[Git][security-tracker-team/security-tracker][master] Process NFUs

Salvatore Bonaccorso (@carnil) Fri, 09 May 2025 13:47:29 -0700


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker



Commits:
2c0e5990 by Salvatore Bonaccorso at 2025-05-09T22:46:10+02:00
Process NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -37,11 +37,11 @@ CVE-2025-4464 (A vulnerability has been found in 
itsourcecode Gym Management Sys
 CVE-2025-4463 (A vulnerability, which was classified as critical, was found in 
itsour ...)
        NOT-FOR-US: itsourcecode System
 CVE-2025-4462 (A vulnerability, which was classified as critical, has been 
found in T ...)
-       TODO: check
+       NOT-FOR-US: TOTOLINK
 CVE-2025-4461 (A vulnerability classified as problematic was found in TOTOLINK 
N150RT ...)
-       TODO: check
+       NOT-FOR-US: TOTOLINK
 CVE-2025-4460 (A vulnerability classified as problematic has been found in 
TOTOLINK N ...)
-       TODO: check
+       NOT-FOR-US: TOTOLINK
 CVE-2025-4459 (A vulnerability was found in code-projects Patient Record 
Management S ...)
        NOT-FOR-US: code-projects
 CVE-2025-4458 (A vulnerability was found in code-projects Patient Record 
Management S ...)
@@ -51,7 +51,7 @@ CVE-2025-4457 (A vulnerability classified as critical was 
found in Project World
 CVE-2025-4456 (A vulnerability classified as critical has been found in 
Project World ...)
        TODO: check
 CVE-2025-4455 (A vulnerability was found in Patch My PC Home Updater up to 
5.1.3.0. I ...)
-       TODO: check
+       NOT-FOR-US: Patch My PC Home Updater
 CVE-2025-4454 (A vulnerability was found in D-Link DIR-619L 2.04B04. It has 
been decl ...)
        NOT-FOR-US: D-Link
 CVE-2025-4453 (A vulnerability was found in D-Link DIR-619L 2.04B04. It has 
been clas ...)
@@ -67,7 +67,7 @@ CVE-2025-4449 (A vulnerability, which was classified as 
critical, has been found
 CVE-2025-4448 (A vulnerability classified as critical was found in D-Link 
DIR-619L 2. ...)
        NOT-FOR-US: D-Link
 CVE-2025-4446 (A vulnerability has been found in H3C GR-5400AX up to 100R008 
and clas ...)
-       TODO: check
+       NOT-FOR-US: H3C
 CVE-2025-4445 (A vulnerability classified as critical has been found in D-Link 
DIR-60 ...)
        NOT-FOR-US: D-Link
 CVE-2025-4443 (A vulnerability was found in D-Link DIR-605L 2.13B01. It has 
been rate ...)
@@ -77,7 +77,7 @@ CVE-2025-4442 (A vulnerability was found in D-Link DIR-605L 
2.13B01. It has been
 CVE-2025-4441 (A vulnerability was found in D-Link DIR-605L 2.13B01. It has 
been clas ...)
        NOT-FOR-US: D-Link
 CVE-2025-4440 (A vulnerability was found in H3C GR-1800AX up to 100R008 and 
classifie ...)
-       TODO: check
+       NOT-FOR-US: H3C
 CVE-2025-4434 (The Remote Images Grabber plugin for WordPress is vulnerable to 
Reflec ...)
        NOT-FOR-US: WordPress plugin
 CVE-2025-4403 (The Drag and Drop Multiple File Upload for WooCommerce plugin 
for Word ...)
@@ -85,11 +85,11 @@ CVE-2025-4403 (The Drag and Drop Multiple File Upload for 
WooCommerce plugin for
 CVE-2025-4382 (A flaw was found in systems utilizing LUKS-encrypted disks with 
GRUB c ...)
        TODO: check
 CVE-2025-4377 (Improper Limitation of a Pathname caused a Path Traversal 
vulnerabilit ...)
-       TODO: check
+       NOT-FOR-US: Sparx Systems Pro Cloud Server
 CVE-2025-4376 (Improper Input Validation vulnerability in Sparx Systems Pro 
Cloud Ser ...)
-       TODO: check
+       NOT-FOR-US: Sparx Systems Pro Cloud Server
 CVE-2025-4375 (Cross-Site Request Forgery (CSRF) vulnerability in Sparx 
Systems Pro C ...)
-       TODO: check
+       NOT-FOR-US: Sparx Systems Pro Cloud Server
 CVE-2025-4206 (The WordPress CRM, Email & Marketing Automation for WordPress | 
Award  ...)
        NOT-FOR-US: WordPress plugin
 CVE-2025-4107
@@ -101,7 +101,7 @@ CVE-2025-47736 (dialect/mod.rs in the libsql-sqlite3-parser 
crate through 0.13.0
 CVE-2025-47735 (inner::drop in inner.rs in the wgp crate through 0.2.0 for 
Rust lacks  ...)
        TODO: check
 CVE-2025-47733 (Server-Side Request Forgery (SSRF) in Microsoft Power Apps 
allows an u ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2025-47732 (Microsoft Dataverse Remote Code Execution Vulnerability)
        NOT-FOR-US: Microsoft
 CVE-2025-46392 (Uncontrolled Resource Consumption vulnerability in Apache 
Commons Conf ...)
@@ -119,7 +119,7 @@ CVE-2025-46189 (SourceCodester Client Database Management 
System 1.0 is vulnerab
 CVE-2025-46188 (SourceCodester Client Database Management System 1.0 is 
vulnerable to  ...)
        NOT-FOR-US: SourceCodester
 CVE-2025-45887 (Yifang CMS v2.0.2 is vulnerable to Server-Side Request Forgery 
(SSRF)  ...)
-       TODO: check
+       NOT-FOR-US: Yifang CMS
 CVE-2025-45885 (PHPGURUKUL Vehicle Parking Management System v1.13 is 
vulnerable to SQ ...)
        NOT-FOR-US: PHPGurukul
 CVE-2025-45513 (Tenda FH451 V1.0.0.9 has a stack overflow vulnerability in the 
functio ...)
@@ -133,15 +133,15 @@ CVE-2025-3811 (The WPBookit plugin for WordPress is 
vulnerable to privilege esca
 CVE-2025-3810 (The WPBookit plugin for WordPress is vulnerable to privilege 
escalatio ...)
        NOT-FOR-US: WordPress plugin
 CVE-2025-3714 (The LCD KVM over IP Switch CL5708IM has a Stack-based Buffer 
Overflow  ...)
-       TODO: check
+       NOT-FOR-US: LCD KVM over IP Switch CL5708IM
 CVE-2025-3713 (The LCD KVM over IP Switch CL5708IM has a Heap-based Buffer 
Overflow v ...)
-       TODO: check
+       NOT-FOR-US: LCD KVM over IP Switch CL5708IM
 CVE-2025-3712 (The LCD KVM over IP Switch CL5708IM has a Heap-based Buffer 
Overflow v ...)
-       TODO: check
+       NOT-FOR-US: LCD KVM over IP Switch CL5708IM
 CVE-2025-3711 (The LCD KVM over IP Switch CL5708IM has a Stack-based Buffer 
Overflow  ...)
-       TODO: check
+       NOT-FOR-US: LCD KVM over IP Switch CL5708IM
 CVE-2025-3710 (The LCD KVM over IP Switch CL5708IM has a Stack-based Buffer 
Overflow  ...)
-       TODO: check
+       NOT-FOR-US: LCD KVM over IP Switch CL5708IM
 CVE-2025-3605 (The Frontend Login and Registration Blocks plugin for WordPress 
is vul ...)
        NOT-FOR-US: WordPress plugin
 CVE-2025-3463 ("This issue is limited to motherboards and does not affect 
laptops, de ...)
@@ -153,9 +153,9 @@ CVE-2025-3455 (The 1 Click WordPress Migration Plugin 
\u2013 100% FREE for a lim
 CVE-2025-37889 (In the Linux kernel, the following vulnerability has been 
resolved:  P ...)
        TODO: check
 CVE-2025-33072 (Improper access control in Azure allows an unauthorized 
attacker to di ...)
-       TODO: check
+       NOT-FOR-US: Microsoft
 CVE-2025-31946 (Pixmeo OsiriX MD  is vulnerable to a local use after free 
scenario, wh ...)
-       TODO: check
+       NOT-FOR-US: Pixmeo OsiriX MD
 CVE-2025-2253 (The IMITHEMES Listing plugin is vulnerable to privilege 
escalation via ...)
        NOT-FOR-US: WordPress plugin
 CVE-2025-29972 (Server-Side Request Forgery (SSRF) in Azure allows an 
authorized attac ...)



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/2c0e5990a08a64f793de2312520f81287be09377

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/2c0e5990a08a64f793de2312520f81287be09377
You're receiving this email because of your account on salsa.debian.org.

_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

[Git][security-tracker-team/security-tracker][master] Process NFUs

Reply via email to