[Git][security-tracker-team/security-tracker][master] NFUs

Moritz Muehlenhoff (@jmm) jmm at debian.org
Fri Jan 3 08:46:24 GMT 2025 


Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker


Commits:
4e1d4a8e by Moritz Muehlenhoff at 2025-01-03T09:42:54+01:00
NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,49 +1,49 @@
 CVE-2025-22275 (iTerm2 3.5.6 through 3.5.10 before 3.5.11 sometimes allows remote atta ...)
-	TODO: check
+	NOT-FOR-US: iTerm2
 CVE-2025-0176 (A vulnerability was found in code-projects Point of Sales and Inventor ...)
-	TODO: check
+	NOT-FOR-US: code-projects Point of Sales and Inventory
 CVE-2025-0175 (A vulnerability was found in code-projects Online Shop 1.0. It has bee ...)
-	TODO: check
+	NOT-FOR-US: code-projects Online Shop
 CVE-2025-0174 (A vulnerability was found in code-projects Point of Sales and Inventor ...)
-	TODO: check
+	NOT-FOR-US: code-projects Point of Sales and Inventory
 CVE-2024-53842 (In cc_SendCcImsInfoIndMsg of cc_MmConManagement.c, there is a possible ...)
-	TODO: check
+	NOT-FOR-US: Android
 CVE-2024-53841 (In startListeningForDeviceStateChanges, there is a possible Permission ...)
-	TODO: check
+	NOT-FOR-US: Android
 CVE-2024-53840 (there is a possible biometric bypass due to an unusual root cause. Thi ...)
-	TODO: check
+	NOT-FOR-US: Android
 CVE-2024-53839 (In GetCellInfoList() of protocolnetadapter.cpp, there is a possible ou ...)
-	TODO: check
+	NOT-FOR-US: Android
 CVE-2024-53838 (In Exynos_parsing_user_data_registered_itu_t_t35 of VendorVideoAPI.cpp ...)
-	TODO: check
+	NOT-FOR-US: Android
 CVE-2024-53837 (In prepare_response of lwis_periodic_io.c, there is a possible out of  ...)
-	TODO: check
+	NOT-FOR-US: Android
 CVE-2024-53836 (In wbrc_bt_dev_write of wb_regon_coordinator.c, there is a possible ou ...)
-	TODO: check
+	NOT-FOR-US: Android
 CVE-2024-53835 (there is a possible biometric bypass due to an unusual root cause. Thi ...)
-	TODO: check
+	NOT-FOR-US: Android
 CVE-2024-53834 (In sms_DisplayHexDumpOfPrivacyBuffer of sms_Utilities.c, there is a po ...)
-	TODO: check
+	NOT-FOR-US: Android
 CVE-2024-53833 (In prepare_response_locked of  lwis_transaction.c, there is a possible ...)
-	TODO: check
+	NOT-FOR-US: Android
 CVE-2024-47032 (In construct_transaction_from_cmd of lwis_ioctl.c, there is a possible ...)
-	TODO: check
+	NOT-FOR-US: Android
 CVE-2024-43769 (In isPackageDeviceAdmin of PackageManagerService.java, there is a poss ...)
-	TODO: check
+	NOT-FOR-US: Android
 CVE-2024-43768 (In skia_alloc_func of SkDeflate.cpp, there is a possible out of bounds ...)
 	TODO: check
 CVE-2024-43767 (In prepare_to_draw_into_mask of SkBlurMaskFilterImpl.cpp, there is a p ...)
 	TODO: check
 CVE-2024-43764 (In onPrimaryClipChanged of ClipboardListener.java, there is a possible ...)
-	TODO: check
+	NOT-FOR-US: Android
 CVE-2024-43762 (In multiple locations, there is a possible way to avoid unbinding of a ...)
-	TODO: check
+	NOT-FOR-US: Android
 CVE-2024-43097 (In resizeToAtLeast of SkRegion.cpp, there is a possible out of bounds  ...)
 	TODO: check
 CVE-2024-43077 (In DevmemValidateFlags of devicemem_server.c , there is a possible out ...)
-	TODO: check
+	NOT-FOR-US: Android
 CVE-2024-11624 (there is a possible to add apps to bypass VPN due to Undeclared Permis ...)
-	TODO: check
+	NOT-FOR-US: Android
 CVE-2025-0173 (A vulnerability was found in SourceCodester Online Eyewear Shop 1.0 an ...)
 	NOT-FOR-US: SourceCodester Online Eyewear Shop
 CVE-2025-0172 (A vulnerability has been found in code-projects Chat System 1.0 and cl ...)
@@ -333,9 +333,9 @@ CVE-2024-12912 (An improper input insertion vulnerability in AiCloud on certain
 CVE-2024-12907 (Kentico CMS in version 7 is vulnerable to a Reflected XSS attacks thro ...)
 	NOT-FOR-US: Kentico CMS
 CVE-2024-11717 (Tokens in CTFd used for account activation and password resetting can  ...)
-	TODO: check
+	NOT-FOR-US: CTFd
 CVE-2024-11716 (While assignment of a user to a team (bracket) inCTFd  should be possi ...)
-	TODO: check
+	NOT-FOR-US: CTFd
 CVE-2023-48758 (Missing Authorization vulnerability in Crocoblock JetEngine allows Exp ...)
 	NOT-FOR-US: WordPress plugin
 CVE-2023-48739 (Missing Authorization vulnerability in Porto Theme Porto Theme - Funct ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/4e1d4a8e62f78f40688a5d763de9c0597a81f91a

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/4e1d4a8e62f78f40688a5d763de9c0597a81f91a
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20250103/c1f12e04/attachment.htm>

More information about the debian-security-tracker-commits mailing list