[Git][security-tracker-team/security-tracker][master] automatic NOT-FOR-US entries update
Salvatore Bonaccorso (@carnil)
carnil at debian.org
Thu Oct 9 09:13:53 BST 2025
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
36d630d4 by security tracker role at 2025-10-09T08:13:46+00:00
automatic NOT-FOR-US entries update
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,13 +1,13 @@
CVE-2025-9970 (Cleartext Storage of Sensitive Information in Memory vulnerability in ...)
- TODO: check
+ NOT-FOR-US: ABB group
CVE-2025-9868 (Server-Side Request Forgery (SSRF) in the Remote Browser Plugin in Son ...)
TODO: check
CVE-2025-7634 (The WP Travel Engine \u2013 Tour Booking Plugin \u2013 Tour Operator S ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-7526 (The WP Travel Engine \u2013 Tour Booking Plugin \u2013 Tour Operator S ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-6038 (The Lisfinity Core - Lisfinity Core plugin used for pebas\xae Lisfinit ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-61913 (Flowise is a drag & drop user interface to build a customized large la ...)
TODO: check
CVE-2025-61906 (Opencast is a free, open-source platform to support the management of ...)
@@ -29,11 +29,11 @@ CVE-2025-60830 (redragon-erp v1.0 was discovered to contain a Shiro deserializat
CVE-2025-60828 (WukongCRM-9.0-JAVA was discovered to contain a fastjson deserializatio ...)
TODO: check
CVE-2025-60318 (SourceCodester Pet Grooming Management Software 1.0 is vulnerable to C ...)
- TODO: check
+ NOT-FOR-US: SourceCodester
CVE-2025-60314 (Configuroweb Sistema Web de Inventario 1.0 is vulnerable to a Stored C ...)
TODO: check
CVE-2025-60313 (Sourcecodester Link Status Checker 1.0 is vulnerable to a Cross-Site S ...)
- TODO: check
+ NOT-FOR-US: SourceCodester
CVE-2025-60311 (ProjectWorlds Gym Management System1.0 is vulnerable to SQL Injection ...)
TODO: check
CVE-2025-60299 (Novel-Plus with 5.2.0 was discovered to contain a Stored Cross-Site Sc ...)
@@ -49,33 +49,33 @@ CVE-2025-57457 (An OS Command Injection vulnerability in the Admin panel in Curo
CVE-2025-53967 (Framelink Figma MCP Server before 0.6.3 allows an unauthenticated remo ...)
TODO: check
CVE-2025-47355 (Memory corruption while invoking remote procedure IOCTL calls.)
- TODO: check
+ NOT-FOR-US: Qualcomm
CVE-2025-47354 (Memory corruption while allocating buffers in DSP service.)
- TODO: check
+ NOT-FOR-US: Qualcomm
CVE-2025-47351 (Memory corruption while processing user buffers.)
- TODO: check
+ NOT-FOR-US: Qualcomm
CVE-2025-47349 (Memory corruption while processing an escape call.)
- TODO: check
+ NOT-FOR-US: Qualcomm
CVE-2025-47347 (Memory corruption while processing control commands in the virtual mem ...)
- TODO: check
+ NOT-FOR-US: Qualcomm
CVE-2025-47342 (Transient DOS may occur when multi-profile concurrency arises with QHS ...)
- TODO: check
+ NOT-FOR-US: Qualcomm
CVE-2025-47341 (memory corruption while processing an image encoding completion event.)
- TODO: check
+ NOT-FOR-US: Qualcomm
CVE-2025-47340 (Memory corruption while processing IOCTL call to get the mapping.)
- TODO: check
+ NOT-FOR-US: Qualcomm
CVE-2025-47338 (Memory corruption while processing escape commands from userspace.)
- TODO: check
+ NOT-FOR-US: Qualcomm
CVE-2025-43830 (Stored cross-site scripting (XSS) vulnerability in Forms in Liferay Po ...)
- TODO: check
+ NOT-FOR-US: Liferay
CVE-2025-43829 (Stored cross-site scripting (XSS) vulnerability in diagram type produc ...)
- TODO: check
+ NOT-FOR-US: Liferay
CVE-2025-43821 (Cross-site scripting (XSS) vulnerability in the Commerce Product Compa ...)
- TODO: check
+ NOT-FOR-US: Liferay
CVE-2025-43771 (Multiple cross-site scripting (XSS) vulnerabilities in the Notificatio ...)
- TODO: check
+ NOT-FOR-US: Liferay
CVE-2025-43724 (Dell PowerScale OneFS, versions prior to 9.12.0.0, contains an authori ...)
- TODO: check
+ NOT-FOR-US: Dell / EMC
CVE-2025-42706 (A logic error exists in the Falcon sensor for Windows that could allow ...)
TODO: check
CVE-2025-42701 (A race condition exists in the Falcon sensor for Windows that could al ...)
@@ -83,71 +83,71 @@ CVE-2025-42701 (A race condition exists in the Falcon sensor for Windows that co
CVE-2025-36636 (In Tenable Security Center versions prior to 6.7.0, an improper access ...)
TODO: check
CVE-2025-27060 (Memory corruption while performing SCM call with malformed inputs.)
- TODO: check
+ NOT-FOR-US: Qualcomm
CVE-2025-27059 (Memory corruption while performing SCM call.)
- TODO: check
+ NOT-FOR-US: Qualcomm
CVE-2025-27054 (Memory corruption while processing a malformed license file during reb ...)
- TODO: check
+ NOT-FOR-US: Qualcomm
CVE-2025-27053 (Memory corruption during PlayReady APP usecase while processing TA com ...)
- TODO: check
+ NOT-FOR-US: Qualcomm
CVE-2025-27049 (Transient DOS while processing IOCTL call for image encoding.)
- TODO: check
+ NOT-FOR-US: Qualcomm
CVE-2025-27048 (Memory corruption while processing camera platform driver IOCTL calls.)
- TODO: check
+ NOT-FOR-US: Qualcomm
CVE-2025-27045 (Information disclosure while processing batch command execution in Vid ...)
- TODO: check
+ NOT-FOR-US: Qualcomm
CVE-2025-27041 (Transient DOS while processing video packets received from video firmw ...)
- TODO: check
+ NOT-FOR-US: Qualcomm
CVE-2025-27040 (Information disclosure may occur while processing the hypervisor log.)
- TODO: check
+ NOT-FOR-US: Qualcomm
CVE-2025-27039 (Memory corruption may occur while processing IOCTL call for DMM/WARPNC ...)
- TODO: check
+ NOT-FOR-US: Qualcomm
CVE-2025-11539 (Grafana Image Renderer is vulnerable to remote code execution due to a ...)
TODO: check
CVE-2025-11535 (MongoDB Connector for BI installation viaMSIon Windows leaves ACLs uns ...)
TODO: check
CVE-2025-11530 (A weakness has been identified in code-projects Online Complaint Site ...)
- TODO: check
+ NOT-FOR-US: code-projects
CVE-2025-11529 (A security flaw has been discovered in ChurchCRM up to 5.18.0. This im ...)
TODO: check
CVE-2025-11528 (A vulnerability was identified in Tenda AC7 15.03.06.44. This affects ...)
- TODO: check
+ NOT-FOR-US: Tenda
CVE-2025-11527 (A vulnerability was determined in Tenda AC7 15.03.06.44. The impacted ...)
- TODO: check
+ NOT-FOR-US: Tenda
CVE-2025-11526 (A vulnerability was found in Tenda AC7 15.03.06.44. The affected eleme ...)
- TODO: check
+ NOT-FOR-US: Tenda
CVE-2025-11525 (A vulnerability has been found in Tenda AC7 15.03.06.44. Impacted is a ...)
- TODO: check
+ NOT-FOR-US: Tenda
CVE-2025-11524 (A flaw has been found in Tenda AC7 15.03.06.44. This issue affects som ...)
- TODO: check
+ NOT-FOR-US: Tenda
CVE-2025-11523 (A vulnerability was detected in Tenda AC7 15.03.06.44. This vulnerabil ...)
- TODO: check
+ NOT-FOR-US: Tenda
CVE-2025-11522 (The Search & Go - Directory WordPress Theme theme for WordPress is vul ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-11516 (A weakness has been identified in code-projects Online Complaint Site ...)
- TODO: check
+ NOT-FOR-US: code-projects
CVE-2025-11515 (A security flaw has been discovered in code-projects Online Complaint ...)
- TODO: check
+ NOT-FOR-US: code-projects
CVE-2025-11514 (A vulnerability was identified in code-projects Online Complaint Site ...)
- TODO: check
+ NOT-FOR-US: code-projects
CVE-2025-11513 (A vulnerability was determined in code-projects E-Commerce Website 1.0 ...)
TODO: check
CVE-2025-11512 (A vulnerability was found in code-projects Voting System 1.0. Affected ...)
- TODO: check
+ NOT-FOR-US: code-projects
CVE-2025-11511 (A flaw has been found in code-projects E-Commerce Website 1.0. Affecte ...)
TODO: check
CVE-2025-11509 (A vulnerability was detected in code-projects E-Commerce Website 1.0. ...)
TODO: check
CVE-2025-11508 (A security vulnerability has been detected in code-projects Voting Sys ...)
- TODO: check
+ NOT-FOR-US: code-projects
CVE-2025-11507 (A weakness has been identified in PHPGurukul Beauty Parlour Management ...)
- TODO: check
+ NOT-FOR-US: PHPGurukul
CVE-2025-11506 (A security flaw has been discovered in PHPGurukul Beauty Parlour Manag ...)
- TODO: check
+ NOT-FOR-US: PHPGurukul
CVE-2025-11505 (A vulnerability was identified in PHPGurukul Beauty Parlour Management ...)
- TODO: check
+ NOT-FOR-US: PHPGurukul
CVE-2025-11503 (A vulnerability was determined in PHPGurukul Beauty Parlour Management ...)
- TODO: check
+ NOT-FOR-US: PHPGurukul
CVE-2025-11495 (A vulnerability was determined in GNU Binutils 2.45. The affected elem ...)
TODO: check
CVE-2025-11494 (A vulnerability was found in GNU Binutils 2.45. Impacted is the functi ...)
@@ -159,51 +159,51 @@ CVE-2025-11490 (A vulnerability has been found in wonderwhy-er DesktopCommanderM
CVE-2025-11489 (A security vulnerability has been detected in wonderwhy-er DesktopComm ...)
TODO: check
CVE-2025-11488 (A weakness has been identified in D-Link DIR-852 up to 20251002. This ...)
- TODO: check
+ NOT-FOR-US: D-Link
CVE-2025-11487 (A security flaw has been discovered in SourceCodester Farm Management ...)
- TODO: check
+ NOT-FOR-US: SourceCodester
CVE-2025-11486 (A vulnerability was identified in SourceCodester Farm Management Syste ...)
- TODO: check
+ NOT-FOR-US: SourceCodester
CVE-2025-11485 (A vulnerability was determined in SourceCodester Student Grades Manage ...)
- TODO: check
+ NOT-FOR-US: SourceCodester
CVE-2025-11481 (A flaw has been found in varunsardana004 Blood-Bank-And-Donation-Manag ...)
TODO: check
CVE-2025-11480 (A vulnerability was detected in SourceCodester Simple E-Commerce Books ...)
- TODO: check
+ NOT-FOR-US: SourceCodester
CVE-2025-11479 (A security vulnerability has been detected in SourceCodester Wedding R ...)
- TODO: check
+ NOT-FOR-US: SourceCodester
CVE-2025-11478 (A weakness has been identified in SourceCodester Farm Management Syste ...)
- TODO: check
+ NOT-FOR-US: SourceCodester
CVE-2025-11477 (A security flaw has been discovered in SourceCodester Wedding Reservat ...)
- TODO: check
+ NOT-FOR-US: SourceCodester
CVE-2025-11476 (A vulnerability was identified in SourceCodester Simple E-Commerce Boo ...)
- TODO: check
+ NOT-FOR-US: SourceCodester
CVE-2025-11475 (A vulnerability was determined in projectworlds Advanced Library Manag ...)
- TODO: check
+ NOT-FOR-US: Project Worlds
CVE-2025-11474 (A vulnerability was found in SourceCodester Hotel and Lodge Management ...)
- TODO: check
+ NOT-FOR-US: SourceCodester
CVE-2025-11473 (A vulnerability has been found in SourceCodester Hotel and Lodge Manag ...)
- TODO: check
+ NOT-FOR-US: SourceCodester
CVE-2025-11472 (A flaw has been found in SourceCodester Hotel and Lodge Management Sys ...)
- TODO: check
+ NOT-FOR-US: SourceCodester
CVE-2025-11471 (A vulnerability was detected in SourceCodester Hotel and Lodge Managem ...)
- TODO: check
+ NOT-FOR-US: SourceCodester
CVE-2025-11470 (A security vulnerability has been detected in SourceCodester Hotel and ...)
- TODO: check
+ NOT-FOR-US: SourceCodester
CVE-2025-11469 (A weakness has been identified in SourceCodester Hotel and Lodge Manag ...)
- TODO: check
+ NOT-FOR-US: SourceCodester
CVE-2025-11445 (A vulnerability was detected in Kilo Code up to 4.86.0. Affected is th ...)
TODO: check
CVE-2025-11444 (A security vulnerability has been detected in TOTOLINK N600R up to 4.3 ...)
- TODO: check
+ NOT-FOR-US: TOTOLINK
CVE-2025-11166 (The WP Go Maps (formerly WP Google Maps) plugin for WordPress is vulne ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-10649 (The Welcart e-Commerce plugin for WordPress is vulnerable to SQL Injec ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-10586 (The Community Events plugin for WordPress is vulnerable to SQL Injecti ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-10496 (The Cookie Notice & Consent plugin for WordPress is vulnerable to Stor ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-10353 (File upload leading to remote code execution (RCE) in the \u201cmelis- ...)
TODO: check
CVE-2025-10352 (Vulnerability in the melis-core module of Melis Technology's Melis Pla ...)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/36d630d480f3b23aabc27f2055da0f1b36b6d2bf
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/36d630d480f3b23aabc27f2055da0f1b36b6d2bf
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20251009/49dea742/attachment.htm>
More information about the debian-security-tracker-commits
mailing list