[Git][security-tracker-team/security-tracker][master] automatic NOT-FOR-US entries update
Salvatore Bonaccorso (@carnil)
carnil at debian.org
Thu May 15 21:13:04 BST 2025
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
02f78f34 by security tracker role at 2025-05-15T20:12:56+00:00
automatic NOT-FOR-US entries update
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,51 +1,51 @@
CVE-2025-4762 (Insecure Direct Object Reference (IDOR) vulnerability in the eSignaVie ...)
TODO: check
CVE-2025-4717 (A vulnerability, which was classified as critical, was found in PHPGur ...)
- TODO: check
+ NOT-FOR-US: PHPGurukul
CVE-2025-4716 (A vulnerability was found in Campcodes Sales and Inventory System 1.0. ...)
- TODO: check
+ NOT-FOR-US: Campcodes
CVE-2025-4715 (A vulnerability was found in Campcodes Sales and Inventory System 1.0. ...)
- TODO: check
+ NOT-FOR-US: Campcodes
CVE-2025-4714 (A vulnerability was found in Campcodes Sales and Inventory System 1.0. ...)
- TODO: check
+ NOT-FOR-US: Campcodes
CVE-2025-4713 (A vulnerability was found in Campcodes Sales and Inventory System 1.0 ...)
- TODO: check
+ NOT-FOR-US: Campcodes
CVE-2025-4712 (A vulnerability has been found in Campcodes Sales and Inventory System ...)
- TODO: check
+ NOT-FOR-US: Campcodes
CVE-2025-4711 (A vulnerability, which was classified as critical, was found in Campco ...)
- TODO: check
+ NOT-FOR-US: Campcodes
CVE-2025-4710 (A vulnerability, which was classified as critical, has been found in C ...)
- TODO: check
+ NOT-FOR-US: Campcodes
CVE-2025-4709 (A vulnerability classified as critical was found in Campcodes Sales an ...)
- TODO: check
+ NOT-FOR-US: Campcodes
CVE-2025-4708 (A vulnerability classified as critical has been found in Campcodes Sal ...)
- TODO: check
+ NOT-FOR-US: Campcodes
CVE-2025-4707 (A vulnerability was found in Campcodes Sales and Inventory System 1.0. ...)
- TODO: check
+ NOT-FOR-US: Campcodes
CVE-2025-4706 (A vulnerability was found in projectworlds Online Examination System 1 ...)
- TODO: check
+ NOT-FOR-US: Project Worlds
CVE-2025-4705 (A vulnerability was found in PHPGurukul Vehicle Parking Management Sys ...)
- TODO: check
+ NOT-FOR-US: PHPGurukul
CVE-2025-4704 (A vulnerability was found in PHPGurukul Vehicle Parking Management Sys ...)
- TODO: check
+ NOT-FOR-US: PHPGurukul
CVE-2025-4703 (A vulnerability has been found in PHPGurukul Vehicle Parking Managemen ...)
- TODO: check
+ NOT-FOR-US: PHPGurukul
CVE-2025-4702 (A vulnerability, which was classified as critical, was found in PHPGur ...)
- TODO: check
+ NOT-FOR-US: PHPGurukul
CVE-2025-4701 (A vulnerability, which was classified as problematic, has been found i ...)
TODO: check
CVE-2025-4699 (A vulnerability classified as critical was found in PHPGurukul Apartme ...)
- TODO: check
+ NOT-FOR-US: PHPGurukul
CVE-2025-4698 (A vulnerability classified as critical has been found in PHPGurukul Di ...)
- TODO: check
+ NOT-FOR-US: PHPGurukul
CVE-2025-4697 (A vulnerability was found in PHPGurukul Directory Management System 2. ...)
- TODO: check
+ NOT-FOR-US: PHPGurukul
CVE-2025-4696 (A vulnerability was found in PHPGurukul Cyber Cafe Management System 1 ...)
- TODO: check
+ NOT-FOR-US: PHPGurukul
CVE-2025-4695 (A vulnerability was found in PHPGurukul Cyber Cafe Management System 1 ...)
- TODO: check
+ NOT-FOR-US: PHPGurukul
CVE-2025-4564 (The TicketBAI Facturas para WooCommerce plugin for WordPress is vulner ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-4516 (There is an issue in CPython when using `bytes.decode("unicode_escape" ...)
TODO: check
CVE-2025-48051 (powertip.ts in Lila (for Lichess) before ab0beaf allows XSS in some ap ...)
@@ -67,7 +67,7 @@ CVE-2025-47784 (Emlog is an open source website building system. Versions 2.5.13
CVE-2025-47774 (Vyper is the Pythonic Programming Language for the Ethereum Virtual Ma ...)
TODO: check
CVE-2025-47580 (Missing Authorization vulnerability in Rustaurius Front End Users allo ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-47285 (Vyper is the Pythonic Programming Language for the Ethereum Virtual Ma ...)
TODO: check
CVE-2025-47279 (Undici is an HTTP/1.1 client for Node.js. Prior to versions 5.29.0, 6. ...)
@@ -81,15 +81,15 @@ CVE-2025-46053 (A SQL Injection vulnerability in WebERP v4.15.2 allows attackers
CVE-2025-46052 (An error-based SQL Injection (SQLi) vulnerability in WebERP v4.15.2 al ...)
TODO: check
CVE-2025-44185 (SourceCodester Best Employee Management System V1.0 is vulnerable to C ...)
- TODO: check
+ NOT-FOR-US: SourceCodester
CVE-2025-44183 (Phpgurukul Vehicle Record Management System v1.0 is vulnerable to Cros ...)
- TODO: check
+ NOT-FOR-US: PHPGurukul
CVE-2025-44182 (Phpgurukul Vehicle Record Management System v1.0 is vulnerable to Cros ...)
- TODO: check
+ NOT-FOR-US: PHPGurukul
CVE-2025-44181 (Phpgurukul Vehicle Record Management System v1.0 is vulnerable to Cros ...)
- TODO: check
+ NOT-FOR-US: PHPGurukul
CVE-2025-44180 (Phpgurukul Vehicle Record Management System v1.0 is vulnerable to Cros ...)
- TODO: check
+ NOT-FOR-US: PHPGurukul
CVE-2025-44110 (FluxBB 1.5.11 is vulnerable to Cross Site Scripting (XSS) in via the F ...)
TODO: check
CVE-2025-43853 (The WebAssembly Micro Runtime's (WAMR) iwasm package is the executable ...)
@@ -97,9 +97,9 @@ CVE-2025-43853 (The WebAssembly Micro Runtime's (WAMR) iwasm package is the exec
CVE-2025-3446 (Mattermost versions 10.6.x <= 10.6.1, 10.5.x <= 10.5.2, 10.4.x <= 10.4 ...)
TODO: check
CVE-2025-3440 (IBM Security Guardium 11.5 is vulnerable to stored cross-site scriptin ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2025-32922 (Cross-Site Request Forgery (CSRF) vulnerability in Tobias WP2LEADS all ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-32738 (Missing authentication for critical function issue exists in I-O DATA ...)
TODO: check
CVE-2025-32002 (Improper neutralization of special elements used in an OS command ('OS ...)
@@ -107,9 +107,9 @@ CVE-2025-32002 (Improper neutralization of special elements used in an OS comman
CVE-2025-31947 (Mattermost versions 10.6.x <= 10.6.1, 10.5.x <= 10.5.2, 10.4.x <= 10.4 ...)
TODO: check
CVE-2025-30476 (Dell PowerScale InsightIQ, version 5.2, contains an uncontrolled resou ...)
- TODO: check
+ NOT-FOR-US: Dell / EMC
CVE-2025-30475 (Dell PowerScale InsightIQ, versions 5.0 through 5.2, contains an impro ...)
- TODO: check
+ NOT-FOR-US: Dell / EMC
CVE-2025-30421 (There is a memory corruption vulnerability due to a stack-based buffer ...)
TODO: check
CVE-2025-30420 (There is a memory corruption vulnerability due to an out of bounds rea ...)
@@ -125,11 +125,11 @@ CVE-2025-2570 (Mattermost versions 10.5.x <= 10.5.3, 9.11.x <= 9.11.11 fail to c
CVE-2025-2527 (Mattermost versions 10.5.x <= 10.5.2, 9.11.x <= 9.11.11 failed to prop ...)
TODO: check
CVE-2025-26481 (Dell PowerScale OneFS, versions 9.4.0.0 through 9.9.0.0, contains an u ...)
- TODO: check
+ NOT-FOR-US: Dell / EMC
CVE-2025-1647 (Improper Neutralization of Input During Web Page Generation (XSS or 'C ...)
TODO: check
CVE-2024-56006 (Missing Authorization vulnerability in Automattic Jetpack Debug Tools. ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2024-52880 (An issue was discovered in Insyde InsydeH2O kernel 5.2 before version ...)
TODO: check
CVE-2024-52879 (An issue was discovered in Insyde InsydeH2O kernel 5.2 before version ...)
@@ -139,7 +139,7 @@ CVE-2024-52878 (An issue was discovered in Insyde InsydeH2O kernel 5.2 before ve
CVE-2024-52877 (An issue was discovered in Insyde InsydeH2O kernel 5.2 before version ...)
TODO: check
CVE-2024-51666 (Missing Authorization vulnerability in Automattic Tours.This issue aff ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-4737 (Insufficient encryption vulnerability in the mobile application (com.t ...)
TODO: check
CVE-2025-4591 (The Weluka Lite plugin for WordPress is vulnerable to Stored Cross-Sit ...)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/02f78f34c38800a3ebcca1aa63d06eba8d76b829
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/02f78f34c38800a3ebcca1aa63d06eba8d76b829
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20250515/c0cf43f4/attachment-0001.htm>
More information about the debian-security-tracker-commits
mailing list