Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
a7d96837 by security tracker role at 2025-09-23T08:13:04+00:00
automatic NOT-FOR-US entries update
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -5,11 +5,11 @@ CVE-2025-9495 (The Vitogate 300 web interface fails to
enforce proper server-sid
CVE-2025-9494 (An OS command injection vulnerability has been discovered in
the Vitog ...)
TODO: check
CVE-2025-9321 (The WPCasa plugin for WordPress is vulnerable to Code Injection
in all ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-8902 (The Widget Options - Extended plugin for WordPress is
vulnerable to St ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-8282 (The SureForms WordPress plugin before 1.9.1 does not sanitise
and esc ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-59885
REJECTED
CVE-2025-59884
@@ -41,7 +41,7 @@ CVE-2025-59535 (DNN (formerly DotNetNuke) is an open-source
web content manageme
CVE-2025-59532 (Codex CLI is a coding agent from OpenAI that runs locally. In
versions ...)
TODO: check
CVE-2025-58915 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-57205 (iNiLabs School Express (SMS Express) 6.2 is affected by a
Stored Cross ...)
TODO: check
CVE-2025-57204 (Stocky POS with Inventory Management & HRM (ui-lib) version
5.0 is aff ...)
@@ -49,63 +49,63 @@ CVE-2025-57204 (Stocky POS with Inventory Management & HRM
(ui-lib) version 5.0
CVE-2025-47910 (When using http.CrossOriginProtection, the
AddInsecureBypassPattern me ...)
TODO: check
CVE-2025-43814 (In Liferay Portal 7.4.0 through 7.4.3.112, and older
unsupported versi ...)
- TODO: check
+ NOT-FOR-US: Liferay
CVE-2025-43810 (Insecure Direct Object Reference (IDOR) vulnerability with
commerce or ...)
- TODO: check
+ NOT-FOR-US: Liferay
CVE-2025-43806 (Batch Engine in Liferay Portal 7.4.0 through 7.4.3.112, and
Liferay DX ...)
- TODO: check
+ NOT-FOR-US: Liferay
CVE-2025-42907 (SAP BI Platform allows an attacker to modify the IP address of
the Log ...)
- TODO: check
+ NOT-FOR-US: SAP
CVE-2025-26399 (SolarWinds Web Help Desk was found to be susceptible to an
unauthentic ...)
- TODO: check
+ NOT-FOR-US: SolarWinds
CVE-2025-1131 (A local privilege escalation vulnerability exists in the
safe_asterisk ...)
TODO: check
CVE-2025-10848 (A vulnerability was identified in Campcodes Society Membership
Informa ...)
- TODO: check
+ NOT-FOR-US: Campcodes
CVE-2025-10846 (A vulnerability was determined in Portabilis i-Educar up to
2.10. This ...)
- TODO: check
+ NOT-FOR-US: Portabilis
CVE-2025-10845 (A vulnerability was found in Portabilis i-Educar up to 2.10.
This affe ...)
- TODO: check
+ NOT-FOR-US: Portabilis
CVE-2025-10844 (A vulnerability has been found in Portabilis i-Educar up to
2.10. Affe ...)
- TODO: check
+ NOT-FOR-US: Portabilis
CVE-2025-10843 (A flaw has been found in Reservation Online Hotel Reservation
System 1 ...)
TODO: check
CVE-2025-10842 (A vulnerability was detected in code-projects Online Bidding
System 1. ...)
- TODO: check
+ NOT-FOR-US: code-projects
CVE-2025-10841 (A security vulnerability has been detected in code-projects
Online Bid ...)
- TODO: check
+ NOT-FOR-US: code-projects
CVE-2025-10840 (A weakness has been identified in SourceCodester Pet Grooming
Manageme ...)
- TODO: check
+ NOT-FOR-US: SourceCodester
CVE-2025-10839 (A security flaw has been discovered in SourceCodester Pet
Grooming Man ...)
- TODO: check
+ NOT-FOR-US: SourceCodester
CVE-2025-10838 (A vulnerability was identified in Tenda AC21 16.03.08.16. The
affected ...)
- TODO: check
+ NOT-FOR-US: Tenda
CVE-2025-10837 (A security vulnerability has been detected in code-projects
Simple Foo ...)
- TODO: check
+ NOT-FOR-US: code-projects
CVE-2025-10836 (A weakness has been identified in SourceCodester Pet Grooming
Manageme ...)
- TODO: check
+ NOT-FOR-US: SourceCodester
CVE-2025-10835 (A security flaw has been discovered in SourceCodester Pet
Grooming Man ...)
- TODO: check
+ NOT-FOR-US: SourceCodester
CVE-2025-10834 (A vulnerability was identified in itsourcecode Open Source Job
Portal ...)
TODO: check
CVE-2025-10833 (A vulnerability was determined in 1000projects Bookstore
Management Sy ...)
TODO: check
CVE-2025-10832 (A vulnerability was found in SourceCodester Pet Grooming
Management So ...)
- TODO: check
+ NOT-FOR-US: SourceCodester
CVE-2025-10831 (A vulnerability has been found in Campcodes Computer Sales and
Invento ...)
- TODO: check
+ NOT-FOR-US: Campcodes
CVE-2025-10830 (A flaw has been found in Campcodes Computer Sales and
Inventory System ...)
- TODO: check
+ NOT-FOR-US: Campcodes
CVE-2025-10829 (A vulnerability was detected in Campcodes Computer Sales and
Inventory ...)
- TODO: check
+ NOT-FOR-US: Campcodes
CVE-2025-10828 (A security vulnerability has been detected in SourceCodester
Pet Groom ...)
- TODO: check
+ NOT-FOR-US: SourceCodester
CVE-2025-10827 (A weakness has been identified in PHPJabbers Restaurant Menu
Maker up ...)
TODO: check
CVE-2025-10826 (A security flaw has been discovered in Campcodes Online Beauty
Parlor ...)
- TODO: check
+ NOT-FOR-US: Campcodes
CVE-2025-10825 (A vulnerability was identified in Campcodes Online Beauty
Parlor Manag ...)
- TODO: check
+ NOT-FOR-US: Campcodes
CVE-2025-10824 (A vulnerability was determined in axboe fio up to 3.41. This
impacts t ...)
TODO: check
CVE-2025-10823 (A vulnerability was found in axboe fio up to 3.41. This
affects the fu ...)
@@ -119,17 +119,17 @@ CVE-2025-10820 (A vulnerability was detected in
fuyang_lipengjun platform 1.0. I
CVE-2025-10819 (A security vulnerability has been detected in fuyang_lipengjun
platfor ...)
TODO: check
CVE-2025-10817 (A weakness has been identified in Campcodes Online Learning
Management ...)
- TODO: check
+ NOT-FOR-US: Campcodes
CVE-2025-10816 (A security flaw has been discovered in Jinher OA 2.0. This
affects an ...)
TODO: check
CVE-2025-10815 (A vulnerability was identified in Tenda AC20 up to
16.03.08.12. Affect ...)
- TODO: check
+ NOT-FOR-US: Tenda
CVE-2025-10814 (A vulnerability was determined in D-Link DIR-823X
240126/240802/250416 ...)
- TODO: check
+ NOT-FOR-US: D-Link
CVE-2025-10548 (The CleverControl employee monitoring software (v11.5.1041.6)
fails to ...)
TODO: check
CVE-2025-10380 (The Advanced Views \u2013 Display Posts, Custom Fields, and
More plugi ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-39888 (In the Linux kernel, the following vulnerability has been
resolved: f ...)
- linux 6.16.8-1
[trixie] - linux <not-affected> (Vulnerable code not present)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/a7d9683758d2f5047601887876b89239b7a3a454
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/a7d9683758d2f5047601887876b89239b7a3a454
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
