Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
2b3bd781 by security tracker role at 2025-11-07T08:14:11+00:00
automatic NOT-FOR-US entries update
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -41,7 +41,7 @@ CVE-2025-64173 (Apollo Router Core is a configurable graph
router written in Rus
CVE-2025-62630 (Due to insufficient sanitization, an attacker can upload a
specially ...)
TODO: check
CVE-2025-5483 (The LC Wizard plugin for WordPress is vulnerable to Privilege
Escalati ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-59171 (Due to insufficient sanitization, an attacker can upload a
specially ...)
TODO: check
CVE-2025-58423 (Due to insufficient sanitization, an attacker can upload a
specially ...)
@@ -49,19 +49,19 @@ CVE-2025-58423 (Due to insufficient sanitization, an
attacker can upload a speci
CVE-2025-52662 (A vulnerability in Nuxt DevTools has been fixed in version
**2.6.4***. ...)
TODO: check
CVE-2025-4522 (The IDonate \u2013 Blood Donation, Request And Donor Management
System ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-4519 (The IDonate \u2013 Blood Donation, Request And Donor Management
System ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-48985 (A vulnerability in Vercel\u2019s AI SDK has been fixed in
versions 5.0 ...)
TODO: check
CVE-2025-33110 (IBM OpenPages 9.1, and 9.0 with Watson is vulnerable to HTML
injection ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2025-12636 (The Ubia camera ecosystem fails to adequately secure API
credentials, ...)
TODO: check
CVE-2025-12527 (The Page & Post Notes plugin for WordPress is vulnerable to
unauthoriz ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-12520 (The WP Airbnb Review Slider plugin for WordPress is vulnerable
to Stor ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-12490 (Netgate pfSense CE Suricata Path Traversal Remote Code
Execution Vulne ...)
TODO: check
CVE-2025-12489 (evernote-mcp-server openBrowser Command Injection Privilege
Escalation ...)
@@ -73,7 +73,7 @@ CVE-2025-12487 (oobabooga text-generation-webui
trust_remote_code Reliance on Un
CVE-2025-12486 (Heimdall Data Database Proxy Cross-Site Scripting Remote Code
Executio ...)
TODO: check
CVE-2025-12352 (The Gravity Forms plugin for WordPress is vulnerable to
arbitrary file ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-11546 (CLUSTERPRO X for Linux 4.0, 4.1, 4.2, 5.0, 5.1 and 5.2 and
EXPRESSCLUS ...)
TODO: check
CVE-2025-12790 (A flaw was found in Rubygem MQTT. By default, the package used
to not ...)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/2b3bd781fbb5bd4794c69e03d5819da956cefc64
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/2b3bd781fbb5bd4794c69e03d5819da956cefc64
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
