[Git][security-tracker-team/security-tracker][master] Process some NFUs

Salvatore Bonaccorso (@carnil) carnil at debian.org
Fri Mar 7 20:15:45 GMT 2025 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
d894ac50 by Salvatore Bonaccorso at 2025-03-07T21:14:23+01:00
Process some NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,9 +1,9 @@
 CVE-2025-2090 (A vulnerability was found in PHPGurukul Pre-School Enrollment System 1 ...)
-	TODO: check
+	NOT-FOR-US: PHPGurukul
 CVE-2025-2089 (A vulnerability has been found in StarSea99 starsea-mall 1.0/2.X and c ...)
 	TODO: check
 CVE-2025-2088 (A vulnerability, which was classified as critical, was found in PHPGur ...)
-	TODO: check
+	NOT-FOR-US: PHPGurukul
 CVE-2025-2087 (A vulnerability, which was classified as problematic, has been found i ...)
 	TODO: check
 CVE-2025-2086 (A vulnerability classified as problematic was found in StarSea99 stars ...)
@@ -11,7 +11,7 @@ CVE-2025-2086 (A vulnerability classified as problematic was found in StarSea99
 CVE-2025-2085 (A vulnerability classified as problematic has been found in StarSea99  ...)
 	TODO: check
 CVE-2025-2084 (A vulnerability was found in PHPGurukul Human Metapneumovirus Testing  ...)
-	TODO: check
+	NOT-FOR-US: PHPGurukul
 CVE-2025-2024 (Trimble SketchUp SKP File Parsing Uninitialized Variable Remote Code E ...)
 	TODO: check
 CVE-2025-27607 (Python JSON Logger is a JSON Formatter for Python Logging. Between 30  ...)
@@ -39,17 +39,17 @@ CVE-2025-1887 (SMB forced authentication vulnerability in versions prior to 2025
 CVE-2025-1886 (Pass-Back vulnerability in versions prior to 2025.35.000 of Sage 200 S ...)
 	TODO: check
 CVE-2025-1768 (The SEO Plugin by Squirrly SEO plugin for WordPress is vulnerable to b ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2025-1315 (The InWave Jobs plugin for WordPress is vulnerable to privilege escala ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2025-0959 (The Eventer - WordPress Event & Booking Manager Plugin plugin for Word ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2025-0162 (IBM Aspera Shares 1.9.9 through 1.10.0 PL7 is vulnerable to an XML ext ...)
 	TODO: check
 CVE-2024-9658 (The School Management System for Wordpress plugin for WordPress is vul ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2024-9458 (The Reservit Hotel WordPress plugin before 3.0 does not sanitise and e ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2024-53700 (A command injection vulnerability has been reported to affect QHora. I ...)
 	TODO: check
 CVE-2024-53699 (An out-of-bounds write vulnerability has been reported to affect sever ...)
@@ -79,43 +79,43 @@ CVE-2024-48864 (A files or directories accessible to external parties vulnerabil
 CVE-2024-38638 (An out-of-bounds write vulnerability has been reported to affect sever ...)
 	TODO: check
 CVE-2024-13904 (The Platform.ly for WooCommerce plugin for WordPress is vulnerable to  ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2024-13857 (The WPGet API \u2013 Connect to any external REST API plugin for WordP ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2024-13805 (The Advanced File Manager \u2014 Ultimate WordPress File Manager and D ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2024-13781 (The Hero Maps Premium plugin for WordPress is vulnerable to SQL Inject ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2024-13668 (The WordPress Activity O Meter WordPress plugin through 1.0 does not s ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2024-13635 (The VK Blocks plugin for WordPress is vulnerable to Sensitive Informat ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2024-13552 (The SupportCandy \u2013 Helpdesk & Customer Support Ticket System plug ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2024-13431 (The Appointment Booking Calendar \u2014 Simply Schedule Appointments B ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2024-13086 (An exposure of sensitive information vulnerability has been reported t ...)
 	TODO: check
 CVE-2024-12975 (A buffer overread can occur in the CPC application when operating in f ...)
 	TODO: check
 CVE-2024-12876 (The Golo - City Travel Guide WordPress Theme theme for WordPress is vu ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2024-12634 (The Related Posts, Inline Related Posts, Contextual Related Posts, Rel ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2024-12611 (The School Management System for Wordpress plugin for WordPress is vul ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2024-12610 (The School Management System for Wordpress plugin for WordPress is vul ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2024-12609 (The School Management System for Wordpress plugin for WordPress is vul ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2024-12607 (The School Management System for Wordpress plugin for WordPress is vul ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2024-12036 (The CS Framework plugin for WordPress is vulnerable to Arbitrary File  ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2024-12035 (The CS Framework plugin for WordPress is vulnerable to arbitrary file  ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2024-10804 (The Ultimate Video Player WordPress & WooCommerce Plugin plugin for Wo ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2023-43052 (IBM Control Center 6.2.1 through 6.3.1 is vulnerable to an external se ...)
 	TODO: check
 CVE-2023-35894 (IBM Control Center 6.2.1 through 6.3.1 is vulnerable to HTTP header in ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/d894ac50e45272ad6af04c495b581595b630b38a

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/d894ac50e45272ad6af04c495b581595b630b38a
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20250307/d31fee2f/attachment-0001.htm>

More information about the debian-security-tracker-commits mailing list