Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
36d630d4 by security tracker role at 2025-10-09T08:13:46+00:00
automatic NOT-FOR-US entries update
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,13 +1,13 @@
CVE-2025-9970 (Cleartext Storage of Sensitive Information in Memory
vulnerability in ...)
- TODO: check
+ NOT-FOR-US: ABB group
CVE-2025-9868 (Server-Side Request Forgery (SSRF) in the Remote Browser Plugin
in Son ...)
TODO: check
CVE-2025-7634 (The WP Travel Engine \u2013 Tour Booking Plugin \u2013 Tour
Operator S ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-7526 (The WP Travel Engine \u2013 Tour Booking Plugin \u2013 Tour
Operator S ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-6038 (The Lisfinity Core - Lisfinity Core plugin used for pebas\xae
Lisfinit ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-61913 (Flowise is a drag & drop user interface to build a customized
large la ...)
TODO: check
CVE-2025-61906 (Opencast is a free, open-source platform to support the
management of ...)
@@ -29,11 +29,11 @@ CVE-2025-60830 (redragon-erp v1.0 was discovered to contain
a Shiro deserializat
CVE-2025-60828 (WukongCRM-9.0-JAVA was discovered to contain a fastjson
deserializatio ...)
TODO: check
CVE-2025-60318 (SourceCodester Pet Grooming Management Software 1.0 is
vulnerable to C ...)
- TODO: check
+ NOT-FOR-US: SourceCodester
CVE-2025-60314 (Configuroweb Sistema Web de Inventario 1.0 is vulnerable to a
Stored C ...)
TODO: check
CVE-2025-60313 (Sourcecodester Link Status Checker 1.0 is vulnerable to a
Cross-Site S ...)
- TODO: check
+ NOT-FOR-US: SourceCodester
CVE-2025-60311 (ProjectWorlds Gym Management System1.0 is vulnerable to SQL
Injection ...)
TODO: check
CVE-2025-60299 (Novel-Plus with 5.2.0 was discovered to contain a Stored
Cross-Site Sc ...)
@@ -49,33 +49,33 @@ CVE-2025-57457 (An OS Command Injection vulnerability in
the Admin panel in Curo
CVE-2025-53967 (Framelink Figma MCP Server before 0.6.3 allows an
unauthenticated remo ...)
TODO: check
CVE-2025-47355 (Memory corruption while invoking remote procedure IOCTL calls.)
- TODO: check
+ NOT-FOR-US: Qualcomm
CVE-2025-47354 (Memory corruption while allocating buffers in DSP service.)
- TODO: check
+ NOT-FOR-US: Qualcomm
CVE-2025-47351 (Memory corruption while processing user buffers.)
- TODO: check
+ NOT-FOR-US: Qualcomm
CVE-2025-47349 (Memory corruption while processing an escape call.)
- TODO: check
+ NOT-FOR-US: Qualcomm
CVE-2025-47347 (Memory corruption while processing control commands in the
virtual mem ...)
- TODO: check
+ NOT-FOR-US: Qualcomm
CVE-2025-47342 (Transient DOS may occur when multi-profile concurrency arises
with QHS ...)
- TODO: check
+ NOT-FOR-US: Qualcomm
CVE-2025-47341 (memory corruption while processing an image encoding
completion event.)
- TODO: check
+ NOT-FOR-US: Qualcomm
CVE-2025-47340 (Memory corruption while processing IOCTL call to get the
mapping.)
- TODO: check
+ NOT-FOR-US: Qualcomm
CVE-2025-47338 (Memory corruption while processing escape commands from
userspace.)
- TODO: check
+ NOT-FOR-US: Qualcomm
CVE-2025-43830 (Stored cross-site scripting (XSS) vulnerability in Forms in
Liferay Po ...)
- TODO: check
+ NOT-FOR-US: Liferay
CVE-2025-43829 (Stored cross-site scripting (XSS) vulnerability in diagram
type produc ...)
- TODO: check
+ NOT-FOR-US: Liferay
CVE-2025-43821 (Cross-site scripting (XSS) vulnerability in the Commerce
Product Compa ...)
- TODO: check
+ NOT-FOR-US: Liferay
CVE-2025-43771 (Multiple cross-site scripting (XSS) vulnerabilities in the
Notificatio ...)
- TODO: check
+ NOT-FOR-US: Liferay
CVE-2025-43724 (Dell PowerScale OneFS, versions prior to 9.12.0.0, contains an
authori ...)
- TODO: check
+ NOT-FOR-US: Dell / EMC
CVE-2025-42706 (A logic error exists in the Falcon sensor for Windows that
could allow ...)
TODO: check
CVE-2025-42701 (A race condition exists in the Falcon sensor for Windows that
could al ...)
@@ -83,71 +83,71 @@ CVE-2025-42701 (A race condition exists in the Falcon
sensor for Windows that co
CVE-2025-36636 (In Tenable Security Center versions prior to 6.7.0, an
improper access ...)
TODO: check
CVE-2025-27060 (Memory corruption while performing SCM call with malformed
inputs.)
- TODO: check
+ NOT-FOR-US: Qualcomm
CVE-2025-27059 (Memory corruption while performing SCM call.)
- TODO: check
+ NOT-FOR-US: Qualcomm
CVE-2025-27054 (Memory corruption while processing a malformed license file
during reb ...)
- TODO: check
+ NOT-FOR-US: Qualcomm
CVE-2025-27053 (Memory corruption during PlayReady APP usecase while
processing TA com ...)
- TODO: check
+ NOT-FOR-US: Qualcomm
CVE-2025-27049 (Transient DOS while processing IOCTL call for image encoding.)
- TODO: check
+ NOT-FOR-US: Qualcomm
CVE-2025-27048 (Memory corruption while processing camera platform driver
IOCTL calls.)
- TODO: check
+ NOT-FOR-US: Qualcomm
CVE-2025-27045 (Information disclosure while processing batch command
execution in Vid ...)
- TODO: check
+ NOT-FOR-US: Qualcomm
CVE-2025-27041 (Transient DOS while processing video packets received from
video firmw ...)
- TODO: check
+ NOT-FOR-US: Qualcomm
CVE-2025-27040 (Information disclosure may occur while processing the
hypervisor log.)
- TODO: check
+ NOT-FOR-US: Qualcomm
CVE-2025-27039 (Memory corruption may occur while processing IOCTL call for
DMM/WARPNC ...)
- TODO: check
+ NOT-FOR-US: Qualcomm
CVE-2025-11539 (Grafana Image Renderer is vulnerable to remote code execution
due to a ...)
TODO: check
CVE-2025-11535 (MongoDB Connector for BI installation viaMSIon Windows leaves
ACLs uns ...)
TODO: check
CVE-2025-11530 (A weakness has been identified in code-projects Online
Complaint Site ...)
- TODO: check
+ NOT-FOR-US: code-projects
CVE-2025-11529 (A security flaw has been discovered in ChurchCRM up to 5.18.0.
This im ...)
TODO: check
CVE-2025-11528 (A vulnerability was identified in Tenda AC7 15.03.06.44. This
affects ...)
- TODO: check
+ NOT-FOR-US: Tenda
CVE-2025-11527 (A vulnerability was determined in Tenda AC7 15.03.06.44. The
impacted ...)
- TODO: check
+ NOT-FOR-US: Tenda
CVE-2025-11526 (A vulnerability was found in Tenda AC7 15.03.06.44. The
affected eleme ...)
- TODO: check
+ NOT-FOR-US: Tenda
CVE-2025-11525 (A vulnerability has been found in Tenda AC7 15.03.06.44.
Impacted is a ...)
- TODO: check
+ NOT-FOR-US: Tenda
CVE-2025-11524 (A flaw has been found in Tenda AC7 15.03.06.44. This issue
affects som ...)
- TODO: check
+ NOT-FOR-US: Tenda
CVE-2025-11523 (A vulnerability was detected in Tenda AC7 15.03.06.44. This
vulnerabil ...)
- TODO: check
+ NOT-FOR-US: Tenda
CVE-2025-11522 (The Search & Go - Directory WordPress Theme theme for
WordPress is vul ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-11516 (A weakness has been identified in code-projects Online
Complaint Site ...)
- TODO: check
+ NOT-FOR-US: code-projects
CVE-2025-11515 (A security flaw has been discovered in code-projects Online
Complaint ...)
- TODO: check
+ NOT-FOR-US: code-projects
CVE-2025-11514 (A vulnerability was identified in code-projects Online
Complaint Site ...)
- TODO: check
+ NOT-FOR-US: code-projects
CVE-2025-11513 (A vulnerability was determined in code-projects E-Commerce
Website 1.0 ...)
TODO: check
CVE-2025-11512 (A vulnerability was found in code-projects Voting System 1.0.
Affected ...)
- TODO: check
+ NOT-FOR-US: code-projects
CVE-2025-11511 (A flaw has been found in code-projects E-Commerce Website 1.0.
Affecte ...)
TODO: check
CVE-2025-11509 (A vulnerability was detected in code-projects E-Commerce
Website 1.0. ...)
TODO: check
CVE-2025-11508 (A security vulnerability has been detected in code-projects
Voting Sys ...)
- TODO: check
+ NOT-FOR-US: code-projects
CVE-2025-11507 (A weakness has been identified in PHPGurukul Beauty Parlour
Management ...)
- TODO: check
+ NOT-FOR-US: PHPGurukul
CVE-2025-11506 (A security flaw has been discovered in PHPGurukul Beauty
Parlour Manag ...)
- TODO: check
+ NOT-FOR-US: PHPGurukul
CVE-2025-11505 (A vulnerability was identified in PHPGurukul Beauty Parlour
Management ...)
- TODO: check
+ NOT-FOR-US: PHPGurukul
CVE-2025-11503 (A vulnerability was determined in PHPGurukul Beauty Parlour
Management ...)
- TODO: check
+ NOT-FOR-US: PHPGurukul
CVE-2025-11495 (A vulnerability was determined in GNU Binutils 2.45. The
affected elem ...)
TODO: check
CVE-2025-11494 (A vulnerability was found in GNU Binutils 2.45. Impacted is
the functi ...)
@@ -159,51 +159,51 @@ CVE-2025-11490 (A vulnerability has been found in
wonderwhy-er DesktopCommanderM
CVE-2025-11489 (A security vulnerability has been detected in wonderwhy-er
DesktopComm ...)
TODO: check
CVE-2025-11488 (A weakness has been identified in D-Link DIR-852 up to
20251002. This ...)
- TODO: check
+ NOT-FOR-US: D-Link
CVE-2025-11487 (A security flaw has been discovered in SourceCodester Farm
Management ...)
- TODO: check
+ NOT-FOR-US: SourceCodester
CVE-2025-11486 (A vulnerability was identified in SourceCodester Farm
Management Syste ...)
- TODO: check
+ NOT-FOR-US: SourceCodester
CVE-2025-11485 (A vulnerability was determined in SourceCodester Student
Grades Manage ...)
- TODO: check
+ NOT-FOR-US: SourceCodester
CVE-2025-11481 (A flaw has been found in varunsardana004
Blood-Bank-And-Donation-Manag ...)
TODO: check
CVE-2025-11480 (A vulnerability was detected in SourceCodester Simple
E-Commerce Books ...)
- TODO: check
+ NOT-FOR-US: SourceCodester
CVE-2025-11479 (A security vulnerability has been detected in SourceCodester
Wedding R ...)
- TODO: check
+ NOT-FOR-US: SourceCodester
CVE-2025-11478 (A weakness has been identified in SourceCodester Farm
Management Syste ...)
- TODO: check
+ NOT-FOR-US: SourceCodester
CVE-2025-11477 (A security flaw has been discovered in SourceCodester Wedding
Reservat ...)
- TODO: check
+ NOT-FOR-US: SourceCodester
CVE-2025-11476 (A vulnerability was identified in SourceCodester Simple
E-Commerce Boo ...)
- TODO: check
+ NOT-FOR-US: SourceCodester
CVE-2025-11475 (A vulnerability was determined in projectworlds Advanced
Library Manag ...)
- TODO: check
+ NOT-FOR-US: Project Worlds
CVE-2025-11474 (A vulnerability was found in SourceCodester Hotel and Lodge
Management ...)
- TODO: check
+ NOT-FOR-US: SourceCodester
CVE-2025-11473 (A vulnerability has been found in SourceCodester Hotel and
Lodge Manag ...)
- TODO: check
+ NOT-FOR-US: SourceCodester
CVE-2025-11472 (A flaw has been found in SourceCodester Hotel and Lodge
Management Sys ...)
- TODO: check
+ NOT-FOR-US: SourceCodester
CVE-2025-11471 (A vulnerability was detected in SourceCodester Hotel and Lodge
Managem ...)
- TODO: check
+ NOT-FOR-US: SourceCodester
CVE-2025-11470 (A security vulnerability has been detected in SourceCodester
Hotel and ...)
- TODO: check
+ NOT-FOR-US: SourceCodester
CVE-2025-11469 (A weakness has been identified in SourceCodester Hotel and
Lodge Manag ...)
- TODO: check
+ NOT-FOR-US: SourceCodester
CVE-2025-11445 (A vulnerability was detected in Kilo Code up to 4.86.0.
Affected is th ...)
TODO: check
CVE-2025-11444 (A security vulnerability has been detected in TOTOLINK N600R
up to 4.3 ...)
- TODO: check
+ NOT-FOR-US: TOTOLINK
CVE-2025-11166 (The WP Go Maps (formerly WP Google Maps) plugin for WordPress
is vulne ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-10649 (The Welcart e-Commerce plugin for WordPress is vulnerable to
SQL Injec ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-10586 (The Community Events plugin for WordPress is vulnerable to SQL
Injecti ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-10496 (The Cookie Notice & Consent plugin for WordPress is vulnerable
to Stor ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-10353 (File upload leading to remote code execution (RCE) in the
\u201cmelis- ...)
TODO: check
CVE-2025-10352 (Vulnerability in the melis-core module of Melis Technology's
Melis Pla ...)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/36d630d480f3b23aabc27f2055da0f1b36b6d2bf
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/36d630d480f3b23aabc27f2055da0f1b36b6d2bf
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
