Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
ed176a5c by Salvatore Bonaccorso at 2025-11-01T09:35:02+01:00
Process some NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -14,7 +14,7 @@ CVE-2025-6988 (The kallyas theme for WordPress is vulnerable
to Stored Cross-Sit
CVE-2025-6574 (The Service Finder Bookings plugin for WordPress is vulnerable
to priv ...)
NOT-FOR-US: WordPress plugin
CVE-2025-63563 (Summer Pearl Group Vacation Rental Management Platform prior
to v1.0.2 ...)
- TODO: check
+ NOT-FOR-US: Summer Pearl Group Vacation Rental Management Platform
CVE-2025-62276 (The Document Library and the Adaptive Media modules in Liferay
Portal ...)
NOT-FOR-US: Liferay
CVE-2025-62275 (Blogs in Liferay Portal 7.4.0 through 7.4.3.111, and older
unsupported ...)
@@ -275,13 +275,13 @@ CVE-2025-34134 (Nagios XI versions prior to 2024R1.4.2
contain a remote code exe
CVE-2025-33003 (IBM InfoSphere Information Server 11.7.0.0 through 11.7.1.6
could allo ...)
NOT-FOR-US: IBM
CVE-2025-30191 (Malicious content from E-Mail can be used to perform a
redressing atta ...)
- TODO: check
+ NOT-FOR-US: OX App Suite
CVE-2025-30188 (Malicious or unintentional API requests can be used to add
significant ...)
- TODO: check
+ NOT-FOR-US: OX App Suite
CVE-2025-29270 (Incorrect access control in the realtime.cgi endpoint of Deep
Sea Elec ...)
- TODO: check
+ NOT-FOR-US: Deep Sea Electronics devices DSE855
CVE-2025-27208 (A reflected Cross-Site Scripting (XSS) vulnerability has been
identifi ...)
- TODO: check
+ NOT-FOR-US: Revive Adserver
CVE-2025-12554 (Missing Security Headers.This issue affects BLU-IC2: through
1.19.5; B ...)
NOT-FOR-US: Azure Access Technology
CVE-2025-12553 (Email Server Certificate Verification Disabled.This issue
affects BLU- ...)
@@ -305,7 +305,7 @@ CVE-2025-12501 (Integer overflow in GameMaker IDE below
2024.14.0 version can le
CVE-2025-12460 (An XSS issue was discovered in Afterlogic Aurora webmail
version 9.8.3 ...)
NOT-FOR-US: Afterlogic Aurora webmail
CVE-2025-12357 (By manipulating the Signal Level Attenuation Characterization
(SLAC) ...)
- TODO: check
+ NOT-FOR-US: EV Car Chargers
CVE-2025-12175 (The The Events Calendar plugin for WordPress is vulnerable to
unauthor ...)
NOT-FOR-US: WordPress plugin
CVE-2025-12115 (The WPC Name Your Price for WooCommerce plugin for WordPress
is vulner ...)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/ed176a5cb0d0040860e3100f8b02478c2e423526
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/ed176a5cb0d0040860e3100f8b02478c2e423526
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
