Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
4a497a2a by Salvatore Bonaccorso at 2024-03-11T21:25:41+01:00
Process some NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,163 +1,163 @@
CVE-2024-2370 (Unrestricted file upload vulnerability in ManageEngine Desktop
Central ...)
- TODO: check
+ NOT-FOR-US: ManageEngine
CVE-2024-2357 (The Libreswan Project was notified of an issue causing
libreswan to re ...)
TODO: check
CVE-2024-28198 (OpenOlat is an open source web-based e-learning platform for
teaching, ...)
- TODO: check
+ NOT-FOR-US: OpenOlat
CVE-2024-28197 (Zitadel is an open source identity management system. Zitadel
uses a c ...)
- TODO: check
+ NOT-FOR-US: Zitadel
CVE-2024-28187 (SOY CMS is an open source CMS (content management system) that
allows ...)
- TODO: check
+ NOT-FOR-US: SOY CMS
CVE-2024-27237 (In wipe_ns_memory of nsmemwipe.c, there is a possible
incorrect size c ...)
- TODO: check
+ NOT-FOR-US: Android
CVE-2024-27236 (In aoc_unlocked_ioctl of aoc.c, there is a possible memory
corruption ...)
- TODO: check
+ NOT-FOR-US: Android
CVE-2024-27235 (In plugin_extern_func of TBD, there is a possible out of
bounds read d ...)
- TODO: check
+ NOT-FOR-US: Android
CVE-2024-27234 (In fvp_set_target of fvp.c, there is a possible out of bounds
read due ...)
- TODO: check
+ NOT-FOR-US: Android
CVE-2024-27233 (In ppcfw_init_secpolicy of ppcfw.c, there is a possible
permission byp ...)
- TODO: check
+ NOT-FOR-US: Android
CVE-2024-27230 (In ProtocolPsKeepAliveStatusAdapter::getCode() of
protocolpsadapter.cp ...)
- TODO: check
+ NOT-FOR-US: Android
CVE-2024-27229 (In ss_SendCallBarringPwdRequiredIndMsg of ss_CallBarring.c,
there is a ...)
- TODO: check
+ NOT-FOR-US: Android
CVE-2024-27228 (In TBD of TBD, there is a possible out of bounds write due to
a heap b ...)
- TODO: check
+ NOT-FOR-US: Android
CVE-2024-27227 (Android kernel allows Remote code execution.)
- TODO: check
+ NOT-FOR-US: Android
CVE-2024-27226 (In tmu_config_gov_params of TBD, there is a possible out of
bounds wri ...)
- TODO: check
+ NOT-FOR-US: Android
CVE-2024-27225 (In sendHciCommand of bluetooth_hci.cc, there is a possible out
of boun ...)
- TODO: check
+ NOT-FOR-US: Android
CVE-2024-27224 (In strncpy of strncpy.c, there is a possible out of bounds
write due t ...)
- TODO: check
+ NOT-FOR-US: Android
CVE-2024-27223 (In EUTRAN_LCS_DecodeFacilityInformationElement of
LPP_LcsManagement.c, ...)
- TODO: check
+ NOT-FOR-US: Android
CVE-2024-27222 (In onSkipButtonClick of FaceEnrollFoldPage.java, there is a
possible w ...)
- TODO: check
+ NOT-FOR-US: Android
CVE-2024-27221 (In update_policy_data of TBD, there is a possible out of
bounds write ...)
- TODO: check
+ NOT-FOR-US: Android
CVE-2024-27220 (In lpm_req_handler of TBD, there is a possible out of bounds
memory ac ...)
- TODO: check
+ NOT-FOR-US: Android
CVE-2024-27219 (In tmu_set_pi of tmu.c, there is a possible out of bounds
write due to ...)
- TODO: check
+ NOT-FOR-US: Android
CVE-2024-27218 (In update_freq_data of TBD, there is a possible out of bounds
read due ...)
- TODO: check
+ NOT-FOR-US: Android
CVE-2024-27213 (In BroadcastSystemMessage of servicemgr.cpp, there is a
possible Remot ...)
- TODO: check
+ NOT-FOR-US: Android
CVE-2024-27212 (In init_data of TBD, there is a possible out of bounds write
due to a ...)
- TODO: check
+ NOT-FOR-US: Android
CVE-2024-27211 (In AtiHandleAPOMsgType of ati_Main.c, there is a possible OOB
write du ...)
- TODO: check
+ NOT-FOR-US: Android
CVE-2024-27210 (In policy_check of fvp.c, there is a possible out of bounds
write due ...)
- TODO: check
+ NOT-FOR-US: Android
CVE-2024-27209 (In TBD of TBD, there is a possible out of bounds write due to
a heap b ...)
- TODO: check
+ NOT-FOR-US: Android
CVE-2024-27208 (In TBD of TBD, there is a possible out of bounds write due to
a missin ...)
- TODO: check
+ NOT-FOR-US: Android
CVE-2024-27207 (Android kernel allows Elevation of privilege.)
- TODO: check
+ NOT-FOR-US: Android
CVE-2024-27206 (In tbd of tbd, there is a possible out of bounds read due to a
missing ...)
- TODO: check
+ NOT-FOR-US: Android
CVE-2024-27205 (In tbd of tbd, there is a possible memory corruption due to a
use afte ...)
- TODO: check
+ NOT-FOR-US: Android
CVE-2024-27204 (In tmu_set_gov_active of tmu.c, there is a possible out of
bounds writ ...)
- TODO: check
+ NOT-FOR-US: Android
CVE-2024-25993 (In tmu_reset_tmu_trip_counter of TBD, there is a possible out
of bound ...)
- TODO: check
+ NOT-FOR-US: Android
CVE-2024-25992 (In tmu_tz_control of tmu.c, there is a possible out of bounds
read due ...)
- TODO: check
+ NOT-FOR-US: Android
CVE-2024-25991 (In acpm_tmu_ipc_handler of tmu_plugin.c, there is a possible
out of bo ...)
- TODO: check
+ NOT-FOR-US: Android
CVE-2024-25990 (In pktproc_perftest_gen_rx_packet_sktbuf_mode of
link_rx_pktproc.c, th ...)
- TODO: check
+ NOT-FOR-US: Android
CVE-2024-25989 (In gpu_slc_liveness_update of pixel_gpu_slc.c, there is a
possible out ...)
- TODO: check
+ NOT-FOR-US: Android
CVE-2024-25988 (In SAEMM_DiscloseGuti of SAEMM_RadioMessageCodec.c, there is a
possibl ...)
- TODO: check
+ NOT-FOR-US: Android
CVE-2024-25987 (In pt_sysctl_command of pt.c, there is a possible out of
bounds write ...)
- TODO: check
+ NOT-FOR-US: Android
CVE-2024-25986 (In ppmp_unprotect_buf of drm_fw.c, there is a possible
compromise of p ...)
- TODO: check
+ NOT-FOR-US: Android
CVE-2024-25985 (In bigo_unlocked_ioctl of bigo.c, there is a possible UAF due
to a mis ...)
- TODO: check
+ NOT-FOR-US: Android
CVE-2024-25984 (In dumpBatteryDefend of dump_power.cpp, there is a possible
out of bou ...)
- TODO: check
+ NOT-FOR-US: Android
CVE-2024-23717 (In access_secure_service_from_temp_bond of btm_sec.cc, there
is a poss ...)
- TODO: check
+ NOT-FOR-US: Android
CVE-2024-23612 (An improper error handling vulnerability in LabVIEW may result
in remo ...)
- TODO: check
+ NOT-FOR-US: LabVIEW
CVE-2024-23611 (An out of bounds write due to a missing bounds check in
LabVIEW may re ...)
- TODO: check
+ NOT-FOR-US: LabVIEW
CVE-2024-23610 (An out of bounds write due to a missing bounds check in
LabVIEW may re ...)
- TODO: check
+ NOT-FOR-US: LabVIEW
CVE-2024-23609 (An improper error handling vulnerability in LabVIEW may result
in remo ...)
- TODO: check
+ NOT-FOR-US: LabVIEW
CVE-2024-23608 (An out of bounds write due to a missing bounds check in
LabVIEW may re ...)
- TODO: check
+ NOT-FOR-US: LabVIEW
CVE-2024-22011 (In ss_ProcessRejectComponent of ss_MmConManagement.c, there is
a possi ...)
- TODO: check
+ NOT-FOR-US: Android
CVE-2024-22010 (In dvfs_plugin_caller of fvp.c, there is a possible out of
bounds read ...)
- TODO: check
+ NOT-FOR-US: Android
CVE-2024-22009 (In init_data of TBD, there is a possible out of bounds write
due to a ...)
- TODO: check
+ NOT-FOR-US: Android
CVE-2024-22008 (In config_gov_time_windows of tmu.c, there is a possible out
of bounds ...)
- TODO: check
+ NOT-FOR-US: Android
CVE-2024-22007 (In constraint_check of fvp.c, there is a possible out of
bounds read d ...)
- TODO: check
+ NOT-FOR-US: Android
CVE-2024-22006 (Android kernel allows Information disclosure.)
- TODO: check
+ NOT-FOR-US: Android
CVE-2024-22005 (In TBD of TBD, there is a possible Authentication Bypass due
to improp ...)
- TODO: check
+ NOT-FOR-US: Android
CVE-2024-1696 (In Santesoft Sante FFT Imaging versions 1.4.1 and prior once a
user op ...)
- TODO: check
+ NOT-FOR-US: Santesoft Sante FFT Imaging
CVE-2024-1487 (The Photos and Files Contest Gallery WordPress plugin before
21.3.1 do ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-1441 (An off-by-one error flaw was found in the
udevListInterfacesByStatus() ...)
TODO: check
CVE-2024-1373
REJECTED
CVE-2024-1290 (The User Registration WordPress plugin before 2.12 does not
prevent us ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-1279 (The Paid Memberships Pro WordPress plugin before 2.12.9 does
not preve ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-1273 (The Starbox WordPress plugin before 3.5.0 does not sanitise and
escape ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-1068 (The 404 Solution WordPress plugin before 2.35.8 does not
properly sani ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-0670 (Privilege escalation in windows agent plugin in Checkmk before
2.2.0p2 ...)
TODO: check
CVE-2024-0561 (The Ultimate Posts Widget WordPress plugin before 2.3.1 does
not valid ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-0559 (The Enhanced Text Widget WordPress plugin before 1.6.6 does not
valida ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-0053 (In getCustomPrinterIcon of PrintManagerService.java, there is a
possib ...)
- TODO: check
+ NOT-FOR-US: Android
CVE-2024-0052 (In multiple functions of healthconnect, there is a possible
leakage of ...)
- TODO: check
+ NOT-FOR-US: Android
CVE-2024-0051 (In onQueueFilled of SoftMPEG4.cpp, there is a possible out of
bounds w ...)
- TODO: check
+ NOT-FOR-US: Android
CVE-2024-0050 (In getConfig of SoftVideoDecoderOMXComponent.cpp, there is a
possible ...)
- TODO: check
+ NOT-FOR-US: Android
CVE-2024-0049 (In multiple locations, there is a possible out of bounds write
due to ...)
- TODO: check
+ NOT-FOR-US: Android
CVE-2024-0048 (In Session of AccountManagerService.java, there is a possible
method t ...)
- TODO: check
+ NOT-FOR-US: Android
CVE-2024-0047 (In writeUserLP of UserManagerService.java, device policies are
seriali ...)
- TODO: check
+ NOT-FOR-US: Android
CVE-2024-0046 (In installExistingPackageAsUser of InstallPackageHelper.java,
there is ...)
- TODO: check
+ NOT-FOR-US: Android
CVE-2024-0045 (In smp_proc_sec_req of smp_act.cc, there is a possible out of
bounds r ...)
- TODO: check
+ NOT-FOR-US: Android
CVE-2024-0044 (In createSessionInternal of PackageInstallerService.java, there
is a p ...)
- TODO: check
+ NOT-FOR-US: Android
CVE-2024-0039 (In attp_build_value_cmd of att_protocol.cc, there is a possible
out of ...)
- TODO: check
+ NOT-FOR-US: Android
CVE-2023-7247 (The Login as User or Customer WordPress plugin through 3.8 does
not pr ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-6444 (The Seriously Simple Podcasting WordPress plugin before 3.0.0
disclose ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-2365 (A vulnerability classified as problematic was found in
Musicshelf 1.0/ ...)
NOT-FOR-US: Musicshelf
CVE-2024-2364 (A vulnerability classified as problematic has been found in
Musicshelf ...)
@@ -171,9 +171,9 @@ CVE-2024-2313 (If kernel headers need to be extracted,
bpftrace will attempt to
- bpftrace <unfixed>
NOTE:
https://github.com/bpftrace/bpftrace/commit/4be4b7191acb8218240e6b7178c30fa8c9b59998
CVE-2024-2184 (Buffer overflow in identifier field of WSD probe request
process of Sm ...)
- TODO: check
+ NOT-FOR-US: Small Office Multifunction Printers and Laser Printers
(Canon)
CVE-2024-28823 (Amazon AWS aws-js-s3-explorer (aka AWS JavaScript S3 Explorer)
1.0.0 a ...)
- TODO: check
+ NOT-FOR-US: AWS JavaScript S3 Explorer
CVE-2024-28816 (Student Information Chatbot a0196ab allows SQL injection via
the usern ...)
NOT-FOR-US: Student Information Chatbot
CVE-2024-2355 (A vulnerability has been found in keerti1924
Secret-Coder-PHP-Project ...)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/4a497a2a3857b0dfe3b3b5f8673151c257bf5b11
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/4a497a2a3857b0dfe3b3b5f8673151c257bf5b11
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
debian-security-tracker-commits@alioth-lists.debian.net
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
