Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
2e99ec07 by security tracker role at 2025-05-13T08:13:16+00:00
automatic NOT-FOR-US entries update
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,15 +1,15 @@
CVE-2025-4632 (Improper limitation of a pathname to a restricted directory
vulnerabil ...)
TODO: check
CVE-2025-4474 (The Frontend Dashboard plugin for WordPress is vulnerable to
Privilege ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-4473 (The Frontend Dashboard plugin for WordPress is vulnerable to
Privilege ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-4396 (The Relevanssi \u2013 A Better Search plugin for WordPress is
vulnerab ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-4339 (The TheGem theme for WordPress is vulnerable to unauthorized
modificat ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-4317 (The TheGem theme for WordPress is vulnerable to arbitrary file
uploads ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-47864
REJECTED
CVE-2025-47863
@@ -27,179 +27,179 @@ CVE-2025-47858
CVE-2025-46825 (Kanboard is project management software that focuses on the
Kanban met ...)
TODO: check
CVE-2025-43011 (Under certain conditions, SAP Landscape Transformation's PCL
Basis mod ...)
- TODO: check
+ NOT-FOR-US: SAP
CVE-2025-43010 (SAP S/4HANA Cloud Private Edition or on Premise (SCM Master
Data Layer ...)
- TODO: check
+ NOT-FOR-US: SAP
CVE-2025-43009 (SAP Service Parts Management (SPM) does not perform necessary
authoriz ...)
- TODO: check
+ NOT-FOR-US: SAP
CVE-2025-43008 (Due to missing authorization check, an unauthorized user can
view the ...)
- TODO: check
+ NOT-FOR-US: SAP
CVE-2025-43007 (SAP Service Parts Management (SPM) does not perform necessary
authoriz ...)
- TODO: check
+ NOT-FOR-US: SAP
CVE-2025-43006 (SAP Supplier Relationship Management (Master Data Management
Catalogue ...)
- TODO: check
+ NOT-FOR-US: SAP
CVE-2025-43005 (SAP GUI for Windows allows an unauthenticated attacker to
exploit inse ...)
- TODO: check
+ NOT-FOR-US: SAP
CVE-2025-43004 (Due to a security misconfiguration vulnerability, customers
can develo ...)
- TODO: check
+ NOT-FOR-US: SAP
CVE-2025-43003 (SAP S/4 HANA allows an authenticated attacker with user
privileges to ...)
- TODO: check
+ NOT-FOR-US: SAP
CVE-2025-43002 (SAP S4CORE OData meta-data property allows an authenticated
attacker t ...)
- TODO: check
+ NOT-FOR-US: SAP
CVE-2025-43000 (Under certain conditions Promotion Management Wizard (PMW)
allows an a ...)
- TODO: check
+ NOT-FOR-US: SAP
CVE-2025-42999 (SAP NetWeaver Visual Composer Metadata Uploader is vulnerable
when a p ...)
- TODO: check
+ NOT-FOR-US: SAP
CVE-2025-42997 (Under certain conditions, SAP Gateway Client allows a
high-privileged ...)
- TODO: check
+ NOT-FOR-US: SAP
CVE-2025-3659 (Improper authentication handling was identified in a set of
HTTP POST ...)
TODO: check
CVE-2025-3107 (The Newsletters plugin for WordPress is vulnerable to
time-based SQL I ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-35471 (conda-forge openssl-feedstock before 066e83c (2024-05-20), on
Microsof ...)
TODO: check
CVE-2025-31329 (SAP NetWeaver is vulnerable to an Information Disclosure
vulnerability ...)
- TODO: check
+ NOT-FOR-US: SAP
CVE-2025-31260 (A permissions issue was addressed with additional
restrictions. This i ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2025-31259 (The issue was addressed with improved input sanitization. This
issue i ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2025-31258 (This issue was addressed by removing the vulnerable code. This
issue i ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2025-31257 (This issue was addressed with improved memory handling. This
issue is ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2025-31256 (The issue was addressed with improved handling of caches. This
issue i ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2025-31253 (This issue was addressed through improved state management.
This issue ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2025-31251 (The issue was addressed with improved input sanitization. This
issue i ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2025-31250 (An information disclosure issue was addressed with improved
privacy co ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2025-31249 (A logic issue was addressed with improved checks. This issue
is fixed ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2025-31247 (A logic issue was addressed with improved state management.
This issue ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2025-31246 (The issue was addressed with improved memory handling. This
issue is f ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2025-31245 (The issue was addressed with improved checks. This issue is
fixed in m ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2025-31244 (A file quarantine bypass was addressed with additional checks.
This is ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2025-31242 (A privacy issue was addressed with improved private data
redaction for ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2025-31241 (A double free issue was addressed with improved memory
management. Thi ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2025-31240 (This issue was addressed with improved checks. This issue is
fixed in ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2025-31239 (A use-after-free issue was addressed with improved memory
management. ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2025-31238 (The issue was addressed with improved checks. This issue is
fixed in w ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2025-31237 (This issue was addressed with improved checks. This issue is
fixed in ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2025-31236 (An information disclosure issue was addressed with improved
privacy co ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2025-31235 (A double free issue was addressed with improved memory
management. Thi ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2025-31234 (The issue was addressed with improved input sanitization. This
issue i ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2025-31233 (The issue was addressed with improved input sanitization. This
issue i ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2025-31232 (A logic issue was addressed with improved checks. This issue
is fixed ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2025-31228 (The issue was addressed with improved authentication. This
issue is fi ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2025-31227 (A logic issue was addressed with improved checks. This issue
is fixed ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2025-31226 (A logic issue was addressed with improved checks. This issue
is fixed ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2025-31225 (A privacy issue was addressed by removing sensitive data. This
issue i ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2025-31224 (A logic issue was addressed with improved checks. This issue
is fixed ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2025-31223 (The issue was addressed with improved checks. This issue is
fixed in w ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2025-31222 (A correctness issue was addressed with improved checks. This
issue is ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2025-31221 (An integer overflow was addressed with improved input
validation. This ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2025-31220 (A privacy issue was addressed by removing sensitive data. This
issue i ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2025-31219 (The issue was addressed with improved memory handling. This
issue is f ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2025-31218 (This issue was addressed by removing the vulnerable code. This
issue i ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2025-31217 (The issue was addressed with improved input validation. This
issue is ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2025-31215 (The issue was addressed with improved checks. This issue is
fixed in w ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2025-31214 (This issue was addressed through improved state management.
This issue ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2025-31213 (A logging issue was addressed with improved data redaction.
This issue ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2025-31212 (This issue was addressed through improved state management.
This issue ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2025-31210 (The issue was addressed with improved UI. This issue is fixed
in iPadO ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2025-31209 (An out-of-bounds read was addressed with improved bounds
checking. Thi ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2025-31208 (The issue was addressed with improved checks. This issue is
fixed in w ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2025-31207 (A logic issue was addressed with improved checks. This issue
is fixed ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2025-31206 (A type confusion issue was addressed with improved state
handling. Thi ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2025-31205 (The issue was addressed with improved checks. This issue is
fixed in w ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2025-31204 (The issue was addressed with improved memory handling. This
issue is f ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2025-31196 (An out-of-bounds read was addressed with improved input
validation. Th ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2025-31195 (The issue was addressed by adding additional logic. This issue
is fixe ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2025-30453 (The issue was addressed with additional permissions checks.
This issue ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2025-30448 (This issue was addressed with additional entitlement checks.
This issu ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2025-30442 (The issue was addressed with improved input sanitization. This
issue i ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2025-30440 (The issue was addressed with improved checks. This issue is
fixed in m ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2025-30436 (This issue was addressed by restricting options offered on a
locked de ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2025-30018 (The Live Auction Cockpit in SAP Supplier Relationship
Management (SRM) ...)
- TODO: check
+ NOT-FOR-US: SAP
CVE-2025-30012 (The Live Auction Cockpit in SAP Supplier Relationship
Management (SRM) ...)
- TODO: check
+ NOT-FOR-US: SAP
CVE-2025-30011 (The Live Auction Cockpit in SAP Supplier Relationship
Management (SRM) ...)
- TODO: check
+ NOT-FOR-US: SAP
CVE-2025-30010 (The Live Auction Cockpit in SAP Supplier Relationship
Management (SRM) ...)
- TODO: check
+ NOT-FOR-US: SAP
CVE-2025-30009 (he Live Auction Cockpit in SAP Supplier Relationship
Management (SRM) ...)
- TODO: check
+ NOT-FOR-US: SAP
CVE-2025-26662 (The Data Services Management Console does not sufficiently
encode user ...)
- TODO: check
+ NOT-FOR-US: SAP
CVE-2025-24274 (An input validation issue was addressed by removing the
vulnerable cod ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2025-24258 (A permissions issue was addressed with additional
restrictions. This i ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2025-24225 (An injection issue was addressed with improved input
validation. This ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2025-24223 (The issue was addressed with improved memory handling. This
issue is f ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2025-24222 (The issue was addressed with improved memory handling. This
issue is f ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2025-24220 (A permissions issue was addressed with additional
restrictions. This i ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2025-24155 (The issue was addressed with improved memory handling. This
issue is f ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2025-24144 (An information disclosure issue was addressed by removing the
vulnerab ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2025-24142 (A privacy issue was addressed with improved private data
redaction for ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2025-24111 (A memory corruption issue was addressed with improved state
management ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2025-22249 (VMware Aria automation contains a DOM based Cross-Site
Scripting (XSS) ...)
TODO: check
CVE-2025-22246 (Cloud Foundry UAA release versions from v77.21.0 to v7.31.0
are vulner ...)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/2e99ec078fc6c1c327775807846bd1e9f71f5987
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/2e99ec078fc6c1c327775807846bd1e9f71f5987
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
