Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
961d8363 by security tracker role at 2025-12-05T08:14:09+00:00
automatic NOT-FOR-US entries update
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,5 +1,5 @@
CVE-2025-6946 (Improper Neutralization of Input During Web Page Generation
(XSS or 'C ...)
- TODO: check
+ NOT-FOR-US: WatchGuard
CVE-2025-66576 (Remote Keyboard Desktop 1.0.1 enables remote attackers to
execute syst ...)
TODO: check
CVE-2025-66575 (VeeVPN 1.6.1 contains an unquoted service path vulnerability
in the Ve ...)
@@ -59,7 +59,7 @@ CVE-2025-65899 (Kalmia CMS version 0.2.0 contains a user
enumeration vulnerabili
CVE-2025-63896 (An issue in the Bluetooth Human Interface Device (HID) of JXL
9 Inch C ...)
TODO: check
CVE-2025-62223 (User interface (ui) misrepresentation of critical information
in Micro ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2025-55948 (This vulnerability fundamentally arises from yzcheng90
X-SpringBoot 6. ...)
TODO: check
CVE-2025-53704 (The password reset mechanism for the Pivot client application
is weak, ...)
@@ -75,65 +75,65 @@ CVE-2025-27935 (The OTP Integration Kit for PingFederate
fails to enforce HTTP m
CVE-2025-27389 (A flaw exists in the verification of application installation
sources ...)
TODO: check
CVE-2025-1910 (The WatchGuard Mobile VPN with SSL Client on Windows allows a
locally ...)
- TODO: check
+ NOT-FOR-US: WatchGuard
CVE-2025-1547 (A stack-based buffer overflow vulnerability [CWE-121] in
WatchGuard Fi ...)
- TODO: check
+ NOT-FOR-US: WatchGuard
CVE-2025-1545 (An XPath Injection vulnerability in WatchGuard Fireware OS may
allow a ...)
- TODO: check
+ NOT-FOR-US: WatchGuard
CVE-2025-14052 (A vulnerability has been found in youlaitech youlai-mall
1.0.0/2.0.0. ...)
TODO: check
CVE-2025-14051 (A flaw has been found in youlaitech youlai-mall 1.0.0/2.0.0.
Affected ...)
TODO: check
CVE-2025-13940 (An Expected Behavior Violation [CWE-440] vulnerability in
WatchGuard F ...)
- TODO: check
+ NOT-FOR-US: WatchGuard
CVE-2025-13939 (Improper Neutralization of Input During Web Page Generation
(XSS or 'C ...)
- TODO: check
+ NOT-FOR-US: WatchGuard
CVE-2025-13938 (Improper Neutralization of Input During Web Page Generation
(XSS or 'C ...)
- TODO: check
+ NOT-FOR-US: WatchGuard
CVE-2025-13937 (Improper Neutralization of Input During Web Page Generation
(XSS or 'C ...)
- TODO: check
+ NOT-FOR-US: WatchGuard
CVE-2025-13936 (Improper Neutralization of Input During Web Page Generation
(XSS or 'C ...)
- TODO: check
+ NOT-FOR-US: WatchGuard
CVE-2025-13932 (The SolisCloud API suffers from a Broken Access Control
vulnerability, ...)
TODO: check
CVE-2025-13860 (The Easy Jump Links Menus plugin for WordPress is vulnerable
to Stored ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-13684 (The ARK Related Posts plugin for WordPress is vulnerable to
Cross-Site ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-13625 (The WP-SOS-Donate Donation Sidebar Plugin for WordPress is
vulnerable ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-13623 (The Twitscription plugin for WordPress is vulnerable to
Reflected Cros ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-13622 (The Jabbernotification plugin for WordPress is vulnerable to
Reflected ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-13621 (The dream gallery plugin for WordPress is vulnerable to
Cross-Site Req ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-13543 (The PostGallery plugin for WordPress is vulnerable to
arbitrary file u ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-13528 (The Feedback Modal for Website plugin for WordPress is
vulnerable to u ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-13515 (The Nouri.sh Newsletter plugin for WordPress is vulnerable to
Reflecte ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-13512 (The CoSign Single Signon plugin for WordPress is vulnerable to
Reflect ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-13494 (The SSP Debug plugin for WordPress is vulnerable to Sensitive
Informat ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-13373 (Advantech iView versions 5.7.05.7057 and prior do not properly
sanitiz ...)
- TODO: check
+ NOT-FOR-US: Advantech
CVE-2025-13362 (The Norby AI plugin for WordPress is vulnerable to Cross-Site
Request ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-13360 (The Quantic Social Image Hover plugin for WordPress is
vulnerable to C ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-13313 (The CRM Memberships plugin for WordPress is vulnerable to
privilege es ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-13312 (The CRM Memberships plugin for WordPress is vulnerable to
unauthorized ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-13144 (The ContentStudio plugin for WordPress is vulnerable to
Cross-Site Req ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-13066 (The Demo Importer Plus plugin for WordPress is vulnerable to
arbitrary ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-13006 (The SurveyFunnel \u2013 Survey Plugin for WordPress plugin for
WordPre ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-12997 (Insecure Direct Object Reference vulnerability in Medtronic
CareLink N ...)
TODO: check
CVE-2025-12996 (Medtronic CareLink Network allows a local attacker with access
to log ...)
@@ -143,67 +143,67 @@ CVE-2025-12995 (Medtronic CareLink Network allows an
unauthenticated remote atta
CVE-2025-12994 (Medtronic CareLink Network allows an unauthenticated remote
attacker t ...)
TODO: check
CVE-2025-12986 (When a WF200/WGM160P device is configured to operate as an
Access Poin ...)
- TODO: check
+ NOT-FOR-US: Silicon Labs
CVE-2025-12850 (The My auctions allegro plugin for WordPress is vulnerable to
SQL Inje ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-12804 (The Booking Calendar plugin for WordPress is vulnerable to
Stored Cros ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-12417 (The SurveyFunnel \u2013 Survey Plugin for WordPress plugin for
WordPre ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-12374 (The Email Verification, Email OTP, Block Spam Email,
Passwordless logi ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-12373 (The Torod \u2013 The smart shipping and delivery portal for
e-shops an ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-12370 (The Takeads plugin for WordPress is vulnerable to
authorization bypass ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-12368 (The Sermon Manager plugin for WordPress is vulnerable to
Stored Cross- ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-12355 (The Payaza plugin for WordPress is vulnerable to unauthorized
modifica ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-12354 (The Live CSS Preview plugin for WordPress is vulnerable to
unauthorize ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-12196 (An Out-of-bounds Write vulnerability in WatchGuard Fireware
OS's CLI c ...)
- TODO: check
+ NOT-FOR-US: WatchGuard
CVE-2025-12195 (An Out-of-bounds Write vulnerability in WatchGuard Fireware
OS's CLI c ...)
- TODO: check
+ NOT-FOR-US: WatchGuard
CVE-2025-12191 (The PDF Catalog for WooCommerce plugin for WordPress is
vulnerable to ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-12190 (The Image Optimizer by wps.sk plugin for WordPress is
vulnerable to Cr ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-12189 (The Bread & Butter: Gate content + Capture leads + Collect
first-party ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-12186 (The Weekly Planner plugin for WordPress is vulnerable to
Stored Cross- ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-12181 (The ContentStudio plugin for WordPress is vulnerable to
arbitrary file ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-12165 (The Webcake \u2013 Landing Page Builder plugin for WordPress
is vulner ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-12163 (The Omnipress plugin for WordPress is vulnerable to Stored
Cross-Site ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-12154 (The Auto Thumbnailer plugin for WordPress is vulnerable to
arbitrary f ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-12153 (The Featured Image via URL plugin for WordPress is vulnerable
to arbit ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-12133 (The EPROLO Dropshipping plugin for WordPress is vulnerable to
unauthor ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-12130 (The WC Vendors \u2013 WooCommerce Multivendor, WooCommerce
Marketplace ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-12128 (The Hide Categories Or Products On Shop Page plugin for
WordPress is v ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-12124 (The FitVids for WordPress plugin for WordPress is vulnerable
to Stored ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-12093 (The Voidek Employee Portal plugin for WordPress is vulnerable
to unaut ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-12026 (An Out-of-bounds Write vulnerability in WatchGuard Fireware
OS\u2019s ...)
- TODO: check
+ NOT-FOR-US: WatchGuard
CVE-2025-11838 (A memory corruption vulnerability in WatchGuard Fireware OS
may allow ...)
- TODO: check
+ NOT-FOR-US: WatchGuard
CVE-2025-11759 (The Backup, Restore and Migrate your sites with XCloner plugin
for Wor ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-10285 (The web interface of the Silicon Labs Simplicity Device
Manager is exp ...)
- TODO: check
+ NOT-FOR-US: Silicon Labs
CVE-2025-10055 (The Time Sheets plugin for WordPress is vulnerable to
Cross-Site Reque ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-58278 (perl2exe <= V30.10C contains an arbitrary code execution
vulnerability ...)
TODO: check
CVE-2024-58277 (R Radio Network FM Transmitter 1.07 allows unauthenticated
attackers t ...)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/961d8363c0843303d84d1a3d5713cbdc9e35dfe9
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/961d8363c0843303d84d1a3d5713cbdc9e35dfe9
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
