[Git][security-tracker-team/security-tracker][master] Process NFUs

Salvatore Bonaccorso (@carnil) carnil at debian.org
Fri Feb 7 08:34:33 GMT 2025 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
b355bf8b by Salvatore Bonaccorso at 2025-02-07T09:34:12+01:00
Process NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,77 +1,77 @@
 CVE-2025-23094 (The Platform component of Mitel OpenScape 4000 and OpenScape 4000 Mana ...)
-	TODO: check
+	NOT-FOR-US: Mitel
 CVE-2025-23093 (The Platform component of Mitel OpenScape 4000 and OpenScape 4000 Mana ...)
-	TODO: check
+	NOT-FOR-US: Mitel
 CVE-2025-22880 (Delta Electronics CNCSoft-G2 lacks proper validation of the length of  ...)
-	TODO: check
+	NOT-FOR-US: Delta Electronics
 CVE-2025-22402 (Dell Update Manager Plugin, version(s) 1.5.0 through 1.6.0, contain(s) ...)
-	TODO: check
+	NOT-FOR-US: Dell
 CVE-2025-21408 (Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability)
-	TODO: check
+	NOT-FOR-US: Microsoft
 CVE-2025-21404 (Microsoft Edge (Chromium-based) Spoofing Vulnerability)
-	TODO: check
+	NOT-FOR-US: Microsoft
 CVE-2025-21342 (Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability)
-	TODO: check
+	NOT-FOR-US: Microsoft
 CVE-2025-21283 (Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability)
-	TODO: check
+	NOT-FOR-US: Microsoft
 CVE-2025-21279 (Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability)
-	TODO: check
+	NOT-FOR-US: Microsoft
 CVE-2025-21267 (Microsoft Edge (Chromium-based) Spoofing Vulnerability)
-	TODO: check
+	NOT-FOR-US: Microsoft
 CVE-2025-21253 (Microsoft Edge for IOS and Android Spoofing Vulnerability)
-	TODO: check
+	NOT-FOR-US: Microsoft
 CVE-2025-21177 (Server-Side Request Forgery (SSRF) in Microsoft Dynamics 365 Sales all ...)
-	TODO: check
+	NOT-FOR-US: Microsoft
 CVE-2025-1086 (A vulnerability has been found in Safetytest Cloud-Master Server up to ...)
-	TODO: check
+	NOT-FOR-US: Safetytest Cloud-Master Server
 CVE-2025-1085 (A vulnerability, which was classified as problematic, was found in Ani ...)
-	TODO: check
+	NOT-FOR-US: Animati PACS
 CVE-2025-1084 (A vulnerability, which was classified as problematic, has been found i ...)
-	TODO: check
+	NOT-FOR-US: Mindskip xzs-mysql
 CVE-2025-1083 (A vulnerability classified as problematic was found in Mindskip xzs-my ...)
-	TODO: check
+	NOT-FOR-US: Mindskip xzs-mysql
 CVE-2025-1082 (A vulnerability classified as problematic has been found in Mindskip x ...)
-	TODO: check
+	NOT-FOR-US: Mindskip xzs-mysql
 CVE-2025-1081 (A vulnerability was found in Bharti Airtel Xstream Fiber up to 2025012 ...)
-	TODO: check
+	NOT-FOR-US: Bharti Airtel Xstream Fiber
 CVE-2025-1072 (A Denial of Service (DoS) issue has been discovered in GitLab CE/EE af ...)
 	TODO: check
 CVE-2025-1061 (The Nextend Social Login Pro plugin for WordPress is vulnerable to aut ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2025-1004 (Certain HP LaserJet Pro printers may potentially experience a denial o ...)
-	TODO: check
+	NOT-FOR-US: HP
 CVE-2025-0675 (Multiple Elber products suffer from an unauthenticated device configur ...)
-	TODO: check
+	NOT-FOR-US: Elber products
 CVE-2025-0674 (Multiple Elber products are affected by an authentication bypass  vuln ...)
-	TODO: check
+	NOT-FOR-US: Elber products
 CVE-2025-0158 (IBM EntireX 11.1 could allow a local user to cause a denial of service ...)
 	NOT-FOR-US: IBM
 CVE-2024-57609 (An issue in Kanaries Inc Pygwalker before v.0.4.9.9 allows a remote at ...)
-	TODO: check
+	NOT-FOR-US: Kanaries Inc Pygwalker
 CVE-2024-57392 (Buffer Overflow vulnerability in Proftpd commit 4017eff8 allows a remo ...)
 	TODO: check
 CVE-2024-56889 (Incorrect access control in the endpoint /admin/m_delete.php of CodeAs ...)
-	TODO: check
+	NOT-FOR-US: CodeAstro Complaint Management System
 CVE-2024-56467 (IBM EntireX 11.1 could allow a local user to obtain sensitive informat ...)
 	NOT-FOR-US: IBM
 CVE-2024-55241 (An issue in deep-diver LLM-As-Chatbot before commit 99c2c03 allows a r ...)
 	TODO: check
 CVE-2024-54909 (A vulnerability has been identified in GoldPanKit eva-server v4.1.0. I ...)
-	TODO: check
+	NOT-FOR-US: GoldPanKit eva-server
 CVE-2024-54171 (IBM EntireX 11.1 is vulnerable to an XML external entity injection (XX ...)
 	NOT-FOR-US: IBM
 CVE-2024-53586 (An issue in the relPath parameter of WebFileSys version 2.31.0 allows  ...)
-	TODO: check
+	NOT-FOR-US: WebFileSys
 CVE-2024-48589 (Cross Site Scripting vulnerability in Gilnei Moraes phpABook v.0.9 all ...)
-	TODO: check
+	NOT-FOR-US: Gilnei Moraes phpABook
 CVE-2024-25883 (The mstatus register in RSD commit 3d13a updates incorrectly, leading  ...)
 	TODO: check
 CVE-2024-13841 (The Builder Shortcode Extras \u2013 WordPress Shortcodes Collection to ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2024-13492 (The Guten Free Options WordPress plugin through 0.9.5 does not sanitis ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2024-13352 (The Legull WordPress plugin through 1.2.2 does not sanitise and escape ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2024-12133
 	- libtasn1-6 <unfixed>
 	NOTE: https://www.openwall.com/lists/oss-security/2025/02/06/6
@@ -324556,7 +324556,7 @@ CVE-2020-36087
 CVE-2020-36086
 	RESERVED
 CVE-2020-36085 (Stored Cross Site Scripting(XSS) vulnerability in Egavilan Media Resum ...)
-	TODO: check
+	NOT-FOR-US: Egavilan Media Resumes Management and Job Application Website
 CVE-2020-36084 (SQL Injection vulnerability in SourceCodester Responsive E-Learning Sy ...)
 	NOT-FOR-US: SourceCodester Responsive E-Learning System
 CVE-2020-36083



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/b355bf8b7503d1519fd53c2dc6610177917b57f8

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/b355bf8b7503d1519fd53c2dc6610177917b57f8
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20250207/be336f18/attachment.htm>

More information about the debian-security-tracker-commits mailing list