Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
44cdac9a by security tracker role at 2025-08-15T20:13:04+00:00
automatic NOT-FOR-US entries update
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,73 +1,73 @@
CVE-2025-9060 (A vulnerability has been found in the MSoft MFlash
application that ...)
TODO: check
CVE-2025-9053 (A vulnerability has been found in projectworlds Travel
Management Syst ...)
- TODO: check
+ NOT-FOR-US: Project Worlds
CVE-2025-9052 (A vulnerability was identified in projectworlds Travel
Management Syst ...)
- TODO: check
+ NOT-FOR-US: Project Worlds
CVE-2025-9051 (A vulnerability was determined in projectworlds Travel
Management Syst ...)
- TODO: check
+ NOT-FOR-US: Project Worlds
CVE-2025-9050 (A vulnerability was found in projectworlds Travel Management
System 1. ...)
- TODO: check
+ NOT-FOR-US: Project Worlds
CVE-2025-9047 (A vulnerability has been found in projectworlds Visitor
Management Sys ...)
- TODO: check
+ NOT-FOR-US: Project Worlds
CVE-2025-9046 (A vulnerability was identified in Tenda AC20 16.03.08.12. This
issue a ...)
- TODO: check
+ NOT-FOR-US: Tenda
CVE-2025-9028 (A vulnerability was found in code-projects Online Medicine
Guide 1.0. ...)
TODO: check
CVE-2025-9027 (A vulnerability has been found in code-projects Online Medicine
Guide ...)
TODO: check
CVE-2025-9026 (A vulnerability was identified in D-Link DIR-860L 2.04.B04.
This affec ...)
- TODO: check
+ NOT-FOR-US: D-Link
CVE-2025-9025 (A vulnerability was determined in code-projects Simple Cafe
Ordering S ...)
- TODO: check
+ NOT-FOR-US: code-projects
CVE-2025-9024 (A vulnerability was found in PHPGurukul Beauty Parlour
Management Syst ...)
- TODO: check
+ NOT-FOR-US: PHPGurukul
CVE-2025-9023 (A vulnerability has been found in Tenda AC7 and AC18
15.03.05.19/15.03 ...)
- TODO: check
+ NOT-FOR-US: Tenda
CVE-2025-8996 (Missing Authorization vulnerability in Drupal Layout Builder
Advanced ...)
- TODO: check
+ NOT-FOR-US: Drupal core and addons
CVE-2025-8995 (Authentication Bypass Using an Alternate Path or Channel
vulnerability ...)
- TODO: check
+ NOT-FOR-US: Drupal core and addons
CVE-2025-8905 (The Inpersttion For Theme plugin for WordPress is vulnerable to
Remote ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-8720 (The Plugin README Parser plugin for WordPress is vulnerable to
Stored ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-8675 (Server-Side Request Forgery (SSRF) vulnerability in Drupal AI
SEO Link ...)
- TODO: check
+ NOT-FOR-US: Drupal core and addons
CVE-2025-8362 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: Drupal core and addons
CVE-2025-8361 (Missing Authorization vulnerability in Drupal Config Pages
allows Forc ...)
- TODO: check
+ NOT-FOR-US: Drupal core and addons
CVE-2025-8092 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: Drupal core and addons
CVE-2025-8091 (The EventON Lite plugin for WordPress is vulnerable to
Information Exp ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-8080 (The Alobaidi Captcha plugin for WordPress is vulnerable to
Stored Cros ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-8066 (URL Redirection to Untrusted Site ('Open Redirect')
vulnerability in B ...)
TODO: check
CVE-2025-7961 (Improper Control of Generation of Code ('Code Injection')
vulnerabilit ...)
TODO: check
CVE-2025-7778 (The Icons Factory plugin for WordPress is vulnerable to
Arbitrary File ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-7688 (The Add User Meta plugin for WordPress is vulnerable to
Cross-Site Req ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-7662 (The Gestion de tarifs plugin for WordPress is vulnerable to SQL
Inject ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-7650 (The BizCalendar Web plugin for WordPress is vulnerable to Local
File I ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-7641 (The Assistant for NextGEN Gallery plugin for WordPress is
vulnerable t ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-7507 (The elink \u2013 Embed Content plugin for WordPress is
vulnerable to M ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-5844 (The Radius Blocks plugin for WordPress is vulnerable to Stored
Cross-S ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-5048 (A maliciously crafted DGN file, when linked or imported into
Autodesk ...)
- TODO: check
+ NOT-FOR-US: Autodesk
CVE-2025-5047 (A maliciously crafted DGN file, when parsed through Autodesk
AutoCAD, ...)
- TODO: check
+ NOT-FOR-US: Autodesk
CVE-2025-5046 (A maliciously crafted DGN file, when linked or imported into
Autodesk ...)
- TODO: check
+ NOT-FOR-US: Autodesk
CVE-2025-55285 (@backstage/plugin-scaffolder-backend is the backend for the
default Ba ...)
TODO: check
CVE-2025-55207 (Astro is a web framework for content-driven websites.
Following CVE-20 ...)
@@ -77,25 +77,25 @@ CVE-2025-55203 (Plane is open-source project management
software. Prior to versi
CVE-2025-54989 (Firebird is a relational database. Prior to versions 3.0.13,
4.0.6, an ...)
TODO: check
CVE-2025-54475 (A SQL injection vulnerability in the JS Jobs plugin versions
1.3.2-1.4 ...)
- TODO: check
+ NOT-FOR-US: Joomla
CVE-2025-54474 (A SQLi vulnerability in DJ-Classifieds component 3.9.2-3.10.1
for Joom ...)
- TODO: check
+ NOT-FOR-US: Joomla
CVE-2025-54473 (An authenticated RCE vulnerability in Phoca Commander
component 1.0.0- ...)
- TODO: check
+ NOT-FOR-US: Joomla
CVE-2025-54466 (Improper Control of Generation of Code ('Code Injection')
vulnerabilit ...)
TODO: check
CVE-2025-49898 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-49897 (Improper Neutralization of Special Elements used in an SQL
Command ('S ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-49432 (Missing Authorization vulnerability in FWDesign Ultimate Video
Player ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-43490 (A potential security vulnerability has been identified in the
HPAudioA ...)
- TODO: check
+ NOT-FOR-US: HP
CVE-2025-36088 (IBM TS4500 1.11.0.0-D00, 1.11.0.1-C00, 1.11.0.2-C00, and
1.10.00-F00 w ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2025-26709 (There is an unauthorized access vulnerability in ZTE F50. Due
to impro ...)
- TODO: check
+ NOT-FOR-US: ZTE
CVE-2025-24975 (Firebird is a relational database. Prior to snapshot versions
4.0.6.31 ...)
TODO: check
CVE-2025-1929 (Improper Neutralization of Special Elements used in an SQL
Command ('S ...)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/44cdac9a5baba51d664675053d24974ca37f8356
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/44cdac9a5baba51d664675053d24974ca37f8356
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
