Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
81530729 by security tracker role at 2020-01-25T08:10:15+00:00
automatic update
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,3 +1,41 @@
+CVE-2020-7979
+ RESERVED
+CVE-2020-7978
+ RESERVED
+CVE-2020-7977
+ RESERVED
+CVE-2020-7976
+ RESERVED
+CVE-2020-7975
+ RESERVED
+CVE-2020-7974
+ RESERVED
+CVE-2020-7973
+ RESERVED
+CVE-2020-7972
+ RESERVED
+CVE-2020-7971
+ RESERVED
+CVE-2020-7970
+ RESERVED
+CVE-2020-7969
+ RESERVED
+CVE-2020-7968
+ RESERVED
+CVE-2020-7967
+ RESERVED
+CVE-2020-7966
+ RESERVED
+CVE-2020-7965
+ RESERVED
+CVE-2020-7964 (An issue was discovered in Mirumee Saleor 2.x before 2.9.1.
Incorrect ...)
+ TODO: check
+CVE-2020-7963
+ RESERVED
+CVE-2019-20420
+ RESERVED
+CVE-2015-9541 (Qt through 5.14 allows an exponential XML entity expansion
attack via ...)
+ TODO: check
CVE-2020-7962
RESERVED
CVE-2020-7961
@@ -1947,8 +1985,8 @@ CVE-2020-7053 (In the Linux kernel 4.14 longterm through
4.14.165 and 4.19 longt
[stretch] - linux <not-affected> (Vulnerable code introduced later)
[jessie] - linux <not-affected> (Vulnerable code introduced later)
NOTE:
https://lore.kernel.org/stable/[email protected]/
-CVE-2020-7052
- RESERVED
+CVE-2020-7052 (CODESYS Control V3, Gateway V3, and HMI V3 before 3.5.15.30
allow unco ...)
+ TODO: check
CVE-2020-7051
RESERVED
CVE-2020-7050
@@ -2396,7 +2434,7 @@ CVE-2020-6845
RESERVED
CVE-2020-6844
RESERVED
-CVE-2020-6843 (Zoho ManageEngine ServiceDesk Plus 11.0 Build 11007 allows XSS.
...)
+CVE-2020-6843 (Zoho ManageEngine ServiceDesk Plus 11.0 Build 11007 allows XSS.
This i ...)
NOT-FOR-US: Zoho ManageEngine ServiceDesk Plus
CVE-2020-6842
RESERVED
@@ -5830,12 +5868,12 @@ CVE-2020-5228
RESERVED
CVE-2020-5227
RESERVED
-CVE-2020-5226
- RESERVED
-CVE-2020-5225
- RESERVED
-CVE-2020-5224
- RESERVED
+CVE-2020-5226 (Cross-site scripting in SimpleSAMLphp before version 1.18.4.
The www/e ...)
+ TODO: check
+CVE-2020-5225 (Log injection in SimpleSAMLphp before version 1.18.4. The
www/errorepo ...)
+ TODO: check
+CVE-2020-5224 (In Django User Sessions (django-user-sessions) before 1.7.1,
the views ...)
+ TODO: check
CVE-2020-5223 (In PrivateBin versions 1.2.0 before 1.2.2, and 1.3.0 before
1.3.2, a p ...)
TODO: check
CVE-2020-5222
@@ -71425,91 +71463,91 @@ CVE-2018-19608 (Arm Mbed TLS before 2.14.1, before
2.7.8, and before 2.1.17 allo
NOTE:
https://tls.mbed.org/tech-updates/releases/mbedtls-2.14.1-2.7.8-and-2.1.17-released
NOTE:
https://tls.mbed.org/tech-updates/security-advisories/mbedtls-security-advisory-2018-03
CVE-2019-1534
- RESERVED
+ REJECTED
CVE-2019-1533
- RESERVED
+ REJECTED
CVE-2019-1532
- RESERVED
+ REJECTED
CVE-2019-1531
- RESERVED
+ REJECTED
CVE-2019-1530
- RESERVED
+ REJECTED
CVE-2019-1529
- RESERVED
+ REJECTED
CVE-2019-1528
- RESERVED
+ REJECTED
CVE-2019-1527
- RESERVED
+ REJECTED
CVE-2019-1526
- RESERVED
+ REJECTED
CVE-2019-1525
- RESERVED
+ REJECTED
CVE-2019-1524
- RESERVED
+ REJECTED
CVE-2019-1523
- RESERVED
+ REJECTED
CVE-2019-1522
- RESERVED
+ REJECTED
CVE-2019-1521
- RESERVED
+ REJECTED
CVE-2019-1520
- RESERVED
+ REJECTED
CVE-2019-1519
- RESERVED
+ REJECTED
CVE-2019-1518
- RESERVED
+ REJECTED
CVE-2019-1517
- RESERVED
+ REJECTED
CVE-2019-1516
- RESERVED
+ REJECTED
CVE-2019-1515
- RESERVED
+ REJECTED
CVE-2019-1514
- RESERVED
+ REJECTED
CVE-2019-1513
- RESERVED
+ REJECTED
CVE-2019-1512
- RESERVED
+ REJECTED
CVE-2019-1511
- RESERVED
+ REJECTED
CVE-2019-1510
- RESERVED
+ REJECTED
CVE-2019-1509
- RESERVED
+ REJECTED
CVE-2019-1508
- RESERVED
+ REJECTED
CVE-2019-1507
- RESERVED
+ REJECTED
CVE-2019-1506
- RESERVED
+ REJECTED
CVE-2019-1505
- RESERVED
+ REJECTED
CVE-2019-1504
- RESERVED
+ REJECTED
CVE-2019-1503
- RESERVED
+ REJECTED
CVE-2019-1502
- RESERVED
+ REJECTED
CVE-2019-1501
- RESERVED
+ REJECTED
CVE-2019-1500
- RESERVED
+ REJECTED
CVE-2019-1499
- RESERVED
+ REJECTED
CVE-2019-1498
- RESERVED
+ REJECTED
CVE-2019-1497
- RESERVED
+ REJECTED
CVE-2019-1496
- RESERVED
+ REJECTED
CVE-2019-1495
- RESERVED
+ REJECTED
CVE-2019-1494
- RESERVED
+ REJECTED
CVE-2019-1493
- RESERVED
+ REJECTED
CVE-2019-1492
- RESERVED
+ REJECTED
CVE-2019-1491
RESERVED
CVE-2019-1490 (A spoofing vulnerability exists when a Skype for Business
Server does ...)
@@ -71529,13 +71567,13 @@ CVE-2019-1484 (A remote code execution vulnerability
exists when Microsoft Windo
CVE-2019-1483 (An elevation of privilege vulnerability exists when the Windows
AppX D ...)
NOT-FOR-US: Microsoft
CVE-2019-1482
- RESERVED
+ REJECTED
CVE-2019-1481 (An information disclosure vulnerability exists in Windows Media
Player ...)
NOT-FOR-US: Microsoft
CVE-2019-1480 (An information disclosure vulnerability exists in Windows Media
Player ...)
NOT-FOR-US: Microsoft
CVE-2019-1479
- RESERVED
+ REJECTED
CVE-2019-1478 (An elevation of privilege vulnerability exists when Windows
improperly ...)
NOT-FOR-US: Microsoft
CVE-2019-1477 (An elevation of privilege vulnerability exists when the Windows
Printe ...)
@@ -71543,11 +71581,11 @@ CVE-2019-1477 (An elevation of privilege
vulnerability exists when the Windows P
CVE-2019-1476 (An elevation of privilege vulnerability exists when Windows
AppX Deplo ...)
NOT-FOR-US: Microsoft
CVE-2019-1475
- RESERVED
+ REJECTED
CVE-2019-1474 (An information disclosure vulnerability exists when the Windows
kernel ...)
NOT-FOR-US: Microsoft
CVE-2019-1473
- RESERVED
+ REJECTED
CVE-2019-1472 (An information disclosure vulnerability exists when the Windows
kernel ...)
NOT-FOR-US: Microsoft
CVE-2019-1471 (A remote code execution vulnerability exists when Windows
Hyper-V on a ...)
@@ -71572,10 +71610,10 @@ CVE-2019-1462 (A remote code execution vulnerability
exists in Microsoft PowerPo
NOT-FOR-US: Microsoft
CVE-2019-1461 (A denial of service vulnerability exists in Microsoft Word
software wh ...)
NOT-FOR-US: Microsoft
-CVE-2019-1460
- RESERVED
+CVE-2019-1460 (A spoofing vulnerability exists in the way Microsoft Outlook
for Andro ...)
+ TODO: check
CVE-2019-1459
- RESERVED
+ REJECTED
CVE-2019-1458 (An elevation of privilege vulnerability exists in Windows when
the Win ...)
NOT-FOR-US: Microsoft
CVE-2019-1457 (A security feature bypass vulnerability exists in Microsoft
Office sof ...)
@@ -71583,17 +71621,17 @@ CVE-2019-1457 (A security feature bypass
vulnerability exists in Microsoft Offic
CVE-2019-1456 (A remote code execution vulnerability exists in Microsoft
Windows when ...)
NOT-FOR-US: Microsoft
CVE-2019-1455
- RESERVED
-CVE-2019-1454
- RESERVED
+ REJECTED
+CVE-2019-1454 (An elevation of privilege vulnerability exists when the Windows
User P ...)
+ TODO: check
CVE-2019-1453 (A denial of service vulnerability exists in Remote Desktop
Protocol (R ...)
NOT-FOR-US: Microsoft
CVE-2019-1452
- RESERVED
+ REJECTED
CVE-2019-1451
- RESERVED
+ REJECTED
CVE-2019-1450
- RESERVED
+ REJECTED
CVE-2019-1449 (A security feature bypass vulnerability exists in the way that
Office ...)
NOT-FOR-US: Microsoft
CVE-2019-1448 (A remote code execution vulnerability exists in Microsoft Excel
softwa ...)
@@ -71605,7 +71643,7 @@ CVE-2019-1446 (An information disclosure vulnerability
exists when Microsoft Exc
CVE-2019-1445 (A spoofing vulnerability exists when Office Online does not
validate o ...)
NOT-FOR-US: Microsoft
CVE-2019-1444
- RESERVED
+ REJECTED
CVE-2019-1443 (An information disclosure vulnerability exists in Microsoft
SharePoint ...)
NOT-FOR-US: Microsoft
CVE-2019-1442 (A security feature bypass vulnerability exists when Microsoft
Office d ...)
@@ -71631,7 +71669,7 @@ CVE-2019-1433 (An elevation of privilege vulnerability
exists when the Windows G
CVE-2019-1432 (An information disclosure vulnerability exists when DirectWrite
improp ...)
NOT-FOR-US: Microsoft
CVE-2019-1431
- RESERVED
+ REJECTED
CVE-2019-1430 (A remote code execution vulnerability exists when Windows Media
Founda ...)
NOT-FOR-US: Microsoft
CVE-2019-1429 (A remote code execution vulnerability exists in the way that
the scrip ...)
@@ -71651,7 +71689,7 @@ CVE-2019-1423 (An elevation of privilege vulnerability
exists in the way that th
CVE-2019-1422 (An elevation of privilege vulnerability exists in the way that
the iph ...)
NOT-FOR-US: Microsoft
CVE-2019-1421
- RESERVED
+ REJECTED
CVE-2019-1420 (An elevation of privilege vulnerability exists in the way that
the dss ...)
NOT-FOR-US: Microsoft
CVE-2019-1419 (A remote code execution vulnerability exists in Microsoft
Windows when ...)
@@ -71664,8 +71702,8 @@ CVE-2019-1416 (An elevation of privilege vulnerability
exists due to a race cond
NOT-FOR-US: Microsoft
CVE-2019-1415 (An elevation of privilege vulnerability exists in Windows
Installer be ...)
NOT-FOR-US: Microsoft
-CVE-2019-1414
- RESERVED
+CVE-2019-1414 (An elevation of privilege vulnerability exists in Visual Studio
Code w ...)
+ TODO: check
CVE-2019-1413 (A security feature bypass vulnerability exists when Microsoft
Edge imp ...)
NOT-FOR-US: Microsoft
CVE-2019-1412 (An information disclosure vulnerability exists in Windows Adobe
Type M ...)
@@ -71673,7 +71711,7 @@ CVE-2019-1412 (An information disclosure vulnerability
exists in Windows Adobe T
CVE-2019-1411 (An information disclosure vulnerability exists when DirectWrite
improp ...)
NOT-FOR-US: Microsoft
CVE-2019-1410
- RESERVED
+ REJECTED
CVE-2019-1409 (An information disclosure vulnerability exists when the Windows
Remote ...)
NOT-FOR-US: Microsoft
CVE-2019-1408 (An elevation of privilege vulnerability exists in Windows when
the Win ...)
@@ -71685,13 +71723,13 @@ CVE-2019-1406 (A remote code execution vulnerability
exists when the Windows Jet
CVE-2019-1405 (An elevation of privilege vulnerability exists when the Windows
Univer ...)
NOT-FOR-US: Microsoft
CVE-2019-1404
- RESERVED
+ REJECTED
CVE-2019-1403
- RESERVED
+ REJECTED
CVE-2019-1402 (An information disclosure vulnerability exists in Microsoft
Office sof ...)
NOT-FOR-US: Microsoft
CVE-2019-1401
- RESERVED
+ REJECTED
CVE-2019-1400 (An information disclosure vulnerability exists in Microsoft
Access sof ...)
NOT-FOR-US: Microsoft
CVE-2019-1399 (A denial of service vulnerability exists when Microsoft Hyper-V
on a h ...)
@@ -71724,7 +71762,7 @@ CVE-2019-1387 (An issue was found in Git before
v2.24.1, v2.23.1, v2.22.2, v2.21
NOTE:
https://git.kernel.org/pub/scm/git/git.git/commit/?id=a8dee3ca610f5a1d403634492136c887f83b59d2
NOTE: https://www.openwall.com/lists/oss-security/2019/12/13/1
CVE-2019-1386
- RESERVED
+ REJECTED
CVE-2019-1385 (An elevation of privilege vulnerability exists when the Windows
AppX D ...)
NOT-FOR-US: Microsoft
CVE-2019-1384 (A security feature bypass vulnerability exists where a NETLOGON
messag ...)
@@ -71742,7 +71780,7 @@ CVE-2019-1379 (An elevation of privilege vulnerability
exists when the Windows D
CVE-2019-1378 (An elevation of privilege vulnerability exists in Windows 10
Update As ...)
NOT-FOR-US: Microsoft
CVE-2019-1377
- RESERVED
+ REJECTED
CVE-2019-1376 (An information disclosure vulnerability exists in Microsoft SQL
Server ...)
NOT-FOR-US: Microsoft
CVE-2019-1375 (A cross site scripting vulnerability exists when Microsoft
Dynamics 36 ...)
@@ -71776,7 +71814,7 @@ CVE-2019-1362 (An elevation of privilege vulnerability
exists in Windows when th
CVE-2019-1361 (An information disclosure vulnerability exists in the way that
Microso ...)
NOT-FOR-US: Microsoft
CVE-2019-1360
- RESERVED
+ REJECTED
CVE-2019-1359 (A remote code execution vulnerability exists when the Windows
Jet Data ...)
NOT-FOR-US: Microsoft
CVE-2019-1358 (A remote code execution vulnerability exists when the Windows
Jet Data ...)
@@ -71786,47 +71824,42 @@ CVE-2019-1357 (A spoofing vulnerability exists when
Microsoft Browsers improperl
CVE-2019-1356 (An information disclosure vulnerability exists when Microsoft
Edge bas ...)
NOT-FOR-US: Microsoft
CVE-2019-1355
- RESERVED
-CVE-2019-1354
- RESERVED
+ REJECTED
+CVE-2019-1354 (A remote code execution vulnerability exists when Git for
Visual Studi ...)
- git 1:2.24.0-2 (unimportant)
[buster] - git 1:2.20.1-2+deb10u1
NOTE:
https://git.kernel.org/pub/scm/git/git.git/commit/?id=e1d911dd4c7b76a5a8cec0f5c8de15981e34da83
NOTE: https://www.openwall.com/lists/oss-security/2019/12/13/1
CVE-2019-1353
- RESERVED
+ REJECTED
{DSA-4581-1 DLA-2059-1}
- git 1:2.24.0-2
NOTE:
https://git.kernel.org/pub/scm/git/git.git/commit/?id=9102f958ee5254b10c0be72672aa3305bf4f4704
NOTE: https://www.openwall.com/lists/oss-security/2019/12/13/1
-CVE-2019-1352
- RESERVED
+CVE-2019-1352 (A remote code execution vulnerability exists when Git for
Visual Studi ...)
{DSA-4581-1 DLA-2059-1}
- git 1:2.24.0-2
NOTE:
https://git.kernel.org/pub/scm/git/git.git/commit/?id=7c3745fc6185495d5765628b4dfe1bd2c25a2981
NOTE: https://www.openwall.com/lists/oss-security/2019/12/13/1
NOTE: Additional hardening for .gitmodules (but not part of the CVE):
NOTE:
https://git.kernel.org/pub/scm/git/git.git/commit/?id=91bd46588e6959e6903e275f78b10bd07830d547
-CVE-2019-1351
- RESERVED
+CVE-2019-1351 (A tampering vulnerability exists when Git for Visual Studio
improperly ...)
- git 1:2.24.0-2 (unimportant)
[buster] - git 1:2.20.1-2+deb10u1
NOTE:
https://git.kernel.org/pub/scm/git/git.git/commit/?id=f82a97eb9197c1e3768e72648f37ce0ca3233734
NOTE: https://www.openwall.com/lists/oss-security/2019/12/13/1
-CVE-2019-1350
- RESERVED
+CVE-2019-1350 (A remote code execution vulnerability exists when Git for
Visual Studi ...)
- git 1:2.24.0-2 (unimportant)
[buster] - git 1:2.20.1-2+deb10u1
NOTE:
https://git.kernel.org/pub/scm/git/git.git/commit/?id=6d8684161ee9c03bed5cb69ae76dfdddb85a0003
NOTE: https://www.openwall.com/lists/oss-security/2019/12/13/1
-CVE-2019-1349
- RESERVED
+CVE-2019-1349 (A remote code execution vulnerability exists when Git for
Visual Studi ...)
{DSA-4581-1 DLA-2059-1}
- git 1:2.24.0-2
NOTE:
https://git.kernel.org/pub/scm/git/git.git/commit/?id=0060fd1511b94c918928fa3708f69a3f33895a4a
NOTE: https://www.openwall.com/lists/oss-security/2019/12/13/1
CVE-2019-1348
- RESERVED
+ REJECTED
{DSA-4581-1 DLA-2059-1}
- git 1:2.24.0-2
NOTE:
https://git.kernel.org/pub/scm/git/git.git/commit/?id=68061e3470210703cb15594194718d35094afdc0
@@ -71902,7 +71935,7 @@ CVE-2019-1314 (A security feature bypass vulnerability
exists in Windows 10 Mobi
CVE-2019-1313 (An information disclosure vulnerability exists in Microsoft SQL
Server ...)
NOT-FOR-US: Microsoft
CVE-2019-1312
- RESERVED
+ REJECTED
CVE-2019-1311 (A remote code execution vulnerability exists when the Windows
Imaging ...)
NOT-FOR-US: Microsoft
CVE-2019-1310 (A denial of service vulnerability exists when Microsoft Hyper-V
Networ ...)
@@ -71918,7 +71951,7 @@ CVE-2019-1306 (A remote code execution vulnerability
exists when Azure DevOps Se
CVE-2019-1305 (A Cross-site Scripting (XSS) vulnerability exists when Team
Foundation ...)
NOT-FOR-US: Microsoft
CVE-2019-1304
- RESERVED
+ REJECTED
CVE-2019-1303 (An elevation of privilege vulnerability exists when the Windows
AppX D ...)
NOT-FOR-US: Microsoft
CVE-2019-1302 (An elevation of privilege vulnerability exists when a ASP.NET
Core web ...)
@@ -71950,7 +71983,7 @@ CVE-2019-1290 (A remote code execution vulnerability
exists in the Windows Remot
CVE-2019-1289 (An elevation of privilege vulnerability exists when the Windows
Update ...)
NOT-FOR-US: Microsoft
CVE-2019-1288
- RESERVED
+ REJECTED
CVE-2019-1287 (An elevation of privilege vulnerability exists in the way that
the Win ...)
NOT-FOR-US: Microsoft
CVE-2019-1286 (An information disclosure vulnerability exists when the Windows
GDI co ...)
@@ -71964,19 +71997,19 @@ CVE-2019-1283 (An information disclosure
vulnerability exists in the way that Mi
CVE-2019-1282 (An information disclosure exists in the Windows Common Log File
System ...)
NOT-FOR-US: Microsoft
CVE-2019-1281
- RESERVED
+ REJECTED
CVE-2019-1280 (A remote code execution vulnerability exists in Microsoft
Windows that ...)
NOT-FOR-US: Microsoft
CVE-2019-1279
- RESERVED
+ REJECTED
CVE-2019-1278 (An elevation of privilege vulnerability exists in the way that
the uni ...)
NOT-FOR-US: Microsoft
CVE-2019-1277 (An elevation of privilege vulnerability exists in Windows Audio
Servic ...)
NOT-FOR-US: Microsoft
CVE-2019-1276
- RESERVED
+ REJECTED
CVE-2019-1275
- RESERVED
+ REJECTED
CVE-2019-1274 (An information disclosure vulnerability exists when the Windows
kernel ...)
NOT-FOR-US: Microsoft
CVE-2019-1273 (A cross-site-scripting (XSS) vulnerability exists when Active
Director ...)
@@ -72106,13 +72139,13 @@ CVE-2019-1212 (A memory corruption vulnerability
exists in the Windows Server DH
CVE-2019-1211 (An elevation of privilege vulnerability exists in Git for
Visual Studi ...)
NOT-FOR-US: Microsoft
CVE-2019-1210
- RESERVED
+ REJECTED
CVE-2019-1209 (An information disclosure vulnerability exists in Lync 2013,
aka 'Lync ...)
NOT-FOR-US: Microsoft
CVE-2019-1208 (A remote code execution vulnerability exists in the way that
the VBScr ...)
NOT-FOR-US: Microsoft
CVE-2019-1207
- RESERVED
+ REJECTED
CVE-2019-1206 (A memory corruption vulnerability exists in the Windows Server
DHCP se ...)
NOT-FOR-US: Microsoft
CVE-2019-1205 (A remote code execution vulnerability exists in Microsoft Word
softwar ...)
@@ -72144,11 +72177,11 @@ CVE-2019-1193 (A remote code execution vulnerability
exists in the way that Micr
CVE-2019-1192 (A security feature bypass vulnerability exists when Microsoft
browsers ...)
NOT-FOR-US: Microsoft
CVE-2019-1191
- RESERVED
+ REJECTED
CVE-2019-1190 (An elevation of privilege vulnerability exists in the way that
the Win ...)
NOT-FOR-US: Microsoft
CVE-2019-1189
- RESERVED
+ REJECTED
CVE-2019-1188 (A remote code execution vulnerability exists in Microsoft
Windows that ...)
NOT-FOR-US: Microsoft
CVE-2019-1187 (A denial of service vulnerability exists when the XmlLite
runtime (Xml ...)
@@ -72196,7 +72229,7 @@ CVE-2019-1167 (A security feature bypass vulnerability
exists in Windows Defende
CVE-2019-1166 (A tampering vulnerability exists in Microsoft Windows when a
man-in-th ...)
NOT-FOR-US: Microsoft
CVE-2019-1165
- RESERVED
+ REJECTED
CVE-2019-1164 (An elevation of privilege vulnerability exists when the Windows
kernel ...)
NOT-FOR-US: Microsoft
CVE-2019-1163 (A security feature bypass exists when Windows incorrectly
validates CA ...)
@@ -72206,7 +72239,7 @@ CVE-2019-1162 (An elevation of privilege vulnerability
exists when Windows impro
CVE-2019-1161 (An elevation of privilege vulnerability exists when the
MpSigStub.exe ...)
NOT-FOR-US: Microsoft
CVE-2019-1160
- RESERVED
+ REJECTED
CVE-2019-1159 (An elevation of privilege vulnerability exists when the Windows
kernel ...)
NOT-FOR-US: Microsoft
CVE-2019-1158 (An information disclosure vulnerability exists when the Windows
GDI co ...)
@@ -72256,7 +72289,7 @@ CVE-2019-1137 (A cross-site-scripting (XSS)
vulnerability exists when Microsoft
CVE-2019-1136 (An elevation of privilege vulnerability exists in Microsoft
Exchange S ...)
NOT-FOR-US: Microsoft
CVE-2019-1135
- RESERVED
+ REJECTED
CVE-2019-1134 (A cross-site-scripting (XSS) vulnerability exists when
Microsoft Share ...)
NOT-FOR-US: Microsoft
CVE-2019-1133 (A remote code execution vulnerability exists in the way that
the scrip ...)
@@ -72298,9 +72331,9 @@ CVE-2019-1117 (A remote code execution vulnerability
exists in the way that Dire
CVE-2019-1116 (An information disclosure vulnerability exists when the Windows
GDI co ...)
NOT-FOR-US: Microsoft
CVE-2019-1115
- RESERVED
+ REJECTED
CVE-2019-1114
- RESERVED
+ REJECTED
CVE-2019-1113 (A remote code execution vulnerability exists in .NET software
when the ...)
NOT-FOR-US: Microsoft .NET
CVE-2019-1112 (An information disclosure vulnerability exists when Microsoft
Excel im ...)
@@ -72396,7 +72429,7 @@ CVE-2019-1068 (A remote code execution vulnerability
exists in Microsoft SQL Ser
CVE-2019-1067 (An elevation of privilege vulnerability exists when the Windows
kernel ...)
NOT-FOR-US: Microsoft
CVE-2019-1066
- RESERVED
+ REJECTED
CVE-2019-1065 (An elevation of privilege vulnerability exists when the Windows
kernel ...)
NOT-FOR-US: Microsoft
CVE-2019-1064 (An elevation of privilege vulnerability exists when Windows
AppX Deplo ...)
@@ -72406,13 +72439,13 @@ CVE-2019-1063 (A remote code execution vulnerability
exists when Internet Explor
CVE-2019-1062 (A remote code execution vulnerability exists in the way that
the Chakr ...)
NOT-FOR-US: Microsoft
CVE-2019-1061
- RESERVED
+ REJECTED
CVE-2019-1060 (A remote code execution vulnerability exists when the Microsoft
XML Co ...)
NOT-FOR-US: Microsoft
CVE-2019-1059 (A remote code execution vulnerability exists in the way that
the scrip ...)
NOT-FOR-US: Microsoft
CVE-2019-1058
- RESERVED
+ REJECTED
CVE-2019-1057 (A remote code execution vulnerability exists when the Microsoft
XML Co ...)
NOT-FOR-US: Microsoft
CVE-2019-1056 (A remote code execution vulnerability exists in the way that
the scrip ...)
@@ -72444,7 +72477,7 @@ CVE-2019-1044 (A security feature bypass vulnerability
exists when Windows Secur
CVE-2019-1043 (A remote code execution vulnerability exists in the way that
comctl32. ...)
NOT-FOR-US: Microsoft
CVE-2019-1042
- RESERVED
+ REJECTED
CVE-2019-1041 (An elevation of privilege vulnerability exists when the Windows
kernel ...)
NOT-FOR-US: Microsoft
CVE-2019-1040 (A tampering vulnerability exists in Microsoft Windows when a
man-in-th ...)
@@ -72488,7 +72521,7 @@ CVE-2019-1022 (An elevation of privilege exists in
Windows Audio Service, aka 'W
CVE-2019-1021 (An elevation of privilege exists in Windows Audio Service, aka
'Window ...)
NOT-FOR-US: Microsoft
CVE-2019-1020
- RESERVED
+ REJECTED
CVE-2019-1019 (A security feature bypass vulnerability exists where a NETLOGON
messag ...)
NOT-FOR-US: Microsoft
CVE-2019-1018 (An elevation of privilege vulnerability exists when DirectX
improperly ...)
@@ -72534,13 +72567,13 @@ CVE-2019-0999 (An elevation of privilege
vulnerability exists when DirectX impro
CVE-2019-0998 (An elevation of privilege vulnerability exists when the Storage
Servic ...)
NOT-FOR-US: Microsoft
CVE-2019-0997
- RESERVED
+ REJECTED
CVE-2019-0996 (A spoofing vulnerability exists in Azure DevOps Server when it
imprope ...)
NOT-FOR-US: Azure DevOps Server / Microsoft
CVE-2019-0995 (A security feature bypass vulnerability exists when urlmon.dll
imprope ...)
NOT-FOR-US: Microsoft
CVE-2019-0994
- RESERVED
+ REJECTED
CVE-2019-0993 (A remote code execution vulnerability exists in the way that
the Chakr ...)
NOT-FOR-US: Microsoft
CVE-2019-0992 (A remote code execution vulnerability exists in the way that
the Chakr ...)
@@ -72554,7 +72587,7 @@ CVE-2019-0989 (A remote code execution vulnerability
exists in the way that the
CVE-2019-0988 (A remote code execution vulnerability exists in the way that
the scrip ...)
NOT-FOR-US: Microsoft
CVE-2019-0987
- RESERVED
+ REJECTED
CVE-2019-0986 (An elevation of privilege vulnerability exists when the Windows
User P ...)
NOT-FOR-US: Microsoft
CVE-2019-0985 (A remote code execution vulnerability exists when the Microsoft
Speech ...)
@@ -72572,7 +72605,7 @@ CVE-2019-0980 (A denial of service vulnerability exists
when .NET Framework or .
CVE-2019-0979 (A Cross-site Scripting (XSS) vulnerability exists when Azure
DevOps Se ...)
NOT-FOR-US: Microsoft
CVE-2019-0978
- RESERVED
+ REJECTED
CVE-2019-0977 (An information disclosure vulnerability exists when the Windows
GDI co ...)
NOT-FOR-US: Microsoft
CVE-2019-0976 (A tampering vulnerability exists in the NuGet Package Manager
for Linu ...)
@@ -72591,19 +72624,19 @@ CVE-2019-0972 (This security update corrects a denial
of service in the Local Se
CVE-2019-0971 (An information disclosure vulnerability exists when Azure
DevOps Serve ...)
NOT-FOR-US: Microsoft
CVE-2019-0970
- RESERVED
+ REJECTED
CVE-2019-0969
- RESERVED
+ REJECTED
CVE-2019-0968 (An information disclosure vulnerability exists when the Windows
GDI co ...)
NOT-FOR-US: Microsoft
CVE-2019-0967
- RESERVED
+ REJECTED
CVE-2019-0966 (A denial of service vulnerability exists when Microsoft Hyper-V
on a h ...)
NOT-FOR-US: Microsoft
CVE-2019-0965 (A remote code execution vulnerability exists when Windows
Hyper-V on a ...)
NOT-FOR-US: Microsoft
CVE-2019-0964
- RESERVED
+ REJECTED
CVE-2019-0963 (A cross-site-scripting (XSS) vulnerability exists when
Microsoft Share ...)
NOT-FOR-US: Microsoft
CVE-2019-0962 (An elevation of privilege vulnerability exists in Azure
Automation "Ru ...)
@@ -72621,9 +72654,9 @@ CVE-2019-0957 (An elevation of privilege vulnerability
exists when Microsoft Sha
CVE-2019-0956 (An information disclosure vulnerability exists when Microsoft
SharePoi ...)
NOT-FOR-US: Microsoft
CVE-2019-0955
- RESERVED
+ REJECTED
CVE-2019-0954
- RESERVED
+ REJECTED
CVE-2019-0953 (A remote code execution vulnerability exists in Microsoft Word
softwar ...)
NOT-FOR-US: Microsoft
CVE-2019-0952 (A remote code execution vulnerability exists in Microsoft
SharePoint S ...)
@@ -72643,7 +72676,7 @@ CVE-2019-0946 (A remote code execution vulnerability
exists when the Microsoft O
CVE-2019-0945 (A remote code execution vulnerability exists when the Microsoft
Office ...)
NOT-FOR-US: Microsoft
CVE-2019-0944
- RESERVED
+ REJECTED
CVE-2019-0943 (An elevation of privilege vulnerability exists when Windows
improperly ...)
NOT-FOR-US: Microsoft
CVE-2019-0942 (An elevation of privilege vulnerability exists in the Unified
Write Fi ...)
@@ -72653,7 +72686,7 @@ CVE-2019-0941 (A denial of service exists in Microsoft
IIS Server when the optio
CVE-2019-0940 (A remote code execution vulnerability exists in the way that
Microsoft ...)
NOT-FOR-US: Microsoft
CVE-2019-0939
- RESERVED
+ REJECTED
CVE-2019-0938 (An elevation of privilege vulnerability exists in Microsoft
Edge that ...)
NOT-FOR-US: Microsoft
CVE-2019-0937 (A remote code execution vulnerability exists in the way that
the Chakr ...)
@@ -72661,9 +72694,9 @@ CVE-2019-0937 (A remote code execution vulnerability
exists in the way that the
CVE-2019-0936 (An elevation of privilege vulnerability exists in Microsoft
Windows wh ...)
NOT-FOR-US: Microsoft
CVE-2019-0935
- RESERVED
+ REJECTED
CVE-2019-0934
- RESERVED
+ REJECTED
CVE-2019-0933 (A remote code execution vulnerability exists in the way that
the Chakr ...)
NOT-FOR-US: Microsoft
CVE-2019-0932 (An information disclosure vulnerability exists in Skype for
Android, a ...)
@@ -72693,7 +72726,7 @@ CVE-2019-0921 (An spoofing vulnerability exists when
Internet Explorer improperl
CVE-2019-0920 (A remote code execution vulnerability exists in the way the
scripting ...)
NOT-FOR-US: Microsoft
CVE-2019-0919
- RESERVED
+ REJECTED
CVE-2019-0918 (A remote code execution vulnerability exists in the way the
scripting ...)
NOT-FOR-US: Microsoft
CVE-2019-0917 (A remote code execution vulnerability exists in the way that
the Chakr ...)
@@ -72711,7 +72744,7 @@ CVE-2019-0912 (A remote code execution vulnerability
exists in the way that the
CVE-2019-0911 (A remote code execution vulnerability exists in the way the
scripting ...)
NOT-FOR-US: Microsoft
CVE-2019-0910
- RESERVED
+ REJECTED
CVE-2019-0909 (A remote code execution vulnerability exists when the Windows
Jet Data ...)
NOT-FOR-US: Microsoft
CVE-2019-0908 (A remote code execution vulnerability exists when the Windows
Jet Data ...)
@@ -72765,7 +72798,7 @@ CVE-2019-0885 (A remote code execution vulnerability
exists when Microsoft Windo
CVE-2019-0884 (A remote code execution vulnerability exists in the way the
scripting ...)
NOT-FOR-US: Microsoft
CVE-2019-0883
- RESERVED
+ REJECTED
CVE-2019-0882 (An information disclosure vulnerability exists when the Windows
GDI co ...)
NOT-FOR-US: Microsoft
CVE-2019-0881 (An elevation of privilege vulnerability exists when the Windows
Kernel ...)
@@ -72775,7 +72808,7 @@ CVE-2019-0880 (A local elevation of privilege
vulnerability exists in how splwow
CVE-2019-0879 (A remote code execution vulnerability exists when the Windows
Jet Data ...)
NOT-FOR-US: Microsoft
CVE-2019-0878
- RESERVED
+ REJECTED
CVE-2019-0877 (A remote code execution vulnerability exists when the Windows
Jet Data ...)
NOT-FOR-US: Microsoft
CVE-2019-0876 (An information disclosure vulnerability exists when affected
Open Encl ...)
@@ -72785,7 +72818,7 @@ CVE-2019-0875 (An elevation of privilege vulnerability
exists when Azure DevOps
CVE-2019-0874 (A Cross-site Scripting (XSS) vulnerability exists when Azure
DevOps Se ...)
NOT-FOR-US: Microsoft
CVE-2019-0873
- RESERVED
+ REJECTED
CVE-2019-0872 (A Cross-site Scripting (XSS) vulnerability exists when Azure
DevOps Se ...)
NOT-FOR-US: Microsoft
CVE-2019-0871 (A Cross-site Scripting (XSS) vulnerability exists when Azure
DevOps Se ...)
@@ -72821,17 +72854,17 @@ CVE-2019-0857 (A spoofing vulnerability that could
allow a security feature bypa
CVE-2019-0856 (A remote code execution vulnerability exists when Windows
improperly h ...)
NOT-FOR-US: Microsoft Windows
CVE-2019-0855
- RESERVED
+ REJECTED
CVE-2019-0854
- RESERVED
+ REJECTED
CVE-2019-0853 (A remote code execution vulnerability exists in the way that
the Windo ...)
NOT-FOR-US: Microsoft
CVE-2019-0852
- RESERVED
+ REJECTED
CVE-2019-0851 (A remote code execution vulnerability exists when the Windows
Jet Data ...)
NOT-FOR-US: Microsoft
CVE-2019-0850
- RESERVED
+ REJECTED
CVE-2019-0849 (An information disclosure vulnerability exists when the Windows
GDI co ...)
NOT-FOR-US: Microsoft
CVE-2019-0848 (An information disclosure vulnerability exists when the win32k
compone ...)
@@ -72845,7 +72878,7 @@ CVE-2019-0845 (A remote code execution vulnerability
exists when the IOleCvt int
CVE-2019-0844 (An information disclosure vulnerability exists when the Windows
kernel ...)
NOT-FOR-US: Microsoft Windows
CVE-2019-0843
- RESERVED
+ REJECTED
CVE-2019-0842 (A remote code execution vulnerability exists in the way that
the VBScr ...)
NOT-FOR-US: Microsoft
CVE-2019-0841 (An elevation of privilege vulnerability exists when Windows
AppX Deplo ...)
@@ -72863,11 +72896,11 @@ CVE-2019-0836 (An elevation of privilege
vulnerability exists when Windows impro
CVE-2019-0835 (An information disclosure vulnerability exists when the
scripting engi ...)
NOT-FOR-US: Microsoft
CVE-2019-0834
- RESERVED
+ REJECTED
CVE-2019-0833 (An information disclosure vulnerability exists when Microsoft
Edge imp ...)
NOT-FOR-US: Microsoft
CVE-2019-0832
- RESERVED
+ REJECTED
CVE-2019-0831 (A cross-site-scripting (XSS) vulnerability exists when
Microsoft Share ...)
NOT-FOR-US: Microsoft
CVE-2019-0830 (A cross-site-scripting (XSS) vulnerability exists when
Microsoft Share ...)
@@ -72895,7 +72928,7 @@ CVE-2019-0820 (A denial of service vulnerability exists
when .NET Framework and
CVE-2019-0819 (An information disclosure vulnerability exists in Microsoft SQL
Server ...)
NOT-FOR-US: Microsoft
CVE-2019-0818
- RESERVED
+ REJECTED
CVE-2019-0817 (A spoofing vulnerability exists in Microsoft Exchange Server
when Outl ...)
NOT-FOR-US: Microsoft
CVE-2019-0816 (A security feature bypass exists in Azure SSH Keypairs, due to
a chang ...)
@@ -72921,7 +72954,7 @@ CVE-2019-0809 (A remote code execution vulnerability
exists when the Visual Stud
CVE-2019-0808 (An elevation of privilege vulnerability exists in Windows when
the Win ...)
NOT-FOR-US: Microsoft Windows
CVE-2019-0807
- RESERVED
+ REJECTED
CVE-2019-0806 (A remote code execution vulnerability exists in the way that
the Chakr ...)
NOT-FOR-US: Microsoft
CVE-2019-0805 (An elevation of privilege vulnerability exists when Windows
improperly ...)
@@ -72936,9 +72969,9 @@ CVE-2019-0802 (An information disclosure vulnerability
exists when the Windows G
CVE-2019-0801 (A remote code execution vulnerability exists when Microsoft
Office fai ...)
NOT-FOR-US: Microsoft
CVE-2019-0800
- RESERVED
+ REJECTED
CVE-2019-0799
- RESERVED
+ REJECTED
CVE-2019-0798 (A spoofing vulnerability exists when a Lync Server or Skype for
Busine ...)
NOT-FOR-US: Microsoft
CVE-2019-0797 (An elevation of privilege vulnerability exists in Windows when
the Win ...)
@@ -72958,7 +72991,7 @@ CVE-2019-0791 (A remote code execution vulnerability
exists when the Microsoft X
CVE-2019-0790 (A remote code execution vulnerability exists when the Microsoft
XML Co ...)
NOT-FOR-US: Microsoft
CVE-2019-0789
- RESERVED
+ REJECTED
CVE-2019-0788 (A remote code execution vulnerability exists in the Windows
Remote Des ...)
NOT-FOR-US: Microsoft
CVE-2019-0787 (A remote code execution vulnerability exists in the Windows
Remote Des ...)
@@ -72974,7 +73007,7 @@ CVE-2019-0783 (A remote code execution vulnerability
exists in the way that the
CVE-2019-0782 (An information disclosure vulnerability exists when the Windows
kernel ...)
NOT-FOR-US: Microsoft Windows
CVE-2019-0781
- RESERVED
+ REJECTED
CVE-2019-0780 (A remote code execution vulnerability exists in the way that
Microsoft ...)
NOT-FOR-US: Microsoft
CVE-2019-0779 (A remote code execution vulnerability exists when Microsoft
Edge impro ...)
@@ -73016,7 +73049,7 @@ CVE-2019-0762 (A security feature bypass vulnerability
exists when Microsoft bro
CVE-2019-0761 (A security feature bypass vulnerability exists when Internet
Explorer ...)
NOT-FOR-US: Microsoft
CVE-2019-0760
- RESERVED
+ REJECTED
CVE-2019-0759 (An information disclosure vulnerability exists when the Windows
Print ...)
NOT-FOR-US: Microsoft
CVE-2019-0758 (An information disclosure vulnerability exists when the Windows
GDI co ...)
@@ -73038,21 +73071,21 @@ CVE-2019-0753 (A remote code execution vulnerability
exists in the way that the
CVE-2019-0752 (A remote code execution vulnerability exists in the way that
the scrip ...)
NOT-FOR-US: Microsoft
CVE-2019-0751
- RESERVED
+ REJECTED
CVE-2019-0750
- RESERVED
+ REJECTED
CVE-2019-0749
- RESERVED
+ REJECTED
CVE-2019-0748 (A remote code execution vulnerability exists when the Microsoft
Office ...)
NOT-FOR-US: Microsoft
CVE-2019-0747
- RESERVED
+ REJECTED
CVE-2019-0746 (An information disclosure vulnerability exists when the
scripting engi ...)
NOT-FOR-US: Microsoft
CVE-2019-0745
- RESERVED
+ REJECTED
CVE-2019-0744
- RESERVED
+ REJECTED
CVE-2019-0743 (A Cross-site Scripting (XSS) vulnerability exists when Team
Foundation ...)
NOT-FOR-US: Microsoft Team Foundation Server
CVE-2019-0742 (A Cross-site Scripting (XSS) vulnerability exists when Team
Foundation ...)
@@ -73060,13 +73093,13 @@ CVE-2019-0742 (A Cross-site Scripting (XSS)
vulnerability exists when Team Found
CVE-2019-0741 (An information disclosure vulnerability exists in the way Azure
IoT Ja ...)
NOT-FOR-US: Microsoft
CVE-2019-0740
- RESERVED
+ REJECTED
CVE-2019-0739 (A remote code execution vulnerability exists in the way that
the scrip ...)
NOT-FOR-US: Microsoft
CVE-2019-0738
- RESERVED
+ REJECTED
CVE-2019-0737
- RESERVED
+ REJECTED
CVE-2019-0736 (A memory corruption vulnerability exists in the Windows DHCP
client wh ...)
NOT-FOR-US: Microsoft
CVE-2019-0735 (An elevation of privilege vulnerability exists when the Windows
Client ...)
@@ -73128,9 +73161,9 @@ CVE-2019-0708 (A remote code execution vulnerability
exists in Remote Desktop Se
CVE-2019-0707 (An elevation of privilege vulnerability exists in the Network
Driver I ...)
NOT-FOR-US: Microsoft
CVE-2019-0706
- RESERVED
+ REJECTED
CVE-2019-0705
- RESERVED
+ REJECTED
CVE-2019-0704 (An information disclosure vulnerability exists in the way that
the Win ...)
NOT-FOR-US: Windows SMB Server
CVE-2019-0703 (An information disclosure vulnerability exists in the way that
the Win ...)
@@ -73140,9 +73173,9 @@ CVE-2019-0702 (An information disclosure vulnerability
exists when the Windows k
CVE-2019-0701 (A denial of service vulnerability exists when Microsoft Hyper-V
on a h ...)
NOT-FOR-US: Microsoft
CVE-2019-0700
- RESERVED
+ REJECTED
CVE-2019-0699
- RESERVED
+ REJECTED
CVE-2019-0698 (A memory corruption vulnerability exists in the Windows DHCP
client wh ...)
NOT-FOR-US: Microsoft
CVE-2019-0697 (A memory corruption vulnerability exists in the Windows DHCP
client wh ...)
@@ -73158,7 +73191,7 @@ CVE-2019-0693 (An elevation of privilege vulnerability
exists due to an integer
CVE-2019-0692 (An elevation of privilege vulnerability exists due to an
integer overf ...)
NOT-FOR-US: Microsoft Windows Subsystem for Linux
CVE-2019-0691
- RESERVED
+ REJECTED
CVE-2019-0690 (A denial of service vulnerability exists when Microsoft Hyper-V
Networ ...)
NOT-FOR-US: Microsoft
CVE-2019-0689 (An elevation of privilege vulnerability exists due to an
integer overf ...)
@@ -73166,27 +73199,27 @@ CVE-2019-0689 (An elevation of privilege
vulnerability exists due to an integer
CVE-2019-0688 (An information disclosure vulnerability exists when the Windows
TCP/IP ...)
NOT-FOR-US: Microsoft Windows
CVE-2019-0687
- RESERVED
+ REJECTED
CVE-2019-0686 (An elevation of privilege vulnerability exists in Microsoft
Exchange S ...)
NOT-FOR-US: Microsoft
CVE-2019-0685 (An elevation of privilege vulnerability exists in Windows when
the Win ...)
NOT-FOR-US: Microsoft Windows
CVE-2019-0684
- RESERVED
+ REJECTED
CVE-2019-0683 (An elevation of privilege vulnerability exists in Active
Directory For ...)
NOT-FOR-US: Microsoft
CVE-2019-0682 (An elevation of privilege vulnerability exists due to an
integer overf ...)
NOT-FOR-US: Microsoft Windows Subsystem for Linux
CVE-2019-0681
- RESERVED
+ REJECTED
CVE-2019-0680 (A remote code execution vulnerability exists in the way that
the scrip ...)
NOT-FOR-US: Microsoft
CVE-2019-0679
- RESERVED
+ REJECTED
CVE-2019-0678 (An elevation of privilege vulnerability exists when Microsoft
Edge doe ...)
NOT-FOR-US: Microsoft
CVE-2019-0677
- RESERVED
+ REJECTED
CVE-2019-0676 (An information disclosure vulnerability exists when Internet
Explorer ...)
NOT-FOR-US: Microsoft
CVE-2019-0675 (A remote code execution vulnerability exists when the Microsoft
Office ...)
@@ -73234,7 +73267,7 @@ CVE-2019-0655 (A remote code execution vulnerability
exists in the way that the
CVE-2019-0654 (A spoofing vulnerability exists when Microsoft browsers
improperly han ...)
NOT-FOR-US: Microsoft
CVE-2019-0653
- RESERVED
+ REJECTED
CVE-2019-0652 (A remote code execution vulnerability exists in the way that
the scrip ...)
NOT-FOR-US: Microsoft
CVE-2019-0651 (A remote code execution vulnerability exists in the way that
the scrip ...)
@@ -73264,7 +73297,7 @@ CVE-2019-0640 (A remote code execution vulnerability
exists in the way that the
CVE-2019-0639 (A remote code execution vulnerability exists in the way that
the Chakr ...)
NOT-FOR-US: Microsoft
CVE-2019-0638
- RESERVED
+ REJECTED
CVE-2019-0637 (A security feature bypass vulnerability exists when Windows
Defender F ...)
NOT-FOR-US: Microsoft
CVE-2019-0636 (An information vulnerability exists when Windows improperly
discloses ...)
@@ -73282,7 +73315,7 @@ CVE-2019-0631 (A security feature bypass vulnerability
exists in Windows which c
CVE-2019-0630 (A remote code execution vulnerability exists in the way that
the Micro ...)
NOT-FOR-US: Microsoft
CVE-2019-0629
- RESERVED
+ REJECTED
CVE-2019-0628 (An information disclosure vulnerability exists when the win32k
compone ...)
NOT-FOR-US: Microsoft
CVE-2019-0627 (A security feature bypass vulnerability exists in Windows which
could ...)
@@ -73362,11 +73395,11 @@ CVE-2019-0591 (A remote code execution vulnerability
exists in the way that the
CVE-2019-0590 (A remote code execution vulnerability exists in the way that
the scrip ...)
NOT-FOR-US: Microsoft
CVE-2019-0589
- RESERVED
+ REJECTED
CVE-2019-0588 (An information disclosure vulnerability exists when the
Microsoft Exch ...)
NOT-FOR-US: Microsoft
CVE-2019-0587
- RESERVED
+ REJECTED
CVE-2019-0586 (A remote code execution vulnerability exists in Microsoft
Exchange sof ...)
NOT-FOR-US: Microsoft
CVE-2019-0585 (A remote code execution vulnerability exists in Microsoft Word
softwar ...)
@@ -73414,7 +73447,7 @@ CVE-2019-0565 (A remote code execution vulnerability
exists when Microsoft Edge
CVE-2019-0564 (A denial of service vulnerability exists when ASP.NET Core
improperly ...)
NOT-FOR-US: .NET core
CVE-2019-0563
- RESERVED
+ REJECTED
CVE-2019-0562 (An elevation of privilege vulnerability exists when Microsoft
SharePoi ...)
NOT-FOR-US: Microsoft
CVE-2019-0561 (An information disclosure vulnerability exists when Microsoft
Word mac ...)
@@ -73452,10 +73485,11 @@ CVE-2019-0546 (A remote code execution vulnerability
exists in Visual Studio whe
CVE-2019-0545 (An information disclosure vulnerability exists in .NET
Framework and . ...)
NOT-FOR-US: .NET core
CVE-2019-0544
- RESERVED
+ REJECTED
CVE-2019-0543 (An elevation of privilege vulnerability exists when Windows
improperly ...)
NOT-FOR-US: Microsoft
-CVE-2019-0542 (A remote code execution vulnerability exists in Xterm.js when
the comp ...)
+CVE-2019-0542
+ REJECTED
- node-xterm <unfixed> (unimportant; bug #926670)
NOTE: nodejs not covered by security support
CVE-2019-0541 (A remote code execution vulnerability exists in the way that
the MSHTM ...)
@@ -103813,8 +103847,8 @@ CVE-2018-8656
RESERVED
CVE-2018-8655
RESERVED
-CVE-2018-8654
- RESERVED
+CVE-2018-8654 (An elevation of privilege vulnerability exists in Microsoft
Dynamics 3 ...)
+ TODO: check
CVE-2018-8653 (A remote code execution vulnerability exists in the way that
the scrip ...)
NOT-FOR-US: Microsoft Internet Explorer
CVE-2018-8652 (A Cross-site Scripting (XSS) vulnerability exists when Windows
Azure P ...)
@@ -233425,45 +233459,39 @@ CVE-2015-1205 (Multiple unspecified vulnerabilities
in Google Chrome before 40.0
[squeeze] - chromium-browser <end-of-life>
NOTE: See CVE-2014-9654 for the bug in src:icu
CVE-2015-1203 [stack allocation with an attacker-controlled size --
modules/access/ftp.c]
- RESERVED
+ REJECTED
NOTE: VLC issue disputed by upstream, see bug #775866
CVE-2015-1202 [stack allocation with an attacker-controlled size --
modules/services_discovery/sap.c]
- RESERVED
+ REJECTED
NOTE: VLC issue disputed by upstream, see bug #775866
CVE-2015-1201 (Privoxy before 3.0.22 allows remote attackers to cause a denial
of ser ...)
NOT-FOR-US: Bogus entry for Privoxy picked from Secunia
-CVE-2014-9630 [Invalid memory access in rtp code]
- RESERVED
+CVE-2014-9630 (The rtp_packetize_xiph_config function in
modules/stream_out/rtpfmt.c ...)
{DSA-3150-1}
- vlc 2.2.0~rc2-2 (bug #775866)
[squeeze] - vlc <end-of-life> (Unsupported in squeeze-lts)
NOTE:
https://github.com/videolan/vlc/commit/204291467724867b79735c0ee3aeb0dbc2200f97
-CVE-2014-9629 [integer overflow with resultant buffer overflow]
- RESERVED
+CVE-2014-9629 (Integer overflow in the Encode function in
modules/codec/schroedinger. ...)
{DSA-3150-1}
- vlc 2.2.0~rc2-2 (bug #775866)
[squeeze] - vlc <end-of-life> (Unsupported in squeeze-lts)
NOTE:
https://github.com/videolan/vlc/commit/9bb0353a5c63a7f8c6fc853faa3df4b4df1f5eb5
-CVE-2014-9628 [attacker-triggered zero-size malloc with resultant buffer
overflow]
- RESERVED
+CVE-2014-9628 (The MP4_ReadBox_String function in modules/demux/mp4/libmp4.c
in Video ...)
{DSA-3150-1}
- vlc 2.2.0~rc2-2 (bug #775866)
[squeeze] - vlc <end-of-life> (Unsupported in squeeze-lts)
NOTE:
https://github.com/videolan/vlc/commit/2e7c7091a61aa5d07e7997b393d821e91f593c39
-CVE-2014-9627 [integer truncation on 32-bit platforms]
- RESERVED
+CVE-2014-9627 (The MP4_ReadBox_String function in modules/demux/mp4/libmp4.c
in Video ...)
{DSA-3150-1}
- vlc 2.2.0~rc2-2 (bug #775866)
[squeeze] - vlc <end-of-life> (Unsupported in squeeze-lts)
NOTE:
https://github.com/videolan/vlc/commit/2e7c7091a61aa5d07e7997b393d821e91f593c39
-CVE-2014-9626 [integer underflow]
- RESERVED
+CVE-2014-9626 (Integer underflow in the MP4_ReadBox_String function in
modules/demux/ ...)
{DSA-3150-1}
- vlc 2.2.0~rc2-2 (bug #775866)
[squeeze] - vlc <end-of-life> (Unsupported in squeeze-lts)
NOTE:
https://github.com/videolan/vlc/commit/2e7c7091a61aa5d07e7997b393d821e91f593c39
-CVE-2014-9625 [Buffer overflow in updater]
- RESERVED
+CVE-2014-9625 (The GetUpdateFile function in misc/update.c in the Updater in
VideoLAN ...)
- vlc <not-affected> (Update mechanism not enabled in the Debian
package)
[squeeze] - vlc <end-of-life> (Unsupported in squeeze-lts)
NOTE:
https://github.com/videolan/vlc/commit/fbe2837bc80f155c001781041a54c58b5524fc14
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/commit/815307295c5548c28fa04be8071c672e59305b96
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/commit/815307295c5548c28fa04be8071c672e59305b96
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits