Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
36f2ab21 by security tracker role at 2026-01-14T08:14:02+00:00
automatic NOT-FOR-US entries update
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -17,43 +17,43 @@ CVE-2026-22718 (The VSCode extension for Spring CLI are
vulnerable to command in
CVE-2026-22686 (Enclave is a secure JavaScript sandbox designed for safe AI
agent code ...)
TODO: check
CVE-2026-21308 (Substance3D - Designer versions 15.0.3 and earlier are
affected by an ...)
- TODO: check
+ NOT-FOR-US: Adobe
CVE-2026-21307 (Substance3D - Designer versions 15.0.3 and earlier are
affected by an ...)
- TODO: check
+ NOT-FOR-US: Adobe
CVE-2026-21303 (Substance3D - Modeler versions 1.22.4 and earlier are affected
by an O ...)
- TODO: check
+ NOT-FOR-US: Adobe
CVE-2026-21302 (Substance3D - Modeler versions 1.22.4 and earlier are affected
by an O ...)
- TODO: check
+ NOT-FOR-US: Adobe
CVE-2026-21301 (Substance3D - Modeler versions 1.22.4 and earlier are affected
by a NU ...)
- TODO: check
+ NOT-FOR-US: Adobe
CVE-2026-21300 (Substance3D - Modeler versions 1.22.4 and earlier are affected
by a NU ...)
- TODO: check
+ NOT-FOR-US: Adobe
CVE-2026-21299 (Substance3D - Modeler versions 1.22.4 and earlier are affected
by an o ...)
- TODO: check
+ NOT-FOR-US: Adobe
CVE-2026-21298 (Substance3D - Modeler versions 1.22.4 and earlier are affected
by an o ...)
- TODO: check
+ NOT-FOR-US: Adobe
CVE-2026-0813 (The Short Link plugin for WordPress is vulnerable to Stored
Cross-Site ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2026-0812 (The LinkedIn SC plugin for WordPress is vulnerable to Stored
Cross-Sit ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2026-0741 (The Electric Studio Download Counter plugin for WordPress is
vulnerabl ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2026-0739 (The WMF Mobile Redirector plugin for WordPress is vulnerable to
Stored ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2026-0734 (The WP Allowed Hosts plugin for WordPress is vulnerable to
Stored Cros ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2026-0717 (The LottieFiles \u2013 Lottie block for Gutenberg plugin for
WordPress ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2026-0694 (The SearchWiz plugin for WordPress is vulnerable to Stored
Cross-Site ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2026-0680 (The Real Post Slider Lite plugin for WordPress is vulnerable to
Stored ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2026-0678 (The Flat Shipping Rate by City for WooCommerce plugin for
WordPress is ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2026-0635 (The Responsive Accordion Slider plugin for WordPress is
vulnerable to ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2026-0594 (The List Site Contributors plugin for WordPress is vulnerable
to Refle ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2026-0543 (Improper Input Validation (CWE-20) in Kibana's Email Connector
can all ...)
TODO: check
CVE-2026-0531 (Allocation of Resources Without Limits or Throttling (CWE-770)
in Kiba ...)
@@ -63,37 +63,37 @@ CVE-2026-0530 (Allocation of Resources Without Limits or
Throttling (CWE-770) in
CVE-2026-0528 (Improper Validation of Array Index (CWE-129) exists in
Metricbeat can ...)
TODO: check
CVE-2025-68970 (Permission verification bypass vulnerability in the media
library modu ...)
- TODO: check
+ NOT-FOR-US: Huawei
CVE-2025-68969 (Multi-thread race condition vulnerability in the thermal
management mo ...)
- TODO: check
+ NOT-FOR-US: Huawei
CVE-2025-68968 (Double free vulnerability in the multi-mode input module.
Impact: Succ ...)
- TODO: check
+ NOT-FOR-US: Huawei
CVE-2025-68967 (Vulnerability of improper permission control in the print
module. Impa ...)
- TODO: check
+ NOT-FOR-US: Huawei
CVE-2025-68966 (Permission control vulnerability in the Notepad module.
Impact: Succes ...)
- TODO: check
+ NOT-FOR-US: Huawei
CVE-2025-68965 (Permission control vulnerability in the Notepad module.
Impact: Succes ...)
- TODO: check
+ NOT-FOR-US: Huawei
CVE-2025-68964 (Data verification vulnerability in the HiView module. Impact:
Successf ...)
- TODO: check
+ NOT-FOR-US: Huawei
CVE-2025-68963 (Man-in-the-middle attack vulnerability in the Clone module.
Impact: Su ...)
- TODO: check
+ NOT-FOR-US: Huawei
CVE-2025-68962 (Multi-thread race condition vulnerability in the camera
framework modu ...)
- TODO: check
+ NOT-FOR-US: Huawei
CVE-2025-68961 (Multi-thread race condition vulnerability in the camera
framework modu ...)
- TODO: check
+ NOT-FOR-US: Huawei
CVE-2025-68960 (Multi-thread race condition vulnerability in the video
framework modul ...)
- TODO: check
+ NOT-FOR-US: Huawei
CVE-2025-68959 (Permission verification bypass vulnerability in the media
library modu ...)
- TODO: check
+ NOT-FOR-US: Huawei
CVE-2025-68958 (Multi-thread race condition vulnerability in the card
framework module ...)
- TODO: check
+ NOT-FOR-US: Huawei
CVE-2025-68957 (Multi-thread race condition vulnerability in the card
framework module ...)
- TODO: check
+ NOT-FOR-US: Huawei
CVE-2025-68956 (Multi-thread race condition vulnerability in the card
framework module ...)
- TODO: check
+ NOT-FOR-US: Huawei
CVE-2025-68955 (Multi-thread race condition vulnerability in the card
framework module ...)
- TODO: check
+ NOT-FOR-US: Huawei
CVE-2025-68947 (NSecsoft 'NSecKrnl' is a Windows driver that allows a local,
authentic ...)
TODO: check
CVE-2025-68658 (Open Source Point of Sale (opensourcepos) is a web based point
of sale ...)
@@ -101,91 +101,91 @@ CVE-2025-68658 (Open Source Point of Sale (opensourcepos)
is a web based point o
CVE-2025-68492 (Chainlit versions prior to 2.8.5 contain an authorization
bypass throu ...)
TODO: check
CVE-2025-37186 (A local privilege-escalation vulnerability has been discovered
in the ...)
- TODO: check
+ NOT-FOR-US: HPE
CVE-2025-37179 (Multiple out-of-bounds read vulnerabilities were identified in
a syste ...)
- TODO: check
+ NOT-FOR-US: HPE
CVE-2025-37178 (Multiple out-of-bounds read vulnerabilities were identified in
a syste ...)
- TODO: check
+ NOT-FOR-US: HPE
CVE-2025-37177 (An arbitrary file deletion vulnerability has been identified
in the co ...)
- TODO: check
+ NOT-FOR-US: HPE
CVE-2025-37176 (A command injection vulnerability in AOS-8 allows an
authenticated pri ...)
- TODO: check
+ NOT-FOR-US: HPE
CVE-2025-37175 (Arbitrary file upload vulnerability exists in the web-based
management ...)
- TODO: check
+ NOT-FOR-US: HPE
CVE-2025-37174 (Authenticated arbitrary file write vulnerability exists in the
web-bas ...)
- TODO: check
+ NOT-FOR-US: HPE
CVE-2025-37173 (An improper input handling vulnerability exists in the
web-based manag ...)
- TODO: check
+ NOT-FOR-US: HPE
CVE-2025-37172 (Authenticated command injection vulnerabilities exist in the
web-based ...)
- TODO: check
+ NOT-FOR-US: HPE
CVE-2025-37171 (Authenticated command injection vulnerabilities exist in the
web-based ...)
- TODO: check
+ NOT-FOR-US: HPE
CVE-2025-37170 (Authenticated command injection vulnerabilities exist in the
web-based ...)
- TODO: check
+ NOT-FOR-US: HPE
CVE-2025-15513 (The Float Payment Gateway plugin for WordPress is vulnerable
to unauth ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-15512 (The Aplazo Payment Gateway plugin for WordPress is vulnerable
to unaut ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-15486 (The Kunze Law plugin for WordPress is vulnerable to Stored
Cross-Site ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-15475 (The PayHere Payment Gateway Plugin for WooCommerce plugin for
WordPres ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-15378 (The AJS Footnotes plugin for WordPress is vulnerable to Stored
Cross-S ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-15377 (The Sosh Share Buttons plugin for WordPress is vulnerable to
Cross-Sit ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-15376 (The Stopwords for comments plugin for WordPress is vulnerable
to Cross ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-15283 (The Name Directory plugin for WordPress is vulnerable to
Stored Cross- ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-15266 (The GeekyBot \u2014 Generate AI Content Without Prompt,
Chatbot and Le ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-15056 (A lack of data validation vulnerability in the HTML export
feature in ...)
TODO: check
CVE-2025-15021 (The Gotham Block Extra Light plugin for WordPress is
vulnerable to Sto ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-15020 (The Gotham Block Extra Light plugin for WordPress is
vulnerable to Arb ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-14880 (The Netcash WooCommerce Payment Gateway plugin for WordPress
is vulner ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-14854 (The WP-CRM System plugin for WordPress is vulnerable to
unauthorized a ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-14846 (The SocialChamp with WordPress plugin for WordPress is
vulnerable to C ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-14770 (The Shipping Rate By Cities plugin for WordPress is vulnerable
to SQL ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-14725 (The Internal Link Builder plugin for WordPress is vulnerable
to Stored ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-14615 (The DASHBOARD BUILDER \u2013 WordPress plugin for Charts and
Graphs pl ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-14613 (The GetContentFromURL plugin for WordPress is vulnerable to
Server-Sid ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-14502 (The News and Blog Designer Bundle plugin for WordPress is
vulnerable t ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-14482 (The Crush.pics Image Optimizer - Image Compression and
Optimization pl ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-14464 (The PDF Resume Parser plugin for WordPress is vulnerable to
Sensitive ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-14389 (The WPBlogSyn plugin for WordPress is vulnerable to Cross-Site
Request ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-14379 (The Testimonials Creator plugin for WordPress is vulnerable to
Stored ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-14301 (The Integration Opvius AI for WooCommerce plugin for WordPress
is vuln ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-14173 (The Perfit WooCommerce plugin for WordPress is vulnerable to
Missing A ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-13627 (The Makesweat plugin for WordPress is vulnerable to Stored
Cross-Site ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-12178 (The SpiceForms Form Builder plugin for WordPress is vulnerable
to Stor ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-12053 (The drivers in the tool packages use RTL_QUERY_REGISTRY_DIRECT
flag to ...)
- TODO: check
+ NOT-FOR-US: Insyde
CVE-2025-12052 (The drivers in the tool packages use RTL_QUERY_REGISTRY_DIRECT
flag to ...)
- TODO: check
+ NOT-FOR-US: Insyde
CVE-2025-12051 (The drivers in the tool packages use RTL_QUERY_REGISTRY_DIRECT
flag to ...)
- TODO: check
+ NOT-FOR-US: Insyde
CVE-2025-12050 (The drivers in the tool packages use RTL_QUERY_REGISTRY_DIRECT
flag to ...)
- TODO: check
+ NOT-FOR-US: Insyde
CVE-2023-54341 (Webgrind 1.1 and before contains a reflected cross-site
scripting vuln ...)
TODO: check
CVE-2023-54340 (WorkOrder CMS 0.1.0 contains a SQL injection vulnerability
that allows ...)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/36f2ab2180cb7aa1d5acd0667f15fc1c80d95a92
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/36f2ab2180cb7aa1d5acd0667f15fc1c80d95a92
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
