Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
55388ab4 by security tracker role at 2026-01-07T08:14:04+00:00
automatic NOT-FOR-US entries update
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -17,7 +17,7 @@ CVE-2026-21492 (iccDEV provides a set of libraries and tools
that allow for the
CVE-2026-20893 (Origin validation error issue exists in Fujitsu Security
Solution Auth ...)
TODO: check
CVE-2026-0656 (The iPaymu Payment Gateway for WooCommerce plugin for WordPress
is vul ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2026-0650 (OpenFlagr versions prior to and including 1.1.18 contain an
authentica ...)
TODO: check
CVE-2026-0649 (A security vulnerability has been detected in invoiceninja up
to 5.12. ...)
@@ -29,59 +29,59 @@ CVE-2026-0642 (A vulnerability was detected in
projectworlds House Rental and Pr
CVE-2025-9611 (Microsoft Playwright MCP Server versions prior to 0.0.40 fails
to vali ...)
TODO: check
CVE-2025-47396 (Memory corruption occurs when a secure application is launched
on a de ...)
- TODO: check
+ NOT-FOR-US: Qualcomm
CVE-2025-47395 (Transient DOS while parsing a WLAN management frame with a
Vendor Spec ...)
- TODO: check
+ NOT-FOR-US: Qualcomm
CVE-2025-47394 (Memory corruption when copying overlapping buffers during
memory opera ...)
- TODO: check
+ NOT-FOR-US: Qualcomm
CVE-2025-47393 (Memory corruption when accessing resources in kernel driver.)
- TODO: check
+ NOT-FOR-US: Qualcomm
CVE-2025-47388 (Memory corruption while passing pages to DSP with an unaligned
startin ...)
- TODO: check
+ NOT-FOR-US: Qualcomm
CVE-2025-47380 (Memory corruption while preprocessing IOCTLs in sensors.)
- TODO: check
+ NOT-FOR-US: Qualcomm
CVE-2025-47369 (Information disclosure when a weak hashed value is returned to
userlan ...)
- TODO: check
+ NOT-FOR-US: Qualcomm
CVE-2025-47356 (Memory Corruption when multiple threads concurrently access
and modify ...)
- TODO: check
+ NOT-FOR-US: Qualcomm
CVE-2025-47348 (Memory corruption while processing identity credential
operations in t ...)
- TODO: check
+ NOT-FOR-US: Qualcomm
CVE-2025-47346 (Memory corruption while processing a secure logging command in
the tru ...)
- TODO: check
+ NOT-FOR-US: Qualcomm
CVE-2025-47345 (Cryptographic issue may occur while encrypting license data.)
- TODO: check
+ NOT-FOR-US: Qualcomm
CVE-2025-47344 (Memory corruption while handling sensor utility operations.)
- TODO: check
+ NOT-FOR-US: Qualcomm
CVE-2025-47343 (Memory corruption while processing a video session to set
video parame ...)
- TODO: check
+ NOT-FOR-US: Qualcomm
CVE-2025-47339 (Memory corruption while deinitializing a HDCP session.)
- TODO: check
+ NOT-FOR-US: Qualcomm
CVE-2025-47337 (Memory corruption while accessing a synchronization object
during conc ...)
- TODO: check
+ NOT-FOR-US: Qualcomm
CVE-2025-47336 (Memory corruption while performing sensor register read
operations.)
- TODO: check
+ NOT-FOR-US: Qualcomm
CVE-2025-47335 (Memory corruption while parsing clock configuration data for a
specifi ...)
- TODO: check
+ NOT-FOR-US: Qualcomm
CVE-2025-47334 (Memory corruption while processing shared command buffer
packet betwee ...)
- TODO: check
+ NOT-FOR-US: Qualcomm
CVE-2025-47333 (Memory corruption while handling buffer mapping operations in
the cryp ...)
- TODO: check
+ NOT-FOR-US: Qualcomm
CVE-2025-47332 (Memory corruption while processing a config call from
userspace.)
- TODO: check
+ NOT-FOR-US: Qualcomm
CVE-2025-47331 (Information disclosure while processing a firmware event.)
- TODO: check
+ NOT-FOR-US: Qualcomm
CVE-2025-47330 (Transient DOS while parsing video packets received from the
video firm ...)
- TODO: check
+ NOT-FOR-US: Qualcomm
CVE-2025-31964 (Improper service binding configuration in internal service
components ...)
- TODO: check
+ NOT-FOR-US: HCL
CVE-2025-31963 (Improper authentication and missing CSRF protection in the
local setup ...)
- TODO: check
+ NOT-FOR-US: HCL
CVE-2025-31962 (Insufficient session expiration in the Web UI authentication
component ...)
- TODO: check
+ NOT-FOR-US: HCL
CVE-2025-31642 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-31051 (Exposure of Sensitive System Information to an Unauthorized
Control Sp ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-30996 (Unrestricted Upload of File with Dangerous Type vulnerability
in Themi ...)
TODO: check
CVE-2025-30631 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
@@ -91,73 +91,73 @@ CVE-2025-29004 (Incorrect Privilege Assignment
vulnerability in AA-Team Premium
CVE-2025-15474 (AuntyFey Smart Combination Lock firmware versions as of
2025-12-24 con ...)
TODO: check
CVE-2025-15472 (A flaw has been found in TRENDnet TEW-811DRU 1.0.2.0. This
affects the ...)
- TODO: check
+ NOT-FOR-US: TRENDnet
CVE-2025-15471 (A vulnerability was detected in TRENDnet TEW-713RE 1.02. The
impacted ...)
- TODO: check
+ NOT-FOR-US: TRENDnet
CVE-2025-14904 (The Newsletter Email Subscribe plugin for WordPress is
vulnerable to C ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-14901 (The Bit Form \u2013 Contact Form Plugin plugin for WordPress
is vulner ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-14891 (The Customer Reviews for WooCommerce plugin for WordPress is
vulnerabl ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-14888 (The Simple User Meta Editor plugin for WordPress is vulnerable
to Stor ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-14887 (The twinklesmtp \u2013 Email Service Provider For WordPress
plugin for ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-14875 (The HBLPAY Payment Gateway for WooCommerce plugin for
WordPress is vul ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-14867 (The Flashcard plugin for WordPress is vulnerable to Path
Traversal in ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-14845 (The NS IE Compatibility Fixer plugin for WordPress is
vulnerable to Cr ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-14842 (The Drag and Drop Multiple File Upload \u2013 Contact Form 7
plugin fo ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-14835 (The WP Photo Album Plus plugin for WordPress is vulnerable to
Reflecte ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-14804 (The Frontend File Manager Plugin WordPress plugin before 23.5
did not ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-14802 (The LearnPress \u2013 WordPress LMS Plugin for WordPress is
vulnerable ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-14792 (The Key Figures plugin for WordPress is vulnerable to Stored
Cross-Sit ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-14719 (The Relevanssi WordPress plugin before 4.26.0, Relevanssi
Premium Wor ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-14631 (A NULL Pointer Dereference vulnerability in TP-Link Archer
BE400 V1(80 ...)
- TODO: check
+ NOT-FOR-US: TP-Link
CVE-2025-14625 (Uncontrolled Search Path Element vulnerability in Altera
Quartus Prime ...)
- TODO: check
+ NOT-FOR-US: Altera
CVE-2025-14614 (Insecure Temporary File vulnerability in Altera Quartus Prime
Standard ...)
- TODO: check
+ NOT-FOR-US: Altera
CVE-2025-14612 (Insecure Temporary File vulnerability in Altera Quartus Prime
Pro Ins ...)
- TODO: check
+ NOT-FOR-US: Altera
CVE-2025-14605 (Uncontrolled Search Path Element vulnerability in Altera
Quartus Prime ...)
- TODO: check
+ NOT-FOR-US: Altera
CVE-2025-14599 (Uncontrolled Search Path Element vulnerability in Altera
Quartus Prime ...)
- TODO: check
+ NOT-FOR-US: Altera
CVE-2025-14596 (Uncontrolled Search Path Element vulnerability in Altera
Quartus Prime ...)
- TODO: check
+ NOT-FOR-US: Altera
CVE-2025-14468 (The AMP for WP \u2013 Accelerated Mobile Pages plugin for
WordPress is ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-14370 (The Quote Comments plugin for WordPress is vulnerable to
Missing Autho ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-14059 (The EmailKit plugin for WordPress is vulnerable to Arbitrary
File Read ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-13744 (An Improper Neutralization of Input During Web Page Generation
vulnera ...)
- TODO: check
+ NOT-FOR-US: Github Enterprise Server
CVE-2025-13657 (The HelpDesk contact form plugin for WordPress is vulnerable
to Cross- ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-13371 (The MoneySpace plugin for WordPress is vulnerable to Sensitive
Informa ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-13369 (The Premmerce WooCommerce Customers Manager plugin for
WordPress is vu ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-12648 (The WP-Members Membership Plugin for WordPress is vulnerable
to unauth ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-12449 (The aBlocks \u2013 WordPress Gutenberg Blocks plugin for
WordPress is ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-11235 (Unverified Password Change vulnerability in Progress MOVEit
Transfer o ...)
- TODO: check
+ NOT-FOR-US: Progress Software
CVE-2025-0980 (Nokia SR Linux is vulnerable to an authentication vulnerability
allowi ...)
- TODO: check
+ NOT-FOR-US: Nokia
CVE-2024-14020 (A weakness has been identified in carboneio carbone up to
fbcd349077ad ...)
TODO: check
CVE-2025-15224 [libssh key passphrase bypass without agent set]
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/55388ab4bf5d237e49ff9c48ac970815448dc832
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/55388ab4bf5d237e49ff9c48ac970815448dc832
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
