[Git][security-tracker-team/security-tracker][master] automatic NOT-FOR-US entries update
Salvatore Bonaccorso (@carnil)
carnil at debian.org
Fri May 16 21:14:19 BST 2025
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
96934f6c by security tracker role at 2025-05-16T20:14:12+00:00
automatic NOT-FOR-US entries update
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,19 +1,19 @@
CVE-2025-4809 (A vulnerability was found in Tenda AC7 15.03.06.44. It has been classi ...)
- TODO: check
+ NOT-FOR-US: Tenda
CVE-2025-4808 (A vulnerability was found in PHPGurukul Park Ticketing Management Syst ...)
- TODO: check
+ NOT-FOR-US: PHPGurukul
CVE-2025-4807 (A vulnerability, which was classified as problematic, was found in Sou ...)
- TODO: check
+ NOT-FOR-US: SourceCodester
CVE-2025-4806 (A vulnerability, which was classified as critical, has been found in S ...)
- TODO: check
+ NOT-FOR-US: SourceCodester
CVE-2025-4802 (Untrusted LD_LIBRARY_PATH environment variable vulnerability in the GN ...)
TODO: check
CVE-2025-4795 (A vulnerability classified as critical has been found in gongfuxiang s ...)
TODO: check
CVE-2025-4794 (A vulnerability was found in PHPGurukul Online Course Registration 3.1 ...)
- TODO: check
+ NOT-FOR-US: PHPGurukul
CVE-2025-4793 (A vulnerability was found in PHPGurukul Online Course Registration 3.1 ...)
- TODO: check
+ NOT-FOR-US: PHPGurukul
CVE-2025-4792 (A vulnerability was found in FreeFloat FTP Server 1.0 and classified a ...)
TODO: check
CVE-2025-4791 (A vulnerability has been found in FreeFloat FTP Server 1.0 and classif ...)
@@ -25,29 +25,29 @@ CVE-2025-4789 (A vulnerability, which was classified as critical, has been found
CVE-2025-4788 (A vulnerability classified as critical was found in FreeFloat FTP Serv ...)
TODO: check
CVE-2025-4787 (A vulnerability classified as critical has been found in SourceCodeste ...)
- TODO: check
+ NOT-FOR-US: SourceCodester
CVE-2025-4786 (A vulnerability was found in SourceCodester/oretnom23 Stock Management ...)
- TODO: check
+ NOT-FOR-US: SourceCodester
CVE-2025-4785 (A vulnerability was found in PHPGurukul Daily Expense Tracker System 1 ...)
- TODO: check
+ NOT-FOR-US: PHPGurukul
CVE-2025-4782 (A vulnerability has been found in SourceCodester/oretnom23 Stock Manag ...)
- TODO: check
+ NOT-FOR-US: SourceCodester
CVE-2025-4781 (A vulnerability classified as critical has been found in PHPGurukul Pa ...)
- TODO: check
+ NOT-FOR-US: PHPGurukul
CVE-2025-4780 (A vulnerability was found in PHPGurukul Park Ticketing Management Syst ...)
- TODO: check
+ NOT-FOR-US: PHPGurukul
CVE-2025-4778 (A vulnerability was found in PHPGurukul Park Ticketing Management Syst ...)
- TODO: check
+ NOT-FOR-US: PHPGurukul
CVE-2025-4777 (A vulnerability was found in PHPGurukul Park Ticketing Management Syst ...)
- TODO: check
+ NOT-FOR-US: PHPGurukul
CVE-2025-4773 (A vulnerability was found in PHPGurukul Online Course Registration 3.1 ...)
- TODO: check
+ NOT-FOR-US: PHPGurukul
CVE-2025-4772 (A vulnerability has been found in PHPGurukul Online Course Registratio ...)
- TODO: check
+ NOT-FOR-US: PHPGurukul
CVE-2025-4771 (A vulnerability, which was classified as critical, was found in PHPGur ...)
- TODO: check
+ NOT-FOR-US: PHPGurukul
CVE-2025-4770 (A vulnerability, which was classified as critical, has been found in P ...)
- TODO: check
+ NOT-FOR-US: PHPGurukul
CVE-2025-4769 (A vulnerability classified as critical was found in CBEWIN Anytxt Sear ...)
TODO: check
CVE-2025-4768 (A vulnerability classified as critical has been found in feng_ha_ha/me ...)
@@ -55,23 +55,23 @@ CVE-2025-4768 (A vulnerability classified as critical has been found in feng_ha_
CVE-2025-4767 (A vulnerability was found in defog-ai introspect up to 0.1.4. It has b ...)
TODO: check
CVE-2025-4766 (A vulnerability was found in PHPGurukul Zoo Management System 2.1. It ...)
- TODO: check
+ NOT-FOR-US: PHPGurukul
CVE-2025-4765 (A vulnerability was found in PHPGurukul Zoo Management System 2.1. It ...)
- TODO: check
+ NOT-FOR-US: PHPGurukul
CVE-2025-4761 (A vulnerability has been found in PHPGurukul Complaint Management Syst ...)
- TODO: check
+ NOT-FOR-US: PHPGurukul
CVE-2025-4758 (A vulnerability classified as critical has been found in PHPGurukul Be ...)
- TODO: check
+ NOT-FOR-US: PHPGurukul
CVE-2025-4679 (A vulnerability in Synology Active Backup for Microsoft 365 allows rem ...)
- TODO: check
+ NOT-FOR-US: Synology
CVE-2025-4600 (A request smuggling vulnerability existed in the Google Cloud Classic ...)
TODO: check
CVE-2025-4211 (Improper Link Resolution Before File Access ('Link Following') vulnera ...)
TODO: check
CVE-2025-48146 (Cross-Site Request Forgery (CSRF) vulnerability in Michael Lups SEO Fl ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-48144 (Cross-Site Request Forgery (CSRF) vulnerability in sidngr Import Expor ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-48138 (Missing Authorization vulnerability in berthaai BERTHA AI allows Explo ...)
TODO: check
CVE-2025-48137 (Improper Neutralization of Special Elements used in an SQL Command ('S ...)
@@ -93,9 +93,9 @@ CVE-2025-48127 (Missing Authorization vulnerability in App Cheap Push notificati
CVE-2025-48121 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
TODO: check
CVE-2025-48120 (Improper Control of Generation of Code ('Code Injection') vulnerabilit ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-48119 (Improper Control of Generation of Code ('Code Injection') vulnerabilit ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-48117 (Missing Authorization vulnerability in kilbot WooCommerce POS allows E ...)
TODO: check
CVE-2025-48116 (Missing Authorization vulnerability in Ashan Perera EventON allows Acc ...)
@@ -103,11 +103,11 @@ CVE-2025-48116 (Missing Authorization vulnerability in Ashan Perera EventON allo
CVE-2025-48115 (Cross-Site Request Forgery (CSRF) vulnerability in Javier Revilla Vali ...)
TODO: check
CVE-2025-48114 (Cross-Site Request Forgery (CSRF) vulnerability in Shayan Farhang Pazh ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-48113 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
TODO: check
CVE-2025-48112 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-48080 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
TODO: check
CVE-2025-48079 (Missing Authorization vulnerability in Metagauss ProfileGrid allows E ...)
@@ -125,25 +125,25 @@ CVE-2025-47791 (Nextcloud Server is a self hosted personal cloud system. In Next
CVE-2025-47790 (Nextcloud Server is a self hosted personal cloud system. Nextcloud Ser ...)
TODO: check
CVE-2025-47693 (Improper Control of Filename for Include/Require Statement in PHP Prog ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-47567 (Improper Neutralization of Special Elements used in an SQL Command ('S ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-47564 (Missing Authorization vulnerability in ashanjay EventON allows Accessi ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-47563 (Missing Authorization vulnerability in villatheme CURCY allows Accessi ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-47562 (Improper Control of Generation of Code ('Code Injection') vulnerabilit ...)
TODO: check
CVE-2025-47560 (Missing Authorization vulnerability in RomanCode MapSVG allows Exploit ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-47557 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-47556 (Missing Authorization vulnerability in QuanticaLabs CSS3 Compare Prici ...)
TODO: check
CVE-2025-47534 (Missing Authorization vulnerability in ValvePress Wordpress Auto Spinn ...)
TODO: check
CVE-2025-46464 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-40906 (BSON::XS versions 0.8.4 and earlier for Perl includes a bundled libbso ...)
TODO: check
CVE-2025-40632 (Cross-site scripting (XSS) in Icewarp Mail Server affecting version 11 ...)
@@ -159,37 +159,37 @@ CVE-2025-39537 (Authorization Bypass Through User-Controlled Key vulnerability i
CVE-2025-39511 (Missing Authorization vulnerability in ValvePress Pinterest Automatic ...)
TODO: check
CVE-2025-39509 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-39507 (Improper Control of Filename for Include/Require Statement in PHP Prog ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-39493 (Missing Authorization vulnerability in ValvePress Rankie allows Exploi ...)
TODO: check
CVE-2025-39492 (Path Traversal vulnerability in WHMPress WHMpress allows Relative Path ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-39491 (Path Traversal vulnerability in WHMPress WHMpress allows Path Traversa ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-39482 (Missing Authorization vulnerability in imithemes Eventer allows Exploi ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-39481 (Improper Neutralization of Special Elements used in an SQL Command ('S ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-32962 (Flask-AppBuilder is an application development framework built on top ...)
TODO: check
CVE-2025-32643 (Improper Neutralization of Special Elements used in an SQL Command ('S ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-32310 (Cross-Site Request Forgery (CSRF) vulnerability in ThemeMove QuickCal ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-32307 (Improper Neutralization of Special Elements used in an SQL Command ('S ...)
TODO: check
CVE-2025-32306 (Improper Neutralization of Special Elements used in an SQL Command ('S ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-32301 (Improper Neutralization of Special Elements used in an SQL Command ('S ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-32299 (Exposure of Sensitive System Information to an Unauthorized Control Sp ...)
TODO: check
CVE-2025-32296 (Missing Authorization vulnerability in quantumcloud Simple Link Direct ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-32295 (Missing Authorization vulnerability in wordpresschef Salon Booking Pro ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-32290 (Improper Neutralization of Special Elements used in an SQL Command ('S ...)
TODO: check
CVE-2025-32287 (Improper Neutralization of Special Elements used in an SQL Command ('S ...)
@@ -205,7 +205,7 @@ CVE-2025-31926 (Improper Neutralization of Special Elements used in an SQL Comma
CVE-2025-31923 (Missing Authorization vulnerability in QuanticaLabs CSS3 Accordions fo ...)
TODO: check
CVE-2025-31922 (Cross-Site Request Forgery (CSRF) vulnerability in QuanticaLabs CSS3 A ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-31921 (Cross-Site Request Forgery (CSRF) vulnerability in loopus WP Ultimate ...)
TODO: check
CVE-2025-31915 (Cross-Site Request Forgery (CSRF) vulnerability in kamleshyadav Pixel ...)
@@ -221,7 +221,7 @@ CVE-2025-31637 (Improper Neutralization of Special Elements used in an SQL Comma
CVE-2025-31630 (Missing Authorization vulnerability in themeton The Business allows Ex ...)
TODO: check
CVE-2025-31071 (Missing Authorization vulnerability in themeton HotStar \u2013 Multi-P ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-31068 (Cross-Site Request Forgery (CSRF) vulnerability in themeton Seven Star ...)
TODO: check
CVE-2025-31066 (Missing Authorization vulnerability in themeton Acerola allows Exploit ...)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/96934f6c928a15c61046ac3ca8ba3b95412be48b
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/96934f6c928a15c61046ac3ca8ba3b95412be48b
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20250516/3fa0e5a8/attachment.htm>
More information about the debian-security-tracker-commits
mailing list