[Git][security-tracker-team/security-tracker][master] automatic NOT-FOR-US entries update
Salvatore Bonaccorso (@carnil)
carnil at debian.org
Tue Jul 8 09:13:23 BST 2025
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
85d7b5dd by security tracker role at 2025-07-08T08:13:14+00:00
automatic NOT-FOR-US entries update
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,67 +1,67 @@
CVE-2025-7346 (Any unauthenticated attacker can bypass the localhost restrictions po ...)
TODO: check
CVE-2025-7327 (The Widget for Google Reviews plugin for WordPress is vulnerable to Di ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-7168 (A vulnerability was found in code-projects Crime Reporting System 1.0. ...)
- TODO: check
+ NOT-FOR-US: code-projects
CVE-2025-7167 (A vulnerability was found in code-projects Responsive Blog Site 1.0. I ...)
- TODO: check
+ NOT-FOR-US: code-projects
CVE-2025-7166 (A vulnerability was found in code-projects Responsive Blog Site 1.0. I ...)
- TODO: check
+ NOT-FOR-US: code-projects
CVE-2025-7165 (A vulnerability was found in PHPGurukul/Campcodes Cyber Cafe Managemen ...)
- TODO: check
+ NOT-FOR-US: Campcodes
CVE-2025-7164 (A vulnerability has been found in PHPGurukul/Campcodes Cyber Cafe Mana ...)
- TODO: check
+ NOT-FOR-US: Campcodes
CVE-2025-7163 (A vulnerability, which was classified as critical, was found in PHPGur ...)
- TODO: check
+ NOT-FOR-US: PHPGurukul
CVE-2025-7162 (A vulnerability, which was classified as critical, has been found in P ...)
- TODO: check
+ NOT-FOR-US: PHPGurukul
CVE-2025-7161 (A vulnerability classified as critical was found in PHPGurukul Zoo Man ...)
- TODO: check
+ NOT-FOR-US: PHPGurukul
CVE-2025-7160 (A vulnerability classified as critical has been found in PHPGurukul Zo ...)
- TODO: check
+ NOT-FOR-US: PHPGurukul
CVE-2025-7159 (A vulnerability was found in PHPGurukul Zoo Management System 2.1. It ...)
- TODO: check
+ NOT-FOR-US: PHPGurukul
CVE-2025-7158 (A vulnerability was found in PHPGurukul Zoo Management System 2.1. It ...)
- TODO: check
+ NOT-FOR-US: PHPGurukul
CVE-2025-7157 (A vulnerability was found in code-projects Online Note Sharing 1.0. It ...)
- TODO: check
+ NOT-FOR-US: code-projects
CVE-2025-7156 (A vulnerability has been found in hitsz-ids airda 0.0.3 and classified ...)
TODO: check
CVE-2025-7155 (A vulnerability, which was classified as critical, was found in PHPGur ...)
- TODO: check
+ NOT-FOR-US: PHPGurukul
CVE-2025-7154 (A vulnerability, which was classified as critical, has been found in T ...)
TODO: check
CVE-2025-7153 (A vulnerability classified as problematic was found in CodeAstro Simpl ...)
- TODO: check
+ NOT-FOR-US: CodeAstro
CVE-2025-7152 (A vulnerability classified as critical has been found in Campcodes Adv ...)
- TODO: check
+ NOT-FOR-US: Campcodes
CVE-2025-7151 (A vulnerability was found in Campcodes Advanced Online Voting System 1 ...)
- TODO: check
+ NOT-FOR-US: Campcodes
CVE-2025-7150 (A vulnerability was found in Campcodes Advanced Online Voting System 1 ...)
- TODO: check
+ NOT-FOR-US: Campcodes
CVE-2025-7149 (A vulnerability was found in Campcodes Advanced Online Voting System 1 ...)
- TODO: check
+ NOT-FOR-US: Campcodes
CVE-2025-7148 (A vulnerability was found in CodeAstro Simple Hospital Management Syst ...)
- TODO: check
+ NOT-FOR-US: CodeAstro
CVE-2025-7147 (A vulnerability has been found in CodeAstro Patient Record Management ...)
- TODO: check
+ NOT-FOR-US: CodeAstro
CVE-2025-7146 (The iPublish System developed by Jhenggao has an Arbitrary File Readin ...)
TODO: check
CVE-2025-7144 (A vulnerability has been found in SourceCodester Best Salon Management ...)
- TODO: check
+ NOT-FOR-US: SourceCodester
CVE-2025-6746 (The WoodMart plugin for WordPress is vulnerable to Local File Inclusio ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-6743 (The Woodmart theme for WordPress is vulnerable to Stored Cross-Site Sc ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-6244 (The Essential Addons for Elementor \u2013 Popular Elementor Templates ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-5957 (The Guest Support \u2013 Complete customer support ticket system for W ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-5570 (The AI Engine plugin for WordPress is vulnerable to Stored Cross-Site ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-5537 (The Lightbox & Modal Popup WordPress Plugin \u2013 FooBox plugin for W ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-53617
REJECTED
CVE-2025-53616
@@ -79,59 +79,59 @@ CVE-2025-53611
CVE-2025-53610
REJECTED
CVE-2025-43001 (SAPCAR allows an attacker logged in with high privileges to override t ...)
- TODO: check
+ NOT-FOR-US: SAP
CVE-2025-42992 (SAPCAR allows an attacker logged in with high privileges to create a m ...)
- TODO: check
+ NOT-FOR-US: SAP
CVE-2025-42986 (Due to a missing authorization check in an obsolete RFC enabled functi ...)
- TODO: check
+ NOT-FOR-US: SAP
CVE-2025-42985 (Due to insufficient sanitization in the SAP BusinessObjects Content Ad ...)
- TODO: check
+ NOT-FOR-US: SAP
CVE-2025-42981 (Due to an open redirect vulnerability in SAP NetWeaver Application Ser ...)
- TODO: check
+ NOT-FOR-US: SAP
CVE-2025-42980 (SAP NetWeaver Enterprise Portal Federated Portal Network is vulnerable ...)
- TODO: check
+ NOT-FOR-US: SAP
CVE-2025-42979 (The GuiXT application, which is integrated with SAP GUI for Windows, u ...)
- TODO: check
+ NOT-FOR-US: SAP
CVE-2025-42978 (The widely used component that establishes outbound TLS connections in ...)
- TODO: check
+ NOT-FOR-US: SAP
CVE-2025-42974 (Due to missing authorization check, an attacker authenticated as a non ...)
- TODO: check
+ NOT-FOR-US: SAP
CVE-2025-42973 (Due to a Cross-Site Scripting vulnerability in SAP Data Services Manag ...)
- TODO: check
+ NOT-FOR-US: SAP
CVE-2025-42971 (A memory corruption vulnerability exists in SAPCAR allowing an attacke ...)
- TODO: check
+ NOT-FOR-US: SAP
CVE-2025-42970 (SAPCAR improperly sanitizes the file paths while extracting SAPCAR arc ...)
- TODO: check
+ NOT-FOR-US: SAP
CVE-2025-42969 (SAP NetWeaver Application Server ABAP and ABAP Platform allows an unau ...)
- TODO: check
+ NOT-FOR-US: SAP
CVE-2025-42968 (SAP NetWeaver allows an authenticated non-administrative user to call ...)
- TODO: check
+ NOT-FOR-US: SAP
CVE-2025-42967 (SAP S/4HANA and SAP SCM Characteristic Propagation has remote code exe ...)
- TODO: check
+ NOT-FOR-US: SAP
CVE-2025-42966 (SAP NetWeaver XML Data Archiving Service allows an authenticated attac ...)
- TODO: check
+ NOT-FOR-US: SAP
CVE-2025-42965 (SAP CMC Promotion Management allows an authenticated attacker to enume ...)
- TODO: check
+ NOT-FOR-US: SAP
CVE-2025-42964 (SAP NetWeaver Enterprise Portal Administration is vulnerable when a pr ...)
- TODO: check
+ NOT-FOR-US: SAP
CVE-2025-42963 (A critical vulnerability in SAP NetWeaver Application server for Java ...)
- TODO: check
+ NOT-FOR-US: SAP
CVE-2025-42962 (SAP Business Warehouse (Business Explorer Web) allows an attacker to c ...)
- TODO: check
+ NOT-FOR-US: SAP
CVE-2025-42961 (Due to a missing authorization check in SAP NetWeaver Application serv ...)
- TODO: check
+ NOT-FOR-US: SAP
CVE-2025-42960 (SAP Business Warehouse and SAP BW/4HANA BEx Tools allow an authenticat ...)
- TODO: check
+ NOT-FOR-US: SAP
CVE-2025-42959 (An unauthenticated attacker may exploit a scenario where a Hashed Mess ...)
- TODO: check
+ NOT-FOR-US: SAP
CVE-2025-42956 (SAP NetWeaver Application Server ABAP and ABAP Platform allows an unau ...)
- TODO: check
+ NOT-FOR-US: SAP
CVE-2025-42954 (SAP NetWeaver Business Warehouse CCAW application allows a privileged ...)
- TODO: check
+ NOT-FOR-US: SAP
CVE-2025-42953 (SAP Netweaver System Configuration does not perform necessary authoriz ...)
- TODO: check
+ NOT-FOR-US: SAP
CVE-2025-42952 (SAP Business Warehouse and SAP Plug-In Basis allows an authenticated a ...)
- TODO: check
+ NOT-FOR-US: SAP
CVE-2025-41668 (A low privileged remote attacker with file access can replace a critic ...)
TODO: check
CVE-2025-41667 (A low privileged remote attacker with file access can replace a critic ...)
@@ -145,7 +145,7 @@ CVE-2025-38237 (In the Linux kernel, the following vulnerability has been resolv
CVE-2025-38236 (In the Linux kernel, the following vulnerability has been resolved: a ...)
TODO: check
CVE-2025-31326 (SAP\ufffdBusinessObjects Business\ufffdIntelligence Platform (Web Inte ...)
- TODO: check
+ NOT-FOR-US: SAP
CVE-2025-25271 (An unauthenticated adjacent attacker is able to configure a new OCPP b ...)
TODO: check
CVE-2025-25270 (An unauthenticated remote attacker can alter the device configuration ...)
@@ -165,37 +165,37 @@ CVE-2025-24003 (An unauthenticated remote attacker can use MQTT messages to trig
CVE-2025-24002 (An unauthenticated remote attacker can use MQTT messages to crash a se ...)
TODO: check
CVE-2025-20695 (In Bluetooth FW, there is a possible system crash due to an uncaught e ...)
- TODO: check
+ NOT-FOR-US: MediaTek
CVE-2025-20694 (In Bluetooth FW, there is a possible system crash due to an uncaught e ...)
- TODO: check
+ NOT-FOR-US: MediaTek
CVE-2025-20693 (In wlan STA driver, there is a possible out of bounds read due to an i ...)
- TODO: check
+ NOT-FOR-US: MediaTek
CVE-2025-20692 (In wlan AP driver, there is a possible out of bounds read due to an in ...)
- TODO: check
+ NOT-FOR-US: MediaTek
CVE-2025-20691 (In wlan AP driver, there is a possible out of bounds read due to an in ...)
- TODO: check
+ NOT-FOR-US: MediaTek
CVE-2025-20690 (In wlan AP driver, there is a possible out of bounds read due to an in ...)
- TODO: check
+ NOT-FOR-US: MediaTek
CVE-2025-20689 (In wlan AP driver, there is a possible out of bounds read due to an in ...)
- TODO: check
+ NOT-FOR-US: MediaTek
CVE-2025-20688 (In wlan AP driver, there is a possible out of bounds read due to an in ...)
- TODO: check
+ NOT-FOR-US: MediaTek
CVE-2025-20687 (In Bluetooth driver, there is a possible out of bounds read due to an ...)
- TODO: check
+ NOT-FOR-US: MediaTek
CVE-2025-20686 (In wlan AP driver, there is a possible out of bounds write due to an i ...)
- TODO: check
+ NOT-FOR-US: MediaTek
CVE-2025-20685 (In wlan AP driver, there is a possible out of bounds write due to an i ...)
- TODO: check
+ NOT-FOR-US: MediaTek
CVE-2025-20684 (In wlan AP driver, there is a possible out of bounds write due to an i ...)
- TODO: check
+ NOT-FOR-US: MediaTek
CVE-2025-20683 (In wlan AP driver, there is a possible out of bounds write due to an i ...)
- TODO: check
+ NOT-FOR-US: MediaTek
CVE-2025-20682 (In wlan AP driver, there is a possible out of bounds write due to an i ...)
- TODO: check
+ NOT-FOR-US: MediaTek
CVE-2025-20681 (In wlan AP driver, there is a possible out of bounds write due to an i ...)
- TODO: check
+ NOT-FOR-US: MediaTek
CVE-2025-20680 (In Bluetooth driver, there is a possible out of bounds write due to an ...)
- TODO: check
+ NOT-FOR-US: MediaTek
CVE-2025-7259 (An authorized user can issue queries with duplicate _id fields, that l ...)
- mongodb <removed>
CVE-2025-7143 (A vulnerability, which was classified as problematic, was found in Sou ...)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/85d7b5dd8f2f5afb540aee3d66fbcbac22bbb0ab
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/85d7b5dd8f2f5afb540aee3d66fbcbac22bbb0ab
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20250708/ef38138e/attachment.htm>
More information about the debian-security-tracker-commits
mailing list