[Git][security-tracker-team/security-tracker][master] automatic update

Salvatore Bonaccorso Wed, 25 Dec 2019 00:11:00 -0800


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker



Commits:
b3c20443 by security tracker role at 2019-12-25T08:10:20Z
automatic update

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,3 +1,23 @@
+CVE-2019-19966 (In the Linux kernel before 5.1.6, there is a use-after-free in 
cpia2_e ...)
+       TODO: check
+CVE-2019-19965 (In the Linux kernel through 5.4.6, there is a NULL pointer 
dereference ...)
+       TODO: check
+CVE-2019-19964
+       RESERVED
+CVE-2019-19963 (An issue was discovered in wolfSSL before 4.3.0 in a 
non-default confi ...)
+       TODO: check
+CVE-2019-19962 (wolfSSL before 4.3.0 mishandles calls to 
wc_SignatureGenerateHash, lea ...)
+       TODO: check
+CVE-2019-19961
+       RESERVED
+CVE-2019-19960 (In wolfSSL before 4.3.0, wc_ecc_mulmod_ex does not properly 
resist sid ...)
+       TODO: check
+CVE-2019-19959
+       RESERVED
+CVE-2019-19958 (In libIEC61850 1.4.0, StringUtils_createStringFromBuffer in 
common/str ...)
+       TODO: check
+CVE-2019-19957 (In libIEC61850 1.4.0, getNumberOfElements in 
mms/iso_mms/server/mms_ac ...)
+       TODO: check
 CVE-2019-19956 (xmlParseBalancedChunkMemoryRecover in parser.c in libxml2 
before 2.9.1 ...)
        [experimental] - libxml2 2.9.10+dfsg-1
        - libxml2 <unfixed>
@@ -34460,8 +34480,8 @@ CVE-2019-10760 (safer-eval before 1.3.2 are vulnerable 
to Arbitrary Code Executi
        NOT-FOR-US: safer-eval Node module
 CVE-2019-10759 (safer-eval before 1.3.4 are vulnerable to Arbitrary Code 
Execution. A  ...)
        NOT-FOR-US: safer-eval Node module
-CVE-2019-10758
-       RESERVED
+CVE-2019-10758 (mongo-express before 0.54.0 is vulnerable to Remote Code 
Execution via ...)
+       TODO: check
 CVE-2019-10757 (knex.js versions before 0.19.5 are vulnerable to SQL Injection 
attack. ...)
        NOT-FOR-US: knex.js
 CVE-2019-10756 (It is possible to inject JavaScript within node-red-dashboard 
versions ...)
@@ -48945,8 +48965,8 @@ CVE-2019-5704
        RESERVED
 CVE-2019-5703
        RESERVED
-CVE-2019-5702
-       RESERVED
+CVE-2019-5702 (NVIDIA GeForce Experience, all versions prior to 3.20.2, 
contains a vu ...)
+       TODO: check
 CVE-2019-5701 (NVIDIA GeForce Experience, all versions prior to 3.20.1, 
contains a vu ...)
        NOT-FOR-US: NVIDIA GeForce Experience
 CVE-2019-5700 (NVIDIA Shield TV Experience prior to v8.0.1, NVIDIA Tegra 
software con ...)



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/commit/b3c204432640945c6b0fb9df8adcf40b6fc8b256

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/commit/b3c204432640945c6b0fb9df8adcf40b6fc8b256
You're receiving this email because of your account on salsa.debian.org.

_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

[Git][security-tracker-team/security-tracker][master] automatic update

Reply via email to