[Git][security-tracker-team/security-tracker][master] Process some NFUs
Salvatore Bonaccorso (@carnil)
carnil at debian.org
Wed Aug 20 10:02:35 BST 2025
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
728ba6e6 by Salvatore Bonaccorso at 2025-08-20T10:59:41+02:00
Process some NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -32,13 +32,13 @@ CVE-2025-8145 (The Redirection for Contact Form 7 plugin for WordPress is vulner
CVE-2025-8141 (The Redirection for Contact Form 7 plugin for WordPress is vulnerable ...)
NOT-FOR-US: WordPress plugin
CVE-2025-57791 (An issue was discovered in Commvault before 11.36.60. A security vulne ...)
- TODO: check
+ NOT-FOR-US: Commvault
CVE-2025-57790 (An issue was discovered in Commvault before 11.36.60. A security vulne ...)
- TODO: check
+ NOT-FOR-US: Commvault
CVE-2025-57789 (An issue was discovered in Commvault before 11.36.60. During the brief ...)
- TODO: check
+ NOT-FOR-US: Commvault
CVE-2025-57788 (An issue was discovered in Commvault before 11.36.60. A vulnerability ...)
- TODO: check
+ NOT-FOR-US: Commvault
CVE-2025-57748
REJECTED
CVE-2025-57747
@@ -70,7 +70,7 @@ CVE-2025-54677 (Unrestricted Upload of File with Dangerous Type vulnerability in
CVE-2025-54670 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
NOT-FOR-US: WordPress plugin or theme
CVE-2025-54551 (Synapse Mobility 8.0, 8.0.1, 8.0.2, 8.1, and 8.1.1 contain a privilege ...)
- TODO: check
+ NOT-FOR-US: Synapse Mobility
CVE-2025-54364 (Microsoft Knack 0.12.0 allows Regular expression Denial of Service (Re ...)
TODO: check
CVE-2025-54363 (Microsoft Knack 0.12.0 allows Regular expression Denial of Service (Re ...)
@@ -82,83 +82,83 @@ CVE-2025-54144 (The URL scheme used by Firefox to facilitate searching of text q
CVE-2025-54143 (Sandboxed iframes on webpages could potentially allow downloads to the ...)
TODO: check
CVE-2025-54056 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-54055 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-54053 (Deserialization of Untrusted Data vulnerability in Adrian Tobey Ground ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-54052 (Cross-Site Request Forgery (CSRF) vulnerability in Realtyna Realtyna O ...)
NOT-FOR-US: WordPress plugin or theme
CVE-2025-54049 (Incorrect Privilege Assignment vulnerability in miniOrange Custom API ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-54048 (Improper Neutralization of Special Elements used in an SQL Command ('S ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-54046 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
NOT-FOR-US: WordPress plugin or theme
CVE-2025-54044 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-54040 (Missing Authorization vulnerability in Webba Appointment Booking Webba ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-54034 (Improper Control of Filename for Include/Require Statement in PHP Prog ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-54032 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
NOT-FOR-US: WordPress plugin or theme
CVE-2025-54031 (Improper Control of Filename for Include/Require Statement in PHP Prog ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-54028 (Improper Control of Filename for Include/Require Statement in PHP Prog ...)
NOT-FOR-US: WordPress plugin or theme
CVE-2025-54027 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-54025 (Missing Authorization vulnerability in Elliot Sowersby / RelyWP Coupon ...)
NOT-FOR-US: WordPress plugin or theme
CVE-2025-54021 (Improper Limitation of a Pathname to a Restricted Directory ('Path Tra ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-54019 (Improper Control of Generation of Code ('Code Injection') vulnerabilit ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-54017 (Improper Control of Filename for Include/Require Statement in PHP Prog ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-54014 (Deserialization of Untrusted Data vulnerability in QuanticaLabs MediCe ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-54012 (Deserialization of Untrusted Data vulnerability in nanbu Welcart e-Com ...)
NOT-FOR-US: WordPress plugin or theme
CVE-2025-54008 (Insertion of Sensitive Information Into Sent Data vulnerability in Cro ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-54007 (Deserialization of Untrusted Data vulnerability in PickPlugins Post Gr ...)
NOT-FOR-US: WordPress plugin or theme
CVE-2025-53998 (Insertion of Sensitive Information Into Sent Data vulnerability in Cro ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-53993 (Insertion of Sensitive Information Into Sent Data vulnerability in Cro ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-53992 (Insertion of Sensitive Information Into Sent Data vulnerability in Cro ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-53988 (Insertion of Sensitive Information Into Sent Data vulnerability in Cro ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-53987 (Insertion of Sensitive Information Into Sent Data vulnerability in Cro ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-53985 (Insertion of Sensitive Information Into Sent Data vulnerability in Cro ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-53983 (Insertion of Sensitive Information Into Sent Data vulnerability in Cro ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-53580 (Incorrect Privilege Assignment vulnerability in quantumcloud Simple Bu ...)
NOT-FOR-US: WordPress plugin or theme
CVE-2025-53577 (Improper Control of Generation of Code ('Code Injection') vulnerabilit ...)
NOT-FOR-US: WordPress plugin or theme
CVE-2025-53567 (Improper Control of Filename for Include/Require Statement in PHP Prog ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-53565 (Improper Control of Filename for Include/Require Statement in PHP Prog ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-53564 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-53563 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-53562 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-53561 (Path Traversal vulnerability in miniOrange Prevent files / folders acc ...)
NOT-FOR-US: WordPress plugin or theme
CVE-2025-53560 (Deserialization of Untrusted Data vulnerability in rascals Noisa allow ...)
NOT-FOR-US: WordPress plugin or theme
CVE-2025-53559 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-53522 (Movable Type contains an issue with use of less trusted source. If exp ...)
TODO: check
CVE-2025-53319 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/728ba6e60d4d76d55a4b35babfc5ce14f0988cb2
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/728ba6e60d4d76d55a4b35babfc5ce14f0988cb2
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20250820/e790344e/attachment.htm>
More information about the debian-security-tracker-commits
mailing list