Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
16bbf5d0 by security tracker role at 2025-11-27T20:13:35+00:00
automatic NOT-FOR-US entries update
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,11 +1,11 @@
CVE-2025-8890 (Firmware in SDMC NE6037 routers prior to version 7.1.12.2.44has
a netw ...)
TODO: check
CVE-2025-59890 (Improper input sanitization in the file archives upload
functionality ...)
- TODO: check
+ NOT-FOR-US: Eaton
CVE-2025-59454 (In Apache CloudStack, a gap in access control checks affected
the APIs ...)
- TODO: check
+ NOT-FOR-US: Apache software not packaged in Debian
CVE-2025-59302 (In Apache CloudStack improper control of generation of code
('Code In ...)
- TODO: check
+ NOT-FOR-US: Apache software not packaged in Debian
CVE-2025-59026 (Malicious content uploaded as file can be used to execute
script code ...)
TODO: check
CVE-2025-59025 (Malicious e-mail content can be used to execute script code.
Unintende ...)
@@ -19,25 +19,25 @@ CVE-2025-30190 (Malicious content at office documents can
be used to inject scri
CVE-2025-30186 (Malicious content uploaded as file can be used to execute
script code ...)
TODO: check
CVE-2025-13765 (Exposure of email service credentials to users without
administrative ...)
- TODO: check
+ NOT-FOR-US: Devolutions
CVE-2025-13758 (Exposure of credentials in unintended requests in Devolutions
Server.T ...)
- TODO: check
+ NOT-FOR-US: Devolutions
CVE-2025-13757 (SQL Injection vulnerability in last usage logs in Devolutions
Server.T ...)
- TODO: check
+ NOT-FOR-US: Devolutions
CVE-2025-13742 (Emails sent by pretix can utilize placeholders that will be
filled wit ...)
TODO: check
CVE-2025-13692 (The Unlimited Elements For Elementor plugin for WordPress is
vulnerabl ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-13536 (The Blubrry PowerPress plugin for WordPress is vulnerable to
arbitrary ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-13381 (The AI ChatBot with ChatGPT and Content Generator by AYS
plugin for Wo ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-13378 (The AI ChatBot with ChatGPT and Content Generator by AYS
plugin for Wo ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-12971 (The Folders \u2013 Unlimited Folders to Organize Media Library
Folder, ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-12584 (The Quick View for WooCommerce plugin for WordPress is
vulnerable to I ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-12559 (Mattermost versions 11.0.x <= 11.0.2, 10.12.x <= 10.12.1,
10.11.x <= 1 ...)
TODO: check
CVE-2025-12421 (Mattermost versions 11.0.x <= 11.0.2, 10.12.x <= 10.12.1,
10.11.x <= 1 ...)
@@ -47,7 +47,7 @@ CVE-2025-12419 (Mattermost versions 10.12.x <= 10.12.1,
10.11.x <= 10.11.4, 10.5
CVE-2025-12140 (The application contains an insecure 'redirectToUrl' mechanism
that in ...)
TODO: check
CVE-2025-10476 (The WP Fastest Cache plugin for WordPress is vulnerable to
unauthorize ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-7820 (The SKT PayPal for WooCommerce plugin for WordPress is
vulnerable to P ...)
NOT-FOR-US: WordPress plugin
CVE-2025-66314 (Improper Privilege Management vulnerability in ZTE ElasticNet
UME R32 ...)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/16bbf5d0d8db58b87180342956f4a10de8d2398c
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/16bbf5d0d8db58b87180342956f4a10de8d2398c
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
