[Git][security-tracker-team/security-tracker][master] automatic NOT-FOR-US entries update
Salvatore Bonaccorso (@carnil)
carnil at debian.org
Mon Jan 5 20:14:13 GMT 2026
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
773575dc by security tracker role at 2026-01-05T20:14:02+00:00
automatic NOT-FOR-US entries update
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -5,53 +5,53 @@ CVE-2026-21634 (A malicious actor with access to the adjacent network could over
CVE-2026-21633 (A malicious actor with access to the adjacent network could obtain una ...)
TODO: check
CVE-2026-0597 (A flaw has been found in Campcodes Supplier Management System 1.0. Aff ...)
- TODO: check
+ NOT-FOR-US: Campcodes
CVE-2026-0592 (A security flaw has been discovered in code-projects Online Product Re ...)
- TODO: check
+ NOT-FOR-US: code-projects
CVE-2026-0591 (A vulnerability was identified in code-projects Online Product Reserva ...)
- TODO: check
+ NOT-FOR-US: code-projects
CVE-2026-0590 (A vulnerability was determined in code-projects Online Product Reserva ...)
- TODO: check
+ NOT-FOR-US: code-projects
CVE-2026-0589 (A vulnerability was found in code-projects Online Product Reservation ...)
- TODO: check
+ NOT-FOR-US: code-projects
CVE-2026-0588 (A weakness has been identified in Xinhu Rainrock RockOA up to 2.7.1. A ...)
TODO: check
CVE-2026-0587 (A security flaw has been discovered in Xinhu Rainrock RockOA up to 2.7 ...)
TODO: check
CVE-2026-0586 (A vulnerability was detected in code-projects Online Product Reservati ...)
- TODO: check
+ NOT-FOR-US: code-projects
CVE-2026-0585 (A security vulnerability has been detected in code-projects Online Pro ...)
- TODO: check
+ NOT-FOR-US: code-projects
CVE-2026-0584 (A weakness has been identified in code-projects Online Product Reserva ...)
- TODO: check
+ NOT-FOR-US: code-projects
CVE-2026-0583 (A security flaw has been discovered in code-projects Online Product Re ...)
- TODO: check
+ NOT-FOR-US: code-projects
CVE-2026-0582 (A vulnerability was identified in itsourcecode Society Management Syst ...)
- TODO: check
+ NOT-FOR-US: itsourcecode System
CVE-2026-0581 (A vulnerability was determined in Tenda AC1206 15.03.06.23. Affected b ...)
- TODO: check
+ NOT-FOR-US: Tenda
CVE-2025-69291
REJECTED
CVE-2025-69290
REJECTED
CVE-2025-69087 (Improper Control of Filename for Include/Require Statement in PHP Prog ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-68865 (Improper Neutralization of Special Elements used in an SQL Command ('S ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-68850 (Missing Authorization vulnerability in Codepeople Sell Downloads allow ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-68547 (Missing Authorization vulnerability in WPweb Follow My Blog Post allow ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-68280 (Improper Restriction of XML External Entity Reference vulnerability in ...)
TODO: check
CVE-2025-68044 (Authorization Bypass Through User-Controlled Key vulnerability in Rust ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-68033 (Insertion of Sensitive Information Into Sent Data vulnerability in Bre ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-68029 (Insertion of Sensitive Information Into Sent Data vulnerability in WP ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-68014 (Insertion of Sensitive Information Into Sent Data vulnerability in Awe ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-67427 (A Blind Server-Side Request Forgery (SSRF) vulnerability in evershop 2 ...)
TODO: check
CVE-2025-67419 (A Denial of Service (DoS) vulnerability in evershop 2.1.0 and prior al ...)
@@ -67,7 +67,7 @@ CVE-2025-67303 (An issue in ComfyUI-Manager prior to version 3.38 allowed remote
CVE-2025-66518 (Any client who can access to Apache Kyuubi Server via Kyuubi frontend ...)
TODO: check
CVE-2025-66376 (Zimbra Collaboration (ZCS) 10 before 10.0.18 and 10.1 before 10.1.13 a ...)
- TODO: check
+ NOT-FOR-US: Zimbra
CVE-2025-65922 (PLANKA 2.0.0 lacks X-Frame-Options and CSP frame-ancestors headers, al ...)
TODO: check
CVE-2025-65328 (Mega-Fence (webgate-lib.*) 25.1.914 and prior trusts the first value o ...)
@@ -81,7 +81,7 @@ CVE-2025-64419 (Coolify is an open-source and self-hostable tool for managing se
CVE-2025-61781 (OpenCTI is an open source platform for managing cyber threat intellige ...)
TODO: check
CVE-2025-5965 (In the backup parameters, a user with high privilege is able to concat ...)
- TODO: check
+ NOT-FOR-US: Centreon
CVE-2025-59955 (Coolify is an open-source and self-hostable tool for managing servers, ...)
TODO: check
CVE-2025-59467 (A Cross-Site Scripting (XSS) vulnerability in the UCRM Argentina AFIP ...)
@@ -99,7 +99,7 @@ CVE-2025-55204 (muffon is a cross-platform music streaming client for desktop. V
CVE-2025-53966 (An issue was discovered in Samsung Mobile Processor Exynos 1380, 1480, ...)
TODO: check
CVE-2025-53344 (Cross-Site Request Forgery (CSRF) vulnerability in ThimPress Thim Core ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-52519 (An issue was discovered in the Camera in Samsung Mobile Processor and ...)
TODO: check
CVE-2025-52517 (An issue was discovered in the Camera in Samsung Mobile Processor and ...)
@@ -111,25 +111,25 @@ CVE-2025-52515 (An issue was discovered in the Camera in Samsung Mobile Processo
CVE-2025-49495 (An issue was discovered in the WiFi driver in Samsung Mobile Processor ...)
TODO: check
CVE-2025-46255 (Missing Authorization vulnerability in Marketing Fire LLC LoginWP - Pr ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-43706 (An issue was discovered in L2 in Samsung Mobile Processor, Wearable Pr ...)
TODO: check
CVE-2025-39561 (Missing Authorization vulnerability in Marketing Fire, LLC LoginWP - P ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-39497 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-39484 (Improper Neutralization of Special Elements used in an SQL Command ('S ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-31048 (Unrestricted Upload of File with Dangerous Type vulnerability in Themi ...)
TODO: check
CVE-2025-31047 (Deserialization of Untrusted Data vulnerability in Themify Themify Edm ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-31046 (Missing Authorization vulnerability in WPvibes AnyWhere Elementor Pro ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-31044 (Improper Neutralization of Special Elements used in an SQL Command ('S ...)
TODO: check
CVE-2025-30633 (Improper Neutralization of Special Elements used in an SQL Command ('S ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-27807 (An issue was discovered in Samsung Mobile Processor, Wearable Processo ...)
TODO: check
CVE-2025-15240 (QOCA aim AI Medical Cloud Platform developed by Quanta Computer has an ...)
@@ -137,41 +137,41 @@ CVE-2025-15240 (QOCA aim AI Medical Cloud Platform developed by Quanta Computer
CVE-2025-15239 (QOCA aim AI Medical Cloud Platform developed by Quanta Computer has a ...)
TODO: check
CVE-2025-15029 (Improper Neutralization of Special Elements used in an SQL Command ('S ...)
- TODO: check
+ NOT-FOR-US: Centreon
CVE-2025-15026 (Missing Authentication for Critical Function vulnerability in Centreon ...)
- TODO: check
+ NOT-FOR-US: Centreon
CVE-2025-14346 (WHILL Model C2 Electric Wheelchairs and Model F Power Chairs do not en ...)
TODO: check
CVE-2025-13056 (Improper Neutralization of Input During Web Page Generation (XSS or 'C ...)
- TODO: check
+ NOT-FOR-US: Centreon
CVE-2025-12519 (Missing Authorization vulnerability in Centreon Infra Monitoring (Admi ...)
- TODO: check
+ NOT-FOR-US: Centreon
CVE-2025-12513 (Improper Neutralization of Input During Web Page Generation (XSS or 'C ...)
- TODO: check
+ NOT-FOR-US: Centreon
CVE-2025-12511 (Improper Neutralization of Input During Web Page Generation (XSS or 'C ...)
- TODO: check
+ NOT-FOR-US: Centreon
CVE-2025-10933 (An integer underflow vulnerability in the Silicon Labs Z-Wave Protocol ...)
- TODO: check
+ NOT-FOR-US: Silicon Labs
CVE-2024-56825
REJECTED
CVE-2024-56809
REJECTED
CVE-2024-53735 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2024-30516 (Improper Validation of Specified Quantity in Input vulnerability in Sa ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2024-30461 (Improper Neutralization of Input During Web Page Generation (XSS or 'C ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2024-23511 (Improper Neutralization of Input During Web Page Generation (XSS or 'C ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2023-52212 (Cross-Site Request Forgery (CSRF) vulnerability in Automattic WP Job M ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2023-51513 (Improper Neutralization of Input During Web Page Generation (XSS or 'C ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2023-50897 (Unrestricted Upload of File with Dangerous Type vulnerability in Meow ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2023-49186 (Improper Neutralization of Input During Web Page Generation (XSS or 'C ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-68762 (In the Linux kernel, the following vulnerability has been resolved: n ...)
- linux 6.17.13-1
[trixie] - linux <not-affected> (Vulnerable code not present)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/773575dcc098f487089c4fc5886e434103c5642e
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/773575dcc098f487089c4fc5886e434103c5642e
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20260105/9525b8ce/attachment.htm>
More information about the debian-security-tracker-commits
mailing list