Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
adbc4276 by Salvatore Bonaccorso at 2025-04-17T22:18:08+02:00
Process several NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,37 +1,37 @@
CVE-2025-43015 (In JetBrains RubyMine before 2025.1 remote Interpreter
overwrote ports ...)
- TODO: check
+ NOT-FOR-US: JetBrains
CVE-2025-43014 (In JetBrains Toolbox App before 2.6 the SSH plugin established
connect ...)
- TODO: check
+ NOT-FOR-US: JetBrains
CVE-2025-43013 (In JetBrains Toolbox App before 2.6 unencrypted credential
transmissio ...)
- TODO: check
+ NOT-FOR-US: JetBrains
CVE-2025-43012 (In JetBrains Toolbox App before 2.6 command injection in SSH
plugin wa ...)
- TODO: check
+ NOT-FOR-US: JetBrains
CVE-2025-42921 (In JetBrains Toolbox App before 2.6 host key verification was
missing ...)
- TODO: check
+ NOT-FOR-US: JetBrains
CVE-2025-3765 (A vulnerability, which was classified as critical, has been
found in S ...)
- TODO: check
+ NOT-FOR-US: SourceCodester
CVE-2025-3764 (A vulnerability classified as critical was found in
SourceCodester Web ...)
- TODO: check
+ NOT-FOR-US: SourceCodester
CVE-2025-3763 (A vulnerability classified as critical has been found in
SourceCodeste ...)
- TODO: check
+ NOT-FOR-US: SourceCodester
CVE-2025-3762 (A vulnerability was found in PCMan FTP Server 2.0.7. It has
been rated ...)
TODO: check
CVE-2025-3760 (A stored cross-site scripting (XSS) vulnerability exists with
radio bu ...)
- TODO: check
+ NOT-FOR-US: Liferay
CVE-2025-3651 (Improper Verification of Source of a Communication Channel in
Work Des ...)
TODO: check
CVE-2025-3487 (The Forminator Forms \u2013 Contact Form, Payment Form & Custom
Form B ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-3479 (The Forminator Forms \u2013 Contact Form, Payment Form & Custom
Form B ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-3453 (The Password Protected \u2013 Password Protect your WordPress
Site, Pa ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-39596 (Weak Authentication vulnerability in Quentn.com GmbH Quentn WP
allows ...)
TODO: check
CVE-2025-39595 (Improper Neutralization of Special Elements used in an SQL
Command ('S ...)
TODO: check
CVE-2025-39594 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-39588 (Deserialization of Untrusted Data vulnerability in bdthemes
Ultimate S ...)
TODO: check
CVE-2025-39587 (Improper Neutralization of Special Elements used in an SQL
Command ('S ...)
@@ -47,15 +47,15 @@ CVE-2025-39569 (Improper Neutralization of Special Elements
used in an SQL Comma
CVE-2025-39568 (Improper Limitation of a Pathname to a Restricted Directory
('Path Tra ...)
TODO: check
CVE-2025-39567 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-39562 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
TODO: check
CVE-2025-39559 (Missing Authorization vulnerability in Eivin Landa Bring
Fraktguiden f ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-39558 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-39554 (Missing Authorization vulnerability in Elliot Sowersby /
RelyWP AI Tex ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-39551 (Deserialization of Untrusted Data vulnerability in Mahmudul
Hasan Arif ...)
TODO: check
CVE-2025-39550 (Deserialization of Untrusted Data vulnerability in Shahjahan
Jewel Flu ...)
@@ -65,285 +65,285 @@ CVE-2025-39542 (Incorrect Privilege Assignment
vulnerability in Jauhari Xelion X
CVE-2025-39535 (Authentication Bypass Using an Alternate Path or Channel
vulnerability ...)
TODO: check
CVE-2025-39533 (Missing Authorization vulnerability in Starfish Reviews
Starfish Revie ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-39532 (Missing Authorization vulnerability in spicethemes Spice
Blocks allows ...)
TODO: check
CVE-2025-39527 (Deserialization of Untrusted Data vulnerability in bestwebsoft
Rating ...)
TODO: check
CVE-2025-39526 (Improper Control of Filename for Include/Require Statement in
PHP Prog ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-39521 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-39519 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-39464 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-39462 (Improper Control of Filename for Include/Require Statement in
PHP Prog ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-39461 (Improper Control of Filename for Include/Require Statement in
PHP Prog ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-39457 (Missing Authorization vulnerability in magepeopleteam Booking
and Rent ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-39456 (Missing Authorization vulnerability in iTRON WP Logger allows
Exploiti ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-39455 (Cross-Site Request Forgery (CSRF) vulnerability in ip2location
IP2Loca ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-39453 (Cross-Site Request Forgery (CSRF) vulnerability in algol.plus
Advanced ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-39452 (Improper Control of Filename for Include/Require Statement in
PHP Prog ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-39444 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-39443 (Cross-Site Request Forgery (CSRF) vulnerability in Soft8Soft
LLC Verge ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-39442 (Cross-Site Request Forgery (CSRF) vulnerability in
MessageMetric Revie ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-39441 (Cross-Site Request Forgery (CSRF) vulnerability in swedish boy
Dashboa ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-39440 (Cross-Site Request Forgery (CSRF) vulnerability in Rajesh
Broken Links ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-39439 (Exposure of Sensitive System Information to an Unauthorized
Control Sp ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-39438 (Cross-Site Request Forgery (CSRF) vulnerability in momen2009
Theme Cha ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-39437 (Cross-Site Request Forgery (CSRF) vulnerability in Boone
Gorges Anthol ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-39436 (Unrestricted Upload of File with Dangerous Type vulnerability
in aidra ...)
TODO: check
CVE-2025-39435 (Cross-Site Request Forgery (CSRF) vulnerability in davidfcarr
My Margi ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-39434 (Authorization Bypass Through User-Controlled Key vulnerability
in Scot ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-39433 (Cross-Site Request Forgery (CSRF) vulnerability in beke_ro
Bknewsticke ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-39432 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-39431 (Cross-Site Request Forgery (CSRF) vulnerability in Aaron
Forgue Amazon ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-39430 (Cross-Site Request Forgery (CSRF) vulnerability in Alexander
Rauscha m ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-39429 (Improper Control of Filename for Include/Require Statement in
PHP Prog ...)
TODO: check
CVE-2025-39428 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-39427 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-39426 (Cross-Site Request Forgery (CSRF) vulnerability in illow illow
\u2013 ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-39425 (Cross-Site Request Forgery (CSRF) vulnerability in pixelgrade
Style Ma ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-39424 (Cross-Site Request Forgery (CSRF) vulnerability in simplemaps
Simple M ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-39423 (Cross-Site Request Forgery (CSRF) vulnerability in Jenst Add
to Header ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-39422 (Cross-Site Request Forgery (CSRF) vulnerability in PResponsive
WP Soci ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-39421 (Cross-Site Request Forgery (CSRF) vulnerability in Mustafa
KUCUK WP St ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-39420 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-39419 (Cross-Site Request Forgery (CSRF) vulnerability in David
Miller Revisi ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-39418 (Cross-Site Request Forgery (CSRF) vulnerability in ajayver RSS
Manager ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-39417 (Cross-Site Request Forgery (CSRF) vulnerability in Eslam
Mahmoud Redir ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-39416 (Cross-Site Request Forgery (CSRF) vulnerability in Ichi
translit it! a ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-39415 (Cross-Site Request Forgery (CSRF) vulnerability in Jayesh
Parejiya Soc ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-39414 (Cross-Site Request Forgery (CSRF) vulnerability in Mike
spam-stopper a ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-32686 (Deserialization of Untrusted Data vulnerability in WP Speedo
Team Memb ...)
TODO: check
CVE-2025-32682 (Unrestricted Upload of File with Dangerous Type vulnerability
in Roman ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-32674 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-32670 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-32666 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-32665 (Improper Neutralization of Special Elements used in an SQL
Command ('S ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-32662 (Deserialization of Untrusted Data vulnerability in Stylemix
uListing a ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-32660 (Unrestricted Upload of File with Dangerous Type vulnerability
in JoomS ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-32658 (Deserialization of Untrusted Data vulnerability in wpWax
HelpGent allo ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-32655 (Cross-Site Request Forgery (CSRF) vulnerability in DevriX
Restrict Use ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-32653 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-32652 (Unrestricted Upload of File with Dangerous Type vulnerability
in solac ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-32651 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-32649 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-32648 (Incorrect Privilege Assignment vulnerability in Projectopia
Projectopi ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-32647 (Deserialization of Untrusted Data vulnerability in PickPlugins
Questio ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-32646 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-32639 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-32638 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-32637 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-32636 (Improper Neutralization of Special Elements used in an SQL
Command ('S ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-32635 (Insertion of Sensitive Information Into Sent Data
vulnerability in Hiv ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-32634 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-32630 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-32628 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-32626 (Improper Neutralization of Special Elements used in an SQL
Command ('S ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-32625 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-32622 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-32620 (Missing Authorization vulnerability in fromdoppler Doppler
Forms allow ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-32615 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-32613 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-32611 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-32609 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-32608 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-32606 (Cross-Site Request Forgery (CSRF) vulnerability in Deepak
Khokhar List ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-32605 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-32604 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-32602 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-32596 (Improper Control of Generation of Code ('Code Injection')
vulnerabilit ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-32594 (Insertion of Sensitive Information Into Sent Data
vulnerability in WPM ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-32593 (Missing Authorization vulnerability in Bytes Technolab Add
Product Fro ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-32592 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-32590 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-32588 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-32583 (Improper Control of Generation of Code ('Code Injection')
vulnerabilit ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-32582 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-32578 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-32573 (Improper Neutralization of Special Elements used in an SQL
Command ('S ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-32572 (Deserialization of Untrusted Data vulnerability in Climax
Themes Kata ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-32571 (Deserialization of Untrusted Data vulnerability in turitop
TuriTop Boo ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-32566 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-32564 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-32562 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-32561 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-32560 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-32557 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-32554 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-32552 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-32548 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-32546 (Cross-Site Request Forgery (CSRF) vulnerability in gtlwpdev
All push n ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-32545 (Cross-Site Request Forgery (CSRF) vulnerability in SOFTAGON
WooCommerc ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-32544 (Missing Authorization vulnerability in The Right Software
WooCommerce ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-32540 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-32535 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-32533 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-32532 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-32531 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-32530 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-32529 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-32528 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-32527 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-32526 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-32522 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-32521 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-32520 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-32516 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-32515 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-32514 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-32513 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-32512 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-32511 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-32508 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-32507 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-32506 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-32504 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-32490 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
TODO: check
CVE-2025-32415 (In libxml2 before 2.13.8 and 2.14.x before 2.14.2,
xmlSchemaIDCFillNod ...)
TODO: check
CVE-2025-31380 (Weak Password Recovery Mechanism for Forgotten Password
vulnerability ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-31030 (Improper Control of Filename for Include/Require Statement in
PHP Prog ...)
TODO: check
CVE-2025-31018 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-31006 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-2947 (IBM i 7.6 contains a privilege escalation vulnerability due to
incorr ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2025-2197 (Browser is affected by type confusion vulnerability, successful
exploi ...)
TODO: check
CVE-2025-2188 (There is a whitelist mechanism bypass in GameCenter ,successful
exploi ...)
TODO: check
CVE-2025-29931 (A vulnerability has been identified in TeleControl Server
Basic (All v ...)
- TODO: check
+ NOT-FOR-US: Siemens
CVE-2025-29722 (A CSRF vulnerability in Commercify v1.0 allows remote
attackers to per ...)
TODO: check
CVE-2025-29662 (A RCE vulnerability in the core application in LandChat
3.25.12.18 all ...)
@@ -363,7 +363,7 @@ CVE-2025-29046 (Buffer Overflow vulnerability inALFA WiFi
CampPro router ALFA_CA
CVE-2025-29045 (Buffer Overflow vulnerability in ALFA_CAMPRO-co-2.29 allows a
remote a ...)
TODO: check
CVE-2025-29044 (Buffer Overflow vulnerability in Netgear- R61 router V1.0.1.28
allows ...)
- TODO: check
+ NOT-FOR-US: Netgear
CVE-2025-29043 (An issue in dlink DIR 832x 240802 allows a remote attacker to
execute ...)
TODO: check
CVE-2025-29042 (An issue in dlink DIR 832x 240802 allows a remote attacker to
execute ...)
@@ -375,161 +375,161 @@ CVE-2025-29040 (An issue in dlink DIR 832x 240802
allows a remote attacker to ex
CVE-2025-29039 (An issue in dlink DIR 832x 240802 allows a remote attacker to
execute ...)
TODO: check
CVE-2025-29015 (Code Astro Internet Banking System 2.0.0 is vulnerable to
Cross Site S ...)
- TODO: check
+ NOT-FOR-US: CodeAstro
CVE-2025-28101 (An arbitrary file deletion vulnerability in the
/post/{postTitle} comp ...)
TODO: check
CVE-2025-28009 (A SQL Injection vulnerability exists in the `u` parameter of
the progr ...)
TODO: check
CVE-2025-27354 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-27346 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-27345 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-27343 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-27338 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-27337 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-27333 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-27324 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-27322 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-27319 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-27314 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-27313 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-27310 (Missing Authorization vulnerability in Radius of Thought Page
and Post ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-27309 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-27308 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-27302 (Improper Neutralization of Special Elements used in an SQL
Command ('S ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-27299 (Improper Limitation of a Pathname to a Restricted Directory
('Path Tra ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-27295 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-27293 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-27292 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-27291 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-27289 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-27288 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-27287 (Deserialization of Untrusted Data vulnerability in ssvadim SS
Quiz all ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-27286 (Deserialization of Untrusted Data vulnerability in
saoshyant1994 Saosh ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-27285 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-27284 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-27283 (Improper Limitation of a Pathname to a Restricted Directory
('Path Tra ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-27282 (Unrestricted Upload of File with Dangerous Type vulnerability
in rockg ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-26968 (Missing Authorization vulnerability in webbernaut Cloak Front
End Emai ...)
TODO: check
CVE-2025-26478 (Dell ECS version 3.8.1.4 and prior contain an Improper
Certificate Val ...)
- TODO: check
+ NOT-FOR-US: Dell / EMC
CVE-2025-26477 (Dell ECS version 3.8.1.4 and prior contain an Improper Input
Validatio ...)
- TODO: check
+ NOT-FOR-US: Dell / EMC
CVE-2025-26269 (DragonflyDB Dragonfly through 1.28.2 allows authenticated
users to cau ...)
TODO: check
CVE-2025-26268 (DragonflyDB Dragonfly before 1.27.0 allows authenticated users
to caus ...)
TODO: check
CVE-2025-25457 (Tenda AC10 V4.0si_V16.03.10.20 is vulnerable to Buffer
Overflow in Adv ...)
- TODO: check
+ NOT-FOR-US: Tenda
CVE-2025-25455 (Tenda AC10 V4.0si_V16.03.10.20 is vulnerable to Buffer
Overflow in Adv ...)
- TODO: check
+ NOT-FOR-US: Tenda
CVE-2025-25454 (Tenda AC10 V4.0si_V16.03.10.20 is vulnerable to Buffer
Overflow in Adv ...)
- TODO: check
+ NOT-FOR-US: Tenda
CVE-2025-25234 (Omnissa UAG contains a Cross-Origin Resource Sharing (CORS)
bypass vul ...)
TODO: check
CVE-2025-24752 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-24745 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-24737 (Missing Authorization vulnerability in Mat Bao Corporation WP
Helper P ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-24670 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-24655 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-24651 (Insertion of Sensitive Information into Log File vulnerability
in WebT ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-24645 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-24640 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-24637 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-24624 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-24621 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-24619 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-24586 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-24583 (Missing Authorization vulnerability in AA Web Servant 12 Step
Meeting ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-24581 (Missing Authorization vulnerability in Themefic Instantio
allows Explo ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-24577 (Missing Authorization vulnerability in Ays Pro Poll Maker
allows Explo ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-24553 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-24550 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-24548 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-24539 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-23958 (Missing Authorization vulnerability in FADI MED Editor Wysiwyg
Backgro ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-23906 (Missing Authorization vulnerability in wpseek WordPress
Dashboard Twee ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-23858 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-23855 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-23782 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-23773 (Missing Authorization vulnerability in mingocommerce Delete
All Posts ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-23448 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-23443 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-22796 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-22774 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-22771 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-22692 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-22655 (Improper Neutralization of Special Elements used in an SQL
Command ('S ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-22651 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-22636 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-22565 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-22340 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-1532 (Phoneservice module is affected by code injection
vulnerability, succe ...)
TODO: check
CVE-2024-56518 (Hazelcast Management Center through 6.0 allows remote code
execution v ...)
@@ -541,11 +541,11 @@ CVE-2024-55211 (An issue in Think Router Tk-Rt-Wr135G
V3.0.2-X000 allows attacke
CVE-2024-53924 (Pycel through 1.0b30, when operating on an untrusted
spreadsheet, allo ...)
TODO: check
CVE-2024-42177 (HCL MyXalytics is affected by SSL\u2215TLS Protocol affected
with BREA ...)
- TODO: check
+ NOT-FOR-US: HCL
CVE-2024-40124 (Pydio Core <= 8.2.5 is vulnerable to Cross Site Scripting
(XSS) via th ...)
TODO: check
CVE-2024-12530 (Uncontrolled Search Path Element vulnerability in OpenText
Secure Cont ...)
- TODO: check
+ NOT-FOR-US: OpenText
CVE-2021-47671 (In the Linux kernel, the following vulnerability has been
resolved: c ...)
- linux 5.15.3-1
[bullseye] - linux <not-affected> (Vulnerable code not present)
@@ -268247,7 +268247,7 @@ CVE-2022-26325 (Reflected Cross Site Scripting (XSS)
vulnerability in NetIQ Acce
CVE-2022-26324 (Possible XSS in iManager URL for access Component has been
discovered ...)
NOT-FOR-US: NetIQ
CVE-2022-26323 (Incorrect Use of Privileged APIs vulnerability in
OpenText\u2122 Opera ...)
- TODO: check
+ NOT-FOR-US: OpenText
CVE-2022-26322 (Possible Insertion of Sensitive Information into Log File
Vulnerabilit ...)
NOT-FOR-US: NetIQ
CVE-2022-26321
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/adbc4276e440d48e61db861e21c8e02609584f4b
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/adbc4276e440d48e61db861e21c8e02609584f4b
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
