Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
e81a6531 by Salvatore Bonaccorso at 2025-03-27T21:48:56+01:00
Process some NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -209,55 +209,55 @@ CVE-2025-30792 (Improper Neutralization of Input During
Web Page Generation ('Cr
CVE-2025-30791 (Improper Neutralization of Special Elements used in an SQL
Command ('S ...)
NOT-FOR-US: WordPress plugin or theme
CVE-2025-30790 (Missing Authorization vulnerability in alexvtn Chatbox Manager
allows ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-30789 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-30788 (Cross-Site Request Forgery (CSRF) vulnerability in Eli EZ SQL
Reports ...)
NOT-FOR-US: WordPress plugin or theme
CVE-2025-30787 (Cross-Site Request Forgery (CSRF) vulnerability in Eli EZ SQL
Reports ...)
NOT-FOR-US: WordPress plugin or theme
CVE-2025-30786 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-30785 (Improper Control of Filename for Include/Require Statement in
PHP Prog ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-30784 (Improper Neutralization of Special Elements used in an SQL
Command ('S ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-30783 (Cross-Site Request Forgery (CSRF) vulnerability in jgwhite33
WP Google ...)
NOT-FOR-US: WordPress plugin or theme
CVE-2025-30781 (URL Redirection to Untrusted Site ('Open Redirect')
vulnerability in W ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-30780 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-30779 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-30777 (Authorization Bypass Through User-Controlled Key vulnerability
in Pals ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-30776 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-30775 (Improper Neutralization of Special Elements used in an SQL
Command ('S ...)
NOT-FOR-US: WordPress plugin or theme
CVE-2025-30773 (Deserialization of Untrusted Data vulnerability in Cozmoslabs
Translat ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-30772 (Missing Authorization vulnerability in WPClever WPC Smart
Upsell Funne ...)
NOT-FOR-US: WordPress plugin or theme
CVE-2025-30771 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-30770 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-30769 (Cross-Site Request Forgery (CSRF) vulnerability in alexvtn WIP
WooCaro ...)
NOT-FOR-US: WordPress plugin or theme
CVE-2025-30768 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-30767 (Missing Authorization vulnerability in add-ons.org PDF for
WPForms all ...)
NOT-FOR-US: WordPress plugin or theme
CVE-2025-30766 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-30765 (Improper Neutralization of Special Elements used in an SQL
Command ('S ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-30764 (Cross-Site Request Forgery (CSRF) vulnerability in AntoineH
Football P ...)
NOT-FOR-US: WordPress plugin or theme
CVE-2025-30763 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-30367 (WeGIA is a Web manager for charitable institutions. A SQL
Injection vu ...)
NOT-FOR-US: WeGIA
CVE-2025-30366 (WeGIA is a Web manager for charitable institutions. Versions
prior to ...)
@@ -297,7 +297,7 @@ CVE-2025-2846 (A vulnerability classified as critical was
found in SourceCodeste
CVE-2025-2516 (The use of a weak cryptographic key pair in the signature
verification ...)
TODO: check
CVE-2025-29993 (The affected versions of PowerCMS allow HTTP header injection.
This vu ...)
- TODO: check
+ NOT-FOR-US: PowerCMS
CVE-2025-29497 (libming v0.4.8 was discovered to contain a memory leak via the
parseSW ...)
TODO: check
CVE-2025-29496 (libming v0.4.8 was discovered to contain a segmentation fault
via the ...)
@@ -327,7 +327,7 @@ CVE-2025-29484 (An out-of-memory error in the
parseABC_NS_SET_INFO function of l
CVE-2025-29483 (libming v0.4.8 was discovered to contain a memory leak via the
parseSW ...)
TODO: check
CVE-2025-29306 (An issue in FoxCMS v.1.2.5 allows a remote attacker to execute
arbitra ...)
- TODO: check
+ NOT-FOR-US: FoxCMS
CVE-2025-29072 (An integer overflow in Nethermind Juno before v.12.05 within
the Sierr ...)
TODO: check
CVE-2025-28138 (TOTOLINK A800R V4.1.2cu.5137_B20200730 contains a remote
command execu ...)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/e81a65310373c4d66bf1aeffa6c7fbdb908c3cc5
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/e81a65310373c4d66bf1aeffa6c7fbdb908c3cc5
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
