[Git][security-tracker-team/security-tracker][master] automatic NOT-FOR-US entries update

Fri May 30 21:13:42 BST 2025


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
b0ec77e7 by security tracker role at 2025-05-30T20:13:36+00:00
automatic NOT-FOR-US entries update

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,41 +1,41 @@
 CVE-2025-5361 (A vulnerability, which was classified as critical, has been found in C ...)
-	TODO: check
+	NOT-FOR-US: Campcodes
 CVE-2025-5360 (A vulnerability classified as critical was found in Campcodes Online H ...)
-	TODO: check
+	NOT-FOR-US: Campcodes
 CVE-2025-5359 (A vulnerability classified as critical has been found in Campcodes Onl ...)
-	TODO: check
+	NOT-FOR-US: Campcodes
 CVE-2025-5358 (A vulnerability was found in PHPGurukul/Campcodes Cyber Cafe Managemen ...)
-	TODO: check
+	NOT-FOR-US: Campcodes
 CVE-2025-5357 (A vulnerability was found in FreeFloat FTP Server 1.0. It has been dec ...)
 	TODO: check
 CVE-2025-5356 (A vulnerability was found in FreeFloat FTP Server 1.0. It has been cla ...)
 	TODO: check
 CVE-2025-5235 (The OpenSheetMusicDisplay plugin for WordPress is vulnerable to Stored ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2025-5190 (The Browse As plugin for WordPress is vulnerable to authentication byp ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2025-5142 (The Simple Page Access Restriction plugin for WordPress is vulnerable  ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2025-4992 (A stored Cross-site Scripting (XSS) vulnerability affecting Service It ...)
-	TODO: check
+	NOT-FOR-US: Dassault Systemes
 CVE-2025-4991 (A stored Cross-site Scripting (XSS) vulnerability affecting 3D Markup  ...)
-	TODO: check
+	NOT-FOR-US: Dassault Systemes
 CVE-2025-4990 (A stored Cross-site Scripting (XSS) vulnerability affecting Change Gov ...)
-	TODO: check
+	NOT-FOR-US: Dassault Systemes
 CVE-2025-4989 (A stored Cross-site Scripting (XSS) vulnerability affecting Requiremen ...)
-	TODO: check
+	NOT-FOR-US: Dassault Systemes
 CVE-2025-4988 (A stored Cross-site Scripting (XSS) vulnerability affecting Results An ...)
-	TODO: check
+	NOT-FOR-US: Dassault Systemes
 CVE-2025-4986 (A stored Cross-site Scripting (XSS) vulnerability affecting Model Defi ...)
-	TODO: check
+	NOT-FOR-US: Dassault Systemes
 CVE-2025-4985 (A stored Cross-site Scripting (XSS) vulnerability affecting Risk Manag ...)
-	TODO: check
+	NOT-FOR-US: Dassault Systemes
 CVE-2025-4984 (A stored Cross-site Scripting (XSS) vulnerability affecting City Disco ...)
-	TODO: check
+	NOT-FOR-US: Dassault Systemes
 CVE-2025-4983 (A stored Cross-site Scripting (XSS) vulnerability affecting City Refer ...)
-	TODO: check
+	NOT-FOR-US: Dassault Systemes
 CVE-2025-4944 (The LA-Studio Element Kit for Elementor plugin for WordPress is vulner ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2025-4636 (Due to excessive privileges granted to the web user running the airpoi ...)
 	TODO: check
 CVE-2025-4635 (A malicious user with administrative privileges in the web portal woul ...)
@@ -45,9 +45,9 @@ CVE-2025-4634 (The web portal on airpointer 2.4.107-2 was vulnerable local file
 CVE-2025-4633 (Default credentials were present in the web portal for Airpointer 2.4. ...)
 	TODO: check
 CVE-2025-4597 (The Woo Slider Pro \u2013 Drag Drop Slider Builder For WooCommerce plu ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2025-4433 (Improper access control in user group management in Devolutions Server ...)
-	TODO: check
+	NOT-FOR-US: Devolutions
 CVE-2025-48949 (Navidrome is an open source web-based music collection server and stre ...)
 	TODO: check
 CVE-2025-48948 (Navidrome is an open source web-based music collection server and stre ...)
@@ -99,27 +99,27 @@ CVE-2025-2502 (An improper default permissions vulnerability was reported in Len
 CVE-2025-2501 (An untrusted search path vulnerability was reported in Lenovo PC Manag ...)
 	TODO: check
 CVE-2025-2500 (A vulnerability exists in the SOAP Web services of the Asset  Suite ve ...)
-	TODO: check
+	NOT-FOR-US: Hitachi Energy
 CVE-2025-1792 (Mattermost versions 10.7.x <= 10.7.0, 10.5.x <= 10.5.3, 9.11.x <= 9.11 ...)
 	TODO: check
 CVE-2025-1763 (An issue has been discovered in GitLab EE that allows for cross-site-s ...)
 	TODO: check
 CVE-2025-1484 (A vulnerability exists in the media upload component of the Asset  Sui ...)
-	TODO: check
+	NOT-FOR-US: Hitachi Energy
 CVE-2025-1479 (An open debug interface was reported in the Legion Space software incl ...)
 	TODO: check
 CVE-2025-0602 (A stored Cross-site Scripting (XSS) vulnerability affecting Compare in ...)
-	TODO: check
+	NOT-FOR-US: Dassault Systemes
 CVE-2024-7097 (An incorrect authorization vulnerability exists in multiple WSO2 produ ...)
-	TODO: check
+	NOT-FOR-US: WSO2
 CVE-2024-7096 (A privilege escalation vulnerability exists in multiple [Vendor Name]  ...)
-	TODO: check
+	NOT-FOR-US: WSO2
 CVE-2024-42191 (HCL Traveler for Microsoft Outlook (HTMO) is susceptible to a COM hija ...)
-	TODO: check
+	NOT-FOR-US: HCL
 CVE-2024-42190 (HCL Traveler for Microsoft Outlook (HTMO) is susceptible to a DLL hija ...)
-	TODO: check
+	NOT-FOR-US: HCL
 CVE-2024-23589 (Due to outdated Hash algorithm, HCL Glovius Cloud could allow attacker ...)
-	TODO: check
+	NOT-FOR-US: HCL
 CVE-2024-13917 (Anapplication "com.pri.applock", which is pre-loaded onKruger&Matz sma ...)
 	TODO: check
 CVE-2024-13916 (Anapplication "com.pri.applock", which is pre-loaded onKruger&Matz sma ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/b0ec77e72800c970e975a806022ff1154997e308

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/b0ec77e72800c970e975a806022ff1154997e308
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20250530/947b0aa6/attachment-0001.htm>
