[Git][security-tracker-team/security-tracker][master] Process some NFUs

Salvatore Bonaccorso (@carnil) carnil at debian.org
Fri Feb 21 20:17:59 GMT 2025 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
d78c56f8 by Salvatore Bonaccorso at 2025-02-21T21:17:34+01:00
Process some NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -29,11 +29,11 @@ CVE-2025-25605 (Totolink X5000R V9.1.0u.6369_B20230113 is vulnerable to command
 CVE-2025-25604 (Totolink X5000R V9.1.0u.6369_B20230113 is vulnerable to command inject ...)
 	TODO: check
 CVE-2025-25510 (Tenda AC8 V16.03.34.06 is vulnerable to Buffer Overflow in the get_par ...)
-	TODO: check
+	NOT-FOR-US: Tenda
 CVE-2025-25507 (There is a RCE vulnerability in Tenda AC6 15.03.05.16_multi. In the fo ...)
-	TODO: check
+	NOT-FOR-US: Tenda
 CVE-2025-25505 (Tenda AC6 15.03.05.16_multi is vulnerable to Buffer Overflow in the su ...)
-	TODO: check
+	NOT-FOR-US: Tenda
 CVE-2025-1548 (A vulnerability was found in iteachyou Dreamer CMS 4.1.3. It has been  ...)
 	TODO: check
 CVE-2025-1546 (A vulnerability has been found in BDCOM Behavior Management and Auditi ...)
@@ -53,17 +53,17 @@ CVE-2025-1536 (A vulnerability was found in Raisecom Multi-Service Intelligent G
 CVE-2025-1535 (A vulnerability was found in Baiyi Cloud Asset Management System 8.142 ...)
 	TODO: check
 CVE-2025-1489 (The WP-Appbox plugin for WordPress is vulnerable to Stored Cross-Site  ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2025-1471 (In Eclipse OMR versions 0.2.0 to 0.4.0, some of the z/OS atoe print fu ...)
 	TODO: check
 CVE-2025-1470 (In Eclipse OMR, from the initial contribution to version 0.4.0, some O ...)
 	TODO: check
 CVE-2025-1410 (The Events Calendar Made Simple \u2013 Pie Calendar plugin for WordPre ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2025-1403 (Qiskit SDK 0.45.0 through 1.2.4 could allow a remote attacker to cause ...)
 	TODO: check
 CVE-2025-1402 (The Event Tickets and Registration plugin for WordPress is vulnerable  ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2025-0838 (There exists a heap buffer overflow vulnerable in Abseil-cpp. The size ...)
 	TODO: check
 CVE-2025-0728 (In NetX HTTP server functionality of Eclipse ThreadX NetX Duo before   ...)
@@ -83,25 +83,25 @@ CVE-2024-55156 (An XML External Entity (XXE) vulnerability in the deserializeArg
 CVE-2024-45673 (IBM Security Verify Bridge Directory Sync 1.0.1 through 1.0.12, IBM Se ...)
 	TODO: check
 CVE-2024-13900 (The Head, Footer and Post Injections plugin for WordPress is vulnerabl ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2024-13846 (The Indeed Ultimate Learning Pro plugin for WordPress is vulnerable to ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2024-13713 (The WPExperts Square For GiveWP plugin for WordPress is vulnerable to  ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2024-13648 (The Maps for WP plugin for WordPress is vulnerable to Stored Cross-Sit ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2024-13461 (The Autoship Cloud for WooCommerce Subscription Products plugin for Wo ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2024-13455 (The igumbi Online Booking plugin for WordPress is vulnerable to Stored ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2024-13353 (The Responsive Addons for Elementor \u2013 Free Elementor Addons Plugi ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2024-12452 (The Ziggeo plugin for WordPress is vulnerable to Stored Cross-Site Scr ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2024-12276 (The Ultimate Member \u2013 User Profile, Registration, Login, Member D ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2024-10222 (The SVG Support plugin for WordPress is vulnerable to Stored Cross-Sit ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2025-26794 (Exim 4.98 before 4.98.1, when SQLite hints and ETRN serialization are  ...)
 	- exim4 4.98-4 (unimportant)
 	[bookworm] - exim4 <not-affected> (Vulnerable code not present)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/d78c56f8dec318631d8b259034e452cf908bff48

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/d78c56f8dec318631d8b259034e452cf908bff48
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20250221/55aea039/attachment-0001.htm>

More information about the debian-security-tracker-commits mailing list