Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
988f7dc1 by security tracker role at 2025-08-29T20:15:51+00:00
automatic NOT-FOR-US entries update
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -9,19 +9,19 @@ CVE-2025-9670 (A security flaw has been discovered in
mixmark-io turndown up to
CVE-2025-9669 (A vulnerability has been found in Jinher OA 1.0. This issue
affects so ...)
TODO: check
CVE-2025-9667 (A vulnerability was detected in code-projects Simple Grading
System 1. ...)
- TODO: check
+ NOT-FOR-US: code-projects
CVE-2025-9666 (A security vulnerability has been detected in code-projects
Simple Gra ...)
- TODO: check
+ NOT-FOR-US: code-projects
CVE-2025-9665 (A weakness has been identified in code-projects Simple Grading
System ...)
- TODO: check
+ NOT-FOR-US: code-projects
CVE-2025-9664 (A security flaw has been discovered in code-projects Simple
Grading Sy ...)
- TODO: check
+ NOT-FOR-US: code-projects
CVE-2025-9663 (A vulnerability was identified in code-projects Simple Grading
System ...)
- TODO: check
+ NOT-FOR-US: code-projects
CVE-2025-9662 (A vulnerability was determined in code-projects Simple Grading
System ...)
- TODO: check
+ NOT-FOR-US: code-projects
CVE-2025-9660 (A vulnerability was found in SourceCodester Bakeshop Online
Ordering S ...)
- TODO: check
+ NOT-FOR-US: SourceCodester
CVE-2025-9659 (A vulnerability has been found in O2OA up to 10.0-410. The
affected el ...)
TODO: check
CVE-2025-9658 (A flaw has been found in O2OA up to 10.0-410. Impacted is an
unknown f ...)
@@ -29,15 +29,15 @@ CVE-2025-9658 (A flaw has been found in O2OA up to
10.0-410. Impacted is an unkn
CVE-2025-9657 (A vulnerability was detected in O2OA up to 10.0-410. This issue
affect ...)
TODO: check
CVE-2025-9656 (A security vulnerability has been detected in PHPGurukul
Directory Man ...)
- TODO: check
+ NOT-FOR-US: PHPGurukul
CVE-2025-9655 (A weakness has been identified in O2OA up to 10.0-410. This
affects an ...)
TODO: check
CVE-2025-9654 (A security flaw has been discovered in AiondaDotCom mcp-ssh up
to 1.0. ...)
TODO: check
CVE-2025-9653 (A vulnerability was identified in Portabilis i-Educar up to
2.10. Affe ...)
- TODO: check
+ NOT-FOR-US: Portabilis
CVE-2025-9652 (A vulnerability was determined in Portabilis i-Educar up to
2.10. Affe ...)
- TODO: check
+ NOT-FOR-US: Portabilis
CVE-2025-9651 (A vulnerability was found in shafhasan chatbox up to
156a39cde62f78532 ...)
TODO: check
CVE-2025-9650 (A vulnerability has been found in yeqifu carRental up to
3fabb7eae93d2 ...)
@@ -49,25 +49,25 @@ CVE-2025-9647 (A weakness has been identified in mtons
mblog up to 3.5.0. This i
CVE-2025-9646 (A security flaw has been discovered in O2OA up to 10.0-410.
This vulne ...)
TODO: check
CVE-2025-9645 (A vulnerability was identified in itsourcecode Apartment
Management Sy ...)
- TODO: check
+ NOT-FOR-US: itsourcecode System
CVE-2025-9644 (A vulnerability was determined in itsourcecode Apartment
Management Sy ...)
- TODO: check
+ NOT-FOR-US: itsourcecode System
CVE-2025-9643 (A vulnerability was found in itsourcecode Apartment Management
System ...)
- TODO: check
+ NOT-FOR-US: itsourcecode System
CVE-2025-9377 (The authenticated remote command execution (RCE) vulnerability
exists ...)
- TODO: check
+ NOT-FOR-US: TP-Link
CVE-2025-9217 (The Slider Revolution plugin for WordPress is vulnerable to
Path Trave ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-9071 (Erroneously using an all-zero seed for RSA-OEAP padding instead
of the ...)
TODO: check
CVE-2025-8150 (The Events Addon for Elementor plugin for WordPress is
vulnerable to S ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-7383 (Padding oracle attack vulnerability in Oberon microsystem
AG\u2019s Ob ...)
TODO: check
CVE-2025-7071 (Padding oracle attack vulnerability in Oberon microsystem
AG\u2019s oc ...)
TODO: check
CVE-2025-5808 (Improper Input Validation vulnerability in OpenText Self
Service Passw ...)
- TODO: check
+ NOT-FOR-US: OpenText
CVE-2025-58158 (Harness Open Source is an end-to-end developer platform with
Source Co ...)
TODO: check
CVE-2025-56577 (An issue in Evope Core v.1.1.3.20 allows a local attacker to
obtain se ...)
@@ -87,13 +87,13 @@ CVE-2025-55202 (Opencast is a free, open-source platform to
support the manageme
CVE-2025-55177 (Incomplete authorization of linked device synchronization
messages in ...)
TODO: check
CVE-2025-54877 (Tuleap is an Open Source Suite created to facilitate
management of sof ...)
- TODO: check
+ NOT-FOR-US: Tuleap
CVE-2025-54080 (Exiv2 is a C++ library and a command-line utility to read,
write, dele ...)
TODO: check
CVE-2025-52861 (A path traversal vulnerability has been reported to affect
VioStor. If ...)
- TODO: check
+ NOT-FOR-US: QNAP
CVE-2025-52856 (An improper authentication vulnerability has been reported to
affect V ...)
- TODO: check
+ NOT-FOR-US: QNAP
CVE-2025-4644 (A Session Fixation vulnerability existed in Payload's SQLite
adapter d ...)
TODO: check
CVE-2025-4643 (Payload uses JSON Web Tokens (JWT) for authentication. After
log out J ...)
@@ -103,9 +103,9 @@ CVE-2025-47909 (Hosts listed in TrustedOrigins implicitly
allow requests from th
CVE-2025-44033 (SQL injection vulnerability in oa_system oasys v.1.1 allows a
remote a ...)
TODO: check
CVE-2025-44015 (A command injection vulnerability has been reported to affect
HybridDe ...)
- TODO: check
+ NOT-FOR-US: QNAP
CVE-2025-43773 (Liferay Portal 7.4.0 through 7.4.3.132, and Liferay DXP
2025.Q2.0, 20 ...)
- TODO: check
+ NOT-FOR-US: Liferay
CVE-2025-40709 (Cross-Site Scripting (XSS) vulnerability in OpenAtlas v8.9.0
from the ...)
TODO: check
CVE-2025-40708 (Cross-Site Scripting (XSS) vulnerability in OpenAtlas v8.9.0
from the ...)
@@ -123,89 +123,89 @@ CVE-2025-40703 (Cross-Site Scripting (XSS) vulnerability
in OpenAtlas v8.9.0 fro
CVE-2025-40702 (Cross-Site Scripting (XSS) vulnerability in OpenAtlas v8.9.0
from the ...)
TODO: check
CVE-2025-33038 (A path traversal vulnerability has been reported to affect
Qsync Centr ...)
- TODO: check
+ NOT-FOR-US: QNAP
CVE-2025-33037 (A path traversal vulnerability has been reported to affect
Qsync Centr ...)
- TODO: check
+ NOT-FOR-US: QNAP
CVE-2025-33036 (A path traversal vulnerability has been reported to affect
Qsync Centr ...)
- TODO: check
+ NOT-FOR-US: QNAP
CVE-2025-33033 (A path traversal vulnerability has been reported to affect
Qsync Centr ...)
- TODO: check
+ NOT-FOR-US: QNAP
CVE-2025-33032 (A path traversal vulnerability has been reported to affect
several QNA ...)
- TODO: check
+ NOT-FOR-US: QNAP
CVE-2025-30278 (An improper certificate validation vulnerability has been
reported to ...)
- TODO: check
+ NOT-FOR-US: QNAP
CVE-2025-30277 (An improper certificate validation vulnerability has been
reported to ...)
- TODO: check
+ NOT-FOR-US: QNAP
CVE-2025-30275 (A NULL pointer dereference vulnerability has been reported to
affect Q ...)
- TODO: check
+ NOT-FOR-US: QNAP
CVE-2025-30274 (A NULL pointer dereference vulnerability has been reported to
affect s ...)
- TODO: check
+ NOT-FOR-US: QNAP
CVE-2025-30273 (An out-of-bounds write vulnerability has been reported to
affect sever ...)
- TODO: check
+ NOT-FOR-US: QNAP
CVE-2025-30272 (A NULL pointer dereference vulnerability has been reported to
affect s ...)
- TODO: check
+ NOT-FOR-US: QNAP
CVE-2025-30271 (A path traversal vulnerability has been reported to affect
several QNA ...)
- TODO: check
+ NOT-FOR-US: QNAP
CVE-2025-30270 (A path traversal vulnerability has been reported to affect
several QNA ...)
- TODO: check
+ NOT-FOR-US: QNAP
CVE-2025-30268 (A NULL pointer dereference vulnerability has been reported to
affect s ...)
- TODO: check
+ NOT-FOR-US: QNAP
CVE-2025-30267 (A NULL pointer dereference vulnerability has been reported to
affect s ...)
- TODO: check
+ NOT-FOR-US: QNAP
CVE-2025-30265 (A buffer overflow vulnerability has been reported to affect
several QN ...)
- TODO: check
+ NOT-FOR-US: QNAP
CVE-2025-30264 (A command injection vulnerability has been reported to affect
several ...)
- TODO: check
+ NOT-FOR-US: QNAP
CVE-2025-30263 (A NULL pointer dereference vulnerability has been reported to
affect Q ...)
- TODO: check
+ NOT-FOR-US: QNAP
CVE-2025-30262 (A NULL pointer dereference vulnerability has been reported to
affect Q ...)
- TODO: check
+ NOT-FOR-US: QNAP
CVE-2025-30261 (An allocation of resources without limits or throttling
vulnerability ...)
- TODO: check
+ NOT-FOR-US: QNAP
CVE-2025-30260 (An allocation of resources without limits or throttling
vulnerability ...)
- TODO: check
+ NOT-FOR-US: QNAP
CVE-2025-29900 (An allocation of resources without limits or throttling
vulnerability ...)
- TODO: check
+ NOT-FOR-US: QNAP
CVE-2025-29899 (An allocation of resources without limits or throttling
vulnerability ...)
- TODO: check
+ NOT-FOR-US: QNAP
CVE-2025-29898 (An uncontrolled resource consumption vulnerability has been
reported t ...)
- TODO: check
+ NOT-FOR-US: QNAP
CVE-2025-29894 (An SQL injection vulnerability has been reported to affect
Qsync Centr ...)
- TODO: check
+ NOT-FOR-US: QNAP
CVE-2025-29893 (An SQL injection vulnerability has been reported to affect
Qsync Centr ...)
- TODO: check
+ NOT-FOR-US: QNAP
CVE-2025-29890 (An allocation of resources without limits or throttling
vulnerability ...)
- TODO: check
+ NOT-FOR-US: QNAP
CVE-2025-29889 (A NULL pointer dereference vulnerability has been reported to
affect F ...)
- TODO: check
+ NOT-FOR-US: QNAP
CVE-2025-29888 (A NULL pointer dereference vulnerability has been reported to
affect F ...)
- TODO: check
+ NOT-FOR-US: QNAP
CVE-2025-29887 (A command injection vulnerability has been reported to affect
QuRouter ...)
- TODO: check
+ NOT-FOR-US: QNAP
CVE-2025-29886 (A NULL pointer dereference vulnerability has been reported to
affect F ...)
- TODO: check
+ NOT-FOR-US: QNAP
CVE-2025-29882 (A NULL pointer dereference vulnerability has been reported to
affect s ...)
- TODO: check
+ NOT-FOR-US: QNAP
CVE-2025-29879 (A NULL pointer dereference vulnerability has been reported to
affect F ...)
- TODO: check
+ NOT-FOR-US: QNAP
CVE-2025-29878 (A NULL pointer dereference vulnerability has been reported to
affect F ...)
- TODO: check
+ NOT-FOR-US: QNAP
CVE-2025-29875 (A NULL pointer dereference vulnerability has been reported to
affect F ...)
- TODO: check
+ NOT-FOR-US: QNAP
CVE-2025-29874 (A NULL pointer dereference vulnerability has been reported to
affect F ...)
- TODO: check
+ NOT-FOR-US: QNAP
CVE-2025-22483 (A cross-site scripting (XSS) vulnerability has been reported
to affect ...)
- TODO: check
+ NOT-FOR-US: QNAP
CVE-2024-46917 (Diebold Nixdorf Vynamic Security Suite through 4.3.0 SR01 does
not val ...)
TODO: check
CVE-2024-46916 (Diebold Nixdorf Vynamic Security Suite through 4.3.0 SR06
contains fun ...)
TODO: check
CVE-2024-46484 (TRENDnet TV-IP410 vA1.0R was discovered to contain an OS
command injec ...)
- TODO: check
+ NOT-FOR-US: TRENDnet
CVE-2024-13342 (The Booster for WooCommerce plugin for WordPress is vulnerable
to arbi ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-12923 (A cross-site scripting (XSS) vulnerability has been reported
to affect ...)
- TODO: check
+ NOT-FOR-US: QNAP
CVE-2023-41471 (Cross Site Scripting vulnerability in copyparty v.1.9.1 allows
a local ...)
TODO: check
CVE-2025-9639 (The QbiCRMGateway developed by Ai3 has an Arbitrary File
Reading vulne ...)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/988f7dc135fa2c7b1f669de7c5a898520e87a9a4
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/988f7dc135fa2c7b1f669de7c5a898520e87a9a4
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
