Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
61f1f7a4 by security tracker role at 2025-12-30T20:14:18+00:00
automatic NOT-FOR-US entries update
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -9,119 +9,119 @@ CVE-2025-69210 (FacturaScripts is open-source enterprise
resource planning and a
CVE-2025-69204 (ImageMagick is free and open-source software used for editing
and mani ...)
TODO: check
CVE-2025-69093 (Missing Authorization vulnerability in wpdesk ShopMagic
shopmagic-for- ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-69092 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-69091 (Missing Authorization vulnerability in Kraft Plugins Demo
Importer Plu ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-69089 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-69088 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-69034 (Improper Control of Filename for Include/Require Statement in
PHP Prog ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-69033 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-69032 (Authorization Bypass Through User-Controlled Key vulnerability
in Mika ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-69031 (Missing Authorization vulnerability in Skywarrior Arcane
arcane allows ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-69030 (Authorization Bypass Through User-Controlled Key vulnerability
in Mika ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-69029 (Authorization Bypass Through User-Controlled Key vulnerability
in Sele ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-69028 (Missing Authorization vulnerability in BoldGrid weForms
weforms allows ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-69027 (Missing Authorization vulnerability in tychesoftwares Product
Delivery ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-69026 (Exposure of Sensitive System Information to an Unauthorized
Control Sp ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-69025 (Exposure of Sensitive System Information to an Unauthorized
Control Sp ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-69024 (Missing Authorization vulnerability in bizswoop BizPrint
print-google- ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-69023 (Missing Authorization vulnerability in Marketing Fire
Discussion Board ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-69022 (Missing Authorization vulnerability in Weblizar - WordPress
Themes &am ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-69021 (Cross-Site Request Forgery (CSRF) vulnerability in Ays Pro
Popup box a ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-69020 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-69019 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-69018 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-69017 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-69016 (Missing Authorization vulnerability in averta Shortcodes and
extra fea ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-69015 (Missing Authorization vulnerability in Automattic Crowdsignal
Forms cr ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-69014 (Server-Side Request Forgery (SSRF) vulnerability in Youzify
Youzify yo ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-69013 (Missing Authorization vulnerability in jetmonsters Stratum
stratum all ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-69012 (Missing Authorization vulnerability in Stephen Harris Event
Organiser ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-69010 (Missing Authorization vulnerability in themebeez Themebeez
Toolkit the ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-69009 (Missing Authorization vulnerability in kamleshyadav
Medicalequipment m ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-69008 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-69007 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-69006 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-68998 (Cross-Site Request Forgery (CSRF) vulnerability in Heateor
Support Hea ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-68997 (Authorization Bypass Through User-Controlled Key vulnerability
in Adva ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-68996 (Improper Control of Filename for Include/Require Statement in
PHP Prog ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-68995 (Missing Authorization vulnerability in Gal Dubinski My Sticky
Elements ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-68994 (Missing Authorization vulnerability in XforWooCommerce Product
Loops f ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-68993 (Missing Authorization vulnerability in XforWooCommerce Share,
Print an ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-68992 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-68991 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-68990 (Improper Neutralization of Special Elements used in an SQL
Command ('S ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-68989 (Insertion of Sensitive Information Into Sent Data
vulnerability in Ren ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-68988 (Exposure of Sensitive System Information to an Unauthorized
Control Sp ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-68987 (Improper Control of Filename for Include/Require Statement in
PHP Prog ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-68985 (Improper Control of Filename for Include/Require Statement in
PHP Prog ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-68984 (Improper Control of Filename for Include/Require Statement in
PHP Prog ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-68983 (Improper Control of Filename for Include/Require Statement in
PHP Prog ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-68982 (Missing Authorization vulnerability in designthemes
DesignThemes LMS A ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-68981 (Missing Authorization vulnerability in designthemes HomeFix
Elementor ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-68980 (Missing Authorization vulnerability in designthemes
WeDesignTech Portf ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-68979 (Authorization Bypass Through User-Controlled Key vulnerability
in Simp ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-68978 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-68977 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-68976 (Missing Authorization vulnerability in Eagle-Themes Eagle
Booking eagl ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-68975 (Authorization Bypass Through User-Controlled Key vulnerability
in Eagl ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-68974 (Improper Control of Filename for Include/Require Statement in
PHP Prog ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-68950 (ImageMagick is free and open-source software used for editing
and mani ...)
TODO: check
CVE-2025-68926 (RustFS is a distributed object storage system built in Rust.
In versio ...)
@@ -139,11 +139,11 @@ CVE-2025-66824 (A Stored Cross-Site Scripting (XSS)
vulnerability exists in the
CVE-2025-66823 (An HTML Injection vulnerability in TrueConf server 5.5.2.10813
in the ...)
TODO: check
CVE-2025-66103 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-66094 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-66080 (Missing Authorization vulnerability in WP Legal Pages WP
Cookie Notice ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-65925 (An issue was discovered in Zeroheight (SaaS) prior to
2025-06-13. A le ...)
TODO: check
CVE-2025-65411 (A NULL pointer dereference in the src/path.c component of GNU
Unrtf v0 ...)
@@ -151,33 +151,33 @@ CVE-2025-65411 (A NULL pointer dereference in the
src/path.c component of GNU Un
CVE-2025-65409 (A divide-by-zero in the encryption/decryption routines of GNU
Recutils ...)
TODO: check
CVE-2025-64528 (Discourse is an open source discussion platform. Prior to
versions 3.5 ...)
- TODO: check
+ NOT-FOR-US: Discourse
CVE-2025-64190 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-63027 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-62746 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-62128 (Missing Authorization vulnerability in SiteLock SiteLock
Security allo ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-62112 (Cross-Site Request Forgery (CSRF) vulnerability in Merv
Barrett Import ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-61557 (nixseparatedebuginfod before v0.4.1 is vulnerable to Directory
Travers ...)
TODO: check
CVE-2025-59129 (Improper Neutralization of Special Elements used in an SQL
Command ('S ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-56332 (Authentication Bypass in fosrl/pangolin v1.6.2 and before
allows attac ...)
TODO: check
CVE-2025-52835 (Cross-Site Request Forgery (CSRF) vulnerability in ConoHa by
GMO WING ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-50343 (An issue was discovered in matio 1.5.28. A heap-based memory
corruptio ...)
TODO: check
CVE-2025-15359 (DVP-12SE11T - Out-of-bound memory write Vulnerability)
- TODO: check
+ NOT-FOR-US: Delta Electronics
CVE-2025-15358 (DVP-12SE11T - Denial of Service Vulnerability)
- TODO: check
+ NOT-FOR-US: Delta Electronics
CVE-2025-15353 (A vulnerability was detected in itsourcecode Society
Management System ...)
- TODO: check
+ NOT-FOR-US: itsourcecode System
CVE-2025-15264 (A vulnerability was determined in FeehiCMS up to 2.1.1.
Impacted is an ...)
TODO: check
CVE-2025-15263 (A weakness has been identified in BiggiDroid Simple PHP CMS
1.0. Affec ...)
@@ -191,13 +191,13 @@ CVE-2025-15257 (A security flaw has been discovered in
Edimax BR-6208AC 1.02/1.0
CVE-2025-15256 (A vulnerability was identified in Edimax BR-6208AC 1.02/1.03.
Affected ...)
TODO: check
CVE-2025-15255 (A vulnerability was determined in Tenda W6-S 1.0.0.4(510).
This impact ...)
- TODO: check
+ NOT-FOR-US: Tenda
CVE-2025-15254 (A vulnerability was found in Tenda W6-S 1.0.0.4(510). This
affects the ...)
- TODO: check
+ NOT-FOR-US: Tenda
CVE-2025-15253 (A vulnerability has been found in Tenda M3 1.0.0.13(4903). The
impacte ...)
- TODO: check
+ NOT-FOR-US: Tenda
CVE-2025-15252 (A flaw has been found in Tenda M3 1.0.0.13(4903). The affected
element ...)
- TODO: check
+ NOT-FOR-US: Tenda
CVE-2025-15251 (A vulnerability was detected in beecue FastBee up to 2.1.
Impacted is ...)
TODO: check
CVE-2025-15250 (A security vulnerability has been detected in 08CMS Novel
System up to ...)
@@ -211,25 +211,25 @@ CVE-2025-15247 (A vulnerability was identified in gmg137
snap7-rs up to 153d3e8c
CVE-2025-15246 (A vulnerability was determined in aizuda snail-job up to 1.7.0
on macO ...)
TODO: check
CVE-2025-15245 (A vulnerability was found in D-Link DCS-850L 1.02.09. Affected
is the ...)
- TODO: check
+ NOT-FOR-US: D-Link
CVE-2025-15244 (A vulnerability has been found in PHPEMS up to 11.0. This
impacts an u ...)
TODO: check
CVE-2025-15243 (A flaw has been found in code-projects Simple Stock System
1.0. This a ...)
- TODO: check
+ NOT-FOR-US: code-projects
CVE-2025-15242 (A vulnerability was detected in PHPEMS up to 11.0. The
impacted elemen ...)
TODO: check
CVE-2025-15241 (A security vulnerability has been detected in CloudPanel
Community Edi ...)
TODO: check
CVE-2025-15234 (A weakness has been identified in Tenda M3 1.0.0.13(4903).
Impacted is ...)
- TODO: check
+ NOT-FOR-US: Tenda
CVE-2025-15103 (DVP-12SE11T - Authentication Bypass via Partial Password
Disclosure)
- TODO: check
+ NOT-FOR-US: Delta Electronics
CVE-2025-15102 (DVP-12SE11T - Password Protection Bypass)
- TODO: check
+ NOT-FOR-US: Delta Electronics
CVE-2025-14509 (The Lucky Wheel for WooCommerce \u2013 Spin a Sale plugin for
WordPres ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-14426 (The Strong Testimonials plugin for WordPress is vulnerable to
unauthor ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-58247
REJECTED
CVE-2024-58246
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/61f1f7a4456101a708b15b56a71d8c6753109740
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/61f1f7a4456101a708b15b56a71d8c6753109740
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
