Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
ed4cf481 by security tracker role at 2025-06-09T20:13:25+00:00
automatic NOT-FOR-US entries update

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -29,7 +29,7 @@ CVE-2025-5885 (A vulnerability has been found in Konica 
Minolta bizhub up to 202
 CVE-2025-5884 (A vulnerability, which was classified as problematic, was found 
in Kon ...)
        TODO: check
 CVE-2025-5881 (A vulnerability was found in code-projects Chat System up to 
1.0 and c ...)
-       TODO: check
+       NOT-FOR-US: code-projects
 CVE-2025-5880 (A vulnerability has been found in Whistle 2.9.98 and classified 
as pro ...)
        TODO: check
 CVE-2025-5879 (A vulnerability, which was classified as problematic, was found 
in WuK ...)
@@ -39,7 +39,7 @@ CVE-2025-5877 (A vulnerability, which was classified as 
problematic, has been fo
 CVE-2025-5876 (A vulnerability classified as problematic was found in Lucky 
LM-520-SC ...)
        TODO: check
 CVE-2025-5875 (A vulnerability classified as critical has been found in 
TP-Link TL-IP ...)
-       TODO: check
+       NOT-FOR-US: TP-Link
 CVE-2025-5874 (A vulnerability was found in Redash up to 10.1.0/25.1.0. It has 
been r ...)
        TODO: check
 CVE-2025-5873 (A vulnerability was found in eCharge Hardy Barth Salia PLCC 
2.2.0. It  ...)
@@ -49,7 +49,7 @@ CVE-2025-5872 (A vulnerability was found in eGauge EG3000 
Energy Monitor 3.6.3.
 CVE-2025-5871 (A vulnerability was found in Papendorf SOL Connect Center 
3.3.0.0 and  ...)
        TODO: check
 CVE-2025-5870 (A vulnerability has been found in TRENDnet TV-IP121W 1.1.1 
Build 36 an ...)
-       TODO: check
+       NOT-FOR-US: TRENDnet
 CVE-2025-5869 (A vulnerability, which was classified as critical, was found in 
RT-Thr ...)
        TODO: check
 CVE-2025-5868 (A vulnerability, which was classified as critical, has been 
found in R ...)
@@ -99,15 +99,15 @@ CVE-2025-48877 (Discourse is an open-source discussion 
platform. Prior to versio
 CVE-2025-48281 (Improper Neutralization of Special Elements used in an SQL 
Command ('S ...)
        TODO: check
 CVE-2025-48279 (Improper Neutralization of Input During Web Page Generation 
('Cross-si ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin or theme
 CVE-2025-48267 (Improper Limitation of a Pathname to a Restricted Directory 
('Path Tra ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin or theme
 CVE-2025-48261 (Insertion of Sensitive Information Into Sent Data 
vulnerability in Mul ...)
        TODO: check
 CVE-2025-48147 (Missing Authorization vulnerability in Crypto Cloud 
CryptoCloud - Cryp ...)
        TODO: check
 CVE-2025-48143 (Improper Neutralization of Input During Web Page Generation 
('Cross-si ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin or theme
 CVE-2025-48141 (Improper Neutralization of Special Elements used in an SQL 
Command ('S ...)
        TODO: check
 CVE-2025-48140 (Improper Control of Generation of Code ('Code Injection') 
vulnerabilit ...)
@@ -141,13 +141,13 @@ CVE-2025-47598 (Improper Neutralization of Input During 
Web Page Generation ('Cr
 CVE-2025-47561 (Incorrect Privilege Assignment vulnerability in RomanCode 
MapSVG allow ...)
        TODO: check
 CVE-2025-47527 (Missing Authorization vulnerability in Icegram Icegram Collect 
\u2013  ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin or theme
 CVE-2025-47511 (Improper Limitation of a Pathname to a Restricted Directory 
('Path Tra ...)
        TODO: check
 CVE-2025-47487 (Improper Neutralization of Input During Web Page Generation 
('Cross-si ...)
        TODO: check
 CVE-2025-47477 (Improper Neutralization of Input During Web Page Generation 
('Cross-si ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin or theme
 CVE-2025-47463 (Missing Authorization vulnerability in Fahad Mahmood Stock 
Locations f ...)
        TODO: check
 CVE-2025-46178 (Cross-Site Scripting (XSS) vulnerability exists in 
askquery.php via th ...)
@@ -161,9 +161,9 @@ CVE-2025-45002 (Vigybag v1.0 and before is vulnerable to 
Cross Site Scripting (X
 CVE-2025-45001 (react-native-keys 0.7.11 is vulnerable to sensitive 
information disclo ...)
        TODO: check
 CVE-2025-41444 (Zohocorp ManageEngine ADAudit Plus versions 8510 and prior are 
vulnera ...)
-       TODO: check
+       NOT-FOR-US: Zoho
 CVE-2025-41437 (Zohocorp ManageEngineOpManager,NetFlow Analyzer,Network 
Configuration  ...)
-       TODO: check
+       NOT-FOR-US: Zoho
 CVE-2025-40675 (A Reflected Cross-Site Scripting (XSS) vulnerability has been 
found in ...)
        TODO: check
 CVE-2025-40670 (Incorrect authorization vulnerability in TCMAN's GIM v11. This 
vulnera ...)
@@ -173,77 +173,77 @@ CVE-2025-40669 (Incorrect authorization vulnerability in 
TCMAN's GIM v11. This v
 CVE-2025-40668 (Incorrect authorization vulnerability in TCMAN's GIM v11. This 
vulnera ...)
        TODO: check
 CVE-2025-3835 (Zohocorp ManageEngineExchange Reporter Plus versions5721 and 
prior are ...)
-       TODO: check
+       NOT-FOR-US: Zoho
 CVE-2025-39539 (Improper Neutralization of Input During Web Page Generation 
('Cross-si ...)
        TODO: check
 CVE-2025-39476 (Improper Control of Filename for Include/Require Statement in 
PHP Prog ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin or theme
 CVE-2025-39475 (Path Traversal vulnerability in Frenify Arlo allows PHP Local 
File Inc ...)
        TODO: check
 CVE-2025-39473 (Improper Limitation of a Pathname to a Restricted Directory 
('Path Tra ...)
        TODO: check
 CVE-2025-36528 (Zohocorp ManageEngine ADAudit Plus versions 8510 and prior are 
vulnera ...)
-       TODO: check
+       NOT-FOR-US: Zoho
 CVE-2025-32595 (Improper Control of Filename for Include/Require Statement in 
PHP Prog ...)
        TODO: check
 CVE-2025-32308 (Missing Authorization vulnerability in looks_awesome Team 
Builder allo ...)
        TODO: check
 CVE-2025-32305 (Improper Neutralization of Input During Web Page Generation 
('Cross-si ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin or theme
 CVE-2025-32291 (Unrestricted Upload of File with Dangerous Type vulnerability 
in Fanta ...)
        TODO: check
 CVE-2025-31925 (Improper Neutralization of Input During Web Page Generation 
('Cross-si ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin or theme
 CVE-2025-31920 (Improper Neutralization of Special Elements used in an SQL 
Command ('S ...)
        TODO: check
 CVE-2025-31917 (Improper Neutralization of Input During Web Page Generation 
('Cross-si ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin or theme
 CVE-2025-31638 (Improper Neutralization of Input During Web Page Generation 
('Cross-si ...)
        TODO: check
 CVE-2025-31635 (Improper Limitation of a Pathname to a Restricted Directory 
('Path Tra ...)
        TODO: check
 CVE-2025-31429 (Deserialization of Untrusted Data vulnerability in themeton 
PressGrid  ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin or theme
 CVE-2025-31426 (Improper Neutralization of Input During Web Page Generation 
('Cross-si ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin or theme
 CVE-2025-31424 (Improper Neutralization of Special Elements used in an SQL 
Command ('S ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin or theme
 CVE-2025-31398 (Deserialization of Untrusted Data vulnerability in themeton 
PIMP - Cre ...)
        TODO: check
 CVE-2025-31396 (Deserialization of Untrusted Data vulnerability in themeton 
FLAP - Bus ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin or theme
 CVE-2025-31061 (Improper Neutralization of Input During Web Page Generation 
('Cross-si ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin or theme
 CVE-2025-31059 (Improper Neutralization of Special Elements used in an SQL 
Command ('S ...)
        TODO: check
 CVE-2025-31058 (Improper Neutralization of Input During Web Page Generation 
('Cross-si ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin or theme
 CVE-2025-31057 (Improper Neutralization of Input During Web Page Generation 
('Cross-si ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin or theme
 CVE-2025-31052 (Deserialization of Untrusted Data vulnerability in themeton 
The Fashio ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin or theme
 CVE-2025-31050 (Improper Limitation of a Pathname to a Restricted Directory 
('Path Tra ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin or theme
 CVE-2025-31045 (Exposure of Sensitive System Information to an Unauthorized 
Control Sp ...)
        TODO: check
 CVE-2025-31039 (Improper Restriction of XML External Entity Reference 
vulnerability in ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin or theme
 CVE-2025-31022 (Authentication Bypass Using an Alternate Path or Channel 
vulnerability ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin or theme
 CVE-2025-31019 (Authentication Bypass Using an Alternate Path or Channel 
vulnerability ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin or theme
 CVE-2025-29627 (An issue in KeeperChat IOS Application v.5.8.8 allows a 
physically pro ...)
        TODO: check
 CVE-2025-28992 (Improper Control of Filename for Include/Require Statement in 
PHP Prog ...)
        TODO: check
 CVE-2025-28945 (Improper Control of Filename for Include/Require Statement in 
PHP Prog ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin or theme
 CVE-2025-28944 (Improper Control of Filename for Include/Require Statement in 
PHP Prog ...)
        TODO: check
 CVE-2025-28888 (Improper Control of Filename for Include/Require Statement in 
PHP Prog ...)
        TODO: check
 CVE-2025-27709 (Zohocorp ManageEngine ADAudit Plus versions 8510 and prior are 
vulnera ...)
-       TODO: check
+       NOT-FOR-US: Zoho
 CVE-2025-27362 (Improper Control of Filename for Include/Require Statement in 
PHP Prog ...)
        TODO: check
 CVE-2025-26592 (Improper Control of Filename for Include/Require Statement in 
PHP Prog ...)
@@ -204972,7 +204972,7 @@ CVE-2023-26001 (Improper Neutralization of Input 
During Web Page Generation ('Cr
 CVE-2023-26000 (Improper Neutralization of Input During Web Page Generation 
('Cross-si ...)
        NOT-FOR-US: WordPress plugin
 CVE-2023-25999 (Improper Control of Filename for Include/Require Statement in 
PHP Prog ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin or theme
 CVE-2023-25998
        RESERVED
 CVE-2023-25997 (Missing Authorization vulnerability in SolaPlugins Sola 
Support Ticket ...)



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/ed4cf481aba874284813ab556f2ecb61b1943a84

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/ed4cf481aba874284813ab556f2ecb61b1943a84
You're receiving this email because of your account on salsa.debian.org.


_______________________________________________
debian-security-tracker-commits mailing list
debian-security-tracker-commits@alioth-lists.debian.net
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

Reply via email to