[Git][security-tracker-team/security-tracker][master] Process some more NFUs
Salvatore Bonaccorso (@carnil)
carnil at debian.org
Wed Apr 16 21:25:40 BST 2025
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
83fb2f32 by Salvatore Bonaccorso at 2025-04-16T22:25:07+02:00
Process some more NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -13,13 +13,13 @@ CVE-2025-3734 (Allocation of Resources Without Limits or Throttling vulnerabilit
CVE-2025-3733 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
NOT-FOR-US: Drupal core and addons
CVE-2025-3726 (A vulnerability was found in PCMan FTP Server 2.0.7. It has been rated ...)
- TODO: check
+ NOT-FOR-US: PCMan FTP Server
CVE-2025-3725 (A vulnerability was found in PCMan FTP Server 2.0.7. It has been decla ...)
- TODO: check
+ NOT-FOR-US: PCMan FTP Server
CVE-2025-3724 (A vulnerability was found in PCMan FTP Server 2.0.7. It has been class ...)
- TODO: check
+ NOT-FOR-US: PCMan FTP Server
CVE-2025-3723 (A vulnerability was found in PCMan FTP Server 2.0.7 and classified as ...)
- TODO: check
+ NOT-FOR-US: PCMan FTP Server
CVE-2025-3697 (A vulnerability, which was classified as critical, has been found in S ...)
NOT-FOR-US: SourceCodester
CVE-2025-3696 (A vulnerability classified as critical was found in SourceCodester Web ...)
@@ -31,33 +31,33 @@ CVE-2025-3693 (A vulnerability was found in Tenda W12 3.0.0.5. It has been rated
CVE-2025-3692 (A vulnerability was found in SourceCodester Online Eyewear Shop 1.0. I ...)
NOT-FOR-US: SourceCodester
CVE-2025-3691 (A vulnerability was found in mirweiye Seven Bears Library CMS 2023. It ...)
- TODO: check
+ NOT-FOR-US: mirweiye Seven Bears Library CMS
CVE-2025-3690 (A vulnerability was found in PHPGurukul Men Salon Management System 1. ...)
NOT-FOR-US: PHPGurukul
CVE-2025-3689 (A vulnerability has been found in PHPGurukul Men Salon Management Syst ...)
NOT-FOR-US: PHPGurukul
CVE-2025-3688 (A vulnerability, which was classified as problematic, was found in mir ...)
- TODO: check
+ NOT-FOR-US: mirweiye Seven Bears Library CMS
CVE-2025-3687 (A vulnerability, which was classified as problematic, has been found i ...)
- TODO: check
+ NOT-FOR-US: misstt123 oasys
CVE-2025-3686 (A vulnerability classified as problematic was found in misstt123 oasys ...)
- TODO: check
+ NOT-FOR-US: misstt123 oasys
CVE-2025-3685 (A vulnerability classified as critical has been found in code-projects ...)
NOT-FOR-US: code-projects
CVE-2025-3684 (A vulnerability was found in Xianqi Kindergarten Management System 2.0 ...)
- TODO: check
+ NOT-FOR-US: Xianqi Kindergarten Management System
CVE-2025-3683 (A vulnerability was found in PCMan FTP Server 2.0.7. It has been decla ...)
- TODO: check
+ NOT-FOR-US: PCMan FTP Server
CVE-2025-3682 (A vulnerability was found in PCMan FTP Server 2.0.7. It has been class ...)
- TODO: check
+ NOT-FOR-US: PCMan FTP Server
CVE-2025-3681 (A vulnerability was found in PCMan FTP Server 2.0.7 and classified as ...)
- TODO: check
+ NOT-FOR-US: PCMan FTP Server
CVE-2025-3680 (A vulnerability has been found in PCMan FTP Server 2.0.7 and classifie ...)
- TODO: check
+ NOT-FOR-US: PCMan FTP Server
CVE-2025-3679 (A vulnerability, which was classified as critical, was found in PCMan ...)
- TODO: check
+ NOT-FOR-US: PCMan FTP Server
CVE-2025-3678 (A vulnerability, which was classified as critical, has been found in P ...)
- TODO: check
+ NOT-FOR-US: PCMan FTP Server
CVE-2025-3677 (A vulnerability classified as critical was found in lm-sys fastchat up ...)
TODO: check
CVE-2025-3104 (The WP STAGING Pro WordPress Backup Plugin for WordPress is vulnerable ...)
@@ -67,59 +67,59 @@ CVE-2025-39602 (Missing Authorization vulnerability in WC Product Table WooComme
CVE-2025-39601 (Cross-Site Request Forgery (CSRF) vulnerability in WPFactory Custom CS ...)
NOT-FOR-US: WordPress plugin or theme
CVE-2025-39600 (Cross-Site Request Forgery (CSRF) vulnerability in CRM Perks Integrati ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-39599 (URL Redirection to Untrusted Site ('Open Redirect') vulnerability in W ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-39598 (Path Traversal vulnerability in Qu\xfd L\xea 91 Administrator Z allows ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-39597 (URL Redirection to Untrusted Site ('Open Redirect') vulnerability in A ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-39593 (Cross-Site Request Forgery (CSRF) vulnerability in EverAccounting Ever ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-39592 (Improper Control of Filename for Include/Require Statement in PHP Prog ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-39591 (Missing Authorization vulnerability in WP Shuffle WP Subscription Form ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-39590 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-39589 (Exposure of Sensitive System Information to an Unauthorized Control Sp ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-39585 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-39584 (Improper Control of Filename for Include/Require Statement in PHP Prog ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-39582 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-39581 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-39579 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-39578 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-39577 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-39576 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-39575 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-39574 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-39573 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-39572 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-39571 (Missing Authorization vulnerability in WPXPO WowStore allows Exploitin ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-39570 (Improper Control of Filename for Include/Require Statement in PHP Prog ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-39566 (Improper Neutralization of Special Elements used in an SQL Command ('S ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-39565 (Deserialization of Untrusted Data vulnerability in Melapress MelaPress ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-39564 (Cross-Site Request Forgery (CSRF) vulnerability in WP Trio Conditional ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-39563 (Cross-Site Request Forgery (CSRF) vulnerability in WP Trio Conditional ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-39560 (Missing Authorization vulnerability in Shahjada Live Forms allows Expl ...)
NOT-FOR-US: WordPress plugin or theme
CVE-2025-39557 (Unrestricted Upload of File with Dangerous Type vulnerability in Ben R ...)
@@ -129,17 +129,17 @@ CVE-2025-39556 (Exposure of Sensitive System Information to an Unauthorized Cont
CVE-2025-39555 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
NOT-FOR-US: WordPress plugin or theme
CVE-2025-39552 (Missing Authorization vulnerability in Dylan James Zephyr Project Mana ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-39549 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-39548 (Cross-Site Request Forgery (CSRF) vulnerability in A WP Life Right Cli ...)
NOT-FOR-US: WordPress plugin or theme
CVE-2025-39547 (Cross-Site Request Forgery (CSRF) vulnerability in Toast Plugins Inter ...)
NOT-FOR-US: WordPress plugin or theme
CVE-2025-39546 (Cross-Site Request Forgery (CSRF) vulnerability in quomodosoft Element ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-39545 (Missing Authorization vulnerability in miniOrange WordPress REST API A ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-39544 (Cross-Site Request Forgery (CSRF) vulnerability in Bill Minozzi WP Too ...)
NOT-FOR-US: WordPress plugin or theme
CVE-2025-39543 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
@@ -147,37 +147,37 @@ CVE-2025-39543 (Improper Neutralization of Input During Web Page Generation ('Cr
CVE-2025-39540 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
NOT-FOR-US: WordPress plugin or theme
CVE-2025-39538 (Unrestricted Upload of File with Dangerous Type vulnerability in Mathi ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-39531 (Missing Authorization vulnerability in slazzercom Slazzer Background C ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-39530 (Cross-Site Request Forgery (CSRF) vulnerability in dsky Site Search 36 ...)
NOT-FOR-US: WordPress plugin or theme
CVE-2025-39529 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-39528 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
NOT-FOR-US: WordPress plugin or theme
CVE-2025-39525 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-39524 (Improper Neutralization of Script-Related HTML Tags in a Web Page (Bas ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-39522 (Missing Authorization vulnerability in Sebastian Lee Dynamic Post allo ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-39520 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-39518 (Improper Neutralization of Special Elements used in an SQL Command ('S ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-39517 (Cross-Site Request Forgery (CSRF) vulnerability in WP Map Plugins Basi ...)
NOT-FOR-US: WordPress plugin or theme
CVE-2025-39516 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-39515 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-39514 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-39513 (Missing Authorization vulnerability in ActiveDEMAND Online Agency Mark ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-39512 (Cross-Site Request Forgery (CSRF) vulnerability in Yuya Hoshino Bulk T ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-39472 (Cross-Site Request Forgery (CSRF) vulnerability in WPWeb WooCommerce S ...)
NOT-FOR-US: WordPress plugin or theme
CVE-2025-32872 (A vulnerability has been identified in TeleControl Server Basic (All v ...)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/83fb2f329d8ac26b4dc99aaeafd76f4fc8b243a2
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/83fb2f329d8ac26b4dc99aaeafd76f4fc8b243a2
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20250416/1e0769e6/attachment.htm>
More information about the debian-security-tracker-commits
mailing list