[Git][security-tracker-team/security-tracker][master] automatic NOT-FOR-US entries update
Salvatore Bonaccorso (@carnil)
carnil at debian.org
Fri Aug 29 21:15:58 BST 2025
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
988f7dc1 by security tracker role at 2025-08-29T20:15:51+00:00
automatic NOT-FOR-US entries update
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -9,19 +9,19 @@ CVE-2025-9670 (A security flaw has been discovered in mixmark-io turndown up to
CVE-2025-9669 (A vulnerability has been found in Jinher OA 1.0. This issue affects so ...)
TODO: check
CVE-2025-9667 (A vulnerability was detected in code-projects Simple Grading System 1. ...)
- TODO: check
+ NOT-FOR-US: code-projects
CVE-2025-9666 (A security vulnerability has been detected in code-projects Simple Gra ...)
- TODO: check
+ NOT-FOR-US: code-projects
CVE-2025-9665 (A weakness has been identified in code-projects Simple Grading System ...)
- TODO: check
+ NOT-FOR-US: code-projects
CVE-2025-9664 (A security flaw has been discovered in code-projects Simple Grading Sy ...)
- TODO: check
+ NOT-FOR-US: code-projects
CVE-2025-9663 (A vulnerability was identified in code-projects Simple Grading System ...)
- TODO: check
+ NOT-FOR-US: code-projects
CVE-2025-9662 (A vulnerability was determined in code-projects Simple Grading System ...)
- TODO: check
+ NOT-FOR-US: code-projects
CVE-2025-9660 (A vulnerability was found in SourceCodester Bakeshop Online Ordering S ...)
- TODO: check
+ NOT-FOR-US: SourceCodester
CVE-2025-9659 (A vulnerability has been found in O2OA up to 10.0-410. The affected el ...)
TODO: check
CVE-2025-9658 (A flaw has been found in O2OA up to 10.0-410. Impacted is an unknown f ...)
@@ -29,15 +29,15 @@ CVE-2025-9658 (A flaw has been found in O2OA up to 10.0-410. Impacted is an unkn
CVE-2025-9657 (A vulnerability was detected in O2OA up to 10.0-410. This issue affect ...)
TODO: check
CVE-2025-9656 (A security vulnerability has been detected in PHPGurukul Directory Man ...)
- TODO: check
+ NOT-FOR-US: PHPGurukul
CVE-2025-9655 (A weakness has been identified in O2OA up to 10.0-410. This affects an ...)
TODO: check
CVE-2025-9654 (A security flaw has been discovered in AiondaDotCom mcp-ssh up to 1.0. ...)
TODO: check
CVE-2025-9653 (A vulnerability was identified in Portabilis i-Educar up to 2.10. Affe ...)
- TODO: check
+ NOT-FOR-US: Portabilis
CVE-2025-9652 (A vulnerability was determined in Portabilis i-Educar up to 2.10. Affe ...)
- TODO: check
+ NOT-FOR-US: Portabilis
CVE-2025-9651 (A vulnerability was found in shafhasan chatbox up to 156a39cde62f78532 ...)
TODO: check
CVE-2025-9650 (A vulnerability has been found in yeqifu carRental up to 3fabb7eae93d2 ...)
@@ -49,25 +49,25 @@ CVE-2025-9647 (A weakness has been identified in mtons mblog up to 3.5.0. This i
CVE-2025-9646 (A security flaw has been discovered in O2OA up to 10.0-410. This vulne ...)
TODO: check
CVE-2025-9645 (A vulnerability was identified in itsourcecode Apartment Management Sy ...)
- TODO: check
+ NOT-FOR-US: itsourcecode System
CVE-2025-9644 (A vulnerability was determined in itsourcecode Apartment Management Sy ...)
- TODO: check
+ NOT-FOR-US: itsourcecode System
CVE-2025-9643 (A vulnerability was found in itsourcecode Apartment Management System ...)
- TODO: check
+ NOT-FOR-US: itsourcecode System
CVE-2025-9377 (The authenticated remote command execution (RCE) vulnerability exists ...)
- TODO: check
+ NOT-FOR-US: TP-Link
CVE-2025-9217 (The Slider Revolution plugin for WordPress is vulnerable to Path Trave ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-9071 (Erroneously using an all-zero seed for RSA-OEAP padding instead of the ...)
TODO: check
CVE-2025-8150 (The Events Addon for Elementor plugin for WordPress is vulnerable to S ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-7383 (Padding oracle attack vulnerability in Oberon microsystem AG\u2019s Ob ...)
TODO: check
CVE-2025-7071 (Padding oracle attack vulnerability in Oberon microsystem AG\u2019s oc ...)
TODO: check
CVE-2025-5808 (Improper Input Validation vulnerability in OpenText Self Service Passw ...)
- TODO: check
+ NOT-FOR-US: OpenText
CVE-2025-58158 (Harness Open Source is an end-to-end developer platform with Source Co ...)
TODO: check
CVE-2025-56577 (An issue in Evope Core v.1.1.3.20 allows a local attacker to obtain se ...)
@@ -87,13 +87,13 @@ CVE-2025-55202 (Opencast is a free, open-source platform to support the manageme
CVE-2025-55177 (Incomplete authorization of linked device synchronization messages in ...)
TODO: check
CVE-2025-54877 (Tuleap is an Open Source Suite created to facilitate management of sof ...)
- TODO: check
+ NOT-FOR-US: Tuleap
CVE-2025-54080 (Exiv2 is a C++ library and a command-line utility to read, write, dele ...)
TODO: check
CVE-2025-52861 (A path traversal vulnerability has been reported to affect VioStor. If ...)
- TODO: check
+ NOT-FOR-US: QNAP
CVE-2025-52856 (An improper authentication vulnerability has been reported to affect V ...)
- TODO: check
+ NOT-FOR-US: QNAP
CVE-2025-4644 (A Session Fixation vulnerability existed in Payload's SQLite adapter d ...)
TODO: check
CVE-2025-4643 (Payload uses JSON Web Tokens (JWT) for authentication. After log out J ...)
@@ -103,9 +103,9 @@ CVE-2025-47909 (Hosts listed in TrustedOrigins implicitly allow requests from th
CVE-2025-44033 (SQL injection vulnerability in oa_system oasys v.1.1 allows a remote a ...)
TODO: check
CVE-2025-44015 (A command injection vulnerability has been reported to affect HybridDe ...)
- TODO: check
+ NOT-FOR-US: QNAP
CVE-2025-43773 (Liferay Portal 7.4.0 through 7.4.3.132, and Liferay DXP 2025.Q2.0, 20 ...)
- TODO: check
+ NOT-FOR-US: Liferay
CVE-2025-40709 (Cross-Site Scripting (XSS) vulnerability in OpenAtlas v8.9.0 from the ...)
TODO: check
CVE-2025-40708 (Cross-Site Scripting (XSS) vulnerability in OpenAtlas v8.9.0 from the ...)
@@ -123,89 +123,89 @@ CVE-2025-40703 (Cross-Site Scripting (XSS) vulnerability in OpenAtlas v8.9.0 fro
CVE-2025-40702 (Cross-Site Scripting (XSS) vulnerability in OpenAtlas v8.9.0 from the ...)
TODO: check
CVE-2025-33038 (A path traversal vulnerability has been reported to affect Qsync Centr ...)
- TODO: check
+ NOT-FOR-US: QNAP
CVE-2025-33037 (A path traversal vulnerability has been reported to affect Qsync Centr ...)
- TODO: check
+ NOT-FOR-US: QNAP
CVE-2025-33036 (A path traversal vulnerability has been reported to affect Qsync Centr ...)
- TODO: check
+ NOT-FOR-US: QNAP
CVE-2025-33033 (A path traversal vulnerability has been reported to affect Qsync Centr ...)
- TODO: check
+ NOT-FOR-US: QNAP
CVE-2025-33032 (A path traversal vulnerability has been reported to affect several QNA ...)
- TODO: check
+ NOT-FOR-US: QNAP
CVE-2025-30278 (An improper certificate validation vulnerability has been reported to ...)
- TODO: check
+ NOT-FOR-US: QNAP
CVE-2025-30277 (An improper certificate validation vulnerability has been reported to ...)
- TODO: check
+ NOT-FOR-US: QNAP
CVE-2025-30275 (A NULL pointer dereference vulnerability has been reported to affect Q ...)
- TODO: check
+ NOT-FOR-US: QNAP
CVE-2025-30274 (A NULL pointer dereference vulnerability has been reported to affect s ...)
- TODO: check
+ NOT-FOR-US: QNAP
CVE-2025-30273 (An out-of-bounds write vulnerability has been reported to affect sever ...)
- TODO: check
+ NOT-FOR-US: QNAP
CVE-2025-30272 (A NULL pointer dereference vulnerability has been reported to affect s ...)
- TODO: check
+ NOT-FOR-US: QNAP
CVE-2025-30271 (A path traversal vulnerability has been reported to affect several QNA ...)
- TODO: check
+ NOT-FOR-US: QNAP
CVE-2025-30270 (A path traversal vulnerability has been reported to affect several QNA ...)
- TODO: check
+ NOT-FOR-US: QNAP
CVE-2025-30268 (A NULL pointer dereference vulnerability has been reported to affect s ...)
- TODO: check
+ NOT-FOR-US: QNAP
CVE-2025-30267 (A NULL pointer dereference vulnerability has been reported to affect s ...)
- TODO: check
+ NOT-FOR-US: QNAP
CVE-2025-30265 (A buffer overflow vulnerability has been reported to affect several QN ...)
- TODO: check
+ NOT-FOR-US: QNAP
CVE-2025-30264 (A command injection vulnerability has been reported to affect several ...)
- TODO: check
+ NOT-FOR-US: QNAP
CVE-2025-30263 (A NULL pointer dereference vulnerability has been reported to affect Q ...)
- TODO: check
+ NOT-FOR-US: QNAP
CVE-2025-30262 (A NULL pointer dereference vulnerability has been reported to affect Q ...)
- TODO: check
+ NOT-FOR-US: QNAP
CVE-2025-30261 (An allocation of resources without limits or throttling vulnerability ...)
- TODO: check
+ NOT-FOR-US: QNAP
CVE-2025-30260 (An allocation of resources without limits or throttling vulnerability ...)
- TODO: check
+ NOT-FOR-US: QNAP
CVE-2025-29900 (An allocation of resources without limits or throttling vulnerability ...)
- TODO: check
+ NOT-FOR-US: QNAP
CVE-2025-29899 (An allocation of resources without limits or throttling vulnerability ...)
- TODO: check
+ NOT-FOR-US: QNAP
CVE-2025-29898 (An uncontrolled resource consumption vulnerability has been reported t ...)
- TODO: check
+ NOT-FOR-US: QNAP
CVE-2025-29894 (An SQL injection vulnerability has been reported to affect Qsync Centr ...)
- TODO: check
+ NOT-FOR-US: QNAP
CVE-2025-29893 (An SQL injection vulnerability has been reported to affect Qsync Centr ...)
- TODO: check
+ NOT-FOR-US: QNAP
CVE-2025-29890 (An allocation of resources without limits or throttling vulnerability ...)
- TODO: check
+ NOT-FOR-US: QNAP
CVE-2025-29889 (A NULL pointer dereference vulnerability has been reported to affect F ...)
- TODO: check
+ NOT-FOR-US: QNAP
CVE-2025-29888 (A NULL pointer dereference vulnerability has been reported to affect F ...)
- TODO: check
+ NOT-FOR-US: QNAP
CVE-2025-29887 (A command injection vulnerability has been reported to affect QuRouter ...)
- TODO: check
+ NOT-FOR-US: QNAP
CVE-2025-29886 (A NULL pointer dereference vulnerability has been reported to affect F ...)
- TODO: check
+ NOT-FOR-US: QNAP
CVE-2025-29882 (A NULL pointer dereference vulnerability has been reported to affect s ...)
- TODO: check
+ NOT-FOR-US: QNAP
CVE-2025-29879 (A NULL pointer dereference vulnerability has been reported to affect F ...)
- TODO: check
+ NOT-FOR-US: QNAP
CVE-2025-29878 (A NULL pointer dereference vulnerability has been reported to affect F ...)
- TODO: check
+ NOT-FOR-US: QNAP
CVE-2025-29875 (A NULL pointer dereference vulnerability has been reported to affect F ...)
- TODO: check
+ NOT-FOR-US: QNAP
CVE-2025-29874 (A NULL pointer dereference vulnerability has been reported to affect F ...)
- TODO: check
+ NOT-FOR-US: QNAP
CVE-2025-22483 (A cross-site scripting (XSS) vulnerability has been reported to affect ...)
- TODO: check
+ NOT-FOR-US: QNAP
CVE-2024-46917 (Diebold Nixdorf Vynamic Security Suite through 4.3.0 SR01 does not val ...)
TODO: check
CVE-2024-46916 (Diebold Nixdorf Vynamic Security Suite through 4.3.0 SR06 contains fun ...)
TODO: check
CVE-2024-46484 (TRENDnet TV-IP410 vA1.0R was discovered to contain an OS command injec ...)
- TODO: check
+ NOT-FOR-US: TRENDnet
CVE-2024-13342 (The Booster for WooCommerce plugin for WordPress is vulnerable to arbi ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-12923 (A cross-site scripting (XSS) vulnerability has been reported to affect ...)
- TODO: check
+ NOT-FOR-US: QNAP
CVE-2023-41471 (Cross Site Scripting vulnerability in copyparty v.1.9.1 allows a local ...)
TODO: check
CVE-2025-9639 (The QbiCRMGateway developed by Ai3 has an Arbitrary File Reading vulne ...)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/988f7dc135fa2c7b1f669de7c5a898520e87a9a4
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/988f7dc135fa2c7b1f669de7c5a898520e87a9a4
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20250829/89dbae6c/attachment.htm>
More information about the debian-security-tracker-commits
mailing list