[Git][security-tracker-team/security-tracker][master] automatic NOT-FOR-US entries update
Salvatore Bonaccorso (@carnil)
carnil at debian.org
Fri Jul 4 21:13:10 BST 2025
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
fd20928b by security tracker role at 2025-07-04T20:13:04+00:00
automatic NOT-FOR-US entries update
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -3,21 +3,21 @@ CVE-2025-7067 (A vulnerability classified as problematic was found in HDF5 1.14.
CVE-2025-7066 (Jirafeau normally prevents browser preview for text files due to the p ...)
TODO: check
CVE-2025-7061 (A vulnerability was found in Intelbras InControl up to 2.21.60.9. It h ...)
- TODO: check
+ NOT-FOR-US: Intelbras
CVE-2025-7060 (A vulnerability was found in Monitorr up to 1.7.6m. It has been classi ...)
TODO: check
CVE-2025-6740 (The Contact Form 7 Database Addon plugin for WordPress is vulnerable t ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-6056 (Timing difference in password reset in Ergon Informatik AG's Airlock I ...)
TODO: check
CVE-2025-5920 (The Sharable Password Protected Posts before version 1.1.1 allows acce ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-53569 (Cross-Site Request Forgery (CSRF) vulnerability in Trust Payments Trus ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-53568 (Cross-Site Request Forgery (CSRF) vulnerability in Tony Zeoli Radio St ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-53566 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-53485 (SetTranslationHandler.php does not validate that the user is an electi ...)
TODO: check
CVE-2025-53484 (User-controlled inputs are improperly escaped in: * VotePage.p ...)
@@ -41,7 +41,7 @@ CVE-2025-52828 (Deserialization of Untrusted Data vulnerability in designthemes
CVE-2025-52813 (Missing Authorization vulnerability in pietro MobiLoud allows Exploiti ...)
TODO: check
CVE-2025-52807 (Improper Control of Filename for Include/Require Statement in PHP Prog ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-52805 (Path Traversal vulnerability in VaultDweller Leyka allows PHP Local Fi ...)
TODO: check
CVE-2025-52798 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
@@ -87,11 +87,11 @@ CVE-2025-49303 (Improper Limitation of a Pathname to a Restricted Directory ('Pa
CVE-2025-49302 (Improper Control of Generation of Code ('Code Injection') vulnerabilit ...)
TODO: check
CVE-2025-49274 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-49247 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-49245 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-49070 (Improper Control of Filename for Include/Require Statement in PHP Prog ...)
TODO: check
CVE-2025-48231 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
@@ -101,85 +101,85 @@ CVE-2025-48172 (CHMLib through 2bef8d0, as used in SumatraPDF and other products
CVE-2025-47634 (Missing Authorization vulnerability in Keylor Mendoza WC Pickup Store ...)
TODO: check
CVE-2025-47627 (Improper Control of Filename for Include/Require Statement in PHP Prog ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-47565 (Missing Authorization vulnerability in ashanjay EventON allows Exploit ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-47479 (Weak Authentication vulnerability in AresIT WP Compress allows Authent ...)
TODO: check
CVE-2025-46733 (OP-TEE is a Trusted Execution Environment (TEE) designed as companion ...)
TODO: check
CVE-2025-39487 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-32918 (Improper neutralization of Livestatus command delimiters in autocomple ...)
TODO: check
CVE-2025-32311 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-32297 (Improper Neutralization of Special Elements used in an SQL Command ('S ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-31037 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-30983 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-30979 (Improper Neutralization of Special Elements used in an SQL Command ('S ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-30969 (Improper Neutralization of Special Elements used in an SQL Command ('S ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-30947 (Improper Neutralization of Special Elements used in an SQL Command ('S ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-30943 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-30933 (Unrestricted Upload of File with Dangerous Type vulnerability in Liqui ...)
TODO: check
CVE-2025-30929 (Missing Authorization vulnerability in amazewp fluXtore allows Exploit ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-29012 (Missing Authorization vulnerability in kamleshyadav CF7 7 Mailchimp Ad ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-29007 (Missing Authorization vulnerability in LMSACE LMSACE Connect allows Ex ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-29001 (Missing Authorization vulnerability in ZoomIt WooCommerce Shop Page Bu ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-28983 (Improper Neutralization of Special Elements used in an SQL Command ('S ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-28980 (Improper Limitation of a Pathname to a Restricted Directory ('Path Tra ...)
TODO: check
CVE-2025-28978 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-28976 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
TODO: check
CVE-2025-28971 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-28969 (Improper Neutralization of Special Elements used in an SQL Command ('S ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-28968 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-28967 (Improper Neutralization of Special Elements used in an SQL Command ('S ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-28963 (Server-Side Request Forgery (SSRF) vulnerability in Md Yeasin Ul Haide ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-28957 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-28951 (Unrestricted Upload of File with Dangerous Type vulnerability in Creed ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-27358 (Improper Neutralization of Script-Related HTML Tags in a Web Page (Bas ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-27326 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-26591 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-24780 (Improper Neutralization of Special Elements used in an SQL Command ('S ...)
TODO: check
CVE-2025-24771 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-24764 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-24757 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-24748 (Improper Neutralization of Special Elements used in an SQL Command ('S ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-24735 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-23972 (Cross-Site Request Forgery (CSRF) vulnerability in Brian S. Reed Conta ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-23970 (Incorrect Privilege Assignment vulnerability in aonetheme Service Find ...)
TODO: check
CVE-2024-9453 (A vulnerability was found in Red Hat OpenShift Jenkins. The bearer tok ...)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/fd20928b0e13a8273be75e10e02f4396033f1042
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/fd20928b0e13a8273be75e10e02f4396033f1042
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20250704/c8adb746/attachment.htm>
More information about the debian-security-tracker-commits
mailing list