Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
5bc951a6 by Salvatore Bonaccorso at 2025-05-16T22:51:45+02:00
Process some NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -73,45 +73,45 @@ CVE-2025-48146 (Cross-Site Request Forgery (CSRF)
vulnerability in Michael Lups
CVE-2025-48144 (Cross-Site Request Forgery (CSRF) vulnerability in sidngr
Import Expor ...)
NOT-FOR-US: WordPress plugin or theme
CVE-2025-48138 (Missing Authorization vulnerability in berthaai BERTHA AI
allows Explo ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-48137 (Improper Neutralization of Special Elements used in an SQL
Command ('S ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-48136 (Improper Control of Filename for Include/Require Statement in
PHP Prog ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-48135 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-48134 (Deserialization of Untrusted Data vulnerability in
ShapedPlugin LLC WP ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-48132 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-48131 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-48128 (Missing Authorization vulnerability in Sharespine Sharespine
Woocommer ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-48127 (Missing Authorization vulnerability in App Cheap Push
notification for ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-48121 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-48120 (Improper Control of Generation of Code ('Code Injection')
vulnerabilit ...)
NOT-FOR-US: WordPress plugin or theme
CVE-2025-48119 (Improper Control of Generation of Code ('Code Injection')
vulnerabilit ...)
NOT-FOR-US: WordPress plugin or theme
CVE-2025-48117 (Missing Authorization vulnerability in kilbot WooCommerce POS
allows E ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-48116 (Missing Authorization vulnerability in Ashan Perera EventON
allows Acc ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-48115 (Cross-Site Request Forgery (CSRF) vulnerability in Javier
Revilla Vali ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-48114 (Cross-Site Request Forgery (CSRF) vulnerability in Shayan
Farhang Pazh ...)
NOT-FOR-US: WordPress plugin or theme
CVE-2025-48113 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-48112 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
NOT-FOR-US: WordPress plugin or theme
CVE-2025-48080 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-48079 (Missing Authorization vulnerability in Metagauss ProfileGrid
allows E ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-47916 (Invision Community 5.0.0 before 5.0.7 allows remote code
execution via ...)
TODO: check
CVE-2025-47794 (Nextcloud Server is a self hosted personal cloud system. In
Nextcloud ...)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/5bc951a6bf6753a4f03a82b1190f45df4f769215
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/5bc951a6bf6753a4f03a82b1190f45df4f769215
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
