[Git][security-tracker-team/security-tracker][master] automatic NOT-FOR-US entries update

Tue Dec 2 20:14:14 GMT 2025


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
fba6df17 by security tracker role at 2025-12-02T20:14:06+00:00
automatic NOT-FOR-US entries update

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -19,7 +19,7 @@ CVE-2025-66399 (Cacti is an open source performance and fault management framewo
 CVE-2025-65896 (SQL injection vulnerability in long2ice assyncmy thru 0.2.10 allows at ...)
 	TODO: check
 CVE-2025-65881 (Sourcecodester Zoo Management System v1.0 is vulnerable to Cross Site  ...)
-	TODO: check
+	NOT-FOR-US: SourceCodester
 CVE-2025-65877 (Lvzhou CMS before commit c4ea0eb9cab5f6739b2c87e77d9ef304017ed615 (202 ...)
 	TODO: check
 CVE-2025-65858 (A Stored Cross-Site Scripting (XSS) vulnerability in Calibre-Web v0.6. ...)
@@ -29,11 +29,11 @@ CVE-2025-65844 (EverShop 2.0.1 allows an unauthenticated user to upload files an
 CVE-2025-65656 (dcat-admin v2.2.3-beta and before is vulnerable to file inclusion in a ...)
 	TODO: check
 CVE-2025-65379 (PHPGurukul Billing System 1.0 is vulnerable to SQL Injection in the /a ...)
-	TODO: check
+	NOT-FOR-US: PHPGurukul
 CVE-2025-65358 (Edoc-doctor-appointment-system v1.0.1 was discovered to contain SQl in ...)
 	TODO: check
 CVE-2025-65215 (Sourcecodester Web-based Pharmacy Product Management System v1.0 is vu ...)
-	TODO: check
+	NOT-FOR-US: SourceCodester
 CVE-2025-65187 (A Stored Cross Site Scripting vulnerability exists in CiviCRM before v ...)
 	TODO: check
 CVE-2025-65186 (Grav CMS 1.7.49 is vulnerable to Cross Site Scripting (XSS). The page  ...)
@@ -43,13 +43,13 @@ CVE-2025-65105 (Apptainer is an open source container platform. In Apptainer ver
 CVE-2025-64750 (SingularityCE and SingularityPRO are open source container platforms.  ...)
 	TODO: check
 CVE-2025-64070 (Sourcecodester Student Grades Management System v1.0 is vulnerable to  ...)
-	TODO: check
+	NOT-FOR-US: SourceCodester
 CVE-2025-63872 (DeepSeek V3.2 has a Cross Site Scripting (XSS) vulnerability, which al ...)
 	TODO: check
 CVE-2025-61729 (Within HostnameError.Error(), when constructing an error string, there ...)
 	TODO: check
 CVE-2025-60854 (A vulnerability has been found in D-Link R15 (AX1500) 1.20.01 and belo ...)
-	TODO: check
+	NOT-FOR-US: D-Link
 CVE-2025-60736 (code-projects Online Medicine Guide 1.0 is vulnerable to SQL Injection ...)
 	TODO: check
 CVE-2025-59705 (Entrust nShield Connect XC, nShield 5c, and nShield HSMi through 13.6. ...)
@@ -81,11 +81,11 @@ CVE-2025-59693 (The Chassis Management Board in Entrust nShield Connect XC, nShi
 CVE-2025-58386 (In Terminalfour 8 through 8.4.1.1, the userLevel parameter in the user ...)
 	TODO: check
 CVE-2025-58113 (An out-of-bounds read vulnerability exists in the EMF functionality of ...)
-	TODO: check
+	NOT-FOR-US: PDF-XChange
 CVE-2025-57850 (A container privilege escalation flaw was found in certain CodeReady W ...)
 	TODO: check
 CVE-2025-52622 (The BigFix SaaS's HTTP responses were missing some security headers. T ...)
-	TODO: check
+	NOT-FOR-US: HCL
 CVE-2025-41744 (Sprecher Automations SPRECON-E seriesuses default cryptographic keys t ...)
 	TODO: check
 CVE-2025-41743 (Insufficient encryption strength in Sprecher Automation SPRECON-E-C, S ...)
@@ -129,9 +129,9 @@ CVE-2025-13828 (SummaryA non privileged user can install and remove arbitrary pa
 CVE-2025-13827 (Summary Arbitrary files can be uploaded via the GrapesJS Builder, as t ...)
 	TODO: check
 CVE-2025-13731 (The Nexter Extension \u2013 Site Enhancements Toolkit plugin for WordP ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2025-13724 (The VikRentCar Car Rental Management System plugin for WordPress is vu ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2025-13721 (Race in v8 in Google Chrome prior to 143.0.7499.41 allowed a remote at ...)
 	TODO: check
 CVE-2025-13720 (Bad cast in Loader in Google Chrome prior to 143.0.7499.41 allowed a r ...)
@@ -161,11 +161,11 @@ CVE-2025-13631 (Inappropriate implementation in Google Updater in Google Chrome
 CVE-2025-13630 (Type Confusion in V8 in Google Chrome prior to 143.0.7499.41 allowed a ...)
 	TODO: check
 CVE-2025-13542 (The DesignThemes LMS plugin for WordPress is vulnerable to Privilege E ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2025-13534 (The ELEX WordPress HelpDesk & Customer Ticketing System plugin for Wor ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2025-13516 (The SureMail \u2013 SMTP and Email Logs Plugin for WordPress is vulner ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2025-13510 (The Iskra iHUB and iHUB Lite smart metering gateway exposes its web ma ...)
 	TODO: check
 CVE-2025-13505 (Improper Neutralization of Input During Web Page Generation (XSS or 'C ...)
@@ -175,9 +175,9 @@ CVE-2025-13353 (In gokey versions <0.2.0,  a flaw in the seed decryption logic r
 CVE-2025-13295 (Insertion of Sensitive Information Into Sent Data vulnerability in Arg ...)
 	TODO: check
 CVE-2025-13090 (The WP Directory Kit plugin for WordPress is vulnerable to SQL Injecti ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2025-12630 (The Upload.am  WordPress plugin before 1.0.1 is vulnerable to arbitrar ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2025-12465 (A Blind SQL injection vulnerability has been identified in QuickCMS. I ...)
 	TODO: check
 CVE-2025-11789 (Out-of-bounds read vulnerability in Circutor SGE-PLC1000/SGE-PLC50 v9. ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/fba6df17fa0108939c12923f3ca4659b97519fc9

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/fba6df17fa0108939c12923f3ca4659b97519fc9
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20251202/b9b43bdf/attachment.htm>
