[Git][security-tracker-team/security-tracker][master] NFUs
Moritz Muehlenhoff
jmm at debian.org
Wed Feb 13 13:35:23 GMT 2019
Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker
Commits:
72548168 by Moritz Muehlenhoff at 2019-02-13T13:34:52Z
NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1610,7 +1610,7 @@ CVE-2019-7552
CVE-2019-7551
RESERVED
CVE-2019-7550 (In JForum 2.1.8, an unauthenticated, remote attacker can enumerate ...)
- TODO: check
+ NOT-FOR-US: JForum
CVE-2019-7549
RESERVED
CVE-2019-7548 (SQLAlchemy 1.2.17 has SQL Injection when the group_by parameter can be ...)
@@ -4040,15 +4040,15 @@ CVE-2019-6543
CVE-2019-6542
RESERVED
CVE-2019-6541 (A memory corruption vulnerability has been identified in WECON ...)
- TODO: check
+ NOT-FOR-US: WECON
CVE-2019-6540
RESERVED
CVE-2019-6539 (Several heap-based buffer overflow vulnerabilities in WECON ...)
- TODO: check
+ NOT-FOR-US: WECON
CVE-2019-6538
RESERVED
CVE-2019-6537 (Multiple stack-based buffer overflow vulnerabilities in WECON ...)
- TODO: check
+ NOT-FOR-US: WECON
CVE-2019-6536
RESERVED
CVE-2019-6535 (Mitsubishi Electric Q03/04/06/13/26UDVCPU: serial number 20081 and ...)
@@ -16725,7 +16725,7 @@ CVE-2019-1690
CVE-2019-1689
RESERVED
CVE-2019-1688 (A vulnerability in the management web interface of Cisco Network ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2019-1687
RESERVED
CVE-2019-1686
@@ -22357,11 +22357,11 @@ CVE-2018-19022
CVE-2018-19021 (A specially crafted script could bypass the authentication of a ...)
NOT-FOR-US: Emerson DeltaV DCS
CVE-2018-19020 (When CX-Supervisor (Versions 3.42 and prior) processes project files ...)
- TODO: check
+ NOT-FOR-US: CX-Supervisor
CVE-2018-19019 (A type confusion vulnerability exists when processing project files in ...)
NOT-FOR-US: CX-Supervisor
CVE-2018-19018 (An access of uninitialized pointer vulnerability in CX-Supervisor ...)
- TODO: check
+ NOT-FOR-US: CX-Supervisor
CVE-2018-19017 (Several use after free vulnerabilities have been identified in ...)
NOT-FOR-US: CX-Supervisor
CVE-2018-19016
@@ -35669,7 +35669,7 @@ CVE-2018-13895
CVE-2018-13894
RESERVED
CVE-2018-13893 (In all android releases(Android for MSM, Firefox OS for MSM, QRD ...)
- TODO: check
+ NOT-FOR-US: CodeAurora components for Android
CVE-2018-13892
RESERVED
CVE-2018-13891
@@ -35677,9 +35677,9 @@ CVE-2018-13891
CVE-2018-13890
RESERVED
CVE-2018-13889 (In all android releases(Android for MSM, Firefox OS for MSM, QRD ...)
- TODO: check
+ NOT-FOR-US: CodeAurora components for Android
CVE-2018-13888 (There is potential for memory corruption in the RIL daemon due to de ...)
- TODO: check
+ NOT-FOR-US: Qualcomm components for Android
CVE-2018-13887
RESERVED
CVE-2018-13886
@@ -40576,15 +40576,15 @@ CVE-2018-12016 (libephymain.so in GNOME Web (aka Epiphany) through 3.28.2.1 allo
- epiphany-browser 3.28.3.1-1 (unimportant; bug #901018)
NOTE: webkit not covered by security support
CVE-2018-12014 (In all android releases(Android for MSM, Firefox OS for MSM, QRD ...)
- TODO: check
+ NOT-FOR-US: CodeAurora components for Android
CVE-2018-12013
RESERVED
CVE-2018-12012
RESERVED
CVE-2018-12011 (In all android releases(Android for MSM, Firefox OS for MSM, QRD ...)
- TODO: check
+ NOT-FOR-US: CodeAurora components for Android
CVE-2018-12010 (In all android releases(Android for MSM, Firefox OS for MSM, QRD ...)
- TODO: check
+ NOT-FOR-US: CodeAurora components for Android
CVE-2018-12009
RESERVED
CVE-2018-12008
@@ -40592,7 +40592,7 @@ CVE-2018-12008
CVE-2018-12007
RESERVED
CVE-2018-12006 (In all android releases(Android for MSM, Firefox OS for MSM, QRD ...)
- TODO: check
+ NOT-FOR-US: CodeAurora components for Android
CVE-2018-12005
RESERVED
CVE-2018-12004
@@ -40683,7 +40683,7 @@ CVE-2018-11964 (In all android releases(Android for MSM, Firefox OS for MSM, QRD
CVE-2018-11963 (In all android releases(Android for MSM, Firefox OS for MSM, QRD ...)
NOT-FOR-US: CodeAurora components for Android
CVE-2018-11962 (In all android releases(Android for MSM, Firefox OS for MSM, QRD ...)
- TODO: check
+ NOT-FOR-US: CodeAurora components for Android
CVE-2018-11961 (In all android releases(Android for MSM, Firefox OS for MSM, QRD ...)
NOT-FOR-US: CodeAurora components for Android
CVE-2018-11960 (In all android releases(Android for MSM, Firefox OS for MSM, QRD ...)
@@ -40816,7 +40816,7 @@ CVE-2018-11901
CVE-2018-11900
RESERVED
CVE-2018-11899 (While processing radio connection status change events, Radio index is ...)
- TODO: check
+ NOT-FOR-US: Qualcomm components for Android
CVE-2018-11898 (In all android releases (Android for MSM, Firefox OS for MSM, QRD ...)
NOT-FOR-US: Qualcomm components for Android
CVE-2018-11897 (In all android releases (Android for MSM, Firefox OS for MSM, QRD ...)
@@ -40838,7 +40838,7 @@ CVE-2018-11890
CVE-2018-11889 (In all android releases (Android for MSM, Firefox OS for MSM, QRD ...)
NOT-FOR-US: Qualcomm components for Android
CVE-2018-11888 (Unauthorized access may be allowed by the SCP11 Crypto Services TA ...)
- TODO: check
+ NOT-FOR-US: Qualcomm components for Android
CVE-2018-11887
RESERVED
CVE-2018-11886 (In all android releases (Android for MSM, Firefox OS for MSM, QRD ...)
@@ -40921,7 +40921,7 @@ CVE-2018-11849 (Lack of check on out of range of bssid parameter When processing
CVE-2018-11848
RESERVED
CVE-2018-11847 (Malicious TA can tag QSEE kernel memory and map to EL0, there by ...)
- TODO: check
+ NOT-FOR-US: Qualcomm components for Android
CVE-2018-11846 (The use of a non-time-constant memory comparison operation can lead to ...)
NOT-FOR-US: Qualcomm components for Android
CVE-2018-11845
@@ -47068,31 +47068,31 @@ CVE-2018-9596
CVE-2018-9595
RESERVED
CVE-2018-9594 (In llcp_link_proc_agf_pdu of llcp_link.cc in Android-7.0, ...)
- TODO: check
+ NOT-FOR-US: Android
CVE-2018-9593 (In llcp_dlc_proc_i_pdu of llcp_dlc.cc in Android-7.0, Android-7.1.1, ...)
- TODO: check
+ NOT-FOR-US: Android
CVE-2018-9592 (In mca_ccb_hdl_rsp of mca_cact.cc in Android-7.0, Android-7.1.1, ...)
- TODO: check
+ NOT-FOR-US: Android
CVE-2018-9591 (In bta_hh_ctrl_dat_act of bta_hh_act.cc in Android-7.0, Android-7.1.1, ...)
- TODO: check
+ NOT-FOR-US: Android
CVE-2018-9590 (In add_attr of sdp_discovery.c in Android-7.0, Android-7.1.1, ...)
- TODO: check
+ NOT-FOR-US: Android
CVE-2018-9589 (In ieee802_11_rx_wnmsleep_req of wnm_ap.c in Android-7.0, ...)
- TODO: check
+ NOT-FOR-US: Android
CVE-2018-9588 (In avdt_scb_hdl_report of avdt_scb_act.cc in Android-7.0, ...)
- TODO: check
+ NOT-FOR-US: Android
CVE-2018-9587 (In savePhotoFromUriToUri of ContactPhotoUtils.java in Android-7.0, ...)
- TODO: check
+ NOT-FOR-US: Android
CVE-2018-9586 (In run of InstallPackageTask.java in Android-7.0, Android-7.1.1, ...)
- TODO: check
+ NOT-FOR-US: Android
CVE-2018-9585 (In nfc_ncif_proc_get_routing of nfc_ncif.cc in Android-7.0, ...)
- TODO: check
+ NOT-FOR-US: Android
CVE-2018-9584 (In nfc_ncif_set_config_status of nfc_ncif.cc in Android-7.0, ...)
- TODO: check
+ NOT-FOR-US: Android
CVE-2018-9583 (In bta_ag_parse_cmer of bta_ag_cmd.cc in Android-7.0, Android-7.1.1, ...)
- TODO: check
+ NOT-FOR-US: Android
CVE-2018-9582 (In package installer in Android-8.0, Android-8.1 and Android-9, there ...)
- TODO: check
+ NOT-FOR-US: Android
CVE-2018-9581
RESERVED
CVE-2018-9580 (A Elevation of privilege vulnerability in the HTC bootloader. Product: ...)
@@ -59155,7 +59155,7 @@ CVE-2018-5501 (In some circumstances, on F5 BIG-IP systems running 13.0.0, 12.1.
CVE-2018-5500 (On F5 BIG-IP systems running 13.0.0, 12.1.0 - 12.1.3.1, or 11.6.1 - ...)
NOT-FOR-US: F5 BIG-IP
CVE-2018-5499 (ATTO FibreBridge 7500N firmware version 2.95 is susceptible to a ...)
- TODO: check
+ NOT-FOR-US: ATTO FibreBridge 7500N firmware
CVE-2018-5498 (Clustered Data ONTAP versions 9.0 through 9.4 are susceptible to a ...)
NOT-FOR-US: Clustered Data ONTAP
CVE-2018-5497 (Clustered Data ONTAP versions prior to 9.1P16, 9.3P10 and 9.4P5 are ...)
@@ -63096,7 +63096,7 @@ CVE-2018-3977 (An exploitable code execution vulnerability exists in the XCF ima
NOTE: https://talosintelligence.com/vulnerability_reports/TALOS-2018-0645
NOTE: https://hg.libsdl.org/SDL_image/rev/170d7d32e4a8
CVE-2018-3976 (An exploitable out-of-bounds write exists in the CALS Raster file ...)
- TODO: check
+ NOT-FOR-US: Canvas Draw
CVE-2018-3975 (An exploitable uninitialized variable vulnerability exists in the ...)
NOT-FOR-US: Atlantis Word Processor
CVE-2018-3974
@@ -123408,7 +123408,7 @@ CVE-2017-0940
CVE-2017-0939
RESERVED
CVE-2017-0938 (Denial of Service attack in airMAX < 8.3.2 , airMAX < 6.0.7 and ...)
- TODO: check
+ NOT-FOR-US: airMAX
CVE-2017-0937
RESERVED
CVE-2017-0936 (Nextcloud Server before 11.0.7 and 12.0.5 suffers from an ...)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/72548168d6dedaf97c0c3e51eac07b6a362fcee4
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/72548168d6dedaf97c0c3e51eac07b6a362fcee4
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20190213/41194829/attachment.html>
More information about the debian-security-tracker-commits
mailing list