[Git][security-tracker-team/security-tracker][master] Process NFUs
Salvatore Bonaccorso (@carnil)
carnil at debian.org
Fri Sep 12 09:52:13 BST 2025
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
8189d910 by Salvatore Bonaccorso at 2025-09-12T10:51:51+02:00
Process NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -13,7 +13,7 @@ CVE-2025-8575 (The LWS Cleaner plugin for WordPress is vulnerable to arbitrary f
CVE-2025-8280 (The Contact Form 7 reCAPTCHA WordPress plugin through 1.2.0 does not e ...)
NOT-FOR-US: WordPress plugin
CVE-2025-58781 (WTW-EAGLE App does not properly validate server certificates, which ma ...)
- TODO: check
+ NOT-FOR-US: WTW-EAGLE App
CVE-2025-58754 (Axios is a promise based HTTP client for the browser and Node.js. When ...)
TODO: check
CVE-2025-55319 (Ai command injection in Agentic AI and Visual Studio Code allows an un ...)
@@ -35,27 +35,27 @@ CVE-2025-21042 (Out-of-bounds write in libimagecodec.quram.so prior to SMR Apr-2
CVE-2025-10298
REJECTED
CVE-2025-10291 (A weakness has been identified in linlinjava litemall up to 1.8.0. Thi ...)
- TODO: check
+ NOT-FOR-US: linlinjava litemall
CVE-2025-10288 (A vulnerability was found in roncoo roncoo-pay up to 9428382af21cd5568 ...)
- TODO: check
+ NOT-FOR-US: roncoo roncoo-pay
CVE-2025-10287 (A vulnerability has been found in roncoo roncoo-pay up to 9428382af21c ...)
- TODO: check
+ NOT-FOR-US: roncoo roncoo-pay
CVE-2025-10278 (A flaw has been found in YunaiV ruoyi-vue-pro up to 2025.09. Impacted ...)
- TODO: check
+ NOT-FOR-US: YunaiV ruoyi-vue-pro
CVE-2025-10277 (A vulnerability was detected in YunaiV yudao-cloud up to 2025.09. This ...)
- TODO: check
+ NOT-FOR-US: YunaiV yudao-cloud
CVE-2025-10276 (A security vulnerability has been detected in YunaiV ruoyi-vue-pro up ...)
- TODO: check
+ NOT-FOR-US: YunaiV ruoyi-vue-pro
CVE-2025-10275 (A weakness has been identified in YunaiV yudao-cloud up to 2025.09. Th ...)
- TODO: check
+ NOT-FOR-US: YunaiV yudao-cloud
CVE-2025-10274 (A security flaw has been discovered in erjinzhi 10OA 1.0. Affected by ...)
- TODO: check
+ NOT-FOR-US: erjinzhi 10OA
CVE-2025-10273 (A vulnerability was identified in erjinzhi 10OA 1.0. Affected by this ...)
- TODO: check
+ NOT-FOR-US: erjinzhi 10OA
CVE-2025-10272 (A vulnerability was determined in erjinzhi 10OA 1.0. Affected is an un ...)
- TODO: check
+ NOT-FOR-US: erjinzhi 10OA
CVE-2025-10271 (A vulnerability was found in erjinzhi 10OA 1.0. This impacts an unknow ...)
- TODO: check
+ NOT-FOR-US: erjinzhi 10OA
CVE-2025-10269 (The Spirit Framework plugin for WordPress is vulnerable to Local File ...)
NOT-FOR-US: WordPress plugin
CVE-2025-9319 (A potential vulnerability was reported in the Lenovo Wallpaper Client ...)
@@ -77,7 +77,7 @@ CVE-2025-59055 (InstantCMS is a free and open source content management system.
CVE-2025-59053 (AIRI is a self-hosted, artificial intelligence based Grok Companion. I ...)
NOT-FOR-US: AIRI
CVE-2025-59047 (matrix-sdk-base is the base component to build a Matrix client library ...)
- TODO: check
+ NOT-FOR-US: matrix-sdk-base
CVE-2025-58321 (Delta Electronics DIALink has an Directory Traversal Authentication By ...)
NOT-FOR-US: Delta Electronics
CVE-2025-58320 (Delta Electronics DIALink has an Directory Traversal Authentication By ...)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/8189d910a87add49c8f68d8ade3520cc8606ffd6
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/8189d910a87add49c8f68d8ade3520cc8606ffd6
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20250912/ab5f15ba/attachment.htm>
More information about the debian-security-tracker-commits
mailing list