[Git][security-tracker-team/security-tracker][master] automatic NOT-FOR-US entries update
Salvatore Bonaccorso (@carnil)
carnil at debian.org
Tue Jan 6 20:14:12 GMT 2026
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
14f0a9d8 by security tracker role at 2026-01-06T20:14:04+00:00
automatic NOT-FOR-US entries update
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -11,99 +11,99 @@ CVE-2026-21489 (iccDEV provides a set of libraries and tools for working with IC
CVE-2026-21488 (iccDEV provides a set of libraries and tools for working with ICC colo ...)
TODO: check
CVE-2026-0641 (A security vulnerability has been detected in TOTOLINK WA300 5.2cu.711 ...)
- TODO: check
+ NOT-FOR-US: TOTOLINK
CVE-2026-0640 (A weakness has been identified in Tenda AC23 16.03.07.52. This affects ...)
- TODO: check
+ NOT-FOR-US: Tenda
CVE-2025-9637 (The Quiz and Survey Master (QSM) \u2013 Easy Quiz and Survey Maker plu ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-9318 (The Quiz and Survey Master (QSM) \u2013 Easy Quiz and Survey Maker plu ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-9294 (The Quiz and Survey Master (QSM) \u2013 Easy Quiz and Survey Maker plu ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-7048 (On affected platforms running Arista EOS with MACsec configuration, a ...)
- TODO: check
+ NOT-FOR-US: Arista Networks
CVE-2025-69364 (Missing Authorization vulnerability in Cloudways Breeze breeze allows ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-69363 (Missing Authorization vulnerability in CyberChimps Responsive Addons f ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-69362 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-69361 (Missing Authorization vulnerability in PublishPress Post Expirator pos ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-69360 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-69359 (Missing Authorization vulnerability in WPFunnels Creator LMS creatorlm ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-69357 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-69356 (Improper Control of Filename for Include/Require Statement in PHP Prog ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-69355 (Missing Authorization vulnerability in Tickera Tickera tickera-event-t ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-69354 (Missing Authorization vulnerability in BBR Plugins Better Business Rev ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-69353 (Missing Authorization vulnerability in Proxy & VPN Blocker Proxy & ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-69352 (Missing Authorization vulnerability in StellarWP The Events Calendar t ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-69351 (Improper Neutralization of Special Elements used in an SQL Command ('S ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-69350 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-69349 (Missing Authorization vulnerability in Fahad Mahmood RSS Feed Widget r ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-69348 (Missing Authorization vulnerability in CoolHappy The Events Calendar C ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-69346 (Missing Authorization vulnerability in WPCenter AffiliateX affiliatex ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-69345 (Missing Authorization vulnerability in BoldGrid Post and Page Builder ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-69342 (Improper Control of Filename for Include/Require Statement in PHP Prog ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-69341 (Missing Authorization vulnerability in BuddhaThemes WeDesignTech Ultim ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-69336 (Missing Authorization vulnerability in bdthemes Ultimate Store Kit Ele ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-69335 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-69334 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-69331 (Missing Authorization vulnerability in Jeroen Schmit Theater for WordP ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-69327 (Missing Authorization vulnerability in magepeopleteam Car Rental Manag ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-69086 (Improper Control of Filename for Include/Require Statement in PHP Prog ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-69085 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-69084 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-69083 (Improper Control of Filename for Include/Require Statement in PHP Prog ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-65212 (An issue was discovered in NJHYST HY511 POE core before 2.1 and plugin ...)
TODO: check
CVE-2025-63083 (Lack of output escaping leads to a XSS vector in the pagebreak plugin.)
- TODO: check
+ NOT-FOR-US: Joomla
CVE-2025-63082 (Lack of input filtering leads to an XSS vector in the HTML filter code ...)
- TODO: check
+ NOT-FOR-US: Joomla
CVE-2025-60534 (Blue Access Cobalt v02.000.195 suffers from an authentication bypass v ...)
TODO: check
CVE-2025-60262 (An issue in H3C M102G HM1A0V200R010 wireless controller and BA1500L SW ...)
TODO: check
CVE-2025-5919 (The Appointment Booking and Scheduling Calendar Plugin \u2013 WP Timet ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-59379 (DwyerOmega Isensix Advanced Remote Monitoring System (ARMS) 1.5.7 allo ...)
TODO: check
CVE-2025-47553 (Deserialization of Untrusted Data vulnerability in Digital zoom studio ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-46696 (Dell Secure Connect Gateway (SCG) 5.0 Appliance and Application, versi ...)
- TODO: check
+ NOT-FOR-US: Dell / EMC
CVE-2025-39477 (Missing Authorization vulnerability in Sfwebservice InWave Jobs allows ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-36589 (Dell Unisphere for PowerMax, version(s) 9.2.4.x, contain(s) an Imprope ...)
- TODO: check
+ NOT-FOR-US: Dell / EMC
CVE-2025-32304 (Improper Control of Filename for Include/Require Statement in PHP Prog ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-15382 (A heap buffer over-read vulnerability exists in the wolfSSH_CleanPath( ...)
TODO: check
CVE-2025-14979 (AirVPN Eddie on MacOS contains an insecure XPC service that allows loc ...)
@@ -111,17 +111,17 @@ CVE-2025-14979 (AirVPN Eddie on MacOS contains an insecure XPC service that allo
CVE-2025-14942 (wolfSSH\u2019s key exchange state machine can be manipulated to leak t ...)
TODO: check
CVE-2025-14552 (The MediaPress plugin for WordPress is vulnerable to Stored Cross-Site ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-14026 (Forcepoint One DLP Client, version 23.04.5642 (and possibly newer vers ...)
TODO: check
CVE-2025-13964 (The LearnPress \u2013 WordPress LMS Plugin plugin for WordPress is vul ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-13766 (The MasterStudy LMS WordPress Plugin \u2013 for Online Courses and Edu ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-31088 (Improper Neutralization of Input During Web Page Generation (XSS or 'C ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2024-30547 (Improper Neutralization of Input During Web Page Generation (XSS or 'C ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2023-5069
REJECTED
CVE-2020-36925 (Arteco Web Client DVR/NVR contains a session hijacking vulnerability w ...)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/14f0a9d8cb1f3841becaa3cad66964215bf88a0e
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/14f0a9d8cb1f3841becaa3cad66964215bf88a0e
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20260106/bc0fee0b/attachment-0001.htm>
More information about the debian-security-tracker-commits
mailing list