[Git][security-tracker-team/security-tracker][master] automatic NOT-FOR-US entries update
Salvatore Bonaccorso (@carnil)
carnil at debian.org
Thu Nov 27 08:13:43 GMT 2025
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
5ec3b70d by security tracker role at 2025-11-27T08:13:36+00:00
automatic NOT-FOR-US entries update
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,7 +1,7 @@
CVE-2025-7820 (The SKT PayPal for WooCommerce plugin for WordPress is vulnerable to P ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-66314 (Improper Privilege Management vulnerability in ZTE ElasticNet UME R32 ...)
- TODO: check
+ NOT-FOR-US: ZTE
CVE-2025-66040 (Spotipy is a Python library for the Spotify Web API. Prior to version ...)
TODO: check
CVE-2025-66035 (Angular is a development platform for building mobile and desktop web ...)
@@ -11,7 +11,7 @@ CVE-2025-66031 (Forge (also called `node-forge`) is a native implementation of T
CVE-2025-66030 (Forge (also called `node-forge`) is a native implementation of Transpo ...)
TODO: check
CVE-2025-65202 (TRENDnet TEW-657BRM 1.00.1 has an authenticated remote OS command inje ...)
- TODO: check
+ NOT-FOR-US: TRENDnet
CVE-2025-64344 (Suricata is a network IDS, IPS and NSM engine developed by the OISF (O ...)
TODO: check
CVE-2025-64335 (Suricata is a network IDS, IPS and NSM engine developed by the OISF (O ...)
@@ -29,59 +29,59 @@ CVE-2025-64330 (Suricata is a network IDS, IPS and NSM engine developed by the O
CVE-2025-62593 (Ray is an AI compute engine. Prior to version 2.52.0, developers worki ...)
TODO: check
CVE-2025-3784 (Cleartext Storage of Sensitive Information Vulnerability in GX Works2 ...)
- TODO: check
+ NOT-FOR-US: Mitsubishi
CVE-2025-34351 (Anyscale Ray 2.52.0 contains an insecure default configuration in whic ...)
TODO: check
CVE-2025-13762 (Improper Input Validation vulnerability in CyberArk CyberArk Secure We ...)
TODO: check
CVE-2025-13680 (The Tiger theme for WordPress is vulnerable to Privilege Escalation in ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-13675 (The Tiger theme for WordPress is vulnerable to Privilege Escalation in ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-13540 (The Tiare Membership plugin for WordPress is vulnerable to Privilege E ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-13539 (The FindAll Membership plugin for WordPress is vulnerable to Authentic ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-13538 (The FindAll Listing plugin for WordPress is vulnerable to Privilege Es ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-13525 (The WP Directory Kit plugin for WordPress is vulnerable to Reflected C ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-13441 (The Hide Category by User Role for WooCommerce plugin for WordPress is ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-13157 (The QODE Wishlist for WooCommerce plugin for WordPress is vulnerable t ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-13143 (The Poll, Survey & Quiz Maker Plugin by Opinion Stage plugin for WordP ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-12758 (Versions of the package validator before 13.15.22 are vulnerable to In ...)
TODO: check
CVE-2025-12713 (The Soundslides plugin for WordPress is vulnerable to Stored Cross-Sit ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-12712 (The Shouty plugin for WordPress is vulnerable to Stored Cross-Site Scr ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-12670 (The wp-twitpic plugin for WordPress is vulnerable to Stored Cross-Site ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-12666 (The Google Drive upload and download link plugin for WordPress is vuln ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-12649 (The SortTable Post plugin for WordPress is vulnerable to Stored Cross- ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-12579 (The Reuters Direct plugin for WordPress is vulnerable to unauthorized ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-12578 (The Reuters Direct plugin for WordPress is vulnerable to Cross-Site Re ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-12185 (The StaffList plugin for WordPress is vulnerable to Stored Cross-Site ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-12151 (The Simple Folio plugin for WordPress is vulnerable to Stored Cross-Si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-12123 (The Customer Reviews Collector for WooCommerce plugin for WordPress is ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-0658 (A vulnerability in Automated Logic and Carrier's Zone Controllervia BA ...)
- TODO: check
+ NOT-FOR-US: Carrier Global
CVE-2025-0657 (A weakness in Automated Logic and Carrier i-Vu Gen5 router on driver ...)
- TODO: check
+ NOT-FOR-US: Carrier Global
CVE-2024-5540 (The reflective cross-site scripting vulnerability found in ALC WebCTRL ...)
- TODO: check
+ NOT-FOR-US: Carrier Global
CVE-2024-5539 (The Access Control Bypass vulnerability found in ALC WebCTRL and Carri ...)
- TODO: check
+ NOT-FOR-US: Carrier Global
CVE-2020-36874 (ACE SECURITY WIP-90113 HD cameras contain an unauthenticated configura ...)
TODO: check
CVE-2020-36873 (Astak CM-818T3 2.4GHz wireless security surveillance cameras contain a ...)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/5ec3b70d6755f12e76aec17e05d8c1672b8ef86f
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/5ec3b70d6755f12e76aec17e05d8c1672b8ef86f
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20251127/6654383d/attachment-0001.htm>
More information about the debian-security-tracker-commits
mailing list