Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
343222c0 by security tracker role at 2025-08-06T08:13:11+00:00
automatic NOT-FOR-US entries update
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -57,39 +57,39 @@ CVE-2025-8629 (Kenwood DMX958XR Firmware Update Command
Injection Vulnerability.
CVE-2025-8628 (Kenwood DMX958XR Firmware Update Command Injection
Vulnerability. This ...)
TODO: check
CVE-2025-8595 (The Zakra theme for WordPress is vulnerable to unauthorized
data modif ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-8573 (Concrete CMS versions 9 through 9.4.2 are vulnerable to Stored
XSS fro ...)
TODO: check
CVE-2025-8571 (Concrete CMS 9 to 9.4.2 and versions below 8.5.21 are
vulnerable to Re ...)
TODO: check
CVE-2025-8420 (The Request a Quote Form plugin for WordPress is vulnerable to
Remote ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-8100 (The Element Pack Elementor Addons and Templates plugin for
WordPress i ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-7954 (A race condition vulnerability has been identified in
Shopware's vouch ...)
TODO: check
CVE-2025-7727 (The Gutenverse plugin for WordPress is vulnerable to Stored
Cross-Site ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-7502 (The WPBakery Page Builder for WordPress plugin for WordPress is
vulner ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-7498 (The Exclusive Addons for Elementor plugin for WordPress is
vulnerable ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-7399 (The Betheme theme for WordPress is vulnerable to Stored
Cross-Site Scr ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-7376 (Windows Shortcut Following (.LNK) vulnerability in multiple
processes ...)
- TODO: check
+ NOT-FOR-US: Mitsubishi
CVE-2025-7036 (The CleverReach\xae WP plugin for WordPress is vulnerable to
time-base ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-6994 (The Reveal Listing plugin by smartdatasoft for WordPress is
vulnerable ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-6986 (The FileBird \u2013 WordPress Media Library Folders & File
Manager plu ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-6690 (The WP Tournament Registration plugin for WordPress is
vulnerable to S ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-6259 (The esri-map-view plugin for WordPress is vulnerable to Stored
Cross-S ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-6256 (The Flex Guten plugin for WordPress is vulnerable to Stored
Cross-Site ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-55027
REJECTED
CVE-2025-55026
@@ -125,197 +125,197 @@ CVE-2025-54869 (FPDI is a collection of PHP classes
that facilitate reading page
CVE-2025-54801 (Fiber is an Express inspired web framework written in Go. In
versions ...)
TODO: check
CVE-2025-54655 (Race condition vulnerability in the virtualization base
module. Succes ...)
- TODO: check
+ NOT-FOR-US: Huawei
CVE-2025-54653 (Path traversal vulnerability in the virtualization file
module. Succes ...)
- TODO: check
+ NOT-FOR-US: Huawei
CVE-2025-54652 (Path traversal vulnerability in the virtualization base
module. Succes ...)
- TODO: check
+ NOT-FOR-US: Huawei
CVE-2025-54651 (Race condition vulnerability in the kernel hufs module.
Impact: Succes ...)
- TODO: check
+ NOT-FOR-US: Huawei
CVE-2025-54650 (Improper array index verification vulnerability in the audio
codec mod ...)
- TODO: check
+ NOT-FOR-US: Huawei
CVE-2025-54649 (Vulnerability of using incompatible types to access resources
in the l ...)
- TODO: check
+ NOT-FOR-US: Huawei
CVE-2025-54648 (Out-of-bounds read vulnerability in the SSAP module of the
NearLink pr ...)
- TODO: check
+ NOT-FOR-US: Huawei
CVE-2025-54647 (Out-of-bounds read vulnerability in the SSAP module of the
NearLink pr ...)
- TODO: check
+ NOT-FOR-US: Huawei
CVE-2025-54646 (Vulnerability of inadequate packet length check in the BLE
module. Imp ...)
- TODO: check
+ NOT-FOR-US: Huawei
CVE-2025-54645 (Out-of-bounds array access issue due to insufficient data
verification ...)
- TODO: check
+ NOT-FOR-US: Huawei
CVE-2025-54644 (Out-of-bounds array access issue due to insufficient data
verification ...)
- TODO: check
+ NOT-FOR-US: Huawei
CVE-2025-54643 (Out-of-bounds array access issue due to insufficient data
verification ...)
- TODO: check
+ NOT-FOR-US: Huawei
CVE-2025-54642 (Issue of buffer overflow caused by insufficient data
verification in t ...)
- TODO: check
+ NOT-FOR-US: Huawei
CVE-2025-54641 (Issue of buffer overflow caused by insufficient data
verification in t ...)
- TODO: check
+ NOT-FOR-US: Huawei
CVE-2025-54640 (ParcelMismatch vulnerability in attribute deserialization.
Impact: Suc ...)
- TODO: check
+ NOT-FOR-US: Huawei
CVE-2025-54639 (ParcelMismatch vulnerability in attribute deserialization.
Impact: Suc ...)
- TODO: check
+ NOT-FOR-US: Huawei
CVE-2025-54638 (Issue of inconsistent read/write serialization in the ad
module. Impac ...)
- TODO: check
+ NOT-FOR-US: Huawei
CVE-2025-54637 (Out-of-bounds array access issue due to insufficient data
verification ...)
- TODO: check
+ NOT-FOR-US: Huawei
CVE-2025-54636 (Issue of buffer overflow caused by insufficient data
verification in t ...)
- TODO: check
+ NOT-FOR-US: Huawei
CVE-2025-54635 (Vulnerability of returning released pointers in the
distributed notifi ...)
- TODO: check
+ NOT-FOR-US: Huawei
CVE-2025-54634 (Vulnerability of improper processing of abnormal conditions in
huge pa ...)
- TODO: check
+ NOT-FOR-US: Huawei
CVE-2025-54633 (Out-of-bounds read vulnerability in the register configuration
of the ...)
- TODO: check
+ NOT-FOR-US: Huawei
CVE-2025-54632 (Vulnerability of insufficient data length verification in the
HVB modu ...)
- TODO: check
+ NOT-FOR-US: Huawei
CVE-2025-54631 (Vulnerability of insufficient data length verification in the
partitio ...)
- TODO: check
+ NOT-FOR-US: Huawei
CVE-2025-54630 (:Vulnerability of insufficient data length verification in the
DFA mod ...)
- TODO: check
+ NOT-FOR-US: Huawei
CVE-2025-54629 (Race condition issue occurring in the physical page import
process of ...)
- TODO: check
+ NOT-FOR-US: Huawei
CVE-2025-54628 (Vulnerability of incomplete verification information in the
communicat ...)
- TODO: check
+ NOT-FOR-US: Huawei
CVE-2025-54627 (Out-of-bounds write vulnerability in the skia module. Impact:
Successf ...)
- TODO: check
+ NOT-FOR-US: Huawei
CVE-2025-54626 (Pointer dangling vulnerability in the cjwindow module. Impact:
Success ...)
- TODO: check
+ NOT-FOR-US: Huawei
CVE-2025-54625 (Race condition vulnerability in the kernel file system module.
Impact: ...)
- TODO: check
+ NOT-FOR-US: Huawei
CVE-2025-54624 (Unexpected injection event vulnerability in the
multimodalinput module ...)
- TODO: check
+ NOT-FOR-US: Huawei
CVE-2025-54623 (Out-of-bounds read vulnerability in the devicemanager module.
Impact: ...)
- TODO: check
+ NOT-FOR-US: Huawei
CVE-2025-54622 (Binding authentication bypass vulnerability in the
devicemanager modul ...)
- TODO: check
+ NOT-FOR-US: Huawei
CVE-2025-54621 (Iterator failure issue in the WantAgent module. Impact:
Successful exp ...)
- TODO: check
+ NOT-FOR-US: Huawei
CVE-2025-54620 (Deserialization vulnerability of untrusted data in the ability
module. ...)
- TODO: check
+ NOT-FOR-US: Huawei
CVE-2025-54619 (Iterator failure issue in the multi-mode input module. Impact:
Success ...)
- TODO: check
+ NOT-FOR-US: Huawei
CVE-2025-54618 (Permission control vulnerability in the distributed clipboard
module. ...)
- TODO: check
+ NOT-FOR-US: Huawei
CVE-2025-54617 (Stack-based buffer overflow vulnerability in the dms_fwk
module. Impac ...)
- TODO: check
+ NOT-FOR-US: Huawei
CVE-2025-54616 (Out-of-bounds array access vulnerability in the ArkUI
framework. Impac ...)
- TODO: check
+ NOT-FOR-US: Huawei
CVE-2025-54615 (Vulnerability of insufficient information protection in the
media libr ...)
- TODO: check
+ NOT-FOR-US: Huawei
CVE-2025-54614 (Input verification vulnerability in the home screen module.
Impact: Su ...)
- TODO: check
+ NOT-FOR-US: Huawei
CVE-2025-54613 (Iterator failure vulnerability in the card management module.
Impact: ...)
- TODO: check
+ NOT-FOR-US: Huawei
CVE-2025-54612 (Iterator failure vulnerability in the card management module.
Impact: ...)
- TODO: check
+ NOT-FOR-US: Huawei
CVE-2025-54611 (EXTRA_REFERRER resource read vulnerability in the Gallery
module. Impa ...)
- TODO: check
+ NOT-FOR-US: Huawei
CVE-2025-54610 (Out-of-bounds access vulnerability in the audio codec module.
Impact: ...)
- TODO: check
+ NOT-FOR-US: Huawei
CVE-2025-54609 (Out-of-bounds access vulnerability in the audio codec module.
Impact: ...)
- TODO: check
+ NOT-FOR-US: Huawei
CVE-2025-54608 (Vulnerability that allows setting screen rotation direction
without pe ...)
- TODO: check
+ NOT-FOR-US: Huawei
CVE-2025-54607 (Authentication management vulnerability in the ArkWeb module.
Impact: ...)
- TODO: check
+ NOT-FOR-US: Huawei
CVE-2025-54606 (Status verification vulnerability in the lock screen module.
Impact: S ...)
- TODO: check
+ NOT-FOR-US: Huawei
CVE-2025-54594 (react-native-bottom-tabs is a library of Native Bottom Tabs
for React ...)
TODO: check
CVE-2025-54571 (ModSecurity is an open source, cross platform web application
firewall ...)
TODO: check
CVE-2025-54125 (XWiki Platform is a generic wiki platform offering runtime
services fo ...)
- TODO: check
+ NOT-FOR-US: XWiki
CVE-2025-54124 (XWiki Platform is a generic wiki platform offering runtime
services fo ...)
- TODO: check
+ NOT-FOR-US: XWiki
CVE-2025-53534 (RatPanel is a server operation and maintenance management
panel. In ve ...)
TODO: check
CVE-2025-52237 (An issue in the component /stl/actions/download?filePath of
SSCMS v7.3 ...)
TODO: check
CVE-2025-47324 (Information disclosure while accessing and modifying the PIB
file of a ...)
- TODO: check
+ NOT-FOR-US: Qualcomm
CVE-2025-32430 (XWiki Platform is a generic wiki platform offering runtime
services fo ...)
- TODO: check
+ NOT-FOR-US: XWiki
CVE-2025-27076 (Memory corruption while processing simultaneous requests via
escape pa ...)
- TODO: check
+ NOT-FOR-US: Qualcomm
CVE-2025-27075 (Memory corruption while processing IOCTL command with larger
buffer in ...)
- TODO: check
+ NOT-FOR-US: Qualcomm
CVE-2025-27073 (Transient DOS while creating NDP instance.)
- TODO: check
+ NOT-FOR-US: Qualcomm
CVE-2025-27072 (Information disclosure while processing a packet at EAVB BE
side with ...)
- TODO: check
+ NOT-FOR-US: Qualcomm
CVE-2025-27071 (Memory corruption while processing specific files in Powerline
Communi ...)
- TODO: check
+ NOT-FOR-US: Qualcomm
CVE-2025-27069 (Memory corruption while processing DDI command calls.)
- TODO: check
+ NOT-FOR-US: Qualcomm
CVE-2025-27068 (Memory corruption while processing an IOCTL command with an
arbitrary ...)
- TODO: check
+ NOT-FOR-US: Qualcomm
CVE-2025-27067 (Memory corruption while processing DDI call with invalid
buffer.)
- TODO: check
+ NOT-FOR-US: Qualcomm
CVE-2025-27066 (Transient DOS while processing an ANQP message.)
- TODO: check
+ NOT-FOR-US: Qualcomm
CVE-2025-27065 (Transient DOS while processing a frame with malformed
shared-key descr ...)
- TODO: check
+ NOT-FOR-US: Qualcomm
CVE-2025-27062 (Memory corruption while handling client exceptions, allowing
unauthori ...)
- TODO: check
+ NOT-FOR-US: Qualcomm
CVE-2025-21477 (Transient DOS while processing CCCH data when NW sends data
with inval ...)
- TODO: check
+ NOT-FOR-US: Qualcomm
CVE-2025-21474 (Memory corruption while processing commands from A2dp sink
command que ...)
- TODO: check
+ NOT-FOR-US: Qualcomm
CVE-2025-21473 (Memory corruption when using Virtual cdm (Camera Data Mover)
to write ...)
- TODO: check
+ NOT-FOR-US: Qualcomm
CVE-2025-21472 (Information disclosure while capturing logs as eSE debug
messages are ...)
- TODO: check
+ NOT-FOR-US: Qualcomm
CVE-2025-21465 (Information disclosure while processing the hash segment in an
MBN fil ...)
- TODO: check
+ NOT-FOR-US: Qualcomm
CVE-2025-21464 (Information disclosure while reading data from an image using
specifie ...)
- TODO: check
+ NOT-FOR-US: Qualcomm
CVE-2025-21461 (Memory corruption when programming registers through virtual
CDM.)
- TODO: check
+ NOT-FOR-US: Qualcomm
CVE-2025-21458 (Memory corruption when IOCTL interface is called to map and
unmap buff ...)
- TODO: check
+ NOT-FOR-US: Qualcomm
CVE-2025-21457 (Information disclosure while opening a fastrpc session when
domain is ...)
- TODO: check
+ NOT-FOR-US: Qualcomm
CVE-2025-21456 (Memory corruption while processing IOCTL command when multiple
threads ...)
- TODO: check
+ NOT-FOR-US: Qualcomm
CVE-2025-21455 (Memory corruption while submitting blob data to kernel space
though IO ...)
- TODO: check
+ NOT-FOR-US: Qualcomm
CVE-2025-21452 (Transient DOS while processing a random-access response (RAR)
with an ...)
- TODO: check
+ NOT-FOR-US: Qualcomm
CVE-2025-21024 (Use of Implicit Intent for Sensitive Communication in Smart
View prior ...)
- TODO: check
+ NOT-FOR-US: Samsung Mobile
CVE-2025-21023 (Improper access control in WcsExtension for Galaxy Watch prior
to Andr ...)
- TODO: check
+ NOT-FOR-US: Samsung Mobile
CVE-2025-21022 (Improper access control in Galaxy Wearable prior to version
2.2.63.250 ...)
- TODO: check
+ NOT-FOR-US: Samsung Mobile
CVE-2025-21021 (Out-of-bounds write in drawing pinpad in Blockchain Keystore
prior to ...)
- TODO: check
+ NOT-FOR-US: Samsung Mobile
CVE-2025-21020 (Out-of-bounds write in creating bitmap images in Blockchain
Keystore p ...)
- TODO: check
+ NOT-FOR-US: Samsung Mobile
CVE-2025-21019 (Improper authorization in Samsung Health prior to version
6.30.1.003 a ...)
- TODO: check
+ NOT-FOR-US: Samsung Mobile
CVE-2025-21018 (Out-of-bounds read in Blockchain Keystore prior to version
1.3.17.2 al ...)
- TODO: check
+ NOT-FOR-US: Samsung Mobile
CVE-2025-21017 (Out-of-bounds write in detaching crypto box in Blockchain
Keystore pri ...)
- TODO: check
+ NOT-FOR-US: Samsung Mobile
CVE-2025-21016 (Improper access control in PkgPredictorService prior to SMR
Aug-2025 R ...)
- TODO: check
+ NOT-FOR-US: Samsung Mobile
CVE-2025-21015 (Path Traversal in Document scanner prior to SMR Aug-2025
Release 1 all ...)
- TODO: check
+ NOT-FOR-US: Samsung Mobile
CVE-2025-21014 (Improper export of android application component in Emergency
SoS prio ...)
- TODO: check
+ NOT-FOR-US: Samsung Mobile
CVE-2025-21013 (Improper access control in SemSensorManager for Galaxy Watch
prior to ...)
- TODO: check
+ NOT-FOR-US: Samsung Mobile
CVE-2025-21012 (Improper access control in fall detection for Galaxy Watch
prior to SM ...)
- TODO: check
+ NOT-FOR-US: Samsung Mobile
CVE-2025-21011 (Improper access control in SemSensorService for Galaxy Watch
prior to ...)
- TODO: check
+ NOT-FOR-US: Samsung Mobile
CVE-2025-21010 (Improper privilege management in SamsungAccount prior to SMR
Aug-2025 ...)
- TODO: check
+ NOT-FOR-US: Samsung Mobile
CVE-2025-20990 (Improper access control in accessing system device node prior
to SMR A ...)
- TODO: check
+ NOT-FOR-US: Samsung Mobile
CVE-2013-10070 (PHP-Charts v1.0 contains a PHP code execution vulnerability in
wizard/ ...)
TODO: check
CVE-2013-10067 (Glossword versions 1.8.8 through 1.8.12 contain an
authenticated arbit ...)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/343222c0c1ee76f033eaf0f846cb077f26b8d0eb
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/343222c0c1ee76f033eaf0f846cb077f26b8d0eb
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
