US: Linksys
 CVE-2025-9356 (A vulnerability was determined in Linksys RE6250, RE6300, RE6350, RE65 ...)
-	TODO: check
+	NOT-FOR-US: Linksys
 CVE-2025-9355 (A vulnerability was found in Linksys RE6250, RE6300, RE6350, RE6500, R ...)
-	TODO: check
+	NOT-FOR-US: Linksys
 CVE-2025-9131 (The Ogulo \u2013 360\xb0 Tour plugin for WordPress is vulnerable to St ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2025-9048 (The Wptobe-memberships plugin for WordPress is vulnerable to arbitrary ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2025-8193
 	REJECTED
 CVE-2025-8062 (The WS Theme Addons plugin for WordPress is vulnerable to Stored Cross ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2025-7957 (The ShortcodeHub plugin for WordPress is vulnerable to Stored Cross-Si ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2025-7842 (The Silencesoft RSS Reader plugin for WordPress is vulnerable to Cross ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2025-7841 (The Sertifier Certificate & Badge Maker for WordPress \u2013 Tutor LMS ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2025-7839 (The Restore Permanently delete Post or Page Data plugin for WordPress  ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2025-7828 (The WP Filter & Combine RSS Feeds plugin for WordPress is vulnerable t ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2025-7827 (The Ni WooCommerce Customer Product Report plugin for WordPress is vul ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2025-7821 (The WC Plus plugin for WordPress is vulnerable to unauthorized modific ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2025-7813 (The Events Calendar, Event Booking, Registrations and Event Tickets \u ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2025-7642 (The Simpler Checkout plugin for WordPress is vulnerable to Authenticat ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2025-5821 (The Case Theme User plugin for WordPress is vulnerable to Authenticati ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2025-5352 (A critical stored Cross-Site Scripting (XSS) vulnerability exists in t ...)
 	TODO: check
 CVE-2025-5060 (The Bravis User plugin for WordPress is vulnerable to Authentication B ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2025-58043
 	REJECTED
 CVE-2025-58042
@@ -59,31 +59,31 @@ CVE-2025-58035
 CVE-2025-55455 (DooTask v1.0.51 was dicovered to contain an authenticated arbitrary do ...)
 	TODO: check
 CVE-2025-52451 (Improper Input Validation vulnerability in Salesforce Tableau Server o ...)
-	TODO: check
+	NOT-FOR-US: Salesforce
 CVE-2025-52450 (Improper Limitation of a Pathname to a Restricted Directory ('Path Tra ...)
-	TODO: check
+	NOT-FOR-US: Salesforce
 CVE-2025-43770 (A reflected cross-site scripting (XSS) vulnerability in the Liferay Po ...)
-	TODO: check
+	NOT-FOR-US: Liferay
 CVE-2025-43769 (Stored cross-site scripting (XSS) vulnerability in Liferay Portal 7.4. ...)
-	TODO: check
+	NOT-FOR-US: Liferay
 CVE-2025-43768 (Liferay Portal 7.4.0 through 7.4.3.131, and Liferay DXP 2024.Q4.0 thro ...)
-	TODO: check
+	NOT-FOR-US: Liferay
 CVE-2025-43767 (Open Redirect vulnerability in /c/portal/edit_info_item parameter redi ...)
-	TODO: check
+	NOT-FOR-US: Liferay
 CVE-2025-43766 (The Liferay Portal 7.4.0 through 7.3.3.131, and Liferay DXP 2024.Q4.0, ...)
-	TODO: check
+	NOT-FOR-US: Liferay
 CVE-2025-43765 (A Stored cross-site scripting vulnerability in the Liferay Portal 7.4. ...)
-	TODO: check
+	NOT-FOR-US: Liferay
 CVE-2025-43764 (Self-ReDoS (Regular expression Denial of Service) exists with Role Nam ...)
-	TODO: check
+	NOT-FOR-US: Liferay
 CVE-2025-43761 (A reflected cross-site scripting (XSS) vulnerability in the Liferay Po ...)
-	TODO: check
+	NOT-FOR-US: Liferay
 CVE-2025-26498 (Unrestricted Upload of File with Dangerous Type vulnerability in Sales ...)
-	TODO: check
+	NOT-FOR-US: Salesforce
 CVE-2025-26497 (Unrestricted Upload of File with Dangerous Type vulnerability in Sales ...)
-	TODO: check
+	NOT-FOR-US: Salesforce
 CVE-2025-26496 (Access of Resource Using Incompatible Type ('Type Confusion') vulnerab ...)
-	TODO: check
+	NOT-FOR-US: Salesforce
 CVE-2025-24469
 	REJECTED
 CVE-2025-24468



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/4e4df59b49221b95905b7772120bf45ea74bbf4b

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/4e4df59b49221b95905b7772120bf45ea74bbf4b
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20250823/c9c1ac09/attachment.htm>

More information about the debian-security-tracker-commits mailing list