Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
b29fcb48 by security tracker role at 2025-09-12T08:12:45+00:00
automatic NOT-FOR-US entries update
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,17 +1,17 @@
CVE-2025-9881 (The Ultimate Blogroll plugin for WordPress is vulnerable to
Cross-Site ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-9880 (The Side Slide Responsive Menu plugin for WordPress is
vulnerable to C ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-9879 (The Spotify Embed Creator plugin for WordPress is vulnerable to
Stored ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-9877 (The Embed Google Datastudio plugin for WordPress is vulnerable
to Stor ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-9807 (The The Events Calendar plugin for WordPress is vulnerable to
time-bas ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-8575 (The LWS Cleaner plugin for WordPress is vulnerable to arbitrary
file d ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-8280 (The Contact Form 7 reCAPTCHA WordPress plugin through 1.2.0
does not e ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-58781 (WTW-EAGLE App does not properly validate server certificates,
which ma ...)
TODO: check
CVE-2025-58754 (Axios is a promise based HTTP client for the browser and
Node.js. When ...)
@@ -21,17 +21,17 @@ CVE-2025-55319 (Ai command injection in Agentic AI and
Visual Studio Code allows
CVE-2025-4974
REJECTED
CVE-2025-43789 (JSON Web Services in Liferay Portal 7.4.0 through 7.4.3.119,
and Lifer ...)
- TODO: check
+ NOT-FOR-US: Liferay
CVE-2025-43788 (The organization selector in Liferay Portal 7.4.0 through
7.4.3.124, a ...)
- TODO: check
+ NOT-FOR-US: Liferay
CVE-2025-3650 (The jQuery Colorbox WordPress plugin through 4.6.3 uses the
colorbox l ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-36222 (IBM Fusion 2.2.0 through 2.10.1, IBM Fusion HCI 2.2.0 through
2.10.0, ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2025-21043 (Out-of-bounds write in libimagecodec.quram.so prior to SMR
Sep-2025 Re ...)
- TODO: check
+ NOT-FOR-US: Samsung Mobile
CVE-2025-21042 (Out-of-bounds write in libimagecodec.quram.so prior to SMR
Apr-2025 Re ...)
- TODO: check
+ NOT-FOR-US: Samsung Mobile
CVE-2025-10298
REJECTED
CVE-2025-10291 (A weakness has been identified in linlinjava litemall up to
1.8.0. Thi ...)
@@ -57,7 +57,7 @@ CVE-2025-10272 (A vulnerability was determined in erjinzhi
10OA 1.0. Affected is
CVE-2025-10271 (A vulnerability was found in erjinzhi 10OA 1.0. This impacts
an unknow ...)
TODO: check
CVE-2025-10269 (The Spirit Framework plugin for WordPress is vulnerable to
Local File ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-9319 (A potential vulnerability was reported in the Lenovo Wallpaper
Client ...)
NOT-FOR-US: Lenovo
CVE-2025-9214 (A missing authentication vulnerability was reported in some
Lenovo pri ...)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/b29fcb484080645194b93dc7c03e21815be2984f
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/b29fcb484080645194b93dc7c03e21815be2984f
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
