Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
84bc6676 by security tracker role at 2025-06-03T20:15:04+00:00
automatic NOT-FOR-US entries update
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -45,31 +45,31 @@ CVE-2025-5498 (A vulnerability was found in slackero
phpwcms up to 1.9.45/1.10.8
CVE-2025-5497 (A vulnerability was found in slackero phpwcms up to
1.9.45/1.10.8. It ...)
TODO: check
CVE-2025-5495 (A vulnerability was found in Netgear WNR614 1.1.0.28_1.0.1WW.
It has b ...)
- TODO: check
+ NOT-FOR-US: Netgear
CVE-2025-5493 (A vulnerability was found in Baison Channel Middleware Product
2.0.1 a ...)
TODO: check
CVE-2025-5492 (A vulnerability has been found in D-Link DI-500WF-WT up to
20250511 an ...)
- TODO: check
+ NOT-FOR-US: D-Link
CVE-2025-5340 (The Music Player for Elementor plugin for WordPress is
vulnerable to S ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-5116 (The WP Plugin Info Card plugin for WordPress is vulnerable to
Stored C ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-5103 (The Ultimate Gift Cards for WooCommerce plugin for WordPress is
vulner ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-4671 (The Profile Builder plugin for WordPress is vulnerable to
Stored Cross ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-4517 (Allows arbitrary filesystem writes outside the extraction
directory du ...)
TODO: check
CVE-2025-4435 (When using a TarFile.errorlevel = 0and extracting with a filter
the do ...)
TODO: check
CVE-2025-4420 (The Vayu Blocks \u2013 Gutenberg Blocks for WordPress &
WooCommerce pl ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-4392 (The Shared Files \u2013 Frontend File Upload Form & Secure File
Sharin ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-4330 (Allows the extraction filter to be ignored, allowing symlink
targets t ...)
TODO: check
CVE-2025-4205 (The Popup Maker plugin for WordPress is vulnerable to Stored
Cross-Sit ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-4138 (Allows the extraction filter to be ignored, allowing symlink
targets t ...)
TODO: check
CVE-2025-48998 (DataEase is an open source business intelligence and data
visualizatio ...)
@@ -99,7 +99,7 @@ CVE-2025-43923 (An issue was discovered in ReportController
in Unicom Focal Poin
CVE-2025-41428 (Improper limitation of a pathname to a restricted directory
('Path Tra ...)
TODO: check
CVE-2025-36564 (Dell Encryption Admin Utilities versions prior to 11.10.2
contain an I ...)
- TODO: check
+ NOT-FOR-US: Dell / EMC
CVE-2025-35036 (Hibernate Validator before 6.2.0 and 7.0.0, by default and
depending h ...)
TODO: check
CVE-2025-32106 (In Audiocodes Mediapack MP-11x through 6.60A.369.002, a
crafted POST r ...)
@@ -115,13 +115,13 @@ CVE-2025-30359 (webpack-dev-server allows users to use
webpack with a developmen
CVE-2025-30167 (Jupyter Core is a package for the core common functionality of
Jupyter ...)
TODO: check
CVE-2025-25022 (IBM QRadar Suite Software 1.10.12.0 through 1.11.2.0 and IBM
Cloud Pak ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2025-25021 (IBM QRadar Suite Software 1.10.12.0 through 1.11.2.0 and IBM
Cloud Pak ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2025-25020 (IBM QRadar Suite Software 1.10.12.0 through 1.11.2.0 and IBM
Cloud Pak ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2025-25019 (IBM QRadar Suite Software 1.10.12.0 through 1.11.2.0 and IBM
Cloud Pak ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2025-23107 (An issue was discovered in Samsung Mobile Processor Exynos
1480 and 24 ...)
TODO: check
CVE-2025-23103 (An issue was discovered in Samsung Mobile Processor Exynos
1480 and 24 ...)
@@ -135,15 +135,15 @@ CVE-2025-23098 (An issue was discovered in Samsung Mobile
Processor Exynos 980,
CVE-2025-23097 (An issue was discovered in Samsung Mobile Processor Exynos
1380. The l ...)
TODO: check
CVE-2025-1725 (The Bit File Manager \u2013 100% Free & Open Source File
Manager and C ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-1334 (IBM QRadar Suite Software 1.10.12.0 through 1.11.2.0 and IBM
Cloud Pak ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2024-54189 (A privilege escalation vulnerability exists in the Snapshot
functional ...)
TODO: check
CVE-2024-52561 (A privilege escalation vulnerability exists in the Snapshot
functional ...)
TODO: check
CVE-2024-45655 (IBM Application Gateway 19.12 through 24.09 could allow a
local privil ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2024-36486 (A privilege escalation vulnerability exists in the virtual
machine arc ...)
TODO: check
CVE-2024-12718 (Allows modifying some file metadata (e.g. last modified) with
filter=" ...)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/84bc66761767c6dfc5d9bf38211d286140c9fe59
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/84bc66761767c6dfc5d9bf38211d286140c9fe59
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
