[Git][security-tracker-team/security-tracker][master] automatic NOT-FOR-US entries update

Salvatore Bonaccorso (@carnil) carnil at debian.org
Mon Apr 28 21:12:48 BST 2025 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
6a536843 by security tracker role at 2025-04-28T20:12:41+00:00
automatic NOT-FOR-US entries update

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,35 +1,35 @@
 CVE-2025-4036 (A vulnerability was found in 201206030 Novel 3.5.0 and classified as c ...)
 	TODO: check
 CVE-2025-4034 (A vulnerability classified as critical was found in projectworlds Onli ...)
-	TODO: check
+	NOT-FOR-US: Project Worlds
 CVE-2025-4033 (A vulnerability classified as critical has been found in PHPGurukul Ni ...)
-	TODO: check
+	NOT-FOR-US: PHPGurukul
 CVE-2025-4032 (A vulnerability was found in inclusionAI AWorld up to 8c257626e648d98d ...)
 	TODO: check
 CVE-2025-4031 (A vulnerability was found in PHPGurukul Pre-School Enrollment System 1 ...)
-	TODO: check
+	NOT-FOR-US: PHPGurukul
 CVE-2025-4030 (A vulnerability was found in PHPGurukul COVID19 Testing Management Sys ...)
-	TODO: check
+	NOT-FOR-US: PHPGurukul
 CVE-2025-4029 (A vulnerability was found in code-projects Personal Diary Management S ...)
-	TODO: check
+	NOT-FOR-US: code-projects
 CVE-2025-4028 (A vulnerability has been found in PHPGurukul COVID19 Testing Managemen ...)
-	TODO: check
+	NOT-FOR-US: PHPGurukul
 CVE-2025-4027 (A vulnerability, which was classified as critical, was found in PHPGur ...)
-	TODO: check
+	NOT-FOR-US: PHPGurukul
 CVE-2025-4026 (A vulnerability, which was classified as critical, has been found in P ...)
-	TODO: check
+	NOT-FOR-US: PHPGurukul
 CVE-2025-4025 (A vulnerability classified as critical was found in itsourcecode Place ...)
-	TODO: check
+	NOT-FOR-US: itsourcecode System
 CVE-2025-4024 (A vulnerability classified as critical has been found in itsourcecode  ...)
-	TODO: check
+	NOT-FOR-US: itsourcecode System
 CVE-2025-4023 (A vulnerability was found in itsourcecode Placement Management System  ...)
-	TODO: check
+	NOT-FOR-US: itsourcecode System
 CVE-2025-4022 (A vulnerability was found in web-arena-x webarena up to 0.2.0. It has  ...)
 	TODO: check
 CVE-2025-4021 (A vulnerability was found in code-projects Patient Record Management S ...)
-	TODO: check
+	NOT-FOR-US: code-projects
 CVE-2025-4020 (A vulnerability was found in PHPGurukul Old Age Home Management System ...)
-	TODO: check
+	NOT-FOR-US: PHPGurukul
 CVE-2025-4019 (A vulnerability, which was classified as critical, was found in 201206 ...)
 	TODO: check
 CVE-2025-4018 (A vulnerability, which was classified as critical, has been found in 2 ...)
@@ -41,9 +41,9 @@ CVE-2025-4016 (A vulnerability classified as critical has been found in 20120630
 CVE-2025-4015 (A vulnerability was found in 20120630 Novel-Plus up to 0e156c04b4b7ce0 ...)
 	TODO: check
 CVE-2025-4014 (A vulnerability was found in PHPGurukul Art Gallery Management System  ...)
-	TODO: check
+	NOT-FOR-US: PHPGurukul
 CVE-2025-4013 (A vulnerability was found in PHPGurukul Art Gallery Management System  ...)
-	TODO: check
+	NOT-FOR-US: PHPGurukul
 CVE-2025-4012 (A vulnerability was found in playeduxyz PlayEdu \u5f00\u6e90\u57f9\u8b ...)
 	TODO: check
 CVE-2025-4011 (A vulnerability has been found in Redmine 6.0.0/6.0.1/6.0.2/6.0.3 and  ...)
@@ -53,11 +53,11 @@ CVE-2025-46661 (IPW Systems Metazo through 8.1.3 allows unauthenticated Remote C
 CVE-2025-46614 (In Snowflake ODBC Driver before 3.7.0, in certain code paths, the Driv ...)
 	TODO: check
 CVE-2025-45953 (A vulnerability was found in PHPGurukul Hostel Management System 2.1 i ...)
-	TODO: check
+	NOT-FOR-US: PHPGurukul
 CVE-2025-45949 (A critical vulnerability was found in PHPGurukul User Registration & L ...)
-	TODO: check
+	NOT-FOR-US: PHPGurukul
 CVE-2025-45947 (An issue in phpgurukul Online Banquet Booking System V1.2 allows an at ...)
-	TODO: check
+	NOT-FOR-US: PHPGurukul
 CVE-2025-43857 (Net::IMAP implements Internet Message Access Protocol (IMAP) client fu ...)
 	TODO: check
 CVE-2025-43854 (DIFY is an open-source LLM app development platform. Prior to version  ...)
@@ -69,7 +69,7 @@ CVE-2025-3224 (A vulnerability in the update process of Docker Desktop for Windo
 CVE-2025-3200 (An unauthenticated remote attacker could exploit the used, insecure TL ...)
 	TODO: check
 CVE-2025-39367 (Missing Authorization vulnerability in SeventhQueen Kleo.This issue af ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin or theme
 CVE-2025-34491 (GFI MailEssentials prior to version 21.8 is vulnerable to a .NET deser ...)
 	TODO: check
 CVE-2025-34490 (GFI MailEssentials prior to version 21.8 is vulnerable to an XML Exter ...)
@@ -77,27 +77,27 @@ CVE-2025-34490 (GFI MailEssentials prior to version 21.8 is vulnerable to an XML
 CVE-2025-34489 (GFI MailEssentials prior to version 21.8 is vulnerable to a local priv ...)
 	TODO: check
 CVE-2025-32472 (The multiScan and picoScan are vulnerable to a denial-of-service (DoS) ...)
-	TODO: check
+	NOT-FOR-US: SICK AG
 CVE-2025-32471 (The device\u2019s passwords have not been adequately salted, making th ...)
-	TODO: check
+	NOT-FOR-US: SICK AG
 CVE-2025-32470 (A remote unauthenticated attacker may be able to change the IP adress  ...)
-	TODO: check
+	NOT-FOR-US: SICK AG
 CVE-2025-31651 (Improper Neutralization of Escape, Meta, or Control Sequences vulnerab ...)
 	TODO: check
 CVE-2025-31650 (Improper Input Validation vulnerability in Apache Tomcat. Incorrect er ...)
 	TODO: check
 CVE-2025-25776 (Cross-Site Scripting (XSS) vulnerability exists in the User Registrati ...)
-	TODO: check
+	NOT-FOR-US: CodeAstro
 CVE-2025-23377 (Dell PowerProtect Data Manager Reporting, version(s) 19.17, 19.18 cont ...)
-	TODO: check
+	NOT-FOR-US: Dell / EMC
 CVE-2025-23376 (Dell PowerProtect Data Manager Reporting, version(s) 19.16, 19.17, 19. ...)
-	TODO: check
+	NOT-FOR-US: Dell / EMC
 CVE-2025-23375 (Dell PowerProtect Data Manager Reporting, version(s) 19.17, contain(s) ...)
-	TODO: check
+	NOT-FOR-US: Dell / EMC
 CVE-2024-32499 (Newforma Project Center Server through 2023.3.0.32259 allows remote co ...)
 	TODO: check
 CVE-2024-12706 (Improper Neutralization of Special Elements used in an SQL Command ('S ...)
-	TODO: check
+	NOT-FOR-US: OpenText
 CVE-2023-42404 (OneVision Workspace before WS23.1 SR1 (build w31.040) allows arbitrary ...)
 	TODO: check
 CVE-2023-35817 (DevExpress before 23.1.3 allows AsyncDownloader SSRF.)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/6a536843d51693077e25f0b228df41cf6e77b31c

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/6a536843d51693077e25f0b228df41cf6e77b31c
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20250428/3810a6b5/attachment-0001.htm>

More information about the debian-security-tracker-commits mailing list