Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
64cba96c by security tracker role at 2025-12-22T20:13:39+00:00
automatic NOT-FOR-US entries update
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,7 +1,7 @@
CVE-2025-8460 (Improper Neutralization of Input During Web Page Generation
(XSS or 'C ...)
- TODO: check
+ NOT-FOR-US: Centreon
CVE-2025-68645 (A Local File Inclusion (LFI) vulnerability exists in the
Webmail Class ...)
- TODO: check
+ NOT-FOR-US: Zimbra
CVE-2025-68337 (In the Linux kernel, the following vulnerability has been
resolved: j ...)
TODO: check
CVE-2025-68336 (In the Linux kernel, the following vulnerability has been
resolved: l ...)
@@ -39,7 +39,7 @@ CVE-2025-67290 (A stored cross-site scripting (XSS)
vulnerability in the Page Se
CVE-2025-67289 (An arbitrary file upload vulnerability in the Attachments
module of Fr ...)
TODO: check
CVE-2025-67288 (An arbitrary file upload vulnerability in Umbraco CMS v16.3.3
allows a ...)
- TODO: check
+ NOT-FOR-US: Umbraco CMS
CVE-2025-65837 (PublicCMS V5.202506.b is vulnerable to Cross Site Scripting
(XSS) in t ...)
TODO: check
CVE-2025-65790 (A reflected cross-site scripting (XSS) vulnerability exists in
FuguHub ...)
@@ -53,11 +53,11 @@ CVE-2025-63663 (Incorrect access control in the
/api/v1/conversations/*/files AP
CVE-2025-63662 (Insecure permissions in the /api/v1/agents API of GT Edge AI
Platform ...)
TODO: check
CVE-2025-62880 (Cross-Site Request Forgery (CSRF) vulnerability in Kunal Nagar
Custom ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-62107 (Cross-Site Request Forgery (CSRF) vulnerability in PluginOps
Feather L ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-62094 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-61740 (Authentication issue that does not verify the source of a
packet which ...)
TODO: check
CVE-2025-61739 (Due to Nonce reuse, attackers can perform reply attack or
decrypt capt ...)
@@ -65,19 +65,19 @@ CVE-2025-61739 (Due to Nonce reuse, attackers can perform
reply attack or decryp
CVE-2025-61738 (Under certain circumstances, attacker can capture the network
key, rea ...)
TODO: check
CVE-2025-54890 (Improper Neutralization of Input During Web Page Generation
(XSS or 'C ...)
- TODO: check
+ NOT-FOR-US: Centreon
CVE-2025-26787 (An error in the SignServer container startup logic was found
in Keyfac ...)
TODO: check
CVE-2025-26379 (Use of a weak pseudo-random number generator, which may allow
an attac ...)
TODO: check
CVE-2025-15033 (A vulnerability in WooCommerce 8.1 to 10.4.2 can allow
logged-in custo ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-14273 (Mattermost versions 11.1.x <= 11.1.0, 11.0.x <= 11.0.5,
10.12.x <= 10. ...)
TODO: check
CVE-2025-14018 (Unquoted Search Path or Element vulnerability in NetBT
Consulting Serv ...)
TODO: check
CVE-2025-12514 (Improper Neutralization of Special Elements used in an SQL
Command ('S ...)
- TODO: check
+ NOT-FOR-US: Centreon
CVE-2025-10021 (A Use of Uninitialized Variable vulnerability exists in Open
DesignAll ...)
TODO: check
CVE-2024-35321 (MyNET up to v26.08 was discovered to contain a Reflected
cross-site sc ...)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/64cba96cdfadd6144972c959d0c2d05b97456f47
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/64cba96cdfadd6144972c959d0c2d05b97456f47
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
