[Git][security-tracker-team/security-tracker][master] automatic NOT-FOR-US entries update
Salvatore Bonaccorso (@carnil)
carnil at debian.org
Tue Dec 30 20:14:25 GMT 2025
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
61f1f7a4 by security tracker role at 2025-12-30T20:14:18+00:00
automatic NOT-FOR-US entries update
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -9,119 +9,119 @@ CVE-2025-69210 (FacturaScripts is open-source enterprise resource planning and a
CVE-2025-69204 (ImageMagick is free and open-source software used for editing and mani ...)
TODO: check
CVE-2025-69093 (Missing Authorization vulnerability in wpdesk ShopMagic shopmagic-for- ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-69092 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-69091 (Missing Authorization vulnerability in Kraft Plugins Demo Importer Plu ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-69089 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-69088 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-69034 (Improper Control of Filename for Include/Require Statement in PHP Prog ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-69033 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-69032 (Authorization Bypass Through User-Controlled Key vulnerability in Mika ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-69031 (Missing Authorization vulnerability in Skywarrior Arcane arcane allows ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-69030 (Authorization Bypass Through User-Controlled Key vulnerability in Mika ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-69029 (Authorization Bypass Through User-Controlled Key vulnerability in Sele ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-69028 (Missing Authorization vulnerability in BoldGrid weForms weforms allows ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-69027 (Missing Authorization vulnerability in tychesoftwares Product Delivery ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-69026 (Exposure of Sensitive System Information to an Unauthorized Control Sp ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-69025 (Exposure of Sensitive System Information to an Unauthorized Control Sp ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-69024 (Missing Authorization vulnerability in bizswoop BizPrint print-google- ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-69023 (Missing Authorization vulnerability in Marketing Fire Discussion Board ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-69022 (Missing Authorization vulnerability in Weblizar - WordPress Themes &am ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-69021 (Cross-Site Request Forgery (CSRF) vulnerability in Ays Pro Popup box a ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-69020 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-69019 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-69018 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-69017 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-69016 (Missing Authorization vulnerability in averta Shortcodes and extra fea ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-69015 (Missing Authorization vulnerability in Automattic Crowdsignal Forms cr ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-69014 (Server-Side Request Forgery (SSRF) vulnerability in Youzify Youzify yo ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-69013 (Missing Authorization vulnerability in jetmonsters Stratum stratum all ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-69012 (Missing Authorization vulnerability in Stephen Harris Event Organiser ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-69010 (Missing Authorization vulnerability in themebeez Themebeez Toolkit the ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-69009 (Missing Authorization vulnerability in kamleshyadav Medicalequipment m ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-69008 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-69007 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-69006 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-68998 (Cross-Site Request Forgery (CSRF) vulnerability in Heateor Support Hea ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-68997 (Authorization Bypass Through User-Controlled Key vulnerability in Adva ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-68996 (Improper Control of Filename for Include/Require Statement in PHP Prog ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-68995 (Missing Authorization vulnerability in Gal Dubinski My Sticky Elements ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-68994 (Missing Authorization vulnerability in XforWooCommerce Product Loops f ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-68993 (Missing Authorization vulnerability in XforWooCommerce Share, Print an ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-68992 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-68991 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-68990 (Improper Neutralization of Special Elements used in an SQL Command ('S ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-68989 (Insertion of Sensitive Information Into Sent Data vulnerability in Ren ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-68988 (Exposure of Sensitive System Information to an Unauthorized Control Sp ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-68987 (Improper Control of Filename for Include/Require Statement in PHP Prog ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-68985 (Improper Control of Filename for Include/Require Statement in PHP Prog ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-68984 (Improper Control of Filename for Include/Require Statement in PHP Prog ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-68983 (Improper Control of Filename for Include/Require Statement in PHP Prog ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-68982 (Missing Authorization vulnerability in designthemes DesignThemes LMS A ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-68981 (Missing Authorization vulnerability in designthemes HomeFix Elementor ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-68980 (Missing Authorization vulnerability in designthemes WeDesignTech Portf ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-68979 (Authorization Bypass Through User-Controlled Key vulnerability in Simp ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-68978 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-68977 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-68976 (Missing Authorization vulnerability in Eagle-Themes Eagle Booking eagl ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-68975 (Authorization Bypass Through User-Controlled Key vulnerability in Eagl ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-68974 (Improper Control of Filename for Include/Require Statement in PHP Prog ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-68950 (ImageMagick is free and open-source software used for editing and mani ...)
TODO: check
CVE-2025-68926 (RustFS is a distributed object storage system built in Rust. In versio ...)
@@ -139,11 +139,11 @@ CVE-2025-66824 (A Stored Cross-Site Scripting (XSS) vulnerability exists in the
CVE-2025-66823 (An HTML Injection vulnerability in TrueConf server 5.5.2.10813 in the ...)
TODO: check
CVE-2025-66103 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-66094 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-66080 (Missing Authorization vulnerability in WP Legal Pages WP Cookie Notice ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-65925 (An issue was discovered in Zeroheight (SaaS) prior to 2025-06-13. A le ...)
TODO: check
CVE-2025-65411 (A NULL pointer dereference in the src/path.c component of GNU Unrtf v0 ...)
@@ -151,33 +151,33 @@ CVE-2025-65411 (A NULL pointer dereference in the src/path.c component of GNU Un
CVE-2025-65409 (A divide-by-zero in the encryption/decryption routines of GNU Recutils ...)
TODO: check
CVE-2025-64528 (Discourse is an open source discussion platform. Prior to versions 3.5 ...)
- TODO: check
+ NOT-FOR-US: Discourse
CVE-2025-64190 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-63027 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-62746 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-62128 (Missing Authorization vulnerability in SiteLock SiteLock Security allo ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-62112 (Cross-Site Request Forgery (CSRF) vulnerability in Merv Barrett Import ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-61557 (nixseparatedebuginfod before v0.4.1 is vulnerable to Directory Travers ...)
TODO: check
CVE-2025-59129 (Improper Neutralization of Special Elements used in an SQL Command ('S ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-56332 (Authentication Bypass in fosrl/pangolin v1.6.2 and before allows attac ...)
TODO: check
CVE-2025-52835 (Cross-Site Request Forgery (CSRF) vulnerability in ConoHa by GMO WING ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-50343 (An issue was discovered in matio 1.5.28. A heap-based memory corruptio ...)
TODO: check
CVE-2025-15359 (DVP-12SE11T - Out-of-bound memory write Vulnerability)
- TODO: check
+ NOT-FOR-US: Delta Electronics
CVE-2025-15358 (DVP-12SE11T - Denial of Service Vulnerability)
- TODO: check
+ NOT-FOR-US: Delta Electronics
CVE-2025-15353 (A vulnerability was detected in itsourcecode Society Management System ...)
- TODO: check
+ NOT-FOR-US: itsourcecode System
CVE-2025-15264 (A vulnerability was determined in FeehiCMS up to 2.1.1. Impacted is an ...)
TODO: check
CVE-2025-15263 (A weakness has been identified in BiggiDroid Simple PHP CMS 1.0. Affec ...)
@@ -191,13 +191,13 @@ CVE-2025-15257 (A security flaw has been discovered in Edimax BR-6208AC 1.02/1.0
CVE-2025-15256 (A vulnerability was identified in Edimax BR-6208AC 1.02/1.03. Affected ...)
TODO: check
CVE-2025-15255 (A vulnerability was determined in Tenda W6-S 1.0.0.4(510). This impact ...)
- TODO: check
+ NOT-FOR-US: Tenda
CVE-2025-15254 (A vulnerability was found in Tenda W6-S 1.0.0.4(510). This affects the ...)
- TODO: check
+ NOT-FOR-US: Tenda
CVE-2025-15253 (A vulnerability has been found in Tenda M3 1.0.0.13(4903). The impacte ...)
- TODO: check
+ NOT-FOR-US: Tenda
CVE-2025-15252 (A flaw has been found in Tenda M3 1.0.0.13(4903). The affected element ...)
- TODO: check
+ NOT-FOR-US: Tenda
CVE-2025-15251 (A vulnerability was detected in beecue FastBee up to 2.1. Impacted is ...)
TODO: check
CVE-2025-15250 (A security vulnerability has been detected in 08CMS Novel System up to ...)
@@ -211,25 +211,25 @@ CVE-2025-15247 (A vulnerability was identified in gmg137 snap7-rs up to 153d3e8c
CVE-2025-15246 (A vulnerability was determined in aizuda snail-job up to 1.7.0 on macO ...)
TODO: check
CVE-2025-15245 (A vulnerability was found in D-Link DCS-850L 1.02.09. Affected is the ...)
- TODO: check
+ NOT-FOR-US: D-Link
CVE-2025-15244 (A vulnerability has been found in PHPEMS up to 11.0. This impacts an u ...)
TODO: check
CVE-2025-15243 (A flaw has been found in code-projects Simple Stock System 1.0. This a ...)
- TODO: check
+ NOT-FOR-US: code-projects
CVE-2025-15242 (A vulnerability was detected in PHPEMS up to 11.0. The impacted elemen ...)
TODO: check
CVE-2025-15241 (A security vulnerability has been detected in CloudPanel Community Edi ...)
TODO: check
CVE-2025-15234 (A weakness has been identified in Tenda M3 1.0.0.13(4903). Impacted is ...)
- TODO: check
+ NOT-FOR-US: Tenda
CVE-2025-15103 (DVP-12SE11T - Authentication Bypass via Partial Password Disclosure)
- TODO: check
+ NOT-FOR-US: Delta Electronics
CVE-2025-15102 (DVP-12SE11T - Password Protection Bypass)
- TODO: check
+ NOT-FOR-US: Delta Electronics
CVE-2025-14509 (The Lucky Wheel for WooCommerce \u2013 Spin a Sale plugin for WordPres ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-14426 (The Strong Testimonials plugin for WordPress is vulnerable to unauthor ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-58247
REJECTED
CVE-2024-58246
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/61f1f7a4456101a708b15b56a71d8c6753109740
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/61f1f7a4456101a708b15b56a71d8c6753109740
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20251230/e5e8a0bb/attachment.htm>
More information about the debian-security-tracker-commits
mailing list