[Git][security-tracker-team/security-tracker][master] Process some NFUs

Salvatore Bonaccorso (@carnil) Thu, 20 Feb 2025 13:18:34 -0800


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker



Commits:
9cd92894 by Salvatore Bonaccorso at 2025-02-20T22:17:19+01:00
Process some NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,5 +1,5 @@
 CVE-2025-27096 (WeGIA is a Web Manager for Institutions with a focus on 
Portuguese lan ...)
-       TODO: check
+       NOT-FOR-US: WeGIA
 CVE-2025-27091 (OpenH264 is a free license codec library which supports H.264 
encoding ...)
        TODO: check
 CVE-2025-26618 (Erlang is a programming language and runtime system for 
building massi ...)
@@ -21,17 +21,17 @@ CVE-2025-26305 (A memory leak has been identified in the 
parseSWF_SOUNDINFO func
 CVE-2025-26304 (A memory leak has been identified in the parseSWF_EXPORTASSETS 
functio ...)
        TODO: check
 CVE-2025-25973 (A stored Cross Site Scripting vulnerability in the "related 
recommenda ...)
-       TODO: check
+       NOT-FOR-US: Ppress
 CVE-2025-25968 (DDSN Interactive cm3 Acora CMS version 10.1.1 contains an 
improper acc ...)
-       TODO: check
+       NOT-FOR-US: DDSN Interactive cm3 Acora CMS
 CVE-2025-25299 (CKEditor 5 is a modern JavaScript rich-text editor with an MVC 
archite ...)
        TODO: check
 CVE-2025-24893 (XWiki Platform is a generic wiki platform offering runtime 
services fo ...)
-       TODO: check
+       NOT-FOR-US: XWiki
 CVE-2025-21106 (Dell Recover Point for Virtual Machines 6.0.X contains a Weak 
file sys ...)
-       TODO: check
+       NOT-FOR-US: Dell
 CVE-2025-21105 (Dell RecoverPoint for Virtual Machines 6.0.X contains a 
command execut ...)
-       TODO: check
+       NOT-FOR-US: Dell
 CVE-2025-20059 (Relative Path Traversal vulnerability in Ping Identity PingAM 
Java Pol ...)
        TODO: check
 CVE-2025-1483 (The LTL Freight Quotes \u2013 GlobalTranz Edition plugin for 
WordPress ...)
@@ -39,7 +39,7 @@ CVE-2025-1483 (The LTL Freight Quotes \u2013 GlobalTranz 
Edition plugin for Word
 CVE-2025-1328 (The Typed JS: A typewriter style animation plugin for WordPress 
is vul ...)
        NOT-FOR-US: WordPress plugin
 CVE-2025-1265 (An OS command injection vulnerability exists in Vinci Protocol 
Analyze ...)
-       TODO: check
+       NOT-FOR-US: Vinci Protocol Analyzer
 CVE-2025-1258
        REJECTED
 CVE-2025-1064 (The Login/Signup Popup ( Inline Form + Woocommerce ) plugin for 
WordPr ...)
@@ -51,31 +51,31 @@ CVE-2025-1039 (The Lenix Elementor Leads addon plugin for 
WordPress is vulnerabl
 CVE-2025-0897 (The Modal Window \u2013 create popup modal window plugin for 
WordPress ...)
        NOT-FOR-US: WordPress plugin
 CVE-2025-0868 (A vulnerability, that could result in Remote Code Execution 
(RCE), has ...)
-       TODO: check
+       NOT-FOR-US: DocsGPT
 CVE-2025-0866 (The Legoeso PDF Manager plugin for WordPress is vulnerable to 
time-bas ...)
        NOT-FOR-US: WordPress plugin
 CVE-2025-0352 (Rapid Response Monitoring My Security Account App utilizes an 
API that ...)
-       TODO: check
+       NOT-FOR-US: Rapid Response Monitoring My Security Account App
 CVE-2025-0161 (IBM Security Verify Access Appliance 10.0.0.0 through 10.0.0.9 
and 11. ...)
        NOT-FOR-US: IBM
 CVE-2024-7141 (Versions of Gliffy Online prior to versions 4.14.0-7 contains a 
Cross  ...)
-       TODO: check
+       NOT-FOR-US: Gliffy Online
 CVE-2024-6432 (The Content Blocks (Custom Post Widget) plugin for WordPress is 
vulner ...)
        NOT-FOR-US: WordPress plugin
 CVE-2024-57716 (An issue in trenoncourt AutoQueryable v.1.7.0 allows a remote 
attacker ...)
-       TODO: check
+       NOT-FOR-US: AutoQueryable
 CVE-2024-57401 (SQL Injection vulnerability in Uniclare Student portal v.2 and 
before  ...)
-       TODO: check
+       NOT-FOR-US: Uniclare Student portal
 CVE-2024-55457 (MasterSAM Star Gate 11 is vulnerable to directory traversal 
via /adama ...)
-       TODO: check
+       NOT-FOR-US: MasterSAM Star Gate
 CVE-2024-54961 (Nagios XI 2024R1.2.2 has an Information Disclosure 
vulnerability, whic ...)
-       TODO: check
+       NOT-FOR-US: Nagios XI
 CVE-2024-54960 (A SQL Injection vulnerability in Nagios XI 2024R1.2.2 allows a 
remote  ...)
-       TODO: check
+       NOT-FOR-US: Nagios XI
 CVE-2024-54959 (Nagios XI 2024R1.2.2 is vulnerable to a Cross-Site Request 
Forgery (CS ...)
-       TODO: check
+       NOT-FOR-US: Nagios XI
 CVE-2024-54958 (Nagios XI 2024R1.2.2 is susceptible to a stored Cross-Site 
Scripting ( ...)
-       TODO: check
+       NOT-FOR-US: Nagios XI
 CVE-2024-49781 (IBM OpenPages with Watson 8.3 and 9.0 IBM OpenPages is 
vulnerable to a ...)
        NOT-FOR-US: IBM
 CVE-2024-49779 (IBM OpenPages with Watson 8.3 and 9.0 IBM OpenPages   could 
allow a re ...)
@@ -85,7 +85,7 @@ CVE-2024-49344 (IBM OpenPages with Watson 8.3 and 9.0 IBM 
OpenPages     with Wat
 CVE-2024-49337 (IBM OpenPages with Watson 8.3 and 9.0 IBM OpenPages       is 
vulnerabl ...)
        NOT-FOR-US: IBM
 CVE-2024-46933 (An issue was discovered in Atos Eviden BullSequana XH2140 BMC 
before C ...)
-       TODO: check
+       NOT-FOR-US: Atos Eviden
 CVE-2024-13888 (The WPMobile.App plugin for WordPress is vulnerable to Open 
Redirect i ...)
        NOT-FOR-US: WordPress plugin
 CVE-2024-13855 (The Prime Addons for Elementor plugin for WordPress is 
vulnerable to I ...)
@@ -107,65 +107,65 @@ CVE-2024-13520 (The Gift Cards (Gift Vouchers and 
Packages) (WooCommerce Support
 CVE-2024-13476 (The LTL Freight Quotes \u2013 GlobalTranz Edition plugin for 
WordPress ...)
        NOT-FOR-US: WordPress plugin
 CVE-2023-51339 (A lack of rate limiting in the 'Forgot Password' feature of 
PHPJabbers ...)
-       TODO: check
+       NOT-FOR-US: PHPJabbers Event Ticketing System
 CVE-2023-51338 (PHPJabbers Meeting Room Booking System v1.0 is vulnerable to 
Multiple  ...)
-       TODO: check
+       NOT-FOR-US: PHPJabbers Meeting Room Booking System
 CVE-2023-51337 (PHPJabbers Event Ticketing System v1.0 is vulnerable to 
Reflected Cros ...)
-       TODO: check
+       NOT-FOR-US: PHPJabbers Event Ticketing System
 CVE-2023-51336 (PHPJabbers Meeting Room Booking System v1.0 is vulnerable to 
CSV Injec ...)
-       TODO: check
+       NOT-FOR-US: PHPJabbers Meeting Room Booking System
 CVE-2023-51335 (PHPJabbers Cinema Booking System v1.0 is vulnerable to 
Multiple Stored ...)
-       TODO: check
+       NOT-FOR-US: PHPJabbers Cinema Booking System
 CVE-2023-51334 (A lack of rate limiting in the 'Forgot Password' feature of 
PHPJabbers ...)
-       TODO: check
+       NOT-FOR-US: PHPJabbers Cinema Booking System
 CVE-2023-51333 (PHPJabbers Cinema Booking System v1.0 is vulnerable to CSV 
Injection v ...)
-       TODO: check
+       NOT-FOR-US: PHPJabbers Cinema Booking System
 CVE-2023-51332 (A lack of rate limiting in the 'Forgot Password' feature of 
PHPJabbers ...)
-       TODO: check
+       NOT-FOR-US: PHPJabbers Meeting Room Booking System
 CVE-2023-51331 (PHPJabbers Cleaning Business Software v1.0 is vulnerable to 
CSV Inject ...)
-       TODO: check
+       NOT-FOR-US: PHPJabbers Cleaning Business Software
 CVE-2023-51330 (PHPJabbers Cinema Booking System v1.0 is vulnerable to 
Reflected Cross ...)
-       TODO: check
+       NOT-FOR-US: PHPJabbers Cinema Booking System
 CVE-2023-51327 (A lack of rate limiting in the 'Forgot Password' feature of 
PHPJabbers ...)
-       TODO: check
+       NOT-FOR-US: PHPJabbers Cleaning Business Software
 CVE-2023-51326 (A lack of rate limiting in the 'Forgot Password' feature of 
PHPJabbers ...)
-       TODO: check
+       NOT-FOR-US: PHPJabbers Cleaning Business Software
 CVE-2023-51325 (PHPJabbers Shared Asset Booking System v1.0 is vulnerable to 
Multiple  ...)
-       TODO: check
+       NOT-FOR-US: PHPJabbers Shared Asset Booking System
 CVE-2023-51324 (PHPJabbers Shared Asset Booking System v1.0 is vulnerable to 
CSV Injec ...)
-       TODO: check
+       NOT-FOR-US: PHPJabbers Shared Asset Booking System
 CVE-2023-51323 (A lack of rate limiting in the 'Forgot Password' feature of 
PHPJabbers ...)
-       TODO: check
+       NOT-FOR-US: PHPJabbers Shared Asset Booking System
 CVE-2023-51321 (A lack of rate limiting in the 'Forgot Password' feature of 
PHPJabbers ...)
-       TODO: check
+       NOT-FOR-US: PHPJabbers Night Club Booking Software
 CVE-2023-51320 (PHPJabbers Night Club Booking Software v1.0 is vulnerable to 
CSV Injec ...)
-       TODO: check
+       NOT-FOR-US: PHPJabbers Night Club Booking Software
 CVE-2023-51319 (PHPJabbers Bus Reservation System v1.1 is vulnerable to CSV 
Injection  ...)
-       TODO: check
+       NOT-FOR-US: PHPJabbers Bus Reservation System
 CVE-2023-51318 (PHPJabbers Bus Reservation System v1.1 is vulnerable to 
Multiple Store ...)
-       TODO: check
+       NOT-FOR-US: PHPJabbers Bus Reservation System
 CVE-2023-51317 (PHPJabbers Restaurant Booking System v3.0 is vulnerable to 
Multiple HT ...)
-       TODO: check
+       NOT-FOR-US: PHPJabbers Restaurant Booking System
 CVE-2023-51316 (A lack of rate limiting in the 'Forgot Password' feature of 
PHPJabbers ...)
-       TODO: check
+       NOT-FOR-US: PHPJabbers Bus Reservation System
 CVE-2023-51315 (PHPJabbers Restaurant Booking System v3.0 is vulnerable to 
Multiple St ...)
-       TODO: check
+       NOT-FOR-US: PHPJabbers Restaurant Booking System
 CVE-2023-51314 (A lack of rate limiting in the 'Forgot Password', 'Email 
Settings' fea ...)
-       TODO: check
+       NOT-FOR-US: PHPJabbers Restaurant Booking System
 CVE-2023-51313 (PHPJabbers Restaurant Booking System v3.0 is vulnerable to CSV 
Injecti ...)
-       TODO: check
+       NOT-FOR-US: PHPJabbers Restaurant Booking System
 CVE-2023-51312 (PHPJabbers Restaurant Booking System v3.0 is vulnerable to 
Reflected C ...)
-       TODO: check
+       NOT-FOR-US: PHPJabbers Restaurant Booking System
 CVE-2023-51311 (PHPJabbers Car Park Booking System v3.0 is vulnerable to CSV 
Injection ...)
-       TODO: check
+       NOT-FOR-US: PHPJabbers Car Park Booking System
 CVE-2023-51310 (A lack of rate limiting in the 'Forgot Password', 'Email 
Settings' fea ...)
-       TODO: check
+       NOT-FOR-US: PHPJabbers Car Park Booking System
 CVE-2023-51309 (A lack of rate limiting in the 'Email Settings' feature of 
PHPJabbers  ...)
-       TODO: check
+       NOT-FOR-US: PHPJabbers Car Park Booking System
 CVE-2023-51308 (PHPJabbers Car Park Booking System v3.0 is vulnerable to 
Multiple HTML ...)
-       TODO: check
+       NOT-FOR-US: PHPJabbers Car Park Booking System
 CVE-2023-51306 (PHPJabbers Event Ticketing System v1.0 is vulnerable to 
Multiple Store ...)
-       TODO: check
+       NOT-FOR-US: PHPJabbers Event Ticketing System
 CVE-2025-27218 (Sitecore Experience Manager (XM) and Experience Platform (XP) 
10.4 bef ...)
        NOT-FOR-US: Sitecore
 CVE-2025-27092 (GHOSTS is an open source user simulation framework for cyber 
experimen ...)



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/9cd928941cbfff1bd4c20144a3458b7b38499b70

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/9cd928941cbfff1bd4c20144a3458b7b38499b70
You're receiving this email because of your account on salsa.debian.org.

_______________________________________________
debian-security-tracker-commits mailing list
debian-security-tracker-commits@alioth-lists.debian.net
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

[Git][security-tracker-team/security-tracker][master] Process some NFUs

Reply via email to