[Git][security-tracker-team/security-tracker][master] automatic NOT-FOR-US entries update

Salvatore Bonaccorso (@carnil) Wed, 17 Dec 2025 00:14:14 -0800


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker



Commits:
89d93784 by security tracker role at 2025-12-17T08:13:47+00:00
automatic NOT-FOR-US entries update

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -5,7 +5,7 @@ CVE-2025-64700 (Cross-site request forgery vulnerability exists 
in GROWI v7.3.3
 CVE-2025-64520 (GLPI is a free asset and IT management software package. 
Starting in v ...)
        TODO: check
 CVE-2025-59374 ("UNSUPPORTED WHEN ASSIGNED"Certain versions of the ASUS Live 
Update cl ...)
-       TODO: check
+       NOT-FOR-US: ASUS
 CVE-2025-53619 (An out-of-bounds read vulnerability exists in the 
JPEGBITSCodec::Inter ...)
        TODO: check
 CVE-2025-53618 (An out-of-bounds read vulnerability exists in the 
JPEGBITSCodec::Inter ...)
@@ -19,7 +19,7 @@ CVE-2025-48429 (An out-of-bounds read vulnerability exists in 
the RLECodec::Deco
 CVE-2025-34288 (Nagios XI versions prior to 2026R1.1 arevulnerable to local 
privilege  ...)
        TODO: check
 CVE-2025-14817 (The component 
com.transsion.tranfacmode.entrance.main.MainActivity in  ...)
-       TODO: check
+       NOT-FOR-US: TECNO Mobile
 CVE-2025-14801 (A security vulnerability has been detected in xiweicheng TMS 
up to 2.2 ...)
        TODO: check
 CVE-2025-14701 (An input neutralization vulnerability in the Server MOTD 
component of  ...)
@@ -29,9 +29,9 @@ CVE-2025-14700 (An input neutralization vulnerability in the 
Webhook Template co
 CVE-2025-14466 (A vulnerability in the web interface of the G\xfcralp Fortimus 
Series, ...)
        TODO: check
 CVE-2025-14399 (The Download Plugins and Themes in ZIP from Dashboard plugin 
for WordP ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2025-14385 (The WP Recipe Maker plugin for WordPress is vulnerable to 
Stored Cross ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2025-14305 (ListCheck.exe developed by Acer has a Local Privilege 
Escalation vulne ...)
        TODO: check
 CVE-2025-14304 (Certain motherboard models developed by ASRock and its 
subsidiaries, A ...)
@@ -41,29 +41,29 @@ CVE-2025-14303 (Certain motherboard models developed by MSI 
has a Protection Mec
 CVE-2025-14302 (Certain motherboard models developed by GIGABYTE has a 
Protection Mech ...)
        TODO: check
 CVE-2025-14154 (The Better Messages \u2013 Live Chat for WordPress, 
BuddyPress, PeepSo ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2025-14061 (The Cookie Banner, Cookie Consent, Consent Log, Cookie 
Scanner, Script ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2025-13977 (The Essential Addons for Elementor \u2013 Popular Elementor 
Templates  ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2025-13880 (The WP Social Ninja \u2013 Embed Social Feeds, Customer 
Reviews, Chat  ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2025-13861 (The HTML Forms \u2013 Simple WordPress Forms Plugin for 
WordPress is v ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2025-13750 (The Converter for Media \u2013 Optimize images | Convert WebP 
& AVIF p ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2025-12496 (The Zephyr Project Manager plugin for WordPress is vulnerable 
to Direc ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2025-11924 (The Ninja Forms \u2013 The Contact Form Builder That Grows 
With You pl ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2025-11901 (An uncontrolled resource consumption vulnerability affects 
certain ASU ...)
-       TODO: check
+       NOT-FOR-US: ASUS
 CVE-2025-11775 (An out-of-bounds read vulnerability has been identified in the 
asComSv ...)
-       TODO: check
+       NOT-FOR-US: ASUS
 CVE-2025-11369 (The Gutenberg Essential Blocks \u2013 Page Builder for 
Gutenberg Block ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2025-11009 (Cleartext Storage of Sensitive Information vulnerability in 
Mitsubishi ...)
-       TODO: check
+       NOT-FOR-US: Mitsubishi
 CVE-2025-0852
        REJECTED
 CVE-2025-XXXX [backups: Set proper permissions for backups-data directory]



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/89d93784cc93e086cfc8b03f98fdc74551c5b072

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/89d93784cc93e086cfc8b03f98fdc74551c5b072
You're receiving this email because of your account on salsa.debian.org.

_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

[Git][security-tracker-team/security-tracker][master] automatic NOT-FOR-US entries update

Reply via email to