[Git][security-tracker-team/security-tracker][master] Process some NFUs

Salvatore Bonaccorso (@carnil) carnil at debian.org
Wed Feb 26 21:36:15 GMT 2025 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
0e899a66 by Salvatore Bonaccorso at 2025-02-26T22:35:47+01:00
Process some NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,73 +1,73 @@
 CVE-2025-26925 (Cross-Site Request Forgery (CSRF) vulnerability in Required Admin Menu ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2025-26698 (Incorrect resource transfer between spheres issue exists in RevoWorks  ...)
-	TODO: check
+	NOT-FOR-US: RevoWorks
 CVE-2025-25827 (A Server-Side Request Forgery (SSRF) in the component sort.php of Emlo ...)
-	TODO: check
+	NOT-FOR-US: Emlog Pro
 CVE-2025-25825 (A cross-site scripting (XSS) vulnerability in Emlog Pro v2.5.4 allows  ...)
-	TODO: check
+	NOT-FOR-US: Emlog Pro
 CVE-2025-25823 (A cross-site scripting (XSS) vulnerability in Emlog Pro v2.5.4 allows  ...)
-	TODO: check
+	NOT-FOR-US: Emlog Pro
 CVE-2025-25818 (A cross-site scripting (XSS) vulnerability in Emlog Pro v2.5.4 allows  ...)
-	TODO: check
+	NOT-FOR-US: Emlog Pro
 CVE-2025-25813 (SeaCMS v13.3 was discovered to contain a remote code execution (RCE) v ...)
-	TODO: check
+	NOT-FOR-US: SeaCMS
 CVE-2025-25802 (SeaCMS v13.3 was discovered to contain a remote code execution (RCE) v ...)
-	TODO: check
+	NOT-FOR-US: SeaCMS
 CVE-2025-25800 (SeaCMS 13.3 was discovered to contain an arbitrary file read vulnerabi ...)
-	TODO: check
+	NOT-FOR-US: SeaCMS
 CVE-2025-25799 (SeaCMS 13.3 was discovered to contain an arbitrary file read vulnerabi ...)
-	TODO: check
+	NOT-FOR-US: SeaCMS
 CVE-2025-25797 (SeaCMS v13.3 was discovered to contain a remote code execution (RCE) v ...)
-	TODO: check
+	NOT-FOR-US: SeaCMS
 CVE-2025-25796 (SeaCMS v13.3 was discovered to contain a remote code execution (RCE) v ...)
-	TODO: check
+	NOT-FOR-US: SeaCMS
 CVE-2025-25794 (SeaCMS v13.3 was discovered to contain a remote code execution (RCE) v ...)
-	TODO: check
+	NOT-FOR-US: SeaCMS
 CVE-2025-25793 (SeaCMS v13.3 was discovered to contain a remote code execution (RCE) v ...)
-	TODO: check
+	NOT-FOR-US: SeaCMS
 CVE-2025-25792 (SeaCMS v13.3 was discovered to contain a remote code execution (RCE) v ...)
-	TODO: check
+	NOT-FOR-US: SeaCMS
 CVE-2025-25791 (An arbitrary file upload vulnerability in the plugin installation feat ...)
-	TODO: check
+	NOT-FOR-US: YZNCMS
 CVE-2025-25790 (An arbitrary file upload vulnerability in the component \controller\Lo ...)
-	TODO: check
+	NOT-FOR-US: FoxCMS
 CVE-2025-25789 (FoxCMS v1.2.5 was discovered to contain a remote code execution (RCE)  ...)
-	TODO: check
+	NOT-FOR-US: FoxCMS
 CVE-2025-25785 (JizhiCMS v2.5.4 was discovered to contain a Server-Side Request Forger ...)
-	TODO: check
+	NOT-FOR-US: JizhiCMS
 CVE-2025-25784 (An arbitrary file upload vulnerability in the component \c\TemplateCon ...)
-	TODO: check
+	NOT-FOR-US: Jizhicms
 CVE-2025-25783 (An arbitrary file upload vulnerability in the component admin\plugin.p ...)
-	TODO: check
+	NOT-FOR-US: Emlog Pro
 CVE-2025-25462 (A SQL Injection vulnerability was found in /admin/add-propertytype.php ...)
-	TODO: check
+	NOT-FOR-US: PHPGurukul Land Record System Project in PHP
 CVE-2025-20161 (A vulnerability in the software upgrade process of Cisco Nexus 3000 Se ...)
-	TODO: check
+	NOT-FOR-US: Cisco
 CVE-2025-20119 (A vulnerability in the system file permission handling of Cisco APIC c ...)
-	TODO: check
+	NOT-FOR-US: Cisco
 CVE-2025-20118 (A vulnerability in the implementation of the internal system processes ...)
-	TODO: check
+	NOT-FOR-US: Cisco
 CVE-2025-20117 (A vulnerability in the CLI of Cisco APIC could allow an authenticated, ...)
-	TODO: check
+	NOT-FOR-US: Cisco
 CVE-2025-20116 (A vulnerability in the web UI of Cisco APIC could allow an authenticat ...)
-	TODO: check
+	NOT-FOR-US: Cisco
 CVE-2025-20111 (A vulnerability in the health monitoring diagnostics of Cisco Nexus 30 ...)
-	TODO: check
+	NOT-FOR-US: Cisco
 CVE-2025-1726 (There is a SQL injection issuein Esri ArcGIS Monitor versions 2023.0 t ...)
-	TODO: check
+	NOT-FOR-US: Esri ArcGIS Monitor
 CVE-2025-1716 (picklescan before 0.0.21 does not treat 'pip' as an unsafe global. An  ...)
 	TODO: check
 CVE-2025-1517 (The Sina Extension for Elementor (Slider, Gallery, Form, Modal, Data T ...)
 	NOT-FOR-US: WordPress plugin
 CVE-2025-1249 (Missing Authorization vulnerability in Pixelite Events Manager allows  ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2025-0941 (MET ONE 3400+ instruments running software v1.0.41 can, under rare con ...)
-	TODO: check
+	NOT-FOR-US: MET ONE 3400+ instruments
 CVE-2025-0731 (An unauthenticated remote attacker can upload a .aspx file instead of  ...)
 	TODO: check
 CVE-2025-0719 (IBM Cloud Pak for Data 4.0.0 through 4.8.5 and 5.0.0 is vulnerable to  ...)
-	TODO: check
+	NOT-FOR-US: IBM
 CVE-2024-6810 (The Quiz Organizer plugin for WordPress is vulnerable to Stored Cross- ...)
 	NOT-FOR-US: WordPress plugin
 CVE-2024-53427 (jq v1.7.1 contains a stack-buffer-overflow in the decNumberCopy functi ...)
@@ -79,7 +79,7 @@ CVE-2024-47053 (This advisory addresses an authorization vulnerability in Mautic
 CVE-2024-47051 (This advisory addresses two critical security vulnerabilities present  ...)
 	TODO: check
 CVE-2024-46226 (A stored cross site scripting (XSS) vulnerability in HelpDeskZ < v2.0. ...)
-	TODO: check
+	NOT-FOR-US: HelpDeskZ
 CVE-2024-13560 (The Subscriptions & Memberships for PayPal plugin for WordPress is vul ...)
 	NOT-FOR-US: WordPress plugin
 CVE-2024-8186



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/0e899a667723ee2850e4172e6c68e6573d37c104

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/0e899a667723ee2850e4172e6c68e6573d37c104
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20250226/25446170/attachment.htm>

More information about the debian-security-tracker-commits mailing list