Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
02f78f34 by security tracker role at 2025-05-15T20:12:56+00:00
automatic NOT-FOR-US entries update
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,51 +1,51 @@
CVE-2025-4762 (Insecure Direct Object Reference (IDOR) vulnerability in the
eSignaVie ...)
TODO: check
CVE-2025-4717 (A vulnerability, which was classified as critical, was found in
PHPGur ...)
- TODO: check
+ NOT-FOR-US: PHPGurukul
CVE-2025-4716 (A vulnerability was found in Campcodes Sales and Inventory
System 1.0. ...)
- TODO: check
+ NOT-FOR-US: Campcodes
CVE-2025-4715 (A vulnerability was found in Campcodes Sales and Inventory
System 1.0. ...)
- TODO: check
+ NOT-FOR-US: Campcodes
CVE-2025-4714 (A vulnerability was found in Campcodes Sales and Inventory
System 1.0. ...)
- TODO: check
+ NOT-FOR-US: Campcodes
CVE-2025-4713 (A vulnerability was found in Campcodes Sales and Inventory
System 1.0 ...)
- TODO: check
+ NOT-FOR-US: Campcodes
CVE-2025-4712 (A vulnerability has been found in Campcodes Sales and Inventory
System ...)
- TODO: check
+ NOT-FOR-US: Campcodes
CVE-2025-4711 (A vulnerability, which was classified as critical, was found in
Campco ...)
- TODO: check
+ NOT-FOR-US: Campcodes
CVE-2025-4710 (A vulnerability, which was classified as critical, has been
found in C ...)
- TODO: check
+ NOT-FOR-US: Campcodes
CVE-2025-4709 (A vulnerability classified as critical was found in Campcodes
Sales an ...)
- TODO: check
+ NOT-FOR-US: Campcodes
CVE-2025-4708 (A vulnerability classified as critical has been found in
Campcodes Sal ...)
- TODO: check
+ NOT-FOR-US: Campcodes
CVE-2025-4707 (A vulnerability was found in Campcodes Sales and Inventory
System 1.0. ...)
- TODO: check
+ NOT-FOR-US: Campcodes
CVE-2025-4706 (A vulnerability was found in projectworlds Online Examination
System 1 ...)
- TODO: check
+ NOT-FOR-US: Project Worlds
CVE-2025-4705 (A vulnerability was found in PHPGurukul Vehicle Parking
Management Sys ...)
- TODO: check
+ NOT-FOR-US: PHPGurukul
CVE-2025-4704 (A vulnerability was found in PHPGurukul Vehicle Parking
Management Sys ...)
- TODO: check
+ NOT-FOR-US: PHPGurukul
CVE-2025-4703 (A vulnerability has been found in PHPGurukul Vehicle Parking
Managemen ...)
- TODO: check
+ NOT-FOR-US: PHPGurukul
CVE-2025-4702 (A vulnerability, which was classified as critical, was found in
PHPGur ...)
- TODO: check
+ NOT-FOR-US: PHPGurukul
CVE-2025-4701 (A vulnerability, which was classified as problematic, has been
found i ...)
TODO: check
CVE-2025-4699 (A vulnerability classified as critical was found in PHPGurukul
Apartme ...)
- TODO: check
+ NOT-FOR-US: PHPGurukul
CVE-2025-4698 (A vulnerability classified as critical has been found in
PHPGurukul Di ...)
- TODO: check
+ NOT-FOR-US: PHPGurukul
CVE-2025-4697 (A vulnerability was found in PHPGurukul Directory Management
System 2. ...)
- TODO: check
+ NOT-FOR-US: PHPGurukul
CVE-2025-4696 (A vulnerability was found in PHPGurukul Cyber Cafe Management
System 1 ...)
- TODO: check
+ NOT-FOR-US: PHPGurukul
CVE-2025-4695 (A vulnerability was found in PHPGurukul Cyber Cafe Management
System 1 ...)
- TODO: check
+ NOT-FOR-US: PHPGurukul
CVE-2025-4564 (The TicketBAI Facturas para WooCommerce plugin for WordPress is
vulner ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-4516 (There is an issue in CPython when using
`bytes.decode("unicode_escape" ...)
TODO: check
CVE-2025-48051 (powertip.ts in Lila (for Lichess) before ab0beaf allows XSS in
some ap ...)
@@ -67,7 +67,7 @@ CVE-2025-47784 (Emlog is an open source website building
system. Versions 2.5.13
CVE-2025-47774 (Vyper is the Pythonic Programming Language for the Ethereum
Virtual Ma ...)
TODO: check
CVE-2025-47580 (Missing Authorization vulnerability in Rustaurius Front End
Users allo ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-47285 (Vyper is the Pythonic Programming Language for the Ethereum
Virtual Ma ...)
TODO: check
CVE-2025-47279 (Undici is an HTTP/1.1 client for Node.js. Prior to versions
5.29.0, 6. ...)
@@ -81,15 +81,15 @@ CVE-2025-46053 (A SQL Injection vulnerability in WebERP
v4.15.2 allows attackers
CVE-2025-46052 (An error-based SQL Injection (SQLi) vulnerability in WebERP
v4.15.2 al ...)
TODO: check
CVE-2025-44185 (SourceCodester Best Employee Management System V1.0 is
vulnerable to C ...)
- TODO: check
+ NOT-FOR-US: SourceCodester
CVE-2025-44183 (Phpgurukul Vehicle Record Management System v1.0 is vulnerable
to Cros ...)
- TODO: check
+ NOT-FOR-US: PHPGurukul
CVE-2025-44182 (Phpgurukul Vehicle Record Management System v1.0 is vulnerable
to Cros ...)
- TODO: check
+ NOT-FOR-US: PHPGurukul
CVE-2025-44181 (Phpgurukul Vehicle Record Management System v1.0 is vulnerable
to Cros ...)
- TODO: check
+ NOT-FOR-US: PHPGurukul
CVE-2025-44180 (Phpgurukul Vehicle Record Management System v1.0 is vulnerable
to Cros ...)
- TODO: check
+ NOT-FOR-US: PHPGurukul
CVE-2025-44110 (FluxBB 1.5.11 is vulnerable to Cross Site Scripting (XSS) in
via the F ...)
TODO: check
CVE-2025-43853 (The WebAssembly Micro Runtime's (WAMR) iwasm package is the
executable ...)
@@ -97,9 +97,9 @@ CVE-2025-43853 (The WebAssembly Micro Runtime's (WAMR) iwasm
package is the exec
CVE-2025-3446 (Mattermost versions 10.6.x <= 10.6.1, 10.5.x <= 10.5.2, 10.4.x
<= 10.4 ...)
TODO: check
CVE-2025-3440 (IBM Security Guardium 11.5 is vulnerable to stored cross-site
scriptin ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2025-32922 (Cross-Site Request Forgery (CSRF) vulnerability in Tobias
WP2LEADS all ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-32738 (Missing authentication for critical function issue exists in
I-O DATA ...)
TODO: check
CVE-2025-32002 (Improper neutralization of special elements used in an OS
command ('OS ...)
@@ -107,9 +107,9 @@ CVE-2025-32002 (Improper neutralization of special elements
used in an OS comman
CVE-2025-31947 (Mattermost versions 10.6.x <= 10.6.1, 10.5.x <= 10.5.2, 10.4.x
<= 10.4 ...)
TODO: check
CVE-2025-30476 (Dell PowerScale InsightIQ, version 5.2, contains an
uncontrolled resou ...)
- TODO: check
+ NOT-FOR-US: Dell / EMC
CVE-2025-30475 (Dell PowerScale InsightIQ, versions 5.0 through 5.2, contains
an impro ...)
- TODO: check
+ NOT-FOR-US: Dell / EMC
CVE-2025-30421 (There is a memory corruption vulnerability due to a
stack-based buffer ...)
TODO: check
CVE-2025-30420 (There is a memory corruption vulnerability due to an out of
bounds rea ...)
@@ -125,11 +125,11 @@ CVE-2025-2570 (Mattermost versions 10.5.x <= 10.5.3,
9.11.x <= 9.11.11 fail to c
CVE-2025-2527 (Mattermost versions 10.5.x <= 10.5.2, 9.11.x <= 9.11.11 failed
to prop ...)
TODO: check
CVE-2025-26481 (Dell PowerScale OneFS, versions 9.4.0.0 through 9.9.0.0,
contains an u ...)
- TODO: check
+ NOT-FOR-US: Dell / EMC
CVE-2025-1647 (Improper Neutralization of Input During Web Page Generation
(XSS or 'C ...)
TODO: check
CVE-2024-56006 (Missing Authorization vulnerability in Automattic Jetpack
Debug Tools. ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2024-52880 (An issue was discovered in Insyde InsydeH2O kernel 5.2 before
version ...)
TODO: check
CVE-2024-52879 (An issue was discovered in Insyde InsydeH2O kernel 5.2 before
version ...)
@@ -139,7 +139,7 @@ CVE-2024-52878 (An issue was discovered in Insyde InsydeH2O
kernel 5.2 before ve
CVE-2024-52877 (An issue was discovered in Insyde InsydeH2O kernel 5.2 before
version ...)
TODO: check
CVE-2024-51666 (Missing Authorization vulnerability in Automattic Tours.This
issue aff ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-4737 (Insufficient encryption vulnerability in the mobile application
(com.t ...)
TODO: check
CVE-2025-4591 (The Weluka Lite plugin for WordPress is vulnerable to Stored
Cross-Sit ...)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/02f78f34c38800a3ebcca1aa63d06eba8d76b829
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/02f78f34c38800a3ebcca1aa63d06eba8d76b829
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
