[Git][security-tracker-team/security-tracker][master] NFUs

Moritz Muehlenhoff (@jmm) Fri, 31 Jan 2025 00:34:35 -0800


Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / 
security-tracker



Commits:
ed1d9fd3 by Moritz Muehlenhoff at 2025-01-31T09:34:02+01:00
NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,7 +1,7 @@
 CVE-2025-24886 (pwn.college is an education platform to learn about, and 
practice, cor ...)
-       TODO: check
+       NOT-FOR-US: pwn.college
 CVE-2025-24885 (pwn.college is an education platform to learn about, and 
practice, cor ...)
-       TODO: check
+       NOT-FOR-US: pwn.college
 CVE-2025-24336 (SXF Common Library handles input data improperly. If a product 
using t ...)
        TODO: check
 CVE-2025-22216 (A UAA configured with multiple identity zones, does not 
properly valid ...)
@@ -13,135 +13,135 @@ CVE-2025-0881 (A vulnerability was found in Codezips Gym 
Management System 1.0.
 CVE-2025-0880 (A vulnerability was found in Codezips Gym Management System 1.0 
and cl ...)
        TODO: check
 CVE-2025-0809 (The Link Fixer plugin for WordPress is vulnerable to Stored 
Cross-Site ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2025-0574 (Sante PACS Server URL path Memory Corruption Denial-of-Service 
Vulnera ...)
-       TODO: check
+       NOT-FOR-US: Sante PACS Server
 CVE-2025-0573 (Sante PACS Server DCM File Parsing Directory Traversal 
Arbitrary File  ...)
-       TODO: check
+       NOT-FOR-US: Sante PACS Server
 CVE-2025-0572 (Sante PACS Server Web Portal DCM File Parsing Directory 
Traversal Arbi ...)
-       TODO: check
+       NOT-FOR-US: Sante PACS Server
 CVE-2025-0571 (Sante PACS Server Web Portal DCM File Parsing Memory Corruption 
Denial ...)
-       TODO: check
+       NOT-FOR-US: Sante PACS Server
 CVE-2025-0570 (Sante PACS Server Web Portal DCM File Parsing Memory Corruption 
Denial ...)
-       TODO: check
+       NOT-FOR-US: Sante PACS Server
 CVE-2025-0569 (Sante PACS Server DCM File Parsing Memory Corruption 
Denial-of-Service ...)
-       TODO: check
+       NOT-FOR-US: Sante PACS Server
 CVE-2025-0568 (Sante PACS Server DCM File Parsing Memory Corruption 
Denial-of-Service ...)
-       TODO: check
+       NOT-FOR-US: Sante PACS Server
 CVE-2025-0507 (The Ticketmeo \u2013 Sell Tickets \u2013 Event Ticketing plugin 
for Wo ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2025-0493 (The MultiVendorX \u2013 The Ultimate WooCommerce Multivendor 
Marketpla ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2025-0470 (The Forminator Forms \u2013 Contact Form, Payment Form & Custom 
Form B ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2024-53007 (Bentley Systems ProjectWise Integration Server before 
10.00.03.288 all ...)
        TODO: check
 CVE-2024-52875 (An issue was discovered in GFI Kerio Control 9.2.5 through 
9.4.5. The  ...)
        TODO: check
 CVE-2024-47900 (Software installed and run as a non-privileged user may 
conduct improp ...)
-       TODO: check
+       NOT-FOR-US: Imagination Technologies
 CVE-2024-47899 (Software installed and run as a non-privileged user may 
conduct improp ...)
-       TODO: check
+       NOT-FOR-US: Imagination Technologies
 CVE-2024-47898 (Software installed and run as a non-privileged user may 
conduct improp ...)
-       TODO: check
+       NOT-FOR-US: Imagination Technologies
 CVE-2024-47891 (Software installed and run as a non-privileged user may 
conduct improp ...)
-       TODO: check
+       NOT-FOR-US: Imagination Technologies
 CVE-2024-46974 (Software installed and run as a non-privileged user may 
conduct improp ...)
-       TODO: check
+       NOT-FOR-US: Imagination Technologies
 CVE-2024-24731 (This vulnerability allows network-adjacent attackers to 
execute arbitr ...)
-       TODO: check
+       NOT-FOR-US: Silabs
 CVE-2024-23973 (This vulnerability allows network-adjacent attackers to 
execute arbitr ...)
-       TODO: check
+       NOT-FOR-US: Silabs
 CVE-2024-23971 (This vulnerability allows network-adjacent attackers to 
execute arbitr ...)
-       TODO: check
+       NOT-FOR-US: ChargePoint Home Flex
 CVE-2024-23970 (This vulnerability allows network-adjacent attackers to 
compromise tra ...)
-       TODO: check
+       NOT-FOR-US: ChargePoint Home Flex
 CVE-2024-23969 (This vulnerability allows network-adjacent attackers to 
execute arbitr ...)
-       TODO: check
+       NOT-FOR-US: ChargePoint Home Flex
 CVE-2024-23968 (This vulnerability allows network-adjacent attackers to 
execute arbitr ...)
-       TODO: check
+       NOT-FOR-US: ChargePoint Home Flex
 CVE-2024-23963 (This vulnerability allows network-adjacent attackers to 
execute arbitr ...)
-       TODO: check
+       NOT-FOR-US: Alpine Halo9
 CVE-2024-23962 (This vulnerability allows remote attackers to disclose 
sensitive infor ...)
-       TODO: check
+       NOT-FOR-US: Alpine Halo9
 CVE-2024-23937 (This vulnerability allows network-adjacent attackers to 
disclose sensi ...)
-       TODO: check
+       NOT-FOR-US: Silabs
 CVE-2024-23930 (This vulnerability allows network-adjacent attackers to create 
a denia ...)
-       TODO: check
+       NOT-FOR-US: Pioneer
 CVE-2024-23929 (This vulnerability allows network-adjacent attackers to create 
arbitra ...)
-       TODO: check
+       NOT-FOR-US: Pioneer
 CVE-2024-23928 (This vulnerability allows network-adjacent attackers to 
compromise the ...)
-       TODO: check
+       NOT-FOR-US: Pioneer
 CVE-2024-23921 (This vulnerability allows network-adjacent attackers to 
execute arbitr ...)
-       TODO: check
+       NOT-FOR-US: ChargePoint Home Flex
 CVE-2024-23920 (This vulnerability allows network-adjacent attackers to 
execute arbitr ...)
-       TODO: check
+       NOT-FOR-US: ChargePoint Home Flex
 CVE-2024-1211 (An issue has been discovered in GitLab CE/EE affecting all 
versions st ...)
        TODO: check
 CVE-2024-13817
        REJECTED
 CVE-2024-13767 (The Live2DWebCanvas plugin for WordPress is vulnerable to 
arbitrary fi ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2024-13717 (The Contact Form and Calls To Action by vcita plugin for 
WordPress is  ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2024-13623 (The Order Export for WooCommerce plugin for WordPress is 
vulnerable to ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2024-13530 (The Custom Login Page Styler \u2013 Limit Login Attempts 
\u2013 Restri ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2024-13504 (The Shared Files \u2013 Frontend File Upload Form & Secure 
File Sharin ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2024-13463 (The SeatReg plugin for WordPress is vulnerable to Stored 
Cross-Site Sc ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2024-13424 (The Ni Sales Commission For WooCommerce plugin for WordPress 
is vulner ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2024-13415 (The Food Menu \u2013 Restaurant Menu & Online Ordering for 
WooCommerce ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2024-13399 (The Gosign \u2013 Posts Slider Block plugin for WordPress is 
vulnerabl ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2024-13397 (The WPRadio \u2013 WordPress Radio Streaming Plugin plugin for 
WordPre ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2024-13396 (The Frictionless plugin for WordPress is vulnerable to Stored 
Cross-Si ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2024-13226 (The A5 Custom Login Page WordPress plugin through 2.8.1 does 
not sanit ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2024-13225 (The ECT Home Page Products WordPress plugin through 1.9 does 
not sanit ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2024-13224 (The SlideDeck 1 Lite Content Slider WordPress plugin through 
1.4.8 doe ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2024-13223 (The Tabulate WordPress plugin through 2.10.3 does not sanitise 
and esc ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2024-13222 (The User Messages WordPress plugin through 1.2.4 does not 
sanitise and ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2024-13221 (The Fantastic ElasticSearch WordPress plugin through 4.1.0 
does not sa ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2024-13220 (The WordPress Google Map Professional (Map In Your Language) 
WordPress ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2024-13219 (The Privacy Policy Genius WordPress plugin through 2.0.4 does 
not sani ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2024-13218 (The Fast Tube WordPress plugin through 2.3.1 does not sanitise 
and esc ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2024-13216 (The HT Event \u2013 WordPress Event Manager Plugin for 
Elementor plugi ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2024-13112 (The WP MediaTagger WordPress plugin through 4.1.1 does not 
sanitise an ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2024-13101 (The WP MediaTagger WordPress plugin through 4.1.1 does not 
validate an ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2024-13100 (The OPSI Israel Domestic Shipments WordPress plugin through 
2.6.3 does ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2024-12872 (The Zalomen\xed WordPress plugin through 1.5 does not sanitise 
and esc ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2024-12772 (The Ninja Tables  WordPress plugin before 5.0.17 does not 
sanitize and ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2024-12275 (The Canvasflow for WordPress plugin through 1.5.5 does not 
sanitise an ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2024-11886 (The Contact Form and Calls To Action by vcita plugin for 
WordPress is  ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2024-11611 (AutomationDirect C-More EA9 EAP9 File Parsing Memory 
Corruption Remote ...)
-       TODO: check
+       NOT-FOR-US: AutomationDirect
 CVE-2024-11610 (AutomationDirect C-More EA9 EAP9 File Parsing Memory 
Corruption Remote ...)
-       TODO: check
+       NOT-FOR-US: AutomationDirect
 CVE-2024-11609 (AutomationDirect C-More EA9 EAP9 File Parsing Stack-based 
Buffer Overf ...)
-       TODO: check
+       NOT-FOR-US: AutomationDirect
 CVE-2024-10867 (The Borderless \u2013 Widgets, Elements, Templates and Toolkit 
for Ele ...)
        TODO: check
 CVE-2023-6195 (An issue has been discovered in GitLab CE/EE affecting all 
versions st ...)



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/ed1d9fd3431a7f5b7d0248fced96a3e54282c850

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/ed1d9fd3431a7f5b7d0248fced96a3e54282c850
You're receiving this email because of your account on salsa.debian.org.

_______________________________________________
debian-security-tracker-commits mailing list
debian-security-tracker-commits@alioth-lists.debian.net
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

[Git][security-tracker-team/security-tracker][master] NFUs

Reply via email to