Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
773575dc by security tracker role at 2026-01-05T20:14:02+00:00
automatic NOT-FOR-US entries update
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -5,53 +5,53 @@ CVE-2026-21634 (A malicious actor with access to the adjacent
network could over
CVE-2026-21633 (A malicious actor with access to the adjacent network could
obtain una ...)
TODO: check
CVE-2026-0597 (A flaw has been found in Campcodes Supplier Management System
1.0. Aff ...)
- TODO: check
+ NOT-FOR-US: Campcodes
CVE-2026-0592 (A security flaw has been discovered in code-projects Online
Product Re ...)
- TODO: check
+ NOT-FOR-US: code-projects
CVE-2026-0591 (A vulnerability was identified in code-projects Online Product
Reserva ...)
- TODO: check
+ NOT-FOR-US: code-projects
CVE-2026-0590 (A vulnerability was determined in code-projects Online Product
Reserva ...)
- TODO: check
+ NOT-FOR-US: code-projects
CVE-2026-0589 (A vulnerability was found in code-projects Online Product
Reservation ...)
- TODO: check
+ NOT-FOR-US: code-projects
CVE-2026-0588 (A weakness has been identified in Xinhu Rainrock RockOA up to
2.7.1. A ...)
TODO: check
CVE-2026-0587 (A security flaw has been discovered in Xinhu Rainrock RockOA up
to 2.7 ...)
TODO: check
CVE-2026-0586 (A vulnerability was detected in code-projects Online Product
Reservati ...)
- TODO: check
+ NOT-FOR-US: code-projects
CVE-2026-0585 (A security vulnerability has been detected in code-projects
Online Pro ...)
- TODO: check
+ NOT-FOR-US: code-projects
CVE-2026-0584 (A weakness has been identified in code-projects Online Product
Reserva ...)
- TODO: check
+ NOT-FOR-US: code-projects
CVE-2026-0583 (A security flaw has been discovered in code-projects Online
Product Re ...)
- TODO: check
+ NOT-FOR-US: code-projects
CVE-2026-0582 (A vulnerability was identified in itsourcecode Society
Management Syst ...)
- TODO: check
+ NOT-FOR-US: itsourcecode System
CVE-2026-0581 (A vulnerability was determined in Tenda AC1206 15.03.06.23.
Affected b ...)
- TODO: check
+ NOT-FOR-US: Tenda
CVE-2025-69291
REJECTED
CVE-2025-69290
REJECTED
CVE-2025-69087 (Improper Control of Filename for Include/Require Statement in
PHP Prog ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-68865 (Improper Neutralization of Special Elements used in an SQL
Command ('S ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-68850 (Missing Authorization vulnerability in Codepeople Sell
Downloads allow ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-68547 (Missing Authorization vulnerability in WPweb Follow My Blog
Post allow ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-68280 (Improper Restriction of XML External Entity Reference
vulnerability in ...)
TODO: check
CVE-2025-68044 (Authorization Bypass Through User-Controlled Key vulnerability
in Rust ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-68033 (Insertion of Sensitive Information Into Sent Data
vulnerability in Bre ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-68029 (Insertion of Sensitive Information Into Sent Data
vulnerability in WP ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-68014 (Insertion of Sensitive Information Into Sent Data
vulnerability in Awe ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-67427 (A Blind Server-Side Request Forgery (SSRF) vulnerability in
evershop 2 ...)
TODO: check
CVE-2025-67419 (A Denial of Service (DoS) vulnerability in evershop 2.1.0 and
prior al ...)
@@ -67,7 +67,7 @@ CVE-2025-67303 (An issue in ComfyUI-Manager prior to version
3.38 allowed remote
CVE-2025-66518 (Any client who can access to Apache Kyuubi Server via Kyuubi
frontend ...)
TODO: check
CVE-2025-66376 (Zimbra Collaboration (ZCS) 10 before 10.0.18 and 10.1 before
10.1.13 a ...)
- TODO: check
+ NOT-FOR-US: Zimbra
CVE-2025-65922 (PLANKA 2.0.0 lacks X-Frame-Options and CSP frame-ancestors
headers, al ...)
TODO: check
CVE-2025-65328 (Mega-Fence (webgate-lib.*) 25.1.914 and prior trusts the first
value o ...)
@@ -81,7 +81,7 @@ CVE-2025-64419 (Coolify is an open-source and self-hostable
tool for managing se
CVE-2025-61781 (OpenCTI is an open source platform for managing cyber threat
intellige ...)
TODO: check
CVE-2025-5965 (In the backup parameters, a user with high privilege is able to
concat ...)
- TODO: check
+ NOT-FOR-US: Centreon
CVE-2025-59955 (Coolify is an open-source and self-hostable tool for managing
servers, ...)
TODO: check
CVE-2025-59467 (A Cross-Site Scripting (XSS) vulnerability in the UCRM
Argentina AFIP ...)
@@ -99,7 +99,7 @@ CVE-2025-55204 (muffon is a cross-platform music streaming
client for desktop. V
CVE-2025-53966 (An issue was discovered in Samsung Mobile Processor Exynos
1380, 1480, ...)
TODO: check
CVE-2025-53344 (Cross-Site Request Forgery (CSRF) vulnerability in ThimPress
Thim Core ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-52519 (An issue was discovered in the Camera in Samsung Mobile
Processor and ...)
TODO: check
CVE-2025-52517 (An issue was discovered in the Camera in Samsung Mobile
Processor and ...)
@@ -111,25 +111,25 @@ CVE-2025-52515 (An issue was discovered in the Camera in
Samsung Mobile Processo
CVE-2025-49495 (An issue was discovered in the WiFi driver in Samsung Mobile
Processor ...)
TODO: check
CVE-2025-46255 (Missing Authorization vulnerability in Marketing Fire LLC
LoginWP - Pr ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-43706 (An issue was discovered in L2 in Samsung Mobile Processor,
Wearable Pr ...)
TODO: check
CVE-2025-39561 (Missing Authorization vulnerability in Marketing Fire, LLC
LoginWP - P ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-39497 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-39484 (Improper Neutralization of Special Elements used in an SQL
Command ('S ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-31048 (Unrestricted Upload of File with Dangerous Type vulnerability
in Themi ...)
TODO: check
CVE-2025-31047 (Deserialization of Untrusted Data vulnerability in Themify
Themify Edm ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-31046 (Missing Authorization vulnerability in WPvibes AnyWhere
Elementor Pro ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-31044 (Improper Neutralization of Special Elements used in an SQL
Command ('S ...)
TODO: check
CVE-2025-30633 (Improper Neutralization of Special Elements used in an SQL
Command ('S ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-27807 (An issue was discovered in Samsung Mobile Processor, Wearable
Processo ...)
TODO: check
CVE-2025-15240 (QOCA aim AI Medical Cloud Platform developed by Quanta
Computer has an ...)
@@ -137,41 +137,41 @@ CVE-2025-15240 (QOCA aim AI Medical Cloud Platform
developed by Quanta Computer
CVE-2025-15239 (QOCA aim AI Medical Cloud Platform developed by Quanta
Computer has a ...)
TODO: check
CVE-2025-15029 (Improper Neutralization of Special Elements used in an SQL
Command ('S ...)
- TODO: check
+ NOT-FOR-US: Centreon
CVE-2025-15026 (Missing Authentication for Critical Function vulnerability in
Centreon ...)
- TODO: check
+ NOT-FOR-US: Centreon
CVE-2025-14346 (WHILL Model C2 Electric Wheelchairs and Model F Power Chairs
do not en ...)
TODO: check
CVE-2025-13056 (Improper Neutralization of Input During Web Page Generation
(XSS or 'C ...)
- TODO: check
+ NOT-FOR-US: Centreon
CVE-2025-12519 (Missing Authorization vulnerability in Centreon Infra
Monitoring (Admi ...)
- TODO: check
+ NOT-FOR-US: Centreon
CVE-2025-12513 (Improper Neutralization of Input During Web Page Generation
(XSS or 'C ...)
- TODO: check
+ NOT-FOR-US: Centreon
CVE-2025-12511 (Improper Neutralization of Input During Web Page Generation
(XSS or 'C ...)
- TODO: check
+ NOT-FOR-US: Centreon
CVE-2025-10933 (An integer underflow vulnerability in the Silicon Labs Z-Wave
Protocol ...)
- TODO: check
+ NOT-FOR-US: Silicon Labs
CVE-2024-56825
REJECTED
CVE-2024-56809
REJECTED
CVE-2024-53735 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2024-30516 (Improper Validation of Specified Quantity in Input
vulnerability in Sa ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2024-30461 (Improper Neutralization of Input During Web Page Generation
(XSS or 'C ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2024-23511 (Improper Neutralization of Input During Web Page Generation
(XSS or 'C ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2023-52212 (Cross-Site Request Forgery (CSRF) vulnerability in Automattic
WP Job M ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2023-51513 (Improper Neutralization of Input During Web Page Generation
(XSS or 'C ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2023-50897 (Unrestricted Upload of File with Dangerous Type vulnerability
in Meow ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2023-49186 (Improper Neutralization of Input During Web Page Generation
(XSS or 'C ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-68762 (In the Linux kernel, the following vulnerability has been
resolved: n ...)
- linux 6.17.13-1
[trixie] - linux <not-affected> (Vulnerable code not present)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/773575dcc098f487089c4fc5886e434103c5642e
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/773575dcc098f487089c4fc5886e434103c5642e
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
