[Git][security-tracker-team/security-tracker][master] NFUs

Moritz Muehlenhoff (@jmm) jmm at debian.org
Thu Feb 6 08:56:00 GMT 2025 


Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker


Commits:
b7e79380 by Moritz Muehlenhoff at 2025-02-06T09:55:42+01:00
NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,21 +1,21 @@
 CVE-2025-24845 (Improper neutralization of argument delimiters in a command ('Argument ...)
-	TODO: check
+	NOT-FOR-US: Defense Platform Home Edition
 CVE-2025-24483 (NULL pointer dereference vulnerability exists in Defense Platform Home ...)
-	TODO: check
+	NOT-FOR-US: Defense Platform Home Edition
 CVE-2025-23236 (Buffer overflow vulnerability exists in Defense Platform Home Edition  ...)
-	TODO: check
+	NOT-FOR-US: Defense Platform Home Edition
 CVE-2025-22894 (Unprotected Windows messaging channel ('Shatter') issue exists in Defe ...)
-	TODO: check
+	NOT-FOR-US: Defense Platform Home Edition
 CVE-2025-22890 (Execution with unnecessary privileges issue exists in Defense Platform ...)
-	TODO: check
+	NOT-FOR-US: Defense Platform Home Edition
 CVE-2025-20094 (Unprotected Windows messaging channel ('Shatter') issue exists in Defe ...)
-	TODO: check
+	NOT-FOR-US: Defense Platform Home Edition
 CVE-2025-1066 (OpenPLC_V3 contains an arbitrary file upload vulnerability, which coul ...)
 	TODO: check
 CVE-2025-0799 (IBM App Connect enterprise12.0.1.0 through 12.0.12.10 and13.0.1.0 thro ...)
-	TODO: check
+	NOT-FOR-US: IBM
 CVE-2025-0522 (The LikeBot  WordPress plugin through 0.85 does not have CSRF check in ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2024-57699 (A security issue was found in Netplex Json-smart 2.5.0 through 2.5.1.  ...)
 	TODO: check
 CVE-2024-57598 (A floating point exception (divide-by-zero) vulnerability was discover ...)
@@ -65,49 +65,49 @@ CVE-2024-57064 (A prototype pollution in the lib.setValue function of @syncfusio
 CVE-2024-57063 (A prototype pollution in the lib function of php-date-formatter v1.3.6 ...)
 	TODO: check
 CVE-2024-56473 (IBM Aspera Shares1.9.0 through 1.10.0 PL6  could allow an attacker to  ...)
-	TODO: check
+	NOT-FOR-US: IBM
 CVE-2024-56472 (IBM Aspera Shares1.9.0 through 1.10.0 PL6  is vulnerable to stored cro ...)
-	TODO: check
+	NOT-FOR-US: IBM
 CVE-2024-56471 (IBM Aspera Shares1.9.0 through 1.10.0 PL6  is vulnerable to server-sid ...)
-	TODO: check
+	NOT-FOR-US: IBM
 CVE-2024-56470 (IBM Aspera Shares1.9.0 through 1.10.0 PL6  is vulnerable to server-sid ...)
-	TODO: check
+	NOT-FOR-US: IBM
 CVE-2024-54853 (A Stored Cross-Site Scripting (XSS) vulnerability was identified affec ...)
 	TODO: check
 CVE-2024-51547 (Use of Hard-coded Credentials vulnerability in ABB ASPECT-Enterprise,  ...)
-	TODO: check
+	NOT-FOR-US: ABB
 CVE-2024-51450 (IBM Security Verify Directory 10.0.0 through 10.0.3 could allow a remo ...)
-	TODO: check
+	NOT-FOR-US: IBM
 CVE-2024-49814 (IBM Security Verify Access Appliance 10.0.0 through 10.0.3 could allow ...)
-	TODO: check
+	NOT-FOR-US: IBM
 CVE-2024-49800 (IBM ApplinX 11.1 stores sensitive information in cleartext in memory t ...)
-	TODO: check
+	NOT-FOR-US: IBM
 CVE-2024-49798 (IBM ApplinX 11.1 could allow a remote attacker to obtain sensitive inf ...)
-	TODO: check
+	NOT-FOR-US: IBM
 CVE-2024-49797 (IBM ApplinX 11.1 could allow a remote attacker to obtain sensitive inf ...)
-	TODO: check
+	NOT-FOR-US: IBM
 CVE-2024-49796 (IBM ApplinX 11.1 could allow a remote attacker to hijack the clicking  ...)
-	TODO: check
+	NOT-FOR-US: IBM
 CVE-2024-49795 (IBM ApplinX 11.1 is vulnerable to cross-site request forgery which cou ...)
-	TODO: check
+	NOT-FOR-US: IBM
 CVE-2024-49794 (IBM ApplinX 11.1 is vulnerable to cross-site request forgery which cou ...)
-	TODO: check
+	NOT-FOR-US: IBM
 CVE-2024-49793 (IBM ApplinX 11.1 is vulnerable to cross-site scripting. This vulnerabi ...)
-	TODO: check
+	NOT-FOR-US: IBM
 CVE-2024-49792 (IBM ApplinX 11.1 is vulnerable to cross-site scripting. This vulnerabi ...)
-	TODO: check
+	NOT-FOR-US: IBM
 CVE-2024-49791 (IBM ApplinX 11.1 is vulnerable to cross-site scripting. This vulnerabi ...)
-	TODO: check
+	NOT-FOR-US: IBM
 CVE-2024-48394 (A Time-of-Check to Time-of-Use (TOCTOU) vulnerability has been identif ...)
-	TODO: check
+	NOT-FOR-US: NDD
 CVE-2024-38318 (IBM Aspera Shares1.9.0 through 1.10.0 PL6 is vulnerable to HTML inject ...)
-	TODO: check
+	NOT-FOR-US: IBM
 CVE-2024-38317 (IBM Aspera Shares1.9.0 through 1.10.0 PL6  is vulnerable to cross-site ...)
-	TODO: check
+	NOT-FOR-US: IBM
 CVE-2024-38316 (IBM Aspera Shares1.9.0 through 1.10.0 PL6 does not properly rate limit ...)
-	TODO: check
+	NOT-FOR-US: IBM
 CVE-2024-13487 (The The CURCY \u2013 Multi Currency for WooCommerce \u2013 The best fr ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2025-24805 (Mobile Security Framework (MobSF) is an automated, all-in-one mobile a ...)
 	TODO: check
 CVE-2025-24804 (Mobile Security Framework (MobSF) is an automated, all-in-one mobile a ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/b7e793802f20dff75e030b8100f8338fd488f2fa

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/b7e793802f20dff75e030b8100f8338fd488f2fa
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20250206/d72c4718/attachment.htm>

More information about the debian-security-tracker-commits mailing list