[Git][security-tracker-team/security-tracker][master] Process NFUs
Salvatore Bonaccorso (@carnil)
carnil at debian.org
Sat Apr 5 07:32:26 BST 2025
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
afed3cfd by Salvatore Bonaccorso at 2025-04-05T08:31:46+02:00
Process NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,7 +1,7 @@
CVE-2025-3267 (A vulnerability, which was classified as critical, was found in qinguo ...)
- TODO: check
+ NOT-FOR-US: qinguoyi TinyWebServer
CVE-2025-3266 (A vulnerability, which was classified as critical, has been found in q ...)
- TODO: check
+ NOT-FOR-US: qinguoyi TinyWebServer
CVE-2025-3265 (A vulnerability classified as critical was found in PHPGurukul e-Diary ...)
NOT-FOR-US: PHPGurukul
CVE-2025-3259 (A vulnerability, which was classified as critical, has been found in T ...)
@@ -9,21 +9,21 @@ CVE-2025-3259 (A vulnerability, which was classified as critical, has been found
CVE-2025-3258 (A vulnerability classified as critical was found in PHPGurukul Old Age ...)
NOT-FOR-US: PHPGurukul
CVE-2025-3257 (A vulnerability classified as problematic has been found in xujiangfei ...)
- TODO: check
+ NOT-FOR-US: xujiangfei admintwo
CVE-2025-3256 (A vulnerability was found in xujiangfei admintwo 1.0. It has been rate ...)
- TODO: check
+ NOT-FOR-US: xujiangfei admintwo
CVE-2025-3255 (A vulnerability was found in xujiangfei admintwo 1.0. It has been decl ...)
- TODO: check
+ NOT-FOR-US: xujiangfei admintwo
CVE-2025-3254 (A vulnerability was found in xujiangfei admintwo 1.0. It has been clas ...)
- TODO: check
+ NOT-FOR-US: xujiangfei admintwo
CVE-2025-3253 (A vulnerability was found in xujiangfei admintwo 1.0 and classified as ...)
- TODO: check
+ NOT-FOR-US: xujiangfei admintwo
CVE-2025-3252 (A vulnerability has been found in xujiangfei admintwo 1.0 and classifi ...)
- TODO: check
+ NOT-FOR-US: xujiangfei admintwo
CVE-2025-3251 (A vulnerability, which was classified as problematic, was found in xuj ...)
- TODO: check
+ NOT-FOR-US: xujiangfei admintwo
CVE-2025-3250 (A vulnerability, which was classified as problematic, has been found i ...)
- TODO: check
+ NOT-FOR-US: elunez eladmin
CVE-2025-3249 (A vulnerability classified as critical was found in TOTOLINK A6000R 1. ...)
NOT-FOR-US: TOTOLINK
CVE-2025-3245 (A vulnerability was found in itsourcecode Library Management System 1. ...)
@@ -35,7 +35,7 @@ CVE-2025-3243 (A vulnerability was found in code-projects Patient Record Managem
CVE-2025-3242 (A vulnerability has been found in PHPGurukul e-Diary Management System ...)
NOT-FOR-US: PHPGurukul
CVE-2025-3241 (A vulnerability, which was classified as problematic, was found in zha ...)
- TODO: check
+ NOT-FOR-US: zhangyanbo2007 youkefu
CVE-2025-3240 (A vulnerability, which was classified as critical, has been found in P ...)
NOT-FOR-US: PHPGurukul
CVE-2025-3239 (A vulnerability classified as critical was found in PHPGurukul Online ...)
@@ -53,7 +53,7 @@ CVE-2025-3231 (A vulnerability was found in PHPGurukul Zoo Management System 2.1
CVE-2025-3229 (A vulnerability was found in PHPGurukul Restaurant Table Booking Syste ...)
NOT-FOR-US: PHPGurukul
CVE-2025-3189 (Stored Cross-Site Scripting (XSS) in DoWISP in versions prior to 1.16. ...)
- TODO: check
+ NOT-FOR-US: DoWISP
CVE-2025-32280 (Cross-Site Request Forgery (CSRF) vulnerability in weDevs WP Project M ...)
NOT-FOR-US: WordPress plugin or theme
CVE-2025-32278 (Cross-Site Request Forgery (CSRF) vulnerability in wprio Table Block b ...)
@@ -89,7 +89,7 @@ CVE-2025-32263 (Cross-Site Request Forgery (CSRF) vulnerability in BeRocket Sequ
CVE-2025-32262 (Cross-Site Request Forgery (CSRF) vulnerability in Robert D Payne RDP ...)
NOT-FOR-US: WordPress plugin or theme
CVE-2025-32261 (Cross-Site Request Forgery (CSRF) vulnerability in Kuppuraj Advanced A ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-32258 (Missing Authorization vulnerability in InfoGiants Simple Website Logo ...)
NOT-FOR-US: WordPress plugin or theme
CVE-2025-32257 (Exposure of Sensitive System Information Due to Uncleared Debug Inform ...)
@@ -105,7 +105,7 @@ CVE-2025-32253 (Missing Authorization vulnerability in ComMotion Course Booking
CVE-2025-32252 (Missing Authorization vulnerability in blackandwhitedigital WP Genealo ...)
NOT-FOR-US: WordPress plugin or theme
CVE-2025-32251 (Exposure of Sensitive System Information to an Unauthorized Control Sp ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-32250 (Cross-Site Request Forgery (CSRF) vulnerability in rollbar Rollbar all ...)
NOT-FOR-US: WordPress plugin or theme
CVE-2025-32249 (Cross-Site Request Forgery (CSRF) vulnerability in designinvento Direc ...)
@@ -115,7 +115,7 @@ CVE-2025-32248 (Cross-Site Request Forgery (CSRF) vulnerability in SwiftXR Swift
CVE-2025-32247 (Cross-Site Request Forgery (CSRF) vulnerability in ABCdatos AI Content ...)
NOT-FOR-US: WordPress plugin or theme
CVE-2025-32246 (Missing Authorization vulnerability in Tim Nguyen 1-Click Backup & ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-32241 (Cross-Site Request Forgery (CSRF) vulnerability in CleverReach\xae Off ...)
NOT-FOR-US: WordPress plugin or theme
CVE-2025-32239 (Missing Authorization vulnerability in Joao Romao Social Share Buttons ...)
@@ -129,7 +129,7 @@ CVE-2025-32235 (Missing Authorization vulnerability in sonaar MP3 Audio Player f
CVE-2025-32234 (Missing Authorization vulnerability in aleswebs AdMail \u2013 Multilin ...)
NOT-FOR-US: WordPress plugin or theme
CVE-2025-32233 (Missing Authorization vulnerability in WP Chill Revive.so \u2013 Bulk ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-32232 (Missing Authorization vulnerability in ERA404 StaffList allows Exploit ...)
NOT-FOR-US: WordPress plugin or theme
CVE-2025-32231 (Missing Authorization vulnerability in Bookingor Bookingor allows Expl ...)
@@ -229,7 +229,7 @@ CVE-2025-32163 (Improper Neutralization of Input During Web Page Generation ('Cr
CVE-2025-32162 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
NOT-FOR-US: WordPress plugin or theme
CVE-2025-32161 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-32159 (Improper Control of Filename for Include/Require Statement in PHP Prog ...)
NOT-FOR-US: WordPress plugin or theme
CVE-2025-32157 (Improper Control of Filename for Include/Require Statement in PHP Prog ...)
@@ -293,7 +293,7 @@ CVE-2025-32122 (Improper Neutralization of Special Elements used in an SQL Comma
CVE-2025-32121 (Improper Neutralization of Special Elements used in an SQL Command ('S ...)
NOT-FOR-US: WordPress plugin or theme
CVE-2025-32120 (Improper Neutralization of Special Elements used in an SQL Command ('S ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-32118 (Unrestricted Upload of File with Dangerous Type vulnerability in Niteo ...)
NOT-FOR-US: WordPress plugin or theme
CVE-2025-32113 (Cross-Site Request Forgery (CSRF) vulnerability in Renzo Tejada Libro ...)
@@ -333,11 +333,11 @@ CVE-2025-2244 (A vulnerability in thesendMailFromRemoteSourcemethod in Emails.ph
CVE-2025-2243 (A server-side request forgery (SSRF) vulnerability in Bitdefender Grav ...)
NOT-FOR-US: Bitdefender
CVE-2025-29477 (An issue in fluent-bit v.3.7.2 allows a local attacker to cause a deni ...)
- TODO: check
+ NOT-FOR-US: fluent-bit
CVE-2025-29476 (Buffer Overflow vulnerability in compress_chunk_fuzzer with oss-fuzz o ...)
TODO: check
CVE-2025-28146 (Edimax AC1200 Wave 2 Dual-Band Gigabit Router BR-6478AC V3 1.0.15 was ...)
- TODO: check
+ NOT-FOR-US: Edimax
CVE-2025-27520 (BentoML is a Python library for building online serving systems optimi ...)
TODO: check
CVE-2025-25178 (Software installed and run as a non-privileged user may conduct improp ...)
@@ -482,7 +482,7 @@ CVE-2024-56528 (This vulnerability affects Snowplow Collector 3.x before 3.3.0 (
CVE-2024-47217 (An issue was discovered in Iglu Server 0.13.0 and below. It is similar ...)
NOT-FOR-US: Iglu Server
CVE-2024-47215 (An issue was discovered in Snowbridge setups sending data to Google Ta ...)
- TODO: check
+ NOT-FOR-US: Snowbridge
CVE-2024-47214 (An issue was discovered in Iglu Server 0.13.0 and below. It is similar ...)
NOT-FOR-US: Iglu Server
CVE-2024-47213 (An issue was discovered affecting Enrich 5.1.0 and below. It involves ...)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/afed3cfd915a82156b32eab9b04c212139d701aa
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/afed3cfd915a82156b32eab9b04c212139d701aa
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20250405/0fe59cbe/attachment-0001.htm>
More information about the debian-security-tracker-commits
mailing list