[Git][security-tracker-team/security-tracker][master] automatic update

[Salvatore Bonaccorso]

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
b3c20443 by security tracker role at 2019-12-25T08:10:20Z
automatic update

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,3 +1,23 @@
+CVE-2019-19966 (In the Linux kernel before 5.1.6, there is a use-after-free in cpia2_e ...)
+	TODO: check
+CVE-2019-19965 (In the Linux kernel through 5.4.6, there is a NULL pointer dereference ...)
+	TODO: check
+CVE-2019-19964
+	RESERVED
+CVE-2019-19963 (An issue was discovered in wolfSSL before 4.3.0 in a non-default confi ...)
+	TODO: check
+CVE-2019-19962 (wolfSSL before 4.3.0 mishandles calls to wc_SignatureGenerateHash, lea ...)
+	TODO: check
+CVE-2019-19961
+	RESERVED
+CVE-2019-19960 (In wolfSSL before 4.3.0, wc_ecc_mulmod_ex does not properly resist sid ...)
+	TODO: check
+CVE-2019-19959
+	RESERVED
+CVE-2019-19958 (In libIEC61850 1.4.0, StringUtils_createStringFromBuffer in common/str ...)
+	TODO: check
+CVE-2019-19957 (In libIEC61850 1.4.0, getNumberOfElements in mms/iso_mms/server/mms_ac ...)
+	TODO: check
 CVE-2019-19956 (xmlParseBalancedChunkMemoryRecover in parser.c in libxml2 before 2.9.1 ...)
 	[experimental] - libxml2 2.9.10+dfsg-1
 	- libxml2 <unfixed>
@@ -34460,8 +34480,8 @@ CVE-2019-10760 (safer-eval before 1.3.2 are vulnerable to Arbitrary Code Executi
 	NOT-FOR-US: safer-eval Node module
 CVE-2019-10759 (safer-eval before 1.3.4 are vulnerable to Arbitrary Code Execution. A  ...)
 	NOT-FOR-US: safer-eval Node module
-CVE-2019-10758
-	RESERVED
+CVE-2019-10758 (mongo-express before 0.54.0 is vulnerable to Remote Code Execution via ...)
+	TODO: check
 CVE-2019-10757 (knex.js versions before 0.19.5 are vulnerable to SQL Injection attack. ...)
 	NOT-FOR-US: knex.js
 CVE-2019-10756 (It is possible to inject JavaScript within node-red-dashboard versions ...)
@@ -48945,8 +48965,8 @@ CVE-2019-5704
 	RESERVED
 CVE-2019-5703
 	RESERVED
-CVE-2019-5702
-	RESERVED
+CVE-2019-5702 (NVIDIA GeForce Experience, all versions prior to 3.20.2, contains a vu ...)
+	TODO: check
 CVE-2019-5701 (NVIDIA GeForce Experience, all versions prior to 3.20.1, contains a vu ...)
 	NOT-FOR-US: NVIDIA GeForce Experience
 CVE-2019-5700 (NVIDIA Shield TV Experience prior to v8.0.1, NVIDIA Tegra software con ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/b3c204432640945c6b0fb9df8adcf40b6fc8b256

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/b3c204432640945c6b0fb9df8adcf40b6fc8b256
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20191225/e09fbe13/attachment.html>