Moritz Muehlenhoff pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
19d7f828 by Moritz Muehlenhoff at 2025-06-22T10:25:01+02:00
NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -5,7 +5,7 @@ CVE-2025-6468 (A vulnerability was found in code-projects
Online Bidding System
CVE-2025-6467 (A vulnerability was found in code-projects Online Bidding
System 1.0. ...)
NOT-FOR-US: code-projects
CVE-2025-6466 (A vulnerability was found in ageerle ruoyi-ai 2.0.0 and
classified as ...)
- TODO: check
+ NOT-FOR-US: ruoyi-ai
CVE-2025-6458 (A vulnerability has been found in code-projects Online Hotel
Reservati ...)
NOT-FOR-US: code-projects
CVE-2025-6457 (A vulnerability, which was classified as critical, was found in
code-p ...)
@@ -15,7 +15,7 @@ CVE-2025-6456 (A vulnerability, which was classified as
critical, has been found
CVE-2025-6455 (A vulnerability classified as critical was found in
code-projects Onli ...)
NOT-FOR-US: code-projects
CVE-2025-6453 (A vulnerability classified as critical has been found in diyhi
bbs 6.8 ...)
- TODO: check
+ NOT-FOR-US: ageerle ruoyi-aibbs
CVE-2025-6452 (A vulnerability was found in CodeAstro Patient Record
Management Syste ...)
NOT-FOR-US: CodeAstro
CVE-2025-6451 (A vulnerability was found in code-projects Simple Online Hotel
Reserva ...)
@@ -41,15 +41,15 @@ CVE-2025-6419 (A vulnerability was found in code-projects
Simple Online Hotel Re
CVE-2025-6418 (A vulnerability was found in code-projects Simple Online Hotel
Reserva ...)
NOT-FOR-US: code-projects
CVE-2025-52923 (Sangfor aTrust through 2.4.10 allows users to modify the
ExecStartPre ...)
- TODO: check
+ NOT-FOR-US: Sangfor aTrust
CVE-2025-52919 (In Yealink YMCS RPS before 2025-05-26, the certificate upload
function ...)
- TODO: check
+ NOT-FOR-US: Yealink YMCS RPS
CVE-2025-52918 (Yealink YMCS before 2025-05-26 does not prevent OpenAPI access
by froz ...)
- TODO: check
+ NOT-FOR-US: Yealink YMCS RPS
CVE-2025-52917 (The Yealink YMCS RPS API before 2025-05-26 lacks rate
limiting, potent ...)
- TODO: check
+ NOT-FOR-US: Yealink YMCS RPS
CVE-2025-52916 (Yealink YMCS RPS before 2025-06-04 lacks SN verification
attempt limit ...)
- TODO: check
+ NOT-FOR-US: Yealink YMCS RPS
CVE-2025-1987 (A Cross-Site Scripting (XSS)vulnerability has been identified
in Psono ...)
NOT-FOR-US: Bitdefender
CVE-2025-6417 (A vulnerability has been found in PHPGurukul Art Gallery
Management Sy ...)
@@ -83,7 +83,7 @@ CVE-2025-6404 (A vulnerability classified as critical has
been found in Campcode
CVE-2025-6403 (A vulnerability was found in code-projects School Fees Payment
System ...)
NOT-FOR-US: code-projects
CVE-2025-6402 (A vulnerability was found in TOTOLINK X15 1.0.0-B20230714.1105.
It has ...)
- TODO: check
+ NOT-FOR-US: TOTOLINK
CVE-2025-5289 (The 3D FlipBook \u2013 PDF Embedder, PDF Flipbook Viewer,
Flipbook Ima ...)
NOT-FOR-US: WordPress plugin
CVE-2025-3629 (IBM InfoSphere Information Server 11.7.0.0 through 11.7.1.6
could al ...)
@@ -123,7 +123,7 @@ CVE-2025-6368 (A vulnerability was found in D-Link DIR-619L
2.06B01. It has been
CVE-2025-6367 (A vulnerability was found in D-Link DIR-619L 2.06B01. It has
been decl ...)
NOT-FOR-US: D-Link
CVE-2025-6365 (A vulnerability was found in HobbesOSR Kitten up to
c4f8b7c3158983d102 ...)
- TODO: check
+ NOT-FOR-US: HobbesOSR Kitten
CVE-2025-6364 (A vulnerability has been found in code-projects Simple Pizza
Ordering ...)
NOT-FOR-US: code-projects
CVE-2025-6218 (RARLAB WinRAR Directory Traversal Remote Code Execution
Vulnerability. ...)
@@ -149,9 +149,9 @@ CVE-2025-5143 (The TableOn \u2013 WordPress Posts Table
Filterable plugin for Wo
CVE-2025-5034 (The wp-file-download WordPress plugin before 6.2.6 does not
sanitise a ...)
NOT-FOR-US: WordPress plugin
CVE-2025-52557 (Mail-0's Zero is an open-source email solution. In version 0.8
it's po ...)
- TODO: check
+ NOT-FOR-US: Mail-0 Zero
CVE-2025-52556 (rfc3161-client is a Python library implementing the Time-Stamp
Protoco ...)
- TODO: check
+ NOT-FOR-US: rfc3161-client
CVE-2025-52552 (FastGPT is an AI Agent building platform. Prior to version
4.9.12, the ...)
NOT-FOR-US: FastGPT
CVE-2025-52488 (DNN (formerly DotNetNuke) is an open-source web content
management pla ...)
@@ -237,7 +237,7 @@ CVE-2025-6320 (A vulnerability, which was classified as
critical, was found in P
CVE-2025-6257 (The Euro FxRef Currency Converter plugin for WordPress is
vulnerable t ...)
NOT-FOR-US: WordPress plugin
CVE-2025-6193 (A command injection vulnerability was discovered in the
TrustyAI Expla ...)
- TODO: check
+ NOT-FOR-US: TrustyAI
CVE-2025-5963 (The Postbox's configuration on macOS, specifically the presence
of ent ...)
NOT-FOR-US: Postbox
CVE-2025-5255 (The Phoenix Code's configuration on macOS, specifically the
presence o ...)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/19d7f828643e4e46cfd0c5364bb163d8352b078d
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/19d7f828643e4e46cfd0c5364bb163d8352b078d
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
