[Git][security-tracker-team/security-tracker][master] automatic NOT-FOR-US entries update
Salvatore Bonaccorso (@carnil)
carnil at debian.org
Wed Oct 8 09:18:11 BST 2025
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
3a4fc5f5 by security tracker role at 2025-10-08T08:13:45+00:00
automatic NOT-FOR-US entries update
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -31,7 +31,7 @@ CVE-2025-61776 (Dependency-Track is a component analysis platform that allows or
CVE-2025-61670 (Wasmtime is a runtime for WebAssembly. Wasmtime 37.0.0 and 37.0.1 have ...)
TODO: check
CVE-2025-60312 (Sourcecodester Markdown to HTML Converter v1.0 is vulnerable to a Cros ...)
- TODO: check
+ NOT-FOR-US: SourceCodester
CVE-2025-57564 (CubeAPM nightly-2025-08-01-1 allow unauthenticated attackers to inject ...)
TODO: check
CVE-2025-56243 (A Cross-Site Scripting (XSS) vulnerability was found in the register.p ...)
@@ -65,45 +65,45 @@ CVE-2025-48826 (A format string vulnerability exists in the formPingCmd function
CVE-2025-48464 (Successful exploitation of the vulnerability could allow an unauthenti ...)
TODO: check
CVE-2025-45375 (Dell PowerProtect Data Domain with Data Domain Operating System (DD OS ...)
- TODO: check
+ NOT-FOR-US: Dell / EMC
CVE-2025-44824 (Nagios Log Server before 2024R1.3.2 allows authenticated users (with r ...)
TODO: check
CVE-2025-44823 (Nagios Log Server before 2024R1.3.2 allows authenticated users to retr ...)
TODO: check
CVE-2025-43934 (Dell PowerProtect Data Domain with Data Domain Operating System (DD OS ...)
- TODO: check
+ NOT-FOR-US: Dell / EMC
CVE-2025-43914 (Dell PowerProtect Data Domain BoostFS for Linux Ubuntu systems of Feat ...)
- TODO: check
+ NOT-FOR-US: Dell / EMC
CVE-2025-43913 (Dell PowerProtect Data Domain with Data Domain Operating System (DD OS ...)
- TODO: check
+ NOT-FOR-US: Dell / EMC
CVE-2025-43912 (Dell PowerProtect Data Domain with Data Domain Operating System (DD OS ...)
- TODO: check
+ NOT-FOR-US: Dell / EMC
CVE-2025-43911 (Dell PowerProtect Data Domain with Data Domain Operating System (DD OS ...)
- TODO: check
+ NOT-FOR-US: Dell / EMC
CVE-2025-43910 (Dell PowerProtect Data Domain with Data Domain Operating System (DD OS ...)
- TODO: check
+ NOT-FOR-US: Dell / EMC
CVE-2025-43909 (Dell PowerProtect Data Domain with Data Domain Operating System (DD OS ...)
- TODO: check
+ NOT-FOR-US: Dell / EMC
CVE-2025-43908 (Dell PowerProtect Data Domain with Data Domain Operating System (DD OS ...)
- TODO: check
+ NOT-FOR-US: Dell / EMC
CVE-2025-43907 (Dell PowerProtect Data Domain with Data Domain Operating System (DD OS ...)
- TODO: check
+ NOT-FOR-US: Dell / EMC
CVE-2025-43906 (Dell PowerProtect Data Domain with Data Domain Operating System (DD OS ...)
- TODO: check
+ NOT-FOR-US: Dell / EMC
CVE-2025-43905 (Dell PowerProtect Data Domain with Data Domain Operating System (DD OS ...)
- TODO: check
+ NOT-FOR-US: Dell / EMC
CVE-2025-43891 (Dell PowerProtect Data Domain with Data Domain Operating System (DD OS ...)
- TODO: check
+ NOT-FOR-US: Dell / EMC
CVE-2025-43890 (Dell PowerProtect Data Domain with Data Domain Operating System (DD OS ...)
- TODO: check
+ NOT-FOR-US: Dell / EMC
CVE-2025-43889 (Dell PowerProtect Data Domain with Data Domain Operating System (DD OS ...)
- TODO: check
+ NOT-FOR-US: Dell / EMC
CVE-2025-43823 (Cross-site scripting (XSS) vulnerability in the Commerce Search Result ...)
- TODO: check
+ NOT-FOR-US: Liferay
CVE-2025-43822 (Multiple stored cross-site scripting (XSS) vulnerabilities in Liferay ...)
- TODO: check
+ NOT-FOR-US: Liferay
CVE-2025-43727 (Dell PowerProtect Data Domain with Data Domain Operating System (DD OS ...)
- TODO: check
+ NOT-FOR-US: Dell / EMC
CVE-2025-40889 (A path traversal vulnerability was discovered in the Time Machine func ...)
TODO: check
CVE-2025-40888 (A SQL Injection vulnerability was discovered in the CLI functionality ...)
@@ -123,29 +123,29 @@ CVE-2025-3719 (An access control vulnerability was discovered in the CLI functio
CVE-2025-3718 (A client-side path traversal vulnerability was discovered in the web m ...)
TODO: check
CVE-2025-3450 (Improper Resource Locking vulnerability in B&R Industrial Automation A ...)
- TODO: check
+ NOT-FOR-US: ABB group
CVE-2025-3449 (Generation of Predictable Numbers or Identifiers vulnerability in B&R ...)
- TODO: check
+ NOT-FOR-US: ABB group
CVE-2025-3448 (Improper Neutralization of Input During Web Page Generation (XSS or 'C ...)
- TODO: check
+ NOT-FOR-US: ABB group
CVE-2025-37728 (Insufficiently Protected Credentials in the Crowdstrike connector can ...)
TODO: check
CVE-2025-36569 (Dell PowerProtect Data Domain with Data Domain Operating System (DD OS ...)
- TODO: check
+ NOT-FOR-US: Dell / EMC
CVE-2025-36567 (Dell PowerProtect Data Domain with Data Domain Operating System (DD OS ...)
- TODO: check
+ NOT-FOR-US: Dell / EMC
CVE-2025-36566 (Dell PowerProtect Data Domain with Data Domain Operating System (DD OS ...)
- TODO: check
+ NOT-FOR-US: Dell / EMC
CVE-2025-36565 (Dell PowerProtect Data Domain with Data Domain Operating System (DD OS ...)
- TODO: check
+ NOT-FOR-US: Dell / EMC
CVE-2025-36156 (IBM InfoSphere Data Replication VSAM for z/OS Remote Source 11.4 is vu ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2025-34252 (NetSarang Xmanager Enterprise 5.0 Build 1232,Xmanager 5.0 Build 1045,X ...)
TODO: check
CVE-2025-1826 (IBM Engineering Requirements Management DOORS Next (IBM Jazz Foundatio ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2025-11462 (Improper Link Resolution Before File Access in the AWS VPN Client for ...)
- TODO: check
+ NOT-FOR-US: Amazon
CVE-2025-11443 (A weakness has been identified in JhumanJ OpnForm up to 1.9.3. This af ...)
TODO: check
CVE-2025-11442 (A security flaw has been discovered in JhumanJ OpnForm up to 1.9.3. Th ...)
@@ -165,37 +165,37 @@ CVE-2025-11436 (A vulnerability was detected in JhumanJ OpnForm up to 1.9.3. Aff
CVE-2025-11435 (A security vulnerability has been detected in JhumanJ OpnForm up to 1. ...)
TODO: check
CVE-2025-11434 (A weakness has been identified in itsourcecode Student Transcript Proc ...)
- TODO: check
+ NOT-FOR-US: itsourcecode System
CVE-2025-11433 (A security flaw has been discovered in itsourcecode Leave Management S ...)
- TODO: check
+ NOT-FOR-US: itsourcecode System
CVE-2025-11432 (A vulnerability was identified in itsourcecode Leave Management System ...)
- TODO: check
+ NOT-FOR-US: itsourcecode System
CVE-2025-11431 (A vulnerability was determined in code-projects Web-Based Inventory an ...)
- TODO: check
+ NOT-FOR-US: code-projects
CVE-2025-11430 (A vulnerability was found in SourceCodester Simple E-Commerce Bookstor ...)
- TODO: check
+ NOT-FOR-US: SourceCodester
CVE-2025-11426 (A security flaw has been discovered in projectworlds Advanced Library ...)
- TODO: check
+ NOT-FOR-US: Project Worlds
CVE-2025-11425 (A vulnerability was identified in projectworlds Advanced Library Manag ...)
- TODO: check
+ NOT-FOR-US: Project Worlds
CVE-2025-11424 (A vulnerability was determined in code-projects Web-Based Inventory an ...)
- TODO: check
+ NOT-FOR-US: code-projects
CVE-2025-11423 (A vulnerability was found in Tenda CH22 1.0.0.1. This affects the func ...)
- TODO: check
+ NOT-FOR-US: Tenda
CVE-2025-11422 (A vulnerability has been found in Campcodes Advanced Online Voting Man ...)
- TODO: check
+ NOT-FOR-US: Campcodes
CVE-2025-11421 (A flaw has been found in code-projects Voting System 1.0. The affected ...)
- TODO: check
+ NOT-FOR-US: code-projects
CVE-2025-11420 (A vulnerability was detected in code-projects E-Commerce Website 1.0. ...)
TODO: check
CVE-2025-11418 (A security vulnerability has been detected in Tenda CH22 up to 1.0.0.1 ...)
- TODO: check
+ NOT-FOR-US: Tenda
CVE-2025-11417 (A weakness has been identified in Campcodes Advanced Online Voting Man ...)
- TODO: check
+ NOT-FOR-US: Campcodes
CVE-2025-11416 (A security flaw has been discovered in PHPGurukul Beauty Parlour Manag ...)
- TODO: check
+ NOT-FOR-US: PHPGurukul
CVE-2025-11415 (A vulnerability was identified in PHPGurukul Beauty Parlour Management ...)
- TODO: check
+ NOT-FOR-US: PHPGurukul
CVE-2025-11414 (A vulnerability was determined in GNU Binutils 2.45. Affected by this ...)
TODO: check
CVE-2025-11413 (A vulnerability was found in GNU Binutils 2.45. Affected is the functi ...)
@@ -203,71 +203,71 @@ CVE-2025-11413 (A vulnerability was found in GNU Binutils 2.45. Affected is the
CVE-2025-11412 (A vulnerability has been found in GNU Binutils 2.45. This impacts the ...)
TODO: check
CVE-2025-11410 (A flaw has been found in Campcodes Advanced Online Voting Management S ...)
- TODO: check
+ NOT-FOR-US: Campcodes
CVE-2025-11409 (A vulnerability was detected in Campcodes Advanced Online Voting Manag ...)
- TODO: check
+ NOT-FOR-US: Campcodes
CVE-2025-11408 (A security vulnerability has been detected in D-Link DI-7001 MINI 24.0 ...)
- TODO: check
+ NOT-FOR-US: D-Link
CVE-2025-11407 (A weakness has been identified in D-Link DI-7001 MINI 24.04.18B1. Impa ...)
- TODO: check
+ NOT-FOR-US: D-Link
CVE-2025-11406 (A security flaw has been discovered in kaifangqian kaifangqian-base up ...)
TODO: check
CVE-2025-11405 (A vulnerability was identified in SourceCodester Hotel and Lodge Manag ...)
- TODO: check
+ NOT-FOR-US: SourceCodester
CVE-2025-11404 (A vulnerability was determined in SourceCodester Hotel and Lodge Manag ...)
- TODO: check
+ NOT-FOR-US: SourceCodester
CVE-2025-11403 (A vulnerability was found in SourceCodester Hotel and Lodge Management ...)
- TODO: check
+ NOT-FOR-US: SourceCodester
CVE-2025-11402 (A vulnerability has been found in SourceCodester Hotel and Lodge Manag ...)
- TODO: check
+ NOT-FOR-US: SourceCodester
CVE-2025-11401 (A flaw has been found in SourceCodester Hotel and Lodge Management Sys ...)
- TODO: check
+ NOT-FOR-US: SourceCodester
CVE-2025-11400 (A vulnerability was detected in SourceCodester Hotel and Lodge Managem ...)
- TODO: check
+ NOT-FOR-US: SourceCodester
CVE-2025-11399 (A security vulnerability has been detected in SourceCodester Hotel and ...)
- TODO: check
+ NOT-FOR-US: SourceCodester
CVE-2025-11398 (A weakness has been identified in SourceCodester Hotel and Lodge Manag ...)
- TODO: check
+ NOT-FOR-US: SourceCodester
CVE-2025-11397 (A security flaw has been discovered in SourceCodester Hotel and Lodge ...)
- TODO: check
+ NOT-FOR-US: SourceCodester
CVE-2025-11396 (A vulnerability was identified in code-projects Simple Food Ordering S ...)
- TODO: check
+ NOT-FOR-US: code-projects
CVE-2025-11390 (A weakness has been identified in PHPGurukul Cyber Cafe Management Sys ...)
- TODO: check
+ NOT-FOR-US: PHPGurukul
CVE-2025-11389 (A security flaw has been discovered in Tenda AC15 15.03.05.18. Affecte ...)
- TODO: check
+ NOT-FOR-US: Tenda
CVE-2025-11388 (A vulnerability was identified in Tenda AC15 15.03.05.18. This impacts ...)
- TODO: check
+ NOT-FOR-US: Tenda
CVE-2025-11387 (A vulnerability was determined in Tenda AC15 15.03.05.18. This affects ...)
- TODO: check
+ NOT-FOR-US: Tenda
CVE-2025-11386 (A vulnerability was found in Tenda AC15 15.03.05.18. The impacted elem ...)
- TODO: check
+ NOT-FOR-US: Tenda
CVE-2025-11385 (A vulnerability has been found in Tenda AC20 up to 16.03.08.12. The af ...)
- TODO: check
+ NOT-FOR-US: Tenda
CVE-2025-11360 (A vulnerability was detected in jakowenko double-take up to 1.13.1. Th ...)
TODO: check
CVE-2025-11359 (A security vulnerability has been detected in code-projects Simple Ban ...)
- TODO: check
+ NOT-FOR-US: code-projects
CVE-2025-11204 (The RegistrationMagic \u2013 Custom Registration Forms, User Registrat ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-11192 (A vulnerability in Extreme Networks\u2019 Fabric Engine (VOSS) before ...)
TODO: check
CVE-2025-11171 (The Chartify \u2013 WordPress Chart Plugin for WordPress is vulnerable ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-10904
REJECTED
CVE-2025-10645 (The WP Reset plugin for WordPress is vulnerable to Sensitive Informati ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-10635 (The Find Me On WordPress plugin through 2.0.9.1 does not sanitize and ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-10587 (The Community Events plugin for WordPress is vulnerable to SQL Injecti ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-10494 (The Motors \u2013 Car Dealership & Classified Listings Plugin plugin f ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-0603 (Improper Neutralization of Special Elements used in an SQL Command ('S ...)
TODO: check
CVE-2023-6215 (A potential security vulnerability has been identified in HP Sure Star ...)
- TODO: check
+ NOT-FOR-US: HP
CVE-2025-11460
- chromium <unfixed>
[bullseye] - chromium <end-of-life> (see #1061268)
@@ -405180,7 +405180,7 @@ CVE-2021-22293 (Some Huawei products have an inconsistent interpretation of HTTP
CVE-2021-22292 (There is a denial of service (DoS) vulnerability in eCNS280 versions V ...)
NOT-FOR-US: Huawei
CVE-2021-22291 (Improper Neutralization of Input During Web Page Generation (XSS or 'C ...)
- TODO: check
+ NOT-FOR-US: ABB group
CVE-2021-22290
RESERVED
CVE-2021-22289 (Improper Input Validation vulnerability in the project upload mechanis ...)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/3a4fc5f59e08770a5c14ba3351bbd183f469d6a5
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/3a4fc5f59e08770a5c14ba3351bbd183f469d6a5
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20251008/15fd4cdd/attachment.htm>
More information about the debian-security-tracker-commits
mailing list