Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
cfca9567 by Salvatore Bonaccorso at 2025-12-06T09:57:50+01:00
Process some NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,23 +1,23 @@
CVE-2025-8148 (An Improper Access Control in the SFTP service in Fortra's
GoAnywhere ...)
NOT-FOR-US: Fortra
CVE-2025-66629 (HedgeDoc is an open source, real-time, collaborative, markdown
notes a ...)
- TODO: check
+ NOT-FOR-US: HedgeDoc
CVE-2025-34291 (Langflow versions up to and including 1.6.9 contain a chained
vulnerab ...)
- TODO: check
+ NOT-FOR-US: Langflow
CVE-2025-14117 (A vulnerability has been found in fit2cloud Halo 2.21.10.
Impacted is ...)
- TODO: check
+ NOT-FOR-US: fit2cloud Halo
CVE-2025-14116 (A vulnerability was detected in xerrors Yuxi-Know up to 0.4.0.
This vu ...)
- TODO: check
+ NOT-FOR-US: xerrors Yuxi-Know
CVE-2025-14111 (A security vulnerability has been detected in Rarlab RAR App
up to 7.1 ...)
- TODO: check
+ NOT-FOR-US: Rarlab RAR App on Android
CVE-2025-14108 (A weakness has been identified in ZSPACE Q2C NAS up to
1.1.0210050. Af ...)
- TODO: check
+ NOT-FOR-US: ZSPACE Q2C NAS
CVE-2025-14107 (A security flaw has been discovered in ZSPACE Q2C NAS up to
1.1.021005 ...)
- TODO: check
+ NOT-FOR-US: ZSPACE Q2C NAS
CVE-2025-14106 (A vulnerability was identified in ZSPACE Q2C NAS up to
1.1.0210050. Af ...)
- TODO: check
+ NOT-FOR-US: ZSPACE Q2C NAS
CVE-2025-14105 (A vulnerability was determined in TOZED ZLT M30S and ZLT M30S
PRO 1.47 ...)
- TODO: check
+ NOT-FOR-US: TOZED ZLT M30S and ZLT M30S PRO
CVE-2025-13922 (The Tag, Category, and Taxonomy Manager \u2013 AI Autotagger
with Open ...)
NOT-FOR-US: WordPress plugin
CVE-2025-13907 (The CSS3 Buttons plugin for WordPress is vulnerable to Stored
Cross-Si ...)
@@ -47,7 +47,7 @@ CVE-2025-13629 (The WP Landing Page plugin for WordPress is
vulnerable to Cross-
CVE-2025-13626 (The myLCO plugin for WordPress is vulnerable to Reflected
Cross-Site S ...)
NOT-FOR-US: WordPress plugin
CVE-2025-13426 (A vulnerability exists in Google Apigee's JavaCallout policy
https:// ...)
- TODO: check
+ NOT-FOR-US: Apigee
CVE-2025-13377 (The 10Web Booster \u2013 Website speed optimization, Cache &
Page Spee ...)
NOT-FOR-US: WordPress plugin
CVE-2025-13358 (The Accessiy By CodeConfig Accessibility plugin for WordPress
is vulne ...)
@@ -57,7 +57,7 @@ CVE-2025-13309 (The Accessiy By CodeConfig Accessibility
\u2013 Easy One-Click A
CVE-2025-13308 (The Application Passwords plugin for WordPress is vulnerable
to Reflec ...)
NOT-FOR-US: WordPress plugin
CVE-2025-13292 (A vulnerability in Apigee-X allowed an attacker to gain
unauthorized r ...)
- TODO: check
+ NOT-FOR-US: Apigee-X
CVE-2025-13137 (The Live Sales Notification for Woocommerce \u2013 Woomotiv
plugin for ...)
NOT-FOR-US: WordPress plugin
CVE-2025-12721 (The g-FFL Cockpit plugin for WordPress is vulnerable to
Sensitive Info ...)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/cfca956769a273a4cfa2602463e67ddaf554ddef
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/cfca956769a273a4cfa2602463e67ddaf554ddef
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
