[Git][security-tracker-team/security-tracker][master] Process some NFUs

Salvatore Bonaccorso (@carnil) carnil at debian.org
Fri Jul 18 14:27:05 BST 2025 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
7fe71e7c by Salvatore Bonaccorso at 2025-07-18T15:26:37+02:00
Process some NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -7,13 +7,13 @@ CVE-2025-7765 (A vulnerability classified as critical was found in code-projects
 CVE-2025-7764 (A vulnerability classified as critical has been found in code-projects ...)
 	NOT-FOR-US: code-projects
 CVE-2025-7763 (A vulnerability, which was classified as problematic, was found in thi ...)
-	TODO: check
+	NOT-FOR-US: thinkgem JeeSite
 CVE-2025-7762 (A vulnerability, which was classified as critical, has been found in D ...)
 	NOT-FOR-US: D-Link
 CVE-2025-7759 (A vulnerability, which was classified as critical, was found in thinkg ...)
-	TODO: check
+	NOT-FOR-US: thinkgem JeeSite
 CVE-2025-7758 (A vulnerability, which was classified as critical, has been found in T ...)
-	TODO: check
+	NOT-FOR-US: TOTOLINK
 CVE-2025-7757 (A vulnerability classified as critical was found in PHPGurukul Land Re ...)
 	NOT-FOR-US: PHPGurukul
 CVE-2025-7756 (A vulnerability classified as problematic has been found in code-proje ...)
@@ -33,7 +33,7 @@ CVE-2025-7750 (A vulnerability, which was classified as critical, was found in c
 CVE-2025-7749 (A vulnerability, which was classified as critical, has been found in c ...)
 	NOT-FOR-US: code-projects
 CVE-2025-7748 (A vulnerability classified as problematic was found in ZCMS 3.6.0. Thi ...)
-	TODO: check
+	NOT-FOR-US: ZCMS
 CVE-2025-7747 (A vulnerability classified as critical has been found in Tenda FH451 1 ...)
 	NOT-FOR-US: Tenda
 CVE-2025-7660 (The Map My Locations plugin for WordPress is vulnerable to Stored Cros ...)
@@ -45,11 +45,11 @@ CVE-2025-7643 (The Attachment Manager plugin for WordPress is vulnerable to arbi
 CVE-2025-7638 (The Forminator Forms \u2013 Contact Form, Payment Form & Custom Form B ...)
 	NOT-FOR-US: WordPress plugin
 CVE-2025-7472 (A local privilege escalation vulnerability in the Intercept X for Wind ...)
-	TODO: check
+	NOT-FOR-US: Sophos
 CVE-2025-7438 (The MasterStudy LMS Pro plugin for WordPress is vulnerable to arbitrar ...)
 	NOT-FOR-US: WordPress plugin
 CVE-2025-7433 (A local privilege escalation vulnerability in Sophos Intercept X for W ...)
-	TODO: check
+	NOT-FOR-US: Sophos
 CVE-2025-7431 (The Knowledge Base plugin for WordPress is vulnerable to Stored Cross- ...)
 	NOT-FOR-US: WordPress plugin
 CVE-2025-7398 (Brocade ASCG before 3.3.0 allows for the use of medium strength crypto ...)
@@ -59,7 +59,7 @@ CVE-2025-7397 (A vulnerability in the ascgshell, of  Brocade ASCG before 3.3.0 s
 CVE-2025-7339 (on-headers is a node.js middleware for listening to when a response wr ...)
 	TODO: check
 CVE-2025-7338 (Multer is a node.js middleware for handling `multipart/form-data`. A v ...)
-	TODO: check
+	NOT-FOR-US: Node multer
 CVE-2025-6813 (The aapanel WP Toolkit plugin for WordPress is vulnerable to Privilege ...)
 	NOT-FOR-US: WordPress plugin
 CVE-2025-6781 (The Copymatic \u2013 AI Content Writer & Generator plugin for WordPres ...)
@@ -89,7 +89,7 @@ CVE-2025-6222 (The WooCommerce Refund And Exchange with RMA - Warranty Managemen
 CVE-2025-6197 (An open redirect vulnerability has been identified in Grafana OSS orga ...)
 	TODO: check
 CVE-2025-6185 (Leviton AcquiSuite and Energy Monitoring Hub  are susceptible to a cro ...)
-	TODO: check
+	NOT-FOR-US: Leviton AcquiSuite and Energy Monitoring Hub
 CVE-2025-6053 (The Zuppler Online Ordering plugin for WordPress is vulnerable to Cros ...)
 	NOT-FOR-US: WordPress plugin
 CVE-2025-6023 (An open redirect vulnerability has been identified in Grafana OSS that ...)
@@ -113,11 +113,11 @@ CVE-2025-5345 (Bluebird devices contain a pre-loaded file manager application. T
 CVE-2025-5344 (Bluebird devices contain a pre-loaded kiosk application. This applicat ...)
 	TODO: check
 CVE-2025-54070 (OpenZeppelin Contracts is a library for secure smart contract developm ...)
-	TODO: check
+	NOT-FOR-US: OpenZeppelin Contracts
 CVE-2025-54068 (Livewire is a full-stack framework for Laravel. In Livewire v3 up to a ...)
 	TODO: check
 CVE-2025-54066 (DiracX-Web is a web application that provides an interface to interact ...)
-	TODO: check
+	NOT-FOR-US: DiracX-Web
 CVE-2025-54064 (Rucio is a software framework that provides functionality to organize, ...)
 	TODO: check
 CVE-2025-54062 (WeGIA is an open source web manager with a focus on the Portuguese lan ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/7fe71e7c402330010328551b996d63c85a62e37b

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/7fe71e7c402330010328551b996d63c85a62e37b
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20250718/1ed21fd6/attachment-0001.htm>

More information about the debian-security-tracker-commits mailing list