[Git][security-tracker-team/security-tracker][master] Process some NFUs

Salvatore Bonaccorso (@carnil) Fri, 11 Apr 2025 14:17:17 -0700


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker



Commits:
01c29099 by Salvatore Bonaccorso at 2025-04-11T23:16:37+02:00
Process some NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -99,19 +99,19 @@ CVE-2025-32517 (Improper Neutralization of Input During Web 
Page Generation ('Cr
 CVE-2025-32509 (Improper Limitation of a Pathname to a Restricted Directory 
('Path Tra ...)
        NOT-FOR-US: WordPress plugin or theme
 CVE-2025-32491 (Incorrect Privilege Assignment vulnerability in Rankology 
Rankology SE ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2025-32427 (Formie is a Craft CMS plugin for creating forms. Prior to 
2.1.44, when ...)
-       TODO: check
+       NOT-FOR-US: Formie Craft CMS plugin
 CVE-2025-32426 (Formie is a Craft CMS plugin for creating forms. Prior to 
version 2.1. ...)
-       TODO: check
+       NOT-FOR-US: Formie Craft CMS plugin
 CVE-2025-32367 (The Oz Forensics face recognition application before 4.0.8 
late 2023 a ...)
-       TODO: check
+       NOT-FOR-US: Oz Forensics face recognition application
 CVE-2025-32144 (Deserialization of Untrusted Data vulnerability in PickPlugins 
Job Boa ...)
        NOT-FOR-US: WordPress plugin or theme
 CVE-2025-32143 (Deserialization of Untrusted Data vulnerability in PickPlugins 
Accordi ...)
        NOT-FOR-US: WordPress plugin or theme
 CVE-2025-32107 (OS command injection vulnerability exists in Deco BE65 Pro 
firmware ve ...)
-       TODO: check
+       NOT-FOR-US: Deco BE65 Pro firmware
 CVE-2025-32080 (Exposure of Sensitive Information to an Unauthorized Actor 
vulnerabili ...)
        TODO: check
 CVE-2025-32079 (Improper Input Validation vulnerability in The Wikimedia 
Foundation Me ...)
@@ -141,9 +141,9 @@ CVE-2025-32068 (Incorrect Authorization vulnerability in 
The Wikimedia Foundatio
 CVE-2025-32067 (Improper Input Validation vulnerability in The Wikimedia 
Foundation Me ...)
        TODO: check
 CVE-2025-31935 (Subnet Solutions   PowerSYSTEM Center is affected by a 
mishandling of  ...)
-       TODO: check
+       NOT-FOR-US: Subnet Solutions PowerSYSTEM Center
 CVE-2025-31932 (Deserialization of untrusted data issue exists in BizRobo! all 
version ...)
-       TODO: check
+       NOT-FOR-US: BizRobo!
 CVE-2025-31599 (Improper Neutralization of Special Elements used in an SQL 
Command ('S ...)
        NOT-FOR-US: WordPress plugin or theme
 CVE-2025-31565 (Improper Neutralization of Special Elements used in an SQL 
Command ('S ...)
@@ -153,21 +153,21 @@ CVE-2025-31379 (Improper Neutralization of Input During 
Web Page Generation ('Cr
 CVE-2025-31378 (Improper Neutralization of Input During Web Page Generation 
('Cross-si ...)
        NOT-FOR-US: WordPress plugin or theme
 CVE-2025-31362 (Use of hard-coded cryptographic key issue exists in BizRobo! 
all versi ...)
-       TODO: check
+       NOT-FOR-US: BizRobo!
 CVE-2025-31354 (Subnet Solutions PowerSYSTEM Center's SMTPS notification 
service can b ...)
-       TODO: check
+       NOT-FOR-US: Subnet Solutions PowerSYSTEM Center
 CVE-2025-31041 (Missing Authorization vulnerability in NotFound AnyTrack 
Affiliate Lin ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2025-31040 (Improper Control of Filename for Include/Require Statement in 
PHP Prog ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2025-31028 (Improper Neutralization of Input During Web Page Generation 
('Cross-si ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2025-31021 (Improper Neutralization of Input During Web Page Generation 
('Cross-si ...)
        NOT-FOR-US: WordPress plugin or theme
 CVE-2025-31015 (Improper Control of Filename for Include/Require Statement in 
PHP Prog ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2025-31014 (Improper Control of Filename for Include/Require Statement in 
PHP Prog ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2025-2575 (The Z Companion plugin for WordPress is vulnerable to Stored 
Cross-Sit ...)
        NOT-FOR-US: WordPress plugin
 CVE-2025-2541 (The WP Project Manager plugin for WordPress is vulnerable to 
Stored Cr ...)



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/01c290999707dde82e4da69593b811df012ca28d

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/01c290999707dde82e4da69593b811df012ca28d
You're receiving this email because of your account on salsa.debian.org.

_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

[Git][security-tracker-team/security-tracker][master] Process some NFUs

Reply via email to