[Git][security-tracker-team/security-tracker][master] automatic NOT-FOR-US entries update

Sat Aug 30 09:14:33 BST 2025


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
45874f16 by security tracker role at 2025-08-30T08:14:25+00:00
automatic NOT-FOR-US entries update

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,9 +1,9 @@
 CVE-2025-9680 (A vulnerability was detected in O2OA up to 10.0-410. This impacts an u ...)
 	TODO: check
 CVE-2025-9679 (A security vulnerability has been detected in itsourcecode Student Inf ...)
-	TODO: check
+	NOT-FOR-US: itsourcecode System
 CVE-2025-9678 (A weakness has been identified in Campcodes Online Loan Management Sys ...)
-	TODO: check
+	NOT-FOR-US: Campcodes
 CVE-2025-9677 (A security flaw has been discovered in Modo Legend of the Phoenix up t ...)
 	TODO: check
 CVE-2025-9676 (A vulnerability was identified in NCSOFT Universe App up to 1.3.0. Imp ...)
@@ -13,15 +13,15 @@ CVE-2025-9675 (A vulnerability was determined in Voice Changer App up to 1.1.0.
 CVE-2025-9674 (A flaw has been found in Transbyte Scooper News App up to 1.2 on Andro ...)
 	TODO: check
 CVE-2025-9618 (The Related Posts Lite plugin for WordPress is vulnerable to Cross-Sit ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2025-9500 (The TablePress plugin for WordPress is vulnerable to Stored Cross-Site ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2025-9499 (The Ocean Extra plugin for WordPress is vulnerable to Stored Cross-Sit ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2025-58160 (tracing is a framework for instrumenting Rust programs to collect stru ...)
 	TODO: check
 CVE-2025-58159 (WeGIA is a Web manager for charitable institutions. Prior to version 3 ...)
-	TODO: check
+	NOT-FOR-US: WeGIA
 CVE-2025-58157 (gnark is a zero-knowledge proof system framework. In version 0.12.0, t ...)
 	TODO: check
 CVE-2025-58156 (Centurion ERP is an ERP with a focus on ITSM and automation. In versio ...)
@@ -33,11 +33,11 @@ CVE-2025-58067 (Basecamp's Google Sign-In adds Google sign-in to Rails applicati
 CVE-2025-58066 (nptd-rs is a tool for synchronizing your computer's clock, implementin ...)
 	TODO: check
 CVE-2025-57822 (Next.js is a React framework for building full-stack web applications. ...)
-	TODO: check
+	NOT-FOR-US: Next.js
 CVE-2025-57752 (Next.js is a React framework for building full-stack web applications. ...)
-	TODO: check
+	NOT-FOR-US: Next.js
 CVE-2025-55173 (Next.js is a React framework for building full-stack web applications. ...)
-	TODO: check
+	NOT-FOR-US: Next.js
 CVE-2025-54946 (A SQL injection vulnerability in SUNNET Corporate Training Management  ...)
 	TODO: check
 CVE-2025-54945 (An external control of file name or path vulnerability in SUNNET Corpo ...)
@@ -49,7 +49,7 @@ CVE-2025-54943 (A missing authorization vulnerability in SUNNET Corporate Traini
 CVE-2025-54942 (A missing authentication for critical function vulnerability in SUNNET ...)
 	TODO: check
 CVE-2025-4956 (Path Traversal: '.../...//' vulnerability in AA-Team Pro Bulk Watermar ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin or theme
 CVE-2025-34165 (A stack-based buffer overflow vulnerability in NetSupport Manager14.x  ...)
 	TODO: check
 CVE-2025-34164 (A heap-based buffer overflow vulnerability in NetSupport Manager14.x v ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/45874f166964de88be67708d6da2ddb1affc8a5c

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/45874f166964de88be67708d6da2ddb1affc8a5c
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20250830/5f6f14f7/attachment.htm>
