[Git][security-tracker-team/security-tracker][master] Process NFUs

Tue, 01 Oct 2019 01:55:57 -0700 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
3fdc8679 by Salvatore Bonaccorso at 2019-10-01T08:55:05Z
Process NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -755,11 +755,11 @@ CVE-2019-16748 (In wolfSSL through 4.1.0, there is a 
missing sanity check of mem
 CVE-2019-16747
        RESERVED
 CVE-2019-16745 (eBrigade before 5.0 has evenement_choice.php chxCal SQL 
Injection. ...)
-       TODO: check
+       NOT-FOR-US: eBrigade
 CVE-2019-16744 (eBrigade before 5.0 has evenements.php cid SQL Injection. ...)
-       TODO: check
+       NOT-FOR-US: eBrigade
 CVE-2019-16743 (eBrigade before 5.0 has evenement_ical.php evenement SQL 
Injection. ...)
-       TODO: check
+       NOT-FOR-US: eBrigade
 CVE-2019-16742
        RESERVED
 CVE-2019-16741
@@ -12235,9 +12235,9 @@ CVE-2019-13126 (An integer overflow in NATS Server 
2.0.0 allows a remote attacke
 CVE-2019-13125 (HaboMalHunter through 2.0.0.3 in Tencent Habo allows attackers 
to evad ...)
        NOT-FOR-US: Tencent
 CVE-2019-13124 (Foxit Reader 9.6.0.25114 and earlier has two unique 
RecursiveCall bugs ...)
-       TODO: check
+       NOT-FOR-US: Foxit Reader
 CVE-2019-13123 (Foxit Reader 9.6.0.25114 and earlier has two unique 
RecursiveCall bugs ...)
-       TODO: check
+       NOT-FOR-US: Foxit Reader
 CVE-2019-13122 (A Cross Site Scripting (XSS) vulnerability exists in the 
template tag  ...)
        NOT-FOR-US: Patchwork
 CVE-2019-13121 [SSRF Vulnerability in Project GitHub Integration]
@@ -19245,11 +19245,11 @@ CVE-2019-10542
 CVE-2019-10541
        RESERVED
 CVE-2019-10540 (Buffer overflow in WLAN NAN function due to lack of check of 
count val ...)
-       TODO: check
+       NOT-FOR-US: Snapdragon
 CVE-2019-10539 (Possible buffer overflow issue due to lack of length check 
when parsin ...)
-       TODO: check
+       NOT-FOR-US: Snapdragon
 CVE-2019-10538 (Lack of check of address range received from firmware response 
allows  ...)
-       TODO: check
+       NOT-FOR-US: Snapdragon
 CVE-2019-10537
        RESERVED
 CVE-2019-10536
@@ -19305,15 +19305,15 @@ CVE-2019-10512
 CVE-2019-10511
        RESERVED
 CVE-2019-10510 (BT process died and BT toggled due to null pointer dereference 
when in ...)
-       TODO: check
+       NOT-FOR-US: Snapdragon
 CVE-2019-10509 (Device record of the pairing device used after free during ACL 
disconn ...)
-       TODO: check
+       NOT-FOR-US: Snapdragon
 CVE-2019-10508 (Lack of input validation for data received from user space can 
lead to ...)
-       TODO: check
+       NOT-FOR-US: Snapdragon
 CVE-2019-10507 (Lack of check of extscan change results received from firmware 
can lea ...)
-       TODO: check
+       NOT-FOR-US: Snapdragon
 CVE-2019-10506 (While processing QCA_NL80211_VENDOR_SUBCMD_AVOID_FREQUENCY 
vendor comm ...)
-       TODO: check
+       NOT-FOR-US: Snapdragon
 CVE-2019-10505
        RESERVED
 CVE-2019-10504
@@ -19323,15 +19323,15 @@ CVE-2019-10503
 CVE-2019-10502
        RESERVED
 CVE-2019-10501 (Possible use after free issue due to improper input validation 
in volu ...)
-       TODO: check
+       NOT-FOR-US: Snapdragon
 CVE-2019-10500
        RESERVED
 CVE-2019-10499 (Improper validation of read and write index of tx and rx 
fifo`s before ...)
-       TODO: check
+       NOT-FOR-US: Snapdragon
 CVE-2019-10498 (Buffer overflow scenario if the client sends more than 5 
io_vec reques ...)
-       TODO: check
+       NOT-FOR-US: Snapdragon
 CVE-2019-10497 (Use after free issue occurs If another instance of open for 
voice_svc  ...)
-       TODO: check
+       NOT-FOR-US: Snapdragon
 CVE-2019-10496
        RESERVED
 CVE-2019-10495
@@ -19341,13 +19341,13 @@ CVE-2019-10494
 CVE-2019-10493
        RESERVED
 CVE-2019-10492 (Boot image not getting verified by AVB in Snapdragon Auto, 
Snapdragon  ...)
-       TODO: check
+       NOT-FOR-US: Snapdragon
 CVE-2019-10491
        RESERVED
 CVE-2019-10490
        RESERVED
 CVE-2019-10489 (Possible null-pointer dereference can occur while parsing avi 
clip dur ...)
-       TODO: check
+       NOT-FOR-US: Snapdragon
 CVE-2019-10488
        RESERVED
 CVE-2019-10487
@@ -37412,17 +37412,17 @@ CVE-2019-3735 (Dell SupportAssist for Business PCs 
version 2.0 and Dell SupportA
 CVE-2019-3734 (Dell EMC Unity and UnityVSA versions prior to 5.0.0.0.5.116 
contain an ...)
        NOT-FOR-US: EMC
 CVE-2019-3733 (RSA BSAFE Crypto-C Micro Edition, all versions prior to 4.1.4, 
is vuln ...)
-       TODO: check
+       NOT-FOR-US: RSA
 CVE-2019-3732 (RSA BSAFE Crypto-C Micro Edition, versions prior to 4.0.5.3 (in 
4.0.x) ...)
-       TODO: check
+       NOT-FOR-US: RSA
 CVE-2019-3731 (RSA BSAFE Crypto-C Micro Edition versions prior to 4.1.4 and 
RSA Micro ...)
-       TODO: check
+       NOT-FOR-US: RSA
 CVE-2019-3730 (RSA BSAFE Micro Edition Suite versions prior to 4.1.6.3 (in 
4.1.x) and ...)
-       TODO: check
+       NOT-FOR-US: RSA
 CVE-2019-3729 (RSA BSAFE Micro Edition Suite versions prior to 4.4 (in 4.0.x, 
4.1.x,  ...)
-       TODO: check
+       NOT-FOR-US: RSA
 CVE-2019-3728 (RSA BSAFE Crypto-C Micro Edition versions prior to 4.0.5.4 (in 
4.0.x)  ...)
-       TODO: check
+       NOT-FOR-US: RSA
 CVE-2019-3727 (Dell EMC RecoverPoint versions prior to 5.1.3 and RecoverPoint 
for VMs ...)
        NOT-FOR-US: Dell EMC RecoverPoint
 CVE-2019-3726 (An Uncontrolled Search Path Vulnerability is applicable to the 
followi ...)
@@ -42462,7 +42462,7 @@ CVE-2019-2343 (Out of bound read and information 
disclosure in firmware due to i
 CVE-2019-2342
        RESERVED
 CVE-2019-2341 (Buffer overflow when the audio buffer size provided by user is 
larger  ...)
-       TODO: check
+       NOT-FOR-US: Snapdragon
 CVE-2019-2340
        RESERVED
 CVE-2019-2339
@@ -42478,7 +42478,7 @@ CVE-2019-2335
 CVE-2019-2334 (Null pointer dereferencing can happen when playing the clip 
with wrong ...)
        NOT-FOR-US: Qualcomm components for Android
 CVE-2019-2333 (Buffer overflow due to improper validation of buffer size while 
IPA dr ...)
-       TODO: check
+       NOT-FOR-US: Snapdragon
 CVE-2019-2332
        RESERVED
 CVE-2019-2331
@@ -42556,7 +42556,7 @@ CVE-2019-2296
 CVE-2019-2295
        RESERVED
 CVE-2019-2294 (Usage of hard-coded magic number for calculating heap guard 
bytes can  ...)
-       TODO: check
+       NOT-FOR-US: Snapdragon
 CVE-2019-2293 (Pointer dereference while freeing IFE resources due to lack of 
length  ...)
        NOT-FOR-US: Snapdragon
 CVE-2019-2292 (Out of bound access can occur due to buffer copy without 
checking size ...)
@@ -42576,7 +42576,7 @@ CVE-2019-2286
 CVE-2019-2285
        RESERVED
 CVE-2019-2284 (Possible use-after-free issue due to a race condition while 
calling ca ...)
-       TODO: check
+       NOT-FOR-US: Snapdragon
 CVE-2019-2283
        RESERVED
 CVE-2019-2282
@@ -42640,7 +42640,7 @@ CVE-2019-2254 (Position determination accuracy may be 
degraded due to wrongly de
 CVE-2019-2253 (Buffer over-read can occur while parsing an ogg file with a 
corrupted  ...)
        NOT-FOR-US: Qualcomm components for Android
 CVE-2019-2252 (Classic buffer overflow vulnerability while playing the 
specific video ...)
-       TODO: check
+       NOT-FOR-US: Snapdragon
 CVE-2019-2251
        RESERVED
 CVE-2019-2250 (Kernel can write to arbitrary memory address passed by user 
while free ...)



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/commit/3fdc86795b63c00d5bd173cd3e3cbe699b4c8c1d

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/commit/3fdc86795b63c00d5bd173cd3e3cbe699b4c8c1d
You're receiving this email because of your account on salsa.debian.org.



_______________________________________________
debian-security-tracker-commits mailing list
debian-security-tracker-commits@alioth-lists.debian.net
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

Reply via email to