Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
d3c9bf50 by security tracker role at 2025-06-26T20:13:01+00:00
automatic NOT-FOR-US entries update
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -15,45 +15,45 @@ CVE-2025-6701 (A vulnerability, which was classified as
problematic, has been fo
CVE-2025-6700 (A vulnerability classified as problematic was found in Xuxueli
xxl-sso ...)
TODO: check
CVE-2025-6699 (A vulnerability classified as problematic has been found in
LabRedesCe ...)
- TODO: check
+ NOT-FOR-US: WeGIA
CVE-2025-6698 (A vulnerability was found in LabRedesCefetRJ WeGIA 3.4.0. It
has been ...)
- TODO: check
+ NOT-FOR-US: WeGIA
CVE-2025-6697 (A vulnerability was found in LabRedesCefetRJ WeGIA 3.4.0. It
has been ...)
- TODO: check
+ NOT-FOR-US: WeGIA
CVE-2025-6696 (A vulnerability was found in LabRedesCefetRJ WeGIA 3.4.0. It
has been ...)
- TODO: check
+ NOT-FOR-US: WeGIA
CVE-2025-6695 (A vulnerability was found in LabRedesCefetRJ WeGIA 3.4.0 and
classifie ...)
- TODO: check
+ NOT-FOR-US: WeGIA
CVE-2025-6694 (A vulnerability has been found in LabRedesCefetRJ WeGIA 3.4.0
and clas ...)
- TODO: check
+ NOT-FOR-US: WeGIA
CVE-2025-6693 (A vulnerability, which was classified as critical, was found in
RT-Thr ...)
TODO: check
CVE-2025-6677 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: Drupal core and addons
CVE-2025-6676 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: Drupal core and addons
CVE-2025-6675 (Authentication Bypass Using an Alternate Path or Channel
vulnerability ...)
- TODO: check
+ NOT-FOR-US: Drupal core and addons
CVE-2025-6674 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: Drupal core and addons
CVE-2025-6562 (Certain hybrid DVR models (HBF-09KD and HBF-16NK) from Hunt
Electronic ...)
TODO: check
CVE-2025-6561 (Certain hybrid DVR models ((HBF-09KD and HBF-16NK)) from Hunt
Electron ...)
TODO: check
CVE-2025-6212 (The Ultra Addons for Contact Form 7 plugin for WordPress is
vulnerable ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-5995 (Canon EOS Webcam Utility Pro for MAC OS version 2.3d (2.3.29)
and earl ...)
TODO: check
CVE-2025-5966 (Zohocorp ManageEngine Exchange reporter Plus version5722 and
below are ...)
- TODO: check
+ NOT-FOR-US: Zoho
CVE-2025-5842 (The Modern Design Library plugin for WordPress is vulnerable to
Stored ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-5682 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: Drupal core and addons
CVE-2025-5366 (Zohocorp ManageEngine Exchange reporter Plus version5722 and
below are ...)
- TODO: check
+ NOT-FOR-US: Zoho
CVE-2025-5338 (The Royal Elementor Addons plugin for WordPress is vulnerable
to Store ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-53122 (Improper Neutralization of Special Elements used in an SQL
Command ('S ...)
TODO: check
CVE-2025-53121 (Multiple stored XSS were found on different nodes with
unsanitized par ...)
@@ -79,11 +79,11 @@ CVE-2025-52573 (iOS Simulator MCP Server
(ios-simulator-mcp) is a Model Context
CVE-2025-52477 (Octo-STS is a GitHub App that acts like a Security Token
Service (STS) ...)
TODO: check
CVE-2025-51672 (A time-based blind SQL injection vulnerability was identified
in the P ...)
- TODO: check
+ NOT-FOR-US: PHPGurukul
CVE-2025-51671 (A SQL injection vulnerability was discovered in the PHPGurukul
Dairy F ...)
- TODO: check
+ NOT-FOR-US: PHPGurukul
CVE-2025-50350 (PHPGurukul Pre-School Enrollment System Project v1.0 is
vulnerable to ...)
- TODO: check
+ NOT-FOR-US: PHPGurukul
CVE-2025-49603 (Northern.tech Mender Server before 3.7.11 and 4.x before 4.0.1
has Inc ...)
TODO: check
CVE-2025-49592 (n8n is a workflow automation platform. Versions prior to
1.98.0 have a ...)
@@ -91,11 +91,11 @@ CVE-2025-49592 (n8n is a workflow automation platform.
Versions prior to 1.98.0
CVE-2025-49003 (DataEase is an open source business intelligence and data
visualizatio ...)
TODO: check
CVE-2025-48923 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: Drupal core and addons
CVE-2025-48922 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: Drupal core and addons
CVE-2025-48921 (Cross-Site Request Forgery (CSRF) vulnerability in Drupal Open
Social ...)
- TODO: check
+ NOT-FOR-US: Drupal core and addons
CVE-2025-44141 (A Cross-Site Scripting (XSS) vulnerability exists in the node
creation ...)
TODO: check
CVE-2025-3773 (A sensitive information exposure vulnerability in System
Information ...)
@@ -105,11 +105,11 @@ CVE-2025-3771 (A path or symbolic link manipulation
vulnerability in SIR 1.0.3 a
CVE-2025-3722 (A path traversal vulnerability in System Information Reporter
(SIR) 1. ...)
TODO: check
CVE-2025-36034 (IBM InfoSphere DataStage Flow Designer in IBM InfoSphere
Information S ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2025-34049 (An OS command injection vulnerability exists in the OptiLink
ONT1GEW G ...)
TODO: check
CVE-2025-34048 (A path traversal vulnerability exists in the web management
interface ...)
- TODO: check
+ NOT-FOR-US: D-Link
CVE-2025-34047 (A path traversal vulnerability exists in the Leadsec SSL VPN
(formerly ...)
TODO: check
CVE-2025-34046 (An unauthenticated file upload vulnerability exists in the
Fanwei E-Of ...)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/d3c9bf502c0b7bc8f42dfe08e2baa6b8000baf09
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/d3c9bf502c0b7bc8f42dfe08e2baa6b8000baf09
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
