[Git][security-tracker-team/security-tracker][master] Process some NFUs

Sat Oct 25 15:21:45 BST 2025


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
2642f220 by Salvatore Bonaccorso at 2025-10-25T16:21:22+02:00
Process some NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -17,25 +17,25 @@ CVE-2025-6639 (The Tutor LMS Pro \u2013 eLearning and online course solution plu
 CVE-2025-62723 (FlashMQ is a MQTT broker/server, designed for multi-CPU environments.  ...)
 	- flashmq <itp> (bug #1100047)
 CVE-2025-62717 (Emlog is an open source website building system. In version 2.5.23, Em ...)
-	TODO: check
+	NOT-FOR-US: Emlog
 CVE-2025-62716 (Plane is open-source project management software. Prior to version 1.1 ...)
-	TODO: check
+	NOT-FOR-US: Plane
 CVE-2025-62711 (Wasmtime is a runtime for WebAssembly. In versions from 38.0.0 to befo ...)
 	TODO: check
 CVE-2025-60954 (Microweber CMS 2.0 has Weak Password Requirements. The application doe ...)
-	TODO: check
+	NOT-FOR-US: Microweber CMS
 CVE-2025-4203 (The wpForo Forum plugin for WordPress is vulnerable to error\u2010base ...)
 	NOT-FOR-US: WordPress plugin
 CVE-2025-4106 (An authenticated admin user with access to both the management WebUI a ...)
 	NOT-FOR-US: WatchGuard
 CVE-2025-34503 (Deck Mate 1 executes firmware directly from an external EEPROM without ...)
-	TODO: check
+	NOT-FOR-US: Deck Mate 1
 CVE-2025-34502 (Deck Mate 2 lacks a verified secure-boot chain and runtime integrity v ...)
-	TODO: check
+	NOT-FOR-US: Deck Mate 2
 CVE-2025-34500 (Deck Mate 2's firmware update mechanism accepts packages without crypt ...)
-	TODO: check
+	NOT-FOR-US: Deck Mate 2
 CVE-2025-34293 (GN4 Publishing System versions prior to 2.6 contain an insecure direct ...)
-	TODO: check
+	NOT-FOR-US: GN4 Publishing System
 CVE-2025-12194 (Uncontrolled Resource Consumption vulnerability in Legion of the Bounc ...)
 	TODO: check
 CVE-2025-12095 (The Simple Registration for WooCommerce plugin for WordPress is vulner ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/2642f2200b28af183c5c0486000364377d973e5a

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/2642f2200b28af183c5c0486000364377d973e5a
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20251025/7bdd37f7/attachment.htm>
