[Git][security-tracker-team/security-tracker][master] automatic NOT-FOR-US entries update
Salvatore Bonaccorso (@carnil)
carnil at debian.org
Thu Aug 14 21:14:14 BST 2025
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
1f4fa965 by security tracker role at 2025-08-14T20:14:07+00:00
automatic NOT-FOR-US entries update
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,21 +1,21 @@
CVE-2025-9043 (The service executable path in Seagate Toolkit on Versions prior to 2. ...)
TODO: check
CVE-2025-9042 (A security issue exists due to improper handling of CIP Class 32\u2019 ...)
- TODO: check
+ NOT-FOR-US: Rockwell Automation
CVE-2025-9041 (A security issue exists due to improper handling of CIP Class 32\u2019 ...)
- TODO: check
+ NOT-FOR-US: Rockwell Automation
CVE-2025-9039 (We identified an issue in the Amazon ECS agent where, under certain co ...)
- TODO: check
+ NOT-FOR-US: Amazon
CVE-2025-9036 (A security issue in the runtime event system allows unauthenticated co ...)
- TODO: check
+ NOT-FOR-US: Rockwell Automation
CVE-2025-8981 (A vulnerability was found in itsourcecode Online Tour and Travel Manag ...)
- TODO: check
+ NOT-FOR-US: itsourcecode System
CVE-2025-8980 (A vulnerability has been found in Tenda G1 16.01.7.8(3660). Affected b ...)
- TODO: check
+ NOT-FOR-US: Tenda
CVE-2025-8979 (A vulnerability was identified in Tenda AC15 15.13.07.13. Affected by ...)
- TODO: check
+ NOT-FOR-US: Tenda
CVE-2025-8978 (A vulnerability was determined in D-Link DIR-619L 6.02CN02. Affected i ...)
- TODO: check
+ NOT-FOR-US: D-Link
CVE-2025-8976 (A vulnerability has been found in givanz Vvveb up to 1.0.5. This vulne ...)
TODO: check
CVE-2025-8975 (A vulnerability was identified in givanz Vvveb up to 1.0.5. This affec ...)
@@ -23,49 +23,49 @@ CVE-2025-8975 (A vulnerability was identified in givanz Vvveb up to 1.0.5. This
CVE-2025-8974 (A vulnerability was determined in linlinjava litemall up to 1.8.0. Aff ...)
TODO: check
CVE-2025-8973 (A vulnerability has been found in SourceCodester Cashier Queuing Syste ...)
- TODO: check
+ NOT-FOR-US: SourceCodester
CVE-2025-8972 (A vulnerability was identified in itsourcecode Online Tour and Travel ...)
- TODO: check
+ NOT-FOR-US: itsourcecode System
CVE-2025-8971 (A vulnerability was determined in itsourcecode Online Tour and Travel ...)
- TODO: check
+ NOT-FOR-US: itsourcecode System
CVE-2025-8970 (A vulnerability was found in itsourcecode Online Tour and Travel Manag ...)
- TODO: check
+ NOT-FOR-US: itsourcecode System
CVE-2025-8969 (A vulnerability has been found in itsourcecode Online Tour and Travel ...)
- TODO: check
+ NOT-FOR-US: itsourcecode System
CVE-2025-8968 (A vulnerability was identified in itsourcecode Online Tour and Travel ...)
- TODO: check
+ NOT-FOR-US: itsourcecode System
CVE-2025-8967 (A vulnerability was determined in itsourcecode Online Tour and Travel ...)
- TODO: check
+ NOT-FOR-US: itsourcecode System
CVE-2025-8966 (A vulnerability was found in itsourcecode Online Tour and Travel Manag ...)
- TODO: check
+ NOT-FOR-US: itsourcecode System
CVE-2025-8965 (A vulnerability has been found in linlinjava litemall up to 1.8.0. Thi ...)
TODO: check
CVE-2025-8964 (A vulnerability was identified in code-projects Hostel Management Syst ...)
- TODO: check
+ NOT-FOR-US: code-projects
CVE-2025-8963 (A vulnerability was determined in jeecgboot JimuReport up to 2.1.1. Af ...)
TODO: check
CVE-2025-8962 (A vulnerability was found in code-projects Hostel Management System 1. ...)
- TODO: check
+ NOT-FOR-US: code-projects
CVE-2025-8961 (A vulnerability was identified in LibTIFF 4.7.0. This issue affects th ...)
TODO: check
CVE-2025-8960 (A vulnerability has been found in Campcodes Online Flight Booking Mana ...)
- TODO: check
+ NOT-FOR-US: Campcodes
CVE-2025-8958 (A vulnerability was identified in Tenda TX3 16.03.13.11_multi_TDE01. A ...)
- TODO: check
+ NOT-FOR-US: Tenda
CVE-2025-8957 (A vulnerability was determined in Campcodes Online Flight Booking Mana ...)
- TODO: check
+ NOT-FOR-US: Campcodes
CVE-2025-8956 (A vulnerability was found in D-Link DIR\u2011818L up to 1.05B01. This ...)
- TODO: check
+ NOT-FOR-US: D-Link
CVE-2025-8955 (A vulnerability has been found in PHPGurukul Hospital Management Syste ...)
- TODO: check
+ NOT-FOR-US: PHPGurukul
CVE-2025-8954 (A vulnerability was identified in PHPGurukul Hospital Management Syste ...)
- TODO: check
+ NOT-FOR-US: PHPGurukul
CVE-2025-8953 (A vulnerability was determined in SourceCodester COVID 19 Testing Mana ...)
- TODO: check
+ NOT-FOR-US: SourceCodester
CVE-2025-8952 (A vulnerability was found in Campcodes Online Flight Booking Managemen ...)
- TODO: check
+ NOT-FOR-US: Campcodes
CVE-2025-8951 (A vulnerability has been found in PHPGurukul Teachers Record Managemen ...)
- TODO: check
+ NOT-FOR-US: PHPGurukul
CVE-2025-8943 (The Custom MCPs feature is designed to execute OS commands, for instan ...)
TODO: check
CVE-2025-8876 (Improper Input Validation vulnerability in N-able N-central allows OS ...)
@@ -73,47 +73,47 @@ CVE-2025-8876 (Improper Input Validation vulnerability in N-able N-central allow
CVE-2025-8875 (Deserialization of Untrusted Data vulnerability in N-able N-central al ...)
TODO: check
CVE-2025-8047 (The disable-right-click-powered-by-pixterme through v1.2 and pixter-im ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-7973 (A security issue exists in FactoryTalk ViewPoint version 14.0 or below ...)
- TODO: check
+ NOT-FOR-US: Rockwell Automation
CVE-2025-7972 (A security issue exists within the FactoryTalk Linx Network Browser. B ...)
- TODO: check
+ NOT-FOR-US: Rockwell Automation
CVE-2025-7971 (A security issues exists within Studio 5000 Logix Designer due to unsa ...)
- TODO: check
+ NOT-FOR-US: Rockwell Automation
CVE-2025-7774 (A security issue exists within the 5032 16pt Digital Configurable modu ...)
- TODO: check
+ NOT-FOR-US: Rockwell Automation
CVE-2025-7773 (A security issue exists within the 5032 16pt Digital Configurable modu ...)
- TODO: check
+ NOT-FOR-US: Rockwell Automation
CVE-2025-7761 (Lepszy BIP is vulnerable to Reflected Cross-Site Scripting (XSS). Impr ...)
TODO: check
CVE-2025-7353 (A security issue exists due to the web-based debugger agent enabled on ...)
- TODO: check
+ NOT-FOR-US: Rockwell Automation
CVE-2025-5998 (The PPWP \u2013 Password Protect Pages WordPress plugin before version ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-55716 (Missing Authorization vulnerability in VeronaLabs WP Statistics allows ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-55714 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-55713 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-55712 (Missing Authorization vulnerability in POSIMYTH The Plus Addons for El ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-55711 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-55710 (Insertion of Sensitive Information Into Sent Data vulnerability in Ste ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-55709 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-55708 (Improper Neutralization of Special Elements used in an SQL Command ('S ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-55675 (Apache Superset contains an improper access control vulnerability in i ...)
- TODO: check
+ NOT-FOR-US: Apache software not packaged in Debian
CVE-2025-55674 (A bypass of the DISALLOWED_SQL_FUNCTIONS security feature in Apache Su ...)
- TODO: check
+ NOT-FOR-US: Apache software not packaged in Debian
CVE-2025-55673 (When a guest user accesses a chart in Apache Superset, the API respons ...)
- TODO: check
+ NOT-FOR-US: Apache software not packaged in Debian
CVE-2025-55672 (A stored Cross-Site Scripting (XSS) vulnerability exists in Apache Sup ...)
- TODO: check
+ NOT-FOR-US: Apache software not packaged in Debian
CVE-2025-55346 (User-controlled input flows to an unsafe implementation of a dynamic F ...)
TODO: check
CVE-2025-55195 (@std/toml is the Deno Standard Library. Prior to version 1.0.9, an att ...)
@@ -123,181 +123,181 @@ CVE-2025-55192 (HomeAssistant-Tapo-Control offers Control for Tapo cameras as a
CVE-2025-54867 (Youki is a container runtime written in Rust. Prior to version 0.5.5, ...)
TODO: check
CVE-2025-54749 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-54747 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-54746 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-54740 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-54739 (Missing Authorization vulnerability in POSIMYTH Nexter Blocks allows E ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-54736 (Exposure of Sensitive System Information to an Unauthorized Control Sp ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-54732 (Cross-Site Request Forgery (CSRF) vulnerability in Shahjada WPDM \u201 ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-54730 (Missing Authorization vulnerability in PARETO Digital Embedder for Goo ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-54729 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-54728 (Cross-Site Request Forgery (CSRF) vulnerability in CreativeMindsSoluti ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-54727 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-54717 (Missing Authorization vulnerability in e-plugins WP Membership allows ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-54715 (Improper Limitation of a Pathname to a Restricted Directory ('Path Tra ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-54712 (Missing Authorization vulnerability in hashthemes Easy Elementor Addon ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-54708 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-54707 (Improper Neutralization of Special Elements used in an SQL Command ('S ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-54706 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-54705 (Missing Authorization vulnerability in magepeopleteam WpEvently allows ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-54704 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-54703 (Cross-Site Request Forgery (CSRF) vulnerability in Prince Integrate Go ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-54702 (Cross-Site Request Forgery (CSRF) vulnerability in motov.net Ebook Sto ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-54701 (Improper Control of Filename for Include/Require Statement in PHP Prog ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-54700 (Improper Control of Filename for Include/Require Statement in PHP Prog ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-54699 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-54698 (Improper Neutralization of Script-Related HTML Tags in a Web Page (Bas ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-54697 (Incorrect Privilege Assignment vulnerability in Ben Ritner - Kadence W ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-54696 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-54695 (Missing Authorization vulnerability in HasTech HT Mega allows Exploiti ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-54694 (Cross-Site Request Forgery (CSRF) vulnerability in bPlugins Button Blo ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-54693 (Unrestricted Upload of File with Dangerous Type vulnerability in epiph ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-54692 (Missing Authorization vulnerability in WP Swings Membership For WooCom ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-54691 (Authorization Bypass Through User-Controlled Key vulnerability in Styl ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-54690 (Improper Control of Filename for Include/Require Statement in PHP Prog ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-54689 (Improper Control of Filename for Include/Require Statement in PHP Prog ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-54688 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-54687 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-54686 (Deserialization of Untrusted Data vulnerability in scriptsbundle Exert ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-54685 (Insertion of Sensitive Information Into Sent Data vulnerability in Bra ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-54684 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-54683 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-54682 (Cross-Site Request Forgery (CSRF) vulnerability in CRM Perks Connector ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-54681 (URL Redirection to Untrusted Site ('Open Redirect') vulnerability in C ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-54680 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-54679 (Missing Authorization vulnerability in vertim Neon Channel Product Cus ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-54678 (Improper Neutralization of Special Elements used in an SQL Command ('S ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-54676 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-54675 (Cross-Site Request Forgery (CSRF) vulnerability in YITHEMES YITH WooCo ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-54674 (Cross-Site Request Forgery (CSRF) vulnerability in mklacroix Product C ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-54673 (Cross-Site Request Forgery (CSRF) vulnerability in Ays Pro Chartify al ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-54672 (Cross-Site Request Forgery (CSRF) vulnerability in Jordy Meow Photo En ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-54671 (Cross-Site Request Forgery (CSRF) vulnerability in bobbingwide oik all ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-54669 (Improper Neutralization of Special Elements used in an SQL Command ('S ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-54668 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-54667 (Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability in Saa ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-54054 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-53631 (flaskBlog is a blog app built with Flask. In versions 2.8.1 and prior, ...)
TODO: check
CVE-2025-53587 (Cross-Site Request Forgery (CSRF) vulnerability in ApusTheme Findgo al ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-53582 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-53581 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-53575 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-53347 (Cross-Site Request Forgery (CSRF) vulnerability in Laborator Kalium al ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-53343 (Missing Authorization vulnerability in GoodLayers Modernize allows Exp ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-53342 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-53341 (Missing Authorization vulnerability in Themovation Stratus allows Expl ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-53330 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-53249 (Cross-Site Request Forgery (CSRF) vulnerability in hakeemnala Build Ap ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-53241 (Server-Side Request Forgery (SSRF) vulnerability in kodeshpa Simplifie ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-53221 (Missing Authorization vulnerability in codeablepress CodeablePress all ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-53219 (Cross-Site Request Forgery (CSRF) vulnerability in pl4g4 WP-Database-O ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-52823 (Improper Neutralization of Special Elements used in an SQL Command ('S ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-52820 (Improper Neutralization of Special Elements used in an SQL Command ('S ...)
TODO: check
CVE-2025-52806 (Improper Control of Filename for Include/Require Statement in PHP Prog ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-52801 (Missing Authorization vulnerability in VonStroheim TheBooking allows A ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-52800 (Missing Authorization vulnerability in Unity Business Technology Pty L ...)
TODO: check
CVE-2025-52797 (Cross-Site Request Forgery (CSRF) vulnerability in josepsitjar StoryMa ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-52788 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
TODO: check
CVE-2025-52785 (Missing Authorization vulnerability in softnwords SMM API allows Explo ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-52775 (Missing Authorization vulnerability in Ronik at UnlimitedWP Project Cost ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-52771 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-52769 (Cross-Site Request Forgery (CSRF) vulnerability in flexostudio flexo-s ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-52767 (Cross-Site Request Forgery (CSRF) vulnerability in lisensee NetInsight ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-52765 (Cross-Site Request Forgery (CSRF) vulnerability in lisensee NetInsight ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-52732 (Improper Control of Filename for Include/Require Statement in PHP Prog ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-52731 (Missing Authorization vulnerability in themefunction WordPress Event M ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-52730 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-52728 (Improper Control of Filename for Include/Require Statement in PHP Prog ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-52721 (Missing Authorization vulnerability in LCweb Global Gallery allows Exp ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-52720 (Improper Neutralization of Special Elements used in an SQL Command ('S ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-52716 (Improper Control of Filename for Include/Require Statement in PHP Prog ...)
TODO: check
CVE-2025-52712 (Path Traversal vulnerability in BoldGrid Post and Page Builder by Bold ...)
@@ -319,15 +319,15 @@ CVE-2025-50518 (A use-after-free vulnerability exists in the coap_delete_pdu_lkd
CVE-2025-50515 (An issue was discovered in phome Empirebak 2010 in ebak2008/upload/cla ...)
TODO: check
CVE-2025-50040 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-50031 (Missing Authorization vulnerability in syedamirhussain91 DB Backup all ...)
TODO: check
CVE-2025-50029 (Missing Authorization vulnerability in Ashish AI Tools allows Exploiti ...)
TODO: check
CVE-2025-49887 (Improper Control of Generation of Code ('Code Injection') vulnerabilit ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-49869 (Deserialization of Untrusted Data vulnerability in Arraytics Eventin a ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-49437 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
TODO: check
CVE-2025-49433 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
@@ -339,99 +339,99 @@ CVE-2025-49267 (Improper Neutralization of Special Elements used in an SQL Comma
CVE-2025-49264 (Improper Control of Filename for Include/Require Statement in PHP Prog ...)
TODO: check
CVE-2025-49065 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-49064 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-49063 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-49062 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-49061 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-49059 (Improper Neutralization of Special Elements used in an SQL Command ('S ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-49058 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-49057 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-49056 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-49054 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-49053 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-49052 (Missing Authorization vulnerability in Dariolee Netease Music allows E ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-49051 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-49048 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-49047 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-49044 (Cross-Site Request Forgery (CSRF) vulnerability in tosend.it Simple Po ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-49038 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-49037 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-49036 (Improper Control of Filename for Include/Require Statement in PHP Prog ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-49033 (Improper Neutralization of Special Elements used in an SQL Command ('S ...)
TODO: check
CVE-2025-48862 (Ambiguous wording in the web interface of the ctrlX OS setup mechanism ...)
- TODO: check
+ NOT-FOR-US: Bosch
CVE-2025-48861 (A vulnerability in the Task API endpoint of the ctrlX OS setup mechani ...)
- TODO: check
+ NOT-FOR-US: Bosch
CVE-2025-48860 (A vulnerability in the web application of the ctrlX OS setup mechanism ...)
- TODO: check
+ NOT-FOR-US: Bosch
CVE-2025-48332 (Improper Control of Filename for Include/Require Statement in PHP Prog ...)
TODO: check
CVE-2025-48293 (Improper Control of Filename for Include/Require Statement in PHP Prog ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-47689 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-47610 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
TODO: check
CVE-2025-47536 (Deserialization of Untrusted Data vulnerability in keywordrush Content ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-43984 (An issue was discovered on KuWFi GC111 devices (Hardware Version: CPE- ...)
TODO: check
CVE-2025-43983 (KuWFi CPF908-CP5 WEB5.0_LCD_20210125 devices have multiple unauthentic ...)
TODO: check
CVE-2025-40758 (A vulnerability has been identified in Mendix SAML (Mendix 10.12 compa ...)
- TODO: check
+ NOT-FOR-US: Siemens
CVE-2025-3703 (Improper Control of Filename for Include/Require Statement in PHP Prog ...)
TODO: check
CVE-2025-39510 (Improper Neutralization of Special Elements used in an SQL Command ('S ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-39483 (Improper Control of Generation of Code ('Code Injection') vulnerabilit ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-38745 (Dell OpenManage Enterprise, versions 3.10, 4.0, 4.1, and 4.2, contains ...)
- TODO: check
+ NOT-FOR-US: Dell / EMC
CVE-2025-38738 (SupportAssist for Home PCs Installer exe version(s) 4.8.2.29006 and pr ...)
- TODO: check
+ NOT-FOR-US: Dell / EMC
CVE-2025-36613 (SupportAssist for Home PCs versions 4.6.3 and prior and SupportAssist ...)
- TODO: check
+ NOT-FOR-US: Dell / EMC
CVE-2025-36612 (SupportAssist for Business PCs, version(s) 4.5.3 and prior, contain(s) ...)
- TODO: check
+ NOT-FOR-US: Dell / EMC
CVE-2025-36581 (Dell PowerEdge Platform version(s) 14G AMD BIOS v1.25.0 and prior, con ...)
- TODO: check
+ NOT-FOR-US: Dell / EMC
CVE-2025-36047 (IBM WebSphere Application Server Liberty 18.0.0.2 through 25.0.0.8 is ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2025-33142 (IBM WebSphere Application Server 8.5 and 9.0 could provide weaker than ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2025-32288 (Improper Control of Filename for Include/Require Statement in PHP Prog ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-31425 (Missing Authorization vulnerability in kamleshyadav WP Lead Capturing ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-31007 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-30998 (Improper Neutralization of Special Elements used in an SQL Command ('S ...)
TODO: check
CVE-2025-30993 (Missing Authorization vulnerability in VillaTheme Thank You Page Custo ...)
TODO: check
CVE-2025-30639 (Missing Authorization vulnerability in ThemeAtelier IDonatePro allows ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-30635 (Improper Control of Filename for Include/Require Statement in PHP Prog ...)
TODO: check
CVE-2025-30626 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
@@ -447,7 +447,7 @@ CVE-2025-28979 (Improper Control of Filename for Include/Require Statement in PH
CVE-2025-28975 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
TODO: check
CVE-2025-28962 (Missing Authorization vulnerability in stefanoai Advanced Google Unive ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-27847 (In ESPEC North America Web Controller 3 before 3.3.8, /api/v4/auth/ us ...)
TODO: check
CVE-2025-27846 (In ESPEC North America Web Controller 3 before 3.3.8, an attacker with ...)
@@ -455,9 +455,9 @@ CVE-2025-27846 (In ESPEC North America Web Controller 3 before 3.3.8, an attacke
CVE-2025-27845 (In ESPEC North America Web Controller 3 before 3.3.4, /api/v4/auth/ wi ...)
TODO: check
CVE-2025-26484 (Dell CloudLink, versions 8.0 through 8.1.1, contains an Improper Restr ...)
- TODO: check
+ NOT-FOR-US: Dell / EMC
CVE-2025-25174 (Improper Control of Filename for Include/Require Statement in PHP Prog ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-25172 (Improper Control of Filename for Include/Require Statement in PHP Prog ...)
TODO: check
CVE-2025-24775 (Unrestricted Upload of File with Dangerous Type vulnerability in Made ...)
@@ -465,7 +465,7 @@ CVE-2025-24775 (Unrestricted Upload of File with Dangerous Type vulnerability in
CVE-2025-24766 (Improper Control of Filename for Include/Require Statement in PHP Prog ...)
TODO: check
CVE-2025-21110 (Dell Data Lakehouse, versions prior to 1.5.0.0, contains an Execution ...)
- TODO: check
+ NOT-FOR-US: Dell / EMC
CVE-2025-20306 (A vulnerability in the web-based management interface of Cisco Secure ...)
TODO: check
CVE-2025-20302 (A vulnerability in the web-based management interface of Cisco Secure ...)
@@ -529,7 +529,7 @@ CVE-2024-53946 (The KuWFi 4G LTE AC900 router 1.0.13 is vulnerable to Cross-Site
CVE-2024-53945 (The KuWFi 4G AC900 LTE router 1.0.13 is vulnerable to command injectio ...)
TODO: check
CVE-2024-37945 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2023-5342
REJECTED
CVE-2023-43694 (An issue was discovered in Malwarebytes 4.6.14.326 and before and 5.1. ...)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/1f4fa96516696cce4b0083bd51709d60f243a2d8
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/1f4fa96516696cce4b0083bd51709d60f243a2d8
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20250814/1f38a190/attachment-0001.htm>
More information about the debian-security-tracker-commits
mailing list