Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
f49987a5 by security tracker role at 2025-12-24T20:13:49+00:00
automatic NOT-FOR-US entries update
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -37,183 +37,183 @@ CVE-2025-68736 (In the Linux kernel, the following
vulnerability has been resolv
CVE-2025-68735 (In the Linux kernel, the following vulnerability has been
resolved: d ...)
TODO: check
CVE-2025-68608 (Missing Authorization vulnerability in DeluxeThemes Userpro
userpro al ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-68606 (Exposure of Sensitive System Information to an Unauthorized
Control Sp ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-68605 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-68603 (Missing Authorization vulnerability in Marketing Fire
Editorial Calend ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-68602 (URL Redirection to Untrusted Site ('Open Redirect')
vulnerability in S ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-68601 (Cross-Site Request Forgery (CSRF) vulnerability in Rustaurius
Five Sta ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-68600 (Server-Side Request Forgery (SSRF) vulnerability in Yannick
Lefebvre L ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-68599 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-68598 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-68597 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-68596 (Missing Authorization vulnerability in Bit Apps Bit Assist
bit-assist ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-68595 (Missing Authorization vulnerability in Trustindex Widgets for
Social P ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-68594 (Missing Authorization vulnerability in Assaf Parag Poll,
Survey & Quiz ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-68593 (Missing Authorization vulnerability in Liton Arefin WP
Adminify admini ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-68592 (Missing Authorization vulnerability in Liton Arefin WP
Adminify admini ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-68591 (Missing Authorization vulnerability in Mitchell Bennis Simple
File Lis ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-68590 (Improper Neutralization of Special Elements used in an SQL
Command ('S ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-68589 (Missing Authorization vulnerability in WP Socio WP Telegram
Widget and ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-68588 (Missing Authorization vulnerability in totalsoft TS Poll
poll-wp allow ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-68587 (Missing Authorization vulnerability in Bob Watu Quiz watu
allows Explo ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-68586 (Missing Authorization vulnerability in Gora Tech Cooked cooked
allows ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-68585 (Missing Authorization vulnerability in Ben Balter WP Document
Revision ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-68584 (Cross-Site Request Forgery (CSRF) vulnerability in Constantin
Boiangiu ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-68583 (Cross-Site Request Forgery (CSRF) vulnerability in Tikweb
Management F ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-68582 (Missing Authorization vulnerability in Funnelforms Funnelforms
Free fu ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-68581 (Missing Authorization vulnerability in YITHEMES YITH Slider
for page b ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-68580 (Cross-Site Request Forgery (CSRF) vulnerability in pluginsware
Advance ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-68579 (Missing Authorization vulnerability in FolioVision FV Simpler
SEO fv-a ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-68578 (Missing Authorization vulnerability in Addonify Addonify
addonify-quic ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-68577 (Missing Authorization vulnerability in Virusdie Virusdie
virusdie allo ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-68576 (Exposure of Sensitive System Information to an Unauthorized
Control Sp ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-68575 (Missing Authorization vulnerability in Wappointment team
Wappointment ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-68574 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-68573 (Cross-Site Request Forgery (CSRF) vulnerability in Alessandro
Piconi S ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-68572 (Missing Authorization vulnerability in Spider Themes BBP Core
bbp-core ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-68571 (Missing Authorization vulnerability in SALESmanago SALESmanago
salesma ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-68570 (Improper Neutralization of Special Elements used in an SQL
Command ('S ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-68569 (Missing Authorization vulnerability in codepeople WP Time
Slots Bookin ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-68568 (Missing Authorization vulnerability in integrationclaspo Popup
Builder ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-68567 (Cross-Site Request Forgery (CSRF) vulnerability in wphocus My
auctions ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-68566 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-68565 (Missing Authorization vulnerability in JayBee Twitch Player
ttv-easy-e ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-68563 (Improper Control of Filename for Include/Require Statement in
PHP Prog ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-68540 (Improper Control of Filename for Include/Require Statement in
PHP Prog ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-68537 (Improper Control of Filename for Include/Require Statement in
PHP Prog ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-68535 (Missing Authorization vulnerability in sunshinephotocart
Sunshine Phot ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-68533 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-68532 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-68530 (Improper Control of Filename for Include/Require Statement in
PHP Prog ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-68529 (Cross-Site Request Forgery (CSRF) vulnerability in Rhys Wynne
WP Email ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-68528 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-68527 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-68525 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-68523 (Missing Authorization vulnerability in Spiffy Plugins Spiffy
Calendar ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-68522 (Missing Authorization vulnerability in wpstream WpStream
wpstream allo ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-68521 (Missing Authorization vulnerability in wpstream WpStream
wpstream allo ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-68519 (Improper Neutralization of Special Elements used in an SQL
Command ('S ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-68517 (Missing Authorization vulnerability in Essekia Tablesome
tablesome all ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-68516 (Insertion of Sensitive Information Into Sent Data
vulnerability in Ess ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-68513 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-68512 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-68511 (Missing Authorization vulnerability in Jegstudio Gutenverse
Form guten ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-68509 (URL Redirection to Untrusted Site ('Open Redirect')
vulnerability in J ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-68508 (Missing Authorization vulnerability in Brave Brave
brave-popup-builder ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-68506 (Improper Control of Filename for Include/Require Statement in
PHP Prog ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-68505 (Missing Authorization vulnerability in icc0rz H5P h5p allows
Exploitin ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-68500 (Server-Side Request Forgery (SSRF) vulnerability in bdthemes
Prime Sli ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-68497 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-68496 (Improper Neutralization of Special Elements used in an SQL
Command ('S ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-68494 (Exposure of Sensitive System Information to an Unauthorized
Control Sp ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-68038 (Deserialization of Untrusted Data vulnerability in Icegram
Icegram Exp ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-67909 (Authorization Bypass Through User-Controlled Key vulnerability
in WP S ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-67633 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-67632 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-67631 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-67630 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-67629 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-67628 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-67627 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-67625 (Cross-Site Request Forgery (CSRF) vulnerability in
tmtraderunner Trade ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-67623 (Server-Side Request Forgery (SSRF) vulnerability in 6Storage
6Storage ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-67622 (Cross-Site Request Forgery (CSRF) vulnerability in titopandub
Evergree ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-67621 (Exposure of Sensitive System Information to an Unauthorized
Control Sp ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-60935 (An open redirect vulnerability in the login endpoint of Blitz
Panel v1 ...)
TODO: check
CVE-2025-5448
REJECTED
CVE-2025-43876 (Under certain circumstances a successful exploitation could
result in ...)
- TODO: check
+ NOT-FOR-US: Johnson Controls
CVE-2025-43875 (Under certain circumstances a successful exploitation could
result in ...)
- TODO: check
+ NOT-FOR-US: Johnson Controls
CVE-2025-3232 (A remote unauthenticated attacker may be able to bypass
authentication ...)
TODO: check
CVE-2025-36154 (IBM Concert 1.0.0 through 2.1.0 stores sensitive information
in cleart ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2025-2515 (A vulnerability was found in BlueChi, a multi-node systemd
service con ...)
TODO: check
CVE-2025-2155 (Unrestricted Upload of File with Dangerous Type vulnerability
in Echo ...)
@@ -297,7 +297,7 @@ CVE-2023-54128 (In the Linux kernel, the following
vulnerability has been resolv
CVE-2023-54127 (In the Linux kernel, the following vulnerability has been
resolved: f ...)
TODO: check
CVE-2023-54126 (In the Linux kernel, the following vulnerability has been
resolved: c ...)
- TODO: check
+ NOT-FOR-US: MikroTik
CVE-2023-54125 (In the Linux kernel, the following vulnerability has been
resolved: f ...)
TODO: check
CVE-2023-54124 (In the Linux kernel, the following vulnerability has been
resolved: f ...)
@@ -465,11 +465,11 @@ CVE-2023-54044 (In the Linux kernel, the following
vulnerability has been resolv
CVE-2023-54043 (In the Linux kernel, the following vulnerability has been
resolved: i ...)
TODO: check
CVE-2023-40679 (Missing Authorization vulnerability in Jewel Theme Master
Addons for E ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2023-36525 (Improper Neutralization of Special Elements used in an SQL
Command ('S ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2023-32120 (Improper Neutralization of Input During Web Page Generation
(XSS or 'C ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2022-50783 (In the Linux kernel, the following vulnerability has been
resolved: m ...)
TODO: check
CVE-2022-50782 (In the Linux kernel, the following vulnerability has been
resolved: e ...)
@@ -265764,7 +265764,7 @@ CVE-2023-28621 (Improper Neutralization of Input
During Web Page Generation ('Cr
CVE-2023-28620 (Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability
in Cybe ...)
NOT-FOR-US: WordPress plugin
CVE-2023-28619 (Missing Authorization vulnerability in bnayawpguy Resoto
allows Exploi ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2023-28618 (Cross-Site Request Forgery (CSRF) vulnerability in Marios
Alexandrou E ...)
NOT-FOR-US: WordPress plugin
CVE-2023-28391 (A memory corruption vulnerability exists in the HTTP Server
header par ...)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/f49987a5d9a32b6068943612183dbedd9bf15cb4
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/f49987a5d9a32b6068943612183dbedd9bf15cb4
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
