[Git][security-tracker-team/security-tracker][master] automatic NOT-FOR-US entries update

Salvatore Bonaccorso (@carnil) carnil at debian.org
Mon Dec 29 20:16:02 GMT 2025 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
34308d7c by security tracker role at 2025-12-29T20:15:03+00:00
automatic NOT-FOR-US entries update

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -15,23 +15,23 @@ CVE-2025-68929 (Frappe is a full-stack web application framework. Prior to versi
 CVE-2025-68928 (Frappe CRM is an open-source customer relationship management tool. Pr ...)
 	TODO: check
 CVE-2025-68897 (Improper Control of Generation of Code ('Code Injection') vulnerabilit ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin or theme
 CVE-2025-68893 (Server-Side Request Forgery (SSRF) vulnerability in HETWORKS WordPress ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin or theme
 CVE-2025-68879 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin or theme
 CVE-2025-68878 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin or theme
 CVE-2025-68877 (Improper Control of Filename for Include/Require Statement in PHP Prog ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin or theme
 CVE-2025-68876 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin or theme
 CVE-2025-68870 (Improper Control of Filename for Include/Require Statement in PHP Prog ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin or theme
 CVE-2025-68868 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin or theme
 CVE-2025-68861 (Missing Authorization vulnerability in Plugin Optimizer allows Exploit ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin or theme
 CVE-2025-68706 (A stack-based buffer overflow exists in the GoAhead-Webs HTTP daemon o ...)
 	TODO: check
 CVE-2025-68431 (libheif is an HEIF and AVIF file format decoder and encoder. Prior to  ...)
@@ -87,9 +87,9 @@ CVE-2025-15201 (A flaw has been found in SohuTV CacheCloud up to 3.2.0. The impa
 CVE-2025-15200 (A vulnerability was detected in SohuTV CacheCloud up to 3.2.0. The aff ...)
 	TODO: check
 CVE-2025-15199 (A security vulnerability has been detected in code-projects College No ...)
-	TODO: check
+	NOT-FOR-US: code-projects
 CVE-2025-15198 (A weakness has been identified in code-projects College Notes Uploadin ...)
-	TODO: check
+	NOT-FOR-US: code-projects
 CVE-2025-15197 (A security flaw has been discovered in code-projects/anirbandutta9 Con ...)
 	TODO: check
 CVE-2025-15196 (A vulnerability was identified in code-projects Assessment Management  ...)
@@ -97,45 +97,45 @@ CVE-2025-15196 (A vulnerability was identified in code-projects Assessment Manag
 CVE-2025-15195 (A vulnerability was determined in code-projects Assessment Management  ...)
 	TODO: check
 CVE-2025-15194 (A vulnerability was found in D-Link DIR-600 up to 2.15WWb02. Affected  ...)
-	TODO: check
+	NOT-FOR-US: D-Link
 CVE-2025-15193 (A vulnerability was detected in D-Link DWR-M920 up to 1.1.50. This aff ...)
-	TODO: check
+	NOT-FOR-US: D-Link
 CVE-2025-15192 (A security vulnerability has been detected in D-Link DWR-M920 up to 1. ...)
-	TODO: check
+	NOT-FOR-US: D-Link
 CVE-2025-15191 (A weakness has been identified in D-Link DWR-M920 up to 1.1.50. The af ...)
-	TODO: check
+	NOT-FOR-US: D-Link
 CVE-2025-15190 (A security flaw has been discovered in D-Link DWR-M920 up to 1.1.50. I ...)
-	TODO: check
+	NOT-FOR-US: D-Link
 CVE-2025-15189 (A vulnerability was identified in D-Link DWR-M920 up to 1.1.50. This i ...)
-	TODO: check
+	NOT-FOR-US: D-Link
 CVE-2025-15188 (A vulnerability was determined in Campcodes Complete Online Beauty Par ...)
-	TODO: check
+	NOT-FOR-US: Campcodes
 CVE-2025-15187 (A vulnerability was found in GreenCMS up to 2.3. This affects an unkno ...)
 	TODO: check
 CVE-2025-15186 (A vulnerability has been found in code-projects Refugee Food Managemen ...)
-	TODO: check
+	NOT-FOR-US: code-projects
 CVE-2025-15185 (A flaw has been found in code-projects Refugee Food Management System  ...)
-	TODO: check
+	NOT-FOR-US: code-projects
 CVE-2025-15184 (A vulnerability was detected in code-projects Refugee Food Management  ...)
-	TODO: check
+	NOT-FOR-US: code-projects
 CVE-2025-15183 (A security vulnerability has been detected in code-projects Refugee Fo ...)
-	TODO: check
+	NOT-FOR-US: code-projects
 CVE-2025-15182 (A weakness has been identified in code-projects Refugee Food Managemen ...)
-	TODO: check
+	NOT-FOR-US: code-projects
 CVE-2025-15181 (A security flaw has been discovered in code-projects Refugee Food Mana ...)
-	TODO: check
+	NOT-FOR-US: code-projects
 CVE-2025-15180 (A vulnerability was identified in Tenda WH450 1.0.0.18. The affected e ...)
-	TODO: check
+	NOT-FOR-US: Tenda
 CVE-2025-14728 (Rapid7 Velociraptor versions before 0.75.6 contain a directory travers ...)
 	TODO: check
 CVE-2025-14280 (The PixelYourSite plugin for WordPress is vulnerable to Sensitive Info ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2025-14175 (A vulnerability in the SSH server of TP-Link TL-WR820N v2.80 allows th ...)
-	TODO: check
+	NOT-FOR-US: TP-Link
 CVE-2025-13592 (The Advanced Ads plugin for WordPress is vulnerable to Remote Code Exe ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2024-30855 (DedeCMS v5.7 was discovered to contain a Cross-Site Request Forgery (C ...)
-	TODO: check
+	NOT-FOR-US: DedeCMS
 CVE-2024-25181 (A critical vulnerability has been identified in givanz VvvebJs 1.7.2,  ...)
 	TODO: check
 CVE-2025-52691 (Successful exploitation of the vulnerability could allow an unauthenti ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/34308d7c3fa5c560b1bc1cd65f9f189d00df5cc7

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/34308d7c3fa5c560b1bc1cd65f9f189d00df5cc7
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20251229/d393129b/attachment-0001.htm>

More information about the debian-security-tracker-commits mailing list