Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
864ffe86 by Salvatore Bonaccorso at 2025-03-25T09:28:01+01:00
Process some NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -11,19 +11,19 @@ CVE-2025-2743 (A vulnerability, which was classified as
problematic, has been fo
CVE-2025-2742 (A vulnerability classified as critical was found in
zhijiantianya ruoy ...)
TODO: check
CVE-2025-2740 (A vulnerability classified as critical has been found in
PHPGurukul Ol ...)
- TODO: check
+ NOT-FOR-US: PHPGurukul
CVE-2025-2739 (A vulnerability was found in PHPGurukul Old Age Home Management
System ...)
- TODO: check
+ NOT-FOR-US: PHPGurukul
CVE-2025-2738 (A vulnerability was found in PHPGurukul Old Age Home Management
System ...)
- TODO: check
+ NOT-FOR-US: PHPGurukul
CVE-2025-2737 (A vulnerability was found in PHPGurukul Old Age Home Management
System ...)
- TODO: check
+ NOT-FOR-US: PHPGurukul
CVE-2025-2736 (A vulnerability was found in PHPGurukul Old Age Home Management
System ...)
- TODO: check
+ NOT-FOR-US: PHPGurukul
CVE-2025-2735 (A vulnerability has been found in PHPGurukul Old Age Home
Management S ...)
- TODO: check
+ NOT-FOR-US: PHPGurukul
CVE-2025-2734 (A vulnerability, which was classified as critical, was found in
PHPGur ...)
- TODO: check
+ NOT-FOR-US: PHPGurukul
CVE-2025-2733 (A vulnerability classified as critical has been found in
mannaandpoem ...)
TODO: check
CVE-2025-2732 (A vulnerability was found in H3C Magic NX15, Magic NX30 Pro,
Magic NX4 ...)
@@ -53,7 +53,7 @@ CVE-2025-2721 (A vulnerability was found in GNOME libgsf up
to 1.14.53. It has b
CVE-2025-2720 (A vulnerability was found in GNOME libgsf up to 1.14.53 and
classified ...)
TODO: check
CVE-2025-2717 (A vulnerability, which was classified as critical, has been
found in D ...)
- TODO: check
+ NOT-FOR-US: D-Link
CVE-2025-2716 (A vulnerability classified as problematic was found in China
Mobile P2 ...)
TODO: check
CVE-2025-2715 (A vulnerability classified as problematic has been found in
timschofie ...)
@@ -67,9 +67,9 @@ CVE-2025-2711 (A vulnerability was found in Yonyou UFIDA
ERP-NC 5.0. It has been
CVE-2025-2710 (A vulnerability was found in Yonyou UFIDA ERP-NC 5.0 and
classified as ...)
TODO: check
CVE-2025-2252 (The Easy Digital Downloads \u2013 eCommerce Payments and
Subscriptions ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-2224 (The Directorist: AI-Powered Business Directory Plugin with
Classified ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-29315 (An issue in the Shiro-based RBAC (Role-based Access Control)
mechanism ...)
TODO: check
CVE-2025-29314 (Insecure Shiro cookie configurations in OpenDaylight Service
Function ...)
@@ -83,9 +83,9 @@ CVE-2025-29311 (Limited secret space in LLDP packets used in
onos v2.7.0 allows
CVE-2025-29310 (An issue in onos v2.7.0 allows attackers to trigger a packet
deseriali ...)
TODO: check
CVE-2025-29135 (A stack-based buffer overflow vulnerability in Tenda AC7
V15.03.06.44 ...)
- TODO: check
+ NOT-FOR-US: Tenda
CVE-2025-29100 (Tenda AC8 V16.03.34.06 is vulnerable to Buffer Overflow in the
fromSet ...)
- TODO: check
+ NOT-FOR-US: Tenda
CVE-2025-27810 (Mbed TLS before 2.28.10 and 3.x before 3.6.3, in some cases of
failed ...)
TODO: check
CVE-2025-27809 (Mbed TLS before 2.28.10 and 3.x before 3.6.3, on the client
side, acce ...)
@@ -93,17 +93,17 @@ CVE-2025-27809 (Mbed TLS before 2.28.10 and 3.x before
3.6.3, on the client side
CVE-2025-26512 (SnapCenter versions prior to 6.0.1P1 and 6.1P1 are
susceptible to a v ...)
TODO: check
CVE-2025-1798 (The does not sanitise and escape some parameters when
outputting them ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-1452 (The Favorites WordPress plugin before 2.3.5 does not sanitise
and esca ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-1320 (The teachPress plugin for WordPress is vulnerable to Cross-Site
Reques ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-0845 (The DesignThemes Core Features plugin for WordPress is
vulnerable to S ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-0717 (To exploit the vulnerability, it is necessary:)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-9770 (The WP-Recall WordPress plugin before 16.26.12 does not
sanitize and ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-8315 (An Improper Handling of Insufficient Permissions or Privileges
vulnera ...)
TODO: check
CVE-2024-8314 (An Incorrect Implementation of Authentication Algorithm and
Exposure o ...)
@@ -123,47 +123,47 @@ CVE-2024-45480 (An improper control of generation of code
('Code Injection') vul
CVE-2024-44903 (SQL Injection can occur in the SirsiDynix Horizon Information
Portal ( ...)
TODO: check
CVE-2024-13863 (The Stylish Google Sheet Reader 4.0 WordPress plugin before
4.1 does ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-13618 (The aoa-downloadable WordPress plugin through 0.1.0 lacks
authorizatio ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-13617 (The aoa-downloadable WordPress plugin through 0.1.0 doesn't
validate a ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-13123 (The AFI WordPress plugin before 1.100.0 does not sanitise and
escape ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-13122 (The AFI WordPress plugin before 1.100.0 does not sanitise and
escape ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-13118 (The IP Based Login WordPress plugin before 2.4.1 does not have
CSRF ch ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-12769 (The Simple Banner WordPress plugin before 3.0.4 does not
sanitise and ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-12682 (The Smart Maintenance Mode WordPress plugin before 1.5.2 does
not sani ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-12623 (The DICOM Support plugin for WordPress is vulnerable to Stored
Cross-S ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-12109 (The Product Labels For Woocommerce (Sale Badges) WordPress
plugin befo ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-11503 (The WP Tabs WordPress plugin before 2.2.7 does not sanitise
and escap ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-11273 (The Contact Form & SMTP Plugin for WordPress by PirateForms
WordPress ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-11272 (The Contact Form & SMTP Plugin for WordPress by PirateForms
WordPress ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-10703 (The Registrations for the Events Calendar WordPress plugin
before 2.1 ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-10679 (The Quiz and Survey Master (QSM) WordPress plugin before
9.2.1 does n ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-10638 (The Product Labels For Woocommerce (Sale Badges) WordPress
plugin befo ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-10566 (The Slider by 10Web WordPress plugin before 1.2.62 does not
sanitise ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-10565 (The Slider by 10Web WordPress plugin before 1.2.62 does not
sanitise ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-10560 (The Form Maker by 10Web WordPress plugin before 1.15.30 does
not sani ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-10554 (The WordPress WP-Advanced-Search WordPress plugin before
3.3.9.3 does ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-10472 (The Stylish Price List WordPress plugin before 7.1.12 does
not saniti ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-10210 (An External Control of File Name or Path vulnerability in the
APROL We ...)
TODO: check
CVE-2024-10209 (An Incorrect Permission Assignment for Critical Resource
vulnerability ...)
@@ -175,7 +175,7 @@ CVE-2024-10207 (A Server-Side Request Forgery vulnerability
in the APROL Web Por
CVE-2024-10206 (A Server-Side Request Forgery vulnerability in the APROL Web
Portal us ...)
TODO: check
CVE-2024-10105 (The Job Postings WordPress plugin before 2.7.11 does not
sanitise and ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-1974 (A security issue was discovered in Kubernetes where under
certain cond ...)
NOT-FOR-US: Kubernetes ingress-nginx
CVE-2025-1098 (A security issue was discovered in ingress-nginx
https://github.com/k ...)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/864ffe86e12e250554e96c0a385ef423845fcac4
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/864ffe86e12e250554e96c0a385ef423845fcac4
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
