Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
815143f1 by Salvatore Bonaccorso at 2025-01-10T11:13:32+01:00
Process some NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,9 +1,9 @@
CVE-2025-21385 (A Server-Side Request Forgery (SSRF) vulnerability in
Microsoft Purvie ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2025-21380 (Improper access control in Azure SaaS Resources allows an
authorized a ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2025-0311 (The Orbit Fox by ThemeIsle plugin for WordPress is vulnerable
to Store ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-56377 (A stored cross-site scripting (XSS) vulnerability in survey
titles of ...)
TODO: check
CVE-2024-56376 (A stored cross-site scripting (XSS) vulnerability in the
built-in mess ...)
@@ -15,13 +15,13 @@ CVE-2024-55225 (An issue in the component
src/api/identity.rs of Vaultwarden pri
CVE-2024-55224 (An HTML injection vulnerability in Vaultwarden prior to
v1.32.5 allows ...)
TODO: check
CVE-2024-51229 (Cross Site Scripting vulnerability in LinZhaoguan pb-cms v.2.0
allows ...)
- TODO: check
+ NOT-FOR-US: LinZhaoguan pb-cms
CVE-2024-48806 (Buffer Overflow vulnerability in Neat Board NFC
v.1.20240620.0015 allo ...)
- TODO: check
+ NOT-FOR-US: Neat Board NFC
CVE-2024-46464 (In PRIMX ZED Enterprise up to 2024.3, technical files stored
in local ...)
- TODO: check
+ NOT-FOR-US: PRIMX
CVE-2024-42898 (A cross-site scripting (XSS) vulnerability in Nagios XI
2024R1.1.4 all ...)
- TODO: check
+ NOT-FOR-US: Nagios XI
CVE-2024-13312 (Missing Authorization vulnerability in Drupal Open Social
allows Force ...)
TODO: check
CVE-2024-13311 (Vulnerability in Drupal Allow All File Extensions for file
fields.This ...)
@@ -209,7 +209,7 @@ CVE-2024-5769 (The MIMO Woocommerce Order Tracking plugin
for WordPress is vulne
CVE-2024-56114 (Canlineapp Online 1.1 is vulnerable to Broken Access Control
and allow ...)
NOT-FOR-US: Canlineapp Online
CVE-2024-56113 (Smart Toilet Lab - Motius 1.3.11 is running with debug mode
turned on ...)
- TODO: check
+ NOT-FOR-US: Smart Toilet Lab - Motius
CVE-2024-55494 (A cross-site scripting (XSS) vulnerability in Opencode Mobile
Collect ...)
NOT-FOR-US: Opencode Mobile Collect Call
CVE-2024-54887 (TP-Link TL-WR940N V3 and V4 with firmware 3.16.9 and earlier
contain a ...)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/815143f17cef1feddbcdc7bfceeefdaf3a1f845d
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/815143f17cef1feddbcdc7bfceeefdaf3a1f845d
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
