[Git][security-tracker-team/security-tracker][master] automatic NOT-FOR-US entries update
Salvatore Bonaccorso (@carnil)
carnil at debian.org
Sat Dec 13 08:12:53 GMT 2025
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
9043a1d4 by security tracker role at 2025-12-13T08:12:46+00:00
automatic NOT-FOR-US entries update
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,19 +1,19 @@
CVE-2025-9873 (The a3 Lazy Load plugin for WordPress is vulnerable to Stored Cross-Si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-9488 (The Redux Framework plugin for WordPress is vulnerable to Stored Cross ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-9218 (The rtMedia for WordPress, BuddyPress and bbPress plugin for WordPress ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-9207 (The TI WooCommerce Wishlist plugin for WordPress is vulnerable to HTML ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-9116 (The WPS Visitor Counter Plugin WordPress plugin through 1.4.8 does not ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-8779 (The All-in-One Addons for Elementor \u2013 WidgetKit plugin for WordPr ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-8617 (The YITH WooCommerce Quick View plugin for WordPress is vulnerable to ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-7058 (The Kingcabs theme for WordPress is vulnerable to Stored Cross-Site Sc ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-67871
REJECTED
CVE-2025-67870
@@ -41,205 +41,205 @@ CVE-2025-67721 (Aircompressor is a library with ports of the Snappy, LZO, LZ4, a
CVE-2025-67634 (The CISA Software Acquisition Guide Supplier Response Web Tool before ...)
TODO: check
CVE-2025-46289 (A logic issue was addressed with improved file handling. This issue is ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2025-46287 (An inconsistent user interface issue was addressed with improved state ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2025-46285 (An integer overflow was addressed by adopting 64-bit timestamps. This ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2025-46276 (An information disclosure issue was addressed with improved privacy co ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2025-43542 (This issue was addressed with improved state management. This issue is ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2025-43539 (The issue was addressed with improved bounds checks. This issue is fix ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2025-43538 (A logging issue was addressed with improved data redaction. This issue ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2025-43532 (A memory corruption issue was addressed with improved bounds checking. ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2025-43530 (This issue was addressed with improved checks. This issue is fixed in ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2025-43527 (A permissions issue was addressed with additional restrictions. This i ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2025-43523 (A permissions issue was addressed with additional restrictions. This i ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2025-43522 (A downgrade issue affecting Intel-based Mac computers was addressed wi ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2025-43521 (A downgrade issue affecting Intel-based Mac computers was addressed wi ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2025-43520 (A memory corruption issue was addressed with improved memory handling. ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2025-43519 (A permissions issue was addressed with additional restrictions. This i ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2025-43518 (A logic issue was addressed with improved checks. This issue is fixed ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2025-43517 (A privacy issue was addressed with improved private data redaction for ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2025-43516 (A session management issue was addressed with improved checks. This is ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2025-43513 (A permissions issue was addressed by removing the vulnerable code. Thi ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2025-43512 (A logic issue was addressed with improved checks. This issue is fixed ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2025-43511 (A use-after-free issue was addressed with improved memory management. ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2025-43510 (A memory corruption issue was addressed with improved lock state check ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2025-43509 (This issue was addressed with improved data protection. This issue is ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2025-43506 (A logic error was addressed with improved error handling. This issue i ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2025-43497 (An access issue was addressed with additional sandbox restrictions. Th ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2025-43494 (A mail header parsing issue was addressed with improved checks. This i ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2025-43482 (The issue was addressed with improved input validation. This issue is ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2025-43473 (This issue was addressed with improved state management. This issue is ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2025-43471 (The issue was addressed with improved checks. This issue is fixed in m ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2025-43470 (A permissions issue was addressed with additional restrictions. This i ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2025-43467 (This issue was addressed with improved checks. This issue is fixed in ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2025-43466 (An injection issue was addressed with improved validation. This issue ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2025-43465 (A parsing issue in the handling of directory paths was addressed with ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2025-43464 (A denial-of-service issue was addressed with improved input validation ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2025-43463 (A parsing issue in the handling of directory paths was addressed with ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2025-43461 (This issue was addressed with improved validation of symlinks. This is ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2025-43437 (An information disclosure issue was addressed with improved privacy co ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2025-43416 (A logic issue was addressed with improved restrictions. This issue is ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2025-43410 (The issue was addressed with improved handling of caches. This issue i ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2025-43406 (A logic issue was addressed with improved restrictions. This issue is ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2025-43404 (A permissions issue was addressed with additional sandbox restrictions ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2025-43402 (The issue was addressed with improved memory handling. This issue is f ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2025-43393 (A permissions issue was addressed with additional sandbox restrictions ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2025-43388 (An injection issue was addressed with improved validation. This issue ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2025-43381 (This issue was addressed with improved handling of symlinks. This issu ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2025-43351 (A permissions issue was addressed with additional restrictions. This i ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2025-43320 (The issue was addressed by adding additional logic. This issue is fixe ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2025-14611 (Gladinet CentreStack and Triofox prior to version 16.12.10420.56791 us ...)
TODO: check
CVE-2025-14586 (A vulnerability was determined in TOTOLINK X5000R 9.1.0cu.2089_B202112 ...)
- TODO: check
+ NOT-FOR-US: TOTOLINK
CVE-2025-14585 (A vulnerability was found in itsourcecode COVID Tracking System 1.0. A ...)
- TODO: check
+ NOT-FOR-US: itsourcecode System
CVE-2025-14584 (A vulnerability has been found in itsourcecode COVID Tracking System 1 ...)
- TODO: check
+ NOT-FOR-US: itsourcecode System
CVE-2025-14583 (A flaw has been found in campcodes Online Student Enrollment System 1. ...)
- TODO: check
+ NOT-FOR-US: Campcodes
CVE-2025-14582 (A vulnerability was detected in campcodes Online Student Enrollment Sy ...)
- TODO: check
+ NOT-FOR-US: Campcodes
CVE-2025-14581 (The HAPPY \u2013 Helpdesk Support Ticket System plugin for WordPress i ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-14580 (A security vulnerability has been detected in Qualitor up to 8.24.73. ...)
TODO: check
CVE-2025-14540 (The Userback plugin for WordPress is vulnerable to unauthorized access ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-14539 (The The Shortcode Ajax plugin for WordPress is vulnerable to arbitrary ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-14508 (The MediaCommander \u2013 Bring Folders to Media, Posts, and Pages plu ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-14477 (The 404 Solution plugin for WordPress is vulnerable to SQL Injection i ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-14476 (The Doubly \u2013 Cross Domain Copy Paste for WordPress plugin for Wor ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-14475 (The Extensive VC Addons for WPBakery page builder plugin for WordPress ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-14462 (The Lucky Draw Contests plugin for WordPress is vulnerable to Cross-Si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-14454 (The Image Slider by Ays- Responsive Slider and Carousel plugin for Wor ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-14451 (The Solutions Ad Manager plugin for WordPress is vulnerable to Open Re ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-14447 (The AnnunciFunebri Impresa plugin for WordPress is vulnerable to unaut ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-14446 (The Popup Builder (Easy Notify Lite) plugin for WordPress is vulnerabl ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-14440 (The JAY Login & Register plugin for WordPress is vulnerable to authent ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-14397 (The Postem Ipsum plugin for WordPress is vulnerable to unauthorized mo ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-14395 (The Popover Windows plugin for WordPress is vulnerable to unauthorized ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-14394 (The Popover Windows plugin for WordPress is vulnerable to Cross-Site R ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-14378 (The Quick Testimonials plugin for WordPress is vulnerable to Stored Cr ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-14367 (The Easy Theme Options plugin for WordPress is vulnerable to Missing A ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-14366 (The Eyewear prescription form plugin for WordPress is vulnerable to Mi ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-14365 (The Eyewear prescription form plugin for WordPress is vulnerable to Mi ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-14288 (The Gallery Blocks with Lightbox. Image Gallery, (HTML5 video , YouTub ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-14278 (The HT Slider for Elementor plugin for WordPress is vulnerable to Stor ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-14066
REJECTED
CVE-2025-14056 (The Custom Post Type UI plugin for WordPress is vulnerable to Stored C ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-14050 (The Design Import/Export plugin for WordPress is vulnerable to SQL Inj ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-13970 (OpenPLC_V3 is vulnerable to a cross-site request forgery (CSRF) attack ...)
TODO: check
CVE-2025-13705 (The Custom Frames plugin for WordPress is vulnerable to Stored Cross-S ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-13403 (The Employee Spotlight \u2013 Team Member Showcase & Meet the Team Plu ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-13094 (The WP3D Model Import Viewer plugin for WordPress is vulnerable to arb ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-13093 (The Devs CRM \u2013 Manage tasks, attendance and teams all together pl ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-13092 (The Devs CRM \u2013 Manage tasks, attendance and teams all together pl ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-13089 (The WP Directory Kit plugin for WordPress is vulnerable to SQL Injecti ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-13077 (The \u0627\u0641\u0632\u0648\u0646\u0647 \u067e\u06cc\u0627\u0645\u06a ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-12512 (The GenerateBlocks plugin for WordPress is vulnerable to information e ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-12362 (The myCred \u2013 Points Management System For Gamification, Ranks, Ba ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-12109 (The Header Footer Script Adder \u2013 Insert Code in Header, Body & Fo ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-12077 (The WP to LinkedIn Auto Publish plugin for WordPress is vulnerable to ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-12076 (The Social Media Auto Publish plugin for WordPress is vulnerable to Re ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-11970 (The Emplibot \u2013 AI Content Writer with Keyword Research, Infograph ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-11707 (The Login Lockdown & Protection plugin for WordPress is vulnerable to ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-11693 (The Export WP Page to Static HTML & PDF plugin for WordPress is vulner ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-11376 (The Colibri Page Builder plugin for WordPress is vulnerable to Stored ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-11266 (An out-of-bounds write vulnerability exists in the Grassroots DICOM li ...)
TODO: check
CVE-2025-11164 (The Mavix Education theme for WordPress is vulnerable to unauthorized ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-10738 (The URL Shortener Plugin For WordPress plugin for WordPress is vulnera ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-10289 (The Filter & Grids plugin for WordPress is vulnerable to SQL Injection ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-58316 (Online Shopping System Advanced 1.0 contains a SQL injection vulnerabi ...)
TODO: check
CVE-2025-8083 (The Preset configuration https://v2.vuetifyjs.com/en/features/presets ...)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/9043a1d4240b1584e1cf9a08bd8656bb01a88f90
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/9043a1d4240b1584e1cf9a08bd8656bb01a88f90
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20251213/0c564fb9/attachment-0001.htm>
More information about the debian-security-tracker-commits
mailing list