[Git][security-tracker-team/security-tracker][master] NFUs

Moritz Muehlenhoff (@jmm) Sat, 05 Apr 2025 10:24:30 -0700


Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / 
security-tracker



Commits:
2049f3b4 by Moritz Muehlenhoff at 2025-03-31T14:02:35+02:00
NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -4,13 +4,13 @@ CVE-2025-31177
        NOTE: No security impact, gnuplot can execute arbitrary commands and 
need to
        NOTE: come from a trusted source, see README.Debian.security (added in 
5.2.6).
 CVE-2025-3019 (KNIME Business Hub is affected by several cross-site scripting 
vulnera ...)
-       TODO: check
+       NOT-FOR-US: KNIME Business Hub
 CVE-2025-3014 (Insecure Direct Object References (IDOR) in access control in 
Tracking ...)
-       TODO: check
+       NOT-FOR-US: NightWolf Penetration Platform
 CVE-2025-3013 (Insecure Direct Object References (IDOR) in access control in 
Customer ...)
-       TODO: check
+       NOT-FOR-US: NightWolf Penetration Platform
 CVE-2025-3011 (SOOP-CLM from PiExtract has a SQL Injection vulnerability, 
allowing un ...)
-       TODO: check
+       NOT-FOR-US: PiExtract
 CVE-2025-31417 (Missing Authorization vulnerability in Fahad Mahmood WP Docs 
allows Ex ...)
        NOT-FOR-US: WordPress plugin or theme
 CVE-2025-31414 (Improper Neutralization of Input During Web Page Generation 
('Cross-si ...)
@@ -20,7 +20,7 @@ CVE-2025-31412 (Improper Neutralization of Input During Web 
Page Generation ('Cr
 CVE-2025-31387 (Improper Control of Filename for Include/Require Statement in 
PHP Prog ...)
        NOT-FOR-US: WordPress plugin or theme
 CVE-2025-31103 (Untrusted data deserialization vulnerability exists in a-blog 
cms. Pro ...)
-       TODO: check
+       NOT-FOR-US: a-blog cms
 CVE-2025-31043 (Improper Neutralization of Input During Web Page Generation 
('Cross-si ...)
        NOT-FOR-US: WordPress plugin or theme
 CVE-2025-31016 (Improper Control of Filename for Include/Require Statement in 
PHP Prog ...)
@@ -32,47 +32,47 @@ CVE-2025-30855 (Missing Authorization vulnerability in Ads 
by WPQuads Ads by WPQ
 CVE-2025-30835 (Improper Control of Filename for Include/Require Statement in 
PHP Prog ...)
        NOT-FOR-US: WordPress plugin or theme
 CVE-2025-2983 (A vulnerability has been found in Legrand SMS PowerView 1.x and 
classi ...)
-       TODO: check
+       NOT-FOR-US: Legrand SMS PowerView
 CVE-2025-2982 (A vulnerability, which was classified as critical, was found in 
Legran ...)
-       TODO: check
+       NOT-FOR-US: Legrand SMS PowerView
 CVE-2025-2981 (A vulnerability, which was classified as problematic, has been 
found i ...)
-       TODO: check
+       NOT-FOR-US: Legrand SMS PowerView
 CVE-2025-2980 (A vulnerability classified as problematic was found in Legrand 
SMS Pow ...)
-       TODO: check
+       NOT-FOR-US: Legrand SMS PowerView
 CVE-2025-2979 (A vulnerability classified as problematic has been found in 
WCMS 11. T ...)
-       TODO: check
+       NOT-FOR-US: WMCS
 CVE-2025-2978 (A vulnerability was found in WCMS 11. It has been rated as 
critical. A ...)
-       TODO: check
+       NOT-FOR-US: WMCS
 CVE-2025-2977 (A vulnerability was found in GFI KerioConnect 10.0.6. It has 
been decl ...)
-       TODO: check
+       NOT-FOR-US: GFI KerioConnect
 CVE-2025-2976 (A vulnerability was found in GFI KerioConnect 10.0.6. It has 
been clas ...)
-       TODO: check
+       NOT-FOR-US: GFI KerioConnect
 CVE-2025-2975 (A vulnerability was found in GFI KerioConnect 10.0.6 and 
classified as ...)
-       TODO: check
+       NOT-FOR-US: GFI KerioConnect
 CVE-2025-2974 (A vulnerability has been found in CodeCanyon Perfex CRM up to 
3.2.1 an ...)
-       TODO: check
+       NOT-FOR-US: CodeCanyon Perfex CRM
 CVE-2025-2973 (A vulnerability, which was classified as critical, was found in 
code-p ...)
        NOT-FOR-US: code-projects
 CVE-2025-2972 (A vulnerability, which was classified as problematic, has been 
found i ...)
-       TODO: check
+       NOT-FOR-US: ConcreteCMS
 CVE-2025-2971 (A vulnerability classified as problematic was found in 
ConcreteCMS up  ...)
-       TODO: check
+       NOT-FOR-US: ConcreteCMS
 CVE-2025-2970 (A vulnerability classified as problematic has been found in 
ConcreteCM ...)
-       TODO: check
+       NOT-FOR-US: ConcreteCMS
 CVE-2025-2969 (A vulnerability was found in ConcreteCMS up to 9.3.9. It has 
been rate ...)
-       TODO: check
+       NOT-FOR-US: ConcreteCMS
 CVE-2025-2968 (A vulnerability was found in ConcreteCMS up to 9.3.9. It has 
been decl ...)
-       TODO: check
+       NOT-FOR-US: ConcreteCMS
 CVE-2025-2967 (A vulnerability was found in ConcreteCMS up to 9.3.9. It has 
been clas ...)
-       TODO: check
+       NOT-FOR-US: ConcreteCMS
 CVE-2025-2966 (A vulnerability was found in ConcreteCMS up to 9.3.9 and 
classified as ...)
-       TODO: check
+       NOT-FOR-US: ConcreteCMS
 CVE-2025-2965 (A vulnerability has been found in ConcreteCMS up to 9.3.9 and 
classifi ...)
-       TODO: check
+       NOT-FOR-US: ConcreteCMS
 CVE-2025-2964 (A vulnerability, which was classified as problematic, was found 
in Con ...)
-       TODO: check
+       NOT-FOR-US: ConcreteCMS
 CVE-2025-2963 (A vulnerability, which was classified as problematic, has been 
found i ...)
-       TODO: check
+       NOT-FOR-US: ConcreteCMS
 CVE-2025-2961 (A vulnerability classified as problematic was found in 
opensolon up to ...)
        TODO: check
 CVE-2025-2960 (A vulnerability classified as problematic has been found in 
TRENDnet T ...)
@@ -80,15 +80,15 @@ CVE-2025-2960 (A vulnerability classified as problematic 
has been found in TREND
 CVE-2025-2959 (A vulnerability was found in TRENDnet TEW-410APB 1.3.06b. It 
has been  ...)
        NOT-FOR-US: TRENDnet
 CVE-2025-2402 (A hard-coded, non-random password for the object store (minio) 
of KNIM ...)
-       TODO: check
+       NOT-FOR-US: KNIME Business Hub
 CVE-2025-26689 (Direct request ('Forced Browsing') issue exists in CHOCO TEI 
WATCHER m ...)
-       TODO: check
+       NOT-FOR-US: CHOCO TEI WATCHER
 CVE-2025-25211 (Weak password requirements issue exists in CHOCO TEI WATCHER 
mini (IB- ...)
-       TODO: check
+       NOT-FOR-US: CHOCO TEI WATCHER
 CVE-2025-24852 (Storing passwords in a recoverable format issue exists in 
CHOCO TEI WA ...)
-       TODO: check
+       NOT-FOR-US: CHOCO TEI WATCHER
 CVE-2025-24517 (Use of client-side authentication issue exists in CHOCO TEI 
WATCHER mi ...)
-       TODO: check
+       NOT-FOR-US: CHOCO TEI WATCHER
 CVE-2025-1268 (Out-of-bounds vulnerability in EMF Recode processing of Generic 
Plus P ...)
        TODO: check
 CVE-2025-0613 (The Photo Gallery by 10Web  WordPress plugin before 1.8.34 does 
not sa ...)



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/2049f3b411b365fd80764653d07492d1963d136a

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/2049f3b411b365fd80764653d07492d1963d136a
You're receiving this email because of your account on salsa.debian.org.

_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

[Git][security-tracker-team/security-tracker][master] NFUs

Reply via email to