[Git][security-tracker-team/security-tracker][master] NFUs

Thu, 14 Nov 2024 07:57:46 -0800 


Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
9ba032bd by Moritz Muehlenhoff at 2024-11-14T16:56:41+01:00
NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -284,85 +284,85 @@ CVE-2024-50853 (Tenda G3 v3.0 v15.11.0.20 was discovered 
to contain a command in
 CVE-2024-50852 (Tenda G3 v3.0 v15.11.0.20 was discovered to contain a command 
injectio ...)
        NOT-FOR-US: Tenda
 CVE-2024-49506 (Insecure creation of temporary files allows local users on 
systems wit ...)
-       TODO: check
+       NOT-FOR-US: OpenSuSE
 CVE-2024-49505 (A Improper Neutralization of Input During Web Page Generation 
('Cross- ...)
        NOT-FOR-US: openSUSE Tumbleweed MirrorCache
 CVE-2024-49504 (grub2 allowed attackers with access to the grub shell to 
access files  ...)
        TODO: check
 CVE-2024-49379 (Umbrel is a home server OS for self-hosting. The login 
functionality o ...)
-       TODO: check
+       NOT-FOR-US: Umbrel
 CVE-2024-48989 (A vulnerability in the PROFINET stack implementation of the 
IndraDrive ...)
-       TODO: check
+       NOT-FOR-US: Bosch
 CVE-2024-48900 (A vulnerability was found in Moodle. Additional checks are 
required to ...)
        - moodle <removed>
 CVE-2024-48510 (Directory Traversal vulnerability in DotNetZip v.1.16.0 and 
before all ...)
-       TODO: check
+       NOT-FOR-US: DotNetZip
 CVE-2024-47574 (A authentication bypass using an alternate path or channel in 
Fortinet ...)
        NOT-FOR-US: FortiGuard
 CVE-2024-45594 (Decidim is a participatory democracy framework. The meeting 
embeds fea ...)
-       TODO: check
+       NOT-FOR-US: Decidim
 CVE-2024-43093 (In shouldHideDocument of ExternalStorageProvider.java, there 
is a poss ...)
-       TODO: check
+       NOT-FOR-US: Android
 CVE-2024-43091 (In filterMask of SkEmbossMaskFilter.cpp, there is a possible 
out of bo ...)
-       TODO: check
+       NOT-FOR-US: Android
 CVE-2024-43090 (In multiple locations, there is a possible cross-user image 
read due t ...)
-       TODO: check
+       NOT-FOR-US: Android
 CVE-2024-43089 (In updateInternal of MediaProvider.java , there is a possible 
access o ...)
-       TODO: check
+       NOT-FOR-US: Android
 CVE-2024-43088 (In multiple functions in AppInfoBase.java, there is a possible 
way to  ...)
-       TODO: check
+       NOT-FOR-US: Android
 CVE-2024-43087 (In getInstalledAccessibilityPreferences of 
AccessibilitySettings.java, ...)
-       TODO: check
+       NOT-FOR-US: Android
 CVE-2024-43086 (In validateAccountsInternal of AccountManagerService.java, 
there is a  ...)
-       TODO: check
+       NOT-FOR-US: Android
 CVE-2024-43085 (In handleMessage of UsbDeviceManager.java, there is a possible 
method  ...)
-       TODO: check
+       NOT-FOR-US: Android
 CVE-2024-43084 (In visitUris of multiple files, there is a possible 
information disclo ...)
-       TODO: check
+       NOT-FOR-US: Android
 CVE-2024-43083 (In validate of WifiConfigurationUtil.java , there is a 
possible persis ...)
-       TODO: check
+       NOT-FOR-US: Android
 CVE-2024-43082 (In onActivityResult of EditUserPhotoController.java, there is 
a possib ...)
-       TODO: check
+       NOT-FOR-US: Android
 CVE-2024-43081 (In installExistingPackageAsUser of InstallPackageHelper.java, 
there is ...)
-       TODO: check
+       NOT-FOR-US: Android
 CVE-2024-43080 (In onReceive of AppRestrictionsFragment.java, there is a 
possible esca ...)
-       TODO: check
+       NOT-FOR-US: Android
 CVE-2024-42834 (A stored cross-site scripting (XSS) vulnerability in the 
Create Custom ...)
-       TODO: check
+       NOT-FOR-US: Android
 CVE-2024-40671 (In DevmemIntChangeSparse2 of devicemem_server.c, there is a 
possible w ...)
-       TODO: check
+       NOT-FOR-US: Android
 CVE-2024-40661 (In mayAdminGrantPermission of 
AdminRestrictedPermissionsUtils.java, th ...)
-       TODO: check
+       NOT-FOR-US: Android
 CVE-2024-40660 (In setTransactionState of SurfaceFlinger.cpp, there is a 
possible way  ...)
-       TODO: check
+       NOT-FOR-US: Android
 CVE-2024-40443 (SQL Injection vulnerability in Simple Laboratory Management 
System usi ...)
-       TODO: check
+       NOT-FOR-US: Android
 CVE-2024-34747 (In DevmemXIntMapPages of devicemem_server.c, there is a 
possible use-a ...)
-       TODO: check
+       NOT-FOR-US: Android
 CVE-2024-34729 (In multiple locations, there is a possible arbitrary code 
execution du ...)
-       TODO: check
+       NOT-FOR-US: Android
 CVE-2024-34719 (In multiple locations, there is a possible permissions bypass 
due to a ...)
-       TODO: check
+       NOT-FOR-US: Android
 CVE-2024-31337 (In PVRSRVRGXKickTA3DKM of rgxta3d.c, there is a possible 
arbitrary cod ...)
-       TODO: check
+       NOT-FOR-US: Android
 CVE-2024-23715 (In PMRWritePMPageList of pmr.c, there is a possible out of 
bounds writ ...)
-       TODO: check
+       NOT-FOR-US: Android
 CVE-2024-11175 (A vulnerability was found in Public CMS 5.202406.d and 
classified as p ...)
-       TODO: check
+       NOT-FOR-US: Public CMS
 CVE-2024-11165 (An information disclosure vulnerability exists in the backup 
configura ...)
-       TODO: check
+       NOT-FOR-US: Yugabyte
 CVE-2024-11028 (The MultiManager WP \u2013 Manage All Your WordPress Sites 
Easily plug ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2024-10013 (In Progress Telerik UI for WinForms versions prior to 2024 Q4 
(2024.4. ...)
-       TODO: check
+       NOT-FOR-US: Telerik UI
 CVE-2024-10012 (In Progress Telerik UI for WPF versions prior to 2024 Q4 
(2024.4.1111) ...)
-       TODO: check
+       NOT-FOR-US: Telerik UI
 CVE-2023-38920 (Cross Site Scripting vulnerability in Cyber Cafe Management 
System v.1 ...)
-       TODO: check
+       NOT-FOR-US: Cyber Cafe Management System
 CVE-2023-35686 (In PVRSRVRGXKickTA3DKM of rgxta3d.c, there is a possible 
arbitrary cod ...)
-       TODO: check
+       NOT-FOR-US: Android
 CVE-2023-35659 (In DevmemIntChangeSparse of devicemem_server.c, there is a 
possible ar ...)
-       TODO: check
+       NOT-FOR-US: Android
 CVE-2024-11159 (Using remote content in OpenPGP encrypted messages can lead to 
the dis ...)
        - thunderbird 1:128.4.3esr-1
        NOTE: 
https://www.mozilla.org/en-US/security/advisories/mfsa2024-61/#CVE-2024-11159



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/9ba032bdd85e4c781d439ada7290301bff66a7c2

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/9ba032bdd85e4c781d439ada7290301bff66a7c2
You're receiving this email because of your account on salsa.debian.org.



_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

Reply via email to