[Git][security-tracker-team/security-tracker][master] automatic NOT-FOR-US entries update
Salvatore Bonaccorso (@carnil)
carnil at debian.org
Tue Dec 9 20:13:59 GMT 2025
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
08d8359e by security tracker role at 2025-12-09T20:13:48+00:00
automatic NOT-FOR-US entries update
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,5 +1,5 @@
CVE-2025-9638 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: Portabilis
CVE-2025-9614 (An issue was discovered in the PCI Express (PCIe) Integrity and Data E ...)
TODO: check
CVE-2025-9613 (A vulnerability was discovered in the PCI Express (PCIe) Integrity and ...)
@@ -7,217 +7,217 @@ CVE-2025-9613 (A vulnerability was discovered in the PCI Express (PCIe) Integrit
CVE-2025-9612 (An issue was discovered in the PCI Express (PCIe) Integrity and Data E ...)
TODO: check
CVE-2025-9368 (A security issue exists within 432ES-IG3 Series A, which affects Guard ...)
- TODO: check
+ NOT-FOR-US: Rockwell Automation
CVE-2025-6924 (Improper Neutralization of Input During Web Page Generation (XSS or 'C ...)
TODO: check
CVE-2025-6923 (Improper Neutralization of Input During Web Page Generation (XSS or 'C ...)
TODO: check
CVE-2025-67599 (Missing Authorization vulnerability in WebToffee WebToffee eCommerce M ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-67598 (Cross-Site Request Forgery (CSRF) vulnerability in PSM Plugins Support ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-67597 (Missing Authorization vulnerability in Shahjahan Jewel Fluent Booking ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-67596 (Cross-Site Request Forgery (CSRF) vulnerability in Strategy11 Team Bus ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-67595 (Cross-Site Request Forgery (CSRF) vulnerability in Ays Pro Quiz Maker ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-67594 (Authorization Bypass Through User-Controlled Key vulnerability in Thim ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-67593 (Cross-Site Request Forgery (CSRF) vulnerability in Stiofan UsersWP use ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-67592 (Missing Authorization vulnerability in Joe Dolson My Calendar my-calen ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-67591 (Cross-Site Request Forgery (CSRF) vulnerability in jegtheme JNews Payw ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-67590 (Cross-Site Request Forgery (CSRF) vulnerability in Rustaurius Ultimate ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-67589 (Missing Authorization vulnerability in WP Overnight WooCommerce PDF In ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-67588 (Missing Authorization vulnerability in Elementor Elementor Website Bui ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-67587 (URL Redirection to Untrusted Site ('Open Redirect') vulnerability in C ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-67586 (Missing Authorization vulnerability in Ronald Huereca Highlight and Sh ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-67585 (URL Redirection to Untrusted Site ('Open Redirect') vulnerability in f ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-67584 (Missing Authorization vulnerability in rtCamp GoDAM godam allows Explo ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-67583 (Missing Authorization vulnerability in ThemeAtelier IDonate idonate al ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-67582 (Missing Authorization vulnerability in wbcomdesigns Wbcom Designs lock ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-67581 (Missing Authorization vulnerability in themetechmount TrueBooker trueb ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-67580 (Missing Authorization vulnerability in Constant Contact Constant Conta ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-67579 (Missing Authorization vulnerability in vanquish User Extra Fields wp-u ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-67578 (Missing Authorization vulnerability in Rhys Wynne WP Email Capture wp- ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-67577 (Missing Authorization vulnerability in hassantafreshi Easy Form Builde ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-67576 (Missing Authorization vulnerability in QuantumCloud Simple Link Direct ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-67575 (Missing Authorization vulnerability in Andrew Lima Sitewide Notice WP ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-67574 (Missing Authorization vulnerability in wpdevart Booking calendar, Appo ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-67573 (Missing Authorization vulnerability in ThimPress Sailing sailing allow ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-67572 (Missing Authorization vulnerability in PenciDesign PenNews pennews all ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-67571 (Missing Authorization vulnerability in WPFunnels WPFunnels wpfunnels a ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-67570 (Missing Authorization vulnerability in GSheetConnector by WesternDeal ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-67569 (Missing Authorization vulnerability in scriptsbundle AdForest adforest ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-67568 (Missing Authorization vulnerability in xtemos Basel basel allows Explo ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-67567 (Exposure of Sensitive System Information to an Unauthorized Control Sp ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-67566 (Missing Authorization vulnerability in WofficeIO Woffice Core woffice- ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-67565 (Exposure of Sensitive System Information to an Unauthorized Control Sp ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-67564 (Exposure of Sensitive System Information to an Unauthorized Control Sp ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-67563 (Missing Authorization vulnerability in Saad Iqbal Post SMTP post-smtp ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-67562 (Missing Authorization vulnerability in WebCodingPlace Image Caption Ho ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-67561 (Missing Authorization vulnerability in Oleksandr Lysyi Debug Log Viewe ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-67560 (Missing Authorization vulnerability in Webilia Inc. Listdom listdom al ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-67559 (Missing Authorization vulnerability in vcita Online Booking & Scheduli ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-67558 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-67557 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-67556 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-67555 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-67554 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-67553 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-67552 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-67551 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-67550 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-67549 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-67548 (Missing Authorization vulnerability in WP Delicious WP Delicious delic ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-67545 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-67544 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-67543 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-67542 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-67541 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-67540 (Missing Authorization vulnerability in Wealcoder Animation Addons for ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-67539 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-67538 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-67537 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-67536 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-67535 (Deserialization of Untrusted Data vulnerability in WePlugins - WordPre ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-67534 (Cross-Site Request Forgery (CSRF) vulnerability in Jacques Malgrange R ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-67533 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-67532 (Improper Control of Filename for Include/Require Statement in PHP Prog ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-67531 (Improper Control of Filename for Include/Require Statement in PHP Prog ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-67530 (Improper Control of Filename for Include/Require Statement in PHP Prog ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-67529 (Improper Control of Filename for Include/Require Statement in PHP Prog ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-67528 (Improper Control of Filename for Include/Require Statement in PHP Prog ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-67527 (Improper Control of Filename for Include/Require Statement in PHP Prog ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-67526 (Improper Control of Filename for Include/Require Statement in PHP Prog ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-67525 (Improper Control of Filename for Include/Require Statement in PHP Prog ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-67524 (Improper Control of Filename for Include/Require Statement in PHP Prog ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-67523 (Improper Control of Filename for Include/Require Statement in PHP Prog ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-67522 (Improper Control of Filename for Include/Require Statement in PHP Prog ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-67521 (Improper Control of Filename for Include/Require Statement in PHP Prog ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-67520 (Improper Neutralization of Special Elements used in an SQL Command ('S ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-67519 (Improper Neutralization of Special Elements used in an SQL Command ('S ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-67518 (Improper Neutralization of Special Elements used in an SQL Command ('S ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-67517 (Improper Neutralization of Special Elements used in an SQL Command ('S ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-67516 (Improper Neutralization of Special Elements used in an SQL Command ('S ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-67515 (Improper Control of Filename for Include/Require Statement in PHP Prog ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-67474 (Missing Authorization vulnerability in Ultimate Member ForumWP forumwp ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-67473 (Cross-Site Request Forgery (CSRF) vulnerability in codeworkweb CWW Com ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-67472 (Cross-Site Request Forgery (CSRF) vulnerability in vcita Online Bookin ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-67471 (Cross-Site Request Forgery (CSRF) vulnerability in Saad Iqbal Quick Co ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-67470 (Exposure of Sensitive System Information to an Unauthorized Control Sp ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-67469 (Cross-Site Request Forgery (CSRF) vulnerability in kubiq PDF Thumbnail ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-67468 (Missing Authorization vulnerability in CRM Perks Integration for Sales ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-67467 (Cross-Site Request Forgery (CSRF) vulnerability in StellarWP GiveWP gi ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-67466 (Missing Authorization vulnerability in sergiotrinity Trinity Audio tri ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-67465 (Cross-Site Request Forgery (CSRF) vulnerability in QuantumCloud Simple ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-66534 (Missing Authorization vulnerability in Elated-Themes The Aisle theaisl ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-66533 (Improper Control of Generation of Code ('Code Injection') vulnerabilit ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-66532 (Missing Authorization vulnerability in Mikado-Themes Powerlift powerli ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-66531 (Cross-Site Request Forgery (CSRF) vulnerability in Dimitri Grassi Salo ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-66530 (Missing Authorization vulnerability in Webba Appointment Booking Webba ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-66529 (Cross-Site Request Forgery (CSRF) vulnerability in Ays Pro Chartify ch ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-66528 (Missing Authorization vulnerability in VillaTheme Thank You Page Custo ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-66527 (Missing Authorization vulnerability in VanKarWai Lobo lobo allows Expl ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-66526 (Missing Authorization vulnerability in Essekia Tablesome tablesome all ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-66525 (Missing Authorization vulnerability in Elastic Email Elastic Email Sen ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-66456 (Elysia is a Typescript framework for request validation, type inferenc ...)
TODO: check
CVE-2025-66271 (Clone for Windows provided by ELECOM CO.,LTD. registers a Windows serv ...)
@@ -243,13 +243,13 @@ CVE-2025-65288 (A buffer overflow in the Mercury MR816v2 (081C3114 4.8.7 Build 1
CVE-2025-65287 (An unauthenticated directory traversal vulnerability in cgi-bin/upload ...)
TODO: check
CVE-2025-64894 (DNG SDK versions 1.7.0 and earlier are affected by an Integer Overflow ...)
- TODO: check
+ NOT-FOR-US: Adobe
CVE-2025-64893 (DNG SDK versions 1.7.0 and earlier are affected by an Out-of-bounds Re ...)
- TODO: check
+ NOT-FOR-US: Adobe
CVE-2025-64784 (DNG SDK versions 1.7.0 and earlier are affected by a Heap-based Buffer ...)
- TODO: check
+ NOT-FOR-US: Adobe
CVE-2025-64783 (DNG SDK versions 1.7.0 and earlier are affected by an Integer Overflow ...)
- TODO: check
+ NOT-FOR-US: Adobe
CVE-2025-64696 (Android App "Brother iPrint&Scan" versions 6.13.7 and earlier improper ...)
TODO: check
CVE-2025-64680 (Heap-based buffer overflow in Windows DWM Core Library allows an autho ...)
@@ -275,27 +275,27 @@ CVE-2025-64661 (Concurrent execution using shared resource with improper synchro
CVE-2025-64658 (Concurrent execution using shared resource with improper synchronizati ...)
TODO: check
CVE-2025-64471 (A use of password hash instead of password for authentication vulnerab ...)
- TODO: check
+ NOT-FOR-US: Fortinet
CVE-2025-64447 (A reliance on cookies without validation and integrity checking vulner ...)
- TODO: check
+ NOT-FOR-US: Fortinet
CVE-2025-64257 (Missing Authorization vulnerability in Joe Dolson My Tickets my-ticket ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-64256 (Cross-Site Request Forgery (CSRF) vulnerability in PressTigers Simple ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-64255 (Missing Authorization vulnerability in Bowo Admin and Site Enhancement ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-64254 (Missing Authorization vulnerability in Ronald Huereca Photo Block phot ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-64156 (An improper neutralization of special elements used in an sql command ...)
- TODO: check
+ NOT-FOR-US: Fortinet
CVE-2025-64153 (A improper neutralization of special elements used in an os command (' ...)
- TODO: check
+ NOT-FOR-US: Fortinet
CVE-2025-64113 (Emby Server is a user-installable home media server. Versions below 4. ...)
TODO: check
CVE-2025-64086 (A NULL pointer dereference vulnerability in the util.readFileIntoStrea ...)
- TODO: check
+ NOT-FOR-US: PDF-XChange
CVE-2025-64085 (A NULL pointer dereference vulnerability in the importDataObject() fun ...)
- TODO: check
+ NOT-FOR-US: PDF-XChange
CVE-2025-63742 (SQL Injection vulnerability in function setwxqyAction in file webmain/ ...)
TODO: check
CVE-2025-63740 (SQL Injection vulnerability in function getselectdataAjax in file inpu ...)
@@ -307,159 +307,159 @@ CVE-2025-63738 (An issue was discovered in file index.php in Xinhu Rainrock Rock
CVE-2025-63737 (Cross-site scripting (XSS) vulnerability in function urltestAction in ...)
TODO: check
CVE-2025-63077 (Missing Authorization vulnerability in HappyMonster Happy Addons for E ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-63076 (Improper Control of Filename for Include/Require Statement in PHP Prog ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-63075 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-63074 (Improper Control of Filename for Include/Require Statement in PHP Prog ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-63073 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-63072 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-63071 (Insertion of Sensitive Information Into Sent Data vulnerability in ave ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-63070 (Exposure of Sensitive System Information to an Unauthorized Control Sp ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-63069 (Missing Authorization vulnerability in Vinod Dalvi Ivory Search add-se ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-63068 (Improper Neutralization of Script-Related HTML Tags in a Web Page (Bas ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-63067 (Missing Authorization vulnerability in p-themes Porto Theme - Function ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-63066 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-63065 (Authorization Bypass Through User-Controlled Key vulnerability in Davi ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-63064 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-63063 (Missing Authorization vulnerability in Yandex Metrika Yandex.Metrica w ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-63062 (Improper Control of Filename for Include/Require Statement in PHP Prog ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-63061 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-63060 (Cross-Site Request Forgery (CSRF) vulnerability in hogash Kallyas kall ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-63059 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-63058 (Exposure of Sensitive System Information to an Unauthorized Control Sp ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-63057 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-63056 (Missing Authorization vulnerability in bestwebsoft Contact Form by Bes ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-63055 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-63054 (Missing Authorization vulnerability in ExpressTech Systems Quiz And Su ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-63052 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-63050 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-63049 (Missing Authorization vulnerability in CridioStudio ListingPro Lead Fo ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-63048 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-63047 (Missing Authorization vulnerability in CridioStudio ListingPro listing ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-63046 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-63045 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-63044 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-63042 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-63037 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-63036 (Improper Control of Filename for Include/Require Statement in PHP Prog ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-63035 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-63034 (Missing Authorization vulnerability in Steve Truman Page View Count pa ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-63033 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-63030 (Cross-Site Request Forgery (CSRF) vulnerability in Saad Iqbal New User ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-63028 (Missing Authorization vulnerability in shinetheme Traveler traveler al ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-63025 (Missing Authorization vulnerability in Xagio SEO Xagio SEO xagio-seo a ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-63024 (Missing Authorization vulnerability in tychesoftwares Order Delivery D ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-63023 (Missing Authorization vulnerability in Easy Payment Payment Gateway fo ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-63015 (Missing Authorization vulnerability in paysera WooCommerce Payment Gat ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-63013 (Exposure of Sensitive System Information to an Unauthorized Control Sp ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-63012 (Cross-Site Request Forgery (CSRF) vulnerability in ThimPress WP Hotel ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-63011 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-63010 (Server-Side Request Forgery (SSRF) vulnerability in ThemesInflow Hercu ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-63009 (Exposure of Sensitive System Information to an Unauthorized Control Sp ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-63008 (Missing Authorization vulnerability in weDevs WP ERP erp allows Exploi ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-63007 (Insertion of Sensitive Information Into Sent Data vulnerability in Met ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-63006 (Missing Authorization vulnerability in Metagauss EventPrime eventprime ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-63003 (Improper Control of Filename for Include/Require Statement in PHP Prog ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-62999 (Missing Authorization vulnerability in themezaa Litho Addons litho-add ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-62997 (Insertion of Sensitive Information Into Sent Data vulnerability in lev ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-62996 (Missing Authorization vulnerability in Code Amp Custom Layouts \u2013 ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-62995 (Missing Authorization vulnerability in multiparcels MultiParcels Shipp ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-62994 (Insertion of Sensitive Information Into Sent Data vulnerability in WP ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-62993 (Missing Authorization vulnerability in rainafarai Notification for Tel ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-62873 (Cross-Site Request Forgery (CSRF) vulnerability in Flashyapp WP Flashy ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-62872 (Cross-Site Request Forgery (CSRF) vulnerability in JK Social Photo Fet ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-62871 (Cross-Site Request Forgery (CSRF) vulnerability in Alex Prokopenko / J ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-62870 (Missing Authorization vulnerability in Eupago Eupago Gateway For Wooco ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-62869 (Missing Authorization vulnerability in Gravitec.net - Web Push Notific ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-62867 (Missing Authorization vulnerability in ergonet Ergonet Cache ergonet-v ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-62866 (Cross-Site Request Forgery (CSRF) vulnerability in Valerio Monti Auto ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-62865 (Missing Authorization vulnerability in Evan Herman Post Cloner post-cl ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-62762 (Cross-Site Request Forgery (CSRF) vulnerability in photoboxone SMTP Ma ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-62740 (Missing Authorization vulnerability in Mario Peshev WP-CRM System wp-c ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-62739 (Cross-Site Request Forgery (CSRF) vulnerability in SaifuMak Add Custom ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-62738 (Missing Authorization vulnerability in mmattax Formstack Online Forms ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-62737 (Exposure of Sensitive System Information to an Unauthorized Control Sp ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-62736 (Missing Authorization vulnerability in opicron Image Cleanup image-cle ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-62735 (Exposure of Sensitive System Information to an Unauthorized Control Sp ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-62734 (Cross-Site Request Forgery (CSRF) vulnerability in Michael Revellin-Cl ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-62733 (Cross-Site Request Forgery (CSRF) vulnerability in ProteusThemes Custo ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-62631 (An insufficient session expiration vulnerability [CWE-613] in Fortinet ...)
- TODO: check
+ NOT-FOR-US: Fortinet
CVE-2025-62573 (Use after free in Windows DirectX allows an authorized attacker to ele ...)
TODO: check
CVE-2025-62572 (Out-of-bounds read in Application Information Services allows an autho ...)
@@ -501,7 +501,7 @@ CVE-2025-62553 (Use after free in Microsoft Office Excel allows an unauthorized
CVE-2025-62552 (Relative path traversal in Microsoft Office Access allows an unauthori ...)
TODO: check
CVE-2025-62550 (Out-of-bounds write in Azure Monitor Agent allows an authorized attack ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2025-62549 (Untrusted pointer dereference in Windows Routing and Remote Access Ser ...)
TODO: check
CVE-2025-62474 (Improper access control in Windows Remote Access Connection Manager al ...)
@@ -543,29 +543,29 @@ CVE-2025-62454 (Heap-based buffer overflow in Windows Cloud Files Mini Filter Dr
CVE-2025-62221 (Use after free in Windows Cloud Files Mini Filter Driver allows an aut ...)
TODO: check
CVE-2025-62153 (Missing Authorization vulnerability in Graham Quick Interest Slider qu ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-62152 (Missing Authorization vulnerability in ConveyThis ConveyThis conveythi ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-62151 (Missing Authorization vulnerability in Virtuaria Virtuaria PagBank / P ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-62109 (Insertion of Sensitive Information Into Sent Data vulnerability in INF ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-62103 (Cross-Site Request Forgery (CSRF) vulnerability in wpmediadownload Med ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-62102 (Cross-Site Request Forgery (CSRF) vulnerability in apasionados DoFollo ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-62100 (Missing Authorization vulnerability in themerain ThemeRain Core themer ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-62093 (Improper Neutralization of Special Elements used in an SQL Command ('S ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-62090 (Missing Authorization vulnerability in Jegstudio Gutenverse News \u201 ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-62086 (Missing Authorization vulnerability in akazanstev \u042f\u043d\u0434\u ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-62085 (Missing Authorization vulnerability in berthaai BERTHA AI bertha-ai-fr ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-62082 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-61258 (An issue was discovered in Outsystems Platform Server 11.18.1.37828 al ...)
TODO: check
CVE-2025-61078 (Cross-site scripting (XSS) vulnerability in Request IP form in phpIPAM ...)
@@ -575,7 +575,7 @@ CVE-2025-61075 (Multiple Incorrect Access Control vulnerabilities in adata Softw
CVE-2025-61074 (A stored Cross Site Scripting (XSS) vulnherability in the bulletin boa ...)
TODO: check
CVE-2025-60024 (Multiple Improper Limitations of a Pathname to a Restricted Directory ...)
- TODO: check
+ NOT-FOR-US: Fortinet
CVE-2025-5471 (Uncontrolled Search Path Element vulnerability in Yandex Telemost on M ...)
TODO: check
CVE-2025-5470 (Uncontrolled Search Path Element vulnerability in Yandex Disk on MacOS ...)
@@ -583,51 +583,51 @@ CVE-2025-5470 (Uncontrolled Search Path Element vulnerability in Yandex Disk on
CVE-2025-5469 (Uncontrolled Search Path Element vulnerability in Yandex Messenger on ...)
TODO: check
CVE-2025-59923 (An improper access control vulnerability in Fortinet FortiAuthenticato ...)
- TODO: check
+ NOT-FOR-US: Fortinet
CVE-2025-59810 (An improper access control vulnerability in Fortinet FortiSOAR PaaS 7. ...)
- TODO: check
+ NOT-FOR-US: Fortinet
CVE-2025-59808 (An unverified password change vulnerability [CWE-620] vulnerability in ...)
- TODO: check
+ NOT-FOR-US: Fortinet
CVE-2025-59719 (An improper verification of cryptographic signature vulnerability in F ...)
- TODO: check
+ NOT-FOR-US: Fortinet
CVE-2025-59718 (A improper verification of cryptographic signature vulnerability in Fo ...)
- TODO: check
+ NOT-FOR-US: Fortinet
CVE-2025-59517 (Improper access control in Windows Storage VSP Driver allows an author ...)
TODO: check
CVE-2025-59516 (Missing authentication for critical function in Windows Storage VSP Dr ...)
TODO: check
CVE-2025-59132 (Cross-Site Request Forgery (CSRF) vulnerability in Badi Jones Duplicat ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-57823 (A direct request ('forced browsing') vulnerability in Fortinet FortiAu ...)
- TODO: check
+ NOT-FOR-US: Fortinet
CVE-2025-56704 (LeptonCMS version 7.3.0 contains an arbitrary file upload vulnerabilit ...)
TODO: check
CVE-2025-55233 (Out-of-bounds read in Windows Projected File System allows an authoriz ...)
TODO: check
CVE-2025-54838 (An Incorrect Authorization vulnerability [CWE-863] in FortiPortal 7.4. ...)
- TODO: check
+ NOT-FOR-US: Fortinet
CVE-2025-54353 (An Improper Neutralization of Input During Web Page Generation ('Cross ...)
- TODO: check
+ NOT-FOR-US: Fortinet
CVE-2025-54100 (Improper neutralization of special elements used in a command ('comman ...)
TODO: check
CVE-2025-53949 (An Improper Neutralization of Special Elements used in an OS Command ( ...)
- TODO: check
+ NOT-FOR-US: Fortinet
CVE-2025-53679 (An improper neutralization of special elements used in an OS command ( ...)
- TODO: check
+ NOT-FOR-US: Fortinet
CVE-2025-49351 (Cross-Site Request Forgery (CSRF) vulnerability in Valentin Agachi Cre ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-49350 (Missing Authorization vulnerability in marcoingraiti Actionwear produc ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-49348 (Missing Authorization vulnerability in Hype Hype pico allows Exploitin ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-49347 (Cross-Site Request Forgery (CSRF) vulnerability in Jupitercow WP sIFR ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-49341 (Cross-Site Request Forgery (CSRF) vulnerability in Alex Furr PDF Creat ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-46637 (Dell Encryption, versions prior to 11.12.1, contain an Improper Link R ...)
- TODO: check
+ NOT-FOR-US: Dell / EMC
CVE-2025-46636 (Dell Encryption, versions prior to 11.12.1, contain an Improper Link R ...)
- TODO: check
+ NOT-FOR-US: Dell / EMC
CVE-2025-41752 (An XSS vulnerability in pxc_portSfp.php can be used by an unauthentica ...)
TODO: check
CVE-2025-41751 (An XSS vulnerability in pxc_portCntr.php can be used by an unauthentic ...)
@@ -657,65 +657,65 @@ CVE-2025-41693 (A low privileged remote attacker can use the ssh feature to exec
CVE-2025-41692 (A high privileged remote attacker with admin privileges for the webUI ...)
TODO: check
CVE-2025-40941 (A vulnerability has been identified in SIMATIC CN 4100 (All versions < ...)
- TODO: check
+ NOT-FOR-US: Siemens
CVE-2025-40940 (A vulnerability has been identified in SIMATIC CN 4100 (All versions < ...)
- TODO: check
+ NOT-FOR-US: Siemens
CVE-2025-40939 (A vulnerability has been identified in SIMATIC CN 4100 (All versions < ...)
- TODO: check
+ NOT-FOR-US: Siemens
CVE-2025-40938 (A vulnerability has been identified in SIMATIC CN 4100 (All versions < ...)
- TODO: check
+ NOT-FOR-US: Siemens
CVE-2025-40937 (A vulnerability has been identified in SIMATIC CN 4100 (All versions < ...)
- TODO: check
+ NOT-FOR-US: Siemens
CVE-2025-40935 (A vulnerability has been identified in RUGGEDCOM RMC8388 V5.X (All ver ...)
- TODO: check
+ NOT-FOR-US: Siemens
CVE-2025-40831 (A vulnerability has been identified in SINEC Security Monitor (All ver ...)
- TODO: check
+ NOT-FOR-US: Siemens
CVE-2025-40830 (A vulnerability has been identified in SINEC Security Monitor (All ver ...)
- TODO: check
+ NOT-FOR-US: Siemens
CVE-2025-40820 (Affected products do not properly enforce TCP sequence number validati ...)
- TODO: check
+ NOT-FOR-US: Siemens
CVE-2025-40819 (A vulnerability has been identified in SINEMA Remote Connect Server (A ...)
- TODO: check
+ NOT-FOR-US: Siemens
CVE-2025-40818 (A vulnerability has been identified in SINEMA Remote Connect Server (A ...)
- TODO: check
+ NOT-FOR-US: Siemens
CVE-2025-40807 (A vulnerability has been identified in Gridscale X Prepay (All version ...)
- TODO: check
+ NOT-FOR-US: Siemens
CVE-2025-40806 (A vulnerability has been identified in Gridscale X Prepay (All version ...)
- TODO: check
+ NOT-FOR-US: Siemens
CVE-2025-40801 (A vulnerability has been identified in COMOS V10.6 (All versions), COM ...)
- TODO: check
+ NOT-FOR-US: Siemens
CVE-2025-40800 (A vulnerability has been identified in COMOS V10.6 (All versions), COM ...)
- TODO: check
+ NOT-FOR-US: Siemens
CVE-2025-34414 (Entrust Instant Financial Issuance (IFI) On Premise software (formerly ...)
TODO: check
CVE-2025-34413 (Legality WHISTLEBLOWING by DigitalPA contains a protection mechanism f ...)
TODO: check
CVE-2025-34409 (MailEnable versions prior to 10.54 containa reflected cross-site scrip ...)
- TODO: check
+ NOT-FOR-US: MailEnable
CVE-2025-34408 (MailEnable versions prior to 10.54 containa reflected cross-site scrip ...)
- TODO: check
+ NOT-FOR-US: MailEnable
CVE-2025-34407 (MailEnable versions prior to 10.54 containa reflected cross-site scrip ...)
- TODO: check
+ NOT-FOR-US: MailEnable
CVE-2025-34406 (MailEnable versions prior to 10.54 containa reflected cross-site scrip ...)
- TODO: check
+ NOT-FOR-US: MailEnable
CVE-2025-34404 (MailEnable versions prior to 10.54 containa reflected cross-site scrip ...)
- TODO: check
+ NOT-FOR-US: MailEnable
CVE-2025-34403 (MailEnable versions prior to 10.54 containa reflected cross-site scrip ...)
- TODO: check
+ NOT-FOR-US: MailEnable
CVE-2025-34402 (MailEnable versions prior to 10.54 containa reflected cross-site scrip ...)
- TODO: check
+ NOT-FOR-US: MailEnable
CVE-2025-34401 (MailEnable versions prior to 10.54 containa reflected cross-site scrip ...)
- TODO: check
+ NOT-FOR-US: MailEnable
CVE-2025-34400 (MailEnable versions prior to 10.54 containa reflected cross-site scrip ...)
- TODO: check
+ NOT-FOR-US: MailEnable
CVE-2025-34399 (MailEnable versions prior to 10.54 containa reflected cross-site scrip ...)
- TODO: check
+ NOT-FOR-US: MailEnable
CVE-2025-34398 (MailEnable versions prior to 10.54 containa reflected cross-site scrip ...)
- TODO: check
+ NOT-FOR-US: MailEnable
CVE-2025-34397 (MailEnable versions prior to 10.54 contain a reflected cross-site scri ...)
- TODO: check
+ NOT-FOR-US: MailEnable
CVE-2025-34396 (MailEnable versions prior to 10.54 contain an unsafe DLL loading vulne ...)
- TODO: check
+ NOT-FOR-US: MailEnable
CVE-2025-33214 (NVIDIA NVTabular for Linux contains a vulnerability in the Workflow co ...)
TODO: check
CVE-2025-33213 (NVIDIA Merlin Transformers4Rec for Linux contains a vulnerability in t ...)
@@ -725,41 +725,41 @@ CVE-2025-2296 (EDK2 contains a vulnerability in BIOS where an attacker may cause
CVE-2025-14345 (A post-authenticationflaw in the network two-phase commit protocol use ...)
TODO: check
CVE-2025-14337 (A vulnerability was determined in itsourcecode Student Management Syst ...)
- TODO: check
+ NOT-FOR-US: itsourcecode System
CVE-2025-14336 (A vulnerability was found in itsourcecode Student Management System 1. ...)
- TODO: check
+ NOT-FOR-US: itsourcecode System
CVE-2025-14335 (A vulnerability has been found in itsourcecode Student Management Syst ...)
- TODO: check
+ NOT-FOR-US: itsourcecode System
CVE-2025-14334 (A flaw has been found in itsourcecode Student Management System 1.0. A ...)
- TODO: check
+ NOT-FOR-US: itsourcecode System
CVE-2025-13924 (The Advanced Product Fields (Product Addons) for WooCommerce plugin fo ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-13662 (Improper verification of cryptographic signatures in the patch managem ...)
- TODO: check
+ NOT-FOR-US: Ivanti
CVE-2025-13661 (Path traversal in Ivanti Endpoint Manager prior to version 2024 SU4 SR ...)
- TODO: check
+ NOT-FOR-US: Ivanti
CVE-2025-13659 (Improper control of dynamically managed code resources in Ivanti Endpo ...)
- TODO: check
+ NOT-FOR-US: Ivanti
CVE-2025-13642 (The Paid Membership Plugin, Ecommerce, User Registration Form, Login F ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-12946 (A vulnerability in the speedtest feature of affected NETGEAR Nighthawk ...)
- TODO: check
+ NOT-FOR-US: Netgear
CVE-2025-12945 (A vulnerability in NETGEAR Nighthawk R7000P routers lets an authentica ...)
- TODO: check
+ NOT-FOR-US: Netgear
CVE-2025-12941 (Denial of Service Vulnerability in NETGEARC6220andC6230(DOCSIS\xae 3.0 ...)
- TODO: check
+ NOT-FOR-US: Netgear
CVE-2025-12807 (A security issue was discovered in DataMosaix Private Cloud, allowing ...)
- TODO: check
+ NOT-FOR-US: Rockwell Automation
CVE-2025-12705 (The Social Reviews & Recommendations plugin for WordPress is vulnerabl ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-12558 (The Beaver Builder \u2013 WordPress Page Builder plugin for WordPress ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-12504 (Improper Neutralization of Special Elements used in an SQL Command ('S ...)
TODO: check
CVE-2025-12381 (Improper Privilege Management vulnerability in AlgoSec Firewall Analyz ...)
- TODO: check
+ NOT-FOR-US: AlgoSec
CVE-2025-11531 (HP System Event Utility and Omen Gaming Hub might allow execution of ...)
- TODO: check
+ NOT-FOR-US: HP
CVE-2025-11022 (Cross-Site Request Forgery (CSRF) vulnerability in Personal Project Pa ...)
TODO: check
CVE-2025-10876 (Improper Neutralization of Input During Web Page Generation (XSS or 'C ...)
@@ -767,23 +767,23 @@ CVE-2025-10876 (Improper Neutralization of Input During Web Page Generation (XSS
CVE-2025-10655 (SQL Injection in Frappe HelpDesk in the dashboard get_dashboard_data d ...)
TODO: check
CVE-2025-10573 (Stored XSS in Ivanti Endpoint Manager prior to version 2024 SU4 SR1 al ...)
- TODO: check
+ NOT-FOR-US: Ivanti
CVE-2024-56840 (A vulnerability has been identified in RUGGEDCOM ROX II family (All ve ...)
- TODO: check
+ NOT-FOR-US: Siemens
CVE-2024-56839 (A vulnerability has been identified in RUGGEDCOM ROX II family (All ve ...)
- TODO: check
+ NOT-FOR-US: Siemens
CVE-2024-56838 (A vulnerability has been identified in RUGGEDCOM ROX II family (All ve ...)
- TODO: check
+ NOT-FOR-US: Siemens
CVE-2024-56837 (A vulnerability has been identified in RUGGEDCOM ROX II family (All ve ...)
- TODO: check
+ NOT-FOR-US: Siemens
CVE-2024-56836 (A vulnerability has been identified in RUGGEDCOM ROX II family (All ve ...)
- TODO: check
+ NOT-FOR-US: Siemens
CVE-2024-56835 (A vulnerability has been identified in RUGGEDCOM ROX II family (All ve ...)
- TODO: check
+ NOT-FOR-US: Siemens
CVE-2024-56464 (IBM QRadar SIEM7.5 - 7.5.0 UP14 IF01 is affected by an information dis ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2024-47570 (An insertion of sensitive information into log file vulnerability [CWE ...)
- TODO: check
+ NOT-FOR-US: Fortinet
CVE-2024-38798 (EDK2 contains a vulnerability in BIOS where an attacker may cause \u20 ...)
TODO: check
CVE-2025-14333 (Memory safety bugs present in Firefox ESR 140.5, Thunderbird ESR 140.5 ...)
@@ -273440,7 +273440,7 @@ CVE-2023-23731 (Cross-Site Request Forgery (CSRF) vulnerability in HasTheme Wish
CVE-2023-23730 (Improper Restriction of Excessive Authentication Attempts vulnerabilit ...)
NOT-FOR-US: WordPress plugin
CVE-2023-23729 (Missing Authorization vulnerability in Brainstorm Force Spectra allows ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2023-23728 (Auth. (contributor+) Cross-Site Scripting (XSS) vulnerability in Winwa ...)
NOT-FOR-US: WordPress plugin
CVE-2023-23727 (Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Form ...)
@@ -276979,7 +276979,7 @@ CVE-2023-22677 (Improper Control of Generation of Code ('Code Injection') vulner
CVE-2023-22676 (Missing Authorization vulnerability in Anders Thorborg.This issue affe ...)
NOT-FOR-US: WordPress plugin
CVE-2023-22675 (Cross-Site Request Forgery (CSRF) vulnerability in Taylor Hawkes WP Fa ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2023-22674 (Missing Authorization, Cross-Site Request Forgery (CSRF) vulnerability ...)
NOT-FOR-US: WordPress plugin
CVE-2023-22673 (Cross-Site Request Forgery (CSRF) vulnerability in MageNet Website Mon ...)
@@ -282000,7 +282000,7 @@ CVE-2022-47427 (Cross-Site Request Forgery (CSRF) vulnerability in Joseph C Dols
CVE-2022-47426 (Improper Neutralization of Special Elements used in an SQL Command ('S ...)
NOT-FOR-US: WordPress plugin
CVE-2022-47425 (Missing Authorization vulnerability in Repute Infosystems ARMember all ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2022-47424 (Cross-Site Request Forgery (CSRF) vulnerability in Repute InfoSystems ...)
NOT-FOR-US: WordPress plugin
CVE-2022-47423 (Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Ulf ...)
@@ -283834,7 +283834,7 @@ CVE-2022-46847
CVE-2022-46846 (Missing Authorization vulnerability in WP OnlineSupport, Essential Plu ...)
NOT-FOR-US: WordPress plugin
CVE-2022-46845 (Missing Authorization vulnerability in Essential Plugin Slider a Slide ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2022-46844 (Auth. (contributor+) Stored Cross-Site Scripting (XSS) vulnerability i ...)
NOT-FOR-US: WordPress plugin
CVE-2022-46843 (Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Le Van T ...)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/08d8359ee031ec33b198714cd5bc069453780eeb
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/08d8359ee031ec33b198714cd5bc069453780eeb
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20251209/99ae507b/attachment-0001.htm>
More information about the debian-security-tracker-commits
mailing list