[Git][security-tracker-team/security-tracker][master] Process some NFUs

Salvatore Bonaccorso (@carnil) carnil at debian.org
Tue Apr 9 22:01:36 BST 2024



Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
0f4c25ce by Salvatore Bonaccorso at 2024-04-09T23:01:07+02:00
Process some NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -25,15 +25,15 @@ CVE-2024-3208 (The Sydney Toolbox plugin for WordPress is vulnerable to Stored C
 CVE-2024-3167 (The Ocean Extra plugin for WordPress is vulnerable to Stored Cross-Sit ...)
 	NOT-FOR-US: WordPress plugin
 CVE-2024-3136 (The MasterStudy LMS plugin for WordPress is vulnerable to Local File I ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2024-3097 (The WordPress Gallery Plugin \u2013 NextGEN Gallery plugin for WordPre ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2024-3093 (The Font Farsi plugin for WordPress is vulnerable to Stored Cross-Site ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2024-3064 (The Elementor Addons, Widgets and Enhancements \u2013 Stax plugin for  ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2024-3053 (The Forminator \u2013 Contact Form, Payment Form & Custom Form Builder ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2024-3046 (In Eclipse Kura LogServlet component included in versions 5.0.0 to 5.4 ...)
 	TODO: check
 CVE-2024-31978 (A vulnerability has been identified in SINEC NMS (All versions < V2.0  ...)
@@ -65,19 +65,19 @@ CVE-2024-31487 (A improper limitation of a pathname to a restricted directory ('
 CVE-2024-31457 (gin-vue-admin is a backstage management system based on vue and gin, w ...)
 	TODO: check
 CVE-2024-31455 (Minder by Stacklok is an open source software supply chain security pl ...)
-	TODO: check
+	NOT-FOR-US: Minder by Stacklok
 CVE-2024-31454 (PsiTransfer is an open source, self-hosted file sharing solution. Prio ...)
-	TODO: check
+	NOT-FOR-US: PsiTransfer
 CVE-2024-31453 (PsiTransfer is an open source, self-hosted file sharing solution. Prio ...)
-	TODO: check
+	NOT-FOR-US: PsiTransfer
 CVE-2024-31370 (Improper Neutralization of Special Elements used in an SQL Command ('S ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2024-31369 (Cross-Site Request Forgery (CSRF) vulnerability in PenciDesign Soledad ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2024-31368 (Missing Authorization vulnerability in PenciDesign Soledad.This issue  ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2024-31367 (Missing Authorization vulnerability in PenciDesign Soledad.This issue  ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2024-30706 (An issue was discovered in ROS2 Dashing Diademata versions ROS_VERSION ...)
 	TODO: check
 CVE-2024-30704 (An insecure deserialization vulnerability has been identified in ROS2  ...)
@@ -87,59 +87,59 @@ CVE-2024-30703 (An arbitrary file upload vulnerability has been discovered in RO
 CVE-2024-30702 (An issue was discovered in ROS2 Galactic Geochelone in ROS_VERSION 2 a ...)
 	TODO: check
 CVE-2024-30262 (Contao is an open source content management system. Prior to version 4 ...)
-	TODO: check
+	NOT-FOR-US: Contao CMS
 CVE-2024-30191 (A vulnerability has been identified in SCALANCE W1748-1 M12 (6GK5748-1 ...)
-	TODO: check
+	NOT-FOR-US: Siemens
 CVE-2024-30190 (A vulnerability has been identified in SCALANCE W1748-1 M12 (6GK5748-1 ...)
-	TODO: check
+	NOT-FOR-US: Siemens
 CVE-2024-30189 (A vulnerability has been identified in SCALANCE W721-1 RJ45 (6GK5721-1 ...)
-	TODO: check
+	NOT-FOR-US: Siemens
 CVE-2024-2974 (The Essential Addons for Elementor \u2013 Best Elementor Templates, Wi ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2024-2957 (The Simple Ajax Chat \u2013 Add a Fast, Secure Chat Box plugin for Wor ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2024-2946 (The ShopLentor \u2013 WooCommerce Builder for Elementor & Gutenberg +1 ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2024-2918 (Improper input validation in PAM JIT elevation feature in Devolutions  ...)
-	TODO: check
+	NOT-FOR-US: Devolutions
 CVE-2024-2871 (The Media Library Assistant plugin for WordPress is vulnerable to SQL  ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2024-2866 (The Gutenberg Blocks by Kadence Blocks \u2013 Page Builder Features pl ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2024-2847 (The WordPress File Upload plugin for WordPress is vulnerable to Stored ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2024-2845 (The BetterDocs \u2013 Best Documentation, FAQ & Knowledge Base Plugin  ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2024-2804 (The Network Summary plugin for WordPress is vulnerable to SQL Injectio ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2024-2792 (The Elementor Addon Elements plugin for WordPress is vulnerable to Sto ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2024-2789 (The Happy Addons for Elementor plugin for WordPress is vulnerable to S ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2024-2788 (The Happy Addons for Elementor plugin for WordPress is vulnerable to S ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2024-2787 (The Happy Addons for Elementor plugin for WordPress is vulnerable to S ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2024-2786 (The Happy Addons for Elementor plugin for WordPress is vulnerable to S ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2024-2783 (The GamiPress \u2013 The #1 gamification plugin to reward points, achi ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2024-2738 (The Permalink Manager Lite and Pro plugins for WordPress are vulnerabl ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2024-2693 (The Link Whisper Free plugin for WordPress is vulnerable to PHP Object ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2024-2654 (The File Manager plugin for WordPress is vulnerable to Directory Trave ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2024-2650 (The Essential Addons for Elementor \u2013 Best Elementor Templates, Wi ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2024-2623 (The Essential Addons for Elementor \u2013 Best Elementor Templates, Wi ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2024-2543 (The Permalink Manager Lite plugin for WordPress is vulnerable to unaut ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2024-2536 (The Rank Math SEO with AI SEO Tools plugin for WordPress is vulnerable ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2024-2513 (The WP Chat App plugin for WordPress is vulnerable to Stored Cross-Sit ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2024-2507 (The JetWidgets For Elementor plugin for WordPress is vulnerable to Sto ...)
 	TODO: check
 CVE-2024-2504 (The Page Builder: Pagelayer \u2013 Drag and Drop website builder plugi ...)
@@ -241,293 +241,293 @@ CVE-2024-2026 (The Passster plugin for WordPress is vulnerable to Stored Cross-S
 CVE-2024-2018 (The WP Activity Log Premium plugin for WordPress is vulnerable to SQL  ...)
 	TODO: check
 CVE-2024-29993 (Azure CycleCloud Elevation of Privilege Vulnerability)
-	TODO: check
+	NOT-FOR-US: Microsoft
 CVE-2024-29992 (Azure Identity Library for .NET Information Disclosure Vulnerability)
-	TODO: check
+	NOT-FOR-US: Microsoft
 CVE-2024-29990 (Microsoft Azure Kubernetes Service Confidential Container Elevation of ...)
-	TODO: check
+	NOT-FOR-US: Microsoft
 CVE-2024-29989 (Azure Monitor Agent Elevation of Privilege Vulnerability)
-	TODO: check
+	NOT-FOR-US: Microsoft
 CVE-2024-29988 (SmartScreen Prompt Security Feature Bypass Vulnerability)
-	TODO: check
+	NOT-FOR-US: Microsoft
 CVE-2024-29985 (Microsoft OLE DB Driver for SQL Server Remote Code Execution Vulnerabi ...)
-	TODO: check
+	NOT-FOR-US: Microsoft
 CVE-2024-29984 (Microsoft OLE DB Driver for SQL Server Remote Code Execution Vulnerabi ...)
-	TODO: check
+	NOT-FOR-US: Microsoft
 CVE-2024-29983 (Microsoft OLE DB Driver for SQL Server Remote Code Execution Vulnerabi ...)
-	TODO: check
+	NOT-FOR-US: Microsoft
 CVE-2024-29982 (Microsoft OLE DB Driver for SQL Server Remote Code Execution Vulnerabi ...)
-	TODO: check
+	NOT-FOR-US: Microsoft
 CVE-2024-29905 (DIRAC is an interware, meaning a software framework for distributed co ...)
-	TODO: check
+	NOT-FOR-US: DIRAC
 CVE-2024-29066 (Windows Distributed File System (DFS) Remote Code Execution Vulnerabil ...)
-	TODO: check
+	NOT-FOR-US: Microsoft
 CVE-2024-29064 (Windows Hyper-V Denial of Service Vulnerability)
-	TODO: check
+	NOT-FOR-US: Microsoft
 CVE-2024-29063 (Azure AI Search Information Disclosure Vulnerability)
-	TODO: check
+	NOT-FOR-US: Microsoft
 CVE-2024-29062 (Secure Boot Security Feature Bypass Vulnerability)
-	TODO: check
+	NOT-FOR-US: Microsoft
 CVE-2024-29061 (Secure Boot Security Feature Bypass Vulnerability)
-	TODO: check
+	NOT-FOR-US: Microsoft
 CVE-2024-29056 (Windows Authentication Elevation of Privilege Vulnerability)
-	TODO: check
+	NOT-FOR-US: Microsoft
 CVE-2024-29055 (Microsoft Defender for IoT Elevation of Privilege Vulnerability)
-	TODO: check
+	NOT-FOR-US: Microsoft
 CVE-2024-29054 (Microsoft Defender for IoT Elevation of Privilege Vulnerability)
-	TODO: check
+	NOT-FOR-US: Microsoft
 CVE-2024-29053 (Microsoft Defender for IoT Remote Code Execution Vulnerability)
-	TODO: check
+	NOT-FOR-US: Microsoft
 CVE-2024-29052 (Windows Storage Elevation of Privilege Vulnerability)
-	TODO: check
+	NOT-FOR-US: Microsoft
 CVE-2024-29050 (Windows Cryptographic Services Remote Code Execution Vulnerability)
-	TODO: check
+	NOT-FOR-US: Microsoft
 CVE-2024-29048 (Microsoft OLE DB Driver for SQL Server Remote Code Execution Vulnerabi ...)
-	TODO: check
+	NOT-FOR-US: Microsoft
 CVE-2024-29047 (Microsoft OLE DB Driver for SQL Server Remote Code Execution Vulnerabi ...)
-	TODO: check
+	NOT-FOR-US: Microsoft
 CVE-2024-29046 (Microsoft OLE DB Driver for SQL Server Remote Code Execution Vulnerabi ...)
-	TODO: check
+	NOT-FOR-US: Microsoft
 CVE-2024-29045 (Microsoft OLE DB Driver for SQL Server Remote Code Execution Vulnerabi ...)
-	TODO: check
+	NOT-FOR-US: Microsoft
 CVE-2024-29044 (Microsoft OLE DB Driver for SQL Server Remote Code Execution Vulnerabi ...)
-	TODO: check
+	NOT-FOR-US: Microsoft
 CVE-2024-29043 (Microsoft ODBC Driver for SQL Server Remote Code Execution Vulnerabili ...)
-	TODO: check
+	NOT-FOR-US: Microsoft
 CVE-2024-28945 (Microsoft OLE DB Driver for SQL Server Remote Code Execution Vulnerabi ...)
-	TODO: check
+	NOT-FOR-US: Microsoft
 CVE-2024-28944 (Microsoft OLE DB Driver for SQL Server Remote Code Execution Vulnerabi ...)
-	TODO: check
+	NOT-FOR-US: Microsoft
 CVE-2024-28943 (Microsoft ODBC Driver for SQL Server Remote Code Execution Vulnerabili ...)
-	TODO: check
+	NOT-FOR-US: Microsoft
 CVE-2024-28942 (Microsoft OLE DB Driver for SQL Server Remote Code Execution Vulnerabi ...)
-	TODO: check
+	NOT-FOR-US: Microsoft
 CVE-2024-28941 (Microsoft ODBC Driver for SQL Server Remote Code Execution Vulnerabili ...)
-	TODO: check
+	NOT-FOR-US: Microsoft
 CVE-2024-28940 (Microsoft OLE DB Driver for SQL Server Remote Code Execution Vulnerabi ...)
-	TODO: check
+	NOT-FOR-US: Microsoft
 CVE-2024-28939 (Microsoft OLE DB Driver for SQL Server Remote Code Execution Vulnerabi ...)
-	TODO: check
+	NOT-FOR-US: Microsoft
 CVE-2024-28938 (Microsoft ODBC Driver for SQL Server Remote Code Execution Vulnerabili ...)
-	TODO: check
+	NOT-FOR-US: Microsoft
 CVE-2024-28937 (Microsoft ODBC Driver for SQL Server Remote Code Execution Vulnerabili ...)
-	TODO: check
+	NOT-FOR-US: Microsoft
 CVE-2024-28936 (Microsoft ODBC Driver for SQL Server Remote Code Execution Vulnerabili ...)
-	TODO: check
+	NOT-FOR-US: Microsoft
 CVE-2024-28935 (Microsoft ODBC Driver for SQL Server Remote Code Execution Vulnerabili ...)
-	TODO: check
+	NOT-FOR-US: Microsoft
 CVE-2024-28934 (Microsoft ODBC Driver for SQL Server Remote Code Execution Vulnerabili ...)
-	TODO: check
+	NOT-FOR-US: Microsoft
 CVE-2024-28933 (Microsoft ODBC Driver for SQL Server Remote Code Execution Vulnerabili ...)
-	TODO: check
+	NOT-FOR-US: Microsoft
 CVE-2024-28932 (Microsoft ODBC Driver for SQL Server Remote Code Execution Vulnerabili ...)
-	TODO: check
+	NOT-FOR-US: Microsoft
 CVE-2024-28931 (Microsoft ODBC Driver for SQL Server Remote Code Execution Vulnerabili ...)
-	TODO: check
+	NOT-FOR-US: Microsoft
 CVE-2024-28930 (Microsoft ODBC Driver for SQL Server Remote Code Execution Vulnerabili ...)
-	TODO: check
+	NOT-FOR-US: Microsoft
 CVE-2024-28929 (Microsoft ODBC Driver for SQL Server Remote Code Execution Vulnerabili ...)
-	TODO: check
+	NOT-FOR-US: Microsoft
 CVE-2024-28927 (Microsoft OLE DB Driver for SQL Server Remote Code Execution Vulnerabi ...)
-	TODO: check
+	NOT-FOR-US: Microsoft
 CVE-2024-28926 (Microsoft OLE DB Driver for SQL Server Remote Code Execution Vulnerabi ...)
-	TODO: check
+	NOT-FOR-US: Microsoft
 CVE-2024-28925 (Secure Boot Security Feature Bypass Vulnerability)
-	TODO: check
+	NOT-FOR-US: Microsoft
 CVE-2024-28924 (Secure Boot Security Feature Bypass Vulnerability)
-	TODO: check
+	NOT-FOR-US: Microsoft
 CVE-2024-28923 (Secure Boot Security Feature Bypass Vulnerability)
-	TODO: check
+	NOT-FOR-US: Microsoft
 CVE-2024-28922 (Secure Boot Security Feature Bypass Vulnerability)
-	TODO: check
+	NOT-FOR-US: Microsoft
 CVE-2024-28921 (Secure Boot Security Feature Bypass Vulnerability)
-	TODO: check
+	NOT-FOR-US: Microsoft
 CVE-2024-28920 (Secure Boot Security Feature Bypass Vulnerability)
-	TODO: check
+	NOT-FOR-US: Microsoft
 CVE-2024-28919 (Secure Boot Security Feature Bypass Vulnerability)
-	TODO: check
+	NOT-FOR-US: Microsoft
 CVE-2024-28917 (Azure Arc-enabled Kubernetes Extension Cluster-Scope Elevation of Priv ...)
-	TODO: check
+	NOT-FOR-US: Microsoft
 CVE-2024-28915 (Microsoft OLE DB Driver for SQL Server Remote Code Execution Vulnerabi ...)
-	TODO: check
+	NOT-FOR-US: Microsoft
 CVE-2024-28914 (Microsoft OLE DB Driver for SQL Server Remote Code Execution Vulnerabi ...)
-	TODO: check
+	NOT-FOR-US: Microsoft
 CVE-2024-28913 (Microsoft OLE DB Driver for SQL Server Remote Code Execution Vulnerabi ...)
-	TODO: check
+	NOT-FOR-US: Microsoft
 CVE-2024-28912 (Microsoft OLE DB Driver for SQL Server Remote Code Execution Vulnerabi ...)
-	TODO: check
+	NOT-FOR-US: Microsoft
 CVE-2024-28911 (Microsoft OLE DB Driver for SQL Server Remote Code Execution Vulnerabi ...)
-	TODO: check
+	NOT-FOR-US: Microsoft
 CVE-2024-28910 (Microsoft OLE DB Driver for SQL Server Remote Code Execution Vulnerabi ...)
-	TODO: check
+	NOT-FOR-US: Microsoft
 CVE-2024-28909 (Microsoft OLE DB Driver for SQL Server Remote Code Execution Vulnerabi ...)
-	TODO: check
+	NOT-FOR-US: Microsoft
 CVE-2024-28908 (Microsoft OLE DB Driver for SQL Server Remote Code Execution Vulnerabi ...)
-	TODO: check
+	NOT-FOR-US: Microsoft
 CVE-2024-28907 (Microsoft Brokering File System Elevation of Privilege Vulnerability)
-	TODO: check
+	NOT-FOR-US: Microsoft
 CVE-2024-28906 (Microsoft OLE DB Driver for SQL Server Remote Code Execution Vulnerabi ...)
-	TODO: check
+	NOT-FOR-US: Microsoft
 CVE-2024-28905 (Microsoft Brokering File System Elevation of Privilege Vulnerability)
-	TODO: check
+	NOT-FOR-US: Microsoft
 CVE-2024-28904 (Microsoft Brokering File System Elevation of Privilege Vulnerability)
-	TODO: check
+	NOT-FOR-US: Microsoft
 CVE-2024-28903 (Secure Boot Security Feature Bypass Vulnerability)
-	TODO: check
+	NOT-FOR-US: Microsoft
 CVE-2024-28902 (Windows Remote Access Connection Manager Information Disclosure Vulner ...)
-	TODO: check
+	NOT-FOR-US: Microsoft
 CVE-2024-28901 (Windows Remote Access Connection Manager Information Disclosure Vulner ...)
-	TODO: check
+	NOT-FOR-US: Microsoft
 CVE-2024-28900 (Windows Remote Access Connection Manager Information Disclosure Vulner ...)
-	TODO: check
+	NOT-FOR-US: Microsoft
 CVE-2024-28898 (Secure Boot Security Feature Bypass Vulnerability)
-	TODO: check
+	NOT-FOR-US: Microsoft
 CVE-2024-28897 (Secure Boot Security Feature Bypass Vulnerability)
-	TODO: check
+	NOT-FOR-US: Microsoft
 CVE-2024-28896 (Secure Boot Security Feature Bypass Vulnerability)
-	TODO: check
+	NOT-FOR-US: Microsoft
 CVE-2024-28235 (Contao is an open source content management system. Starting in versio ...)
-	TODO: check
+	NOT-FOR-US: Contao CMS
 CVE-2024-28234 (Contao is an open source content management system. Starting in versio ...)
-	TODO: check
+	NOT-FOR-US: Contao CMS
 CVE-2024-28191 (Contao is an open source content management system. Starting in versio ...)
-	TODO: check
+	NOT-FOR-US: Contao CMS
 CVE-2024-28190 (Contao is an open source content management system. Starting in versio ...)
-	TODO: check
+	NOT-FOR-US: Contao CMS
 CVE-2024-27665 (Unifiedtransform v2.X is vulnerable to Stored Cross-Site Scripting (XS ...)
 	TODO: check
 CVE-2024-27247 (Improper privilege management in the installer for Zoom Desktop Client ...)
-	TODO: check
+	NOT-FOR-US: Zoom
 CVE-2024-27242 (Cross site scripting in Zoom Desktop Client for Linux before version 5 ...)
-	TODO: check
+	NOT-FOR-US: Zoom
 CVE-2024-26277 (A vulnerability has been identified in Parasolid V35.1 (All versions < ...)
-	TODO: check
+	NOT-FOR-US: Siemens
 CVE-2024-26276 (A vulnerability has been identified in Parasolid V35.1 (All versions < ...)
-	TODO: check
+	NOT-FOR-US: Siemens
 CVE-2024-26275 (A vulnerability has been identified in Parasolid V35.1 (All versions < ...)
-	TODO: check
+	NOT-FOR-US: Siemens
 CVE-2024-26257 (Microsoft Excel Remote Code Execution Vulnerability)
-	TODO: check
+	NOT-FOR-US: Microsoft
 CVE-2024-26256 (libarchive Remote Code Execution Vulnerability)
 	TODO: check
 CVE-2024-26255 (Windows Remote Access Connection Manager Information Disclosure Vulner ...)
-	TODO: check
+	NOT-FOR-US: Microsoft
 CVE-2024-26254 (Microsoft Virtual Machine Bus (VMBus) Denial of Service Vulnerability)
-	TODO: check
+	NOT-FOR-US: Microsoft
 CVE-2024-26253 (Windows rndismp6.sys Remote Code Execution Vulnerability)
-	TODO: check
+	NOT-FOR-US: Microsoft
 CVE-2024-26252 (Windows rndismp6.sys Remote Code Execution Vulnerability)
-	TODO: check
+	NOT-FOR-US: Microsoft
 CVE-2024-26251 (Microsoft SharePoint Server Spoofing Vulnerability)
-	TODO: check
+	NOT-FOR-US: Microsoft
 CVE-2024-26250 (Secure Boot Security Feature Bypass Vulnerability)
-	TODO: check
+	NOT-FOR-US: Microsoft
 CVE-2024-26248 (Windows Kerberos Elevation of Privilege Vulnerability)
-	TODO: check
+	NOT-FOR-US: Microsoft
 CVE-2024-26245 (Windows SMB Elevation of Privilege Vulnerability)
-	TODO: check
+	NOT-FOR-US: Microsoft
 CVE-2024-26244 (Microsoft WDAC OLE DB Provider for SQL Server Remote Code Execution Vu ...)
-	TODO: check
+	NOT-FOR-US: Microsoft
 CVE-2024-26243 (Windows USB Print Driver Elevation of Privilege Vulnerability)
-	TODO: check
+	NOT-FOR-US: Microsoft
 CVE-2024-26242 (Windows Telephony Server Elevation of Privilege Vulnerability)
-	TODO: check
+	NOT-FOR-US: Microsoft
 CVE-2024-26241 (Win32k Elevation of Privilege Vulnerability)
-	TODO: check
+	NOT-FOR-US: Microsoft
 CVE-2024-26240 (Secure Boot Security Feature Bypass Vulnerability)
-	TODO: check
+	NOT-FOR-US: Microsoft
 CVE-2024-26239 (Windows Telephony Server Elevation of Privilege Vulnerability)
-	TODO: check
+	NOT-FOR-US: Microsoft
 CVE-2024-26237 (Windows Defender Credential Guard Elevation of Privilege Vulnerability)
-	TODO: check
+	NOT-FOR-US: Microsoft
 CVE-2024-26236 (Windows Update Stack Elevation of Privilege Vulnerability)
-	TODO: check
+	NOT-FOR-US: Microsoft
 CVE-2024-26235 (Windows Update Stack Elevation of Privilege Vulnerability)
-	TODO: check
+	NOT-FOR-US: Microsoft
 CVE-2024-26234 (Proxy Driver Spoofing Vulnerability)
-	TODO: check
+	NOT-FOR-US: Microsoft
 CVE-2024-26233 (Windows DNS Server Remote Code Execution Vulnerability)
-	TODO: check
+	NOT-FOR-US: Microsoft
 CVE-2024-26232 (Microsoft Message Queuing (MSMQ) Remote Code Execution Vulnerability)
-	TODO: check
+	NOT-FOR-US: Microsoft
 CVE-2024-26231 (Windows DNS Server Remote Code Execution Vulnerability)
-	TODO: check
+	NOT-FOR-US: Microsoft
 CVE-2024-26230 (Windows Telephony Server Elevation of Privilege Vulnerability)
-	TODO: check
+	NOT-FOR-US: Microsoft
 CVE-2024-26229 (Windows CSC Service Elevation of Privilege Vulnerability)
-	TODO: check
+	NOT-FOR-US: Microsoft
 CVE-2024-26228 (Windows Cryptographic Services Security Feature Bypass Vulnerability)
-	TODO: check
+	NOT-FOR-US: Microsoft
 CVE-2024-26227 (Windows DNS Server Remote Code Execution Vulnerability)
-	TODO: check
+	NOT-FOR-US: Microsoft
 CVE-2024-26226 (Windows Distributed File System (DFS) Information Disclosure Vulnerabi ...)
-	TODO: check
+	NOT-FOR-US: Microsoft
 CVE-2024-26224 (Windows DNS Server Remote Code Execution Vulnerability)
-	TODO: check
+	NOT-FOR-US: Microsoft
 CVE-2024-26223 (Windows DNS Server Remote Code Execution Vulnerability)
-	TODO: check
+	NOT-FOR-US: Microsoft
 CVE-2024-26222 (Windows DNS Server Remote Code Execution Vulnerability)
-	TODO: check
+	NOT-FOR-US: Microsoft
 CVE-2024-26221 (Windows DNS Server Remote Code Execution Vulnerability)
-	TODO: check
+	NOT-FOR-US: Microsoft
 CVE-2024-26220 (Windows Mobile Hotspot Information Disclosure Vulnerability)
-	TODO: check
+	NOT-FOR-US: Microsoft
 CVE-2024-26219 (HTTP.sys Denial of Service Vulnerability)
-	TODO: check
+	NOT-FOR-US: Microsoft
 CVE-2024-26218 (Windows Kernel Elevation of Privilege Vulnerability)
-	TODO: check
+	NOT-FOR-US: Microsoft
 CVE-2024-26217 (Windows Remote Access Connection Manager Information Disclosure Vulner ...)
-	TODO: check
+	NOT-FOR-US: Microsoft
 CVE-2024-26216 (Windows File Server Resource Management Service Elevation of Privilege ...)
-	TODO: check
+	NOT-FOR-US: Microsoft
 CVE-2024-26215 (DHCP Server Service Denial of Service Vulnerability)
-	TODO: check
+	NOT-FOR-US: Microsoft
 CVE-2024-26214 (Microsoft WDAC SQL Server ODBC Driver Remote Code Execution Vulnerabil ...)
-	TODO: check
+	NOT-FOR-US: Microsoft
 CVE-2024-26213 (Microsoft Brokering File System Elevation of Privilege Vulnerability)
-	TODO: check
+	NOT-FOR-US: Microsoft
 CVE-2024-26212 (DHCP Server Service Denial of Service Vulnerability)
-	TODO: check
+	NOT-FOR-US: Microsoft
 CVE-2024-26211 (Windows Remote Access Connection Manager Elevation of Privilege Vulner ...)
-	TODO: check
+	NOT-FOR-US: Microsoft
 CVE-2024-26210 (Microsoft WDAC OLE DB Provider for SQL Server Remote Code Execution Vu ...)
-	TODO: check
+	NOT-FOR-US: Microsoft
 CVE-2024-26209 (Microsoft Local Security Authority Subsystem Service Information Discl ...)
-	TODO: check
+	NOT-FOR-US: Microsoft
 CVE-2024-26208 (Microsoft Message Queuing (MSMQ) Remote Code Execution Vulnerability)
-	TODO: check
+	NOT-FOR-US: Microsoft
 CVE-2024-26207 (Windows Remote Access Connection Manager Information Disclosure Vulner ...)
-	TODO: check
+	NOT-FOR-US: Microsoft
 CVE-2024-26205 (Windows Routing and Remote Access Service (RRAS) Remote Code Execution ...)
-	TODO: check
+	NOT-FOR-US: Microsoft
 CVE-2024-26202 (DHCP Server Service Remote Code Execution Vulnerability)
-	TODO: check
+	NOT-FOR-US: Microsoft
 CVE-2024-26200 (Windows Routing and Remote Access Service (RRAS) Remote Code Execution ...)
-	TODO: check
+	NOT-FOR-US: Microsoft
 CVE-2024-26195 (DHCP Server Service Remote Code Execution Vulnerability)
-	TODO: check
+	NOT-FOR-US: Microsoft
 CVE-2024-26194 (Secure Boot Security Feature Bypass Vulnerability)
-	TODO: check
+	NOT-FOR-US: Microsoft
 CVE-2024-26193 (Azure Migrate Remote Code Execution Vulnerability)
-	TODO: check
+	NOT-FOR-US: Microsoft
 CVE-2024-26189 (Secure Boot Security Feature Bypass Vulnerability)
-	TODO: check
+	NOT-FOR-US: Microsoft
 CVE-2024-26183 (Windows Kerberos Denial of Service Vulnerability)
-	TODO: check
+	NOT-FOR-US: Microsoft
 CVE-2024-26180 (Secure Boot Security Feature Bypass Vulnerability)
-	TODO: check
+	NOT-FOR-US: Microsoft
 CVE-2024-26179 (Windows Routing and Remote Access Service (RRAS) Remote Code Execution ...)
-	TODO: check
+	NOT-FOR-US: Microsoft
 CVE-2024-26175 (Secure Boot Security Feature Bypass Vulnerability)
-	TODO: check
+	NOT-FOR-US: Microsoft
 CVE-2024-26172 (Windows DWM Core Library Information Disclosure  Vulnerability)
-	TODO: check
+	NOT-FOR-US: Microsoft
 CVE-2024-26171 (Secure Boot Security Feature Bypass Vulnerability)
-	TODO: check
+	NOT-FOR-US: Microsoft
 CVE-2024-26168 (Secure Boot Security Feature Bypass Vulnerability)
-	TODO: check
+	NOT-FOR-US: Microsoft
 CVE-2024-26158 (Microsoft Install Service Elevation of Privilege Vulnerability)
-	TODO: check
+	NOT-FOR-US: Microsoft
 CVE-2024-25116 (RedisBloom adds a set of probabilistic data structures to Redis. Start ...)
 	TODO: check
 CVE-2024-25115 (RedisBloom adds a set of probabilistic data structures to Redis. Start ...)
@@ -828,7 +828,7 @@ CVE-2024-27631 (Cross Site Request Forgery vulnerability in GNU Savane v.3.12 an
 CVE-2024-27630 (Insecure Direct Object Reference (IDOR) in GNU Savane v.3.12 and befor ...)
 	TODO: check
 CVE-2024-25646 (Due to improper validation,SAP BusinessObject Business Intelligence La ...)
-	TODO: check
+	NOT-FOR-US: SAP
 CVE-2024-23584 (The NMAP Importer service may expose data store credentials to authori ...)
 	TODO: check
 CVE-2024-23084 (Apfloat v1.10.1 was discovered to contain an ArrayIndexOutOfBoundsExce ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/0f4c25ce809180184ea5ec6fe9df208764f80c32

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/0f4c25ce809180184ea5ec6fe9df208764f80c32
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20240409/5f2a55ae/attachment-0001.htm>


More information about the debian-security-tracker-commits mailing list