Moritz Muehlenhoff pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
ad936de2 by Moritz Muehlenhoff at 2025-04-01T10:41:55+02:00
NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,31 +1,31 @@
CVE-2025-3062 (Vulnerability in Drupal Drupal Admin LTE theme.This issue
affects Drup ...)
- TODO: check
+ NOT-FOR-US: Drupal core and addons
CVE-2025-3061 (Vulnerability in Drupal Material Admin.This issue affects
Material Adm ...)
- TODO: check
+ NOT-FOR-US: Drupal core and addons
CVE-2025-3060 (Vulnerability in Drupal Flattern \u2013 Multipurpose Bootstrap
Busines ...)
- TODO: check
+ NOT-FOR-US: Drupal core and addons
CVE-2025-3059 (Vulnerability in Drupal Profile Private.This issue affects
Profile Pri ...)
- TODO: check
+ NOT-FOR-US: Drupal core and addons
CVE-2025-3057 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: Drupal core and addons
CVE-2025-3045 (A vulnerability, which was classified as critical, was found in
oretno ...)
NOT-FOR-US: SourceCodester
CVE-2025-3043 (A vulnerability, which was classified as critical, has been
found in G ...)
- TODO: check
+ NOT-FOR-US: GuoMinJim PersonManage
CVE-2025-3042 (A vulnerability classified as critical was found in Project
Worlds Onl ...)
- TODO: check
+ NOT-FOR-US: Project Worlds Online Time Table Generator
CVE-2025-3041 (A vulnerability classified as critical has been found in
Project World ...)
- TODO: check
+ NOT-FOR-US: Project Worlds Online Time Table Generator
CVE-2025-3040 (A vulnerability was found in Project Worlds Online Time Table
Generato ...)
- TODO: check
+ NOT-FOR-US: Project Worlds Online Time Table Generator
CVE-2025-3039 (A vulnerability was found in code-projects Payroll Management
System 1 ...)
NOT-FOR-US: code-projects
CVE-2025-3038 (A vulnerability was found in code-projects Payroll Management
System 1 ...)
NOT-FOR-US: code-projects
CVE-2025-3037 (A vulnerability has been found in yzk2356911358
StudentServlet-JSP cc0 ...)
- TODO: check
+ NOT-FOR-US: yzk2356911358 StudentServlet-JSP
CVE-2025-3036 (A vulnerability, which was classified as problematic, was found
in yzk ...)
- TODO: check
+ NOT-FOR-US: yzk2356911358 StudentServlet-JSP
CVE-2025-3018 (A vulnerability, which was classified as critical, was found in
Source ...)
NOT-FOR-US: SourceCodester
CVE-2025-3017 (A vulnerability, which was classified as critical, has been
found in T ...)
@@ -35,55 +35,55 @@ CVE-2025-3016 (A vulnerability classified as problematic
was found in Open Asset
CVE-2025-3015 (A vulnerability classified as critical has been found in Open
Asset Im ...)
TODO: check
CVE-2025-31697 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: Drupal core and addons
CVE-2025-31696 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: Drupal core and addons
CVE-2025-31695 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: Drupal core and addons
CVE-2025-31694 (Incorrect Authorization vulnerability in Drupal Two-factor
Authenticat ...)
- TODO: check
+ NOT-FOR-US: Drupal core and addons
CVE-2025-31693 (Improper Neutralization of Special Elements used in an OS
Command ('OS ...)
- TODO: check
+ NOT-FOR-US: Drupal core and addons
CVE-2025-31692 (Improper Neutralization of Special Elements used in an OS
Command ('OS ...)
- TODO: check
+ NOT-FOR-US: Drupal core and addons
CVE-2025-31691 (Missing Authorization vulnerability in Drupal OAuth2 Server
allows For ...)
- TODO: check
+ NOT-FOR-US: Drupal core and addons
CVE-2025-31690 (Cross-Site Request Forgery (CSRF) vulnerability in Drupal
Cache Utilit ...)
- TODO: check
+ NOT-FOR-US: Drupal core and addons
CVE-2025-31689 (Cross-Site Request Forgery (CSRF) vulnerability in Drupal
General Data ...)
- TODO: check
+ NOT-FOR-US: Drupal core and addons
CVE-2025-31688 (Cross-Site Request Forgery (CSRF) vulnerability in Drupal
Configuratio ...)
- TODO: check
+ NOT-FOR-US: Drupal core and addons
CVE-2025-31687 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: Drupal core and addons
CVE-2025-31686 (Missing Authorization vulnerability in Drupal Open Social
allows Force ...)
- TODO: check
+ NOT-FOR-US: Drupal core and addons
CVE-2025-31685 (Missing Authorization vulnerability in Drupal Open Social
allows Force ...)
- TODO: check
+ NOT-FOR-US: Drupal core and addons
CVE-2025-31684 (Cross-Site Request Forgery (CSRF) vulnerability in Drupal
OAuth2 Clien ...)
- TODO: check
+ NOT-FOR-US: Drupal core and addons
CVE-2025-31683 (Cross-Site Request Forgery (CSRF) vulnerability in Drupal
Google Tag a ...)
- TODO: check
+ NOT-FOR-US: Drupal core and addons
CVE-2025-31682 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: Drupal core and addons
CVE-2025-31681 (Missing Authorization vulnerability in Drupal Authenticator
Login allo ...)
- TODO: check
+ NOT-FOR-US: Drupal core and addons
CVE-2025-31680 (Cross-Site Request Forgery (CSRF) vulnerability in Drupal
Matomo Analy ...)
- TODO: check
+ NOT-FOR-US: Drupal core and addons
CVE-2025-31679 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: Drupal core and addons
CVE-2025-31678 (Missing Authorization vulnerability in Drupal AI (Artificial
Intellige ...)
- TODO: check
+ NOT-FOR-US: Drupal core and addons
CVE-2025-31677 (Cross-Site Request Forgery (CSRF) vulnerability in Drupal AI
(Artifici ...)
- TODO: check
+ NOT-FOR-US: Drupal core and addons
CVE-2025-31676 (Weak Authentication vulnerability in Drupal Email TFA allows
Brute For ...)
- TODO: check
+ NOT-FOR-US: Drupal core and addons
CVE-2025-31675 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: Drupal core and addons
CVE-2025-31674 (Improperly Controlled Modification of Dynamically-Determined
Object At ...)
- TODO: check
+ NOT-FOR-US: Drupal core and addons
CVE-2025-31673 (Incorrect Authorization vulnerability in Drupal Drupal core
allows For ...)
- TODO: check
+ NOT-FOR-US: Drupal core and addons
CVE-2025-31523
REJECTED
CVE-2025-31522
@@ -103,7 +103,7 @@ CVE-2025-31516
CVE-2025-31515
REJECTED
CVE-2025-31415 (Missing Authorization vulnerability in YayCommerce YayExtra
allows Exp ...)
- TODO: check
+ NOT-FOR-US: YayCommerce
CVE-2025-31409 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
NOT-FOR-US: WordPress plugin or theme
CVE-2025-31194 (An authentication issue was addressed with improved state
management. ...)
@@ -123,11 +123,11 @@ CVE-2025-31183 (The issue was addressed with improved
restriction of data contai
CVE-2025-31182 (This issue was addressed with improved handling of symlinks.
This issu ...)
NOT-FOR-US: Apple
CVE-2025-31095 (Authentication Bypass Using an Alternate Path or Channel
vulnerability ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-31087 (Deserialization of Untrusted Data vulnerability in
silverplugins217 Mu ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-31084 (Deserialization of Untrusted Data vulnerability in
sunshinephotocart S ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-31074 (Deserialization of Untrusted Data vulnerability in MDJM MDJM
Event Man ...)
NOT-FOR-US: WordPress plugin or theme
CVE-2025-31024 (Improper Neutralization of Special Elements used in an SQL
Command ('S ...)
@@ -195,7 +195,7 @@ CVE-2025-30782 (Improper Control of Filename for
Include/Require Statement in PH
CVE-2025-30774 (Improper Neutralization of Special Elements used in an SQL
Command ('S ...)
NOT-FOR-US: WordPress plugin or theme
CVE-2025-30622 (Improper Neutralization of Special Elements used in an SQL
Command ('S ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-30614 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
NOT-FOR-US: WordPress plugin or theme
CVE-2025-30613 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
@@ -203,7 +203,7 @@ CVE-2025-30613 (Improper Neutralization of Input During Web
Page Generation ('Cr
CVE-2025-30607 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
NOT-FOR-US: WordPress plugin or theme
CVE-2025-30594 (Improper Limitation of a Pathname to a Restricted Directory
('Path Tra ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-30589 (Improper Neutralization of Special Elements used in an SQL
Command ('S ...)
NOT-FOR-US: WordPress plugin or theme
CVE-2025-30579 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
@@ -305,7 +305,7 @@ CVE-2025-2008 (The Import Export Suite for CSV and XML
Datafeed plugin for WordP
CVE-2025-2007 (The Import Export Suite for CSV and XML Datafeed plugin for
WordPress ...)
NOT-FOR-US: WordPress plugin
CVE-2025-26683 (Improper authorization in Azure Playwright allows an
unauthorized atta ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2025-24283 (A logging issue was addressed with improved data redaction.
This issue ...)
NOT-FOR-US: Apple
CVE-2025-24282 (A library injection issue was addressed with additional
restrictions. ...)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/ad936de243e2efe4aca2b4c9f4644b221f689c7c
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/ad936de243e2efe4aca2b4c9f4644b221f689c7c
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
