[Git][security-tracker-team/security-tracker][master] Process some NFUs

Salvatore Bonaccorso (@carnil) Wed, 08 Jan 2025 13:23:29 -0800


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker



Commits:
319f55df by Salvatore Bonaccorso at 2025-01-08T22:22:07+01:00
Process some NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,45 +1,45 @@
 CVE-2025-22143 (WeGIA is a web manager for charitable institutions. A 
Reflected Cross- ...)
-       TODO: check
+       NOT-FOR-US: WeGIA
 CVE-2025-22141 (WeGIA is a web manager for charitable institutions. A SQL 
Injection vu ...)
-       TODO: check
+       NOT-FOR-US: WeGIA
 CVE-2025-22140 (WeGIA is a web manager for charitable institutions. A SQL 
Injection vu ...)
-       TODO: check
+       NOT-FOR-US: WeGIA
 CVE-2025-22139 (WeGIA is a web manager for charitable institutions. A 
Reflected Cross- ...)
-       TODO: check
+       NOT-FOR-US: WeGIA
 CVE-2025-22137 (Pingvin Share is a self-hosted file sharing platform and an 
alternativ ...)
-       TODO: check
+       NOT-FOR-US: Pingvin Share
 CVE-2025-22136 (Tabby (formerly Terminus) is a highly configurable terminal 
emulator.  ...)
-       TODO: check
+       NOT-FOR-US: Tabby (formerly Terminus, but not the same as src:terminus)
 CVE-2025-22130 (Soft Serve is a self-hostable Git server for the command line. 
Prior t ...)
-       TODO: check
+       NOT-FOR-US: Soft Serve
 CVE-2025-21111 (Dell VxRail, versions 8.0.000 through 8.0.311, contain(s) a 
Plaintext  ...)
-       TODO: check
+       NOT-FOR-US: Dell
 CVE-2025-21102 (Dell VxRail, versions 7.0.000 through 7.0.532, contain(s) a 
Plaintext  ...)
-       TODO: check
+       NOT-FOR-US: Dell
 CVE-2025-20168 (A vulnerability in the web-based management interface of Cisco 
Common  ...)
-       TODO: check
+       NOT-FOR-US: Cisco
 CVE-2025-20167 (A vulnerability in the web-based management interface of Cisco 
Common  ...)
-       TODO: check
+       NOT-FOR-US: Cisco
 CVE-2025-20166 (A vulnerability in the web-based management interface of Cisco 
Common  ...)
-       TODO: check
+       NOT-FOR-US: Cisco
 CVE-2025-20126 (A vulnerability in certification validation routines of Cisco 
Thousand ...)
-       TODO: check
+       NOT-FOR-US: Cisco
 CVE-2025-20123 (Multiple vulnerabilities in the web-based management interface 
of Cisc ...)
-       TODO: check
+       NOT-FOR-US: Cisco
 CVE-2025-0194 (An issue was discovered in GitLab CE/EE affecting all versions 
startin ...)
        TODO: check
 CVE-2024-9939 (The WordPress File Upload plugin for WordPress is vulnerable to 
Path T ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2024-6350 (A malformed 802.15.4 packet causes a buffer overflow to occur 
leading  ...)
        TODO: check
 CVE-2024-55656 (RedisBloom adds a set of probabilistic data structures to 
Redis. There ...)
-       TODO: check
+       NOT-FOR-US: RedisBloom
 CVE-2024-55517 (An issue was discovered in the Interllect Core Search in 
Polaris FT In ...)
-       TODO: check
+       NOT-FOR-US: Polaris FT Intellect Core Banking
 CVE-2024-55459 (An issue in keras 3.7.0 allows attackers to write arbitrary 
files to t ...)
        TODO: check
 CVE-2024-54818 (SourceCodester Computer Laboratory Management System 1.0 is 
vulnerable ...)
-       TODO: check
+       NOT-FOR-US: SourceCodester Computer Laboratory Management System
 CVE-2024-53526 (composio >=0.5.40 is vulnerable to Command Execution in 
composio_opena ...)
        TODO: check
 CVE-2024-51737 (RediSearch is a Redis module that provides querying, secondary 
indexin ...)
@@ -176,7 +176,7 @@ CVE-2025-21603 (Cross-site scripting vulnerability exists 
in MZK-DP300N firmware
 CVE-2024-9673 (The Piotnet Addons For Elementor plugin for WordPress is 
vulnerable to ...)
        NOT-FOR-US: WordPress plugin
 CVE-2024-8002 (A vulnerability has been found in VIWIS LMS 9.11 and classified 
as pro ...)
-       TODO: check
+       NOT-FOR-US: VIWIS LMS
 CVE-2024-56456 (Vulnerability of input parameters not being verified during 
glTF model ...)
        NOT-FOR-US: Huawei
 CVE-2024-56455 (Vulnerability of input parameters not being verified during 
glTF model ...)



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/319f55df5f04750cd48acc8479ddb09b531fef9c

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/319f55df5f04750cd48acc8479ddb09b531fef9c
You're receiving this email because of your account on salsa.debian.org.

_______________________________________________
debian-security-tracker-commits mailing list
debian-security-tracker-commits@alioth-lists.debian.net
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

[Git][security-tracker-team/security-tracker][master] Process some NFUs

Reply via email to