[Git][security-tracker-team/security-tracker][master] automatic NOT-FOR-US entries update
Salvatore Bonaccorso (@carnil)
carnil at debian.org
Sat Jul 19 09:12:58 BST 2025
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
925ab1bf by security tracker role at 2025-07-19T08:12:52+00:00
automatic NOT-FOR-US entries update
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,15 +1,15 @@
CVE-2025-7814 (A vulnerability classified as critical was found in code-projects Food ...)
- TODO: check
+ NOT-FOR-US: code-projects
CVE-2025-7807 (A vulnerability, which was classified as critical, has been found in T ...)
- TODO: check
+ NOT-FOR-US: Tenda
CVE-2025-7806 (A vulnerability classified as critical was found in Tenda FH451 1.0.0. ...)
- TODO: check
+ NOT-FOR-US: Tenda
CVE-2025-7805 (A vulnerability classified as critical has been found in Tenda FH451 1 ...)
- TODO: check
+ NOT-FOR-US: Tenda
CVE-2025-7803 (A vulnerability was found in descreekert wx-discuz up to 12bd4745c63ec ...)
TODO: check
CVE-2025-7802 (A vulnerability was found in PHPGurukul Complaint Management System 2. ...)
- TODO: check
+ NOT-FOR-US: PHPGurukul
CVE-2025-7801 (A vulnerability has been found in BossSoft CRM 6.0 and classified as c ...)
TODO: check
CVE-2025-7800 (A vulnerability classified as problematic was found in cgpandey hotelm ...)
@@ -19,19 +19,19 @@ CVE-2025-7798 (A vulnerability classified as critical has been found in Beijing
CVE-2025-7797 (A vulnerability was found in GPAC up to 2.4. It has been rated as prob ...)
TODO: check
CVE-2025-7796 (A vulnerability, which was classified as critical, was found in Tenda ...)
- TODO: check
+ NOT-FOR-US: Tenda
CVE-2025-7795 (A vulnerability, which was classified as critical, has been found in T ...)
- TODO: check
+ NOT-FOR-US: Tenda
CVE-2025-7794 (A vulnerability classified as critical was found in Tenda FH451 1.0.0. ...)
- TODO: check
+ NOT-FOR-US: Tenda
CVE-2025-7793 (A vulnerability classified as critical has been found in Tenda FH451 1 ...)
- TODO: check
+ NOT-FOR-US: Tenda
CVE-2025-7792 (A vulnerability was found in Tenda FH451 1.0.0.9. It has been rated as ...)
- TODO: check
+ NOT-FOR-US: Tenda
CVE-2025-7791 (A vulnerability was found in PHPGurukul Online Security Guards Hiring ...)
- TODO: check
+ NOT-FOR-US: PHPGurukul
CVE-2025-7790 (A vulnerability was found in D-Link DI-8100 16.07.26A1. It has been cl ...)
- TODO: check
+ NOT-FOR-US: D-Link
CVE-2025-7789 (A vulnerability was found in Xuxueli xxl-job up to 3.1.1 and classifie ...)
TODO: check
CVE-2025-7788 (A vulnerability has been found in Xuxueli xxl-job up to 3.1.1 and clas ...)
@@ -47,21 +47,21 @@ CVE-2025-7784 (A flaw was found in the Keycloak identity and access management s
CVE-2025-7783 (Use of Insufficiently Random Values vulnerability in form-data allows ...)
TODO: check
CVE-2025-7697 (The Integration for Google Sheets and Contact Form 7, WPForms, Element ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-7696 (The Integration for Pipedrive and Contact Form 7, WPForms, Elementor, ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-7669 (The Avishi WP PayPal Payment Button plugin for WordPress is vulnerable ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-7661 (The Partnersk\xfd syst\xe9m Martinus plugin for WordPress is vulnerabl ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-7658 (The Temporarily Hidden Content plugin for WordPress is vulnerable to S ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-7655 (The Live Stream Badger plugin for WordPress is vulnerable to Stored Cr ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-7653 (The EPay.bg Payments plugin for WordPress is vulnerable to Stored Cros ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-7444 (The LoginPress Pro plugin for WordPress is vulnerable to authenticatio ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-7396 (In wolfSSL release 5.8.2 blinding support is turned on by default for ...)
TODO: check
CVE-2025-7395 (A certificate verification error in wolfSSL when building with the WOL ...)
@@ -69,9 +69,9 @@ CVE-2025-7395 (A certificate verification error in wolfSSL when building with th
CVE-2025-7394 (In the OpenSSL compatibility layer implementation, the function RAND_p ...)
TODO: check
CVE-2025-6721 (The Vchasno Kasa plugin for WordPress is vulnerable to unauthorized ac ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-6720 (The Vchasno Kasa plugin for WordPress is vulnerable to unauthorized lo ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-6233 (Mattermost versions 10.8.x <= 10.8.1, 10.7.x <= 10.7.3, 10.5.x <= 10.5 ...)
TODO: check
CVE-2025-6227 (Mattermost versions 10.5.x <= 10.5.7, 9.11.x <= 9.11.16 fail to negoti ...)
@@ -81,13 +81,13 @@ CVE-2025-6226 (Mattermost versions 10.5.x <= 10.5.6, 10.8.x <= 10.8.1, 10.7.x <=
CVE-2025-54309 (CrushFTP 10 before 10.8.5 and 11 before 11.3.4_23, when the DMZ proxy ...)
TODO: check
CVE-2025-54079 (WeGIA is an open source web manager with a focus on the Portuguese lan ...)
- TODO: check
+ NOT-FOR-US: WeGIA
CVE-2025-54078 (WeGIA is an open source web manager with a focus on the Portuguese lan ...)
- TODO: check
+ NOT-FOR-US: WeGIA
CVE-2025-54077 (WeGIA is an open source web manager with a focus on the Portuguese lan ...)
- TODO: check
+ NOT-FOR-US: WeGIA
CVE-2025-54076 (WeGIA is an open source web manager with a focus on the Portuguese lan ...)
- TODO: check
+ NOT-FOR-US: WeGIA
CVE-2025-54075 (MDC is a tool to take regular Markdown and write documents interacting ...)
TODO: check
CVE-2025-54073 (mcp-package-docs is an MCP (Model Context Protocol) server that provid ...)
@@ -131,27 +131,27 @@ CVE-2025-50582 (StudentManage v1.0 was discovered to contain a cross-site script
CVE-2025-50581 (MRCMS v3.1.2 was discovered to contain a cross-site scripting (XSS) vu ...)
TODO: check
CVE-2025-50126 (A stored XSS vulnerability in the RSBlog! component 1.11.6-1.14.5 Joom ...)
- TODO: check
+ NOT-FOR-US: Joomla
CVE-2025-50058 (A stored XSS vulnerability in the RSDirectory! component 1.0.0-2.2.8 J ...)
- TODO: check
+ NOT-FOR-US: Joomla
CVE-2025-50057 (A DOS vulnerability in RSFiles! component 1.16.3-1.17.7 Joomla was dis ...)
- TODO: check
+ NOT-FOR-US: Joomla
CVE-2025-50056 (A reflected XSS vulnerability in RSMail! component 1.19.20 - 1.22.26 2 ...)
- TODO: check
+ NOT-FOR-US: Joomla
CVE-2025-49747 (Missing authorization in Azure Machine Learning allows an authorized a ...)
TODO: check
CVE-2025-49746 (Improper authorization in Azure Machine Learning allows an authorized ...)
TODO: check
CVE-2025-49486 (A stored XSS vulnerability in the Balbooa Gallery plugin 1.0.0-2.4.0 f ...)
- TODO: check
+ NOT-FOR-US: Joomla
CVE-2025-49485 (A SQL injection vulnerability in the Balbooa Forms plugin 1.0.0-2.3.1. ...)
- TODO: check
+ NOT-FOR-US: Joomla
CVE-2025-49484 (A SQL injection vulnerability in the JS Jobs plugin versions 1.0.0-1.4 ...)
- TODO: check
+ NOT-FOR-US: Joomla
CVE-2025-47995 (Weak authentication in Azure Machine Learning allows an authorized att ...)
TODO: check
CVE-2025-47158 (Authentication bypass by assumed-immutable data in Azure DevOps allows ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2025-46732 (OpenCTI is an open source platform for managing cyber threat intellige ...)
TODO: check
CVE-2025-46002 (An issue in Filemanager v2.5.0 and below allows attackers to execute a ...)
@@ -165,7 +165,7 @@ CVE-2025-45157 (Insecure permissions in Splashin iOS v2.0 allow unauthorized att
CVE-2025-45156 (Splashin iOS v2.0 fails to enforce server-side interval restrictions f ...)
TODO: check
CVE-2025-33014 (IBM Sterling B2B Integrator and IBM Sterling File Gateway 6.0.0.0 thro ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2025-2425 (Time-of-check to time-of-use race condition vulnerability potentially ...)
TODO: check
CVE-2025-29757 (An incorrect authorisation check in the the'plant transfer' function o ...)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/925ab1bfe97181592eb038c78cc5f703f8e9ea2f
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/925ab1bfe97181592eb038c78cc5f703f8e9ea2f
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20250719/24c23f5e/attachment-0001.htm>
More information about the debian-security-tracker-commits
mailing list