Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
abe25931 by Salvatore Bonaccorso at 2025-03-20T09:14:06+01:00
Process some NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -3,9 +3,9 @@ CVE-2025-30259 (The WhatsApp cloud service before late 2024 did
not block certai
CVE-2025-30092 (Intrexx Portal Server 12.x <= 12.0.2 and 11.x <= 11.9.2 allows
XSS in ...)
TODO: check
CVE-2025-2505 (The Age Gate plugin for WordPress is vulnerable to Local PHP
File Incl ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-2108 (The 140+ Widgets | Xpro Addons For Elementor \u2013 FREE plugin
for Wo ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-27787 (Applio is a voice conversion tool. Versions 3.2.8-bugfix and
prior are ...)
TODO: check
CVE-2025-27786 (Applio is a voice conversion tool. Versions 3.2.8-bugfix and
prior are ...)
@@ -39,29 +39,29 @@ CVE-2025-26816 (A vulnerability in Intrexx Portal Server
12.0.2 and earlier whic
CVE-2025-22228 (BCryptPasswordEncoder.matches(CharSequence,String)will
incorrectly ret ...)
TODO: check
CVE-2025-1770 (The Event Manager, Events Calendar, Tickets, Registrations
\u2013 Even ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-1766 (The Event Manager, Events Calendar, Tickets, Registrations
\u2013 Even ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-1628
REJECTED
CVE-2025-1385 (When the library bridge feature is enabled, the
clickhouse-library-bri ...)
TODO: check
CVE-2025-1314 (The Custom Twitter Feeds \u2013 A Tweets Widget or X Feed
Widget plugi ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-55009 (A reflected cross-site scripting (XSS) vulnerability in
AutoBib - Bibl ...)
TODO: check
CVE-2024-13881 (The Link My Posts WordPress plugin through 1.0 does not
sanitise and e ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-13880 (The My Quota WordPress plugin through 1.0.8 does not sanitise
and esca ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-13878 (The SpotBot WordPress plugin through 0.1.8 does not sanitise
and escap ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-13877 (The Passbeemedia Web Push Notification WordPress plugin
through 1.0.0 ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-13876 (The mEintopf WordPress plugin through 0.2.1 does not sanitise
and esca ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-13875 (The WP-PManager WordPress plugin through 1.2 does not sanitise
and esc ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-12016 (Improper Neutralization of Special Elements used in an SQL
Command ('S ...)
TODO: check
CVE-2025-30258 (In GnuPG before 2.5.5, if a user chooses to import a
certificate with ...)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/abe25931cdb79a79eb20f81ab194afebd83959b7
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/abe25931cdb79a79eb20f81ab194afebd83959b7
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
