[Git][security-tracker-team/security-tracker][master] NFUs

Moritz Muehlenhoff (@jmm) Tue, 28 Jan 2025 06:45:51 -0800


Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / 
security-tracker



Commits:
00c6eff3 by Moritz Muehlenhoff at 2025-01-28T15:44:45+01:00
NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -157,59 +157,59 @@ CVE-2024-56178 (An issue was discovered in Couchbase 
Server 7.6.x through 7.6.3.
 CVE-2024-54728 (Incorrect access control in BYD QIN PLUS DM-i Dilink OS 
3.0_13.1.7.220 ...)
        NOT-FOR-US: BYD QIN PLUS DM-i Dilink OS
 CVE-2024-54557 (A logic issue was addressed with improved restrictions. This 
issue is  ...)
-       TODO: check
+       NOT-FOR-US: Apple
 CVE-2024-54550 (This issue was addressed with improved redaction of sensitive 
informat ...)
-       TODO: check
+       NOT-FOR-US: Apple
 CVE-2024-54549 (This issue was addressed with improved redaction of sensitive 
informat ...)
-       TODO: check
+       NOT-FOR-US: Apple
 CVE-2024-54547 (The issue was addressed with improved checks. This issue is 
fixed in m ...)
-       TODO: check
+       NOT-FOR-US: Apple
 CVE-2024-54543 (The issue was addressed with improved memory handling. This 
issue is f ...)
-       TODO: check
+       NOT-FOR-US: Apple
 CVE-2024-54542 (An authentication issue was addressed with improved state 
management.  ...)
-       TODO: check
+       NOT-FOR-US: Apple
 CVE-2024-54541 (This issue was addressed through improved state management. 
This issue ...)
-       TODO: check
+       NOT-FOR-US: Apple
 CVE-2024-54539 (This issue was addressed through improved state management. 
This issue ...)
-       TODO: check
+       NOT-FOR-US: Apple
 CVE-2024-54537 (This issue was addressed with additional entitlement checks. 
This issu ...)
-       TODO: check
+       NOT-FOR-US: Apple
 CVE-2024-54536 (The issue was addressed with improved validation of 
environment variab ...)
-       TODO: check
+       NOT-FOR-US: Apple
 CVE-2024-54530 (The issue was addressed with improved checks. This issue is 
fixed in m ...)
-       TODO: check
+       NOT-FOR-US: Apple
 CVE-2024-54523 (The issue was addressed with improved bounds checks. This 
issue is fix ...)
-       TODO: check
+       NOT-FOR-US: Apple
 CVE-2024-54522 (The issue was addressed with improved bounds checks. This 
issue is fix ...)
-       TODO: check
+       NOT-FOR-US: Apple
 CVE-2024-54520 (A path handling issue was addressed with improved validation. 
This iss ...)
-       TODO: check
+       NOT-FOR-US: Apple
 CVE-2024-54519 (The issue was resolved by sanitizing logging. This issue is 
fixed in m ...)
-       TODO: check
+       NOT-FOR-US: Apple
 CVE-2024-54518 (The issue was addressed with improved bounds checks. This 
issue is fix ...)
-       TODO: check
+       NOT-FOR-US: Apple
 CVE-2024-54517 (The issue was addressed with improved bounds checks. This 
issue is fix ...)
-       TODO: check
+       NOT-FOR-US: Apple
 CVE-2024-54516 (A permissions issue was addressed with additional 
restrictions. This i ...)
-       TODO: check
+       NOT-FOR-US: Apple
 CVE-2024-54512 (The issue was addressed by removing the relevant flags. This 
issue is  ...)
-       TODO: check
+       NOT-FOR-US: Apple
 CVE-2024-54509 (An out-of-bounds write issue was addressed with improved input 
validat ...)
-       TODO: check
+       NOT-FOR-US: Apple
 CVE-2024-54507 (A type confusion issue was addressed with improved memory 
handling. Th ...)
-       TODO: check
+       NOT-FOR-US: Apple
 CVE-2024-54499 (A use-after-free issue was addressed with improved memory 
management.  ...)
-       TODO: check
+       NOT-FOR-US: Apple
 CVE-2024-54497 (The issue was addressed with improved checks. This issue is 
fixed in i ...)
-       TODO: check
+       NOT-FOR-US: Apple
 CVE-2024-54488 (A logic issue was addressed with improved file handling. This 
issue is ...)
-       TODO: check
+       NOT-FOR-US: Apple
 CVE-2024-54478 (An out-of-bounds access issue was addressed with improved 
bounds check ...)
-       TODO: check
+       NOT-FOR-US: Apple
 CVE-2024-54475 (A privacy issue was addressed with improved private data 
redaction for ...)
-       TODO: check
+       NOT-FOR-US: Apple
 CVE-2024-54468 (The issue was addressed with improved checks. This issue is 
fixed in m ...)
-       TODO: check
+       NOT-FOR-US: Apple
 CVE-2024-53881 (NVIDIA vGPU software contains a vulnerability in the host 
driver, wher ...)
        NOT-FOR-US: NVIDIA vGPU software
 CVE-2024-48662 (Cross Site Scripting vulnerability in AdGuard Application 
v.7.18.1 (47 ...)
@@ -219,7 +219,7 @@ CVE-2024-45340 (Credentials provided via the new GOAUTH 
feature were not being p
 CVE-2024-45339 (When logs are written to a widely-writable directory (the 
default), an ...)
        TODO: check
 CVE-2024-44172 (A privacy issue was addressed with improved private data 
redaction for ...)
-       TODO: check
+       NOT-FOR-US: Apple
 CVE-2024-37526 (IBM Watson Query on Cloud Pak for Data (IBM Data 
Virtualization1.8, 2. ...)
        NOT-FOR-US: IBM
 CVE-2024-28786 (IBM QRadar SIEM 7.5 transmits sensitive or security-critical 
data in c ...)
@@ -239,17 +239,17 @@ CVE-2024-12807 (The Social Share Buttons for WordPress 
plugin through 2.7 does n
 CVE-2024-12723 (The Infility Global WordPress plugin through 2.9.8 does not 
sanitise a ...)
        NOT-FOR-US: WordPress plugin
 CVE-2024-12649 (Buffer overflow in XPS data font processing of Small Office 
Multifunct ...)
-       TODO: check
+       NOT-FOR-US: Canon
 CVE-2024-12648 (Buffer overflow in TIFF data EXIF tag processing of Small 
Office Multi ...)
-       TODO: check
+       NOT-FOR-US: Canon
 CVE-2024-12647 (Buffer overflow in CPCA font download processing of Small 
Office Multi ...)
-       TODO: check
+       NOT-FOR-US: Canon
 CVE-2024-11135 (The Eventer plugin for WordPress is vulnerable to SQL 
Injection via th ...)
        NOT-FOR-US: WordPress plugin
 CVE-2024-0146 (NVIDIA vGPU software contains a vulnerability in the Virtual 
GPU Manag ...)
        NOT-FOR-US: NVIDIA vGPU software
 CVE-2024-0140 (NVIDIA RAPIDS contains a vulnerability in cuDF and cuML, where 
a user  ...)
-       TODO: check
+       NOT-FOR-US: NVIDIA
 CVE-2024-0137 (NVIDIA Container Toolkit contains an improper isolation 
vulnerability  ...)
        NOT-FOR-US: NVIDIA Container Toolkit
 CVE-2024-0136 (NVIDIA Container Toolkit contains an improper isolation 
vulnerability  ...)
@@ -375,7 +375,7 @@ CVE-2025-23529 (Missing Authorization vulnerability in 
Blokhaus Minterpress allo
 CVE-2025-23457 (Improper Neutralization of Input During Web Page Generation 
('Cross-si ...)
        NOT-FOR-US: WordPress plugin
 CVE-2025-23197 (matrix-hookshot is a Matrix bot for connecting to external 
services li ...)
-       TODO: check
+       NOT-FOR-US: matrix-hookshot
 CVE-2025-22604 (Cacti is an open source performance and fault management 
framework. Du ...)
        - cacti <unfixed>
        NOTE: 
https://github.com/Cacti/cacti/security/advisories/GHSA-c5j8-jxj3-hh36



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/00c6eff3add0cfaeb6e48e1041678f496f1857fd

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/00c6eff3add0cfaeb6e48e1041678f496f1857fd
You're receiving this email because of your account on salsa.debian.org.

_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

[Git][security-tracker-team/security-tracker][master] NFUs

Reply via email to