[Git][security-tracker-team/security-tracker][master] automatic NOT-FOR-US entries update

Salvatore Bonaccorso (@carnil) carnil at debian.org
Thu Jul 31 21:13:10 BST 2025 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
3c1de78b by security tracker role at 2025-07-31T20:12:57+00:00
automatic NOT-FOR-US entries update

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -7,17 +7,17 @@ CVE-2025-8408 (A vulnerability, which was classified as critical, was found in c
 CVE-2025-8407 (A vulnerability, which was classified as critical, has been found in c ...)
 	TODO: check
 CVE-2025-8401 (The HT Mega \u2013 Absolute Addons For Elementor plugin for WordPress  ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2025-8382 (A vulnerability, which was classified as critical, was found in Campco ...)
-	TODO: check
+	NOT-FOR-US: Campcodes
 CVE-2025-8381 (A vulnerability, which was classified as critical, has been found in C ...)
-	TODO: check
+	NOT-FOR-US: Campcodes
 CVE-2025-8380 (A vulnerability classified as problematic was found in Campcodes Onlin ...)
-	TODO: check
+	NOT-FOR-US: Campcodes
 CVE-2025-8379 (A vulnerability classified as critical has been found in Campcodes Onl ...)
-	TODO: check
+	NOT-FOR-US: Campcodes
 CVE-2025-8378 (A vulnerability was found in Campcodes Online Hotel Reservation System ...)
-	TODO: check
+	NOT-FOR-US: Campcodes
 CVE-2025-8376 (A vulnerability classified as critical has been found in code-projects ...)
 	TODO: check
 CVE-2025-8375 (A vulnerability was found in code-projects Vehicle Management 1.0. It  ...)
@@ -27,13 +27,13 @@ CVE-2025-8374 (A vulnerability was found in code-projects Vehicle Management 1.0
 CVE-2025-8286 (G\xfcralp FMUS series seismic monitoring devicesexpose an unauthentica ...)
 	TODO: check
 CVE-2025-8213 (The NinjaScanner \u2013 Virus & Malware scan plugin for WordPress is v ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2025-8192 (There exists a TOCTOU race condition in TvSettings AppRestrictionsFrag ...)
 	TODO: check
 CVE-2025-8151 (The HT Mega \u2013 Absolute Addons For Elementor plugin for WordPress  ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2025-8068 (The HT Mega \u2013 Absolute Addons For Elementor plugin for WordPress  ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2025-54834 (OPEXUS FOIAXpress Public Access Link (PAL) version v11.1.0 allows an u ...)
 	TODO: check
 CVE-2025-54833 (OPEXUS FOIAXpress Public Access Link (PAL) version v11.1.0 allows atta ...)
@@ -51,11 +51,11 @@ CVE-2025-51569 (A cross-site scripting (XSS) vulnerability exists in the LB-Link
 CVE-2025-51503 (A Stored Cross-Site Scripting (XSS) vulnerability in Microweber CMS 2. ...)
 	TODO: check
 CVE-2025-51385 (D-LINK DI-8200 16.07.26A1 is vulnerable to Buffer Overflow in the yyxz ...)
-	TODO: check
+	NOT-FOR-US: D-Link
 CVE-2025-51384 (D-LINK DI-8200 16.07.26A1 is vulnerable to Buffer Overflow in the ipse ...)
-	TODO: check
+	NOT-FOR-US: D-Link
 CVE-2025-51383 (D-LINK DI-8200 16.07.26A1 is vulnerable to Buffer Overflow in the ipse ...)
-	TODO: check
+	NOT-FOR-US: D-Link
 CVE-2025-50867 (A SQL Injection vulnerability exists in the takeassessment2.php endpoi ...)
 	TODO: check
 CVE-2025-50866 (CloudClassroom-PHP-Project 1.0 contains a reflected Cross-site Scripti ...)
@@ -85,15 +85,15 @@ CVE-2025-41688 (A high privileged remote attacker can execute arbitrary OS comma
 CVE-2025-40980 (A Stored Cross Site Scripting vulnerability has been found in Ultimate ...)
 	TODO: check
 CVE-2025-37112 (A vulnerability was discovered in the storage policy for certain sets  ...)
-	TODO: check
+	NOT-FOR-US: HPE
 CVE-2025-37111 (A vulnerability was discovered in the storage policy for certain sets  ...)
-	TODO: check
+	NOT-FOR-US: HPE
 CVE-2025-37110 (A vulnerability was discovered in the storage policy for certain sets  ...)
-	TODO: check
+	NOT-FOR-US: HPE
 CVE-2025-37109 (Cross-site scripting vulnerability has been identified in HPE Telco Se ...)
-	TODO: check
+	NOT-FOR-US: HPE
 CVE-2025-37108 (Cross-site scripting vulnerability has been identified in HPE Telco Se ...)
-	TODO: check
+	NOT-FOR-US: HPE
 CVE-2025-34146 (A prototype pollution vulnerability exists in @nyariv/sandboxjs versio ...)
 	TODO: check
 CVE-2025-2813 (An unauthenticated remote attacker can cause a Denial of Service by se ...)
@@ -103,11 +103,11 @@ CVE-2025-29557 (ExaGrid EX10 6.3 - 7.0.1.P08 is vulnerable to Incorrect Access C
 CVE-2025-29556 (ExaGrid EX10 6.3 - 7.0.1.P08 is vulnerable to Incorrect Access Control ...)
 	TODO: check
 CVE-2025-26064 (A cross-site scripting (XSS) vulnerability in Intelbras RX1500 v2.2.9  ...)
-	TODO: check
+	NOT-FOR-US: Intelbras
 CVE-2025-26063 (An issue in Intelbras RX1500 v2.2.9 and RX3000 v1.0.11 allows unauthen ...)
-	TODO: check
+	NOT-FOR-US: Intelbras
 CVE-2025-26062 (An access control issue in Intelbras RX1500 v2.2.9 and RX3000 v1.0.11  ...)
-	TODO: check
+	NOT-FOR-US: Intelbras
 CVE-2025-24854 (A carefully crafted request using the Image plugin could trigger an XS ...)
 	TODO: check
 CVE-2025-24853 (A carefully crafted request when creating a header link using the  wik ...)
@@ -125,7 +125,7 @@ CVE-2014-125124 (An unauthenticated remote command execution vulnerability exist
 CVE-2014-125123 (An unauthenticated SQL injection vulnerability exists in the Kloxo web ...)
 	TODO: check
 CVE-2014-125122 (A stack-based buffer overflow vulnerability exists in the tmUnblock.cg ...)
-	TODO: check
+	NOT-FOR-US: Linksys
 CVE-2014-125121 (Array Networks vAPV (version 8.3.2.17) and vxAG (version 9.2.0.34) app ...)
 	TODO: check
 CVE-2013-10043 (A vulnerability exists in OAstium VoIP PBX astium-confweb-2.1-25399 an ...)
@@ -149,7 +149,7 @@ CVE-2013-10034 (An unrestricted file upload vulnerability exists in Kaseya KServ
 CVE-2013-10033 (An unauthenticated SQL injection vulnerability exists in Kimai version ...)
 	TODO: check
 CVE-2012-10021 (A stack-based buffer overflow vulnerability exists in D-Link DIR-605L  ...)
-	TODO: check
+	NOT-FOR-US: D-Link
 CVE-2011-10008 (A stack-based buffer overflow vulnerability exists in MPlayer Lite r33 ...)
 	TODO: check
 CVE-2025-8373 (A vulnerability was found in code-projects Vehicle Management 1.0. It  ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/3c1de78bf22b2a64743bb846f112b11c48c85f97

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/3c1de78bf22b2a64743bb846f112b11c48c85f97
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20250731/d8e2e5bf/attachment.htm>

More information about the debian-security-tracker-commits mailing list