[Git][security-tracker-team/security-tracker][master] automatic NOT-FOR-US entries update
Salvatore Bonaccorso (@carnil)
carnil at debian.org
Thu Aug 28 21:14:34 BST 2025
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
a629afbf by security tracker role at 2025-08-28T20:14:23+00:00
automatic NOT-FOR-US entries update
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -11,47 +11,47 @@ CVE-2025-9580 (A security vulnerability has been detected in LB-LINK BL-X26 1.2.
CVE-2025-9579 (A weakness has been identified in LB-LINK BL-X26 1.2.8. The impacted e ...)
TODO: check
CVE-2025-9578 (Local privilege escalation due to insecure folder permissions. The fol ...)
- TODO: check
+ NOT-FOR-US: Acronis
CVE-2025-9577 (A security flaw has been discovered in TOTOLINK X2000R up to 2.0.0. Th ...)
- TODO: check
+ NOT-FOR-US: TOTOLINK
CVE-2025-9576 (A vulnerability was identified in seeedstudio ReSpeaker LinkIt7688. Im ...)
TODO: check
CVE-2025-9575 (A vulnerability was determined in Linksys RE6250, RE6300, RE6350, RE65 ...)
- TODO: check
+ NOT-FOR-US: Linksys
CVE-2025-9376 (The Block Bad Bots and Stop Bad Bots Crawlers and Spiders and Anti Spa ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-9352 (The Pronamic Google Maps plugin for WordPress is vulnerable to Stored ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-9346 (The Booking Calendar plugin for WordPress is vulnerable to Stored Cros ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-9345 (The File Manager, Code Editor, and Backup by Managefy plugin for WordP ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-9344 (The UsersWP \u2013 Front-end login form, User Registration, User Profi ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-9195 (Improper input validation in firmware of some Solidigm DC Products may ...)
TODO: check
CVE-2025-8977 (The Simple Download Monitor plugin for WordPress is vulnerable to time ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-8897 (The Beaver Builder \u2013 WordPress Page Builder plugin for WordPress ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-8603 (The Unlimited Elements For Elementor plugin for WordPress is vulnerabl ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-8073 (The Dynamic AJAX Product Filters for WooCommerce plugin for WordPress ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-7956 (The Ajax Search Lite plugin for WordPress is vulnerable to Basic Infor ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-7955 (The RingCentral Communications plugin for WordPress is vulnerable to A ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-7812 (The Video Share VOD \u2013 Turnkey Video Site Builder Script plugin fo ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-6255 (The Dynamic AJAX Product Filters for WooCommerce plugin for WordPress ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-6203 (A malicious user may submit a specially-crafted complex payload that o ...)
TODO: check
CVE-2025-58335 (In JetBrains Junie before 252.284.66, 251.284.66, 243.284.66, 252.284. ...)
- TODO: check
+ NOT-FOR-US: JetBrains
CVE-2025-58334 (In JetBrains IDE Services before 2025.5.0.1086, 2025.4.2.2164 users w ...)
- TODO: check
+ NOT-FOR-US: JetBrains
CVE-2025-58322 (NAVER MYBOX Explorer for Windows before 3.0.8.133 allows a local attac ...)
TODO: check
CVE-2025-58127 (Improper Certificate Validation in Checkmk Exchange plugin Dell Powers ...)
@@ -71,7 +71,7 @@ CVE-2025-58072 (Improper limitation of a pathname to a restricted directory ('Pa
CVE-2025-58059 (Valtimo is a platform for Business Process Automation. In versions bef ...)
TODO: check
CVE-2025-58049 (XWiki Platform is a generic wiki platform offering runtime services fo ...)
- TODO: check
+ NOT-FOR-US: XWiki
CVE-2025-58048 (Paymenter is a free and open-source webshop solution for hostings. Pri ...)
TODO: check
CVE-2025-58047 (Volto is a React based frontend for the Plone Content Management Syste ...)
@@ -91,19 +91,19 @@ CVE-2025-57757 (Contao is an Open Source CMS. In versions starting from 5.0.0 an
CVE-2025-57756 (Contao is an Open Source CMS. In versions starting from 4.9.14 and pri ...)
TODO: check
CVE-2025-57220 (An input validation flaw in the 'ate' service of Tenda AC10 v4.0 firmw ...)
- TODO: check
+ NOT-FOR-US: Tenda
CVE-2025-57219 (Incorrect access control in the endpoint /goform/ate of Tenda AC10 v4. ...)
- TODO: check
+ NOT-FOR-US: Tenda
CVE-2025-57218 (Tenda AC10 v4.0 firmware v16.03.10.09_multi_TDE01 was discovered to co ...)
- TODO: check
+ NOT-FOR-US: Tenda
CVE-2025-57217 (Tenda AC10 v4.0 firmware v16.03.10.09_multi_TDE01 was discovered to co ...)
- TODO: check
+ NOT-FOR-US: Tenda
CVE-2025-57215 (Tenda AC10 v4.0 firmware v16.03.10.20 was discovered to contain a stac ...)
- TODO: check
+ NOT-FOR-US: Tenda
CVE-2025-56236 (FormCms v0.5.5 contains a stored cross-site scripting (XSS) vulnerabil ...)
TODO: check
CVE-2025-55583 (D-Link DIR-868L B1 router firmware version FW2.05WWB02 contains an una ...)
- TODO: check
+ NOT-FOR-US: D-Link
CVE-2025-55175 (QuickCMS is vulnerable to Reflected XSS via sLangEditparameter in admi ...)
TODO: check
CVE-2025-54995 (Asterisk is an open source private branch exchange and telephony toolk ...)
@@ -113,27 +113,27 @@ CVE-2025-54819 (Improper limitation of a pathname to a restricted directory ('Pa
CVE-2025-54762 (SS1 Ver.16.0.0.10 and earlier (Media version:16.0.0a and earlier) allo ...)
TODO: check
CVE-2025-54742 (Deserialization of Untrusted Data vulnerability in magepeopleteam WpEv ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-54738 (Authentication Bypass Using an Alternate Path or Channel vulnerability ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-54734 (Missing Authorization vulnerability in bPlugins B Slider allows Exploi ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-54733 (Missing Authorization vulnerability in Miles All Bootstrap Blocks allo ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-54731 (Improper Control of Generation of Code ('Code Injection') vulnerabilit ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-54725 (Authentication Bypass Using an Alternate Path or Channel vulnerability ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-54724 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-54720 (Improper Neutralization of Special Elements used in an SQL Command ('S ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-54716 (Improper Control of Filename for Include/Require Statement in PHP Prog ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-54714 (Missing Authorization vulnerability in Dylan James Zephyr Project Mana ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-54710 (Missing Authorization vulnerability in bPlugins Tiktok Feed allows Acc ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-54544 (QuickCMS is vulnerable to Stored XSS viaaDirFilesDescriptionsparameter ...)
TODO: check
CVE-2025-54543 (QuickCMS is vulnerable to Stored XSS viasDescriptionMetaparameter in p ...)
@@ -145,67 +145,67 @@ CVE-2025-54541 (QuickCMS is vulnerable to Cross-Site Request Forgery in page del
CVE-2025-54540 (QuickCMS is vulnerable to Reflected XSS viasSortparameter in admin's p ...)
TODO: check
CVE-2025-54029 (Improper Limitation of a Pathname to a Restricted Directory ('Path Tra ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-53970 (SS1 Ver.16.0.0.10 and earlier (Media version:16.0.0a and earlier) allo ...)
TODO: check
CVE-2025-53588 (Improper Limitation of a Pathname to a Restricted Directory ('Path Tra ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-53584 (Deserialization of Untrusted Data vulnerability in emarket-design WP T ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-53583 (Deserialization of Untrusted Data vulnerability in emarket-design Empl ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-53579 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-53578 (Improper Control of Filename for Include/Require Statement in PHP Prog ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-53576 (Improper Control of Filename for Include/Require Statement in PHP Prog ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-53572 (Deserialization of Untrusted Data vulnerability in emarket-design WP E ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-53396 (Incorrect permission assignment for critical resource issue exists in ...)
TODO: check
CVE-2025-53337 (Missing Authorization vulnerability in Ashan Perera LifePress allows E ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-53334 (Improper Control of Filename for Include/Require Statement in PHP Prog ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-53328 (Improper Control of Filename for Include/Require Statement in PHP Prog ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-53326 (Improper Control of Filename for Include/Require Statement in PHP Prog ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-53289 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-53250 (Server-Side Request Forgery (SSRF) vulnerability in Chartbeat Chartbea ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-53248 (Improper Control of Filename for Include/Require Statement in PHP Prog ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-53247 (Improper Control of Filename for Include/Require Statement in PHP Prog ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-53244 (Improper Control of Filename for Include/Require Statement in PHP Prog ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-53243 (Deserialization of Untrusted Data vulnerability in emarket-design Empl ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-53230 (Missing Authorization vulnerability in honzat Page Manager for Element ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-53227 (Improper Control of Filename for Include/Require Statement in PHP Prog ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-53225 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-53224 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-53223 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-53220 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-53216 (Improper Control of Filename for Include/Require Statement in PHP Prog ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-53215 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-52761 (Deserialization of Untrusted Data vulnerability in manfcarlo WP Funnel ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-52460 (Files or directories accessible to external parties issue exists in SS ...)
TODO: check
CVE-2025-52054 (An issue was discovered in Tenda AC8 v4.0 AC1200 Dual-band Gigabit Wir ...)
- TODO: check
+ NOT-FOR-US: Tenda
CVE-2025-51972 (A SQL Injection vulnerability exists in the login.php of PuneethReddyH ...)
TODO: check
CVE-2025-51971 (A reflected Cross-Site Scripting (XSS) vulnerability exists in registe ...)
@@ -219,115 +219,115 @@ CVE-2025-51967 (A Reflected Cross-site Scripting (XSS) vulnerability exists in t
CVE-2025-51643 (Meitrack T366G-L GPS Tracker devices contain an SPI flash chip (Winbon ...)
TODO: check
CVE-2025-49407 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-49405 (Improper Control of Filename for Include/Require Statement in PHP Prog ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-49404 (Improper Neutralization of Special Elements used in an SQL Command ('S ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-49402 (Missing Authorization vulnerability in favethemes Houzez CRM allows Ex ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-49388 (Incorrect Privilege Assignment vulnerability in kamleshyadav Miraculou ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-49387 (Unrestricted Upload of File with Dangerous Type vulnerability in add-o ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-49383 (Improper Control of Filename for Include/Require Statement in PHP Prog ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-48963 (Local privilege escalation due to improper soft link handling. The fol ...)
- TODO: check
+ NOT-FOR-US: Acronis
CVE-2025-48365 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-48364 (Server-Side Request Forgery (SSRF) vulnerability in vEnCa-X rajce allo ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-48363 (Cross-Site Request Forgery (CSRF) vulnerability in Metin Sara\xe7 Popu ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-48362 (Cross-Site Request Forgery (CSRF) vulnerability in Saeed Sattar Beglou ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-48361 (Insertion of Sensitive Information Into Sent Data vulnerability in Sae ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-48360 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-48359 (Cross-Site Request Forgery (CSRF) vulnerability in thaihavnn07 ATT You ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-48358 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-48357 (Cross-Site Request Forgery (CSRF) vulnerability in Theme Century Centu ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-48356 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-48354 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-48353 (Cross-Site Request Forgery (CSRF) vulnerability in dactum Clickbank Wo ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-48352 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-48351 (Cross-Site Request Forgery (CSRF) vulnerability in PluginsPoint Kento ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-48350 (Missing Authorization vulnerability in Neuralabz LTD AutoWP allows Exp ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-48349 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-48348 (Incorrect Privilege Assignment vulnerability in chandrashekharsahu Sit ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-48347 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-48343 (Cross-Site Request Forgery (CSRF) vulnerability in Aaron Axelsen WPMU ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-48327 (Missing Authorization vulnerability in inkthemes WP Mailgun SMTP allow ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-48325 (Cross-Site Request Forgery (CSRF) vulnerability in shmish111 WP Admin ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-48324 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-48323 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-48322 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-48321 (Cross-Site Request Forgery (CSRF) vulnerability in dyiosah Ultimate tw ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-48320 (Cross-Site Request Forgery (CSRF) vulnerability in cuckoohello \u767e\ ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-48319 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-48318 (Cross-Site Request Forgery (CSRF) vulnerability in shen2 \u591a\u8bf4\ ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-48316 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-48315 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-48314 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-48313 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-48312 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-48311 (Cross-Site Request Forgery (CSRF) vulnerability in OffClicks Invisible ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-48310 (Cross-Site Request Forgery (CSRF) vulnerability in wptableeditor Table ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-48309 (Cross-Site Request Forgery (CSRF) vulnerability in web-able BetPress a ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-48308 (Cross-Site Request Forgery (CSRF) vulnerability in nonletter Newslette ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-48307 (Cross-Site Request Forgery (CSRF) vulnerability in kasonzhao SEO For I ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-48306 (Cross-Site Request Forgery (CSRF) vulnerability in developers savyour ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-48305 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-48304 (Cross-Site Request Forgery (CSRF) vulnerability in Gary Illyes Google ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-48110 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-48109 (Cross-Site Request Forgery (CSRF) vulnerability in Xavier Media XM-Bac ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-48100 (Improper Control of Generation of Code ('Code Injection') vulnerabilit ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-46409 (Inadequate encryption strength issue exists in SS1 Ver.16.0.0.10 and e ...)
TODO: check
CVE-2025-39496 (Improper Neutralization of Special Elements used in an SQL Command ('S ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-36003 (IBM Security Verify Governance Identity Manager 10.0.2 could allow a r ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2025-34523 (A heap-based buffer overflow vulnerability exists in the exists in the ...)
TODO: check
CVE-2025-34522 (A heap-based buffer overflow vulnerability exists in the input parsing ...)
@@ -343,23 +343,23 @@ CVE-2025-34162 (An unauthenticated SQL injection vulnerability exists in the Get
CVE-2025-34160 (AnyShare contains a critical unauthenticated remote code execution vul ...)
TODO: check
CVE-2025-31979 (A File Upload Validation Bypass vulnerability has been identified in t ...)
- TODO: check
+ NOT-FOR-US: HCL
CVE-2025-31977 (HCL BigFix SM is affected by cryptographic weakness due to weak or out ...)
- TODO: check
+ NOT-FOR-US: HCL
CVE-2025-31972 (HCL BigFix SM is affected by a Sensitive Information Exposure vulnerab ...)
- TODO: check
+ NOT-FOR-US: HCL
CVE-2025-31971 (AIML Solutions for HCL SX is vulnerable to a URL validation vulnerabil ...)
- TODO: check
+ NOT-FOR-US: HCL
CVE-2025-29364 (spimsimulator spim v9.1.24 and before is vulnerable to Buffer Overflow ...)
TODO: check
CVE-2025-25010 (Incorrect authorization in Kibana can lead to privilege escalation via ...)
TODO: check
CVE-2025-0951 (Multiple plugins and/or themes for WordPress by LiquidThemes are vulne ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-9648 (The WP ULike Pro plugin for WordPress is vulnerable to arbitrary file ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-49790 (IBM Watson Studio on Cloud Pak for Data 4.0 and 5.0 is vulnerable to c ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2024-48908 (lychee link checking action checks links in Markdown, HTML, and text f ...)
TODO: check
CVE-2024-13986 (Nagios XI < 2024R1.3.2 contains a remote code execution vulnerability ...)
@@ -377,7 +377,7 @@ CVE-2024-13980 (H3C Intelligent Management Center (IMC) versions up to and inclu
CVE-2024-13979 (A SQL injection vulnerability exists in the St. Joe ERP system ("\u572 ...)
TODO: check
CVE-2024-13807 (The Xagio SEO plugin for WordPress is vulnerable to Sensitive Informat ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-7309 (A path traversal vulnerability exists in the Dahua Smart Park Integrat ...)
TODO: check
CVE-2023-7308 (SecGate3600, a network firewall product developed by NSFOCUS, contains ...)
@@ -385,7 +385,7 @@ CVE-2023-7308 (SecGate3600, a network firewall product developed by NSFOCUS, con
CVE-2023-7307 (Sangfor Behavior Management System (also referred to as DC Management ...)
TODO: check
CVE-2018-25115 (Multiple D-Link DIR-series routers, including DIR-110, DIR-412, DIR-60 ...)
- TODO: check
+ NOT-FOR-US: D-Link
CVE-2025-XXXX [RUSTSEC-2025-0051]
- rust-xcb <unfixed>
NOTE: https://rustsec.org/advisories/RUSTSEC-2025-0051.html
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/a629afbff7e8ddca1a8d77d0b472869260bea5c5
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/a629afbff7e8ddca1a8d77d0b472869260bea5c5
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20250828/c8fed47b/attachment-0001.htm>
More information about the debian-security-tracker-commits
mailing list