Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
65ae9af3 by Salvatore Bonaccorso at 2025-03-27T21:16:11+01:00
Process some NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -9,201 +9,201 @@ CVE-2025-31178 (A flaw was found in gnuplot. The
GetAnnotateString() function ma
CVE-2025-31176 (A flaw was found in gnuplot. The plot3d_points() function may
lead to ...)
TODO: check
CVE-2025-31141 (In JetBrains TeamCity before 2025.03 exception could lead to
credentia ...)
- TODO: check
+ NOT-FOR-US: JetBrains
CVE-2025-31140 (In JetBrains TeamCity before 2025.03 stored XSS was possible
on Cloud ...)
- TODO: check
+ NOT-FOR-US: JetBrains
CVE-2025-31139 (In JetBrains TeamCity before 2025.03 base64 encoded password
could be ...)
- TODO: check
+ NOT-FOR-US: JetBrains
CVE-2025-30925 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-30923 (Cross-Site Request Forgery (CSRF) vulnerability in powerfulwp
Gift Mes ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-30922 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-30921 (Improper Neutralization of Special Elements used in an SQL
Command ('S ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-30920 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-30919 (Cross-Site Request Forgery (CSRF) vulnerability in Store
Locator Widge ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-30918 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-30914 (Server-Side Request Forgery (SSRF) vulnerability in
XpeedStudio Metfor ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-30912 (Cross-Site Request Forgery (CSRF) vulnerability in Wow-Company
Float m ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-30909 (Missing Authorization vulnerability in Conversios
Conversios.io allows ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-30907 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-30904 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-30903 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-30900 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-30899 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-30898 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-30897 (Missing Authorization vulnerability in Adnan Analytify allows
Exploiti ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-30896 (Missing Authorization vulnerability in weDevs WP ERP allows
Exploiting ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-30895 (Improper Limitation of a Pathname to a Restricted Directory
('Path Tra ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-30894 (Missing Authorization vulnerability in Epsiloncool WP Fast
Total Searc ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-30893 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-30891 (Improper Control of Filename for Include/Require Statement in
PHP Prog ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-30890 (Improper Control of Filename for Include/Require Statement in
PHP Prog ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-30888 (Cross-Site Request Forgery (CSRF) vulnerability in
silverplugins217 Cu ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-30887 (Missing Authorization vulnerability in magepeopleteam
WpEvently allows ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-30885 (URL Redirection to Untrusted Site ('Open Redirect')
vulnerability in B ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-30884 (URL Redirection to Untrusted Site ('Open Redirect')
vulnerability in B ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-30883 (Missing Authorization vulnerability in richplugins
Trust.Reviews allow ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-30881 (Missing Authorization vulnerability in ThemeHunk Big Store
allows Expl ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-30879 (Improper Neutralization of Special Elements used in an SQL
Command ('S ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-30877 (Missing Authorization vulnerability in fatcatapps Quiz Cat
allows Expl ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-30874 (Missing Authorization vulnerability in Jose Specific Content
For Mobil ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-30873 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-30872 (Cross-Site Request Forgery (CSRF) vulnerability in Nitin
Prakash Produ ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-30871 (Improper Control of Filename for Include/Require Statement in
PHP Prog ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-30868 (Improper Control of Filename for Include/Require Statement in
PHP Prog ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-30867 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-30866 (Missing Authorization vulnerability in Giannis Kipouros Terms
& Condit ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-30865 (Cross-Site Request Forgery (CSRF) vulnerability in fuzzoid
3DPrint Lit ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-30864 (Missing Authorization vulnerability in falselight Exchange
Rates allow ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-30863 (Cross-Site Request Forgery (CSRF) vulnerability in CRM Perks
Integrati ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-30862 (Cross-Site Request Forgery (CSRF) vulnerability in Bill
Minozzi reCAPT ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-30861 (Missing Authorization vulnerability in Rustaurius Five Star
Restaurant ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-30860 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-30859 (URL Redirection to Untrusted Site ('Open Redirect')
vulnerability in a ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-30857 (Cross-Site Request Forgery (CSRF) vulnerability in
PressMaximum Curren ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-30856 (Cross-Site Request Forgery (CSRF) vulnerability in theme funda
Custom ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-30854 (Cross-Site Request Forgery (CSRF) vulnerability in Saso Serial
Codes G ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-30851 (Missing Authorization vulnerability in Tickera Tickera allows
Exploiti ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-30850 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-30847 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-30846 (Improper Control of Filename for Include/Require Statement in
PHP Prog ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-30845 (Improper Control of Filename for Include/Require Statement in
PHP Prog ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-30843 (Improper Neutralization of Special Elements used in an SQL
Command ('S ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-30842 (Cross-Site Request Forgery (CSRF) vulnerability in pixolette
Christmas ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-30839 (Missing Authorization vulnerability in magepeopleteam Taxi
Booking Man ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-30838 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-30836 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-30833 (Cross-Site Request Forgery (CSRF) vulnerability in Soft8Soft
LLC Verge ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-30832 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-30831 (Improper Control of Filename for Include/Require Statement in
PHP Prog ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-30830 (Missing Authorization vulnerability in Hossni Mubarak Cool
Author Box ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-30829 (Improper Control of Filename for Include/Require Statement in
PHP Prog ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-30828 (Missing Authorization vulnerability in Arraytics Timetics
allows Explo ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-30826 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-30824 (Missing Authorization vulnerability in Israpil Textmetrics
allows Expl ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-30823 (Cross-Site Request Forgery (CSRF) vulnerability in Boone
Gorges Anthol ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-30822 (Cross-Site Request Forgery (CSRF) vulnerability in Hakik Zaman
Custom ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-30821 (Missing Authorization vulnerability in otacke SNORDIAN's
H5PxAPIkatchu ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-30820 (Improper Control of Filename for Include/Require Statement in
PHP Prog ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-30819 (Improper Neutralization of Special Elements used in an SQL
Command ('S ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-30818 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-30817 (Missing Authorization vulnerability in wpzita Z Companion
allows Explo ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-30816 (Cross-Site Request Forgery (CSRF) vulnerability in Nks publish
post em ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-30815 (Cross-Site Request Forgery (CSRF) vulnerability in Saeed
Sattar Beglou ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-30814 (Improper Control of Filename for Include/Require Statement in
PHP Prog ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-30813 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-30812 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-30811 (Cross-Site Request Forgery (CSRF) vulnerability in Javier
Revilla Vali ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-30810 (Improper Neutralization of Special Elements used in an SQL
Command ('S ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-30809 (Missing Authorization vulnerability in Shahjada Live Forms
allows Expl ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-30806 (Improper Neutralization of Special Elements used in an SQL
Command ('S ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-30805 (Cross-Site Request Forgery (CSRF) vulnerability in wpdesk
Flexible Coo ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-30804 (Cross-Site Request Forgery (CSRF) vulnerability in
maennchen1.de wpSho ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-30803 (Missing Authorization vulnerability in Greg Ross Just Writing
Statisti ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-30801 (Cross-Site Request Forgery (CSRF) vulnerability in Abu Bakar
TWB Wooco ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-30800 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-30799 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-30795 (URL Redirection to Untrusted Site ('Open Redirect')
vulnerability in F ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-30792 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-30791 (Improper Neutralization of Special Elements used in an SQL
Command ('S ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-30790 (Missing Authorization vulnerability in alexvtn Chatbox Manager
allows ...)
TODO: check
CVE-2025-30789 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
TODO: check
CVE-2025-30788 (Cross-Site Request Forgery (CSRF) vulnerability in Eli EZ SQL
Reports ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-30787 (Cross-Site Request Forgery (CSRF) vulnerability in Eli EZ SQL
Reports ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-30786 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
TODO: check
CVE-2025-30785 (Improper Control of Filename for Include/Require Statement in
PHP Prog ...)
@@ -211,7 +211,7 @@ CVE-2025-30785 (Improper Control of Filename for
Include/Require Statement in PH
CVE-2025-30784 (Improper Neutralization of Special Elements used in an SQL
Command ('S ...)
TODO: check
CVE-2025-30783 (Cross-Site Request Forgery (CSRF) vulnerability in jgwhite33
WP Google ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-30781 (URL Redirection to Untrusted Site ('Open Redirect')
vulnerability in W ...)
TODO: check
CVE-2025-30780 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
@@ -223,43 +223,43 @@ CVE-2025-30777 (Authorization Bypass Through
User-Controlled Key vulnerability i
CVE-2025-30776 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
TODO: check
CVE-2025-30775 (Improper Neutralization of Special Elements used in an SQL
Command ('S ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-30773 (Deserialization of Untrusted Data vulnerability in Cozmoslabs
Translat ...)
TODO: check
CVE-2025-30772 (Missing Authorization vulnerability in WPClever WPC Smart
Upsell Funne ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-30771 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
TODO: check
CVE-2025-30770 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
TODO: check
CVE-2025-30769 (Cross-Site Request Forgery (CSRF) vulnerability in alexvtn WIP
WooCaro ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-30768 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
TODO: check
CVE-2025-30767 (Missing Authorization vulnerability in add-ons.org PDF for
WPForms all ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-30766 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
TODO: check
CVE-2025-30765 (Improper Neutralization of Special Elements used in an SQL
Command ('S ...)
TODO: check
CVE-2025-30764 (Cross-Site Request Forgery (CSRF) vulnerability in AntoineH
Football P ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-30763 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
TODO: check
CVE-2025-30367 (WeGIA is a Web manager for charitable institutions. A SQL
Injection vu ...)
- TODO: check
+ NOT-FOR-US: WeGIA
CVE-2025-30366 (WeGIA is a Web manager for charitable institutions. Versions
prior to ...)
- TODO: check
+ NOT-FOR-US: WeGIA
CVE-2025-30365 (WeGIA is a Web manager for charitable institutions. A SQL
Injection vu ...)
- TODO: check
+ NOT-FOR-US: WeGIA
CVE-2025-30364 (WeGIA is a Web manager for charitable institutions. A SQL
Injection vu ...)
- TODO: check
+ NOT-FOR-US: WeGIA
CVE-2025-30363 (WeGIA is a Web manager for charitable institutions. A stored
Cross-Sit ...)
- TODO: check
+ NOT-FOR-US: WeGIA
CVE-2025-30362 (WeGIA is a Web manager for charitable institutions. A stored
Cross-Sit ...)
- TODO: check
+ NOT-FOR-US: WeGIA
CVE-2025-30361 (WeGIA is a Web manager for charitable institutions. A security
vulnera ...)
- TODO: check
+ NOT-FOR-US: WeGIA
CVE-2025-30358 (Mesop is a Python-based UI framework that allows users to
build web ap ...)
TODO: check
CVE-2025-30221 (Pitchfork is a preforking HTTP server for Rack applications.
Versions ...)
@@ -273,15 +273,15 @@ CVE-2025-2857 (Following the recent Chrome sandbox escape
(CVE-2025-2783), vario
CVE-2025-2855 (A vulnerability, which was classified as problematic, has been
found i ...)
TODO: check
CVE-2025-2854 (A vulnerability classified as critical was found in
code-projects Payr ...)
- TODO: check
+ NOT-FOR-US: code-projects
CVE-2025-2852 (A vulnerability has been found in SourceCodester Food Ordering
Managem ...)
- TODO: check
+ NOT-FOR-US: SourceCodester
CVE-2025-2849 (A vulnerability, which was classified as problematic, was found
in UPX ...)
TODO: check
CVE-2025-2847 (A vulnerability, which was classified as critical, has been
found in C ...)
- TODO: check
+ NOT-FOR-US: Codezips
CVE-2025-2846 (A vulnerability classified as critical was found in
SourceCodester Onl ...)
- TODO: check
+ NOT-FOR-US: SourceCodester
CVE-2025-2516 (The use of a weak cryptographic key pair in the signature
verification ...)
TODO: check
CVE-2025-29993 (The affected versions of PowerCMS allow HTTP header injection.
This vu ...)
@@ -319,27 +319,27 @@ CVE-2025-29306 (An issue in FoxCMS v.1.2.5 allows a
remote attacker to execute a
CVE-2025-29072 (An integer overflow in Nethermind Juno before v.12.05 within
the Sierr ...)
TODO: check
CVE-2025-28138 (TOTOLINK A800R V4.1.2cu.5137_B20200730 contains a remote
command execu ...)
- TODO: check
+ NOT-FOR-US: TOTOLINK
CVE-2025-28135 (TOTOLINK A810R V4.1.2cu.5182_B20201026 was found to contain a
buffer o ...)
- TODO: check
+ NOT-FOR-US: TOTOLINK
CVE-2025-27793 (Vega is a visualization grammar, a declarative format for
creating, sa ...)
TODO: check
CVE-2025-26909 (Improper Control of Filename for Include/Require Statement in
PHP Prog ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-26762 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-26738 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-26737 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-26736 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-26734 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-26732 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-26731 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-26619 (Vega is a visualization grammar, a declarative format for
creating, sa ...)
TODO: check
CVE-2025-26265 (A segmentation fault in openairinterface5g v2.1.0 allows
attackers to ...)
@@ -347,73 +347,73 @@ CVE-2025-26265 (A segmentation fault in
openairinterface5g v2.1.0 allows attacke
CVE-2025-25686 (semcms <=5.0 is vulnerable to SQL Injection in
SEMCMS_Fuction.php.)
TODO: check
CVE-2025-25100 (Cross-Site Request Forgery (CSRF) vulnerability in victoracano
Cazamba ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-25086 (Cross-Site Request Forgery (CSRF) vulnerability in WPDeveloper
Secret ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-22816 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-22783 (Improper Neutralization of Special Elements used in an SQL
Command ('S ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-22770 (Missing Authorization vulnerability in EnvoThemes Envo
Multipurpose al ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-22673 (Missing Authorization vulnerability in WPFactory EAN for
WooCommerce a ...)
TODO: check
CVE-2025-22672 (Server-Side Request Forgery (SSRF) vulnerability in
SuitePlugins Video ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-22671 (Missing Authorization vulnerability in Leap13 Disable
Elementor Editor ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-22670 (Missing Authorization vulnerability in e4jvikwp VikBooking
Hotel Booki ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-22669 (Cross-Site Request Forgery (CSRF) vulnerability in AwesomeTOGI
Awesome ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-22668 (Missing Authorization vulnerability in AwesomeTOGI Awesome
Event Booki ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-22667 (Missing Authorization vulnerability in Creative Werk Designs
Export Or ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-22665 (Missing Authorization vulnerability in Shakeeb Sadikeen
RapidLoad allo ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-22660 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-22659 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-22658 (Cross-Site Request Forgery (CSRF) vulnerability in Deepak
Khokhar List ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-22652 (Improper Neutralization of Special Elements used in an SQL
Command ('S ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-22649 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-22648 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-22647 (Missing Authorization vulnerability in smackcoders AIO
Performance Pro ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-22646 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-22644 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-22640 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-22638 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-22637 (Cross-Site Request Forgery (CSRF) vulnerability in
verkkovaraani Print ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-22634 (Cross-Site Request Forgery (CSRF) vulnerability in MD Abu
Jubayer Hoss ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-22629 (Missing Authorization vulnerability in iNET iNET Webkit allows
Accessi ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-22628 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-22497 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-22496 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-22278 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2025-1998 (IBM UrbanCode Deploy (UCD) through 7.1.2.21, 7.2 through
7.2.3.14, and ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2025-1997 (IBM UrbanCode Deploy (UCD) 7.0 through 7.0.5.25, 7.1 through
7.1.2.21, ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2024-56469 (IBM UrbanCode Deploy (UCD) 7.1 through 7.1.2.22, 7.2 through
7.2.3.15, ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2024-55073 (A Broken Object Level Authorization vulnerability in the
component /ap ...)
TODO: check
CVE-2024-55072 (A Broken Object Level Authorization vulnerability in the
component /ap ...)
@@ -423,9 +423,9 @@ CVE-2024-55070 (A Broken Object Level Authorization
vulnerability in the compone
CVE-2024-12905 (An Improper Link Resolution Before File Access ("Link
Following") and ...)
TODO: check
CVE-2023-38272 (IBM Cloud Pak System 2.3.3.0, 2.3.3.3, 2.3.3.3 iFix1, 2.3.3.4,
2.3.3.5 ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2023-37405 (IBM Cloud Pak System 2.3.3.0, 2.3.3.3, 2.3.3.3 iFix1, 2.3.3.4,
2.3.3.5 ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2023-53033 (In the Linux kernel, the following vulnerability has been
resolved: n ...)
- linux 6.1.7-1
[bullseye] - linux 5.10.178-1
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/65ae9af3c7fe309f7e1ab5b5a02ea7a92c138bef
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/65ae9af3c7fe309f7e1ab5b5a02ea7a92c138bef
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
