[Git][security-tracker-team/security-tracker][master] automatic NOT-FOR-US entries update

Salvatore Bonaccorso (@carnil) carnil at debian.org
Wed Jun 18 21:13:12 BST 2025 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
95f8850a by security tracker role at 2025-06-18T20:13:05+00:00
automatic NOT-FOR-US entries update

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,13 +1,13 @@
 CVE-2025-6240 (Improper Input Validation vulnerability in Profisee on Windows (filesy ...)
 	TODO: check
 CVE-2025-6220 (The Ultra Addons for Contact Form 7 plugin for WordPress is vulnerable ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2025-6086 (The CSV Me plugin for WordPress is vulnerable to arbitrary file upload ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2025-5981 (Arbitrary file write as the OSV-SCALIBR user on the host system via a  ...)
 	TODO: check
 CVE-2025-5237 (The Target Video Easy Publish plugin for WordPress is vulnerable to St ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2025-4821 (Impact  Cloudflare quiche was discovered to be vulnerable to incorrect ...)
 	TODO: check
 CVE-2025-4820 (Impact  Cloudflare quiche was discovered to be vulnerable to incorrect ...)
@@ -21,7 +21,7 @@ CVE-2025-46109 (SQL Injection vulnerability in pbootCMS v.3.2.5 and v.3.2.10 all
 CVE-2025-45786 (Real Estate Management 1.0 is vulnerable to Cross Site Scripting (XSS) ...)
 	TODO: check
 CVE-2025-45784 (D-Link DPH-400S/SE VoIP Phone v1.01 contains hardcoded provisioning va ...)
-	TODO: check
+	NOT-FOR-US: D-Link
 CVE-2025-45661 (A cross-site scripting (XSS) vulnerability in miniTCG v1.3.1 beta allo ...)
 	TODO: check
 CVE-2025-44952 (A missing length check in `ogs_pfcp_subnet_add` function from PFCP lib ...)
@@ -29,9 +29,9 @@ CVE-2025-44952 (A missing length check in `ogs_pfcp_subnet_add` function from PF
 CVE-2025-44951 (A missing length check in `ogs_pfcp_dev_add` function from PFCP librar ...)
 	TODO: check
 CVE-2025-36049 (IBM webMethods Integration Server 10.5, 10.7, 10.11, and 10.15   is vu ...)
-	TODO: check
+	NOT-FOR-US: IBM
 CVE-2025-36048 (IBM webMethods Integration Server 10.5, 10.7, 10.11, and 10.15 could a ...)
-	TODO: check
+	NOT-FOR-US: IBM
 CVE-2025-29646 (An issue in upf in open5gs 2.7.2 and earlier allows a remote attacker  ...)
 	TODO: check
 CVE-2025-26199 (An issue in CloudClassroom PHP Project v.1.0 allows a remote attacker  ...)
@@ -39,7 +39,7 @@ CVE-2025-26199 (An issue in CloudClassroom PHP Project v.1.0 allows a remote att
 CVE-2025-26198 (CloudClassroom-PHP-Project v.1.0 is vulnerable to SQL Injection in log ...)
 	TODO: check
 CVE-2025-23999 (Missing Authorization vulnerability in Cloudways Breeze allows Exploit ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin or theme
 CVE-2025-20271 (A vulnerability in the Cisco AnyConnect VPN server of Cisco Meraki MX  ...)
 	TODO: check
 CVE-2025-20260 (A vulnerability in the PDF scanning processes of ClamAV could allow an ...)
@@ -47,15 +47,15 @@ CVE-2025-20260 (A vulnerability in the PDF scanning processes of ClamAV could al
 CVE-2025-20234 (A vulnerability in Universal Disk Format (UDF) processing of ClamAV co ...)
 	TODO: check
 CVE-2025-1349 (IBM Sterling B2B Integrator and IBM Sterling File Gateway 6.0.0.0 thro ...)
-	TODO: check
+	NOT-FOR-US: IBM
 CVE-2025-1348 (IBM Sterling B2B Integrator and IBM Sterling File Gateway 6.0.0.0 thro ...)
-	TODO: check
+	NOT-FOR-US: IBM
 CVE-2025-1088 (In Grafana, an excessively long dashboard title or panel name will cau ...)
 	TODO: check
 CVE-2024-54183 (IBM Sterling B2B Integrator and IBM Sterling File Gateway 6.0.0.0 thro ...)
-	TODO: check
+	NOT-FOR-US: IBM
 CVE-2024-54172 (IBM Sterling B2B Integrator and IBM Sterling File Gateway 6.0.0.0 thro ...)
-	TODO: check
+	NOT-FOR-US: IBM
 CVE-2022-50232 (In the Linux kernel, the following vulnerability has been resolved:  a ...)
 	- linux 5.16.7-1
 	[bullseye] - linux <not-affected> (Vulnerable code not present)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/95f8850a23ce3219c1cb734fb7774a3eed62dcb0

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/95f8850a23ce3219c1cb734fb7774a3eed62dcb0
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20250618/1430c507/attachment.htm>

More information about the debian-security-tracker-commits mailing list