[Git][security-tracker-team/security-tracker][master] Process some NFUs
Salvatore Bonaccorso (@carnil)
carnil at debian.org
Tue Apr 8 21:20:11 BST 2025
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
087716cd by Salvatore Bonaccorso at 2025-04-08T22:19:48+02:00
Process some NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -21,7 +21,7 @@ CVE-2025-3285 (A local code execution vulnerability exists in the Rockwell Autom
CVE-2025-3064 (The WPFront User Role Editor plugin for WordPress is vulnerable to Cro ...)
NOT-FOR-US: WordPress plugin
CVE-2025-32406 (An XXE issue in the Director NBR component in NAKIVO Backup & Replicat ...)
- TODO: check
+ NOT-FOR-US: NAKIVO
CVE-2025-32279 (Missing Authorization vulnerability in Shahjada Live Forms. This issue ...)
NOT-FOR-US: WordPress plugin or theme
CVE-2025-32211 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
@@ -35,7 +35,7 @@ CVE-2025-32036 (DNN (formerly DotNetNuke) is an open-source web content manageme
CVE-2025-32035 (DNN (formerly DotNetNuke) is an open-source web content management pla ...)
TODO: check
CVE-2025-32028 (HAX CMS PHP allows you to manage your microsite universe with PHP back ...)
- TODO: check
+ NOT-FOR-US: HAX CMS PHP
CVE-2025-32026 (Element Web is a Matrix web client built using the Matrix React SDK. E ...)
TODO: check
CVE-2025-32025 (bep/imagemeta is a Go library for reading EXIF, IPTC and XMP image met ...)
@@ -47,7 +47,7 @@ CVE-2025-32020 (The crud-query-parser library parses query parameters from HTTP
CVE-2025-32018 (Cursor is a code editor built for programming with AI. In versions 0.4 ...)
TODO: check
CVE-2025-32017 (Umbraco is a free and open source .NET content management system. Auth ...)
- TODO: check
+ NOT-FOR-US: Umbraco CMS
CVE-2025-30671 (Null pointer dereference in some Zoom Workplace Apps for Windows may a ...)
NOT-FOR-US: Zoom
CVE-2025-30670 (Null pointer dereference in some Zoom Workplace Apps for Windows may a ...)
@@ -91,11 +91,11 @@ CVE-2025-30285 (ColdFusion versions 2023.12, 2021.18, 2025.0 and earlier are aff
CVE-2025-30280 (A vulnerability has been identified in Mendix Runtime V10 (All version ...)
NOT-FOR-US: Siemens
CVE-2025-30166 (Pimcore's Admin Classic Bundle provides a Backend UI for Pimcore. An H ...)
- TODO: check
+ NOT-FOR-US: Pimcore
CVE-2025-30151 (Shopware is an open commerce platform. It's possible to pass long pass ...)
- TODO: check
+ NOT-FOR-US: Shopware
CVE-2025-30150 (Shopware 6 is an open commerce platform based on Symfony Framework and ...)
- TODO: check
+ NOT-FOR-US: Shopware
CVE-2025-30000 (A vulnerability has been identified in Siemens License Server (SLS) (A ...)
NOT-FOR-US: Siemens
CVE-2025-2883 (The Accept SagePay Payments Using Contact Form 7 plugin for WordPress ...)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/087716cd6298b9d0cff74b6665f9541b97344107
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/087716cd6298b9d0cff74b6665f9541b97344107
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20250408/0bb05c96/attachment.htm>
More information about the debian-security-tracker-commits
mailing list