[Git][security-tracker-team/security-tracker][master] automatic update
Salvatore Bonaccorso
carnil at debian.org
Fri Sep 27 21:10:33 BST 2019
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
0062cd0b by security tracker role at 2019-09-27T20:10:21Z
automatic update
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,3 +1,17 @@
+CVE-2019-16926
+ RESERVED
+CVE-2019-16925
+ RESERVED
+CVE-2019-16924 (The Nulock application 1.5.0 for mobile devices sends a cleartext pass ...)
+ TODO: check
+CVE-2019-16923 (kkcms 1.3 has jx.php?url= XSS. ...)
+ TODO: check
+CVE-2019-16922 (SuiteCRM 7.10.x before 7.10.20 and 7.11.x before 7.11.8 allows uninten ...)
+ TODO: check
+CVE-2019-16921 (In the Linux kernel before 4.17, hns_roce_alloc_ucontext in drivers/in ...)
+ TODO: check
+CVE-2019-16920 (Unauthenticated remote code execution occurs in D-Link products such a ...)
+ TODO: check
CVE-2019-XXXX [heap overflow in string_vformat()]
- exim4 <unfixed>
[stretch] - exim4 <not-affected> (Vulnerable code introduced later)
@@ -37,7 +51,7 @@ CVE-2019-16906
RESERVED
CVE-2019-16905
RESERVED
-CVE-2019-16904 (TeamPass 2.1.27.36 allows XSS by setting a crafted password for an ite ...)
+CVE-2019-16904 (TeamPass 2.1.27.36 allows Stored XSS by setting a crafted password for ...)
- teampass <itp> (bug #730180)
CVE-2019-16903 (Platinum UPnP SDK 1.2.0 allows Directory Traversal in Core/PltHttpServ ...)
NOT-FOR-US: Platinum UPnP SDK
@@ -55,8 +69,8 @@ CVE-2015-9451
RESERVED
CVE-2015-9450
RESERVED
-CVE-2019-16902
- RESERVED
+CVE-2019-16902 (In the ARforms plugin 3.7.1 for WordPress, arf_delete_file in arformco ...)
+ TODO: check
CVE-2019-16901 (Advantech WebAccess/HMI Designer 2.1.9.31 has Exception Handler Chain ...)
NOT-FOR-US: Advantech
CVE-2019-16900 (Advantech WebAccess/HMI Designer 2.1.9.31 has a User Mode Write AV sta ...)
@@ -603,8 +617,8 @@ CVE-2019-16687
RESERVED
CVE-2019-16686
RESERVED
-CVE-2019-16685
- RESERVED
+CVE-2019-16685 (Dolibarr 9.0.5 has stored XSS vulnerability via a User Group Descripti ...)
+ TODO: check
CVE-2019-16684
RESERVED
CVE-2019-16683
@@ -11200,8 +11214,8 @@ CVE-2019-13377 (The implementations of SAE and EAP-pwd in hostapd and wpa_suppli
NOTE: Added in v2.5: https://w1.fi/cgit/hostap/plain/wpa_supplicant/ChangeLog:
NOTE: "added support for Brainpool Elliptic Curves with SAE"
NOTE: Patches: https://w1.fi/security/2019-6/
-CVE-2019-13376
- RESERVED
+CVE-2019-13376 (phpBB version 3.2.7 allows the stealing of an Administration Control P ...)
+ TODO: check
CVE-2019-13375 (A SQL Injection was discovered in D-Link Central WiFi Manager CWM(100) ...)
NOT-FOR-US: D-Link
CVE-2019-13374 (A cross-site scripting (XSS) vulnerability in resource view in PayActi ...)
@@ -13382,7 +13396,7 @@ CVE-2019-12564 (In DouCo DouPHP v1.5 Release 20190516, remote attackers can view
NOT-FOR-US: DouCo DouPHP
CVE-2019-12563
RESERVED
-CVE-2019-12562 (Cross-site scripting (XSS) is possible in DNN (formerly DotNetNuke) be ...)
+CVE-2019-12562 (Stored Cross-Site Scripting in DotNetNuke (DNN) Version before 9.4.0 a ...)
NOT-FOR-US: DNN
CVE-2019-12561
RESERVED
@@ -15444,22 +15458,19 @@ CVE-2019-11757
RESERVED
CVE-2019-11756
RESERVED
-CVE-2019-11755
- RESERVED
-CVE-2019-11754 [Pointer Lock is enabled with no user notification]
- RESERVED
+CVE-2019-11755 (A crafted S/MIME message consisting of an inner encryption layer and a ...)
+ TODO: check
+CVE-2019-11754 (When the pointer lock is enabled by a website though requestPointerLoc ...)
- firefox 69.0.1-1
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2019-31/#CVE-2019-11754
-CVE-2019-11753
- RESERVED
+CVE-2019-11753 (The Firefox installer allows Firefox to be installed to a custom user ...)
- firefox <not-affected> (Windows-specific)
- firefox-esr <not-affected> (Windows-specific)
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2019-25/#CVE-2019-11753
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2019-26/#CVE-2019-11753
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2019-27/#CVE-2019-11753
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2019-29/#CVE-2019-11753
-CVE-2019-11752
- RESERVED
+CVE-2019-11752 (It is possible to delete an IndexedDB key value and subsequently try t ...)
{DSA-4523-1 DSA-4516-1 DLA-1926-1 DLA-1910-1}
- firefox 69.0-1
- firefox-esr 68.1.0esr-1
@@ -15468,14 +15479,12 @@ CVE-2019-11752
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2019-26/#CVE-2019-11752
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2019-27/#CVE-2019-11752
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2019-29/#CVE-2019-11742
-CVE-2019-11751
- RESERVED
+CVE-2019-11751 (Logging-related command line parameters are not properly sanitized whe ...)
- firefox <not-affected> (Windows-specific)
- firefox-esr <not-affected> (Windows-specific)
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2019-25/#CVE-2019-11751
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2019-26/#CVE-2019-11751
-CVE-2019-11750
- RESERVED
+CVE-2019-11750 (A type confusion vulnerability exists in Spidermonkey, which results i ...)
- firefox 69.0-1
- firefox-esr 68.1.0esr-1
[buster] - firefox-esr <not-affected> (Doesn't affect ESR60)
@@ -15483,8 +15492,7 @@ CVE-2019-11750
[jessie] - firefox-esr <not-affected> (Doesn't affect ESR60)
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2019-25/#CVE-2019-11750
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2019-26/#CVE-2019-11750
-CVE-2019-11749
- RESERVED
+CVE-2019-11749 (A vulnerability exists in WebRTC where malicious web content can use p ...)
- firefox 69.0-1
- firefox-esr 68.1.0esr-1
[buster] - firefox-esr <not-affected> (Doesn't affect ESR60)
@@ -15492,8 +15500,7 @@ CVE-2019-11749
[jessie] - firefox-esr <not-affected> (Doesn't affect ESR60)
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2019-25/#CVE-2019-11749
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2019-26/#CVE-2019-11749
-CVE-2019-11748
- RESERVED
+CVE-2019-11748 (WebRTC in Firefox will honor persisted permissions given to sites for ...)
- firefox 69.0-1
- firefox-esr 68.1.0esr-1
[buster] - firefox-esr <not-affected> (Doesn't affect ESR60)
@@ -15501,8 +15508,7 @@ CVE-2019-11748
[jessie] - firefox-esr <not-affected> (Doesn't affect ESR60)
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2019-25/#CVE-2019-11748
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2019-26/#CVE-2019-11748
-CVE-2019-11747
- RESERVED
+CVE-2019-11747 (The "Forget about this site" feature in the History pane is intended t ...)
- firefox 69.0-1
- firefox-esr 68.1.0esr-1
[buster] - firefox-esr <not-affected> (Doesn't affect ESR60)
@@ -15510,8 +15516,7 @@ CVE-2019-11747
[jessie] - firefox-esr <not-affected> (Doesn't affect ESR60)
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2019-25/#CVE-2019-11747
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2019-26/#CVE-2019-11747
-CVE-2019-11746
- RESERVED
+CVE-2019-11746 (A use-after-free vulnerability can occur while manipulating video elem ...)
{DSA-4523-1 DSA-4516-1 DLA-1926-1 DLA-1910-1}
- firefox 69.0-1
- firefox-esr 68.1.0esr-1
@@ -15522,8 +15527,7 @@ CVE-2019-11746
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2019-29/#CVE-2019-11746
CVE-2019-11745
RESERVED
-CVE-2019-11744
- RESERVED
+CVE-2019-11744 (Some HTML elements, such as <title> and <textarea ...)
{DSA-4523-1 DSA-4516-1 DLA-1926-1 DLA-1910-1}
- firefox 69.0-1
- firefox-esr 68.1.0esr-1
@@ -15532,8 +15536,7 @@ CVE-2019-11744
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2019-26/#CVE-2019-11744
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2019-27/#CVE-2019-11744
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2019-29/#CVE-2019-11744
-CVE-2019-11743
- RESERVED
+CVE-2019-11743 (Navigation events were not fully adhering to the W3C's "Navigation-Tim ...)
{DSA-4523-1 DSA-4516-1 DLA-1926-1 DLA-1910-1}
- firefox 69.0-1
- firefox-esr 68.1.0esr-1
@@ -15541,8 +15544,7 @@ CVE-2019-11743
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2019-25/#CVE-2019-11743
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2019-26/#CVE-2019-11743
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2019-27/#CVE-2019-11743
-CVE-2019-11742
- RESERVED
+CVE-2019-11742 (A same-origin policy violation occurs allowing the theft of cross-orig ...)
{DSA-4523-1 DSA-4516-1 DLA-1926-1 DLA-1910-1}
- firefox 69.0-1
- firefox-esr 68.1.0esr-1
@@ -15551,12 +15553,10 @@ CVE-2019-11742
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2019-26/#CVE-2019-11742
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2019-27/#CVE-2019-11742
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2019-29/#CVE-2019-11742
-CVE-2019-11741
- RESERVED
+CVE-2019-11741 (A compromised sandboxed content process can perform a Universal Cross- ...)
- firefox 69.0-1
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2019-25/#CVE-2019-11741
-CVE-2019-11740
- RESERVED
+CVE-2019-11740 (Mozilla developers and community members reported memory safety bugs p ...)
{DSA-4523-1 DSA-4516-1 DLA-1926-1 DLA-1910-1}
- firefox 69.0-1
- firefox-esr 68.1.0esr-1
@@ -15565,13 +15565,11 @@ CVE-2019-11740
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2019-26/#CVE-2019-11740
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2019-27/#CVE-2019-11740
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2019-29/#CVE-2019-11740
-CVE-2019-11739
- RESERVED
+CVE-2019-11739 (Encrypted S/MIME parts in a crafted multipart/alternative message can ...)
{DSA-4523-1 DLA-1926-1}
- thunderbird 1:60.9.0-1
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2019-29/#CVE-2019-11739
-CVE-2019-11738
- RESERVED
+CVE-2019-11738 (If a Content Security Policy (CSP) directive is defined that uses a ha ...)
- firefox 69.0-1
- firefox-esr 68.1.0esr-1
[buster] - firefox-esr <not-affected> (Doesn't affect ESR60)
@@ -15579,18 +15577,15 @@ CVE-2019-11738
[jessie] - firefox-esr <not-affected> (Doesn't affect ESR60)
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2019-25/#CVE-2019-11738
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2019-26/#CVE-2019-11738
-CVE-2019-11737
- RESERVED
+CVE-2019-11737 (If a wildcard ('*') is specified for the host in Content Security Poli ...)
- firefox 69.0-1
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2019-25/#CVE-2019-11737
-CVE-2019-11736
- RESERVED
+CVE-2019-11736 (The Mozilla Maintenance Service does not guard against files being har ...)
- firefox <not-affected> (Windows-specific)
- firefox-esr <not-affected> (Windows-specific)
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2019-25/#CVE-2019-11736
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2019-26/#CVE-2019-11736
-CVE-2019-11735
- RESERVED
+CVE-2019-11735 (Mozilla developers and community members reported memory safety bugs p ...)
- firefox 69.0-1
- firefox-esr 68.1.0esr-1
[buster] - firefox-esr <not-affected> (Doesn't affect ESR60)
@@ -15598,12 +15593,10 @@ CVE-2019-11735
[jessie] - firefox-esr <not-affected> (Doesn't affect ESR60)
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2019-25/#CVE-2019-11735
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2019-26/#CVE-2019-11735
-CVE-2019-11734
- RESERVED
+CVE-2019-11734 (Mozilla developers and community members reported memory safety bugs p ...)
- firefox 69.0-1
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2019-25/#CVE-2019-11734
-CVE-2019-11733
- RESERVED
+CVE-2019-11733 (When a master password is set, it is required to be entered again befo ...)
- firefox 68.0.2-1
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2019-24/#CVE-2019-11733
CVE-2019-11732
@@ -15664,7 +15657,7 @@ CVE-2019-11723 (A vulnerability exists during the installation of add-ons where
- firefox 68.0-1
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2019-21/#CVE-2019-11723
CVE-2019-11722
- RESERVED
+ REJECTED
CVE-2019-11721 (The unicode latin 'kra' character can be used to spoof a standard 'k' ...)
- firefox 68.0-1
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2019-21/#CVE-2019-11721
@@ -21588,8 +21581,8 @@ CVE-2019-9854 (LibreOffice has a feature where documents can specify that pre-in
{DSA-4519-1}
- libreoffice 1:6.3.1~rc2-1
NOTE: https://www.libreoffice.org/about-us/security/advisories/cve-2019-9854/
-CVE-2019-9853 [nsufficient URL decoding flaw in categorizing macro location]
- RESERVED
+CVE-2019-9853 (LibreOffice documents can contain macros. The execution of those macro ...)
+ {DSA-4501-1}
- libreoffice 1:6.3.0-1
NOTE: https://www.libreoffice.org/about-us/security/advisories/cve-2019-9853
CVE-2019-9852 (LibreOffice has a feature where documents can specify that pre-install ...)
@@ -22924,16 +22917,16 @@ CVE-2019-9465
RESERVED
CVE-2019-9464
RESERVED
-CVE-2019-9463
- RESERVED
-CVE-2019-9462
- RESERVED
+CVE-2019-9463 (In Platform, there is a possible bypass of user interaction requiremen ...)
+ TODO: check
+CVE-2019-9462 (In Bluetooth, there is a possible out of bounds read due to an incorre ...)
+ TODO: check
CVE-2019-9461 (In the Android kernel in VPN routing there is a possible information d ...)
NOT-FOR-US: Android
-CVE-2019-9460
- RESERVED
-CVE-2019-9459
- RESERVED
+CVE-2019-9460 (In mediaserver, there is a possible out of bounds write due to a missi ...)
+ TODO: check
+CVE-2019-9459 (In libttspico, there is a possible OOB write due to a heap buffer over ...)
+ TODO: check
CVE-2019-9458 (In the Android kernel in the video driver there is a use after free du ...)
- linux 4.18.20-1
[stretch] - linux 4.9.135-1
@@ -22986,334 +22979,334 @@ CVE-2019-9442 (In the Android kernel in the mnh driver there is possible memory
NOT-FOR-US: Android kernel
CVE-2019-9441 (In the Android kernel in the mnh driver there is a possible out of bou ...)
NOT-FOR-US: Android kernel
-CVE-2019-9440
- RESERVED
+CVE-2019-9440 (In AOSP Email, there is a possible information disclosure due to a con ...)
+ TODO: check
CVE-2019-9439
RESERVED
-CVE-2019-9438
- RESERVED
+CVE-2019-9438 (In the Package Manager service, there is a possible information disclo ...)
+ TODO: check
CVE-2019-9437
RESERVED
CVE-2019-9436 (In the Android kernel in the bootloader there is a possible secure boo ...)
NOT-FOR-US: LG components for Android
-CVE-2019-9435
- RESERVED
-CVE-2019-9434
- RESERVED
-CVE-2019-9433
- RESERVED
-CVE-2019-9432
- RESERVED
-CVE-2019-9431
- RESERVED
-CVE-2019-9430
- RESERVED
-CVE-2019-9429
- RESERVED
-CVE-2019-9428
- RESERVED
-CVE-2019-9427
- RESERVED
+CVE-2019-9435 (In Bluetooth, there is a possible out of bounds read due to a missing ...)
+ TODO: check
+CVE-2019-9434 (In Bluetooth, there is a possible out of bounds read due to a missing ...)
+ TODO: check
+CVE-2019-9433 (In libvpx, there is a possible information disclosure due to improper ...)
+ TODO: check
+CVE-2019-9432 (In Bluetooth, there is a possible out of bounds read due to improper i ...)
+ TODO: check
+CVE-2019-9431 (In Bluetooth, there is a possible out of bounds read due to a use afte ...)
+ TODO: check
+CVE-2019-9430 (In Bluetooth, there is a possible null pointer dereference due to a mi ...)
+ TODO: check
+CVE-2019-9429 (In profman, there is a possible out of bounds write due to memory corr ...)
+ TODO: check
+CVE-2019-9428 (In the Framework, it is possible to set up BROWSEABLE intents to take ...)
+ TODO: check
+CVE-2019-9427 (In Bluetooth, there is a possible information disclosure due to a use ...)
+ TODO: check
CVE-2019-9426 (In the Android kernel in Bluetooth there is a possible out of bounds w ...)
NOT-FOR-US: Broadcom components for Android
-CVE-2019-9425
- RESERVED
-CVE-2019-9424
- RESERVED
-CVE-2019-9423
- RESERVED
-CVE-2019-9422
- RESERVED
-CVE-2019-9421
- RESERVED
-CVE-2019-9420
- RESERVED
-CVE-2019-9419
- RESERVED
-CVE-2019-9418
- RESERVED
-CVE-2019-9417
- RESERVED
-CVE-2019-9416
- RESERVED
-CVE-2019-9415
- RESERVED
-CVE-2019-9414
- RESERVED
-CVE-2019-9413
- RESERVED
-CVE-2019-9412
- RESERVED
-CVE-2019-9411
- RESERVED
-CVE-2019-9410
- RESERVED
-CVE-2019-9409
- RESERVED
-CVE-2019-9408
- RESERVED
-CVE-2019-9407
- RESERVED
-CVE-2019-9406
- RESERVED
-CVE-2019-9405
- RESERVED
-CVE-2019-9404
- RESERVED
-CVE-2019-9403
- RESERVED
-CVE-2019-9402
- RESERVED
-CVE-2019-9401
- RESERVED
-CVE-2019-9400
- RESERVED
-CVE-2019-9399
- RESERVED
-CVE-2019-9398
- RESERVED
-CVE-2019-9397
- RESERVED
-CVE-2019-9396
- RESERVED
-CVE-2019-9395
- RESERVED
-CVE-2019-9394
- RESERVED
-CVE-2019-9393
- RESERVED
+CVE-2019-9425 (In Bluetooth, there is a possible out of bounds read due to a missing ...)
+ TODO: check
+CVE-2019-9424 (In the Screen Lock, there is a possible information disclosure due to ...)
+ TODO: check
+CVE-2019-9423 (In opencv calls that use libpng, there is a possible out of bounds wri ...)
+ TODO: check
+CVE-2019-9422 (In Bluetooth, there is a possible out of bounds read due to a missing ...)
+ TODO: check
+CVE-2019-9421 (In libandroidfw, there is a possible OOB read due to an integer overfl ...)
+ TODO: check
+CVE-2019-9420 (In libhevc, there is a possible out of bounds read due to an integer o ...)
+ TODO: check
+CVE-2019-9419 (In Bluetooth, there is a possible out of bounds read due to a missing ...)
+ TODO: check
+CVE-2019-9418 (In libstagefright, there is a possible resource exhaustion due to a mi ...)
+ TODO: check
+CVE-2019-9417 (In Bluetooth, there is a possible out of bounds read due to a missing ...)
+ TODO: check
+CVE-2019-9416 (In libstagefright there is a possible information disclosure due to un ...)
+ TODO: check
+CVE-2019-9415 (In libstagefright there is a possible information disclosure due to un ...)
+ TODO: check
+CVE-2019-9414 (In wpa_supplicant, there is a possible man in the middle vulnerability ...)
+ TODO: check
+CVE-2019-9413 (In Bluetooth, there is a possible out of bounds read due to a missing ...)
+ TODO: check
+CVE-2019-9412 (In libSBRdec there is a possible out of bounds read due to incorrect b ...)
+ TODO: check
+CVE-2019-9411 (In libavc there is a possible information disclosure due to uninitiali ...)
+ TODO: check
+CVE-2019-9410 (In libavc there is a possible information disclosure due to uninitiali ...)
+ TODO: check
+CVE-2019-9409 (In libhevc there is a possible information disclosure due to uninitial ...)
+ TODO: check
+CVE-2019-9408 (In libavc there is a possible information disclosure due to uninitiali ...)
+ TODO: check
+CVE-2019-9407 (In notification management of the service manager, there is a possible ...)
+ TODO: check
+CVE-2019-9406 (In libhevc there is a possible information disclosure due to uninitial ...)
+ TODO: check
+CVE-2019-9405 (In libAACdec, there is a possible out of bounds write due to an intege ...)
+ TODO: check
+CVE-2019-9404 (In Bluetooth, there is possible controlled termination due to a missin ...)
+ TODO: check
+CVE-2019-9403 (In cn-cbor, there is a possible out of bounds read due to improper cas ...)
+ TODO: check
+CVE-2019-9402 (In Bluetooth, there is possible controlled termination due to a missin ...)
+ TODO: check
+CVE-2019-9401 (In Bluetooth, there is possible controlled termination due to a missin ...)
+ TODO: check
+CVE-2019-9400 (In Bluetooth, there is a possible null pointer dereference due to a mi ...)
+ TODO: check
+CVE-2019-9399 (The Print Service is susceptible to man in the middle attacks due to i ...)
+ TODO: check
+CVE-2019-9398 (In Bluetooth, there is possible controlled termination due to a missin ...)
+ TODO: check
+CVE-2019-9397 (In Bluetooth, there is possible controlled termination due to a missin ...)
+ TODO: check
+CVE-2019-9396 (In Bluetooth, there is possible controlled termination due to a missin ...)
+ TODO: check
+CVE-2019-9395 (In Bluetooth, there is possible controlled termination due to a missin ...)
+ TODO: check
+CVE-2019-9394 (In Bluetooth, there is possible controlled termination due to a missin ...)
+ TODO: check
+CVE-2019-9393 (In Bluetooth, there is possible controlled termination due to a missin ...)
+ TODO: check
CVE-2019-9392
RESERVED
-CVE-2019-9391
- RESERVED
-CVE-2019-9390
- RESERVED
-CVE-2019-9389
- RESERVED
-CVE-2019-9388
- RESERVED
-CVE-2019-9387
- RESERVED
-CVE-2019-9386
- RESERVED
-CVE-2019-9385
- RESERVED
-CVE-2019-9384
- RESERVED
-CVE-2019-9383
- RESERVED
-CVE-2019-9382
- RESERVED
-CVE-2019-9381
- RESERVED
-CVE-2019-9380
- RESERVED
-CVE-2019-9379
- RESERVED
-CVE-2019-9378
- RESERVED
-CVE-2019-9377
- RESERVED
-CVE-2019-9376
- RESERVED
-CVE-2019-9375
- RESERVED
-CVE-2019-9374
- RESERVED
-CVE-2019-9373
- RESERVED
-CVE-2019-9372
- RESERVED
-CVE-2019-9371
- RESERVED
-CVE-2019-9370
- RESERVED
-CVE-2019-9369
- RESERVED
-CVE-2019-9368
- RESERVED
-CVE-2019-9367
- RESERVED
-CVE-2019-9366
- RESERVED
-CVE-2019-9365
- RESERVED
-CVE-2019-9364
- RESERVED
-CVE-2019-9363
- RESERVED
-CVE-2019-9362
- RESERVED
-CVE-2019-9361
- RESERVED
-CVE-2019-9360
- RESERVED
-CVE-2019-9359
- RESERVED
-CVE-2019-9358
- RESERVED
-CVE-2019-9357
- RESERVED
-CVE-2019-9356
- RESERVED
-CVE-2019-9355
- RESERVED
-CVE-2019-9354
- RESERVED
-CVE-2019-9353
- RESERVED
-CVE-2019-9352
- RESERVED
-CVE-2019-9351
- RESERVED
-CVE-2019-9350
- RESERVED
-CVE-2019-9349
- RESERVED
-CVE-2019-9348
- RESERVED
-CVE-2019-9347
- RESERVED
-CVE-2019-9346
- RESERVED
+CVE-2019-9391 (In libxaac, there is a possible out of bounds read due to uninitialize ...)
+ TODO: check
+CVE-2019-9390 (In Bluetooth, there is a possible out of bounds read due to a missing ...)
+ TODO: check
+CVE-2019-9389 (In Bluetooth, there is a possible out of bounds read due to a missing ...)
+ TODO: check
+CVE-2019-9388 (In Bluetooth, there is a possible out of bounds read due to a missing ...)
+ TODO: check
+CVE-2019-9387 (In Bluetooth, there is a possible out of bounds read due to a missing ...)
+ TODO: check
+CVE-2019-9386 (In NFC server, there is a possible out of bounds write due to a missin ...)
+ TODO: check
+CVE-2019-9385 (In libxaac, there is a possible out of bounds read due to a missing bo ...)
+ TODO: check
+CVE-2019-9384 (In LockPatternUtils, there is a possible escalation of privilege due t ...)
+ TODO: check
+CVE-2019-9383 (In NFC server, there is a possible out of bounds read due to a missing ...)
+ TODO: check
+CVE-2019-9382 (In libeffects, there is a possible out of bounds write due to a missin ...)
+ TODO: check
+CVE-2019-9381 (In netd, there is a possible out of bounds read due to a use after fre ...)
+ TODO: check
+CVE-2019-9380 (In the settings UI, there is a possible spoofing vulnerability due to ...)
+ TODO: check
+CVE-2019-9379 (In libstagefright, there is a possible resource exhaustion due to a mi ...)
+ TODO: check
+CVE-2019-9378 (In the Activity Manager service, there is a possible permission bypass ...)
+ TODO: check
+CVE-2019-9377 (In FingerprintService, there is a possible bypass for operating system ...)
+ TODO: check
+CVE-2019-9376 (In the Accounts package, there is a possible crash due to improper inp ...)
+ TODO: check
+CVE-2019-9375 (In hostapd, there is a possible out of bounds write due to a race cond ...)
+ TODO: check
+CVE-2019-9374 (In CompanionDeviceManager, there is a possible bypass of user interact ...)
+ TODO: check
+CVE-2019-9373 (In JobStore, there is a mismatched serialization/deserialization for t ...)
+ TODO: check
+CVE-2019-9372 (In libskia, there is a possible crash due to a missing null check. Thi ...)
+ TODO: check
+CVE-2019-9371 (In libvpx, there is a possible resource exhaustion due to improper inp ...)
+ TODO: check
+CVE-2019-9370 (In sonivox, there is a possible out of bounds read due to an incorrect ...)
+ TODO: check
+CVE-2019-9369 (In Bluetooth, there is a use of uninitialized variable. This could lea ...)
+ TODO: check
+CVE-2019-9368 (In Bluetooth, there is a possible out of bounds read due to a missing ...)
+ TODO: check
+CVE-2019-9367 (In Bluetooth, there is a possible out of bounds read due to a missing ...)
+ TODO: check
+CVE-2019-9366 (In libSBRdec there is a possible out of bounds read due to a missing b ...)
+ TODO: check
+CVE-2019-9365 (In Bluetooth, there is a possible deserialization error due to missing ...)
+ TODO: check
+CVE-2019-9364 (In AudioService, there is a possible trigger of background user audio ...)
+ TODO: check
+CVE-2019-9363 (In Bluetooth, there is a possible out of bounds write due to a missing ...)
+ TODO: check
+CVE-2019-9362 (In libSACdec, there is a possible out of bounds read due to a missing ...)
+ TODO: check
+CVE-2019-9361 (In libavc there is a possible information disclosure due to uninitiali ...)
+ TODO: check
+CVE-2019-9360 (In the TEE, there's a possible out of bounds read due to a missing bou ...)
+ TODO: check
+CVE-2019-9359 (In libavc there is a possible information disclosure due to uninitiali ...)
+ TODO: check
+CVE-2019-9358 (In NFC, there is a possible out of bounds write due to a missing bound ...)
+ TODO: check
+CVE-2019-9357 (In libAACdec, there is a possible out of bounds write due to an intege ...)
+ TODO: check
+CVE-2019-9356 (In NFC server, there is a possible out of bounds read due to a missing ...)
+ TODO: check
+CVE-2019-9355 (In Bluetooth, there is a possible out of bounds read due to a missing ...)
+ TODO: check
+CVE-2019-9354 (In NFC server, there's a possible out of bounds read due to a missing ...)
+ TODO: check
+CVE-2019-9353 (In Bluetooth, there is a possible out of bounds read due to a missing ...)
+ TODO: check
+CVE-2019-9352 (In libstagefright, there is a possible resource exhaustion due to a mi ...)
+ TODO: check
+CVE-2019-9351 (In SyncStatusObserver, there is a possible bypass for operating system ...)
+ TODO: check
+CVE-2019-9350 (In Keymaster, there is a possible EoP due to a use after free. This co ...)
+ TODO: check
+CVE-2019-9349 (In libstagefright, there is a possible resource exhaustion due to impr ...)
+ TODO: check
+CVE-2019-9348 (In libstagefright, there is a possible resource exhaustion due to impr ...)
+ TODO: check
+CVE-2019-9347 (In the m4v_h263 codec, there is a possible out of bounds read due to a ...)
+ TODO: check
+CVE-2019-9346 (In libstagefright, there is a possible out of bounds write due to a he ...)
+ TODO: check
CVE-2019-9345 (In the Android kernel in sdcardfs there is a possible violation of the ...)
NOT-FOR-US: Android kernel
-CVE-2019-9344
- RESERVED
-CVE-2019-9343
- RESERVED
-CVE-2019-9342
- RESERVED
-CVE-2019-9341
- RESERVED
+CVE-2019-9344 (In NFC server, there is a possible out of bounds read due to a missing ...)
+ TODO: check
+CVE-2019-9343 (In Bluetooth, there is a possible out of bounds read due to a missing ...)
+ TODO: check
+CVE-2019-9342 (In Bluetooth, there is a possible out of bounds read due to a missing ...)
+ TODO: check
+CVE-2019-9341 (In Bluetooth, there is a possible out of bounds read due to a missing ...)
+ TODO: check
CVE-2019-9340
RESERVED
CVE-2019-9339
RESERVED
-CVE-2019-9338
- RESERVED
-CVE-2019-9337
- RESERVED
-CVE-2019-9336
- RESERVED
-CVE-2019-9335
- RESERVED
-CVE-2019-9334
- RESERVED
-CVE-2019-9333
- RESERVED
-CVE-2019-9332
- RESERVED
-CVE-2019-9331
- RESERVED
-CVE-2019-9330
- RESERVED
-CVE-2019-9329
- RESERVED
-CVE-2019-9328
- RESERVED
-CVE-2019-9327
- RESERVED
-CVE-2019-9326
- RESERVED
-CVE-2019-9325
- RESERVED
+CVE-2019-9338 (In libavc there is a possible information disclosure due to uninitiali ...)
+ TODO: check
+CVE-2019-9337 (In libavc there is a possible information disclosure due to uninitiali ...)
+ TODO: check
+CVE-2019-9336 (In libavc there is a possible information disclosure due to uninitiali ...)
+ TODO: check
+CVE-2019-9335 (In libavc there is a possible information disclosure due to uninitiali ...)
+ TODO: check
+CVE-2019-9334 (In libhevc there is a possible information disclosure due to uninitial ...)
+ TODO: check
+CVE-2019-9333 (In Bluetooth, there is a possible out of bounds read due to a missing ...)
+ TODO: check
+CVE-2019-9332 (In Bluetooth, there is a possible out of bounds read due to a missing ...)
+ TODO: check
+CVE-2019-9331 (In Bluetooth, there is a possible out of bounds read due to a missing ...)
+ TODO: check
+CVE-2019-9330 (In Bluetooth, there is a possible out of bounds read due to a missing ...)
+ TODO: check
+CVE-2019-9329 (In Bluetooth, there is a possible out of bounds read due to uninitiali ...)
+ TODO: check
+CVE-2019-9328 (In Bluetooth, there is a possible out of bounds read due to a missing ...)
+ TODO: check
+CVE-2019-9327 (In Bluetooth, there is a possible out of bounds read due to a missing ...)
+ TODO: check
+CVE-2019-9326 (In Bluetooth, there is a possible out of bounds read due to a missing ...)
+ TODO: check
+CVE-2019-9325 (In libvpx, there is a possible out of bounds read due to a missing bou ...)
+ TODO: check
CVE-2019-9324
RESERVED
-CVE-2019-9323
- RESERVED
-CVE-2019-9322
- RESERVED
-CVE-2019-9321
- RESERVED
-CVE-2019-9320
- RESERVED
-CVE-2019-9319
- RESERVED
-CVE-2019-9318
- RESERVED
-CVE-2019-9317
- RESERVED
-CVE-2019-9316
- RESERVED
-CVE-2019-9315
- RESERVED
-CVE-2019-9314
- RESERVED
-CVE-2019-9313
- RESERVED
-CVE-2019-9312
- RESERVED
-CVE-2019-9311
- RESERVED
-CVE-2019-9310
- RESERVED
-CVE-2019-9309
- RESERVED
-CVE-2019-9308
- RESERVED
-CVE-2019-9307
- RESERVED
-CVE-2019-9306
- RESERVED
-CVE-2019-9305
- RESERVED
-CVE-2019-9304
- RESERVED
-CVE-2019-9303
- RESERVED
-CVE-2019-9302
- RESERVED
-CVE-2019-9301
- RESERVED
-CVE-2019-9300
- RESERVED
-CVE-2019-9299
- RESERVED
-CVE-2019-9298
- RESERVED
-CVE-2019-9297
- RESERVED
-CVE-2019-9296
- RESERVED
-CVE-2019-9295
- RESERVED
-CVE-2019-9294
- RESERVED
-CVE-2019-9293
- RESERVED
-CVE-2019-9292
- RESERVED
-CVE-2019-9291
- RESERVED
-CVE-2019-9290
- RESERVED
-CVE-2019-9289
- RESERVED
-CVE-2019-9288
- RESERVED
-CVE-2019-9287
- RESERVED
-CVE-2019-9286
- RESERVED
-CVE-2019-9285
- RESERVED
-CVE-2019-9284
- RESERVED
-CVE-2019-9283
- RESERVED
-CVE-2019-9282
- RESERVED
-CVE-2019-9281
- RESERVED
-CVE-2019-9280
- RESERVED
-CVE-2019-9279
- RESERVED
-CVE-2019-9278
- RESERVED
-CVE-2019-9277
- RESERVED
+CVE-2019-9323 (In the Wallpaper Manager service, there is a possible information disc ...)
+ TODO: check
+CVE-2019-9322 (In libavc there is a possible information disclosure due to uninitiali ...)
+ TODO: check
+CVE-2019-9321 (In libavc, there is a missing variable initialization. This could lead ...)
+ TODO: check
+CVE-2019-9320 (In libavc, there is a missing variable initialization. This could lead ...)
+ TODO: check
+CVE-2019-9319 (In libavc, there is a missing variable initialization. This could lead ...)
+ TODO: check
+CVE-2019-9318 (In libhevc, there is a missing variable initialization. This could lea ...)
+ TODO: check
+CVE-2019-9317 (In libstagefright, there is a missing variable initialization. This co ...)
+ TODO: check
+CVE-2019-9316 (In libstagefright, there is a missing variable initialization. This co ...)
+ TODO: check
+CVE-2019-9315 (In libhevc, there is a missing variable initialization. This could lea ...)
+ TODO: check
+CVE-2019-9314 (In libavc, there is a missing variable initialization. This could lead ...)
+ TODO: check
+CVE-2019-9313 (In libstagefright, there is a missing variable initialization. This co ...)
+ TODO: check
+CVE-2019-9312 (In Bluetooth, there is a possible out of bounds read due to a missing ...)
+ TODO: check
+CVE-2019-9311 (In Bluetooth, there is a possible crash due to an integer overflow. Th ...)
+ TODO: check
+CVE-2019-9310 (In libFDK, there is a possible out of bounds write due to an integer o ...)
+ TODO: check
+CVE-2019-9309 (In NFC, there is a possible out of bounds write due to a missing bound ...)
+ TODO: check
+CVE-2019-9308 (In libAACdec, there is a possible out of bounds write due to an intege ...)
+ TODO: check
+CVE-2019-9307 (In libAACdec, there is a possible out of bounds write due to an intege ...)
+ TODO: check
+CVE-2019-9306 (In libMpegTPDec, there is a possible out of bounds write due to an int ...)
+ TODO: check
+CVE-2019-9305 (In libAACdec, there is a possible out of bounds write due to an intege ...)
+ TODO: check
+CVE-2019-9304 (In libMpegTPDec, there is a possible out of bounds write due to an int ...)
+ TODO: check
+CVE-2019-9303 (In libFDK, there is a possible out of bounds write due to an integer o ...)
+ TODO: check
+CVE-2019-9302 (In libAACdec, there is a possible out of bounds write due to an intege ...)
+ TODO: check
+CVE-2019-9301 (In libAACdec, there is a possible out of bounds write due to an intege ...)
+ TODO: check
+CVE-2019-9300 (In libAACdec, there is a possible out of bounds write due to an intege ...)
+ TODO: check
+CVE-2019-9299 (In libAACdec, there is a possible out of bounds write due to an intege ...)
+ TODO: check
+CVE-2019-9298 (In libAACdec, there is a possible out of bounds write due to an intege ...)
+ TODO: check
+CVE-2019-9297 (In libAACdec, there is a possible out of bounds write due to an intege ...)
+ TODO: check
+CVE-2019-9296 (In NFC, there is a possible out of bounds read due to a missing bounds ...)
+ TODO: check
+CVE-2019-9295 (In com.android.apps.tag, there is a possible bypass of user interactio ...)
+ TODO: check
+CVE-2019-9294 (In libstagefright, there is a possible out of bounds read due to a mis ...)
+ TODO: check
+CVE-2019-9293 (In libstagefright, there is a possible out of bounds read due to a mis ...)
+ TODO: check
+CVE-2019-9292 (In the Activity Manager service, there is a possible information discl ...)
+ TODO: check
+CVE-2019-9291 (In Bluetooth, there is a possible remote code execution due to an impr ...)
+ TODO: check
+CVE-2019-9290 (In tzdata there is possible memory corruption due to a mismatch betwee ...)
+ TODO: check
+CVE-2019-9289 (In Bluetooth, there is a possible out of bounds read due to a missing ...)
+ TODO: check
+CVE-2019-9288 (In libhidcommand_jni, there is a possible out of bounds write due to a ...)
+ TODO: check
+CVE-2019-9287 (In Bluetooth, there is a possible out of bounds read due to a missing ...)
+ TODO: check
+CVE-2019-9286 (In Bluetooth, there is a possible out of bounds read due to a missing ...)
+ TODO: check
+CVE-2019-9285 (In Bluetooth, there is a possible out of bounds read due to a missing ...)
+ TODO: check
+CVE-2019-9284 (In Bluetooth, there is a possible out of bounds read due to a missing ...)
+ TODO: check
+CVE-2019-9283 (In AAC Codec, there is a possible resource exhaustion due to improper ...)
+ TODO: check
+CVE-2019-9282 (In skia, there is a possible out of bounds read due to a missing bound ...)
+ TODO: check
+CVE-2019-9281 (In GoogleContactsSyncAdapter, there is a possible path traversal due t ...)
+ TODO: check
+CVE-2019-9280 (In keyguard, there is a possible escalation of privilege due to improp ...)
+ TODO: check
+CVE-2019-9279 (In the wifi hotspot service, there is a possible denial of service due ...)
+ TODO: check
+CVE-2019-9278 (In libexif, there is a possible out of bounds write due to an integer ...)
+ TODO: check
+CVE-2019-9277 (In the proc filesystem, there is a possible information disclosure due ...)
+ TODO: check
CVE-2019-9276 (In the Android kernel in the synaptics_dsx_htc touchscreen driver ther ...)
NOT-FOR-US: Android kernel
CVE-2019-9275 (In the Android kernel in the mnh driver there is a use after free due ...)
@@ -23322,89 +23315,89 @@ CVE-2019-9274 (In the Android kernel in the mnh driver there is a possible out o
NOT-FOR-US: Android kernel
CVE-2019-9273 (In the Android kernel in the synaptics_dsx_htc touchscreen driver ther ...)
NOT-FOR-US: Android kernel
-CVE-2019-9272
- RESERVED
+CVE-2019-9272 (In WiFi, there is a possible leak of WiFi state due to a permissions b ...)
+ TODO: check
CVE-2019-9271 (In the Android kernel in the mnh driver there is a race condition due ...)
NOT-FOR-US: Android kernel
CVE-2019-9270 (In the Android kernel in unifi and r8180 WiFi drivers there is a possi ...)
NOT-FOR-US: Android kernel
-CVE-2019-9269
- RESERVED
-CVE-2019-9268
- RESERVED
+CVE-2019-9269 (In System Settings, there is a possible permissions bypass due to a ca ...)
+ TODO: check
+CVE-2019-9268 (In libstagefright, there is a possible use-after-free due to improper ...)
+ TODO: check
CVE-2019-9267
RESERVED
-CVE-2019-9266
- RESERVED
-CVE-2019-9265
- RESERVED
-CVE-2019-9264
- RESERVED
-CVE-2019-9263
- RESERVED
-CVE-2019-9262
- RESERVED
-CVE-2019-9261
- RESERVED
-CVE-2019-9260
- RESERVED
-CVE-2019-9259
- RESERVED
-CVE-2019-9258
- RESERVED
-CVE-2019-9257
- RESERVED
-CVE-2019-9256
- RESERVED
+CVE-2019-9266 (In sensorservice, there is a possible out of bounds write due to a mis ...)
+ TODO: check
+CVE-2019-9265 (In Bluetooth, there is a possible out of bounds read due to an incorre ...)
+ TODO: check
+CVE-2019-9264 (In libxaac there is a possible out of bounds read due to missing bound ...)
+ TODO: check
+CVE-2019-9263 (In telephony, there is a possible bypass of user interaction requireme ...)
+ TODO: check
+CVE-2019-9262 (In MPEG4Extractor, there is a possible out of bounds write due to an i ...)
+ TODO: check
+CVE-2019-9261 (In libxaac there is a possible out of bounds read due to missing bound ...)
+ TODO: check
+CVE-2019-9260 (In Bluetooth, there is a possible out of bounds read due to an incorre ...)
+ TODO: check
+CVE-2019-9259 (In the Bluetooth stack, there is a possible out of bounds write due to ...)
+ TODO: check
+CVE-2019-9258 (In wifilogd, there is a possible out of bounds write due to a missing ...)
+ TODO: check
+CVE-2019-9257 (In Bluetooth, there is a possible out of bounds write due to an intege ...)
+ TODO: check
+CVE-2019-9256 (In libmediaextractor there is a possible out of bounds write due to an ...)
+ TODO: check
CVE-2019-9255
RESERVED
CVE-2019-9254 (In readArgumentList of zygote.java in Android 10, there is a possible ...)
NOT-FOR-US: Android
-CVE-2019-9253
- RESERVED
-CVE-2019-9252
- RESERVED
-CVE-2019-9251
- RESERVED
-CVE-2019-9250
- RESERVED
-CVE-2019-9249
- RESERVED
+CVE-2019-9253 (In KeyStore, there is a possible storage of symmetric keys in the TEE ...)
+ TODO: check
+CVE-2019-9252 (In libavc there is a possible out of bounds read due to uninitialized ...)
+ TODO: check
+CVE-2019-9251 (In NFC, there is a possible out of bounds read due to a missing bounds ...)
+ TODO: check
+CVE-2019-9250 (In Bluetooth, there is a possible out of bounds read due to a missing ...)
+ TODO: check
+CVE-2019-9249 (In Bluetooth, there is a possible out of bounds read due to a missing ...)
+ TODO: check
CVE-2019-9248 (In the Android kernel in the FingerTipS touchscreen driver there is a ...)
NOT-FOR-US: Android kernel
-CVE-2019-9247
- RESERVED
-CVE-2019-9246
- RESERVED
+CVE-2019-9247 (In AAC Codec, there is a missing variable initialization. This could l ...)
+ TODO: check
+CVE-2019-9246 (In NFC, there is a possible out of bounds read due to a missing bounds ...)
+ TODO: check
CVE-2019-9245 (In the Android kernel in the f2fs driver there is a possible out of bo ...)
- linux 4.19.16-1
NOTE: https://git.kernel.org/linus/64beba0558fce7b59e9a8a7afd77290e82a22163
-CVE-2019-9244
- RESERVED
-CVE-2019-9243
- RESERVED
-CVE-2019-9242
- RESERVED
-CVE-2019-9241
- RESERVED
-CVE-2019-9240
- RESERVED
-CVE-2019-9239
- RESERVED
-CVE-2019-9238
- RESERVED
-CVE-2019-9237
- RESERVED
-CVE-2019-9236
- RESERVED
-CVE-2019-9235
- RESERVED
-CVE-2019-9234
- RESERVED
-CVE-2019-9233
- RESERVED
-CVE-2019-9232
- RESERVED
+CVE-2019-9244 (In NFC, there is a possible out of bounds read due to a missing bounds ...)
+ TODO: check
+CVE-2019-9243 (In wpa_supplicant_8, there is a possible out of bounds read due to a m ...)
+ TODO: check
+CVE-2019-9242 (In NFC, there is a possible out of bounds read due to a missing bounds ...)
+ TODO: check
+CVE-2019-9241 (In Bluetooth, there is a possible out of bounds read due to a missing ...)
+ TODO: check
+CVE-2019-9240 (In NFC, there is a possible out of bounds read due to a missing bounds ...)
+ TODO: check
+CVE-2019-9239 (In NFC, there is a possible out of bounds read due to a missing bounds ...)
+ TODO: check
+CVE-2019-9238 (In the NFC stack, there is a possible out of bounds write due to a mis ...)
+ TODO: check
+CVE-2019-9237 (In Bluetooth, there is a possible out of bounds read due to a missing ...)
+ TODO: check
+CVE-2019-9236 (In NFC, there is a possible out of bounds read due to a missing bounds ...)
+ TODO: check
+CVE-2019-9235 (In NFC, there is a possible out of bounds read due to a missing bounds ...)
+ TODO: check
+CVE-2019-9234 (In wpa_supplicant_8, there is a possible out of bounds read due to a m ...)
+ TODO: check
+CVE-2019-9233 (In wpa_supplicant_8, there is a possible out of bounds read due to an ...)
+ TODO: check
+CVE-2019-9232 (In libvpx, there is a possible out of bounds read due to a missing bou ...)
+ TODO: check
CVE-2019-9231 (An issue was discovered on AudioCodes Mediant 500L-MSBR, 500-MBSR, M80 ...)
NOT-FOR-US: AudioCodes Mediant devices
CVE-2019-9230 (An issue was discovered on AudioCodes Mediant 500L-MSBR, 500-MBSR, M80 ...)
@@ -26483,14 +26476,14 @@ CVE-2019-8077 (Adobe Acrobat and Reader versions, 2019.012.20035 and earlier, 20
NOT-FOR-US: Adobe
CVE-2019-8076 (Adobe application manager installer version 10.0 have an Insecure Libr ...)
NOT-FOR-US: Adobe
-CVE-2019-8075
- RESERVED
-CVE-2019-8074
- RESERVED
-CVE-2019-8073
- RESERVED
-CVE-2019-8072
- RESERVED
+CVE-2019-8075 (Adobe Flash Player version 32.0.0.192 and earlier versions have a Same ...)
+ TODO: check
+CVE-2019-8074 (ColdFusion 2018- update 4 and earlier and ColdFusion 2016- update 11 a ...)
+ TODO: check
+CVE-2019-8073 (ColdFusion 2018- update 4 and earlier and ColdFusion 2016- update 11 a ...)
+ TODO: check
+CVE-2019-8072 (ColdFusion 2018- update 4 and earlier and ColdFusion 2016- update 11 a ...)
+ TODO: check
CVE-2019-8071
RESERVED
CVE-2019-8070 (Adobe Flash Player 32.0.0.238 and earlier versions, 32.0.0.207 and ear ...)
@@ -35958,8 +35951,8 @@ CVE-2019-4143 (The IBM Cloud Private Key Management Service (IBM Cloud Private 3
NOT-FOR-US: IBM
CVE-2019-4142 (IBM Cloud Private 2.1.0, 3.1.0, 3.1.1, and 3.1.2 is vulnerable to cros ...)
NOT-FOR-US: IBM
-CVE-2019-4141
- RESERVED
+CVE-2019-4141 (IBM MQ 7.1.0.0 - 7.1.0.9, 7.5.0.0 - 7.5.0.9, 8.0.0.0 - 8.0.0.11, 9.0.0 ...)
+ TODO: check
CVE-2019-4140 (IBM Tivoli Storage Manager Server (IBM Spectrum Protect 7.1 and 8.1) c ...)
NOT-FOR-US: IBM
CVE-2019-4139 (IBM Cognos Analytics 11.0, 11.1.0, and 11.1.1 is vulnerable to cross-s ...)
@@ -42408,16 +42401,14 @@ CVE-2019-2193
RESERVED
CVE-2019-2192
RESERVED
-CVE-2019-2191
- RESERVED
+CVE-2019-2191 (In LG's LAF component, there is a possible leak of information in a pr ...)
NOT-FOR-US: LG components for Android
-CVE-2019-2190
- RESERVED
+CVE-2019-2190 (In LG's LAF component, there is a possible leak of information in a pr ...)
NOT-FOR-US: LG components for Android
-CVE-2019-2189
- RESERVED
-CVE-2019-2188
- RESERVED
+CVE-2019-2189 (In the Easel driver, there is possible memory corruption due to race c ...)
+ TODO: check
+CVE-2019-2188 (In the Easel driver, there is possible memory corruption due to race c ...)
+ TODO: check
CVE-2019-2187
RESERVED
CVE-2019-2186
@@ -42459,76 +42450,76 @@ CVE-2019-2174 (In SensorManager::assertStateLocked of SensorManager.cpp in Andro
NOT-FOR-US: Android
CVE-2019-2173
RESERVED
-CVE-2019-2172
- RESERVED
-CVE-2019-2171
- RESERVED
-CVE-2019-2170
- RESERVED
-CVE-2019-2169
- RESERVED
-CVE-2019-2168
- RESERVED
-CVE-2019-2167
- RESERVED
-CVE-2019-2166
- RESERVED
-CVE-2019-2165
- RESERVED
-CVE-2019-2164
- RESERVED
-CVE-2019-2163
- RESERVED
-CVE-2019-2162
- RESERVED
-CVE-2019-2161
- RESERVED
-CVE-2019-2160
- RESERVED
-CVE-2019-2159
- RESERVED
-CVE-2019-2158
- RESERVED
-CVE-2019-2157
- RESERVED
-CVE-2019-2156
- RESERVED
-CVE-2019-2155
- RESERVED
-CVE-2019-2154
- RESERVED
-CVE-2019-2153
- RESERVED
-CVE-2019-2152
- RESERVED
-CVE-2019-2151
- RESERVED
-CVE-2019-2150
- RESERVED
-CVE-2019-2149
- RESERVED
-CVE-2019-2148
- RESERVED
-CVE-2019-2147
- RESERVED
-CVE-2019-2146
- RESERVED
-CVE-2019-2145
- RESERVED
-CVE-2019-2144
- RESERVED
-CVE-2019-2143
- RESERVED
-CVE-2019-2142
- RESERVED
-CVE-2019-2141
- RESERVED
-CVE-2019-2140
- RESERVED
-CVE-2019-2139
- RESERVED
-CVE-2019-2138
- RESERVED
+CVE-2019-2172 (In libxaac there is a possible information disclosure due to uninitial ...)
+ TODO: check
+CVE-2019-2171 (In libxaac there is a possible information disclosure due to uninitial ...)
+ TODO: check
+CVE-2019-2170 (In libxaac there is a possible information disclosure due to uninitial ...)
+ TODO: check
+CVE-2019-2169 (In libxaac there is a possible information disclosure due to uninitial ...)
+ TODO: check
+CVE-2019-2168 (In libxaac there is a possible information disclosure due to uninitial ...)
+ TODO: check
+CVE-2019-2167 (In libxaac there is a possible information disclosure due to uninitial ...)
+ TODO: check
+CVE-2019-2166 (In libxaac there is a possible information disclosure due to uninitial ...)
+ TODO: check
+CVE-2019-2165 (In libxaac there is a possible out of bounds read due to a missing bou ...)
+ TODO: check
+CVE-2019-2164 (In libxaac there is a possible out of bounds read due to a missing bou ...)
+ TODO: check
+CVE-2019-2163 (In libxaac there is a possible out of bounds read due to a missing bou ...)
+ TODO: check
+CVE-2019-2162 (In libxaac there is a possible out of bounds read due to a missing bou ...)
+ TODO: check
+CVE-2019-2161 (In libxaac there is a possible out of bounds read due to a missing bou ...)
+ TODO: check
+CVE-2019-2160 (In libxaac there is a possible out of bounds read due to a missing bou ...)
+ TODO: check
+CVE-2019-2159 (In libxaac there is a possible out of bounds write due to a missing bo ...)
+ TODO: check
+CVE-2019-2158 (In libxaac, there is a possible out of bounds read due to a missing bo ...)
+ TODO: check
+CVE-2019-2157 (In libxaac, there is a possible out of bounds read due to a missing bo ...)
+ TODO: check
+CVE-2019-2156 (In libxaac, there is a possible out of bounds read due to a missing bo ...)
+ TODO: check
+CVE-2019-2155 (In libxaac, there is a possible out of bounds read due to a missing bo ...)
+ TODO: check
+CVE-2019-2154 (In libxaac, there is a possible out of bounds read due to a missing bo ...)
+ TODO: check
+CVE-2019-2153 (In libxaac, there is a possible out of bounds read due to a missing bo ...)
+ TODO: check
+CVE-2019-2152 (In libxaac, there is a possible out of bounds read due to a missing bo ...)
+ TODO: check
+CVE-2019-2151 (In libxaac, there is a possible out of bounds read due to a missing bo ...)
+ TODO: check
+CVE-2019-2150 (In libxaac, there is a possible out of bounds read due to a missing bo ...)
+ TODO: check
+CVE-2019-2149 (In libxaac, there is a possible out of bounds read due to a missing bo ...)
+ TODO: check
+CVE-2019-2148 (In libxaac, there is a possible out of bounds read due to a missing bo ...)
+ TODO: check
+CVE-2019-2147 (In libxaac, there is a possible out of bounds read due to a missing bo ...)
+ TODO: check
+CVE-2019-2146 (In libxaac, there is a possible out of bounds read due to a missing bo ...)
+ TODO: check
+CVE-2019-2145 (In libxaac, there is a possible out of bounds read due to a missing bo ...)
+ TODO: check
+CVE-2019-2144 (In libxaac, there is a possible out of bounds read due to a missing bo ...)
+ TODO: check
+CVE-2019-2143 (In libxaac, there is a possible out of bounds read due to a missing bo ...)
+ TODO: check
+CVE-2019-2142 (In libxaac, there is a possible out of bounds read due to a missing bo ...)
+ TODO: check
+CVE-2019-2141 (In libxaac there is a possible out of bounds write due to a missing bo ...)
+ TODO: check
+CVE-2019-2140 (In libxaac, there is a possible information disclosure due to uninitia ...)
+ TODO: check
+CVE-2019-2139 (In libxaac, there is a possible out of bounds read due to a missing bo ...)
+ TODO: check
+CVE-2019-2138 (In libxaac, there is a possible out of bounds read due to a missing bo ...)
+ TODO: check
CVE-2019-2137 (In the endCall() function of TelecomManager.java, there is a possible ...)
NOT-FOR-US: Android
CVE-2019-2136 (In Status::readFromParcel of Status.cpp, there is a possible out of bo ...)
@@ -42632,72 +42623,72 @@ CVE-2019-2089
RESERVED
CVE-2019-2088
RESERVED
-CVE-2019-2087
- RESERVED
-CVE-2019-2086
- RESERVED
-CVE-2019-2085
- RESERVED
-CVE-2019-2084
- RESERVED
-CVE-2019-2083
- RESERVED
-CVE-2019-2082
- RESERVED
-CVE-2019-2081
- RESERVED
-CVE-2019-2080
- RESERVED
-CVE-2019-2079
- RESERVED
-CVE-2019-2078
- RESERVED
-CVE-2019-2077
- RESERVED
-CVE-2019-2076
- RESERVED
-CVE-2019-2075
- RESERVED
-CVE-2019-2074
- RESERVED
-CVE-2019-2073
- RESERVED
-CVE-2019-2072
- RESERVED
-CVE-2019-2071
- RESERVED
-CVE-2019-2070
- RESERVED
-CVE-2019-2069
- RESERVED
-CVE-2019-2068
- RESERVED
-CVE-2019-2067
- RESERVED
-CVE-2019-2066
- RESERVED
-CVE-2019-2065
- RESERVED
-CVE-2019-2064
- RESERVED
-CVE-2019-2063
- RESERVED
-CVE-2019-2062
- RESERVED
-CVE-2019-2061
- RESERVED
-CVE-2019-2060
- RESERVED
-CVE-2019-2059
- RESERVED
+CVE-2019-2087 (In libxaac, there is a possible out of bounds write due to a missing b ...)
+ TODO: check
+CVE-2019-2086 (In libxaac, there is a possible out of bounds write due to a missing b ...)
+ TODO: check
+CVE-2019-2085 (In libxaac there is a possible out of bounds write due to a missing bo ...)
+ TODO: check
+CVE-2019-2084 (In libxaac there is a possible out of bounds write due to a missing bo ...)
+ TODO: check
+CVE-2019-2083 (In libxaac there is a possible out of bounds write due to a missing bo ...)
+ TODO: check
+CVE-2019-2082 (In libxaac there is a possible out of bounds write due to a missing bo ...)
+ TODO: check
+CVE-2019-2081 (In libxaac there is a possible out of bounds write due to a missing bo ...)
+ TODO: check
+CVE-2019-2080 (In libxaac, there is a possible out of bounds write due to a missing b ...)
+ TODO: check
+CVE-2019-2079 (In libxaac, there is a possible out of bounds read due to a missing bo ...)
+ TODO: check
+CVE-2019-2078 (In libxaac there is a possible out of bounds write due to a missing bo ...)
+ TODO: check
+CVE-2019-2077 (In libxaac there is a possible out of bounds write due to a missing bo ...)
+ TODO: check
+CVE-2019-2076 (In libxaac there is a possible out of bounds write due to a missing bo ...)
+ TODO: check
+CVE-2019-2075 (In libxaac there is a possible out of bounds write due to a missing bo ...)
+ TODO: check
+CVE-2019-2074 (In libxaac there is a possible out of bounds write due to a missing bo ...)
+ TODO: check
+CVE-2019-2073 (In libxaac there is a possible out of bounds write to missing bounds c ...)
+ TODO: check
+CVE-2019-2072 (In libxaac there is a possible out of bounds write due to a missing bo ...)
+ TODO: check
+CVE-2019-2071 (In libxaac there is a possible out of bounds write due to a missing bo ...)
+ TODO: check
+CVE-2019-2070 (In libxaac, there is a possible out of bounds write due to a missing b ...)
+ TODO: check
+CVE-2019-2069 (In libxaac, there is a possible out of bounds write due to a missing b ...)
+ TODO: check
+CVE-2019-2068 (In libxaac, there is a possible out of bounds write due to a missing b ...)
+ TODO: check
+CVE-2019-2067 (In libxaac, there is a possible out of bounds write due to a missing b ...)
+ TODO: check
+CVE-2019-2066 (In libxaac, there is a possible out of bounds write due to a missing b ...)
+ TODO: check
+CVE-2019-2065 (In libxaac, there is a possible out of bounds write due to a missing b ...)
+ TODO: check
+CVE-2019-2064 (In libxaac, there is a possible out of bounds write due to a missing b ...)
+ TODO: check
+CVE-2019-2063 (In libxaac, there is a possible out of bounds write due to a missing b ...)
+ TODO: check
+CVE-2019-2062 (In libxaac, there is a possible out of bounds write due to a missing b ...)
+ TODO: check
+CVE-2019-2061 (In libxaac, there is a possible out of bounds write due to a missing b ...)
+ TODO: check
+CVE-2019-2060 (In libxaac, there is a possible out of bounds read due to a missing bo ...)
+ TODO: check
+CVE-2019-2059 (In libxaac, there is a possible out of bounds write due to a missing b ...)
+ TODO: check
CVE-2019-2058
RESERVED
CVE-2019-2057
RESERVED
CVE-2019-2056
RESERVED
-CVE-2019-2055
- RESERVED
+CVE-2019-2055 (In libxaac, there is a possible out of bounds write due to a missing b ...)
+ TODO: check
CVE-2019-2054 (In the seccomp implementation prior to kernel version 4.8, there is a ...)
- linux 4.8.5-1
[jessie] - linux <ignored> (Documented limitation)
@@ -47064,8 +47055,8 @@ CVE-2018-19594
RESERVED
CVE-2018-19593
RESERVED
-CVE-2018-19592
- RESERVED
+CVE-2018-19592 (The "CLink4Service" service is installed with Corsair Link 4.9.7.35 wi ...)
+ TODO: check
CVE-2018-19591 (In the GNU C Library (aka glibc or libc6) through 2.28, attempting to ...)
- glibc 2.28-1 (bug #914837)
[stretch] - glibc <not-affected> (Vulnerable code introduced later and not backported to stretch)
@@ -74615,8 +74606,8 @@ CVE-2018-9583 (In bta_ag_parse_cmer of bta_ag_cmd.cc in Android-7.0, Android-7.1
NOT-FOR-US: Android
CVE-2018-9582 (In package installer in Android-8.0, Android-8.1 and Android-9, there ...)
NOT-FOR-US: Android
-CVE-2018-9581
- RESERVED
+CVE-2018-9581 (In WiFi, the RSSI value and SSID information is broadcast as part of a ...)
+ TODO: check
CVE-2018-9580 (A Elevation of privilege vulnerability in the HTC bootloader. Product: ...)
NOT-FOR-US: HTC
CVE-2018-9579
@@ -74971,8 +74962,8 @@ CVE-2018-9427 (In CopyToOMX of OMXNodeInstance.cpp there is a possible out-of-bo
CVE-2018-9426
RESERVED
NOT-FOR-US: Android
-CVE-2018-9425
- RESERVED
+CVE-2018-9425 (In Platform, there is a possible bypass of user interaction requiremen ...)
+ TODO: check
CVE-2018-9424
RESERVED
NOT-FOR-US: Android Media Framework
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/0062cd0bbb521225cf710aeb934ae5c34f08387d
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/0062cd0bbb521225cf710aeb934ae5c34f08387d
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20190927/d913a430/attachment-0001.html>
More information about the debian-security-tracker-commits
mailing list