[Git][security-tracker-team/security-tracker][master] NFUs

Moritz Muehlenhoff Fri, 22 Nov 2019 04:49:32 -0800


Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / 
security-tracker



Commits:
fe1e8acc by Moritz Muehlenhoff at 2019-11-22T12:48:56Z
NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -19892,9 +19892,9 @@ CVE-2019-13584 (The remote admin webserver on FANUC 
Robotics Virtual Robot Contr
 CVE-2019-13583
        RESERVED
 CVE-2019-13582 (An issue was discovered in Marvell 88W8688 Wi-Fi firmware 
before versi ...)
-       TODO: check
+       NOT-FOR-US: Tesla
 CVE-2019-13581 (An issue was discovered in Marvell 88W8688 Wi-Fi firmware 
before versi ...)
-       TODO: check
+       NOT-FOR-US: Tesla
 CVE-2019-13580
        RESERVED
 CVE-2019-13579
@@ -27679,11 +27679,11 @@ CVE-2019-10768 (In AngularJS before 1.7.9 the 
function `merge()` could be tricke
        NOTE: 
https://github.com/angular/angular.js/commit/add78e62004e80bb1e16ab2dfe224afa8e513bc3
        NOTE: https://snyk.io/vuln/SNYK-JS-ANGULAR-534884
 CVE-2019-10767 (An attacker can include file contents from outside the 
`/adapter/xxx/` ...)
-       TODO: check
+       NOT-FOR-US: ioBroker
 CVE-2019-10766 (Pixie versions 1.0.x before 1.0.3, and 2.0.x before 2.0.2 
allow SQL In ...)
-       TODO: check
+       NOT-FOR-US: Pixie CMS
 CVE-2019-10765 (iobroker.admin before 3.6.12 allows attacker to include file 
contents  ...)
-       TODO: check
+       NOT-FOR-US: ioBroker
 CVE-2019-10764 (In elliptic-php versions priot to 1.0.6, Timing attacks might 
be possi ...)
        NOT-FOR-US: elliptic-php
 CVE-2019-10763 (pimcore/pimcore before 6.3.0 is vulnerable to SQL Injection. 
An attack ...)
@@ -28132,7 +28132,7 @@ CVE-2019-10629
 CVE-2019-10628
        RESERVED
 CVE-2019-10627 (Integer overflow to buffer overflow vulnerability in 
PostScript image  ...)
-       TODO: check
+       NOT-FOR-US: Qualcomm
 CVE-2019-10626
        RESERVED
 CVE-2019-10625
@@ -28152,7 +28152,7 @@ CVE-2019-10619
 CVE-2019-10618
        RESERVED
 CVE-2019-10617 (Low privilege users can access service configuration which 
contains re ...)
-       TODO: check
+       NOT-FOR-US: Qualcomm
 CVE-2019-10616
        RESERVED
 CVE-2019-10615
@@ -28255,13 +28255,13 @@ CVE-2019-10568
 CVE-2019-10567
        RESERVED
 CVE-2019-10566 (Buffer overflow can occur in wlan module if supported rates or 
extende ...)
-       TODO: check
+       NOT-FOR-US: Snapdragon
 CVE-2019-10565 (Double free issue can happen when sensor power settings is 
freed by so ...)
        NOT-FOR-US: Snapdragon
 CVE-2019-10564
        RESERVED
 CVE-2019-10563 (Buffer over-read can occur in fast message handler due to 
improper inp ...)
-       TODO: check
+       NOT-FOR-US: Snapdragon
 CVE-2019-10562
        RESERVED
 CVE-2019-10561
@@ -28320,7 +28320,7 @@ CVE-2019-10537
 CVE-2019-10536
        RESERVED
 CVE-2019-10535 (Improper validation for loop variable received from firmware 
can lead  ...)
-       TODO: check
+       NOT-FOR-US: Snapdragon
 CVE-2019-10534 (Null-pointer dereference can occur while accessing the super 
index ent ...)
        NOT-FOR-US: Snapdragon
 CVE-2019-10533 (Out of bound access due to improper validation of array index 
cause th ...)
@@ -28387,7 +28387,7 @@ CVE-2019-10505 (Out of bound access while processing a 
non-standard IE measureme
 CVE-2019-10504 (Firmware not able to send EXT scan response to host within 1 
sec due t ...)
        NOT-FOR-US: Snapdragon
 CVE-2019-10503 (Out-of-bounds access can occur in camera driver due to 
improper valida ...)
-       TODO: check
+       NOT-FOR-US: Snapdragon
 CVE-2019-10502 (Possible stack overflow when an index equal to io buffer size 
is acces ...)
        NOT-FOR-US: Snapdragon
 CVE-2019-10501 (Possible use after free issue due to improper input validation 
in volu ...)
@@ -28414,7 +28414,7 @@ CVE-2019-10492 (Boot image not getting verified by AVB 
in Snapdragon Auto, Snapd
 CVE-2019-10491 (ADSP can be compromised since it`s a general-purpose CPU 
processing un ...)
        NOT-FOR-US: Snapdragon
 CVE-2019-10490 (Use after free issue in Xtra daemon shutdown due to static 
object inst ...)
-       TODO: check
+       NOT-FOR-US: Snapdragon
 CVE-2019-10489 (Possible null-pointer dereference can occur while parsing avi 
clip dur ...)
        NOT-FOR-US: Snapdragon
 CVE-2019-10488 (Null pointer dereference can occur while parsing invalid 
chunks while  ...)
@@ -28422,7 +28422,7 @@ CVE-2019-10488 (Null pointer dereference can occur 
while parsing invalid chunks
 CVE-2019-10487
        RESERVED
 CVE-2019-10486 (Race condition due to the lack of resource lock which will be 
concurre ...)
-       TODO: check
+       NOT-FOR-US: Snapdragon
 CVE-2019-10485
        RESERVED
        NOT-FOR-US: Qualcomm components for Android
@@ -39205,7 +39205,7 @@ CVE-2019-6855
 CVE-2019-6854
        RESERVED
 CVE-2019-6853 (A CWE-79: Failure to Preserve Web Page Structure vulnerability 
exists  ...)
-       TODO: check
+       NOT-FOR-US: Andover Continuum
 CVE-2019-6852 (A CWE-200: Information Exposure vulnerability exists in Modicon 
Contro ...)
        NOT-FOR-US: Schneider Electric
 CVE-2019-6851 (A CWE-538: File and Directory Information Exposure 
vulnerability exist ...)
@@ -39579,7 +39579,7 @@ CVE-2019-6695 (Lack of root file system integrity 
checking in Fortinet FortiMana
 CVE-2019-6694
        RESERVED
 CVE-2019-6693 (Use of a hard-coded cryptographic key to cipher sensitive data 
in Fort ...)
-       TODO: check
+       NOT-FOR-US: Fortinet
 CVE-2019-6692 (A malicious DLL preload vulnerability in Fortinet FortiClient 
for Wind ...)
        NOT-FOR-US: Fortinet
 CVE-2019-6691 (phpwind 9.0.2.170426 UTF8 allows SQL Injection via the 
admin.php?m=bac ...)
@@ -42443,9 +42443,9 @@ CVE-2019-5639
 CVE-2019-5638 (Rapid7 Nexpose versions 6.5.50 and prior suffer from 
insufficient sess ...)
        NOT-FOR-US: Rapid7 Nexpose
 CVE-2019-5637 (When Beckhoff TwinCAT is configured to use the Profinet driver, 
a deni ...)
-       TODO: check
+       NOT-FOR-US: Beckhoff
 CVE-2019-5636 (When a Beckhoff TwinCAT Runtime receives a malformed UDP 
packet, the A ...)
-       TODO: check
+       NOT-FOR-US: Beckhoff
 CVE-2019-5635 (A cleartext transmission of sensitive information vulnerability 
is pre ...)
        NOT-FOR-US: Hickory
 CVE-2019-5634 (An inclusion of sensitive information in log files 
vulnerability is pr ...)



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/commit/fe1e8acc44b79a32b272a1afb35dcee6f009c27c

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/commit/fe1e8acc44b79a32b272a1afb35dcee6f009c27c
You're receiving this email because of your account on salsa.debian.org.

_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

[Git][security-tracker-team/security-tracker][master] NFUs

Reply via email to