[Git][security-tracker-team/security-tracker][master] NFUs
Moritz Muehlenhoff (@jmm)
jmm at debian.org
Fri Jan 17 15:56:35 GMT 2025
Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker
Commits:
c05a54ab by Moritz Muehlenhoff at 2025-01-17T16:56:26+01:00
NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -245,89 +245,89 @@ CVE-2025-23761 (Missing Authorization vulnerability in Alex Volkov Woo Tuner all
CVE-2025-23760 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
NOT-FOR-US: WordPress plugin
CVE-2025-23201 (librenms is a community-based GPL-licensed network monitoring system. ...)
- TODO: check
+ NOT-FOR-US: LibreNMS
CVE-2025-23200 (librenms is a community-based GPL-licensed network monitoring system. ...)
- TODO: check
+ NOT-FOR-US: LibreNMS
CVE-2025-23199 (librenms is a community-based GPL-licensed network monitoring system. ...)
- TODO: check
+ NOT-FOR-US: LibreNMS
CVE-2025-23198 (librenms is a community-based GPL-licensed network monitoring system. ...)
- TODO: check
+ NOT-FOR-US: LibreNMS
CVE-2025-21325 (Windows Secure Kernel Mode Elevation of Privilege Vulnerability)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2024-57785 (Zenitel AlphaWeb XE v11.2.3.10 was discovered to contain a local file ...)
- TODO: check
+ NOT-FOR-US: Zenitel AlphaWeb XE
CVE-2024-57784 (An issue in the component /php/script_uploads.php of Zenitel AlphaWeb ...)
- TODO: check
+ NOT-FOR-US: Zenitel AlphaWeb XE
CVE-2024-57704 (Tenda AC8v4 V16.03.34.06 has a stack overflow vulnerability. Affected ...)
- TODO: check
+ NOT-FOR-US: Tenda
CVE-2024-57703 (Tenda AC8v4 V16.03.34.06 has a stack overflow vulnerability. Affected ...)
- TODO: check
+ NOT-FOR-US: Tenda
CVE-2024-57583 (Tenda AC18 V15.03.05.19 was discovered to contain a command injection ...)
- TODO: check
+ NOT-FOR-US: Tenda
CVE-2024-57582 (Tenda AC18 V15.03.05.19 was discovered to contain a stack overflow via ...)
- TODO: check
+ NOT-FOR-US: Tenda
CVE-2024-57581 (Tenda AC18 V15.03.05.19 was discovered to contain a stack overflow via ...)
- TODO: check
+ NOT-FOR-US: Tenda
CVE-2024-57580 (Tenda AC18 V15.03.05.19 was discovered to contain a stack overflow via ...)
- TODO: check
+ NOT-FOR-US: Tenda
CVE-2024-57579 (Tenda AC18 V15.03.05.19 was discovered to contain a stack overflow via ...)
- TODO: check
+ NOT-FOR-US: Tenda
CVE-2024-57578 (Tenda AC18 V15.03.05.19 was discovered to contain a stack overflow via ...)
- TODO: check
+ NOT-FOR-US: Tenda
CVE-2024-57577 (Tenda AC18 V15.03.05.19 was discovered to contain a stack overflow via ...)
- TODO: check
+ NOT-FOR-US: Tenda
CVE-2024-57575 (Tenda AC18 V15.03.05.19 was discovered to contain a stack overflow via ...)
- TODO: check
+ NOT-FOR-US: Tenda
CVE-2024-56144 (librenms is a community-based GPL-licensed network monitoring system. ...)
- TODO: check
+ NOT-FOR-US: LibreNMS
CVE-2024-55511 (A null pointer dereference vulnerability in Macrium Reflect prior to 8 ...)
- TODO: check
+ NOT-FOR-US: Macrium Reflect
CVE-2024-54660 (A JNDI injection issue was discovered in Cloudera JDBC Connector for H ...)
- TODO: check
+ NOT-FOR-US: Cloudera JDBC Connector for Haadoop
CVE-2024-53553 (An issue in OPEXUS FOIAXPRESS PUBLIC ACCESS LINK v11.1.0 allows attack ...)
- TODO: check
+ NOT-FOR-US: OPEXUS
CVE-2024-52363 (IBM InfoSphere Information Server 11.7 could allow a remote attacker t ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2024-51462 (IBM QRadar WinCollect Agent 10.0.0 through 10.1.12 could allow a remot ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2024-48460 (An issue in Eugeny Tabby 1.0.213 allows a remote attacker to obtain se ...)
- TODO: check
+ NOT-FOR-US: Tabby
CVE-2024-46450 (Incorrect access control in Tenda AC1200 Smart Dual-Band WiFi Router M ...)
- TODO: check
+ NOT-FOR-US: Tenda
CVE-2024-40514 (Insecure Permissions vulnerability in themesebrand Chatvia v.5.3.2 all ...)
- TODO: check
+ NOT-FOR-US: Chatvia
CVE-2024-40513 (An issue in themesebrand Chatvia v.5.3.2 allows a remote attacker to e ...)
- TODO: check
+ NOT-FOR-US: Chatvia
CVE-2024-34579 (Fuji Electric Alpha5 SMART is vulnerable to a stack-based buffer ove ...)
- TODO: check
+ NOT-FOR-US: Fuji
CVE-2024-13434 (The WP Inventory Manager plugin for WordPress is vulnerable to Reflect ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-13401 (The Payment Button for PayPal plugin for WordPress is vulnerable to St ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-13398 (The Checkout for PayPal plugin for WordPress is vulnerable to Stored C ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-13386 (The quote-posttype-plugin plugin for WordPress is vulnerable to Stored ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-13367 (The Sandbox plugin for WordPress is vulnerable to unauthorized access ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-13366 (The Sandbox plugin for WordPress is vulnerable to Reflected Cross-Site ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-13333 (The Advanced File Manager plugin for WordPress is vulnerable to arbitr ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-12637 (The Moving Users plugin for WordPress is vulnerable to Sensitive Infor ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-12598 (The MyBookProgress by Stormhill Media plugin for WordPress is vulnerab ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-12508 (The Glofox Shortcodes plugin for WordPress is vulnerable to Stored Cro ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-12466 (The Proofreading plugin for WordPress is vulnerable to Reflected Cross ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-12203 (The RSS Icon Widget plugin for WordPress is vulnerable to Stored Cross ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-11146 (TrueFiling is a collaborative, web-based electronic filing system wher ...)
- TODO: check
+ NOT-FOR-US: TrueFiling
CVE-2024-10799 (The Eventer plugin for WordPress is vulnerable to Directory Traversal ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-45341
- golang-1.23 1.23.5-1
- golang-1.22 1.22.11-1
@@ -534,7 +534,7 @@ CVE-2025-23423 (Missing Authorization vulnerability in Smackcoders SendGrid for
CVE-2025-20630 (Mattermost Mobile versions <=2.22.0 fail to properly handle posts with ...)
NOT-FOR-US: Mattermost Mobile
CVE-2025-20621 (Mattermost versions 10.2.x <= 10.2.0, 9.11.x <= 9.11.5, 10.0.x <= 10.0 ...)
- TODO: check
+ - mattermost-server <itp> (bug #823556)
CVE-2025-20072 (Mattermost Mobile versions <= 2.22.0 fail to properly validate the sty ...)
NOT-FOR-US: Mattermost Mobile
CVE-2025-0518 (Unchecked Return Value, Out-of-bounds Read vulnerability in FFmpeg all ...)
@@ -622,17 +622,17 @@ CVE-2024-36403 (Matrix Media Repo (MMR) is a highly configurable multi-homeserve
CVE-2024-36402 (Matrix Media Repo (MMR) is a highly configurable multi-homeserver medi ...)
TODO: check
CVE-2024-13387 (The WP Responsive Tabs plugin for WordPress is vulnerable to Stored Cr ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-13355 (The Admin and Customer Messages After Order for WooCommerce: OrderConv ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-12615 (The Passwords Manager plugin for WordPress is vulnerable to SQL Inject ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-12614 (The Passwords Manager plugin for WordPress is vulnerable to unauthoriz ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-12613 (The Passwords Manager plugin for WordPress is vulnerable to SQL Inject ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-12427 (The Multi Step Form plugin for WordPress is vulnerable to unauthorized ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-4319
REJECTED
CVE-2018-25108 (An unauthenticated remote attacker can cause a DoS in the controller d ...)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/c05a54abefb072ed5d095719c40ab94e817cd53e
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/c05a54abefb072ed5d095719c40ab94e817cd53e
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20250117/d3514e19/attachment-0001.htm>
More information about the debian-security-tracker-commits
mailing list