[Git][security-tracker-team/security-tracker][master] automatic NOT-FOR-US entries update
Salvatore Bonaccorso (@carnil)
carnil at debian.org
Thu Jun 26 09:14:23 BST 2025
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
7a2f4e1a by security tracker role at 2025-06-26T08:14:16+00:00
automatic NOT-FOR-US entries update
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,13 +1,13 @@
CVE-2025-6669 (A vulnerability was found in gooaclok819 sublinkX up to 1.8. It has be ...)
TODO: check
CVE-2025-6668 (A vulnerability was found in code-projects Inventory Management System ...)
- TODO: check
+ NOT-FOR-US: code-projects
CVE-2025-6667 (A vulnerability was found in code-projects Car Rental System 1.0 and c ...)
- TODO: check
+ NOT-FOR-US: code-projects
CVE-2025-6665 (A vulnerability has been found in code-projects Inventory Management S ...)
- TODO: check
+ NOT-FOR-US: code-projects
CVE-2025-6664 (A vulnerability, which was classified as problematic, was found in Cod ...)
- TODO: check
+ NOT-FOR-US: CodeAstro
CVE-2025-6662 (PDF-XChange Editor PRC File Parsing Out-Of-Bounds Read Information Dis ...)
TODO: check
CVE-2025-6661 (PDF-XChange Editor App Object Use-After-Free Remote Code Execution Vul ...)
@@ -57,63 +57,63 @@ CVE-2025-6640 (PDF-XChange Editor U3D File Parsing Use-After-Free Remote Code Ex
CVE-2025-6624 (Versions of the package snyk before 1.1297.3 are vulnerable to Inserti ...)
TODO: check
CVE-2025-6546 (The Drive Folder Embedder plugin for WordPress is vulnerable to Stored ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-6540 (The web-cam plugin for WordPress is vulnerable to Stored Cross-Site Sc ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-6538 (The Post Rating and Review plugin for WordPress is vulnerable to Store ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-6537 (The Namasha By Mdesign plugin for WordPress is vulnerable to Stored Cr ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-6443 (Mikrotik RouterOS VXLAN Source IP Improper Access Control Vulnerabilit ...)
TODO: check
CVE-2025-6383 (The WP-PhotoNav plugin for WordPress is vulnerable to Stored Cross-Sit ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-6378 (The Responsive Food and Drink Menu plugin for WordPress is vulnerable ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-6290 (The Tournament Bracket Generator plugin for WordPress is vulnerable to ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-6258 (The WP SoundSystem plugin for WordPress is vulnerable to Stored Cross- ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-5932 (The Homerunner plugin for WordPress is vulnerable to Cross-Site Reques ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-5929 (The The Countdown plugin for WordPress is vulnerable to Stored Cross-S ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-5813 (The Amazon Products to WooCommerce plugin for WordPress is vulnerable ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-5812 (The VG WORT METIS plugin for WordPress is vulnerable to unauthorized m ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-5590 (The Owl carousel responsive plugin for WordPress is vulnerable to time ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-5588 (The Image Editor by Pixo plugin for WordPress is vulnerable to Stored ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-5564 (The GC Social Wall plugin for WordPress is vulnerable to Stored Cross- ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-5559 (The TimeZoneCalculator plugin for WordPress is vulnerable to Stored Cr ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-5540 (The Event RSVP and Simple Event Management Plugin plugin for WordPress ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-5535 (The e.nigma buttons plugin for WordPress is vulnerable to Stored Cross ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-5488 (The WP Masonry & Infinite Scroll plugin for WordPress is vulnerable to ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-5459 (A user with specific node group editing permissions and a specially cr ...)
TODO: check
CVE-2025-5275 (The Charitable \u2013 Donation Plugin for WordPress \u2013 Fundraising ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-52934
REJECTED
CVE-2025-4334 (The Simple User Registration plugin for WordPress is vulnerable to Pri ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-48497 (Cross-site request forgery vulnerability exists in iroha Board version ...)
TODO: check
CVE-2025-41404 (Direct request ('Forced Browsing') issue exists in iroha Board version ...)
TODO: check
CVE-2025-3863 (The Post Carousel Slider for Elementor plugin for WordPress is vulnera ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-37101 (A potential security vulnerability has been identified in HPE OneView ...)
- TODO: check
+ NOT-FOR-US: HPE
CVE-2025-36038 (IBM WebSphere Application Server 8.5 and 9.0 could allow a remote atta ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2025-6678 (Autel MaxiCharger AC Wallbox Commercial PIN Missing Authentication Inf ...)
NOT-FOR-US: Autel
CVE-2025-6627 (A vulnerability has been found in TOTOLINK A702R 4.0.0-B20230721.1521 ...)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/7a2f4e1a84200fc0a104a36e71a24c1b3518f6ae
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/7a2f4e1a84200fc0a104a36e71a24c1b3518f6ae
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20250626/4345cf32/attachment.htm>
More information about the debian-security-tracker-commits
mailing list