[Git][security-tracker-team/security-tracker][master] Process some NFUs

Salvatore Bonaccorso (@carnil) Fri, 05 Apr 2024 13:38:50 -0700


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker



Commits:
d8b7f0e3 by Salvatore Bonaccorso at 2024-04-05T22:33:24+02:00
Process some NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,21 +1,21 @@
 CVE-2024-3354 (A vulnerability was found in SourceCodester Aplaya Beach Resort 
Online ...)
-       TODO: check
+       NOT-FOR-US: SourceCodester Aplaya Beach Resort Online Reservation System
 CVE-2024-3353 (A vulnerability was found in SourceCodester Aplaya Beach Resort 
Online ...)
-       TODO: check
+       NOT-FOR-US: SourceCodester Aplaya Beach Resort Online Reservation System
 CVE-2024-3352 (A vulnerability has been found in SourceCodester Aplaya Beach 
Resort O ...)
-       TODO: check
+       NOT-FOR-US: SourceCodester Aplaya Beach Resort Online Reservation System
 CVE-2024-3351 (A vulnerability, which was classified as critical, was found in 
Source ...)
-       TODO: check
+       NOT-FOR-US: SourceCodester Aplaya Beach Resort Online Reservation System
 CVE-2024-3350 (A vulnerability, which was classified as critical, has been 
found in S ...)
-       TODO: check
+       NOT-FOR-US: SourceCodester Aplaya Beach Resort Online Reservation System
 CVE-2024-3349 (A vulnerability classified as critical was found in 
SourceCodester Apl ...)
-       TODO: check
+       NOT-FOR-US: SourceCodester Aplaya Beach Resort Online Reservation System
 CVE-2024-3348 (A vulnerability classified as critical has been found in 
SourceCodeste ...)
-       TODO: check
+       NOT-FOR-US: SourceCodester Aplaya Beach Resort Online Reservation System
 CVE-2024-3347 (A vulnerability was found in SourceCodester Airline Ticket 
Reservation ...)
-       TODO: check
+       NOT-FOR-US: SourceCodester Airline Ticket Reservation System
 CVE-2024-3346 (A vulnerability was found in Byzro Smart S80 up to 20240328. It 
has be ...)
-       TODO: check
+       NOT-FOR-US: Byzro Smart S80
 CVE-2024-31852 (LLVM before 18.1.3 generates code in which the LR register can 
be over ...)
        TODO: check
 CVE-2024-31851 (A path traversal vulnerability exists in the Java version of 
CData Syn ...)
@@ -27,13 +27,13 @@ CVE-2024-31849 (A path traversal vulnerability exists in 
the Java version of CDa
 CVE-2024-31848 (A path traversal vulnerability exists in the Java version of 
CData API ...)
        TODO: check
 CVE-2024-31220 (Sunshine is a self-hosted game stream host for Moonlight. 
Starting in  ...)
-       TODO: check
+       NOT-FOR-US: Sunshine
 CVE-2024-31218 (Webhood is a self-hosted URL scanner used analyzing phishing 
and malic ...)
-       TODO: check
+       NOT-FOR-US: Webhood
 CVE-2024-31213 (InstantCMS is a free and open source content management 
system. An ope ...)
-       TODO: check
+       NOT-FOR-US: InstantCMS
 CVE-2024-2499 (The Squelch Tabs and Accordions Shortcodes plugin for WordPress 
is vul ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2024-2447 (Mattermost versions 8.1.x before 8.1.11, 9.3.x before 9.3.3, 
9.4.x bef ...)
        TODO: check
 CVE-2024-2380 (Stored XSS in graph rendering in Checkmk <2.3.0b4.)
@@ -45,59 +45,59 @@ CVE-2024-2312 (GRUB2 does not call the module fini 
functions on exit, leading to
        [buster] - grub2 <not-affected> (Vulnerable code not present)
        NOTE: 
https://bugs.launchpad.net/ubuntu/+source/grub2-unsigned/+bug/2054127
 CVE-2024-29783 (In tmu_get_tr_thresholds, there is a possible out of bounds 
read due t ...)
-       TODO: check
+       NOT-FOR-US: Android
 CVE-2024-29782 (In tmu_get_tr_num_thresholds of tmu.c, there is a possible out 
of boun ...)
-       TODO: check
+       NOT-FOR-US: Android
 CVE-2024-29757 (there is a possible permission bypass due to Debug certs being 
allowli ...)
-       TODO: check
+       NOT-FOR-US: Android
 CVE-2024-29756 (In afe_callback of q6afe.c, there is a possible out of bounds 
write du ...)
-       TODO: check
+       NOT-FOR-US: Android
 CVE-2024-29755 (In tmu_get_pi of tmu.c, there is a possible out of bounds read 
due to  ...)
-       TODO: check
+       NOT-FOR-US: Android
 CVE-2024-29754 (In TMU_IPC_GET_TABLE, there is a possible out of bounds read 
due to a  ...)
-       TODO: check
+       NOT-FOR-US: Android
 CVE-2024-29753 (In tmu_set_control_temp_step of tmu.c, there is a possible out 
of boun ...)
-       TODO: check
+       NOT-FOR-US: Android
 CVE-2024-29752 (In tmu_set_tr_num_thresholds of tmu.c, there is a possible out 
of boun ...)
-       TODO: check
+       NOT-FOR-US: Android
 CVE-2024-29751 (In asn1_ec_pkey_parse_p384 of asn1_common.c, there is a 
possible OOB R ...)
-       TODO: check
+       NOT-FOR-US: Android
 CVE-2024-29750 (In km_exp_did_inner of kmv.c, there is a possible out of 
bounds read d ...)
-       TODO: check
+       NOT-FOR-US: Android
 CVE-2024-29749 (In tmu_set_tr_thresholds of tmu.c, there is a possible out of 
bounds w ...)
-       TODO: check
+       NOT-FOR-US: Android
 CVE-2024-29748 (there is a possible way to bypass  due to a logic error in the 
code. T ...)
-       TODO: check
+       NOT-FOR-US: Android
 CVE-2024-29747 (In _dvfs_get_lv of dvfs.c, there is a possible out of bounds 
read due  ...)
-       TODO: check
+       NOT-FOR-US: Android
 CVE-2024-29746 (In lpm_req_handler of lpm.c, there is a possible out of bounds 
write d ...)
-       TODO: check
+       NOT-FOR-US: Android
 CVE-2024-29745 (there is a possible Information Disclosure due to 
uninitialized data.  ...)
-       TODO: check
+       NOT-FOR-US: Android
 CVE-2024-29744 (In tmu_get_gov_time_windows, there is a possible out of bounds 
read du ...)
-       TODO: check
+       NOT-FOR-US: Android
 CVE-2024-29743 (In tmu_set_temp_lut of tmu.c, there is a possible out of 
bounds write  ...)
-       TODO: check
+       NOT-FOR-US: Android
 CVE-2024-29742 (In apply_minlock_constraint of dvfs.c, there is a possible out 
of boun ...)
-       TODO: check
+       NOT-FOR-US: Android
 CVE-2024-29741 (In pblS2mpuResume of s2mpu.c, there is a possible mitigation 
bypass du ...)
-       TODO: check
+       NOT-FOR-US: Android
 CVE-2024-29740 (In tmu_set_table of tmu.c, there is a possible out of bounds 
write due ...)
-       TODO: check
+       NOT-FOR-US: Android
 CVE-2024-29739 (In tmu_get_temp_lut of tmu.c, there is a possible out of 
bounds read d ...)
-       TODO: check
+       NOT-FOR-US: Android
 CVE-2024-29738 (In gov_init, there is a possible out of bounds read due to a 
missing b ...)
-       TODO: check
+       NOT-FOR-US: Android
 CVE-2024-29221 (Improper Access Control in Mattermost Server versions 9.5.x 
before 9.5 ...)
        TODO: check
 CVE-2024-28949 (Mattermost Server versions 9.5.x before 9.5.2, 9.4.x before 
9.4.4, 9.3 ...)
        TODO: check
 CVE-2024-28065 (In Unify CP IP Phone firmware 1.10.4.3, files are not 
encrypted and co ...)
-       TODO: check
+       NOT-FOR-US: Unify CP IP Phone firmware
 CVE-2024-27232 (In asn1_ec_pkey_parse of asn1_common.c, there is a possible 
OOB read d ...)
-       TODO: check
+       NOT-FOR-US: Android
 CVE-2024-27231 (In tmu_get_tr_stats of tmu.c, there is a possible out of 
bounds read d ...)
-       TODO: check
+       NOT-FOR-US: Android
 CVE-2024-22004 (Due to length check, an attacker with privilege access on a 
Linux Nons ...)
        TODO: check
 CVE-2024-21848 (Improper Access Control in Mattermost Server versions 8.1.x 
before 8.1 ...)
@@ -111,13 +111,13 @@ CVE-2024-0076 (NVIDIA CUDA toolkit for all platforms 
contains a vulnerability in
 CVE-2024-0072 (NVIDIA CUDA toolkit for all platforms contains a vulnerability 
in cuob ...)
        TODO: check
 CVE-2023-6523 (Authorization Bypass Through User-Controlled Key vulnerability 
in Extr ...)
-       TODO: check
+       NOT-FOR-US: ExtremePacs Extreme XDS
 CVE-2023-6522 (Improper Privilege Management vulnerability in ExtremePacs 
Extreme XDS ...)
-       TODO: check
+       NOT-FOR-US: ExtremePacs Extreme XDS
 CVE-2023-5692 (WordPress Core is vulnerable to Sensitive Information Exposure 
in vers ...)
        TODO: check
 CVE-2023-49965 (SpaceX Starlink Wi-Fi router Gen 2 before 2023.48.0 allows XSS 
via the ...)
-       TODO: check
+       NOT-FOR-US: SpaceX Starlink Wi-Fi router
 CVE-2023-48426 (u-boot bug that allows for u-boot shell and interrupt over 
UART)
        TODO: check
 CVE-2024-27437 (In the Linux kernel, the following vulnerability has been 
resolved:  v ...)



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/d8b7f0e382c41d898322d445a3899cf1f8aea0ef

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/d8b7f0e382c41d898322d445a3899cf1f8aea0ef
You're receiving this email because of your account on salsa.debian.org.

_______________________________________________
debian-security-tracker-commits mailing list
debian-security-tracker-commits@alioth-lists.debian.net
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

[Git][security-tracker-team/security-tracker][master] Process some NFUs

Reply via email to