Moritz Muehlenhoff pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
75637b56 by Moritz Muehlenhoff at 2019-09-05T11:38:32Z
NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1075,11 +1075,11 @@ CVE-2019-15536 (The Acclaim block plugin before
2019-06-26 for Moodle allows SQL
CVE-2019-15535 (Tasking Manager before 3.4.0 allows SQL Injection via custom
SQL. ...)
NOT-FOR-US: Tasking Manager
CVE-2019-15534 (Raml-Module-Builder 26.4.0 allows SQL Injection in
PostgresClient.upda ...)
- TODO: check
+ NOT-FOR-US: Raml-Module-Builder
CVE-2019-15533 (XENFCoreSharp before 2019-07-16 allows SQL injection in
web/verify.php ...)
- TODO: check
+ NOT-FOR-US: XENFCoreSharp
CVE-2019-15532 (CyberChef before 8.31.2 allows XSS in
core/operations/TextEncodingBrut ...)
- TODO: check
+ NOT-FOR-US: CyberChef
CVE-2019-15531 (GNU Libextractor through 1.9 has a heap-based buffer over-read
in the ...)
{DLA-1904-1}
- libextractor 1:1.9-2 (bug #935553)
@@ -31071,25 +31071,25 @@ CVE-2019-5043
CVE-2019-5042
RESERVED
CVE-2019-5041 (An exploitable Stack Based Buffer Overflow vulnerability exists
in the ...)
- TODO: check
+ NOT-FOR-US: Aspose
CVE-2019-5040 (An exploitable information disclosure vulnerability exists in
the Weav ...)
- TODO: check
+ NOT-FOR-US: OpenWeave
CVE-2019-5039 (An exploitable command execution vulnerability exists in the
ASN1 cert ...)
- TODO: check
+ NOT-FOR-US: OpenWeave
CVE-2019-5038 (An exploitable command execution vulnerability exists in the
print-tlv ...)
- TODO: check
+ NOT-FOR-US: OpenWeave
CVE-2019-5037 (An exploitable denial-of-service vulnerability exists in the
Weave cer ...)
- TODO: check
+ NOT-FOR-US: Nest
CVE-2019-5036 (An exploitable denial-of-service vulnerability exists in the
Weave err ...)
- TODO: check
+ NOT-FOR-US: Nest
CVE-2019-5035 (An exploitable information disclosure vulnerability exists in
the Weav ...)
- TODO: check
+ NOT-FOR-US: Nest
CVE-2019-5034 (An exploitable information disclosure vulnerability exists in
the Weav ...)
- TODO: check
+ NOT-FOR-US: Nest
CVE-2019-5033 (An exploitable out-of-bounds read vulnerability exists in the
Number r ...)
- TODO: check
+ NOT-FOR-US: Aspose
CVE-2019-5032 (An exploitable out-of-bounds read vulnerability exists in the
LabelSst ...)
- TODO: check
+ NOT-FOR-US: Aspose
CVE-2019-5031
RESERVED
CVE-2019-5030
@@ -39448,41 +39448,41 @@ CVE-2019-2139
CVE-2019-2138
RESERVED
CVE-2019-2137 (In the endCall() function of TelecomManager.java, there is a
possible ...)
- TODO: check
+ NOT-FOR-US: Android
CVE-2019-2136 (In Status::readFromParcel of Status.cpp, there is a possible
out of bo ...)
- TODO: check
+ NOT-FOR-US: Android
CVE-2019-2135 (In Mfc_Transceive of phNxpExtns_MifareStd.cpp, there is a
possible out ...)
- TODO: check
+ NOT-FOR-US: Android
CVE-2019-2134 (In phFriNfc_ExtnsTransceive of phNxpExtns_MifareStd.cpp, there
is a po ...)
- TODO: check
+ NOT-FOR-US: Android
CVE-2019-2133 (In Mfc_Transceive of phNxpExtns_MifareStd.cpp, there is a
possible out ...)
- TODO: check
+ NOT-FOR-US: Android
CVE-2019-2132 (It is possible to overlay the VPN dialog by a malicious
application. T ...)
- TODO: check
+ NOT-FOR-US: Android
CVE-2019-2131 (An application with overlay permission can display overlays on
top of ...)
- TODO: check
+ NOT-FOR-US: Android
CVE-2019-2130 (In CompilationJob::FinalizeJob of compiler.cc, there is a
possible rem ...)
- TODO: check
+ NOT-FOR-US: Android
CVE-2019-2129 (In extract3GPPGlobalDescriptions of TextDescriptions.cpp, there
is a p ...)
- TODO: check
+ NOT-FOR-US: Android media framework
CVE-2019-2128 (In ACELP_4t64_fx of c4t64fx.c, there is a possible out of
bounds write ...)
- TODO: check
+ NOT-FOR-US: Android media framework
CVE-2019-2127 (In AudioInputDescriptor::setClientActive of
AudioInputDescriptor.cpp, ...)
- TODO: check
+ NOT-FOR-US: Android media framework
CVE-2019-2126 (In ParseContentEncodingEntry of mkvparser.cc, there is a
possible doub ...)
- TODO: check
+ NOT-FOR-US: Android media framework
CVE-2019-2125 (In ChangeDefaultDialerDialog.java, there is a possible
escalation of p ...)
- TODO: check
+ NOT-FOR-US: Android
CVE-2019-2124
RESERVED
CVE-2019-2123
RESERVED
CVE-2019-2122 (In LockTaskController.lockKeyguardIfNeeded of the
LockTaskController.j ...)
- TODO: check
+ NOT-FOR-US: Android
CVE-2019-2121 (In ActivityManagerService.attachApplication of
ActivityManagerService, ...)
- TODO: check
+ NOT-FOR-US: Android
CVE-2019-2120 (In OatFileAssistant::GenerateOatFile of oat_file_assistant.cc,
there i ...)
- TODO: check
+ NOT-FOR-US: Android
CVE-2019-2119 (In multiple functions of key_store_service.cpp, there is a
possible In ...)
NOT-FOR-US: Android
CVE-2019-2118 (In various functions of Parcel.cpp, there are uninitialized or
partial ...)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/commit/75637b56abd2ec98a519ecb1ddc738c377c8243e
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/commit/75637b56abd2ec98a519ecb1ddc738c377c8243e
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
