[Git][security-tracker-team/security-tracker][master] automatic NOT-FOR-US entries update
Salvatore Bonaccorso (@carnil)
carnil at debian.org
Wed Aug 6 09:13:18 BST 2025
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
343222c0 by security tracker role at 2025-08-06T08:13:11+00:00
automatic NOT-FOR-US entries update
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -57,39 +57,39 @@ CVE-2025-8629 (Kenwood DMX958XR Firmware Update Command Injection Vulnerability.
CVE-2025-8628 (Kenwood DMX958XR Firmware Update Command Injection Vulnerability. This ...)
TODO: check
CVE-2025-8595 (The Zakra theme for WordPress is vulnerable to unauthorized data modif ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-8573 (Concrete CMS versions 9 through 9.4.2 are vulnerable to Stored XSS fro ...)
TODO: check
CVE-2025-8571 (Concrete CMS 9 to 9.4.2 and versions below 8.5.21 are vulnerable to Re ...)
TODO: check
CVE-2025-8420 (The Request a Quote Form plugin for WordPress is vulnerable to Remote ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-8100 (The Element Pack Elementor Addons and Templates plugin for WordPress i ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-7954 (A race condition vulnerability has been identified in Shopware's vouch ...)
TODO: check
CVE-2025-7727 (The Gutenverse plugin for WordPress is vulnerable to Stored Cross-Site ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-7502 (The WPBakery Page Builder for WordPress plugin for WordPress is vulner ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-7498 (The Exclusive Addons for Elementor plugin for WordPress is vulnerable ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-7399 (The Betheme theme for WordPress is vulnerable to Stored Cross-Site Scr ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-7376 (Windows Shortcut Following (.LNK) vulnerability in multiple processes ...)
- TODO: check
+ NOT-FOR-US: Mitsubishi
CVE-2025-7036 (The CleverReach\xae WP plugin for WordPress is vulnerable to time-base ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-6994 (The Reveal Listing plugin by smartdatasoft for WordPress is vulnerable ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-6986 (The FileBird \u2013 WordPress Media Library Folders & File Manager plu ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-6690 (The WP Tournament Registration plugin for WordPress is vulnerable to S ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-6259 (The esri-map-view plugin for WordPress is vulnerable to Stored Cross-S ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-6256 (The Flex Guten plugin for WordPress is vulnerable to Stored Cross-Site ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-55027
REJECTED
CVE-2025-55026
@@ -125,197 +125,197 @@ CVE-2025-54869 (FPDI is a collection of PHP classes that facilitate reading page
CVE-2025-54801 (Fiber is an Express inspired web framework written in Go. In versions ...)
TODO: check
CVE-2025-54655 (Race condition vulnerability in the virtualization base module. Succes ...)
- TODO: check
+ NOT-FOR-US: Huawei
CVE-2025-54653 (Path traversal vulnerability in the virtualization file module. Succes ...)
- TODO: check
+ NOT-FOR-US: Huawei
CVE-2025-54652 (Path traversal vulnerability in the virtualization base module. Succes ...)
- TODO: check
+ NOT-FOR-US: Huawei
CVE-2025-54651 (Race condition vulnerability in the kernel hufs module. Impact: Succes ...)
- TODO: check
+ NOT-FOR-US: Huawei
CVE-2025-54650 (Improper array index verification vulnerability in the audio codec mod ...)
- TODO: check
+ NOT-FOR-US: Huawei
CVE-2025-54649 (Vulnerability of using incompatible types to access resources in the l ...)
- TODO: check
+ NOT-FOR-US: Huawei
CVE-2025-54648 (Out-of-bounds read vulnerability in the SSAP module of the NearLink pr ...)
- TODO: check
+ NOT-FOR-US: Huawei
CVE-2025-54647 (Out-of-bounds read vulnerability in the SSAP module of the NearLink pr ...)
- TODO: check
+ NOT-FOR-US: Huawei
CVE-2025-54646 (Vulnerability of inadequate packet length check in the BLE module. Imp ...)
- TODO: check
+ NOT-FOR-US: Huawei
CVE-2025-54645 (Out-of-bounds array access issue due to insufficient data verification ...)
- TODO: check
+ NOT-FOR-US: Huawei
CVE-2025-54644 (Out-of-bounds array access issue due to insufficient data verification ...)
- TODO: check
+ NOT-FOR-US: Huawei
CVE-2025-54643 (Out-of-bounds array access issue due to insufficient data verification ...)
- TODO: check
+ NOT-FOR-US: Huawei
CVE-2025-54642 (Issue of buffer overflow caused by insufficient data verification in t ...)
- TODO: check
+ NOT-FOR-US: Huawei
CVE-2025-54641 (Issue of buffer overflow caused by insufficient data verification in t ...)
- TODO: check
+ NOT-FOR-US: Huawei
CVE-2025-54640 (ParcelMismatch vulnerability in attribute deserialization. Impact: Suc ...)
- TODO: check
+ NOT-FOR-US: Huawei
CVE-2025-54639 (ParcelMismatch vulnerability in attribute deserialization. Impact: Suc ...)
- TODO: check
+ NOT-FOR-US: Huawei
CVE-2025-54638 (Issue of inconsistent read/write serialization in the ad module. Impac ...)
- TODO: check
+ NOT-FOR-US: Huawei
CVE-2025-54637 (Out-of-bounds array access issue due to insufficient data verification ...)
- TODO: check
+ NOT-FOR-US: Huawei
CVE-2025-54636 (Issue of buffer overflow caused by insufficient data verification in t ...)
- TODO: check
+ NOT-FOR-US: Huawei
CVE-2025-54635 (Vulnerability of returning released pointers in the distributed notifi ...)
- TODO: check
+ NOT-FOR-US: Huawei
CVE-2025-54634 (Vulnerability of improper processing of abnormal conditions in huge pa ...)
- TODO: check
+ NOT-FOR-US: Huawei
CVE-2025-54633 (Out-of-bounds read vulnerability in the register configuration of the ...)
- TODO: check
+ NOT-FOR-US: Huawei
CVE-2025-54632 (Vulnerability of insufficient data length verification in the HVB modu ...)
- TODO: check
+ NOT-FOR-US: Huawei
CVE-2025-54631 (Vulnerability of insufficient data length verification in the partitio ...)
- TODO: check
+ NOT-FOR-US: Huawei
CVE-2025-54630 (:Vulnerability of insufficient data length verification in the DFA mod ...)
- TODO: check
+ NOT-FOR-US: Huawei
CVE-2025-54629 (Race condition issue occurring in the physical page import process of ...)
- TODO: check
+ NOT-FOR-US: Huawei
CVE-2025-54628 (Vulnerability of incomplete verification information in the communicat ...)
- TODO: check
+ NOT-FOR-US: Huawei
CVE-2025-54627 (Out-of-bounds write vulnerability in the skia module. Impact: Successf ...)
- TODO: check
+ NOT-FOR-US: Huawei
CVE-2025-54626 (Pointer dangling vulnerability in the cjwindow module. Impact: Success ...)
- TODO: check
+ NOT-FOR-US: Huawei
CVE-2025-54625 (Race condition vulnerability in the kernel file system module. Impact: ...)
- TODO: check
+ NOT-FOR-US: Huawei
CVE-2025-54624 (Unexpected injection event vulnerability in the multimodalinput module ...)
- TODO: check
+ NOT-FOR-US: Huawei
CVE-2025-54623 (Out-of-bounds read vulnerability in the devicemanager module. Impact: ...)
- TODO: check
+ NOT-FOR-US: Huawei
CVE-2025-54622 (Binding authentication bypass vulnerability in the devicemanager modul ...)
- TODO: check
+ NOT-FOR-US: Huawei
CVE-2025-54621 (Iterator failure issue in the WantAgent module. Impact: Successful exp ...)
- TODO: check
+ NOT-FOR-US: Huawei
CVE-2025-54620 (Deserialization vulnerability of untrusted data in the ability module. ...)
- TODO: check
+ NOT-FOR-US: Huawei
CVE-2025-54619 (Iterator failure issue in the multi-mode input module. Impact: Success ...)
- TODO: check
+ NOT-FOR-US: Huawei
CVE-2025-54618 (Permission control vulnerability in the distributed clipboard module. ...)
- TODO: check
+ NOT-FOR-US: Huawei
CVE-2025-54617 (Stack-based buffer overflow vulnerability in the dms_fwk module. Impac ...)
- TODO: check
+ NOT-FOR-US: Huawei
CVE-2025-54616 (Out-of-bounds array access vulnerability in the ArkUI framework. Impac ...)
- TODO: check
+ NOT-FOR-US: Huawei
CVE-2025-54615 (Vulnerability of insufficient information protection in the media libr ...)
- TODO: check
+ NOT-FOR-US: Huawei
CVE-2025-54614 (Input verification vulnerability in the home screen module. Impact: Su ...)
- TODO: check
+ NOT-FOR-US: Huawei
CVE-2025-54613 (Iterator failure vulnerability in the card management module. Impact: ...)
- TODO: check
+ NOT-FOR-US: Huawei
CVE-2025-54612 (Iterator failure vulnerability in the card management module. Impact: ...)
- TODO: check
+ NOT-FOR-US: Huawei
CVE-2025-54611 (EXTRA_REFERRER resource read vulnerability in the Gallery module. Impa ...)
- TODO: check
+ NOT-FOR-US: Huawei
CVE-2025-54610 (Out-of-bounds access vulnerability in the audio codec module. Impact: ...)
- TODO: check
+ NOT-FOR-US: Huawei
CVE-2025-54609 (Out-of-bounds access vulnerability in the audio codec module. Impact: ...)
- TODO: check
+ NOT-FOR-US: Huawei
CVE-2025-54608 (Vulnerability that allows setting screen rotation direction without pe ...)
- TODO: check
+ NOT-FOR-US: Huawei
CVE-2025-54607 (Authentication management vulnerability in the ArkWeb module. Impact: ...)
- TODO: check
+ NOT-FOR-US: Huawei
CVE-2025-54606 (Status verification vulnerability in the lock screen module. Impact: S ...)
- TODO: check
+ NOT-FOR-US: Huawei
CVE-2025-54594 (react-native-bottom-tabs is a library of Native Bottom Tabs for React ...)
TODO: check
CVE-2025-54571 (ModSecurity is an open source, cross platform web application firewall ...)
TODO: check
CVE-2025-54125 (XWiki Platform is a generic wiki platform offering runtime services fo ...)
- TODO: check
+ NOT-FOR-US: XWiki
CVE-2025-54124 (XWiki Platform is a generic wiki platform offering runtime services fo ...)
- TODO: check
+ NOT-FOR-US: XWiki
CVE-2025-53534 (RatPanel is a server operation and maintenance management panel. In ve ...)
TODO: check
CVE-2025-52237 (An issue in the component /stl/actions/download?filePath of SSCMS v7.3 ...)
TODO: check
CVE-2025-47324 (Information disclosure while accessing and modifying the PIB file of a ...)
- TODO: check
+ NOT-FOR-US: Qualcomm
CVE-2025-32430 (XWiki Platform is a generic wiki platform offering runtime services fo ...)
- TODO: check
+ NOT-FOR-US: XWiki
CVE-2025-27076 (Memory corruption while processing simultaneous requests via escape pa ...)
- TODO: check
+ NOT-FOR-US: Qualcomm
CVE-2025-27075 (Memory corruption while processing IOCTL command with larger buffer in ...)
- TODO: check
+ NOT-FOR-US: Qualcomm
CVE-2025-27073 (Transient DOS while creating NDP instance.)
- TODO: check
+ NOT-FOR-US: Qualcomm
CVE-2025-27072 (Information disclosure while processing a packet at EAVB BE side with ...)
- TODO: check
+ NOT-FOR-US: Qualcomm
CVE-2025-27071 (Memory corruption while processing specific files in Powerline Communi ...)
- TODO: check
+ NOT-FOR-US: Qualcomm
CVE-2025-27069 (Memory corruption while processing DDI command calls.)
- TODO: check
+ NOT-FOR-US: Qualcomm
CVE-2025-27068 (Memory corruption while processing an IOCTL command with an arbitrary ...)
- TODO: check
+ NOT-FOR-US: Qualcomm
CVE-2025-27067 (Memory corruption while processing DDI call with invalid buffer.)
- TODO: check
+ NOT-FOR-US: Qualcomm
CVE-2025-27066 (Transient DOS while processing an ANQP message.)
- TODO: check
+ NOT-FOR-US: Qualcomm
CVE-2025-27065 (Transient DOS while processing a frame with malformed shared-key descr ...)
- TODO: check
+ NOT-FOR-US: Qualcomm
CVE-2025-27062 (Memory corruption while handling client exceptions, allowing unauthori ...)
- TODO: check
+ NOT-FOR-US: Qualcomm
CVE-2025-21477 (Transient DOS while processing CCCH data when NW sends data with inval ...)
- TODO: check
+ NOT-FOR-US: Qualcomm
CVE-2025-21474 (Memory corruption while processing commands from A2dp sink command que ...)
- TODO: check
+ NOT-FOR-US: Qualcomm
CVE-2025-21473 (Memory corruption when using Virtual cdm (Camera Data Mover) to write ...)
- TODO: check
+ NOT-FOR-US: Qualcomm
CVE-2025-21472 (Information disclosure while capturing logs as eSE debug messages are ...)
- TODO: check
+ NOT-FOR-US: Qualcomm
CVE-2025-21465 (Information disclosure while processing the hash segment in an MBN fil ...)
- TODO: check
+ NOT-FOR-US: Qualcomm
CVE-2025-21464 (Information disclosure while reading data from an image using specifie ...)
- TODO: check
+ NOT-FOR-US: Qualcomm
CVE-2025-21461 (Memory corruption when programming registers through virtual CDM.)
- TODO: check
+ NOT-FOR-US: Qualcomm
CVE-2025-21458 (Memory corruption when IOCTL interface is called to map and unmap buff ...)
- TODO: check
+ NOT-FOR-US: Qualcomm
CVE-2025-21457 (Information disclosure while opening a fastrpc session when domain is ...)
- TODO: check
+ NOT-FOR-US: Qualcomm
CVE-2025-21456 (Memory corruption while processing IOCTL command when multiple threads ...)
- TODO: check
+ NOT-FOR-US: Qualcomm
CVE-2025-21455 (Memory corruption while submitting blob data to kernel space though IO ...)
- TODO: check
+ NOT-FOR-US: Qualcomm
CVE-2025-21452 (Transient DOS while processing a random-access response (RAR) with an ...)
- TODO: check
+ NOT-FOR-US: Qualcomm
CVE-2025-21024 (Use of Implicit Intent for Sensitive Communication in Smart View prior ...)
- TODO: check
+ NOT-FOR-US: Samsung Mobile
CVE-2025-21023 (Improper access control in WcsExtension for Galaxy Watch prior to Andr ...)
- TODO: check
+ NOT-FOR-US: Samsung Mobile
CVE-2025-21022 (Improper access control in Galaxy Wearable prior to version 2.2.63.250 ...)
- TODO: check
+ NOT-FOR-US: Samsung Mobile
CVE-2025-21021 (Out-of-bounds write in drawing pinpad in Blockchain Keystore prior to ...)
- TODO: check
+ NOT-FOR-US: Samsung Mobile
CVE-2025-21020 (Out-of-bounds write in creating bitmap images in Blockchain Keystore p ...)
- TODO: check
+ NOT-FOR-US: Samsung Mobile
CVE-2025-21019 (Improper authorization in Samsung Health prior to version 6.30.1.003 a ...)
- TODO: check
+ NOT-FOR-US: Samsung Mobile
CVE-2025-21018 (Out-of-bounds read in Blockchain Keystore prior to version 1.3.17.2 al ...)
- TODO: check
+ NOT-FOR-US: Samsung Mobile
CVE-2025-21017 (Out-of-bounds write in detaching crypto box in Blockchain Keystore pri ...)
- TODO: check
+ NOT-FOR-US: Samsung Mobile
CVE-2025-21016 (Improper access control in PkgPredictorService prior to SMR Aug-2025 R ...)
- TODO: check
+ NOT-FOR-US: Samsung Mobile
CVE-2025-21015 (Path Traversal in Document scanner prior to SMR Aug-2025 Release 1 all ...)
- TODO: check
+ NOT-FOR-US: Samsung Mobile
CVE-2025-21014 (Improper export of android application component in Emergency SoS prio ...)
- TODO: check
+ NOT-FOR-US: Samsung Mobile
CVE-2025-21013 (Improper access control in SemSensorManager for Galaxy Watch prior to ...)
- TODO: check
+ NOT-FOR-US: Samsung Mobile
CVE-2025-21012 (Improper access control in fall detection for Galaxy Watch prior to SM ...)
- TODO: check
+ NOT-FOR-US: Samsung Mobile
CVE-2025-21011 (Improper access control in SemSensorService for Galaxy Watch prior to ...)
- TODO: check
+ NOT-FOR-US: Samsung Mobile
CVE-2025-21010 (Improper privilege management in SamsungAccount prior to SMR Aug-2025 ...)
- TODO: check
+ NOT-FOR-US: Samsung Mobile
CVE-2025-20990 (Improper access control in accessing system device node prior to SMR A ...)
- TODO: check
+ NOT-FOR-US: Samsung Mobile
CVE-2013-10070 (PHP-Charts v1.0 contains a PHP code execution vulnerability in wizard/ ...)
TODO: check
CVE-2013-10067 (Glossword versions 1.8.8 through 1.8.12 contain an authenticated arbit ...)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/343222c0c1ee76f033eaf0f846cb077f26b8d0eb
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/343222c0c1ee76f033eaf0f846cb077f26b8d0eb
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20250806/2fc1e907/attachment.htm>
More information about the debian-security-tracker-commits
mailing list