[Git][security-tracker-team/security-tracker][master] NFUs

Moritz Muehlenhoff (@jmm) jmm at debian.org
Fri Jun 14 10:20:00 BST 2024 


Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker


Commits:
c91b9b5d by Moritz Muehlenhoff at 2024-06-14T11:19:42+02:00
NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,141 +1,141 @@
 CVE-2024-5995 (The notification emails sent by Soar Cloud HR Portal contain a link wi ...)
-	TODO: check
+	NOT-FOR-US: Soar Cloud
 CVE-2024-5994 (The WP Go Maps (formerly WP Google Maps) plugin for WordPress is vulne ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2024-5985 (A vulnerability classified as critical has been found in SourceCodeste ...)
-	TODO: check
+	NOT-FOR-US: SourceCodester
 CVE-2024-5984 (A vulnerability was found in itsourcecode Online Bookstore 1.0. It has ...)
-	TODO: check
+	NOT-FOR-US: itsourcecode Online Bookstore
 CVE-2024-5983 (A vulnerability was found in itsourcecode Online Bookstore 1.0. It has ...)
-	TODO: check
+	NOT-FOR-US: itsourcecode Online Bookstore
 CVE-2024-5981 (A vulnerability was found in itsourcecode Online House Rental System 1 ...)
-	TODO: check
+	NOT-FOR-US: itsourcecode Online Bookstore
 CVE-2024-5976 (A vulnerability was found in SourceCodester Employee and Visitor Gate  ...)
-	TODO: check
+	NOT-FOR-US: SourceCodester
 CVE-2024-5961 (Improper neutralization of input during web page generation vulnerabil ...)
-	TODO: check
+	NOT-FOR-US: 2ClickPortal
 CVE-2024-5577 (The Where I Was, Where I Will Be plugin for WordPress is vulnerable to ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2024-5551 (The WP STAGING Pro WordPress Backup Plugin plugin for WordPress is vul ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2024-5465 (Function vulnerabilities in the Calendar module Impact: Successful exp ...)
-	TODO: check
+	NOT-FOR-US: Huawei
 CVE-2024-5464 (Vulnerability of insufficient permission verification in the NearLink  ...)
-	TODO: check
+	NOT-FOR-US: Huawei
 CVE-2024-5155 (The Inquiry cart WordPress plugin through 3.4.2 does not have CSRF che ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2024-4936 (The Canto plugin for WordPress is vulnerable to Remote File Inclusion  ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2024-4751 (The WP Prayer II WordPress plugin through 2.4.7 does not have CSRF che ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2024-4480 (The WP Prayer II WordPress plugin through 2.4.7 does not have CSRF che ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2024-4404 (The ElementsKit PRO plugin for WordPress is vulnerable to Server-Side  ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2024-4271 (The SVGator  WordPress plugin through 1.2.6 does not sanitize SVG file ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2024-4270 (The SVGMagic WordPress plugin through 1.1 does not sanitize SVG file c ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2024-4005 (The Social Pixel WordPress plugin through 2.1 does not sanitise and es ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2024-3993 (The AZAN Plugin WordPress plugin through 0.6 does not have CSRF check  ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2024-3992 (The Amen WordPress plugin through 3.3.1 does not sanitise and escape s ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2024-3978 (The WordPress Jitsi Shortcode WordPress plugin through 0.1 does not va ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2024-3977 (The WordPress Jitsi Shortcode WordPress plugin through 0.1 does not sa ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2024-3972 (The Similarity WordPress plugin through 3.0 does not have CSRF check i ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2024-3971 (The Similarity WordPress plugin through 3.0 does not have CSRF check i ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2024-3966 (The Pray For Me WordPress plugin through 1.0.4 does not sanitise and e ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2024-3965 (The Pray For Me WordPress plugin through 1.0.4 does not have CSRF chec ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2024-3754 (The Alemha watermarker WordPress plugin through 1.3.1 does not sanitis ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2024-3498 (Attackers can then execute malicious files by enabling certain service ...)
-	TODO: check
+	NOT-FOR-US: Toshiba
 CVE-2024-3497 (Path traversal vulnerability in the web server of the Toshiba printer  ...)
-	TODO: check
+	NOT-FOR-US: Toshiba
 CVE-2024-3496 (Attackers can bypass the web login authentication process to gain acce ...)
-	TODO: check
+	NOT-FOR-US: Toshiba
 CVE-2024-3080 (Certain ASUS router models have authentication bypass vulnerability, a ...)
-	TODO: check
+	NOT-FOR-US: ASUS
 CVE-2024-3079 (Certain models of ASUS routers have buffer overflow vulnerabilities, a ...)
-	TODO: check
+	NOT-FOR-US: ASUS
 CVE-2024-36503 (Memory management vulnerability in the Gralloc module Impact: Successf ...)
-	TODO: check
+	NOT-FOR-US: Huawei
 CVE-2024-36502 (Out-of-bounds read vulnerability in the audio module Impact: Successfu ...)
-	TODO: check
+	NOT-FOR-US: Huawei
 CVE-2024-36501 (Memory management vulnerability in the boottime module Impact: Success ...)
-	TODO: check
+	NOT-FOR-US: Huawei
 CVE-2024-36500 (Privilege escalation vulnerability in the AMS module Impact: Successfu ...)
-	TODO: check
+	NOT-FOR-US: Huawei
 CVE-2024-36499 (Vulnerability of unauthorized screenshot capturing in the WMS module I ...)
-	TODO: check
+	NOT-FOR-US: Huawei
 CVE-2024-33253 (Cross-site scripting (XSS) vulnerability in GUnet OpenEclass E-learnin ...)
-	TODO: check
+	NOT-FOR-US: GUnet OpenEclass E-learning Platform
 CVE-2024-32930 (In plugin_ipc_handler of slc_plugin.c, there is a possible information ...)
-	TODO: check
+	NOT-FOR-US: Android
 CVE-2024-32929 (In gpu_slc_get_region of pixel_gpu_slc.c, there is a possible EoP due  ...)
-	TODO: check
+	NOT-FOR-US: Android
 CVE-2024-32926 (there is a possible information disclosure due to side channel informa ...)
-	TODO: check
+	NOT-FOR-US: Android
 CVE-2024-32925 (In dhd_prot_txstatus_process of dhd_msgbuf.c, there is a possible out  ...)
-	TODO: check
+	NOT-FOR-US: Android
 CVE-2024-32924 (In DeregAcceptProcINT of cn_NrmmStateDeregInit.cpp, there is a possibl ...)
-	TODO: check
+	NOT-FOR-US: Android
 CVE-2024-32923 (there is a possible cellular denial of service due to a logic error in ...)
-	TODO: check
+	NOT-FOR-US: Android
 CVE-2024-32922 (In gpu_pm_power_on_top_nolock of pixel_gpu_power.c, there is a possibl ...)
-	TODO: check
+	NOT-FOR-US: Android
 CVE-2024-32921 (In lwis_initialize_transaction_fences of lwis_fence.c, there is a poss ...)
-	TODO: check
+	NOT-FOR-US: Android
 CVE-2024-32920 (In set_secure_reg of sac_handler.c, there is a possible out of bounds  ...)
-	TODO: check
+	NOT-FOR-US: Android
 CVE-2024-32919 (In lwis_add_completion_fence of lwis_fence.c, there is a possible esca ...)
-	TODO: check
+	NOT-FOR-US: Android
 CVE-2024-32918 (Permission Bypass allowing attackers  to disable HDCP 2.2 encryption b ...)
-	TODO: check
+	NOT-FOR-US: Android
 CVE-2024-32917 (In pl330_dma_from_peri_start() of fp_spi_dma.c, there is a possible ou ...)
-	TODO: check
+	NOT-FOR-US: Android
 CVE-2024-32916 (In fvp_freq_histogram_init of fvp.c, there is a possible Information D ...)
-	TODO: check
+	NOT-FOR-US: Android
 CVE-2024-32915 (In CellInfoListParserV2::FillCellInfo() of protocolnetadapter.cpp, the ...)
-	TODO: check
+	NOT-FOR-US: Android
 CVE-2024-32914 (In tpu_get_int_state of tpu.c, there is a possible information disclos ...)
-	TODO: check
+	NOT-FOR-US: Android
 CVE-2024-32913 (In wl_notify_rx_mgmt_frame of wl_cfg80211.c, there is a possible out o ...)
-	TODO: check
+	NOT-FOR-US: Android
 CVE-2024-32912 (there is a possible persistent Denial of Service due to test/debugging ...)
-	TODO: check
+	NOT-FOR-US: Android
 CVE-2024-32911 (There is a possible escalation of privilege due to improperly used cry ...)
-	TODO: check
+	NOT-FOR-US: Android
 CVE-2024-32910 (In handle_msg_shm_map_req of trusty/user/base/lib/spi/srv/tipc/tipc.c, ...)
-	TODO: check
+	NOT-FOR-US: Android
 CVE-2024-32909 (In handle_msg of main.cpp, there is a possible out of bounds write due ...)
-	TODO: check
+	NOT-FOR-US: Android
 CVE-2024-32908 (In sec_media_protect of media.c, there is a possible permission bypass ...)
-	TODO: check
+	NOT-FOR-US: Android
 CVE-2024-32907 (In memcall_add of memlog.c, there is a possible buffer overflow due to ...)
-	TODO: check
+	NOT-FOR-US: Android
 CVE-2024-32906 (In AcvpOnMessage of avcp.cpp, there is a possible EOP due to uninitial ...)
-	TODO: check
+	NOT-FOR-US: Android
 CVE-2024-32905 (In circ_read of link_device_memory_legacy.c, there is a possible out o ...)
-	TODO: check
+	NOT-FOR-US: Android
 CVE-2024-32904 (In ProtocolVsimOperationAdapter() of protocolvsimadapter.cpp, there is ...)
-	TODO: check
+	NOT-FOR-US: Android
 CVE-2024-32903 (In prepare_response_locked of lwis_transaction.c, there is a possible  ...)
-	TODO: check
+	NOT-FOR-US: Android
 CVE-2024-32902 (Remote prevention of access to cellular service with no user interacti ...)
-	TODO: check
+	NOT-FOR-US: Android
 CVE-2024-32901 (In v4l2_smfc_qbuf of smfc-v4l2-ioctls.c, there is a possible out of bo ...)
-	TODO: check
+	NOT-FOR-US: Android
 CVE-2024-32900 (In lwis_fence_signal of lwis_debug.c, there is a possible Use after Fr ...)
-	TODO: check
+	NOT-FOR-US: Android
 CVE-2024-32899 (In gpu_pm_power_off_top_nolock of pixel_gpu_power.c, there is a possib ...)
 	TODO: check
 CVE-2024-32898 (In ProtocolCellIdentityParserV4::Parse() of protocolnetadapter.cpp, th ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/c91b9b5d8b451812e25e5ece9ef60e9b170b4143

-- 
This project does not include diff previews in email notifications.
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/c91b9b5d8b451812e25e5ece9ef60e9b170b4143
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20240614/75ec8be0/attachment.htm>

More information about the debian-security-tracker-commits mailing list