Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits: 4a497a2a by Salvatore Bonaccorso at 2024-03-11T21:25:41+01:00 Process some NFUs - - - - - 1 changed file: - data/CVE/list Changes: ===================================== data/CVE/list ===================================== @@ -1,163 +1,163 @@ CVE-2024-2370 (Unrestricted file upload vulnerability in ManageEngine Desktop Central ...) - TODO: check + NOT-FOR-US: ManageEngine CVE-2024-2357 (The Libreswan Project was notified of an issue causing libreswan to re ...) TODO: check CVE-2024-28198 (OpenOlat is an open source web-based e-learning platform for teaching, ...) - TODO: check + NOT-FOR-US: OpenOlat CVE-2024-28197 (Zitadel is an open source identity management system. Zitadel uses a c ...) - TODO: check + NOT-FOR-US: Zitadel CVE-2024-28187 (SOY CMS is an open source CMS (content management system) that allows ...) - TODO: check + NOT-FOR-US: SOY CMS CVE-2024-27237 (In wipe_ns_memory of nsmemwipe.c, there is a possible incorrect size c ...) - TODO: check + NOT-FOR-US: Android CVE-2024-27236 (In aoc_unlocked_ioctl of aoc.c, there is a possible memory corruption ...) - TODO: check + NOT-FOR-US: Android CVE-2024-27235 (In plugin_extern_func of TBD, there is a possible out of bounds read d ...) - TODO: check + NOT-FOR-US: Android CVE-2024-27234 (In fvp_set_target of fvp.c, there is a possible out of bounds read due ...) - TODO: check + NOT-FOR-US: Android CVE-2024-27233 (In ppcfw_init_secpolicy of ppcfw.c, there is a possible permission byp ...) - TODO: check + NOT-FOR-US: Android CVE-2024-27230 (In ProtocolPsKeepAliveStatusAdapter::getCode() of protocolpsadapter.cp ...) - TODO: check + NOT-FOR-US: Android CVE-2024-27229 (In ss_SendCallBarringPwdRequiredIndMsg of ss_CallBarring.c, there is a ...) - TODO: check + NOT-FOR-US: Android CVE-2024-27228 (In TBD of TBD, there is a possible out of bounds write due to a heap b ...) - TODO: check + NOT-FOR-US: Android CVE-2024-27227 (Android kernel allows Remote code execution.) - TODO: check + NOT-FOR-US: Android CVE-2024-27226 (In tmu_config_gov_params of TBD, there is a possible out of bounds wri ...) - TODO: check + NOT-FOR-US: Android CVE-2024-27225 (In sendHciCommand of bluetooth_hci.cc, there is a possible out of boun ...) - TODO: check + NOT-FOR-US: Android CVE-2024-27224 (In strncpy of strncpy.c, there is a possible out of bounds write due t ...) - TODO: check + NOT-FOR-US: Android CVE-2024-27223 (In EUTRAN_LCS_DecodeFacilityInformationElement of LPP_LcsManagement.c, ...) - TODO: check + NOT-FOR-US: Android CVE-2024-27222 (In onSkipButtonClick of FaceEnrollFoldPage.java, there is a possible w ...) - TODO: check + NOT-FOR-US: Android CVE-2024-27221 (In update_policy_data of TBD, there is a possible out of bounds write ...) - TODO: check + NOT-FOR-US: Android CVE-2024-27220 (In lpm_req_handler of TBD, there is a possible out of bounds memory ac ...) - TODO: check + NOT-FOR-US: Android CVE-2024-27219 (In tmu_set_pi of tmu.c, there is a possible out of bounds write due to ...) - TODO: check + NOT-FOR-US: Android CVE-2024-27218 (In update_freq_data of TBD, there is a possible out of bounds read due ...) - TODO: check + NOT-FOR-US: Android CVE-2024-27213 (In BroadcastSystemMessage of servicemgr.cpp, there is a possible Remot ...) - TODO: check + NOT-FOR-US: Android CVE-2024-27212 (In init_data of TBD, there is a possible out of bounds write due to a ...) - TODO: check + NOT-FOR-US: Android CVE-2024-27211 (In AtiHandleAPOMsgType of ati_Main.c, there is a possible OOB write du ...) - TODO: check + NOT-FOR-US: Android CVE-2024-27210 (In policy_check of fvp.c, there is a possible out of bounds write due ...) - TODO: check + NOT-FOR-US: Android CVE-2024-27209 (In TBD of TBD, there is a possible out of bounds write due to a heap b ...) - TODO: check + NOT-FOR-US: Android CVE-2024-27208 (In TBD of TBD, there is a possible out of bounds write due to a missin ...) - TODO: check + NOT-FOR-US: Android CVE-2024-27207 (Android kernel allows Elevation of privilege.) - TODO: check + NOT-FOR-US: Android CVE-2024-27206 (In tbd of tbd, there is a possible out of bounds read due to a missing ...) - TODO: check + NOT-FOR-US: Android CVE-2024-27205 (In tbd of tbd, there is a possible memory corruption due to a use afte ...) - TODO: check + NOT-FOR-US: Android CVE-2024-27204 (In tmu_set_gov_active of tmu.c, there is a possible out of bounds writ ...) - TODO: check + NOT-FOR-US: Android CVE-2024-25993 (In tmu_reset_tmu_trip_counter of TBD, there is a possible out of bound ...) - TODO: check + NOT-FOR-US: Android CVE-2024-25992 (In tmu_tz_control of tmu.c, there is a possible out of bounds read due ...) - TODO: check + NOT-FOR-US: Android CVE-2024-25991 (In acpm_tmu_ipc_handler of tmu_plugin.c, there is a possible out of bo ...) - TODO: check + NOT-FOR-US: Android CVE-2024-25990 (In pktproc_perftest_gen_rx_packet_sktbuf_mode of link_rx_pktproc.c, th ...) - TODO: check + NOT-FOR-US: Android CVE-2024-25989 (In gpu_slc_liveness_update of pixel_gpu_slc.c, there is a possible out ...) - TODO: check + NOT-FOR-US: Android CVE-2024-25988 (In SAEMM_DiscloseGuti of SAEMM_RadioMessageCodec.c, there is a possibl ...) - TODO: check + NOT-FOR-US: Android CVE-2024-25987 (In pt_sysctl_command of pt.c, there is a possible out of bounds write ...) - TODO: check + NOT-FOR-US: Android CVE-2024-25986 (In ppmp_unprotect_buf of drm_fw.c, there is a possible compromise of p ...) - TODO: check + NOT-FOR-US: Android CVE-2024-25985 (In bigo_unlocked_ioctl of bigo.c, there is a possible UAF due to a mis ...) - TODO: check + NOT-FOR-US: Android CVE-2024-25984 (In dumpBatteryDefend of dump_power.cpp, there is a possible out of bou ...) - TODO: check + NOT-FOR-US: Android CVE-2024-23717 (In access_secure_service_from_temp_bond of btm_sec.cc, there is a poss ...) - TODO: check + NOT-FOR-US: Android CVE-2024-23612 (An improper error handling vulnerability in LabVIEW may result in remo ...) - TODO: check + NOT-FOR-US: LabVIEW CVE-2024-23611 (An out of bounds write due to a missing bounds check in LabVIEW may re ...) - TODO: check + NOT-FOR-US: LabVIEW CVE-2024-23610 (An out of bounds write due to a missing bounds check in LabVIEW may re ...) - TODO: check + NOT-FOR-US: LabVIEW CVE-2024-23609 (An improper error handling vulnerability in LabVIEW may result in remo ...) - TODO: check + NOT-FOR-US: LabVIEW CVE-2024-23608 (An out of bounds write due to a missing bounds check in LabVIEW may re ...) - TODO: check + NOT-FOR-US: LabVIEW CVE-2024-22011 (In ss_ProcessRejectComponent of ss_MmConManagement.c, there is a possi ...) - TODO: check + NOT-FOR-US: Android CVE-2024-22010 (In dvfs_plugin_caller of fvp.c, there is a possible out of bounds read ...) - TODO: check + NOT-FOR-US: Android CVE-2024-22009 (In init_data of TBD, there is a possible out of bounds write due to a ...) - TODO: check + NOT-FOR-US: Android CVE-2024-22008 (In config_gov_time_windows of tmu.c, there is a possible out of bounds ...) - TODO: check + NOT-FOR-US: Android CVE-2024-22007 (In constraint_check of fvp.c, there is a possible out of bounds read d ...) - TODO: check + NOT-FOR-US: Android CVE-2024-22006 (Android kernel allows Information disclosure.) - TODO: check + NOT-FOR-US: Android CVE-2024-22005 (In TBD of TBD, there is a possible Authentication Bypass due to improp ...) - TODO: check + NOT-FOR-US: Android CVE-2024-1696 (In Santesoft Sante FFT Imaging versions 1.4.1 and prior once a user op ...) - TODO: check + NOT-FOR-US: Santesoft Sante FFT Imaging CVE-2024-1487 (The Photos and Files Contest Gallery WordPress plugin before 21.3.1 do ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2024-1441 (An off-by-one error flaw was found in the udevListInterfacesByStatus() ...) TODO: check CVE-2024-1373 REJECTED CVE-2024-1290 (The User Registration WordPress plugin before 2.12 does not prevent us ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2024-1279 (The Paid Memberships Pro WordPress plugin before 2.12.9 does not preve ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2024-1273 (The Starbox WordPress plugin before 3.5.0 does not sanitise and escape ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2024-1068 (The 404 Solution WordPress plugin before 2.35.8 does not properly sani ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2024-0670 (Privilege escalation in windows agent plugin in Checkmk before 2.2.0p2 ...) TODO: check CVE-2024-0561 (The Ultimate Posts Widget WordPress plugin before 2.3.1 does not valid ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2024-0559 (The Enhanced Text Widget WordPress plugin before 1.6.6 does not valida ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2024-0053 (In getCustomPrinterIcon of PrintManagerService.java, there is a possib ...) - TODO: check + NOT-FOR-US: Android CVE-2024-0052 (In multiple functions of healthconnect, there is a possible leakage of ...) - TODO: check + NOT-FOR-US: Android CVE-2024-0051 (In onQueueFilled of SoftMPEG4.cpp, there is a possible out of bounds w ...) - TODO: check + NOT-FOR-US: Android CVE-2024-0050 (In getConfig of SoftVideoDecoderOMXComponent.cpp, there is a possible ...) - TODO: check + NOT-FOR-US: Android CVE-2024-0049 (In multiple locations, there is a possible out of bounds write due to ...) - TODO: check + NOT-FOR-US: Android CVE-2024-0048 (In Session of AccountManagerService.java, there is a possible method t ...) - TODO: check + NOT-FOR-US: Android CVE-2024-0047 (In writeUserLP of UserManagerService.java, device policies are seriali ...) - TODO: check + NOT-FOR-US: Android CVE-2024-0046 (In installExistingPackageAsUser of InstallPackageHelper.java, there is ...) - TODO: check + NOT-FOR-US: Android CVE-2024-0045 (In smp_proc_sec_req of smp_act.cc, there is a possible out of bounds r ...) - TODO: check + NOT-FOR-US: Android CVE-2024-0044 (In createSessionInternal of PackageInstallerService.java, there is a p ...) - TODO: check + NOT-FOR-US: Android CVE-2024-0039 (In attp_build_value_cmd of att_protocol.cc, there is a possible out of ...) - TODO: check + NOT-FOR-US: Android CVE-2023-7247 (The Login as User or Customer WordPress plugin through 3.8 does not pr ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2023-6444 (The Seriously Simple Podcasting WordPress plugin before 3.0.0 disclose ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2024-2365 (A vulnerability classified as problematic was found in Musicshelf 1.0/ ...) NOT-FOR-US: Musicshelf CVE-2024-2364 (A vulnerability classified as problematic has been found in Musicshelf ...) @@ -171,9 +171,9 @@ CVE-2024-2313 (If kernel headers need to be extracted, bpftrace will attempt to - bpftrace <unfixed> NOTE: https://github.com/bpftrace/bpftrace/commit/4be4b7191acb8218240e6b7178c30fa8c9b59998 CVE-2024-2184 (Buffer overflow in identifier field of WSD probe request process of Sm ...) - TODO: check + NOT-FOR-US: Small Office Multifunction Printers and Laser Printers (Canon) CVE-2024-28823 (Amazon AWS aws-js-s3-explorer (aka AWS JavaScript S3 Explorer) 1.0.0 a ...) - TODO: check + NOT-FOR-US: AWS JavaScript S3 Explorer CVE-2024-28816 (Student Information Chatbot a0196ab allows SQL injection via the usern ...) NOT-FOR-US: Student Information Chatbot CVE-2024-2355 (A vulnerability has been found in keerti1924 Secret-Coder-PHP-Project ...) View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/4a497a2a3857b0dfe3b3b5f8673151c257bf5b11 -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/4a497a2a3857b0dfe3b3b5f8673151c257bf5b11 You're receiving this email because of your account on salsa.debian.org.
_______________________________________________ debian-security-tracker-commits mailing list debian-security-tracker-commits@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits