Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
9043a1d4 by security tracker role at 2025-12-13T08:12:46+00:00
automatic NOT-FOR-US entries update
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,19 +1,19 @@
CVE-2025-9873 (The a3 Lazy Load plugin for WordPress is vulnerable to Stored
Cross-Si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-9488 (The Redux Framework plugin for WordPress is vulnerable to
Stored Cross ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-9218 (The rtMedia for WordPress, BuddyPress and bbPress plugin for
WordPress ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-9207 (The TI WooCommerce Wishlist plugin for WordPress is vulnerable
to HTML ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-9116 (The WPS Visitor Counter Plugin WordPress plugin through 1.4.8
does not ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-8779 (The All-in-One Addons for Elementor \u2013 WidgetKit plugin for
WordPr ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-8617 (The YITH WooCommerce Quick View plugin for WordPress is
vulnerable to ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-7058 (The Kingcabs theme for WordPress is vulnerable to Stored
Cross-Site Sc ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-67871
REJECTED
CVE-2025-67870
@@ -41,205 +41,205 @@ CVE-2025-67721 (Aircompressor is a library with ports of
the Snappy, LZO, LZ4, a
CVE-2025-67634 (The CISA Software Acquisition Guide Supplier Response Web Tool
before ...)
TODO: check
CVE-2025-46289 (A logic issue was addressed with improved file handling. This
issue is ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2025-46287 (An inconsistent user interface issue was addressed with
improved state ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2025-46285 (An integer overflow was addressed by adopting 64-bit
timestamps. This ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2025-46276 (An information disclosure issue was addressed with improved
privacy co ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2025-43542 (This issue was addressed with improved state management. This
issue is ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2025-43539 (The issue was addressed with improved bounds checks. This
issue is fix ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2025-43538 (A logging issue was addressed with improved data redaction.
This issue ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2025-43532 (A memory corruption issue was addressed with improved bounds
checking. ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2025-43530 (This issue was addressed with improved checks. This issue is
fixed in ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2025-43527 (A permissions issue was addressed with additional
restrictions. This i ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2025-43523 (A permissions issue was addressed with additional
restrictions. This i ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2025-43522 (A downgrade issue affecting Intel-based Mac computers was
addressed wi ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2025-43521 (A downgrade issue affecting Intel-based Mac computers was
addressed wi ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2025-43520 (A memory corruption issue was addressed with improved memory
handling. ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2025-43519 (A permissions issue was addressed with additional
restrictions. This i ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2025-43518 (A logic issue was addressed with improved checks. This issue
is fixed ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2025-43517 (A privacy issue was addressed with improved private data
redaction for ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2025-43516 (A session management issue was addressed with improved checks.
This is ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2025-43513 (A permissions issue was addressed by removing the vulnerable
code. Thi ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2025-43512 (A logic issue was addressed with improved checks. This issue
is fixed ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2025-43511 (A use-after-free issue was addressed with improved memory
management. ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2025-43510 (A memory corruption issue was addressed with improved lock
state check ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2025-43509 (This issue was addressed with improved data protection. This
issue is ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2025-43506 (A logic error was addressed with improved error handling. This
issue i ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2025-43497 (An access issue was addressed with additional sandbox
restrictions. Th ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2025-43494 (A mail header parsing issue was addressed with improved
checks. This i ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2025-43482 (The issue was addressed with improved input validation. This
issue is ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2025-43473 (This issue was addressed with improved state management. This
issue is ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2025-43471 (The issue was addressed with improved checks. This issue is
fixed in m ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2025-43470 (A permissions issue was addressed with additional
restrictions. This i ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2025-43467 (This issue was addressed with improved checks. This issue is
fixed in ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2025-43466 (An injection issue was addressed with improved validation.
This issue ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2025-43465 (A parsing issue in the handling of directory paths was
addressed with ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2025-43464 (A denial-of-service issue was addressed with improved input
validation ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2025-43463 (A parsing issue in the handling of directory paths was
addressed with ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2025-43461 (This issue was addressed with improved validation of symlinks.
This is ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2025-43437 (An information disclosure issue was addressed with improved
privacy co ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2025-43416 (A logic issue was addressed with improved restrictions. This
issue is ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2025-43410 (The issue was addressed with improved handling of caches. This
issue i ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2025-43406 (A logic issue was addressed with improved restrictions. This
issue is ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2025-43404 (A permissions issue was addressed with additional sandbox
restrictions ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2025-43402 (The issue was addressed with improved memory handling. This
issue is f ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2025-43393 (A permissions issue was addressed with additional sandbox
restrictions ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2025-43388 (An injection issue was addressed with improved validation.
This issue ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2025-43381 (This issue was addressed with improved handling of symlinks.
This issu ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2025-43351 (A permissions issue was addressed with additional
restrictions. This i ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2025-43320 (The issue was addressed by adding additional logic. This issue
is fixe ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2025-14611 (Gladinet CentreStack and Triofox prior to version
16.12.10420.56791 us ...)
TODO: check
CVE-2025-14586 (A vulnerability was determined in TOTOLINK X5000R
9.1.0cu.2089_B202112 ...)
- TODO: check
+ NOT-FOR-US: TOTOLINK
CVE-2025-14585 (A vulnerability was found in itsourcecode COVID Tracking
System 1.0. A ...)
- TODO: check
+ NOT-FOR-US: itsourcecode System
CVE-2025-14584 (A vulnerability has been found in itsourcecode COVID Tracking
System 1 ...)
- TODO: check
+ NOT-FOR-US: itsourcecode System
CVE-2025-14583 (A flaw has been found in campcodes Online Student Enrollment
System 1. ...)
- TODO: check
+ NOT-FOR-US: Campcodes
CVE-2025-14582 (A vulnerability was detected in campcodes Online Student
Enrollment Sy ...)
- TODO: check
+ NOT-FOR-US: Campcodes
CVE-2025-14581 (The HAPPY \u2013 Helpdesk Support Ticket System plugin for
WordPress i ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-14580 (A security vulnerability has been detected in Qualitor up to
8.24.73. ...)
TODO: check
CVE-2025-14540 (The Userback plugin for WordPress is vulnerable to
unauthorized access ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-14539 (The The Shortcode Ajax plugin for WordPress is vulnerable to
arbitrary ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-14508 (The MediaCommander \u2013 Bring Folders to Media, Posts, and
Pages plu ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-14477 (The 404 Solution plugin for WordPress is vulnerable to SQL
Injection i ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-14476 (The Doubly \u2013 Cross Domain Copy Paste for WordPress plugin
for Wor ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-14475 (The Extensive VC Addons for WPBakery page builder plugin for
WordPress ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-14462 (The Lucky Draw Contests plugin for WordPress is vulnerable to
Cross-Si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-14454 (The Image Slider by Ays- Responsive Slider and Carousel plugin
for Wor ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-14451 (The Solutions Ad Manager plugin for WordPress is vulnerable to
Open Re ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-14447 (The AnnunciFunebri Impresa plugin for WordPress is vulnerable
to unaut ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-14446 (The Popup Builder (Easy Notify Lite) plugin for WordPress is
vulnerabl ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-14440 (The JAY Login & Register plugin for WordPress is vulnerable to
authent ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-14397 (The Postem Ipsum plugin for WordPress is vulnerable to
unauthorized mo ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-14395 (The Popover Windows plugin for WordPress is vulnerable to
unauthorized ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-14394 (The Popover Windows plugin for WordPress is vulnerable to
Cross-Site R ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-14378 (The Quick Testimonials plugin for WordPress is vulnerable to
Stored Cr ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-14367 (The Easy Theme Options plugin for WordPress is vulnerable to
Missing A ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-14366 (The Eyewear prescription form plugin for WordPress is
vulnerable to Mi ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-14365 (The Eyewear prescription form plugin for WordPress is
vulnerable to Mi ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-14288 (The Gallery Blocks with Lightbox. Image Gallery, (HTML5 video
, YouTub ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-14278 (The HT Slider for Elementor plugin for WordPress is vulnerable
to Stor ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-14066
REJECTED
CVE-2025-14056 (The Custom Post Type UI plugin for WordPress is vulnerable to
Stored C ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-14050 (The Design Import/Export plugin for WordPress is vulnerable to
SQL Inj ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-13970 (OpenPLC_V3 is vulnerable to a cross-site request forgery
(CSRF) attack ...)
TODO: check
CVE-2025-13705 (The Custom Frames plugin for WordPress is vulnerable to Stored
Cross-S ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-13403 (The Employee Spotlight \u2013 Team Member Showcase & Meet the
Team Plu ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-13094 (The WP3D Model Import Viewer plugin for WordPress is
vulnerable to arb ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-13093 (The Devs CRM \u2013 Manage tasks, attendance and teams all
together pl ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-13092 (The Devs CRM \u2013 Manage tasks, attendance and teams all
together pl ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-13089 (The WP Directory Kit plugin for WordPress is vulnerable to SQL
Injecti ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-13077 (The \u0627\u0641\u0632\u0648\u0646\u0647
\u067e\u06cc\u0627\u0645\u06a ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-12512 (The GenerateBlocks plugin for WordPress is vulnerable to
information e ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-12362 (The myCred \u2013 Points Management System For Gamification,
Ranks, Ba ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-12109 (The Header Footer Script Adder \u2013 Insert Code in Header,
Body & Fo ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-12077 (The WP to LinkedIn Auto Publish plugin for WordPress is
vulnerable to ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-12076 (The Social Media Auto Publish plugin for WordPress is
vulnerable to Re ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-11970 (The Emplibot \u2013 AI Content Writer with Keyword Research,
Infograph ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-11707 (The Login Lockdown & Protection plugin for WordPress is
vulnerable to ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-11693 (The Export WP Page to Static HTML & PDF plugin for WordPress
is vulner ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-11376 (The Colibri Page Builder plugin for WordPress is vulnerable to
Stored ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-11266 (An out-of-bounds write vulnerability exists in the Grassroots
DICOM li ...)
TODO: check
CVE-2025-11164 (The Mavix Education theme for WordPress is vulnerable to
unauthorized ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-10738 (The URL Shortener Plugin For WordPress plugin for WordPress is
vulnera ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-10289 (The Filter & Grids plugin for WordPress is vulnerable to SQL
Injection ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-58316 (Online Shopping System Advanced 1.0 contains a SQL injection
vulnerabi ...)
TODO: check
CVE-2025-8083 (The Preset configuration
https://v2.vuetifyjs.com/en/features/presets ...)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/9043a1d4240b1584e1cf9a08bd8656bb01a88f90
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/9043a1d4240b1584e1cf9a08bd8656bb01a88f90
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
