[Git][security-tracker-team/security-tracker][master] Process some NFUs
Salvatore Bonaccorso (@carnil)
carnil at debian.org
Tue Feb 25 20:41:45 GMT 2025
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
0069e7c9 by Salvatore Bonaccorso at 2025-02-25T21:35:14+01:00
Process some NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,133 +1,133 @@
CVE-2025-27146 (matrix-appservice-irc is a Node.js IRC bridge for Matrix. The matrix-a ...)
- TODO: check
+ NOT-FOR-US: matrix-appservice-irc
CVE-2025-27142 (LocalSend is a free, open-source app that allows users to securely sha ...)
- TODO: check
+ NOT-FOR-US: LocalSend
CVE-2025-27139 (Combodo iTop is a web based IT service management tool. Versions prior ...)
- TODO: check
+ NOT-FOR-US: Combodo iTop
CVE-2025-27135 (RAGFlow is an open-source RAG (Retrieval-Augmented Generation) engine. ...)
- TODO: check
+ NOT-FOR-US: RAGFlow
CVE-2025-27110 (Libmodsecurity is one component of the ModSecurity v3 project. The lib ...)
TODO: check
CVE-2025-27000 (Missing Authorization vulnerability in George Pattichis Simple Photo F ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-26995 (Missing Authorization vulnerability in Anton Vanyukov Market Exporter ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-26993 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-26991 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-26987 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-26985 (Improper Control of Filename for Include/Require Statement in PHP Prog ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-26983 (Missing Authorization vulnerability in WPZOOM Recipe Card Blocks for G ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-26981 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-26980 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-26979 (Improper Control of Filename for Include/Require Statement in PHP Prog ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-26977 (Authorization Bypass Through User-Controlled Key vulnerability in Ninj ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-26975 (Missing Authorization vulnerability in WP Chill Strong Testimonials al ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-26974 (Improper Neutralization of Special Elements used in an SQL Command ('S ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-26971 (Improper Neutralization of Special Elements used in an SQL Command ('S ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-26966 (Authentication Bypass Using an Alternate Path or Channel vulnerability ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-26965 (Authorization Bypass Through User-Controlled Key vulnerability in amel ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-26964 (Improper Control of Filename for Include/Require Statement in PHP Prog ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-26963 (Cross-Site Request Forgery (CSRF) vulnerability in flowdee ClickWhale ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-26962 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-26960 (Missing Authorization vulnerability in enituretechnology Small Package ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-26957 (Improper Control of Filename for Include/Require Statement in PHP Prog ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-26952 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-26949 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-26948 (Missing Authorization vulnerability in NotFound Pie Register Premium. ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-26947 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-26946 (Improper Neutralization of Special Elements used in an SQL Command ('S ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-26945 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-26943 (Improper Neutralization of Special Elements used in an SQL Command ('S ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-26939 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-26938 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-26937 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-26935 (Path Traversal vulnerability in wpjobportal WP Job Portal allows PHP L ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-26932 (Improper Control of Filename for Include/Require Statement in PHP Prog ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-26931 (Cross-Site Request Forgery (CSRF) vulnerability in Tribulant Software ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-26928 (Missing Authorization vulnerability in xfinitysoft Order Limit for Woo ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-26926 (Cross-Site Request Forgery (CSRF) vulnerability in NotFound Booknetic. ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-26915 (Improper Neutralization of Special Elements used in an SQL Command ('S ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-26913 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-26912 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-26911 (Exposure of Sensitive System Information to an Unauthorized Control Sp ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-26907 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-26905 (Improper Limitation of a Pathname to a Restricted Directory ('Path Tra ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-26904 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-26900 (Deserialization of Untrusted Data vulnerability in flexmls Flexmls\xae ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-26897 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-26896 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-26893 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-26891 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-26887 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-26884 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-26882 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-26881 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-26878 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-26877 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-26876 (Path Traversal vulnerability in CodeManas Search with Typesense allows ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-26871 (Missing Authorization vulnerability in WPDeveloper Essential Blocks fo ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-26868 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-26753 (Improper Limitation of a Pathname to a Restricted Directory ('Path Tra ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-26752 (Improper Limitation of a Pathname to a Restricted Directory ('Path Tra ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-26751 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-25192 (GLPI is a free asset and IT management software package. Prior to vers ...)
TODO: check
CVE-2025-23046 (GLPI is a free asset and IT management software package. Starting in v ...)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/0069e7c9ebfa0b2354051af94d257868474911ce
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/0069e7c9ebfa0b2354051af94d257868474911ce
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20250225/4181a093/attachment-0001.htm>
More information about the debian-security-tracker-commits
mailing list