[Git][security-tracker-team/security-tracker][master] Process some NFUs
Salvatore Bonaccorso (@carnil)
carnil at debian.org
Sun Feb 9 09:18:41 GMT 2025
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
21ad7a75 by Salvatore Bonaccorso at 2025-02-09T10:18:31+01:00
Process some NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,9 +1,9 @@
CVE-2025-0517
REJECTED
CVE-2025-0316 (The WP Directorybox Manager plugin for WordPress is vulnerable to auth ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-0169 (The DWT - Directory & Listing WordPress Theme is vulnerable to Stored ...)
- TODO: check
+ NOT-FOR-US: WordPress theme
CVE-2024-8377
REJECTED
CVE-2024-6909
@@ -11,19 +11,19 @@ CVE-2024-6909
CVE-2024-5183
REJECTED
CVE-2024-13440 (The Super Store Finder plugin for WordPress is vulnerable to SQL Injec ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-4927
REJECTED
CVE-2025-1117 (A vulnerability, which was classified as critical, was found in CoinRe ...)
- TODO: check
+ NOT-FOR-US: CoinRemitter on OpenCart
CVE-2025-1116 (A vulnerability, which was classified as critical, has been found in D ...)
- TODO: check
+ NOT-FOR-US: Dreamvention Live AJAX Search Free on OpenCart
CVE-2025-1115 (A vulnerability classified as problematic was found in RT-Thread up to ...)
- TODO: check
+ NOT-FOR-US: RT-Thread
CVE-2024-54176 (IBM DevOps Deploy 8.0 through 8.0.1.4, 8.1 through 8.1.0.0 and IBM Urb ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2024-13850 (The Simple add pages or posts plugin for WordPress is vulnerable to St ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-25187 (Joplin is a free, open source note taking and to-do application, which ...)
- joplin <itp> (bug #931306)
CVE-2025-24366 (SFTPGo is an open source, event-driven file transfer solution. SFTPGo ...)
@@ -41,7 +41,7 @@ CVE-2024-57606 (SQL injection vulnerability in Beijing Guoju Information Technol
CVE-2024-57357 (An issue in TPLINK TL-WPA 8630 TL-WPA8630(US)_V2_2.0.4 Build 20230427 ...)
NOT-FOR-US: TPLINK
CVE-2024-57279 (A reflected Cross-Site Scripting (XSS) vulnerability has been identifi ...)
- TODO: check
+ NOT-FOR-US: LDAP User Manager
CVE-2024-57278 (A reflected Cross-Site Scripting (XSS) vulnerability exists in /websca ...)
NOT-FOR-US: QingScan
CVE-2024-55630 (Joplin is a free, open source note taking and to-do application, which ...)
@@ -49,7 +49,7 @@ CVE-2024-55630 (Joplin is a free, open source note taking and to-do application,
CVE-2024-55272 (An issue in Brainasoft Braina v2.8 allows a remote attacker to obtain ...)
NOT-FOR-US: Brainasoft Braina
CVE-2024-55215 (An issue in trojan v.2.0.0 through v.2.15.3 allows a remote attacker t ...)
- TODO: check
+ NOT-FOR-US: trojan
CVE-2025-25183 (vLLM is a high-throughput and memory-efficient inference and serving e ...)
NOT-FOR-US: vLLM
CVE-2025-25168 (Cross-Site Request Forgery (CSRF) vulnerability in blackandwhitedigita ...)
@@ -1340,9 +1340,9 @@ CVE-2025-0971 (A vulnerability was found in Zenvia Movidesk up to 25.01.22. It h
CVE-2025-0970 (A vulnerability was found in Zenvia Movidesk up to 25.01.22. It has be ...)
NOT-FOR-US: Zenvia Movidesk
CVE-2025-0015 (Use After Free vulnerability in Arm Ltd Valhall GPU Kernel Driver, Arm ...)
- TODO: check
+ NOT-FOR-US: Arm GPU Kernel Driver
CVE-2024-6790 (Loop with Unreachable Exit Condition ('Infinite Loop') vulnerability i ...)
- TODO: check
+ NOT-FOR-US: Arm GPU Kernel Driver
CVE-2024-57968 (Advantive VeraCore before 2024.4.2.1 allows remote authenticated users ...)
NOT-FOR-US: Advantive VeraCore
CVE-2024-57967 (PVWA (Password Vault Web Access) in CyberArk Privileged Access Manager ...)
@@ -201131,7 +201131,7 @@ CVE-2022-40918 (Buffer overflow in firmware lewei_cam binary version 2.0.10 in F
CVE-2022-40917
RESERVED
CVE-2022-40916 (Tiny File Manager v2.4.7 and below is vulnerable to session fixation.)
- TODO: check
+ NOT-FOR-US: Tiny File Manager
CVE-2022-40915
RESERVED
CVE-2022-40914
@@ -202244,7 +202244,7 @@ CVE-2022-40492
CVE-2022-40491
RESERVED
CVE-2022-40490 (Tiny File Manager v2.4.7 and below was discovered to contain a Cross S ...)
- TODO: check
+ NOT-FOR-US: Tiny File Manager
CVE-2022-40489 (ThinkCMF version 6.0.7 is affected by a Cross Site Request Forgery (CS ...)
NOT-FOR-US: ThinkCMF
CVE-2022-40488 (ProcessWire v3.0.200 was discovered to contain a Cross-Site Request Fo ...)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/21ad7a7579fc350af15b23feb864396c16e2a32b
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/21ad7a7579fc350af15b23feb864396c16e2a32b
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20250209/37307e3a/attachment.htm>
More information about the debian-security-tracker-commits
mailing list