[Git][security-tracker-team/security-tracker][master] automatic NOT-FOR-US entries update

Mon May 12 21:33:11 BST 2025


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
e5882365 by security tracker role at 2025-05-12T20:33:04+00:00
automatic NOT-FOR-US entries update

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,7 +1,7 @@
 CVE-2025-47682 (Improper Neutralization of Special Elements used in an SQL Command ('S ...)
 	TODO: check
 CVE-2025-47578 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin or theme
 CVE-2025-47274 (ToolHive is a utility designed to simplify the deployment and manageme ...)
 	TODO: check
 CVE-2025-47271 (The OZI action is a GitHub Action that publishes releases to PyPI and  ...)
@@ -45,13 +45,13 @@ CVE-2025-46610 (ARTEC EMA Mail 6.92 allows CSRF.)
 CVE-2025-45835 (A null pointer dereference vulnerability was discovered in Netis WF288 ...)
 	TODO: check
 CVE-2025-45779 (Tenda AC10 V1.0re_V15.03.06.46 is vulnerable to Buffer Overflow in the ...)
-	TODO: check
+	NOT-FOR-US: Tenda
 CVE-2025-44830 (EngineerCMS v1.02 through v.2.0.5 has a SQL injection vulnerability in ...)
 	TODO: check
 CVE-2025-44176 (Tenda FH451 V1.0.0.9 is vulnerable to Remote Code Execution in the for ...)
-	TODO: check
+	NOT-FOR-US: Tenda
 CVE-2025-44175 (Tenda AC10 v4 V16.03.10.13 is vulnerable to Buffer Overflow in the Get ...)
-	TODO: check
+	NOT-FOR-US: Tenda
 CVE-2025-44022 (An issue in vvveb CMS v.1.0.6 allows a remote attacker to execute arbi ...)
 	TODO: check
 CVE-2025-41393 (Reflected cross-site scripting vulnerability exists in the laser print ...)
@@ -61,13 +61,13 @@ CVE-2025-40627 (Reflected Cross-Site Scripting (XSS) vulnerability inAbanteCart
 CVE-2025-40626 (Reflected Cross-Site Scripting (XSS) vulnerability inAbanteCart v1.4.0 ...)
 	TODO: check
 CVE-2025-3632 (IBM 4769 Developers Toolkit 7.0.0 through 7.5.52 could allow a remote  ...)
-	TODO: check
+	NOT-FOR-US: IBM
 CVE-2025-32390 (EspoCRM is a free, open-source customer relationship management platfo ...)
 	TODO: check
 CVE-2025-26841 (Cross Site Scripting vulnerability in WPEVEREST Everest Forms before 3 ...)
 	TODO: check
 CVE-2025-1533 (A stack buffer overflow has been identified in the AsIO3.sys driver. T ...)
-	TODO: check
+	NOT-FOR-US: ASUS
 CVE-2025-1079 (Client RCE on macOS and Linux via improper symbolic link resolution in ...)
 	TODO: check
 CVE-2024-56524 (Radware Cloud Web Application Firewall (WAF) before 2025-05-07 allows  ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/e58823657a0b1be165c7ba2d47c0735fc709a750

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/e58823657a0b1be165c7ba2d47c0735fc709a750
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20250512/06a8770e/attachment.htm>
