[Git][security-tracker-team/security-tracker][master] Process some NFUs

Salvatore Bonaccorso (@carnil) Fri, 21 Feb 2025 12:18:10 -0800


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker



Commits:
d78c56f8 by Salvatore Bonaccorso at 2025-02-21T21:17:34+01:00
Process some NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -29,11 +29,11 @@ CVE-2025-25605 (Totolink X5000R V9.1.0u.6369_B20230113 is 
vulnerable to command
 CVE-2025-25604 (Totolink X5000R V9.1.0u.6369_B20230113 is vulnerable to 
command inject ...)
        TODO: check
 CVE-2025-25510 (Tenda AC8 V16.03.34.06 is vulnerable to Buffer Overflow in the 
get_par ...)
-       TODO: check
+       NOT-FOR-US: Tenda
 CVE-2025-25507 (There is a RCE vulnerability in Tenda AC6 15.03.05.16_multi. 
In the fo ...)
-       TODO: check
+       NOT-FOR-US: Tenda
 CVE-2025-25505 (Tenda AC6 15.03.05.16_multi is vulnerable to Buffer Overflow 
in the su ...)
-       TODO: check
+       NOT-FOR-US: Tenda
 CVE-2025-1548 (A vulnerability was found in iteachyou Dreamer CMS 4.1.3. It 
has been  ...)
        TODO: check
 CVE-2025-1546 (A vulnerability has been found in BDCOM Behavior Management and 
Auditi ...)
@@ -53,17 +53,17 @@ CVE-2025-1536 (A vulnerability was found in Raisecom 
Multi-Service Intelligent G
 CVE-2025-1535 (A vulnerability was found in Baiyi Cloud Asset Management 
System 8.142 ...)
        TODO: check
 CVE-2025-1489 (The WP-Appbox plugin for WordPress is vulnerable to Stored 
Cross-Site  ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2025-1471 (In Eclipse OMR versions 0.2.0 to 0.4.0, some of the z/OS atoe 
print fu ...)
        TODO: check
 CVE-2025-1470 (In Eclipse OMR, from the initial contribution to version 0.4.0, 
some O ...)
        TODO: check
 CVE-2025-1410 (The Events Calendar Made Simple \u2013 Pie Calendar plugin for 
WordPre ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2025-1403 (Qiskit SDK 0.45.0 through 1.2.4 could allow a remote attacker 
to cause ...)
        TODO: check
 CVE-2025-1402 (The Event Tickets and Registration plugin for WordPress is 
vulnerable  ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2025-0838 (There exists a heap buffer overflow vulnerable in Abseil-cpp. 
The size ...)
        TODO: check
 CVE-2025-0728 (In NetX HTTP server functionality of Eclipse ThreadX NetX Duo 
before   ...)
@@ -83,25 +83,25 @@ CVE-2024-55156 (An XML External Entity (XXE) vulnerability 
in the deserializeArg
 CVE-2024-45673 (IBM Security Verify Bridge Directory Sync 1.0.1 through 
1.0.12, IBM Se ...)
        TODO: check
 CVE-2024-13900 (The Head, Footer and Post Injections plugin for WordPress is 
vulnerabl ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2024-13846 (The Indeed Ultimate Learning Pro plugin for WordPress is 
vulnerable to ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2024-13713 (The WPExperts Square For GiveWP plugin for WordPress is 
vulnerable to  ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2024-13648 (The Maps for WP plugin for WordPress is vulnerable to Stored 
Cross-Sit ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2024-13461 (The Autoship Cloud for WooCommerce Subscription Products 
plugin for Wo ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2024-13455 (The igumbi Online Booking plugin for WordPress is vulnerable 
to Stored ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2024-13353 (The Responsive Addons for Elementor \u2013 Free Elementor 
Addons Plugi ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2024-12452 (The Ziggeo plugin for WordPress is vulnerable to Stored 
Cross-Site Scr ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2024-12276 (The Ultimate Member \u2013 User Profile, Registration, Login, 
Member D ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2024-10222 (The SVG Support plugin for WordPress is vulnerable to Stored 
Cross-Sit ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2025-26794 (Exim 4.98 before 4.98.1, when SQLite hints and ETRN 
serialization are  ...)
        - exim4 4.98-4 (unimportant)
        [bookworm] - exim4 <not-affected> (Vulnerable code not present)



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/d78c56f8dec318631d8b259034e452cf908bff48

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/d78c56f8dec318631d8b259034e452cf908bff48
You're receiving this email because of your account on salsa.debian.org.

_______________________________________________
debian-security-tracker-commits mailing list
debian-security-tracker-commits@alioth-lists.debian.net
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

[Git][security-tracker-team/security-tracker][master] Process some NFUs

Reply via email to