[Git][security-tracker-team/security-tracker][master] Process some NFUs
Salvatore Bonaccorso (@carnil)
carnil at debian.org
Mon Mar 11 20:26:18 GMT 2024
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
4a497a2a by Salvatore Bonaccorso at 2024-03-11T21:25:41+01:00
Process some NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,163 +1,163 @@
CVE-2024-2370 (Unrestricted file upload vulnerability in ManageEngine Desktop Central ...)
- TODO: check
+ NOT-FOR-US: ManageEngine
CVE-2024-2357 (The Libreswan Project was notified of an issue causing libreswan to re ...)
TODO: check
CVE-2024-28198 (OpenOlat is an open source web-based e-learning platform for teaching, ...)
- TODO: check
+ NOT-FOR-US: OpenOlat
CVE-2024-28197 (Zitadel is an open source identity management system. Zitadel uses a c ...)
- TODO: check
+ NOT-FOR-US: Zitadel
CVE-2024-28187 (SOY CMS is an open source CMS (content management system) that allows ...)
- TODO: check
+ NOT-FOR-US: SOY CMS
CVE-2024-27237 (In wipe_ns_memory of nsmemwipe.c, there is a possible incorrect size c ...)
- TODO: check
+ NOT-FOR-US: Android
CVE-2024-27236 (In aoc_unlocked_ioctl of aoc.c, there is a possible memory corruption ...)
- TODO: check
+ NOT-FOR-US: Android
CVE-2024-27235 (In plugin_extern_func of TBD, there is a possible out of bounds read d ...)
- TODO: check
+ NOT-FOR-US: Android
CVE-2024-27234 (In fvp_set_target of fvp.c, there is a possible out of bounds read due ...)
- TODO: check
+ NOT-FOR-US: Android
CVE-2024-27233 (In ppcfw_init_secpolicy of ppcfw.c, there is a possible permission byp ...)
- TODO: check
+ NOT-FOR-US: Android
CVE-2024-27230 (In ProtocolPsKeepAliveStatusAdapter::getCode() of protocolpsadapter.cp ...)
- TODO: check
+ NOT-FOR-US: Android
CVE-2024-27229 (In ss_SendCallBarringPwdRequiredIndMsg of ss_CallBarring.c, there is a ...)
- TODO: check
+ NOT-FOR-US: Android
CVE-2024-27228 (In TBD of TBD, there is a possible out of bounds write due to a heap b ...)
- TODO: check
+ NOT-FOR-US: Android
CVE-2024-27227 (Android kernel allows Remote code execution.)
- TODO: check
+ NOT-FOR-US: Android
CVE-2024-27226 (In tmu_config_gov_params of TBD, there is a possible out of bounds wri ...)
- TODO: check
+ NOT-FOR-US: Android
CVE-2024-27225 (In sendHciCommand of bluetooth_hci.cc, there is a possible out of boun ...)
- TODO: check
+ NOT-FOR-US: Android
CVE-2024-27224 (In strncpy of strncpy.c, there is a possible out of bounds write due t ...)
- TODO: check
+ NOT-FOR-US: Android
CVE-2024-27223 (In EUTRAN_LCS_DecodeFacilityInformationElement of LPP_LcsManagement.c, ...)
- TODO: check
+ NOT-FOR-US: Android
CVE-2024-27222 (In onSkipButtonClick of FaceEnrollFoldPage.java, there is a possible w ...)
- TODO: check
+ NOT-FOR-US: Android
CVE-2024-27221 (In update_policy_data of TBD, there is a possible out of bounds write ...)
- TODO: check
+ NOT-FOR-US: Android
CVE-2024-27220 (In lpm_req_handler of TBD, there is a possible out of bounds memory ac ...)
- TODO: check
+ NOT-FOR-US: Android
CVE-2024-27219 (In tmu_set_pi of tmu.c, there is a possible out of bounds write due to ...)
- TODO: check
+ NOT-FOR-US: Android
CVE-2024-27218 (In update_freq_data of TBD, there is a possible out of bounds read due ...)
- TODO: check
+ NOT-FOR-US: Android
CVE-2024-27213 (In BroadcastSystemMessage of servicemgr.cpp, there is a possible Remot ...)
- TODO: check
+ NOT-FOR-US: Android
CVE-2024-27212 (In init_data of TBD, there is a possible out of bounds write due to a ...)
- TODO: check
+ NOT-FOR-US: Android
CVE-2024-27211 (In AtiHandleAPOMsgType of ati_Main.c, there is a possible OOB write du ...)
- TODO: check
+ NOT-FOR-US: Android
CVE-2024-27210 (In policy_check of fvp.c, there is a possible out of bounds write due ...)
- TODO: check
+ NOT-FOR-US: Android
CVE-2024-27209 (In TBD of TBD, there is a possible out of bounds write due to a heap b ...)
- TODO: check
+ NOT-FOR-US: Android
CVE-2024-27208 (In TBD of TBD, there is a possible out of bounds write due to a missin ...)
- TODO: check
+ NOT-FOR-US: Android
CVE-2024-27207 (Android kernel allows Elevation of privilege.)
- TODO: check
+ NOT-FOR-US: Android
CVE-2024-27206 (In tbd of tbd, there is a possible out of bounds read due to a missing ...)
- TODO: check
+ NOT-FOR-US: Android
CVE-2024-27205 (In tbd of tbd, there is a possible memory corruption due to a use afte ...)
- TODO: check
+ NOT-FOR-US: Android
CVE-2024-27204 (In tmu_set_gov_active of tmu.c, there is a possible out of bounds writ ...)
- TODO: check
+ NOT-FOR-US: Android
CVE-2024-25993 (In tmu_reset_tmu_trip_counter of TBD, there is a possible out of bound ...)
- TODO: check
+ NOT-FOR-US: Android
CVE-2024-25992 (In tmu_tz_control of tmu.c, there is a possible out of bounds read due ...)
- TODO: check
+ NOT-FOR-US: Android
CVE-2024-25991 (In acpm_tmu_ipc_handler of tmu_plugin.c, there is a possible out of bo ...)
- TODO: check
+ NOT-FOR-US: Android
CVE-2024-25990 (In pktproc_perftest_gen_rx_packet_sktbuf_mode of link_rx_pktproc.c, th ...)
- TODO: check
+ NOT-FOR-US: Android
CVE-2024-25989 (In gpu_slc_liveness_update of pixel_gpu_slc.c, there is a possible out ...)
- TODO: check
+ NOT-FOR-US: Android
CVE-2024-25988 (In SAEMM_DiscloseGuti of SAEMM_RadioMessageCodec.c, there is a possibl ...)
- TODO: check
+ NOT-FOR-US: Android
CVE-2024-25987 (In pt_sysctl_command of pt.c, there is a possible out of bounds write ...)
- TODO: check
+ NOT-FOR-US: Android
CVE-2024-25986 (In ppmp_unprotect_buf of drm_fw.c, there is a possible compromise of p ...)
- TODO: check
+ NOT-FOR-US: Android
CVE-2024-25985 (In bigo_unlocked_ioctl of bigo.c, there is a possible UAF due to a mis ...)
- TODO: check
+ NOT-FOR-US: Android
CVE-2024-25984 (In dumpBatteryDefend of dump_power.cpp, there is a possible out of bou ...)
- TODO: check
+ NOT-FOR-US: Android
CVE-2024-23717 (In access_secure_service_from_temp_bond of btm_sec.cc, there is a poss ...)
- TODO: check
+ NOT-FOR-US: Android
CVE-2024-23612 (An improper error handling vulnerability in LabVIEW may result in remo ...)
- TODO: check
+ NOT-FOR-US: LabVIEW
CVE-2024-23611 (An out of bounds write due to a missing bounds check in LabVIEW may re ...)
- TODO: check
+ NOT-FOR-US: LabVIEW
CVE-2024-23610 (An out of bounds write due to a missing bounds check in LabVIEW may re ...)
- TODO: check
+ NOT-FOR-US: LabVIEW
CVE-2024-23609 (An improper error handling vulnerability in LabVIEW may result in remo ...)
- TODO: check
+ NOT-FOR-US: LabVIEW
CVE-2024-23608 (An out of bounds write due to a missing bounds check in LabVIEW may re ...)
- TODO: check
+ NOT-FOR-US: LabVIEW
CVE-2024-22011 (In ss_ProcessRejectComponent of ss_MmConManagement.c, there is a possi ...)
- TODO: check
+ NOT-FOR-US: Android
CVE-2024-22010 (In dvfs_plugin_caller of fvp.c, there is a possible out of bounds read ...)
- TODO: check
+ NOT-FOR-US: Android
CVE-2024-22009 (In init_data of TBD, there is a possible out of bounds write due to a ...)
- TODO: check
+ NOT-FOR-US: Android
CVE-2024-22008 (In config_gov_time_windows of tmu.c, there is a possible out of bounds ...)
- TODO: check
+ NOT-FOR-US: Android
CVE-2024-22007 (In constraint_check of fvp.c, there is a possible out of bounds read d ...)
- TODO: check
+ NOT-FOR-US: Android
CVE-2024-22006 (Android kernel allows Information disclosure.)
- TODO: check
+ NOT-FOR-US: Android
CVE-2024-22005 (In TBD of TBD, there is a possible Authentication Bypass due to improp ...)
- TODO: check
+ NOT-FOR-US: Android
CVE-2024-1696 (In Santesoft Sante FFT Imaging versions 1.4.1 and prior once a user op ...)
- TODO: check
+ NOT-FOR-US: Santesoft Sante FFT Imaging
CVE-2024-1487 (The Photos and Files Contest Gallery WordPress plugin before 21.3.1 do ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-1441 (An off-by-one error flaw was found in the udevListInterfacesByStatus() ...)
TODO: check
CVE-2024-1373
REJECTED
CVE-2024-1290 (The User Registration WordPress plugin before 2.12 does not prevent us ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-1279 (The Paid Memberships Pro WordPress plugin before 2.12.9 does not preve ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-1273 (The Starbox WordPress plugin before 3.5.0 does not sanitise and escape ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-1068 (The 404 Solution WordPress plugin before 2.35.8 does not properly sani ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-0670 (Privilege escalation in windows agent plugin in Checkmk before 2.2.0p2 ...)
TODO: check
CVE-2024-0561 (The Ultimate Posts Widget WordPress plugin before 2.3.1 does not valid ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-0559 (The Enhanced Text Widget WordPress plugin before 1.6.6 does not valida ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-0053 (In getCustomPrinterIcon of PrintManagerService.java, there is a possib ...)
- TODO: check
+ NOT-FOR-US: Android
CVE-2024-0052 (In multiple functions of healthconnect, there is a possible leakage of ...)
- TODO: check
+ NOT-FOR-US: Android
CVE-2024-0051 (In onQueueFilled of SoftMPEG4.cpp, there is a possible out of bounds w ...)
- TODO: check
+ NOT-FOR-US: Android
CVE-2024-0050 (In getConfig of SoftVideoDecoderOMXComponent.cpp, there is a possible ...)
- TODO: check
+ NOT-FOR-US: Android
CVE-2024-0049 (In multiple locations, there is a possible out of bounds write due to ...)
- TODO: check
+ NOT-FOR-US: Android
CVE-2024-0048 (In Session of AccountManagerService.java, there is a possible method t ...)
- TODO: check
+ NOT-FOR-US: Android
CVE-2024-0047 (In writeUserLP of UserManagerService.java, device policies are seriali ...)
- TODO: check
+ NOT-FOR-US: Android
CVE-2024-0046 (In installExistingPackageAsUser of InstallPackageHelper.java, there is ...)
- TODO: check
+ NOT-FOR-US: Android
CVE-2024-0045 (In smp_proc_sec_req of smp_act.cc, there is a possible out of bounds r ...)
- TODO: check
+ NOT-FOR-US: Android
CVE-2024-0044 (In createSessionInternal of PackageInstallerService.java, there is a p ...)
- TODO: check
+ NOT-FOR-US: Android
CVE-2024-0039 (In attp_build_value_cmd of att_protocol.cc, there is a possible out of ...)
- TODO: check
+ NOT-FOR-US: Android
CVE-2023-7247 (The Login as User or Customer WordPress plugin through 3.8 does not pr ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-6444 (The Seriously Simple Podcasting WordPress plugin before 3.0.0 disclose ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-2365 (A vulnerability classified as problematic was found in Musicshelf 1.0/ ...)
NOT-FOR-US: Musicshelf
CVE-2024-2364 (A vulnerability classified as problematic has been found in Musicshelf ...)
@@ -171,9 +171,9 @@ CVE-2024-2313 (If kernel headers need to be extracted, bpftrace will attempt to
- bpftrace <unfixed>
NOTE: https://github.com/bpftrace/bpftrace/commit/4be4b7191acb8218240e6b7178c30fa8c9b59998
CVE-2024-2184 (Buffer overflow in identifier field of WSD probe request process of Sm ...)
- TODO: check
+ NOT-FOR-US: Small Office Multifunction Printers and Laser Printers (Canon)
CVE-2024-28823 (Amazon AWS aws-js-s3-explorer (aka AWS JavaScript S3 Explorer) 1.0.0 a ...)
- TODO: check
+ NOT-FOR-US: AWS JavaScript S3 Explorer
CVE-2024-28816 (Student Information Chatbot a0196ab allows SQL injection via the usern ...)
NOT-FOR-US: Student Information Chatbot
CVE-2024-2355 (A vulnerability has been found in keerti1924 Secret-Coder-PHP-Project ...)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/4a497a2a3857b0dfe3b3b5f8673151c257bf5b11
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/4a497a2a3857b0dfe3b3b5f8673151c257bf5b11
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20240311/9aee8eb3/attachment-0001.htm>
More information about the debian-security-tracker-commits
mailing list