Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
25f6eda9 by Salvatore Bonaccorso at 2025-03-06T21:52:40+01:00
Process some more NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -51,7 +51,7 @@ CVE-2025-25191 (Group-Office is an enterprise CRM and
groupware tool. This Store
CVE-2025-24796 (Collabora Online is a collaborative online office suite based
on Libre ...)
NOT-FOR-US: Collabora Online
CVE-2025-1696 (A vulnerability exists in Docker Desktop prior to version
4.39.0 that ...)
- TODO: check
+ NOT-FOR-US: Docker Desktop
CVE-2025-1672 (The Notibar \u2013 Notification Bar for WordPress plugin for
WordPress ...)
NOT-FOR-US: WordPress plugin
CVE-2025-1666 (The Cookie banner plugin for WordPress \u2013 Cookiebot CMP by
Usercen ...)
@@ -61,37 +61,37 @@ CVE-2025-1540 (An issue has been discovered in GitLab CE/EE
for Self-Managed and
CVE-2025-1383 (The Podlove Podcast Publisher plugin for WordPress is
vulnerable to Cr ...)
NOT-FOR-US: WordPress plugin
CVE-2025-0877 (Improper Neutralization of Input During Web Page Generation
(XSS or 'C ...)
- TODO: check
+ NOT-FOR-US: AtaksAPP Reservation Management System
CVE-2025-0337 (ServiceNow has addressed an authorization bypass vulnerability
that wa ...)
TODO: check
CVE-2024-7872 (Insertion of Sensitive Information Into Sent Data vulnerability
in Ext ...)
- TODO: check
+ NOT-FOR-US: ExtremePACS Extreme XDS
CVE-2024-52924 (An issue was discovered in NRMM in Samsung Mobile Processor,
Wearable ...)
- TODO: check
+ NOT-FOR-US: Samsung
CVE-2024-52923 (An issue was discovered in NRMM in Samsung Mobile Processor,
Wearable ...)
- TODO: check
+ NOT-FOR-US: Samsung
CVE-2024-51476 (IBM Concert Software 1.0.5 uses an inadequate account lockout
setting ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2024-50600 (An issue was discovered in Samsung Mobile Processor and
Wearable Proce ...)
- TODO: check
+ NOT-FOR-US: Samsung
CVE-2024-42844 (A SQL Injection vulnerability has been identified in EPICOR
Prophet 21 ...)
- TODO: check
+ NOT-FOR-US: EPICOR Prophet 21
CVE-2024-13902 (A vulnerability, which was classified as problematic, was
found in hua ...)
- TODO: check
+ NOT-FOR-US: huang-yk student-manage
CVE-2024-13897 (The Moving Media Library plugin for WordPress is vulnerable to
arbitra ...)
NOT-FOR-US: WordPress plugin
CVE-2024-13894 (Smartwares camerasCIP-37210AT andC724IP, as well as others
which share ...)
- TODO: check
+ NOT-FOR-US: Smartwares
CVE-2024-13893 (Smartwares camerasCIP-37210AT andC724IP, as well as others
which share ...)
- TODO: check
+ NOT-FOR-US: Smartwares
CVE-2024-13892 (Smartwares camerasCIP-37210AT andC724IP, as well as others
which share ...)
- TODO: check
+ NOT-FOR-US: Smartwares
CVE-2024-12742 (A deserialization of untrusted data vulnerability exists in NI
G Web D ...)
- TODO: check
+ NOT-FOR-US: NI
CVE-2024-12146 (Improper Validation of Syntactic Correctness of Input
vulnerability in ...)
- TODO: check
+ NOT-FOR-US: Finder Fire Safety Finder ERP/CRM (New System)
CVE-2024-12144 (Improper Neutralization of Special Elements used in an SQL
Command ('S ...)
- TODO: check
+ NOT-FOR-US: Finder Fire Safety Finder ERP/CRM (Old System)
CVE-2025-21834 (In the Linux kernel, the following vulnerability has been
resolved: s ...)
- linux 6.12.15-1
[bookworm] - linux <not-affected> (Vulnerable code not present)
@@ -436,7 +436,7 @@ CVE-2025-20208 (A vulnerability in the web-based management
interface of Cisco T
CVE-2025-20206 (A vulnerability in the interprocess communication (IPC)
channel of Cis ...)
NOT-FOR-US: Cisco
CVE-2025-1714 (Lack of Rate Limiting in Sign-up workflow in Perforce Gliffy
prior to ...)
- TODO: check
+ NOT-FOR-US: Perforce Gliffy
CVE-2025-1702 (The Ultimate Member \u2013 User Profile, Registration, Login,
Member D ...)
NOT-FOR-US: WordPress plugin
CVE-2025-1515 (The WP Real Estate Manager plugin for WordPress is vulnerable
to Authe ...)
@@ -446,7 +446,7 @@ CVE-2025-1463 (The Spreadsheet Integration plugin for
WordPress is vulnerable to
CVE-2025-1435 (The bbPress plugin for WordPress is vulnerable to Cross-Site
Request F ...)
NOT-FOR-US: WordPress plugin
CVE-2025-1393 (An unauthenticated remote attacker can use hard-coded
credentials to g ...)
- TODO: check
+ NOT-FOR-US: PROCON-WIN
CVE-2025-1008 (The Recently Purchased Products For Woo plugin for WordPress is
vulner ...)
NOT-FOR-US: WordPress plugin
CVE-2025-0990 (The I Am Gloria plugin for WordPress is vulnerable to
Cross-Site Reque ...)
@@ -510,7 +510,7 @@ CVE-2024-12815 (The Point Maker plugin for WordPress is
vulnerable to Stored Cro
CVE-2024-12799 (Insufficiently Protected Credentials vulnerability in OpenText
Identit ...)
NOT-FOR-US: OpenText
CVE-2024-12650 (An attacker with low privileges can manipulate the requested
memory si ...)
- TODO: check
+ NOT-FOR-US: Wago
CVE-2024-12281 (The Homey theme for WordPress is vulnerable to privilege
escalation in ...)
NOT-FOR-US: WordPress plugin
CVE-2024-12097 (Improper Neutralization of Special Elements used in an SQL
Command ('S ...)
@@ -524,7 +524,7 @@ CVE-2024-11216 (Authorization Bypass Through
User-Controlled Key, Exposure of Pr
CVE-2024-11153 (The Content Control \u2013 The Ultimate Content Restriction
Plugin! Re ...)
NOT-FOR-US: WordPress plugin
CVE-2024-11035 (Carbon Black Cloud Windows Sensor, prior to 4.0.3, may be
susceptible ...)
- TODO: check
+ NOT-FOR-US: Carbon Black Cloud Windows Sensor
CVE-2023-38693 (Lucee Server (or simply Lucee) is a dynamic, Java based, tag
and scrip ...)
TODO: check
CVE-2025-27685 (Vasion Print (formerly PrinterLogic) before Virtual Appliance
Host 1.0 ...)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/25f6eda9c351372a10358d1c7b5f2ffd16d33e0a
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/25f6eda9c351372a10358d1c7b5f2ffd16d33e0a
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
