[Git][security-tracker-team/security-tracker][master] NFUs
Moritz Muehlenhoff (@jmm)
jmm at debian.org
Mon Feb 17 12:00:12 GMT 2025
Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker
Commits:
4e641bfe by Moritz Mühlenhoff at 2025-02-17T12:59:32+01:00
NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -11,41 +11,41 @@ CVE-2025-26765 (Missing Authorization vulnerability in enituretechnology Distanc
CVE-2025-26761 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
TODO: check
CVE-2025-26759 (Cross-Site Request Forgery (CSRF) vulnerability in alexvtn Content Sni ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-26755 (Improper Neutralization of Special Elements used in an SQL Command ('S ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-26700 (Authentication bypass using an alternate path or channel issue exists ...)
- TODO: check
+ NOT-FOR-US: RoboForm Password Manager
CVE-2025-23975 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-22689 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-22680 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-22676 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-22291 (Missing Authorization vulnerability in enituretechnology LTL Freight Q ...)
- TODO: check
+ NOT-FOR-US: enituretechnology
CVE-2025-22290 (Improper Neutralization of Special Elements used in an SQL Command ('S ...)
- TODO: check
+ NOT-FOR-US: enituretechnology
CVE-2025-22289 (Missing Authorization vulnerability in NotFound LTL Freight Quotes \u2 ...)
- TODO: check
+ NOT-FOR-US: enituretechnology
CVE-2025-22286 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: enituretechnology
CVE-2025-22284 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
- TODO: check
+ NOT-FOR-US: enituretechnology
CVE-2025-1389 (Orca HCM from Learning Digital has a SQL Injection vulnerability, allo ...)
- TODO: check
+ NOT-FOR-US: Orca HCM
CVE-2025-1388 (Orca HCM from LEARNING DIGITAL has an Arbitrary File Upload vulnerabil ...)
- TODO: check
+ NOT-FOR-US: Orca HCM
CVE-2025-1387 (Orca HCM from LEARNING DIGITAL has an Improper Authentication vulnerab ...)
- TODO: check
+ NOT-FOR-US: Orca HCM
CVE-2025-1381 (A vulnerability was found in code-projects Real Estate Property Manage ...)
- TODO: check
+ NOT-FOR-US: Real Estate Property Management System
CVE-2025-1380 (A vulnerability was found in Codezips Gym Management System 1.0 and cl ...)
- TODO: check
+ NOT-FOR-US: Codezips Gym Management System
CVE-2025-1379 (A vulnerability has been found in code-projects Real Estate Property M ...)
- TODO: check
+ NOT-FOR-US: Real Estate Property Management System
CVE-2025-1378 (A vulnerability, which was classified as problematic, was found in rad ...)
TODO: check
CVE-2025-1377 (A vulnerability, which was classified as problematic, has been found i ...)
@@ -53,7 +53,7 @@ CVE-2025-1377 (A vulnerability, which was classified as problematic, has been fo
CVE-2025-1376 (A vulnerability classified as problematic was found in GNU elfutils 0. ...)
TODO: check
CVE-2025-1374 (A vulnerability classified as critical has been found in code-projects ...)
- TODO: check
+ NOT-FOR-US: Real Estate Property Management System
CVE-2025-1373 (A vulnerability was found in FFmpeg up to 7.1. It has been rated as pr ...)
TODO: check
CVE-2025-1372 (A vulnerability was found in GNU elfutils 0.192. It has been declared ...)
@@ -61,23 +61,23 @@ CVE-2025-1372 (A vulnerability was found in GNU elfutils 0.192. It has been decl
CVE-2025-1371 (A vulnerability has been found in GNU elfutils 0.192 and classified as ...)
TODO: check
CVE-2025-1370 (A vulnerability, which was classified as critical, has been found in M ...)
- TODO: check
+ NOT-FOR-US: MicroWord eScan Antivirus
CVE-2025-1369 (A vulnerability classified as critical was found in MicroWord eScan An ...)
- TODO: check
+ NOT-FOR-US: MicroWord eScan Antivirus
CVE-2025-1368 (A vulnerability was found in MicroWord eScan Antivirus 7.0.32 on Linux ...)
- TODO: check
+ NOT-FOR-US: MicroWord eScan Antivirus
CVE-2025-1367 (A vulnerability was found in MicroWord eScan Antivirus 7.0.32 on Linux ...)
- TODO: check
+ NOT-FOR-US: MicroWord eScan Antivirus
CVE-2025-1366 (A vulnerability was found in MicroWord eScan Antivirus 7.0.32 on Linux ...)
- TODO: check
+ NOT-FOR-US: MicroWord eScan Antivirus
CVE-2025-1365 (A vulnerability, which was classified as critical, was found in GNU el ...)
TODO: check
CVE-2025-1364 (A vulnerability has been found in MicroWord eScan Antivirus 7.0.32 on ...)
- TODO: check
+ NOT-FOR-US: MicroWord eScan Antivirus
CVE-2025-1360 (A vulnerability, which was classified as problematic, was found in Int ...)
- TODO: check
+ NOT-FOR-US: Sublime CRM
CVE-2025-0924 (The WP Activity Log plugin for WordPress is vulnerable to Stored Cross ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-0591 (Out-of-bounds Read vulnerability (CWE-125) was found in CX-Programmer. ...)
TODO: check
CVE-2024-47935 (Improper Validation of Integrity Check Value vulnerability in TXOne Ne ...)
@@ -85,17 +85,17 @@ CVE-2024-47935 (Improper Validation of Integrity Check Value vulnerability in TX
CVE-2024-44044 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
TODO: check
CVE-2024-13726 (The Coder WordPress plugin through 1.3.4 does not properly sanitise ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-13627 (The OWL Carousel Slider WordPress plugin through 2.2 does not sanitise ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-13626 (The VR-Frases (collect & share quotes) WordPress plugin through 3.0.1 ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-13625 (The Tube Video Ads Lite WordPress plugin through 1.5.7 does not saniti ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-13608 (The Track Logins WordPress plugin through 1.0 does not sanitize and es ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-13603 (The Wise Forms WordPress plugin through 1.2.0 does not sanitise and es ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-1359 (A vulnerability, which was classified as problematic, has been found i ...)
NOT-FOR-US: SIAM Industria de Automacao e Monitoramento SIAM
CVE-2025-1358 (A vulnerability classified as problematic was found in Pix Software Vi ...)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/4e641bfe714b43374b447ab3b50fee6e86b9b5f7
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/4e641bfe714b43374b447ab3b50fee6e86b9b5f7
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20250217/afba3672/attachment.htm>
More information about the debian-security-tracker-commits
mailing list