[Git][security-tracker-team/security-tracker][master] Process some NFUs

Salvatore Bonaccorso (@carnil) carnil at debian.org
Wed May 15 08:18:46 BST 2024



Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
8d065bed by Salvatore Bonaccorso at 2024-05-15T09:17:59+02:00
Process some NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -198,175 +198,175 @@ CVE-2024-31485 (A vulnerability has been identified in CPCI85 Central Processing
 CVE-2024-31484 (A vulnerability has been identified in CPC80 Central Processing/Commun ...)
 	NOT-FOR-US: Siemens
 CVE-2024-30209 (A vulnerability has been identified in SIMATIC RTLS Locating Manager ( ...)
-	TODO: check
+	NOT-FOR-US: Siemens
 CVE-2024-30208 (A vulnerability has been identified in SIMATIC RTLS Locating Manager ( ...)
-	TODO: check
+	NOT-FOR-US: Siemens
 CVE-2024-30207 (A vulnerability has been identified in SIMATIC RTLS Locating Manager ( ...)
-	TODO: check
+	NOT-FOR-US: Siemens
 CVE-2024-30206 (A vulnerability has been identified in SIMATIC RTLS Locating Manager ( ...)
-	TODO: check
+	NOT-FOR-US: Siemens
 CVE-2024-30059 (Microsoft Intune for Android Mobile Application Management Tampering V ...)
-	TODO: check
+	NOT-FOR-US: Microsoft
 CVE-2024-30054 (Microsoft Power BI Client JavaScript SDK Information Disclosure Vulner ...)
-	TODO: check
+	NOT-FOR-US: Microsoft
 CVE-2024-30053 (Azure Migrate Cross-Site Scripting Vulnerability)
-	TODO: check
+	NOT-FOR-US: Microsoft
 CVE-2024-30051 (Windows DWM Core Library Elevation of Privilege Vulnerability)
-	TODO: check
+	NOT-FOR-US: Microsoft
 CVE-2024-30050 (Windows Mark of the Web Security Feature Bypass Vulnerability)
-	TODO: check
+	NOT-FOR-US: Microsoft
 CVE-2024-30049 (Windows Win32 Kernel Subsystem Elevation of Privilege Vulnerability)
-	TODO: check
+	NOT-FOR-US: Microsoft
 CVE-2024-30048 (Dynamics 365 Customer Insights Spoofing Vulnerability)
-	TODO: check
+	NOT-FOR-US: Microsoft
 CVE-2024-30047 (Dynamics 365 Customer Insights Spoofing Vulnerability)
-	TODO: check
+	NOT-FOR-US: Microsoft
 CVE-2024-30046 (Visual Studio Denial of Service Vulnerability)
-	TODO: check
+	NOT-FOR-US: Microsoft
 CVE-2024-30045 (.NET and Visual Studio Remote Code Execution Vulnerability)
-	TODO: check
+	NOT-FOR-US: Microsoft
 CVE-2024-30044 (Microsoft SharePoint Server Remote Code Execution Vulnerability)
-	TODO: check
+	NOT-FOR-US: Microsoft
 CVE-2024-30043 (Microsoft SharePoint Server Information Disclosure Vulnerability)
-	TODO: check
+	NOT-FOR-US: Microsoft
 CVE-2024-30042 (Microsoft Excel Remote Code Execution Vulnerability)
-	TODO: check
+	NOT-FOR-US: Microsoft
 CVE-2024-30041 (Microsoft Bing Search Spoofing Vulnerability)
-	TODO: check
+	NOT-FOR-US: Microsoft
 CVE-2024-30040 (Windows MSHTML Platform Security Feature Bypass Vulnerability)
-	TODO: check
+	NOT-FOR-US: Microsoft
 CVE-2024-30039 (Windows Remote Access Connection Manager Information Disclosure Vulner ...)
-	TODO: check
+	NOT-FOR-US: Microsoft
 CVE-2024-30038 (Win32k Elevation of Privilege Vulnerability)
-	TODO: check
+	NOT-FOR-US: Microsoft
 CVE-2024-30037 (Windows Common Log File System Driver Elevation of Privilege Vulnerabi ...)
-	TODO: check
+	NOT-FOR-US: Microsoft
 CVE-2024-30036 (Windows Deployment Services Information Disclosure Vulnerability)
-	TODO: check
+	NOT-FOR-US: Microsoft
 CVE-2024-30035 (Windows DWM Core Library Elevation of Privilege Vulnerability)
-	TODO: check
+	NOT-FOR-US: Microsoft
 CVE-2024-30034 (Windows Cloud Files Mini Filter Driver Information Disclosure Vulnerab ...)
-	TODO: check
+	NOT-FOR-US: Microsoft
 CVE-2024-30033 (Windows Search Service Elevation of Privilege Vulnerability)
-	TODO: check
+	NOT-FOR-US: Microsoft
 CVE-2024-30032 (Windows DWM Core Library Elevation of Privilege Vulnerability)
-	TODO: check
+	NOT-FOR-US: Microsoft
 CVE-2024-30031 (Windows CNG Key Isolation Service Elevation of Privilege Vulnerability)
-	TODO: check
+	NOT-FOR-US: Microsoft
 CVE-2024-30030 (Win32k Elevation of Privilege Vulnerability)
-	TODO: check
+	NOT-FOR-US: Microsoft
 CVE-2024-30029 (Windows Routing and Remote Access Service (RRAS) Remote Code Execution ...)
-	TODO: check
+	NOT-FOR-US: Microsoft
 CVE-2024-30028 (Win32k Elevation of Privilege Vulnerability)
-	TODO: check
+	NOT-FOR-US: Microsoft
 CVE-2024-30027 (NTFS Elevation of Privilege Vulnerability)
-	TODO: check
+	NOT-FOR-US: Microsoft
 CVE-2024-30025 (Windows Common Log File System Driver Elevation of Privilege Vulnerabi ...)
-	TODO: check
+	NOT-FOR-US: Microsoft
 CVE-2024-30024 (Windows Routing and Remote Access Service (RRAS) Remote Code Execution ...)
-	TODO: check
+	NOT-FOR-US: Microsoft
 CVE-2024-30023 (Windows Routing and Remote Access Service (RRAS) Remote Code Execution ...)
-	TODO: check
+	NOT-FOR-US: Microsoft
 CVE-2024-30022 (Windows Routing and Remote Access Service (RRAS) Remote Code Execution ...)
-	TODO: check
+	NOT-FOR-US: Microsoft
 CVE-2024-30021 (Windows Mobile Broadband Driver Remote Code Execution Vulnerability)
-	TODO: check
+	NOT-FOR-US: Microsoft
 CVE-2024-30020 (Windows Cryptographic Services Remote Code Execution Vulnerability)
-	TODO: check
+	NOT-FOR-US: Microsoft
 CVE-2024-30019 (DHCP Server Service Denial of Service Vulnerability)
-	TODO: check
+	NOT-FOR-US: Microsoft
 CVE-2024-30018 (Windows Kernel Elevation of Privilege Vulnerability)
-	TODO: check
+	NOT-FOR-US: Microsoft
 CVE-2024-30017 (Windows Hyper-V Remote Code Execution Vulnerability)
-	TODO: check
+	NOT-FOR-US: Microsoft
 CVE-2024-30016 (Windows Cryptographic Services Information Disclosure Vulnerability)
-	TODO: check
+	NOT-FOR-US: Microsoft
 CVE-2024-30015 (Windows Routing and Remote Access Service (RRAS) Remote Code Execution ...)
-	TODO: check
+	NOT-FOR-US: Microsoft
 CVE-2024-30014 (Windows Routing and Remote Access Service (RRAS) Remote Code Execution ...)
-	TODO: check
+	NOT-FOR-US: Microsoft
 CVE-2024-30012 (Windows Mobile Broadband Driver Remote Code Execution Vulnerability)
-	TODO: check
+	NOT-FOR-US: Microsoft
 CVE-2024-30011 (Windows Hyper-V Denial of Service Vulnerability)
-	TODO: check
+	NOT-FOR-US: Microsoft
 CVE-2024-30010 (Windows Hyper-V Remote Code Execution Vulnerability)
-	TODO: check
+	NOT-FOR-US: Microsoft
 CVE-2024-30009 (Windows Routing and Remote Access Service (RRAS) Remote Code Execution ...)
-	TODO: check
+	NOT-FOR-US: Microsoft
 CVE-2024-30008 (Windows DWM Core Library Information Disclosure  Vulnerability)
-	TODO: check
+	NOT-FOR-US: Microsoft
 CVE-2024-30007 (Microsoft Brokering File System Elevation of Privilege Vulnerability)
-	TODO: check
+	NOT-FOR-US: Microsoft
 CVE-2024-30006 (Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vu ...)
-	TODO: check
+	NOT-FOR-US: Microsoft
 CVE-2024-30005 (Windows Mobile Broadband Driver Remote Code Execution Vulnerability)
-	TODO: check
+	NOT-FOR-US: Microsoft
 CVE-2024-30004 (Windows Mobile Broadband Driver Remote Code Execution Vulnerability)
-	TODO: check
+	NOT-FOR-US: Microsoft
 CVE-2024-30003 (Windows Mobile Broadband Driver Remote Code Execution Vulnerability)
-	TODO: check
+	NOT-FOR-US: Microsoft
 CVE-2024-30002 (Windows Mobile Broadband Driver Remote Code Execution Vulnerability)
-	TODO: check
+	NOT-FOR-US: Microsoft
 CVE-2024-30001 (Windows Mobile Broadband Driver Remote Code Execution Vulnerability)
-	TODO: check
+	NOT-FOR-US: Microsoft
 CVE-2024-30000 (Windows Mobile Broadband Driver Remote Code Execution Vulnerability)
-	TODO: check
+	NOT-FOR-US: Microsoft
 CVE-2024-2637 (An authenticated local attacker who successfully exploited this vulner ...)
-	TODO: check
+	NOT-FOR-US: BR Automation
 CVE-2024-29999 (Windows Mobile Broadband Driver Remote Code Execution Vulnerability)
-	TODO: check
+	NOT-FOR-US: Microsoft
 CVE-2024-29998 (Windows Mobile Broadband Driver Remote Code Execution Vulnerability)
-	TODO: check
+	NOT-FOR-US: Microsoft
 CVE-2024-29997 (Windows Mobile Broadband Driver Remote Code Execution Vulnerability)
-	TODO: check
+	NOT-FOR-US: Microsoft
 CVE-2024-29996 (Windows Common Log File System Driver Elevation of Privilege Vulnerabi ...)
-	TODO: check
+	NOT-FOR-US: Microsoft
 CVE-2024-29994 (Microsoft Windows SCSI Class System File Elevation of Privilege Vulner ...)
-	TODO: check
+	NOT-FOR-US: Microsoft
 CVE-2024-28137 (A local attacker with low privileges canperform a privilege escalation ...)
-	TODO: check
+	NOT-FOR-US: PHOENIX
 CVE-2024-28136 (A local attacker with low privileges can use a command injection vulne ...)
-	TODO: check
+	NOT-FOR-US: PHOENIX
 CVE-2024-28135 (A low privileged remote attacker can usea command injection vulnerabil ...)
-	TODO: check
+	NOT-FOR-US: PHOENIX
 CVE-2024-28134 (An unauthenticated remote attacker can extract a session token with a  ...)
-	TODO: check
+	NOT-FOR-US: PHOENIX
 CVE-2024-28133 (A local low privileged attacker can use an untrusted search path in aC ...)
-	TODO: check
+	NOT-FOR-US: PHOENIX
 CVE-2024-27947 (A vulnerability has been identified in RUGGEDCOM CROSSBOW (All version ...)
-	TODO: check
+	NOT-FOR-US: Siemens
 CVE-2024-27946 (A vulnerability has been identified in RUGGEDCOM CROSSBOW (All version ...)
-	TODO: check
+	NOT-FOR-US: Siemens
 CVE-2024-27945 (A vulnerability has been identified in RUGGEDCOM CROSSBOW (All version ...)
-	TODO: check
+	NOT-FOR-US: Siemens
 CVE-2024-27944 (A vulnerability has been identified in RUGGEDCOM CROSSBOW (All version ...)
-	TODO: check
+	NOT-FOR-US: Siemens
 CVE-2024-27943 (A vulnerability has been identified in RUGGEDCOM CROSSBOW (All version ...)
-	TODO: check
+	NOT-FOR-US: Siemens
 CVE-2024-27942 (A vulnerability has been identified in RUGGEDCOM CROSSBOW (All version ...)
-	TODO: check
+	NOT-FOR-US: Siemens
 CVE-2024-27941 (A vulnerability has been identified in RUGGEDCOM CROSSBOW (All version ...)
-	TODO: check
+	NOT-FOR-US: Siemens
 CVE-2024-27940 (A vulnerability has been identified in RUGGEDCOM CROSSBOW (All version ...)
-	TODO: check
+	NOT-FOR-US: Siemens
 CVE-2024-27939 (A vulnerability has been identified in RUGGEDCOM CROSSBOW (All version ...)
-	TODO: check
+	NOT-FOR-US: Siemens
 CVE-2024-27110 (Elevation of privilege vulnerability in GE HealthCare EchoPAC products)
-	TODO: check
+	NOT-FOR-US: GE HealthCare EchoPAC products
 CVE-2024-27109 (Insufficiently protected credentials in GE HealthCare EchoPAC products)
-	TODO: check
+	NOT-FOR-US: GE HealthCare EchoPAC products
 CVE-2024-27108 (Non privileged access to critical file vulnerability in GE HealthCare  ...)
-	TODO: check
+	NOT-FOR-US: GE HealthCare EchoPAC products
 CVE-2024-27107 (Weak account password in GE HealthCare EchoPAC products)
-	TODO: check
+	NOT-FOR-US: GE HealthCare EchoPAC products
 CVE-2024-27106 (Vulnerable data in transit in GE HealthCare EchoPAC products)
-	TODO: check
+	NOT-FOR-US: GE HealthCare EchoPAC products
 CVE-2024-26367 (Cross Site Scripting vulnerability in Evertz microsystems MViP-II Firm ...)
-	TODO: check
+	NOT-FOR-US: Evertz
 CVE-2024-26238 (Microsoft PLUGScheduler Scheduled Task Elevation of Privilege Vulnerab ...)
-	TODO: check
+	NOT-FOR-US: Microsoft
 CVE-2024-26007 (An improper check or handling of exceptional conditions vulnerability  ...)
-	TODO: check
+	NOT-FOR-US: FortiGuard
 CVE-2024-23105 (A Use Of Less Trusted Source [CWE-348] vulnerability in Fortinet Forti ...)
 	TODO: check
 CVE-2024-22270 (VMware Workstation and Fusion contain an information disclosure vulner ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/8d065bed3e734174a8f51875c13f937224c38a32

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/8d065bed3e734174a8f51875c13f937224c38a32
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20240515/c4b6c94c/attachment-0001.htm>


More information about the debian-security-tracker-commits mailing list