Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
13eb9100 by Salvatore Bonaccorso at 2025-01-09T22:00:05+01:00
Process some NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -97,49 +97,49 @@ CVE-2025-22149 (JWK Set (JSON Web Key Set) is a JWK and JWK
Set Go implementatio
CVE-2025-21628 (Chatwoot is a customer engagement suite. Prior to 3.16.0,
conversation ...)
TODO: check
CVE-2025-21602 (An Improper Handling of Exceptional Conditions vulnerability
in the ro ...)
- TODO: check
+ NOT-FOR-US: Juniper
CVE-2025-21600 (An Out-of-Bounds Read vulnerability in the routing protocol
daemon (r ...)
- TODO: check
+ NOT-FOR-US: Juniper
CVE-2025-21599 (AMissing Release of Memory after Effective Lifetime
vulnerability in t ...)
- TODO: check
+ NOT-FOR-US: Juniper
CVE-2025-21598 (AnOut-of-bounds Read vulnerability in Juniper Networks Junos
OS and Ju ...)
- TODO: check
+ NOT-FOR-US: Juniper
CVE-2025-21596 (An Improper Handling of Exceptional Conditions vulnerability
in the co ...)
- TODO: check
+ NOT-FOR-US: Juniper
CVE-2025-21593 (An Improper Control of a Resource Through its Lifetime
vulnerability i ...)
- TODO: check
+ NOT-FOR-US: Juniper
CVE-2025-21592 (An Exposure of Sensitive Information to an Unauthorized
Actorvulnerabi ...)
- TODO: check
+ NOT-FOR-US: Juniper
CVE-2025-0349 (A vulnerability classified as critical has been found in Tenda
AC6 15. ...)
- TODO: check
+ NOT-FOR-US: Tenda
CVE-2025-0348 (A vulnerability was found in CampCodes DepEd Equipment
Inventory Syste ...)
- TODO: check
+ NOT-FOR-US: CampCodes DepEd Equipment Inventory System
CVE-2025-0347 (A vulnerability was found in code-projects Admission Management
System ...)
- TODO: check
+ NOT-FOR-US: code-projects Admission Management System
CVE-2025-0346 (A vulnerability was found in code-projects Content Management
System 1 ...)
- TODO: check
+ NOT-FOR-US: code-projects Content Management System
CVE-2025-0345 (A vulnerability was found in leiyuxi cy-fast 1.0 and classified
as cri ...)
- TODO: check
+ NOT-FOR-US: leiyuxi cy-fast
CVE-2024-6155 (The Greenshift \u2013 animation and page builder blocks plugin
for Wor ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-5769 (The MIMO Woocommerce Order Tracking plugin for WordPress is
vulnerable ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-56114 (Canlineapp Online 1.1 is vulnerable to Broken Access Control
and allow ...)
- TODO: check
+ NOT-FOR-US: Canlineapp Online
CVE-2024-56113 (Smart Toilet Lab - Motius 1.3.11 is running with debug mode
turned on ...)
TODO: check
CVE-2024-55494 (A cross-site scripting (XSS) vulnerability in Opencode Mobile
Collect ...)
- TODO: check
+ NOT-FOR-US: Opencode Mobile Collect Call
CVE-2024-54887 (TP-Link TL-WR940N V3 and V4 with firmware 3.16.9 and earlier
contain a ...)
- TODO: check
+ NOT-FOR-US: TP-Link
CVE-2024-54762 (Ruoyi v.4.7.9 and before contains an authenticated SQL
injection vulne ...)
- TODO: check
+ NOT-FOR-US: Ruoyi
CVE-2024-54761 (BigAnt Office Messenger 5.6.06 is vulnerable to SQL Injection
via the ...)
- TODO: check
+ NOT-FOR-US: BigAnt Office Messenger
CVE-2024-54724 (PHPYun before 7.0.2 is vulnerable to code execution through
backdoor-r ...)
- TODO: check
+ NOT-FOR-US: PHPYun
CVE-2024-46505 (Infoblox BloxOne v2.4 was discovered to contain a business
logic flaw ...)
- TODO: check
+ NOT-FOR-US: Infoblox BloxOne
CVE-2024-43176 (IBM OpenPages 9.0 could allow an authenticated user to obtain
sensitiv ...)
NOT-FOR-US: IBM
CVE-2024-13284 (Cross-Site Request Forgery (CSRF) vulnerability in Drupal
Gutenberg al ...)
@@ -239,65 +239,65 @@ CVE-2024-13238 (Improper Neutralization of Input During
Web Page Generation ('Cr
CVE-2024-13237 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
TODO: check
CVE-2024-13153 (The Unlimited Elements For Elementor plugin for WordPress is
vulnerabl ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-12848 (The SKT Page Builder plugin for WordPress is vulnerable to
arbitrary f ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-12819 (The Searchie plugin for WordPress is vulnerable to Stored
Cross-Site S ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-12802 (SSL-VPN MFA Bypass in SonicWALL SSL-VPN can arise in specific
cases du ...)
- TODO: check
+ NOT-FOR-US: SonicWALL
CVE-2024-12621 (The Yumpu E-Paper publishing plugin for WordPress is
vulnerable to Sto ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-12618 (The Newsletter2Go plugin for WordPress is vulnerable to
unauthorized m ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-12616 (The Bitly's WordPress Plugin plugin for WordPress is
vulnerable t ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-12605 (The AI Scribe \u2013 SEO AI Writer, Content Generator,
Humanizer, Blog ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-12542 (The linkID plugin for WordPress is vulnerable to unauthorized
access o ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-12515 (The Muslim Prayer Time-Salah/Iqamah plugin for WordPress is
vulnerable ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-12514 (The 3DVieweronline plugin for WordPress is vulnerable to
Stored Cross- ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-12496 (The Linear plugin for WordPress is vulnerable to Stored
Cross-Site Scr ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-12493 (The Files Download Delay plugin for WordPress is vulnerable to
Stored ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-12491 (The SimplyRETS Real Estate IDX plugin for WordPress is
vulnerable to S ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-12394 (The Action Network plugin for WordPress is vulnerable to
Cross-Site Re ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-12330 (The WP Database Backup \u2013 Unlimited Database & Files
Backup by Bac ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-12285 (The SEMA API plugin for WordPress is vulnerable to Reflected
Cross-Sit ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-12249 (The GS Insever Portfolio plugin for WordPress is vulnerable to
unautho ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-12222 (The Deliver via Shipos for WooCommerce plugin for WordPress is
vulnera ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-12218 (The Woocommerce check pincode/zipcode for shipping plugin for
WordPres ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-12206 (The WordPress Header Builder Plugin \u2013 Pearl plugin for
WordPress ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-12122 (The ResAds plugin for WordPress is vulnerable to Reflected
Cross-Site ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-12067 (The WP Travel \u2013 Ultimate Travel Booking System, Tour
Management E ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-11929 (The Responsive FlipBook Plugin Wordpress plugin for WordPress
is vulne ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-11907 (The Skyword API Plugin plugin for WordPress is vulnerable to
Stored Cr ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-11815 (The P\xf3sturinn\'s Shipping with WooCommerce plugin for
WordPres ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-11686 (The WhatsApp \U0001f680 click to chat plugin for WordPress is
vulnerab ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-11642 (The Post Grid Master \u2013 Custom Post Types, Taxonomies &
Ajax Filte ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-11328 (The CLUEVO LMS, E-Learning Platform plugin for WordPress is
vulnerable ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-10215 (The WPBookit plugin for WordPress is vulnerable to Arbitrary
User Pass ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-10106 (A buffer overflow vulnerability in the packet handoff plugin
allows an ...)
TODO: check
CVE-2025-22449 (Mattermost versions 9.11.x <= 9.11.5 fail to enforce invite
permission ...)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/13eb910053a1130850c23fd5a87cf98e39491226
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/13eb910053a1130850c23fd5a87cf98e39491226
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
