[Git][security-tracker-team/security-tracker][master] Process some NFUs

Salvatore Bonaccorso (@carnil) Tue, 11 Feb 2025 00:50:20 -0800


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker



Commits:
926d4ba5 by Salvatore Bonaccorso at 2025-02-11T09:48:49+01:00
Process some NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,15 +1,15 @@
 CVE-2025-25243 (SAP Supplier Relationship Management (Master Data Management 
Catalog)  ...)
        NOT-FOR-US: SAP
 CVE-2025-25241 (Due to a missing authorization check, an attacker who is 
logged in to  ...)
-       TODO: check
+       NOT-FOR-US: SAP
 CVE-2025-25194 (Lemmy, a link aggregator and forum for the fediverse, is 
vulnerable to ...)
-       TODO: check
+       NOT-FOR-US: Lemmy
 CVE-2025-25193 (Netty, an asynchronous, event-driven network application 
framework, ha ...)
        TODO: check
 CVE-2025-25190 (The ZOO-Project is an open source processing platform. The 
ZOO-Project ...)
-       TODO: check
+       NOT-FOR-US: ZOO-Project
 CVE-2025-25189 (The ZOO-Project is an open source processing platform. A 
reflected Cro ...)
-       TODO: check
+       NOT-FOR-US: ZOO-Project
 CVE-2025-24970 (Netty, an asynchronous, event-driven network application 
framework, ha ...)
        TODO: check
 CVE-2025-24876 (The SAP Approuter Node.js package version v16.7.1 and before 
is vulner ...)
@@ -33,13 +33,13 @@ CVE-2025-23193 (SAP NetWeaver Server ABAP allows an 
unauthenticated attacker to
 CVE-2025-23191 (Cached values belonging to the SAP OData endpoint in SAP Fiori 
for SAP ...)
        NOT-FOR-US: SAP
 CVE-2025-23190 (Due to missing authorization check, an authenticated attacker 
could ca ...)
-       TODO: check
+       NOT-FOR-US: SAP
 CVE-2025-23189 (Due to missing authorization check in an RFC enabled function 
module i ...)
-       TODO: check
+       NOT-FOR-US: SAP
 CVE-2025-23187 (Due to missing authorization check in an RFC enabled function 
module i ...)
-       TODO: check
+       NOT-FOR-US: SAP
 CVE-2025-1211 (Versions of the package hackney from 0.0.0 are vulnerable to 
Server-si ...)
-       TODO: check
+       NOT-FOR-US: hackney
 CVE-2025-1181 (A vulnerability classified as critical was found in GNU 
Binutils 2.43. ...)
        TODO: check
 CVE-2025-1180 (A vulnerability classified as problematic has been found in GNU 
Binuti ...)
@@ -49,59 +49,59 @@ CVE-2025-1179 (A vulnerability was found in GNU Binutils 
2.43. It has been rated
 CVE-2025-1178 (A vulnerability was found in GNU Binutils 2.43. It has been 
declared a ...)
        TODO: check
 CVE-2025-1177 (A vulnerability was found in dayrui XunRuiCMS 4.6.3. It has 
been class ...)
-       TODO: check
+       NOT-FOR-US: dayrui XunRuiCMS
 CVE-2025-1176 (A vulnerability was found in GNU Binutils 2.43 and classified 
as criti ...)
        TODO: check
 CVE-2025-1174 (A vulnerability has been found in 1000 Projects Bookstore 
Management S ...)
-       TODO: check
+       NOT-FOR-US: 1000 Projects Bookstore Management System
 CVE-2025-1173 (A vulnerability, which was classified as critical, was found in 
1000 P ...)
-       TODO: check
+       NOT-FOR-US: 1000 Projects Bookstore Management System
 CVE-2025-1172 (A vulnerability, which was classified as critical, has been 
found in 1 ...)
-       TODO: check
+       NOT-FOR-US: 1000 Projects Bookstore Management System
 CVE-2025-1171 (A vulnerability classified as problematic was found in 
code-projects R ...)
-       TODO: check
+       NOT-FOR-US: code-projects Real Estate Property Management System
 CVE-2025-1170 (A vulnerability classified as problematic has been found in 
code-proje ...)
-       TODO: check
+       NOT-FOR-US: code-projects Real Estate Property Management System
 CVE-2025-1169 (A vulnerability was found in SourceCodester Image Compressor 
Tool 1.0. ...)
-       TODO: check
+       NOT-FOR-US: SourceCodester Image Compressor Tool
 CVE-2025-1168 (A vulnerability was found in SourceCodester Contact Manager 
with Expor ...)
-       TODO: check
+       NOT-FOR-US: SourceCodester Contact Manager
 CVE-2025-1167 (A vulnerability was found in Mayuri K Employee Management 
System up to ...)
-       TODO: check
+       NOT-FOR-US: Mayuri K Employee Management System
 CVE-2025-1166 (A vulnerability has been found in SourceCodester Food Menu 
Manager 1.0 ...)
-       TODO: check
+       NOT-FOR-US: SourceCodester Food Menu Manager
 CVE-2025-1165 (A vulnerability, which was classified as critical, was found in 
Lumsof ...)
-       TODO: check
+       NOT-FOR-US: Lumsoft ERP
 CVE-2025-1164 (A vulnerability, which was classified as problematic, has been 
found i ...)
-       TODO: check
+       NOT-FOR-US: code-projects Police FIR Record Management System
 CVE-2025-1163 (A vulnerability classified as critical was found in 
code-projects Vehi ...)
-       TODO: check
+       NOT-FOR-US: code-projects Vehicle Parking Management System
 CVE-2025-1162 (A vulnerability classified as critical has been found in 
code-projects ...)
-       TODO: check
+       NOT-FOR-US: code-projects Job Recruitment
 CVE-2025-1160 (A vulnerability was found in SourceCodester Employee Management 
System ...)
-       TODO: check
+       NOT-FOR-US: SourceCodester Employee Management System
 CVE-2025-1159 (A vulnerability was found in CampCodes School Management 
Software 1.0. ...)
-       TODO: check
+       NOT-FOR-US: CampCodes School Management Software
 CVE-2025-1158 (A vulnerability was found in ESAFENET CDG 
5.6.3.154.205_20250114. It h ...)
-       TODO: check
+       NOT-FOR-US: ESAFENET
 CVE-2025-1157 (A vulnerability was found in Allims lab.online up to 20250201 
and clas ...)
-       TODO: check
+       NOT-FOR-US: Allims lab.online
 CVE-2025-1156 (A vulnerability has been found in Pix Software Vivaz 6.0.10 and 
classi ...)
-       TODO: check
+       NOT-FOR-US: Pix Software Vivaz
 CVE-2025-1145 (NetVision Information ISOinsight has a Reflected Cross-site 
Scripting  ...)
-       TODO: check
+       NOT-FOR-US: NetVision Information ISOinsight
 CVE-2025-1144 (School Affairs System from Quanxun has an Exposure of Sensitive 
Inform ...)
-       TODO: check
+       NOT-FOR-US: School Affairs System from Quanxun
 CVE-2025-1143 (Certain models of routers from Billion Electric has hard-coded 
embedde ...)
-       TODO: check
+       NOT-FOR-US: Billion Electric
 CVE-2025-1002 (MicroDicom DICOM Viewerversion 2024.03  fails to adequately 
verify the ...)
        TODO: check
 CVE-2025-0499
        REJECTED
 CVE-2025-0181 (The WP Foodbakery plugin for WordPress is vulnerable to 
privilege esca ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2025-0180 (The WP Foodbakery plugin for WordPress is vulnerable to 
privilege esca ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2025-0064 (Under specific conditions, the Central Management Console of 
the SAP B ...)
        NOT-FOR-US: SAP
 CVE-2025-0054 (SAP NetWeaver Application Server Java does not sufficiently 
handle use ...)
@@ -167,11 +167,11 @@ CVE-2024-5164
 CVE-2024-5146
        REJECTED
 CVE-2024-52612 (SolarWinds Platform is vulnerable to a reflected cross-site 
scripting  ...)
-       TODO: check
+       NOT-FOR-US: SolarWinds
 CVE-2024-52611 (The SolarWinds Platform is vulnerable to an information 
disclosure vul ...)
-       TODO: check
+       NOT-FOR-US: SolarWinds
 CVE-2024-52606 (SolarWinds Platform is affected by server-side request forgery 
vulnera ...)
-       TODO: check
+       NOT-FOR-US: SolarWinds
 CVE-2024-4952
        REJECTED
 CVE-2024-4951
@@ -191,7 +191,7 @@ CVE-2024-4101
 CVE-2024-4012
        REJECTED
 CVE-2024-45718 (Sensitive data could be exposed to non- privileged users in a 
configur ...)
-       TODO: check
+       NOT-FOR-US: SolarWinds
 CVE-2024-3975
        REJECTED
 CVE-2024-3702
@@ -215,7 +215,7 @@ CVE-2024-2114
 CVE-2024-2037
        REJECTED
 CVE-2024-28989 (SolarWinds Web Help Desk was found to have a hardcoded 
cryptographic k ...)
-       TODO: check
+       NOT-FOR-US: SolarWinds
 CVE-2024-1964
        REJECTED
 CVE-2024-1944
@@ -225,13 +225,13 @@ CVE-2024-1734
 CVE-2024-1457
        REJECTED
 CVE-2024-13643 (The Zox News - Professional WordPress News & Magazine Theme 
plugin for ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2024-13570 (The Stray Random Quotes WordPress plugin through 1.9.9 does 
not saniti ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2024-13544 (The Zarinpal Paid Download WordPress plugin through 2.3 does 
not prope ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2024-13543 (The Zarinpal Paid Download WordPress plugin through 2.3 does 
not sanit ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2024-12904
        REJECTED
 CVE-2024-12765
@@ -241,7 +241,7 @@ CVE-2024-12764
 CVE-2024-12763
        REJECTED
 CVE-2024-12599 (The HT Mega \u2013 Absolute Addons For Elementor plugin for 
WordPress  ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2024-12246
        REJECTED
 CVE-2024-12242



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/926d4ba533fd2751f69959d1e0d69e9143892442

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/926d4ba533fd2751f69959d1e0d69e9143892442
You're receiving this email because of your account on salsa.debian.org.

_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

[Git][security-tracker-team/security-tracker][master] Process some NFUs

Reply via email to