[Git][security-tracker-team/security-tracker][master] automatic NOT-FOR-US entries update

Salvatore Bonaccorso (@carnil) carnil at debian.org
Tue May 6 09:13:39 BST 2025 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
90428957 by security tracker role at 2025-05-06T08:13:32+00:00
automatic NOT-FOR-US entries update

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,13 +1,13 @@
 CVE-2025-4340 (A vulnerability classified as critical has been found in D-Link DIR-89 ...)
-	TODO: check
+	NOT-FOR-US: D-Link
 CVE-2025-4337 (The AHAthat Plugin plugin for WordPress is vulnerable to Cross-Site Re ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2025-4333 (A vulnerability was found in feng_ha_ha/megagao ssm-erp and production ...)
 	TODO: check
 CVE-2025-4332 (A vulnerability was found in PHPGurukul Company Visitor Management Sys ...)
-	TODO: check
+	NOT-FOR-US: PHPGurukul
 CVE-2025-4331 (A vulnerability classified as critical was found in SourceCodester Onl ...)
-	TODO: check
+	NOT-FOR-US: SourceCodester
 CVE-2025-4329 (A vulnerability was found in 74CMS up to 3.33.0. It has been rated as  ...)
 	TODO: check
 CVE-2025-4328 (A vulnerability was found in fp2952 spring-cloud-base up to 7f050dc6db ...)
@@ -23,39 +23,39 @@ CVE-2025-4324 (A vulnerability, which was classified as problematic, was found i
 CVE-2025-4323 (A vulnerability, which was classified as problematic, has been found i ...)
 	TODO: check
 CVE-2025-4314 (A vulnerability has been found in SourceCodester Advanced Web Store 1. ...)
-	TODO: check
+	NOT-FOR-US: SourceCodester
 CVE-2025-4313 (A vulnerability, which was classified as critical, was found in Source ...)
-	TODO: check
+	NOT-FOR-US: SourceCodester
 CVE-2025-4312 (A vulnerability, which was classified as critical, has been found in S ...)
-	TODO: check
+	NOT-FOR-US: SourceCodester
 CVE-2025-4311 (A vulnerability classified as critical was found in itsourcecode Conte ...)
-	TODO: check
+	NOT-FOR-US: itsourcecode System
 CVE-2025-4310 (A vulnerability classified as critical has been found in itsourcecode  ...)
-	TODO: check
+	NOT-FOR-US: itsourcecode System
 CVE-2025-4309 (A vulnerability was found in PHPGurukul Art Gallery Management System  ...)
-	TODO: check
+	NOT-FOR-US: PHPGurukul
 CVE-2025-4308 (A vulnerability was found in PHPGurukul Art Gallery Management System  ...)
-	TODO: check
+	NOT-FOR-US: PHPGurukul
 CVE-2025-4307 (A vulnerability was found in PHPGurukul Art Gallery Management System  ...)
-	TODO: check
+	NOT-FOR-US: PHPGurukul
 CVE-2025-4306 (A vulnerability was found in PHPGurukul Nipah Virus Testing Management ...)
-	TODO: check
+	NOT-FOR-US: PHPGurukul
 CVE-2025-4305 (A vulnerability has been found in kefaming mayi up to 1.3.9 and classi ...)
 	TODO: check
 CVE-2025-4304 (A vulnerability, which was classified as critical, was found in PHPGur ...)
-	TODO: check
+	NOT-FOR-US: PHPGurukul
 CVE-2025-4303 (A vulnerability, which was classified as critical, has been found in P ...)
-	TODO: check
+	NOT-FOR-US: PHPGurukul
 CVE-2025-4301 (A vulnerability classified as critical was found in itsourcecode Conte ...)
-	TODO: check
+	NOT-FOR-US: itsourcecode System
 CVE-2025-4300 (A vulnerability classified as critical has been found in itsourcecode  ...)
-	TODO: check
+	NOT-FOR-US: itsourcecode System
 CVE-2025-4299 (A vulnerability was found in Tenda AC1206 up to 15.03.06.23. It has be ...)
-	TODO: check
+	NOT-FOR-US: Tenda
 CVE-2025-4298 (A vulnerability was found in Tenda AC1206 up to 15.03.06.23. It has be ...)
-	TODO: check
+	NOT-FOR-US: Tenda
 CVE-2025-4297 (A vulnerability was found in PHPGurukul Men Salon Management System 2. ...)
-	TODO: check
+	NOT-FOR-US: PHPGurukul
 CVE-2025-4293 (A vulnerability was found in MRCMS 3.1.3 and classified as problematic ...)
 	TODO: check
 CVE-2025-4292 (A vulnerability has been found in MRCMS 3.1.3 and classified as proble ...)
@@ -63,11 +63,11 @@ CVE-2025-4292 (A vulnerability has been found in MRCMS 3.1.3 and classified as p
 CVE-2025-4291 (A vulnerability, which was classified as critical, was found in IdeaCM ...)
 	TODO: check
 CVE-2025-4290 (A vulnerability, which was classified as critical, has been found in P ...)
-	TODO: check
+	NOT-FOR-US: PCMan FTP Server
 CVE-2025-4289 (A vulnerability classified as critical was found in PCMan FTP Server 2 ...)
-	TODO: check
+	NOT-FOR-US: PCMan FTP Server
 CVE-2025-4288 (A vulnerability classified as critical has been found in PCMan FTP Ser ...)
-	TODO: check
+	NOT-FOR-US: PCMan FTP Server
 CVE-2025-47303
 	REJECTED
 CVE-2025-47302
@@ -87,25 +87,25 @@ CVE-2025-47296
 CVE-2025-46728 (cpp-httplib is a C++ header-only HTTP/HTTPS server and client library. ...)
 	TODO: check
 CVE-2025-46593 (Process residence vulnerability in abnormal scenarios in the print mod ...)
-	TODO: check
+	NOT-FOR-US: Huawei
 CVE-2025-46592 (Null pointer dereference vulnerability in the USB HDI driver module Im ...)
-	TODO: check
+	NOT-FOR-US: Huawei
 CVE-2025-46591 (Out-of-bounds data read vulnerability in the authorization module Impa ...)
-	TODO: check
+	NOT-FOR-US: Huawei
 CVE-2025-46590 (Bypass vulnerability in the network search instruction authentication  ...)
-	TODO: check
+	NOT-FOR-US: Huawei
 CVE-2025-46589 (Vulnerability of unauthorized access in the app lock module Impact: Su ...)
-	TODO: check
+	NOT-FOR-US: Huawei
 CVE-2025-46588 (Vulnerability of unauthorized access in the app lock module Impact: Su ...)
-	TODO: check
+	NOT-FOR-US: Huawei
 CVE-2025-46587 (Permission control vulnerability in the media library module Impact: S ...)
-	TODO: check
+	NOT-FOR-US: Huawei
 CVE-2025-46586 (Permission control vulnerability in the contacts module Impact: Succes ...)
-	TODO: check
+	NOT-FOR-US: Huawei
 CVE-2025-46585 (Out-of-bounds array read/write vulnerability in the kernel module Impa ...)
-	TODO: check
+	NOT-FOR-US: Huawei
 CVE-2025-46584 (Vulnerability of improper authentication logic implementation in the f ...)
-	TODO: check
+	NOT-FOR-US: Huawei
 CVE-2025-44074 (SeaCMS v13.3 was discovered to contain a SQL injection vulnerability v ...)
 	TODO: check
 CVE-2025-44072 (SeaCMS v13.3 was discovered to contain a SQL injection vulnerability v ...)
@@ -113,25 +113,25 @@ CVE-2025-44072 (SeaCMS v13.3 was discovered to contain a SQL injection vulnerabi
 CVE-2025-44071 (SeaCMS v13.3 was discovered to contain a remote code execution (RCE) v ...)
 	TODO: check
 CVE-2025-3610 (The Reales WP STPT plugin for WordPress is vulnerable to privilege esc ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2025-3609 (The Reales WP STPT plugin for WordPress is vulnerable to unauthorized  ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2025-3281 (The User Registration & Membership \u2013 Custom Registration Form, Lo ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2025-3020 (An low privileged remote Attacker can execute arbitrary web scripts or ...)
 	TODO: check
 CVE-2025-2802 (The LayoutBoxx plugin for WordPress is vulnerable to arbitrary shortco ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2025-2509 (Out-of-Bounds Read in Virglrenderer in ChromeOS  16093.57.0 allows a m ...)
-	TODO: check
+	NOT-FOR-US: ChromeOS
 CVE-2025-1493 (IBM Db2 for Linux, UNIX and Windows (includes DB2 Connect Server) 12.1 ...)
-	TODO: check
+	NOT-FOR-US: IBM
 CVE-2025-1000 (IBM Db2 for Linux, UNIX and Windows (includes DB2 Connect Server) 11.5 ...)
-	TODO: check
+	NOT-FOR-US: IBM
 CVE-2025-0915 (IBM Db2 for Linux, UNIX and Windows (includes DB2 Connect Server) 11.5 ...)
-	TODO: check
+	NOT-FOR-US: IBM
 CVE-2024-58252 (Vulnerability of insufficient information protection in the media libr ...)
-	TODO: check
+	NOT-FOR-US: Huawei
 CVE-2024-39442 (In sprd ssense service, there is a possible missing permission check.  ...)
 	TODO: check
 CVE-2023-46716



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/9042895719e6f8a9bf7fb47be3a806a6010c9492

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/9042895719e6f8a9bf7fb47be3a806a6010c9492
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20250506/b241c3b9/attachment.htm>

More information about the debian-security-tracker-commits mailing list