Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
04e000b5 by Salvatore Bonaccorso at 2025-06-20T22:28:42+02:00
Process some NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -41,11 +41,11 @@ CVE-2025-6341 (A vulnerability classified as problematic
was found in code-proje
CVE-2025-6340 (A vulnerability classified as problematic has been found in
code-proje ...)
NOT-FOR-US: code-projects
CVE-2025-6339 (A vulnerability was found in ponaravindb Hospital Management
System 1. ...)
- TODO: check
+ NOT-FOR-US: ponaravindb Hospital Management System
CVE-2025-6337 (A vulnerability was found in TOTOLINK A3002R and A3002RU
3.0.0-B202308 ...)
- TODO: check
+ NOT-FOR-US: TOTOLINK
CVE-2025-6336 (A vulnerability was found in TOTOLINK EX1200T
4.1.2cu.5232_B20210713. ...)
- TODO: check
+ NOT-FOR-US: TOTOLINK
CVE-2025-6335 (A vulnerability was found in DedeCMS up to 5.7.2 and classified
as cri ...)
NOT-FOR-US: DedeCMS
CVE-2025-6334 (A vulnerability has been found in D-Link DIR-867 1.0 and
classified as ...)
@@ -59,7 +59,7 @@ CVE-2025-6331 (A vulnerability classified as critical was
found in PHPGurukul Di
CVE-2025-6330 (A vulnerability classified as critical has been found in
PHPGurukul Di ...)
NOT-FOR-US: PHPGurukul
CVE-2025-6329 (A vulnerability was found in ScriptAndTools Real Estate
Management Sys ...)
- TODO: check
+ NOT-FOR-US: ScriptAndTools Real Estate Management System
CVE-2025-6328 (A vulnerability was found in D-Link DIR-815 1.01. It has been
declared ...)
NOT-FOR-US: D-Link
CVE-2025-6323 (A vulnerability was found in PHPGurukul Pre-School Enrollment
System 1 ...)
@@ -75,9 +75,9 @@ CVE-2025-6257 (The Euro FxRef Currency Converter plugin for
WordPress is vulnera
CVE-2025-6193 (A command injection vulnerability was discovered in the
TrustyAI Expla ...)
TODO: check
CVE-2025-5963 (The Postbox's configuration on macOS, specifically the presence
of ent ...)
- TODO: check
+ NOT-FOR-US: Postbox
CVE-2025-5255 (The Phoenix Code's configuration on macOS, specifically the
presence o ...)
- TODO: check
+ NOT-FOR-US: Phoenix Code
CVE-2025-5121 (An issue has been discovered in GitLab CE/EE affecting all
versions fr ...)
TODO: check
CVE-2025-52825 (Cross-Site Request Forgery (CSRF) vulnerability in Rameez
Iqbal Real E ...)
@@ -201,7 +201,7 @@ CVE-2025-50013 (Improper Neutralization of Input During Web
Page Generation ('Cr
CVE-2025-50012 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
NOT-FOR-US: WordPress plugin or theme
CVE-2025-50011 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-50010 (Missing Authorization vulnerability in Zapier Zapier for
WordPress all ...)
NOT-FOR-US: WordPress plugin or theme
CVE-2025-50009 (Missing Authorization vulnerability in Climax Themes Kata Plus
allows ...)
@@ -279,7 +279,7 @@ CVE-2025-49965 (Cross-Site Request Forgery (CSRF)
vulnerability in Oganro PixelB
CVE-2025-49964 (Cross-Site Request Forgery (CSRF) vulnerability in indgeek
ClipLink al ...)
NOT-FOR-US: WordPress plugin or theme
CVE-2025-49873 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-49132 (Pterodactyl is a free, open-source game server management
panel. Prior ...)
TODO: check
CVE-2025-48706 (An issue was discovered in COROS PACE 3 through 3.0808.0. Due
to an ou ...)
@@ -287,17 +287,17 @@ CVE-2025-48706 (An issue was discovered in COROS PACE 3
through 3.0808.0. Due to
CVE-2025-48705 (An issue was discovered in COROS PACE 3 through 3.0808.0. Due
to a NUL ...)
TODO: check
CVE-2025-48059 (PowSyBl (Power System Blocks) is a framework to build power
system ori ...)
- TODO: check
+ NOT-FOR-US: PowSyBl (Power System Blocks)
CVE-2025-46179 (A SQL Injection vulnerability was discovered in the
askquery.php file ...)
- TODO: check
+ NOT-FOR-US: CloudClassroom-PHP Project
CVE-2025-46158 (An issue in redoxOS kernel before commit 5d41cd7c allows a
local attac ...)
- TODO: check
+ NOT-FOR-US: redoxOS kernel
CVE-2025-45890 (Directory Traversal vulnerability in novel plus before v.5.1.0
allows ...)
TODO: check
CVE-2025-45331 (brplot v420.69.1 contains a Null Pointer Dereference (NPD)
vulnerabili ...)
TODO: check
CVE-2025-44635 (There are multiple unauthorized remote command execution
vulnerabiliti ...)
- TODO: check
+ NOT-FOR-US: H3C
CVE-2025-44203 (In HotelDruid 3.0.7, an unauthenticated attacker can exploit
verbose S ...)
TODO: check
CVE-2025-3319 (IBM Spectrum Protect Server 8.1 through 8.1.26 could allow
attacker to ...)
@@ -309,9 +309,9 @@ CVE-2025-3227 (Mattermost versions 10.5.x <= 10.5.5, 9.11.x
<= 9.11.15, 10.8.x <
CVE-2025-34030 (An OS command injection vulnerability exists in sar2html
version 3.2.2 ...)
TODO: check
CVE-2025-34029 (An OS command injection vulnerability exists in the Edimax
EW-7438RPn ...)
- TODO: check
+ NOT-FOR-US: Edimax
CVE-2025-34024 (An OS command injection vulnerability exists in the Edimax
EW-7438RPn ...)
- TODO: check
+ NOT-FOR-US: Edimax
CVE-2025-34023 (A path traversal vulnerability exists in the Karel IP1211 IP
Phone's w ...)
TODO: check
CVE-2025-34022 (A path traversal vulnerability exists in multiple models of
Selea Targ ...)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/04e000b593dc00f3acd4dc672270470fed3685ff
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/04e000b593dc00f3acd4dc672270470fed3685ff
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
