Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
08d8359e by security tracker role at 2025-12-09T20:13:48+00:00
automatic NOT-FOR-US entries update
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,5 +1,5 @@
CVE-2025-9638 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: Portabilis
CVE-2025-9614 (An issue was discovered in the PCI Express (PCIe) Integrity and
Data E ...)
TODO: check
CVE-2025-9613 (A vulnerability was discovered in the PCI Express (PCIe)
Integrity and ...)
@@ -7,217 +7,217 @@ CVE-2025-9613 (A vulnerability was discovered in the PCI
Express (PCIe) Integrit
CVE-2025-9612 (An issue was discovered in the PCI Express (PCIe) Integrity and
Data E ...)
TODO: check
CVE-2025-9368 (A security issue exists within 432ES-IG3 Series A, which
affects Guard ...)
- TODO: check
+ NOT-FOR-US: Rockwell Automation
CVE-2025-6924 (Improper Neutralization of Input During Web Page Generation
(XSS or 'C ...)
TODO: check
CVE-2025-6923 (Improper Neutralization of Input During Web Page Generation
(XSS or 'C ...)
TODO: check
CVE-2025-67599 (Missing Authorization vulnerability in WebToffee WebToffee
eCommerce M ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-67598 (Cross-Site Request Forgery (CSRF) vulnerability in PSM Plugins
Support ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-67597 (Missing Authorization vulnerability in Shahjahan Jewel Fluent
Booking ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-67596 (Cross-Site Request Forgery (CSRF) vulnerability in Strategy11
Team Bus ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-67595 (Cross-Site Request Forgery (CSRF) vulnerability in Ays Pro
Quiz Maker ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-67594 (Authorization Bypass Through User-Controlled Key vulnerability
in Thim ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-67593 (Cross-Site Request Forgery (CSRF) vulnerability in Stiofan
UsersWP use ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-67592 (Missing Authorization vulnerability in Joe Dolson My Calendar
my-calen ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-67591 (Cross-Site Request Forgery (CSRF) vulnerability in jegtheme
JNews Payw ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-67590 (Cross-Site Request Forgery (CSRF) vulnerability in Rustaurius
Ultimate ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-67589 (Missing Authorization vulnerability in WP Overnight
WooCommerce PDF In ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-67588 (Missing Authorization vulnerability in Elementor Elementor
Website Bui ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-67587 (URL Redirection to Untrusted Site ('Open Redirect')
vulnerability in C ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-67586 (Missing Authorization vulnerability in Ronald Huereca
Highlight and Sh ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-67585 (URL Redirection to Untrusted Site ('Open Redirect')
vulnerability in f ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-67584 (Missing Authorization vulnerability in rtCamp GoDAM godam
allows Explo ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-67583 (Missing Authorization vulnerability in ThemeAtelier IDonate
idonate al ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-67582 (Missing Authorization vulnerability in wbcomdesigns Wbcom
Designs lock ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-67581 (Missing Authorization vulnerability in themetechmount
TrueBooker trueb ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-67580 (Missing Authorization vulnerability in Constant Contact
Constant Conta ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-67579 (Missing Authorization vulnerability in vanquish User Extra
Fields wp-u ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-67578 (Missing Authorization vulnerability in Rhys Wynne WP Email
Capture wp- ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-67577 (Missing Authorization vulnerability in hassantafreshi Easy
Form Builde ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-67576 (Missing Authorization vulnerability in QuantumCloud Simple
Link Direct ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-67575 (Missing Authorization vulnerability in Andrew Lima Sitewide
Notice WP ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-67574 (Missing Authorization vulnerability in wpdevart Booking
calendar, Appo ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-67573 (Missing Authorization vulnerability in ThimPress Sailing
sailing allow ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-67572 (Missing Authorization vulnerability in PenciDesign PenNews
pennews all ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-67571 (Missing Authorization vulnerability in WPFunnels WPFunnels
wpfunnels a ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-67570 (Missing Authorization vulnerability in GSheetConnector by
WesternDeal ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-67569 (Missing Authorization vulnerability in scriptsbundle AdForest
adforest ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-67568 (Missing Authorization vulnerability in xtemos Basel basel
allows Explo ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-67567 (Exposure of Sensitive System Information to an Unauthorized
Control Sp ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-67566 (Missing Authorization vulnerability in WofficeIO Woffice Core
woffice- ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-67565 (Exposure of Sensitive System Information to an Unauthorized
Control Sp ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-67564 (Exposure of Sensitive System Information to an Unauthorized
Control Sp ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-67563 (Missing Authorization vulnerability in Saad Iqbal Post SMTP
post-smtp ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-67562 (Missing Authorization vulnerability in WebCodingPlace Image
Caption Ho ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-67561 (Missing Authorization vulnerability in Oleksandr Lysyi Debug
Log Viewe ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-67560 (Missing Authorization vulnerability in Webilia Inc. Listdom
listdom al ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-67559 (Missing Authorization vulnerability in vcita Online Booking &
Scheduli ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-67558 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-67557 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-67556 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-67555 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-67554 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-67553 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-67552 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-67551 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-67550 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-67549 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-67548 (Missing Authorization vulnerability in WP Delicious WP
Delicious delic ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-67545 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-67544 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-67543 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-67542 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-67541 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-67540 (Missing Authorization vulnerability in Wealcoder Animation
Addons for ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-67539 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-67538 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-67537 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-67536 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-67535 (Deserialization of Untrusted Data vulnerability in WePlugins -
WordPre ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-67534 (Cross-Site Request Forgery (CSRF) vulnerability in Jacques
Malgrange R ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-67533 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-67532 (Improper Control of Filename for Include/Require Statement in
PHP Prog ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-67531 (Improper Control of Filename for Include/Require Statement in
PHP Prog ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-67530 (Improper Control of Filename for Include/Require Statement in
PHP Prog ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-67529 (Improper Control of Filename for Include/Require Statement in
PHP Prog ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-67528 (Improper Control of Filename for Include/Require Statement in
PHP Prog ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-67527 (Improper Control of Filename for Include/Require Statement in
PHP Prog ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-67526 (Improper Control of Filename for Include/Require Statement in
PHP Prog ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-67525 (Improper Control of Filename for Include/Require Statement in
PHP Prog ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-67524 (Improper Control of Filename for Include/Require Statement in
PHP Prog ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-67523 (Improper Control of Filename for Include/Require Statement in
PHP Prog ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-67522 (Improper Control of Filename for Include/Require Statement in
PHP Prog ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-67521 (Improper Control of Filename for Include/Require Statement in
PHP Prog ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-67520 (Improper Neutralization of Special Elements used in an SQL
Command ('S ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-67519 (Improper Neutralization of Special Elements used in an SQL
Command ('S ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-67518 (Improper Neutralization of Special Elements used in an SQL
Command ('S ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-67517 (Improper Neutralization of Special Elements used in an SQL
Command ('S ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-67516 (Improper Neutralization of Special Elements used in an SQL
Command ('S ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-67515 (Improper Control of Filename for Include/Require Statement in
PHP Prog ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-67474 (Missing Authorization vulnerability in Ultimate Member ForumWP
forumwp ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-67473 (Cross-Site Request Forgery (CSRF) vulnerability in codeworkweb
CWW Com ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-67472 (Cross-Site Request Forgery (CSRF) vulnerability in vcita
Online Bookin ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-67471 (Cross-Site Request Forgery (CSRF) vulnerability in Saad Iqbal
Quick Co ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-67470 (Exposure of Sensitive System Information to an Unauthorized
Control Sp ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-67469 (Cross-Site Request Forgery (CSRF) vulnerability in kubiq PDF
Thumbnail ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-67468 (Missing Authorization vulnerability in CRM Perks Integration
for Sales ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-67467 (Cross-Site Request Forgery (CSRF) vulnerability in StellarWP
GiveWP gi ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-67466 (Missing Authorization vulnerability in sergiotrinity Trinity
Audio tri ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-67465 (Cross-Site Request Forgery (CSRF) vulnerability in
QuantumCloud Simple ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-66534 (Missing Authorization vulnerability in Elated-Themes The Aisle
theaisl ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-66533 (Improper Control of Generation of Code ('Code Injection')
vulnerabilit ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-66532 (Missing Authorization vulnerability in Mikado-Themes Powerlift
powerli ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-66531 (Cross-Site Request Forgery (CSRF) vulnerability in Dimitri
Grassi Salo ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-66530 (Missing Authorization vulnerability in Webba Appointment
Booking Webba ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-66529 (Cross-Site Request Forgery (CSRF) vulnerability in Ays Pro
Chartify ch ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-66528 (Missing Authorization vulnerability in VillaTheme Thank You
Page Custo ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-66527 (Missing Authorization vulnerability in VanKarWai Lobo lobo
allows Expl ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-66526 (Missing Authorization vulnerability in Essekia Tablesome
tablesome all ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-66525 (Missing Authorization vulnerability in Elastic Email Elastic
Email Sen ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-66456 (Elysia is a Typescript framework for request validation, type
inferenc ...)
TODO: check
CVE-2025-66271 (Clone for Windows provided by ELECOM CO.,LTD. registers a
Windows serv ...)
@@ -243,13 +243,13 @@ CVE-2025-65288 (A buffer overflow in the Mercury MR816v2
(081C3114 4.8.7 Build 1
CVE-2025-65287 (An unauthenticated directory traversal vulnerability in
cgi-bin/upload ...)
TODO: check
CVE-2025-64894 (DNG SDK versions 1.7.0 and earlier are affected by an Integer
Overflow ...)
- TODO: check
+ NOT-FOR-US: Adobe
CVE-2025-64893 (DNG SDK versions 1.7.0 and earlier are affected by an
Out-of-bounds Re ...)
- TODO: check
+ NOT-FOR-US: Adobe
CVE-2025-64784 (DNG SDK versions 1.7.0 and earlier are affected by a
Heap-based Buffer ...)
- TODO: check
+ NOT-FOR-US: Adobe
CVE-2025-64783 (DNG SDK versions 1.7.0 and earlier are affected by an Integer
Overflow ...)
- TODO: check
+ NOT-FOR-US: Adobe
CVE-2025-64696 (Android App "Brother iPrint&Scan" versions 6.13.7 and earlier
improper ...)
TODO: check
CVE-2025-64680 (Heap-based buffer overflow in Windows DWM Core Library allows
an autho ...)
@@ -275,27 +275,27 @@ CVE-2025-64661 (Concurrent execution using shared
resource with improper synchro
CVE-2025-64658 (Concurrent execution using shared resource with improper
synchronizati ...)
TODO: check
CVE-2025-64471 (A use of password hash instead of password for authentication
vulnerab ...)
- TODO: check
+ NOT-FOR-US: Fortinet
CVE-2025-64447 (A reliance on cookies without validation and integrity
checking vulner ...)
- TODO: check
+ NOT-FOR-US: Fortinet
CVE-2025-64257 (Missing Authorization vulnerability in Joe Dolson My Tickets
my-ticket ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-64256 (Cross-Site Request Forgery (CSRF) vulnerability in PressTigers
Simple ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-64255 (Missing Authorization vulnerability in Bowo Admin and Site
Enhancement ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-64254 (Missing Authorization vulnerability in Ronald Huereca Photo
Block phot ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-64156 (An improper neutralization of special elements used in an sql
command ...)
- TODO: check
+ NOT-FOR-US: Fortinet
CVE-2025-64153 (A improper neutralization of special elements used in an os
command (' ...)
- TODO: check
+ NOT-FOR-US: Fortinet
CVE-2025-64113 (Emby Server is a user-installable home media server. Versions
below 4. ...)
TODO: check
CVE-2025-64086 (A NULL pointer dereference vulnerability in the
util.readFileIntoStrea ...)
- TODO: check
+ NOT-FOR-US: PDF-XChange
CVE-2025-64085 (A NULL pointer dereference vulnerability in the
importDataObject() fun ...)
- TODO: check
+ NOT-FOR-US: PDF-XChange
CVE-2025-63742 (SQL Injection vulnerability in function setwxqyAction in file
webmain/ ...)
TODO: check
CVE-2025-63740 (SQL Injection vulnerability in function getselectdataAjax in
file inpu ...)
@@ -307,159 +307,159 @@ CVE-2025-63738 (An issue was discovered in file
index.php in Xinhu Rainrock Rock
CVE-2025-63737 (Cross-site scripting (XSS) vulnerability in function
urltestAction in ...)
TODO: check
CVE-2025-63077 (Missing Authorization vulnerability in HappyMonster Happy
Addons for E ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-63076 (Improper Control of Filename for Include/Require Statement in
PHP Prog ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-63075 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-63074 (Improper Control of Filename for Include/Require Statement in
PHP Prog ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-63073 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-63072 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-63071 (Insertion of Sensitive Information Into Sent Data
vulnerability in ave ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-63070 (Exposure of Sensitive System Information to an Unauthorized
Control Sp ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-63069 (Missing Authorization vulnerability in Vinod Dalvi Ivory
Search add-se ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-63068 (Improper Neutralization of Script-Related HTML Tags in a Web
Page (Bas ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-63067 (Missing Authorization vulnerability in p-themes Porto Theme -
Function ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-63066 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-63065 (Authorization Bypass Through User-Controlled Key vulnerability
in Davi ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-63064 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-63063 (Missing Authorization vulnerability in Yandex Metrika
Yandex.Metrica w ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-63062 (Improper Control of Filename for Include/Require Statement in
PHP Prog ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-63061 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-63060 (Cross-Site Request Forgery (CSRF) vulnerability in hogash
Kallyas kall ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-63059 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-63058 (Exposure of Sensitive System Information to an Unauthorized
Control Sp ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-63057 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-63056 (Missing Authorization vulnerability in bestwebsoft Contact
Form by Bes ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-63055 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-63054 (Missing Authorization vulnerability in ExpressTech Systems
Quiz And Su ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-63052 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-63050 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-63049 (Missing Authorization vulnerability in CridioStudio ListingPro
Lead Fo ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-63048 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-63047 (Missing Authorization vulnerability in CridioStudio ListingPro
listing ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-63046 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-63045 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-63044 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-63042 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-63037 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-63036 (Improper Control of Filename for Include/Require Statement in
PHP Prog ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-63035 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-63034 (Missing Authorization vulnerability in Steve Truman Page View
Count pa ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-63033 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-63030 (Cross-Site Request Forgery (CSRF) vulnerability in Saad Iqbal
New User ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-63028 (Missing Authorization vulnerability in shinetheme Traveler
traveler al ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-63025 (Missing Authorization vulnerability in Xagio SEO Xagio SEO
xagio-seo a ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-63024 (Missing Authorization vulnerability in tychesoftwares Order
Delivery D ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-63023 (Missing Authorization vulnerability in Easy Payment Payment
Gateway fo ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-63015 (Missing Authorization vulnerability in paysera WooCommerce
Payment Gat ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-63013 (Exposure of Sensitive System Information to an Unauthorized
Control Sp ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-63012 (Cross-Site Request Forgery (CSRF) vulnerability in ThimPress
WP Hotel ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-63011 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-63010 (Server-Side Request Forgery (SSRF) vulnerability in
ThemesInflow Hercu ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-63009 (Exposure of Sensitive System Information to an Unauthorized
Control Sp ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-63008 (Missing Authorization vulnerability in weDevs WP ERP erp
allows Exploi ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-63007 (Insertion of Sensitive Information Into Sent Data
vulnerability in Met ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-63006 (Missing Authorization vulnerability in Metagauss EventPrime
eventprime ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-63003 (Improper Control of Filename for Include/Require Statement in
PHP Prog ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-62999 (Missing Authorization vulnerability in themezaa Litho Addons
litho-add ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-62997 (Insertion of Sensitive Information Into Sent Data
vulnerability in lev ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-62996 (Missing Authorization vulnerability in Code Amp Custom Layouts
\u2013 ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-62995 (Missing Authorization vulnerability in multiparcels
MultiParcels Shipp ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-62994 (Insertion of Sensitive Information Into Sent Data
vulnerability in WP ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-62993 (Missing Authorization vulnerability in rainafarai Notification
for Tel ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-62873 (Cross-Site Request Forgery (CSRF) vulnerability in Flashyapp
WP Flashy ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-62872 (Cross-Site Request Forgery (CSRF) vulnerability in JK Social
Photo Fet ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-62871 (Cross-Site Request Forgery (CSRF) vulnerability in Alex
Prokopenko / J ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-62870 (Missing Authorization vulnerability in Eupago Eupago Gateway
For Wooco ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-62869 (Missing Authorization vulnerability in Gravitec.net - Web Push
Notific ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-62867 (Missing Authorization vulnerability in ergonet Ergonet Cache
ergonet-v ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-62866 (Cross-Site Request Forgery (CSRF) vulnerability in Valerio
Monti Auto ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-62865 (Missing Authorization vulnerability in Evan Herman Post Cloner
post-cl ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-62762 (Cross-Site Request Forgery (CSRF) vulnerability in photoboxone
SMTP Ma ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-62740 (Missing Authorization vulnerability in Mario Peshev WP-CRM
System wp-c ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-62739 (Cross-Site Request Forgery (CSRF) vulnerability in SaifuMak
Add Custom ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-62738 (Missing Authorization vulnerability in mmattax Formstack
Online Forms ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-62737 (Exposure of Sensitive System Information to an Unauthorized
Control Sp ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-62736 (Missing Authorization vulnerability in opicron Image Cleanup
image-cle ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-62735 (Exposure of Sensitive System Information to an Unauthorized
Control Sp ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-62734 (Cross-Site Request Forgery (CSRF) vulnerability in Michael
Revellin-Cl ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-62733 (Cross-Site Request Forgery (CSRF) vulnerability in
ProteusThemes Custo ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-62631 (An insufficient session expiration vulnerability [CWE-613] in
Fortinet ...)
- TODO: check
+ NOT-FOR-US: Fortinet
CVE-2025-62573 (Use after free in Windows DirectX allows an authorized
attacker to ele ...)
TODO: check
CVE-2025-62572 (Out-of-bounds read in Application Information Services allows
an autho ...)
@@ -501,7 +501,7 @@ CVE-2025-62553 (Use after free in Microsoft Office Excel
allows an unauthorized
CVE-2025-62552 (Relative path traversal in Microsoft Office Access allows an
unauthori ...)
TODO: check
CVE-2025-62550 (Out-of-bounds write in Azure Monitor Agent allows an
authorized attack ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2025-62549 (Untrusted pointer dereference in Windows Routing and Remote
Access Ser ...)
TODO: check
CVE-2025-62474 (Improper access control in Windows Remote Access Connection
Manager al ...)
@@ -543,29 +543,29 @@ CVE-2025-62454 (Heap-based buffer overflow in Windows
Cloud Files Mini Filter Dr
CVE-2025-62221 (Use after free in Windows Cloud Files Mini Filter Driver
allows an aut ...)
TODO: check
CVE-2025-62153 (Missing Authorization vulnerability in Graham Quick Interest
Slider qu ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-62152 (Missing Authorization vulnerability in ConveyThis ConveyThis
conveythi ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-62151 (Missing Authorization vulnerability in Virtuaria Virtuaria
PagBank / P ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-62109 (Insertion of Sensitive Information Into Sent Data
vulnerability in INF ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-62103 (Cross-Site Request Forgery (CSRF) vulnerability in
wpmediadownload Med ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-62102 (Cross-Site Request Forgery (CSRF) vulnerability in apasionados
DoFollo ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-62100 (Missing Authorization vulnerability in themerain ThemeRain
Core themer ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-62093 (Improper Neutralization of Special Elements used in an SQL
Command ('S ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-62090 (Missing Authorization vulnerability in Jegstudio Gutenverse
News \u201 ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-62086 (Missing Authorization vulnerability in akazanstev
\u042f\u043d\u0434\u ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-62085 (Missing Authorization vulnerability in berthaai BERTHA AI
bertha-ai-fr ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-62082 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-61258 (An issue was discovered in Outsystems Platform Server
11.18.1.37828 al ...)
TODO: check
CVE-2025-61078 (Cross-site scripting (XSS) vulnerability in Request IP form in
phpIPAM ...)
@@ -575,7 +575,7 @@ CVE-2025-61075 (Multiple Incorrect Access Control
vulnerabilities in adata Softw
CVE-2025-61074 (A stored Cross Site Scripting (XSS) vulnherability in the
bulletin boa ...)
TODO: check
CVE-2025-60024 (Multiple Improper Limitations of a Pathname to a Restricted
Directory ...)
- TODO: check
+ NOT-FOR-US: Fortinet
CVE-2025-5471 (Uncontrolled Search Path Element vulnerability in Yandex
Telemost on M ...)
TODO: check
CVE-2025-5470 (Uncontrolled Search Path Element vulnerability in Yandex Disk
on MacOS ...)
@@ -583,51 +583,51 @@ CVE-2025-5470 (Uncontrolled Search Path Element
vulnerability in Yandex Disk on
CVE-2025-5469 (Uncontrolled Search Path Element vulnerability in Yandex
Messenger on ...)
TODO: check
CVE-2025-59923 (An improper access control vulnerability in Fortinet
FortiAuthenticato ...)
- TODO: check
+ NOT-FOR-US: Fortinet
CVE-2025-59810 (An improper access control vulnerability in Fortinet FortiSOAR
PaaS 7. ...)
- TODO: check
+ NOT-FOR-US: Fortinet
CVE-2025-59808 (An unverified password change vulnerability [CWE-620]
vulnerability in ...)
- TODO: check
+ NOT-FOR-US: Fortinet
CVE-2025-59719 (An improper verification of cryptographic signature
vulnerability in F ...)
- TODO: check
+ NOT-FOR-US: Fortinet
CVE-2025-59718 (A improper verification of cryptographic signature
vulnerability in Fo ...)
- TODO: check
+ NOT-FOR-US: Fortinet
CVE-2025-59517 (Improper access control in Windows Storage VSP Driver allows
an author ...)
TODO: check
CVE-2025-59516 (Missing authentication for critical function in Windows
Storage VSP Dr ...)
TODO: check
CVE-2025-59132 (Cross-Site Request Forgery (CSRF) vulnerability in Badi Jones
Duplicat ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-57823 (A direct request ('forced browsing') vulnerability in Fortinet
FortiAu ...)
- TODO: check
+ NOT-FOR-US: Fortinet
CVE-2025-56704 (LeptonCMS version 7.3.0 contains an arbitrary file upload
vulnerabilit ...)
TODO: check
CVE-2025-55233 (Out-of-bounds read in Windows Projected File System allows an
authoriz ...)
TODO: check
CVE-2025-54838 (An Incorrect Authorization vulnerability [CWE-863] in
FortiPortal 7.4. ...)
- TODO: check
+ NOT-FOR-US: Fortinet
CVE-2025-54353 (An Improper Neutralization of Input During Web Page Generation
('Cross ...)
- TODO: check
+ NOT-FOR-US: Fortinet
CVE-2025-54100 (Improper neutralization of special elements used in a command
('comman ...)
TODO: check
CVE-2025-53949 (An Improper Neutralization of Special Elements used in an OS
Command ( ...)
- TODO: check
+ NOT-FOR-US: Fortinet
CVE-2025-53679 (An improper neutralization of special elements used in an OS
command ( ...)
- TODO: check
+ NOT-FOR-US: Fortinet
CVE-2025-49351 (Cross-Site Request Forgery (CSRF) vulnerability in Valentin
Agachi Cre ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-49350 (Missing Authorization vulnerability in marcoingraiti
Actionwear produc ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-49348 (Missing Authorization vulnerability in Hype Hype pico allows
Exploitin ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-49347 (Cross-Site Request Forgery (CSRF) vulnerability in Jupitercow
WP sIFR ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-49341 (Cross-Site Request Forgery (CSRF) vulnerability in Alex Furr
PDF Creat ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-46637 (Dell Encryption, versions prior to 11.12.1, contain an
Improper Link R ...)
- TODO: check
+ NOT-FOR-US: Dell / EMC
CVE-2025-46636 (Dell Encryption, versions prior to 11.12.1, contain an
Improper Link R ...)
- TODO: check
+ NOT-FOR-US: Dell / EMC
CVE-2025-41752 (An XSS vulnerability in pxc_portSfp.php can be used by an
unauthentica ...)
TODO: check
CVE-2025-41751 (An XSS vulnerability in pxc_portCntr.php can be used by an
unauthentic ...)
@@ -657,65 +657,65 @@ CVE-2025-41693 (A low privileged remote attacker can use
the ssh feature to exec
CVE-2025-41692 (A high privileged remote attacker with admin privileges for
the webUI ...)
TODO: check
CVE-2025-40941 (A vulnerability has been identified in SIMATIC CN 4100 (All
versions < ...)
- TODO: check
+ NOT-FOR-US: Siemens
CVE-2025-40940 (A vulnerability has been identified in SIMATIC CN 4100 (All
versions < ...)
- TODO: check
+ NOT-FOR-US: Siemens
CVE-2025-40939 (A vulnerability has been identified in SIMATIC CN 4100 (All
versions < ...)
- TODO: check
+ NOT-FOR-US: Siemens
CVE-2025-40938 (A vulnerability has been identified in SIMATIC CN 4100 (All
versions < ...)
- TODO: check
+ NOT-FOR-US: Siemens
CVE-2025-40937 (A vulnerability has been identified in SIMATIC CN 4100 (All
versions < ...)
- TODO: check
+ NOT-FOR-US: Siemens
CVE-2025-40935 (A vulnerability has been identified in RUGGEDCOM RMC8388 V5.X
(All ver ...)
- TODO: check
+ NOT-FOR-US: Siemens
CVE-2025-40831 (A vulnerability has been identified in SINEC Security Monitor
(All ver ...)
- TODO: check
+ NOT-FOR-US: Siemens
CVE-2025-40830 (A vulnerability has been identified in SINEC Security Monitor
(All ver ...)
- TODO: check
+ NOT-FOR-US: Siemens
CVE-2025-40820 (Affected products do not properly enforce TCP sequence number
validati ...)
- TODO: check
+ NOT-FOR-US: Siemens
CVE-2025-40819 (A vulnerability has been identified in SINEMA Remote Connect
Server (A ...)
- TODO: check
+ NOT-FOR-US: Siemens
CVE-2025-40818 (A vulnerability has been identified in SINEMA Remote Connect
Server (A ...)
- TODO: check
+ NOT-FOR-US: Siemens
CVE-2025-40807 (A vulnerability has been identified in Gridscale X Prepay (All
version ...)
- TODO: check
+ NOT-FOR-US: Siemens
CVE-2025-40806 (A vulnerability has been identified in Gridscale X Prepay (All
version ...)
- TODO: check
+ NOT-FOR-US: Siemens
CVE-2025-40801 (A vulnerability has been identified in COMOS V10.6 (All
versions), COM ...)
- TODO: check
+ NOT-FOR-US: Siemens
CVE-2025-40800 (A vulnerability has been identified in COMOS V10.6 (All
versions), COM ...)
- TODO: check
+ NOT-FOR-US: Siemens
CVE-2025-34414 (Entrust Instant Financial Issuance (IFI) On Premise software
(formerly ...)
TODO: check
CVE-2025-34413 (Legality WHISTLEBLOWING by DigitalPA contains a protection
mechanism f ...)
TODO: check
CVE-2025-34409 (MailEnable versions prior to 10.54 containa reflected
cross-site scrip ...)
- TODO: check
+ NOT-FOR-US: MailEnable
CVE-2025-34408 (MailEnable versions prior to 10.54 containa reflected
cross-site scrip ...)
- TODO: check
+ NOT-FOR-US: MailEnable
CVE-2025-34407 (MailEnable versions prior to 10.54 containa reflected
cross-site scrip ...)
- TODO: check
+ NOT-FOR-US: MailEnable
CVE-2025-34406 (MailEnable versions prior to 10.54 containa reflected
cross-site scrip ...)
- TODO: check
+ NOT-FOR-US: MailEnable
CVE-2025-34404 (MailEnable versions prior to 10.54 containa reflected
cross-site scrip ...)
- TODO: check
+ NOT-FOR-US: MailEnable
CVE-2025-34403 (MailEnable versions prior to 10.54 containa reflected
cross-site scrip ...)
- TODO: check
+ NOT-FOR-US: MailEnable
CVE-2025-34402 (MailEnable versions prior to 10.54 containa reflected
cross-site scrip ...)
- TODO: check
+ NOT-FOR-US: MailEnable
CVE-2025-34401 (MailEnable versions prior to 10.54 containa reflected
cross-site scrip ...)
- TODO: check
+ NOT-FOR-US: MailEnable
CVE-2025-34400 (MailEnable versions prior to 10.54 containa reflected
cross-site scrip ...)
- TODO: check
+ NOT-FOR-US: MailEnable
CVE-2025-34399 (MailEnable versions prior to 10.54 containa reflected
cross-site scrip ...)
- TODO: check
+ NOT-FOR-US: MailEnable
CVE-2025-34398 (MailEnable versions prior to 10.54 containa reflected
cross-site scrip ...)
- TODO: check
+ NOT-FOR-US: MailEnable
CVE-2025-34397 (MailEnable versions prior to 10.54 contain a reflected
cross-site scri ...)
- TODO: check
+ NOT-FOR-US: MailEnable
CVE-2025-34396 (MailEnable versions prior to 10.54 contain an unsafe DLL
loading vulne ...)
- TODO: check
+ NOT-FOR-US: MailEnable
CVE-2025-33214 (NVIDIA NVTabular for Linux contains a vulnerability in the
Workflow co ...)
TODO: check
CVE-2025-33213 (NVIDIA Merlin Transformers4Rec for Linux contains a
vulnerability in t ...)
@@ -725,41 +725,41 @@ CVE-2025-2296 (EDK2 contains a vulnerability in BIOS
where an attacker may cause
CVE-2025-14345 (A post-authenticationflaw in the network two-phase commit
protocol use ...)
TODO: check
CVE-2025-14337 (A vulnerability was determined in itsourcecode Student
Management Syst ...)
- TODO: check
+ NOT-FOR-US: itsourcecode System
CVE-2025-14336 (A vulnerability was found in itsourcecode Student Management
System 1. ...)
- TODO: check
+ NOT-FOR-US: itsourcecode System
CVE-2025-14335 (A vulnerability has been found in itsourcecode Student
Management Syst ...)
- TODO: check
+ NOT-FOR-US: itsourcecode System
CVE-2025-14334 (A flaw has been found in itsourcecode Student Management
System 1.0. A ...)
- TODO: check
+ NOT-FOR-US: itsourcecode System
CVE-2025-13924 (The Advanced Product Fields (Product Addons) for WooCommerce
plugin fo ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-13662 (Improper verification of cryptographic signatures in the patch
managem ...)
- TODO: check
+ NOT-FOR-US: Ivanti
CVE-2025-13661 (Path traversal in Ivanti Endpoint Manager prior to version
2024 SU4 SR ...)
- TODO: check
+ NOT-FOR-US: Ivanti
CVE-2025-13659 (Improper control of dynamically managed code resources in
Ivanti Endpo ...)
- TODO: check
+ NOT-FOR-US: Ivanti
CVE-2025-13642 (The Paid Membership Plugin, Ecommerce, User Registration Form,
Login F ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-12946 (A vulnerability in the speedtest feature of affected NETGEAR
Nighthawk ...)
- TODO: check
+ NOT-FOR-US: Netgear
CVE-2025-12945 (A vulnerability in NETGEAR Nighthawk R7000P routers lets an
authentica ...)
- TODO: check
+ NOT-FOR-US: Netgear
CVE-2025-12941 (Denial of Service Vulnerability in
NETGEARC6220andC6230(DOCSIS\xae 3.0 ...)
- TODO: check
+ NOT-FOR-US: Netgear
CVE-2025-12807 (A security issue was discovered in DataMosaix Private Cloud,
allowing ...)
- TODO: check
+ NOT-FOR-US: Rockwell Automation
CVE-2025-12705 (The Social Reviews & Recommendations plugin for WordPress is
vulnerabl ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-12558 (The Beaver Builder \u2013 WordPress Page Builder plugin for
WordPress ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-12504 (Improper Neutralization of Special Elements used in an SQL
Command ('S ...)
TODO: check
CVE-2025-12381 (Improper Privilege Management vulnerability in AlgoSec
Firewall Analyz ...)
- TODO: check
+ NOT-FOR-US: AlgoSec
CVE-2025-11531 (HP System Event Utility and Omen Gaming Hub might allow
execution of ...)
- TODO: check
+ NOT-FOR-US: HP
CVE-2025-11022 (Cross-Site Request Forgery (CSRF) vulnerability in Personal
Project Pa ...)
TODO: check
CVE-2025-10876 (Improper Neutralization of Input During Web Page Generation
(XSS or 'C ...)
@@ -767,23 +767,23 @@ CVE-2025-10876 (Improper Neutralization of Input During
Web Page Generation (XSS
CVE-2025-10655 (SQL Injection in Frappe HelpDesk in the dashboard
get_dashboard_data d ...)
TODO: check
CVE-2025-10573 (Stored XSS in Ivanti Endpoint Manager prior to version 2024
SU4 SR1 al ...)
- TODO: check
+ NOT-FOR-US: Ivanti
CVE-2024-56840 (A vulnerability has been identified in RUGGEDCOM ROX II family
(All ve ...)
- TODO: check
+ NOT-FOR-US: Siemens
CVE-2024-56839 (A vulnerability has been identified in RUGGEDCOM ROX II family
(All ve ...)
- TODO: check
+ NOT-FOR-US: Siemens
CVE-2024-56838 (A vulnerability has been identified in RUGGEDCOM ROX II family
(All ve ...)
- TODO: check
+ NOT-FOR-US: Siemens
CVE-2024-56837 (A vulnerability has been identified in RUGGEDCOM ROX II family
(All ve ...)
- TODO: check
+ NOT-FOR-US: Siemens
CVE-2024-56836 (A vulnerability has been identified in RUGGEDCOM ROX II family
(All ve ...)
- TODO: check
+ NOT-FOR-US: Siemens
CVE-2024-56835 (A vulnerability has been identified in RUGGEDCOM ROX II family
(All ve ...)
- TODO: check
+ NOT-FOR-US: Siemens
CVE-2024-56464 (IBM QRadar SIEM7.5 - 7.5.0 UP14 IF01 is affected by an
information dis ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2024-47570 (An insertion of sensitive information into log file
vulnerability [CWE ...)
- TODO: check
+ NOT-FOR-US: Fortinet
CVE-2024-38798 (EDK2 contains a vulnerability in BIOS where an attacker may
cause \u20 ...)
TODO: check
CVE-2025-14333 (Memory safety bugs present in Firefox ESR 140.5, Thunderbird
ESR 140.5 ...)
@@ -273440,7 +273440,7 @@ CVE-2023-23731 (Cross-Site Request Forgery (CSRF)
vulnerability in HasTheme Wish
CVE-2023-23730 (Improper Restriction of Excessive Authentication Attempts
vulnerabilit ...)
NOT-FOR-US: WordPress plugin
CVE-2023-23729 (Missing Authorization vulnerability in Brainstorm Force
Spectra allows ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2023-23728 (Auth. (contributor+) Cross-Site Scripting (XSS) vulnerability
in Winwa ...)
NOT-FOR-US: WordPress plugin
CVE-2023-23727 (Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability
in Form ...)
@@ -276979,7 +276979,7 @@ CVE-2023-22677 (Improper Control of Generation of
Code ('Code Injection') vulner
CVE-2023-22676 (Missing Authorization vulnerability in Anders Thorborg.This
issue affe ...)
NOT-FOR-US: WordPress plugin
CVE-2023-22675 (Cross-Site Request Forgery (CSRF) vulnerability in Taylor
Hawkes WP Fa ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2023-22674 (Missing Authorization, Cross-Site Request Forgery (CSRF)
vulnerability ...)
NOT-FOR-US: WordPress plugin
CVE-2023-22673 (Cross-Site Request Forgery (CSRF) vulnerability in MageNet
Website Mon ...)
@@ -282000,7 +282000,7 @@ CVE-2022-47427 (Cross-Site Request Forgery (CSRF)
vulnerability in Joseph C Dols
CVE-2022-47426 (Improper Neutralization of Special Elements used in an SQL
Command ('S ...)
NOT-FOR-US: WordPress plugin
CVE-2022-47425 (Missing Authorization vulnerability in Repute Infosystems
ARMember all ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2022-47424 (Cross-Site Request Forgery (CSRF) vulnerability in Repute
InfoSystems ...)
NOT-FOR-US: WordPress plugin
CVE-2022-47423 (Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability
in Ulf ...)
@@ -283834,7 +283834,7 @@ CVE-2022-46847
CVE-2022-46846 (Missing Authorization vulnerability in WP OnlineSupport,
Essential Plu ...)
NOT-FOR-US: WordPress plugin
CVE-2022-46845 (Missing Authorization vulnerability in Essential Plugin Slider
a Slide ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2022-46844 (Auth. (contributor+) Stored Cross-Site Scripting (XSS)
vulnerability i ...)
NOT-FOR-US: WordPress plugin
CVE-2022-46843 (Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in
Le Van T ...)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/08d8359ee031ec33b198714cd5bc069453780eeb
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/08d8359ee031ec33b198714cd5bc069453780eeb
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
