Moritz Muehlenhoff pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
acef10d3 by Moritz Muehlenhoff at 2025-07-15T10:44:03+02:00
NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,6 +1,6 @@
CVE-2025-7672 (The improper default setting in JiranSoft CrossEditor4 on
Windows, Lin ...)
TODO: check
-CVE-2025-7367 (The Strong Testimonials plugin for WordPress is vulnerable to
Stored C ...)
+ NOT-FOR-US: JiranSoft CrossEditor4
NOT-FOR-US: WordPress plugin
CVE-2025-7360 (The HT Contact Form Widget For Elementor Page Builder &
Gutenberg Bloc ...)
NOT-FOR-US: WordPress plugin
@@ -15,9 +15,9 @@ CVE-2025-5394 (The Alone \u2013 Charity Multipurpose
Non-profit WordPress Theme
CVE-2025-5393 (The Alone \u2013 Charity Multipurpose Non-profit WordPress
Theme theme ...)
NOT-FOR-US: WordPress plugin
CVE-2025-53891 (The timelineofficial/Time-Line- repository contains the source
code fo ...)
- TODO: check
+ NOT-FOR-US: Time-Line
CVE-2025-53890 (pyload is an open-source Download Manager written in pure
Python. An u ...)
- TODO: check
+ - pyload <itp> (bug #1001980)
CVE-2025-53889 (Directus is a real-time API and App dashboard for managing SQL
databas ...)
NOT-FOR-US: Directus
CVE-2025-53887 (Directus is a real-time API and App dashboard for managing SQL
databas ...)
@@ -27,17 +27,17 @@ CVE-2025-53886 (Directus is a real-time API and App
dashboard for managing SQL d
CVE-2025-53885 (Directus is a real-time API and App dashboard for managing SQL
databas ...)
NOT-FOR-US: Directus
CVE-2025-53839 (DRACOON is a file sharing service, and the DRACOON Branding
Service al ...)
- TODO: check
+ NOT-FOR-US: DRACOON
CVE-2025-53836 (XWiki Rendering is a generic rendering system that converts
textual in ...)
NOT-FOR-US: XWiki
CVE-2025-53835 (XWiki Rendering is a generic rendering system that converts
textual in ...)
NOT-FOR-US: XWiki
CVE-2025-53834 (Caido is a web security auditing toolkit. A reflected
cross-site scrip ...)
- TODO: check
+ NOT-FOR-US: Caido
CVE-2025-53833 (LaRecipe is an application that allows users to create
documentation w ...)
- TODO: check
+ NOT-FOR-US: LaRecipe
CVE-2025-53825 (Dokploy is a free, self-hostable Platform as a Service (PaaS).
Prior t ...)
- TODO: check
+ NOT-FOR-US: Dokploy
CVE-2025-53824 (WeGIA is an open source web manager with a focus on the
Portuguese lan ...)
NOT-FOR-US: WeGIA
CVE-2025-53823 (WeGIA is an open source web manager with a focus on the
Portuguese lan ...)
@@ -51,11 +51,11 @@ CVE-2025-53820 (WeGIA is an open source web manager with a
focus on the Portugue
CVE-2025-53819 (Nix is a package manager for Linux and other Unix systems.
Builds with ...)
TODO: check
CVE-2025-53818 (GitHub Kanban MCP Server is a Model Context Protocol (MCP)
server for ...)
- TODO: check
+ NOT-FOR-US: GitHub Kanban MCP Server
CVE-2025-53640 (Indico is an event management system that uses
Flask-Multipass, a mult ...)
- TODO: check
+ NOT-FOR-US: Indico
CVE-2025-3621 (Vulnerabilities* in ActADUR local server product, developed and
mainta ...)
- TODO: check
+ NOT-FOR-US: ActADUR
CVE-2025-53643 (AIOHTTP is an asynchronous HTTP client/server framework for
asyncio an ...)
- python-aiohttp <unfixed>
NOTE:
https://github.com/aio-libs/aiohttp/security/advisories/GHSA-9548-qrrj-x5pj
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/acef10d3625438fcbd2e198338ac9dd2002c1bd0
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/acef10d3625438fcbd2e198338ac9dd2002c1bd0
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
