Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
96934f6c by security tracker role at 2025-05-16T20:14:12+00:00
automatic NOT-FOR-US entries update
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,19 +1,19 @@
CVE-2025-4809 (A vulnerability was found in Tenda AC7 15.03.06.44. It has been
classi ...)
- TODO: check
+ NOT-FOR-US: Tenda
CVE-2025-4808 (A vulnerability was found in PHPGurukul Park Ticketing
Management Syst ...)
- TODO: check
+ NOT-FOR-US: PHPGurukul
CVE-2025-4807 (A vulnerability, which was classified as problematic, was found
in Sou ...)
- TODO: check
+ NOT-FOR-US: SourceCodester
CVE-2025-4806 (A vulnerability, which was classified as critical, has been
found in S ...)
- TODO: check
+ NOT-FOR-US: SourceCodester
CVE-2025-4802 (Untrusted LD_LIBRARY_PATH environment variable vulnerability in
the GN ...)
TODO: check
CVE-2025-4795 (A vulnerability classified as critical has been found in
gongfuxiang s ...)
TODO: check
CVE-2025-4794 (A vulnerability was found in PHPGurukul Online Course
Registration 3.1 ...)
- TODO: check
+ NOT-FOR-US: PHPGurukul
CVE-2025-4793 (A vulnerability was found in PHPGurukul Online Course
Registration 3.1 ...)
- TODO: check
+ NOT-FOR-US: PHPGurukul
CVE-2025-4792 (A vulnerability was found in FreeFloat FTP Server 1.0 and
classified a ...)
TODO: check
CVE-2025-4791 (A vulnerability has been found in FreeFloat FTP Server 1.0 and
classif ...)
@@ -25,29 +25,29 @@ CVE-2025-4789 (A vulnerability, which was classified as
critical, has been found
CVE-2025-4788 (A vulnerability classified as critical was found in FreeFloat
FTP Serv ...)
TODO: check
CVE-2025-4787 (A vulnerability classified as critical has been found in
SourceCodeste ...)
- TODO: check
+ NOT-FOR-US: SourceCodester
CVE-2025-4786 (A vulnerability was found in SourceCodester/oretnom23 Stock
Management ...)
- TODO: check
+ NOT-FOR-US: SourceCodester
CVE-2025-4785 (A vulnerability was found in PHPGurukul Daily Expense Tracker
System 1 ...)
- TODO: check
+ NOT-FOR-US: PHPGurukul
CVE-2025-4782 (A vulnerability has been found in SourceCodester/oretnom23
Stock Manag ...)
- TODO: check
+ NOT-FOR-US: SourceCodester
CVE-2025-4781 (A vulnerability classified as critical has been found in
PHPGurukul Pa ...)
- TODO: check
+ NOT-FOR-US: PHPGurukul
CVE-2025-4780 (A vulnerability was found in PHPGurukul Park Ticketing
Management Syst ...)
- TODO: check
+ NOT-FOR-US: PHPGurukul
CVE-2025-4778 (A vulnerability was found in PHPGurukul Park Ticketing
Management Syst ...)
- TODO: check
+ NOT-FOR-US: PHPGurukul
CVE-2025-4777 (A vulnerability was found in PHPGurukul Park Ticketing
Management Syst ...)
- TODO: check
+ NOT-FOR-US: PHPGurukul
CVE-2025-4773 (A vulnerability was found in PHPGurukul Online Course
Registration 3.1 ...)
- TODO: check
+ NOT-FOR-US: PHPGurukul
CVE-2025-4772 (A vulnerability has been found in PHPGurukul Online Course
Registratio ...)
- TODO: check
+ NOT-FOR-US: PHPGurukul
CVE-2025-4771 (A vulnerability, which was classified as critical, was found in
PHPGur ...)
- TODO: check
+ NOT-FOR-US: PHPGurukul
CVE-2025-4770 (A vulnerability, which was classified as critical, has been
found in P ...)
- TODO: check
+ NOT-FOR-US: PHPGurukul
CVE-2025-4769 (A vulnerability classified as critical was found in CBEWIN
Anytxt Sear ...)
TODO: check
CVE-2025-4768 (A vulnerability classified as critical has been found in
feng_ha_ha/me ...)
@@ -55,23 +55,23 @@ CVE-2025-4768 (A vulnerability classified as critical has
been found in feng_ha_
CVE-2025-4767 (A vulnerability was found in defog-ai introspect up to 0.1.4.
It has b ...)
TODO: check
CVE-2025-4766 (A vulnerability was found in PHPGurukul Zoo Management System
2.1. It ...)
- TODO: check
+ NOT-FOR-US: PHPGurukul
CVE-2025-4765 (A vulnerability was found in PHPGurukul Zoo Management System
2.1. It ...)
- TODO: check
+ NOT-FOR-US: PHPGurukul
CVE-2025-4761 (A vulnerability has been found in PHPGurukul Complaint
Management Syst ...)
- TODO: check
+ NOT-FOR-US: PHPGurukul
CVE-2025-4758 (A vulnerability classified as critical has been found in
PHPGurukul Be ...)
- TODO: check
+ NOT-FOR-US: PHPGurukul
CVE-2025-4679 (A vulnerability in Synology Active Backup for Microsoft 365
allows rem ...)
- TODO: check
+ NOT-FOR-US: Synology
CVE-2025-4600 (A request smuggling vulnerability existed in the Google Cloud
Classic ...)
TODO: check
CVE-2025-4211 (Improper Link Resolution Before File Access ('Link Following')
vulnera ...)
TODO: check
CVE-2025-48146 (Cross-Site Request Forgery (CSRF) vulnerability in Michael
Lups SEO Fl ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-48144 (Cross-Site Request Forgery (CSRF) vulnerability in sidngr
Import Expor ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-48138 (Missing Authorization vulnerability in berthaai BERTHA AI
allows Explo ...)
TODO: check
CVE-2025-48137 (Improper Neutralization of Special Elements used in an SQL
Command ('S ...)
@@ -93,9 +93,9 @@ CVE-2025-48127 (Missing Authorization vulnerability in App
Cheap Push notificati
CVE-2025-48121 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
TODO: check
CVE-2025-48120 (Improper Control of Generation of Code ('Code Injection')
vulnerabilit ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-48119 (Improper Control of Generation of Code ('Code Injection')
vulnerabilit ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-48117 (Missing Authorization vulnerability in kilbot WooCommerce POS
allows E ...)
TODO: check
CVE-2025-48116 (Missing Authorization vulnerability in Ashan Perera EventON
allows Acc ...)
@@ -103,11 +103,11 @@ CVE-2025-48116 (Missing Authorization vulnerability in
Ashan Perera EventON allo
CVE-2025-48115 (Cross-Site Request Forgery (CSRF) vulnerability in Javier
Revilla Vali ...)
TODO: check
CVE-2025-48114 (Cross-Site Request Forgery (CSRF) vulnerability in Shayan
Farhang Pazh ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-48113 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
TODO: check
CVE-2025-48112 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-48080 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
TODO: check
CVE-2025-48079 (Missing Authorization vulnerability in Metagauss ProfileGrid
allows E ...)
@@ -125,25 +125,25 @@ CVE-2025-47791 (Nextcloud Server is a self hosted
personal cloud system. In Next
CVE-2025-47790 (Nextcloud Server is a self hosted personal cloud system.
Nextcloud Ser ...)
TODO: check
CVE-2025-47693 (Improper Control of Filename for Include/Require Statement in
PHP Prog ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-47567 (Improper Neutralization of Special Elements used in an SQL
Command ('S ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-47564 (Missing Authorization vulnerability in ashanjay EventON allows
Accessi ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-47563 (Missing Authorization vulnerability in villatheme CURCY allows
Accessi ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-47562 (Improper Control of Generation of Code ('Code Injection')
vulnerabilit ...)
TODO: check
CVE-2025-47560 (Missing Authorization vulnerability in RomanCode MapSVG allows
Exploit ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-47557 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-47556 (Missing Authorization vulnerability in QuanticaLabs CSS3
Compare Prici ...)
TODO: check
CVE-2025-47534 (Missing Authorization vulnerability in ValvePress Wordpress
Auto Spinn ...)
TODO: check
CVE-2025-46464 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-40906 (BSON::XS versions 0.8.4 and earlier for Perl includes a
bundled libbso ...)
TODO: check
CVE-2025-40632 (Cross-site scripting (XSS) in Icewarp Mail Server affecting
version 11 ...)
@@ -159,37 +159,37 @@ CVE-2025-39537 (Authorization Bypass Through
User-Controlled Key vulnerability i
CVE-2025-39511 (Missing Authorization vulnerability in ValvePress Pinterest
Automatic ...)
TODO: check
CVE-2025-39509 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-39507 (Improper Control of Filename for Include/Require Statement in
PHP Prog ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-39493 (Missing Authorization vulnerability in ValvePress Rankie
allows Exploi ...)
TODO: check
CVE-2025-39492 (Path Traversal vulnerability in WHMPress WHMpress allows
Relative Path ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-39491 (Path Traversal vulnerability in WHMPress WHMpress allows Path
Traversa ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-39482 (Missing Authorization vulnerability in imithemes Eventer
allows Exploi ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-39481 (Improper Neutralization of Special Elements used in an SQL
Command ('S ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-32962 (Flask-AppBuilder is an application development framework built
on top ...)
TODO: check
CVE-2025-32643 (Improper Neutralization of Special Elements used in an SQL
Command ('S ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-32310 (Cross-Site Request Forgery (CSRF) vulnerability in ThemeMove
QuickCal ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-32307 (Improper Neutralization of Special Elements used in an SQL
Command ('S ...)
TODO: check
CVE-2025-32306 (Improper Neutralization of Special Elements used in an SQL
Command ('S ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-32301 (Improper Neutralization of Special Elements used in an SQL
Command ('S ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-32299 (Exposure of Sensitive System Information to an Unauthorized
Control Sp ...)
TODO: check
CVE-2025-32296 (Missing Authorization vulnerability in quantumcloud Simple
Link Direct ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-32295 (Missing Authorization vulnerability in wordpresschef Salon
Booking Pro ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-32290 (Improper Neutralization of Special Elements used in an SQL
Command ('S ...)
TODO: check
CVE-2025-32287 (Improper Neutralization of Special Elements used in an SQL
Command ('S ...)
@@ -205,7 +205,7 @@ CVE-2025-31926 (Improper Neutralization of Special Elements
used in an SQL Comma
CVE-2025-31923 (Missing Authorization vulnerability in QuanticaLabs CSS3
Accordions fo ...)
TODO: check
CVE-2025-31922 (Cross-Site Request Forgery (CSRF) vulnerability in
QuanticaLabs CSS3 A ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-31921 (Cross-Site Request Forgery (CSRF) vulnerability in loopus WP
Ultimate ...)
TODO: check
CVE-2025-31915 (Cross-Site Request Forgery (CSRF) vulnerability in
kamleshyadav Pixel ...)
@@ -221,7 +221,7 @@ CVE-2025-31637 (Improper Neutralization of Special Elements
used in an SQL Comma
CVE-2025-31630 (Missing Authorization vulnerability in themeton The Business
allows Ex ...)
TODO: check
CVE-2025-31071 (Missing Authorization vulnerability in themeton HotStar \u2013
Multi-P ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-31068 (Cross-Site Request Forgery (CSRF) vulnerability in themeton
Seven Star ...)
TODO: check
CVE-2025-31066 (Missing Authorization vulnerability in themeton Acerola allows
Exploit ...)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/96934f6c928a15c61046ac3ca8ba3b95412be48b
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/96934f6c928a15c61046ac3ca8ba3b95412be48b
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
