[Git][security-tracker-team/security-tracker][master] Process new NFUs
Salvatore Bonaccorso (@carnil)
carnil at debian.org
Tue Feb 18 20:19:18 GMT 2025
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
0a9ff21f by Salvatore Bonaccorso at 2025-02-18T21:18:56+01:00
Process new NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -51,9 +51,9 @@ CVE-2025-1023 (A vulnerability exists in ChurchCRM5.13.0 and priorthat allows an
CVE-2025-0981 (A vulnerability exists in ChurchCRM5.13.0 and prior that allows an att ...)
TODO: check
CVE-2025-0817 (The FormCraft plugin for WordPress is vulnerable to Stored Cross-Site ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-0521 (The Post SMTP plugin for WordPress is vulnerable to Stored Cross-Site ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-57056 (Incorrect cookie session handling in WombatDialer before 25.02 results ...)
TODO: check
CVE-2024-57055 (Server-Side Access Control Bypass vulnerability in WombatDialer before ...)
@@ -89,29 +89,29 @@ CVE-2024-39328 (Insecure Permissions in Atos Eviden IDRA and IDCA before 2.7.0.
CVE-2024-39327 (Incorrect Access Control vulnerability in Atos Eviden IDRA before 2.6. ...)
TODO: check
CVE-2024-13797 (The PressMart - Modern Elementor WooCommerce WordPress Theme theme for ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-13783 (The FormCraft plugin for WordPress is vulnerable to unauthorized acces ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-13718 (The Flexible Wishlist for WooCommerce \u2013 Ecommerce Wishlist & Save ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-13691 (The Uncode theme for WordPress is vulnerable to arbitrary file read du ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-13689 (The Uncode Core plugin for WordPress is vulnerable to arbitrary shortc ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-13681 (The Uncode theme for WordPress is vulnerable to arbitrary file read du ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-13667 (The Uncode theme for WordPress is vulnerable to Stored Cross-Site Scri ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-13636 (The Brooklyn theme for WordPress is vulnerable to PHP Object Injection ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-13395 (The Threepress plugin for WordPress is vulnerable to Stored Cross-Site ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-13369 (The Tour Master - Tour Booking, Travel, Hotel plugin for WordPress is ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-13316 (The Scratch & Win \u2013 Giveaways and Contests. Boost subscribers, tr ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-12860 (The CarSpot \u2013 Dealership Wordpress Classified Theme theme for Wor ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-1125 [fs/hfs: Interger overflow may lead to heap based out-of-bounds write]
- grub2 <unfixed>
NOTE: https://lists.gnu.org/archive/html/grub-devel/2025-02/msg00024.html
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/0a9ff21fafca79ca28bc7b9252ca1b54a424d8e7
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/0a9ff21fafca79ca28bc7b9252ca1b54a424d8e7
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20250218/fbb258f1/attachment.htm>
More information about the debian-security-tracker-commits
mailing list