[Git][security-tracker-team/security-tracker][master] Process some NFUs

Salvatore Bonaccorso (@carnil) Fri, 28 Mar 2025 03:19:24 -0700


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker



Commits:
3ef086aa by Salvatore Bonaccorso at 2025-03-28T09:14:52+01:00
Process some NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,9 +1,9 @@
 CVE-2025-31101 (Improper Neutralization of Input During Web Page Generation 
('Cross-si ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin or theme
 CVE-2025-31092 (Improper Neutralization of Input During Web Page Generation 
('Cross-si ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin or theme
 CVE-2025-31031 (Improper Neutralization of Input During Web Page Generation 
('Cross-si ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin or theme
 CVE-2025-2894 (The Go1also known as "The World's First Intelligence Bionic 
Quadruped  ...)
        TODO: check
 CVE-2025-2888 (During a snapshot rollback, the client incorrectly caches the 
timestam ...)
@@ -17,71 +17,71 @@ CVE-2025-2885 (Missing validation of the root metatdata 
version number could all
 CVE-2025-2878 (A vulnerability was found in Kentico CMS up to 13.0.178. It has 
been d ...)
        TODO: check
 CVE-2025-2804 (The tagDiv Composer plugin for WordPress, used by the Newspaper 
theme, ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2025-2578 (The Booking for Appointments and Events Calendar &#8211; Amelia 
plugin ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2025-2485 (The Drag and Drop Multiple File Upload for Contact Form 7 
plugin for W ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2025-2328 (The Drag and Drop Multiple File Upload for Contact Form 7 
plugin for W ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2025-2294 (The Kubio AI Page Builder plugin for WordPress is vulnerable to 
Local  ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2025-2074 (The Advanced Google reCAPTCHA plugin for WordPress is 
vulnerable to ge ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2025-2027 (A double free vulnerability has been identified in the ASUS 
System Ana ...)
        TODO: check
 CVE-2025-28253 (Cross-Site Scripting (XSS) vulnerability in MainWP MainWP 
Dashboard v5 ...)
        TODO: check
 CVE-2025-26956 (Missing Authorization vulnerability in Shinetheme 
Traveler.This issue  ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin or theme
 CVE-2025-26898 (Improper Neutralization of Special Elements used in an SQL 
Command ('S ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin or theme
 CVE-2025-26890 (Improper Control of Filename for Include/Require Statement in 
PHP Prog ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin or theme
 CVE-2025-26874 (Improper Neutralization of Input During Web Page Generation 
('Cross-si ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin or theme
 CVE-2025-26873 (Deserialization of Untrusted Data vulnerability in Shinetheme 
Traveler ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin or theme
 CVE-2025-26733 (Missing Authorization vulnerability in Shinetheme 
Traveler.This issue  ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin or theme
 CVE-2025-24386 (Dell Unity, version(s) 5.4 and prior, contain(s) an Improper 
Neutraliz ...)
-       TODO: check
+       NOT-FOR-US: Dell / EMC
 CVE-2025-24385 (Dell Unity, version(s) 5.4 and prior, contain(s) an Improper 
Neutraliz ...)
-       TODO: check
+       NOT-FOR-US: Dell / EMC
 CVE-2025-24383 (Dell Unity, version(s) 5.4 and prior, contain(s) an Improper 
Neutraliz ...)
-       TODO: check
+       NOT-FOR-US: Dell / EMC
 CVE-2025-24382 (Dell Unity, version(s) 5.4 and prior, contain(s) an Improper 
Neutraliz ...)
-       TODO: check
+       NOT-FOR-US: Dell / EMC
 CVE-2025-24381 (Dell Unity, version(s) 5.4 and prior, contain(s) an URL 
Redirection to ...)
-       TODO: check
+       NOT-FOR-US: Dell / EMC
 CVE-2025-24380 (Dell Unity, version(s) 5.4 and prior, contain(s) an Improper 
Neutraliz ...)
-       TODO: check
+       NOT-FOR-US: Dell / EMC
 CVE-2025-24379 (Dell Unity, version(s) 5.4 and prior, contain(s) an Improper 
Neutraliz ...)
-       TODO: check
+       NOT-FOR-US: Dell / EMC
 CVE-2025-24378 (Dell Unity, version(s) 5.4 and prior, contain(s) an Improper 
Neutraliz ...)
-       TODO: check
+       NOT-FOR-US: Dell / EMC
 CVE-2025-24377 (Dell Unity, version(s) 5.4 and prior, contain(s) an Improper 
Neutraliz ...)
-       TODO: check
+       NOT-FOR-US: Dell / EMC
 CVE-2025-23383 (Dell Unity, version(s) 5.4 and prior, contain(s) an Improper 
Neutraliz ...)
-       TODO: check
+       NOT-FOR-US: Dell / EMC
 CVE-2025-22740 (Missing Authorization vulnerability in Automattic Sensei LMS 
allows Ex ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin or theme
 CVE-2025-22739 (Missing Authorization vulnerability in ThimPress LearnPress 
allows Exp ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin or theme
 CVE-2025-22398 (Dell Unity, version(s) 5.4 and prior, contain(s) an Improper 
Neutraliz ...)
-       TODO: check
+       NOT-FOR-US: Dell / EMC
 CVE-2025-1860 (Data::Entropy for Perl 0.007 and earlier use the rand() 
function as th ...)
        TODO: check
 CVE-2025-1762 (The Event Tickets with Ticket Scanner WordPress plugin before 
2.5.4 do ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2024-49601 (Dell Unity, version(s) 5.4 and prior, contain(s) an Improper 
Neutraliz ...)
-       TODO: check
+       NOT-FOR-US: Dell / EMC
 CVE-2024-49565 (Dell Unity, version(s) 5.4 and prior, contain(s) an Improper 
Neutraliz ...)
-       TODO: check
+       NOT-FOR-US: Dell / EMC
 CVE-2024-49564 (Dell Unity, version(s) 5.4 and prior, contain(s) an Improper 
Neutraliz ...)
-       TODO: check
+       NOT-FOR-US: Dell / EMC
 CVE-2024-49563 (Dell Unity, version(s) 5.4 and prior, contain(s) an Improper 
Neutraliz ...)
-       TODO: check
+       NOT-FOR-US: Dell / EMC
 CVE-2024-13939 (String::Compare::ConstantTime for Perl through 0.321 is 
vulnerable to  ...)
        TODO: check
 CVE-2024-56325



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/3ef086aa6d41a602fafea8d2c9cfcc547acbc151

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/3ef086aa6d41a602fafea8d2c9cfcc547acbc151
You're receiving this email because of your account on salsa.debian.org.

_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

[Git][security-tracker-team/security-tracker][master] Process some NFUs

Reply via email to