Moritz Muehlenhoff pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
c6089c15 by Moritz Muehlenhoff at 2025-11-27T20:42:17+01:00
NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -58,7 +58,7 @@ CVE-2025-3784 (Cleartext Storage of Sensitive Information
Vulnerability in GX Wo
CVE-2025-34351 (Anyscale Ray 2.52.0 contains an insecure default configuration
in whic ...)
NOT-FOR-US: Ray
CVE-2025-13762 (Improper Input Validation vulnerability in CyberArk CyberArk
Secure We ...)
- TODO: check
+ NOT-FOR-US: CyberArk
CVE-2025-13680 (The Tiger theme for WordPress is vulnerable to Privilege
Escalation in ...)
NOT-FOR-US: WordPress plugin
CVE-2025-13675 (The Tiger theme for WordPress is vulnerable to Privilege
Escalation in ...)
@@ -78,7 +78,7 @@ CVE-2025-13157 (The QODE Wishlist for WooCommerce plugin for
WordPress is vulner
CVE-2025-13143 (The Poll, Survey & Quiz Maker Plugin by Opinion Stage plugin
for WordP ...)
NOT-FOR-US: WordPress plugin
CVE-2025-12758 (Versions of the package validator before 13.15.22 are
vulnerable to In ...)
- TODO: check
+ NOT-FOR-US: Node validator
CVE-2025-12713 (The Soundslides plugin for WordPress is vulnerable to Stored
Cross-Sit ...)
NOT-FOR-US: WordPress plugin
CVE-2025-12712 (The Shouty plugin for WordPress is vulnerable to Stored
Cross-Site Scr ...)
@@ -241,7 +241,7 @@ CVE-2025-12571 (GitLab has remediated an issue in GitLab
CE/EE affecting all ver
CVE-2025-11461 (Multiple SQL Injections in Frappe CRM Dashboard Controller due
to unsa ...)
NOT-FOR-US: Frappe CRM
CVE-2021-4472 (The mistral-dashboard plugin for openstack has a local file
inclusion ...)
- TODO: check
+ NOT-FOR-US: mistral plugin
CVE-2025-9558 (There is a potential OOB Write vulnerability in the
gen_prov_start fun ...)
NOT-FOR-US: Zephyr, different from src:zephyr
CVE-2025-9557 (An out-of-bound write can lead to an arbitrary code execution.
Even on ...)
@@ -630,7 +630,7 @@ CVE-2025-65998 (Apache Syncope can be configured to store
the user password valu
CVE-2025-65503 (Use after free in endpoint destructors in Redboltz async_mqtt
10.2.5 a ...)
NOT-FOR-US: Redboltz async_mqtt
CVE-2025-65502 (Null pointer dereference in add_ca_certs() in Cesanta Mongoose
before ...)
- TODO: check
+ NOT-FOR-US: Cesenta Mongoose
CVE-2025-65501 (Null pointer dereference in coap_dtls_info_callback() in OISM
libcoap ...)
- libcoap3 <unfixed> (bug #1121415)
[trixie] - libcoap3 <no-dsa> (Minor issue)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/c6089c15798f6c05880fabbb56af0655d238191f
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/c6089c15798f6c05880fabbb56af0655d238191f
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
