[Git][security-tracker-team/security-tracker][master] NFUs
Moritz Muehlenhoff (@jmm)
jmm at debian.org
Tue Jul 1 11:15:57 BST 2025
Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker
Commits:
41e685c1 by Moritz Muehlenhoff at 2025-07-01T12:15:36+02:00
NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,7 +1,7 @@
CVE-2025-6940 (A vulnerability classified as critical was found in TOTOLINK A702R 4.0 ...)
- TODO: check
+ NOT-FOR-US: TOTOLINK
CVE-2025-6939 (A vulnerability classified as critical has been found in TOTOLINK A300 ...)
- TODO: check
+ NOT-FOR-US: TOTOLINK
CVE-2025-6938 (A vulnerability was found in code-projects Simple Pizza Ordering Syste ...)
NOT-FOR-US: code-projects
CVE-2025-6937 (A vulnerability was found in code-projects Simple Pizza Ordering Syste ...)
@@ -21,11 +21,11 @@ CVE-2025-6930 (A vulnerability classified as critical has been found in PHPGuruk
CVE-2025-6929 (A vulnerability was found in PHPGurukul Zoo Management System 2.1. It ...)
NOT-FOR-US: PHPGurukul
CVE-2025-6925 (A vulnerability has been found in Dromara RuoYi-Vue-Plus 5.4.0 and cla ...)
- TODO: check
+ NOT-FOR-US: Dromara RuoYi-Vue-Plus
CVE-2025-6917 (A vulnerability has been found in code-projects Online Hotel Booking 1 ...)
- TODO: check
+ NOT-FOR-US: code-projects
CVE-2025-6916 (A vulnerability, which was classified as critical, was found in TOTOLI ...)
- TODO: check
+ NOT-FOR-US: TOTOLINK
CVE-2025-6915 (A vulnerability, which was classified as critical, has been found in P ...)
NOT-FOR-US: PHPGurukul
CVE-2025-6914 (A vulnerability classified as critical was found in PHPGurukul Student ...)
@@ -61,7 +61,7 @@ CVE-2025-6900 (A vulnerability has been found in code-projects Library System 1.
CVE-2025-6899 (A vulnerability, which was classified as critical, was found in D-Link ...)
NOT-FOR-US: D-Link
CVE-2025-6081 (Insufficiently Protected Credentials in LDAP in Konica Minoltabizhub 2 ...)
- TODO: check
+ NOT-FOR-US: Konica
CVE-2025-5967 (A stored cross-site scripting vulnerability in ENS HX 10.0.4 allows a ...)
TODO: check
CVE-2025-53416
@@ -69,9 +69,9 @@ CVE-2025-53416
CVE-2025-53415 (Delta Electronics DTM SoftProject File Parsing Deserialization of Untr ...)
NOT-FOR-US: Delta Electronics
CVE-2025-53096 (Sunshine is a self-hosted game stream host for Moonlight. Prior to ver ...)
- TODO: check
+ NOT-FOR-US: Sunshine
CVE-2025-53095 (Sunshine is a self-hosted game stream host for Moonlight. Prior to ver ...)
- TODO: check
+ NOT-FOR-US: Sunshine
CVE-2025-53017
REJECTED
CVE-2025-53005 (DataEase is an open source business intelligence and data visualizatio ...)
@@ -83,21 +83,21 @@ CVE-2025-53003 (The Janssen Project is an open-source identity and access manage
CVE-2025-53001
REJECTED
CVE-2025-52997 (File Browser provides a file managing interface within a specified dir ...)
- TODO: check
+ NOT-FOR-US: filebrowser
CVE-2025-52996 (File Browser provides a file managing interface within a specified dir ...)
- TODO: check
+ NOT-FOR-US: filebrowser
CVE-2025-52995 (File Browser provides a file managing interface within a specified dir ...)
- TODO: check
+ NOT-FOR-US: filebrowser
CVE-2025-52901 (File Browser provides a file managing interface within a specified dir ...)
- TODO: check
+ NOT-FOR-US: filebrowser
CVE-2025-52898 (Frappe is a full-stack web application framework. Prior to versions 14 ...)
- TODO: check
+ NOT-FOR-US: Frappe Framework
CVE-2025-52896 (Frappe is a full-stack web application framework. Prior to versions 14 ...)
- TODO: check
+ NOT-FOR-US: Frappe Framework
CVE-2025-52895 (Frappe is a full-stack web application framework. Prior to versions 14 ...)
- TODO: check
+ NOT-FOR-US: Frappe Framework
CVE-2025-52491 (Akamai CloudTest before 60 2025.06.09 (12989) allows SSRF.)
- TODO: check
+ NOT-FOR-US: Akamai
CVE-2025-4407 (Insufficient Session Expiration vulnerability in ABB Lite Panel Pro.Th ...)
NOT-FOR-US: ABB group
CVE-2025-49521 (A flaw was found in the EDA component of the Ansible Automation Platfo ...)
@@ -107,21 +107,21 @@ CVE-2025-49520 (A flaw was found in Ansible Automation Platform\u2019s EDA compo
CVE-2025-49493 (Akamai CloudTest before 60 2025.06.02 (12988) allows file inclusion vi ...)
TODO: check
CVE-2025-47871 (Mattermost versions 10.5.x <= 10.5.5, 9.11.x <= 9.11.15, 10.8.x <= 10. ...)
- TODO: check
+ - mattermost-server <itp> (bug #823556)
CVE-2025-46702 (Mattermost versions 10.5.x <= 10.5.5, 9.11.x <= 9.11.15, 10.8.x <= 10. ...)
- TODO: check
+ - mattermost-server <itp> (bug #823556)
CVE-2025-45931 (An issue D-Link DIR-816-A2 DIR-816A2_FWv1.10CNB05_R1B011D88210 allows ...)
NOT-FOR-US: D-Link
CVE-2025-45143 (string-math v1.2.2 was discovered to contain a Regex Denial of Service ...)
TODO: check
CVE-2025-41439 (A reflected cross-site scripting vulnerability via a specific paramete ...)
- TODO: check
+ NOT-FOR-US: RICOH
CVE-2025-40734 (Reflected Cross-Site Scripting (XSS) vulnerability in Daily Expense Ma ...)
- TODO: check
+ NOT-FOR-US: Daily Expense Manager
CVE-2025-40733 (Reflected Cross-Site Scripting (XSS) vulnerability in Daily Expense Ma ...)
- TODO: check
+ NOT-FOR-US: Daily Expense Manager
CVE-2025-40732 (user enumeration vulnerability in Daily Expense Manager v1.0. To explo ...)
- TODO: check
+ NOT-FOR-US: Daily Expense Manager
CVE-2025-40731 (SQL injection vulnerability in Daily Expense Manager v1.0. This vulner ...)
TODO: check
CVE-2025-40710 (Host Header Injection (HHI) vulnerability in the Hotspot Shield VPN cl ...)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/41e685c19b3c6eeee53245dd04985da7ebc45854
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/41e685c19b3c6eeee53245dd04985da7ebc45854
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20250701/162a31de/attachment.htm>
More information about the debian-security-tracker-commits
mailing list