Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
ec216439 by security tracker role at 2025-12-23T20:16:53+00:00
automatic NOT-FOR-US entries update
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,23 +1,23 @@
CVE-2025-68561 (Improper Neutralization of Special Elements used in an SQL
Command ('S ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-68560 (Improper Control of Filename for Include/Require Statement in
PHP Prog ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-68559 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-68557 (Missing Authorization vulnerability in Vikas Ratudi Chakra
test allows ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-68556 (Missing Authorization vulnerability in VillaTheme HAPPY allows
Exploit ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-68551 (Exposure of Sensitive System Information to an Unauthorized
Control Sp ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-68550 (Improper Neutralization of Special Elements used in an SQL
Command ('S ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-68548 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-68546 (Improper Control of Filename for Include/Require Statement in
PHP Prog ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-68544 (Improper Control of Filename for Include/Require Statement in
PHP Prog ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-67111 (An integer overflow in the RTPS protocol implementation of
OpenDDS DDS ...)
TODO: check
CVE-2025-67109 (Improper verification of the time certificate in Eclipse
Cyclone DDS b ...)
@@ -35,17 +35,17 @@ CVE-2025-65410 (A stack overflow in the src/main.c
component of GNU Unrtf v0.21.
CVE-2025-65354 (Improper input handling in /Grocery/search_products_itname.php
inPunee ...)
TODO: check
CVE-2025-59886 (Improper input validation at one of the endpoints of Eaton
xComfort EC ...)
- TODO: check
+ NOT-FOR-US: Eaton
CVE-2025-51511 (Cadmium CMS v.0.4.9 has a background arbitrary file upload
vulnerabili ...)
TODO: check
CVE-2025-50526 (Netgear EX8000 V1.0.0.126 was discovered to contain a command
injectio ...)
- TODO: check
+ NOT-FOR-US: Netgear
CVE-2025-48864
REJECTED
CVE-2025-48863
REJECTED
CVE-2025-45493 (Netgear EX8000 V1.0.0.126 is vulnerable to Command Injection
via the i ...)
- TODO: check
+ NOT-FOR-US: Netgear
CVE-2025-33224 (NVIDIA Isaac Launchable contains a vulnerability where an
attacker cou ...)
TODO: check
CVE-2025-33223 (NVIDIA Isaac Launchable contains a vulnerability where an
attacker cou ...)
@@ -53,29 +53,29 @@ CVE-2025-33223 (NVIDIA Isaac Launchable contains a
vulnerability where an attack
CVE-2025-33222 (NVIDIA Isaac Launchable contains a vulnerability where an
attacker cou ...)
TODO: check
CVE-2025-29229 (linksys E5600 V1.1.0.26 is vulnerable to command injection in
the func ...)
- TODO: check
+ NOT-FOR-US: Linksys
CVE-2025-29228 (Linksys E5600 V1.1.0.26 is vulnerable to command injection in
the runt ...)
- TODO: check
+ NOT-FOR-US: Linksys
CVE-2025-25364 (A command injection vulnerability in the
me.connectify.SMJobBlessHelpe ...)
TODO: check
CVE-2025-14635 (The Happy Addons for Elementor plugin for WordPress is
vulnerable to S ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-14548 (The Calendar plugin for WordPress is vulnerable to Stored
Cross-Site S ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-14388 (The PhastPress plugin for WordPress is vulnerable to
Unauthenticated A ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-14163 (The Premium Addons for Elementor plugin for WordPress is
vulnerable to ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-14155 (The Premium Addons for Elementor \u2013 Powerful Elementor
Templates & ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-14000 (The Membership Plugin \u2013 Restrict Content plugin for
WordPress is ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-13183 (Improper Neutralization of Input During Web Page Generation
(XSS or 'C ...)
TODO: check
CVE-2025-13074
REJECTED
CVE-2025-12934 (The Beaver Builder \u2013 WordPress Page Builder plugin for
WordPress ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-10863
REJECTED
CVE-2024-9684 (FreyrSCADA/IEC-60870-5-104 server v21.06.008 allows remote
attackers t ...)
@@ -83,7 +83,7 @@ CVE-2024-9684 (FreyrSCADA/IEC-60870-5-104 server v21.06.008
allows remote attack
CVE-2024-57521 (SQL Injection vulnerability in RuoYi v.4.7.9 and before allows
a remot ...)
TODO: check
CVE-2024-24844 (Missing Authorization vulnerability in IdeaBox Creations
PowerPack Pro ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2024-10398
REJECTED
CVE-2023-5094
@@ -95,7 +95,7 @@ CVE-2023-5092
CVE-2023-53982 (PMB 7.4.6 contains a SQL injection vulnerability in the
storage parame ...)
TODO: check
CVE-2023-52210 (Vulnerability in Tyche softwares Product Delivery Date for
WooCommerce ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2021-47739 (Epic Games Easy Anti-Cheat 4.0 contains an unquoted service
path vulne ...)
TODO: check
CVE-2021-47738 (CSZ CMS 1.2.7 contains a persistent cross-site scripting
vulnerability ...)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/ec216439c06835eccbcd5e54a69b638f48c88b1d
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/ec216439c06835eccbcd5e54a69b638f48c88b1d
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
