Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
bd7617e2 by security tracker role at 2020-01-21T08:10:23+00:00
automatic update
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,3 +1,33 @@
+CVE-2020-7249 (SMC D3G0804W 3.5.2.5-LAT_GA devices allow XSS via the SSID
field on th ...)
+ TODO: check
+CVE-2020-7248
+ RESERVED
+CVE-2020-7247
+ RESERVED
+CVE-2020-7246
+ RESERVED
+CVE-2020-7245
+ RESERVED
+CVE-2020-7244 (Comtech Stampede FX-1010 7.4.3 devices allow remote
authenticated admi ...)
+ TODO: check
+CVE-2020-7243 (Comtech Stampede FX-1010 7.4.3 devices allow remote
authenticated admi ...)
+ TODO: check
+CVE-2020-7242 (Comtech Stampede FX-1010 7.4.3 devices allow remote
authenticated admi ...)
+ TODO: check
+CVE-2020-7241 (The WP Database Backup plugin through 5.5 for WordPress stores
downloa ...)
+ TODO: check
+CVE-2020-7240 (Meinberg Lantime M300 and M1000 devices allow attackers (with
privileg ...)
+ TODO: check
+CVE-2020-7239 (The conversation-watson plugin before 0.8.21 for WordPress has
a DOM-b ...)
+ TODO: check
+CVE-2019-20386 (An issue was discovered in button_open in
login/logind-button.c in sys ...)
+ TODO: check
+CVE-2019-20385 (The CSV upload feature in /supervisor/procesa_carga.php on
Logaritmo A ...)
+ TODO: check
+CVE-2019-20384 (Gentoo Portage through 2.3.84 allows local users to place a
Trojan hor ...)
+ TODO: check
+CVE-2019-20383
+ RESERVED
CVE-2019-20382
RESERVED
CVE-2020-7238
@@ -25386,7 +25416,7 @@ CVE-2019-16241 (On TCL Alcatel Cingular Flip 2 B9HUAH1
devices, PIN authenticati
CVE-2019-16240
RESERVED
CVE-2019-16239 (process_http_response in OpenConnect before 8.05 has a Buffer
Overflow ...)
- {DLA-1945-1}
+ {DSA-4607-1 DLA-1945-1}
- openconnect 8.02-1.1 (bug #940871)
NOTE:
http://lists.infradead.org/pipermail/openconnect-devel/2019-September/005412.html
NOTE:
https://github.com/openconnect/openconnect/commit/875f0a65ab73f4fb581ca870fd3a901bd278f8e8
@@ -32671,13 +32701,11 @@ CVE-2019-14038
RESERVED
CVE-2019-14037
RESERVED
-CVE-2019-14036
- RESERVED
+CVE-2019-14036 (Possible buffer overflow issue in error processing due to
improper val ...)
NOT-FOR-US: Qualcomm components for Android
CVE-2019-14035
RESERVED
-CVE-2019-14034
- RESERVED
+CVE-2019-14034 (Use after free while processing eeprom query as there is a
chance to n ...)
NOT-FOR-US: Qualcomm components for Android
CVE-2019-14033
RESERVED
@@ -32697,11 +32725,9 @@ CVE-2019-14026
RESERVED
CVE-2019-14025
RESERVED
-CVE-2019-14024
- RESERVED
+CVE-2019-14024 (Possible stack-use-after-scope issue in NFC usecase for card
emulation ...)
NOT-FOR-US: Qualcomm components for Android
-CVE-2019-14023
- RESERVED
+CVE-2019-14023 (String format issue will occur while processing HLOS data as
there is ...)
NOT-FOR-US: Qualcomm components for Android
CVE-2019-14022
RESERVED
@@ -32713,45 +32739,35 @@ CVE-2019-14019
RESERVED
CVE-2019-14018
RESERVED
-CVE-2019-14017
- RESERVED
+CVE-2019-14017 (Heap buffer overflow can occur while parsing invalid MKV clip
which is ...)
NOT-FOR-US: Qualcomm components for Android
-CVE-2019-14016
- RESERVED
+CVE-2019-14016 (Integer overflow occurs while playing the clip which is
nonstandard in ...)
NOT-FOR-US: Qualcomm components for Android
CVE-2019-14015
RESERVED
-CVE-2019-14014
- RESERVED
+CVE-2019-14014 (Possible buffer overflow when byte array receives incorrect
input from ...)
NOT-FOR-US: Qualcomm components for Android
-CVE-2019-14013
- RESERVED
+CVE-2019-14013 (While parsing invalid super index table, elements within super
index t ...)
NOT-FOR-US: Qualcomm components for Android
CVE-2019-14012
RESERVED
CVE-2019-14011
RESERVED
-CVE-2019-14010
- RESERVED
+CVE-2019-14010 (The device may enter into error state when some tool or
application ge ...)
NOT-FOR-US: Qualcomm components for Android
CVE-2019-14009
RESERVED
-CVE-2019-14008
- RESERVED
+CVE-2019-14008 (Possible null pointer dereference issue in location assistance
data pr ...)
NOT-FOR-US: Qualcomm components for Android
CVE-2019-14007
RESERVED
-CVE-2019-14006
- RESERVED
+CVE-2019-14006 (Buffer overflow occur while playing the clip which is
nonstandard due ...)
NOT-FOR-US: Qualcomm components for Android
-CVE-2019-14005
- RESERVED
+CVE-2019-14005 (Buffer overflow occur while playing the clip which is
nonstandard due ...)
NOT-FOR-US: Qualcomm components for Android
-CVE-2019-14004
- RESERVED
+CVE-2019-14004 (Buffer overflow occurs while processing invalid MKV clip,
which has in ...)
NOT-FOR-US: Qualcomm components for Android
-CVE-2019-14003
- RESERVED
+CVE-2019-14003 (Null pointer exception can happen while parsing invalid MKV
clip where ...)
NOT-FOR-US: Qualcomm components for Android
CVE-2019-14002
RESERVED
@@ -43171,8 +43187,7 @@ CVE-2019-10613
RESERVED
CVE-2019-10612
RESERVED
-CVE-2019-10611
- RESERVED
+CVE-2019-10611 (Buffer overflow can occur while processing clip due to lack of
check o ...)
NOT-FOR-US: Qualcomm components for Android
CVE-2019-10610
RESERVED
@@ -43182,8 +43197,7 @@ CVE-2019-10608
RESERVED
CVE-2019-10607 (Out of bounds memcpy can occur by providing the embedded NULL
characte ...)
NOT-FOR-US: Qualcomm components for Android
-CVE-2019-10606
- RESERVED
+CVE-2019-10606 (Out-of-bound access will occur in USB driver due to lack of
check to v ...)
NOT-FOR-US: Qualcomm components for Android
CVE-2019-10605 (Buffer overwrite can occur in IEEE80211 header filling
function due to ...)
NOT-FOR-US: Qualcomm components for Android
@@ -43191,8 +43205,7 @@ CVE-2019-10604
RESERVED
CVE-2019-10603
RESERVED
-CVE-2019-10602
- RESERVED
+CVE-2019-10602 (Potential use-after-free heap error during Validate/Present
calls on d ...)
NOT-FOR-US: Qualcomm components for Android
CVE-2019-10601 (Out of bound access can occur while processing firmware event
due to l ...)
NOT-FOR-US: Qualcomm components for Android
@@ -43226,27 +43239,21 @@ CVE-2019-10587
RESERVED
CVE-2019-10586
RESERVED
-CVE-2019-10585
- RESERVED
+CVE-2019-10585 (Possible integer overflow happens when mmap find function will
increme ...)
NOT-FOR-US: Qualcomm components for Android
CVE-2019-10584 (Possibility of out of bound access in debug queue, if packet
size fiel ...)
NOT-FOR-US: Snapdragon
-CVE-2019-10583
- RESERVED
+CVE-2019-10583 (Use after free issue occurs when camera access sensors data
through di ...)
NOT-FOR-US: Qualcomm components for Android
-CVE-2019-10582
- RESERVED
+CVE-2019-10582 (Use after free issue due to using of invalidated iterator to
delete an ...)
NOT-FOR-US: Qualcomm components for Android
-CVE-2019-10581
- RESERVED
+CVE-2019-10581 (NULL is assigned to local instance of audio device pointer
after free ...)
NOT-FOR-US: Qualcomm components for Android
CVE-2019-10580
RESERVED
-CVE-2019-10579
- RESERVED
+CVE-2019-10579 (Buffer over-read can occur while playing the video clip which
is not s ...)
NOT-FOR-US: Qualcomm components for Android
-CVE-2019-10578
- RESERVED
+CVE-2019-10578 (Null pointer dereference can occur while parsing the clip
which is non ...)
NOT-FOR-US: Qualcomm components for Android
CVE-2019-10577
RESERVED
@@ -43280,14 +43287,13 @@ CVE-2019-10563 (Buffer over-read can occur in fast
message handler due to improp
NOT-FOR-US: Snapdragon
CVE-2019-10562
RESERVED
-CVE-2019-10561
- RESERVED
+CVE-2019-10561 (Improper initialization of local variables which are
parameters to sfs ...)
+ TODO: check
CVE-2019-10560
RESERVED
CVE-2019-10559 (Accessing data buffer beyond the available data while parsing
ogg clip ...)
NOT-FOR-US: Qualcomm components for Android
-CVE-2019-10558
- RESERVED
+CVE-2019-10558 (While transferring data from APPS to DSP, Out of bound in
FastRPC HLOS ...)
NOT-FOR-US: Qualcomm components for Android
CVE-2019-10557 (Out-of-bound read in the wireless driver in the Linux kernel
due to la ...)
NOT-FOR-US: Qualcomm components for Android
@@ -43307,8 +43313,7 @@ CVE-2019-10550
RESERVED
CVE-2019-10549
RESERVED
-CVE-2019-10548
- RESERVED
+CVE-2019-10548 (While trying to obtain datad ipc handle during DPL
initialization, Hea ...)
NOT-FOR-US: Qualcomm components for Android
CVE-2019-10547
RESERVED
@@ -43340,8 +43345,7 @@ CVE-2019-10534 (Null-pointer dereference can occur
while accessing the super ind
NOT-FOR-US: Snapdragon
CVE-2019-10533 (Out of bound access due to improper validation of array index
cause th ...)
NOT-FOR-US: Snapdragon
-CVE-2019-10532
- RESERVED
+CVE-2019-10532 (Null-pointer dereference issue can occur while calculating
string leng ...)
NOT-FOR-US: Qualcomm components for Android
CVE-2019-10531 (Incorrect reading of system image resulting in buffer overflow
when si ...)
NOT-FOR-US: Snapdragon
@@ -67002,8 +67006,7 @@ CVE-2019-2269 (Possible buffer overflow while
processing the high level lim proc
NOT-FOR-US: Snapdragon
CVE-2019-2268 (Possible OOB read issue in P2P action frames while handling
WLAN manag ...)
NOT-FOR-US: Snapdragon
-CVE-2019-2267
- RESERVED
+CVE-2019-2267 (Locked regions may be modified through other interfaces in
secure boot ...)
NOT-FOR-US: Qualcomm components for Android
CVE-2019-2266 (Possible double free issue in kernel while handling the camera
sensor ...)
NOT-FOR-US: Snapdragon
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/commit/bd7617e248f19848cb37a9419c269c3e32fada77
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/commit/bd7617e248f19848cb37a9419c269c3e32fada77
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
