[Git][security-tracker-team/security-tracker][master] Process NFUs
Salvatore Bonaccorso (@carnil)
carnil at debian.org
Wed Feb 12 14:18:48 GMT 2025
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
e6a4c0c6 by Salvatore Bonaccorso at 2025-02-12T15:18:23+01:00
Process NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -85,7 +85,7 @@ CVE-2025-25203 (CtrlPanel is open-source billing software for hosting providers.
CVE-2025-23359 (NVIDIA Container Toolkit for Linux contains a Time-of-Check Time-of-Us ...)
NOT-FOR-US: NVIDIA Container Toolkit
CVE-2025-1243 (The Temporal api-go library prior to version 1.44.1 did not send `upda ...)
- TODO: check
+ NOT-FOR-US: Temporal api-go library
CVE-2025-1240 (WinZip 7Z File Parsing Out-Of-Bounds Write Remote Code Execution Vulne ...)
NOT-FOR-US: WinZip
CVE-2025-1186 (A vulnerability was found in dayrui XunRuiCMS up to 4.6.4. It has been ...)
@@ -486,7 +486,7 @@ CVE-2025-1126 (A Reliance on Untrusted Inputs in a Security Decision vulnerabili
CVE-2025-1052 (Mintty Sixel Image Parsing Heap-based Buffer Overflow Remote Code Exec ...)
NOT-FOR-US: Mintty
CVE-2025-1044 (Logsign Unified SecOps Platform Authentication Bypass Vulnerability. T ...)
- TODO: check
+ NOT-FOR-US: Logsign
CVE-2025-0911 (PDF-XChange Editor U3D File Parsing Out-Of-Bounds Read Information Dis ...)
NOT-FOR-US: PDF-XChange Editor
CVE-2025-0910 (PDF-XChange Editor U3D File Parsing Out-Of-Bounds Write Remote Code Ex ...)
@@ -734,7 +734,7 @@ CVE-2025-1144 (School Affairs System from Quanxun has an Exposure of Sensitive I
CVE-2025-1143 (Certain models of routers from Billion Electric has hard-coded embedde ...)
NOT-FOR-US: Billion Electric
CVE-2025-1002 (MicroDicom DICOM Viewerversion 2024.03 fails to adequately verify the ...)
- TODO: check
+ NOT-FOR-US: MicroDicom
CVE-2025-0499
REJECTED
CVE-2025-0181 (The WP Foodbakery plugin for WordPress is vulnerable to privilege esca ...)
@@ -1475,7 +1475,7 @@ CVE-2025-24531 [Possible Authentication Bypass in Error Situations]
NOTE: Introduced with: https://github.com/OpenSC/pam_pkcs11/commit/bac6cf8e0b242e508e8b715e7f78d52f1227840a (pam_pkcs11-0.6.12)
NOTE: Fixed by: https://github.com/OpenSC/pam_pkcs11/commit/2ecba68d404c3112546a9e802e3776b9f6c50a6a (pam_pkcs11-0.6.13)
CVE-2025-24981 (MDC is a tool to take regular Markdown and write documents interacting ...)
- TODO: check
+ NOT-FOR-US: MDC
CVE-2025-24787 (WhoDB is an open source database management tool. In affected versions ...)
NOT-FOR-US: WhoDB
CVE-2025-24786 (WhoDB is an open source database management tool. While the applicatio ...)
@@ -1513,7 +1513,7 @@ CVE-2025-1074 (A vulnerability, which was classified as problematic, was found i
CVE-2025-0994 (Trimble Cityworks versions prior to 15.8.9 and Cityworks with office c ...)
NOT-FOR-US: Trimble Cityworks
CVE-2025-0982 (Sandbox escape in the JavaScript Task feature of Google Cloud Applicat ...)
- TODO: check
+ NOT-FOR-US: JavaScript Task feature of Google Cloud Application Integration
CVE-2025-0859 (The Post and Page Builder by BoldGrid \u2013 Visual Drag and Drop Edit ...)
NOT-FOR-US: WordPress plugin
CVE-2024-57962 (Vulnerability of incomplete verification information in the VPN servic ...)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/e6a4c0c67f50cb0ddc3772cba28580fd6fa92025
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/e6a4c0c67f50cb0ddc3772cba28580fd6fa92025
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20250212/b682babf/attachment.htm>
More information about the debian-security-tracker-commits
mailing list