[Git][security-tracker-team/security-tracker][master] NFUs
Moritz Muehlenhoff (@jmm)
jmm at debian.org
Tue Oct 29 09:29:43 GMT 2024
Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker
Commits:
c08b5c8e by Moritz Muehlenhoff at 2024-10-29T10:29:22+01:00
NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -37,159 +37,159 @@ CVE-2024-48107 (SparkShop <=1.1.7 is vulnerable to server-side request forgery (
CVE-2024-45656 (IBM Flexible Service Processor (FSP) FW860.00 through FW860.B3, FW950. ...)
NOT-FOR-US: IBM Flexible Service Processor
CVE-2024-44302 (The issue was addressed with improved checks. This issue is fixed in t ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2024-44301 (The issue was addressed with improved checks. This issue is fixed in m ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2024-44297 (The issue was addressed with improved bounds checks. This issue is fix ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2024-44296 (The issue was addressed with improved checks. This issue is fixed in t ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2024-44295 (This issue was addressed with additional entitlement checks. This issu ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2024-44294 (A path deletion vulnerability was addressed by preventing vulnerable c ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2024-44289 (A privacy issue was addressed with improved private data redaction for ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2024-44287 (The issue was addressed with improved checks. This issue is fixed in m ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2024-44285 (A use-after-free issue was addressed with improved memory management. ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2024-44284 (An out-of-bounds write issue was addressed with improved input validat ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2024-44283 (An out-of-bounds read was addressed with improved bounds checking. Thi ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2024-44282 (An out-of-bounds read was addressed with improved input validation. Th ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2024-44281 (An out-of-bounds read was addressed with improved input validation. Th ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2024-44280 (A downgrade issue affecting Intel-based Mac computers was addressed wi ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2024-44279 (An out-of-bounds read was addressed with improved input validation. Th ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2024-44278 (An information disclosure issue was addressed with improved private da ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2024-44277 (The issue was addressed with improved memory handling. This issue is f ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2024-44275 (The issue was addressed with improved checks. This issue is fixed in m ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2024-44274 (The issue was addressed with improved authentication. This issue is fi ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2024-44273 (This issue was addressed with improved handling of symlinks. This issu ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2024-44270 (A logic issue was addressed with improved validation. This issue is fi ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2024-44269 (A logic issue was addressed with improved checks. This issue is fixed ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2024-44267 (The issue was addressed with improved checks. This issue is fixed in m ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2024-44265 (The issue was addressed by restricting options offered on a locked dev ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2024-44264 (This issue was addressed with improved validation of symlinks. This is ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2024-44263 (A logic issue was addressed with improved state management. This issue ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2024-44262 (This issue was addressed with improved redaction of sensitive informat ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2024-44261 (This issue was addressed by restricting options offered on a locked de ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2024-44260 (This issue was addressed by removing the vulnerable code. This issue i ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2024-44259 (This issue was addressed through improved state management. This issue ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2024-44258 (This issue was addressed with improved handling of symlinks. This issu ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2024-44257 (This issue was addressed with improved redaction of sensitive informat ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2024-44256 (The issue was addressed with improved input sanitization. This issue i ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2024-44255 (A path handling issue was addressed with improved logic. This issue is ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2024-44254 (This issue was addressed with improved redaction of sensitive informat ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2024-44253 (The issue was addressed with improved checks. This issue is fixed in m ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2024-44252 (A logic issue was addressed with improved file handling. This issue is ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2024-44251 (This issue was addressed through improved state management. This issue ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2024-44247 (The issue was addressed with improved checks. This issue is fixed in m ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2024-44244 (A memory corruption issue was addressed with improved input validation ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2024-44240 (The issue was addressed with improved checks. This issue is fixed in t ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2024-44239 (An information disclosure issue was addressed with improved private da ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2024-44237 (An out-of-bounds access issue was addressed with improved bounds check ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2024-44236 (An out-of-bounds access issue was addressed with improved bounds check ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2024-44235 (The issue was addressed with improved checks. This issue is fixed in i ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2024-44229 (An information leakage was addressed with additional validation. This ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2024-44228 (This issue was addressed with improved permissions checking. This issu ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2024-44222 (This issue was addressed with improved redaction of sensitive informat ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2024-44218 (This issue was addressed with improved checks. This issue is fixed in ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2024-44217 (A permissions issue was addressed by removing vulnerable code and addi ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2024-44216 (An access issue was addressed with additional sandbox restrictions. Th ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2024-44215 (This issue was addressed with improved checks. This issue is fixed in ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2024-44213 (An issue existed in the parsing of URLs. This issue was addressed with ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2024-44208 (This issue was addressed through improved state management. This issue ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2024-44203 (A permissions issue was addressed with additional restrictions. This i ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2024-44197 (The issue was addressed with improved memory handling. This issue is f ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2024-44196 (A permissions issue was addressed with additional restrictions. This i ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2024-44194 (This issue was addressed with improved redaction of sensitive informat ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2024-44175 (This issue was addressed with improved validation of symlinks. This is ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2024-44174 (The issue was addressed with improved checks. This issue is fixed in m ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2024-44159 (A path deletion vulnerability was addressed by preventing vulnerable c ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2024-44156 (A path deletion vulnerability was addressed by preventing vulnerable c ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2024-44155 (A custom URL scheme handling issue was addressed with improved input v ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2024-44145 (This issue was addressed through improved state management. This issue ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2024-44144 (A buffer overflow was addressed with improved size validation. This is ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2024-44137 (The issue was addressed with improved checks. This issue is fixed in m ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2024-44126 (The issue was addressed with improved checks. This issue is fixed in m ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2024-44123 (A permissions issue was addressed with additional restrictions. This i ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2024-44122 (A logic issue was addressed with improved checks. This issue is fixed ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2024-42011 (The Spotify app 8.9.58 for iOS has a buffer overflow in its use of str ...)
NOT-FOR-US: Spotify app
CVE-2024-40867 (A custom URL scheme handling issue was addressed with improved input v ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2024-40855 (The issue was addressed with improved checks. This issue is fixed in m ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2024-40853 (This issue was addressed by restricting options offered on a locked de ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2024-40851 (This issue was addressed by restricting options offered on a locked de ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2024-40792 (A permissions issue was addressed with additional restrictions. This i ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2024-30106 (HCL Connections is vulnerable to an information disclosure vulnerabili ...)
NOT-FOR-US: IBM WebSphere Application Server
CVE-2024-27849 (A privacy issue was addressed with improved private data redaction for ...)
- TODO: check
+ NOT-FOR-US: Apple
CVE-2024-22065 (There is a command injection vulnerability in ZTE MF258 Pro product. D ...)
NOT-FOR-US: ZTE
CVE-2024-10479 (A vulnerability, which was classified as problematic, was found in Lin ...)
@@ -292,7 +292,7 @@ CVE-2024-50068 (In the Linux kernel, the following vulnerability has been resolv
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/2d6a1c835685de3b0c8e8dc871f60f4ef92ab01a (6.12-rc4)
CVE-2024-9825 (The Chef Habitat builder-api on-prem-builder package with any version ...)
- TODO: check
+ NOT-FOR-US: Chef addon
CVE-2024-9629 (The Contact Form 7 + Telegram plugin for WordPress is vulnerable to un ...)
NOT-FOR-US: WordPress plugin
CVE-2024-8013 (A bug in query analysis of certain complex self-referential $lookup su ...)
@@ -461,7 +461,7 @@ CVE-2024-42930 (PbootCMS 3.2.8 is vulnerable to URL Redirect.)
CVE-2024-42028 (A Local privilege escalation vulnerability found in a Self-Hosted UniF ...)
NOT-FOR-US: UniFi
CVE-2024-39205 (An issue in pyload-ng v0.5.0b3.dev85 running under python3.11 or below ...)
- TODO: check
+ NOT-FOR-US: pyload-ng
CVE-2024-34537 (TYPO3 before 13.3.1 allows denial of service (interface error) in the ...)
NOT-FOR-US: TYPO3
CVE-2024-10469 (VINCE versions before 3.0.9 is vulnerable to exposure of User informat ...)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/c08b5c8eaf2de12cce800ad3eb289391dd91a237
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/c08b5c8eaf2de12cce800ad3eb289391dd91a237
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20241029/e79474d7/attachment-0001.htm>
More information about the debian-security-tracker-commits
mailing list