[Git][security-tracker-team/security-tracker][master] Process NFUs
Salvatore Bonaccorso
carnil at debian.org
Tue Jul 16 09:45:47 BST 2019
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
c6fdb00c by Salvatore Bonaccorso at 2019-07-16T08:45:23Z
Process NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -10633,7 +10633,7 @@ CVE-2019-1010301 (jhead 3.03 is affected by: Buffer Overflow. The impact is: Den
- jhead <unfixed> (bug #932145)
NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1679952
CVE-2019-1010300 (mz-automation libiec61850 1.3.2 1.3.1 1.3.0 is affected by: Buffer Ove ...)
- TODO: check
+ NOT-FOR-US: libIEC61850
CVE-2019-1010299 (The Rust Programming Language Standard Library 1.18.0 and later is aff ...)
TODO: check
CVE-2019-1010298 (Linaro/OP-TEE OP-TEE 3.3.0 and earlier is affected by: Buffer Overflow ...)
@@ -11155,7 +11155,7 @@ CVE-2019-1010041
CVE-2019-1010040
RESERVED
CVE-2019-1010039 (uLaunchELF < commit 170827a is affected by: Buffer Overflow. The im ...)
- TODO: check
+ NOT-FOR-US: uLaunchELF
CVE-2019-1010038 (OpenModelica OMCompiler is affected by: Buffer Overflow. The impact is ...)
TODO: check
CVE-2019-1010037
@@ -19110,15 +19110,15 @@ CVE-2019-6829
CVE-2019-6828
RESERVED
CVE-2019-6827 (A CWE-787: Out-of-bounds Write vulnerability exists in Interactive Gra ...)
- TODO: check
+ NOT-FOR-US: Interactive Graphical SCADA System (IGSS)
CVE-2019-6826
RESERVED
CVE-2019-6825 (A CWE-427: Uncontrolled Search Path Element vulnerability exists in Pr ...)
- TODO: check
+ NOT-FOR-US: ProClima
CVE-2019-6824 (A CWE-119: Buffer Errors vulnerability exists in ProClima (all version ...)
- TODO: check
+ NOT-FOR-US: ProClima
CVE-2019-6823 (A CWE-94: Code Injection vulnerability exists in ProClima (all version ...)
- TODO: check
+ NOT-FOR-US: ProClima
CVE-2019-6822 (A Use After Free: CWE-416 vulnerability exists in Zelio Soft 2, V5.2 a ...)
TODO: check
CVE-2019-6821 (CWE-330: Use of Insufficiently Random Values vulnerability, which coul ...)
@@ -35070,7 +35070,7 @@ CVE-2019-1099
CVE-2019-1098
RESERVED
CVE-2019-1097 (An information disclosure vulnerability exists when DirectWrite improp ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2019-1096 (An information disclosure vulnerability exists when the win32k compone ...)
NOT-FOR-US: Microsoft
CVE-2019-1095 (An information disclosure vulnerability exists when the Windows GDI co ...)
@@ -35096,7 +35096,7 @@ CVE-2019-1086 (An elevation of privilege exists in Windows Audio Service, aka 'W
CVE-2019-1085 (An elevation of privilege vulnerability exists in the way that the wla ...)
NOT-FOR-US: Microsoft
CVE-2019-1084 (An information disclosure vulnerability exists when Exchange allows cr ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2019-1083 (A denial of service vulnerability exists when Microsoft Common Object ...)
NOT-FOR-US: Microsoft
CVE-2019-1082 (An elevation of privilege vulnerability exists in Microsoft Windows wh ...)
@@ -35106,13 +35106,13 @@ CVE-2019-1081 (An information disclosure vulnerability exists when affected Micr
CVE-2019-1080 (A remote code execution vulnerability exists in the way the scripting ...)
NOT-FOR-US: Microsoft
CVE-2019-1079 (An information disclosure vulnerability exists when Visual Studio impr ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2019-1078
RESERVED
CVE-2019-1077 (An elevation of privilege vulnerability exists when the Visual Studio ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2019-1076 (A Cross-site Scripting (XSS) vulnerability exists when Team Foundation ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2019-1075 (A spoofing vulnerability exists in ASP.NET Core that could lead to an ...)
TODO: check
CVE-2019-1074 (An elevation of privilege vulnerability exists in Microsoft Windows wh ...)
@@ -35122,15 +35122,15 @@ CVE-2019-1073 (An information disclosure vulnerability exists when the Windows k
CVE-2019-1072 (A remote code execution vulnerability exists when Azure DevOps Server ...)
TODO: check
CVE-2019-1071 (An information disclosure vulnerability exists when the Windows kernel ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2019-1070
RESERVED
CVE-2019-1069 (An elevation of privilege vulnerability exists in the way the Task Sch ...)
NOT-FOR-US: Microsoft
CVE-2019-1068 (A remote code execution vulnerability exists in Microsoft SQL Server w ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2019-1067 (An elevation of privilege vulnerability exists when the Windows kernel ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2019-1066
RESERVED
CVE-2019-1065 (An elevation of privilege vulnerability exists when the Windows kernel ...)
@@ -35138,21 +35138,21 @@ CVE-2019-1065 (An elevation of privilege vulnerability exists when the Windows k
CVE-2019-1064 (An elevation of privilege vulnerability exists when Windows AppX Deplo ...)
NOT-FOR-US: Microsoft
CVE-2019-1063 (A remote code execution vulnerability exists when Internet Explorer im ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2019-1062 (A remote code execution vulnerability exists in the way that the Chakr ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2019-1061
RESERVED
CVE-2019-1060
RESERVED
CVE-2019-1059 (A remote code execution vulnerability exists in the way that the scrip ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2019-1058
RESERVED
CVE-2019-1057
RESERVED
CVE-2019-1056 (A remote code execution vulnerability exists in the way that the scrip ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2019-1055 (A remote code execution vulnerability exists in the way the scripting ...)
NOT-FOR-US: Microsoft
CVE-2019-1054 (A security feature bypass vulnerability exists in Edge that allows for ...)
@@ -35190,7 +35190,7 @@ CVE-2019-1039 (An information disclosure vulnerability exists when the Windows k
CVE-2019-1038 (A remote code execution vulnerability exists in the way that Microsoft ...)
NOT-FOR-US: Microsoft
CVE-2019-1037 (An elevation of privilege vulnerability exists in the way Windows Erro ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2019-1036 (A cross-site-scripting (XSS) vulnerability exists when Microsoft Share ...)
NOT-FOR-US: Microsoft
CVE-2019-1035 (A remote code execution vulnerability exists in Microsoft Word softwar ...)
@@ -35252,21 +35252,21 @@ CVE-2019-1008 (A security feature bypass vulnerability exists in Dynamics On Pre
CVE-2019-1007 (An elevation of privilege exists in Windows Audio Service, aka 'Window ...)
NOT-FOR-US: Microsoft
CVE-2019-1006 (An authentication bypass vulnerability exists in Windows Communication ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2019-1005 (A remote code execution vulnerability exists in the way the scripting ...)
NOT-FOR-US: Microsoft
CVE-2019-1004 (A remote code execution vulnerability exists in the way that the scrip ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2019-1003 (A remote code execution vulnerability exists in the way that the Chakr ...)
NOT-FOR-US: Microsoft
CVE-2019-1002 (A remote code execution vulnerability exists in the way that the Chakr ...)
NOT-FOR-US: Microsoft
CVE-2019-1001 (A remote code execution vulnerability exists in the way the scripting ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2019-1000 (An elevation of privilege vulnerability exists in Microsoft Azure Acti ...)
NOT-FOR-US: Microsoft
CVE-2019-0999 (An elevation of privilege vulnerability exists when DirectX improperly ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2019-0998 (An elevation of privilege vulnerability exists when the Storage Servic ...)
NOT-FOR-US: Microsoft
CVE-2019-0997
@@ -35317,7 +35317,7 @@ CVE-2019-0976 (A tampering vulnerability exists in the NuGet Package Manager for
NOTE: https://github.com/NuGet/Home/issues/7908
NOTE: https://github.com/NuGet/NuGet.Client/commit/e32a2ea7096debd3e513188f6779bb1041593326 (5.0.2.5988)
CVE-2019-0975 (A security feature bypass vulnerability exists when Active Directory F ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2019-0974 (A remote code execution vulnerability exists when the Windows Jet Data ...)
NOT-FOR-US: Microsoft
CVE-2019-0973 (An elevation of privilege vulnerability exists in the Windows Installe ...)
@@ -35335,7 +35335,7 @@ CVE-2019-0968 (An information disclosure vulnerability exists when the Windows G
CVE-2019-0967
RESERVED
CVE-2019-0966 (A denial of service vulnerability exists when Microsoft Hyper-V on a h ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2019-0965
RESERVED
CVE-2019-0964
@@ -35493,7 +35493,7 @@ CVE-2019-0889 (A remote code execution vulnerability exists when the Windows Jet
CVE-2019-0888 (A remote code execution vulnerability exists in the way that ActiveX D ...)
NOT-FOR-US: Microsoft
CVE-2019-0887 (A remote code execution vulnerability exists in Remote Desktop Service ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2019-0886 (An information disclosure vulnerability exists when Windows Hyper-V on ...)
NOT-FOR-US: Microsoft
CVE-2019-0885 (A remote code execution vulnerability exists when Microsoft Windows OL ...)
@@ -35507,7 +35507,7 @@ CVE-2019-0882 (An information disclosure vulnerability exists when the Windows G
CVE-2019-0881 (An elevation of privilege vulnerability exists when the Windows Kernel ...)
NOT-FOR-US: Microsoft
CVE-2019-0880 (A local elevation of privilege vulnerability exists in how splwow64.ex ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2019-0879 (A remote code execution vulnerability exists when the Windows Jet Data ...)
NOT-FOR-US: Microsoft
CVE-2019-0878
@@ -35649,7 +35649,7 @@ CVE-2019-0813 (An elevation of privilege vulnerability exists when Windows Admin
CVE-2019-0812 (A remote code execution vulnerability exists in the way that the Chakr ...)
NOT-FOR-US: Microsoft
CVE-2019-0811 (A denial of service vulnerability exists in Windows DNS Server when it ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2019-0810 (A remote code execution vulnerability exists in the way that the Chakr ...)
NOT-FOR-US: Microsoft
CVE-2019-0809 (A remote code execution vulnerability exists when the Visual Studio C+ ...)
@@ -35702,7 +35702,7 @@ CVE-2019-0787
CVE-2019-0786 (An elevation of privilege vulnerability exists in the Microsoft Server ...)
NOT-FOR-US: Microsoft
CVE-2019-0785 (A memory corruption vulnerability exists in the Windows Server DHCP se ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2019-0784 (A remote code execution vulnerability exists in the way that the Activ ...)
NOT-FOR-US: Microsoft
CVE-2019-0783 (A remote code execution vulnerability exists in the way that the scrip ...)
@@ -68288,7 +68288,7 @@ CVE-2018-7840 (A Uncontrolled Search Path Element (CWE-427) vulnerability exists
CVE-2018-7839 (A Cryptographic Issue (CWE-310) vulnerability exists in IIoT Monitor 3 ...)
NOT-FOR-US: Schneider
CVE-2018-7838 (A CWE-119 Buffer Errors vulnerability exists in Modicon M580 CPU - BME ...)
- TODO: check
+ NOT-FOR-US: Modicon
CVE-2018-7837 (An Improper Restriction of XML External Entity Reference ('XXE') vulne ...)
NOT-FOR-US: IIoT Monitor (Schneider Electric)
CVE-2018-7836 (An unrestricted Upload of File with Dangerous Type vulnerability exist ...)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/c6fdb00ca0f697a76dba98a31fce50df8c95b330
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/c6fdb00ca0f697a76dba98a31fce50df8c95b330
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20190716/f462f6fa/attachment-0001.html>
More information about the debian-security-tracker-commits
mailing list