[Git][security-tracker-team/security-tracker][master] NFUs

Moritz Muehlenhoff (@jmm) jmm at debian.org
Wed May 8 09:32:10 BST 2024 


Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker


Commits:
4f7ea131 by Moritz Muehlenhoff at 2024-05-08T10:30:45+02:00
NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,73 +1,73 @@
 CVE-2024-4456 (In affected versions of Octopus Server with certain access levels it w ...)
-	TODO: check
+	NOT-FOR-US: Octopus Server
 CVE-2024-4393 (The Social Connect plugin for WordPress is vulnerable to authenticatio ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2024-4162 (A buffer error in Panasonic KW Watcher versions 1.00 through 2.83 may  ...)
-	TODO: check
+	NOT-FOR-US: Panasonic
 CVE-2024-4030 (On Windows a directory returned by tempfile.mkdtemp() would not always ...)
 	TODO: check
 CVE-2024-3494 (The Mesmerize Companion plugin for WordPress is vulnerable to Stored C ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2024-34346 (Deno is a JavaScript, TypeScript, and WebAssembly runtime with secure  ...)
-	TODO: check
+	NOT-FOR-US: Deno
 CVE-2024-32674 (Heateor Social Login WordPress prior to 1.1.32 contains a cross-site s ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2024-2860 (The PostgreSQL implementation in Brocade SANnav versions before 2.3.0a ...)
-	TODO: check
+	NOT-FOR-US: Brocade
 CVE-2024-27273 (IBM AIX's Unix domain (AIX 7.2, 7.3, VIOS 3.1, and VIOS 4.1) datagram  ...)
-	TODO: check
+	NOT-FOR-US: AIX
 CVE-2024-23713 (In migrateNotificationFilter of NotificationManagerService.java, there ...)
-	TODO: check
+	NOT-FOR-US: Android
 CVE-2024-23712 (In multiple functions of AppOpsService.java, there is a possible way t ...)
-	TODO: check
+	NOT-FOR-US: Android
 CVE-2024-23710 (In assertPackageWithSharedUserIdIsPrivileged of InstallPackageHelper.j ...)
-	TODO: check
+	NOT-FOR-US: Android
 CVE-2024-23709 (In multiple locations, there is a possible out of bounds write due to  ...)
-	TODO: check
+	NOT-FOR-US: Android
 CVE-2024-23708 (In multiple functions of NotificationManagerService.java, there is a p ...)
-	TODO: check
+	NOT-FOR-US: Android
 CVE-2024-23707 (In multiple locations, there is a possible permissions bypass due to i ...)
-	TODO: check
+	NOT-FOR-US: Android
 CVE-2024-23706 (In multiple locations, there is a possible bypass of health data permi ...)
-	TODO: check
+	NOT-FOR-US: Android
 CVE-2024-23705 (In multiple locations, there is a possible failure to persist or enfor ...)
-	TODO: check
+	NOT-FOR-US: Android
 CVE-2024-23704 (In onCreate of WifiDialogActivity.java, there is a possible way to byp ...)
-	TODO: check
+	NOT-FOR-US: Android
 CVE-2024-23551 (Database scanning using username and password stores the credentials i ...)
-	TODO: check
+	NOT-FOR-US: HCL
 CVE-2024-22266 (VMware Avi Load Balancer contains an information disclosure vulnerabil ...)
-	TODO: check
+	NOT-FOR-US: VMware
 CVE-2024-22264 (VMware Avi Load Balancer contains a privilege escalation vulnerability ...)
-	TODO: check
+	NOT-FOR-US: VMware
 CVE-2024-1076 (The SSL Zen  WordPress plugin before 4.6.0 only relies on the use of . ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2024-0043 (In multiple locations, there is a possible notification listener grant ...)
-	TODO: check
+	NOT-FOR-US: Android
 CVE-2024-0042 (In TBD of TBD, there is a possible confusion of OEM and DRM certificat ...)
-	TODO: check
+	NOT-FOR-US: Android
 CVE-2024-0027 (In multiple functions of SnoozeHelper.java, there is a possible way to ...)
-	TODO: check
+	NOT-FOR-US: Android
 CVE-2024-0026 (In multiple functions of SnoozeHelper.java, there is a possible persis ...)
-	TODO: check
+	NOT-FOR-US: Android
 CVE-2024-0025 (In sendIntentSender of ActivityManagerService.java, there is a possibl ...)
-	TODO: check
+	NOT-FOR-US: Android
 CVE-2024-0024 (In multiple methods of UserManagerService.java, there is a possible fa ...)
-	TODO: check
+	NOT-FOR-US: Android
 CVE-2024-0022 (In multiple functions of CompanionDeviceManagerService.java, there is  ...)
-	TODO: check
+	NOT-FOR-US: Android
 CVE-2023-40694 (IBM Watson CP4D Data Stores 4.0.0 through 4.8.4 stores potentially sen ...)
-	TODO: check
+	NOT-FOR-US: IBM
 CVE-2023-40490 (Maxon Cinema 4D SKP File Parsing Use-After-Free Remote Code Execution  ...)
-	TODO: check
+	NOT-FOR-US: Maxon
 CVE-2023-37325 (D-Link DAP-2622 DDP Set SSID List Missing Authentication Vulnerability ...)
-	TODO: check
+	NOT-FOR-US: D-Link
 CVE-2023-35757 (D-Link DAP-2622 DDP Set Date-Time NTP Server Stack-based Buffer Overfl ...)
-	TODO: check
+	NOT-FOR-US: D-Link
 CVE-2023-35749 (D-Link DAP-2622 DDP Firmware Upgrade Filename Stack-based Buffer Overf ...)
-	TODO: check
+	NOT-FOR-US: D-Link
 CVE-2023-35748 (D-Link DAP-2622 DDP Firmware Upgrade Server IPv6 Address Stack-based B ...)
-	TODO: check
+	NOT-FOR-US: D-Link
 CVE-2024-4438
 	NOT-FOR-US: Incomplete backport in Red Hat OpenStack platform
 CVE-2024-4437



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/4f7ea131479d9d8993e4a51259febc5706d3d523

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/4f7ea131479d9d8993e4a51259febc5706d3d523
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20240508/c9aa2488/attachment.htm>

More information about the debian-security-tracker-commits mailing list