[Git][security-tracker-team/security-tracker][master] NFUs
Moritz Muehlenhoff (@jmm)
jmm at debian.org
Fri Jun 14 15:21:30 BST 2024
Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker
Commits:
41913c31 by Moritz Muehlenhoff at 2024-06-14T16:15:40+02:00
NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -137,187 +137,187 @@ CVE-2024-32901 (In v4l2_smfc_qbuf of smfc-v4l2-ioctls.c, there is a possible out
CVE-2024-32900 (In lwis_fence_signal of lwis_debug.c, there is a possible Use after Fr ...)
NOT-FOR-US: Android
CVE-2024-32899 (In gpu_pm_power_off_top_nolock of pixel_gpu_power.c, there is a possib ...)
- TODO: check
+ NOT-FOR-US: Android
CVE-2024-32898 (In ProtocolCellIdentityParserV4::Parse() of protocolnetadapter.cpp, th ...)
- TODO: check
+ NOT-FOR-US: Android
CVE-2024-32897 (In ProtocolCdmaCallWaitingIndAdapter::GetCwInfo() of protocolsmsadapte ...)
- TODO: check
+ NOT-FOR-US: Android
CVE-2024-32896 (there is a possible way to bypass due to a logic error in the code. T ...)
- TODO: check
+ NOT-FOR-US: Android
CVE-2024-32895 (In BCMFASTPATH of dhd_msgbuf.c, there is a possible out of bounds writ ...)
- TODO: check
+ NOT-FOR-US: Android
CVE-2024-32894 (In bc_get_converted_received_bearer of bc_utilities.c, there is a poss ...)
- TODO: check
+ NOT-FOR-US: Android
CVE-2024-32893 (In _s5e9865_mif_set_rate of exynos_dvfs.c, there is a possible out of ...)
- TODO: check
+ NOT-FOR-US: Android
CVE-2024-32892 (In handle_init of goodix/main/main.c, there is a possible memory corru ...)
- TODO: check
+ NOT-FOR-US: Android
CVE-2024-32891 (In sec_media_unprotect of media.c, there is a possible memory corrupti ...)
- TODO: check
+ NOT-FOR-US: Android
CVE-2024-31777 (File Upload vulnerability in openeclass v.3.15 and before allows an at ...)
- TODO: check
+ NOT-FOR-US: openeclass
CVE-2024-31163 (ASUS Download Master has a buffer overflow vulnerability. An unauthent ...)
- TODO: check
+ NOT-FOR-US: ASUS
CVE-2024-31162 (The specific function parameter of ASUS Download Master does not prope ...)
- TODO: check
+ NOT-FOR-US: ASUS
CVE-2024-31161 (The upload functionality of ASUS Download Master does not properly fil ...)
- TODO: check
+ NOT-FOR-US: ASUS
CVE-2024-31160 (The parameter used in the certain page of ASUS Download Master is not ...)
- TODO: check
+ NOT-FOR-US: ASUS
CVE-2024-31159 (The parameter used in the certain page of ASUS Download Master is not ...)
- TODO: check
+ NOT-FOR-US: ASUS
CVE-2024-2218 (The LuckyWP Table of Contents WordPress plugin through 2.1.4 does not ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-2122 (The Best WordPress Gallery Plugin \u2013 FooGallery plugin for WordPre ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-29787 (In lwis_process_transactions_in_queue of lwis_transaction.c, there is ...)
- TODO: check
+ NOT-FOR-US: Android
CVE-2024-29786 (In pktproc_fill_data_addr_without_bm of link_rx_pktproc.c, there is a ...)
- TODO: check
+ NOT-FOR-US: Android
CVE-2024-29785 (In aur_get_state of aurora.c, there is a possible information disclosu ...)
- TODO: check
+ NOT-FOR-US: Android
CVE-2024-29784 (In prepare_response of lwis_periodic_io.c, there is a possible out of ...)
- TODO: check
+ NOT-FOR-US: Android
CVE-2024-29781 (In ss_AnalyzeOssReturnResUssdArgIe of ss_OssAsnManagement.c, there is ...)
- TODO: check
+ NOT-FOR-US: Android
CVE-2024-29780 (In hwbcc_ns_deprivilege of trusty/user/base/lib/hwbcc/client/hwbcc.c, ...)
- TODO: check
+ NOT-FOR-US: Android
CVE-2024-29778 (In ProtocolPsDedicatedBearInfoAdapter::processQosSession of protocolps ...)
- TODO: check
+ NOT-FOR-US: Android
CVE-2024-27180 (An attacker with admin access can install rogue applications. As for t ...)
- TODO: check
+ NOT-FOR-US: Toshiba
CVE-2024-27179 (Admin cookies are written in clear-text in logs. An attacker can retri ...)
- TODO: check
+ NOT-FOR-US: Toshiba
CVE-2024-27178 (An attacker can get Remote Code Execution by overwriting files. Overw ...)
- TODO: check
+ NOT-FOR-US: Toshiba
CVE-2024-27177 (An attacker can get Remote Code Execution by overwriting files. Overw ...)
- TODO: check
+ NOT-FOR-US: Toshiba
CVE-2024-27176 (An attacker can get Remote Code Execution by overwriting files. Overwr ...)
- TODO: check
+ NOT-FOR-US: Toshiba
CVE-2024-27175 (Remote Command program allows an attacker to read any file using a Loc ...)
- TODO: check
+ NOT-FOR-US: Toshiba
CVE-2024-27174 (Remote Command program allows an attacker to get Remote Code Execution ...)
- TODO: check
+ NOT-FOR-US: Toshiba
CVE-2024-27173 (Remote Command program allows an attacker to get Remote Code Execution ...)
- TODO: check
+ NOT-FOR-US: Toshiba
CVE-2024-27172 (Remote Command program allows an attacker to get Remote Code Execution ...)
- TODO: check
+ NOT-FOR-US: Toshiba
CVE-2024-27171 (A remote attacker using the insecure upload functionality will be able ...)
- TODO: check
+ NOT-FOR-US: Toshiba
CVE-2024-27170 (It was observed that all the Toshiba printers contain credentials used ...)
- TODO: check
+ NOT-FOR-US: Toshiba
CVE-2024-27169 (Toshiba printers provides API without authentication for internal acce ...)
- TODO: check
+ NOT-FOR-US: Toshiba
CVE-2024-27168 (It appears that some hardcoded keys are used for authentication to int ...)
- TODO: check
+ NOT-FOR-US: Toshiba
CVE-2024-27167 (Toshiba printers use Sendmail to send emails to recipients. Sendmail i ...)
- TODO: check
+ NOT-FOR-US: Toshiba
CVE-2024-27166 (Coredump binaries in Toshiba printers have incorrect permissions. A lo ...)
- TODO: check
+ NOT-FOR-US: Toshiba
CVE-2024-27165 (Toshiba printers contain a suidperl binary and it has a Local Privileg ...)
- TODO: check
+ NOT-FOR-US: Toshiba
CVE-2024-27164 (Toshiba printers contain hardcoded credentials. As for the affected pr ...)
- TODO: check
+ NOT-FOR-US: Toshiba
CVE-2024-27163 (Toshiba printers will display the password of the admin user in clear- ...)
- TODO: check
+ NOT-FOR-US: Toshiba
CVE-2024-27162 (Toshiba printers provide a web interface that will load the JavaScript ...)
- TODO: check
+ NOT-FOR-US: Toshiba
CVE-2024-27161 (all the Toshiba printers have programs containing a hardcoded key used ...)
- TODO: check
+ NOT-FOR-US: Toshiba
CVE-2024-27160 (All the Toshiba printers contain a shell script using the same hardcod ...)
- TODO: check
+ NOT-FOR-US: Toshiba
CVE-2024-27159 (All the Toshiba printers contain a shell script using the same hardcod ...)
- TODO: check
+ NOT-FOR-US: Toshiba
CVE-2024-27158 (All the Toshiba printers share the same hardcoded root password. As fo ...)
- TODO: check
+ NOT-FOR-US: Toshiba
CVE-2024-27157 (The sessions are stored in clear-text logs. An attacker can retrieve a ...)
- TODO: check
+ NOT-FOR-US: Toshiba
CVE-2024-27156 (The session cookies, used for authentication, are stored in clear-text ...)
- TODO: check
+ NOT-FOR-US: Toshiba
CVE-2024-27155 (The Toshiba printers are vulnerable to a Local Privilege Escalation vu ...)
- TODO: check
+ NOT-FOR-US: Toshiba
CVE-2024-27154 (Passwords are stored in clear-text logs. An attacker can retrieve pass ...)
- TODO: check
+ NOT-FOR-US: Toshiba
CVE-2024-27153 (The Toshiba printers are vulnerable to a Local Privilege Escalation vu ...)
- TODO: check
+ NOT-FOR-US: Toshiba
CVE-2024-27152 (The Toshiba printers are vulnerable to a Local Privilege Escalation vu ...)
- TODO: check
+ NOT-FOR-US: Toshiba
CVE-2024-27151 (The Toshiba printers are vulnerable to a Local Privilege Escalation vu ...)
- TODO: check
+ NOT-FOR-US: Toshiba
CVE-2024-27150 (The Toshiba printers are vulnerable to a Local Privilege Escalation vu ...)
- TODO: check
+ NOT-FOR-US: Toshiba
CVE-2024-27149 (The Toshiba printers are vulnerable to a Local Privilege Escalation vu ...)
- TODO: check
+ NOT-FOR-US: Toshiba
CVE-2024-27148 (The Toshiba printers are vulnerable to a Local Privilege Escalation vu ...)
- TODO: check
+ NOT-FOR-US: Toshiba
CVE-2024-27147 (The Toshiba printers are vulnerable to a Local Privilege Escalation vu ...)
- TODO: check
+ NOT-FOR-US: Toshiba
CVE-2024-27146 (The Toshiba printers do not implement privileges separation. As for th ...)
- TODO: check
+ NOT-FOR-US: Toshiba
CVE-2024-27145 (The Toshiba printers provide several ways to upload files using the ad ...)
- TODO: check
+ NOT-FOR-US: Toshiba
CVE-2024-27144 (The Toshiba printers provide several ways to upload files using the we ...)
- TODO: check
+ NOT-FOR-US: Toshiba
CVE-2024-27143 (Toshiba printers use SNMP for configuration. Using the private communi ...)
- TODO: check
+ NOT-FOR-US: Toshiba
CVE-2024-27142 (Toshiba printers use XML communication for the API endpoint provided b ...)
- TODO: check
+ NOT-FOR-US: Toshiba
CVE-2024-27141 (Toshiba printers use XML communication for the API endpoint provided b ...)
- TODO: check
+ NOT-FOR-US: Toshiba
CVE-2024-23504 (Missing Authorization vulnerability in WPManageNinja LLC Ninja Tables. ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-1295 (The events-calendar-pro WordPress plugin before 6.4.0.1, The Events Ca ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-1094 (The Timetics- AI-powered Appointment Booking with Visual Seat Plan and ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-0892 (The Schema App Structured Data plugin for WordPress is vulnerable to C ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-0103 (NVIDIA Triton Inference Server for Linux contains a vulnerability wher ...)
- TODO: check
+ NOT-FOR-US: NVIDIA
CVE-2024-0099 (NVIDIA vGPU software for Linux contains a vulnerability in the Virtual ...)
- TODO: check
+ NOT-FOR-US: NVIDIA
CVE-2024-0095 (NVIDIA Triton Inference Server for Linux and Windows contains a vulner ...)
- TODO: check
+ NOT-FOR-US: NVIDIA
CVE-2024-0094 (NVIDIA vGPU software for Linux contains a vulnerability in the Virtual ...)
- TODO: check
+ NOT-FOR-US: NVIDIA (vGPU not packaged in Debian)
CVE-2024-0093 (NVIDIA GPU software for Linux contains a vulnerability where it can ex ...)
TODO: check
CVE-2024-0089 (NVIDIA GPU Display Driver for Windows contains a vulnerability where t ...)
- TODO: check
+ NOT-FOR-US: NVIDIA
CVE-2024-0086 (NVIDIA vGPU software for Linux contains a vulnerability where the soft ...)
- TODO: check
+ NOT-FOR-US: NVIDIA (vGPU not packaged in Debian)
CVE-2024-0085 (NVIDIA vGPU software for Windows and Linux contains a vulnerability wh ...)
- TODO: check
+ NOT-FOR-US: NVIDIA (vGPU not packaged in Debian)
CVE-2024-0084 (NVIDIA vGPU software for Linux contains a vulnerability in the Virtual ...)
- TODO: check
+ NOT-FOR-US: NVIDIA (vGPU not packaged in Debian)
CVE-2023-6492 (The Simple Sitemap \u2013 Create a Responsive HTML Sitemap plugin for ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-51523 (Missing Authorization vulnerability in WriterSystem WooCommerce Easy D ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-51516 (Missing Authorization vulnerability in Business Directory Team Busines ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-51507 (Missing Authorization vulnerability in ExpressTech Quiz And Survey Mas ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-51497 (Missing Authorization vulnerability in Woo WooCommerce Ship to Multipl ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-51496 (Missing Authorization vulnerability in Woo WooCommerce Warranty Reques ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-51495 (Missing Authorization vulnerability in Woo WooCommerce Warranty Reques ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-51377 (Missing Authorization vulnerability in WPEverest Everest Forms.This is ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-37394 (Missing Authorization vulnerability in Deepak anand WP Dummy Content G ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-36695 (Missing Authorization vulnerability in Maxime Schoeni Sublanguage.This ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-36694 (Missing Authorization vulnerability in Bryan Lee Kingkong Board.This i ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-36504 (Missing Authorization vulnerability in BBS e-Theme BBS e-Popup.This is ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-35045 (Missing Authorization vulnerability in Fat Rat Fat Rat Collect.This is ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-35040 (Missing Authorization vulnerability in SendPress SendPress Newsletters ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-25142
- airflow <itp> (bug #819700)
CVE-2024-5952 (Deep Sea Electronics DSE855 Restart Missing Authentication Denial-of-S ...)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/41913c31397b1e2521e8e5fb85d2e0142125483b
--
This project does not include diff previews in email notifications.
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/41913c31397b1e2521e8e5fb85d2e0142125483b
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20240614/9eaacf0b/attachment.htm>
More information about the debian-security-tracker-commits
mailing list