[Git][security-tracker-team/security-tracker][master] NFUs

Moritz Muehlenhoff (@jmm) Tue, 17 Jun 2025 14:20:39 -0700


Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / 
security-tracker



Commits:
bdd38f72 by Moritz Muehlenhoff at 2025-06-17T23:20:07+02:00
NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -120,27 +120,27 @@ CVE-2025-49312 (Improper Neutralization of Input During 
Web Page Generation ('Cr
 CVE-2025-49266 (Improper Neutralization of Input During Web Page Generation 
('Cross-si ...)
        NOT-FOR-US: WordPress plugin or theme
 CVE-2025-49261 (Improper Control of Filename for Include/Require Statement in 
PHP Prog ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin or theme
 CVE-2025-49260 (Improper Control of Filename for Include/Require Statement in 
PHP Prog ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin or theme
 CVE-2025-49259 (Improper Control of Filename for Include/Require Statement in 
PHP Prog ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin or theme
 CVE-2025-49258 (Improper Control of Filename for Include/Require Statement in 
PHP Prog ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin or theme
 CVE-2025-49257 (Improper Control of Filename for Include/Require Statement in 
PHP Prog ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin or theme
 CVE-2025-49256 (Improper Control of Filename for Include/Require Statement in 
PHP Prog ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin or theme
 CVE-2025-49255 (Improper Control of Filename for Include/Require Statement in 
PHP Prog ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin or theme
 CVE-2025-49254 (Improper Control of Filename for Include/Require Statement in 
PHP Prog ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin or theme
 CVE-2025-49253 (Improper Control of Filename for Include/Require Statement in 
PHP Prog ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin or theme
 CVE-2025-49252 (Improper Control of Filename for Include/Require Statement in 
PHP Prog ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin or theme
 CVE-2025-49251 (Improper Control of Filename for Include/Require Statement in 
PHP Prog ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin or theme
 CVE-2025-49234 (Missing Authorization vulnerability in Deepak anand WP Dummy 
Content G ...)
        NOT-FOR-US: WordPress plugin or theme
 CVE-2025-49220 (An insecure deserialization operation in Trend Micro Apex 
Central belo ...)
@@ -158,15 +158,15 @@ CVE-2025-49155 (An uncontrolled search path vulnerability 
in the Trend Micro Ape
 CVE-2025-49154 (An insecure access control vulnerability in Trend Micro Apex 
One and T ...)
        NOT-FOR-US: Trend Micro
 CVE-2025-49071 (Unrestricted Upload of File with Dangerous Type vulnerability 
in NasaT ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin or theme
 CVE-2025-48333 (Improper Neutralization of Input During Web Page Generation 
('Cross-si ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin or theme
 CVE-2025-48274 (Improper Neutralization of Special Elements used in an SQL 
Command ('S ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin or theme
 CVE-2025-48145 (Improper Neutralization of Input During Web Page Generation 
('Cross-si ...)
        NOT-FOR-US: WordPress plugin or theme
 CVE-2025-48118 (Improper Neutralization of Special Elements used in an SQL 
Command ('S ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin or theme
 CVE-2025-48111 (Cross-Site Request Forgery (CSRF) vulnerability in YITHEMES 
YITH PayPa ...)
        NOT-FOR-US: WordPress plugin or theme
 CVE-2025-47867 (A Local File Inclusion vulnerability in a Trend Micro Apex 
Central wid ...)
@@ -178,15 +178,15 @@ CVE-2025-47865 (A Local File Inclusion vulnerability in a 
Trend Micro Apex Centr
 CVE-2025-47573 (Improper Neutralization of Special Elements used in an SQL 
Command ('S ...)
        NOT-FOR-US: WordPress plugin or theme
 CVE-2025-47572 (Improper Control of Filename for Include/Require Statement in 
PHP Prog ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin or theme
 CVE-2025-47559 (Unrestricted Upload of File with Dangerous Type vulnerability 
in Roman ...)
        NOT-FOR-US: WordPress plugin or theme
 CVE-2025-47452 (Unrestricted Upload of File with Dangerous Type vulnerability 
in RexTh ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin or theme
 CVE-2025-45880 (A cross-site scripting (XSS) vulnerability in the data 
resource manage ...)
-       TODO: check
+       NOT-FOR-US: Miliaris Amigdala
 CVE-2025-45879 (A cross-site scripting (XSS) vulnerability in the e-mail 
manager funct ...)
-       TODO: check
+       NOT-FOR-US: Miliaris Amigdala
 CVE-2025-45878 (A cross-site scripting (XSS) vulnerability in the report 
manager funct ...)
        TODO: check
 CVE-2025-45526 (A denial of service (DoS) vulnerability has been identified in 
the Jav ...)
@@ -206,23 +206,23 @@ CVE-2025-39486 (Improper Neutralization of Special 
Elements used in an SQL Comma
 CVE-2025-39479 (Improper Neutralization of Special Elements used in an SQL 
Command ('S ...)
        NOT-FOR-US: WordPress plugin or theme
 CVE-2025-34511 (Sitecore PowerShell Extensions, an add-on to Sitecore 
Experience Manag ...)
-       TODO: check
+       NOT-FOR-US: Sitecore
 CVE-2025-34510 (Sitecore Experience Manager (XM), Experience Platform (XP), 
and Experi ...)
-       TODO: check
+       NOT-FOR-US: Sitecore
 CVE-2025-34509 (Sitecore Experience Manager (XM) and Experience Platform (XP) 
versions ...)
-       TODO: check
+       NOT-FOR-US: Sitecore
 CVE-2025-34508 (A path traversal vulnerability exists in the file dropoff 
functionalit ...)
-       TODO: check
+       NOT-FOR-US: ZendTo
 CVE-2025-33122 (IBM i 7.2, 7.3, 7.4, 7.5, and 7.6 could allow a user to gain 
elevated  ...)
        NOT-FOR-US: IBM
 CVE-2025-32549 (Improper Control of Filename for Include/Require Statement in 
PHP Prog ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin or theme
 CVE-2025-32510 (Unrestricted Upload of File with Dangerous Type vulnerability 
in ovath ...)
        NOT-FOR-US: WordPress plugin or theme
 CVE-2025-31919 (Deserialization of Untrusted Data vulnerability in themeton 
Spare allo ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin or theme
 CVE-2025-30988 (Improper Neutralization of Input During Web Page Generation 
('Cross-si ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin or theme
 CVE-2025-30680 (A Server-side Request Forgery (SSRF) vulnerability in Trend 
Micro Apex ...)
        NOT-FOR-US: Trend Micro
 CVE-2025-30679 (A Server-side Request Forgery (SSRF) vulnerability in Trend 
Micro Apex ...)
@@ -246,7 +246,7 @@ CVE-2025-24761 (Improper Control of Filename for 
Include/Require Statement in PH
 CVE-2025-0320 (Local Privilege escalation allows a low-privileged user to gain 
SYSTEM ...)
        NOT-FOR-US: Citrix
 CVE-2024-40570 (SQL Injection vulnerability in SeaCMS v.12.9 allows a remote 
attacker  ...)
-       TODO: check
+       NOT-FOR-US: SeaCMS
 CVE-2025-6019 [LPE from allow_active to root in libblockdev via udisks]
        - libblockdev 3.3.0-2.1
        NOTE: https://www.openwall.com/lists/oss-security/2025/06/17/4



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/bdd38f721f089bffe362da29af1ac0c3db48d820

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/bdd38f721f089bffe362da29af1ac0c3db48d820
You're receiving this email because of your account on salsa.debian.org.

_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

[Git][security-tracker-team/security-tracker][master] NFUs

Reply via email to