Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
17956a06 by security tracker role at 2025-06-10T08:12:46+00:00
automatic NOT-FOR-US entries update

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,17 +1,17 @@
 CVE-2025-5952 (A vulnerability, which was classified as critical, has been 
found in Z ...)
        TODO: check
 CVE-2025-5945 (Improper Neutralization of Special Elements used in an OS 
Command ('OS ...)
-       TODO: check
+       NOT-FOR-US: Centreon
 CVE-2025-5935 (A vulnerability was found in Open5GS up to 2.7.3. It has been 
declared ...)
        TODO: check
 CVE-2025-5934 (A vulnerability was found in Netgear EX3700 up to 1.0.0.88. It 
has bee ...)
-       TODO: check
+       NOT-FOR-US: Netgear
 CVE-2025-5925 (The Bunny\u2019s Print CSS plugin for WordPress is vulnerable 
to Cross ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2025-5913 (A vulnerability was found in PHPGurukul Vehicle Record 
Management Syst ...)
-       TODO: check
+       NOT-FOR-US: PHPGurukul
 CVE-2025-5912 (A vulnerability was found in D-Link DIR-632 FW103B08. It has 
been decl ...)
-       TODO: check
+       NOT-FOR-US: D-Link
 CVE-2025-5911 (A vulnerability was found in TOTOLINK EX1200T up to 
4.1.2cu.5232_B2021 ...)
        TODO: check
 CVE-2025-5910 (A vulnerability has been found in TOTOLINK EX1200T up to 
4.1.2cu.5232_ ...)
@@ -23,7 +23,7 @@ CVE-2025-5908 (A vulnerability, which was classified as 
critical, has been found
 CVE-2025-5907 (A vulnerability classified as critical was found in TOTOLINK 
EX1200T u ...)
        TODO: check
 CVE-2025-5906 (A vulnerability classified as critical has been found in 
code-projects ...)
-       TODO: check
+       NOT-FOR-US: code-projects
 CVE-2025-5905 (A vulnerability was found in TOTOLINK T10 4.1.8cu.5207. It has 
been ra ...)
        TODO: check
 CVE-2025-5904 (A vulnerability was found in TOTOLINK T10 4.1.8cu.5207. It has 
been de ...)
@@ -35,7 +35,7 @@ CVE-2025-5902 (A vulnerability was found in TOTOLINK T10 
4.1.8cu.5207 and classi
 CVE-2025-5901 (A vulnerability has been found in TOTOLINK T10 4.1.8cu.5207 and 
classi ...)
        TODO: check
 CVE-2025-5900 (A vulnerability, which was classified as problematic, was found 
in Ten ...)
-       TODO: check
+       NOT-FOR-US: Tenda
 CVE-2025-5899 (A vulnerability classified as critical was found in GNU PSPP 
82fb509fb ...)
        TODO: check
 CVE-2025-5898 (A vulnerability classified as critical has been found in GNU 
PSPP 82fb ...)
@@ -45,13 +45,13 @@ CVE-2025-5897 (A vulnerability was found in vuejs vue-cli 
up to 5.0.8. It has be
 CVE-2025-5896 (A vulnerability was found in tarojs taro up to 4.1.1. It has 
been decl ...)
        TODO: check
 CVE-2025-4954 (The Axle Demo Importer WordPress plugin through 1.0.3 does not 
validat ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2025-4840 (The inprosysmedia-likes-dislikes-post WordPress plugin through 
1.0.0 d ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2025-4601 (The "RH - Real Estate WordPress Theme" theme for WordPress is 
vulnerab ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2025-4387 (The Abandoned Cart Pro for WooCommerce plugin contains an 
authenticate ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2025-49141 (HAX CMS PHP allows users to manage their microsite universe 
with a PHP ...)
        TODO: check
 CVE-2025-49140 (Pion Interceptor is a framework for building RTP/RTCP 
communication so ...)
@@ -65,37 +65,37 @@ CVE-2025-49137 (HAX CMS PHP allows users to manage their 
microsite universe with
 CVE-2025-49004 (Caido is a web security auditing toolkit. Prior to version 
0.48.0, due ...)
        TODO: check
 CVE-2025-42998 (The security settings in the SAP Business One Integration 
Framework ar ...)
-       TODO: check
+       NOT-FOR-US: SAP
 CVE-2025-42996 (SAP MDM Server allows an attacker to gain control of existing 
client s ...)
-       TODO: check
+       NOT-FOR-US: SAP
 CVE-2025-42995 (SAP MDM Server Read function allows an attacker to send 
specially craf ...)
-       TODO: check
+       NOT-FOR-US: SAP
 CVE-2025-42994 (SAP MDM Server ReadString function allows an attacker to send 
speciall ...)
-       TODO: check
+       NOT-FOR-US: SAP
 CVE-2025-42993 (Due to a missing authorization check vulnerability in SAP 
S/4HANA (Ent ...)
-       TODO: check
+       NOT-FOR-US: SAP
 CVE-2025-42991 (SAP S/4HANA (Bank Account Application) does not perform 
necessary auth ...)
-       TODO: check
+       NOT-FOR-US: SAP
 CVE-2025-42990 (Unprotected SAPUI5 applications allow an attacker with basic 
privilege ...)
-       TODO: check
+       NOT-FOR-US: SAP
 CVE-2025-42989 (RFC inbound processing\ufffddoes not perform necessary 
authorization c ...)
-       TODO: check
+       NOT-FOR-US: SAP
 CVE-2025-42988 (Under certain conditions, SAP Business Objects Business 
Intelligence P ...)
-       TODO: check
+       NOT-FOR-US: SAP
 CVE-2025-42987 (SAP Manage Processing Rules (For Bank Statement) allows an 
attacker wi ...)
-       TODO: check
+       NOT-FOR-US: SAP
 CVE-2025-42984 (SAP S/4HANA Manage Central Purchase Contract does not perform 
necessar ...)
-       TODO: check
+       NOT-FOR-US: SAP
 CVE-2025-42983 (SAP Business Warehouse and SAP Plug-In Basis allows an 
authenticated a ...)
-       TODO: check
+       NOT-FOR-US: SAP
 CVE-2025-42982 (SAP GRC allows a non-administrative user to access and 
initiate transa ...)
-       TODO: check
+       NOT-FOR-US: SAP
 CVE-2025-42977 (SAP NetWeaver Visual Composer contains a Directory Traversal 
vulnerabi ...)
-       TODO: check
+       NOT-FOR-US: SAP
 CVE-2025-3076 (The Elementor Website Builder Pro plugin for WordPress is 
vulnerable t ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2025-31325 (Due to a Cross-Site Scripting vulnerability in SAP NetWeaver 
(ABAP Key ...)
-       TODO: check
+       NOT-FOR-US: SAP
 CVE-2025-30515 (CyberData011209 Intercom   could allow an authenticated 
attacker to up ...)
        TODO: check
 CVE-2025-30507 (CyberData011209 Intercom could allow an unauthenticated user 
to gather ...)
@@ -113,7 +113,7 @@ CVE-2025-27817 (A possible arbitrary file read and SSRF 
vulnerability has been i
 CVE-2025-26468 (CyberData 011209    Intercom exposes features that could allow 
an unau ...)
        TODO: check
 CVE-2025-23192 (SAP BusinessObjects Business Intelligence (BI Workspace) 
allows an una ...)
-       TODO: check
+       NOT-FOR-US: SAP
 CVE-2025-1041 (An improper input validation discovered in   Avaya Call 
Management Sys ...)
        TODO: check
 CVE-2025-0037 (In AMD Versal Adaptive SoC devices, the lack of address 
validation whe ...)



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/17956a06f23885bb1c8a0b27006ba2665fae21bb

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/17956a06f23885bb1c8a0b27006ba2665fae21bb
You're receiving this email because of your account on salsa.debian.org.


_______________________________________________
debian-security-tracker-commits mailing list
debian-security-tracker-commits@alioth-lists.debian.net
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

Reply via email to