[Git][security-tracker-team/security-tracker][master] automatic NOT-FOR-US entries update
Salvatore Bonaccorso (@carnil)
carnil at debian.org
Fri May 9 21:13:26 BST 2025
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
a8687338 by security tracker role at 2025-05-09T20:13:19+00:00
automatic NOT-FOR-US entries update
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,41 +1,41 @@
CVE-2025-4488 (A vulnerability was found in itsourcecode Gym Management System 1.0. I ...)
- TODO: check
+ NOT-FOR-US: itsourcecode System
CVE-2025-4487 (A vulnerability was found in itsourcecode Gym Management System 1.0. I ...)
- TODO: check
+ NOT-FOR-US: itsourcecode System
CVE-2025-4486 (A vulnerability was found in itsourcecode Gym Management System 1.0 an ...)
- TODO: check
+ NOT-FOR-US: itsourcecode System
CVE-2025-4485 (A vulnerability has been found in itsourcecode Gym Management System 1 ...)
- TODO: check
+ NOT-FOR-US: itsourcecode System
CVE-2025-4484 (A vulnerability, which was classified as critical, was found in itsour ...)
- TODO: check
+ NOT-FOR-US: itsourcecode System
CVE-2025-4483 (A vulnerability, which was classified as critical, has been found in i ...)
- TODO: check
+ NOT-FOR-US: itsourcecode System
CVE-2025-4482 (A vulnerability classified as critical was found in Project Worlds Stu ...)
- TODO: check
+ NOT-FOR-US: Project Worlds
CVE-2025-4481 (A vulnerability was found in SourceCodester Apartment Visitor Manageme ...)
- TODO: check
+ NOT-FOR-US: SourceCodester
CVE-2025-4480 (A vulnerability was found in code-projects Simple College Management S ...)
- TODO: check
+ NOT-FOR-US: code-projects
CVE-2025-4472 (A vulnerability was found in code-projects Departmental Store Manageme ...)
- TODO: check
+ NOT-FOR-US: code-projects
CVE-2025-4471 (A vulnerability, which was classified as critical, has been found in c ...)
- TODO: check
+ NOT-FOR-US: code-projects
CVE-2025-4470 (A vulnerability classified as problematic was found in SourceCodester ...)
- TODO: check
+ NOT-FOR-US: SourceCodester
CVE-2025-4469 (A vulnerability classified as problematic has been found in SourceCode ...)
- TODO: check
+ NOT-FOR-US: SourceCodester
CVE-2025-4468 (A vulnerability was found in SourceCodester Online Student Clearance S ...)
- TODO: check
+ NOT-FOR-US: SourceCodester
CVE-2025-4467 (A vulnerability was found in SourceCodester Online Student Clearance S ...)
- TODO: check
+ NOT-FOR-US: SourceCodester
CVE-2025-4466 (A vulnerability was found in itsourcecode Gym Management System 1.0. I ...)
- TODO: check
+ NOT-FOR-US: itsourcecode System
CVE-2025-4465 (A vulnerability was found in itsourcecode Gym Management System 1.0 an ...)
- TODO: check
+ NOT-FOR-US: itsourcecode System
CVE-2025-4464 (A vulnerability has been found in itsourcecode Gym Management System 1 ...)
- TODO: check
+ NOT-FOR-US: itsourcecode System
CVE-2025-4463 (A vulnerability, which was classified as critical, was found in itsour ...)
- TODO: check
+ NOT-FOR-US: itsourcecode System
CVE-2025-4462 (A vulnerability, which was classified as critical, has been found in T ...)
TODO: check
CVE-2025-4461 (A vulnerability classified as problematic was found in TOTOLINK N150RT ...)
@@ -43,9 +43,9 @@ CVE-2025-4461 (A vulnerability classified as problematic was found in TOTOLINK N
CVE-2025-4460 (A vulnerability classified as problematic has been found in TOTOLINK N ...)
TODO: check
CVE-2025-4459 (A vulnerability was found in code-projects Patient Record Management S ...)
- TODO: check
+ NOT-FOR-US: code-projects
CVE-2025-4458 (A vulnerability was found in code-projects Patient Record Management S ...)
- TODO: check
+ NOT-FOR-US: code-projects
CVE-2025-4457 (A vulnerability classified as critical was found in Project Worlds Car ...)
TODO: check
CVE-2025-4456 (A vulnerability classified as critical has been found in Project World ...)
@@ -53,35 +53,35 @@ CVE-2025-4456 (A vulnerability classified as critical has been found in Project
CVE-2025-4455 (A vulnerability was found in Patch My PC Home Updater up to 5.1.3.0. I ...)
TODO: check
CVE-2025-4454 (A vulnerability was found in D-Link DIR-619L 2.04B04. It has been decl ...)
- TODO: check
+ NOT-FOR-US: D-Link
CVE-2025-4453 (A vulnerability was found in D-Link DIR-619L 2.04B04. It has been clas ...)
- TODO: check
+ NOT-FOR-US: D-Link
CVE-2025-4452 (A vulnerability was found in D-Link DIR-619L 2.04B04 and classified as ...)
- TODO: check
+ NOT-FOR-US: D-Link
CVE-2025-4451 (A vulnerability has been found in D-Link DIR-619L 2.04B04 and classifi ...)
- TODO: check
+ NOT-FOR-US: D-Link
CVE-2025-4450 (A vulnerability, which was classified as critical, was found in D-Link ...)
- TODO: check
+ NOT-FOR-US: D-Link
CVE-2025-4449 (A vulnerability, which was classified as critical, has been found in D ...)
- TODO: check
+ NOT-FOR-US: D-Link
CVE-2025-4448 (A vulnerability classified as critical was found in D-Link DIR-619L 2. ...)
- TODO: check
+ NOT-FOR-US: D-Link
CVE-2025-4446 (A vulnerability has been found in H3C GR-5400AX up to 100R008 and clas ...)
TODO: check
CVE-2025-4445 (A vulnerability classified as critical has been found in D-Link DIR-60 ...)
- TODO: check
+ NOT-FOR-US: D-Link
CVE-2025-4443 (A vulnerability was found in D-Link DIR-605L 2.13B01. It has been rate ...)
- TODO: check
+ NOT-FOR-US: D-Link
CVE-2025-4442 (A vulnerability was found in D-Link DIR-605L 2.13B01. It has been decl ...)
- TODO: check
+ NOT-FOR-US: D-Link
CVE-2025-4441 (A vulnerability was found in D-Link DIR-605L 2.13B01. It has been clas ...)
- TODO: check
+ NOT-FOR-US: D-Link
CVE-2025-4440 (A vulnerability was found in H3C GR-1800AX up to 100R008 and classifie ...)
TODO: check
CVE-2025-4434 (The Remote Images Grabber plugin for WordPress is vulnerable to Reflec ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-4403 (The Drag and Drop Multiple File Upload for WooCommerce plugin for Word ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-4382 (A flaw was found in systems utilizing LUKS-encrypted disks with GRUB c ...)
TODO: check
CVE-2025-4377 (Improper Limitation of a Pathname caused a Path Traversal vulnerabilit ...)
@@ -91,7 +91,7 @@ CVE-2025-4376 (Improper Input Validation vulnerability in Sparx Systems Pro Clou
CVE-2025-4375 (Cross-Site Request Forgery (CSRF) vulnerability in Sparx Systems Pro C ...)
TODO: check
CVE-2025-4206 (The WordPress CRM, Email & Marketing Automation for WordPress | Award ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-4107
REJECTED
CVE-2025-47737 (lib.rs in the trailer crate through 0.1.2 for Rust mishandles allocati ...)
@@ -103,35 +103,35 @@ CVE-2025-47735 (inner::drop in inner.rs in the wgp crate through 0.2.0 for Rust
CVE-2025-47733 (Server-Side Request Forgery (SSRF) in Microsoft Power Apps allows an u ...)
TODO: check
CVE-2025-47732 (Microsoft Dataverse Remote Code Execution Vulnerability)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2025-46392 (Uncontrolled Resource Consumption vulnerability in Apache Commons Conf ...)
TODO: check
CVE-2025-46193 (SourceCodester Client Database Management System 1.0 is vulnerable to ...)
- TODO: check
+ NOT-FOR-US: SourceCodester
CVE-2025-46192 (SourceCodester Client Database Management System 1.0 is vulnerable to ...)
- TODO: check
+ NOT-FOR-US: SourceCodester
CVE-2025-46191 (Arbitrary File Upload in user_payment_update.php in SourceCodester Cli ...)
- TODO: check
+ NOT-FOR-US: SourceCodester
CVE-2025-46190 (SourceCodester Client Database Management System 1.0 is vulnerable to ...)
- TODO: check
+ NOT-FOR-US: SourceCodester
CVE-2025-46189 (SourceCodester Client Database Management System 1.0 is vulnerable to ...)
- TODO: check
+ NOT-FOR-US: SourceCodester
CVE-2025-46188 (SourceCodester Client Database Management System 1.0 is vulnerable to ...)
- TODO: check
+ NOT-FOR-US: SourceCodester
CVE-2025-45887 (Yifang CMS v2.0.2 is vulnerable to Server-Side Request Forgery (SSRF) ...)
TODO: check
CVE-2025-45885 (PHPGURUKUL Vehicle Parking Management System v1.13 is vulnerable to SQ ...)
- TODO: check
+ NOT-FOR-US: PHPGurukul
CVE-2025-45513 (Tenda FH451 V1.0.0.9 has a stack overflow vulnerability in the functio ...)
- TODO: check
+ NOT-FOR-US: Tenda
CVE-2025-3949 (The Website Builder by SeedProd \u2014 Theme Builder, Landing Page Bui ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-3897 (The EUCookieLaw plugin for WordPress is vulnerable to Arbitrary File R ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-3811 (The WPBookit plugin for WordPress is vulnerable to privilege escalatio ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-3810 (The WPBookit plugin for WordPress is vulnerable to privilege escalatio ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-3714 (The LCD KVM over IP Switch CL5708IM has a Stack-based Buffer Overflow ...)
TODO: check
CVE-2025-3713 (The LCD KVM over IP Switch CL5708IM has a Heap-based Buffer Overflow v ...)
@@ -143,13 +143,13 @@ CVE-2025-3711 (The LCD KVM over IP Switch CL5708IM has a Stack-based Buffer Over
CVE-2025-3710 (The LCD KVM over IP Switch CL5708IM has a Stack-based Buffer Overflow ...)
TODO: check
CVE-2025-3605 (The Frontend Login and Registration Blocks plugin for WordPress is vul ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-3463 ("This issue is limited to motherboards and does not affect laptops, de ...)
- TODO: check
+ NOT-FOR-US: ASUS
CVE-2025-3462 ("This issue is limited to motherboards and does not affect laptops, de ...)
- TODO: check
+ NOT-FOR-US: ASUS
CVE-2025-3455 (The 1 Click WordPress Migration Plugin \u2013 100% FREE for a limited ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-37889 (In the Linux kernel, the following vulnerability has been resolved: P ...)
TODO: check
CVE-2025-33072 (Improper access control in Azure allows an unauthorized attacker to di ...)
@@ -157,7 +157,7 @@ CVE-2025-33072 (Improper access control in Azure allows an unauthorized attacker
CVE-2025-31946 (Pixmeo OsiriX MD is vulnerable to a local use after free scenario, wh ...)
TODO: check
CVE-2025-2253 (The IMITHEMES Listing plugin is vulnerable to privilege escalation via ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-29972 (Server-Side Request Forgery (SSRF) in Azure allows an authorized attac ...)
TODO: check
CVE-2025-29827 (Improper Authorization in Azure Automation allows an authorized attack ...)
@@ -181,13 +181,13 @@ CVE-2025-27720 (The Pixmeo Osirix MD Web Portal sends credential information wit
CVE-2025-27578 (Pixmeo OsiriX MD is vulnerable to a use after free scenario, which cou ...)
TODO: check
CVE-2025-1993 (IBM App Connect Enterprise Certified Container 8.1, 8.2, 9.0, 9.1, 9.2 ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2025-1331 (IBM CICS TX Standard 11.1 and IBM CICS TX Advanced 10.1 and 11.1could ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2025-1330 (IBM CICS TX Standard 11.1 and IBM CICS TX Advanced 10.1 and 11.1 could ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2025-1329 (IBM CICS TX Standard 11.1 and IBM CICS TX Advanced 10.1 and 11.1 could ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2025-1087 (Kong Insomnia Desktop Application before 11.0.2 contains a template in ...)
TODO: check
CVE-2024-9524 (Link Following Local Privilege Escalation Vulnerability in System Spee ...)
@@ -209,7 +209,7 @@ CVE-2024-12442 (EnerSys AMPA versions 24.04 through 24.16, inclusive, are vulner
CVE-2024-11861 (EnerSys AMPA 22.09 and prior versions are vulnerable to command inject ...)
TODO: check
CVE-2024-11617 (The Envolve Plugin plugin for WordPress is vulnerable to arbitrary fil ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-31585 (Grocery-CMS-PHP-Restful-API v1.3 is vulnerable to File Upload via /adm ...)
TODO: check
CVE-2025-37888 (In the Linux kernel, the following vulnerability has been resolved: n ...)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/a868733860c53f5527d5ab81b8699c267a3c84b2
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/a868733860c53f5527d5ab81b8699c267a3c84b2
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20250509/480092ef/attachment.htm>
More information about the debian-security-tracker-commits
mailing list