[Git][security-tracker-team/security-tracker][master] automatic NOT-FOR-US entries update
Salvatore Bonaccorso (@carnil)
carnil at debian.org
Fri Jul 11 21:14:17 BST 2025
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
f68d1ef7 by security tracker role at 2025-07-11T20:14:10+00:00
automatic NOT-FOR-US entries update
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,11 +1,11 @@
CVE-2025-7503 (An OEM IP camera manufactured by Shenzhen Liandian Communication Techn ...)
TODO: check
CVE-2025-7456 (A vulnerability, which was classified as critical, has been found in C ...)
- TODO: check
+ NOT-FOR-US: Campcodes
CVE-2025-7455 (A vulnerability classified as critical was found in Campcodes Online M ...)
- TODO: check
+ NOT-FOR-US: Campcodes
CVE-2025-7454 (A vulnerability classified as critical has been found in Campcodes Onl ...)
- TODO: check
+ NOT-FOR-US: Campcodes
CVE-2025-7453 (A vulnerability was found in saltbo zpan up to 1.6.5/1.7.0-beta2. It h ...)
TODO: check
CVE-2025-7452 (A vulnerability was found in kone-net go-chat up to f9e58d0afa9bbdb31f ...)
@@ -21,15 +21,15 @@ CVE-2025-7027 (A vulnerability in the Software SMI handler (SwSmiInputValue 0xB2
CVE-2025-7026 (A vulnerability in the Software SMI handler (SwSmiInputValue 0xB2) all ...)
TODO: check
CVE-2025-6851 (The Broken Link Notifier plugin for WordPress is vulnerable to Server- ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-6838 (The Broken Link Notifier plugin for WordPress is vulnerable to CSV Inj ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-6788 (CWE-668: Exposure of Resource to Wrong Sphere vulnerability exists tha ...)
- TODO: check
+ NOT-FOR-US: Schneider Electric
CVE-2025-6549 (An Incorrect Authorization vulnerability in the web server of Juniper ...)
- TODO: check
+ NOT-FOR-US: Juniper
CVE-2025-6438 (CWE-611: Improper Restriction of XML External Entity Reference vulnera ...)
- TODO: check
+ NOT-FOR-US: Schneider Electric
CVE-2025-53642 (haxcms-nodejs and haxcms-php are backends for HAXcms. The logout funct ...)
TODO: check
CVE-2025-53641 (Postiz is an AI social media scheduling tool. From 1.45.1 to 1.62.3, t ...)
@@ -37,69 +37,69 @@ CVE-2025-53641 (Postiz is an AI social media scheduling tool. From 1.45.1 to 1.6
CVE-2025-52994 (gif_outputAsJpeg in phpThumb through 1.7.23 allows phpthumb.gif.php OS ...)
TODO: check
CVE-2025-52989 (An Improper Neutralization of Delimiters vulnerability in the UI of Ju ...)
- TODO: check
+ NOT-FOR-US: Juniper
CVE-2025-52988 (An Improper Neutralization of Special Elements used in an OS Command ( ...)
- TODO: check
+ NOT-FOR-US: Juniper
CVE-2025-52986 (A Missing Release of Memory after Effective Lifetime vulnerability in ...)
- TODO: check
+ NOT-FOR-US: Juniper
CVE-2025-52985 (A Use of Incorrect Operator vulnerability in the Routing Engine firew ...)
- TODO: check
+ NOT-FOR-US: Juniper
CVE-2025-52984 (A NULL Pointer Dereference vulnerability in the routing protocol daemo ...)
- TODO: check
+ NOT-FOR-US: Juniper
CVE-2025-52983 (A UI Discrepancy for Security Feature vulnerability in the UI of Juni ...)
- TODO: check
+ NOT-FOR-US: Juniper
CVE-2025-52982 (An Improper Resource Shutdown or Release vulnerability in the SIP ALG ...)
- TODO: check
+ NOT-FOR-US: Juniper
CVE-2025-52981 (An Improper Check for Unusual or Exceptional Conditions vulnerability ...)
- TODO: check
+ NOT-FOR-US: Juniper
CVE-2025-52980 (A Use of Incorrect Byte Ordering vulnerability in the Routing Prot ...)
- TODO: check
+ NOT-FOR-US: Juniper
CVE-2025-52964 (A Reachable Assertion vulnerability in the Routing Protocol Daemon (rp ...)
- TODO: check
+ NOT-FOR-US: Juniper
CVE-2025-52963 (An Improper Access Control vulnerability in the User Interface (UI) of ...)
- TODO: check
+ NOT-FOR-US: Juniper
CVE-2025-52958 (A Reachable Assertion vulnerability in the routing protocol daemon (rp ...)
- TODO: check
+ NOT-FOR-US: Juniper
CVE-2025-52955 (An Incorrect Calculation of Buffer Size vulnerability in the routing p ...)
- TODO: check
+ NOT-FOR-US: Juniper
CVE-2025-52954 (A Missing Authorization vulnerability in the internal virtual routing ...)
- TODO: check
+ NOT-FOR-US: Juniper
CVE-2025-52953 (An Expected Behavior Violationvulnerability in the routing protocol da ...)
- TODO: check
+ NOT-FOR-US: Juniper
CVE-2025-52952 (An Out-of-bounds Write vulnerability in the connectivity fault managem ...)
- TODO: check
+ NOT-FOR-US: Juniper
CVE-2025-52951 (A Protection Mechanism Failure vulnerability in kernel filter processi ...)
- TODO: check
+ NOT-FOR-US: Juniper
CVE-2025-52950 (AMissing Authorization vulnerability in Juniper Networks Security Dire ...)
- TODO: check
+ NOT-FOR-US: Juniper
CVE-2025-52949 (An Improper Handling of Length Parameter Inconsistency vulnerability i ...)
- TODO: check
+ NOT-FOR-US: Juniper
CVE-2025-52948 (An Improper Handling of Exceptional Conditions vulnerability in Berkel ...)
- TODO: check
+ NOT-FOR-US: Juniper
CVE-2025-52947 (An Improper Handling of Exceptional Conditions vulnerability in route ...)
- TODO: check
+ NOT-FOR-US: Juniper
CVE-2025-52946 (A Use After Free vulnerability in the routing protocol daemon (rpd) of ...)
- TODO: check
+ NOT-FOR-US: Juniper
CVE-2025-52089 (A hidden remote support feature protected by a static secret in TOTOLI ...)
TODO: check
CVE-2025-51591 (A Server-Side Request Forgery (SSRF) in JGM Pandoc v3.6.4 allows attac ...)
TODO: check
CVE-2025-50125 (CWE-918: Server-Side Request Forgery (SSRF) vulnerability exists that ...)
- TODO: check
+ NOT-FOR-US: Schneider Electric
CVE-2025-50124 (CWE-269: Improper Privilege Management vulnerability exists that could ...)
- TODO: check
+ NOT-FOR-US: Schneider Electric
CVE-2025-50123 (CWE-94: Improper Control of Generation of Code ('Code Injection') vuln ...)
- TODO: check
+ NOT-FOR-US: Schneider Electric
CVE-2025-50122 (CWE-331: Insufficient Entropy vulnerability exists that could cause ro ...)
- TODO: check
+ NOT-FOR-US: Schneider Electric
CVE-2025-50121 (CWE-78: Improper Neutralization of Special Elements used in an OS Comm ...)
- TODO: check
+ NOT-FOR-US: Schneider Electric
CVE-2025-47964 (Microsoft Edge (Chromium-based) Spoofing Vulnerability)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2025-47963 (No cwe for this issue in Microsoft Edge (Chromium-based) allows an una ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2025-47182 (Improper input validation in Microsoft Edge (Chromium-based) allows an ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2025-45582 (GNU Tar through 1.35 allows file overwrite via directory traversal in ...)
TODO: check
CVE-2025-43856 (immich is a high performance self-hosted photo and video management so ...)
@@ -107,9 +107,9 @@ CVE-2025-43856 (immich is a high performance self-hosted photo and video managem
CVE-2025-3933 (A Regular Expression Denial of Service (ReDoS) vulnerability was disco ...)
TODO: check
CVE-2025-3631 (An IBM MQ 9.3 and 9.4 Client connecting to an MQ Queue Manager can cau ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2025-30661 (An Incorrect Permission Assignment for Critical Resource vulnerability ...)
- TODO: check
+ NOT-FOR-US: Juniper
CVE-2025-30403 (A heap-buffer-overflow vulnerability is possible in mvfst via a specia ...)
TODO: check
CVE-2025-30402 (A heap-buffer-overflow vulnerability in the loading of ExecuTorch meth ...)
@@ -718085,7 +718085,7 @@ CVE-2013-3309
CVE-2013-3308
RESERVED
CVE-2013-3307 (Linksys E1000 devices through 2.1.02, E1200 devices before 2.0.05, and ...)
- TODO: check
+ NOT-FOR-US: Linksys
CVE-2013-3306
RESERVED
CVE-2013-3305
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/f68d1ef71384ab1cf84aa67ef48e6417d8c9943f
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/f68d1ef71384ab1cf84aa67ef48e6417d8c9943f
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20250711/a9aa9264/attachment.htm>
More information about the debian-security-tracker-commits
mailing list