Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
5ec3b70d by security tracker role at 2025-11-27T08:13:36+00:00
automatic NOT-FOR-US entries update
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,7 +1,7 @@
CVE-2025-7820 (The SKT PayPal for WooCommerce plugin for WordPress is
vulnerable to P ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-66314 (Improper Privilege Management vulnerability in ZTE ElasticNet
UME R32 ...)
- TODO: check
+ NOT-FOR-US: ZTE
CVE-2025-66040 (Spotipy is a Python library for the Spotify Web API. Prior to
version ...)
TODO: check
CVE-2025-66035 (Angular is a development platform for building mobile and
desktop web ...)
@@ -11,7 +11,7 @@ CVE-2025-66031 (Forge (also called `node-forge`) is a native
implementation of T
CVE-2025-66030 (Forge (also called `node-forge`) is a native implementation of
Transpo ...)
TODO: check
CVE-2025-65202 (TRENDnet TEW-657BRM 1.00.1 has an authenticated remote OS
command inje ...)
- TODO: check
+ NOT-FOR-US: TRENDnet
CVE-2025-64344 (Suricata is a network IDS, IPS and NSM engine developed by the
OISF (O ...)
TODO: check
CVE-2025-64335 (Suricata is a network IDS, IPS and NSM engine developed by the
OISF (O ...)
@@ -29,59 +29,59 @@ CVE-2025-64330 (Suricata is a network IDS, IPS and NSM
engine developed by the O
CVE-2025-62593 (Ray is an AI compute engine. Prior to version 2.52.0,
developers worki ...)
TODO: check
CVE-2025-3784 (Cleartext Storage of Sensitive Information Vulnerability in GX
Works2 ...)
- TODO: check
+ NOT-FOR-US: Mitsubishi
CVE-2025-34351 (Anyscale Ray 2.52.0 contains an insecure default configuration
in whic ...)
TODO: check
CVE-2025-13762 (Improper Input Validation vulnerability in CyberArk CyberArk
Secure We ...)
TODO: check
CVE-2025-13680 (The Tiger theme for WordPress is vulnerable to Privilege
Escalation in ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-13675 (The Tiger theme for WordPress is vulnerable to Privilege
Escalation in ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-13540 (The Tiare Membership plugin for WordPress is vulnerable to
Privilege E ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-13539 (The FindAll Membership plugin for WordPress is vulnerable to
Authentic ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-13538 (The FindAll Listing plugin for WordPress is vulnerable to
Privilege Es ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-13525 (The WP Directory Kit plugin for WordPress is vulnerable to
Reflected C ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-13441 (The Hide Category by User Role for WooCommerce plugin for
WordPress is ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-13157 (The QODE Wishlist for WooCommerce plugin for WordPress is
vulnerable t ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-13143 (The Poll, Survey & Quiz Maker Plugin by Opinion Stage plugin
for WordP ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-12758 (Versions of the package validator before 13.15.22 are
vulnerable to In ...)
TODO: check
CVE-2025-12713 (The Soundslides plugin for WordPress is vulnerable to Stored
Cross-Sit ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-12712 (The Shouty plugin for WordPress is vulnerable to Stored
Cross-Site Scr ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-12670 (The wp-twitpic plugin for WordPress is vulnerable to Stored
Cross-Site ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-12666 (The Google Drive upload and download link plugin for WordPress
is vuln ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-12649 (The SortTable Post plugin for WordPress is vulnerable to
Stored Cross- ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-12579 (The Reuters Direct plugin for WordPress is vulnerable to
unauthorized ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-12578 (The Reuters Direct plugin for WordPress is vulnerable to
Cross-Site Re ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-12185 (The StaffList plugin for WordPress is vulnerable to Stored
Cross-Site ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-12151 (The Simple Folio plugin for WordPress is vulnerable to Stored
Cross-Si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-12123 (The Customer Reviews Collector for WooCommerce plugin for
WordPress is ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-0658 (A vulnerability in Automated Logic and Carrier's Zone
Controllervia BA ...)
- TODO: check
+ NOT-FOR-US: Carrier Global
CVE-2025-0657 (A weakness in Automated Logic and Carrier i-Vu Gen5 router on
driver ...)
- TODO: check
+ NOT-FOR-US: Carrier Global
CVE-2024-5540 (The reflective cross-site scripting vulnerability found in ALC
WebCTRL ...)
- TODO: check
+ NOT-FOR-US: Carrier Global
CVE-2024-5539 (The Access Control Bypass vulnerability found in ALC WebCTRL
and Carri ...)
- TODO: check
+ NOT-FOR-US: Carrier Global
CVE-2020-36874 (ACE SECURITY WIP-90113 HD cameras contain an unauthenticated
configura ...)
TODO: check
CVE-2020-36873 (Astak CM-818T3 2.4GHz wireless security surveillance cameras
contain a ...)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/5ec3b70d6755f12e76aec17e05d8c1672b8ef86f
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/5ec3b70d6755f12e76aec17e05d8c1672b8ef86f
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
