Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
a629afbf by security tracker role at 2025-08-28T20:14:23+00:00
automatic NOT-FOR-US entries update
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -11,47 +11,47 @@ CVE-2025-9580 (A security vulnerability has been detected
in LB-LINK BL-X26 1.2.
CVE-2025-9579 (A weakness has been identified in LB-LINK BL-X26 1.2.8. The
impacted e ...)
TODO: check
CVE-2025-9578 (Local privilege escalation due to insecure folder permissions.
The fol ...)
- TODO: check
+ NOT-FOR-US: Acronis
CVE-2025-9577 (A security flaw has been discovered in TOTOLINK X2000R up to
2.0.0. Th ...)
- TODO: check
+ NOT-FOR-US: TOTOLINK
CVE-2025-9576 (A vulnerability was identified in seeedstudio ReSpeaker
LinkIt7688. Im ...)
TODO: check
CVE-2025-9575 (A vulnerability was determined in Linksys RE6250, RE6300,
RE6350, RE65 ...)
- TODO: check
+ NOT-FOR-US: Linksys
CVE-2025-9376 (The Block Bad Bots and Stop Bad Bots Crawlers and Spiders and
Anti Spa ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-9352 (The Pronamic Google Maps plugin for WordPress is vulnerable to
Stored ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-9346 (The Booking Calendar plugin for WordPress is vulnerable to
Stored Cros ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-9345 (The File Manager, Code Editor, and Backup by Managefy plugin
for WordP ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-9344 (The UsersWP \u2013 Front-end login form, User Registration,
User Profi ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-9195 (Improper input validation in firmware of some Solidigm DC
Products may ...)
TODO: check
CVE-2025-8977 (The Simple Download Monitor plugin for WordPress is vulnerable
to time ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-8897 (The Beaver Builder \u2013 WordPress Page Builder plugin for
WordPress ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-8603 (The Unlimited Elements For Elementor plugin for WordPress is
vulnerabl ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-8073 (The Dynamic AJAX Product Filters for WooCommerce plugin for
WordPress ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-7956 (The Ajax Search Lite plugin for WordPress is vulnerable to
Basic Infor ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-7955 (The RingCentral Communications plugin for WordPress is
vulnerable to A ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-7812 (The Video Share VOD \u2013 Turnkey Video Site Builder Script
plugin fo ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-6255 (The Dynamic AJAX Product Filters for WooCommerce plugin for
WordPress ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-6203 (A malicious user may submit a specially-crafted complex payload
that o ...)
TODO: check
CVE-2025-58335 (In JetBrains Junie before 252.284.66, 251.284.66, 243.284.66,
252.284. ...)
- TODO: check
+ NOT-FOR-US: JetBrains
CVE-2025-58334 (In JetBrains IDE Services before 2025.5.0.1086, 2025.4.2.2164
users w ...)
- TODO: check
+ NOT-FOR-US: JetBrains
CVE-2025-58322 (NAVER MYBOX Explorer for Windows before 3.0.8.133 allows a
local attac ...)
TODO: check
CVE-2025-58127 (Improper Certificate Validation in Checkmk Exchange plugin
Dell Powers ...)
@@ -71,7 +71,7 @@ CVE-2025-58072 (Improper limitation of a pathname to a
restricted directory ('Pa
CVE-2025-58059 (Valtimo is a platform for Business Process Automation. In
versions bef ...)
TODO: check
CVE-2025-58049 (XWiki Platform is a generic wiki platform offering runtime
services fo ...)
- TODO: check
+ NOT-FOR-US: XWiki
CVE-2025-58048 (Paymenter is a free and open-source webshop solution for
hostings. Pri ...)
TODO: check
CVE-2025-58047 (Volto is a React based frontend for the Plone Content
Management Syste ...)
@@ -91,19 +91,19 @@ CVE-2025-57757 (Contao is an Open Source CMS. In versions
starting from 5.0.0 an
CVE-2025-57756 (Contao is an Open Source CMS. In versions starting from 4.9.14
and pri ...)
TODO: check
CVE-2025-57220 (An input validation flaw in the 'ate' service of Tenda AC10
v4.0 firmw ...)
- TODO: check
+ NOT-FOR-US: Tenda
CVE-2025-57219 (Incorrect access control in the endpoint /goform/ate of Tenda
AC10 v4. ...)
- TODO: check
+ NOT-FOR-US: Tenda
CVE-2025-57218 (Tenda AC10 v4.0 firmware v16.03.10.09_multi_TDE01 was
discovered to co ...)
- TODO: check
+ NOT-FOR-US: Tenda
CVE-2025-57217 (Tenda AC10 v4.0 firmware v16.03.10.09_multi_TDE01 was
discovered to co ...)
- TODO: check
+ NOT-FOR-US: Tenda
CVE-2025-57215 (Tenda AC10 v4.0 firmware v16.03.10.20 was discovered to
contain a stac ...)
- TODO: check
+ NOT-FOR-US: Tenda
CVE-2025-56236 (FormCms v0.5.5 contains a stored cross-site scripting (XSS)
vulnerabil ...)
TODO: check
CVE-2025-55583 (D-Link DIR-868L B1 router firmware version FW2.05WWB02
contains an una ...)
- TODO: check
+ NOT-FOR-US: D-Link
CVE-2025-55175 (QuickCMS is vulnerable to Reflected XSS via sLangEditparameter
in admi ...)
TODO: check
CVE-2025-54995 (Asterisk is an open source private branch exchange and
telephony toolk ...)
@@ -113,27 +113,27 @@ CVE-2025-54819 (Improper limitation of a pathname to a
restricted directory ('Pa
CVE-2025-54762 (SS1 Ver.16.0.0.10 and earlier (Media version:16.0.0a and
earlier) allo ...)
TODO: check
CVE-2025-54742 (Deserialization of Untrusted Data vulnerability in
magepeopleteam WpEv ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-54738 (Authentication Bypass Using an Alternate Path or Channel
vulnerability ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-54734 (Missing Authorization vulnerability in bPlugins B Slider
allows Exploi ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-54733 (Missing Authorization vulnerability in Miles All Bootstrap
Blocks allo ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-54731 (Improper Control of Generation of Code ('Code Injection')
vulnerabilit ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-54725 (Authentication Bypass Using an Alternate Path or Channel
vulnerability ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-54724 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-54720 (Improper Neutralization of Special Elements used in an SQL
Command ('S ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-54716 (Improper Control of Filename for Include/Require Statement in
PHP Prog ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-54714 (Missing Authorization vulnerability in Dylan James Zephyr
Project Mana ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-54710 (Missing Authorization vulnerability in bPlugins Tiktok Feed
allows Acc ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-54544 (QuickCMS is vulnerable to Stored XSS
viaaDirFilesDescriptionsparameter ...)
TODO: check
CVE-2025-54543 (QuickCMS is vulnerable to Stored XSS
viasDescriptionMetaparameter in p ...)
@@ -145,67 +145,67 @@ CVE-2025-54541 (QuickCMS is vulnerable to Cross-Site
Request Forgery in page del
CVE-2025-54540 (QuickCMS is vulnerable to Reflected XSS viasSortparameter in
admin's p ...)
TODO: check
CVE-2025-54029 (Improper Limitation of a Pathname to a Restricted Directory
('Path Tra ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-53970 (SS1 Ver.16.0.0.10 and earlier (Media version:16.0.0a and
earlier) allo ...)
TODO: check
CVE-2025-53588 (Improper Limitation of a Pathname to a Restricted Directory
('Path Tra ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-53584 (Deserialization of Untrusted Data vulnerability in
emarket-design WP T ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-53583 (Deserialization of Untrusted Data vulnerability in
emarket-design Empl ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-53579 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-53578 (Improper Control of Filename for Include/Require Statement in
PHP Prog ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-53576 (Improper Control of Filename for Include/Require Statement in
PHP Prog ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-53572 (Deserialization of Untrusted Data vulnerability in
emarket-design WP E ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-53396 (Incorrect permission assignment for critical resource issue
exists in ...)
TODO: check
CVE-2025-53337 (Missing Authorization vulnerability in Ashan Perera LifePress
allows E ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-53334 (Improper Control of Filename for Include/Require Statement in
PHP Prog ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-53328 (Improper Control of Filename for Include/Require Statement in
PHP Prog ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-53326 (Improper Control of Filename for Include/Require Statement in
PHP Prog ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-53289 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-53250 (Server-Side Request Forgery (SSRF) vulnerability in Chartbeat
Chartbea ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-53248 (Improper Control of Filename for Include/Require Statement in
PHP Prog ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-53247 (Improper Control of Filename for Include/Require Statement in
PHP Prog ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-53244 (Improper Control of Filename for Include/Require Statement in
PHP Prog ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-53243 (Deserialization of Untrusted Data vulnerability in
emarket-design Empl ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-53230 (Missing Authorization vulnerability in honzat Page Manager for
Element ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-53227 (Improper Control of Filename for Include/Require Statement in
PHP Prog ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-53225 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-53224 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-53223 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-53220 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-53216 (Improper Control of Filename for Include/Require Statement in
PHP Prog ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-53215 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-52761 (Deserialization of Untrusted Data vulnerability in manfcarlo
WP Funnel ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-52460 (Files or directories accessible to external parties issue
exists in SS ...)
TODO: check
CVE-2025-52054 (An issue was discovered in Tenda AC8 v4.0 AC1200 Dual-band
Gigabit Wir ...)
- TODO: check
+ NOT-FOR-US: Tenda
CVE-2025-51972 (A SQL Injection vulnerability exists in the login.php of
PuneethReddyH ...)
TODO: check
CVE-2025-51971 (A reflected Cross-Site Scripting (XSS) vulnerability exists in
registe ...)
@@ -219,115 +219,115 @@ CVE-2025-51967 (A Reflected Cross-site Scripting (XSS)
vulnerability exists in t
CVE-2025-51643 (Meitrack T366G-L GPS Tracker devices contain an SPI flash chip
(Winbon ...)
TODO: check
CVE-2025-49407 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-49405 (Improper Control of Filename for Include/Require Statement in
PHP Prog ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-49404 (Improper Neutralization of Special Elements used in an SQL
Command ('S ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-49402 (Missing Authorization vulnerability in favethemes Houzez CRM
allows Ex ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-49388 (Incorrect Privilege Assignment vulnerability in kamleshyadav
Miraculou ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-49387 (Unrestricted Upload of File with Dangerous Type vulnerability
in add-o ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-49383 (Improper Control of Filename for Include/Require Statement in
PHP Prog ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-48963 (Local privilege escalation due to improper soft link handling.
The fol ...)
- TODO: check
+ NOT-FOR-US: Acronis
CVE-2025-48365 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-48364 (Server-Side Request Forgery (SSRF) vulnerability in vEnCa-X
rajce allo ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-48363 (Cross-Site Request Forgery (CSRF) vulnerability in Metin
Sara\xe7 Popu ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-48362 (Cross-Site Request Forgery (CSRF) vulnerability in Saeed
Sattar Beglou ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-48361 (Insertion of Sensitive Information Into Sent Data
vulnerability in Sae ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-48360 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-48359 (Cross-Site Request Forgery (CSRF) vulnerability in thaihavnn07
ATT You ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-48358 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-48357 (Cross-Site Request Forgery (CSRF) vulnerability in Theme
Century Centu ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-48356 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-48354 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-48353 (Cross-Site Request Forgery (CSRF) vulnerability in dactum
Clickbank Wo ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-48352 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-48351 (Cross-Site Request Forgery (CSRF) vulnerability in
PluginsPoint Kento ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-48350 (Missing Authorization vulnerability in Neuralabz LTD AutoWP
allows Exp ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-48349 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-48348 (Incorrect Privilege Assignment vulnerability in
chandrashekharsahu Sit ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-48347 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-48343 (Cross-Site Request Forgery (CSRF) vulnerability in Aaron
Axelsen WPMU ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-48327 (Missing Authorization vulnerability in inkthemes WP Mailgun
SMTP allow ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-48325 (Cross-Site Request Forgery (CSRF) vulnerability in shmish111
WP Admin ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-48324 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-48323 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-48322 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-48321 (Cross-Site Request Forgery (CSRF) vulnerability in dyiosah
Ultimate tw ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-48320 (Cross-Site Request Forgery (CSRF) vulnerability in cuckoohello
\u767e\ ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-48319 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-48318 (Cross-Site Request Forgery (CSRF) vulnerability in shen2
\u591a\u8bf4\ ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-48316 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-48315 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-48314 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-48313 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-48312 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-48311 (Cross-Site Request Forgery (CSRF) vulnerability in OffClicks
Invisible ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-48310 (Cross-Site Request Forgery (CSRF) vulnerability in
wptableeditor Table ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-48309 (Cross-Site Request Forgery (CSRF) vulnerability in web-able
BetPress a ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-48308 (Cross-Site Request Forgery (CSRF) vulnerability in nonletter
Newslette ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-48307 (Cross-Site Request Forgery (CSRF) vulnerability in kasonzhao
SEO For I ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-48306 (Cross-Site Request Forgery (CSRF) vulnerability in developers
savyour ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-48305 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-48304 (Cross-Site Request Forgery (CSRF) vulnerability in Gary Illyes
Google ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-48110 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-48109 (Cross-Site Request Forgery (CSRF) vulnerability in Xavier
Media XM-Bac ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-48100 (Improper Control of Generation of Code ('Code Injection')
vulnerabilit ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-46409 (Inadequate encryption strength issue exists in SS1
Ver.16.0.0.10 and e ...)
TODO: check
CVE-2025-39496 (Improper Neutralization of Special Elements used in an SQL
Command ('S ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-36003 (IBM Security Verify Governance Identity Manager 10.0.2 could
allow a r ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2025-34523 (A heap-based buffer overflow vulnerability exists in the
exists in the ...)
TODO: check
CVE-2025-34522 (A heap-based buffer overflow vulnerability exists in the input
parsing ...)
@@ -343,23 +343,23 @@ CVE-2025-34162 (An unauthenticated SQL injection
vulnerability exists in the Get
CVE-2025-34160 (AnyShare contains a critical unauthenticated remote code
execution vul ...)
TODO: check
CVE-2025-31979 (A File Upload Validation Bypass vulnerability has been
identified in t ...)
- TODO: check
+ NOT-FOR-US: HCL
CVE-2025-31977 (HCL BigFix SM is affected by cryptographic weakness due to
weak or out ...)
- TODO: check
+ NOT-FOR-US: HCL
CVE-2025-31972 (HCL BigFix SM is affected by a Sensitive Information Exposure
vulnerab ...)
- TODO: check
+ NOT-FOR-US: HCL
CVE-2025-31971 (AIML Solutions for HCL SX is vulnerable to a URL validation
vulnerabil ...)
- TODO: check
+ NOT-FOR-US: HCL
CVE-2025-29364 (spimsimulator spim v9.1.24 and before is vulnerable to Buffer
Overflow ...)
TODO: check
CVE-2025-25010 (Incorrect authorization in Kibana can lead to privilege
escalation via ...)
TODO: check
CVE-2025-0951 (Multiple plugins and/or themes for WordPress by LiquidThemes
are vulne ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-9648 (The WP ULike Pro plugin for WordPress is vulnerable to
arbitrary file ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-49790 (IBM Watson Studio on Cloud Pak for Data 4.0 and 5.0 is
vulnerable to c ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2024-48908 (lychee link checking action checks links in Markdown, HTML,
and text f ...)
TODO: check
CVE-2024-13986 (Nagios XI < 2024R1.3.2 contains a remote code execution
vulnerability ...)
@@ -377,7 +377,7 @@ CVE-2024-13980 (H3C Intelligent Management Center (IMC)
versions up to and inclu
CVE-2024-13979 (A SQL injection vulnerability exists in the St. Joe ERP system
("\u572 ...)
TODO: check
CVE-2024-13807 (The Xagio SEO plugin for WordPress is vulnerable to Sensitive
Informat ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-7309 (A path traversal vulnerability exists in the Dahua Smart Park
Integrat ...)
TODO: check
CVE-2023-7308 (SecGate3600, a network firewall product developed by NSFOCUS,
contains ...)
@@ -385,7 +385,7 @@ CVE-2023-7308 (SecGate3600, a network firewall product
developed by NSFOCUS, con
CVE-2023-7307 (Sangfor Behavior Management System (also referred to as DC
Management ...)
TODO: check
CVE-2018-25115 (Multiple D-Link DIR-series routers, including DIR-110,
DIR-412, DIR-60 ...)
- TODO: check
+ NOT-FOR-US: D-Link
CVE-2025-XXXX [RUSTSEC-2025-0051]
- rust-xcb <unfixed>
NOTE: https://rustsec.org/advisories/RUSTSEC-2025-0051.html
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/a629afbff7e8ddca1a8d77d0b472869260bea5c5
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/a629afbff7e8ddca1a8d77d0b472869260bea5c5
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
