[Git][security-tracker-team/security-tracker][master] automatic NOT-FOR-US entries update

Salvatore Bonaccorso (@carnil) carnil at debian.org
Tue Jul 22 21:14:16 BST 2025 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
52085303 by security tracker role at 2025-07-22T20:14:09+00:00
automatic NOT-FOR-US entries update

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,17 +1,17 @@
 CVE-2025-8019 (A vulnerability was found in Shenzhen Libituo Technology LBT-T300-T310 ...)
 	TODO: check
 CVE-2025-8018 (A vulnerability was found in code-projects Food Ordering Review System ...)
-	TODO: check
+	NOT-FOR-US: code-projects
 CVE-2025-8017 (A vulnerability was found in Tenda AC7 15.03.06.44. It has been classi ...)
-	TODO: check
+	NOT-FOR-US: Tenda
 CVE-2025-8015 (The WP Shortcodes Plugin \u2014 Shortcodes Ultimate plugin for WordPre ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2025-7953 (A vulnerability, which was classified as problematic, has been found i ...)
 	TODO: check
 CVE-2025-7952 (A vulnerability classified as critical was found in TOTOLINK T6 4.1.5c ...)
 	TODO: check
 CVE-2025-7951 (A vulnerability classified as problematic has been found in code-proje ...)
-	TODO: check
+	NOT-FOR-US: code-projects
 CVE-2025-7950 (A vulnerability was found in code-projects Public Chat Room 1.0. It ha ...)
 	TODO: check
 CVE-2025-7949 (A vulnerability was found in Sanluan PublicCMS up to 5.202506.a. It ha ...)
@@ -21,17 +21,17 @@ CVE-2025-7948 (A vulnerability classified as problematic was found in jshERP up
 CVE-2025-7947 (A vulnerability classified as critical has been found in jshERP up to  ...)
 	TODO: check
 CVE-2025-7946 (A vulnerability was found in PHPGurukul Apartment Visitors Management  ...)
-	TODO: check
+	NOT-FOR-US: PHPGurukul
 CVE-2025-7945 (A vulnerability was found in D-Link DIR-513 up to 20190831. It has bee ...)
-	TODO: check
+	NOT-FOR-US: D-Link
 CVE-2025-7944 (A vulnerability was found in PHPGurukul Taxi Stand Management System 1 ...)
-	TODO: check
+	NOT-FOR-US: PHPGurukul
 CVE-2025-7943 (A vulnerability was found in PHPGurukul Taxi Stand Management System 1 ...)
-	TODO: check
+	NOT-FOR-US: PHPGurukul
 CVE-2025-7942 (A vulnerability has been found in PHPGurukul Taxi Stand Management Sys ...)
-	TODO: check
+	NOT-FOR-US: PHPGurukul
 CVE-2025-7941 (A vulnerability, which was classified as problematic, was found in PHP ...)
-	TODO: check
+	NOT-FOR-US: PHPGurukul
 CVE-2025-7940 (A vulnerability was found in Genshin Albedo Cat House App 1.0.2 on And ...)
 	TODO: check
 CVE-2025-7939 (A vulnerability was found in jerryshensjf JPACookieShop \u86cb\u7cd5\u ...)
@@ -41,43 +41,43 @@ CVE-2025-7900 (The femanager extension for TYPO3 allows Insecure Direct Object R
 CVE-2025-7899 (The powermail extension for TYPO3 allows Insecure Direct Object Refere ...)
 	TODO: check
 CVE-2025-7705 (: Active Debug Code vulnerability in ABB Switch Actuator 4 DU-83330, A ...)
-	TODO: check
+	NOT-FOR-US: ABB group
 CVE-2025-7692 (The Orion Login with SMS plugin for WordPress is vulnerable to Authent ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2025-7687 (The Latest Post Accordian Slider plugin for WordPress is vulnerable to ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2025-7685 (The Like & Share My Site plugin for WordPress is vulnerable to Cross-S ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2025-7645 (The Extensions For CF7 (Contact form 7 Database, Conditional Fields an ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2025-7644 (The Pixel Gallery Addons for Elementor \u2013 Easy Grid, Creative Gall ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2025-7495 (The WP-Members Membership Plugin plugin for WordPress is vulnerable to ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2025-7486 (The Ebook Store plugin for WordPress is vulnerable to Stored Cross-Sit ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2025-7427 (Uncontrolled Search Path Element in Arm Development Studio before 2025 ...)
 	TODO: check
 CVE-2025-7371 (Okta On-Premises Provisioning (OPP) agents log certain user data durin ...)
 	TODO: check
 CVE-2025-6831 (The User Registration plugin for WordPress is vulnerable to Stored Cro ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2025-6741 (Improper access control in secure message component in Devolutions Ser ...)
-	TODO: check
+	NOT-FOR-US: Devolutions
 CVE-2025-6585 (The WP JobHunt plugin for WordPress is vulnerable to Insecure Direct O ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2025-6523 (Use of weak credentials in emergency authentication component in Devol ...)
-	TODO: check
+	NOT-FOR-US: Devolutions
 CVE-2025-6213 (The Nginx Cache Purge Preload plugin for WordPress is vulnerable to Re ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2025-6187 (The bSecure plugin for WordPress is vulnerable to Privilege Escalation ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2025-6082 (The Birth Chart Compatibility plugin for WordPress is vulnerable to Fu ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2025-5240 (The CRM and Lead Management by vcita plugin for WordPress is vulnerabl ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2025-5042 (A maliciously crafted RFA file, when parsed through Autodesk Revit, ca ...)
-	TODO: check
+	NOT-FOR-US: Autodesk
 CVE-2025-54362
 	REJECTED
 CVE-2025-54361
@@ -189,13 +189,13 @@ CVE-2025-31512 (An issue was discovered in AlertEnterprise Guardian 4.1.14.2.2.1
 CVE-2025-31511 (An issue was discovered in AlertEnterprise Guardian 4.1.14.2.2.1. One  ...)
 	TODO: check
 CVE-2024-38335 (IBM Security QRadar Network Threat Analytics 1.0.0 through 1.3.1 could ...)
-	TODO: check
+	NOT-FOR-US: IBM
 CVE-2015-10140 (The Ajax Load More plugin before 2.8.1.2 does not have authorisation i ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2015-10137 (The Website Contact Form With File Upload plugin for WordPress is vuln ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2012-10020 (The FoxyPress plugin for WordPress is vulnerable to arbitrary file upl ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2025-38352 (In the Linux kernel, the following vulnerability has been resolved:  p ...)
 	- linux 6.12.35-1
 	NOTE: https://git.kernel.org/linus/f90fff1e152dedf52b932240ebbd670d83330eca (6.16-rc2)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/52085303752603ae5aa699c9f6a3f5d5c7bb058b

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/52085303752603ae5aa699c9f6a3f5d5c7bb058b
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20250722/6688831f/attachment.htm>

More information about the debian-security-tracker-commits mailing list