[Git][security-tracker-team/security-tracker][master] automatic NOT-FOR-US entries update

Salvatore Bonaccorso (@carnil) Wed, 30 Apr 2025 01:13:41 -0700


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker



Commits:
3895f978 by security tracker role at 2025-04-30T08:13:26+00:00
automatic NOT-FOR-US entries update

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,31 +1,31 @@
 CVE-2025-4095 (Registry Access Management (RAM) is a security feature allowing 
admini ...)
        TODO: check
 CVE-2025-4080 (A vulnerability has been found in PHPGurukul Online Nurse 
Hiring Syste ...)
-       TODO: check
+       NOT-FOR-US: PHPGurukul
 CVE-2025-4079 (A vulnerability, which was classified as critical, was found in 
PCMan  ...)
        TODO: check
 CVE-2025-4078 (A vulnerability, which was classified as problematic, has been 
found i ...)
        TODO: check
 CVE-2025-4077 (A vulnerability classified as critical was found in 
code-projects Scho ...)
-       TODO: check
+       NOT-FOR-US: code-projects
 CVE-2025-4076 (A vulnerability classified as critical has been found in 
LB-LINK BL-AC ...)
        TODO: check
 CVE-2025-4075 (A vulnerability was found in VMSMan up to 20250416. It has been 
rated  ...)
        TODO: check
 CVE-2025-4074 (A vulnerability was found in PHPGurukul Curfew e-Pass 
Management Syste ...)
-       TODO: check
+       NOT-FOR-US: PHPGurukul
 CVE-2025-4073 (A vulnerability was found in PHPGurukul Student Record System 
3.20. It ...)
-       TODO: check
+       NOT-FOR-US: PHPGurukul
 CVE-2025-4072 (A vulnerability was found in PHPGurukul Online Nurse Hiring 
System 1.0 ...)
-       TODO: check
+       NOT-FOR-US: PHPGurukul
 CVE-2025-4071 (A vulnerability has been found in PHPGurukul COVID19 Testing 
Managemen ...)
-       TODO: check
+       NOT-FOR-US: PHPGurukul
 CVE-2025-4070 (A vulnerability, which was classified as critical, was found in 
PHPGur ...)
-       TODO: check
+       NOT-FOR-US: PHPGurukul
 CVE-2025-4069 (A vulnerability, which was classified as critical, has been 
found in c ...)
-       TODO: check
+       NOT-FOR-US: code-projects
 CVE-2025-4068 (A vulnerability classified as critical was found in 
code-projects Simp ...)
-       TODO: check
+       NOT-FOR-US: code-projects
 CVE-2025-4067 (A vulnerability classified as critical has been found in 
ScriptAndTool ...)
        TODO: check
 CVE-2025-4066 (A vulnerability was found in ScriptAndTools 
Online-Travling-System 1.0 ...)
@@ -35,17 +35,17 @@ CVE-2025-4065 (A vulnerability was found in ScriptAndTools 
Online-Travling-Syste
 CVE-2025-4064 (A vulnerability was found in ScriptAndTools 
Online-Travling-System 1.0 ...)
        TODO: check
 CVE-2025-4063 (A vulnerability was found in code-projects Student Information 
Managem ...)
-       TODO: check
+       NOT-FOR-US: code-projects
 CVE-2025-4062 (A vulnerability has been found in code-projects Theater Seat 
Booking S ...)
-       TODO: check
+       NOT-FOR-US: code-projects
 CVE-2025-4061 (A vulnerability, which was classified as critical, was found in 
code-p ...)
-       TODO: check
+       NOT-FOR-US: code-projects
 CVE-2025-4060 (A vulnerability, which was classified as critical, has been 
found in P ...)
-       TODO: check
+       NOT-FOR-US: PHPGurukul
 CVE-2025-4059 (A vulnerability classified as critical was found in 
code-projects Pris ...)
-       TODO: check
+       NOT-FOR-US: code-projects
 CVE-2025-4058 (A vulnerability classified as critical has been found in 
Projectworlds ...)
-       TODO: check
+       NOT-FOR-US: Project Worlds
 CVE-2025-46782
        REJECTED
 CVE-2025-46781
@@ -77,7 +77,7 @@ CVE-2025-46346 (YesWiki is a wiki system written in PHP. 
Prior to version 4.5.4,
 CVE-2025-46344 (The Auth0 Next.js SDK is a library for implementing user 
authenticatio ...)
        TODO: check
 CVE-2025-45956 (A SQL injection vulnerability in manage_damage.php in 
Sourcecodester C ...)
-       TODO: check
+       NOT-FOR-US: SourceCodester
 CVE-2025-40619 (Bookgy does not provide for proper authorisation control in 
multiple a ...)
        TODO: check
 CVE-2025-40618 (SQL injection vulnerability in Bookgy. This vulnerability 
could allow  ...)
@@ -89,7 +89,7 @@ CVE-2025-40616 (Reflected Cross-Site Scripting (XSS) 
vulnerability in Bookgy. Th
 CVE-2025-40615 (Reflected Cross-Site Scripting (XSS) vulnerability in Bookgy. 
This vul ...)
        TODO: check
 CVE-2025-3953 (The WP Statistics \u2013 The Most Popular Privacy-Friendly 
Analytics P ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2025-3929 (An XSS issue was discovered in MDaemon Email Server version 
25.0.1 and ...)
        TODO: check
 CVE-2025-3911 (Recording of environment variables, configured for running 
containers, ...)
@@ -101,17 +101,17 @@ CVE-2025-3891 (A flaw was found in the mod_auth_openidc 
module for Apache httpd.
 CVE-2025-3501 (A flaw was found in Keycloak. By setting a verification policy 
to 'ALL ...)
        TODO: check
 CVE-2025-3471 (The SureForms  WordPress plugin before 1.4.4 does not have 
proper auth ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2025-3452 (The SecuPress Free \u2014 WordPress Security plugin for 
WordPress is v ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2025-3358
        REJECTED
 CVE-2025-3301 (DPA countermeasures are unavailable for ECDH key agreement and 
EdDSA s ...)
-       TODO: check
+       NOT-FOR-US: Silicon Labs
 CVE-2025-32444 (vLLM is a high-throughput and memory-efficient inference and 
serving e ...)
        TODO: check
 CVE-2025-32354 (In Zimbra Collaboration (ZCS) 9.0 through 10.1, a Cross-Site 
Request F ...)
-       TODO: check
+       NOT-FOR-US: Zimbra
 CVE-2025-30202 (vLLM is a high-throughput and memory-efficient inference and 
serving e ...)
        TODO: check
 CVE-2025-29906 (Finit is a fast init for Linux systems. Versions starting from 
3.0-rc1 ...)
@@ -131,13 +131,13 @@ CVE-2025-23178 (CWE-923: Improper Restriction of 
Communication Channel to Intend
 CVE-2025-23177 (CWE-427: Uncontrolled Search Path Element)
        TODO: check
 CVE-2025-22884 (Delta Electronics ISPSoft version 3.20 is vulnerable to a 
Stack-Based  ...)
-       TODO: check
+       NOT-FOR-US: Delta Electronics
 CVE-2025-22883 (Delta Electronics ISPSoft version 3.20 is vulnerable to 
anOut-Of-Bound ...)
-       TODO: check
+       NOT-FOR-US: Delta Electronics
 CVE-2025-22882 (Delta Electronics ISPSoft version 3.20 is vulnerable to a 
Stack-Based  ...)
-       TODO: check
+       NOT-FOR-US: Delta Electronics
 CVE-2025-1551 (IBM Operational Decision Manager 8.11.0.1, 8.11.1.0, 8.12.0.1, 
and 9.0 ...)
-       TODO: check
+       NOT-FOR-US: IBM
 CVE-2025-1194 (A Regular Expression Denial of Service (ReDoS) vulnerability 
was ident ...)
        TODO: check
 CVE-2025-0716 (Improper sanitization of the value of the 'href' and 
'xlink:href' attr ...)



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/3895f978b8c6b311974e96fcaed44fd547a25e8e

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/3895f978b8c6b311974e96fcaed44fd547a25e8e
You're receiving this email because of your account on salsa.debian.org.

_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

[Git][security-tracker-team/security-tracker][master] automatic NOT-FOR-US entries update

Reply via email to