[Git][security-tracker-team/security-tracker][master] automatic NOT-FOR-US entries update

Salvatore Bonaccorso (@carnil) Fri, 17 Oct 2025 21:22:31 -0700


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker



Commits:
2e091ace by security tracker role at 2025-10-11T08:13:32+00:00
automatic NOT-FOR-US entries update

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,23 +1,23 @@
 CVE-2025-9560 (The Colibri Page Builder plugin for WordPress is vulnerable to 
Stored  ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2025-9554 (Vulnerability in Drupal Owl Carousel 2.This issue affects Owl 
Carousel ...)
-       TODO: check
+       NOT-FOR-US: Drupal core and addons
 CVE-2025-9553 (Vulnerability in Drupal API Key manager.This issue affects API 
Key man ...)
-       TODO: check
+       NOT-FOR-US: Drupal core and addons
 CVE-2025-9552 (Vulnerability in Drupal Synchronize composer.Json With Contrib 
Modules ...)
-       TODO: check
+       NOT-FOR-US: Drupal core and addons
 CVE-2025-9551 (Improper Restriction of Excessive Authentication Attempts 
vulnerabilit ...)
-       TODO: check
+       NOT-FOR-US: Drupal core and addons
 CVE-2025-9550 (Improper Neutralization of Input During Web Page Generation 
('Cross-si ...)
-       TODO: check
+       NOT-FOR-US: Drupal core and addons
 CVE-2025-9549 (Missing Authorization vulnerability in Drupal Facets allows 
Forceful B ...)
-       TODO: check
+       NOT-FOR-US: Drupal core and addons
 CVE-2025-9496 (The Enable Media Replace plugin for WordPress is vulnerable to 
Stored  ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2025-9196 (The Trinity Audio \u2013 Text to Speech AI audio player to 
convert con ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2025-8093 (Authentication Bypass Using an Alternate Path or Channel 
vulnerability ...)
-       TODO: check
+       NOT-FOR-US: Drupal core and addons
 CVE-2025-62162 (cel-rust is a Common Expression Language interpreter written 
in Rust.  ...)
        TODO: check
 CVE-2025-62159 (External Secrets Operator reads information from a third-party 
service ...)
@@ -31,45 +31,45 @@ CVE-2025-61912 (python-ldap is a lightweight directory 
access protocol (LDAP) cl
 CVE-2025-61911 (python-ldap is a lightweight directory access protocol (LDAP) 
client A ...)
        TODO: check
 CVE-2025-58285 (Permission control vulnerability in the media 
module.Successful exploi ...)
-       TODO: check
+       NOT-FOR-US: Huawei
 CVE-2025-58284 (Permission control vulnerability in the network 
module.Successful expl ...)
-       TODO: check
+       NOT-FOR-US: Huawei
 CVE-2025-58283 (Permission control vulnerability in the Wi-Fi 
module.Successful exploi ...)
-       TODO: check
+       NOT-FOR-US: Huawei
 CVE-2025-58282 (Permission control vulnerability in the camera 
module.Successful explo ...)
-       TODO: check
+       NOT-FOR-US: Huawei
 CVE-2025-58278 (Identity authentication bypass vulnerability in the Gallery 
app.Succes ...)
-       TODO: check
+       NOT-FOR-US: Huawei
 CVE-2025-58277 (Permission verification bypass vulnerability in the Camera 
app.Success ...)
-       TODO: check
+       NOT-FOR-US: Huawei
 CVE-2025-54654 (Permission control vulnerability in the Gallery module. 
Successful exp ...)
-       TODO: check
+       NOT-FOR-US: Huawei
 CVE-2025-52885 (Poppler ia a library for rendering PDF files, and examining or 
modifyi ...)
        TODO: check
 CVE-2025-52647 (The BigFix WebUI application responds with HOST information 
from the H ...)
-       TODO: check
+       NOT-FOR-US: HCL
 CVE-2025-31718 (In modem, there is a possible system crash due to improper 
input valid ...)
-       TODO: check
+       NOT-FOR-US: Unisoc
 CVE-2025-31717 (In modem, there is a possible system crash due to improper 
input valid ...)
-       TODO: check
+       NOT-FOR-US: Unisoc
 CVE-2025-11626 (MONGO dissector infinite loop in Wireshark 4.4.0 to 4.4.9 and 
4.2.0 to ...)
        TODO: check
 CVE-2025-11593 (A flaw has been found in CodeAstro Gym Management System 1.0. 
This vul ...)
-       TODO: check
+       NOT-FOR-US: CodeAstro
 CVE-2025-11592 (A vulnerability was detected in CodeAstro Gym Management 
System 1.0. T ...)
-       TODO: check
+       NOT-FOR-US: CodeAstro
 CVE-2025-11591 (A security vulnerability has been detected in CodeAstro Gym 
Management ...)
-       TODO: check
+       NOT-FOR-US: CodeAstro
 CVE-2025-11590 (A weakness has been identified in CodeAstro Gym Management 
System 1.0. ...)
-       TODO: check
+       NOT-FOR-US: CodeAstro
 CVE-2025-11589 (A security flaw has been discovered in CodeAstro Gym 
Management System ...)
-       TODO: check
+       NOT-FOR-US: CodeAstro
 CVE-2025-11588 (A vulnerability was identified in CodeAstro Gym Management 
System 1.0. ...)
-       TODO: check
+       NOT-FOR-US: CodeAstro
 CVE-2025-11586 (A vulnerability was determined in Tenda AC7 15.03.06.44. This 
affects  ...)
-       TODO: check
+       NOT-FOR-US: Tenda
 CVE-2025-11585 (A vulnerability was found in code-projects Project Monitoring 
System 1 ...)
-       TODO: check
+       NOT-FOR-US: code-projects
 CVE-2025-11584 (A vulnerability has been found in code-projects Online Job 
Search Engi ...)
        TODO: check
 CVE-2025-11583 (A flaw has been found in code-projects Online Job Search 
Engine 1.0. I ...)
@@ -77,15 +77,15 @@ CVE-2025-11583 (A flaw has been found in code-projects 
Online Job Search Engine
 CVE-2025-11582 (A vulnerability was detected in code-projects Online Job 
Search Engine ...)
        TODO: check
 CVE-2025-11533 (The WP Freeio plugin for WordPress is vulnerable to Privilege 
Escalati ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2025-11380 (The Everest Backup \u2013 WordPress Cloud Backup, Migration, 
Restore & ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2025-11197 (The Draft List plugin for WordPress is vulnerable to Stored 
Cross-Site ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2025-10185 (The NEX-Forms \u2013 Ultimate Forms Plugin for WordPress 
plugin for Wo ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2025-10048 (The My auctions allegro plugin for WordPress is vulnerable to 
SQL Inje ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2025-8887 (Authorization Bypass Through User-Controlled Key, Missing 
Authorizatio ...)
        TODO: check
 CVE-2025-8886 (Incorrect Permission Assignment for Critical Resource, Exposure 
of Sen ...)



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/2e091acebe3fa9e9fdec0e50731afb5f6640ff62

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/2e091acebe3fa9e9fdec0e50731afb5f6640ff62
You're receiving this email because of your account on salsa.debian.org.

_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

[Git][security-tracker-team/security-tracker][master] automatic NOT-FOR-US entries update

Reply via email to