[Git][security-tracker-team/security-tracker][master] NFUs
Moritz Muehlenhoff (@jmm)
jmm at debian.org
Tue May 14 10:23:29 BST 2024
Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker
Commits:
12c419fe by Moritz Muehlenhoff at 2024-05-14T11:22:54+02:00
NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -13,117 +13,117 @@ CVE-2024-4854 (MONGO and ZigBee TLV dissector infinite loops in Wireshark 4.2.0
CVE-2024-4853 (Memory handling issue in editcap could cause denial of service via cra ...)
TODO: check
CVE-2024-4840 (An flaw was found in the OpenStack Platform (RHOSP) director, a toolse ...)
- TODO: check
+ NOT-FOR-US: Red Hat OpenStack Platform
CVE-2024-4810 (In register_device, the return value of ida_simple_get is unchecked, i ...)
TODO: check
CVE-2024-4712 (An arbitrary file creation vulnerability exists in PaperCut NG/MF that ...)
- TODO: check
+ NOT-FOR-US: PaperCut NG/MF
CVE-2024-4445 (The WP Compress \u2013 Image Optimizer [All-In-One] plugin for WordPre ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-4144 (The Simple Basic Contact Form plugin for WordPress for WordPress is vu ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-4139 (Manage Bank Statement ReProcessing Rules does not perform necessary au ...)
- TODO: check
+ NOT-FOR-US: SAP
CVE-2024-4138 (Manage Bank Statement ReProcessing Rules does not perform necessary au ...)
- TODO: check
+ NOT-FOR-US: SAP
CVE-2024-3241 (The Ultimate Blocks WordPress plugin before 3.1.7 does not validate a ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-3037 (An arbitrary file deletion vulnerability exists in PaperCut NG/MF that ...)
- TODO: check
+ NOT-FOR-US: PaperCut NG/MF
CVE-2024-34687 (SAP NetWeaver Application Server for ABAP and ABAP Platform do not suf ...)
- TODO: check
+ NOT-FOR-US: SAP
CVE-2024-33878
REJECTED
CVE-2024-33009 (SAP Global Label Management is vulnerable to SQL injection. On exploit ...)
- TODO: check
+ NOT-FOR-US: SAP
CVE-2024-33008 (SAP Replication Server allows an attacker to use gateway for executing ...)
- TODO: check
+ NOT-FOR-US: SAP
CVE-2024-33007 (PDFViewer is a control delivered as part of SAPUI5 product which shows ...)
- TODO: check
+ NOT-FOR-US: SAP
CVE-2024-33006 (An unauthenticated attacker can upload a malicious file to the server ...)
- TODO: check
+ NOT-FOR-US: SAP
CVE-2024-33004 (SAP Business Objects Business Intelligence Platform is vulnerable to I ...)
- TODO: check
+ NOT-FOR-US: SAP
CVE-2024-33002 (Document Service handler (obsolete) in Data Provisioning Service does ...)
- TODO: check
+ NOT-FOR-US: SAP
CVE-2024-33000 (SAP Bank Account Management does not perform necessary authorization c ...)
- TODO: check
+ NOT-FOR-US: SAP
CVE-2024-32733 (Due to missing input validation and output encoding of untrusted data, ...)
- TODO: check
+ NOT-FOR-US: SAP
CVE-2024-32731 (SAP My Travel Requests does not perform necessary authorization checks ...)
- TODO: check
+ NOT-FOR-US: SAP
CVE-2024-28165 (SAP Business Objects Business Intelligence Platform is vulnerable to s ...)
- TODO: check
+ NOT-FOR-US: SAP
CVE-2024-27852 (A privacy issue was addressed with improved client ID handling for alt ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2024-27847 (This issue was addressed with improved checks This issue is fixed in i ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2024-27843 (A logic issue was addressed with improved checks. This issue is fixed ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2024-27842 (The issue was addressed with improved checks. This issue is fixed in m ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2024-27841 (The issue was addressed with improved memory handling. This issue is f ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2024-27839 (A privacy issue was addressed by moving sensitive data to a more secur ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2024-27837 (A downgrade issue was addressed with additional code-signing restricti ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2024-27835 (This issue was addressed through improved state management. This issue ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2024-27834 (The issue was addressed with improved checks. This issue is fixed in i ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2024-27829 (The issue was addressed with improved memory handling. This issue is f ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2024-27827 (This issue was addressed through improved state management. This issue ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2024-27825 (A downgrade issue affecting Intel-based Mac computers was addressed wi ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2024-27824 (This issue was addressed by removing the vulnerable code. This issue i ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2024-27822 (A logic issue was addressed with improved restrictions. This issue is ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2024-27821 (A path handling issue was addressed with improved validation. This iss ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2024-27818 (The issue was addressed with improved memory handling. This issue is f ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2024-27816 (A logic issue was addressed with improved checks. This issue is fixed ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2024-27813 (The issue was addressed with improved checks. This issue is fixed in m ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2024-27810 (A path handling issue was addressed with improved validation. This iss ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2024-27804 (The issue was addressed with improved memory handling. This issue is f ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2024-27803 (A permissions issue was addressed with improved validation. This issue ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2024-27798 (An authorization issue was addressed with improved state management. T ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2024-27796 (The issue was addressed with improved checks. This issue is fixed in i ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2024-27789 (A logic issue was addressed with improved checks. This issue is fixed ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2024-25970 (Dell PowerScale OneFS versions 8.2.x through 9.7.0.1 contains an impro ...)
- TODO: check
+ NOT-FOR-US: Dell
CVE-2024-25969 (Dell PowerScale OneFS versions 8.2.x through 9.7.0.1 contains an alloc ...)
- TODO: check
+ NOT-FOR-US: Dell
CVE-2024-25968 (Dell PowerScale OneFS versions 8.2.x through 9.7.0.2 contains a use of ...)
- TODO: check
+ NOT-FOR-US: Dell
CVE-2024-25967 (Dell PowerScale OneFS versions 8.2.x through 9.7.0.1 contains an execu ...)
- TODO: check
+ NOT-FOR-US: Dell
CVE-2024-25966 (Dell PowerScale OneFS versions 8.2.x through 9.7.0.2 contains an impro ...)
- TODO: check
+ NOT-FOR-US: Dell
CVE-2024-25965 (Dell PowerScale OneFS versions 8.2.x through 9.7.0.2 contains an exter ...)
- TODO: check
+ NOT-FOR-US: Dell
CVE-2024-23576 (Security vulnerability in HCL Commerce 9.1.12 and 9.1.13 could allow d ...)
- TODO: check
+ NOT-FOR-US: HCL
CVE-2024-23236 (A correctness issue was addressed with improved checks. This issue is ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2024-23229 (This issue was addressed with improved redaction of sensitive informat ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2024-0870 (The YITH WooCommerce Gift Cards plugin for WordPress is vulnerable to ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-6812 (The WP Compress \u2013 Image Optimizer [All-In-One plugin for WordPres ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-4761 (Out of bounds write in V8 in Google Chrome prior to 124.0.6367.207 all ...)
- chromium <unfixed>
[bullseye] - chromium <end-of-life> (see #1061268)
@@ -162,9 +162,9 @@ CVE-2024-4067 (The NPM package `micromatch` is vulnerable to Regular Expression
NOTE: https://github.com/micromatch/micromatch/issues/243
NOTE: https://github.com/micromatch/micromatch/pull/247
CVE-2024-3462 (Ant Media Server Community Edition in a default configuration is vulne ...)
- TODO: check
+ NOT-FOR-US: Ant Media Server Community Edition
CVE-2024-3263 (YMS VIS Pro is an information system for veterinary and food administr ...)
- TODO: check
+ NOT-FOR-US: YMS VIS Pro
CVE-2024-35172 (Server-Side Request Forgery (SSRF) vulnerability in ShortPixel ShortPi ...)
NOT-FOR-US: WordPress plugin
CVE-2024-35171 (Exposure of Sensitive Information to an Unauthorized Actor vulnerabili ...)
@@ -176,7 +176,7 @@ CVE-2024-35169 (Improper Neutralization of Input During Web Page Generation ('Cr
CVE-2024-35167 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
NOT-FOR-US: WordPress plugin
CVE-2024-35166 (Exposure of Sensitive Information to an Unauthorized Actor vulnerabili ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-35165 (Exposure of Sensitive Information to an Unauthorized Actor vulnerabili ...)
NOT-FOR-US: WordPress plugin
CVE-2024-35099 (TOTOLINK LR350 V9.3.5u.6698_B20230810 was discovered to contain a stac ...)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/12c419fede8481148036e51c7c13cb737017b1d1
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/12c419fede8481148036e51c7c13cb737017b1d1
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20240514/4b71dc6c/attachment-0001.htm>
More information about the debian-security-tracker-commits
mailing list