[Git][security-tracker-team/security-tracker][master] Process some more NFUs

[Salvatore Bonaccorso (@carnil)]

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
9f68407e by Salvatore Bonaccorso at 2025-01-26T21:21:15+01:00
Process some more NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,13 +1,13 @@
 CVE-2024-31906 (IBM Automation Decision Services 23.0.2 allows web pages to be 
stored  ...)
        NOT-FOR-US: IBM
 CVE-2024-13505 (The Survey Maker plugin for WordPress is vulnerable to Stored 
Cross-Si ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2024-12334 (The WC Affiliate \u2013 A Complete WooCommerce Affiliate 
Plugin plugin ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2024-11936 (The Zox News theme for WordPress is vulnerable to unauthorized 
modific ...)
-       TODO: check
+       NOT-FOR-US: WordPress theme
 CVE-2024-11641 (The VikBooking Hotel Booking Engine & PMS plugin for WordPress 
is vuln ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2023-50946 (IBM Common Licensing 9.0  could allow an authenticated user to 
modify  ...)
        NOT-FOR-US: IBM
 CVE-2023-50945 (IBM Common Licensing 9.0 stores user credentials in plain 
clear text w ...)
@@ -15,18 +15,18 @@ CVE-2023-50945 (IBM Common Licensing 9.0 stores user 
credentials in plain clear
 CVE-2023-38009 (IBM Cognos Mobile Client 1.1 iOS may be vulnerable to 
information disc ...)
        NOT-FOR-US: IBM
 CVE-2017-20196 (A vulnerability was found in Itechscripts School Management 
Software 2 ...)
-       TODO: check
+       NOT-FOR-US: Itechscripts School Management Software
 CVE-2025-24356
        - fastd 23-1
        NOTE: 
https://github.com/neocturne/fastd/security/advisories/GHSA-pggg-vpfv-4rcv
 CVE-2025-24858 (Develocity (formerly Gradle Enterprise) before 2024.3.1 allows 
an atta ...)
-       TODO: check
+       NOT-FOR-US: Develocity (formerly Gradle Enterprise)
 CVE-2025-24814
        - lucene-solr <unfixed>
        NOTE: 
https://solr.apache.org/security.html#cve-2025-24814-apache-solr-core-creation-with-trusted-configset-can-use-arbitrary-untrusted-files
        NOTE: https://www.openwall.com/lists/oss-security/2025/01/26/1
 CVE-2024-46881 (Develocity (formerly Gradle Enterprise) before 2024.1.8 has 
Incorrect  ...)
-       TODO: check
+       NOT-FOR-US: Develocity (formerly Gradle Enterprise)
 CVE-2024-11090 (The Membership Plugin \u2013 Restrict Content plugin for 
WordPress is  ...)
        NOT-FOR-US: WordPress plugin
 CVE-2024-10705 (The Multiple Page Generator Plugin \u2013 MPG plugin for 
WordPress is  ...)



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/9f68407e56d08a4d4089b7743ecdfea2958f1d74

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/9f68407e56d08a4d4089b7743ecdfea2958f1d74
You're receiving this email because of your account on salsa.debian.org.



_______________________________________________
debian-security-tracker-commits mailing list
debian-security-tracker-commits@alioth-lists.debian.net
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits