Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
e2bd862a by security tracker role at 2026-01-06T08:14:00+00:00
automatic NOT-FOR-US entries update
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -35,17 +35,17 @@ CVE-2026-21439 (badkeys is a tool and library for checking
cryptographic public
CVE-2026-21411 (Authentication bypass issue exists in OpenBlocks series
versions prior ...)
TODO: check
CVE-2026-0625 (Multiple D-Link DSL gateway devices contain a command injection
vulner ...)
- TODO: check
+ NOT-FOR-US: D-Link
CVE-2026-0621 (Anthropic's MCP TypeScript SDK versions up to and including
1.25.1 con ...)
TODO: check
CVE-2026-0607 (A flaw has been found in code-projects Online Music Site 1.0.
This aff ...)
- TODO: check
+ NOT-FOR-US: code-projects
CVE-2026-0606 (A vulnerability was detected in code-projects Online Music Site
1.0. A ...)
- TODO: check
+ NOT-FOR-US: code-projects
CVE-2026-0605 (A security vulnerability has been detected in code-projects
Online Mus ...)
- TODO: check
+ NOT-FOR-US: code-projects
CVE-2026-0604 (The FastDup \u2013 Fastest WordPress Migration & Duplicator
plugin for ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-69197 (Pterodactyl is a free, open-source game server management
panel. Versi ...)
TODO: check
CVE-2025-68954 (Pterodactyl is a free, open-source game server management
panel. Versi ...)
@@ -81,103 +81,103 @@ CVE-2025-64422 (Coolify is an open-source and
self-hostable tool for managing se
CVE-2025-61916 (Spinnaker is an open source, multi-cloud continuous delivery
platform. ...)
TODO: check
CVE-2025-4776 (The Phlox theme for WordPress is vulnerable to Stored
Cross-Site Scrip ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-20807 (In dpe, there is a possible out of bounds write due to an
integer over ...)
- TODO: check
+ NOT-FOR-US: MediaTek
CVE-2025-20806 (In dpe, there is a possible memory corruption due to use after
free. T ...)
- TODO: check
+ NOT-FOR-US: MediaTek
CVE-2025-20805 (In dpe, there is a possible memory corruption due to use after
free. T ...)
- TODO: check
+ NOT-FOR-US: MediaTek
CVE-2025-20804 (In dpe, there is a possible memory corruption due to use after
free. T ...)
- TODO: check
+ NOT-FOR-US: MediaTek
CVE-2025-20803 (In dpe, there is a possible memory corruption due to an
integer overfl ...)
- TODO: check
+ NOT-FOR-US: MediaTek
CVE-2025-20802 (In geniezone, there is a possible memory corruption due to use
after f ...)
- TODO: check
+ NOT-FOR-US: MediaTek
CVE-2025-20801 (In seninf, there is a possible memory corruption due to a race
conditi ...)
- TODO: check
+ NOT-FOR-US: MediaTek
CVE-2025-20800 (In mminfra, there is a possible out of bounds write due to a
missing b ...)
- TODO: check
+ NOT-FOR-US: MediaTek
CVE-2025-20799 (In c2ps, there is a possible memory corruption due to use
after free. ...)
- TODO: check
+ NOT-FOR-US: MediaTek
CVE-2025-20798 (In battery, there is a possible out of bounds write due to a
missing b ...)
- TODO: check
+ NOT-FOR-US: MediaTek
CVE-2025-20797 (In battery, there is a possible out of bounds write due to a
missing b ...)
- TODO: check
+ NOT-FOR-US: MediaTek
CVE-2025-20796 (In imgsys, there is a possible out of bounds write due to
improper inp ...)
- TODO: check
+ NOT-FOR-US: MediaTek
CVE-2025-20795 (In KeyInstall, there is a possible out of bounds write due to
a missin ...)
- TODO: check
+ NOT-FOR-US: MediaTek
CVE-2025-20794 (In Modem, there is a possible system crash due to improper
input valid ...)
- TODO: check
+ NOT-FOR-US: MediaTek
CVE-2025-20793 (In Modem, there is a possible system crash due to incorrect
error hand ...)
- TODO: check
+ NOT-FOR-US: MediaTek
CVE-2025-20787 (In display, there is a possible memory corruption due to use
after fre ...)
- TODO: check
+ NOT-FOR-US: MediaTek
CVE-2025-20786 (In display, there is a possible memory corruption due to use
after fre ...)
- TODO: check
+ NOT-FOR-US: MediaTek
CVE-2025-20785 (In display, there is a possible memory corruption due to use
after fre ...)
- TODO: check
+ NOT-FOR-US: MediaTek
CVE-2025-20784 (In display, there is a possible memory corruption due to
uninitialized ...)
- TODO: check
+ NOT-FOR-US: MediaTek
CVE-2025-20783 (In display, there is a possible out of bounds write due to a
missing b ...)
- TODO: check
+ NOT-FOR-US: MediaTek
CVE-2025-20782 (In display, there is a possible out of bounds write due to a
missing b ...)
- TODO: check
+ NOT-FOR-US: MediaTek
CVE-2025-20781 (In display, there is a possible memory corruption due to use
after fre ...)
- TODO: check
+ NOT-FOR-US: MediaTek
CVE-2025-20780 (In display, there is a possible memory corruption due to use
after fre ...)
- TODO: check
+ NOT-FOR-US: MediaTek
CVE-2025-20779 (In display, there is a possible use after free due to a race
condition ...)
- TODO: check
+ NOT-FOR-US: MediaTek
CVE-2025-20778 (In display, there is a possible out of bounds write due to a
missing b ...)
- TODO: check
+ NOT-FOR-US: MediaTek
CVE-2025-20762 (In Modem, there is a possible system crash due to incorrect
error hand ...)
- TODO: check
+ NOT-FOR-US: MediaTek
CVE-2025-20761 (In Modem, there is a possible system crash due to incorrect
error hand ...)
- TODO: check
+ NOT-FOR-US: MediaTek
CVE-2025-20760 (In Modem, there is a possible read of uninitialized heap data
due to a ...)
- TODO: check
+ NOT-FOR-US: MediaTek
CVE-2025-15385 (Insufficient Verification of Data Authenticity vulnerability
in TECNO ...)
- TODO: check
+ NOT-FOR-US: TECNO Mobile
CVE-2025-15364 (The Download Manager plugin for WordPress is vulnerable to
privilege e ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-15001 (The FS Registration Password plugin for WordPress is
vulnerable to pri ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-14997 (The BuddyPress Xprofile Custom Field Types plugin for
WordPress is vul ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-14996 (The AS Password Field In Default Registration Form plugin for
WordPres ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-14441 (The Popupkit plugin for WordPress is vulnerable to arbitrary
subscribe ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-14438 (The Xagio SEO \u2013 AI Powered SEO plugin for WordPress is
vulnerable ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-14371 (The Tag, Category, and Taxonomy Manager \u2013 AI Autotagger
with Open ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-14153 (The Page Expire Popup/Redirection for WordPress plugin for
WordPress i ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-14120 (The URL Image Importer plugin for WordPress is vulnerable to
Stored Cr ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-14034 (The ilGhera Support System for WooCommerce plugin for
WordPress is vul ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-13812 (The GamiPress \u2013 Gamification plugin to reward points,
achievement ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-13746 (The ForumWP \u2013 Forum & Discussion Board plugin for
WordPress is vu ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-13652 (The CBX Bookmark & Favorite plugin for WordPress is vulnerable
to gene ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-13409 (The Form Vibes \u2013 Database Manager for Forms plugin for
WordPress ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-13215 (The Shortcodes and extra features for Phlox theme plugin for
WordPress ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-12793 (An uncontrolled DLL loading path vulnerability exists in
AsusSoftwareM ...)
- TODO: check
+ NOT-FOR-US: ASUS
CVE-2025-12067 (The Table Field Add-on for ACF and SCF plugin for WordPress is
vulnera ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-11723 (The Appointment Booking Calendar \u2014 Simply Schedule
Appointments B ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-11370 (The Popup and Slider Builder by Depicter \u2013 Add Email
collecting P ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-69225 (AIOHTTP is an asynchronous HTTP client/server framework for
asyncio an ...)
- python-aiohttp <unfixed>
NOTE:
https://github.com/aio-libs/aiohttp/security/advisories/GHSA-mqqc-3gqh-h2x8
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/e2bd862a8c6ea6b399ae49692abc0b17b495d21c
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/e2bd862a8c6ea6b399ae49692abc0b17b495d21c
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
