Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
dca108f3 by security tracker role at 2025-04-30T20:14:00+00:00
automatic NOT-FOR-US entries update
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,41 +1,41 @@
CVE-2025-4136 (A vulnerability was found in Weitong Mall 1.0.0. It has been
classifie ...)
TODO: check
CVE-2025-4135 (A vulnerability was found in Netgear WG302v2 up to 5.2.9 and
classifie ...)
- TODO: check
+ NOT-FOR-US: Netgear
CVE-2025-4125 (Delta Electronics ISPSoft version 3.20 is vulnerable to
anOut-Of-Bound ...)
- TODO: check
+ NOT-FOR-US: Delta Electronics
CVE-2025-4124 (Delta Electronics ISPSoft version 3.20 is vulnerable to
anOut-Of-Bound ...)
- TODO: check
+ NOT-FOR-US: Delta Electronics
CVE-2025-4122 (A vulnerability was found in Netgear JWNR2000v2 1.0.0.11. It
has been ...)
- TODO: check
+ NOT-FOR-US: Netgear
CVE-2025-4121 (A vulnerability was found in Netgear JWNR2000v2 1.0.0.11. It
has been ...)
- TODO: check
+ NOT-FOR-US: Netgear
CVE-2025-4120 (A vulnerability was found in Netgear JWNR2000v2 1.0.0.11. It
has been ...)
- TODO: check
+ NOT-FOR-US: Netgear
CVE-2025-4119 (A vulnerability classified as critical was found in Weitong
Mall 1.0.0 ...)
TODO: check
CVE-2025-4118 (A vulnerability classified as critical has been found in
Weitong Mall ...)
TODO: check
CVE-2025-4117 (A vulnerability, which was classified as critical, was found in
Netgea ...)
- TODO: check
+ NOT-FOR-US: Netgear
CVE-2025-4116 (A vulnerability, which was classified as critical, has been
found in N ...)
- TODO: check
+ NOT-FOR-US: Netgear
CVE-2025-4115 (A vulnerability classified as critical was found in Netgear
JWNR2000v2 ...)
- TODO: check
+ NOT-FOR-US: Netgear
CVE-2025-4114 (A vulnerability classified as critical has been found in
Netgear JWNR2 ...)
- TODO: check
+ NOT-FOR-US: Netgear
CVE-2025-4113 (A vulnerability was found in PHPGurukul Curfew e-Pass
Management Syste ...)
- TODO: check
+ NOT-FOR-US: PHPGurukul
CVE-2025-4112 (A vulnerability was found in PHPGurukul Student Record System
3.20. It ...)
- TODO: check
+ NOT-FOR-US: PHPGurukul
CVE-2025-4111 (A vulnerability was found in PHPGurukul Pre-School Enrollment
System 1 ...)
- TODO: check
+ NOT-FOR-US: PHPGurukul
CVE-2025-4110 (A vulnerability was found in PHPGurukul Pre-School Enrollment
System 1 ...)
- TODO: check
+ NOT-FOR-US: PHPGurukul
CVE-2025-4109 (A vulnerability has been found in PHPGurukul Pre-School
Enrollment Sys ...)
- TODO: check
+ NOT-FOR-US: PHPGurukul
CVE-2025-4108 (A vulnerability, which was classified as critical, was found in
PHPGur ...)
- TODO: check
+ NOT-FOR-US: PHPGurukul
CVE-2025-46619 (A security issue has been discovered in Couchbase Server
before 7.6.4 ...)
TODO: check
CVE-2025-46558 (XWiki Contrib's Syntax Markdown allows importing Markdown
content into ...)
@@ -49,43 +49,43 @@ CVE-2025-46342 (Kyverno is a policy engine designed for
cloud native platform en
CVE-2025-46331 (OpenFGA is a high-performance and flexible
authorization/permission en ...)
TODO: check
CVE-2025-45021 (A SQL Injection vulnerability was identified in the
admin/edit-directo ...)
- TODO: check
+ NOT-FOR-US: PHPGurukul
CVE-2025-45020 (A SQL Injection vulnerability was discovered in the
normal-bwdates-rep ...)
- TODO: check
+ NOT-FOR-US: PHPGurukul
CVE-2025-45019 (A SQL injection vulnerability was discovered in
/add-foreigners-ticket ...)
- TODO: check
+ NOT-FOR-US: PHPGurukul
CVE-2025-45018 (A SQL Injection vulnerability was discovered in the
foreigner-bwdates- ...)
- TODO: check
+ NOT-FOR-US: PHPGurukul
CVE-2025-45017 (A SQL injection vulnerability was discovered in
edit-ticket.php of PHP ...)
- TODO: check
+ NOT-FOR-US: PHPGurukul
CVE-2025-45015 (A Cross-Site Scripting (XSS) vulnerability was discovered in
the forei ...)
- TODO: check
+ NOT-FOR-US: PHPGurukul
CVE-2025-45011 (A HTML Injection vulnerability was discovered in the
foreigner-search. ...)
- TODO: check
+ NOT-FOR-US: PHPGurukul
CVE-2025-45010 (A HTML Injection vulnerability was discovered in the
normal-bwdates-re ...)
- TODO: check
+ NOT-FOR-US: PHPGurukul
CVE-2025-45009 (A HTML Injection vulnerability was discovered in the
normal-search.php ...)
- TODO: check
+ NOT-FOR-US: PHPGurukul
CVE-2025-45007 (A Reflected Cross-Site Scripting (XSS) vulnerability was
discovered in ...)
- TODO: check
+ NOT-FOR-US: PHPGurukul
CVE-2025-44194 (SourceCodester Simple Barangay Management System v1.0 has a
SQL inject ...)
- TODO: check
+ NOT-FOR-US: SourceCodester
CVE-2025-44193 (SourceCodester Simple Barangay Management System v1.0 has a
SQL inject ...)
- TODO: check
+ NOT-FOR-US: SourceCodester
CVE-2025-44192 (SourceCodester Simple Barangay Management System v1.0 has a
SQL inject ...)
- TODO: check
+ NOT-FOR-US: SourceCodester
CVE-2025-3859 (Websites directing users to long URLs that caused eliding to
occur in ...)
TODO: check
CVE-2025-3599 (Symantec Endpoint Protection Windows Agent, running an ERASER
Engine p ...)
TODO: check
CVE-2025-3395 (Incorrect Permission Assignment for Critical Resource,
Cleartext Stora ...)
- TODO: check
+ NOT-FOR-US: ABB group
CVE-2025-3394 (Incorrect Permission Assignment for Critical Resource
vulnerability in ...)
- TODO: check
+ NOT-FOR-US: ABB group
CVE-2025-3269
REJECTED
CVE-2025-39413 (Missing Authorization vulnerability in David Gwyer Simple
Sitemap \u20 ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-33074 (Improper verification of cryptographic signature in Microsoft
Azure Fu ...)
TODO: check
CVE-2025-32974 (XWiki is a generic wiki platform. In versions starting from
15.9-rc-1 ...)
@@ -111,9 +111,9 @@ CVE-2025-30390 (Improper authorization in Azure allows an
authorized attacker to
CVE-2025-30389 (Improper authorization in Azure Bot Framework SDK allows an
unauthoriz ...)
TODO: check
CVE-2025-2890 (The tagDiv Opt-In Builder plugin for WordPress is vulnerable to
time-b ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-2170 (A Server-side request forgery (SSRF) vulnerability has been
identified ...)
- TODO: check
+ NOT-FOR-US: SonicWall
CVE-2025-2156
REJECTED
CVE-2025-2082 (Tesla Model 3 VCSEC Integer Overflow Remote Code Execution
Vulnerabili ...)
@@ -157,13 +157,13 @@ CVE-2025-24339 (A vulnerability in the web application of
ctrlX OS allows a remo
CVE-2025-24338 (A vulnerability in the \u201cManages app data\u201d
functionality of t ...)
TODO: check
CVE-2025-24091 (An app could impersonate system notifications. Sensitive
notifications ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2025-21416 (Missing authorization in Azure Virtual Desktop allows an
authorized at ...)
TODO: check
CVE-2024-9877 (: Use of GET Request Method With Sensitive Query Strings
vulnerability ...)
- TODO: check
+ NOT-FOR-US: ABB group
CVE-2024-9876 (: Modification of Assumed-Immutable Data (MAID) vulnerability
in ABB A ...)
- TODO: check
+ NOT-FOR-US: ABB group
CVE-2024-6032 (Tesla Model S Iris Modem ql_atfwd Command Injection Code
Execution Vul ...)
TODO: check
CVE-2024-6031 (Tesla Model S oFono AT Command Heap-based Buffer Overflow Code
Executi ...)
@@ -173,7 +173,7 @@ CVE-2024-6030 (Tesla Model S oFono Unnecessary Privileges
Sandbox Escape Vulnera
CVE-2024-6029 (Tesla Model S Iris Modem Race Condition Firewall Bypass
Vulnerability. ...)
TODO: check
CVE-2024-47784 (Unverified Password Change for ANC software that allows an
authenticat ...)
- TODO: check
+ NOT-FOR-US: ABB group
CVE-2024-13943 (Tesla Model S Iris Modem QCMAP_ConnectionManager Improper
Input Valida ...)
TODO: check
CVE-2025-4096
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/dca108f3dc4c68528d9de6c304e2077b9c614667
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/dca108f3dc4c68528d9de6c304e2077b9c614667
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
