[Git][security-tracker-team/security-tracker][master] automatic NOT-FOR-US entries update
Salvatore Bonaccorso (@carnil)
carnil at debian.org
Thu Aug 21 21:13:53 BST 2025
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
14ad1181 by security tracker role at 2025-08-21T20:13:46+00:00
automatic NOT-FOR-US entries update
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,39 +1,39 @@
CVE-2025-9311 (A vulnerability was identified in itsourcecode Apartment Management Sy ...)
- TODO: check
+ NOT-FOR-US: itsourcecode System
CVE-2025-9310 (A vulnerability was determined in yeqifu carRental up to 3fabb7eae93d2 ...)
TODO: check
CVE-2025-9309 (A vulnerability was found in Tenda AC10 16.03.10.13. Affected is an un ...)
- TODO: check
+ NOT-FOR-US: Tenda
CVE-2025-9308 (A vulnerability has been found in yarnpkg Yarn up to 1.22.22. This imp ...)
TODO: check
CVE-2025-9307 (A flaw has been found in PHPGurukul Online Course Registration 3.1. Th ...)
- TODO: check
+ NOT-FOR-US: PHPGurukul
CVE-2025-9306 (A vulnerability was detected in SourceCodester Advanced School Managem ...)
- TODO: check
+ NOT-FOR-US: SourceCodester
CVE-2025-9305 (A security vulnerability has been detected in SourceCodester Online Ba ...)
- TODO: check
+ NOT-FOR-US: SourceCodester
CVE-2025-9304 (A weakness has been identified in SourceCodester Online Bank Managemen ...)
- TODO: check
+ NOT-FOR-US: SourceCodester
CVE-2025-9303 (A security flaw has been discovered in TOTOLINK A720R 4.1.5cu.630_B202 ...)
- TODO: check
+ NOT-FOR-US: TOTOLINK
CVE-2025-9302 (A vulnerability was identified in PHPGurukul User Management System 1. ...)
- TODO: check
+ NOT-FOR-US: PHPGurukul
CVE-2025-9301 (A vulnerability was determined in cmake 4.1.20250725-gb5cce23. This af ...)
TODO: check
CVE-2025-9300 (A vulnerability was found in saitoha libsixel up to 1.10.3. Affected b ...)
TODO: check
CVE-2025-9299 (A vulnerability has been found in Tenda M3 1.0.0.12. Affected by this ...)
- TODO: check
+ NOT-FOR-US: Tenda
CVE-2025-9298 (A flaw has been found in Tenda M3 1.0.0.12. Affected is the function f ...)
- TODO: check
+ NOT-FOR-US: Tenda
CVE-2025-9297 (A vulnerability was detected in Tenda i22 1.0.0.3(4687). This impacts ...)
- TODO: check
+ NOT-FOR-US: Tenda
CVE-2025-9296 (A security vulnerability has been detected in Emlog Pro up to 2.5.18. ...)
TODO: check
CVE-2025-8402 (Mattermost versions 10.8.x <= 10.8.3, 10.5.x <= 10.5.8, 9.11.x <= 9.11 ...)
TODO: check
CVE-2025-8064 (The Bible SuperSearch plugin for WordPress is vulnerable to Stored Cro ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-7969 (Improper Neutralization of Input During Web Page Generation (XSS or 'C ...)
TODO: check
CVE-2025-7051 (On N-central, it is possible for any authenticated user to read, write ...)
@@ -43,15 +43,15 @@ CVE-2025-6465 (Mattermost versions 10.8.x <= 10.8.3, 10.5.x <= 10.5.8, 10.10.x <
CVE-2025-57768 (Phproject is a high performance full-featured project management syste ...)
TODO: check
CVE-2025-57765 (WeGIA is a Web manager for charitable institutions. Prior to 3.4.7, a ...)
- TODO: check
+ NOT-FOR-US: WeGIA
CVE-2025-57764 (WeGIA is a Web manager for charitable institutions. Prior to 3.4.7, a ...)
- TODO: check
+ NOT-FOR-US: WeGIA
CVE-2025-57763 (WeGIA is a Web manager for charitable institutions. Prior to 3.4.7, th ...)
- TODO: check
+ NOT-FOR-US: WeGIA
CVE-2025-57762 (WeGIA is a Web manager for charitable institutions. Prior to 3.4.7, th ...)
- TODO: check
+ NOT-FOR-US: WeGIA
CVE-2025-57761 (WeGIA is a Web manager for charitable institutions. Prior to 3.4.10, t ...)
- TODO: check
+ NOT-FOR-US: WeGIA
CVE-2025-57755 (claude-code-router is a powerful tool to route Claude Code requests to ...)
TODO: check
CVE-2025-57754 (eslint-ban-moment is an Eslint plugin for final assignment in VIHU. In ...)
@@ -67,7 +67,7 @@ CVE-2025-55743 (UnoPim is an open-source Product Information Management (PIM) sy
CVE-2025-55742 (UnoPim is an open-source Product Information Management (PIM) system b ...)
TODO: check
CVE-2025-55564 (Tenda AC15 v15.03.05.19_multi_TD01 has a stack overflow via the list p ...)
- TODO: check
+ NOT-FOR-US: Tenda
CVE-2025-55524 (Insecure permissions in Agent-Zero v0.8.* allow attackers to arbitrari ...)
TODO: check
CVE-2025-55523 (An issue in the component /api/download_work_dir_file.py of Agent-Zero ...)
@@ -111,11 +111,11 @@ CVE-2025-55103 (There is a stored Cross-site Scripting vulnerability in Esri Por
CVE-2025-54460 (The vulnerability, if exploited, could allow an authenticated miscrean ...)
TODO: check
CVE-2025-53795 (Improper authorization in Microsoft PC Manager allows an unauthorized ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2025-53763 (Improper access control in Azure Databricks allows an unauthorized att ...)
TODO: check
CVE-2025-53251 (Unrestricted Upload of File with Dangerous Type vulnerability in An-Th ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-52395 (An issue in Roadcute API v.1 allows a remote attacker to execute arbit ...)
TODO: check
CVE-2025-52352 (Aikaan IoT management platform v3.25.0325-5-g2e9c59796 provides a conf ...)
@@ -135,19 +135,19 @@ CVE-2025-48956 (vLLM is an inference and serving engine for large language model
CVE-2025-47184 (An XML external entities (XXE) injection vulnerability in the /init AP ...)
TODO: check
CVE-2025-43756 (<!--td {border: 1px solid #cccccc;}br {mso-data-placement:same-cell;}- ...)
- TODO: check
+ NOT-FOR-US: Liferay
CVE-2025-43755 (A Stored cross-site scripting vulnerability in the Liferay Portal 7.4. ...)
- TODO: check
+ NOT-FOR-US: Liferay
CVE-2025-43754 (Username enumeration vulnerability in Liferay Portal 7.4.0 through 7.4 ...)
- TODO: check
+ NOT-FOR-US: Liferay
CVE-2025-41415 (The vulnerability, if exploited, could allow an authenticated miscrean ...)
TODO: check
CVE-2025-3128 (A remote unauthenticated attacker who has bypassed authentication coul ...)
TODO: check
CVE-2025-38743 (Dell iDRAC Service Module (iSM), versions prior to 6.0.3.0, contains a ...)
- TODO: check
+ NOT-FOR-US: Dell / EMC
CVE-2025-38742 (Dell iDRAC Service Module (iSM), versions prior to 6.0.3.0, contains a ...)
- TODO: check
+ NOT-FOR-US: Dell / EMC
CVE-2025-34158 (Plex Media Server (PMS) versions 1.41.7.x through 1.42.0.x are affecte ...)
TODO: check
CVE-2025-27721 (Unauthorized users can access INFINITT PACS System Managerwithout prop ...)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/14ad11813becd7ce3f5cac087e682b19722d0a08
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/14ad11813becd7ce3f5cac087e682b19722d0a08
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20250821/45bf20c1/attachment-0001.htm>
More information about the debian-security-tracker-commits
mailing list