Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
c6fdb00c by Salvatore Bonaccorso at 2019-07-16T08:45:23Z
Process NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -10633,7 +10633,7 @@ CVE-2019-1010301 (jhead 3.03 is affected by: Buffer
Overflow. The impact is: Den
- jhead <unfixed> (bug #932145)
NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1679952
CVE-2019-1010300 (mz-automation libiec61850 1.3.2 1.3.1 1.3.0 is affected by:
Buffer Ove ...)
- TODO: check
+ NOT-FOR-US: libIEC61850
CVE-2019-1010299 (The Rust Programming Language Standard Library 1.18.0 and
later is aff ...)
TODO: check
CVE-2019-1010298 (Linaro/OP-TEE OP-TEE 3.3.0 and earlier is affected by:
Buffer Overflow ...)
@@ -11155,7 +11155,7 @@ CVE-2019-1010041
CVE-2019-1010040
RESERVED
CVE-2019-1010039 (uLaunchELF < commit 170827a is affected by: Buffer
Overflow. The im ...)
- TODO: check
+ NOT-FOR-US: uLaunchELF
CVE-2019-1010038 (OpenModelica OMCompiler is affected by: Buffer Overflow. The
impact is ...)
TODO: check
CVE-2019-1010037
@@ -19110,15 +19110,15 @@ CVE-2019-6829
CVE-2019-6828
RESERVED
CVE-2019-6827 (A CWE-787: Out-of-bounds Write vulnerability exists in
Interactive Gra ...)
- TODO: check
+ NOT-FOR-US: Interactive Graphical SCADA System (IGSS)
CVE-2019-6826
RESERVED
CVE-2019-6825 (A CWE-427: Uncontrolled Search Path Element vulnerability
exists in Pr ...)
- TODO: check
+ NOT-FOR-US: ProClima
CVE-2019-6824 (A CWE-119: Buffer Errors vulnerability exists in ProClima (all
version ...)
- TODO: check
+ NOT-FOR-US: ProClima
CVE-2019-6823 (A CWE-94: Code Injection vulnerability exists in ProClima (all
version ...)
- TODO: check
+ NOT-FOR-US: ProClima
CVE-2019-6822 (A Use After Free: CWE-416 vulnerability exists in Zelio Soft 2,
V5.2 a ...)
TODO: check
CVE-2019-6821 (CWE-330: Use of Insufficiently Random Values vulnerability,
which coul ...)
@@ -35070,7 +35070,7 @@ CVE-2019-1099
CVE-2019-1098
RESERVED
CVE-2019-1097 (An information disclosure vulnerability exists when DirectWrite
improp ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2019-1096 (An information disclosure vulnerability exists when the win32k
compone ...)
NOT-FOR-US: Microsoft
CVE-2019-1095 (An information disclosure vulnerability exists when the Windows
GDI co ...)
@@ -35096,7 +35096,7 @@ CVE-2019-1086 (An elevation of privilege exists in
Windows Audio Service, aka 'W
CVE-2019-1085 (An elevation of privilege vulnerability exists in the way that
the wla ...)
NOT-FOR-US: Microsoft
CVE-2019-1084 (An information disclosure vulnerability exists when Exchange
allows cr ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2019-1083 (A denial of service vulnerability exists when Microsoft Common
Object ...)
NOT-FOR-US: Microsoft
CVE-2019-1082 (An elevation of privilege vulnerability exists in Microsoft
Windows wh ...)
@@ -35106,13 +35106,13 @@ CVE-2019-1081 (An information disclosure
vulnerability exists when affected Micr
CVE-2019-1080 (A remote code execution vulnerability exists in the way the
scripting ...)
NOT-FOR-US: Microsoft
CVE-2019-1079 (An information disclosure vulnerability exists when Visual
Studio impr ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2019-1078
RESERVED
CVE-2019-1077 (An elevation of privilege vulnerability exists when the Visual
Studio ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2019-1076 (A Cross-site Scripting (XSS) vulnerability exists when Team
Foundation ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2019-1075 (A spoofing vulnerability exists in ASP.NET Core that could lead
to an ...)
TODO: check
CVE-2019-1074 (An elevation of privilege vulnerability exists in Microsoft
Windows wh ...)
@@ -35122,15 +35122,15 @@ CVE-2019-1073 (An information disclosure
vulnerability exists when the Windows k
CVE-2019-1072 (A remote code execution vulnerability exists when Azure DevOps
Server ...)
TODO: check
CVE-2019-1071 (An information disclosure vulnerability exists when the Windows
kernel ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2019-1070
RESERVED
CVE-2019-1069 (An elevation of privilege vulnerability exists in the way the
Task Sch ...)
NOT-FOR-US: Microsoft
CVE-2019-1068 (A remote code execution vulnerability exists in Microsoft SQL
Server w ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2019-1067 (An elevation of privilege vulnerability exists when the Windows
kernel ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2019-1066
RESERVED
CVE-2019-1065 (An elevation of privilege vulnerability exists when the Windows
kernel ...)
@@ -35138,21 +35138,21 @@ CVE-2019-1065 (An elevation of privilege
vulnerability exists when the Windows k
CVE-2019-1064 (An elevation of privilege vulnerability exists when Windows
AppX Deplo ...)
NOT-FOR-US: Microsoft
CVE-2019-1063 (A remote code execution vulnerability exists when Internet
Explorer im ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2019-1062 (A remote code execution vulnerability exists in the way that
the Chakr ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2019-1061
RESERVED
CVE-2019-1060
RESERVED
CVE-2019-1059 (A remote code execution vulnerability exists in the way that
the scrip ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2019-1058
RESERVED
CVE-2019-1057
RESERVED
CVE-2019-1056 (A remote code execution vulnerability exists in the way that
the scrip ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2019-1055 (A remote code execution vulnerability exists in the way the
scripting ...)
NOT-FOR-US: Microsoft
CVE-2019-1054 (A security feature bypass vulnerability exists in Edge that
allows for ...)
@@ -35190,7 +35190,7 @@ CVE-2019-1039 (An information disclosure vulnerability
exists when the Windows k
CVE-2019-1038 (A remote code execution vulnerability exists in the way that
Microsoft ...)
NOT-FOR-US: Microsoft
CVE-2019-1037 (An elevation of privilege vulnerability exists in the way
Windows Erro ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2019-1036 (A cross-site-scripting (XSS) vulnerability exists when
Microsoft Share ...)
NOT-FOR-US: Microsoft
CVE-2019-1035 (A remote code execution vulnerability exists in Microsoft Word
softwar ...)
@@ -35252,21 +35252,21 @@ CVE-2019-1008 (A security feature bypass
vulnerability exists in Dynamics On Pre
CVE-2019-1007 (An elevation of privilege exists in Windows Audio Service, aka
'Window ...)
NOT-FOR-US: Microsoft
CVE-2019-1006 (An authentication bypass vulnerability exists in Windows
Communication ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2019-1005 (A remote code execution vulnerability exists in the way the
scripting ...)
NOT-FOR-US: Microsoft
CVE-2019-1004 (A remote code execution vulnerability exists in the way that
the scrip ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2019-1003 (A remote code execution vulnerability exists in the way that
the Chakr ...)
NOT-FOR-US: Microsoft
CVE-2019-1002 (A remote code execution vulnerability exists in the way that
the Chakr ...)
NOT-FOR-US: Microsoft
CVE-2019-1001 (A remote code execution vulnerability exists in the way the
scripting ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2019-1000 (An elevation of privilege vulnerability exists in Microsoft
Azure Acti ...)
NOT-FOR-US: Microsoft
CVE-2019-0999 (An elevation of privilege vulnerability exists when DirectX
improperly ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2019-0998 (An elevation of privilege vulnerability exists when the Storage
Servic ...)
NOT-FOR-US: Microsoft
CVE-2019-0997
@@ -35317,7 +35317,7 @@ CVE-2019-0976 (A tampering vulnerability exists in the
NuGet Package Manager for
NOTE: https://github.com/NuGet/Home/issues/7908
NOTE:
https://github.com/NuGet/NuGet.Client/commit/e32a2ea7096debd3e513188f6779bb1041593326
(5.0.2.5988)
CVE-2019-0975 (A security feature bypass vulnerability exists when Active
Directory F ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2019-0974 (A remote code execution vulnerability exists when the Windows
Jet Data ...)
NOT-FOR-US: Microsoft
CVE-2019-0973 (An elevation of privilege vulnerability exists in the Windows
Installe ...)
@@ -35335,7 +35335,7 @@ CVE-2019-0968 (An information disclosure vulnerability
exists when the Windows G
CVE-2019-0967
RESERVED
CVE-2019-0966 (A denial of service vulnerability exists when Microsoft Hyper-V
on a h ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2019-0965
RESERVED
CVE-2019-0964
@@ -35493,7 +35493,7 @@ CVE-2019-0889 (A remote code execution vulnerability
exists when the Windows Jet
CVE-2019-0888 (A remote code execution vulnerability exists in the way that
ActiveX D ...)
NOT-FOR-US: Microsoft
CVE-2019-0887 (A remote code execution vulnerability exists in Remote Desktop
Service ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2019-0886 (An information disclosure vulnerability exists when Windows
Hyper-V on ...)
NOT-FOR-US: Microsoft
CVE-2019-0885 (A remote code execution vulnerability exists when Microsoft
Windows OL ...)
@@ -35507,7 +35507,7 @@ CVE-2019-0882 (An information disclosure vulnerability
exists when the Windows G
CVE-2019-0881 (An elevation of privilege vulnerability exists when the Windows
Kernel ...)
NOT-FOR-US: Microsoft
CVE-2019-0880 (A local elevation of privilege vulnerability exists in how
splwow64.ex ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2019-0879 (A remote code execution vulnerability exists when the Windows
Jet Data ...)
NOT-FOR-US: Microsoft
CVE-2019-0878
@@ -35649,7 +35649,7 @@ CVE-2019-0813 (An elevation of privilege vulnerability
exists when Windows Admin
CVE-2019-0812 (A remote code execution vulnerability exists in the way that
the Chakr ...)
NOT-FOR-US: Microsoft
CVE-2019-0811 (A denial of service vulnerability exists in Windows DNS Server
when it ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2019-0810 (A remote code execution vulnerability exists in the way that
the Chakr ...)
NOT-FOR-US: Microsoft
CVE-2019-0809 (A remote code execution vulnerability exists when the Visual
Studio C+ ...)
@@ -35702,7 +35702,7 @@ CVE-2019-0787
CVE-2019-0786 (An elevation of privilege vulnerability exists in the Microsoft
Server ...)
NOT-FOR-US: Microsoft
CVE-2019-0785 (A memory corruption vulnerability exists in the Windows Server
DHCP se ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2019-0784 (A remote code execution vulnerability exists in the way that
the Activ ...)
NOT-FOR-US: Microsoft
CVE-2019-0783 (A remote code execution vulnerability exists in the way that
the scrip ...)
@@ -68288,7 +68288,7 @@ CVE-2018-7840 (A Uncontrolled Search Path Element
(CWE-427) vulnerability exists
CVE-2018-7839 (A Cryptographic Issue (CWE-310) vulnerability exists in IIoT
Monitor 3 ...)
NOT-FOR-US: Schneider
CVE-2018-7838 (A CWE-119 Buffer Errors vulnerability exists in Modicon M580
CPU - BME ...)
- TODO: check
+ NOT-FOR-US: Modicon
CVE-2018-7837 (An Improper Restriction of XML External Entity Reference
('XXE') vulne ...)
NOT-FOR-US: IIoT Monitor (Schneider Electric)
CVE-2018-7836 (An unrestricted Upload of File with Dangerous Type
vulnerability exist ...)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/commit/c6fdb00ca0f697a76dba98a31fce50df8c95b330
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/commit/c6fdb00ca0f697a76dba98a31fce50df8c95b330
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
