Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits: e42624b9 by Salvatore Bonaccorso at 2022-06-21T07:57:15+02:00 Process some NFUs - - - - - 1 changed file: - data/CVE/list Changes: ===================================== data/CVE/list ===================================== @@ -72670,7 +72670,7 @@ CVE-2021-33297 CVE-2021-33296 RESERVED CVE-2021-33295 (Cross Site Scripting (XSS) vulnerability in Joplin Desktop App before ...) - TODO: check + NOT-FOR-US: Joplin Desktop App CVE-2021-33294 RESERVED CVE-2021-33293 (Panorama Tools libpano13 v2.9.20 was discovered to contain an out-of-b ...) @@ -80697,9 +80697,9 @@ CVE-2021-30352 CVE-2021-30351 (An out of bound memory access can occur due to improper validation of ...) NOT-FOR-US: Qualcomm components for Android CVE-2021-30350 (Lack of MBN header size verification against input buffer can lead to ...) - TODO: check + NOT-FOR-US: Snapdragon CVE-2021-30349 (Improper access control sequence for AC database after memory allocati ...) - TODO: check + NOT-FOR-US: Snapdragon CVE-2021-30348 (Improper validation of LLM utility timers availability can lead to den ...) NOT-FOR-US: Qualcomm CVE-2021-30347 (Improper integrity check can lead to race condition between tasks PDCP ...) @@ -80717,11 +80717,11 @@ CVE-2021-30342 (Improper integrity check can lead to race condition between task CVE-2021-30341 (Improper buffer size validation of DSM packet received can lead to mem ...) TODO: check CVE-2021-30340 (Reachable assertion due to improper validation of coreset in PDCCH con ...) - TODO: check + NOT-FOR-US: Snapdragon CVE-2021-30339 (Reading PRNG output may lead to improper key generation due to lack of ...) - TODO: check + NOT-FOR-US: Snapdragon CVE-2021-30338 (Improper input validation in TrustZone memory transfer interface can l ...) - TODO: check + NOT-FOR-US: Snapdragon CVE-2021-30337 (Possible use after free when process shell memory is freed using IOCTL ...) NOT-FOR-US: Qualcomm components for Android CVE-2021-30336 (Possible out of bound read due to lack of domain input validation whil ...) @@ -80729,7 +80729,7 @@ CVE-2021-30336 (Possible out of bound read due to lack of domain input validatio CVE-2021-30335 (Possible assertion in QOS request due to improper validation when mult ...) NOT-FOR-US: Qualcomm components for Android CVE-2021-30334 (Possible use after free due to lack of null check of DRM file status a ...) - TODO: check + NOT-FOR-US: Snapdragon CVE-2021-30333 (Improper validation of buffer size input to the EFS file can lead to m ...) NOT-FOR-US: Qualcomm CVE-2021-30332 (Possible assertion due to improper validation of OTA configuration in ...) @@ -80743,7 +80743,7 @@ CVE-2021-30329 (Possible assertion due to improper validation of TCI configurati CVE-2021-30328 (Possible assertion due to improper validation of invalid NR CSI-IM res ...) NOT-FOR-US: Qualcomm CVE-2021-30327 (Buffer overflow in sahara protocol while processing commands leads to ...) - TODO: check + NOT-FOR-US: Snapdragon CVE-2021-30326 (Possible assertion due to improper size validation while processing th ...) NOT-FOR-US: Qualcomm CVE-2021-30325 (Possible out of bound access of DCI resources due to lack of validatio ...) @@ -80835,7 +80835,7 @@ CVE-2021-30283 (Possible denial of service due to improper handling of debug reg CVE-2021-30282 (Possible out of bound write in RAM partition table due to improper val ...) NOT-FOR-US: Qualcomm components for Android CVE-2021-30281 (XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX in Snapdragon Auto, Snapdragon Co ...) - TODO: check + NOT-FOR-US: Snapdragon CVE-2021-30280 RESERVED CVE-2021-30279 (Possible access control violation while setting current permission for ...) @@ -87253,7 +87253,7 @@ CVE-2021-27788 CVE-2021-27787 RESERVED CVE-2021-27786 (Cross-origin resource sharing (CORS) enables browsers to perform cross ...) - TODO: check + NOT-FOR-US: HCL CVE-2021-27785 RESERVED CVE-2021-27784 @@ -105086,7 +105086,7 @@ CVE-2020-35599 CVE-2020-35598 (ACS Advanced Comment System 1.0 is affected by Directory Traversal via ...) NOT-FOR-US: ACS Advanced Comment System CVE-2020-35597 (Victor CMS 1.0 is vulnerable to SQL injection via c_id parameter of ad ...) - TODO: check + NOT-FOR-US: Victor CMS CVE-2020-35596 RESERVED CVE-2020-35595 View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/e42624b9f1c33f15ea02a0d6c172a667d5b3ed8d -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/e42624b9f1c33f15ea02a0d6c172a667d5b3ed8d You're receiving this email because of your account on salsa.debian.org.
_______________________________________________ debian-security-tracker-commits mailing list debian-security-tracker-commits@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits