Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
a1978f98 by security tracker role at 2026-01-01T08:13:46+00:00
automatic NOT-FOR-US entries update
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -9,39 +9,39 @@ CVE-2025-69286 (RAGFlow is an open-source RAG
(Retrieval-Augmented Generation) e
CVE-2025-68700 (RAGFlow is an open-source RAG (Retrieval-Augmented Generation)
engine. ...)
TODO: check
CVE-2025-67711 (There is a stored cross site scripting issue in Esri ArcGIS
Server 11. ...)
- TODO: check
+ NOT-FOR-US: Esri
CVE-2025-67710 (There is a stored cross site scripting issue in Esri ArcGIS
Server 11. ...)
- TODO: check
+ NOT-FOR-US: Esri
CVE-2025-67709 (There is a stored cross site scripting issue in Esri ArcGIS
Server 11. ...)
- TODO: check
+ NOT-FOR-US: Esri
CVE-2025-67708 (There is a stored cross site scripting issue in Esri ArcGIS
Server 11. ...)
- TODO: check
+ NOT-FOR-US: Esri
CVE-2025-67707 (ArcGIS Server version 11.5 and earlier on Windows and Linux
does not p ...)
- TODO: check
+ NOT-FOR-US: Esri
CVE-2025-67706 (ArcGIS Server version 11.5 and earlier on Windows and Linux
does not p ...)
- TODO: check
+ NOT-FOR-US: Esri
CVE-2025-67705 (There is a stored cross site scripting issue in Esri ArcGIS
Server 11. ...)
- TODO: check
+ NOT-FOR-US: Esri
CVE-2025-67704 (There is a stored cross site scripting issue in Esri ArcGIS
Server 11. ...)
- TODO: check
+ NOT-FOR-US: Esri
CVE-2025-67703 (There is a stored cross site scripting issue in Esri ArcGIS
Server 11. ...)
- TODO: check
+ NOT-FOR-US: Esri
CVE-2025-53235 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-52739 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-50053 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-47566 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-34469 (Cowrie versions prior to 2.9.0 contain a server-side request
forgery ( ...)
TODO: check
CVE-2025-31054 (Cross-Site Request Forgery (CSRF) vulnerability in Themefy
Bloggie all ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-30628 (Improper Neutralization of Special Elements used in an SQL
Command ('S ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-28973 (Path Traversal: '.../...//' vulnerability in AA-Team Pro Bulk
Watermar ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-28949 (Improper Neutralization of Special Elements used in an SQL
Command ('S ...)
TODO: check
CVE-2025-22203
@@ -99,7 +99,7 @@ CVE-2025-22154
CVE-2025-15398 (A security vulnerability has been detected in Uasoft badaso up
to 2.9. ...)
TODO: check
CVE-2025-13820 (The Comments WordPress plugin before 7.6.40 does not properly
validat ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-11157 (A high-severity remote code execution vulnerability exists in
feast-de ...)
TODO: check
CVE-2023-7332 (PocketMine-MP versions prior to 4.18.1 contain an improper
input valid ...)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/a1978f989b36e1442d02ee8ce76e52f08dca4894
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/a1978f989b36e1442d02ee8ce76e52f08dca4894
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
