[Git][security-tracker-team/security-tracker][master] automatic NOT-FOR-US entries update
Salvatore Bonaccorso (@carnil)
carnil at debian.org
Thu Sep 4 09:13:38 BST 2025
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
8e828413 by security tracker role at 2025-09-04T08:13:26+00:00
automatic NOT-FOR-US entries update
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,47 +1,47 @@
CVE-2025-9942 (A vulnerability has been found in CodeAstro Real Estate Management Sys ...)
- TODO: check
+ NOT-FOR-US: CodeAstro
CVE-2025-9941 (A flaw has been found in CodeAstro Real Estate Management System 1.0. ...)
- TODO: check
+ NOT-FOR-US: CodeAstro
CVE-2025-9940 (A vulnerability was detected in CodeAstro Real Estate Management Syste ...)
- TODO: check
+ NOT-FOR-US: CodeAstro
CVE-2025-9939 (A security vulnerability has been detected in CodeAstro Real Estate Ma ...)
- TODO: check
+ NOT-FOR-US: CodeAstro
CVE-2025-9938 (A weakness has been identified in D-Link DI-8400 16.07.26A1. The affec ...)
- TODO: check
+ NOT-FOR-US: D-Link
CVE-2025-9937 (A security flaw has been discovered in elunez eladmin 1.1. Impacted is ...)
TODO: check
CVE-2025-9936 (A vulnerability was identified in fuyang_lipengjun platform 1.0.0. Thi ...)
TODO: check
CVE-2025-9935 (A vulnerability was determined in TOTOLINK N600R 4.3.0cu.7866_B2022050 ...)
- TODO: check
+ NOT-FOR-US: TOTOLINK
CVE-2025-9934 (A vulnerability was found in TOTOLINK X5000R 9.1.0cu.2415_B20250515. T ...)
- TODO: check
+ NOT-FOR-US: TOTOLINK
CVE-2025-9933 (A vulnerability has been found in PHPGurukul Beauty Parlour Management ...)
- TODO: check
+ NOT-FOR-US: PHPGurukul
CVE-2025-9932 (A flaw has been found in PHPGurukul Beauty Parlour Management System 1 ...)
- TODO: check
+ NOT-FOR-US: PHPGurukul
CVE-2025-9931 (A vulnerability was detected in Jinher OA 1.0. Affected is an unknown ...)
TODO: check
CVE-2025-9930 (A security vulnerability has been detected in 1000projects Beauty Parl ...)
TODO: check
CVE-2025-9929 (A weakness has been identified in code-projects Responsive Blog Site 1 ...)
- TODO: check
+ NOT-FOR-US: code-projects
CVE-2025-9928 (A security flaw has been discovered in projectworlds Travel Management ...)
- TODO: check
+ NOT-FOR-US: Project Worlds
CVE-2025-9927 (A vulnerability was identified in projectworlds Travel Management Syst ...)
- TODO: check
+ NOT-FOR-US: Project Worlds
CVE-2025-9519 (The Easy Timer plugin for WordPress is vulnerable to Remote Code Execu ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-9518 (The atec Debug plugin for WordPress is vulnerable to arbitrary file de ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-9517 (The atec Debug plugin for WordPress is vulnerable to remote code execu ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-9516 (The atec Debug plugin for WordPress is vulnerable to arbitrary file re ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-9467 (When the Vaadin Upload's start listener is used to validate metadata a ...)
TODO: check
CVE-2025-8268 (The AI Engine plugin for WordPress is vulnerable to unauthorized acces ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-58701
REJECTED
CVE-2025-58700
@@ -73,59 +73,59 @@ CVE-2025-58057 (Netty is an asynchronous event-driven network application framew
CVE-2025-58056 (Netty is an asynchronous event-driven network application framework fo ...)
TODO: check
CVE-2025-55748 (XWiki Platform is a generic wiki platform offering runtime services fo ...)
- TODO: check
+ NOT-FOR-US: XWiki
CVE-2025-55747 (XWiki Platform is a generic wiki platform offering runtime services fo ...)
- TODO: check
+ NOT-FOR-US: XWiki
CVE-2025-43772 (Kaleo Forms Admin in Liferay Portal 7.0.0 through 7.4.3.4, and Liferay ...)
- TODO: check
+ NOT-FOR-US: Liferay
CVE-2025-36909 (Information disclosure)
- TODO: check
+ NOT-FOR-US: Google devices
CVE-2025-36908 (In lwis_top_register_io of lwis_device_top.c, there is a possible out ...)
- TODO: check
+ NOT-FOR-US: Google devices
CVE-2025-36907 (In draw_surface_image() of abl/android/lib/draw/draw.c, there is a pos ...)
- TODO: check
+ NOT-FOR-US: Google devices
CVE-2025-36906 (In ConvertReductionOp of darwinn_mlir_converter_aidl.cc, there is a po ...)
- TODO: check
+ NOT-FOR-US: Google devices
CVE-2025-36905 (In gxp_mapping_create of gxp_mapping.c, there is a possible privilege ...)
- TODO: check
+ NOT-FOR-US: Google devices
CVE-2025-36904 (N/A)
- TODO: check
+ NOT-FOR-US: Google devices
CVE-2025-36903 (In lwis_io_buffer_write, there is a possible OOB read/write due to imp ...)
- TODO: check
+ NOT-FOR-US: Google devices
CVE-2025-36902 (In syna_cdev_ioctl_store_pid() of syna_tcm2_sysfs.c, there is a possib ...)
- TODO: check
+ NOT-FOR-US: Google devices
CVE-2025-36901 (N/A)
- TODO: check
+ NOT-FOR-US: Google devices
CVE-2025-36900 (In lwis_test_register_io of lwis_device_test.c, there is a possible OO ...)
- TODO: check
+ NOT-FOR-US: Google devices
CVE-2025-36899 (There is a possible escalation of privilege due to test/debugging code ...)
- TODO: check
+ NOT-FOR-US: Google devices
CVE-2025-36898 (There is a possible escalation of privilege due to a logic error in th ...)
- TODO: check
+ NOT-FOR-US: Google devices
CVE-2025-36897 (In unknown of cd_CnMsgCodecUserApi.cpp, there is a possible out of bou ...)
- TODO: check
+ NOT-FOR-US: Google devices
CVE-2025-36896 (N/A)
- TODO: check
+ NOT-FOR-US: Google devices
CVE-2025-36895 (Information disclosure)
- TODO: check
+ NOT-FOR-US: Google devices
CVE-2025-36894 (In TBD of TBD, there is a possible DoS due to a missing null check. Th ...)
- TODO: check
+ NOT-FOR-US: Google devices
CVE-2025-36893 (In ReadTachyonCommands of gxp_main_actor.cc, there is a possible infor ...)
- TODO: check
+ NOT-FOR-US: Google devices
CVE-2025-36892 (Denial of service)
- TODO: check
+ NOT-FOR-US: Google devices
CVE-2025-36891 (Elevation of privilege)
- TODO: check
+ NOT-FOR-US: Google devices
CVE-2025-36890 (Elevation of Privilege)
- TODO: check
+ NOT-FOR-US: Google devices
CVE-2025-36887 (In wl_cfgscan_update_v3_schedscan_results() of wl_cfgscan.c, there is ...)
- TODO: check
+ NOT-FOR-US: Google devices
CVE-2025-2417 (Improper Restriction of Excessive Authentication Attempts vulnerabilit ...)
TODO: check
CVE-2024-56190 (In wl_update_hidden_ap_ie() of wl_cfgscan.c, there is a possible out o ...)
- TODO: check
+ NOT-FOR-US: Google devices
CVE-2024-56189 (In SAEMM_DiscloseMsId of SAEMM_RadioMessageCodec.c, there is a possibl ...)
- TODO: check
+ NOT-FOR-US: Google devices
CVE-2024-13071 (Improper Neutralization of Input During Web Page Generation (XSS or 'C ...)
TODO: check
CVE-2025-9959 (Incomplete validation of dunder attributes allows an attacker to escap ...)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/8e82841358af1ea88fad65594f264b17eeb24e7a
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/8e82841358af1ea88fad65594f264b17eeb24e7a
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20250904/47a2105e/attachment-0001.htm>
More information about the debian-security-tracker-commits
mailing list