[Git][security-tracker-team/security-tracker][master] NFUs

Moritz Muehlenhoff (@jmm) Thu, 27 Feb 2025 01:06:20 -0800


Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / 
security-tracker



Commits:
373b7bff by Moritz Muehlenhoff at 2025-02-27T10:05:49+01:00
NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,23 +1,23 @@
 CVE-2025-1728
        REJECTED
 CVE-2025-1717 (The Login Me Now plugin for WordPress is vulnerable to 
authentication  ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2025-1689 (The ThemeMakers PayPal Express Checkout plugin for WordPress is 
vulner ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2025-1686 (All versions of the package io.pebbletemplates:pebble are 
vulnerable t ...)
        TODO: check
 CVE-2025-1460
        REJECTED
 CVE-2025-1295 (The Templines Elementor Helper Core plugin for WordPress is 
vulnerable ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2025-0469 (The Forminator Forms \u2013 Contact Form, Payment Form & Custom 
Form B ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2024-6261 (The Image Photo Gallery Final Tiles Grid plugin for WordPress 
is vulne ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2024-5848 (A reflected cross-site scripting (XSS) vulnerability exists in 
multipl ...)
        TODO: check
 CVE-2024-57423 (A Cross Site Scripting vulnerability in CloudClassroom-PHP 
Project v1. ...)
-       TODO: check
+       NOT-FOR-US: CloudClassroom-PHP
 CVE-2024-57040 (TL-WR845N(UN)_V4_200909 and TL-WR845N(UN)_V4_190219 was 
discovered to  ...)
        TODO: check
 CVE-2024-55581 (When AdaCore Ada Web Server 25.0.0 is linked with GnuTLS, the 
default  ...)
@@ -25,35 +25,35 @@ CVE-2024-55581 (When AdaCore Ada Web Server 25.0.0 is 
linked with GnuTLS, the de
 CVE-2024-53573 (Unifiedtransform v2.X is vulnerable to Incorrect Access 
Control. Unaut ...)
        TODO: check
 CVE-2024-50696 (SunGrow WiNet-S V200.001.00.P025 and earlier versions is 
missing integ ...)
-       TODO: check
+       NOT-FOR-US: SunGrow
 CVE-2024-50693 (SunGrow iSolarCloud before the October 31, 2024 remediation is 
vulnera ...)
-       TODO: check
+       NOT-FOR-US: SunGrow
 CVE-2024-50691 (SunGrow iSolarCloud Android app V2.1.6.20241104 and prior 
suffers from ...)
-       TODO: check
+       NOT-FOR-US: SunGrow
 CVE-2024-50689 (SunGrow iSolarCloud before the October 31, 2024 remediation is 
vulnera ...)
-       TODO: check
+       NOT-FOR-US: SunGrow
 CVE-2024-50688 (SunGrow iSolarCloud Android application V2.1.6.20241017 and 
prior cont ...)
-       TODO: check
+       NOT-FOR-US: SunGrow
 CVE-2024-50687 (SunGrow iSolarCloud before the October 31, 2024 remediation is 
vulnera ...)
-       TODO: check
+       NOT-FOR-US: SunGrow
 CVE-2024-50686 (SunGrow iSolarCloud before the October 31, 2024 remediation is 
vulnera ...)
-       TODO: check
+       NOT-FOR-US: SunGrow
 CVE-2024-50685 (SunGrow iSolarCloud before the October 31, 2024 remediation, 
is vulner ...)
-       TODO: check
+       NOT-FOR-US: SunGrow
 CVE-2024-50684 (SunGrow iSolarCloud Android app V2.1.6.20241017 and prior uses 
an inse ...)
-       TODO: check
+       NOT-FOR-US: SunGrow
 CVE-2024-2321 (An incorrect authorization vulnerability exists in multiple 
WSO2 produ ...)
-       TODO: check
+       NOT-FOR-US: WSO2 Identity Server
 CVE-2024-2297 (The Bricks theme for WordPress is vulnerable to Privilege 
Escalation i ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2024-13907 (The Total Upkeep \u2013 WordPress Backup Plugin plus Restore & 
Migrate ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2024-13905 (The OneStore Sites plugin for WordPress is vulnerable to 
Server-Side R ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2024-13647 (The School Management System \u2013 SakolaWP plugin for 
WordPress is v ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2024-0392 (A Cross-Site Request Forgery (CSRF) vulnerability exists in the 
manage ...)
-       TODO: check
+       NOT-FOR-US: WSO2 Enterprise Integrator
 CVE-2024-36353
        NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=2343791
        TODO: check, AMD GPU related, but unclear if src:linux



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/373b7bff6d58e204f76577edd631d7780dbe3978

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/373b7bff6d58e204f76577edd631d7780dbe3978
You're receiving this email because of your account on salsa.debian.org.

_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

[Git][security-tracker-team/security-tracker][master] NFUs

Reply via email to