[Git][security-tracker-team/security-tracker][master] Process some NFUs
Salvatore Bonaccorso (@carnil)
carnil at debian.org
Fri Jun 20 21:29:05 BST 2025
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
04e000b5 by Salvatore Bonaccorso at 2025-06-20T22:28:42+02:00
Process some NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -41,11 +41,11 @@ CVE-2025-6341 (A vulnerability classified as problematic was found in code-proje
CVE-2025-6340 (A vulnerability classified as problematic has been found in code-proje ...)
NOT-FOR-US: code-projects
CVE-2025-6339 (A vulnerability was found in ponaravindb Hospital Management System 1. ...)
- TODO: check
+ NOT-FOR-US: ponaravindb Hospital Management System
CVE-2025-6337 (A vulnerability was found in TOTOLINK A3002R and A3002RU 3.0.0-B202308 ...)
- TODO: check
+ NOT-FOR-US: TOTOLINK
CVE-2025-6336 (A vulnerability was found in TOTOLINK EX1200T 4.1.2cu.5232_B20210713. ...)
- TODO: check
+ NOT-FOR-US: TOTOLINK
CVE-2025-6335 (A vulnerability was found in DedeCMS up to 5.7.2 and classified as cri ...)
NOT-FOR-US: DedeCMS
CVE-2025-6334 (A vulnerability has been found in D-Link DIR-867 1.0 and classified as ...)
@@ -59,7 +59,7 @@ CVE-2025-6331 (A vulnerability classified as critical was found in PHPGurukul Di
CVE-2025-6330 (A vulnerability classified as critical has been found in PHPGurukul Di ...)
NOT-FOR-US: PHPGurukul
CVE-2025-6329 (A vulnerability was found in ScriptAndTools Real Estate Management Sys ...)
- TODO: check
+ NOT-FOR-US: ScriptAndTools Real Estate Management System
CVE-2025-6328 (A vulnerability was found in D-Link DIR-815 1.01. It has been declared ...)
NOT-FOR-US: D-Link
CVE-2025-6323 (A vulnerability was found in PHPGurukul Pre-School Enrollment System 1 ...)
@@ -75,9 +75,9 @@ CVE-2025-6257 (The Euro FxRef Currency Converter plugin for WordPress is vulnera
CVE-2025-6193 (A command injection vulnerability was discovered in the TrustyAI Expla ...)
TODO: check
CVE-2025-5963 (The Postbox's configuration on macOS, specifically the presence of ent ...)
- TODO: check
+ NOT-FOR-US: Postbox
CVE-2025-5255 (The Phoenix Code's configuration on macOS, specifically the presence o ...)
- TODO: check
+ NOT-FOR-US: Phoenix Code
CVE-2025-5121 (An issue has been discovered in GitLab CE/EE affecting all versions fr ...)
TODO: check
CVE-2025-52825 (Cross-Site Request Forgery (CSRF) vulnerability in Rameez Iqbal Real E ...)
@@ -201,7 +201,7 @@ CVE-2025-50013 (Improper Neutralization of Input During Web Page Generation ('Cr
CVE-2025-50012 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
NOT-FOR-US: WordPress plugin or theme
CVE-2025-50011 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-50010 (Missing Authorization vulnerability in Zapier Zapier for WordPress all ...)
NOT-FOR-US: WordPress plugin or theme
CVE-2025-50009 (Missing Authorization vulnerability in Climax Themes Kata Plus allows ...)
@@ -279,7 +279,7 @@ CVE-2025-49965 (Cross-Site Request Forgery (CSRF) vulnerability in Oganro PixelB
CVE-2025-49964 (Cross-Site Request Forgery (CSRF) vulnerability in indgeek ClipLink al ...)
NOT-FOR-US: WordPress plugin or theme
CVE-2025-49873 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-49132 (Pterodactyl is a free, open-source game server management panel. Prior ...)
TODO: check
CVE-2025-48706 (An issue was discovered in COROS PACE 3 through 3.0808.0. Due to an ou ...)
@@ -287,17 +287,17 @@ CVE-2025-48706 (An issue was discovered in COROS PACE 3 through 3.0808.0. Due to
CVE-2025-48705 (An issue was discovered in COROS PACE 3 through 3.0808.0. Due to a NUL ...)
TODO: check
CVE-2025-48059 (PowSyBl (Power System Blocks) is a framework to build power system ori ...)
- TODO: check
+ NOT-FOR-US: PowSyBl (Power System Blocks)
CVE-2025-46179 (A SQL Injection vulnerability was discovered in the askquery.php file ...)
- TODO: check
+ NOT-FOR-US: CloudClassroom-PHP Project
CVE-2025-46158 (An issue in redoxOS kernel before commit 5d41cd7c allows a local attac ...)
- TODO: check
+ NOT-FOR-US: redoxOS kernel
CVE-2025-45890 (Directory Traversal vulnerability in novel plus before v.5.1.0 allows ...)
TODO: check
CVE-2025-45331 (brplot v420.69.1 contains a Null Pointer Dereference (NPD) vulnerabili ...)
TODO: check
CVE-2025-44635 (There are multiple unauthorized remote command execution vulnerabiliti ...)
- TODO: check
+ NOT-FOR-US: H3C
CVE-2025-44203 (In HotelDruid 3.0.7, an unauthenticated attacker can exploit verbose S ...)
TODO: check
CVE-2025-3319 (IBM Spectrum Protect Server 8.1 through 8.1.26 could allow attacker to ...)
@@ -309,9 +309,9 @@ CVE-2025-3227 (Mattermost versions 10.5.x <= 10.5.5, 9.11.x <= 9.11.15, 10.8.x <
CVE-2025-34030 (An OS command injection vulnerability exists in sar2html version 3.2.2 ...)
TODO: check
CVE-2025-34029 (An OS command injection vulnerability exists in the Edimax EW-7438RPn ...)
- TODO: check
+ NOT-FOR-US: Edimax
CVE-2025-34024 (An OS command injection vulnerability exists in the Edimax EW-7438RPn ...)
- TODO: check
+ NOT-FOR-US: Edimax
CVE-2025-34023 (A path traversal vulnerability exists in the Karel IP1211 IP Phone's w ...)
TODO: check
CVE-2025-34022 (A path traversal vulnerability exists in multiple models of Selea Targ ...)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/04e000b593dc00f3acd4dc672270470fed3685ff
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/04e000b593dc00f3acd4dc672270470fed3685ff
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20250620/9521d848/attachment.htm>
More information about the debian-security-tracker-commits
mailing list