Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
2b89ac45 by Salvatore Bonaccorso at 2025-12-20T09:46:33+01:00
Process some NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -5,7 +5,7 @@ CVE-2025-68613 (n8n is an open source workflow automation
platform. Versions sta
CVE-2025-68481 (FastAPI Users allows users to quickly add a registration and
authentic ...)
NOT-FOR-US: fastapi-users
CVE-2025-67712 (There is an HTML injection issue in Esri ArcGIS Web AppBuilder
develop ...)
- TODO: check
+ NOT-FOR-US: Esri ArcGIS Web AppBuilder
CVE-2025-14968 (A security flaw has been discovered in code-projects Simple
Stock Syst ...)
NOT-FOR-US: code-projects
CVE-2025-14735 (The "Amazon affiliate lite Plugin" plugin for WordPress is
vulnerable ...)
@@ -17,11 +17,11 @@ CVE-2025-14721 (The Responsive and Swipe slider plugin for
WordPress is vulnerab
CVE-2025-14633 (The F70 Lead Document Download plugin for WordPress is
vulnerable to u ...)
NOT-FOR-US: WordPress plugin
CVE-2025-14591 (After a recent bug fix to correctly handle CR+LF (Windows and
DOS) End ...)
- TODO: check
+ NOT-FOR-US: Perforce
CVE-2025-14300 (The HTTPS service on Tapo C200 V3 exposes a connectAP
interface withou ...)
- TODO: check
+ NOT-FOR-US: TP-Link
CVE-2025-14299 (The HTTPS server on Tapo C200 V3 does not properly validate
the Conten ...)
- TODO: check
+ NOT-FOR-US: TP-Link
CVE-2025-14168 (The WP DB Booster plugin for WordPress is vulnerable to
Cross-Site Req ...)
NOT-FOR-US: WordPress plugin
CVE-2025-14164 (The Quran Gateway plugin for WordPress is vulnerable to
Cross-Site Req ...)
@@ -43,25 +43,25 @@ CVE-2025-12581 (The Attachments Handler plugin for
WordPress is vulnerable to Re
CVE-2023-53959 (FileZilla Client 3.63.1 contains a DLL hijacking vulnerability
that al ...)
TODO: check
CVE-2023-53958 (LDAP Tool Box Self Service Password 1.5.2 contains a password
reset vu ...)
- TODO: check
+ NOT-FOR-US: LDAP Tool Box Self Service Password
CVE-2023-53957 (Kimai 1.30.10 contains a SameSite cookie vulnerability that
allows att ...)
- TODO: check
+ NOT-FOR-US: Kimai
CVE-2023-53956 (Flatnux 2021-03.25 contains an authenticated file upload
vulnerability ...)
- TODO: check
+ NOT-FOR-US: Flatnux
CVE-2023-53954 (ActFax 10.10 contains an unquoted service path vulnerability
that allo ...)
- TODO: check
+ NOT-FOR-US: ActFax
CVE-2023-53953 (WebsiteBaker 2.13.3 contains a stored cross-site scripting
vulnerabili ...)
- TODO: check
+ NOT-FOR-US: WebsiteBaker
CVE-2023-53952 (Dotclear 2.25.3 contains a remote code execution vulnerability
that al ...)
TODO: check
CVE-2023-53951 (Ever Gauzy v0.281.9 contains a JWT authentication
vulnerability that a ...)
- TODO: check
+ NOT-FOR-US: Ever Gauzy
CVE-2023-53950 (InnovaStudio WYSIWYG Editor 5.4 contains an unrestricted file
upload v ...)
- TODO: check
+ NOT-FOR-US: InnovaStudio WYSIWYG Editor
CVE-2023-53949 (AspEmail 5.6.0.2 contains a binary permission vulnerability
that allow ...)
- TODO: check
+ NOT-FOR-US: AspEmail
CVE-2023-53948 (Lilac-Reloaded for Nagios 2.0.8 contains a remote code
execution vulne ...)
- TODO: check
+ NOT-FOR-US: Lilac-Reloaded for Nagios
CVE-2023-53947 (OCS Inventory NG 2.3.0.0 contains an unquoted service path
vulnerabili ...)
TODO: check
CVE-2023-53946 (Arcsoft PhotoStudio 6.0.0.172 contains an unquoted service
path vulner ...)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/2b89ac45d40c3cb49df8ad1946350f3ec0bbfc57
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/2b89ac45d40c3cb49df8ad1946350f3ec0bbfc57
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
