[Git][security-tracker-team/security-tracker][master] automatic NOT-FOR-US entries update

Salvatore Bonaccorso (@carnil) carnil at debian.org
Tue Sep 23 09:13:13 BST 2025 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
a7d96837 by security tracker role at 2025-09-23T08:13:04+00:00
automatic NOT-FOR-US entries update

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -5,11 +5,11 @@ CVE-2025-9495 (The Vitogate 300 web interface fails to enforce proper server-sid
 CVE-2025-9494 (An OS command injection vulnerability has been discovered in the Vitog ...)
 	TODO: check
 CVE-2025-9321 (The WPCasa plugin for WordPress is vulnerable to Code Injection in all ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2025-8902 (The Widget Options - Extended plugin for WordPress is vulnerable to St ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2025-8282 (The SureForms  WordPress plugin before 1.9.1 does not sanitise and esc ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2025-59885
 	REJECTED
 CVE-2025-59884
@@ -41,7 +41,7 @@ CVE-2025-59535 (DNN (formerly DotNetNuke) is an open-source web content manageme
 CVE-2025-59532 (Codex CLI is a coding agent from OpenAI that runs locally. In versions ...)
 	TODO: check
 CVE-2025-58915 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin or theme
 CVE-2025-57205 (iNiLabs School Express (SMS Express) 6.2 is affected by a Stored Cross ...)
 	TODO: check
 CVE-2025-57204 (Stocky POS with Inventory Management & HRM (ui-lib) version 5.0 is aff ...)
@@ -49,63 +49,63 @@ CVE-2025-57204 (Stocky POS with Inventory Management & HRM (ui-lib) version 5.0
 CVE-2025-47910 (When using http.CrossOriginProtection, the AddInsecureBypassPattern me ...)
 	TODO: check
 CVE-2025-43814 (In Liferay Portal 7.4.0 through 7.4.3.112, and older unsupported versi ...)
-	TODO: check
+	NOT-FOR-US: Liferay
 CVE-2025-43810 (Insecure Direct Object Reference (IDOR) vulnerability with commerce or ...)
-	TODO: check
+	NOT-FOR-US: Liferay
 CVE-2025-43806 (Batch Engine in Liferay Portal 7.4.0 through 7.4.3.112, and Liferay DX ...)
-	TODO: check
+	NOT-FOR-US: Liferay
 CVE-2025-42907 (SAP BI Platform allows an attacker to modify the IP address of the Log ...)
-	TODO: check
+	NOT-FOR-US: SAP
 CVE-2025-26399 (SolarWinds Web Help Desk was found to be susceptible to an unauthentic ...)
-	TODO: check
+	NOT-FOR-US: SolarWinds
 CVE-2025-1131 (A local privilege escalation vulnerability exists in the safe_asterisk ...)
 	TODO: check
 CVE-2025-10848 (A vulnerability was identified in Campcodes Society Membership Informa ...)
-	TODO: check
+	NOT-FOR-US: Campcodes
 CVE-2025-10846 (A vulnerability was determined in Portabilis i-Educar up to 2.10. This ...)
-	TODO: check
+	NOT-FOR-US: Portabilis
 CVE-2025-10845 (A vulnerability was found in Portabilis i-Educar up to 2.10. This affe ...)
-	TODO: check
+	NOT-FOR-US: Portabilis
 CVE-2025-10844 (A vulnerability has been found in Portabilis i-Educar up to 2.10. Affe ...)
-	TODO: check
+	NOT-FOR-US: Portabilis
 CVE-2025-10843 (A flaw has been found in Reservation Online Hotel Reservation System 1 ...)
 	TODO: check
 CVE-2025-10842 (A vulnerability was detected in code-projects Online Bidding System 1. ...)
-	TODO: check
+	NOT-FOR-US: code-projects
 CVE-2025-10841 (A security vulnerability has been detected in code-projects Online Bid ...)
-	TODO: check
+	NOT-FOR-US: code-projects
 CVE-2025-10840 (A weakness has been identified in SourceCodester Pet Grooming Manageme ...)
-	TODO: check
+	NOT-FOR-US: SourceCodester
 CVE-2025-10839 (A security flaw has been discovered in SourceCodester Pet Grooming Man ...)
-	TODO: check
+	NOT-FOR-US: SourceCodester
 CVE-2025-10838 (A vulnerability was identified in Tenda AC21 16.03.08.16. The affected ...)
-	TODO: check
+	NOT-FOR-US: Tenda
 CVE-2025-10837 (A security vulnerability has been detected in code-projects Simple Foo ...)
-	TODO: check
+	NOT-FOR-US: code-projects
 CVE-2025-10836 (A weakness has been identified in SourceCodester Pet Grooming Manageme ...)
-	TODO: check
+	NOT-FOR-US: SourceCodester
 CVE-2025-10835 (A security flaw has been discovered in SourceCodester Pet Grooming Man ...)
-	TODO: check
+	NOT-FOR-US: SourceCodester
 CVE-2025-10834 (A vulnerability was identified in itsourcecode Open Source Job Portal  ...)
 	TODO: check
 CVE-2025-10833 (A vulnerability was determined in 1000projects Bookstore Management Sy ...)
 	TODO: check
 CVE-2025-10832 (A vulnerability was found in SourceCodester Pet Grooming Management So ...)
-	TODO: check
+	NOT-FOR-US: SourceCodester
 CVE-2025-10831 (A vulnerability has been found in Campcodes Computer Sales and Invento ...)
-	TODO: check
+	NOT-FOR-US: Campcodes
 CVE-2025-10830 (A flaw has been found in Campcodes Computer Sales and Inventory System ...)
-	TODO: check
+	NOT-FOR-US: Campcodes
 CVE-2025-10829 (A vulnerability was detected in Campcodes Computer Sales and Inventory ...)
-	TODO: check
+	NOT-FOR-US: Campcodes
 CVE-2025-10828 (A security vulnerability has been detected in SourceCodester Pet Groom ...)
-	TODO: check
+	NOT-FOR-US: SourceCodester
 CVE-2025-10827 (A weakness has been identified in PHPJabbers Restaurant Menu Maker up  ...)
 	TODO: check
 CVE-2025-10826 (A security flaw has been discovered in Campcodes Online Beauty Parlor  ...)
-	TODO: check
+	NOT-FOR-US: Campcodes
 CVE-2025-10825 (A vulnerability was identified in Campcodes Online Beauty Parlor Manag ...)
-	TODO: check
+	NOT-FOR-US: Campcodes
 CVE-2025-10824 (A vulnerability was determined in axboe fio up to 3.41. This impacts t ...)
 	TODO: check
 CVE-2025-10823 (A vulnerability was found in axboe fio up to 3.41. This affects the fu ...)
@@ -119,17 +119,17 @@ CVE-2025-10820 (A vulnerability was detected in fuyang_lipengjun platform 1.0. I
 CVE-2025-10819 (A security vulnerability has been detected in fuyang_lipengjun platfor ...)
 	TODO: check
 CVE-2025-10817 (A weakness has been identified in Campcodes Online Learning Management ...)
-	TODO: check
+	NOT-FOR-US: Campcodes
 CVE-2025-10816 (A security flaw has been discovered in Jinher OA 2.0. This affects an  ...)
 	TODO: check
 CVE-2025-10815 (A vulnerability was identified in Tenda AC20 up to 16.03.08.12. Affect ...)
-	TODO: check
+	NOT-FOR-US: Tenda
 CVE-2025-10814 (A vulnerability was determined in D-Link DIR-823X 240126/240802/250416 ...)
-	TODO: check
+	NOT-FOR-US: D-Link
 CVE-2025-10548 (The CleverControl employee monitoring software (v11.5.1041.6) fails to ...)
 	TODO: check
 CVE-2025-10380 (The Advanced Views \u2013 Display Posts, Custom Fields, and More plugi ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2025-39888 (In the Linux kernel, the following vulnerability has been resolved:  f ...)
 	- linux 6.16.8-1
 	[trixie] - linux <not-affected> (Vulnerable code not present)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/a7d9683758d2f5047601887876b89239b7a3a454

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/a7d9683758d2f5047601887876b89239b7a3a454
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20250923/a04de0b7/attachment.htm>

More information about the debian-security-tracker-commits mailing list