Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
fe41a4a5 by security tracker role at 2021-06-09T08:10:28+00:00
automatic update
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,20 +1,65 @@
+CVE-2021-34362
+ RESERVED
+CVE-2021-34361
+ RESERVED
+CVE-2021-34360
+ RESERVED
+CVE-2021-34359
+ RESERVED
+CVE-2021-34358
+ RESERVED
+CVE-2021-34357
+ RESERVED
+CVE-2021-34356
+ RESERVED
+CVE-2021-34355
+ RESERVED
+CVE-2021-34354
+ RESERVED
+CVE-2021-34353
+ RESERVED
+CVE-2021-34352
+ RESERVED
+CVE-2021-34351
+ RESERVED
+CVE-2021-34350
+ RESERVED
+CVE-2021-34349
+ RESERVED
+CVE-2021-34348
+ RESERVED
+CVE-2021-34347
+ RESERVED
+CVE-2021-34346
+ RESERVED
+CVE-2021-34345
+ RESERVED
+CVE-2021-34344
+ RESERVED
+CVE-2021-34343
+ RESERVED
CVE-2022-20001
RESERVED
CVE-2021-3588
RESERVED
CVE-2021-34342
+ RESERVED
- ming <removed>
NOTE: https://github.com/libming/libming/issues/205
CVE-2021-34341
+ RESERVED
- ming <removed>
NOTE: https://github.com/libming/libming/issues/204
CVE-2021-34340
+ RESERVED
- ming <removed>
NOTE: https://github.com/libming/libming/issues/203
CVE-2021-34339
+ RESERVED
- ming <removed>
NOTE: https://github.com/libming/libming/issues/202
CVE-2021-34338
+ RESERVED
- ming <removed>
NOTE: https://github.com/libming/libming/issues/201
CVE-2021-34337
@@ -1304,14 +1349,14 @@ CVE-2021-33744
RESERVED
CVE-2021-33743
RESERVED
-CVE-2021-33742
- RESERVED
-CVE-2021-33741
- RESERVED
+CVE-2021-33742 (Windows MSHTML Platform Remote Code Execution Vulnerability
...)
+ TODO: check
+CVE-2021-33741 (Microsoft Edge (Chromium-based) Elevation of Privilege
Vulnerability ...)
+ TODO: check
CVE-2021-33740
RESERVED
-CVE-2021-33739
- RESERVED
+CVE-2021-33739 (Microsoft DWM Core Library Elevation of Privilege
Vulnerability ...)
+ TODO: check
CVE-2020-36381
RESERVED
CVE-2020-36380
@@ -1410,8 +1455,8 @@ CVE-2021-33714
RESERVED
CVE-2021-33713
RESERVED
-CVE-2021-33712
- RESERVED
+CVE-2021-33712 (A vulnerability has been identified in Mendix SAML Module (All
version ...)
+ TODO: check
CVE-2021-33711
RESERVED
CVE-2021-33710
@@ -5376,102 +5421,102 @@ CVE-2021-31987
RESERVED
CVE-2021-31986
RESERVED
-CVE-2021-31985
- RESERVED
+CVE-2021-31985 (Microsoft Defender Remote Code Execution Vulnerability ...)
+ TODO: check
CVE-2021-31984
RESERVED
-CVE-2021-31983
- RESERVED
+CVE-2021-31983 (Paint 3D Remote Code Execution Vulnerability This CVE ID is
unique fro ...)
+ TODO: check
CVE-2021-31982
RESERVED
CVE-2021-31981
RESERVED
-CVE-2021-31980
- RESERVED
+CVE-2021-31980 (Microsoft Intune Management Extension Remote Code Execution
Vulnerabil ...)
+ TODO: check
CVE-2021-31979
RESERVED
-CVE-2021-31978
- RESERVED
-CVE-2021-31977
- RESERVED
-CVE-2021-31976
- RESERVED
-CVE-2021-31975
- RESERVED
-CVE-2021-31974
- RESERVED
-CVE-2021-31973
- RESERVED
-CVE-2021-31972
- RESERVED
-CVE-2021-31971
- RESERVED
-CVE-2021-31970
- RESERVED
-CVE-2021-31969
- RESERVED
-CVE-2021-31968
- RESERVED
-CVE-2021-31967
- RESERVED
-CVE-2021-31966
- RESERVED
-CVE-2021-31965
- RESERVED
-CVE-2021-31964
- RESERVED
-CVE-2021-31963
- RESERVED
-CVE-2021-31962
- RESERVED
+CVE-2021-31978 (Microsoft Defender Denial of Service Vulnerability ...)
+ TODO: check
+CVE-2021-31977 (Windows Hyper-V Denial of Service Vulnerability ...)
+ TODO: check
+CVE-2021-31976 (Server for NFS Information Disclosure Vulnerability This CVE
ID is uni ...)
+ TODO: check
+CVE-2021-31975 (Server for NFS Information Disclosure Vulnerability This CVE
ID is uni ...)
+ TODO: check
+CVE-2021-31974 (Server for NFS Denial of Service Vulnerability ...)
+ TODO: check
+CVE-2021-31973 (Windows GPSVC Elevation of Privilege Vulnerability ...)
+ TODO: check
+CVE-2021-31972 (Event Tracing for Windows Information Disclosure Vulnerability
...)
+ TODO: check
+CVE-2021-31971 (Windows HTML Platform Security Feature Bypass Vulnerability
...)
+ TODO: check
+CVE-2021-31970 (Windows TCP/IP Driver Security Feature Bypass Vulnerability
...)
+ TODO: check
+CVE-2021-31969 (Windows Cloud Files Mini Filter Driver Elevation of Privilege
Vulnerab ...)
+ TODO: check
+CVE-2021-31968 (Windows Remote Desktop Services Denial of Service
Vulnerability ...)
+ TODO: check
+CVE-2021-31967 (VP9 Video Extensions Remote Code Execution Vulnerability ...)
+ TODO: check
+CVE-2021-31966 (Microsoft SharePoint Server Remote Code Execution
Vulnerability This C ...)
+ TODO: check
+CVE-2021-31965 (Microsoft SharePoint Server Information Disclosure
Vulnerability ...)
+ TODO: check
+CVE-2021-31964 (Microsoft SharePoint Server Spoofing Vulnerability This CVE ID
is uniq ...)
+ TODO: check
+CVE-2021-31963 (Microsoft SharePoint Server Remote Code Execution
Vulnerability This C ...)
+ TODO: check
+CVE-2021-31962 (Kerberos AppContainer Security Feature Bypass Vulnerability
...)
+ TODO: check
CVE-2021-31961
RESERVED
-CVE-2021-31960
- RESERVED
-CVE-2021-31959
- RESERVED
-CVE-2021-31958
- RESERVED
-CVE-2021-31957
- RESERVED
-CVE-2021-31956
- RESERVED
-CVE-2021-31955
- RESERVED
-CVE-2021-31954
- RESERVED
-CVE-2021-31953
- RESERVED
-CVE-2021-31952
- RESERVED
-CVE-2021-31951
- RESERVED
-CVE-2021-31950
- RESERVED
-CVE-2021-31949
- RESERVED
-CVE-2021-31948
- RESERVED
+CVE-2021-31960 (Windows Bind Filter Driver Information Disclosure
Vulnerability ...)
+ TODO: check
+CVE-2021-31959 (Scripting Engine Memory Corruption Vulnerability ...)
+ TODO: check
+CVE-2021-31958 (Windows NTLM Elevation of Privilege Vulnerability ...)
+ TODO: check
+CVE-2021-31957 (ASP.NET Denial of Service Vulnerability ...)
+ TODO: check
+CVE-2021-31956 (Windows NTFS Elevation of Privilege Vulnerability ...)
+ TODO: check
+CVE-2021-31955 (Windows Kernel Information Disclosure Vulnerability ...)
+ TODO: check
+CVE-2021-31954 (Windows Common Log File System Driver Elevation of Privilege
Vulnerabi ...)
+ TODO: check
+CVE-2021-31953 (Windows Filter Manager Elevation of Privilege Vulnerability
...)
+ TODO: check
+CVE-2021-31952 (Windows Kernel-Mode Driver Elevation of Privilege
Vulnerability ...)
+ TODO: check
+CVE-2021-31951 (Windows Kernel Elevation of Privilege Vulnerability ...)
+ TODO: check
+CVE-2021-31950 (Microsoft SharePoint Server Spoofing Vulnerability This CVE ID
is uniq ...)
+ TODO: check
+CVE-2021-31949 (Microsoft Outlook Remote Code Execution Vulnerability ...)
+ TODO: check
+CVE-2021-31948 (Microsoft SharePoint Server Spoofing Vulnerability This CVE ID
is uniq ...)
+ TODO: check
CVE-2021-31947
RESERVED
-CVE-2021-31946
- RESERVED
-CVE-2021-31945
- RESERVED
-CVE-2021-31944
- RESERVED
-CVE-2021-31943
- RESERVED
-CVE-2021-31942
- RESERVED
-CVE-2021-31941
- RESERVED
-CVE-2021-31940
- RESERVED
-CVE-2021-31939
- RESERVED
-CVE-2021-31938
- RESERVED
+CVE-2021-31946 (Paint 3D Remote Code Execution Vulnerability This CVE ID is
unique fro ...)
+ TODO: check
+CVE-2021-31945 (Paint 3D Remote Code Execution Vulnerability This CVE ID is
unique fro ...)
+ TODO: check
+CVE-2021-31944 (3D Viewer Information Disclosure Vulnerability ...)
+ TODO: check
+CVE-2021-31943 (3D Viewer Remote Code Execution Vulnerability This CVE ID is
unique fr ...)
+ TODO: check
+CVE-2021-31942 (3D Viewer Remote Code Execution Vulnerability This CVE ID is
unique fr ...)
+ TODO: check
+CVE-2021-31941 (Microsoft Office Graphics Remote Code Execution Vulnerability
This CVE ...)
+ TODO: check
+CVE-2021-31940 (Microsoft Office Graphics Remote Code Execution Vulnerability
This CVE ...)
+ TODO: check
+CVE-2021-31939 (Microsoft Excel Remote Code Execution Vulnerability ...)
+ TODO: check
+CVE-2021-31938 (Microsoft VsCode Kubernetes Tools Extension Elevation of
Privilege Vul ...)
+ TODO: check
CVE-2021-31937
RESERVED
CVE-2021-31936 (Microsoft Accessibility Insights for Web Information
Disclosure Vulner ...)
@@ -5941,8 +5986,7 @@ CVE-2021-31808 (An issue was discovered in Squid before
4.15 and 5.x before 5.0.
NOTE: https://bugzilla.suse.com/show_bug.cgi?id=1185916
NOTE:
https://github.com/squid-cache/squid/security/advisories/GHSA-pxwq-f3qr-w2xf
NOTE:
http://www.squid-cache.org/Versions/v4/changesets/squid-4-e7cf864f938f24eea8af0692c04d16790983c823.patch
-CVE-2021-31807
- RESERVED
+CVE-2021-31807 (An issue was discovered in Squid before 4.15 and 5.x before
5.0.6. An ...)
{DSA-4924-1}
- squid 4.13-10 (bug #989043)
- squid3 <removed>
@@ -7018,14 +7062,14 @@ CVE-2021-31345
RESERVED
CVE-2021-31344
RESERVED
-CVE-2021-31343
- RESERVED
-CVE-2021-31342
- RESERVED
+CVE-2021-31343 (A vulnerability has been identified in Solid Edge SE2020 (All
Versions ...)
+ TODO: check
+CVE-2021-31342 (A vulnerability has been identified in Solid Edge SE2020 (All
Versions ...)
+ TODO: check
CVE-2021-31341 (Uploading a table mapping using a manipulated XML file results
in an e ...)
NOT-FOR-US: Mendix Database Replication
-CVE-2021-31340
- RESERVED
+CVE-2021-31340 (A vulnerability has been identified in SIMATIC RF166C (All
versions &g ...)
+ TODO: check
CVE-2021-31339 (A vulnerability has been identified in Mendix Excel Importer
Module (A ...)
NOT-FOR-US: Mendix Excel Importer Module
CVE-2021-31338
@@ -7335,12 +7379,12 @@ CVE-2021-31203
RESERVED
CVE-2021-31202
RESERVED
-CVE-2021-31201
- RESERVED
+CVE-2021-31201 (Microsoft Enhanced Cryptographic Provider Elevation of
Privilege Vulne ...)
+ TODO: check
CVE-2021-31200 (Common Utilities Remote Code Execution Vulnerability ...)
NOT-FOR-US: Microsoft
-CVE-2021-31199
- RESERVED
+CVE-2021-31199 (Microsoft Enhanced Cryptographic Provider Elevation of
Privilege Vulne ...)
+ TODO: check
CVE-2021-31198 (Microsoft Exchange Server Remote Code Execution Vulnerability
This CVE ...)
NOT-FOR-US: Microsoft
CVE-2021-31197
@@ -14574,8 +14618,8 @@ CVE-2021-28170 (In the Jakarta Expression Language
implementation 3.0.3 and earl
NOTE: https://github.com/eclipse-ee4j/el-ri/issues/155
NOTE:
https://securitylab.github.com/advisories/GHSL-2020-021-jakarta-el/
NOTE: Only affects the EL reference implementation which isn't built
into the binary packages
-CVE-2021-28169
- RESERVED
+CVE-2021-28169 (For Eclipse Jetty versions <= 9.4.40, <= 10.0.2, <=
11.0.2, i ...)
+ TODO: check
CVE-2021-28168 (Eclipse Jersey 2.28 to 2.33 and Eclipse Jersey 3.0.0 to 3.0.1
contains ...)
NOT-FOR-US: Eclipse Jersey
CVE-2021-28167 (In Eclipse Openj9 to version 0.25.0, usage of the
jdk.internal.reflect ...)
@@ -16464,8 +16508,8 @@ CVE-2021-3413 (A flaw was found in Red Hat Satellite in
tfm-rubygem-foreman_azur
NOT-FOR-US: Red Hat Satellite
CVE-2021-3412 (It was found that all versions of 3Scale developer portal
lacked brute ...)
NOT-FOR-US: Red Hat 3scale API Management
-CVE-2021-27399
- RESERVED
+CVE-2021-27399 (A vulnerability has been identified in Simcenter Femap 2020.2
(All ver ...)
+ TODO: check
CVE-2021-27398 (A vulnerability has been identified in Tecnomatix Plant
Simulation (Al ...)
NOT-FOR-US: Tecnomatix Plant Simulation
CVE-2021-27397 (A vulnerability has been identified in Tecnomatix Plant
Simulation (Al ...)
@@ -16482,14 +16526,14 @@ CVE-2021-27392 (A vulnerability has been identified
in Siveillance Video Open Ne
NOT-FOR-US: Siveillance
CVE-2021-27391
RESERVED
-CVE-2021-27390
- RESERVED
+CVE-2021-27390 (A vulnerability has been identified in JT2Go (All versions
< V13.1. ...)
+ TODO: check
CVE-2021-27389 (A vulnerability has been identified in Opcenter Quality (All
versions ...)
NOT-FOR-US: Opcenter Quality
CVE-2021-27388
RESERVED
-CVE-2021-27387
- RESERVED
+CVE-2021-27387 (A vulnerability has been identified in Simcenter Femap 2020.2
(All ver ...)
+ TODO: check
CVE-2021-27386 (A vulnerability has been identified in SIMATIC HMI Comfort
Outdoor Pan ...)
NOT-FOR-US: Siemens
CVE-2021-27385 (A remote attacker could send specially crafted packets to a
SmartVNC d ...)
@@ -18812,8 +18856,8 @@ CVE-2021-26422 (Skype for Business and Lync Remote Code
Execution Vulnerability
NOT-FOR-US: Microsoft
CVE-2021-26421 (Skype for Business and Lync Spoofing Vulnerability ...)
NOT-FOR-US: Microsoft
-CVE-2021-26420
- RESERVED
+CVE-2021-26420 (Microsoft SharePoint Server Remote Code Execution
Vulnerability This C ...)
+ TODO: check
CVE-2021-26419 (Scripting Engine Memory Corruption Vulnerability ...)
NOT-FOR-US: Microsoft
CVE-2021-26418 (Microsoft SharePoint Spoofing Vulnerability This CVE ID is
unique from ...)
@@ -18824,8 +18868,8 @@ CVE-2021-26416 (Windows Hyper-V Denial of Service
Vulnerability ...)
NOT-FOR-US: Microsoft
CVE-2021-26415 (Windows Installer Elevation of Privilege Vulnerability This
CVE ID is ...)
NOT-FOR-US: Microsoft
-CVE-2021-26414
- RESERVED
+CVE-2021-26414 (Windows DCOM Server Security Feature Bypass ...)
+ TODO: check
CVE-2021-26413 (Windows Installer Spoofing Vulnerability ...)
NOT-FOR-US: Microsoft
CVE-2021-26412 (Microsoft Exchange Server Remote Code Execution Vulnerability
This CVE ...)
@@ -28550,8 +28594,8 @@ CVE-2021-22218 (All versions of GitLab CE/EE starting
with 12.8 were affected by
TODO: check
CVE-2021-22217 (A denial of service vulnerability in all versions of GitLab
CE/EE befo ...)
TODO: check
-CVE-2021-22216
- RESERVED
+CVE-2021-22216 (A denial of service vulnerability in all versions of GitLab
CE/EE befo ...)
+ TODO: check
CVE-2021-22215 (An information disclosure vulnerability in GitLab EE versions
13.11 an ...)
TODO: check
CVE-2021-22214 (When requests to the internal network for webhooks are
enabled, a serv ...)
@@ -33459,16 +33503,16 @@ CVE-2021-20734
RESERVED
CVE-2021-20733
RESERVED
-CVE-2021-20732
- RESERVED
-CVE-2021-20731
- RESERVED
-CVE-2021-20730
- RESERVED
+CVE-2021-20732 (The ATOM (ATOM - Smart life App for Android versions prior to
1.8.1 an ...)
+ TODO: check
+CVE-2021-20731 (WSR-1166DHP3 firmware Ver.1.16 and prior and WSR-1166DHP4
firmware Ver ...)
+ TODO: check
+CVE-2021-20730 (Improper access control vulnerability in WSR-1166DHP3 firmware
Ver.1.1 ...)
+ TODO: check
CVE-2021-20729
RESERVED
-CVE-2021-20728
- RESERVED
+CVE-2021-20728 (Improper access control vulnerability in goo blog App for
Android ver. ...)
+ TODO: check
CVE-2021-20727 (Cross-site scripting vulnerability in Zettlr from 0.20.0 to
1.8.8 allo ...)
NOT-FOR-US: Zettlr
CVE-2021-20726 (Untrusted search path vulnerability in The Installer of
Overwolf 2.168 ...)
@@ -37634,8 +37678,7 @@ CVE-2021-1939
RESERVED
CVE-2021-1938
RESERVED
-CVE-2021-1937
- RESERVED
+CVE-2021-1937 (Reachable assertion is possible while processing peer
association WLAN ...)
NOT-FOR-US: Qualcomm components for Android
CVE-2021-1936
RESERVED
@@ -37709,8 +37752,7 @@ CVE-2021-1902
RESERVED
CVE-2021-1901
RESERVED
-CVE-2021-1900
- RESERVED
+CVE-2021-1900 (Possible use after free in Display due to race condition while
creatin ...)
NOT-FOR-US: Qualcomm components for Android
CVE-2021-1899
RESERVED
@@ -38638,8 +38680,8 @@ CVE-2021-1677 (Azure Active Directory Pod Identity
Spoofing Vulnerability ...)
NOT-FOR-US: Microsoft
CVE-2021-1676 (Windows NT Lan Manager Datagram Receiver Driver Information
Disclosure ...)
NOT-FOR-US: Microsoft
-CVE-2021-1675
- RESERVED
+CVE-2021-1675 (Windows Print Spooler Elevation of Privilege Vulnerability ...)
+ TODO: check
CVE-2021-1674 (Windows Remote Desktop Protocol Core Security Feature Bypass
Vulnerabi ...)
NOT-FOR-US: Microsoft
CVE-2021-1673 (Remote Procedure Call Runtime Remote Code Execution
Vulnerability This ...)
@@ -50114,8 +50156,8 @@ CVE-2020-26137 (urllib3 before 1.25.9 allows CRLF
injection if the attacker cont
NOTE: https://bugs.python.org/issue39603
NOTE:
https://github.com/urllib3/urllib3/commit/1dd69c5c5982fae7c87a620d487c2ebf7a6b436b
(1.25.9)
NOTE: https://github.com/urllib3/urllib3/pull/1800
-CVE-2020-26136
- RESERVED
+CVE-2020-26136 (In SilverStripe through 4.6.0-rc1, GraphQL doesn't honour MFA
(multi-f ...)
+ TODO: check
CVE-2020-26135 (Live Helper Chat before 3.44v allows reflected XSS via the
setsettinga ...)
NOT-FOR-US: Live Helper Chat
CVE-2020-26134 (Live Helper Chat before 3.44v allows stored XSS in chat
messages with ...)
@@ -85652,13 +85694,11 @@ CVE-2020-11308 (Buffer overflow occurs when trying to
convert ASCII string to Un
NOT-FOR-US: Qualcomm components for Android
CVE-2020-11307
RESERVED
-CVE-2020-11306
- RESERVED
+CVE-2020-11306 (Possible integer overflow in RPMB counter due to lack of
length check ...)
NOT-FOR-US: Qualcomm components for Android
CVE-2020-11305 (Integer overflow in boot due to improper length check on
arguments rec ...)
NOT-FOR-US: Snapdragon
-CVE-2020-11304
- RESERVED
+CVE-2020-11304 (Possible out of bound read in DRM due to improper buffer
length check. ...)
NOT-FOR-US: Qualcomm components for Android
CVE-2020-11303
RESERVED
@@ -85670,8 +85710,7 @@ CVE-2020-11300
RESERVED
CVE-2020-11299 (Buffer overflow can occur in video while playing the
non-standard clip ...)
NOT-FOR-US: Qualcomm components for Android
-CVE-2020-11298
- RESERVED
+CVE-2020-11298 (While waiting for a response to a callback or listener
request, non-se ...)
NOT-FOR-US: Qualcomm components for Android
CVE-2020-11297 (Denial of service in WLAN module due to improper check of
subtypes in ...)
NOT-FOR-US: Qualcomm components for Android
@@ -85683,11 +85722,9 @@ CVE-2020-11294 (Out of bound write in logger due to
prefix size is not validated
NOT-FOR-US: Qualcomm components for Android
CVE-2020-11293 (Out of bound read can happen in Widevine TA while copying data
to buff ...)
NOT-FOR-US: Qualcomm components for Android
-CVE-2020-11292
- RESERVED
+CVE-2020-11292 (Possible buffer overflow in voice service due to lack of input
validat ...)
NOT-FOR-US: Qualcomm components for Android
-CVE-2020-11291
- RESERVED
+CVE-2020-11291 (Possible buffer overflow while updating ikev2 parameters for
delete pa ...)
NOT-FOR-US: Qualcomm components for Android
CVE-2020-11290 (Use after free condition in msm ioctl events due to race
between the i ...)
NOT-FOR-US: Qualcomm components for Android
@@ -85735,34 +85772,30 @@ CVE-2020-11269 (Possible memory corruption while
processing EAPOL frames due to
NOT-FOR-US: Qualcomm components for Android
CVE-2020-11268 (Potential UE reset while decoding a crafted Sib1 or SIB1 that
schedule ...)
NOT-FOR-US: Snapdragon
-CVE-2020-11267
- RESERVED
+CVE-2020-11267 (Stack out-of-bounds write occurs while setting up a cipher
device if t ...)
NOT-FOR-US: Qualcomm components for Android
-CVE-2020-11266
- RESERVED
-CVE-2020-11265
- RESERVED
+CVE-2020-11266 (Image address is dereferenced before validating its range
which can ca ...)
+ TODO: check
+CVE-2020-11265 (Information disclosure issue due to lack of validation of
pointer argu ...)
+ TODO: check
CVE-2020-11264
RESERVED
CVE-2020-11263
RESERVED
-CVE-2020-11262
- RESERVED
+CVE-2020-11262 (A race between command submission and destroying the context
can cause ...)
NOT-FOR-US: Qualcomm components for Android
-CVE-2020-11261
- RESERVED
+CVE-2020-11261 (Memory corruption due to improper check to return error when
user appl ...)
NOT-FOR-US: Qualcomm components for Android
-CVE-2020-11260
- RESERVED
+CVE-2020-11260 (An improper free of uninitialized memory can occur in DIAG
services in ...)
NOT-FOR-US: Qualcomm components for Android
-CVE-2020-11259
- RESERVED
-CVE-2020-11258
- RESERVED
-CVE-2020-11257
- RESERVED
-CVE-2020-11256
- RESERVED
+CVE-2020-11259 (Memory corruption due to lack of validation of pointer
arguments passe ...)
+ TODO: check
+CVE-2020-11258 (Memory corruption due to lack of validation of pointer
arguments passe ...)
+ TODO: check
+CVE-2020-11257 (Memory corruption due to lack of validation of pointer
arguments passe ...)
+ TODO: check
+CVE-2020-11256 (Memory corruption due to lack of check of validation of
pointer to buf ...)
+ TODO: check
CVE-2020-11255 (Denial of service while processing RTCP packets containing
multiple SD ...)
NOT-FOR-US: Qualcomm components for Android
CVE-2020-11254 (Memory corruption during buffer allocation due to
dereferencing sessio ...)
@@ -85773,8 +85806,7 @@ CVE-2020-11252 (Trustzone initialization code will
disable xPU`s when memory dum
NOT-FOR-US: Qualcomm components for Android
CVE-2020-11251 (Out-of-bounds read vulnerability while accessing DTMF payload
due to l ...)
NOT-FOR-US: Qualcomm components for Android
-CVE-2020-11250
- RESERVED
+CVE-2020-11250 (Use after free due to race condition when reopening the device
driver ...)
NOT-FOR-US: Qualcomm components for Android
CVE-2020-11249
RESERVED
@@ -85792,29 +85824,23 @@ CVE-2020-11243 (RRC sends a connection establishment
success to NAS even though
NOT-FOR-US: Qualcomm components for Android
CVE-2020-11242 (User could gain access to secure memory due to incorrect
argument into ...)
NOT-FOR-US: Qualcomm components for Android
-CVE-2020-11241
- RESERVED
+CVE-2020-11241 (Out of bound read will happen if EAPOL Key length is less than
expecte ...)
NOT-FOR-US: Qualcomm components for Android
-CVE-2020-11240
- RESERVED
+CVE-2020-11240 (Memory corruption due to ioctl command size was incorrectly
set to the ...)
NOT-FOR-US: Qualcomm components for Android
-CVE-2020-11239
- RESERVED
+CVE-2020-11239 (Use after free issue when importing a DMA buffer by using the
CPU addr ...)
NOT-FOR-US: Qualcomm components for Android
-CVE-2020-11238
- RESERVED
+CVE-2020-11238 (Possible Buffer over-read in ARP/NS parsing due to lack of
check of pa ...)
NOT-FOR-US: Qualcomm components for Android
CVE-2020-11237 (Memory crash when accessing histogram type KPI input received
due to l ...)
NOT-FOR-US: Qualcomm components for Android
CVE-2020-11236 (Memory corruption due to invalid value of total dimension in
the non-h ...)
NOT-FOR-US: Qualcomm components for Android
-CVE-2020-11235
- RESERVED
+CVE-2020-11235 (Buffer overflow might occur while parsing unified command due
to lack ...)
NOT-FOR-US: Qualcomm components for Android
CVE-2020-11234 (When sending a socket event message to a user application,
invalid inf ...)
NOT-FOR-US: Qualcomm components for Android
-CVE-2020-11233
- RESERVED
+CVE-2020-11233 (Time-of-check time-of-use race condition While processing
partition en ...)
NOT-FOR-US: Qualcomm components for Android
CVE-2020-11232
RESERVED
@@ -85916,8 +85942,7 @@ CVE-2020-11184 (u'Possible buffer overflow will occur
in video while parsing mp4
NOT-FOR-US: Qualcomm components for Android
CVE-2020-11183 (A process can potentially cause a buffer overflow in the
display servi ...)
NOT-FOR-US: Qualcomm components for Android
-CVE-2020-11182
- RESERVED
+CVE-2020-11182 (Possible heap overflow while parsing NAL header due to lack of
check o ...)
NOT-FOR-US: Qualcomm components for Android
CVE-2020-11181 (Out of bound access issue while handling cvp process control
command d ...)
NOT-FOR-US: Qualcomm components for Android
@@ -85925,13 +85950,11 @@ CVE-2020-11180 (Out of bound access in computer
vision control due to improper v
NOT-FOR-US: Snapdragon
CVE-2020-11179 (Arbitrary read and write to kernel addresses by temporarily
overwritin ...)
NOT-FOR-US: Qualcomm components for Android
-CVE-2020-11178
- RESERVED
+CVE-2020-11178 (Trusted APPS to overwrite the CPZ memory of another use-case
as TZ onl ...)
NOT-FOR-US: Qualcomm components for Android
CVE-2020-11177 (User can overwrite Security Code NV item without knowing
current SPC d ...)
NOT-FOR-US: Qualcomm components for Android
-CVE-2020-11176
- RESERVED
+CVE-2020-11176 (While processing server certificate from IPSec server,
certificate val ...)
NOT-FOR-US: Qualcomm components for Android
CVE-2020-11175 (u'Use after free issue in Bluetooth transport driver when a
method in ...)
NOT-FOR-US: Qualcomm components for Android
@@ -85953,8 +85976,7 @@ CVE-2020-11167 (Memory corruption while calculating
L2CAP packet length in reass
NOT-FOR-US: Qualcomm components for Android
CVE-2020-11166 (Potential out of bound read exception when UE receives
unusually large ...)
NOT-FOR-US: Qualcomm components for Android
-CVE-2020-11165
- RESERVED
+CVE-2020-11165 (Memory corruption due to buffer overflow while copying the
message pro ...)
NOT-FOR-US: Qualcomm components for Android
CVE-2020-11164 (u'Third-party app may also call the broadcasts in Perfdump and
cause p ...)
NOT-FOR-US: Qualcomm components for Android
@@ -85962,14 +85984,11 @@ CVE-2020-11163 (Possible buffer overflow while
updating ikev2 parameters due to
NOT-FOR-US: Qualcomm components for Android
CVE-2020-11162 (u'Possible buffer overflow in MHI driver due to lack of input
paramete ...)
NOT-FOR-US: Qualcomm components for Android
-CVE-2020-11161
- RESERVED
+CVE-2020-11161 (Out-of-bounds memory access can occur while calculating
alignment requ ...)
NOT-FOR-US: Qualcomm components for Android
-CVE-2020-11160
- RESERVED
+CVE-2020-11160 (Resource leakage issue during dci client registration due to
reference ...)
NOT-FOR-US: Qualcomm components for Android
-CVE-2020-11159
- RESERVED
+CVE-2020-11159 (Buffer over-read can happen while processing WPA,RSN IE of
beacon and ...)
NOT-FOR-US: Qualcomm components for Android
CVE-2020-11158 (u'Null pointer dereference in HP OfficeJet Pro 8210 jbig2
filter due t ...)
NOT-FOR-US: Qualcomm
@@ -86019,8 +86038,7 @@ CVE-2020-11136 (Buffer Over-read in audio driver while
using malloc management f
NOT-FOR-US: Qualcomm components for Android
CVE-2020-11135 (u'Reachable assertion when wrong data size is returned by
parser for a ...)
NOT-FOR-US: Snapdragon
-CVE-2020-11134
- RESERVED
+CVE-2020-11134 (Possible stack out of bound write might happen due to time
bitmap leng ...)
NOT-FOR-US: Qualcomm components for Android
CVE-2020-11133 (u'Possible out of bound array write in rxdco cal utility due
to lack o ...)
NOT-FOR-US: Snapdragon
@@ -86036,8 +86054,7 @@ CVE-2020-11128 (u'Possible out of bound access while
copying the mask file conte
NOT-FOR-US: Qualcomm components for Android
CVE-2020-11127 (u'Integer overflow can cause a buffer overflow due to lack of
table le ...)
NOT-FOR-US: Qualcomm components for Android
-CVE-2020-11126
- RESERVED
+CVE-2020-11126 (Possible out of bound read while WLAN frame parsing due to
lack of che ...)
NOT-FOR-US: Qualcomm components for Android
CVE-2020-11125 (u'Out of bound access can happen in MHI command process due to
lack of ...)
NOT-FOR-US: Qualcomm components for Android
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/fe41a4a547e0930ebe4934826c28b62837f90f2d
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/fe41a4a547e0930ebe4934826c28b62837f90f2d
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
debian-security-tracker-commits@alioth-lists.debian.net
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
