[Git][security-tracker-team/security-tracker][master] NFUs

Moritz Muehlenhoff (@jmm) jmm at debian.org
Fri Apr 4 10:11:01 BST 2025 


Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker


Commits:
129f6290 by Moritz Muehlenhoff at 2025-04-04T11:10:46+02:00
NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -76,9 +76,9 @@ CVE-2025-3178 (A vulnerability was found in projectworlds Online Doctor Appointm
 CVE-2025-3105 (The Vehica Core plugin for WordPress, used by the Vehica - Car Dealer  ...)
 	NOT-FOR-US: WordPress plugin
 CVE-2025-3087 (Stored XSS in M-Files Web versions from 25.1.14445.5 to 25.2.14524.4 a ...)
-	TODO: check
+	NOT-FOR-US: M-Files
 CVE-2025-3086 (Improper isolation of users in M-Files Server version before 25.3.1454 ...)
-	TODO: check
+	NOT-FOR-US: M-Files
 CVE-2025-32111 (The Docker image from acme.sh before 40b6db6 is based on a .github/wor ...)
 	TODO: check
 CVE-2025-30370 (jupyterlab-git is a JupyterLab extension for version control using Git ...)
@@ -96,7 +96,7 @@ CVE-2025-2279 (The Maps  WordPress plugin through 1.0.6 does not validate and es
 CVE-2025-2270 (The Countdown, Coming Soon, Maintenance \u2013 Countdown & Clock plugi ...)
 	NOT-FOR-US: WordPress plugin
 CVE-2025-2159 (Stored XSS in Desktop UI in M-Files Server Admin tool before version 2 ...)
-	TODO: check
+	NOT-FOR-US: M-Files
 CVE-2025-2075 (The Uncanny Automator \u2013 Easy Automation, Integration, Webhooks &  ...)
 	NOT-FOR-US: WordPress plugin
 CVE-2025-29815 (Use after free in Microsoft Edge (Chromium-based) allows an authorized ...)
@@ -172,11 +172,11 @@ CVE-2025-3166 (A vulnerability classified as critical was found in code-projects
 CVE-2025-3165 (A vulnerability classified as critical has been found in thu-pacman ch ...)
 	TODO: check
 CVE-2025-3164 (A vulnerability was found in Tencent Music Entertainment SuperSonic up ...)
-	TODO: check
+	NOT-FOR-US: Tencent Music Entertainment SuperSonic
 CVE-2025-3163 (A vulnerability was found in InternLM LMDeploy up to 0.7.1. It has bee ...)
-	TODO: check
+	NOT-FOR-US: InternLM LMDeploy
 CVE-2025-3162 (A vulnerability was found in InternLM LMDeploy up to 0.7.1. It has bee ...)
-	TODO: check
+	NOT-FOR-US: InternLM LMDeploy
 CVE-2025-3161 (A vulnerability was found in Tenda AC10 16.03.10.13 and classified as  ...)
 	NOT-FOR-US: Tenda
 CVE-2025-3160 (A vulnerability has been found in Open Asset Import Library Assimp 5.4 ...)
@@ -323,7 +323,7 @@ CVE-2025-31119 (generator-jhipster-entity-audit is a JHipster module to enable e
 CVE-2025-31098 (Improper Control of Filename for Include/Require Statement in PHP Prog ...)
 	NOT-FOR-US: DeBounce Email Validator
 CVE-2025-31091 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin or theme
 CVE-2025-30916 (Missing Authorization vulnerability in enituretechnology Residential A ...)
 	NOT-FOR-US: WordPress plugin or theme
 CVE-2025-30915 (Missing Authorization vulnerability in enituretechnology Small Package ...)
@@ -339,7 +339,7 @@ CVE-2025-30616 (Improper Neutralization of Input During Web Page Generation ('Cr
 CVE-2025-30611 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
 	NOT-FOR-US: WordPress plugin or theme
 CVE-2025-30596 (Improper Limitation of a Pathname to a Restricted Directory ('Path Tra ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin or theme
 CVE-2025-30406 (Gladinet CentreStack through 16.1.10296.56315 (fixed in 16.4.10315.563 ...)
 	NOT-FOR-US: Gladinet CentreStack
 CVE-2025-2946 (pgAdmin <= 9.1 is affected by a security vulnerability with Cross-Site ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/129f6290e2613c994437db8daa949fc9f011857c

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/129f6290e2613c994437db8daa949fc9f011857c
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20250404/d0ed5963/attachment-0001.htm>

More information about the debian-security-tracker-commits mailing list