[Git][security-tracker-team/security-tracker][master] automatic NOT-FOR-US entries update

Thu Nov 27 20:13:44 GMT 2025


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
16bbf5d0 by security tracker role at 2025-11-27T20:13:35+00:00
automatic NOT-FOR-US entries update

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,11 +1,11 @@
 CVE-2025-8890 (Firmware in SDMC NE6037 routers prior to version 7.1.12.2.44has a netw ...)
 	TODO: check
 CVE-2025-59890 (Improper input sanitization in the file archives upload functionality  ...)
-	TODO: check
+	NOT-FOR-US: Eaton
 CVE-2025-59454 (In Apache CloudStack, a gap in access control checks affected the APIs ...)
-	TODO: check
+	NOT-FOR-US: Apache software not packaged in Debian
 CVE-2025-59302 (In  Apache CloudStack improper control of generation of code ('Code In ...)
-	TODO: check
+	NOT-FOR-US: Apache software not packaged in Debian
 CVE-2025-59026 (Malicious content uploaded as file can be used to execute script code  ...)
 	TODO: check
 CVE-2025-59025 (Malicious e-mail content can be used to execute script code. Unintende ...)
@@ -19,25 +19,25 @@ CVE-2025-30190 (Malicious content at office documents can be used to inject scri
 CVE-2025-30186 (Malicious content uploaded as file can be used to execute script code  ...)
 	TODO: check
 CVE-2025-13765 (Exposure of email service credentials to users without administrative  ...)
-	TODO: check
+	NOT-FOR-US: Devolutions
 CVE-2025-13758 (Exposure of credentials in unintended requests in Devolutions Server.T ...)
-	TODO: check
+	NOT-FOR-US: Devolutions
 CVE-2025-13757 (SQL Injection vulnerability in last usage logs in Devolutions Server.T ...)
-	TODO: check
+	NOT-FOR-US: Devolutions
 CVE-2025-13742 (Emails sent by pretix can utilize placeholders that will be filled wit ...)
 	TODO: check
 CVE-2025-13692 (The Unlimited Elements For Elementor plugin for WordPress is vulnerabl ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2025-13536 (The Blubrry PowerPress plugin for WordPress is vulnerable to arbitrary ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2025-13381 (The AI ChatBot with ChatGPT and Content Generator by AYS plugin for Wo ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2025-13378 (The AI ChatBot with ChatGPT and Content Generator by AYS plugin for Wo ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2025-12971 (The Folders \u2013 Unlimited Folders to Organize Media Library Folder, ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2025-12584 (The Quick View for WooCommerce plugin for WordPress is vulnerable to I ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2025-12559 (Mattermost versions 11.0.x <= 11.0.2, 10.12.x <= 10.12.1, 10.11.x <= 1 ...)
 	TODO: check
 CVE-2025-12421 (Mattermost versions 11.0.x <= 11.0.2, 10.12.x <= 10.12.1, 10.11.x <= 1 ...)
@@ -47,7 +47,7 @@ CVE-2025-12419 (Mattermost versions 10.12.x <= 10.12.1, 10.11.x <= 10.11.4, 10.5
 CVE-2025-12140 (The application contains an insecure 'redirectToUrl' mechanism that in ...)
 	TODO: check
 CVE-2025-10476 (The WP Fastest Cache plugin for WordPress is vulnerable to unauthorize ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2025-7820 (The SKT PayPal for WooCommerce plugin for WordPress is vulnerable to P ...)
 	NOT-FOR-US: WordPress plugin
 CVE-2025-66314 (Improper Privilege Management vulnerability in ZTE ElasticNet UME R32  ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/16bbf5d0d8db58b87180342956f4a10de8d2398c

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/16bbf5d0d8db58b87180342956f4a10de8d2398c
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20251127/83c1c3df/attachment.htm>
