Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
09548d00 by Salvatore Bonaccorso at 2025-02-26T09:27:38+01:00
Process some NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,27 +1,27 @@
CVE-2025-27148 (Gradle is a build automation tool, and its native-platform
tool provid ...)
TODO: check
CVE-2025-25521 (Seacms <=13.3 is vulnerable to SQL Injection in
admin_type_news.php.)
- TODO: check
+ NOT-FOR-US: Seacms
CVE-2025-25520 (Seacms <13.3 is vulnerable to SQL Injection in admin_pay.php.)
- TODO: check
+ NOT-FOR-US: Seacms
CVE-2025-25519 (Seacms <=13.3 is vulnerable to SQL Injection in admin_zyk.php.)
- TODO: check
+ NOT-FOR-US: Seacms
CVE-2025-25517 (Seacms <=13.3 is vulnerable to SQL Injection in
admin_reslib.php.)
- TODO: check
+ NOT-FOR-US: Seacms
CVE-2025-25516 (Seacms <=13.3 is vulnerable to SQL Injection in
admin_paylog.php.)
- TODO: check
+ NOT-FOR-US: Seacms
CVE-2025-25515 (Seacms <=13.3 is vulnerable to SQL Injection in
admin_collect.php that ...)
- TODO: check
+ NOT-FOR-US: Seacms
CVE-2025-25514 (Seacms <=13.3 is vulnerable to SQL Injection in
admin_collect_news.php ...)
- TODO: check
+ NOT-FOR-US: Seacms
CVE-2025-22881 (Delta Electronics CNCSoft-G2 lacks proper validation of the
length of ...)
- TODO: check
+ NOT-FOR-US: Delta Electronics
CVE-2025-22869 (SSH servers which implement file transfer protocols are
vulnerable to ...)
TODO: check
CVE-2025-22868 (An attacker can pass a malicious malformed token which causes
unexpect ...)
TODO: check
CVE-2025-22211 (A SQL injection vulnerability in the JoomShopping component
versions 1 ...)
- TODO: check
+ NOT-FOR-US: JoomShopping
CVE-2025-1091 (A Broken Authorization schema exists where any authenticated
user coul ...)
TODO: check
CVE-2025-0889 (Prior to 25.2, a local authenticated attacker can elevate
privileges o ...)
@@ -55,53 +55,53 @@ CVE-2024-53871 (NVIDIA CUDA toolkit for all platforms
contains a vulnerability i
CVE-2024-53870 (NVIDIA CUDA toolkit for all platforms contains a vulnerability
in the ...)
TODO: check
CVE-2024-39441 (In wifi display, there is a possible missing permission check.
This co ...)
- TODO: check
+ NOT-FOR-US: Unisoc
CVE-2024-30150 (HCL MyCloud is affected by Improper Access Control - an
unauthenticate ...)
- TODO: check
+ NOT-FOR-US: HCL
CVE-2024-27246 (Use after free in some Zoom Workplace Apps and SDKs may allow
an authe ...)
- TODO: check
+ NOT-FOR-US: Zoom
CVE-2024-27245 (Buffer overflow in some Zoom Workplace Apps and SDKs may allow
an auth ...)
- TODO: check
+ NOT-FOR-US: Zoom
CVE-2024-27239 (Use after free in some Zoom Workplace Apps and SDKs may allow
an authe ...)
- TODO: check
+ NOT-FOR-US: Zoom
CVE-2024-13803 (The Essential Blocks \u2013 Page Builder Gutenberg Blocks,
Patterns & ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-13678 (The R3W InstaFeed WordPress plugin through 1.0 does not
sanitise and e ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-13669 (The CalendApp WordPress plugin through 1.1 does not sanitise
and escap ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-13634 (The Post Sync WordPress plugin through 1.1 does not sanitise
and escap ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-13633 (The Simple catalogue WordPress plugin through 1.0.2 does not
sanitise ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-13632 (The WP Extra Fields WordPress plugin through 1.0.1 does not
sanitise a ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-13631 (The Om Stripe WordPress plugin through 02.00.00 does not
sanitise and ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-13630 (The NewsTicker WordPress plugin through 1.0 does not sanitise
and esca ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-13629 (The pushBIZ WordPress plugin through 1.0 does not sanitise
and escape ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-13628 (The WP Pricing Table WordPress plugin through 1.1 does not
sanitise an ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-13624 (The WPMovieLibrary WordPress plugin through 2.1.4.8 does not
sanitise ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-13571 (The Post Timeline WordPress plugin before 2.3.10 does not
sanitise and ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-13113 (The Countdown Timer for Elementor WordPress plugin before
1.3.7 does n ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-12878 (The Custom Block Builder WordPress plugin before 3.8.3 does
not sanit ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-12737 (The WP BASE Booking of Appointments, Services and Events
WordPress plu ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-12434 (The SureMembers plugin for WordPress is vulnerable to
Sensitive Inform ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-10563 (The WooCommerce Cart Count Shortcode WordPress plugin before
1.1.0 doe ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-10483 (The Simple:Press Forum WordPress plugin before 6.10.11 does
not saniti ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-10152 (The Simple Certain Time to Show Content WordPress plugin
before 1.3.1 ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-0148 (NVIDIA Jetson Linux and IGX OS image contains a vulnerability
in the U ...)
TODO: check
CVE-2025-25209
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/09548d00a53a283c05bbbd0c2f9e243808594dd7
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/09548d00a53a283c05bbbd0c2f9e243808594dd7
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
