Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
728ba6e6 by Salvatore Bonaccorso at 2025-08-20T10:59:41+02:00
Process some NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -32,13 +32,13 @@ CVE-2025-8145 (The Redirection for Contact Form 7 plugin
for WordPress is vulner
CVE-2025-8141 (The Redirection for Contact Form 7 plugin for WordPress is
vulnerable ...)
NOT-FOR-US: WordPress plugin
CVE-2025-57791 (An issue was discovered in Commvault before 11.36.60. A
security vulne ...)
- TODO: check
+ NOT-FOR-US: Commvault
CVE-2025-57790 (An issue was discovered in Commvault before 11.36.60. A
security vulne ...)
- TODO: check
+ NOT-FOR-US: Commvault
CVE-2025-57789 (An issue was discovered in Commvault before 11.36.60. During
the brief ...)
- TODO: check
+ NOT-FOR-US: Commvault
CVE-2025-57788 (An issue was discovered in Commvault before 11.36.60. A
vulnerability ...)
- TODO: check
+ NOT-FOR-US: Commvault
CVE-2025-57748
REJECTED
CVE-2025-57747
@@ -70,7 +70,7 @@ CVE-2025-54677 (Unrestricted Upload of File with Dangerous
Type vulnerability in
CVE-2025-54670 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
NOT-FOR-US: WordPress plugin or theme
CVE-2025-54551 (Synapse Mobility 8.0, 8.0.1, 8.0.2, 8.1, and 8.1.1 contain a
privilege ...)
- TODO: check
+ NOT-FOR-US: Synapse Mobility
CVE-2025-54364 (Microsoft Knack 0.12.0 allows Regular expression Denial of
Service (Re ...)
TODO: check
CVE-2025-54363 (Microsoft Knack 0.12.0 allows Regular expression Denial of
Service (Re ...)
@@ -82,83 +82,83 @@ CVE-2025-54144 (The URL scheme used by Firefox to
facilitate searching of text q
CVE-2025-54143 (Sandboxed iframes on webpages could potentially allow
downloads to the ...)
TODO: check
CVE-2025-54056 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-54055 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-54053 (Deserialization of Untrusted Data vulnerability in Adrian
Tobey Ground ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-54052 (Cross-Site Request Forgery (CSRF) vulnerability in Realtyna
Realtyna O ...)
NOT-FOR-US: WordPress plugin or theme
CVE-2025-54049 (Incorrect Privilege Assignment vulnerability in miniOrange
Custom API ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-54048 (Improper Neutralization of Special Elements used in an SQL
Command ('S ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-54046 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
NOT-FOR-US: WordPress plugin or theme
CVE-2025-54044 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-54040 (Missing Authorization vulnerability in Webba Appointment
Booking Webba ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-54034 (Improper Control of Filename for Include/Require Statement in
PHP Prog ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-54032 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
NOT-FOR-US: WordPress plugin or theme
CVE-2025-54031 (Improper Control of Filename for Include/Require Statement in
PHP Prog ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-54028 (Improper Control of Filename for Include/Require Statement in
PHP Prog ...)
NOT-FOR-US: WordPress plugin or theme
CVE-2025-54027 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-54025 (Missing Authorization vulnerability in Elliot Sowersby /
RelyWP Coupon ...)
NOT-FOR-US: WordPress plugin or theme
CVE-2025-54021 (Improper Limitation of a Pathname to a Restricted Directory
('Path Tra ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-54019 (Improper Control of Generation of Code ('Code Injection')
vulnerabilit ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-54017 (Improper Control of Filename for Include/Require Statement in
PHP Prog ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-54014 (Deserialization of Untrusted Data vulnerability in
QuanticaLabs MediCe ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-54012 (Deserialization of Untrusted Data vulnerability in nanbu
Welcart e-Com ...)
NOT-FOR-US: WordPress plugin or theme
CVE-2025-54008 (Insertion of Sensitive Information Into Sent Data
vulnerability in Cro ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-54007 (Deserialization of Untrusted Data vulnerability in PickPlugins
Post Gr ...)
NOT-FOR-US: WordPress plugin or theme
CVE-2025-53998 (Insertion of Sensitive Information Into Sent Data
vulnerability in Cro ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-53993 (Insertion of Sensitive Information Into Sent Data
vulnerability in Cro ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-53992 (Insertion of Sensitive Information Into Sent Data
vulnerability in Cro ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-53988 (Insertion of Sensitive Information Into Sent Data
vulnerability in Cro ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-53987 (Insertion of Sensitive Information Into Sent Data
vulnerability in Cro ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-53985 (Insertion of Sensitive Information Into Sent Data
vulnerability in Cro ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-53983 (Insertion of Sensitive Information Into Sent Data
vulnerability in Cro ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-53580 (Incorrect Privilege Assignment vulnerability in quantumcloud
Simple Bu ...)
NOT-FOR-US: WordPress plugin or theme
CVE-2025-53577 (Improper Control of Generation of Code ('Code Injection')
vulnerabilit ...)
NOT-FOR-US: WordPress plugin or theme
CVE-2025-53567 (Improper Control of Filename for Include/Require Statement in
PHP Prog ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-53565 (Improper Control of Filename for Include/Require Statement in
PHP Prog ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-53564 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-53563 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-53562 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-53561 (Path Traversal vulnerability in miniOrange Prevent files /
folders acc ...)
NOT-FOR-US: WordPress plugin or theme
CVE-2025-53560 (Deserialization of Untrusted Data vulnerability in rascals
Noisa allow ...)
NOT-FOR-US: WordPress plugin or theme
CVE-2025-53559 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-53522 (Movable Type contains an issue with use of less trusted
source. If exp ...)
TODO: check
CVE-2025-53319 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/728ba6e60d4d76d55a4b35babfc5ce14f0988cb2
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/728ba6e60d4d76d55a4b35babfc5ce14f0988cb2
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
