[Git][security-tracker-team/security-tracker][master] automatic NOT-FOR-US entries update

Salvatore Bonaccorso (@carnil) carnil at debian.org
Wed Sep 17 09:14:01 BST 2025 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
77ff5faf by security tracker role at 2025-09-17T08:13:55+00:00
automatic NOT-FOR-US entries update

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -3,33 +3,33 @@ CVE-2025-9972 (The N-Reporter, N-Cloud, and N-Probe developed by N-Partner has a
 CVE-2025-9971 (Certain models of Industrial Cellular Gateway developed by Planet Tech ...)
 	TODO: check
 CVE-2025-9891 (The User Sync \u2013 Remote User Sync plugin for WordPress is vulnerab ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2025-9851 (The Appointmind plugin for WordPress is vulnerable to Stored Cross-Sit ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2025-9818 (A vulnerability (CWE-428) has been identified in the Uninterruptible P ...)
-	TODO: check
+	NOT-FOR-US: OMRON
 CVE-2025-9708 (A vulnerability exists in the Kubernetes C# client where the certifica ...)
 	TODO: check
 CVE-2025-9629 (The USS Upyun plugin for WordPress is vulnerable to Cross-Site Request ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2025-9565 (The Blocksy Companion plugin for WordPress is vulnerable to Stored Cro ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2025-9450 (A Use of Uninitialized Variable vulnerability affecting the JT file re ...)
-	TODO: check
+	NOT-FOR-US: Dassault Systemes
 CVE-2025-9449 (A Use After Free vulnerability affecting the PAR file reading procedur ...)
-	TODO: check
+	NOT-FOR-US: Dassault Systemes
 CVE-2025-9447 (An Out-Of-Bounds Read vulnerability affecting the PAR file reading pro ...)
-	TODO: check
+	NOT-FOR-US: Dassault Systemes
 CVE-2025-9242 (An Out-of-bounds Write vulnerability in WatchGuard Fireware OS may all ...)
-	TODO: check
+	NOT-FOR-US: WatchGuard
 CVE-2025-9216 (The StoreEngine \u2013 Powerful WordPress eCommerce Plugin for Payment ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2025-9215 (The StoreEngine \u2013 Powerful WordPress eCommerce Plugin for Payment ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2025-9203 (The Media Player Addons for Elementor plugin for WordPress is vulnerab ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2025-8394 (The Productive Style plugin for WordPress is vulnerable to Stored Cros ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2025-8153 (Cross-site Scripting vulnerability in NEC Corporation UNIVERGE IX from ...)
 	TODO: check
 CVE-2025-59518 (In LemonLDAP::NG before 2.16.7 and 2.17 through 2.21 before 2.21.3, OS ...)
@@ -41,55 +41,55 @@ CVE-2025-58116 (Improper neutralization of special elements used in an OS comman
 CVE-2025-55075 (Hidden functionality issue exists in WN-7D36QR and WN-7D36QR/UE. If th ...)
 	TODO: check
 CVE-2025-54391 (A vulnerability in the EnableTwoFactorAuthRequest SOAP endpoint of Zim ...)
-	TODO: check
+	NOT-FOR-US: Zimbra
 CVE-2025-43805 (Liferay Portal 7.3.0 through 7.4.3.111, and Liferay DXP 2023.Q4.0, 202 ...)
-	TODO: check
+	NOT-FOR-US: Liferay
 CVE-2025-43804 (Cross-site scripting (XSS) vulnerability in Search widget in Liferay P ...)
-	TODO: check
+	NOT-FOR-US: Liferay
 CVE-2025-37131 (A vulnerability in EdgeConnect SD-WAN ECOS could allow an authenticate ...)
-	TODO: check
+	NOT-FOR-US: HPE
 CVE-2025-37130 (A vulnerability in the command-line interface of EdgeConnect SD-WAN co ...)
-	TODO: check
+	NOT-FOR-US: HPE
 CVE-2025-37129 (A vulnerable feature in the command line interface of EdgeConnect SD-W ...)
-	TODO: check
+	NOT-FOR-US: HPE
 CVE-2025-37128 (A vulnerability in the web API of HPE Aruba Networking EdgeConnect SD- ...)
-	TODO: check
+	NOT-FOR-US: HPE
 CVE-2025-37127 (A vulnerability in the cryptographic logic used by HPE Aruba Networkin ...)
-	TODO: check
+	NOT-FOR-US: HPE
 CVE-2025-37126 (A vulnerability exists in the HPE Aruba Networking EdgeConnect SD-WAN  ...)
-	TODO: check
+	NOT-FOR-US: HPE
 CVE-2025-37125 (A broken access control vulnerability exists in HPE Aruba Networking E ...)
-	TODO: check
+	NOT-FOR-US: HPE
 CVE-2025-37124 (A vulnerability in the HPE Aruba Networking SD-WAN Gateways could allo ...)
-	TODO: check
+	NOT-FOR-US: HPE
 CVE-2025-37123 (A vulnerability in the command-line interface of HPE Aruba Networking  ...)
-	TODO: check
+	NOT-FOR-US: HPE
 CVE-2025-10589 (The N-Reporter, N-Cloud, and N-Probe developed by N-Partner has an OS  ...)
 	TODO: check
 CVE-2025-10584 (A vulnerability was identified in Portabilis i-Educar up to 2.10. Impa ...)
-	TODO: check
+	NOT-FOR-US: Portabilis
 CVE-2025-10566 (A vulnerability was identified in Campcodes Grocery Sales and Inventor ...)
-	TODO: check
+	NOT-FOR-US: Campcodes
 CVE-2025-10565 (A vulnerability was determined in Campcodes Grocery Sales and Inventor ...)
-	TODO: check
+	NOT-FOR-US: Campcodes
 CVE-2025-10564 (A vulnerability was found in Campcodes Grocery Sales and Inventory Sys ...)
-	TODO: check
+	NOT-FOR-US: Campcodes
 CVE-2025-10188 (The The Hack Repair Guy's Plugin Archiver plugin for WordPress is vuln ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2025-10166 (The Social Media Shortcodes plugin for WordPress is vulnerable to Stor ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2025-10143 (The Catch Dark Mode plugin for WordPress is vulnerable to Local File I ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2025-10125 (The Memberlite Shortcodes plugin for WordPress is vulnerable to Stored ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2025-10058 (The WP Import \u2013 Ultimate CSV XML Importer for WordPress plugin fo ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2025-10057 (The WP Import \u2013 Ultimate CSV XML Importer for WordPress plugin fo ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2025-10050 (The Developer Loggers for Simple History plugin for WordPress is vulne ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2025-10042 (The Quiz Maker plugin for WordPress is vulnerable to SQL Injection via ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2025-8894 (A maliciously crafted PDF file, when parsed through certain Autodesk p ...)
 	NOT-FOR-US: Autodesk
 CVE-2025-8893 (A maliciously crafted PDF file, when parsed through certain Autodesk p ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/77ff5faf4c21acc189d789f7d4b758dc4076dbe8

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/77ff5faf4c21acc189d789f7d4b758dc4076dbe8
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20250917/12b6646a/attachment.htm>

More information about the debian-security-tracker-commits mailing list