Moritz Muehlenhoff pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
5d16f29e by Moritz Muehlenhoff at 2025-02-28T10:13:56+01:00
NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,97 +1,97 @@
CVE-2025-26325 (ShopXO 6.4.0 is vulnerable to File Upload in
ThemeDataService.php.)
- TODO: check
+ NOT-FOR-US: ShopXO
CVE-2025-26264 (GeoVision GV-ASWeb with the version 6.1.2.0 or less, contains
a Remote ...)
- TODO: check
+ NOT-FOR-US: GeoVision GV-ASWeb
CVE-2025-25730 (An issue in Motorola Mobility Droid Razr HD (Model XT926)
System Versi ...)
- TODO: check
+ NOT-FOR-US: Motorola
CVE-2025-25729 (An information disclosure vulnerability in Bosscomm IF740
Firmware ver ...)
- TODO: check
+ NOT-FOR-US: Bosscom
CVE-2025-25728 (Bosscomm IF740 Firmware versions:11001.7078 & v11001.0000 and
System v ...)
- TODO: check
+ NOT-FOR-US: Bosscom
CVE-2025-25727 (Bosscomm IF740 Firmware versions:11001.7078 & v11001.0000 and
System v ...)
- TODO: check
+ NOT-FOR-US: Bosscom
CVE-2025-25570 (Vue Vben Admin 2.10.1 allows unauthorized login to the backend
due to ...)
- TODO: check
+ NOT-FOR-US: Vue Vben Admin
CVE-2025-25477 (A host header injection vulnerability in SysPass 3.2x allows
an attack ...)
- TODO: check
+ NOT-FOR-US: SysPass
CVE-2025-24832 (Arbitrary file overwrite during home directory recovery due to
imprope ...)
- TODO: check
+ NOT-FOR-US: Acronis
CVE-2025-23225 (IBM MQ 9.3 LTS, 9.3 CD, 9.4 LTS, and 9.4 CD could allow an
authenticat ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2025-1757 (The WordPress Portfolio Builder \u2013 Portfolio Gallery plugin
for Wo ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-1744 (Out-of-bounds Write vulnerability in radareorg radare2 allows
heap-b ...)
TODO: check
CVE-2025-1687 (The Cardealer theme for WordPress is vulnerable to Cross-Site
Request ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-1682 (The Cardealer theme for WordPress is vulnerable to privilege
escalatio ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-1681 (The Cardealer theme for WordPress is vulnerable to unauthorized
modifi ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-1572 (The KiviCare \u2013 Clinic & Patient Management System (EHR)
plugin fo ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-1571 (The Exclusive Addons for Elementor plugin for WordPress is
vulnerable ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-1513 (The Photos, Files, YouTube, Twitter, Instagram, TikTok,
Ecommerce Cont ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-1511 (The User Registration & Membership \u2013 Custom Registration
Form, Lo ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-1506 (The Wp Social Login and Register Social Counter plugin for
WordPress i ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-1505 (The Advanced AJAX Product Filters plugin for WordPress is
vulnerable t ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-1405 (The Product Catalog Simple plugin for WordPress is vulnerable
to Store ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-0975 (IBM MQ 9.3 LTS, 9.3 CD, 9.4 LTS, and 9.4 CD console could allow
an aut ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2025-0823 (IBM Cognos Analytics 11.2.0 through 11.2.4 FP5 and 12.0.0
through 12.0 ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2025-0801 (The RateMyAgent Official plugin for WordPress is vulnerable to
Cross-S ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-0764 (The wpForo Forum plugin for WordPress is vulnerable to
arbitrary file ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-56340 (IBM Cognos Analytics 11.2.0 through 11.2.4 FP5 is vulnerable
to local ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2024-55160 (GFast between v2 to v3.2 was discovered to contain a SQL
injection vul ...)
- TODO: check
+ NOT-FOR-US: GFast
CVE-2024-54173 (IBM MQ 9.3 LTS, 9.3 CD, 9.4 LTS, and 9.4 CD reveals
potentially sensit ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2024-51139 (Buffer Overflow vulnerability in Vigor2620/LTE200 3.9.8.9 and
earlier ...)
- TODO: check
+ NOT-FOR-US: Draytek
CVE-2024-51138 (Vigor165/166 4.2.7 and earlier; Vigor2620/LTE200 3.9.8.9 and
earlier; ...)
- TODO: check
+ NOT-FOR-US: Draytek
CVE-2024-41340 (An issue in Draytek devices Vigor 165/166 prior to v4.2.6 ,
Vigor 2620 ...)
- TODO: check
+ NOT-FOR-US: Draytek
CVE-2024-41339 (An issue in the CGI endpoint used to upload configurations in
Draytek ...)
- TODO: check
+ NOT-FOR-US: Draytek
CVE-2024-41338 (A NULL pointer dereference in Draytek devices Vigor 165/166
prior to v ...)
- TODO: check
+ NOT-FOR-US: Draytek
CVE-2024-41336 (Draytek devices Vigor 165/166 prior to v4.2.6 , Vigor
2620/LTE200 prio ...)
- TODO: check
+ NOT-FOR-US: Draytek
CVE-2024-41335 (Draytek devices Vigor 165/166 prior to v4.2.6 , Vigor
2620/LTE200 prio ...)
- TODO: check
+ NOT-FOR-US: Draytek
CVE-2024-41334 (Draytek devices Vigor 165/166 prior to v4.2.6 , Vigor
2620/LTE200 prio ...)
- TODO: check
+ NOT-FOR-US: Draytek
CVE-2024-38292 (In XIQ-SE before 24.2.11, due to a missing access control
check, a pat ...)
- TODO: check
+ NOT-FOR-US: XIQ-SE
CVE-2024-38291 (In XIQ-SE before 24.2.11, a low-privileged user may be able to
access ...)
- TODO: check
+ NOT-FOR-US: XIQ-SE
CVE-2024-38290 (In XIQ-SE before 24.2.11, a server misconfiguration may allow
user enu ...)
- TODO: check
+ NOT-FOR-US: XIQ-SE
CVE-2024-37567 (Infoblox NIOS through 8.6.4 has Improper Access Control for
Grids.)
- TODO: check
+ NOT-FOR-US: Infoblox NIOS
CVE-2024-37566 (Infoblox NIOS through 8.6.4 has Improper Authentication for
Grids.)
- TODO: check
+ NOT-FOR-US: Infoblox NIOS
CVE-2024-36047 (Infoblox NIOS through 8.6.4 and 9.x through 9.0.3 has Improper
Input V ...)
- TODO: check
+ NOT-FOR-US: Infoblox NIOS
CVE-2024-36046 (Infoblox NIOS through 8.6.4 executes with more privileges than
require ...)
- TODO: check
+ NOT-FOR-US: Infoblox NIOS
CVE-2024-13796 (The Post Grid and Gutenberg Blocks \u2013 ComboBlocks plugin
for WordP ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-12820 (The MK Google Directions plugin for WordPress is vulnerable to
Stored ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-12811 (The Traveler theme for WordPress is vulnerable to Local File
Inclusion ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-27399 (Mastodon is a self-hosted, federated microblogging platform.
In versio ...)
- mastodon <itp> (bug #859741)
CVE-2025-27157 (Mastodon is a self-hosted, federated microblogging platform.
Starting ...)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/5d16f29efe2ec53d0df25e895027733708320fe8
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/5d16f29efe2ec53d0df25e895027733708320fe8
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
