[Git][security-tracker-team/security-tracker][master] automatic update
Salvatore Bonaccorso
carnil at debian.org
Tue Jan 21 08:10:31 GMT 2020
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
bd7617e2 by security tracker role at 2020-01-21T08:10:23+00:00
automatic update
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,3 +1,33 @@
+CVE-2020-7249 (SMC D3G0804W 3.5.2.5-LAT_GA devices allow XSS via the SSID field on th ...)
+ TODO: check
+CVE-2020-7248
+ RESERVED
+CVE-2020-7247
+ RESERVED
+CVE-2020-7246
+ RESERVED
+CVE-2020-7245
+ RESERVED
+CVE-2020-7244 (Comtech Stampede FX-1010 7.4.3 devices allow remote authenticated admi ...)
+ TODO: check
+CVE-2020-7243 (Comtech Stampede FX-1010 7.4.3 devices allow remote authenticated admi ...)
+ TODO: check
+CVE-2020-7242 (Comtech Stampede FX-1010 7.4.3 devices allow remote authenticated admi ...)
+ TODO: check
+CVE-2020-7241 (The WP Database Backup plugin through 5.5 for WordPress stores downloa ...)
+ TODO: check
+CVE-2020-7240 (Meinberg Lantime M300 and M1000 devices allow attackers (with privileg ...)
+ TODO: check
+CVE-2020-7239 (The conversation-watson plugin before 0.8.21 for WordPress has a DOM-b ...)
+ TODO: check
+CVE-2019-20386 (An issue was discovered in button_open in login/logind-button.c in sys ...)
+ TODO: check
+CVE-2019-20385 (The CSV upload feature in /supervisor/procesa_carga.php on Logaritmo A ...)
+ TODO: check
+CVE-2019-20384 (Gentoo Portage through 2.3.84 allows local users to place a Trojan hor ...)
+ TODO: check
+CVE-2019-20383
+ RESERVED
CVE-2019-20382
RESERVED
CVE-2020-7238
@@ -25386,7 +25416,7 @@ CVE-2019-16241 (On TCL Alcatel Cingular Flip 2 B9HUAH1 devices, PIN authenticati
CVE-2019-16240
RESERVED
CVE-2019-16239 (process_http_response in OpenConnect before 8.05 has a Buffer Overflow ...)
- {DLA-1945-1}
+ {DSA-4607-1 DLA-1945-1}
- openconnect 8.02-1.1 (bug #940871)
NOTE: http://lists.infradead.org/pipermail/openconnect-devel/2019-September/005412.html
NOTE: https://github.com/openconnect/openconnect/commit/875f0a65ab73f4fb581ca870fd3a901bd278f8e8
@@ -32671,13 +32701,11 @@ CVE-2019-14038
RESERVED
CVE-2019-14037
RESERVED
-CVE-2019-14036
- RESERVED
+CVE-2019-14036 (Possible buffer overflow issue in error processing due to improper val ...)
NOT-FOR-US: Qualcomm components for Android
CVE-2019-14035
RESERVED
-CVE-2019-14034
- RESERVED
+CVE-2019-14034 (Use after free while processing eeprom query as there is a chance to n ...)
NOT-FOR-US: Qualcomm components for Android
CVE-2019-14033
RESERVED
@@ -32697,11 +32725,9 @@ CVE-2019-14026
RESERVED
CVE-2019-14025
RESERVED
-CVE-2019-14024
- RESERVED
+CVE-2019-14024 (Possible stack-use-after-scope issue in NFC usecase for card emulation ...)
NOT-FOR-US: Qualcomm components for Android
-CVE-2019-14023
- RESERVED
+CVE-2019-14023 (String format issue will occur while processing HLOS data as there is ...)
NOT-FOR-US: Qualcomm components for Android
CVE-2019-14022
RESERVED
@@ -32713,45 +32739,35 @@ CVE-2019-14019
RESERVED
CVE-2019-14018
RESERVED
-CVE-2019-14017
- RESERVED
+CVE-2019-14017 (Heap buffer overflow can occur while parsing invalid MKV clip which is ...)
NOT-FOR-US: Qualcomm components for Android
-CVE-2019-14016
- RESERVED
+CVE-2019-14016 (Integer overflow occurs while playing the clip which is nonstandard in ...)
NOT-FOR-US: Qualcomm components for Android
CVE-2019-14015
RESERVED
-CVE-2019-14014
- RESERVED
+CVE-2019-14014 (Possible buffer overflow when byte array receives incorrect input from ...)
NOT-FOR-US: Qualcomm components for Android
-CVE-2019-14013
- RESERVED
+CVE-2019-14013 (While parsing invalid super index table, elements within super index t ...)
NOT-FOR-US: Qualcomm components for Android
CVE-2019-14012
RESERVED
CVE-2019-14011
RESERVED
-CVE-2019-14010
- RESERVED
+CVE-2019-14010 (The device may enter into error state when some tool or application ge ...)
NOT-FOR-US: Qualcomm components for Android
CVE-2019-14009
RESERVED
-CVE-2019-14008
- RESERVED
+CVE-2019-14008 (Possible null pointer dereference issue in location assistance data pr ...)
NOT-FOR-US: Qualcomm components for Android
CVE-2019-14007
RESERVED
-CVE-2019-14006
- RESERVED
+CVE-2019-14006 (Buffer overflow occur while playing the clip which is nonstandard due ...)
NOT-FOR-US: Qualcomm components for Android
-CVE-2019-14005
- RESERVED
+CVE-2019-14005 (Buffer overflow occur while playing the clip which is nonstandard due ...)
NOT-FOR-US: Qualcomm components for Android
-CVE-2019-14004
- RESERVED
+CVE-2019-14004 (Buffer overflow occurs while processing invalid MKV clip, which has in ...)
NOT-FOR-US: Qualcomm components for Android
-CVE-2019-14003
- RESERVED
+CVE-2019-14003 (Null pointer exception can happen while parsing invalid MKV clip where ...)
NOT-FOR-US: Qualcomm components for Android
CVE-2019-14002
RESERVED
@@ -43171,8 +43187,7 @@ CVE-2019-10613
RESERVED
CVE-2019-10612
RESERVED
-CVE-2019-10611
- RESERVED
+CVE-2019-10611 (Buffer overflow can occur while processing clip due to lack of check o ...)
NOT-FOR-US: Qualcomm components for Android
CVE-2019-10610
RESERVED
@@ -43182,8 +43197,7 @@ CVE-2019-10608
RESERVED
CVE-2019-10607 (Out of bounds memcpy can occur by providing the embedded NULL characte ...)
NOT-FOR-US: Qualcomm components for Android
-CVE-2019-10606
- RESERVED
+CVE-2019-10606 (Out-of-bound access will occur in USB driver due to lack of check to v ...)
NOT-FOR-US: Qualcomm components for Android
CVE-2019-10605 (Buffer overwrite can occur in IEEE80211 header filling function due to ...)
NOT-FOR-US: Qualcomm components for Android
@@ -43191,8 +43205,7 @@ CVE-2019-10604
RESERVED
CVE-2019-10603
RESERVED
-CVE-2019-10602
- RESERVED
+CVE-2019-10602 (Potential use-after-free heap error during Validate/Present calls on d ...)
NOT-FOR-US: Qualcomm components for Android
CVE-2019-10601 (Out of bound access can occur while processing firmware event due to l ...)
NOT-FOR-US: Qualcomm components for Android
@@ -43226,27 +43239,21 @@ CVE-2019-10587
RESERVED
CVE-2019-10586
RESERVED
-CVE-2019-10585
- RESERVED
+CVE-2019-10585 (Possible integer overflow happens when mmap find function will increme ...)
NOT-FOR-US: Qualcomm components for Android
CVE-2019-10584 (Possibility of out of bound access in debug queue, if packet size fiel ...)
NOT-FOR-US: Snapdragon
-CVE-2019-10583
- RESERVED
+CVE-2019-10583 (Use after free issue occurs when camera access sensors data through di ...)
NOT-FOR-US: Qualcomm components for Android
-CVE-2019-10582
- RESERVED
+CVE-2019-10582 (Use after free issue due to using of invalidated iterator to delete an ...)
NOT-FOR-US: Qualcomm components for Android
-CVE-2019-10581
- RESERVED
+CVE-2019-10581 (NULL is assigned to local instance of audio device pointer after free ...)
NOT-FOR-US: Qualcomm components for Android
CVE-2019-10580
RESERVED
-CVE-2019-10579
- RESERVED
+CVE-2019-10579 (Buffer over-read can occur while playing the video clip which is not s ...)
NOT-FOR-US: Qualcomm components for Android
-CVE-2019-10578
- RESERVED
+CVE-2019-10578 (Null pointer dereference can occur while parsing the clip which is non ...)
NOT-FOR-US: Qualcomm components for Android
CVE-2019-10577
RESERVED
@@ -43280,14 +43287,13 @@ CVE-2019-10563 (Buffer over-read can occur in fast message handler due to improp
NOT-FOR-US: Snapdragon
CVE-2019-10562
RESERVED
-CVE-2019-10561
- RESERVED
+CVE-2019-10561 (Improper initialization of local variables which are parameters to sfs ...)
+ TODO: check
CVE-2019-10560
RESERVED
CVE-2019-10559 (Accessing data buffer beyond the available data while parsing ogg clip ...)
NOT-FOR-US: Qualcomm components for Android
-CVE-2019-10558
- RESERVED
+CVE-2019-10558 (While transferring data from APPS to DSP, Out of bound in FastRPC HLOS ...)
NOT-FOR-US: Qualcomm components for Android
CVE-2019-10557 (Out-of-bound read in the wireless driver in the Linux kernel due to la ...)
NOT-FOR-US: Qualcomm components for Android
@@ -43307,8 +43313,7 @@ CVE-2019-10550
RESERVED
CVE-2019-10549
RESERVED
-CVE-2019-10548
- RESERVED
+CVE-2019-10548 (While trying to obtain datad ipc handle during DPL initialization, Hea ...)
NOT-FOR-US: Qualcomm components for Android
CVE-2019-10547
RESERVED
@@ -43340,8 +43345,7 @@ CVE-2019-10534 (Null-pointer dereference can occur while accessing the super ind
NOT-FOR-US: Snapdragon
CVE-2019-10533 (Out of bound access due to improper validation of array index cause th ...)
NOT-FOR-US: Snapdragon
-CVE-2019-10532
- RESERVED
+CVE-2019-10532 (Null-pointer dereference issue can occur while calculating string leng ...)
NOT-FOR-US: Qualcomm components for Android
CVE-2019-10531 (Incorrect reading of system image resulting in buffer overflow when si ...)
NOT-FOR-US: Snapdragon
@@ -67002,8 +67006,7 @@ CVE-2019-2269 (Possible buffer overflow while processing the high level lim proc
NOT-FOR-US: Snapdragon
CVE-2019-2268 (Possible OOB read issue in P2P action frames while handling WLAN manag ...)
NOT-FOR-US: Snapdragon
-CVE-2019-2267
- RESERVED
+CVE-2019-2267 (Locked regions may be modified through other interfaces in secure boot ...)
NOT-FOR-US: Qualcomm components for Android
CVE-2019-2266 (Possible double free issue in kernel while handling the camera sensor ...)
NOT-FOR-US: Snapdragon
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/bd7617e248f19848cb37a9419c269c3e32fada77
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/bd7617e248f19848cb37a9419c269c3e32fada77
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20200121/90099556/attachment-0001.html>
More information about the debian-security-tracker-commits
mailing list