Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
85d7b5dd by security tracker role at 2025-07-08T08:13:14+00:00
automatic NOT-FOR-US entries update
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,67 +1,67 @@
CVE-2025-7346 (Any unauthenticated attacker can bypass the localhost
restrictions po ...)
TODO: check
CVE-2025-7327 (The Widget for Google Reviews plugin for WordPress is
vulnerable to Di ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-7168 (A vulnerability was found in code-projects Crime Reporting
System 1.0. ...)
- TODO: check
+ NOT-FOR-US: code-projects
CVE-2025-7167 (A vulnerability was found in code-projects Responsive Blog Site
1.0. I ...)
- TODO: check
+ NOT-FOR-US: code-projects
CVE-2025-7166 (A vulnerability was found in code-projects Responsive Blog Site
1.0. I ...)
- TODO: check
+ NOT-FOR-US: code-projects
CVE-2025-7165 (A vulnerability was found in PHPGurukul/Campcodes Cyber Cafe
Managemen ...)
- TODO: check
+ NOT-FOR-US: Campcodes
CVE-2025-7164 (A vulnerability has been found in PHPGurukul/Campcodes Cyber
Cafe Mana ...)
- TODO: check
+ NOT-FOR-US: Campcodes
CVE-2025-7163 (A vulnerability, which was classified as critical, was found in
PHPGur ...)
- TODO: check
+ NOT-FOR-US: PHPGurukul
CVE-2025-7162 (A vulnerability, which was classified as critical, has been
found in P ...)
- TODO: check
+ NOT-FOR-US: PHPGurukul
CVE-2025-7161 (A vulnerability classified as critical was found in PHPGurukul
Zoo Man ...)
- TODO: check
+ NOT-FOR-US: PHPGurukul
CVE-2025-7160 (A vulnerability classified as critical has been found in
PHPGurukul Zo ...)
- TODO: check
+ NOT-FOR-US: PHPGurukul
CVE-2025-7159 (A vulnerability was found in PHPGurukul Zoo Management System
2.1. It ...)
- TODO: check
+ NOT-FOR-US: PHPGurukul
CVE-2025-7158 (A vulnerability was found in PHPGurukul Zoo Management System
2.1. It ...)
- TODO: check
+ NOT-FOR-US: PHPGurukul
CVE-2025-7157 (A vulnerability was found in code-projects Online Note Sharing
1.0. It ...)
- TODO: check
+ NOT-FOR-US: code-projects
CVE-2025-7156 (A vulnerability has been found in hitsz-ids airda 0.0.3 and
classified ...)
TODO: check
CVE-2025-7155 (A vulnerability, which was classified as critical, was found in
PHPGur ...)
- TODO: check
+ NOT-FOR-US: PHPGurukul
CVE-2025-7154 (A vulnerability, which was classified as critical, has been
found in T ...)
TODO: check
CVE-2025-7153 (A vulnerability classified as problematic was found in
CodeAstro Simpl ...)
- TODO: check
+ NOT-FOR-US: CodeAstro
CVE-2025-7152 (A vulnerability classified as critical has been found in
Campcodes Adv ...)
- TODO: check
+ NOT-FOR-US: Campcodes
CVE-2025-7151 (A vulnerability was found in Campcodes Advanced Online Voting
System 1 ...)
- TODO: check
+ NOT-FOR-US: Campcodes
CVE-2025-7150 (A vulnerability was found in Campcodes Advanced Online Voting
System 1 ...)
- TODO: check
+ NOT-FOR-US: Campcodes
CVE-2025-7149 (A vulnerability was found in Campcodes Advanced Online Voting
System 1 ...)
- TODO: check
+ NOT-FOR-US: Campcodes
CVE-2025-7148 (A vulnerability was found in CodeAstro Simple Hospital
Management Syst ...)
- TODO: check
+ NOT-FOR-US: CodeAstro
CVE-2025-7147 (A vulnerability has been found in CodeAstro Patient Record
Management ...)
- TODO: check
+ NOT-FOR-US: CodeAstro
CVE-2025-7146 (The iPublish System developed by Jhenggao has an Arbitrary File
Readin ...)
TODO: check
CVE-2025-7144 (A vulnerability has been found in SourceCodester Best Salon
Management ...)
- TODO: check
+ NOT-FOR-US: SourceCodester
CVE-2025-6746 (The WoodMart plugin for WordPress is vulnerable to Local File
Inclusio ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-6743 (The Woodmart theme for WordPress is vulnerable to Stored
Cross-Site Sc ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-6244 (The Essential Addons for Elementor \u2013 Popular Elementor
Templates ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-5957 (The Guest Support \u2013 Complete customer support ticket
system for W ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-5570 (The AI Engine plugin for WordPress is vulnerable to Stored
Cross-Site ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-5537 (The Lightbox & Modal Popup WordPress Plugin \u2013 FooBox
plugin for W ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-53617
REJECTED
CVE-2025-53616
@@ -79,59 +79,59 @@ CVE-2025-53611
CVE-2025-53610
REJECTED
CVE-2025-43001 (SAPCAR allows an attacker logged in with high privileges to
override t ...)
- TODO: check
+ NOT-FOR-US: SAP
CVE-2025-42992 (SAPCAR allows an attacker logged in with high privileges to
create a m ...)
- TODO: check
+ NOT-FOR-US: SAP
CVE-2025-42986 (Due to a missing authorization check in an obsolete RFC
enabled functi ...)
- TODO: check
+ NOT-FOR-US: SAP
CVE-2025-42985 (Due to insufficient sanitization in the SAP BusinessObjects
Content Ad ...)
- TODO: check
+ NOT-FOR-US: SAP
CVE-2025-42981 (Due to an open redirect vulnerability in SAP NetWeaver
Application Ser ...)
- TODO: check
+ NOT-FOR-US: SAP
CVE-2025-42980 (SAP NetWeaver Enterprise Portal Federated Portal Network is
vulnerable ...)
- TODO: check
+ NOT-FOR-US: SAP
CVE-2025-42979 (The GuiXT application, which is integrated with SAP GUI for
Windows, u ...)
- TODO: check
+ NOT-FOR-US: SAP
CVE-2025-42978 (The widely used component that establishes outbound TLS
connections in ...)
- TODO: check
+ NOT-FOR-US: SAP
CVE-2025-42974 (Due to missing authorization check, an attacker authenticated
as a non ...)
- TODO: check
+ NOT-FOR-US: SAP
CVE-2025-42973 (Due to a Cross-Site Scripting vulnerability in SAP Data
Services Manag ...)
- TODO: check
+ NOT-FOR-US: SAP
CVE-2025-42971 (A memory corruption vulnerability exists in SAPCAR allowing an
attacke ...)
- TODO: check
+ NOT-FOR-US: SAP
CVE-2025-42970 (SAPCAR improperly sanitizes the file paths while extracting
SAPCAR arc ...)
- TODO: check
+ NOT-FOR-US: SAP
CVE-2025-42969 (SAP NetWeaver Application Server ABAP and ABAP Platform allows
an unau ...)
- TODO: check
+ NOT-FOR-US: SAP
CVE-2025-42968 (SAP NetWeaver allows an authenticated non-administrative user
to call ...)
- TODO: check
+ NOT-FOR-US: SAP
CVE-2025-42967 (SAP S/4HANA and SAP SCM Characteristic Propagation has remote
code exe ...)
- TODO: check
+ NOT-FOR-US: SAP
CVE-2025-42966 (SAP NetWeaver XML Data Archiving Service allows an
authenticated attac ...)
- TODO: check
+ NOT-FOR-US: SAP
CVE-2025-42965 (SAP CMC Promotion Management allows an authenticated attacker
to enume ...)
- TODO: check
+ NOT-FOR-US: SAP
CVE-2025-42964 (SAP NetWeaver Enterprise Portal Administration is vulnerable
when a pr ...)
- TODO: check
+ NOT-FOR-US: SAP
CVE-2025-42963 (A critical vulnerability in SAP NetWeaver Application server
for Java ...)
- TODO: check
+ NOT-FOR-US: SAP
CVE-2025-42962 (SAP Business Warehouse (Business Explorer Web) allows an
attacker to c ...)
- TODO: check
+ NOT-FOR-US: SAP
CVE-2025-42961 (Due to a missing authorization check in SAP NetWeaver
Application serv ...)
- TODO: check
+ NOT-FOR-US: SAP
CVE-2025-42960 (SAP Business Warehouse and SAP BW/4HANA BEx Tools allow an
authenticat ...)
- TODO: check
+ NOT-FOR-US: SAP
CVE-2025-42959 (An unauthenticated attacker may exploit a scenario where a
Hashed Mess ...)
- TODO: check
+ NOT-FOR-US: SAP
CVE-2025-42956 (SAP NetWeaver Application Server ABAP and ABAP Platform allows
an unau ...)
- TODO: check
+ NOT-FOR-US: SAP
CVE-2025-42954 (SAP NetWeaver Business Warehouse CCAW application allows a
privileged ...)
- TODO: check
+ NOT-FOR-US: SAP
CVE-2025-42953 (SAP Netweaver System Configuration does not perform necessary
authoriz ...)
- TODO: check
+ NOT-FOR-US: SAP
CVE-2025-42952 (SAP Business Warehouse and SAP Plug-In Basis allows an
authenticated a ...)
- TODO: check
+ NOT-FOR-US: SAP
CVE-2025-41668 (A low privileged remote attacker with file access can replace
a critic ...)
TODO: check
CVE-2025-41667 (A low privileged remote attacker with file access can replace
a critic ...)
@@ -145,7 +145,7 @@ CVE-2025-38237 (In the Linux kernel, the following
vulnerability has been resolv
CVE-2025-38236 (In the Linux kernel, the following vulnerability has been
resolved: a ...)
TODO: check
CVE-2025-31326 (SAP\ufffdBusinessObjects Business\ufffdIntelligence Platform
(Web Inte ...)
- TODO: check
+ NOT-FOR-US: SAP
CVE-2025-25271 (An unauthenticated adjacent attacker is able to configure a
new OCPP b ...)
TODO: check
CVE-2025-25270 (An unauthenticated remote attacker can alter the device
configuration ...)
@@ -165,37 +165,37 @@ CVE-2025-24003 (An unauthenticated remote attacker can
use MQTT messages to trig
CVE-2025-24002 (An unauthenticated remote attacker can use MQTT messages to
crash a se ...)
TODO: check
CVE-2025-20695 (In Bluetooth FW, there is a possible system crash due to an
uncaught e ...)
- TODO: check
+ NOT-FOR-US: MediaTek
CVE-2025-20694 (In Bluetooth FW, there is a possible system crash due to an
uncaught e ...)
- TODO: check
+ NOT-FOR-US: MediaTek
CVE-2025-20693 (In wlan STA driver, there is a possible out of bounds read due
to an i ...)
- TODO: check
+ NOT-FOR-US: MediaTek
CVE-2025-20692 (In wlan AP driver, there is a possible out of bounds read due
to an in ...)
- TODO: check
+ NOT-FOR-US: MediaTek
CVE-2025-20691 (In wlan AP driver, there is a possible out of bounds read due
to an in ...)
- TODO: check
+ NOT-FOR-US: MediaTek
CVE-2025-20690 (In wlan AP driver, there is a possible out of bounds read due
to an in ...)
- TODO: check
+ NOT-FOR-US: MediaTek
CVE-2025-20689 (In wlan AP driver, there is a possible out of bounds read due
to an in ...)
- TODO: check
+ NOT-FOR-US: MediaTek
CVE-2025-20688 (In wlan AP driver, there is a possible out of bounds read due
to an in ...)
- TODO: check
+ NOT-FOR-US: MediaTek
CVE-2025-20687 (In Bluetooth driver, there is a possible out of bounds read
due to an ...)
- TODO: check
+ NOT-FOR-US: MediaTek
CVE-2025-20686 (In wlan AP driver, there is a possible out of bounds write due
to an i ...)
- TODO: check
+ NOT-FOR-US: MediaTek
CVE-2025-20685 (In wlan AP driver, there is a possible out of bounds write due
to an i ...)
- TODO: check
+ NOT-FOR-US: MediaTek
CVE-2025-20684 (In wlan AP driver, there is a possible out of bounds write due
to an i ...)
- TODO: check
+ NOT-FOR-US: MediaTek
CVE-2025-20683 (In wlan AP driver, there is a possible out of bounds write due
to an i ...)
- TODO: check
+ NOT-FOR-US: MediaTek
CVE-2025-20682 (In wlan AP driver, there is a possible out of bounds write due
to an i ...)
- TODO: check
+ NOT-FOR-US: MediaTek
CVE-2025-20681 (In wlan AP driver, there is a possible out of bounds write due
to an i ...)
- TODO: check
+ NOT-FOR-US: MediaTek
CVE-2025-20680 (In Bluetooth driver, there is a possible out of bounds write
due to an ...)
- TODO: check
+ NOT-FOR-US: MediaTek
CVE-2025-7259 (An authorized user can issue queries with duplicate _id fields,
that l ...)
- mongodb <removed>
CVE-2025-7143 (A vulnerability, which was classified as problematic, was found
in Sou ...)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/85d7b5dd8f2f5afb540aee3d66fbcbac22bbb0ab
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/85d7b5dd8f2f5afb540aee3d66fbcbac22bbb0ab
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
