[Git][security-tracker-team/security-tracker][master] automatic NOT-FOR-US entries update
Salvatore Bonaccorso (@carnil)
carnil at debian.org
Mon Jun 9 21:13:31 BST 2025
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
ed4cf481 by security tracker role at 2025-06-09T20:13:25+00:00
automatic NOT-FOR-US entries update
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -29,7 +29,7 @@ CVE-2025-5885 (A vulnerability has been found in Konica Minolta bizhub up to 202
CVE-2025-5884 (A vulnerability, which was classified as problematic, was found in Kon ...)
TODO: check
CVE-2025-5881 (A vulnerability was found in code-projects Chat System up to 1.0 and c ...)
- TODO: check
+ NOT-FOR-US: code-projects
CVE-2025-5880 (A vulnerability has been found in Whistle 2.9.98 and classified as pro ...)
TODO: check
CVE-2025-5879 (A vulnerability, which was classified as problematic, was found in WuK ...)
@@ -39,7 +39,7 @@ CVE-2025-5877 (A vulnerability, which was classified as problematic, has been fo
CVE-2025-5876 (A vulnerability classified as problematic was found in Lucky LM-520-SC ...)
TODO: check
CVE-2025-5875 (A vulnerability classified as critical has been found in TP-Link TL-IP ...)
- TODO: check
+ NOT-FOR-US: TP-Link
CVE-2025-5874 (A vulnerability was found in Redash up to 10.1.0/25.1.0. It has been r ...)
TODO: check
CVE-2025-5873 (A vulnerability was found in eCharge Hardy Barth Salia PLCC 2.2.0. It ...)
@@ -49,7 +49,7 @@ CVE-2025-5872 (A vulnerability was found in eGauge EG3000 Energy Monitor 3.6.3.
CVE-2025-5871 (A vulnerability was found in Papendorf SOL Connect Center 3.3.0.0 and ...)
TODO: check
CVE-2025-5870 (A vulnerability has been found in TRENDnet TV-IP121W 1.1.1 Build 36 an ...)
- TODO: check
+ NOT-FOR-US: TRENDnet
CVE-2025-5869 (A vulnerability, which was classified as critical, was found in RT-Thr ...)
TODO: check
CVE-2025-5868 (A vulnerability, which was classified as critical, has been found in R ...)
@@ -99,15 +99,15 @@ CVE-2025-48877 (Discourse is an open-source discussion platform. Prior to versio
CVE-2025-48281 (Improper Neutralization of Special Elements used in an SQL Command ('S ...)
TODO: check
CVE-2025-48279 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-48267 (Improper Limitation of a Pathname to a Restricted Directory ('Path Tra ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-48261 (Insertion of Sensitive Information Into Sent Data vulnerability in Mul ...)
TODO: check
CVE-2025-48147 (Missing Authorization vulnerability in Crypto Cloud CryptoCloud - Cryp ...)
TODO: check
CVE-2025-48143 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-48141 (Improper Neutralization of Special Elements used in an SQL Command ('S ...)
TODO: check
CVE-2025-48140 (Improper Control of Generation of Code ('Code Injection') vulnerabilit ...)
@@ -141,13 +141,13 @@ CVE-2025-47598 (Improper Neutralization of Input During Web Page Generation ('Cr
CVE-2025-47561 (Incorrect Privilege Assignment vulnerability in RomanCode MapSVG allow ...)
TODO: check
CVE-2025-47527 (Missing Authorization vulnerability in Icegram Icegram Collect \u2013 ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-47511 (Improper Limitation of a Pathname to a Restricted Directory ('Path Tra ...)
TODO: check
CVE-2025-47487 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
TODO: check
CVE-2025-47477 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-47463 (Missing Authorization vulnerability in Fahad Mahmood Stock Locations f ...)
TODO: check
CVE-2025-46178 (Cross-Site Scripting (XSS) vulnerability exists in askquery.php via th ...)
@@ -161,9 +161,9 @@ CVE-2025-45002 (Vigybag v1.0 and before is vulnerable to Cross Site Scripting (X
CVE-2025-45001 (react-native-keys 0.7.11 is vulnerable to sensitive information disclo ...)
TODO: check
CVE-2025-41444 (Zohocorp ManageEngine ADAudit Plus versions 8510 and prior are vulnera ...)
- TODO: check
+ NOT-FOR-US: Zoho
CVE-2025-41437 (Zohocorp ManageEngineOpManager,NetFlow Analyzer,Network Configuration ...)
- TODO: check
+ NOT-FOR-US: Zoho
CVE-2025-40675 (A Reflected Cross-Site Scripting (XSS) vulnerability has been found in ...)
TODO: check
CVE-2025-40670 (Incorrect authorization vulnerability in TCMAN's GIM v11. This vulnera ...)
@@ -173,77 +173,77 @@ CVE-2025-40669 (Incorrect authorization vulnerability in TCMAN's GIM v11. This v
CVE-2025-40668 (Incorrect authorization vulnerability in TCMAN's GIM v11. This vulnera ...)
TODO: check
CVE-2025-3835 (Zohocorp ManageEngineExchange Reporter Plus versions5721 and prior are ...)
- TODO: check
+ NOT-FOR-US: Zoho
CVE-2025-39539 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
TODO: check
CVE-2025-39476 (Improper Control of Filename for Include/Require Statement in PHP Prog ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-39475 (Path Traversal vulnerability in Frenify Arlo allows PHP Local File Inc ...)
TODO: check
CVE-2025-39473 (Improper Limitation of a Pathname to a Restricted Directory ('Path Tra ...)
TODO: check
CVE-2025-36528 (Zohocorp ManageEngine ADAudit Plus versions 8510 and prior are vulnera ...)
- TODO: check
+ NOT-FOR-US: Zoho
CVE-2025-32595 (Improper Control of Filename for Include/Require Statement in PHP Prog ...)
TODO: check
CVE-2025-32308 (Missing Authorization vulnerability in looks_awesome Team Builder allo ...)
TODO: check
CVE-2025-32305 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-32291 (Unrestricted Upload of File with Dangerous Type vulnerability in Fanta ...)
TODO: check
CVE-2025-31925 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-31920 (Improper Neutralization of Special Elements used in an SQL Command ('S ...)
TODO: check
CVE-2025-31917 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-31638 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
TODO: check
CVE-2025-31635 (Improper Limitation of a Pathname to a Restricted Directory ('Path Tra ...)
TODO: check
CVE-2025-31429 (Deserialization of Untrusted Data vulnerability in themeton PressGrid ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-31426 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-31424 (Improper Neutralization of Special Elements used in an SQL Command ('S ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-31398 (Deserialization of Untrusted Data vulnerability in themeton PIMP - Cre ...)
TODO: check
CVE-2025-31396 (Deserialization of Untrusted Data vulnerability in themeton FLAP - Bus ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-31061 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-31059 (Improper Neutralization of Special Elements used in an SQL Command ('S ...)
TODO: check
CVE-2025-31058 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-31057 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-31052 (Deserialization of Untrusted Data vulnerability in themeton The Fashio ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-31050 (Improper Limitation of a Pathname to a Restricted Directory ('Path Tra ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-31045 (Exposure of Sensitive System Information to an Unauthorized Control Sp ...)
TODO: check
CVE-2025-31039 (Improper Restriction of XML External Entity Reference vulnerability in ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-31022 (Authentication Bypass Using an Alternate Path or Channel vulnerability ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-31019 (Authentication Bypass Using an Alternate Path or Channel vulnerability ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-29627 (An issue in KeeperChat IOS Application v.5.8.8 allows a physically pro ...)
TODO: check
CVE-2025-28992 (Improper Control of Filename for Include/Require Statement in PHP Prog ...)
TODO: check
CVE-2025-28945 (Improper Control of Filename for Include/Require Statement in PHP Prog ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-28944 (Improper Control of Filename for Include/Require Statement in PHP Prog ...)
TODO: check
CVE-2025-28888 (Improper Control of Filename for Include/Require Statement in PHP Prog ...)
TODO: check
CVE-2025-27709 (Zohocorp ManageEngine ADAudit Plus versions 8510 and prior are vulnera ...)
- TODO: check
+ NOT-FOR-US: Zoho
CVE-2025-27362 (Improper Control of Filename for Include/Require Statement in PHP Prog ...)
TODO: check
CVE-2025-26592 (Improper Control of Filename for Include/Require Statement in PHP Prog ...)
@@ -204972,7 +204972,7 @@ CVE-2023-26001 (Improper Neutralization of Input During Web Page Generation ('Cr
CVE-2023-26000 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
NOT-FOR-US: WordPress plugin
CVE-2023-25999 (Improper Control of Filename for Include/Require Statement in PHP Prog ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2023-25998
RESERVED
CVE-2023-25997 (Missing Authorization vulnerability in SolaPlugins Sola Support Ticket ...)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/ed4cf481aba874284813ab556f2ecb61b1943a84
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/ed4cf481aba874284813ab556f2ecb61b1943a84
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20250609/023999fc/attachment.htm>
More information about the debian-security-tracker-commits
mailing list