[Git][security-tracker-team/security-tracker][master] automatic NOT-FOR-US entries update

Wed Oct 15 09:13:47 BST 2025


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
d667e1f4 by security tracker role at 2025-10-15T08:13:38+00:00
automatic NOT-FOR-US entries update

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,7 +1,7 @@
 CVE-2025-8561 (The Ova Advent plugin for WordPress is vulnerable to Stored Cross-Site ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2025-6042 (The Lisfinity Core - Lisfinity Core plugin used for pebas\xae Lisfinit ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2025-62448
 	REJECTED
 CVE-2025-62447
@@ -27,11 +27,11 @@ CVE-2025-62374 (Parse Javascript SDK provides access to the powerful Parse Serve
 CVE-2025-61941 (A path traversal issue exists in WXR9300BE6P series firmware versions  ...)
 	TODO: check
 CVE-2025-61804 (Animate versions 23.0.13, 24.0.10 and earlier are affected by a Heap-b ...)
-	TODO: check
+	NOT-FOR-US: Adobe
 CVE-2025-61797 (Adobe Experience Manager versions 11.6 and earlier are affected by a s ...)
-	TODO: check
+	NOT-FOR-US: Adobe
 CVE-2025-61796 (Adobe Experience Manager versions 11.6 and earlier are affected by a s ...)
-	TODO: check
+	NOT-FOR-US: Adobe
 CVE-2025-55080 (In Eclipse ThreadX before 6.4.3, when memory protection is enabled, sy ...)
 	TODO: check
 CVE-2025-55079 (In Eclipse ThreadX before version 6.4.3, the thread module has a setti ...)
@@ -39,35 +39,35 @@ CVE-2025-55079 (In Eclipse ThreadX before version 6.4.3, the thread module has a
 CVE-2025-55039 (This issue affects Apache Spark versions before  3.4.4,3.5.2 and 4.0.0 ...)
 	TODO: check
 CVE-2025-54279 (Animate versions 23.0.13, 24.0.10 and earlier are affected by a Use Af ...)
-	TODO: check
+	NOT-FOR-US: Adobe
 CVE-2025-54278 (Bridge versions 14.1.8, 15.1.1 and earlier are affected by a Heap-base ...)
-	TODO: check
+	NOT-FOR-US: Adobe
 CVE-2025-54277 (Adobe Commerce versions 2.4.9-alpha2, 2.4.8-p2, 2.4.7-p7, 2.4.6-p12, 2 ...)
-	TODO: check
+	NOT-FOR-US: Adobe
 CVE-2025-54272 (Adobe Experience Manager versions 11.6 and earlier are affected by a s ...)
-	TODO: check
+	NOT-FOR-US: Adobe
 CVE-2025-54270 (Animate versions 23.0.13, 24.0.10 and earlier are affected by a NULL P ...)
-	TODO: check
+	NOT-FOR-US: Adobe
 CVE-2025-54269 (Animate versions 23.0.13, 24.0.10 and earlier are affected by an out-o ...)
-	TODO: check
+	NOT-FOR-US: Adobe
 CVE-2025-54268 (Bridge versions 14.1.8, 15.1.1 and earlier are affected by a Heap-base ...)
-	TODO: check
+	NOT-FOR-US: Adobe
 CVE-2025-54267 (Adobe Commerce versions 2.4.9-alpha2, 2.4.8-p2, 2.4.7-p7, 2.4.6-p12, 2 ...)
-	TODO: check
+	NOT-FOR-US: Adobe
 CVE-2025-54266 (Adobe Commerce versions 2.4.9-alpha2, 2.4.8-p2, 2.4.7-p7, 2.4.6-p12, 2 ...)
-	TODO: check
+	NOT-FOR-US: Adobe
 CVE-2025-54265 (Adobe Commerce versions 2.4.9-alpha2, 2.4.8-p2, 2.4.7-p7, 2.4.6-p12, 2 ...)
-	TODO: check
+	NOT-FOR-US: Adobe
 CVE-2025-54264 (Adobe Commerce versions 2.4.9-alpha2, 2.4.8-p2, 2.4.7-p7, 2.4.6-p12, 2 ...)
-	TODO: check
+	NOT-FOR-US: Adobe
 CVE-2025-54263 (Adobe Commerce versions 2.4.9-alpha2, 2.4.8-p2, 2.4.7-p7, 2.4.6-p12, 2 ...)
-	TODO: check
+	NOT-FOR-US: Adobe
 CVE-2025-54196 (Adobe Connect versions 12.9 and earlier are affected by a URL Redirect ...)
-	TODO: check
+	NOT-FOR-US: Adobe
 CVE-2025-49553 (Adobe Connect versions 12.9 and earlier are affected by a DOM-based Cr ...)
-	TODO: check
+	NOT-FOR-US: Adobe
 CVE-2025-49552 (Adobe Connect versions 12.9 and earlier are affected by a DOM-based Cr ...)
-	TODO: check
+	NOT-FOR-US: Adobe
 CVE-2025-40000 (In the Linux kernel, the following vulnerability has been resolved:  w ...)
 	TODO: check
 CVE-2025-39999 (In the Linux kernel, the following vulnerability has been resolved:  b ...)
@@ -145,17 +145,17 @@ CVE-2025-26860 (RemoteCall Remote Support Program (for Operator) versions prior
 CVE-2025-26859 (RemoteView PC Application Console versions prior to 6.0.2 contain an u ...)
 	TODO: check
 CVE-2025-11746 (The XStore theme for WordPress is vulnerable to Local File Inclusion i ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2025-11501 (The Dynamically Display Posts plugin for WordPress is vulnerable to SQ ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2025-11176 (The Quick Featured Images plugin for WordPress is vulnerable to Insecu ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2025-11161 (The WPBakery Page Builder plugin for WordPress is vulnerable to Stored ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2025-11160 (The WPBakery Page Builder plugin for WordPress is vulnerable to Stored ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2025-10406 (The BlindMatrix e-Commerce WordPress plugin before 3.1 does not valida ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2024-13991 (Huijietong Cloud Video Platform contains a path traversal vulnerabilit ...)
 	TODO: check
 CVE-2023-7311 (BYTEVALUE Intelligent Flow Control Router contains a command injection ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/d667e1f4b66e497a87dd525da592132a68123f32

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/d667e1f4b66e497a87dd525da592132a68123f32
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20251015/0db2feb7/attachment-0001.htm>
