[Git][security-tracker-team/security-tracker][master] Process some NFUs

Salvatore Bonaccorso (@carnil) carnil at debian.org
Sat Feb 1 20:26:24 GMT 2025 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
06b84242 by Salvatore Bonaccorso at 2025-02-01T21:25:59+01:00
Process some NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,99 +1,99 @@
 CVE-2025-24891 (Dumb Drop is a file upload application. Users with permission to uploa ...)
 	TODO: check
 CVE-2025-23091 (An Improper Certificate Validation on UniFi OS devices, with Identity  ...)
-	TODO: check
+	NOT-FOR-US: UniFi
 CVE-2025-0950 (A vulnerability was found in itsourcecode Tailoring Management System  ...)
-	TODO: check
+	NOT-FOR-US: itsourcecode Tailoring Management System
 CVE-2025-0949 (A vulnerability has been found in itsourcecode Tailoring Management Sy ...)
-	TODO: check
+	NOT-FOR-US: itsourcecode Tailoring Management System
 CVE-2025-0948 (A vulnerability, which was classified as critical, was found in itsour ...)
-	TODO: check
+	NOT-FOR-US: itsourcecode Tailoring Management System
 CVE-2025-0947 (A vulnerability, which was classified as critical, has been found in i ...)
-	TODO: check
+	NOT-FOR-US: itsourcecode Tailoring Management System
 CVE-2025-0946 (A vulnerability classified as critical was found in itsourcecode Tailo ...)
-	TODO: check
+	NOT-FOR-US: itsourcecode Tailoring Management System
 CVE-2025-0945 (A vulnerability classified as critical has been found in itsourcecode  ...)
-	TODO: check
+	NOT-FOR-US: itsourcecode Tailoring Management System
 CVE-2025-0944 (A vulnerability was found in itsourcecode Tailoring Management System  ...)
-	TODO: check
+	NOT-FOR-US: itsourcecode Tailoring Management System
 CVE-2025-0943 (A vulnerability was found in itsourcecode Tailoring Management System  ...)
-	TODO: check
+	NOT-FOR-US: itsourcecode Tailoring Management System
 CVE-2025-0939 (The MagicForm plugin for WordPress is vulnerable to access and modific ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2025-0366 (The Jupiter X Core plugin for WordPress is vulnerable to Local File In ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2025-0365 (The Jupiter X Core plugin for WordPress is vulnerable to Directory Tra ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2024-57587 (EasyVirt DCScope 8.6.0 and earlier and co2Scope 1.3.0 and earlier are  ...)
-	TODO: check
+	NOT-FOR-US: EasyVirt DCScope
 CVE-2024-57435 (In macrozheng mall-tiny 1.0.1, an attacker can send null data through  ...)
-	TODO: check
+	NOT-FOR-US: macrozheng mall-tiny
 CVE-2024-57434 (macrozheng mall-tiny 1.0.1 is vulnerable to Incorrect Access Control.  ...)
-	TODO: check
+	NOT-FOR-US: macrozheng mall-tiny
 CVE-2024-57433 (macrozheng mall-tiny 1.0.1 is vulnerable to Incorrect Access Control v ...)
-	TODO: check
+	NOT-FOR-US: macrozheng mall-tiny
 CVE-2024-55062 (EasyVirt DCScope 8.6.0 and earlier and co2Scope 1.3.0 and earlier are  ...)
-	TODO: check
+	NOT-FOR-US: EasyVirt DCScope
 CVE-2024-53357 (In EasyVirt DCScope <=8.6.0 and CO2Scope <=1.3.0, the AES encryption k ...)
-	TODO: check
+	NOT-FOR-US: EasyVirt DCScope
 CVE-2024-53356 (EasyVirt DCScope <=8.6.0 and CO2Scope <=1.3.0 are vulnerable to privil ...)
-	TODO: check
+	NOT-FOR-US: EasyVirt DCScope
 CVE-2024-53355 (EasyVirt DCScope <=8.6.0 and CO2Scope <=1.3.0 are vulnerable to Incorr ...)
-	TODO: check
+	NOT-FOR-US: EasyVirt DCScope
 CVE-2024-53354 (EasyVirt DCScope <=8.6.0 and CO2Scope <=1.3.0 are vulnerable to SQL In ...)
-	TODO: check
+	NOT-FOR-US: EasyVirt DCScope
 CVE-2024-53296 (Dell PowerProtect DD versions prior to 7.10.1.50 and 7.13.1.20 contain ...)
-	TODO: check
+	NOT-FOR-US: Dell
 CVE-2024-53295 (Dell PowerProtect DD versions prior to 8.3.0.0, 7.10.1.50, and 7.13.1. ...)
-	TODO: check
+	NOT-FOR-US: Dell
 CVE-2024-51534 (Dell PowerProtect DD versions prior to DDOS 8.3.0.0, 7.10.1.50, and 7. ...)
-	TODO: check
+	NOT-FOR-US: Dell
 CVE-2024-13775 (The WooCommerce Support Ticket System plugin for WordPress is vulnerab ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2024-13651 (The RapidLoad \u2013 Optimize Web Vitals Automatically plugin for Word ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2024-13612 (The Better Messages \u2013 Live Chat for WordPress, BuddyPress, PeepSo ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2024-13547 (The aThemes Addons for Elementor plugin for WordPress is vulnerable to ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2024-13429 (The WP Job Portal \u2013 A Complete Recruitment System for Company or  ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2024-13428 (The WP Job Portal \u2013 A Complete Recruitment System for Company or  ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2024-13425 (The WP Job Portal \u2013 A Complete Recruitment System for Company or  ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2024-13372 (The WP Job Portal \u2013 A Complete Recruitment System for Company or  ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2024-13371 (The WP Job Portal \u2013 A Complete Recruitment System for Company or  ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2024-13343 (The WooCommerce Customers Manager plugin for WordPress is vulnerable t ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2024-13341 (The MultiLoca - WooCommerce Multi Locations Inventory Management plugi ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2024-13099 (The Widget4Call WordPress plugin through 1.0.7 does not sanitise and e ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2024-13098 (The WordPress Email Newsletter WordPress plugin through 1.1 does not s ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2024-13097 (The WP Finance WordPress plugin through 1.3.6 does not sanitise and es ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2024-13096 (The WP Finance WordPress plugin through 1.3.6 does not have CSRF check ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2024-12825 (The Custom Related Posts plugin for WordPress is vulnerable to unautho ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2024-12768 (The Responsive iframe WordPress plugin through 1.2.0 does not validate ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2024-12620 (The AnimateGL Animations for WordPress \u2013 Elementor & Gutenberg Bl ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2024-12184 (The WordPress Contact Forms by Cimatti plugin for WordPress is vulnera ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2024-12171 (The ELEX WordPress HelpDesk & Customer Ticketing System plugin for Wor ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2024-12041 (The Directorist: AI-Powered WordPress Business Directory Plugin with C ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2024-11829 (The The Plus Addons for Elementor \u2013 Elementor Addons, Page Templa ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2024-11780 (The Site Search 360 plugin for WordPress is vulnerable to Stored Cross ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2025-24831 (Local privilege escalation due to unquoted search path vulnerability.  ...)
 	NOT-FOR-US: Acronis
 CVE-2025-24830 (Local privilege escalation due to DLL hijacking vulnerability. The fol ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/06b84242beac07ccfbe374e664d772a16e1afb05

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/06b84242beac07ccfbe374e664d772a16e1afb05
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20250201/836c8235/attachment-0001.htm>

More information about the debian-security-tracker-commits mailing list