[Git][security-tracker-team/security-tracker][master] automatic NOT-FOR-US entries update

Salvatore Bonaccorso (@carnil) Fri, 22 Aug 2025 13:14:50 -0700


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker



Commits:
01c3cd81 by security tracker role at 2025-08-22T20:14:22+00:00
automatic NOT-FOR-US entries update

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -3,7 +3,7 @@ CVE-2025-9341 (Uncontrolled Resource Consumption vulnerability 
in Legion of the
 CVE-2025-9340 (Out-of-bounds Write vulnerability in Legion of the Bouncy 
Castle Inc.  ...)
        TODO: check
 CVE-2025-9331 (The Spacious theme for WordPress is vulnerable to unauthorized 
modific ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2025-9259 (WebITR developed by Uniong has an Arbitrary File Reading 
vulnerability ...)
        TODO: check
 CVE-2025-9258 (WebITR developed by Uniong has an Arbitrary File Reading 
vulnerability ...)
@@ -17,31 +17,31 @@ CVE-2025-9255 (WebITR developed by Uniong has a SQL 
Injection vulnerability, all
 CVE-2025-9254 (WebITR developed by Uniong has a Missing Authentication 
vulnerability, ...)
        TODO: check
 CVE-2025-6791 (On the monitoring event logs page, it is possible to alter the 
http re ...)
-       TODO: check
+       NOT-FOR-US: Centreon
 CVE-2025-57896 (Missing Authorization vulnerability in andy_moyle Church Admin 
allows  ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin or theme
 CVE-2025-57895 (Cross-Site Request Forgery (CSRF) vulnerability in Hossni 
Mubarak JobW ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin or theme
 CVE-2025-57894 (Missing Authorization vulnerability in ollybach WPPizza allows 
Exploit ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin or theme
 CVE-2025-57893 (Cross-Site Request Forgery (CSRF) vulnerability in Epsiloncool 
WP Fast ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin or theme
 CVE-2025-57892 (Cross-Site Request Forgery (CSRF) vulnerability in Jeff Starr 
Simple S ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin or theme
 CVE-2025-57891 (Improper Neutralization of Input During Web Page Generation 
('Cross-si ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin or theme
 CVE-2025-57890 (Improper Neutralization of Input During Web Page Generation 
('Cross-si ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin or theme
 CVE-2025-57888 (Exposure of Sensitive System Information to an Unauthorized 
Control Sp ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin or theme
 CVE-2025-57887 (Improper Neutralization of Input During Web Page Generation 
('Cross-si ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin or theme
 CVE-2025-57886 (Authorization Bypass Through User-Controlled Key vulnerability 
in Equa ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin or theme
 CVE-2025-57885 (Cross-Site Request Forgery (CSRF) vulnerability in Shahjahan 
Jewel Flu ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin or theme
 CVE-2025-57884 (Missing Authorization vulnerability in wpsoul Greenshift 
allows Exploi ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin or theme
 CVE-2025-57801 (gnark is a zero-knowledge proof system framework. In versions 
prior to ...)
        TODO: check
 CVE-2025-57800 (Audiobookshelf is an open-source self-hosted audiobook server. 
In vers ...)
@@ -85,21 +85,21 @@ CVE-2025-55620 (A cross-site scripting (XSS) vulnerability 
in the valuateJavascr
 CVE-2025-55619 (Reolink v4.54.0.4.20250526 was discovered to contain a 
hardcoded encry ...)
        TODO: check
 CVE-2025-55613 (Tenda O3V2 1.0.0.12(3880) is vulnerable to Buffer Overflow in 
the from ...)
-       TODO: check
+       NOT-FOR-US: Tenda
 CVE-2025-55611 (D-Link DIR-619L 2.06B01 is vulnerable to Buffer Overflow in 
the formLa ...)
-       TODO: check
+       NOT-FOR-US: D-Link
 CVE-2025-55606 (Tenda AX3 V16.03.12.10_CN is vulnerable to Buffer Overflow in 
the from ...)
-       TODO: check
+       NOT-FOR-US: Tenda
 CVE-2025-55605 (Tenda AX3 V16.03.12.10_CN is vulnerable to Buffer Overflow in 
the save ...)
-       TODO: check
+       NOT-FOR-US: Tenda
 CVE-2025-55603 (Tenda AX3 V16.03.12.10_CN is vulnerable to Buffer Overflow in 
the from ...)
-       TODO: check
+       NOT-FOR-US: Tenda
 CVE-2025-55602 (D-Link DIR-619L 2.06B01 is vulnerable to Buffer Overflow in 
the formSy ...)
-       TODO: check
+       NOT-FOR-US: D-Link
 CVE-2025-55599 (D-Link DIR-619L 2.06B01 is vulnerable to Buffer Overflow in 
the formWl ...)
-       TODO: check
+       NOT-FOR-US: D-Link
 CVE-2025-55581 (D-Link DCS-825L firmware version 1.08.01 and possibly prior 
versions c ...)
-       TODO: check
+       NOT-FOR-US: D-Link
 CVE-2025-55573 (QuantumNous new-api v.0.8.5.2 is vulnerable to Cross Site 
Scripting (X ...)
        TODO: check
 CVE-2025-55454 (An authenticated arbitrary file upload vulnerability in the 
component  ...)
@@ -137,21 +137,21 @@ CVE-2025-50691 (MCSManager 10.5.3 daemon process runs as 
a root account by defau
 CVE-2025-50674 (An issue was discovered in the changePassword method in file 
/usr/shar ...)
        TODO: check
 CVE-2025-4650 (User with high privileges is able to introduce a SQLi using the 
Meta S ...)
-       TODO: check
+       NOT-FOR-US: Centreon
 CVE-2025-43762 (Liferay Portal 7.4.0 through 7.4.3.132, and Liferay DXP 
2025.Q1.0 thro ...)
-       TODO: check
+       NOT-FOR-US: Liferay
 CVE-2025-43760 (A reflected cross-site scripting (XSS) vulnerability in the 
Liferay Po ...)
-       TODO: check
+       NOT-FOR-US: Liferay
 CVE-2025-43759 (Liferay Portal 7.4.0 through 7.4.3.132, and Liferay DXP 
2025.Q1.0, 202 ...)
-       TODO: check
+       NOT-FOR-US: Liferay
 CVE-2025-43758 (Liferay Portal 7.4.0 through 7.4.3.132, and Liferay DXP 
2025.Q1.0 thro ...)
-       TODO: check
+       NOT-FOR-US: Liferay
 CVE-2025-43751 (User enumeration vulnerability in Liferay Portal 7.4.0 through 
7.4.3.1 ...)
-       TODO: check
+       NOT-FOR-US: Liferay
 CVE-2025-36042 (IBM QRadar SIEM 7.5 through 7.5.0Dashboard is vulnerable to 
cross-site ...)
-       TODO: check
+       NOT-FOR-US: IBM
 CVE-2025-33120 (IBM QRadar SIEM 7.5 through 7.5.0 UP13 could allow an 
authenticated us ...)
-       TODO: check
+       NOT-FOR-US: IBM
 CVE-2025-29366 (In mupen64plus v2.6.0 there is an array overflow vulnerability 
in the  ...)
        TODO: check
 CVE-2025-29365 (spimsimulator spim v9.1.24 and before is vulnerable to Buffer 
Overflow ...)



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/01c3cd81e6c5b7c486dd9cac3aef8f5df769e0a5

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/01c3cd81e6c5b7c486dd9cac3aef8f5df769e0a5
You're receiving this email because of your account on salsa.debian.org.

_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

[Git][security-tracker-team/security-tracker][master] automatic NOT-FOR-US entries update

Reply via email to