[Git][security-tracker-team/security-tracker][master] automatic NOT-FOR-US entries update

Mon Dec 22 20:13:47 GMT 2025


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
64cba96c by security tracker role at 2025-12-22T20:13:39+00:00
automatic NOT-FOR-US entries update

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,7 +1,7 @@
 CVE-2025-8460 (Improper Neutralization of Input During Web Page Generation (XSS or 'C ...)
-	TODO: check
+	NOT-FOR-US: Centreon
 CVE-2025-68645 (A Local File Inclusion (LFI) vulnerability exists in the Webmail Class ...)
-	TODO: check
+	NOT-FOR-US: Zimbra
 CVE-2025-68337 (In the Linux kernel, the following vulnerability has been resolved:  j ...)
 	TODO: check
 CVE-2025-68336 (In the Linux kernel, the following vulnerability has been resolved:  l ...)
@@ -39,7 +39,7 @@ CVE-2025-67290 (A stored cross-site scripting (XSS) vulnerability in the Page Se
 CVE-2025-67289 (An arbitrary file upload vulnerability in the Attachments module of Fr ...)
 	TODO: check
 CVE-2025-67288 (An arbitrary file upload vulnerability in Umbraco CMS v16.3.3 allows a ...)
-	TODO: check
+	NOT-FOR-US: Umbraco CMS
 CVE-2025-65837 (PublicCMS V5.202506.b is vulnerable to Cross Site Scripting (XSS) in t ...)
 	TODO: check
 CVE-2025-65790 (A reflected cross-site scripting (XSS) vulnerability exists in FuguHub ...)
@@ -53,11 +53,11 @@ CVE-2025-63663 (Incorrect access control in the /api/v1/conversations/*/files AP
 CVE-2025-63662 (Insecure permissions in the /api/v1/agents API of GT Edge AI Platform  ...)
 	TODO: check
 CVE-2025-62880 (Cross-Site Request Forgery (CSRF) vulnerability in Kunal Nagar Custom  ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin or theme
 CVE-2025-62107 (Cross-Site Request Forgery (CSRF) vulnerability in PluginOps Feather L ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin or theme
 CVE-2025-62094 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin or theme
 CVE-2025-61740 (Authentication issue that does not verify the source of a packet which ...)
 	TODO: check
 CVE-2025-61739 (Due to Nonce reuse, attackers can perform reply attack or decrypt capt ...)
@@ -65,19 +65,19 @@ CVE-2025-61739 (Due to Nonce reuse, attackers can perform reply attack or decryp
 CVE-2025-61738 (Under certain circumstances, attacker can capture the network key, rea ...)
 	TODO: check
 CVE-2025-54890 (Improper Neutralization of Input During Web Page Generation (XSS or 'C ...)
-	TODO: check
+	NOT-FOR-US: Centreon
 CVE-2025-26787 (An error in the SignServer container startup logic was found in Keyfac ...)
 	TODO: check
 CVE-2025-26379 (Use of a weak pseudo-random number generator, which may allow an attac ...)
 	TODO: check
 CVE-2025-15033 (A vulnerability in WooCommerce 8.1 to 10.4.2 can allow logged-in custo ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2025-14273 (Mattermost versions 11.1.x <= 11.1.0, 11.0.x <= 11.0.5, 10.12.x <= 10. ...)
 	TODO: check
 CVE-2025-14018 (Unquoted Search Path or Element vulnerability in NetBT Consulting Serv ...)
 	TODO: check
 CVE-2025-12514 (Improper Neutralization of Special Elements used in an SQL Command ('S ...)
-	TODO: check
+	NOT-FOR-US: Centreon
 CVE-2025-10021 (A Use of Uninitialized Variable vulnerability exists in Open DesignAll ...)
 	TODO: check
 CVE-2024-35321 (MyNET up to v26.08 was discovered to contain a Reflected cross-site sc ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/64cba96cdfadd6144972c959d0c2d05b97456f47

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/64cba96cdfadd6144972c959d0c2d05b97456f47
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20251222/d460c661/attachment.htm>
