Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
a8687338 by security tracker role at 2025-05-09T20:13:19+00:00
automatic NOT-FOR-US entries update
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,41 +1,41 @@
CVE-2025-4488 (A vulnerability was found in itsourcecode Gym Management System
1.0. I ...)
- TODO: check
+ NOT-FOR-US: itsourcecode System
CVE-2025-4487 (A vulnerability was found in itsourcecode Gym Management System
1.0. I ...)
- TODO: check
+ NOT-FOR-US: itsourcecode System
CVE-2025-4486 (A vulnerability was found in itsourcecode Gym Management System
1.0 an ...)
- TODO: check
+ NOT-FOR-US: itsourcecode System
CVE-2025-4485 (A vulnerability has been found in itsourcecode Gym Management
System 1 ...)
- TODO: check
+ NOT-FOR-US: itsourcecode System
CVE-2025-4484 (A vulnerability, which was classified as critical, was found in
itsour ...)
- TODO: check
+ NOT-FOR-US: itsourcecode System
CVE-2025-4483 (A vulnerability, which was classified as critical, has been
found in i ...)
- TODO: check
+ NOT-FOR-US: itsourcecode System
CVE-2025-4482 (A vulnerability classified as critical was found in Project
Worlds Stu ...)
- TODO: check
+ NOT-FOR-US: Project Worlds
CVE-2025-4481 (A vulnerability was found in SourceCodester Apartment Visitor
Manageme ...)
- TODO: check
+ NOT-FOR-US: SourceCodester
CVE-2025-4480 (A vulnerability was found in code-projects Simple College
Management S ...)
- TODO: check
+ NOT-FOR-US: code-projects
CVE-2025-4472 (A vulnerability was found in code-projects Departmental Store
Manageme ...)
- TODO: check
+ NOT-FOR-US: code-projects
CVE-2025-4471 (A vulnerability, which was classified as critical, has been
found in c ...)
- TODO: check
+ NOT-FOR-US: code-projects
CVE-2025-4470 (A vulnerability classified as problematic was found in
SourceCodester ...)
- TODO: check
+ NOT-FOR-US: SourceCodester
CVE-2025-4469 (A vulnerability classified as problematic has been found in
SourceCode ...)
- TODO: check
+ NOT-FOR-US: SourceCodester
CVE-2025-4468 (A vulnerability was found in SourceCodester Online Student
Clearance S ...)
- TODO: check
+ NOT-FOR-US: SourceCodester
CVE-2025-4467 (A vulnerability was found in SourceCodester Online Student
Clearance S ...)
- TODO: check
+ NOT-FOR-US: SourceCodester
CVE-2025-4466 (A vulnerability was found in itsourcecode Gym Management System
1.0. I ...)
- TODO: check
+ NOT-FOR-US: itsourcecode System
CVE-2025-4465 (A vulnerability was found in itsourcecode Gym Management System
1.0 an ...)
- TODO: check
+ NOT-FOR-US: itsourcecode System
CVE-2025-4464 (A vulnerability has been found in itsourcecode Gym Management
System 1 ...)
- TODO: check
+ NOT-FOR-US: itsourcecode System
CVE-2025-4463 (A vulnerability, which was classified as critical, was found in
itsour ...)
- TODO: check
+ NOT-FOR-US: itsourcecode System
CVE-2025-4462 (A vulnerability, which was classified as critical, has been
found in T ...)
TODO: check
CVE-2025-4461 (A vulnerability classified as problematic was found in TOTOLINK
N150RT ...)
@@ -43,9 +43,9 @@ CVE-2025-4461 (A vulnerability classified as problematic was
found in TOTOLINK N
CVE-2025-4460 (A vulnerability classified as problematic has been found in
TOTOLINK N ...)
TODO: check
CVE-2025-4459 (A vulnerability was found in code-projects Patient Record
Management S ...)
- TODO: check
+ NOT-FOR-US: code-projects
CVE-2025-4458 (A vulnerability was found in code-projects Patient Record
Management S ...)
- TODO: check
+ NOT-FOR-US: code-projects
CVE-2025-4457 (A vulnerability classified as critical was found in Project
Worlds Car ...)
TODO: check
CVE-2025-4456 (A vulnerability classified as critical has been found in
Project World ...)
@@ -53,35 +53,35 @@ CVE-2025-4456 (A vulnerability classified as critical has
been found in Project
CVE-2025-4455 (A vulnerability was found in Patch My PC Home Updater up to
5.1.3.0. I ...)
TODO: check
CVE-2025-4454 (A vulnerability was found in D-Link DIR-619L 2.04B04. It has
been decl ...)
- TODO: check
+ NOT-FOR-US: D-Link
CVE-2025-4453 (A vulnerability was found in D-Link DIR-619L 2.04B04. It has
been clas ...)
- TODO: check
+ NOT-FOR-US: D-Link
CVE-2025-4452 (A vulnerability was found in D-Link DIR-619L 2.04B04 and
classified as ...)
- TODO: check
+ NOT-FOR-US: D-Link
CVE-2025-4451 (A vulnerability has been found in D-Link DIR-619L 2.04B04 and
classifi ...)
- TODO: check
+ NOT-FOR-US: D-Link
CVE-2025-4450 (A vulnerability, which was classified as critical, was found in
D-Link ...)
- TODO: check
+ NOT-FOR-US: D-Link
CVE-2025-4449 (A vulnerability, which was classified as critical, has been
found in D ...)
- TODO: check
+ NOT-FOR-US: D-Link
CVE-2025-4448 (A vulnerability classified as critical was found in D-Link
DIR-619L 2. ...)
- TODO: check
+ NOT-FOR-US: D-Link
CVE-2025-4446 (A vulnerability has been found in H3C GR-5400AX up to 100R008
and clas ...)
TODO: check
CVE-2025-4445 (A vulnerability classified as critical has been found in D-Link
DIR-60 ...)
- TODO: check
+ NOT-FOR-US: D-Link
CVE-2025-4443 (A vulnerability was found in D-Link DIR-605L 2.13B01. It has
been rate ...)
- TODO: check
+ NOT-FOR-US: D-Link
CVE-2025-4442 (A vulnerability was found in D-Link DIR-605L 2.13B01. It has
been decl ...)
- TODO: check
+ NOT-FOR-US: D-Link
CVE-2025-4441 (A vulnerability was found in D-Link DIR-605L 2.13B01. It has
been clas ...)
- TODO: check
+ NOT-FOR-US: D-Link
CVE-2025-4440 (A vulnerability was found in H3C GR-1800AX up to 100R008 and
classifie ...)
TODO: check
CVE-2025-4434 (The Remote Images Grabber plugin for WordPress is vulnerable to
Reflec ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-4403 (The Drag and Drop Multiple File Upload for WooCommerce plugin
for Word ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-4382 (A flaw was found in systems utilizing LUKS-encrypted disks with
GRUB c ...)
TODO: check
CVE-2025-4377 (Improper Limitation of a Pathname caused a Path Traversal
vulnerabilit ...)
@@ -91,7 +91,7 @@ CVE-2025-4376 (Improper Input Validation vulnerability in
Sparx Systems Pro Clou
CVE-2025-4375 (Cross-Site Request Forgery (CSRF) vulnerability in Sparx
Systems Pro C ...)
TODO: check
CVE-2025-4206 (The WordPress CRM, Email & Marketing Automation for WordPress |
Award ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-4107
REJECTED
CVE-2025-47737 (lib.rs in the trailer crate through 0.1.2 for Rust mishandles
allocati ...)
@@ -103,35 +103,35 @@ CVE-2025-47735 (inner::drop in inner.rs in the wgp crate
through 0.2.0 for Rust
CVE-2025-47733 (Server-Side Request Forgery (SSRF) in Microsoft Power Apps
allows an u ...)
TODO: check
CVE-2025-47732 (Microsoft Dataverse Remote Code Execution Vulnerability)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2025-46392 (Uncontrolled Resource Consumption vulnerability in Apache
Commons Conf ...)
TODO: check
CVE-2025-46193 (SourceCodester Client Database Management System 1.0 is
vulnerable to ...)
- TODO: check
+ NOT-FOR-US: SourceCodester
CVE-2025-46192 (SourceCodester Client Database Management System 1.0 is
vulnerable to ...)
- TODO: check
+ NOT-FOR-US: SourceCodester
CVE-2025-46191 (Arbitrary File Upload in user_payment_update.php in
SourceCodester Cli ...)
- TODO: check
+ NOT-FOR-US: SourceCodester
CVE-2025-46190 (SourceCodester Client Database Management System 1.0 is
vulnerable to ...)
- TODO: check
+ NOT-FOR-US: SourceCodester
CVE-2025-46189 (SourceCodester Client Database Management System 1.0 is
vulnerable to ...)
- TODO: check
+ NOT-FOR-US: SourceCodester
CVE-2025-46188 (SourceCodester Client Database Management System 1.0 is
vulnerable to ...)
- TODO: check
+ NOT-FOR-US: SourceCodester
CVE-2025-45887 (Yifang CMS v2.0.2 is vulnerable to Server-Side Request Forgery
(SSRF) ...)
TODO: check
CVE-2025-45885 (PHPGURUKUL Vehicle Parking Management System v1.13 is
vulnerable to SQ ...)
- TODO: check
+ NOT-FOR-US: PHPGurukul
CVE-2025-45513 (Tenda FH451 V1.0.0.9 has a stack overflow vulnerability in the
functio ...)
- TODO: check
+ NOT-FOR-US: Tenda
CVE-2025-3949 (The Website Builder by SeedProd \u2014 Theme Builder, Landing
Page Bui ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-3897 (The EUCookieLaw plugin for WordPress is vulnerable to Arbitrary
File R ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-3811 (The WPBookit plugin for WordPress is vulnerable to privilege
escalatio ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-3810 (The WPBookit plugin for WordPress is vulnerable to privilege
escalatio ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-3714 (The LCD KVM over IP Switch CL5708IM has a Stack-based Buffer
Overflow ...)
TODO: check
CVE-2025-3713 (The LCD KVM over IP Switch CL5708IM has a Heap-based Buffer
Overflow v ...)
@@ -143,13 +143,13 @@ CVE-2025-3711 (The LCD KVM over IP Switch CL5708IM has a
Stack-based Buffer Over
CVE-2025-3710 (The LCD KVM over IP Switch CL5708IM has a Stack-based Buffer
Overflow ...)
TODO: check
CVE-2025-3605 (The Frontend Login and Registration Blocks plugin for WordPress
is vul ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-3463 ("This issue is limited to motherboards and does not affect
laptops, de ...)
- TODO: check
+ NOT-FOR-US: ASUS
CVE-2025-3462 ("This issue is limited to motherboards and does not affect
laptops, de ...)
- TODO: check
+ NOT-FOR-US: ASUS
CVE-2025-3455 (The 1 Click WordPress Migration Plugin \u2013 100% FREE for a
limited ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-37889 (In the Linux kernel, the following vulnerability has been
resolved: P ...)
TODO: check
CVE-2025-33072 (Improper access control in Azure allows an unauthorized
attacker to di ...)
@@ -157,7 +157,7 @@ CVE-2025-33072 (Improper access control in Azure allows an
unauthorized attacker
CVE-2025-31946 (Pixmeo OsiriX MD is vulnerable to a local use after free
scenario, wh ...)
TODO: check
CVE-2025-2253 (The IMITHEMES Listing plugin is vulnerable to privilege
escalation via ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-29972 (Server-Side Request Forgery (SSRF) in Azure allows an
authorized attac ...)
TODO: check
CVE-2025-29827 (Improper Authorization in Azure Automation allows an
authorized attack ...)
@@ -181,13 +181,13 @@ CVE-2025-27720 (The Pixmeo Osirix MD Web Portal sends
credential information wit
CVE-2025-27578 (Pixmeo OsiriX MD is vulnerable to a use after free scenario,
which cou ...)
TODO: check
CVE-2025-1993 (IBM App Connect Enterprise Certified Container 8.1, 8.2, 9.0,
9.1, 9.2 ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2025-1331 (IBM CICS TX Standard 11.1 and IBM CICS TX Advanced 10.1 and
11.1could ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2025-1330 (IBM CICS TX Standard 11.1 and IBM CICS TX Advanced 10.1 and
11.1 could ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2025-1329 (IBM CICS TX Standard 11.1 and IBM CICS TX Advanced 10.1 and
11.1 could ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2025-1087 (Kong Insomnia Desktop Application before 11.0.2 contains a
template in ...)
TODO: check
CVE-2024-9524 (Link Following Local Privilege Escalation Vulnerability in
System Spee ...)
@@ -209,7 +209,7 @@ CVE-2024-12442 (EnerSys AMPA versions 24.04 through 24.16,
inclusive, are vulner
CVE-2024-11861 (EnerSys AMPA 22.09 and prior versions are vulnerable to
command inject ...)
TODO: check
CVE-2024-11617 (The Envolve Plugin plugin for WordPress is vulnerable to
arbitrary fil ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-31585 (Grocery-CMS-PHP-Restful-API v1.3 is vulnerable to File Upload
via /adm ...)
TODO: check
CVE-2025-37888 (In the Linux kernel, the following vulnerability has been
resolved: n ...)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/a868733860c53f5527d5ab81b8699c267a3c84b2
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/a868733860c53f5527d5ab81b8699c267a3c84b2
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
