[Git][security-tracker-team/security-tracker][master] automatic NOT-FOR-US entries update
Salvatore Bonaccorso (@carnil)
carnil at debian.org
Thu Dec 18 08:14:24 GMT 2025
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
caa4de1b by security tracker role at 2025-12-18T08:14:15+00:00
automatic NOT-FOR-US entries update
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,7 +1,7 @@
CVE-2025-6326 (Improper Control of Filename for Include/Require Statement in PHP Prog ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-6324 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-68463 (Bio.Entrez in Biopython through 186 allows doctype XXE.)
TODO: check
CVE-2025-68459 (RG - AP180, Indoor Wall Plate Wireless AP AP180 series provided by Rui ...)
@@ -71,475 +71,475 @@ CVE-2025-67787 (An issue was discovered in 25.1.2 before 25.1.5. A Cross Site Sc
CVE-2025-67781 (An issue was discovered in DriveLock 24.1 before 24.1.6, 24.2 before 2 ...)
TODO: check
CVE-2025-67546 (Exposure of Sensitive System Information to an Unauthorized Control Sp ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-67493 (Homarr is an open-source dashboard. Prior to version 1.45.3, it was po ...)
TODO: check
CVE-2025-66647 (RIOT is an open-source microcontroller operating system, designed to m ...)
TODO: check
CVE-2025-66119 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-66118 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-66117 (Missing Authorization vulnerability in Ays Pro Easy Form easy-form all ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-66116 (Insertion of Sensitive Information Into Sent Data vulnerability in Use ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-66104 (Missing Authorization vulnerability in Anton Vanyukov Offload, AI & ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-66102 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-66100 (Missing Authorization vulnerability in Magnigenie RestroPress restropr ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-66088 (Missing Authorization vulnerability in Property Hive PropertyHive prop ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-66078 (Improper Control of Generation of Code ('Code Injection') vulnerabilit ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-66074 (Unrestricted Upload of File with Dangerous Type vulnerability in Cozmo ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-66070 (Missing Authorization vulnerability in Tomdever wpForo Forum wpforo al ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-66068 (Missing Authorization vulnerability in InstaWP InstaWP Connect instawp ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-66054 (Missing Authorization vulnerability in ThimPress LearnPress learnpress ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-66029 (Open OnDemand provides remote web access to supercomputers. In version ...)
TODO: check
CVE-2025-64378 (Missing Authorization vulnerability in CridioStudio ListingPro listing ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-64377 (Improper Control of Filename for Include/Require Statement in PHP Prog ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-64376 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-64375 (Missing Authorization vulnerability in Mahmudul Hasan Arif WP Social N ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-64374 (Unrestricted Upload of File with Dangerous Type vulnerability in Style ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-64373 (Improper Control of Filename for Include/Require Statement in PHP Prog ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-64372 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-64371 (Improper Neutralization of Special Elements used in an SQL Command ('S ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-64295 (Insertion of Sensitive Information Into Sent Data vulnerability in Sye ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-64273 (Missing Authorization vulnerability in GetResponse Email marketing for ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-64272 (Exposure of Sensitive System Information to an Unauthorized Control Sp ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-64270 (Exposure of Sensitive System Information to an Unauthorized Control Sp ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-64268 (Missing Authorization vulnerability in Arraytics Timetics timetics all ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-64266 (Deserialization of Untrusted Data vulnerability in magepeopleteam Book ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-64260 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-64258 (Exposure of Sensitive System Information to an Unauthorized Control Sp ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-64233 (Deserialization of Untrusted Data vulnerability in BoldThemes Codiqa c ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-64231 (Unrestricted Upload of File with Dangerous Type vulnerability in Redef ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-64230 (Improper Limitation of a Pathname to a Restricted Directory ('Path Tra ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-64227 (Deserialization of Untrusted Data vulnerability in BoldGrid Client Inv ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-64225 (Improper Neutralization of Script-Related HTML Tags in a Web Page (Bas ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-64223 (Improper Control of Filename for Include/Require Statement in PHP Prog ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-64222 (Missing Authorization vulnerability in FantasticPlugins WooCommerce Re ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-64221 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-64218 (Insertion of Sensitive Information Into Sent Data vulnerability in WP ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-64217 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-64214 (Missing Authorization vulnerability in StylemixThemes MasterStudy LMS ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-64213 (Insertion of Sensitive Information Into Sent Data vulnerability in Sty ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-64209 (Missing Authorization vulnerability in StylemixThemes Masterstudy mast ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-64207 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-64206 (Deserialization of Untrusted Data vulnerability in TieLabs Jannah jann ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-64205 (Improper Control of Filename for Include/Require Statement in PHP Prog ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-64203 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-64193 (Improper Control of Filename for Include/Require Statement in PHP Prog ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-64192 (Missing Authorization vulnerability in 8theme XStore xstore allows Exp ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-64191 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-64189 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-64188 (Incorrect Privilege Assignment vulnerability in PenciDesign Soledad so ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-63039 (Missing Authorization vulnerability in CridioStudio ListingPro listing ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-60182 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-60180 (Deserialization of Untrusted Data vulnerability in CRM Perks WP Gravit ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-60178 (Deserialization of Untrusted Data vulnerability in CRM Perks WP Gravit ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-60174 (Deserialization of Untrusted Data vulnerability in CRM Perks WP Gravit ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-60091 (Deserialization of Untrusted Data vulnerability in CRM Perks WP Gravit ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-60090 (Deserialization of Untrusted Data vulnerability in CRM Perks WP Gravit ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-60089 (Deserialization of Untrusted Data vulnerability in CRM Perks WP Gravit ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-60088 (Missing Authorization vulnerability in Saleswonder Team: Tobias Webina ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-60086 (Missing Authorization vulnerability in Matt WP Voting Contest wp-votin ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-60084 (Deserialization of Untrusted Data vulnerability in add-ons.org PDF for ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-60083 (Deserialization of Untrusted Data vulnerability in add-ons.org PDF Inv ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-60082 (Deserialization of Untrusted Data vulnerability in add-ons.org PDF for ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-60081 (Deserialization of Untrusted Data vulnerability in add-ons.org PDF for ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-60080 (Deserialization of Untrusted Data vulnerability in add-ons.org PDF for ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-60079 (Missing Authorization vulnerability in bPlugins Parallax Section block ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-60078 (Improper Control of Filename for Include/Require Statement in PHP Prog ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-60077 (Missing Authorization vulnerability in YayCommerce YayPricing yayprici ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-60076 (Improper Control of Filename for Include/Require Statement in PHP Prog ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-60072 (Improper Control of Filename for Include/Require Statement in PHP Prog ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-60071 (Improper Control of Filename for Include/Require Statement in PHP Prog ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-60070 (Improper Control of Generation of Code ('Code Injection') vulnerabilit ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-60069 (Improper Control of Filename for Include/Require Statement in PHP Prog ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-60068 (Improper Control of Generation of Code ('Code Injection') vulnerabilit ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-60067 (Improper Control of Filename for Include/Require Statement in PHP Prog ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-60066 (Improper Control of Filename for Include/Require Statement in PHP Prog ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-60065 (Improper Control of Filename for Include/Require Statement in PHP Prog ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-60064 (Improper Control of Filename for Include/Require Statement in PHP Prog ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-60063 (Improper Control of Filename for Include/Require Statement in PHP Prog ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-60062 (Improper Neutralization of Special Elements used in an SQL Command ('S ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-60061 (Improper Control of Filename for Include/Require Statement in PHP Prog ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-60060 (Improper Control of Filename for Include/Require Statement in PHP Prog ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-60059 (Improper Control of Filename for Include/Require Statement in PHP Prog ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-60058 (Improper Control of Filename for Include/Require Statement in PHP Prog ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-60057 (Improper Control of Filename for Include/Require Statement in PHP Prog ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-60056 (Improper Control of Filename for Include/Require Statement in PHP Prog ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-60055 (Improper Control of Filename for Include/Require Statement in PHP Prog ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-60054 (Improper Control of Filename for Include/Require Statement in PHP Prog ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-60053 (Improper Control of Filename for Include/Require Statement in PHP Prog ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-60052 (Improper Control of Filename for Include/Require Statement in PHP Prog ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-60051 (Improper Control of Filename for Include/Require Statement in PHP Prog ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-60050 (Improper Control of Filename for Include/Require Statement in PHP Prog ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-60049 (Improper Control of Filename for Include/Require Statement in PHP Prog ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-60048 (Improper Control of Filename for Include/Require Statement in PHP Prog ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-60047 (Improper Control of Filename for Include/Require Statement in PHP Prog ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-60046 (Improper Control of Filename for Include/Require Statement in PHP Prog ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-60045 (Missing Authorization vulnerability in ThemeAtelier IDonatePro idonate ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-60044 (Improper Control of Filename for Include/Require Statement in PHP Prog ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-60043 (Improper Control of Filename for Include/Require Statement in PHP Prog ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-60042 (Improper Control of Filename for Include/Require Statement in PHP Prog ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-59849 (Improper management of Content Security Policy in HCL BigFix Remote Co ...)
- TODO: check
+ NOT-FOR-US: HCL
CVE-2025-59134 (Incorrect Privilege Assignment vulnerability in Jthemes Sale! Immigrat ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-58951 (Improper Neutralization of Special Elements used in an SQL Command ('S ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-58950 (Improper Control of Filename for Include/Require Statement in PHP Prog ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-58949 (Improper Control of Filename for Include/Require Statement in PHP Prog ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-58948 (Improper Control of Filename for Include/Require Statement in PHP Prog ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-58947 (Improper Control of Filename for Include/Require Statement in PHP Prog ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-58946 (Improper Control of Filename for Include/Require Statement in PHP Prog ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-58945 (Improper Control of Filename for Include/Require Statement in PHP Prog ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-58944 (Improper Control of Filename for Include/Require Statement in PHP Prog ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-58943 (Improper Control of Filename for Include/Require Statement in PHP Prog ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-58942 (Improper Control of Filename for Include/Require Statement in PHP Prog ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-58941 (Improper Control of Filename for Include/Require Statement in PHP Prog ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-58940 (Improper Control of Filename for Include/Require Statement in PHP Prog ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-58938 (Missing Authorization vulnerability in ThemeAtelier IDonatePro idonate ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-58937 (Improper Control of Filename for Include/Require Statement in PHP Prog ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-58936 (Improper Control of Filename for Include/Require Statement in PHP Prog ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-58935 (Improper Control of Filename for Include/Require Statement in PHP Prog ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-58934 (Improper Control of Filename for Include/Require Statement in PHP Prog ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-58933 (Improper Control of Filename for Include/Require Statement in PHP Prog ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-58932 (Improper Control of Filename for Include/Require Statement in PHP Prog ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-58931 (Improper Control of Filename for Include/Require Statement in PHP Prog ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-58930 (Improper Control of Filename for Include/Require Statement in PHP Prog ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-58929 (Improper Control of Filename for Include/Require Statement in PHP Prog ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-58928 (Improper Control of Filename for Include/Require Statement in PHP Prog ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-58927 (Improper Control of Filename for Include/Require Statement in PHP Prog ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-58926 (Improper Control of Filename for Include/Require Statement in PHP Prog ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-58925 (Improper Control of Filename for Include/Require Statement in PHP Prog ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-58923 (Improper Control of Filename for Include/Require Statement in PHP Prog ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-58901 (Improper Control of Filename for Include/Require Statement in PHP Prog ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-58900 (Improper Control of Filename for Include/Require Statement in PHP Prog ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-58899 (Improper Control of Filename for Include/Require Statement in PHP Prog ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-58898 (Improper Control of Filename for Include/Require Statement in PHP Prog ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-58896 (Improper Control of Filename for Include/Require Statement in PHP Prog ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-58895 (Improper Control of Filename for Include/Require Statement in PHP Prog ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-58894 (Improper Control of Filename for Include/Require Statement in PHP Prog ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-58893 (Improper Control of Filename for Include/Require Statement in PHP Prog ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-58892 (Improper Control of Filename for Include/Require Statement in PHP Prog ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-58891 (Improper Control of Filename for Include/Require Statement in PHP Prog ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-58890 (Improper Control of Filename for Include/Require Statement in PHP Prog ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-58889 (Improper Control of Filename for Include/Require Statement in PHP Prog ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-58888 (Improper Control of Filename for Include/Require Statement in PHP Prog ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-58885 (Improper Control of Filename for Include/Require Statement in PHP Prog ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-58879 (Improper Control of Filename for Include/Require Statement in PHP Prog ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-58877 (Missing Authorization vulnerability in javothemes Javo Core javo-core ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-58803 (Improper Control of Filename for Include/Require Statement in PHP Prog ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-58710 (Incorrect Privilege Assignment vulnerability in e-plugins Hotel Listin ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-58709 (Improper Control of Filename for Include/Require Statement in PHP Prog ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-58708 (Improper Control of Filename for Include/Require Statement in PHP Prog ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-58706 (Improper Control of Filename for Include/Require Statement in PHP Prog ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-58225 (Improper Control of Filename for Include/Require Statement in PHP Prog ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-57897 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-55707 (Incorrect Privilege Assignment vulnerability in WPXPO PostX ultimate-p ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-55254 (Improper management of Path-relative stylesheet import in HCL BigFix R ...)
- TODO: check
+ NOT-FOR-US: HCL
CVE-2025-54751 (Missing Authorization vulnerability in WPXPO PostX ultimate-post allow ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-54748 (Improper Limitation of a Pathname to a Restricted Directory ('Path Tra ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-54745 (Missing Authorization vulnerability in miniOrange miniOrange's Google ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-54743 (Missing Authorization vulnerability in mkscripts Download After Email ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-54741 (Missing Authorization vulnerability in Tyler Moore Super Blank super-b ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-54723 (Deserialization of Untrusted Data vulnerability in BoldThemes DentiCar ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-53453 (Improper Control of Filename for Include/Require Statement in PHP Prog ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-53449 (Improper Control of Filename for Include/Require Statement in PHP Prog ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-53448 (Improper Control of Filename for Include/Require Statement in PHP Prog ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-53447 (Improper Control of Filename for Include/Require Statement in PHP Prog ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-53446 (Improper Control of Filename for Include/Require Statement in PHP Prog ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-53445 (Improper Control of Filename for Include/Require Statement in PHP Prog ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-53443 (Improper Control of Filename for Include/Require Statement in PHP Prog ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-53442 (Improper Control of Filename for Include/Require Statement in PHP Prog ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-53441 (Improper Control of Filename for Include/Require Statement in PHP Prog ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-53439 (Improper Control of Filename for Include/Require Statement in PHP Prog ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-53438 (Improper Control of Filename for Include/Require Statement in PHP Prog ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-53437 (Improper Control of Filename for Include/Require Statement in PHP Prog ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-53436 (Improper Control of Filename for Include/Require Statement in PHP Prog ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-53435 (Improper Control of Filename for Include/Require Statement in PHP Prog ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-53434 (Improper Control of Filename for Include/Require Statement in PHP Prog ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-53433 (Improper Control of Filename for Include/Require Statement in PHP Prog ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-53432 (Improper Control of Filename for Include/Require Statement in PHP Prog ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-53431 (Improper Control of Filename for Include/Require Statement in PHP Prog ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-53430 (Improper Control of Filename for Include/Require Statement in PHP Prog ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-53429 (Improper Control of Filename for Include/Require Statement in PHP Prog ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-53000 (The nbconvert tool, jupyter nbconvert, converts Jupyter notebooks to v ...)
TODO: check
CVE-2025-52768 (Improper Control of Filename for Include/Require Statement in PHP Prog ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-52745 (Improper Control of Filename for Include/Require Statement in PHP Prog ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-49943 (Improper Control of Filename for Include/Require Statement in PHP Prog ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-49942 (Improper Control of Filename for Include/Require Statement in PHP Prog ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-49941 (Improper Control of Filename for Include/Require Statement in PHP Prog ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-49919 (Insertion of Sensitive Information Into Sent Data vulnerability in WPC ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-49918 (Insertion of Sensitive Information Into Sent Data vulnerability in e4j ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-49914 (Exposure of Sensitive System Information to an Unauthorized Control Sp ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-49902 (Missing Authorization vulnerability in A WP Life Login Page Customizer ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-49379 (Incorrect Privilege Assignment vulnerability in silverplugins217 Custo ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-49371 (Improper Control of Filename for Include/Require Statement in PHP Prog ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-49370 (Improper Control of Filename for Include/Require Statement in PHP Prog ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-49369 (Improper Control of Filename for Include/Require Statement in PHP Prog ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-49368 (Improper Control of Filename for Include/Require Statement in PHP Prog ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-49367 (Improper Control of Filename for Include/Require Statement in PHP Prog ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-49366 (Improper Control of Filename for Include/Require Statement in PHP Prog ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-49365 (Improper Control of Filename for Include/Require Statement in PHP Prog ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-49364 (Improper Control of Filename for Include/Require Statement in PHP Prog ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-49363 (Improper Control of Filename for Include/Require Statement in PHP Prog ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-49362 (Improper Control of Filename for Include/Require Statement in PHP Prog ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-49361 (Improper Control of Filename for Include/Require Statement in PHP Prog ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-49360 (Improper Control of Filename for Include/Require Statement in PHP Prog ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-49359 (Improper Control of Filename for Include/Require Statement in PHP Prog ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-49041 (Missing Authorization vulnerability in The African Boss Get Cash get-c ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-47387 (Memory Corruption when processing IOCTLs for JPEG data without verific ...)
- TODO: check
+ NOT-FOR-US: Qualcomm
CVE-2025-47382 (Memory corruption while loading an invalid firmware in boot loader.)
- TODO: check
+ NOT-FOR-US: Qualcomm
CVE-2025-47372 (Memory Corruption when a corrupted ELF image with an oversized file si ...)
- TODO: check
+ NOT-FOR-US: Qualcomm
CVE-2025-47350 (Memory corruption while handling concurrent memory mapping and unmappi ...)
- TODO: check
+ NOT-FOR-US: Qualcomm
CVE-2025-47325 (Information disclosure while processing system calls with invalid para ...)
- TODO: check
+ NOT-FOR-US: Qualcomm
CVE-2025-47323 (Memory corruption while routing GPR packets between user and root when ...)
- TODO: check
+ NOT-FOR-US: Qualcomm
CVE-2025-47322 (Memory corruption while handling IOCTL calls to set mode.)
- TODO: check
+ NOT-FOR-US: Qualcomm
CVE-2025-47321 (Memory corruption while copying packets received from unix clients.)
- TODO: check
+ NOT-FOR-US: Qualcomm
CVE-2025-47320 (Memory corruption while processing MFC channel configuration during mu ...)
- TODO: check
+ NOT-FOR-US: Qualcomm
CVE-2025-47319 (Information disclosure while exposing internal TA-to-TA communication ...)
- TODO: check
+ NOT-FOR-US: Qualcomm
CVE-2025-46292 (This issue was addressed with additional entitlement checks. This issu ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2025-46291 (A logic issue was addressed with improved validation. This issue is fi ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2025-46288 (A permissions issue was addressed with additional restrictions. This i ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2025-46283 (A logic issue was addressed with improved validation. This issue is fi ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2025-46282 (The issue was addressed with additional permissions checks. This issue ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2025-46281 (A logic issue was addressed with improved checks. This issue is fixed ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2025-46279 (A permissions issue was addressed with additional restrictions. This i ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2025-46278 (The issue was addressed with improved handling of caches. This issue i ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2025-46277 (A logging issue was addressed with improved data redaction. This issue ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2025-43533 (Multiple memory corruption issues were addressed with improved input v ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2025-43526 (This issue was addressed with improved URL validation. This issue is f ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2025-43514 (The issue was addressed with improved handling of caches. This issue i ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2025-43475 (A logging issue was addressed with improved data redaction. This issue ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2025-43428 (A configuration issue was addressed with additional restrictions. This ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2025-27063 (Memory corruption during video playback when video session open fails ...)
- TODO: check
+ NOT-FOR-US: Qualcomm
CVE-2025-14856 (A security vulnerability has been detected in y_project RuoYi up to 4. ...)
TODO: check
CVE-2025-14841 (A flaw has been found in OFFIS DCMTK up to 3.6.9. The impacted element ...)
@@ -549,41 +549,41 @@ CVE-2025-14837 (A vulnerability has been found in ZZCMS 2025. Affected by this i
CVE-2025-14836 (A flaw has been found in ZZCMS 2025. Affected by this vulnerability is ...)
TODO: check
CVE-2025-14834 (A weakness has been identified in code-projects Simple Stock System 1. ...)
- TODO: check
+ NOT-FOR-US: code-projects
CVE-2025-14833 (A security flaw has been discovered in code-projects Online Appointmen ...)
- TODO: check
+ NOT-FOR-US: code-projects
CVE-2025-14832 (A vulnerability was identified in itsourcecode Online Cake Ordering Sy ...)
- TODO: check
+ NOT-FOR-US: itsourcecode System
CVE-2025-14764 (Missing cryptographic key commitment in the Amazon S3 Encryption Clien ...)
- TODO: check
+ NOT-FOR-US: Amazon
CVE-2025-14763 (Missing cryptographic key commitment in the Amazon S3 Encryption Clien ...)
- TODO: check
+ NOT-FOR-US: Amazon
CVE-2025-14762 (Missing cryptographic key commitment in the AWS SDK for Ruby may allow ...)
- TODO: check
+ NOT-FOR-US: Amazon
CVE-2025-14761 (Missing cryptographic key commitment in the AWS SDK for PHP may allow ...)
- TODO: check
+ NOT-FOR-US: Amazon
CVE-2025-14760 (Missing cryptographic key commitment in the AWS SDK for C++ may allow ...)
- TODO: check
+ NOT-FOR-US: Amazon
CVE-2025-14759 (Missing cryptographic key commitment in the Amazon S3 Encryption Clien ...)
- TODO: check
+ NOT-FOR-US: Amazon
CVE-2025-14319
REJECTED
CVE-2025-14318 (Improper access checks in M-Files Server before 25.12 allows users to ...)
- TODO: check
+ NOT-FOR-US: M-Files
CVE-2025-14314 (Improper Neutralization of Special Elements used in an SQL Command ('S ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-14268
REJECTED
CVE-2025-14202 (A vulnerability in the file upload at bookmark + asset rendering pipel ...)
TODO: check
CVE-2025-13498 (The Download Manager plugin for WordPress is vulnerable to unauthorize ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-12976 (The Events Manager \u2013 Calendar, Bookings, Tickets, and more! plugi ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-12885 (The Embed Any Document \u2013 Embed PDF, Word, PowerPoint and Excel Fi ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-10019 (Authorization Bypass Through User-Controlled Key vulnerability in code ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2023-53933 (Serendipity 2.4.0 contains a remote code execution vulnerability that ...)
TODO: check
CVE-2023-53932 (Serendipity 2.4.0 contains a stored cross-site scripting vulnerability ...)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/caa4de1b87091a648e7128192d89b7137b585b96
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/caa4de1b87091a648e7128192d89b7137b585b96
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20251218/7486dd5a/attachment-0001.htm>
More information about the debian-security-tracker-commits
mailing list