[Git][security-tracker-team/security-tracker][master] automatic NOT-FOR-US entries update

Wed Dec 3 08:13:50 GMT 2025


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
f6cb3327 by security tracker role at 2025-12-03T08:13:44+00:00
automatic NOT-FOR-US entries update

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -3,7 +3,7 @@ CVE-2025-65955 (ImageMagick is free and open-source software used for editing an
 CVE-2025-65657 (FeehiCMS version 2.1.1 has a Remote Code Execution via Unrestricted Fi ...)
 	TODO: check
 CVE-2025-65380 (PHPGurukul Billing System 1.0 is vulnerable to SQL Injection in the ad ...)
-	TODO: check
+	NOT-FOR-US: PHPGurukul
 CVE-2025-64778 (NMIS/BioDose software V22.02 and previous versions contain executable  ...)
 	TODO: check
 CVE-2025-64642 (NMIS/BioDose V22.02 and previous versions' installation directory path ...)
@@ -21,21 +21,21 @@ CVE-2025-13946 (MEGACO dissector infinite loop in Wireshark 4.6.0 to 4.6.1 and 4
 CVE-2025-13945 (HTTP3 dissector crash in Wireshark 4.6.0 and 4.6.1 allows denial of se ...)
 	TODO: check
 CVE-2025-13646 (The Modula Image Gallery plugin for WordPress is vulnerable to arbitra ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2025-13645 (The Modula Image Gallery plugin for WordPress is vulnerable to arbitra ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2025-13495 (The FluentCart plugin for WordPress is vulnerable to SQL Injection via ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2025-13486 (The Advanced Custom Fields: Extended plugin for WordPress is vulnerabl ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2025-13448 (The CSSIgniter Shortcodes plugin for WordPress is vulnerable to Stored ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2025-12954 (The Timetable and Event Schedule by MotoPress WordPress plugin before  ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2025-12585 (The MxChat \u2013 AI Chatbot for WordPress plugin for WordPress is vul ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2025-10304 (The Everest Backup \u2013 WordPress Cloud Backup, Migration, Restore & ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2025-66476 (Vim is an open source, command line text editor. Prior to version 9.1. ...)
 	- vim <not-affected> (Only affects Vim on Windows)
 	NOTE: https://github.com/vim/vim/security/advisories/GHSA-g77q-xrww-p834



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/f6cb3327963cf72790d1376e4c7af2c80e7db739

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/f6cb3327963cf72790d1376e4c7af2c80e7db739
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20251203/73fc3130/attachment.htm>
