Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
a695d911 by security tracker role at 2025-07-08T20:13:45+00:00
automatic NOT-FOR-US entries update
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -7,75 +7,75 @@ CVE-2025-7345 (A flaw exists in gdk\u2011pixbuf within the
gdk_pixbuf__jpeg_imag
CVE-2025-7326 (Weak authentication in EOLASP.NET Core allows an unauthorized
attacker ...)
TODO: check
CVE-2025-7193 (A vulnerability was found in itsourcecode Agri-Trading Online
Shopping ...)
- TODO: check
+ NOT-FOR-US: itsourcecode System
CVE-2025-7192 (A vulnerability was found in D-Link DIR-645 up to 1.05B01 and
classifi ...)
- TODO: check
+ NOT-FOR-US: D-Link
CVE-2025-7191 (A vulnerability has been found in code-projects Student
Enrollment Sys ...)
- TODO: check
+ NOT-FOR-US: code-projects
CVE-2025-7190 (A vulnerability, which was classified as critical, was found in
code-p ...)
- TODO: check
+ NOT-FOR-US: code-projects
CVE-2025-7189 (A vulnerability, which was classified as critical, has been
found in c ...)
- TODO: check
+ NOT-FOR-US: code-projects
CVE-2025-7188 (A vulnerability classified as critical was found in
code-projects Chat ...)
- TODO: check
+ NOT-FOR-US: code-projects
CVE-2025-7187 (A vulnerability classified as critical has been found in
code-projects ...)
- TODO: check
+ NOT-FOR-US: code-projects
CVE-2025-7186 (A vulnerability was found in code-projects Chat System 1.0. It
has bee ...)
- TODO: check
+ NOT-FOR-US: code-projects
CVE-2025-7185 (A vulnerability was found in code-projects Library System 1.0.
It has ...)
- TODO: check
+ NOT-FOR-US: code-projects
CVE-2025-7184 (A vulnerability was found in code-projects Library System 1.0.
It has ...)
- TODO: check
+ NOT-FOR-US: code-projects
CVE-2025-7183 (A vulnerability was found in Campcodes Sales and Inventory
System 1.0 ...)
- TODO: check
+ NOT-FOR-US: Campcodes
CVE-2025-7182 (A vulnerability has been found in itsourcecode Student
Transcript Proc ...)
- TODO: check
+ NOT-FOR-US: itsourcecode System
CVE-2025-7181 (A vulnerability, which was classified as critical, was found in
code-p ...)
- TODO: check
+ NOT-FOR-US: code-projects
CVE-2025-7180 (A vulnerability, which was classified as critical, has been
found in c ...)
- TODO: check
+ NOT-FOR-US: code-projects
CVE-2025-7179 (A vulnerability classified as critical was found in
code-projects Libr ...)
- TODO: check
+ NOT-FOR-US: code-projects
CVE-2025-7178 (A vulnerability classified as critical has been found in
code-projects ...)
- TODO: check
+ NOT-FOR-US: code-projects
CVE-2025-7177 (A vulnerability was found in PHPGurukul Car Washing Management
System ...)
- TODO: check
+ NOT-FOR-US: PHPGurukul
CVE-2025-7176 (A vulnerability was found in PHPGurukul Hospital Management
System 1.0 ...)
- TODO: check
+ NOT-FOR-US: PHPGurukul
CVE-2025-7175 (A vulnerability was found in code-projects E-Commerce Site 1.0.
It has ...)
- TODO: check
+ NOT-FOR-US: code-projects
CVE-2025-7174 (A vulnerability was found in code-projects Library System 1.0
and clas ...)
- TODO: check
+ NOT-FOR-US: code-projects
CVE-2025-7173 (A vulnerability has been found in code-projects Library System
1.0 and ...)
- TODO: check
+ NOT-FOR-US: code-projects
CVE-2025-7172 (A vulnerability, which was classified as critical, was found in
code-p ...)
- TODO: check
+ NOT-FOR-US: code-projects
CVE-2025-7171 (A vulnerability, which was classified as critical, has been
found in c ...)
- TODO: check
+ NOT-FOR-US: code-projects
CVE-2025-7170 (A vulnerability classified as critical was found in
code-projects Crim ...)
- TODO: check
+ NOT-FOR-US: code-projects
CVE-2025-7169 (A vulnerability classified as critical has been found in
code-projects ...)
- TODO: check
+ NOT-FOR-US: code-projects
CVE-2025-7037 (SQL injection in Ivanti Endpoint Manager before version 2024
SU3 and 2 ...)
- TODO: check
+ NOT-FOR-US: Ivanti
CVE-2025-6996 (Improper use of encryption in the agent of Ivanti Endpoint
Manager bef ...)
- TODO: check
+ NOT-FOR-US: Ivanti
CVE-2025-6995 (Improper use of encryption in the agent of Ivanti Endpoint
Manager bef ...)
- TODO: check
+ NOT-FOR-US: Ivanti
CVE-2025-6771 (OS command injection in Ivanti Endpoint Manager Mobile (EPMM)
before v ...)
- TODO: check
+ NOT-FOR-US: Ivanti
CVE-2025-6770 (OS command injection in Ivanti Endpoint Manager Mobile (EPMM)
before v ...)
- TODO: check
+ NOT-FOR-US: Ivanti
CVE-2025-6744 (The The Woodmart theme for WordPress is vulnerable to arbitrary
shortc ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-5464 (Insertion of sensitive information into a log file in Ivanti
Connect S ...)
- TODO: check
+ NOT-FOR-US: Ivanti
CVE-2025-5463 (Insertion of sensitive information into a log file in Ivanti
Connect S ...)
- TODO: check
+ NOT-FOR-US: Ivanti
CVE-2025-5451 (A stack-based buffer overflow in Ivanti Connect Secure before
version ...)
- TODO: check
+ NOT-FOR-US: Ivanti
CVE-2025-5450 (Improper access control in the certificate management component
of Iva ...)
- TODO: check
+ NOT-FOR-US: Ivanti
CVE-2025-53545 (Press, a Frappe custom app that runs Frappe Cloud, manages
infrastruct ...)
TODO: check
CVE-2025-53513 (The /charms endpoint on a Juju controller lacked sufficient
authorizat ...)
@@ -93,11 +93,11 @@ CVE-2025-53355 (MCP Server Kubernetes is an MCP Server that
can connect to a Kub
CVE-2025-50130 (A heap-based buffer overflow vulnerability exists in
VS6Sim.exe contai ...)
TODO: check
CVE-2025-4663 (An Improper Check for Unusual or Exceptional Conditions
vulnerability ...)
- TODO: check
+ NOT-FOR-US: Brocade
CVE-2025-49760 (External control of file name or path in Windows Storage
allows an aut ...)
TODO: check
CVE-2025-49756 (Use of a broken or risky cryptographic algorithm in Office
Developer P ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2025-49753 (Heap-based buffer overflow in Windows Routing and Remote
Access Servic ...)
TODO: check
CVE-2025-49744 (Heap-based buffer overflow in Microsoft Graphics Component
allows an a ...)
@@ -347,37 +347,37 @@ CVE-2025-47178 (Improper neutralization of special
elements used in an sql comma
CVE-2025-47159 (Protection mechanism failure in Windows Virtualization-Based
Security ...)
TODO: check
CVE-2025-47135 (Dimension versions 4.1.2 and earlier are affected by an
out-of-bounds ...)
- TODO: check
+ NOT-FOR-US: Adobe
CVE-2025-47109 (After Effects versions 25.2, 24.6.6 and earlier are affected
by a NULL ...)
- TODO: check
+ NOT-FOR-US: Adobe
CVE-2025-43587 (After Effects versions 25.2, 24.6.6 and earlier are affected
by an out ...)
- TODO: check
+ NOT-FOR-US: Adobe
CVE-2025-43580 (Audition versions 25.2, 24.6.3 and earlier are affected by an
Access o ...)
- TODO: check
+ NOT-FOR-US: Adobe
CVE-2025-43019 (A potential security vulnerability has been identified in the
HP Suppo ...)
- TODO: check
+ NOT-FOR-US: HP
CVE-2025-41224 (A vulnerability has been identified in RUGGEDCOM RMC8388 V5.X
(All ver ...)
- TODO: check
+ NOT-FOR-US: Siemens
CVE-2025-41223 (A vulnerability has been identified in RUGGEDCOM i800 (All
versions), ...)
- TODO: check
+ NOT-FOR-US: Siemens
CVE-2025-41222 (A vulnerability has been identified in RUGGEDCOM i800 (All
versions), ...)
- TODO: check
+ NOT-FOR-US: Siemens
CVE-2025-40742 (A vulnerability has been identified in SIPROTEC 5 6MD84
(CP300) (All v ...)
- TODO: check
+ NOT-FOR-US: Siemens
CVE-2025-40741 (A vulnerability has been identified in Solid Edge SE2025 (All
versions ...)
- TODO: check
+ NOT-FOR-US: Siemens
CVE-2025-40740 (A vulnerability has been identified in Solid Edge SE2025 (All
versions ...)
- TODO: check
+ NOT-FOR-US: Siemens
CVE-2025-40739 (A vulnerability has been identified in Solid Edge SE2025 (All
versions ...)
- TODO: check
+ NOT-FOR-US: Siemens
CVE-2025-40738 (A vulnerability has been identified in SINEC NMS (All versions
< V4.0) ...)
- TODO: check
+ NOT-FOR-US: Siemens
CVE-2025-40737 (A vulnerability has been identified in SINEC NMS (All versions
< V4.0) ...)
- TODO: check
+ NOT-FOR-US: Siemens
CVE-2025-40736 (A vulnerability has been identified in SINEC NMS (All versions
< V4.0) ...)
- TODO: check
+ NOT-FOR-US: Siemens
CVE-2025-40735 (A vulnerability has been identified in SINEC NMS (All versions
< V4.0) ...)
- TODO: check
+ NOT-FOR-US: Siemens
CVE-2025-40721 (Reflected Cross-site Scripting (XSS) vulnerability in versions
prior t ...)
TODO: check
CVE-2025-40720 (Reflected Cross-site Scripting (XSS) vulnerability in versions
prior t ...)
@@ -401,161 +401,161 @@ CVE-2025-40712 (SQL injection vulnerability in versions
prior to 4.7.0 of Quiter
CVE-2025-40711 (SQL injection vulnerability in versions prior to 4.7.0 of
Quiter Gatew ...)
TODO: check
CVE-2025-40593 (A vulnerability has been identified in SIMATIC CN 4100 (All
versions < ...)
- TODO: check
+ NOT-FOR-US: Siemens
CVE-2025-3648 (A vulnerability has been identified in the Now Platform that
could res ...)
- TODO: check
+ NOT-FOR-US: ServiceNow
CVE-2025-3630 (IBM Sterling B2B Integrator 6.0.0.0 through 6.1.2.6, 6.2.0.0
through 6 ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2025-37103 (Hard-coded login credentials were found in HPE Networking
Instant On ...)
- TODO: check
+ NOT-FOR-US: HPE
CVE-2025-37102 (An authenticated command injection vulnerability exists in the
Command ...)
- TODO: check
+ NOT-FOR-US: HPE
CVE-2025-36600 (Dell Client Platform BIOS contains an Improper Access Control
Applied ...)
- TODO: check
+ NOT-FOR-US: Dell / EMC
CVE-2025-33054 (Insufficient UI warning of dangerous operations in Remote
Desktop Clie ...)
TODO: check
CVE-2025-30312 (Dimension versions 4.1.2 and earlier are affected by an
out-of-bounds ...)
- TODO: check
+ NOT-FOR-US: Adobe
CVE-2025-2827 (IBM Sterling File Gateway 6.0.0.0 through 6.1.2.6, and
6.2.0.0 throu ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2025-2793 (IBM Sterling B2B Integrator 6.0.0.0 through 6.1.2.6, 6.2.0.0
through 6 ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2025-29267 (SQL Injection vulnerability in Abis, Inc Adjutant Core
Accounting ERP ...)
TODO: check
CVE-2025-27369 (IBM OpenPages with Watson 8.3 and 9.0 is vulnerable to
informa ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2025-27367 (IBM OpenPages with Watson 8.3 and 9.0 is vulnerable to
improper ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2025-27127 (A vulnerability has been identified in TIA Project-Server (All
version ...)
- TODO: check
+ NOT-FOR-US: Siemens
CVE-2025-27061 (Memory corruption whhile handling the subsystem failure memory
during ...)
- TODO: check
+ NOT-FOR-US: Qualcomm
CVE-2025-27058 (Memory corruption while processing packet data with
exceedingly large ...)
- TODO: check
+ NOT-FOR-US: Qualcomm
CVE-2025-27057 (Transient DOS while handling beacon frames with invalid IE
header leng ...)
- TODO: check
+ NOT-FOR-US: Qualcomm
CVE-2025-27056 (Memory corruption during sub-system restart while processing
clean-up ...)
- TODO: check
+ NOT-FOR-US: Qualcomm
CVE-2025-27055 (Memory corruption during the image encoding process.)
- TODO: check
+ NOT-FOR-US: Qualcomm
CVE-2025-27052 (Memory corruption while processing data packets in diag
received from ...)
- TODO: check
+ NOT-FOR-US: Qualcomm
CVE-2025-27051 (Memory corruption while processing command message in WLAN
Host.)
- TODO: check
+ NOT-FOR-US: Qualcomm
CVE-2025-27050 (Memory corruption while processing event close when client
process ter ...)
- TODO: check
+ NOT-FOR-US: Qualcomm
CVE-2025-27047 (Memory corruption while processing the TESTPATTERNCONFIG
escape path.)
- TODO: check
+ NOT-FOR-US: Qualcomm
CVE-2025-27046 (Memory corruption while processing multiple simultaneous
escape calls.)
- TODO: check
+ NOT-FOR-US: Qualcomm
CVE-2025-27044 (Memory corruption while executing timestamp video decode
command with ...)
- TODO: check
+ NOT-FOR-US: Qualcomm
CVE-2025-27043 (Memory corruption while processing manipulated payload in
video firmwa ...)
- TODO: check
+ NOT-FOR-US: Qualcomm
CVE-2025-27042 (Memory corruption while processing video packets received from
video f ...)
- TODO: check
+ NOT-FOR-US: Qualcomm
CVE-2025-26636 (Processor optimization removal or modification of
security-critical co ...)
TODO: check
CVE-2025-24474 (An Improper Neutralization of Special Elements used in an SQL
Command ...)
- TODO: check
+ NOT-FOR-US: Fortinet
CVE-2025-23365 (A vulnerability has been identified in TIA Administrator (All
versions ...)
- TODO: check
+ NOT-FOR-US: Siemens
CVE-2025-23364 (A vulnerability has been identified in TIA Administrator (All
versions ...)
- TODO: check
+ NOT-FOR-US: Siemens
CVE-2025-21466 (Memory corruption while processing a private escape command in
an even ...)
- TODO: check
+ NOT-FOR-US: Qualcomm
CVE-2025-21454 (Transient DOS while processing received beacon frame.)
- TODO: check
+ NOT-FOR-US: Qualcomm
CVE-2025-21450 (Cryptographic issue occurs due to use of insecure connection
method wh ...)
- TODO: check
+ NOT-FOR-US: Qualcomm
CVE-2025-21449 (Transient DOS may occur while processing malformed length
field in SSI ...)
- TODO: check
+ NOT-FOR-US: Qualcomm
CVE-2025-21446 (Transient DOS may occur when processing vendor-specific
information el ...)
- TODO: check
+ NOT-FOR-US: Qualcomm
CVE-2025-21445 (Memory corruption while copying the result to the transmission
queue w ...)
- TODO: check
+ NOT-FOR-US: Qualcomm
CVE-2025-21444 (Memory corruption while copying the result to the transmission
queue i ...)
- TODO: check
+ NOT-FOR-US: Qualcomm
CVE-2025-21433 (Transient DOS when importing a PKCS#8-encoded RSA private key
with a z ...)
- TODO: check
+ NOT-FOR-US: Qualcomm
CVE-2025-21432 (Memory corruption while retrieving the CBOR data from TA.)
- TODO: check
+ NOT-FOR-US: Qualcomm
CVE-2025-21427 (Information disclosure while decoding this RTP packet Payload
when UE ...)
- TODO: check
+ NOT-FOR-US: Qualcomm
CVE-2025-21426 (Memory corruption while processing camera TPG write request.)
- TODO: check
+ NOT-FOR-US: Qualcomm
CVE-2025-21422 (Cryptographic issue while processing crypto API calls, missing
checks ...)
- TODO: check
+ NOT-FOR-US: Qualcomm
CVE-2025-21195 (Improper link resolution before file access ('link following')
in Serv ...)
TODO: check
CVE-2025-21168 (Substance3D - Designer versions 14.1 and earlier are affected
by an ou ...)
- TODO: check
+ NOT-FOR-US: Adobe
CVE-2025-21167 (Substance3D - Designer versions 14.1 and earlier are affected
by an ou ...)
- TODO: check
+ NOT-FOR-US: Adobe
CVE-2025-21166 (Substance3D - Designer versions 14.1 and earlier are affected
by an ou ...)
- TODO: check
+ NOT-FOR-US: Adobe
CVE-2025-21165 (Substance3D - Designer versions 14.1 and earlier are affected
by an ou ...)
- TODO: check
+ NOT-FOR-US: Adobe
CVE-2025-21164 (Substance3D - Designer versions 14.1 and earlier are affected
by an ou ...)
- TODO: check
+ NOT-FOR-US: Adobe
CVE-2025-21009 (Out-of-bounds read in decoding malformed frame header in
libsavsvc.so ...)
- TODO: check
+ NOT-FOR-US: Samsung Mobile
CVE-2025-21008 (Out-of-bounds read in decoding frame header in libsavsvc.so
prior to A ...)
- TODO: check
+ NOT-FOR-US: Samsung Mobile
CVE-2025-21007 (Out-of-bounds write in accessing uninitialized memory in
libsavsvc.so ...)
- TODO: check
+ NOT-FOR-US: Samsung Mobile
CVE-2025-21006 (Out-of-bounds write in handling of macro blocks for MPEG4
codec in lib ...)
- TODO: check
+ NOT-FOR-US: Samsung Mobile
CVE-2025-21005 (Improper access control in isemtelephony prior to Android 15
allows lo ...)
- TODO: check
+ NOT-FOR-US: Samsung Mobile
CVE-2025-21004 (Improper verification of intent by broadcast receiver in
System UI for ...)
- TODO: check
+ NOT-FOR-US: Samsung Mobile
CVE-2025-21003 (Insecure storage of sensitive information in Emergency SOS
prior to SM ...)
- TODO: check
+ NOT-FOR-US: Samsung Mobile
CVE-2025-21002 (Improper access control in LeAudioService prior to SMR
Jul-2025 Releas ...)
- TODO: check
+ NOT-FOR-US: Samsung Mobile
CVE-2025-21001 (Improper access control in LeAudioService prior to SMR
Jul-2025 Releas ...)
- TODO: check
+ NOT-FOR-US: Samsung Mobile
CVE-2025-21000 (Improper privilege management in Bluetooth prior to SMR
Jul-2025 Relea ...)
- TODO: check
+ NOT-FOR-US: Samsung Mobile
CVE-2025-20999 (Improper authorization in accessing saved Wi-Fi password for
Galaxy Ta ...)
- TODO: check
+ NOT-FOR-US: Samsung Mobile
CVE-2025-20998 (Improper access control in SamsungAccount for Galaxy Watch
prior to SM ...)
- TODO: check
+ NOT-FOR-US: Samsung Mobile
CVE-2025-20997 (Incorrect default permission in Framework for Galaxy Watch
prior to SM ...)
- TODO: check
+ NOT-FOR-US: Samsung Mobile
CVE-2025-20983 (Out-of-bounds write in checking auth secret in KnoxVault
trustlet prio ...)
- TODO: check
+ NOT-FOR-US: Samsung Mobile
CVE-2025-20982 (Out-of-bounds write in setting auth secret in KnoxVault
trustlet prior ...)
- TODO: check
+ NOT-FOR-US: Samsung Mobile
CVE-2025-0928 (In Juju versions prior to 3.6.8 and 2.9.52, any authenticated
controll ...)
TODO: check
CVE-2025-0293 (CLRF injection in Ivanti Connect Secure before version 22.7R2.8
and Iv ...)
- TODO: check
+ NOT-FOR-US: Ivanti
CVE-2025-0292 (SSRF in Ivanti Connect Secure before version 22.7R2.8 and
Ivanti Polic ...)
- TODO: check
+ NOT-FOR-US: Ivanti
CVE-2024-55599 (An Improperly Implemented Security Check for Standard
vulnerability [C ...)
- TODO: check
+ NOT-FOR-US: Fortinet
CVE-2024-53009 (Memory corruption while operating the mailbox in Automotive.)
- TODO: check
+ NOT-FOR-US: Qualcomm
CVE-2024-52965 (A missing critical step in authentication vulnerability
[CWE-304] in F ...)
- TODO: check
+ NOT-FOR-US: Fortinet
CVE-2024-49784 (IBM OpenPages with Watson 8.3 and 9.0 could provide weaker
than expe ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2024-49783 (IBM OpenPages with Watson 8.3 and 9.0 could provide weaker
than ex ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2024-36349 (A transient execution vulnerability in some AMD processors may
allow a ...)
TODO: check
CVE-2024-36348 (A transient execution vulnerability in some AMD processors may
allow a ...)
TODO: check
CVE-2024-31854 (A vulnerability has been identified in SICAM TOOLBOX II (All
versions ...)
- TODO: check
+ NOT-FOR-US: Siemens
CVE-2024-31853 (A vulnerability has been identified in SICAM TOOLBOX II (All
versions ...)
- TODO: check
+ NOT-FOR-US: Siemens
CVE-2023-52236 (A vulnerability has been identified in RUGGEDCOM i800 (All
versions), ...)
- TODO: check
+ NOT-FOR-US: Siemens
CVE-2023-43039 (IBM OpenPages with Watson 9.0 is vulnerable to cross-site
scripting. T ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2025-48386 (Git is a fast, scalable, distributed revision control system
with an u ...)
- git <unfixed>
NOTE: https://github.com/git/git/security/advisories/GHSA-4v56-3xvj-xvfr
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/a695d9111ca89e2ef738b8f4fc317f836915ba5a
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/a695d9111ca89e2ef738b8f4fc317f836915ba5a
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
