Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
83fb2f32 by Salvatore Bonaccorso at 2025-04-16T22:25:07+02:00
Process some more NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -13,13 +13,13 @@ CVE-2025-3734 (Allocation of Resources Without Limits or
Throttling vulnerabilit
CVE-2025-3733 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
NOT-FOR-US: Drupal core and addons
CVE-2025-3726 (A vulnerability was found in PCMan FTP Server 2.0.7. It has
been rated ...)
- TODO: check
+ NOT-FOR-US: PCMan FTP Server
CVE-2025-3725 (A vulnerability was found in PCMan FTP Server 2.0.7. It has
been decla ...)
- TODO: check
+ NOT-FOR-US: PCMan FTP Server
CVE-2025-3724 (A vulnerability was found in PCMan FTP Server 2.0.7. It has
been class ...)
- TODO: check
+ NOT-FOR-US: PCMan FTP Server
CVE-2025-3723 (A vulnerability was found in PCMan FTP Server 2.0.7 and
classified as ...)
- TODO: check
+ NOT-FOR-US: PCMan FTP Server
CVE-2025-3697 (A vulnerability, which was classified as critical, has been
found in S ...)
NOT-FOR-US: SourceCodester
CVE-2025-3696 (A vulnerability classified as critical was found in
SourceCodester Web ...)
@@ -31,33 +31,33 @@ CVE-2025-3693 (A vulnerability was found in Tenda W12
3.0.0.5. It has been rated
CVE-2025-3692 (A vulnerability was found in SourceCodester Online Eyewear Shop
1.0. I ...)
NOT-FOR-US: SourceCodester
CVE-2025-3691 (A vulnerability was found in mirweiye Seven Bears Library CMS
2023. It ...)
- TODO: check
+ NOT-FOR-US: mirweiye Seven Bears Library CMS
CVE-2025-3690 (A vulnerability was found in PHPGurukul Men Salon Management
System 1. ...)
NOT-FOR-US: PHPGurukul
CVE-2025-3689 (A vulnerability has been found in PHPGurukul Men Salon
Management Syst ...)
NOT-FOR-US: PHPGurukul
CVE-2025-3688 (A vulnerability, which was classified as problematic, was found
in mir ...)
- TODO: check
+ NOT-FOR-US: mirweiye Seven Bears Library CMS
CVE-2025-3687 (A vulnerability, which was classified as problematic, has been
found i ...)
- TODO: check
+ NOT-FOR-US: misstt123 oasys
CVE-2025-3686 (A vulnerability classified as problematic was found in
misstt123 oasys ...)
- TODO: check
+ NOT-FOR-US: misstt123 oasys
CVE-2025-3685 (A vulnerability classified as critical has been found in
code-projects ...)
NOT-FOR-US: code-projects
CVE-2025-3684 (A vulnerability was found in Xianqi Kindergarten Management
System 2.0 ...)
- TODO: check
+ NOT-FOR-US: Xianqi Kindergarten Management System
CVE-2025-3683 (A vulnerability was found in PCMan FTP Server 2.0.7. It has
been decla ...)
- TODO: check
+ NOT-FOR-US: PCMan FTP Server
CVE-2025-3682 (A vulnerability was found in PCMan FTP Server 2.0.7. It has
been class ...)
- TODO: check
+ NOT-FOR-US: PCMan FTP Server
CVE-2025-3681 (A vulnerability was found in PCMan FTP Server 2.0.7 and
classified as ...)
- TODO: check
+ NOT-FOR-US: PCMan FTP Server
CVE-2025-3680 (A vulnerability has been found in PCMan FTP Server 2.0.7 and
classifie ...)
- TODO: check
+ NOT-FOR-US: PCMan FTP Server
CVE-2025-3679 (A vulnerability, which was classified as critical, was found in
PCMan ...)
- TODO: check
+ NOT-FOR-US: PCMan FTP Server
CVE-2025-3678 (A vulnerability, which was classified as critical, has been
found in P ...)
- TODO: check
+ NOT-FOR-US: PCMan FTP Server
CVE-2025-3677 (A vulnerability classified as critical was found in lm-sys
fastchat up ...)
TODO: check
CVE-2025-3104 (The WP STAGING Pro WordPress Backup Plugin for WordPress is
vulnerable ...)
@@ -67,59 +67,59 @@ CVE-2025-39602 (Missing Authorization vulnerability in WC
Product Table WooComme
CVE-2025-39601 (Cross-Site Request Forgery (CSRF) vulnerability in WPFactory
Custom CS ...)
NOT-FOR-US: WordPress plugin or theme
CVE-2025-39600 (Cross-Site Request Forgery (CSRF) vulnerability in CRM Perks
Integrati ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-39599 (URL Redirection to Untrusted Site ('Open Redirect')
vulnerability in W ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-39598 (Path Traversal vulnerability in Qu\xfd L\xea 91 Administrator
Z allows ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-39597 (URL Redirection to Untrusted Site ('Open Redirect')
vulnerability in A ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-39593 (Cross-Site Request Forgery (CSRF) vulnerability in
EverAccounting Ever ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-39592 (Improper Control of Filename for Include/Require Statement in
PHP Prog ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-39591 (Missing Authorization vulnerability in WP Shuffle WP
Subscription Form ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-39590 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-39589 (Exposure of Sensitive System Information to an Unauthorized
Control Sp ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-39585 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-39584 (Improper Control of Filename for Include/Require Statement in
PHP Prog ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-39582 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-39581 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-39579 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-39578 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-39577 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-39576 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-39575 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-39574 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-39573 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-39572 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-39571 (Missing Authorization vulnerability in WPXPO WowStore allows
Exploitin ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-39570 (Improper Control of Filename for Include/Require Statement in
PHP Prog ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-39566 (Improper Neutralization of Special Elements used in an SQL
Command ('S ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-39565 (Deserialization of Untrusted Data vulnerability in Melapress
MelaPress ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-39564 (Cross-Site Request Forgery (CSRF) vulnerability in WP Trio
Conditional ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-39563 (Cross-Site Request Forgery (CSRF) vulnerability in WP Trio
Conditional ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-39560 (Missing Authorization vulnerability in Shahjada Live Forms
allows Expl ...)
NOT-FOR-US: WordPress plugin or theme
CVE-2025-39557 (Unrestricted Upload of File with Dangerous Type vulnerability
in Ben R ...)
@@ -129,17 +129,17 @@ CVE-2025-39556 (Exposure of Sensitive System Information
to an Unauthorized Cont
CVE-2025-39555 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
NOT-FOR-US: WordPress plugin or theme
CVE-2025-39552 (Missing Authorization vulnerability in Dylan James Zephyr
Project Mana ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-39549 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-39548 (Cross-Site Request Forgery (CSRF) vulnerability in A WP Life
Right Cli ...)
NOT-FOR-US: WordPress plugin or theme
CVE-2025-39547 (Cross-Site Request Forgery (CSRF) vulnerability in Toast
Plugins Inter ...)
NOT-FOR-US: WordPress plugin or theme
CVE-2025-39546 (Cross-Site Request Forgery (CSRF) vulnerability in quomodosoft
Element ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-39545 (Missing Authorization vulnerability in miniOrange WordPress
REST API A ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-39544 (Cross-Site Request Forgery (CSRF) vulnerability in Bill
Minozzi WP Too ...)
NOT-FOR-US: WordPress plugin or theme
CVE-2025-39543 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
@@ -147,37 +147,37 @@ CVE-2025-39543 (Improper Neutralization of Input During
Web Page Generation ('Cr
CVE-2025-39540 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
NOT-FOR-US: WordPress plugin or theme
CVE-2025-39538 (Unrestricted Upload of File with Dangerous Type vulnerability
in Mathi ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-39531 (Missing Authorization vulnerability in slazzercom Slazzer
Background C ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-39530 (Cross-Site Request Forgery (CSRF) vulnerability in dsky Site
Search 36 ...)
NOT-FOR-US: WordPress plugin or theme
CVE-2025-39529 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-39528 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
NOT-FOR-US: WordPress plugin or theme
CVE-2025-39525 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-39524 (Improper Neutralization of Script-Related HTML Tags in a Web
Page (Bas ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-39522 (Missing Authorization vulnerability in Sebastian Lee Dynamic
Post allo ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-39520 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-39518 (Improper Neutralization of Special Elements used in an SQL
Command ('S ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-39517 (Cross-Site Request Forgery (CSRF) vulnerability in WP Map
Plugins Basi ...)
NOT-FOR-US: WordPress plugin or theme
CVE-2025-39516 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-39515 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-39514 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-39513 (Missing Authorization vulnerability in ActiveDEMAND Online
Agency Mark ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-39512 (Cross-Site Request Forgery (CSRF) vulnerability in Yuya
Hoshino Bulk T ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-39472 (Cross-Site Request Forgery (CSRF) vulnerability in WPWeb
WooCommerce S ...)
NOT-FOR-US: WordPress plugin or theme
CVE-2025-32872 (A vulnerability has been identified in TeleControl Server
Basic (All v ...)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/83fb2f329d8ac26b4dc99aaeafd76f4fc8b243a2
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/83fb2f329d8ac26b4dc99aaeafd76f4fc8b243a2
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
