[Git][security-tracker-team/security-tracker][master] automatic NOT-FOR-US entries update
Salvatore Bonaccorso (@carnil)
carnil at debian.org
Wed Apr 30 09:13:33 BST 2025
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
3895f978 by security tracker role at 2025-04-30T08:13:26+00:00
automatic NOT-FOR-US entries update
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,31 +1,31 @@
CVE-2025-4095 (Registry Access Management (RAM) is a security feature allowing admini ...)
TODO: check
CVE-2025-4080 (A vulnerability has been found in PHPGurukul Online Nurse Hiring Syste ...)
- TODO: check
+ NOT-FOR-US: PHPGurukul
CVE-2025-4079 (A vulnerability, which was classified as critical, was found in PCMan ...)
TODO: check
CVE-2025-4078 (A vulnerability, which was classified as problematic, has been found i ...)
TODO: check
CVE-2025-4077 (A vulnerability classified as critical was found in code-projects Scho ...)
- TODO: check
+ NOT-FOR-US: code-projects
CVE-2025-4076 (A vulnerability classified as critical has been found in LB-LINK BL-AC ...)
TODO: check
CVE-2025-4075 (A vulnerability was found in VMSMan up to 20250416. It has been rated ...)
TODO: check
CVE-2025-4074 (A vulnerability was found in PHPGurukul Curfew e-Pass Management Syste ...)
- TODO: check
+ NOT-FOR-US: PHPGurukul
CVE-2025-4073 (A vulnerability was found in PHPGurukul Student Record System 3.20. It ...)
- TODO: check
+ NOT-FOR-US: PHPGurukul
CVE-2025-4072 (A vulnerability was found in PHPGurukul Online Nurse Hiring System 1.0 ...)
- TODO: check
+ NOT-FOR-US: PHPGurukul
CVE-2025-4071 (A vulnerability has been found in PHPGurukul COVID19 Testing Managemen ...)
- TODO: check
+ NOT-FOR-US: PHPGurukul
CVE-2025-4070 (A vulnerability, which was classified as critical, was found in PHPGur ...)
- TODO: check
+ NOT-FOR-US: PHPGurukul
CVE-2025-4069 (A vulnerability, which was classified as critical, has been found in c ...)
- TODO: check
+ NOT-FOR-US: code-projects
CVE-2025-4068 (A vulnerability classified as critical was found in code-projects Simp ...)
- TODO: check
+ NOT-FOR-US: code-projects
CVE-2025-4067 (A vulnerability classified as critical has been found in ScriptAndTool ...)
TODO: check
CVE-2025-4066 (A vulnerability was found in ScriptAndTools Online-Travling-System 1.0 ...)
@@ -35,17 +35,17 @@ CVE-2025-4065 (A vulnerability was found in ScriptAndTools Online-Travling-Syste
CVE-2025-4064 (A vulnerability was found in ScriptAndTools Online-Travling-System 1.0 ...)
TODO: check
CVE-2025-4063 (A vulnerability was found in code-projects Student Information Managem ...)
- TODO: check
+ NOT-FOR-US: code-projects
CVE-2025-4062 (A vulnerability has been found in code-projects Theater Seat Booking S ...)
- TODO: check
+ NOT-FOR-US: code-projects
CVE-2025-4061 (A vulnerability, which was classified as critical, was found in code-p ...)
- TODO: check
+ NOT-FOR-US: code-projects
CVE-2025-4060 (A vulnerability, which was classified as critical, has been found in P ...)
- TODO: check
+ NOT-FOR-US: PHPGurukul
CVE-2025-4059 (A vulnerability classified as critical was found in code-projects Pris ...)
- TODO: check
+ NOT-FOR-US: code-projects
CVE-2025-4058 (A vulnerability classified as critical has been found in Projectworlds ...)
- TODO: check
+ NOT-FOR-US: Project Worlds
CVE-2025-46782
REJECTED
CVE-2025-46781
@@ -77,7 +77,7 @@ CVE-2025-46346 (YesWiki is a wiki system written in PHP. Prior to version 4.5.4,
CVE-2025-46344 (The Auth0 Next.js SDK is a library for implementing user authenticatio ...)
TODO: check
CVE-2025-45956 (A SQL injection vulnerability in manage_damage.php in Sourcecodester C ...)
- TODO: check
+ NOT-FOR-US: SourceCodester
CVE-2025-40619 (Bookgy does not provide for proper authorisation control in multiple a ...)
TODO: check
CVE-2025-40618 (SQL injection vulnerability in Bookgy. This vulnerability could allow ...)
@@ -89,7 +89,7 @@ CVE-2025-40616 (Reflected Cross-Site Scripting (XSS) vulnerability in Bookgy. Th
CVE-2025-40615 (Reflected Cross-Site Scripting (XSS) vulnerability in Bookgy. This vul ...)
TODO: check
CVE-2025-3953 (The WP Statistics \u2013 The Most Popular Privacy-Friendly Analytics P ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-3929 (An XSS issue was discovered in MDaemon Email Server version 25.0.1 and ...)
TODO: check
CVE-2025-3911 (Recording of environment variables, configured for running containers, ...)
@@ -101,17 +101,17 @@ CVE-2025-3891 (A flaw was found in the mod_auth_openidc module for Apache httpd.
CVE-2025-3501 (A flaw was found in Keycloak. By setting a verification policy to 'ALL ...)
TODO: check
CVE-2025-3471 (The SureForms WordPress plugin before 1.4.4 does not have proper auth ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-3452 (The SecuPress Free \u2014 WordPress Security plugin for WordPress is v ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-3358
REJECTED
CVE-2025-3301 (DPA countermeasures are unavailable for ECDH key agreement and EdDSA s ...)
- TODO: check
+ NOT-FOR-US: Silicon Labs
CVE-2025-32444 (vLLM is a high-throughput and memory-efficient inference and serving e ...)
TODO: check
CVE-2025-32354 (In Zimbra Collaboration (ZCS) 9.0 through 10.1, a Cross-Site Request F ...)
- TODO: check
+ NOT-FOR-US: Zimbra
CVE-2025-30202 (vLLM is a high-throughput and memory-efficient inference and serving e ...)
TODO: check
CVE-2025-29906 (Finit is a fast init for Linux systems. Versions starting from 3.0-rc1 ...)
@@ -131,13 +131,13 @@ CVE-2025-23178 (CWE-923: Improper Restriction of Communication Channel to Intend
CVE-2025-23177 (CWE-427: Uncontrolled Search Path Element)
TODO: check
CVE-2025-22884 (Delta Electronics ISPSoft version 3.20 is vulnerable to a Stack-Based ...)
- TODO: check
+ NOT-FOR-US: Delta Electronics
CVE-2025-22883 (Delta Electronics ISPSoft version 3.20 is vulnerable to anOut-Of-Bound ...)
- TODO: check
+ NOT-FOR-US: Delta Electronics
CVE-2025-22882 (Delta Electronics ISPSoft version 3.20 is vulnerable to a Stack-Based ...)
- TODO: check
+ NOT-FOR-US: Delta Electronics
CVE-2025-1551 (IBM Operational Decision Manager 8.11.0.1, 8.11.1.0, 8.12.0.1, and 9.0 ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2025-1194 (A Regular Expression Denial of Service (ReDoS) vulnerability was ident ...)
TODO: check
CVE-2025-0716 (Improper sanitization of the value of the 'href' and 'xlink:href' attr ...)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/3895f978b8c6b311974e96fcaed44fd547a25e8e
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/3895f978b8c6b311974e96fcaed44fd547a25e8e
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20250430/0d0f31f9/attachment.htm>
More information about the debian-security-tracker-commits
mailing list