[Git][security-tracker-team/security-tracker][master] automatic NOT-FOR-US entries update
Salvatore Bonaccorso (@carnil)
carnil at debian.org
Tue Aug 19 21:14:31 BST 2025
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
62ee47b7 by security tracker role at 2025-08-19T20:14:25+00:00
automatic NOT-FOR-US entries update
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -3,25 +3,25 @@ CVE-2025-9165 (A flaw has been found in LibTIFF 4.7.0. This affects the function
CVE-2025-9157 (A vulnerability was determined in appneta tcpreplay up to 4.5.2-beta2. ...)
TODO: check
CVE-2025-9156 (A vulnerability was found in itsourcecode Sports Management System 1.0 ...)
- TODO: check
+ NOT-FOR-US: itsourcecode System
CVE-2025-9155 (A vulnerability has been found in itsourcecode Online Tour and Travel ...)
- TODO: check
+ NOT-FOR-US: itsourcecode System
CVE-2025-9154 (A flaw has been found in itsourcecode Online Tour and Travel Managemen ...)
- TODO: check
+ NOT-FOR-US: itsourcecode System
CVE-2025-9153 (A vulnerability was detected in itsourcecode Online Tour and Travel Ma ...)
- TODO: check
+ NOT-FOR-US: itsourcecode System
CVE-2025-9151 (A security flaw has been discovered in LiuYuYang01 ThriveX-Blog up to ...)
TODO: check
CVE-2025-9150 (A vulnerability was identified in Surbowl dormitory-management-php up ...)
TODO: check
CVE-2025-9149 (A vulnerability was determined in Wavlink WL-NU516U1 M16U1_V240425. Th ...)
- TODO: check
+ NOT-FOR-US: Wavlink
CVE-2025-9148 (A vulnerability was found in CodePhiliaX Chat2DB up to 0.3.7. This aff ...)
TODO: check
CVE-2025-9147 (A vulnerability has been found in jasonclark getsemantic up to 040c96e ...)
TODO: check
CVE-2025-9146 (A flaw has been found in Linksys E5600 1.1.0.26. The affected element ...)
- TODO: check
+ NOT-FOR-US: Linksys
CVE-2025-9145 (A security vulnerability has been detected in Scada-LTS 2.7.8.1. This ...)
TODO: check
CVE-2025-9144 (A weakness has been identified in Scada-LTS 2.7.8.1. This vulnerabilit ...)
@@ -43,13 +43,13 @@ CVE-2025-9135 (A vulnerability was detected in Verkehrsauskunft \xd6sterreich Sm
CVE-2025-9134 (A security vulnerability has been detected in AfterShip Package Tracke ...)
TODO: check
CVE-2025-8783 (The Contact Manager plugin for WordPress is vulnerable to Stored Cross ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-8782
REJECTED
CVE-2025-8567 (The Nexter Blocks plugin for WordPress is vulnerable to Stored Cross-S ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-8450 (Improper Access Control issue in the Workflow component of Fortra's Fi ...)
- TODO: check
+ NOT-FOR-US: Fortra
CVE-2025-55740 (nginx-defender is a high-performance, enterprise-grade Web Application ...)
TODO: check
CVE-2025-55737 (flaskBlog is a blog app built with Flask. In 2.8.0 and earlier, when d ...)
@@ -77,7 +77,7 @@ CVE-2025-54881 (Mermaid is a JavaScript based diagramming and charting tool that
CVE-2025-54880 (Mermaid is a JavaScript based diagramming and charting tool that uses ...)
TODO: check
CVE-2025-54411 (Discourse is an open-source discussion platform. Welcome banner user n ...)
- TODO: check
+ NOT-FOR-US: Discourse
CVE-2025-54336 (In Plesk Obsidian 18.0.70, _isAdminPasswordValid uses an == comparison ...)
TODO: check
CVE-2025-52478 (n8n is a workflow automation platform. From 1.77.0 to before 1.98.2, a ...)
@@ -127,29 +127,29 @@ CVE-2025-4046 (A missing authorization vulnerability in Lexmark Cloud Services b
CVE-2025-4044 (Improper Restriction of XML External Entity Reference in various Lexma ...)
TODO: check
CVE-2025-43745 (A CSRF vulnerability in Liferay Portal 7.4.0 through 7.4.3.132, and Li ...)
- TODO: check
+ NOT-FOR-US: Liferay
CVE-2025-43744 (A stored DOM-based Cross-Site Scripting (XSS) vulnerability in Liferay ...)
- TODO: check
+ NOT-FOR-US: Liferay
CVE-2025-43743 (Liferay Portal 7.4.0 through 7.4.3.132, and Liferay DXP 2025.Q1.0 thro ...)
- TODO: check
+ NOT-FOR-US: Liferay
CVE-2025-43740 (A Stored cross-site scripting vulnerability in the Liferay Portal 7.4. ...)
- TODO: check
+ NOT-FOR-US: Liferay
CVE-2025-43739 (Liferay Portal 7.4.0 through 7.4.3.132, and Liferay DXP 2025.Q1.0 thro ...)
- TODO: check
+ NOT-FOR-US: Liferay
CVE-2025-43738 (A reflected cross-site scripting (XSS) vulnerability in the Liferay Po ...)
- TODO: check
+ NOT-FOR-US: Liferay
CVE-2025-43737 (A reflected cross-site scripting (XSS) vulnerability in the Liferay Po ...)
- TODO: check
+ NOT-FOR-US: Liferay
CVE-2025-41689 (An unauthenticated remote attacker can grant access without password p ...)
TODO: check
CVE-2025-41685 (A low-privileged remote attacker can obtain the username of another re ...)
TODO: check
CVE-2025-33008 (IBM Sterling B2B Integrator 6.2.1.0 and IBM Sterling File Gateway6.2.1 ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2025-31988 (HCL Digital Experience is susceptible to cross site scripting (XSS) in ...)
- TODO: check
+ NOT-FOR-US: HCL
CVE-2025-2988 (IBM Sterling B2B Integrator and IBM Sterling File Gateway 6.0.0.0 thro ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2024-45062 (A stack based buffer overflow vulnerability is present in OpenPrinting ...)
TODO: check
CVE-2024-44373 (A Path Traversal vulnerability in AllSky v2023.05.01_04 allows an unau ...)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/62ee47b77902a138cd5753fcb7b3936750a35c0e
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/62ee47b77902a138cd5753fcb7b3936750a35c0e
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20250819/d2cbb4b8/attachment.htm>
More information about the debian-security-tracker-commits
mailing list