Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
940ce197 by security tracker role at 2025-06-06T20:12:17+00:00
automatic update
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,10 +1,544 @@
-CVE-2025-38002 [io_uring/fdinfo: grab ctx->uring_lock around
io_uring_show_fdinfo()]
+CVE-2025-5806 (Jenkins Gatling Plugin 136.vb_9009b_3d33a_e serves Gatling
reports in ...)
+ TODO: check
+CVE-2025-5799 (A vulnerability was found in Tenda AC8 16.03.34.09. It has been
declar ...)
+ TODO: check
+CVE-2025-5798 (A vulnerability was found in Tenda AC8 16.03.34.09. It has been
classi ...)
+ TODO: check
+CVE-2025-5797 (A vulnerability was found in Laundry Laundry System 1.0 and
classified ...)
+ TODO: check
+CVE-2025-5796 (A vulnerability has been found in code-projects Laundry System
1.0 and ...)
+ TODO: check
+CVE-2025-5795 (A vulnerability, which was classified as critical, was found in
Tenda ...)
+ TODO: check
+CVE-2025-5794 (A vulnerability, which was classified as critical, has been
found in T ...)
+ TODO: check
+CVE-2025-5793 (A vulnerability, which was classified as critical, was found in
TOTOLI ...)
+ TODO: check
+CVE-2025-5792 (A vulnerability, which was classified as critical, has been
found in T ...)
+ TODO: check
+CVE-2025-5791 (A flaw was found in the user's crate for Rust. This
vulnerability allo ...)
+ TODO: check
+CVE-2025-5790 (A vulnerability classified as critical was found in TOTOLINK
X15 1.0.0 ...)
+ TODO: check
+CVE-2025-5789 (A vulnerability classified as critical has been found in
TOTOLINK X15 ...)
+ TODO: check
+CVE-2025-5788 (A vulnerability was found in TOTOLINK X15 1.0.0-B20230714.1105.
It has ...)
+ TODO: check
+CVE-2025-5787 (A vulnerability was found in TOTOLINK X15 1.0.0-B20230714.1105.
It has ...)
+ TODO: check
+CVE-2025-5786 (A vulnerability was found in TOTOLINK X15 1.0.0-B20230714.1105.
It has ...)
+ TODO: check
+CVE-2025-5785 (A vulnerability was found in TOTOLINK X15 1.0.0-B20230714.1105
and cla ...)
+ TODO: check
+CVE-2025-5784 (A vulnerability has been found in PHPGurukul Employee Record
Managemen ...)
+ TODO: check
+CVE-2025-5783 (A vulnerability, which was classified as critical, was found in
PHPGur ...)
+ TODO: check
+CVE-2025-5782 (A vulnerability, which was classified as critical, has been
found in P ...)
+ TODO: check
+CVE-2025-5780 (A vulnerability was found in code-projects Patient Record
Management S ...)
+ TODO: check
+CVE-2025-5779 (A vulnerability has been found in code-projects Patient Record
Managem ...)
+ TODO: check
+CVE-2025-5778 (A vulnerability, which was classified as critical, was found in
1000 P ...)
+ TODO: check
+CVE-2025-5766 (A vulnerability was found in code-projects Laundry System 1.0.
It has ...)
+ TODO: check
+CVE-2025-5765 (A vulnerability was found in code-projects Laundry System 1.0.
It has ...)
+ TODO: check
+CVE-2025-5764 (A vulnerability was found in code-projects Laundry System 1.0
and clas ...)
+ TODO: check
+CVE-2025-5763 (A vulnerability has been found in Tenda CP3 11.10.00.2311090948
and cl ...)
+ TODO: check
+CVE-2025-5762 (A vulnerability, which was classified as critical, was found in
code-p ...)
+ TODO: check
+CVE-2025-5761 (A vulnerability, which was classified as critical, has been
found in P ...)
+ TODO: check
+CVE-2025-5760 (The Simple History plugin for WordPress is vulnerable to
sensitive dat ...)
+ TODO: check
+CVE-2025-5759 (A vulnerability classified as critical was found in PHPGurukul
Local S ...)
+ TODO: check
+CVE-2025-5758 (A vulnerability classified as critical has been found in
SourceCodeste ...)
+ TODO: check
+CVE-2025-5757 (A vulnerability was found in code-projects Traffic Offense
Reporting S ...)
+ TODO: check
+CVE-2025-5756 (A vulnerability was found in code-projects Real Estate Property
Manage ...)
+ TODO: check
+CVE-2025-5755 (A vulnerability was found in SourceCodester Open Source Clinic
Managem ...)
+ TODO: check
+CVE-2025-5751 (WOLFBOX Level 2 EV Charger Management Card Hard-coded
Credentials Auth ...)
+ TODO: check
+CVE-2025-5750 (WOLFBOX Level 2 EV Charger tuya_svc_devos_activate_result_parse
Heap-b ...)
+ TODO: check
+CVE-2025-5749 (WOLFBOX Level 2 EV Charger BLE Encryption Keys Uninitialized
Variable ...)
+ TODO: check
+CVE-2025-5748 (WOLFBOX Level 2 EV Charger LAN OTA Exposed Dangerous Method
Remote Cod ...)
+ TODO: check
+CVE-2025-5747 (WOLFBOX Level 2 EV Charger MCU Command Parsing
Misinterpretation of In ...)
+ TODO: check
+CVE-2025-5739 (A vulnerability classified as critical has been found in
TOTOLINK X15 ...)
+ TODO: check
+CVE-2025-5738 (A vulnerability was found in TOTOLINK X15 1.0.0-B20230714.1105.
It has ...)
+ TODO: check
+CVE-2025-5737 (A vulnerability was found in TOTOLINK X15 1.0.0-B20230714.1105.
It has ...)
+ TODO: check
+CVE-2025-5481 (Sante DICOM Viewer Pro DCM File Parsing Out-Of-Bounds Write
Remote Cod ...)
+ TODO: check
+CVE-2025-5480 (Action1 Uncontrolled Search Path Element Local Privilege
Escalation Vu ...)
+ TODO: check
+CVE-2025-5474 (2BrightSparks SyncBackFree Link Following Local Privilege
Escalation V ...)
+ TODO: check
+CVE-2025-5473 (GIMP ICO File Parsing Integer Overflow Remote Code Execution
Vulnerabi ...)
+ TODO: check
+CVE-2025-5239 (The Domain For Sale plugin for WordPress is vulnerable to
Stored Cross ...)
+ TODO: check
+CVE-2025-5192 (A missing authentication for critical function vulnerability in
the cl ...)
+ TODO: check
+CVE-2025-49599 (Huawei EG8141A5 devices through V5R019C00S100, EG8145V5
devices throug ...)
+ TODO: check
+CVE-2025-49453 (Cross-Site Request Forgery (CSRF) vulnerability in Jatinder
Pal Singh ...)
+ TODO: check
+CVE-2025-49450 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
+ TODO: check
+CVE-2025-49449 (Cross-Site Request Forgery (CSRF) vulnerability in WP Map
Plugins Inte ...)
+ TODO: check
+CVE-2025-49446 (Cross-Site Request Forgery (CSRF) vulnerability in minhlaobao
Admin No ...)
+ TODO: check
+CVE-2025-49445 (Cross-Site Request Forgery (CSRF) vulnerability in WP Map
Plugins Inte ...)
+ TODO: check
+CVE-2025-49443 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
+ TODO: check
+CVE-2025-49442 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
+ TODO: check
+CVE-2025-49441 (Missing Authorization vulnerability in WP Map Plugins
Interactive Regi ...)
+ TODO: check
+CVE-2025-49440 (Cross-Site Request Forgery (CSRF) vulnerability in Vuong
Nguyen WP Sec ...)
+ TODO: check
+CVE-2025-49439 (Cross-Site Request Forgery (CSRF) vulnerability in
mariusz88atelierweb ...)
+ TODO: check
+CVE-2025-49435 (Cross-Site Request Forgery (CSRF) vulnerability in Hasina77 Wp
Easy Al ...)
+ TODO: check
+CVE-2025-49429 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
+ TODO: check
+CVE-2025-49427 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
+ TODO: check
+CVE-2025-49425 (Cross-Site Request Forgery (CSRF) vulnerability in Adrian
Hanft Konami ...)
+ TODO: check
+CVE-2025-49421 (Improper Neutralization of Special Elements used in an SQL
Command ('S ...)
+ TODO: check
+CVE-2025-49419 (Exposure of Sensitive System Information to an Unauthorized
Control Sp ...)
+ TODO: check
+CVE-2025-49333 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
+ TODO: check
+CVE-2025-49332 (Cross-Site Request Forgery (CSRF) vulnerability in codepeople
WP Time ...)
+ TODO: check
+CVE-2025-49329 (Unrestricted Upload of File with Dangerous Type vulnerability
in Agile ...)
+ TODO: check
+CVE-2025-49328 (Improper Neutralization of Special Elements used in an SQL
Command ('S ...)
+ TODO: check
+CVE-2025-49327 (Improper Neutralization of Special Elements used in an SQL
Command ('S ...)
+ TODO: check
+CVE-2025-49326 (Improper Neutralization of Special Elements used in an SQL
Command ('S ...)
+ TODO: check
+CVE-2025-49325 (URL Redirection to Untrusted Site ('Open Redirect')
vulnerability in A ...)
+ TODO: check
+CVE-2025-49324 (Missing Authorization vulnerability in PickPlugins Job Board
Manager a ...)
+ TODO: check
+CVE-2025-49323 (Improper Neutralization of Special Elements used in an SQL
Command ('S ...)
+ TODO: check
+CVE-2025-49322 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
+ TODO: check
+CVE-2025-49320 (Missing Authorization vulnerability in fraudlabspro FraudLabs
Pro for ...)
+ TODO: check
+CVE-2025-49318 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
+ TODO: check
+CVE-2025-49317 (Cross-Site Request Forgery (CSRF) vulnerability in NTC WP Page
Loading ...)
+ TODO: check
+CVE-2025-49315 (Improper Neutralization of Special Elements used in an SQL
Command ('S ...)
+ TODO: check
+CVE-2025-49314 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
+ TODO: check
+CVE-2025-49313 (Improper Control of Filename for Include/Require Statement in
PHP Prog ...)
+ TODO: check
+CVE-2025-49311 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
+ TODO: check
+CVE-2025-49310 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
+ TODO: check
+CVE-2025-49309 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
+ TODO: check
+CVE-2025-49308 (Improper Control of Filename for Include/Require Statement in
PHP Prog ...)
+ TODO: check
+CVE-2025-49307 (Improper Control of Filename for Include/Require Statement in
PHP Prog ...)
+ TODO: check
+CVE-2025-49306 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
+ TODO: check
+CVE-2025-49305 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
+ TODO: check
+CVE-2025-49304 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
+ TODO: check
+CVE-2025-49301 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
+ TODO: check
+CVE-2025-49299 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
+ TODO: check
+CVE-2025-49298 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
+ TODO: check
+CVE-2025-49294 (Insertion of Sensitive Information Into Sent Data
vulnerability in Cod ...)
+ TODO: check
+CVE-2025-49293 (Missing Authorization vulnerability in CodeRevolution
Crawlomatic Mult ...)
+ TODO: check
+CVE-2025-49292 (Improper Validation of Specified Quantity in Input
vulnerability in Co ...)
+ TODO: check
+CVE-2025-49291 (Cross-Site Request Forgery (CSRF) vulnerability in codepeople
Calculat ...)
+ TODO: check
+CVE-2025-49289 (Missing Authorization vulnerability in add-ons.org PDF for
WPForms all ...)
+ TODO: check
+CVE-2025-49288 (Missing Authorization vulnerability in Rustaurius Ultimate WP
Mail all ...)
+ TODO: check
+CVE-2025-49287 (Missing Authorization vulnerability in WebToffee Product Feed
for WooC ...)
+ TODO: check
+CVE-2025-49286 (Cross-Site Request Forgery (CSRF) vulnerability in WP Table
Builder WP ...)
+ TODO: check
+CVE-2025-49285 (Cross-Site Request Forgery (CSRF) vulnerability in WP Legal
Pages WP C ...)
+ TODO: check
+CVE-2025-49284 (Cross-Site Request Forgery (CSRF) vulnerability in wp-buy WP
Maintenan ...)
+ TODO: check
+CVE-2025-49283 (Cross-Site Request Forgery (CSRF) vulnerability in Matthias
Nordwig An ...)
+ TODO: check
+CVE-2025-49273 (Cross-Site Request Forgery (CSRF) vulnerability in Bill
Minozzi WP Too ...)
+ TODO: check
+CVE-2025-49272 (Missing Authorization vulnerability in sergiotrinity Trinity
Audio all ...)
+ TODO: check
+CVE-2025-49270 (Missing Authorization vulnerability in Mario Peshev WP-CRM
System allo ...)
+ TODO: check
+CVE-2025-49269 (Cross-Site Request Forgery (CSRF) vulnerability in Anton
Vanyukov Mark ...)
+ TODO: check
+CVE-2025-49268 (Missing Authorization vulnerability in Soft8Soft LLC Verge3D
allows Ex ...)
+ TODO: check
+CVE-2025-49263 (Improper Neutralization of Special Elements used in an SQL
Command ('S ...)
+ TODO: check
+CVE-2025-49262 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
+ TODO: check
+CVE-2025-49250 (Improper Control of Generation of Code ('Code Injection')
vulnerabilit ...)
+ TODO: check
+CVE-2025-49248 (Missing Authorization vulnerability in cmoreira Team Showcase
allows E ...)
+ TODO: check
+CVE-2025-49246 (Missing Authorization vulnerability in cmoreira Testimonials
Showcase ...)
+ TODO: check
+CVE-2025-49244 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
+ TODO: check
+CVE-2025-49243 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
+ TODO: check
+CVE-2025-49242 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
+ TODO: check
+CVE-2025-49241 (Missing Authorization vulnerability in bobbingwide oik allows
Exploiti ...)
+ TODO: check
+CVE-2025-49240 (Missing Authorization vulnerability in nK DocsPress allows
Exploiting ...)
+ TODO: check
+CVE-2025-49239 (Cross-Site Request Forgery (CSRF) vulnerability in
tychesoftwares Prin ...)
+ TODO: check
+CVE-2025-49238 (Cross-Site Request Forgery (CSRF) vulnerability in
everestthemes Evere ...)
+ TODO: check
+CVE-2025-49237 (Cross-Site Request Forgery (CSRF) vulnerability in POEditor
POEditor a ...)
+ TODO: check
+CVE-2025-49236 (Missing Authorization vulnerability in raychat Raychat allows
Accessin ...)
+ TODO: check
+CVE-2025-49235 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
+ TODO: check
+CVE-2025-49077 (Cross-Site Request Forgery (CSRF) vulnerability in ThemeHigh
Dynamic P ...)
+ TODO: check
+CVE-2025-49076 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
+ TODO: check
+CVE-2025-49075 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
+ TODO: check
+CVE-2025-49074 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
+ TODO: check
+CVE-2025-49073 (Deserialization of Untrusted Data vulnerability in Axiomthemes
Sweet D ...)
+ TODO: check
+CVE-2025-49072 (Deserialization of Untrusted Data vulnerability in
AncoraThemes Mr. Mu ...)
+ TODO: check
+CVE-2025-49068 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
+ TODO: check
+CVE-2025-49067 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
+ TODO: check
+CVE-2025-49011 (SpiceDB is an open source database for storing and querying
fine-grain ...)
+ TODO: check
+CVE-2025-48784 (A missing authorization vulnerability in Soar Cloud HRD Human
Resource ...)
+ TODO: check
+CVE-2025-48783 (An external control of file name or path vulnerability in the
delete f ...)
+ TODO: check
+CVE-2025-48782 (An unrestricted upload of file with dangerous type
vulnerability in th ...)
+ TODO: check
+CVE-2025-48781 (An external control of file name or path vulnerability in the
download ...)
+ TODO: check
+CVE-2025-48780 (A deserialization of untrusted data vulnerability in the
download file ...)
+ TODO: check
+CVE-2025-48337 (Missing Authorization vulnerability in QuickcabWP
QuickCab.This issue ...)
+ TODO: check
+CVE-2025-48335 (Missing Authorization vulnerability in CyberChimps Responsive
Plus all ...)
+ TODO: check
+CVE-2025-48329 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
+ TODO: check
+CVE-2025-48328 (Cross-Site Request Forgery (CSRF) vulnerability in Daman Jeet
Real Tim ...)
+ TODO: check
+CVE-2025-47950 (CoreDNS is a DNS server that chains plugins. In versions prior
to 1.21 ...)
+ TODO: check
+CVE-2025-47586 (Improper Control of Filename for Include/Require Statement in
PHP Prog ...)
+ TODO: check
+CVE-2025-47584 (Deserialization of Untrusted Data vulnerability in ThemeGoods
Photogra ...)
+ TODO: check
+CVE-2025-41646 (An unauthorized remote attacker can bypass the authentication
of the a ...)
+ TODO: check
+CVE-2025-41367 (Stored Cross-Site Scripting (XSS) vulnerability in IDF
v0.10.0-0C03-03 ...)
+ TODO: check
+CVE-2025-41366 (In IDF v0.10.0-0C03-03 and ZLF v0.10.0-0C03-04, a
configuration error ...)
+ TODO: check
+CVE-2025-41365 (Code injection vulnerability in IDF v0.10.0-0C03-03 and ZLF
v0.10.0-0C ...)
+ TODO: check
+CVE-2025-41364 (Stored Cross-Site Scripting (XSS) vulnerability in IDF
v0.10.0-0C03-03 ...)
+ TODO: check
+CVE-2025-41363 (In IDF v0.10.0-0C03-03 and ZLF v0.10.0-0C03-04, a
configuration error ...)
+ TODO: check
+CVE-2025-41362 (Code injection vulnerability in IDF v0.10.0-0C03-03 and ZLF
v0.10.0-0C ...)
+ TODO: check
+CVE-2025-41361 (Uncontrolled resource consumption vulnerability in IDF
v0.10.0-0C03-03 ...)
+ TODO: check
+CVE-2025-41360 (Uncontrolled resource consumption vulnerability in IDF
v0.10.0-0C03-03 ...)
+ TODO: check
+CVE-2025-3485 (Allegra extractFileFromZip Directory Traversal Remote Code
Execution V ...)
+ TODO: check
+CVE-2025-3365 (A missing protection against path traversal allows to access
any file ...)
+ TODO: check
+CVE-2025-3322 (An improper neutralization of inputs used in expression
language allow ...)
+ TODO: check
+CVE-2025-3321 (A predefined administrative account is not documented and
cannot be de ...)
+ TODO: check
+CVE-2025-39358 (Deserialization of Untrusted Data vulnerability in
Teastudio.Pl WP Pos ...)
+ TODO: check
+CVE-2025-33035 (A path traversal vulnerability has been reported to affect
File Statio ...)
+ TODO: check
+CVE-2025-33031 (An improper certificate validation vulnerability has been
reported to ...)
+ TODO: check
+CVE-2025-31025 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
+ TODO: check
+CVE-2025-31000 (Missing Authorization vulnerability in Miguel Fuentes Payment
QR WooCo ...)
+ TODO: check
+CVE-2025-30999 (Improper Control of Filename for Include/Require Statement in
PHP Prog ...)
+ TODO: check
+CVE-2025-30997 (Server-Side Request Forgery (SSRF) vulnerability in
SmartDataSoft Car ...)
+ TODO: check
+CVE-2025-30995 (Cross-Site Request Forgery (CSRF) vulnerability in OTWthemes
Widgetize ...)
+ TODO: check
+CVE-2025-30994 (Cross-Site Request Forgery (CSRF) vulnerability in Emraan
Cheema CubeW ...)
+ TODO: check
+CVE-2025-30991 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
+ TODO: check
+CVE-2025-30990 (Missing Authorization vulnerability in ThemeHunk ThemeHunk
allows Expl ...)
+ TODO: check
+CVE-2025-30989 (Improper Neutralization of Special Elements used in an SQL
Command ('S ...)
+ TODO: check
+CVE-2025-30986 (Cross-Site Request Forgery (CSRF) vulnerability in
_CreativeMedia_ Eli ...)
+ TODO: check
+CVE-2025-30981 (Cross-Site Request Forgery (CSRF) vulnerability in tggfref
WP-Recall a ...)
+ TODO: check
+CVE-2025-30980 (Cross-Site Request Forgery (CSRF) vulnerability in Alessandro
Piconi S ...)
+ TODO: check
+CVE-2025-30978 (Missing Authorization vulnerability in Dor Zuberi Slack
Notifications ...)
+ TODO: check
+CVE-2025-30977 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
+ TODO: check
+CVE-2025-30976 (Server-Side Request Forgery (SSRF) vulnerability in wpdive
Nexa Blocks ...)
+ TODO: check
+CVE-2025-30974 (Missing Authorization vulnerability in Akhtarujjaman Shuvo
Post Grid M ...)
+ TODO: check
+CVE-2025-30968 (Cross-Site Request Forgery (CSRF) vulnerability in jokerbr313
Advanced ...)
+ TODO: check
+CVE-2025-30958 (Missing Authorization vulnerability in onOffice GmbH onOffice
for WP-W ...)
+ TODO: check
+CVE-2025-30957 (Missing Authorization vulnerability in BuddyDev Activity Plus
Reloaded ...)
+ TODO: check
+CVE-2025-30956 (Cross-Site Request Forgery (CSRF) vulnerability in Booqable
Rental Sof ...)
+ TODO: check
+CVE-2025-30954 (URL Redirection to Untrusted Site ('Open Redirect')
vulnerability in C ...)
+ TODO: check
+CVE-2025-30953 (URL Redirection to Untrusted Site ('Open Redirect')
vulnerability in C ...)
+ TODO: check
+CVE-2025-30952 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
+ TODO: check
+CVE-2025-30951 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
+ TODO: check
+CVE-2025-30950 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
+ TODO: check
+CVE-2025-30948 (Cross-Site Request Forgery (CSRF) vulnerability in Giraphix
Creative L ...)
+ TODO: check
+CVE-2025-30946 (Cross-Site Request Forgery (CSRF) vulnerability in Michael
Cannon Cust ...)
+ TODO: check
+CVE-2025-30945 (Missing Authorization vulnerability in taskbuilder Taskbuilder
allows ...)
+ TODO: check
+CVE-2025-30942 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
+ TODO: check
+CVE-2025-30941 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
+ TODO: check
+CVE-2025-30940 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
+ TODO: check
+CVE-2025-30939 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
+ TODO: check
+CVE-2025-30938 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
+ TODO: check
+CVE-2025-30937 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
+ TODO: check
+CVE-2025-30935 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
+ TODO: check
+CVE-2025-30934 (Missing Authorization vulnerability in OLIVESYSTEM
\u8a3a\u65ad\u30b8\ ...)
+ TODO: check
+CVE-2025-30932 (Missing Authorization vulnerability in WP Compress WP Compress
for Mai ...)
+ TODO: check
+CVE-2025-30931 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
+ TODO: check
+CVE-2025-30930 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
+ TODO: check
+CVE-2025-30928 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
+ TODO: check
+CVE-2025-30927 (Missing Authorization vulnerability in Wordapp Team Wordapp
allows Exp ...)
+ TODO: check
+CVE-2025-30638 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
+ TODO: check
+CVE-2025-30637 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
+ TODO: check
+CVE-2025-30636 (Missing Authorization vulnerability in Ability, Inc
Accessibility Suit ...)
+ TODO: check
+CVE-2025-30634 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
+ TODO: check
+CVE-2025-30632 (Cross-Site Request Forgery (CSRF) vulnerability in pozzad
Global Trans ...)
+ TODO: check
+CVE-2025-30630 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
+ TODO: check
+CVE-2025-30629 (Cross-Site Request Forgery (CSRF) vulnerability in Codehaveli
Bitly UR ...)
+ TODO: check
+CVE-2025-30627 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
+ TODO: check
+CVE-2025-30625 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
+ TODO: check
+CVE-2025-30624 (Missing Authorization vulnerability in WordLift WordLift
allows Exploi ...)
+ TODO: check
+CVE-2025-30279 (An improper certificate validation vulnerability has been
reported to ...)
+ TODO: check
+CVE-2025-2766 (70mai A510 Use of Default Password Authentication Bypass
Vulnerability ...)
+ TODO: check
+CVE-2025-29892 (An SQL injection vulnerability has been reported to affect
Qsync Centr ...)
+ TODO: check
+CVE-2025-29885 (An improper certificate validation vulnerability has been
reported to ...)
+ TODO: check
+CVE-2025-29884 (An improper certificate validation vulnerability has been
reported to ...)
+ TODO: check
+CVE-2025-29883 (An improper certificate validation vulnerability has been
reported to ...)
+ TODO: check
+CVE-2025-29877 (A NULL pointer dereference vulnerability has been reported to
affect F ...)
+ TODO: check
+CVE-2025-29876 (A NULL pointer dereference vulnerability has been reported to
affect F ...)
+ TODO: check
+CVE-2025-29873 (A NULL pointer dereference vulnerability has been reported to
affect F ...)
+ TODO: check
+CVE-2025-29872 (An allocation of resources without limits or throttling
vulnerability ...)
+ TODO: check
+CVE-2025-29871 (An out-of-bounds read vulnerability has been reported to
affect File S ...)
+ TODO: check
+CVE-2025-29013 (Missing Authorization vulnerability in faaiq Custom
Category/Post Type ...)
+ TODO: check
+CVE-2025-29011 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
+ TODO: check
+CVE-2025-29010 (Missing Authorization vulnerability in eleopard Behance
Portfolio Mana ...)
+ TODO: check
+CVE-2025-29008 (Server-Side Request Forgery (SSRF) vulnerability in ShawonPro
SocialMa ...)
+ TODO: check
+CVE-2025-29006 (Missing Authorization vulnerability in centangle Direct
Checkout for W ...)
+ TODO: check
+CVE-2025-29005 (Cross-Site Request Forgery (CSRF) vulnerability in weblizar HR
Managem ...)
+ TODO: check
+CVE-2025-29003 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
+ TODO: check
+CVE-2025-28997 (Missing Authorization vulnerability in EXEIdeas International
WP AutoK ...)
+ TODO: check
+CVE-2025-28996 (Missing Authorization vulnerability in Thad Allender GPP
Slideshow all ...)
+ TODO: check
+CVE-2025-28995 (Missing Authorization vulnerability in viralloops Viral Loops
WP Integ ...)
+ TODO: check
+CVE-2025-28994 (Missing Authorization vulnerability in viralloops Viral Loops
WP Integ ...)
+ TODO: check
+CVE-2025-28989 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
+ TODO: check
+CVE-2025-28986 (Cross-Site Request Forgery (CSRF) vulnerability in
Webaholicson Epicwi ...)
+ TODO: check
+CVE-2025-28985 (Missing Authorization vulnerability in Elastic Email Elastic
Email Sub ...)
+ TODO: check
+CVE-2025-28984 (Cross-Site Request Forgery (CSRF) vulnerability in storepro
Subscripti ...)
+ TODO: check
+CVE-2025-28981 (Cross-Site Request Forgery (CSRF) vulnerability in Soli WP
Mail Option ...)
+ TODO: check
+CVE-2025-28974 (Cross-Site Request Forgery (CSRF) vulnerability in mail250
Free WP Mai ...)
+ TODO: check
+CVE-2025-28966 (Cross-Site Request Forgery (CSRF) vulnerability in dilemma123
Recent P ...)
+ TODO: check
+CVE-2025-28964 (Cross-Site Request Forgery (CSRF) vulnerability in mangup
Personal Fav ...)
+ TODO: check
+CVE-2025-28958 (Cross-Site Request Forgery (CSRF) vulnerability in Vadim
Bogaiskov Bg ...)
+ TODO: check
+CVE-2025-28954 (Cross-Site Request Forgery (CSRF) vulnerability in wphobby
Backwp allo ...)
+ TODO: check
+CVE-2025-28952 (Cross-Site Request Forgery (CSRF) vulnerability in Jonathan
Lau CubePo ...)
+ TODO: check
+CVE-2025-28950 (Cross-Site Request Forgery (CSRF) vulnerability in David
Shabtai Post ...)
+ TODO: check
+CVE-2025-28948 (Cross-Site Request Forgery (CSRF) vulnerability in codedraft
Mediabay ...)
+ TODO: check
+CVE-2025-27360 (Cross-Site Request Forgery (CSRF) vulnerability in WP Corner
Quick Eve ...)
+ TODO: check
+CVE-2025-27359 (Cross-Site Request Forgery (CSRF) vulnerability in Seerox WP
Media Fil ...)
+ TODO: check
+CVE-2025-27334 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
+ TODO: check
+CVE-2025-26593 (Cross-Site Request Forgery (CSRF) vulnerability in
FasterThemes FastBo ...)
+ TODO: check
+CVE-2025-26590 (Improper Neutralization of Special Elements used in an SQL
Command ('S ...)
+ TODO: check
+CVE-2025-24778 (Missing Authorization vulnerability in De paragon No Spam At
All allow ...)
+ TODO: check
+CVE-2025-24776 (Missing Authorization vulnerability in codelobster Responsive
Flipbook ...)
+ TODO: check
+CVE-2025-24772 (Cross-Site Request Forgery (CSRF) vulnerability in cmsMinds
Pay with C ...)
+ TODO: check
+CVE-2025-24763 (Missing Authorization vulnerability in Pascal Casier bbPress
API allow ...)
+ TODO: check
+CVE-2025-24762 (Missing Authorization vulnerability in facturaone TicketBAI
Facturas p ...)
+ TODO: check
+CVE-2025-23971 (Missing Authorization vulnerability in whassan KI Live Video
Conferenc ...)
+ TODO: check
+CVE-2025-23969 (Exposure of Sensitive System Information to an Unauthorized
Control Sp ...)
+ TODO: check
+CVE-2025-22490 (A NULL pointer dereference vulnerability has been reported to
affect F ...)
+ TODO: check
+CVE-2025-22486 (An improper certificate validation vulnerability has been
reported to ...)
+ TODO: check
+CVE-2025-22484 (An allocation of resources without limits or throttling
vulnerability ...)
+ TODO: check
+CVE-2025-22482 (A use of externally-controlled format string vulnerability has
been re ...)
+ TODO: check
+CVE-2025-22481 (A command injection vulnerability has been reported to affect
several ...)
+ TODO: check
+CVE-2024-56805 (A buffer overflow vulnerability has been reported to affect
several QN ...)
+ TODO: check
+CVE-2024-50406 (A cross-site scripting (XSS) vulnerability has been reported
to affect ...)
+ TODO: check
+CVE-2024-13088 (An improper authentication vulnerability has been reported to
affect Q ...)
+ TODO: check
+CVE-2024-13087 (A command injection vulnerability has been reported to affect
QHora. I ...)
+ TODO: check
+CVE-2025-38002 (In the Linux kernel, the following vulnerability has been
resolved: i ...)
- linux <not-affected> (Vulnerable code not present)
NOTE:
https://git.kernel.org/linus/d871198ee431d90f5308d53998c1ba1d5db5619a (6.15-rc7)
-CVE-2025-38001 [net_sched: hfsc: Address reentrant enqueue adding class to
eltree twice]
+CVE-2025-38001 (In the Linux kernel, the following vulnerability has been
resolved: n ...)
- linux <unfixed>
NOTE:
https://git.kernel.org/linus/ac9fe7dd8e730a103ae4481147395cc73492d786
-CVE-2025-38000 [sch_hfsc: Fix qlen accounting bug when using peek in
hfsc_enqueue()]
+CVE-2025-38000 (In the Linux kernel, the following vulnerability has been
resolved: s ...)
- linux <unfixed>
NOTE:
https://git.kernel.org/linus/3f981138109f63232a5fb7165938d4c945cc1b9d (6.15)
CVE-2025-5736 (A vulnerability was found in TOTOLINK X15 1.0.0-B20230714.1105.
It has ...)
@@ -951,7 +1485,7 @@ CVE-2024-47081
NOTE: Testcase:
https://github.com/psf/requests/commit/7bc45877a86192af77645e156eb3744f95b47dae
CVE-2025-46548 (If you enable Basic Authentication in Pekko Management using
the Java ...)
NOT-FOR-US: Apache Pekko Management
-CVE-2025-0620
+CVE-2025-0620 (A flaw was found in Samba. The smbd service daemon does not
pick up gr ...)
- samba 2:4.22.2+dfsg-1 (bug #1107248)
[bookworm] - samba <not-affected> (Vulnerable code not present)
[bullseye] - samba <not-affected> (Vulnerable code not present)
@@ -2401,6 +2935,7 @@ CVE-2025-48796 (A flaw was found in GIMP. The GIMP
ani_load_image() function is
NOTE: Fixed by:
https://gitlab.gnome.org/GNOME/gimp/-/commit/0dc98936a0d9f5a70025f4e9cf321d1118ea500e
(GIMP_2_99_16)
NOTE: Introduced in:
https://gitlab.gnome.org/GNOME/gimp/-/commit/aa51b9e19ece8a8c54a513fe33b6d65abcb0fbfb
(GIMP_2_99_12)
CVE-2025-48797 (A flaw was found in GIMP when processing certain TGA image
files. If a ...)
+ {DSA-5939-1}
- gimp 3.0.0~RC1-4
NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=2368558
NOTE: https://gitlab.gnome.org/GNOME/gimp/-/issues/11822
@@ -2413,6 +2948,7 @@ CVE-2025-48797 (A flaw was found in GIMP when processing
certain TGA image files
NOTE: Fixed by:
https://gitlab.gnome.org/GNOME/gimp/-/commit/d7f0829ae995ca7ca9c64851a1ed03b11702ef1c
(gimp-2-10)
NOTE: Fixed by:
https://gitlab.gnome.org/GNOME/gimp/-/commit/ffb7cad1a402377927bc2dc62dad324ae03cec92
(gimp-2-10)
CVE-2025-48798 (A flaw was found in GIMP when processing XCF image files. If a
user op ...)
+ {DSA-5939-1}
- gimp 3.0.0~RC1-4
NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=2368557
NOTE: https://gitlab.gnome.org/GNOME/gimp/-/issues/11822
@@ -5364,7 +5900,7 @@ CVE-2025-47928 (Spotipy is a Python library for the
Spotify Web API. As of commi
CVE-2025-47809 (Wibu CodeMeter before 8.30a sometimes allows privilege
escalation imme ...)
NOT-FOR-US: Wibu CodeMeter
CVE-2025-47287 (Tornado is a Python web framework and asynchronous networking
library. ...)
- {DLA-4188-1}
+ {DSA-5938-1 DLA-4188-1}
- python-tornado 6.4.2-2 (bug #1105886)
NOTE:
https://github.com/tornadoweb/tornado/security/advisories/GHSA-7cx3-6m66-7c5m
NOTE:
https://github.com/tornadoweb/tornado/commit/b39b892bf78fe8fea01dd45199aa88307e7162f3
@@ -6915,6 +7451,7 @@ CVE-2025-31259 (The issue was addressed with improved
input sanitization. This i
CVE-2025-31258 (This issue was addressed by removing the vulnerable code. This
issue i ...)
NOT-FOR-US: Apple
CVE-2025-31257 (This issue was addressed with improved memory handling. This
issue is ...)
+ {DSA-5937-1}
- webkit2gtk 2.48.2-1
- wpewebkit 2.48.2-1
[bookworm] - wpewebkit <ignored> (wpewebkit not covered by security
support in Bookworm)
@@ -6985,6 +7522,7 @@ CVE-2025-31218 (This issue was addressed by removing the
vulnerable code. This i
CVE-2025-31217 (The issue was addressed with improved input validation. This
issue is ...)
NOT-FOR-US: Apple
CVE-2025-31215 (The issue was addressed with improved checks. This issue is
fixed in w ...)
+ {DSA-5937-1}
- webkit2gtk 2.48.2-1
- wpewebkit 2.48.2-1
[bookworm] - wpewebkit <ignored> (wpewebkit not covered by security
support in Bookworm)
@@ -7005,18 +7543,21 @@ CVE-2025-31208 (The issue was addressed with improved
checks. This issue is fixe
CVE-2025-31207 (A logic issue was addressed with improved checks. This issue
is fixed ...)
NOT-FOR-US: Apple
CVE-2025-31206 (A type confusion issue was addressed with improved state
handling. Thi ...)
+ {DSA-5937-1}
- webkit2gtk 2.48.2-1
- wpewebkit 2.48.2-1
[bookworm] - wpewebkit <ignored> (wpewebkit not covered by security
support in Bookworm)
[bullseye] - wpewebkit <ignored> (wpewebkit >= 2.40 can no longer be
sensibly backported)
NOTE: https://webkitgtk.org/security/WSA-2025-0004.html
CVE-2025-31205 (The issue was addressed with improved checks. This issue is
fixed in w ...)
+ {DSA-5937-1}
- webkit2gtk 2.48.2-1
- wpewebkit 2.48.2-1
[bookworm] - wpewebkit <ignored> (wpewebkit not covered by security
support in Bookworm)
[bullseye] - wpewebkit <ignored> (wpewebkit >= 2.40 can no longer be
sensibly backported)
NOTE: https://webkitgtk.org/security/WSA-2025-0004.html
CVE-2025-31204 (The issue was addressed with improved memory handling. This
issue is f ...)
+ {DSA-5937-1}
- webkit2gtk 2.48.2-1
- wpewebkit 2.48.2-1
[bookworm] - wpewebkit <ignored> (wpewebkit not covered by security
support in Bookworm)
@@ -7055,6 +7596,7 @@ CVE-2025-24258 (A permissions issue was addressed with
additional restrictions.
CVE-2025-24225 (An injection issue was addressed with improved input
validation. This ...)
NOT-FOR-US: Apple
CVE-2025-24223 (The issue was addressed with improved memory handling. This
issue is f ...)
+ {DSA-5937-1}
- webkit2gtk 2.48.2-1
- wpewebkit 2.48.2-1
[bookworm] - wpewebkit <ignored> (wpewebkit not covered by security
support in Bookworm)
@@ -8790,7 +9332,7 @@ CVE-2025-20190 (A vulnerability in the lobby ambassador
web interface of Cisco I
NOT-FOR-US: Cisco
CVE-2025-20189 (A vulnerability in the Cisco Express Forwarding functionality
of Cisco ...)
NOT-FOR-US: Cisco
-CVE-2025-20188 (A vulnerability in the Out-of-Band Access Point (AP) Image
Download fe ...)
+CVE-2025-20188 (A vulnerability in the Out-of-Band Access Point (AP) Image
Download, t ...)
NOT-FOR-US: Cisco
CVE-2025-20187 (A vulnerability in the application data endpoints of Cisco
Catalyst SD ...)
NOT-FOR-US: Cisco
@@ -17263,11 +17805,13 @@ CVE-2024-13874 (The Feedify WordPress plugin before
2.4.6 does not sanitise and
CVE-2024-10894 (The Payment Forms for Paystack plugin for WordPress is
vulnerable to S ...)
NOT-FOR-US: WordPress plugin
CVE-2025-2761 (GIMP FLI File Parsing Out-Of-Bounds Write Remote Code Execution
Vulner ...)
+ {DSA-5939-1}
- gimp 3.0.0-1
NOTE: https://www.zerodayinitiative.com/advisories/ZDI-25-204/
NOTE: https://gitlab.gnome.org/GNOME/gimp/-/issues/13073
NOTE: Fixed by:
https://gitlab.gnome.org/GNOME/gimp/-/commit/0806bc76ca74543d20e1307ccf6aebd26395c56c
(GIMP_3_0_0)
CVE-2025-2760 (GIMP XWD File Parsing Integer Overflow Remote Code Execution
Vulnerabi ...)
+ {DSA-5939-1}
- gimp 3.0.0-1
NOTE: https://www.zerodayinitiative.com/advisories/ZDI-25-203/
NOTE: https://gitlab.gnome.org/GNOME/gimp/-/issues/12790
@@ -30966,7 +31510,7 @@ CVE-2024-13469 (The Pricing Table by PickPlugins plugin
for WordPress is vulnera
NOT-FOR-US: WordPress plugin
CVE-2024-10860 (The NextMove Lite \u2013 Thank You Page for WooCommerce plugin
for Wor ...)
NOT-FOR-US: WordPress plugin
-CVE-2025-27531
+CVE-2025-27531 (Deserialization of Untrusted Data vulnerability in Apache
InLong. Thi ...)
NOT-FOR-US: Apache InLong
CVE-2025-26325 (ShopXO 6.4.0 is vulnerable to File Upload in
ThemeDataService.php.)
NOT-FOR-US: ShopXO
@@ -123482,14 +124026,14 @@ CVE-2023-51791 (Buffer Overflow vulenrability in
Ffmpeg v.N113007-g8d24a28d06 al
NOTE: Fixed in
https://github.com/FFmpeg/FFmpeg/commit/fb54c89a0df3d63198678b17d64aef4dbb599109
(n7.0)
CVE-2023-50260 (Wazuh is a free and open source platform used for threat
prevention, d ...)
NOT-FOR-US: Wazuh
-CVE-2023-50010 (Buffer Overflow vulnerability in Ffmpeg v.n6.1-3-g466799d4f5
allows a ...)
+CVE-2023-50010 (FFmpeg v.n6.1-3-g466799d4f5 allows a buffer over-read at
ff_gradfun_bl ...)
{DSA-5721-1 DSA-5712-1}
[experimental] - ffmpeg 7:7.0-1
- ffmpeg 7:7.0.1-3
[buster] - ffmpeg <postponed> (Pick up when fixed in most related
branch)
NOTE: https://trac.ffmpeg.org/ticket/10702
NOTE:
https://github.com/FFmpeg/FFmpeg/commit/e4d2666bdc3dbd177a81bbf428654a5f2fa3787a
(n7.0)
-CVE-2023-50009 (Buffer Overflow vulnerability in Ffmpeg v.n6.1-3-g466799d4f5
allows a ...)
+CVE-2023-50009 (FFmpeg v.n6.1-3-g466799d4f5 allows a heap-based buffer
overflow via th ...)
[experimental] - ffmpeg 7:7.0-1
- ffmpeg 7:7.0.1-3
[bookworm] - ffmpeg <not-affected> (Vulnerable code introduced later)
@@ -123497,7 +124041,7 @@ CVE-2023-50009 (Buffer Overflow vulnerability in
Ffmpeg v.n6.1-3-g466799d4f5 all
[buster] - ffmpeg <not-affected> (Vulnerable code introduced later)
NOTE:
https://github.com/FFmpeg/FFmpeg/commit/c443658d26d2b8e19901f9507a890e0efca79056
(n7.0)
NOTE: https://trac.ffmpeg.org/ticket/10699
-CVE-2023-50008 (Buffer Overflow vulnerability in Ffmpeg v.n6.1-3-g466799d4f5
allows a ...)
+CVE-2023-50008 (FFmpeg v.n6.1-3-g466799d4f5 allows memory consumption when
using the c ...)
[experimental] - ffmpeg 7:7.0-1
- ffmpeg 7:7.0.1-3
[bookworm] - ffmpeg <postponed> (Pick up when fixed in 5.1.x)
@@ -123505,7 +124049,7 @@ CVE-2023-50008 (Buffer Overflow vulnerability in
Ffmpeg v.n6.1-3-g466799d4f5 all
[buster] - ffmpeg <not-affected> (Vulnerable code not present)
NOTE:
https://github.com/FFmpeg/FFmpeg/commit/5f87a68cf70dafeab2fb89b42e41a4c29053b89b
(n7.0)
NOTE: https://trac.ffmpeg.org/ticket/10701
-CVE-2023-50007 (Buffer Overflow vulnerability in Ffmpeg v.n6.1-3-g466799d4f5
allows a ...)
+CVE-2023-50007 (FFmpeg v.n6.1-3-g466799d4f5 allows an attacker to trigger use
of a par ...)
[experimental] - ffmpeg 7:7.0-1
- ffmpeg 7:7.0.1-3
[bookworm] - ffmpeg <postponed> (Pick up when fixed in 5.1.x)
@@ -140987,7 +141531,7 @@ CVE-2024-24310 (In the module "Generate barcode on
invoice / delivery slip" (ecg
NOT-FOR-US: PrestaShop module
CVE-2024-24309 (In the module "Survey TMA" (ecomiz_survey_tma) up to version
2.0.0 fro ...)
NOT-FOR-US: PrestaShop module
-CVE-2024-22988 (An issue in zkteco zkbio WDMS v.8.0.5 allows an attacker to
execute ar ...)
+CVE-2024-22988 (zkteco zkbio WDMS v.8.0.5 allows an attacker to download a
database ba ...)
NOT-FOR-US: zkteco zkbio WDMS
CVE-2024-22395 (Improper access control vulnerability has been identified in
the SMA10 ...)
NOT-FOR-US: SMA100 SSL-VPN virtual office portal
@@ -203969,24 +204513,24 @@ CVE-2023-26005
RESERVED
CVE-2023-26004
RESERVED
-CVE-2023-26003
- RESERVED
-CVE-2023-26002
- RESERVED
-CVE-2023-26001
- RESERVED
-CVE-2023-26000
- RESERVED
+CVE-2023-26003 (Improper Neutralization of Special Elements used in an SQL
Command ('S ...)
+ TODO: check
+CVE-2023-26002 (Missing Authorization vulnerability in 6Storage 6Storage
Rentals allow ...)
+ TODO: check
+CVE-2023-26001 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
+ TODO: check
+CVE-2023-26000 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
+ TODO: check
CVE-2023-25999
RESERVED
CVE-2023-25998
RESERVED
-CVE-2023-25997
- RESERVED
+CVE-2023-25997 (Missing Authorization vulnerability in SolaPlugins Sola
Support Ticket ...)
+ TODO: check
CVE-2023-25996
RESERVED
-CVE-2023-25995
- RESERVED
+CVE-2023-25995 (Improper Control of Filename for Include/Require Statement in
PHP Prog ...)
+ TODO: check
CVE-2023-25994 (Cross-Site Request Forgery (CSRF) vulnerability in Alex
Benfica Publis ...)
NOT-FOR-US: WordPress plugin
CVE-2023-25993 (Missing Authorization vulnerability in WebberZone Top 10
allows Exploi ...)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/940ce1973f3fb6dc6da41a1b9d7d8f2332d98313
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/940ce1973f3fb6dc6da41a1b9d7d8f2332d98313
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
