[Git][security-tracker-team/security-tracker][master] automatic update
Salvatore Bonaccorso
carnil at debian.org
Thu Nov 14 20:10:36 GMT 2019
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
e517ac16 by security tracker role at 2019-11-14T20:10:23Z
automatic update
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,9 +1,41 @@
+CVE-2019-18975
+ RESERVED
+CVE-2019-18974
+ RESERVED
+CVE-2019-18973
+ RESERVED
+CVE-2019-18972
+ RESERVED
+CVE-2019-18971
+ RESERVED
+CVE-2019-18970
+ RESERVED
+CVE-2019-18969
+ RESERVED
+CVE-2019-18968
+ RESERVED
+CVE-2019-18967
+ RESERVED
+CVE-2019-18966
+ RESERVED
+CVE-2019-18965
+ RESERVED
+CVE-2019-18964
+ RESERVED
+CVE-2019-18963
+ RESERVED
+CVE-2019-18962
+ RESERVED
+CVE-2019-18961
+ RESERVED
+CVE-2019-18960
+ RESERVED
CVE-2019-18959
RESERVED
CVE-2019-18958
RESERVED
-CVE-2019-18957
- RESERVED
+CVE-2019-18957 (Microstrategy Library in MicroStrategy before 2019 before 11.1.3 has r ...)
+ TODO: check
CVE-2019-18956
RESERVED
CVE-2019-18955
@@ -38,12 +70,12 @@ CVE-2019-18941
RESERVED
CVE-2019-18940
RESERVED
-CVE-2019-18939
- RESERVED
-CVE-2019-18938
- RESERVED
-CVE-2019-18937
- RESERVED
+CVE-2019-18939 (eQ-3 Homematic CCU2 2.47.20 and CCU3 3.47.18 with the HM-Print AddOn t ...)
+ TODO: check
+CVE-2019-18938 (eQ-3 Homematic CCU2 2.47.20 and CCU3 3.47.18 with the E-Mail AddOn thr ...)
+ TODO: check
+CVE-2019-18937 (eQ-3 Homematic CCU2 2.47.20 and CCU3 3.47.18 with the Script Parser Ad ...)
+ TODO: check
CVE-2019-18936
RESERVED
CVE-2019-18935
@@ -126,8 +158,8 @@ CVE-2019-18897
RESERVED
CVE-2019-18896
RESERVED
-CVE-2019-18895
- RESERVED
+CVE-2019-18895 (Scanguard through 2019-11-12 on Windows has Insecure Permissions for t ...)
+ TODO: check
CVE-2019-18894
RESERVED
CVE-2019-18893
@@ -159,8 +191,8 @@ CVE-2019-18886 [Prevent user enumeration using switch user functionality]
- symfony 4.3.8+dfsg-1
NOTE: https://symfony.com/blog/cve-2019-18886-prevent-user-enumeration-using-switch-user-functionality
NOTE: https://github.com/symfony/symfony/commit/7bd4a92fc9cc15d9a9fbb9eb1041e01b977f8332
-CVE-2019-18885
- RESERVED
+CVE-2019-18885 (fs/btrfs/volumes.c in the Linux kernel before 5.1 allows a btrfs_verif ...)
+ TODO: check
CVE-2019-18884 (index.php/team_members/add_team_member in RISE Ultimate Project Manage ...)
NOT-FOR-US: RISE
CVE-2019-18883 (XSS exists in Lavalite CMS 5.7 via the admin/profile name or designati ...)
@@ -2885,14 +2917,14 @@ CVE-2019-18650 (An issue was discovered in Joomla! before 3.9.13. A missing toke
CVE-2018-21030 (Jupyter Notebook before 5.5.0 does not use a CSP header to treat serve ...)
- jupyter-notebook 5.7.4-1
NOTE: https://github.com/jupyter/notebook/pull/3341
-CVE-2019-18649
- RESERVED
-CVE-2019-18648
- RESERVED
-CVE-2019-18647
- RESERVED
-CVE-2019-18646
- RESERVED
+CVE-2019-18649 (When logged in as an admin user, the Title input field (under Reports) ...)
+ TODO: check
+CVE-2019-18648 (When logged in as an admin user, the Untangle NG firewall 14.2.0 is vu ...)
+ TODO: check
+CVE-2019-18647 (The Untangle NG firewall 14.2.0 is vulnerable to an authenticated comm ...)
+ TODO: check
+CVE-2019-18646 (The Untangle NG firewall 14.2.0 is vulnerable to authenticated inline- ...)
+ TODO: check
CVE-2019-18645 (The quarantine restoration function in Total Defense Anti-virus 11.5.2 ...)
NOT-FOR-US: Total Defense Anti-virus
CVE-2019-18644 (The malware scan function in Total Defense Anti-virus 11.5.2.28 is vul ...)
@@ -10402,8 +10434,8 @@ CVE-2019-16112
RESERVED
CVE-2019-16111
RESERVED
-CVE-2019-16110
- RESERVED
+CVE-2019-16110 (The network protocol of Blade Shadow though 2.13.3 allows remote attac ...)
+ TODO: check
CVE-2019-16109 (An issue was discovered in Plataformatec Devise before 4.7.1. It confi ...)
NOT-FOR-US: Plataformatec Devise
CVE-2019-16108
@@ -11346,10 +11378,10 @@ CVE-2019-15746 (SITOS six Build v6.2.1 allows an attacker to inject arbitrary PH
NOT-FOR-US: SITOS
CVE-2019-15745 (The Eques elf smart plug and the mobile app use a hardcoded AES 256 bi ...)
NOT-FOR-US: Eques elf smart plug
-CVE-2019-15744
- RESERVED
-CVE-2019-15743
- RESERVED
+CVE-2019-15744 (The Sony Xperia Xperia XZs Android device with a build fingerprint of ...)
+ TODO: check
+CVE-2019-15743 (The Sony Xperia Touch Android device with a build fingerprint of Sony/ ...)
+ TODO: check
CVE-2019-15742
RESERVED
CVE-2019-15741 (An issue was discovered in GitLab Omnibus 7.4 through 12.2.1. An unsaf ...)
@@ -12140,294 +12172,294 @@ CVE-2019-15477 (Jooby before 1.6.4 has XSS via the default error handler. ...)
NOT-FOR-US: Jooby
CVE-2019-15476 (Former before 4.2.1 has XSS via a checkbox value. ...)
NOT-FOR-US: Former
-CVE-2019-15475
- RESERVED
-CVE-2019-15474
- RESERVED
-CVE-2019-15473
- RESERVED
-CVE-2019-15472
- RESERVED
-CVE-2019-15471
- RESERVED
-CVE-2019-15470
- RESERVED
-CVE-2019-15469
- RESERVED
-CVE-2019-15468
- RESERVED
-CVE-2019-15467
- RESERVED
-CVE-2019-15466
- RESERVED
-CVE-2019-15465
- RESERVED
-CVE-2019-15464
- RESERVED
-CVE-2019-15463
- RESERVED
-CVE-2019-15462
- RESERVED
-CVE-2019-15461
- RESERVED
-CVE-2019-15460
- RESERVED
-CVE-2019-15459
- RESERVED
-CVE-2019-15458
- RESERVED
-CVE-2019-15457
- RESERVED
-CVE-2019-15456
- RESERVED
-CVE-2019-15455
- RESERVED
-CVE-2019-15454
- RESERVED
-CVE-2019-15453
- RESERVED
-CVE-2019-15452
- RESERVED
-CVE-2019-15451
- RESERVED
-CVE-2019-15450
- RESERVED
-CVE-2019-15449
- RESERVED
-CVE-2019-15448
- RESERVED
-CVE-2019-15447
- RESERVED
-CVE-2019-15446
- RESERVED
-CVE-2019-15445
- RESERVED
-CVE-2019-15444
- RESERVED
-CVE-2019-15443
- RESERVED
-CVE-2019-15442
- RESERVED
-CVE-2019-15441
- RESERVED
-CVE-2019-15440
- RESERVED
-CVE-2019-15439
- RESERVED
-CVE-2019-15438
- RESERVED
-CVE-2019-15437
- RESERVED
-CVE-2019-15436
- RESERVED
-CVE-2019-15435
- RESERVED
-CVE-2019-15434
- RESERVED
-CVE-2019-15433
- RESERVED
-CVE-2019-15432
- RESERVED
-CVE-2019-15431
- RESERVED
-CVE-2019-15430
- RESERVED
-CVE-2019-15429
- RESERVED
-CVE-2019-15428
- RESERVED
-CVE-2019-15427
- RESERVED
-CVE-2019-15426
- RESERVED
-CVE-2019-15425
- RESERVED
-CVE-2019-15424
- RESERVED
-CVE-2019-15423
- RESERVED
-CVE-2019-15422
- RESERVED
-CVE-2019-15421
- RESERVED
-CVE-2019-15420
- RESERVED
-CVE-2019-15419
- RESERVED
-CVE-2019-15418
- RESERVED
-CVE-2019-15417
- RESERVED
-CVE-2019-15416
- RESERVED
-CVE-2019-15415
- RESERVED
-CVE-2019-15414
- RESERVED
-CVE-2019-15413
- RESERVED
-CVE-2019-15412
- RESERVED
-CVE-2019-15411
- RESERVED
-CVE-2019-15410
- RESERVED
-CVE-2019-15409
- RESERVED
-CVE-2019-15408
- RESERVED
-CVE-2019-15407
- RESERVED
-CVE-2019-15406
- RESERVED
-CVE-2019-15405
- RESERVED
-CVE-2019-15404
- RESERVED
-CVE-2019-15403
- RESERVED
-CVE-2019-15402
- RESERVED
-CVE-2019-15401
- RESERVED
-CVE-2019-15400
- RESERVED
-CVE-2019-15399
- RESERVED
-CVE-2019-15398
- RESERVED
-CVE-2019-15397
- RESERVED
-CVE-2019-15396
- RESERVED
-CVE-2019-15395
- RESERVED
-CVE-2019-15394
- RESERVED
-CVE-2019-15393
- RESERVED
-CVE-2019-15392
- RESERVED
-CVE-2019-15391
- RESERVED
-CVE-2019-15390
- RESERVED
-CVE-2019-15389
- RESERVED
-CVE-2019-15388
- RESERVED
-CVE-2019-15387
- RESERVED
-CVE-2019-15386
- RESERVED
-CVE-2019-15385
- RESERVED
-CVE-2019-15384
- RESERVED
-CVE-2019-15383
- RESERVED
-CVE-2019-15382
- RESERVED
-CVE-2019-15381
- RESERVED
-CVE-2019-15380
- RESERVED
-CVE-2019-15379
- RESERVED
-CVE-2019-15378
- RESERVED
-CVE-2019-15377
- RESERVED
-CVE-2019-15376
- RESERVED
-CVE-2019-15375
- RESERVED
-CVE-2019-15374
- RESERVED
-CVE-2019-15373
- RESERVED
-CVE-2019-15372
- RESERVED
-CVE-2019-15371
- RESERVED
-CVE-2019-15370
- RESERVED
-CVE-2019-15369
- RESERVED
-CVE-2019-15368
- RESERVED
-CVE-2019-15367
- RESERVED
-CVE-2019-15366
- RESERVED
-CVE-2019-15365
- RESERVED
-CVE-2019-15364
- RESERVED
-CVE-2019-15363
- RESERVED
-CVE-2019-15362
- RESERVED
-CVE-2019-15361
- RESERVED
-CVE-2019-15360
- RESERVED
-CVE-2019-15359
- RESERVED
-CVE-2019-15358
- RESERVED
-CVE-2019-15357
- RESERVED
-CVE-2019-15356
- RESERVED
-CVE-2019-15355
- RESERVED
-CVE-2019-15354
- RESERVED
-CVE-2019-15353
- RESERVED
-CVE-2019-15352
- RESERVED
-CVE-2019-15351
- RESERVED
-CVE-2019-15350
- RESERVED
-CVE-2019-15349
- RESERVED
-CVE-2019-15348
- RESERVED
-CVE-2019-15347
- RESERVED
-CVE-2019-15346
- RESERVED
-CVE-2019-15345
- RESERVED
-CVE-2019-15344
- RESERVED
-CVE-2019-15343
- RESERVED
-CVE-2019-15342
- RESERVED
-CVE-2019-15341
- RESERVED
-CVE-2019-15340
- RESERVED
-CVE-2019-15339
- RESERVED
-CVE-2019-15338
- RESERVED
-CVE-2019-15337
- RESERVED
-CVE-2019-15336
- RESERVED
-CVE-2019-15335
- RESERVED
-CVE-2019-15334
- RESERVED
-CVE-2019-15333
- RESERVED
-CVE-2019-15332
- RESERVED
+CVE-2019-15475 (The Xiaomi Mi A3 Android device with a build fingerprint of xiaomi/onc ...)
+ TODO: check
+CVE-2019-15474 (The Xiaomi Cepheus Android device with a build fingerprint of Xiaomi/c ...)
+ TODO: check
+CVE-2019-15473 (The Xiaomi Mi A2 Lite Android device with a build fingerprint of xiaom ...)
+ TODO: check
+CVE-2019-15472 (The Xiaomi Mi A2 Lite Android device with a build fingerprint of xiaom ...)
+ TODO: check
+CVE-2019-15471 (The Xiaomi Mi Mix 2S Android device with a build fingerprint of Xiaomi ...)
+ TODO: check
+CVE-2019-15470 (The Xiaomi Redmi Note 6 Pro Android device with a build fingerprint of ...)
+ TODO: check
+CVE-2019-15469 (The Xiaomi Mi Pad 4 Android device with a build fingerprint of Xiaomi/ ...)
+ TODO: check
+CVE-2019-15468 (The Xiaomi Mi A2 Lite Android device with a build fingerprint of xiaom ...)
+ TODO: check
+CVE-2019-15467 (The Xiaomi Mi Mix 2S Android device with a build fingerprint of Xiaomi ...)
+ TODO: check
+CVE-2019-15466 (The Xiaomi Redmi 6 Pro Android device with a build fingerprint of xiao ...)
+ TODO: check
+CVE-2019-15465 (The Samsung J7 Pro Android device with a build fingerprint of samsung/ ...)
+ TODO: check
+CVE-2019-15464 (The Samsung J7 Pro Android device with a build fingerprint of samsung/ ...)
+ TODO: check
+CVE-2019-15463 (The Samsung j7popeltemtr Android device with a build fingerprint of sa ...)
+ TODO: check
+CVE-2019-15462 (The Samsung J7 Duo Android device with a build fingerprint of samsung/ ...)
+ TODO: check
+CVE-2019-15461 (The Samsung J7 Neo Android device with a build fingerprint of samsung/ ...)
+ TODO: check
+CVE-2019-15460 (The Samsung J7 Neo Android device with a build fingerprint of samsung/ ...)
+ TODO: check
+CVE-2019-15459 (The Samsung J7 Neo Android device with a build fingerprint of samsung/ ...)
+ TODO: check
+CVE-2019-15458 (The Samsung J7 Neo Android device with a build fingerprint of samsung/ ...)
+ TODO: check
+CVE-2019-15457 (The Samsung J6 Android device with a build fingerprint of samsung/j6lt ...)
+ TODO: check
+CVE-2019-15456 (The Samsung J6 Android device with a build fingerprint of samsung/j6lt ...)
+ TODO: check
+CVE-2019-15455 (The Samsung J5 Android device with a build fingerprint of samsung/j5y1 ...)
+ TODO: check
+CVE-2019-15454 (The Samsung J4 Android device with a build fingerprint of samsung/j4lt ...)
+ TODO: check
+CVE-2019-15453 (The Samsung J4 Android device with a build fingerprint of samsung/j4lt ...)
+ TODO: check
+CVE-2019-15452 (The Samsung J3 Android device with a build fingerprint of samsung/j3y1 ...)
+ TODO: check
+CVE-2019-15451 (The Samsung J3 Android device with a build fingerprint of samsung/j3y1 ...)
+ TODO: check
+CVE-2019-15450 (The Samsung j3popeltecan Android device with a build fingerprint of sa ...)
+ TODO: check
+CVE-2019-15449 (The Samsung S7 Edge Android device with a build fingerprint of samsung ...)
+ TODO: check
+CVE-2019-15448 (The Samsung S7 Edge Android device with a build fingerprint of samsung ...)
+ TODO: check
+CVE-2019-15447 (The Samsung S7 Edge Android device with a build fingerprint of samsung ...)
+ TODO: check
+CVE-2019-15446 (The Samsung S7 Android device with a build fingerprint of samsung/hero ...)
+ TODO: check
+CVE-2019-15445 (The Samsung S7 Android device with a build fingerprint of samsung/hero ...)
+ TODO: check
+CVE-2019-15444 (The Samsung S7 Android device with a build fingerprint of samsung/hero ...)
+ TODO: check
+CVE-2019-15443 (The Samsung J7 Max Android device with a build fingerprint of samsung/ ...)
+ TODO: check
+CVE-2019-15442 (The Samsung on7xelteskt Android device with a build fingerprint of sam ...)
+ TODO: check
+CVE-2019-15441 (The Samsung on7xeltelgt Android device with a build fingerprint of sam ...)
+ TODO: check
+CVE-2019-15440 (The Samsung J5 Android device with a build fingerprint of samsung/on5x ...)
+ TODO: check
+CVE-2019-15439 (The Samsung XCover4 Android device with a build fingerprint of samsung ...)
+ TODO: check
+CVE-2019-15438 (The Samsung XCover4 Android device with a build fingerprint of samsung ...)
+ TODO: check
+CVE-2019-15437 (The Samsung XCover4 Android device with a build fingerprint of samsung ...)
+ TODO: check
+CVE-2019-15436 (The Samsung A8+ Android device with a build fingerprint of samsung/jac ...)
+ TODO: check
+CVE-2019-15435 (The Samsung A7 Android device with a build fingerprint of samsung/a7y1 ...)
+ TODO: check
+CVE-2019-15434 (The Samsung A5 Android device with a build fingerprint of samsung/a5y1 ...)
+ TODO: check
+CVE-2019-15433 (The Samsung A3 Android device with a build fingerprint of samsung/a3y1 ...)
+ TODO: check
+CVE-2019-15432 (The Evercoss U6 Android device with a build fingerprint of EVERCOSS/U6 ...)
+ TODO: check
+CVE-2019-15431 (The Evercoss U50A Android device with a build fingerprint of EVERCOSS/ ...)
+ TODO: check
+CVE-2019-15430 (The Bluboo D3 Pro Android device with a build fingerprint of BLUBOO/Bl ...)
+ TODO: check
+CVE-2019-15429 (The Panasonic ELUGA_I9 Android device with a build fingerprint of Pana ...)
+ TODO: check
+CVE-2019-15428 (The Xiaomi Mi Note 2 Android device with a build fingerprint of Xiaomi ...)
+ TODO: check
+CVE-2019-15427 (The Xiaomi Mi Mix Android device with a build fingerprint of Xiaomi/li ...)
+ TODO: check
+CVE-2019-15426 (The Xiaomi 5S Plus Android device with a build fingerprint of Xiaomi/n ...)
+ TODO: check
+CVE-2019-15425 (The Kata M4s Android device with a build fingerprint of alps/full_hct6 ...)
+ TODO: check
+CVE-2019-15424 (The Doogee BL5000 Android device with a build fingerprint of DOOGEE/BL ...)
+ TODO: check
+CVE-2019-15423 (The Bluboo Bluboo_S1 Android device with a build fingerprint of BLUBOO ...)
+ TODO: check
+CVE-2019-15422 (The Doogee Mix Android device with a build fingerprint of DOOGEE/MIX/M ...)
+ TODO: check
+CVE-2019-15421 (The Blackview BV7000_Pro Android device with a build fingerprint of Bl ...)
+ TODO: check
+CVE-2019-15420 (The Blackview BV9000Pro-F Android device with a build fingerprint of B ...)
+ TODO: check
+CVE-2019-15419 (The Asus ASUS_X015_1 Android device with a build fingerprint of asus/C ...)
+ TODO: check
+CVE-2019-15418 (The Asus ASUS_X00K_1 Android device with a build fingerprint of asus/C ...)
+ TODO: check
+CVE-2019-15417 (The Tecno Spark Pro Android device with a build fingerprint of TECNO/H ...)
+ TODO: check
+CVE-2019-15416 (The Sony keyaki_kddi Android device with a build fingerprint of Sony/k ...)
+ TODO: check
+CVE-2019-15415 (The Xiaomi Redmi 5 Android device with a build fingerprint of xiaomi/v ...)
+ TODO: check
+CVE-2019-15414 (The Asus ZenFone AR Android device with a build fingerprint of asus/WW ...)
+ TODO: check
+CVE-2019-15413 (The Asus ZenFone 3 Ultra Android device with a build fingerprint of as ...)
+ TODO: check
+CVE-2019-15412 (The Asus ZenFone 4 Selfie Android device with a build fingerprint of a ...)
+ TODO: check
+CVE-2019-15411 (The Asus ZenFone 3 Laser Android device with a build fingerprint of as ...)
+ TODO: check
+CVE-2019-15410 (The Asus ZenFone 5Q Android device with a build fingerprint of asus/WW ...)
+ TODO: check
+CVE-2019-15409 (The Asus ZenFone 5Q Android device with a build fingerprint of asus/WW ...)
+ TODO: check
+CVE-2019-15408 (The Asus ZenFone 5 Lite Android device with a build fingerprint of asu ...)
+ TODO: check
+CVE-2019-15407 (The Asus ASUS_X015_1 Android device with a build fingerprint of asus/C ...)
+ TODO: check
+CVE-2019-15406 (The Asus ASUS_X00LD_3 Android device with a build fingerprint of asus/ ...)
+ TODO: check
+CVE-2019-15405 (The Asus ASUS_X00K_1 Android device with a build fingerprint of asus/C ...)
+ TODO: check
+CVE-2019-15404 (The Asus ZenFone Max 4 Android device with a build fingerprint of asus ...)
+ TODO: check
+CVE-2019-15403 (The Asus ZenFone 3s Max Android device with a build fingerprint of asu ...)
+ TODO: check
+CVE-2019-15402 (The Asus ASUS_A002_2 Android device with a build fingerprint of asus/W ...)
+ TODO: check
+CVE-2019-15401 (The Asus ASUS_A002 Android device with a build fingerprint of asus/WW_ ...)
+ TODO: check
+CVE-2019-15400 (The Asus ZenFone 3 Ultra Android device with a build fingerprint of as ...)
+ TODO: check
+CVE-2019-15399 (The Asus ZenFone 5Q Android device with a build fingerprint of asus/WW ...)
+ TODO: check
+CVE-2019-15398 (The Asus ZenFone 4 Selfie Android device with a build fingerprint of a ...)
+ TODO: check
+CVE-2019-15397 (The Asus ZenFone Max 4 Android device with a build fingerprint of asus ...)
+ TODO: check
+CVE-2019-15396 (The Asus ZenFone 3 Android device with a build fingerprint of asus/WW_ ...)
+ TODO: check
+CVE-2019-15395 (The Asus ZenFone 3s Max Android device with a build fingerprint of asu ...)
+ TODO: check
+CVE-2019-15394 (The Asus ZenFone 5 Selfie Android device with a build fingerprint of a ...)
+ TODO: check
+CVE-2019-15393 (The Asus ZenFone Live Android device with a build fingerprint of asus/ ...)
+ TODO: check
+CVE-2019-15392 (The Asus ZenFone 4 Selfie Android device with a build fingerprint of A ...)
+ TODO: check
+CVE-2019-15391 (The Asus ZenFone 4 Selfie Android device with a build fingerprint of a ...)
+ TODO: check
+CVE-2019-15390 (The Haier G8 Android device with a build fingerprint of Haier/HM-G559- ...)
+ TODO: check
+CVE-2019-15389 (The Haier A6 Android device with a build fingerprint of Haier/A6/A6:8. ...)
+ TODO: check
+CVE-2019-15388 (The Coolpad 1851 Android device with a build fingerprint of Coolpad/an ...)
+ TODO: check
+CVE-2019-15387 (The Archos Core 101 Android device with a build fingerprint of archos/ ...)
+ TODO: check
+CVE-2019-15386 (The Lava Z60s Android device with a build fingerprint of LAVA/Z60s/Z60 ...)
+ TODO: check
+CVE-2019-15385 (The Infinix Note 5 Android device with a build fingerprint of Infinix/ ...)
+ TODO: check
+CVE-2019-15384 (The Elephone A4 Android device with a build fingerprint of Elephone/A4 ...)
+ TODO: check
+CVE-2019-15383 (The Allview X5 Android device with a build fingerprint of ALLVIEW/X5_S ...)
+ TODO: check
+CVE-2019-15382 (The Cubot Nova Android device with a build fingerprint of CUBOT/CUBOT_ ...)
+ TODO: check
+CVE-2019-15381 (The BQ 5515L Android device with a build fingerprint of BQru/BQru-5515 ...)
+ TODO: check
+CVE-2019-15380 (The Fly Photo Pro Android device with a build fingerprint of Fly/Photo ...)
+ TODO: check
+CVE-2019-15379 (The Walton Primo G3 Android device with a build fingerprint of WALTON/ ...)
+ TODO: check
+CVE-2019-15378 (The Panasonic Eluga Ray 600 Android device with a build fingerprint of ...)
+ TODO: check
+CVE-2019-15377 (The Cherry Flare S7 Android device with a build fingerprint of Cherry_ ...)
+ TODO: check
+CVE-2019-15376 (The Panasonic Eluga Ray 530 Android device with a build fingerprint of ...)
+ TODO: check
+CVE-2019-15375 (The Haier G8 Android device with a build fingerprint of Haier/HM-G559- ...)
+ TODO: check
+CVE-2019-15374 (The Lava Iris 88 Lite Android device with a build fingerprint of LAVA/ ...)
+ TODO: check
+CVE-2019-15373 (The Symphony i95 Lite Android device with a build fingerprint of LAVA/ ...)
+ TODO: check
+CVE-2019-15372 (The Hisense F17 Android device with a build fingerprint of Hisense/F17 ...)
+ TODO: check
+CVE-2019-15371 (The Symphony G100 Android device with a build fingerprint of Symphony/ ...)
+ TODO: check
+CVE-2019-15370 (The Haier G8 Android device with a build fingerprint of Haier/HM-G559- ...)
+ TODO: check
+CVE-2019-15369 (The Lava Z61 Turbo Android device with a build fingerprint of LAVA/Z61 ...)
+ TODO: check
+CVE-2019-15368 (The Coolpad 1851 Android device with a build fingerprint of Coolpad/an ...)
+ TODO: check
+CVE-2019-15367 (The Haier P10 Android device with a build fingerprint of Haier/P10/P10 ...)
+ TODO: check
+CVE-2019-15366 (The Infinix Note 5 Android device with a build fingerprint of Infinix/ ...)
+ TODO: check
+CVE-2019-15365 (The Lava Z92 Android device with a build fingerprint of LAVA/Z92/Z92:8 ...)
+ TODO: check
+CVE-2019-15364 (The Dexp BL250 Android device with a build fingerprint of DEXP/BL250/B ...)
+ TODO: check
+CVE-2019-15363 (The Leagoo Power 5 Android device with a build fingerprint of LEAGOO/P ...)
+ TODO: check
+CVE-2019-15362 (The Lava Iris 88 Go Android device with a build fingerprint of LAVA/ir ...)
+ TODO: check
+CVE-2019-15361 (The Infinix Note 5 Android device with a build fingerprint of Infinix/ ...)
+ TODO: check
+CVE-2019-15360 (The Hisense U965 Android device with a build fingerprint of Hisense/U9 ...)
+ TODO: check
+CVE-2019-15359 (The Haier A6 Android device with a build fingerprint of Haier/A6/A6:8. ...)
+ TODO: check
+CVE-2019-15358 (The Dexp Z250 Android device with a build fingerprint of DEXP/Z250/Z25 ...)
+ TODO: check
+CVE-2019-15357 (The Advan i6A Android device with a build fingerprint of ADVAN/i6A/i6A ...)
+ TODO: check
+CVE-2019-15356 (The Lava Flair Z1 Android device with a build fingerprint of LAVA/Z1/Z ...)
+ TODO: check
+CVE-2019-15355 (The Tecno Camon iClick Android device with a build fingerprint of TECN ...)
+ TODO: check
+CVE-2019-15354 (The Ulefone Armor 5 Android device with a build fingerprint of Ulefone ...)
+ TODO: check
+CVE-2019-15353 (The Coolpad N3C Android device with a build fingerprint of Coolpad/N3C ...)
+ TODO: check
+CVE-2019-15352 (The Coolpad 1851 Android device with a build fingerprint of Coolpad/an ...)
+ TODO: check
+CVE-2019-15351 (The Tecno Camon Android device with a build fingerprint of TECNO/H622/ ...)
+ TODO: check
+CVE-2019-15350 (The Tecno Camon Android device with a build fingerprint of TECNO/H622/ ...)
+ TODO: check
+CVE-2019-15349 (The Tecno Camon Android device with a build fingerprint of TECNO/H612/ ...)
+ TODO: check
+CVE-2019-15348 (The Tecno Camon Android device with a build fingerprint of TECNO/H612/ ...)
+ TODO: check
+CVE-2019-15347 (The Tecno Camon iClick 2 Android device with a build fingerprint of TE ...)
+ TODO: check
+CVE-2019-15346 (The Tecno Camon iClick 2 Android device with a build fingerprint of TE ...)
+ TODO: check
+CVE-2019-15345 (The Tecno Camon iClick Android device with a build fingerprint of TECN ...)
+ TODO: check
+CVE-2019-15344 (The Tecno Camon iClick Android device with a build fingerprint of TECN ...)
+ TODO: check
+CVE-2019-15343 (The Tecno Camon iClick Android device with a build fingerprint of TECN ...)
+ TODO: check
+CVE-2019-15342 (The Tecno Camon iAir 2 Plus Android device with a build fingerprint of ...)
+ TODO: check
+CVE-2019-15341 (The Tecno Camon iAir 2 Plus Android device with a build fingerprint of ...)
+ TODO: check
+CVE-2019-15340 (The Xiaomi Redmi 6 Pro Android device with a build fingerprint of xiao ...)
+ TODO: check
+CVE-2019-15339 (The Lava Z60s Android device with a build fingerprint of LAVA/Z60s/Z60 ...)
+ TODO: check
+CVE-2019-15338 (The Lava Iris 88 Lite Android device with a build fingerprint of LAVA/ ...)
+ TODO: check
+CVE-2019-15337 (The Lava Z81 Android device with a build fingerprint of LAVA/Z81/Z81:8 ...)
+ TODO: check
+CVE-2019-15336 (The Lava Z61 Turbo Android device with a build fingerprint of LAVA/Z61 ...)
+ TODO: check
+CVE-2019-15335 (The Lava Z92 Android device with a build fingerprint of LAVA/Z92/Z92:8 ...)
+ TODO: check
+CVE-2019-15334 (The Lava Iris 88 Go Android device with a build fingerprint of LAVA/ir ...)
+ TODO: check
+CVE-2019-15333 (The Lava Flair Z1 Android device with a build fingerprint of LAVA/Z1/Z ...)
+ TODO: check
+CVE-2019-15332 (The Lava Z61 Android device with a build fingerprint of LAVA/Z61_2GB/Z ...)
+ TODO: check
CVE-2019-15331 (The wp-support-plus-responsive-ticket-system plugin before 9.1.2 for W ...)
NOT-FOR-US: wp-support-plus-responsive-ticket-system plugin for WordPress
CVE-2019-15330 (The webp-express plugin before 0.14.11 for WordPress has insufficient ...)
@@ -14344,8 +14376,7 @@ CVE-2019-14820
CVE-2019-14819
RESERVED
NOT-FOR-US: openshift-ansible
-CVE-2019-14818
- RESERVED
+CVE-2019-14818 (A flaw was found in all dpdk version 17.x.x before 17.11.8, 16.x.x bef ...)
{DSA-4567-1}
- dpdk 18.11.4-1
NOTE: http://mails.dpdk.org/archives/announce/2019-November/000293.html
@@ -14950,8 +14981,8 @@ CVE-2019-14604
RESERVED
CVE-2019-14603
RESERVED
-CVE-2019-14602
- RESERVED
+CVE-2019-14602 (Improper permissions in the installer for the Nuvoton* CIR Driver vers ...)
+ TODO: check
CVE-2019-14601
RESERVED
CVE-2019-14600
@@ -14972,10 +15003,10 @@ CVE-2019-14593
RESERVED
CVE-2019-14592
RESERVED
-CVE-2019-14591
- RESERVED
-CVE-2019-14590
- RESERVED
+CVE-2019-14591 (Improper input validation in the API for Intel(R) Graphics Driver vers ...)
+ TODO: check
+CVE-2019-14590 (Improper access control in the API for the Intel(R) Graphics Driver ve ...)
+ TODO: check
CVE-2019-14589
RESERVED
CVE-2019-14588
@@ -15006,8 +15037,8 @@ CVE-2019-14576
RESERVED
CVE-2019-14575
RESERVED
-CVE-2019-14574
- RESERVED
+CVE-2019-14574 (Out of bounds read in a subsystem for Intel(R) Graphics Driver version ...)
+ TODO: check
CVE-2019-14573
RESERVED
CVE-2019-14572
@@ -15022,10 +15053,10 @@ CVE-2019-14568
RESERVED
CVE-2019-14567
RESERVED
-CVE-2019-14566
- RESERVED
-CVE-2019-14565
- RESERVED
+CVE-2019-14566 (Insufficient input validation in Intel(R) SGX SDK multiple Linux and W ...)
+ TODO: check
+CVE-2019-14565 (Insufficient initialization in Intel(R) SGX SDK Windows versions 2.4.1 ...)
+ TODO: check
CVE-2019-14564
RESERVED
CVE-2019-14563
@@ -25865,47 +25896,35 @@ CVE-2019-11184 (A race condition in specific microprocessors using Intel (R) DDI
NOT-FOR-US: HW Issue with processors supporting Intel Data-Direct I/O Technology (Intel DDIO) and Remote Direct Memory Access (RDMA)
CVE-2019-11183
RESERVED
-CVE-2019-11182
- RESERVED
+CVE-2019-11182 (Memory corruption in Intel(R) Baseboard Management Controller firmware ...)
NOT-FOR-US: Intel
-CVE-2019-11181
- RESERVED
+CVE-2019-11181 (Out of bound read in Intel(R) Baseboard Management Controller firmware ...)
NOT-FOR-US: Intel
-CVE-2019-11180
- RESERVED
+CVE-2019-11180 (Insufficient input validation in Intel(R) Baseboard Management Control ...)
NOT-FOR-US: Intel
-CVE-2019-11179
- RESERVED
+CVE-2019-11179 (Insufficient input validation in Intel(R) Baseboard Management Control ...)
NOT-FOR-US: Intel
-CVE-2019-11178
- RESERVED
-CVE-2019-11177
- RESERVED
+CVE-2019-11178 (Stack overflow in Intel(R) Baseboard Management Controller firmware ma ...)
+ TODO: check
+CVE-2019-11177 (Unhandled exception in Intel(R) Baseboard Management Controller firmwa ...)
NOT-FOR-US: Intel
CVE-2019-11176
RESERVED
-CVE-2019-11175
- RESERVED
+CVE-2019-11175 (Insufficient input validation in Intel(R) Baseboard Management Control ...)
NOT-FOR-US: Intel
-CVE-2019-11174
- RESERVED
+CVE-2019-11174 (Insufficient access control in Intel(R) Baseboard Management Controlle ...)
NOT-FOR-US: Intel
-CVE-2019-11173
- RESERVED
+CVE-2019-11173 (Insufficient session validation in Intel(R) Baseboard Management Contr ...)
NOT-FOR-US: Intel
-CVE-2019-11172
- RESERVED
+CVE-2019-11172 (Out of bound read in Intel(R) Baseboard Management Controller firmware ...)
NOT-FOR-US: Intel
-CVE-2019-11171
- RESERVED
+CVE-2019-11171 (Heap corruption in Intel(R) Baseboard Management Controller firmware m ...)
NOT-FOR-US: Intel
-CVE-2019-11170
- RESERVED
+CVE-2019-11170 (Authentication bypass in Intel(R) Baseboard Management Controller firm ...)
NOT-FOR-US: Intel
CVE-2019-11169
RESERVED
-CVE-2019-11168
- RESERVED
+CVE-2019-11168 (Insufficient session validation in Intel(R) Baseboard Management Contr ...)
NOT-FOR-US: Intel
CVE-2019-11167 (Improper file permission in software installer for Intel(R) Smart Conn ...)
NOT-FOR-US: Intel
@@ -25929,18 +25948,18 @@ CVE-2019-11158
RESERVED
CVE-2019-11157
RESERVED
-CVE-2019-11156
- RESERVED
-CVE-2019-11155
- RESERVED
-CVE-2019-11154
- RESERVED
-CVE-2019-11153
- RESERVED
-CVE-2019-11152
- RESERVED
-CVE-2019-11151
- RESERVED
+CVE-2019-11156 (Logic errors in Intel(R) PROSet/Wireless WiFi Software before version ...)
+ TODO: check
+CVE-2019-11155 (Improper directory permissions in Intel(R) PROSet/Wireless WiFi Softwa ...)
+ TODO: check
+CVE-2019-11154 (Improper directory permissions in Intel(R) PROSet/Wireless WiFi Softwa ...)
+ TODO: check
+CVE-2019-11153 (Memory corruption issues in Intel(R) PROSet/Wireless WiFi Software ext ...)
+ TODO: check
+CVE-2019-11152 (Memory corruption issues in Intel(R) WIFI Drivers before version 21.40 ...)
+ TODO: check
+CVE-2019-11151 (Memory corruption issues in Intel(R) WIFI Drivers before version 21.40 ...)
+ TODO: check
CVE-2019-11150
RESERVED
CVE-2019-11149
@@ -25964,19 +25983,17 @@ CVE-2019-11141
RESERVED
CVE-2019-11140 (Insufficient session validation in system firmware for Intel(R) NUC ma ...)
NOT-FOR-US: Intel
-CVE-2019-11139
- RESERVED
+CVE-2019-11139 (Improper conditions check in the voltage modulation interface for some ...)
{DSA-4565-1}
- intel-microcode 3.20191112.1
NOTE: https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00271.html
CVE-2019-11138
RESERVED
-CVE-2019-11137
- RESERVED
-CVE-2019-11136
- RESERVED
-CVE-2019-11135 [TSX Asynchronous Abort]
- RESERVED
+CVE-2019-11137 (Insufficient input validation in system firmware for Intel(R) Xeon(R) ...)
+ TODO: check
+CVE-2019-11136 (Insufficient access control in system firmware for Intel(R) Xeon(R) Sc ...)
+ TODO: check
+CVE-2019-11135 (TSX Asynchronous Abort condition on some CPUs utilizing speculative ex ...)
{DSA-4565-1 DSA-4564-1 DLA-1990-1 DLA-1989-1}
- linux 5.3.9-2
- intel-microcode 3.20191112.1
@@ -26027,12 +26044,12 @@ CVE-2019-11115
RESERVED
CVE-2019-11114 (Insufficient input validation in Intel(R) Driver & Support Assista ...)
NOT-FOR-US: Intel(R) Driver & Support Assistant
-CVE-2019-11113
- RESERVED
-CVE-2019-11112
- RESERVED
-CVE-2019-11111
- RESERVED
+CVE-2019-11113 (Buffer overflow in Kernel Mode module for Intel(R) Graphics Driver bef ...)
+ TODO: check
+CVE-2019-11112 (Memory corruption in Kernel Mode Driver in Intel(R) Graphics Driver be ...)
+ TODO: check
+CVE-2019-11111 (Pointer corruption in the Unified Shader Compiler in Intel(R) Graphics ...)
+ TODO: check
CVE-2019-11110
RESERVED
NOT-FOR-US: Intel
@@ -26098,8 +26115,8 @@ CVE-2019-11091 (Microarchitectural Data Sampling Uncacheable Memory (MDSUM): Unc
CVE-2019-11090
RESERVED
NOT-FOR-US: Intel
-CVE-2019-11089
- RESERVED
+CVE-2019-11089 (Insufficient input validation in Kernel Mode module for Intel(R) Graph ...)
+ TODO: check
CVE-2019-11088
RESERVED
NOT-FOR-US: Intel
@@ -35082,26 +35099,26 @@ CVE-2019-8250
RESERVED
CVE-2019-8249
RESERVED
-CVE-2019-8248
- RESERVED
-CVE-2019-8247
- RESERVED
-CVE-2019-8246
- RESERVED
+CVE-2019-8248 (Adobe Illustrator CC versions 23.1 and earlier have a memory corruptio ...)
+ TODO: check
+CVE-2019-8247 (Adobe Illustrator CC versions 23.1 and earlier have a memory corruptio ...)
+ TODO: check
+CVE-2019-8246 (Adobe Media Encoder versions 13.1 and earlier have an out-of-bounds wr ...)
+ TODO: check
CVE-2019-8245
RESERVED
-CVE-2019-8244
- RESERVED
-CVE-2019-8243
- RESERVED
-CVE-2019-8242
- RESERVED
-CVE-2019-8241
- RESERVED
-CVE-2019-8240
- RESERVED
-CVE-2019-8239
- RESERVED
+CVE-2019-8244 (Adobe Media Encoder versions 13.1 and earlier have an out-of-bounds re ...)
+ TODO: check
+CVE-2019-8243 (Adobe Media Encoder versions 13.1 and earlier have an out-of-bounds re ...)
+ TODO: check
+CVE-2019-8242 (Adobe Media Encoder versions 13.1 and earlier have an out-of-bounds re ...)
+ TODO: check
+CVE-2019-8241 (Adobe Media Encoder versions 13.1 and earlier have an out-of-bounds re ...)
+ TODO: check
+CVE-2019-8240 (Adobe Bridge CC versions 9.1 and earlier have a memory corruption vuln ...)
+ TODO: check
+CVE-2019-8239 (Adobe Bridge CC versions 9.1 and earlier have a memory corruption vuln ...)
+ TODO: check
CVE-2019-8238 (Adobe Acrobat and Reader versions 2019.010.20100 and earlier; 2019.010 ...)
NOT-FOR-US: Adobe
CVE-2019-8237 (Adobe Acrobat and Reader versions 2019.012.20034 and earlier; 2019.012 ...)
@@ -35654,12 +35671,12 @@ CVE-2019-7964 (Adobe Experience Manager versions 6.5, and 6.4 have an authentica
NOT-FOR-US: Adobe Experience Manager
CVE-2019-7963 (Adobe Bridge CC version 9.0.2 and earlier versions have an out of boun ...)
NOT-FOR-US: Adobe Bridge CC
-CVE-2019-7962
- RESERVED
+CVE-2019-7962 (Adobe Illustrator CC versions 23.1 and earlier have an insecure librar ...)
+ TODO: check
CVE-2019-7961 (Adobe Prelude CC versions 8.1 and earlier have an insecure library loa ...)
NOT-FOR-US: Adobe
-CVE-2019-7960
- RESERVED
+CVE-2019-7960 (Adobe Animate CC versions 19.2.1 and earlier have an insecure library ...)
+ TODO: check
CVE-2019-7959 (Creative Cloud Desktop Application versions 4.6.1 and earlier have a u ...)
NOT-FOR-US: Creative Cloud Desktop Application
CVE-2019-7958 (Creative Cloud Desktop Application versions 4.6.1 and earlier have an ...)
@@ -41630,7 +41647,7 @@ CVE-2019-5696 (NVIDIA Virtual GPU Manager, all versions, contains a vulnerabilit
NOT-FOR-US: NVIDIA Virtual GPU Manager
CVE-2019-5695 (NVIDIA GeForce Experience (prior to 3.20.1) and Windows GPU Display Dr ...)
NOT-FOR-US: NVIDIA
-CVE-2019-5694 (NVIDIA Windows GPU Display Driver, all versions, contains a vulnerabil ...)
+CVE-2019-5694 (NVIDIA Windows GPU Display Driver, R390 driver version, contains a vul ...)
NOT-FOR-US: NVIDIA Windows GPU Display Driver
CVE-2019-5693 (NVIDIA Windows GPU Display Driver, all versions, contains a vulnerabil ...)
NOT-FOR-US: NVIDIA Windows GPU Display Driver
@@ -57855,8 +57872,8 @@ CVE-2018-19271 (Centreon 3.4.x (fixed in Centreon 18.10.0 and Centreon web 2.8.2
NOT-FOR-US: Centreon web UI (not packaged in Debian)
CVE-2018-19270
REJECTED
-CVE-2019-0185
- RESERVED
+CVE-2019-0185 (Insufficient access control in protected memory subsystem for SMM for ...)
+ TODO: check
CVE-2019-0184
RESERVED
CVE-2019-0183 (Insufficient password protection in the attestation database for Open ...)
@@ -57931,45 +57948,43 @@ CVE-2019-0157 (Insufficient input validation in the Intel(R) SGX driver for Linu
NOT-FOR-US: Intel
CVE-2019-0156
RESERVED
-CVE-2019-0155
- RESERVED
+CVE-2019-0155 (Insufficient access control in a subsystem for Intel (R) processor gra ...)
{DSA-4564-1 DLA-1990-1}
- linux 5.3.9-2
[jessie] - linux <not-affected> (Driver doesn't support this hardware)
-CVE-2019-0154
- RESERVED
+CVE-2019-0154 (Insufficient access control in subsystem for Intel (R) processor graph ...)
{DSA-4564-1 DLA-1990-1 DLA-1989-1}
- linux 5.3.9-2
CVE-2019-0153 (Buffer overflow in subsystem in Intel(R) CSME 12.0.0 through 12.0.34 m ...)
NOT-FOR-US: Intel(R) CSME
-CVE-2019-0152
- RESERVED
-CVE-2019-0151
- RESERVED
-CVE-2019-0150
- RESERVED
-CVE-2019-0149
- RESERVED
-CVE-2019-0148
- RESERVED
-CVE-2019-0147
- RESERVED
-CVE-2019-0146
- RESERVED
-CVE-2019-0145
- RESERVED
-CVE-2019-0144
- RESERVED
-CVE-2019-0143
- RESERVED
-CVE-2019-0142
- RESERVED
+CVE-2019-0152 (Insufficient memory protection in System Management Mode (SMM) and Int ...)
+ TODO: check
+CVE-2019-0151 (Insufficient memory protection in Intel(R) TXT for certain Intel(R) Co ...)
+ TODO: check
+CVE-2019-0150 (Insufficient access control in firmware Intel(R) Ethernet 700 Series C ...)
+ TODO: check
+CVE-2019-0149 (Insufficient input validation in i40e driver for Intel(R) Ethernet 700 ...)
+ TODO: check
+CVE-2019-0148 (Resource leak in i40e driver for Intel(R) Ethernet 700 Series Controll ...)
+ TODO: check
+CVE-2019-0147 (Insufficient input validation in i40e driver for Intel(R) Ethernet 700 ...)
+ TODO: check
+CVE-2019-0146 (Resource leak in i40e driver for Intel(R) Ethernet 700 Series Controll ...)
+ TODO: check
+CVE-2019-0145 (Buffer overflow in i40e driver for Intel(R) Ethernet 700 Series Contro ...)
+ TODO: check
+CVE-2019-0144 (Unhandled exception in firmware for Intel(R) Ethernet 700 Series Contr ...)
+ TODO: check
+CVE-2019-0143 (Unhandled exception in Kernel-mode drivers for Intel(R) Ethernet 700 S ...)
+ TODO: check
+CVE-2019-0142 (Insufficient access control in ilp60x64.sys driver for Intel(R) Ethern ...)
+ TODO: check
CVE-2019-0141
RESERVED
-CVE-2019-0140
- RESERVED
-CVE-2019-0139
- RESERVED
+CVE-2019-0140 (Buffer overflow in firmware for Intel(R) Ethernet 700 Series Controlle ...)
+ TODO: check
+CVE-2019-0139 (Insufficient access control in firmware for Intel(R) Ethernet 700 Seri ...)
+ TODO: check
CVE-2019-0138 (Improper directory permissions in Intel(R) ACU Wizard version 12.0.0.1 ...)
NOT-FOR-US: Intel(R) ACU Wizard
CVE-2019-0137
@@ -58004,10 +58019,10 @@ CVE-2019-0126 (Insufficient access control in silicon reference firmware for Int
NOT-FOR-US: Intel
CVE-2019-0125
RESERVED
-CVE-2019-0124
- RESERVED
-CVE-2019-0123
- RESERVED
+CVE-2019-0124 (Insufficient memory protection in Intel(R) 6th Generation Core Process ...)
+ TODO: check
+CVE-2019-0123 (Insufficient memory protection in Intel(R) 6th Generation Core Process ...)
+ TODO: check
CVE-2019-0122 (Double free in Intel(R) SGX SDK for Linux before version 2.2 and Intel ...)
NOT-FOR-US: Intel
CVE-2019-0121 (Improper permissions in Intel(R) Matrix Storage Manager 8.9.0.1023 and ...)
@@ -58018,8 +58033,7 @@ CVE-2019-0119 (Buffer overflow vulnerability in system firmware for Intel(R) Xeo
NOT-FOR-US: Intel
CVE-2019-0118
RESERVED
-CVE-2019-0117
- RESERVED
+CVE-2019-0117 (Insufficient access control in protected memory subsystem for Intel(R) ...)
NOT-FOR-US: Intel SGX vulnerabilities
NOTE: Fixes included in intel-microcode/3.20191112.1
CVE-2019-0116 (An out of bound read in KMD module for Intel(R) Graphics Driver before ...)
@@ -76696,8 +76710,7 @@ CVE-2018-12209 (Insufficient access control in User Mode Driver in Intel(R) Grap
NOT-FOR-US: Intel
CVE-2018-12208 (Buffer overflow in HECI subsystem in Intel(R) CSME before versions 11. ...)
NOT-FOR-US: Intel
-CVE-2018-12207 [iTLB Multihit]
- RESERVED
+CVE-2018-12207 (Improper invalidation for page table updates by a virtual guest operat ...)
{DSA-4564-1 DLA-1990-1}
- linux 5.3.9-2
[jessie] - linux <ignored> (Untrusted guests are no longer supportable)
@@ -252879,8 +252892,7 @@ CVE-2013-4111 (The Python client library for Glance (python-glanceclient) before
- python-glanceclient 1:0.9.0-2 (bug #718282)
CVE-2013-4110 (Cryptocat has an Unspecified Chat Participant User List Disclosure ...)
NOT-FOR-US: Cryptocat
-CVE-2013-4109
- RESERVED
+CVE-2013-4109 (An unspecified cross-site scripting (XSS) vulnerability exists in Cryp ...)
NOT-FOR-US: Cryptocat
CVE-2013-4108
RESERVED
@@ -255250,14 +255262,14 @@ CVE-2013-3075 (Multiple buffer overflows in ActUWzd.dll 1.0.0.1 in Mitsubishi MX
NOT-FOR-US: Mitsubishi MX Component 3
CVE-2013-3074
RESERVED
-CVE-2013-3073
- RESERVED
-CVE-2013-3072
- RESERVED
+CVE-2013-3073 (A Symlink Traversal vulnerability exists in NETGEAR Centria WNDR4700 F ...)
+ TODO: check
+CVE-2013-3072 (An Authentication Bypass vulnerability exists in NETGEAR Centria WNDR4 ...)
+ TODO: check
CVE-2013-3071
RESERVED
-CVE-2013-3070
- RESERVED
+CVE-2013-3070 (An Information Disclosure vulnerability exists in Netgear WNDR4700 run ...)
+ TODO: check
CVE-2013-3069 (Multiple cross-site scripting (XSS) vulnerabilities in NETGEAR WNDR470 ...)
NOT-FOR-US: NETGEAR devices
CVE-2013-3068 (Cross-site request forgery (CSRF) vulnerability in apply.cgi in Linksy ...)
@@ -278028,14 +278040,11 @@ CVE-2012-1172 (The file-upload implementation in rfc1867.c in PHP before 5.4.0 d
CVE-2012-1171 (The libxml RSHUTDOWN function in PHP 5.x allows remote attackers to by ...)
- php5 <removed> (unimportant)
NOTE: according to php's security statement, safemode bypass issues are not treated as security-relevant
-CVE-2012-1170
- RESERVED
+CVE-2012-1170 (Moodle before 2.2.2 has an external enrolment plugin context check iss ...)
- moodle <not-affected> (Only affects 2.2)
-CVE-2012-1169
- RESERVED
+CVE-2012-1169 (Moodle before 2.2.2 has Personal information disclosure, when administ ...)
- moodle <not-affected> (Only affects 2.0 to 2.2)
-CVE-2012-1168
- RESERVED
+CVE-2012-1168 (Moodle before 2.2.2 has a password and web services issue where when t ...)
- moodle <not-affected> (Only affects 2.0 to 2.2)
CVE-2012-1167 (The JBoss Server in JBoss Enterprise Application Platform 5.1.x before ...)
- jbossas4 <not-affected> (Only builds a few libraries, not the full application server)
@@ -278058,26 +278067,19 @@ CVE-2012-1163 (Integer overflow in the _zip_readcdir function in zip_open.c in l
CVE-2012-1162 (Heap-based buffer overflow in the _zip_readcdir function in zip_open.c ...)
- libzip 0.10.1-1 (bug #664990)
[squeeze] - libzip <not-affected> (Only affects 0.10.x)
-CVE-2012-1161
- RESERVED
+CVE-2012-1161 (Moodle before 2.2.2: Course information leak via hidden courses being ...)
- moodle <not-affected> (Only affects 2.1 to 2.2)
-CVE-2012-1160
- RESERVED
+CVE-2012-1160 (Moodle before 2.2.2 has a permission issue in Forum Subscriptions wher ...)
- moodle <not-affected> (Only affects 2.1 to 2.2)
-CVE-2012-1159
- RESERVED
+CVE-2012-1159 (Moodle before 2.2.2: Overview report allows users to see hidden course ...)
- moodle <not-affected> (Only affects 2.1 to 2.2)
-CVE-2012-1158
- RESERVED
+CVE-2012-1158 (Moodle before 2.2.2 has a course information leak in gradebook where u ...)
- moodle <not-affected> (Only affects 2.1 to 2.2)
-CVE-2012-1157
- RESERVED
+CVE-2012-1157 (Moodle before 2.2.2 has a default repository capabilities issue where ...)
- moodle <not-affected> (Only affects 2.0 to 2.2)
-CVE-2012-1156
- RESERVED
+CVE-2012-1156 (Moodle before 2.2.2 has users' private files included in course backup ...)
- moodle <not-affected> (Only affects 2.0 to 2.2)
-CVE-2012-1155
- RESERVED
+CVE-2012-1155 (Moodle has a database activity export permission issue where the expor ...)
- moodle 1.9.9.dfsg2-6 (low; bug #668411)
[squeeze] - moodle 1.9.9.dfsg2-2.1+squeeze4
CVE-2012-1154 (mod_cluster 1.0.10 before 1.0.10 CP03 and 1.1.x before 1.1.4, as used ...)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/e517ac16b6a112a0c3f197ab503e24dd56c14c37
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/e517ac16b6a112a0c3f197ab503e24dd56c14c37
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20191114/082a12d2/attachment-0001.html>
More information about the debian-security-tracker-commits
mailing list