[Git][security-tracker-team/security-tracker][master] Process some NFUs

Salvatore Bonaccorso (@carnil) Sun, 09 Feb 2025 01:18:54 -0800


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker



Commits:
21ad7a75 by Salvatore Bonaccorso at 2025-02-09T10:18:31+01:00
Process some NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,9 +1,9 @@
 CVE-2025-0517
        REJECTED
 CVE-2025-0316 (The WP Directorybox Manager plugin for WordPress is vulnerable 
to auth ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2025-0169 (The DWT - Directory & Listing WordPress Theme is vulnerable to 
Stored  ...)
-       TODO: check
+       NOT-FOR-US: WordPress theme
 CVE-2024-8377
        REJECTED
 CVE-2024-6909
@@ -11,19 +11,19 @@ CVE-2024-6909
 CVE-2024-5183
        REJECTED
 CVE-2024-13440 (The Super Store Finder plugin for WordPress is vulnerable to 
SQL Injec ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2023-4927
        REJECTED
 CVE-2025-1117 (A vulnerability, which was classified as critical, was found in 
CoinRe ...)
-       TODO: check
+       NOT-FOR-US: CoinRemitter on OpenCart
 CVE-2025-1116 (A vulnerability, which was classified as critical, has been 
found in D ...)
-       TODO: check
+       NOT-FOR-US: Dreamvention Live AJAX Search Free on OpenCart
 CVE-2025-1115 (A vulnerability classified as problematic was found in 
RT-Thread up to ...)
-       TODO: check
+       NOT-FOR-US: RT-Thread
 CVE-2024-54176 (IBM DevOps Deploy 8.0 through 8.0.1.4, 8.1 through 8.1.0.0 and 
IBM Urb ...)
-       TODO: check
+       NOT-FOR-US: IBM
 CVE-2024-13850 (The Simple add pages or posts plugin for WordPress is 
vulnerable to St ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2025-25187 (Joplin is a free, open source note taking and to-do 
application, which ...)
        - joplin <itp> (bug #931306)
 CVE-2025-24366 (SFTPGo is an open source, event-driven file transfer solution. 
SFTPGo  ...)
@@ -41,7 +41,7 @@ CVE-2024-57606 (SQL injection vulnerability in Beijing Guoju 
Information Technol
 CVE-2024-57357 (An issue in TPLINK TL-WPA 8630 TL-WPA8630(US)_V2_2.0.4 Build 
20230427  ...)
        NOT-FOR-US: TPLINK
 CVE-2024-57279 (A reflected Cross-Site Scripting (XSS) vulnerability has been 
identifi ...)
-       TODO: check
+       NOT-FOR-US: LDAP User Manager
 CVE-2024-57278 (A reflected Cross-Site Scripting (XSS) vulnerability exists in 
/websca ...)
        NOT-FOR-US: QingScan
 CVE-2024-55630 (Joplin is a free, open source note taking and to-do 
application, which ...)
@@ -49,7 +49,7 @@ CVE-2024-55630 (Joplin is a free, open source note taking and 
to-do application,
 CVE-2024-55272 (An issue in Brainasoft Braina v2.8 allows a remote attacker to 
obtain  ...)
        NOT-FOR-US: Brainasoft Braina
 CVE-2024-55215 (An issue in trojan v.2.0.0 through v.2.15.3 allows a remote 
attacker t ...)
-       TODO: check
+       NOT-FOR-US: trojan
 CVE-2025-25183 (vLLM is a high-throughput and memory-efficient inference and 
serving e ...)
        NOT-FOR-US: vLLM
 CVE-2025-25168 (Cross-Site Request Forgery (CSRF) vulnerability in 
blackandwhitedigita ...)
@@ -1340,9 +1340,9 @@ CVE-2025-0971 (A vulnerability was found in Zenvia 
Movidesk up to 25.01.22. It h
 CVE-2025-0970 (A vulnerability was found in Zenvia Movidesk up to 25.01.22. It 
has be ...)
        NOT-FOR-US: Zenvia Movidesk
 CVE-2025-0015 (Use After Free vulnerability in Arm Ltd Valhall GPU Kernel 
Driver, Arm ...)
-       TODO: check
+       NOT-FOR-US: Arm GPU Kernel Driver
 CVE-2024-6790 (Loop with Unreachable Exit Condition ('Infinite Loop') 
vulnerability i ...)
-       TODO: check
+       NOT-FOR-US: Arm GPU Kernel Driver
 CVE-2024-57968 (Advantive VeraCore before 2024.4.2.1 allows remote 
authenticated users ...)
        NOT-FOR-US: Advantive VeraCore
 CVE-2024-57967 (PVWA (Password Vault Web Access) in CyberArk Privileged Access 
Manager ...)
@@ -201131,7 +201131,7 @@ CVE-2022-40918 (Buffer overflow in firmware lewei_cam 
binary version 2.0.10 in F
 CVE-2022-40917
        RESERVED
 CVE-2022-40916 (Tiny File Manager v2.4.7 and below is vulnerable to session 
fixation.)
-       TODO: check
+       NOT-FOR-US: Tiny File Manager
 CVE-2022-40915
        RESERVED
 CVE-2022-40914
@@ -202244,7 +202244,7 @@ CVE-2022-40492
 CVE-2022-40491
        RESERVED
 CVE-2022-40490 (Tiny File Manager v2.4.7 and below was discovered to contain a 
Cross S ...)
-       TODO: check
+       NOT-FOR-US: Tiny File Manager
 CVE-2022-40489 (ThinkCMF version 6.0.7 is affected by a Cross Site Request 
Forgery (CS ...)
        NOT-FOR-US: ThinkCMF
 CVE-2022-40488 (ProcessWire v3.0.200 was discovered to contain a Cross-Site 
Request Fo ...)



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/21ad7a7579fc350af15b23feb864396c16e2a32b

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/21ad7a7579fc350af15b23feb864396c16e2a32b
You're receiving this email because of your account on salsa.debian.org.

_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

[Git][security-tracker-team/security-tracker][master] Process some NFUs

Reply via email to