[Git][security-tracker-team/security-tracker][master] NFUs

Moritz Muehlenhoff (@jmm) Tue, 25 Mar 2025 02:18:51 -0700


Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / 
security-tracker



Commits:
8e434f22 by Moritz Muehlenhoff at 2025-03-25T10:18:03+01:00
NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -5,11 +5,11 @@ CVE-2025-2751 (A vulnerability has been found in Open Asset 
Import Library Assim
 CVE-2025-2750 (A vulnerability, which was classified as critical, was found in 
Open A ...)
        TODO: check
 CVE-2025-2744 (A vulnerability, which was classified as critical, was found in 
zhijia ...)
-       TODO: check
+       NOT-FOR-US: ruoyi-vue-pro
 CVE-2025-2743 (A vulnerability, which was classified as problematic, has been 
found i ...)
-       TODO: check
+       NOT-FOR-US: ruoyi-vue-pro
 CVE-2025-2742 (A vulnerability classified as critical was found in 
zhijiantianya ruoy ...)
-       TODO: check
+       NOT-FOR-US: ruoyi-vue-pro
 CVE-2025-2740 (A vulnerability classified as critical has been found in 
PHPGurukul Ol ...)
        NOT-FOR-US: PHPGurukul
 CVE-2025-2739 (A vulnerability was found in PHPGurukul Old Age Home Management 
System ...)
@@ -25,7 +25,7 @@ CVE-2025-2735 (A vulnerability has been found in PHPGurukul 
Old Age Home Managem
 CVE-2025-2734 (A vulnerability, which was classified as critical, was found in 
PHPGur ...)
        NOT-FOR-US: PHPGurukul
 CVE-2025-2733 (A vulnerability classified as critical has been found in 
mannaandpoem  ...)
-       TODO: check
+       NOT-FOR-US: OpenManus
 CVE-2025-2732 (A vulnerability was found in H3C Magic NX15, Magic NX30 Pro, 
Magic NX4 ...)
        NOT-FOR-US: H3C Magic
 CVE-2025-2731 (A vulnerability was found in H3C Magic NX15, Magic NX30 Pro, 
Magic NX4 ...)
@@ -59,29 +59,29 @@ CVE-2025-2716 (A vulnerability classified as problematic 
was found in China Mobi
 CVE-2025-2715 (A vulnerability classified as problematic has been found in 
timschofie ...)
        TODO: check
 CVE-2025-2714 (A vulnerability was found in JoomlaUX JUX Real Estate 3.4.0. It 
has be ...)
-       TODO: check
+       NOT-FOR-US:  JoomlaUX JUX Real Estate
 CVE-2025-2712 (A vulnerability was found in Yonyou UFIDA ERP-NC 5.0. It has 
been decl ...)
-       TODO: check
+       NOT-FOR-US: Yonyou UFIDA ERP-NC
 CVE-2025-2711 (A vulnerability was found in Yonyou UFIDA ERP-NC 5.0. It has 
been clas ...)
-       TODO: check
+       NOT-FOR-US: Yonyou UFIDA ERP-NC
 CVE-2025-2710 (A vulnerability was found in Yonyou UFIDA ERP-NC 5.0 and 
classified as ...)
-       TODO: check
+       NOT-FOR-US: Yonyou UFIDA ERP-NC
 CVE-2025-2252 (The Easy Digital Downloads \u2013 eCommerce Payments and 
Subscriptions ...)
        NOT-FOR-US: WordPress plugin
 CVE-2025-2224 (The Directorist: AI-Powered Business Directory Plugin with 
Classified  ...)
        NOT-FOR-US: WordPress plugin
 CVE-2025-29315 (An issue in the Shiro-based RBAC (Role-based Access Control) 
mechanism ...)
-       TODO: check
+       NOT-FOR-US: OpenDayLight
 CVE-2025-29314 (Insecure Shiro cookie configurations in OpenDaylight Service 
Function  ...)
        NOT-FOR-US: OpenDayLight
 CVE-2025-29313 (Use of incorrectly resolved name or reference in OpenDaylight 
Service  ...)
        NOT-FOR-US: OpenDayLight
 CVE-2025-29312 (An issue in onos v2.7.0 allows attackers to trigger unexpected 
behavio ...)
-       TODO: check
+       NOT-FOR-US: Open Network Operating System (ONOS)
 CVE-2025-29311 (Limited secret space in LLDP packets used in onos v2.7.0 
allows attack ...)
-       TODO: check
+       NOT-FOR-US: Open Network Operating System (ONOS)
 CVE-2025-29310 (An issue in onos v2.7.0 allows attackers to trigger a packet 
deseriali ...)
-       TODO: check
+       NOT-FOR-US: Open Network Operating System (ONOS)
 CVE-2025-29135 (A stack-based buffer overflow vulnerability in Tenda AC7 
V15.03.06.44  ...)
        NOT-FOR-US: Tenda
 CVE-2025-29100 (Tenda AC8 V16.03.34.06 is vulnerable to Buffer Overflow in the 
fromSet ...)
@@ -105,21 +105,21 @@ CVE-2025-0717 (To exploit the vulnerability, it is 
necessary:)
 CVE-2024-9770 (The WP-Recall  WordPress plugin before 16.26.12 does not 
sanitize and  ...)
        NOT-FOR-US: WordPress plugin
 CVE-2024-8315 (An Improper Handling of Insufficient Permissions or Privileges 
vulnera ...)
-       TODO: check
+       NOT-FOR-US: ABB group
 CVE-2024-8314 (An Incorrect Implementation of Authentication Algorithm and 
Exposure o ...)
-       TODO: check
+       NOT-FOR-US: ABB group
 CVE-2024-8313 (An Exposure of Sensitive System Information to an Unauthorized 
Control ...)
-       TODO: check
+       NOT-FOR-US: ABB group
 CVE-2024-45484 (An Allocation of Resources Without Limits or Throttling 
vulnerability  ...)
-       TODO: check
+       NOT-FOR-US: ABB group
 CVE-2024-45483 (A Missing Authentication for Critical Function vulnerability 
in the GR ...)
-       TODO: check
+       NOT-FOR-US: ABB group
 CVE-2024-45482 (An Inclusion of Functionality from Untrusted Control Sphere 
vulnerabil ...)
-       TODO: check
+       NOT-FOR-US: ABB group
 CVE-2024-45481 (An Incomplete Filtering of Special Elements vulnerability in 
scripts u ...)
-       TODO: check
+       NOT-FOR-US: ABB group
 CVE-2024-45480 (An improper control of generation of code ('Code Injection') 
vulnerabi ...)
-       TODO: check
+       NOT-FOR-US: ABB group
 CVE-2024-44903 (SQL Injection can occur in the SirsiDynix Horizon Information 
Portal ( ...)
        TODO: check
 CVE-2024-13863 (The Stylish Google Sheet Reader 4.0  WordPress plugin before 
4.1 does  ...)
@@ -165,15 +165,15 @@ CVE-2024-10554 (The WordPress WP-Advanced-Search 
WordPress plugin before 3.3.9.3
 CVE-2024-10472 (The Stylish Price List  WordPress plugin before 7.1.12 does 
not saniti ...)
        NOT-FOR-US: WordPress plugin
 CVE-2024-10210 (An External Control of File Name or Path vulnerability in the 
APROL We ...)
-       TODO: check
+       NOT-FOR-US: ABB group
 CVE-2024-10209 (An Incorrect Permission Assignment for Critical Resource 
vulnerability ...)
-       TODO: check
+       NOT-FOR-US: ABB group
 CVE-2024-10208 (An Improper Neutralization of Input During Web Page Generation 
vulnera ...)
-       TODO: check
+       NOT-FOR-US: ABB group
 CVE-2024-10207 (A Server-Side Request Forgery vulnerability in the APROL Web 
Portal us ...)
-       TODO: check
+       NOT-FOR-US: ABB group
 CVE-2024-10206 (A Server-Side Request Forgery vulnerability in the APROL Web 
Portal us ...)
-       TODO: check
+       NOT-FOR-US: ABB group
 CVE-2024-10105 (The Job Postings WordPress plugin before 2.7.11 does not 
sanitise and  ...)
        NOT-FOR-US: WordPress plugin
 CVE-2025-1974 (A security issue was discovered in Kubernetes where under 
certain cond ...)



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/8e434f22e2536f87e5945f9c7b5bb9285f3a198b

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/8e434f22e2536f87e5945f9c7b5bb9285f3a198b
You're receiving this email because of your account on salsa.debian.org.

_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

[Git][security-tracker-team/security-tracker][master] NFUs

Reply via email to