Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
0069e7c9 by Salvatore Bonaccorso at 2025-02-25T21:35:14+01:00
Process some NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,133 +1,133 @@
CVE-2025-27146 (matrix-appservice-irc is a Node.js IRC bridge for Matrix. The
matrix-a ...)
- TODO: check
+ NOT-FOR-US: matrix-appservice-irc
CVE-2025-27142 (LocalSend is a free, open-source app that allows users to
securely sha ...)
- TODO: check
+ NOT-FOR-US: LocalSend
CVE-2025-27139 (Combodo iTop is a web based IT service management tool.
Versions prior ...)
- TODO: check
+ NOT-FOR-US: Combodo iTop
CVE-2025-27135 (RAGFlow is an open-source RAG (Retrieval-Augmented Generation)
engine. ...)
- TODO: check
+ NOT-FOR-US: RAGFlow
CVE-2025-27110 (Libmodsecurity is one component of the ModSecurity v3 project.
The lib ...)
TODO: check
CVE-2025-27000 (Missing Authorization vulnerability in George Pattichis Simple
Photo F ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-26995 (Missing Authorization vulnerability in Anton Vanyukov Market
Exporter ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-26993 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-26991 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-26987 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-26985 (Improper Control of Filename for Include/Require Statement in
PHP Prog ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-26983 (Missing Authorization vulnerability in WPZOOM Recipe Card
Blocks for G ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-26981 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-26980 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-26979 (Improper Control of Filename for Include/Require Statement in
PHP Prog ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-26977 (Authorization Bypass Through User-Controlled Key vulnerability
in Ninj ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-26975 (Missing Authorization vulnerability in WP Chill Strong
Testimonials al ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-26974 (Improper Neutralization of Special Elements used in an SQL
Command ('S ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-26971 (Improper Neutralization of Special Elements used in an SQL
Command ('S ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-26966 (Authentication Bypass Using an Alternate Path or Channel
vulnerability ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-26965 (Authorization Bypass Through User-Controlled Key vulnerability
in amel ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-26964 (Improper Control of Filename for Include/Require Statement in
PHP Prog ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-26963 (Cross-Site Request Forgery (CSRF) vulnerability in flowdee
ClickWhale ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-26962 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-26960 (Missing Authorization vulnerability in enituretechnology Small
Package ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-26957 (Improper Control of Filename for Include/Require Statement in
PHP Prog ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-26952 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-26949 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-26948 (Missing Authorization vulnerability in NotFound Pie Register
Premium. ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-26947 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-26946 (Improper Neutralization of Special Elements used in an SQL
Command ('S ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-26945 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-26943 (Improper Neutralization of Special Elements used in an SQL
Command ('S ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-26939 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-26938 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-26937 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-26935 (Path Traversal vulnerability in wpjobportal WP Job Portal
allows PHP L ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-26932 (Improper Control of Filename for Include/Require Statement in
PHP Prog ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-26931 (Cross-Site Request Forgery (CSRF) vulnerability in Tribulant
Software ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-26928 (Missing Authorization vulnerability in xfinitysoft Order Limit
for Woo ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-26926 (Cross-Site Request Forgery (CSRF) vulnerability in NotFound
Booknetic. ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-26915 (Improper Neutralization of Special Elements used in an SQL
Command ('S ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-26913 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-26912 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-26911 (Exposure of Sensitive System Information to an Unauthorized
Control Sp ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-26907 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-26905 (Improper Limitation of a Pathname to a Restricted Directory
('Path Tra ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-26904 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-26900 (Deserialization of Untrusted Data vulnerability in flexmls
Flexmls\xae ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-26897 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-26896 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-26893 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-26891 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-26887 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-26884 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-26882 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-26881 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-26878 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-26877 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-26876 (Path Traversal vulnerability in CodeManas Search with
Typesense allows ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-26871 (Missing Authorization vulnerability in WPDeveloper Essential
Blocks fo ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-26868 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-26753 (Improper Limitation of a Pathname to a Restricted Directory
('Path Tra ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-26752 (Improper Limitation of a Pathname to a Restricted Directory
('Path Tra ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-26751 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-25192 (GLPI is a free asset and IT management software package. Prior
to vers ...)
TODO: check
CVE-2025-23046 (GLPI is a free asset and IT management software package.
Starting in v ...)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/0069e7c9ebfa0b2354051af94d257868474911ce
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/0069e7c9ebfa0b2354051af94d257868474911ce
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
