[Git][security-tracker-team/security-tracker][master] NFUs
Moritz Muehlenhoff (@jmm)
jmm at debian.org
Sun Feb 16 14:57:30 GMT 2025
Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker
Commits:
1f1e5188 by Moritz Muehlenhoff at 2025-02-16T15:57:19+01:00
NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -45,7 +45,7 @@ CVE-2025-26819 (Monero through 0.18.3.4 before ec74ff4 does not have response li
CVE-2025-21401 (Microsoft Edge (Chromium-based) Security Feature Bypass Vulnerability)
NOT-FOR-US: Microsoft
CVE-2025-1302 (Versions of the package jsonpath-plus before 10.3.0 are vulnerable to ...)
- TODO: check
+ NOT-FOR-US: Node jsonpath-plus
CVE-2025-0593 (The vulnerability may allow a remote low priviledged attacker to run a ...)
NOT-FOR-US: SICK
CVE-2025-0592 (The vulnerability may allow a remote low priviledged attacker to run a ...)
@@ -344,7 +344,7 @@ CVE-2024-7052 (The Forminator Forms WordPress plugin before 1.38.3 does not san
CVE-2024-57969 (app/Model/Attribute.php in MISP before 2.4.198 ignores an ACL during a ...)
NOT-FOR-US: MISP
CVE-2024-57782 (An issue in Docker-proxy v18.09.0 allows attackers to cause a denial o ...)
- TODO: check
+ NOTE: Bogus report for possinly the use of a proxy in a very old Docker release
CVE-2024-57378 (Wazuh SIEM version 4.8.2 is affected by a broken access control vulner ...)
NOT-FOR-US: Wazuh
CVE-2024-56908 (In Perfex Crm < 3.2.1, an authenticated attacker can send a crafted HT ...)
@@ -2508,7 +2508,7 @@ CVE-2024-53586 (An issue in the relPath parameter of WebFileSys version 2.31.0 a
CVE-2024-48589 (Cross Site Scripting vulnerability in Gilnei Moraes phpABook v.0.9 all ...)
NOT-FOR-US: Gilnei Moraes phpABook
CVE-2024-25883 (The mstatus register in RSD commit 3d13a updates incorrectly, leading ...)
- TODO: check
+ NOT-FOR-US: RSD RISC-V Out-of-Order Superscalar Processor
CVE-2024-13841 (The Builder Shortcode Extras \u2013 WordPress Shortcodes Collection to ...)
NOT-FOR-US: WordPress plugin
CVE-2024-13492 (The Guten Free Options WordPress plugin through 0.9.5 does not sanitis ...)
@@ -276246,9 +276246,9 @@ CVE-2021-41530 (Forcepoint NGFW Engine versions 6.5.11 and earlier, 6.8.6 and ea
CVE-2021-41529
RESERVED
CVE-2021-41528 (An error when handling authorization related to the import / export in ...)
- TODO: check
+ NOT-FOR-US: Flexera
CVE-2021-41527 (An error related to the 2-factor authorization (2FA) on the RISC Platf ...)
- TODO: check
+ NOT-FOR-US: Flexera
CVE-2021-41526 (A vulnerability has been reported in the windows installer (MSI) built ...)
NOT-FOR-US: Flexera
CVE-2021-41525 (An issue related to modification of otherwise restricted files through ...)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/1f1e5188fdbed48aadb56268875666ae721cebfb
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/1f1e5188fdbed48aadb56268875666ae721cebfb
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20250216/81b29893/attachment.htm>
More information about the debian-security-tracker-commits
mailing list