[Git][security-tracker-team/security-tracker][master] Process some more NFUs

Salvatore Bonaccorso (@carnil) carnil at debian.org
Thu Mar 6 20:53:24 GMT 2025 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
25f6eda9 by Salvatore Bonaccorso at 2025-03-06T21:52:40+01:00
Process some more NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -51,7 +51,7 @@ CVE-2025-25191 (Group-Office is an enterprise CRM and groupware tool. This Store
 CVE-2025-24796 (Collabora Online is a collaborative online office suite based on Libre ...)
 	NOT-FOR-US: Collabora Online
 CVE-2025-1696 (A vulnerability exists in Docker Desktop prior to version 4.39.0 that  ...)
-	TODO: check
+	NOT-FOR-US: Docker Desktop
 CVE-2025-1672 (The Notibar \u2013 Notification Bar for WordPress plugin for WordPress ...)
 	NOT-FOR-US: WordPress plugin
 CVE-2025-1666 (The Cookie banner plugin for WordPress \u2013 Cookiebot CMP by Usercen ...)
@@ -61,37 +61,37 @@ CVE-2025-1540 (An issue has been discovered in GitLab CE/EE for Self-Managed and
 CVE-2025-1383 (The Podlove Podcast Publisher plugin for WordPress is vulnerable to Cr ...)
 	NOT-FOR-US: WordPress plugin
 CVE-2025-0877 (Improper Neutralization of Input During Web Page Generation (XSS or 'C ...)
-	TODO: check
+	NOT-FOR-US: AtaksAPP Reservation Management System
 CVE-2025-0337 (ServiceNow has addressed an authorization bypass vulnerability that wa ...)
 	TODO: check
 CVE-2024-7872 (Insertion of Sensitive Information Into Sent Data vulnerability in Ext ...)
-	TODO: check
+	NOT-FOR-US: ExtremePACS Extreme XDS
 CVE-2024-52924 (An issue was discovered in NRMM in Samsung Mobile Processor, Wearable  ...)
-	TODO: check
+	NOT-FOR-US: Samsung
 CVE-2024-52923 (An issue was discovered in NRMM in Samsung Mobile Processor, Wearable  ...)
-	TODO: check
+	NOT-FOR-US: Samsung
 CVE-2024-51476 (IBM Concert Software 1.0.5 uses an inadequate account lockout setting  ...)
-	TODO: check
+	NOT-FOR-US: IBM
 CVE-2024-50600 (An issue was discovered in Samsung Mobile Processor and Wearable Proce ...)
-	TODO: check
+	NOT-FOR-US: Samsung
 CVE-2024-42844 (A SQL Injection vulnerability has been identified in EPICOR Prophet 21 ...)
-	TODO: check
+	NOT-FOR-US: EPICOR Prophet 21
 CVE-2024-13902 (A vulnerability, which was classified as problematic, was found in hua ...)
-	TODO: check
+	NOT-FOR-US: huang-yk student-manage
 CVE-2024-13897 (The Moving Media Library plugin for WordPress is vulnerable to arbitra ...)
 	NOT-FOR-US: WordPress plugin
 CVE-2024-13894 (Smartwares camerasCIP-37210AT andC724IP, as well as others which share ...)
-	TODO: check
+	NOT-FOR-US: Smartwares
 CVE-2024-13893 (Smartwares camerasCIP-37210AT andC724IP, as well as others which share ...)
-	TODO: check
+	NOT-FOR-US: Smartwares
 CVE-2024-13892 (Smartwares camerasCIP-37210AT andC724IP, as well as others which share ...)
-	TODO: check
+	NOT-FOR-US: Smartwares
 CVE-2024-12742 (A deserialization of untrusted data vulnerability exists in NI G Web D ...)
-	TODO: check
+	NOT-FOR-US: NI
 CVE-2024-12146 (Improper Validation of Syntactic Correctness of Input vulnerability in ...)
-	TODO: check
+	NOT-FOR-US: Finder Fire Safety Finder ERP/CRM (New System)
 CVE-2024-12144 (Improper Neutralization of Special Elements used in an SQL Command ('S ...)
-	TODO: check
+	NOT-FOR-US: Finder Fire Safety Finder ERP/CRM (Old System)
 CVE-2025-21834 (In the Linux kernel, the following vulnerability has been resolved:  s ...)
 	- linux 6.12.15-1
 	[bookworm] - linux <not-affected> (Vulnerable code not present)
@@ -436,7 +436,7 @@ CVE-2025-20208 (A vulnerability in the web-based management interface of Cisco T
 CVE-2025-20206 (A vulnerability in the interprocess communication (IPC) channel of Cis ...)
 	NOT-FOR-US: Cisco
 CVE-2025-1714 (Lack of Rate Limiting in Sign-up workflow in Perforce Gliffy prior to  ...)
-	TODO: check
+	NOT-FOR-US: Perforce Gliffy
 CVE-2025-1702 (The Ultimate Member \u2013 User Profile, Registration, Login, Member D ...)
 	NOT-FOR-US: WordPress plugin
 CVE-2025-1515 (The WP Real Estate Manager plugin for WordPress is vulnerable to Authe ...)
@@ -446,7 +446,7 @@ CVE-2025-1463 (The Spreadsheet Integration plugin for WordPress is vulnerable to
 CVE-2025-1435 (The bbPress plugin for WordPress is vulnerable to Cross-Site Request F ...)
 	NOT-FOR-US: WordPress plugin
 CVE-2025-1393 (An unauthenticated remote attacker can use hard-coded credentials to g ...)
-	TODO: check
+	NOT-FOR-US: PROCON-WIN
 CVE-2025-1008 (The Recently Purchased Products For Woo plugin for WordPress is vulner ...)
 	NOT-FOR-US: WordPress plugin
 CVE-2025-0990 (The I Am Gloria plugin for WordPress is vulnerable to Cross-Site Reque ...)
@@ -510,7 +510,7 @@ CVE-2024-12815 (The Point Maker plugin for WordPress is vulnerable to Stored Cro
 CVE-2024-12799 (Insufficiently Protected Credentials vulnerability in OpenText Identit ...)
 	NOT-FOR-US: OpenText
 CVE-2024-12650 (An attacker with low privileges can manipulate the requested memory si ...)
-	TODO: check
+	NOT-FOR-US: Wago
 CVE-2024-12281 (The Homey theme for WordPress is vulnerable to privilege escalation in ...)
 	NOT-FOR-US: WordPress plugin
 CVE-2024-12097 (Improper Neutralization of Special Elements used in an SQL Command ('S ...)
@@ -524,7 +524,7 @@ CVE-2024-11216 (Authorization Bypass Through User-Controlled Key, Exposure of Pr
 CVE-2024-11153 (The Content Control \u2013 The Ultimate Content Restriction Plugin! Re ...)
 	NOT-FOR-US: WordPress plugin
 CVE-2024-11035 (Carbon Black Cloud Windows Sensor, prior to 4.0.3, may be susceptible  ...)
-	TODO: check
+	NOT-FOR-US: Carbon Black Cloud Windows Sensor
 CVE-2023-38693 (Lucee Server (or simply Lucee) is a dynamic, Java based, tag and scrip ...)
 	TODO: check
 CVE-2025-27685 (Vasion Print (formerly PrinterLogic) before Virtual Appliance Host 1.0 ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/25f6eda9c351372a10358d1c7b5f2ffd16d33e0a

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/25f6eda9c351372a10358d1c7b5f2ffd16d33e0a
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20250306/27595a90/attachment.htm>

More information about the debian-security-tracker-commits mailing list