[Git][security-tracker-team/security-tracker][master] automatic NOT-FOR-US entries update
Salvatore Bonaccorso (@carnil)
carnil at debian.org
Fri Jul 18 09:14:17 BST 2025
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
560eb7b0 by security tracker role at 2025-07-18T08:14:10+00:00
automatic NOT-FOR-US entries update
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,111 +1,111 @@
CVE-2025-7772 (The Malcure Malware Scanner \u2014 #1 Toolset for WordPress Malware Re ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-7767 (A vulnerability, which was classified as problematic, has been found i ...)
- TODO: check
+ NOT-FOR-US: PHPGurukul
CVE-2025-7765 (A vulnerability classified as critical was found in code-projects Onli ...)
- TODO: check
+ NOT-FOR-US: code-projects
CVE-2025-7764 (A vulnerability classified as critical has been found in code-projects ...)
- TODO: check
+ NOT-FOR-US: code-projects
CVE-2025-7763 (A vulnerability, which was classified as problematic, was found in thi ...)
TODO: check
CVE-2025-7762 (A vulnerability, which was classified as critical, has been found in D ...)
- TODO: check
+ NOT-FOR-US: D-Link
CVE-2025-7759 (A vulnerability, which was classified as critical, was found in thinkg ...)
TODO: check
CVE-2025-7758 (A vulnerability, which was classified as critical, has been found in T ...)
TODO: check
CVE-2025-7757 (A vulnerability classified as critical was found in PHPGurukul Land Re ...)
- TODO: check
+ NOT-FOR-US: PHPGurukul
CVE-2025-7756 (A vulnerability classified as problematic has been found in code-proje ...)
- TODO: check
+ NOT-FOR-US: code-projects
CVE-2025-7755 (A vulnerability was found in code-projects Online Ordering System 1.0. ...)
- TODO: check
+ NOT-FOR-US: code-projects
CVE-2025-7754 (A vulnerability was found in code-projects Patient Record Management S ...)
- TODO: check
+ NOT-FOR-US: code-projects
CVE-2025-7753 (A vulnerability was found in code-projects Online Appointment Booking ...)
- TODO: check
+ NOT-FOR-US: code-projects
CVE-2025-7752 (A vulnerability was found in code-projects Online Appointment Booking ...)
- TODO: check
+ NOT-FOR-US: code-projects
CVE-2025-7751 (A vulnerability has been found in code-projects Online Appointment Boo ...)
- TODO: check
+ NOT-FOR-US: code-projects
CVE-2025-7750 (A vulnerability, which was classified as critical, was found in code-p ...)
- TODO: check
+ NOT-FOR-US: code-projects
CVE-2025-7749 (A vulnerability, which was classified as critical, has been found in c ...)
- TODO: check
+ NOT-FOR-US: code-projects
CVE-2025-7748 (A vulnerability classified as problematic was found in ZCMS 3.6.0. Thi ...)
TODO: check
CVE-2025-7747 (A vulnerability classified as critical has been found in Tenda FH451 1 ...)
- TODO: check
+ NOT-FOR-US: Tenda
CVE-2025-7660 (The Map My Locations plugin for WordPress is vulnerable to Stored Cros ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-7648 (The Ruven Themes: Shortcodes plugin for WordPress is vulnerable to Sto ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-7643 (The Attachment Manager plugin for WordPress is vulnerable to arbitrary ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-7638 (The Forminator Forms \u2013 Contact Form, Payment Form & Custom Form B ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-7472 (A local privilege escalation vulnerability in the Intercept X for Wind ...)
TODO: check
CVE-2025-7438 (The MasterStudy LMS Pro plugin for WordPress is vulnerable to arbitrar ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-7433 (A local privilege escalation vulnerability in Sophos Intercept X for W ...)
TODO: check
CVE-2025-7431 (The Knowledge Base plugin for WordPress is vulnerable to Stored Cross- ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-7398 (Brocade ASCG before 3.3.0 allows for the use of medium strength crypto ...)
- TODO: check
+ NOT-FOR-US: Brocade
CVE-2025-7397 (A vulnerability in the ascgshell, of Brocade ASCG before 3.3.0 stores ...)
- TODO: check
+ NOT-FOR-US: Brocade
CVE-2025-7339 (on-headers is a node.js middleware for listening to when a response wr ...)
TODO: check
CVE-2025-7338 (Multer is a node.js middleware for handling `multipart/form-data`. A v ...)
TODO: check
CVE-2025-6813 (The aapanel WP Toolkit plugin for WordPress is vulnerable to Privilege ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-6781 (The Copymatic \u2013 AI Content Writer & Generator plugin for WordPres ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-6726 (The Block Editor Gallery Slider plugin for WordPress is vulnerable to ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-6719 (The Terms descriptions plugin for WordPress is vulnerable to Stored Cr ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-6718 (The B1.lt plugin for WordPress is vulnerable to SQL Injection due to a ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-6717 (The B1.lt plugin for WordPress is vulnerable to SQL Injection via the ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-6391 (Brocade ASCG before 3.3.0 logs JSON Web Tokens (JWT) in log files. An ...)
- TODO: check
+ NOT-FOR-US: Brocade
CVE-2025-6249 (An authentication bypass vulnerability was reported in FileZ client ap ...)
- TODO: check
+ NOT-FOR-US: Lenovo
CVE-2025-6248 (A cross-site scripting (XSS) vulnerability was reported in the Lenovo ...)
- TODO: check
+ NOT-FOR-US: Lenovo
CVE-2025-6232 (An improper validation vulnerability was reported in Lenovo Vantage th ...)
- TODO: check
+ NOT-FOR-US: Lenovo
CVE-2025-6231 (An improper validation vulnerability was reported in Lenovo Vantage th ...)
- TODO: check
+ NOT-FOR-US: Lenovo
CVE-2025-6230 (A SQL injection vulnerability was reported in Lenovo Vantage that coul ...)
- TODO: check
+ NOT-FOR-US: Lenovo
CVE-2025-6222 (The WooCommerce Refund And Exchange with RMA - Warranty Management, Re ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-6197 (An open redirect vulnerability has been identified in Grafana OSS orga ...)
TODO: check
CVE-2025-6185 (Leviton AcquiSuite and Energy Monitoring Hub are susceptible to a cro ...)
TODO: check
CVE-2025-6053 (The Zuppler Online Ordering plugin for WordPress is vulnerable to Cros ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-6023 (An open redirect vulnerability has been identified in Grafana OSS that ...)
TODO: check
CVE-2025-5816 (The Plugin Pengiriman WooCommerce Kurir Reguler, Instan, Kargo \u2013 ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-5811 (The Listly: Listicles For WordPress plugin for WordPress is vulnerable ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-5800 (The Testimonial Post type plugin for WordPress is vulnerable to Stored ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-5767 (The Crowdfunding for WooCommerce plugin for WordPress is vulnerable to ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-5754 (The Useful Tab Block \u2013 Responsive & AMP-Compatible plugin for Wor ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-5752 (The Vertical scroll image slideshow gallery plugin for WordPress is vu ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-5346 (Bluebird devices contain a pre-loaded barcode scanner application. Thi ...)
TODO: check
CVE-2025-5345 (Bluebird devices contain a pre-loaded file manager application. This a ...)
@@ -121,17 +121,17 @@ CVE-2025-54066 (DiracX-Web is a web application that provides an interface to in
CVE-2025-54064 (Rucio is a software framework that provides functionality to organize, ...)
TODO: check
CVE-2025-54062 (WeGIA is an open source web manager with a focus on the Portuguese lan ...)
- TODO: check
+ NOT-FOR-US: WeGIA
CVE-2025-54061 (WeGIA is an open source web manager with a focus on the Portuguese lan ...)
- TODO: check
+ NOT-FOR-US: WeGIA
CVE-2025-54060 (WeGIA is an open source web manager with a focus on the Portuguese lan ...)
- TODO: check
+ NOT-FOR-US: WeGIA
CVE-2025-54058 (WeGIA is an open source web manager with a focus on the Portuguese lan ...)
- TODO: check
+ NOT-FOR-US: WeGIA
CVE-2025-53964 (GoldenDict 1.5.0 and 1.5.1 has an exposed dangerous method that allows ...)
TODO: check
CVE-2025-53946 (WeGIA is an open source web manager with a focus on the Portuguese lan ...)
- TODO: check
+ NOT-FOR-US: WeGIA
CVE-2025-53941 (Hollo is a federated single-user microblogging software designed to be ...)
TODO: check
CVE-2025-53928 (MaxKB is an open-source AI assistant for enterprise. Prior to versions ...)
@@ -159,7 +159,7 @@ CVE-2025-51497 (An issue was discovered in AdGuard plugin before 1.11.22 for Saf
CVE-2025-50240 (nbcio-boot v1.0.3 was discovered to contain a SQL injection vulnerabil ...)
TODO: check
CVE-2025-4657 (A buffer overflow vulnerability was reported in the Lenovo Protection ...)
- TODO: check
+ NOT-FOR-US: Lenovo
CVE-2025-47189 (Netwrix Directory Manager through 2025-05-01 allows XSS.)
TODO: check
CVE-2025-46102 (Cross Site Scripting vulnerability in Beakon Software Beakon Learning ...)
@@ -167,19 +167,19 @@ CVE-2025-46102 (Cross Site Scripting vulnerability in Beakon Software Beakon Lea
CVE-2025-3753 (A code execution vulnerability has been identified in the Robot Operat ...)
TODO: check
CVE-2025-3740 (The School Management System for Wordpress plugin for WordPress is vul ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-38349 (In the Linux kernel, the following vulnerability has been resolved: e ...)
TODO: check
CVE-2025-2818 (A vulnerability was reported in version 1.0 of the Bluetooth Transmiss ...)
- TODO: check
+ NOT-FOR-US: Lenovo
CVE-2025-29572
REJECTED
CVE-2025-26855 (A SQL injection in Articles Calendar extension 1.0.0 - 1.0.1.0007 for ...)
- TODO: check
+ NOT-FOR-US: Joomla
CVE-2025-26854 (A SQL injection in Articles Good Search extension 1.0.0 - 1.2.4.0011 f ...)
- TODO: check
+ NOT-FOR-US: Joomla
CVE-2025-25257 (An improper neutralization of special elements used in an SQL command ...)
- TODO: check
+ NOT-FOR-US: Fortinet
CVE-2025-23270 (NVIDIA Jetson Linux contains a vulnerability in UEFI Management mode, ...)
TODO: check
CVE-2025-23269 (NVIDIA Jetson Linux contains a vulnerability in the kernel where an at ...)
@@ -189,13 +189,13 @@ CVE-2025-23266 (NVIDIA Container Toolkit for all platforms contains a vulnerabil
CVE-2025-23263 (NVIDIA DOCA-Host and Mellanox OFED contain a vulnerability in the VGT+ ...)
TODO: check
CVE-2025-1729 (A DLL hijacking vulnerability was reported in TrackPoint Quick Menu so ...)
- TODO: check
+ NOT-FOR-US: Lenovo
CVE-2025-1700 (A DLL hijacking vulnerability was reported in the Motorola Software Fi ...)
- TODO: check
+ NOT-FOR-US: Lenovo
CVE-2025-0886 (An incorrect permissions vulnerability was reported in Elliptic Labs V ...)
- TODO: check
+ NOT-FOR-US: Lenovo
CVE-2024-42209 (HCL Connections is vulnerable to an information disclosure vulnerabili ...)
- TODO: check
+ NOT-FOR-US: HCL
CVE-2024-41921 (A code injection vulnerability has been discovered in the Robot Operat ...)
TODO: check
CVE-2024-41148 (A code injection vulnerability has been discovered in the Robot Operat ...)
@@ -207,9 +207,9 @@ CVE-2024-39289 (A code execution vulnerability has been discovered in the Robot
CVE-2024-32323 (SQL Injection vulnerability in cnhcit.com Haichang OA v.1.0.0 allows a ...)
TODO: check
CVE-2024-32124 (An improper access control vulnerability [CWE-284] in FortiIsolator ve ...)
- TODO: check
+ NOT-FOR-US: Fortinet
CVE-2024-27779 (An insufficient session expiration vulnerability [CWE-613] in FortiSan ...)
- TODO: check
+ NOT-FOR-US: Fortinet
CVE-2024-13972 (A vulnerability related to registry permissions in the Intercept X for ...)
TODO: check
CVE-2023-47356 (Mingyu Security Gateway before v3.0-5.3p was discovered to contain a r ...)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/560eb7b0ef72c6e842f088aa1fb1eb1af383e6d6
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/560eb7b0ef72c6e842f088aa1fb1eb1af383e6d6
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20250718/18e39e5d/attachment-0001.htm>
More information about the debian-security-tracker-commits
mailing list