Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
009eb43b by security tracker role at 2025-08-25T20:14:25+00:00
automatic NOT-FOR-US entries update
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,5 +1,5 @@
CVE-2025-9417 (A weakness has been identified in itsourcecode Apartment
Management Sy ...)
- TODO: check
+ NOT-FOR-US: itsourcecode System
CVE-2025-9416 (A security flaw has been discovered in oitcode samarium up to
0.9.6. T ...)
TODO: check
CVE-2025-9415 (A vulnerability was identified in GreenCMS up to 2.3.0603. This
affect ...)
@@ -19,7 +19,7 @@ CVE-2025-9409 (A security flaw has been discovered in
lostvip-com ruoyi-go up to
CVE-2025-9407 (A flaw has been found in mtons mblog up to 3.5.0. Affected by
this vul ...)
TODO: check
CVE-2025-8562 (The Custom Query Shortcode plugin for WordPress is vulnerable
to Path ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-7426 (Information disclosure and exposure of authentication FTP
credentials ...)
TODO: check
CVE-2025-6737 (Securden\u2019s Unified PAM Remote Vendor Gateway access portal
shares ...)
@@ -31,19 +31,19 @@ CVE-2025-57811 (Craft is a platform for creating digital
experiences. From versi
CVE-2025-57802 (Airlink's Daemon interfaces with Docker and the Panel to
provide secur ...)
TODO: check
CVE-2025-57773 (DataEase is an open source business intelligence and data
visualizatio ...)
- TODO: check
+ NOT-FOR-US: DataEase
CVE-2025-57772 (DataEase is an open source business intelligence and data
visualizatio ...)
- TODO: check
+ NOT-FOR-US: DataEase
CVE-2025-57760 (Langflow is a tool for building and deploying AI-powered
agents and wo ...)
TODO: check
CVE-2025-56216 (phpgurukul Hospital Management System 4.0 is vulnerable to SQL
Injecti ...)
- TODO: check
+ NOT-FOR-US: PHPGurukul
CVE-2025-56215 (phpgurukul Hospital Management System 4.0 is vulnerable to SQL
Injecti ...)
- TODO: check
+ NOT-FOR-US: PHPGurukul
CVE-2025-56214 (phpgurukul Hospital Management System 4.0 is vulnerable to SQL
Injecti ...)
- TODO: check
+ NOT-FOR-US: PHPGurukul
CVE-2025-56212 (phpgurukul Hospital Management System 4.0 is vulnerable to SQL
Injecti ...)
- TODO: check
+ NOT-FOR-US: PHPGurukul
CVE-2025-55575 (SQL Injection vulnerability in SMM Panel 3.1 allowing remote
attackers ...)
TODO: check
CVE-2025-55574 (Cross Site Scripting vulnerability in docmost v.0.21.0 and
before allo ...)
@@ -97,7 +97,7 @@ CVE-2025-52456 (A memory corruption vulnerability exists in
the WebP Image Decod
CVE-2025-52130 (File upload vulnerability in WebErpMesv2 1.17 in the
app/Http/Controll ...)
TODO: check
CVE-2025-51281 (D-Link DI-8100 16.07.26A1 is vulnerable to Buffer Overflow via
the en` ...)
- TODO: check
+ NOT-FOR-US: D-Link
CVE-2025-50900 (An issue was discovered in getrebuild/rebuild 4.0.4. The
affected sour ...)
TODO: check
CVE-2025-50722 (Insecure Permissions vulnerability in sparkshop v.1.1.7 allows
a remot ...)
@@ -107,7 +107,7 @@ CVE-2025-50383 (alextselegidis Easy!Appointments v1.5.1 was
discovered to contai
CVE-2025-50129 (A memory corruption vulnerability exists in the PCX Image
Decoding fun ...)
TODO: check
CVE-2025-48303 (Cross-Site Request Forgery (CSRF) vulnerability in Kevin
Langley Jr. P ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-46407 (A memory corruption vulnerability exists in the BMPv3 Palette
Decoding ...)
TODO: check
CVE-2025-45968 (An issue in System PDV v1.0 allows a remote attacker to obtain
sensiti ...)
@@ -119,9 +119,9 @@ CVE-2025-44178 (DASAN GPON ONU H660WM H660WMR210825 is
susceptible to improper a
CVE-2025-43960 (Adminer 4.8.1, when using Monolog for logging, allows a Denial
of Serv ...)
TODO: check
CVE-2025-3478 (A Stored Cross-Site Scripting (XSS) vulnerability has been
identified ...)
- TODO: check
+ NOT-FOR-US: OpenText
CVE-2025-3456 (On affected platforms running Arista EOS, the global common
encryption ...)
- TODO: check
+ NOT-FOR-US: Arista Networks
CVE-2025-35984 (A memory corruption vulnerability exists in the PCX Image
Decoding fun ...)
TODO: check
CVE-2025-32468 (A memory corruption vulnerability exists in the BMPv3 Image
Decoding f ...)
@@ -131,23 +131,23 @@ CVE-2025-29525 (DASAN GPON ONU H660WM OS version
H660WMR210825 Hardware version
CVE-2025-29524 (Incorrect access control in the component
/cgi-bin/system_diagnostic_m ...)
TODO: check
CVE-2025-29523 (D-Link DSL-7740C with firmware DSL7740C.V6.TR069.20211230 was
discover ...)
- TODO: check
+ NOT-FOR-US: D-Link
CVE-2025-29522 (D-Link DSL-7740C with firmware DSL7740C.V6.TR069.20211230 was
discover ...)
- TODO: check
+ NOT-FOR-US: D-Link
CVE-2025-29521 (Insecure default credentials for the Adminsitrator account of
D-Link D ...)
- TODO: check
+ NOT-FOR-US: D-Link
CVE-2025-29520 (Incorrect access control in the Maintenance module of D-Link
DSL-7740C ...)
- TODO: check
+ NOT-FOR-US: D-Link
CVE-2025-29519 (A command injection vulnerability in the EXE parameter of
D-Link DSL-7 ...)
- TODO: check
+ NOT-FOR-US: D-Link
CVE-2025-29517 (D-Link DSL-7740C with firmware DSL7740C.V6.TR069.20211230 was
discover ...)
- TODO: check
+ NOT-FOR-US: D-Link
CVE-2025-29516 (D-Link DSL-7740C with firmware DSL7740C.V6.TR069.20211230 was
discover ...)
- TODO: check
+ NOT-FOR-US: D-Link
CVE-2025-29515 (Incorrect access control in the DELT_file.xgi endpoint of
D-Link DSL-7 ...)
- TODO: check
+ NOT-FOR-US: D-Link
CVE-2025-29514 (Incorrect access control in the config.xgi function of D-Link
DSL-7740 ...)
- TODO: check
+ NOT-FOR-US: D-Link
CVE-2025-29421 (PerfreeBlog v4.0.11 has an arbitrary file read vulnerability
in the ge ...)
TODO: check
CVE-2025-29420 (PerfreeBlog v4.0.11 has a directory traversal vulnerability in
the get ...)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/009eb43b69dcc92a7c8b4b497668907c4791b350
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/009eb43b69dcc92a7c8b4b497668907c4791b350
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
