Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
daf195e4 by Salvatore Bonaccorso at 2025-01-13T22:43:08+01:00
Process some NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -3,61 +3,61 @@ CVE-2025-23027 (next-forge is a Next.js project boilerplate
for modern web appli
CVE-2025-23026 (jte (Java Template Engine) is a secure and lightweight
template engine ...)
TODO: check
CVE-2025-22963 (Teedy through 1.11 allows CSRF for account takeover via POST
/api/user ...)
- TODO: check
+ NOT-FOR-US: TeedyTeedy
CVE-2025-22828 (CloudStack users can add and read comments (annotations) on
resources ...)
TODO: check
CVE-2025-22800 (Missing Authorization vulnerability in Post SMTP Post SMTP
allows Expl ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-22777 (Deserialization of Untrusted Data vulnerability in GiveWP
GiveWP allow ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-22588 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-22586 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-22583 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-22576 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-22570 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-22569 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-22568 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-22567 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-22514 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-22506 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-22499 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-22498 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-22344 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-22337 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-22314 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-22144 (NamelessMC is a free, easy to use & powerful website software
for Mine ...)
- TODO: check
+ NOT-FOR-US: NamelessMC
CVE-2025-22142 (NamelessMC is a free, easy to use & powerful website software
for Mine ...)
- TODO: check
+ NOT-FOR-US: NamelessMC
CVE-2024-6352 (A malformed packet can cause a buffer overflow in the APS layer
of the ...)
TODO: check
CVE-2024-5743 (An attacker could exploit the 'Use of Password Hash With
Insufficient ...)
- TODO: check
+ NOT-FOR-US: EveHome Eve Play
CVE-2024-57488 (Code-Projects Online Car Rental System 1.0 is vulnerable to
Cross Site ...)
- TODO: check
+ NOT-FOR-US: Code-Projects Online Car Rental System
CVE-2024-57487 (In Code-Projects Online Car Rental System 1.0, the file upload
feature ...)
- TODO: check
+ NOT-FOR-US: Code-Projects Online Car Rental System
CVE-2024-56301 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: Eniture Technology Distance Based Shipping Calculator
CVE-2024-56065 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: Saleswonder.biz Team WP2LEADS
CVE-2024-54999 (MonicaHQ v4.1.2 was discovered to contain a Client-Side
Injection vuln ...)
- TODO: check
+ NOT-FOR-US: MonicaHQ
CVE-2024-52938 (Kernel software installed and running inside a Guest VM may
post impro ...)
TODO: check
CVE-2024-52937 (Kernel software installed and running inside a Guest VM may
exploit me ...)
@@ -71,7 +71,7 @@ CVE-2024-52333 (An improper array index validation
vulnerability exists in the d
CVE-2024-51728
REJECTED
CVE-2024-48883 (An issue was discovered in Samsung Mobile Processor, Wearable
Processo ...)
- TODO: check
+ NOT-FOR-US: Samsung
CVE-2024-47897 (Software installed and run as a non-privileged user may
conduct improp ...)
TODO: check
CVE-2024-47895 (Kernel software installed and running inside a Guest VM may
post impro ...)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/daf195e49c68a01f3aba32bd039db504fe74a79f
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/daf195e49c68a01f3aba32bd039db504fe74a79f
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
debian-security-tracker-commits@alioth-lists.debian.net
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
