[Git][security-tracker-team/security-tracker][master] automatic NOT-FOR-US entries update

Salvatore Bonaccorso (@carnil) carnil at debian.org
Tue Jun 3 09:13:01 BST 2025 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
3a7851d8 by security tracker role at 2025-06-03T08:12:54+00:00
automatic NOT-FOR-US entries update

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,11 +1,11 @@
 CVE-2025-4797 (The Golo - City Travel Guide WordPress Theme theme for WordPress is vu ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2025-4567 (The Post Slider and Post Carousel with Post Vertical Scrolling Widget  ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2025-4224 (The wpForo + wpForo Advanced Attachments plugin for WordPress is vulne ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2025-4047 (The Broken Link Checker plugin for WordPress is vulnerable to unauthor ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2025-49164 (Arris VIP1113 devices through 2025-05-30 with KreaTV SDK have a firmwa ...)
 	TODO: check
 CVE-2025-49163 (Arris VIP1113 devices through 2025-05-30 with KreaTV SDK allow booting ...)
@@ -13,55 +13,55 @@ CVE-2025-49163 (Arris VIP1113 devices through 2025-05-30 with KreaTV SDK allow b
 CVE-2025-49162 (Arris VIP1113 devices through 2025-05-30 with KreaTV SDK allow file ov ...)
 	TODO: check
 CVE-2025-3919 (The WordPress Comments Import & Export plugin for WordPress is vulnera ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2025-3662 (The FancyBox for WordPress plugin before 3.3.6 does not escape caption ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2025-3584 (The Newsletter  WordPress plugin before 8.8.2 does not sanitise and es ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2025-31712 (In cplog service, there is a possible out of bounds write due to a mis ...)
-	TODO: check
+	NOT-FOR-US: Unisoc
 CVE-2025-31711 (In cplog service, there is a possible system crash due to null pointer ...)
-	TODO: check
+	NOT-FOR-US: Unisoc
 CVE-2025-31710 (In engineermode service, there is a possible command injection due to  ...)
-	TODO: check
+	NOT-FOR-US: Unisoc
 CVE-2025-2939 (The Ninja Tables \u2013 Easy Data Table Builder plugin for WordPress i ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2025-27038 (Memory corruption while rendering graphics using Adreno GPU drivers in ...)
-	TODO: check
+	NOT-FOR-US: Qualcomm
 CVE-2025-27031 (memory corruption while processing IOCTL commands, when the buffer in  ...)
-	TODO: check
+	NOT-FOR-US: Qualcomm
 CVE-2025-27029 (Transient DOS while processing the tone measurement response buffer wh ...)
-	TODO: check
+	NOT-FOR-US: Qualcomm
 CVE-2025-21486 (Memory corruption during dynamic process creation call when client is  ...)
-	TODO: check
+	NOT-FOR-US: Qualcomm
 CVE-2025-21485 (Memory corruption while processing INIT and multimode invoke IOCTL cal ...)
-	TODO: check
+	NOT-FOR-US: Qualcomm
 CVE-2025-21480 (Memory corruption due to unauthorized command execution in GPU microno ...)
-	TODO: check
+	NOT-FOR-US: Qualcomm
 CVE-2025-21479 (Memory corruption due to unauthorized command execution in GPU microno ...)
-	TODO: check
+	NOT-FOR-US: Qualcomm
 CVE-2025-21463 (Transient DOS while processing the EHT operation IE in the received be ...)
-	TODO: check
+	NOT-FOR-US: Qualcomm
 CVE-2024-53026 (Information disclosure when an invalid RTCP packet is received during  ...)
-	TODO: check
+	NOT-FOR-US: Qualcomm
 CVE-2024-53021 (Information disclosure may occur while processing goodbye RTCP packet  ...)
-	TODO: check
+	NOT-FOR-US: Qualcomm
 CVE-2024-53020 (Information disclosure may occur while decoding the RTP packet with in ...)
-	TODO: check
+	NOT-FOR-US: Qualcomm
 CVE-2024-53019 (Information disclosure may occur while decoding the RTP packet with im ...)
-	TODO: check
+	NOT-FOR-US: Qualcomm
 CVE-2024-53018 (Memory corruption may occur while processing the OIS packet parser.)
-	TODO: check
+	NOT-FOR-US: Qualcomm
 CVE-2024-53017 (Memory corruption while handling test pattern generator IOCTL command.)
-	TODO: check
+	NOT-FOR-US: Qualcomm
 CVE-2024-53016 (Memory corruption while processing I2C settings in Camera driver.)
-	TODO: check
+	NOT-FOR-US: Qualcomm
 CVE-2024-53015 (Memory corruption while processing IOCTL command to handle buffers ass ...)
-	TODO: check
+	NOT-FOR-US: Qualcomm
 CVE-2024-53013 (Memory corruption may occur while processing voice call registration w ...)
-	TODO: check
+	NOT-FOR-US: Qualcomm
 CVE-2024-53010 (Memory corruption may occur while attaching VM when the HLOS retains a ...)
-	TODO: check
+	NOT-FOR-US: Qualcomm
 CVE-2025-5068 (Use after free in Blink in Google Chrome prior to 137.0.7151.68 allowe ...)
 	- chromium <unfixed>
 	[bullseye] - chromium <end-of-life> (see #1061268)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/3a7851d8555add1613544c80866433a26f20af28

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/3a7851d8555add1613544c80866433a26f20af28
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20250603/40bb7ebe/attachment.htm>

More information about the debian-security-tracker-commits mailing list