[Git][security-tracker-team/security-tracker][master] NFUs
Moritz Muehlenhoff (@jmm)
jmm at debian.org
Sun Jun 22 09:25:20 BST 2025
Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker
Commits:
19d7f828 by Moritz Muehlenhoff at 2025-06-22T10:25:01+02:00
NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -5,7 +5,7 @@ CVE-2025-6468 (A vulnerability was found in code-projects Online Bidding System
CVE-2025-6467 (A vulnerability was found in code-projects Online Bidding System 1.0. ...)
NOT-FOR-US: code-projects
CVE-2025-6466 (A vulnerability was found in ageerle ruoyi-ai 2.0.0 and classified as ...)
- TODO: check
+ NOT-FOR-US: ruoyi-ai
CVE-2025-6458 (A vulnerability has been found in code-projects Online Hotel Reservati ...)
NOT-FOR-US: code-projects
CVE-2025-6457 (A vulnerability, which was classified as critical, was found in code-p ...)
@@ -15,7 +15,7 @@ CVE-2025-6456 (A vulnerability, which was classified as critical, has been found
CVE-2025-6455 (A vulnerability classified as critical was found in code-projects Onli ...)
NOT-FOR-US: code-projects
CVE-2025-6453 (A vulnerability classified as critical has been found in diyhi bbs 6.8 ...)
- TODO: check
+ NOT-FOR-US: ageerle ruoyi-aibbs
CVE-2025-6452 (A vulnerability was found in CodeAstro Patient Record Management Syste ...)
NOT-FOR-US: CodeAstro
CVE-2025-6451 (A vulnerability was found in code-projects Simple Online Hotel Reserva ...)
@@ -41,15 +41,15 @@ CVE-2025-6419 (A vulnerability was found in code-projects Simple Online Hotel Re
CVE-2025-6418 (A vulnerability was found in code-projects Simple Online Hotel Reserva ...)
NOT-FOR-US: code-projects
CVE-2025-52923 (Sangfor aTrust through 2.4.10 allows users to modify the ExecStartPre ...)
- TODO: check
+ NOT-FOR-US: Sangfor aTrust
CVE-2025-52919 (In Yealink YMCS RPS before 2025-05-26, the certificate upload function ...)
- TODO: check
+ NOT-FOR-US: Yealink YMCS RPS
CVE-2025-52918 (Yealink YMCS before 2025-05-26 does not prevent OpenAPI access by froz ...)
- TODO: check
+ NOT-FOR-US: Yealink YMCS RPS
CVE-2025-52917 (The Yealink YMCS RPS API before 2025-05-26 lacks rate limiting, potent ...)
- TODO: check
+ NOT-FOR-US: Yealink YMCS RPS
CVE-2025-52916 (Yealink YMCS RPS before 2025-06-04 lacks SN verification attempt limit ...)
- TODO: check
+ NOT-FOR-US: Yealink YMCS RPS
CVE-2025-1987 (A Cross-Site Scripting (XSS)vulnerability has been identified in Psono ...)
NOT-FOR-US: Bitdefender
CVE-2025-6417 (A vulnerability has been found in PHPGurukul Art Gallery Management Sy ...)
@@ -83,7 +83,7 @@ CVE-2025-6404 (A vulnerability classified as critical has been found in Campcode
CVE-2025-6403 (A vulnerability was found in code-projects School Fees Payment System ...)
NOT-FOR-US: code-projects
CVE-2025-6402 (A vulnerability was found in TOTOLINK X15 1.0.0-B20230714.1105. It has ...)
- TODO: check
+ NOT-FOR-US: TOTOLINK
CVE-2025-5289 (The 3D FlipBook \u2013 PDF Embedder, PDF Flipbook Viewer, Flipbook Ima ...)
NOT-FOR-US: WordPress plugin
CVE-2025-3629 (IBM InfoSphere Information Server 11.7.0.0 through 11.7.1.6 could al ...)
@@ -123,7 +123,7 @@ CVE-2025-6368 (A vulnerability was found in D-Link DIR-619L 2.06B01. It has been
CVE-2025-6367 (A vulnerability was found in D-Link DIR-619L 2.06B01. It has been decl ...)
NOT-FOR-US: D-Link
CVE-2025-6365 (A vulnerability was found in HobbesOSR Kitten up to c4f8b7c3158983d102 ...)
- TODO: check
+ NOT-FOR-US: HobbesOSR Kitten
CVE-2025-6364 (A vulnerability has been found in code-projects Simple Pizza Ordering ...)
NOT-FOR-US: code-projects
CVE-2025-6218 (RARLAB WinRAR Directory Traversal Remote Code Execution Vulnerability. ...)
@@ -149,9 +149,9 @@ CVE-2025-5143 (The TableOn \u2013 WordPress Posts Table Filterable plugin for Wo
CVE-2025-5034 (The wp-file-download WordPress plugin before 6.2.6 does not sanitise a ...)
NOT-FOR-US: WordPress plugin
CVE-2025-52557 (Mail-0's Zero is an open-source email solution. In version 0.8 it's po ...)
- TODO: check
+ NOT-FOR-US: Mail-0 Zero
CVE-2025-52556 (rfc3161-client is a Python library implementing the Time-Stamp Protoco ...)
- TODO: check
+ NOT-FOR-US: rfc3161-client
CVE-2025-52552 (FastGPT is an AI Agent building platform. Prior to version 4.9.12, the ...)
NOT-FOR-US: FastGPT
CVE-2025-52488 (DNN (formerly DotNetNuke) is an open-source web content management pla ...)
@@ -237,7 +237,7 @@ CVE-2025-6320 (A vulnerability, which was classified as critical, was found in P
CVE-2025-6257 (The Euro FxRef Currency Converter plugin for WordPress is vulnerable t ...)
NOT-FOR-US: WordPress plugin
CVE-2025-6193 (A command injection vulnerability was discovered in the TrustyAI Expla ...)
- TODO: check
+ NOT-FOR-US: TrustyAI
CVE-2025-5963 (The Postbox's configuration on macOS, specifically the presence of ent ...)
NOT-FOR-US: Postbox
CVE-2025-5255 (The Phoenix Code's configuration on macOS, specifically the presence o ...)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/19d7f828643e4e46cfd0c5364bb163d8352b078d
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/19d7f828643e4e46cfd0c5364bb163d8352b078d
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20250622/9df8b309/attachment-0001.htm>
More information about the debian-security-tracker-commits
mailing list