[Git][security-tracker-team/security-tracker][master] automatic NOT-FOR-US entries update

Salvatore Bonaccorso (@carnil) carnil at debian.org
Wed Nov 12 08:13:44 GMT 2025 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
44199a73 by security tracker role at 2025-11-12T08:13:34+00:00
automatic NOT-FOR-US entries update

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,31 +1,31 @@
 CVE-2025-64531 (Substance3D - Stager versions 3.1.5 and earlier are affected by a Use  ...)
-	TODO: check
+	NOT-FOR-US: Adobe
 CVE-2025-61835 (Substance3D - Stager versions 3.1.5 and earlier are affected by an Int ...)
-	TODO: check
+	NOT-FOR-US: Adobe
 CVE-2025-61834 (Substance3D - Stager versions 3.1.5 and earlier are affected by a Use  ...)
-	TODO: check
+	NOT-FOR-US: Adobe
 CVE-2025-61833 (Substance3D - Stager versions 3.1.5 and earlier are affected by an out ...)
-	TODO: check
+	NOT-FOR-US: Adobe
 CVE-2025-54983 (A health check port on Zscaler Client Connector on Windows, versions 4 ...)
-	TODO: check
+	NOT-FOR-US: Zscaler
 CVE-2025-43205 (An out-of-bounds access issue was addressed with improved bounds check ...)
-	TODO: check
+	NOT-FOR-US: Apple
 CVE-2025-41116 (When using the Grafana Databricks Datasource Plugin, if Oauth passthro ...)
 	TODO: check
 CVE-2025-40827 (A vulnerability has been identified in Siemens Software Center (All ve ...)
-	TODO: check
+	NOT-FOR-US: Siemens
 CVE-2025-40817 (A vulnerability has been identified in LOGO! 12/24RCE (6ED1052-1MD08-0 ...)
-	TODO: check
+	NOT-FOR-US: Siemens
 CVE-2025-40816 (A vulnerability has been identified in LOGO! 12/24RCE (6ED1052-1MD08-0 ...)
-	TODO: check
+	NOT-FOR-US: Siemens
 CVE-2025-40815 (A vulnerability has been identified in LOGO! 12/24RCE (6ED1052-1MD08-0 ...)
-	TODO: check
+	NOT-FOR-US: Siemens
 CVE-2025-40763 (A vulnerability has been identified in Altair Grid Engine (All version ...)
-	TODO: check
+	NOT-FOR-US: Siemens
 CVE-2025-40760 (A vulnerability has been identified in Altair Grid Engine (All version ...)
-	TODO: check
+	NOT-FOR-US: Siemens
 CVE-2025-40744 (A vulnerability has been identified in Solid Edge SE2025 (All versions ...)
-	TODO: check
+	NOT-FOR-US: Siemens
 CVE-2025-40111 (In the Linux kernel, the following vulnerability has been resolved:  d ...)
 	TODO: check
 CVE-2025-40110 (In the Linux kernel, the following vulnerability has been resolved:  d ...)
@@ -37,7 +37,7 @@ CVE-2025-13047 (Bacteriology Laboratory Reporting System developed by ViewLead T
 CVE-2025-13046 (Bacteriology Laboratory Reporting System developed by ViewLead Technol ...)
 	TODO: check
 CVE-2025-12901 (The Asgaros Forum plugin for WordPress is vulnerable to Cross-Site Req ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2025-12872 (The a+HRD and a+HCM developed by aEnrich has a Stored Cross-Site Scrip ...)
 	TODO: check
 CVE-2025-12871 (The a+HRD developed by aEnrich has an Authentication Abuse vulnerabili ...)
@@ -47,27 +47,27 @@ CVE-2025-12870 (The a+HRD developed by aEnrich has an Authentication Abuse vulne
 CVE-2025-12869 (The a+HRD developed by aEnrich has a Stored Cross-Site Scripting vulne ...)
 	TODO: check
 CVE-2025-12833 (The GeoDirectory \u2013 WP Business Directory Plugin and Classified Li ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2025-12633 (The Booking Calendar | Appointment Booking | Bookit plugin for WordPre ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2025-12113 (The Alt Text Generator AI \u2013 Auto Generate & Bulk Update Alt Texts ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2025-12087 (The Wishlist and Save for later for Woocommerce plugin for WordPress i ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2025-12018 (The MembershipWorks \u2013 Membership, Events & Directory plugin for W ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2025-11560 (The Team Members Showcase WordPress plugin before 3.5.0 does not sanit ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2024-32014 (A vulnerability has been identified in Spectrum Power 4 (All versions  ...)
-	TODO: check
+	NOT-FOR-US: Siemens
 CVE-2024-32011 (A vulnerability has been identified in Spectrum Power 4 (All versions  ...)
-	TODO: check
+	NOT-FOR-US: Siemens
 CVE-2024-32010 (A vulnerability has been identified in Spectrum Power 4 (All versions  ...)
-	TODO: check
+	NOT-FOR-US: Siemens
 CVE-2024-32009 (A vulnerability has been identified in Spectrum Power 4 (All versions  ...)
-	TODO: check
+	NOT-FOR-US: Siemens
 CVE-2024-32008 (A vulnerability has been identified in Spectrum Power 4 (All versions  ...)
-	TODO: check
+	NOT-FOR-US: Siemens
 CVE-2025-9408 (System call entry on Cortex M (and possibly R and A, but I think not)  ...)
 	NOT-FOR-US: Zephyr, different from src:zephyr
 CVE-2025-9227 (Zohocorp ManageEngine OpManager versions 128609 and below are vulnerab ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/44199a734775b8007c0de37cd2c27ece4c2f47d9

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/44199a734775b8007c0de37cd2c27ece4c2f47d9
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20251112/a2d43728/attachment.htm>

More information about the debian-security-tracker-commits mailing list