[Git][security-tracker-team/security-tracker][master] automatic update
Salvatore Bonaccorso
carnil at debian.org
Sat Jan 25 08:10:23 GMT 2020
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
81530729 by security tracker role at 2020-01-25T08:10:15+00:00
automatic update
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,3 +1,41 @@
+CVE-2020-7979
+ RESERVED
+CVE-2020-7978
+ RESERVED
+CVE-2020-7977
+ RESERVED
+CVE-2020-7976
+ RESERVED
+CVE-2020-7975
+ RESERVED
+CVE-2020-7974
+ RESERVED
+CVE-2020-7973
+ RESERVED
+CVE-2020-7972
+ RESERVED
+CVE-2020-7971
+ RESERVED
+CVE-2020-7970
+ RESERVED
+CVE-2020-7969
+ RESERVED
+CVE-2020-7968
+ RESERVED
+CVE-2020-7967
+ RESERVED
+CVE-2020-7966
+ RESERVED
+CVE-2020-7965
+ RESERVED
+CVE-2020-7964 (An issue was discovered in Mirumee Saleor 2.x before 2.9.1. Incorrect ...)
+ TODO: check
+CVE-2020-7963
+ RESERVED
+CVE-2019-20420
+ RESERVED
+CVE-2015-9541 (Qt through 5.14 allows an exponential XML entity expansion attack via ...)
+ TODO: check
CVE-2020-7962
RESERVED
CVE-2020-7961
@@ -1947,8 +1985,8 @@ CVE-2020-7053 (In the Linux kernel 4.14 longterm through 4.14.165 and 4.19 longt
[stretch] - linux <not-affected> (Vulnerable code introduced later)
[jessie] - linux <not-affected> (Vulnerable code introduced later)
NOTE: https://lore.kernel.org/stable/20200114183937.12224-1-tyhicks@canonical.com/
-CVE-2020-7052
- RESERVED
+CVE-2020-7052 (CODESYS Control V3, Gateway V3, and HMI V3 before 3.5.15.30 allow unco ...)
+ TODO: check
CVE-2020-7051
RESERVED
CVE-2020-7050
@@ -2396,7 +2434,7 @@ CVE-2020-6845
RESERVED
CVE-2020-6844
RESERVED
-CVE-2020-6843 (Zoho ManageEngine ServiceDesk Plus 11.0 Build 11007 allows XSS. ...)
+CVE-2020-6843 (Zoho ManageEngine ServiceDesk Plus 11.0 Build 11007 allows XSS. This i ...)
NOT-FOR-US: Zoho ManageEngine ServiceDesk Plus
CVE-2020-6842
RESERVED
@@ -5830,12 +5868,12 @@ CVE-2020-5228
RESERVED
CVE-2020-5227
RESERVED
-CVE-2020-5226
- RESERVED
-CVE-2020-5225
- RESERVED
-CVE-2020-5224
- RESERVED
+CVE-2020-5226 (Cross-site scripting in SimpleSAMLphp before version 1.18.4. The www/e ...)
+ TODO: check
+CVE-2020-5225 (Log injection in SimpleSAMLphp before version 1.18.4. The www/errorepo ...)
+ TODO: check
+CVE-2020-5224 (In Django User Sessions (django-user-sessions) before 1.7.1, the views ...)
+ TODO: check
CVE-2020-5223 (In PrivateBin versions 1.2.0 before 1.2.2, and 1.3.0 before 1.3.2, a p ...)
TODO: check
CVE-2020-5222
@@ -71425,91 +71463,91 @@ CVE-2018-19608 (Arm Mbed TLS before 2.14.1, before 2.7.8, and before 2.1.17 allo
NOTE: https://tls.mbed.org/tech-updates/releases/mbedtls-2.14.1-2.7.8-and-2.1.17-released
NOTE: https://tls.mbed.org/tech-updates/security-advisories/mbedtls-security-advisory-2018-03
CVE-2019-1534
- RESERVED
+ REJECTED
CVE-2019-1533
- RESERVED
+ REJECTED
CVE-2019-1532
- RESERVED
+ REJECTED
CVE-2019-1531
- RESERVED
+ REJECTED
CVE-2019-1530
- RESERVED
+ REJECTED
CVE-2019-1529
- RESERVED
+ REJECTED
CVE-2019-1528
- RESERVED
+ REJECTED
CVE-2019-1527
- RESERVED
+ REJECTED
CVE-2019-1526
- RESERVED
+ REJECTED
CVE-2019-1525
- RESERVED
+ REJECTED
CVE-2019-1524
- RESERVED
+ REJECTED
CVE-2019-1523
- RESERVED
+ REJECTED
CVE-2019-1522
- RESERVED
+ REJECTED
CVE-2019-1521
- RESERVED
+ REJECTED
CVE-2019-1520
- RESERVED
+ REJECTED
CVE-2019-1519
- RESERVED
+ REJECTED
CVE-2019-1518
- RESERVED
+ REJECTED
CVE-2019-1517
- RESERVED
+ REJECTED
CVE-2019-1516
- RESERVED
+ REJECTED
CVE-2019-1515
- RESERVED
+ REJECTED
CVE-2019-1514
- RESERVED
+ REJECTED
CVE-2019-1513
- RESERVED
+ REJECTED
CVE-2019-1512
- RESERVED
+ REJECTED
CVE-2019-1511
- RESERVED
+ REJECTED
CVE-2019-1510
- RESERVED
+ REJECTED
CVE-2019-1509
- RESERVED
+ REJECTED
CVE-2019-1508
- RESERVED
+ REJECTED
CVE-2019-1507
- RESERVED
+ REJECTED
CVE-2019-1506
- RESERVED
+ REJECTED
CVE-2019-1505
- RESERVED
+ REJECTED
CVE-2019-1504
- RESERVED
+ REJECTED
CVE-2019-1503
- RESERVED
+ REJECTED
CVE-2019-1502
- RESERVED
+ REJECTED
CVE-2019-1501
- RESERVED
+ REJECTED
CVE-2019-1500
- RESERVED
+ REJECTED
CVE-2019-1499
- RESERVED
+ REJECTED
CVE-2019-1498
- RESERVED
+ REJECTED
CVE-2019-1497
- RESERVED
+ REJECTED
CVE-2019-1496
- RESERVED
+ REJECTED
CVE-2019-1495
- RESERVED
+ REJECTED
CVE-2019-1494
- RESERVED
+ REJECTED
CVE-2019-1493
- RESERVED
+ REJECTED
CVE-2019-1492
- RESERVED
+ REJECTED
CVE-2019-1491
RESERVED
CVE-2019-1490 (A spoofing vulnerability exists when a Skype for Business Server does ...)
@@ -71529,13 +71567,13 @@ CVE-2019-1484 (A remote code execution vulnerability exists when Microsoft Windo
CVE-2019-1483 (An elevation of privilege vulnerability exists when the Windows AppX D ...)
NOT-FOR-US: Microsoft
CVE-2019-1482
- RESERVED
+ REJECTED
CVE-2019-1481 (An information disclosure vulnerability exists in Windows Media Player ...)
NOT-FOR-US: Microsoft
CVE-2019-1480 (An information disclosure vulnerability exists in Windows Media Player ...)
NOT-FOR-US: Microsoft
CVE-2019-1479
- RESERVED
+ REJECTED
CVE-2019-1478 (An elevation of privilege vulnerability exists when Windows improperly ...)
NOT-FOR-US: Microsoft
CVE-2019-1477 (An elevation of privilege vulnerability exists when the Windows Printe ...)
@@ -71543,11 +71581,11 @@ CVE-2019-1477 (An elevation of privilege vulnerability exists when the Windows P
CVE-2019-1476 (An elevation of privilege vulnerability exists when Windows AppX Deplo ...)
NOT-FOR-US: Microsoft
CVE-2019-1475
- RESERVED
+ REJECTED
CVE-2019-1474 (An information disclosure vulnerability exists when the Windows kernel ...)
NOT-FOR-US: Microsoft
CVE-2019-1473
- RESERVED
+ REJECTED
CVE-2019-1472 (An information disclosure vulnerability exists when the Windows kernel ...)
NOT-FOR-US: Microsoft
CVE-2019-1471 (A remote code execution vulnerability exists when Windows Hyper-V on a ...)
@@ -71572,10 +71610,10 @@ CVE-2019-1462 (A remote code execution vulnerability exists in Microsoft PowerPo
NOT-FOR-US: Microsoft
CVE-2019-1461 (A denial of service vulnerability exists in Microsoft Word software wh ...)
NOT-FOR-US: Microsoft
-CVE-2019-1460
- RESERVED
+CVE-2019-1460 (A spoofing vulnerability exists in the way Microsoft Outlook for Andro ...)
+ TODO: check
CVE-2019-1459
- RESERVED
+ REJECTED
CVE-2019-1458 (An elevation of privilege vulnerability exists in Windows when the Win ...)
NOT-FOR-US: Microsoft
CVE-2019-1457 (A security feature bypass vulnerability exists in Microsoft Office sof ...)
@@ -71583,17 +71621,17 @@ CVE-2019-1457 (A security feature bypass vulnerability exists in Microsoft Offic
CVE-2019-1456 (A remote code execution vulnerability exists in Microsoft Windows when ...)
NOT-FOR-US: Microsoft
CVE-2019-1455
- RESERVED
-CVE-2019-1454
- RESERVED
+ REJECTED
+CVE-2019-1454 (An elevation of privilege vulnerability exists when the Windows User P ...)
+ TODO: check
CVE-2019-1453 (A denial of service vulnerability exists in Remote Desktop Protocol (R ...)
NOT-FOR-US: Microsoft
CVE-2019-1452
- RESERVED
+ REJECTED
CVE-2019-1451
- RESERVED
+ REJECTED
CVE-2019-1450
- RESERVED
+ REJECTED
CVE-2019-1449 (A security feature bypass vulnerability exists in the way that Office ...)
NOT-FOR-US: Microsoft
CVE-2019-1448 (A remote code execution vulnerability exists in Microsoft Excel softwa ...)
@@ -71605,7 +71643,7 @@ CVE-2019-1446 (An information disclosure vulnerability exists when Microsoft Exc
CVE-2019-1445 (A spoofing vulnerability exists when Office Online does not validate o ...)
NOT-FOR-US: Microsoft
CVE-2019-1444
- RESERVED
+ REJECTED
CVE-2019-1443 (An information disclosure vulnerability exists in Microsoft SharePoint ...)
NOT-FOR-US: Microsoft
CVE-2019-1442 (A security feature bypass vulnerability exists when Microsoft Office d ...)
@@ -71631,7 +71669,7 @@ CVE-2019-1433 (An elevation of privilege vulnerability exists when the Windows G
CVE-2019-1432 (An information disclosure vulnerability exists when DirectWrite improp ...)
NOT-FOR-US: Microsoft
CVE-2019-1431
- RESERVED
+ REJECTED
CVE-2019-1430 (A remote code execution vulnerability exists when Windows Media Founda ...)
NOT-FOR-US: Microsoft
CVE-2019-1429 (A remote code execution vulnerability exists in the way that the scrip ...)
@@ -71651,7 +71689,7 @@ CVE-2019-1423 (An elevation of privilege vulnerability exists in the way that th
CVE-2019-1422 (An elevation of privilege vulnerability exists in the way that the iph ...)
NOT-FOR-US: Microsoft
CVE-2019-1421
- RESERVED
+ REJECTED
CVE-2019-1420 (An elevation of privilege vulnerability exists in the way that the dss ...)
NOT-FOR-US: Microsoft
CVE-2019-1419 (A remote code execution vulnerability exists in Microsoft Windows when ...)
@@ -71664,8 +71702,8 @@ CVE-2019-1416 (An elevation of privilege vulnerability exists due to a race cond
NOT-FOR-US: Microsoft
CVE-2019-1415 (An elevation of privilege vulnerability exists in Windows Installer be ...)
NOT-FOR-US: Microsoft
-CVE-2019-1414
- RESERVED
+CVE-2019-1414 (An elevation of privilege vulnerability exists in Visual Studio Code w ...)
+ TODO: check
CVE-2019-1413 (A security feature bypass vulnerability exists when Microsoft Edge imp ...)
NOT-FOR-US: Microsoft
CVE-2019-1412 (An information disclosure vulnerability exists in Windows Adobe Type M ...)
@@ -71673,7 +71711,7 @@ CVE-2019-1412 (An information disclosure vulnerability exists in Windows Adobe T
CVE-2019-1411 (An information disclosure vulnerability exists when DirectWrite improp ...)
NOT-FOR-US: Microsoft
CVE-2019-1410
- RESERVED
+ REJECTED
CVE-2019-1409 (An information disclosure vulnerability exists when the Windows Remote ...)
NOT-FOR-US: Microsoft
CVE-2019-1408 (An elevation of privilege vulnerability exists in Windows when the Win ...)
@@ -71685,13 +71723,13 @@ CVE-2019-1406 (A remote code execution vulnerability exists when the Windows Jet
CVE-2019-1405 (An elevation of privilege vulnerability exists when the Windows Univer ...)
NOT-FOR-US: Microsoft
CVE-2019-1404
- RESERVED
+ REJECTED
CVE-2019-1403
- RESERVED
+ REJECTED
CVE-2019-1402 (An information disclosure vulnerability exists in Microsoft Office sof ...)
NOT-FOR-US: Microsoft
CVE-2019-1401
- RESERVED
+ REJECTED
CVE-2019-1400 (An information disclosure vulnerability exists in Microsoft Access sof ...)
NOT-FOR-US: Microsoft
CVE-2019-1399 (A denial of service vulnerability exists when Microsoft Hyper-V on a h ...)
@@ -71724,7 +71762,7 @@ CVE-2019-1387 (An issue was found in Git before v2.24.1, v2.23.1, v2.22.2, v2.21
NOTE: https://git.kernel.org/pub/scm/git/git.git/commit/?id=a8dee3ca610f5a1d403634492136c887f83b59d2
NOTE: https://www.openwall.com/lists/oss-security/2019/12/13/1
CVE-2019-1386
- RESERVED
+ REJECTED
CVE-2019-1385 (An elevation of privilege vulnerability exists when the Windows AppX D ...)
NOT-FOR-US: Microsoft
CVE-2019-1384 (A security feature bypass vulnerability exists where a NETLOGON messag ...)
@@ -71742,7 +71780,7 @@ CVE-2019-1379 (An elevation of privilege vulnerability exists when the Windows D
CVE-2019-1378 (An elevation of privilege vulnerability exists in Windows 10 Update As ...)
NOT-FOR-US: Microsoft
CVE-2019-1377
- RESERVED
+ REJECTED
CVE-2019-1376 (An information disclosure vulnerability exists in Microsoft SQL Server ...)
NOT-FOR-US: Microsoft
CVE-2019-1375 (A cross site scripting vulnerability exists when Microsoft Dynamics 36 ...)
@@ -71776,7 +71814,7 @@ CVE-2019-1362 (An elevation of privilege vulnerability exists in Windows when th
CVE-2019-1361 (An information disclosure vulnerability exists in the way that Microso ...)
NOT-FOR-US: Microsoft
CVE-2019-1360
- RESERVED
+ REJECTED
CVE-2019-1359 (A remote code execution vulnerability exists when the Windows Jet Data ...)
NOT-FOR-US: Microsoft
CVE-2019-1358 (A remote code execution vulnerability exists when the Windows Jet Data ...)
@@ -71786,47 +71824,42 @@ CVE-2019-1357 (A spoofing vulnerability exists when Microsoft Browsers improperl
CVE-2019-1356 (An information disclosure vulnerability exists when Microsoft Edge bas ...)
NOT-FOR-US: Microsoft
CVE-2019-1355
- RESERVED
-CVE-2019-1354
- RESERVED
+ REJECTED
+CVE-2019-1354 (A remote code execution vulnerability exists when Git for Visual Studi ...)
- git 1:2.24.0-2 (unimportant)
[buster] - git 1:2.20.1-2+deb10u1
NOTE: https://git.kernel.org/pub/scm/git/git.git/commit/?id=e1d911dd4c7b76a5a8cec0f5c8de15981e34da83
NOTE: https://www.openwall.com/lists/oss-security/2019/12/13/1
CVE-2019-1353
- RESERVED
+ REJECTED
{DSA-4581-1 DLA-2059-1}
- git 1:2.24.0-2
NOTE: https://git.kernel.org/pub/scm/git/git.git/commit/?id=9102f958ee5254b10c0be72672aa3305bf4f4704
NOTE: https://www.openwall.com/lists/oss-security/2019/12/13/1
-CVE-2019-1352
- RESERVED
+CVE-2019-1352 (A remote code execution vulnerability exists when Git for Visual Studi ...)
{DSA-4581-1 DLA-2059-1}
- git 1:2.24.0-2
NOTE: https://git.kernel.org/pub/scm/git/git.git/commit/?id=7c3745fc6185495d5765628b4dfe1bd2c25a2981
NOTE: https://www.openwall.com/lists/oss-security/2019/12/13/1
NOTE: Additional hardening for .gitmodules (but not part of the CVE):
NOTE: https://git.kernel.org/pub/scm/git/git.git/commit/?id=91bd46588e6959e6903e275f78b10bd07830d547
-CVE-2019-1351
- RESERVED
+CVE-2019-1351 (A tampering vulnerability exists when Git for Visual Studio improperly ...)
- git 1:2.24.0-2 (unimportant)
[buster] - git 1:2.20.1-2+deb10u1
NOTE: https://git.kernel.org/pub/scm/git/git.git/commit/?id=f82a97eb9197c1e3768e72648f37ce0ca3233734
NOTE: https://www.openwall.com/lists/oss-security/2019/12/13/1
-CVE-2019-1350
- RESERVED
+CVE-2019-1350 (A remote code execution vulnerability exists when Git for Visual Studi ...)
- git 1:2.24.0-2 (unimportant)
[buster] - git 1:2.20.1-2+deb10u1
NOTE: https://git.kernel.org/pub/scm/git/git.git/commit/?id=6d8684161ee9c03bed5cb69ae76dfdddb85a0003
NOTE: https://www.openwall.com/lists/oss-security/2019/12/13/1
-CVE-2019-1349
- RESERVED
+CVE-2019-1349 (A remote code execution vulnerability exists when Git for Visual Studi ...)
{DSA-4581-1 DLA-2059-1}
- git 1:2.24.0-2
NOTE: https://git.kernel.org/pub/scm/git/git.git/commit/?id=0060fd1511b94c918928fa3708f69a3f33895a4a
NOTE: https://www.openwall.com/lists/oss-security/2019/12/13/1
CVE-2019-1348
- RESERVED
+ REJECTED
{DSA-4581-1 DLA-2059-1}
- git 1:2.24.0-2
NOTE: https://git.kernel.org/pub/scm/git/git.git/commit/?id=68061e3470210703cb15594194718d35094afdc0
@@ -71902,7 +71935,7 @@ CVE-2019-1314 (A security feature bypass vulnerability exists in Windows 10 Mobi
CVE-2019-1313 (An information disclosure vulnerability exists in Microsoft SQL Server ...)
NOT-FOR-US: Microsoft
CVE-2019-1312
- RESERVED
+ REJECTED
CVE-2019-1311 (A remote code execution vulnerability exists when the Windows Imaging ...)
NOT-FOR-US: Microsoft
CVE-2019-1310 (A denial of service vulnerability exists when Microsoft Hyper-V Networ ...)
@@ -71918,7 +71951,7 @@ CVE-2019-1306 (A remote code execution vulnerability exists when Azure DevOps Se
CVE-2019-1305 (A Cross-site Scripting (XSS) vulnerability exists when Team Foundation ...)
NOT-FOR-US: Microsoft
CVE-2019-1304
- RESERVED
+ REJECTED
CVE-2019-1303 (An elevation of privilege vulnerability exists when the Windows AppX D ...)
NOT-FOR-US: Microsoft
CVE-2019-1302 (An elevation of privilege vulnerability exists when a ASP.NET Core web ...)
@@ -71950,7 +71983,7 @@ CVE-2019-1290 (A remote code execution vulnerability exists in the Windows Remot
CVE-2019-1289 (An elevation of privilege vulnerability exists when the Windows Update ...)
NOT-FOR-US: Microsoft
CVE-2019-1288
- RESERVED
+ REJECTED
CVE-2019-1287 (An elevation of privilege vulnerability exists in the way that the Win ...)
NOT-FOR-US: Microsoft
CVE-2019-1286 (An information disclosure vulnerability exists when the Windows GDI co ...)
@@ -71964,19 +71997,19 @@ CVE-2019-1283 (An information disclosure vulnerability exists in the way that Mi
CVE-2019-1282 (An information disclosure exists in the Windows Common Log File System ...)
NOT-FOR-US: Microsoft
CVE-2019-1281
- RESERVED
+ REJECTED
CVE-2019-1280 (A remote code execution vulnerability exists in Microsoft Windows that ...)
NOT-FOR-US: Microsoft
CVE-2019-1279
- RESERVED
+ REJECTED
CVE-2019-1278 (An elevation of privilege vulnerability exists in the way that the uni ...)
NOT-FOR-US: Microsoft
CVE-2019-1277 (An elevation of privilege vulnerability exists in Windows Audio Servic ...)
NOT-FOR-US: Microsoft
CVE-2019-1276
- RESERVED
+ REJECTED
CVE-2019-1275
- RESERVED
+ REJECTED
CVE-2019-1274 (An information disclosure vulnerability exists when the Windows kernel ...)
NOT-FOR-US: Microsoft
CVE-2019-1273 (A cross-site-scripting (XSS) vulnerability exists when Active Director ...)
@@ -72106,13 +72139,13 @@ CVE-2019-1212 (A memory corruption vulnerability exists in the Windows Server DH
CVE-2019-1211 (An elevation of privilege vulnerability exists in Git for Visual Studi ...)
NOT-FOR-US: Microsoft
CVE-2019-1210
- RESERVED
+ REJECTED
CVE-2019-1209 (An information disclosure vulnerability exists in Lync 2013, aka 'Lync ...)
NOT-FOR-US: Microsoft
CVE-2019-1208 (A remote code execution vulnerability exists in the way that the VBScr ...)
NOT-FOR-US: Microsoft
CVE-2019-1207
- RESERVED
+ REJECTED
CVE-2019-1206 (A memory corruption vulnerability exists in the Windows Server DHCP se ...)
NOT-FOR-US: Microsoft
CVE-2019-1205 (A remote code execution vulnerability exists in Microsoft Word softwar ...)
@@ -72144,11 +72177,11 @@ CVE-2019-1193 (A remote code execution vulnerability exists in the way that Micr
CVE-2019-1192 (A security feature bypass vulnerability exists when Microsoft browsers ...)
NOT-FOR-US: Microsoft
CVE-2019-1191
- RESERVED
+ REJECTED
CVE-2019-1190 (An elevation of privilege vulnerability exists in the way that the Win ...)
NOT-FOR-US: Microsoft
CVE-2019-1189
- RESERVED
+ REJECTED
CVE-2019-1188 (A remote code execution vulnerability exists in Microsoft Windows that ...)
NOT-FOR-US: Microsoft
CVE-2019-1187 (A denial of service vulnerability exists when the XmlLite runtime (Xml ...)
@@ -72196,7 +72229,7 @@ CVE-2019-1167 (A security feature bypass vulnerability exists in Windows Defende
CVE-2019-1166 (A tampering vulnerability exists in Microsoft Windows when a man-in-th ...)
NOT-FOR-US: Microsoft
CVE-2019-1165
- RESERVED
+ REJECTED
CVE-2019-1164 (An elevation of privilege vulnerability exists when the Windows kernel ...)
NOT-FOR-US: Microsoft
CVE-2019-1163 (A security feature bypass exists when Windows incorrectly validates CA ...)
@@ -72206,7 +72239,7 @@ CVE-2019-1162 (An elevation of privilege vulnerability exists when Windows impro
CVE-2019-1161 (An elevation of privilege vulnerability exists when the MpSigStub.exe ...)
NOT-FOR-US: Microsoft
CVE-2019-1160
- RESERVED
+ REJECTED
CVE-2019-1159 (An elevation of privilege vulnerability exists when the Windows kernel ...)
NOT-FOR-US: Microsoft
CVE-2019-1158 (An information disclosure vulnerability exists when the Windows GDI co ...)
@@ -72256,7 +72289,7 @@ CVE-2019-1137 (A cross-site-scripting (XSS) vulnerability exists when Microsoft
CVE-2019-1136 (An elevation of privilege vulnerability exists in Microsoft Exchange S ...)
NOT-FOR-US: Microsoft
CVE-2019-1135
- RESERVED
+ REJECTED
CVE-2019-1134 (A cross-site-scripting (XSS) vulnerability exists when Microsoft Share ...)
NOT-FOR-US: Microsoft
CVE-2019-1133 (A remote code execution vulnerability exists in the way that the scrip ...)
@@ -72298,9 +72331,9 @@ CVE-2019-1117 (A remote code execution vulnerability exists in the way that Dire
CVE-2019-1116 (An information disclosure vulnerability exists when the Windows GDI co ...)
NOT-FOR-US: Microsoft
CVE-2019-1115
- RESERVED
+ REJECTED
CVE-2019-1114
- RESERVED
+ REJECTED
CVE-2019-1113 (A remote code execution vulnerability exists in .NET software when the ...)
NOT-FOR-US: Microsoft .NET
CVE-2019-1112 (An information disclosure vulnerability exists when Microsoft Excel im ...)
@@ -72396,7 +72429,7 @@ CVE-2019-1068 (A remote code execution vulnerability exists in Microsoft SQL Ser
CVE-2019-1067 (An elevation of privilege vulnerability exists when the Windows kernel ...)
NOT-FOR-US: Microsoft
CVE-2019-1066
- RESERVED
+ REJECTED
CVE-2019-1065 (An elevation of privilege vulnerability exists when the Windows kernel ...)
NOT-FOR-US: Microsoft
CVE-2019-1064 (An elevation of privilege vulnerability exists when Windows AppX Deplo ...)
@@ -72406,13 +72439,13 @@ CVE-2019-1063 (A remote code execution vulnerability exists when Internet Explor
CVE-2019-1062 (A remote code execution vulnerability exists in the way that the Chakr ...)
NOT-FOR-US: Microsoft
CVE-2019-1061
- RESERVED
+ REJECTED
CVE-2019-1060 (A remote code execution vulnerability exists when the Microsoft XML Co ...)
NOT-FOR-US: Microsoft
CVE-2019-1059 (A remote code execution vulnerability exists in the way that the scrip ...)
NOT-FOR-US: Microsoft
CVE-2019-1058
- RESERVED
+ REJECTED
CVE-2019-1057 (A remote code execution vulnerability exists when the Microsoft XML Co ...)
NOT-FOR-US: Microsoft
CVE-2019-1056 (A remote code execution vulnerability exists in the way that the scrip ...)
@@ -72444,7 +72477,7 @@ CVE-2019-1044 (A security feature bypass vulnerability exists when Windows Secur
CVE-2019-1043 (A remote code execution vulnerability exists in the way that comctl32. ...)
NOT-FOR-US: Microsoft
CVE-2019-1042
- RESERVED
+ REJECTED
CVE-2019-1041 (An elevation of privilege vulnerability exists when the Windows kernel ...)
NOT-FOR-US: Microsoft
CVE-2019-1040 (A tampering vulnerability exists in Microsoft Windows when a man-in-th ...)
@@ -72488,7 +72521,7 @@ CVE-2019-1022 (An elevation of privilege exists in Windows Audio Service, aka 'W
CVE-2019-1021 (An elevation of privilege exists in Windows Audio Service, aka 'Window ...)
NOT-FOR-US: Microsoft
CVE-2019-1020
- RESERVED
+ REJECTED
CVE-2019-1019 (A security feature bypass vulnerability exists where a NETLOGON messag ...)
NOT-FOR-US: Microsoft
CVE-2019-1018 (An elevation of privilege vulnerability exists when DirectX improperly ...)
@@ -72534,13 +72567,13 @@ CVE-2019-0999 (An elevation of privilege vulnerability exists when DirectX impro
CVE-2019-0998 (An elevation of privilege vulnerability exists when the Storage Servic ...)
NOT-FOR-US: Microsoft
CVE-2019-0997
- RESERVED
+ REJECTED
CVE-2019-0996 (A spoofing vulnerability exists in Azure DevOps Server when it imprope ...)
NOT-FOR-US: Azure DevOps Server / Microsoft
CVE-2019-0995 (A security feature bypass vulnerability exists when urlmon.dll imprope ...)
NOT-FOR-US: Microsoft
CVE-2019-0994
- RESERVED
+ REJECTED
CVE-2019-0993 (A remote code execution vulnerability exists in the way that the Chakr ...)
NOT-FOR-US: Microsoft
CVE-2019-0992 (A remote code execution vulnerability exists in the way that the Chakr ...)
@@ -72554,7 +72587,7 @@ CVE-2019-0989 (A remote code execution vulnerability exists in the way that the
CVE-2019-0988 (A remote code execution vulnerability exists in the way that the scrip ...)
NOT-FOR-US: Microsoft
CVE-2019-0987
- RESERVED
+ REJECTED
CVE-2019-0986 (An elevation of privilege vulnerability exists when the Windows User P ...)
NOT-FOR-US: Microsoft
CVE-2019-0985 (A remote code execution vulnerability exists when the Microsoft Speech ...)
@@ -72572,7 +72605,7 @@ CVE-2019-0980 (A denial of service vulnerability exists when .NET Framework or .
CVE-2019-0979 (A Cross-site Scripting (XSS) vulnerability exists when Azure DevOps Se ...)
NOT-FOR-US: Microsoft
CVE-2019-0978
- RESERVED
+ REJECTED
CVE-2019-0977 (An information disclosure vulnerability exists when the Windows GDI co ...)
NOT-FOR-US: Microsoft
CVE-2019-0976 (A tampering vulnerability exists in the NuGet Package Manager for Linu ...)
@@ -72591,19 +72624,19 @@ CVE-2019-0972 (This security update corrects a denial of service in the Local Se
CVE-2019-0971 (An information disclosure vulnerability exists when Azure DevOps Serve ...)
NOT-FOR-US: Microsoft
CVE-2019-0970
- RESERVED
+ REJECTED
CVE-2019-0969
- RESERVED
+ REJECTED
CVE-2019-0968 (An information disclosure vulnerability exists when the Windows GDI co ...)
NOT-FOR-US: Microsoft
CVE-2019-0967
- RESERVED
+ REJECTED
CVE-2019-0966 (A denial of service vulnerability exists when Microsoft Hyper-V on a h ...)
NOT-FOR-US: Microsoft
CVE-2019-0965 (A remote code execution vulnerability exists when Windows Hyper-V on a ...)
NOT-FOR-US: Microsoft
CVE-2019-0964
- RESERVED
+ REJECTED
CVE-2019-0963 (A cross-site-scripting (XSS) vulnerability exists when Microsoft Share ...)
NOT-FOR-US: Microsoft
CVE-2019-0962 (An elevation of privilege vulnerability exists in Azure Automation "Ru ...)
@@ -72621,9 +72654,9 @@ CVE-2019-0957 (An elevation of privilege vulnerability exists when Microsoft Sha
CVE-2019-0956 (An information disclosure vulnerability exists when Microsoft SharePoi ...)
NOT-FOR-US: Microsoft
CVE-2019-0955
- RESERVED
+ REJECTED
CVE-2019-0954
- RESERVED
+ REJECTED
CVE-2019-0953 (A remote code execution vulnerability exists in Microsoft Word softwar ...)
NOT-FOR-US: Microsoft
CVE-2019-0952 (A remote code execution vulnerability exists in Microsoft SharePoint S ...)
@@ -72643,7 +72676,7 @@ CVE-2019-0946 (A remote code execution vulnerability exists when the Microsoft O
CVE-2019-0945 (A remote code execution vulnerability exists when the Microsoft Office ...)
NOT-FOR-US: Microsoft
CVE-2019-0944
- RESERVED
+ REJECTED
CVE-2019-0943 (An elevation of privilege vulnerability exists when Windows improperly ...)
NOT-FOR-US: Microsoft
CVE-2019-0942 (An elevation of privilege vulnerability exists in the Unified Write Fi ...)
@@ -72653,7 +72686,7 @@ CVE-2019-0941 (A denial of service exists in Microsoft IIS Server when the optio
CVE-2019-0940 (A remote code execution vulnerability exists in the way that Microsoft ...)
NOT-FOR-US: Microsoft
CVE-2019-0939
- RESERVED
+ REJECTED
CVE-2019-0938 (An elevation of privilege vulnerability exists in Microsoft Edge that ...)
NOT-FOR-US: Microsoft
CVE-2019-0937 (A remote code execution vulnerability exists in the way that the Chakr ...)
@@ -72661,9 +72694,9 @@ CVE-2019-0937 (A remote code execution vulnerability exists in the way that the
CVE-2019-0936 (An elevation of privilege vulnerability exists in Microsoft Windows wh ...)
NOT-FOR-US: Microsoft
CVE-2019-0935
- RESERVED
+ REJECTED
CVE-2019-0934
- RESERVED
+ REJECTED
CVE-2019-0933 (A remote code execution vulnerability exists in the way that the Chakr ...)
NOT-FOR-US: Microsoft
CVE-2019-0932 (An information disclosure vulnerability exists in Skype for Android, a ...)
@@ -72693,7 +72726,7 @@ CVE-2019-0921 (An spoofing vulnerability exists when Internet Explorer improperl
CVE-2019-0920 (A remote code execution vulnerability exists in the way the scripting ...)
NOT-FOR-US: Microsoft
CVE-2019-0919
- RESERVED
+ REJECTED
CVE-2019-0918 (A remote code execution vulnerability exists in the way the scripting ...)
NOT-FOR-US: Microsoft
CVE-2019-0917 (A remote code execution vulnerability exists in the way that the Chakr ...)
@@ -72711,7 +72744,7 @@ CVE-2019-0912 (A remote code execution vulnerability exists in the way that the
CVE-2019-0911 (A remote code execution vulnerability exists in the way the scripting ...)
NOT-FOR-US: Microsoft
CVE-2019-0910
- RESERVED
+ REJECTED
CVE-2019-0909 (A remote code execution vulnerability exists when the Windows Jet Data ...)
NOT-FOR-US: Microsoft
CVE-2019-0908 (A remote code execution vulnerability exists when the Windows Jet Data ...)
@@ -72765,7 +72798,7 @@ CVE-2019-0885 (A remote code execution vulnerability exists when Microsoft Windo
CVE-2019-0884 (A remote code execution vulnerability exists in the way the scripting ...)
NOT-FOR-US: Microsoft
CVE-2019-0883
- RESERVED
+ REJECTED
CVE-2019-0882 (An information disclosure vulnerability exists when the Windows GDI co ...)
NOT-FOR-US: Microsoft
CVE-2019-0881 (An elevation of privilege vulnerability exists when the Windows Kernel ...)
@@ -72775,7 +72808,7 @@ CVE-2019-0880 (A local elevation of privilege vulnerability exists in how splwow
CVE-2019-0879 (A remote code execution vulnerability exists when the Windows Jet Data ...)
NOT-FOR-US: Microsoft
CVE-2019-0878
- RESERVED
+ REJECTED
CVE-2019-0877 (A remote code execution vulnerability exists when the Windows Jet Data ...)
NOT-FOR-US: Microsoft
CVE-2019-0876 (An information disclosure vulnerability exists when affected Open Encl ...)
@@ -72785,7 +72818,7 @@ CVE-2019-0875 (An elevation of privilege vulnerability exists when Azure DevOps
CVE-2019-0874 (A Cross-site Scripting (XSS) vulnerability exists when Azure DevOps Se ...)
NOT-FOR-US: Microsoft
CVE-2019-0873
- RESERVED
+ REJECTED
CVE-2019-0872 (A Cross-site Scripting (XSS) vulnerability exists when Azure DevOps Se ...)
NOT-FOR-US: Microsoft
CVE-2019-0871 (A Cross-site Scripting (XSS) vulnerability exists when Azure DevOps Se ...)
@@ -72821,17 +72854,17 @@ CVE-2019-0857 (A spoofing vulnerability that could allow a security feature bypa
CVE-2019-0856 (A remote code execution vulnerability exists when Windows improperly h ...)
NOT-FOR-US: Microsoft Windows
CVE-2019-0855
- RESERVED
+ REJECTED
CVE-2019-0854
- RESERVED
+ REJECTED
CVE-2019-0853 (A remote code execution vulnerability exists in the way that the Windo ...)
NOT-FOR-US: Microsoft
CVE-2019-0852
- RESERVED
+ REJECTED
CVE-2019-0851 (A remote code execution vulnerability exists when the Windows Jet Data ...)
NOT-FOR-US: Microsoft
CVE-2019-0850
- RESERVED
+ REJECTED
CVE-2019-0849 (An information disclosure vulnerability exists when the Windows GDI co ...)
NOT-FOR-US: Microsoft
CVE-2019-0848 (An information disclosure vulnerability exists when the win32k compone ...)
@@ -72845,7 +72878,7 @@ CVE-2019-0845 (A remote code execution vulnerability exists when the IOleCvt int
CVE-2019-0844 (An information disclosure vulnerability exists when the Windows kernel ...)
NOT-FOR-US: Microsoft Windows
CVE-2019-0843
- RESERVED
+ REJECTED
CVE-2019-0842 (A remote code execution vulnerability exists in the way that the VBScr ...)
NOT-FOR-US: Microsoft
CVE-2019-0841 (An elevation of privilege vulnerability exists when Windows AppX Deplo ...)
@@ -72863,11 +72896,11 @@ CVE-2019-0836 (An elevation of privilege vulnerability exists when Windows impro
CVE-2019-0835 (An information disclosure vulnerability exists when the scripting engi ...)
NOT-FOR-US: Microsoft
CVE-2019-0834
- RESERVED
+ REJECTED
CVE-2019-0833 (An information disclosure vulnerability exists when Microsoft Edge imp ...)
NOT-FOR-US: Microsoft
CVE-2019-0832
- RESERVED
+ REJECTED
CVE-2019-0831 (A cross-site-scripting (XSS) vulnerability exists when Microsoft Share ...)
NOT-FOR-US: Microsoft
CVE-2019-0830 (A cross-site-scripting (XSS) vulnerability exists when Microsoft Share ...)
@@ -72895,7 +72928,7 @@ CVE-2019-0820 (A denial of service vulnerability exists when .NET Framework and
CVE-2019-0819 (An information disclosure vulnerability exists in Microsoft SQL Server ...)
NOT-FOR-US: Microsoft
CVE-2019-0818
- RESERVED
+ REJECTED
CVE-2019-0817 (A spoofing vulnerability exists in Microsoft Exchange Server when Outl ...)
NOT-FOR-US: Microsoft
CVE-2019-0816 (A security feature bypass exists in Azure SSH Keypairs, due to a chang ...)
@@ -72921,7 +72954,7 @@ CVE-2019-0809 (A remote code execution vulnerability exists when the Visual Stud
CVE-2019-0808 (An elevation of privilege vulnerability exists in Windows when the Win ...)
NOT-FOR-US: Microsoft Windows
CVE-2019-0807
- RESERVED
+ REJECTED
CVE-2019-0806 (A remote code execution vulnerability exists in the way that the Chakr ...)
NOT-FOR-US: Microsoft
CVE-2019-0805 (An elevation of privilege vulnerability exists when Windows improperly ...)
@@ -72936,9 +72969,9 @@ CVE-2019-0802 (An information disclosure vulnerability exists when the Windows G
CVE-2019-0801 (A remote code execution vulnerability exists when Microsoft Office fai ...)
NOT-FOR-US: Microsoft
CVE-2019-0800
- RESERVED
+ REJECTED
CVE-2019-0799
- RESERVED
+ REJECTED
CVE-2019-0798 (A spoofing vulnerability exists when a Lync Server or Skype for Busine ...)
NOT-FOR-US: Microsoft
CVE-2019-0797 (An elevation of privilege vulnerability exists in Windows when the Win ...)
@@ -72958,7 +72991,7 @@ CVE-2019-0791 (A remote code execution vulnerability exists when the Microsoft X
CVE-2019-0790 (A remote code execution vulnerability exists when the Microsoft XML Co ...)
NOT-FOR-US: Microsoft
CVE-2019-0789
- RESERVED
+ REJECTED
CVE-2019-0788 (A remote code execution vulnerability exists in the Windows Remote Des ...)
NOT-FOR-US: Microsoft
CVE-2019-0787 (A remote code execution vulnerability exists in the Windows Remote Des ...)
@@ -72974,7 +73007,7 @@ CVE-2019-0783 (A remote code execution vulnerability exists in the way that the
CVE-2019-0782 (An information disclosure vulnerability exists when the Windows kernel ...)
NOT-FOR-US: Microsoft Windows
CVE-2019-0781
- RESERVED
+ REJECTED
CVE-2019-0780 (A remote code execution vulnerability exists in the way that Microsoft ...)
NOT-FOR-US: Microsoft
CVE-2019-0779 (A remote code execution vulnerability exists when Microsoft Edge impro ...)
@@ -73016,7 +73049,7 @@ CVE-2019-0762 (A security feature bypass vulnerability exists when Microsoft bro
CVE-2019-0761 (A security feature bypass vulnerability exists when Internet Explorer ...)
NOT-FOR-US: Microsoft
CVE-2019-0760
- RESERVED
+ REJECTED
CVE-2019-0759 (An information disclosure vulnerability exists when the Windows Print ...)
NOT-FOR-US: Microsoft
CVE-2019-0758 (An information disclosure vulnerability exists when the Windows GDI co ...)
@@ -73038,21 +73071,21 @@ CVE-2019-0753 (A remote code execution vulnerability exists in the way that the
CVE-2019-0752 (A remote code execution vulnerability exists in the way that the scrip ...)
NOT-FOR-US: Microsoft
CVE-2019-0751
- RESERVED
+ REJECTED
CVE-2019-0750
- RESERVED
+ REJECTED
CVE-2019-0749
- RESERVED
+ REJECTED
CVE-2019-0748 (A remote code execution vulnerability exists when the Microsoft Office ...)
NOT-FOR-US: Microsoft
CVE-2019-0747
- RESERVED
+ REJECTED
CVE-2019-0746 (An information disclosure vulnerability exists when the scripting engi ...)
NOT-FOR-US: Microsoft
CVE-2019-0745
- RESERVED
+ REJECTED
CVE-2019-0744
- RESERVED
+ REJECTED
CVE-2019-0743 (A Cross-site Scripting (XSS) vulnerability exists when Team Foundation ...)
NOT-FOR-US: Microsoft Team Foundation Server
CVE-2019-0742 (A Cross-site Scripting (XSS) vulnerability exists when Team Foundation ...)
@@ -73060,13 +73093,13 @@ CVE-2019-0742 (A Cross-site Scripting (XSS) vulnerability exists when Team Found
CVE-2019-0741 (An information disclosure vulnerability exists in the way Azure IoT Ja ...)
NOT-FOR-US: Microsoft
CVE-2019-0740
- RESERVED
+ REJECTED
CVE-2019-0739 (A remote code execution vulnerability exists in the way that the scrip ...)
NOT-FOR-US: Microsoft
CVE-2019-0738
- RESERVED
+ REJECTED
CVE-2019-0737
- RESERVED
+ REJECTED
CVE-2019-0736 (A memory corruption vulnerability exists in the Windows DHCP client wh ...)
NOT-FOR-US: Microsoft
CVE-2019-0735 (An elevation of privilege vulnerability exists when the Windows Client ...)
@@ -73128,9 +73161,9 @@ CVE-2019-0708 (A remote code execution vulnerability exists in Remote Desktop Se
CVE-2019-0707 (An elevation of privilege vulnerability exists in the Network Driver I ...)
NOT-FOR-US: Microsoft
CVE-2019-0706
- RESERVED
+ REJECTED
CVE-2019-0705
- RESERVED
+ REJECTED
CVE-2019-0704 (An information disclosure vulnerability exists in the way that the Win ...)
NOT-FOR-US: Windows SMB Server
CVE-2019-0703 (An information disclosure vulnerability exists in the way that the Win ...)
@@ -73140,9 +73173,9 @@ CVE-2019-0702 (An information disclosure vulnerability exists when the Windows k
CVE-2019-0701 (A denial of service vulnerability exists when Microsoft Hyper-V on a h ...)
NOT-FOR-US: Microsoft
CVE-2019-0700
- RESERVED
+ REJECTED
CVE-2019-0699
- RESERVED
+ REJECTED
CVE-2019-0698 (A memory corruption vulnerability exists in the Windows DHCP client wh ...)
NOT-FOR-US: Microsoft
CVE-2019-0697 (A memory corruption vulnerability exists in the Windows DHCP client wh ...)
@@ -73158,7 +73191,7 @@ CVE-2019-0693 (An elevation of privilege vulnerability exists due to an integer
CVE-2019-0692 (An elevation of privilege vulnerability exists due to an integer overf ...)
NOT-FOR-US: Microsoft Windows Subsystem for Linux
CVE-2019-0691
- RESERVED
+ REJECTED
CVE-2019-0690 (A denial of service vulnerability exists when Microsoft Hyper-V Networ ...)
NOT-FOR-US: Microsoft
CVE-2019-0689 (An elevation of privilege vulnerability exists due to an integer overf ...)
@@ -73166,27 +73199,27 @@ CVE-2019-0689 (An elevation of privilege vulnerability exists due to an integer
CVE-2019-0688 (An information disclosure vulnerability exists when the Windows TCP/IP ...)
NOT-FOR-US: Microsoft Windows
CVE-2019-0687
- RESERVED
+ REJECTED
CVE-2019-0686 (An elevation of privilege vulnerability exists in Microsoft Exchange S ...)
NOT-FOR-US: Microsoft
CVE-2019-0685 (An elevation of privilege vulnerability exists in Windows when the Win ...)
NOT-FOR-US: Microsoft Windows
CVE-2019-0684
- RESERVED
+ REJECTED
CVE-2019-0683 (An elevation of privilege vulnerability exists in Active Directory For ...)
NOT-FOR-US: Microsoft
CVE-2019-0682 (An elevation of privilege vulnerability exists due to an integer overf ...)
NOT-FOR-US: Microsoft Windows Subsystem for Linux
CVE-2019-0681
- RESERVED
+ REJECTED
CVE-2019-0680 (A remote code execution vulnerability exists in the way that the scrip ...)
NOT-FOR-US: Microsoft
CVE-2019-0679
- RESERVED
+ REJECTED
CVE-2019-0678 (An elevation of privilege vulnerability exists when Microsoft Edge doe ...)
NOT-FOR-US: Microsoft
CVE-2019-0677
- RESERVED
+ REJECTED
CVE-2019-0676 (An information disclosure vulnerability exists when Internet Explorer ...)
NOT-FOR-US: Microsoft
CVE-2019-0675 (A remote code execution vulnerability exists when the Microsoft Office ...)
@@ -73234,7 +73267,7 @@ CVE-2019-0655 (A remote code execution vulnerability exists in the way that the
CVE-2019-0654 (A spoofing vulnerability exists when Microsoft browsers improperly han ...)
NOT-FOR-US: Microsoft
CVE-2019-0653
- RESERVED
+ REJECTED
CVE-2019-0652 (A remote code execution vulnerability exists in the way that the scrip ...)
NOT-FOR-US: Microsoft
CVE-2019-0651 (A remote code execution vulnerability exists in the way that the scrip ...)
@@ -73264,7 +73297,7 @@ CVE-2019-0640 (A remote code execution vulnerability exists in the way that the
CVE-2019-0639 (A remote code execution vulnerability exists in the way that the Chakr ...)
NOT-FOR-US: Microsoft
CVE-2019-0638
- RESERVED
+ REJECTED
CVE-2019-0637 (A security feature bypass vulnerability exists when Windows Defender F ...)
NOT-FOR-US: Microsoft
CVE-2019-0636 (An information vulnerability exists when Windows improperly discloses ...)
@@ -73282,7 +73315,7 @@ CVE-2019-0631 (A security feature bypass vulnerability exists in Windows which c
CVE-2019-0630 (A remote code execution vulnerability exists in the way that the Micro ...)
NOT-FOR-US: Microsoft
CVE-2019-0629
- RESERVED
+ REJECTED
CVE-2019-0628 (An information disclosure vulnerability exists when the win32k compone ...)
NOT-FOR-US: Microsoft
CVE-2019-0627 (A security feature bypass vulnerability exists in Windows which could ...)
@@ -73362,11 +73395,11 @@ CVE-2019-0591 (A remote code execution vulnerability exists in the way that the
CVE-2019-0590 (A remote code execution vulnerability exists in the way that the scrip ...)
NOT-FOR-US: Microsoft
CVE-2019-0589
- RESERVED
+ REJECTED
CVE-2019-0588 (An information disclosure vulnerability exists when the Microsoft Exch ...)
NOT-FOR-US: Microsoft
CVE-2019-0587
- RESERVED
+ REJECTED
CVE-2019-0586 (A remote code execution vulnerability exists in Microsoft Exchange sof ...)
NOT-FOR-US: Microsoft
CVE-2019-0585 (A remote code execution vulnerability exists in Microsoft Word softwar ...)
@@ -73414,7 +73447,7 @@ CVE-2019-0565 (A remote code execution vulnerability exists when Microsoft Edge
CVE-2019-0564 (A denial of service vulnerability exists when ASP.NET Core improperly ...)
NOT-FOR-US: .NET core
CVE-2019-0563
- RESERVED
+ REJECTED
CVE-2019-0562 (An elevation of privilege vulnerability exists when Microsoft SharePoi ...)
NOT-FOR-US: Microsoft
CVE-2019-0561 (An information disclosure vulnerability exists when Microsoft Word mac ...)
@@ -73452,10 +73485,11 @@ CVE-2019-0546 (A remote code execution vulnerability exists in Visual Studio whe
CVE-2019-0545 (An information disclosure vulnerability exists in .NET Framework and . ...)
NOT-FOR-US: .NET core
CVE-2019-0544
- RESERVED
+ REJECTED
CVE-2019-0543 (An elevation of privilege vulnerability exists when Windows improperly ...)
NOT-FOR-US: Microsoft
-CVE-2019-0542 (A remote code execution vulnerability exists in Xterm.js when the comp ...)
+CVE-2019-0542
+ REJECTED
- node-xterm <unfixed> (unimportant; bug #926670)
NOTE: nodejs not covered by security support
CVE-2019-0541 (A remote code execution vulnerability exists in the way that the MSHTM ...)
@@ -103813,8 +103847,8 @@ CVE-2018-8656
RESERVED
CVE-2018-8655
RESERVED
-CVE-2018-8654
- RESERVED
+CVE-2018-8654 (An elevation of privilege vulnerability exists in Microsoft Dynamics 3 ...)
+ TODO: check
CVE-2018-8653 (A remote code execution vulnerability exists in the way that the scrip ...)
NOT-FOR-US: Microsoft Internet Explorer
CVE-2018-8652 (A Cross-site Scripting (XSS) vulnerability exists when Windows Azure P ...)
@@ -233425,45 +233459,39 @@ CVE-2015-1205 (Multiple unspecified vulnerabilities in Google Chrome before 40.0
[squeeze] - chromium-browser <end-of-life>
NOTE: See CVE-2014-9654 for the bug in src:icu
CVE-2015-1203 [stack allocation with an attacker-controlled size -- modules/access/ftp.c]
- RESERVED
+ REJECTED
NOTE: VLC issue disputed by upstream, see bug #775866
CVE-2015-1202 [stack allocation with an attacker-controlled size -- modules/services_discovery/sap.c]
- RESERVED
+ REJECTED
NOTE: VLC issue disputed by upstream, see bug #775866
CVE-2015-1201 (Privoxy before 3.0.22 allows remote attackers to cause a denial of ser ...)
NOT-FOR-US: Bogus entry for Privoxy picked from Secunia
-CVE-2014-9630 [Invalid memory access in rtp code]
- RESERVED
+CVE-2014-9630 (The rtp_packetize_xiph_config function in modules/stream_out/rtpfmt.c ...)
{DSA-3150-1}
- vlc 2.2.0~rc2-2 (bug #775866)
[squeeze] - vlc <end-of-life> (Unsupported in squeeze-lts)
NOTE: https://github.com/videolan/vlc/commit/204291467724867b79735c0ee3aeb0dbc2200f97
-CVE-2014-9629 [integer overflow with resultant buffer overflow]
- RESERVED
+CVE-2014-9629 (Integer overflow in the Encode function in modules/codec/schroedinger. ...)
{DSA-3150-1}
- vlc 2.2.0~rc2-2 (bug #775866)
[squeeze] - vlc <end-of-life> (Unsupported in squeeze-lts)
NOTE: https://github.com/videolan/vlc/commit/9bb0353a5c63a7f8c6fc853faa3df4b4df1f5eb5
-CVE-2014-9628 [attacker-triggered zero-size malloc with resultant buffer overflow]
- RESERVED
+CVE-2014-9628 (The MP4_ReadBox_String function in modules/demux/mp4/libmp4.c in Video ...)
{DSA-3150-1}
- vlc 2.2.0~rc2-2 (bug #775866)
[squeeze] - vlc <end-of-life> (Unsupported in squeeze-lts)
NOTE: https://github.com/videolan/vlc/commit/2e7c7091a61aa5d07e7997b393d821e91f593c39
-CVE-2014-9627 [integer truncation on 32-bit platforms]
- RESERVED
+CVE-2014-9627 (The MP4_ReadBox_String function in modules/demux/mp4/libmp4.c in Video ...)
{DSA-3150-1}
- vlc 2.2.0~rc2-2 (bug #775866)
[squeeze] - vlc <end-of-life> (Unsupported in squeeze-lts)
NOTE: https://github.com/videolan/vlc/commit/2e7c7091a61aa5d07e7997b393d821e91f593c39
-CVE-2014-9626 [integer underflow]
- RESERVED
+CVE-2014-9626 (Integer underflow in the MP4_ReadBox_String function in modules/demux/ ...)
{DSA-3150-1}
- vlc 2.2.0~rc2-2 (bug #775866)
[squeeze] - vlc <end-of-life> (Unsupported in squeeze-lts)
NOTE: https://github.com/videolan/vlc/commit/2e7c7091a61aa5d07e7997b393d821e91f593c39
-CVE-2014-9625 [Buffer overflow in updater]
- RESERVED
+CVE-2014-9625 (The GetUpdateFile function in misc/update.c in the Updater in VideoLAN ...)
- vlc <not-affected> (Update mechanism not enabled in the Debian package)
[squeeze] - vlc <end-of-life> (Unsupported in squeeze-lts)
NOTE: https://github.com/videolan/vlc/commit/fbe2837bc80f155c001781041a54c58b5524fc14
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/815307295c5548c28fa04be8071c672e59305b96
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/815307295c5548c28fa04be8071c672e59305b96
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20200125/39ab994a/attachment-0001.html>
More information about the debian-security-tracker-commits
mailing list