[Git][security-tracker-team/security-tracker][master] Process some more NFUs

Salvatore Bonaccorso (@carnil) Wed, 10 Jul 2024 03:02:28 -0700


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker



Commits:
ab2ebc54 by Salvatore Bonaccorso at 2024-07-10T11:39:10+02:00
Process some more NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -83,87 +83,87 @@ CVE-2024-36450 (Cross-site scripting vulnerability exists 
in sysinfo.cgi of Webm
 CVE-2024-35154 (IBM WebSphere Application Server 8.5 and 9.0 could allow a 
remote auth ...)
        NOT-FOR-US: IBM
 CVE-2024-34726 (In PVRSRV_MMap of pvr_bridge_k.c, there is a possible 
arbitrary code e ...)
-       TODO: check
+       NOT-FOR-US: Android
 CVE-2024-34725 (In DevmemIntUnexportCtx of devicemem_server.c, there is a 
possible arb ...)
-       TODO: check
+       NOT-FOR-US: Android
 CVE-2024-34724 (In _UnrefAndMaybeDestroy of pmr.c, there is a possible 
arbitrary code  ...)
-       TODO: check
+       NOT-FOR-US: Android
 CVE-2024-34723 (In onTransact of ParcelableListBinder.java , there is a 
possible way t ...)
-       TODO: check
+       NOT-FOR-US: Android
 CVE-2024-34722 (In smp_proc_rand of smp_act.cc, there is a possible 
authentication byp ...)
-       TODO: check
+       NOT-FOR-US: Android
 CVE-2024-34721 (In ensureFileColumns of MediaProvider.java, there is a 
possible disclo ...)
-       TODO: check
+       NOT-FOR-US: Android
 CVE-2024-34720 (In 
com_android_internal_os_ZygoteCommandBuffer_nativeForkRepeatedly of ...)
-       TODO: check
+       NOT-FOR-US: Android
 CVE-2024-32670 (Exposure of Sensitive Information to an Unauthorized Actor in 
Samsung  ...)
-       TODO: check
+       NOT-FOR-US: Samsung
 CVE-2024-31339 (In multiple functions of StatsService.cpp, there is a possible 
memory  ...)
-       TODO: check
+       NOT-FOR-US: Android
 CVE-2024-31335 (In DevmemIntChangeSparse2 of devicemem_server.c, there is a 
possible a ...)
-       TODO: check
+       NOT-FOR-US: Android
 CVE-2024-31334 (In DevmemIntFreeDefBackingPage of devicemem_server.c, there is 
a possi ...)
-       TODO: check
+       NOT-FOR-US: Android
 CVE-2024-31332 (In multiple locations, there is a possible way to bypass a 
restriction ...)
-       TODO: check
+       NOT-FOR-US: Android
 CVE-2024-31331 (In setMimeGroup of PackageManagerService.java, there is a 
possible way ...)
-       TODO: check
+       NOT-FOR-US: Android
 CVE-2024-31327 (In multiple functions of MessageQueueBase.h, there is a 
possible out o ...)
-       TODO: check
+       NOT-FOR-US: Android
 CVE-2024-31326 (In multiple locations, there is a possible way in which policy 
migrati ...)
-       TODO: check
+       NOT-FOR-US: Android
 CVE-2024-31325 (In multiple locations, there is a possible way to reveal 
images across ...)
-       TODO: check
+       NOT-FOR-US: Android
 CVE-2024-31324 (In hide of WindowState.java, there is a possible way to bypass 
tapjack ...)
-       TODO: check
+       NOT-FOR-US: Android
 CVE-2024-31323 (In onCreate of multiple files, there is a possible way to 
trick the us ...)
-       TODO: check
+       NOT-FOR-US: Android
 CVE-2024-31322 (In updateServicesLocked of AccessibilityManagerService.java, 
there is  ...)
-       TODO: check
+       NOT-FOR-US: Android
 CVE-2024-31320 (In setSkipPrompt of AssociationRequest.java , there is a 
possible way  ...)
-       TODO: check
+       NOT-FOR-US: Android
 CVE-2024-31319 (In updateNotificationChannelFromPrivilegedListener of 
NotificationMana ...)
-       TODO: check
+       NOT-FOR-US: Android
 CVE-2024-31318 (In CompanionDeviceManagerService.java, there is a possible way 
to pair ...)
-       TODO: check
+       NOT-FOR-US: Android
 CVE-2024-31317 (In multiple functions of ZygoteProcess.java, there is a 
possible way t ...)
-       TODO: check
+       NOT-FOR-US: Android
 CVE-2024-31316 (In onResult of AccountManagerService.java, there is a possible 
way to  ...)
-       TODO: check
+       NOT-FOR-US: Android
 CVE-2024-31315 (In multiple functions of ManagedServices.java, there is a 
possible way ...)
-       TODO: check
+       NOT-FOR-US: Android
 CVE-2024-31314 (In multiple functions of ShortcutService.java, there is a 
possible per ...)
-       TODO: check
+       NOT-FOR-US: Android
 CVE-2024-31313 (In availableToWriteBytes of MessageQueueBase.h, there is a 
possible ou ...)
-       TODO: check
+       NOT-FOR-US: Android
 CVE-2024-31312 (In multiple locations, there is a possible information leak 
due to a m ...)
-       TODO: check
+       NOT-FOR-US: Android
 CVE-2024-31311 (In increment_annotation_count of stats_event.c, there is a 
possible ou ...)
-       TODO: check
+       NOT-FOR-US: Android
 CVE-2024-31310 (In newServiceInfoLocked of AutofillManagerServiceImpl.java, 
there is a ...)
-       TODO: check
+       NOT-FOR-US: Android
 CVE-2024-27386 (A vulnerability was discovered in the 
slsi_handle_nan_rx_event_log_ind ...)
-       TODO: check
+       NOT-FOR-US: Samsung
 CVE-2024-27385 (A vulnerability was discovered in the 
slsi_handle_nan_rx_event_log_ind ...)
-       TODO: check
+       NOT-FOR-US: Samsung
 CVE-2024-25023 (IBM Cloud Pak for Security 1.10.0.0 through 1.10.11.0 and IBM 
QRadar S ...)
        NOT-FOR-US: IBM
 CVE-2024-23711 (In DevmemXIntUnreserveRange of devicemem_server.c, there is a 
possible ...)
-       TODO: check
+       NOT-FOR-US: Android
 CVE-2024-23698 (In RGXFWChangeOSidPriority of rgxfwutils.c, there is a 
possible arbitr ...)
-       TODO: check
+       NOT-FOR-US: Android
 CVE-2024-23697 (In RGXCreateHWRTData_aux of rgxta3d.c, there is a possible 
arbitrary c ...)
-       TODO: check
+       NOT-FOR-US: Android
 CVE-2024-23696 (In RGXCreateZSBufferKM of rgxta3d.c, there is a possible 
arbitrary cod ...)
-       TODO: check
+       NOT-FOR-US: Android
 CVE-2024-23695 (In CacheOpPMRExec of cache_km.c, there is a possible out of 
bounds wri ...)
-       TODO: check
+       NOT-FOR-US: Android
 CVE-2024-22477 (A cross-site scripting vulnerability exists in the admin 
console OIDC  ...)
        TODO: check
 CVE-2024-22377 (The deploy directory in PingFederate runtime nodes is 
reachable to una ...)
        TODO: check
 CVE-2024-21993 (SnapCenter versions prior to 5.0p1 are susceptible to a 
vulnerability  ...)
-       TODO: check
+       NOT-FOR-US: NetAPP
 CVE-2024-21832 (A potential JSON injection attack vector exists in 
PingFederate REST A ...)
        TODO: check
 CVE-2024-21526 (All versions of the package speaker are vulnerable to Denial 
of Servic ...)



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/ab2ebc54b5f1628ef010b57678806ce38a3e99e3

-- 
This project does not include diff previews in email notifications.
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/ab2ebc54b5f1628ef010b57678806ce38a3e99e3
You're receiving this email because of your account on salsa.debian.org.

_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

[Git][security-tracker-team/security-tracker][master] Process some more NFUs

Reply via email to