[Git][security-tracker-team/security-tracker][master] automatic NOT-FOR-US entries update
Salvatore Bonaccorso (@carnil)
carnil at debian.org
Wed Sep 17 21:42:34 BST 2025
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
2e95fee6 by security tracker role at 2025-09-17T20:42:26+00:00
automatic NOT-FOR-US entries update
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,7 +1,7 @@
CVE-2025-9862 (Server-Side Request Forgery (SSRF) vulnerability in Ghost allows an at ...)
TODO: check
CVE-2025-8999 (The Sydney theme for WordPress is vulnerable to unauthorized modificat ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-8463 (Authorization Bypass Through User-Controlled Key vulnerability in Nebu ...)
TODO: check
CVE-2025-8411 (Improper Neutralization of Input During Web Page Generation (XSS or 'C ...)
@@ -9,19 +9,19 @@ CVE-2025-8411 (Improper Neutralization of Input During Web Page Generation (XSS
CVE-2025-8077 (A vulnerability exists in NeuVector versions up to and including 5.4.5 ...)
TODO: check
CVE-2025-59476 (Jenkins 2.527 and earlier, LTS 2.516.2 and earlier does not restrict o ...)
- TODO: check
+ NOT-FOR-US: Jenkins (core or plugin)
CVE-2025-59475 (Jenkins 2.527 and earlier, LTS 2.516.2 and earlier does not perform a ...)
- TODO: check
+ NOT-FOR-US: Jenkins (core or plugin)
CVE-2025-59474 (Jenkins 2.527 and earlier, LTS 2.516.2 and earlier does not perform a ...)
- TODO: check
+ NOT-FOR-US: Jenkins (core or plugin)
CVE-2025-59458 (In JetBrains Junie before 252.284.66, 251.284.66, 243.284.66, 252.284. ...)
- TODO: check
+ NOT-FOR-US: JetBrains
CVE-2025-59457 (In JetBrains TeamCity before 2025.07.2 missing Git URL validation allo ...)
- TODO: check
+ NOT-FOR-US: JetBrains
CVE-2025-59456 (In JetBrains TeamCity before 2025.07.2 path traversal was possible dur ...)
- TODO: check
+ NOT-FOR-US: JetBrains
CVE-2025-59455 (In JetBrains TeamCity before 2025.07.2 project isolation bypass was po ...)
- TODO: check
+ NOT-FOR-US: JetBrains
CVE-2025-59416 (The Scratch Channel is a news website. If the user makes a fork, they ...)
TODO: check
CVE-2025-59414 (Nuxt is an open-source web development framework for Vue.js. Prior to ...)
@@ -75,13 +75,13 @@ CVE-2025-55904 (Open5GS v2.7.5, prior to commit 67ba7f92bbd7a378954895d96d9d7b05
CVE-2025-54467 (When a Java command with password parameters is executed and terminate ...)
TODO: check
CVE-2025-54390 (A Cross-Site Request Forgery (CSRF) vulnerability exists in the ResetP ...)
- TODO: check
+ NOT-FOR-US: Zimbra
CVE-2025-53884 (NeuVector stores user passwords and API keys using a simple, unsalted ...)
TODO: check
CVE-2025-50709 (An issue in Perplexity AI GPT-4 allows a remote attacker to obtain sen ...)
TODO: check
CVE-2025-37122 (A vulnerability in the web-based management interface of network acces ...)
- TODO: check
+ NOT-FOR-US: HPE
CVE-2025-35436 (CISA Thorium uses '.unwrap()' to handle errors related to account veri ...)
TODO: check
CVE-2025-35435 (CISA Thorium accepts a stream split size of zero then divides by this ...)
@@ -99,51 +99,51 @@ CVE-2025-35430 (CISA Thorium does not adequately validate the paths of downloade
CVE-2025-10615 (A vulnerability was identified in itsourcecode E-Commerce Website 1.0. ...)
TODO: check
CVE-2025-10614 (A vulnerability was determined in itsourcecode E-Logbook with Health M ...)
- TODO: check
+ NOT-FOR-US: itsourcecode System
CVE-2025-10613 (A vulnerability has been found in itsourcecode Student Information Sys ...)
- TODO: check
+ NOT-FOR-US: itsourcecode System
CVE-2025-10608 (A vulnerability was detected in Portabilis i-Educar up to 2.10. The af ...)
- TODO: check
+ NOT-FOR-US: Portabilis
CVE-2025-10607 (A security vulnerability has been detected in Portabilis i-Educar up t ...)
- TODO: check
+ NOT-FOR-US: Portabilis
CVE-2025-10606 (A weakness has been identified in Portabilis i-Educar up to 2.10. This ...)
- TODO: check
+ NOT-FOR-US: Portabilis
CVE-2025-10605 (A security flaw has been discovered in Portabilis i-Educar up to 2.10. ...)
- TODO: check
+ NOT-FOR-US: Portabilis
CVE-2025-10604 (A vulnerability was identified in PHPGurukul Online Discussion Forum 1 ...)
- TODO: check
+ NOT-FOR-US: PHPGurukul
CVE-2025-10603 (A vulnerability was determined in PHPGurukul Online Discussion Forum 1 ...)
- TODO: check
+ NOT-FOR-US: PHPGurukul
CVE-2025-10602 (A vulnerability was found in SourceCodester Online Exam Form Submissio ...)
- TODO: check
+ NOT-FOR-US: SourceCodester
CVE-2025-10601 (A vulnerability has been found in SourceCodester Online Exam Form Subm ...)
- TODO: check
+ NOT-FOR-US: SourceCodester
CVE-2025-10600 (A flaw has been found in SourceCodester Online Exam Form Submission 1. ...)
- TODO: check
+ NOT-FOR-US: SourceCodester
CVE-2025-10599 (A security flaw has been discovered in itsourcecode Web-Based Internet ...)
- TODO: check
+ NOT-FOR-US: itsourcecode System
CVE-2025-10598 (A vulnerability was identified in SourceCodester Pet Grooming Manageme ...)
- TODO: check
+ NOT-FOR-US: SourceCodester
CVE-2025-10597 (A vulnerability was determined in kidaze CourseSelectionSystem up to 4 ...)
TODO: check
CVE-2025-10596 (A vulnerability was found in SourceCodester Online Exam Form Submissio ...)
- TODO: check
+ NOT-FOR-US: SourceCodester
CVE-2025-10595 (A vulnerability has been found in SourceCodester Online Student File M ...)
- TODO: check
+ NOT-FOR-US: SourceCodester
CVE-2025-10594 (A flaw has been found in SourceCodester Online Student File Management ...)
- TODO: check
+ NOT-FOR-US: SourceCodester
CVE-2025-10593 (A vulnerability was detected in SourceCodester Online Student File Man ...)
- TODO: check
+ NOT-FOR-US: SourceCodester
CVE-2025-10592 (A security vulnerability has been detected in itsourcecode Online Publ ...)
TODO: check
CVE-2025-10591 (A weakness has been identified in Portabilis i-Educar up to 2.10. This ...)
- TODO: check
+ NOT-FOR-US: Portabilis
CVE-2025-10590 (A security flaw has been discovered in Portabilis i-Educar up to 2.10. ...)
- TODO: check
+ NOT-FOR-US: Portabilis
CVE-2025-10439 (Improper Neutralization of Special Elements used in an SQL Command ('S ...)
TODO: check
CVE-2025-10205 (Use of a One-Way Hash with a Predictable Salt vulnerability in ABB FLX ...)
- TODO: check
+ NOT-FOR-US: ABB group
CVE-2025-10157 (A Protection Mechanism Failure vulnerability in mmaitre314 picklescan ...)
TODO: check
CVE-2025-10156 (An Improper Handling of Exceptional Conditions vulnerability in the ZI ...)
@@ -159,7 +159,7 @@ CVE-2025-0420 (Improper Neutralization of Input During Web Page Generation (XSS
CVE-2025-0419 (Improper Neutralization of Input During Web Page Generation (XSS or 'C ...)
TODO: check
CVE-2024-48842 (Use of Hard-coded Credentials vulnerability in ABB FLXEON.This issue a ...)
- TODO: check
+ NOT-FOR-US: ABB group
CVE-2023-53368 (In the Linux kernel, the following vulnerability has been resolved: t ...)
- linux 6.5.3-1
[bookworm] - linux 6.1.55-1
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/2e95fee663db6f8fe394653c19a3481895bc363e
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/2e95fee663db6f8fe394653c19a3481895bc363e
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20250917/25a825b2/attachment.htm>
More information about the debian-security-tracker-commits
mailing list