[Git][security-tracker-team/security-tracker][master] Process some NFUs

Tue, 25 Feb 2025 13:48:05 -0800 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
ccc04141 by Salvatore Bonaccorso at 2025-02-25T22:47:39+01:00
Process some NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -149,39 +149,39 @@ CVE-2025-21626 (GLPI is a free asset and IT management 
software package. Startin
        - glpi <removed>
        NOTE: 
https://github.com/glpi-project/glpi/security/advisories/GHSA-5vvr-pxwf-3w77
 CVE-2025-1676 (A vulnerability classified as critical was found in hzmanyun 
Education ...)
-       TODO: check
+       NOT-FOR-US: hzmanyun Education and Training System
 CVE-2025-1262 (The Advanced Google reCaptcha plugin for WordPress is 
vulnerable to CA ...)
        NOT-FOR-US: WordPress plugin
 CVE-2025-1204 (The "update" binary in the firmware of the affected product 
sends atte ...)
        TODO: check
 CVE-2025-1068 (There is an untrusted search path vulnerability in Esri ArcGIS 
AllSour ...)
-       TODO: check
+       NOT-FOR-US: Esri ArcGIS
 CVE-2025-1067 (There is an untrusted search path vulnerability in Esri ArcGIS 
Pro 3.3 ...)
-       TODO: check
+       NOT-FOR-US: Esri ArcGIS
 CVE-2024-54444 (Improper Neutralization of Input During Web Page Generation 
('Cross-si ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2024-51539 (The Dell Secure Connect Gateway (SCG) Application and 
Appliance, versi ...)
-       TODO: check
+       NOT-FOR-US: Dell
 CVE-2024-45426 (Incorrect ownership assignment in some Zoom Workplace Apps may 
allow a ...)
-       TODO: check
+       NOT-FOR-US: Zoom
 CVE-2024-45425 (Incorrect user management in some Zoom Workplace Apps may 
allow a priv ...)
-       TODO: check
+       NOT-FOR-US: Zoom
 CVE-2024-45424 (Business logic error in some Zoom Workplace Apps may allow an 
unauthen ...)
-       TODO: check
+       NOT-FOR-US: Zoom
 CVE-2024-45421 (Buffer overflow in some Zoom Apps may allow an authenticated 
user to c ...)
-       TODO: check
+       NOT-FOR-US: Zoom
 CVE-2024-45418 (Symlink following in the installer for some Zoom apps for 
macOS before ...)
-       TODO: check
+       NOT-FOR-US: Zoom
 CVE-2024-45417 (Uncontrolled resource consumption in the installer for some 
Zoom apps  ...)
-       TODO: check
+       NOT-FOR-US: Zoom
 CVE-2024-36259 (Improper access control in mail module of Odoo Community 17.0 
and Odoo ...)
        TODO: check
 CVE-2024-34036 (An issue was discovered in O-RAN Near Realtime RIC I-Release. 
To explo ...)
-       TODO: check
+       NOT-FOR-US: O-RAN
 CVE-2024-34035 (An issue was discovered in O-RAN Near Realtime RIC H-Release. 
To trigg ...)
-       TODO: check
+       NOT-FOR-US: O-RAN
 CVE-2024-34034 (An issue was discovered in FlexRIC 2.0.0. It crashes during a 
Subscrip ...)
-       TODO: check
+       NOT-FOR-US: FlexRIC
 CVE-2024-13695 (The Enfold theme for WordPress is vulnerable to Server-Side 
Request Fo ...)
        NOT-FOR-US: WordPress plugin
 CVE-2024-13693 (The Enfold theme for WordPress is vulnerable to unauthorized 
access of ...)
@@ -269,11 +269,11 @@ CVE-2025-22974 (SQL Injection vulnerability in SeaCMS 
v.13.2 and before allows a
 CVE-2025-22210 (A SQL injection vulnerability in the Hikashop component 
versions 3.3.0 ...)
        NOT-FOR-US: Hikashop
 CVE-2025-1675 (The function dns_copy_qname in dns_pack.c performs performs a 
memcpy o ...)
-       TODO: check
+       NOT-FOR-US: NOT-FOR-US: Zephyr, different from src:zephyr
 CVE-2025-1674 (A lack of input validation allows for out of bounds reads 
caused by ma ...)
-       TODO: check
+       NOT-FOR-US: NOT-FOR-US: Zephyr, different from src:zephyr
 CVE-2025-1673 (A malicious or malformed DNS packet without a payload can cause 
an out ...)
-       TODO: check
+       NOT-FOR-US: NOT-FOR-US: Zephyr, different from src:zephyr
 CVE-2025-1648 (The Yawave plugin for WordPress is vulnerable to SQL Injection 
via the ...)
        NOT-FOR-US: WordPress plugin
 CVE-2025-1646 (A vulnerability, which was classified as critical, has been 
found in L ...)



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/ccc0414163302074e14c301de76d2fc9a0d363a3

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/ccc0414163302074e14c301de76d2fc9a0d363a3
You're receiving this email because of your account on salsa.debian.org.



_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

Reply via email to