[Git][security-tracker-team/security-tracker][master] Process some NFUs

Salvatore Bonaccorso (@carnil) carnil at debian.org
Wed Feb 26 08:28:00 GMT 2025 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
09548d00 by Salvatore Bonaccorso at 2025-02-26T09:27:38+01:00
Process some NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,27 +1,27 @@
 CVE-2025-27148 (Gradle is a build automation tool, and its native-platform tool provid ...)
 	TODO: check
 CVE-2025-25521 (Seacms <=13.3 is vulnerable to SQL Injection in admin_type_news.php.)
-	TODO: check
+	NOT-FOR-US: Seacms
 CVE-2025-25520 (Seacms <13.3 is vulnerable to SQL Injection in admin_pay.php.)
-	TODO: check
+	NOT-FOR-US: Seacms
 CVE-2025-25519 (Seacms <=13.3 is vulnerable to SQL Injection in admin_zyk.php.)
-	TODO: check
+	NOT-FOR-US: Seacms
 CVE-2025-25517 (Seacms <=13.3 is vulnerable to SQL Injection in admin_reslib.php.)
-	TODO: check
+	NOT-FOR-US: Seacms
 CVE-2025-25516 (Seacms <=13.3 is vulnerable to SQL Injection in admin_paylog.php.)
-	TODO: check
+	NOT-FOR-US: Seacms
 CVE-2025-25515 (Seacms <=13.3 is vulnerable to SQL Injection in admin_collect.php that ...)
-	TODO: check
+	NOT-FOR-US: Seacms
 CVE-2025-25514 (Seacms <=13.3 is vulnerable to SQL Injection in admin_collect_news.php ...)
-	TODO: check
+	NOT-FOR-US: Seacms
 CVE-2025-22881 (Delta Electronics CNCSoft-G2 lacks proper validation of the length of  ...)
-	TODO: check
+	NOT-FOR-US: Delta Electronics
 CVE-2025-22869 (SSH servers which implement file transfer protocols are vulnerable to  ...)
 	TODO: check
 CVE-2025-22868 (An attacker can pass a malicious malformed token which causes unexpect ...)
 	TODO: check
 CVE-2025-22211 (A SQL injection vulnerability in the JoomShopping component versions 1 ...)
-	TODO: check
+	NOT-FOR-US: JoomShopping
 CVE-2025-1091 (A Broken Authorization schema exists where any authenticated user coul ...)
 	TODO: check
 CVE-2025-0889 (Prior to 25.2, a local authenticated attacker can elevate privileges o ...)
@@ -55,53 +55,53 @@ CVE-2024-53871 (NVIDIA CUDA toolkit for all platforms contains a vulnerability i
 CVE-2024-53870 (NVIDIA CUDA toolkit for all platforms contains a vulnerability in the  ...)
 	TODO: check
 CVE-2024-39441 (In wifi display, there is a possible missing permission check. This co ...)
-	TODO: check
+	NOT-FOR-US: Unisoc
 CVE-2024-30150 (HCL MyCloud is affected by Improper Access Control - an unauthenticate ...)
-	TODO: check
+	NOT-FOR-US: HCL
 CVE-2024-27246 (Use after free in some Zoom Workplace Apps and SDKs may allow an authe ...)
-	TODO: check
+	NOT-FOR-US: Zoom
 CVE-2024-27245 (Buffer overflow in some Zoom Workplace Apps and SDKs may allow an auth ...)
-	TODO: check
+	NOT-FOR-US: Zoom
 CVE-2024-27239 (Use after free in some Zoom Workplace Apps and SDKs may allow an authe ...)
-	TODO: check
+	NOT-FOR-US: Zoom
 CVE-2024-13803 (The Essential Blocks \u2013 Page Builder Gutenberg Blocks, Patterns &  ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2024-13678 (The R3W InstaFeed WordPress plugin through 1.0 does not sanitise and e ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2024-13669 (The CalendApp WordPress plugin through 1.1 does not sanitise and escap ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2024-13634 (The Post Sync WordPress plugin through 1.1 does not sanitise and escap ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2024-13633 (The Simple catalogue WordPress plugin through 1.0.2 does not sanitise  ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2024-13632 (The WP Extra Fields WordPress plugin through 1.0.1 does not sanitise a ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2024-13631 (The Om Stripe WordPress plugin through 02.00.00 does not sanitise and  ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2024-13630 (The NewsTicker WordPress plugin through 1.0 does not sanitise and esca ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2024-13629 (The pushBIZ  WordPress plugin through 1.0 does not sanitise and escape ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2024-13628 (The WP Pricing Table WordPress plugin through 1.1 does not sanitise an ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2024-13624 (The WPMovieLibrary WordPress plugin through 2.1.4.8 does not sanitise  ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2024-13571 (The Post Timeline WordPress plugin before 2.3.10 does not sanitise and ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2024-13113 (The Countdown Timer for Elementor WordPress plugin before 1.3.7 does n ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2024-12878 (The Custom Block Builder  WordPress plugin before 3.8.3 does not sanit ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2024-12737 (The WP BASE Booking of Appointments, Services and Events WordPress plu ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2024-12434 (The SureMembers plugin for WordPress is vulnerable to Sensitive Inform ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2024-10563 (The WooCommerce Cart Count Shortcode WordPress plugin before 1.1.0 doe ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2024-10483 (The Simple:Press Forum WordPress plugin before 6.10.11 does not saniti ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2024-10152 (The Simple Certain Time to Show Content WordPress plugin before 1.3.1  ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2024-0148 (NVIDIA Jetson Linux and IGX OS image contains a vulnerability in the U ...)
 	TODO: check
 CVE-2025-25209



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/09548d00a53a283c05bbbd0c2f9e243808594dd7

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/09548d00a53a283c05bbbd0c2f9e243808594dd7
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20250226/948a5a11/attachment-0001.htm>

More information about the debian-security-tracker-commits mailing list