[Git][security-tracker-team/security-tracker][master] automatic NOT-FOR-US entries update
Salvatore Bonaccorso (@carnil)
carnil at debian.org
Tue May 6 21:16:59 BST 2025
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
d60fa0e1 by security tracker role at 2025-05-06T20:16:53+00:00
automatic NOT-FOR-US entries update
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,5 +1,5 @@
CVE-2025-4388 (A reflected cross-site scripting (XSS) vulnerability in the Liferay Po ...)
- TODO: check
+ NOT-FOR-US: Liferay
CVE-2025-4384 (The MQTT add-on of PcVue fails to verify that a remote device\u2019s c ...)
TODO: check
CVE-2025-4374 (A flaw was found in Quay. When an organization acts as a proxy cache, ...)
@@ -7,51 +7,51 @@ CVE-2025-4374 (A flaw was found in Quay. When an organization acts as a proxy ca
CVE-2025-4373 (A flaw was found in GLib, which is vulnerable to an integer overflow i ...)
TODO: check
CVE-2025-4368 (A vulnerability, which was classified as critical, was found in Tenda ...)
- TODO: check
+ NOT-FOR-US: Tenda
CVE-2025-4363 (A vulnerability, which was classified as critical, has been found in i ...)
- TODO: check
+ NOT-FOR-US: itsourcecode System
CVE-2025-4362 (A vulnerability classified as critical was found in itsourcecode Gym M ...)
- TODO: check
+ NOT-FOR-US: itsourcecode System
CVE-2025-4361 (A vulnerability classified as critical has been found in PHPGurukul Co ...)
- TODO: check
+ NOT-FOR-US: PHPGurukul
CVE-2025-4360 (A vulnerability, which was classified as critical, has been found in i ...)
- TODO: check
+ NOT-FOR-US: itsourcecode System
CVE-2025-4359 (A vulnerability classified as critical was found in itsourcecode Gym M ...)
- TODO: check
+ NOT-FOR-US: itsourcecode System
CVE-2025-4358 (A vulnerability classified as critical has been found in PHPGurukul Co ...)
- TODO: check
+ NOT-FOR-US: PHPGurukul
CVE-2025-4357 (A vulnerability was found in Tenda RX3 16.03.13.11_multi. It has been ...)
- TODO: check
+ NOT-FOR-US: Tenda
CVE-2025-4356 (A vulnerability was found in Tenda DAP-1520 1.10B04_BETA02. It has bee ...)
- TODO: check
+ NOT-FOR-US: Tenda
CVE-2025-4355 (A vulnerability was found in Tenda DAP-1520 1.10B04_BETA02. It has bee ...)
- TODO: check
+ NOT-FOR-US: Tenda
CVE-2025-4354 (A vulnerability was found in Tenda DAP-1520 1.10B04_BETA02 and classif ...)
- TODO: check
+ NOT-FOR-US: Tenda
CVE-2025-4353 (A vulnerability, which was classified as critical, was found in Golden ...)
TODO: check
CVE-2025-4352 (A vulnerability, which was classified as critical, has been found in G ...)
TODO: check
CVE-2025-4350 (A vulnerability classified as critical was found in D-Link DIR-600L up ...)
- TODO: check
+ NOT-FOR-US: D-Link
CVE-2025-4349 (A vulnerability classified as critical has been found in D-Link DIR-60 ...)
- TODO: check
+ NOT-FOR-US: D-Link
CVE-2025-4348 (A vulnerability was found in D-Link DIR-600L up to 2.07B01. It has bee ...)
- TODO: check
+ NOT-FOR-US: D-Link
CVE-2025-4347 (A vulnerability was found in D-Link DIR-600L up to 2.07B01. It has bee ...)
- TODO: check
+ NOT-FOR-US: D-Link
CVE-2025-4346 (A vulnerability was found in D-Link DIR-600L up to 2.07B01. It has bee ...)
- TODO: check
+ NOT-FOR-US: D-Link
CVE-2025-4345 (A vulnerability was found in D-Link DIR-600L up to 2.07B01 and classif ...)
- TODO: check
+ NOT-FOR-US: D-Link
CVE-2025-4344 (A vulnerability, which was classified as critical, was found in D-Link ...)
- TODO: check
+ NOT-FOR-US: D-Link
CVE-2025-4343 (A vulnerability has been found in D-Link DIR-600L up to 2.07B01 and cl ...)
- TODO: check
+ NOT-FOR-US: D-Link
CVE-2025-4342 (A vulnerability, which was classified as critical, has been found in D ...)
- TODO: check
+ NOT-FOR-US: D-Link
CVE-2025-4341 (A vulnerability classified as critical was found in D-Link DIR-880L up ...)
- TODO: check
+ NOT-FOR-US: D-Link
CVE-2025-4041 (In Optigo Networks ONS NC600 versions 4.2.1-084 through 4.7.2-330, an ...)
TODO: check
CVE-2025-47417 (Exposure of Sensitive Information to an Unauthorized Actor vulnerabili ...)
@@ -71,21 +71,21 @@ CVE-2025-46736 (Umbraco is a free and open source .NET content management system
CVE-2025-46735 (Terraform WinDNS Provider allows users to manage their Windows DNS ser ...)
TODO: check
CVE-2025-45492 (Netgear EX8000 V1.0.0.126 is vulnerable to Command Injection via the I ...)
- TODO: check
+ NOT-FOR-US: Netgear
CVE-2025-45491 (Linksys E5600 v1.1.0.26 was discovered to contain a command injection ...)
- TODO: check
+ NOT-FOR-US: Linksys
CVE-2025-45490 (Linksys E5600 v1.1.0.26 was discovered to contain a command injection ...)
- TODO: check
+ NOT-FOR-US: Linksys
CVE-2025-45489 (Linksys E5600 v1.1.0.26 was discovered to contain a command injection ...)
- TODO: check
+ NOT-FOR-US: Linksys
CVE-2025-45488 (Linksys E5600 v1.1.0.26 was discovered to contain a command injection ...)
- TODO: check
+ NOT-FOR-US: Linksys
CVE-2025-45487 (Linksys E5600 v1.1.0.26 was discovered to contain a command injection ...)
- TODO: check
+ NOT-FOR-US: Linksys
CVE-2025-45250 (MrDoc v0.95 and before is vulnerable to Server-Side Request Forgery (S ...)
TODO: check
CVE-2025-44900 (In Tenda RX3 V1.0br_V16.03.13.11 in the GetParentControlInfo function ...)
- TODO: check
+ NOT-FOR-US: Tenda
CVE-2025-40625 (Unrestricted file upload in TCMAN's GIM v11. This vulnerability allows ...)
TODO: check
CVE-2025-40624 (SQL injection in TCMAN's GIM v11. This vulnerability allows an unauthe ...)
@@ -99,7 +99,7 @@ CVE-2025-40621 (SQL injection in TCMAN's GIM v11. This vulnerability allows an u
CVE-2025-40620 (SQL injection in TCMAN's GIM v11. This vulnerability allows an unauthe ...)
TODO: check
CVE-2025-3782 (The Cision Block plugin for WordPress is vulnerable to Stored Cross-Si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-37730 (Improper certificate validation in Logstash's TCP output could lead to ...)
TODO: check
CVE-2025-32022 (Finit provides fast init for Linux systems. Finit's urandom plugin has ...)
@@ -107,107 +107,107 @@ CVE-2025-32022 (Finit provides fast init for Linux systems. Finit's urandom plug
CVE-2025-30165 (vLLM is an inference and serving engine for large language models. In ...)
TODO: check
CVE-2025-2898 (IBM Maximo Application Suite 9.0 could allow an attacker with some lev ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2025-2011 (The Slider & Popup Builder by Depicter plugin for WordPress is vulnera ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-27248 (in OpenHarmony v5.0.3 and prior versions allow a local attacker case D ...)
- TODO: check
+ NOT-FOR-US: OpenHarmony
CVE-2025-27241 (in OpenHarmony v5.0.3 and prior versions allow a local attacker case D ...)
- TODO: check
+ NOT-FOR-US: OpenHarmony
CVE-2025-27132 (in OpenHarmony v5.0.3 and prior versions allow a local attacker arbitr ...)
- TODO: check
+ NOT-FOR-US: OpenHarmony
CVE-2025-26262 (An issue in the component /internals/functions of R-fx Networks Linux ...)
TODO: check
CVE-2025-25218 (in OpenHarmony v5.0.3 and prior versions allow a local attacker case D ...)
- TODO: check
+ NOT-FOR-US: OpenHarmony
CVE-2025-25052 (in OpenHarmony v5.0.3 and prior versions allow a local attacker cause ...)
- TODO: check
+ NOT-FOR-US: OpenHarmony
CVE-2025-25014 (A Prototype pollution vulnerability in Kibana leads to arbitrary code ...)
TODO: check
CVE-2025-23379 (Dell Storage Center - Dell Storage Manager, version(s) 21.0.20, contai ...)
- TODO: check
+ NOT-FOR-US: Dell / EMC
CVE-2025-22886 (in OpenHarmony v5.0.3 and prior versions allow a local attacker case D ...)
- TODO: check
+ NOT-FOR-US: OpenHarmony
CVE-2025-22479 (Dell Storage Center - Dell Storage Manager, version(s) 20.0.21, contai ...)
- TODO: check
+ NOT-FOR-US: Dell / EMC
CVE-2025-22478 (Dell Storage Center - Dell Storage Manager, version(s) 20.1.20, contai ...)
- TODO: check
+ NOT-FOR-US: Dell / EMC
CVE-2025-22477 (Dell Storage Center - Dell Storage Manager, version(s) 20.1.20, contai ...)
- TODO: check
+ NOT-FOR-US: Dell / EMC
CVE-2025-22476 (Dell Storage Center - Dell Storage Manager, version(s) 20.1.20, contai ...)
- TODO: check
+ NOT-FOR-US: Dell / EMC
CVE-2025-21475 (Memory corruption while processing escape code, when DisplayId is pass ...)
- TODO: check
+ NOT-FOR-US: Qualcomm
CVE-2025-21470 (Memory corruption while processing image encoding, when configuration ...)
- TODO: check
+ NOT-FOR-US: Qualcomm
CVE-2025-21469 (Memory corruption while processing image encoding, when input buffer l ...)
- TODO: check
+ NOT-FOR-US: Qualcomm
CVE-2025-21468 (Memory corruption while reading response from FW, when buffer size is ...)
- TODO: check
+ NOT-FOR-US: Qualcomm
CVE-2025-21467 (Memory corruption while reading the FW response from the shared queue.)
- TODO: check
+ NOT-FOR-US: Qualcomm
CVE-2025-21462 (Memory corruption while processing an IOCTL request, when buffer signi ...)
- TODO: check
+ NOT-FOR-US: Qualcomm
CVE-2025-21460 (Memory corruption while processing a message, when the buffer is contr ...)
- TODO: check
+ NOT-FOR-US: Qualcomm
CVE-2025-21459 (Transient DOS while parsing per STA profile in ML IE.)
- TODO: check
+ NOT-FOR-US: Qualcomm
CVE-2025-21453 (Memory corruption while processing a data structure, when an iterator ...)
- TODO: check
+ NOT-FOR-US: Qualcomm
CVE-2025-0984 (Unrestricted Upload of File with Dangerous Type, Improper Neutralizati ...)
TODO: check
CVE-2024-49847 (Transient DOS while processing of a registration acceptance OTA due to ...)
- TODO: check
+ NOT-FOR-US: Qualcomm
CVE-2024-49846 (Memory corruption while decoding of OTA messages from T3448 IE.)
- TODO: check
+ NOT-FOR-US: Qualcomm
CVE-2024-49845 (Memory corruption during the FRS UDS generation process.)
- TODO: check
+ NOT-FOR-US: Qualcomm
CVE-2024-49844 (Memory corruption while triggering commands in the PlayReady Trusted a ...)
- TODO: check
+ NOT-FOR-US: Qualcomm
CVE-2024-49842 (Memory corruption during memory mapping into protected VM address spac ...)
- TODO: check
+ NOT-FOR-US: Qualcomm
CVE-2024-49841 (Memory corruption during memory assignment to headless peripheral VM d ...)
- TODO: check
+ NOT-FOR-US: Qualcomm
CVE-2024-49835 (Memory corruption while reading secure file.)
- TODO: check
+ NOT-FOR-US: Qualcomm
CVE-2024-49830 (Memory corruption while processing an IOCTL call to set mixer controls ...)
- TODO: check
+ NOT-FOR-US: Qualcomm
CVE-2024-49829 (Memory corruption can occur during context user dumps due to inadequat ...)
- TODO: check
+ NOT-FOR-US: Qualcomm
CVE-2024-45583 (Memory corruption while handling multiple IOCTL calls from userspace t ...)
- TODO: check
+ NOT-FOR-US: Qualcomm
CVE-2024-45581 (Memory corruption while sound model registration for voice activation ...)
- TODO: check
+ NOT-FOR-US: Qualcomm
CVE-2024-45579 (Memory corruption may occur when invoking IOCTL calls from userspace t ...)
- TODO: check
+ NOT-FOR-US: Qualcomm
CVE-2024-45578 (Memory corruption while acquire and update IOCTLs during IFE output re ...)
- TODO: check
+ NOT-FOR-US: Qualcomm
CVE-2024-45577 (Memory corruption while invoking IOCTL calls from userspace to camera ...)
- TODO: check
+ NOT-FOR-US: Qualcomm
CVE-2024-45576 (Memory corruption while prociesing command buffer buffer in OPE module ...)
- TODO: check
+ NOT-FOR-US: Qualcomm
CVE-2024-45575 (Memory corruption Camera kernel when large number of devices are attac ...)
- TODO: check
+ NOT-FOR-US: Qualcomm
CVE-2024-45574 (Memory corruption during array access in Camera kernel due to invalid ...)
- TODO: check
+ NOT-FOR-US: Qualcomm
CVE-2024-45570 (Memory corruption may occur during IO configuration processing when th ...)
- TODO: check
+ NOT-FOR-US: Qualcomm
CVE-2024-45568 (Memory corruption due to improper bounds check while command handling ...)
- TODO: check
+ NOT-FOR-US: Qualcomm
CVE-2024-45567 (Memory corruption while encoding JPEG format.)
- TODO: check
+ NOT-FOR-US: Qualcomm
CVE-2024-45566 (Memory corruption during concurrent buffer access due to modification ...)
- TODO: check
+ NOT-FOR-US: Qualcomm
CVE-2024-45565 (Memory corruption when blob structure is modified by user-space after ...)
- TODO: check
+ NOT-FOR-US: Qualcomm
CVE-2024-45564 (Memory corruption during concurrent access to server info object due t ...)
- TODO: check
+ NOT-FOR-US: Qualcomm
CVE-2024-45563 (Memory corruption while handling schedule request in Camera Request Ma ...)
- TODO: check
+ NOT-FOR-US: Qualcomm
CVE-2024-45562 (Memory corruption during concurrent access to server info object due t ...)
- TODO: check
+ NOT-FOR-US: Qualcomm
CVE-2024-45554 (Memory corruption during concurrent SSR execution due to race conditio ...)
- TODO: check
+ NOT-FOR-US: Qualcomm
CVE-2023-33770 (Real Estate Management System v1.0 was discovered to contain a SQL inj ...)
TODO: check
CVE-2025-22873
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/d60fa0e10f479008d8e078a097cf40ecf4f4a74b
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/d60fa0e10f479008d8e078a097cf40ecf4f4a74b
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20250506/de363ba8/attachment.htm>
More information about the debian-security-tracker-commits
mailing list