[Git][security-tracker-team/security-tracker][master] Process some NFUs

Salvatore Bonaccorso (@carnil) Sat, 26 Apr 2025 01:59:33 -0700


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker



Commits:
59a0aae6 by Salvatore Bonaccorso at 2025-04-26T10:47:51+02:00
Process some NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,5 +1,5 @@
 CVE-2025-46333 (z2d is a pure Zig 2D graphics library. In version 0.6.0, when 
writing  ...)
-       TODO: check
+       NOT-FOR-US: z2d
 CVE-2025-3915 (The Aeropage Sync for Airtable plugin for WordPress is 
vulnerable to u ...)
        NOT-FOR-US: WordPress plugin
 CVE-2025-3914 (The Aeropage Sync for Airtable plugin for WordPress is 
vulnerable to a ...)
@@ -9,21 +9,21 @@ CVE-2025-3906 (The Integra\xe7\xe3o entre Eduzz e Woocommerce 
plugin for WordPre
 CVE-2025-3491 (The Add custom page template plugin for WordPress is vulnerable 
to PHP ...)
        NOT-FOR-US: WordPress plugin
 CVE-2025-32986 (NETSCOUT nGeniusONE before 6.4.0 b2350 has a Sensitive File 
Accessible ...)
-       TODO: check
+       NOT-FOR-US: NETSCOUT
 CVE-2025-32985 (NETSCOUT nGeniusONE before 6.4.0 b2350 has Hardcoded 
Credentials that  ...)
-       TODO: check
+       NOT-FOR-US: NETSCOUT
 CVE-2025-32984 (NETSCOUT nGeniusONE before 6.4.0 b2350 allows Stored 
Cross-Site Script ...)
-       TODO: check
+       NOT-FOR-US: NETSCOUT
 CVE-2025-32983 (NETSCOUT nGeniusONE before 6.4.0 b2350 allows Technical 
Information Di ...)
-       TODO: check
+       NOT-FOR-US: NETSCOUT
 CVE-2025-32982 (NETSCOUT nGeniusONE before 6.4.0 b2350 has a Broken 
Authorization Sche ...)
-       TODO: check
+       NOT-FOR-US: NETSCOUT
 CVE-2025-32981 (NETSCOUT nGeniusONE before 6.4.0 b2350 allows local users to 
leverage  ...)
-       TODO: check
+       NOT-FOR-US: NETSCOUT
 CVE-2025-32980 (NETSCOUT nGeniusONE before 6.4.0 b2350 has a Weak Sudo 
Configuration.)
-       TODO: check
+       NOT-FOR-US: NETSCOUT
 CVE-2025-32979 (NETSCOUT nGeniusONE before 6.4.0 b2350 allows Arbitrary File 
Creation  ...)
-       TODO: check
+       NOT-FOR-US: NETSCOUT
 CVE-2025-2907 (The Order Delivery Date WordPress plugin before 12.3.1 does not 
have a ...)
        NOT-FOR-US: WordPress plugin
 CVE-2025-2851 (A vulnerability classified as critical has been found in 
GL.iNet GL-A1 ...)
@@ -101,17 +101,17 @@ CVE-2025-2986 (IBM Maximo Asset Management 7.6.1.3 is 
vulnerable to stored cross
 CVE-2025-2470 (The Service Finder Bookings plugin for WordPress, used by the 
Service  ...)
        NOT-FOR-US: WordPress plugin
 CVE-2025-2070 (An improper XML parsing vulnerability was reported in the FileZ 
client ...)
-       TODO: check
+       NOT-FOR-US: FileZ
 CVE-2025-2069 (A cross-site scripting vulnerability was reported in the FileZ 
client  ...)
-       TODO: check
+       NOT-FOR-US: FileZ
 CVE-2025-2068 (An open redirect vulnerability was reported in the FileZ client 
that c ...)
-       TODO: check
+       NOT-FOR-US: FileZ
 CVE-2025-28354 (An issue in the Printer Manager Systm of Entrust Corp Printer 
Manager  ...)
        NOT-FOR-US: Printer Manager Systm of Entrust Corp Printer Manager
 CVE-2025-28128 (An issue in Mytel Telecom Online Account System v1.0 allows 
attackers  ...)
        NOT-FOR-US: Mytel Telecom Online Account System
 CVE-2025-28076 (Multiple SQL injection vulnerabilities in EasyVirt DCScope <= 
8.6.4 an ...)
-       TODO: check
+       NOT-FOR-US: EasyVirt DCScope
 CVE-2025-25775 (Codeastro Bus Ticket Booking System v1.0 is vulnerable to SQL 
injectio ...)
        NOT-FOR-US: CodeAstro
 CVE-2025-1565 (The Mayosis Core plugin for WordPress is vulnerable to 
Arbitrary File  ...)
@@ -119,11 +119,11 @@ CVE-2025-1565 (The Mayosis Core plugin for WordPress is 
vulnerable to Arbitrary
 CVE-2025-1279 (The BM Content Builder plugin for WordPress is vulnerable to 
unauthori ...)
        NOT-FOR-US: WordPress plugin
 CVE-2024-6199 (An unauthenticated attacker on the WAN interface, with the 
ability to  ...)
-       TODO: check
+       NOT-FOR-US: Viasat Modems
 CVE-2024-6198 (The device exposes a web interface on ports TCP/3030 and 
TCP/9882. Thi ...)
-       TODO: check
+       NOT-FOR-US: Viasat Modems
 CVE-2024-57375 (Andamiro Pump It Up 20th Anniversary (aka Double X or XX/2019) 
1.00.0- ...)
-       TODO: check
+       NOT-FOR-US: Andamiro Pump It Up 20th Anniversary (aka Double X or 
XX/2019)
 CVE-2024-56156 (Halo is an open source website building tool. Prior to version 
2.20.13 ...)
        TODO: check
 CVE-2024-30152 (HCL SX v21 is affected by usage of a weak cryptographic 
algorithm.  An ...)



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/59a0aae60520fe77442bcc0986b40cbf4ea8e97f

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/59a0aae60520fe77442bcc0986b40cbf4ea8e97f
You're receiving this email because of your account on salsa.debian.org.

_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

[Git][security-tracker-team/security-tracker][master] Process some NFUs

Reply via email to