Moritz Muehlenhoff pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
41913c31 by Moritz Muehlenhoff at 2024-06-14T16:15:40+02:00
NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -137,187 +137,187 @@ CVE-2024-32901 (In v4l2_smfc_qbuf of
smfc-v4l2-ioctls.c, there is a possible out
CVE-2024-32900 (In lwis_fence_signal of lwis_debug.c, there is a possible Use
after Fr ...)
NOT-FOR-US: Android
CVE-2024-32899 (In gpu_pm_power_off_top_nolock of pixel_gpu_power.c, there is
a possib ...)
- TODO: check
+ NOT-FOR-US: Android
CVE-2024-32898 (In ProtocolCellIdentityParserV4::Parse() of
protocolnetadapter.cpp, th ...)
- TODO: check
+ NOT-FOR-US: Android
CVE-2024-32897 (In ProtocolCdmaCallWaitingIndAdapter::GetCwInfo() of
protocolsmsadapte ...)
- TODO: check
+ NOT-FOR-US: Android
CVE-2024-32896 (there is a possible way to bypass due to a logic error in the
code. T ...)
- TODO: check
+ NOT-FOR-US: Android
CVE-2024-32895 (In BCMFASTPATH of dhd_msgbuf.c, there is a possible out of
bounds writ ...)
- TODO: check
+ NOT-FOR-US: Android
CVE-2024-32894 (In bc_get_converted_received_bearer of bc_utilities.c, there
is a poss ...)
- TODO: check
+ NOT-FOR-US: Android
CVE-2024-32893 (In _s5e9865_mif_set_rate of exynos_dvfs.c, there is a possible
out of ...)
- TODO: check
+ NOT-FOR-US: Android
CVE-2024-32892 (In handle_init of goodix/main/main.c, there is a possible
memory corru ...)
- TODO: check
+ NOT-FOR-US: Android
CVE-2024-32891 (In sec_media_unprotect of media.c, there is a possible memory
corrupti ...)
- TODO: check
+ NOT-FOR-US: Android
CVE-2024-31777 (File Upload vulnerability in openeclass v.3.15 and before
allows an at ...)
- TODO: check
+ NOT-FOR-US: openeclass
CVE-2024-31163 (ASUS Download Master has a buffer overflow vulnerability. An
unauthent ...)
- TODO: check
+ NOT-FOR-US: ASUS
CVE-2024-31162 (The specific function parameter of ASUS Download Master does
not prope ...)
- TODO: check
+ NOT-FOR-US: ASUS
CVE-2024-31161 (The upload functionality of ASUS Download Master does not
properly fil ...)
- TODO: check
+ NOT-FOR-US: ASUS
CVE-2024-31160 (The parameter used in the certain page of ASUS Download Master
is not ...)
- TODO: check
+ NOT-FOR-US: ASUS
CVE-2024-31159 (The parameter used in the certain page of ASUS Download Master
is not ...)
- TODO: check
+ NOT-FOR-US: ASUS
CVE-2024-2218 (The LuckyWP Table of Contents WordPress plugin through 2.1.4
does not ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-2122 (The Best WordPress Gallery Plugin \u2013 FooGallery plugin for
WordPre ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-29787 (In lwis_process_transactions_in_queue of lwis_transaction.c,
there is ...)
- TODO: check
+ NOT-FOR-US: Android
CVE-2024-29786 (In pktproc_fill_data_addr_without_bm of link_rx_pktproc.c,
there is a ...)
- TODO: check
+ NOT-FOR-US: Android
CVE-2024-29785 (In aur_get_state of aurora.c, there is a possible information
disclosu ...)
- TODO: check
+ NOT-FOR-US: Android
CVE-2024-29784 (In prepare_response of lwis_periodic_io.c, there is a possible
out of ...)
- TODO: check
+ NOT-FOR-US: Android
CVE-2024-29781 (In ss_AnalyzeOssReturnResUssdArgIe of ss_OssAsnManagement.c,
there is ...)
- TODO: check
+ NOT-FOR-US: Android
CVE-2024-29780 (In hwbcc_ns_deprivilege of
trusty/user/base/lib/hwbcc/client/hwbcc.c, ...)
- TODO: check
+ NOT-FOR-US: Android
CVE-2024-29778 (In ProtocolPsDedicatedBearInfoAdapter::processQosSession of
protocolps ...)
- TODO: check
+ NOT-FOR-US: Android
CVE-2024-27180 (An attacker with admin access can install rogue applications.
As for t ...)
- TODO: check
+ NOT-FOR-US: Toshiba
CVE-2024-27179 (Admin cookies are written in clear-text in logs. An attacker
can retri ...)
- TODO: check
+ NOT-FOR-US: Toshiba
CVE-2024-27178 (An attacker can get Remote Code Execution by overwriting
files. Overw ...)
- TODO: check
+ NOT-FOR-US: Toshiba
CVE-2024-27177 (An attacker can get Remote Code Execution by overwriting
files. Overw ...)
- TODO: check
+ NOT-FOR-US: Toshiba
CVE-2024-27176 (An attacker can get Remote Code Execution by overwriting
files. Overwr ...)
- TODO: check
+ NOT-FOR-US: Toshiba
CVE-2024-27175 (Remote Command program allows an attacker to read any file
using a Loc ...)
- TODO: check
+ NOT-FOR-US: Toshiba
CVE-2024-27174 (Remote Command program allows an attacker to get Remote Code
Execution ...)
- TODO: check
+ NOT-FOR-US: Toshiba
CVE-2024-27173 (Remote Command program allows an attacker to get Remote Code
Execution ...)
- TODO: check
+ NOT-FOR-US: Toshiba
CVE-2024-27172 (Remote Command program allows an attacker to get Remote Code
Execution ...)
- TODO: check
+ NOT-FOR-US: Toshiba
CVE-2024-27171 (A remote attacker using the insecure upload functionality will
be able ...)
- TODO: check
+ NOT-FOR-US: Toshiba
CVE-2024-27170 (It was observed that all the Toshiba printers contain
credentials used ...)
- TODO: check
+ NOT-FOR-US: Toshiba
CVE-2024-27169 (Toshiba printers provides API without authentication for
internal acce ...)
- TODO: check
+ NOT-FOR-US: Toshiba
CVE-2024-27168 (It appears that some hardcoded keys are used for
authentication to int ...)
- TODO: check
+ NOT-FOR-US: Toshiba
CVE-2024-27167 (Toshiba printers use Sendmail to send emails to recipients.
Sendmail i ...)
- TODO: check
+ NOT-FOR-US: Toshiba
CVE-2024-27166 (Coredump binaries in Toshiba printers have incorrect
permissions. A lo ...)
- TODO: check
+ NOT-FOR-US: Toshiba
CVE-2024-27165 (Toshiba printers contain a suidperl binary and it has a Local
Privileg ...)
- TODO: check
+ NOT-FOR-US: Toshiba
CVE-2024-27164 (Toshiba printers contain hardcoded credentials. As for the
affected pr ...)
- TODO: check
+ NOT-FOR-US: Toshiba
CVE-2024-27163 (Toshiba printers will display the password of the admin user
in clear- ...)
- TODO: check
+ NOT-FOR-US: Toshiba
CVE-2024-27162 (Toshiba printers provide a web interface that will load the
JavaScript ...)
- TODO: check
+ NOT-FOR-US: Toshiba
CVE-2024-27161 (all the Toshiba printers have programs containing a hardcoded
key used ...)
- TODO: check
+ NOT-FOR-US: Toshiba
CVE-2024-27160 (All the Toshiba printers contain a shell script using the same
hardcod ...)
- TODO: check
+ NOT-FOR-US: Toshiba
CVE-2024-27159 (All the Toshiba printers contain a shell script using the same
hardcod ...)
- TODO: check
+ NOT-FOR-US: Toshiba
CVE-2024-27158 (All the Toshiba printers share the same hardcoded root
password. As fo ...)
- TODO: check
+ NOT-FOR-US: Toshiba
CVE-2024-27157 (The sessions are stored in clear-text logs. An attacker can
retrieve a ...)
- TODO: check
+ NOT-FOR-US: Toshiba
CVE-2024-27156 (The session cookies, used for authentication, are stored in
clear-text ...)
- TODO: check
+ NOT-FOR-US: Toshiba
CVE-2024-27155 (The Toshiba printers are vulnerable to a Local Privilege
Escalation vu ...)
- TODO: check
+ NOT-FOR-US: Toshiba
CVE-2024-27154 (Passwords are stored in clear-text logs. An attacker can
retrieve pass ...)
- TODO: check
+ NOT-FOR-US: Toshiba
CVE-2024-27153 (The Toshiba printers are vulnerable to a Local Privilege
Escalation vu ...)
- TODO: check
+ NOT-FOR-US: Toshiba
CVE-2024-27152 (The Toshiba printers are vulnerable to a Local Privilege
Escalation vu ...)
- TODO: check
+ NOT-FOR-US: Toshiba
CVE-2024-27151 (The Toshiba printers are vulnerable to a Local Privilege
Escalation vu ...)
- TODO: check
+ NOT-FOR-US: Toshiba
CVE-2024-27150 (The Toshiba printers are vulnerable to a Local Privilege
Escalation vu ...)
- TODO: check
+ NOT-FOR-US: Toshiba
CVE-2024-27149 (The Toshiba printers are vulnerable to a Local Privilege
Escalation vu ...)
- TODO: check
+ NOT-FOR-US: Toshiba
CVE-2024-27148 (The Toshiba printers are vulnerable to a Local Privilege
Escalation vu ...)
- TODO: check
+ NOT-FOR-US: Toshiba
CVE-2024-27147 (The Toshiba printers are vulnerable to a Local Privilege
Escalation vu ...)
- TODO: check
+ NOT-FOR-US: Toshiba
CVE-2024-27146 (The Toshiba printers do not implement privileges separation.
As for th ...)
- TODO: check
+ NOT-FOR-US: Toshiba
CVE-2024-27145 (The Toshiba printers provide several ways to upload files
using the ad ...)
- TODO: check
+ NOT-FOR-US: Toshiba
CVE-2024-27144 (The Toshiba printers provide several ways to upload files
using the we ...)
- TODO: check
+ NOT-FOR-US: Toshiba
CVE-2024-27143 (Toshiba printers use SNMP for configuration. Using the private
communi ...)
- TODO: check
+ NOT-FOR-US: Toshiba
CVE-2024-27142 (Toshiba printers use XML communication for the API endpoint
provided b ...)
- TODO: check
+ NOT-FOR-US: Toshiba
CVE-2024-27141 (Toshiba printers use XML communication for the API endpoint
provided b ...)
- TODO: check
+ NOT-FOR-US: Toshiba
CVE-2024-23504 (Missing Authorization vulnerability in WPManageNinja LLC Ninja
Tables. ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-1295 (The events-calendar-pro WordPress plugin before 6.4.0.1, The
Events Ca ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-1094 (The Timetics- AI-powered Appointment Booking with Visual Seat
Plan and ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-0892 (The Schema App Structured Data plugin for WordPress is
vulnerable to C ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-0103 (NVIDIA Triton Inference Server for Linux contains a
vulnerability wher ...)
- TODO: check
+ NOT-FOR-US: NVIDIA
CVE-2024-0099 (NVIDIA vGPU software for Linux contains a vulnerability in the
Virtual ...)
- TODO: check
+ NOT-FOR-US: NVIDIA
CVE-2024-0095 (NVIDIA Triton Inference Server for Linux and Windows contains a
vulner ...)
- TODO: check
+ NOT-FOR-US: NVIDIA
CVE-2024-0094 (NVIDIA vGPU software for Linux contains a vulnerability in the
Virtual ...)
- TODO: check
+ NOT-FOR-US: NVIDIA (vGPU not packaged in Debian)
CVE-2024-0093 (NVIDIA GPU software for Linux contains a vulnerability where it
can ex ...)
TODO: check
CVE-2024-0089 (NVIDIA GPU Display Driver for Windows contains a vulnerability
where t ...)
- TODO: check
+ NOT-FOR-US: NVIDIA
CVE-2024-0086 (NVIDIA vGPU software for Linux contains a vulnerability where
the soft ...)
- TODO: check
+ NOT-FOR-US: NVIDIA (vGPU not packaged in Debian)
CVE-2024-0085 (NVIDIA vGPU software for Windows and Linux contains a
vulnerability wh ...)
- TODO: check
+ NOT-FOR-US: NVIDIA (vGPU not packaged in Debian)
CVE-2024-0084 (NVIDIA vGPU software for Linux contains a vulnerability in the
Virtual ...)
- TODO: check
+ NOT-FOR-US: NVIDIA (vGPU not packaged in Debian)
CVE-2023-6492 (The Simple Sitemap \u2013 Create a Responsive HTML Sitemap
plugin for ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-51523 (Missing Authorization vulnerability in WriterSystem
WooCommerce Easy D ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-51516 (Missing Authorization vulnerability in Business Directory Team
Busines ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-51507 (Missing Authorization vulnerability in ExpressTech Quiz And
Survey Mas ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-51497 (Missing Authorization vulnerability in Woo WooCommerce Ship to
Multipl ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-51496 (Missing Authorization vulnerability in Woo WooCommerce
Warranty Reques ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-51495 (Missing Authorization vulnerability in Woo WooCommerce
Warranty Reques ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-51377 (Missing Authorization vulnerability in WPEverest Everest
Forms.This is ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-37394 (Missing Authorization vulnerability in Deepak anand WP Dummy
Content G ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-36695 (Missing Authorization vulnerability in Maxime Schoeni
Sublanguage.This ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-36694 (Missing Authorization vulnerability in Bryan Lee Kingkong
Board.This i ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-36504 (Missing Authorization vulnerability in BBS e-Theme BBS
e-Popup.This is ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-35045 (Missing Authorization vulnerability in Fat Rat Fat Rat
Collect.This is ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-35040 (Missing Authorization vulnerability in SendPress SendPress
Newsletters ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2024-25142
- airflow <itp> (bug #819700)
CVE-2024-5952 (Deep Sea Electronics DSE855 Restart Missing Authentication
Denial-of-S ...)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/41913c31397b1e2521e8e5fb85d2e0142125483b
--
This project does not include diff previews in email notifications.
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/41913c31397b1e2521e8e5fb85d2e0142125483b
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
