[Git][security-tracker-team/security-tracker][master] automatic NOT-FOR-US entries update

Tue, 03 Jun 2025 13:26:07 -0700 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
84bc6676 by security tracker role at 2025-06-03T20:15:04+00:00
automatic NOT-FOR-US entries update

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -45,31 +45,31 @@ CVE-2025-5498 (A vulnerability was found in slackero 
phpwcms up to 1.9.45/1.10.8
 CVE-2025-5497 (A vulnerability was found in slackero phpwcms up to 
1.9.45/1.10.8. It  ...)
        TODO: check
 CVE-2025-5495 (A vulnerability was found in Netgear WNR614 1.1.0.28_1.0.1WW. 
It has b ...)
-       TODO: check
+       NOT-FOR-US: Netgear
 CVE-2025-5493 (A vulnerability was found in Baison Channel Middleware Product 
2.0.1 a ...)
        TODO: check
 CVE-2025-5492 (A vulnerability has been found in D-Link DI-500WF-WT up to 
20250511 an ...)
-       TODO: check
+       NOT-FOR-US: D-Link
 CVE-2025-5340 (The Music Player for Elementor plugin for WordPress is 
vulnerable to S ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2025-5116 (The WP Plugin Info Card plugin for WordPress is vulnerable to 
Stored C ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2025-5103 (The Ultimate Gift Cards for WooCommerce plugin for WordPress is 
vulner ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2025-4671 (The Profile Builder plugin for WordPress is vulnerable to 
Stored Cross ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2025-4517 (Allows arbitrary filesystem writes outside the extraction 
directory du ...)
        TODO: check
 CVE-2025-4435 (When using a TarFile.errorlevel = 0and extracting with a filter 
the do ...)
        TODO: check
 CVE-2025-4420 (The Vayu Blocks \u2013 Gutenberg Blocks for WordPress & 
WooCommerce pl ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2025-4392 (The Shared Files \u2013 Frontend File Upload Form & Secure File 
Sharin ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2025-4330 (Allows the extraction filter to be ignored, allowing symlink 
targets t ...)
        TODO: check
 CVE-2025-4205 (The Popup Maker plugin for WordPress is vulnerable to Stored 
Cross-Sit ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2025-4138 (Allows the extraction filter to be ignored, allowing symlink 
targets t ...)
        TODO: check
 CVE-2025-48998 (DataEase is an open source business intelligence and data 
visualizatio ...)
@@ -99,7 +99,7 @@ CVE-2025-43923 (An issue was discovered in ReportController 
in Unicom Focal Poin
 CVE-2025-41428 (Improper limitation of a pathname to a restricted directory 
('Path Tra ...)
        TODO: check
 CVE-2025-36564 (Dell Encryption Admin Utilities versions prior to 11.10.2 
contain an I ...)
-       TODO: check
+       NOT-FOR-US: Dell / EMC
 CVE-2025-35036 (Hibernate Validator before 6.2.0 and 7.0.0, by default and 
depending h ...)
        TODO: check
 CVE-2025-32106 (In Audiocodes Mediapack MP-11x through 6.60A.369.002, a 
crafted POST r ...)
@@ -115,13 +115,13 @@ CVE-2025-30359 (webpack-dev-server allows users to use 
webpack with a developmen
 CVE-2025-30167 (Jupyter Core is a package for the core common functionality of 
Jupyter ...)
        TODO: check
 CVE-2025-25022 (IBM QRadar Suite Software 1.10.12.0 through 1.11.2.0 and IBM 
Cloud Pak ...)
-       TODO: check
+       NOT-FOR-US: IBM
 CVE-2025-25021 (IBM QRadar Suite Software 1.10.12.0 through 1.11.2.0 and IBM 
Cloud Pak ...)
-       TODO: check
+       NOT-FOR-US: IBM
 CVE-2025-25020 (IBM QRadar Suite Software 1.10.12.0 through 1.11.2.0 and IBM 
Cloud Pak ...)
-       TODO: check
+       NOT-FOR-US: IBM
 CVE-2025-25019 (IBM QRadar Suite Software 1.10.12.0 through 1.11.2.0 and IBM 
Cloud Pak ...)
-       TODO: check
+       NOT-FOR-US: IBM
 CVE-2025-23107 (An issue was discovered in Samsung Mobile Processor Exynos 
1480 and 24 ...)
        TODO: check
 CVE-2025-23103 (An issue was discovered in Samsung Mobile Processor Exynos 
1480 and 24 ...)
@@ -135,15 +135,15 @@ CVE-2025-23098 (An issue was discovered in Samsung Mobile 
Processor Exynos 980,
 CVE-2025-23097 (An issue was discovered in Samsung Mobile Processor Exynos 
1380. The l ...)
        TODO: check
 CVE-2025-1725 (The Bit File Manager \u2013 100% Free & Open Source File 
Manager and C ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2025-1334 (IBM QRadar Suite Software 1.10.12.0 through 1.11.2.0 and IBM 
Cloud Pak ...)
-       TODO: check
+       NOT-FOR-US: IBM
 CVE-2024-54189 (A privilege escalation vulnerability exists in the Snapshot 
functional ...)
        TODO: check
 CVE-2024-52561 (A privilege escalation vulnerability exists in the Snapshot 
functional ...)
        TODO: check
 CVE-2024-45655 (IBM Application Gateway 19.12 through 24.09 could allow a 
local privil ...)
-       TODO: check
+       NOT-FOR-US: IBM
 CVE-2024-36486 (A privilege escalation vulnerability exists in the virtual 
machine arc ...)
        TODO: check
 CVE-2024-12718 (Allows modifying some file metadata (e.g. last modified) with 
filter=" ...)



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/84bc66761767c6dfc5d9bf38211d286140c9fe59

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/84bc66761767c6dfc5d9bf38211d286140c9fe59
You're receiving this email because of your account on salsa.debian.org.



_______________________________________________
debian-security-tracker-commits mailing list
debian-security-tracker-commits@alioth-lists.debian.net
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

Reply via email to