[Git][security-tracker-team/security-tracker][master] automatic NOT-FOR-US entries update
Salvatore Bonaccorso (@carnil)
carnil at debian.org
Wed Dec 31 08:13:54 GMT 2025
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
88636521 by security tracker role at 2025-12-31T08:13:45+00:00
automatic NOT-FOR-US entries update
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,37 +1,37 @@
CVE-2025-69277 (libsodium before ad3004e, in atypical use cases involving certain cust ...)
TODO: check
CVE-2025-68885 (Cross-Site Request Forgery (CSRF) vulnerability in Page Carbajal Custo ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-68131 (cbor2 provides encoding and decoding for the Concise Binary Object Rep ...)
TODO: check
CVE-2025-66723 (inMusic Brands Engine DJ 4.3.0 suffers from Insecure Permissions due t ...)
TODO: check
CVE-2025-62753 (Improper Control of Filename for Include/Require Statement in PHP Prog ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-61594 (URI is a module providing classes to handle Uniform Resource Identifie ...)
TODO: check
CVE-2025-59137 (Cross-Site Request Forgery (CSRF) vulnerability in eLEOPARD Behance Po ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-59131 (Cross-Site Request Forgery (CSRF) vulnerability in Hoernerfranz WP-Cal ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-49354 (Cross-Site Request Forgery (CSRF) vulnerability in Mindstien Technolog ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-49353 (Cross-Site Request Forgery (CSRF) vulnerability in Marcin Kijak Noinde ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-49346 (Cross-Site Request Forgery (CSRF) vulnerability in Peter Sterling Simp ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-49345 (Cross-Site Request Forgery (CSRF) vulnerability in mg12 WP-EasyArchive ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-49344 (Cross-Site Request Forgery (CSRF) vulnerability in Rene Ade SensitiveT ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-49343 (Cross-Site Request Forgery (CSRF) vulnerability in Socialprofilr Socia ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-49342 (Cross-Site Request Forgery (CSRF) vulnerability in Wolfgang H\xe4felin ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-2026 (The NPort 6100-G2/6200-G2 Series is affected by a high-severity vulner ...)
- TODO: check
+ NOT-FOR-US: Moxa
CVE-2025-1977 (The NPort 6100-G2/6200-G2 Series is affected by an execution with unne ...)
- TODO: check
+ NOT-FOR-US: Moxa
CVE-2025-15375 (A flaw has been found in EyouCMS up to 1.7.7. The impacted element is ...)
TODO: check
CVE-2025-15374 (A vulnerability was detected in EyouCMS up to 1.7.7. The affected elem ...)
@@ -41,15 +41,15 @@ CVE-2025-15373 (A security vulnerability has been detected in EyouCMS up to 1.7.
CVE-2025-15372 (A weakness has been identified in youlaitech vue3-element-admin up to ...)
TODO: check
CVE-2025-15371 (A vulnerability has been found in Tenda i24, 4G03 Pro, 4G05, 4G08, G0- ...)
- TODO: check
+ NOT-FOR-US: Tenda
CVE-2025-15360 (A vulnerability was determined in newbee-mall-plus 2.0.0. This impacts ...)
TODO: check
CVE-2025-15357 (A vulnerability was found in D-Link DI-7400G+ 19.12.25A1. This affects ...)
- TODO: check
+ NOT-FOR-US: D-Link
CVE-2025-15356 (A vulnerability has been found in Tenda AC20 up to 16.03.08.12. The im ...)
- TODO: check
+ NOT-FOR-US: Tenda
CVE-2025-15354 (A flaw has been found in itsourcecode Society Management System 1.0. T ...)
- TODO: check
+ NOT-FOR-US: itsourcecode System
CVE-2025-15280 (FontForge SFD File Parsing Use-After-Free Remote Code Execution Vulner ...)
TODO: check
CVE-2025-15279 (FontForge GUtils BMP File Parsing Heap-based Buffer Overflow Remote Co ...)
@@ -85,17 +85,17 @@ CVE-2025-15112 (Ksenia Security Lares 4.0 version 1.6 contains a URL redirection
CVE-2025-15111 (Ksenia Security Lares 4.0 Home Automation version 1.6 contains a defau ...)
TODO: check
CVE-2025-15017 (A vulnerability exists in serial device servers where active debug cod ...)
- TODO: check
+ NOT-FOR-US: Moxa
CVE-2025-14987 (When system.enableCrossNamespaceCommands is enabled (on by default), t ...)
TODO: check
CVE-2025-14986 (When frontend.enableExecuteMultiOperation is enabled, the server can a ...)
TODO: check
CVE-2025-14783 (The Easy Digital Downloads plugin for WordPress is vulnerable to Unval ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-14434 (The Ultimate Post Kit Addons for Elementor WordPress plugin before 4.0 ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-13029 (The Knowband Mobile App Builder WordPress plugin before 3.0.0 does not ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-11964 (On Windows only, if libpcap needs to convert a Windows error message t ...)
TODO: check
CVE-2025-11961 (pcap_ether_aton() is an auxiliary function in libpcap, it takes a stri ...)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/8863652147e858a5657988c756704e930d80fc0f
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/8863652147e858a5657988c756704e930d80fc0f
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20251231/3ebdd941/attachment.htm>
More information about the debian-security-tracker-commits
mailing list