[Git][security-tracker-team/security-tracker][master] NFUs

Moritz Muehlenhoff (@jmm) jmm at debian.org
Tue Oct 28 08:39:37 GMT 2025 


Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker


Commits:
538c3d0d by Moritz Muehlenhoff at 2025-10-28T09:39:13+01:00
NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,27 +1,27 @@
 CVE-2025-62793 (eLabFTW is an open source electronic lab notebook for research labs. T ...)
-	TODO: check
+	NOT-FOR-US: eLabFTW
 CVE-2025-62784 (InventoryGui is a library for creating chest GUIs for Bukkit/Spigot pl ...)
-	TODO: check
+	NOT-FOR-US: InventoryGui
 CVE-2025-62783 (InventoryGui is a library for creating chest GUIs for Bukkit/Spigot pl ...)
-	TODO: check
+	NOT-FOR-US: InventoryGui
 CVE-2025-62782 (InventoryGui is a library for creating chest GUIs for Bukkit/Spigot pl ...)
-	TODO: check
+	NOT-FOR-US: InventoryGui
 CVE-2025-62781 (PILOS (Platform for Interactive Live-Online Seminars) is a frontend fo ...)
-	TODO: check
+	NOT-FOR-US: PILOS
 CVE-2025-62779 (Frappe Learning is a learning system that helps users structure their  ...)
-	TODO: check
+	NOT-FOR-US: Frappe Learning
 CVE-2025-62778 (Frappe Learning is a learning management system. A security issue was  ...)
-	TODO: check
+	NOT-FOR-US: Frappe Learning
 CVE-2025-62777 (Use of Hard-Coded Credentials issue exists in MZK-DP300N version 1.07  ...)
-	TODO: check
+	NOT-FOR-US: MZK-DP300N
 CVE-2025-62725 (Docker Compose trusts the path information embedded in remote OCI comp ...)
 	TODO: check
 CVE-2025-62594 (ImageMagick is a software suite to create, edit, compose, or convert b ...)
 	TODO: check
 CVE-2025-62524 (PILOS (Platform for Interactive Live-Online Seminars) is a frontend fo ...)
-	TODO: check
+	NOT-FOR-US: PILOS
 CVE-2025-62523 (PILOS (Platform for Interactive Live-Online Seminars) is a frontend fo ...)
-	TODO: check
+	NOT-FOR-US: PILOS
 CVE-2025-62262 (Information exposure through log file vulnerability in LDAP import fea ...)
 	NOT-FOR-US: Liferay
 CVE-2025-62261 (Liferay Portal 7.4.0 through 7.4.3.99, and older unsupported versions, ...)
@@ -45,23 +45,23 @@ CVE-2025-33126 (IBM DB2 High Performance Unload 6.1.0.3, 5.1.0.1, 6.1.0.2, 6.5,
 CVE-2025-12378 (A security flaw has been discovered in code-projects Simple Food Order ...)
 	NOT-FOR-US: code-projects
 CVE-2025-12347 (A flaw has been found in MaxSite CMS up to 109. This issue affects som ...)
-	TODO: check
+	NOT-FOR-US: MaxSite CMS
 CVE-2025-12346 (A vulnerability was detected in MaxSite CMS up to 109. This vulnerabil ...)
-	TODO: check
+	NOT-FOR-US: MaxSite CMS
 CVE-2025-12344 (A vulnerability has been found in Yonyou U8 Cloud up to 5.1sp. The imp ...)
-	TODO: check
+	NOT-FOR-US: Yonyou U8 Cloud
 CVE-2025-12342 (A flaw has been found in Serdar Bayram Ghost Hot Spot up to 20251014.  ...)
-	TODO: check
+	NOT-FOR-US: Serdar Bayram Ghost Hot Spot
 CVE-2025-12341 (A vulnerability was detected in ermig1979 AntiDupl up to 2.3.12. Impac ...)
-	TODO: check
+	NOT-FOR-US: ermig1979 AntiDupl
 CVE-2025-12339 (A security vulnerability has been detected in Campcodes Retro Basketba ...)
-	TODO: check
+	NOT-FOR-US: Campcodes
 CVE-2025-12338 (A weakness has been identified in Campcodes Retro Basketball Shoes Onl ...)
-	TODO: check
+	NOT-FOR-US: Campcodes
 CVE-2025-12337 (A security flaw has been discovered in Campcodes Retro Basketball Shoe ...)
-	TODO: check
+	NOT-FOR-US: Campcodes
 CVE-2025-12336 (A vulnerability was identified in Campcodes Retro Basketball Shoes Onl ...)
-	TODO: check
+	NOT-FOR-US: Campcodes
 CVE-2025-12335 (A vulnerability was determined in code-projects E-Commerce Website 1.0 ...)
 	NOT-FOR-US: code-projects
 CVE-2025-12334 (A vulnerability was found in code-projects E-Commerce Website 1.0. Aff ...)
@@ -71,17 +71,17 @@ CVE-2025-12333 (A vulnerability has been found in code-projects E-Commerce Websi
 CVE-2025-12332 (A flaw has been found in SourceCodester Student Grades Management Syst ...)
 	NOT-FOR-US: SourceCodester
 CVE-2025-12331 (A weakness has been identified in Willow CMS up to 1.4.0. Impacted is  ...)
-	TODO: check
+	NOT-FOR-US: Willow CMS
 CVE-2025-12330 (A security flaw has been discovered in Willow CMS up to 1.4.0. This is ...)
-	TODO: check
+	NOT-FOR-US: Willow CMS
 CVE-2025-12329 (A security flaw has been discovered in shawon100 RUET OJ up to 18fa45b ...)
-	TODO: check
+	NOT-FOR-US: shawon100 RUET OJ
 CVE-2025-12328 (A vulnerability was identified in shawon100 RUET OJ up to 18fa45b0a669 ...)
-	TODO: check
+	NOT-FOR-US: shawon100 RUET OJ
 CVE-2025-12327 (A vulnerability was determined in shawon100 RUET OJ up to 18fa45b0a669 ...)
-	TODO: check
+	NOT-FOR-US: shawon100 RUET OJ
 CVE-2025-12326 (A vulnerability was found in shawon100 RUET OJ up to 18fa45b0a669fa109 ...)
-	TODO: check
+	NOT-FOR-US: shawon100 RUET OJ
 CVE-2025-12325 (A vulnerability has been found in SourceCodester Best Salon Management ...)
 	NOT-FOR-US: SourceCodester
 CVE-2025-12322 (A flaw has been found in Tenda CH22 1.0.0.1. Affected by this issue is ...)
@@ -97,7 +97,7 @@ CVE-2025-12313 (A vulnerability has been found in D-Link DI-7001 MINI 19.09.19A1
 CVE-2025-11735 (The HUSKY \u2013 Products Filter Professional for WooCommerce plugin f ...)
 	NOT-FOR-US: WordPress plugin
 CVE-2025-10939 (A flaw was found in Keycloak. The Keycloak guides recommend to not exp ...)
-	TODO: check
+	- keycloak <itp> (bug #1088287)
 CVE-2025-10151 (Improper locking vulnerability in Softing Industrial Automation GmbH g ...)
 	NOT-FOR-US: Softing
 CVE-2025-10150 (Webserver crash caused by scanning on TCP port 80 in Softing Industria ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/538c3d0d4e87a49d86e36e0363ace11c3d85943e

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/538c3d0d4e87a49d86e36e0363ace11c3d85943e
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20251028/ccef3935/attachment.htm>

More information about the debian-security-tracker-commits mailing list