[Git][security-tracker-team/security-tracker][master] Process some NFUs

Salvatore Bonaccorso (@carnil) carnil at debian.org
Sun Dec 21 08:21:33 GMT 2025 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
0f3af508 by Salvatore Bonaccorso at 2025-12-21T09:21:10+01:00
Process some NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,7 +1,7 @@
 CVE-2025-9343 (The ELEX WordPress HelpDesk & Customer Ticketing System plugin for Wor ...)
 	NOT-FOR-US: WordPress plugin
 CVE-2025-68644 (Yealink RPS before 2025-06-27 allows unauthorized access to informatio ...)
-	TODO: check
+	NOT-FOR-US: Yealink
 CVE-2025-14994 (A flaw has been found in Tenda FH1201 and FH1206 1.2.0.14(408)/1.2.0.8 ...)
 	NOT-FOR-US: Tenda
 CVE-2025-14993 (A vulnerability was detected in Tenda AC18 15.03.05.05. This affects t ...)
@@ -53,7 +53,7 @@ CVE-2025-7782 (The WP JobHunt plugin for WordPress, used by the JobCareer theme,
 CVE-2025-7733 (The WP JobHunt plugin for WordPress, used by the JobCareer theme, is v ...)
 	NOT-FOR-US: WordPress plugin
 CVE-2025-34290 (Versa SASE Client for Windows versions released between 7.8.7 and 7.9. ...)
-	TODO: check
+	NOT-FOR-US: Versa
 CVE-2025-14298 (The FiboSearch \u2013 Ajax Search for WooCommerce plugin for WordPress ...)
 	NOT-FOR-US: WordPress plugin
 CVE-2025-12492 (The Ultimate Member \u2013 User Profile, Registration, Login, Member D ...)
@@ -3050,7 +3050,7 @@ CVE-2025-14692 (A flaw has been found in Mayan EDMS up to 4.10.1. The impacted e
 CVE-2025-14691 (A vulnerability was detected in Mayan EDMS up to 4.10.1. The affected  ...)
 	NOT-FOR-US: Mayan EDMS
 CVE-2025-14549 (In the Eclipse OMR compiler component, since release 0.7.0, an optimiz ...)
-	TODO: check
+	NOT-FOR-US: Eclipse
 CVE-2025-14023 (LINE client for iOS prior to 15.19 allows UI spoofing due to inconsist ...)
 	NOT-FOR-US: LINE client for iOS
 CVE-2025-14022 (LINE client for iOS prior to 15.4 allows man-in-the-middle attacks due ...)
@@ -12294,7 +12294,7 @@ CVE-2025-12392 (The Cryptocurrency Payment Gateway for WooCommerce plugin for Wo
 CVE-2025-12391 (The Restrictions for BuddyPress plugin for WordPress is vulnerable to  ...)
 	NOT-FOR-US: WordPress plugin
 CVE-2025-12383 (In Eclipse Jersey versions 2.45, 3.0.16, 3.1.9 a race condition can ca ...)
-	TODO: check
+	NOT-FOR-US: Eclipse
 CVE-2025-12376 (The Icon List Block \u2013 Add Icon-Based Lists with Custom Styles plu ...)
 	NOT-FOR-US: WordPress plugin
 CVE-2025-12372 (The Permalinks Cascade plugin for WordPress is vulnerable to Missing A ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/0f3af508b1f7e506e04c878bd626e79b47ebb06d

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/0f3af508b1f7e506e04c878bd626e79b47ebb06d
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20251221/965d6d16/attachment.htm>

More information about the debian-security-tracker-commits mailing list