[Git][security-tracker-team/security-tracker][master] Process some NFUs

Salvatore Bonaccorso (@carnil) carnil at debian.org
Tue Mar 25 20:17:21 GMT 2025 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
8b2b7031 by Salvatore Bonaccorso at 2025-03-25T21:15:48+01:00
Process some NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -23,11 +23,11 @@ CVE-2025-2754 (A vulnerability was found in Open Asset Import Library Assimp 5.4
 CVE-2025-2753 (A vulnerability was found in Open Asset Import Library Assimp 5.4.3. I ...)
 	TODO: check
 CVE-2025-2635 (The Digital License Manager plugin for WordPress is vulnerable to Refl ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2025-2559 (A flaw was found in Keycloak. When the configuration uses JWT tokens f ...)
 	TODO: check
 CVE-2025-2542 (The Your Simple SVG Support plugin for WordPress is vulnerable to Stor ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2025-2532 (Luxion KeyShot USDC File Parsing Use-After-Free Remote Code Execution  ...)
 	TODO: check
 CVE-2025-2531 (Luxion KeyShot DAE File Parsing Heap-based Buffer Overflow Remote Code ...)
@@ -35,17 +35,17 @@ CVE-2025-2531 (Luxion KeyShot DAE File Parsing Heap-based Buffer Overflow Remote
 CVE-2025-2530 (Luxion KeyShot DAE File Parsing Access of Uninitialized Pointer Remote ...)
 	TODO: check
 CVE-2025-2510 (The Frndzk Expandable Bottom Bar plugin for WordPress is vulnerable to ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2025-2319 (The EZ SQL Reports Shortcode Widget and DB Backup plugin for WordPress ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2025-2109 (The WP Compress \u2013 Instant Performance & Speed Optimization plugin ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2025-29932 (In JetBrains GoLand before 2025.1 an XXE during debugging was possible)
-	TODO: check
+	NOT-FOR-US: JetBrains
 CVE-2025-29635 (A command injection vulnerability in D-Link DIR-823X 240126 and 240802 ...)
-	TODO: check
+	NOT-FOR-US: D-Link
 CVE-2025-28904 (Improper Neutralization of Special Elements used in an SQL Command ('S ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin or theme
 CVE-2025-27633 (The TRMTracker web application is vulnerable to reflected Cross-site s ...)
 	TODO: check
 CVE-2025-27632 (A Host Header Injection vulnerability in TRMTracker application may al ...)
@@ -55,7 +55,7 @@ CVE-2025-27631 (The TRMTracker web application is vulnerable to LDAP injection a
 CVE-2025-27147 (The GLPI Inventory Plugin handles various types of tasks for GLPI agen ...)
 	TODO: check
 CVE-2025-26742 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin or theme
 CVE-2025-22230 (VMware Tools for Windows contains an authentication bypass vulnerabili ...)
 	TODO: check
 CVE-2025-1445 (A vulnerability exists in RTU IEC 61850 client and server functionalit ...)
@@ -71,13 +71,13 @@ CVE-2024-48818 (An issue in IIT Bombay, Mumbai, India Bodhitree of cs101 version
 CVE-2024-42533 (SQL injection vulnerability in the authentication module in Convivance ...)
 	TODO: check
 CVE-2024-31896 (IBM SPSS Statistics26.0, 27.0.1, 28.0.1, and 29.0.2 uses weaker than e ...)
-	TODO: check
+	NOT-FOR-US: IBM
 CVE-2024-13731 (The Alert Box Block \u2013 Display notice/alerts in the front end. plu ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2024-13710 (The Estatebud \u2013 Properties & Listings plugin for WordPress is vul ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2024-13690 (The WP Church Donation plugin for WordPress is vulnerable to Stored Cr ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2024-12169 (A vulnerability exists in RTU500 IEC 60870-5-104 controlled station fu ...)
 	TODO: check
 CVE-2024-11499 (A vulnerability exists in RTU500 IEC 60870-4-104 controlled station fu ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/8b2b7031cea9205a404de440173986d0a81525de

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/8b2b7031cea9205a404de440173986d0a81525de
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20250325/98953def/attachment-0001.htm>

More information about the debian-security-tracker-commits mailing list