[Git][security-tracker-team/security-tracker][master] NFUs

Moritz Muehlenhoff (@jmm) jmm at debian.org
Wed Aug 7 09:42:55 BST 2024 


Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker


Commits:
e786f5af by Moritz Muehlenhoff at 2024-08-07T10:42:27+02:00
NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,93 +1,93 @@
 CVE-2024-6494 (The WordPress File Upload WordPress plugin before 4.24.8 does not prop ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2024-42219 (1Password 8 before 8.10.36 for macOS allows local attackers to exfiltr ...)
-	TODO: check
+	NOT-FOR-US: 1Password
 CVE-2024-42218 (1Password 8 before 8.10.38 for macOS allows local attackers to exfiltr ...)
-	TODO: check
+	NOT-FOR-US: 1Password
 CVE-2024-41270 (An issue discovered in the RunHTTPServer function in Gorush v1.18.4 al ...)
-	TODO: check
+	NOT-FOR-US: Gorush
 CVE-2024-3973 (The House Manager  WordPress plugin through 1.0.8.4 does not sanitise  ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2024-38206 (An authenticated attacker can bypass Server-Side Request Forgery (SSRF ...)
-	TODO: check
+	NOT-FOR-US: Microsoft
 CVE-2024-38166 (An unauthenticated attacker can exploit improper neutralization of inp ...)
-	TODO: check
+	NOT-FOR-US: Microsoft
 CVE-2024-37403 (Ivanti Docs at Work for Android, before 2.26.0 is affected by the 'Dirty  ...)
-	TODO: check
+	NOT-FOR-US: Ivanti
 CVE-2024-36132 (Insufficient verification of authentication controls in EPMM prior to  ...)
-	TODO: check
+	NOT-FOR-US: Ivanti
 CVE-2024-36131 (An insecure deserialization vulnerability in web component of EPMM pri ...)
-	TODO: check
+	NOT-FOR-US: Ivanti
 CVE-2024-36130 (An insufficient authorization vulnerability in web component of EPMM p ...)
-	TODO: check
+	NOT-FOR-US: Ivanti
 CVE-2024-34788 (An improper authentication vulnerability in web component of EPMM prio ...)
-	TODO: check
+	NOT-FOR-US: Ivanti
 CVE-2024-34636 (Use of implicit intent for sensitive communication in Samsung Email pr ...)
-	TODO: check
+	NOT-FOR-US: Samsung
 CVE-2024-34635 (Out-of-bounds read in parsing textbox object in Samsung Notes prior to ...)
-	TODO: check
+	NOT-FOR-US: Samsung
 CVE-2024-34634 (Out-of-bounds read in parsing connected object list in Samsung Notes p ...)
-	TODO: check
+	NOT-FOR-US: Samsung
 CVE-2024-34633 (Out-of-bounds read in parsing object header in Samsung Notes prior to  ...)
-	TODO: check
+	NOT-FOR-US: Samsung
 CVE-2024-34632 (Out-of-bounds read in uuid parsing in Samsung Notes prior to version 4 ...)
-	TODO: check
+	NOT-FOR-US: Samsung
 CVE-2024-34631 (Out-of-bounds read in applying new binary in Samsung Notes prior to ve ...)
-	TODO: check
+	NOT-FOR-US: Samsung
 CVE-2024-34630 (Out-of-bounds read in applying own binary with textbox in Samsung Note ...)
-	TODO: check
+	NOT-FOR-US: Samsung
 CVE-2024-34629 (Out-of-bounds read in applying binary with text common object in Samsu ...)
-	TODO: check
+	NOT-FOR-US: Samsung
 CVE-2024-34628 (Out-of-bounds read in applying binary with path in Samsung Notes prior ...)
-	TODO: check
+	NOT-FOR-US: Samsung
 CVE-2024-34627 (Out-of-bounds read in parsing implemention in Samsung Notes prior to v ...)
-	TODO: check
+	NOT-FOR-US: Samsung
 CVE-2024-34626 (Out-of-bounds read in applying own binary in Samsung Notes prior to ve ...)
-	TODO: check
+	NOT-FOR-US: Samsung
 CVE-2024-34625 (Out-of-bounds read in applying connection point in Samsung Notes prior ...)
-	TODO: check
+	NOT-FOR-US: Samsung
 CVE-2024-34624 (Out-of-bounds read in applying paragraphs in Samsung Notes prior to ve ...)
-	TODO: check
+	NOT-FOR-US: Samsung
 CVE-2024-34623 (Out-of-bounds write in applying connected information in Samsung Notes ...)
-	TODO: check
+	NOT-FOR-US: Samsung
 CVE-2024-34622 (Out-of-bounds write in appending paragraph in Samsung Notes prior to v ...)
-	TODO: check
+	NOT-FOR-US: Samsung
 CVE-2024-34621 (Out-of-bounds read in applying binary with data in Samsung Notes prior ...)
-	TODO: check
+	NOT-FOR-US: Samsung
 CVE-2024-34620 (Improper privilege management in SumeNNService prior to SMR Aug-2024 R ...)
-	TODO: check
+	NOT-FOR-US: Samsung
 CVE-2024-34619 (Improper input validation in librtp.so prior to SMR Aug-2024 Release 1 ...)
-	TODO: check
+	NOT-FOR-US: Samsung
 CVE-2024-34618 (Improper access control in System property prior to SMR Aug-2024 Relea ...)
-	TODO: check
+	NOT-FOR-US: Samsung
 CVE-2024-34617 (Improper handling of insufficient permission in Telephony prior to SMR ...)
-	TODO: check
+	NOT-FOR-US: Samsung
 CVE-2024-34616 (Improper handling of insufficient permission in KnoxDualDARPolicy prio ...)
-	TODO: check
+	NOT-FOR-US: Samsung
 CVE-2024-34615 (Out-of-bound write in libsmat.so prior to SMR Aug-2024 Release 1 allow ...)
-	TODO: check
+	NOT-FOR-US: Samsung
 CVE-2024-34614 (Out-of-bound write in libsmat.so prior to SMR Aug-2024 Release 1 allow ...)
-	TODO: check
+	NOT-FOR-US: Samsung
 CVE-2024-34613 (Improper access control in Galaxy Watch prior to SMR Aug-2024 Release  ...)
-	TODO: check
+	NOT-FOR-US: Samsung
 CVE-2024-34612 (Out-of-bound write in libcodec2secmp4vdec.so prior to SMR Aug-2024 Rel ...)
-	TODO: check
+	NOT-FOR-US: Samsung
 CVE-2024-34611 (Improper access control in KnoxService prior to SMR Aug-2024 Release 1 ...)
-	TODO: check
+	NOT-FOR-US: Samsung
 CVE-2024-34610 (Improper access control in ExtControlDeviceService prior to SMR Aug-20 ...)
-	TODO: check
+	NOT-FOR-US: Samsung
 CVE-2024-34609 (Improper access control in VoiceNoteService prior to SMR Aug-2024 Rele ...)
-	TODO: check
+	NOT-FOR-US: Samsung
 CVE-2024-34608 (Improper access control in PaymentManagerService prior to SMR Aug-2024 ...)
-	TODO: check
+	NOT-FOR-US: Samsung
 CVE-2024-34607 (Improper access control in SamsungNotesService prior to SMR Aug-2024 R ...)
-	TODO: check
+	NOT-FOR-US: Samsung
 CVE-2024-34606 (Improper access control in SmartThingsService prior to SMR Aug-2024 Re ...)
-	TODO: check
+	NOT-FOR-US: Samsung
 CVE-2024-34605 (Improper access control in SamsungHealthService prior to SMR Aug-2024  ...)
-	TODO: check
+	NOT-FOR-US: Samsung
 CVE-2024-34604 (Improper access control in LedCoverService prior to SMR Aug-2024 Relea ...)
-	TODO: check
+	NOT-FOR-US: Samsung
 CVE-2024-7564 (Logsign Unified SecOps Platform Directory Traversal Information Disclo ...)
 	NOT-FOR-US: Logsign Unified SecOps Platform
 CVE-2024-7552 (A vulnerability was found in DataGear up to 5.0.0. It has been declare ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/e786f5afb115d7908d3add808c48ab4a24127022

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/e786f5afb115d7908d3add808c48ab4a24127022
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20240807/1dcd3e4d/attachment-0001.htm>

More information about the debian-security-tracker-commits mailing list