Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
f68d1ef7 by security tracker role at 2025-07-11T20:14:10+00:00
automatic NOT-FOR-US entries update
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,11 +1,11 @@
CVE-2025-7503 (An OEM IP camera manufactured by Shenzhen Liandian
Communication Techn ...)
TODO: check
CVE-2025-7456 (A vulnerability, which was classified as critical, has been
found in C ...)
- TODO: check
+ NOT-FOR-US: Campcodes
CVE-2025-7455 (A vulnerability classified as critical was found in Campcodes
Online M ...)
- TODO: check
+ NOT-FOR-US: Campcodes
CVE-2025-7454 (A vulnerability classified as critical has been found in
Campcodes Onl ...)
- TODO: check
+ NOT-FOR-US: Campcodes
CVE-2025-7453 (A vulnerability was found in saltbo zpan up to
1.6.5/1.7.0-beta2. It h ...)
TODO: check
CVE-2025-7452 (A vulnerability was found in kone-net go-chat up to
f9e58d0afa9bbdb31f ...)
@@ -21,15 +21,15 @@ CVE-2025-7027 (A vulnerability in the Software SMI handler
(SwSmiInputValue 0xB2
CVE-2025-7026 (A vulnerability in the Software SMI handler (SwSmiInputValue
0xB2) all ...)
TODO: check
CVE-2025-6851 (The Broken Link Notifier plugin for WordPress is vulnerable to
Server- ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-6838 (The Broken Link Notifier plugin for WordPress is vulnerable to
CSV Inj ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-6788 (CWE-668: Exposure of Resource to Wrong Sphere vulnerability
exists tha ...)
- TODO: check
+ NOT-FOR-US: Schneider Electric
CVE-2025-6549 (An Incorrect Authorization vulnerability in the web server of
Juniper ...)
- TODO: check
+ NOT-FOR-US: Juniper
CVE-2025-6438 (CWE-611: Improper Restriction of XML External Entity Reference
vulnera ...)
- TODO: check
+ NOT-FOR-US: Schneider Electric
CVE-2025-53642 (haxcms-nodejs and haxcms-php are backends for HAXcms. The
logout funct ...)
TODO: check
CVE-2025-53641 (Postiz is an AI social media scheduling tool. From 1.45.1 to
1.62.3, t ...)
@@ -37,69 +37,69 @@ CVE-2025-53641 (Postiz is an AI social media scheduling
tool. From 1.45.1 to 1.6
CVE-2025-52994 (gif_outputAsJpeg in phpThumb through 1.7.23 allows
phpthumb.gif.php OS ...)
TODO: check
CVE-2025-52989 (An Improper Neutralization of Delimiters vulnerability in the
UI of Ju ...)
- TODO: check
+ NOT-FOR-US: Juniper
CVE-2025-52988 (An Improper Neutralization of Special Elements used in an OS
Command ( ...)
- TODO: check
+ NOT-FOR-US: Juniper
CVE-2025-52986 (A Missing Release of Memory after Effective Lifetime
vulnerability in ...)
- TODO: check
+ NOT-FOR-US: Juniper
CVE-2025-52985 (A Use of Incorrect Operator vulnerability in the Routing
Engine firew ...)
- TODO: check
+ NOT-FOR-US: Juniper
CVE-2025-52984 (A NULL Pointer Dereference vulnerability in the routing
protocol daemo ...)
- TODO: check
+ NOT-FOR-US: Juniper
CVE-2025-52983 (A UI Discrepancy for Security Feature vulnerability in the UI
of Juni ...)
- TODO: check
+ NOT-FOR-US: Juniper
CVE-2025-52982 (An Improper Resource Shutdown or Release vulnerability in the
SIP ALG ...)
- TODO: check
+ NOT-FOR-US: Juniper
CVE-2025-52981 (An Improper Check for Unusual or Exceptional Conditions
vulnerability ...)
- TODO: check
+ NOT-FOR-US: Juniper
CVE-2025-52980 (A Use of Incorrect Byte Ordering vulnerability in the
Routing Prot ...)
- TODO: check
+ NOT-FOR-US: Juniper
CVE-2025-52964 (A Reachable Assertion vulnerability in the Routing Protocol
Daemon (rp ...)
- TODO: check
+ NOT-FOR-US: Juniper
CVE-2025-52963 (An Improper Access Control vulnerability in the User Interface
(UI) of ...)
- TODO: check
+ NOT-FOR-US: Juniper
CVE-2025-52958 (A Reachable Assertion vulnerability in the routing protocol
daemon (rp ...)
- TODO: check
+ NOT-FOR-US: Juniper
CVE-2025-52955 (An Incorrect Calculation of Buffer Size vulnerability in the
routing p ...)
- TODO: check
+ NOT-FOR-US: Juniper
CVE-2025-52954 (A Missing Authorization vulnerability in the internal virtual
routing ...)
- TODO: check
+ NOT-FOR-US: Juniper
CVE-2025-52953 (An Expected Behavior Violationvulnerability in the routing
protocol da ...)
- TODO: check
+ NOT-FOR-US: Juniper
CVE-2025-52952 (An Out-of-bounds Write vulnerability in the connectivity fault
managem ...)
- TODO: check
+ NOT-FOR-US: Juniper
CVE-2025-52951 (A Protection Mechanism Failure vulnerability in kernel filter
processi ...)
- TODO: check
+ NOT-FOR-US: Juniper
CVE-2025-52950 (AMissing Authorization vulnerability in Juniper Networks
Security Dire ...)
- TODO: check
+ NOT-FOR-US: Juniper
CVE-2025-52949 (An Improper Handling of Length Parameter Inconsistency
vulnerability i ...)
- TODO: check
+ NOT-FOR-US: Juniper
CVE-2025-52948 (An Improper Handling of Exceptional Conditions vulnerability
in Berkel ...)
- TODO: check
+ NOT-FOR-US: Juniper
CVE-2025-52947 (An Improper Handling of Exceptional Conditions vulnerability
in route ...)
- TODO: check
+ NOT-FOR-US: Juniper
CVE-2025-52946 (A Use After Free vulnerability in the routing protocol daemon
(rpd) of ...)
- TODO: check
+ NOT-FOR-US: Juniper
CVE-2025-52089 (A hidden remote support feature protected by a static secret
in TOTOLI ...)
TODO: check
CVE-2025-51591 (A Server-Side Request Forgery (SSRF) in JGM Pandoc v3.6.4
allows attac ...)
TODO: check
CVE-2025-50125 (CWE-918: Server-Side Request Forgery (SSRF) vulnerability
exists that ...)
- TODO: check
+ NOT-FOR-US: Schneider Electric
CVE-2025-50124 (CWE-269: Improper Privilege Management vulnerability exists
that could ...)
- TODO: check
+ NOT-FOR-US: Schneider Electric
CVE-2025-50123 (CWE-94: Improper Control of Generation of Code ('Code
Injection') vuln ...)
- TODO: check
+ NOT-FOR-US: Schneider Electric
CVE-2025-50122 (CWE-331: Insufficient Entropy vulnerability exists that could
cause ro ...)
- TODO: check
+ NOT-FOR-US: Schneider Electric
CVE-2025-50121 (CWE-78: Improper Neutralization of Special Elements used in an
OS Comm ...)
- TODO: check
+ NOT-FOR-US: Schneider Electric
CVE-2025-47964 (Microsoft Edge (Chromium-based) Spoofing Vulnerability)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2025-47963 (No cwe for this issue in Microsoft Edge (Chromium-based)
allows an una ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2025-47182 (Improper input validation in Microsoft Edge (Chromium-based)
allows an ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2025-45582 (GNU Tar through 1.35 allows file overwrite via directory
traversal in ...)
TODO: check
CVE-2025-43856 (immich is a high performance self-hosted photo and video
management so ...)
@@ -107,9 +107,9 @@ CVE-2025-43856 (immich is a high performance self-hosted
photo and video managem
CVE-2025-3933 (A Regular Expression Denial of Service (ReDoS) vulnerability
was disco ...)
TODO: check
CVE-2025-3631 (An IBM MQ 9.3 and 9.4 Client connecting to an MQ Queue Manager
can cau ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2025-30661 (An Incorrect Permission Assignment for Critical Resource
vulnerability ...)
- TODO: check
+ NOT-FOR-US: Juniper
CVE-2025-30403 (A heap-buffer-overflow vulnerability is possible in mvfst via
a specia ...)
TODO: check
CVE-2025-30402 (A heap-buffer-overflow vulnerability in the loading of
ExecuTorch meth ...)
@@ -718085,7 +718085,7 @@ CVE-2013-3309
CVE-2013-3308
RESERVED
CVE-2013-3307 (Linksys E1000 devices through 2.1.02, E1200 devices before
2.0.05, and ...)
- TODO: check
+ NOT-FOR-US: Linksys
CVE-2013-3306
RESERVED
CVE-2013-3305
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/f68d1ef71384ab1cf84aa67ef48e6417d8c9943f
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/f68d1ef71384ab1cf84aa67ef48e6417d8c9943f
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
