Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits: 3fdc8679 by Salvatore Bonaccorso at 2019-10-01T08:55:05Z Process NFUs - - - - - 1 changed file: - data/CVE/list Changes: ===================================== data/CVE/list ===================================== @@ -755,11 +755,11 @@ CVE-2019-16748 (In wolfSSL through 4.1.0, there is a missing sanity check of mem CVE-2019-16747 RESERVED CVE-2019-16745 (eBrigade before 5.0 has evenement_choice.php chxCal SQL Injection. ...) - TODO: check + NOT-FOR-US: eBrigade CVE-2019-16744 (eBrigade before 5.0 has evenements.php cid SQL Injection. ...) - TODO: check + NOT-FOR-US: eBrigade CVE-2019-16743 (eBrigade before 5.0 has evenement_ical.php evenement SQL Injection. ...) - TODO: check + NOT-FOR-US: eBrigade CVE-2019-16742 RESERVED CVE-2019-16741 @@ -12235,9 +12235,9 @@ CVE-2019-13126 (An integer overflow in NATS Server 2.0.0 allows a remote attacke CVE-2019-13125 (HaboMalHunter through 2.0.0.3 in Tencent Habo allows attackers to evad ...) NOT-FOR-US: Tencent CVE-2019-13124 (Foxit Reader 9.6.0.25114 and earlier has two unique RecursiveCall bugs ...) - TODO: check + NOT-FOR-US: Foxit Reader CVE-2019-13123 (Foxit Reader 9.6.0.25114 and earlier has two unique RecursiveCall bugs ...) - TODO: check + NOT-FOR-US: Foxit Reader CVE-2019-13122 (A Cross Site Scripting (XSS) vulnerability exists in the template tag ...) NOT-FOR-US: Patchwork CVE-2019-13121 [SSRF Vulnerability in Project GitHub Integration] @@ -19245,11 +19245,11 @@ CVE-2019-10542 CVE-2019-10541 RESERVED CVE-2019-10540 (Buffer overflow in WLAN NAN function due to lack of check of count val ...) - TODO: check + NOT-FOR-US: Snapdragon CVE-2019-10539 (Possible buffer overflow issue due to lack of length check when parsin ...) - TODO: check + NOT-FOR-US: Snapdragon CVE-2019-10538 (Lack of check of address range received from firmware response allows ...) - TODO: check + NOT-FOR-US: Snapdragon CVE-2019-10537 RESERVED CVE-2019-10536 @@ -19305,15 +19305,15 @@ CVE-2019-10512 CVE-2019-10511 RESERVED CVE-2019-10510 (BT process died and BT toggled due to null pointer dereference when in ...) - TODO: check + NOT-FOR-US: Snapdragon CVE-2019-10509 (Device record of the pairing device used after free during ACL disconn ...) - TODO: check + NOT-FOR-US: Snapdragon CVE-2019-10508 (Lack of input validation for data received from user space can lead to ...) - TODO: check + NOT-FOR-US: Snapdragon CVE-2019-10507 (Lack of check of extscan change results received from firmware can lea ...) - TODO: check + NOT-FOR-US: Snapdragon CVE-2019-10506 (While processing QCA_NL80211_VENDOR_SUBCMD_AVOID_FREQUENCY vendor comm ...) - TODO: check + NOT-FOR-US: Snapdragon CVE-2019-10505 RESERVED CVE-2019-10504 @@ -19323,15 +19323,15 @@ CVE-2019-10503 CVE-2019-10502 RESERVED CVE-2019-10501 (Possible use after free issue due to improper input validation in volu ...) - TODO: check + NOT-FOR-US: Snapdragon CVE-2019-10500 RESERVED CVE-2019-10499 (Improper validation of read and write index of tx and rx fifo`s before ...) - TODO: check + NOT-FOR-US: Snapdragon CVE-2019-10498 (Buffer overflow scenario if the client sends more than 5 io_vec reques ...) - TODO: check + NOT-FOR-US: Snapdragon CVE-2019-10497 (Use after free issue occurs If another instance of open for voice_svc ...) - TODO: check + NOT-FOR-US: Snapdragon CVE-2019-10496 RESERVED CVE-2019-10495 @@ -19341,13 +19341,13 @@ CVE-2019-10494 CVE-2019-10493 RESERVED CVE-2019-10492 (Boot image not getting verified by AVB in Snapdragon Auto, Snapdragon ...) - TODO: check + NOT-FOR-US: Snapdragon CVE-2019-10491 RESERVED CVE-2019-10490 RESERVED CVE-2019-10489 (Possible null-pointer dereference can occur while parsing avi clip dur ...) - TODO: check + NOT-FOR-US: Snapdragon CVE-2019-10488 RESERVED CVE-2019-10487 @@ -37412,17 +37412,17 @@ CVE-2019-3735 (Dell SupportAssist for Business PCs version 2.0 and Dell SupportA CVE-2019-3734 (Dell EMC Unity and UnityVSA versions prior to 5.0.0.0.5.116 contain an ...) NOT-FOR-US: EMC CVE-2019-3733 (RSA BSAFE Crypto-C Micro Edition, all versions prior to 4.1.4, is vuln ...) - TODO: check + NOT-FOR-US: RSA CVE-2019-3732 (RSA BSAFE Crypto-C Micro Edition, versions prior to 4.0.5.3 (in 4.0.x) ...) - TODO: check + NOT-FOR-US: RSA CVE-2019-3731 (RSA BSAFE Crypto-C Micro Edition versions prior to 4.1.4 and RSA Micro ...) - TODO: check + NOT-FOR-US: RSA CVE-2019-3730 (RSA BSAFE Micro Edition Suite versions prior to 4.1.6.3 (in 4.1.x) and ...) - TODO: check + NOT-FOR-US: RSA CVE-2019-3729 (RSA BSAFE Micro Edition Suite versions prior to 4.4 (in 4.0.x, 4.1.x, ...) - TODO: check + NOT-FOR-US: RSA CVE-2019-3728 (RSA BSAFE Crypto-C Micro Edition versions prior to 4.0.5.4 (in 4.0.x) ...) - TODO: check + NOT-FOR-US: RSA CVE-2019-3727 (Dell EMC RecoverPoint versions prior to 5.1.3 and RecoverPoint for VMs ...) NOT-FOR-US: Dell EMC RecoverPoint CVE-2019-3726 (An Uncontrolled Search Path Vulnerability is applicable to the followi ...) @@ -42462,7 +42462,7 @@ CVE-2019-2343 (Out of bound read and information disclosure in firmware due to i CVE-2019-2342 RESERVED CVE-2019-2341 (Buffer overflow when the audio buffer size provided by user is larger ...) - TODO: check + NOT-FOR-US: Snapdragon CVE-2019-2340 RESERVED CVE-2019-2339 @@ -42478,7 +42478,7 @@ CVE-2019-2335 CVE-2019-2334 (Null pointer dereferencing can happen when playing the clip with wrong ...) NOT-FOR-US: Qualcomm components for Android CVE-2019-2333 (Buffer overflow due to improper validation of buffer size while IPA dr ...) - TODO: check + NOT-FOR-US: Snapdragon CVE-2019-2332 RESERVED CVE-2019-2331 @@ -42556,7 +42556,7 @@ CVE-2019-2296 CVE-2019-2295 RESERVED CVE-2019-2294 (Usage of hard-coded magic number for calculating heap guard bytes can ...) - TODO: check + NOT-FOR-US: Snapdragon CVE-2019-2293 (Pointer dereference while freeing IFE resources due to lack of length ...) NOT-FOR-US: Snapdragon CVE-2019-2292 (Out of bound access can occur due to buffer copy without checking size ...) @@ -42576,7 +42576,7 @@ CVE-2019-2286 CVE-2019-2285 RESERVED CVE-2019-2284 (Possible use-after-free issue due to a race condition while calling ca ...) - TODO: check + NOT-FOR-US: Snapdragon CVE-2019-2283 RESERVED CVE-2019-2282 @@ -42640,7 +42640,7 @@ CVE-2019-2254 (Position determination accuracy may be degraded due to wrongly de CVE-2019-2253 (Buffer over-read can occur while parsing an ogg file with a corrupted ...) NOT-FOR-US: Qualcomm components for Android CVE-2019-2252 (Classic buffer overflow vulnerability while playing the specific video ...) - TODO: check + NOT-FOR-US: Snapdragon CVE-2019-2251 RESERVED CVE-2019-2250 (Kernel can write to arbitrary memory address passed by user while free ...) View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/3fdc86795b63c00d5bd173cd3e3cbe699b4c8c1d -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/3fdc86795b63c00d5bd173cd3e3cbe699b4c8c1d You're receiving this email because of your account on salsa.debian.org.
_______________________________________________ debian-security-tracker-commits mailing list debian-security-tracker-commits@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits