[Git][security-tracker-team/security-tracker][master] automatic update

Salvatore Bonaccorso (@carnil) carnil at debian.org
Sat Nov 1 08:13:15 GMT 2025 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
8b86eba5 by security tracker role at 2025-11-01T08:13:08+00:00
automatic update

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,4 +1,62 @@
-CVE-2025-12464 [Stack buffer overflow in e1000 device via short frames in loopback mode]
+CVE-2025-6990 (The kallyas theme for WordPress is vulnerable to Remote Code Execution ...)
+	TODO: check
+CVE-2025-6988 (The kallyas theme for WordPress is vulnerable to Stored Cross-Site Scr ...)
+	TODO: check
+CVE-2025-6574 (The Service Finder Bookings plugin for WordPress is vulnerable to priv ...)
+	TODO: check
+CVE-2025-63563 (Summer Pearl Group Vacation Rental Management Platform prior to v1.0.2 ...)
+	TODO: check
+CVE-2025-62276 (The Document Library and the Adaptive Media modules in Liferay Portal  ...)
+	TODO: check
+CVE-2025-62275 (Blogs in Liferay Portal 7.4.0 through 7.4.3.111, and older unsupported ...)
+	TODO: check
+CVE-2025-5949 (The Service Finder Bookings plugin for WordPress is vulnerable to priv ...)
+	TODO: check
+CVE-2025-12367 (The SiteSEO \u2013 SEO Simplified plugin for WordPress is vulnerable t ...)
+	TODO: check
+CVE-2025-12180 (The Qi Blocks plugin for WordPress is vulnerable to Missing Authorizat ...)
+	TODO: check
+CVE-2025-12171 (The RESTful Content Syndication plugin for WordPress is vulnerable to  ...)
+	TODO: check
+CVE-2025-12137 (The Import WP \u2013 Export and Import CSV and XML files to WordPress  ...)
+	TODO: check
+CVE-2025-12118 (The Schema Scalpel plugin for WordPress is vulnerable to Stored Cross- ...)
+	TODO: check
+CVE-2025-12090 (The Employee Spotlight \u2013 Team Member Showcase & Meet the Team Plu ...)
+	TODO: check
+CVE-2025-12038 (The Folderly plugin for WordPress is vulnerable to unauthorized modifi ...)
+	TODO: check
+CVE-2025-11995 (The Community Events plugin for WordPress is vulnerable to Stored Cros ...)
+	TODO: check
+CVE-2025-11983 (The WP Discourse plugin for WordPress is vulnerable to Information Exp ...)
+	TODO: check
+CVE-2025-11928 (The CSS & JavaScript Toolbox plugin for WordPress is vulnerable to Sto ...)
+	TODO: check
+CVE-2025-11927 (The Flying Images: Optimize and Lazy Load Images for Faster Page Speed ...)
+	TODO: check
+CVE-2025-11922 (The Inactive Logout plugin for WordPress is vulnerable to Stored Cross ...)
+	TODO: check
+CVE-2025-11920 (The WPCOM Member plugin for WordPress is vulnerable to Local File Incl ...)
+	TODO: check
+CVE-2025-11833 (The Post SMTP \u2013 Complete SMTP Solution with Logs, Alerts, Backup  ...)
+	TODO: check
+CVE-2025-11816 (The Privacy Policy Generator, Terms & Conditions Generator WordPress P ...)
+	TODO: check
+CVE-2025-11755 (The WP Delicious \u2013 Recipe Plugin for Food Bloggers (formerly Deli ...)
+	TODO: check
+CVE-2025-11740 (The wpForo Forum plugin for WordPress is vulnerable to SQL Injection v ...)
+	TODO: check
+CVE-2025-11502 (The Schema & Structured Data for WP & AMP plugin for WordPress is vuln ...)
+	TODO: check
+CVE-2025-11499 (The Tablesome Table \u2013 Contact Form DB \u2013 WPForms, CF7, Gravit ...)
+	TODO: check
+CVE-2025-11377 (The List category posts plugin for WordPress is vulnerable to Informat ...)
+	TODO: check
+CVE-2025-11174 (The Document Library Lite plugin for WordPress is vulnerable to Improp ...)
+	TODO: check
+CVE-2025-10487 (The Advanced Ads \u2013Ad Manager & AdSense plugin for WordPress is vu ...)
+	TODO: check
+CVE-2025-12464 (A stack-based buffer overflow was found in the QEMU e1000 network devi ...)
 	- qemu <unfixed>
 	[bookworm] - qemu <not-affected> (Vulnerable code introduced later)
 	[bullseye] - qemu <not-affected> (Vulnerable code introduced later)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/8b86eba5168dc36496b909c817606a2ba0f44bb0

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/8b86eba5168dc36496b909c817606a2ba0f44bb0
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20251101/4d3a5830/attachment-0001.htm>

More information about the debian-security-tracker-commits mailing list