[Git][security-tracker-team/security-tracker][master] Process some NFUs

Salvatore Bonaccorso (@carnil) carnil at debian.org
Mon Nov 17 13:36:33 GMT 2025 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
ffa2e131 by Salvatore Bonaccorso at 2025-11-17T14:35:29+01:00
Process some NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,33 +1,33 @@
 CVE-2025-9501 (The W3 Total Cache WordPress plugin before 2.8.13 is vulnerable to com ...)
 	NOT-FOR-US: WordPress plugin
 CVE-2025-60022 (Improper certificate validation vulnerability exists in '\u30c7\u30b8\ ...)
-	TODO: check
+	NOT-FOR-US: KDDI CORPORATION app
 CVE-2025-13284 (ThinPLUS developed by ThinPLUS has an OS Command Injection vulnerabili ...)
-	TODO: check
+	NOT-FOR-US: ThinPLUS
 CVE-2025-13283 (TenderDocTransfer developed by Chunghwa Telecom has a Arbitrary File C ...)
-	TODO: check
+	NOT-FOR-US: TenderDocTransfer
 CVE-2025-13282 (TenderDocTransfer developed by Chunghwa Telecom has a Arbitrary File D ...)
-	TODO: check
+	NOT-FOR-US: TenderDocTransfer
 CVE-2025-13270 (A vulnerability was found in Campcodes School Fees Payment Management  ...)
 	NOT-FOR-US: Campcodes
 CVE-2025-13269 (A vulnerability has been found in Campcodes School Fees Payment Manage ...)
 	NOT-FOR-US: Campcodes
 CVE-2025-13268 (A flaw has been found in Dromara dataCompare up to 1.0.1. The affected ...)
-	TODO: check
+	NOT-FOR-US: Dromara dataCompare
 CVE-2025-13267 (A vulnerability was detected in SourceCodester Dental Clinic Appointme ...)
 	NOT-FOR-US: SourceCodester
 CVE-2025-13266 (A security vulnerability has been detected in wwwlike vlife up to 2.0. ...)
-	TODO: check
+	NOT-FOR-US: wwwlike vlife
 CVE-2025-13265 (A weakness has been identified in lsfusion platform up to 6.1. This vu ...)
-	TODO: check
+	NOT-FOR-US: lsfusion platform
 CVE-2025-13264 (A security flaw has been discovered in SourceCodester Online Magazine  ...)
 	NOT-FOR-US: SourceCodester
 CVE-2025-13263 (A vulnerability was identified in SourceCodester Online Magazine Manag ...)
 	NOT-FOR-US: SourceCodester
 CVE-2025-13262 (A vulnerability was determined in lsfusion platform up to 6.1. Affecte ...)
-	TODO: check
+	NOT-FOR-US: lsfusion platform
 CVE-2025-13261 (A vulnerability was found in lsfusion platform up to 6.1. Affected is  ...)
-	TODO: check
+	NOT-FOR-US: lsfusion platform
 CVE-2025-13260 (A vulnerability has been found in Campcodes Supplier Management System ...)
 	NOT-FOR-US: Campcodes
 CVE-2025-13259 (A flaw has been found in Campcodes Supplier Management System 1.0. Thi ...)
@@ -45,27 +45,27 @@ CVE-2025-13254 (A vulnerability was identified in projectworlds Advanced Library
 CVE-2025-13253 (A vulnerability was determined in projectworlds Advanced Library Manag ...)
 	NOT-FOR-US: Project Worlds
 CVE-2025-13252 (A vulnerability was found in shsuishang ShopSuite ModulithShop up to 4 ...)
-	TODO: check
+	NOT-FOR-US: shsuishang ShopSuite ModulithShop
 CVE-2025-13165 (EasyFlow GP developed by Digiwin has a Denial of service vulnerability ...)
-	TODO: check
+	NOT-FOR-US: EasyFlow GP
 CVE-2025-13164 (EasyFlow GP developed by Digiwin has an Insufficiently Protected Crede ...)
-	TODO: check
+	NOT-FOR-US: EasyFlow GP
 CVE-2025-13163 (EasyFlow GP developed by Digiwin has an Insufficiently Protected Crede ...)
-	TODO: check
+	NOT-FOR-US: EasyFlow GP
 CVE-2025-10460 (A SQL Injection vulnerability on an endpoint in BEIMS Contractor Web,  ...)
-	TODO: check
+	NOT-FOR-US: BEIMS Contractor Web
 CVE-2025-13251 (A flaw has been found in WeiYe-Jing datax-web up to 2.1.2. Affected is ...)
-	TODO: check
+	NOT-FOR-US: WeiYe-Jing datax-web
 CVE-2025-13250 (A vulnerability was detected in WeiYe-Jing datax-web up to 2.1.2. This ...)
-	TODO: check
+	NOT-FOR-US: WeiYe-Jing datax-web
 CVE-2025-13249 (A security vulnerability has been detected in Jiusi OA up to 20251102. ...)
-	TODO: check
+	NOT-FOR-US: Jiusi OA
 CVE-2025-13248 (A weakness has been identified in SourceCodester Patients Waiting Area ...)
 	NOT-FOR-US: SourceCodester
 CVE-2025-13247 (A security flaw has been discovered in PHPGurukul Tourism Management S ...)
 	NOT-FOR-US: PHPGurukul
 CVE-2025-13246 (A vulnerability was identified in shsuishang ShopSuite ModulithShop up ...)
-	TODO: check
+	NOT-FOR-US: shsuishang ShopSuite ModulithShop
 CVE-2025-13245 (A vulnerability was identified in code-projects Student Information Sy ...)
 	NOT-FOR-US: code-projects
 CVE-2025-13244 (A vulnerability was determined in code-projects Student Information Sy ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/ffa2e131ac5c051c5a0d8932c9c5b15ee515d812

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/ffa2e131ac5c051c5a0d8932c9c5b15ee515d812
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20251117/921fd947/attachment-0001.htm>

More information about the debian-security-tracker-commits mailing list