summaryrefslogtreecommitdiffstats
path: root/data/CVE/2019.list
blob: 95304decc8877f6cab651fe70346eac0666afc1a (plain) (blame)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
370
371
372
373
374
375
376
377
378
379
380
381
382
383
384
385
386
387
388
389
390
391
392
393
394
395
396
397
398
399
400
401
402
403
404
405
406
407
408
409
410
411
412
413
414
415
416
417
418
419
420
421
422
423
424
425
426
427
428
429
430
431
432
433
434
435
436
437
438
439
440
441
442
443
444
445
446
447
448
449
450
451
452
453
454
455
456
457
458
459
460
461
462
463
464
465
466
467
468
469
470
471
472
473
474
475
476
477
478
479
480
481
482
483
484
485
486
487
488
489
490
491
492
493
494
495
496
497
498
499
500
501
502
503
504
505
506
507
508
509
510
511
512
513
514
515
516
517
518
519
520
521
522
523
524
525
526
527
528
529
530
531
532
533
534
535
536
537
538
539
540
541
542
543
544
545
546
547
548
549
550
551
552
553
554
555
556
557
558
559
560
561
562
563
564
565
566
567
568
569
570
571
572
573
574
575
576
577
578
579
580
581
582
583
584
585
586
587
588
589
590
591
592
593
594
595
596
597
598
599
600
601
602
603
604
605
606
607
608
609
610
611
612
613
614
615
616
617
618
619
620
621
622
623
624
625
626
627
628
629
630
631
632
633
634
635
636
637
638
639
640
641
642
643
644
645
646
647
648
649
650
651
652
653
654
655
656
657
658
659
660
661
662
663
664
665
666
667
668
669
670
671
672
673
674
675
676
677
678
679
680
681
682
683
684
685
686
687
688
689
690
691
692
693
694
695
696
697
698
699
700
701
702
703
704
705
706
707
708
709
710
711
712
713
714
715
716
717
718
719
720
721
722
723
724
725
726
727
728
729
730
731
732
733
734
735
736
737
738
739
740
741
742
743
744
745
746
747
748
749
750
751
752
753
754
755
756
757
758
759
760
761
762
763
764
765
766
767
768
769
770
771
772
773
774
775
776
777
778
779
780
781
782
783
784
785
786
787
788
789
790
791
792
793
794
795
796
797
798
799
800
801
802
803
804
805
806
807
808
809
810
811
812
813
814
815
816
817
818
819
820
821
822
823
824
825
826
827
828
829
830
831
832
833
834
835
836
837
838
839
840
841
842
843
844
845
846
847
848
849
850
851
852
853
854
855
856
857
858
859
860
861
862
863
864
865
866
867
868
869
870
871
872
873
874
875
876
877
878
879
880
881
882
883
884
885
886
887
888
889
890
891
892
893
894
895
896
897
898
899
900
901
902
903
904
905
906
907
908
909
910
911
912
913
914
915
916
917
918
919
920
921
922
923
924
925
926
927
928
929
930
931
932
933
934
935
936
937
938
939
940
941
942
943
944
945
946
947
948
949
950
951
952
953
954
955
956
957
958
959
960
961
962
963
964
965
966
967
968
969
970
971
972
973
974
975
976
977
978
979
980
981
982
983
984
985
986
987
988
989
990
991
992
993
994
995
996
997
998
999
1000
1001
1002
1003
1004
1005
1006
1007
1008
1009
1010
1011
1012
1013
1014
1015
1016
1017
1018
1019
1020
1021
1022
1023
1024
1025
1026
1027
1028
1029
1030
1031
1032
1033
1034
1035
1036
1037
1038
1039
1040
1041
1042
1043
1044
1045
1046
1047
1048
1049
1050
1051
1052
1053
1054
1055
1056
1057
1058
1059
1060
1061
1062
1063
1064
1065
1066
1067
1068
1069
1070
1071
1072
1073
1074
1075
1076
1077
1078
1079
1080
1081
1082
1083
1084
1085
1086
1087
1088
1089
1090
1091
1092
1093
1094
1095
1096
1097
1098
1099
1100
1101
1102
1103
1104
1105
1106
1107
1108
1109
1110
1111
1112
1113
1114
1115
1116
1117
1118
1119
1120
1121
1122
1123
1124
1125
1126
1127
1128
1129
1130
1131
1132
1133
1134
1135
1136
1137
1138
1139
1140
1141
1142
1143
1144
1145
1146
1147
1148
1149
1150
1151
1152
1153
1154
1155
1156
1157
1158
1159
1160
1161
1162
1163
1164
1165
1166
1167
1168
1169
1170
1171
1172
1173
1174
1175
1176
1177
1178
1179
1180
1181
1182
1183
1184
1185
1186
1187
1188
1189
1190
1191
1192
1193
1194
1195
1196
1197
1198
1199
1200
1201
1202
1203
1204
1205
1206
1207
1208
1209
1210
1211
1212
1213
1214
1215
1216
1217
1218
1219
1220
1221
1222
1223
1224
1225
1226
1227
1228
1229
1230
1231
1232
1233
1234
1235
1236
1237
1238
1239
1240
1241
1242
1243
1244
1245
1246
1247
1248
1249
1250
1251
1252
1253
1254
1255
1256
1257
1258
1259
1260
1261
1262
1263
1264
1265
1266
1267
1268
1269
1270
1271
1272
1273
1274
1275
1276
1277
1278
1279
1280
1281
1282
1283
1284
1285
1286
1287
1288
1289
1290
1291
1292
1293
1294
1295
1296
1297
1298
1299
1300
1301
1302
1303
1304
1305
1306
1307
1308
1309
1310
1311
1312
1313
1314
1315
1316
1317
1318
1319
1320
1321
1322
1323
1324
1325
1326
1327
1328
1329
1330
1331
1332
1333
1334
1335
1336
1337
1338
1339
1340
1341
1342
1343
1344
1345
1346
1347
1348
1349
1350
1351
1352
1353
1354
1355
1356
1357
1358
1359
1360
1361
1362
1363
1364
1365
1366
1367
1368
1369
1370
1371
1372
1373
1374
1375
1376
1377
1378
1379
1380
1381
1382
1383
1384
1385
1386
1387
1388
1389
1390
1391
1392
1393
1394
1395
1396
1397
1398
1399
1400
1401
1402
1403
1404
1405
1406
1407
1408
1409
1410
1411
1412
1413
1414
1415
1416
1417
1418
1419
1420
1421
1422
1423
1424
1425
1426
1427
1428
1429
1430
1431
1432
1433
1434
1435
1436
1437
1438
1439
1440
1441
1442
1443
1444
1445
1446
1447
1448
1449
1450
1451
1452
1453
1454
1455
1456
1457
1458
1459
1460
1461
1462
1463
1464
1465
1466
1467
1468
1469
1470
1471
1472
1473
1474
1475
1476
1477
1478
1479
1480
1481
1482
1483
1484
1485
1486
1487
1488
1489
1490
1491
1492
1493
1494
1495
1496
1497
1498
1499
1500
1501
1502
1503
1504
1505
1506
1507
1508
1509
1510
1511
1512
1513
1514
1515
1516
1517
1518
1519
1520
1521
1522
1523
1524
1525
1526
1527
1528
1529
1530
1531
1532
1533
1534
1535
1536
1537
1538
1539
1540
1541
1542
1543
1544
1545
1546
1547
1548
1549
1550
1551
1552
1553
1554
1555
1556
1557
1558
1559
1560
1561
1562
1563
1564
1565
1566
1567
1568
1569
1570
1571
1572
1573
1574
1575
1576
1577
1578
1579
1580
1581
1582
1583
1584
1585
1586
1587
1588
1589
1590
1591
1592
1593
1594
1595
1596
1597
1598
1599
1600
1601
1602
1603
1604
1605
1606
1607
1608
1609
1610
1611
1612
1613
1614
1615
1616
1617
1618
1619
1620
1621
1622
1623
1624
1625
1626
1627
1628
1629
1630
1631
1632
1633
1634
1635
1636
1637
1638
1639
1640
1641
1642
1643
1644
1645
1646
1647
1648
1649
1650
1651
1652
1653
1654
1655
1656
1657
1658
1659
1660
1661
1662
1663
1664
1665
1666
1667
1668
1669
1670
1671
1672
1673
1674
1675
1676
1677
1678
1679
1680
1681
1682
1683
1684
1685
1686
1687
1688
1689
1690
1691
1692
1693
1694
1695
1696
1697
1698
1699
1700
1701
1702
1703
1704
1705
1706
1707
1708
1709
1710
1711
1712
1713
1714
1715
1716
1717
1718
1719
1720
1721
1722
1723
1724
1725
1726
1727
1728
1729
1730
1731
1732
1733
1734
1735
1736
1737
1738
1739
1740
1741
1742
1743
1744
1745
1746
1747
1748
1749
1750
1751
1752
1753
1754
1755
1756
1757
1758
1759
1760
1761
1762
1763
1764
1765
1766
1767
1768
1769
1770
1771
1772
1773
1774
1775
1776
1777
1778
1779
1780
1781
1782
1783
1784
1785
1786
1787
1788
1789
1790
1791
1792
1793
1794
1795
1796
1797
1798
1799
1800
1801
1802
1803
1804
1805
1806
1807
1808
1809
1810
1811
1812
1813
1814
1815
1816
1817
1818
1819
1820
1821
1822
1823
1824
1825
1826
1827
1828
1829
1830
1831
1832
1833
1834
1835
1836
1837
1838
1839
1840
1841
1842
1843
1844
1845
1846
1847
1848
1849
1850
1851
1852
1853
1854
1855
1856
1857
1858
1859
1860
1861
1862
1863
1864
1865
1866
1867
1868
1869
1870
1871
1872
1873
1874
1875
1876
1877
1878
1879
1880
1881
1882
1883
1884
1885
1886
1887
1888
1889
1890
1891
1892
1893
1894
1895
1896
1897
1898
1899
1900
1901
1902
1903
1904
1905
1906
1907
1908
1909
1910
1911
1912
1913
1914
1915
1916
1917
1918
1919
1920
1921
1922
1923
1924
1925
1926
1927
1928
1929
1930
1931
1932
1933
1934
1935
1936
1937
1938
1939
1940
1941
1942
1943
1944
1945
1946
1947
1948
1949
1950
1951
1952
1953
1954
1955
1956
1957
1958
1959
1960
1961
1962
1963
1964
1965
1966
1967
1968
1969
1970
1971
1972
1973
1974
1975
1976
1977
1978
1979
1980
1981
1982
1983
1984
1985
1986
1987
1988
1989
1990
1991
1992
1993
1994
1995
1996
1997
1998
1999
2000
2001
2002
2003
2004
2005
2006
2007
2008
2009
2010
2011
2012
2013
2014
2015
2016
2017
2018
2019
2020
2021
2022
2023
2024
2025
2026
2027
2028
2029
2030
2031
2032
2033
2034
2035
2036
2037
2038
2039
2040
2041
2042
2043
2044
2045
2046
2047
2048
2049
2050
2051
2052
2053
2054
2055
2056
2057
2058
2059
2060
2061
2062
2063
2064
2065
2066
2067
2068
2069
2070
2071
2072
2073
2074
2075
2076
2077
2078
2079
2080
2081
2082
2083
2084
2085
2086
2087
2088
2089
2090
2091
2092
2093
2094
2095
2096
2097
2098
2099
2100
2101
2102
2103
2104
2105
2106
2107
2108
2109
2110
2111
2112
2113
2114
2115
2116
2117
2118
2119
2120
2121
2122
2123
2124
2125
2126
2127
2128
2129
2130
2131
2132
2133
2134
2135
2136
2137
2138
2139
2140
2141
2142
2143
2144
2145
2146
2147
2148
2149
2150
2151
2152
2153
2154
2155
2156
2157
2158
2159
2160
2161
2162
2163
2164
2165
2166
2167
2168
2169
2170
2171
2172
2173
2174
2175
2176
2177
2178
2179
2180
2181
2182
2183
2184
2185
2186
2187
2188
2189
2190
2191
2192
2193
2194
2195
2196
2197
2198
2199
2200
2201
2202
2203
2204
2205
2206
2207
2208
2209
2210
2211
2212
2213
2214
2215
2216
2217
2218
2219
2220
2221
2222
2223
2224
2225
2226
2227
2228
2229
2230
2231
2232
2233
2234
2235
2236
2237
2238
2239
2240
2241
2242
2243
2244
2245
2246
2247
2248
2249
2250
2251
2252
2253
2254
2255
2256
2257
2258
2259
2260
2261
2262
2263
2264
2265
2266
2267
2268
2269
2270
2271
2272
2273
2274
2275
2276
2277
2278
2279
2280
2281
2282
2283
2284
2285
2286
2287
2288
2289
2290
2291
2292
2293
2294
2295
2296
2297
2298
2299
2300
2301
2302
2303
2304
2305
2306
2307
2308
2309
2310
2311
2312
2313
2314
2315
2316
2317
2318
2319
2320
2321
2322
2323
2324
2325
2326
2327
2328
2329
2330
2331
2332
2333
2334
2335
2336
2337
2338
2339
2340
2341
2342
2343
2344
2345
2346
2347
2348
2349
2350
2351
2352
2353
2354
2355
2356
2357
2358
2359
2360
2361
2362
2363
2364
2365
2366
2367
2368
2369
2370
2371
2372
2373
2374
2375
2376
2377
2378
2379
2380
2381
2382
2383
2384
2385
2386
2387
2388
2389
2390
2391
2392
2393
2394
2395
2396
2397
2398
2399
2400
2401
2402
2403
2404
2405
2406
2407
2408
2409
2410
2411
2412
2413
2414
2415
2416
2417
2418
2419
2420
2421
2422
2423
2424
2425
2426
2427
2428
2429
2430
2431
2432
2433
2434
2435
2436
2437
2438
2439
2440
2441
2442
2443
2444
2445
2446
2447
2448
2449
2450
2451
2452
2453
2454
2455
2456
2457
2458
2459
2460
2461
2462
2463
2464
2465
2466
2467
2468
2469
2470
2471
2472
2473
2474
2475
2476
2477
2478
2479
2480
2481
2482
2483
2484
2485
2486
2487
2488
2489
2490
2491
2492
2493
2494
2495
2496
2497
2498
2499
2500
2501
2502
2503
2504
2505
2506
2507
2508
2509
2510
2511
2512
2513
2514
2515
2516
2517
2518
2519
2520
2521
2522
2523
2524
2525
2526
2527
2528
2529
2530
2531
2532
2533
2534
2535
2536
2537
2538
2539
2540
2541
2542
2543
2544
2545
2546
2547
2548
2549
2550
2551
2552
2553
2554
2555
2556
2557
2558
2559
2560
2561
2562
2563
2564
2565
2566
2567
2568
2569
2570
2571
2572
2573
2574
2575
2576
2577
2578
2579
2580
2581
2582
2583
2584
2585
2586
2587
2588
2589
2590
2591
2592
2593
2594
2595
2596
2597
2598
2599
2600
2601
2602
2603
2604
2605
2606
2607
2608
2609
2610
2611
2612
2613
2614
2615
2616
2617
2618
2619
2620
2621
2622
2623
2624
2625
2626
2627
2628
2629
2630
2631
2632
2633
2634
2635
2636
2637
2638
2639
2640
2641
2642
2643
2644
2645
2646
2647
2648
2649
2650
2651
2652
2653
2654
2655
2656
2657
2658
2659
2660
2661
2662
2663
2664
2665
2666
2667
2668
2669
2670
2671
2672
2673
2674
2675
2676
2677
2678
2679
2680
2681
2682
2683
2684
2685
2686
2687
2688
2689
2690
2691
2692
2693
2694
2695
2696
2697
2698
2699
2700
2701
2702
2703
2704
2705
2706
2707
2708
2709
2710
2711
2712
2713
2714
2715
2716
2717
2718
2719
2720
2721
2722
2723
2724
2725
2726
2727
2728
2729
2730
2731
2732
2733
2734
2735
2736
2737
2738
2739
2740
2741
2742
2743
2744
2745
2746
2747
2748
2749
2750
2751
2752
2753
2754
2755
2756
2757
2758
2759
2760
2761
2762
2763
2764
2765
2766
2767
2768
2769
2770
2771
2772
2773
2774
2775
2776
2777
2778
2779
2780
2781
2782
2783
2784
2785
2786
2787
2788
2789
2790
2791
2792
2793
2794
2795
2796
2797
2798
2799
2800
2801
2802
2803
2804
2805
2806
2807
2808
2809
2810
2811
2812
2813
2814
2815
2816
2817
2818
2819
2820
2821
2822
2823
2824
2825
2826
2827
2828
2829
2830
2831
2832
2833
2834
2835
2836
2837
2838
2839
2840
2841
2842
2843
2844
2845
2846
2847
2848
2849
2850
2851
2852
2853
2854
2855
2856
2857
2858
2859
2860
2861
2862
2863
2864
2865
2866
2867
2868
2869
2870
2871
2872
2873
2874
2875
2876
2877
2878
2879
2880
2881
2882
2883
2884
2885
2886
2887
2888
2889
2890
2891
2892
2893
2894
2895
2896
2897
2898
2899
2900
2901
2902
2903
2904
2905
2906
2907
2908
2909
2910
2911
2912
2913
2914
2915
2916
2917
2918
2919
2920
2921
2922
2923
2924
2925
2926
2927
2928
2929
2930
2931
2932
2933
2934
2935
2936
2937
2938
2939
2940
2941
2942
2943
2944
2945
2946
2947
2948
2949
2950
2951
2952
2953
2954
2955
2956
2957
2958
2959
2960
2961
2962
2963
2964
2965
2966
2967
2968
2969
2970
2971
2972
2973
2974
2975
2976
2977
2978
2979
2980
2981
2982
2983
2984
2985
2986
2987
2988
2989
2990
2991
2992
2993
2994
2995
2996
2997
2998
2999
3000
3001
3002
3003
3004
3005
3006
3007
3008
3009
3010
3011
3012
3013
3014
3015
3016
3017
3018
3019
3020
3021
3022
3023
3024
3025
3026
3027
3028
3029
3030
3031
3032
3033
3034
3035
3036
3037
3038
3039
3040
3041
3042
3043
3044
3045
3046
3047
3048
3049
3050
3051
3052
3053
3054
3055
3056
3057
3058
3059
3060
3061
3062
3063
3064
3065
3066
3067
3068
3069
3070
3071
3072
3073
3074
3075
3076
3077
3078
3079
3080
3081
3082
3083
3084
3085
3086
3087
3088
3089
3090
3091
3092
3093
3094
3095
3096
3097
3098
3099
3100
3101
3102
3103
3104
3105
3106
3107
3108
3109
3110
3111
3112
3113
3114
3115
3116
3117
3118
3119
3120
3121
3122
3123
3124
3125
3126
3127
3128
3129
3130
3131
3132
3133
3134
3135
3136
3137
3138
3139
3140
3141
3142
3143
3144
3145
3146
3147
3148
3149
3150
3151
3152
3153
3154
3155
3156
3157
3158
3159
3160
3161
3162
3163
3164
3165
3166
3167
3168
3169
3170
3171
3172
3173
3174
3175
3176
3177
3178
3179
3180
3181
3182
3183
3184
3185
3186
3187
3188
3189
3190
3191
3192
3193
3194
3195
3196
3197
3198
3199
3200
3201
3202
3203
3204
3205
3206
3207
3208
3209
3210
3211
3212
3213
3214
3215
3216
3217
3218
3219
3220
3221
3222
3223
3224
3225
3226
3227
3228
3229
3230
3231
3232
3233
3234
3235
3236
3237
3238
3239
3240
3241
3242
3243
3244
3245
3246
3247
3248
3249
3250
3251
3252
3253
3254
3255
3256
3257
3258
3259
3260
3261
3262
3263
3264
3265
3266
3267
3268
3269
3270
3271
3272
3273
3274
3275
3276
3277
3278
3279
3280
3281
3282
3283
3284
3285
3286
3287
3288
3289
3290
3291
3292
3293
3294
3295
3296
3297
3298
3299
3300
3301
3302
3303
3304
3305
3306
3307
3308
3309
3310
3311
3312
3313
3314
3315
3316
3317
3318
3319
3320
3321
3322
3323
3324
3325
3326
3327
3328
3329
3330
3331
3332
3333
3334
3335
3336
3337
3338
3339
3340
3341
3342
3343
3344
3345
3346
3347
3348
3349
3350
3351
3352
3353
3354
3355
3356
3357
3358
3359
3360
3361
3362
3363
3364
3365
3366
3367
3368
3369
3370
3371
3372
3373
3374
3375
3376
3377
3378
3379
3380
3381
3382
3383
3384
3385
3386
3387
3388
3389
3390
3391
3392
3393
3394
3395
3396
3397
3398
3399
3400
3401
3402
3403
3404
3405
3406
3407
3408
3409
3410
3411
3412
3413
3414
3415
3416
3417
3418
3419
3420
3421
3422
3423
3424
3425
3426
3427
3428
3429
3430
3431
3432
3433
3434
3435
3436
3437
3438
3439
3440
3441
3442
3443
3444
3445
3446
3447
3448
3449
3450
3451
3452
3453
3454
3455
3456
3457
3458
3459
3460
3461
3462
3463
3464
3465
3466
3467
3468
3469
3470
3471
3472
3473
3474
3475
3476
3477
3478
3479
3480
3481
3482
3483
3484
3485
3486
3487
3488
3489
3490
3491
3492
3493
3494
3495
3496
3497
3498
3499
3500
3501
3502
3503
3504
3505
3506
3507
3508
3509
3510
3511
3512
3513
3514
3515
3516
3517
3518
3519
3520
3521
3522
3523
3524
3525
3526
3527
3528
3529
3530
3531
3532
3533
3534
3535
3536
3537
3538
3539
3540
3541
3542
3543
3544
3545
3546
3547
3548
3549
3550
3551
3552
3553
3554
3555
3556
3557
3558
3559
3560
3561
3562
3563
3564
3565
3566
3567
3568
3569
3570
3571
3572
3573
3574
3575
3576
3577
3578
3579
3580
3581
3582
3583
3584
3585
3586
3587
3588
3589
3590
3591
3592
3593
3594
3595
3596
3597
3598
3599
3600
3601
3602
3603
3604
3605
3606
3607
3608
3609
3610
3611
3612
3613
3614
3615
3616
3617
3618
3619
3620
3621
3622
3623
3624
3625
3626
3627
3628
3629
3630
3631
3632
3633
3634
3635
3636
3637
3638
3639
3640
3641
3642
3643
3644
3645
3646
3647
3648
3649
3650
3651
3652
3653
3654
3655
3656
3657
3658
3659
3660
3661
3662
3663
3664
3665
3666
3667
3668
3669
3670
3671
3672
3673
3674
3675
3676
3677
3678
3679
3680
3681
3682
3683
3684
3685
3686
3687
3688
3689
3690
3691
3692
3693
3694
3695
3696
3697
3698
3699
3700
3701
3702
3703
3704
3705
3706
3707
3708
3709
3710
3711
3712
3713
3714
3715
3716
3717
3718
3719
3720
3721
3722
3723
3724
3725
3726
3727
3728
3729
3730
3731
3732
3733
3734
3735
3736
3737
3738
3739
3740
3741
3742
3743
3744
3745
3746
3747
3748
3749
3750
3751
3752
3753
3754
3755
3756
3757
3758
3759
3760
3761
3762
3763
3764
3765
3766
3767
3768
3769
3770
3771
3772
3773
3774
3775
3776
3777
3778
3779
3780
3781
3782
3783
3784
3785
3786
3787
3788
3789
3790
3791
3792
3793
3794
3795
3796
3797
3798
3799
3800
3801
3802
3803
3804
3805
3806
3807
3808
3809
3810
3811
3812
3813
3814
3815
3816
3817
3818
3819
3820
3821
3822
3823
3824
3825
3826
3827
3828
3829
3830
3831
3832
3833
3834
3835
3836
3837
3838
3839
3840
3841
3842
3843
3844
3845
3846
3847
3848
3849
3850
3851
3852
3853
3854
3855
3856
3857
3858
3859
3860
3861
3862
3863
3864
3865
3866
3867
3868
3869
3870
3871
3872
3873
3874
3875
3876
3877
3878
3879
3880
3881
3882
3883
3884
3885
3886
3887
3888
3889
3890
3891
3892
3893
3894
3895
3896
3897
3898
3899
3900
3901
3902
3903
3904
3905
3906
3907
3908
3909
3910
3911
3912
3913
3914
3915
3916
3917
3918
3919
3920
3921
3922
3923
3924
3925
3926
3927
3928
3929
3930
3931
3932
3933
3934
3935
3936
3937
3938
3939
3940
3941
3942
3943
3944
3945
3946
3947
3948
3949
3950
3951
3952
3953
3954
3955
3956
3957
3958
3959
3960
3961
3962
3963
3964
3965
3966
3967
3968
3969
3970
3971
3972
3973
3974
3975
3976
3977
3978
3979
3980
3981
3982
3983
3984
3985
3986
3987
3988
3989
3990
3991
3992
3993
3994
3995
3996
3997
3998
3999
4000
4001
4002
4003
4004
4005
4006
4007
4008
4009
4010
4011
4012
4013
4014
4015
4016
4017
4018
4019
4020
4021
4022
4023
4024
4025
4026
4027
4028
4029
4030
4031
4032
4033
4034
4035
4036
4037
4038
4039
4040
4041
4042
4043
4044
4045
4046
4047
4048
4049
4050
4051
4052
4053
4054
4055
4056
4057
4058
4059
4060
4061
4062
4063
4064
4065
4066
4067
4068
4069
4070
4071
4072
4073
4074
4075
4076
4077
4078
4079
4080
4081
4082
4083
4084
4085
4086
4087
4088
4089
4090
4091
4092
4093
4094
4095
4096
4097
4098
4099
4100
4101
4102
4103
4104
4105
4106
4107
4108
4109
4110
4111
4112
4113
4114
4115
4116
4117
4118
4119
4120
4121
4122
4123
4124
4125
4126
4127
4128
4129
4130
4131
4132
4133
4134
4135
4136
4137
4138
4139
4140
4141
4142
4143
4144
4145
4146
4147
4148
4149
4150
4151
4152
4153
4154
4155
4156
4157
4158
4159
4160
4161
4162
4163
4164
4165
4166
4167
4168
4169
4170
4171
4172
4173
4174
4175
4176
4177
4178
4179
4180
4181
4182
4183
4184
4185
4186
4187
4188
4189
4190
4191
4192
4193
4194
4195
4196
4197
4198
4199
4200
4201
4202
4203
4204
4205
4206
4207
4208
4209
4210
4211
4212
4213
4214
4215
4216
4217
4218
4219
4220
4221
4222
4223
4224
4225
4226
4227
4228
4229
4230
4231
4232
4233
4234
4235
4236
4237
4238
4239
4240
4241
4242
4243
4244
4245
4246
4247
4248
4249
4250
4251
4252
4253
4254
4255
4256
4257
4258
4259
4260
4261
4262
4263
4264
4265
4266
4267
4268
4269
4270
4271
4272
4273
4274
4275
4276
4277
4278
4279
4280
4281
4282
4283
4284
4285
4286
4287
4288
4289
4290
4291
4292
4293
4294
4295
4296
4297
4298
4299
4300
4301
4302
4303
4304
4305
4306
4307
4308
4309
4310
4311
4312
4313
4314
4315
4316
4317
4318
4319
4320
4321
4322
4323
4324
4325
4326
4327
4328
4329
4330
4331
4332
4333
4334
4335
4336
4337
4338
4339
4340
4341
4342
4343
4344
4345
4346
4347
4348
4349
4350
4351
4352
4353
4354
4355
4356
4357
4358
4359
4360
4361
4362
4363
4364
4365
4366
4367
4368
4369
4370
4371
4372
4373
4374
4375
4376
4377
4378
4379
4380
4381
4382
4383
4384
4385
4386
4387
4388
4389
4390
4391
4392
4393
4394
4395
4396
4397
4398
4399
4400
4401
4402
4403
4404
4405
4406
4407
4408
4409
4410
4411
4412
4413
4414
4415
4416
4417
4418
4419
4420
4421
4422
4423
4424
4425
4426
4427
4428
4429
4430
4431
4432
4433
4434
4435
4436
4437
4438
4439
4440
4441
4442
4443
4444
4445
4446
4447
4448
4449
4450
4451
4452
4453
4454
4455
4456
4457
4458
4459
4460
4461
4462
4463
4464
4465
4466
4467
4468
4469
4470
4471
4472
4473
4474
4475
4476
4477
4478
4479
4480
4481
4482
4483
4484
4485
4486
4487
4488
4489
4490
4491
4492
4493
4494
4495
4496
4497
4498
4499
4500
4501
4502
4503
4504
4505
4506
4507
4508
4509
4510
4511
4512
4513
4514
4515
4516
4517
4518
4519
4520
4521
4522
4523
4524
4525
4526
4527
4528
4529
4530
4531
4532
4533
4534
4535
4536
4537
4538
4539
4540
4541
4542
4543
4544
4545
4546
4547
4548
4549
4550
4551
4552
4553
4554
4555
4556
4557
4558
4559
4560
4561
4562
4563
4564
4565
4566
4567
4568
4569
4570
4571
4572
4573
4574
4575
4576
4577
4578
4579
4580
4581
4582
4583
4584
4585
4586
4587
4588
4589
4590
4591
4592
4593
4594
4595
4596
4597
4598
4599
4600
4601
4602
4603
4604
4605
4606
4607
4608
4609
4610
4611
4612
4613
4614
4615
4616
4617
4618
4619
4620
4621
4622
4623
4624
4625
4626
4627
4628
4629
4630
4631
4632
4633
4634
4635
4636
4637
4638
4639
4640
4641
4642
4643
4644
4645
4646
4647
4648
4649
4650
4651
4652
4653
4654
4655
4656
4657
4658
4659
4660
4661
4662
4663
4664
4665
4666
4667
4668
4669
4670
4671
4672
4673
4674
4675
4676
4677
4678
4679
4680
4681
4682
4683
4684
4685
4686
4687
4688
4689
4690
4691
4692
4693
4694
4695
4696
4697
4698
4699
4700
4701
4702
4703
4704
4705
4706
4707
4708
4709
4710
4711
4712
4713
4714
4715
4716
4717
4718
4719
4720
4721
4722
4723
4724
4725
4726
4727
4728
4729
4730
4731
4732
4733
4734
4735
4736
4737
4738
4739
4740
4741
4742
4743
4744
4745
4746
4747
4748
4749
4750
4751
4752
4753
4754
4755
4756
4757
4758
4759
4760
4761
4762
4763
4764
4765
4766
4767
4768
4769
4770
4771
4772
4773
4774
4775
4776
4777
4778
4779
4780
4781
4782
4783
4784
4785
4786
4787
4788
4789
4790
4791
4792
4793
4794
4795
4796
4797
4798
4799
4800
4801
4802
4803
4804
4805
4806
4807
4808
4809
4810
4811
4812
4813
4814
4815
4816
4817
4818
4819
4820
4821
4822
4823
4824
4825
4826
4827
4828
4829
4830
4831
4832
4833
4834
4835
4836
4837
4838
4839
4840
4841
4842
4843
4844
4845
4846
4847
4848
4849
4850
4851
4852
4853
4854
4855
4856
4857
4858
4859
4860
4861
4862
4863
4864
4865
4866
4867
4868
4869
4870
4871
4872
4873
4874
4875
4876
4877
4878
4879
4880
4881
4882
4883
4884
4885
4886
4887
4888
4889
4890
4891
4892
4893
4894
4895
4896
4897
4898
4899
4900
4901
4902
4903
4904
4905
4906
4907
4908
4909
4910
4911
4912
4913
4914
4915
4916
4917
4918
4919
4920
4921
4922
4923
4924
4925
4926
4927
4928
4929
4930
4931
4932
4933
4934
4935
4936
4937
4938
4939
4940
4941
4942
4943
4944
4945
4946
4947
4948
4949
4950
4951
4952
4953
4954
4955
4956
4957
4958
4959
4960
4961
4962
4963
4964
4965
4966
4967
4968
4969
4970
4971
4972
4973
4974
4975
4976
4977
4978
4979
4980
4981
4982
4983
4984
4985
4986
4987
4988
4989
4990
4991
4992
4993
4994
4995
4996
4997
4998
4999
5000
5001
5002
5003
5004
5005
5006
5007
5008
5009
5010
5011
5012
5013
5014
5015
5016
5017
5018
5019
5020
5021
5022
5023
5024
5025
5026
5027
5028
5029
5030
5031
5032
5033
5034
5035
5036
5037
5038
5039
5040
5041
5042
5043
5044
5045
5046
5047
5048
5049
5050
5051
5052
5053
5054
5055
5056
5057
5058
5059
5060
5061
5062
5063
5064
5065
5066
5067
5068
5069
5070
5071
5072
5073
5074
5075
5076
5077
5078
5079
5080
5081
5082
5083
5084
5085
5086
5087
5088
5089
5090
5091
5092
5093
5094
5095
5096
5097
5098
5099
5100
5101
5102
5103
5104
5105
5106
5107
5108
5109
5110
5111
5112
5113
5114
5115
5116
5117
5118
5119
5120
5121
5122
5123
5124
5125
5126
5127
5128
5129
5130
5131
5132
5133
5134
5135
5136
5137
5138
5139
5140
5141
5142
5143
5144
5145
5146
5147
5148
5149
5150
5151
5152
5153
5154
5155
5156
5157
5158
5159
5160
5161
5162
5163
5164
5165
5166
5167
5168
5169
5170
5171
5172
5173
5174
5175
5176
5177
5178
5179
5180
5181
5182
5183
5184
5185
5186
5187
5188
5189
5190
5191
5192
5193
5194
5195
5196
5197
5198
5199
5200
5201
5202
5203
5204
5205
5206
5207
5208
5209
5210
5211
5212
5213
5214
5215
5216
5217
5218
5219
5220
5221
5222
5223
5224
5225
5226
5227
5228
5229
5230
5231
5232
5233
5234
5235
5236
5237
5238
5239
5240
5241
5242
5243
5244
5245
5246
5247
5248
5249
5250
5251
5252
5253
5254
5255
5256
5257
5258
5259
5260
5261
5262
5263
5264
5265
5266
5267
5268
5269
5270
5271
5272
5273
5274
5275
5276
5277
5278
5279
5280
5281
5282
5283
5284
5285
5286
5287
5288
5289
5290
5291
5292
5293
5294
5295
5296
5297
5298
5299
5300
5301
5302
5303
5304
5305
5306
5307
5308
5309
5310
5311
5312
5313
5314
5315
5316
5317
5318
5319
5320
5321
5322
5323
5324
5325
5326
5327
5328
5329
5330
5331
5332
5333
5334
5335
5336
5337
5338
5339
5340
5341
5342
5343
5344
5345
5346
5347
5348
5349
5350
5351
5352
5353
5354
5355
5356
5357
5358
5359
5360
5361
5362
5363
5364
5365
5366
5367
5368
5369
5370
5371
5372
5373
5374
5375
5376
5377
5378
5379
5380
5381
5382
5383
5384
5385
5386
5387
5388
5389
5390
5391
5392
5393
5394
5395
5396
5397
5398
5399
5400
5401
5402
5403
5404
5405
5406
5407
5408
5409
5410
5411
5412
5413
5414
5415
5416
5417
5418
5419
5420
5421
5422
5423
5424
5425
5426
5427
5428
5429
5430
5431
5432
5433
5434
5435
5436
5437
5438
5439
5440
5441
5442
5443
5444
5445
5446
5447
5448
5449
5450
5451
5452
5453
5454
5455
5456
5457
5458
5459
5460
5461
5462
5463
5464
5465
5466
5467
5468
5469
5470
5471
5472
5473
5474
5475
5476
5477
5478
5479
5480
5481
5482
5483
5484
5485
5486
5487
5488
5489
5490
5491
5492
5493
5494
5495
5496
5497
5498
5499
5500
5501
5502
5503
5504
5505
5506
5507
5508
5509
5510
5511
5512
5513
5514
5515
5516
5517
5518
5519
5520
5521
5522
5523
5524
5525
5526
5527
5528
5529
5530
5531
5532
5533
5534
5535
5536
5537
5538
5539
5540
5541
5542
5543
5544
5545
5546
5547
5548
5549
5550
5551
5552
5553
5554
5555
5556
5557
5558
5559
5560
5561
5562
5563
5564
5565
5566
5567
5568
5569
5570
5571
5572
5573
5574
5575
5576
5577
5578
5579
5580
5581
5582
5583
5584
5585
5586
5587
5588
5589
5590
5591
5592
5593
5594
5595
5596
5597
5598
5599
5600
5601
5602
5603
5604
5605
5606
5607
5608
5609
5610
5611
5612
5613
5614
5615
5616
5617
5618
5619
5620
5621
5622
5623
5624
5625
5626
5627
5628
5629
5630
5631
5632
5633
5634
5635
5636
5637
5638
5639
5640
5641
5642
5643
5644
5645
5646
5647
5648
5649
5650
5651
5652
5653
5654
5655
5656
5657
5658
5659
5660
5661
5662
5663
5664
5665
5666
5667
5668
5669
5670
5671
5672
5673
5674
5675
5676
5677
5678
5679
5680
5681
5682
5683
5684
5685
5686
5687
5688
5689
5690
5691
5692
5693
5694
5695
5696
5697
5698
5699
5700
5701
5702
5703
5704
5705
5706
5707
5708
5709
5710
5711
5712
5713
5714
5715
5716
5717
5718
5719
5720
5721
5722
5723
5724
5725
5726
5727
5728
5729
5730
5731
5732
5733
5734
5735
5736
5737
5738
5739
5740
5741
5742
5743
5744
5745
5746
5747
5748
5749
5750
5751
5752
5753
5754
5755
5756
5757
5758
5759
5760
5761
5762
5763
5764
5765
5766
5767
5768
5769
5770
5771
5772
5773
5774
5775
5776
5777
5778
5779
5780
5781
5782
5783
5784
5785
5786
5787
5788
5789
5790
5791
5792
5793
5794
5795
5796
5797
5798
5799
5800
5801
5802
5803
5804
5805
5806
5807
5808
5809
5810
5811
5812
5813
5814
5815
5816
5817
5818
5819
5820
5821
5822
5823
5824
5825
5826
5827
5828
5829
5830
5831
5832
5833
5834
5835
5836
5837
5838
5839
5840
5841
5842
5843
5844
5845
5846
5847
5848
5849
5850
5851
5852
5853
5854
5855
5856
5857
5858
5859
5860
5861
5862
5863
5864
5865
5866
5867
5868
5869
5870
5871
5872
5873
5874
5875
5876
5877
5878
5879
5880
5881
5882
5883
5884
5885
5886
5887
5888
5889
5890
5891
5892
5893
5894
5895
5896
5897
5898
5899
5900
5901
5902
5903
5904
5905
5906
5907
5908
5909
5910
5911
5912
5913
5914
5915
5916
5917
5918
5919
5920
5921
5922
5923
5924
5925
5926
5927
5928
5929
5930
5931
5932
5933
5934
5935
5936
5937
5938
5939
5940
5941
5942
5943
5944
5945
5946
5947
5948
5949
5950
5951
5952
5953
5954
5955
5956
5957
5958
5959
5960
5961
5962
5963
5964
5965
5966
5967
5968
5969
5970
5971
5972
5973
5974
5975
5976
5977
5978
5979
5980
5981
5982
5983
5984
5985
5986
5987
5988
5989
5990
5991
5992
5993
5994
5995
5996
5997
5998
5999
6000
6001
6002
6003
6004
6005
6006
6007
6008
6009
6010
6011
6012
6013
6014
6015
6016
6017
6018
6019
6020
6021
6022
6023
6024
6025
6026
6027
6028
6029
6030
6031
6032
6033
6034
6035
6036
6037
6038
6039
6040
6041
6042
6043
6044
6045
6046
6047
6048
6049
6050
6051
6052
6053
6054
6055
6056
6057
6058
6059
6060
6061
6062
6063
6064
6065
6066
6067
6068
6069
6070
6071
6072
6073
6074
6075
6076
6077
6078
6079
6080
6081
6082
6083
6084
6085
6086
6087
6088
6089
6090
6091
6092
6093
6094
6095
6096
6097
6098
6099
6100
6101
6102
6103
6104
6105
6106
6107
6108
6109
6110
6111
6112
6113
6114
6115
6116
6117
6118
6119
6120
6121
6122
6123
6124
6125
6126
6127
6128
6129
6130
6131
6132
6133
6134
6135
6136
6137
6138
6139
6140
6141
6142
6143
6144
6145
6146
6147
6148
6149
6150
6151
6152
6153
6154
6155
6156
6157
6158
6159
6160
6161
6162
6163
6164
6165
6166
6167
6168
6169
6170
6171
6172
6173
6174
6175
6176
6177
6178
6179
6180
6181
6182
6183
6184
6185
6186
6187
6188
6189
6190
6191
6192
6193
6194
6195
6196
6197
6198
6199
6200
6201
6202
6203
6204
6205
6206
6207
6208
6209
6210
6211
6212
6213
6214
6215
6216
6217
6218
6219
6220
6221
6222
6223
6224
6225
6226
6227
6228
6229
6230
6231
6232
6233
6234
6235
6236
6237
6238
6239
6240
6241
6242
6243
6244
6245
6246
6247
6248
6249
6250
6251
6252
6253
6254
6255
6256
6257
6258
6259
6260
6261
6262
6263
6264
6265
6266
6267
6268
6269
6270
6271
6272
6273
6274
6275
6276
6277
6278
6279
6280
6281
6282
6283
6284
6285
6286
6287
6288
6289
6290
6291
6292
6293
6294
6295
6296
6297
6298
6299
6300
6301
6302
6303
6304
6305
6306
6307
6308
6309
6310
6311
6312
6313
6314
6315
6316
6317
6318
6319
6320
6321
6322
6323
6324
6325
6326
6327
6328
6329
6330
6331
6332
6333
6334
6335
6336
6337
6338
6339
6340
6341
6342
6343
6344
6345
6346
6347
6348
6349
6350
6351
6352
6353
6354
6355
6356
6357
6358
6359
6360
6361
6362
6363
6364
6365
6366
6367
6368
6369
6370
6371
6372
6373
6374
6375
6376
6377
6378
6379
6380
6381
6382
6383
6384
6385
6386
6387
6388
6389
6390
6391
6392
6393
6394
6395
6396
6397
6398
6399
6400
6401
6402
6403
6404
6405
6406
6407
6408
6409
6410
6411
6412
6413
6414
6415
6416
6417
6418
6419
6420
6421
6422
6423
6424
6425
6426
6427
6428
6429
6430
6431
6432
6433
6434
6435
6436
6437
6438
6439
6440
6441
6442
6443
6444
6445
6446
6447
6448
6449
6450
6451
6452
6453
6454
6455
6456
6457
6458
6459
6460
6461
6462
6463
6464
6465
6466
6467
6468
6469
6470
6471
6472
6473
6474
6475
6476
6477
6478
6479
6480
6481
6482
6483
6484
6485
6486
6487
6488
6489
6490
6491
6492
6493
6494
6495
6496
6497
6498
6499
6500
6501
6502
6503
6504
6505
6506
6507
6508
6509
6510
6511
6512
6513
6514
6515
6516
6517
6518
6519
6520
6521
6522
6523
6524
6525
6526
6527
6528
6529
6530
6531
6532
6533
6534
6535
6536
6537
6538
6539
6540
6541
6542
6543
6544
6545
6546
6547
6548
6549
6550
6551
6552
6553
6554
6555
6556
6557
6558
6559
6560
6561
6562
6563
6564
6565
6566
6567
6568
6569
6570
6571
6572
6573
6574
6575
6576
6577
6578
6579
6580
6581
6582
6583
6584
6585
6586
6587
6588
6589
6590
6591
6592
6593
6594
6595
6596
6597
6598
6599
6600
6601
6602
6603
6604
6605
6606
6607
6608
6609
6610
6611
6612
6613
6614
6615
6616
6617
6618
6619
6620
6621
6622
6623
6624
6625
6626
6627
6628
6629
6630
6631
6632
6633
6634
6635
6636
6637
6638
6639
6640
6641
6642
6643
6644
6645
6646
6647
6648
6649
6650
6651
6652
6653
6654
6655
6656
6657
6658
6659
6660
6661
6662
6663
6664
6665
6666
6667
6668
6669
6670
6671
6672
6673
6674
6675
6676
6677
6678
6679
6680
6681
6682
6683
6684
6685
6686
6687
6688
6689
6690
6691
6692
6693
6694
6695
6696
6697
6698
6699
6700
6701
6702
6703
6704
6705
6706
6707
6708
6709
6710
6711
6712
6713
6714
6715
6716
6717
6718
6719
6720
6721
6722
6723
6724
6725
6726
6727
6728
6729
6730
6731
6732
6733
6734
6735
6736
6737
6738
6739
6740
6741
6742
6743
6744
6745
6746
6747
6748
6749
6750
6751
6752
6753
6754
6755
6756
6757
6758
6759
6760
6761
6762
6763
6764
6765
6766
6767
6768
6769
6770
6771
6772
6773
6774
6775
6776
6777
6778
6779
6780
6781
6782
6783
6784
6785
6786
6787
6788
6789
6790
6791
6792
6793
6794
6795
6796
6797
6798
6799
6800
6801
6802
6803
6804
6805
6806
6807
6808
6809
6810
6811
6812
6813
6814
6815
6816
6817
6818
6819
6820
6821
6822
6823
6824
6825
6826
6827
6828
6829
6830
6831
6832
6833
6834
6835
6836
6837
6838
6839
6840
6841
6842
6843
6844
6845
6846
6847
6848
6849
6850
6851
6852
6853
6854
6855
6856
6857
6858
6859
6860
6861
6862
6863
6864
6865
6866
6867
6868
6869
6870
6871
6872
6873
6874
6875
6876
6877
6878
6879
6880
6881
6882
6883
6884
6885
6886
6887
6888
6889
6890
6891
6892
6893
6894
6895
6896
6897
6898
6899
6900
6901
6902
6903
6904
6905
6906
6907
6908
6909
6910
6911
6912
6913
6914
6915
6916
6917
6918
6919
6920
6921
6922
6923
6924
6925
6926
6927
6928
6929
6930
6931
6932
6933
6934
6935
6936
6937
6938
6939
6940
6941
6942
6943
6944
6945
6946
6947
6948
6949
6950
6951
6952
6953
6954
6955
6956
6957
6958
6959
6960
6961
6962
6963
6964
6965
6966
6967
6968
6969
6970
6971
6972
6973
6974
6975
6976
6977
6978
6979
6980
6981
6982
6983
6984
6985
6986
6987
6988
6989
6990
6991
6992
6993
6994
6995
6996
6997
6998
6999
7000
7001
7002
7003
7004
7005
7006
7007
7008
7009
7010
7011
7012
7013
7014
7015
7016
7017
7018
7019
7020
7021
7022
7023
7024
7025
7026
7027
7028
7029
7030
7031
7032
7033
7034
7035
7036
7037
7038
7039
7040
7041
7042
7043
7044
7045
7046
7047
7048
7049
7050
7051
7052
7053
7054
7055
7056
7057
7058
7059
7060
7061
7062
7063
7064
7065
7066
7067
7068
7069
7070
7071
7072
7073
7074
7075
7076
7077
7078
7079
7080
7081
7082
7083
7084
7085
7086
7087
7088
7089
7090
7091
7092
7093
7094
7095
7096
7097
7098
7099
7100
7101
7102
7103
7104
7105
7106
7107
7108
7109
7110
7111
7112
7113
7114
7115
7116
7117
7118
7119
7120
7121
7122
7123
7124
7125
7126
7127
7128
7129
7130
7131
7132
7133
7134
7135
7136
7137
7138
7139
7140
7141
7142
7143
7144
7145
7146
7147
7148
7149
7150
7151
7152
7153
7154
7155
7156
7157
7158
7159
7160
7161
7162
7163
7164
7165
7166
7167
7168
7169
7170
7171
7172
7173
7174
7175
7176
7177
7178
7179
7180
7181
7182
7183
7184
7185
7186
7187
7188
7189
7190
7191
7192
7193
7194
7195
7196
7197
7198
7199
7200
7201
7202
7203
7204
7205
7206
7207
7208
7209
7210
7211
7212
7213
7214
7215
7216
7217
7218
7219
7220
7221
7222
7223
7224
7225
7226
7227
7228
7229
7230
7231
7232
7233
7234
7235
7236
7237
7238
7239
7240
7241
7242
7243
7244
7245
7246
7247
7248
7249
7250
7251
7252
7253
7254
7255
7256
7257
7258
7259
7260
7261
7262
7263
7264
7265
7266
7267
7268
7269
7270
7271
7272
7273
7274
7275
7276
7277
7278
7279
7280
7281
7282
7283
7284
7285
7286
7287
7288
7289
7290
7291
7292
7293
7294
7295
7296
7297
7298
7299
7300
7301
7302
7303
7304
7305
7306
7307
7308
7309
7310
7311
7312
7313
7314
7315
7316
7317
7318
7319
7320
7321
7322
7323
7324
7325
7326
7327
7328
7329
7330
7331
7332
7333
7334
7335
7336
7337
7338
7339
7340
7341
7342
7343
7344
7345
7346
7347
7348
7349
7350
7351
7352
7353
7354
7355
7356
7357
7358
7359
7360
7361
7362
7363
7364
7365
7366
7367
7368
7369
7370
7371
7372
7373
7374
7375
7376
7377
7378
7379
7380
7381
7382
7383
7384
7385
7386
7387
7388
7389
7390
7391
7392
7393
7394
7395
7396
7397
7398
7399
7400
7401
7402
7403
7404
7405
7406
7407
7408
7409
7410
7411
7412
7413
7414
7415
7416
7417
7418
7419
7420
7421
7422
7423
7424
7425
7426
7427
7428
7429
7430
7431
7432
7433
7434
7435
7436
7437
7438
7439
7440
7441
7442
7443
7444
7445
7446
7447
7448
7449
7450
7451
7452
7453
7454
7455
7456
7457
7458
7459
7460
7461
7462
7463
7464
7465
7466
7467
7468
7469
7470
7471
7472
7473
7474
7475
7476
7477
7478
7479
7480
7481
7482
7483
7484
7485
7486
7487
7488
7489
7490
7491
7492
7493
7494
7495
7496
7497
7498
7499
7500
7501
7502
7503
7504
7505
7506
7507
7508
7509
7510
7511
7512
7513
7514
7515
7516
7517
7518
7519
7520
7521
7522
7523
7524
7525
7526
7527
7528
7529
7530
7531
7532
7533
7534
7535
7536
7537
7538
7539
7540
7541
7542
7543
7544
7545
7546
7547
7548
7549
7550
7551
7552
7553
7554
7555
7556
7557
7558
7559
7560
7561
7562
7563
7564
7565
7566
7567
7568
7569
7570
7571
7572
7573
7574
7575
7576
7577
7578
7579
7580
7581
7582
7583
7584
7585
7586
7587
7588
7589
7590
7591
7592
7593
7594
7595
7596
7597
7598
7599
7600
7601
7602
7603
7604
7605
7606
7607
7608
7609
7610
7611
7612
7613
7614
7615
7616
7617
7618
7619
7620
7621
7622
7623
7624
7625
7626
7627
7628
7629
7630
7631
7632
7633
7634
7635
7636
7637
7638
7639
7640
7641
7642
7643
7644
7645
7646
7647
7648
7649
7650
7651
7652
7653
7654
7655
7656
7657
7658
7659
7660
7661
7662
7663
7664
7665
7666
7667
7668
7669
7670
7671
7672
7673
7674
7675
7676
7677
7678
7679
7680
7681
7682
7683
7684
7685
7686
7687
7688
7689
7690
7691
7692
7693
7694
7695
7696
7697
7698
7699
7700
7701
7702
7703
7704
7705
7706
7707
7708
7709
7710
7711
7712
7713
7714
7715
7716
7717
7718
7719
7720
7721
7722
7723
7724
7725
7726
7727
7728
7729
7730
7731
7732
7733
7734
7735
7736
7737
7738
7739
7740
7741
7742
7743
7744
7745
7746
7747
7748
7749
7750
7751
7752
7753
7754
7755
7756
7757
7758
7759
7760
7761
7762
7763
7764
7765
7766
7767
7768
7769
7770
7771
7772
7773
7774
7775
7776
7777
7778
7779
7780
7781
7782
7783
7784
7785
7786
7787
7788
7789
7790
7791
7792
7793
7794
7795
7796
7797
7798
7799
7800
7801
7802
7803
7804
7805
7806
7807
7808
7809
7810
7811
7812
7813
7814
7815
7816
7817
7818
7819
7820
7821
7822
7823
7824
7825
7826
7827
7828
7829
7830
7831
7832
7833
7834
7835
7836
7837
7838
7839
7840
7841
7842
7843
7844
7845
7846
7847
7848
7849
7850
7851
7852
7853
7854
7855
7856
7857
7858
7859
7860
7861
7862
7863
7864
7865
7866
7867
7868
7869
7870
7871
7872
7873
7874
7875
7876
7877
7878
7879
7880
7881
7882
7883
7884
7885
7886
7887
7888
7889
7890
7891
7892
7893
7894
7895
7896
7897
7898
7899
7900
7901
7902
7903
7904
7905
7906
7907
7908
7909
7910
7911
7912
7913
7914
7915
7916
7917
7918
7919
7920
7921
7922
7923
7924
7925
7926
7927
7928
7929
7930
7931
7932
7933
7934
7935
7936
7937
7938
7939
7940
7941
7942
7943
7944
7945
7946
7947
7948
7949
7950
7951
7952
7953
7954
7955
7956
7957
7958
7959
7960
7961
7962
7963
7964
7965
7966
7967
7968
7969
7970
7971
7972
7973
7974
7975
7976
7977
7978
7979
7980
7981
7982
7983
7984
7985
7986
7987
7988
7989
7990
7991
7992
7993
7994
7995
7996
7997
7998
7999
8000
8001
8002
8003
8004
8005
8006
8007
8008
8009
8010
8011
8012
8013
8014
8015
8016
8017
8018
8019
8020
8021
8022
8023
8024
8025
8026
8027
8028
8029
8030
8031
8032
8033
8034
8035
8036
8037
8038
8039
8040
8041
8042
8043
8044
8045
8046
8047
8048
8049
8050
8051
8052
8053
8054
8055
8056
8057
8058
8059
8060
8061
8062
8063
8064
8065
8066
8067
8068
8069
8070
8071
8072
8073
8074
8075
8076
8077
8078
8079
8080
8081
8082
8083
8084
8085
8086
8087
8088
8089
8090
8091
8092
8093
8094
8095
8096
8097
8098
8099
8100
8101
8102
8103
8104
8105
8106
8107
8108
8109
8110
8111
8112
8113
8114
8115
8116
8117
8118
8119
8120
8121
8122
8123
8124
8125
8126
8127
8128
8129
8130
8131
8132
8133
8134
8135
8136
8137
8138
8139
8140
8141
8142
8143
8144
8145
8146
8147
8148
8149
8150
8151
8152
8153
8154
8155
8156
8157
8158
8159
8160
8161
8162
8163
8164
8165
8166
8167
8168
8169
8170
8171
8172
8173
8174
8175
8176
8177
8178
8179
8180
8181
8182
8183
8184
8185
8186
8187
8188
8189
8190
8191
8192
8193
8194
8195
8196
8197
8198
8199
8200
8201
8202
8203
8204
8205
8206
8207
8208
8209
8210
8211
8212
8213
8214
8215
8216
8217
8218
8219
8220
8221
8222
8223
8224
8225
8226
8227
8228
8229
8230
8231
8232
8233
8234
8235
8236
8237
8238
8239
8240
8241
8242
8243
8244
8245
8246
8247
8248
8249
8250
8251
8252
8253
8254
8255
8256
8257
8258
8259
8260
8261
8262
8263
8264
8265
8266
8267
8268
8269
8270
8271
8272
8273
8274
8275
8276
8277
8278
8279
8280
8281
8282
8283
8284
8285
8286
8287
8288
8289
8290
8291
8292
8293
8294
8295
8296
8297
8298
8299
8300
8301
8302
8303
8304
8305
8306
8307
8308
8309
8310
8311
8312
8313
8314
8315
8316
8317
8318
8319
8320
8321
8322
8323
8324
8325
8326
8327
8328
8329
8330
8331
8332
8333
8334
8335
8336
8337
8338
8339
8340
8341
8342
8343
8344
8345
8346
8347
8348
8349
8350
8351
8352
8353
8354
8355
8356
8357
8358
8359
8360
8361
8362
8363
8364
8365
8366
8367
8368
8369
8370
8371
8372
8373
8374
8375
8376
8377
8378
8379
8380
8381
8382
8383
8384
8385
8386
8387
8388
8389
8390
8391
8392
8393
8394
8395
8396
8397
8398
8399
8400
8401
8402
8403
8404
8405
8406
8407
8408
8409
8410
8411
8412
8413
8414
8415
8416
8417
8418
8419
8420
8421
8422
8423
8424
8425
8426
8427
8428
8429
8430
8431
8432
8433
8434
8435
8436
8437
8438
8439
8440
8441
8442
8443
8444
8445
8446
8447
8448
8449
8450
8451
8452
8453
8454
8455
8456
8457
8458
8459
8460
8461
8462
8463
8464
8465
8466
8467
8468
8469
8470
8471
8472
8473
8474
8475
8476
8477
8478
8479
8480
8481
8482
8483
8484
8485
8486
8487
8488
8489
8490
8491
8492
8493
8494
8495
8496
8497
8498
8499
8500
8501
8502
8503
8504
8505
8506
8507
8508
8509
8510
8511
8512
8513
8514
8515
8516
8517
8518
8519
8520
8521
8522
8523
8524
8525
8526
8527
8528
8529
8530
8531
8532
8533
8534
8535
8536
8537
8538
8539
8540
8541
8542
8543
8544
8545
8546
8547
8548
8549
8550
8551
8552
8553
8554
8555
8556
8557
8558
8559
8560
8561
8562
8563
8564
8565
8566
8567
8568
8569
8570
8571
8572
8573
8574
8575
8576
8577
8578
8579
8580
8581
8582
8583
8584
8585
8586
8587
8588
8589
8590
8591
8592
8593
8594
8595
8596
8597
8598
8599
8600
8601
8602
8603
8604
8605
8606
8607
8608
8609
8610
8611
8612
8613
8614
8615
8616
8617
8618
8619
8620
8621
8622
8623
8624
8625
8626
8627
8628
8629
8630
8631
8632
8633
8634
8635
8636
8637
8638
8639
8640
8641
8642
8643
8644
8645
8646
8647
8648
8649
8650
8651
8652
8653
8654
8655
8656
8657
8658
8659
8660
8661
8662
8663
8664
8665
8666
8667
8668
8669
8670
8671
8672
8673
8674
8675
8676
8677
8678
8679
8680
8681
8682
8683
8684
8685
8686
8687
8688
8689
8690
8691
8692
8693
8694
8695
8696
8697
8698
8699
8700
8701
8702
8703
8704
8705
8706
8707
8708
8709
8710
8711
8712
8713
8714
8715
8716
8717
8718
8719
8720
8721
8722
8723
8724
8725
8726
8727
8728
8729
8730
8731
8732
8733
8734
8735
8736
8737
8738
8739
8740
8741
8742
8743
8744
8745
8746
8747
8748
8749
8750
8751
8752
8753
8754
8755
8756
8757
8758
8759
8760
8761
8762
8763
8764
8765
8766
8767
8768
8769
8770
8771
8772
8773
8774
8775
8776
8777
8778
8779
8780
8781
8782
8783
8784
8785
8786
8787
8788
8789
8790
8791
8792
8793
8794
8795
8796
8797
8798
8799
8800
8801
8802
8803
8804
8805
8806
8807
8808
8809
8810
8811
8812
8813
8814
8815
8816
8817
8818
8819
8820
8821
8822
8823
8824
8825
8826
8827
8828
8829
8830
8831
8832
8833
8834
8835
8836
8837
8838
8839
8840
8841
8842
8843
8844
8845
8846
8847
8848
8849
8850
8851
8852
8853
8854
8855
8856
8857
8858
8859
8860
8861
8862
8863
8864
8865
8866
8867
8868
8869
8870
8871
8872
8873
8874
8875
8876
8877
8878
8879
8880
8881
8882
8883
8884
8885
8886
8887
8888
8889
8890
8891
8892
8893
8894
8895
8896
8897
8898
8899
8900
8901
8902
8903
8904
8905
8906
8907
8908
8909
8910
8911
8912
8913
8914
8915
8916
8917
8918
8919
8920
8921
8922
8923
8924
8925
8926
8927
8928
8929
8930
8931
8932
8933
8934
8935
8936
8937
8938
8939
8940
8941
8942
8943
8944
8945
8946
8947
8948
8949
8950
8951
8952
8953
8954
8955
8956
8957
8958
8959
8960
8961
8962
8963
8964
8965
8966
8967
8968
8969
8970
8971
8972
8973
8974
8975
8976
8977
8978
8979
8980
8981
8982
8983
8984
8985
8986
8987
8988
8989
8990
8991
8992
8993
8994
8995
8996
8997
8998
8999
9000
9001
9002
9003
9004
9005
9006
9007
9008
9009
9010
9011
9012
9013
9014
9015
9016
9017
9018
9019
9020
9021
9022
9023
9024
9025
9026
9027
9028
9029
9030
9031
9032
9033
9034
9035
9036
9037
9038
9039
9040
9041
9042
9043
9044
9045
9046
9047
9048
9049
9050
9051
9052
9053
9054
9055
9056
9057
9058
9059
9060
9061
9062
9063
9064
9065
9066
9067
9068
9069
9070
9071
9072
9073
9074
9075
9076
9077
9078
9079
9080
9081
9082
9083
9084
9085
9086
9087
9088
9089
9090
9091
9092
9093
9094
9095
9096
9097
9098
9099
9100
9101
9102
9103
9104
9105
9106
9107
9108
9109
9110
9111
9112
9113
9114
9115
9116
9117
9118
9119
9120
9121
9122
9123
9124
9125
9126
9127
9128
9129
9130
9131
9132
9133
9134
9135
9136
9137
9138
9139
9140
9141
9142
9143
9144
9145
9146
9147
9148
9149
9150
9151
9152
9153
9154
9155
9156
9157
9158
9159
9160
9161
9162
9163
9164
9165
9166
9167
9168
9169
9170
9171
9172
9173
9174
9175
9176
9177
9178
9179
9180
9181
9182
9183
9184
9185
9186
9187
9188
9189
9190
9191
9192
9193
9194
9195
9196
9197
9198
9199
9200
9201
9202
9203
9204
9205
9206
9207
9208
9209
9210
9211
9212
9213
9214
9215
9216
9217
9218
9219
9220
9221
9222
9223
9224
9225
9226
9227
9228
9229
9230
9231
9232
9233
9234
9235
9236
9237
9238
9239
9240
9241
9242
9243
9244
9245
9246
9247
9248
9249
9250
9251
9252
9253
9254
9255
9256
9257
9258
9259
9260
9261
9262
9263
9264
9265
9266
9267
9268
9269
9270
9271
9272
9273
9274
9275
9276
9277
9278
9279
9280
9281
9282
9283
9284
9285
9286
9287
9288
9289
9290
9291
9292
9293
9294
9295
9296
9297
9298
9299
9300
9301
9302
9303
9304
9305
9306
9307
9308
9309
9310
9311
9312
9313
9314
9315
9316
9317
9318
9319
9320
9321
9322
9323
9324
9325
9326
9327
9328
9329
9330
9331
9332
9333
9334
9335
9336
9337
9338
9339
9340
9341
9342
9343
9344
9345
9346
9347
9348
9349
9350
9351
9352
9353
9354
9355
9356
9357
9358
9359
9360
9361
9362
9363
9364
9365
9366
9367
9368
9369
9370
9371
9372
9373
9374
9375
9376
9377
9378
9379
9380
9381
9382
9383
9384
9385
9386
9387
9388
9389
9390
9391
9392
9393
9394
9395
9396
9397
9398
9399
9400
9401
9402
9403
9404
9405
9406
9407
9408
9409
9410
9411
9412
9413
9414
9415
9416
9417
9418
9419
9420
9421
9422
9423
9424
9425
9426
9427
9428
9429
9430
9431
9432
9433
9434
9435
9436
9437
9438
9439
9440
9441
9442
9443
9444
9445
9446
9447
9448
9449
9450
9451
9452
9453
9454
9455
9456
9457
9458
9459
9460
9461
9462
9463
9464
9465
9466
9467
9468
9469
9470
9471
9472
9473
9474
9475
9476
9477
9478
9479
9480
9481
9482
9483
9484
9485
9486
9487
9488
9489
9490
9491
9492
9493
9494
9495
9496
9497
9498
9499
9500
9501
9502
9503
9504
9505
9506
9507
9508
9509
9510
9511
9512
9513
9514
9515
9516
9517
9518
9519
9520
9521
9522
9523
9524
9525
9526
9527
9528
9529
9530
9531
9532
9533
9534
9535
9536
9537
9538
9539
9540
9541
9542
9543
9544
9545
9546
9547
9548
9549
9550
9551
9552
9553
9554
9555
9556
9557
9558
9559
9560
9561
9562
9563
9564
9565
9566
9567
9568
9569
9570
9571
9572
9573
9574
9575
9576
9577
9578
9579
9580
9581
9582
9583
9584
9585
9586
9587
9588
9589
9590
9591
9592
9593
9594
9595
9596
9597
9598
9599
9600
9601
9602
9603
9604
9605
9606
9607
9608
9609
9610
9611
9612
9613
9614
9615
9616
9617
9618
9619
9620
9621
9622
9623
9624
9625
9626
9627
9628
9629
9630
9631
9632
9633
9634
9635
9636
9637
9638
9639
9640
9641
9642
9643
9644
9645
9646
9647
9648
9649
9650
9651
9652
9653
9654
9655
9656
9657
9658
9659
9660
9661
9662
9663
9664
9665
9666
9667
9668
9669
9670
9671
9672
9673
9674
9675
9676
9677
9678
9679
9680
9681
9682
9683
9684
9685
9686
9687
9688
9689
9690
9691
9692
9693
9694
9695
9696
9697
9698
9699
9700
9701
9702
9703
9704
9705
9706
9707
9708
9709
9710
9711
9712
9713
9714
9715
9716
9717
9718
9719
9720
9721
9722
9723
9724
9725
9726
9727
9728
9729
9730
9731
9732
9733
9734
9735
9736
9737
9738
9739
9740
9741
9742
9743
9744
9745
9746
9747
9748
9749
9750
9751
9752
9753
9754
9755
9756
9757
9758
9759
9760
9761
9762
9763
9764
9765
9766
9767
9768
9769
9770
9771
9772
9773
9774
9775
9776
9777
9778
9779
9780
9781
9782
9783
9784
9785
9786
9787
9788
9789
9790
9791
9792
9793
9794
9795
9796
9797
9798
9799
9800
9801
9802
9803
9804
9805
9806
9807
9808
9809
9810
9811
9812
9813
9814
9815
9816
9817
9818
9819
9820
9821
9822
9823
9824
9825
9826
9827
9828
9829
9830
9831
9832
9833
9834
9835
9836
9837
9838
9839
9840
9841
9842
9843
9844
9845
9846
9847
9848
9849
9850
9851
9852
9853
9854
9855
9856
9857
9858
9859
9860
9861
9862
9863
9864
9865
9866
9867
9868
9869
9870
9871
9872
9873
9874
9875
9876
9877
9878
9879
9880
9881
9882
9883
9884
9885
9886
9887
9888
9889
9890
9891
9892
9893
9894
9895
9896
9897
9898
9899
9900
9901
9902
9903
9904
9905
9906
9907
9908
9909
9910
9911
9912
9913
9914
9915
9916
9917
9918
9919
9920
9921
9922
9923
9924
9925
9926
9927
9928
9929
9930
9931
9932
9933
9934
9935
9936
9937
9938
9939
9940
9941
9942
9943
9944
9945
9946
9947
9948
9949
9950
9951
9952
9953
9954
9955
9956
9957
9958
9959
9960
9961
9962
9963
9964
9965
9966
9967
9968
9969
9970
9971
9972
9973
9974
9975
9976
9977
9978
9979
9980
9981
9982
9983
9984
9985
9986
9987
9988
9989
9990
9991
9992
9993
9994
9995
9996
9997
9998
9999
10000
10001
10002
10003
10004
10005
10006
10007
10008
10009
10010
10011
10012
10013
10014
10015
10016
10017
10018
10019
10020
10021
10022
10023
10024
10025
10026
10027
10028
10029
10030
10031
10032
10033
10034
10035
10036
10037
10038
10039
10040
10041
10042
10043
10044
10045
10046
10047
10048
10049
10050
10051
10052
10053
10054
10055
10056
10057
10058
10059
10060
10061
10062
10063
10064
10065
10066
10067
10068
10069
10070
10071
10072
10073
10074
10075
10076
10077
10078
10079
10080
10081
10082
10083
10084
10085
10086
10087
10088
10089
10090
10091
10092
10093
10094
10095
10096
10097
10098
10099
10100
10101
10102
10103
10104
10105
10106
10107
10108
10109
10110
10111
10112
10113
10114
10115
10116
10117
10118
10119
10120
10121
10122
10123
10124
10125
10126
10127
10128
10129
10130
10131
10132
10133
10134
10135
10136
10137
10138
10139
10140
10141
10142
10143
10144
10145
10146
10147
10148
10149
10150
10151
10152
10153
10154
10155
10156
10157
10158
10159
10160
10161
10162
10163
10164
10165
10166
10167
10168
10169
10170
10171
10172
10173
10174
10175
10176
10177
10178
10179
10180
10181
10182
10183
10184
10185
10186
10187
10188
10189
10190
10191
10192
10193
10194
10195
10196
10197
10198
10199
10200
10201
10202
10203
10204
10205
10206
10207
10208
10209
10210
10211
10212
10213
10214
10215
10216
10217
10218
10219
10220
10221
10222
10223
10224
10225
10226
10227
10228
10229
10230
10231
10232
10233
10234
10235
10236
10237
10238
10239
10240
10241
10242
10243
10244
10245
10246
10247
10248
10249
10250
10251
10252
10253
10254
10255
10256
10257
10258
10259
10260
10261
10262
10263
10264
10265
10266
10267
10268
10269
10270
10271
10272
10273
10274
10275
10276
10277
10278
10279
10280
10281
10282
10283
10284
10285
10286
10287
10288
10289
10290
10291
10292
10293
10294
10295
10296
10297
10298
10299
10300
10301
10302
10303
10304
10305
10306
10307
10308
10309
10310
10311
10312
10313
10314
10315
10316
10317
10318
10319
10320
10321
10322
10323
10324
10325
10326
10327
10328
10329
10330
10331
10332
10333
10334
10335
10336
10337
10338
10339
10340
10341
10342
10343
10344
10345
10346
10347
10348
10349
10350
10351
10352
10353
10354
10355
10356
10357
10358
10359
10360
10361
10362
10363
10364
10365
10366
10367
10368
10369
10370
10371
10372
10373
10374
10375
10376
10377
10378
10379
10380
10381
10382
10383
10384
10385
10386
10387
10388
10389
10390
10391
10392
10393
10394
10395
10396
10397
10398
10399
10400
10401
10402
10403
10404
10405
10406
10407
10408
10409
10410
10411
10412
10413
10414
10415
10416
10417
10418
10419
10420
10421
10422
10423
10424
10425
10426
10427
10428
10429
10430
10431
10432
10433
10434
10435
10436
10437
10438
10439
10440
10441
10442
10443
10444
10445
10446
10447
10448
10449
10450
10451
10452
10453
10454
10455
10456
10457
10458
10459
10460
10461
10462
10463
10464
10465
10466
10467
10468
10469
10470
10471
10472
10473
10474
10475
10476
10477
10478
10479
10480
10481
10482
10483
10484
10485
10486
10487
10488
10489
10490
10491
10492
10493
10494
10495
10496
10497
10498
10499
10500
10501
10502
10503
10504
10505
10506
10507
10508
10509
10510
10511
10512
10513
10514
10515
10516
10517
10518
10519
10520
10521
10522
10523
10524
10525
10526
10527
10528
10529
10530
10531
10532
10533
10534
10535
10536
10537
10538
10539
10540
10541
10542
10543
10544
10545
10546
10547
10548
10549
10550
10551
10552
10553
10554
10555
10556
10557
10558
10559
10560
10561
10562
10563
10564
10565
10566
10567
10568
10569
10570
10571
10572
10573
10574
10575
10576
10577
10578
10579
10580
10581
10582
10583
10584
10585
10586
10587
10588
10589
10590
10591
10592
10593
10594
10595
10596
10597
10598
10599
10600
10601
10602
10603
10604
10605
10606
10607
10608
10609
10610
10611
10612
10613
10614
10615
10616
10617
10618
10619
10620
10621
10622
10623
10624
10625
10626
10627
10628
10629
10630
10631
10632
10633
10634
10635
10636
10637
10638
10639
10640
10641
10642
10643
10644
10645
10646
10647
10648
10649
10650
10651
10652
10653
10654
10655
10656
10657
10658
10659
10660
10661
10662
10663
10664
10665
10666
10667
10668
10669
10670
10671
10672
10673
10674
10675
10676
10677
10678
10679
10680
10681
10682
10683
10684
10685
10686
10687
10688
10689
10690
10691
10692
10693
10694
10695
10696
10697
10698
10699
10700
10701
10702
10703
10704
10705
10706
10707
10708
10709
10710
10711
10712
10713
10714
10715
10716
10717
10718
10719
10720
10721
10722
10723
10724
10725
10726
10727
10728
10729
10730
10731
10732
10733
10734
10735
10736
10737
10738
10739
10740
10741
10742
10743
10744
10745
10746
10747
10748
10749
10750
10751
10752
10753
10754
10755
10756
10757
10758
10759
10760
10761
10762
10763
10764
10765
10766
10767
10768
10769
10770
10771
10772
10773
10774
10775
10776
10777
10778
10779
10780
10781
10782
10783
10784
10785
10786
10787
10788
10789
10790
10791
10792
10793
10794
10795
10796
10797
10798
10799
10800
10801
10802
10803
10804
10805
10806
10807
10808
10809
10810
10811
10812
10813
10814
10815
10816
10817
10818
10819
10820
10821
10822
10823
10824
10825
10826
10827
10828
10829
10830
10831
10832
10833
10834
10835
10836
10837
10838
10839
10840
10841
10842
10843
10844
10845
10846
10847
10848
10849
10850
10851
10852
10853
10854
10855
10856
10857
10858
10859
10860
10861
10862
10863
10864
10865
10866
10867
10868
10869
10870
10871
10872
10873
10874
10875
10876
10877
10878
10879
10880
10881
10882
10883
10884
10885
10886
10887
10888
10889
10890
10891
10892
10893
10894
10895
10896
10897
10898
10899
10900
10901
10902
10903
10904
10905
10906
10907
10908
10909
10910
10911
10912
10913
10914
10915
10916
10917
10918
10919
10920
10921
10922
10923
10924
10925
10926
10927
10928
10929
10930
10931
10932
10933
10934
10935
10936
10937
10938
10939
10940
10941
10942
10943
10944
10945
10946
10947
10948
10949
10950
10951
10952
10953
10954
10955
10956
10957
10958
10959
10960
10961
10962
10963
10964
10965
10966
10967
10968
10969
10970
10971
10972
10973
10974
10975
10976
10977
10978
10979
10980
10981
10982
10983
10984
10985
10986
10987
10988
10989
10990
10991
10992
10993
10994
10995
10996
10997
10998
10999
11000
11001
11002
11003
11004
11005
11006
11007
11008
11009
11010
11011
11012
11013
11014
11015
11016
11017
11018
11019
11020
11021
11022
11023
11024
11025
11026
11027
11028
11029
11030
11031
11032
11033
11034
11035
11036
11037
11038
11039
11040
11041
11042
11043
11044
11045
11046
11047
11048
11049
11050
11051
11052
11053
11054
11055
11056
11057
11058
11059
11060
11061
11062
11063
11064
11065
11066
11067
11068
11069
11070
11071
11072
11073
11074
11075
11076
11077
11078
11079
11080
11081
11082
11083
11084
11085
11086
11087
11088
11089
11090
11091
11092
11093
11094
11095
11096
11097
11098
11099
11100
11101
11102
11103
11104
11105
11106
11107
11108
11109
11110
11111
11112
11113
11114
11115
11116
11117
11118
11119
11120
11121
11122
11123
11124
11125
11126
11127
11128
11129
11130
11131
11132
11133
11134
11135
11136
11137
11138
11139
11140
11141
11142
11143
11144
11145
11146
11147
11148
11149
11150
11151
11152
11153
11154
11155
11156
11157
11158
11159
11160
11161
11162
11163
11164
11165
11166
11167
11168
11169
11170
11171
11172
11173
11174
11175
11176
11177
11178
11179
11180
11181
11182
11183
11184
11185
11186
11187
11188
11189
11190
11191
11192
11193
11194
11195
11196
11197
11198
11199
11200
11201
11202
11203
11204
11205
11206
11207
11208
11209
11210
11211
11212
11213
11214
11215
11216
11217
11218
11219
11220
11221
11222
11223
11224
11225
11226
11227
11228
11229
11230
11231
11232
11233
11234
11235
11236
11237
11238
11239
11240
11241
11242
11243
11244
11245
11246
11247
11248
11249
11250
11251
11252
11253
11254
11255
11256
11257
11258
11259
11260
11261
11262
11263
11264
11265
11266
11267
11268
11269
11270
11271
11272
11273
11274
11275
11276
11277
11278
11279
11280
11281
11282
11283
11284
11285
11286
11287
11288
11289
11290
11291
11292
11293
11294
11295
11296
11297
11298
11299
11300
11301
11302
11303
11304
11305
11306
11307
11308
11309
11310
11311
11312
11313
11314
11315
11316
11317
11318
11319
11320
11321
11322
11323
11324
11325
11326
11327
11328
11329
11330
11331
11332
11333
11334
11335
11336
11337
11338
11339
11340
11341
11342
11343
11344
11345
11346
11347
11348
11349
11350
11351
11352
11353
11354
11355
11356
11357
11358
11359
11360
11361
11362
11363
11364
11365
11366
11367
11368
11369
11370
11371
11372
11373
11374
11375
11376
11377
11378
11379
11380
11381
11382
11383
11384
11385
11386
11387
11388
11389
11390
11391
11392
11393
11394
11395
11396
11397
11398
11399
11400
11401
11402
11403
11404
11405
11406
11407
11408
11409
11410
11411
11412
11413
11414
11415
11416
11417
11418
11419
11420
11421
11422
11423
11424
11425
11426
11427
11428
11429
11430
11431
11432
11433
11434
11435
11436
11437
11438
11439
11440
11441
11442
11443
11444
11445
11446
11447
11448
11449
11450
11451
11452
11453
11454
11455
11456
11457
11458
11459
11460
11461
11462
11463
11464
11465
11466
11467
11468
11469
11470
11471
11472
11473
11474
11475
11476
11477
11478
11479
11480
11481
11482
11483
11484
11485
11486
11487
11488
11489
11490
11491
11492
11493
11494
11495
11496
11497
11498
11499
11500
11501
11502
11503
11504
11505
11506
11507
11508
11509
11510
11511
11512
11513
11514
11515
11516
11517
11518
11519
11520
11521
11522
11523
11524
11525
11526
11527
11528
11529
11530
11531
11532
11533
11534
11535
11536
11537
11538
11539
11540
11541
11542
11543
11544
11545
11546
11547
11548
11549
11550
11551
11552
11553
11554
11555
11556
11557
11558
11559
11560
11561
11562
11563
11564
11565
11566
11567
11568
11569
11570
11571
11572
11573
11574
11575
11576
11577
11578
11579
11580
11581
11582
11583
11584
11585
11586
11587
11588
11589
11590
11591
11592
11593
11594
11595
11596
11597
11598
11599
11600
11601
11602
11603
11604
11605
11606
11607
11608
11609
11610
11611
11612
11613
11614
11615
11616
11617
11618
11619
11620
11621
11622
11623
11624
11625
11626
11627
11628
11629
11630
11631
11632
11633
11634
11635
11636
11637
11638
11639
11640
11641
11642
11643
11644
11645
11646
11647
11648
11649
11650
11651
11652
11653
11654
11655
11656
11657
11658
11659
11660
11661
11662
11663
11664
11665
11666
11667
11668
11669
11670
11671
11672
11673
11674
11675
11676
11677
11678
11679
11680
11681
11682
11683
11684
11685
11686
11687
11688
11689
11690
11691
11692
11693
11694
11695
11696
11697
11698
11699
11700
11701
11702
11703
11704
11705
11706
11707
11708
11709
11710
11711
11712
11713
11714
11715
11716
11717
11718
11719
11720
11721
11722
11723
11724
11725
11726
11727
11728
11729
11730
11731
11732
11733
11734
11735
11736
11737
11738
11739
11740
11741
11742
11743
11744
11745
11746
11747
11748
11749
11750
11751
11752
11753
11754
11755
11756
11757
11758
11759
11760
11761
11762
11763
11764
11765
11766
11767
11768
11769
11770
11771
11772
11773
11774
11775
11776
11777
11778
11779
11780
11781
11782
11783
11784
11785
11786
11787
11788
11789
11790
11791
11792
11793
11794
11795
11796
11797
11798
11799
11800
11801
11802
11803
11804
11805
11806
11807
11808
11809
11810
11811
11812
11813
11814
11815
11816
11817
11818
11819
11820
11821
11822
11823
11824
11825
11826
11827
11828
11829
11830
11831
11832
11833
11834
11835
11836
11837
11838
11839
11840
11841
11842
11843
11844
11845
11846
11847
11848
11849
11850
11851
11852
11853
11854
11855
11856
11857
11858
11859
11860
11861
11862
11863
11864
11865
11866
11867
11868
11869
11870
11871
11872
11873
11874
11875
11876
11877
11878
11879
11880
11881
11882
11883
11884
11885
11886
11887
11888
11889
11890
11891
11892
11893
11894
11895
11896
11897
11898
11899
11900
11901
11902
11903
11904
11905
11906
11907
11908
11909
11910
11911
11912
11913
11914
11915
11916
11917
11918
11919
11920
11921
11922
11923
11924
11925
11926
11927
11928
11929
11930
11931
11932
11933
11934
11935
11936
11937
11938
11939
11940
11941
11942
11943
11944
11945
11946
11947
11948
11949
11950
11951
11952
11953
11954
11955
11956
11957
11958
11959
11960
11961
11962
11963
11964
11965
11966
11967
11968
11969
11970
11971
11972
11973
11974
11975
11976
11977
11978
11979
11980
11981
11982
11983
11984
11985
11986
11987
11988
11989
11990
11991
11992
11993
11994
11995
11996
11997
11998
11999
12000
12001
12002
12003
12004
12005
12006
12007
12008
12009
12010
12011
12012
12013
12014
12015
12016
12017
12018
12019
12020
12021
12022
12023
12024
12025
12026
12027
12028
12029
12030
12031
12032
12033
12034
12035
12036
12037
12038
12039
12040
12041
12042
12043
12044
12045
12046
12047
12048
12049
12050
12051
12052
12053
12054
12055
12056
12057
12058
12059
12060
12061
12062
12063
12064
12065
12066
12067
12068
12069
12070
12071
12072
12073
12074
12075
12076
12077
12078
12079
12080
12081
12082
12083
12084
12085
12086
12087
12088
12089
12090
12091
12092
12093
12094
12095
12096
12097
12098
12099
12100
12101
12102
12103
12104
12105
12106
12107
12108
12109
12110
12111
12112
12113
12114
12115
12116
12117
12118
12119
12120
12121
12122
12123
12124
12125
12126
12127
12128
12129
12130
12131
12132
12133
12134
12135
12136
12137
12138
12139
12140
12141
12142
12143
12144
12145
12146
12147
12148
12149
12150
12151
12152
12153
12154
12155
12156
12157
12158
12159
12160
12161
12162
12163
12164
12165
12166
12167
12168
12169
12170
12171
12172
12173
12174
12175
12176
12177
12178
12179
12180
12181
12182
12183
12184
12185
12186
12187
12188
12189
12190
12191
12192
12193
12194
12195
12196
12197
12198
12199
12200
12201
12202
12203
12204
12205
12206
12207
12208
12209
12210
12211
12212
12213
12214
12215
12216
12217
12218
12219
12220
12221
12222
12223
12224
12225
12226
12227
12228
12229
12230
12231
12232
12233
12234
12235
12236
12237
12238
12239
12240
12241
12242
12243
12244
12245
12246
12247
12248
12249
12250
12251
12252
12253
12254
12255
12256
12257
12258
12259
12260
12261
12262
12263
12264
12265
12266
12267
12268
12269
12270
12271
12272
12273
12274
12275
12276
12277
12278
12279
12280
12281
12282
12283
12284
12285
12286
12287
12288
12289
12290
12291
12292
12293
12294
12295
12296
12297
12298
12299
12300
12301
12302
12303
12304
12305
12306
12307
12308
12309
12310
12311
12312
12313
12314
12315
12316
12317
12318
12319
12320
12321
12322
12323
12324
12325
12326
12327
12328
12329
12330
12331
12332
12333
12334
12335
12336
12337
12338
12339
12340
12341
12342
12343
12344
12345
12346
12347
12348
12349
12350
12351
12352
12353
12354
12355
12356
12357
12358
12359
12360
12361
12362
12363
12364
12365
12366
12367
12368
12369
12370
12371
12372
12373
12374
12375
12376
12377
12378
12379
12380
12381
12382
12383
12384
12385
12386
12387
12388
12389
12390
12391
12392
12393
12394
12395
12396
12397
12398
12399
12400
12401
12402
12403
12404
12405
12406
12407
12408
12409
12410
12411
12412
12413
12414
12415
12416
12417
12418
12419
12420
12421
12422
12423
12424
12425
12426
12427
12428
12429
12430
12431
12432
12433
12434
12435
12436
12437
12438
12439
12440
12441
12442
12443
12444
12445
12446
12447
12448
12449
12450
12451
12452
12453
12454
12455
12456
12457
12458
12459
12460
12461
12462
12463
12464
12465
12466
12467
12468
12469
12470
12471
12472
12473
12474
12475
12476
12477
12478
12479
12480
12481
12482
12483
12484
12485
12486
12487
12488
12489
12490
12491
12492
12493
12494
12495
12496
12497
12498
12499
12500
12501
12502
12503
12504
12505
12506
12507
12508
12509
12510
12511
12512
12513
12514
12515
12516
12517
12518
12519
12520
12521
12522
12523
12524
12525
12526
12527
12528
12529
12530
12531
12532
12533
12534
12535
12536
12537
12538
12539
12540
12541
12542
12543
12544
12545
12546
12547
12548
12549
12550
12551
12552
12553
12554
12555
12556
12557
12558
12559
12560
12561
12562
12563
12564
12565
12566
12567
12568
12569
12570
12571
12572
12573
12574
12575
12576
12577
12578
12579
12580
12581
12582
12583
12584
12585
12586
12587
12588
12589
12590
12591
12592
12593
12594
12595
12596
12597
12598
12599
12600
12601
12602
12603
12604
12605
12606
12607
12608
12609
12610
12611
12612
12613
12614
12615
12616
12617
12618
12619
12620
12621
12622
12623
12624
12625
12626
12627
12628
12629
12630
12631
12632
12633
12634
12635
12636
12637
12638
12639
12640
12641
12642
12643
12644
12645
12646
12647
12648
12649
12650
12651
12652
12653
12654
12655
12656
12657
12658
12659
12660
12661
12662
12663
12664
12665
12666
12667
12668
12669
12670
12671
12672
12673
12674
12675
12676
12677
12678
12679
12680
12681
12682
12683
12684
12685
12686
12687
12688
12689
12690
12691
12692
12693
12694
12695
12696
12697
12698
12699
12700
12701
12702
12703
12704
12705
12706
12707
12708
12709
12710
12711
12712
12713
12714
12715
12716
12717
12718
12719
12720
12721
12722
12723
12724
12725
12726
12727
12728
12729
12730
12731
12732
12733
12734
12735
12736
12737
12738
12739
12740
12741
12742
12743
12744
12745
12746
12747
12748
12749
12750
12751
12752
12753
12754
12755
12756
12757
12758
12759
12760
12761
12762
12763
12764
12765
12766
12767
12768
12769
12770
12771
12772
12773
12774
12775
12776
12777
12778
12779
12780
12781
12782
12783
12784
12785
12786
12787
12788
12789
12790
12791
12792
12793
12794
12795
12796
12797
12798
12799
12800
12801
12802
12803
12804
12805
12806
12807
12808
12809
12810
12811
12812
12813
12814
12815
12816
12817
12818
12819
12820
12821
12822
12823
12824
12825
12826
12827
12828
12829
12830
12831
12832
12833
12834
12835
12836
12837
12838
12839
12840
12841
12842
12843
12844
12845
12846
12847
12848
12849
12850
12851
12852
12853
12854
12855
12856
12857
12858
12859
12860
12861
12862
12863
12864
12865
12866
12867
12868
12869
12870
12871
12872
12873
12874
12875
12876
12877
12878
12879
12880
12881
12882
12883
12884
12885
12886
12887
12888
12889
12890
12891
12892
12893
12894
12895
12896
12897
12898
12899
12900
12901
12902
12903
12904
12905
12906
12907
12908
12909
12910
12911
12912
12913
12914
12915
12916
12917
12918
12919
12920
12921
12922
12923
12924
12925
12926
12927
12928
12929
12930
12931
12932
12933
12934
12935
12936
12937
12938
12939
12940
12941
12942
12943
12944
12945
12946
12947
12948
12949
12950
12951
12952
12953
12954
12955
12956
12957
12958
12959
12960
12961
12962
12963
12964
12965
12966
12967
12968
12969
12970
12971
12972
12973
12974
12975
12976
12977
12978
12979
12980
12981
12982
12983
12984
12985
12986
12987
12988
12989
12990
12991
12992
12993
12994
12995
12996
12997
12998
12999
13000
13001
13002
13003
13004
13005
13006
13007
13008
13009
13010
13011
13012
13013
13014
13015
13016
13017
13018
13019
13020
13021
13022
13023
13024
13025
13026
13027
13028
13029
13030
13031
13032
13033
13034
13035
13036
13037
13038
13039
13040
13041
13042
13043
13044
13045
13046
13047
13048
13049
13050
13051
13052
13053
13054
13055
13056
13057
13058
13059
13060
13061
13062
13063
13064
13065
13066
13067
13068
13069
13070
13071
13072
13073
13074
13075
13076
13077
13078
13079
13080
13081
13082
13083
13084
13085
13086
13087
13088
13089
13090
13091
13092
13093
13094
13095
13096
13097
13098
13099
13100
13101
13102
13103
13104
13105
13106
13107
13108
13109
13110
13111
13112
13113
13114
13115
13116
13117
13118
13119
13120
13121
13122
13123
13124
13125
13126
13127
13128
13129
13130
13131
13132
13133
13134
13135
13136
13137
13138
13139
13140
13141
13142
13143
13144
13145
13146
13147
13148
13149
13150
13151
13152
13153
13154
13155
13156
13157
13158
13159
13160
13161
13162
13163
13164
13165
13166
13167
13168
13169
13170
13171
13172
13173
13174
13175
13176
13177
13178
13179
13180
13181
13182
13183
13184
13185
13186
13187
13188
13189
13190
13191
13192
13193
13194
13195
13196
13197
13198
13199
13200
13201
13202
13203
13204
13205
13206
13207
13208
13209
13210
13211
13212
13213
13214
13215
13216
13217
13218
13219
13220
13221
13222
13223
13224
13225
13226
13227
13228
13229
13230
13231
13232
13233
13234
13235
13236
13237
13238
13239
13240
13241
13242
13243
13244
13245
13246
13247
13248
13249
13250
13251
13252
13253
13254
13255
13256
13257
13258
13259
13260
13261
13262
13263
13264
13265
13266
13267
13268
13269
13270
13271
13272
13273
13274
13275
13276
13277
13278
13279
13280
13281
13282
13283
13284
13285
13286
13287
13288
13289
13290
13291
13292
13293
13294
13295
13296
13297
13298
13299
13300
13301
13302
13303
13304
13305
13306
13307
13308
13309
13310
13311
13312
13313
13314
13315
13316
13317
13318
13319
13320
13321
13322
13323
13324
13325
13326
13327
13328
13329
13330
13331
13332
13333
13334
13335
13336
13337
13338
13339
13340
13341
13342
13343
13344
13345
13346
13347
13348
13349
13350
13351
13352
13353
13354
13355
13356
13357
13358
13359
13360
13361
13362
13363
13364
13365
13366
13367
13368
13369
13370
13371
13372
13373
13374
13375
13376
13377
13378
13379
13380
13381
13382
13383
13384
13385
13386
13387
13388
13389
13390
13391
13392
13393
13394
13395
13396
13397
13398
13399
13400
13401
13402
13403
13404
13405
13406
13407
13408
13409
13410
13411
13412
13413
13414
13415
13416
13417
13418
13419
13420
13421
13422
13423
13424
13425
13426
13427
13428
13429
13430
13431
13432
13433
13434
13435
13436
13437
13438
13439
13440
13441
13442
13443
13444
13445
13446
13447
13448
13449
13450
13451
13452
13453
13454
13455
13456
13457
13458
13459
13460
13461
13462
13463
13464
13465
13466
13467
13468
13469
13470
13471
13472
13473
13474
13475
13476
13477
13478
13479
13480
13481
13482
13483
13484
13485
13486
13487
13488
13489
13490
13491
13492
13493
13494
13495
13496
13497
13498
13499
13500
13501
13502
13503
13504
13505
13506
13507
13508
13509
13510
13511
13512
13513
13514
13515
13516
13517
13518
13519
13520
13521
13522
13523
13524
13525
13526
13527
13528
13529
13530
13531
13532
13533
13534
13535
13536
13537
13538
13539
13540
13541
13542
13543
13544
13545
13546
13547
13548
13549
13550
13551
13552
13553
13554
13555
13556
13557
13558
13559
13560
13561
13562
13563
13564
13565
13566
13567
13568
13569
13570
13571
13572
13573
13574
13575
13576
13577
13578
13579
13580
13581
13582
13583
13584
13585
13586
13587
13588
13589
13590
13591
13592
13593
13594
13595
13596
13597
13598
13599
13600
13601
13602
13603
13604
13605
13606
13607
13608
13609
13610
13611
13612
13613
13614
13615
13616
13617
13618
13619
13620
13621
13622
13623
13624
13625
13626
13627
13628
13629
13630
13631
13632
13633
13634
13635
13636
13637
13638
13639
13640
13641
13642
13643
13644
13645
13646
13647
13648
13649
13650
13651
13652
13653
13654
13655
13656
13657
13658
13659
13660
13661
13662
13663
13664
13665
13666
13667
13668
13669
13670
13671
13672
13673
13674
13675
13676
13677
13678
13679
13680
13681
13682
13683
13684
13685
13686
13687
13688
13689
13690
13691
13692
13693
13694
13695
13696
13697
13698
13699
13700
13701
13702
13703
13704
13705
13706
13707
13708
13709
13710
13711
13712
13713
13714
13715
13716
13717
13718
13719
13720
13721
13722
13723
13724
13725
13726
13727
13728
13729
13730
13731
13732
13733
13734
13735
13736
13737
13738
13739
13740
13741
13742
13743
13744
13745
13746
13747
13748
13749
13750
13751
13752
13753
13754
13755
13756
13757
13758
13759
13760
13761
13762
13763
13764
13765
13766
13767
13768
13769
13770
13771
13772
13773
13774
13775
13776
13777
13778
13779
13780
13781
13782
13783
13784
13785
13786
13787
13788
13789
13790
13791
13792
13793
13794
13795
13796
13797
13798
13799
13800
13801
13802
13803
13804
13805
13806
13807
13808
13809
13810
13811
13812
13813
13814
13815
13816
13817
13818
13819
13820
13821
13822
13823
13824
13825
13826
13827
13828
13829
13830
13831
13832
13833
13834
13835
13836
13837
13838
13839
13840
13841
13842
13843
13844
13845
13846
13847
13848
13849
13850
13851
13852
13853
13854
13855
13856
13857
13858
13859
13860
13861
13862
13863
13864
13865
13866
13867
13868
13869
13870
13871
13872
13873
13874
13875
13876
13877
13878
13879
13880
13881
13882
13883
13884
13885
13886
13887
13888
13889
13890
13891
13892
13893
13894
13895
13896
13897
13898
13899
13900
13901
13902
13903
13904
13905
13906
13907
13908
13909
13910
13911
13912
13913
13914
13915
13916
13917
13918
13919
13920
13921
13922
13923
13924
13925
13926
13927
13928
13929
13930
13931
13932
13933
13934
13935
13936
13937
13938
13939
13940
13941
13942
13943
13944
13945
13946
13947
13948
13949
13950
13951
13952
13953
13954
13955
13956
13957
13958
13959
13960
13961
13962
13963
13964
13965
13966
13967
13968
13969
13970
13971
13972
13973
13974
13975
13976
13977
13978
13979
13980
13981
13982
13983
13984
13985
13986
13987
13988
13989
13990
13991
13992
13993
13994
13995
13996
13997
13998
13999
14000
14001
14002
14003
14004
14005
14006
14007
14008
14009
14010
14011
14012
14013
14014
14015
14016
14017
14018
14019
14020
14021
14022
14023
14024
14025
14026
14027
14028
14029
14030
14031
14032
14033
14034
14035
14036
14037
14038
14039
14040
14041
14042
14043
14044
14045
14046
14047
14048
14049
14050
14051
14052
14053
14054
14055
14056
14057
14058
14059
14060
14061
14062
14063
14064
14065
14066
14067
14068
14069
14070
14071
14072
14073
14074
14075
14076
14077
14078
14079
14080
14081
14082
14083
14084
14085
14086
14087
14088
14089
14090
14091
14092
14093
14094
14095
14096
14097
14098
14099
14100
14101
14102
14103
14104
14105
14106
14107
14108
14109
14110
14111
14112
14113
14114
14115
14116
14117
14118
14119
14120
14121
14122
14123
14124
14125
14126
14127
14128
14129
14130
14131
14132
14133
14134
14135
14136
14137
14138
14139
14140
14141
14142
14143
14144
14145
14146
14147
14148
14149
14150
14151
14152
14153
14154
14155
14156
14157
14158
14159
14160
14161
14162
14163
14164
14165
14166
14167
14168
14169
14170
14171
14172
14173
14174
14175
14176
14177
14178
14179
14180
14181
14182
14183
14184
14185
14186
14187
14188
14189
14190
14191
14192
14193
14194
14195
14196
14197
14198
14199
14200
14201
14202
14203
14204
14205
14206
14207
14208
14209
14210
14211
14212
14213
14214
14215
14216
14217
14218
14219
14220
14221
14222
14223
14224
14225
14226
14227
14228
14229
14230
14231
14232
14233
14234
14235
14236
14237
14238
14239
14240
14241
14242
14243
14244
14245
14246
14247
14248
14249
14250
14251
14252
14253
14254
14255
14256
14257
14258
14259
14260
14261
14262
14263
14264
14265
14266
14267
14268
14269
14270
14271
14272
14273
14274
14275
14276
14277
14278
14279
14280
14281
14282
14283
14284
14285
14286
14287
14288
14289
14290
14291
14292
14293
14294
14295
14296
14297
14298
14299
14300
14301
14302
14303
14304
14305
14306
14307
14308
14309
14310
14311
14312
14313
14314
14315
14316
14317
14318
14319
14320
14321
14322
14323
14324
14325
14326
14327
14328
14329
14330
14331
14332
14333
14334
14335
14336
14337
14338
14339
14340
14341
14342
14343
14344
14345
14346
14347
14348
14349
14350
14351
14352
14353
14354
14355
14356
14357
14358
14359
14360
14361
14362
14363
14364
14365
14366
14367
14368
14369
14370
14371
14372
14373
14374
14375
14376
14377
14378
14379
14380
14381
14382
14383
14384
14385
14386
14387
14388
14389
14390
14391
14392
14393
14394
14395
14396
14397
14398
14399
14400
14401
14402
14403
14404
14405
14406
14407
14408
14409
14410
14411
14412
14413
14414
14415
14416
14417
14418
14419
14420
14421
14422
14423
14424
14425
14426
14427
14428
14429
14430
14431
14432
14433
14434
14435
14436
14437
14438
14439
14440
14441
14442
14443
14444
14445
14446
14447
14448
14449
14450
14451
14452
14453
14454
14455
14456
14457
14458
14459
14460
14461
14462
14463
14464
14465
14466
14467
14468
14469
14470
14471
14472
14473
14474
14475
14476
14477
14478
14479
14480
14481
14482
14483
14484
14485
14486
14487
14488
14489
14490
14491
14492
14493
14494
14495
14496
14497
14498
14499
14500
14501
14502
14503
14504
14505
14506
14507
14508
14509
14510
14511
14512
14513
14514
14515
14516
14517
14518
14519
14520
14521
14522
14523
14524
14525
14526
14527
14528
14529
14530
14531
14532
14533
14534
14535
14536
14537
14538
14539
14540
14541
14542
14543
14544
14545
14546
14547
14548
14549
14550
14551
14552
14553
14554
14555
14556
14557
14558
14559
14560
14561
14562
14563
14564
14565
14566
14567
14568
14569
14570
14571
14572
14573
14574
14575
14576
14577
14578
14579
14580
14581
14582
14583
14584
14585
14586
14587
14588
14589
14590
14591
14592
14593
14594
14595
14596
14597
14598
14599
14600
14601
14602
14603
14604
14605
14606
14607
14608
14609
14610
14611
14612
14613
14614
14615
14616
14617
14618
14619
14620
14621
14622
14623
14624
14625
14626
14627
14628
14629
14630
14631
14632
14633
14634
14635
14636
14637
14638
14639
14640
14641
14642
14643
14644
14645
14646
14647
14648
14649
14650
14651
14652
14653
14654
14655
14656
14657
14658
14659
14660
14661
14662
14663
14664
14665
14666
14667
14668
14669
14670
14671
14672
14673
14674
14675
14676
14677
14678
14679
14680
14681
14682
14683
14684
14685
14686
14687
14688
14689
14690
14691
14692
14693
14694
14695
14696
14697
14698
14699
14700
14701
14702
14703
14704
14705
14706
14707
14708
14709
14710
14711
14712
14713
14714
14715
14716
14717
14718
14719
14720
14721
14722
14723
14724
14725
14726
14727
14728
14729
14730
14731
14732
14733
14734
14735
14736
14737
14738
14739
14740
14741
14742
14743
14744
14745
14746
14747
14748
14749
14750
14751
14752
14753
14754
14755
14756
14757
14758
14759
14760
14761
14762
14763
14764
14765
14766
14767
14768
14769
14770
14771
14772
14773
14774
14775
14776
14777
14778
14779
14780
14781
14782
14783
14784
14785
14786
14787
14788
14789
14790
14791
14792
14793
14794
14795
14796
14797
14798
14799
14800
14801
14802
14803
14804
14805
14806
14807
14808
14809
14810
14811
14812
14813
14814
14815
14816
14817
14818
14819
14820
14821
14822
14823
14824
14825
14826
14827
14828
14829
14830
14831
14832
14833
14834
14835
14836
14837
14838
14839
14840
14841
14842
14843
14844
14845
14846
14847
14848
14849
14850
14851
14852
14853
14854
14855
14856
14857
14858
14859
14860
14861
14862
14863
14864
14865
14866
14867
14868
14869
14870
14871
14872
14873
14874
14875
14876
14877
14878
14879
14880
14881
14882
14883
14884
14885
14886
14887
14888
14889
14890
14891
14892
14893
14894
14895
14896
14897
14898
14899
14900
14901
14902
14903
14904
14905
14906
14907
14908
14909
14910
14911
14912
14913
14914
14915
14916
14917
14918
14919
14920
14921
14922
14923
14924
14925
14926
14927
14928
14929
14930
14931
14932
14933
14934
14935
14936
14937
14938
14939
14940
14941
14942
14943
14944
14945
14946
14947
14948
14949
14950
14951
14952
14953
14954
14955
14956
14957
14958
14959
14960
14961
14962
14963
14964
14965
14966
14967
14968
14969
14970
14971
14972
14973
14974
14975
14976
14977
14978
14979
14980
14981
14982
14983
14984
14985
14986
14987
14988
14989
14990
14991
14992
14993
14994
14995
14996
14997
14998
14999
15000
15001
15002
15003
15004
15005
15006
15007
15008
15009
15010
15011
15012
15013
15014
15015
15016
15017
15018
15019
15020
15021
15022
15023
15024
15025
15026
15027
15028
15029
15030
15031
15032
15033
15034
15035
15036
15037
15038
15039
15040
15041
15042
15043
15044
15045
15046
15047
15048
15049
15050
15051
15052
15053
15054
15055
15056
15057
15058
15059
15060
15061
15062
15063
15064
15065
15066
15067
15068
15069
15070
15071
15072
15073
15074
15075
15076
15077
15078
15079
15080
15081
15082
15083
15084
15085
15086
15087
15088
15089
15090
15091
15092
15093
15094
15095
15096
15097
15098
15099
15100
15101
15102
15103
15104
15105
15106
15107
15108
15109
15110
15111
15112
15113
15114
15115
15116
15117
15118
15119
15120
15121
15122
15123
15124
15125
15126
15127
15128
15129
15130
15131
15132
15133
15134
15135
15136
15137
15138
15139
15140
15141
15142
15143
15144
15145
15146
15147
15148
15149
15150
15151
15152
15153
15154
15155
15156
15157
15158
15159
15160
15161
15162
15163
15164
15165
15166
15167
15168
15169
15170
15171
15172
15173
15174
15175
15176
15177
15178
15179
15180
15181
15182
15183
15184
15185
15186
15187
15188
15189
15190
15191
15192
15193
15194
15195
15196
15197
15198
15199
15200
15201
15202
15203
15204
15205
15206
15207
15208
15209
15210
15211
15212
15213
15214
15215
15216
15217
15218
15219
15220
15221
15222
15223
15224
15225
15226
15227
15228
15229
15230
15231
15232
15233
15234
15235
15236
15237
15238
15239
15240
15241
15242
15243
15244
15245
15246
15247
15248
15249
15250
15251
15252
15253
15254
15255
15256
15257
15258
15259
15260
15261
15262
15263
15264
15265
15266
15267
15268
15269
15270
15271
15272
15273
15274
15275
15276
15277
15278
15279
15280
15281
15282
15283
15284
15285
15286
15287
15288
15289
15290
15291
15292
15293
15294
15295
15296
15297
15298
15299
15300
15301
15302
15303
15304
15305
15306
15307
15308
15309
15310
15311
15312
15313
15314
15315
15316
15317
15318
15319
15320
15321
15322
15323
15324
15325
15326
15327
15328
15329
15330
15331
15332
15333
15334
15335
15336
15337
15338
15339
15340
15341
15342
15343
15344
15345
15346
15347
15348
15349
15350
15351
15352
15353
15354
15355
15356
15357
15358
15359
15360
15361
15362
15363
15364
15365
15366
15367
15368
15369
15370
15371
15372
15373
15374
15375
15376
15377
15378
15379
15380
15381
15382
15383
15384
15385
15386
15387
15388
15389
15390
15391
15392
15393
15394
15395
15396
15397
15398
15399
15400
15401
15402
15403
15404
15405
15406
15407
15408
15409
15410
15411
15412
15413
15414
15415
15416
15417
15418
15419
15420
15421
15422
15423
15424
15425
15426
15427
15428
15429
15430
15431
15432
15433
15434
15435
15436
15437
15438
15439
15440
15441
15442
15443
15444
15445
15446
15447
15448
15449
15450
15451
15452
15453
15454
15455
15456
15457
15458
15459
15460
15461
15462
15463
15464
15465
15466
15467
15468
15469
15470
15471
15472
15473
15474
15475
15476
15477
15478
15479
15480
15481
15482
15483
15484
15485
15486
15487
15488
15489
15490
15491
15492
15493
15494
15495
15496
15497
15498
15499
15500
15501
15502
15503
15504
15505
15506
15507
15508
15509
15510
15511
15512
15513
15514
15515
15516
15517
15518
15519
15520
15521
15522
15523
15524
15525
15526
15527
15528
15529
15530
15531
15532
15533
15534
15535
15536
15537
15538
15539
15540
15541
15542
15543
15544
15545
15546
15547
15548
15549
15550
15551
15552
15553
15554
15555
15556
15557
15558
15559
15560
15561
15562
15563
15564
15565
15566
15567
15568
15569
15570
15571
15572
15573
15574
15575
15576
15577
15578
15579
15580
15581
15582
15583
15584
15585
15586
15587
15588
15589
15590
15591
15592
15593
15594
15595
15596
15597
15598
15599
15600
15601
15602
15603
15604
15605
15606
15607
15608
15609
15610
15611
15612
15613
15614
15615
15616
15617
15618
15619
15620
15621
15622
15623
15624
15625
15626
15627
15628
15629
15630
15631
15632
15633
15634
15635
15636
15637
15638
15639
15640
15641
15642
15643
15644
15645
15646
15647
15648
15649
15650
15651
15652
15653
15654
15655
15656
15657
15658
15659
15660
15661
15662
15663
15664
15665
15666
15667
15668
15669
15670
15671
15672
15673
15674
15675
15676
15677
15678
15679
15680
15681
15682
15683
15684
15685
15686
15687
15688
15689
15690
15691
15692
15693
15694
15695
15696
15697
15698
15699
15700
15701
15702
15703
15704
15705
15706
15707
15708
15709
15710
15711
15712
15713
15714
15715
15716
15717
15718
15719
15720
15721
15722
15723
15724
15725
15726
15727
15728
15729
15730
15731
15732
15733
15734
15735
15736
15737
15738
15739
15740
15741
15742
15743
15744
15745
15746
15747
15748
15749
15750
15751
15752
15753
15754
15755
15756
15757
15758
15759
15760
15761
15762
15763
15764
15765
15766
15767
15768
15769
15770
15771
15772
15773
15774
15775
15776
15777
15778
15779
15780
15781
15782
15783
15784
15785
15786
15787
15788
15789
15790
15791
15792
15793
15794
15795
15796
15797
15798
15799
15800
15801
15802
15803
15804
15805
15806
15807
15808
15809
15810
15811
15812
15813
15814
15815
15816
15817
15818
15819
15820
15821
15822
15823
15824
15825
15826
15827
15828
15829
15830
15831
15832
15833
15834
15835
15836
15837
15838
15839
15840
15841
15842
15843
15844
15845
15846
15847
15848
15849
15850
15851
15852
15853
15854
15855
15856
15857
15858
15859
15860
15861
15862
15863
15864
15865
15866
15867
15868
15869
15870
15871
15872
15873
15874
15875
15876
15877
15878
15879
15880
15881
15882
15883
15884
15885
15886
15887
15888
15889
15890
15891
15892
15893
15894
15895
15896
15897
15898
15899
15900
15901
15902
15903
15904
15905
15906
15907
15908
15909
15910
15911
15912
15913
15914
15915
15916
15917
15918
15919
15920
15921
15922
15923
15924
15925
15926
15927
15928
15929
15930
15931
15932
15933
15934
15935
15936
15937
15938
15939
15940
15941
15942
15943
15944
15945
15946
15947
15948
15949
15950
15951
15952
15953
15954
15955
15956
15957
15958
15959
15960
15961
15962
15963
15964
15965
15966
15967
15968
15969
15970
15971
15972
15973
15974
15975
15976
15977
15978
15979
15980
15981
15982
15983
15984
15985
15986
15987
15988
15989
15990
15991
15992
15993
15994
15995
15996
15997
15998
15999
16000
16001
16002
16003
16004
16005
16006
16007
16008
16009
16010
16011
16012
16013
16014
16015
16016
16017
16018
16019
16020
16021
16022
16023
16024
16025
16026
16027
16028
16029
16030
16031
16032
16033
16034
16035
16036
16037
16038
16039
16040
16041
16042
16043
16044
16045
16046
16047
16048
16049
16050
16051
16052
16053
16054
16055
16056
16057
16058
16059
16060
16061
16062
16063
16064
16065
16066
16067
16068
16069
16070
16071
16072
16073
16074
16075
16076
16077
16078
16079
16080
16081
16082
16083
16084
16085
16086
16087
16088
16089
16090
16091
16092
16093
16094
16095
16096
16097
16098
16099
16100
16101
16102
16103
16104
16105
16106
16107
16108
16109
16110
16111
16112
16113
16114
16115
16116
16117
16118
16119
16120
16121
16122
16123
16124
16125
16126
16127
16128
16129
16130
16131
16132
16133
16134
16135
16136
16137
16138
16139
16140
16141
16142
16143
16144
16145
16146
16147
16148
16149
16150
16151
16152
16153
16154
16155
16156
16157
16158
16159
16160
16161
16162
16163
16164
16165
16166
16167
16168
16169
16170
16171
16172
16173
16174
16175
16176
16177
16178
16179
16180
16181
16182
16183
16184
16185
16186
16187
16188
16189
16190
16191
16192
16193
16194
16195
16196
16197
16198
16199
16200
16201
16202
16203
16204
16205
16206
16207
16208
16209
16210
16211
16212
16213
16214
16215
16216
16217
16218
16219
16220
16221
16222
16223
16224
16225
16226
16227
16228
16229
16230
16231
16232
16233
16234
16235
16236
16237
16238
16239
16240
16241
16242
16243
16244
16245
16246
16247
16248
16249
16250
16251
16252
16253
16254
16255
16256
16257
16258
16259
16260
16261
16262
16263
16264
16265
16266
16267
16268
16269
16270
16271
16272
16273
16274
16275
16276
16277
16278
16279
16280
16281
16282
16283
16284
16285
16286
16287
16288
16289
16290
16291
16292
16293
16294
16295
16296
16297
16298
16299
16300
16301
16302
16303
16304
16305
16306
16307
16308
16309
16310
16311
16312
16313
16314
16315
16316
16317
16318
16319
16320
16321
16322
16323
16324
16325
16326
16327
16328
16329
16330
16331
16332
16333
16334
16335
16336
16337
16338
16339
16340
16341
16342
16343
16344
16345
16346
16347
16348
16349
16350
16351
16352
16353
16354
16355
16356
16357
16358
16359
16360
16361
16362
16363
16364
16365
16366
16367
16368
16369
16370
16371
16372
16373
16374
16375
16376
16377
16378
16379
16380
16381
16382
16383
16384
16385
16386
16387
16388
16389
16390
16391
16392
16393
16394
16395
16396
16397
16398
16399
16400
16401
16402
16403
16404
16405
16406
16407
16408
16409
16410
16411
16412
16413
16414
16415
16416
16417
16418
16419
16420
16421
16422
16423
16424
16425
16426
16427
16428
16429
16430
16431
16432
16433
16434
16435
16436
16437
16438
16439
16440
16441
16442
16443
16444
16445
16446
16447
16448
16449
16450
16451
16452
16453
16454
16455
16456
16457
16458
16459
16460
16461
16462
16463
16464
16465
16466
16467
16468
16469
16470
16471
16472
16473
16474
16475
16476
16477
16478
16479
16480
16481
16482
16483
16484
16485
16486
16487
16488
16489
16490
16491
16492
16493
16494
16495
16496
16497
16498
16499
16500
16501
16502
16503
16504
16505
16506
16507
16508
16509
16510
16511
16512
16513
16514
16515
16516
16517
16518
16519
16520
16521
16522
16523
16524
16525
16526
16527
16528
16529
16530
16531
16532
16533
16534
16535
16536
16537
16538
16539
16540
16541
16542
16543
16544
16545
16546
16547
16548
16549
16550
16551
16552
16553
16554
16555
16556
16557
16558
16559
16560
16561
16562
16563
16564
16565
16566
16567
16568
16569
16570
16571
16572
16573
16574
16575
16576
16577
16578
16579
16580
16581
16582
16583
16584
16585
16586
16587
16588
16589
16590
16591
16592
16593
16594
16595
16596
16597
16598
16599
16600
16601
16602
16603
16604
16605
16606
16607
16608
16609
16610
16611
16612
16613
16614
16615
16616
16617
16618
16619
16620
16621
16622
16623
16624
16625
16626
16627
16628
16629
16630
16631
16632
16633
16634
16635
16636
16637
16638
16639
16640
16641
16642
16643
16644
16645
16646
16647
16648
16649
16650
16651
16652
16653
16654
16655
16656
16657
16658
16659
16660
16661
16662
16663
16664
16665
16666
16667
16668
16669
16670
16671
16672
16673
16674
16675
16676
16677
16678
16679
16680
16681
16682
16683
16684
16685
16686
16687
16688
16689
16690
16691
16692
16693
16694
16695
16696
16697
16698
16699
16700
16701
16702
16703
16704
16705
16706
16707
16708
16709
16710
16711
16712
16713
16714
16715
16716
16717
16718
16719
16720
16721
16722
16723
16724
16725
16726
16727
16728
16729
16730
16731
16732
16733
16734
16735
16736
16737
16738
16739
16740
16741
16742
16743
16744
16745
16746
16747
16748
16749
16750
16751
16752
16753
16754
16755
16756
16757
16758
16759
16760
16761
16762
16763
16764
16765
16766
16767
16768
16769
16770
16771
16772
16773
16774
16775
16776
16777
16778
16779
16780
16781
16782
16783
16784
16785
16786
16787
16788
16789
16790
16791
16792
16793
16794
16795
16796
16797
16798
16799
16800
16801
16802
16803
16804
16805
16806
16807
16808
16809
16810
16811
16812
16813
16814
16815
16816
16817
16818
16819
16820
16821
16822
16823
16824
16825
16826
16827
16828
16829
16830
16831
16832
16833
16834
16835
16836
16837
16838
16839
16840
16841
16842
16843
16844
16845
16846
16847
16848
16849
16850
16851
16852
16853
16854
16855
16856
16857
16858
16859
16860
16861
16862
16863
16864
16865
16866
16867
16868
16869
16870
16871
16872
16873
16874
16875
16876
16877
16878
16879
16880
16881
16882
16883
16884
16885
16886
16887
16888
16889
16890
16891
16892
16893
16894
16895
16896
16897
16898
16899
16900
16901
16902
16903
16904
16905
16906
16907
16908
16909
16910
16911
16912
16913
16914
16915
16916
16917
16918
16919
16920
16921
16922
16923
16924
16925
16926
16927
16928
16929
16930
16931
16932
16933
16934
16935
16936
16937
16938
16939
16940
16941
16942
16943
16944
16945
16946
16947
16948
16949
16950
16951
16952
16953
16954
16955
16956
16957
16958
16959
16960
16961
16962
16963
16964
16965
16966
16967
16968
16969
16970
16971
16972
16973
16974
16975
16976
16977
16978
16979
16980
16981
16982
16983
16984
16985
16986
16987
16988
16989
16990
16991
16992
16993
16994
16995
16996
16997
16998
16999
17000
17001
17002
17003
17004
17005
17006
17007
17008
17009
17010
17011
17012
17013
17014
17015
17016
17017
17018
17019
17020
17021
17022
17023
17024
17025
17026
17027
17028
17029
17030
17031
17032
17033
17034
17035
17036
17037
17038
17039
17040
17041
17042
17043
17044
17045
17046
17047
17048
17049
17050
17051
17052
17053
17054
17055
17056
17057
17058
17059
17060
17061
17062
17063
17064
17065
17066
17067
17068
17069
17070
17071
17072
17073
17074
17075
17076
17077
17078
17079
17080
17081
17082
17083
17084
17085
17086
17087
17088
17089
17090
17091
17092
17093
17094
17095
17096
17097
17098
17099
17100
17101
17102
17103
17104
17105
17106
17107
17108
17109
17110
17111
17112
17113
17114
17115
17116
17117
17118
17119
17120
17121
17122
17123
17124
17125
17126
17127
17128
17129
17130
17131
17132
17133
17134
17135
17136
17137
17138
17139
17140
17141
17142
17143
17144
17145
17146
17147
17148
17149
17150
17151
17152
17153
17154
17155
17156
17157
17158
17159
17160
17161
17162
17163
17164
17165
17166
17167
17168
17169
17170
17171
17172
17173
17174
17175
17176
17177
17178
17179
17180
17181
17182
17183
17184
17185
17186
17187
17188
17189
17190
17191
17192
17193
17194
17195
17196
17197
17198
17199
17200
17201
17202
17203
17204
17205
17206
17207
17208
17209
17210
17211
17212
17213
17214
17215
17216
17217
17218
17219
17220
17221
17222
17223
17224
17225
17226
17227
17228
17229
17230
17231
17232
17233
17234
17235
17236
17237
17238
17239
17240
17241
17242
17243
17244
17245
17246
17247
17248
17249
17250
17251
17252
17253
17254
17255
17256
17257
17258
17259
17260
17261
17262
17263
17264
17265
17266
17267
17268
17269
17270
17271
17272
17273
17274
17275
17276
17277
17278
17279
17280
17281
17282
17283
17284
17285
17286
17287
17288
17289
17290
17291
17292
17293
17294
17295
17296
17297
17298
17299
17300
17301
17302
17303
17304
17305
17306
17307
17308
17309
17310
17311
17312
17313
17314
17315
17316
17317
17318
17319
17320
17321
17322
17323
17324
17325
17326
17327
17328
17329
17330
17331
17332
17333
17334
17335
17336
17337
17338
17339
17340
17341
17342
17343
17344
17345
17346
17347
17348
17349
17350
17351
17352
17353
17354
17355
17356
17357
17358
17359
17360
17361
17362
17363
17364
17365
17366
17367
17368
17369
17370
17371
17372
17373
17374
17375
17376
17377
17378
17379
17380
17381
17382
17383
17384
17385
17386
17387
17388
17389
17390
17391
17392
17393
17394
17395
17396
17397
17398
17399
17400
17401
17402
17403
17404
17405
17406
17407
17408
17409
17410
17411
17412
17413
17414
17415
17416
17417
17418
17419
17420
17421
17422
17423
17424
17425
17426
17427
17428
17429
17430
17431
17432
17433
17434
17435
17436
17437
17438
17439
17440
17441
17442
17443
17444
17445
17446
17447
17448
17449
17450
17451
17452
17453
17454
17455
17456
17457
17458
17459
17460
17461
17462
17463
17464
17465
17466
17467
17468
17469
17470
17471
17472
17473
17474
17475
17476
17477
17478
17479
17480
17481
17482
17483
17484
17485
17486
17487
17488
17489
17490
17491
17492
17493
17494
17495
17496
17497
17498
17499
17500
17501
17502
17503
17504
17505
17506
17507
17508
17509
17510
17511
17512
17513
17514
17515
17516
17517
17518
17519
17520
17521
17522
17523
17524
17525
17526
17527
17528
17529
17530
17531
17532
17533
17534
17535
17536
17537
17538
17539
17540
17541
17542
17543
17544
17545
17546
17547
17548
17549
17550
17551
17552
17553
17554
17555
17556
17557
17558
17559
17560
17561
17562
17563
17564
17565
17566
17567
17568
17569
17570
17571
17572
17573
17574
17575
17576
17577
17578
17579
17580
17581
17582
17583
17584
17585
17586
17587
17588
17589
17590
17591
17592
17593
17594
17595
17596
17597
17598
17599
17600
17601
17602
17603
17604
17605
17606
17607
17608
17609
17610
17611
17612
17613
17614
17615
17616
17617
17618
17619
17620
17621
17622
17623
17624
17625
17626
17627
17628
17629
17630
17631
17632
17633
17634
17635
17636
17637
17638
17639
17640
17641
17642
17643
17644
17645
17646
17647
17648
17649
17650
17651
17652
17653
17654
17655
17656
17657
17658
17659
17660
17661
17662
17663
17664
17665
17666
17667
17668
17669
17670
17671
17672
17673
17674
17675
17676
17677
17678
17679
17680
17681
17682
17683
17684
17685
17686
17687
17688
17689
17690
17691
17692
17693
17694
17695
17696
17697
17698
17699
17700
17701
17702
17703
17704
17705
17706
17707
17708
17709
17710
17711
17712
17713
17714
17715
17716
17717
17718
17719
17720
17721
17722
17723
17724
17725
17726
17727
17728
17729
17730
17731
17732
17733
17734
17735
17736
17737
17738
17739
17740
17741
17742
17743
17744
17745
17746
17747
17748
17749
17750
17751
17752
17753
17754
17755
17756
17757
17758
17759
17760
17761
17762
17763
17764
17765
17766
17767
17768
17769
17770
17771
17772
17773
17774
17775
17776
17777
17778
17779
17780
17781
17782
17783
17784
17785
17786
17787
17788
17789
17790
17791
17792
17793
17794
17795
17796
17797
17798
17799
17800
17801
17802
17803
17804
17805
17806
17807
17808
17809
17810
17811
17812
17813
17814
17815
17816
17817
17818
17819
17820
17821
17822
17823
17824
17825
17826
17827
17828
17829
17830
17831
17832
17833
17834
17835
17836
17837
17838
17839
17840
17841
17842
17843
17844
17845
17846
17847
17848
17849
17850
17851
17852
17853
17854
17855
17856
17857
17858
17859
17860
17861
17862
17863
17864
17865
17866
17867
17868
17869
17870
17871
17872
17873
17874
17875
17876
17877
17878
17879
17880
17881
17882
17883
17884
17885
17886
17887
17888
17889
17890
17891
17892
17893
17894
17895
17896
17897
17898
17899
17900
17901
17902
17903
17904
17905
17906
17907
17908
17909
17910
17911
17912
17913
17914
17915
17916
17917
17918
17919
17920
17921
17922
17923
17924
17925
17926
17927
17928
17929
17930
17931
17932
17933
17934
17935
17936
17937
17938
17939
17940
17941
17942
17943
17944
17945
17946
17947
17948
17949
17950
17951
17952
17953
17954
17955
17956
17957
17958
17959
17960
17961
17962
17963
17964
17965
17966
17967
17968
17969
17970
17971
17972
17973
17974
17975
17976
17977
17978
17979
17980
17981
17982
17983
17984
17985
17986
17987
17988
17989
17990
17991
17992
17993
17994
17995
17996
17997
17998
17999
18000
18001
18002
18003
18004
18005
18006
18007
18008
18009
18010
18011
18012
18013
18014
18015
18016
18017
18018
18019
18020
18021
18022
18023
18024
18025
18026
18027
18028
18029
18030
18031
18032
18033
18034
18035
18036
18037
18038
18039
18040
18041
18042
18043
18044
18045
18046
18047
18048
18049
18050
18051
18052
18053
18054
18055
18056
18057
18058
18059
18060
18061
18062
18063
18064
18065
18066
18067
18068
18069
18070
18071
18072
18073
18074
18075
18076
18077
18078
18079
18080
18081
18082
18083
18084
18085
18086
18087
18088
18089
18090
18091
18092
18093
18094
18095
18096
18097
18098
18099
18100
18101
18102
18103
18104
18105
18106
18107
18108
18109
18110
18111
18112
18113
18114
18115
18116
18117
18118
18119
18120
18121
18122
18123
18124
18125
18126
18127
18128
18129
18130
18131
18132
18133
18134
18135
18136
18137
18138
18139
18140
18141
18142
18143
18144
18145
18146
18147
18148
18149
18150
18151
18152
18153
18154
18155
18156
18157
18158
18159
18160
18161
18162
18163
18164
18165
18166
18167
18168
18169
18170
18171
18172
18173
18174
18175
18176
18177
18178
18179
18180
18181
18182
18183
18184
18185
18186
18187
18188
18189
18190
18191
18192
18193
18194
18195
18196
18197
18198
18199
18200
18201
18202
18203
18204
18205
18206
18207
18208
18209
18210
18211
18212
18213
18214
18215
18216
18217
18218
18219
18220
18221
18222
18223
18224
18225
18226
18227
18228
18229
18230
18231
18232
18233
18234
18235
18236
18237
18238
18239
18240
18241
18242
18243
18244
18245
18246
18247
18248
18249
18250
18251
18252
18253
18254
18255
18256
18257
18258
18259
18260
18261
18262
18263
18264
18265
18266
18267
18268
18269
18270
18271
18272
18273
18274
18275
18276
18277
18278
18279
18280
18281
18282
18283
18284
18285
18286
18287
18288
18289
18290
18291
18292
18293
18294
18295
18296
18297
18298
18299
18300
18301
18302
18303
18304
18305
18306
18307
18308
18309
18310
18311
18312
18313
18314
18315
18316
18317
18318
18319
18320
18321
18322
18323
18324
18325
18326
18327
18328
18329
18330
18331
18332
18333
18334
18335
18336
18337
18338
18339
18340
18341
18342
18343
18344
18345
18346
18347
18348
18349
18350
18351
18352
18353
18354
18355
18356
18357
18358
18359
18360
18361
18362
18363
18364
18365
18366
18367
18368
18369
18370
18371
18372
18373
18374
18375
18376
18377
18378
18379
18380
18381
18382
18383
18384
18385
18386
18387
18388
18389
18390
18391
18392
18393
18394
18395
18396
18397
18398
18399
18400
18401
18402
18403
18404
18405
18406
18407
18408
18409
18410
18411
18412
18413
18414
18415
18416
18417
18418
18419
18420
18421
18422
18423
18424
18425
18426
18427
18428
18429
18430
18431
18432
18433
18434
18435
18436
18437
18438
18439
18440
18441
18442
18443
18444
18445
18446
18447
18448
18449
18450
18451
18452
18453
18454
18455
18456
18457
18458
18459
18460
18461
18462
18463
18464
18465
18466
18467
18468
18469
18470
18471
18472
18473
18474
18475
18476
18477
18478
18479
18480
18481
18482
18483
18484
18485
18486
18487
18488
18489
18490
18491
18492
18493
18494
18495
18496
18497
18498
18499
18500
18501
18502
18503
18504
18505
18506
18507
18508
18509
18510
18511
18512
18513
18514
18515
18516
18517
18518
18519
18520
18521
18522
18523
18524
18525
18526
18527
18528
18529
18530
18531
18532
18533
18534
18535
18536
18537
18538
18539
18540
18541
18542
18543
18544
18545
18546
18547
18548
18549
18550
18551
18552
18553
18554
18555
18556
18557
18558
18559
18560
18561
18562
18563
18564
18565
18566
18567
18568
18569
18570
18571
18572
18573
18574
18575
18576
18577
18578
18579
18580
18581
18582
18583
18584
18585
18586
18587
18588
18589
18590
18591
18592
18593
18594
18595
18596
18597
18598
18599
18600
18601
18602
18603
18604
18605
18606
18607
18608
18609
18610
18611
18612
18613
18614
18615
18616
18617
18618
18619
18620
18621
18622
18623
18624
18625
18626
18627
18628
18629
18630
18631
18632
18633
18634
18635
18636
18637
18638
18639
18640
18641
18642
18643
18644
18645
18646
18647
18648
18649
18650
18651
18652
18653
18654
18655
18656
18657
18658
18659
18660
18661
18662
18663
18664
18665
18666
18667
18668
18669
18670
18671
18672
18673
18674
18675
18676
18677
18678
18679
18680
18681
18682
18683
18684
18685
18686
18687
18688
18689
18690
18691
18692
18693
18694
18695
18696
18697
18698
18699
18700
18701
18702
18703
18704
18705
18706
18707
18708
18709
18710
18711
18712
18713
18714
18715
18716
18717
18718
18719
18720
18721
18722
18723
18724
18725
18726
18727
18728
18729
18730
18731
18732
18733
18734
18735
18736
18737
18738
18739
18740
18741
18742
18743
18744
18745
18746
18747
18748
18749
18750
18751
18752
18753
18754
18755
18756
18757
18758
18759
18760
18761
18762
18763
18764
18765
18766
18767
18768
18769
18770
18771
18772
18773
18774
18775
18776
18777
18778
18779
18780
18781
18782
18783
18784
18785
18786
18787
18788
18789
18790
18791
18792
18793
18794
18795
18796
18797
18798
18799
18800
18801
18802
18803
18804
18805
18806
18807
18808
18809
18810
18811
18812
18813
18814
18815
18816
18817
18818
18819
18820
18821
18822
18823
18824
18825
18826
18827
18828
18829
18830
18831
18832
18833
18834
18835
18836
18837
18838
18839
18840
18841
18842
18843
18844
18845
18846
18847
18848
18849
18850
18851
18852
18853
18854
18855
18856
18857
18858
18859
18860
18861
18862
18863
18864
18865
18866
18867
18868
18869
18870
18871
18872
18873
18874
18875
18876
18877
18878
18879
18880
18881
18882
18883
18884
18885
18886
18887
18888
18889
18890
18891
18892
18893
18894
18895
18896
18897
18898
18899
18900
18901
18902
18903
18904
18905
18906
18907
18908
18909
18910
18911
18912
18913
18914
18915
18916
18917
18918
18919
18920
18921
18922
18923
18924
18925
18926
18927
18928
18929
18930
18931
18932
18933
18934
18935
18936
18937
18938
18939
18940
18941
18942
18943
18944
18945
18946
18947
18948
18949
18950
18951
18952
18953
18954
18955
18956
18957
18958
18959
18960
18961
18962
18963
18964
18965
18966
18967
18968
18969
18970
18971
18972
18973
18974
18975
18976
18977
18978
18979
18980
18981
18982
18983
18984
18985
18986
18987
18988
18989
18990
18991
18992
18993
18994
18995
18996
18997
18998
18999
19000
19001
19002
19003
19004
19005
19006
19007
19008
19009
19010
19011
19012
19013
19014
19015
19016
19017
19018
19019
19020
19021
19022
19023
19024
19025
19026
19027
19028
19029
19030
19031
19032
19033
19034
19035
19036
19037
19038
19039
19040
19041
19042
19043
19044
19045
19046
19047
19048
19049
19050
19051
19052
19053
19054
19055
19056
19057
19058
19059
19060
19061
19062
19063
19064
19065
19066
19067
19068
19069
19070
19071
19072
19073
19074
19075
19076
19077
19078
19079
19080
19081
19082
19083
19084
19085
19086
19087
19088
19089
19090
19091
19092
19093
19094
19095
19096
19097
19098
19099
19100
19101
19102
19103
19104
19105
19106
19107
19108
19109
19110
19111
19112
19113
19114
19115
19116
19117
19118
19119
19120
19121
19122
19123
19124
19125
19126
19127
19128
19129
19130
19131
19132
19133
19134
19135
19136
19137
19138
19139
19140
19141
19142
19143
19144
19145
19146
19147
19148
19149
19150
19151
19152
19153
19154
19155
19156
19157
19158
19159
19160
19161
19162
19163
19164
19165
19166
19167
19168
19169
19170
19171
19172
19173
19174
19175
19176
19177
19178
19179
19180
19181
19182
19183
19184
19185
19186
19187
19188
19189
19190
19191
19192
19193
19194
19195
19196
19197
19198
19199
19200
19201
19202
19203
19204
19205
19206
19207
19208
19209
19210
19211
19212
19213
19214
19215
19216
19217
19218
19219
19220
19221
19222
19223
19224
19225
19226
19227
19228
19229
19230
19231
19232
19233
19234
19235
19236
19237
19238
19239
19240
19241
19242
19243
19244
19245
19246
19247
19248
19249
19250
19251
19252
19253
19254
19255
19256
19257
19258
19259
19260
19261
19262
19263
19264
19265
19266
19267
19268
19269
19270
19271
19272
19273
19274
19275
19276
19277
19278
19279
19280
19281
19282
19283
19284
19285
19286
19287
19288
19289
19290
19291
19292
19293
19294
19295
19296
19297
19298
19299
19300
19301
19302
19303
19304
19305
19306
19307
19308
19309
19310
19311
19312
19313
19314
19315
19316
19317
19318
19319
19320
19321
19322
19323
19324
19325
19326
19327
19328
19329
19330
19331
19332
19333
19334
19335
19336
19337
19338
19339
19340
19341
19342
19343
19344
19345
19346
19347
19348
19349
19350
19351
19352
19353
19354
19355
19356
19357
19358
19359
19360
19361
19362
19363
19364
19365
19366
19367
19368
19369
19370
19371
19372
19373
19374
19375
19376
19377
19378
19379
19380
19381
19382
19383
19384
19385
19386
19387
19388
19389
19390
19391
19392
19393
19394
19395
19396
19397
19398
19399
19400
19401
19402
19403
19404
19405
19406
19407
19408
19409
19410
19411
19412
19413
19414
19415
19416
19417
19418
19419
19420
19421
19422
19423
19424
19425
19426
19427
19428
19429
19430
19431
19432
19433
19434
19435
19436
19437
19438
19439
19440
19441
19442
19443
19444
19445
19446
19447
19448
19449
19450
19451
19452
19453
19454
19455
19456
19457
19458
19459
19460
19461
19462
19463
19464
19465
19466
19467
19468
19469
19470
19471
19472
19473
19474
19475
19476
19477
19478
19479
19480
19481
19482
19483
19484
19485
19486
19487
19488
19489
19490
19491
19492
19493
19494
19495
19496
19497
19498
19499
19500
19501
19502
19503
19504
19505
19506
19507
19508
19509
19510
19511
19512
19513
19514
19515
19516
19517
19518
19519
19520
19521
19522
19523
19524
19525
19526
19527
19528
19529
19530
19531
19532
19533
19534
19535
19536
19537
19538
19539
19540
19541
19542
19543
19544
19545
19546
19547
19548
19549
19550
19551
19552
19553
19554
19555
19556
19557
19558
19559
19560
19561
19562
19563
19564
19565
19566
19567
19568
19569
19570
19571
19572
19573
19574
19575
19576
19577
19578
19579
19580
19581
19582
19583
19584
19585
19586
19587
19588
19589
19590
19591
19592
19593
19594
19595
19596
19597
19598
19599
19600
19601
19602
19603
19604
19605
19606
19607
19608
19609
19610
19611
19612
19613
19614
19615
19616
19617
19618
19619
19620
19621
19622
19623
19624
19625
19626
19627
19628
19629
19630
19631
19632
19633
19634
19635
19636
19637
19638
19639
19640
19641
19642
19643
19644
19645
19646
19647
19648
19649
19650
19651
19652
19653
19654
19655
19656
19657
19658
19659
19660
19661
19662
19663
19664
19665
19666
19667
19668
19669
19670
19671
19672
19673
19674
19675
19676
19677
19678
19679
19680
19681
19682
19683
19684
19685
19686
19687
19688
19689
19690
19691
19692
19693
19694
19695
19696
19697
19698
19699
19700
19701
19702
19703
19704
19705
19706
19707
19708
19709
19710
19711
19712
19713
19714
19715
19716
19717
19718
19719
19720
19721
19722
19723
19724
19725
19726
19727
19728
19729
19730
19731
19732
19733
19734
19735
19736
19737
19738
19739
19740
19741
19742
19743
19744
19745
19746
19747
19748
19749
19750
19751
19752
19753
19754
19755
19756
19757
19758
19759
19760
19761
19762
19763
19764
19765
19766
19767
19768
19769
19770
19771
19772
19773
19774
19775
19776
19777
19778
19779
19780
19781
19782
19783
19784
19785
19786
19787
19788
19789
19790
19791
19792
19793
19794
19795
19796
19797
19798
19799
19800
19801
19802
19803
19804
19805
19806
19807
19808
19809
19810
19811
19812
19813
19814
19815
19816
19817
19818
19819
19820
19821
19822
19823
19824
19825
19826
19827
19828
19829
19830
19831
19832
19833
19834
19835
19836
19837
19838
19839
19840
19841
19842
19843
19844
19845
19846
19847
19848
19849
19850
19851
19852
19853
19854
19855
19856
19857
19858
19859
19860
19861
19862
19863
19864
19865
19866
19867
19868
19869
19870
19871
19872
19873
19874
19875
19876
19877
19878
19879
19880
19881
19882
19883
19884
19885
19886
19887
19888
19889
19890
19891
19892
19893
19894
19895
19896
19897
19898
19899
19900
19901
19902
19903
19904
19905
19906
19907
19908
19909
19910
19911
19912
19913
19914
19915
19916
19917
19918
19919
19920
19921
19922
19923
19924
19925
19926
19927
19928
19929
19930
19931
19932
19933
19934
19935
19936
19937
19938
19939
19940
19941
19942
19943
19944
19945
19946
19947
19948
19949
19950
19951
19952
19953
19954
19955
19956
19957
19958
19959
19960
19961
19962
19963
19964
19965
19966
19967
19968
19969
19970
19971
19972
19973
19974
19975
19976
19977
19978
19979
19980
19981
19982
19983
19984
19985
19986
19987
19988
19989
19990
19991
19992
19993
19994
19995
19996
19997
19998
19999
20000
20001
20002
20003
20004
20005
20006
20007
20008
20009
20010
20011
20012
20013
20014
20015
20016
20017
20018
20019
20020
20021
20022
20023
20024
20025
20026
20027
20028
20029
20030
20031
20032
20033
20034
20035
20036
20037
20038
20039
20040
20041
20042
20043
20044
20045
20046
20047
20048
20049
20050
20051
20052
20053
20054
20055
20056
20057
20058
20059
20060
20061
20062
20063
20064
20065
20066
20067
20068
20069
20070
20071
20072
20073
20074
20075
20076
20077
20078
20079
20080
20081
20082
20083
20084
20085
20086
20087
20088
20089
20090
20091
20092
20093
20094
20095
20096
20097
20098
20099
20100
20101
20102
20103
20104
20105
20106
20107
20108
20109
20110
20111
20112
20113
20114
20115
20116
20117
20118
20119
20120
20121
20122
20123
20124
20125
20126
20127
20128
20129
20130
20131
20132
20133
20134
20135
20136
20137
20138
20139
20140
20141
20142
20143
20144
20145
20146
20147
20148
20149
20150
20151
20152
20153
20154
20155
20156
20157
20158
20159
20160
20161
20162
20163
20164
20165
20166
20167
20168
20169
20170
20171
20172
20173
20174
20175
20176
20177
20178
20179
20180
20181
20182
20183
20184
20185
20186
20187
20188
20189
20190
20191
20192
20193
20194
20195
20196
20197
20198
20199
20200
20201
20202
20203
20204
20205
20206
20207
20208
20209
20210
20211
20212
20213
20214
20215
20216
20217
20218
20219
20220
20221
20222
20223
20224
20225
20226
20227
20228
20229
20230
20231
20232
20233
20234
20235
20236
20237
20238
20239
20240
20241
20242
20243
20244
20245
20246
20247
20248
20249
20250
20251
20252
20253
20254
20255
20256
20257
20258
20259
20260
20261
20262
20263
20264
20265
20266
20267
20268
20269
20270
20271
20272
20273
20274
20275
20276
20277
20278
20279
20280
20281
20282
20283
20284
20285
20286
20287
20288
20289
20290
20291
20292
20293
20294
20295
20296
20297
20298
20299
20300
20301
20302
20303
20304
20305
20306
20307
20308
20309
20310
20311
20312
20313
20314
20315
20316
20317
20318
20319
20320
20321
20322
20323
20324
20325
20326
20327
20328
20329
20330
20331
20332
20333
20334
20335
20336
20337
20338
20339
20340
20341
20342
20343
20344
20345
20346
20347
20348
20349
20350
20351
20352
20353
20354
20355
20356
20357
20358
20359
20360
20361
20362
20363
20364
20365
20366
20367
20368
20369
20370
20371
20372
20373
20374
20375
20376
20377
20378
20379
20380
20381
20382
20383
20384
20385
20386
20387
20388
20389
20390
20391
20392
20393
20394
20395
20396
20397
20398
20399
20400
20401
20402
20403
20404
20405
20406
20407
20408
20409
20410
20411
20412
20413
20414
20415
20416
20417
20418
20419
20420
20421
20422
20423
20424
20425
20426
20427
20428
20429
20430
20431
20432
20433
20434
20435
20436
20437
20438
20439
20440
20441
20442
20443
20444
20445
20446
20447
20448
20449
20450
20451
20452
20453
20454
20455
20456
20457
20458
20459
20460
20461
20462
20463
20464
20465
20466
20467
20468
20469
20470
20471
20472
20473
20474
20475
20476
20477
20478
20479
20480
20481
20482
20483
20484
20485
20486
20487
20488
20489
20490
20491
20492
20493
20494
20495
20496
20497
20498
20499
20500
20501
20502
20503
20504
20505
20506
20507
20508
20509
20510
20511
20512
20513
20514
20515
20516
20517
20518
20519
20520
20521
20522
20523
20524
20525
20526
20527
20528
20529
20530
20531
20532
20533
20534
20535
20536
20537
20538
20539
20540
20541
20542
20543
20544
20545
20546
20547
20548
20549
20550
20551
20552
20553
20554
20555
20556
20557
20558
20559
20560
20561
20562
20563
20564
20565
20566
20567
20568
20569
20570
20571
20572
20573
20574
20575
20576
20577
20578
20579
20580
20581
20582
20583
20584
20585
20586
20587
20588
20589
20590
20591
20592
20593
20594
20595
20596
20597
20598
20599
20600
20601
20602
20603
20604
20605
20606
20607
20608
20609
20610
20611
20612
20613
20614
20615
20616
20617
20618
20619
20620
20621
20622
20623
20624
20625
20626
20627
20628
20629
20630
20631
20632
20633
20634
20635
20636
20637
20638
20639
20640
20641
20642
20643
20644
20645
20646
20647
20648
20649
20650
20651
20652
20653
20654
20655
20656
20657
20658
20659
20660
20661
20662
20663
20664
20665
20666
20667
20668
20669
20670
20671
20672
20673
20674
20675
20676
20677
20678
20679
20680
20681
20682
20683
20684
20685
20686
20687
20688
20689
20690
20691
20692
20693
20694
20695
20696
20697
20698
20699
20700
20701
20702
20703
20704
20705
20706
20707
20708
20709
20710
20711
20712
20713
20714
20715
20716
20717
20718
20719
20720
20721
20722
20723
20724
20725
20726
20727
20728
20729
20730
20731
20732
20733
20734
20735
20736
20737
20738
20739
20740
20741
20742
20743
20744
20745
20746
20747
20748
20749
20750
20751
20752
20753
20754
20755
20756
20757
20758
20759
20760
20761
20762
20763
20764
20765
20766
20767
20768
20769
20770
20771
20772
20773
20774
20775
20776
20777
20778
20779
20780
20781
20782
20783
20784
20785
20786
20787
20788
20789
20790
20791
20792
20793
20794
20795
20796
20797
20798
20799
20800
20801
20802
20803
20804
20805
20806
20807
20808
20809
20810
20811
20812
20813
20814
20815
20816
20817
20818
20819
20820
20821
20822
20823
20824
20825
20826
20827
20828
20829
20830
20831
20832
20833
20834
20835
20836
20837
20838
20839
20840
20841
20842
20843
20844
20845
20846
20847
20848
20849
20850
20851
20852
20853
20854
20855
20856
20857
20858
20859
20860
20861
20862
20863
20864
20865
20866
20867
20868
20869
20870
20871
20872
20873
20874
20875
20876
20877
20878
20879
20880
20881
20882
20883
20884
20885
20886
20887
20888
20889
20890
20891
20892
20893
20894
20895
20896
20897
20898
20899
20900
20901
20902
20903
20904
20905
20906
20907
20908
20909
20910
20911
20912
20913
20914
20915
20916
20917
20918
20919
20920
20921
20922
20923
20924
20925
20926
20927
20928
20929
20930
20931
20932
20933
20934
20935
20936
20937
20938
20939
20940
20941
20942
20943
20944
20945
20946
20947
20948
20949
20950
20951
20952
20953
20954
20955
20956
20957
20958
20959
20960
20961
20962
20963
20964
20965
20966
20967
20968
20969
20970
20971
20972
20973
20974
20975
20976
20977
20978
20979
20980
20981
20982
20983
20984
20985
20986
20987
20988
20989
20990
20991
20992
20993
20994
20995
20996
20997
20998
20999
21000
21001
21002
21003
21004
21005
21006
21007
21008
21009
21010
21011
21012
21013
21014
21015
21016
21017
21018
21019
21020
21021
21022
21023
21024
21025
21026
21027
21028
21029
21030
21031
21032
21033
21034
21035
21036
21037
21038
21039
21040
21041
21042
21043
21044
21045
21046
21047
21048
21049
21050
21051
21052
21053
21054
21055
21056
21057
21058
21059
21060
21061
21062
21063
21064
21065
21066
21067
21068
21069
21070
21071
21072
21073
21074
21075
21076
21077
21078
21079
21080
21081
21082
21083
21084
21085
21086
21087
21088
21089
21090
21091
21092
21093
21094
21095
21096
21097
21098
21099
21100
21101
21102
21103
21104
21105
21106
21107
21108
21109
21110
21111
21112
21113
21114
21115
21116
21117
21118
21119
21120
21121
21122
21123
21124
21125
21126
21127
21128
21129
21130
21131
21132
21133
21134
21135
21136
21137
21138
21139
21140
21141
21142
21143
21144
21145
21146
21147
21148
21149
21150
21151
21152
21153
21154
21155
21156
21157
21158
21159
21160
21161
21162
21163
21164
21165
21166
21167
21168
21169
21170
21171
21172
21173
21174
21175
21176
21177
21178
21179
21180
21181
21182
21183
21184
21185
21186
21187
21188
21189
21190
21191
21192
21193
21194
21195
21196
21197
21198
21199
21200
21201
21202
21203
21204
21205
21206
21207
21208
21209
21210
21211
21212
21213
21214
21215
21216
21217
21218
21219
21220
21221
21222
21223
21224
21225
21226
21227
21228
21229
21230
21231
21232
21233
21234
21235
21236
21237
21238
21239
21240
21241
21242
21243
21244
21245
21246
21247
21248
21249
21250
21251
21252
21253
21254
21255
21256
21257
21258
21259
21260
21261
21262
21263
21264
21265
21266
21267
21268
21269
21270
21271
21272
21273
21274
21275
21276
21277
21278
21279
21280
21281
21282
21283
21284
21285
21286
21287
21288
21289
21290
21291
21292
21293
21294
21295
21296
21297
21298
21299
21300
21301
21302
21303
21304
21305
21306
21307
21308
21309
21310
21311
21312
21313
21314
21315
21316
21317
21318
21319
21320
21321
21322
21323
21324
21325
21326
21327
21328
21329
21330
21331
21332
21333
21334
21335
21336
21337
21338
21339
21340
21341
21342
21343
21344
21345
21346
21347
21348
21349
21350
21351
21352
21353
21354
21355
21356
21357
21358
21359
21360
21361
21362
21363
21364
21365
21366
21367
21368
21369
21370
21371
21372
21373
21374
21375
21376
21377
21378
21379
21380
21381
21382
21383
21384
21385
21386
21387
21388
21389
21390
21391
21392
21393
21394
21395
21396
21397
21398
21399
21400
21401
21402
21403
21404
21405
21406
21407
21408
21409
21410
21411
21412
21413
21414
21415
21416
21417
21418
21419
21420
21421
21422
21423
21424
21425
21426
21427
21428
21429
21430
21431
21432
21433
21434
21435
21436
21437
21438
21439
21440
21441
21442
21443
21444
21445
21446
21447
21448
21449
21450
21451
21452
21453
21454
21455
21456
21457
21458
21459
21460
21461
21462
21463
21464
21465
21466
21467
21468
21469
21470
21471
21472
21473
21474
21475
21476
21477
21478
21479
21480
21481
21482
21483
21484
21485
21486
21487
21488
21489
21490
21491
21492
21493
21494
21495
21496
21497
21498
21499
21500
21501
21502
21503
21504
21505
21506
21507
21508
21509
21510
21511
21512
21513
21514
21515
21516
21517
21518
21519
21520
21521
21522
21523
21524
21525
21526
21527
21528
21529
21530
21531
21532
21533
21534
21535
21536
21537
21538
21539
21540
21541
21542
21543
21544
21545
21546
21547
21548
21549
21550
21551
21552
21553
21554
21555
21556
21557
21558
21559
21560
21561
21562
21563
21564
21565
21566
21567
21568
21569
21570
21571
21572
21573
21574
21575
21576
21577
21578
21579
21580
21581
21582
21583
21584
21585
21586
21587
21588
21589
21590
21591
21592
21593
21594
21595
21596
21597
21598
21599
21600
21601
21602
21603
21604
21605
21606
21607
21608
21609
21610
21611
21612
21613
21614
21615
21616
21617
21618
21619
21620
21621
21622
21623
21624
21625
21626
21627
21628
21629
21630
21631
21632
21633
21634
21635
21636
21637
21638
21639
21640
21641
21642
21643
21644
21645
21646
21647
21648
21649
21650
21651
21652
21653
21654
21655
21656
21657
21658
21659
21660
21661
21662
21663
21664
21665
21666
21667
21668
21669
21670
21671
21672
21673
21674
21675
21676
21677
21678
21679
21680
21681
21682
21683
21684
21685
21686
21687
21688
21689
21690
21691
21692
21693
21694
21695
21696
21697
21698
21699
21700
21701
21702
21703
21704
21705
21706
21707
21708
21709
21710
21711
21712
21713
21714
21715
21716
21717
21718
21719
21720
21721
21722
21723
21724
21725
21726
21727
21728
21729
21730
21731
21732
21733
21734
21735
21736
21737
21738
21739
21740
21741
21742
21743
21744
21745
21746
21747
21748
21749
21750
21751
21752
21753
21754
21755
21756
21757
21758
21759
21760
21761
21762
21763
21764
21765
21766
21767
21768
21769
21770
21771
21772
21773
21774
21775
21776
21777
21778
21779
21780
21781
21782
21783
21784
21785
21786
21787
21788
21789
21790
21791
21792
21793
21794
21795
21796
21797
21798
21799
21800
21801
21802
21803
21804
21805
21806
21807
21808
21809
21810
21811
21812
21813
21814
21815
21816
21817
21818
21819
21820
21821
21822
21823
21824
21825
21826
21827
21828
21829
21830
21831
21832
21833
21834
21835
21836
21837
21838
21839
21840
21841
21842
21843
21844
21845
21846
21847
21848
21849
21850
21851
21852
21853
21854
21855
21856
21857
21858
21859
21860
21861
21862
21863
21864
21865
21866
21867
21868
21869
21870
21871
21872
21873
21874
21875
21876
21877
21878
21879
21880
21881
21882
21883
21884
21885
21886
21887
21888
21889
21890
21891
21892
21893
21894
21895
21896
21897
21898
21899
21900
21901
21902
21903
21904
21905
21906
21907
21908
21909
21910
21911
21912
21913
21914
21915
21916
21917
21918
21919
21920
21921
21922
21923
21924
21925
21926
21927
21928
21929
21930
21931
21932
21933
21934
21935
21936
21937
21938
21939
21940
21941
21942
21943
21944
21945
21946
21947
21948
21949
21950
21951
21952
21953
21954
21955
21956
21957
21958
21959
21960
21961
21962
21963
21964
21965
21966
21967
21968
21969
21970
21971
21972
21973
21974
21975
21976
21977
21978
21979
21980
21981
21982
21983
21984
21985
21986
21987
21988
21989
21990
21991
21992
21993
21994
21995
21996
21997
21998
21999
22000
22001
22002
22003
22004
22005
22006
22007
22008
22009
22010
22011
22012
22013
22014
22015
22016
22017
22018
22019
22020
22021
22022
22023
22024
22025
22026
22027
22028
22029
22030
22031
22032
22033
22034
22035
22036
22037
22038
22039
22040
22041
22042
22043
22044
22045
22046
22047
22048
22049
22050
22051
22052
22053
22054
22055
22056
22057
22058
22059
22060
22061
22062
22063
22064
22065
22066
22067
22068
22069
22070
22071
22072
22073
22074
22075
22076
22077
22078
22079
22080
22081
22082
22083
22084
22085
22086
22087
22088
22089
22090
22091
22092
22093
22094
22095
22096
22097
22098
22099
22100
22101
22102
22103
22104
22105
22106
22107
22108
22109
22110
22111
22112
22113
22114
22115
22116
22117
22118
22119
22120
22121
22122
22123
22124
22125
22126
22127
22128
22129
22130
22131
22132
22133
22134
22135
22136
22137
22138
22139
22140
22141
22142
22143
22144
22145
22146
22147
22148
22149
22150
22151
22152
22153
22154
22155
22156
22157
22158
22159
22160
22161
22162
22163
22164
22165
22166
22167
22168
22169
22170
22171
22172
22173
22174
22175
22176
22177
22178
22179
22180
22181
22182
22183
22184
22185
22186
22187
22188
22189
22190
22191
22192
22193
22194
22195
22196
22197
22198
22199
22200
22201
22202
22203
22204
22205
22206
22207
22208
22209
22210
22211
22212
22213
22214
22215
22216
22217
22218
22219
22220
22221
22222
22223
22224
22225
22226
22227
22228
22229
22230
22231
22232
22233
22234
22235
22236
22237
22238
22239
22240
22241
22242
22243
22244
22245
22246
22247
22248
22249
22250
22251
22252
22253
22254
22255
22256
22257
22258
22259
22260
22261
22262
22263
22264
22265
22266
22267
22268
22269
22270
22271
22272
22273
22274
22275
22276
22277
22278
22279
22280
22281
22282
22283
22284
22285
22286
22287
22288
22289
22290
22291
22292
22293
22294
22295
22296
22297
22298
22299
22300
22301
22302
22303
22304
22305
22306
22307
22308
22309
22310
22311
22312
22313
22314
22315
22316
22317
22318
22319
22320
22321
22322
22323
22324
22325
22326
22327
22328
22329
22330
22331
22332
22333
22334
22335
22336
22337
22338
22339
22340
22341
22342
22343
22344
22345
22346
22347
22348
22349
22350
22351
22352
22353
22354
22355
22356
22357
22358
22359
22360
22361
22362
22363
22364
22365
22366
22367
22368
22369
22370
22371
22372
22373
22374
22375
22376
22377
22378
22379
22380
22381
22382
22383
22384
22385
22386
22387
22388
22389
22390
22391
22392
22393
22394
22395
22396
22397
22398
22399
22400
22401
22402
22403
22404
22405
22406
22407
22408
22409
22410
22411
22412
22413
22414
22415
22416
22417
22418
22419
22420
22421
22422
22423
22424
22425
22426
22427
22428
22429
22430
22431
22432
22433
22434
22435
22436
22437
22438
22439
22440
22441
22442
22443
22444
22445
22446
22447
22448
22449
22450
22451
22452
22453
22454
22455
22456
22457
22458
22459
22460
22461
22462
22463
22464
22465
22466
22467
22468
22469
22470
22471
22472
22473
22474
22475
22476
22477
22478
22479
22480
22481
22482
22483
22484
22485
22486
22487
22488
22489
22490
22491
22492
22493
22494
22495
22496
22497
22498
22499
22500
22501
22502
22503
22504
22505
22506
22507
22508
22509
22510
22511
22512
22513
22514
22515
22516
22517
22518
22519
22520
22521
22522
22523
22524
22525
22526
22527
22528
22529
22530
22531
22532
22533
22534
22535
22536
22537
22538
22539
22540
22541
22542
22543
22544
22545
22546
22547
22548
22549
22550
22551
22552
22553
22554
22555
22556
22557
22558
22559
22560
22561
22562
22563
22564
22565
22566
22567
22568
22569
22570
22571
22572
22573
22574
22575
22576
22577
22578
22579
22580
22581
22582
22583
22584
22585
22586
22587
22588
22589
22590
22591
22592
22593
22594
22595
22596
22597
22598
22599
22600
22601
22602
22603
22604
22605
22606
22607
22608
22609
22610
22611
22612
22613
22614
22615
22616
22617
22618
22619
22620
22621
22622
22623
22624
22625
22626
22627
22628
22629
22630
22631
22632
22633
22634
22635
22636
22637
22638
22639
22640
22641
22642
22643
22644
22645
22646
22647
22648
22649
22650
22651
22652
22653
22654
22655
22656
22657
22658
22659
22660
22661
22662
22663
22664
22665
22666
22667
22668
22669
22670
22671
22672
22673
22674
22675
22676
22677
22678
22679
22680
22681
22682
22683
22684
22685
22686
22687
22688
22689
22690
22691
22692
22693
22694
22695
22696
22697
22698
22699
22700
22701
22702
22703
22704
22705
22706
22707
22708
22709
22710
22711
22712
22713
22714
22715
22716
22717
22718
22719
22720
22721
22722
22723
22724
22725
22726
22727
22728
22729
22730
22731
22732
22733
22734
22735
22736
22737
22738
22739
22740
22741
22742
22743
22744
22745
22746
22747
22748
22749
22750
22751
22752
22753
22754
22755
22756
22757
22758
22759
22760
22761
22762
22763
22764
22765
22766
22767
22768
22769
22770
22771
22772
22773
22774
22775
22776
22777
22778
22779
22780
22781
22782
22783
22784
22785
22786
22787
22788
22789
22790
22791
22792
22793
22794
22795
22796
22797
22798
22799
22800
22801
22802
22803
22804
22805
22806
22807
22808
22809
22810
22811
22812
22813
22814
22815
22816
22817
22818
22819
22820
22821
22822
22823
22824
22825
22826
22827
22828
22829
22830
22831
22832
22833
22834
22835
22836
22837
22838
22839
22840
22841
22842
22843
22844
22845
22846
22847
22848
22849
22850
22851
22852
22853
22854
22855
22856
22857
22858
22859
22860
22861
22862
22863
22864
22865
22866
22867
22868
22869
22870
22871
22872
22873
22874
22875
22876
22877
22878
22879
22880
22881
22882
22883
22884
22885
22886
22887
22888
22889
22890
22891
22892
22893
22894
22895
22896
22897
22898
22899
22900
22901
22902
22903
22904
22905
22906
22907
22908
22909
22910
22911
22912
22913
22914
22915
22916
22917
22918
22919
22920
22921
22922
22923
22924
22925
22926
22927
22928
22929
22930
22931
22932
22933
22934
22935
22936
22937
22938
22939
22940
22941
22942
22943
22944
22945
22946
22947
22948
22949
22950
22951
22952
22953
22954
22955
22956
22957
22958
22959
22960
22961
22962
22963
22964
22965
22966
22967
22968
22969
22970
22971
22972
22973
22974
22975
22976
22977
22978
22979
22980
22981
22982
22983
22984
22985
22986
22987
22988
22989
22990
22991
22992
22993
22994
22995
22996
22997
22998
22999
23000
23001
23002
23003
23004
23005
23006
23007
23008
23009
23010
23011
23012
23013
23014
23015
23016
23017
23018
23019
23020
23021
23022
23023
23024
23025
23026
23027
23028
23029
23030
23031
23032
23033
23034
23035
23036
23037
23038
23039
23040
23041
23042
23043
23044
23045
23046
23047
23048
23049
23050
23051
23052
23053
23054
23055
23056
23057
23058
23059
23060
23061
23062
23063
23064
23065
23066
23067
23068
23069
23070
23071
23072
23073
23074
23075
23076
23077
23078
23079
23080
23081
23082
23083
23084
23085
23086
23087
23088
23089
23090
23091
23092
23093
23094
23095
23096
23097
23098
23099
23100
23101
23102
23103
23104
23105
23106
23107
23108
23109
23110
23111
23112
23113
23114
23115
23116
23117
23118
23119
23120
23121
23122
23123
23124
23125
23126
23127
23128
23129
23130
23131
23132
23133
23134
23135
23136
23137
23138
23139
23140
23141
23142
23143
23144
23145
23146
23147
23148
23149
23150
23151
23152
23153
23154
23155
23156
23157
23158
23159
23160
23161
23162
23163
23164
23165
23166
23167
23168
23169
23170
23171
23172
23173
23174
23175
23176
23177
23178
23179
23180
23181
23182
23183
23184
23185
23186
23187
23188
23189
23190
23191
23192
23193
23194
23195
23196
23197
23198
23199
23200
23201
23202
23203
23204
23205
23206
23207
23208
23209
23210
23211
23212
23213
23214
23215
23216
23217
23218
23219
23220
23221
23222
23223
23224
23225
23226
23227
23228
23229
23230
23231
23232
23233
23234
23235
23236
23237
23238
23239
23240
23241
23242
23243
23244
23245
23246
23247
23248
23249
23250
23251
23252
23253
23254
23255
23256
23257
23258
23259
23260
23261
23262
23263
23264
23265
23266
23267
23268
23269
23270
23271
23272
23273
23274
23275
23276
23277
23278
23279
23280
23281
23282
23283
23284
23285
23286
23287
23288
23289
23290
23291
23292
23293
23294
23295
23296
23297
23298
23299
23300
23301
23302
23303
23304
23305
23306
23307
23308
23309
23310
23311
23312
23313
23314
23315
23316
23317
23318
23319
23320
23321
23322
23323
23324
23325
23326
23327
23328
23329
23330
23331
23332
23333
23334
23335
23336
23337
23338
23339
23340
23341
23342
23343
23344
23345
23346
23347
23348
23349
23350
23351
23352
23353
23354
23355
23356
23357
23358
23359
23360
23361
23362
23363
23364
23365
23366
23367
23368
23369
23370
23371
23372
23373
23374
23375
23376
23377
23378
23379
23380
23381
23382
23383
23384
23385
23386
23387
23388
23389
23390
23391
23392
23393
23394
23395
23396
23397
23398
23399
23400
23401
23402
23403
23404
23405
23406
23407
23408
23409
23410
23411
23412
23413
23414
23415
23416
23417
23418
23419
23420
23421
23422
23423
23424
23425
23426
23427
23428
23429
23430
23431
23432
23433
23434
23435
23436
23437
23438
23439
23440
23441
23442
23443
23444
23445
23446
23447
23448
23449
23450
23451
23452
23453
23454
23455
23456
23457
23458
23459
23460
23461
23462
23463
23464
23465
23466
23467
23468
23469
23470
23471
23472
23473
23474
23475
23476
23477
23478
23479
23480
23481
23482
23483
23484
23485
23486
23487
23488
23489
23490
23491
23492
23493
23494
23495
23496
23497
23498
23499
23500
23501
23502
23503
23504
23505
23506
23507
23508
23509
23510
23511
23512
23513
23514
23515
23516
23517
23518
23519
23520
23521
23522
23523
23524
23525
23526
23527
23528
23529
23530
23531
23532
23533
23534
23535
23536
23537
23538
23539
23540
23541
23542
23543
23544
23545
23546
23547
23548
23549
23550
23551
23552
23553
23554
23555
23556
23557
23558
23559
23560
23561
23562
23563
23564
23565
23566
23567
23568
23569
23570
23571
23572
23573
23574
23575
23576
23577
23578
23579
23580
23581
23582
23583
23584
23585
23586
23587
23588
23589
23590
23591
23592
23593
23594
23595
23596
23597
23598
23599
23600
23601
23602
23603
23604
23605
23606
23607
23608
23609
23610
23611
23612
23613
23614
23615
23616
23617
23618
23619
23620
23621
23622
23623
23624
23625
23626
23627
23628
23629
23630
23631
23632
23633
23634
23635
23636
23637
23638
23639
23640
23641
23642
23643
23644
23645
23646
23647
23648
23649
23650
23651
23652
23653
23654
23655
23656
23657
23658
23659
23660
23661
23662
23663
23664
23665
23666
23667
23668
23669
23670
23671
23672
23673
23674
23675
23676
23677
23678
23679
23680
23681
23682
23683
23684
23685
23686
23687
23688
23689
23690
23691
23692
23693
23694
23695
23696
23697
23698
23699
23700
23701
23702
23703
23704
23705
23706
23707
23708
23709
23710
23711
23712
23713
23714
23715
23716
23717
23718
23719
23720
23721
23722
23723
23724
23725
23726
23727
23728
23729
23730
23731
23732
23733
23734
23735
23736
23737
23738
23739
23740
23741
23742
23743
23744
23745
23746
23747
23748
23749
23750
23751
23752
23753
23754
23755
23756
23757
23758
23759
23760
23761
23762
23763
23764
23765
23766
23767
23768
23769
23770
23771
23772
23773
23774
23775
23776
23777
23778
23779
23780
23781
23782
23783
23784
23785
23786
23787
23788
23789
23790
23791
23792
23793
23794
23795
23796
23797
23798
23799
23800
23801
23802
23803
23804
23805
23806
23807
23808
23809
23810
23811
23812
23813
23814
23815
23816
23817
23818
23819
23820
23821
23822
23823
23824
23825
23826
23827
23828
23829
23830
23831
23832
23833
23834
23835
23836
23837
23838
23839
23840
23841
23842
23843
23844
23845
23846
23847
23848
23849
23850
23851
23852
23853
23854
23855
23856
23857
23858
23859
23860
23861
23862
23863
23864
23865
23866
23867
23868
23869
23870
23871
23872
23873
23874
23875
23876
23877
23878
23879
23880
23881
23882
23883
23884
23885
23886
23887
23888
23889
23890
23891
23892
23893
23894
23895
23896
23897
23898
23899
23900
23901
23902
23903
23904
23905
23906
23907
23908
23909
23910
23911
23912
23913
23914
23915
23916
23917
23918
23919
23920
23921
23922
23923
23924
23925
23926
23927
23928
23929
23930
23931
23932
23933
23934
23935
23936
23937
23938
23939
23940
23941
23942
23943
23944
23945
23946
23947
23948
23949
23950
23951
23952
23953
23954
23955
23956
23957
23958
23959
23960
23961
23962
23963
23964
23965
23966
23967
23968
23969
23970
23971
23972
23973
23974
23975
23976
23977
23978
23979
23980
23981
23982
23983
23984
23985
23986
23987
23988
23989
23990
23991
23992
23993
23994
23995
23996
23997
23998
23999
24000
24001
24002
24003
24004
24005
24006
24007
24008
24009
24010
24011
24012
24013
24014
24015
24016
24017
24018
24019
24020
24021
24022
24023
24024
24025
24026
24027
24028
24029
24030
24031
24032
24033
24034
24035
24036
24037
24038
24039
24040
24041
24042
24043
24044
24045
24046
24047
24048
24049
24050
24051
24052
24053
24054
24055
24056
24057
24058
24059
24060
24061
24062
24063
24064
24065
24066
24067
24068
24069
24070
24071
24072
24073
24074
24075
24076
24077
24078
24079
24080
24081
24082
24083
24084
24085
24086
24087
24088
24089
24090
24091
24092
24093
24094
24095
24096
24097
24098
24099
24100
24101
24102
24103
24104
24105
24106
24107
24108
24109
24110
24111
24112
24113
24114
24115
24116
24117
24118
24119
24120
24121
24122
24123
24124
24125
24126
24127
24128
24129
24130
24131
24132
24133
24134
24135
24136
24137
24138
24139
24140
24141
24142
24143
24144
24145
24146
24147
24148
24149
24150
24151
24152
24153
24154
24155
24156
24157
24158
24159
24160
24161
24162
24163
24164
24165
24166
24167
24168
24169
24170
24171
24172
24173
24174
24175
24176
24177
24178
24179
24180
24181
24182
24183
24184
24185
24186
24187
24188
24189
24190
24191
24192
24193
24194
24195
24196
24197
24198
24199
24200
24201
24202
24203
24204
24205
24206
24207
24208
24209
24210
24211
24212
24213
24214
24215
24216
24217
24218
24219
24220
24221
24222
24223
24224
24225
24226
24227
24228
24229
24230
24231
24232
24233
24234
24235
24236
24237
24238
24239
24240
24241
24242
24243
24244
24245
24246
24247
24248
24249
24250
24251
24252
24253
24254
24255
24256
24257
24258
24259
24260
24261
24262
24263
24264
24265
24266
24267
24268
24269
24270
24271
24272
24273
24274
24275
24276
24277
24278
24279
24280
24281
24282
24283
24284
24285
24286
24287
24288
24289
24290
24291
24292
24293
24294
24295
24296
24297
24298
24299
24300
24301
24302
24303
24304
24305
24306
24307
24308
24309
24310
24311
24312
24313
24314
24315
24316
24317
24318
24319
24320
24321
24322
24323
24324
24325
24326
24327
24328
24329
24330
24331
24332
24333
24334
24335
24336
24337
24338
24339
24340
24341
24342
24343
24344
24345
24346
24347
24348
24349
24350
24351
24352
24353
24354
24355
24356
24357
24358
24359
24360
24361
24362
24363
24364
24365
24366
24367
24368
24369
24370
24371
24372
24373
24374
24375
24376
24377
24378
24379
24380
24381
24382
24383
24384
24385
24386
24387
24388
24389
24390
24391
24392
24393
24394
24395
24396
24397
24398
24399
24400
24401
24402
24403
24404
24405
24406
24407
24408
24409
24410
24411
24412
24413
24414
24415
24416
24417
24418
24419
24420
24421
24422
24423
24424
24425
24426
24427
24428
24429
24430
24431
24432
24433
24434
24435
24436
24437
24438
24439
24440
24441
24442
24443
24444
24445
24446
24447
24448
24449
24450
24451
24452
24453
24454
24455
24456
24457
24458
24459
24460
24461
24462
24463
24464
24465
24466
24467
24468
24469
24470
24471
24472
24473
24474
24475
24476
24477
24478
24479
24480
24481
24482
24483
24484
24485
24486
24487
24488
24489
24490
24491
24492
24493
24494
24495
24496
24497
24498
24499
24500
24501
24502
24503
24504
24505
24506
24507
24508
24509
24510
24511
24512
24513
24514
24515
24516
24517
24518
24519
24520
24521
24522
24523
24524
24525
24526
24527
24528
24529
24530
24531
24532
24533
24534
24535
24536
24537
24538
24539
24540
24541
24542
24543
24544
24545
24546
24547
24548
24549
24550
24551
24552
24553
24554
24555
24556
24557
24558
24559
24560
24561
24562
24563
24564
24565
24566
24567
24568
24569
24570
24571
24572
24573
24574
24575
24576
24577
24578
24579
24580
24581
24582
24583
24584
24585
24586
24587
24588
24589
24590
24591
24592
24593
24594
24595
24596
24597
24598
24599
24600
24601
24602
24603
24604
24605
24606
24607
24608
24609
24610
24611
24612
24613
24614
24615
24616
24617
24618
24619
24620
24621
24622
24623
24624
24625
24626
24627
24628
24629
24630
24631
24632
24633
24634
24635
24636
24637
24638
24639
24640
24641
24642
24643
24644
24645
24646
24647
24648
24649
24650
24651
24652
24653
24654
24655
24656
24657
24658
24659
24660
24661
24662
24663
24664
24665
24666
24667
24668
24669
24670
24671
24672
24673
24674
24675
24676
24677
24678
24679
24680
24681
24682
24683
24684
24685
24686
24687
24688
24689
24690
24691
24692
24693
24694
24695
24696
24697
24698
24699
24700
24701
24702
24703
24704
24705
24706
24707
24708
24709
24710
24711
24712
24713
24714
24715
24716
24717
24718
24719
24720
24721
24722
24723
24724
24725
24726
24727
24728
24729
24730
24731
24732
24733
24734
24735
24736
24737
24738
24739
24740
24741
24742
24743
24744
24745
24746
24747
24748
24749
24750
24751
24752
24753
24754
24755
24756
24757
24758
24759
24760
24761
24762
24763
24764
24765
24766
24767
24768
24769
24770
24771
24772
24773
24774
24775
24776
24777
24778
24779
24780
24781
24782
24783
24784
24785
24786
24787
24788
24789
24790
24791
24792
24793
24794
24795
24796
24797
24798
24799
24800
24801
24802
24803
24804
24805
24806
24807
24808
24809
24810
24811
24812
24813
24814
24815
24816
24817
24818
24819
24820
24821
24822
24823
24824
24825
24826
24827
24828
24829
24830
24831
24832
24833
24834
24835
24836
24837
24838
24839
24840
24841
24842
24843
24844
24845
24846
24847
24848
24849
24850
24851
24852
24853
24854
24855
24856
24857
24858
24859
24860
24861
24862
24863
24864
24865
24866
24867
24868
24869
24870
24871
24872
24873
24874
24875
24876
24877
24878
24879
24880
24881
24882
24883
24884
24885
24886
24887
24888
24889
24890
24891
24892
24893
24894
24895
24896
24897
24898
24899
24900
24901
24902
24903
24904
24905
24906
24907
24908
24909
24910
24911
24912
24913
24914
24915
24916
24917
24918
24919
24920
24921
24922
24923
24924
24925
24926
24927
24928
24929
24930
24931
24932
24933
24934
24935
24936
24937
24938
24939
24940
24941
24942
24943
24944
24945
24946
24947
24948
24949
24950
24951
24952
24953
24954
24955
24956
24957
24958
24959
24960
24961
24962
24963
24964
24965
24966
24967
24968
24969
24970
24971
24972
24973
24974
24975
24976
24977
24978
24979
24980
24981
24982
24983
24984
24985
24986
24987
24988
24989
24990
24991
24992
24993
24994
24995
24996
24997
24998
24999
25000
25001
25002
25003
25004
25005
25006
25007
25008
25009
25010
25011
25012
25013
25014
25015
25016
25017
25018
25019
25020
25021
25022
25023
25024
25025
25026
25027
25028
25029
25030
25031
25032
25033
25034
25035
25036
25037
25038
25039
25040
25041
25042
25043
25044
25045
25046
25047
25048
25049
25050
25051
25052
25053
25054
25055
25056
25057
25058
25059
25060
25061
25062
25063
25064
25065
25066
25067
25068
25069
25070
25071
25072
25073
25074
25075
25076
25077
25078
25079
25080
25081
25082
25083
25084
25085
25086
25087
25088
25089
25090
25091
25092
25093
25094
25095
25096
25097
25098
25099
25100
25101
25102
25103
25104
25105
25106
25107
25108
25109
25110
25111
25112
25113
25114
25115
25116
25117
25118
25119
25120
25121
25122
25123
25124
25125
25126
25127
25128
25129
25130
25131
25132
25133
25134
25135
25136
25137
25138
25139
25140
25141
25142
25143
25144
25145
25146
25147
25148
25149
25150
25151
25152
25153
25154
25155
25156
25157
25158
25159
25160
25161
25162
25163
25164
25165
25166
25167
25168
25169
25170
25171
25172
25173
25174
25175
25176
25177
25178
25179
25180
25181
25182
25183
25184
25185
25186
25187
25188
25189
25190
25191
25192
25193
25194
25195
25196
25197
25198
25199
25200
25201
25202
25203
25204
25205
25206
25207
25208
25209
25210
25211
25212
25213
25214
25215
25216
25217
25218
25219
25220
25221
25222
25223
25224
25225
25226
25227
25228
25229
25230
25231
25232
25233
25234
25235
25236
25237
25238
25239
25240
25241
25242
25243
25244
25245
25246
25247
25248
25249
25250
25251
25252
25253
25254
25255
25256
25257
25258
25259
25260
25261
25262
25263
25264
25265
25266
25267
25268
25269
25270
25271
25272
25273
25274
25275
25276
25277
25278
25279
25280
25281
25282
25283
25284
25285
25286
25287
25288
25289
25290
25291
25292
25293
25294
25295
25296
25297
25298
25299
25300
25301
25302
25303
25304
25305
25306
25307
25308
25309
25310
25311
25312
25313
25314
25315
25316
25317
25318
25319
25320
25321
25322
25323
25324
25325
25326
25327
25328
25329
25330
25331
25332
25333
25334
25335
25336
25337
25338
25339
25340
25341
25342
25343
25344
25345
25346
25347
25348
25349
25350
25351
25352
25353
25354
25355
25356
25357
25358
25359
25360
25361
25362
25363
25364
25365
25366
25367
25368
25369
25370
25371
25372
25373
25374
25375
25376
25377
25378
25379
25380
25381
25382
25383
25384
25385
25386
25387
25388
25389
25390
25391
25392
25393
25394
25395
25396
25397
25398
25399
25400
25401
25402
25403
25404
25405
25406
25407
25408
25409
25410
25411
25412
25413
25414
25415
25416
25417
25418
25419
25420
25421
25422
25423
25424
25425
25426
25427
25428
25429
25430
25431
25432
25433
25434
25435
25436
25437
25438
25439
25440
25441
25442
25443
25444
25445
25446
25447
25448
25449
25450
25451
25452
25453
25454
25455
25456
25457
25458
25459
25460
25461
25462
25463
25464
25465
25466
25467
25468
25469
25470
25471
25472
25473
25474
25475
25476
25477
25478
25479
25480
25481
25482
25483
25484
25485
25486
25487
25488
25489
25490
25491
25492
25493
25494
25495
25496
25497
25498
25499
25500
25501
25502
25503
25504
25505
25506
25507
25508
25509
25510
25511
25512
25513
25514
25515
25516
25517
25518
25519
25520
25521
25522
25523
25524
25525
25526
25527
25528
25529
25530
25531
25532
25533
25534
25535
25536
25537
25538
25539
25540
25541
25542
25543
25544
25545
25546
25547
25548
25549
25550
25551
25552
25553
25554
25555
25556
25557
25558
25559
25560
25561
25562
25563
25564
25565
25566
25567
25568
25569
25570
25571
25572
25573
25574
25575
25576
25577
25578
25579
25580
25581
25582
25583
25584
25585
25586
25587
25588
25589
25590
25591
25592
25593
25594
25595
25596
25597
25598
25599
25600
25601
25602
25603
25604
25605
25606
25607
25608
25609
25610
25611
25612
25613
25614
25615
25616
25617
25618
25619
25620
25621
25622
25623
25624
25625
25626
25627
25628
25629
25630
25631
25632
25633
25634
25635
25636
25637
25638
25639
25640
25641
25642
25643
25644
25645
25646
25647
25648
25649
25650
25651
25652
25653
25654
25655
25656
25657
25658
25659
25660
25661
25662
25663
25664
25665
25666
25667
25668
25669
25670
25671
25672
25673
25674
25675
25676
25677
25678
25679
25680
25681
25682
25683
25684
25685
25686
25687
25688
25689
25690
25691
25692
25693
25694
25695
25696
25697
25698
25699
25700
25701
25702
25703
25704
25705
25706
25707
25708
25709
25710
25711
25712
25713
25714
25715
25716
25717
25718
25719
25720
25721
25722
25723
25724
25725
25726
25727
25728
25729
25730
25731
25732
25733
25734
25735
25736
25737
25738
25739
25740
25741
25742
25743
25744
25745
25746
25747
25748
25749
25750
25751
25752
25753
25754
25755
25756
25757
25758
25759
25760
25761
25762
25763
25764
25765
25766
25767
25768
25769
25770
25771
25772
25773
25774
25775
25776
25777
25778
25779
25780
25781
25782
25783
25784
25785
25786
25787
25788
25789
25790
25791
25792
25793
25794
25795
25796
25797
25798
25799
25800
25801
25802
25803
25804
25805
25806
25807
25808
25809
25810
25811
25812
25813
25814
25815
25816
25817
25818
25819
25820
25821
25822
25823
25824
25825
25826
25827
25828
25829
25830
25831
25832
25833
25834
25835
25836
25837
25838
25839
25840
25841
25842
25843
25844
25845
25846
25847
25848
25849
25850
25851
25852
25853
25854
25855
25856
25857
25858
25859
25860
25861
25862
25863
25864
25865
25866
25867
25868
25869
25870
25871
25872
25873
25874
25875
25876
25877
25878
25879
25880
25881
25882
25883
25884
25885
25886
25887
25888
25889
25890
25891
25892
25893
25894
25895
25896
25897
25898
25899
25900
25901
25902
25903
25904
25905
25906
25907
25908
25909
25910
25911
25912
25913
25914
25915
25916
25917
25918
25919
25920
25921
25922
25923
25924
25925
25926
25927
25928
25929
25930
25931
25932
25933
25934
25935
25936
25937
25938
25939
25940
25941
25942
25943
25944
25945
25946
25947
25948
25949
25950
25951
25952
25953
25954
25955
25956
25957
25958
25959
25960
25961
25962
25963
25964
25965
25966
25967
25968
25969
25970
25971
25972
25973
25974
25975
25976
25977
25978
25979
25980
25981
25982
25983
25984
25985
25986
25987
25988
25989
25990
25991
25992
25993
25994
25995
25996
25997
25998
25999
26000
26001
26002
26003
26004
26005
26006
26007
26008
26009
26010
26011
26012
26013
26014
26015
26016
26017
26018
26019
26020
26021
26022
26023
26024
26025
26026
26027
26028
26029
26030
26031
26032
26033
26034
26035
26036
26037
26038
26039
26040
26041
26042
26043
26044
26045
26046
26047
26048
26049
26050
26051
26052
26053
26054
26055
26056
26057
26058
26059
26060
26061
26062
26063
26064
26065
26066
26067
26068
26069
26070
26071
26072
26073
26074
26075
26076
26077
26078
26079
26080
26081
26082
26083
26084
26085
26086
26087
26088
26089
26090
26091
26092
26093
26094
26095
26096
26097
26098
26099
26100
26101
26102
26103
26104
26105
26106
26107
26108
26109
26110
26111
26112
26113
26114
26115
26116
26117
26118
26119
26120
26121
26122
26123
26124
26125
26126
26127
26128
26129
26130
26131
26132
26133
26134
26135
26136
26137
26138
26139
26140
26141
26142
26143
26144
26145
26146
26147
26148
26149
26150
26151
26152
26153
26154
26155
26156
26157
26158
26159
26160
26161
26162
26163
26164
26165
26166
26167
26168
26169
26170
26171
26172
26173
26174
26175
26176
26177
26178
26179
26180
26181
26182
26183
26184
26185
26186
26187
26188
26189
26190
26191
26192
26193
26194
26195
26196
26197
26198
26199
26200
26201
26202
26203
26204
26205
26206
26207
26208
26209
26210
26211
26212
26213
26214
26215
26216
26217
26218
26219
26220
26221
26222
26223
26224
26225
26226
26227
26228
26229
26230
26231
26232
26233
26234
26235
26236
26237
26238
26239
26240
26241
26242
26243
26244
26245
26246
26247
26248
26249
26250
26251
26252
26253
26254
26255
26256
26257
26258
26259
26260
26261
26262
26263
26264
26265
26266
26267
26268
26269
26270
26271
26272
26273
26274
26275
26276
26277
26278
26279
26280
26281
26282
26283
26284
26285
26286
26287
26288
26289
26290
26291
26292
26293
26294
26295
26296
26297
26298
26299
26300
26301
26302
26303
26304
26305
26306
26307
26308
26309
26310
26311
26312
26313
26314
26315
26316
26317
26318
26319
26320
26321
26322
26323
26324
26325
26326
26327
26328
26329
26330
26331
26332
26333
26334
26335
26336
26337
26338
26339
26340
26341
26342
26343
26344
26345
26346
26347
26348
26349
26350
26351
26352
26353
26354
26355
26356
26357
26358
26359
26360
26361
26362
26363
26364
26365
26366
26367
26368
26369
26370
26371
26372
26373
26374
26375
26376
26377
26378
26379
26380
26381
26382
26383
26384
26385
26386
26387
26388
26389
26390
26391
26392
26393
26394
26395
26396
26397
26398
26399
26400
26401
26402
26403
26404
26405
26406
26407
26408
26409
26410
26411
26412
26413
26414
26415
26416
26417
26418
26419
26420
26421
26422
26423
26424
26425
26426
26427
26428
26429
26430
26431
26432
26433
26434
26435
26436
26437
26438
26439
26440
26441
26442
26443
26444
26445
26446
26447
26448
26449
26450
26451
26452
26453
26454
26455
26456
26457
26458
26459
26460
26461
26462
26463
26464
26465
26466
26467
26468
26469
26470
26471
26472
26473
26474
26475
26476
26477
26478
26479
26480
26481
26482
26483
26484
26485
26486
26487
26488
26489
26490
26491
26492
26493
26494
26495
26496
26497
26498
26499
26500
26501
26502
26503
26504
26505
26506
26507
26508
26509
26510
26511
26512
26513
26514
26515
26516
26517
26518
26519
26520
26521
26522
26523
26524
26525
26526
26527
26528
26529
26530
26531
26532
26533
26534
26535
26536
26537
26538
26539
26540
26541
26542
26543
26544
26545
26546
26547
26548
26549
26550
26551
26552
26553
26554
26555
26556
26557
26558
26559
26560
26561
26562
26563
26564
26565
26566
26567
26568
26569
26570
26571
26572
26573
26574
26575
26576
26577
26578
26579
26580
26581
26582
26583
26584
26585
26586
26587
26588
26589
26590
26591
26592
26593
26594
26595
26596
26597
26598
26599
26600
26601
26602
26603
26604
26605
26606
26607
26608
26609
26610
26611
26612
26613
26614
26615
26616
26617
26618
26619
26620
26621
26622
26623
26624
26625
26626
26627
26628
26629
26630
26631
26632
26633
26634
26635
26636
26637
26638
26639
26640
26641
26642
26643
26644
26645
26646
26647
26648
26649
26650
26651
26652
26653
26654
26655
26656
26657
26658
26659
26660
26661
26662
26663
26664
26665
26666
26667
26668
26669
26670
26671
26672
26673
26674
26675
26676
26677
26678
26679
26680
26681
26682
26683
26684
26685
26686
26687
26688
26689
26690
26691
26692
26693
26694
26695
26696
26697
26698
26699
26700
26701
26702
26703
26704
26705
26706
26707
26708
26709
26710
26711
26712
26713
26714
26715
26716
26717
26718
26719
26720
26721
26722
26723
26724
26725
26726
26727
26728
26729
26730
26731
26732
26733
26734
26735
26736
26737
26738
26739
26740
26741
26742
26743
26744
26745
26746
26747
26748
26749
26750
26751
26752
26753
26754
26755
26756
26757
26758
26759
26760
26761
26762
26763
26764
26765
26766
26767
26768
26769
26770
26771
26772
26773
26774
26775
26776
26777
26778
26779
26780
26781
26782
26783
26784
26785
26786
26787
26788
26789
26790
26791
26792
26793
26794
26795
26796
26797
26798
26799
26800
26801
26802
26803
26804
26805
26806
26807
26808
26809
26810
26811
26812
26813
26814
26815
26816
26817
26818
26819
26820
26821
26822
26823
26824
26825
26826
26827
26828
26829
26830
26831
26832
26833
26834
26835
26836
26837
26838
26839
26840
26841
26842
26843
26844
26845
26846
26847
26848
26849
26850
26851
26852
26853
26854
26855
26856
26857
26858
26859
26860
26861
26862
26863
26864
26865
26866
26867
26868
26869
26870
26871
26872
26873
26874
26875
26876
26877
26878
26879
26880
26881
26882
26883
26884
26885
26886
26887
26888
26889
26890
26891
26892
26893
26894
26895
26896
26897
26898
26899
26900
26901
26902
26903
26904
26905
26906
26907
26908
26909
26910
26911
26912
26913
26914
26915
26916
26917
26918
26919
26920
26921
26922
26923
26924
26925
26926
26927
26928
26929
26930
26931
26932
26933
26934
26935
26936
26937
26938
26939
26940
26941
26942
26943
26944
26945
26946
26947
26948
26949
26950
26951
26952
26953
26954
26955
26956
26957
26958
26959
26960
26961
26962
26963
26964
26965
26966
26967
26968
26969
26970
26971
26972
26973
26974
26975
26976
26977
26978
26979
26980
26981
26982
26983
26984
26985
26986
26987
26988
26989
26990
26991
26992
26993
26994
26995
26996
26997
26998
26999
27000
27001
27002
27003
27004
27005
27006
27007
27008
27009
27010
27011
27012
27013
27014
27015
27016
27017
27018
27019
27020
27021
27022
27023
27024
27025
27026
27027
27028
27029
27030
27031
27032
27033
27034
27035
27036
27037
27038
27039
27040
27041
27042
27043
27044
27045
27046
27047
27048
27049
27050
27051
27052
27053
27054
27055
27056
27057
27058
27059
27060
27061
27062
27063
27064
27065
27066
27067
27068
27069
27070
27071
27072
27073
27074
27075
27076
27077
27078
27079
27080
27081
27082
27083
27084
27085
27086
27087
27088
27089
27090
27091
27092
27093
27094
27095
27096
27097
27098
27099
27100
27101
27102
27103
27104
27105
27106
27107
27108
27109
27110
27111
27112
27113
27114
27115
27116
27117
27118
27119
27120
27121
27122
27123
27124
27125
27126
27127
27128
27129
27130
27131
27132
27133
27134
27135
27136
27137
27138
27139
27140
27141
27142
27143
27144
27145
27146
27147
27148
27149
27150
27151
27152
27153
27154
27155
27156
27157
27158
27159
27160
27161
27162
27163
27164
27165
27166
27167
27168
27169
27170
27171
27172
27173
27174
27175
27176
27177
27178
27179
27180
27181
27182
27183
27184
27185
27186
27187
27188
27189
27190
27191
27192
27193
27194
27195
27196
27197
27198
27199
27200
27201
27202
27203
27204
27205
27206
27207
27208
27209
27210
27211
27212
27213
27214
27215
27216
27217
27218
27219
27220
27221
27222
27223
27224
27225
27226
27227
27228
27229
27230
27231
27232
27233
27234
27235
27236
27237
27238
27239
27240
27241
27242
27243
27244
27245
27246
27247
27248
27249
27250
27251
27252
27253
27254
27255
27256
27257
27258
27259
27260
27261
27262
27263
27264
27265
27266
27267
27268
27269
27270
27271
27272
27273
27274
27275
27276
27277
27278
27279
27280
27281
27282
27283
27284
27285
27286
27287
27288
27289
27290
27291
27292
27293
27294
27295
27296
27297
27298
27299
27300
27301
27302
27303
27304
27305
27306
27307
27308
27309
27310
27311
27312
27313
27314
27315
27316
27317
27318
27319
27320
27321
27322
27323
27324
27325
27326
27327
27328
27329
27330
27331
27332
27333
27334
27335
27336
27337
27338
27339
27340
27341
27342
27343
27344
27345
27346
27347
27348
27349
27350
27351
27352
27353
27354
27355
27356
27357
27358
27359
27360
27361
27362
27363
27364
27365
27366
27367
27368
27369
27370
27371
27372
27373
27374
27375
27376
27377
27378
27379
27380
27381
27382
27383
27384
27385
27386
27387
27388
27389
27390
27391
27392
27393
27394
27395
27396
27397
27398
27399
27400
27401
27402
27403
27404
27405
27406
27407
27408
27409
27410
27411
27412
27413
27414
27415
27416
27417
27418
27419
27420
27421
27422
27423
27424
27425
27426
27427
27428
27429
27430
27431
27432
27433
27434
27435
27436
27437
27438
27439
27440
27441
27442
27443
27444
27445
27446
27447
27448
27449
27450
27451
27452
27453
27454
27455
27456
27457
27458
27459
27460
27461
27462
27463
27464
27465
27466
27467
27468
27469
27470
27471
27472
27473
27474
27475
27476
27477
27478
27479
27480
27481
27482
27483
27484
27485
27486
27487
27488
27489
27490
27491
27492
27493
27494
27495
27496
27497
27498
27499
27500
27501
27502
27503
27504
27505
27506
27507
27508
27509
27510
27511
27512
27513
27514
27515
27516
27517
27518
27519
27520
27521
27522
27523
27524
27525
27526
27527
27528
27529
27530
27531
27532
27533
27534
27535
27536
27537
27538
27539
27540
27541
27542
27543
27544
27545
27546
27547
27548
27549
27550
27551
27552
27553
27554
27555
27556
27557
27558
27559
27560
27561
27562
27563
27564
27565
27566
27567
27568
27569
27570
27571
27572
27573
27574
27575
27576
27577
27578
27579
27580
27581
27582
27583
27584
27585
27586
27587
27588
27589
27590
27591
27592
27593
27594
27595
27596
27597
27598
27599
27600
27601
27602
27603
27604
27605
27606
27607
27608
27609
27610
27611
27612
27613
27614
27615
27616
27617
27618
27619
27620
27621
27622
27623
27624
27625
27626
27627
27628
27629
27630
27631
27632
27633
27634
27635
27636
27637
27638
27639
27640
27641
27642
27643
27644
27645
27646
27647
27648
27649
27650
27651
27652
27653
27654
27655
27656
27657
27658
27659
27660
27661
27662
27663
27664
27665
27666
27667
27668
27669
27670
27671
27672
27673
27674
27675
27676
27677
27678
27679
27680
27681
27682
27683
27684
27685
27686
27687
27688
27689
27690
27691
27692
27693
27694
27695
27696
27697
27698
27699
27700
27701
27702
27703
27704
27705
27706
27707
27708
27709
27710
27711
27712
27713
27714
27715
27716
27717
27718
27719
27720
27721
27722
27723
27724
27725
27726
27727
27728
27729
27730
27731
27732
27733
27734
27735
27736
27737
27738
27739
27740
27741
27742
27743
27744
27745
27746
27747
27748
27749
27750
27751
27752
27753
27754
27755
27756
27757
27758
27759
27760
27761
27762
27763
27764
27765
27766
27767
27768
27769
27770
27771
27772
27773
27774
27775
27776
27777
27778
27779
27780
27781
27782
27783
27784
27785
27786
27787
27788
27789
27790
27791
27792
27793
27794
27795
27796
27797
27798
27799
27800
27801
27802
27803
27804
27805
27806
27807
27808
27809
27810
27811
27812
27813
27814
27815
27816
27817
27818
27819
27820
27821
27822
27823
27824
27825
27826
27827
27828
27829
27830
27831
27832
27833
27834
27835
27836
27837
27838
27839
27840
27841
27842
27843
27844
27845
27846
27847
27848
27849
27850
27851
27852
27853
27854
27855
27856
27857
27858
27859
27860
27861
27862
27863
27864
27865
27866
27867
27868
27869
27870
27871
27872
27873
27874
27875
27876
27877
27878
27879
27880
27881
27882
27883
27884
27885
27886
27887
27888
27889
27890
27891
27892
27893
27894
27895
27896
27897
27898
27899
27900
27901
27902
27903
27904
27905
27906
27907
27908
27909
27910
27911
27912
27913
27914
27915
27916
27917
27918
27919
27920
27921
27922
27923
27924
27925
27926
27927
27928
27929
27930
27931
27932
27933
27934
27935
27936
27937
27938
27939
27940
27941
27942
27943
27944
27945
27946
27947
27948
27949
27950
27951
27952
27953
27954
27955
27956
27957
27958
27959
27960
27961
27962
27963
27964
27965
27966
27967
27968
27969
27970
27971
27972
27973
27974
27975
27976
27977
27978
27979
27980
27981
27982
27983
27984
27985
27986
27987
27988
27989
27990
27991
27992
27993
27994
27995
27996
27997
27998
27999
28000
28001
28002
28003
28004
28005
28006
28007
28008
28009
28010
28011
28012
28013
28014
28015
28016
28017
28018
28019
28020
28021
28022
28023
28024
28025
28026
28027
28028
28029
28030
28031
28032
28033
28034
28035
28036
28037
28038
28039
28040
28041
28042
28043
28044
28045
28046
28047
28048
28049
28050
28051
28052
28053
28054
28055
28056
28057
28058
28059
28060
28061
28062
28063
28064
28065
28066
28067
28068
28069
28070
28071
28072
28073
28074
28075
28076
28077
28078
28079
28080
28081
28082
28083
28084
28085
28086
28087
28088
28089
28090
28091
28092
28093
28094
28095
28096
28097
28098
28099
28100
28101
28102
28103
28104
28105
28106
28107
28108
28109
28110
28111
28112
28113
28114
28115
28116
28117
28118
28119
28120
28121
28122
28123
28124
28125
28126
28127
28128
28129
28130
28131
28132
28133
28134
28135
28136
28137
28138
28139
28140
28141
28142
28143
28144
28145
28146
28147
28148
28149
28150
28151
28152
28153
28154
28155
28156
28157
28158
28159
28160
28161
28162
28163
28164
28165
28166
28167
28168
28169
28170
28171
28172
28173
28174
28175
28176
28177
28178
28179
28180
28181
28182
28183
28184
28185
28186
28187
28188
28189
28190
28191
28192
28193
28194
28195
28196
28197
28198
28199
28200
28201
28202
28203
28204
28205
28206
28207
28208
28209
28210
28211
28212
28213
28214
28215
28216
28217
28218
28219
28220
28221
28222
28223
28224
28225
28226
28227
28228
28229
28230
28231
28232
28233
28234
28235
28236
28237
28238
28239
28240
28241
28242
28243
28244
28245
28246
28247
28248
28249
28250
28251
28252
28253
28254
28255
28256
28257
28258
28259
28260
28261
28262
28263
28264
28265
28266
28267
28268
28269
28270
28271
28272
28273
28274
28275
28276
28277
28278
28279
28280
28281
28282
28283
28284
28285
28286
28287
28288
28289
28290
28291
28292
28293
28294
28295
28296
28297
28298
28299
28300
28301
28302
28303
28304
28305
28306
28307
28308
28309
28310
28311
28312
28313
28314
28315
28316
28317
28318
28319
28320
28321
28322
28323
28324
28325
28326
28327
28328
28329
28330
28331
28332
28333
28334
28335
28336
28337
28338
28339
28340
28341
28342
28343
28344
28345
28346
28347
28348
28349
28350
28351
28352
28353
28354
28355
28356
28357
28358
28359
28360
28361
28362
28363
28364
28365
28366
28367
28368
28369
28370
28371
28372
28373
28374
28375
28376
28377
28378
28379
28380
28381
28382
28383
28384
28385
28386
28387
28388
28389
28390
28391
28392
28393
28394
28395
28396
28397
28398
28399
28400
28401
28402
28403
28404
28405
28406
28407
28408
28409
28410
28411
28412
28413
28414
28415
28416
28417
28418
28419
28420
28421
28422
28423
28424
28425
28426
28427
28428
28429
28430
28431
28432
28433
28434
28435
28436
28437
28438
28439
28440
28441
28442
28443
28444
28445
28446
28447
28448
28449
28450
28451
28452
28453
28454
28455
28456
28457
28458
28459
28460
28461
28462
28463
28464
28465
28466
28467
28468
28469
28470
28471
28472
28473
28474
28475
28476
28477
28478
28479
28480
28481
28482
28483
28484
28485
28486
28487
28488
28489
28490
28491
28492
28493
28494
28495
28496
28497
28498
28499
28500
28501
28502
28503
28504
28505
28506
28507
28508
28509
28510
28511
28512
28513
28514
28515
28516
28517
28518
28519
28520
28521
28522
28523
28524
28525
28526
28527
28528
28529
28530
28531
28532
28533
28534
28535
28536
28537
28538
28539
28540
28541
28542
28543
28544
28545
28546
28547
28548
28549
28550
28551
28552
28553
28554
28555
28556
28557
28558
28559
28560
28561
28562
28563
28564
28565
28566
28567
28568
28569
28570
28571
28572
28573
28574
28575
28576
28577
28578
28579
28580
28581
28582
28583
28584
28585
28586
28587
28588
28589
28590
28591
28592
28593
28594
28595
28596
28597
28598
28599
28600
28601
28602
28603
28604
28605
28606
28607
28608
28609
28610
28611
28612
28613
28614
28615
28616
28617
28618
28619
28620
28621
28622
28623
28624
28625
28626
28627
28628
28629
28630
28631
28632
28633
28634
28635
28636
28637
28638
28639
28640
28641
28642
28643
28644
28645
28646
28647
28648
28649
28650
28651
28652
28653
28654
28655
28656
28657
28658
28659
28660
28661
28662
28663
28664
28665
28666
28667
28668
28669
28670
28671
28672
28673
28674
28675
28676
28677
28678
28679
28680
28681
28682
28683
28684
28685
28686
28687
28688
28689
28690
28691
28692
28693
28694
28695
28696
28697
28698
28699
28700
28701
28702
28703
28704
28705
28706
28707
28708
28709
28710
28711
28712
28713
28714
28715
28716
28717
28718
28719
28720
28721
28722
28723
28724
28725
28726
28727
28728
28729
28730
28731
28732
28733
28734
28735
28736
28737
28738
28739
28740
28741
28742
28743
28744
28745
28746
28747
28748
28749
28750
28751
28752
28753
28754
28755
28756
28757
28758
28759
28760
28761
28762
28763
28764
28765
28766
28767
28768
28769
28770
28771
28772
28773
28774
28775
28776
28777
28778
28779
28780
28781
28782
28783
28784
28785
28786
28787
28788
28789
28790
28791
28792
28793
28794
28795
28796
28797
28798
28799
28800
28801
28802
28803
28804
28805
28806
28807
28808
28809
28810
28811
28812
28813
28814
28815
28816
28817
28818
28819
28820
28821
28822
28823
28824
28825
28826
28827
28828
28829
28830
28831
28832
28833
28834
28835
28836
28837
28838
28839
28840
28841
28842
28843
28844
28845
28846
28847
28848
28849
28850
28851
28852
28853
28854
28855
28856
28857
28858
28859
28860
28861
28862
28863
28864
28865
28866
28867
28868
28869
28870
28871
28872
28873
28874
28875
28876
28877
28878
28879
28880
28881
28882
28883
28884
28885
28886
28887
28888
28889
28890
28891
28892
28893
28894
28895
28896
28897
28898
28899
28900
28901
28902
28903
28904
28905
28906
28907
28908
28909
28910
28911
28912
28913
28914
28915
28916
28917
28918
28919
28920
28921
28922
28923
28924
28925
28926
28927
28928
28929
28930
28931
28932
28933
28934
28935
28936
28937
28938
28939
28940
28941
28942
28943
28944
28945
28946
28947
28948
28949
28950
28951
28952
28953
28954
28955
28956
28957
28958
28959
28960
28961
28962
28963
28964
28965
28966
28967
28968
28969
28970
28971
28972
28973
28974
28975
28976
28977
28978
28979
28980
28981
28982
28983
28984
28985
28986
28987
28988
28989
28990
28991
28992
28993
28994
28995
28996
28997
28998
28999
29000
29001
29002
29003
29004
29005
29006
29007
29008
29009
29010
29011
29012
29013
29014
29015
29016
29017
29018
29019
29020
29021
29022
29023
29024
29025
29026
29027
29028
29029
29030
29031
29032
29033
29034
29035
29036
29037
29038
29039
29040
29041
29042
29043
29044
29045
29046
29047
29048
29049
29050
29051
29052
29053
29054
29055
29056
29057
29058
29059
29060
29061
29062
29063
29064
29065
29066
29067
29068
29069
29070
29071
29072
29073
29074
29075
29076
29077
29078
29079
29080
29081
29082
29083
29084
29085
29086
29087
29088
29089
29090
29091
29092
29093
29094
29095
29096
29097
29098
29099
29100
29101
29102
29103
29104
29105
29106
29107
29108
29109
29110
29111
29112
29113
29114
29115
29116
29117
29118
29119
29120
29121
29122
29123
29124
29125
29126
29127
29128
29129
29130
29131
29132
29133
29134
29135
29136
29137
29138
29139
29140
29141
29142
29143
29144
29145
29146
29147
29148
29149
29150
29151
29152
29153
29154
29155
29156
29157
29158
29159
29160
29161
29162
29163
29164
29165
29166
29167
29168
29169
29170
29171
29172
29173
29174
29175
29176
29177
29178
29179
29180
29181
29182
29183
29184
29185
29186
29187
29188
29189
29190
29191
29192
29193
29194
29195
29196
29197
29198
29199
29200
29201
29202
29203
29204
29205
29206
29207
29208
29209
29210
29211
29212
29213
29214
29215
29216
29217
29218
29219
29220
29221
29222
29223
29224
29225
29226
29227
29228
29229
29230
29231
29232
29233
29234
29235
29236
29237
29238
29239
29240
29241
29242
29243
29244
29245
29246
29247
29248
29249
29250
29251
29252
29253
29254
29255
29256
29257
29258
29259
29260
29261
29262
29263
29264
29265
29266
29267
29268
29269
29270
29271
29272
29273
29274
29275
29276
29277
29278
29279
29280
29281
29282
29283
29284
29285
29286
29287
29288
29289
29290
29291
29292
29293
29294
29295
29296
29297
29298
29299
29300
29301
29302
29303
29304
29305
29306
29307
29308
29309
29310
29311
29312
29313
29314
29315
29316
29317
29318
29319
29320
29321
29322
29323
29324
29325
29326
29327
29328
29329
29330
29331
29332
29333
29334
29335
29336
29337
29338
29339
29340
29341
29342
29343
29344
29345
29346
29347
29348
29349
29350
29351
29352
29353
29354
29355
29356
29357
29358
29359
29360
29361
29362
29363
29364
29365
29366
29367
29368
29369
29370
29371
29372
29373
29374
29375
29376
29377
29378
29379
29380
29381
29382
29383
29384
29385
29386
29387
29388
29389
29390
29391
29392
29393
29394
29395
29396
29397
29398
29399
29400
29401
29402
29403
29404
29405
29406
29407
29408
29409
29410
29411
29412
29413
29414
29415
29416
29417
29418
29419
29420
29421
29422
29423
29424
29425
29426
29427
29428
29429
29430
29431
29432
29433
29434
29435
29436
29437
29438
29439
29440
29441
29442
29443
29444
29445
29446
29447
29448
29449
29450
29451
29452
29453
29454
29455
29456
29457
29458
29459
29460
29461
29462
29463
29464
29465
29466
29467
29468
29469
29470
29471
29472
29473
29474
29475
29476
29477
29478
29479
29480
29481
29482
29483
29484
29485
29486
29487
29488
29489
29490
29491
29492
29493
29494
29495
29496
29497
29498
29499
29500
29501
29502
29503
29504
29505
29506
29507
29508
29509
29510
29511
29512
29513
29514
29515
29516
29517
29518
29519
29520
29521
29522
29523
29524
29525
29526
29527
29528
29529
29530
29531
29532
29533
29534
29535
29536
29537
29538
29539
29540
29541
29542
29543
29544
29545
29546
29547
29548
29549
29550
29551
29552
29553
29554
29555
29556
29557
29558
29559
29560
29561
29562
29563
29564
29565
29566
29567
29568
29569
29570
29571
29572
29573
29574
29575
29576
29577
29578
29579
29580
29581
29582
29583
29584
29585
29586
29587
29588
29589
29590
29591
29592
29593
29594
29595
29596
29597
29598
29599
29600
29601
29602
29603
29604
29605
29606
29607
29608
29609
29610
29611
29612
29613
29614
29615
29616
29617
29618
29619
29620
29621
29622
29623
29624
29625
29626
29627
29628
29629
29630
29631
29632
29633
29634
29635
29636
29637
29638
29639
29640
29641
29642
29643
29644
29645
29646
29647
29648
29649
29650
29651
29652
29653
29654
29655
29656
29657
29658
29659
29660
29661
29662
29663
29664
29665
29666
29667
29668
29669
29670
29671
29672
29673
29674
29675
29676
29677
29678
29679
29680
29681
29682
29683
29684
29685
29686
29687
29688
29689
29690
29691
29692
29693
29694
29695
29696
29697
29698
29699
29700
29701
29702
29703
29704
29705
29706
29707
29708
29709
29710
29711
29712
29713
29714
29715
29716
29717
29718
29719
29720
29721
29722
29723
29724
29725
29726
29727
29728
29729
29730
29731
29732
29733
29734
29735
29736
29737
29738
29739
29740
29741
29742
29743
29744
29745
29746
29747
29748
29749
29750
29751
29752
29753
29754
29755
29756
29757
29758
29759
29760
29761
29762
29763
29764
29765
29766
29767
29768
29769
29770
29771
29772
29773
29774
29775
29776
29777
29778
29779
29780
29781
29782
29783
29784
29785
29786
29787
29788
29789
29790
29791
29792
29793
29794
29795
29796
29797
29798
29799
29800
29801
29802
29803
29804
29805
29806
29807
29808
29809
29810
29811
29812
29813
29814
29815
29816
29817
29818
29819
29820
29821
29822
29823
29824
29825
29826
29827
29828
29829
29830
29831
29832
29833
29834
29835
29836
29837
29838
29839
29840
29841
29842
29843
29844
29845
29846
29847
29848
29849
29850
29851
29852
29853
29854
29855
29856
29857
29858
29859
29860
29861
29862
29863
29864
29865
29866
29867
29868
29869
29870
29871
29872
29873
29874
29875
29876
29877
29878
29879
29880
29881
29882
29883
29884
29885
29886
29887
29888
29889
29890
29891
29892
29893
29894
29895
29896
29897
29898
29899
29900
29901
29902
29903
29904
29905
29906
29907
29908
29909
29910
29911
29912
29913
29914
29915
29916
29917
29918
29919
29920
29921
29922
29923
29924
29925
29926
29927
29928
29929
29930
29931
29932
29933
29934
29935
29936
29937
29938
29939
29940
29941
29942
29943
29944
29945
29946
29947
29948
29949
29950
29951
29952
29953
29954
29955
29956
29957
29958
29959
29960
29961
29962
29963
29964
29965
29966
29967
29968
29969
29970
29971
29972
29973
29974
29975
29976
29977
29978
29979
29980
29981
29982
29983
29984
29985
29986
29987
29988
29989
29990
29991
29992
29993
29994
29995
29996
29997
29998
29999
30000
30001
30002
30003
30004
30005
30006
30007
30008
30009
30010
30011
30012
30013
30014
30015
30016
30017
30018
30019
30020
30021
30022
30023
30024
30025
30026
30027
30028
30029
30030
30031
30032
30033
30034
30035
30036
30037
30038
30039
30040
30041
30042
30043
30044
30045
30046
30047
30048
30049
30050
30051
30052
30053
30054
30055
30056
30057
30058
30059
30060
30061
30062
30063
30064
30065
30066
30067
30068
30069
30070
30071
30072
30073
30074
30075
30076
30077
30078
30079
30080
30081
30082
30083
30084
30085
30086
30087
30088
30089
30090
30091
30092
30093
30094
30095
30096
30097
30098
30099
30100
30101
30102
30103
30104
30105
30106
30107
30108
30109
30110
30111
30112
30113
30114
30115
30116
30117
30118
30119
30120
30121
30122
30123
30124
30125
30126
30127
30128
30129
30130
30131
30132
30133
30134
30135
30136
30137
30138
30139
30140
30141
30142
30143
30144
30145
30146
30147
30148
30149
30150
30151
30152
30153
30154
30155
30156
30157
30158
30159
30160
30161
30162
30163
30164
30165
30166
30167
30168
30169
30170
30171
30172
30173
30174
30175
30176
30177
30178
30179
30180
30181
30182
30183
30184
30185
30186
30187
30188
30189
30190
30191
30192
30193
30194
30195
30196
30197
30198
30199
30200
30201
30202
30203
30204
30205
30206
30207
30208
30209
30210
30211
30212
30213
30214
30215
30216
30217
30218
30219
30220
30221
30222
30223
30224
30225
30226
30227
30228
30229
30230
30231
30232
30233
30234
30235
30236
30237
30238
30239
30240
30241
30242
30243
30244
30245
30246
30247
30248
30249
30250
30251
30252
30253
30254
30255
30256
30257
30258
30259
30260
30261
30262
30263
30264
30265
30266
30267
30268
30269
30270
30271
30272
30273
30274
30275
30276
30277
30278
30279
30280
30281
30282
30283
30284
30285
30286
30287
30288
30289
30290
30291
30292
30293
30294
30295
30296
30297
30298
30299
30300
30301
30302
30303
30304
30305
30306
30307
30308
30309
30310
30311
30312
30313
30314
30315
30316
30317
30318
30319
30320
30321
30322
30323
30324
30325
30326
30327
30328
30329
30330
30331
30332
30333
30334
30335
30336
30337
30338
30339
30340
30341
30342
30343
30344
30345
30346
30347
30348
30349
30350
30351
30352
30353
30354
30355
30356
30357
30358
30359
30360
30361
30362
30363
30364
30365
30366
30367
30368
30369
30370
30371
30372
30373
30374
30375
30376
30377
30378
30379
30380
30381
30382
30383
30384
30385
30386
30387
30388
30389
30390
30391
30392
30393
30394
30395
30396
30397
30398
30399
30400
30401
30402
30403
30404
30405
30406
30407
30408
30409
30410
30411
30412
30413
30414
30415
30416
30417
30418
30419
30420
30421
30422
30423
30424
30425
30426
30427
30428
30429
30430
30431
30432
30433
30434
30435
30436
30437
30438
30439
30440
30441
30442
30443
30444
30445
30446
30447
30448
30449
30450
30451
30452
30453
30454
30455
30456
30457
30458
30459
30460
30461
30462
30463
30464
30465
30466
30467
30468
30469
30470
30471
30472
30473
30474
30475
30476
30477
30478
30479
30480
30481
30482
30483
30484
30485
30486
30487
30488
30489
30490
30491
30492
30493
30494
30495
30496
30497
30498
30499
30500
30501
30502
30503
30504
30505
30506
30507
30508
30509
30510
30511
30512
30513
30514
30515
30516
30517
30518
30519
30520
30521
30522
30523
30524
30525
30526
30527
30528
30529
30530
30531
30532
30533
30534
30535
30536
30537
30538
30539
30540
30541
30542
30543
30544
30545
30546
30547
30548
30549
30550
30551
30552
30553
30554
30555
30556
30557
30558
30559
30560
30561
30562
30563
30564
30565
30566
30567
30568
30569
30570
30571
30572
30573
30574
30575
30576
30577
30578
30579
30580
30581
30582
30583
30584
30585
30586
30587
30588
30589
30590
30591
30592
30593
30594
30595
30596
30597
30598
30599
30600
30601
30602
30603
30604
30605
30606
30607
30608
30609
30610
30611
30612
30613
30614
30615
30616
30617
30618
30619
30620
30621
30622
30623
30624
30625
30626
30627
30628
30629
30630
30631
30632
30633
30634
30635
30636
30637
30638
30639
30640
30641
30642
30643
30644
30645
30646
30647
30648
30649
30650
30651
30652
30653
30654
30655
30656
30657
30658
30659
30660
30661
30662
30663
30664
30665
30666
30667
30668
30669
30670
30671
30672
30673
30674
30675
30676
30677
30678
30679
30680
30681
30682
30683
30684
30685
30686
30687
30688
30689
30690
30691
30692
30693
30694
30695
30696
30697
30698
30699
30700
30701
30702
30703
30704
30705
30706
30707
30708
30709
30710
30711
30712
30713
30714
30715
30716
30717
30718
30719
30720
30721
30722
30723
30724
30725
30726
30727
30728
30729
30730
30731
30732
30733
30734
30735
30736
30737
30738
30739
30740
30741
30742
30743
30744
30745
30746
30747
30748
30749
30750
30751
30752
30753
30754
30755
30756
30757
30758
30759
30760
30761
30762
30763
30764
30765
30766
30767
30768
30769
30770
30771
30772
30773
30774
30775
30776
30777
30778
30779
30780
30781
30782
30783
30784
30785
30786
30787
30788
30789
30790
30791
30792
30793
30794
30795
30796
30797
30798
30799
30800
30801
30802
30803
30804
30805
30806
30807
30808
30809
30810
30811
30812
30813
30814
30815
30816
30817
30818
30819
30820
30821
30822
30823
30824
30825
30826
30827
30828
30829
30830
30831
30832
30833
30834
30835
30836
30837
30838
30839
30840
30841
30842
30843
30844
30845
30846
30847
30848
30849
30850
30851
30852
30853
30854
30855
30856
30857
30858
30859
30860
30861
30862
30863
30864
30865
30866
30867
30868
30869
30870
30871
30872
30873
30874
30875
30876
30877
30878
30879
30880
30881
30882
30883
30884
30885
30886
30887
30888
30889
30890
30891
30892
30893
30894
30895
30896
30897
30898
30899
30900
30901
30902
30903
30904
30905
30906
30907
30908
30909
30910
30911
30912
30913
30914
30915
30916
30917
30918
30919
30920
30921
30922
30923
30924
30925
30926
30927
30928
30929
30930
30931
30932
30933
30934
30935
30936
30937
30938
30939
30940
30941
30942
30943
30944
30945
30946
30947
30948
30949
30950
30951
30952
30953
30954
30955
30956
30957
30958
30959
30960
30961
30962
30963
30964
30965
30966
30967
30968
30969
30970
30971
30972
30973
30974
30975
30976
30977
30978
30979
30980
30981
30982
30983
30984
30985
30986
30987
30988
30989
30990
30991
30992
30993
30994
30995
30996
30997
30998
30999
31000
31001
31002
31003
31004
31005
31006
31007
31008
31009
31010
31011
31012
31013
31014
31015
31016
31017
31018
31019
31020
31021
31022
31023
31024
31025
31026
31027
31028
31029
31030
31031
31032
31033
31034
31035
31036
31037
31038
31039
31040
31041
31042
31043
31044
31045
31046
31047
31048
31049
31050
31051
31052
31053
31054
31055
31056
31057
31058
31059
31060
31061
31062
31063
31064
31065
31066
31067
31068
31069
31070
31071
31072
31073
31074
31075
31076
31077
31078
31079
31080
31081
31082
31083
31084
31085
31086
31087
31088
31089
31090
31091
31092
31093
31094
31095
31096
31097
31098
31099
31100
31101
31102
31103
31104
31105
31106
31107
31108
31109
31110
31111
31112
31113
31114
31115
31116
31117
31118
31119
31120
31121
31122
31123
31124
31125
31126
31127
31128
31129
31130
31131
31132
31133
31134
31135
31136
31137
31138
31139
31140
31141
31142
31143
31144
31145
31146
31147
31148
31149
31150
31151
31152
31153
31154
31155
31156
31157
31158
31159
31160
31161
31162
31163
31164
31165
31166
31167
31168
31169
31170
31171
31172
31173
31174
31175
31176
31177
31178
31179
31180
31181
31182
31183
31184
31185
31186
31187
31188
31189
31190
31191
31192
31193
31194
31195
31196
31197
31198
31199
31200
31201
31202
31203
31204
31205
31206
31207
31208
31209
31210
31211
31212
31213
31214
31215
31216
31217
31218
31219
31220
31221
31222
31223
31224
31225
31226
31227
31228
31229
31230
31231
31232
31233
31234
31235
31236
31237
31238
31239
31240
31241
31242
31243
31244
31245
31246
31247
31248
31249
31250
31251
31252
31253
31254
31255
31256
31257
31258
31259
31260
31261
31262
31263
31264
31265
31266
31267
31268
31269
31270
31271
31272
31273
31274
31275
31276
31277
31278
31279
31280
31281
31282
31283
31284
31285
31286
31287
31288
31289
31290
31291
31292
31293
31294
31295
31296
31297
31298
31299
31300
31301
31302
31303
31304
31305
31306
31307
31308
31309
31310
31311
31312
31313
31314
31315
31316
31317
31318
31319
31320
31321
31322
31323
31324
31325
31326
31327
31328
31329
31330
31331
31332
31333
31334
31335
31336
31337
31338
31339
31340
31341
31342
31343
31344
31345
31346
31347
31348
31349
31350
31351
31352
31353
31354
31355
31356
31357
31358
31359
31360
31361
31362
31363
31364
31365
31366
31367
31368
31369
31370
31371
31372
31373
31374
31375
31376
31377
31378
31379
31380
31381
31382
31383
31384
31385
31386
31387
31388
31389
31390
31391
31392
31393
31394
31395
31396
31397
31398
31399
31400
31401
31402
31403
31404
31405
31406
31407
31408
31409
31410
31411
31412
31413
31414
31415
31416
31417
31418
31419
31420
31421
31422
31423
31424
31425
31426
31427
31428
31429
31430
31431
31432
31433
31434
31435
31436
31437
31438
31439
31440
31441
31442
31443
31444
31445
31446
31447
31448
31449
31450
31451
31452
31453
31454
31455
31456
31457
31458
31459
31460
31461
31462
31463
31464
31465
31466
31467
31468
31469
31470
31471
31472
31473
31474
31475
31476
31477
31478
31479
31480
31481
31482
31483
31484
31485
31486
31487
31488
31489
31490
31491
31492
31493
31494
31495
31496
31497
31498
31499
31500
31501
31502
31503
31504
31505
31506
31507
31508
31509
31510
31511
31512
31513
31514
31515
31516
31517
31518
31519
31520
31521
31522
31523
31524
31525
31526
31527
31528
31529
31530
31531
31532
31533
31534
31535
31536
31537
31538
31539
31540
31541
31542
31543
31544
31545
31546
31547
31548
31549
31550
31551
31552
31553
31554
31555
31556
31557
31558
31559
31560
31561
31562
31563
31564
31565
31566
31567
31568
31569
31570
31571
31572
31573
31574
31575
31576
31577
31578
31579
31580
31581
31582
31583
31584
31585
31586
31587
31588
31589
31590
31591
31592
31593
31594
31595
31596
31597
31598
31599
31600
31601
31602
31603
31604
31605
31606
31607
31608
31609
31610
31611
31612
31613
31614
31615
31616
31617
31618
31619
31620
31621
31622
31623
31624
31625
31626
31627
31628
31629
31630
31631
31632
31633
31634
31635
31636
31637
31638
31639
31640
31641
31642
31643
31644
31645
31646
31647
31648
31649
31650
31651
31652
31653
31654
31655
31656
31657
31658
31659
31660
31661
31662
31663
31664
31665
31666
31667
31668
31669
31670
31671
31672
31673
31674
31675
31676
31677
31678
31679
31680
31681
31682
31683
31684
31685
31686
31687
31688
31689
31690
31691
31692
31693
31694
31695
31696
31697
31698
31699
31700
31701
31702
31703
31704
31705
31706
31707
31708
31709
31710
31711
31712
31713
31714
31715
31716
31717
31718
31719
31720
31721
31722
31723
31724
31725
31726
31727
31728
31729
31730
31731
31732
31733
31734
31735
31736
31737
31738
31739
31740
31741
31742
31743
31744
31745
31746
31747
31748
31749
31750
31751
31752
31753
31754
31755
31756
31757
31758
31759
31760
31761
31762
31763
31764
31765
31766
31767
31768
31769
31770
31771
31772
31773
31774
31775
31776
31777
31778
31779
31780
31781
31782
31783
31784
31785
31786
31787
31788
31789
31790
31791
31792
31793
31794
31795
31796
31797
31798
31799
31800
31801
31802
31803
31804
31805
31806
31807
31808
31809
31810
31811
31812
31813
31814
31815
31816
31817
31818
31819
31820
31821
31822
31823
31824
31825
31826
31827
31828
31829
31830
31831
31832
31833
31834
31835
31836
31837
31838
31839
31840
31841
31842
31843
31844
31845
31846
31847
31848
31849
31850
31851
31852
31853
31854
31855
31856
31857
31858
31859
31860
31861
31862
31863
31864
31865
31866
31867
31868
31869
31870
31871
31872
31873
31874
31875
31876
31877
31878
31879
31880
31881
31882
31883
31884
31885
31886
31887
31888
31889
31890
31891
31892
31893
31894
31895
31896
31897
31898
31899
31900
31901
31902
31903
31904
31905
31906
31907
31908
31909
31910
31911
31912
31913
31914
31915
31916
31917
31918
31919
31920
31921
31922
31923
31924
31925
31926
31927
31928
31929
31930
31931
31932
31933
31934
31935
31936
31937
31938
31939
31940
31941
31942
31943
31944
31945
31946
31947
31948
31949
31950
31951
31952
31953
31954
31955
31956
31957
31958
31959
31960
31961
31962
31963
31964
31965
31966
31967
31968
31969
31970
31971
31972
31973
31974
31975
31976
31977
31978
31979
31980
31981
31982
31983
31984
31985
31986
31987
31988
31989
31990
31991
31992
31993
31994
31995
31996
31997
31998
31999
32000
32001
32002
32003
32004
32005
32006
32007
32008
32009
32010
32011
32012
32013
32014
32015
32016
32017
32018
32019
32020
32021
32022
32023
32024
32025
32026
32027
32028
32029
32030
32031
32032
32033
32034
32035
32036
32037
32038
32039
32040
32041
32042
32043
32044
32045
32046
32047
32048
32049
32050
32051
32052
32053
32054
32055
32056
32057
32058
32059
32060
32061
32062
32063
32064
32065
32066
32067
32068
32069
32070
32071
32072
32073
32074
32075
32076
32077
32078
32079
32080
32081
32082
32083
32084
32085
32086
32087
32088
32089
32090
32091
32092
32093
32094
32095
32096
32097
32098
32099
32100
32101
32102
32103
32104
32105
32106
32107
32108
32109
32110
32111
32112
32113
32114
32115
32116
32117
32118
32119
32120
32121
32122
32123
32124
32125
32126
32127
32128
32129
32130
32131
32132
32133
32134
32135
32136
32137
32138
32139
32140
32141
32142
32143
32144
32145
32146
32147
32148
32149
32150
32151
32152
32153
32154
32155
32156
32157
32158
32159
32160
32161
32162
32163
32164
32165
32166
32167
32168
32169
32170
32171
32172
32173
32174
32175
32176
32177
32178
32179
32180
32181
32182
32183
32184
32185
32186
32187
32188
32189
32190
32191
32192
32193
32194
32195
32196
32197
32198
32199
32200
32201
32202
32203
32204
32205
32206
32207
32208
32209
32210
32211
32212
32213
32214
32215
32216
32217
32218
32219
32220
32221
32222
32223
32224
32225
32226
32227
32228
32229
32230
32231
32232
32233
32234
32235
32236
32237
32238
32239
32240
32241
32242
32243
32244
32245
32246
32247
32248
32249
32250
32251
32252
32253
32254
32255
32256
32257
32258
32259
32260
32261
32262
32263
32264
32265
32266
32267
32268
32269
32270
32271
32272
32273
32274
32275
32276
32277
32278
32279
32280
32281
32282
32283
32284
32285
32286
32287
32288
32289
32290
32291
32292
32293
32294
32295
32296
32297
32298
32299
32300
32301
32302
32303
32304
32305
32306
32307
32308
32309
32310
32311
32312
32313
32314
32315
32316
32317
32318
32319
32320
32321
32322
32323
32324
32325
32326
32327
32328
32329
32330
32331
32332
32333
32334
32335
32336
32337
32338
32339
32340
32341
32342
32343
32344
32345
32346
32347
32348
32349
32350
32351
32352
32353
32354
32355
32356
32357
32358
32359
32360
32361
32362
32363
32364
32365
32366
32367
32368
32369
32370
32371
32372
32373
32374
32375
32376
32377
32378
32379
32380
32381
32382
32383
32384
32385
32386
32387
32388
32389
32390
32391
32392
32393
32394
32395
32396
32397
32398
32399
32400
32401
32402
32403
32404
32405
32406
32407
32408
32409
32410
32411
32412
32413
32414
32415
32416
32417
32418
32419
32420
32421
32422
32423
32424
32425
32426
32427
32428
32429
32430
32431
32432
32433
32434
32435
32436
32437
32438
32439
32440
32441
32442
32443
32444
32445
32446
32447
32448
32449
32450
32451
32452
32453
32454
32455
32456
32457
32458
32459
32460
32461
32462
32463
32464
32465
32466
32467
32468
32469
32470
32471
32472
32473
32474
32475
32476
32477
32478
32479
32480
32481
32482
32483
32484
32485
32486
32487
32488
32489
32490
32491
32492
32493
32494
32495
32496
32497
32498
32499
32500
32501
32502
32503
32504
32505
32506
32507
32508
32509
32510
32511
32512
32513
32514
32515
32516
32517
32518
32519
32520
32521
32522
32523
32524
32525
32526
32527
32528
32529
32530
32531
32532
32533
32534
32535
32536
32537
32538
32539
32540
32541
32542
32543
32544
32545
32546
32547
32548
32549
32550
32551
32552
32553
32554
32555
32556
32557
32558
32559
32560
32561
32562
32563
32564
32565
32566
32567
32568
32569
32570
32571
32572
32573
32574
32575
32576
32577
32578
32579
32580
32581
32582
32583
32584
32585
32586
32587
32588
32589
32590
32591
32592
32593
32594
32595
32596
32597
32598
32599
32600
32601
32602
32603
32604
32605
32606
32607
32608
32609
32610
32611
32612
32613
32614
32615
32616
32617
32618
32619
32620
32621
32622
32623
32624
32625
32626
32627
32628
32629
32630
32631
32632
32633
32634
32635
32636
32637
32638
32639
32640
32641
32642
32643
32644
32645
32646
32647
32648
32649
32650
32651
32652
32653
32654
32655
32656
32657
32658
32659
32660
32661
32662
32663
32664
32665
32666
32667
32668
32669
32670
32671
32672
32673
32674
32675
32676
32677
32678
32679
32680
32681
32682
32683
32684
32685
32686
32687
32688
32689
32690
32691
32692
32693
32694
32695
32696
32697
32698
32699
32700
32701
32702
32703
32704
32705
32706
32707
32708
32709
32710
32711
32712
32713
32714
32715
32716
32717
32718
32719
32720
32721
32722
32723
32724
32725
32726
32727
32728
32729
32730
32731
32732
32733
32734
32735
32736
32737
32738
32739
32740
32741
32742
32743
32744
32745
32746
32747
32748
32749
32750
32751
32752
32753
32754
32755
32756
32757
32758
32759
32760
32761
32762
32763
32764
32765
32766
32767
32768
32769
32770
32771
32772
32773
32774
32775
32776
32777
32778
32779
32780
32781
32782
32783
32784
32785
32786
32787
32788
32789
32790
32791
32792
32793
32794
32795
32796
32797
32798
32799
32800
32801
32802
32803
32804
32805
32806
32807
32808
32809
32810
32811
32812
32813
32814
32815
32816
32817
32818
32819
32820
32821
32822
32823
32824
32825
32826
32827
32828
32829
32830
32831
32832
32833
32834
32835
32836
32837
32838
32839
32840
32841
32842
32843
32844
32845
32846
32847
32848
32849
32850
32851
32852
32853
32854
32855
32856
32857
32858
32859
32860
32861
32862
32863
32864
32865
32866
32867
32868
32869
32870
32871
32872
32873
32874
32875
32876
32877
32878
32879
32880
32881
32882
32883
32884
32885
32886
32887
32888
32889
32890
32891
32892
32893
32894
32895
32896
32897
32898
32899
32900
32901
32902
32903
32904
32905
32906
32907
32908
32909
32910
32911
32912
32913
32914
32915
32916
32917
32918
32919
32920
32921
32922
32923
32924
32925
32926
32927
32928
32929
32930
32931
32932
32933
32934
32935
32936
32937
32938
32939
32940
32941
32942
32943
32944
32945
32946
32947
32948
32949
32950
32951
32952
32953
32954
32955
32956
32957
32958
32959
32960
32961
32962
32963
32964
32965
32966
32967
32968
32969
32970
32971
32972
32973
32974
32975
32976
32977
32978
32979
32980
32981
32982
32983
32984
32985
32986
32987
32988
32989
32990
32991
32992
32993
32994
32995
32996
32997
32998
32999
33000
33001
33002
33003
33004
33005
33006
33007
33008
33009
33010
33011
33012
33013
33014
33015
33016
33017
33018
33019
33020
33021
33022
33023
33024
33025
33026
33027
33028
33029
33030
33031
33032
33033
33034
33035
33036
33037
33038
33039
33040
33041
33042
33043
33044
33045
33046
33047
33048
33049
33050
33051
33052
33053
33054
33055
33056
33057
33058
33059
33060
33061
33062
33063
33064
33065
33066
33067
33068
33069
33070
33071
33072
33073
33074
33075
33076
33077
33078
33079
33080
33081
33082
33083
33084
33085
33086
33087
33088
33089
33090
33091
33092
33093
33094
33095
33096
33097
33098
33099
33100
33101
33102
33103
33104
33105
33106
33107
33108
33109
33110
33111
33112
33113
33114
33115
33116
33117
33118
33119
33120
33121
33122
33123
33124
33125
33126
33127
33128
33129
33130
33131
33132
33133
33134
33135
33136
33137
33138
33139
33140
33141
33142
33143
33144
33145
33146
33147
33148
33149
33150
33151
33152
33153
33154
33155
33156
33157
33158
33159
33160
33161
33162
33163
33164
33165
33166
33167
33168
33169
33170
33171
33172
33173
33174
33175
33176
33177
33178
33179
33180
33181
33182
33183
33184
33185
33186
33187
33188
33189
33190
33191
33192
33193
33194
33195
33196
33197
33198
33199
33200
33201
33202
33203
33204
33205
33206
33207
33208
33209
33210
33211
33212
33213
33214
33215
33216
33217
33218
33219
33220
33221
33222
33223
33224
33225
33226
33227
33228
33229
33230
33231
33232
33233
33234
33235
33236
33237
33238
33239
33240
33241
33242
33243
33244
33245
33246
33247
33248
33249
33250
33251
33252
33253
33254
33255
33256
33257
33258
33259
33260
33261
33262
33263
33264
33265
33266
33267
33268
33269
33270
33271
33272
33273
33274
33275
33276
33277
33278
33279
33280
33281
33282
33283
33284
33285
33286
33287
33288
33289
33290
33291
33292
33293
33294
33295
33296
33297
33298
33299
33300
33301
33302
33303
33304
33305
33306
33307
33308
33309
33310
33311
33312
33313
33314
33315
33316
33317
33318
33319
33320
33321
33322
33323
33324
33325
33326
33327
33328
33329
33330
33331
33332
33333
33334
33335
33336
33337
33338
33339
33340
33341
33342
33343
33344
33345
33346
33347
33348
33349
33350
33351
33352
33353
33354
33355
33356
33357
33358
33359
33360
33361
33362
33363
33364
33365
33366
33367
33368
33369
33370
33371
33372
33373
33374
33375
33376
33377
33378
33379
33380
33381
33382
33383
33384
33385
33386
33387
33388
33389
33390
33391
33392
33393
33394
33395
33396
33397
33398
33399
33400
33401
33402
33403
33404
33405
33406
33407
33408
33409
33410
33411
33412
33413
33414
33415
33416
33417
33418
33419
33420
33421
33422
33423
33424
33425
33426
33427
33428
33429
33430
33431
33432
33433
33434
33435
33436
33437
33438
33439
33440
33441
33442
33443
33444
33445
33446
33447
33448
33449
33450
33451
33452
33453
33454
33455
33456
33457
33458
33459
33460
33461
33462
33463
33464
33465
33466
33467
33468
33469
33470
33471
33472
33473
33474
33475
33476
33477
33478
33479
33480
33481
33482
33483
33484
33485
33486
33487
33488
33489
33490
33491
33492
33493
33494
33495
33496
33497
33498
33499
33500
33501
33502
33503
33504
33505
33506
33507
33508
33509
33510
33511
33512
33513
33514
33515
33516
33517
33518
33519
33520
33521
33522
33523
33524
33525
33526
33527
33528
33529
33530
33531
33532
33533
33534
33535
33536
33537
33538
33539
33540
33541
33542
33543
33544
33545
33546
33547
33548
33549
33550
33551
33552
33553
33554
33555
33556
33557
33558
33559
33560
33561
33562
33563
33564
33565
33566
33567
33568
33569
33570
33571
33572
33573
33574
33575
33576
33577
33578
33579
33580
33581
33582
33583
33584
33585
33586
33587
33588
33589
33590
33591
33592
33593
33594
33595
33596
33597
33598
33599
33600
33601
33602
33603
33604
33605
33606
33607
33608
33609
33610
33611
33612
33613
33614
33615
33616
33617
33618
33619
33620
33621
33622
33623
33624
33625
33626
33627
33628
33629
33630
33631
33632
33633
33634
33635
33636
33637
33638
33639
33640
33641
33642
33643
33644
33645
33646
33647
33648
33649
33650
33651
33652
33653
33654
33655
33656
33657
33658
33659
33660
33661
33662
33663
33664
33665
33666
33667
33668
33669
33670
33671
33672
33673
33674
33675
33676
33677
33678
33679
33680
33681
33682
33683
33684
33685
33686
33687
33688
33689
33690
33691
33692
33693
33694
33695
33696
33697
33698
33699
33700
33701
33702
33703
33704
33705
33706
33707
33708
33709
33710
33711
33712
33713
33714
33715
33716
33717
33718
33719
33720
33721
33722
33723
33724
33725
33726
33727
33728
33729
33730
33731
33732
33733
33734
33735
33736
33737
33738
33739
33740
33741
33742
33743
33744
33745
33746
33747
33748
33749
33750
33751
33752
33753
33754
33755
33756
33757
33758
33759
33760
33761
33762
33763
33764
33765
33766
33767
33768
33769
33770
33771
33772
33773
33774
33775
33776
33777
33778
33779
33780
33781
33782
33783
33784
33785
33786
33787
33788
33789
33790
33791
33792
33793
33794
33795
33796
33797
33798
33799
33800
33801
33802
33803
33804
33805
33806
33807
33808
33809
33810
33811
33812
33813
33814
33815
33816
33817
33818
33819
33820
33821
33822
33823
33824
33825
33826
33827
33828
33829
33830
33831
33832
33833
33834
33835
33836
33837
33838
33839
33840
33841
33842
33843
33844
33845
33846
33847
33848
33849
33850
33851
33852
33853
33854
33855
33856
33857
33858
33859
33860
33861
33862
33863
33864
33865
33866
33867
33868
33869
33870
33871
33872
33873
33874
33875
33876
33877
33878
33879
33880
33881
33882
33883
33884
33885
33886
33887
33888
33889
33890
33891
33892
33893
33894
33895
33896
33897
33898
33899
33900
33901
33902
33903
33904
33905
33906
33907
33908
33909
33910
33911
33912
33913
33914
33915
33916
33917
33918
33919
33920
33921
33922
33923
33924
33925
33926
33927
33928
33929
33930
33931
33932
33933
33934
33935
33936
33937
33938
33939
33940
33941
33942
33943
33944
33945
33946
33947
33948
33949
33950
33951
33952
33953
33954
33955
33956
33957
33958
33959
33960
33961
33962
33963
33964
33965
33966
33967
33968
33969
33970
33971
33972
33973
33974
33975
33976
33977
33978
33979
33980
33981
33982
33983
33984
33985
33986
33987
33988
33989
33990
33991
33992
33993
33994
33995
33996
33997
33998
33999
34000
34001
34002
34003
34004
34005
34006
34007
34008
34009
34010
34011
34012
34013
34014
34015
34016
34017
34018
34019
34020
34021
34022
34023
34024
34025
34026
34027
34028
34029
34030
34031
34032
34033
34034
34035
34036
34037
34038
34039
34040
34041
34042
34043
34044
34045
34046
34047
34048
34049
34050
34051
34052
34053
34054
34055
34056
34057
34058
34059
34060
34061
34062
34063
34064
34065
34066
34067
34068
34069
34070
34071
34072
34073
34074
34075
34076
34077
34078
34079
34080
34081
34082
34083
34084
34085
34086
34087
34088
34089
34090
34091
34092
34093
34094
34095
34096
34097
34098
34099
34100
34101
34102
34103
34104
34105
34106
34107
34108
34109
34110
34111
34112
34113
34114
34115
34116
34117
34118
34119
34120
34121
34122
34123
34124
34125
34126
34127
34128
34129
34130
34131
34132
34133
34134
34135
34136
34137
34138
34139
34140
34141
34142
34143
34144
34145
34146
34147
34148
34149
34150
34151
34152
34153
34154
34155
34156
34157
34158
34159
34160
34161
34162
34163
34164
34165
34166
34167
34168
34169
34170
34171
34172
34173
34174
34175
34176
34177
34178
34179
34180
34181
34182
34183
34184
34185
34186
34187
34188
34189
34190
34191
34192
34193
34194
34195
34196
34197
34198
34199
34200
34201
34202
34203
34204
34205
34206
34207
34208
34209
34210
34211
34212
34213
34214
34215
34216
34217
34218
34219
34220
34221
34222
34223
34224
34225
34226
34227
34228
34229
34230
34231
34232
34233
34234
34235
34236
34237
34238
34239
34240
34241
34242
34243
34244
34245
34246
34247
34248
34249
34250
34251
34252
34253
34254
34255
34256
34257
34258
34259
34260
34261
34262
34263
34264
34265
34266
34267
34268
34269
34270
34271
34272
34273
34274
34275
34276
34277
34278
34279
34280
34281
34282
34283
34284
34285
34286
34287
34288
34289
34290
34291
34292
34293
34294
34295
34296
34297
34298
34299
34300
34301
34302
34303
34304
34305
34306
34307
34308
34309
34310
34311
34312
34313
34314
34315
34316
34317
34318
34319
34320
34321
34322
34323
34324
34325
34326
34327
34328
34329
34330
34331
34332
34333
34334
34335
34336
34337
34338
34339
34340
34341
34342
34343
34344
34345
34346
34347
34348
34349
34350
34351
34352
34353
34354
34355
34356
34357
34358
34359
34360
34361
34362
34363
34364
34365
34366
34367
34368
34369
34370
34371
34372
34373
34374
34375
34376
34377
34378
34379
34380
34381
34382
34383
34384
34385
34386
34387
34388
34389
34390
34391
34392
34393
34394
34395
34396
34397
34398
34399
34400
34401
34402
34403
34404
34405
34406
34407
34408
34409
34410
34411
34412
34413
34414
34415
34416
34417
34418
34419
34420
34421
34422
34423
34424
34425
34426
34427
34428
34429
34430
34431
34432
34433
34434
34435
34436
34437
34438
34439
34440
34441
34442
34443
34444
34445
34446
34447
34448
34449
34450
34451
34452
34453
34454
34455
34456
34457
34458
34459
34460
34461
34462
34463
34464
34465
34466
34467
34468
34469
34470
34471
34472
34473
34474
34475
34476
34477
34478
34479
34480
34481
34482
34483
34484
34485
34486
34487
34488
34489
34490
34491
34492
34493
34494
34495
34496
34497
34498
34499
34500
34501
34502
34503
34504
34505
34506
34507
34508
34509
34510
34511
34512
34513
34514
34515
34516
34517
34518
34519
34520
34521
34522
34523
34524
34525
34526
34527
34528
34529
34530
34531
34532
34533
34534
34535
34536
34537
34538
34539
34540
34541
34542
34543
34544
34545
34546
34547
34548
34549
34550
34551
34552
34553
34554
34555
34556
34557
34558
34559
34560
34561
34562
34563
34564
34565
34566
34567
34568
34569
34570
34571
34572
34573
34574
34575
34576
34577
34578
34579
34580
34581
34582
34583
34584
34585
34586
34587
34588
34589
34590
34591
34592
34593
34594
34595
34596
34597
34598
34599
34600
34601
34602
34603
34604
34605
34606
34607
34608
34609
34610
34611
34612
34613
34614
34615
34616
34617
34618
34619
34620
34621
34622
34623
34624
34625
34626
34627
34628
34629
34630
34631
34632
34633
34634
34635
34636
34637
34638
34639
34640
34641
34642
34643
34644
34645
34646
34647
34648
34649
34650
34651
34652
34653
34654
34655
34656
34657
34658
34659
34660
34661
34662
34663
34664
34665
34666
34667
34668
34669
34670
34671
34672
34673
34674
34675
34676
34677
34678
34679
34680
34681
34682
34683
34684
34685
34686
34687
34688
34689
34690
34691
34692
34693
34694
34695
34696
34697
34698
34699
34700
34701
34702
34703
34704
34705
34706
34707
34708
34709
34710
34711
34712
34713
34714
34715
34716
34717
34718
34719
34720
34721
34722
34723
34724
34725
34726
34727
34728
34729
34730
34731
34732
34733
34734
34735
34736
34737
34738
34739
34740
34741
34742
34743
34744
34745
34746
34747
34748
34749
34750
34751
34752
34753
34754
34755
34756
34757
34758
34759
34760
34761
34762
34763
34764
34765
34766
34767
34768
34769
34770
34771
34772
34773
34774
34775
34776
34777
34778
34779
34780
34781
34782
34783
34784
34785
34786
34787
34788
34789
34790
34791
34792
34793
34794
34795
34796
34797
34798
34799
34800
34801
34802
34803
34804
34805
34806
34807
34808
34809
34810
34811
34812
34813
34814
34815
34816
34817
34818
34819
34820
34821
34822
34823
34824
34825
34826
34827
34828
34829
34830
34831
34832
34833
34834
34835
34836
34837
34838
34839
34840
34841
34842
34843
34844
34845
34846
34847
34848
34849
34850
34851
34852
34853
34854
34855
34856
34857
34858
34859
34860
34861
34862
34863
34864
34865
34866
34867
34868
34869
34870
34871
34872
34873
34874
34875
34876
34877
34878
34879
34880
34881
34882
34883
34884
34885
34886
34887
34888
34889
34890
34891
34892
34893
34894
34895
34896
34897
34898
34899
34900
34901
34902
34903
34904
34905
34906
34907
34908
34909
34910
34911
34912
34913
34914
34915
34916
34917
34918
34919
34920
34921
34922
34923
34924
34925
34926
34927
34928
34929
34930
34931
34932
34933
34934
34935
34936
34937
34938
34939
34940
34941
34942
34943
34944
34945
34946
34947
34948
34949
34950
34951
34952
34953
34954
34955
34956
34957
34958
34959
34960
34961
34962
34963
34964
34965
34966
34967
34968
34969
34970
34971
34972
34973
34974
34975
34976
34977
34978
34979
34980
34981
34982
34983
34984
34985
34986
34987
34988
34989
34990
34991
34992
34993
34994
34995
34996
34997
34998
34999
35000
35001
35002
35003
35004
35005
35006
35007
35008
35009
35010
35011
35012
35013
35014
35015
35016
35017
35018
35019
35020
35021
35022
35023
35024
35025
35026
35027
35028
35029
35030
35031
35032
35033
35034
35035
35036
35037
35038
35039
35040
35041
35042
35043
35044
35045
35046
35047
35048
35049
35050
35051
35052
35053
35054
35055
35056
35057
35058
35059
35060
35061
35062
35063
35064
35065
35066
35067
35068
35069
35070
35071
35072
35073
35074
35075
35076
35077
35078
35079
35080
35081
35082
35083
35084
35085
35086
35087
35088
35089
35090
35091
35092
35093
35094
35095
35096
35097
35098
35099
35100
35101
35102
35103
35104
35105
35106
35107
35108
35109
35110
35111
35112
35113
35114
35115
35116
35117
35118
35119
35120
35121
35122
35123
35124
35125
35126
35127
35128
35129
35130
35131
35132
35133
35134
35135
35136
35137
35138
35139
35140
35141
35142
35143
35144
35145
35146
35147
35148
35149
35150
35151
35152
35153
35154
35155
35156
35157
35158
35159
35160
35161
35162
35163
35164
35165
35166
35167
35168
35169
35170
35171
35172
35173
35174
35175
35176
35177
35178
35179
35180
35181
35182
35183
35184
35185
35186
35187
35188
35189
35190
35191
35192
35193
35194
35195
35196
35197
35198
35199
35200
35201
35202
35203
35204
35205
35206
35207
35208
35209
35210
35211
35212
35213
35214
35215
35216
35217
35218
35219
35220
35221
35222
35223
35224
35225
35226
35227
35228
35229
35230
35231
35232
35233
35234
35235
35236
35237
35238
35239
35240
35241
35242
35243
35244
35245
35246
35247
35248
35249
35250
35251
35252
35253
35254
35255
35256
35257
35258
35259
35260
35261
35262
35263
35264
35265
35266
35267
35268
35269
35270
35271
35272
35273
35274
35275
35276
35277
35278
35279
35280
35281
35282
35283
35284
35285
35286
35287
35288
35289
35290
35291
35292
35293
35294
35295
35296
35297
35298
35299
35300
35301
35302
35303
35304
35305
35306
35307
35308
35309
35310
35311
35312
35313
35314
35315
35316
35317
35318
35319
35320
35321
35322
35323
35324
35325
35326
35327
35328
35329
35330
35331
35332
35333
35334
35335
35336
35337
35338
35339
35340
35341
35342
35343
35344
35345
35346
35347
35348
35349
35350
35351
35352
35353
35354
35355
35356
35357
35358
35359
35360
35361
35362
35363
35364
35365
35366
35367
35368
35369
35370
35371
35372
35373
35374
35375
35376
35377
35378
35379
35380
35381
35382
35383
35384
35385
35386
35387
35388
35389
35390
35391
35392
35393
35394
35395
35396
35397
35398
35399
35400
35401
35402
35403
35404
35405
35406
35407
35408
35409
35410
35411
35412
35413
35414
35415
35416
35417
35418
35419
35420
35421
35422
35423
35424
35425
35426
35427
35428
35429
35430
35431
35432
35433
35434
35435
35436
35437
35438
35439
35440
35441
35442
35443
35444
35445
35446
35447
35448
35449
35450
35451
35452
35453
35454
35455
35456
35457
35458
35459
35460
35461
35462
35463
35464
35465
35466
35467
35468
35469
35470
35471
35472
35473
35474
35475
35476
35477
35478
35479
35480
35481
35482
35483
35484
35485
35486
35487
35488
35489
35490
35491
35492
35493
35494
35495
35496
35497
35498
35499
35500
35501
35502
35503
35504
35505
35506
35507
35508
35509
35510
35511
35512
35513
35514
35515
35516
35517
35518
35519
35520
35521
35522
35523
35524
35525
35526
35527
35528
35529
35530
35531
35532
35533
35534
35535
35536
35537
35538
35539
35540
35541
35542
35543
35544
35545
35546
35547
35548
35549
35550
35551
35552
35553
35554
35555
35556
35557
35558
35559
35560
35561
35562
35563
35564
35565
35566
35567
35568
35569
35570
35571
35572
35573
35574
35575
35576
35577
35578
35579
35580
35581
35582
35583
35584
35585
35586
35587
35588
35589
35590
35591
35592
35593
35594
35595
35596
35597
35598
35599
35600
35601
35602
35603
35604
35605
35606
35607
35608
35609
35610
35611
35612
35613
35614
35615
35616
35617
35618
35619
35620
35621
35622
35623
35624
35625
35626
35627
35628
35629
35630
35631
35632
35633
35634
35635
35636
35637
35638
35639
35640
35641
35642
35643
35644
35645
35646
35647
35648
35649
35650
35651
35652
35653
35654
35655
35656
35657
35658
35659
35660
35661
35662
35663
35664
35665
35666
35667
35668
35669
35670
35671
35672
35673
35674
35675
35676
35677
35678
35679
35680
35681
35682
35683
35684
35685
35686
35687
35688
35689
35690
35691
35692
35693
35694
35695
35696
35697
35698
35699
35700
35701
35702
35703
35704
35705
35706
35707
35708
35709
35710
35711
35712
35713
35714
35715
35716
35717
35718
35719
35720
35721
35722
35723
35724
35725
35726
35727
35728
35729
35730
35731
35732
35733
35734
35735
35736
35737
35738
35739
35740
35741
35742
35743
35744
35745
35746
35747
35748
35749
35750
35751
35752
35753
35754
35755
35756
35757
35758
35759
35760
35761
35762
35763
35764
35765
35766
35767
35768
35769
35770
35771
35772
35773
35774
35775
35776
35777
35778
35779
35780
35781
35782
35783
35784
35785
35786
35787
35788
35789
35790
35791
35792
35793
35794
35795
35796
35797
35798
35799
35800
35801
35802
35803
35804
35805
35806
35807
35808
35809
35810
35811
35812
35813
35814
35815
35816
35817
35818
35819
35820
35821
35822
35823
35824
35825
35826
35827
35828
35829
35830
35831
35832
35833
35834
35835
35836
35837
35838
35839
35840
35841
35842
35843
35844
35845
35846
35847
35848
35849
35850
35851
35852
35853
35854
35855
35856
35857
35858
35859
35860
35861
35862
35863
35864
35865
35866
35867
35868
35869
35870
35871
35872
35873
35874
35875
35876
35877
35878
35879
35880
35881
35882
35883
35884
35885
35886
35887
35888
35889
35890
35891
35892
35893
35894
35895
35896
35897
35898
35899
35900
35901
35902
35903
35904
35905
35906
35907
35908
35909
35910
35911
35912
35913
35914
35915
35916
35917
35918
35919
35920
35921
35922
35923
35924
35925
35926
35927
35928
35929
35930
35931
35932
35933
35934
35935
35936
35937
35938
35939
35940
35941
35942
35943
35944
35945
35946
35947
35948
35949
35950
35951
35952
35953
35954
35955
35956
35957
35958
35959
35960
35961
35962
35963
35964
35965
35966
35967
35968
35969
35970
35971
35972
35973
35974
35975
35976
35977
35978
35979
35980
35981
35982
35983
35984
35985
35986
35987
35988
35989
35990
35991
35992
35993
35994
35995
35996
35997
35998
35999
36000
36001
36002
36003
36004
36005
36006
36007
36008
36009
36010
36011
36012
36013
36014
36015
36016
36017
36018
36019
36020
36021
36022
36023
36024
36025
36026
36027
36028
36029
36030
36031
36032
36033
36034
36035
36036
36037
36038
36039
36040
36041
36042
36043
36044
36045
36046
36047
36048
36049
36050
36051
36052
36053
36054
36055
36056
36057
36058
36059
36060
36061
36062
36063
36064
36065
36066
36067
36068
36069
36070
36071
36072
36073
36074
36075
36076
36077
36078
36079
36080
36081
36082
36083
36084
36085
36086
36087
36088
36089
36090
36091
36092
36093
36094
36095
36096
36097
36098
36099
36100
36101
36102
36103
36104
36105
36106
36107
36108
36109
36110
36111
36112
36113
36114
36115
36116
36117
36118
36119
36120
36121
36122
36123
36124
36125
36126
36127
36128
36129
36130
36131
36132
36133
36134
36135
36136
36137
36138
36139
36140
36141
36142
36143
36144
36145
36146
36147
36148
36149
36150
36151
36152
36153
36154
36155
36156
36157
36158
36159
36160
36161
36162
36163
36164
36165
36166
36167
36168
36169
36170
36171
36172
36173
36174
36175
36176
36177
36178
36179
36180
36181
36182
36183
36184
36185
36186
36187
36188
36189
36190
36191
36192
36193
36194
36195
36196
36197
36198
36199
36200
36201
36202
36203
36204
36205
36206
36207
36208
36209
36210
36211
36212
36213
36214
36215
36216
36217
36218
36219
36220
36221
36222
36223
36224
36225
36226
36227
36228
36229
36230
36231
36232
36233
36234
36235
36236
36237
36238
36239
36240
36241
36242
36243
36244
36245
36246
36247
36248
36249
36250
36251
36252
36253
36254
36255
36256
36257
36258
36259
36260
36261
36262
36263
36264
36265
36266
36267
36268
36269
36270
36271
36272
36273
36274
36275
36276
36277
36278
36279
36280
36281
36282
36283
36284
36285
36286
36287
36288
36289
36290
36291
36292
36293
36294
36295
36296
36297
36298
36299
36300
36301
36302
36303
36304
36305
36306
36307
36308
36309
36310
36311
36312
36313
36314
36315
36316
36317
36318
36319
36320
36321
36322
36323
36324
36325
36326
36327
36328
36329
36330
36331
36332
36333
36334
36335
36336
36337
36338
36339
36340
36341
36342
36343
36344
36345
36346
36347
36348
36349
36350
36351
36352
36353
36354
36355
36356
36357
36358
36359
36360
36361
36362
36363
36364
36365
36366
36367
36368
36369
36370
36371
36372
36373
36374
36375
36376
36377
36378
36379
36380
36381
36382
36383
36384
36385
36386
36387
36388
36389
36390
36391
36392
36393
36394
36395
36396
36397
36398
36399
36400
36401
36402
36403
36404
36405
36406
36407
36408
36409
36410
36411
36412
36413
36414
36415
36416
36417
36418
36419
36420
36421
36422
36423
36424
36425
36426
36427
36428
36429
36430
36431
36432
36433
36434
36435
36436
36437
36438
36439
36440
36441
36442
36443
36444
36445
36446
36447
36448
36449
36450
36451
36452
36453
36454
36455
36456
36457
36458
36459
36460
36461
36462
36463
36464
36465
36466
36467
36468
36469
36470
36471
36472
36473
36474
36475
36476
36477
36478
36479
36480
36481
36482
36483
36484
36485
36486
36487
36488
36489
36490
36491
36492
36493
36494
36495
36496
36497
36498
36499
36500
36501
36502
36503
36504
36505
36506
36507
36508
36509
36510
36511
36512
36513
36514
36515
36516
36517
36518
36519
36520
36521
36522
36523
36524
36525
36526
36527
36528
36529
36530
36531
36532
36533
36534
36535
36536
36537
36538
36539
36540
36541
36542
36543
36544
36545
36546
36547
36548
36549
36550
36551
36552
36553
36554
36555
36556
36557
36558
36559
36560
36561
36562
36563
36564
36565
36566
36567
36568
36569
36570
36571
36572
36573
36574
36575
36576
36577
36578
36579
36580
36581
36582
36583
36584
36585
36586
36587
36588
36589
36590
36591
36592
36593
36594
36595
36596
36597
36598
36599
36600
36601
36602
36603
36604
36605
36606
36607
36608
36609
36610
36611
36612
36613
36614
36615
36616
36617
36618
36619
36620
36621
36622
36623
36624
36625
36626
36627
36628
36629
36630
36631
36632
36633
36634
36635
36636
36637
36638
36639
36640
36641
36642
36643
36644
36645
36646
36647
36648
36649
36650
36651
36652
36653
36654
36655
36656
36657
36658
36659
36660
36661
36662
36663
36664
36665
36666
36667
36668
36669
36670
36671
36672
36673
36674
36675
36676
36677
36678
36679
36680
36681
36682
36683
36684
36685
36686
36687
36688
36689
36690
36691
36692
36693
36694
36695
36696
36697
36698
36699
36700
36701
36702
36703
36704
36705
36706
36707
36708
36709
36710
36711
36712
36713
36714
36715
36716
36717
36718
36719
36720
36721
36722
36723
36724
36725
36726
36727
36728
36729
36730
36731
36732
36733
36734
36735
36736
36737
36738
36739
36740
36741
36742
36743
36744
36745
36746
36747
36748
36749
36750
36751
36752
36753
36754
36755
36756
36757
36758
36759
36760
36761
36762
36763
36764
36765
36766
36767
36768
36769
36770
36771
36772
36773
36774
36775
36776
36777
36778
36779
36780
36781
36782
36783
36784
36785
36786
36787
36788
36789
36790
36791
36792
36793
36794
36795
36796
36797
36798
36799
36800
36801
36802
36803
36804
36805
36806
36807
36808
36809
36810
36811
36812
36813
36814
36815
36816
36817
36818
36819
36820
36821
36822
36823
36824
36825
36826
36827
36828
36829
36830
36831
36832
36833
36834
36835
36836
36837
36838
36839
36840
36841
36842
36843
36844
36845
36846
36847
36848
36849
36850
36851
36852
36853
36854
36855
36856
36857
36858
36859
36860
36861
36862
36863
36864
36865
36866
36867
36868
36869
36870
36871
36872
36873
36874
36875
36876
36877
36878
36879
36880
36881
36882
36883
36884
36885
36886
36887
36888
36889
36890
36891
36892
36893
36894
36895
36896
36897
36898
36899
36900
36901
36902
36903
36904
36905
36906
36907
36908
36909
36910
36911
36912
36913
36914
36915
36916
36917
36918
36919
36920
36921
36922
36923
36924
36925
36926
36927
36928
36929
36930
36931
36932
36933
36934
36935
36936
36937
36938
36939
36940
36941
36942
36943
36944
36945
36946
36947
36948
36949
36950
36951
36952
36953
36954
36955
36956
36957
36958
36959
36960
36961
36962
36963
36964
36965
36966
36967
36968
36969
36970
36971
36972
36973
36974
36975
36976
36977
36978
36979
36980
36981
36982
36983
36984
36985
36986
36987
36988
36989
36990
36991
36992
36993
36994
36995
36996
36997
36998
36999
37000
37001
37002
37003
37004
37005
37006
37007
37008
37009
37010
37011
37012
37013
37014
37015
37016
37017
37018
37019
37020
37021
37022
37023
37024
37025
37026
37027
37028
37029
37030
37031
37032
37033
37034
37035
37036
37037
37038
37039
37040
37041
37042
37043
37044
37045
37046
37047
37048
37049
37050
37051
37052
37053
37054
37055
37056
37057
37058
37059
37060
37061
37062
37063
37064
37065
37066
37067
37068
37069
37070
37071
37072
37073
37074
37075
37076
37077
37078
37079
37080
37081
37082
37083
37084
37085
37086
37087
37088
37089
37090
37091
37092
37093
37094
37095
37096
37097
37098
37099
37100
37101
37102
37103
37104
37105
37106
37107
37108
37109
37110
37111
37112
37113
37114
37115
37116
37117
37118
37119
37120
37121
37122
37123
37124
37125
37126
37127
37128
37129
37130
37131
37132
37133
37134
37135
37136
37137
37138
37139
37140
37141
37142
37143
37144
37145
37146
37147
37148
37149
37150
37151
37152
37153
37154
37155
37156
37157
37158
37159
37160
37161
37162
37163
37164
37165
37166
37167
37168
37169
37170
37171
37172
37173
37174
37175
37176
37177
37178
37179
37180
37181
37182
37183
37184
37185
37186
37187
37188
37189
37190
37191
37192
37193
37194
37195
37196
37197
37198
37199
37200
37201
37202
37203
37204
37205
37206
37207
37208
37209
37210
37211
37212
37213
37214
37215
37216
37217
37218
37219
37220
37221
37222
37223
37224
37225
37226
37227
37228
37229
37230
37231
37232
37233
37234
37235
37236
37237
37238
37239
37240
37241
37242
37243
37244
37245
37246
37247
37248
37249
37250
37251
37252
37253
37254
37255
37256
37257
37258
37259
37260
37261
37262
37263
37264
37265
37266
37267
37268
37269
37270
37271
37272
37273
37274
37275
37276
37277
37278
37279
37280
37281
37282
37283
37284
37285
37286
37287
37288
37289
37290
37291
37292
37293
37294
37295
37296
37297
37298
37299
37300
37301
37302
37303
37304
37305
37306
37307
37308
37309
37310
37311
37312
37313
37314
37315
37316
37317
37318
37319
37320
37321
37322
37323
37324
37325
37326
37327
37328
37329
37330
37331
37332
37333
37334
37335
37336
37337
37338
37339
37340
37341
37342
37343
37344
37345
37346
37347
37348
37349
37350
37351
37352
37353
37354
37355
37356
37357
37358
37359
37360
37361
37362
37363
37364
37365
37366
37367
37368
37369
37370
37371
37372
37373
37374
37375
37376
37377
37378
37379
37380
37381
37382
37383
37384
37385
37386
37387
37388
37389
37390
37391
37392
37393
37394
37395
37396
37397
37398
37399
37400
37401
37402
37403
37404
37405
37406
37407
37408
37409
37410
37411
37412
37413
37414
37415
37416
37417
37418
37419
37420
37421
37422
37423
37424
37425
37426
37427
37428
37429
37430
37431
37432
37433
37434
37435
37436
37437
37438
37439
37440
37441
37442
37443
37444
37445
37446
37447
37448
37449
37450
37451
37452
37453
37454
37455
37456
37457
37458
37459
37460
37461
37462
37463
37464
37465
37466
37467
37468
37469
37470
37471
37472
37473
37474
37475
37476
37477
37478
37479
37480
37481
37482
37483
37484
37485
37486
37487
37488
37489
37490
37491
37492
37493
37494
37495
37496
37497
37498
37499
37500
37501
37502
37503
37504
37505
37506
37507
37508
37509
37510
37511
37512
37513
37514
37515
37516
37517
37518
37519
37520
37521
37522
37523
37524
37525
37526
37527
37528
37529
37530
37531
37532
37533
37534
37535
37536
37537
37538
37539
37540
37541
37542
37543
37544
37545
37546
37547
37548
37549
37550
37551
37552
37553
37554
37555
37556
37557
37558
37559
37560
37561
37562
37563
37564
37565
37566
37567
37568
37569
37570
37571
37572
37573
37574
37575
37576
37577
37578
37579
37580
37581
37582
37583
37584
37585
37586
37587
37588
37589
37590
37591
37592
37593
37594
37595
37596
37597
37598
37599
37600
37601
37602
37603
37604
37605
37606
37607
37608
37609
37610
37611
37612
37613
37614
37615
37616
37617
37618
37619
37620
37621
37622
37623
37624
37625
37626
37627
37628
37629
37630
37631
37632
37633
37634
37635
37636
37637
37638
37639
37640
37641
37642
37643
37644
37645
37646
37647
37648
37649
37650
37651
37652
37653
37654
37655
37656
37657
37658
37659
37660
37661
37662
37663
37664
37665
37666
37667
37668
37669
37670
37671
37672
37673
37674
37675
37676
37677
37678
37679
37680
37681
37682
37683
37684
37685
37686
37687
37688
37689
37690
37691
37692
37693
37694
37695
37696
37697
37698
37699
37700
37701
37702
37703
37704
37705
37706
37707
37708
37709
37710
37711
37712
37713
37714
37715
37716
37717
37718
37719
37720
37721
37722
37723
37724
37725
37726
37727
37728
37729
37730
37731
37732
37733
37734
37735
37736
37737
37738
37739
37740
37741
37742
37743
37744
37745
37746
37747
37748
37749
37750
37751
37752
37753
37754
37755
37756
37757
37758
37759
37760
37761
37762
37763
37764
37765
37766
37767
37768
37769
37770
37771
37772
37773
37774
37775
37776
37777
37778
37779
37780
37781
37782
37783
37784
37785
37786
37787
37788
37789
37790
37791
37792
37793
37794
37795
37796
37797
37798
37799
37800
37801
37802
37803
37804
37805
37806
37807
37808
37809
37810
37811
37812
37813
37814
37815
37816
37817
37818
37819
37820
37821
37822
37823
37824
37825
37826
37827
37828
37829
37830
37831
37832
37833
37834
37835
37836
37837
37838
37839
37840
37841
37842
37843
37844
37845
37846
37847
37848
37849
37850
37851
37852
37853
37854
37855
37856
37857
37858
37859
37860
37861
37862
37863
37864
37865
37866
37867
37868
37869
37870
37871
37872
37873
37874
37875
37876
37877
37878
37879
37880
37881
37882
37883
37884
37885
37886
37887
37888
37889
37890
37891
37892
37893
37894
37895
37896
37897
37898
37899
37900
37901
37902
37903
37904
37905
37906
37907
37908
37909
37910
37911
37912
37913
37914
37915
37916
37917
37918
37919
37920
37921
37922
37923
37924
37925
37926
37927
37928
37929
37930
37931
37932
37933
37934
37935
37936
37937
37938
37939
37940
37941
37942
37943
37944
37945
37946
37947
37948
37949
37950
37951
37952
37953
37954
37955
37956
37957
37958
37959
37960
37961
37962
37963
37964
37965
37966
37967
37968
37969
37970
37971
37972
37973
37974
37975
37976
37977
37978
37979
37980
37981
37982
37983
37984
37985
37986
37987
37988
37989
37990
37991
37992
37993
37994
37995
37996
37997
37998
37999
38000
38001
38002
38003
38004
38005
38006
38007
38008
38009
38010
38011
38012
38013
38014
38015
38016
38017
38018
38019
38020
38021
38022
38023
38024
38025
38026
38027
38028
38029
38030
38031
38032
38033
38034
38035
38036
38037
38038
38039
38040
38041
38042
38043
38044
38045
38046
38047
38048
38049
38050
38051
38052
38053
38054
38055
38056
38057
38058
38059
38060
38061
38062
38063
38064
38065
38066
38067
38068
38069
38070
38071
38072
38073
38074
38075
38076
38077
38078
38079
38080
38081
38082
38083
38084
38085
38086
38087
38088
38089
38090
38091
38092
38093
38094
38095
38096
38097
38098
38099
38100
38101
38102
38103
38104
38105
38106
38107
38108
38109
38110
38111
38112
38113
38114
38115
38116
38117
38118
38119
38120
38121
38122
38123
38124
38125
38126
38127
38128
38129
38130
38131
38132
38133
38134
38135
38136
38137
38138
38139
38140
38141
38142
38143
38144
38145
38146
38147
38148
38149
38150
38151
38152
38153
38154
38155
38156
38157
38158
38159
38160
38161
38162
38163
38164
38165
38166
38167
38168
38169
38170
38171
38172
38173
38174
38175
38176
38177
38178
38179
38180
38181
38182
38183
38184
38185
38186
38187
38188
38189
38190
38191
38192
38193
38194
38195
38196
38197
38198
38199
38200
38201
38202
38203
38204
38205
38206
38207
38208
38209
38210
38211
38212
38213
38214
38215
38216
38217
38218
38219
38220
38221
38222
38223
38224
38225
38226
38227
38228
38229
38230
38231
38232
38233
38234
38235
38236
38237
38238
38239
38240
38241
38242
38243
38244
38245
38246
38247
38248
38249
38250
38251
38252
38253
38254
38255
38256
38257
38258
38259
38260
38261
38262
38263
38264
38265
38266
38267
38268
38269
38270
38271
38272
38273
38274
38275
38276
38277
38278
38279
38280
38281
38282
38283
38284
38285
38286
38287
38288
38289
38290
38291
38292
38293
38294
38295
38296
38297
38298
38299
38300
38301
38302
38303
38304
38305
38306
38307
38308
38309
38310
38311
38312
38313
38314
38315
38316
38317
38318
38319
38320
38321
38322
38323
38324
38325
38326
38327
38328
38329
38330
38331
38332
38333
38334
38335
38336
38337
38338
38339
38340
38341
38342
38343
38344
38345
38346
38347
38348
38349
38350
38351
38352
38353
38354
38355
38356
38357
38358
38359
38360
38361
38362
38363
38364
38365
38366
38367
38368
38369
38370
38371
38372
38373
38374
38375
38376
38377
38378
38379
38380
38381
38382
38383
38384
38385
38386
38387
38388
38389
38390
38391
38392
38393
38394
38395
38396
38397
38398
38399
38400
38401
38402
38403
38404
38405
38406
38407
38408
38409
38410
38411
38412
38413
38414
38415
38416
38417
38418
38419
38420
38421
38422
38423
38424
38425
38426
38427
38428
38429
38430
38431
38432
38433
38434
38435
38436
38437
38438
38439
38440
38441
38442
38443
38444
38445
38446
38447
38448
38449
38450
38451
38452
38453
38454
38455
38456
38457
38458
38459
38460
38461
38462
38463
38464
38465
38466
38467
38468
38469
38470
38471
38472
38473
38474
38475
38476
38477
38478
38479
38480
38481
38482
38483
38484
38485
38486
38487
38488
38489
38490
38491
38492
38493
38494
38495
38496
38497
38498
38499
38500
38501
38502
38503
38504
38505
38506
38507
38508
38509
38510
38511
38512
38513
38514
38515
38516
38517
38518
38519
38520
38521
38522
38523
38524
38525
38526
38527
38528
38529
38530
38531
38532
38533
38534
38535
38536
38537
38538
38539
38540
38541
38542
38543
38544
38545
38546
38547
38548
38549
38550
38551
38552
38553
38554
38555
38556
38557
38558
38559
38560
38561
38562
38563
38564
38565
38566
38567
38568
38569
38570
38571
38572
38573
38574
38575
38576
38577
38578
38579
38580
38581
38582
38583
38584
38585
38586
38587
38588
38589
38590
38591
38592
38593
38594
38595
38596
38597
38598
38599
38600
38601
38602
38603
38604
38605
38606
38607
38608
38609
38610
38611
38612
38613
38614
38615
38616
38617
38618
38619
38620
38621
38622
38623
38624
38625
38626
38627
38628
38629
38630
38631
38632
38633
38634
38635
38636
38637
38638
38639
38640
38641
38642
38643
38644
38645
38646
38647
38648
38649
38650
38651
38652
38653
38654
38655
38656
38657
38658
38659
38660
38661
38662
38663
38664
38665
38666
38667
38668
38669
38670
38671
38672
38673
38674
38675
38676
38677
38678
38679
38680
38681
38682
38683
38684
38685
38686
38687
38688
38689
38690
38691
38692
38693
38694
38695
38696
38697
38698
38699
38700
38701
38702
38703
38704
38705
38706
38707
38708
38709
38710
38711
38712
38713
38714
38715
38716
38717
38718
38719
38720
38721
38722
38723
38724
38725
38726
38727
38728
38729
38730
38731
38732
38733
38734
38735
38736
38737
38738
38739
38740
38741
38742
38743
38744
38745
38746
38747
38748
38749
38750
38751
38752
38753
38754
38755
38756
38757
38758
38759
38760
38761
38762
38763
38764
38765
38766
38767
38768
38769
38770
38771
38772
38773
38774
38775
38776
38777
38778
38779
38780
38781
38782
38783
38784
38785
38786
38787
38788
38789
38790
38791
38792
38793
38794
38795
38796
38797
38798
38799
38800
38801
38802
38803
38804
38805
38806
38807
38808
38809
38810
38811
38812
38813
38814
38815
38816
38817
38818
38819
38820
38821
38822
38823
38824
38825
38826
38827
38828
38829
38830
38831
38832
38833
38834
38835
38836
38837
38838
38839
38840
38841
38842
38843
38844
38845
38846
38847
38848
38849
38850
38851
38852
38853
38854
38855
38856
38857
38858
38859
38860
38861
38862
38863
38864
38865
38866
38867
38868
38869
38870
38871
38872
38873
38874
38875
38876
38877
38878
38879
38880
38881
38882
38883
38884
38885
38886
38887
38888
38889
38890
38891
38892
38893
38894
38895
38896
38897
38898
38899
38900
38901
38902
38903
38904
38905
38906
38907
38908
38909
38910
38911
38912
38913
38914
38915
38916
38917
38918
38919
38920
38921
38922
38923
38924
38925
38926
38927
38928
38929
38930
38931
38932
38933
38934
38935
38936
38937
38938
38939
38940
38941
38942
38943
38944
38945
38946
38947
38948
38949
38950
38951
38952
38953
38954
38955
38956
38957
38958
38959
38960
38961
38962
38963
38964
38965
38966
38967
38968
38969
38970
38971
38972
38973
38974
38975
38976
38977
38978
38979
38980
38981
38982
38983
38984
38985
38986
38987
38988
38989
38990
38991
38992
38993
38994
38995
38996
38997
38998
38999
39000
39001
39002
39003
39004
39005
39006
39007
39008
39009
39010
39011
39012
39013
39014
39015
39016
39017
39018
39019
39020
39021
39022
39023
39024
39025
39026
39027
39028
39029
39030
39031
39032
39033
39034
39035
39036
39037
39038
39039
39040
39041
39042
39043
39044
39045
39046
39047
39048
39049
39050
39051
39052
39053
39054
39055
39056
39057
39058
39059
39060
39061
39062
39063
39064
39065
39066
39067
39068
39069
39070
39071
39072
39073
39074
39075
39076
39077
39078
39079
39080
39081
39082
39083
39084
39085
39086
39087
39088
39089
39090
39091
39092
39093
39094
39095
39096
39097
39098
39099
39100
39101
39102
39103
39104
39105
39106
39107
39108
39109
39110
39111
39112
39113
39114
39115
39116
39117
39118
39119
39120
39121
39122
39123
39124
39125
39126
39127
39128
39129
39130
39131
39132
39133
39134
39135
39136
39137
39138
39139
39140
39141
39142
39143
39144
39145
39146
39147
39148
39149
39150
39151
39152
39153
39154
39155
39156
39157
39158
39159
39160
39161
39162
39163
39164
39165
39166
39167
39168
39169
39170
39171
39172
39173
39174
39175
39176
39177
39178
39179
39180
39181
39182
39183
39184
39185
39186
39187
39188
39189
39190
39191
39192
39193
39194
39195
39196
39197
39198
39199
39200
39201
39202
39203
39204
39205
39206
39207
39208
39209
39210
39211
39212
39213
39214
39215
39216
39217
39218
39219
39220
39221
39222
39223
39224
39225
39226
39227
39228
39229
39230
39231
39232
39233
39234
39235
39236
39237
39238
39239
39240
39241
39242
39243
39244
39245
39246
39247
39248
39249
39250
39251
39252
39253
39254
39255
39256
39257
39258
39259
39260
39261
39262
39263
39264
39265
39266
39267
39268
39269
39270
39271
39272
39273
39274
39275
39276
39277
39278
39279
39280
39281
39282
39283
39284
39285
39286
39287
39288
39289
39290
39291
39292
39293
39294
39295
39296
39297
39298
39299
39300
39301
39302
39303
39304
39305
39306
39307
39308
39309
39310
39311
39312
39313
39314
39315
39316
39317
39318
39319
39320
39321
39322
39323
39324
39325
39326
39327
39328
39329
39330
39331
39332
39333
39334
39335
39336
39337
39338
39339
39340
39341
39342
39343
39344
39345
39346
39347
39348
39349
39350
39351
39352
39353
39354
39355
39356
39357
39358
39359
39360
39361
39362
39363
39364
39365
39366
39367
39368
39369
39370
39371
39372
39373
39374
39375
39376
39377
39378
39379
39380
39381
39382
39383
39384
39385
39386
39387
39388
39389
39390
39391
39392
39393
39394
39395
39396
39397
39398
39399
39400
39401
39402
39403
39404
39405
39406
39407
39408
39409
39410
39411
39412
39413
39414
39415
39416
39417
39418
39419
39420
39421
39422
39423
39424
39425
39426
39427
39428
39429
39430
39431
39432
39433
39434
39435
39436
39437
39438
39439
39440
39441
39442
39443
39444
39445
39446
39447
39448
39449
39450
39451
39452
39453
39454
39455
39456
39457
39458
39459
39460
39461
39462
39463
39464
39465
39466
39467
39468
39469
39470
39471
39472
39473
39474
39475
39476
39477
39478
39479
39480
39481
39482
39483
39484
39485
39486
39487
39488
39489
39490
39491
39492
39493
39494
39495
39496
39497
39498
39499
39500
39501
39502
39503
39504
39505
39506
39507
39508
39509
39510
39511
39512
39513
39514
39515
39516
39517
39518
39519
39520
39521
39522
39523
39524
39525
39526
39527
39528
39529
39530
39531
39532
39533
39534
39535
39536
39537
39538
39539
39540
39541
39542
39543
39544
39545
39546
39547
39548
39549
39550
39551
39552
39553
39554
39555
39556
39557
39558
39559
39560
39561
39562
39563
39564
39565
39566
39567
39568
39569
39570
39571
39572
39573
39574
39575
39576
39577
39578
39579
39580
39581
39582
39583
39584
39585
39586
39587
39588
39589
39590
39591
39592
39593
39594
39595
39596
39597
39598
39599
39600
39601
39602
39603
39604
39605
39606
39607
39608
39609
39610
39611
39612
39613
39614
39615
39616
39617
39618
39619
39620
39621
39622
39623
39624
39625
39626
39627
39628
39629
39630
39631
39632
39633
39634
39635
39636
39637
39638
39639
39640
39641
39642
39643
39644
39645
39646
39647
39648
39649
39650
39651
39652
39653
39654
39655
39656
39657
39658
39659
39660
39661
39662
39663
39664
39665
39666
39667
39668
39669
39670
39671
39672
39673
39674
39675
39676
39677
39678
39679
39680
39681
39682
39683
39684
39685
39686
39687
39688
39689
39690
39691
39692
39693
39694
39695
39696
39697
39698
39699
39700
39701
39702
39703
39704
39705
39706
39707
39708
39709
39710
39711
39712
39713
39714
39715
39716
39717
39718
39719
39720
39721
39722
39723
39724
39725
39726
39727
39728
39729
39730
39731
39732
39733
39734
39735
39736
39737
39738
39739
39740
39741
39742
39743
39744
39745
39746
39747
39748
39749
39750
39751
39752
39753
39754
39755
39756
39757
39758
39759
39760
39761
39762
39763
39764
39765
39766
39767
39768
39769
39770
39771
39772
39773
39774
39775
39776
39777
39778
39779
39780
39781
39782
39783
39784
39785
39786
39787
39788
39789
39790
39791
39792
39793
39794
39795
39796
39797
39798
39799
39800
39801
39802
39803
39804
39805
39806
39807
39808
39809
39810
39811
39812
39813
39814
39815
39816
39817
39818
39819
39820
39821
39822
39823
39824
39825
39826
39827
39828
39829
39830
39831
39832
39833
39834
39835
39836
39837
39838
39839
39840
39841
39842
39843
39844
39845
39846
39847
39848
39849
39850
39851
39852
39853
39854
39855
39856
39857
39858
39859
39860
39861
39862
39863
39864
39865
39866
39867
39868
39869
39870
39871
39872
39873
39874
39875
39876
39877
39878
39879
39880
39881
39882
39883
39884
39885
39886
39887
39888
39889
39890
39891
39892
39893
39894
39895
39896
39897
39898
39899
39900
39901
39902
39903
39904
39905
39906
39907
39908
39909
39910
39911
39912
39913
39914
39915
39916
39917
39918
39919
39920
39921
39922
39923
39924
39925
39926
39927
39928
39929
39930
39931
39932
39933
39934
39935
39936
39937
39938
39939
39940
39941
39942
39943
39944
39945
39946
39947
39948
39949
39950
39951
39952
39953
39954
39955
39956
39957
39958
39959
39960
39961
39962
39963
39964
39965
39966
39967
39968
39969
39970
39971
39972
39973
39974
39975
39976
39977
39978
39979
39980
39981
39982
39983
39984
39985
39986
39987
39988
39989
39990
39991
39992
39993
39994
39995
39996
39997
39998
39999
40000
40001
40002
40003
40004
40005
40006
40007
40008
40009
40010
40011
40012
40013
40014
40015
40016
40017
40018
40019
40020
40021
40022
40023
40024
40025
40026
40027
40028
40029
40030
40031
40032
40033
40034
40035
40036
40037
40038
40039
40040
40041
40042
40043
40044
40045
40046
40047
40048
40049
40050
40051
40052
40053
40054
40055
40056
40057
40058
40059
40060
40061
40062
40063
40064
40065
40066
40067
40068
40069
40070
40071
40072
40073
40074
40075
40076
40077
40078
40079
40080
40081
40082
40083
40084
40085
40086
40087
40088
40089
40090
40091
40092
40093
40094
40095
40096
40097
40098
40099
40100
40101
40102
40103
40104
40105
40106
40107
40108
40109
40110
40111
40112
40113
40114
40115
40116
40117
40118
40119
40120
40121
40122
40123
40124
40125
40126
40127
40128
40129
40130
40131
40132
40133
40134
40135
40136
40137
40138
40139
40140
40141
40142
40143
40144
40145
40146
40147
40148
40149
40150
40151
40152
40153
40154
40155
40156
40157
40158
40159
40160
40161
40162
40163
40164
40165
40166
40167
40168
40169
40170
40171
40172
40173
40174
40175
40176
40177
40178
40179
40180
40181
40182
40183
40184
40185
40186
40187
40188
40189
40190
40191
40192
40193
40194
40195
40196
40197
40198
40199
40200
40201
40202
40203
40204
40205
40206
40207
40208
40209
40210
40211
40212
40213
40214
40215
40216
40217
40218
40219
40220
40221
40222
40223
40224
40225
40226
40227
40228
40229
40230
40231
40232
40233
40234
40235
40236
40237
40238
40239
40240
40241
40242
40243
40244
40245
40246
40247
40248
40249
40250
40251
40252
40253
40254
40255
40256
40257
40258
40259
40260
40261
40262
40263
40264
40265
40266
40267
40268
40269
40270
40271
40272
40273
40274
40275
40276
40277
40278
40279
40280
40281
40282
40283
40284
40285
40286
40287
40288
40289
40290
40291
40292
40293
40294
40295
40296
40297
40298
40299
40300
40301
40302
40303
40304
40305
40306
40307
40308
40309
40310
40311
40312
40313
40314
40315
40316
40317
40318
40319
40320
40321
40322
40323
40324
40325
40326
40327
40328
40329
40330
40331
40332
40333
40334
40335
40336
40337
40338
40339
40340
40341
40342
40343
40344
40345
40346
40347
40348
40349
40350
40351
40352
40353
40354
40355
40356
40357
40358
40359
40360
40361
40362
40363
40364
40365
40366
40367
40368
40369
40370
40371
40372
40373
40374
40375
40376
40377
40378
40379
40380
40381
40382
40383
40384
40385
40386
40387
40388
40389
40390
40391
40392
40393
40394
40395
40396
40397
40398
40399
40400
40401
40402
40403
40404
40405
40406
40407
40408
40409
40410
40411
40412
40413
40414
40415
40416
40417
40418
40419
40420
40421
40422
40423
40424
40425
40426
40427
40428
40429
40430
40431
40432
40433
40434
40435
40436
40437
40438
40439
40440
40441
40442
40443
40444
40445
40446
40447
40448
40449
40450
40451
40452
40453
40454
40455
40456
40457
40458
40459
40460
40461
40462
40463
40464
40465
40466
40467
40468
40469
40470
40471
40472
40473
40474
40475
40476
40477
40478
40479
40480
40481
40482
40483
40484
40485
40486
40487
40488
40489
40490
40491
40492
40493
40494
40495
40496
40497
40498
40499
40500
40501
40502
40503
40504
40505
40506
40507
40508
40509
40510
40511
40512
40513
40514
40515
40516
40517
40518
40519
40520
40521
40522
40523
40524
40525
40526
40527
40528
40529
40530
40531
40532
40533
40534
40535
40536
40537
40538
40539
40540
40541
40542
40543
40544
40545
40546
40547
40548
40549
40550
40551
40552
40553
40554
40555
40556
40557
40558
40559
40560
40561
40562
40563
40564
40565
40566
40567
40568
40569
40570
40571
40572
40573
40574
40575
40576
40577
40578
40579
40580
40581
40582
40583
40584
40585
40586
40587
40588
40589
40590
40591
40592
40593
40594
40595
40596
40597
40598
40599
40600
40601
40602
40603
40604
40605
40606
40607
40608
40609
40610
40611
40612
40613
40614
40615
40616
40617
40618
40619
40620
40621
40622
40623
40624
40625
40626
40627
40628
40629
40630
40631
40632
40633
40634
40635
40636
40637
40638
40639
40640
40641
40642
40643
40644
40645
40646
40647
40648
40649
40650
40651
40652
40653
40654
40655
40656
40657
40658
40659
40660
40661
40662
40663
40664
40665
40666
40667
40668
40669
40670
40671
40672
40673
40674
40675
40676
40677
40678
40679
40680
40681
40682
40683
40684
40685
40686
40687
40688
40689
40690
40691
40692
40693
40694
40695
40696
40697
40698
40699
40700
40701
40702
40703
40704
40705
40706
40707
40708
40709
40710
40711
40712
40713
40714
40715
40716
40717
40718
40719
40720
40721
40722
40723
40724
40725
40726
40727
40728
40729
40730
40731
40732
40733
40734
40735
40736
40737
40738
40739
40740
40741
40742
40743
40744
40745
40746
40747
40748
40749
40750
40751
40752
40753
40754
40755
40756
40757
40758
40759
40760
40761
40762
40763
40764
40765
40766
40767
40768
40769
40770
40771
40772
40773
40774
40775
40776
40777
40778
40779
40780
40781
40782
40783
40784
40785
40786
40787
40788
40789
40790
40791
40792
40793
40794
40795
40796
40797
40798
40799
40800
40801
40802
40803
40804
40805
40806
40807
40808
40809
40810
40811
40812
40813
40814
40815
40816
40817
40818
40819
40820
40821
40822
40823
40824
40825
40826
40827
40828
40829
40830
40831
40832
40833
40834
40835
40836
40837
40838
40839
40840
40841
40842
40843
40844
40845
40846
40847
40848
40849
40850
40851
40852
40853
40854
40855
40856
40857
40858
40859
40860
40861
40862
40863
40864
40865
40866
40867
40868
40869
40870
40871
40872
40873
40874
40875
40876
40877
40878
40879
40880
40881
40882
40883
40884
40885
40886
40887
40888
40889
40890
40891
40892
40893
40894
40895
40896
40897
40898
40899
40900
40901
40902
40903
40904
40905
40906
40907
40908
40909
40910
40911
40912
40913
40914
40915
40916
40917
40918
40919
40920
40921
40922
40923
40924
40925
40926
40927
40928
40929
40930
40931
40932
40933
40934
40935
40936
40937
40938
40939
40940
40941
40942
40943
40944
40945
40946
40947
40948
40949
40950
40951
40952
40953
40954
40955
40956
40957
40958
40959
40960
40961
40962
40963
40964
40965
40966
40967
40968
40969
40970
40971
40972
40973
40974
40975
40976
40977
40978
40979
40980
40981
40982
40983
40984
40985
40986
40987
40988
40989
40990
40991
40992
40993
40994
40995
40996
40997
40998
40999
41000
41001
41002
41003
41004
41005
41006
41007
41008
41009
41010
41011
41012
41013
41014
41015
41016
41017
41018
41019
41020
41021
41022
41023
41024
41025
41026
41027
41028
41029
41030
41031
41032
41033
41034
41035
41036
41037
41038
41039
41040
41041
41042
41043
41044
41045
41046
41047
41048
41049
41050
41051
41052
41053
41054
41055
41056
41057
41058
41059
41060
41061
41062
41063
41064
41065
41066
41067
41068
41069
41070
41071
41072
41073
41074
41075
41076
41077
41078
41079
41080
41081
41082
41083
41084
41085
41086
41087
41088
41089
41090
41091
41092
41093
41094
41095
41096
41097
41098
41099
41100
41101
41102
41103
41104
41105
41106
41107
41108
41109
41110
41111
41112
41113
41114
41115
41116
41117
41118
41119
41120
41121
41122
41123
41124
41125
41126
41127
41128
41129
41130
41131
41132
41133
41134
41135
41136
41137
41138
41139
41140
41141
41142
41143
41144
41145
41146
41147
41148
41149
41150
41151
41152
41153
41154
41155
41156
41157
41158
41159
41160
41161
41162
41163
41164
41165
41166
41167
41168
41169
41170
41171
41172
41173
41174
41175
41176
41177
41178
41179
41180
41181
41182
41183
41184
41185
41186
41187
41188
41189
41190
41191
41192
41193
41194
41195
41196
41197
41198
41199
41200
41201
41202
41203
41204
41205
41206
41207
41208
41209
41210
41211
41212
41213
41214
41215
41216
41217
41218
41219
41220
41221
41222
41223
41224
41225
41226
41227
41228
41229
41230
41231
41232
41233
41234
41235
41236
41237
41238
41239
41240
41241
41242
41243
41244
41245
41246
41247
41248
41249
41250
41251
41252
41253
41254
41255
41256
41257
41258
41259
41260
41261
41262
41263
41264
41265
41266
41267
41268
41269
41270
41271
41272
41273
41274
41275
41276
41277
41278
41279
41280
41281
41282
41283
41284
41285
41286
41287
41288
41289
41290
41291
41292
41293
41294
41295
41296
41297
41298
41299
41300
41301
41302
41303
41304
41305
41306
41307
41308
41309
41310
41311
41312
41313
41314
41315
41316
41317
41318
41319
41320
41321
41322
41323
41324
41325
41326
41327
41328
41329
41330
41331
41332
41333
41334
41335
41336
41337
41338
41339
41340
41341
41342
41343
41344
41345
41346
41347
41348
41349
41350
41351
41352
41353
41354
41355
41356
41357
41358
41359
41360
41361
41362
41363
41364
41365
41366
41367
41368
41369
41370
41371
41372
41373
41374
41375
41376
41377
41378
41379
41380
41381
41382
41383
41384
41385
41386
41387
41388
41389
41390
41391
41392
41393
41394
41395
41396
41397
41398
41399
41400
41401
41402
41403
41404
41405
41406
41407
41408
41409
41410
41411
41412
41413
41414
41415
41416
41417
41418
41419
41420
41421
41422
41423
41424
41425
41426
41427
41428
41429
41430
41431
41432
41433
41434
41435
41436
41437
41438
41439
41440
41441
41442
41443
41444
41445
41446
41447
41448
41449
41450
41451
41452
41453
41454
41455
41456
41457
41458
41459
41460
41461
41462
41463
41464
41465
41466
41467
41468
41469
41470
41471
41472
41473
41474
41475
41476
41477
41478
41479
41480
41481
41482
41483
41484
41485
41486
41487
41488
41489
41490
41491
41492
41493
41494
41495
41496
41497
41498
41499
41500
41501
41502
41503
41504
41505
41506
41507
41508
41509
41510
41511
41512
41513
41514
41515
41516
41517
41518
41519
41520
41521
41522
41523
41524
41525
41526
41527
41528
41529
41530
41531
41532
41533
41534
41535
41536
41537
41538
41539
41540
41541
41542
41543
41544
41545
41546
41547
41548
41549
41550
41551
41552
41553
41554
41555
41556
41557
41558
41559
41560
41561
41562
41563
41564
41565
41566
41567
41568
41569
41570
41571
41572
41573
41574
41575
41576
41577
41578
41579
41580
41581
41582
41583
41584
41585
41586
41587
41588
41589
41590
41591
41592
41593
41594
41595
41596
41597
41598
41599
41600
41601
41602
41603
41604
41605
41606
41607
41608
41609
41610
41611
41612
41613
41614
41615
41616
41617
41618
41619
41620
41621
41622
41623
41624
41625
41626
41627
41628
41629
41630
41631
41632
41633
41634
41635
41636
41637
41638
41639
41640
41641
41642
41643
41644
41645
41646
41647
41648
41649
41650
41651
41652
41653
41654
41655
41656
41657
41658
41659
41660
41661
41662
41663
41664
41665
41666
41667
41668
41669
41670
41671
41672
41673
41674
41675
41676
41677
41678
41679
41680
41681
41682
41683
41684
41685
41686
41687
41688
41689
41690
41691
41692
41693
41694
41695
41696
41697
41698
41699
41700
41701
41702
41703
41704
41705
41706
41707
41708
41709
41710
41711
41712
41713
41714
41715
41716
41717
41718
41719
41720
41721
41722
41723
41724
41725
41726
41727
41728
41729
41730
41731
41732
41733
41734
41735
41736
41737
41738
41739
41740
41741
41742
41743
41744
41745
41746
41747
41748
41749
41750
41751
41752
41753
41754
41755
41756
41757
41758
41759
41760
41761
41762
41763
41764
41765
41766
41767
41768
41769
41770
41771
41772
41773
41774
41775
41776
41777
41778
41779
41780
41781
41782
41783
41784
41785
41786
41787
41788
41789
41790
41791
41792
41793
41794
41795
41796
41797
41798
41799
41800
41801
41802
41803
41804
41805
41806
41807
41808
41809
41810
41811
41812
41813
41814
41815
41816
41817
41818
41819
41820
41821
41822
41823
41824
41825
41826
41827
41828
41829
41830
41831
41832
41833
41834
41835
41836
41837
41838
41839
41840
41841
41842
41843
41844
41845
41846
41847
41848
41849
41850
41851
41852
41853
41854
41855
41856
41857
41858
41859
41860
41861
41862
41863
41864
41865
41866
41867
41868
41869
41870
41871
41872
41873
41874
41875
41876
41877
41878
41879
41880
41881
41882
41883
41884
41885
41886
41887
41888
41889
41890
41891
41892
41893
41894
41895
41896
41897
41898
41899
41900
41901
41902
41903
41904
41905
41906
41907
41908
41909
41910
41911
41912
41913
41914
41915
41916
41917
41918
41919
41920
41921
41922
41923
41924
41925
41926
41927
41928
41929
41930
41931
41932
41933
41934
41935
41936
41937
41938
41939
41940
41941
41942
41943
41944
41945
41946
41947
41948
41949
41950
41951
41952
41953
41954
41955
41956
41957
41958
41959
41960
41961
41962
41963
41964
41965
41966
41967
41968
41969
41970
41971
41972
41973
41974
41975
41976
41977
41978
41979
41980
41981
41982
41983
41984
41985
41986
41987
41988
41989
41990
41991
41992
41993
41994
41995
41996
41997
41998
41999
42000
42001
42002
42003
42004
42005
42006
42007
42008
42009
42010
42011
42012
42013
42014
42015
42016
42017
42018
42019
42020
42021
42022
42023
42024
42025
42026
42027
42028
42029
42030
42031
42032
42033
42034
42035
42036
42037
42038
42039
42040
42041
42042
42043
42044
42045
42046
42047
42048
42049
42050
42051
42052
42053
42054
42055
42056
42057
42058
42059
42060
42061
42062
42063
42064
42065
42066
42067
42068
42069
42070
42071
42072
42073
42074
42075
42076
42077
42078
42079
42080
42081
42082
42083
42084
42085
42086
42087
42088
42089
42090
42091
42092
42093
42094
42095
42096
42097
42098
42099
42100
42101
42102
42103
42104
42105
42106
42107
42108
42109
42110
42111
42112
42113
42114
42115
42116
42117
42118
42119
42120
42121
42122
42123
42124
42125
42126
42127
42128
42129
42130
42131
42132
42133
42134
42135
42136
42137
42138
42139
42140
42141
42142
42143
42144
42145
42146
42147
42148
42149
42150
42151
42152
42153
42154
42155
42156
42157
42158
42159
42160
42161
42162
42163
42164
42165
42166
42167
42168
42169
42170
42171
42172
42173
42174
42175
42176
42177
42178
42179
42180
42181
42182
42183
42184
42185
42186
42187
42188
42189
42190
42191
42192
42193
42194
42195
42196
42197
42198
42199
42200
42201
42202
42203
42204
42205
42206
42207
42208
42209
42210
42211
42212
42213
42214
42215
42216
42217
42218
42219
42220
42221
42222
42223
42224
42225
42226
42227
42228
42229
42230
42231
42232
42233
42234
42235
42236
42237
42238
42239
42240
42241
42242
42243
42244
42245
42246
42247
42248
42249
42250
42251
42252
42253
42254
42255
42256
42257
42258
42259
42260
42261
42262
42263
42264
42265
42266
42267
42268
42269
42270
42271
42272
42273
42274
42275
42276
42277
42278
42279
42280
42281
42282
42283
42284
42285
42286
42287
42288
42289
42290
42291
42292
42293
42294
42295
42296
42297
42298
42299
42300
42301
42302
42303
42304
42305
42306
42307
42308
42309
42310
42311
42312
42313
42314
42315
42316
42317
42318
42319
42320
42321
42322
42323
42324
42325
42326
42327
42328
42329
42330
42331
42332
42333
42334
42335
42336
42337
42338
42339
42340
42341
42342
42343
42344
42345
42346
42347
42348
42349
42350
42351
42352
42353
42354
42355
42356
42357
42358
42359
42360
42361
42362
42363
42364
42365
42366
42367
42368
42369
42370
42371
42372
42373
42374
42375
42376
42377
42378
42379
42380
42381
42382
42383
42384
42385
42386
42387
42388
42389
42390
42391
42392
42393
42394
42395
42396
42397
42398
42399
42400
42401
42402
42403
42404
42405
42406
42407
42408
42409
42410
42411
42412
42413
42414
42415
42416
42417
42418
42419
42420
42421
42422
42423
42424
42425
42426
42427
42428
42429
42430
42431
42432
42433
42434
42435
42436
42437
42438
42439
42440
42441
42442
42443
42444
42445
42446
42447
42448
42449
42450
42451
42452
42453
42454
42455
42456
42457
42458
42459
42460
42461
42462
42463
42464
42465
42466
42467
42468
42469
42470
42471
42472
42473
42474
42475
42476
42477
42478
42479
42480
42481
42482
42483
42484
42485
42486
42487
42488
42489
42490
42491
42492
42493
42494
42495
42496
42497
42498
42499
42500
42501
42502
42503
42504
42505
42506
42507
42508
42509
42510
42511
42512
42513
42514
42515
42516
42517
42518
42519
42520
42521
42522
42523
42524
42525
42526
42527
42528
42529
42530
42531
42532
42533
42534
42535
42536
42537
42538
42539
42540
42541
42542
42543
42544
42545
42546
42547
42548
42549
42550
42551
42552
42553
42554
42555
42556
42557
42558
42559
42560
42561
42562
42563
42564
42565
42566
42567
42568
42569
42570
42571
42572
42573
42574
42575
42576
42577
42578
42579
42580
42581
42582
42583
42584
42585
42586
42587
42588
42589
42590
42591
42592
42593
42594
42595
42596
42597
42598
42599
42600
42601
42602
42603
42604
42605
42606
42607
42608
42609
42610
42611
42612
42613
42614
42615
42616
42617
42618
42619
42620
42621
42622
42623
42624
42625
42626
42627
42628
42629
42630
42631
42632
42633
42634
42635
42636
42637
42638
42639
42640
42641
42642
42643
42644
42645
42646
42647
42648
42649
42650
42651
42652
42653
42654
42655
42656
42657
42658
42659
42660
42661
42662
42663
42664
42665
42666
42667
42668
42669
42670
42671
42672
42673
42674
42675
42676
42677
42678
42679
42680
42681
42682
42683
42684
42685
42686
42687
42688
42689
42690
42691
42692
42693
42694
42695
42696
42697
42698
42699
42700
42701
42702
42703
42704
42705
42706
42707
42708
42709
42710
42711
42712
42713
42714
42715
42716
42717
42718
42719
42720
42721
42722
42723
42724
42725
42726
42727
42728
42729
42730
42731
42732
42733
42734
42735
42736
42737
42738
42739
42740
42741
42742
42743
42744
42745
42746
42747
42748
42749
42750
42751
42752
42753
42754
42755
42756
42757
42758
42759
42760
42761
42762
42763
42764
42765
42766
42767
42768
42769
42770
42771
42772
42773
42774
42775
42776
42777
42778
42779
42780
42781
42782
42783
42784
42785
42786
42787
42788
42789
42790
42791
42792
42793
42794
42795
42796
42797
42798
42799
42800
42801
42802
42803
42804
42805
42806
42807
42808
42809
42810
42811
42812
42813
42814
42815
42816
42817
42818
42819
42820
42821
42822
42823
42824
42825
42826
42827
42828
42829
42830
42831
42832
42833
42834
42835
42836
42837
42838
42839
42840
42841
42842
42843
42844
42845
42846
42847
42848
42849
42850
42851
42852
42853
42854
42855
42856
42857
42858
42859
42860
42861
42862
42863
42864
42865
42866
42867
42868
42869
42870
42871
42872
42873
42874
42875
42876
42877
42878
42879
42880
42881
42882
42883
42884
42885
42886
42887
42888
42889
42890
42891
42892
42893
42894
42895
42896
42897
42898
42899
42900
42901
42902
42903
42904
42905
42906
42907
42908
42909
42910
42911
42912
42913
42914
42915
42916
42917
42918
42919
42920
42921
42922
42923
42924
42925
42926
42927
42928
42929
42930
42931
42932
42933
42934
42935
42936
42937
42938
42939
42940
42941
42942
42943
42944
42945
42946
42947
42948
42949
42950
42951
42952
42953
42954
42955
42956
42957
42958
42959
42960
42961
42962
42963
42964
42965
42966
42967
42968
42969
42970
42971
42972
42973
42974
42975
42976
42977
42978
42979
42980
42981
42982
42983
42984
42985
42986
42987
42988
42989
42990
42991
42992
42993
42994
42995
42996
42997
42998
42999
43000
43001
43002
43003
43004
43005
43006
43007
43008
43009
43010
43011
43012
43013
43014
43015
43016
43017
43018
43019
43020
43021
43022
43023
43024
43025
43026
43027
43028
43029
43030
43031
43032
43033
43034
43035
43036
43037
43038
43039
43040
43041
43042
43043
43044
43045
43046
43047
43048
43049
43050
43051
43052
43053
43054
43055
43056
43057
43058
43059
43060
43061
43062
43063
43064
43065
43066
43067
43068
43069
43070
43071
43072
43073
43074
43075
43076
43077
43078
43079
43080
43081
43082
43083
43084
43085
43086
43087
43088
43089
43090
43091
43092
43093
43094
43095
43096
43097
43098
43099
43100
43101
43102
43103
43104
43105
43106
43107
43108
43109
43110
43111
43112
43113
43114
43115
43116
43117
43118
43119
43120
43121
43122
43123
43124
43125
43126
43127
43128
43129
43130
43131
43132
43133
43134
43135
43136
43137
43138
43139
43140
43141
43142
43143
43144
43145
43146
43147
43148
43149
43150
43151
43152
43153
43154
43155
43156
43157
43158
43159
43160
43161
43162
43163
43164
43165
43166
43167
43168
43169
43170
43171
43172
43173
43174
43175
43176
43177
43178
43179
43180
43181
43182
43183
43184
43185
43186
43187
43188
43189
43190
43191
43192
43193
43194
43195
43196
43197
43198
43199
43200
43201
43202
43203
43204
43205
43206
43207
43208
43209
43210
43211
43212
43213
43214
43215
43216
43217
43218
43219
43220
43221
43222
43223
43224
43225
43226
43227
43228
43229
43230
43231
43232
43233
43234
43235
43236
43237
43238
43239
43240
43241
43242
43243
43244
43245
43246
43247
43248
43249
43250
43251
43252
43253
43254
43255
43256
43257
43258
43259
43260
43261
43262
43263
43264
43265
43266
43267
43268
43269
43270
43271
43272
43273
43274
43275
43276
43277
43278
43279
43280
43281
43282
43283
43284
43285
43286
43287
43288
43289
43290
43291
43292
43293
43294
43295
43296
43297
43298
43299
43300
43301
43302
43303
43304
43305
43306
43307
43308
43309
43310
43311
43312
43313
43314
43315
43316
43317
43318
43319
43320
43321
43322
43323
43324
43325
43326
43327
43328
43329
43330
43331
43332
43333
43334
43335
43336
43337
43338
43339
43340
43341
43342
43343
43344
43345
43346
43347
43348
43349
43350
43351
43352
43353
43354
43355
43356
43357
43358
43359
43360
43361
43362
43363
43364
43365
43366
43367
43368
43369
43370
43371
43372
43373
43374
43375
43376
43377
43378
43379
43380
43381
43382
43383
43384
43385
43386
43387
43388
43389
43390
43391
43392
43393
43394
43395
43396
43397
43398
43399
43400
43401
43402
43403
43404
43405
43406
43407
43408
43409
43410
43411
43412
43413
43414
43415
43416
43417
43418
43419
43420
43421
43422
43423
43424
43425
43426
43427
43428
43429
43430
43431
43432
43433
43434
43435
43436
43437
43438
43439
43440
43441
43442
43443
43444
43445
43446
43447
43448
43449
43450
43451
43452
43453
43454
43455
43456
43457
43458
43459
43460
43461
43462
43463
43464
43465
43466
43467
43468
43469
43470
43471
43472
43473
43474
43475
43476
43477
43478
43479
43480
43481
43482
43483
43484
43485
43486
43487
43488
43489
43490
43491
43492
43493
43494
43495
43496
43497
43498
43499
43500
43501
43502
43503
43504
43505
43506
43507
43508
43509
43510
43511
43512
43513
43514
43515
43516
43517
43518
43519
43520
43521
43522
43523
43524
43525
43526
43527
43528
43529
43530
43531
43532
43533
43534
43535
43536
43537
43538
43539
43540
43541
43542
43543
43544
43545
43546
43547
43548
43549
43550
43551
43552
43553
43554
43555
43556
43557
43558
43559
43560
43561
43562
43563
43564
43565
43566
43567
43568
43569
43570
43571
43572
43573
43574
43575
43576
43577
43578
43579
43580
43581
43582
43583
43584
43585
43586
43587
43588
43589
43590
43591
43592
43593
43594
43595
43596
43597
43598
43599
43600
43601
43602
43603
43604
43605
43606
43607
43608
43609
43610
43611
43612
43613
43614
43615
43616
43617
43618
43619
43620
43621
43622
43623
43624
43625
43626
43627
43628
43629
43630
43631
43632
43633
43634
43635
43636
43637
43638
43639
43640
43641
43642
43643
43644
43645
43646
43647
43648
43649
43650
43651
43652
43653
43654
43655
43656
43657
43658
43659
43660
43661
43662
43663
43664
43665
43666
43667
43668
43669
43670
43671
43672
43673
43674
43675
43676
43677
43678
43679
43680
43681
43682
43683
43684
43685
43686
43687
43688
43689
43690
43691
43692
43693
43694
43695
43696
43697
43698
43699
43700
43701
43702
43703
43704
43705
43706
43707
43708
43709
43710
43711
43712
43713
43714
43715
43716
43717
43718
43719
43720
43721
43722
43723
43724
43725
43726
43727
43728
43729
43730
43731
43732
43733
43734
43735
43736
43737
43738
43739
43740
43741
43742
43743
43744
43745
43746
43747
43748
43749
43750
43751
43752
43753
43754
43755
43756
43757
43758
43759
43760
43761
43762
43763
43764
43765
43766
43767
43768
43769
43770
43771
43772
43773
43774
43775
43776
43777
43778
43779
43780
43781
43782
43783
43784
43785
43786
43787
43788
43789
43790
43791
43792
43793
43794
43795
43796
43797
43798
43799
43800
43801
43802
43803
43804
43805
43806
43807
43808
43809
43810
43811
43812
43813
43814
43815
43816
43817
43818
43819
43820
43821
43822
43823
43824
43825
43826
43827
43828
43829
43830
43831
43832
43833
43834
43835
43836
43837
43838
43839
43840
43841
43842
43843
43844
43845
43846
43847
43848
43849
43850
43851
43852
43853
43854
43855
43856
43857
43858
43859
43860
43861
43862
43863
43864
43865
43866
43867
43868
43869
43870
43871
43872
43873
43874
43875
43876
43877
43878
43879
43880
43881
43882
43883
43884
43885
43886
43887
43888
43889
43890
43891
43892
43893
43894
43895
43896
43897
43898
43899
43900
43901
43902
43903
43904
43905
43906
43907
43908
43909
43910
43911
43912
43913
43914
43915
43916
43917
43918
43919
43920
43921
43922
43923
43924
43925
43926
43927
43928
43929
43930
43931
43932
43933
43934
43935
43936
43937
43938
43939
43940
43941
43942
43943
43944
43945
43946
43947
43948
43949
43950
43951
43952
43953
43954
43955
43956
43957
43958
43959
43960
43961
43962
43963
43964
43965
43966
43967
43968
43969
43970
43971
43972
43973
43974
43975
43976
43977
43978
43979
43980
43981
43982
43983
43984
43985
43986
43987
43988
43989
43990
43991
43992
43993
43994
43995
43996
43997
43998
43999
44000
44001
44002
44003
44004
44005
44006
44007
44008
44009
44010
44011
44012
44013
44014
44015
44016
44017
44018
44019
44020
44021
44022
44023
44024
44025
44026
44027
44028
44029
44030
44031
44032
44033
44034
44035
44036
44037
44038
44039
44040
44041
44042
44043
44044
44045
44046
44047
44048
44049
44050
44051
44052
44053
44054
44055
44056
44057
44058
44059
44060
44061
44062
44063
44064
44065
44066
44067
44068
44069
44070
44071
44072
44073
44074
44075
44076
44077
44078
44079
44080
44081
44082
44083
44084
44085
44086
44087
44088
44089
44090
44091
44092
44093
44094
44095
44096
44097
44098
44099
44100
44101
44102
44103
44104
44105
44106
44107
44108
44109
44110
44111
44112
44113
44114
44115
44116
44117
44118
44119
44120
44121
44122
44123
44124
44125
44126
44127
44128
44129
44130
44131
44132
44133
44134
44135
44136
44137
44138
44139
44140
44141
44142
44143
44144
44145
44146
44147
44148
44149
44150
44151
44152
44153
44154
44155
44156
44157
44158
44159
44160
44161
44162
44163
44164
44165
44166
44167
44168
44169
44170
44171
44172
44173
44174
44175
44176
44177
44178
44179
44180
44181
44182
44183
44184
44185
44186
44187
44188
44189
44190
44191
44192
44193
44194
44195
44196
44197
44198
44199
44200
44201
44202
44203
44204
44205
44206
44207
44208
44209
44210
44211
44212
44213
44214
44215
44216
44217
44218
44219
44220
44221
44222
44223
44224
44225
44226
44227
44228
44229
44230
44231
44232
44233
44234
44235
44236
44237
44238
44239
44240
44241
44242
44243
44244
44245
44246
44247
44248
44249
44250
44251
44252
44253
44254
44255
44256
44257
44258
44259
44260
44261
44262
44263
44264
44265
44266
44267
44268
44269
44270
44271
44272
44273
44274
44275
44276
44277
44278
44279
44280
44281
44282
44283
44284
44285
44286
44287
44288
44289
44290
44291
44292
44293
44294
44295
44296
44297
44298
44299
44300
44301
44302
44303
44304
44305
44306
44307
44308
44309
44310
44311
44312
44313
44314
44315
44316
44317
44318
44319
44320
44321
44322
44323
44324
44325
44326
44327
44328
44329
44330
44331
44332
44333
44334
44335
44336
44337
44338
44339
44340
44341
44342
44343
44344
44345
44346
44347
44348
44349
44350
44351
44352
44353
44354
44355
44356
44357
44358
44359
44360
44361
44362
44363
44364
44365
44366
44367
44368
44369
44370
44371
44372
44373
44374
44375
44376
44377
44378
44379
44380
44381
44382
44383
44384
44385
44386
44387
44388
44389
44390
44391
44392
44393
44394
44395
44396
44397
44398
44399
44400
44401
44402
44403
44404
44405
44406
44407
44408
44409
44410
44411
44412
44413
44414
44415
44416
44417
44418
44419
44420
44421
44422
44423
44424
44425
44426
44427
44428
44429
44430
44431
44432
44433
44434
44435
44436
44437
44438
44439
44440
44441
44442
44443
44444
44445
44446
44447
44448
44449
44450
44451
44452
44453
44454
44455
44456
44457
44458
44459
44460
44461
44462
44463
44464
44465
44466
44467
44468
44469
44470
44471
44472
44473
44474
44475
44476
44477
44478
44479
44480
44481
44482
44483
44484
44485
44486
44487
44488
44489
44490
44491
44492
44493
44494
44495
44496
44497
44498
44499
44500
44501
44502
44503
44504
44505
44506
44507
44508
44509
44510
44511
44512
44513
44514
44515
44516
44517
44518
44519
44520
44521
44522
44523
44524
44525
44526
44527
44528
44529
44530
44531
44532
44533
44534
44535
44536
44537
44538
44539
44540
44541
44542
44543
44544
44545
44546
44547
44548
44549
44550
44551
44552
44553
44554
44555
44556
44557
44558
44559
44560
44561
44562
44563
44564
44565
44566
44567
44568
44569
44570
44571
44572
44573
44574
44575
44576
44577
44578
44579
44580
44581
44582
44583
44584
44585
44586
44587
44588
44589
44590
44591
44592
44593
44594
44595
44596
44597
44598
44599
44600
44601
44602
44603
44604
44605
44606
44607
44608
44609
44610
44611
44612
44613
44614
44615
44616
44617
44618
44619
44620
44621
44622
44623
44624
44625
44626
44627
44628
44629
44630
44631
44632
44633
44634
44635
44636
44637
44638
44639
44640
44641
44642
44643
44644
44645
44646
44647
44648
44649
44650
44651
44652
44653
44654
44655
44656
44657
44658
44659
44660
44661
44662
44663
44664
44665
44666
44667
44668
44669
44670
44671
44672
44673
44674
44675
44676
44677
44678
44679
44680
44681
44682
44683
44684
44685
44686
44687
44688
44689
44690
44691
44692
44693
44694
44695
44696
44697
44698
44699
44700
44701
44702
44703
44704
44705
44706
44707
44708
44709
44710
44711
44712
44713
44714
44715
44716
44717
44718
44719
44720
44721
44722
44723
44724
44725
44726
44727
44728
44729
44730
44731
44732
44733
44734
44735
44736
44737
44738
44739
44740
44741
44742
44743
44744
44745
44746
44747
44748
44749
44750
44751
44752
44753
44754
44755
44756
44757
44758
44759
44760
44761
44762
44763
44764
44765
44766
44767
44768
44769
44770
44771
44772
44773
44774
44775
44776
44777
44778
44779
44780
44781
44782
44783
44784
44785
44786
44787
44788
44789
44790
44791
44792
44793
44794
44795
44796
44797
44798
44799
44800
44801
44802
44803
44804
44805
44806
44807
44808
44809
44810
44811
44812
44813
44814
44815
44816
44817
44818
44819
44820
44821
44822
44823
44824
44825
44826
44827
44828
44829
44830
44831
44832
44833
44834
44835
44836
44837
44838
44839
44840
44841
44842
44843
44844
44845
44846
44847
44848
44849
44850
44851
44852
44853
44854
44855
44856
44857
44858
44859
44860
44861
44862
44863
44864
44865
44866
44867
44868
44869
44870
44871
44872
44873
44874
44875
44876
44877
44878
44879
44880
44881
44882
44883
44884
44885
44886
44887
44888
44889
44890
44891
44892
44893
44894
44895
44896
44897
44898
44899
44900
44901
44902
44903
44904
44905
44906
44907
44908
44909
44910
44911
44912
44913
44914
44915
44916
44917
44918
44919
44920
44921
44922
44923
44924
44925
44926
44927
44928
44929
44930
44931
44932
44933
44934
44935
44936
44937
44938
44939
44940
44941
44942
44943
44944
44945
44946
44947
44948
44949
44950
44951
44952
44953
44954
44955
44956
44957
44958
44959
44960
44961
44962
44963
44964
44965
44966
44967
44968
44969
44970
44971
44972
44973
44974
44975
44976
44977
44978
44979
44980
44981
44982
44983
44984
44985
44986
44987
44988
44989
44990
44991
44992
44993
44994
44995
44996
44997
44998
44999
45000
45001
45002
45003
45004
45005
45006
45007
45008
45009
45010
45011
45012
45013
45014
45015
45016
45017
45018
45019
45020
45021
45022
45023
45024
45025
45026
45027
45028
45029
45030
45031
45032
45033
45034
45035
45036
45037
45038
45039
45040
45041
45042
45043
45044
45045
45046
45047
45048
45049
45050
45051
45052
45053
45054
45055
45056
45057
45058
45059
45060
45061
45062
45063
45064
45065
45066
45067
45068
45069
45070
45071
45072
45073
45074
45075
45076
45077
45078
45079
45080
45081
45082
45083
45084
45085
45086
45087
45088
45089
45090
45091
45092
45093
45094
45095
45096
45097
45098
45099
45100
45101
45102
45103
45104
45105
45106
45107
45108
45109
45110
45111
45112
45113
45114
45115
45116
45117
45118
45119
45120
45121
45122
45123
45124
45125
45126
45127
45128
45129
45130
45131
45132
45133
45134
45135
45136
45137
45138
45139
45140
45141
45142
45143
45144
45145
45146
45147
45148
45149
45150
45151
45152
45153
45154
45155
45156
45157
45158
45159
45160
45161
45162
45163
45164
45165
45166
45167
45168
45169
45170
45171
45172
45173
45174
45175
45176
45177
45178
45179
45180
45181
45182
45183
45184
45185
45186
45187
45188
45189
45190
45191
45192
45193
45194
45195
45196
45197
45198
45199
45200
45201
45202
45203
45204
45205
45206
45207
45208
45209
45210
45211
45212
45213
45214
45215
45216
45217
45218
45219
45220
45221
45222
45223
45224
45225
45226
45227
45228
45229
45230
45231
45232
45233
45234
45235
45236
45237
45238
45239
45240
45241
45242
45243
45244
45245
45246
45247
45248
45249
45250
45251
45252
45253
45254
45255
45256
45257
45258
45259
45260
45261
45262
45263
45264
45265
45266
45267
45268
45269
45270
45271
45272
45273
45274
45275
45276
45277
45278
45279
45280
45281
45282
45283
45284
45285
45286
45287
45288
45289
45290
45291
45292
45293
45294
45295
45296
45297
45298
45299
45300
45301
45302
45303
45304
45305
45306
45307
45308
45309
45310
45311
45312
45313
45314
45315
45316
45317
45318
45319
45320
45321
45322
45323
45324
45325
45326
45327
45328
45329
45330
45331
45332
45333
45334
45335
45336
45337
45338
45339
45340
45341
45342
45343
45344
45345
45346
45347
45348
45349
45350
45351
45352
45353
45354
45355
45356
45357
45358
45359
45360
45361
45362
45363
45364
45365
45366
45367
45368
45369
45370
45371
45372
45373
45374
45375
45376
45377
45378
45379
45380
45381
45382
45383
45384
45385
45386
45387
45388
45389
45390
45391
45392
45393
45394
45395
45396
45397
45398
45399
45400
45401
45402
45403
45404
45405
45406
45407
45408
45409
45410
45411
45412
45413
45414
45415
45416
45417
45418
45419
45420
45421
45422
45423
45424
45425
45426
45427
45428
45429
45430
45431
45432
45433
45434
45435
45436
45437
45438
45439
45440
45441
45442
45443
45444
45445
45446
45447
45448
45449
45450
45451
45452
45453
45454
45455
45456
45457
45458
45459
45460
45461
45462
45463
45464
45465
45466
45467
45468
45469
45470
45471
45472
45473
45474
45475
45476
45477
45478
45479
45480
45481
45482
45483
45484
45485
45486
45487
45488
45489
45490
45491
45492
45493
45494
45495
45496
45497
45498
45499
45500
45501
45502
45503
45504
45505
45506
45507
45508
45509
45510
45511
45512
45513
45514
45515
45516
45517
45518
45519
45520
45521
45522
45523
45524
45525
45526
45527
45528
45529
45530
45531
45532
45533
45534
45535
45536
45537
45538
45539
45540
45541
45542
45543
45544
45545
45546
45547
45548
45549
45550
45551
45552
45553
45554
45555
45556
45557
45558
45559
45560
45561
45562
45563
45564
45565
45566
45567
45568
45569
45570
45571
45572
45573
45574
45575
45576
45577
45578
45579
45580
45581
45582
45583
45584
45585
45586
45587
45588
45589
45590
45591
45592
45593
45594
45595
45596
45597
45598
45599
45600
45601
45602
45603
45604
45605
45606
45607
45608
45609
45610
45611
45612
45613
45614
45615
45616
45617
45618
45619
45620
45621
45622
45623
45624
45625
45626
45627
45628
45629
45630
45631
45632
45633
45634
45635
45636
45637
45638
45639
45640
45641
45642
45643
45644
45645
45646
45647
45648
45649
45650
45651
45652
45653
45654
45655
45656
45657
45658
45659
45660
45661
45662
45663
45664
45665
45666
45667
45668
45669
45670
45671
45672
45673
45674
45675
45676
45677
45678
45679
45680
45681
45682
45683
45684
45685
45686
45687
45688
45689
45690
45691
45692
45693
45694
45695
45696
45697
45698
45699
45700
45701
45702
45703
45704
45705
45706
45707
45708
45709
45710
45711
45712
45713
45714
45715
45716
45717
45718
45719
45720
45721
45722
45723
45724
45725
45726
45727
45728
45729
45730
45731
45732
45733
45734
45735
45736
45737
45738
45739
45740
45741
45742
45743
45744
45745
45746
45747
45748
45749
45750
45751
45752
45753
45754
45755
45756
45757
45758
45759
45760
45761
45762
45763
45764
45765
45766
45767
45768
45769
45770
45771
45772
45773
45774
45775
45776
45777
45778
45779
45780
45781
45782
45783
45784
45785
45786
45787
45788
45789
45790
45791
45792
45793
45794
45795
45796
45797
45798
45799
45800
45801
45802
45803
45804
45805
45806
45807
45808
45809
45810
45811
45812
45813
45814
45815
45816
45817
45818
45819
45820
45821
45822
45823
45824
45825
45826
45827
45828
45829
45830
45831
45832
45833
45834
45835
45836
45837
45838
45839
45840
45841
45842
45843
45844
45845
45846
45847
45848
45849
45850
45851
45852
45853
45854
45855
45856
45857
45858
45859
45860
45861
45862
45863
45864
45865
45866
45867
45868
45869
45870
45871
45872
45873
45874
45875
45876
45877
45878
45879
45880
45881
45882
45883
45884
45885
45886
45887
45888
45889
45890
45891
45892
45893
45894
45895
45896
45897
45898
45899
45900
45901
45902
45903
45904
45905
45906
45907
45908
45909
45910
45911
45912
45913
45914
45915
45916
45917
45918
45919
45920
45921
45922
45923
45924
45925
45926
45927
45928
45929
45930
45931
45932
45933
45934
45935
45936
45937
45938
45939
45940
45941
45942
45943
45944
45945
45946
45947
45948
45949
45950
45951
45952
45953
45954
45955
45956
45957
45958
45959
45960
45961
45962
45963
45964
45965
45966
45967
45968
45969
45970
45971
45972
45973
45974
45975
45976
45977
45978
45979
45980
45981
45982
45983
45984
45985
45986
45987
45988
45989
45990
45991
45992
45993
45994
45995
45996
45997
45998
45999
46000
46001
46002
46003
46004
46005
46006
46007
46008
46009
46010
46011
46012
46013
46014
46015
46016
46017
46018
46019
46020
46021
46022
46023
46024
46025
46026
46027
46028
46029
46030
46031
46032
46033
46034
46035
46036
46037
46038
46039
46040
46041
46042
46043
46044
46045
46046
46047
46048
46049
46050
46051
46052
46053
46054
46055
46056
46057
46058
46059
46060
46061
46062
46063
46064
46065
46066
46067
46068
46069
46070
46071
46072
46073
46074
46075
46076
46077
46078
46079
46080
46081
46082
46083
46084
46085
46086
46087
46088
46089
46090
46091
46092
46093
46094
46095
46096
46097
46098
46099
46100
46101
46102
46103
46104
46105
46106
46107
46108
46109
46110
46111
46112
46113
46114
46115
46116
46117
46118
46119
46120
46121
46122
46123
46124
46125
46126
46127
46128
46129
46130
46131
46132
46133
46134
46135
46136
46137
46138
46139
46140
46141
46142
46143
46144
46145
46146
46147
46148
46149
46150
46151
46152
46153
46154
46155
46156
46157
46158
46159
46160
46161
46162
46163
46164
46165
46166
46167
46168
46169
46170
46171
46172
46173
46174
46175
46176
46177
46178
46179
46180
46181
46182
46183
46184
46185
46186
46187
46188
46189
46190
46191
46192
46193
46194
46195
46196
46197
46198
46199
46200
46201
46202
46203
46204
46205
46206
46207
46208
46209
46210
46211
46212
46213
46214
46215
46216
46217
46218
46219
46220
46221
46222
46223
46224
46225
46226
46227
46228
46229
46230
46231
46232
46233
46234
46235
46236
46237
46238
46239
46240
46241
46242
46243
46244
46245
46246
46247
46248
46249
46250
46251
46252
46253
46254
46255
46256
46257
46258
46259
46260
46261
46262
46263
46264
46265
46266
46267
46268
46269
46270
46271
46272
46273
46274
46275
46276
46277
46278
46279
46280
46281
46282
46283
46284
46285
46286
46287
46288
46289
46290
46291
46292
46293
46294
46295
46296
46297
46298
46299
46300
46301
46302
46303
46304
46305
46306
46307
46308
46309
46310
46311
46312
46313
46314
46315
46316
46317
46318
46319
46320
46321
46322
46323
46324
46325
46326
46327
46328
46329
46330
46331
46332
46333
46334
46335
46336
46337
46338
46339
46340
46341
46342
46343
46344
46345
46346
46347
46348
46349
46350
46351
46352
46353
46354
46355
46356
46357
46358
46359
46360
46361
46362
46363
46364
46365
46366
46367
46368
46369
46370
46371
46372
46373
46374
46375
46376
46377
46378
46379
46380
46381
46382
46383
46384
46385
46386
46387
46388
46389
46390
46391
46392
46393
46394
46395
46396
46397
46398
46399
46400
46401
46402
46403
46404
46405
46406
46407
46408
46409
46410
46411
46412
46413
46414
46415
46416
46417
46418
46419
46420
46421
46422
46423
46424
46425
46426
46427
46428
46429
46430
46431
46432
46433
46434
46435
46436
46437
46438
46439
46440
46441
46442
46443
46444
46445
46446
46447
46448
46449
46450
46451
46452
46453
46454
46455
46456
46457
46458
46459
46460
46461
46462
46463
46464
46465
46466
46467
46468
46469
46470
46471
46472
46473
46474
46475
46476
46477
46478
46479
46480
46481
46482
46483
46484
46485
46486
46487
46488
46489
46490
46491
46492
46493
46494
46495
46496
46497
46498
46499
46500
46501
46502
46503
46504
46505
46506
46507
46508
46509
46510
46511
46512
46513
46514
46515
46516
46517
46518
46519
46520
46521
46522
46523
46524
46525
46526
46527
46528
46529
46530
46531
46532
46533
46534
46535
46536
46537
46538
46539
46540
46541
46542
46543
46544
46545
46546
46547
46548
46549
46550
46551
46552
46553
46554
46555
46556
46557
46558
46559
46560
46561
46562
46563
46564
46565
46566
46567
46568
46569
46570
46571
46572
46573
46574
46575
46576
46577
46578
46579
46580
46581
46582
46583
46584
46585
46586
46587
46588
46589
46590
46591
46592
46593
46594
46595
46596
46597
46598
46599
46600
46601
46602
46603
46604
46605
46606
46607
46608
46609
46610
46611
46612
46613
46614
46615
46616
46617
46618
46619
46620
46621
46622
46623
46624
46625
46626
46627
46628
46629
46630
46631
46632
46633
46634
46635
46636
46637
46638
46639
46640
46641
46642
46643
46644
46645
46646
46647
46648
46649
46650
46651
46652
46653
46654
46655
46656
46657
46658
46659
46660
46661
46662
46663
46664
46665
46666
46667
46668
46669
46670
46671
46672
46673
46674
46675
46676
46677
46678
46679
46680
46681
46682
46683
46684
46685
46686
46687
46688
46689
46690
46691
46692
46693
46694
46695
46696
46697
46698
46699
46700
46701
46702
46703
46704
46705
46706
46707
46708
46709
46710
46711
46712
46713
46714
46715
46716
46717
46718
46719
46720
46721
46722
46723
46724
46725
46726
46727
46728
46729
46730
46731
46732
46733
46734
46735
46736
46737
46738
46739
46740
46741
46742
46743
46744
46745
46746
46747
46748
46749
46750
46751
46752
46753
46754
46755
46756
46757
46758
46759
46760
46761
46762
46763
46764
46765
46766
46767
46768
46769
46770
46771
46772
46773
46774
46775
46776
46777
46778
46779
46780
46781
46782
46783
46784
46785
46786
46787
46788
46789
46790
46791
46792
46793
46794
46795
46796
46797
46798
46799
46800
46801
46802
46803
46804
46805
46806
46807
46808
46809
46810
46811
46812
46813
46814
46815
46816
46817
46818
46819
46820
46821
46822
46823
46824
46825
46826
46827
46828
46829
46830
46831
46832
46833
46834
46835
46836
46837
46838
46839
46840
46841
46842
46843
46844
46845
46846
46847
46848
46849
46850
46851
46852
46853
46854
46855
46856
46857
46858
46859
46860
46861
46862
46863
46864
46865
46866
46867
46868
46869
46870
46871
46872
46873
46874
46875
46876
46877
46878
46879
46880
46881
46882
46883
46884
46885
46886
46887
46888
46889
46890
46891
46892
46893
46894
46895
46896
46897
46898
46899
46900
46901
46902
46903
46904
46905
46906
46907
46908
46909
46910
46911
46912
46913
46914
46915
46916
46917
46918
46919
46920
46921
46922
46923
46924
46925
46926
46927
46928
46929
46930
46931
46932
46933
46934
46935
46936
46937
46938
46939
46940
46941
46942
46943
46944
46945
46946
46947
46948
46949
46950
46951
46952
46953
46954
46955
46956
46957
46958
46959
46960
46961
46962
46963
46964
46965
46966
46967
46968
46969
46970
46971
46972
46973
46974
46975
46976
46977
46978
46979
46980
46981
46982
46983
46984
46985
46986
46987
46988
46989
46990
46991
46992
46993
46994
46995
46996
46997
46998
46999
47000
47001
47002
47003
47004
47005
47006
47007
47008
47009
47010
47011
47012
47013
47014
47015
47016
47017
47018
47019
47020
47021
47022
47023
47024
47025
47026
47027
47028
47029
47030
47031
47032
47033
47034
47035
47036
47037
47038
47039
47040
47041
47042
47043
47044
47045
47046
47047
47048
47049
47050
47051
47052
47053
47054
47055
47056
47057
47058
47059
47060
47061
47062
47063
47064
47065
47066
47067
47068
47069
47070
47071
47072
47073
47074
47075
47076
47077
47078
47079
47080
47081
47082
47083
47084
47085
47086
47087
47088
47089
47090
47091
47092
47093
47094
47095
47096
47097
47098
47099
47100
47101
47102
47103
47104
47105
47106
47107
47108
47109
47110
47111
47112
47113
47114
47115
47116
47117
47118
47119
47120
47121
47122
47123
47124
47125
47126
47127
47128
47129
47130
47131
47132
47133
47134
47135
47136
47137
47138
47139
47140
47141
47142
47143
47144
47145
47146
47147
47148
47149
47150
47151
47152
47153
47154
47155
47156
47157
47158
47159
47160
47161
47162
47163
47164
47165
47166
47167
47168
47169
47170
47171
47172
47173
47174
47175
47176
47177
47178
47179
47180
47181
47182
47183
47184
47185
47186
47187
47188
47189
47190
47191
47192
47193
47194
47195
47196
47197
47198
47199
47200
47201
47202
47203
47204
47205
47206
47207
47208
47209
47210
47211
47212
47213
47214
47215
47216
47217
47218
47219
47220
47221
47222
47223
47224
47225
47226
47227
47228
47229
47230
47231
47232
47233
47234
47235
47236
47237
47238
47239
47240
47241
47242
47243
47244
47245
47246
47247
47248
47249
47250
47251
47252
47253
47254
47255
47256
47257
47258
47259
47260
47261
47262
47263
47264
47265
47266
47267
47268
47269
47270
47271
47272
47273
47274
47275
47276
47277
47278
47279
47280
47281
47282
47283
47284
47285
47286
47287
47288
47289
47290
47291
47292
47293
47294
47295
47296
47297
47298
47299
47300
47301
47302
47303
47304
47305
47306
47307
47308
47309
47310
47311
47312
47313
47314
47315
47316
47317
47318
47319
47320
47321
47322
47323
47324
47325
47326
47327
47328
47329
47330
47331
47332
47333
47334
47335
47336
47337
47338
47339
47340
47341
47342
47343
47344
47345
47346
47347
47348
47349
47350
47351
47352
47353
47354
47355
47356
47357
47358
47359
47360
47361
47362
47363
47364
47365
47366
47367
47368
47369
47370
47371
47372
47373
47374
47375
47376
47377
47378
47379
47380
47381
47382
47383
47384
47385
47386
47387
47388
47389
47390
47391
47392
47393
47394
47395
47396
47397
47398
47399
47400
47401
47402
47403
47404
47405
47406
47407
47408
47409
47410
47411
47412
47413
47414
47415
47416
47417
47418
47419
47420
47421
47422
47423
47424
47425
47426
47427
47428
47429
47430
47431
47432
47433
47434
47435
47436
47437
47438
47439
47440
47441
47442
47443
47444
47445
47446
47447
47448
47449
47450
47451
47452
47453
47454
47455
47456
47457
47458
47459
47460
47461
47462
47463
47464
47465
47466
47467
47468
47469
47470
47471
47472
47473
47474
47475
47476
47477
47478
47479
47480
47481
47482
47483
47484
47485
47486
47487
47488
47489
47490
47491
47492
47493
47494
47495
47496
47497
47498
47499
47500
47501
47502
47503
47504
47505
47506
47507
47508
47509
47510
47511
47512
47513
47514
47515
47516
47517
47518
47519
47520
47521
47522
47523
47524
47525
47526
47527
47528
47529
47530
47531
47532
47533
47534
47535
47536
47537
47538
47539
47540
47541
47542
47543
47544
47545
47546
47547
47548
47549
47550
47551
47552
47553
47554
47555
47556
47557
47558
47559
47560
47561
47562
47563
47564
47565
47566
47567
47568
47569
47570
47571
47572
47573
47574
47575
47576
47577
47578
47579
47580
47581
47582
47583
47584
47585
47586
47587
47588
47589
47590
47591
47592
47593
47594
47595
47596
47597
47598
47599
47600
47601
47602
47603
47604
47605
47606
47607
47608
47609
47610
47611
47612
47613
47614
47615
47616
47617
47618
47619
47620
47621
47622
47623
47624
47625
47626
47627
47628
47629
47630
47631
47632
47633
47634
47635
47636
47637
47638
47639
47640
47641
47642
47643
47644
47645
47646
47647
47648
47649
47650
47651
47652
47653
47654
47655
47656
47657
47658
47659
47660
47661
47662
47663
47664
47665
47666
47667
47668
47669
47670
47671
47672
47673
47674
47675
47676
47677
47678
47679
47680
47681
47682
47683
47684
47685
47686
47687
47688
47689
47690
47691
47692
47693
47694
47695
47696
47697
47698
47699
47700
47701
47702
47703
47704
47705
47706
47707
47708
47709
47710
47711
47712
47713
47714
47715
47716
47717
47718
47719
47720
47721
47722
47723
47724
47725
47726
47727
47728
47729
47730
47731
47732
47733
47734
47735
47736
47737
47738
47739
47740
47741
47742
47743
47744
47745
47746
47747
47748
47749
47750
47751
47752
47753
47754
47755
47756
47757
47758
47759
47760
47761
47762
47763
47764
47765
47766
47767
47768
47769
47770
47771
47772
47773
47774
47775
47776
47777
47778
47779
47780
47781
47782
47783
47784
47785
47786
47787
47788
47789
47790
47791
47792
47793
47794
47795
47796
47797
47798
47799
47800
47801
47802
47803
47804
47805
47806
47807
47808
47809
47810
47811
47812
47813
47814
47815
47816
47817
47818
47819
47820
47821
47822
47823
47824
47825
47826
47827
47828
47829
47830
47831
47832
47833
47834
47835
47836
47837
47838
47839
47840
47841
47842
47843
47844
47845
47846
47847
47848
47849
47850
47851
47852
47853
47854
47855
47856
47857
47858
47859
47860
47861
47862
47863
47864
47865
47866
47867
47868
47869
47870
47871
47872
47873
47874
47875
47876
47877
47878
47879
47880
47881
47882
47883
47884
47885
47886
47887
47888
47889
47890
47891
47892
47893
47894
47895
47896
47897
47898
47899
47900
47901
47902
47903
47904
47905
47906
47907
47908
47909
47910
47911
47912
47913
47914
47915
47916
47917
47918
47919
47920
47921
47922
47923
47924
47925
47926
47927
47928
47929
47930
47931
47932
47933
47934
47935
47936
47937
47938
47939
47940
47941
47942
47943
47944
47945
47946
47947
47948
47949
47950
47951
47952
47953
47954
47955
47956
47957
47958
47959
47960
47961
47962
47963
47964
47965
47966
47967
47968
47969
47970
47971
47972
47973
47974
47975
47976
47977
47978
47979
47980
47981
47982
47983
47984
47985
47986
47987
47988
47989
47990
47991
47992
47993
47994
47995
47996
47997
47998
47999
48000
48001
48002
48003
48004
48005
48006
48007
48008
48009
48010
48011
48012
48013
48014
48015
48016
48017
48018
48019
48020
48021
48022
48023
48024
48025
48026
48027
48028
48029
48030
48031
48032
48033
48034
48035
48036
48037
48038
48039
48040
48041
48042
48043
48044
48045
48046
48047
48048
48049
48050
48051
48052
48053
48054
48055
48056
48057
48058
48059
48060
48061
48062
48063
48064
48065
48066
48067
48068
48069
48070
48071
48072
48073
48074
48075
48076
48077
48078
48079
48080
48081
48082
48083
48084
48085
48086
48087
48088
48089
48090
48091
48092
48093
48094
48095
48096
48097
48098
48099
48100
48101
48102
48103
48104
48105
48106
48107
48108
48109
48110
48111
48112
48113
48114
48115
48116
48117
48118
48119
48120
48121
48122
48123
48124
48125
48126
48127
48128
48129
48130
48131
48132
48133
48134
48135
48136
48137
48138
48139
48140
48141
48142
48143
48144
48145
48146
48147
48148
48149
48150
48151
48152
48153
48154
48155
48156
48157
48158
48159
48160
48161
48162
48163
48164
48165
48166
48167
48168
48169
48170
48171
48172
48173
48174
48175
48176
48177
48178
48179
48180
48181
48182
48183
48184
48185
48186
48187
48188
48189
48190
48191
48192
48193
48194
48195
48196
48197
48198
48199
48200
48201
48202
48203
48204
48205
48206
48207
48208
48209
48210
48211
48212
48213
48214
48215
48216
48217
48218
48219
48220
48221
48222
48223
48224
48225
48226
48227
48228
48229
48230
48231
48232
48233
48234
48235
48236
48237
48238
48239
48240
48241
48242
48243
48244
48245
48246
48247
48248
48249
48250
48251
48252
48253
48254
48255
48256
48257
48258
48259
48260
48261
48262
48263
48264
48265
48266
48267
48268
48269
48270
48271
48272
48273
48274
48275
48276
48277
48278
48279
48280
48281
48282
48283
48284
48285
48286
48287
48288
48289
48290
48291
48292
48293
48294
48295
48296
48297
48298
48299
48300
48301
48302
48303
48304
48305
48306
48307
48308
48309
48310
48311
48312
48313
48314
48315
48316
48317
48318
48319
48320
48321
48322
48323
48324
48325
48326
48327
48328
48329
48330
48331
48332
48333
48334
48335
48336
48337
48338
48339
48340
48341
48342
48343
48344
48345
48346
48347
48348
48349
48350
48351
48352
48353
48354
48355
48356
48357
48358
48359
48360
48361
48362
48363
48364
48365
48366
48367
48368
48369
48370
48371
48372
48373
48374
48375
48376
48377
48378
48379
48380
48381
48382
48383
48384
48385
48386
48387
48388
48389
48390
48391
48392
48393
48394
48395
48396
48397
48398
48399
48400
48401
48402
48403
48404
48405
48406
48407
48408
48409
48410
48411
48412
48413
48414
48415
48416
48417
48418
48419
48420
48421
48422
48423
48424
48425
48426
48427
48428
48429
48430
48431
48432
48433
48434
48435
48436
48437
48438
48439
48440
48441
48442
48443
48444
48445
48446
48447
48448
48449
48450
48451
48452
48453
48454
48455
48456
48457
48458
48459
48460
48461
48462
48463
48464
48465
48466
48467
48468
48469
48470
48471
48472
48473
48474
48475
48476
48477
48478
48479
48480
48481
48482
48483
48484
48485
48486
48487
48488
48489
48490
48491
48492
48493
48494
48495
48496
48497
48498
48499
48500
48501
48502
48503
48504
48505
48506
48507
48508
48509
48510
48511
48512
48513
48514
48515
48516
48517
48518
48519
48520
48521
48522
48523
48524
48525
48526
48527
48528
48529
48530
48531
48532
48533
48534
48535
48536
48537
48538
48539
48540
48541
48542
48543
48544
48545
48546
48547
48548
48549
48550
48551
48552
48553
48554
48555
48556
48557
48558
48559
48560
48561
48562
48563
48564
48565
48566
48567
48568
48569
48570
48571
48572
48573
48574
48575
48576
48577
48578
48579
48580
48581
48582
48583
48584
48585
48586
48587
48588
48589
48590
48591
48592
48593
48594
48595
48596
48597
48598
48599
48600
48601
48602
48603
48604
48605
48606
48607
48608
48609
48610
48611
48612
48613
48614
48615
48616
48617
48618
48619
48620
48621
48622
48623
48624
48625
48626
48627
48628
48629
48630
48631
48632
48633
48634
48635
48636
48637
48638
48639
48640
48641
48642
48643
48644
48645
48646
48647
48648
48649
48650
48651
48652
48653
48654
48655
48656
48657
48658
48659
48660
48661
48662
48663
48664
48665
48666
48667
48668
48669
48670
48671
48672
48673
48674
48675
48676
48677
48678
48679
48680
48681
48682
48683
48684
48685
48686
48687
48688
48689
48690
48691
48692
48693
48694
48695
48696
48697
48698
48699
48700
48701
48702
48703
48704
48705
48706
48707
48708
48709
48710
48711
48712
48713
48714
48715
48716
48717
48718
48719
48720
48721
48722
48723
48724
48725
48726
48727
48728
48729
48730
48731
48732
48733
48734
48735
48736
48737
48738
48739
48740
48741
48742
48743
48744
48745
48746
48747
48748
48749
48750
48751
48752
48753
48754
48755
48756
48757
48758
48759
48760
48761
48762
48763
48764
48765
48766
48767
48768
48769
48770
48771
48772
48773
48774
48775
48776
48777
48778
48779
48780
48781
48782
48783
48784
48785
48786
48787
48788
48789
48790
48791
48792
48793
48794
48795
48796
48797
48798
48799
48800
48801
48802
48803
48804
48805
48806
48807
48808
48809
48810
48811
48812
48813
48814
48815
48816
48817
48818
48819
48820
48821
48822
48823
48824
48825
48826
48827
48828
48829
48830
48831
48832
48833
48834
48835
48836
48837
48838
48839
48840
48841
48842
48843
48844
48845
48846
48847
48848
48849
48850
48851
48852
48853
48854
48855
48856
48857
48858
48859
48860
48861
48862
48863
48864
48865
48866
48867
48868
48869
48870
48871
48872
48873
48874
48875
48876
48877
48878
48879
48880
48881
48882
48883
48884
48885
48886
48887
48888
48889
48890
48891
48892
48893
48894
48895
48896
48897
48898
48899
48900
48901
48902
48903
48904
48905
48906
48907
48908
48909
48910
48911
48912
48913
48914
48915
48916
48917
48918
48919
48920
48921
48922
48923
48924
48925
48926
48927
48928
48929
48930
48931
48932
48933
48934
48935
48936
48937
48938
48939
48940
48941
48942
48943
48944
48945
48946
48947
48948
48949
48950
48951
48952
48953
48954
48955
48956
48957
48958
48959
48960
48961
48962
48963
48964
48965
48966
48967
48968
48969
48970
48971
48972
48973
48974
48975
48976
48977
48978
48979
48980
48981
48982
48983
48984
48985
48986
48987
48988
48989
48990
48991
48992
48993
48994
48995
48996
48997
48998
48999
49000
49001
49002
49003
49004
49005
49006
49007
49008
49009
49010
49011
49012
49013
49014
49015
49016
49017
49018
49019
49020
49021
49022
49023
49024
49025
49026
49027
49028
49029
49030
49031
49032
49033
49034
49035
49036
49037
49038
49039
49040
49041
49042
49043
49044
49045
49046
49047
49048
49049
49050
49051
49052
49053
49054
49055
49056
49057
49058
49059
49060
49061
49062
49063
49064
49065
49066
49067
49068
49069
49070
49071
49072
49073
49074
49075
49076
49077
49078
49079
49080
49081
49082
49083
49084
49085
49086
49087
49088
49089
49090
49091
49092
49093
49094
49095
49096
49097
49098
49099
49100
49101
49102
49103
49104
49105
49106
49107
49108
49109
49110
49111
49112
49113
49114
49115
49116
49117
49118
49119
49120
49121
49122
49123
49124
49125
49126
49127
49128
49129
49130
49131
49132
49133
49134
49135
49136
49137
49138
49139
49140
49141
49142
49143
49144
49145
49146
49147
49148
49149
49150
49151
49152
49153
49154
49155
49156
49157
49158
49159
49160
49161
49162
49163
49164
49165
49166
49167
49168
49169
49170
49171
49172
49173
49174
49175
49176
49177
49178
49179
49180
49181
49182
49183
49184
49185
49186
49187
49188
49189
49190
49191
49192
49193
49194
49195
49196
49197
49198
49199
49200
49201
49202
49203
49204
49205
49206
49207
49208
49209
49210
49211
49212
49213
49214
49215
49216
49217
49218
49219
49220
49221
49222
49223
49224
49225
49226
49227
49228
49229
49230
49231
49232
49233
49234
49235
49236
49237
49238
49239
49240
49241
49242
49243
49244
49245
49246
49247
49248
49249
49250
49251
49252
49253
49254
49255
49256
49257
49258
49259
49260
49261
49262
49263
49264
49265
49266
49267
49268
49269
49270
49271
49272
49273
49274
49275
49276
49277
49278
49279
49280
49281
49282
49283
49284
49285
49286
49287
49288
49289
49290
49291
49292
49293
49294
49295
49296
49297
49298
49299
49300
49301
49302
49303
49304
49305
49306
49307
49308
49309
49310
49311
49312
49313
49314
49315
49316
49317
49318
49319
49320
49321
49322
49323
49324
49325
49326
49327
49328
49329
49330
49331
49332
49333
49334
49335
49336
49337
49338
49339
49340
49341
49342
49343
49344
49345
49346
49347
49348
49349
49350
49351
49352
49353
49354
49355
49356
49357
49358
49359
49360
49361
49362
49363
49364
49365
49366
49367
49368
49369
49370
49371
49372
49373
49374
49375
49376
49377
49378
49379
49380
49381
49382
49383
49384
49385
49386
49387
49388
49389
49390
49391
49392
49393
49394
49395
49396
49397
49398
49399
49400
49401
49402
49403
49404
49405
49406
49407
49408
49409
49410
49411
49412
49413
49414
49415
49416
49417
49418
49419
49420
49421
49422
49423
49424
49425
49426
49427
49428
49429
49430
49431
49432
49433
49434
49435
49436
49437
49438
49439
49440
49441
49442
49443
49444
49445
49446
49447
49448
49449
49450
49451
49452
49453
49454
49455
49456
49457
49458
49459
49460
49461
49462
49463
49464
49465
49466
49467
49468
49469
49470
49471
49472
49473
49474
49475
49476
49477
49478
49479
49480
49481
49482
49483
49484
49485
49486
49487
49488
49489
49490
49491
49492
49493
49494
49495
49496
49497
49498
49499
49500
49501
49502
49503
49504
49505
49506
49507
49508
49509
49510
49511
49512
49513
49514
49515
49516
49517
49518
49519
49520
49521
49522
49523
49524
49525
49526
49527
49528
49529
49530
49531
49532
49533
49534
49535
49536
49537
49538
49539
49540
49541
49542
49543
49544
49545
49546
49547
49548
49549
49550
49551
49552
49553
49554
49555
49556
49557
49558
49559
49560
49561
49562
49563
49564
49565
49566
49567
49568
49569
49570
49571
49572
49573
49574
49575
49576
49577
49578
49579
49580
49581
49582
49583
49584
49585
49586
49587
49588
49589
49590
49591
49592
49593
49594
49595
49596
49597
49598
49599
49600
49601
49602
49603
49604
49605
49606
49607
49608
49609
49610
49611
49612
49613
49614
49615
49616
49617
49618
49619
49620
49621
49622
49623
49624
49625
49626
49627
49628
49629
49630
49631
49632
49633
49634
49635
49636
49637
49638
49639
49640
49641
49642
49643
49644
49645
49646
49647
49648
49649
49650
49651
49652
49653
49654
49655
49656
49657
49658
49659
49660
49661
49662
49663
49664
49665
49666
49667
49668
49669
49670
49671
49672
49673
49674
49675
49676
49677
49678
49679
49680
49681
49682
49683
49684
49685
49686
49687
49688
49689
49690
49691
49692
49693
49694
49695
49696
49697
49698
49699
49700
49701
49702
49703
49704
49705
49706
49707
49708
49709
49710
49711
49712
49713
49714
49715
49716
49717
49718
49719
49720
49721
49722
49723
49724
49725
49726
49727
49728
49729
49730
49731
49732
49733
49734
49735
49736
49737
49738
49739
49740
49741
49742
49743
49744
49745
49746
49747
49748
49749
49750
49751
49752
49753
49754
49755
49756
49757
49758
49759
49760
49761
49762
49763
49764
49765
49766
49767
49768
49769
49770
49771
49772
49773
49774
49775
49776
49777
49778
49779
49780
49781
49782
49783
49784
49785
49786
49787
49788
49789
49790
49791
49792
49793
49794
49795
49796
49797
49798
49799
49800
49801
49802
49803
49804
49805
49806
49807
49808
49809
49810
49811
49812
49813
49814
49815
49816
49817
49818
49819
49820
49821
49822
49823
49824
49825
49826
49827
49828
49829
49830
49831
49832
49833
49834
49835
49836
49837
49838
49839
49840
49841
49842
49843
49844
49845
49846
49847
49848
49849
49850
49851
49852
49853
49854
49855
49856
49857
49858
49859
49860
49861
49862
49863
49864
49865
49866
49867
49868
49869
49870
49871
49872
49873
49874
49875
49876
49877
49878
49879
49880
49881
49882
49883
49884
49885
49886
49887
49888
49889
49890
49891
49892
49893
49894
49895
49896
49897
49898
49899
49900
49901
49902
49903
49904
49905
49906
49907
49908
49909
49910
49911
49912
49913
49914
49915
49916
49917
49918
49919
49920
49921
49922
49923
49924
49925
49926
49927
49928
49929
49930
49931
49932
49933
49934
49935
49936
49937
49938
49939
49940
49941
49942
49943
49944
49945
49946
49947
49948
49949
49950
49951
49952
49953
49954
49955
49956
49957
49958
49959
49960
49961
49962
49963
49964
49965
49966
49967
49968
49969
49970
49971
49972
49973
49974
49975
49976
49977
49978
49979
49980
49981
49982
49983
49984
49985
49986
49987
49988
49989
49990
49991
49992
49993
49994
49995
49996
49997
49998
49999
50000
50001
50002
50003
50004
50005
50006
50007
50008
50009
50010
50011
50012
50013
50014
50015
50016
50017
50018
50019
50020
50021
50022
50023
50024
50025
50026
50027
50028
50029
50030
50031
50032
50033
50034
50035
50036
50037
50038
50039
50040
50041
50042
50043
50044
50045
50046
50047
50048
50049
50050
50051
50052
50053
50054
50055
50056
50057
50058
50059
50060
50061
50062
50063
50064
50065
50066
50067
50068
50069
50070
50071
50072
50073
50074
50075
50076
50077
50078
50079
50080
50081
50082
50083
50084
50085
50086
50087
50088
50089
50090
50091
50092
50093
50094
50095
50096
50097
50098
50099
50100
50101
50102
50103
50104
50105
50106
50107
50108
50109
50110
50111
50112
50113
50114
50115
50116
50117
50118
50119
50120
50121
50122
50123
50124
50125
50126
50127
50128
50129
50130
50131
50132
50133
50134
50135
50136
50137
50138
50139
50140
50141
50142
50143
50144
50145
50146
50147
50148
50149
50150
50151
50152
50153
50154
50155
50156
50157
50158
50159
50160
50161
50162
50163
50164
50165
50166
50167
50168
50169
50170
50171
50172
50173
50174
50175
50176
50177
50178
50179
50180
50181
50182
50183
50184
50185
50186
50187
50188
50189
50190
50191
50192
50193
50194
50195
50196
50197
50198
50199
50200
50201
50202
50203
50204
50205
50206
50207
50208
50209
50210
50211
50212
50213
50214
50215
50216
50217
50218
50219
50220
50221
50222
50223
50224
50225
50226
50227
50228
50229
50230
50231
50232
50233
50234
50235
50236
50237
50238
50239
50240
50241
50242
50243
50244
50245
50246
50247
50248
50249
50250
50251
50252
50253
50254
50255
50256
50257
50258
50259
50260
50261
50262
50263
50264
50265
50266
50267
50268
50269
50270
50271
50272
50273
50274
50275
50276
50277
50278
50279
50280
50281
50282
50283
50284
50285
50286
50287
50288
50289
50290
50291
50292
50293
50294
50295
50296
50297
50298
50299
50300
50301
50302
50303
50304
50305
50306
50307
50308
50309
50310
50311
50312
50313
50314
50315
50316
50317
50318
50319
50320
50321
50322
50323
50324
50325
50326
50327
50328
50329
50330
50331
50332
50333
50334
50335
50336
50337
50338
50339
50340
50341
50342
50343
50344
50345
50346
50347
50348
50349
50350
50351
50352
50353
50354
50355
50356
50357
50358
50359
50360
50361
50362
50363
50364
50365
50366
50367
50368
50369
50370
50371
50372
50373
50374
50375
50376
50377
50378
50379
50380
50381
50382
50383
50384
50385
50386
50387
50388
50389
50390
50391
50392
50393
50394
50395
50396
50397
50398
50399
50400
50401
50402
50403
50404
50405
50406
50407
50408
50409
50410
50411
50412
50413
50414
50415
50416
50417
50418
50419
50420
50421
50422
50423
50424
50425
50426
50427
50428
50429
50430
50431
50432
50433
50434
50435
50436
50437
50438
50439
50440
50441
50442
50443
50444
50445
50446
50447
50448
50449
50450
50451
50452
50453
50454
50455
50456
50457
50458
50459
50460
50461
50462
50463
50464
50465
50466
50467
50468
50469
50470
50471
50472
50473
50474
50475
50476
50477
50478
50479
50480
50481
50482
50483
50484
50485
50486
50487
50488
50489
50490
50491
50492
50493
50494
50495
50496
50497
50498
50499
50500
50501
50502
50503
50504
50505
50506
50507
50508
50509
50510
50511
50512
50513
50514
50515
50516
50517
50518
50519
50520
50521
50522
50523
50524
50525
50526
50527
50528
50529
50530
50531
50532
50533
50534
50535
50536
50537
50538
50539
50540
50541
50542
50543
50544
50545
50546
50547
50548
50549
50550
50551
50552
50553
50554
50555
50556
50557
50558
50559
50560
50561
50562
50563
50564
50565
50566
50567
50568
50569
50570
50571
50572
50573
50574
50575
50576
50577
50578
50579
50580
50581
50582
50583
50584
50585
50586
50587
50588
50589
50590
50591
50592
50593
50594
50595
50596
50597
50598
50599
50600
50601
50602
50603
50604
50605
50606
50607
50608
50609
50610
50611
50612
50613
50614
50615
50616
50617
50618
50619
50620
50621
50622
50623
50624
50625
50626
50627
50628
50629
50630
50631
50632
50633
50634
50635
50636
50637
50638
50639
50640
50641
50642
50643
50644
50645
50646
50647
50648
50649
50650
50651
50652
50653
50654
50655
50656
50657
50658
50659
50660
50661
50662
50663
50664
50665
50666
50667
50668
50669
50670
50671
50672
50673
50674
50675
50676
50677
50678
50679
50680
50681
50682
50683
50684
50685
50686
50687
50688
50689
50690
50691
50692
50693
50694
50695
50696
50697
50698
50699
50700
50701
50702
50703
50704
50705
50706
50707
50708
50709
50710
50711
50712
50713
50714
50715
50716
50717
50718
50719
50720
50721
50722
50723
50724
50725
50726
50727
50728
50729
50730
50731
50732
50733
50734
50735
50736
50737
50738
50739
50740
50741
50742
50743
50744
50745
50746
50747
50748
50749
50750
50751
50752
50753
50754
50755
50756
50757
50758
50759
50760
50761
50762
50763
50764
50765
50766
50767
50768
50769
50770
50771
50772
50773
50774
50775
50776
50777
50778
50779
50780
50781
50782
50783
50784
50785
50786
50787
50788
50789
50790
50791
50792
50793
50794
50795
50796
50797
50798
50799
50800
50801
50802
50803
50804
50805
50806
50807
50808
50809
50810
50811
50812
50813
50814
50815
50816
50817
50818
50819
50820
50821
50822
50823
50824
50825
50826
50827
50828
50829
50830
50831
50832
50833
50834
50835
50836
50837
50838
50839
50840
50841
50842
50843
50844
50845
50846
50847
50848
50849
50850
50851
50852
50853
50854
50855
50856
50857
50858
50859
50860
50861
50862
50863
50864
50865
50866
50867
50868
50869
50870
50871
50872
50873
50874
50875
50876
50877
50878
50879
50880
50881
50882
50883
50884
50885
50886
50887
50888
50889
50890
50891
50892
50893
50894
50895
50896
50897
50898
50899
50900
50901
50902
50903
50904
50905
50906
50907
50908
50909
50910
50911
50912
50913
50914
50915
50916
50917
50918
50919
50920
50921
50922
50923
50924
50925
50926
50927
50928
50929
50930
50931
50932
50933
50934
50935
50936
50937
50938
50939
50940
50941
50942
50943
50944
50945
50946
50947
50948
50949
50950
50951
50952
50953
50954
50955
50956
50957
50958
50959
50960
50961
50962
50963
50964
50965
50966
50967
50968
50969
50970
50971
50972
50973
50974
50975
50976
50977
50978
50979
50980
50981
50982
50983
50984
50985
50986
50987
50988
50989
50990
50991
50992
50993
50994
50995
50996
50997
50998
50999
51000
51001
51002
51003
51004
51005
51006
51007
51008
51009
51010
51011
51012
51013
51014
51015
51016
51017
51018
51019
51020
51021
51022
51023
51024
51025
51026
51027
51028
51029
51030
51031
51032
51033
51034
51035
51036
51037
51038
51039
51040
51041
51042
51043
51044
51045
51046
51047
51048
51049
51050
51051
51052
51053
51054
51055
51056
51057
51058
51059
51060
51061
51062
51063
51064
51065
51066
51067
51068
51069
51070
51071
51072
51073
51074
51075
51076
51077
51078
51079
51080
51081
51082
51083
51084
51085
51086
51087
51088
51089
51090
51091
51092
51093
51094
51095
51096
51097
51098
51099
51100
51101
51102
51103
51104
51105
51106
51107
51108
51109
51110
51111
51112
51113
51114
51115
51116
51117
51118
51119
51120
51121
51122
51123
51124
51125
51126
51127
51128
51129
51130
51131
51132
51133
51134
51135
51136
51137
51138
51139
51140
51141
51142
51143
51144
51145
51146
51147
51148
51149
51150
51151
51152
51153
51154
51155
51156
51157
51158
51159
51160
51161
51162
51163
51164
51165
51166
51167
51168
51169
51170
51171
51172
51173
51174
51175
51176
51177
51178
51179
51180
51181
51182
51183
51184
51185
51186
51187
51188
51189
51190
51191
51192
51193
51194
51195
51196
51197
51198
51199
51200
51201
51202
51203
51204
51205
51206
51207
51208
51209
51210
51211
51212
51213
51214
51215
51216
51217
51218
51219
51220
51221
51222
51223
51224
51225
51226
51227
51228
51229
51230
51231
51232
51233
51234
51235
51236
51237
51238
51239
51240
51241
51242
51243
51244
51245
51246
51247
51248
51249
51250
51251
51252
51253
51254
51255
51256
51257
51258
51259
51260
51261
51262
51263
51264
51265
51266
51267
51268
51269
51270
51271
51272
51273
51274
51275
51276
51277
51278
51279
51280
51281
51282
51283
51284
51285
51286
51287
51288
51289
51290
51291
51292
51293
51294
51295
51296
51297
51298
51299
51300
51301
51302
51303
51304
51305
51306
51307
51308
51309
51310
51311
51312
51313
51314
51315
51316
51317
51318
51319
51320
51321
51322
51323
51324
51325
51326
51327
51328
51329
51330
51331
51332
51333
51334
51335
51336
51337
51338
51339
51340
51341
51342
51343
51344
51345
51346
51347
51348
51349
51350
51351
51352
51353
51354
51355
51356
51357
51358
51359
51360
51361
51362
51363
51364
51365
51366
51367
51368
51369
51370
51371
51372
51373
51374
51375
51376
51377
51378
51379
51380
51381
51382
51383
51384
51385
51386
51387
51388
51389
51390
51391
51392
51393
51394
51395
51396
51397
51398
51399
51400
51401
51402
51403
51404
51405
51406
51407
51408
51409
51410
51411
51412
51413
51414
51415
51416
51417
51418
51419
51420
51421
51422
51423
51424
51425
51426
51427
51428
51429
51430
51431
51432
51433
51434
51435
51436
51437
51438
51439
51440
51441
51442
51443
51444
51445
51446
51447
51448
51449
51450
51451
51452
51453
51454
51455
51456
51457
51458
51459
51460
51461
51462
51463
51464
51465
51466
51467
51468
51469
51470
51471
51472
51473
51474
51475
51476
51477
51478
51479
51480
51481
51482
51483
51484
51485
51486
51487
51488
51489
51490
51491
51492
51493
51494
51495
51496
51497
51498
51499
51500
51501
51502
51503
51504
51505
51506
51507
51508
51509
51510
51511
51512
51513
51514
51515
51516
51517
51518
51519
51520
51521
51522
51523
51524
51525
51526
51527
51528
51529
51530
51531
51532
51533
51534
51535
51536
51537
51538
51539
51540
51541
51542
51543
51544
51545
51546
51547
51548
51549
51550
51551
51552
51553
51554
51555
51556
51557
51558
51559
51560
51561
51562
51563
51564
51565
51566
51567
51568
51569
51570
51571
51572
51573
51574
51575
51576
51577
51578
51579
51580
51581
51582
51583
51584
51585
51586
51587
51588
51589
51590
51591
51592
51593
51594
51595
51596
51597
51598
51599
51600
51601
51602
51603
51604
51605
51606
51607
51608
51609
51610
51611
51612
51613
51614
51615
51616
51617
51618
51619
51620
51621
51622
51623
51624
51625
51626
51627
51628
51629
51630
51631
51632
51633
51634
51635
51636
51637
51638
51639
51640
51641
51642
51643
51644
51645
51646
51647
51648
51649
51650
51651
51652
51653
51654
51655
51656
51657
51658
51659
51660
51661
51662
51663
51664
51665
51666
51667
51668
51669
51670
51671
51672
51673
51674
51675
51676
51677
51678
51679
51680
51681
51682
51683
51684
51685
51686
51687
51688
51689
51690
51691
51692
51693
51694
51695
51696
51697
51698
51699
51700
51701
51702
51703
51704
51705
51706
51707
51708
51709
51710
51711
51712
51713
51714
51715
51716
51717
51718
51719
51720
51721
51722
51723
51724
51725
51726
51727
51728
51729
51730
51731
51732
51733
51734
51735
51736
51737
51738
51739
51740
51741
51742
51743
51744
51745
51746
51747
51748
51749
51750
51751
51752
51753
51754
51755
51756
51757
51758
51759
51760
51761
51762
51763
51764
51765
51766
51767
51768
51769
51770
51771
51772
51773
51774
51775
51776
51777
51778
51779
51780
51781
51782
51783
51784
51785
51786
51787
51788
51789
51790
51791
51792
51793
51794
51795
51796
51797
51798
51799
51800
51801
51802
51803
51804
51805
51806
51807
51808
51809
51810
51811
51812
51813
51814
51815
51816
51817
51818
51819
51820
51821
51822
51823
51824
51825
51826
51827
51828
51829
51830
51831
51832
51833
51834
51835
51836
51837
51838
51839
51840
51841
51842
51843
51844
51845
51846
51847
51848
51849
51850
51851
51852
51853
51854
51855
51856
51857
51858
51859
51860
51861
51862
51863
51864
51865
51866
51867
51868
51869
51870
51871
51872
51873
51874
51875
51876
51877
51878
51879
51880
51881
51882
51883
51884
51885
51886
51887
51888
51889
51890
51891
51892
51893
51894
51895
51896
51897
51898
51899
51900
51901
51902
51903
51904
51905
51906
51907
51908
51909
51910
51911
51912
51913
51914
51915
51916
51917
51918
51919
51920
51921
51922
51923
51924
51925
51926
51927
51928
51929
51930
51931
51932
51933
51934
51935
51936
51937
51938
51939
51940
51941
51942
51943
51944
51945
51946
51947
51948
51949
51950
51951
51952
51953
51954
51955
51956
51957
51958
51959
51960
51961
51962
51963
51964
51965
51966
51967
51968
51969
51970
51971
51972
51973
51974
51975
51976
51977
51978
51979
51980
51981
51982
51983
51984
51985
51986
51987
51988
51989
51990
51991
51992
51993
51994
51995
51996
51997
51998
51999
52000
52001
52002
52003
52004
52005
52006
52007
52008
52009
52010
52011
52012
52013
52014
52015
52016
52017
52018
52019
52020
52021
52022
52023
52024
52025
52026
52027
52028
52029
52030
52031
52032
52033
52034
52035
52036
52037
52038
52039
52040
52041
52042
52043
52044
52045
52046
52047
52048
52049
52050
52051
52052
52053
52054
52055
52056
52057
52058
52059
52060
52061
52062
52063
52064
52065
52066
52067
52068
52069
52070
52071
52072
52073
52074
52075
52076
52077
52078
52079
52080
52081
52082
52083
52084
52085
52086
52087
52088
52089
52090
52091
52092
52093
52094
52095
52096
52097
52098
52099
52100
52101
52102
52103
52104
52105
52106
52107
52108
52109
52110
52111
52112
52113
52114
52115
52116
52117
52118
52119
52120
52121
52122
52123
52124
52125
52126
52127
52128
52129
52130
52131
52132
52133
52134
52135
52136
52137
52138
52139
52140
52141
52142
52143
52144
52145
52146
52147
52148
52149
52150
52151
52152
52153
52154
52155
52156
52157
52158
52159
52160
52161
52162
52163
52164
52165
52166
52167
52168
52169
52170
52171
52172
52173
52174
52175
52176
52177
52178
52179
52180
52181
52182
52183
52184
52185
52186
52187
52188
52189
52190
52191
52192
52193
52194
52195
52196
52197
52198
52199
52200
52201
52202
52203
52204
52205
52206
52207
52208
52209
52210
52211
52212
52213
52214
52215
52216
52217
52218
52219
52220
52221
52222
52223
52224
52225
52226
52227
52228
52229
52230
52231
52232
52233
52234
52235
52236
52237
52238
52239
52240
52241
52242
52243
52244
52245
52246
52247
52248
52249
52250
52251
52252
52253
52254
52255
52256
52257
52258
52259
52260
52261
52262
52263
52264
52265
52266
52267
52268
52269
52270
52271
52272
52273
52274
52275
52276
52277
52278
52279
52280
52281
52282
52283
52284
52285
52286
52287
52288
52289
52290
52291
52292
52293
52294
52295
52296
52297
52298
52299
52300
52301
52302
52303
52304
52305
52306
52307
52308
52309
52310
52311
52312
52313
52314
52315
52316
52317
52318
52319
52320
52321
52322
52323
52324
52325
52326
52327
52328
52329
52330
52331
52332
52333
52334
52335
52336
52337
52338
52339
52340
52341
52342
52343
52344
52345
52346
52347
52348
52349
52350
52351
52352
52353
52354
52355
52356
52357
52358
52359
52360
52361
52362
52363
52364
52365
52366
52367
CVE-2019-20637 (An issue was discovered in Varnish Cache before 6.0.5 LTS, 6.1.x and 6 ...)
	- varnish <unfixed> (bug #956305)
	NOTE: http://varnish-cache.org/security/VSV00004.html#vsv00004
	NOTE: https://github.com/varnishcache/varnish-cache/commit/bd7b3d6d47ccbb5e1747126f8e2a297f38e56b8c
CVE-2019-20636 (In the Linux kernel before 5.4.12, drivers/input/input.c has out-of-bo ...)
	- linux 5.4.13-1
	[buster] - linux 4.19.98-1
	[stretch] - linux 4.9.210-1
	NOTE: https://git.kernel.org/linus/cb222aed03d798fc074be55e59d9a112338ee784
CVE-2019-20635 (codeBeamer before 9.5.0-RC3 does not properly restrict the ability to  ...)
	NOT-FOR-US: codeBeamer
CVE-2019-20634 (An issue was discovered in Proofpoint Email Protection through 2019-09 ...)
	NOT-FOR-US: Proofpoint Email Protection
CVE-2019-20633 (GNU patch through 2.7.6 contains a free(p_line[p_end]) Double Free vul ...)
	- patch <not-affected> (Incomplete fix for CVE-2018-6952 not applied)
	NOTE: https://savannah.gnu.org/bugs/index.php?56683
CVE-2019-20632 (An issue was discovered in libgpac.a in GPAC before 0.8.0, as demonstr ...)
	- gpac <unfixed>
	[buster] - gpac <no-dsa> (Minor issue)
	[stretch] - gpac <no-dsa> (Minor issue)
	[jessie] - gpac <ignored> (Minor issue)
	NOTE: https://github.com/gpac/gpac/commit/1ab4860609f2e7a35634930571e7d0531297e090
	NOTE: https://github.com/gpac/gpac/issues/1271
CVE-2019-20631 (An issue was discovered in libgpac.a in GPAC before 0.8.0, as demonstr ...)
	- gpac <unfixed>
	[buster] - gpac <no-dsa> (Minor issue)
	[stretch] - gpac <no-dsa> (Minor issue)
	[jessie] - gpac <ignored> (Minor issue)
	NOTE: https://github.com/gpac/gpac/commit/1ab4860609f2e7a35634930571e7d0531297e090
	NOTE: https://github.com/gpac/gpac/issues/1270
CVE-2019-20630 (An issue was discovered in libgpac.a in GPAC before 0.8.0, as demonstr ...)
	- gpac <unfixed>
	[buster] - gpac <no-dsa> (Minor issue)
	[stretch] - gpac <no-dsa> (Minor issue)
	[jessie] - gpac <ignored> (Minor issue)
	NOTE: https://github.com/gpac/gpac/commit/1ab4860609f2e7a35634930571e7d0531297e090
	NOTE: https://github.com/gpac/gpac/issues/1268
CVE-2019-20629 (An issue was discovered in libgpac.a in GPAC before 0.8.0, as demonstr ...)
	- gpac <unfixed>
	[buster] - gpac <no-dsa> (Minor issue)
	[stretch] - gpac <no-dsa> (Minor issue)
	[jessie] - gpac <ignored> (Minor issue)
	NOTE: https://github.com/gpac/gpac/commit/2320eb73afba753b39b7147be91f7be7afc0eeb7
	NOTE: https://github.com/gpac/gpac/issues/1264
CVE-2019-20628 (An issue was discovered in libgpac.a in GPAC before 0.8.0, as demonstr ...)
	- gpac <unfixed>
	[buster] - gpac <no-dsa> (Minor issue)
	[stretch] - gpac <no-dsa> (Minor issue)
	[jessie] - gpac <ignored> (Minor issue)
	NOTE: https://github.com/gpac/gpac/commit/1ab4860609f2e7a35634930571e7d0531297e090
	NOTE: https://github.com/gpac/gpac/commit/98b727637e32d1d4824101d8947e2dbd573d4fc8
	NOTE: https://github.com/gpac/gpac/issues/1269
CVE-2019-20627 (AutoUpdater.cs in AutoUpdater.NET before 1.5.8 allows XXE. ...)
	NOT-FOR-US: AutoUpdater.NET
CVE-2019-20626 (The remote keyless system on Honda HR-V 2017 vehicles sends the same R ...)
	NOT-FOR-US: Honda HR-V 2017 vehicles
CVE-2019-20625 (An issue was discovered on Samsung mobile devices with N(7.1) and O(8. ...)
	NOT-FOR-US: Samsung mobile devices
CVE-2019-20624 (An issue was discovered on Samsung mobile devices with N(7.x) and O(8. ...)
	NOT-FOR-US: Samsung mobile devices
CVE-2019-20623 (An issue was discovered on Samsung mobile devices with N(7.1), O(8.x), ...)
	NOT-FOR-US: Samsung mobile devices
CVE-2019-20622 (An issue was discovered on Samsung mobile devices with N(7.x), O(8.x), ...)
	NOT-FOR-US: Samsung mobile devices
CVE-2019-20621 (An issue was discovered on Samsung mobile devices with N(7.x), O(8.x), ...)
	NOT-FOR-US: Samsung mobile devices
CVE-2019-20620 (An issue was discovered on Samsung mobile devices with P(9.0) software ...)
	NOT-FOR-US: Samsung mobile devices
CVE-2019-20619 (An issue was discovered on Samsung mobile devices with P(9.0) software ...)
	NOT-FOR-US: Samsung mobile devices
CVE-2019-20618 (An issue was discovered on Samsung mobile devices with P(9.0) software ...)
	NOT-FOR-US: Samsung mobile devices
CVE-2019-20617 (An issue was discovered on Samsung mobile devices with P(9.0) software ...)
	NOT-FOR-US: Samsung mobile devices
CVE-2019-20616 (An issue was discovered on Samsung mobile devices with N(7.x) and O(8. ...)
	NOT-FOR-US: Samsung mobile devices
CVE-2019-20615 (An issue was discovered on Samsung mobile devices with N(7.x) and O(8. ...)
	NOT-FOR-US: Samsung mobile devices
CVE-2019-20614 (An issue was discovered on Samsung mobile devices with N(7.x), O(8.x), ...)
	NOT-FOR-US: Samsung mobile devices
CVE-2019-20613 (An issue was discovered on Samsung mobile devices with N(7.x) and O(8. ...)
	NOT-FOR-US: Samsung mobile devices
CVE-2019-20612 (An issue was discovered on Samsung mobile devices with N(7.x) and O(8. ...)
	NOT-FOR-US: Samsung mobile devices
CVE-2019-20611 (An issue was discovered on Samsung mobile devices with N(7.x), O(8.x), ...)
	NOT-FOR-US: Samsung mobile devices
CVE-2019-20610 (An issue was discovered on Samsung mobile devices with N(7.X) and O(8. ...)
	NOT-FOR-US: Samsung mobile devices
CVE-2019-20609 (An issue was discovered on Samsung mobile devices with P(9.0) software ...)
	NOT-FOR-US: Samsung mobile devices
CVE-2019-20608 (An issue was discovered on Samsung mobile devices with N(7.x), O(8.x), ...)
	NOT-FOR-US: Samsung mobile devices
CVE-2019-20607 (An issue was discovered on Samsung mobile devices with N(7.x), O(8.x), ...)
	NOT-FOR-US: Samsung mobile devices
CVE-2019-20606 (An issue was discovered on Samsung mobile devices with any (before May ...)
	NOT-FOR-US: Samsung mobile devices
CVE-2019-20605 (An issue was discovered on Samsung mobile devices with N(7.x), O(8.x), ...)
	NOT-FOR-US: Samsung mobile devices
CVE-2019-20604 (An issue was discovered on Samsung mobile devices with O(8.x) software ...)
	NOT-FOR-US: Samsung mobile devices
CVE-2019-20603 (An issue was discovered on Samsung mobile devices with N(7.x), O(8.0), ...)
	NOT-FOR-US: Samsung mobile devices
CVE-2019-20602 (An issue was discovered on Samsung mobile devices with N(7.x), O(8.0), ...)
	NOT-FOR-US: Samsung mobile devices
CVE-2019-20601 (An issue was discovered on Samsung mobile devices with N(7.x), O(8.x), ...)
	NOT-FOR-US: Samsung mobile devices
CVE-2019-20600 (An issue was discovered on Samsung mobile devices with O(8.0) and P(9. ...)
	NOT-FOR-US: Samsung mobile devices
CVE-2019-20599 (An issue was discovered on Samsung mobile devices with N(7.x), O(8.x), ...)
	NOT-FOR-US: Samsung mobile devices
CVE-2019-20598 (An issue was discovered on Samsung mobile devices with O(8.x) software ...)
	NOT-FOR-US: Samsung mobile devices
CVE-2019-20597 (An issue was discovered on Samsung mobile devices with N(7.1), O(8.x), ...)
	NOT-FOR-US: Samsung mobile devices
CVE-2019-20596 (An issue was discovered on Samsung mobile devices with N(7.x) and O(8. ...)
	NOT-FOR-US: Samsung mobile devices
CVE-2019-20595 (An issue was discovered on Samsung mobile devices with P(9.0) software ...)
	NOT-FOR-US: Samsung mobile devices
CVE-2019-20594 (An issue was discovered on Samsung mobile devices with O(8.1) and P(9. ...)
	NOT-FOR-US: Samsung mobile devices
CVE-2019-20593 (An issue was discovered on Samsung mobile devices with N(7.x) and O(8. ...)
	NOT-FOR-US: Samsung mobile devices
CVE-2019-20592 (An issue was discovered on Samsung mobile devices with N(7.x), O(8.x), ...)
	NOT-FOR-US: Samsung mobile devices
CVE-2019-20591 (An issue was discovered on Samsung mobile devices with N(7.x), O(8.x), ...)
	NOT-FOR-US: Samsung mobile devices
CVE-2019-20590 (An issue was discovered on Samsung mobile devices with O(8.x) (Qualcom ...)
	NOT-FOR-US: Samsung mobile devices
CVE-2019-20589 (An issue was discovered on Samsung mobile devices with O(8.x) and P(9. ...)
	NOT-FOR-US: Samsung mobile devices
CVE-2019-20588 (An issue was discovered on Samsung mobile devices with O(8.x) and P(9. ...)
	NOT-FOR-US: Samsung mobile devices
CVE-2019-20587 (An issue was discovered on Samsung mobile devices with O(8.1) and P(9. ...)
	NOT-FOR-US: Samsung mobile devices
CVE-2019-20586 (An issue was discovered on Samsung mobile devices with O(8.1) and P(9. ...)
	NOT-FOR-US: Samsung mobile devices
CVE-2019-20585 (An issue was discovered on Samsung mobile devices with O(8.x) and P(9. ...)
	NOT-FOR-US: Samsung mobile devices
CVE-2019-20584 (An issue was discovered on Samsung mobile devices with O(8.x) and P(9. ...)
	NOT-FOR-US: Samsung mobile devices
CVE-2019-20583 (An issue was discovered on Samsung mobile devices with O(8.x) and P(9. ...)
	NOT-FOR-US: Samsung mobile devices
CVE-2019-20582 (An issue was discovered on Samsung mobile devices with O(8.x) and P(9. ...)
	NOT-FOR-US: Samsung mobile devices
CVE-2019-20581 (An issue was discovered on Samsung mobile devices with N(7.x), O(8.x), ...)
	NOT-FOR-US: Samsung mobile devices
CVE-2019-20580 (An issue was discovered on Samsung mobile devices with P(9.0) software ...)
	NOT-FOR-US: Samsung mobile devices
CVE-2019-20579 (An issue was discovered on Samsung mobile devices with N(7.x), O(8.x), ...)
	NOT-FOR-US: Samsung mobile devices
CVE-2019-20578 (An issue was discovered on Samsung mobile devices with P(9.0) (Exynos  ...)
	NOT-FOR-US: Samsung mobile devices
CVE-2019-20577 (An issue was discovered on Samsung mobile devices with P(9.0) (Exynos  ...)
	NOT-FOR-US: Samsung mobile devices
CVE-2019-20576 (An issue was discovered on Samsung mobile devices with P(9.0) software ...)
	NOT-FOR-US: Samsung mobile devices
CVE-2019-20575 (An issue was discovered on Samsung mobile devices with P(9.0) software ...)
	NOT-FOR-US: Samsung mobile devices
CVE-2019-20574 (An issue was discovered on Samsung mobile devices with N(7.x), O(8.x), ...)
	NOT-FOR-US: Samsung mobile devices
CVE-2019-20573 (An issue was discovered on Samsung mobile devices with N(7.x), O(8.x), ...)
	NOT-FOR-US: Samsung mobile devices
CVE-2019-20572 (An issue was discovered on Samsung mobile devices with O(8.1) and P(9. ...)
	NOT-FOR-US: Samsung mobile devices
CVE-2019-20571 (An issue was discovered on Samsung mobile devices with O(8.x) (with TE ...)
	NOT-FOR-US: Samsung mobile devices
CVE-2019-20570 (An issue was discovered on Samsung mobile devices with P(9.0), O(8.0), ...)
	NOT-FOR-US: Samsung mobile devices
CVE-2019-20569 (An issue was discovered on Samsung mobile devices with P(9.0) software ...)
	NOT-FOR-US: Samsung mobile devices
CVE-2019-20568 (An issue was discovered on Samsung mobile devices with O(8.x) and P(9. ...)
	NOT-FOR-US: Samsung mobile devices
CVE-2019-20567 (An issue was discovered on Samsung mobile devices with N(7.x), O(8.x), ...)
	NOT-FOR-US: Samsung mobile devices
CVE-2019-20566 (An issue was discovered on Samsung mobile devices with any (before Sep ...)
	NOT-FOR-US: Samsung mobile devices
CVE-2019-20565 (An issue was discovered on Samsung mobile devices with O(8.x) and P(9. ...)
	NOT-FOR-US: Samsung mobile devices
CVE-2019-20564 (An issue was discovered on Samsung mobile devices with any (before Oct ...)
	NOT-FOR-US: Samsung mobile devices
CVE-2019-20563 (An issue was discovered on Samsung mobile devices with O(8.x) and P(9. ...)
	NOT-FOR-US: Samsung mobile devices
CVE-2019-20562 (An issue was discovered on Samsung mobile devices with P(9.0) (with TE ...)
	NOT-FOR-US: Samsung mobile devices
CVE-2019-20561 (An issue was discovered on Samsung mobile devices with N(7.x), O(8.x), ...)
	NOT-FOR-US: Samsung mobile devices
CVE-2019-20560 (An issue was discovered on Samsung mobile devices with O(8.x) and P(9. ...)
	NOT-FOR-US: Samsung mobile devices
CVE-2019-20559 (An issue was discovered on Samsung mobile devices with P(9.0) software ...)
	NOT-FOR-US: Samsung mobile devices
CVE-2019-20558 (An issue was discovered on Samsung mobile devices with N(7.x), O(8.x), ...)
	NOT-FOR-US: Samsung mobile devices
CVE-2019-20557 (An issue was discovered on Samsung mobile devices with N(7.x), O(8.x), ...)
	NOT-FOR-US: Samsung mobile devices
CVE-2019-20556 (An issue was discovered on Samsung mobile devices with P(9.0) (SM6150, ...)
	NOT-FOR-US: Samsung mobile devices
CVE-2019-20555 (An issue was discovered on Samsung mobile devices with N(7.x) software ...)
	NOT-FOR-US: Samsung mobile devices
CVE-2019-20554 (An issue was discovered on Samsung mobile devices with O(8.x) software ...)
	NOT-FOR-US: Samsung mobile devices
CVE-2019-20553 (An issue was discovered on Samsung mobile devices with P(9.0) (SM6150, ...)
	NOT-FOR-US: Samsung mobile devices
CVE-2019-20552 (An issue was discovered on Samsung mobile devices with P(9.0) software ...)
	NOT-FOR-US: Samsung mobile devices
CVE-2019-20551 (An issue was discovered on Samsung mobile devices with N(7.x), O(8.x), ...)
	NOT-FOR-US: Samsung mobile devices
CVE-2019-20550 (An issue was discovered on Samsung mobile devices with O(8.x) (release ...)
	NOT-FOR-US: Samsung mobile devices
CVE-2019-20549 (An issue was discovered on Samsung mobile devices with N(7.x), O(8.x), ...)
	NOT-FOR-US: Samsung mobile devices
CVE-2019-20548 (An issue was discovered on Samsung mobile devices with P(9.0) devices  ...)
	NOT-FOR-US: Samsung mobile devices
CVE-2019-20547 (An issue was discovered on Samsung mobile devices with O(8.x) and P(9. ...)
	NOT-FOR-US: Samsung mobile devices
CVE-2019-20546 (An issue was discovered on Samsung mobile devices with N(7.x), O(8.x), ...)
	NOT-FOR-US: Samsung mobile devices
CVE-2019-20545 (An issue was discovered on Samsung mobile devices with O(8.x) and P(9. ...)
	NOT-FOR-US: Samsung mobile devices
CVE-2019-20544 (An issue was discovered on Samsung mobile devices with O(8.x) and P(9. ...)
	NOT-FOR-US: Samsung mobile devices
CVE-2019-20543 (An issue was discovered on Samsung mobile devices with P(9.0) software ...)
	NOT-FOR-US: Samsung mobile devices
CVE-2019-20542 (An issue was discovered on Samsung mobile devices with N(7.1), O(8.x), ...)
	NOT-FOR-US: Samsung mobile devices
CVE-2019-20541 (An issue was discovered on Samsung mobile devices with P(9.0) (Exynos  ...)
	NOT-FOR-US: Samsung mobile devices
CVE-2019-20540 (An issue was discovered on Samsung mobile devices with N(7.x), O(8.x), ...)
	NOT-FOR-US: Samsung mobile devices
CVE-2019-20539 (An issue was discovered on Samsung mobile devices with N(7.x), O(8.x), ...)
	NOT-FOR-US: Samsung mobile devices
CVE-2019-20538 (An issue was discovered on Samsung mobile devices with P(9.0) software ...)
	NOT-FOR-US: Samsung mobile devices
CVE-2019-20537 (An issue was discovered on Samsung mobile devices with P(9.0) (TEEGRIS ...)
	NOT-FOR-US: Samsung mobile devices
CVE-2019-20536 (An issue was discovered on Samsung mobile devices with N(7.1), O(8.x), ...)
	NOT-FOR-US: Samsung mobile devices
CVE-2019-20535 (An issue was discovered on Samsung mobile devices with O(8.x) and P(9. ...)
	NOT-FOR-US: Samsung mobile devices
CVE-2019-20534 (An issue was discovered on Samsung mobile devices with P(9.0) software ...)
	NOT-FOR-US: Samsung mobile devices
CVE-2019-20533 (An issue was discovered on Samsung mobile devices with N(7.x), O(8.x), ...)
	NOT-FOR-US: Samsung mobile devices
CVE-2019-20532 (An issue was discovered on Samsung mobile devices with O(8.x), P(9.0), ...)
	NOT-FOR-US: Samsung mobile devices
CVE-2019-20531 (An issue was discovered on Samsung mobile devices with P(9.0) (Exynos  ...)
	NOT-FOR-US: Samsung mobile devices
CVE-2019-20530 (An issue was discovered on Samsung mobile devices with N(7.1), O(8.x), ...)
	NOT-FOR-US: Samsung mobile devices
CVE-2019-20529 (In core/doctype/prepared_report/prepared_report.py in Frappe 11 and 12 ...)
	NOT-FOR-US: Frappe Framework
CVE-2019-20528 (Ignite Realtime Openfire 4.4.1 allows XSS via the setup/setup-datasour ...)
	NOT-FOR-US: Ignite Realtime Openfire
CVE-2019-20527 (Ignite Realtime Openfire 4.4.1 allows XSS via the setup/setup-datasour ...)
	NOT-FOR-US: Ignite Realtime Openfire
CVE-2019-20526 (Ignite Realtime Openfire 4.4.1 allows XSS via the setup/setup-datasour ...)
	NOT-FOR-US: Ignite Realtime Openfire
CVE-2019-20525 (Ignite Realtime Openfire 4.4.1 allows XSS via the setup/setup-datasour ...)
	NOT-FOR-US: Ignite Realtime Openfire
CVE-2019-20524 (ilchCMS 2.1.23 allows XSS via the index.php/partner/index Banner param ...)
	NOT-FOR-US: ilchCMS
CVE-2019-20523 (ilchCMS 2.1.23 allows XSS via the index.php/partner/index Name paramet ...)
	NOT-FOR-US: ilchCMS
CVE-2019-20522 (ilchCMS 2.1.23 allows XSS via the index.php/partner/index Link paramet ...)
	NOT-FOR-US: ilchCMS
CVE-2019-20521 (ERPNext 11.1.47 allows reflected XSS via the PATH_INFO to the api/ URI ...)
	NOT-FOR-US: ERPNext
CVE-2019-20520 (ERPNext 11.1.47 allows reflected XSS via the PATH_INFO to the api/meth ...)
	NOT-FOR-US: ERPNext
CVE-2019-20519 (ERPNext 11.1.47 allows reflected XSS via the PATH_INFO to the user/ UR ...)
	NOT-FOR-US: ERPNext
CVE-2019-20518 (ERPNext 11.1.47 allows reflected XSS via the PATH_INFO to the project/ ...)
	NOT-FOR-US: ERPNext
CVE-2019-20517 (ERPNext 11.1.47 allows reflected XSS via the PATH_INFO to the contact/ ...)
	NOT-FOR-US: ERPNext
CVE-2019-20516 (ERPNext 11.1.47 allows reflected XSS via the PATH_INFO to the blog/ UR ...)
	NOT-FOR-US: ERPNext
CVE-2019-20515 (ERPNext 11.1.47 allows reflected XSS via the PATH_INFO to the addresse ...)
	NOT-FOR-US: ERPNext
CVE-2019-20514 (ERPNext 11.1.47 allows reflected XSS via the PATH_INFO to the address/ ...)
	NOT-FOR-US: ERPNext
CVE-2019-20513 (Open edX Ironwood.1 allows support/certificates?user= reflected XSS. ...)
	NOT-FOR-US: Open edX Ironwood.1
CVE-2019-20512 (Open edX Ironwood.1 allows support/certificates?course_id= reflected X ...)
	NOT-FOR-US: Open edX Ironwood.1
CVE-2019-20511 (ERPNext 11.1.47 allows blog?blog_category= Frame Injection. ...)
	NOT-FOR-US: ERPNext
CVE-2019-20510
	REJECTED
CVE-2019-20509
	REJECTED
CVE-2019-20508
	RESERVED
CVE-2019-20507
	RESERVED
CVE-2019-20506
	RESERVED
CVE-2019-20505
	RESERVED
CVE-2019-20504 (service/krashrpt.php in Quest KACE K1000 Systems Management Appliance  ...)
	NOT-FOR-US: Quest KACE
CVE-2019-20503 (usrsctp before 2019-12-20 has out-of-bounds reads in sctp_load_address ...)
	{DSA-4645-1 DSA-4642-1 DSA-4639-1 DLA-2150-1 DLA-2140-1}
	- libusrsctp 0.9.3.0+20200312-1 (bug #953270)
	- firefox 74.0-1
	- firefox-esr 68.6.0esr-1
	- thunderbird 1:68.6.0-1
	- chromium 80.0.3987.149-1
	[stretch] - chromium <end-of-life> (see DSA 4562)
	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2020-10/#CVE-2019-20503
	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2020-09/#CVE-2019-20503
	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2020-08/#CVE-2019-20503
	NOTE: https://bugs.chromium.org/p/project-zero/issues/detail?id=1992
	NOTE: https://github.com/sctplab/usrsctp/commit/790a7a2555aefb392a5a69923f1e9d17b4968467
CVE-2019-20502 (An issue was discovered in EFS Easy Chat Server 3.1. There is a buffer ...)
	NOT-FOR-US: EFS Easy Chat Server
CVE-2019-20501 (D-Link DWL-2600AP 4.2.0.15 Rev A devices have an authenticated OS comm ...)
	NOT-FOR-US: D-Link
CVE-2019-20500 (D-Link DWL-2600AP 4.2.0.15 Rev A devices have an authenticated OS comm ...)
	NOT-FOR-US: D-Link
CVE-2019-20499 (D-Link DWL-2600AP 4.2.0.15 Rev A devices have an authenticated OS comm ...)
	NOT-FOR-US: D-Link
CVE-2019-20498 (cPanel before 82.0.18 allows WebDAV authentication bypass because the  ...)
	NOT-FOR-US: cPanel
CVE-2019-20497 (cPanel before 82.0.18 allows stored XSS via WHM Backup Restoration (SE ...)
	NOT-FOR-US: cPanel
CVE-2019-20496 (cPanel before 82.0.18 allows attackers to conduct arbitrary chown oper ...)
	NOT-FOR-US: cPanel
CVE-2019-20495 (cPanel before 82.0.18 allows attackers to read an arbitrary database v ...)
	NOT-FOR-US: cPanel
CVE-2019-20494 (In cPanel before 82.0.18, Cpanel::Rand::Get can produce a predictable  ...)
	NOT-FOR-US: cPanel
CVE-2019-20493 (cPanel before 82.0.18 allows self-XSS because JSON string escaping is  ...)
	NOT-FOR-US: cPanel
CVE-2019-20492 (cPanel before 82.0.18 allows authentication bypass because of misparsi ...)
	NOT-FOR-US: cPanel
CVE-2019-20491 (cPanel before 82.0.18 allows attackers to leverage virtual mail accoun ...)
	NOT-FOR-US: cPanel
CVE-2019-20490 (cPanel before 82.0.18 allows authentication bypass because webmail use ...)
	NOT-FOR-US: cPanel
CVE-2019-20489 (An issue was discovered on NETGEAR WNR1000V4 1.1.0.54 devices. The web ...)
	NOT-FOR-US: Netgear
CVE-2019-20488 (An issue was discovered on NETGEAR WNR1000V4 1.1.0.54 devices. Multipl ...)
	NOT-FOR-US: Netgear
CVE-2019-20487 (An issue was discovered on NETGEAR WNR1000V4 1.1.0.54 devices. Multipl ...)
	NOT-FOR-US: Netgear
CVE-2019-20486 (An issue was discovered on NETGEAR WNR1000V4 1.1.0.54 devices. Multipl ...)
	NOT-FOR-US: Netgear
CVE-2019-20485 (qemu/qemu_driver.c in libvirt before 6.0.0 mishandles the holding of a ...)
	- libvirt 6.0.0-2 (low; bug #953078)
	[buster] - libvirt <no-dsa> (Minor issue)
	[stretch] - libvirt <no-dsa> (Minor issue)
	[jessie] - libvirt <not-affected> (Vulnerable code not present)
	NOTE: https://libvirt.org/git/?p=libvirt.git;a=commitdiff;h=a663a860819287e041c3de672aad1d8543098ecc (v6.0.0-rc1)
CVE-2019-20484
	RESERVED
CVE-2019-20483
	RESERVED
CVE-2019-20482
	RESERVED
CVE-2019-20481 (In MIELE XGW 3000 ZigBee Gateway before 2.4.0, the Password Change Fun ...)
	NOT-FOR-US: MIELE XGW 3000 ZigBee Gateway
CVE-2019-20480 (In MIELE XGW 3000 ZigBee Gateway before 2.4.0, a malicious website vis ...)
	NOT-FOR-US: MIELE XGW 3000 ZigBee Gateway
CVE-2019-20479 (A flaw was found in mod_auth_openidc before version 2.4.1. An open red ...)
	{DLA-2130-1}
	- libapache2-mod-auth-openidc 2.4.1-1
	NOTE: https://github.com/zmartzone/mod_auth_openidc/commit/02431c0adfa30f478cf2eb20ed6ea51fdf446be7
	NOTE: https://github.com/zmartzone/mod_auth_openidc/pull/453
CVE-2019-20478 (In ruamel.yaml through 0.16.7, the load method allows remote code exec ...)
	- ruamel.yaml <unfixed> (unimportant)
	NOTE: This is a well-known design deficiency in pyyaml (of which ruamel.yaml is derived),
	NOTE: various CVE IDs have been assigned to applications misusing the API over the years.
	NOTE: pyyaml 5.1 changed the default hebaviour
CVE-2019-20477 (PyYAML 5.1 through 5.1.2 has insufficient restrictions on the load and ...)
	- pyyaml 5.2-1 (unimportant)
	[buster] - pyyaml <not-affected> (Vulnerability introduced in 5.1)
	[stretch] - pyyaml <not-affected> (Vulnerability introduced in 5.1)
	[jessie] - pyyaml <not-affected> (Vulnerability introduced in 5.1)
	NOTE: CVE exists due to an incomplete fix for CVE-2017-18342.
CVE-2019-20476
	RESERVED
CVE-2019-20475
	RESERVED
CVE-2019-20474 (An issue was discovered in Zoho ManageEngine Remote Access Plus 10.0.4 ...)
	NOT-FOR-US: Zoho ManageEngine Remote Access Plus
CVE-2019-20473
	RESERVED
CVE-2019-20472
	RESERVED
CVE-2019-20471
	RESERVED
CVE-2019-20470
	RESERVED
CVE-2019-20469
	RESERVED
CVE-2019-20468
	RESERVED
CVE-2019-20467
	RESERVED
CVE-2019-20466
	RESERVED
CVE-2019-20465
	RESERVED
CVE-2019-20464
	RESERVED
CVE-2019-20463
	RESERVED
CVE-2019-20462
	RESERVED
CVE-2019-20461
	RESERVED
CVE-2019-20460
	RESERVED
CVE-2019-20459
	RESERVED
CVE-2019-20458
	RESERVED
CVE-2019-20457
	RESERVED
CVE-2019-20456 (Goverlan Reach Console before 9.50, Goverlan Reach Server before 3.50, ...)
	NOT-FOR-US: Goverlan
CVE-2019-20455 (Gateways/Gateway.php in Heartland &amp; Global Payments PHP SDK before ...)
	NOT-FOR-US: Heartland & Global Payments PHP SDK
CVE-2019-20454 (An out-of-bounds read was discovered in PCRE before 10.34 when the pat ...)
	- pcre2 10.34-1
	[buster] - pcre2 <no-dsa> (Minor issue)
	[stretch] - pcre2 <no-dsa> (Minor issue)
	NOTE: https://bugs.exim.org/show_bug.cgi?id=2421
	NOTE: https://bugs.php.net/bug.php?id=78338
	NOTE: Fixed by: https://vcs.pcre.org/pcre2?view=revision&revision=1092
	NOTE: Tests: https://vcs.pcre.org/pcre2?view=revision&revision=1091
CVE-2019-20453 (A problem was found in Pydio Core before 8.2.4 and Pydio Enterprise be ...)
	- ajaxplorer <itp> (bug #668381)
CVE-2019-20452 (A problem was found in Pydio Core before 8.2.4 and Pydio Enterprise be ...)
	- ajaxplorer <itp> (bug #668381)
CVE-2019-20451 (The HTTP API in Prismview System 9 11.10.17.00 and Prismview Player 11 ...)
	NOT-FOR-US: Prismview
CVE-2019-20450
	RESERVED
CVE-2019-20449
	RESERVED
CVE-2019-20448
	RESERVED
CVE-2019-20447 (Jobberbase 2.0 has SQL injection via the PATH_INFO to the jobs-in endp ...)
	NOT-FOR-US: Jobberbase CMS
CVE-2019-20446 (In xml.rs in GNOME librsvg before 2.46.2, a crafted SVG file with nest ...)
	- librsvg 2.46.4-1
	[jessie] - librsvg <no-dsa> (Minor issue)
	NOTE: https://gitlab.gnome.org/GNOME/librsvg/issues/515
	NOTE: https://gitlab.gnome.org/GNOME/librsvg/commit/572f95f739529b865e2717664d6fefcef9493135
CVE-2019-20445 (HttpObjectDecoder.java in Netty before 4.1.44 allows a Content-Length  ...)
	{DLA-2110-1 DLA-2109-1}
	- netty 1:4.1.45-1 (bug #950967)
	- netty-3.9 <removed>
	NOTE: https://github.com/netty/netty/issues/9861
	NOTE: https://github.com/netty/netty/commit/8494b046ec7e4f28dbd44bc699cc4c4c92251729 (4.1)
	NOTE: https://github.com/netty/netty/commit/629034624626b722128e0fcc6b3ec9d406cb3706 (4.1)
	NOTE: https://github.com/netty/netty/commit/5f68897880467c00f29495b0aa46ed19bf7a873c (tests)
CVE-2019-20444 (HttpObjectDecoder.java in Netty before 4.1.44 allows an HTTP header th ...)
	{DLA-2110-1 DLA-2109-1}
	- netty 1:4.1.45-1 (bug #950966)
	- netty-3.9 <removed>
	NOTE: https://github.com/netty/netty/issues/9866
	NOTE: https://github.com/netty/netty/commit/a7c18d44b46e02dadfe3da225a06e5091f5f328e (4.1)
CVE-2019-20443 (An issue was discovered in WSO2 API Manager 2.6.0, WSO2 Enterprise Int ...)
	NOT-FOR-US: WSO2
CVE-2019-20442 (An issue was discovered in WSO2 API Manager 2.6.0, WSO2 Enterprise Int ...)
	NOT-FOR-US: WSO2
CVE-2019-20441 (An issue was discovered in WSO2 API Manager 2.6.0. A potential Stored  ...)
	NOT-FOR-US: WSO2
CVE-2019-20440 (An issue was discovered in WSO2 API Manager 2.6.0. A potential Reflect ...)
	NOT-FOR-US: WSO2
CVE-2019-20439 (An issue was discovered in WSO2 API Manager 2.6.0. A potential Reflect ...)
	NOT-FOR-US: WSO2
CVE-2019-20438 (An issue was discovered in WSO2 API Manager 2.6.0. A potential stored  ...)
	NOT-FOR-US: WSO2
CVE-2019-20437 (An issue was discovered in WSO2 API Manager 2.6.0, WSO2 IS as Key Mana ...)
	NOT-FOR-US: WSO2
CVE-2019-20436 (An issue was discovered in WSO2 API Manager 2.6.0, WSO2 IS as Key Mana ...)
	NOT-FOR-US: WSO2
CVE-2019-20435 (An issue was discovered in WSO2 API Manager 2.6.0. A reflected XSS att ...)
	NOT-FOR-US: WSO2
CVE-2019-20434 (An issue was discovered in WSO2 API Manager 2.6.0. A potential Reflect ...)
	NOT-FOR-US: WSO2
CVE-2019-20433 (libaspell.a in GNU Aspell before 0.60.8 has a buffer over-read for a s ...)
	- aspell 0.60.7-3 (bug #935128)
	[buster] - aspell <no-dsa> (Minor issue)
	[stretch] - aspell <no-dsa> (Minor issue)
	[jessie] - aspell <ignored> (Minor issue)
	NOTE: http://aspell.net/buffer-overread-ucs.txt
	NOTE: Fixed by: https://github.com/GNUAspell/aspell/commit/de29341638833ba7717bd6b5e6850998454b044b
	NOTE: Recommended additionally: https://github.com/GNUAspell/aspell/commit/cefd447e5528b08bb0cd6656bc52b4255692cefc
CVE-2019-20432 (In the Lustre file system before 2.12.3, the mdt module has an out-of- ...)
	- lustre <removed>
CVE-2019-20431 (In the Lustre file system before 2.12.3, the ptlrpc module has an osd_ ...)
	- lustre <removed>
CVE-2019-20430 (In the Lustre file system before 2.12.3, the mdt module has an LBUG pa ...)
	- lustre <removed>
CVE-2019-20429 (In the Lustre file system before 2.12.3, the ptlrpc module has an out- ...)
	- lustre <removed>
CVE-2019-20428 (In the Lustre file system before 2.12.3, the ptlrpc module has an out- ...)
	- lustre <removed>
CVE-2019-20427 (In the Lustre file system before 2.12.3, the ptlrpc module has a buffe ...)
	- lustre <removed>
CVE-2019-20426 (In the Lustre file system before 2.12.3, the ptlrpc module has an out- ...)
	- lustre <removed>
CVE-2019-20425 (In the Lustre file system before 2.12.3, the ptlrpc module has an out- ...)
	- lustre <removed>
CVE-2019-20424 (In the Lustre file system before 2.12.3, mdt_object_remote in the mdt  ...)
	- lustre <removed>
CVE-2019-20423 (In the Lustre file system before 2.12.3, the ptlrpc module has a buffe ...)
	- lustre <removed>
CVE-2019-20422 (In the Linux kernel before 5.3.4, fib6_rule_lookup in net/ipv6/ip6_fib ...)
	- linux <not-affected> (Vulnerable code not present)
	NOTE: https://git.kernel.org/linus/7b09c2d052db4b4ad0b27b97918b46a7746966fa
CVE-2019-20421 (In Jp2Image::readMetadata() in jp2image.cpp in Exiv2 0.27.2, an input  ...)
	- exiv2 0.27.2-8 (low; bug #950183)
	[buster] - exiv2 <ignored> (Minor issue)
	[stretch] - exiv2 <ignored> (Minor issue)
	[jessie] - exiv2 <ignored> (Minor issue)
	NOTE: https://github.com/Exiv2/exiv2/commit/a82098f4f90cd86297131b5663c3dec6a34470e8
	NOTE: https://github.com/Exiv2/exiv2/issues/1011
CVE-2019-20420
	RESERVED
CVE-2019-20419
	RESERVED
CVE-2019-20418
	RESERVED
CVE-2019-20417
	RESERVED
CVE-2019-20416
	RESERVED
CVE-2019-20415
	RESERVED
CVE-2019-20414
	RESERVED
CVE-2019-20413
	RESERVED
CVE-2019-20412
	RESERVED
CVE-2019-20411
	RESERVED
CVE-2019-20410
	RESERVED
CVE-2019-20409
	RESERVED
CVE-2019-20408
	RESERVED
CVE-2019-20407 (The ConfigureBambooRelease resource in Jira Software and Jira Software ...)
	NOT-FOR-US: Atlassian Jira
CVE-2019-20406 (The usage of Tomcat in Confluence on the Microsoft Windows operating s ...)
	NOT-FOR-US: Atlassian
CVE-2019-20405 (The JMX monitoring flag in Atlassian Jira Server and Data Center befor ...)
	NOT-FOR-US: Atlassian
CVE-2019-20404 (The API in Atlassian Jira Server and Data Center before version 8.6.0  ...)
	NOT-FOR-US: Atlassian
CVE-2019-20403 (The API in Atlassian Jira Server and Data Center before version 8.6.0  ...)
	NOT-FOR-US: Atlassian
CVE-2019-20402 (Support zip files in Atlassian Jira Server and Data Center before vers ...)
	NOT-FOR-US: Atlassian
CVE-2019-20401 (Various installation setup resources in Jira before version 8.5.2 allo ...)
	NOT-FOR-US: Atlassian
CVE-2019-20400 (The usage of Tomcat in Jira before version 8.5.2 allows local attacker ...)
	NOT-FOR-US: Atlassian
CVE-2019-20399 (A timing vulnerability in the Scalar::check_overflow function in Parit ...)
	NOT-FOR-US: libsecp256k1-rs (Rust Implementation of secp256k1)
CVE-2019-20398 (A NULL pointer dereference is present in libyang before v1.0-r3 in the ...)
	- libyang <unfixed>
	[buster] - libyang <no-dsa> (Minor issue)
	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1793935
	NOTE: https://github.com/CESNET/libyang/commit/7852b272ef77f8098c35deea6c6f09cb78176f08
	NOTE: https://github.com/CESNET/libyang/issues/773
CVE-2019-20397 (A double-free is present in libyang before v1.0-r1 in the function yyp ...)
	- libyang <unfixed>
	[buster] - libyang <no-dsa> (Minor issue)
	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1793928
	NOTE: https://github.com/CESNET/libyang/commit/88bd6c548ba79bce176cd875e9b56e7e0ef4d8d4
	NOTE: https://github.com/CESNET/libyang/issues/739
CVE-2019-20396 (A segmentation fault is present in yyparse in libyang before v1.0-r1 d ...)
	- libyang <unfixed>
	[buster] - libyang <no-dsa> (Minor issue)
	NOTE: https://github.com/CESNET/libyang/commit/a1f17693904ed6fecc8902c747fc50a8f20e6af8
	NOTE: https://github.com/CESNET/libyang/issues/740
CVE-2019-20395 (A stack consumption issue is present in libyang before v1.0-r1 due to  ...)
	- libyang <unfixed>
	[buster] - libyang <no-dsa> (Minor issue)
	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1793924
	NOTE: https://github.com/CESNET/libyang/commit/4e610ccd87a2ba9413819777d508f71163fcc237
	NOTE: https://github.com/CESNET/libyang/issues/724
CVE-2019-20394 (A double-free is present in libyang before v1.0-r3 in the function yyp ...)
	- libyang <unfixed>
	[buster] - libyang <no-dsa> (Minor issue)
	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1793932
	NOTE: https://github.com/CESNET/libyang/commit/6cc51b1757dfbb7cff92de074ada65e8523289a6
	NOTE: https://github.com/CESNET/libyang/issues/769
CVE-2019-20393 (A double-free is present in libyang before v1.0-r1 in the function yyp ...)
	- libyang <unfixed>
	[buster] - libyang <no-dsa> (Minor issue)
	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1793930
	NOTE: https://github.com/CESNET/libyang/commit/d9feacc4a590d35dbc1af21caf9080008b4450ed
	NOTE: https://github.com/CESNET/libyang/issues/742
CVE-2019-20392 (An invalid memory access flaw is present in libyang before v1.0-r1 in  ...)
	- libyang <unfixed>
	[buster] - libyang <no-dsa> (Minor issue)
	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1793922
	NOTE: https://github.com/CESNET/libyang/commit/32fb4993bc8bb49e93e84016af3c10ea53964be5
	NOTE: https://github.com/CESNET/libyang/issues/723
CVE-2019-20391 (An invalid memory access flaw is present in libyang before v1.0-r3 in  ...)
	- libyang <unfixed>
	[buster] - libyang <no-dsa> (Minor issue)
	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1793934
	NOTE: https://github.com/CESNET/libyang/commit/bdb596ddc07596fa212f231135b87d0b9178f6f8
	NOTE: https://github.com/CESNET/libyang/issues/772
CVE-2019-20390
	RESERVED
CVE-2019-20389
	RESERVED
CVE-2019-20388 (xmlSchemaPreRun in xmlschemas.c in libxml2 2.9.10 allows an xmlSchemaV ...)
	- libxml2 2.9.10+dfsg-2.1 (bug #949583)
	[buster] - libxml2 <no-dsa> (Minor issue)
	[stretch] - libxml2 <no-dsa> (Minor issue)
	[jessie] - libxml2 <no-dsa> (Minor issue)
	NOTE: https://gitlab.gnome.org/GNOME/libxml2/commit/7ffcd44d7e6c46704f8af0321d9314cd26e0e18a
CVE-2019-20387 (repodata_schema2id in repodata.c in libsolv before 0.7.6 has a heap-ba ...)
	{DLA-2088-1}
	- libsolv 0.6.36-2 (bug #949611)
	[buster] - libsolv 0.6.35-2+deb10u1
	[stretch] - libsolv 0.6.24-1+deb9u2
	NOTE: https://github.com/openSUSE/libsolv/commit/fdb9c9c03508990e4583046b590c30d958f272da (0.7.6)
CVE-2019-20386 (An issue was discovered in button_open in login/logind-button.c in sys ...)
	- systemd 243-5
	[buster] - systemd <no-dsa> (Minor issue)
	[stretch] - systemd <no-dsa> (Minor issue)
	[jessie] - systemd <no-dsa> (Minor issue)
	NOTE: https://github.com/systemd/systemd/commit/b2774a3ae692113e1f47a336a6c09bac9cfb49ad
CVE-2019-20385 (The CSV upload feature in /supervisor/procesa_carga.php on Logaritmo A ...)
	NOT-FOR-US: Logaritmo Aware CallManager 2012 devices
CVE-2019-20384 (Gentoo Portage through 2.3.84 allows local users to place a Trojan hor ...)
	NOT-FOR-US: Portage
CVE-2019-20383
	RESERVED
CVE-2019-20382 (QEMU 4.1.0 has a memory leak in zrle_compress_data in ui/vnc-enc-zrle. ...)
	- qemu 1:4.2-1
	[buster] - qemu <postponed> (Minor, can be fixed along in future DSA)
	[stretch] - qemu <postponed> (Minor, can be fixed along in future DSA)
	[jessie] - qemu <postponed> (Minor, can be fixed along in future DLA)
	- qemu-kvm <removed>
	NOTE: https://www.openwall.com/lists/oss-security/2020/03/05/1
	NOTE: https://git.qemu.org/?p=qemu.git;a=commitdiff;h=6bf21f3d83e95bcc4ba35a7a07cc6655e8b010b0
CVE-2019-20381 (TestLink before 1.9.20 allows XSS via non-lowercase javascript: in the ...)
	NOT-FOR-US: TestLink
CVE-2019-20380
	RESERVED
CVE-2019-20379 (ganglia-web (aka Ganglia Web Frontend) through 3.7.5 allows XSS via th ...)
	- ganglia-web <unfixed> (unimportant; bug #948664)
	NOTE: https://github.com/ganglia/ganglia-web/issues/351
	NOTE: See README.Debian.security, only supported behind an authenticated HTTP zone, #702776
CVE-2019-20378 (ganglia-web (aka Ganglia Web Frontend) through 3.7.5 allows XSS via th ...)
	- ganglia-web <unfixed> (unimportant; bug #948664)
	NOTE: https://github.com/ganglia/ganglia-web/issues/351
	NOTE: See README.Debian.security, only supported behind an authenticated HTTP zone, #702776
CVE-2019-20377 (TopList before 2019-09-03 allows XSS via a title. ...)
	NOT-FOR-US: TopList
CVE-2019-20376 (A cross-site scripting (XSS) vulnerability in Electronic Logbook (ELOG ...)
	NOT-FOR-US: Electronic Logbook (ELOG)
CVE-2019-20375 (A cross-site scripting (XSS) vulnerability in Electronic Logbook (ELOG ...)
	NOT-FOR-US: Electronic Logbook (ELOG)
CVE-2019-20374 (A mutation cross-site scripting (XSS) issue in Typora through 0.9.9.31 ...)
	NOT-FOR-US: Typora
CVE-2019-20372 (NGINX before 1.17.7, with certain error_page configurations, allows HT ...)
	- nginx 1.16.1-3 (low; bug #948579)
	[buster] - nginx <no-dsa> (Minor issue)
	[stretch] - nginx <no-dsa> (Minor issue)
	[jessie] - nginx <no-dsa> (Minor issue)
	NOTE: https://bertjwregeer.keybase.pub/2019-12-10%20-%20error_page%20request%20smuggling.pdf
	NOTE: https://github.com/nginx/nginx/commit/c1be55f97211d38b69ac0c2027e6812ab8b1b94e
CVE-2019-20373 (LTSP LDM through 2.18.06 allows fat-client root access because the LDM ...)
	{DSA-4601-1 DLA-2064-1}
	- ldm <removed> (bug #948538)
	NOTE: https://git.launchpad.net/~ltsp-upstream/ltsp/+git/ldm/commit/?id=c351ac69ef63ed6c84221cef73e409059661b8ba
	NOTE: https://bugs.launchpad.net/ubuntu/+source/ldm/+bug/1839431
CVE-2019-20371
	RESERVED
CVE-2019-20370
	RESERVED
CVE-2019-20369
	RESERVED
CVE-2019-20368
	RESERVED
CVE-2019-20367 (nlist.c in libbsd before 0.10.0 has an out-of-bounds read during a com ...)
	- libbsd 0.10.0-1
	[buster] - libbsd <no-dsa> (Minor issue)
	[stretch] - libbsd <no-dsa> (Minor issue)
	[jessie] - libbsd <no-dsa> (Minor issue)
	NOTE: https://lists.freedesktop.org/archives/libbsd/2019-August/000229.html
	NOTE: https://gitlab.freedesktop.org/libbsd/libbsd/commit/9d917aad37778a9f4a96ba358415f077f3f36f3b (0.10.0)
CVE-2019-20366 (An XSS issue was discovered in Ignite Realtime Openfire 4.4.4 via isTr ...)
	NOT-FOR-US: Ignite Realtime Openfire
CVE-2019-20365 (An XSS issue was discovered in Ignite Realtime Openfire 4.4.4 via sear ...)
	NOT-FOR-US: Ignite Realtime Openfire
CVE-2019-20364 (An XSS issue was discovered in Ignite Realtime Openfire 4.4.4 via cach ...)
	NOT-FOR-US: Ignite Realtime Openfire
CVE-2019-20363 (An XSS issue was discovered in Ignite Realtime Openfire 4.4.4 via alia ...)
	NOT-FOR-US: Ignite Realtime Openfire
CVE-2019-20362 (In Teradici PCoIP Agent before 19.08.1 and PCoIP Client before 19.08.3 ...)
	NOT-FOR-US: Teradici
CVE-2019-20361 (There was a flaw in the WordPress plugin, Email Subscribers &amp; News ...)
	NOT-FOR-US: Wordpress plugin
CVE-2019-20360 (A flaw in Give before 2.5.5, a WordPress plugin, allowed unauthenticat ...)
	NOT-FOR-US: Wordpress plugin
CVE-2019-20359
	RESERVED
CVE-2019-20358 (Trend Micro Anti-Threat Toolkit (ATTK) versions 1.62.0.1218 and below  ...)
	NOT-FOR-US: Trend Micro
CVE-2019-20357 (A Persistent Arbitrary Code Execution vulnerability exists in the Tren ...)
	NOT-FOR-US: Trend Micro
CVE-2019-20356
	RESERVED
CVE-2019-20355
	RESERVED
CVE-2019-20354 (The web application component of piSignage before 2.6.4 allows a remot ...)
	NOT-FOR-US: piSignage
CVE-2019-20353
	RESERVED
CVE-2019-20352 (In Netwide Assembler (NASM) 2.15rc0, a heap-based buffer over-read occ ...)
	- nasm <unfixed> (unimportant)
	NOTE: https://bugzilla.nasm.us/show_bug.cgi?id=3392636
	NOTE: Crash in CLI tool, no security impact
CVE-2019-20351
	RESERVED
CVE-2019-20350
	RESERVED
CVE-2019-20349
	RESERVED
CVE-2019-20348 (OKER G232V1 v1.03.02.20161129 devices provide a root terminal on a UAR ...)
	NOT-FOR-US: OKER G232V1 devices
CVE-2019-20347
	RESERVED
CVE-2019-20346
	RESERVED
CVE-2019-20345
	RESERVED
CVE-2019-20344
	RESERVED
CVE-2019-20343 (The MojoHaus Exec Maven plugin 1.1.1 for Maven allows code execution v ...)
	NOT-FOR-US: Maven plugin
CVE-2019-20342
	RESERVED
CVE-2019-20341
	RESERVED
CVE-2019-20340
	RESERVED
CVE-2019-20339
	RESERVED
CVE-2019-20338
	RESERVED
CVE-2019-20337 (In PHP Scripts Mall advanced-real-estate-script 4.0.9, the news_edit.p ...)
	NOT-FOR-US: PHP Scripts Mall advanced-real-estate-script
CVE-2019-20336 (In PHP Scripts Mall advanced-real-estate-script 4.0.9, the search-resu ...)
	NOT-FOR-US: PHP Scripts Mall advanced-real-estate-script
CVE-2019-20335
	RESERVED
CVE-2019-20334 (In Netwide Assembler (NASM) 2.14.02, stack consumption occurs in expr# ...)
	- nasm <unfixed> (unimportant)
	NOTE: https://bugzilla.nasm.us/show_bug.cgi?id=3392548#c4
	NOTE: https://bugzilla.nasm.us/show_bug.cgi?id=3392638
	NOTE: Crash in CLI tool, no security impact
CVE-2019-20333
	RESERVED
CVE-2019-20332
	RESERVED
CVE-2019-20331
	RESERVED
CVE-2019-20330 (FasterXML jackson-databind 2.x before 2.9.10.2 lacks certain net.sf.eh ...)
	{DLA-2111-1}
	- jackson-databind 2.10.1-1
	[buster] - jackson-databind <no-dsa> (Minor issue; can be fixed via a point release)
	[stretch] - jackson-databind <no-dsa> (Minor issue; can be fixed via a point release)
	NOTE: https://github.com/FasterXML/jackson-databind/issues/2526
	NOTE: https://github.com/FasterXML/jackson-databind/commit/fc4214a883dc087070f25da738ef0d49c2f3387e
CVE-2019-20329 (OpenLambda 2019-09-10 allows DNS rebinding attacks against the OL serv ...)
	NOT-FOR-US: OpenLambda
CVE-2019-20328
	RESERVED
CVE-2019-20327 (Insecure permissions in cwrapper_perl in Centreon Infrastructure Monit ...)
	NOT-FOR-US: Centreon Infrastructure Monitoring
CVE-2019-20325
	REJECTED
CVE-2019-20324
	REJECTED
CVE-2019-20323
	REJECTED
CVE-2019-20322
	REJECTED
CVE-2019-20321
	REJECTED
CVE-2019-20320
	REJECTED
CVE-2019-20319
	REJECTED
CVE-2019-20318
	REJECTED
CVE-2019-20317
	REJECTED
CVE-2019-20316
	REJECTED
CVE-2019-20315
	REJECTED
CVE-2019-20314
	REJECTED
CVE-2019-20313
	REJECTED
CVE-2019-20312
	REJECTED
CVE-2019-20311
	REJECTED
CVE-2019-20310
	REJECTED
CVE-2019-20309
	REJECTED
CVE-2019-20308
	REJECTED
CVE-2019-20307
	REJECTED
CVE-2019-20306
	REJECTED
CVE-2019-20305
	REJECTED
CVE-2019-20304
	REJECTED
CVE-2019-20303
	REJECTED
CVE-2019-20302
	REJECTED
CVE-2019-20301
	REJECTED
CVE-2019-20300
	REJECTED
CVE-2019-20299
	REJECTED
CVE-2019-20298
	REJECTED
CVE-2019-20297
	REJECTED
CVE-2019-20296
	REJECTED
CVE-2019-20295
	REJECTED
CVE-2019-20294
	REJECTED
CVE-2019-20293
	REJECTED
CVE-2019-20292
	REJECTED
CVE-2019-20291
	REJECTED
CVE-2019-20290
	REJECTED
CVE-2019-20289
	REJECTED
CVE-2019-20288
	REJECTED
CVE-2019-20287
	REJECTED
CVE-2019-20286
	REJECTED
CVE-2019-20285
	REJECTED
CVE-2019-20284
	REJECTED
CVE-2019-20283
	REJECTED
CVE-2019-20282
	REJECTED
CVE-2019-20281
	REJECTED
CVE-2019-20280
	REJECTED
CVE-2019-20279
	REJECTED
CVE-2019-20278
	REJECTED
CVE-2019-20277
	REJECTED
CVE-2019-20276
	REJECTED
CVE-2019-20275
	REJECTED
CVE-2019-20274
	REJECTED
CVE-2019-20273
	REJECTED
CVE-2019-20272
	REJECTED
CVE-2019-20271
	REJECTED
CVE-2019-20270
	REJECTED
CVE-2019-20269
	REJECTED
CVE-2019-20268
	REJECTED
CVE-2019-20267
	REJECTED
CVE-2019-20266
	REJECTED
CVE-2019-20265
	REJECTED
CVE-2019-20264
	REJECTED
CVE-2019-20263
	REJECTED
CVE-2019-20262
	REJECTED
CVE-2019-20261
	REJECTED
CVE-2019-20260
	REJECTED
CVE-2019-20259
	REJECTED
CVE-2019-20258
	REJECTED
CVE-2019-20257
	REJECTED
CVE-2019-20256
	REJECTED
CVE-2019-20255
	REJECTED
CVE-2019-20254
	REJECTED
CVE-2019-20253
	REJECTED
CVE-2019-20252
	REJECTED
CVE-2019-20251
	REJECTED
CVE-2019-20250
	REJECTED
CVE-2019-20249
	REJECTED
CVE-2019-20248
	REJECTED
CVE-2019-20247
	REJECTED
CVE-2019-20246
	REJECTED
CVE-2019-20245
	REJECTED
CVE-2019-20244
	REJECTED
CVE-2019-20243
	REJECTED
CVE-2019-20242
	REJECTED
CVE-2019-20241
	REJECTED
CVE-2019-20240
	REJECTED
CVE-2019-20239
	REJECTED
CVE-2019-20238
	REJECTED
CVE-2019-20237
	REJECTED
CVE-2019-20236
	REJECTED
CVE-2019-20235
	REJECTED
CVE-2019-20234
	REJECTED
CVE-2019-20233
	REJECTED
CVE-2019-20232
	REJECTED
CVE-2019-20231
	REJECTED
CVE-2019-20230
	REJECTED
CVE-2019-20229
	REJECTED
CVE-2019-20228
	REJECTED
CVE-2019-20227
	REJECTED
CVE-2019-20226
	REJECTED
CVE-2019-20326 (A heap-based buffer overflow in _cairo_image_surface_create_from_jpeg( ...)
	{DLA-2066-1}
	- gthumb <unfixed> (bug #948197)
	[buster] - gthumb <no-dsa> (Minor issue)
	[stretch] - gthumb <no-dsa> (Minor issue)
	NOTE: https://gitlab.gnome.org/GNOME/gthumb/commit/14860321ce3235d420498c4f81f21003d1fb78f4 (3.8.3)
	NOTE: https://gitlab.gnome.org/GNOME/gthumb/commit/4faa5ce2358812d23a1147953ee76f59631590ad (master)
CVE-2019-20225 (MyBB before 1.8.22 allows an open redirect on login. ...)
	NOT-FOR-US: MyBB
CVE-2019-20224 (netflow_get_stats in functions_netflow.php in Pandora FMS 7.0NG allows ...)
	NOT-FOR-US: Pandora FMS
CVE-2019-20223 (In Support Incident Tracker (SiT!) 3.67, the id parameter is affected  ...)
	NOT-FOR-US: Support Incident Tracker
CVE-2019-20222 (In Support Incident Tracker (SiT!) 3.67, the Short Application Name an ...)
	NOT-FOR-US: Support Incident Tracker
CVE-2019-20221 (In Support Incident Tracker (SiT!) 3.67, Load Plugins input in the con ...)
	NOT-FOR-US: Support Incident Tracker
CVE-2019-20220 (In Support Incident Tracker (SiT!) 3.67, the search_id parameter in th ...)
	NOT-FOR-US: Support Incident Tracker
CVE-2019-20219 (ngiflib 0.4 has a heap-based buffer over-read in GifIndexToTrueColor i ...)
	NOT-FOR-US: ngiflib
CVE-2019-20218 (selectExpander in select.c in SQLite 3.30.1 proceeds with WITH stack u ...)
	- sqlite3 3.30.1+fossil191229-1
	[buster] - sqlite3 <no-dsa> (Minor issue)
	[stretch] - sqlite3 <no-dsa> (Minor issue)
	[jessie] - sqlite3 <no-dsa> (Minor issue)
	NOTE: Fixed by: https://github.com/sqlite/sqlite/commit/a6c1a71cde082e09750465d5675699062922e387
CVE-2019-20217 (D-Link DIR-859 1.05 and 1.06B01 Beta01 devices allow remote attackers  ...)
	NOT-FOR-US: D-Link
CVE-2019-20216 (D-Link DIR-859 1.05 and 1.06B01 Beta01 devices allow remote attackers  ...)
	NOT-FOR-US: D-Link
CVE-2019-20215 (D-Link DIR-859 1.05 and 1.06B01 Beta01 devices allow remote attackers  ...)
	NOT-FOR-US: D-Link
CVE-2019-20214
	RESERVED
CVE-2019-20213 (D-Link DIR-859 routers before v1.07b03_beta allow Unauthenticated Info ...)
	NOT-FOR-US: D-Link
CVE-2019-20212 (The CTHthemes CityBook before 2.3.4, TownHub before 1.0.6, and EasyBoo ...)
	NOT-FOR-US: themes for WordPress
CVE-2019-20211 (The CTHthemes CityBook before 2.3.4, TownHub before 1.0.6, and EasyBoo ...)
	NOT-FOR-US: themes for WordPress
CVE-2019-20210 (The CTHthemes CityBook before 2.3.4, TownHub before 1.0.6, and EasyBoo ...)
	NOT-FOR-US: themes for WordPress
CVE-2019-20209 (The CTHthemes CityBook before 2.3.4, TownHub before 1.0.6, and EasyBoo ...)
	NOT-FOR-US: themes for WordPress
CVE-2019-20208 (dimC_Read in isomedia/box_code_3gpp.c in GPAC 0.8.0 has a stack-based  ...)
	{DLA-2072-1}
	- gpac <unfixed>
	[buster] - gpac <no-dsa> (Minor issue)
	[stretch] - gpac <no-dsa> (Minor issue)
	NOTE: https://github.com/gpac/gpac/issues/1348
	NOTE: https://github.com/gpac/gpac/commit/bcfcb3e90476692fe0d2bb532ea8deeb2a77580e (chunk #1)
CVE-2019-20207
	RESERVED
CVE-2019-20206
	RESERVED
CVE-2019-20205 (libsixel 1.8.4 has an integer overflow in sixel_frame_resize in frame. ...)
	- libsixel 1.8.6-1 (low; bug #948103)
	[buster] - libsixel <no-dsa> (Minor issue)
	[stretch] - libsixel <no-dsa> (Minor issue)
	[jessie] - libsixel <no-dsa> (Minor issue)
	NOTE: https://github.com/saitoha/libsixel/issues/127
	NOTE: https://github.com/saitoha/libsixel/commit/bb65fce3bbecdd325ecb86d78132c3554907af87
CVE-2019-20204 (The Postie plugin 1.9.40 for WordPress allows XSS, as demonstrated by  ...)
	NOT-FOR-US: Postie plugin for WordPress
CVE-2019-20203 (The Authorized Addresses feature in the Postie plugin 1.9.40 for WordP ...)
	NOT-FOR-US: Authorized Addresses feature in the Postie plugin for WordPress
CVE-2019-20202 (An issue was discovered in ezXML 0.8.3 through 0.8.6. The function ezx ...)
	NOT-FOR-US: ezXML
CVE-2019-20201 (An issue was discovered in ezXML 0.8.3 through 0.8.6. The ezxml_parse_ ...)
	NOT-FOR-US: ezXML
CVE-2019-20200 (An issue was discovered in ezXML 0.8.3 through 0.8.6. The function ezx ...)
	NOT-FOR-US: ezXML
CVE-2019-20199 (An issue was discovered in ezXML 0.8.3 through 0.8.6. The function ezx ...)
	NOT-FOR-US: ezXML
CVE-2019-20198 (An issue was discovered in ezXML 0.8.3 through 0.8.6. The function ezx ...)
	NOT-FOR-US: ezXML
CVE-2019-20197 (In Nagios XI 5.6.9, an authenticated user is able to execute arbitrary ...)
	NOT-FOR-US: Nagios XI
CVE-2019-20196
	RESERVED
CVE-2019-20195
	RESERVED
CVE-2019-20194
	RESERVED
CVE-2019-20193
	RESERVED
CVE-2019-20192
	RESERVED
CVE-2019-20191 (Oxygen XML Editor 21.1.1 allows XXE to read any file. ...)
	NOT-FOR-US: Oxygen XML Editor
CVE-2019-20190
	RESERVED
CVE-2019-20189
	RESERVED
CVE-2019-20188
	RESERVED
CVE-2019-20187
	RESERVED
CVE-2019-20186
	RESERVED
CVE-2019-20185
	RESERVED
CVE-2019-20184 (KeePass 2.4.1 allows CSV injection in the title field of a CSV export. ...)
	- keepass2 <unfixed> (unimportant)
	NOTE: No security impact
CVE-2019-20183 (uploadimage.php in Employee Records System 1.0 allows upload and execu ...)
	NOT-FOR-US: Employee Records System
CVE-2019-20182 (The FooGallery plugin 1.8.12 for WordPress allow XSS via the post_titl ...)
	NOT-FOR-US: Wordpress plugin
CVE-2019-20181 (The awesome-support plugin 5.8.0 for WordPress allows XSS via the post ...)
	NOT-FOR-US: Wordpress plugin
CVE-2019-20180 (The TablePress plugin 1.9.2 for WordPress allows tablepress[data] CSV  ...)
	NOT-FOR-US: Wordpress plugin
CVE-2019-20179 (SOPlanning 1.45 has SQL injection via the user_list.php "by" parameter ...)
	NOT-FOR-US: SOPlanning
CVE-2019-20178 (Advisto PEEL Shopping 9.2.1 has CSRF via administrer/utilisateurs.php  ...)
	NOT-FOR-US: Advisto PEEL Shopping
CVE-2019-20177
	RESERVED
CVE-2019-20176 (In Pure-FTPd 1.0.49, a stack exhaustion issue was discovered in the li ...)
	- pure-ftpd 1.0.49-2 (low; bug #947869)
	[buster] - pure-ftpd <no-dsa> (Minor issue)
	[stretch] - pure-ftpd <no-dsa> (Minor issue)
	[jessie] - pure-ftpd <no-dsa> (Minor issue)
	NOTE: https://github.com/jedisct1/pure-ftpd/commit/aea56f4bcb9948d456f3fae4d044fd3fa2e19706
CVE-2019-20175 (** DISPUTED ** An issue was discovered in ide_dma_cb() in hw/ide/core. ...)
	- qemu <unfixed> (unimportant)
	NOTE: https://lists.nongnu.org/archive/html/qemu-devel/2019-07/msg01651.html
	NOTE: https://lists.nongnu.org/archive/html/qemu-devel/2019-07/msg03869.html
	NOTE: https://lists.nongnu.org/archive/html/qemu-devel/2019-11/msg00597.html
	NOTE: https://lists.nongnu.org/archive/html/qemu-devel/2019-11/msg02165.html
	NOTE: Marked unimportant, as negligible security impact (a privileged guest
	NOTE: can trigger similar issues without triggering the specific assert) and
	NOTE: is disputed by QEMU security team.
CVE-2019-20174 (Auth0 Lock before 11.21.0 allows XSS when additionalSignUpFields is us ...)
	NOT-FOR-US: Auth0 Lock
CVE-2019-20173 (The Auth0 wp-auth0 plugin 3.11.x before 3.11.3 for WordPress allows XS ...)
	NOT-FOR-US: Auth0 wp-auth0 plugin for WordPress
CVE-2019-20172 (Kernel/VM/MemoryManager.cpp in SerenityOS before 2019-12-30 does not r ...)
	NOT-FOR-US: SerenityOS
CVE-2019-20171 (An issue was discovered in GPAC version 0.8.0 and 0.9.0-development-20 ...)
	{DLA-2072-1}
	- gpac <unfixed> (low)
	[buster] - gpac <no-dsa> (Minor issue)
	[stretch] - gpac <no-dsa> (Minor issue)
	NOTE: https://github.com/gpac/gpac/issues/1337
	NOTE: https://github.com/gpac/gpac/commit/72cdc5048dead86bb1df7d21e0b9975e49cf2d97
	NOTE: https://github.com/gpac/gpac/commit/2bcca3f1d4605100bb27d3ed7be25b53cddbc75c
CVE-2019-20170 (An issue was discovered in GPAC version 0.8.0 and 0.9.0-development-20 ...)
	{DLA-2072-1}
	- gpac <unfixed> (low)
	[buster] - gpac <no-dsa> (Minor issue)
	[stretch] - gpac <no-dsa> (Minor issue)
	NOTE: https://github.com/gpac/gpac/issues/1328
	NOTE: https://github.com/gpac/gpac/commit/16856430287cc10f495eb241910b4dc45b193e03
CVE-2019-20169 (An issue was discovered in GPAC version 0.8.0 and 0.9.0-development-20 ...)
	- gpac <not-affected> (Vulnerability introduced later, fix relates to 'use_dump_mode' introduced in v0.7.0)
	NOTE: https://github.com/gpac/gpac/issues/1329
	NOTE: Introduces use_dump_mode: https://github.com/gpac/gpac/commit/9ea1fb39891669014a6e7592a4422e8de630cdc0 (v0.7.0)
	NOTE: https://github.com/gpac/gpac/commit/a8b6246da925cf744805c9427a01fcacb53314bb
CVE-2019-20168 (An issue was discovered in GPAC version 0.8.0 and 0.9.0-development-20 ...)
	- gpac <not-affected> (Vulnerability introduced later, fix relates to 'use_dump_mode' introduced in v0.7.0)
	NOTE: https://github.com/gpac/gpac/issues/1333
	NOTE: Introduces use_dump_mode: https://github.com/gpac/gpac/commit/9ea1fb39891669014a6e7592a4422e8de630cdc0 (v0.7.0)
	NOTE: Uncovers/makes visible the vulnerability: https://github.com/gpac/gpac/commit/697d6afb3cd012d442e12400b6841ebd1256a354 (v0.8.0)
	NOTE: https://github.com/gpac/gpac/commit/a8b6246da925cf744805c9427a01fcacb53314bb
CVE-2019-20167 (An issue was discovered in GPAC version 0.8.0 and 0.9.0-development-20 ...)
	- gpac <not-affected> (Vulnerable code introduced in development version after v0.8.0)
	NOTE: https://github.com/gpac/gpac/issues/1330
	NOTE: https://github.com/gpac/gpac/commit/5250afecbc770c8f26829e9566d5b226a3c5fa80 (chunk #3)
CVE-2019-20166 (An issue was discovered in GPAC version 0.8.0 and 0.9.0-development-20 ...)
	- gpac <not-affected> (Vulnerable code introduced in 0.7.0)
	NOTE: https://github.com/gpac/gpac/issues/1331
	NOTE: https://github.com/gpac/gpac/commit/5250afecbc770c8f26829e9566d5b226a3c5fa80 (chunk #2)
CVE-2019-20165 (An issue was discovered in GPAC version 0.8.0 and 0.9.0-development-20 ...)
	{DLA-2072-1}
	- gpac <unfixed> (low)
	[buster] - gpac <no-dsa> (Minor issue)
	[stretch] - gpac <no-dsa> (Minor issue)
	NOTE: https://github.com/gpac/gpac/issues/1338
	NOTE: https://github.com/gpac/gpac/commit/5250afecbc770c8f26829e9566d5b226a3c5fa80 (chunk #1)
CVE-2019-20164 (An issue was discovered in GPAC version 0.8.0 and 0.9.0-development-20 ...)
	- gpac <not-affected> (Vulnerable code introduced in 0.7.0)
	NOTE: https://github.com/gpac/gpac/issues/1332
	NOTE: https://github.com/gpac/gpac/commit/5250afecbc770c8f26829e9566d5b226a3c5fa80 (chunk #2)
CVE-2019-20163 (An issue was discovered in GPAC version 0.8.0 and 0.9.0-development-20 ...)
	{DLA-2072-1}
	- gpac <unfixed> (low)
	[buster] - gpac <no-dsa> (Minor issue)
	[stretch] - gpac <no-dsa> (Minor issue)
	NOTE: https://github.com/gpac/gpac/issues/1335
	NOTE: https://github.com/gpac/gpac/commit/5250afecbc770c8f26829e9566d5b226a3c5fa80 (chunk #4)
CVE-2019-20162 (An issue was discovered in GPAC version 0.8.0 and 0.9.0-development-20 ...)
	{DLA-2072-1}
	- gpac <unfixed>
	NOTE: https://github.com/gpac/gpac/issues/1327
	NOTE: https://github.com/gpac/gpac/commit/3c0ba42546c8148c51169c3908e845c308746c77
CVE-2019-20161 (An issue was discovered in GPAC version 0.8.0 and 0.9.0-development-20 ...)
	{DLA-2072-1}
	- gpac <unfixed>
	NOTE: https://github.com/gpac/gpac/issues/1320
	NOTE: https://github.com/gpac/gpac/commit/7a09732d4978586e6284e84caa9c301b2fa5e956
CVE-2019-20160 (An issue was discovered in GPAC version 0.8.0 and 0.9.0-development-20 ...)
	- gpac <not-affected> (Vulnerable code introduced in 0.8.0)
	NOTE: https://github.com/gpac/gpac/issues/1334
	NOTE: Introduced in: https://github.com/gpac/gpac/commit/d7c2bb5cc3c67566f506f51cbefbf66f8169ea85
	NOTE: Fixed by: https://github.com/gpac/gpac/commit/bcfcb3e90476692fe0d2bb532ea8deeb2a77580e (chunk #2)
CVE-2019-20159 (An issue was discovered in GPAC version 0.8.0 and 0.9.0-development-20 ...)
	- gpac <not-affected> (Vulnerable code introduced in 0.7.0)
	NOTE: https://github.com/gpac/gpac/issues/1321
	NOTE: Introduced in: https://github.com/gpac/gpac/commit/261fab7f51479ae8b1732350d9d4cc456c4919af (v0.7.0)
	NOTE: Fixed by: https://github.com/gpac/gpac/commit/e4c1f09ab9618b6af3bec6b94b8b349f2d01dbf8
CVE-2019-20158
	RESERVED
CVE-2019-20157
	RESERVED
CVE-2019-20156
	RESERVED
CVE-2019-20155 (An issue was discovered in report_edit.jsp in Determine (formerly Sele ...)
	NOT-FOR-US: Determine (formerly Selectica) Contract Lifecycle Management
CVE-2019-20154 (An issue was discovered in Determine (formerly Selectica) Contract Lif ...)
	NOT-FOR-US: Determine (formerly Selectica) Contract Lifecycle Management
CVE-2019-20153 (An issue was discovered in Determine (formerly Selectica) Contract Lif ...)
	NOT-FOR-US: Determine (formerly Selectica) Contract Lifecycle Management
CVE-2019-20152
	RESERVED
CVE-2019-20151
	RESERVED
CVE-2019-20150
	RESERVED
CVE-2019-20149 (ctorName in index.js in kind-of v6.0.2 allows external user input to o ...)
	- node-kind-of 6.0.3+dfsg-1 (bug #948095)
	[buster] - node-kind-of 6.0.2+dfsg-1+deb10u1
	[stretch] - node-kind-of <no-dsa> (Minor issue; can be fixed via point release)
	NOTE: https://github.com/jonschlinkert/kind-of/issues/30
	NOTE: https://github.com/jonschlinkert/kind-of/pull/31
CVE-2019-20148 (An issue was discovered in GitLab Community Edition (CE) and Enterpris ...)
	[experimental] - gitlab 12.6.2-1
	- gitlab 12.6.8-3
	NOTE: https://about.gitlab.com/blog/2020/01/02/security-release-gitlab-12-6-2-released/
CVE-2019-20147 (An issue was discovered in GitLab Community Edition (CE) and Enterpris ...)
	[experimental] - gitlab 12.6.2-1
	- gitlab 12.6.8-3
	NOTE: https://about.gitlab.com/blog/2020/01/02/security-release-gitlab-12-6-2-released/
CVE-2019-20146 (An issue was discovered in GitLab Community Edition (CE) and Enterpris ...)
	[experimental] - gitlab 12.6.2-1
	- gitlab 12.6.8-3
	NOTE: https://about.gitlab.com/blog/2020/01/02/security-release-gitlab-12-6-2-released/
CVE-2019-20145 (An issue was discovered in GitLab Community Edition (CE) and Enterpris ...)
	[experimental] - gitlab 12.6.2-1
	- gitlab 12.6.8-3
	NOTE: https://about.gitlab.com/blog/2020/01/02/security-release-gitlab-12-6-2-released/
CVE-2019-20144 (An issue was discovered in GitLab Community Edition (CE) and Enterpris ...)
	[experimental] - gitlab 12.6.2-1
	- gitlab 12.6.8-3
	NOTE: https://about.gitlab.com/blog/2020/01/02/security-release-gitlab-12-6-2-released/
CVE-2019-20143 (An issue was discovered in GitLab Community Edition (CE) and Enterpris ...)
	- gitlab <not-affected> (Only affects Gitlab CE 12.6)
	NOTE: https://about.gitlab.com/blog/2020/01/02/security-release-gitlab-12-6-2-released/
CVE-2019-20142 (An issue was discovered in GitLab Community Edition (CE) and Enterpris ...)
	- gitlab <not-affected> (Only affects Gitlab CE 12.3 and later)
	NOTE: https://about.gitlab.com/blog/2020/01/02/security-release-gitlab-12-6-2-released/
CVE-2019-20141 (An XSS issue was discovered in the Laborator Neon theme 2.0 for WordPr ...)
	NOT-FOR-US: Laborator Neon theme for WordPress
CVE-2019-20140 (An issue was discovered in libsixel 1.8.4. There is a heap-based buffe ...)
	- libsixel 1.8.6-1 (low; bug #948103)
	[buster] - libsixel <no-dsa> (Minor issue)
	[stretch] - libsixel <no-dsa> (Minor issue)
	[jessie] - libsixel <no-dsa> (Minor issue)
	NOTE: https://github.com/saitoha/libsixel/issues/122
	NOTE: https://github.com/saitoha/libsixel/commit/598c8c88c97fd2eb5f6f5d1324fc325e66317f0c
CVE-2019-20139 (In Nagios XI 5.6.9, XSS exists via the nocscreenapi.php host, hostgrou ...)
	NOT-FOR-US: Nagios XI
CVE-2019-20138 (The HTTP Authentication library before 2019-12-27 for Nim has weak pas ...)
	NOT-FOR-US: HTTP Authentication library for Nim
CVE-2019-20137
	RESERVED
CVE-2019-20136
	RESERVED
CVE-2019-20135
	RESERVED
CVE-2019-20134
	RESERVED
CVE-2019-20133
	RESERVED
CVE-2019-20132
	RESERVED
CVE-2019-20131
	RESERVED
CVE-2019-20130
	RESERVED
CVE-2019-20129
	RESERVED
CVE-2019-20128
	RESERVED
CVE-2019-20127
	RESERVED
CVE-2019-20126
	RESERVED
CVE-2019-20125
	RESERVED
CVE-2019-20124
	RESERVED
CVE-2019-20123
	RESERVED
CVE-2019-20122
	RESERVED
CVE-2019-20121
	RESERVED
CVE-2019-20120
	RESERVED
CVE-2019-20119
	RESERVED
CVE-2019-20118
	RESERVED
CVE-2019-20117
	RESERVED
CVE-2019-20116
	RESERVED
CVE-2019-20115
	RESERVED
CVE-2019-20114
	RESERVED
CVE-2019-20113
	RESERVED
CVE-2019-20112
	RESERVED
CVE-2019-20111
	RESERVED
CVE-2019-20110
	RESERVED
CVE-2019-20109
	RESERVED
CVE-2019-20108
	RESERVED
CVE-2019-20107 (Multiple SQL injection vulnerabilities in TestLink through 1.9.19 allo ...)
	NOT-FOR-US: TestLink
CVE-2019-20106 (Comment properties in Atlassian Jira Server and Data Center before ver ...)
	NOT-FOR-US: Atlassian
CVE-2019-20105 (The EditApplinkServlet resource in the Atlassian Application Links plu ...)
	NOT-FOR-US: Atlassian
CVE-2019-20104 (The OpenID client application in Atlassian Crowd before version 3.6.2, ...)
	NOT-FOR-US: Atlassian
CVE-2019-20103
	RESERVED
CVE-2019-20102
	RESERVED
CVE-2019-20101
	RESERVED
CVE-2019-20100 (The Atlassian Application Links plugin is vulnerable to cross-site req ...)
	NOT-FOR-US: Atlassian Application Links plugin
CVE-2019-20099 (The VerifyPopServerConnection!add.jspa component in Atlassian Jira Ser ...)
	NOT-FOR-US: Atlassian
CVE-2019-20098 (The VerifySmtpServerConnection!add.jspa component in Atlassian Jira Se ...)
	NOT-FOR-US: Atlassian
CVE-2019-20097 (Bitbucket Server and Bitbucket Data Center versions starting from 1.0. ...)
	NOT-FOR-US: Bitbucket Server and Bitbucket Data Center
CVE-2019-20096 (In the Linux kernel before 5.1, there is a memory leak in __feat_regis ...)
	{DLA-2114-1}
	- linux 5.2.6-1
	[buster] - linux 4.19.98-1
	[stretch] - linux 4.9.210-1
	[jessie] - linux 3.16.72-1
	NOTE: https://git.kernel.org/linus/1d3ff0950e2b40dc861b1739029649d03f591820
CVE-2019-20095 (mwifiex_tm_cmd in drivers/net/wireless/marvell/mwifiex/cfg80211.c in t ...)
	- linux 5.2.6-1
	[buster] - linux 4.19.67-1
	[stretch] - linux 4.9.184-1
	[jessie] - linux <not-affected> (Vulnerable code introduced later)
	NOTE: https://git.kernel.org/linus/003b686ace820ce2d635a83f10f2d7f9c147dabc
CVE-2019-20094 (An issue was discovered in libsixel 1.8.4. There is a heap-based buffe ...)
	- libsixel 1.8.6-1 (low; bug #948103)
	[buster] - libsixel <no-dsa> (Minor issue)
	[stretch] - libsixel <no-dsa> (Minor issue)
	[jessie] - libsixel <no-dsa> (Minor issue)
	NOTE: https://github.com/saitoha/libsixel/issues/125
	NOTE: https://github.com/saitoha/libsixel/commit/a18b3789cfd147028403c17fe79a43b169d8f034
CVE-2019-20093 (The PoDoFo::PdfVariant::DelayedLoad function in PdfVariant.h in PoDoFo ...)
	- libpodofo <unfixed>
	[buster] - libpodofo <no-dsa> (Minor issue)
	[stretch] - libpodofo <no-dsa> (Minor issue)
	[jessie] - libpodofo <no-dsa> (Minor issue)
	NOTE: https://sourceforge.net/p/podofo/tickets/75/
CVE-2019-20092 (An issue was discovered in Bento4 1.5.1.0. There is a NULL pointer der ...)
	NOT-FOR-US: Bento4
CVE-2019-20091 (An issue was discovered in Bento4 1.5.1.0. There is a NULL pointer der ...)
	NOT-FOR-US: Bento4
CVE-2019-20090 (An issue was discovered in Bento4 1.5.1.0. There is a use-after-free i ...)
	NOT-FOR-US: Bento4
CVE-2019-20089 (GoPro GPMF-parser 1.2.3 has an heap-based buffer over-read in GPMF_See ...)
	NOT-FOR-US: gpmf-parser
CVE-2019-20088 (GoPro GPMF-parser 1.2.3 has a heap-based buffer over-read in GetPayloa ...)
	NOT-FOR-US: gpmf-parser
CVE-2019-20087 (GoPro GPMF-parser 1.2.3 has a heap-based buffer over-read in GPMF_seek ...)
	NOT-FOR-US: gpmf-parser
CVE-2019-20086 (GoPro GPMF-parser 1.2.3 has a heap-based buffer over-read in GPMF_Next ...)
	NOT-FOR-US: gpmf-parser
CVE-2019-20085 (TVT NVMS-1000 devices allow GET /.. Directory Traversal ...)
	NOT-FOR-US: TVT NVMS-1000 devices
CVE-2019-20084
	RESERVED
CVE-2019-20083
	RESERVED
CVE-2019-20082
	RESERVED
CVE-2019-20081
	RESERVED
CVE-2019-20080
	RESERVED
CVE-2019-20079 (The autocmd feature in window.c in Vim before 8.1.2136 accesses freed  ...)
	- vim 2:8.1.2136-1
	[buster] - vim <no-dsa> (Minor issue)
	[stretch] - vim <not-affected> (Vulnerable code introduced later)
	[jessie] - vim <not-affected> (vulnerable code was introduced later)
	NOTE: https://github.com/vim/vim/issues/5041
	NOTE: https://github.com/vim/vim/commit/ec66c41d84e574baf8009dbc0bd088d2bc5b2421
CVE-2019-20078
	RESERVED
CVE-2019-20077 (The Typesetter CMS 5.1 logout functionality is affected by a CSRF vuln ...)
	NOT-FOR-US: Typesetter CMS
CVE-2019-20076 (On Netis DL4323 devices, XSS exists via the form2Ddns.cgi username par ...)
	NOT-FOR-US: Netis DL4323 devices
CVE-2019-20075 (On Netis DL4323 devices, pingrtt_v6.html has XSS (Ping6 Diagnostic). ...)
	NOT-FOR-US: Netis DL4323 devices
CVE-2019-20074 (On Netis DL4323 devices, any user role can view sensitive information, ...)
	NOT-FOR-US: Netis DL4323 devices
CVE-2019-20073 (On Netis DL4323 devices, XSS exists via the form2userconfig.cgi userna ...)
	NOT-FOR-US: Netis DL4323 devices
CVE-2019-20072 (On Netis DL4323 devices, XSS exists via the form2Ddns.cgi hostname par ...)
	NOT-FOR-US: Netis DL4323 devices
CVE-2019-20071 (On Netis DL4323 devices, CSRF exists via form2logaction.cgi to delete  ...)
	NOT-FOR-US: Netis DL4323 devices
CVE-2019-20070 (On Netis DL4323 devices, XSS exists via the urlFQDN parameter to form2 ...)
	NOT-FOR-US: Netis DL4323 devices
CVE-2019-20069
	RESERVED
CVE-2019-20068
	RESERVED
CVE-2019-20067
	RESERVED
CVE-2019-20066
	RESERVED
CVE-2019-20065
	RESERVED
CVE-2019-20064
	RESERVED
CVE-2019-20063 (hdf/dataobject.c in libmysofa before 0.8 has an uninitialized use of m ...)
	- libmysofa 0.8~dfsg0-1
	[buster] - libmysofa 0.6~dfsg0-3+deb10u1
	NOTE: https://github.com/hoene/libmysofa/issues/67
	NOTE: https://github.com/hoene/libmysofa/commit/ecb7b743b6f6d47b93a7bc680a60071a0f9524c6
CVE-2019-20062 (MFScripts YetiShare v3.5.2 through v4.5.4 might allow an attacker to r ...)
	NOT-FOR-US: MFScripts YetiShare
CVE-2019-20061 (The user-introduction email in MFScripts YetiShare v3.5.2 through v4.5 ...)
	NOT-FOR-US: MFScripts YetiShare
CVE-2019-20060 (MFScripts YetiShare v3.5.2 through v4.5.4 places sensitive information ...)
	NOT-FOR-US: MFScripts YetiShare
CVE-2019-20059 (payment_manage.ajax.php and various *_manage.ajax.php in MFScripts Yet ...)
	NOT-FOR-US: MFScripts YetiShare
CVE-2019-20058 (** DISPUTED ** Bolt 3.7.0, if Symfony Web Profiler is used, allows XSS ...)
	NOT-FOR-US: Bolt CMS
CVE-2019-20057 (com.proxyman.NSProxy.HelperTool in Privileged Helper Tool in Proxyman  ...)
	NOT-FOR-US: Proxyman for macOS
CVE-2019-20056 (stb_image.h (aka the stb image loader) 2.23, as used in libsixel and o ...)
	- libsixel 1.8.6-1 (low; bug #948103)
	[buster] - libsixel <no-dsa> (Minor issue)
	[stretch] - libsixel <no-dsa> (Minor issue)
	[jessie] - libsixel <no-dsa> (Minor issue)
	- libstb <unfixed> (low)
	[buster] - libstb <no-dsa> (Minor issue)
	NOTE: libsixel PR: https://github.com/saitoha/libsixel/issues/126
	NOTE: libsixel patch: https://github.com/saitoha/libsixel/commit/814f831555ea2492d442e784ab5d594f6a8e2e8d
	NOTE: libstb PR: https://github.com/nothings/stb/issues/886
CVE-2019-20055 (LuquidPixels LiquiFire OS 4.8.0 allows SSRF via the call%3Durl substri ...)
	NOT-FOR-US: LuquidPixels LiquiFire OS
CVE-2019-20053 (An invalid memory address dereference was discovered in the canUnpack  ...)
	- upx-ucl 3.96-1 (unimportant; bug #947471)
	NOTE: https://github.com/upx/upx/issues/314
	NOTE: https://github.com/upx/upx/commit/819c33fee2b2c33b96bef27a13cb20f2589819aa
CVE-2019-20052 (A memory leak was discovered in Mat_VarCalloc in mat.c in matio 1.5.17 ...)
	- libmatio <unfixed>
	[buster] - libmatio <no-dsa> (Minor issue)
	[stretch] - libmatio <no-dsa> (Minor issue)
	NOTE: https://github.com/tbeu/matio/issues/131
CVE-2019-20051 (A floating-point exception was discovered in PackLinuxElf::elf_hash in ...)
	- upx-ucl <unfixed> (unimportant)
	NOTE: https://github.com/upx/upx/issues/313
CVE-2019-20050 (Pandora FMS &#8804; 7.42 suffers from a remote code execution vulnerab ...)
	NOT-FOR-US: Pandora FMS
CVE-2019-20054 (In the Linux kernel before 5.0.6, there is a NULL pointer dereference  ...)
	- linux 5.2.6-1
	[buster] - linux 4.19.67-1
	[stretch] - linux 4.9.184-1
	[jessie] - linux 3.16.72-1
	NOTE: https://git.kernel.org/linus/23da9588037ecdd4901db76a5b79a42b529c4ec3
	NOTE: https://git.kernel.org/linus/89189557b47b35683a27c80ee78aef18248eefb4
CVE-2019-20049 (An issue was discovered on Alcatel-Lucent OmniVista 4760 devices. A re ...)
	NOT-FOR-US: Alcatel-Lucent OmniVista 4760 devices
CVE-2019-20048 (An issue was discovered on Alcatel-Lucent OmniVista 8770 devices befor ...)
	NOT-FOR-US: Alcatel-Lucent OmniVista 8770 devices
CVE-2019-20047 (An issue was discovered on Alcatel-Lucent OmniVista 4760 devices, and  ...)
	NOT-FOR-US: Alcatel-Lucent OmniVista 4760 devices
CVE-2019-20046 (The Synergy Systems &amp; Solutions PLC &amp; RTU system has a vulnera ...)
	NOT-FOR-US: Synergy Systems & Solutions PLC & RTU system
CVE-2019-20045 (The Synergy Systems &amp; Solutions PLC &amp; RTU system has a vulnera ...)
	NOT-FOR-US: Synergy Systems & Solutions PLC & RTU system
CVE-2019-20044 (In Zsh before 5.8, attackers able to execute commands can regain privi ...)
	{DLA-2117-1}
	- zsh 5.8-1 (bug #951458)
	[buster] - zsh <no-dsa> (Minor issue)
	[stretch] - zsh <no-dsa> (Minor issue)
	NOTE: https://www.zsh.org/mla/zsh-announce/141
	NOTE: https://sourceforge.net/p/zsh/code/ci/24e993db62cf146fb76ebcf677a4a7aa3766fc74/
	NOTE: https://sourceforge.net/p/zsh/code/ci/8250c5c168f07549ed646e6848e6dda118271e23/
	NOTE: https://sourceforge.net/p/zsh/code/ci/26d02efa7a9b0a6b32e1a8bbc6aca6c544b94211/
	NOTE: https://sourceforge.net/p/zsh/code/ci/4ce66857b71b40a0661df3780ff557f2b0f4cb13/
	NOTE: https://sourceforge.net/p/zsh/code/ci/b15bd4aa590db8087d1e8f2eb1af2874f5db814d/
CVE-2019-20040
	RESERVED
CVE-2019-20039
	RESERVED
CVE-2019-20038
	RESERVED
CVE-2019-20037
	RESERVED
CVE-2019-20036
	RESERVED
CVE-2019-20035
	RESERVED
CVE-2019-20034
	RESERVED
CVE-2019-20033
	RESERVED
CVE-2019-20032
	RESERVED
CVE-2019-20031
	RESERVED
CVE-2019-20030
	RESERVED
CVE-2019-20029
	RESERVED
CVE-2019-20028
	RESERVED
CVE-2019-20027
	RESERVED
CVE-2019-20026
	RESERVED
CVE-2019-20025
	RESERVED
CVE-2019-20024 (A heap-based buffer overflow was discovered in image_buffer_resize in  ...)
	- libsixel 1.8.6-1 (low; bug #948103)
	[buster] - libsixel <no-dsa> (Minor issue)
	[stretch] - libsixel <no-dsa> (Minor issue)
	[jessie] - libsixel <no-dsa> (Minor issue)
	NOTE: https://github.com/saitoha/libsixel/issues/121
	NOTE: https://github.com/saitoha/libsixel/commit/6367d2fc8c365c5841d05697200e90c73c4b3c4b
CVE-2019-20023 (A memory leak was discovered in image_buffer_resize in fromsixel.c in  ...)
	- libsixel 1.8.6-1 (low; bug #948103)
	[buster] - libsixel <no-dsa> (Minor issue)
	[stretch] - libsixel <no-dsa> (Minor issue)
	[jessie] - libsixel <no-dsa> (Minor issue)
	NOTE: https://github.com/saitoha/libsixel/issues/120
	NOTE: Proposed fix: https://github.com/saitoha/libsixel/commit/b9a4175c803b50a863b0fbd8b8b49058ca725ea6
CVE-2019-20022 (An invalid memory address dereference was discovered in load_pnm in fr ...)
	- libsixel 1.8.6-1 (low; bug #948103)
	[buster] - libsixel <no-dsa> (Minor issue)
	[stretch] - libsixel <no-dsa> (Minor issue)
	[jessie] - libsixel <no-dsa> (Minor issue)
	NOTE: https://github.com/saitoha/libsixel/issues/108
	NOTE: https://github.com/saitoha/libsixel/commit/e17c0765ed708186865f0f8badfed44181063776
CVE-2019-20021 (A heap-based buffer over-read was discovered in canUnpack in p_mach.cp ...)
	- upx-ucl 3.96-1 (unimportant; bug #947471)
	NOTE: https://github.com/upx/upx/issues/315
	NOTE: https://github.com/upx/upx/commit/819c33fee2b2c33b96bef27a13cb20f2589819aa
CVE-2019-20020 (A stack-based buffer over-read was discovered in ReadNextStructField i ...)
	- libmatio <unfixed>
	[buster] - libmatio <no-dsa> (Minor issue)
	[stretch] - libmatio <no-dsa> (Minor issue)
	NOTE: https://github.com/tbeu/matio/issues/128
CVE-2019-20019 (An attempted excessive memory allocation was discovered in Mat_VarRead ...)
	- libmatio <unfixed>
	[buster] - libmatio <no-dsa> (Minor issue)
	[stretch] - libmatio <no-dsa> (Minor issue)
	NOTE: https://github.com/tbeu/matio/issues/130
CVE-2019-20018 (A stack-based buffer over-read was discovered in ReadNextCell in mat5. ...)
	- libmatio <unfixed>
	[buster] - libmatio <no-dsa> (Minor issue)
	[stretch] - libmatio <no-dsa> (Minor issue)
	NOTE: https://github.com/tbeu/matio/issues/129
CVE-2019-20017 (A stack-based buffer over-read was discovered in Mat_VarReadNextInfo5  ...)
	- libmatio <unfixed>
	[buster] - libmatio <no-dsa> (Minor issue)
	[stretch] - libmatio <no-dsa> (Minor issue)
	NOTE: https://github.com/tbeu/matio/issues/127
CVE-2019-20016 (libmysofa before 2019-11-24 does not properly restrict recursive funct ...)
	- libmysofa 0.9~dfsg0-1
	[buster] - libmysofa <no-dsa> (Minor issue)
	NOTE: https://github.com/hoene/libmysofa/commit/2e6fac6ab6156dae8e8c6f417741388084b70d6f
	NOTE: https://github.com/hoene/libmysofa/issues/83
	NOTE: https://github.com/hoene/libmysofa/issues/84
CVE-2019-20015 (An issue was discovered in GNU LibreDWG 0.92. Crafted input will lead  ...)
	- libredwg <itp> (bug #595191)
CVE-2019-20014 (An issue was discovered in GNU LibreDWG before 0.93. There is a double ...)
	- libredwg <itp> (bug #595191)
CVE-2019-20013 (An issue was discovered in GNU LibreDWG before 0.93. Crafted input wil ...)
	- libredwg <itp> (bug #595191)
CVE-2019-20012 (An issue was discovered in GNU LibreDWG 0.92. Crafted input will lead  ...)
	- libredwg <itp> (bug #595191)
CVE-2019-20011 (An issue was discovered in GNU LibreDWG 0.92. There is a heap-based bu ...)
	- libredwg <itp> (bug #595191)
CVE-2019-20010 (An issue was discovered in GNU LibreDWG 0.92. There is a use-after-fre ...)
	- libredwg <itp> (bug #595191)
CVE-2019-20009 (An issue was discovered in GNU LibreDWG before 0.93. Crafted input wil ...)
	- libredwg <itp> (bug #595191)
CVE-2019-20008 (In Archery before 1.3, inserting an XSS payload into a project name (e ...)
	NOT-FOR-US: Archery
CVE-2019-20007 (An issue was discovered in ezXML 0.8.2 through 0.8.6. The function ezx ...)
	NOT-FOR-US: ezXML
CVE-2019-20006 (An issue was discovered in ezXML 0.8.3 through 0.8.6. The function ezx ...)
	NOT-FOR-US: ezXML
CVE-2019-20005 (An issue was discovered in ezXML 0.8.3 through 0.8.6. The function ezx ...)
	NOT-FOR-US: ezXML
CVE-2019-20004 (An issue was discovered on Intelbras IWR 3000N 1.8.7 devices. When the ...)
	NOT-FOR-US: Intelbras
CVE-2019-20003 (Feldtech easescreen Crystal 9.0 Web-Services 9.0.1.16265 allows Stored ...)
	NOT-FOR-US: Feldtech easescreen Crystal 9.0 Web-Services
CVE-2019-20002
	RESERVED
CVE-2019-20001
	RESERVED
CVE-2019-20000 (The malware scan function in BullGuard Premium Protection 20.0.371.8 h ...)
	NOT-FOR-US: BullGuard Premium Protection
CVE-2019-19999 (Halo before 1.2.0-beta.1 allows Server Side Template Injection (SSTI)  ...)
	NOT-FOR-US: Halo
CVE-2019-19998 (Xiuno BBS 4.0 allows XXE via plugin/xn_wechat_public/route/token.php. ...)
	NOT-FOR-US: Xiuno BBS
CVE-2019-19997
	RESERVED
CVE-2019-19996 (An issue was discovered on Intelbras IWR 3000N 1.8.7 devices. A malfor ...)
	NOT-FOR-US: Intelbras IWR 3000N devices
CVE-2019-19995 (A CSRF issue was discovered on Intelbras IWR 3000N 1.8.7 devices, lead ...)
	NOT-FOR-US: Intelbras IWR 3000N devices
CVE-2019-19994 (An issue was discovered in Selesta Visual Access Manager (VAM) 4.15.0  ...)
	NOT-FOR-US: Selesta Visual Access Manager (VAM)
CVE-2019-19993 (An issue was discovered in Selesta Visual Access Manager (VAM) 4.15.0  ...)
	NOT-FOR-US: Selesta Visual Access Manager (VAM)
CVE-2019-19992 (An issue was discovered in Selesta Visual Access Manager (VAM) 4.15.0  ...)
	NOT-FOR-US: Selesta Visual Access Manager (VAM)
CVE-2019-19991 (An issue was discovered in Selesta Visual Access Manager (VAM) 4.15.0  ...)
	NOT-FOR-US: Selesta Visual Access Manager (VAM)
CVE-2019-19990 (An issue was discovered in Selesta Visual Access Manager (VAM) 4.15.0  ...)
	NOT-FOR-US: Selesta Visual Access Manager (VAM)
CVE-2019-19989 (An issue was discovered in Selesta Visual Access Manager (VAM) 4.15.0  ...)
	NOT-FOR-US: Selesta Visual Access Manager (VAM)
CVE-2019-19988 (An issue was discovered in Selesta Visual Access Manager (VAM) 4.15.0  ...)
	NOT-FOR-US: Selesta Visual Access Manager (VAM)
CVE-2019-19987 (An issue was discovered in Selesta Visual Access Manager (VAM) 4.15.0  ...)
	NOT-FOR-US: Selesta Visual Access Manager (VAM)
CVE-2019-19986 (An issue was discovered in Selesta Visual Access Manager (VAM) 4.15.0  ...)
	NOT-FOR-US: Selesta Visual Access Manager (VAM)
CVE-2019-19985 (The WordPress plugin, Email Subscribers &amp; Newsletters, before 4.2. ...)
	NOT-FOR-US: WordPress plugin
CVE-2019-19984 (The WordPress plugin, Email Subscribers &amp; Newsletters, before 4.2. ...)
	NOT-FOR-US: WordPress plugin
CVE-2019-19983 (In the WordPress plugin, Fast Velocity Minify before 2.7.7, the full w ...)
	NOT-FOR-US: WordPress plugin
CVE-2019-19982 (The WordPress plugin, Email Subscribers &amp; Newsletters, before 4.2. ...)
	NOT-FOR-US: WordPress plugin
CVE-2019-19981 (The WordPress plugin, Email Subscribers &amp; Newsletters, before 4.2. ...)
	NOT-FOR-US: WordPress plugin
CVE-2019-19980 (The WordPress plugin, Email Subscribers &amp; Newsletters, before 4.2. ...)
	NOT-FOR-US: WordPress plugin
CVE-2019-19979 (A flaw in the WordPress plugin, WP Maintenance before 5.0.6, allowed a ...)
	NOT-FOR-US: WordPress plugin
CVE-2019-19978
	RESERVED
CVE-2019-19976
	RESERVED
CVE-2019-19975
	RESERVED
CVE-2019-19974
	RESERVED
CVE-2019-19973
	RESERVED
CVE-2019-19972
	RESERVED
CVE-2019-19971
	RESERVED
CVE-2019-19970
	RESERVED
CVE-2019-19969
	RESERVED
CVE-2019-19968 (PandoraFMS 742 suffers from multiple XSS vulnerabilities, affecting th ...)
	NOT-FOR-US: PandoraFMS
CVE-2019-19967 (The Administration page on Connect Box EuroDOCSIS 3.0 Voice Gateway CH ...)
	NOT-FOR-US: Connect Box EuroDOCSIS 3.0 Voice Gateway devices
CVE-2019-19977 (libESMTP through 1.0.6 mishandles domain copying into a fixed-size buf ...)
	- libesmtp <unfixed> (unimportant)
	NOTE: https://github.com/Kirin-say/Vulnerabilities/blob/master/Stack_Overflow_in_libesmtp.md
	NOTE: NTLM support not enabled in the Debian builds.
CVE-2019-19966 (In the Linux kernel before 5.1.6, there is a use-after-free in cpia2_e ...)
	{DLA-2068-1}
	- linux 5.2.6-1
	[buster] - linux 4.19.67-1
	[stretch] - linux 4.9.184-1
	NOTE: https://git.kernel.org/linus/dea37a97265588da604c6ba80160a287b72c7bfd
CVE-2019-19965 (In the Linux kernel through 5.4.6, there is a NULL pointer dereference ...)
	{DLA-2114-1 DLA-2068-1}
	- linux 5.4.13-1
	[buster] - linux 4.19.98-1
	[stretch] - linux 4.9.210-1
	NOTE: https://git.kernel.org/linus/f70267f379b5e5e11bdc5d72a56bf17e5feed01f
CVE-2019-19964 (On NETGEAR GS728TPS devices through 5.3.0.35, a remote attacker having ...)
	NOT-FOR-US: NETGEAR
CVE-2019-19963 (An issue was discovered in wolfSSL before 4.3.0 in a non-default confi ...)
	- wolfssl 4.3.0+dfsg-1
	NOTE: https://github.com/wolfSSL/wolfssl/commit/7e391f0fd57f2ef375b1174d752a56ce34b2b190 (v4.3.0-stable)
CVE-2019-19962 (wolfSSL before 4.3.0 mishandles calls to wc_SignatureGenerateHash, lea ...)
	- wolfssl 4.3.0+dfsg-1
	NOTE: https://github.com/wolfSSL/wolfssl/commit/23878512c65834d12811b1107d19a001478eca5d (4.3.0-stable)
CVE-2019-19961
	RESERVED
CVE-2019-19960 (In wolfSSL before 4.3.0, wc_ecc_mulmod_ex does not properly resist sid ...)
	- wolfssl 4.3.0+dfsg-1
	NOTE: https://github.com/wolfSSL/wolfssl/commit/5ee9f9c7a23f8ed093fe1e42bc540727e96cebb8 (v4.3.0-stable)
CVE-2019-19959 (ext/misc/zipfile.c in SQLite 3.30.1 mishandles certain uses of INSERT  ...)
	- sqlite3 3.30.1+fossil191229-1
	[buster] - sqlite3 <no-dsa> (Minor issue)
	[stretch] - sqlite3 <not-affected> (Vulnerable code introduced later)
	[jessie] - sqlite3 <not-affected> (Vulnerable code introduced later)
	NOTE: https://github.com/sqlite/sqlite/commit/1e490c4ca6b43a9cf8637d695907888349f69bec
	NOTE: https://github.com/sqlite/sqlite/commit/d8f2d46cbc9925e034a68aaaf60aad788d9373c1
CVE-2019-19958 (In libIEC61850 1.4.0, StringUtils_createStringFromBuffer in common/str ...)
	NOT-FOR-US: libIEC61850
CVE-2019-19957 (In libIEC61850 1.4.0, getNumberOfElements in mms/iso_mms/server/mms_ac ...)
	NOT-FOR-US: libIEC61850
CVE-2019-19956 (xmlParseBalancedChunkMemoryRecover in parser.c in libxml2 before 2.9.1 ...)
	{DLA-2048-1}
	[experimental] - libxml2 2.9.10+dfsg-1
	- libxml2 2.9.10+dfsg-2
	[buster] - libxml2 <no-dsa> (Minor issue)
	[stretch] - libxml2 <no-dsa> (Minor issue)
	NOTE: https://gitlab.gnome.org/GNOME/libxml2/issues/82
	NOTE: https://gitlab.gnome.org/GNOME/libxml2/commit/5a02583c7e683896d84878bd90641d8d9b0d0549 (v2.9.10-rc1)
CVE-2019-19955
	RESERVED
CVE-2019-19954 (Signal Desktop before 1.29.1 on Windows allows local users to gain pri ...)
	- signal-desktop <itp> (bug #842943)
CVE-2019-19953 (In GraphicsMagick 1.4 snapshot-20191208 Q8, there is a heap-based buff ...)
	{DSA-4640-1 DLA-2084-1}
	- graphicsmagick 1.4+really1.3.34-1 (bug #947311)
	NOTE: http://hg.graphicsmagick.org/hg/GraphicsMagick/rev/28f8bacd4bbf
	NOTE: https://sourceforge.net/p/graphicsmagick/bugs/617/
CVE-2019-19952 (In ImageMagick 7.0.9-7 Q16, there is a use-after-free in the function  ...)
	- imagemagick <not-affected> (Vulnerable code introduced later)
	NOTE: https://github.com/ImageMagick/ImageMagick/issues/1791
	NOTE: https://github.com/ImageMagick/ImageMagick/commit/916d7bbd2c66a286d379dbd94bc6035c8fab937c (7.x)
	NOTE: https://github.com/ImageMagick/ImageMagick6/commit/7ef923841437bb57bd9b55fc0bf40ddc99b93c2b (6.x)
CVE-2019-19951 (In GraphicsMagick 1.4 snapshot-20190423 Q8, there is a heap-based buff ...)
	{DSA-4640-1 DLA-2084-1}
	- graphicsmagick 1.4~hg16039-1
	NOTE: http://hg.graphicsmagick.org/hg/GraphicsMagick/rev/bc99af93614d
	NOTE: https://sourceforge.net/p/graphicsmagick/bugs/608/
CVE-2019-19950 (In GraphicsMagick 1.4 snapshot-20190403 Q8, there is a use-after-free  ...)
	{DSA-4640-1 DLA-2084-1}
	- graphicsmagick 1.4~hg16039-1
	NOTE: http://hg.graphicsmagick.org/hg/GraphicsMagick/rev/44ab7f6c20b4
	NOTE: https://sourceforge.net/p/graphicsmagick/bugs/603/
CVE-2019-19949 (In ImageMagick 7.0.8-43 Q16, there is a heap-based buffer over-read in ...)
	{DLA-2049-1}
	- imagemagick <unfixed> (low; bug #947309)
	[buster] - imagemagick <no-dsa> (Minor issue)
	[stretch] - imagemagick <no-dsa> (Minor issue)
	NOTE: https://github.com/ImageMagick/ImageMagick/issues/1561
	NOTE: https://github.com/ImageMagick/ImageMagick/commit/d17c047f7bff7c0edbf304470cd2ab9d02fbf617 (7.x)
	NOTE: https://github.com/ImageMagick/ImageMagick6/commit/34adc98afd5c7e7fb774d2ebdaea39e831c24dce (6.x)
CVE-2019-19948 (In ImageMagick 7.0.8-43 Q16, there is a heap-based buffer overflow in  ...)
	{DLA-2049-1}
	- imagemagick <unfixed> (low; bug #947308)
	[buster] - imagemagick <no-dsa> (Minor issue)
	[stretch] - imagemagick <no-dsa> (Minor issue)
	NOTE: https://github.com/ImageMagick/ImageMagick/issues/1562
	NOTE: https://github.com/ImageMagick/ImageMagick/commit/6ae32a9038e360b3491969d5d03d490884f02b4c (7.x)
	NOTE: https://github.com/ImageMagick/ImageMagick6/commit/9e7db22f8c374301db3f968757f0d08070fd4e54 (6.x)
CVE-2019-19947 (In the Linux kernel through 5.4.6, there are information leaks of unin ...)
	{DLA-2114-1 DLA-2068-1}
	- linux 5.4.8-1
	[buster] - linux 4.19.98-1
	[stretch] - linux 4.9.210-1
	NOTE: https://git.kernel.org/linus/da2311a6385c3b499da2ed5d9be59ce331fa93e9
CVE-2019-19946 (The API in Dradis Pro 3.4.1 allows any user to extract the content of  ...)
	NOT-FOR-US: Dradis Pro
CVE-2019-19945 (uhttpd in OpenWrt through 18.06.5 and 19.x through 19.07.0-rc2 has an  ...)
	NOT-FOR-US: uhttpd in OpenWrt
CVE-2019-19944 (In libIEC61850 1.4.0, BerDecoder_decodeUint32 in mms/asn1/ber_decode.c ...)
	NOT-FOR-US: libIEC61850
CVE-2019-19943 (The HTTP service in quickweb.exe in Pablo Quick 'n Easy Web Server 3.3 ...)
	NOT-FOR-US: Pablo Quick 'n Easy Web Server
CVE-2019-19942 (Missing output sanitation in Swisscom Centro Grande Centro Grande befo ...)
	NOT-FOR-US: Swisscom
CVE-2019-19941 (Missing hostname validation in Swisscom Centro Grande before 6.16.12 a ...)
	NOT-FOR-US: Swisscom
CVE-2019-19940 (Incorrect input sanitation in text-oriented user interfaces (telnet, s ...)
	NOT-FOR-US: Swisscom
CVE-2019-19939
	RESERVED
CVE-2019-19938
	RESERVED
CVE-2019-19937 (In JFrog Artifactory before 6.18, it is not possible to restrict eithe ...)
	NOT-FOR-US: JFrog Artifactory
CVE-2019-19936
	RESERVED
CVE-2019-19935
	RESERVED
CVE-2019-19934
	RESERVED
CVE-2019-19933
	RESERVED
CVE-2019-19932
	RESERVED
CVE-2019-19931 (In libIEC61850 1.4.0, MmsValue_decodeMmsData in mms/iso_mms/server/mms ...)
	NOT-FOR-US: libIEC61850
CVE-2019-19930 (In libIEC61850 1.4.0, MmsValue_newOctetString in mms/iso_mms/common/mm ...)
	NOT-FOR-US: libIEC61850
CVE-2019-19929 (An Untrusted Search Path vulnerability in Malwarebytes AdwCleaner befo ...)
	NOT-FOR-US: Malwarebytes AdwCleaner
CVE-2019-19928
	RESERVED
CVE-2019-19927 (In the Linux kernel 5.0.0-rc7 (as distributed in ubuntu/linux.git on k ...)
	- linux 5.2.6-1
	[buster] - linux 4.19.98-1
	[stretch] - linux <not-affected> (Vulnerable code not present)
	[jessie] - linux <not-affected> (Vulnerable code not present)
CVE-2019-19926 (multiSelect in select.c in SQLite 3.30.1 mishandles certain errors dur ...)
	{DSA-4638-1}
	- sqlite3 <not-affected> (Incomplete fix for CVE-2019-19880 not applied)
	NOTE: https://github.com/sqlite/sqlite/commit/8428b3b437569338a9d1e10c4cd8154acbe33089
	- chromium 80.0.3987.106-1
	[stretch] - chromium <end-of-life> (see DSA 4562)
CVE-2019-19925 (zipfileUpdate in ext/misc/zipfile.c in SQLite 3.30.1 mishandles a NULL ...)
	{DSA-4638-1}
	- sqlite3 3.30.1+fossil191229-1
	[buster] - sqlite3 <no-dsa> (Minor issue)
	[stretch] - sqlite3 <not-affected> (Vulnerable code introduced later)
	[jessie] - sqlite3 <not-affected> (Vulnerable code introduced later)
	- chromium 80.0.3987.106-1
	[stretch] - chromium <end-of-life> (see DSA 4562)
	NOTE: https://github.com/sqlite/sqlite/commit/54d501092d88c0cf89bec4279951f548fb0b8618
CVE-2019-19924 (SQLite 3.30.1 mishandles certain parser-tree rewriting, related to exp ...)
	- sqlite3 3.30.1+fossil191229-1
	[buster] - sqlite3 <no-dsa> (Minor issue)
	[stretch] - sqlite3 <not-affected> (Vulnerable code introduced later)
	[jessie] - sqlite3 <not-affected> (Vulnerable code introduced later)
	NOTE: https://github.com/sqlite/sqlite/commit/8654186b0236d556aa85528c2573ee0b6ab71be3
CVE-2019-19923 (flattenSubquery in select.c in SQLite 3.30.1 mishandles certain uses o ...)
	{DSA-4638-1}
	- sqlite3 3.30.1+fossil191229-1
	[buster] - sqlite3 <no-dsa> (Minor issue)
	[stretch] - sqlite3 <not-affected> (Vulnerable code introduced later)
	[jessie] - sqlite3 <not-affected> (Vulnerable code introduced later)
	- chromium 80.0.3987.106-1
	[stretch] - chromium <end-of-life> (see DSA 4562)
	NOTE: https://github.com/sqlite/sqlite/commit/396afe6f6aa90a31303c183e11b2b2d4b7956b35
CVE-2019-19922 (kernel/sched/fair.c in the Linux kernel before 5.3.9, when cpu.cfs_quo ...)
	{DLA-2068-1}
	- linux 5.3.9-1
	[buster] - linux 4.19.87-1
	[stretch] - linux <not-affected> (Vulnerability introduced later)
	NOTE: https://git.kernel.org/linus/de53fd7aedb100f03e5d2231cfce0e4993282425
CVE-2019-19921 (runc through 1.0.0-rc9 has Incorrect Access Control leading to Escalat ...)
	- runc 1.0.0~rc10+dfsg1-1
	[buster] - runc <no-dsa> (Minor issue)
	[stretch] - runc <no-dsa> (Minor issue)
	NOTE: https://github.com/opencontainers/runc/issues/2197
	NOTE: https://github.com/opencontainers/runc/pull/2190
CVE-2019-19919 (Versions of handlebars prior to 4.3.0 are vulnerable to Prototype Poll ...)
	- node-handlebars 3:4.5.3-1
	[buster] - node-handlebars <no-dsa> (Minor issue; will be fixed via point release)
	NOTE: https://www.npmjs.com/advisories/1164
CVE-2019-19918 (Lout 3.40 has a heap-based buffer overflow in the srcnext() function i ...)
	- lout <unfixed> (bug #947113)
	[buster] - lout <no-dsa> (Minor issue)
	[stretch] - lout <no-dsa> (Minor issue)
	[jessie] - lout <ignored> (Minor issue)
	NOTE: https://lists.gnu.org/archive/html/lout-users/2019-12/msg00001.html
CVE-2019-19917 (Lout 3.40 has a buffer overflow in the StringQuotedWord() function in  ...)
	- lout <unfixed> (bug #947113)
	[buster] - lout <no-dsa> (Minor issue)
	[stretch] - lout <no-dsa> (Minor issue)
	[jessie] - lout <ignored> (Minor issue)
	NOTE: https://lists.gnu.org/archive/html/lout-users/2019-12/msg00002.html
CVE-2019-19916 (In Midori Browser 0.5.11 (on Windows 10), Content Security Policy (CSP ...)
	NOT-FOR-US: Midori Browser
CVE-2019-19915 (The "301 Redirects - Easy Redirect Manager" plugin before 2.45 for Wor ...)
	NOT-FOR-US: "301 Redirects - Easy Redirect Manager" plugin for WordPress
CVE-2019-19914
	REJECTED
CVE-2019-19913 (In Intland codeBeamer ALM 9.5 and earlier, there is stored XSS via the ...)
	NOT-FOR-US: Intland codeBeamer ALM
CVE-2019-19912 (In Intland codeBeamer ALM 9.5 and earlier, a cross-site scripting (XSS ...)
	NOT-FOR-US: Intland codeBeamer ALM
CVE-2019-19911 (There is a DoS vulnerability in Pillow before 6.2.2 caused by FpxImage ...)
	{DSA-4631-1 DLA-2057-1}
	- pillow 7.0.0-1 (bug #948224)
	NOTE: https://github.com/python-pillow/Pillow/commit/774e53bb132461d8d5ebefec1162e29ec0ebc63d (6.2.2)
CVE-2019-19910 (The MinervaNeue Skin in MediaWiki from 2019-11-05 to 2019-12-13 (1.35  ...)
	NOT-FOR-US: Mediawiki skin
CVE-2019-19909 (An issue was discovered in Public Knowledge Project (PKP) pkp-lib befo ...)
	NOT-FOR-US: Public Knowledge Project (PKP) pkp-lib
CVE-2019-19908 (phpMyChat-Plus 1.98 is vulnerable to reflected XSS via JavaScript inje ...)
	NOT-FOR-US: phpMyChat
CVE-2019-19907 (HrAddFBBlock in libfreebusy/freebusyutil.cpp in Kopano Groupware Core  ...)
	- kopanocore 8.7.0-6 (bug #947312)
	[buster] - kopanocore <no-dsa> (Minor issue)
	NOTE: https://stash.kopano.io/projects/KC/repos/kopanocore/commits/4e02b420fff
CVE-2019-19904
	RESERVED
CVE-2019-19903 (An issue was discovered in Backdrop CMS 1.14.x before 1.14.2. It doesn ...)
	- backdrop <itp> (bug #914257)
CVE-2019-19902 (An issue was discovered in Backdrop CMS 1.13.x before 1.13.5 and 1.14. ...)
	- backdrop <itp> (bug #914257)
CVE-2019-19901 (An issue was discovered in Backdrop CMS 1.13.x before 1.13.5 and 1.14. ...)
	- backdrop <itp> (bug #914257)
CVE-2019-19900 (An issue was discovered in Backdrop CMS 1.13.x before 1.13.5 and 1.14. ...)
	- backdrop <itp> (bug #914257)
CVE-2019-19899 (Pebble Templates 3.1.2 allows attackers to bypass a protection mechani ...)
	NOT-FOR-US: Pebble Templates
CVE-2019-19898 (In IXP EasyInstall 6.2.13723, there are cleartext credentials in netwo ...)
	NOT-FOR-US: IXP EasyInstall
CVE-2019-19897 (In IXP EasyInstall 6.2.13723, there is Remote Code Execution via the A ...)
	NOT-FOR-US: IXP EasyInstall
CVE-2019-19896 (In IXP EasyInstall 6.2.13723, there is Remote Code Execution via weak  ...)
	NOT-FOR-US: IXP EasyInstall
CVE-2019-19895 (In IXP EasyInstall 6.2.13723, there is Lateral Movement (using the Age ...)
	NOT-FOR-US: IXP EasyInstall
CVE-2019-19894 (In IXP EasyInstall 6.2.13723, it is possible to temporarily disable UA ...)
	NOT-FOR-US: IXP EasyInstall
CVE-2019-19893 (In IXP EasyInstall 6.2.13723, there is Directory Traversal on TCP port ...)
	NOT-FOR-US: IXP EasyInstall
CVE-2019-19892
	RESERVED
CVE-2019-19891 (An encryption key vulnerability on Mitel SIP-DECT wireless devices 8.0 ...)
	NOT-FOR-US: Mitel SIP-DECT wireless devices
CVE-2019-19906 (cyrus-sasl (aka Cyrus SASL) 2.1.27 has an out-of-bounds write leading  ...)
	{DSA-4591-1 DLA-2044-1}
	- cyrus-sasl2 2.1.27+dfsg-2 (bug #947043)
	NOTE: https://github.com/cyrusimap/cyrus-sasl/issues/587
	NOTE: https://github.com/cyrusimap/cyrus-sasl/commit/dcc9f51cbd4ed622cfb0f9b1c141eb2ffe3b12f1
	NOTE: https://www.openldap.org/its/index.cgi/Incoming?id=9123
CVE-2019-16787
	REJECTED
CVE-2019-19905 (NetHack 3.6.x before 3.6.4 is prone to a buffer overflow vulnerability ...)
	- nethack <unfixed> (unimportant; bug #947005)
	NOTE: https://github.com/NetHack/NetHack/commit/f4a840a48f4bcf11757b3d859e9d53cc9d5ef226
	NOTE: https://github.com/NetHack/NetHack/commit/f001de79542b8c38b1f8e6d7eaefbbd28ab94b47
	NOTE: Negligible security impact
CVE-2019-19890 (An issue was discovered on Humax Wireless Voice Gateway HGB10R-2 20160 ...)
	NOT-FOR-US: Humax Wireless Voice Gateway HGB10R-2 20160817_1855 devices
CVE-2019-19889 (An issue was discovered on Humax Wireless Voice Gateway HGB10R-2 20160 ...)
	NOT-FOR-US: Humax Wireless Voice Gateway HGB10R-2 20160817_1855 devices
CVE-2019-19888 (jfif_decode in jfif.c in ffjpeg through 2019-08-21 has a divide-by-zer ...)
	NOT-FOR-US: ffjpeg
CVE-2019-19887 (bitstr_tell at bitstr.c in ffjpeg through 2019-08-21 has a NULL pointe ...)
	NOT-FOR-US: ffjpeg
CVE-2019-19886 (Trustwave ModSecurity 3.0.0 through 3.0.3 allows an attacker to send c ...)
	- modsecurity 3.0.4-1 (bug #949682)
	[buster] - modsecurity 3.0.3-1+deb10u1
	NOTE: https://github.com/SpiderLabs/ModSecurity/pull/2202
	NOTE: https://github.com/SpiderLabs/ModSecurity/commit/7ba77631f9a37e0680d23ee57c455c6a35c65cb9
CVE-2019-19885
	RESERVED
CVE-2019-19884
	RESERVED
CVE-2019-19883
	RESERVED
CVE-2019-19882 (shadow 4.8, in certain circumstances affecting at least Gentoo, Arch L ...)
	- shadow <unfixed> (unimportant)
	NOTE: https://github.com/shadow-maint/shadow/pull/199
	NOTE: https://bugs.archlinux.org/task/64836
	NOTE: https://bugs.gentoo.org/702252
	NOTE: Debian builds are compiled using -with-libpam and explicitly passing
	NOTE: --disable-account-tools-setuid.
CVE-2019-19881
	RESERVED
CVE-2019-19880 (exprListAppendList in window.c in SQLite 3.30.1 allows attackers to tr ...)
	{DSA-4638-1}
	- sqlite3 3.30.1+fossil191229-1
	[buster] - sqlite3 <not-affected> (Vulnerable code introduced later)
	[stretch] - sqlite3 <not-affected> (Vulnerable code introduced later)
	[jessie] - sqlite3 <not-affected> (Vulnerable code introduced later)
	- chromium 80.0.3987.106-1
	[stretch] - chromium <end-of-life> (see DSA 4562)
	NOTE: Introduced in: https://github.com/sqlite/sqlite/commit/08f6de7f314ad6b15d34cc5f27c3e737fcd99268 (3.29.0)
	NOTE: Fixed by: https://github.com/sqlite/sqlite/commit/75e95e1fcd52d3ec8282edb75ac8cd0814095d54
	NOTE: When fixing this issue make sure to apply as well
	NOTE: https://github.com/sqlite/sqlite/commit/8428b3b437569338a9d1e10c4cd8154acbe33089
	NOTE: to not open CVE-2019-19926.
CVE-2019-19879 (HashiCorp Sentinel up to 0.10.1 incorrectly parsed negation in certain ...)
	NOT-FOR-US: HashiCorp Sentinel (different from Redis Sentinel)
CVE-2019-19878
	RESERVED
CVE-2019-19877
	RESERVED
CVE-2019-19876
	RESERVED
CVE-2019-19875
	RESERVED
CVE-2019-19874
	RESERVED
CVE-2019-19873
	RESERVED
CVE-2019-19872
	RESERVED
CVE-2019-19871
	RESERVED
CVE-2019-19870
	RESERVED
CVE-2019-19869
	RESERVED
CVE-2019-19868
	RESERVED
CVE-2019-19867
	RESERVED
CVE-2019-19866 (Atos Unify OpenScape UC Web Client V9 before version V9 R4.31.0 and V1 ...)
	NOT-FOR-US: Atos Unify OpenScape UC Web Client
CVE-2019-19865 (Atos Unify OpenScape UC Application V9 before version V9 R4.31.0 and V ...)
	NOT-FOR-US: Atos Unify OpenScape UC Web Client
CVE-2019-19864
	REJECTED
CVE-2019-19863
	REJECTED
CVE-2019-19862
	REJECTED
CVE-2019-19861
	REJECTED
CVE-2019-19860
	RESERVED
CVE-2019-19859 (An issue was discovered in Serpico (aka SimplE RePort wrIting and Coll ...)
	NOT-FOR-US: Serpico
CVE-2019-19858 (An issue was discovered in Serpico (aka SimplE RePort wrIting and Coll ...)
	NOT-FOR-US: Serpico
CVE-2019-19857 (An issue was discovered in Serpico (aka SimplE RePort wrIting and Coll ...)
	NOT-FOR-US: Serpico
CVE-2019-19856 (An issue was discovered in Serpico (aka SimplE RePort wrIting and Coll ...)
	NOT-FOR-US: Serpico
CVE-2019-19855 (An issue was discovered in Serpico (aka SimplE RePort wrIting and Coll ...)
	NOT-FOR-US: Serpico
CVE-2019-19854 (An issue was discovered in Serpico (aka SimplE RePort wrIting and Coll ...)
	NOT-FOR-US: Serpico
CVE-2019-19853
	RESERVED
CVE-2019-19852 (An XSS Injection vulnerability exists in Sangoma FreePBX and PBXact 13 ...)
	NOT-FOR-US: FreePBX
CVE-2019-19851 (An XSS Injection vulnerability exists in Sangoma FreePBX and PBXact 13 ...)
	NOT-FOR-US: FreePBX
CVE-2019-19850 (An issue was discovered in TYPO3 before 8.7.30, 9.x before 9.5.12, and ...)
	NOT-FOR-US: TYPO3
CVE-2019-19849 (An issue was discovered in TYPO3 before 8.7.30, 9.x before 9.5.12, and ...)
	NOT-FOR-US: TYPO3
CVE-2019-19848 (An issue was discovered in TYPO3 before 8.7.30, 9.x before 9.5.12, and ...)
	NOT-FOR-US: TYPO3
CVE-2019-19847 (Libspiro through 20190731 has a stack-based buffer overflow in the spi ...)
	- libspiro <unfixed> (unimportant; bug #947276)
	[jessie] - libspiro <not-affected> (Vulnerable code not present)
	NOTE: https://github.com/fontforge/libspiro/issues/21
	NOTE: https://github.com/fontforge/libspiro/issues/21#issuecomment-567983822
	NOTE: https://github.com/fontforge/libspiro/commit/35233450c922787dad42321e359e5229ff470a1e
CVE-2019-19846 (In Joomla! before 3.9.14, the lack of validation of configuration para ...)
	NOT-FOR-US: Joomla!
CVE-2019-19845 (In Joomla! before 3.9.14, a missing access check in framework files co ...)
	NOT-FOR-US: Joomla!
CVE-2019-19844 (Django before 1.11.27, 2.x before 2.2.9, and 3.x before 3.0.1 allows a ...)
	{DSA-4598-1 DLA-2042-1}
	- python-django 2:2.2.9-1 (bug #946937)
	NOTE: https://www.djangoproject.com/weblog/2019/dec/18/security-releases/
	NOTE: https://github.com/django/django/commit/5b1fbcef7a8bec991ebe7b2a18b5d5a95d72cb70 (master)
	NOTE: https://github.com/django/django/commit/302a4ff1e8b1c798aab97673909c7a3dfda42c26 (3.0.x branch)
	NOTE: https://github.com/django/django/commit/4d334bea06cac63dc1272abcec545b85136cca0e (2.2.x branch)
	NOTE: https://github.com/django/django/commit/f4cff43bf921fcea6a29b726eb66767f67753fa2 (1.11.x branch)
CVE-2019-19843 (Incorrect access control in the web interface in Ruckus Wireless Unlea ...)
	NOT-FOR-US: Ruckus devices
CVE-2019-19842 (emfd in Ruckus Wireless Unleashed through 200.7.10.102.64 allows remot ...)
	NOT-FOR-US: Ruckus devices
CVE-2019-19841 (emfd in Ruckus Wireless Unleashed through 200.7.10.102.64 allows remot ...)
	NOT-FOR-US: Ruckus devices
CVE-2019-19840 (A stack-based buffer overflow in zap_parse_args in zap.c in zap in Ruc ...)
	NOT-FOR-US: Ruckus devices
CVE-2019-19839 (emfd in Ruckus Wireless Unleashed through 200.7.10.102.64 allows remot ...)
	NOT-FOR-US: Ruckus devices
CVE-2019-19838 (emfd in Ruckus Wireless Unleashed through 200.7.10.102.64 allows remot ...)
	NOT-FOR-US: Ruckus devices
CVE-2019-19837 (Incorrect access control in the web interface in Ruckus Wireless Unlea ...)
	NOT-FOR-US: Ruckus devices
CVE-2019-19836 (AjaxRestrictedCmdStat in zap in Ruckus Wireless Unleashed through 200. ...)
	NOT-FOR-US: Ruckus devices
CVE-2019-19835 (SSRF in AjaxRestrictedCmdStat in zap in Ruckus Wireless Unleashed thro ...)
	NOT-FOR-US: Ruckus devices
CVE-2019-19834 (Directory Traversal in ruckus_cli2 in Ruckus Wireless Unleashed throug ...)
	NOT-FOR-US: Ruckus devices
CVE-2019-20043 (In in wp-includes/rest-api/endpoints/class-wp-rest-posts-controller.ph ...)
	{DSA-4599-1}
	- wordpress 5.3.2+dfsg1-1 (bug #946905)
	[jessie] - wordpress <not-affected> (Vulnerable REST API introduced in 4.4)
	NOTE: https://core.trac.wordpress.org/changeset/46893/trunk
	NOTE: https://github.com/WordPress/wordpress-develop/commit/1d1d5be7aa94608c04516cac4238e8c22b93c1d9
	NOTE: https://wordpress.org/news/2019/12/wordpress-5-3-1-security-and-maintenance-release/
CVE-2019-20042 (In wp-includes/formatting.php in WordPress 3.7 to 5.3.0, the function  ...)
	{DSA-4599-1}
	- wordpress 5.3.2+dfsg1-1 (bug #946905)
	[stretch] - wordpress <not-affected> (Vulnerable function introduced in 5.1)
	[jessie] - wordpress <not-affected> (Vulnerable function introduced in 5.1)
	NOTE: https://core.trac.wordpress.org/changeset/46894/trunk
	NOTE: https://github.com/WordPress/wordpress-develop/commit/1f7f3f1f59567e2504f0fbebd51ccf004b3ccb1d
	NOTE: https://wordpress.org/news/2019/12/wordpress-5-3-1-security-and-maintenance-release/
CVE-2019-20041 (wp_kses_bad_protocol in wp-includes/kses.php in WordPress before 5.3.1 ...)
	{DSA-4599-1 DLA-2067-1}
	- wordpress 5.3.2+dfsg1-1 (bug #946905)
	NOTE: https://github.com/WordPress/wordpress-develop/commit/b1975463dd995da19bb40d3fa0786498717e3c53
	NOTE: https://wordpress.org/news/2019/12/wordpress-5-3-1-security-and-maintenance-release/
CVE-2019-16781 (In WordPress before 5.3.1, authenticated users with lower privileges ( ...)
	{DSA-4599-1}
	- wordpress 5.3.2+dfsg1-1 (bug #946905)
	[stretch] - wordpress <not-affected> (Vulnerable Block feature introduce in 5.0)
	[jessie] - wordpress <not-affected> (Vulnerable Block feature introduce in 5.0)
	NOTE: https://github.com/WordPress/wordpress-develop/security/advisories/GHSA-pg4x-64rh-3c9v
	NOTE: https://hackerone.com/reports/731301
	NOTE: https://wordpress.org/news/2019/12/wordpress-5-3-1-security-and-maintenance-release/
CVE-2019-16780 (WordPress users with lower privileges (like contributors) can inject J ...)
	{DSA-4599-1}
	- wordpress 5.3.2+dfsg1-1 (bug #946905)
	[stretch] - wordpress <not-affected> (Vulnerable Block feature introduce in 5.0)
	[jessie] - wordpress <not-affected> (Vulnerable Block feature introduce in 5.0)
	NOTE: https://github.com/WordPress/wordpress-develop/security/advisories/GHSA-x3wp-h3qx-9w94
	NOTE: https://github.com/WordPress/wordpress-develop/commit/505dd6a20b6fc3d06130018c1caeff764248c29e
	NOTE: https://hackerone.com/reports/738644
	NOTE: https://wordpress.org/news/2019/12/wordpress-5-3-1-security-and-maintenance-release/
CVE-2019-19833 (In Tautulli 2.1.9, CSRF in the /shutdown URI allows an attacker to shu ...)
	NOT-FOR-US: Tautulli
CVE-2019-19832 (Xerox AltaLink C8035 printers allow CSRF. A request to add users is ma ...)
	NOT-FOR-US: Xerox
CVE-2019-19831
	RESERVED
CVE-2019-19829 (A cross-site scripting (XSS) vulnerability exists in SolarWinds Serv-U ...)
	NOT-FOR-US: SolarWinds
CVE-2019-19828
	RESERVED
CVE-2019-19827
	RESERVED
CVE-2019-19826 (The Views Dynamic Fields module through 7.x-1.0-alpha4 for Drupal make ...)
	NOT-FOR-US: Views Dynamic Fields module for Drupal
CVE-2019-19825 (On certain TOTOLINK Realtek SDK based routers, the CAPTCHA text can be ...)
	NOT-FOR-US: TOTOLINK Realtek SDK based routers
CVE-2019-19824 (On certain TOTOLINK Realtek SDK based routers, an authenticated attack ...)
	NOT-FOR-US: TOTOLINK Realtek SDK based routers
CVE-2019-19823 (A certain router administration interface (that includes Realtek APMIB ...)
	NOT-FOR-US: Realtek
CVE-2019-19822 (A certain router administration interface (that includes Realtek APMIB ...)
	NOT-FOR-US: Realtek
CVE-2019-19821 (A post-authentication privilege escalation in the web application of C ...)
	NOT-FOR-US: Combodo iTop
CVE-2019-19820 (An invalid pointer vulnerability in IOCTL Handling in the kyrld.sys dr ...)
	NOT-FOR-US: Kyrol Internet Security
CVE-2019-19819 (The JBIG2Globals library in npdf.dll in Nitro Free PDF Reader 12.0.0.1 ...)
	NOT-FOR-US: JBIG2Globals library in npdf.dll in Nitro Free PDF Reader
CVE-2019-19818 (The JBIG2Decode library in npdf.dll in Nitro Free PDF Reader 12.0.0.11 ...)
	NOT-FOR-US: JBIG2Globals library in npdf.dll in Nitro Free PDF Reader
CVE-2019-19817 (The JBIG2Decode library in npdf.dll in Nitro Free PDF Reader 12.0.0.11 ...)
	NOT-FOR-US: JBIG2Globals library in npdf.dll in Nitro Free PDF Reader
CVE-2019-19816 (In the Linux kernel 5.0.21, mounting a crafted btrfs filesystem image  ...)
	- linux <unfixed>
CVE-2019-19815 (In the Linux kernel 5.0.21, mounting a crafted f2fs filesystem image c ...)
	- linux 5.3.7-1
CVE-2019-19814 (In the Linux kernel 5.0.21, mounting a crafted f2fs filesystem image c ...)
	- linux <unfixed>
CVE-2019-19813 (In the Linux kernel 5.0.21, mounting a crafted btrfs filesystem image, ...)
	- linux <unfixed>
CVE-2019-19812
	RESERVED
CVE-2019-19811
	RESERVED
CVE-2019-19810
	RESERVED
CVE-2019-19809
	RESERVED
CVE-2019-3467 (Debian-edu-config all versions &lt; 2.11.10, a set of configuration fi ...)
	{DSA-4595-1 DSA-4589-1 DLA-2063-1 DLA-2041-1}
	- debian-edu-config 2.11.10 (bug #946797)
	- debian-lan-config 0.26 (bug #947459)
	NOTE: debian-lan-config is effectively the same issue as in debian-edu-config and a somewhat
	NOTE: derived codebase, so same CVE ID is used
CVE-2019-19808
	RESERVED
CVE-2019-19806 (_account_forgot_password.ajax.php in MFScripts YetiShare 3.5.2 through ...)
	NOT-FOR-US: MFScripts YetiShare
CVE-2019-19805 (_account_forgot_password.ajax.php in MFScripts YetiShare 3.5.2 through ...)
	NOT-FOR-US: MFScripts YetiShare
CVE-2019-19804
	RESERVED
CVE-2019-19803
	RESERVED
CVE-2019-19802 (In Gallagher Command Centre Server v8.10 prior to v8.10.1134(MR4), v8. ...)
	NOT-FOR-US: Gallagher Command Centre Server
CVE-2019-19801 (In Gallagher Command Centre Server versions of v8.10 prior to v8.10.11 ...)
	NOT-FOR-US: Gallagher Command Centre Server
CVE-2019-19800 (Zoho ManageEngine Applications Manager 14 before 14520 allows a remote ...)
	NOT-FOR-US: Zoho ManageEngine Applications Manager
CVE-2019-19799 (Zoho ManageEngine Applications Manager before 14600 allows a remote un ...)
	NOT-FOR-US: Zoho ManageEngine
CVE-2019-19798
	RESERVED
CVE-2019-19797 (read_colordef in read.c in Xfig fig2dev 3.2.7b has an out-of-bounds wr ...)
	- fig2dev 1:3.2.7b-3 (bug #946866)
	[buster] - fig2dev 1:3.2.7a-5+deb10u3
	[stretch] - fig2dev <no-dsa> (Minor issue)
	- transfig <removed>
	[jessie] - transfig <no-dsa> (Minor issue)
	NOTE: https://sourceforge.net/p/mcj/tickets/67/
	NOTE: https://sourceforge.net/p/mcj/fig2dev/ci/41b9bb838a3d544539f6e68aa4f87d70ef7d45ce/
CVE-2019-19807 (In the Linux kernel before 5.3.11, sound/core/timer.c has a use-after- ...)
	- linux 5.3.15-1
	[buster] - linux <not-affected> (Vulnerable code introduced later and not present in released Debian version)
	[stretch] - linux <not-affected> (Vulnerable code introduced later and not present in released Debian version)
	[jessie] - linux <not-affected> (Vulnerable code not present)
	NOTE: https://git.kernel.org/linus/e7af6307a8a54f0b873960b32b6a644f2d0fbd97
CVE-2019-19796 (Yabasic 2.86.2 has a heap-based buffer overflow in myformat in functio ...)
	- yabasic <unfixed> (unimportant)
	NOTE: https://github.com/marcIhm/yabasic/issues/37
	NOTE: Negligible security impact
CVE-2019-19795 (samurai 0.7 has a heap-based buffer overflow in canonpath in util.c vi ...)
	NOT-FOR-US: samurai
CVE-2019-19794 (The miekg Go DNS package before 1.1.25, as used in CoreDNS before 1.6. ...)
	- golang-github-miekg-dns 1.1.26-1 (bug #947403)
	[buster] - golang-github-miekg-dns <no-dsa> (Minor issue)
	NOTE: https://github.com/coredns/coredns/issues/3519
	NOTE: https://github.com/miekg/dns/commit/8ebf2e419df7857ac8919baa05248789a8ffbf33
	NOTE: https://github.com/miekg/dns/issues/1043
	NOTE: https://github.com/miekg/dns/pull/1044
CVE-2019-19793 (In Cyxtera AppGate SDP Client 4.1.x through 4.3.x before 4.3.2 on Wind ...)
	NOT-FOR-US: Cyxtera AppGate SDP Client
CVE-2019-19792 (A permissions issue in ESET Cyber Security before 6.8.300.0 for macOS  ...)
	NOT-FOR-US: ESET Cyber Security
CVE-2019-19791 [Apache access rules and SOAP/REST endpoints issue]
	RESERVED
	- lemonldap-ng 2.0.7+ds-1
	[buster] - lemonldap-ng <no-dsa> (Minor issue)
	[stretch] - lemonldap-ng <no-dsa> (Minor issue)
	[jessie] - lemonldap-ng <no-dsa> (Minor issue)
	NOTE: https://gitlab.ow2.org/lemonldap-ng/lemonldap-ng/issues/1943
	NOTE: https://projects.ow2.org/view/lemonldap-ng/lemonldap-ng-2-0-7-is-out/
CVE-2019-19790 (Path traversal in RadChart in Telerik UI for ASP.NET AJAX allows a rem ...)
	NOT-FOR-US: Telerik UI for ASP.NET AJAX
CVE-2019-19789 (3S-Smart CODESYS SP Realtime NT before V2.3.7.28, CODESYS Runtime Tool ...)
	NOT-FOR-US: CODESYS
CVE-2019-19788 (Opera for Android before 54.0.2669.49432 is vulnerable to a sandboxed  ...)
	NOT-FOR-US: Opera for Android
CVE-2019-19787 (ATasm 1.06 has a stack-based buffer overflow in the get_signed_express ...)
	NOT-FOR-US: ATasm
CVE-2019-19786 (ATasm 1.06 has a stack-based buffer overflow in the parse_expr() funct ...)
	NOT-FOR-US: ATasm
CVE-2019-19785 (ATasm 1.06 has a stack-based buffer overflow in the to_comma() functio ...)
	NOT-FOR-US: ATasm
CVE-2019-19784
	RESERVED
CVE-2019-19783 (An issue was discovered in Cyrus IMAP before 2.5.15, 3.0.x before 3.0. ...)
	{DSA-4590-1}
	- cyrus-imapd 3.0.13-1
	NOTE: https://www.cyrusimap.org/imap/download/release-notes/3.0/x/3.0.13.html#security-fixes
CVE-2019-19782 (The FTP client in AceaXe Plus 1.0 allows a buffer overflow via a long  ...)
	NOT-FOR-US: AceaXe Plus
CVE-2019-19781 (An issue was discovered in Citrix Application Delivery Controller (ADC ...)
	NOT-FOR-US: Citrix
CVE-2019-19780
	RESERVED
CVE-2019-19779
	RESERVED
CVE-2019-19778 (An issue was discovered in libsixel 1.8.2. There is a heap-based buffe ...)
	- libsixel 1.8.6-1 (low; bug #948103)
	[buster] - libsixel <no-dsa> (Minor issue)
	[stretch] - libsixel <no-dsa> (Minor issue)
	[jessie] - libsixel <no-dsa> (Minor issue)
	NOTE: https://github.com/saitoha/libsixel/issues/110
CVE-2019-19777 (stb_image.h (aka the stb image loader) 2.23, as used in libsixel and o ...)
	- libsixel 1.8.6-1 (low; bug #948103)
	[buster] - libsixel <no-dsa> (Minor issue)
	[stretch] - libsixel <no-dsa> (Minor issue)
	[jessie] - libsixel <no-dsa> (Minor issue)
	NOTE: https://github.com/saitoha/libsixel/issues/109
CVE-2019-19776
	RESERVED
CVE-2019-19775 (The image thumbnailing handler in Zulip Server versions 1.9.0 to befor ...)
	NOT-FOR-US: Zulip
CVE-2019-19774 (An issue was discovered in Zoho ManageEngine EventLog Analyzer 10.0 SP ...)
	NOT-FOR-US: Zoho ManageEngine EventLog Analyzer
CVE-2019-19773 (Various Lexmark products have stored XSS in the embedded web server us ...)
	NOT-FOR-US: Lexmark
CVE-2019-19772 (Various Lexmark products have reflected XSS in the embedded web server ...)
	NOT-FOR-US: Lexmark
CVE-2019-19771 (The lodahs package 0.0.1 for Node.js is a Trojan horse, and may have b ...)
	NOT-FOR-US: lodahs malicious package on npm
CVE-2019-19830 (_core_/plugins/medias in SPIP 3.2.x before 3.2.7 allows remote authent ...)
	{DSA-4583-1}
	- spip 3.2.7-1
	[stretch] - spip <not-affected> (Vulnerable code not present)
	[jessie] - spip <not-affected> (Vulnerable code not present)
CVE-2019-19770 (** DISPUTED ** In the Linux kernel 4.19.83, there is a use-after-free  ...)
	- linux <unfixed>
	NOTE: https://bugzilla.kernel.org/show_bug.cgi?id=205713
CVE-2019-19769 (In the Linux kernel 5.3.10, there is a use-after-free (read) in the pe ...)
	- linux 5.5.13-1
	[buster] - linux <not-affected> (Vulnerable code not present)
	[stretch] - linux <not-affected> (Vulnerable code not present)
	[jessie] - linux <not-affected> (Vulnerable code not present)
	NOTE: https://bugzilla.kernel.org/show_bug.cgi?id=205705
	NOTE: https://git.kernel.org/linus/6d390e4b5d48ec03bb87e63cf0a2bff5f4e116da
CVE-2019-19768 (In the Linux kernel 5.4.0-rc2, there is a use-after-free (read) in the ...)
	- linux <unfixed>
	NOTE: https://bugzilla.kernel.org/show_bug.cgi?id=205711
CVE-2019-19767 (The Linux kernel before 5.4.2 mishandles ext4_expand_extra_isize, as d ...)
	{DLA-2114-1 DLA-2068-1}
	- linux 5.3.15-1
	[buster] - linux 4.19.98-1
	[stretch] - linux 4.9.210-1
	NOTE: https://git.kernel.org/linus/4ea99936a1630f51fc3a2d61a58ec4a1c4b7d55a
CVE-2019-19766 (The Bitwarden server through 1.32.0 has a potentially unwanted KDF. ...)
	NOT-FOR-US: Bitwarden server
CVE-2019-19765
	REJECTED
CVE-2019-19764
	REJECTED
CVE-2019-19763
	REJECTED
CVE-2019-19762
	REJECTED
CVE-2019-19761
	RESERVED
CVE-2019-19760
	RESERVED
CVE-2019-19759
	RESERVED
CVE-2019-19758 (A vulnerability in the web interface of Lenovo EZ Media &amp; Backup C ...)
	NOT-FOR-US: Lenovo
CVE-2019-19757 (An internal product security audit of Lenovo XClarity Administrator (L ...)
	NOT-FOR-US: Lenovo
CVE-2019-19756 (An internal product security audit of Lenovo XClarity Administrator (L ...)
	NOT-FOR-US: Lenovo
CVE-2019-19755
	RESERVED
CVE-2019-19754
	RESERVED
CVE-2019-19753
	RESERVED
CVE-2019-19752
	RESERVED
CVE-2019-19751
	RESERVED
CVE-2019-19750 (minerstat msOS before 2019-10-23 does not have a unique SSH key for ea ...)
	NOT-FOR-US: minerstat msOS
CVE-2019-19749
	RESERVED
CVE-2019-19748 (The Work Time Calendar app before 4.7.1 for Jira allows XSS. ...)
	NOT-FOR-US: Work Time Calendar app for Jira
CVE-2019-19747 (NeuVector 3.1 when configured to allow authentication via Active Direc ...)
	NOT-FOR-US: NeuVector
CVE-2019-19746 (make_arrow in arrow.c in Xfig fig2dev 3.2.7b allows a segmentation fau ...)
	- fig2dev 1:3.2.7b-3 (unimportant; bug #946628)
	[buster] - fig2dev 1:3.2.7a-5+deb10u3
	- transfig <removed> (unimportant)
	NOTE: https://sourceforge.net/p/mcj/tickets/57/
	NOTE: https://sourceforge.net/p/mcj/fig2dev/ci/3065abc7b4f740ed6532322843531317de782a26/
CVE-2019-19745 (Contao 4.0 through 4.8.5 allows PHP local file inclusion. A back end u ...)
	NOT-FOR-US: Contao
CVE-2019-19744
	RESERVED
CVE-2019-19743 (On D-Link DIR-615 devices, a normal user is able to create a root(admi ...)
	NOT-FOR-US: D-Link
CVE-2019-19742 (On D-Link DIR-615 devices, the User Account Configuration page is vuln ...)
	NOT-FOR-US: D-Link
CVE-2019-19741 (Electronic Arts Origin 10.5.55.33574 is vulnerable to local privilege  ...)
	NOT-FOR-US: Electronic Arts Origin
CVE-2019-19740 (Octeth Oempro 4.7 and 4.8 allow SQL injection. The parameter CampaignI ...)
	NOT-FOR-US: Octeth Oempro
CVE-2019-19739 (MFScripts YetiShare 3.5.2 through 4.5.3 does not set the Secure flag o ...)
	NOT-FOR-US: MFScripts YetiShare
CVE-2019-19738 (log_file_viewer.php in MFScripts YetiShare 3.5.2 through 4.5.3 does no ...)
	NOT-FOR-US: MFScripts YetiShare
CVE-2019-19737 (MFScripts YetiShare 3.5.2 through 4.5.3 does not set the SameSite flag ...)
	NOT-FOR-US: MFScripts YetiShare
CVE-2019-19736 (MFScripts YetiShare 3.5.2 through 4.5.3 does not set the HttpOnly flag ...)
	NOT-FOR-US: MFScripts YetiShare
CVE-2019-19735 (class.userpeer.php in MFScripts YetiShare 3.5.2 through 4.5.3 uses an  ...)
	NOT-FOR-US: MFScripts YetiShare
CVE-2019-19734 (_account_move_file_in_folder.ajax.php in MFScripts YetiShare 3.5.2 dir ...)
	NOT-FOR-US: MFScripts YetiShare
CVE-2019-19733 (_get_all_file_server_paths.ajax.php (aka get_all_file_server_paths.aja ...)
	NOT-FOR-US: MFScripts YetiShare
CVE-2019-19732 (translation_manage_text.ajax.php and various *_manage.ajax.php in MFSc ...)
	NOT-FOR-US: MFScripts YetiShare
CVE-2019-19731 (Roxy Fileman 1.4.5 for .NET is vulnerable to path traversal. A remote  ...)
	NOT-FOR-US: Roxy Fileman
CVE-2019-19730
	RESERVED
CVE-2019-19729 (An issue was discovered in the BSON ObjectID (aka bson-objectid) packa ...)
	NOT-FOR-US: bsjon-objectid node module
CVE-2019-19728 (SchedMD Slurm before 18.08.9 and 19.x before 19.05.5 executes srun --u ...)
	- slurm-llnl 19.05.5-1
	[buster] - slurm-llnl <no-dsa> (Minor issue)
	[stretch] - slurm-llnl <no-dsa> (Minor issue)
	[jessie] - slurm-llnl <ignored> (Minor issue, fix introduces regression, upstream refuses access to bug tracker)
	NOTE: https://github.com/SchedMD/slurm/commit/5ac031b2ef5462f6e8e47dad0247bd474614c118
	NOTE: https://bugzilla.suse.com/show_bug.cgi?id=1159692
	NOTE: Fixed upstream in 18.08.9, 19.05.5
CVE-2019-19727 (SchedMD Slurm before 18.08.9 and 19.x before 19.05.5 has weak slurmdbd ...)
	- slurm-llnl 19.05.5-1 (unimportant)
	NOTE: https://bugzilla.suse.com/show_bug.cgi?id=1155784
	NOTE: Fixed upstream in 18.08.9, 19.05.5
	NOTE: The example file is installed as well in Debian as 0644 and slurmdbd.conf
	NOTE: not directly installed by the slurmdbd binary package.
CVE-2019-19726 (OpenBSD through 6.6 allows local users to escalate to root because a c ...)
	NOT-FOR-US: OpenBSD
CVE-2019-19725 (sysstat through 12.2.0 has a double free in check_file_actlst in sa_co ...)
	- sysstat 12.2.0-2 (unimportant; bug #946657)
	[stretch] - sysstat <not-affected> (Vulnerable code introduced in v11.7.1)
	[jessie] - sysstat <not-affected> (Vulnerable code introduced in v11.7.1)
	NOTE: https://github.com/sysstat/sysstat/issues/242
	NOTE: https://github.com/sysstat/sysstat/commit/a5c8abd4a481ee6e27a3acf00e6d9b0f023e20ed
	NOTE: Crash in CLI tool, no security impact
CVE-2019-19724 (Insecure permissions (777) are set on $HOME/.singularity when it is ne ...)
	- singularity-container 3.5.2+ds1-1
	NOTE: https://github.com/sylabs/singularity/commit/2cda4981812c29f0fb11d3ea6aaf6139f665a631
CVE-2019-19723
	RESERVED
CVE-2019-19722 (In Dovecot before 2.3.9.2, an attacker can crash a push-notification d ...)
	- dovecot <not-affected> (Only affects 2.3.9)
	NOTE: https://www.openwall.com/lists/oss-security/2019/12/13/2
	NOTE: https://github.com/dovecot/core/commit/1307766b6f5d97341a47376657d342bcefd10f1b
	NOTE: https://github.com/dovecot/core/commit/393a8cabf4dad893bf2ec60bf96cfde7a0c58432
CVE-2019-19721
	RESERVED
CVE-2019-19720 (Yabasic 2.86.1 has a heap-based buffer overflow in the yylex() functio ...)
	- yabasic <unfixed> (unimportant)
	NOTE: https://github.com/marcIhm/yabasic/issues/36
	NOTE: Negligible security impact
CVE-2019-19719 (Tableau Server 10.3 through 2019.4 on Windows and Linux allows XSS via ...)
	NOT-FOR-US: Tableau Server
CVE-2019-19718
	RESERVED
CVE-2019-19717
	RESERVED
CVE-2019-19716
	RESERVED
CVE-2019-19715
	RESERVED
CVE-2019-19714 (Contao 4.8.4 and 4.8.5 has Improper Encoding or Escaping of Output. It ...)
	NOT-FOR-US: Contao
CVE-2019-19713
	RESERVED
CVE-2019-19712 (Contao 4.0 through 4.8.5 has Insecure Permissions. Back end users can  ...)
	NOT-FOR-US: Contao
CVE-2019-19711
	RESERVED
CVE-2019-19710
	RESERVED
CVE-2019-19709 (MediaWiki through 1.33.1 allows attackers to bypass the Title_blacklis ...)
	{DSA-4592-1}
	- mediawiki 1:1.31.6-1
	NOTE: https://gerrit.wikimedia.org/r/q/Ie54f366986056c876eade0fcad6c41f70b8b8de8
	NOTE: https://phabricator.wikimedia.org/T239466
	NOTE: https://lists.wikimedia.org/pipermail/wikitech-l/2019-December/092886.html
CVE-2019-19708 (The VisualEditor extension through 1.34 for MediaWiki allows XSS via p ...)
	NOT-FOR-US: VisualEditor MediaWiki extension
CVE-2019-19707 (On Moxa EDS-G508E, EDS-G512E, and EDS-G516E devices (with firmware thr ...)
	NOT-FOR-US: Moxa
CVE-2019-19706
	RESERVED
CVE-2019-19705
	RESERVED
CVE-2019-19704
	RESERVED
CVE-2019-19703 (In Ktor through 1.2.6, the client resends data from the HTTP Authoriza ...)
	NOT-FOR-US: Ktor
CVE-2019-19702 (The modoboa-dmarc plugin 1.1.0 for Modoboa is vulnerable to an XML Ext ...)
	NOT-FOR-US: Modoboa
CVE-2019-19701
	RESERVED
CVE-2019-19700
	RESERVED
CVE-2019-19699 (There is Authenticated remote code execution in Centreon Infrastructur ...)
	TODO: check
CVE-2019-19698 (marc-q libwav through 2017-04-20 has a NULL pointer dereference in wav ...)
	NOT-FOR-US: libwav
CVE-2019-19697 (An arbitrary code execution vulnerability exists in the Trend Micro Se ...)
	NOT-FOR-US: Trend Micro
CVE-2019-19696 (A RootCA vulnerability found in Trend Micro Password Manager for Windo ...)
	NOT-FOR-US: Trend Micro
CVE-2019-19695 (A privilege escalation vulnerability in Trend Micro Antivirus for Mac  ...)
	NOT-FOR-US: Trend Micro
CVE-2019-19694 (The Trend Micro Security 2019 (15.0.0.1163 and below) consumer family  ...)
	NOT-FOR-US: Trend Micro
CVE-2019-19693 (The Trend Micro Security 2020 consumer family of products contains a v ...)
	NOT-FOR-US: Trend Micro
CVE-2019-19692 (Trend Micro Apex One (2019) is affected by a cross-site scripting (XSS ...)
	NOT-FOR-US: Trend Micro
CVE-2019-19691 (A vulnerability in Trend Micro Apex One and OfficeScan XG could allow  ...)
	NOT-FOR-US: Trend Micro
CVE-2019-19690 (Trend Micro Mobile Security for Android (Consumer) versions 10.3.1 and ...)
	NOT-FOR-US: Trend Micro
CVE-2019-19689 (Trend Micro HouseCall for Home Networks (versions below 5.3.0.1063) co ...)
	NOT-FOR-US: Trend Micro
CVE-2019-19688 (A privilege escalation vulnerability in Trend Micro HouseCall for Home ...)
	NOT-FOR-US: Trend Micro
CVE-2019-19687 (OpenStack Keystone 15.0.0 and 16.0.0 is affected by Data Leakage in th ...)
	- keystone 2:16.0.0-5 (bug #946614)
	[buster] - keystone <not-affected> (Vulnerable code introduced later)
	[stretch] - keystone <not-affected> (Vulnerable code introduced later)
	[jessie] - keystone <not-affected> (Vulnerable code introduced later)
	NOTE: https://www.openwall.com/lists/oss-security/2019/12/11/8
	NOTE: https://bugs.launchpad.net/keystone/+bug/1855080
CVE-2019-19686
	RESERVED
CVE-2019-19685 (RoxyFileman, as shipped with nopCommerce v4.2.0, is vulnerable to CSRF ...)
	NOT-FOR-US: RoxyFileman in nopCommerce
CVE-2019-19684 (nopCommerce v4.2.0 allows privilege escalation via file upload in Pres ...)
	NOT-FOR-US: nopCommerce
CVE-2019-19683 (RoxyFileman, as shipped with nopCommerce v4.2.0, is vulnerable to ../  ...)
	NOT-FOR-US: RoxyFileman in nopCommerce
CVE-2019-19682 (nopCommerce through 4.20 allows XSS in the SaveStoreMappings of the co ...)
	NOT-FOR-US: nopCommerce
CVE-2019-19681 (** DISPUTED ** Pandora FMS 7.x suffers from remote code execution vuln ...)
	NOT-FOR-US: Pandora FMS
CVE-2019-19680 (A file-extension filtering vulnerability in Proofpoint Enterprise Prot ...)
	NOT-FOR-US: ProofPoint Protection Server Email Firewall
CVE-2019-19679 (In "Xray Test Management for Jira" prior to version 3.5.5, remote auth ...)
	NOT-FOR-US: Xray Test Management for Jira
CVE-2019-19678 (In "Xray Test Management for Jira" prior to version 3.5.5, remote auth ...)
	NOT-FOR-US: Xray Test Management for Jira
CVE-2019-19677 (arxes-tolina 3.0.0 allows User Enumeration. ...)
	NOT-FOR-US: Arxes Tolina
CVE-2019-19676 (A CSV injection in arxes-tolina 3.0.0 allows malicious users to gain r ...)
	NOT-FOR-US: Arxes Tolina
CVE-2019-19675 (In Ivanti Workspace Control before 10.3.180.0. a locally authenticated ...)
	NOT-FOR-US: Ivanti Workspace Control
CVE-2019-19674
	RESERVED
CVE-2019-19673
	RESERVED
CVE-2019-19672
	RESERVED
CVE-2019-19671
	RESERVED
CVE-2019-19670 (A HTTP Response Splitting vulnerability was identified in the Web Sett ...)
	NOT-FOR-US: Rumpus FTP Server
CVE-2019-19669 (A CSRF vulnerability exists in the Upload Center Forms Component of We ...)
	NOT-FOR-US: Rumpus FTP
CVE-2019-19668 (A CSRF vulnerability exists in the File Types component of Web File Ma ...)
	NOT-FOR-US: Rumpus FTP
CVE-2019-19667 (A CSRF vulnerability exists in the Block Clients component of Web File ...)
	NOT-FOR-US: Rumpus FTP
CVE-2019-19666 (A CSRF vulnerability exists in the Event Notices Settings of Web File  ...)
	NOT-FOR-US: Rumpus FTP
CVE-2019-19665 (A CSRF vulnerability exists in the FTP Settings of Web File Manager in ...)
	NOT-FOR-US: Rumpus FTP
CVE-2019-19664 (A CSRF vulnerability exists in the Web Settings of Web File Manager in ...)
	NOT-FOR-US: Rumpus FTP
CVE-2019-19663 (A CSRF vulnerability exists in the Folder Sets Settings of Web File Ma ...)
	NOT-FOR-US: Rumpus FTP
CVE-2019-19662 (A CSRF vulnerability exists in the Web File Manager's Create/Delete Ac ...)
	NOT-FOR-US: Rumpus FTP
CVE-2019-19661 (A Cookie based reflected XSS exists in the Web File Manager of Rumpus  ...)
	NOT-FOR-US: Rumpus FTP
CVE-2019-19660 (A CSRF vulnerability exists in the Web File Manager's Network Setting  ...)
	NOT-FOR-US: Rumpus FTP
CVE-2019-19659 (A CSRF vulnerability exists in the Web File Manager's Edit Accounts fu ...)
	NOT-FOR-US: Rumpus FTP
CVE-2019-19658
	RESERVED
CVE-2019-19657
	RESERVED
CVE-2019-19656
	RESERVED
CVE-2019-19655
	RESERVED
CVE-2019-19654
	RESERVED
CVE-2019-19653
	RESERVED
CVE-2019-19652
	RESERVED
CVE-2019-19651
	RESERVED
CVE-2019-19650 (Zoho ManageEngine Applications Manager before 13640 allows a remote au ...)
	NOT-FOR-US: Zoho ManageEngine Applications Manager
CVE-2019-19649 (Zoho ManageEngine Applications Manager before 13620 allows a remote un ...)
	NOT-FOR-US: Zoho ManageEngine Applications Manager
CVE-2019-19648 (In the macho_parse_file functionality in macho/macho.c of YARA 3.11.0, ...)
	- yara <unfixed>
	[buster] - yara <no-dsa> (Minor issue)
	[stretch] - yara <no-dsa> (Minor issue)
	[jessie] - yara <no-dsa> (Minor issue)
	NOTE: https://github.com/VirusTotal/yara/issues/1178
CVE-2019-19647 (radare2 through 4.0.0 lacks validation of the content variable in the  ...)
	- radare2 4.2.1+dfsg-1 (bug #947402)
	[jessie] - radare2 <no-dsa> (Minor issue)
	NOTE: https://github.com/radareorg/radare2/issues/15545
	NOTE: https://github.com/radareorg/radare2/commit/07b5e062f2d4a00403ff031302cb18dfa58e3805 (4.1.0)
CVE-2019-19646 (pragma.c in SQLite through 3.30.1 mishandles NOT NULL in an integrity_ ...)
	- sqlite3 <not-affected> (Generated column support added later)
	NOTE: https://github.com/sqlite/sqlite/commit/926f796e8feec15f3836aa0a060ed906f8ae04d3
	NOTE: https://github.com/sqlite/sqlite/commit/ebd70eedd5d6e6a890a670b5ee874a5eae86b4dd
CVE-2019-19645 (alter.c in SQLite through 3.30.1 allows attackers to trigger infinite  ...)
	- sqlite3 3.30.1+fossil191229-1 (bug #946612)
	[buster] - sqlite3 <no-dsa> (Minor issue)
	[stretch] - sqlite3 <no-dsa> (Minor issue)
	[jessie] - sqlite3 <no-dsa> (Minor issue)
	NOTE: https://github.com/sqlite/sqlite/commit/38096961c7cd109110ac21d3ed7dad7e0cb0ae06
CVE-2019-19644
	RESERVED
CVE-2019-19643
	RESERVED
CVE-2019-19642 (On SuperMicro X8STi-F motherboards with IPMI firmware 2.06 and BIOS 02 ...)
	NOT-FOR-US: SuperMicro
CVE-2019-19641
	RESERVED
CVE-2019-19640
	RESERVED
CVE-2019-19639
	RESERVED
CVE-2019-19638 (An issue was discovered in libsixel 1.8.2. There is a heap-based buffe ...)
	- libsixel 1.8.6-1 (low; bug #948103)
	[buster] - libsixel <no-dsa> (Minor issue)
	[stretch] - libsixel <no-dsa> (Minor issue)
	[jessie] - libsixel <no-dsa> (Minor issue)
	NOTE: https://github.com/saitoha/libsixel/issues/102
CVE-2019-19637 (An issue was discovered in libsixel 1.8.2. There is an integer overflo ...)
	- libsixel 1.8.6-1 (low; bug #948103)
	[buster] - libsixel <no-dsa> (Minor issue)
	[stretch] - libsixel <no-dsa> (Minor issue)
	[jessie] - libsixel <no-dsa> (Minor issue)
	NOTE: https://github.com/saitoha/libsixel/issues/105
CVE-2019-19636 (An issue was discovered in libsixel 1.8.2. There is an integer overflo ...)
	- libsixel 1.8.6-1 (low; bug #948103)
	[buster] - libsixel <no-dsa> (Minor issue)
	[stretch] - libsixel <no-dsa> (Minor issue)
	[jessie] - libsixel <no-dsa> (Minor issue)
	NOTE: https://github.com/saitoha/libsixel/issues/104
CVE-2019-19635 (An issue was discovered in libsixel 1.8.2. There is a heap-based buffe ...)
	- libsixel 1.8.6-1 (low; bug #948103)
	[buster] - libsixel <no-dsa> (Minor issue)
	[stretch] - libsixel <no-dsa> (Minor issue)
	[jessie] - libsixel <no-dsa> (Minor issue)
	NOTE: https://github.com/saitoha/libsixel/issues/103
CVE-2019-19634 (class.upload.php in verot.net class.upload through 1.0.3 and 2.x throu ...)
	NOT-FOR-US: K2 extension for Joomla!
CVE-2019-19633
	RESERVED
CVE-2019-19632 (An issue was discovered in Big Switch Big Monitoring Fabric 6.2 throug ...)
	NOT-FOR-US: Big Switch Networks
CVE-2019-19631 (An issue was discovered in Big Switch Big Monitoring Fabric 6.2 throug ...)
	NOT-FOR-US: Big Switch Networks
CVE-2019-19630 (HTMLDOC 1.9.7 allows a stack-based buffer overflow in the hd_strlcpy() ...)
	{DLA-2026-1}
	- htmldoc 1.9.7-1 (low)
	[buster] - htmldoc <no-dsa> (Minor issue)
	[stretch] - htmldoc <no-dsa> (Minor issue)
	NOTE: https://github.com/michaelrsweet/htmldoc/issues/370
	NOTE: https://github.com/michaelrsweet/htmldoc/commit/8a129c520e90fc967351f3e165f967128a88f09c
CVE-2019-19629 (In GitLab EE 10.5 through 12.5.3, 12.4.5, and 12.3.8, when transferrin ...)
	- gitlab <not-affected> (Only affects Gitlab EE)
	NOTE: https://about.gitlab.com/blog/2019/12/10/critical-security-release-gitlab-12-5-4-released/
CVE-2019-19628 (In GitLab EE 11.3 through 12.5.3, 12.4.5, and 12.3.8, insufficient par ...)
	- gitlab <not-affected> (Only affects Gitlab EE)
	NOTE: https://about.gitlab.com/blog/2019/12/10/critical-security-release-gitlab-12-5-4-released/
CVE-2019-19627 (SROS 2 0.8.1 (after CVE-2019-19625 is mitigated) leaks ROS 2 node-rela ...)
	NOT-FOR-US: SROS
CVE-2019-19626
	RESERVED
CVE-2019-19625 (SROS 2 0.8.1 (which provides the tools that generate and distribute ke ...)
	NOT-FOR-US: SROS
CVE-2019-19624 (An out-of-bounds read was discovered in OpenCV before 4.1.1. Specifica ...)
	- opencv 4.1.2+dfsg-3
	[buster] - opencv <no-dsa> (Minor issue; can be fixed via point release)
	[stretch] - opencv <not-affected> (Vulnerable code introduced later)
	[jessie] - opencv <not-affected> (Vulnerable code introduced later)
	NOTE: https://github.com/opencv/opencv/commit/d1615ba11a93062b1429fce9f0f638d1572d3418
	NOTE: https://github.com/opencv/opencv/issues/14554
CVE-2019-19623
	RESERVED
CVE-2019-19622
	RESERVED
CVE-2019-19621
	RESERVED
CVE-2019-19620 (In SecureWorks Red Cloak Windows Agent before 2.0.7.9, a local user ca ...)
	NOT-FOR-US: SecureWorks Red Cloak Windows Agent
CVE-2019-19619 (domain/section/markdown/markdown.go in Documize before 3.5.1 mishandle ...)
	NOT-FOR-US: Documize
CVE-2019-19618
	RESERVED
CVE-2019-19617 (phpMyAdmin before 4.9.2 does not escape certain Git information, relat ...)
	{DLA-2024-1}
	- phpmyadmin 4:4.9.2+dfsg1-1
	[stretch] - phpmyadmin <no-dsa> (Minor issue)
	NOTE: https://github.com/phpmyadmin/phpmyadmin/commit/1119de642b136d20e810bb20f545069a01dd7cc9
CVE-2019-19616 (An Insecure Direct Object Reference (IDOR) vulnerability in the Xtivia ...)
	NOT-FOR-US: Microsoft Dynamics NAV
CVE-2019-19615 (Multiple XSS vulnerabilities exist in the Backup &amp; Restore module  ...)
	NOT-FOR-US: FreePBX
CVE-2019-19614 (An issue was discovered in Halvotec RAQuest 10.23.10801.0. The login p ...)
	NOT-FOR-US: Halvotec RAQuest
CVE-2019-19613 (** DISPUTED ** An issue was discovered in Halvotec RaQuest 10.23.10801 ...)
	NOT-FOR-US: Halvotec RaQuest
CVE-2019-19612 (** DISPUTED ** An issue was discovered in Halvotec RaQuest 10.23.10801 ...)
	NOT-FOR-US: Halvotec RaQuest
CVE-2019-19611 (An issue was discovered in Halvotec RaQuest 10.23.10801.0. One of the  ...)
	NOT-FOR-US: Halvotec RaQuest
CVE-2019-19610 (** DISPUTED ** An issue was discovered in Halvotec RaQuest 10.23.10801 ...)
	NOT-FOR-US: Halvotec RaQuest
CVE-2019-19609 (The Strapi framework before 3.0.0-beta.17.8 is vulnerable to Remote Co ...)
	NOT-FOR-US: Strapi
CVE-2019-19608 (A SQL injection vulnerability in in the web conferencing component of  ...)
	NOT-FOR-US: Mitel
CVE-2019-19607 (A SQL injection vulnerability in the web conferencing component of Mit ...)
	NOT-FOR-US: Mitel
CVE-2019-19606 (X-Plane before 11.41 has multiple improper path validations that could ...)
	NOT-FOR-US: X-Plane
CVE-2019-19605 (X-Plane before 11.41 allows Arbitrary Memory Write via crafted network ...)
	NOT-FOR-US: X-Plane
CVE-2019-19604 (Arbitrary command execution is possible in Git before 2.20.2, 2.21.x b ...)
	- git 1:2.24.0-2
	[buster] - git 1:2.20.1-2+deb10u1
	[stretch] - git <not-affected> (Vulnerable code introduced in v2.20.0-rc0)
	[jessie] - git <not-affected> (Vulnerable code introduced in v2.20.0-rc0)
	NOTE: https://git.kernel.org/pub/scm/git/git.git/commit/?id=e904deb89d9a9669a76a426182506a084d3f6308
	NOTE: https://git.kernel.org/pub/scm/git/git.git/commit/?id=bb92255ebe6bccd76227e023d6d0bc997e318ad0
	NOTE: https://git.kernel.org/pub/scm/git/git.git/commit/?id=c1547450748fcbac21675f2681506d2d80351a19
	NOTE: Upstream did backport fixes for CVE-2019-19604 to older versions as the introducing
	NOTE: version for sake of robustness/hardening. In particular, the server-side protection
	NOTE: provided by the fsck  is useful for protecting unpatched clients that are affected
	NOTE: by the bug.
	NOTE: https://gitlab.com/gitlab-com/gl-security/disclosures/blob/master/003_git_submodule/advisory.md
	NOTE: https://www.openwall.com/lists/oss-security/2019/12/13/1
CVE-2019-19603 (SQLite 3.30.1 mishandles certain SELECT statements with a nonexistent  ...)
	- sqlite3 3.30.1+fossil191229-1
	[buster] - sqlite3 <no-dsa> (Minor issue)
	[stretch] - sqlite3 <no-dsa> (Minor issue)
	[jessie] - sqlite3 <no-dsa> (Minor issue)
	NOTE: https://github.com/sqlite/sqlite/commit/527cbd4a104cb93bf3994b3dd3619a6299a78b13
CVE-2019-19601 (OpenDetex 2.8.5 has a Buffer Overflow in TexOpen in detex.l because of ...)
	- texlive-bin <unfixed> (unimportant; bug #949630)
	NOTE: https://github.com/pkubowicz/opendetex/issues/60
	NOTE: Debian builds using the kpathsea codepaths.
CVE-2019-19600
	RESERVED
CVE-2019-19599
	RESERVED
CVE-2019-19602 (fpregs_state_valid in arch/x86/include/asm/fpu/internal.h in the Linux ...)
	- linux 5.3.15-1
	[buster] - linux <not-affected> (Vulnerable code introduced later)
	[stretch] - linux <not-affected> (Vulnerable code introduced later)
	[jessie] - linux <not-affected> (Vulnerable code introduced later)
	NOTE: https://git.kernel.org/linus/59c4bd853abcea95eccc167a7d7fd5f1a5f47b98
CVE-2019-19598 (D-Link DAP-1860 devices before v1.04b03 Beta allow access to administr ...)
	NOT-FOR-US: D-Link
CVE-2019-19597 (D-Link DAP-1860 devices before v1.04b03 Beta allow arbitrary remote co ...)
	NOT-FOR-US: D-Link
CVE-2019-19596 (GitBook through 2.6.9 allows XSS via a local .md file. ...)
	NOT-FOR-US: GitBook
CVE-2019-19595 (reset/modules/advanced_form_maker_edit/multiupload/upload.php in the R ...)
	NOT-FOR-US: RESET.PRO Adobe Stock API integration for PrestaShop
CVE-2019-19594 (reset/modules/fotoliaFoto/multi_upload.php in the RESET.PRO Adobe Stoc ...)
	NOT-FOR-US: Adobe Stock API integration for PrestaShop
CVE-2019-19593
	RESERVED
CVE-2019-19592 (Jama Connect 8.44.0 is vulnerable to stored Cross-Site Scripting ...)
	NOT-FOR-US: Jama Connect
CVE-2019-19591
	RESERVED
CVE-2019-19590 (In radare2 through 4.0, there is an integer overflow for the variable  ...)
	- radare2 4.2.1+dfsg-1 (bug #947791)
	[jessie] - radare2 <no-dsa> (Minor issue)
	NOTE: https://github.com/radareorg/radare2/issues/15543
	NOTE: https://github.com/radareorg/radare2/commit/9bbc63ffa0e93aa054e262cdfb973326935a2d70
CVE-2019-19589 (The Lever PDF Embedder plugin 4.4 for WordPress does not block the dis ...)
	NOT-FOR-US: Lever PDF Embedder plugin for WordPress
CVE-2019-19588 (The validators package 0.12.2 through 0.12.5 for Python enters an infi ...)
	NOT-FOR-US: validators Python package
CVE-2019-19587 (In WSO2 Enterprise Integrator 6.5.0, reflected XSS occurs when updatin ...)
	NOT-FOR-US: WSO2 Enterprise Integrator
CVE-2019-19586
	RESERVED
CVE-2019-19585 (An issue was discovered in rConfig 3.9.3. The install script updates t ...)
	NOT-FOR-US: rConfig
CVE-2019-19584
	RESERVED
CVE-2019-19583 (An issue was discovered in Xen through 4.12.x allowing x86 HVM/PVH gue ...)
	{DSA-4602-1}
	- xen 4.11.3+24-g14b62ab3e5-1 (bug #947944)
	[jessie] - xen <end-of-life> (Not supported in jessie LTS)
	NOTE: https://xenbits.xen.org/xsa/advisory-308.html
CVE-2019-19582 (An issue was discovered in Xen through 4.12.x allowing x86 guest OS us ...)
	{DSA-4602-1}
	- xen 4.11.3+24-g14b62ab3e5-1 (bug #947944)
	[jessie] - xen <end-of-life> (Not supported in jessie LTS)
	NOTE: https://xenbits.xen.org/xsa/advisory-307.html
CVE-2019-19581 (An issue was discovered in Xen through 4.12.x allowing 32-bit Arm gues ...)
	{DSA-4602-1}
	- xen 4.11.3+24-g14b62ab3e5-1 (bug #947944)
	[jessie] - xen <end-of-life> (Not supported in jessie LTS)
	NOTE: https://xenbits.xen.org/xsa/advisory-307.html
CVE-2019-19580 (An issue was discovered in Xen through 4.12.x allowing x86 PV guest OS ...)
	{DSA-4602-1}
	- xen 4.11.3+24-g14b62ab3e5-1 (bug #947944)
	[jessie] - xen <end-of-life> (Not supported in jessie LTS)
	NOTE: https://xenbits.xen.org/xsa/advisory-310.html
CVE-2019-19578 (An issue was discovered in Xen through 4.12.x allowing x86 PV guest OS ...)
	{DSA-4602-1}
	- xen 4.11.3+24-g14b62ab3e5-1 (bug #947944)
	[jessie] - xen <end-of-life> (Not supported in jessie LTS)
	NOTE: https://xenbits.xen.org/xsa/advisory-309.html
CVE-2019-19577 (An issue was discovered in Xen through 4.12.x allowing x86 AMD HVM gue ...)
	{DSA-4602-1}
	- xen 4.11.3+24-g14b62ab3e5-1 (bug #947944)
	[jessie] - xen <end-of-life> (Not supported in jessie LTS)
	NOTE: https://xenbits.xen.org/xsa/advisory-311.html
CVE-2019-19579 (An issue was discovered in Xen through 4.12.x allowing attackers to ga ...)
	{DSA-4602-1}
	- xen 4.11.3+24-g14b62ab3e5-1 (bug #947944)
	[jessie] - xen <end-of-life> (Not supported in jessie LTS)
	NOTE: https://xenbits.xen.org/xsa/advisory-306.html
CVE-2019-19576 (class.upload.php in verot.net class.upload before 1.0.3 and 2.x before ...)
	NOT-FOR-US: K2 extension for Joomla!
CVE-2019-19575
	RESERVED
CVE-2019-19574
	RESERVED
CVE-2019-19573
	RESERVED
CVE-2019-19572
	RESERVED
CVE-2019-19571
	RESERVED
CVE-2019-19570
	RESERVED
CVE-2019-19569
	RESERVED
CVE-2019-19568
	RESERVED
CVE-2019-19567
	RESERVED
CVE-2019-19566
	RESERVED
CVE-2019-19565
	RESERVED
CVE-2019-19564
	RESERVED
CVE-2019-19563
	RESERVED
CVE-2019-19562
	RESERVED
CVE-2019-19561
	RESERVED
CVE-2019-19560
	RESERVED
CVE-2019-19559
	RESERVED
CVE-2019-19558
	RESERVED
CVE-2019-19557
	RESERVED
CVE-2019-19556
	RESERVED
CVE-2019-19555 (read_textobject in read.c in Xfig fig2dev 3.2.7b has a stack-based buf ...)
	{DLA-2073-1}
	- fig2dev 1:3.2.7b-2 (unimportant; bug #946176)
	[buster] - fig2dev 1:3.2.7a-5+deb10u2
	[stretch] - fig2dev 1:3.2.6a-2+deb9u3
	- transfig <removed> (unimportant)
	NOTE: https://sourceforge.net/p/mcj/tickets/55/
	NOTE: https://sourceforge.net/p/mcj/fig2dev/ci/19db5fe6f77ebad91af4b4ef0defd61bd0bb358f/
	NOTE: Crash in CLI tool, negligible security impact
CVE-2019-19554
	RESERVED
CVE-2019-19553 (In Wireshark 3.0.0 to 3.0.6 and 2.6.0 to 2.6.12, the CMS dissector cou ...)
	- wireshark 3.0.7-1 (low)
	[buster] - wireshark <postponed> (Can be fixed along in next 3.0.x DSA)
	[stretch] - wireshark <postponed> (Can be fixed along in next 2.6.x DSA)
	[jessie] - wireshark <postponed> (Can be fixed along in next 1.12.x DLA)
	NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=15961
	NOTE: https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=34d2e0d5318d0a7e9889498c721639e5cbf4ce45
	NOTE: https://www.wireshark.org/security/wnpa-sec-2019-22.html
CVE-2019-19552 (In userman 13.0.76.43 through 15.0.20 in Sangoma FreePBX, XSS exists i ...)
	NOT-FOR-US: FreePBX
CVE-2019-19551 (In userman 13.0.76.43 through 15.0.20 in Sangoma FreePBX, XSS exists i ...)
	NOT-FOR-US: FreePBX
CVE-2019-19550 (Remote Authentication Bypass in Senior Rubiweb 6.2.34.28 and 6.2.34.37 ...)
	NOT-FOR-US: Senior Rubiweb
CVE-2019-19549
	RESERVED
CVE-2019-19548 (Norton Power Eraser, prior to 5.3.0.67, may be susceptible to a privil ...)
	NOT-FOR-US: Norton
CVE-2019-19547 (Symantec Endpoint Detection and Response (SEDR), prior to 4.3.0, may b ...)
	NOT-FOR-US: Symantec
CVE-2019-19546 (Norton Password Manager, prior to 6.6.2.5, may be susceptible to an in ...)
	NOT-FOR-US: Norton Password Manager
CVE-2019-19545 (Norton Password Manager, prior to 6.6.2.5, may be susceptible to a cro ...)
	NOT-FOR-US: Norton Password Manager
CVE-2019-19544 (CA Automic Dollar Universe 5.3.3 contains a vulnerability, related to  ...)
	NOT-FOR-US: CA Automic Dollar Universe
CVE-2019-19542 (The ListingPro theme before v2.0.14.2 for WordPress has Persistent XSS ...)
	NOT-FOR-US: ListingPro theme for WordPress
CVE-2019-19541 (The ListingPro theme before v2.0.14.2 for WordPress has Persistent XSS ...)
	NOT-FOR-US: ListingPro theme for WordPress
CVE-2019-19540 (The ListingPro theme before v2.0.14.2 for WordPress has Reflected XSS  ...)
	NOT-FOR-US: ListingPro theme for WordPress
CVE-2019-19543 (In the Linux kernel before 5.1.6, there is a use-after-free in serial_ ...)
	- linux 5.2.6-1
	[buster] - linux 4.19.67-1
	[stretch] - linux <not-affected> (Vulnerability introduced later)
	[jessie] - linux <not-affected> (Vulnerability introduced later)
	NOTE: https://git.kernel.org/linus/56cd26b618855c9af48c8301aa6754ced8dd0beb
CVE-2019-19539 (An issue was discovered in Idelji Web ViewPoint H01ABO-H01BY and L01AB ...)
	NOT-FOR-US: Idelji Web ViewPoint
CVE-2019-19538 (In Sangoma FreePBX 13 through 15 and sysadmin (aka System Admin) 13.0. ...)
	NOT-FOR-US: FreePBX
CVE-2019-19537 (In the Linux kernel before 5.2.10, there is a race condition bug that  ...)
	{DLA-2114-1 DLA-2068-1}
	- linux 5.2.17-1
	[buster] - linux 4.19.87-1
	[stretch] - linux 4.9.210-1
	NOTE: https://git.kernel.org/linus/303911cfc5b95d33687d9046133ff184cf5043ff
CVE-2019-19536 (In the Linux kernel before 5.2.9, there is an info-leak bug that can b ...)
	{DLA-2114-1 DLA-2068-1}
	- linux 5.2.9-1
	[buster] - linux 4.19.67-1
	[stretch] - linux 4.9.210-1
	NOTE: https://git.kernel.org/linus/ead16e53c2f0ed946d82d4037c630e2f60f4ab69
CVE-2019-19535 (In the Linux kernel before 5.2.9, there is an info-leak bug that can b ...)
	{DLA-2114-1}
	- linux 5.2.9-1
	[buster] - linux 4.19.67-1
	[stretch] - linux 4.9.210-1
	[jessie] - linux <not-affected> (Vulnerable code not present)
	NOTE: https://git.kernel.org/linus/30a8beeb3042f49d0537b7050fd21b490166a3d9
CVE-2019-19534 (In the Linux kernel before 5.3.11, there is an info-leak bug that can  ...)
	{DLA-2114-1 DLA-2068-1}
	- linux 5.3.15-1
	[buster] - linux 4.19.87-1
	[stretch] - linux 4.9.210-1
	NOTE: https://git.kernel.org/linus/f7a1337f0d29b98733c8824e165fca3371d7d4fd
CVE-2019-19533 (In the Linux kernel before 5.3.4, there is an info-leak bug that can b ...)
	{DLA-2114-1 DLA-2068-1}
	- linux 5.3.7-1
	[buster] - linux 4.19.87-1
	[stretch] - linux 4.9.210-1
	NOTE: https://git.kernel.org/linus/a10feaf8c464c3f9cfdd3a8a7ce17e1c0d498da1
CVE-2019-19532 (In the Linux kernel before 5.3.9, there are multiple out-of-bounds wri ...)
	{DLA-2114-1 DLA-2068-1}
	- linux 5.3.9-1
	[buster] - linux 4.19.87-1
	[stretch] - linux 4.9.210-1
	NOTE: https://git.kernel.org/linus/d9d4b1e46d9543a82c23f6df03f4ad697dab361b
CVE-2019-19531 (In the Linux kernel before 5.2.9, there is a use-after-free bug that c ...)
	{DLA-2114-1 DLA-2068-1}
	- linux 5.2.9-1
	[buster] - linux 4.19.67-1
	[stretch] - linux 4.9.210-1
	NOTE: https://git.kernel.org/linus/fc05481b2fcabaaeccf63e32ac1baab54e5b6963
CVE-2019-19530 (In the Linux kernel before 5.2.10, there is a use-after-free bug that  ...)
	{DLA-2114-1 DLA-2068-1}
	- linux 5.2.17-1
	[buster] - linux 4.19.87-1
	[stretch] - linux 4.9.210-1
	NOTE: https://git.kernel.org/linus/c52873e5a1ef72f845526d9f6a50704433f9c625
CVE-2019-19529 (In the Linux kernel before 5.3.11, there is a use-after-free bug that  ...)
	- linux 5.3.15-1
	[buster] - linux 4.19.87-1
	[stretch] - linux <not-affected> (Vulnerable code not present)
	[jessie] - linux <not-affected> (Vulnerable code not present)
	NOTE: https://git.kernel.org/linus/4d6636498c41891d0482a914dd570343a838ad79
CVE-2019-19528 (In the Linux kernel before 5.3.7, there is a use-after-free bug that c ...)
	- linux 5.3.7-1
	[buster] - linux 4.19.87-1
	[stretch] - linux <not-affected> (Vulnerable code not yet present in released version)
	[jessie] - linux <not-affected> (Vulnerable code not present)
	NOTE: https://git.kernel.org/linus/edc4746f253d907d048de680a621e121517f484b
CVE-2019-19527 (In the Linux kernel before 5.2.10, there is a use-after-free bug that  ...)
	{DLA-2114-1 DLA-2068-1}
	- linux 5.2.17-1
	[buster] - linux 4.19.87-1
	[stretch] - linux 4.9.210-1
	NOTE: https://git.kernel.org/linus/6d4472d7bec39917b54e4e80245784ea5d60ce49
	NOTE: https://git.kernel.org/linus/9c09b214f30e3c11f9b0b03f89442df03643794d
CVE-2019-19526 (In the Linux kernel before 5.3.9, there is a use-after-free bug that c ...)
	- linux 5.3.9-1
	[buster] - linux 4.19.87-1
	[stretch] - linux <not-affected> (Vulnerability introduced later)
	[jessie] - linux <not-affected> (Vulnerability introduced later)
	NOTE: https://git.kernel.org/linus/6af3aa57a0984e061f61308fe181a9a12359fecc
CVE-2019-19525 (In the Linux kernel before 5.3.6, there is a use-after-free bug that c ...)
	{DLA-2114-1}
	- linux 5.3.7-1
	[buster] - linux 4.19.87-1
	[stretch] - linux 4.9.210-1
	[jessie] - linux <not-affected> (Vulnerable code not present)
	NOTE: https://git.kernel.org/linus/7fd25e6fc035f4b04b75bca6d7e8daa069603a76
CVE-2019-19524 (In the Linux kernel before 5.3.12, there is a use-after-free bug that  ...)
	{DLA-2114-1 DLA-2068-1}
	- linux 5.3.15-1
	[buster] - linux 4.19.87-1
	[stretch] - linux 4.9.210-1
	NOTE: https://git.kernel.org/linus/fa3a5a1880c91bb92594ad42dfe9eedad7996b86
CVE-2019-19523 (In the Linux kernel before 5.3.7, there is a use-after-free bug that c ...)
	{DLA-2114-1 DLA-2068-1}
	- linux 5.3.7-1
	[buster] - linux 4.19.87-1
	[stretch] - linux 4.9.210-1
	NOTE: https://git.kernel.org/linus/44efc269db7929f6275a1fa927ef082e533ecde0
CVE-2019-19522 (OpenBSD 6.6, in a non-default configuration where S/Key or YubiKey aut ...)
	NOT-FOR-US: OpenBSD
CVE-2019-19521 (libc in OpenBSD 6.6 allows authentication bypass via the -schallenge u ...)
	NOT-FOR-US: OpenBSD
CVE-2019-19520 (xlock in OpenBSD 6.6 allows local users to gain the privileges of the  ...)
	NOT-FOR-US: OpenBSD
CVE-2019-19519 (In OpenBSD 6.6, local users can use the su -L option to achieve any lo ...)
	NOT-FOR-US: OpenBSD
CVE-2019-19518 (CA Automic Sysload 5.6.0 through 6.1.2 contains a vulnerability, relat ...)
	NOT-FOR-US: CA Automic Sysload
CVE-2019-19517
	RESERVED
CVE-2019-19516 (Intelbras WRN 150 1.0.18 devices allow CSRF via GO=system_password.asp ...)
	NOT-FOR-US: Intelbras WRN
CVE-2019-19515
	RESERVED
CVE-2019-19514
	RESERVED
CVE-2019-19513
	RESERVED
CVE-2019-19512
	RESERVED
CVE-2019-19511
	RESERVED
CVE-2019-19510
	RESERVED
CVE-2019-19509 (An issue was discovered in rConfig 3.9.3. A remote authenticated user  ...)
	NOT-FOR-US: rConfig
CVE-2019-19508
	RESERVED
CVE-2019-19507 (In jpv (aka Json Pattern Validator) before 2.1.1, compareCommon() can  ...)
	NOT-FOR-US: Json Pattern Validator
CVE-2019-19506
	RESERVED
CVE-2019-19505
	RESERVED
CVE-2019-19504
	RESERVED
CVE-2019-19503
	RESERVED
CVE-2019-19502 (Code injection in pluginconfig.php in Image Uploader and Browser for C ...)
	NOT-FOR-US: ckeditor plugin
CVE-2019-19501 (VeraCrypt 1.24 allows Local Privilege Escalation during execution of V ...)
	NOT-FOR-US: VeraCrypt
CVE-2019-19500
	RESERVED
CVE-2019-19499
	RESERVED
CVE-2019-19498
	RESERVED
CVE-2019-19497 (MDaemon Email Server 17.5.1 allows XSS via the filename of an attachme ...)
	NOT-FOR-US: MDaemon Email Server
CVE-2019-19496 (Alfresco Enterprise before 5.2.5 allows stored XSS via an uploaded HTM ...)
	NOT-FOR-US: Alfresco
CVE-2019-19495 (The web interface on the Technicolor TC7230 STEB 01.25 is vulnerable t ...)
	NOT-FOR-US: Technicolor
CVE-2019-19494 (Broadcom based cable modems across multiple vendors are vulnerable to  ...)
	NOT-FOR-US: Broadcom based cable modems
CVE-2019-19493 (Kentico before 12.0.50 allows file uploads in which the Content-Type h ...)
	NOT-FOR-US: Kentico
CVE-2019-19492 (FreeSWITCH 1.6.10 through 1.10.1 has a default password in event_socke ...)
	- freeswitch <itp> (bug #389591)
CVE-2019-19491 (TestLink 1.9.19 has XSS via the lib/testcases/archiveData.php edit par ...)
	NOT-FOR-US: TestLink
CVE-2019-19490 (LiteManager 4.5.0 has weak permissions (Everyone: Full Control) in the ...)
	NOT-FOR-US: LiteManager
CVE-2019-19489 (SMPlayer 19.5.0 has a buffer overflow via a long .m3u file. ...)
	NOTE: Bogus report, smplayer correctly bails out
CVE-2019-19488
	RESERVED
CVE-2019-19487 (Command Injection in minPlayCommand.php in Centreon (19.04.4 and below ...)
	- centreon-web <itp> (bug #913903)
CVE-2019-19486 (Local File Inclusion in minPlayCommand.php in Centreon (19.04.4 and be ...)
	- centreon-web <itp> (bug #913903)
CVE-2019-19485
	RESERVED
CVE-2019-19484 (Open redirect via parameter &#8216;p&#8217; in login.php in Centreon ( ...)
	- centreon-web <itp> (bug #913903)
CVE-2019-19483
	RESERVED
CVE-2019-19482
	RESERVED
CVE-2019-19481 (An issue was discovered in OpenSC through 0.19.0 and 0.20.x through 0. ...)
	- opensc 0.19.0~rc1-1
	[stretch] - opensc <not-affected> (Vulnerable code not present)
	[jessie] - opensc <not-affected> (Vulnerable code not present)
	NOTE: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=18618
	NOTE: CAC support added in: https://github.com/OpenSC/OpenSC/commit/777e2a3751e3f6d53f056c98e9e20e42af674fb1 (0.17.0-rc1)
	NOTE: Drop support of CAC1: https://github.com/OpenSC/OpenSC/commit/2190bb927c739852266481d6517aaf3a07b52526 (0.19.0-rc1)
	NOTE: Restored minimal CAC1 driver support: https://github.com/OpenSC/OpenSC/commit/e2b1fb81e0e1339eebaa36fb90635e03f69d4da3 (0.20.0-rc1)
	NOTE: https://github.com/OpenSC/OpenSC/commit/b75c002cfb1fd61cd20ec938ff4937d7b1a94278
	NOTE: Mark 0.19.0~rc1 based version as fixed which removed the affected code, which
	NOTE: later was re-introduced upstream in 0.20.0~rc1 again.
CVE-2019-19480 (An issue was discovered in OpenSC through 0.19.0 and 0.20.x through 0. ...)
	- opensc <not-affected> (Vulnerable code not present)
	NOTE: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=18478
	NOTE: Introduced in: https://github.com/OpenSC/OpenSC/commit/630d6adf32cecaab0ee184618f56497bd50400fb
	NOTE: Fixed by: https://github.com/OpenSC/OpenSC/commit/6ce6152284c47ba9b1d4fe8ff9d2e6a3f5ee02c7
	NOTE: The introducing commit attempted to fix a memory leak issue, and later on
	NOTE: further memleak issues were addressed related to those changes. But those
	NOTE: fixes are not related "directly" to the CVE assignment for the incorrect
	NOTE: free operation in sc_pkcs15_decode_prkdf_entry.
CVE-2019-19479 (An issue was discovered in OpenSC through 0.19.0 and 0.20.x through 0. ...)
	{DLA-2046-1}
	- opensc 0.20.0-1 (bug #947383)
	[buster] - opensc <no-dsa> (Minor issue)
	[stretch] - opensc <no-dsa> (Minor issue)
	NOTE: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=18693
	NOTE: https://github.com/OpenSC/OpenSC/commit/c3f23b836e5a1766c36617fe1da30d22f7b63de2
CVE-2019-19478
	RESERVED
CVE-2019-19477
	RESERVED
CVE-2019-19476
	RESERVED
CVE-2019-19475 (An issue was discovered in ManageEngine Applications Manager 14 with B ...)
	NOT-FOR-US: ManageEngine Applications Manager
CVE-2019-19474
	RESERVED
CVE-2019-19473
	RESERVED
CVE-2019-19472
	RESERVED
CVE-2019-19471
	RESERVED
CVE-2019-19470 (Unsafe usage of .NET deserialization in Named Pipe message processing  ...)
	NOT-FOR-US: TinyWall Controller
CVE-2019-19469 (In Zmanda Management Console 3.3.9, ZMC_Admin_Advanced?form=adminTasks ...)
	NOT-FOR-US: Zmanda Management Console
CVE-2019-19468 (Free Photo Viewer 1.3 allows remote attackers to execute arbitrary cod ...)
	NOT-FOR-US: Free Photo Viewer
CVE-2019-19467
	RESERVED
CVE-2019-19466 (SCEditor 2.1.3 allows XSS. ...)
	NOT-FOR-US: SCEditor
CVE-2019-19465
	RESERVED
CVE-2019-19464 (The CBC Gem application before 9.24.1 for Android and before 9.26.0 fo ...)
	NOT-FOR-US: CBC Gem application for Android
CVE-2019-19463 (The Anhui Huami Mi Fit application before 4.0.11 for Android has an Un ...)
	NOT-FOR-US:  Anhui Huami Mi Fit application for Android
CVE-2019-19462 (relay_open in kernel/relay.c in the Linux kernel through 5.4.1 allows  ...)
	- linux <unfixed>
	[jessie] - linux <not-affected> (Vulnerability introduced later)
CVE-2019-19461 (Post-authentication Stored XSS in Team Password Manager through 7.93.2 ...)
	NOT-FOR-US: Team Password Manager
CVE-2019-19460 (An issue was discovered in SALTO ProAccess SPACE 5.4.3.0. The product' ...)
	NOT-FOR-US: SALTO ProAccess SPACE
CVE-2019-19459 (An issue was discovered in SALTO ProAccess SPACE 5.4.3.0. An attacker  ...)
	NOT-FOR-US: SALTO ProAccess SPACE
CVE-2019-19458 (SALTO ProAccess SPACE 5.4.3.0 allows Directory Traversal in the Data E ...)
	NOT-FOR-US: SALTO ProAccess SPACE
CVE-2019-19457 (SALTO ProAccess SPACE 5.4.3.0 allows XSS. ...)
	NOT-FOR-US: SALTO ProAccess SPACE
CVE-2019-19456
	RESERVED
CVE-2019-19455
	RESERVED
CVE-2019-19454
	RESERVED
CVE-2019-19453
	RESERVED
CVE-2019-19452 (A buffer overflow was found in Patriot Viper RGB through 1.1 when proc ...)
	NOT-FOR-US: Patriot Viper RGB
CVE-2019-19451 (When GNOME Dia before 2019-11-27 is launched with a filename argument  ...)
	- dia <unfixed> (unimportant; bug #945876)
	NOTE: https://gitlab.gnome.org/GNOME/dia/issues/428
	NOTE: Introduced by: https://gitlab.gnome.org/GNOME/dia/commit/9a5f438d4b3e718c8ab0efe01d08ee2c3a0d9a86
	NOTE: Fixed by: https://gitlab.gnome.org/GNOME/dia/commit/baa2df853f9fb770eedcf3d94c7f5becebc90bb9
	NOTE: Negligible security impact, hang in end user tool
CVE-2019-19450
	RESERVED
CVE-2019-19449 (In the Linux kernel 5.0.21, mounting a crafted f2fs filesystem image c ...)
	- linux <unfixed>
	NOTE: https://github.com/bobfuzzer/CVE/tree/master/CVE-2019-19449
CVE-2019-19448 (In the Linux kernel 5.0.21 and 5.3.11, mounting a crafted btrfs filesy ...)
	- linux <unfixed>
	NOTE: https://github.com/bobfuzzer/CVE/tree/master/CVE-2019-19448
CVE-2019-19447 (In the Linux kernel 5.0.21, mounting a crafted ext4 filesystem image,  ...)
	{DLA-2114-1}
	- linux 5.4.6-1
	[buster] - linux 4.19.98-1
	[stretch] - linux 4.9.210-1
	NOTE: https://github.com/bobfuzzer/CVE/tree/master/CVE-2019-19447
	NOTE: https://git.kernel.org/linus/c7df4a1ecb8579838ec8c56b2bb6a6716e974f37
CVE-2019-19446
	RESERVED
CVE-2019-19445
	RESERVED
CVE-2019-19444
	RESERVED
CVE-2019-19443
	RESERVED
CVE-2019-19442
	RESERVED
CVE-2019-19441 (HUAWEI P30 smart phones with versions earlier than 10.0.0.166(C00E66R1 ...)
	NOT-FOR-US: Huawei
CVE-2019-19440
	RESERVED
CVE-2019-19439
	RESERVED
CVE-2019-19438
	RESERVED
CVE-2019-19437
	RESERVED
CVE-2019-19436
	RESERVED
CVE-2019-19435
	RESERVED
CVE-2019-19434
	RESERVED
CVE-2019-19433
	RESERVED
CVE-2019-19432
	RESERVED
CVE-2019-19431
	RESERVED
CVE-2019-19430
	RESERVED
CVE-2019-19429
	RESERVED
CVE-2019-19428
	RESERVED
CVE-2019-19427
	RESERVED
CVE-2019-19426
	RESERVED
CVE-2019-19425
	RESERVED
CVE-2019-19424
	RESERVED
CVE-2019-19423
	RESERVED
CVE-2019-19422
	RESERVED
CVE-2019-19421
	RESERVED
CVE-2019-19420
	RESERVED
CVE-2019-19419
	RESERVED
CVE-2019-19418
	RESERVED
CVE-2019-19417
	RESERVED
CVE-2019-19416
	RESERVED
CVE-2019-19415
	RESERVED
CVE-2019-19414 (There is an integer overflow vulnerability in LDAP server of some Huaw ...)
	NOT-FOR-US: Huawei
CVE-2019-19413 (There is an integer overflow vulnerability in LDAP client of some Huaw ...)
	NOT-FOR-US: Huawei
CVE-2019-19412
	RESERVED
CVE-2019-19411 (USG9500 with versions of V500R001C30SPC100, V500R001C30SPC200, V500R00 ...)
	NOT-FOR-US: Huawei
CVE-2019-19410
	RESERVED
CVE-2019-19409
	RESERVED
CVE-2019-19408
	RESERVED
CVE-2019-19407
	RESERVED
CVE-2019-19406
	RESERVED
CVE-2019-19405
	RESERVED
CVE-2019-19404
	RESERVED
CVE-2019-19403
	RESERVED
CVE-2019-19402
	RESERVED
CVE-2019-19401
	RESERVED
CVE-2019-19400
	RESERVED
CVE-2019-19399
	RESERVED
CVE-2019-19398 (M5 lite 10 with versions of 8.0.0.182(C00) have an insufficient input  ...)
	NOT-FOR-US: Huawei
CVE-2019-19397 (There is a weak algorithm vulnerability in some Huawei products. The a ...)
	NOT-FOR-US: Huawei
CVE-2019-19396 (illumos, as used in OmniOS Community Edition before r151030y, allows a ...)
	NOT-FOR-US: illumos
CVE-2019-19395
	RESERVED
CVE-2019-19394
	RESERVED
CVE-2019-19393
	RESERVED
CVE-2019-19392 (The forDNN.UsersExportImport module before 1.2.0 for DNN (formerly Dot ...)
	NOT-FOR-US: forDNN.UsersExportImport module for DNN
CVE-2019-19391 (** DISPUTED ** In LuaJIT through 2.0.5, as used in Moonjit before 2.1. ...)
	- luajit <unfixed> (bug #946053; unimportant)
	NOTE: https://github.com/LuaJIT/LuaJIT/pull/526
	NOTE: Negligible security impact. The debug library is unsafe per se and one is
	NOTE: not supposed to release an application with the debug library.
CVE-2019-19390
	RESERVED
CVE-2019-19389 (JetBrains Ktor framework before version 1.2.6 was vulnerable to HTTP R ...)
	NOT-FOR-US: JetBrains Ktor framework
CVE-2019-19388 (A cross-site scripting (XSS) vulnerability in app/dialplans/dialplan_d ...)
	NOT-FOR-US: FusionPBX
CVE-2019-19387 (A cross-site scripting (XSS) vulnerability in app/fifo_list/fifo_inter ...)
	NOT-FOR-US: FusionPBX
CVE-2019-19386 (A cross-site scripting (XSS) vulnerability in app/voicemail_greetings/ ...)
	NOT-FOR-US: FusionPBX
CVE-2019-19385 (A cross-site scripting (XSS) vulnerability in app/dialplans/dialplans. ...)
	NOT-FOR-US: FusionPBX
CVE-2019-19384 (A cross-site scripting (XSS) vulnerability in app/fax/fax_log_view.php ...)
	NOT-FOR-US: FusionPBX
CVE-2019-19383 (freeFTPd 1.0.8 has a Post-Authentication Buffer Overflow via a crafted ...)
	NOT-FOR-US: freeFTPd
CVE-2019-19382 (Max Secure Anti Virus Plus 19.0.4.020 has Insecure Permissions on the  ...)
	NOT-FOR-US: Max Secure Anti Virus Plus
CVE-2019-19381 (oauth/oauth2/v1/saml/ in Abacus OAuth Login 2019_01_r4_20191021_0000 b ...)
	NOT-FOR-US: Abacus OAuth Login
CVE-2019-19380
	RESERVED
CVE-2019-19379 (In app/Controller/TagsController.php in MISP 2.4.118, users can bypass ...)
	NOT-FOR-US: MISP
CVE-2019-19378 (In the Linux kernel 5.0.21, mounting a crafted btrfs filesystem image  ...)
	- linux <unfixed>
CVE-2019-19377 (In the Linux kernel 5.0.21, mounting a crafted btrfs filesystem image, ...)
	- linux <unfixed>
	NOTE: https://git.kernel.org/linus/b3ff8f1d380e65dddd772542aa9bff6c86bf715a
CVE-2019-19376 (In Octopus Deploy before 2019.10.6, an authenticated user with TeamEdi ...)
	NOT-FOR-US: Octopus Deploy
CVE-2019-19375 (In Octopus Deploy before 2019.10.7, in a configuration where SSL offlo ...)
	NOT-FOR-US: Octopus Deploy
CVE-2019-19374 (An issue was discovered in core/assets/form/form_question_types/form_q ...)
	NOT-FOR-US: Squiz Matrix CMS
CVE-2019-19373 (An issue was discovered in Squiz Matrix CMS 5.5.0 prior to 5.5.0.3, 5. ...)
	NOT-FOR-US: Squiz Matrix CMS
CVE-2019-19372 (** DISPUTED ** A downloadFile.php download_file path traversal vulnera ...)
	NOT-FOR-US: rConfig
CVE-2019-19371 (A cross-site scripting (XSS) vulnerability in the web conferencing com ...)
	NOT-FOR-US: Mitel
CVE-2019-19370 (A cross-site scripting (XSS) vulnerability in the web conferencing com ...)
	NOT-FOR-US: Mitel
CVE-2019-19369
	RESERVED
CVE-2019-19368 (A Reflected Cross Site Scripting was discovered in the Login page of R ...)
	NOT-FOR-US: Rumpus FTP Web File Manager
CVE-2019-19367 (A cross-site scripting (XSS) vulnerability in app/fax/fax_files.php in ...)
	NOT-FOR-US: FusionPBX
CVE-2019-19366 (A cross-site scripting (XSS) vulnerability in app/xml_cdr/xml_cdr_sear ...)
	NOT-FOR-US: FusionPBX
CVE-2019-19365
	RESERVED
CVE-2019-19364 (A weak malicious user can escalate its privilege whenever CatalystProd ...)
	NOT-FOR-US: Sony Catalyst Production Suite
CVE-2019-19363 (An issue was discovered in Ricoh (including Savin and Lanier) Windows  ...)
	NOT-FOR-US: Ricoh
CVE-2019-19362 (An issue was discovered in the Chat functionality of the TeamViewer de ...)
	NOT-FOR-US: TeamViewer
CVE-2019-19361
	RESERVED
CVE-2019-19360
	RESERVED
CVE-2019-19359
	RESERVED
CVE-2019-19358
	RESERVED
CVE-2019-19357
	RESERVED
CVE-2019-19356 (Netis WF2419 is vulnerable to authenticated Remote Code Execution (RCE ...)
	NOT-FOR-US: Netis WF2419
CVE-2019-19355 (An insecure modification vulnerability in the /etc/passwd file was fou ...)
	NOT-FOR-US: openshift
CVE-2019-19354
	RESERVED
	NOT-FOR-US: openshift
CVE-2019-19353
	RESERVED
	NOT-FOR-US: openshift
CVE-2019-19352
	RESERVED
	NOT-FOR-US: openshift
CVE-2019-19351 (An insecure modification vulnerability in the /etc/passwd file was fou ...)
	NOT-FOR-US: openshift
CVE-2019-19350
	RESERVED
	NOT-FOR-US: openshift
CVE-2019-19349
	RESERVED
	NOT-FOR-US: openshift
CVE-2019-19348 (An insecure modification vulnerability in the /etc/passwd file was fou ...)
	NOT-FOR-US: openshift
CVE-2019-19347
	REJECTED
CVE-2019-19346 (An insecure modification vulnerability in the /etc/passwd file was fou ...)
	NOT-FOR-US: openshift
CVE-2019-19345 (A vulnerability was found in all openshift/mediawiki-apb 4.x.x version ...)
	NOT-FOR-US: openshift
CVE-2019-19344 (There is a use-after-free issue in all samba 4.9.x versions before 4.9 ...)
	- samba 2:4.11.5+dfsg-1 (bug #950499)
	[buster] - samba <no-dsa> (Minor issue)
	[stretch] - samba <not-affected> (Only affects Samba 4.9 onwards)
	[jessie] - samba <not-affected> (Only affects Samba 4.9 onwards)
	NOTE: https://www.samba.org/samba/security/CVE-2019-19344.html
CVE-2019-19343
	RESERVED
	- undertow <unfixed> (bug #948024; unimportant)
	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1780445
	NOTE: Issue affects both Undertow and rmeoting, but for adressing the immediate
	NOTE: issue only af fix via remoting (https://issues.redhat.com/browse/REM3-347)
	NOTE: was added.
CVE-2019-19342 (A flaw was found in Ansible Tower, versions 3.6.x before 3.6.2 and 3.5 ...)
	NOT-FOR-US: Ansible Tower
CVE-2019-19341 (A flaw was found in Ansible Tower, versions 3.6.x before 3.6.2, where  ...)
	NOT-FOR-US: Ansible Tower
CVE-2019-19340 (A flaw was found in Ansible Tower, versions 3.6.x before 3.6.2 and 3.5 ...)
	NOT-FOR-US: Ansible Tower
CVE-2019-19339 (It was found that the Red Hat Enterprise Linux 8 kpatch update did not ...)
	NOT-FOR-US: Red Hat specific kpatch update which was incomplete to address CVE-2018-12207
CVE-2019-19338 [KVM: export MSR_IA32_TSX_CTRL to guest -  incomplete fix for TAA (CVE-2019-11135)]
	RESERVED
	- linux <not-affected> (Only affects specific distro kernels which do not include commit e1d38b63acd8)
	NOTE: https://www.openwall.com/lists/oss-security/2019/12/10/3
	NOTE: https://www.openwall.com/lists/oss-security/2019/12/11/1
CVE-2019-19337 (A flaw was found in Red Hat Ceph Storage version 3 in the way the Ceph ...)
	- ceph <not-affected> (Only affects Ceph as packaged by Red Hat)
CVE-2019-19336 (A cross-site scripting vulnerability was reported in the oVirt-engine' ...)
	NOT-FOR-US: ovirt-engine
CVE-2019-19335 (During installation of an OpenShift 4 cluster, the `openshift-install` ...)
	NOT-FOR-US: OpenShift
CVE-2019-19334 (In all versions of libyang before 1.0-r5, a stack-based buffer overflo ...)
	- libyang 0.16.105-2 (bug #946217)
	[buster] - libyang <no-dsa> (Minor issue)
	NOTE: https://github.com/CESNET/libyang/commit/6980afae2ff9fcd6d67508b0a3f694d75fd059d6
CVE-2019-19333 (In all versions of libyang before 1.0-r5, a stack-based buffer overflo ...)
	- libyang 0.16.105-2 (bug #946217)
	[buster] - libyang <no-dsa> (Minor issue)
	NOTE: https://github.com/CESNET/libyang/commit/f6d684ade99dd37b21babaa8a856f64faa1e2e0d
CVE-2019-19332 (An out-of-bounds memory write issue was found in the Linux Kernel, ver ...)
	{DLA-2114-1 DLA-2068-1}
	- linux 5.4.6-1
	[buster] - linux 4.19.98-1
	[stretch] - linux 4.9.210-1
	NOTE: https://git.kernel.org/linus/433f4ba1904100da65a311033f17a9bf586b287e
CVE-2019-19331 (knot-resolver before version 4.3.0 is vulnerable to denial of service  ...)
	- knot-resolver 5.0.1-1 (bug #946181)
	NOTE: https://www.openwall.com/lists/oss-security/2019/12/04/4
CVE-2019-19329 (In Wikibase Wikidata Query Service GUI before 0.3.6-SNAPSHOT 2019-11-0 ...)
	NOT-FOR-US: Wikibase Wikidata Query Service GUI
CVE-2019-19328 (ui/editor/tooltip/Rdf.js in Wikibase Wikidata Query Service GUI before ...)
	NOT-FOR-US: Wikibase Wikidata Query Service GUI
CVE-2019-19327 (ui/ResultView.js in Wikibase Wikidata Query Service GUI before 0.3.6-S ...)
	NOT-FOR-US: Wikibase Wikidata Query Service GUI
CVE-2019-19326
	RESERVED
CVE-2019-19325 (SilverStripe through 4.4.x before 4.4.5 and 4.5.x before 4.5.2 allows  ...)
	NOT-FOR-US: SilverStripe
CVE-2019-19324 (Xmidt cjwt through 1.0.1 before 2019-11-25 maps unsupported algorithms ...)
	NOT-FOR-US: Xmidt cjwt
CVE-2019-19323
	RESERVED
CVE-2019-19322
	RESERVED
CVE-2019-19321
	RESERVED
CVE-2019-19320
	RESERVED
CVE-2019-19319 (In the Linux kernel 5.0.21, a setxattr operation, after a mount of a c ...)
	- linux 5.3.15-1
CVE-2019-19318 (In the Linux kernel 5.3.11, mounting a crafted btrfs image twice can c ...)
	- linux 5.4.6-1
CVE-2019-19317 (lookupName in resolve.c in SQLite 3.30.1 omits bits from the colUsed b ...)
	- sqlite3 <not-affected> (Generated column support was added with SQLite version 3.31.0)
	NOTE: Fixed by: https://github.com/sqlite/sqlite/commit/522ebfa7cee96fb325a22ea3a2464a63485886a8
	NOTE: Additional testcases: https://github.com/sqlite/sqlite/commit/73bacb7f93eab9f4bd5a65cbc4ae242acf63c9e3
CVE-2019-19316 (When using the Azure backend with a shared access signature (SAS), Ter ...)
	NOT-FOR-US: Terraform
CVE-2019-19315 (NLSSRV32.EXE in Nalpeiron Licensing Service 7.3.4.0, as used with Nitr ...)
	NOT-FOR-US: Nalpeiron Licensing Service
CVE-2019-19314 (GitLab EE 8.4 through 12.5, 12.4.3, and 12.3.6 stored several tokens i ...)
	- gitlab <not-affected> (Only affects Gitlab EE)
	NOTE: https://about.gitlab.com/blog/2019/11/27/security-release-gitlab-12-5-1-released/
CVE-2019-19313 (GitLab EE 12.3 through 12.5, 12.4.3, and 12.3.6 allows Denial of Servi ...)
	- gitlab <not-affected> (Only affects Gitlab EE)
	NOTE: https://about.gitlab.com/blog/2019/11/27/security-release-gitlab-12-5-1-released/
CVE-2019-19312 (GitLab EE 8.14 through 12.5, 12.4.3, and 12.3.6 has Incorrect Access C ...)
	- gitlab <not-affected> (Only affects Gitlab EE)
	NOTE: https://about.gitlab.com/blog/2019/11/27/security-release-gitlab-12-5-1-released/
CVE-2019-19311 (GitLab EE 8.14 through 12.5, 12.4.3, and 12.3.6 allows XSS in group an ...)
	- gitlab <not-affected> (Only affects Gitlab EE)
	NOTE: https://about.gitlab.com/blog/2019/11/27/security-release-gitlab-12-5-1-released/
CVE-2019-19310 (GitLab Enterprise Edition (EE) 9.0 and later through 12.5 allows Infor ...)
	- gitlab <not-affected> (Only affects Gitlab EE)
	NOTE: https://about.gitlab.com/blog/2019/11/27/security-release-gitlab-12-5-1-released/
CVE-2019-19309 (GitLab Enterprise Edition (EE) 8.90 and later through 12.5 has Incorre ...)
	- gitlab <not-affected> (Only affects Gitlab EE)
	NOTE: https://about.gitlab.com/blog/2019/11/27/security-release-gitlab-12-5-1-released/
CVE-2019-19330 (The HTTP/2 implementation in HAProxy before 2.0.10 mishandles headers, ...)
	{DSA-4577-1}
	- haproxy 2.0.10-1
	[stretch] - haproxy <not-affected> (Vulnerable code introduced in 1.8)
	[jessie] - haproxy <not-affected> (Vulnerable code introduced in 1.8)
	NOTE: https://git.haproxy.org/?p=haproxy.git;a=commit;h=54f53ef7ce4102be596130b44c768d1818570344
	NOTE: https://git.haproxy.org/?p=haproxy.git;a=commit;h=146f53ae7e97dbfe496d0445c2802dd0a30b0878
CVE-2019-19308 (In text_to_glyphs in sushi-font-widget.c in gnome-font-viewer 3.34.0,  ...)
	- gnome-font-viewer 3.34.0-2 (unimportant)
	- gnome-sushi <unfixed> (unimportant)
	NOTE: https://gitlab.gnome.org/GNOME/gnome-font-viewer/issues/17
	NOTE: https://gitlab.gnome.org/GNOME/gnome-font-viewer/commit/9661683379806e2bad6a52ce6dde776a33f4f981
	NOTE: Crash in GUI tool, no security impact
CVE-2019-19307 (An integer overflow in parse_mqtt in mongoose.c in Cesanta Mongoose 6. ...)
	NOT-FOR-US: Cesanta Mongoose
	NOTE: smplayer embeds a copy, which is unused in any released version and disabled since 18.5.0~ds1-1
CVE-2019-19306 (The Zoho CRM Lead Magnet plugin 1.6.9.1 for WordPress allows XSS via m ...)
	NOT-FOR-US: Zoho CRM Lead Magnet plugin for WordPress
CVE-2019-19305
	RESERVED
CVE-2019-19304
	RESERVED
CVE-2019-19303
	RESERVED
CVE-2019-19302
	RESERVED
CVE-2019-19301
	RESERVED
CVE-2019-19300
	RESERVED
CVE-2019-19299 (A vulnerability has been identified in SiNVR 3 Central Control Server  ...)
	NOT-FOR-US: SiNVR 3 Central Control Server (CCS)
CVE-2019-19298 (A vulnerability has been identified in SiNVR 3 Central Control Server  ...)
	NOT-FOR-US: SiNVR 3 Central Control Server (CCS)
CVE-2019-19297 (A vulnerability has been identified in SiNVR 3 Central Control Server  ...)
	NOT-FOR-US: SiNVR 3 Central Control Server (CCS)
CVE-2019-19296 (A vulnerability has been identified in SiNVR 3 Central Control Server  ...)
	NOT-FOR-US: SiNVR 3 Central Control Server (CCS)
CVE-2019-19295 (A vulnerability has been identified in SiNVR 3 Central Control Server  ...)
	NOT-FOR-US: SiNVR 3 Central Control Server (CCS)
CVE-2019-19294 (A vulnerability has been identified in SiNVR 3 Central Control Server  ...)
	NOT-FOR-US: SiNVR 3 Central Control Server (CCS)
CVE-2019-19293 (A vulnerability has been identified in SiNVR 3 Central Control Server  ...)
	NOT-FOR-US: SiNVR 3 Central Control Server (CCS)
CVE-2019-19292 (A vulnerability has been identified in SiNVR 3 Central Control Server  ...)
	NOT-FOR-US: SiNVR 3 Central Control Server (CCS)
CVE-2019-19291 (A vulnerability has been identified in SiNVR 3 Central Control Server  ...)
	NOT-FOR-US: SiNVR 3 Central Control Server (CCS)
CVE-2019-19290 (A vulnerability has been identified in SiNVR 3 Central Control Server  ...)
	NOT-FOR-US: SiNVR 3 Central Control Server (CCS)
CVE-2019-19289
	RESERVED
CVE-2019-19288
	RESERVED
CVE-2019-19287
	RESERVED
CVE-2019-19286
	RESERVED
CVE-2019-19285
	RESERVED
CVE-2019-19284
	RESERVED
CVE-2019-19283
	RESERVED
CVE-2019-19282 (A vulnerability has been identified in OpenPCS 7 V8.1 (All versions),  ...)
	NOT-FOR-US: Siemens
CVE-2019-19281 (A vulnerability has been identified in SIMATIC ET 200SP Open Controlle ...)
	NOT-FOR-US: Siemens
CVE-2019-19280
	RESERVED
CVE-2019-19279 (A vulnerability has been identified in SIPROTEC 4 and SIPROTEC Compact ...)
	NOT-FOR-US: Siemens
CVE-2019-19278 (A vulnerability has been identified in SINAMICS PERFECT HARMONY GH180  ...)
	NOT-FOR-US: SINAMICS
CVE-2019-19277 (A vulnerability has been identified in SIPORT MP (All versions &lt; 3. ...)
	NOT-FOR-US: Siemens
CVE-2019-19276
	RESERVED
CVE-2019-19275 (typed_ast 1.3.0 and 1.3.1 has an ast_for_arguments out-of-bounds read. ...)
	- python3-typed-ast 1.4.0-1 (low)
	[buster] - python3-typed-ast <no-dsa> (Minor issue)
	[stretch] - python3-typed-ast <not-affected> (Vulnerable code introduced later)
	NOTE: https://bugs.python.org/issue36495
	NOTE: Introduced by: https://github.com/python/typed_ast/commit/156afcb26c198e162504a57caddfe0acd9ed7dce (1.3.0)
	NOTE: Fixed by: https://github.com/python/typed_ast/commit/dc317ac9cff859aa84eeabe03fb5004982545b3b (1.3.2)
CVE-2019-19274 (typed_ast 1.3.0 and 1.3.1 has a handle_keywordonly_args out-of-bounds  ...)
	- python3-typed-ast 1.4.0-1 (low)
	[buster] - python3-typed-ast <no-dsa> (Minor issue)
	[stretch] - python3-typed-ast <not-affected> (Vulnerable code introduced later)
	NOTE: https://bugs.python.org/issue36495
	NOTE: Introduced by: https://github.com/python/typed_ast/commit/156afcb26c198e162504a57caddfe0acd9ed7dce (1.3.0)
	NOTE: Fixed by: https://github.com/python/typed_ast/commit/dc317ac9cff859aa84eeabe03fb5004982545b3b (1.3.2)
CVE-2019-19273 (On Samsung mobile devices with O(8.0) and P(9.0) software and an Exyno ...)
	NOT-FOR-US: Samsung
CVE-2019-19272 (An issue was discovered in tls_verify_crl in ProFTPD before 1.3.6. Dir ...)
	- proftpd-dfsg 1.3.6-1
	[stretch] - proftpd-dfsg <not-affected> (Bug was introduced in 1.3.5c)
	[jessie] - proftpd-dfsg <not-affected> (Bug was introduced in 1.3.5c)
	NOTE: https://github.com/proftpd/proftpd/issues/858
	NOTE: Introduced in: https://github.com/proftpd/proftpd/commit/474075d2cb8c8ced7764b1b4b5ad63a49284d61f (v1.3.5c)
CVE-2019-19271 (An issue was discovered in tls_verify_crl in ProFTPD before 1.3.6. A w ...)
	- proftpd-dfsg 1.3.6-1
	[stretch] - proftpd-dfsg <not-affected> (Bug was introduced in 1.3.5c)
	[jessie] - proftpd-dfsg <not-affected> (Bug was introduced in 1.3.5c)
	NOTE: https://github.com/proftpd/proftpd/issues/860
	NOTE: Introduced in: https://github.com/proftpd/proftpd/commit/474075d2cb8c8ced7764b1b4b5ad63a49284d61f (v1.3.5c)
CVE-2019-19270 (An issue was discovered in tls_verify_crl in ProFTPD through 1.3.6b. F ...)
	- proftpd-dfsg 1.3.6b-2 (bug #946346)
	[buster] - proftpd-dfsg 1.3.6-4+deb10u3
	[stretch] - proftpd-dfsg <not-affected> (Bug was introduced in 1.3.5c)
	[jessie] - proftpd-dfsg <not-affected> (Bug was introduced in 1.3.5c)
	NOTE: https://github.com/proftpd/proftpd/issues/859
	NOTE: https://github.com/proftpd/proftpd/commit/81cc5dce4fc0285629a1b08a07a109af10c208dd (master)
	NOTE: https://github.com/proftpd/proftpd/commit/be8e1687819cb665359bd62b4c896ff4b1a09c3f (1.3.6 branch)
	NOTE: Introduced in: https://github.com/proftpd/proftpd/commit/0e27c53177db6e1ce4196c772c119071678c77a7 (v1.3.5c)
CVE-2019-19269 (An issue was discovered in tls_verify_crl in ProFTPD through 1.3.6b. A ...)
	{DLA-2018-1}
	- proftpd-dfsg 1.3.6b-2 (bug #946345)
	[buster] - proftpd-dfsg 1.3.6-4+deb10u3
	[stretch] - proftpd-dfsg 1.3.5b-4+deb9u3
	NOTE: https://github.com/proftpd/proftpd/issues/861
	NOTE: https://github.com/proftpd/proftpd/commit/81cc5dce4fc0285629a1b08a07a109af10c208dd (master)
	NOTE: https://github.com/proftpd/proftpd/commit/be8e1687819cb665359bd62b4c896ff4b1a09c3f (1.3.6 branch)
CVE-2019-19268
	RESERVED
CVE-2019-19267
	RESERVED
CVE-2019-19266 (IceWarp WebMail Server 12.2.0 and 12.1.x before 12.2.1.1 (and probably ...)
	NOT-FOR-US: IceWarp WebMail Server
CVE-2019-19265 (IceWarp WebMail Server 12.2.0 and 12.1.x before 12.2.1.1 (and probably ...)
	NOT-FOR-US: IceWarp WebMail Server
CVE-2019-19264 (In Simplifile RecordFusion through 2019-11-25, the logs and hist param ...)
	NOT-FOR-US: Simplifile RecordFusion
CVE-2019-19263 (GitLab Enterprise Edition (EE) 8.2 and later through 12.5 has Insecure ...)
	- gitlab <not-affected> (Only affects Gitlab EE)
	NOTE: https://about.gitlab.com/blog/2019/11/27/security-release-gitlab-12-5-1-released/
CVE-2019-19262 (GitLab Enterprise Edition (EE) 11.9 and later through 12.5 has Insecur ...)
	- gitlab <not-affected> (Only affects Gitlab EE)
	NOTE: https://about.gitlab.com/blog/2019/11/27/security-release-gitlab-12-5-1-released/
	NOTE: https://about.gitlab.com/blog/2019/11/27/security-release-gitlab-12-5-2-released/
CVE-2019-19261 (GitLab Enterprise Edition (EE) 6.7 and later through 12.5 allows SSRF. ...)
	- gitlab <not-affected> (Only affects Gitlab EE)
	NOTE: https://about.gitlab.com/blog/2019/11/27/security-release-gitlab-12-5-1-released/
CVE-2019-19260 (GitLab Community Edition (CE) and Enterprise Edition (EE) through 12.5 ...)
	[experimental] - gitlab 12.2.9-5
	- gitlab 12.6.8-3
	- gitlab-workhorse 8.8.1+debian-3
	[buster] - gitlab-workhorse <ignored> (Minor issue)
	[stretch] - gitlab-workhorse <ignored> (Minor issue)
	[experimental] - gitaly 1.65.2+dfsg-1
	- gitaly <unfixed>
	NOTE: https://about.gitlab.com/blog/2019/11/27/security-release-gitlab-12-5-1-released/
CVE-2019-19259 (GitLab Enterprise Edition (EE) 11.3 and later through 12.5 allows an I ...)
	- gitlab <not-affected> (Only affects Gitlab EE)
	NOTE: https://about.gitlab.com/blog/2019/11/27/security-release-gitlab-12-5-1-released/
CVE-2019-19258 (GitLab Enterprise Edition (EE) 10.8 and later through 12.5 has Incorre ...)
	- gitlab <not-affected> (Only affects Gitlab EE)
	NOTE: https://about.gitlab.com/blog/2019/11/27/security-release-gitlab-12-5-1-released/
CVE-2019-19257 (GitLab Community Edition (CE) and Enterprise Edition (EE) through 12.5 ...)
	[experimental] - gitlab 12.2.9-5
	- gitlab 12.6.8-3
	NOTE: https://about.gitlab.com/blog/2019/11/27/security-release-gitlab-12-5-1-released/
CVE-2019-19256 (GitLab Enterprise Edition (EE) 12.2 and later through 12.5 has Incorre ...)
	- gitlab <not-affected> (Only affects Gitlab EE)
	NOTE: https://about.gitlab.com/blog/2019/11/27/security-release-gitlab-12-5-1-released/
CVE-2019-19255 (GitLab Enterprise Edition (EE) 12.3 and later through 12.5 has Incorre ...)
	- gitlab <not-affected> (Only affects Gitlab EE)
	NOTE: https://about.gitlab.com/blog/2019/11/27/security-release-gitlab-12-5-1-released/
CVE-2019-19254 (GitLab Community Edition (CE) and Enterprise Edition (EE). 9.6 and lat ...)
	[experimental] - gitlab 12.2.9-5
	- gitlab 12.6.8-3
	NOTE: https://about.gitlab.com/blog/2019/11/27/security-release-gitlab-12-5-1-released/
CVE-2019-19253
	RESERVED
	NOT-FOR-US: Apereo CAS
CVE-2019-19252 (vcs_write in drivers/tty/vt/vc_screen.c in the Linux kernel through 5. ...)
	- linux 5.4.6-1
	[buster] - linux 4.19.98-1
	[stretch] - linux <not-affected> (Vulnerability introduced later)
	[jessie] - linux <not-affected> (Vulnerability introduced later)
	NOTE: https://lore.kernel.org/lkml/c30fc539-68a8-65d7-226c-6f8e6fd8bdfb@suse.com/
CVE-2019-19251 (The Last.fm desktop app (Last.fm Scrobbler) through 2.1.39 on macOS ma ...)
	NOT-FOR-US: Last.fm desktop app on macOS
CVE-2019-19250 (OpenTrade before 2019-11-23 allows SQL injection, related to server/mo ...)
	NOT-FOR-US: OpenTrade
CVE-2019-19249 (Controllers/InvitationsController.cs in QueryTree before 3.0.99-beta m ...)
	NOT-FOR-US: QueryTree
CVE-2019-19248 (Electronic Arts Origin through 10.5.x allows Elevation of Privilege (i ...)
	NOT-FOR-US: Electronic Arts Origin
CVE-2019-19247 (Electronic Arts Origin through 10.5.x allows Elevation of Privilege (i ...)
	NOT-FOR-US: Electronic Arts Origin
CVE-2019-19246 (Oniguruma through 6.9.3, as used in PHP 7.3.x and other products, has  ...)
	{DLA-2020-1}
	- libonig 6.9.4-1 (low; bug #946344)
	[buster] - libonig <no-dsa> (Minor issue)
	[stretch] - libonig <no-dsa> (Minor issue)
	NOTE: https://bugs.php.net/bug.php?id=78559
	NOTE: https://github.com/kkos/oniguruma/commit/d3e402928b6eb3327f8f7d59a9edfa622fec557b
CVE-2019-19245 (NAPC Xinet Elegant 6 Asset Library 6.1.655 allows Pre-Authentication S ...)
	NOT-FOR-US: NAPC Xinet Elegant 6 Asset Library
CVE-2019-19244 (sqlite3Select in select.c in SQLite 3.30.1 allows a crash if a sub-sel ...)
	- sqlite3 3.30.1+fossil191229-1 (bug #946656)
	[buster] - sqlite3 <no-dsa> (Minor issue)
	[stretch] - sqlite3 <not-affected> (Vulnerable code introduced later)
	[jessie] - sqlite3 <not-affected> (Vulnerable code, i.e. window functions, not present)
	NOTE: https://github.com/sqlite/sqlite/commit/e59c562b3f6894f84c715772c4b116d7b5c01348
CVE-2019-19243
	RESERVED
CVE-2019-19242 (SQLite 3.30.1 mishandles pExpr-&gt;y.pTab, as demonstrated by the TK_C ...)
	- sqlite3 3.30.1+fossil191229-1
	[buster] - sqlite3 <no-dsa> (Minor issue)
	[stretch] - sqlite3 <not-affected> (Vulnerable code introduced later)
	[jessie] - sqlite3 <not-affected> (Vulnerable code not present)
	NOTE: https://github.com/sqlite/sqlite/commit/57f7ece78410a8aae86aa4625fb7556897db384c
CVE-2019-19241 (In the Linux kernel before 5.4.2, the io_uring feature leads to reques ...)
	- linux 5.3.15-1
	[buster] - linux <not-affected> (Vulnerable code introduced later)
	[stretch] - linux <not-affected> (Vulnerable code introduced later)
	[jessie] - linux <not-affected> (Vulnerable code introduced later)
	NOTE: https://bugs.chromium.org/p/project-zero/issues/detail?id=1975
	NOTE: https://git.kernel.org/linus/181e448d8709e517c9c7b523fcd209f24eb38ca7
	NOTE: https://git.kernel.org/linus/d69e07793f891524c6bbf1e75b9ae69db4450953
CVE-2019-19240 (Embedthis GoAhead before 5.0.1 mishandles redirected HTTP requests wit ...)
	NOT-FOR-US: Embedthis GoAhead
CVE-2019-19239
	RESERVED
CVE-2019-19238
	RESERVED
CVE-2019-19237
	RESERVED
CVE-2019-19236
	RESERVED
CVE-2019-19235 (AsLdrSrv.exe in ASUS ATK Package before V1.0.0061 (for Windows 10 note ...)
	NOT-FOR-US: ASUS
CVE-2019-19234 (** DISPUTED ** In Sudo through 1.8.29, the fact that a user has been b ...)
	- sudo 1.8.31-1 (bug #947225; unimportant)
	NOTE: https://www.sudo.ws/devel.html#1.8.30b2
	NOTE: Sudo 1.8.30 adds an optional setting to check the shell of the target user
	NOTE: additionally.
CVE-2019-19233
	RESERVED
CVE-2019-19232 (** DISPUTED ** In Sudo through 1.8.29, an attacker with access to a Ru ...)
	- sudo 1.8.31-1 (bug #947225; unimportant)
	NOTE: https://www.sudo.ws/devel.html#1.8.30b2
	NOTE: Sudo 1.8.30 introduces an option to enable/disable the behavior.
CVE-2019-19231 (An insecure file access vulnerability exists in CA Client Automation 1 ...)
	NOT-FOR-US: CA Client Automation
CVE-2019-19230 (An unsafe deserialization vulnerability exists in CA Release Automatio ...)
	NOT-FOR-US: CA Release Automation (Nolio)
CVE-2019-19229 (admincgi-bin/service.fcgi on Fronius Solar Inverter devices before 3.1 ...)
	NOT-FOR-US: Fronius Solar Inverter devices
CVE-2019-19228 (Fronius Solar Inverter devices before 3.14.1 (HM 1.12.1) allow attacke ...)
	NOT-FOR-US: Fronius Solar Inverter devices
CVE-2019-19227 (In the AppleTalk subsystem in the Linux kernel before 5.1, there is a  ...)
	{DLA-2114-1 DLA-2068-1}
	- linux 5.2.6-1
	[buster] - linux 4.19.98-1
	[stretch] - linux 4.9.210-1
	NOTE: https://git.kernel.org/linus/9804501fa1228048857910a6bf23e085aade37cc
CVE-2019-19226 (A Broken Access Control vulnerability in the D-Link DSL-2680 web admin ...)
	NOT-FOR-US: D-Link
CVE-2019-19225 (A Broken Access Control vulnerability in the D-Link DSL-2680 web admin ...)
	NOT-FOR-US: D-Link
CVE-2019-19224 (A Broken Access Control vulnerability in the D-Link DSL-2680 web admin ...)
	NOT-FOR-US: D-Link
CVE-2019-19223 (A Broken Access Control vulnerability in the D-Link DSL-2680 web admin ...)
	NOT-FOR-US: D-Link
CVE-2019-19222 (A Stored XSS issue in the D-Link DSL-2680 web administration interface ...)
	NOT-FOR-US: D-Link
CVE-2019-19221 (In Libarchive 3.4.0, archive_wstring_append_from_mbs in archive_string ...)
	- libarchive <unfixed> (bug #945287)
	[buster] - libarchive <no-dsa> (Minor issue)
	[stretch] - libarchive <no-dsa> (Minor issue)
	[jessie] - libarchive <no-dsa> (Minor issue)
	NOTE: https://github.com/libarchive/libarchive/commit/22b1db9d46654afc6f0c28f90af8cdc84a199f41
	NOTE: https://github.com/libarchive/libarchive/issues/1276
CVE-2019-19220
	RESERVED
CVE-2019-19219
	RESERVED
CVE-2019-19218
	RESERVED
CVE-2019-19217
	RESERVED
CVE-2019-19216
	RESERVED
CVE-2019-19215
	RESERVED
CVE-2019-19214
	RESERVED
CVE-2019-19213
	RESERVED
CVE-2019-19212 (Dolibarr ERP/CRM 3.0 through 10.0.3 allows XSS via the qty parameter t ...)
	- dolibarr <removed>
CVE-2019-19211 (Dolibarr ERP/CRM before 10.0.3 has an Insufficient Filtering issue tha ...)
	- dolibarr <removed>
CVE-2019-19210 (Dolibarr ERP/CRM before 10.0.3 allows XSS because uploaded HTML docume ...)
	- dolibarr <removed>
CVE-2019-19209 (Dolibarr ERP/CRM before 10.0.3 allows SQL Injection. ...)
	- dolibarr <removed>
CVE-2019-19208 (Codiad Web IDE through 2.8.4 allows PHP Code injection. ...)
	NOT-FOR-US: Codiad Web IDE
CVE-2019-19207 (rConfig 3.9.2 allows devices.php?searchColumn= SQL injection. ...)
	NOT-FOR-US: rConfig
CVE-2019-19206 (Dolibarr CRM/ERP 10.0.3 allows viewimage.php?file= Stored XSS due to J ...)
	- dolibarr <removed>
CVE-2019-19205
	RESERVED
CVE-2019-19204 (An issue was discovered in Oniguruma 6.x before 6.9.4_rc2. In the func ...)
	{DLA-2020-1}
	- libonig 6.9.4-1 (low; bug #945313)
	[buster] - libonig <no-dsa> (Minor issue)
	[stretch] - libonig <no-dsa> (Minor issue)
	NOTE: https://github.com/kkos/oniguruma/issues/162
	NOTE: https://github.com/kkos/oniguruma/commit/6eb4aca6a7f2f60f473580576d86686ed6a6ebec (v6.9.4_rc2)
	NOTE: Only exploitable with attacker-provided pattern
CVE-2019-19203 (An issue was discovered in Oniguruma 6.x before 6.9.4_rc2. In the func ...)
	- libonig 6.9.4-1 (low; bug #945312)
	[buster] - libonig <no-dsa> (Minor issue)
	[stretch] - libonig <no-dsa> (Minor issue)
	[jessie] - libonig <ignored> (Minor issue, not reproducible, non-trivial backport)
	NOTE: https://github.com/kkos/oniguruma/issues/163
	NOTE: https://github.com/kkos/oniguruma/commit/aa0188eaedc056dca8374ac03d0177429b495515 (v6.9.4_rc2)
	NOTE: Only exploitable with attacker-provided pattern
CVE-2019-19202 (In Vtiger 7.x before 7.2.0, the My Preferences saving functionality al ...)
	NOT-FOR-US: Vtiger CRM
CVE-2019-19201
	RESERVED
CVE-2019-19200
	RESERVED
CVE-2019-19199
	RESERVED
CVE-2019-19198 (The Scoutnet Kalender plugin 1.1.0 for WordPress allows XSS. ...)
	NOT-FOR-US: Scoutnet Kalender plugin for WordPress
CVE-2019-19197 (IOCTL Handling in the kyrld.sys driver in Kyrol Internet Security 9.0. ...)
	NOT-FOR-US: Kyrol Internet Security
CVE-2019-19196 (The Bluetooth Low Energy Secure Manager Protocol (SMP) implementation  ...)
	NOT-FOR-US: Telink
CVE-2019-19195 (The Bluetooth Low Energy implementation on Microchip Technology BluSDK ...)
	NOT-FOR-US: Microchip
CVE-2019-19194 (The Bluetooth Low Energy Secure Manager Protocol (SMP) implementation  ...)
	NOT-FOR-US: Telink
CVE-2019-19193 (The Bluetooth Low Energy peripheral implementation on Texas Instrument ...)
	NOT-FOR-US: Texas Instruments
CVE-2019-19192 (The Bluetooth Low Energy implementation on STMicroelectronics BLE Stac ...)
	NOT-FOR-US: STMicroelectronics
CVE-2019-19191 (Shibboleth Service Provider (SP) 3.x before 3.1.0 shipped a spec file  ...)
	- shibboleth-sp <unfixed> (unimportant)
	NOTE: https://bugzilla.suse.com/show_bug.cgi?id=1157471
	NOTE: https://issues.shibboleth.net/jira/browse/SSPCPP-874
	NOTE: This is an issue in the upstream provided spec file which is not relevant
	NOTE: for the binary packages build in Debian (fixed upstream in 3.1.0). The
	NOTE: postinst in the Debian packaging does not have similar problematic chown logic.
CVE-2019-19190
	RESERVED
CVE-2019-19189
	RESERVED
CVE-2019-19188
	RESERVED
CVE-2019-19187
	RESERVED
CVE-2019-19186
	RESERVED
CVE-2019-19185
	RESERVED
CVE-2019-19184
	RESERVED
CVE-2019-19183
	RESERVED
CVE-2019-19182
	RESERVED
CVE-2019-19181
	RESERVED
CVE-2019-19180
	RESERVED
CVE-2019-19179
	RESERVED
CVE-2019-19178
	RESERVED
CVE-2019-19177
	RESERVED
CVE-2019-19176
	RESERVED
CVE-2019-19175
	RESERVED
CVE-2019-19174
	RESERVED
CVE-2019-19173
	RESERVED
CVE-2019-19172
	RESERVED
CVE-2019-19171
	RESERVED
CVE-2019-19170
	RESERVED
CVE-2019-19169
	RESERVED
CVE-2019-19168
	RESERVED
CVE-2019-19167
	RESERVED
CVE-2019-19166
	RESERVED
CVE-2019-19165
	RESERVED
CVE-2019-19164
	RESERVED
CVE-2019-19163
	RESERVED
CVE-2019-19162
	RESERVED
CVE-2019-19161
	RESERVED
CVE-2019-19160
	RESERVED
CVE-2019-19159
	RESERVED
CVE-2019-19158
	RESERVED
CVE-2019-19157
	RESERVED
CVE-2019-19156
	RESERVED
CVE-2019-19155
	RESERVED
CVE-2019-19154
	RESERVED
CVE-2019-19153
	RESERVED
CVE-2019-19152
	RESERVED
CVE-2019-19151 (On BIG-IP versions 15.0.0-15.1.0, 14.0.0-14.1.2.3, 13.1.0-13.1.3.2, 12 ...)
	NOT-FOR-US: F5 BIG-IP
CVE-2019-19150 (On versions 15.0.0-15.0.1.1, 14.1.0-14.1.2, 14.0.0-14.0.1, 13.1.0-13.1 ...)
	NOT-FOR-US: F5 BIG-IP
CVE-2019-19149
	RESERVED
CVE-2019-19148 (Tellabs Optical Line Terminal (OLT) 1150 devices allow Remote Command  ...)
	NOT-FOR-US: Tellabs Optical Line Terminal (OLT) devices
CVE-2019-19147
	RESERVED
CVE-2019-19146
	RESERVED
CVE-2019-19145
	RESERVED
CVE-2019-19144
	RESERVED
CVE-2019-19143 (TP-LINK TL-WR849N 0.9.1 4.16 devices do not require authentication to  ...)
	NOT-FOR-US: TP-LINK
CVE-2019-19142 (Intelbras WRN240 devices do not require authentication to replace the  ...)
	NOT-FOR-US: Intelbras
CVE-2019-19141 (The Camera Upload functionality in Plex Media Server through 1.18.2.20 ...)
	NOT-FOR-US: Plex Media Server
CVE-2019-19140
	RESERVED
CVE-2019-19139
	RESERVED
CVE-2019-19138
	RESERVED
CVE-2019-19137
	RESERVED
CVE-2019-19136
	RESERVED
CVE-2019-19135 (In OPC Foundation OPC UA .NET Standard codebase 1.4.357.28, servers do ...)
	NOT-FOR-US: OPC Foundation OPC UA .NET Standard codebase
CVE-2019-19134 (The Hero Maps Premium plugin 2.2.1 and prior for WordPress is prone to ...)
	NOT-FOR-US: Hero Maps Premium plugin for WordPress
CVE-2019-19133 (The CSS Hero plugin through 4.0.3 for WordPress is prone to reflected  ...)
	NOT-FOR-US: CSS Hero plugin for WordPress
CVE-2019-19132
	RESERVED
CVE-2019-19131
	RESERVED
CVE-2019-19130
	RESERVED
CVE-2019-19129 (Afterlogic WebMail Pro 8.3.11, and WebMail in Afterlogic Aurora 8.3.11 ...)
	NOT-FOR-US: Afterlogic
CVE-2019-19128
	RESERVED
CVE-2019-19127 (An authentication bypass vulnerability is present in the standalone SI ...)
	NOT-FOR-US: Tribal SITS
CVE-2019-19126 (On the x86-64 architecture, the GNU C Library (aka glibc) before 2.31  ...)
	- glibc 2.29-8 (bug #945250)
	[buster] - glibc <no-dsa> (Minor issue)
	[stretch] - glibc <no-dsa> (Minor issue)
	[jessie] - glibc <not-affected> (Vulnerable code introduced in 2.23)
	NOTE: https://sourceware.org/bugzilla/show_bug.cgi?id=25204
	NOTE: Introduced by: https://sourceware.org/git/gitweb.cgi?p=glibc.git;a=object;h=b9eb92ab05204df772eb4929eccd018637c9f3e9
	NOTE: Fixed by: https://sourceware.org/git/gitweb.cgi?p=glibc.git;h=d5dfad4326fc683c813df1e37bbf5cf920591c8e
CVE-2019-19125
	RESERVED
CVE-2019-19124
	RESERVED
CVE-2019-19123
	RESERVED
CVE-2019-19122
	RESERVED
CVE-2019-19121
	RESERVED
CVE-2019-19120
	RESERVED
CVE-2019-19119 (An issue was discovered in PRTG 7.x through 19.4.53. Due to insufficie ...)
	NOT-FOR-US: PRTG Network Monitor
CVE-2019-19118 (Django 2.1 before 2.1.15 and 2.2 before 2.2.8 allows unintended model  ...)
	- python-django 2:2.2.8-1 (bug #946011)
	[buster] - python-django <not-affected> (Vulnerable code introduced later)
	[stretch] - python-django <not-affected> (Vulnerable code introduced later)
	[jessie] - python-django <not-affected> (Vulnerable code introduced later)
	NOTE: https://www.djangoproject.com/weblog/2019/dec/02/security-releases/
	NOTE: Introduced after https://github.com/django/django/commit/825f0beda804e48e9197fcf3b0d909f9f548aa47 (2.1a1)
	NOTE: https://github.com/django/django/commit/11c5e0609bcc0db93809de2a08e0dc3d70b393e4 (master)
	NOTE: https://github.com/django/django/commit/092cd66cf3c3e175acce698d6ca2012068d878fa (3.0 branch)
	NOTE: https://github.com/django/django/commit/36f580a17f0b3cb087deadf3b65eea024f479c21 (2.2 branch)
	NOTE: https://github.com/django/django/commit/103ebe2b5ff1b2614b85a52c239f471904d26244 (2.1 branch)
CVE-2019-19117 (/usr/lib/lua/luci/controller/admin/autoupgrade.lua on PHICOMM K2(PSG12 ...)
	NOT-FOR-US: PHICOMM K2(PSG1218) devices
CVE-2019-19116
	RESERVED
CVE-2019-19115
	RESERVED
CVE-2019-19114
	RESERVED
CVE-2019-19113 (main/resources/mapper/NewBeeMallGoodsMapper.xml in newbee-mall (aka Ne ...)
	NOT-FOR-US: newbee-mall
CVE-2019-19112
	RESERVED
CVE-2019-19111
	RESERVED
CVE-2019-19110
	RESERVED
CVE-2019-19109
	RESERVED
CVE-2019-19108
	RESERVED
CVE-2019-19107
	RESERVED
CVE-2019-19106
	RESERVED
CVE-2019-19105
	RESERVED
CVE-2019-19104
	RESERVED
CVE-2019-19103
	RESERVED
CVE-2019-19102
	RESERVED
CVE-2019-19101
	RESERVED
CVE-2019-19100
	RESERVED
CVE-2019-19099
	RESERVED
CVE-2019-19098
	RESERVED
CVE-2019-19097 (ABB eSOMS versions 4.0 to 6.0.3 accept connections using medium streng ...)
	NOT-FOR-US: ABB eSOMS
CVE-2019-19096 (The Redis data structure component used in ABB eSOMS versions 6.0 to 6 ...)
	NOT-FOR-US: ABB eSOMS
CVE-2019-19095 (Lack of adequate input/output validation for ABB eSOMS versions 4.0 to ...)
	NOT-FOR-US: ABB eSOMS
CVE-2019-19094 (Lack of input checks for SQL queries in ABB eSOMS versions 3.9 to 6.0. ...)
	NOT-FOR-US: ABB eSOMS
CVE-2019-19093 (eSOMS versions 4.0 to 6.0.3 do not enforce password complexity setting ...)
	NOT-FOR-US: ABB eSOMS
CVE-2019-19092 (ABB eSOMS versions 4.0 to 6.0.3 use ASP.NET Viewstate without Message  ...)
	NOT-FOR-US: ABB eSOMS
CVE-2019-19091 (For ABB eSOMS versions 4.0 to 6.0.3, HTTPS responses contain comments  ...)
	NOT-FOR-US: ABB eSOMS
CVE-2019-19090 (For ABB eSOMS versions 4.0 to 6.0.2, the Secure Flag is not set in the ...)
	NOT-FOR-US: ABB eSOMS
CVE-2019-19089 (For ABB eSOMS versions 4.0 to 6.0.3, the X-Content-Type-Options Header ...)
	NOT-FOR-US: ABB eSOMS
CVE-2019-19088 (Gitlab Enterprise Edition (EE) 11.3 through 12.4.2 allows Directory Tr ...)
	- gitlab <not-affected> (Only affects Gitlab EE)
	NOTE: https://about.gitlab.com/blog/2019/11/27/security-release-gitlab-12-5-1-released/
CVE-2019-19087 (Gitlab Enterprise Edition (EE) before 12.5.1 has Insecure Permissions  ...)
	- gitlab <not-affected> (Only affects Gitlab EE)
	NOTE: https://about.gitlab.com/blog/2019/11/27/security-release-gitlab-12-5-1-released/
CVE-2019-19086 (Gitlab Enterprise Edition (EE) before 12.5.1 has Insecure Permissions  ...)
	- gitlab <not-affected> (Only affects Gitlab EE)
	NOTE: https://about.gitlab.com/blog/2019/11/27/security-release-gitlab-12-5-1-released/
CVE-2019-19085 (A persistent cross-site scripting (XSS) vulnerability in Octopus Serve ...)
	NOT-FOR-US: Octopus Server
CVE-2019-19084 (In Octopus Deploy 3.3.0 through 2019.10.4, an authenticated user with  ...)
	NOT-FOR-US: Octopus Deploy
CVE-2019-19083 (Memory leaks in *clock_source_create() functions under drivers/gpu/drm ...)
	- linux 5.3.9-1 (unimportant)
	[stretch] - linux <not-affected> (Vulnerable code not present)
	[jessie] - linux <not-affected> (Vulnerable code not present)
	NOTE: https://git.kernel.org/linus/055e547478a11a6360c7ce05e2afc3e366968a12
CVE-2019-19082 (Memory leaks in *create_resource_pool() functions under drivers/gpu/dr ...)
	- linux 5.4.6-1
	[stretch] - linux <not-affected> (Vulnerable code not present)
	[jessie] - linux <not-affected> (Vulnerable code not present)
	NOTE: https://git.kernel.org/linus/104c307147ad379617472dd91a5bcb368d72bd6d
CVE-2019-19081 (A memory leak in the nfp_flower_spawn_vnic_reprs() function in drivers ...)
	- linux 5.3.7-1
	[buster] - linux 4.19.87-1
	[stretch] - linux <not-affected> (Vulnerable code not present)
	[jessie] - linux <not-affected> (Vulnerable code not present)
	NOTE: https://git.kernel.org/linus/8ce39eb5a67aee25d9f05b40b673c95b23502e3e
CVE-2019-19080 (Four memory leaks in the nfp_flower_spawn_phy_reprs() function in driv ...)
	- linux 5.3.7-1
	[buster] - linux 4.19.87-1
	[stretch] - linux <not-affected> (Vulnerable code not present)
	[jessie] - linux <not-affected> (Vulnerable code not present)
	NOTE: https://git.kernel.org/linus/8572cea1461a006bce1d06c0c4b0575869125fa4
CVE-2019-19079 (A memory leak in the qrtr_tun_write_iter() function in net/qrtr/tun.c  ...)
	- linux 5.3.7-1
	[buster] - linux 4.19.98-1
	[stretch] - linux <not-affected> (Vulnerable code not present)
	[jessie] - linux <not-affected> (Vulnerable code not present)
	NOTE: https://git.kernel.org/linus/a21b7f0cff1906a93a0130b74713b15a0b36481d
CVE-2019-19078 (A memory leak in the ath10k_usb_hif_tx_sg() function in drivers/net/wi ...)
	- linux 5.4.13-1
	[buster] - linux 4.19.98-1
	[stretch] - linux <not-affected> (Vulnerable code not present)
	[jessie] - linux <not-affected> (Vulnerable code not present)
CVE-2019-19077 (A memory leak in the bnxt_re_create_srq() function in drivers/infiniba ...)
	- linux 5.4.6-1
	[buster] - linux 4.19.98-1
	[stretch] - linux <not-affected> (Vulnerable code not present)
	[jessie] - linux <not-affected> (Vulnerable code not present)
	NOTE: https://git.kernel.org/linus/4a9d46a9fe14401f21df69cea97c62396d5fb053
CVE-2019-19076 (** DISPUTED ** A memory leak in the nfp_abm_u32_knode_replace() functi ...)
	- linux 5.3.7-1
	[buster] - linux <not-affected> (Vulnerable code not present)
	[stretch] - linux <not-affected> (Vulnerable code not present)
	[jessie] - linux <not-affected> (Vulnerable code not present)
	NOTE: https://git.kernel.org/linus/78beef629fd95be4ed853b2d37b832f766bd96ca
CVE-2019-19075 (A memory leak in the ca8210_probe() function in drivers/net/ieee802154 ...)
	- linux 5.3.9-1 (unimportant)
	[buster] - linux 4.19.87-1
	NOTE: https://git.kernel.org/linus/6402939ec86eaf226c8b8ae00ed983936b164908
CVE-2019-19074 (A memory leak in the ath9k_wmi_cmd() function in drivers/net/wireless/ ...)
	- linux 5.4.6-1
	NOTE: https://git.kernel.org/linus/728c1e2a05e4b5fc52fab3421dce772a806612a2
CVE-2019-19073 (Memory leaks in drivers/net/wireless/ath/ath9k/htc_hst.c in the Linux  ...)
	- linux 5.4.6-1
	NOTE: https://git.kernel.org/linus/853acf7caf10b828102d92d05b5c101666a6142b
CVE-2019-19072 (A memory leak in the predicate_parse() function in kernel/trace/trace_ ...)
	- linux 5.4.6-1
	[stretch] - linux <not-affected> (Vulnerable code not present)
	[jessie] - linux <not-affected> (Vulnerable code not present)
	NOTE: https://git.kernel.org/linus/96c5c6e6a5b6db592acae039fed54b5c8844cd35
CVE-2019-19071 (A memory leak in the rsi_send_beacon() function in drivers/net/wireles ...)
	- linux 5.4.6-1
	[buster] - linux 4.19.98-1
	[stretch] - linux <not-affected> (Vulnerable code not present)
	[jessie] - linux <not-affected> (Vulnerable code not present)
CVE-2019-19070 (** DISPUTED ** A memory leak in the spi_gpio_probe() function in drive ...)
	- linux <unfixed> (unimportant)
CVE-2019-19069 (A memory leak in the fastrpc_dma_buf_attach() function in drivers/misc ...)
	- linux 5.3.9-1
	[buster] - linux <not-affected> (Vulnerable code not present)
	[stretch] - linux <not-affected> (Vulnerable code not present)
	[jessie] - linux <not-affected> (Vulnerable code not present)
	NOTE: https://git.kernel.org/linus/fc739a058d99c9297ef6bfd923b809d85855b9a9
CVE-2019-19068 (A memory leak in the rtl8xxxu_submit_int_urb() function in drivers/net ...)
	{DLA-2114-1}
	- linux 5.4.13-1
	[buster] - linux 4.19.98-1
	[stretch] - linux 4.9.210-1
	[jessie] - linux <not-affected> (Vulnerable code not present)
CVE-2019-19067 (** DISPUTED ** Four memory leaks in the acp_hw_init() function in driv ...)
	- linux 5.3.9-1 (unimportant)
	NOTE: https://git.kernel.org/linus/57be09c6e8747bf48704136d9e3f92bfb93f5725
CVE-2019-19066 (A memory leak in the bfad_im_get_stats() function in drivers/scsi/bfa/ ...)
	{DLA-2114-1 DLA-2068-1}
	- linux 5.4.13-1
	[buster] - linux 4.19.98-1
	[stretch] - linux 4.9.210-1
CVE-2019-19065 (** DISPUTED ** A memory leak in the sdma_init() function in drivers/in ...)
	- linux 5.3.9-1
	[buster] - linux 4.19.87-1
	[stretch] - linux <not-affected> (Vulnerability introduced later)
	[jessie] - linux <not-affected> (Vulnerability introduced later)
	NOTE: https://git.kernel.org/linus/34b3be18a04ecdc610aae4c48e5d1b799d8689f6
CVE-2019-19064 (** DISPUTED ** A memory leak in the fsl_lpspi_probe() function in driv ...)
	- linux 5.4.13-1 (unimportant)
CVE-2019-19063 (Two memory leaks in the rtl_usb_probe() function in drivers/net/wirele ...)
	- linux 5.4.8-1 (unimportant)
	[buster] - linux 4.19.98-1
	[stretch] - linux 4.9.210-1
CVE-2019-19062 (A memory leak in the crypto_report() function in crypto/crypto_user_ba ...)
	{DLA-2114-1 DLA-2068-1}
	- linux 5.4.6-1
	[buster] - linux 4.19.98-1
	[stretch] - linux 4.9.210-1
CVE-2019-19061 (A memory leak in the adis_update_scan_mode_burst() function in drivers ...)
	- linux 5.3.9-1 (unimportant)
	NOTE: https://git.kernel.org/linus/9c0530e898f384c5d279bfcebd8bb17af1105873
CVE-2019-19060 (A memory leak in the adis_update_scan_mode() function in drivers/iio/i ...)
	- linux 5.3.9-1 (unimportant)
	[buster] - linux 4.19.87-1
	NOTE: https://git.kernel.org/linus/ab612b1daf415b62c58e130cb3d0f30b255a14d0
CVE-2019-19059 (Multiple memory leaks in the iwl_pcie_ctxt_info_gen3_init() function i ...)
	- linux 5.4.6-1
	[buster] - linux 4.19.98-1
	[stretch] - linux <not-affected> (Vulnerable code not present)
	[jessie] - linux <not-affected> (Vulnerable code not present)
	NOTE: https://git.kernel.org/linus/0f4f199443faca715523b0659aa536251d8b978f
CVE-2019-19058 (A memory leak in the alloc_sgtable() function in drivers/net/wireless/ ...)
	- linux 5.4.6-1
	[buster] - linux 4.19.98-1
	[stretch] - linux <not-affected> (Vulnerable code not present)
	[jessie] - linux <not-affected> (Vulnerable code not present)
	NOTE: https://git.kernel.org/linus/b4b814fec1a5a849383f7b3886b654a13abbda7d
CVE-2019-19057 (Two memory leaks in the mwifiex_pcie_init_evt_ring() function in drive ...)
	{DLA-2114-1 DLA-2068-1}
	- linux 5.4.8-1
	[buster] - linux 4.19.98-1
	[stretch] - linux 4.9.210-1
CVE-2019-19056 (A memory leak in the mwifiex_pcie_alloc_cmdrsp_buf() function in drive ...)
	{DLA-2114-1 DLA-2068-1}
	- linux 5.4.13-1
	[buster] - linux 4.19.98-1
	[stretch] - linux 4.9.210-1
CVE-2019-19055 (** DISPUTED ** A memory leak in the nl80211_get_ftm_responder_stats()  ...)
	- linux 5.4.6-1 (unimportant)
	[buster] - linux <not-affected> (Vulnerable code introduced later)
	[stretch] - linux <not-affected> (Vulnerable code introduced later)
	[jessie] - linux <not-affected> (Vulnerable code introduced later)
	NOTE: https://git.kernel.org/linus/1399c59fa92984836db90538cf92397fe7caaa57
CVE-2019-19054 (A memory leak in the cx23888_ir_probe() function in drivers/media/pci/ ...)
	- linux <unfixed> (unimportant)
	NOTE: Memory leak on probe only.
CVE-2019-19053 (A memory leak in the rpmsg_eptdev_write_iter() function in drivers/rpm ...)
	- linux 5.4.13-1
	[buster] - linux <not-affected> (Vulnerable code not present)
	[stretch] - linux <not-affected> (Vulnerable code not present)
	[jessie] - linux <not-affected> (Vulnerable code not present)
CVE-2019-19052 (A memory leak in the gs_can_open() function in drivers/net/can/usb/gs_ ...)
	{DLA-2114-1 DLA-2068-1}
	- linux 5.3.15-1
	[buster] - linux 4.19.87-1
	[stretch] - linux 4.9.210-1
	NOTE: https://git.kernel.org/linus/fb5be6a7b4863ecc44963bb80ca614584b6c7817
CVE-2019-19051 (A memory leak in the i2400m_op_rfkill_sw_toggle() function in drivers/ ...)
	{DLA-2114-1 DLA-2068-1}
	- linux 5.3.15-1
	[buster] - linux 4.19.98-1
	[stretch] - linux 4.9.210-1
	NOTE: https://git.kernel.org/linus/6f3ef5c25cc762687a7341c18cbea5af54461407
CVE-2019-19050 (A memory leak in the crypto_reportstat() function in crypto/crypto_use ...)
	- linux 5.4.6-1
	[buster] - linux <not-affected> (Vulnerable code not present)
	[stretch] - linux <not-affected> (Vulnerable code not present)
	[jessie] - linux <not-affected> (Vulnerable code not present)
CVE-2019-19049 (** DISPUTED ** A memory leak in the unittest_data_add() function in dr ...)
	- linux 5.3.15-1 (unimportant)
	[buster] - linux 4.19.87-1
	[stretch] - linux 4.9.210-1
	NOTE: https://git.kernel.org/linus/e13de8fe0d6a51341671bbe384826d527afe8d44
	NOTE: unittest.c can only be reached during boot.
CVE-2019-19048 (A memory leak in the crypto_reportstat() function in drivers/virt/vbox ...)
	- linux 5.3.9-1
	[buster] - linux 4.19.87-1
	[stretch] - linux <not-affected> (Vulnerable code not present)
	[jessie] - linux <not-affected> (Vulnerable code not present)
	NOTE: https://git.kernel.org/linus/e0b0cb9388642c104838fac100a4af32745621e2
CVE-2019-19047 (A memory leak in the mlx5_fw_fatal_reporter_dump() function in drivers ...)
	- linux 5.3.15-1
	[buster] - linux <not-affected> (Vulnerability introduced later)
	[stretch] - linux <not-affected> (Vulnerability introduced later)
	[jessie] - linux <not-affected> (Vulnerability introduced later)
	NOTE: https://git.kernel.org/linus/c7ed6d0183d5ea9bc31bcaeeba4070bd62546471
CVE-2019-19046 (** DISPUTED ** A memory leak in the __ipmi_bmc_register() function in  ...)
	- linux 5.4.19-1 (unimportant)
	NOTE: Only a memory leak on the probe path
CVE-2019-19045 (A memory leak in the mlx5_fpga_conn_create_cq() function in drivers/ne ...)
	- linux 5.3.15-1
	[buster] - linux 4.19.87-1
	[stretch] - linux <not-affected> (Vulnerable code not present)
	[jessie] - linux <not-affected> (Vulnerable code not present)
	NOTE: https://git.kernel.org/linus/c8c2a057fdc7de1cd16f4baa51425b932a42eb39
CVE-2019-19044 (Two memory leaks in the v3d_submit_cl_ioctl() function in drivers/gpu/ ...)
	- linux 5.3.15-1
	[buster] - linux <not-affected> (Vulnerability introduced later)
	[stretch] - linux <not-affected> (Vulnerability introduced later)
	[jessie] - linux <not-affected> (Vulnerability introduced later)
	NOTE: https://git.kernel.org/linus/29cd13cfd7624726d9e6becbae9aa419ef35af7f
CVE-2019-19043 (A memory leak in the i40e_setup_macvlans() function in drivers/net/eth ...)
	- linux 5.4.19-1
	[buster] - linux <not-affected> (Vulnerable code not present)
	[stretch] - linux <not-affected> (Vulnerable code not present)
	[jessie] - linux <not-affected> (Vulnerable code not present)
CVE-2019-19042
	RESERVED
CVE-2019-19041 (An issue was discovered in Xorux Lpar2RRD 6.11 and Stor2RRD 2.61, as d ...)
	NOT-FOR-US: Xorux
CVE-2019-19040 (KairosDB through 1.2.2 has XSS in view.html because of showErrorMessag ...)
	NOT-FOR-US: KairosDB
CVE-2019-19039 (** DISPUTED ** __btrfs_free_extent in fs/btrfs/extent-tree.c in the Li ...)
	- linux <unfixed>
CVE-2019-19038
	RESERVED
CVE-2019-19037 (ext4_empty_dir in fs/ext4/namei.c in the Linux kernel through 5.3.12 a ...)
	{DLA-2114-1}
	- linux 5.4.8-1
	[buster] - linux 4.19.98-1
	[stretch] - linux 4.9.210-1
	[jessie] - linux <not-affected> (Vulnerability introduced later)
CVE-2019-19036 (btrfs_root_node in fs/btrfs/ctree.c in the Linux kernel through 5.3.12 ...)
	- linux <unfixed>
CVE-2019-19035 (jhead 3.03 is affected by: heap-based buffer over-read. The impact is: ...)
	- jhead 1:3.04-1 (unimportant; bug #944961)
	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1765647
	NOTE: Crash in CLI tool, no security impact
CVE-2019-19034 (Zoho ManageEngine Asset Explorer 6.5 does not validate the System Cent ...)
	NOT-FOR-US: Zoho
CVE-2019-19033 (Jalios JCMS 10 allows attackers to access any part of the website and  ...)
	NOT-FOR-US: Jalios JCMS
CVE-2019-19032 (XMLBlueprint through 16.191112 is affected by XML External Entity Inje ...)
	NOT-FOR-US: XMLBlueprint
CVE-2019-19031 (Easy XML Editor through v1.7.8 is affected by: XML External Entity Inj ...)
	NOT-FOR-US: Easy XML Editor
CVE-2019-19030
	RESERVED
CVE-2019-19029 (Cloud Native Computing Foundation Harbor prior to 1.8.6 and 1.9.3 allo ...)
	NOT-FOR-US: Harbor
CVE-2019-19028
	RESERVED
CVE-2019-19027
	RESERVED
CVE-2019-19026 (Cloud Native Computing Foundation Harbor prior to 1.8.6 and 1.9.3 allo ...)
	NOT-FOR-US: Harbor
CVE-2019-19025 (Cloud Native Computing Foundation Harbor prior to 1.8.6 and 1.9.3 allo ...)
	NOT-FOR-US: Harbor
CVE-2019-19024
	RESERVED
CVE-2019-19023 (Cloud Native Computing Foundation Harbor prior to 1.8.6 and 1.9.3 has  ...)
	NOT-FOR-US: Harbor
CVE-2019-19022 (iTerm2 through 3.3.6 has potentially insufficient documentation about  ...)
	NOT-FOR-US: iTerm2
CVE-2019-19021 (An issue was discovered in TitanHQ WebTitan before 5.18. It has a hidd ...)
	NOT-FOR-US: TitanHQ WebTitan
CVE-2019-19020 (An issue was discovered in TitanHQ WebTitan before 5.18. In the admini ...)
	NOT-FOR-US: TitanHQ WebTitan
CVE-2019-19019 (An issue was discovered in TitanHQ WebTitan before 5.18. It contains a ...)
	NOT-FOR-US: TitanHQ WebTitan
CVE-2019-19018 (An issue was discovered in TitanHQ WebTitan before 5.18. It exposes a  ...)
	NOT-FOR-US: TitanHQ WebTitan
CVE-2019-19017 (An issue was discovered in TitanHQ WebTitan before 5.18. The appliance ...)
	NOT-FOR-US: TitanHQ WebTitan
CVE-2019-19016 (An issue was discovered in TitanHQ WebTitan before 5.18. Some function ...)
	NOT-FOR-US: TitanHQ WebTitan
CVE-2019-19015 (An issue was discovered in TitanHQ WebTitan before 5.18. The proxy ser ...)
	NOT-FOR-US: TitanHQ WebTitan
CVE-2019-19014 (An issue was discovered in TitanHQ WebTitan before 5.18. It has a sudo ...)
	NOT-FOR-US: TitanHQ WebTitan
CVE-2019-19013 (A CSRF vulnerability in Pagekit 1.0.17 allows an attacker to upload an ...)
	NOT-FOR-US: Pagekit CMS
CVE-2019-19012 (An integer overflow in the search_in_range function in regexec.c in On ...)
	{DLA-2020-1}
	- libonig 6.9.4-1 (low; bug #944959)
	[buster] - libonig <no-dsa> (Minor issue)
	[stretch] - libonig <no-dsa> (Minor issue)
	NOTE: https://github.com/kkos/oniguruma/issues/164
	NOTE: https://github.com/kkos/oniguruma/commit/0463e21432515631a9bc925ce5eb95b097c73719
	NOTE: https://github.com/kkos/oniguruma/commit/778a43dd56925ed58bbe26e3a7bb8202d72c3f3f
	NOTE: https://github.com/kkos/oniguruma/commit/b6cb7580a7e0c56fc325fe9370b9d34044910aed
	NOTE: https://github.com/kkos/oniguruma/commit/bfc36d3d8139b8be4d3df630d625c58687b0c7d4
	NOTE: https://github.com/kkos/oniguruma/commit/db64ef3189f54917a5008a02bdb000adc514a90a
CVE-2019-19011 (MiniUPnP ngiflib 0.4 has a NULL pointer dereference in GifIndexToTrueC ...)
	NOT-FOR-US: ngiflib
CVE-2019-19010 (Eval injection in the Math plugin of Limnoria (before 2019.11.09) and  ...)
	- limnoria 2019.11.09-1
	[buster] - limnoria 2019.02.23-1+deb10u1
	[stretch] - limnoria 2017.01.10-1+deb9u1
	NOTE: https://github.com/ProgVal/Limnoria/commit/3848ae78de45b35c029cc333963d436b9d2f0a35
	NOTE: https://github.com/ProgVal/Limnoria/wiki/math-eval-vulnerability
CVE-2019-19009
	RESERVED
CVE-2019-19008
	REJECTED
CVE-2019-19007 (Intelbras IWR 3000N 1.8.7 devices allow disclosure of the administrato ...)
	NOT-FOR-US: Intelbras IWR 3000N 1.8.7 devices
CVE-2019-19006 (Sangoma FreePBX 115.0.16.26 and below, 14.0.13.11 and below, 13.0.197. ...)
	NOT-FOR-US: FreePBX
CVE-2019-19005
	RESERVED
CVE-2019-19004
	RESERVED
CVE-2019-19003 (For ABB eSOMS versions 4.0 to 6.0.2, the HTTPOnly flag is not set. Thi ...)
	NOT-FOR-US: ABB eSOMS
CVE-2019-19002 (For ABB eSOMS versions 4.0 to 6.0.2, the X-XSS-Protection HTTP respons ...)
	NOT-FOR-US: ABB eSOMS
CVE-2019-19001 (For ABB eSOMS versions 4.0 to 6.0.2, the X-Frame-Options header is not ...)
	NOT-FOR-US: ABB eSOMS
CVE-2019-19000 (For ABB eSOMS 4.0 to 6.0.3, the Cache-Control and Pragma HTTP header(s ...)
	NOT-FOR-US: ABB eSOMS
CVE-2019-18999
	RESERVED
CVE-2019-18998 (Insufficient access control in the web interface of ABB Asset Suite ve ...)
	NOT-FOR-US: ABB Asset Suite
CVE-2019-18997 (The HMISimulator component of ABB PB610 Panel Builder 600 uses the rea ...)
	NOT-FOR-US: ABB PB610 Panel Builder
CVE-2019-18996 (Path settings in HMIStudio component of ABB PB610 Panel Builder 600 ve ...)
	NOT-FOR-US: ABB PB610 Panel Builder
CVE-2019-18995 (The HMISimulator component of ABB PB610 Panel Builder 600 versions 2.8 ...)
	NOT-FOR-US: ABB PB610 Panel Builder
CVE-2019-18994 (Due to a lack of file length check, the HMIStudio component of ABB PB6 ...)
	NOT-FOR-US: ABB PB610 Panel Builder
CVE-2019-18993 (OpenWrt 18.06.4 allows XSS via the "New port forward" Name field to th ...)
	NOT-FOR-US: OpenWrt
CVE-2019-18992 (OpenWrt 18.06.4 allows XSS via these Name fields to the cgi-bin/luci/a ...)
	NOT-FOR-US: OpenWrt
CVE-2019-18991
	RESERVED
CVE-2019-18990
	RESERVED
CVE-2019-18989
	RESERVED
CVE-2019-18988 (TeamViewer Desktop through 14.7.1965 allows a bypass of remote-login a ...)
	NOT-FOR-US: TeamViewer
CVE-2019-18987 (An issue was discovered in the AbuseFilter extension through 1.34 for  ...)
	NOT-FOR-US: AbuseFilter MediaWiki extension
CVE-2019-18986 (Pimcore before 6.2.2 allow attackers to brute-force (guess) valid user ...)
	NOT-FOR-US: Pimcore
CVE-2019-18985 (Pimcore before 6.2.2 lacks brute force protection for the 2FA token. ...)
	NOT-FOR-US: Pimcore
CVE-2019-18984
	RESERVED
CVE-2019-18983
	RESERVED
CVE-2019-18982 (bundles/AdminBundle/Controller/Admin/EmailController.php in Pimcore be ...)
	NOT-FOR-US: Pimcore
CVE-2019-18981 (Pimcore before 6.2.2 lacks an Access Denied outcome for a certain scen ...)
	NOT-FOR-US: Pimcore
CVE-2019-18980 (On Signify Philips Taolight Smart Wi-Fi Wiz Connected LED Bulb 9290022 ...)
	NOT-FOR-US: Signify Philips Taolight
CVE-2019-18979 (Adaware antivirus 12.6.1005.11662 and 12.7.1055.0 has a quarantine fla ...)
	NOT-FOR-US: Adaware
CVE-2019-18978 (An issue was discovered in the rack-cors (aka Rack CORS Middleware) ge ...)
	{DLA-2096-1}
	- ruby-rack-cors 1.1.1-1 (bug #944849)
	NOTE: https://github.com/cyu/rack-cors/commit/e4d4fc362a4315808927011cbe5afcfe5486f17d
	NOTE: https://github.com/cyu/rack-cors/compare/v1.0.3...v1.0.4
CVE-2019-18977
	RESERVED
CVE-2019-18976 (An issue was discovered in res_pjsip_t38.c in Sangoma Asterisk through ...)
	- asterisk 1:16.1.1~dfsg-1
	[stretch] - asterisk <no-dsa> (Minor issue)
	[jessie] - asterisk <not-affected> (Vulnerable code not present)
	NOTE: https://downloads.asterisk.org/pub/security/AST-2019-008.html
	NOTE: https://issues.asterisk.org/jira/browse/ASTERISK-28612
	NOTE: Only affects 13.x, marking first unstable upload after 13.x as fixed
CVE-2019-18975
	RESERVED
CVE-2019-18974
	RESERVED
CVE-2019-18973
	RESERVED
CVE-2019-18972
	RESERVED
CVE-2019-18971
	RESERVED
CVE-2019-18970
	REJECTED
CVE-2019-18969
	REJECTED
CVE-2019-18968
	REJECTED
CVE-2019-18967
	REJECTED
CVE-2019-18966
	REJECTED
CVE-2019-18965
	REJECTED
CVE-2019-18964
	REJECTED
CVE-2019-18963
	REJECTED
CVE-2019-18962
	REJECTED
CVE-2019-18961
	REJECTED
CVE-2019-18960 (Firecracker vsock implementation buffer overflow in versions 0.18.0 an ...)
	NOT-FOR-US: AWS Firecracker
CVE-2019-18959
	RESERVED
CVE-2019-18958 (Nitro Pro before 13.2 creates a debug.log file in the directory where  ...)
	NOT-FOR-US: Nitro Pro
CVE-2019-18957 (Microstrategy Library in MicroStrategy before 2019 before 11.1.3 has r ...)
	NOT-FOR-US: Microstrategy Library
CVE-2019-18956 (Divisa Proxia Suite 9 &lt; 9.12.16, 9.11.19, 9.10.26, 9.9.8, 9.8.43 an ...)
	NOT-FOR-US: Divisa Proxia Suite
CVE-2019-18955 (The web console in Lansweeper 7.2.105.2 has XSS via the URL path. Prod ...)
	NOT-FOR-US: Lansweeper
CVE-2019-18954 (Pomelo v2.2.5 allows external control of critical state data. A malici ...)
	NOT-FOR-US: Pomelo
CVE-2019-18953
	RESERVED
CVE-2019-18952 (SibSoft Xfilesharing through 2.5.1 allows cgi-bin/up.cgi arbitrary fil ...)
	NOT-FOR-US: SibSoft Xfilesharing
CVE-2019-18951 (SibSoft Xfilesharing through 2.5.1 allows op=page&amp;tmpl=../ directo ...)
	NOT-FOR-US: SibSoft Xfilesharing
CVE-2019-18950
	RESERVED
CVE-2019-18949 (SnowHaze before 2.6.6 is sometimes too late to honor a per-site JavaSc ...)
	NOT-FOR-US: SnowHaze
CVE-2019-18948
	RESERVED
CVE-2019-18947
	RESERVED
CVE-2019-18946
	RESERVED
CVE-2019-18945
	RESERVED
CVE-2019-18944
	RESERVED
CVE-2019-18943
	RESERVED
CVE-2019-18942
	RESERVED
CVE-2019-18941
	RESERVED
CVE-2019-18940
	RESERVED
CVE-2019-18939 (eQ-3 Homematic CCU2 2.47.20 and CCU3 3.47.18 with the HM-Print AddOn t ...)
	NOT-FOR-US: eQ-3 Homematic
CVE-2019-18938 (eQ-3 Homematic CCU2 2.47.20 and CCU3 3.47.18 with the E-Mail AddOn thr ...)
	NOT-FOR-US: eQ-3 Homematic
CVE-2019-18937 (eQ-3 Homematic CCU2 2.47.20 and CCU3 3.47.18 with the Script Parser Ad ...)
	NOT-FOR-US: eQ-3 Homematic
CVE-2019-18936 (UniValue::read() in UniValue before 1.0.5 allow attackers to cause a d ...)
	- libunivalue 1.1.1-2 (bug #954959)
	[buster] - libunivalue <no-dsa> (Minor issue)
	[stretch] - libunivalue <no-dsa> (Minor issue)
	NOTE: https://github.com/jgarzik/univalue/commit/07aa635c034f3a2accfe4e20a8148c366bccf5bf
	NOTE: https://github.com/jgarzik/univalue/pull/58
CVE-2019-18935 (Progress Telerik UI for ASP.NET AJAX through 2019.3.1023 contains a .N ...)
	NOT-FOR-US: Progress Telerik UI for ASP.NET AJAX
CVE-2019-18934 (Unbound 1.6.4 through 1.9.4 contain a vulnerability in the ipsec modul ...)
	- unbound <unfixed> (unimportant)
	[stretch] - unbound <not-affected> (ipsecmod module introduced later)
	[jessie] - unbound <not-affected> (ipsecmod module introduced later)
	NOTE: Debian binary packages not built with --enable-ipsecmod
	NOTE: https://nlnetlabs.nl/downloads/unbound/CVE-2019-18934.txt
CVE-2019-18933 (In Zulip Server versions from 1.7.0 to before 2.0.7, a bug in the new  ...)
	NOT-FOR-US: Zulip
CVE-2019-18932 (log.c in Squid Analysis Report Generator (sarg) through 2.3.11 allows  ...)
	- sarg 2.4.0-1 (unimportant; bug #951390)
	NOTE: https://www.openwall.com/lists/oss-security/2020/01/20/6
	NOTE: The sarg-reports as shipped in Debian has already safe use of mktemp for
	NOTE: use of temporary files and directories.
	NOTE: Fixed by: https://sourceforge.net/p/sarg/code/ci/8ec6d20be8c0da3c885aba78e63251f2e5080748
	NOTE: Neutralised by kernel hardening
CVE-2019-18931 (Western Digital My Cloud EX2 Ultra firmware 2.31.195 allows a Buffer O ...)
	NOT-FOR-US: Western Digital My Cloud EX2 Ultra firmware
CVE-2019-18930 (Western Digital My Cloud EX2 Ultra firmware 2.31.183 allows web users  ...)
	NOT-FOR-US: Western Digital My Cloud EX2 Ultra firmware
CVE-2019-18929 (Western Digital My Cloud EX2 Ultra firmware 2.31.183 allows web users  ...)
	NOT-FOR-US: Western Digital My Cloud EX2 Ultra firmware
CVE-2019-18928 (Cyrus IMAP 2.5.x before 2.5.14 and 3.x before 3.0.12 allows privilege  ...)
	- cyrus-imapd 3.0.12-1
	[buster] - cyrus-imapd 3.0.8-6+deb10u3
	[stretch] - cyrus-imapd <no-dsa> (Minor issue; can be fixed via point release)
	NOTE: https://github.com/cyrusimap/cyrus-imapd/commit/e675bf7b0e9c6e160516d274bffaec6f9dccaef7 (cyrus-imapd-3.0.12)
	NOTE: Fixed in 3.0.12 and 2.5.14 upstream
CVE-2019-18927
	RESERVED
CVE-2019-18926 (Systematic IRIS Standards Management (ISM) v2.1 SP1 89 is vulnerable t ...)
	NOT-FOR-US: Systematic IRIS Standards Management (ISM)
CVE-2019-18925 (Systematic IRIS WebForms 5.4 and its functionalities can be accessed a ...)
	NOT-FOR-US: Systematic IRIS WebForms
CVE-2019-18924 (Systematic IRIS WebForms 5.4 is vulnerable to directory traversal. By  ...)
	NOT-FOR-US: Systematic IRIS WebForms
CVE-2019-18923 (Insufficient content type validation of proxied resources in go-camo b ...)
	NOT-FOR-US: go-camo
CVE-2019-18922 (A Directory Traversal in the Web interface of the Allied Telesis AT-GS ...)
	NOT-FOR-US: Allied Telesis
CVE-2019-18921
	RESERVED
CVE-2019-18920
	RESERVED
CVE-2019-18919
	RESERVED
CVE-2019-18918
	RESERVED
CVE-2019-18917 (A potential security vulnerability has been identified for certain HP  ...)
	NOT-FOR-US: HP
CVE-2019-18916
	RESERVED
CVE-2019-18915 (A potential security vulnerability has been identified with certain ve ...)
	NOT-FOR-US: HP System Event Utility
CVE-2019-18914
	RESERVED
CVE-2019-18913 (A potential security vulnerability with pre-boot DMA may allow unautho ...)
	NOT-FOR-US: Generic UEFI hardware/software issue
CVE-2019-18912
	RESERVED
CVE-2019-18911
	RESERVED
CVE-2019-18910 (The Citrix Receiver wrapper function does not safely handle user suppl ...)
	NOT-FOR-US: Citrix
CVE-2019-18909 (The VPN software within HP ThinPro does not safely handle user supplie ...)
	NOT-FOR-US: HP ThinPro
CVE-2019-18908
	RESERVED
CVE-2019-18907
	RESERVED
CVE-2019-18906
	RESERVED
CVE-2019-18905 (A Insufficient Verification of Data Authenticity vulnerability in auto ...)
	NOT-FOR-US: autoyast2
CVE-2019-18904 (A Uncontrolled Resource Consumption vulnerability in rmt of SUSE Linux ...)
	NOT-FOR-US: SAP
CVE-2019-18903 (A Use After Free vulnerability in wicked of SUSE Linux Enterprise Serv ...)
	NOT-FOR-US: openSUSE wicked
CVE-2019-18902 (A Use After Free vulnerability in wicked of SUSE Linux Enterprise Serv ...)
	NOT-FOR-US: openSUSE wicked
CVE-2019-18901 (A UNIX Symbolic Link (Symlink) Following vulnerability in the mysql-sy ...)
	NOT-FOR-US: SuSE-specific mysqld-systemd-helper
CVE-2019-18900 (: Incorrect Default Permissions vulnerability in libzypp of SUSE CaaS  ...)
	{DLA-2132-1}
	- libzypp <unfixed> (bug #953362)
	[buster] - libzypp <no-dsa> (Minor issue)
	NOTE: https://bugzilla.suse.com/show_bug.cgi?id=1158763
	NOTE: https://github.com/openSUSE/libzypp/pull/196
	NOTE: https://github.com/openSUSE/libzypp/commit/ea50981352bb5c7ab48663edaeb2df1ddd66953e
	NOTE: https://github.com/openSUSE/libzypp/commit/508b1201f23b44ee90dee6dbbeb3ac5f8bd4c089
CVE-2019-18899 (The apt-cacher-ng package of openSUSE Leap 15.1 runs operations in use ...)
	- apt-cacher-ng <not-affected> (openSUSE specific systemd service unit configuration)
CVE-2019-18898 (UNIX Symbolic Link (Symlink) Following vulnerability in the trousers p ...)
	NOT-FOR-US: SUSE specific packaging issue in %posttrans section in src:trousers
CVE-2019-18897 (A UNIX Symbolic Link (Symlink) Following vulnerability in the packagin ...)
	- salt <not-affected> (SuSE-specific Salt packaging vulnerability)
CVE-2019-18896
	RESERVED
CVE-2019-18895 (Scanguard through 2019-11-12 on Windows has Insecure Permissions for t ...)
	NOT-FOR-US: Scanguard
CVE-2019-18894 (In Avast Premium Security 19.8.2393, attackers can send a specially cr ...)
	NOT-FOR-US: Avast Premium Security
CVE-2019-18893 (XSS in the Video Downloader component before 1.5 of Avast Secure Brows ...)
	NOT-FOR-US: Avast Secure Browser
CVE-2019-18892
	RESERVED
CVE-2019-18891
	RESERVED
CVE-2019-18890 (A SQL injection vulnerability in Redmine through 3.2.9 and 3.3.x befor ...)
	{DSA-4574-1}
	- redmine 3.4.2-1
	NOTE: https://www.redmine.org/news/125
	NOTE: https://www.redmine.org/projects/redmine/repository/revisions/16196
	NOTE: https://www.redmine.org/issues/32374
	NOTE: https://github.com/redmine/redmine/commit/04d4a1a191c46e4595ed455372e86c66cf3f6ed7#diff-72469d98e80a60152ebcfa998306b5ecL581-R584
CVE-2019-18889 (An issue was discovered in Symfony 3.4.0 through 3.4.34, 4.2.0 through ...)
	- symfony 4.3.8+dfsg-1
	[buster] - symfony 3.4.22+dfsg-2+deb10u1
	[stretch] - symfony <not-affected> (Vulnerable code not present)
	[jessie] - symfony <not-affected> (Vulnerable code not present)
	NOTE: https://symfony.com/blog/cve-2019-18889-forbid-serializing-abstractadapter-and-tagawareadapter-instances
	NOTE: https://github.com/symfony/symfony/commit/8817d28fcaacb31fe01d267f6e19b44d8179395a
CVE-2019-18888 (An issue was discovered in Symfony 2.8.0 through 2.8.50, 3.4.0 through ...)
	{DSA-4573-1 DLA-1999-1}
	- symfony 4.3.8+dfsg-1
	NOTE: https://symfony.com/blog/cve-2019-18888-prevent-argument-injection-in-a-mimetypeguesser
	NOTE: https://github.com/symfony/symfony/commit/691486e43ce0e4893cd703e221bafc10a871f365
	NOTE: https://github.com/symfony/symfony/commit/77ddabf2e785ea85860d2720cc86f7c5d8967ed5
CVE-2019-18887 (An issue was discovered in Symfony 2.8.0 through 2.8.50, 3.4.0 through ...)
	{DSA-4573-1 DLA-1999-1}
	- symfony 4.3.8+dfsg-1
	NOTE: https://symfony.com/blog/cve-2019-18887-use-constant-time-comparison-in-urisigner
	NOTE: https://github.com/symfony/symfony/commit/cccefe6a7f12e776df0665aeb77fe9294c285fbb
CVE-2019-18886 (An issue was discovered in Symfony 4.2.0 to 4.2.11 and 4.3.0 to 4.3.7. ...)
	{DLA-1999-1}
	- symfony 4.3.8+dfsg-1
	[buster] - symfony <not-affected> (Vulnerability introduced in 4.1.0)
	[stretch] - symfony <not-affected> (Vulnerability introduced in 4.1.0)
	NOTE: https://symfony.com/blog/cve-2019-18886-prevent-user-enumeration-using-switch-user-functionality
	NOTE: Introduced by: https://github.com/symfony/symfony/commit/6e6ac9eaeec9e6a6cc0ab003cac3738460542b0a (v4.1.0-BETA1)
	NOTE: Previous versions asserts "the current user is granted to switch" BEFORE
	NOTE: "loading the user" and thus are not affected.
	NOTE: Fixed by: https://github.com/symfony/symfony/commit/7bd4a92fc9cc15d9a9fbb9eb1041e01b977f8332 (v4.2.12)
CVE-2019-18885 (fs/btrfs/volumes.c in the Linux kernel before 5.1 allows a btrfs_verif ...)
	- linux 5.2.6-1
	NOTE: https://git.kernel.org/linus/09ba3bc9dd150457c506e4661380a6183af651c1 (5.1-rc1)
CVE-2019-18884 (index.php/team_members/add_team_member in RISE Ultimate Project Manage ...)
	NOT-FOR-US: RISE
CVE-2019-18883 (XSS exists in Lavalite CMS 5.7 via the admin/profile name or designati ...)
	NOT-FOR-US: Lavalite CMS
CVE-2019-18882 (WSO2 IS as Key Manager 5.7.0 allows stored XSS in download-userinfo.ja ...)
	NOT-FOR-US: WSO2 IS
CVE-2019-18881 (WSO2 IS as Key Manager 5.7.0 allows unauthenticated reflected XSS in t ...)
	NOT-FOR-US: WSO2 IS
CVE-2019-18880
	RESERVED
CVE-2019-18879
	RESERVED
CVE-2019-18878
	RESERVED
CVE-2019-18877
	RESERVED
CVE-2019-18876
	RESERVED
CVE-2019-18875
	RESERVED
CVE-2019-18874 (psutil (aka python-psutil) through 5.6.5 can have a double free. This  ...)
	{DLA-1998-1}
	- python-psutil 5.6.7-1 (low; bug #944605)
	[buster] - python-psutil <no-dsa> (Minor issue)
	[stretch] - python-psutil <no-dsa> (Minor issue)
	NOTE: https://github.com/giampaolo/psutil/commit/7d512c8e4442a896d56505be3e78f1156f443465
	NOTE: https://github.com/giampaolo/psutil/pull/1616
CVE-2019-18873 (FUDForum 3.0.9 is vulnerable to Stored XSS via the User-Agent HTTP hea ...)
	NOT-FOR-US: FUDForum
CVE-2019-18872
	RESERVED
CVE-2019-18871
	RESERVED
CVE-2019-18870
	RESERVED
CVE-2019-18869
	RESERVED
CVE-2019-18868
	RESERVED
CVE-2019-18867
	RESERVED
CVE-2019-18866
	RESERVED
CVE-2019-18865
	RESERVED
CVE-2019-18864
	RESERVED
CVE-2019-18863 (A key length vulnerability in the implementation of the SRTP 128-bit k ...)
	NOT-FOR-US: Mitel
CVE-2019-18862 (maidag in GNU Mailutils before 3.8 is installed setuid and allows loca ...)
	- mailutils <unfixed> (unimportant; bug #944265)
	NOTE: /usr/sbin/maidat not installed suid root on Debian
CVE-2019-18861
	RESERVED
CVE-2019-18860 (Squid before 4.9, when certain web browsers are used, mishandles HTML  ...)
	- squid 4.9-1
	- squid3 <removed>
	NOTE: https://github.com/squid-cache/squid/pull/504
	NOTE: https://github.com/squid-cache/squid/commit/5cc4b155cee1a4968109737f6eba2ef29d51034d (SQUID_5_0_1)
	NOTE: https://github.com/squid-cache/squid/commit/5a90b4ce64c346ba7f317a278ba601091d9de076 (SQUID_4_9)
CVE-2019-18859 (Digi AnywhereUSB 14 allows XSS via a link for the Digi Page. ...)
	NOT-FOR-US: Digi AnywhereUSB
CVE-2019-18858 (CODESYS 3 web server before 3.5.15.20, as distributed with CODESYS Con ...)
	NOT-FOR-US: CODESYS 3 web server
CVE-2019-18857 (darylldoyle svg-sanitizer before 0.12.0 mishandles script and data val ...)
	NOT-FOR-US: darylldoyle svg-sanitizer
CVE-2019-18856 (A Denial Of Service vulnerability exists in the SVG Sanitizer module t ...)
	NOT-FOR-US: SVG Sanitizer module for Drupal
CVE-2019-18855 (A Denial Of Service vulnerability exists in the safe-svg (aka Safe SVG ...)
	NOT-FOR-US: safe-svg (aka Safe SVG) plugin for WordPress
CVE-2019-18854 (A Denial Of Service vulnerability exists in the safe-svg (aka Safe SVG ...)
	NOT-FOR-US: safe-svg (aka Safe SVG) plugin for WordPress
CVE-2019-18853 (ImageMagick before 7.0.9-0 allows remote attackers to cause a denial o ...)
	- imagemagick <not-affected> (Only affects Imagemagick 7.x)
	NOTE: https://github.com/ImageMagick/ImageMagick/commit/ec9c8944af2bfc65c697ca44f93a727a99b405f1
CVE-2019-18852 (Certain D-Link devices have a hardcoded Alphanetworks user account wit ...)
	NOT-FOR-US: D-Link
CVE-2019-18851
	RESERVED
CVE-2019-18850 (TrevorC2 v1.1/v1.2 fails to prevent fingerprinting primarily via a dis ...)
	NOT-FOR-US: TrevorC2
CVE-2019-18849 (In tnef before 1.4.18, an attacker may be able to write to the victim' ...)
	{DLA-2005-1}
	- tnef 1.4.18-1 (bug #944851)
	[buster] - tnef <no-dsa> (Minor issue; can be fixed via point release)
	[stretch] - tnef <no-dsa> (Minor issue; can be fixed via point release)
	NOTE: https://github.com/verdammelt/tnef/pull/40
CVE-2019-18848 (The json-jwt gem before 1.11.0 for Ruby lacks an element count during  ...)
	- ruby-json-jwt 1.11.0-1 (bug #944850)
	NOTE: https://github.com/nov/json-jwt/commit/ada16e772906efdd035e3df49cb2ae372f0f948a
CVE-2019-18847
	RESERVED
CVE-2019-18846 (OX App Suite through 7.10.2 allows SSRF. ...)
	NOT-FOR-US: OX App Suite
CVE-2019-18845 (The MsIo64.sys and MsIo32.sys drivers in Patriot Viper RGB before 1.1  ...)
	NOT-FOR-US: Patriot Viper RGB
CVE-2019-18844 (The Device Model in ACRN before 2019w25.5-140000p relies on assert cal ...)
	NOT-FOR-US: ACRN
CVE-2019-18843
	RESERVED
CVE-2019-18842 (A cross-site scripting (XSS) vulnerability in the configuration web in ...)
	NOT-FOR-US: Jinan USR IOT USR-WIFI232-S/T/G2/H Low Power WiFi Module
CVE-2019-18841 (Chartkick.js 3.1.0 through 3.1.3, as used in the Chartkick gem before  ...)
	- chartkick.js <not-affected> (Vulnerability introduced with 3.1.0)
	NOTE: https://github.com/ankane/chartkick/commit/b810936bbf687bc74c5b6dba72d2397a399885fa
CVE-2019-18840 (In wolfSSL 4.1.0 through 4.2.0c, there are missing sanity checks of me ...)
	- wolfssl 4.2.0+dfsg-3
	NOTE: https://github.com/wolfSSL/wolfssl/issues/2555
	NOTE: https://github.com/wolfSSL/wolfssl/commit/52f28bd5149360f8e3bf8ca13d3fb9a77283df7c
CVE-2019-18839 (FUDForum 3.0.9 is vulnerable to Stored XSS via the nlogin parameter. T ...)
	NOT-FOR-US: FUDForum
CVE-2019-18838 (An issue was discovered in Envoy 1.12.0. Upon receipt of a malformed H ...)
	NOT-FOR-US: envoy proxy (not the same as itp'ed envoy, #758651)
CVE-2019-18837 (An issue was discovered in crun before 0.10.5. With a crafted image, i ...)
	- crun <not-affected> (Fixed in initial upload)
CVE-2019-18836 (Envoy 1.12.0 allows a remote denial of service because of resource loo ...)
	NOT-FOR-US: envoy proxy (not the same as itp'ed envoy, #758651)
CVE-2019-18835 (Matrix Synapse before 1.5.0 mishandles signature checking on some fede ...)
	- matrix-synapse 1.5.0-1 (bug #944355)
	NOTE: https://github.com/matrix-org/synapse/pull/6262
	NOTE: https://github.com/matrix-org/synapse/releases/tag/v1.5.0
CVE-2019-18834
	RESERVED
CVE-2019-18833 (Barco ClickShare Button R9861500D01 devices before 1.9.0 allow Informa ...)
	NOT-FOR-US: Barco ClickShare Button R9861500D01 devices
CVE-2019-18832 (Barco ClickShare Button R9861500D01 devices before 1.9.0 have incorrec ...)
	NOT-FOR-US: Barco ClickShare Button R9861500D01 devices
CVE-2019-18831 (Barco ClickShare Button R9861500D01 devices before 1.9.0 allow Informa ...)
	NOT-FOR-US: Barco ClickShare Button R9861500D01 devices
CVE-2019-18830 (Barco ClickShare Button R9861500D01 devices before 1.9.0 allow OS Comm ...)
	NOT-FOR-US: Barco ClickShare Button R9861500D01 devices
CVE-2019-18829 (Barco ClickShare Button R9861500D01 devices before 1.9.0 have Missing  ...)
	NOT-FOR-US: Barco ClickShare Button R9861500D01 devices
CVE-2019-18828 (Barco ClickShare Button R9861500D01 devices before 1.9.0 have Insuffic ...)
	NOT-FOR-US: Barco ClickShare Button R9861500D01 devices
CVE-2019-18827 (On Barco ClickShare Button R9861500D01 devices (before firmware versio ...)
	NOT-FOR-US: Barco ClickShare Button R9861500D01 devices
CVE-2019-18826 (Barco ClickShare Button R9861500D01 devices before 1.9.0 have Improper ...)
	NOT-FOR-US: Barco ClickShare Button R9861500D01 devices
CVE-2019-18825 (Barco ClickShare Huddle CS-100 devices before 1.9.0 and CSE-200 device ...)
	NOT-FOR-US: Barco ClickShare Huddle devices
CVE-2019-18824 (Barco ClickShare Button R9861500D01 devices before 1.9.0 have Missing  ...)
	NOT-FOR-US: Barco ClickShare Button R9861500D01 devices
CVE-2019-18823
	RESERVED
CVE-2019-18822
	RESERVED
CVE-2019-18821 (Eximious Logo Designer 3.82 has a User Mode Write AV starting at ExiCu ...)
	NOT-FOR-US: Eximious Logo Designer
CVE-2019-18820 (Eximious Logo Designer 3.82 has Heap Corruption starting at ntdll!Rtlp ...)
	NOT-FOR-US: Eximious Logo Designer
CVE-2019-18819 (Eximious Logo Designer 3.82 has a User Mode Write AV starting at ExiVe ...)
	NOT-FOR-US: Eximious Logo Designer
CVE-2019-18818 (strapi before 3.0.0-beta.17.5 mishandles password resets within packag ...)
	NOT-FOR-US: strapi CMS
CVE-2019-18817 (Istio 1.3.x before 1.3.5 allows Denial of Service because continue_on_ ...)
	NOT-FOR-US: Istio
CVE-2019-18816 (po-admin/route.php?mod=post&amp;act=edit in PopojiCMS 2.0.1 allows pos ...)
	NOT-FOR-US: PopojiCMS
CVE-2019-18815 (PopojiCMS 2.0.1 allows refer= Open Redirection. ...)
	NOT-FOR-US: PopojiCMS
CVE-2019-18814 (An issue was discovered in the Linux kernel through 5.3.9. There is a  ...)
	- linux <unfixed>
	[stretch] - linux <not-affected> (Vulnerability introduced later)
	[jessie] - linux <not-affected> (Vulnerability introduced later)
	NOTE: https://lore.kernel.org/patchwork/patch/1142523/
CVE-2019-18813 (A memory leak in the dwc3_pci_probe() function in drivers/usb/dwc3/dwc ...)
	- linux 5.3.15-1 (unimportant)
	[buster] - linux 4.19.87-1
	[stretch] - linux <not-affected> (Bug introduced later)
	[jessie] - linux <not-affected> (Bug introduced later)
	NOTE: https://git.kernel.org/linus/9bbfceea12a8f145097a27d7c7267af25893c060
	NOTE: No security impact since the issue is on the probe path.
CVE-2019-18812 (A memory leak in the sof_dfsentry_write() function in sound/soc/sof/de ...)
	- linux 5.4.6-1 (unimportant)
	[buster] - linux <not-affected> (Vulnerable code not present)
	[stretch] - linux <not-affected> (Vulnerable code not present)
	[jessie] - linux <not-affected> (Vulnerable code not present)
	NOTE: Function only exposed through debugfs
CVE-2019-18811 (A memory leak in the sof_set_get_large_ctrl_data() function in sound/s ...)
	- linux 5.3.15-1
	[buster] - linux <not-affected> (Vulnerability introduced later)
	[stretch] - linux <not-affected> (Vulnerability introduced later)
	[jessie] - linux <not-affected> (Vulnerability introduced later)
CVE-2019-18810 (A memory leak in the komeda_wb_connector_add() function in drivers/gpu ...)
	- linux 5.3.9-1 (unimportant)
	[buster] - linux <not-affected> (Bug introduced later)
	[stretch] - linux <not-affected> (Bug introduced later)
	[jessie] - linux <not-affected> (Bug introduced later)
	NOTE: https://git.kernel.org/linus/a0ecd6fdbf5d648123a7315c695fb6850d702835
	NOTE: CONFIG_DRM_KOMEDA not enabled in Debian builds.
CVE-2019-18809 (A memory leak in the af9005_identify_state() function in drivers/media ...)
	{DLA-2114-1}
	- linux 5.4.13-1
	[buster] - linux 4.19.98-1
	[stretch] - linux 4.9.210-1
	[jessie] - linux <not-affected> (Bug introduced later)
CVE-2019-18808 (A memory leak in the ccp_run_sha_cmd() function in drivers/crypto/ccp/ ...)
	- linux <unfixed> (unimportant)
	NOTE: Not a valid issue
CVE-2019-18807 (Two memory leaks in the sja1105_static_config_upload() function in dri ...)
	- linux 5.3.7-1
	[buster] - linux <not-affected> (Vulnerable code not present)
	[stretch] - linux <not-affected> (Vulnerable code not present)
	[jessie] - linux <not-affected> (Vulnerable code not present)
	NOTE: https://git.kernel.org/linus/68501df92d116b760777a2cfda314789f926476f
CVE-2019-18806 (A memory leak in the ql_alloc_large_buffers() function in drivers/net/ ...)
	- linux 5.3.7-1 (unimportant)
	[buster] - linux 4.19.87-1
	[stretch] - linux 4.9.210-1
	[jessie] - linux 3.16.81-1
	NOTE: https://git.kernel.org/linus/1acb8f2a7a9f10543868ddd737e37424d5c36cf4
CVE-2019-18805 (An issue was discovered in net/ipv4/sysctl_net_ipv4.c in the Linux ker ...)
	- linux 5.2.6-1
	[buster] - linux 4.19.67-1
	[stretch] - linux 4.9.184-1
	[jessie] - linux <not-affected> (Vulnerable code introduced later)
	NOTE: https://git.kernel.org/linus/19fad20d15a6494f47f85d869f00b11343ee5c78
CVE-2019-18804 (DjVuLibre 3.5.27 has a NULL pointer dereference in the function DJVU:: ...)
	{DLA-1985-1}
	- djvulibre 3.5.27.1-14 (bug #945114)
	[buster] - djvulibre <no-dsa> (Minor issue)
	[stretch] - djvulibre <no-dsa> (Minor issue)
	NOTE: https://sourceforge.net/p/djvu/bugs/309/
	NOTE: https://sourceforge.net/p/djvu/djvulibre-git/ci/c8bec6549c10ffaa2f2fbad8bbc629efdf0dd125/
CVE-2019-18803
	RESERVED
CVE-2019-18802 (An issue was discovered in Envoy 1.12.0. An untrusted remote client ma ...)
	NOT-FOR-US: envoy proxy (not the same as itp'ed envoy, #758651)
CVE-2019-18801 (An issue was discovered in Envoy 1.12.0. An untrusted remote client ma ...)
	NOT-FOR-US: envoy proxy (not the same as itp'ed envoy, #758651)
CVE-2019-18800 (Viber through 11.7.0.5 allows a remote attacker who can capture a vict ...)
	NOT-FOR-US: Viber
CVE-2019-18799 (LibSass before 3.6.3 allows a NULL pointer dereference in Sass::Parser ...)
	- libsass <unfixed> (low)
	[buster] - libsass <no-dsa> (Minor issue)
	[stretch] - libsass <no-dsa> (Minor issue)
	NOTE: https://github.com/sass/libsass/issues/3001
CVE-2019-18798 (LibSass before 3.6.3 allows a heap-based buffer over-read in Sass::wea ...)
	- libsass <unfixed> (low)
	[buster] - libsass <no-dsa> (Minor issue)
	[stretch] - libsass <no-dsa> (Minor issue)
	NOTE: https://github.com/sass/libsass/issues/2999
CVE-2019-18797 (LibSass 3.6.1 has uncontrolled recursion in Sass::Eval::operator()(Sas ...)
	- libsass <unfixed> (low)
	[buster] - libsass <no-dsa> (Minor issue)
	[stretch] - libsass <no-dsa> (Minor issue)
	NOTE: https://github.com/sass/libsass/issues/3000
CVE-2019-18796
	RESERVED
CVE-2019-18795
	RESERVED
CVE-2019-18794
	RESERVED
CVE-2019-18793 (Parallels Plesk Panel 9.5 allows XSS in target/locales/tr-TR/help/inde ...)
	NOT-FOR-US: Parallels Plesk Panel
CVE-2019-18792 (An issue was discovered in Suricata 5.0.0. It is possible to bypass/ev ...)
	{DLA-2087-1}
	[experimental] - suricata 1:5.0.1-1~exp1
	- suricata 1:5.0.2-1
	[buster] - suricata <no-dsa> (Minor issue)
	[stretch] - suricata <no-dsa> (Minor issue)
	NOTE: https://github.com/OISF/suricata/commit/1c63d3905852f746ccde7e2585600b2199cefb4b (master-4.1.x)
	NOTE: https://github.com/OISF/suricata/commit/fa692df37a796c3330c81988d15ef1a219afc006 (suricata-5.0.1)
	NOTE: https://redmine.openinfosecfoundation.org/issues/3324
	NOTE: https://redmine.openinfosecfoundation.org/issues/3394
CVE-2019-18791 (Lexmark printer MS812 and multiple older generation Lexmark devices ha ...)
	NOT-FOR-US: Lexmark
CVE-2019-18790 (An issue was discovered in channels/chan_sip.c in Sangoma Asterisk 13. ...)
	{DLA-2017-1}
	- asterisk <unfixed> (bug #947381)
	[buster] - asterisk <no-dsa> (Minor issue)
	[stretch] - asterisk <no-dsa> (Minor issue)
	NOTE: https://downloads.asterisk.org/pub/security/AST-2019-006.html
	NOTE: https://issues.asterisk.org/jira/browse/ASTERISK-28589
CVE-2019-18789
	RESERVED
CVE-2019-18788
	RESERVED
CVE-2019-18787
	RESERVED
CVE-2019-18785 (SuiteCRM 7.10.x prior to 7.10.21 and 7.11.x prior to 7.11.9 mishandles ...)
	NOT-FOR-US: SuiteCRM
CVE-2019-18784 (SuiteCRM 7.10.x versions prior to 7.10.21 and 7.11.x versions prior to ...)
	NOT-FOR-US: SuiteCRM
CVE-2019-18783
	RESERVED
CVE-2019-18782 (SuiteCRM 7.10.x prior to 7.10.21 and 7.11.x prior to 7.11.9 does not c ...)
	NOT-FOR-US: SuiteCRM
CVE-2019-18781 (An open redirect vulnerability was discovered in Zoho ManageEngine ADS ...)
	NOT-FOR-US: Zoho ManageEngine ADSelfService Plus
CVE-2019-18786 (In the Linux kernel through 5.3.8, f-&gt;fmt.sdr.reserved is uninitial ...)
	- linux 5.4.8-1
	[buster] - linux 4.19.98-1
	[stretch] - linux <not-affected> (Vulnerable code not present)
	[jessie] - linux <not-affected> (Vulnerable code not present)
	NOTE: https://patchwork.linuxtv.org/patch/59542/
CVE-2019-18780 (An arbitrary command injection vulnerability in the Cluster Server com ...)
	NOT-FOR-US: Veritas InfoScale
CVE-2019-18779
	RESERVED
CVE-2019-18778
	RESERVED
CVE-2019-18777
	RESERVED
CVE-2019-18776
	RESERVED
CVE-2019-18775
	RESERVED
CVE-2019-18774
	REJECTED
CVE-2019-18773
	REJECTED
CVE-2019-18772
	REJECTED
CVE-2019-18771
	REJECTED
CVE-2019-18770
	REJECTED
CVE-2019-18769
	REJECTED
CVE-2019-18768
	REJECTED
CVE-2019-18767
	REJECTED
CVE-2019-18766
	REJECTED
CVE-2019-18765
	REJECTED
CVE-2019-18764
	REJECTED
CVE-2019-18763
	REJECTED
CVE-2019-18762
	REJECTED
CVE-2019-18761
	REJECTED
CVE-2019-18760
	REJECTED
CVE-2019-18759
	REJECTED
CVE-2019-18758
	REJECTED
CVE-2019-18757
	REJECTED
CVE-2019-18756
	REJECTED
CVE-2019-18755
	REJECTED
CVE-2019-18754
	REJECTED
CVE-2019-18753
	REJECTED
CVE-2019-18752
	REJECTED
CVE-2019-18751
	REJECTED
CVE-2019-18750
	REJECTED
CVE-2019-18749
	REJECTED
CVE-2019-18748
	REJECTED
CVE-2019-18747
	REJECTED
CVE-2019-18746
	REJECTED
CVE-2019-18745
	REJECTED
CVE-2019-18744
	REJECTED
CVE-2019-18743
	REJECTED
CVE-2019-18742
	REJECTED
CVE-2019-18741
	REJECTED
CVE-2019-18740
	REJECTED
CVE-2019-18739
	REJECTED
CVE-2019-18738
	REJECTED
CVE-2019-18737
	REJECTED
CVE-2019-18736
	REJECTED
CVE-2019-18735
	REJECTED
CVE-2019-18734
	REJECTED
CVE-2019-18733
	REJECTED
CVE-2019-18732
	REJECTED
CVE-2019-18731
	REJECTED
CVE-2019-18730
	REJECTED
CVE-2019-18729
	REJECTED
CVE-2019-18728
	REJECTED
CVE-2019-18727
	REJECTED
CVE-2019-18726
	REJECTED
CVE-2019-18725
	REJECTED
CVE-2019-18724
	REJECTED
CVE-2019-18723
	REJECTED
CVE-2019-18722
	REJECTED
CVE-2019-18721
	REJECTED
CVE-2019-18720
	REJECTED
CVE-2019-18719
	REJECTED
CVE-2019-18718
	REJECTED
CVE-2019-18717
	REJECTED
CVE-2019-18716
	REJECTED
CVE-2019-18715
	REJECTED
CVE-2019-18714
	REJECTED
CVE-2019-18713
	REJECTED
CVE-2019-18712
	REJECTED
CVE-2019-18711
	REJECTED
CVE-2019-18710
	REJECTED
CVE-2019-18709
	REJECTED
CVE-2019-18708
	REJECTED
CVE-2019-18707
	REJECTED
CVE-2019-18706
	REJECTED
CVE-2019-18705
	REJECTED
CVE-2019-18704
	REJECTED
CVE-2019-18703
	REJECTED
CVE-2019-18702
	REJECTED
CVE-2019-18701
	REJECTED
CVE-2019-18700
	REJECTED
CVE-2019-18699
	REJECTED
CVE-2019-18698
	REJECTED
CVE-2019-18697
	REJECTED
CVE-2019-18696
	REJECTED
CVE-2019-18695
	REJECTED
CVE-2019-18694
	REJECTED
CVE-2019-18693
	REJECTED
CVE-2019-18692
	REJECTED
CVE-2019-18691
	REJECTED
CVE-2019-18690
	REJECTED
CVE-2019-18689
	REJECTED
CVE-2019-18688
	REJECTED
CVE-2019-18687
	REJECTED
CVE-2019-18686
	REJECTED
CVE-2019-18685
	REJECTED
CVE-2019-18684 (** DISPUTED ** Sudo through 1.8.29 allows local users to escalate to r ...)
	NOTE: https://gist.github.com/oxagast/51171aa161074188a11d96cbef884bbd
	NOTE: Issue is bogus and a non-security issue (confirmed by upstream and in progress
	NOTE: of beeing REJECTED). An attack is only viable if the attacker can write to fd/3.
CVE-2019-18682
	RESERVED
CVE-2019-18681
	RESERVED
CVE-2019-18680 (An issue was discovered in the Linux kernel 4.4.x before 4.4.195. Ther ...)
	- linux <not-affected> (Vulnerable code not present)
	NOTE: https://lkml.org/lkml/2019/9/18/337
CVE-2019-18679 (An issue was discovered in Squid 2.x, 3.x, and 4.x through 4.8. Due to ...)
	{DLA-2028-1}
	- squid 4.9-1
	- squid3 <removed>
	NOTE: Squid 4: http://www.squid-cache.org/Versions/v4/changesets/squid-4-671ba97abe929156dc4c717ee52ad22fba0f7443.patch
	NOTE: http://www.squid-cache.org/Advisories/SQUID-2019_11.txt
CVE-2019-18678 (An issue was discovered in Squid 3.x and 4.x through 4.8. It allows at ...)
	{DLA-2028-1}
	- squid 4.9-1
	- squid3 <removed>
	NOTE: Squid 4: http://www.squid-cache.org/Versions/v4/changesets/squid-4-671ba97abe929156dc4c717ee52ad22fba0f7443.patch
	NOTE: http://www.squid-cache.org/Advisories/SQUID-2019_10.txt
CVE-2019-18677 (An issue was discovered in Squid 3.x and 4.x through 4.8 when the appe ...)
	{DLA-2028-1}
	- squid 4.9-1
	- squid3 <removed>
	NOTE: Squid 4: http://www.squid-cache.org/Versions/v4/changesets/squid-4-36492033ea4097821a4f7ff3ddcb971fbd1e8ba0.patch
	NOTE: Squid 3.5: http://www.squid-cache.org/Versions/v3/3.5/changesets/squid-3.5-e5f1813a674848dde570f7920873e1071f96e0b4.patch
	NOTE: http://www.squid-cache.org/Advisories/SQUID-2019_9.txt
CVE-2019-18676 (An issue was discovered in Squid 3.x and 4.x through 4.8. Due to incor ...)
	- squid 4.9-1
	- squid3 <removed>
	NOTE: http://www.squid-cache.org/Advisories/SQUID-2019_8.txt
	NOTE: Squid 4: http://www.squid-cache.org/Versions/v4/changesets/squid-4-fbbdf75efd7a5cc244b4886a9d42ea458c5a3a73.patch
CVE-2019-18683 (An issue was discovered in drivers/media/platform/vivid in the Linux k ...)
	{DLA-2114-1}
	- linux 5.3.15-1
	[buster] - linux 4.19.87-1
	[stretch] - linux 4.9.210-1
	[jessie] - linux <not-affected> (Vulnerable code not present)
	NOTE: https://www.openwall.com/lists/oss-security/2019/11/02/1
CVE-2019-18675 (The Linux kernel through 5.3.13 has a start_offset+size Integer Overfl ...)
	- linux 4.16.16-1
	[stretch] - linux 4.9.110-1
	[jessie] - linux 3.16.64-1
	NOTE: https://deshal3v.github.io/blog/kernel-research/mmap_exploitation
CVE-2019-18674 (An issue was discovered in Joomla! before 3.9.13. A missing access che ...)
	NOT-FOR-US: Joomla!
CVE-2019-18673 (On SHIFT BitBox02 devices, a side channel for the row-based OLED displ ...)
	NOT-FOR-US: SHIFT BitBox02 devices
CVE-2019-18672 (Insufficient checks in the finite state machine of the ShapeShift Keep ...)
	NOT-FOR-US: ShapeShift
CVE-2019-18671 (Insufficient checks in the USB packet handling of the ShapeShift KeepK ...)
	NOT-FOR-US: ShapeShift
CVE-2019-18670 (In the Quick Access Service (QAAdminAgent.exe) in Acer Quick Access V2 ...)
	NOT-FOR-US: Acer
CVE-2019-18669
	RESERVED
CVE-2019-18668 (An issue was discovered in the Currency Switcher addon before 2.11.2 f ...)
	NOT-FOR-US: Currency Switcher addon for WooCommerce
CVE-2019-18667 (/usr/local/www/freeradius_view_config.php in the freeradius3 package b ...)
	NOT-FOR-US: FreeBSD specific freeradius_view_config.php in the freeradius3 package
CVE-2019-18666
	RESERVED
CVE-2019-18665 (The Log module in SECUDOS DOMOS before 5.6 allows local file inclusion ...)
	NOT-FOR-US: SECUDOS DOMOS
CVE-2019-18664 (The Log module in SECUDOS DOMOS before 5.6 allows XSS. ...)
	NOT-FOR-US: SECUDOS DOMOS
CVE-2019-18663 (A SQL injection vulnerability in a /login/forgot1 POST request in ARP- ...)
	NOT-FOR-US: ARP-GUARD
CVE-2019-18662 (An issue was discovered in YouPHPTube through 7.7. User input passed t ...)
	NOT-FOR-US: YouPHPTube
CVE-2019-18661 (Fastweb FASTGate 1.0.1b devices allow partial authentication bypass by ...)
	NOT-FOR-US: Fastweb FASTGate
CVE-2019-18660 (The Linux kernel before 5.4.1 on powerpc allows Information Exposure b ...)
	- linux 5.3.15-1
	[buster] - linux 4.19.87-1
	[stretch] - linux 4.9.210-1
	[jessie] - linux <ignored> (powerpc not supported in LTS)
	NOTE: https://www.openwall.com/lists/oss-security/2019/11/27/1
CVE-2019-18659 (The Wireless Emergency Alerts (WEA) protocol allows remote attackers t ...)
	NOT-FOR-US: Wireless Emergency Alerts (WEA) protocol
CVE-2019-18658 (In Helm 2.x before 2.15.2, commands that deal with loading a chart as  ...)
	- helm-kubernetes <itp> (bug #910799)
CVE-2019-18657 (ClickHouse before 19.13.5.44 allows HTTP header injection via the url  ...)
	NOT-FOR-US: ClickHouse
CVE-2019-18656 (Pimcore 6.2.3 has XSS in the translations grid because bundles/AdminBu ...)
	NOT-FOR-US: Pimcore
CVE-2019-18655 (File Sharing Wizard version 1.5.0 build 2008 is affected by a Structur ...)
	NOT-FOR-US: File Sharing Wizard
CVE-2019-18654 (A Cross Site Scripting (XSS) issue exists in AVG AntiVirus (Internet S ...)
	NOT-FOR-US: AVG
CVE-2019-18653 (A Cross Site Scripting (XSS) issue exists in Avast AntiVirus (Free, In ...)
	NOT-FOR-US: Avast
CVE-2019-18652 (A DOM based XSS vulnerability has been identified on the WatchGuard XM ...)
	NOT-FOR-US: Watchguard
CVE-2019-18651 (A cross-site request forgery (CSRF) vulnerability in 3xLogic Infinias  ...)
	NOT-FOR-US: 3xLogic
CVE-2019-18650 (An issue was discovered in Joomla! before 3.9.13. A missing token chec ...)
	NOT-FOR-US: Joomla!
CVE-2019-18649 (When logged in as an admin user, the Title input field (under Reports) ...)
	NOT-FOR-US: Untangle NG firewall
CVE-2019-18648 (When logged in as an admin user, the Untangle NG firewall 14.2.0 is vu ...)
	NOT-FOR-US: Untangle NG firewall
CVE-2019-18647 (The Untangle NG firewall 14.2.0 is vulnerable to an authenticated comm ...)
	NOT-FOR-US: Untangle NG firewall
CVE-2019-18646 (The Untangle NG firewall 14.2.0 is vulnerable to authenticated inline- ...)
	NOT-FOR-US: Untangle NG firewall
CVE-2019-18645 (The quarantine restoration function in Total Defense Anti-virus 11.5.2 ...)
	NOT-FOR-US: Total Defense Anti-virus
CVE-2019-18644 (The malware scan function in Total Defense Anti-virus 11.5.2.28 is vul ...)
	NOT-FOR-US: Total Defense Anti-virus
CVE-2019-18643
	RESERVED
CVE-2019-18642
	RESERVED
CVE-2019-18641 (Rock RMS before 1.8.6 mishandles vCard access control within the Peopl ...)
	NOT-FOR-US: Rock RMS
CVE-2019-18640
	RESERVED
CVE-2019-18639
	RESERVED
CVE-2019-18638
	RESERVED
CVE-2019-18637
	RESERVED
CVE-2019-18636 (A cross-site scripting (XSS) vulnerability in Jitbit .NET Forum (aka A ...)
	NOT-FOR-US: Jitbit .NET Forum
CVE-2019-18635 (An issue was discovered in Mooltipass Moolticute through v0.42.1 and v ...)
	NOT-FOR-US: Mooltipass Moolticute
CVE-2019-18634 (In Sudo before 1.8.26, if pwfeedback is enabled in /etc/sudoers, users ...)
	{DSA-4614-1 DLA-2094-1}
	- sudo 1.8.31-1 (bug #950371)
	[buster] - sudo 1.8.27-1+deb10u2
	NOTE: https://www.sudo.ws/alerts/pwfeedback.html
	NOTE: https://www.openwall.com/lists/oss-security/2020/01/30/6
	NOTE: https://github.com/sudo-project/sudo/commit/fa8ffeb17523494f0e8bb49a25e53635f4509078 (master)
	NOTE: https://github.com/sudo-project/sudo/commit/b5d2010b6514ff45693509273bb07df3abb0bf0a (SUDO_1_8_31)
	NOTE: The issue itself is fixed only in 1.8.31 but a change in the EOF handling
	NOTE: introduced in 1.8.26 mitigated exploitation of the bug in some cases:
	NOTE: https://www.openwall.com/lists/oss-security/2020/01/31/1
	NOTE: Change for "Print a warning for password read issues" in 1.8.26:
	NOTE: https://github.com/sudo-project/sudo/commit/ab2cba0f5d8b286e8e52c06076efd32434f538ae (SUDO_1_8_26)
	NOTE: The overflow is tough as well reachable when using a pty:
	NOTE: https://www.openwall.com/lists/oss-security/2020/02/05/2
CVE-2019-18633 (European Commission eIDAS-Node Integration Package before 2.3.1 has Mi ...)
	NOT-FOR-US: European Commission eIDAS-Node Integration Package
CVE-2019-18632 (European Commission eIDAS-Node Integration Package before 2.3.1 allows ...)
	NOT-FOR-US: European Commission eIDAS-Node Integration Package
CVE-2019-18631 (The Windows component of Centrify Authentication and Privilege Elevati ...)
	NOT-FOR-US: Centrify Authentication and Privilege Elevation Services
CVE-2019-18630
	RESERVED
CVE-2019-18629
	RESERVED
CVE-2019-18628
	RESERVED
CVE-2019-18627
	RESERVED
CVE-2019-18626 (Harris Ormed Self Service before 2019.1.4 allows an authenticated user ...)
	NOT-FOR-US: Harris Ormed Self Service
CVE-2019-18625 (An issue was discovered in Suricata 5.0.0. It was possible to bypass/e ...)
	{DLA-2087-1}
	[experimental] - suricata 1:5.0.1-1~exp1
	- suricata 1:5.0.2-1
	[buster] - suricata <no-dsa> (Minor issue)
	[stretch] - suricata <no-dsa> (Minor issue)
	NOTE: https://github.com/OISF/suricata/commit/9f0294fadca3dcc18c919424242a41e01f3e8318 (suricata-5.0.1)
	NOTE: https://github.com/OISF/suricata/commit/ea0659de7640cf6a51de5bbd1dbbb0414e4623a0 (master-4.1.x)
	NOTE: https://redmine.openinfosecfoundation.org/issues/3286
	NOTE: https://redmine.openinfosecfoundation.org/issues/3395
CVE-2019-18624 (Opera Mini for Android allows attackers to bypass intended restriction ...)
	NOT-FOR-US: Opera Mini for Android
CVE-2019-18623 (Escalation of privileges in EnergyCAP 7 through 7.5.6 allows an attack ...)
	NOT-FOR-US: EnergyCAP
CVE-2019-18622 (An issue was discovered in phpMyAdmin before 4.9.2. A crafted database ...)
	- phpmyadmin 4:4.9.2+dfsg1-1 (bug #945349)
	[stretch] - phpmyadmin <not-affected> (vulnerable code is not present)
	[jessie] - phpmyadmin <not-affected> (vulnerable code is not present)
	NOTE: https://github.com/phpmyadmin/phpmyadmin/commit/ff541af95d7155d8dd326f331b5e248fea8e7111
	NOTE: https://gist.github.com/ibennetch/4ba7d2fac6f384a5039d697a110e0912
	NOTE: https://www.phpmyadmin.net/security/PMASA-2019-5/
CVE-2019-18621
	RESERVED
CVE-2019-18620
	RESERVED
CVE-2019-18619
	RESERVED
CVE-2019-18618
	RESERVED
CVE-2019-18617
	RESERVED
CVE-2019-18616
	RESERVED
CVE-2019-18615 (In CloudVision Portal (CVP) for all releases in the 2018.2 Train, unde ...)
	NOT-FOR-US: CloudVision Portal
CVE-2019-18614
	RESERVED
CVE-2019-18613
	RESERVED
CVE-2019-18612 (An issue was discovered in the AbuseFilter extension through 1.34 for  ...)
	NOT-FOR-US: AbuseFilter MediaWiki extension
CVE-2019-18611 (An issue was discovered in the CheckUser extension through 1.34 for Me ...)
	NOT-FOR-US: CheckUser MediaWiki extension
CVE-2019-18610 (An issue was discovered in manager.c in Sangoma Asterisk through 13.x, ...)
	{DLA-2017-1}
	- asterisk <unfixed> (bug #947377)
	[buster] - asterisk <no-dsa> (Minor issue)
	[stretch] - asterisk <no-dsa> (Minor issue)
	NOTE: https://downloads.asterisk.org/pub/security/AST-2019-007.html
	NOTE: https://issues.asterisk.org/jira/browse/ASTERISK-28580
CVE-2019-18609 (An issue was discovered in amqp_handle_input in amqp_connection.c in r ...)
	{DLA-2022-1}
	- librabbitmq 0.10.0-1 (low; bug #946005)
	[buster] - librabbitmq <no-dsa> (Minor issue)
	[stretch] - librabbitmq <no-dsa> (Minor issue)
	NOTE: https://github.com/alanxz/rabbitmq-c/commit/fc85be7123050b91b054e45b91c78d3241a5047a
CVE-2019-18608 (Cezerin v0.33.0 allows unauthorized order-information modification bec ...)
	NOT-FOR-US: Cezerin
CVE-2019-18607
	RESERVED
CVE-2019-18606
	RESERVED
CVE-2019-18605
	RESERVED
CVE-2019-18604 (In axohelp.c before 1.3 in axohelp in axodraw2 before 2.1.1b, as distr ...)
	- texlive-bin <unfixed>
	[buster] - texlive-bin <no-dsa> (Minor issue)
	[stretch] - texlive-bin <not-affected> (Vulnerable code not present)
	[jessie] - texlive-bin <not-affected> (Vulnerable code not present)
	NOTE: https://github.com/TeX-Live/texlive-source/commit/9216833a3888a4105a18e8c349f65b045ddb1079#diff-987e40c0e27ee43f6a2414ada73a191a
CVE-2019-18600
	RESERVED
CVE-2019-18599
	RESERVED
CVE-2019-18598
	RESERVED
CVE-2019-18597
	RESERVED
CVE-2019-18596
	RESERVED
CVE-2019-18595
	RESERVED
CVE-2019-18594
	RESERVED
CVE-2019-18593
	RESERVED
CVE-2019-18592
	RESERVED
CVE-2019-18591
	RESERVED
CVE-2019-18590
	RESERVED
CVE-2019-18589
	RESERVED
CVE-2019-18588 (Dell EMC Unisphere for PowerMax versions prior to 9.1.0.9, Dell EMC Un ...)
	NOT-FOR-US: EMC
CVE-2019-18587
	RESERVED
CVE-2019-18586
	REJECTED
CVE-2019-18585
	REJECTED
CVE-2019-18584
	REJECTED
CVE-2019-18583
	REJECTED
CVE-2019-18582 (Dell EMC Data Protection Advisor versions 6.3, 6.4, 6.5, 18.2 versions ...)
	NOT-FOR-US: EMC
CVE-2019-18581 (Dell EMC Data Protection Advisor versions 6.3, 6.4, 6.5, 18.2 versions ...)
	NOT-FOR-US: EMC
CVE-2019-18580 (Dell EMC Storage Monitoring and Reporting version 4.3.1 contains a Jav ...)
	NOT-FOR-US: EMC
CVE-2019-18579 (Settings for the Dell XPS 13 2-in-1 (7390) BIOS versions prior to 1.1. ...)
	NOT-FOR-US: Dell
CVE-2019-18578 (Dell EMC XtremIO XMS versions prior to 6.3.0 contain a stored cross-si ...)
	NOT-FOR-US: EMC XtremIO XMS
CVE-2019-18577 (Dell EMC XtremIO XMS versions prior to 6.3.0 contain an incorrect perm ...)
	NOT-FOR-US: EMC XtremIO XMS
CVE-2019-18576 (Dell EMC XtremIO XMS versions prior to 6.3.0 contain an information di ...)
	NOT-FOR-US: EMC XtremIO XMS
CVE-2019-18575 (Dell Command Configure versions prior to 4.2.1 contain an uncontrolled ...)
	NOT-FOR-US: Dell Command Configure
CVE-2019-18574 (RSA Authentication Manager software versions prior to 8.4 P8 contain a ...)
	NOT-FOR-US: RSA Authentication Manager software
CVE-2019-18573 (The RSA Identity Governance and Lifecycle and RSA Via Lifecycle and Go ...)
	NOT-FOR-US: RSA
CVE-2019-18572 (The RSA Identity Governance and Lifecycle and RSA Via Lifecycle and Go ...)
	NOT-FOR-US: RSA
CVE-2019-18571 (The RSA Identity Governance and Lifecycle and RSA Via Lifecycle and Go ...)
	NOT-FOR-US: RSA
CVE-2019-18570
	RESERVED
CVE-2019-18569
	RESERVED
CVE-2019-18568 (Avira Free Antivirus 15.0.1907.1514 is prone to a local privilege esca ...)
	NOT-FOR-US: Avira Free Antivirus
CVE-2019-18567 (Bromium client version 4.0.3.2060 and prior to 4.1.7 Update 1 has an o ...)
	NOT-FOR-US: Bromium
CVE-2019-18566
	REJECTED
CVE-2019-18565
	REJECTED
CVE-2019-18564
	REJECTED
CVE-2019-18563
	REJECTED
CVE-2019-18562
	REJECTED
CVE-2019-18561
	REJECTED
CVE-2019-18560
	REJECTED
CVE-2019-18559
	REJECTED
CVE-2019-18558
	REJECTED
CVE-2019-18557
	REJECTED
CVE-2019-18556
	REJECTED
CVE-2019-18555
	REJECTED
CVE-2019-18554
	REJECTED
CVE-2019-18553
	REJECTED
CVE-2019-18552
	REJECTED
CVE-2019-18551
	REJECTED
CVE-2019-18550
	REJECTED
CVE-2019-18549
	REJECTED
CVE-2019-18548
	REJECTED
CVE-2019-18547
	REJECTED
CVE-2019-18546
	REJECTED
CVE-2019-18545
	REJECTED
CVE-2019-18544
	REJECTED
CVE-2019-18543
	REJECTED
CVE-2019-18542
	REJECTED
CVE-2019-18541
	REJECTED
CVE-2019-18540
	REJECTED
CVE-2019-18539
	REJECTED
CVE-2019-18538
	REJECTED
CVE-2019-18537
	REJECTED
CVE-2019-18536
	REJECTED
CVE-2019-18535
	REJECTED
CVE-2019-18534
	REJECTED
CVE-2019-18533
	REJECTED
CVE-2019-18532
	REJECTED
CVE-2019-18531
	REJECTED
CVE-2019-18530
	REJECTED
CVE-2019-18529
	REJECTED
CVE-2019-18528
	REJECTED
CVE-2019-18527
	REJECTED
CVE-2019-18526
	REJECTED
CVE-2019-18525
	REJECTED
CVE-2019-18524
	REJECTED
CVE-2019-18523
	REJECTED
CVE-2019-18522
	REJECTED
CVE-2019-18521
	REJECTED
CVE-2019-18520
	REJECTED
CVE-2019-18519
	REJECTED
CVE-2019-18518
	REJECTED
CVE-2019-18517
	REJECTED
CVE-2019-18516
	REJECTED
CVE-2019-18515
	REJECTED
CVE-2019-18514
	REJECTED
CVE-2019-18513
	REJECTED
CVE-2019-18512
	REJECTED
CVE-2019-18511
	REJECTED
CVE-2019-18510
	REJECTED
CVE-2019-18509
	REJECTED
CVE-2019-18508
	REJECTED
CVE-2019-18507
	REJECTED
CVE-2019-18506
	REJECTED
CVE-2019-18505
	REJECTED
CVE-2019-18504
	REJECTED
CVE-2019-18503
	REJECTED
CVE-2019-18502
	REJECTED
CVE-2019-18501
	REJECTED
CVE-2019-18500
	REJECTED
CVE-2019-18499
	REJECTED
CVE-2019-18498
	REJECTED
CVE-2019-18497
	REJECTED
CVE-2019-18496
	REJECTED
CVE-2019-18495
	REJECTED
CVE-2019-18494
	REJECTED
CVE-2019-18493
	REJECTED
CVE-2019-18492
	REJECTED
CVE-2019-18491
	REJECTED
CVE-2019-18490
	REJECTED
CVE-2019-18489
	REJECTED
CVE-2019-18488
	REJECTED
CVE-2019-18487
	REJECTED
CVE-2019-18486
	REJECTED
CVE-2019-18485
	REJECTED
CVE-2019-18484
	REJECTED
CVE-2019-18483
	REJECTED
CVE-2019-18482
	REJECTED
CVE-2019-18481
	REJECTED
CVE-2019-18480
	REJECTED
CVE-2019-18479
	REJECTED
CVE-2019-18478
	REJECTED
CVE-2019-18477
	REJECTED
CVE-2019-18476
	REJECTED
CVE-2019-18475
	REJECTED
CVE-2019-18474
	REJECTED
CVE-2019-18473
	REJECTED
CVE-2019-18472
	REJECTED
CVE-2019-18471
	REJECTED
CVE-2019-18470
	REJECTED
CVE-2019-18469
	REJECTED
CVE-2019-18468
	REJECTED
CVE-2019-18467
	REJECTED
CVE-2019-18466 (An issue was discovered in Podman in libpod before 1.6.0. It resolves  ...)
	- podman <itp> (bug #930440)
CVE-2019-18601 (OpenAFS before 1.6.24 and 1.8.x before 1.8.5 is prone to denial of ser ...)
	{DLA-1982-1}
	- openafs 1.8.5-1 (low; bug #943587)
	[buster] - openafs <no-dsa> (Minor issue)
	[stretch] - openafs <no-dsa> (Minor issue)
	NOTE: http://openafs.org/pages/security/OPENAFS-SA-2019-003.txt
CVE-2019-18602 (OpenAFS before 1.6.24 and 1.8.x before 1.8.5 is prone to an informatio ...)
	{DLA-1982-1}
	- openafs 1.8.5-1 (low; bug #943587)
	[buster] - openafs <no-dsa> (Minor issue)
	[stretch] - openafs <no-dsa> (Minor issue)
	NOTE: http://openafs.org/pages/security/OPENAFS-SA-2019-002.txt
CVE-2019-18603 (OpenAFS before 1.6.24 and 1.8.x before 1.8.5 is prone to information l ...)
	{DLA-1982-1}
	- openafs 1.8.5-1 (low; bug #943587)
	[buster] - openafs <no-dsa> (Minor issue)
	[stretch] - openafs <no-dsa> (Minor issue)
	NOTE: http://openafs.org/pages/security/OPENAFS-SA-2019-001.txt
CVE-2019-18465 (In Progress MOVEit Transfer 11.1 before 11.1.3, a vulnerability has be ...)
	NOT-FOR-US: Progress MOVEit Transfer
CVE-2019-18464 (In Progress MOVEit Transfer 10.2 before 10.2.6 (2018.3), 11.0 before 1 ...)
	NOT-FOR-US: Progress MOVEit Transfer
CVE-2019-18463 (An issue was discovered in GitLab Community and Enterprise Edition thr ...)
	[experimental] - gitlab 12.2.9-1
	- gitlab 12.6.8-3
	NOTE: https://about.gitlab.com/blog/2019/10/30/security-release-gitlab-12-dot-4-dot-1-released/
CVE-2019-18462 (An issue was discovered in GitLab Community and Enterprise Edition 11. ...)
	[experimental] - gitlab 12.2.9-1
	- gitlab 12.6.8-3
	NOTE: https://about.gitlab.com/blog/2019/10/30/security-release-gitlab-12-dot-4-dot-1-released/
CVE-2019-18461 (An issue was discovered in GitLab Community and Enterprise Edition 11. ...)
	[experimental] - gitlab 12.2.9-1
	- gitlab 12.6.8-3
	NOTE: https://about.gitlab.com/blog/2019/10/30/security-release-gitlab-12-dot-4-dot-1-released/
CVE-2019-18460 (An issue was discovered in GitLab Community and Enterprise Edition 8.1 ...)
	[experimental] - gitlab 12.2.9-1
	- gitlab 12.6.8-3
	NOTE: https://about.gitlab.com/blog/2019/10/30/security-release-gitlab-12-dot-4-dot-1-released/
CVE-2019-18459 (An issue was discovered in GitLab Community and Enterprise Edition 11. ...)
	[experimental] - gitlab 12.2.9-1
	- gitlab 12.6.8-3
	NOTE: https://about.gitlab.com/blog/2019/10/30/security-release-gitlab-12-dot-4-dot-1-released/
CVE-2019-18458 (An issue was discovered in GitLab Community and Enterprise Edition thr ...)
	[experimental] - gitlab 12.2.9-1
	- gitlab 12.6.8-3
	NOTE: https://about.gitlab.com/blog/2019/10/30/security-release-gitlab-12-dot-4-dot-1-released/
CVE-2019-18457 (An issue was discovered in GitLab Community and Enterprise Edition 11. ...)
	[experimental] - gitlab 12.2.9-1
	- gitlab 12.6.8-3
	NOTE: https://about.gitlab.com/blog/2019/10/30/security-release-gitlab-12-dot-4-dot-1-released/
CVE-2019-18456 (An issue was discovered in GitLab Community and Enterprise Edition 8.1 ...)
	- gitlab <not-affected> (Only affects Gitlab EE)
	NOTE: https://about.gitlab.com/blog/2019/10/30/security-release-gitlab-12-dot-4-dot-1-released/
CVE-2019-18455 (An issue was discovered in GitLab Community and Enterprise Edition 11  ...)
	[experimental] - gitlab 12.2.9-1
	- gitlab 12.6.8-3
	NOTE: https://about.gitlab.com/blog/2019/10/30/security-release-gitlab-12-dot-4-dot-1-released/
CVE-2019-18454 (An issue was discovered in GitLab Community and Enterprise Edition 10. ...)
	[experimental] - gitlab 12.2.9-1
	- gitlab 12.6.8-3
	NOTE: https://about.gitlab.com/blog/2019/10/30/security-release-gitlab-12-dot-4-dot-1-released/
CVE-2019-18453 (An issue was discovered in GitLab Community and Enterprise Edition 11. ...)
	[experimental] - gitlab 12.2.9-1
	- gitlab 12.6.8-3
	NOTE: https://about.gitlab.com/blog/2019/10/30/security-release-gitlab-12-dot-4-dot-1-released/
CVE-2019-18452 (An issue was discovered in GitLab Community and Enterprise Edition 11. ...)
	[experimental] - gitlab 12.2.9-1
	- gitlab 12.6.8-3
	NOTE: https://about.gitlab.com/blog/2019/10/30/security-release-gitlab-12-dot-4-dot-1-released/
CVE-2019-18451 (An issue was discovered in GitLab Community and Enterprise Edition 10. ...)
	[experimental] - gitlab 12.2.9-1
	- gitlab 12.6.8-3
	NOTE: https://about.gitlab.com/blog/2019/10/30/security-release-gitlab-12-dot-4-dot-1-released/
CVE-2019-18450 (An issue was discovered in GitLab Community and Enterprise Edition bef ...)
	[experimental] - gitlab 12.2.9-1
	- gitlab 12.6.8-3
	NOTE: https://about.gitlab.com/blog/2019/10/30/security-release-gitlab-12-dot-4-dot-1-released/
CVE-2019-18449 (An issue was discovered in GitLab Community and Enterprise Edition bef ...)
	[experimental] - gitlab 12.2.9-1
	- gitlab 12.6.8-3
	NOTE: https://about.gitlab.com/blog/2019/10/30/security-release-gitlab-12-dot-4-dot-1-released/
CVE-2019-18448 (An issue was discovered in GitLab Community and Enterprise Edition bef ...)
	[experimental] - gitlab 12.2.9-1
	- gitlab 12.6.8-3
	NOTE: https://about.gitlab.com/blog/2019/10/30/security-release-gitlab-12-dot-4-dot-1-released/
CVE-2019-18447 (An issue was discovered in GitLab Community and Enterprise Edition bef ...)
	[experimental] - gitlab 12.2.9-1
	- gitlab 12.6.8-3
	NOTE: https://about.gitlab.com/blog/2019/10/30/security-release-gitlab-12-dot-4-dot-1-released/
CVE-2019-18446 (An issue was discovered in GitLab Community and Enterprise Edition 8.1 ...)
	[experimental] - gitlab 12.2.9-1
	- gitlab 12.6.8-3
	NOTE: https://about.gitlab.com/blog/2019/10/30/security-release-gitlab-12-dot-4-dot-1-released/
CVE-2019-18445
	RESERVED
CVE-2019-18444
	RESERVED
CVE-2019-18443
	RESERVED
CVE-2019-18442
	RESERVED
CVE-2019-18441
	RESERVED
CVE-2019-18440
	RESERVED
CVE-2019-18439
	RESERVED
CVE-2019-18438
	RESERVED
CVE-2019-18437
	RESERVED
CVE-2019-18436
	RESERVED
CVE-2019-18435
	RESERVED
CVE-2019-18434
	RESERVED
CVE-2019-18433
	RESERVED
CVE-2019-18432
	RESERVED
CVE-2019-18431
	RESERVED
CVE-2019-18430
	RESERVED
CVE-2019-18429
	RESERVED
CVE-2019-18428
	RESERVED
CVE-2019-18427
	RESERVED
CVE-2019-18426 (A vulnerability in WhatsApp Desktop versions prior to 0.3.9309 when pa ...)
	NOT-FOR-US: WhatsApp Desktop
CVE-2019-18425 (An issue was discovered in Xen through 4.12.x allowing 32-bit PV guest ...)
	{DSA-4602-1}
	- xen 4.11.3+24-g14b62ab3e5-1 (bug #947944)
	[jessie] - xen <end-of-life> (Not supported in jessie LTS)
	NOTE: https://xenbits.xen.org/xsa/advisory-298.html
CVE-2019-18424 (An issue was discovered in Xen through 4.12.x allowing attackers to ga ...)
	{DSA-4602-1}
	- xen 4.11.3+24-g14b62ab3e5-1 (bug #947944)
	[jessie] - xen <end-of-life> (Not supported in jessie LTS)
	NOTE: https://xenbits.xen.org/xsa/advisory-302.html
CVE-2019-18423 (An issue was discovered in Xen through 4.12.x allowing ARM guest OS us ...)
	{DSA-4602-1}
	- xen 4.11.3+24-g14b62ab3e5-1 (bug #947944)
	[jessie] - xen <end-of-life> (Not supported in jessie LTS)
	NOTE: https://xenbits.xen.org/xsa/advisory-301.html
CVE-2019-18422 (An issue was discovered in Xen through 4.12.x allowing ARM guest OS us ...)
	{DSA-4602-1}
	- xen 4.11.3+24-g14b62ab3e5-1 (bug #947944)
	[jessie] - xen <end-of-life> (Not supported in jessie LTS)
	NOTE: https://xenbits.xen.org/xsa/advisory-303.html
CVE-2019-18421 (An issue was discovered in Xen through 4.12.x allowing x86 PV guest OS ...)
	{DSA-4602-1}
	- xen 4.11.3+24-g14b62ab3e5-1 (bug #947944)
	[jessie] - xen <end-of-life> (Not supported in jessie LTS)
	NOTE: https://xenbits.xen.org/xsa/advisory-299.html
CVE-2019-18420 (An issue was discovered in Xen through 4.12.x allowing x86 PV guest OS ...)
	{DSA-4602-1}
	- xen 4.11.3+24-g14b62ab3e5-1 (bug #947944)
	[jessie] - xen <end-of-life> (Not supported in jessie LTS)
	NOTE: https://xenbits.xen.org/xsa/advisory-296.html
CVE-2019-18419 (A cross-site scripting (XSS) vulnerability in index.php in ClonOS WEB  ...)
	NOT-FOR-US: ClonOS
CVE-2019-18418 (clonos.php in ClonOS WEB control panel 19.09 allows remote attackers t ...)
	NOT-FOR-US: ClonOS
CVE-2019-18417 (Sourcecodester Restaurant Management System 1.0 allows an authenticate ...)
	NOT-FOR-US: Sourcecodester Restaurant Management System
CVE-2019-18416 (Sourcecodester Restaurant Management System 1.0 allows XSS via the Las ...)
	NOT-FOR-US: Sourcecodester Restaurant Management System
CVE-2019-18415 (Sourcecodester Restaurant Management System 1.0 allows XSS via the "se ...)
	NOT-FOR-US: Sourcecodester Restaurant Management System
CVE-2019-18414 (Sourcecodester Restaurant Management System 1.0 is affected by an admi ...)
	NOT-FOR-US: Sourcecodester Restaurant Management System
CVE-2019-18413 (In TypeStack class-validator 0.10.2, validate() input validation can b ...)
	NOT-FOR-US: TypeStack class-validator
CVE-2019-18412 (JetBrains IDETalk plugin before version 193.4099.10 allows XXE ...)
	NOT-FOR-US: JetBrains IDETalk plugin
CVE-2019-18411 (Zoho ManageEngine ADSelfService Plus 5.x through 5803 has CSRF on the  ...)
	NOT-FOR-US: Zoho ManageEngine
CVE-2019-18410
	RESERVED
CVE-2019-18409 (The ruby_parser-legacy (aka legacy) gem 1.0.0 for Ruby allows local pr ...)
	NOT-FOR-US: ruby_parser-legacy packaging issue
CVE-2019-18408 (archive_read_format_rar_read_data in archive_read_support_format_rar.c ...)
	{DSA-4557-1 DLA-1971-1}
	- libarchive 3.4.0-1
	NOTE: https://github.com/libarchive/libarchive/commit/b8592ecba2f9e451e1f5cb7ab6dcee8b8e7b3f60
	NOTE: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=14689
CVE-2019-18407
	RESERVED
CVE-2019-18406
	RESERVED
CVE-2019-18405
	RESERVED
CVE-2019-18404
	RESERVED
CVE-2019-18403
	RESERVED
CVE-2019-18402
	RESERVED
CVE-2019-18401
	RESERVED
CVE-2019-18400
	RESERVED
CVE-2019-18399
	RESERVED
CVE-2019-18398
	RESERVED
CVE-2019-18397 (A buffer overflow in the fribidi_get_par_embedding_levels_ex() functio ...)
	{DSA-4561-1}
	- fribidi 1.0.7-1.1 (bug #944327)
	[stretch] - fribidi <not-affected> (Vulnerable code not present)
	[jessie] - fribidi <not-affected> (Vulnerable code not present)
	NOTE: Fixed by: https://github.com/fribidi/fribidi/commit/034c6e9a1d296286305f4cfd1e0072b879f52568
	NOTE: Introduced by: https://github.com/fribidi/fribidi/commit/f20b6480b9cd46dae8d82a6f95d9c53558fcfd20 (v1.0.0)
CVE-2019-18396 (An issue was discovered in certain Oi third-party firmware that may be ...)
	NOT-FOR-US: Technicolor
CVE-2019-18395
	RESERVED
CVE-2019-18394 (A Server Side Request Forgery (SSRF) vulnerability in FaviconServlet.j ...)
	NOT-FOR-US: Ignite Realtime Openfire
CVE-2019-18393 (PluginServlet.java in Ignite Realtime Openfire through 4.4.2 does not  ...)
	NOT-FOR-US: Ignite Realtime Openfire
CVE-2019-18392
	RESERVED
CVE-2019-18391 (A heap-based buffer overflow in the vrend_renderer_transfer_write_iov  ...)
	- virglrenderer 0.8.1-1 (bug #946942)
	[buster] - virglrenderer <no-dsa> (Minor issue)
	NOTE: https://gitlab.freedesktop.org/virgl/virglrenderer/merge_requests/314
	NOTE: https://gitlab.freedesktop.org/virgl/virglrenderer/commit/2abeb1802e3c005b17a7123e382171b3fb665971
CVE-2019-18390 (An out-of-bounds read in the vrend_blit_need_swizzle function in vrend ...)
	- virglrenderer 0.8.1-1
	[buster] - virglrenderer <no-dsa> (Minor issue)
	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1765584
	NOTE: https://gitlab.freedesktop.org/virgl/virglrenderer/commit/24f67de7a9088a873844a39be03cee6882260ac9
	NOTE: https://gitlab.freedesktop.org/virgl/virglrenderer/merge_requests/314/diffs?commit_id=d2cdbcf6a8f2317f250fd54f08aa35dde2fa3e30#3cd772559e0d73afa136d6818023cfd0c4c8ecc0_0_151
CVE-2019-18389 (A heap-based buffer overflow in the vrend_renderer_transfer_write_iov  ...)
	- virglrenderer 0.8.1-1 (bug #946942)
	[buster] - virglrenderer <no-dsa> (Minor issue)
	NOTE: https://gitlab.freedesktop.org/virgl/virglrenderer/merge_requests/314
	NOTE: https://gitlab.freedesktop.org/virgl/virglrenderer/commit/cbc8d8b75be360236cada63784046688aeb6d921
CVE-2019-18388 (A NULL pointer dereference in vrend_renderer.c in virglrenderer throug ...)
	- virglrenderer 0.8.1-1
	[buster] - virglrenderer <no-dsa> (Minor issue)
	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1765578
	NOTE: https://gitlab.freedesktop.org/virgl/virglrenderer/commit/0d9a2c88dc3a70023541b3260b9f00c982abda16
	NOTE: https://gitlab.freedesktop.org/virgl/virglrenderer/merge_requests/314/diffs?commit_id=d2cdbcf6a8f2317f250fd54f08aa35dde2fa3e30#diff-content-3cd772559e0d73afa136d6818023cfd0c4c8ecc0
CVE-2019-18387 (Sourcecodester Hotel and Lodge Management System 1.0 is vulnerable to  ...)
	NOT-FOR-US: Sourcecodester Hotel and Lodge Management System
CVE-2019-18386 (Systems management on Unisys ClearPath Forward Libra and ClearPath MCP ...)
	NOT-FOR-US: Unisys
CVE-2019-18385 (An issue was discovered on TerraMaster FS-210 4.0.19 devices. An unaut ...)
	NOT-FOR-US: TerraMaster
CVE-2019-18384 (An issue was discovered on TerraMaster FS-210 4.0.19 devices. An authe ...)
	NOT-FOR-US: TerraMaster
CVE-2019-18383 (An issue was discovered on TerraMaster FS-210 4.0.19 devices. One can  ...)
	NOT-FOR-US: TerraMaster
CVE-2019-18382 (An issue was discovered on AVStar PE204 3.10.70 IP camera devices. A d ...)
	NOT-FOR-US: AVStar PE204
CVE-2019-18381 (Norton Password Manager, prior to 6.6.2.5, may be susceptible to a cro ...)
	NOT-FOR-US: Norton Password Manager
CVE-2019-18380 (Symantec Industrial Control System Protection (ICSP), versions 6.x.x,  ...)
	NOT-FOR-US: Symantec
CVE-2019-18379 (Symantec Messaging Gateway, prior to 10.7.3, may be susceptible to a s ...)
	NOT-FOR-US: Symantec
CVE-2019-18378 (Symantec Messaging Gateway, prior to 10.7.3, may be susceptible to a c ...)
	NOT-FOR-US: Symantec
CVE-2019-18377 (Symantec Messaging Gateway, prior to 10.7.3, may be susceptible to a p ...)
	NOT-FOR-US: Symantec
CVE-2019-18376
	RESERVED
CVE-2019-18375
	RESERVED
CVE-2019-18374 (Symantec Critical System Protection (CSP), versions 8.0, 8.0 HF1 &amp; ...)
	NOT-FOR-US: Symantec
CVE-2019-18373 (Norton App Lock, prior to 1.4.0.503, may be susceptible to a bypass ex ...)
	NOT-FOR-US: Norton
CVE-2019-18372 (Symantec Endpoint Protection, prior to 14.2 RU2, may be susceptible to ...)
	NOT-FOR-US: Symantec Endpoint Protection
CVE-2019-18371 (An issue was discovered on Xiaomi Mi WiFi R3G devices before 2.28.23-s ...)
	NOT-FOR-US: Xiaomi
CVE-2019-18370 (An issue was discovered on Xiaomi Mi WiFi R3G devices before 2.28.23-s ...)
	NOT-FOR-US: Xiaomi
CVE-2019-18369 (In JetBrains YouTrack before 2019.2.55152, removing tags from the issu ...)
	NOT-FOR-US: JetBrains
CVE-2019-18368 (In JetBrains Toolbox App before 1.15.5666 for Windows, privilege escal ...)
	NOT-FOR-US: JetBrains
CVE-2019-18367 (In JetBrains TeamCity before 2019.1.2, a non-destructive operation cou ...)
	NOT-FOR-US: JetBrains
CVE-2019-18366 (In JetBrains TeamCity before 2019.1.2, secure values could be exposed  ...)
	NOT-FOR-US: JetBrains
CVE-2019-18365 (In JetBrains TeamCity before 2019.1.4, reverse tabnabbing was possible ...)
	NOT-FOR-US: JetBrains
CVE-2019-18364 (In JetBrains TeamCity before 2019.1.4, insecure Java Deserialization c ...)
	NOT-FOR-US: JetBrains
CVE-2019-18363 (In JetBrains TeamCity before 2019.1.2, access could be gained to the h ...)
	NOT-FOR-US: JetBrains
CVE-2019-18362 (JetBrains MPS before 2019.2.2 exposed listening ports to the network. ...)
	NOT-FOR-US: JetBrains
CVE-2019-18361 (JetBrains IntelliJ IDEA before 2019.2 allows local user privilege esca ...)
	- intellij-idea <itp> (bug #747616)
CVE-2019-18360 (In JetBrains Hub versions earlier than 2019.1.11738, username enumerat ...)
	NOT-FOR-US: JetBrains
CVE-2019-18359 (A buffer over-read was discovered in ReadMP3APETag in apetag.c in MP3G ...)
	- mp3gain <removed>
CVE-2019-18358
	RESERVED
CVE-2019-18357 (An XSS issue was discovered in Thycotic Secret Server before 10.7 (iss ...)
	NOT-FOR-US: Thycotic Secret Server
CVE-2019-18356 (An XSS issue was discovered in Thycotic Secret Server before 10.7 (iss ...)
	NOT-FOR-US: Thycotic Secret Server
CVE-2019-18355 (An SSRF issue was discovered in the legacy Web launcher in Thycotic Se ...)
	NOT-FOR-US: Thycotic Secret Server
CVE-2019-18354
	RESERVED
CVE-2019-18353
	RESERVED
CVE-2019-18352 (Improper access control exists on PHOENIX CONTACT FL NAT 2208 devices  ...)
	NOT-FOR-US: PHOENIX CONTACT FL NAT 2208 devices
CVE-2019-18351
	RESERVED
CVE-2019-18350 (In Ant Design Pro 4.0.0, reflected XSS in the user/login redirect GET  ...)
	NOT-FOR-US: Ant Design Pro
CVE-2019-18349 (HotkeyP through 4.9 r96 allows privilege escalation in the privilege f ...)
	NOT-FOR-US: HotkeyP
CVE-2019-18348 (An issue was discovered in urllib2 in Python 2.x through 2.7.17 and ur ...)
	- python3.8 <unfixed> (unimportant)
	- python3.7 <unfixed> (unimportant)
	- python3.5 <removed> (unimportant)
	- python3.4 <removed> (unimportant)
	- python2.7 2.7.18~rc1-1 (unimportant)
	NOTE: https://github.com/python/cpython/commit/9165addc22d05e776a54319a8531ebd0b2fe01ef (master)
	NOTE: https://github.com/python/cpython/commit/ff69c9d12c1b06af58e5eae5db4630cedd94740e (3.8 branch)
	NOTE: https://github.com/python/cpython/commit/34f85af3229f86c004a954c3f261ceea1f5e9f95 (3.7 branch)
	NOTE: https://github.com/python/cpython/commit/e176e0c105786e9f476758eb5438c57223b65e7f (v2.7.18rc1)
	NOTE: https://bugs.python.org/issue38576
	NOTE: Issue only exploitable if CVE-2016-10739 is unfixed in src:glibc. This is
	NOTE: not the case in all suites, but the issue is minor in general and would
	NOTE: tend to a no-dsa/ignored tag in those suites.
CVE-2019-18347 (A stored XSS issue was discovered in DAViCal through 1.1.8. It does no ...)
	{DSA-4582-1 DLA-2034-1}
	- davical 1.1.9.2-1 (bug #946343)
	NOTE: https://hackdefense.com/publications/cve-2019-18347-davical-caldav-server-vulnerability/
	NOTE: https://gitlab.com/davical-project/davical/commit/86a8ec5302b705cd11f0373eefbe2168799b277b
	NOTE: https://gitlab.com/davical-project/davical/commit/a3acb770ac6bc807feb2015b4eb10ab641322d19
CVE-2019-18346 (A CSRF issue was discovered in DAViCal through 1.1.8. If an authentica ...)
	{DSA-4582-1 DLA-2034-1}
	- davical 1.1.9.2-1 (bug #946343)
	NOTE: https://hackdefense.com/publications/cve-2019-18346-davical-caldav-server-vulnerability/
	NOTE: https://gitlab.com/davical-project/davical/commit/86a8ec5302b705cd11f0373eefbe2168799b277b
	NOTE: https://gitlab.com/davical-project/davical/commit/a3acb770ac6bc807feb2015b4eb10ab641322d19
CVE-2019-18345 (A reflected XSS issue was discovered in DAViCal through 1.1.8. It echo ...)
	{DSA-4582-1 DLA-2034-1}
	- davical 1.1.9.2-1 (bug #946343)
	NOTE: https://hackdefense.com/publications/cve-2019-18345-davical-caldav-server-vulnerability/
	NOTE: https://gitlab.com/davical-project/davical/commit/86a8ec5302b705cd11f0373eefbe2168799b277b
	NOTE: https://gitlab.com/davical-project/davical/commit/a3acb770ac6bc807feb2015b4eb10ab641322d19
CVE-2019-18344 (Sourcecodester Online Grading System 1.0 is vulnerable to unauthentica ...)
	NOT-FOR-US: Sourcecodester Online Grading System
CVE-2019-18343
	RESERVED
CVE-2019-18342 (A vulnerability has been identified in SiNVR 3 Central Control Server  ...)
	NOT-FOR-US: Siemens
CVE-2019-18341 (A vulnerability has been identified in SiNVR 3 Central Control Server  ...)
	NOT-FOR-US: Siemens
CVE-2019-18340 (A vulnerability has been identified in SiNVR 3 Central Control Server  ...)
	NOT-FOR-US: Siemens
CVE-2019-18339 (A vulnerability has been identified in SiNVR 3 Central Control Server  ...)
	NOT-FOR-US: Siemens
CVE-2019-18338 (A vulnerability has been identified in SiNVR 3 Central Control Server  ...)
	NOT-FOR-US: Siemens
CVE-2019-18337 (A vulnerability has been identified in SiNVR 3 Central Control Server  ...)
	NOT-FOR-US: Siemens
CVE-2019-18336 (A vulnerability has been identified in SIMATIC S7-300 CPU family (incl ...)
	NOT-FOR-US: Siemens
CVE-2019-18335 (A vulnerability has been identified in SPPA-T3000 Application Server ( ...)
	NOT-FOR-US: Siemens
CVE-2019-18334 (A vulnerability has been identified in SPPA-T3000 Application Server ( ...)
	NOT-FOR-US: Siemens
CVE-2019-18333 (A vulnerability has been identified in SPPA-T3000 Application Server ( ...)
	NOT-FOR-US: Siemens
CVE-2019-18332 (A vulnerability has been identified in SPPA-T3000 Application Server ( ...)
	NOT-FOR-US: Siemens
CVE-2019-18331 (A vulnerability has been identified in SPPA-T3000 Application Server ( ...)
	NOT-FOR-US: Siemens
CVE-2019-18330 (A vulnerability has been identified in SPPA-T3000 MS3000 Migration Ser ...)
	NOT-FOR-US: Siemens
CVE-2019-18329 (A vulnerability has been identified in SPPA-T3000 MS3000 Migration Ser ...)
	NOT-FOR-US: Siemens
CVE-2019-18328 (A vulnerability has been identified in SPPA-T3000 MS3000 Migration Ser ...)
	NOT-FOR-US: Siemens
CVE-2019-18327 (A vulnerability has been identified in SPPA-T3000 MS3000 Migration Ser ...)
	NOT-FOR-US: Siemens
CVE-2019-18326 (A vulnerability has been identified in SPPA-T3000 MS3000 Migration Ser ...)
	NOT-FOR-US: Siemens
CVE-2019-18325 (A vulnerability has been identified in SPPA-T3000 MS3000 Migration Ser ...)
	NOT-FOR-US: Siemens
CVE-2019-18324 (A vulnerability has been identified in SPPA-T3000 MS3000 Migration Ser ...)
	NOT-FOR-US: Siemens
CVE-2019-18323 (A vulnerability has been identified in SPPA-T3000 MS3000 Migration Ser ...)
	NOT-FOR-US: Siemens
CVE-2019-18322 (A vulnerability has been identified in SPPA-T3000 MS3000 Migration Ser ...)
	NOT-FOR-US: Siemens
CVE-2019-18321 (A vulnerability has been identified in SPPA-T3000 MS3000 Migration Ser ...)
	NOT-FOR-US: Siemens
CVE-2019-18320 (A vulnerability has been identified in SPPA-T3000 Application Server ( ...)
	NOT-FOR-US: Siemens
CVE-2019-18319 (A vulnerability has been identified in SPPA-T3000 Application Server ( ...)
	NOT-FOR-US: Siemens
CVE-2019-18318 (A vulnerability has been identified in SPPA-T3000 Application Server ( ...)
	NOT-FOR-US: Siemens
CVE-2019-18317 (A vulnerability has been identified in SPPA-T3000 Application Server ( ...)
	NOT-FOR-US: Siemens
CVE-2019-18316 (A vulnerability has been identified in SPPA-T3000 Application Server ( ...)
	NOT-FOR-US: Siemens
CVE-2019-18315 (A vulnerability has been identified in SPPA-T3000 Application Server ( ...)
	NOT-FOR-US: Siemens
CVE-2019-18314 (A vulnerability has been identified in SPPA-T3000 Application Server ( ...)
	NOT-FOR-US: Siemens
CVE-2019-18313 (A vulnerability has been identified in SPPA-T3000 MS3000 Migration Ser ...)
	NOT-FOR-US: Siemens
CVE-2019-18312 (A vulnerability has been identified in SPPA-T3000 MS3000 Migration Ser ...)
	NOT-FOR-US: Siemens
CVE-2019-18311 (A vulnerability has been identified in SPPA-T3000 MS3000 Migration Ser ...)
	NOT-FOR-US: Siemens
CVE-2019-18310 (A vulnerability has been identified in SPPA-T3000 MS3000 Migration Ser ...)
	NOT-FOR-US: Siemens
CVE-2019-18309 (A vulnerability has been identified in SPPA-T3000 MS3000 Migration Ser ...)
	NOT-FOR-US: Siemens
CVE-2019-18308 (A vulnerability has been identified in SPPA-T3000 MS3000 Migration Ser ...)
	NOT-FOR-US: Siemens
CVE-2019-18307 (A vulnerability has been identified in SPPA-T3000 MS3000 Migration Ser ...)
	NOT-FOR-US: Siemens
CVE-2019-18306 (A vulnerability has been identified in SPPA-T3000 MS3000 Migration Ser ...)
	NOT-FOR-US: Siemens
CVE-2019-18305 (A vulnerability has been identified in SPPA-T3000 MS3000 Migration Ser ...)
	NOT-FOR-US: Siemens
CVE-2019-18304 (A vulnerability has been identified in SPPA-T3000 MS3000 Migration Ser ...)
	NOT-FOR-US: Siemens
CVE-2019-18303 (A vulnerability has been identified in SPPA-T3000 MS3000 Migration Ser ...)
	NOT-FOR-US: Siemens
CVE-2019-18302 (A vulnerability has been identified in SPPA-T3000 MS3000 Migration Ser ...)
	NOT-FOR-US: Siemens
CVE-2019-18301 (A vulnerability has been identified in SPPA-T3000 MS3000 Migration Ser ...)
	NOT-FOR-US: Siemens
CVE-2019-18300 (A vulnerability has been identified in SPPA-T3000 MS3000 Migration Ser ...)
	NOT-FOR-US: Siemens
CVE-2019-18299 (A vulnerability has been identified in SPPA-T3000 MS3000 Migration Ser ...)
	NOT-FOR-US: Siemens
CVE-2019-18298 (A vulnerability has been identified in SPPA-T3000 MS3000 Migration Ser ...)
	NOT-FOR-US: Siemens
CVE-2019-18297 (A vulnerability has been identified in SPPA-T3000 MS3000 Migration Ser ...)
	NOT-FOR-US: Siemens
CVE-2019-18296 (A vulnerability has been identified in SPPA-T3000 MS3000 Migration Ser ...)
	NOT-FOR-US: Siemens
CVE-2019-18295 (A vulnerability has been identified in SPPA-T3000 MS3000 Migration Ser ...)
	NOT-FOR-US: Siemens
CVE-2019-18294 (A vulnerability has been identified in SPPA-T3000 MS3000 Migration Ser ...)
	NOT-FOR-US: Siemens
CVE-2019-18293 (A vulnerability has been identified in SPPA-T3000 MS3000 Migration Ser ...)
	NOT-FOR-US: Siemens
CVE-2019-18292 (A vulnerability has been identified in SPPA-T3000 MS3000 Migration Ser ...)
	NOT-FOR-US: Siemens
CVE-2019-18291 (A vulnerability has been identified in SPPA-T3000 MS3000 Migration Ser ...)
	NOT-FOR-US: Siemens
CVE-2019-18290 (A vulnerability has been identified in SPPA-T3000 MS3000 Migration Ser ...)
	NOT-FOR-US: Siemens
CVE-2019-18289 (A vulnerability has been identified in SPPA-T3000 MS3000 Migration Ser ...)
	NOT-FOR-US: Siemens
CVE-2019-18288 (A vulnerability has been identified in SPPA-T3000 Application Server ( ...)
	NOT-FOR-US: Siemens
CVE-2019-18287 (A vulnerability has been identified in SPPA-T3000 Application Server ( ...)
	NOT-FOR-US: Siemens
CVE-2019-18286 (A vulnerability has been identified in SPPA-T3000 Application Server ( ...)
	NOT-FOR-US: Siemens
CVE-2019-18285 (A vulnerability has been identified in SPPA-T3000 Application Server ( ...)
	NOT-FOR-US: Siemens
CVE-2019-18284 (A vulnerability has been identified in SPPA-T3000 Application Server ( ...)
	NOT-FOR-US: Siemens
CVE-2019-18283 (A vulnerability has been identified in SPPA-T3000 Application Server ( ...)
	NOT-FOR-US: Siemens
CVE-2019-18282 (The flow_dissector feature in the Linux kernel 4.3 through 5.x before  ...)
	{DLA-2114-1}
	- linux 5.3.15-1
	[buster] - linux 4.19.87-1
	[stretch] - linux 4.9.210-1
	[jessie] - linux <not-affected> (Vulnerability introduced later)
	NOTE: https://git.kernel.org/linus/55667441c84fa5e0911a0aac44fb059c15ba6da2
CVE-2019-18281 (An out-of-bounds memory access in the generateDirectionalRuns() functi ...)
	{DSA-4556-1}
	- qtbase-opensource-src-gles 5.12.5+dfsg-1
	- qtbase-opensource-src 5.12.5+dfsg-2
	[buster] - qtbase-opensource-src <no-dsa> (Minor issue)
	[stretch] - qtbase-opensource-src <not-affected> (Vulnerable code not present)
	[jessie] - qtbase-opensource-src <not-affected> (Vulnerable code not present)
	NOTE: https://github.com/qt/qtbase/commit/af6ac444c97ed2dc234f93fe457440c9da5482ea
	NOTE: https://bugreports.qt.io/browse/QTBUG-77819
CVE-2019-18280 (Sourcecodester Online Grading System 1.0 is affected by a Cross Site R ...)
	NOT-FOR-US: Sourcecodester Online Grading System
CVE-2019-18279 (In Phoenix SCT WinFlash 1.1.12.0 through 1.5.74.0, the included driver ...)
	NOT-FOR-US: Phoenix SCT WinFlash
CVE-2019-18278 (When executing VideoLAN VLC media player 3.0.8 with libqt on Windows,  ...)
	NOT-FOR-US: VLC on Windows
CVE-2019-18277 (A flaw was found in HAProxy before 2.0.6. In legacy mode, messages fea ...)
	- haproxy 2.0.6-1
	[buster] - haproxy <no-dsa> (Minor issue)
	[stretch] - haproxy <no-dsa> (Minor issue)
	[jessie] - haproxy <no-dsa> (Minor issue)
	NOTE: https://git.haproxy.org/?p=haproxy-2.0.git;a=commit;h=196a7df44d8129d1adc795da020b722614d6a581
	NOTE: https://nathandavison.com/blog/haproxy-http-request-smuggling
CVE-2019-18276 (An issue was discovered in disable_priv_mode in shell.c in GNU Bash th ...)
	- bash <unfixed> (low)
	[buster] - bash <no-dsa> (Minor issue)
	[stretch] - bash <no-dsa> (minor issue)
	[jessie] - bash <no-dsa> (minor issue)
	NOTE: https://git.savannah.gnu.org/cgit/bash.git/commit/?h=devel&id=951bdaad7a18cc0dc1036bba86b18b90874d39ff
	NOTE: https://savannah.gnu.org/patch/?9822
	NOTE: https://bugzilla.suse.com/show_bug.cgi?id=1158028
CVE-2019-18275 (OSIsoft PI Vision, All versions of PI Vision prior to 2019. The affect ...)
	NOT-FOR-US: OSIsoft
CVE-2019-18274
	RESERVED
CVE-2019-18273 (OSIsoft PI Vision, PI Vision 2017 R2 and PI Vision 2017 R2 SP1. The af ...)
	NOT-FOR-US: OSIsoft
CVE-2019-18272
	RESERVED
CVE-2019-18271 (OSIsoft PI Vision, All versions of PI Vision prior to 2019. The affect ...)
	NOT-FOR-US: OSIsoft
CVE-2019-18270
	RESERVED
CVE-2019-18269 (In Omron PLC CJ series, all versions, and Omron PLC CS series, all ver ...)
	NOT-FOR-US: Omron
CVE-2019-18268
	RESERVED
CVE-2019-18267 (An issue was found in GE S2020/S2020G Fast Switch 61850, S2020/S2020G  ...)
	NOT-FOR-US: GE
CVE-2019-18266
	RESERVED
CVE-2019-18265
	RESERVED
CVE-2019-18264
	RESERVED
CVE-2019-18263 (An issue was found in Philips Veradius Unity, Pulsera, and Endura Dual ...)
	NOT-FOR-US: Philips
CVE-2019-18262
	RESERVED
CVE-2019-18261 (In Omron PLC CS series, all versions, Omron PLC CJ series, all version ...)
	NOT-FOR-US: Omron
CVE-2019-18260
	RESERVED
CVE-2019-18259 (In Omron PLC CJ series, all versions and Omron PLC CS series, all vers ...)
	NOT-FOR-US: Omron
CVE-2019-18258
	RESERVED
CVE-2019-18257 (In Advantech DiagAnywhere Server, Versions 3.07.11 and prior, multiple ...)
	NOT-FOR-US: Advantech
CVE-2019-18256
	RESERVED
CVE-2019-18255
	RESERVED
CVE-2019-18254
	RESERVED
CVE-2019-18253 (An attacker could use specially crafted paths in a specific request to ...)
	NOT-FOR-US: Relion
CVE-2019-18252
	RESERVED
CVE-2019-18251 (In Omron CX-Supervisor, Versions 3.5 (12) and prior, Omron CX-Supervis ...)
	NOT-FOR-US: Omron
CVE-2019-18250 (In all versions of ABB Power Generation Information Manager (PGIM) and ...)
	NOT-FOR-US: ABB
CVE-2019-18249 (Reliable Controls MACH-ProWebCom/Sys, all versions prior to 2.15 (Firm ...)
	NOT-FOR-US: Reliable Controls
CVE-2019-18248
	RESERVED
CVE-2019-18247 (An attacker may use a specially crafted message to force Relion 650 se ...)
	NOT-FOR-US: Relion
CVE-2019-18246
	RESERVED
CVE-2019-18245 (Reliable Controls LicenseManager versions 3.4 and prior may allow an a ...)
	NOT-FOR-US: Reliable Controls LicenseManager
CVE-2019-18244 (OSIsoft PI Vision, PI Vision 2017 R2, PI Vision 2017 R2 SP1, PI Vision ...)
	NOT-FOR-US: OSIsoft
CVE-2019-18243
	RESERVED
CVE-2019-18242 (In Moxa ioLogik 2500 series firmware, Version 3.0 or lower, and IOxpre ...)
	NOT-FOR-US: Moxa
CVE-2019-18241 (In Philips IntelliBridge EC40 and EC80, IntelliBridge EC40 Hub all ver ...)
	NOT-FOR-US: Philips
CVE-2019-18240 (In Fuji Electric V-Server 4.0.6 and prior, several heap-based buffer o ...)
	NOT-FOR-US: Fuji
CVE-2019-18239
	RESERVED
CVE-2019-18238 (In Moxa ioLogik 2500 series firmware, Version 3.0 or lower, and IOxpre ...)
	NOT-FOR-US: Moxa
CVE-2019-18237
	RESERVED
CVE-2019-18236 (Multiple buffer overflow vulnerabilities exist when the PLC Editor Ver ...)
	NOT-FOR-US: PLC Editor
CVE-2019-18235
	RESERVED
CVE-2019-18234 (Equinox Control Expert all versions, is vulnerable to an SQL injection ...)
	NOT-FOR-US: Equinox Control Expert
CVE-2019-18233
	RESERVED
CVE-2019-18232 (SafeNet Sentinel LDK License Manager, all versions prior to 7.101(only ...)
	NOT-FOR-US: SafeNet Sentinel LDK License Manager
CVE-2019-18231
	RESERVED
CVE-2019-18230 (Honeywell equIP and Performance series IP cameras, multiple versions,  ...)
	NOT-FOR-US: Honeywell
CVE-2019-18229 (Advantech WISE-PaaS/RMM, Versions 3.3.29 and prior. Lack of sanitizati ...)
	NOT-FOR-US: Advantech
CVE-2019-18228 (Honeywell equIP series IP cameras Multiple equIP Series Cameras, A vul ...)
	NOT-FOR-US: Honeywell
CVE-2019-18227 (Advantech WISE-PaaS/RMM, Versions 3.3.29 and prior. XXE vulnerabilitie ...)
	NOT-FOR-US: Advantech
CVE-2019-18226 (Honeywell equIP series and Performance series IP cameras and recorders ...)
	NOT-FOR-US: Honeywell
CVE-2019-18225 (An issue was discovered in Citrix Application Delivery Controller (ADC ...)
	NOT-FOR-US: Citrix
CVE-2019-18224 (idn2_to_ascii_4i in lib/lookup.c in GNU libidn2 before 2.1.1 has a hea ...)
	{DSA-4613-1}
	- libidn2 2.2.0-1 (bug #942895)
	- libidn2-0 <not-affected> (Vulnerable code not present)
	NOTE: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=12420
	NOTE: https://github.com/libidn/libidn2/commit/e4d1558aa2c1c04a05066ee8600f37603890ba8c
CVE-2019-18223
	RESERVED
CVE-2019-18222 (The ECDSA signature implementation in ecdsa.c in Arm Mbed Crypto 2.1 a ...)
	- mbedtls 2.16.4-1
	NOTE: https://tls.mbed.org/tech-updates/security-advisories/mbedtls-security-advisory-2019-12
	NOTE: Fixed upstream in 2.20.0, 2.16.4 and 2.7.13
CVE-2019-18221 (CoreHR Core Portal before 27.0.7 allows stored XSS. ...)
	NOT-FOR-US: CoreHR Core Portal
CVE-2019-18220 (Sitemagic CMS 4.4.1 is affected by a Cross-Site-Request-Forgery (CSRF) ...)
	NOT-FOR-US: Sitemagic CMS
CVE-2019-18219 (Sitemagic CMS 4.4.1 is affected by a Cross-Site-Scripting (XSS) vulner ...)
	NOT-FOR-US: Sitemagic CMS
CVE-2019-18218 (cdf_read_property_info in cdf.c in file through 5.37 does not restrict ...)
	{DSA-4550-1 DLA-1969-1}
	- file 1:5.37-6 (bug #942830)
	NOTE: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=16780
	NOTE: https://github.com/file/file/commit/46a8443f76cec4b41ec736eca396984c74664f84
CVE-2019-18217 (ProFTPD before 1.3.6b and 1.3.7rc before 1.3.7rc2 allows remote unauth ...)
	{DSA-4559-1 DLA-1974-1}
	- proftpd-dfsg 1.3.6a-2 (bug #942831)
	NOTE: https://github.com/proftpd/proftpd/commit/13fe9462787b9a551152162f46f1641d65fe4df4
	NOTE: https://github.com/proftpd/proftpd/issues/846
CVE-2019-18216 (** DISPUTED ** The BIOS configuration design on ASUS ROG Zephyrus M GM ...)
	NOT-FOR-US: BIOS configuration design on ASUS ROG Zephyrus M GM501GS laptops with BIOS 313
CVE-2019-18215 (An issue was discovered in signmgr.dll 6.5.0.819 in Comodo Internet Se ...)
	NOT-FOR-US: Comodo Internet Security
CVE-2019-18214 (The Video_Converter app 0.1.0 for Nextcloud allows denial of service ( ...)
	NOT-FOR-US: Video_Converter app for Nextcloud
CVE-2019-18213 (XML Language Server (aka lsp4xml) before 0.9.1, as used in Red Hat XML ...)
	NOT-FOR-US: XML Language Server (aka lsp4xml)
CVE-2019-18212 (XMLLanguageService.java in XML Language Server (aka lsp4xml) before 0. ...)
	NOT-FOR-US: XML Language Server (aka lsp4xml)
CVE-2019-18211 (An issue was discovered in Orckestra C1 CMS through 6.6. The EntityTok ...)
	NOT-FOR-US: Orckestra C1 CMS
CVE-2019-18210 (Persistent XSS in /course/modedit.php of Moodle through 3.7.2 allows a ...)
	- moodle <removed>
CVE-2019-18209 (templates/pad.html in Etherpad-Lite 1.7.5 has XSS when the browser doe ...)
	- etherpad-lite <itp> (bug #576998)
CVE-2019-18208
	RESERVED
CVE-2019-18207 (In Zucchetti InfoBusiness before and including 4.4.1, an authenticated ...)
	NOT-FOR-US: Zucchetti InfoBusiness
CVE-2019-18206 (A cross-site request forgery (CSRF) vulnerability in Zucchetti InfoBus ...)
	NOT-FOR-US: Zucchetti InfoBusiness
CVE-2019-18205 (Multiple Reflected Cross-site Scripting (XSS) vulnerabilities exist in ...)
	NOT-FOR-US: Zucchetti InfoBusiness
CVE-2019-18204 (Zucchetti InfoBusiness before and including 4.4.1 allows any authentic ...)
	NOT-FOR-US: Zucchetti InfoBusiness
CVE-2019-18203 (On the RICOH MP 501 printer, HTML Injection and Stored XSS vulnerabili ...)
	NOT-FOR-US: Ricoh
CVE-2019-18202 (Information Disclosure is possible on WAGO Series PFC100 and PFC200 de ...)
	NOT-FOR-US: WAGO Series PFC100 and PFC200 devices
CVE-2019-18201 (An issue was discovered on Fujitsu Wireless Keyboard Set LX390 GK381 d ...)
	NOT-FOR-US: Fujitsu
CVE-2019-18200 (An issue was discovered on Fujitsu Wireless Keyboard Set LX390 GK381 d ...)
	NOT-FOR-US: Fujitsu
CVE-2019-18199 (An issue was discovered on Fujitsu Wireless Keyboard Set LX390 GK381 d ...)
	NOT-FOR-US: Fujitsu
CVE-2019-18197 (In xsltCopyText in transform.c in libxslt 1.1.33, a pointer variable i ...)
	{DLA-1973-1}
	- libxslt 1.1.32-2.2 (bug #942646)
	[buster] - libxslt 1.1.32-2.2~deb10u1
	[stretch] - libxslt 1.1.29-2.1+deb9u2
	NOTE: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=15746
	NOTE: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=15768
	NOTE: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=15914
	NOTE: https://gitlab.gnome.org/GNOME/libxslt/commit/2232473733b7313d67de8836ea3b29eec6e8e285
CVE-2019-18196 (A DLL side loading vulnerability in the Windows Service in TeamViewer  ...)
	NOT-FOR-US: TeamViewer
CVE-2019-18198 (In the Linux kernel before 5.3.4, a reference count usage error in the ...)
	- linux <not-affected> (Vulnerable code introduced later)
	NOTE: https://git.kernel.org/linus/ca7a03c4175366a92cee0ccc4fec0038c3266e26
	NOTE: https://launchpad.net/bugs/1847478
CVE-2019-18195 (An issue was discovered on TerraMaster FS-210 4.0.19 devices. Normal u ...)
	NOT-FOR-US: TerraMaster FS-210 devices
CVE-2019-18194 (TotalAV 2020 4.14.31 has a quarantine flaw that allows privilege escal ...)
	NOT-FOR-US: TotalAV
CVE-2019-18193 (In Unisys Stealth (core) 3.4.108.0, 3.4.209.x, 4.0.027.x and 4.0.114,  ...)
	NOT-FOR-US: Unisys Stealth
CVE-2019-18192 (GNU Guix 1.0.1 allows local users to gain access to an arbitrary user' ...)
	- guix <itp> (bug #850644)
	NOTE: https://issues.guix.gnu.org/issue/37744
CVE-2019-18191 (A privilege escalation vulnerability in the Trend Micro Deep Security  ...)
	NOT-FOR-US: Trend Micro
CVE-2019-18190 (Trend Micro Security (Consumer) 2020 (v16.x) is affected by a vulnerab ...)
	NOT-FOR-US: Trend Micro
CVE-2019-18189 (A directory traversal vulnerability in Trend Micro Apex One, OfficeSca ...)
	NOT-FOR-US: Trend Micro
CVE-2019-18188 (Trend Micro Apex One could be exploited by an attacker utilizing a com ...)
	NOT-FOR-US: Trend Micro
CVE-2019-18187 (Trend Micro OfficeScan versions 11.0 and XG (12.0) could be exploited  ...)
	NOT-FOR-US: Trend Micro
CVE-2019-18186
	RESERVED
CVE-2019-18185
	RESERVED
CVE-2019-18184 (Crestron DMC-STRO 1.0 devices allow remote command execution as root v ...)
	NOT-FOR-US: Crestron DMC-STRO 1.0 devices
CVE-2019-18183 (pacman before 5.2 is vulnerable to arbitrary command injection in lib/ ...)
	NOT-FOR-US: pacman package manager for arch, different from src:pacman
CVE-2019-18182 (pacman before 5.2 is vulnerable to arbitrary command injection in conf ...)
	NOT-FOR-US: pacman package manager for arch, different from src:pacman
CVE-2019-18181 (In CloudVision Portal all releases in the 2018.1 and 2018.2 Code train ...)
	NOT-FOR-US: CloudVision Portal
CVE-2019-18180 (Improper Check for filenames with overly long extensions in PostMaster ...)
	- otrs2 6.0.24-1 (bug #945251)
	[buster] - otrs2 <no-dsa> (Non-free not supported)
	[stretch] - otrs2 <no-dsa> (Non-free not supported)
	[jessie] - otrs2 <not-affected> (vulnerable code not present)
	NOTE: https://community.otrs.com/security-advisory-2019-15-security-update-for-otrs-framework/
CVE-2019-18179 (An issue was discovered in Open Ticket Request System (OTRS) 7.0.x thr ...)
	{DLA-2053-1}
	- otrs2 6.0.24-1 (bug #945251)
	[buster] - otrs2 <no-dsa> (Non-free not supported)
	[stretch] - otrs2 <no-dsa> (Non-free not supported)
	NOTE: https://community.otrs.com/security-advisory-2019-14-security-update-for-otrs-framework/
CVE-2019-18178 (Real Time Engineers FreeRTOS+FAT 160919a has a use after free. The fun ...)
	NOT-FOR-US: FreeRTOS+FAT
CVE-2019-18177
	RESERVED
CVE-2019-18176
	RESERVED
CVE-2019-18175
	RESERVED
CVE-2019-18174
	RESERVED
CVE-2019-18173
	RESERVED
CVE-2019-18172
	RESERVED
CVE-2019-18171
	RESERVED
CVE-2019-18170
	RESERVED
CVE-2019-18169
	RESERVED
CVE-2019-18168
	RESERVED
CVE-2019-18167
	RESERVED
CVE-2019-18166
	RESERVED
CVE-2019-18165
	RESERVED
CVE-2019-18164
	RESERVED
CVE-2019-18163
	RESERVED
CVE-2019-18162
	RESERVED
CVE-2019-18161
	RESERVED
CVE-2019-18160
	RESERVED
CVE-2019-18159
	RESERVED
CVE-2019-18158
	RESERVED
CVE-2019-18157
	RESERVED
CVE-2019-18156
	RESERVED
CVE-2019-18155
	RESERVED
CVE-2019-18154
	RESERVED
CVE-2019-18153
	RESERVED
CVE-2019-18152
	RESERVED
CVE-2019-18151
	RESERVED
CVE-2019-18150
	RESERVED
CVE-2019-18149
	RESERVED
CVE-2019-18148
	RESERVED
CVE-2019-18147
	RESERVED
CVE-2019-18146
	RESERVED
CVE-2019-18145
	RESERVED
CVE-2019-18144
	RESERVED
CVE-2019-18143
	RESERVED
CVE-2019-18142
	RESERVED
CVE-2019-18141
	RESERVED
CVE-2019-18140
	RESERVED
CVE-2019-18139
	RESERVED
CVE-2019-18138
	RESERVED
CVE-2019-18137
	RESERVED
CVE-2019-18136
	RESERVED
CVE-2019-18135
	RESERVED
CVE-2019-18134
	RESERVED
CVE-2019-18133
	RESERVED
CVE-2019-18132
	RESERVED
CVE-2019-18131
	RESERVED
CVE-2019-18130
	RESERVED
CVE-2019-18129
	RESERVED
CVE-2019-18128
	RESERVED
CVE-2019-18127
	RESERVED
CVE-2019-18126
	RESERVED
CVE-2019-18125
	RESERVED
CVE-2019-18124
	RESERVED
CVE-2019-18123
	RESERVED
CVE-2019-18122
	RESERVED
CVE-2019-18121
	RESERVED
CVE-2019-18120
	RESERVED
CVE-2019-18119
	RESERVED
CVE-2019-18118
	RESERVED
CVE-2019-18117
	RESERVED
CVE-2019-18116
	RESERVED
CVE-2019-18115
	RESERVED
CVE-2019-18114
	RESERVED
CVE-2019-18113
	RESERVED
CVE-2019-18112
	RESERVED
CVE-2019-18111
	RESERVED
CVE-2019-18110
	RESERVED
CVE-2019-18109
	RESERVED
CVE-2019-18108
	RESERVED
CVE-2019-18107
	RESERVED
CVE-2019-18106
	RESERVED
CVE-2019-18105
	RESERVED
CVE-2019-18104
	RESERVED
CVE-2019-18103
	RESERVED
CVE-2019-18102
	RESERVED
CVE-2019-18101
	RESERVED
CVE-2019-18100
	RESERVED
CVE-2019-18099
	RESERVED
CVE-2019-18098
	RESERVED
CVE-2019-18097
	RESERVED
CVE-2019-18096
	RESERVED
CVE-2019-18095
	RESERVED
CVE-2019-18094
	RESERVED
CVE-2019-18093
	RESERVED
CVE-2019-18092
	RESERVED
CVE-2019-18091
	RESERVED
CVE-2019-18090
	RESERVED
CVE-2019-18089
	RESERVED
CVE-2019-18088
	RESERVED
CVE-2019-18087
	RESERVED
CVE-2019-18086
	RESERVED
CVE-2019-18085
	RESERVED
CVE-2019-18084
	RESERVED
CVE-2019-18083
	RESERVED
CVE-2019-18082
	RESERVED
CVE-2019-18081
	RESERVED
CVE-2019-18080
	RESERVED
CVE-2019-18079
	RESERVED
CVE-2019-18078
	RESERVED
CVE-2019-18077
	RESERVED
CVE-2019-18076
	RESERVED
CVE-2019-18075
	RESERVED
CVE-2019-18074
	RESERVED
CVE-2019-18073
	RESERVED
CVE-2019-18072
	RESERVED
CVE-2019-18071
	RESERVED
CVE-2019-18070
	RESERVED
CVE-2019-18069
	RESERVED
CVE-2019-18068
	RESERVED
CVE-2019-18067
	RESERVED
CVE-2019-18066
	RESERVED
CVE-2019-18065
	RESERVED
CVE-2019-18064
	RESERVED
CVE-2019-18063
	RESERVED
CVE-2019-18062
	RESERVED
CVE-2019-18061
	RESERVED
CVE-2019-18060
	RESERVED
CVE-2019-18059
	RESERVED
CVE-2019-18058
	RESERVED
CVE-2019-18057
	RESERVED
CVE-2019-18056
	RESERVED
CVE-2019-18055
	RESERVED
CVE-2019-18054
	RESERVED
CVE-2019-18053
	RESERVED
CVE-2019-18052
	RESERVED
CVE-2019-18051
	RESERVED
CVE-2019-18050
	RESERVED
CVE-2019-18049
	RESERVED
CVE-2019-18048
	RESERVED
CVE-2019-18047
	RESERVED
CVE-2019-18046
	RESERVED
CVE-2019-18045
	RESERVED
CVE-2019-18044
	RESERVED
CVE-2019-18043
	RESERVED
CVE-2019-18042
	RESERVED
CVE-2019-18041
	RESERVED
CVE-2019-18040
	RESERVED
CVE-2019-18039
	RESERVED
CVE-2019-18038
	RESERVED
CVE-2019-18037
	RESERVED
CVE-2019-18036
	RESERVED
CVE-2019-18035
	RESERVED
CVE-2019-18034
	RESERVED
CVE-2019-18033
	RESERVED
CVE-2019-18032
	RESERVED
CVE-2019-18031
	RESERVED
CVE-2019-18030
	RESERVED
CVE-2019-18029
	RESERVED
CVE-2019-18028
	RESERVED
CVE-2019-18027
	RESERVED
CVE-2019-18026
	RESERVED
CVE-2019-18025
	RESERVED
CVE-2019-18024
	RESERVED
CVE-2019-18023
	RESERVED
CVE-2019-18022
	RESERVED
CVE-2019-18021
	RESERVED
CVE-2019-18020
	RESERVED
CVE-2019-18019
	RESERVED
CVE-2019-18018
	RESERVED
CVE-2019-18017
	RESERVED
CVE-2019-18016
	RESERVED
CVE-2019-18015
	RESERVED
CVE-2019-18014
	RESERVED
CVE-2019-18013
	RESERVED
CVE-2019-18012
	RESERVED
CVE-2019-18011
	RESERVED
CVE-2019-18010
	RESERVED
CVE-2019-18009
	RESERVED
CVE-2019-18008
	RESERVED
CVE-2019-18007
	RESERVED
CVE-2019-18006
	RESERVED
CVE-2019-18005
	RESERVED
CVE-2019-18004
	RESERVED
CVE-2019-18003
	RESERVED
CVE-2019-18002
	RESERVED
CVE-2019-18001
	RESERVED
CVE-2019-18000
	RESERVED
CVE-2019-17999
	RESERVED
CVE-2019-17998
	RESERVED
CVE-2019-17997
	RESERVED
CVE-2019-17996
	RESERVED
CVE-2019-17995
	RESERVED
CVE-2019-17994
	RESERVED
CVE-2019-17993
	RESERVED
CVE-2019-17992
	RESERVED
CVE-2019-17991
	RESERVED
CVE-2019-17990
	RESERVED
CVE-2019-17989
	RESERVED
CVE-2019-17988
	RESERVED
CVE-2019-17987
	RESERVED
CVE-2019-17986
	RESERVED
CVE-2019-17985
	RESERVED
CVE-2019-17984
	RESERVED
CVE-2019-17983
	RESERVED
CVE-2019-17982
	RESERVED
CVE-2019-17981
	RESERVED
CVE-2019-17980
	RESERVED
CVE-2019-17979
	RESERVED
CVE-2019-17978
	RESERVED
CVE-2019-17977
	RESERVED
CVE-2019-17976
	RESERVED
CVE-2019-17975
	RESERVED
CVE-2019-17974
	RESERVED
CVE-2019-17973
	RESERVED
CVE-2019-17972
	RESERVED
CVE-2019-17971
	RESERVED
CVE-2019-17970
	RESERVED
CVE-2019-17969
	RESERVED
CVE-2019-17968
	RESERVED
CVE-2019-17967
	RESERVED
CVE-2019-17966
	RESERVED
CVE-2019-17965
	RESERVED
CVE-2019-17964
	RESERVED
CVE-2019-17963
	RESERVED
CVE-2019-17962
	RESERVED
CVE-2019-17961
	RESERVED
CVE-2019-17960
	RESERVED
CVE-2019-17959
	RESERVED
CVE-2019-17958
	RESERVED
CVE-2019-17957
	RESERVED
CVE-2019-17956
	RESERVED
CVE-2019-17955
	RESERVED
CVE-2019-17954
	RESERVED
CVE-2019-17953
	RESERVED
CVE-2019-17952
	RESERVED
CVE-2019-17951
	RESERVED
CVE-2019-17950
	RESERVED
CVE-2019-17949
	RESERVED
CVE-2019-17948
	RESERVED
CVE-2019-17947
	RESERVED
CVE-2019-17946
	RESERVED
CVE-2019-17945
	RESERVED
CVE-2019-17944
	RESERVED
CVE-2019-17943
	RESERVED
CVE-2019-17942
	RESERVED
CVE-2019-17941
	RESERVED
CVE-2019-17940
	RESERVED
CVE-2019-17939
	RESERVED
CVE-2019-17938
	RESERVED
CVE-2019-17937
	RESERVED
CVE-2019-17936
	RESERVED
CVE-2019-17935
	RESERVED
CVE-2019-17934
	RESERVED
CVE-2019-17933
	RESERVED
CVE-2019-17932
	RESERVED
CVE-2019-17931
	RESERVED
CVE-2019-17930
	RESERVED
CVE-2019-17929
	RESERVED
CVE-2019-17928
	RESERVED
CVE-2019-17927
	RESERVED
CVE-2019-17926
	RESERVED
CVE-2019-17925
	RESERVED
CVE-2019-17924
	RESERVED
CVE-2019-17923
	RESERVED
CVE-2019-17922
	RESERVED
CVE-2019-17921
	RESERVED
CVE-2019-17920
	RESERVED
CVE-2019-17919
	RESERVED
CVE-2019-17918
	RESERVED
CVE-2019-17917
	RESERVED
CVE-2019-17916
	RESERVED
CVE-2019-17915
	RESERVED
CVE-2019-17914
	RESERVED
CVE-2019-17913
	RESERVED
CVE-2019-17912
	RESERVED
CVE-2019-17911
	RESERVED
CVE-2019-17910
	RESERVED
CVE-2019-17909
	RESERVED
CVE-2019-17908
	RESERVED
CVE-2019-17907
	RESERVED
CVE-2019-17906
	RESERVED
CVE-2019-17905
	RESERVED
CVE-2019-17904
	RESERVED
CVE-2019-17903
	RESERVED
CVE-2019-17902
	RESERVED
CVE-2019-17901
	RESERVED
CVE-2019-17900
	RESERVED
CVE-2019-17899
	RESERVED
CVE-2019-17898
	RESERVED
CVE-2019-17897
	RESERVED
CVE-2019-17896
	RESERVED
CVE-2019-17895
	RESERVED
CVE-2019-17894
	RESERVED
CVE-2019-17893
	RESERVED
CVE-2019-17892
	RESERVED
CVE-2019-17891
	RESERVED
CVE-2019-17890
	RESERVED
CVE-2019-17889
	RESERVED
CVE-2019-17888
	RESERVED
CVE-2019-17887
	RESERVED
CVE-2019-17886
	RESERVED
CVE-2019-17885
	RESERVED
CVE-2019-17884
	RESERVED
CVE-2019-17883
	RESERVED
CVE-2019-17882
	RESERVED
CVE-2019-17881
	RESERVED
CVE-2019-17880
	RESERVED
CVE-2019-17879
	RESERVED
CVE-2019-17878
	RESERVED
CVE-2019-17877
	RESERVED
CVE-2019-17876
	RESERVED
CVE-2019-17875
	RESERVED
CVE-2019-17874
	RESERVED
CVE-2019-17873
	RESERVED
CVE-2019-17872
	RESERVED
CVE-2019-17871
	RESERVED
CVE-2019-17870
	RESERVED
CVE-2019-17869
	RESERVED
CVE-2019-17868
	RESERVED
CVE-2019-17867
	RESERVED
CVE-2019-17866
	RESERVED
CVE-2019-17865
	RESERVED
CVE-2019-17864
	RESERVED
CVE-2019-17863
	RESERVED
CVE-2019-17862
	RESERVED
CVE-2019-17861
	RESERVED
CVE-2019-17860
	RESERVED
CVE-2019-17859
	RESERVED
CVE-2019-17858
	RESERVED
CVE-2019-17857
	RESERVED
CVE-2019-17856
	RESERVED
CVE-2019-17855
	RESERVED
CVE-2019-17854
	RESERVED
CVE-2019-17853
	RESERVED
CVE-2019-17852
	RESERVED
CVE-2019-17851
	RESERVED
CVE-2019-17850
	RESERVED
CVE-2019-17849
	RESERVED
CVE-2019-17848
	RESERVED
CVE-2019-17847
	RESERVED
CVE-2019-17846
	RESERVED
CVE-2019-17845
	RESERVED
CVE-2019-17844
	RESERVED
CVE-2019-17843
	RESERVED
CVE-2019-17842
	RESERVED
CVE-2019-17841
	RESERVED
CVE-2019-17840
	RESERVED
CVE-2019-17839
	RESERVED
CVE-2019-17838
	RESERVED
CVE-2019-17837
	RESERVED
CVE-2019-17836
	RESERVED
CVE-2019-17835
	RESERVED
CVE-2019-17834
	RESERVED
CVE-2019-17833
	RESERVED
CVE-2019-17832
	RESERVED
CVE-2019-17831
	RESERVED
CVE-2019-17830
	RESERVED
CVE-2019-17829
	RESERVED
CVE-2019-17828
	RESERVED
CVE-2019-17827
	RESERVED
CVE-2019-17826
	RESERVED
CVE-2019-17825
	RESERVED
CVE-2019-17824
	RESERVED
CVE-2019-17823
	RESERVED
CVE-2019-17822
	RESERVED
CVE-2019-17821
	RESERVED
CVE-2019-17820
	RESERVED
CVE-2019-17819
	RESERVED
CVE-2019-17818
	RESERVED
CVE-2019-17817
	RESERVED
CVE-2019-17816
	RESERVED
CVE-2019-17815
	RESERVED
CVE-2019-17814
	RESERVED
CVE-2019-17813
	RESERVED
CVE-2019-17812
	RESERVED
CVE-2019-17811
	RESERVED
CVE-2019-17810
	RESERVED
CVE-2019-17809
	RESERVED
CVE-2019-17808
	RESERVED
CVE-2019-17807
	RESERVED
CVE-2019-17806
	RESERVED
CVE-2019-17805
	RESERVED
CVE-2019-17804
	RESERVED
CVE-2019-17803
	RESERVED
CVE-2019-17802
	RESERVED
CVE-2019-17801
	RESERVED
CVE-2019-17800
	RESERVED
CVE-2019-17799
	RESERVED
CVE-2019-17798
	RESERVED
CVE-2019-17797
	RESERVED
CVE-2019-17796
	RESERVED
CVE-2019-17795
	RESERVED
CVE-2019-17794
	RESERVED
CVE-2019-17793
	RESERVED
CVE-2019-17792
	RESERVED
CVE-2019-17791
	RESERVED
CVE-2019-17790
	RESERVED
CVE-2019-17789
	RESERVED
CVE-2019-17788
	RESERVED
CVE-2019-17787
	RESERVED
CVE-2019-17786
	RESERVED
CVE-2019-17785
	RESERVED
CVE-2019-17784
	RESERVED
CVE-2019-17783
	RESERVED
CVE-2019-17782
	RESERVED
CVE-2019-17781
	RESERVED
CVE-2019-17780
	RESERVED
CVE-2019-17779
	RESERVED
CVE-2019-17778
	RESERVED
CVE-2019-17777
	RESERVED
CVE-2019-17776
	RESERVED
CVE-2019-17775
	RESERVED
CVE-2019-17774
	RESERVED
CVE-2019-17773
	RESERVED
CVE-2019-17772
	RESERVED
CVE-2019-17771
	RESERVED
CVE-2019-17770
	RESERVED
CVE-2019-17769
	RESERVED
CVE-2019-17768
	RESERVED
CVE-2019-17767
	RESERVED
CVE-2019-17766
	RESERVED
CVE-2019-17765
	RESERVED
CVE-2019-17764
	RESERVED
CVE-2019-17763
	RESERVED
CVE-2019-17762
	RESERVED
CVE-2019-17761
	RESERVED
CVE-2019-17760
	RESERVED
CVE-2019-17759
	RESERVED
CVE-2019-17758
	RESERVED
CVE-2019-17757
	RESERVED
CVE-2019-17756
	RESERVED
CVE-2019-17755
	RESERVED
CVE-2019-17754
	RESERVED
CVE-2019-17753
	RESERVED
CVE-2019-17752
	RESERVED
CVE-2019-17751
	RESERVED
CVE-2019-17750
	RESERVED
CVE-2019-17749
	RESERVED
CVE-2019-17748
	RESERVED
CVE-2019-17747
	RESERVED
CVE-2019-17746
	RESERVED
CVE-2019-17745
	RESERVED
CVE-2019-17744
	RESERVED
CVE-2019-17743
	RESERVED
CVE-2019-17742
	RESERVED
CVE-2019-17741
	RESERVED
CVE-2019-17740
	RESERVED
CVE-2019-17739
	RESERVED
CVE-2019-17738
	RESERVED
CVE-2019-17737
	RESERVED
CVE-2019-17736
	RESERVED
CVE-2019-17735
	RESERVED
CVE-2019-17734
	RESERVED
CVE-2019-17733
	RESERVED
CVE-2019-17732
	RESERVED
CVE-2019-17731
	RESERVED
CVE-2019-17730
	RESERVED
CVE-2019-17729
	RESERVED
CVE-2019-17728
	RESERVED
CVE-2019-17727
	RESERVED
CVE-2019-17726
	RESERVED
CVE-2019-17725
	RESERVED
CVE-2019-17724
	RESERVED
CVE-2019-17723
	RESERVED
CVE-2019-17722
	RESERVED
CVE-2019-17721
	RESERVED
CVE-2019-17720
	RESERVED
CVE-2019-17719
	RESERVED
CVE-2019-17718
	RESERVED
CVE-2019-17717
	RESERVED
CVE-2019-17716
	RESERVED
CVE-2019-17715
	RESERVED
CVE-2019-17714
	RESERVED
CVE-2019-17713
	RESERVED
CVE-2019-17712
	RESERVED
CVE-2019-17711
	RESERVED
CVE-2019-17710
	RESERVED
CVE-2019-17709
	RESERVED
CVE-2019-17708
	RESERVED
CVE-2019-17707
	RESERVED
CVE-2019-17706
	RESERVED
CVE-2019-17705
	RESERVED
CVE-2019-17704
	RESERVED
CVE-2019-17703
	RESERVED
CVE-2019-17702
	RESERVED
CVE-2019-17701
	RESERVED
CVE-2019-17700
	RESERVED
CVE-2019-17699
	RESERVED
CVE-2019-17698
	RESERVED
CVE-2019-17697
	RESERVED
CVE-2019-17696
	RESERVED
CVE-2019-17695
	RESERVED
CVE-2019-17694
	RESERVED
CVE-2019-17693
	RESERVED
CVE-2019-17692
	RESERVED
CVE-2019-17691
	RESERVED
CVE-2019-17690
	RESERVED
CVE-2019-17689
	RESERVED
CVE-2019-17688
	RESERVED
CVE-2019-17687
	RESERVED
CVE-2019-17686
	RESERVED
CVE-2019-17685
	RESERVED
CVE-2019-17684
	RESERVED
CVE-2019-17683
	RESERVED
CVE-2019-17682
	RESERVED
CVE-2019-17681
	RESERVED
CVE-2019-17680
	RESERVED
CVE-2019-17679
	RESERVED
CVE-2019-17678
	RESERVED
CVE-2019-17677
	RESERVED
CVE-2019-17676 (app/system/admin/admin/index.class.php in MetInfo 7.0.0beta allows a C ...)
	NOT-FOR-US: MetInfo
CVE-2019-17668 (Samsung Galaxy S10 and Note10 devices allow unlock operations via unre ...)
	NOT-FOR-US: Samsung Galaxy S10 and Note10 devices
CVE-2019-17667 (Comtech H8 Heights Remote Gateway 2.5.1 devices allow XSS and HTML inj ...)
	NOT-FOR-US: Comtech H8 Heights Remote Gateway devices
CVE-2019-17666 (rtl_p2p_noa_ie in drivers/net/wireless/realtek/rtlwifi/ps.c in the Lin ...)
	{DLA-2114-1 DLA-2068-1}
	- linux 5.3.9-1
	[buster] - linux 4.19.87-1
	[stretch] - linux 4.9.210-1
	NOTE: https://lkml.org/lkml/2019/10/16/1226
CVE-2019-17665 (NSA Ghidra before 9.0.2 is vulnerable to DLL hijacking because it load ...)
	- ghidra <itp> (bug #923851)
CVE-2019-17664 (NSA Ghidra through 9.0.4 uses a potentially untrusted search path. Whe ...)
	- ghidra <itp> (bug #923851)
CVE-2019-17663 (D-Link DIR-866L 1.03B04 devices allow XSS via HtmlResponseMessage in t ...)
	NOT-FOR-US: D-Link
CVE-2019-17662 (ThinVNC 1.0b1 is vulnerable to arbitrary file read, which leads to a c ...)
	NOT-FOR-US: ThinVNC
CVE-2019-17661 (A CSV injection in the codepress-admin-columns (aka Admin Columns) plu ...)
	NOT-FOR-US: Wordpress plugin
CVE-2019-17660 (A cross-site scripting (XSS) vulnerability in admin/translate/translat ...)
	- limesurvey <itp> (bug #472802)
CVE-2019-17659
	RESERVED
CVE-2019-17658 (An unquoted service path vulnerability in the FortiClient FortiTray co ...)
	NOT-FOR-US: Fortiguard
CVE-2019-17657 (An Uncontrolled Resource Consumption vulnerability in Fortinet FortiSw ...)
	NOT-FOR-US: Fortiguard
CVE-2019-17656
	RESERVED
CVE-2019-17655
	RESERVED
CVE-2019-17654 (An Insufficient Verification of Data Authenticity vulnerability in For ...)
	NOT-FOR-US: Fortiguard
CVE-2019-17653 (A Cross-Site Request Forgery (CSRF) vulnerability in the user interfac ...)
	NOT-FOR-US: Fortiguard
CVE-2019-17652 (A stack buffer overflow vulnerability in FortiClient for Linux 6.2.1 a ...)
	NOT-FOR-US: Fortiguard FortiClient
CVE-2019-17651 (An Improper Neutralization of Input vulnerability in the description a ...)
	NOT-FOR-US: FortiSIEM
CVE-2019-17650 (An Improper Neutralization of Special Elements used in a Command vulne ...)
	NOT-FOR-US: Fortiguard
CVE-2019-17649
	RESERVED
CVE-2019-17648
	RESERVED
CVE-2019-17647 (An issue was discovered in Centreon before 2.8.30, 18.10.8, 19.04.5, a ...)
	- centreon-web <itp> (bug #913903)
CVE-2019-17646 (An issue was discovered in Centreon before 18.10.8, 19.04.5, and 19.10 ...)
	- centreon-web <itp> (bug #913903)
CVE-2019-17645 (An issue was discovered in Centreon before 2.8.31, 18.10.9, 19.04.6, a ...)
	- centreon-web <itp> (bug #913903)
CVE-2019-17644 (An issue was discovered in Centreon before 2.8-30, 18.10-8, 19.04-5, a ...)
	- centreon-web <itp> (bug #913903)
CVE-2019-17643 (An issue was discovered in Centreon before 2.8-30,18.10-8, 19.04-5, an ...)
	- centreon-web <itp> (bug #913903)
CVE-2019-17642 (An issue was discovered in Centreon before 18.10.8, 19.10.1, and 19.04 ...)
	- centreon-web <itp> (bug #913903)
CVE-2019-17641
	RESERVED
CVE-2019-17640
	RESERVED
CVE-2019-17639
	RESERVED
CVE-2019-17638
	RESERVED
CVE-2019-17637
	RESERVED
CVE-2019-17636 (In Eclipse Theia versions 0.3.9 through 0.15.0, one of the default pre ...)
	NOT-FOR-US: Eclipse Theia
CVE-2019-17635 (Eclipse Memory Analyzer version 1.9.1 and earlier is subject to a dese ...)
	NOT-FOR-US: Eclipse Memory Analyzer
CVE-2019-17634 (Eclipse Memory Analyzer version 1.9.1 and earlier is subject to a cros ...)
	NOT-FOR-US: Eclipse Memory Analyzer
CVE-2019-17633 (For Eclipse Che versions 6.16 to 7.3.0, with both authentication and T ...)
	NOT-FOR-US: Eclipse Che
CVE-2019-17632 (In Eclipse Jetty versions 9.4.21.v20190926, 9.4.22.v20191022, and 9.4. ...)
	- jetty9 <unfixed>
	[buster] - jetty9 <no-dsa> (Minor issue)
	[stretch] - jetty9 <no-dsa> (Minor issue)
	- jetty8 <removed>
	[jessie] - jetty8 <not-affected> (vulnerable code introduced later)
	- jetty <removed>
	[jessie] - jetty <not-affected> (vulnerable code introduced later)
	NOTE: https://bugs.eclipse.org/bugs/show_bug.cgi?id=553443
CVE-2019-17631 (From Eclipse OpenJ9 0.15 to 0.16, access to diagnostic operations such ...)
	NOT-FOR-US: Eclipse OpenJ9
CVE-2019-17630 (CMS Made Simple (CMSMS) 2.2.11 allows stored XSS by an admin via a cra ...)
	NOT-FOR-US: CMS Made Simple
CVE-2019-17629 (CMS Made Simple (CMSMS) 2.2.11 allows stored XSS by an admin via a cra ...)
	NOT-FOR-US: CMS Made Simple
CVE-2019-17628
	RESERVED
CVE-2019-17627 (The Yale Bluetooth Key application for mobile devices allows unauthori ...)
	NOT-FOR-US: Yale Bluetooth Key application for mobile devices
CVE-2019-17626 (ReportLab through 3.5.26 allows remote code execution because of toCol ...)
	{DLA-2112-1}
	- python-reportlab 3.5.34-1 (bug #942763)
	NOTE: https://bitbucket.org/rptlab/reportlab/issues/199/eval-in-colorspy-leads-to-remote-code
	NOTE: https://hg.reportlab.com/hg-public/reportlab/rev/51a521ad7dd3
CVE-2019-17625 (There is a stored XSS in Rambox 0.6.9 that can lead to code execution. ...)
	NOT-FOR-US: Rambox
CVE-2019-17624 ("" In X.Org X Server 1.20.4, there is a stack-based buffer overflow in ...)
	NOTE: Bogus report, will probably get rejected
	NOTE: https://packetstormsecurity.com/files/154868/X.Org-X-Server-1.20.4-Local-Stack-Overflow.html
CVE-2019-17623
	RESERVED
CVE-2019-17622
	RESERVED
CVE-2019-17675 (WordPress before 5.2.4 does not properly consider type confusion durin ...)
	{DSA-4599-1 DLA-1980-1}
	- wordpress 5.2.4+dfsg1-1 (bug #942459)
	NOTE: https://blog.wpscan.org/wordpress/security/release/2019/10/15/wordpress-524-security-release-breakdown.html
	NOTE: https://core.trac.wordpress.org/changeset/46477
	NOTE: https://github.com/WordPress/WordPress/commit/b183fd1cca0b44a92f0264823dd9f22d2fd8b8d0
	NOTE: https://wordpress.org/news/2019/10/wordpress-5-2-4-security-release/
CVE-2019-17674 (WordPress before 5.2.4 is vulnerable to stored XSS (cross-site scripti ...)
	{DSA-4599-1}
	- wordpress 5.2.4+dfsg1-1 (bug #942459)
	[jessie] - wordpress <postponed> (officially fixed in 4.1.28 but no related fix was identified)
	NOTE: https://blog.wpscan.org/wordpress/security/release/2019/10/15/wordpress-524-security-release-breakdown.html
	NOTE: https://wordpress.org/news/2019/10/wordpress-5-2-4-security-release/
	NOTE: https://wordpress.org/support/wordpress-version/version-4.1.28/
	NOTE: https://github.com/WordPress/WordPress/commit/d1e2b35359df9644f255b7b54a568b56a2c490d7 (4.1.28)
CVE-2019-17673 (WordPress before 5.2.4 is vulnerable to poisoning of the cache of JSON ...)
	{DSA-4599-1}
	- wordpress 5.2.4+dfsg1-1 (bug #942459)
	[jessie] - wordpress <not-affected> (vulnerable code not present)
	NOTE: https://blog.wpscan.org/wordpress/security/release/2019/10/15/wordpress-524-security-release-breakdown.html
	NOTE: https://core.trac.wordpress.org/changeset/46478
	NOTE: https://github.com/WordPress/WordPress/commit/b224c251adfa16a5f84074a3c0886270c9df38de
	NOTE: https://wordpress.org/news/2019/10/wordpress-5-2-4-security-release/
CVE-2019-17672 (WordPress before 5.2.4 is vulnerable to a stored XSS attack to inject  ...)
	{DSA-4599-1}
	- wordpress 5.2.4+dfsg1-1 (bug #942459)
	[jessie] - wordpress <postponed> (officially fixed in 4.1.28 but no related fix was identified)
	NOTE: https://blog.wpscan.org/wordpress/security/release/2019/10/15/wordpress-524-security-release-breakdown.html
	NOTE: https://wordpress.org/news/2019/10/wordpress-5-2-4-security-release/
	NOTE: https://wordpress.org/support/wordpress-version/version-4.1.28/
	NOTE: https://github.com/WordPress/WordPress/commit/d1e2b35359df9644f255b7b54a568b56a2c490d7 (4.1.28)
CVE-2019-17671 (In WordPress before 5.2.4, unauthenticated viewing of certain content  ...)
	{DSA-4599-1 DLA-1980-1}
	- wordpress 5.2.4+dfsg1-1 (bug #942459)
	NOTE: https://blog.wpscan.org/wordpress/security/release/2019/10/15/wordpress-524-security-release-breakdown.html
	NOTE: https://core.trac.wordpress.org/changeset/46474
	NOTE: https://github.com/WordPress/WordPress/commit/f82ed753cf00329a5e41f2cb6dc521085136f308
CVE-2019-17670 (WordPress before 5.2.4 has a Server Side Request Forgery (SSRF) vulner ...)
	{DLA-1980-1}
	- wordpress 5.2.4+dfsg1-1 (bug #942459)
	[buster] - wordpress <no-dsa> (Minor issue)
	[stretch] - wordpress <no-dsa> (Minor issue)
	NOTE: https://blog.wpscan.org/wordpress/security/release/2019/10/15/wordpress-524-security-release-breakdown.html
	NOTE: https://core.trac.wordpress.org/changeset/46472
	NOTE: https://github.com/WordPress/WordPress/commit/9db44754b9e4044690a6c32fd74b9d5fe26b07b2
	NOTE: https://wordpress.org/news/2019/10/wordpress-5-2-4-security-release/
CVE-2019-17669 (WordPress before 5.2.4 has a Server Side Request Forgery (SSRF) vulner ...)
	{DSA-4599-1 DLA-1980-1}
	- wordpress 5.2.4+dfsg1-1 (bug #942459)
	NOTE: https://blog.wpscan.org/wordpress/security/release/2019/10/15/wordpress-524-security-release-breakdown.html
	NOTE: https://core.trac.wordpress.org/changeset/46475
	NOTE: https://github.com/WordPress/WordPress/commit/608d39faed63ea212b6c6cdf9fe2bef92e2120ea
	NOTE: https://wordpress.org/news/2019/10/wordpress-5-2-4-security-release/
CVE-2019-17621 (The UPnP endpoint URL /gena.cgi in the D-Link DIR-859 Wi-Fi router 1.0 ...)
	NOT-FOR-US: D-Link
CVE-2019-17620
	RESERVED
CVE-2019-17619
	RESERVED
CVE-2019-17618
	RESERVED
CVE-2019-17617
	RESERVED
CVE-2019-17616
	RESERVED
CVE-2019-17615
	RESERVED
CVE-2019-17614
	RESERVED
CVE-2019-17613 (qibosoft 7 allows remote code execution because do/jf.php makes eval c ...)
	NOT-FOR-US: qibosoft
CVE-2019-17612 (An issue was discovered in 74CMS v5.2.8. There is a SQL Injection gene ...)
	NOT-FOR-US: 74CMS
CVE-2019-17611 (HongCMS 3.0.0 has XSS via the install/index.php tableprefix parameter. ...)
	NOT-FOR-US: HongCMS
CVE-2019-17610 (HongCMS 3.0.0 has XSS via the install/index.php dbpassword parameter. ...)
	NOT-FOR-US: HongCMS
CVE-2019-17609 (HongCMS 3.0.0 has XSS via the install/index.php dbusername parameter. ...)
	NOT-FOR-US: HongCMS
CVE-2019-17608 (HongCMS 3.0.0 has XSS via the install/index.php dbname parameter. ...)
	NOT-FOR-US: HongCMS
CVE-2019-17607 (HongCMS 3.0.0 has XSS via the install/index.php servername parameter. ...)
	NOT-FOR-US: HongCMS
CVE-2019-17606 (The Post editor functionality in the hexo-admin plugin versions 2.3.0  ...)
	NOT-FOR-US: hexo-admin Node module
CVE-2019-17605 (A mass assignment vulnerability in eyecomms eyeCMS through 2019-10-15  ...)
	NOT-FOR-US: eyeCMS
CVE-2019-17604 (An Insecure Direct Object Reference (IDOR) vulnerability in eyecomms e ...)
	NOT-FOR-US: eyeCMS
CVE-2019-17603
	RESERVED
CVE-2019-17602 (An issue was discovered in Zoho ManageEngine OpManager before 12.4 bui ...)
	NOT-FOR-US: Zoho ManageEngine OpManager
CVE-2019-17601 (In MiniShare 1.4.1, there is a stack-based buffer overflow via an HTTP ...)
	NOT-FOR-US: MiniShare
CVE-2019-17600 (Intelbras IWR 1000N 1.6.4 devices allow disclosure of the administrato ...)
	NOT-FOR-US: Intelbras IWR 1000N devices
CVE-2019-17599 (The quiz-master-next (aka Quiz And Survey Master) plugin before 6.3.5  ...)
	NOT-FOR-US: quiz-master-next (aka Quiz And Survey Master) plugin for WordPress
CVE-2019-17598 (An issue was discovered in Lightbend Play Framework 2.5.x through 2.6. ...)
	NOT-FOR-US: Lightbend Play Framework
CVE-2019-17597
	RESERVED
CVE-2019-17596 (Go before 1.12.11 and 1.3.x before 1.13.2 can panic upon an attempt to ...)
	{DSA-4551-1}
	- golang-1.13 1.13.3-1 (bug #942628)
	- golang-1.12 1.12.12-1 (bug #942629)
	- golang-1.11 <removed>
	- golang-1.8 <removed>
	[stretch] - golang-1.8 <ignored> (Minor issue)
	- golang-1.7 <removed>
	[stretch] - golang-1.7 <ignored> (Minor issue)
	- golang <removed>
	[jessie] - golang <ignored> (Minor issue)
	NOTE: https://golang.org/issue/34960
	NOTE: https://github.com/golang/go/issues/34962 (1.13 backport)
	NOTE: https://github.com/golang/go/issues/34961 (1.12 backport)
	NOTE: https://groups.google.com/forum/#!msg/golang-announce/lVEm7llp0w0/VbafyRkgCgAJ
CVE-2019-17595 (There is a heap-based buffer over-read in the fmt_entry function in ti ...)
	- ncurses 6.1+20191019-1 (low; bug #942401)
	[buster] - ncurses 6.1+20181013-2+deb10u2
	[stretch] - ncurses <no-dsa> (Minor issue)
	[jessie] - ncurses <no-dsa> (Minor issue)
	NOTE: https://lists.gnu.org/archive/html/bug-ncurses/2019-10/msg00013.html
	NOTE: https://lists.gnu.org/archive/html/bug-ncurses/2019-10/msg00045.html
CVE-2019-17594 (There is a heap-based buffer over-read in the _nc_find_entry function  ...)
	- ncurses 6.1+20191019-1 (low; bug #942401)
	[buster] - ncurses 6.1+20181013-2+deb10u2
	[stretch] - ncurses <no-dsa> (Minor issue)
	[jessie] - ncurses <no-dsa> (Minor issue)
	NOTE: https://lists.gnu.org/archive/html/bug-ncurses/2019-10/msg00017.html
	NOTE: https://lists.gnu.org/archive/html/bug-ncurses/2019-10/msg00045.html
CVE-2019-17593 (JIZHICMS 1.5.1 allows admin.php/Admin/adminadd.html CSRF to add an adm ...)
	NOT-FOR-US: JIZHICMS
CVE-2019-17592 (The csv-parse module before 4.4.6 for Node.js is vulnerable to Regular ...)
	NOT-FOR-US: csv-parse Node module
CVE-2019-17591
	RESERVED
CVE-2019-17590 (** DISPUTED ** The csrf_callback function in the CSRF Magic library th ...)
	NOT-FOR-US: CSRF Magic library
CVE-2019-17589
	REJECTED
CVE-2019-17588
	REJECTED
CVE-2019-17587
	REJECTED
CVE-2019-17586
	REJECTED
CVE-2019-17585
	REJECTED
CVE-2019-17584 (The Meinberg SyncBox/PTP/PTPv2 devices have default SSH keys which all ...)
	NOT-FOR-US: Meinberg SyncBox/PTP/PTPv2 devices
CVE-2019-17583 (idreamsoft iCMS 7.0.15 allows remote attackers to cause a denial of se ...)
	NOT-FOR-US: idreamsoft iCMS
CVE-2019-17582
	RESERVED
CVE-2019-17581 (tonyy dormsystem through 1.3 allows DOM XSS. ...)
	NOT-FOR-US: tonyy dormsystem
CVE-2019-17580 (tonyy dormsystem through 1.3 allows SQL Injection in admin.php. ...)
	NOT-FOR-US: tonyy dormsystem
CVE-2019-17579 (SonarSource SonarQube before 7.8 has XSS in project links on account/p ...)
	NOT-FOR-US: SonarSource SonarQube
CVE-2019-17578 (An issue was discovered in Dolibarr 10.0.2. It has XSS via the "outgoi ...)
	- dolibarr <removed>
CVE-2019-17577 (An issue was discovered in Dolibarr 10.0.2. It has XSS via the "outgoi ...)
	- dolibarr <removed>
CVE-2019-17576 (An issue was discovered in Dolibarr 10.0.2. It has XSS via the "outgoi ...)
	- dolibarr <removed>
CVE-2019-17575 (A file-rename filter bypass exists in admin/media/rename.php in WBCE C ...)
	NOT-FOR-US: WBCE CMS
CVE-2019-17574 (An issue was discovered in the Popup Maker plugin before 1.8.13 for Wo ...)
	NOT-FOR-US: Popup Maker plugin for WordPress
CVE-2019-17573 (By default, Apache CXF creates a /services page containing a listing o ...)
	NOT-FOR-US: Apache CFX
CVE-2019-17572
	RESERVED
CVE-2019-17571 (Included in Log4j 1.2 is a SocketServer class that is vulnerable to de ...)
	{DLA-2065-1}
	- apache-log4j1.2 1.2.17-9 (bug #947124)
	NOTE: https://lists.apache.org/thread.html/eea03d504b36e8f870e8321d908e1def1addda16adda04327fe7c125%40%3Cdev.logging.apache.org%3E
	NOTE: CVE-2019-17571 correspond to CVE-2017-5645 for apache-log4j2. 1.2.x branch
	NOTE: is end-of-life upstream and does not recieve a fix for this issue. Users
	NOTE: should upgrade to Log4j 2.x.
	NOTE: Fixed by https://src.fedoraproject.org/rpms/log4j12/c/d4c817c458d69dcc629a7271999d178b0dcb7c74?branch=master
CVE-2019-17570 (An untrusted deserialization was found in the org.apache.xmlrpc.parser ...)
	{DSA-4619-1 DLA-2078-1}
	- libxmlrpc3-java <removed> (bug #949089)
	NOTE: https://www.openwall.com/lists/oss-security/2020/01/16/1
	NOTE: Proposed patch: https://bugzilla.redhat.com/show_bug.cgi?id=1775193
	NOTE: https://github.com/orangecertcc/xmlrpc-common-deserialization
CVE-2019-17569 (The refactoring present in Apache Tomcat 9.0.28 to 9.0.30, 8.5.48 to 8 ...)
	{DLA-2133-1}
	- tomcat9 9.0.31-1
	- tomcat8 <removed>
	[jessie] - tomcat8 <not-affected> (vulnerable code introduced in later version)
	- tomcat7 <removed>
	NOTE: https://github.com/apache/tomcat/commit/060ecc5eb839208687b7fcc9e35287ac8eb46998 (9.0.31)
	NOTE: https://github.com/apache/tomcat/commit/959f1dfd767bf3cb64776b44f7395d1d8d8f7ab3 (8.5.51)
	NOTE: https://github.com/apache/tomcat/commit/b191a0d9cf06f4e04257c221bfe41d2b108a9cc8 (7.0.100)
CVE-2019-17568
	REJECTED
CVE-2019-17567
	RESERVED
CVE-2019-17566
	RESERVED
CVE-2019-17565 (There is a vulnerability in Apache Traffic Server 6.0.0 to 6.2.3, 7.0. ...)
	- trafficserver 8.0.6+ds-1
	NOTE: https://lists.apache.org/thread.html/r99d18d0bc4daa05e7d0e5a63e0e22701a421b2ef5a8f4f7694c43869%40%3Cannounce.trafficserver.apache.org%3E
CVE-2019-17564 (Unsafe deserialization occurs within a Dubbo application which has HTT ...)
	NOT-FOR-US: Dubbo
CVE-2019-17563 (When using FORM authentication with Apache Tomcat 9.0.0.M1 to 9.0.29,  ...)
	{DSA-4596-1 DLA-2077-1}
	- tomcat9 9.0.31-1
	- tomcat8 <removed>
	[jessie] - tomcat8 <no-dsa> (low risk, backport is intrusive)
	- tomcat7 <removed>
	NOTE: https://github.com/apache/tomcat/commit/1ecba14e690cf5f3f143eef6ae7037a6d3c16652 (9.0.30)
	NOTE: https://github.com/apache/tomcat/commit/e19a202ee43b6e2a538be5515ae0ab32d8ef112c (8.5.50)
	NOTE: https://github.com/apache/tomcat/commit/ab72a106fe5d992abddda954e30849d7cf8cc583 (7.0.99)
CVE-2019-17562
	RESERVED
CVE-2019-17561 (The "Apache NetBeans" autoupdate system does not fully validate code s ...)
	- netbeans <unfixed> (unimportant)
	NOTE: Debian packages updated via apt
CVE-2019-17560 (The "Apache NetBeans" autoupdate system does not validate SSL certific ...)
	- netbeans <unfixed> (unimportant)
	NOTE: Debian packages updated via apt
CVE-2019-17559 (There is a vulnerability in Apache Traffic Server 6.0.0 to 6.2.3, 7.0. ...)
	- trafficserver 8.0.6+ds-1
	NOTE: https://lists.apache.org/thread.html/r99d18d0bc4daa05e7d0e5a63e0e22701a421b2ef5a8f4f7694c43869%40%3Cannounce.trafficserver.apache.org%3E
CVE-2019-17558 (Apache Solr 5.0.0 to Apache Solr 8.3.1 are vulnerable to a Remote Code ...)
	- lucene-solr <unfixed> (unimportant)
	NOTE: https://www.openwall.com/lists/oss-security/2019/12/30/1
	NOTE: https://issues.apache.org/jira/browse/SOLR-13971
	NOTE: https://issues.apache.org/jira/browse/SOLR-14025
	TODO: check, whilst the advisory claims 5.0.0 upwards only the SolrParamResourceLoader might be of issue already earlier?
CVE-2019-17557
	RESERVED
CVE-2019-17556 (Apache Olingo versions 4.0.0 to 4.6.0 provide the AbstractService clas ...)
	NOT-FOR-US: Olingo
CVE-2019-17555 (The AsyncResponseWrapperImpl class in Apache Olingo versions 4.0.0 to  ...)
	NOT-FOR-US: Olingo
CVE-2019-17554 (The XML content type entity deserializer in Apache Olingo versions 4.0 ...)
	NOT-FOR-US: Olingo
CVE-2019-17553 (An issue was discovered in MetInfo v7.0.0 beta. There is SQL Injection ...)
	NOT-FOR-US: MetInfo
CVE-2019-17552 (An issue was discovered in idreamsoft iCMS v7.0.14. There is a spider_ ...)
	NOT-FOR-US: idreamsoft iCMS
CVE-2019-17551 (In Apak Wholesale Floorplanning Finance 6.31.8.3 and 6.31.8.5, an atta ...)
	NOT-FOR-US: Apak Wholesale Floorplanning Finance
CVE-2019-17550 (The Blog2Social plugin before 5.9.0 for WordPress is affected by: Cros ...)
	NOT-FOR-US: Blog2Social plugin for WordPress
CVE-2019-17549 (ESET Cyber Security before 6.8.1.0 is vulnerable to a denial-of-servic ...)
	NOT-FOR-US: ESET Cyber Security
CVE-2019-17548
	RESERVED
CVE-2019-17547 (In ImageMagick before 7.0.8-62, TraceBezier in MagickCore/draw.c has a ...)
	- imagemagick <not-affected> (Vulnerable code not present)
	NOTE: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=16537
	NOTE: https://github.com/ImageMagick/ImageMagick/commit/ecf7c6b288e11e7e7f75387c5e9e93e423b98397
CVE-2019-17546 (tif_getimage.c in LibTIFF through 4.0.10, as used in GDAL through 3.0. ...)
	{DSA-4608-1 DLA-2147-1 DLA-2009-1}
	- gdal <unfixed> (unimportant)
	- tiff 4.0.10+git190818-1
	NOTE: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=16443
	NOTE: https://github.com/OSGeo/gdal/commit/21674033ee246f698887604c7af7ba1962a40ddf
	NOTE: https://gitlab.com/libtiff/libtiff/commit/4bb584a35f87af42d6cf09d15e9ce8909a839145
	NOTE: gdal uses system libtiff libraries since 2.0.1+dfsg-1~exp1 (#684233)
CVE-2019-17545 (GDAL through 3.0.1 has a poolDestroy double free in OGRExpatRealloc in ...)
	{DLA-1984-1}
	- gdal 2.4.2+dfsg-2 (low)
	[buster] - gdal <no-dsa> (Minor issue)
	[stretch] - gdal <no-dsa> (Minor issue)
	NOTE: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=16178
	NOTE: https://github.com/OSGeo/gdal/commit/148115fcc40f1651a5d15fa34c9a8c528e7147bb
CVE-2019-17544 (libaspell.a in GNU Aspell before 0.60.8 has a stack-based buffer over- ...)
	{DLA-1966-1}
	- aspell 0.60.8-1 (low)
	[buster] - aspell <no-dsa> (Minor issue)
	[stretch] - aspell <no-dsa> (Minor issue)
	NOTE: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=16109
	NOTE: https://github.com/GNUAspell/aspell/commit/80fa26c74279fced8d778351cff19d1d8f44fe4e
CVE-2019-17543 (LZ4 before 1.9.2 has a heap-based buffer overflow in LZ4_write32 (rela ...)
	- lz4 1.9.2-1 (low; bug #943680)
	[buster] - lz4 <ignored> (Minor issue)
	[stretch] - lz4 <ignored> (Minor issue)
	[jessie] - lz4 <no-dsa> (Very hard to exploit, low risk)
	NOTE: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=15941
	NOTE: https://github.com/lz4/lz4/pull/756
	NOTE: https://github.com/lz4/lz4/pull/760
CVE-2019-17542 (FFmpeg before 4.2 has a heap-based buffer overflow in vqa_decode_chunk ...)
	{DLA-2021-1}
	- ffmpeg 7:4.2.1-1
	[buster] - ffmpeg <postponed> (Minor issue, wait until fixed in 4.1.x branch)
	[stretch] - ffmpeg <postponed> (Minor issue, wait until fixed in 3.2.x branch)
	- libav <removed>
	NOTE: https://github.com/FFmpeg/FFmpeg/commit/02f909dc24b1f05cfbba75077c7707b905e63cd2
CVE-2019-17541 (ImageMagick before 7.0.8-55 has a use-after-free in DestroyStringInfo  ...)
	- imagemagick <not-affected> (Vulnerable code introduced later)
	NOTE: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=15827
	NOTE: https://github.com/ImageMagick/ImageMagick/commit/39f226a9c137f547e12afde972eeba7551124493
	NOTE: ImageMagick6: https://github.com/ImageMagick/ImageMagick6/commit/c1a5aa3f4214ad6e4748de84dad44398959014e1
	NOTE: https://github.com/ImageMagick/ImageMagick/issues/1641
	NOTE: vulnerable code introduced in
	NOTE: ImageMagick6: https://github.com/ImageMagick/ImageMagick6/commit/edb32b1780e23c76b5d6dd735f89959a0b7e3867
CVE-2019-17540 (ImageMagick before 7.0.8-54 has a heap-based buffer overflow in ReadPS ...)
	- imagemagick <not-affected> (bug #942578; Vulnerable code introduced later)
	NOTE: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=15826
	NOTE: vulnerable code introduced in
	NOTE: ImageMagick6: https://github.com/ImageMagick/ImageMagick6/commit/bfb5bdd6b41dac60d5171108fc02ecaf8735c4a8
	NOTE: no upstream bug report, four commits:
	NOTE: ImageMagick: https://github.com/ImageMagick/ImageMagick/commit/668d6a970553a94b0a2e378afda1d37abac94b5c
	NOTE: ImageMagick: https://github.com/ImageMagick/ImageMagick/commit/9667a9034a5eeedb30dfb18cfd1083ff32fd679b
	NOTE: ImageMagick: https://github.com/ImageMagick/ImageMagick/commit/73dd03cfb57f8f8c0a732fa062b9966ec7bf2f91
	NOTE: ImageMagick: https://github.com/ImageMagick/ImageMagick/commit/e868e227085463932c5db32e5e0f27e306a0eb95
	NOTE: ImageMagick6: https://github.com/ImageMagick/ImageMagick6/commit/b9261b1bce3dbfeecc445e092d207434b41c0752
	NOTE: ImageMagick6: https://github.com/ImageMagick/ImageMagick6/commit/5a4c9cfb76ee82bda0cd970cc9e58499b09cc137
	NOTE: ImageMagick6: https://github.com/ImageMagick/ImageMagick6/commit/41399a3414069870071e47680b0bbbe0a283db5d
	NOTE: ImageMagick6: https://github.com/ImageMagick/ImageMagick6/commit/4ba4dc73b7e38bb66c57d457f17ab4aeb9b6bbdc
CVE-2019-17539 (In FFmpeg before 4.2, avcodec_open2 in libavcodec/utils.c allows a NUL ...)
	- ffmpeg 7:4.2.1-1 (low)
	[buster] - ffmpeg <postponed> (Minor issue, wait until fixed in 4.1.x branch)
	[stretch] - ffmpeg <postponed> (Minor issue, wait until fixed in 3.2.x branch)
	- libav <removed> (low)
	[jessie] - libav <not-affected> (Vulnerable code introduced in v12.x)
	NOTE: https://github.com/FFmpeg/FFmpeg/commit/8df6884832ec413cf032dfaa45c23b1c7876670c
CVE-2019-17538 (Jiangnan Online Judge (aka jnoj) 0.8.0 has Directory Traversal for fil ...)
	NOT-FOR-US: Jiangnan Online Judge
CVE-2019-17537 (Jiangnan Online Judge (aka jnoj) 0.8.0 has Directory Traversal for fil ...)
	NOT-FOR-US: Jiangnan Online Judge
CVE-2019-17536 (Gila CMS through 1.11.4 allows Unrestricted Upload of a File with a Da ...)
	NOT-FOR-US: Gila CMS
CVE-2019-17535 (Gila CMS through 1.11.4 allows blog-list.php XSS, in both the gila-blo ...)
	NOT-FOR-US: Gila CMS
CVE-2019-17534 (vips_foreign_load_gif_scan_image in foreign/gifload.c in libvips befor ...)
	- vips <not-affected> (Vulnerable code never in a released version)
	NOTE: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=16796
	NOTE: Introduced by: https://github.com/libvips/libvips/commit/https://github.com/libvips/libvips/commit/25e457736173369dcb0f7c09d07af68aedbdc175
	NOTE: Fixed by: https://github.com/libvips/libvips/commit/ce684dd008532ea0bf9d4a1d89bacb35f4a83f4d
CVE-2019-17533 (Mat_VarReadNextInfo4 in mat4.c in MATIO 1.5.17 omits a certain '\0' ch ...)
	- libmatio <unfixed> (bug #942255)
	[buster] - libmatio <no-dsa> (Minor issue)
	[stretch] - libmatio <no-dsa> (Minor issue)
	NOTE: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=16856
	NOTE: https://github.com/tbeu/matio/commit/651a8e28099edb5fbb9e4e1d4d3238848f446c9a
CVE-2019-17532 (An issue was discovered on Belkin Wemo Switch 28B WW_2.00.11057.PVT-OW ...)
	NOT-FOR-US: Belkin
CVE-2019-17531 (A Polymorphic Typing issue was discovered in FasterXML jackson-databin ...)
	{DLA-2030-1}
	- jackson-databind 2.10.1-1
	[buster] - jackson-databind <no-dsa> (Minor issue; can be fixed via a point release)
	[stretch] - jackson-databind <no-dsa> (Minor issue; can be fixed via a point release)
	NOTE: https://github.com/FasterXML/jackson-databind/issues/2498
	NOTE: https://github.com/FasterXML/jackson-databind/commit/b5a304a98590b6bb766134f9261e6566dcbbb6d0
	NOTE: Starting from 2.10 series mitigated as Safe Default Typing is enabled by default
	NOTE: but still an issue when Default Typing is enabled.
CVE-2019-17530 (An issue was discovered in Bento4 1.5.1.0. There is a heap-based buffe ...)
	NOT-FOR-US: Bento4
CVE-2019-17529 (An issue was discovered in Bento4 1.5.1.0. There is a heap-based buffe ...)
	NOT-FOR-US: Bento4
CVE-2019-17528 (An issue was discovered in Bento4 1.5.1.0. There is a SEGV in the func ...)
	NOT-FOR-US: Bento4
CVE-2019-17527 (dataForDepandantField in models/custormfields.php in the JS JOBS FREE  ...)
	NOT-FOR-US: JS JOBS FREE extension for Joomla!
CVE-2019-17526 (** DISPUTED ** An issue was discovered in SageMath Sage Cell Server th ...)
	NOT-FOR-US: Sage Cell Server (not part of SafeMath as packaged in Debian)
CVE-2019-17525
	RESERVED
CVE-2019-17524 (An XSS vulnerability on Technicolor TC7300 STFA.51.20 devices allows r ...)
	NOT-FOR-US: Technicolor TC7300 STFA.51.20 devices
CVE-2019-17523 (An XSS vulnerability on Technicolor TC7300 STFA.51.20 devices allows r ...)
	NOT-FOR-US: Technicolor TC7300 STFA.51.20 devices
CVE-2019-17522 (A stored XSS vulnerability was discovered in Hotaru CMS v1.7.2 via the ...)
	NOT-FOR-US: Hotaru CMS
CVE-2019-17521 (An issue was discovered in Landing-CMS 0.0.6. There is a CSRF vulnerab ...)
	NOT-FOR-US: Landing-CMS
CVE-2019-17520 (The Bluetooth Low Energy implementation on Texas Instruments SDK throu ...)
	NOT-FOR-US: Texas Instruments
CVE-2019-17519 (The Bluetooth Low Energy implementation on NXP SDK through 2.2.1 for K ...)
	NOT-FOR-US: NXP
CVE-2019-17518 (The Bluetooth Low Energy implementation on Dialog Semiconductor SDK th ...)
	NOT-FOR-US: Dialog Semiconductor
CVE-2019-17517 (The Bluetooth Low Energy implementation on Dialog Semiconductor SDK th ...)
	NOT-FOR-US: Dialog Semiconductor
CVE-2019-17516
	RESERVED
CVE-2019-17515 (The CleanTalk cleantalk-spam-protect plugin before 5.127.4 for WordPre ...)
	NOT-FOR-US: CleanTalk cleantalk-spam-protect plugin for WordPress
CVE-2019-17514 (library/glob.html in the Python 2 and 3 documentation before 2016 has  ...)
	NOT-FOR-US: Non-actionable CVE assignment for Python docs
CVE-2019-17513 (An issue was discovered in Ratpack before 1.7.5. Due to a misuse of th ...)
	NOT-FOR-US: Ratpack
CVE-2019-17512 (There are some web interfaces without authentication requirements on D ...)
	NOT-FOR-US: D-Link
CVE-2019-17511 (There are some web interfaces without authentication requirements on D ...)
	NOT-FOR-US: D-Link
CVE-2019-17510 (D-Link DIR-846 devices with firmware 100A35 allow remote attackers to  ...)
	NOT-FOR-US: D-Link
CVE-2019-17509 (D-Link DIR-846 devices with firmware 100A35 allow remote attackers to  ...)
	NOT-FOR-US: D-Link
CVE-2019-17508 (On D-Link DIR-859 A3-1.06 and DIR-850 A1.13 devices, /etc/services/DEV ...)
	NOT-FOR-US: D-Link
CVE-2019-17507 (An issue was discovered on D-Link DIR-816 A1 1.06 devices. An attacker ...)
	NOT-FOR-US: D-Link
CVE-2019-17506 (There are some web interfaces without authentication requirements on D ...)
	NOT-FOR-US: D-Link
CVE-2019-17505 (D-Link DAP-1320 A2-V1.21 routers have some web interfaces without auth ...)
	NOT-FOR-US: D-Link
CVE-2019-17504 (An issue was discovered in Kirona Dynamic Resource Scheduling (DRS) 5. ...)
	NOT-FOR-US: Kirona Dynamic Resource Scheduling (DRS)
CVE-2019-17503 (An issue was discovered in Kirona Dynamic Resource Scheduling (DRS) 5. ...)
	NOT-FOR-US: Kirona Dynamic Resource Scheduling (DRS)
CVE-2019-17502 (Hydra through 0.1.8 has a NULL pointer dereference and daemon crash wh ...)
	NOT-FOR-US: Hydra (different from src:hydra)
CVE-2019-17501 (Centreon 19.04 allows attackers to execute arbitrary OS commands via t ...)
	- centreon-web <itp> (bug #913903)
CVE-2019-17500
	RESERVED
CVE-2019-17499 (The setter.xml component of the Common Gateway Interface on Compal CH7 ...)
	NOT-FOR-US: Compal CH7465LG devices
CVE-2019-17498 (In libssh2 v1.9.0 and earlier versions, the SSH_MSG_DISCONNECT logic i ...)
	{DLA-1991-1}
	- libssh2 <unfixed> (low; bug #943562)
	[buster] - libssh2 <no-dsa> (Minor issue)
	[stretch] - libssh2 <no-dsa> (Minor issue)
	NOTE: https://github.com/libssh2/libssh2/commit/dedcbd106f8e52d5586b0205bc7677e4c9868f9c
	NOTE: https://blog.semmle.com/libssh2-integer-overflow-CVE-2019-17498/
	NOTE: Backported SUSE patch for versions <= 1.8.0 (including struct string_buf,
	NOTE: and the functions _libssh2_check_length(), _libssh2_get_u32() and
	NOTE: libssh2_get_string(), forming part of the fix):
	NOTE: https://bugzilla.suse.com/attachment.cgi?id=822416
	NOTE: Only exploitable with a malicious server
CVE-2019-17497 (Tracker PDF-XChange Editor before 8.0.330.0 has an NTLM SSO hash theft ...)
	NOT-FOR-US: Tracker PDF-XChange Editor
CVE-2019-17496 (Craft CMS before 3.3.8 has stored XSS via a name field. This field is  ...)
	NOT-FOR-US: Craft CMS
CVE-2019-17495 (A Cascading Style Sheets (CSS) injection vulnerability in Swagger UI b ...)
	- node-swagger-ui <itp> (bug #871461)
	- swagger-ui <itp> (bug #895422)
CVE-2019-17494 (laravel-bjyblog 6.1.1 has XSS via a crafted URL. ...)
	NOT-FOR-US: laravel-bjyblog
CVE-2019-17493 (Jiangnan Online Judge (aka jnoj) 0.8.0 has XSS via the Problem[sample_ ...)
	NOT-FOR-US: Jiangnan Online Judge
CVE-2019-17492
	RESERVED
CVE-2019-17491 (Jiangnan Online Judge (aka jnoj) 0.8.0 has XSS via the Problem[descrip ...)
	NOT-FOR-US: Jiangnan Online Judge
CVE-2019-17490 (app\modules\polygon\controllers\ProblemController in Jiangnan Online J ...)
	NOT-FOR-US: Jiangnan Online Judge
CVE-2019-17489 (Jiangnan Online Judge (aka jnoj) 0.8.0 has XSS via the Problem[title]  ...)
	NOT-FOR-US: Jiangnan Online Judge
CVE-2019-17488 (b3log Symphony (aka Sym) before 3.6.0 has XSS via the HTTP User-Agent  ...)
	NOT-FOR-US: b3log Symphony
CVE-2019-17487
	RESERVED
CVE-2019-17486
	RESERVED
CVE-2019-17485
	RESERVED
CVE-2019-17484
	RESERVED
CVE-2019-17483
	RESERVED
CVE-2019-17482
	RESERVED
CVE-2019-17481
	RESERVED
CVE-2019-17480
	RESERVED
CVE-2019-17479
	RESERVED
CVE-2019-17478
	RESERVED
CVE-2019-17477
	RESERVED
CVE-2019-17476
	RESERVED
CVE-2019-17475
	RESERVED
CVE-2019-17474
	RESERVED
CVE-2019-17473
	RESERVED
CVE-2019-17472
	RESERVED
CVE-2019-17471
	RESERVED
CVE-2019-17470
	RESERVED
CVE-2019-17469
	RESERVED
CVE-2019-17468
	RESERVED
CVE-2019-17467
	RESERVED
CVE-2019-17466
	RESERVED
CVE-2019-17465
	RESERVED
CVE-2019-17464
	RESERVED
CVE-2019-17463
	RESERVED
CVE-2019-17462
	RESERVED
CVE-2019-17461
	RESERVED
CVE-2019-17460
	RESERVED
CVE-2019-17459
	RESERVED
CVE-2019-17458
	RESERVED
CVE-2019-17457
	RESERVED
CVE-2019-17456
	RESERVED
CVE-2019-17455 (Libntlm through 1.5 relies on a fixed buffer size for tSmbNtlmAuthRequ ...)
	- libntlm <unfixed> (bug #942145)
	[buster] - libntlm <no-dsa> (Minor issue)
	[stretch] - libntlm <no-dsa> (Minor issue)
	[jessie] - libntlm <no-dsa> (Minor issue)
	NOTE: https://gitlab.com/jas/libntlm/issues/2
CVE-2019-17454 (Bento4 1.5.1.0 has a NULL pointer dereference in AP4_Descriptor::GetTa ...)
	NOT-FOR-US: Bento4
CVE-2019-17453 (Bento4 1.5.1.0 has a NULL pointer dereference in AP4_DescriptorListWri ...)
	NOT-FOR-US: Bento4
CVE-2019-17452 (Bento4 1.5.1.0 has a NULL pointer dereference in AP4_DescriptorListIns ...)
	NOT-FOR-US: Bento4
CVE-2019-17451 (An issue was discovered in the Binary File Descriptor (BFD) library (a ...)
	- binutils <unfixed> (unimportant)
	NOTE: https://sourceware.org/bugzilla/show_bug.cgi?id=25070
	NOTE: https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=336bfbeb1848f4b9558456fdcf283ee8a32d7fd1
	NOTE: binutils not covered by security support
CVE-2019-17450 (find_abstract_instance in dwarf2.c in the Binary File Descriptor (BFD) ...)
	- binutils <unfixed> (unimportant)
	NOTE: https://sourceware.org/bugzilla/show_bug.cgi?id=25078
	NOTE: https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=063c511bd79281f33fd33f0964541a73511b9e2b
	NOTE: binutils not covered by security support
CVE-2019-17449 (** DISPUTED ** Avira Software Updater before 2.0.6.21094 allows a DLL  ...)
	NOT-FOR-US: Avira Software Updater
CVE-2019-17448
	RESERVED
CVE-2019-17447
	RESERVED
CVE-2019-17446 (An issue was discovered in Eracent EPA Agent through 10.2.26. The agen ...)
	NOT-FOR-US: Eracent EPA Agent
CVE-2019-17445 (An issue was discovered in Eracent EDA, EPA, EPM, EUA, FLW, and SUM Ag ...)
	NOT-FOR-US: Eracent EDA, EPA, EPM, EUA, FLW, and SUM Agent
CVE-2019-17444
	RESERVED
CVE-2019-17443
	RESERVED
CVE-2019-17442
	RESERVED
CVE-2019-17441
	RESERVED
CVE-2019-17440 (Improper restriction of communications to Log Forwarding Card (LFC) on ...)
	NOT-FOR-US: Palo Alto Networks PAN-OS
CVE-2019-17439
	RESERVED
CVE-2019-17438
	RESERVED
CVE-2019-17437 (An improper authentication check in Palo Alto Networks PAN-OS may allo ...)
	NOT-FOR-US: PAN-OS
CVE-2019-17436 (A Local Privilege Escalation vulnerability exists in GlobalProtect Age ...)
	NOT-FOR-US: GlobalProtect Agent
CVE-2019-17435 (A Local Privilege Escalation vulnerability exists in the GlobalProtect ...)
	NOT-FOR-US: GlobalProtect Agent
CVE-2019-17434 (LavaLite through 5.7 has XSS via a crafted account name that is mishan ...)
	NOT-FOR-US: LavaLite
CVE-2019-17433 (z-song laravel-admin 1.7.3 has XSS via the Slug or Name on the Roles s ...)
	NOT-FOR-US: z-song laravel-admin
CVE-2019-17432 (An issue was discovered in fastadmin 1.0.0.20190705_beta. There is a p ...)
	NOT-FOR-US: fastadmin
CVE-2019-17431 (An issue was discovered in fastadmin 1.0.0.20190705_beta. There is a p ...)
	NOT-FOR-US: fastadmin
CVE-2019-17430 (EyouCms through 2019-07-11 has XSS related to the login.php web_record ...)
	NOT-FOR-US: EyouCms
CVE-2019-17429 (Adhouma CMS through 2019-10-09 has SQL Injection via the post.php p_id ...)
	NOT-FOR-US: Adhouma CMS
CVE-2019-17428 (An issue was discovered in Intesync Solismed 3.3sp1. An flaw in the en ...)
	NOT-FOR-US: Intesync Solismed
CVE-2019-17427 (In Redmine before 3.4.11 and 4.0.x before 4.0.4, persistent XSS exists ...)
	{DSA-4574-1}
	- redmine 4.0.4-1
	NOTE: Fixed in 3.4.11 and 4.0.4
	NOTE: https://github.com/redmine/redmine/commit/899fc2e0cd2bcb4f5f9333b612b160bb9c6e803b
CVE-2019-17426 (Automattic Mongoose through 5.7.4 allows attackers to bypass access co ...)
	NOT-FOR-US: Automattic Mongoose (different from Cesenta Mongoose)
CVE-2019-17425
	RESERVED
CVE-2019-17424 (A stack-based buffer overflow in the processPrivilage() function in IO ...)
	NOT-FOR-US: nipper-ng
CVE-2019-17423
	RESERVED
CVE-2019-17422
	RESERVED
CVE-2019-17421 (Incorrect file permissions on the packaged Nipper executable file in Z ...)
	NOT-FOR-US: Zoho
CVE-2019-17420 (In OISF LibHTP before 0.5.31, as used in Suricata 4.1.4 and other prod ...)
	- libhtp 1:0.5.31-1
	[buster] - libhtp <no-dsa> (Minor issue)
	NOTE: https://github.com/OISF/libhtp/pull/213
CVE-2019-17419 (An issue was discovered in MetInfo 7.0. There is SQL injection via the ...)
	NOT-FOR-US: MetInfo
CVE-2019-17418 (An issue was discovered in MetInfo 7.0. There is SQL injection via the ...)
	NOT-FOR-US: MetInfo
CVE-2019-17417 (PbootCMS 2.0.2 allows XSS via vectors involving the Pboot/admin.php?p= ...)
	NOT-FOR-US: PbootCMS
CVE-2019-17416
	RESERVED
CVE-2019-17415 (A Structured Exception Handler (SEH) based buffer overflow in File Sha ...)
	NOT-FOR-US: File Sharing Wizard
CVE-2019-17414 (tinylcy Vino through 2017-12-15 allows remote attackers to cause a den ...)
	NOT-FOR-US: tinylcy Vino
CVE-2019-17413
	RESERVED
CVE-2019-17412
	RESERVED
CVE-2019-17411
	RESERVED
CVE-2019-17410
	RESERVED
CVE-2019-17409 (Reflected XSS exists in interface/forms/eye_mag/view.php in OpenEMR 5. ...)
	NOT-FOR-US: OpenEMR
CVE-2019-17408 (parserIfLabel in inc/zzz_template.php in ZZZCMS zzzphp 1.7.3 allows re ...)
	NOT-FOR-US: ZZZCMS
CVE-2019-17407
	RESERVED
CVE-2019-14842 (Structured reply is a feature of the newstyle NBD protocol allowing th ...)
	- libnbd 1.0.3-1 (bug #942215)
	NOTE: https://www.redhat.com/archives/libguestfs/2019-October/msg00060.html
	NOTE: https://github.com/libguestfs/libnbd/commit/f75f602a6361c0c5f42debfeea6980f698ce7f09 (1.1.4)
	NOTE: https://github.com/libguestfs/libnbd/commit/2c1987fc23d6d0f537edc6d4701e95a2387f7917 (stable-1.0)
CVE-2019-17406 (Nokia IMPACT &lt; 18A has path traversal that may lead to RCE if chain ...)
	NOT-FOR-US: Nokia
CVE-2019-17405 (Nokia IMPACT &lt; 18A: has Reflected self XSS ...)
	NOT-FOR-US: Nokia
CVE-2019-17404 (Nokia IMPACT &lt; 18A: allows full path disclosure ...)
	NOT-FOR-US: Nokia
CVE-2019-17403 (Nokia IMPACT &lt; 18A: An unrestricted File Upload vulnerability was f ...)
	NOT-FOR-US: Nokia
CVE-2019-17402 (Exiv2 0.27.2 allows attackers to trigger a crash in Exiv2::getULong in ...)
	{DLA-2019-1}
	- exiv2 <unfixed> (bug #946341)
	[buster] - exiv2 <no-dsa> (Minor issue)
	[stretch] - exiv2 <no-dsa> (Minor issue)
	NOTE: https://github.com/Exiv2/exiv2/issues/1019
	NOTE: https://github.com/Exiv2/exiv2/commit/88054239e3c914862d13f6ac89a19a104fa2c076 (master)
	NOTE: https://github.com/Exiv2/exiv2/commit/50e9dd964a439da357798344ed1dd86edcadf0ec (0.27-branch)
	NOTE: Follow-up: https://github.com/Exiv2/exiv2/issues/1026
CVE-2019-17401 (** DISPUTED ** libyal liblnk 20191006 has a heap-based buffer over-rea ...)
	- liblnk <unfixed> (unimportant)
	NOTE: https://github.com/libyal/liblnk/issues/40
	NOTE: Negligible/questionable security impact
CVE-2019-17400 (The unoconv package before 0.9 mishandles untrusted pathnames, leading ...)
	- unoconv 0.7-2 (low; bug #943561)
	[buster] - unoconv <no-dsa> (Minor issue)
	[stretch] - unoconv <no-dsa> (Minor issue)
	[jessie] - unoconv <no-dsa> (Minor issue)
	NOTE: https://github.com/unoconv/unoconv/pull/510
CVE-2019-17399 (The Shack Forms Pro extension before 4.0.32 for Joomla! allows path tr ...)
	NOT-FOR-US: Shack Forms Pro extension for Joomla!
CVE-2019-17398 (In the Dark Horse Comics application 1.3.21 for Android, token informa ...)
	NOT-FOR-US: Dark Horse Comics application
CVE-2019-17397 (In the DoorDash application through 11.5.2 for Android, the username a ...)
	NOT-FOR-US: DoorDash application
CVE-2019-17396 (In the PowerSchool Mobile application 1.1.8 for Android, the username  ...)
	NOT-FOR-US: PowerSchool Mobile application
CVE-2019-17395 (In the Rapid Gator application 0.7.1 for Android, the username and pas ...)
	NOT-FOR-US: Rapid Gator application
CVE-2019-17394 (In the Seesaw Parent and Family application 6.2.5 for Android, the use ...)
	NOT-FOR-US: Seesaw Parent and Family application
CVE-2019-17393 (The Customer's Tomedo Server in Version 1.7.3 communicates to the Vend ...)
	NOT-FOR-US: Tomedo Server
CVE-2019-17392 (Progress Sitefinity 12.1 has a Weak Password Recovery Mechanism for a  ...)
	NOT-FOR-US: Progress Sitefinity
CVE-2019-17391 (An issue was discovered in the Espressif ESP32 mask ROM code 2016-06-0 ...)
	NOT-FOR-US: Espressif ESP32
CVE-2019-17390 (An issue was discovered in the Outlook add-in in Pronestor Planner bef ...)
	NOT-FOR-US: Outlook add-in in Pronestor Planner
CVE-2019-17389 (In RIOT 2019.07, the MQTT-SN implementation (asymcute) mishandles erro ...)
	NOT-FOR-US: RIOT RIOT-OS
CVE-2019-17388 (Weak file permissions applied to the Aviatrix VPN Client through 2.2.1 ...)
	NOT-FOR-US: Aviatrix VPN Client
CVE-2019-17387 (An authentication flaw in the AVPNC_RP service in Aviatrix VPN Client  ...)
	NOT-FOR-US: Aviatrix VPN Client
CVE-2019-17386 (The animate-it plugin before 2.3.6 for WordPress has CSRF in edsanimat ...)
	NOT-FOR-US: Wordpress plugin
CVE-2019-17385 (The animate-it plugin before 2.3.5 for WordPress has XSS. ...)
	NOT-FOR-US: animate-it plugin for WordPress
CVE-2019-17384 (The animate-it plugin before 2.3.4 for WordPress has XSS. ...)
	NOT-FOR-US: animate-it plugin for WordPress
CVE-2019-17383 (The netaddr gem before 2.0.4 for Ruby has misconfigured file permissio ...)
	- ruby-netaddr <not-affected> (Upstream packaging issue)
CVE-2019-17382 (An issue was discovered in zabbix.php?action=dashboard.view&amp;dashbo ...)
	- zabbix <unfixed>
	[buster] - zabbix <no-dsa> (Minor issue)
	[stretch] - zabbix <no-dsa> (Minor issue)
	[jessie] - zabbix <no-dsa> (Minor issue, guest accounts can be disabled)
	NOTE: https://support.zabbix.com/browse/ZBX-16789
	NOTE: Disputed by upstream, closed as not a security bug.
	NOTE: Guest account is disabled by default starting in 4.0.15rc1, 4.4.2rc1 and
	NOTE: 5.0.0alpha1 (Cf. https://support.zabbix.com/browse/ZBXNEXT-5532)
CVE-2019-17381
	RESERVED
CVE-2019-17380 (cPanel before 82.0.15 allows self XSS in the WHM Update Preferences in ...)
	NOT-FOR-US: cPanel
CVE-2019-17379 (cPanel before 82.0.15 allows self stored XSS in the WHM SSL Storage Ma ...)
	NOT-FOR-US: cPanel
CVE-2019-17378 (cPanel before 82.0.15 allows self XSS in the SSL Key Delete interface  ...)
	NOT-FOR-US: cPanel
CVE-2019-17377 (cPanel before 82.0.15 allows self XSS in LiveAPI example scripts (SEC- ...)
	NOT-FOR-US: cPanel
CVE-2019-17376 (cPanel before 82.0.15 allows self XSS in the SSL Certificate Upload in ...)
	NOT-FOR-US: cPanel
CVE-2019-17375 (cPanel before 82.0.15 allows API token credentials to persist after an ...)
	NOT-FOR-US: cPanel
CVE-2019-17374
	RESERVED
CVE-2019-17373 (Certain NETGEAR devices allow unauthenticated access to critical .cgi  ...)
	NOT-FOR-US: NETGEAR
CVE-2019-17372 (Certain NETGEAR devices allow remote attackers to disable all authenti ...)
	NOT-FOR-US: NETGEAR
CVE-2019-17371 (gif2png 2.5.13 has a memory leak in the writefile function. ...)
	- gif2png <removed> (unimportant)
	NOTE: https://github.com/glennrp/libpng/issues/307
	NOTE: Initially filed for libpng, but the bug is actually in gif2png
	NOTE: Memory leak in CLI tool, no security impact
CVE-2019-17370 (OTCMS v3.85 allows arbitrary PHP Code Execution because admin/sysCheck ...)
	NOT-FOR-US: OTCMS
CVE-2019-17369 (OTCMS v3.85 has CSRF in the admin/member_deal.php Admin Panel page, le ...)
	NOT-FOR-US: OTCMS
CVE-2019-17368 (S-CMS v1.5 has XSS in tpl.php via the member/member_login.php from par ...)
	NOT-FOR-US: S-CMS
CVE-2019-17367 (OpenWRT firmware version 18.06.4 is vulnerable to CSRF via wireless/ra ...)
	NOT-FOR-US: OpenWRT
CVE-2019-17366 (Citrix Application Delivery Management (ADM) 12.1 before build 54.13 h ...)
	NOT-FOR-US: Citrix
CVE-2019-17365 (Nix through 2.3 allows local users to gain access to an arbitrary user ...)
	NOT-FOR-US: Nix
CVE-2019-17364 (The processCommandUploadLog() function of libcommon.so in Petwant PF-1 ...)
	NOT-FOR-US: Petwant
CVE-2019-17363
	RESERVED
CVE-2019-17362 (In LibTomCrypt through 1.18.2, the der_decode_utf8_string function (in ...)
	{DLA-1951-1}
	- libtomcrypt 1.18.2-3
	[buster] - libtomcrypt <no-dsa> (Minor issue)
	[stretch] - libtomcrypt <no-dsa> (Minor issue)
	NOTE: https://github.com/libtom/libtomcrypt/issues/507
	NOTE: https://github.com/libtom/libtomcrypt/pull/508
CVE-2019-17361 (In SaltStack Salt through 2019.2.0, the salt-api NET API with the ssh  ...)
	- salt 2019.2.3+dfsg1-1 (bug #949222)
	[jessie] - salt <not-affected> (Vulnerable code added in v2014.7)
	NOTE: https://github.com/saltstack/salt/commit/bca115f3f00fbde564dd2f12bf036b5d2fd08387
	NOTE: Vulnerability introduced in https://github.com/saltstack/salt/commit/3bade9d6258fb8df849b32f68de6343cfdd83720
CVE-2019-17360 (A vulnerability in Hitachi Command Suite 7.x and 8.x before 8.7.0-00 a ...)
	NOT-FOR-US: Hitachi
CVE-2019-17359 (The ASN.1 parser in Bouncy Castle Crypto (aka BC Java) 1.63 can trigge ...)
	- bouncycastle <not-affected> (Vulnerable code introduced n 1.63)
	NOTE: Introduced only in 1.63, fixed in 1.64.
	NOTE: https://github.com/bcgit/bc-java/commit/b1bc75254f5fea633a49a751a1a7339056f97856
CVE-2019-17358 (Cacti through 1.2.7 is affected by multiple instances of lib/functions ...)
	{DSA-4604-1 DLA-2032-1}
	- cacti 1.2.8+ds1-1 (bug #947375)
	NOTE: https://github.com/Cacti/cacti/issues/3026
	NOTE: https://github.com/Cacti/cacti/commit/adf221344359f5b02b8aed43dfb6b33ae5d708c8
CVE-2019-17357 (Cacti through 1.2.7 is affected by a graphs.php?template_id= SQL injec ...)
	- cacti 1.2.8+ds1-1 (bug #947374)
	[buster] - cacti 1.2.2+ds1-2+deb10u2
	[stretch] - cacti <not-affected> (Vulnerable code not present)
	[jessie] - cacti <not-affected> (Vulnerable code not present)
	NOTE: https://github.com/Cacti/cacti/issues/3025
	NOTE: https://github.com/Cacti/cacti/commit/d6dc48503bbcde0717e7a93df7638fd4796200f4
CVE-2019-17356 (The Infinite Design application 3.4.12 for Android sends a username an ...)
	NOT-FOR-US: Infinite Design application
CVE-2019-17355 (In the Orbitz application 19.31.1 for Android, the username and passwo ...)
	NOT-FOR-US: Orbitz application
CVE-2019-17354 (wan.htm page on Zyxel NBG-418N v2 with firmware version V1.00(AARP.9)C ...)
	NOT-FOR-US: Zyxel
CVE-2019-17353 (An issue discovered on D-Link DIR-615 devices with firmware version 20 ...)
	NOT-FOR-US: D-Link
CVE-2019-17352 (In JFinal cos before 2019-08-13, as used in JFinal 4.4, there is a vul ...)
	NOT-FOR-US: JFinal
CVE-2019-17339
	RESERVED
CVE-2019-17338 (The user interface component of TIBCO Software Inc.'s TIBCO Patterns - ...)
	NOT-FOR-US: TIBCO
CVE-2019-17337 (The Spotfire library component of TIBCO Software Inc.'s TIBCO Spotfire ...)
	NOT-FOR-US: TIBCO
CVE-2019-17336 (The Data access layer component of TIBCO Software Inc.'s TIBCO Spotfir ...)
	NOT-FOR-US: TIBCO
CVE-2019-17335 (The Data access layer component of TIBCO Software Inc.'s TIBCO Spotfir ...)
	NOT-FOR-US: TIBCO
CVE-2019-17334 (The Visualizations component of TIBCO Software Inc.'s TIBCO Spotfire A ...)
	NOT-FOR-US: TIBCO
CVE-2019-17333 (The Web server component of TIBCO Software Inc.'s TIBCO EBX contains a ...)
	NOT-FOR-US: TIBCO EBX
CVE-2019-17332 (The Digital Asset Manager Web Interface component of TIBCO Software In ...)
	NOT-FOR-US: TIBCO
CVE-2019-17331 (The Data Exchange Web Interface component of TIBCO Software Inc.'s TIB ...)
	NOT-FOR-US: TIBCO
CVE-2019-17330 (The Web server component of TIBCO Software Inc.'s TIBCO EBX contains m ...)
	NOT-FOR-US: TIBCO
CVE-2019-17329
	RESERVED
CVE-2019-17328
	RESERVED
CVE-2019-17327 (JEUS 7 Fix#0~5 and JEUS 8Fix#0~1 versions contains a directory travers ...)
	NOT-FOR-US: JEUS
CVE-2019-17326 (ClipSoft REXPERT 1.0.0.527 and earlier version allows remote attacker  ...)
	NOT-FOR-US: ClipSoft REXPERT
CVE-2019-17325 (ClipSoft REXPERT 1.0.0.527 and earlier version allows remote attacker  ...)
	NOT-FOR-US: ClipSoft REXPERT
CVE-2019-17324 (ClipSoft REXPERT 1.0.0.527 and earlier version allows directory traver ...)
	NOT-FOR-US: ClipSoft REXPERT
CVE-2019-17323 (ClipSoft REXPERT 1.0.0.527 and earlier version allows arbitrary file c ...)
	NOT-FOR-US: ClipSoft REXPERT
CVE-2019-17322 (ClipSoft REXPERT 1.0.0.527 and earlier version allows arbitrary file c ...)
	NOT-FOR-US: ClipSoft REXPERT
CVE-2019-17321 (ClipSoft REXPERT 1.0.0.527 and earlier version have an information dis ...)
	NOT-FOR-US: ClipSoft REXPERT
CVE-2019-17320 (NetSarang XFTP Client 6.0149 and earlier version contains a buffer ove ...)
	NOT-FOR-US: NetSarang XFTP Client
CVE-2019-17319 (SugarCRM before 8.0.4 and 9.x before 9.0.2 allows SQL injection in the ...)
	NOT-FOR-US: SugarCRM
CVE-2019-17318 (SugarCRM before 8.0.4 and 9.x before 9.0.2 allows SQL injection in the ...)
	NOT-FOR-US: SugarCRM
CVE-2019-17317 (SugarCRM before 8.0.4 and 9.x before 9.0.2 allows PHP object injection ...)
	NOT-FOR-US: SugarCRM
CVE-2019-17316 (SugarCRM before 8.0.4 and 9.x before 9.0.2 allows PHP object injection ...)
	NOT-FOR-US: SugarCRM
CVE-2019-17315 (SugarCRM before 8.0.4 and 9.x before 9.0.2 allows PHP object injection ...)
	NOT-FOR-US: SugarCRM
CVE-2019-17314 (SugarCRM before 8.0.4 and 9.x before 9.0.2 allows directory traversal  ...)
	NOT-FOR-US: SugarCRM
CVE-2019-17313 (SugarCRM before 8.0.4 and 9.x before 9.0.2 allows directory traversal  ...)
	NOT-FOR-US: SugarCRM
CVE-2019-17312 (SugarCRM before 8.0.4 and 9.x before 9.0.2 allows directory traversal  ...)
	NOT-FOR-US: SugarCRM
CVE-2019-17311 (SugarCRM before 8.0.4 and 9.x before 9.0.2 allows directory traversal  ...)
	NOT-FOR-US: SugarCRM
CVE-2019-17310 (SugarCRM before 8.0.4 and 9.x before 9.0.2 allows PHP code injection i ...)
	NOT-FOR-US: SugarCRM
CVE-2019-17309 (SugarCRM before 8.0.4 and 9.x before 9.0.2 allows PHP code injection i ...)
	NOT-FOR-US: SugarCRM
CVE-2019-17308 (SugarCRM before 8.0.4 and 9.x before 9.0.2 allows PHP code injection i ...)
	NOT-FOR-US: SugarCRM
CVE-2019-17307 (SugarCRM before 8.0.4 and 9.x before 9.0.2 allows PHP code injection i ...)
	NOT-FOR-US: SugarCRM
CVE-2019-17306 (SugarCRM before 8.0.4 and 9.x before 9.0.2 allows PHP code injection i ...)
	NOT-FOR-US: SugarCRM
CVE-2019-17305 (SugarCRM before 8.0.4 and 9.x before 9.0.2 allows PHP code injection i ...)
	NOT-FOR-US: SugarCRM
CVE-2019-17304 (SugarCRM before 8.0.4 and 9.x before 9.0.2 allows PHP code injection i ...)
	NOT-FOR-US: SugarCRM
CVE-2019-17303 (SugarCRM before 8.0.4 and 9.x before 9.0.2 allows PHP code injection i ...)
	NOT-FOR-US: SugarCRM
CVE-2019-17302 (SugarCRM before 8.0.4 and 9.x before 9.0.2 allows PHP code injection i ...)
	NOT-FOR-US: SugarCRM
CVE-2019-17301 (SugarCRM before 8.0.4 and 9.x before 9.0.2 allows PHP code injection i ...)
	NOT-FOR-US: SugarCRM
CVE-2019-17300 (SugarCRM before 8.0.4 and 9.x before 9.0.2 allows PHP code injection i ...)
	NOT-FOR-US: SugarCRM
CVE-2019-17299 (SugarCRM before 8.0.4 and 9.x before 9.0.2 allows PHP code injection i ...)
	NOT-FOR-US: SugarCRM
CVE-2019-17298 (SugarCRM before 8.0.4 and 9.x before 9.0.2 allows SQL injection in the ...)
	NOT-FOR-US: SugarCRM
CVE-2019-17297 (SugarCRM before 8.0.4 and 9.x before 9.0.2 allows SQL injection in the ...)
	NOT-FOR-US: SugarCRM
CVE-2019-17296 (SugarCRM before 8.0.4 and 9.x before 9.0.2 allows SQL injection in the ...)
	NOT-FOR-US: SugarCRM
CVE-2019-17295 (SugarCRM before 8.0.4 and 9.x before 9.0.2 allows SQL injection in the ...)
	NOT-FOR-US: SugarCRM
CVE-2019-17294 (SugarCRM before 8.0.4 and 9.x before 9.0.2 allows SQL injection in the ...)
	NOT-FOR-US: SugarCRM
CVE-2019-17293 (SugarCRM before 8.0.4 and 9.x before 9.0.2 allows SQL injection in the ...)
	NOT-FOR-US: SugarCRM
CVE-2019-17292 (SugarCRM before 8.0.4 and 9.x before 9.0.2 allows SQL injection in the ...)
	NOT-FOR-US: SugarCRM
CVE-2019-17291
	RESERVED
CVE-2019-17290
	RESERVED
CVE-2019-17289
	RESERVED
CVE-2019-17288
	RESERVED
CVE-2019-17287
	RESERVED
CVE-2019-17286
	RESERVED
CVE-2019-17285
	RESERVED
CVE-2019-17284
	RESERVED
CVE-2019-17283
	RESERVED
CVE-2019-17282
	RESERVED
CVE-2019-17281
	RESERVED
CVE-2019-17280
	RESERVED
CVE-2019-17279
	RESERVED
CVE-2019-17278
	RESERVED
CVE-2019-17277
	RESERVED
CVE-2019-17276 (OnCommand System Manager versions 9.3 prior to 9.3P18 and 9.4 prior to ...)
	NOT-FOR-US: OnCommand
CVE-2019-17275 (OnCommand Cloud Manager versions prior to 3.8.0 are susceptible to arb ...)
	NOT-FOR-US: OnCommand Cloud Manager
CVE-2019-17274 (NetApp FAS 8300/8700 and AFF A400 Baseboard Management Controller (BMC ...)
	NOT-FOR-US: NetApp
CVE-2019-17273 (E-Series SANtricity OS Controller Software version 11.60.0 is suscepti ...)
	NOT-FOR-US: E-Series SANtricity OS Controller Software
CVE-2019-17272 (All versions of ONTAP Select Deploy administration utility are suscept ...)
	NOT-FOR-US: ONTAP
CVE-2019-17271 (vBulletin 5.5.4 allows SQL Injection via the ajax/api/hook/getHookList ...)
	NOT-FOR-US: vBulletin
CVE-2019-17270 (Yachtcontrol through 2019-10-06: It's possible to perform direct Opera ...)
	NOT-FOR-US: Yachtcontrol
CVE-2019-17269 (Intellian Remote Access 3.18 allows remote attackers to execute arbitr ...)
	NOT-FOR-US: Intellian Remote Access
CVE-2019-17268 (The omniauth-weibo-oauth2 gem 0.4.6 for Ruby, as distributed on RubyGe ...)
	NOT-FOR-US: omniauth-weibo-oauth2 gem
CVE-2019-17267 (A Polymorphic Typing issue was discovered in FasterXML jackson-databin ...)
	{DLA-2030-1}
	- jackson-databind 2.10.0-1
	[buster] - jackson-databind <no-dsa> (Minor issue; can be fixed via a point release)
	[stretch] - jackson-databind <no-dsa> (Minor issue; can be fixed via a point release)
	NOTE: https://github.com/FasterXML/jackson-databind/issues/2460
	NOTE: https://github.com/FasterXML/jackson-databind/commit/191a4cdf87b56d2ddddb77edd895ee756b7f75eb
CVE-2019-17266 (libsoup from versions 2.65.1 until 2.68.1 have a heap-based buffer ove ...)
	- libsoup2.4 2.68.2-1 (bug #941912)
	[buster] - libsoup2.4 <not-affected> (Vulnerable code introduced in 2.65.1)
	[stretch] - libsoup2.4 <not-affected> (Vulnerable code introduced in 2.65.1)
	[jessie] - libsoup2.4 <not-affected> (Vulnerable code introduced in 2.65.1)
	NOTE: https://gitlab.gnome.org/GNOME/libsoup/issues/173 (private)
CVE-2019-17265
	RESERVED
CVE-2019-17264 (** DISPUTED ** In libyal liblnk before 20191006, liblnk_location_infor ...)
	- liblnk <unfixed> (unimportant)
	NOTE: https://github.com/libyal/liblnk/issues/38
	NOTE: https://github.com/libyal/liblnk/commit/c4d04de2c76f62129677c90a616d049be9c52482
	NOTE: Negligible/questionable security impact
CVE-2019-17263 (** DISPUTED ** In libyal libfwsi before 20191006, libfwsi_extension_bl ...)
	- liblnk <unfixed> (unimportant)
	- libfwsi <unfixed> (unimportant)
	NOTE: https://github.com/libyal/libfwsi/issues/13
	NOTE: https://github.com/libyal/libfwsi/commit/54afa5c71d6c795a555dbcb1e160fea393b98fb3
	NOTE: Negligible/questionable security impact
CVE-2019-17262 (XnView Classic 2.49.1 allows a User Mode Write AV starting at Xwsq+0x0 ...)
	NOT-FOR-US: XnView
CVE-2019-17261 (XnView Classic 2.49.1 allows a User Mode Write AV starting at Xwsq+0x0 ...)
	NOT-FOR-US: XnView
CVE-2019-17260 (MPC-HC through 1.7.13 allows a Read Access Violation on a Block Data M ...)
	NOT-FOR-US: MPC-HC
CVE-2019-17259 (KMPlayer 4.2.2.31 allows a User Mode Write AV starting at utils!src_ne ...)
	NOT-FOR-US: KMPlayer (different from src:kmplayer)
CVE-2019-17258 (IrfanView 4.53 allows Data from a Faulting Address to control a subseq ...)
	NOT-FOR-US: IrfanView
CVE-2019-17257 (IrfanView 4.53 allows a Exception Handler Chain to be Corrupted starti ...)
	NOT-FOR-US: IrfanView
CVE-2019-17256 (IrfanView 4.53 allows a User Mode Write AV starting at DPX!ReadDPX_W+0 ...)
	NOT-FOR-US: IrfanView
CVE-2019-17255 (IrfanView 4.53 allows a User Mode Write AV starting at EXR!ReadEXR+0x0 ...)
	NOT-FOR-US: IrfanView
CVE-2019-17254 (IrfanView 4.53 allows Data from a Faulting Address to control a subseq ...)
	NOT-FOR-US: IrfanView
CVE-2019-17253 (IrfanView 4.53 allows a User Mode Write AV starting at JPEG_LS+0x00000 ...)
	NOT-FOR-US: IrfanView
CVE-2019-17252 (IrfanView 4.53 allows a User Mode Write AV starting at FORMATS!Read_Ba ...)
	NOT-FOR-US: IrfanView
CVE-2019-17251 (IrfanView 4.53 allows a User Mode Write AV starting at FORMATS!GetPlug ...)
	NOT-FOR-US: IrfanView
CVE-2019-17250 (IrfanView 4.53 allows a User Mode Write AV starting at WSQ!ReadWSQ+0x0 ...)
	NOT-FOR-US: IrfanView
CVE-2019-17249 (IrfanView 4.53 allows a User Mode Write AV starting at WSQ!ReadWSQ+0x0 ...)
	NOT-FOR-US: IrfanView
CVE-2019-17248 (IrfanView 4.53 allows a User Mode Write AV starting at WSQ!ReadWSQ+0x0 ...)
	NOT-FOR-US: IrfanView
CVE-2019-17247 (IrfanView 4.53 allows Data from a Faulting Address to control a subseq ...)
	NOT-FOR-US: IrfanView
CVE-2019-17246 (IrfanView 4.53 allows a User Mode Write AV starting at WSQ!ReadWSQ+0x0 ...)
	NOT-FOR-US: IrfanView
CVE-2019-17245 (IrfanView 4.53 allows a User Mode Write AV starting at WSQ!ReadWSQ+0x0 ...)
	NOT-FOR-US: IrfanView
CVE-2019-17244 (IrfanView 4.53 allows Data from a Faulting Address to control Code Flo ...)
	NOT-FOR-US: IrfanView
CVE-2019-17243 (IrfanView 4.53 allows Data from a Faulting Address to control Code Flo ...)
	NOT-FOR-US: IrfanView
CVE-2019-17242 (IrfanView 4.53 allows a User Mode Write AV starting at WSQ!ReadWSQ+0x0 ...)
	NOT-FOR-US: IrfanView
CVE-2019-17241 (IrfanView 4.53 allows a User Mode Write AV starting at WSQ!ReadWSQ+0x0 ...)
	NOT-FOR-US: IrfanView
CVE-2019-17240 (bl-kernel/security.class.php in Bludit 3.9.2 allows attackers to bypas ...)
	NOT-FOR-US: Bludit
CVE-2019-17239 (includes/settings/class-alg-download-plugins-settings.php in the downl ...)
	NOT-FOR-US: Wordpress plugin
CVE-2019-17238
	RESERVED
CVE-2019-17237 (includes/class-coming-soon-creator.php in the igniteup plugin through  ...)
	NOT-FOR-US: igniteup plugin for WordPress
CVE-2019-17236 (includes/class-coming-soon-creator.php in the igniteup plugin through  ...)
	NOT-FOR-US: igniteup plugin for WordPress
CVE-2019-17235 (includes/class-coming-soon-creator.php in the igniteup plugin through  ...)
	NOT-FOR-US: igniteup plugin for WordPress
CVE-2019-17234 (includes/class-coming-soon-creator.php in the igniteup plugin through  ...)
	NOT-FOR-US: igniteup plugin for WordPress
CVE-2019-17233 (Functions/EWD_UFAQ_Import.php in the ultimate-faqs plugin through 1.8. ...)
	NOT-FOR-US: Wordpress plugin
CVE-2019-17232 (Functions/EWD_UFAQ_Import.php in the ultimate-faqs plugin through 1.8. ...)
	NOT-FOR-US: Wordpress plugin
CVE-2019-17231 (includes/theme-functions.php in the OneTone theme through 3.0.6 for Wo ...)
	NOT-FOR-US: OneTone theme for WordPress
CVE-2019-17230 (includes/theme-functions.php in the OneTone theme through 3.0.6 for Wo ...)
	NOT-FOR-US: OneTone theme for WordPress
CVE-2019-17229 (includes/options.php in the motors-car-dealership-classified-listings  ...)
	NOT-FOR-US: motors-car-dealership-classified-listings (aka Motors - Car Dealer & Classified Ads) plugin for WordPress
CVE-2019-17228 (includes/options.php in the motors-car-dealership-classified-listings  ...)
	NOT-FOR-US: motors-car-dealership-classified-listings (aka Motors - Car Dealer & Classified Ads) plugin for WordPress
CVE-2019-17227
	RESERVED
CVE-2019-17226 (CMS Made Simple (CMSMS) 2.2.11 allows XSS via the Site Admin &gt; Modu ...)
	NOT-FOR-US: CMS Made Simple
CVE-2019-17225 (Subrion 4.2.1 allows XSS via the panel/members/ Username, Full Name, o ...)
	NOT-FOR-US: Subrion CMS
CVE-2019-17224 (The web interface of the Compal Broadband CH7465LG modem (version CH74 ...)
	NOT-FOR-US: Compal Broadband CH7465LG modem
CVE-2019-17223 (There is HTML Injection in the Note field in Dolibarr ERP/CRM 10.0.2 v ...)
	- dolibarr <removed>
CVE-2019-17222 (An issue was discovered on Intelbras WRN 150 1.0.17 devices. There is  ...)
	NOT-FOR-US: Intelbras WRN 150 devices
CVE-2019-17221 (PhantomJS through 2.1.1 has an arbitrary file read vulnerability, as d ...)
	- phantomjs <unfixed>
	NOTE: https://www.darkmatter.ae/blogs/breaching-the-perimeter-phantomjs-arbitrary-file-read/
CVE-2019-17220 (Rocket.Chat before 2.1.0 allows XSS via a URL on a ![title] line. ...)
	NOT-FOR-US: Rocket.Chat
CVE-2019-17219 (An issue was discovered on V-Zug Combi-Steam MSLQ devices before Ether ...)
	NOT-FOR-US: V-Zug Combi-Steam MSLQ devices
CVE-2019-17218 (An issue was discovered on V-Zug Combi-Steam MSLQ devices before Ether ...)
	NOT-FOR-US: V-Zug Combi-Steam MSLQ devices
CVE-2019-17217 (An issue was discovered on V-Zug Combi-Steam MSLQ devices before Ether ...)
	NOT-FOR-US: V-Zug Combi-Steam MSLQ devices
CVE-2019-17216 (An issue was discovered on V-Zug Combi-Steam MSLQ devices before Ether ...)
	NOT-FOR-US: V-Zug Combi-Steam MSLQ devices
CVE-2019-17215 (An issue was discovered on V-Zug Combi-Steam MSLQ devices before Ether ...)
	NOT-FOR-US: V-Zug Combi-Steam MSLQ devices
CVE-2019-17214 (The WebARX plugin 1.3.0 for WordPress allows firewall bypass by append ...)
	NOT-FOR-US: WebARX plugin for WordPress
CVE-2019-17213 (The WebARX plugin 1.3.0 for WordPress has unauthenticated stored XSS v ...)
	NOT-FOR-US: WebARX plugin for WordPress
CVE-2019-17212 (Buffer overflows were discovered in the CoAP library in Arm Mbed OS 5. ...)
	NOT-FOR-US: Arm Mbed OS
CVE-2019-17211 (An integer overflow was discovered in the CoAP library in Arm Mbed OS  ...)
	NOT-FOR-US: Arm Mbed OS
CVE-2019-17210 (A denial-of-service issue was discovered in the MQTT library in Arm Mb ...)
	NOT-FOR-US: Arm Mbed OS
CVE-2019-17209
	RESERVED
CVE-2019-17208
	RESERVED
CVE-2019-17207 (A reflected XSS vulnerability was found in includes/admin/table-printe ...)
	NOT-FOR-US: broken-link-checker (aka Broken Link Checker) plugin for WordPress
CVE-2019-17206 (Uncontrolled deserialization of a pickled object in models.py in Frost ...)
	NOT-FOR-US: Frost Ming rediswrapper
CVE-2019-17205 (TeamPass 2.1.27.36 allows Stored XSS by placing a payload in the usern ...)
	- teampass <itp> (bug #730180)
CVE-2019-17204 (TeamPass 2.1.27.36 allows Stored XSS by setting a crafted Knowledge Ba ...)
	- teampass <itp> (bug #730180)
CVE-2019-17203 (TeamPass 2.1.27.36 allows Stored XSS at the Search page by setting a c ...)
	- teampass <itp> (bug #730180)
CVE-2019-17202 (FastTrack Admin By Request 6.1.0.0 supports group policies that are su ...)
	NOT-FOR-US: FastTrack Admin By Request
CVE-2019-17201 (FastTrack Admin By Request 6.1.0.0 supports group policies that are su ...)
	NOT-FOR-US: FastTrack Admin By Request
CVE-2019-17200
	RESERVED
CVE-2019-17199 (www/getfile.php in WPO WebPageTest 19.04 on Windows allows Directory T ...)
	NOT-FOR-US: WPO WebPageTest
CVE-2019-17198
	RESERVED
CVE-2019-17197 (OpenEMR through 5.0.2 has SQL Injection in the Lifestyle demographic f ...)
	NOT-FOR-US: OpenEMR
CVE-2019-17196
	RESERVED
CVE-2019-17195 (Connect2id Nimbus JOSE+JWT before v7.9 can throw various uncaught exce ...)
	NOT-FOR-US: Connect2id Nimbus JOSE+JWT
CVE-2019-17194
	RESERVED
CVE-2019-17193
	RESERVED
CVE-2019-17192 (** DISPUTED ** The WebRTC component in the Signal Private Messenger ap ...)
	NOT-FOR-US: Signal
CVE-2019-17191 (The Signal Private Messenger application before 4.47.7 for Android all ...)
	NOT-FOR-US: Signal
CVE-2019-17190 (A Local Privilege Escalation issue was discovered in Avast Secure Brow ...)
	NOT-FOR-US: Avast Secure Browser
CVE-2019-17189 (totemodata 3.0.0_b936 has XSS via a folder name. ...)
	NOT-FOR-US: totemodata
CVE-2019-17188 (An unrestricted file upload vulnerability was discovered in catalog/pr ...)
	NOT-FOR-US: Fecshop FecMall
CVE-2019-17187 (/var/WEB-GUI/cgi-bin/downloadfile.cgi on FiberHome HG2201T 1.00.M5007_ ...)
	NOT-FOR-US: FiberHome HG2201T devices
CVE-2019-17186 (/var/WEB-GUI/cgi-bin/telnet.cgi on FiberHome HG2201T 1.00.M5007_JS_201 ...)
	NOT-FOR-US: FiberHome HG2201T devices
CVE-2019-17185 (In FreeRADIUS 3.0.x before 3.0.20, the EAP-pwd module used a global Op ...)
	- freeradius 3.0.20+dfsg-1
	[jessie] - freeradius <not-affected> (Vulnerable code not present; EAP-pwd module introduced in later version)
	NOTE: https://github.com/FreeRADIUS/freeradius-server/commit/6b522f8780813726799e6b8cf0f1f8e0ce2c8ebf
CVE-2019-17184 (Xerox AtlaLink B8045/B8055/B8065/B8075/B8090 C8030/C8035/C8045/C8055/C ...)
	NOT-FOR-US: Xerox printers
CVE-2019-17183 (Foxit Reader before 9.7 allows an Access Violation and crash if insuff ...)
	NOT-FOR-US: Foxit Reader
CVE-2019-17182
	RESERVED
CVE-2019-17181 (A remote SEH buffer overflow has been discovered in IntraSrv 1.0 (2007 ...)
	NOT-FOR-US: IntraSrv
CVE-2019-17180 (Valve Steam Client before 2019-09-12 allows placing or appending parti ...)
	NOT-FOR-US: Steam on Windows
CVE-2019-17179 (4.1.0, 4.1.1, 4.1.2, 4.1.2.3, 4.1.2.6, 4.1.2.7, 4.2.0, 4.2.1, 4.2.2, 5 ...)
	NOT-FOR-US: OpenEMR
CVE-2019-17178 (HuffmanTree_makeFromFrequencies in lodepng.c in LodePNG through 2019-0 ...)
	TODO: check
CVE-2019-17177 (libfreerdp/codec/region.c in FreeRDP through 1.1.x and 2.x through 2.0 ...)
	- freerdp2 2.0.0~git20190204.1.2693389a+dfsg1-2 (low)
	[buster] - freerdp2 2.0.0~git20190204.1.2693389a+dfsg1-1+deb10u1
	- freerdp <removed> (low)
	[stretch] - freerdp <no-dsa> (Minor issue)
	[jessie] - freerdp <ignored> (Minor issue; Patching this old version would be very invasive; no upstream patch available)
	NOTE: https://github.com/FreeRDP/FreeRDP/issues/5645
	NOTE: https://github.com/akallabeth/FreeRDP/commit/fc80ab45621bd966f70594c0b7393ec005a94007
CVE-2019-17176 (Genesys PureEngage Digital (eServices) 8.1.x allows XSS via HtmlChatPa ...)
	NOT-FOR-US: Genesys PureEngage Digital (eServices)
CVE-2019-17175 (joyplus-cms 1.6.0 allows manager/admin_pic.php?rootpath= absolute path ...)
	NOT-FOR-US: joyplus-cms
CVE-2019-17174
	RESERVED
CVE-2019-17173
	RESERVED
CVE-2019-17172
	RESERVED
CVE-2019-17171
	RESERVED
CVE-2019-17170
	RESERVED
CVE-2019-17169
	RESERVED
CVE-2019-17168
	RESERVED
CVE-2019-17167
	RESERVED
CVE-2019-17166
	RESERVED
CVE-2019-17165
	RESERVED
CVE-2019-17164
	RESERVED
CVE-2019-17163
	RESERVED
CVE-2019-17162
	RESERVED
CVE-2019-17161
	RESERVED
CVE-2019-17160
	RESERVED
CVE-2019-17159
	RESERVED
CVE-2019-17158
	RESERVED
CVE-2019-17157
	RESERVED
CVE-2019-17156
	RESERVED
CVE-2019-17155
	RESERVED
CVE-2019-17154
	RESERVED
CVE-2019-17153
	RESERVED
CVE-2019-17152
	RESERVED
CVE-2019-17151 (This vulnerability allows remote attackers redirect users to an extern ...)
	NOT-FOR-US: Tencent WeChat
CVE-2019-17150
	REJECTED
CVE-2019-17149
	REJECTED
CVE-2019-17148 (This vulnerability allows local attackers to escalate privileges on af ...)
	NOT-FOR-US: Parallels
CVE-2019-17147 (This vulnerability allows remote attackers to execute arbitrary code o ...)
	NOT-FOR-US: TP-Link
CVE-2019-17146 (This vulnerability allows remote attackers to execute arbitrary code o ...)
	NOT-FOR-US: D-Link
CVE-2019-17145 (This vulnerability allows remote attackers to execute arbitrary code o ...)
	NOT-FOR-US: Foxit
CVE-2019-17144 (This vulnerability allows remote attackers to execute arbitrary code o ...)
	NOT-FOR-US: Foxit
CVE-2019-17143 (This vulnerability allows remote attackers to disclose sensitive infor ...)
	NOT-FOR-US: Foxit
CVE-2019-17142 (This vulnerability allows remote attackers to execute arbitrary code o ...)
	NOT-FOR-US: Foxit
CVE-2019-17141 (This vulnerability allows remote attackers to execute arbitrary code o ...)
	NOT-FOR-US: Foxit
CVE-2019-17140 (This vulnerability allows remote attackers to execute arbitrary code o ...)
	NOT-FOR-US: Foxit
CVE-2019-17139 (This vulnerability allows remote attackers to execute arbitrary code o ...)
	NOT-FOR-US: Foxit
CVE-2019-17138 (This vulnerability allows remote attackers to disclose sensitive infor ...)
	NOT-FOR-US: Foxit
CVE-2019-17137 (This vulnerability allows network-adjacent attackers to bypass authent ...)
	NOT-FOR-US: Netgear
CVE-2019-17136 (This vulnerability allows remote attackers to execute arbitrary code o ...)
	NOT-FOR-US: Foxit PhantomPDF
CVE-2019-17135 (This vulnerability allows remote attackers to execute arbitrary code o ...)
	NOT-FOR-US: Foxit PhantomPDF
CVE-2019-17134 (Amphora Images in OpenStack Octavia &gt;=0.10.0 &lt;2.1.2, &gt;=3.0.0  ...)
	- octavia 4.0.0-6 (bug #941897)
	[buster] - octavia <no-dsa> (Minor issue in regular setups, can be fixed via point release)
CVE-2019-17132 (vBulletin through 5.5.4 mishandles custom avatars. ...)
	NOT-FOR-US: vBulletin
CVE-2019-17131 (vBulletin before 5.5.4 allows clickjacking. ...)
	NOT-FOR-US: vBulletin
CVE-2019-17130 (vBulletin through 5.5.4 mishandles external URLs within the /core/vb/v ...)
	NOT-FOR-US: vBulletin
CVE-2019-17133 (In the Linux kernel through 5.3.2, cfg80211_mgd_wext_giwessid in net/w ...)
	{DLA-2114-1 DLA-2068-1}
	- linux 5.3.9-1
	[buster] - linux 4.19.87-1
	[stretch] - linux 4.9.210-1
	NOTE: https://marc.info/?l=linux-wireless&m=157018270915487&w=2
CVE-2019-17129
	RESERVED
CVE-2019-17128 (Netreo OmniCenter through 12.1.1 allows unauthenticated SQL Injection  ...)
	NOT-FOR-US: Netreo OmniCenter
CVE-2019-17127 (A Stored Client Side Template Injection (CSTI) with Angular was discov ...)
	NOT-FOR-US: SolarWinds Orion Platform
CVE-2019-17126
	RESERVED
CVE-2019-17125 (A Reflected Client Side Template Injection (CSTI) with Angular was dis ...)
	NOT-FOR-US: SolarWinds Orion Platform
CVE-2019-17124 (Kramer VIAware 2.5.0719.1034 has Incorrect Access Control. ...)
	NOT-FOR-US: Kramer VIAware
CVE-2019-17123 (The eGain Web Email API 11+ allows spoofed messages because the fromNa ...)
	NOT-FOR-US: eGain Web Email API
CVE-2019-17122
	RESERVED
CVE-2019-17121 (REDCap before 9.3.4 has XSS on the Customize &amp; Manage Locking/E-si ...)
	NOT-FOR-US: REDCap
CVE-2019-17120 (A stored and reflected cross-site scripting (XSS) vulnerability in WiK ...)
	NOT-FOR-US: WiKID 2FA Enterprise Server
CVE-2019-17119 (Multiple SQL injection vulnerabilities in Logs.jsp in WiKID 2FA Enterp ...)
	NOT-FOR-US: WiKID 2FA Enterprise Server
CVE-2019-17118 (A CSRF issue in WiKID 2FA Enterprise Server through 4.2.0-b2053 allows ...)
	NOT-FOR-US: WiKID 2FA Enterprise Server
CVE-2019-17117 (A SQL injection vulnerability in processPref.jsp in WiKID 2FA Enterpri ...)
	NOT-FOR-US: WiKID 2FA Enterprise Server
CVE-2019-17116 (A stored and reflected cross-site scripting (XSS) vulnerability in WiK ...)
	NOT-FOR-US: WiKID 2FA Enterprise Server
CVE-2019-17115 (Multiple cross-site scripting (XSS) vulnerabilities in WiKID 2FA Enter ...)
	NOT-FOR-US: WiKID 2FA Enterprise Server
CVE-2019-17114 (A stored and reflected cross-site scripting (XSS) vulnerability in WiK ...)
	NOT-FOR-US: WiKID 2FA Enterprise Server
CVE-2019-17113 (In libopenmpt before 0.3.19 and 0.4.x before 0.4.9, ModPlug_Instrument ...)
	- libopenmpt 0.4.9-1
	NOTE: https://github.com/OpenMPT/openmpt/commit/927688ddab43c2b203569de79407a899e734fabe
	NOTE: https://source.openmpt.org/browse/openmpt/trunk/OpenMPT/?op=revision&rev=12127&peg=12127
	NOTE: Fixed in upstream versions 0.3.19 and 0.4.9.
CVE-2019-17112 (An issue was discovered in Zoho ManageEngine DataSecurity Plus before  ...)
	NOT-FOR-US: Zoho
CVE-2019-17111
	RESERVED
CVE-2019-17110
	REJECTED
CVE-2019-17109 (Koji through 1.18.0 allows remote Directory Traversal, with resultant  ...)
	- koji <removed> (bug #942146)
	NOTE: https://docs.pagure.org/koji/CVE-2019-17109/
	NOTE: https://pagure.io/koji/issue/1634
CVE-2019-17108 (Local file inclusion in brokerPerformance.php in Centreon Web before 2 ...)
	- centreon-web <itp> (bug #913903)
CVE-2019-17107 (minPlayCommand.php in Centreon Web before 2.8.27 allows authenticated  ...)
	- centreon-web <itp> (bug #913903)
CVE-2019-17106 (In Centreon Web through 2.8.29, disclosure of external components' pas ...)
	- centreon-web <itp> (bug #913903)
CVE-2019-17105 (The token generator in index.php in Centreon Web before 2.8.27 is pred ...)
	- centreon-web <itp> (bug #913903)
CVE-2019-17104 (In Centreon VM through 19.04.3, the cookie configuration within the Ap ...)
	- centreon-web <itp> (bug #913903)
CVE-2019-17103 (An Incorrect Default Permissions vulnerability in the BDLDaemon compon ...)
	NOT-FOR-US: Bitdefender AV for Mac
CVE-2019-17102 (An exploitable command execution vulnerability exists in the recovery  ...)
	NOT-FOR-US: Bitdefender BOX 2
CVE-2019-17101
	RESERVED
CVE-2019-17100 (An Untrusted Search Path vulnerability in bdserviceshost.exe as used i ...)
	NOT-FOR-US: Bitdefender Total Security
CVE-2019-17099 (An Untrusted Search Path vulnerability in EPSecurityService.exe as use ...)
	NOT-FOR-US: Bitdefender Endpoint Security Tools
CVE-2019-17098
	RESERVED
CVE-2019-17097
	RESERVED
CVE-2019-17096 (A OS Command Injection vulnerability in the bootstrap stage of Bitdefe ...)
	NOT-FOR-US: Bitdefender BOX 2
CVE-2019-17095 (A command injection vulnerability has been discovered in the bootstrap ...)
	NOT-FOR-US: Bitdefender BOX 2
CVE-2019-17094 (A Stack-based Buffer Overflow vulnerability in libbelkin_api.so compon ...)
	NOT-FOR-US: Belkin
CVE-2019-17093 (An issue was discovered in Avast antivirus before 19.8 and AVG antivir ...)
	NOT-FOR-US: Avast
CVE-2019-17092 (An XSS vulnerability in project list in OpenProject before 9.0.4 and 1 ...)
	NOT-FOR-US: OpenProject
CVE-2019-17091 (faces/context/PartialViewContextImpl.java in Eclipse Mojarra, as used  ...)
	- mojarra <not-affected> (Vulnerable code not present)
CVE-2019-17090
	RESERVED
CVE-2019-17089
	RESERVED
CVE-2019-17088
	RESERVED
CVE-2019-17087 (Unauthorized file download vulnerability in all supported versions of  ...)
	NOT-FOR-US: Micro Focus AcuToWeb
CVE-2019-17086
	RESERVED
CVE-2019-17085 (XXE attack vulnerability on Micro Focus Operations Agent, affected ver ...)
	NOT-FOR-US: Micro Focus
CVE-2019-17084
	RESERVED
CVE-2019-17083
	RESERVED
CVE-2019-17082
	RESERVED
CVE-2019-17081
	RESERVED
CVE-2019-17080 (mintinstall (aka Software Manager) 7.9.9 for Linux Mint allows code ex ...)
	NOT-FOR-US: Linux Mint
CVE-2019-17079
	RESERVED
CVE-2019-17078
	RESERVED
CVE-2019-17077
	RESERVED
CVE-2019-17076 (An issue was discovered in Jamf Pro 9.x and 10.x before 10.15.1. Deser ...)
	NOT-FOR-US: Jamf Pro
CVE-2019-17075 (An issue was discovered in write_tpt_entry in drivers/infiniband/hw/cx ...)
	{DLA-2114-1}
	- linux 5.3.7-1
	[buster] - linux 4.19.87-1
	[stretch] - linux 4.9.210-1
	[jessie] - linux <ignored> (Not a problem in practice)
	NOTE: https://lore.kernel.org/lkml/20191001165611.GA3542072@kroah.com
CVE-2019-17074 (An issue was discovered in XunRuiCMS 4.3.1. There is a stored XSS in t ...)
	NOT-FOR-US: XunRuiCMS
CVE-2019-17073 (emlog through 6.0.0beta allows remote authenticated users to delete ar ...)
	NOT-FOR-US: emlog
CVE-2019-17072 (The new-contact-form-widget (aka Contact Form Widget - Contact Query,  ...)
	NOT-FOR-US: new-contact-form-widget (aka Contact Form Widget - Contact Query, Form Maker) plugin for WordPress
CVE-2019-17071 (The client-dash (aka Client Dash) plugin 2.1.4 for WordPress allows XS ...)
	NOT-FOR-US: client-dash (aka Client Dash) plugin for WordPress
CVE-2019-17070 (The liquid-speech-balloon (aka LIQUID SPEECH BALLOON) plugin before 1. ...)
	NOT-FOR-US: liquid-speech-balloon (aka LIQUID SPEECH BALLOON) plugin for WordPress
CVE-2019-17069 (PuTTY before 0.73 might allow remote SSH-1 servers to cause a denial o ...)
	- putty 0.73-1 (unimportant)
	NOTE: https://lists.tartarus.org/pipermail/putty-announce/2019/000029.html
	NOTE: Fixed by: https://git.tartarus.org/?p=simon/putty.git;a=commit;h=69201ad8936fe0ff1b8723b7a43accb5e9f1c888
	NOTE: Negligible security impact
CVE-2019-17068 (PuTTY before 0.73 mishandles the "bracketed paste mode" protection mec ...)
	- putty 0.73-1
	[buster] - putty <not-affected> (Vulnerable code introduced later)
	[stretch] - putty <not-affected> (Vulnerable code introduced later)
	[jessie] - putty <not-affected> (Vulnerable code introduced later)
	NOTE: https://lists.tartarus.org/pipermail/putty-announce/2019/000029.html
	NOTE: Introduced by: https://git.tartarus.org/?p=simon/putty.git;a=commit;h=9fccb065a67c283d978b2e3394d6fff69b4f4f30 (0.72)
	NOTE: Fixed by: https://git.tartarus.org/?p=simon/putty.git;a=commit;h=2c279283cc695ade15bafb418a8207ef0edd89cd (0.73)
CVE-2019-17067 (PuTTY before 0.73 on Windows improperly opens port-forwarding listenin ...)
	- putty <not-affected> (Windows-specific)
	NOTE: https://lists.tartarus.org/pipermail/putty-announce/2019/000029.html
CVE-2019-17066
	RESERVED
CVE-2019-17065
	RESERVED
CVE-2019-17064 (Catalog.cc in Xpdf 4.02 has a NULL pointer dereference because Catalog ...)
	- xpdf <not-affected> (xpdf in Debian uses poppler, which is fixed)
CVE-2019-17063 (In Snowtide PDFxStream before 3.7.1 (for Java), a crafted PDF file can ...)
	NOT-FOR-US: Snowtide PDFxStream
CVE-2019-17062 (An issue was discovered in OXID eShop 6.x before 6.0.6 and 6.1.x befor ...)
	NOT-FOR-US: OXID eShop
CVE-2019-17061 (The Bluetooth Low Energy (BLE) stack implementation on Cypress PSoC 4  ...)
	NOT-FOR-US: Cypress
CVE-2019-17060 (The Bluetooth Low Energy (BLE) stack implementation on the NXP KW41Z ( ...)
	NOT-FOR-US: NXP
CVE-2019-17059 (A shell injection vulnerability on the Sophos Cyberoam firewall applia ...)
	NOT-FOR-US: Sophos
CVE-2019-17058 (Footy Tipping Software AFL Web Edition 2019 allows arbitrary file uplo ...)
	NOT-FOR-US: Footy Tipping Software AFL Web Edition
CVE-2019-17057 (Footy Tipping Software AFL Web Edition 2019 allows XSS. ...)
	NOT-FOR-US: Footy Tipping Software AFL Web Edition
CVE-2019-17056 (llcp_sock_create in net/nfc/llcp_sock.c in the AF_NFC network module i ...)
	{DLA-2114-1 DLA-2068-1}
	- linux 5.3.7-1
	[buster] - linux 4.19.87-1
	[stretch] - linux 4.9.210-1
	NOTE: https://git.kernel.org/linus/3a359798b176183ef09efb7a3dc59abad1cc7104
CVE-2019-17055 (base_sock_create in drivers/isdn/mISDN/socket.c in the AF_ISDN network ...)
	{DLA-2114-1 DLA-2068-1}
	- linux 5.3.7-1
	[buster] - linux 4.19.87-1
	[stretch] - linux 4.9.210-1
	NOTE: https://git.kernel.org/linus/b91ee4aa2a2199ba4d4650706c272985a5a32d80
CVE-2019-17054 (atalk_create in net/appletalk/ddp.c in the AF_APPLETALK network module ...)
	{DLA-2114-1 DLA-2068-1}
	- linux 5.3.7-1
	[buster] - linux 4.19.87-1
	[stretch] - linux 4.9.210-1
	NOTE: https://git.kernel.org/linus/6cc03e8aa36c51f3b26a0d21a3c4ce2809c842ac
CVE-2019-17053 (ieee802154_create in net/ieee802154/socket.c in the AF_IEEE802154 netw ...)
	{DLA-2114-1 DLA-2068-1}
	- linux 5.3.7-1
	[buster] - linux 4.19.87-1
	[stretch] - linux 4.9.210-1
	NOTE: https://git.kernel.org/linus/e69dbd4619e7674c1679cba49afd9dd9ac347eef
CVE-2019-17052 (ax25_create in net/ax25/af_ax25.c in the AF_AX25 network module in the ...)
	{DLA-2114-1 DLA-2068-1}
	- linux 5.3.7-1
	[buster] - linux 4.19.87-1
	[stretch] - linux 4.9.210-1
	NOTE: https://git.kernel.org/linus/0614e2b73768b502fc32a75349823356d98aae2c
CVE-2019-17051 (Evernote before 7.13 GA on macOS allows code execution because the com ...)
	NOT-FOR-US: Evernote
CVE-2019-17050 (An issue was discovered in the Voyager package through 1.2.7 for Larav ...)
	NOT-FOR-US: Voyager
CVE-2019-17049 (NETGEAR SRX5308 4.3.5-3 devices allow SQL Injection, as exploited in t ...)
	NOT-FOR-US: NETGEAR
CVE-2019-17048
	RESERVED
CVE-2019-17047
	RESERVED
CVE-2019-17046 (Ilch 2.1.22 allows remote code execution because php is listed under " ...)
	NOT-FOR-US: Ilch CMS
CVE-2019-17045 (Ilch 2.1.22 allows stored XSS via the title, text, or email id to the  ...)
	NOT-FOR-US: Ilch CMS
CVE-2019-17044 (An issue was discovered in BMC Patrol Agent 9.0.10i. Weak execution pe ...)
	NOT-FOR-US: BMC Patrol Agent
CVE-2019-17043 (An issue was discovered in BMC Patrol Agent 9.0.10i. Weak execution pe ...)
	NOT-FOR-US: BMC Patrol Agent
CVE-2019-17042 (An issue was discovered in Rsyslog v8.1908.0. contrib/pmcisconames/pmc ...)
	{DLA-1952-1}
	- rsyslog 8.1910.0-1 (bug #942065)
	[buster] - rsyslog <no-dsa> (Minor issue, pmcisconames module not loaded by default)
	[stretch] - rsyslog <no-dsa> (Minor issue, pmcisconames module not loaded by default)
	NOTE: https://github.com/rsyslog/rsyslog/pull/3883
CVE-2019-17041 (An issue was discovered in Rsyslog v8.1908.0. contrib/pmaixforwardedfr ...)
	{DLA-1952-1}
	- rsyslog 8.1910.0-1 (bug #942067)
	[buster] - rsyslog <no-dsa> (Minor issue, pmaixforwardedfrom module not loaded by default)
	[stretch] - rsyslog <no-dsa> (Minor issue, pmaixforwardedfrom module not loaded by default)
	NOTE: https://github.com/rsyslog/rsyslog/pull/3884
CVE-2019-17040 (contrib/pmdb2diag/pmdb2diag.c in Rsyslog v8.1908.0 allows out-of-bound ...)
	- rsyslog 8.1910.0-1 (unimportant)
	[buster] - rsyslog <not-affected> (Vulnerable code introduced later)
	[stretch] - rsyslog <not-affected> (Vulnerable code introduced later)
	[jessie] - rsyslog <not-affected> (Vulnerable code introduced later)
	NOTE: https://github.com/rsyslog/rsyslog/pull/3875
	NOTE: pmdb2diag module not complied in Debian.
CVE-2019-17039
	REJECTED
CVE-2019-17038
	REJECTED
CVE-2019-17037
	REJECTED
CVE-2019-17036
	REJECTED
CVE-2019-17035
	REJECTED
CVE-2019-17034
	REJECTED
CVE-2019-17033
	REJECTED
CVE-2019-17032
	REJECTED
CVE-2019-17031
	REJECTED
CVE-2019-17030
	REJECTED
CVE-2019-17029
	REJECTED
CVE-2019-17028
	REJECTED
CVE-2019-17027
	REJECTED
CVE-2019-17026 (Incorrect alias information in IonMonkey JIT compiler for setting arra ...)
	{DSA-4603-1 DSA-4600-1 DLA-2093-1 DLA-2071-1}
	- firefox 72.0.1-1 (bug #948452)
	- firefox-esr 68.4.1esr-1
	- thunderbird 1:68.4.1-1
	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2020-03/#CVE-2019-17026
	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2020-04/#CVE-2019-17026
CVE-2019-17025 (Mozilla developers reported memory safety bugs present in Firefox 71.  ...)
	- firefox 72.0-1
	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2020-01/#CVE-2019-17025
CVE-2019-17024 (Mozilla developers reported memory safety bugs present in Firefox 71 a ...)
	{DSA-4603-1 DSA-4600-1 DLA-2071-1 DLA-2061-1}
	- firefox 72.0-1
	- firefox-esr 68.4.0esr-1
	- thunderbird 1:68.4.1-1
	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2020-01/#CVE-2019-17024
	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2020-02/#CVE-2019-17024
	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2020-04/#CVE-2019-17024
CVE-2019-17023 (After a HelloRetryRequest has been sent, the client may negotiate a lo ...)
	- firefox 72.0-1
	- nss 2:3.49-1
	[jessie] - nss <not-affected> (Vulnerable code was introduced later)
	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2020-01/#CVE-2019-17023
	NOTE: https://hg.mozilla.org/projects/nss/rev/d64102b76a437f24d98a20480dcc9f1655143e7c
	NOTE: https://hg.mozilla.org/projects/nss/rev/8a2bd40e7f89a796cf24a0ff7cfb67c6e69c5c78
CVE-2019-17022 (When pasting a &amp;lt;style&amp;gt; tag from the clipboard into a ric ...)
	{DSA-4603-1 DSA-4600-1 DLA-2071-1 DLA-2061-1}
	- firefox 72.0-1
	- firefox-esr 68.4.0esr-1
	- thunderbird 1:68.4.1-1
	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2020-01/#CVE-2019-17022
	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2020-02/#CVE-2019-17022
	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2020-04/#CVE-2019-17022
CVE-2019-17021 (During the initialization of a new content process, a race condition o ...)
	- firefox <not-affected> (Windows-specific)
	- firefox-esr <not-affected> (Windows-specific)
	- thunderbird <not-affected> (Windows-specific)
	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2020-01/#CVE-2019-17021
	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2020-02/#CVE-2019-17021
	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2020-04/#CVE-2019-17021
CVE-2019-17020 (If an XML file is served with a Content Security Policy and the XML fi ...)
	- firefox 72.0-1
	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2020-01/#CVE-2019-17020
CVE-2019-17019 (When Python was installed on Windows, a python file being served with  ...)
	- firefox <not-affected> (Windows-specific)
	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2020-01/#CVE-2019-17019
CVE-2019-17018 (When in Private Browsing Mode on Windows 10, the Windows keyboard may  ...)
	- firefox <not-affected> (Windows-specific)
	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2020-01/#CVE-2019-17018
CVE-2019-17017 (Due to a missing case handling object types, a type confusion vulnerab ...)
	{DSA-4603-1 DSA-4600-1 DLA-2071-1 DLA-2061-1}
	- firefox 72.0-1
	- firefox-esr 68.4.0esr-1
	- thunderbird 1:68.4.1-1
	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2020-01/#CVE-2019-17017
	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2020-02/#CVE-2019-17017
	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2020-04/#CVE-2019-17017
CVE-2019-17016 (When pasting a &amp;lt;style&amp;gt; tag from the clipboard into a ric ...)
	{DSA-4603-1 DSA-4600-1 DLA-2071-1 DLA-2061-1}
	- firefox 72.0-1
	- firefox-esr 68.4.0esr-1
	- thunderbird 1:68.4.1-1
	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2020-01/#CVE-2019-17016
	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2020-02/#CVE-2019-17016
	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2020-04/#CVE-2019-17016
CVE-2019-17015 (During the initialization of a new content process, a pointer offset c ...)
	- firefox <not-affected> (Windows-specific)
	- firefox-esr <not-affected> (Windows-specific)
	- thunderbird <not-affected> (Windows-specific)
	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2020-01/#CVE-2019-17015
	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2020-02/#CVE-2019-17015
	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2020-04/#CVE-2019-17015
CVE-2019-17014 (If an image had not loaded correctly (such as when it is not actually  ...)
	- firefox 71.0-1
	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2019-36/#CVE-2019-17014
CVE-2019-17013 (Mozilla developers reported memory safety bugs present in Firefox 70.  ...)
	- firefox 71.0-1
	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2019-36/#CVE-2019-17013
CVE-2019-17012 (Mozilla developers reported memory safety bugs present in Firefox 70 a ...)
	{DSA-4585-1 DSA-4580-1 DLA-2036-1 DLA-2029-1}
	- firefox 71.0-1
	- firefox-esr 68.3.0esr-1
	- thunderbird 1:68.3.0-1
	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2019-36/#CVE-2019-17012
	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2019-37/#CVE-2019-17012
	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2019-38/#CVE-2019-17012
CVE-2019-17011 (Under certain conditions, when retrieving a document from a DocShell i ...)
	{DSA-4585-1 DSA-4580-1 DLA-2036-1 DLA-2029-1}
	- firefox 71.0-1
	- firefox-esr 68.3.0esr-1
	- thunderbird 1:68.3.0-1
	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2019-36/#CVE-2019-17011
	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2019-37/#CVE-2019-17011
	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2019-38/#CVE-2019-17011
CVE-2019-17010 (Under certain conditions, when checking the Resist Fingerprinting pref ...)
	{DSA-4585-1 DSA-4580-1 DLA-2036-1 DLA-2029-1}
	- firefox 71.0-1
	- firefox-esr 68.3.0esr-1
	- thunderbird 1:68.3.0-1
	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2019-36/#CVE-2019-17010
	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2019-37/#CVE-2019-17010
	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2019-38/#CVE-2019-17010
CVE-2019-17009 (When running, the updater service wrote status and log files to an unr ...)
	- firefox <not-affected> (Updater not used in Debian packages)
	- firefox-esr <not-affected> (Updater not used in Debian packages)
	- thunderbird <not-affected> (Updater not used in Debian packages)
	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2019-36/#CVE-2019-17009
	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2019-37/#CVE-2019-17009
	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2019-38/#CVE-2019-17009
CVE-2019-17008 (When using nested workers, a use-after-free could occur during worker  ...)
	{DSA-4585-1 DSA-4580-1 DLA-2036-1 DLA-2029-1}
	- firefox 71.0-1
	- firefox-esr 68.3.0esr-1
	- thunderbird 1:68.3.0-1
	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2019-36/#CVE-2019-17008
	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2019-37/#CVE-2019-17008
	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2019-38/#CVE-2019-17008
CVE-2019-17007 [nss: Handling of Netscape Certificate Sequences in CERT_DecodeCertPackage() may crash with a NULL deref leading to DoS]
	RESERVED
	{DSA-4579-1 DLA-2015-1}
	- nss 2:3.45-1
	NOTE: https://bugs.chromium.org/p/project-zero/issues/detail?id=1798
	NOTE: https://bugzilla.mozilla.org/show_bug.cgi?id=1533216
	NOTE: https://hg.mozilla.org/projects/nss/rev/1473dd7efe2ce4f8722a33ebb03a3425e09887de
	NOTE: Fixed in 3.44 upstream (and there was an upload of 3.44 to unstable
	NOTE: but then reverted until the 2:3.45-1 upload).
CVE-2019-17006 [Check length of inputs for cryptographic primitives]
	RESERVED
	{DLA-2058-1}
	- nss 2:3.47-1
	NOTE: Fixed upstream in NSS 3.46.
	NOTE: Upstream bug (currently non-public): https://bugzilla.mozilla.org/show_bug.cgi?id=1539788
	NOTE: https://hg.mozilla.org/projects/nss/rev/dfd6996fe7425eb0437346d11a01082f16fcfe34
	NOTE: https://hg.mozilla.org/projects/nss/rev/9d1f5e71773d4e3146524096d74cb96c8df51abe
CVE-2019-17005 (The plain text serializer used a fixed-size array for the number of &l ...)
	{DSA-4585-1 DSA-4580-1 DLA-2036-1 DLA-2029-1}
	- firefox 71.0-1
	- firefox-esr 68.3.0esr-1
	- thunderbird 1:68.3.0-1
	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2019-36/#CVE-2019-17005
	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2019-37/#CVE-2019-17005
	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2019-38/#CVE-2019-17005
CVE-2019-17004
	RESERVED
CVE-2019-17003
	RESERVED
CVE-2019-17002 (If upgrade-insecure-requests was specified in the Content Security Pol ...)
	- firefox 70.0-1
	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2019-34/#CVE-2019-17002
CVE-2019-17001 (A Content-Security-Policy that blocks in-line scripts could be bypasse ...)
	- firefox 70.0-1
	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2019-34/#CVE-2019-17001
CVE-2019-17000 (An object tag with a data URI did not correctly inherit the document's ...)
	- firefox 70.0-1
	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2019-34/#CVE-2019-17000
CVE-2019-16999 (CloudBoot through 2019-03-08 allows SQL Injection via a crafted Status ...)
	NOT-FOR-US: CloudBoot
CVE-2019-16998
	RESERVED
CVE-2019-16997 (In Metinfo 7.0.0beta, a SQL Injection was discovered in app/system/lan ...)
	NOT-FOR-US: Metinfo
CVE-2019-16996 (In Metinfo 7.0.0beta, a SQL Injection was discovered in app/system/pro ...)
	NOT-FOR-US: Metinfo
CVE-2019-16995 (In the Linux kernel before 5.0.3, a memory leak exits in hsr_dev_final ...)
	- linux 4.19.37-1
	[stretch] - linux 4.9.168-1
	[jessie] - linux <not-affected> (Vulnerability introduced later)
	NOTE: https://git.kernel.org/linus/6caabe7f197d3466d238f70915d65301f1716626
CVE-2019-16994 (In the Linux kernel before 5.0, a memory leak exists in sit_init_net() ...)
	- linux 4.19.28-1
	[stretch] - linux <not-affected> (Vulnerability introduced later)
	[jessie] - linux <not-affected> (Vulnerability introduced later)
	NOTE: https://git.kernel.org/linus/07f12b26e21ab359261bf75cfcb424fdc7daeb6d
CVE-2019-16992 (The Keybase app 2.13.2 for iOS provides potentially insufficient notic ...)
	NOT-FOR-US: Keybase
CVE-2019-16991 (In FusionPBX up to v4.5.7, the file app\edit\filedelete.php uses an un ...)
	NOT-FOR-US: FusionPBX
CVE-2019-16990 (In FusionPBX up to v4.5.7, the file app/music_on_hold/music_on_hold.ph ...)
	NOT-FOR-US: FusionPBX
CVE-2019-16989 (In FusionPBX up to v4.5.7, the file app\conferences_active\conference_ ...)
	NOT-FOR-US: FusionPBX
CVE-2019-16988 (In FusionPBX up to v4.5.7, the file app\basic_operator_panel\resources ...)
	NOT-FOR-US: FusionPBX
CVE-2019-16987 (In FusionPBX up to v4.5.7, the file app\contacts\contact_import.php us ...)
	NOT-FOR-US: FusionPBX
CVE-2019-16986 (In FusionPBX up to v4.5.7, the file resources\download.php uses an uns ...)
	NOT-FOR-US: FusionPBX
CVE-2019-16985 (In FusionPBX up to v4.5.7, the file app\xml_cdr\xml_cdr_delete.php use ...)
	NOT-FOR-US: FusionPBX
CVE-2019-16984 (In FusionPBX up to v4.5.7, the file app\recordings\recording_play.php  ...)
	NOT-FOR-US: FusionPBX
CVE-2019-16983 (In FusionPBX up to v4.5.7, the file resources\paging.php has a paging  ...)
	NOT-FOR-US: FusionPBX
CVE-2019-16982 (In FusionPBX up to v4.5.7, the file app\access_controls\access_control ...)
	NOT-FOR-US: FusionPBX
CVE-2019-16981 (In FusionPBX up to v4.5.7, the file app\conference_profiles\conference ...)
	NOT-FOR-US: FusionPBX
CVE-2019-16980 (In FusionPBX up to v4.5.7, the file app\call_broadcast\call_broadcast_ ...)
	NOT-FOR-US: FusionPBX
CVE-2019-16979 (In FusionPBX up to v4.5.7, the file app\contacts\contact_urls.php uses ...)
	NOT-FOR-US: FusionPBX
CVE-2019-16978 (In FusionPBX up to v4.5.7, the file app\devices\device_settings.php us ...)
	NOT-FOR-US: FusionPBX
CVE-2019-16977 (In FusionPBX up to 4.5.7, the file app\extensions\extension_imports.ph ...)
	NOT-FOR-US: FusionPBX
CVE-2019-16976 (In FusionPBX up to 4.5.7, the file app\destinations\destination_import ...)
	NOT-FOR-US: FusionPBX
CVE-2019-16975 (In FusionPBX up to 4.5.7, the file app\contacts\contact_notes.php uses ...)
	NOT-FOR-US: FusionPBX
CVE-2019-16974 (In FusionPBX up to 4.5.7, the file app\contacts\contact_times.php uses ...)
	NOT-FOR-US: FusionPBX
CVE-2019-16973 (In FusionPBX up to 4.5.7, the file app\contacts\contact_edit.php uses  ...)
	NOT-FOR-US: FusionPBX
CVE-2019-16972 (In FusionPBX up to 4.5.7, the file app\contacts\contact_addresses.php  ...)
	NOT-FOR-US: FusionPBX
CVE-2019-16971 (In FusionPBX up to 4.5.7, the file app\messages\messages_thread.php us ...)
	NOT-FOR-US: FusionPBX
CVE-2019-16970 (In FusionPBX up to 4.5.7, the file app\sip_status\sip_status.php uses  ...)
	NOT-FOR-US: FusionPBX
CVE-2019-16969 (In FusionPBX up to 4.5.7, the file app\fifo_list\fifo_interactive.php  ...)
	NOT-FOR-US: FusionPBX
CVE-2019-16968 (An issue was discovered in FusionPBX up to 4.5.7. In the file app\conf ...)
	NOT-FOR-US: FusionPBX
CVE-2019-16967 (An issue was discovered in Manager 13.x before 13.0.2.6 and 15.x befor ...)
	NOT-FOR-US: FusionPBX
CVE-2019-16966 (An issue was discovered in Contactmanager 13.x before 13.0.45.3, 14.x  ...)
	NOT-FOR-US: FusionPBX
CVE-2019-16965 (resources/cmd.php in FusionPBX up to 4.5.7 suffers from a command inje ...)
	NOT-FOR-US: FusionPBX
CVE-2019-16964 (app/call_centers/cmd.php in the Call Center Queue Module in FusionPBX  ...)
	NOT-FOR-US: FusionPBX
CVE-2019-16963
	RESERVED
CVE-2019-16962
	RESERVED
CVE-2019-16961
	RESERVED
CVE-2019-16960
	RESERVED
CVE-2019-16959
	RESERVED
CVE-2019-16958
	RESERVED
CVE-2019-16957
	RESERVED
CVE-2019-16956
	RESERVED
CVE-2019-16955
	RESERVED
CVE-2019-16954
	RESERVED
CVE-2019-16953
	RESERVED
CVE-2019-16952
	RESERVED
CVE-2019-16951 (A remote file include (RFI) issue was discovered in Enghouse Web Chat  ...)
	NOT-FOR-US: Enghouse Web Chat
CVE-2019-16950 (An XSS issue was discovered in Enghouse Web Chat 6.1.300.31 and 6.2.28 ...)
	NOT-FOR-US: Enghouse Web Chat
CVE-2019-16949 (An issue was discovered in Enghouse Web Chat 6.1.300.31 and 6.2.284.34 ...)
	NOT-FOR-US: Enghouse Web Chat
CVE-2019-16948 (An SSRF issue was discovered in Enghouse Web Chat 6.1.300.31. In any P ...)
	NOT-FOR-US: Enghouse Web Chat
CVE-2019-16947
	RESERVED
CVE-2019-16946
	RESERVED
CVE-2019-16945
	RESERVED
CVE-2019-16944
	RESERVED
CVE-2019-16943 (A Polymorphic Typing issue was discovered in FasterXML jackson-databin ...)
	{DSA-4542-1 DLA-1943-1}
	- jackson-databind 2.10.0-2 (bug #941530)
	NOTE: https://github.com/FasterXML/jackson-databind/issues/2478
CVE-2019-16942 (A Polymorphic Typing issue was discovered in FasterXML jackson-databin ...)
	{DSA-4542-1 DLA-1943-1}
	- jackson-databind 2.10.0-2 (bug #941530)
	NOTE: https://github.com/FasterXML/jackson-databind/issues/2478
CVE-2019-16941 (NSA Ghidra through 9.0.4, when experimental mode is enabled, allows ar ...)
	- ghidra <itp> (bug #923851)
CVE-2019-16940
	RESERVED
CVE-2019-16939
	RESERVED
CVE-2019-16938
	RESERVED
CVE-2019-16937
	RESERVED
CVE-2019-16936
	RESERVED
CVE-2019-16935 (The documentation XML-RPC server in Python through 2.7.16, 3.x through ...)
	- python3.8 3.8.0~rc1-1
	- python3.7 3.7.5~rc1-1
	[buster] - python3.7 3.7.3-2+deb10u1
	- python3.5 <removed>
	- python3.4 <removed>
	[jessie] - python3.4 <ignored> (Minor Issue, XSS in an unlikely use-case)
	- python2.7 2.7.17~rc1-1
	[buster] - python2.7 2.7.16-2+deb10u1
	[stretch] - python2.7 <no-dsa> (Minor issue)
	[jessie] - python2.7 <ignored> (Minor Issue, XSS in an unlikely use-case)
	- jython <unfixed>
	[buster] - jython <ignored> (Minor Issue)
	[stretch] - jython <ignored> (Minor Issue)
	[jessie] - jython <ignored> (Minor Issue, XSS in an unlikely use-case)
	- pypy <unfixed> (low)
	[buster] - pypy <no-dsa> (Minor issue)
	[stretch] - pypy <no-dsa> (Minor issue)
	[jessie] - pypy <ignored> (Minor Issue, XSS in an unlikely use-case)
	NOTE: https://bugs.python.org/issue38243
	NOTE: https://github.com/python/cpython/pull/16373
	NOTE: https://github.com/python/cpython/commit/e8650a4f8c7fb76f570d4ca9c1fbe44e91c8dfaa (master)
	NOTE: https://github.com/python/cpython/commit/6447b9f9bd27e1f6b04cef674dd3a7ab27bf4f28 (3.8 branch)
	NOTE: https://github.com/python/cpython/commit/39a0c7555530e31c6941a78da19b6a5b61170687 (3.7 branch)
	NOTE: https://github.com/python/cpython/commit/1698cacfb924d1df452e78d11a4bf81ae7777389 (3.6 branch)
	NOTE: https://github.com/python/cpython/commit/8eb64155ff26823542ccf0225b3d57b6ae36ea89 (2.7 branch)
CVE-2019-16934
	RESERVED
CVE-2019-16933
	RESERVED
CVE-2019-16932 (A blind SSRF vulnerability exists in the Visualizer plugin before 3.3. ...)
	NOT-FOR-US: Visualizer plugin for WordPress
CVE-2019-16931 (A stored XSS vulnerability in the Visualizer plugin 3.3.0 for WordPres ...)
	NOT-FOR-US: Visualizer plugin for WordPress
CVE-2019-16930 (Zcashd in Zcash before 2.0.7-3 allows discovery of the IP address of a ...)
	NOT-FOR-US: Zcash
CVE-2019-16929 (Auth0 auth0.net before 6.5.4 has Incorrect Access Control because Iden ...)
	NOT-FOR-US: Auth0 auth0.net
CVE-2019-16927 (Xpdf 4.01.01 has an out-of-bounds write in the vertProfile part of the ...)
	- xpdf <not-affected> (xpdf in Debian uses poppler, which is fixed)
CVE-2019-16926 (** DISPUTED ** Flower 0.9.3 has XSS via a crafted worker name. NOTE: T ...)
	NOT-FOR-US: Flower
CVE-2019-16925 (** DISPUTED ** Flower 0.9.3 has XSS via the name parameter in an @app. ...)
	NOT-FOR-US: Flower
CVE-2019-16924 (The Nulock application 1.5.0 for mobile devices sends a cleartext pass ...)
	NOT-FOR-US: Nulock
CVE-2019-16923 (kkcms 1.3 has jx.php?url= XSS. ...)
	NOT-FOR-US: kkcms
CVE-2019-16922 (SuiteCRM 7.10.x before 7.10.20 and 7.11.x before 7.11.8 allows uninten ...)
	NOT-FOR-US: SuiteCRM
CVE-2019-16921 (In the Linux kernel before 4.17, hns_roce_alloc_ucontext in drivers/in ...)
	- linux <not-affected> (Did not affect any released kernel)
CVE-2019-16920 (Unauthenticated remote code execution occurs in D-Link products such a ...)
	NOT-FOR-US: D-Link
CVE-2019-16928 (Exim 4.92 through 4.92.2 allows remote code execution, a different vul ...)
	{DSA-4536-1}
	- exim4 4.92.2-3
	[stretch] - exim4 <not-affected> (Vulnerable code introduced later)
	[jessie] - exim4 <not-affected> (Vulnerable code introduced later)
	NOTE: https://lists.exim.org/lurker/message/20190927.032457.c1044d4c.en.html
	NOTE: https://bugs.exim.org/show_bug.cgi?id=2449
	NOTE: https://git.exim.org/exim.git/commit/478effbfd9c3cc5a627fc671d4bf94d13670d65f
CVE-2019-16919 (Harbor API has a Broken Access Control vulnerability. The vulnerabilit ...)
	NOT-FOR-US: Harbor
CVE-2019-16918
	RESERVED
CVE-2019-16917 (WiKID Enterprise 2FA (two factor authentication) Enterprise Server thr ...)
	NOT-FOR-US: WiKID 2FA Enterprise Server
CVE-2019-16916
	REJECTED
CVE-2019-16915 (An issue was discovered in pfSense through 2.4.4-p3. widgets/widgets/p ...)
	NOT-FOR-US: pfSense
CVE-2019-16914 (An XSS issue was discovered in pfSense through 2.4.4-p3. In services_c ...)
	NOT-FOR-US: pfSense
CVE-2019-16913 (PC Protect Antivirus v4.14.31 installs by default to %PROGRAMFILES(X86 ...)
	NOT-FOR-US: PC Protect Antivirus
CVE-2019-16912
	RESERVED
CVE-2019-16911
	RESERVED
CVE-2019-16910 (Arm Mbed TLS before 2.19.0 and Arm Mbed Crypto before 2.0.0, when dete ...)
	- mbedtls 2.16.3-1 (bug #941265)
	[buster] - mbedtls <no-dsa> (Minor issue)
	[stretch] - mbedtls <no-dsa> (Minor issue)
	- polarssl <removed>
	[jessie] - polarssl <no-dsa> (Minor issue, backport intrusive because of API changes)
	NOTE: https://tls.mbed.org/tech-updates/security-advisories/mbedtls-security-advisory-2019-10
	NOTE: https://github.com/ARMmbed/mbedtls/commit/298a43a77ec0ed2c19a8c924ddd8571ef3e65dfd (2.7.12)
	NOTE: https://github.com/ARMmbed/mbedtls/commit/33f66ba6fd234114aa37f0209dac031bb2870a9b (2.16.3)
CVE-2019-16909 (An issue was discovered in the Infosysta "In-App &amp; Desktop Notific ...)
	NOT-FOR-US: Infosysta
CVE-2019-16908 (An issue was discovered in the Infosysta "In-App &amp; Desktop Notific ...)
	NOT-FOR-US: Infosysta
CVE-2019-16907 (An issue was discovered in the Infosysta "In-App &amp; Desktop Notific ...)
	NOT-FOR-US: Infosysta
CVE-2019-16906 (An issue was discovered in the Infosysta "In-App &amp; Desktop Notific ...)
	NOT-FOR-US: Infosysta
CVE-2019-16905 (OpenSSH 7.7 through 7.9 and 8.x before 8.1, when compiled with an expe ...)
	- openssh 1:8.1p1-1 (unimportant)
	[stretch] - openssh <not-affected> (Vulnerable code introduced later)
	[jessie] - openssh <not-affected> (Vulnerable code introduced later)
	NOTE: Issue in experimental (and not enabled) XMSS implementation; futhermore there
	NOTE: is not supported way to enable it when building openssh.
CVE-2019-16904 (TeamPass 2.1.27.36 allows Stored XSS by setting a crafted password for ...)
	- teampass <itp> (bug #730180)
CVE-2019-16903 (Platinum UPnP SDK 1.2.0 allows Directory Traversal in Core/PltHttpServ ...)
	NOT-FOR-US: Platinum UPnP SDK
CVE-2019-16902 (In the ARforms plugin 3.7.1 for WordPress, arf_delete_file in arformco ...)
	NOT-FOR-US: ARforms plugin for WordPress
CVE-2019-16901 (Advantech WebAccess/HMI Designer 2.1.9.31 has Exception Handler Chain  ...)
	NOT-FOR-US: Advantech
CVE-2019-16900 (Advantech WebAccess/HMI Designer 2.1.9.31 has a User Mode Write AV sta ...)
	NOT-FOR-US: Advantech
CVE-2019-16899 (In Advantech WebAccess/HMI Designer 2.1.9.31, Data from a Faulting Add ...)
	NOT-FOR-US: Advantech
CVE-2019-16898
	REJECTED
CVE-2019-16897 (In K7 Antivirus Premium 16.0.xxx through 16.0.0120; K7 Total Security  ...)
	NOT-FOR-US: K7
CVE-2019-16896 (In K7 Ultimate Security 16.0.0117, the module K7BKCExt.dll (aka the ba ...)
	NOT-FOR-US: K7 Ultimate Security
CVE-2019-16895
	REJECTED
CVE-2019-16894 (download.php in inoERP 4.15 allows SQL injection through insecure dese ...)
	NOT-FOR-US: inoERP
CVE-2019-16893 (The Web Management of TP-Link TP-SG105E V4 1.0.0 Build 20181120 device ...)
	NOT-FOR-US: TP-Link
CVE-2019-16892 (In Rubyzip before 1.3.0, a crafted ZIP file can bypass application che ...)
	- ruby-zip 2.0.0-1 (low; bug #941222)
	[buster] - ruby-zip <no-dsa> (Minor issue)
	[stretch] - ruby-zip <no-dsa> (Minor issue)
	[jessie] - ruby-zip <postponed> (Minor issue, zip bomb non-default mitigation)
	NOTE: https://github.com/rubyzip/rubyzip/pull/403
	NOTE: https://github.com/rubyzip/rubyzip/commit/4167f0ce67e42b082605bca75c7bdfd01eb23804
	NOTE: https://github.com/rubyzip/rubyzip/commit/7849f7362ab0cd23d5730ef8b6f2c39252da2285
	NOTE: https://github.com/rubyzip/rubyzip/commit/97cb6aefe6d12bd2429d7a2e119ccb26f259d71d
CVE-2019-16891 (Liferay Portal CE 6.2.5 allows remote command execution because of des ...)
	NOT-FOR-US: Liferay Portal
CVE-2019-16890 (Halo 1.1.0 has XSS via a crafted authorUrl in JSON data to api/content ...)
	NOT-FOR-US: Halo
CVE-2019-16889 (Ubiquiti EdgeMAX devices before 2.0.3 allow remote attackers to cause  ...)
	NOT-FOR-US: Ubiquiti EdgeMAX
CVE-2019-16888
	RESERVED
CVE-2019-16887 (In IrfanView 4.53, Data from a Faulting Address controls a subsequent  ...)
	NOT-FOR-US: IrfanView
CVE-2019-16886
	RESERVED
CVE-2019-16885 (In OkayCMS through 2.3.4, an unauthenticated attacker can achieve remo ...)
	NOT-FOR-US: OkayCMS
CVE-2019-16884 (runc through 1.0.0-rc8, as used in Docker through 19.03.2-ce and other ...)
	- runc 1.0.0~rc9+dfsg1-1 (bug #942026)
	[buster] - runc <no-dsa> (Minor issue)
	[stretch] - runc <no-dsa> (Minor issue)
	- golang-github-opencontainers-selinux 1.3.0-2 (bug #942027)
	NOTE: https://github.com/opencontainers/runc/issues/2128
CVE-2019-16883
	RESERVED
CVE-2019-16882 (An issue was discovered in the string-interner crate before 0.7.1 for  ...)
	NOT-FOR-US: Rust string-interner crate
CVE-2019-16881 (An issue was discovered in the portaudio-rs crate through 0.3.1 for Ru ...)
	NOT-FOR-US: Rustportaudio-rs crate
CVE-2019-16880 (An issue was discovered in the linea crate through 0.9.4 for Rust. The ...)
	NOT-FOR-US: Rust linea crate
CVE-2019-16879
	RESERVED
CVE-2019-16878 (Portainer before 1.22.1 has XSS (issue 2 of 2). ...)
	NOT-FOR-US: Portainer
CVE-2019-16877 (Portainer before 1.22.1 has Incorrect Access Control (issue 4 of 4). ...)
	NOT-FOR-US: Portainer
CVE-2019-16876 (Portainer before 1.22.1 allows Directory Traversal. ...)
	NOT-FOR-US: Portainer
CVE-2019-16875
	RESERVED
CVE-2019-16874 (Portainer before 1.22.1 has Incorrect Access Control (issue 2 of 4). ...)
	NOT-FOR-US: Portainer
CVE-2019-16873 (Portainer before 1.22.1 has XSS (issue 1 of 2). ...)
	NOT-FOR-US: Portainer
CVE-2019-16872 (Portainer before 1.22.1 has Incorrect Access Control (issue 1 of 4). ...)
	NOT-FOR-US: Portainer
CVE-2019-16871 (Beckhoff Embedded Windows PLCs through 3.1.4024.0, and Beckhoff Twinca ...)
	NOT-FOR-US: Beckhoff
CVE-2019-16870
	RESERVED
CVE-2019-16869 (Netty before 4.1.42.Final mishandles whitespace before the colon in HT ...)
	{DSA-4597-1 DLA-2110-1 DLA-1941-1}
	- netty 1:4.1.33-2 (bug #941266)
	- netty-3.9 <removed>
	NOTE: https://github.com/netty/netty/issues/9571
	NOTE: https://github.com/netty/netty/commit/39cafcb05c99f2aa9fce7e6597664c9ed6a63a95
CVE-2019-16868 (emlog through 6.0.0beta has an arbitrary file deletion vulnerability v ...)
	NOT-FOR-US: emlog
CVE-2019-16867 (HongCMS 3.0.0 allows arbitrary file deletion via a ../ in the file par ...)
	NOT-FOR-US: HongCMS
CVE-2019-16866 (Unbound before 1.9.4 accesses uninitialized memory, which allows remot ...)
	{DSA-4544-1}
	- unbound 1.9.4-1 (bug #941692)
	[stretch] - unbound <not-affected> (Vulnerable code introduced in 1.7.1)
	[jessie] - unbound <not-affected> (Vulnerable code introduced in 1.7.1)
	NOTE: https://nlnetlabs.nl/downloads/unbound/CVE-2019-16866.txt
	NOTE: Patch: https://nlnetlabs.nl/downloads/unbound/patch_cve_2019-16866.diff
CVE-2019-16865 (An issue was discovered in Pillow before 6.2.0. When reading specially ...)
	- pillow 6.2.0-1 (low)
	[buster] - pillow 5.4.1-2+deb10u1
	[stretch] - pillow <ignored> (Minor issue, too intrusive to backport)
	[jessie] - pillow <no-dsa> (Risk of regressions is too high)
	- python-imaging <removed>
	NOTE: https://github.com/python-pillow/Pillow/commit/b36c1bc943d554ba223086c7efb502d080f73905
	NOTE: https://github.com/python-pillow/Pillow/commit/f228d0ccbf6bf9392d7fcd51356ef2cfda80c75a
	NOTE: https://github.com/python-pillow/Pillow/commit/b9693a51c99c260bd66d1affeeab4a226cf7e5a5
	NOTE: https://github.com/python-pillow/Pillow/commit/cc16025e234b7a7a4dd3a86d2fdc0980698db9cc
CVE-2019-16864
	RESERVED
CVE-2019-16863 (STMicroelectronics ST33TPHF2ESPI TPM devices before 2019-09-12 allow a ...)
	NOT-FOR-US: STMicroelectronics
CVE-2019-16862 (Reflected XSS in interface/forms/eye_mag/view.php in OpenEMR 5.x befor ...)
	NOT-FOR-US: OpenEMR
CVE-2019-16861 (Code42 server through 7.0.2 for Windows has an Untrusted Search Path.  ...)
	NOT-FOR-US: Code42
CVE-2019-16860 (Code42 app through version 7.0.2 for Windows has an Untrusted Search P ...)
	NOT-FOR-US: Code42
CVE-2019-16859
	RESERVED
CVE-2019-16858
	RESERVED
CVE-2019-16857
	RESERVED
CVE-2019-16856
	RESERVED
CVE-2019-16855
	RESERVED
CVE-2019-16854
	RESERVED
CVE-2019-16853
	RESERVED
CVE-2019-16852
	RESERVED
CVE-2019-16851
	RESERVED
CVE-2019-16850
	RESERVED
CVE-2019-16849
	RESERVED
CVE-2019-16848
	RESERVED
CVE-2019-16847
	RESERVED
CVE-2019-16846
	RESERVED
CVE-2019-16845
	RESERVED
CVE-2019-16844
	RESERVED
CVE-2019-16843
	RESERVED
CVE-2019-16842
	RESERVED
CVE-2019-16841
	RESERVED
CVE-2019-16840
	RESERVED
CVE-2019-16839
	RESERVED
CVE-2019-16838
	RESERVED
CVE-2019-16837
	RESERVED
CVE-2019-16836
	RESERVED
CVE-2019-16835
	RESERVED
CVE-2019-16834
	RESERVED
CVE-2019-16833
	RESERVED
CVE-2019-16832
	RESERVED
CVE-2019-16831
	RESERVED
CVE-2019-16830
	RESERVED
CVE-2019-16829
	RESERVED
CVE-2019-16828
	RESERVED
CVE-2019-16827
	RESERVED
CVE-2019-16826
	RESERVED
CVE-2019-16825
	RESERVED
CVE-2019-16824
	RESERVED
CVE-2019-16823
	RESERVED
CVE-2019-16822
	RESERVED
CVE-2019-16821
	RESERVED
CVE-2019-16820
	RESERVED
CVE-2019-16819
	RESERVED
CVE-2019-16818
	RESERVED
CVE-2019-16817
	RESERVED
CVE-2019-16816
	RESERVED
CVE-2019-16815
	RESERVED
CVE-2019-16814
	RESERVED
CVE-2019-16813
	RESERVED
CVE-2019-16812
	RESERVED
CVE-2019-16811
	RESERVED
CVE-2019-16810
	RESERVED
CVE-2019-16809
	RESERVED
CVE-2019-16808
	RESERVED
CVE-2019-16807
	RESERVED
CVE-2019-16806
	RESERVED
CVE-2019-16805
	RESERVED
CVE-2019-16804
	RESERVED
CVE-2019-16803
	RESERVED
CVE-2019-16802
	RESERVED
CVE-2019-16801
	RESERVED
CVE-2019-16800
	RESERVED
CVE-2019-16799
	RESERVED
CVE-2019-16798
	RESERVED
CVE-2019-16797
	RESERVED
CVE-2019-16796
	RESERVED
CVE-2019-16795
	RESERVED
CVE-2019-16794
	RESERVED
CVE-2019-16793
	RESERVED
CVE-2019-16792 (Waitress through version 1.3.1 allows request smuggling by sending the ...)
	- waitress 1.4.1-1
	[buster] - waitress <no-dsa> (Minor issue)
	[stretch] - waitress <no-dsa> (Minor issue)
	[jessie] - waitress <no-dsa> (Minor issue)
	NOTE: https://github.com/Pylons/waitress/security/advisories/GHSA-4ppp-gpcr-7qf6
	NOTE: https://github.com/Pylons/waitress/commit/575994cd42e83fd772a5f7ec98b2c56751bd3f65
CVE-2019-16791 (In postfix-mta-sts-resolver before 0.5.1, All users can receive incorr ...)
	- postfix-mta-sts-resolver <not-affected> (Fixed before initial upload)
	NOTE: https://github.com/Snawoot/postfix-mta-sts-resolver/security/advisories/GHSA-h92m-42h4-82f6
CVE-2019-16790 (In Tiny File Manager before 2.3.9, there is a remote code execution vi ...)
	NOT-FOR-US: Tiny File Manager
CVE-2019-16789 (In Waitress through version 1.4.0, if a proxy server is used in front  ...)
	{DLA-2056-1}
	- waitress 1.4.1-1 (bug #947433)
	[buster] - waitress <no-dsa> (Minor issue)
	[stretch] - waitress <no-dsa> (Minor issue)
	NOTE: https://github.com/Pylons/waitress/security/advisories/GHSA-m5ff-3wj3-8ph4
	NOTE: https://github.com/Pylons/waitress/commit/11d9e138125ad46e951027184b13242a3c1de017
CVE-2019-16788
	REJECTED
CVE-2019-16786 (Waitress through version 1.3.1 would parse the Transfer-Encoding heade ...)
	- waitress 1.4.1-1 (bug #947306)
	[buster] - waitress <no-dsa> (Minor issue)
	[stretch] - waitress <no-dsa> (Minor issue)
	[jessie] - waitress <no-dsa> (Minor issue)
	NOTE: https://github.com/Pylons/waitress/security/advisories/GHSA-g2xc-35jw-c63p
	NOTE: https://github.com/Pylons/waitress/commit/f11093a6b3240fc26830b6111e826128af7771c3
CVE-2019-16785 (Waitress through version 1.3.1 implemented a "MAY" part of the RFC7230 ...)
	- waitress 1.4.1-1 (bug #947306)
	[buster] - waitress <no-dsa> (Minor issue)
	[stretch] - waitress <no-dsa> (Minor issue)
	[jessie] - waitress <no-dsa> (Minor issue)
	NOTE: https://github.com/Pylons/waitress/security/advisories/GHSA-pg36-wpm5-g57p
	NOTE: https://github.com/Pylons/waitress/commit/8eba394ad75deaf9e5cd15b78a3d16b12e6b0eba
CVE-2019-16784 (In PyInstaller before version 3.6, only on Windows, a local privilege  ...)
	NOT-FOR-US: PyInstaller on Windows
CVE-2019-16783
	RESERVED
CVE-2019-16782 (There's a possible information leak / session hijack vulnerability in  ...)
	- ruby-rack <unfixed> (bug #946983)
	NOTE: https://github.com/rack/rack/commit/7fecaee81f59926b6e1913511c90650e76673b38
	NOTE: https://github.com/rack/rack/security/advisories/GHSA-hrqr-hxpp-chr3
CVE-2019-16779 (In RubyGem excon before 0.71.0, there was a race condition around pers ...)
	{DLA-2070-1}
	- ruby-excon 0.60.0-2 (bug #946904)
	[buster] - ruby-excon <no-dsa> (Minor issue)
	[stretch] - ruby-excon <no-dsa> (Minor issue)
	NOTE: https://github.com/excon/excon/security/advisories/GHSA-q58g-455p-8vw9
	NOTE: https://github.com/excon/excon/commit/ccb57d7a422f020dc74f1de4e8fb505ab46d8a29
CVE-2019-16778 (In TensorFlow before 1.15, a heap buffer overflow in UnsortedSegmentSu ...)
	- tensorflow <itp> (bug #804612)
CVE-2019-16777 (Versions of the npm CLI prior to 6.13.4 are vulnerable to an Arbitrary ...)
	[experimental] - npm 6.13.4+ds-1
	- npm 6.13.4+ds-2 (bug #947127)
	[buster] - npm <no-dsa> (Minor issue)
	[jessie] - npm <end-of-life> (Nodejs in jessie not covered by security support)
	NOTE: https://github.com/npm/cli/security/advisories/GHSA-4328-8hgf-7wjr
	NOTE: https://blog.npmjs.org/post/189618601100/binary-planting-with-the-npm-cli
CVE-2019-16776 (Versions of the npm CLI prior to 6.13.3 are vulnerable to an Arbitrary ...)
	[experimental] - npm 6.13.4+ds-1
	- npm 6.13.4+ds-2 (bug #947127)
	[buster] - npm <no-dsa> (Minor issue)
	[jessie] - npm <end-of-life> (Nodejs in jessie not covered by security support)
	NOTE: https://github.com/npm/cli/security/advisories/GHSA-x8qc-rrcw-4r46
	NOTE: https://blog.npmjs.org/post/189618601100/binary-planting-with-the-npm-cli
CVE-2019-16775 (Versions of the npm CLI prior to 6.13.3 are vulnerable to an Arbitrary ...)
	[experimental] - npm 6.13.4+ds-1
	- npm 6.13.4+ds-2 (bug #947127)
	[buster] - npm <no-dsa> (Minor issue)
	[jessie] - npm <end-of-life> (Nodejs in jessie not covered by security support)
	NOTE: https://github.com/npm/cli/security/advisories/GHSA-m6cx-g6qm-p2cx
	NOTE: https://blog.npmjs.org/post/189618601100/binary-planting-with-the-npm-cli
CVE-2019-16774 (In phpfastcache before 5.1.3, there is a possible object injection vul ...)
	- kopano-webapp-plugin-files 2.1.5+dfsg1-2 (unimportant)
	NOTE: https://github.com/PHPSocialNetwork/phpfastcache/security/advisories/GHSA-484f-743f-6jx2
	NOTE: https://github.com/PHPSocialNetwork/phpfastcache/commit/c4527205cb7a402b595790c74310791f5b04a1a4 (5.0.13)
	NOTE: https://github.com/PHPSocialNetwork/phpfastcache/commit/82a84adff6e8fc9b564c616d0fdc9238ae2e86c3 (4.3.18)
	NOTE: Affected phpfastcache code is not used in kopano-webapp-plugin-files.
CVE-2019-16773
	REJECTED
CVE-2019-16772 (The serialize-to-js NPM package before version 3.0.1 is vulnerable to  ...)
	NOT-FOR-US: serialize-to-js Node package
CVE-2019-16771 (Versions of Armeria 0.85.0 through and including 0.96.0 are vulnerable ...)
	NOT-FOR-US: Armeria
CVE-2019-16770 (In Puma before versions 3.12.2 and 4.3.1, a poorly-behaved client coul ...)
	- puma 3.12.0-4 (bug #946312)
	[buster] - puma <no-dsa> (Minor issue)
	[stretch] - puma <no-dsa> (Minor issue)
	NOTE: https://github.com/puma/puma/security/advisories/GHSA-7xx3-m584-x994
	NOTE: https://github.com/puma/puma/commit/06053e60908074bb38293d4449ea261cb009b53e
CVE-2019-16769 (The serialize-javascript npm package before version 2.1.1 is vulnerabl ...)
	NOT-FOR-US: serialize-javascript Node package
CVE-2019-16768 (In affected versions of Sylius, exception messages from internal excep ...)
	NOT-FOR-US: Sylius
CVE-2019-16767 (The admin sys mode is now conditional and dedicated for the special ca ...)
	NOT-FOR-US: ezmaster
CVE-2019-16766 (When using wagtail-2fa before 1.3.0, if someone gains access to someon ...)
	NOT-FOR-US: wagtail-2fa
CVE-2019-16765 (If an attacker can get a user to open a specially prepared directory t ...)
	NOT-FOR-US: Vscode
CVE-2019-16764 (The use of `String.to_atom/1` in PowAssent is susceptible to denial of ...)
	NOT-FOR-US: PowAssent
CVE-2019-16763 (In Pannellum from 2.5.0 through 2.5.4 URLs were not sanitized for data ...)
	NOT-FOR-US: Pannellum
CVE-2019-16762 (A specially crafted Bitcoin script can cause a discrepancy between the ...)
	NOT-FOR-US: SLP
CVE-2019-16761 (A specially crafted Bitcoin script can cause a discrepancy between the ...)
	NOT-FOR-US: SLP
CVE-2019-16760 (Cargo prior to Rust 1.26.0 may download the wrong dependency if your p ...)
	- cargo 0.27.0-1
	NOTE: https://rustsec.org/advisories/CVE-2019-16760.html
CVE-2019-16759 (vBulletin 5.x through 5.5.4 allows remote command execution via the wi ...)
	NOT-FOR-US: vBulletin
CVE-2019-16758 (In Lexmark Services Monitor 2.27.4.0.39 (running on TCP port 2070), a  ...)
	NOT-FOR-US: Lexmark
CVE-2019-16757
	RESERVED
CVE-2019-16756
	RESERVED
CVE-2019-16755 (BMC Remedy ITSM Suite is prone to unspecified vulnerabilities in both  ...)
	NOT-FOR-US: BMC MyIT Digital Workplace DWP
CVE-2019-16754 (RIOT 2019.07 contains a NULL pointer dereference in the MQTT-SN implem ...)
	NOT-FOR-US: RIOT RIOT-OS
CVE-2019-16753 (An issue was discovered in Decentralized Anonymous Payment System (DAP ...)
	NOT-FOR-US: Decentralized Anonymous Payment System (DAPS)
CVE-2019-16752 (An issue was discovered in Decentralized Anonymous Payment System (DAP ...)
	NOT-FOR-US: Decentralized Anonymous Payment System (DAPS)
CVE-2019-16751 (An issue was discovered in Devise Token Auth through 1.1.2. The omniau ...)
	NOT-FOR-US: Devise Token Auth
CVE-2019-16750
	RESERVED
CVE-2019-16749
	RESERVED
CVE-2019-16748 (In wolfSSL through 4.1.0, there is a missing sanity check of memory ac ...)
	- wolfssl 4.2.0+dfsg-1
	NOTE: https://github.com/wolfSSL/wolfssl/issues/2459
CVE-2019-16747
	RESERVED
CVE-2019-16745 (eBrigade before 5.0 has evenement_choice.php chxCal SQL Injection. ...)
	NOT-FOR-US: eBrigade
CVE-2019-16744 (eBrigade before 5.0 has evenements.php cid SQL Injection. ...)
	NOT-FOR-US: eBrigade
CVE-2019-16743 (eBrigade before 5.0 has evenement_ical.php evenement SQL Injection. ...)
	NOT-FOR-US: eBrigade
CVE-2019-16742
	RESERVED
CVE-2019-16741
	RESERVED
CVE-2019-16740
	RESERVED
CVE-2019-16739
	RESERVED
CVE-2019-16738 (In MediaWiki through 1.33.0, Special:Redirect allows information discl ...)
	{DSA-4545-1}
	- mediawiki 1:1.31.4-1
	NOTE: https://phabricator.wikimedia.org/T230402
CVE-2019-16737 (The processCommandSetMac() function of libcommon.so in Petwant PF-103  ...)
	NOT-FOR-US: Petwant PF-103 and Petalk AI
CVE-2019-16736 (A stack-based buffer overflow in processCommandUploadSnapshot in libco ...)
	NOT-FOR-US: Petwant PF-103 and Petalk AI
CVE-2019-16735 (A stack-based buffer overflow in processCommandUploadLog in libcommon. ...)
	NOT-FOR-US: Petwant PF-103 and Petalk AI
CVE-2019-16734 (Use of default credentials for the TELNET server in Petwant PF-103 fir ...)
	NOT-FOR-US: Petwant PF-103 and Petalk AI
CVE-2019-16733 (processCommandSetUid() in libcommon.so in Petwant PF-103 firmware 4.22 ...)
	NOT-FOR-US: Petwant PF-103 and Petalk AI
CVE-2019-16732 (Unencrypted HTTP communications for firmware upgrades in Petalk AI and ...)
	NOT-FOR-US: Petwant PF-103 and Petalk AI
CVE-2019-16731 (The udpServerSys service in Petwant PF-103 firmware 4.22.2.42 and Peta ...)
	NOT-FOR-US: Petwant PF-103 and Petalk AI
CVE-2019-16730 (processCommandUpgrade() in libcommon.so in Petwant PF-103 firmware 4.2 ...)
	NOT-FOR-US: Petwant PF-103 and Petalk AI
CVE-2019-16728 (DOMPurify before 2.0.1 allows XSS because of innerHTML mutation XSS (m ...)
	- dompurify.js <removed>
	[stretch] - dompurify.js <ignored> (Minor issue)
	NOTE: https://research.securitum.com/dompurify-bypass-using-mxss/
CVE-2019-16746 (An issue was discovered in net/wireless/nl80211.c in the Linux kernel  ...)
	{DLA-2114-1 DLA-2068-1}
	- linux 5.3.7-1
	[buster] - linux 4.19.87-1
	[stretch] - linux 4.9.210-1
	NOTE: https://marc.info/?l=linux-wireless&m=156901391225058&w=2
CVE-2019-16727
	RESERVED
CVE-2019-16726
	RESERVED
CVE-2019-16725 (In Joomla! 3.x before 3.9.12, inadequate escaping allowed XSS attacks  ...)
	NOT-FOR-US: Joomla!
CVE-2019-16724 (File Sharing Wizard 1.5.0 allows a remote attacker to obtain arbitrary ...)
	NOT-FOR-US: File Sharing Wizard
CVE-2019-16723 (In Cacti through 1.2.6, authenticated users may bypass authorization c ...)
	- cacti 1.2.7+ds1-1 (bug #941036)
	[buster] - cacti 1.2.2+ds1-2+deb10u2
	[stretch] - cacti <not-affected> (vulnerability introduced later)
	[jessie] - cacti <not-affected> (vulnerability introduced later)
	NOTE: vulnerability introduced in
	NOTE: https://github.com/Cacti/cacti/commit/cf73ae1a9f65b5a27d7f9d10c8e14835c3a76326
	NOTE: see Debian bug report for more information
	NOTE: https://github.com/Cacti/cacti/issues/2964
	NOTE: https://github.com/Cacti/cacti/commit/7a6a17252a1cbda180b61fff244cb3ce797d5264
	NOTE: https://github.com/Cacti/cacti/commit/c7cf4a26e4848872b48094e67f8d0a01dd7613d2
	NOTE: after further discussion, upstream issued a new fix which reverts previous commits
	NOTE: https://github.com/Cacti/cacti/commit/cfb0733597af97abc92270de4f47cbfa32f9ce8b
	NOTE: which turned out to be insufficient to fix the issue, follow up patches:
	NOTE: https://github.com/Cacti/cacti/commit/9a1d2ec46d2dde23826c134ca70a0cd3bef43ee7
	NOTE: https://github.com/Cacti/cacti/commit/d5f98679a06aa96adfe04f60908f9108cfc9f7f7
	NOTE: https://github.com/Cacti/cacti/commit/4cecb19f6be8b84fa1c7b6450b66176007cb53df
	NOTE: The original issue mentions only a bypass via graph_json.php but there are
	NOTE: additional permission checks missed while checking the issue fixed with the
	NOTE: upstream commits.
CVE-2019-16722 (ZZZCMS zzzphp v1.7.2 has an insufficient protection mechanism against  ...)
	NOT-FOR-US: ZZZCMS
CVE-2019-16721 (NoneCMS v1.3 has CSRF in public/index.php/admin/admin/dele.html, as de ...)
	NOT-FOR-US: NoneCMS
CVE-2019-16720 (ZZZCMS zzzphp v1.7.2 does not properly restrict file upload in plugins ...)
	NOT-FOR-US: ZZZCMS
CVE-2019-16719 (WTCMS 1.0 allows index.php?g=admin&amp;m=index&amp;a=index CSRF with r ...)
	NOT-FOR-US: WTCMS
CVE-2019-16718 (In radare2 before 3.9.0, a command injection vulnerability exists in b ...)
	- radare2 <not-affected> (Incomplete fixes for CVE-2019-14745 not applied)
CVE-2019-16717 (OX App Suite through 7.10.2 has XSS. ...)
	NOT-FOR-US: Open-Xchange App Suite
CVE-2019-16716 (OX App Suite through 7.10.2 has Incorrect Access Control. ...)
	NOT-FOR-US: Open-Xchange App Suite
CVE-2019-16715
	RESERVED
CVE-2019-16713 (ImageMagick 7.0.8-43 has a memory leak in coders/dot.c, as demonstrate ...)
	- imagemagick <unfixed> (unimportant)
	NOTE: https://github.com/ImageMagick/ImageMagick/issues/1558
CVE-2019-16712 (ImageMagick 7.0.8-43 has a memory leak in Huffman2DEncodeImage in code ...)
	- imagemagick <unfixed> (unimportant)
	NOTE: https://github.com/ImageMagick/ImageMagick/issues/1557
CVE-2019-16711 (ImageMagick 7.0.8-40 has a memory leak in Huffman2DEncodeImage in code ...)
	- imagemagick <unfixed> (unimportant)
	NOTE: https://github.com/ImageMagick/ImageMagick/issues/1542
CVE-2019-16710 (ImageMagick 7.0.8-35 has a memory leak in coders/dot.c, as demonstrate ...)
	- imagemagick <unfixed> (unimportant)
	NOTE: https://github.com/ImageMagick/ImageMagick/issues/1528
CVE-2019-16709 (ImageMagick 7.0.8-35 has a memory leak in coders/dps.c, as demonstrate ...)
	- imagemagick <unfixed> (unimportant)
	- graphicsmagick 1.4+really1.3.33+hg16117-1 (unimportant)
	NOTE: https://github.com/ImageMagick/ImageMagick/issues/1531
CVE-2019-16708 (ImageMagick 7.0.8-35 has a memory leak in magick/xwindow.c, related to ...)
	- imagemagick <unfixed> (unimportant)
	NOTE: https://github.com/ImageMagick/ImageMagick/issues/1531
CVE-2019-16707 (Hunspell 1.7.0 has an invalid read operation in SuggestMgr::leftcommon ...)
	- hunspell <unfixed> (unimportant; bug #941185)
	NOTE: Negligible security impact
	NOTE: https://github.com/butterflyhack/hunspell-crash
	NOTE: https://github.com/hunspell/hunspell/issues/624
CVE-2019-16706 (kkcms v1.3 has a CSRF vulnerablity that can add an user account via ad ...)
	NOT-FOR-US: kkcms
CVE-2019-16729 (pam-python before 1.0.7-1 has an issue in regard to the default enviro ...)
	{DSA-4555-1 DLA-2000-1}
	- pam-python 1.0.7-1 (bug #942514)
	NOTE: https://bugzilla.suse.com/show_bug.cgi?id=1150510#c1
	NOTE: https://sourceforge.net/p/pam-python/code/ci/0247ab687b4347cc52859ca461fb0126dd7e2ebe/
CVE-2019-16714 (In the Linux kernel before 5.2.14, rds6_inc_info_copy in net/rds/recv. ...)
	- linux 5.2.17-1
	[buster] - linux 4.19.87-1
	[stretch] - linux <not-affected> (Vulnerable code not present)
	[jessie] - linux <not-affected> (Vulnerable code not present)
	NOTE: https://git.kernel.org/linus/7d0a06586b2686ba80c4a2da5f91cb10ffbea736
CVE-2019-16705 (Ming (aka libming) 0.4.8 has an out of bounds read vulnerability in th ...)
	- ming <removed>
	NOTE: https://github.com/libming/libming/issues/178
CVE-2019-16704 (admin/infoclass_update.php in PHPMyWind 5.6 has stored XSS. ...)
	NOT-FOR-US: PHPMyWind
CVE-2019-16703 (admin/infolist_add.php in PHPMyWind 5.6 has stored XSS. ...)
	NOT-FOR-US: PHPMyWind
CVE-2019-16702 (Integard Pro 2.2.0.9026 allows remote attackers to execute arbitrary c ...)
	NOT-FOR-US: Integard Pro
CVE-2019-16701 (pfSense through 2.3.4 through 2.4.4-p3 allows Remote Code Injection vi ...)
	NOT-FOR-US: pfSense
CVE-2019-16700 (The slub_events (aka SLUB: Event Registration) extension through 3.0.2 ...)
	NOT-FOR-US: TYPO3 extension
CVE-2019-16699 (The sr_freecap (aka freeCap CAPTCHA) extension 2.4.5 and below and 2.5 ...)
	NOT-FOR-US: TYPO3 extension
CVE-2019-16698 (The direct_mail (aka Direct Mail) extension through 5.2.2 for TYPO3 ha ...)
	NOT-FOR-US: TYPO3 extension
CVE-2019-16697
	RESERVED
CVE-2019-16696 (phpIPAM 1.4 allows SQL injection via the app/admin/custom-fields/edit. ...)
	NOT-FOR-US: phpIPAM
CVE-2019-16695 (phpIPAM 1.4 allows SQL injection via the app/admin/custom-fields/filte ...)
	NOT-FOR-US: phpIPAM
CVE-2019-16694 (phpIPAM 1.4 allows SQL injection via the app/admin/custom-fields/edit- ...)
	NOT-FOR-US: phpIPAM
CVE-2019-16693 (phpIPAM 1.4 allows SQL injection via the app/admin/custom-fields/order ...)
	NOT-FOR-US: phpIPAM
CVE-2019-16692 (phpIPAM 1.4 allows SQL injection via the app/admin/custom-fields/filte ...)
	NOT-FOR-US: phpIPAM
CVE-2019-16691
	REJECTED
CVE-2019-16690
	RESERVED
CVE-2019-16689
	RESERVED
CVE-2019-16688 (Dolibarr 9.0.5 has stored XSS in an Email Template section to mails_te ...)
	- dolibarr <removed>
CVE-2019-16687 (Dolibarr 9.0.5 has stored XSS in a User Profile in a Signature section ...)
	- dolibarr <removed>
CVE-2019-16686 (Dolibarr 9.0.5 has stored XSS in a User Note section to note.php. A us ...)
	- dolibarr <removed>
CVE-2019-16685 (Dolibarr 9.0.5 has stored XSS vulnerability via a User Group Descripti ...)
	- dolibarr <removed>
CVE-2019-16684 (An issue was discovered in the image-manager in Xoops 2.5.10. When any ...)
	NOT-FOR-US: Xoops
CVE-2019-16683 (An issue was discovered in the image-manager in Xoops 2.5.10. When the ...)
	NOT-FOR-US: Xoops
CVE-2019-16682 (The url_redirect (aka URL redirect) extension through 1.2.1 for TYPO3  ...)
	NOT-FOR-US: TYPO3 extension
CVE-2019-16681 (The Traveloka application 3.14.0 for Android exports com.traveloka.and ...)
	NOT-FOR-US: Traveloka
CVE-2019-16680 (An issue was discovered in GNOME file-roller before 3.29.91. It allows ...)
	{DSA-4537-1 DLA-1938-1}
	- file-roller 3.30.0-1
	NOTE: https://bugzilla.gnome.org/show_bug.cgi?id=794337
	NOTE: https://gitlab.gnome.org/GNOME/file-roller/commit/57268e51e59b61c9e3125eb0f65551c7084297e2
CVE-2019-16679 (Gila CMS before 1.11.1 allows admin/fm/?f=../ directory traversal, lea ...)
	NOT-FOR-US: Gila CMS
CVE-2019-16678 (admin/urlrule/add.html in YzmCMS 5.3 allows CSRF with a resultant deni ...)
	NOT-FOR-US: YzmCMS
CVE-2019-16677 (An issue was discovered in idreamsoft iCMS V7.0. admincp.php?app=membe ...)
	NOT-FOR-US: idreamsoft iCMS
CVE-2019-16676 (Plataformatec Simple Form has Incorrect Access Control in file_method? ...)
	- ruby-simple-form <removed>
	NOTE: http://blog.plataformatec.com.br/2019/09/incorrect-access-control-in-simple-form-cve-2019-16676/
	NOTE: https://github.com/plataformatec/simple_form/commit/8c91bd76a5052ddf3e3ab9fd8333f9aa7b2e2dd6
	NOTE: https://github.com/plataformatec/simple_form/security/advisories/GHSA-r74q-gxcg-73hx
CVE-2019-16675 (An issue was discovered in PHOENIX CONTACT PC Worx through 1.86, PC Wo ...)
	NOT-FOR-US: PHOENIX CONTACT PC Worx
CVE-2019-16674 (An issue was discovered on Weidmueller IE-SW-VL05M 3.6.6 Build 1610241 ...)
	NOT-FOR-US: Weidmueller IE-SW-VL05M
CVE-2019-16673 (An issue was discovered on Weidmueller IE-SW-VL05M 3.6.6 Build 1610241 ...)
	NOT-FOR-US: Weidmueller IE-SW-VL05M
CVE-2019-16672 (An issue was discovered on Weidmueller IE-SW-VL05M 3.6.6 Build 1610241 ...)
	NOT-FOR-US: Weidmueller IE-SW-VL05M
CVE-2019-16671 (An issue was discovered on Weidmueller IE-SW-VL05M 3.6.6 Build 1610241 ...)
	NOT-FOR-US: Weidmueller IE-SW-VL05M
CVE-2019-16670 (An issue was discovered on Weidmueller IE-SW-VL05M 3.6.6 Build 1610241 ...)
	NOT-FOR-US: Weidmueller IE-SW-VL05M
CVE-2019-16669 (The Reset Password feature in Pagekit 1.0.17 gives a different respons ...)
	NOT-FOR-US: Pagekit CMS
CVE-2019-16668
	RESERVED
CVE-2019-16667 (diag_command.php in pfSense 2.4.4-p3 allows CSRF via the txtCommand or ...)
	NOT-FOR-US: pfSense
CVE-2019-16666
	RESERVED
CVE-2019-16665 (An issue was discovered in ThinkSAAS 2.91. There is XSS via the conten ...)
	NOT-FOR-US: ThinkSAAS
CVE-2019-16664 (An issue was discovered in ThinkSAAS 2.91. There is XSS via the index. ...)
	NOT-FOR-US: ThinkSAAS
CVE-2019-16663 (An issue was discovered in rConfig 3.9.2. An attacker can directly exe ...)
	NOT-FOR-US: rConfig
CVE-2019-16662 (An issue was discovered in rConfig 3.9.2. An attacker can directly exe ...)
	NOT-FOR-US: rConfig
CVE-2019-16661 (Ogma CMS 0.5 has XSS via creation of a new blog. ...)
	NOT-FOR-US: Ogma CMS
CVE-2019-16660 (joyplus-cms 1.6.0 has admin_ajax.php?action=savexml&amp;tab=vodplay CS ...)
	NOT-FOR-US: joyplus-cms
CVE-2019-16659 (TuziCMS 2.0.6 has index.php/manage/link/do_add CSRF. ...)
	NOT-FOR-US: TuziCMS
CVE-2019-16658 (TuziCMS 2.0.6 has index.php/manage/notice/do_add CSRF. ...)
	NOT-FOR-US: TuziCMS
CVE-2019-16657 (TuziCMS 2.0.6 has XSS via the PATH_INFO to a group URI, as demonstrate ...)
	NOT-FOR-US: TuziCMS
CVE-2019-16656 (joyplus-cms 1.6.0 allows remote attackers to execute arbitrary PHP cod ...)
	NOT-FOR-US: joyplus-cms
CVE-2019-16655 (joyplus-cms 1.6.0 allows reinstallation if the install/ URI remains av ...)
	NOT-FOR-US: joyplus-cms
CVE-2019-16654
	RESERVED
CVE-2019-16653
	RESERVED
CVE-2019-16652
	RESERVED
CVE-2019-16651
	RESERVED
CVE-2019-16650 (On Supermicro X10 and X11 products, a client's access privileges may b ...)
	NOT-FOR-US: Supermicro
CVE-2019-16649 (On Supermicro H11, H12, M11, X9, X10, and X11 products, a combination  ...)
	NOT-FOR-US: Supermicro
CVE-2019-16648
	RESERVED
CVE-2019-16647 (Unquoted Search Path in Maxthon 5.1.0 to 5.2.7 Browser for Windows. ...)
	NOT-FOR-US: Maxthon
CVE-2019-16646
	RESERVED
CVE-2019-16645 (An issue was discovered in Embedthis GoAhead 2.5.0. Certain pages (suc ...)
	NOT-FOR-US: Embedthis GoAhead
CVE-2019-16644 (App\Home\Controller\ZhuantiController.class.php in TuziCMS 2.0.6 has S ...)
	NOT-FOR-US: TuziCMS
CVE-2019-16643 (An issue was discovered in ZrLog 2.1.1. There is a Stored XSS vulnerab ...)
	NOT-FOR-US: ZrLog
CVE-2019-16642 (App\Mobile\Controller\ZhuantiController.class.php in TuziCMS 2.0.6 has ...)
	NOT-FOR-US: TuziCMS
CVE-2019-16641
	RESERVED
CVE-2019-16640
	RESERVED
CVE-2019-16639
	RESERVED
CVE-2019-16638
	RESERVED
CVE-2019-16637
	RESERVED
CVE-2019-16636
	RESERVED
CVE-2019-16635
	RESERVED
CVE-2019-16634
	RESERVED
CVE-2019-16633
	RESERVED
CVE-2019-16632
	RESERVED
CVE-2019-16631
	RESERVED
CVE-2019-16630
	RESERVED
CVE-2019-16629
	RESERVED
CVE-2019-16628
	RESERVED
CVE-2019-16627
	RESERVED
CVE-2019-16626
	RESERVED
CVE-2019-16625
	RESERVED
CVE-2019-16624
	RESERVED
CVE-2019-16623
	RESERVED
CVE-2019-16622
	RESERVED
CVE-2019-16621
	RESERVED
CVE-2019-16620
	RESERVED
CVE-2019-16619
	RESERVED
CVE-2019-16618
	RESERVED
CVE-2019-16617
	RESERVED
CVE-2019-16616
	RESERVED
CVE-2019-16615
	RESERVED
CVE-2019-16614
	RESERVED
CVE-2019-16613
	RESERVED
CVE-2019-16612
	RESERVED
CVE-2019-16611
	RESERVED
CVE-2019-16610
	RESERVED
CVE-2019-16609
	RESERVED
CVE-2019-16608
	RESERVED
CVE-2019-16607
	RESERVED
CVE-2019-16606
	RESERVED
CVE-2019-16605
	RESERVED
CVE-2019-16604
	RESERVED
CVE-2019-16603
	RESERVED
CVE-2019-16602
	RESERVED
CVE-2019-16601
	RESERVED
CVE-2019-16600
	RESERVED
CVE-2019-16599
	RESERVED
CVE-2019-16598
	RESERVED
CVE-2019-16597
	RESERVED
CVE-2019-16596
	RESERVED
CVE-2019-16595
	RESERVED
CVE-2019-16594
	RESERVED
CVE-2019-16593
	RESERVED
CVE-2019-16592
	RESERVED
CVE-2019-16591
	RESERVED
CVE-2019-16590
	RESERVED
CVE-2019-16589
	RESERVED
CVE-2019-16588
	RESERVED
CVE-2019-16587
	RESERVED
CVE-2019-16586
	RESERVED
CVE-2019-16585
	RESERVED
CVE-2019-16584
	RESERVED
CVE-2019-16583
	RESERVED
CVE-2019-16582
	RESERVED
CVE-2019-16581
	RESERVED
CVE-2019-16580
	RESERVED
CVE-2019-16579
	RESERVED
CVE-2019-16578
	RESERVED
CVE-2019-16577
	RESERVED
CVE-2019-16576 (A missing permission check in Jenkins Alauda Kubernetes Suport Plugin  ...)
	NOT-FOR-US: Jenkins plugin
CVE-2019-16575 (A cross-site request forgery vulnerability in Jenkins Alauda Kubernete ...)
	NOT-FOR-US: Jenkins plugin
CVE-2019-16574 (A missing permission check in Jenkins Alauda DevOps Pipeline Plugin 2. ...)
	NOT-FOR-US: Jenkins plugin
CVE-2019-16573 (A cross-site request forgery vulnerability in Jenkins Alauda DevOps Pi ...)
	NOT-FOR-US: Jenkins plugin
CVE-2019-16572 (Jenkins Weibo Plugin 1.0.1 and earlier stores credentials unencrypted  ...)
	NOT-FOR-US: Jenkins plugin
CVE-2019-16571 (A missing permission check in Jenkins RapidDeploy Plugin 4.1 and earli ...)
	NOT-FOR-US: Jenkins plugin
CVE-2019-16570 (A cross-site request forgery vulnerability in Jenkins RapidDeploy Plug ...)
	NOT-FOR-US: Jenkins plugin
CVE-2019-16569 (A cross-site request forgery vulnerability in Jenkins Mantis Plugin 0. ...)
	NOT-FOR-US: Jenkins plugin
CVE-2019-16568 (Jenkins SCTMExecutor Plugin 2.2 and earlier transmits previously confi ...)
	NOT-FOR-US: Jenkins plugin
CVE-2019-16567 (A missing permission check in Jenkins Team Concert Plugin 1.3.0 and ea ...)
	NOT-FOR-US: Jenkins plugin
CVE-2019-16566 (A missing permission check in Jenkins Team Concert Plugin 1.3.0 and ea ...)
	NOT-FOR-US: Jenkins plugin
CVE-2019-16565 (A cross-site request forgery vulnerability in Jenkins Team Concert Plu ...)
	NOT-FOR-US: Jenkins plugin
CVE-2019-16564 (Jenkins Pipeline Aggregator View Plugin 1.8 and earlier does not escap ...)
	NOT-FOR-US: Jenkins plugin
CVE-2019-16563 (Jenkins Mission Control Plugin 0.9.16 and earlier does not escape job  ...)
	NOT-FOR-US: Jenkins plugin
CVE-2019-16562 (Jenkins buildgraph-view Plugin 1.8 and earlier does not escape the des ...)
	NOT-FOR-US: Jenkins plugin
CVE-2019-16561 (Jenkins WebSphere Deployer Plugin 1.6.1 and earlier allows users with  ...)
	NOT-FOR-US: Jenkins plugin
CVE-2019-16560 (A cross-site request forgery vulnerability in Jenkins WebSphere Deploy ...)
	NOT-FOR-US: Jenkins plugin
CVE-2019-16559 (A missing permission check in Jenkins WebSphere Deployer Plugin 1.6.1  ...)
	NOT-FOR-US: Jenkins plugin
CVE-2019-16558 (Jenkins Spira Importer Plugin 3.2.3 and earlier disables SSL/TLS certi ...)
	NOT-FOR-US: Jenkins plugin
CVE-2019-16557 (Jenkins Redgate SQL Change Automation Plugin 2.0.3 and earlier stores  ...)
	NOT-FOR-US: Jenkins plugin
CVE-2019-16556 (Jenkins Rundeck Plugin 3.6.5 and earlier stores credentials unencrypte ...)
	NOT-FOR-US: Jenkins plugin
CVE-2019-16555 (A user-supplied regular expression in Jenkins Build Failure Analyzer P ...)
	NOT-FOR-US: Jenkins Build Failure Analyzer Plugin
CVE-2019-16554 (A missing permission check in Jenkins Build Failure Analyzer Plugin 1. ...)
	NOT-FOR-US: Jenkins plugin
CVE-2019-16553 (A cross-site request forgery vulnerability in Jenkins Build Failure An ...)
	NOT-FOR-US: Jenkins plugin
CVE-2019-16552 (A missing permission check in Jenkins Gerrit Trigger Plugin 2.30.1 and ...)
	NOT-FOR-US: Jenkins plugin
CVE-2019-16551 (A cross-site request forgery vulnerability in Jenkins Gerrit Trigger P ...)
	NOT-FOR-US: Jenkins plugin
CVE-2019-16550 (A cross-site request forgery vulnerability in a connection test form m ...)
	NOT-FOR-US: Jenkins plugin
CVE-2019-16549 (Jenkins Maven Release Plugin 0.16.1 and earlier does not configure the ...)
	NOT-FOR-US: Jenkins plugin
CVE-2019-16548 (A cross-site request forgery vulnerability in Jenkins Google Compute E ...)
	NOT-FOR-US: Jenkins plugin
CVE-2019-16547 (Missing permission checks in various API endpoints in Jenkins Google C ...)
	NOT-FOR-US: Jenkins plugin
CVE-2019-16546 (Jenkins Google Compute Engine Plugin 4.1.1 and earlier does not verify ...)
	NOT-FOR-US: Jenkins plugin
CVE-2019-16545 (Jenkins QMetry for JIRA - Test Management Plugin transmits credentials ...)
	NOT-FOR-US: Jenkins plugin
CVE-2019-16544 (Jenkins QMetry for JIRA - Test Management Plugin 1.12 and earlier stor ...)
	NOT-FOR-US: Jenkins plugin
CVE-2019-16543 (Jenkins Spira Importer Plugin 3.2.2 and earlier stores credentials une ...)
	NOT-FOR-US: Jenkins plugin
CVE-2019-16542 (Jenkins Anchore Container Image Scanner Plugin 1.0.19 and earlier stor ...)
	NOT-FOR-US: Jenkins plugin
CVE-2019-16541 (Jenkins JIRA Plugin 3.0.10 and earlier does not declare the correct (f ...)
	NOT-FOR-US: Jenkins plugin
CVE-2019-16540 (A path traversal vulnerability in Jenkins Support Core Plugin 2.63 and ...)
	NOT-FOR-US: Jenkins plugin
CVE-2019-16539 (A missing permission check in Jenkins Support Core Plugin 2.63 and ear ...)
	NOT-FOR-US: Jenkins plugin
CVE-2019-16538 (A sandbox bypass vulnerability in Jenkins Script Security Plugin 1.67  ...)
	NOT-FOR-US: Jenkins plugin
CVE-2019-16537
	RESERVED
CVE-2019-16536
	RESERVED
CVE-2019-16535 (In all versions of ClickHouse before 19.14, an OOB read, OOB write and ...)
	NOT-FOR-US: ClickHouse
CVE-2019-16534 (On DrayTek Vigor2925 devices with firmware 3.8.4.3, XSS exists via a c ...)
	NOT-FOR-US: DrayTek Vigor2925 devices
CVE-2019-16533 (On DrayTek Vigor2925 devices with firmware 3.8.4.3, Incorrect Access C ...)
	NOT-FOR-US: DrayTek Vigor2925 devices
CVE-2019-16532 (An HTTP Host header injection vulnerability exists in YzmCMS V5.3. A m ...)
	NOT-FOR-US: YzmCMS
CVE-2019-16531 (LayerBB before 1.1.4 has multiple CSRF issues, as demonstrated by chan ...)
	NOT-FOR-US: LayerBB
CVE-2019-16530 (Sonatype Nexus Repository Manager 2.x before 2.14.15 and 3.x before 3. ...)
	NOT-FOR-US: Sonatype
CVE-2019-16529 (An issue was discovered in the CheckUser extension through 1.35.0 for  ...)
	NOT-FOR-US: CheckUser extension for MediawWiki
CVE-2019-16528 (An issue was discovered in the AbuseFilter extension for MediaWiki. in ...)
	NOT-FOR-US: AbuseFilter extension for MediawWiki
CVE-2019-16527
	RESERVED
CVE-2019-16526
	RESERVED
CVE-2019-16525 (An XSS issue was discovered in the checklist plugin before 1.1.9 for W ...)
	NOT-FOR-US: checklist plugin for WordPress
CVE-2019-16524 (The easy-fancybox plugin before 1.8.18 for WordPress (aka Easy FancyBo ...)
	NOT-FOR-US: Wordpress plugin
CVE-2019-16523 (The events-manager plugin through 5.9.5 for WordPress (aka Events Mana ...)
	NOT-FOR-US: Wordpress plugin
CVE-2019-16522 (The eu-cookie-law plugin through 3.0.6 for WordPress (aka EU Cookie La ...)
	NOT-FOR-US: Wordpress plugin
CVE-2019-16521 (The broken-link-checker plugin through 1.11.8 for WordPress (aka Broke ...)
	NOT-FOR-US: Wordpress plugin
CVE-2019-16520 (The all-in-one-seo-pack plugin before 3.2.7 for WordPress (aka All in  ...)
	NOT-FOR-US: Wordpress plugin
CVE-2019-16519 (ESET Cyber Security 6.7.900.0 for macOS allows a local attacker to exe ...)
	NOT-FOR-US: ESET Cyber Security
CVE-2019-16518 (An issue was discovered on Swell Kit Mod devices that use the Vandy Va ...)
	NOT-FOR-US: Swell Kit Mod devices
CVE-2019-16517 (An issue was discovered in ConnectWise Control (formerly known as Scre ...)
	NOT-FOR-US: ConnectWise Control
CVE-2019-16516 (An issue was discovered in ConnectWise Control (formerly known as Scre ...)
	NOT-FOR-US: ConnectWise Control
CVE-2019-16515 (An issue was discovered in ConnectWise Control (formerly known as Scre ...)
	NOT-FOR-US: ConnectWise Control
CVE-2019-16514 (An issue was discovered in ConnectWise Control (formerly known as Scre ...)
	NOT-FOR-US: ConnectWise Control
CVE-2019-16513 (An issue was discovered in ConnectWise Control (formerly known as Scre ...)
	NOT-FOR-US: ConnectWise Control
CVE-2019-16512 (An issue was discovered in ConnectWise Control (formerly known as Scre ...)
	NOT-FOR-US: ConnectWise Control
CVE-2019-16511 (An issue was discovered in DTF in FireGiant WiX Toolset before 3.11.2. ...)
	NOT-FOR-US: FireGiant
CVE-2019-16510 (libIEC61850 through 1.3.3 has a use-after-free in MmsServer_waitReady  ...)
	NOT-FOR-US: libIEC61850
CVE-2019-16509
	RESERVED
CVE-2019-16508 (The Imagination Technologies driver for Chrome OS before R74-11895.B,  ...)
	NOT-FOR-US: Imagination Technologies driver for Chrome OS
CVE-2019-16507
	RESERVED
CVE-2019-16506
	RESERVED
CVE-2019-16505
	RESERVED
CVE-2019-16504
	RESERVED
CVE-2019-16503
	RESERVED
CVE-2019-16502
	RESERVED
CVE-2019-16501
	RESERVED
CVE-2019-16500
	RESERVED
CVE-2019-16499
	RESERVED
CVE-2019-16498
	RESERVED
CVE-2019-16497
	RESERVED
CVE-2019-16496
	RESERVED
CVE-2019-16495
	RESERVED
CVE-2019-16494
	RESERVED
CVE-2019-16493
	RESERVED
CVE-2019-16492
	RESERVED
CVE-2019-16491
	RESERVED
CVE-2019-16490
	RESERVED
CVE-2019-16489
	RESERVED
CVE-2019-16488
	RESERVED
CVE-2019-16487
	RESERVED
CVE-2019-16486
	RESERVED
CVE-2019-16485
	RESERVED
CVE-2019-16484
	RESERVED
CVE-2019-16483
	RESERVED
CVE-2019-16482
	RESERVED
CVE-2019-16481
	RESERVED
CVE-2019-16480
	RESERVED
CVE-2019-16479
	RESERVED
CVE-2019-16478
	RESERVED
CVE-2019-16477
	RESERVED
CVE-2019-16476
	RESERVED
CVE-2019-16475
	RESERVED
CVE-2019-16474
	RESERVED
CVE-2019-16473
	RESERVED
CVE-2019-16472
	RESERVED
CVE-2019-16471
	RESERVED
CVE-2019-16470
	RESERVED
CVE-2019-16469 (Adobe Experience Manager versions 6.5, 6.4, 6.3, 6.2, 6.1, and 6.0 hav ...)
	NOT-FOR-US: Adobe Experience Manager
CVE-2019-16468 (Adobe Experience Manager versions 6.5, 6.4, 6.3, 6.2, 6.1, and 6.0 hav ...)
	NOT-FOR-US: Adobe Experience Manager
CVE-2019-16467 (Adobe Experience Manager versions 6.5, 6.4, 6.3, 6.2, 6.1, and 6.0 hav ...)
	NOT-FOR-US: Adobe Experience Manager
CVE-2019-16466 (Adobe Experience Manager versions 6.5, 6.4, 6.3, 6.2, 6.1, and 6.0 hav ...)
	NOT-FOR-US: Adobe Experience Manager
CVE-2019-16465 (Adobe Acrobat and Reader versions , 2019.021.20056 and earlier, 2017.0 ...)
	NOT-FOR-US: Adobe
CVE-2019-16464 (Adobe Acrobat and Reader versions , 2019.021.20056 and earlier, 2017.0 ...)
	NOT-FOR-US: Adobe
CVE-2019-16463 (Adobe Acrobat and Reader versions , 2019.021.20056 and earlier, 2017.0 ...)
	NOT-FOR-US: Adobe
CVE-2019-16462 (Adobe Acrobat and Reader versions , 2019.021.20056 and earlier, 2017.0 ...)
	NOT-FOR-US: Adobe
CVE-2019-16461 (Adobe Acrobat and Reader versions , 2019.021.20056 and earlier, 2017.0 ...)
	NOT-FOR-US: Adobe
CVE-2019-16460 (Adobe Acrobat and Reader versions , 2019.021.20056 and earlier, 2017.0 ...)
	NOT-FOR-US: Adobe
CVE-2019-16459 (Adobe Acrobat and Reader versions , 2019.021.20056 and earlier, 2017.0 ...)
	NOT-FOR-US: Adobe
CVE-2019-16458 (Adobe Acrobat and Reader versions , 2019.021.20056 and earlier, 2017.0 ...)
	NOT-FOR-US: Adobe
CVE-2019-16457 (Adobe Acrobat and Reader versions , 2019.021.20056 and earlier, 2017.0 ...)
	NOT-FOR-US: Adobe
CVE-2019-16456 (Adobe Acrobat and Reader versions , 2019.021.20056 and earlier, 2017.0 ...)
	NOT-FOR-US: Adobe
CVE-2019-16455 (Adobe Acrobat and Reader versions , 2019.021.20056 and earlier, 2017.0 ...)
	NOT-FOR-US: Adobe
CVE-2019-16454 (Adobe Acrobat and Reader versions , 2019.021.20056 and earlier, 2017.0 ...)
	NOT-FOR-US: Adobe
CVE-2019-16453 (Adobe Acrobat and Reader versions , 2019.021.20056 and earlier, 2017.0 ...)
	NOT-FOR-US: Adobe
CVE-2019-16452 (Adobe Acrobat and Reader versions , 2019.021.20056 and earlier, 2017.0 ...)
	NOT-FOR-US: Adobe
CVE-2019-16451 (Adobe Acrobat and Reader versions , 2019.021.20056 and earlier, 2017.0 ...)
	NOT-FOR-US: Adobe
CVE-2019-16450 (Adobe Acrobat and Reader versions , 2019.021.20056 and earlier, 2017.0 ...)
	NOT-FOR-US: Adobe
CVE-2019-16449 (Adobe Acrobat and Reader versions , 2019.021.20056 and earlier, 2017.0 ...)
	NOT-FOR-US: Adobe
CVE-2019-16448 (Adobe Acrobat and Reader versions , 2019.021.20056 and earlier, 2017.0 ...)
	NOT-FOR-US: Adobe
CVE-2019-16447
	RESERVED
CVE-2019-16446 (Adobe Acrobat and Reader versions , 2019.021.20056 and earlier, 2017.0 ...)
	NOT-FOR-US: Adobe
CVE-2019-16445 (Adobe Acrobat and Reader versions , 2019.021.20056 and earlier, 2017.0 ...)
	NOT-FOR-US: Adobe
CVE-2019-16444 (Adobe Acrobat and Reader versions , 2019.021.20056 and earlier, 2017.0 ...)
	NOT-FOR-US: Adobe
CVE-2019-16443
	RESERVED
CVE-2019-16442
	RESERVED
CVE-2019-16441
	RESERVED
CVE-2019-16440
	RESERVED
CVE-2019-16439
	RESERVED
CVE-2019-16438
	RESERVED
CVE-2019-16437
	RESERVED
CVE-2019-16436
	RESERVED
CVE-2019-16435
	RESERVED
CVE-2019-16434
	RESERVED
CVE-2019-16433
	RESERVED
CVE-2019-16432
	RESERVED
CVE-2019-16431
	RESERVED
CVE-2019-16430
	RESERVED
CVE-2019-16429
	RESERVED
CVE-2019-16428
	RESERVED
CVE-2019-16427
	RESERVED
CVE-2019-16426
	RESERVED
CVE-2019-16425
	RESERVED
CVE-2019-16424
	RESERVED
CVE-2019-16423
	RESERVED
CVE-2019-16422
	RESERVED
CVE-2019-16421
	RESERVED
CVE-2019-16420
	RESERVED
CVE-2019-16419
	RESERVED
CVE-2019-16418
	RESERVED
CVE-2019-16417 (HRworks FLOW 3.36.9 allows XSS via the purpose of a travel-expense rep ...)
	NOT-FOR-US: HRworks FLOW
CVE-2019-16416 (HRworks 3.36.9 allows XSS via the purpose of a travel-expense report. ...)
	NOT-FOR-US: HRworks
CVE-2019-16415
	RESERVED
CVE-2019-16414 (A DOM based XSS in GFI Kerio Control v9.3.0 allows embedding of malici ...)
	NOT-FOR-US: GFI Kerio Control
CVE-2019-16413 (An issue was discovered in the Linux kernel before 5.0.4. The 9p files ...)
	- linux 4.19.37-1
	[stretch] - linux 4.9.168-1
	[jessie] - linux 3.16.70-1
	NOTE: https://git.kernel.org/linus/5e3cc1ee1405a7eb3487ed24f786dec01b4cbe1f
CVE-2019-16412 (In goform/setSysTools on Tenda N301 wireless routers, attackers can tr ...)
	NOT-FOR-US: Tenda
CVE-2019-16411 (An issue was discovered in Suricata 4.1.4. By sending multiple IPv4 pa ...)
	- suricata 1:4.1.5-1 (low)
	[buster] - suricata <no-dsa> (Minor issue)
	[stretch] - suricata <no-dsa> (Minor issue)
	[jessie] - suricata <no-dsa> (Minor issue)
	NOTE: https://suricata-ids.org/2019/09/24/suricata-4-1-5-released/
CVE-2019-16410 (An issue was discovered in Suricata 4.1.4. By sending multiple fragmen ...)
	- suricata 1:4.1.5-1 (low)
	[buster] - suricata <no-dsa> (Minor issue)
	[stretch] - suricata <no-dsa> (Minor issue)
	[jessie] - suricata <no-dsa> (Minor issue)
	NOTE: https://suricata-ids.org/2019/09/24/suricata-4-1-5-released/
CVE-2019-16409 (In the Versioned Files module through 2.0.3 for SilverStripe 3.x, unpu ...)
	NOT-FOR-US: SilverStripe
CVE-2019-16408
	RESERVED
CVE-2019-16407 (JetBrains ReSharper installers for versions before 2019.2 had a DLL Hi ...)
	NOT-FOR-US: JetBrains ReSharper installer
CVE-2019-16406 (Centreon Web 19.04.4 has weak permissions within the OVA (aka VMware v ...)
	- centreon-web <itp> (bug #913903)
CVE-2019-16405 (Centreon Web before 2.8.30, 18.10.x before 18.10.8, 19.04.x before 19. ...)
	- centreon-web <itp> (bug #913903)
CVE-2019-16404 (Authenticated SQL Injection in interface/forms/eye_mag/js/eye_base.php ...)
	NOT-FOR-US: OpenEMR
CVE-2019-16403 (In Webkul Bagisto before 0.1.5, the functionalities for customers to c ...)
	NOT-FOR-US: Webkul Bagisto
CVE-2019-16402
	RESERVED
CVE-2019-16401 (Samsung Galaxy S8 plus (Android version: 8.0.0, Build Number: R16NW.G9 ...)
	NOT-FOR-US: Samsung
CVE-2019-16400 (Samsung Galaxy S8 plus (Android version: 8.0.0, Build Number: R16NW.G9 ...)
	NOT-FOR-US: Samsung
CVE-2019-16399 (Western Digital WD My Book World through II 1.02.12 suffers from Broke ...)
	NOT-FOR-US: Western Digital
CVE-2019-16398 (On Keeper K5 20.1.0.25 and 20.1.0.63 devices, remote code execution ca ...)
	NOT-FOR-US: Keeper
CVE-2019-16397
	RESERVED
CVE-2019-16396 (GnuCOBOL 2.2 has a use-after-free in the end_scope_of_program_name() f ...)
	- gnucobol <unfixed> (low; bug #940950)
	[buster] - gnucobol <ignored> (Minor issue)
	- open-cobol <removed>
	[stretch] - open-cobol <ignored> (Minor issue)
	[jessie] - open-cobol <no-dsa> (Minor issue)
	NOTE: https://sourceforge.net/p/open-cobol/bugs/587/
CVE-2019-16395 (GnuCOBOL 2.2 has a stack-based buffer overflow in the cb_name() functi ...)
	- gnucobol <unfixed> (low; bug #940949)
	[buster] - gnucobol <ignored> (Minor issue)
	- open-cobol <removed>
	[stretch] - open-cobol <ignored> (Minor issue)
	[jessie] - open-cobol <no-dsa> (Minor issue)
	NOTE: https://sourceforge.net/p/open-cobol/bugs/586/
CVE-2019-16390
	RESERVED
CVE-2019-16389
	RESERVED
CVE-2019-16388 (** DISPUTED ** PEGA Platform 8.3.0 is vulnerable to Information disclo ...)
	NOT-FOR-US: PEGA Platform
CVE-2019-16387 (** DISPUTED ** PEGA Platform 8.3.0 is vulnerable to a direct prweb/sso ...)
	NOT-FOR-US: PEGA Platform
CVE-2019-16386 (** DISPUTED ** PEGA Platform 7.x and 8.x is vulnerable to Information  ...)
	NOT-FOR-US: PEGA Platform
CVE-2019-16385
	RESERVED
CVE-2019-16384
	RESERVED
CVE-2019-16383 (MOVEit.DMZ.WebApi.dll in Progress MOVEit Transfer 2018 SP2 before 10.2 ...)
	NOT-FOR-US: Progress MOVEit Transfer
CVE-2019-16382 (An issue was discovered in Ivanti Workspace Control 10.3.110.0. One is ...)
	NOT-FOR-US: Ivanti Workspace Control
CVE-2019-16381
	RESERVED
CVE-2019-16380
	RESERVED
CVE-2019-16379
	RESERVED
CVE-2019-16377 (The makandra consul gem through 1.0.2 for Ruby has Incorrect Access Co ...)
	NOT-FOR-US: makandra consul gem
CVE-2019-16376
	RESERVED
CVE-2019-16375 (An issue was discovered in Open Ticket Request System (OTRS) 7.0.x thr ...)
	- otrs2 6.0.23-1
	[buster] - otrs2 <no-dsa> (Non-free not supported)
	[stretch] - otrs2 <no-dsa> (Non-free not supported)
	[jessie] - otrs2 <no-dsa> (Minor issue)
	NOTE: https://community.otrs.com/security-advisory-2019-13-security-update-for-otrs-framework/
	NOTE: https://github.com/OTRS/otrs/commit/aeb33d800716e2a6653597aa86314c4cbdadb678 (6.x)
	NOTE: https://github.com/OTRS/otrs/commit/03ca8f396b1aa9933c212a63f52a9ea26c06e7da (5.x)
CVE-2019-16394 (SPIP before 3.1.11 and 3.2 before 3.2.5 provides different error messa ...)
	{DSA-4532-1 DLA-1975-1}
	- spip 3.2.5-1
	NOTE: https://core.spip.net/issues/4171
	NOTE: https://zone.spip.net/trac/spip-zone/changeset/117577/spip-zone
	NOTE: https://zone.spip.net/trac/spip-zone/changeset/117578/spip-zone
CVE-2019-16393 (SPIP before 3.1.11 and 3.2 before 3.2.5 mishandles redirect URLs in ec ...)
	{DSA-4532-1 DLA-1975-1}
	- spip 3.2.5-1
	NOTE: https://core.spip.net/issues/4362
	NOTE: https://git.spip.net/SPIP/spip/commit/0b832408b0aabd5b94a81e261e9413c0f31a19f1
CVE-2019-16392 (SPIP before 3.1.11 and 3.2 before 3.2.5 allows prive/formulaires/login ...)
	{DSA-4532-1 DLA-1975-1}
	- spip 3.2.5-1
	NOTE: https://git.spip.net/SPIP/spip/commit/3c12a82c7d9d4afd09e708748fa82e7836174028
CVE-2019-16391 (SPIP before 3.1.11 and 3.2 before 3.2.5 allows authenticated visitors  ...)
	{DSA-4532-1 DLA-1975-1}
	- spip 3.2.5-1
	NOTE: https://git.spip.net/SPIP/spip/commit/187952ce85e73b52c2753f2d54fc2c44807b8f79
	NOTE: https://git.spip.net/SPIP/spip/commit/3cbc758400323ab006c00ea78eacdb8f76aa5f66
CVE-2019-16374
	RESERVED
CVE-2019-16373
	RESERVED
CVE-2019-16372
	RESERVED
CVE-2019-16371 (LogMeIn LastPass before 4.33.0 allows attackers to construct a crafted ...)
	NOT-FOR-US: LogMeIn LastPass
CVE-2019-16370 (The PGP signing plugin in Gradle before 6.0 relies on the SHA-1 algori ...)
	- gradle <unfixed> (low; bug #941186)
	[buster] - gradle <no-dsa> (Minor issue)
	[stretch] - gradle <no-dsa> (Minor issue)
	[jessie] - gradle <postponed> (Minor issue, old gradle mainly used for building Debian packages with apt signatures)
	NOTE: https://github.com/gradle/gradle/commit/425b2b7a50cd84106a77cdf1ab665c89c6b14d2f
CVE-2019-16369
	RESERVED
CVE-2019-16368
	RESERVED
CVE-2019-16367
	RESERVED
CVE-2019-16366 (In XS 9.0.0 in Moddable SDK OS180329, there is a heap-based buffer ove ...)
	NOT-FOR-US: Moddable SDK
CVE-2019-16365
	RESERVED
CVE-2019-16364
	RESERVED
CVE-2019-16363
	RESERVED
CVE-2019-16362
	RESERVED
CVE-2019-16361
	RESERVED
CVE-2019-16360
	RESERVED
CVE-2019-16359
	RESERVED
CVE-2019-16358
	RESERVED
CVE-2019-16357
	RESERVED
CVE-2019-16356
	RESERVED
CVE-2019-16355 (The File Session Manager in Beego 1.10.0 allows local users to read se ...)
	NOT-FOR-US: Beego
CVE-2019-16354 (The File Session Manager in Beego 1.10.0 allows local users to read se ...)
	NOT-FOR-US: Beego
CVE-2019-16353 (Emerson GE Automation Proficy Machine Edition 8.0 allows an access vio ...)
	NOT-FOR-US: Emerson GE Automation Proficy Machine Edition
CVE-2019-16352 (ffjpeg before 2019-08-21 has a heap-based buffer overflow in jfif_load ...)
	NOT-FOR-US: ffjpeg
CVE-2019-16351 (ffjpeg before 2019-08-18 has a NULL pointer dereference in huffman_dec ...)
	NOT-FOR-US: ffjpeg
CVE-2019-16350 (ffjpeg before 2019-08-18 has a NULL pointer dereference in idct2d8x8() ...)
	NOT-FOR-US: ffjpeg
CVE-2019-16349 (Bento4 1.5.1-628 has a NULL pointer dereference in AP4_ByteStream::Rea ...)
	NOT-FOR-US: Bento4
CVE-2019-16348 (marc-q libwav through 2017-04-20 has a NULL pointer dereference in gai ...)
	NOT-FOR-US: libwav
CVE-2019-16347 (ngiflib 0.4 has a heap-based buffer overflow in WritePixels() in ngifl ...)
	NOT-FOR-US: ngiflib
CVE-2019-16346 (ngiflib 0.4 has a heap-based buffer overflow in WritePixel() in ngifli ...)
	NOT-FOR-US: ngiflib
CVE-2019-16345
	RESERVED
CVE-2019-16344 (A cross-site scripting (XSS) vulnerability in the login form (/ScadaBR ...)
	NOT-FOR-US: ScadaBR
CVE-2019-16343
	RESERVED
CVE-2019-16342
	RESERVED
CVE-2019-16341
	RESERVED
CVE-2019-16340 (Belkin Linksys Velop 1.1.8.192419 devices allows remote attackers to d ...)
	NOT-FOR-US: Belkin
CVE-2019-16339
	RESERVED
CVE-2019-16338 (The tfo_common component in HwordApp.dll in Hancom Office 9.6.1.7634 a ...)
	NOT-FOR-US: Hancom Office
CVE-2019-16337 (The hncbd90 component in Hancom Office 9.6.1.9403 allows a use-after-f ...)
	NOT-FOR-US: Hancom Office
CVE-2019-16336 (The Bluetooth Low Energy implementation in Cypress PSoC 4 BLE componen ...)
	NOT-FOR-US: Cypress
CVE-2019-16335 (A Polymorphic Typing issue was discovered in FasterXML jackson-databin ...)
	{DSA-4542-1 DLA-1943-1}
	- jackson-databind 2.10.0-1 (bug #940498)
	NOTE: https://github.com/FasterXML/jackson-databind/issues/2449
	NOTE: https://github.com/FasterXML/jackson-databind/commit/73c1c2cc76e6cdd7f3a5615cbe3207fe96e4d3db
CVE-2019-16334 (In Bludit v3.9.2, there is a persistent XSS vulnerability in the Categ ...)
	NOT-FOR-US: Bludit
CVE-2019-16333 (GetSimple CMS v3.3.15 has Persistent Cross-Site Scripting (XSS) in adm ...)
	NOT-FOR-US: GetSimple CMS
CVE-2019-16332 (In the api-bearer-auth plugin before 20190907 for WordPress, the serve ...)
	NOT-FOR-US: Wordpress plugin
CVE-2019-12412 [Remotely exploitable null pointer dereference bug]
	RESERVED
	{DSA-4541-1 DLA-1944-1}
	- libapreq2 2.13-6 (bug #939937)
	NOTE: http://svn.apache.org/r1866760
CVE-2019-16331
	RESERVED
CVE-2019-16330 (In NCH Express Accounts Accounting v7.02, persistent cross site script ...)
	NOT-FOR-US: NCH Express Accounts Accounting
CVE-2019-16329
	RESERVED
CVE-2019-16328 (In RPyC 4.1.x through 4.1.1, a remote attacker can dynamically modify  ...)
	- rpyc <removed>
CVE-2019-16327 (D-Link DIR-601 B1 2.00NA devices are vulnerable to authentication bypa ...)
	NOT-FOR-US: D-Link
CVE-2019-16326 (D-Link DIR-601 B1 2.00NA devices have CSRF because no anti-CSRF token  ...)
	NOT-FOR-US: D-Link
CVE-2019-16325
	RESERVED
CVE-2019-16324
	RESERVED
CVE-2019-16323
	RESERVED
CVE-2019-16322
	RESERVED
CVE-2019-16321 (ScadaBR 1.0CE, and 1.1.x through 1.1.0-RC, has XSS via a request for a ...)
	NOT-FOR-US: ScadaBR
CVE-2019-16320 (Cobham Sea Tel v170 224521 through v194 225444 devices allow attackers ...)
	NOT-FOR-US: Cobham Sea Tel
CVE-2019-16318 (In Pimcore before 5.7.1, an attacker with limited privileges can bypas ...)
	NOT-FOR-US: Pimcore
CVE-2019-16317 (In Pimcore before 5.7.1, an attacker with limited privileges can trigg ...)
	NOT-FOR-US: Pimcore
CVE-2019-16316
	RESERVED
CVE-2019-16315
	RESERVED
CVE-2019-16314 (Indexhibit 2.1.5 allows a product reinstallation, with resultant remot ...)
	NOT-FOR-US: Indexhibit
CVE-2019-16313 (ifw8 Router ROM v4.31 allows credential disclosure by reading the acti ...)
	NOT-FOR-US: ifw8 Router ROM
CVE-2019-16312 (s-cms V3.0 has XSS in index.php?type=text via the S_id parameter. ...)
	NOT-FOR-US: s-cms
CVE-2019-16311 (NIUSHOP V1.11 has CSRF via search&amp;#95;info to index.php. ...)
	NOT-FOR-US: NIUSHOP
CVE-2019-16310 (NIUSHOP V1.11 has XSS via the index.php?s=/admin URI. ...)
	NOT-FOR-US: NIUSHOP
CVE-2019-16309 (FlameCMS 3.3.5 has SQL injection in account/login.php via accountName. ...)
	NOT-FOR-US: FlameCMS
CVE-2019-16308
	RESERVED
CVE-2019-16307 (A Reflected Cross-Site Scripting (XSS) vulnerability in the webEx modu ...)
	NOT-FOR-US: Fuji
CVE-2019-16306
	RESERVED
CVE-2019-16305 (In MobaXterm 11.1 and 12.1, the protocol handler is vulnerable to comm ...)
	NOT-FOR-US: MobaXterm
CVE-2019-16304
	RESERVED
CVE-2019-16303 (A class generated by the Generator in JHipster before 6.3.0 and JHipst ...)
	NOT-FOR-US: JHipster
CVE-2019-16302 (An issue was discovered in Open Network Operating System (ONOS) 1.14.  ...)
	NOT-FOR-US: Open Network Operating System (ONOS)
CVE-2019-16301 (An issue was discovered in Open Network Operating System (ONOS) 1.14.  ...)
	NOT-FOR-US: Open Network Operating System (ONOS)
CVE-2019-16300 (An issue was discovered in Open Network Operating System (ONOS) 1.14.  ...)
	NOT-FOR-US: Open Network Operating System (ONOS)
CVE-2019-16299 (An issue was discovered in Open Network Operating System (ONOS) 1.14.  ...)
	NOT-FOR-US: Open Network Operating System (ONOS)
CVE-2019-16298 (An issue was discovered in Open Network Operating System (ONOS) 1.14.  ...)
	NOT-FOR-US: Open Network Operating System (ONOS)
CVE-2019-16297 (An issue was discovered in Open Network Operating System (ONOS) 1.14.  ...)
	NOT-FOR-US: Open Network Operating System (ONOS)
CVE-2019-16296
	RESERVED
CVE-2019-16295 (Stored XSS in filemanager2.php in CentOS-WebPanel.com (aka CWP) CentOS ...)
	NOT-FOR-US: CentOS-WebPanel.com
CVE-2019-16294 (SciLexer.dll in Scintilla in Notepad++ (x64) before 7.7 allows remote  ...)
	NOT-FOR-US: Notepad++
CVE-2019-16293 (The Create Discoveries feature of Open-AudIT before 3.2.0 allows an au ...)
	NOT-FOR-US: Open-AudIT
CVE-2019-16292
	RESERVED
CVE-2019-16291
	RESERVED
CVE-2019-16290
	RESERVED
CVE-2019-16289 (The insert-php (aka Woody ad snippets) plugin before 2.2.8 for WordPre ...)
	NOT-FOR-US: Wordpress plugin
CVE-2019-16288 (On Tenda N301 wireless routers, a long string in the wifiSSID paramete ...)
	NOT-FOR-US: Tenda
CVE-2019-16287 (An attacker may be able to leverage the application filter bypass vuln ...)
	NOT-FOR-US: HP
CVE-2019-16286 (An attacker may be able to bypass the OS application filter meant to r ...)
	NOT-FOR-US: HP
CVE-2019-16285 (If a local user has been configured and logged in, an unauthenticated  ...)
	NOT-FOR-US: HP
CVE-2019-16284 (A potential security vulnerability has been identified in multiple HP  ...)
	NOT-FOR-US: HP
CVE-2019-16283
	RESERVED
CVE-2019-16282 (In NCH Express Invoice v7.12, persistent cross site scripting (XSS) ex ...)
	NOT-FOR-US: NCH Express Invoice
CVE-2019-16281
	RESERVED
CVE-2019-16280
	RESERVED
CVE-2019-16279 (A memory error in the function SSL_accept in nostromo nhttpd through 1 ...)
	- nostromo <itp> (bug #493645)
CVE-2019-16278 (Directory Traversal in the function http_verify in nostromo nhttpd thr ...)
	- nostromo <itp> (bug #493645)
CVE-2019-16277 (PicoC 2.1 has a heap-based buffer overflow in StringStrcpy in cstdlib/ ...)
	NOT-FOR-US: PicoC
CVE-2019-16319 (In Wireshark 3.0.0 to 3.0.3 and 2.6.0 to 2.6.10, the Gryphon dissector ...)
	- wireshark 3.0.4-1 (low)
	[buster] - wireshark <postponed> (Can be fixed along in next 3.0.x DSA)
	[stretch] - wireshark <postponed> (Can be fixed along in next 2.6.x DSA)
	[jessie] - wireshark <not-affected> (Vulnerable code not present)
	NOTE: https://www.wireshark.org/security/wnpa-sec-2019-21.html
	NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=16020
	NOTE: https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=02ddd49885c6a09e936a76aceb726ed06539704a
CVE-2019-16276 (Go before 1.12.10 and 1.13.x before 1.13.1 allow HTTP Request Smugglin ...)
	{DSA-4534-1}
	- golang-1.13 1.13.1-1
	- golang-1.12 1.12.10-1 (bug #941173)
	- golang-1.11 <removed>
	- golang-1.8 <removed>
	[stretch] - golang-1.8 <ignored> (Minor issue)
	- golang-1.7 <removed>
	[stretch] - golang-1.7 <ignored> (Minor issue)
	- golang <removed>
	[jessie] - golang <ignored> (does not makes sense to fix in jessie if not in later dists)
	NOTE: https://groups.google.com/forum/m/#!topic/golang-announce/cszieYyuL9Q
	NOTE: https://golang.org/issue/34540
	NOTE: https://github.com/golang/go/commit/5a6ab1ec3e678640befebeb3318b746a64ad986c (golang-1.13)
	NOTE: https://github.com/golang/go/commit/6e6f4aaf70c8b1cc81e65a26332aa9409de03ad8 (golang-1.12)
CVE-2019-16274 (DTEN D5 before 1.3 and D7 before 1.3 devices transfer customer data fi ...)
	NOT-FOR-US: DTEN D5 devices
CVE-2019-16273 (DTEN D5 and D7 before 1.3.4 devices allow unauthenticated root shell a ...)
	NOT-FOR-US: DTEN D5 devices
CVE-2019-16272 (On DTEN D5 and D7 before 1.3.4 devices, factory settings allows for fi ...)
	NOT-FOR-US: DTEN D5 devices
CVE-2019-16271 (DTEN D5 and D7 before 1.3.2 devices allows remote attackers to read sa ...)
	NOT-FOR-US: DTEN D5 devices
CVE-2019-16270
	RESERVED
CVE-2019-16269
	RESERVED
CVE-2019-16268
	RESERVED
CVE-2019-16267
	RESERVED
CVE-2019-16266
	RESERVED
CVE-2019-16265 (CODESYS V2.3 ENI server up to V3.2.2.24 has a Buffer Overflow. ...)
	NOT-FOR-US: 3S-Smart CODESYS
CVE-2019-16264 (In Escuela de Gestion Publica Plurinacional (EGPP) Sistema Integrado d ...)
	NOT-FOR-US: Escuela de Gestion Publica Plurinacional (EGPP) Sistema Integrado de Gestion Academica (GESAC)
CVE-2019-16263 (The Twitter Kit framework through 3.4.2 for iOS does not properly vali ...)
	NOT-FOR-US: Twitter Kit framework
CVE-2019-16262
	RESERVED
CVE-2019-16261 (Tripp Lite PDUMH15AT 12.04.0053 devices allow unauthenticated POST req ...)
	NOT-FOR-US: Tripp Lite PDUMH15AT
CVE-2019-16260
	RESERVED
CVE-2019-16259
	RESERVED
CVE-2019-16258 (The bootloader of the homee Brain Cube V2 through 2.23.0 allows attack ...)
	NOT-FOR-US: homee Brain Cube V2
CVE-2019-16257 (Some Motorola devices include the SIMalliance Toolbox Browser (aka S@T ...)
	NOT-FOR-US: SIMalliance Toolbox Browser
CVE-2019-16256 (Some Samsung devices include the SIMalliance Toolbox Browser (aka S@T  ...)
	NOT-FOR-US: SIMalliance Toolbox Browser
CVE-2019-16255 (Ruby through 2.4.7, 2.5.x through 2.5.6, and 2.6.x through 2.6.4 allow ...)
	{DSA-4587-1 DSA-4586-1 DLA-2027-1 DLA-2007-1}
	- ruby2.5 2.5.7-1
	- ruby2.3 <removed>
	- ruby2.1 <removed>
	- jruby <unfixed>
	NOTE: https://www.ruby-lang.org/en/news/2019/10/01/code-injection-shell-test-cve-2019-16255/
	NOTE: ruby2.5: https://github.com/ruby/ruby/commit/3af01ae1101e0b8815ae5a106be64b0e82a58640
CVE-2019-16254 (Ruby through 2.4.7, 2.5.x through 2.5.6, and 2.6.x through 2.6.4 allow ...)
	{DSA-4587-1 DSA-4586-1 DLA-2027-1 DLA-2007-1}
	- ruby2.5 2.5.7-1
	- ruby2.3 <removed>
	- ruby2.1 <removed>
	- jruby <unfixed>
	NOTE: https://github.com/ruby/ruby/commit/3ce238b5f9795581eb84114dcfbdf4aa086bfecc
	NOTE: https://hackerone.com/reports/331984
	NOTE: https://www.ruby-lang.org/en/news/2019/10/01/http-response-splitting-in-webrick-cve-2019-16254/
CVE-2019-16253 (The Text-to-speech Engine (aka SamsungTTS) application before 3.0.02.7 ...)
	NOT-FOR-US: Samsung
CVE-2019-16252
	RESERVED
CVE-2019-16251 (plugin-fw/lib/yit-plugin-panel-wc.php in the YIT Plugin Framework thro ...)
	NOT-FOR-US: YIT Plugin Framework
CVE-2019-16250 (includes/wizard/wizard.php in the Ocean Extra plugin through 1.5.8 for ...)
	NOT-FOR-US: Ocean Extra plugin for WordPress
CVE-2019-16249 (OpenCV 4.1.1 has an out-of-bounds read in hal_baseline::v_load in core ...)
	- opencv <not-affected> (Vulnerable code not present)
	NOTE: https://github.com/opencv/opencv/issues/15481
	NOTE: https://github.com/opencv/opencv/commit/cd7fa04985b10db5e66de542725d0da57f0d10b6
	NOTE: Issue was present in experimental, but suites up to unstable never were
	NOTE: shiping the vulnerable code.
CVE-2019-16248 (The "delete for" feature in Telegram before 5.11 on Android does not d ...)
	NOT-FOR-US: Telegram for Android
CVE-2019-16247 (Delta DCISoft 1.21 has a User Mode Write AV starting at CommLib!CCommL ...)
	NOT-FOR-US: Delta DCISoft
CVE-2019-16246 (Intesync Solismed 3.3sp1 allows Local File Inclusion (LFI), a differen ...)
	NOT-FOR-US: Intesync Solismed
CVE-2019-16245
	RESERVED
CVE-2019-16244
	RESERVED
CVE-2019-16243 (On TCL Alcatel Cingular Flip 2 B9HUAH1 devices, there is an undocument ...)
	NOT-FOR-US: TCL Alcatel Cingular Flip 2 B9HUAH1 devices
CVE-2019-16242 (On TCL Alcatel Cingular Flip 2 B9HUAH1 devices, there is an engineerin ...)
	NOT-FOR-US: TCL Alcatel Cingular Flip 2 B9HUAH1 devices
CVE-2019-16241 (On TCL Alcatel Cingular Flip 2 B9HUAH1 devices, PIN authentication can ...)
	NOT-FOR-US: TCL Alcatel Cingular Flip 2 B9HUAH1 devices
CVE-2019-16240
	RESERVED
CVE-2019-16239 (process_http_response in OpenConnect before 8.05 has a Buffer Overflow ...)
	{DSA-4607-1 DLA-1945-1}
	- openconnect 8.02-1.1 (bug #940871)
	NOTE: http://lists.infradead.org/pipermail/openconnect-devel/2019-September/005412.html
	NOTE: https://github.com/openconnect/openconnect/commit/875f0a65ab73f4fb581ca870fd3a901bd278f8e8
CVE-2019-16378 (OpenDMARC through 1.3.2 and 1.4.x through 1.4.0-Beta1 is prone to a si ...)
	{DSA-4526-1}
	- opendmarc 1.3.2-7 (bug #940081)
	NOTE: https://github.com/trusteddomainproject/OpenDMARC/pull/48
CVE-2019-16275 (hostapd before 2.10 and wpa_supplicant before 2.10 allow an incorrect  ...)
	{DSA-4538-1 DLA-1922-1}
	- wpa 2:2.9-2 (bug #940080)
	[stretch] - wpa <no-dsa> (Minor issue; can be fixed via point release)
	NOTE: https://www.openwall.com/lists/oss-security/2019/09/11/7
	NOTE: https://w1.fi/security/2019-7/
CVE-2019-16238 (Afterlogic Aurora through 8.3.9-build-a3 has XSS that can be leveraged ...)
	NOT-FOR-US: Afterlogic Aurora
CVE-2019-16237 (Dino before 2019-09-10 does not properly check the source of an MAM me ...)
	{DSA-4524-1}
	- dino-im 0.0.git20190911.2a70a4e-1
	NOTE: https://github.com/dino/dino/commit/307f16cc86dd2b95aa02ab8a85110e4a2d5e7363
	NOTE: https://gultsch.de/dino_multiple.html
CVE-2019-16236 (Dino before 2019-09-10 does not check roster push authorization in mod ...)
	{DSA-4524-1}
	- dino-im 0.0.git20190911.2a70a4e-1
	NOTE: https://github.com/dino/dino/commit/dd33f5f949248d87d34f399e8846d5ee5b8823d9
	NOTE: https://gultsch.de/dino_multiple.html
CVE-2019-16235 (Dino before 2019-09-10 does not properly check the source of a carbons ...)
	{DSA-4524-1}
	- dino-im 0.0.git20190911.2a70a4e-1
	NOTE: https://github.com/dino/dino/commit/e84f2c49567e86d2a261ea264d65c4adc549c930
	NOTE: https://gultsch.de/dino_multiple.html
CVE-2019-16234 (drivers/net/wireless/intel/iwlwifi/pcie/trans.c in the Linux kernel 5. ...)
	- linux <unfixed> (unimportant)
	NOTE: https://lkml.org/lkml/2019/9/9/487
	NOTE: Requires memory allocation failure during device probe, so unlikely to
	NOTE: be exploitable, and then it's only a local DoS.
CVE-2019-16233 (drivers/scsi/qla2xxx/qla_os.c in the Linux kernel 5.2.14 does not chec ...)
	- linux <unfixed> (unimportant)
	NOTE: https://lkml.org/lkml/2019/9/9/487
	NOTE: Requires memory allocation failure during device probe, so unlikely to
	NOTE: be exploitable, and then it's only a local DoS.
CVE-2019-16232 (drivers/net/wireless/marvell/libertas/if_sdio.c in the Linux kernel 5. ...)
	- linux <unfixed> (unimportant)
	NOTE: https://lkml.org/lkml/2019/9/9/487
	NOTE: Requires memory allocation failure during device probe, so unlikely to
	NOTE: be exploitable, and then it's only a local DoS.
CVE-2019-16231 (drivers/net/fjes/fjes_main.c in the Linux kernel 5.2.14 does not check ...)
	- linux <unfixed> (unimportant)
	NOTE: https://lkml.org/lkml/2019/9/9/487
	NOTE: Requires memory allocation failure during device probe, so unlikely to
	NOTE: be exploitable, and then it's only a local DoS.
CVE-2019-16230 (** DISPUTED ** drivers/gpu/drm/radeon/radeon_display.c in the Linux ke ...)
	- linux <unfixed> (unimportant)
	NOTE: https://lkml.org/lkml/2019/9/9/487
	NOTE: Requires memory allocation failure during device probe, so unlikely to
	NOTE: be exploitable, and then it's only a local DoS.
CVE-2019-16229 (** DISPUTED ** drivers/gpu/drm/amd/amdkfd/kfd_interrupt.c in the Linux ...)
	- linux <unfixed> (unimportant)
	NOTE: https://lkml.org/lkml/2019/9/9/487
	NOTE: Requires memory allocation failure during device probe, so unlikely to
	NOTE: be exploitable, and then it's only a local DoS.
CVE-2019-16228 (An issue was discovered in py-lmdb 0.97. There is a divide-by-zero err ...)
	- py-lmdb <unfixed> (unimportant)
	NOTE: https://github.com/jnwatson/py-lmdb/issues/210
	NOTE: No real security issue in py-lmdb and disputed (MITRE contacted). If at all
	NOTE: then issues in underlying library but cf. https://github.com/jnwatson/py-lmdb/issues/210#issuecomment-531015023
CVE-2019-16227 (An issue was discovered in py-lmdb 0.97. For certain values of mn_flag ...)
	- py-lmdb <unfixed> (unimportant)
	NOTE: https://github.com/jnwatson/py-lmdb/issues/210
	NOTE: No real security issue in py-lmdb and disputed (MITRE contacted). If at all
	NOTE: then issues in underlying library but cf. https://github.com/jnwatson/py-lmdb/issues/210#issuecomment-531015023
CVE-2019-16226 (An issue was discovered in py-lmdb 0.97. mdb_node_del does not validat ...)
	- py-lmdb <unfixed> (unimportant)
	NOTE: https://github.com/jnwatson/py-lmdb/issues/210
	NOTE: No real security issue in py-lmdb and disputed (MITRE contacted). If at all
	NOTE: then issues in underlying library but cf. https://github.com/jnwatson/py-lmdb/issues/210#issuecomment-531015023
CVE-2019-16225 (An issue was discovered in py-lmdb 0.97. For certain values of mp_flag ...)
	- py-lmdb <unfixed> (unimportant)
	NOTE: https://github.com/jnwatson/py-lmdb/issues/210
	NOTE: No real security issue in py-lmdb and disputed (MITRE contacted). If at all
	NOTE: then issues in underlying library but cf. https://github.com/jnwatson/py-lmdb/issues/210#issuecomment-531015023
CVE-2019-16224 (An issue was discovered in py-lmdb 0.97. For certain values of md_flag ...)
	- py-lmdb <unfixed> (unimportant)
	NOTE: https://github.com/jnwatson/py-lmdb/issues/210
	NOTE: No real security issue in py-lmdb and disputed (MITRE contacted). If at all
	NOTE: then issues in underlying library but cf. https://github.com/jnwatson/py-lmdb/issues/210#issuecomment-531015023
CVE-2019-16223 (WordPress before 5.2.3 allows XSS in post previews by authenticated us ...)
	{DSA-4599-1 DLA-1960-1}
	- wordpress 5.2.3+dfsg1-1 (bug #939543)
CVE-2019-16222 (WordPress before 5.2.3 has an issue with URL sanitization in wp_kses_b ...)
	{DSA-4599-1 DLA-1960-1}
	- wordpress 5.2.3+dfsg1-1 (bug #939543)
	NOTE: https://core.trac.wordpress.org/changeset/45997
	NOTE: https://github.com/WordPress/WordPress/commit/30ac67579559fe42251b5a9f887211bf61a8ed68
CVE-2019-16221 (WordPress before 5.2.3 allows reflected XSS in the dashboard. ...)
	{DSA-4599-1 DLA-1960-1}
	- wordpress 5.2.3+dfsg1-1 (bug #939543)
CVE-2019-16220 (In WordPress before 5.2.3, validation and sanitization of a URL in wp_ ...)
	{DSA-4599-1 DLA-1960-1}
	- wordpress 5.2.3+dfsg1-1 (bug #939543)
	NOTE: https://core.trac.wordpress.org/changeset/45971
	NOTE: https://github.com/WordPress/WordPress/commit/c86ee39ff4c1a79b93c967eb88522f5c09614a28
CVE-2019-16219 (WordPress before 5.2.3 allows XSS in shortcode previews. ...)
	{DSA-4599-1 DLA-1960-1}
	- wordpress 5.2.3+dfsg1-1 (bug #939543)
CVE-2019-16218 (WordPress before 5.2.3 allows XSS in stored comments. ...)
	{DSA-4599-1 DLA-1960-1}
	- wordpress 5.2.3+dfsg1-1 (bug #939543)
CVE-2019-16217 (WordPress before 5.2.3 allows XSS in media uploads because wp_ajax_upl ...)
	{DSA-4599-1 DLA-1960-1}
	- wordpress 5.2.3+dfsg1-1 (bug #939543)
	NOTE: https://core.trac.wordpress.org/changeset/45936
CVE-2019-16216 (Zulip server before 2.0.5 incompletely validated the MIME types of upl ...)
	- zulip-server <itp> (bug #800052)
CVE-2019-16215 (The Markdown parser in Zulip server before 2.0.5 used a regular expres ...)
	- zulip-server <itp> (bug #800052)
CVE-2019-16214 (Libra Core before 2019-09-03 has an erroneous regular expression for i ...)
	NOT-FOR-US: Libra
CVE-2019-16213
	RESERVED
CVE-2019-16212
	RESERVED
CVE-2019-16211
	RESERVED
CVE-2019-16210 (Brocade SANnav versions before v2.0, logs plain text database connecti ...)
	NOT-FOR-US: Brocade
CVE-2019-16209 (A vulnerability, in The ReportsTrustManager class of Brocade SANnav ve ...)
	NOT-FOR-US: Brocade
CVE-2019-16208 (Password-based encryption (PBE) algorithm, of Brocade SANnav versions  ...)
	NOT-FOR-US: Brocade
CVE-2019-16207 (Brocade SANnav versions before v2.0 use a hard-coded password, which c ...)
	NOT-FOR-US: Brocade
CVE-2019-16206 (The authentication mechanism, in Brocade SANnav versions before v2.0,  ...)
	NOT-FOR-US: Brocade
CVE-2019-16205 (A vulnerability, in Brocade SANnav versions before v2.0, could allow r ...)
	NOT-FOR-US: Brocade
CVE-2019-16204 (Brocade Fabric OS Versions before v7.4.2f, v8.2.2a, v8.1.2j and v8.2.1 ...)
	NOT-FOR-US: Brocade Fabric OS
CVE-2019-16203 (Brocade Fabric OS Versions before v8.2.2a and v8.2.1d could expose the ...)
	NOT-FOR-US: Brocade Fabric OS
CVE-2019-16202 (MISP before 2.4.115 allows privilege escalation in certain situations. ...)
	NOT-FOR-US: MISP
CVE-2019-16201 (WEBrick::HTTPAuth::DigestAuth in Ruby through 2.4.7, 2.5.x through 2.5 ...)
	{DSA-4587-1 DSA-4586-1 DLA-2027-1 DLA-2007-1}
	- ruby2.5 2.5.7-1
	- ruby2.3 <removed>
	- ruby2.1 <removed>
	- jruby <unfixed>
	NOTE: https://github.com/ruby/ruby/commit/36e057e26ef2104bc2349799d6c52d22bb1c7d03
	NOTE: https://hackerone.com/reports/661722
	NOTE: https://www.ruby-lang.org/en/news/2019/10/01/webrick-regexp-digestauth-dos-cve-2019-16201/
CVE-2019-16200 (GNU Serveez through 0.2.2 has an Information Leak. An attacker may sen ...)
	- serveez <removed>
CVE-2019-16199 (eQ-3 Homematic CCU2 before 2.47.18 and CCU3 before 3.47.18 allow Remot ...)
	NOT-FOR-US: eQ-3 Homematic CCU2
CVE-2019-16198 (KSLabs KSWEB 3.93 allows ../ directory traversal, as demonstrated by t ...)
	NOT-FOR-US: KSLabs KSWEB
CVE-2019-16197 (In htdocs/societe/card.php in Dolibarr 10.0.1, the value of the User-A ...)
	- dolibarr <removed>
CVE-2019-16196
	RESERVED
CVE-2019-16195 (Centreon before 2.8.30, 18.x before 18.10.8, and 19.x before 19.04.5 a ...)
	- centreon-web <itp> (bug #913903)
CVE-2019-16194 (SQL injection vulnerabilities in Centreon through 19.04 allow attacks  ...)
	- centreon-web <itp> (bug #913903)
CVE-2019-16193 (In ArcGIS Enterprise 10.6.1, a crafted IFRAME element can be used to t ...)
	NOT-FOR-US: ArcGIS Enterprise
CVE-2019-16192 (upload_model() in /admini/controllers/system/managemodel.php in DocCms ...)
	NOT-FOR-US: DocCMS
CVE-2019-16191
	RESERVED
CVE-2019-16190 (SharePort Web Access on D-Link DIR-868L REVB through 2.03, DIR-885L RE ...)
	NOT-FOR-US: D-Link
CVE-2019-16189
	RESERVED
CVE-2019-16188 (HCL AppScan Source before 9.03.13 is susceptible to XML External Entit ...)
	NOT-FOR-US: HCL AppScan Source
CVE-2019-16187 (Limesurvey before 3.17.14 uses an anti-CSRF cookie without the HttpOnl ...)
	- limesurvey <itp> (bug #472802)
CVE-2019-16186 (In Limesurvey before 3.17.14, admin users can access the plugin manage ...)
	- limesurvey <itp> (bug #472802)
CVE-2019-16185 (In Limesurvey before 3.17.14, admin users can view, update, or delete  ...)
	- limesurvey <itp> (bug #472802)
CVE-2019-16184 (A CSV injection vulnerability was found in Limesurvey before 3.17.14 t ...)
	- limesurvey <itp> (bug #472802)
CVE-2019-16183 (In Limesurvey before 3.17.14, admin users can run an integrity check w ...)
	- limesurvey <itp> (bug #472802)
CVE-2019-16182 (A reflected cross-site scripting (XSS) vulnerability was found in Lime ...)
	- limesurvey <itp> (bug #472802)
CVE-2019-16181 (In Limesurvey before 3.17.14, admin users can mark other users' notifi ...)
	- limesurvey <itp> (bug #472802)
CVE-2019-16180 (Limesurvey before 3.17.14 allows remote attackers to bruteforce the lo ...)
	- limesurvey <itp> (bug #472802)
CVE-2019-16179 (Limesurvey before 3.17.14 does not enforce SSL/TLS usage in the defaul ...)
	- limesurvey <itp> (bug #472802)
CVE-2019-16178 (A stored cross-site scripting (XSS) vulnerability was found in Limesur ...)
	- limesurvey <itp> (bug #472802)
CVE-2019-16177 (In Limesurvey before 3.17.14, the entire database is exposed through b ...)
	- limesurvey <itp> (bug #472802)
CVE-2019-16176 (A path disclosure vulnerability was found in Limesurvey before 3.17.14 ...)
	- limesurvey <itp> (bug #472802)
CVE-2019-16175 (A clickjacking vulnerability was found in Limesurvey before 3.17.14. ...)
	- limesurvey <itp> (bug #472802)
CVE-2019-16174 (An XML injection vulnerability was found in Limesurvey before 3.17.14  ...)
	- limesurvey <itp> (bug #472802)
CVE-2019-16173 (LimeSurvey before v3.17.14 allows reflected XSS for escalating privile ...)
	- limesurvey <itp> (bug #472802)
CVE-2019-16172 (LimeSurvey before v3.17.14 allows stored XSS for escalating privileges ...)
	- limesurvey <itp> (bug #472802)
CVE-2019-16171 (In JetBrains YouTrack through 2019.2.56594, stored XSS was found on th ...)
	NOT-FOR-US: JetBrains YouTrack
CVE-2019-16170 (An issue was discovered in GitLab Enterprise Edition 11.x and 12.x bef ...)
	[experimental] - gitlab 12.0.9-1
	- gitlab 12.6.8-3 (bug #940007)
	NOTE: https://about.gitlab.com/2019/09/10/critical-security-release-gitlab-12-dot-2-dot-5-released/
CVE-2019-16169
	RESERVED
CVE-2019-16167 (sysstat before 12.1.6 has memory corruption due to an Integer Overflow ...)
	- sysstat 12.1.7-1 (bug #939914)
	[buster] - sysstat <no-dsa> (Minor issue, can be fixed via point release)
	[stretch] - sysstat <not-affected> (Vulnerable code introduced later)
	[jessie] - sysstat <not-affected> (Vulnerable code introduced later)
	NOTE: https://github.com/sysstat/sysstat/issues/230
	NOTE: Introduced after: https://github.com/sysstat/sysstat/commit/65ac30359e49ee717397e39950d7c24a6610d57c (v11.7.1)
	NOTE: Fixed by: https://github.com/sysstat/sysstat/commit/edbf507678bf10914e9804ff8a06737fdcb2e781
CVE-2019-16166 (GNU cflow through 1.6 has a heap-based buffer over-read in the nexttok ...)
	- cflow <unfixed> (unimportant; bug #939916)
	NOTE: https://lists.gnu.org/archive/html/bug-cflow/2019-04/msg00000.html
	NOTE: Crash in CLI tool, no security impact
CVE-2019-16165 (GNU cflow through 1.6 has a use-after-free in the reference function i ...)
	- cflow <unfixed> (unimportant; bug #939915)
	NOTE: https://lists.gnu.org/archive/html/bug-cflow/2019-04/msg00001.html
	NOTE: Crash in CLI tool, no security impact
CVE-2019-16164 (MyHTML through 4.0.5 has a NULL pointer dereference in myhtml_tree_nod ...)
	NOT-FOR-US: MyHTML
CVE-2019-16163 (Oniguruma before 6.9.3 allows Stack Exhaustion in regcomp.c because of ...)
	{DLA-1918-1}
	- libonig 6.9.4-1 (low; bug #939988)
	[buster] - libonig <no-dsa> (Minor issue)
	[stretch] - libonig <no-dsa> (Minor issue)
	NOTE: https://github.com/kkos/oniguruma/issues/147
	NOTE: https://github.com/kkos/oniguruma/commit/4097828d7cc87589864fecf452f2cd46c5f37180
CVE-2019-16162 (Onigmo through 6.2.0 has an out-of-bounds read in parse_char_class bec ...)
	NOT-FOR-US: Onigmo (fork of Oniguruma)
CVE-2019-16161 (Onigmo through 6.2.0 has a NULL pointer dereference in onig_error_code ...)
	NOT-FOR-US: Onigmo (fork of Oniguruma)
CVE-2019-16160
	RESERVED
CVE-2019-16159 (BIRD Internet Routing Daemon 1.6.x through 1.6.7 and 2.x through 2.0.5 ...)
	- bird 1.6.8-1 (bug #939990)
	[buster] - bird 1.6.6-1+deb10u1
	[stretch] - bird <not-affected> (Vulnerable code introduced later)
	[jessie] - bird <not-affected> (Vulnerable code introduced later)
	- bird2 2.0.6-1 (bug #940522)
	NOTE: https://gitlab.labs.nic.cz/labs/bird/commit/1657c41c96b3c07d9265b07dd4912033ead4124b (1.6.x)
	NOTE: https://gitlab.labs.nic.cz/labs/bird/commit/8388f5a7e14108a1458fea35bfbb5a453e2c563c (2.0.x)
CVE-2019-16158
	RESERVED
CVE-2019-16157 (An information exposure vulnerability in Fortinet FortiWeb 6.2.0 CLI a ...)
	NOT-FOR-US: Fortiguard
CVE-2019-16156 (An Improper Neutralization of Input vulnerability in the Anomaly Detec ...)
	NOT-FOR-US: Fortiguard
CVE-2019-16155 (A privilege escalation vulnerability in FortiClient for Linux 6.2.1 an ...)
	NOT-FOR-US: Fortiguard FortiClient
CVE-2019-16154 (An improper neutralization of input during web page generation in Fort ...)
	NOT-FOR-US: FortiAuthenticator WEB UI
CVE-2019-16153 (A hard-coded password vulnerability in the Fortinet FortiSIEM database ...)
	NOT-FOR-US: Fortinet
CVE-2019-16152 (A Denial of service (DoS) vulnerability in FortiClient for Linux 6.2.1 ...)
	NOT-FOR-US: Fortiguard FortiClient
CVE-2019-16151
	RESERVED
CVE-2019-16150
	RESERVED
CVE-2019-16149
	RESERVED
CVE-2019-16168 (In SQLite through 3.29.0, whereLoopAddBtreeIndex in sqlite3.c can cras ...)
	- sqlite3 3.29.0-2
	[buster] - sqlite3 <no-dsa> (Minor issue)
	[stretch] - sqlite3 <no-dsa> (Minor issue)
	[jessie] - sqlite3 <no-dsa> (Minor issue)
	NOTE: https://www.mail-archive.com/sqlite-users@mailinglists.sqlite.org/msg116312.html
	NOTE: https://www.sqlite.org/src/info/e4598ecbdd18bd82945f6029013296690e719a62
	NOTE: Fixed by: https://www.sqlite.org/src/info/d93508fc9913cfe6
	NOTE: Introduced by: https://www.sqlite.org/src/info/90e36676476e8db0
CVE-2019-16148 (Sakai through 12.6 allows XSS via a chat user name. ...)
	NOT-FOR-US: Sakai
CVE-2019-16147 (Liferay Portal through 7.2.0 GA1 allows XSS via a journal article titl ...)
	NOT-FOR-US: Liferay Portal
CVE-2019-16146 (Gophish through 0.8.0 allows XSS via a username. ...)
	NOT-FOR-US: Gophish
CVE-2019-16145 (The breadcrumbs contributed module through 0.2.0 for Padrino Framework ...)
	NOT-FOR-US: Padrino module
CVE-2019-16144 (An issue was discovered in the generator crate before 0.6.18 for Rust. ...)
	NOT-FOR-US: Rust crate generator
CVE-2019-16143 (An issue was discovered in the blake2 crate before 0.8.1 for Rust. The ...)
	NOT-FOR-US: Rust crate blake
CVE-2019-16142 (An issue was discovered in the renderdoc crate before 0.5.0 for Rust.  ...)
	NOT-FOR-US: Rust crate renderdoc
CVE-2019-16141 (An issue was discovered in the once_cell crate before 1.0.1 for Rust.  ...)
	- rust-once-cell <not-affected> (Only affects 0.2.5 and later)
	NOTE: https://rustsec.org/advisories/RUSTSEC-2019-0017.html
CVE-2019-16140 (An issue was discovered in the chttp crate before 0.1.3 for Rust. Ther ...)
	NOT-FOR-US: Rust crate chttp
CVE-2019-16139 (An issue was discovered in the compact_arena crate before 0.4.0 for Ru ...)
	NOT-FOR-US: Rust crate renderdoc
CVE-2019-16138 (An issue was discovered in the image crate before 0.21.3 for Rust, aff ...)
	- rust-image <not-affected> (Fixed before initial upload)
	NOTE: https://rustsec.org/advisories/RUSTSEC-2019-0014.html
CVE-2019-16137 (An issue was discovered in the spin crate before 0.5.2 for Rust, when  ...)
	- rust-spin 0.5.2-1
	[buster] - rust-spin <no-dsa> (Minor issue)
	NOTE: https://rustsec.org/advisories/RUSTSEC-2019-0013.html
CVE-2019-16136
	RESERVED
CVE-2019-16135
	RESERVED
CVE-2019-16134
	RESERVED
CVE-2019-16133 (An issue was discovered in eteams OA v4.0.34. Because the session is n ...)
	NOT-FOR-US: eteams
CVE-2019-16132 (An issue was discovered in OKLite v1.2.25. framework/admin/tpl_control ...)
	NOT-FOR-US: OKLite
CVE-2019-16131 (framework/admin/modulec_control.php in OKLite v1.2.25 has an Arbitrary ...)
	NOT-FOR-US: OKLite
CVE-2019-16130 (YII2-CMS v1.0 has XSS in protected\core\modules\home\models\Contact.ph ...)
	NOT-FOR-US: YII2-CMS
CVE-2019-16129
	RESERVED
CVE-2019-16128
	RESERVED
CVE-2019-16127
	RESERVED
CVE-2019-16126 (Grav through 1.6.15 allows (Stored) Cross-Site Scripting due to JavaSc ...)
	NOT-FOR-US: Grav CMS
CVE-2019-16125 (In Jobberbase 2.0, the parameter category is not sanitized in public/p ...)
	NOT-FOR-US: Jobberbase
CVE-2019-16124 (In YouPHPTube 7.4, the file install/checkConfiguration.php has no acce ...)
	NOT-FOR-US: YouPHPTube
CVE-2019-16123 (In Kartatopia PilusCart 1.4.1, the parameter filename in the file cata ...)
	NOT-FOR-US: Kartatopia PilusCart
CVE-2019-16122
	RESERVED
CVE-2019-16121
	RESERVED
CVE-2019-16120 (CSV injection in the event-tickets (Event Tickets) plugin before 4.10. ...)
	NOT-FOR-US: event-tickets (Event Tickets) plugin for WordPress
CVE-2019-16119 (SQL injection in the photo-gallery (10Web Photo Gallery) plugin before ...)
	NOT-FOR-US: photo-gallery (10Web Photo Gallery) plugin for WordPress
CVE-2019-16118 (Cross site scripting (XSS) in the photo-gallery (10Web Photo Gallery)  ...)
	NOT-FOR-US: photo-gallery (10Web Photo Gallery) plugin for WordPress
CVE-2019-16117 (Cross site scripting (XSS) in the photo-gallery (10Web Photo Gallery)  ...)
	NOT-FOR-US: photo-gallery (10Web Photo Gallery) plugin for WordPress
CVE-2019-16116 (EnterpriseDT CompleteFTP Server prior to version 12.1.3 is vulnerable  ...)
	NOT-FOR-US: EnterpriseDT CompleteFTP Server
CVE-2019-16115 (In Xpdf 4.01.01, a stack-based buffer under-read could be triggered in ...)
	- xpdf <not-affected> (xpdf in Debian uses poppler, which is fixed)
CVE-2019-16114 (In ATutor 2.2.4, an unauthenticated attacker can change the applicatio ...)
	NOT-FOR-US: ATutor
CVE-2019-16113 (Bludit 3.9.2 allows remote code execution via bl-kernel/ajax/upload-im ...)
	NOT-FOR-US: Bludit
CVE-2019-16112
	RESERVED
CVE-2019-16111
	RESERVED
CVE-2019-16110 (The network protocol of Blade Shadow though 2.13.3 allows remote attac ...)
	NOT-FOR-US: Blade Shadow
CVE-2019-16109 (An issue was discovered in Plataformatec Devise before 4.7.1. It confi ...)
	NOT-FOR-US: Plataformatec Devise
CVE-2019-16108 (phpBB 3.2.7 allows adding an arbitrary Cascading Style Sheets (CSS) to ...)
	NOT-FOR-US: phpBB
CVE-2019-16107 (Missing form token validation in phpBB 3.2.7 allows CSRF in deleting p ...)
	NOT-FOR-US: phpBB
CVE-2019-16106 (The Recruitment module in Humanica Humatrix 7 1.0.0.203 and 1.0.0.681  ...)
	NOT-FOR-US: Recruitment module in Humanica Humatrix
CVE-2019-16105 (Silver Peak EdgeConnect SD-WAN before 8.1.7.x allows ..%2f directory t ...)
	NOT-FOR-US: Silver Peak EdgeConnect SD-WAN
CVE-2019-16104 (Silver Peak EdgeConnect SD-WAN before 8.1.7.x has reflected XSS via th ...)
	NOT-FOR-US: Silver Peak EdgeConnect SD-WAN
CVE-2019-16103 (Silver Peak EdgeConnect SD-WAN before 8.1.7.x allows privilege escalat ...)
	NOT-FOR-US: Silver Peak EdgeConnect SD-WAN
CVE-2019-16102 (Silver Peak EdgeConnect SD-WAN before 8.1.7.x has an SNMP service with ...)
	NOT-FOR-US: Silver Peak EdgeConnect SD-WAN
CVE-2019-16101 (Silver Peak EdgeConnect SD-WAN before 8.1.7.x allows remote attackers  ...)
	NOT-FOR-US: Silver Peak EdgeConnect SD-WAN
CVE-2019-16100 (Silver Peak EdgeConnect SD-WAN before 8.1.7.x allows remote attackers  ...)
	NOT-FOR-US: Silver Peak EdgeConnect SD-WAN
CVE-2019-16099 (Silver Peak EdgeConnect SD-WAN before 8.1.7.x allows CSRF via JSON dat ...)
	NOT-FOR-US: Silver Peak EdgeConnect SD-WAN
CVE-2019-16098 (The driver in Micro-Star MSI Afterburner 4.6.2.15658 (aka RTCore64.sys ...)
	NOT-FOR-US: Micro-Star MSI Afterburner
CVE-2019-16097 (core/api/user.go in Harbor 1.7.0 through 1.8.2 allows non-admin users  ...)
	NOT-FOR-US: Harbor
CVE-2019-16096 (Kilo 0.0.1 has a heap-based buffer overflow because there is an intege ...)
	NOT-FOR-US: Kilo
CVE-2019-16095 (Symonics libmysofa 0.7 has an invalid read in getDimension in hrtf/rea ...)
	- libmysofa 0.8~dfsg0-1 (bug #939735)
	[buster] - libmysofa 0.6~dfsg0-3+deb10u1
CVE-2019-16094 (Symonics libmysofa 0.7 has an invalid read in readOHDRHeaderMessageDat ...)
	- libmysofa 0.8~dfsg0-1 (bug #939735)
	[buster] - libmysofa 0.6~dfsg0-3+deb10u1
CVE-2019-16093 (Symonics libmysofa 0.7 has an invalid write in readOHDRHeaderMessageDa ...)
	- libmysofa 0.8~dfsg0-1 (bug #939735)
	[buster] - libmysofa 0.6~dfsg0-3+deb10u1
CVE-2019-16092 (Symonics libmysofa 0.7 has a NULL pointer dereference in getHrtf in hr ...)
	- libmysofa 0.8~dfsg0-1 (bug #939735)
	[buster] - libmysofa 0.6~dfsg0-3+deb10u1
CVE-2019-16091 (Symonics libmysofa 0.7 has an out-of-bounds read in directblockRead in ...)
	- libmysofa 0.8~dfsg0-1 (bug #939735)
	[buster] - libmysofa 0.6~dfsg0-3+deb10u1
CVE-2019-16090
	RESERVED
CVE-2019-16088 (Xpdf 3.04 has a SIGSEGV in XRef::fetch in XRef.cc after many recursive ...)
	- xpdf <not-affected> (xpdf in Debian uses poppler, which is fixed)
CVE-2019-16087
	RESERVED
CVE-2019-16086
	RESERVED
CVE-2019-16085
	RESERVED
CVE-2019-16084
	RESERVED
CVE-2019-16083
	RESERVED
CVE-2019-16082
	RESERVED
CVE-2019-16081
	RESERVED
CVE-2019-16080
	RESERVED
CVE-2019-16079
	RESERVED
CVE-2019-16078
	RESERVED
CVE-2019-16077
	RESERVED
CVE-2019-16076
	RESERVED
CVE-2019-16075
	RESERVED
CVE-2019-16074
	RESERVED
CVE-2019-16073
	RESERVED
CVE-2019-16072 (An OS command injection vulnerability in the discover_and_manage CGI s ...)
	NOT-FOR-US: NETSAS Enigma NMS
CVE-2019-16071 (Enigma NMS 65.0.0 and prior allows administrative users to create low- ...)
	NOT-FOR-US: Enigma NMS
CVE-2019-16070 (A number of stored Cross-site Scripting (XSS) vulnerabilities were ide ...)
	NOT-FOR-US: NETSAS Enigma NMS
CVE-2019-16069 (A number of stored Cross-site Scripting (XSS) vulnerabilities were ide ...)
	NOT-FOR-US: NETSAS Enigma NMS
CVE-2019-16068 (A CSRF vulnerability exists in NETSAS ENIGMA NMS version 65.0.0 and pr ...)
	NOT-FOR-US: NETSAS Enigma NMS
CVE-2019-16067 (NETSAS Enigma NMS 65.0.0 and prior utilises basic authentication over  ...)
	NOT-FOR-US: NETSAS Enigma NMS
CVE-2019-16066 (An unrestricted file upload vulnerability exists in user and system fi ...)
	NOT-FOR-US: NETSAS Enigma NMS
CVE-2019-16065 (A remote SQL injection web vulnerability was discovered in the Enigma  ...)
	NOT-FOR-US: Enigma NMS
CVE-2019-16064 (NETSAS Enigma NMS 65.0.0 and prior suffers from a directory traversal  ...)
	NOT-FOR-US: NETSAS Enigma NMS
CVE-2019-16063 (NETSAS Enigma NMS 65.0.0 and prior does not encrypt sensitive data ren ...)
	NOT-FOR-US: NETSAS Enigma NMS
CVE-2019-16062 (NETSAS Enigma NMS 65.0.0 and prior does not encrypt sensitive data sto ...)
	NOT-FOR-US: NETSAS Enigma NMS
CVE-2019-16061 (A number of files on the NETSAS Enigma NMS server 65.0.0 and prior are ...)
	NOT-FOR-US: NETSAS Enigma NMS
CVE-2019-16089 (An issue was discovered in the Linux kernel through 5.2.13. nbd_genl_s ...)
	- linux <unfixed>
	[stretch] - linux <not-affected> (Vulnerable code not present)
	[jessie] - linux <not-affected> (Vulnerable code not present)
CVE-2019-16060 (The Airbrake Ruby notifier 4.2.3 for Airbrake mishandles the blacklist ...)
	NOT-FOR-US: Airbrake Ruby notifier
CVE-2019-16059 (Sentrifugo 3.2 lacks CSRF protection. This could lead to an attacker t ...)
	NOT-FOR-US: Sentrifugo
CVE-2019-16058 (An issue was discovered in the pam_p11 component 0.2.0 and 0.3.0 for O ...)
	- pam-p11 0.3.1-1 (bug #939664)
	[buster] - pam-p11 <no-dsa> (Minor issue)
	[stretch] - pam-p11 <no-dsa> (Minor issue)
	[jessie] - pam-p11 <no-dsa> (Minor issue)
	NOTE: https://github.com/OpenSC/pam_p11/commit/d150b60e1e14c261b113f55681419ad1dfa8a76c
	NOTE: PKCS11_sign() is used in Jessie and Stretch and has a similar problem as EVP_SignFinal() everywhere else
CVE-2019-16057 (The login_mgr.cgi script in D-Link DNS-320 through 2.05.B10 is vulnera ...)
	NOT-FOR-US: D-Link
CVE-2019-16056 (An issue was discovered in Python through 2.7.16, 3.x through 3.5.7, 3 ...)
	{DLA-1925-1 DLA-1924-1}
	- python3.8 3.8.0~b4-1
	- python3.7 3.7.4-4
	[buster] - python3.7 3.7.3-2+deb10u1
	- python3.5 <removed>
	- python3.4 <removed>
	- python2.7 2.7.17~rc1-1 (bug #940901)
	[buster] - python2.7 2.7.16-2+deb10u1
	[stretch] - python2.7 <no-dsa> (Minor issue)
	NOTE: https://bugs.python.org/issue34155
	NOTE: https://github.com/python/cpython/commit/8cb65d1381b027f0b09ee36bfed7f35bb4dec9a9 (master)
	NOTE: https://github.com/python/cpython/commit/217077440a6938a0b428f67cfef6e053c4f8673c (v3.8.0b4)
	NOTE: https://github.com/python/cpython/commit/c48d606adcef395e59fd555496c42203b01dd3e8 (3.7 branch)
	NOTE: https://github.com/python/cpython/commit/13a19139b5e76175bc95294d54afc9425e4f36c9 (3.6 branch)
	NOTE: https://github.com/python/cpython/commit/063eba280a11d3c9a5dd9ee5abe4de640907951b (3.5 branch)
	NOTE: https://github.com/python/cpython/commit/4cbcd2f8c4e12b912e4d21fd892eedf7a3813d8e (2.7 branch)
CVE-2019-16055
	RESERVED
CVE-2019-16054
	RESERVED
CVE-2019-16053
	RESERVED
CVE-2019-16052
	RESERVED
CVE-2019-16051
	RESERVED
CVE-2019-16050
	RESERVED
CVE-2019-16049
	RESERVED
CVE-2019-16048
	RESERVED
CVE-2019-16047
	RESERVED
CVE-2019-16046
	RESERVED
CVE-2019-16045
	RESERVED
CVE-2019-16044
	RESERVED
CVE-2019-16043
	RESERVED
CVE-2019-16042
	RESERVED
CVE-2019-16041
	RESERVED
CVE-2019-16040
	RESERVED
CVE-2019-16039
	RESERVED
CVE-2019-16038
	RESERVED
CVE-2019-16037
	RESERVED
CVE-2019-16036
	RESERVED
CVE-2019-16035
	RESERVED
CVE-2019-16034
	RESERVED
CVE-2019-16033
	RESERVED
CVE-2019-16032
	RESERVED
CVE-2019-16031
	RESERVED
CVE-2019-16030
	RESERVED
CVE-2019-16029 (A vulnerability in the application programming interface (API) of Cisc ...)
	NOT-FOR-US: Cisco
CVE-2019-16028
	RESERVED
CVE-2019-16027 (A vulnerability in the implementation of the Intermediate System&amp;n ...)
	NOT-FOR-US: Cisco
CVE-2019-16026 (A vulnerability in the implementation of the Stream Control Transmissi ...)
	NOT-FOR-US: Cisco
CVE-2019-16025
	RESERVED
CVE-2019-16024 (A vulnerability in the web-based management interface of Cisco Crosswo ...)
	NOT-FOR-US: Cisco
CVE-2019-16023
	RESERVED
CVE-2019-16022 (Multiple vulnerabilities in the implementation of Border Gateway Proto ...)
	NOT-FOR-US: Cisco
CVE-2019-16021
	RESERVED
CVE-2019-16020 (Multiple vulnerabilities in the implementation of Border Gateway Proto ...)
	NOT-FOR-US: Cisco
CVE-2019-16019
	RESERVED
CVE-2019-16018 (A vulnerability in the implementation of Border Gateway Protocol (BGP) ...)
	NOT-FOR-US: Cisco
CVE-2019-16017
	RESERVED
CVE-2019-16016
	RESERVED
CVE-2019-16015 (A vulnerability in the web-based management interface of the Cisco Dat ...)
	NOT-FOR-US: Cisco
CVE-2019-16014
	RESERVED
CVE-2019-16013
	RESERVED
CVE-2019-16012 (A vulnerability in the web UI of Cisco SD-WAN Solution vManage softwar ...)
	NOT-FOR-US: Cisco
CVE-2019-16011
	RESERVED
CVE-2019-16010 (A vulnerability in the web UI of the Cisco SD-WAN vManage software cou ...)
	NOT-FOR-US: Cisco
CVE-2019-16009
	RESERVED
CVE-2019-16008 (A vulnerability in the web-based GUI of Cisco IP Phone 6800, 7800, and ...)
	NOT-FOR-US: Cisco
CVE-2019-16007
	RESERVED
CVE-2019-16006
	RESERVED
CVE-2019-16005 (A vulnerability in the web-based management interface of Cisco Webex V ...)
	NOT-FOR-US: Cisco
CVE-2019-16004
	RESERVED
CVE-2019-16003 (A vulnerability in the web-based management interface of Cisco UCS Dir ...)
	NOT-FOR-US: Cisco
CVE-2019-16002 (A vulnerability in the vManage web-based UI (web UI) of the Cisco SD-W ...)
	NOT-FOR-US: Cisco
CVE-2019-16001 (A vulnerability in the loading mechanism of specific dynamic link libr ...)
	NOT-FOR-US: Cisco
CVE-2019-16000
	RESERVED
CVE-2019-15999 (A vulnerability in the application environment of Cisco Data Center Ne ...)
	NOT-FOR-US: Cisco
CVE-2019-15998 (A vulnerability in the access-control logic of the NETCONF over Secure ...)
	NOT-FOR-US: Cisco
CVE-2019-15997 (A vulnerability in Cisco DNA Spaces: Connector could allow an authenti ...)
	NOT-FOR-US: Cisco
CVE-2019-15996 (A vulnerability in Cisco DNA Spaces: Connector could allow an authenti ...)
	NOT-FOR-US: Cisco
CVE-2019-15995 (A vulnerability in the web UI of Cisco DNA Spaces: Connector could all ...)
	NOT-FOR-US: Cisco
CVE-2019-15994 (A vulnerability in the web-based management interface of Cisco Stealth ...)
	NOT-FOR-US: Cisco
CVE-2019-15993
	RESERVED
CVE-2019-15992
	RESERVED
CVE-2019-15991
	RESERVED
CVE-2019-15990 (A vulnerability in the web-based management interface of certain Cisco ...)
	NOT-FOR-US: Cisco
CVE-2019-15989 (A vulnerability in the implementation of the Border Gateway Protocol ( ...)
	NOT-FOR-US: Cisco
CVE-2019-15988 (A vulnerability in the antispam protection mechanisms of Cisco AsyncOS ...)
	NOT-FOR-US: Cisco
CVE-2019-15987 (A vulnerability in web interface of the Cisco Webex Event Center, Cisc ...)
	NOT-FOR-US: Cisco
CVE-2019-15986 (A vulnerability in the CLI of Cisco Unity Express could allow an authe ...)
	NOT-FOR-US: Cisco
CVE-2019-15985 (Multiple vulnerabilities in the REST and SOAP API endpoints of Cisco D ...)
	NOT-FOR-US: Cisco
CVE-2019-15984 (Multiple vulnerabilities in the REST and SOAP API endpoints of Cisco D ...)
	NOT-FOR-US: Cisco
CVE-2019-15983 (A vulnerability in the SOAP API of Cisco Data Center Network Manager ( ...)
	NOT-FOR-US: Cisco
CVE-2019-15982 (Multiple vulnerabilities in the REST and SOAP API endpoints and the Ap ...)
	NOT-FOR-US: Cisco
CVE-2019-15981 (Multiple vulnerabilities in the REST and SOAP API endpoints and the Ap ...)
	NOT-FOR-US: Cisco
CVE-2019-15980 (Multiple vulnerabilities in the REST and SOAP API endpoints and the Ap ...)
	NOT-FOR-US: Cisco
CVE-2019-15979 (Multiple vulnerabilities in the REST and SOAP API endpoints of Cisco D ...)
	NOT-FOR-US: Cisco
CVE-2019-15978 (Multiple vulnerabilities in the REST and SOAP API endpoints of Cisco D ...)
	NOT-FOR-US: Cisco
CVE-2019-15977 (Multiple vulnerabilities in the authentication mechanisms of Cisco Dat ...)
	NOT-FOR-US: Cisco
CVE-2019-15976 (Multiple vulnerabilities in the authentication mechanisms of Cisco Dat ...)
	NOT-FOR-US: Cisco
CVE-2019-15975 (Multiple vulnerabilities in the authentication mechanisms of Cisco Dat ...)
	NOT-FOR-US: Cisco
CVE-2019-15974
	RESERVED
CVE-2019-15973 (A vulnerability in the web-based management interface of Cisco Industr ...)
	NOT-FOR-US: Cisco
CVE-2019-15972 (A vulnerability in the web-based management interface of Cisco Unified ...)
	NOT-FOR-US: Cisco
CVE-2019-15971 (A vulnerability in the MP3 detection engine of Cisco AsyncOS Software  ...)
	NOT-FOR-US: Cisco
CVE-2019-15970
	RESERVED
CVE-2019-15969
	RESERVED
CVE-2019-15968 (A vulnerability in the web-based management interface of Cisco Unified ...)
	NOT-FOR-US: Cisco
CVE-2019-15967 (A vulnerability in the CLI of Cisco TelePresence Collaboration Endpoin ...)
	NOT-FOR-US: Cisco
CVE-2019-15966 (A vulnerability in the web application of Cisco TelePresence Advanced  ...)
	NOT-FOR-US: Cisco TelePresence Advanced Media Gateway
CVE-2019-15965
	RESERVED
CVE-2019-15964
	RESERVED
CVE-2019-15963
	RESERVED
CVE-2019-15962 (A vulnerability in the CLI of Cisco TelePresence Collaboration Endpoin ...)
	NOT-FOR-US: Cisco
CVE-2019-15961 (A vulnerability in the email parsing module Clam AntiVirus (ClamAV) So ...)
	{DLA-2108-1}
	- clamav 0.102.1+dfsg-1 (bug #945265)
	[buster] - clamav 0.102.1+dfsg-0+deb10u1
	[stretch] - clamav 0.102.1+dfsg-0+deb9u2
	NOTE: https://blog.clamav.net/2019/11/clamav-01021-and-01015-patches-have.html
CVE-2019-15960 (A vulnerability in the Webex Network Recording Admin page of Cisco Web ...)
	NOT-FOR-US: Cisco
CVE-2019-15959
	RESERVED
CVE-2019-15958 (A vulnerability in the REST API of Cisco Prime Infrastructure (PI) and ...)
	NOT-FOR-US: Cisco
CVE-2019-15957
	RESERVED
CVE-2019-15956 (A vulnerability in the web management interface of Cisco AsyncOS Softw ...)
	NOT-FOR-US: Cisco
CVE-2019-15955 (An issue was discovered in Total.js CMS 12.0.0. A low privilege user c ...)
	NOT-FOR-US: Total.js CMS
CVE-2019-15954 (An issue was discovered in Total.js CMS 12.0.0. An authenticated user  ...)
	NOT-FOR-US: Total.js CMS
CVE-2019-15953 (An issue was discovered in Total.js CMS 12.0.0. An authenticated user  ...)
	NOT-FOR-US: Total.js CMS
CVE-2019-15952 (An issue was discovered in Total.js CMS 12.0.0. An authenticated user  ...)
	NOT-FOR-US: Total.js CMS
CVE-2019-15951
	RESERVED
CVE-2019-15950 (The CRM Plugin before 4.2.4 for Redmine allows XSS via crafted vCard d ...)
	NOT-FOR-US: Redmine plugin
CVE-2019-15949 (Nagios XI before 5.6.6 allows remote command execution as root. The ex ...)
	NOT-FOR-US: Nagios XI
CVE-2019-15948 (Texas Instruments CC256x and WL18xx dual-mode Bluetooth controller dev ...)
	NOT-FOR-US: Texas Instruments CC256x and WL18xx dual-mode Bluetooth controller devices
CVE-2019-15947 (In Bitcoin Core 0.18.0, bitcoin-qt stores wallet.dat data unencrypted  ...)
	- bitcoin <unfixed> (bug #939608)
CVE-2019-15946 (OpenSC before 0.20.0-rc1 has an out-of-bounds access of an ASN.1 Octet ...)
	{DLA-1916-1}
	- opensc 0.20.0-1 (bug #939669)
	[buster] - opensc <no-dsa> (Minor issue)
	[stretch] - opensc <no-dsa> (Minor issue)
	NOTE: https://github.com/OpenSC/OpenSC/commit/a3fc7693f3a035a8a7921cffb98432944bb42740
CVE-2019-15945 (OpenSC before 0.20.0-rc1 has an out-of-bounds access of an ASN.1 Bitst ...)
	{DLA-1916-1}
	- opensc 0.20.0-1 (bug #939668)
	[buster] - opensc <no-dsa> (Minor issue)
	[stretch] - opensc <no-dsa> (Minor issue)
	NOTE: https://github.com/OpenSC/OpenSC/commit/412a6142c27a5973c61ba540e33cdc22d5608e68
CVE-2019-15944 (In Counter-Strike: Global Offensive before 8/29/2019, community game s ...)
	NOT-FOR-US: Counter-Strike: Global Offensive
CVE-2019-15943 (vphysics.dll in Counter-Strike: Global Offensive before 1.37.1.1 allow ...)
	NOT-FOR-US: Counter-Strike: Global Offensive
CVE-2019-15942 (FFmpeg through 4.2 has a "Conditional jump or move depends on uninitia ...)
	- ffmpeg <not-affected> (Only affects 4.2)
	NOTE: http://git.videolan.org/?p=ffmpeg.git;a=commitdiff;h=af70bfbeadc0c9b9215cf045ff2a6a31e8ac3a71
CVE-2019-15941 (OpenID Connect Issuer in LemonLDAP::NG 2.x through 2.0.5 may allow an  ...)
	{DSA-4533-1}
	- lemonldap-ng 2.0.6+ds-1
	[stretch] - lemonldap-ng <ignored> (Restrictions on OIDC federation added in 2.0)
	[jessie] - lemonldap-ng <not-affected> (Vulnerable code introduced later)
	NOTE: Vulnerability exists pre-2.0 versions, but as restrictions on OIDC federation
	NOTE: were added only in 2.0 the vulnerability has no effect. The vulnerability
	NOTE: itself exists only with versions >= 1.9.0 (as there is no OIDC before)
CVE-2019-15940 (Victure PC530 devices allow unauthenticated TELNET access as root. ...)
	NOT-FOR-US: Victure PC530 devices
CVE-2019-15939 (An issue was discovered in OpenCV 4.1.0. There is a divide-by-zero err ...)
	- opencv 4.1.2+dfsg-3
	[buster] - opencv <no-dsa> (Minor issue)
	[stretch] - opencv <no-dsa> (Minor issue)
	[jessie] - opencv <no-dsa> (Minor issue)
	NOTE: https://github.com/OpenCV/opencv/issues/15287
	NOTE: https://github.com/opencv/opencv/pull/15382
CVE-2019-15938 (Pengutronix barebox through 2019.08.1 has a remote buffer overflow in  ...)
	NOT-FOR-US: Pengutronix barebox
CVE-2019-15937 (Pengutronix barebox through 2019.08.1 has a remote buffer overflow in  ...)
	NOT-FOR-US: Pengutronix barebox
CVE-2019-15936 (Intesync Solismed 3.3sp allows Insecure File Upload. ...)
	NOT-FOR-US: Intesync Solismed
CVE-2019-15935 (Intesync Solismed 3.3sp has XSS. ...)
	NOT-FOR-US: Intesync Solismed
CVE-2019-15934 (Intesync Solismed 3.3sp has CSRF. ...)
	NOT-FOR-US: Intesync Solismed
CVE-2019-15933 (Intesync Solismed 3.3sp has SQL Injection. ...)
	NOT-FOR-US: Intesync Solismed
CVE-2019-15932 (Intesync Solismed 3.3sp has Incorrect Access Control. ...)
	NOT-FOR-US: Intesync Solismed
CVE-2019-15931 (Intesync Solismed 3.3sp allows Directory Traversal, a different vulner ...)
	NOT-FOR-US: Intesync Solismed
CVE-2019-15930 (Intesync Solismed 3.3sp allows Clickjacking. ...)
	NOT-FOR-US: Intesync Solismed
CVE-2019-15929 (In Craft CMS through 3.1.7, the elevated session password prompt was n ...)
	NOT-FOR-US: Craft CMS
CVE-2019-15928
	RESERVED
CVE-2019-15927 (An issue was discovered in the Linux kernel before 4.20.2. An out-of-b ...)
	- linux 4.19.16-1
	[stretch] - linux 4.9.161-1
	[jessie] - linux 3.16.68-1
	NOTE: https://git.kernel.org/linus/f4351a199cc120ff9d59e06d02e8657d08e6cc46
CVE-2019-15926 (An issue was discovered in the Linux kernel before 5.2.3. Out of bound ...)
	{DLA-1930-1 DLA-1919-1}
	- linux 5.2.6-1
	[buster] - linux 4.19.67-1
	[stretch] - linux 4.9.189-1
	NOTE: https://git.kernel.org/linus/5d6751eaff672ea77642e74e92e6c0ac7f9709ab
CVE-2019-15925 (An issue was discovered in the Linux kernel before 5.2.3. An out of bo ...)
	- linux 5.2.6-1
	[buster] - linux 4.19.67-1
	[stretch] - linux <not-affected> (Vulnerable code introduced later)
	[jessie] - linux <not-affected> (Vulnerable code introduced later)
	NOTE: https://git.kernel.org/linus/04f25edb48c441fc278ecc154c270f16966cbb90
CVE-2019-15924 (An issue was discovered in the Linux kernel before 5.0.11. fm10k_init_ ...)
	{DLA-1919-1}
	- linux 5.2.6-1
	[buster] - linux 4.19.67-1
	[stretch] - linux 4.9.184-1
	[jessie] - linux <not-affected> (Vulnerable code not present)
	NOTE: https://git.kernel.org/linus/01ca667133d019edc9f0a1f70a272447c84ec41f
CVE-2019-15923 (An issue was discovered in the Linux kernel before 5.0.9. There is a N ...)
	- linux <not-affected> (Vulnerability never present)
	NOTE: https://git.kernel.org/linus/f0d1762554014ce0ae347b9f0d088f2c157c8c72
	NOTE: unimportant as CONFIG_PARIDE_PCD not enabled in Debian builds
CVE-2019-15922 (An issue was discovered in the Linux kernel before 5.0.9. There is a N ...)
	- linux <not-affected> (Vulnerability never present)
	NOTE: https://git.kernel.org/linus/58ccd2d31e502c37e108b285bf3d343eb00c235b
	NOTE: unimportant as CONFIG_PARIDE_PF not enabled in Debian builds
CVE-2019-15921 (An issue was discovered in the Linux kernel before 5.0.6. There is a m ...)
	- linux 4.19.37-1
	[stretch] - linux <not-affected> (Vulnerable code introduced later)
	[jessie] - linux <not-affected> (Vulnerable code introduced later)
	NOTE: https://git.kernel.org/linus/ceabee6c59943bdd5e1da1a6a20dc7ee5f8113a2
CVE-2019-15920 (An issue was discovered in the Linux kernel before 5.0.10. SMB2_read i ...)
	- linux 5.2.6-1
	[buster] - linux 4.19.67-1
	[stretch] - linux <not-affected> (Vulnerability introduced later)
	[jessie] - linux <not-affected> (Vulnerability introduced later)
	NOTE: https://git.kernel.org/linus/088aaf17aa79300cab14dbee2569c58cfafd7d6e
CVE-2019-15919 (An issue was discovered in the Linux kernel before 5.0.10. SMB2_write  ...)
	- linux 4.19.37-1
	[stretch] - linux <not-affected> (Vulnerability introduced later)
	[jessie] - linux <not-affected> (Vulnerability introduced later)
	NOTE: https://git.kernel.org/linus/6a3eb3360667170988f8a6477f6686242061488a
CVE-2019-15918 (An issue was discovered in the Linux kernel before 5.0.10. SMB2_negoti ...)
	- linux 5.2.6-1
	[buster] - linux 4.19.87-1
	[stretch] - linux <not-affected> (Vulnerability introduced later)
	[jessie] - linux <not-affected> (Vulnerability introduced later)
	NOTE: https://git.kernel.org/linus/b57a55e2200ede754e4dc9cce4ba9402544b9365
CVE-2019-15917 (An issue was discovered in the Linux kernel before 5.0.5. There is a u ...)
	{DLA-2114-1 DLA-1930-1}
	- linux 4.19.37-1
	[stretch] - linux 4.9.210-1
	NOTE: https://git.kernel.org/linus/56897b217a1d0a91c9920cb418d6b3fe922f590a
CVE-2019-15916 (An issue was discovered in the Linux kernel before 5.0.1. There is a m ...)
	- linux 4.19.28-1
	[stretch] - linux 4.9.168-1
	[jessie] - linux 3.16.70-1
	NOTE: https://git.kernel.org/linus/895a5e96dbd6386c8e78e5b78e067dcc67b7f0ab
CVE-2019-15915 (An issue was discovered on Xiaomi DGNWG03LM, ZNCZ03LM, MCCGQ01LM, RTCG ...)
	NOT-FOR-US: Xiaomi devices
CVE-2019-15914 (An issue was discovered on Xiaomi DGNWG03LM, ZNCZ03LM, MCCGQ01LM, WSDC ...)
	NOT-FOR-US: Xiaomi devices
CVE-2019-15913 (An issue was discovered on Xiaomi DGNWG03LM, ZNCZ03LM, MCCGQ01LM, WSDC ...)
	NOT-FOR-US: Xiaomi devices
CVE-2019-15912 (An issue was discovered on ASUS HG100, MW100, WS-101, TS-101, AS-101,  ...)
	NOT-FOR-US: ASUS devices
CVE-2019-15911 (An issue was discovered on ASUS HG100, MW100, WS-101, TS-101, AS-101,  ...)
	NOT-FOR-US: ASUS devices
CVE-2019-15910 (An issue was discovered on ASUS HG100, MW100, WS-101, TS-101, AS-101,  ...)
	NOT-FOR-US: ASUS devices
CVE-2019-15909
	RESERVED
CVE-2019-15908
	RESERVED
CVE-2019-15907
	RESERVED
CVE-2019-15906
	RESERVED
CVE-2019-15905
	RESERVED
CVE-2019-15904
	RESERVED
CVE-2019-15903 (In libexpat before 2.2.8, crafted XML input could fool the parser into ...)
	{DSA-4571-1 DSA-4549-1 DSA-4530-1 DLA-1997-1 DLA-1987-1 DLA-1912-1}
	- expat 2.2.7-2 (bug #939394)
	- firefox 70.0-1
	- firefox-esr 68.2.0esr-1
	- chromium <not-affected> (uses system libexpat)
	- thunderbird 1:68.2.1-1
	NOTE: https://github.com/libexpat/libexpat/commit/c20b758c332d9a13afbbb276d30db1d183a85d43
	NOTE: https://github.com/libexpat/libexpat/issues/317
	NOTE: https://github.com/libexpat/libexpat/pull/318
	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2019-34/#CVE-2019-15903
	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2019-33/#CVE-2019-15903
	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2019-35/#CVE-2019-15903
	NOTE: src:hromium uses the system expat library.
CVE-2019-15902 (A backporting error was discovered in the Linux stable/longterm kernel ...)
	{DSA-4531-1 DLA-1940-1}
	- linux 5.2.17-1
	[jessie] - linux <not-affected> (Bug never introduced)
	NOTE: https://grsecurity.net/teardown_of_a_failed_linux_lts_spectre_fix.php
CVE-2019-15901 (An issue was discovered in slicer69 doas before 6.2 on certain platfor ...)
	NOT-FOR-US: slicer69 doas
CVE-2019-15900 (An issue was discovered in slicer69 doas before 6.2 on certain platfor ...)
	NOT-FOR-US: slicer69 doas
CVE-2019-15899
	RESERVED
CVE-2019-15898 (Nagios Log Server before 2.0.8 allows Reflected XSS via the username o ...)
	NOT-FOR-US: Nagios Log Server
CVE-2019-15897 (beegfs-ctl in ThinkParQ BeeGFS through 7.1.3 allows Authentication Byp ...)
	NOT-FOR-US: BeeGFS
CVE-2019-15896 (An issue was discovered in the LifterLMS plugin through 3.34.5 for Wor ...)
	NOT-FOR-US: LifterLMS plugin for WordPress
CVE-2019-15895 (search-exclude.php in the "Search Exclude" plugin before 1.2.4 for Wor ...)
	NOT-FOR-US: "Search Exclude" plugin for WordPress
CVE-2019-15894 (An issue was discovered in Espressif ESP-IDF 2.x, 3.0.x through 3.0.9, ...)
	NOT-FOR-US: Espressif
CVE-2019-15893 (Sonatype Nexus Repository Manager 2.x before 2.14.15 allows Remote Cod ...)
	NOT-FOR-US: Sonatype Nexus Repository Manager
CVE-2019-15891 (An issue was discovered in CKFinder through 2.6.2.1 and 3.x through 3. ...)
	NOT-FOR-US: CKFinder
CVE-2019-15890 (libslirp 4.0.0, as used in QEMU 4.1.0, has a use-after-free in ip_reas ...)
	{DSA-4616-1 DLA-1927-1}
	- slirp4netns 0.4.1-1 (bug #939868)
	[buster] - slirp4netns <no-dsa> (Minor issue)
	- qemu 1:4.1-2 (bug #939869)
	- qemu-kvm <removed>
	NOTE: https://www.openwall.com/lists/oss-security/2019/09/06/3
	NOTE: https://gitlab.freedesktop.org/slirp/libslirp/commit/c59279437eda91841b9d26079c70b8a540d41204
	NOTE: 1:4.1-2 switched to system libslirp, marking that version as fixed
CVE-2019-15889 (The download-manager plugin before 2.9.94 for WordPress has XSS via th ...)
	NOT-FOR-US: download-manager plugin for WordPress
CVE-2019-15888
	RESERVED
CVE-2019-15887
	RESERVED
CVE-2019-15886
	RESERVED
CVE-2019-15885
	RESERVED
CVE-2019-15884
	RESERVED
CVE-2019-15883
	RESERVED
CVE-2019-15882
	RESERVED
CVE-2019-15881
	RESERVED
CVE-2019-15880
	RESERVED
CVE-2019-15879
	RESERVED
CVE-2019-15878
	RESERVED
CVE-2019-15877
	RESERVED
CVE-2019-15876
	RESERVED
CVE-2019-15875 (In FreeBSD 12.1-STABLE before r354734, 12.1-RELEASE before 12.1-RELEAS ...)
	- kfreebsd-10 <unfixed> (unimportant)
	NOTE: https://www.freebsd.org/security/advisories/FreeBSD-SA-20:03.thrmisc.asc
CVE-2019-15874
	RESERVED
CVE-2019-15873 (The profilegrid-user-profiles-groups-and-communities plugin before 2.8 ...)
	NOT-FOR-US: profilegrid-user-profiles-groups-and-communities plugin for WordPress
CVE-2019-15872 (The LoginPress plugin before 1.1.4 for WordPress has SQL injection via ...)
	NOT-FOR-US: LoginPress plugin for WordPress
CVE-2019-15871 (The LoginPress plugin before 1.1.4 for WordPress has no capability che ...)
	NOT-FOR-US: LoginPress plugin for WordPress
CVE-2019-15870 (The CarSpot theme before 2.1.7 for WordPress has stored XSS via the Ph ...)
	NOT-FOR-US: CarSpot theme for WordPress
CVE-2019-15869 (The JobCareer theme before 2.5.1 for WordPress has stored XSS. ...)
	NOT-FOR-US: JobCareer theme for WordPress
CVE-2019-15868 (The affiliates-manager plugin before 2.6.6 for WordPress has CSRF. ...)
	NOT-FOR-US: affiliates-manager plugin for WordPress
CVE-2019-15867 (The slick-popup plugin before 1.7.2 for WordPress has a hardcoded Omak ...)
	NOT-FOR-US: slick-popup plugin for WordPress
CVE-2019-15866 (The crelly-slider plugin before 1.3.5 for WordPress has arbitrary file ...)
	NOT-FOR-US: crelly-slider plugin for WordPress
CVE-2019-15865 (The breadcrumbs-by-menu plugin before 1.0.3 for WordPress has CSRF. ...)
	NOT-FOR-US: breadcrumbs-by-menu plugin for WordPress
CVE-2019-15864 (The breadcrumbs-by-menu plugin before 1.0.3 for WordPress has XSS. ...)
	NOT-FOR-US: breadcrumbs-by-menu plugin for WordPress
CVE-2019-15863 (The ConvertPlus plugin before 3.4.5 for WordPress has an unintended ac ...)
	NOT-FOR-US: ConvertPlus plugin for WordPress
CVE-2019-15892 (An issue was discovered in Varnish Cache before 6.0.4 LTS, and 6.1.x a ...)
	{DSA-4514-1}
	- varnish 6.2.1-1 (bug #939333)
	[stretch] - varnish <not-affected> (Only a security issue in 6.0 and later)
	[jessie] - varnish <not-affected> (Only a security issue in 6.0 and later)
	NOTE: https://varnish-cache.org/security/VSV00003.html
	NOTE: https://github.com/varnishcache/varnish-cache/commit/1cb778f6f69737109e8c070a74b8e95b78f46d13
	NOTE: https://github.com/varnishcache/varnish-cache/commit/0f0e51e9871ed1bd1236378f8b0dea0d33df4e9e
	NOTE: https://github.com/varnishcache/varnish-cache/commit/72df38fa8bfc0f5ca4a75d3e32657e8e590d85ab
	NOTE: https://github.com/varnishcache/varnish-cache/commit/dd47e658a0de9d12c433a4a01fb43ea4fe4d3a41
	NOTE: https://github.com/varnishcache/varnish-cache/commit/34717183beda3803e3d54c9826a1a9f026ca2505
	NOTE: https://github.com/varnishcache/varnish-cache/commit/ec3997a59a93cbc13a3cba22dfe0b4c4710a8f65
	NOTE: https://github.com/varnishcache/varnish-cache/commit/af13de03eaa3d04f60ada52ed3235d545b8d3973
	NOTE: https://github.com/varnishcache/varnish-cache/commit/6da64a47beff44ecdb45c82b033811f2d19819af
CVE-2019-15862 (An issue was discovered in CKFinder through 2.6.2.1. Improper checks o ...)
	NOT-FOR-US: CKFinder
CVE-2019-15861
	RESERVED
CVE-2019-15860 (Xpdf 2.00 allows a SIGSEGV in XRef::constructXRef in XRef.cc. NOTE: 2. ...)
	- xpdf <not-affected> (xpdf in Debian uses poppler, which is fixed)
CVE-2019-15859 (Password disclosure in the web interface on socomec DIRIS A-40 devices ...)
	NOT-FOR-US: DIRIS
CVE-2019-15858 (admin/includes/class.import.snippet.php in the "Woody ad snippets" plu ...)
	NOT-FOR-US: "Woody ad snippets" plugin for WordPress
CVE-2019-15857
	RESERVED
CVE-2019-15856
	RESERVED
CVE-2019-15855 (An issue was discovered in Maarch RM before 2.5. A path traversal vuln ...)
	NOT-FOR-US: Maarch RM
CVE-2019-15854 (An issue was discovered in Maarch RM before 2.5. A privilege escalatio ...)
	NOT-FOR-US: Maarch RM
CVE-2019-15853
	RESERVED
CVE-2019-15852
	RESERVED
CVE-2019-15851
	REJECTED
CVE-2019-15850 (eQ-3 HomeMatic CCU3 firmware version 3.41.11 allows Remote Code Execut ...)
	NOT-FOR-US: eQ-3 HomeMatic CCU3
CVE-2019-15849 (eQ-3 HomeMatic CCU3 firmware 3.41.11 allows session fixation. An attac ...)
	NOT-FOR-US: eQ-3 HomeMatic CCU3
CVE-2019-15848 (JetBrains TeamCity 2019.1 and 2019.1.1 allows cross-site scripting (XS ...)
	NOT-FOR-US: JetBrains TeamCity
CVE-2019-15847 (The POWER9 backend in GNU Compiler Collection (GCC) before version 10  ...)
	- gcc-7 <unfixed>
	[buster] - gcc-7 <ignored> (minor issue, affects only POWER9 binaries)
	- gcc-8 <unfixed>
	[buster] - gcc-8 <ignored> (minor issue, affects only POWER9 binaries)
	- gcc-9 9.2.1-7 (low)
	NOTE: https://gcc.gnu.org/bugzilla/show_bug.cgi?id=91481
CVE-2019-15846 (Exim before 4.92.2 allows remote attackers to execute arbitrary code a ...)
	{DSA-4517-1 DLA-1911-1}
	- exim4 4.92.1-3
	NOTE: https://www.openwall.com/lists/oss-security/2019/09/04/1
	NOTE: https://git.exim.org/exim.git/commit/2600301ba6dbac5c9d640c87007a07ee6dcea1f4
CVE-2019-15845 (Ruby through 2.4.7, 2.5.x through 2.5.6, and 2.6.x through 2.6.4 misha ...)
	{DSA-4587-1 DSA-4586-1 DLA-2007-1}
	- ruby2.5 2.5.7-1
	- ruby2.3 <removed>
	- ruby2.1 <removed>
	- jruby <unfixed>
	[jessie] - jruby <not-affected> (vulnerable code is not present)
	NOTE: https://github.com/ruby/ruby/commit/a0a2640b398cffd351f87d3f6243103add66575b
	NOTE: https://hackerone.com/reports/449617
	NOTE: https://www.ruby-lang.org/en/news/2019/10/01/nul-injection-file-fnmatch-cve-2019-15845/
CVE-2019-15844
	RESERVED
CVE-2019-15843 (A malicious file upload vulnerability was discovered in Xiaomi Millet  ...)
	NOT-FOR-US: Xiaomi
CVE-2019-15842 (The easy-pdf-restaurant-menu-upload plugin before 1.1.2 for WordPress  ...)
	NOT-FOR-US: easy-pdf-restaurant-menu-upload plugin for WordPress
CVE-2019-15841 (The facebook-for-woocommerce plugin before 1.9.15 for WordPress has CS ...)
	NOT-FOR-US: facebook-for-woocommerce plugin for WordPress
CVE-2019-15840 (The facebook-for-woocommerce plugin before 1.9.14 for WordPress has CS ...)
	NOT-FOR-US: facebook-for-woocommerce plugin for WordPress
CVE-2019-15839 (The sina-extension-for-elementor plugin before 2.2.1 for WordPress has ...)
	NOT-FOR-US: sina-extension-for-elementor plugin for WordPress
CVE-2019-15838 (The custom-404-pro plugin before 3.2.8 for WordPress has reflected XSS ...)
	NOT-FOR-US: custom-404-pro plugin for WordPress
CVE-2019-15837 (The webp-express plugin before 0.14.8 for WordPress has stored XSS. ...)
	NOT-FOR-US: webp-express plugin for WordPress
CVE-2019-15836 (The wp-ultimate-recipe plugin before 3.12.7 for WordPress has stored X ...)
	NOT-FOR-US: wp-ultimate-recipe plugin for WordPress
CVE-2019-15835 (The wp-better-permalinks plugin before 3.0.5 for WordPress has CSRF. ...)
	NOT-FOR-US: wp-better-permalinks plugin for WordPress
CVE-2019-15834 (The webp-converter-for-media plugin before 1.0.3 for WordPress has CSR ...)
	NOT-FOR-US: webp-converter-for-media plugin for WordPress
CVE-2019-15833 (The simple-mail-address-encoder plugin before 1.7 for WordPress has re ...)
	NOT-FOR-US: simple-mail-address-encoder plugin for WordPress
CVE-2019-15832 (The visitors-traffic-real-time-statistics plugin before 1.13 for WordP ...)
	NOT-FOR-US: visitors-traffic-real-time-statistics plugin for WordPress
CVE-2019-15831 (The visitors-traffic-real-time-statistics plugin before 1.12 for WordP ...)
	NOT-FOR-US: visitors-traffic-real-time-statistics plugin for WordPress
CVE-2019-15830 (The icegram plugin before 1.10.29 for WordPress has ig_cat_list XSS. ...)
	NOT-FOR-US: icegram plugin for WordPress
CVE-2019-15829 (The photoblocks-grid-gallery plugin before 1.1.33 for WordPress has wp ...)
	NOT-FOR-US: photoblocks-grid-gallery plugin for WordPress
CVE-2019-15828 (The one-click-ssl plugin before 1.4.7 for WordPress has CSRF. ...)
	NOT-FOR-US: one-click-ssl plugin for WordPress
CVE-2019-15827 (The onesignal-free-web-push-notifications plugin before 1.17.8 for Wor ...)
	NOT-FOR-US: onesignal-free-web-push-notifications plugin for WordPress
CVE-2019-15826 (The wps-hide-login plugin before 1.5.3 for WordPress has a protection  ...)
	NOT-FOR-US: wps-hide-login plugin for WordPress
CVE-2019-15825 (The wps-hide-login plugin before 1.5.3 for WordPress has an action=rp& ...)
	NOT-FOR-US: wps-hide-login plugin for WordPress
CVE-2019-15824 (The wps-hide-login plugin before 1.5.3 for WordPress has an adminhash  ...)
	NOT-FOR-US: wps-hide-login plugin for WordPress
CVE-2019-15823 (The wps-hide-login plugin before 1.5.3 for WordPress has an action=con ...)
	NOT-FOR-US: wps-hide-login plugin for WordPress
CVE-2019-15822 (The wps-child-theme-generator plugin before 1.2 for WordPress has clas ...)
	NOT-FOR-US: wps-child-theme-generator plugin for WordPress
CVE-2019-15821 (The bold-page-builder plugin before 2.3.2 for WordPress has no protect ...)
	NOT-FOR-US: bold-page-builder plugin for WordPress
CVE-2019-15820 (The login-or-logout-menu-item plugin before 1.2.0 for WordPress has no ...)
	NOT-FOR-US: login-or-logout-menu-item plugin for WordPress
CVE-2019-15819 (The nd-restaurant-reservations plugin before 1.5 for WordPress has no  ...)
	NOT-FOR-US: nd-restaurant-reservations plugin for WordPress
CVE-2019-15818 (The simple-301-redirects-addon-bulk-uploader plugin through 1.2.4 for  ...)
	NOT-FOR-US: simple-301-redirects-addon-bulk-uploader plugin for WordPress
CVE-2019-15817 (The easy-property-listings plugin before 3.4 for WordPress has XSS. ...)
	NOT-FOR-US: easy-property-listings plugin for WordPress
CVE-2019-15816 (The wp-private-content-plus plugin before 2.0 for WordPress has no pro ...)
	NOT-FOR-US: wp-private-content-plus plugin for WordPress
CVE-2019-15815 (ZyXEL P-1302-T10D v3 devices with firmware version 2.00(ABBX.3) and ea ...)
	NOT-FOR-US: ZyXEL
CVE-2019-15814 (Multiple stored XSS vulnerabilities in Sentrifugo 3.2 could allow auth ...)
	NOT-FOR-US: Sentrifugo
CVE-2019-15813 (Multiple file upload restriction bypass vulnerabilities in Sentrifugo  ...)
	NOT-FOR-US: Sentrifugo
CVE-2019-15812
	RESERVED
CVE-2019-15811 (In DomainMOD through 4.13, the parameter daterange in the file reporti ...)
	NOT-FOR-US: DomainMOD
CVE-2019-15810 (Insufficient sanitization during device search in Netdisco 2.042010 al ...)
	NOT-FOR-US: Netdisco
CVE-2019-15809 (Smart cards from the Athena SCS manufacturer, based on the Atmel Toolb ...)
	NOT-FOR-US: Athena SCS
CVE-2019-15808
	RESERVED
CVE-2019-15806 (CommScope ARRIS TR4400 devices with firmware through A1.00.004-180301  ...)
	NOT-FOR-US: CommScope ARRIS TR4400 devices
CVE-2019-15805 (CommScope ARRIS TR4400 devices with firmware through A1.00.004-180301  ...)
	NOT-FOR-US: CommScope ARRIS TR4400 devices
CVE-2019-15804 (An issue was discovered on Zyxel GS1900 devices with firmware before 2 ...)
	NOT-FOR-US: Zyxel
CVE-2019-15803 (An issue was discovered on Zyxel GS1900 devices with firmware before 2 ...)
	NOT-FOR-US: Zyxel
CVE-2019-15802 (An issue was discovered on Zyxel GS1900 devices with firmware before 2 ...)
	NOT-FOR-US: Zyxel
CVE-2019-15801 (An issue was discovered on Zyxel GS1900 devices with firmware before 2 ...)
	NOT-FOR-US: Zyxel
CVE-2019-15800 (An issue was discovered on Zyxel GS1900 devices with firmware before 2 ...)
	NOT-FOR-US: Zyxel
CVE-2019-15799 (An issue was discovered on Zyxel GS1900 devices with firmware before 2 ...)
	NOT-FOR-US: Zyxel
CVE-2019-15798
	RESERVED
CVE-2019-15797
	RESERVED
CVE-2019-15796 (Python-apt doesn't check if hashes are signed in `Version.fetch_binary ...)
	{DSA-4609-1 DLA-2074-1}
	- python-apt 1.8.5
	NOTE: https://salsa.debian.org/apt-team/python-apt/commit/b4eef110b7ba4fb21cc0dd92585756f50e0100c9 (1.8.5)
	NOTE: https://salsa.debian.org/apt-team/python-apt/commit/e3321eb9792bf3b4cace4cee47dc6da00fbee929 (1.8.5)
CVE-2019-15795 (python-apt only checks the MD5 sums of downloaded files in `Version.fe ...)
	{DSA-4609-1 DLA-2074-1}
	- python-apt 1.8.5
	NOTE: https://salsa.debian.org/apt-team/python-apt/commit/e175130e51c2b0424f3dfeb825e3dc598fec1a24 (1.8.5)
CVE-2019-15794
	RESERVED
	- linux <unfixed>
	[stretch] - linux <not-affected> (overlayfs passes through mmap)
	[jessie] - linux <not-affected> (overlayfs not present)
	NOTE: https://bugs.launchpad.net/bugs/1850994
CVE-2019-15793
	RESERVED
	- linux <not-affected> (Ubuntu-specific patch set, shiftfs not in Debian kernels)
	NOTE: https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1850867
CVE-2019-15792
	RESERVED
	- linux <not-affected> (Ubuntu-specific patch set, shiftfs not in Debian kernels)
	NOTE: https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1850867
CVE-2019-15791
	RESERVED
	- linux <not-affected> (Ubuntu-specific patch set, shiftfs not in Debian kernels)
	NOTE: https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1850867
CVE-2019-15790
	RESERVED
	NOT-FOR-US: Apport
CVE-2019-15789 (Privilege escalation vulnerability in MicroK8s allows a low privilege  ...)
	NOT-FOR-US: MicroK8s
CVE-2019-15807 (In the Linux kernel before 5.1.13, there is a memory leak in drivers/s ...)
	{DLA-1930-1 DLA-1919-1}
	- linux 5.2.6-1
	[buster] - linux 4.19.67-1
	[stretch] - linux 4.9.184-1
	NOTE: https://git.kernel.org/linus/3b0541791453fbe7f42867e310e0c9eb6295364d
CVE-2019-15788 (Clara Genomics Analysis before 0.2.0 has an integer overflow for cudap ...)
	NOT-FOR-US: Clara Genomics Analysis
CVE-2019-15787 (libZetta.rs through 0.1.2 has an integer overflow in the zpool parser  ...)
	NOT-FOR-US: libzetta-rs
CVE-2019-15786 (ROBOTIS Dynamixel SDK through 3.7.11 has a buffer overflow via a large ...)
	NOT-FOR-US: ROBOTIS Dynamixel SDK
CVE-2019-15785 (FontForge 20190813 through 20190820 has a buffer overflow in PrefsUI_L ...)
	- fontforge <not-affected> (Vulnerable code introduced later)
	NOTE: https://github.com/fontforge/fontforge/pull/3886
CVE-2019-15784 (Secure Reliable Transport (SRT) through 1.3.4 has a CSndUList array ov ...)
	- srt 1.4.0-1 (bug #939040)
	NOTE: https://github.com/Haivision/srt/pull/811
CVE-2019-15783 (Lute-Tab before 2019-08-23 has a buffer overflow in pdf_print.cc. ...)
	- lute-tab <itp> (bug #825785)
CVE-2019-15782 (WebTorrent before 0.107.6 allows XSS in the HTTP server via a title or ...)
	NOT-FOR-US: WebTorrent
CVE-2019-15781 (The facebook-by-weblizar plugin before 2.8.5 for WordPress has CSRF. ...)
	NOT-FOR-US: facebook-by-weblizar plugin for WordPress
CVE-2019-15780 (The formidable plugin before 4.02.01 for WordPress has unsafe deserial ...)
	NOT-FOR-US: formidable plugin for WordPress
CVE-2019-15779 (The insta-gallery plugin before 2.4.8 for WordPress has no nonce valid ...)
	NOT-FOR-US: insta-gallery plugin for WordPress
CVE-2019-15778 (The woo-variation-gallery plugin before 1.1.29 for WordPress has XSS. ...)
	NOT-FOR-US: woo-variation-gallery plugin for WordPress
CVE-2019-15777 (The shapepress-dsgvo plugin before 2.2.19 for WordPress has wp-admin/a ...)
	NOT-FOR-US: shapepress-dsgvo plugin for WordPress
CVE-2019-15776 (The simple-301-redirects-addon-bulk-uploader plugin before 1.2.5 for W ...)
	NOT-FOR-US: simple-301-redirects-addon-bulk-uploader plugin for WordPress
CVE-2019-15775 (The nd-learning plugin before 4.8 for WordPress has a nopriv_ AJAX act ...)
	NOT-FOR-US: nd-learning plugin for WordPress
CVE-2019-15774 (The nd-booking plugin before 2.5 for WordPress has a nopriv_ AJAX acti ...)
	NOT-FOR-US: nd-booking plugin for WordPress
CVE-2019-15773 (The nd-travel plugin before 1.7 for WordPress has a nopriv_ AJAX actio ...)
	NOT-FOR-US: nd-travel plugin for WordPress
CVE-2019-15772 (The nd-donations plugin before 1.4 for WordPress has a nopriv_ AJAX ac ...)
	NOT-FOR-US: nd-donations plugin for WordPress
CVE-2019-15771 (The nd-shortcodes plugin before 6.0 for WordPress has a nopriv_ AJAX a ...)
	NOT-FOR-US: nd-shortcodes plugin for WordPress
CVE-2019-15770 (The woo-address-book plugin before 1.6.0 for WordPress has save calls  ...)
	NOT-FOR-US: woo-address-book plugin for WordPress
CVE-2019-15769 (The handl-utm-grabber plugin before 2.6.5 for WordPress has CSRF via a ...)
	NOT-FOR-US: handl-utm-grabber plugin for WordPress
CVE-2019-15768
	RESERVED
CVE-2019-15767 (In GNU Chess 6.2.5, there is a stack-based buffer overflow in the cmd_ ...)
	- gnuchess <unfixed> (unimportant; bug #936023)
	NOTE: https://lists.gnu.org/archive/html/bug-gnu-chess/2019-08/msg00004.html
	NOTE: Neutralised by toolchain hardening, no security impact
CVE-2019-15766 (The KSLABS KSWEB (aka ru.kslabs.ksweb) application 3.93 for Android al ...)
	NOT-FOR-US: KSLABS KSWEB
CVE-2019-15765
	RESERVED
CVE-2019-15764
	RESERVED
CVE-2019-15763
	RESERVED
CVE-2019-15762
	RESERVED
CVE-2019-15761
	RESERVED
CVE-2019-15760
	RESERVED
CVE-2019-15759 (An issue was discovered in Binaryen 1.38.32. Two visitors in ir/Expres ...)
	- binaryen 89-1 (unimportant; bug #936024)
	NOTE: https://github.com/WebAssembly/binaryen/issues/2288
	NOTE: Crash in CLI tool, no security impact
CVE-2019-15758 (An issue was discovered in Binaryen 1.38.32. Missing validation rules  ...)
	- binaryen 89-1 (unimportant; bug #936024)
	NOTE: https://github.com/WebAssembly/binaryen/issues/2288
	NOTE: Crash in CLI tool, no security impact
CVE-2019-15757 (libMirage 3.2.2 in CDemu has a NULL pointer dereference in the NRG par ...)
	NOT-FOR-US: libMirage
CVE-2019-15756
	RESERVED
CVE-2019-15755
	RESERVED
CVE-2019-15754
	RESERVED
CVE-2019-15753 (In OpenStack os-vif 1.15.x before 1.15.2, and 1.16.0, a hard-coded MAC ...)
	- python-os-vif 1.15.2-1 (low; bug #939288)
	[buster] - python-os-vif <not-affected> (Vulnerable code introduced in 1.15.0)
	[stretch] - python-os-vif <not-affected> (Vulnerable code introduced in 1.15.0)
	NOTE: https://security.openstack.org/ossa/OSSA-2019-004.html
	NOTE: https://launchpad.net/bugs/1837252
CVE-2019-15752 (Docker Desktop Community Edition before 2.1.0.1 allows local users to  ...)
	- docker.io <not-affected> (Issue specific to Docker for Windows)
CVE-2019-15751 (An unrestricted file upload vulnerability in SITOS six Build v6.2.1 al ...)
	NOT-FOR-US: SITOS
CVE-2019-15750 (A Cross-Site Scripting (XSS) vulnerability in the blog function in SIT ...)
	NOT-FOR-US: SITOS
CVE-2019-15749 (SITOS six Build v6.2.1 allows a user to change their password and reco ...)
	NOT-FOR-US: SITOS
CVE-2019-15748 (SITOS six Build v6.2.1 permits unauthorised users to upload and import ...)
	NOT-FOR-US: SITOS
CVE-2019-15747 (SITOS six Build v6.2.1 allows a user with the user role of Seminar Coo ...)
	NOT-FOR-US: SITOS
CVE-2019-15746 (SITOS six Build v6.2.1 allows an attacker to inject arbitrary PHP comm ...)
	NOT-FOR-US: SITOS
CVE-2019-15745 (The Eques elf smart plug and the mobile app use a hardcoded AES 256 bi ...)
	NOT-FOR-US: Eques elf smart plug
CVE-2019-15744 (The Sony Xperia Xperia XZs Android device with a build fingerprint of  ...)
	NOT-FOR-US: Sony
CVE-2019-15743 (The Sony Xperia Touch Android device with a build fingerprint of Sony/ ...)
	NOT-FOR-US: Sony
CVE-2019-15742 (A local privilege-escalation vulnerability exists in the Poly Plantron ...)
	NOT-FOR-US: Poly Plantronics Hub
CVE-2019-15741 (An issue was discovered in GitLab Omnibus 7.4 through 12.2.1. An unsaf ...)
	NOT-FOR-US: GitLab Omnibus
CVE-2019-15740 (An issue was discovered in GitLab Community and Enterprise Edition 7.9 ...)
	[experimental] - gitlab 12.0.8-1
	- gitlab 12.6.8-3
	NOTE: https://about.gitlab.com/2019/08/29/security-release-gitlab-12-dot-2-dot-3-released/
CVE-2019-15739 (An issue was discovered in GitLab Community and Enterprise Edition 8.1 ...)
	[experimental] - gitlab 12.0.8-1
	- gitlab 12.6.8-3
	NOTE: https://about.gitlab.com/2019/08/29/security-release-gitlab-12-dot-2-dot-3-released/
CVE-2019-15738 (An issue was discovered in GitLab Community and Enterprise Edition 12. ...)
	- gitlab <not-affected> (Only affects 12.0 and later)
	NOTE: https://about.gitlab.com/2019/08/29/security-release-gitlab-12-dot-2-dot-3-released/
CVE-2019-15737 (An issue was discovered in GitLab Community and Enterprise Edition thr ...)
	[experimental] - gitlab 12.0.8-1
	- gitlab 12.6.8-3
	NOTE: https://about.gitlab.com/2019/08/29/security-release-gitlab-12-dot-2-dot-3-released/
CVE-2019-15736 (An issue was discovered in GitLab Community and Enterprise Edition thr ...)
	[experimental] - gitlab 12.0.8-1
	- gitlab 12.6.8-3
	NOTE: https://about.gitlab.com/2019/08/29/security-release-gitlab-12-dot-2-dot-3-released/
CVE-2019-15735
	RESERVED
CVE-2019-15734 (An issue was discovered in GitLab Community and Enterprise Edition 8.6 ...)
	[experimental] - gitlab 12.0.8-1
	- gitlab 12.6.8-3
	NOTE: https://about.gitlab.com/2019/08/29/security-release-gitlab-12-dot-2-dot-3-released/
CVE-2019-15733 (An issue was discovered in GitLab Community and Enterprise Edition 7.1 ...)
	[experimental] - gitlab 12.0.8-1
	- gitlab 12.6.8-3
	NOTE: https://about.gitlab.com/2019/08/29/security-release-gitlab-12-dot-2-dot-3-released/
CVE-2019-15732 (An issue was discovered in GitLab Community and Enterprise Edition 12. ...)
	- gitlab <not-affected> (Only affects 12.2 and later)
	NOTE: https://about.gitlab.com/2019/08/29/security-release-gitlab-12-dot-2-dot-3-released/
CVE-2019-15731 (An issue was discovered in GitLab Community and Enterprise Edition 12. ...)
	- gitlab <not-affected> (Only affects 12.0 and later)
	NOTE: https://about.gitlab.com/2019/08/29/security-release-gitlab-12-dot-2-dot-3-released/
CVE-2019-15730 (An issue was discovered in GitLab Community and Enterprise Edition 8.1 ...)
	[experimental] - gitlab 12.0.8-1
	- gitlab 12.6.8-3
	NOTE: https://about.gitlab.com/2019/08/29/security-release-gitlab-12-dot-2-dot-3-released/
CVE-2019-15729 (An issue was discovered in GitLab Community and Enterprise Edition 8.1 ...)
	[experimental] - gitlab 12.0.8-1
	- gitlab 12.6.8-3
	NOTE: https://about.gitlab.com/2019/08/29/security-release-gitlab-12-dot-2-dot-3-released/
CVE-2019-15728 (An issue was discovered in GitLab Community and Enterprise Edition 10. ...)
	[experimental] - gitlab 12.0.8-1
	- gitlab 12.6.8-3
	NOTE: https://about.gitlab.com/2019/08/29/security-release-gitlab-12-dot-2-dot-3-released/
CVE-2019-15727 (An issue was discovered in GitLab Community and Enterprise Edition 11. ...)
	[experimental] - gitlab 12.0.8-1
	- gitlab 12.6.8-3
	NOTE: https://about.gitlab.com/2019/08/29/security-release-gitlab-12-dot-2-dot-3-released/
CVE-2019-15726 (An issue was discovered in GitLab Community and Enterprise Edition thr ...)
	[experimental] - gitlab 12.0.8-1
	- gitlab 12.6.8-3
	NOTE: https://about.gitlab.com/2019/08/29/security-release-gitlab-12-dot-2-dot-3-released/
CVE-2019-15725 (An issue was discovered in GitLab Community and Enterprise Edition 12. ...)
	- gitlab <not-affected> (only affects 12.0 and later)
	NOTE: https://about.gitlab.com/2019/08/29/security-release-gitlab-12-dot-2-dot-3-released/
CVE-2019-15724 (An issue was discovered in GitLab Community and Enterprise Edition 11. ...)
	- gitlab <not-affected> (Only affects 11.10 and later)
	NOTE: https://about.gitlab.com/2019/08/29/security-release-gitlab-12-dot-2-dot-3-released/
CVE-2019-15723 (An issue was discovered in GitLab Community and Enterprise Edition 11. ...)
	- gitlab <not-affected> (Only affects versions 11.9.4-11.10.0)
	NOTE: https://about.gitlab.com/2019/08/29/security-release-gitlab-12-dot-2-dot-3-released/
CVE-2019-15722 (An issue was discovered in GitLab Community and Enterprise Edition 8.1 ...)
	[experimental] - gitlab 12.0.8-1
	- gitlab 12.6.8-3
	NOTE: https://about.gitlab.com/2019/08/29/security-release-gitlab-12-dot-2-dot-3-released/
CVE-2019-15721 (An issue was discovered in GitLab Community and Enterprise Edition 10. ...)
	[experimental] - gitlab 12.0.8-1
	- gitlab 12.6.8-3
	NOTE: https://about.gitlab.com/2019/08/29/security-release-gitlab-12-dot-2-dot-3-released/
CVE-2019-15720 (CloudBerry Backup v6.1.2.34 allows local privilege escalation via a Pr ...)
	NOT-FOR-US: CloudBerry Backup
CVE-2019-15719 (Altair PBS Professional through 19.1.2 allows Privilege Escalation bec ...)
	NOT-FOR-US: Altair PBS Professional
CVE-2019-15718 (In systemd 240, bus_open_system_watch_bind_with_description in shared/ ...)
	- systemd 242-7 (bug #939353)
	[buster] - systemd 241-7~deb10u2
	[stretch] - systemd <not-affected> (Vulnerable code introduced later)
	[jessie] - systemd <not-affected> (Vulnerable code introduced later)
	NOTE: https://www.openwall.com/lists/oss-security/2019/09/03/1
	NOTE: https://github.com/systemd/systemd/pull/13457
	NOTE: https://github.com/systemd/systemd/commit/35e528018f315798d3bffcb592b32a0d8f5162bd
CVE-2019-15717 (Irssi 1.2.x before 1.2.2 has a use-after-free if the IRC server sends  ...)
	- irssi 1.2.2-1 (bug #936074)
	[buster] - irssi <no-dsa> (Minor issue)
	[stretch] - irssi <not-affected> (Vulnerable code not present)
	[jessie] - irssi <not-affected> (Vulnerable code not present)
	NOTE: https://www.openwall.com/lists/oss-security/2019/08/29/3
	NOTE: https://irssi.org/security/irssi_sa_2019_08.txt
	NOTE: https://github.com/irssi/irssi/commit/5a4e7ab659aba2855895c9f43e9a7a131f4e89b3
CVE-2019-15716 (WTF before 0.19.0 does not set the permissions of config.yml, which mi ...)
	NOT-FOR-US: wtfutil
CVE-2019-15715 (MantisBT before 1.3.20 and 2.22.1 allows Post Authentication Command I ...)
	- mantis <removed>
CVE-2019-15714 (cli/lib/main.js in Entropic before 2019-06-13 does not reject / and \  ...)
	NOT-FOR-US: Entropic
CVE-2019-15713 (The my-calendar plugin before 3.1.10 for WordPress has XSS. ...)
	NOT-FOR-US: my-calendar plugin for WordPress
CVE-2019-15712 (An improper access control vulnerability in FortiMail admin webUI 6.2. ...)
	NOT-FOR-US: FortiMail admin webUI
CVE-2019-15711 (A privilege escalation vulnerability in FortiClient for Linux 6.2.1 an ...)
	NOT-FOR-US: Fortiguard FortiClient
CVE-2019-15710 (An OS command injection vulnerability in FortiExtender 4.1.0 to 4.1.1, ...)
	NOT-FOR-US: FortiExtender
CVE-2019-15709
	RESERVED
CVE-2019-15708 (A system command injection vulnerability in the FortiAP-S/W2 6.2.1, 6. ...)
	NOT-FOR-US: Fortiguard
CVE-2019-15707 (An improper access control vulnerability in FortiMail admin webUI 6.2. ...)
	NOT-FOR-US: FortiMail admin webUI
CVE-2019-15706
	RESERVED
CVE-2019-15705 (An Improper Input Validation vulnerability in the SSL VPN portal of Fo ...)
	NOT-FOR-US: Fortinet FortiOS
CVE-2019-15704 (A clear text storage of sensitive information vulnerability in FortiCl ...)
	NOT-FOR-US: Fortinet
CVE-2019-15703 (An Insufficient Entropy in PRNG vulnerability in Fortinet FortiOS 6.2. ...)
	NOT-FOR-US: Fortinet
CVE-2019-15702 (In the TCP implementation (gnrc_tcp) in RIOT through 2019.07, the pars ...)
	NOT-FOR-US: RIOT RIOT-OS
CVE-2019-15701 (components/Modals/HelpModal.jsx in BloodHound 2.2.0 allows remote atta ...)
	NOT-FOR-US: BloodHound
CVE-2019-15700 (public/js/frappe/form/footer/timeline.js in Frappe Framework 12 throug ...)
	NOT-FOR-US: Frappe Framework
CVE-2019-15699 (An issue was discovered in app-layer-ssl.c in Suricata 4.1.4. Upon rec ...)
	- suricata 1:4.1.5-1 (low)
	[buster] - suricata <no-dsa> (Minor issue)
	[stretch] - suricata <no-dsa> (Minor issue)
	[jessie] - suricata <not-affected> (Vulnerable code introduced later)
	NOTE: https://suricata-ids.org/2019/09/24/suricata-4-1-5-released/
CVE-2019-15698 (In Octopus Deploy 2019.7.3 through 2019.7.9, in certain circumstances, ...)
	NOT-FOR-US: Octopus Deploy
CVE-2019-15697
	RESERVED
CVE-2019-15696
	RESERVED
CVE-2019-15695 (TigerVNC version prior to 1.10.1 is vulnerable to stack buffer overflo ...)
	- tigervnc 1.10.1+dfsg-1 (bug #947428)
	[buster] - tigervnc 1.9.0+dfsg-3+deb10u1
	[stretch] - tigervnc 1.7.0+dfsg-7+deb9u1
	NOTE: https://www.openwall.com/lists/oss-security/2019/12/20/2
	NOTE: https://github.com/TigerVNC/tigervnc/commit/05e28490873a861379c943bf616614b78b558b89 (master)
	NOTE: https://github.com/TigerVNC/tigervnc/commit/6c47340e095258a959c95db9aa2a6c715d62bf7c (v1.10.1)
CVE-2019-15694 (TigerVNC version prior to 1.10.1 is vulnerable to heap buffer overflow ...)
	- tigervnc 1.10.1+dfsg-1 (bug #947428)
	[buster] - tigervnc 1.9.0+dfsg-3+deb10u1
	[stretch] - tigervnc 1.7.0+dfsg-7+deb9u1
	NOTE: https://www.openwall.com/lists/oss-security/2019/12/20/2
	NOTE: https://github.com/TigerVNC/tigervnc/commit/0943c006c7d900dfc0281639e992791d6c567438 (master)
	NOTE: https://github.com/TigerVNC/tigervnc/commit/f287032d3643a6437f7de0ed35f4c45bb735522d (v1.10.1)
CVE-2019-15693 (TigerVNC version prior to 1.10.1 is vulnerable to heap buffer overflow ...)
	- tigervnc 1.10.1+dfsg-1 (bug #947428)
	[buster] - tigervnc 1.9.0+dfsg-3+deb10u1
	[stretch] - tigervnc 1.7.0+dfsg-7+deb9u1
	NOTE: https://www.openwall.com/lists/oss-security/2019/12/20/2
	NOTE: https://github.com/TigerVNC/tigervnc/commit/b4ada8d0c6dac98c8b91fc64d112569a8ae5fb95 (master)
	NOTE: https://github.com/TigerVNC/tigervnc/commit/46c081926efd83c90a45c0a96b1b5bc1927e1346 (v1.10.1)
CVE-2019-15692 (TigerVNC version prior to 1.10.1 is vulnerable to heap buffer overflow ...)
	- tigervnc 1.10.1+dfsg-1 (bug #947428)
	[buster] - tigervnc 1.9.0+dfsg-3+deb10u1
	[stretch] - tigervnc 1.7.0+dfsg-7+deb9u1
	NOTE: https://www.openwall.com/lists/oss-security/2019/12/20/2
	NOTE: https://github.com/TigerVNC/tigervnc/commit/996356b6c65ca165ee1ea46a571c32a1dc3c3821 (master)
	NOTE: https://github.com/TigerVNC/tigervnc/commit/ff08ca78b24b5a4ed5263245c7ce8744059ff4ad (v1.10.1)
CVE-2019-15691 (TigerVNC version prior to 1.10.1 is vulnerable to stack use-after-retu ...)
	- tigervnc 1.10.1+dfsg-1 (bug #947428)
	[buster] - tigervnc 1.9.0+dfsg-3+deb10u1
	[stretch] - tigervnc 1.7.0+dfsg-7+deb9u1
	NOTE: https://www.openwall.com/lists/oss-security/2019/12/20/2
	NOTE: https://github.com/TigerVNC/tigervnc/commit/d61a767d6842b530ffb532ddd5a3d233119aad40 (master)
	NOTE: https://github.com/TigerVNC/tigervnc/commit/042de4642293df9b72a08189c249e2da79cbca91 (v1.10.1)
CVE-2019-15690
	RESERVED
	{DLA-2146-1}
	- libvncserver 0.9.12+dfsg-9 (bug #954163)
	[buster] - libvncserver <no-dsa> (Minor issue)
	[stretch] - libvncserver <no-dsa> (Minor issue)
	NOTE: https://www.openwall.com/lists/oss-security/2019/12/20/2
	NOTE: https://github.com/LibVNC/libvncserver/issues/381
	NOTE: https://github.com/LibVNC/libvncserver/commit/54220248886b5001fbbb9fa73c4e1a2cb9413fed
CVE-2019-15689 (Kaspersky Secure Connection, Kaspersky Internet Security, Kaspersky To ...)
	NOT-FOR-US: Kaspersky
CVE-2019-15688 (Kaspersky Anti-Virus, Kaspersky Internet Security, Kaspersky Total Sec ...)
	NOT-FOR-US: Kaspersky
CVE-2019-15687 (Kaspersky Anti-Virus, Kaspersky Internet Security, Kaspersky Total Sec ...)
	NOT-FOR-US: Kaspersky
CVE-2019-15686 (Kaspersky Anti-Virus, Kaspersky Internet Security, Kaspersky Total Sec ...)
	NOT-FOR-US: Kaspersky
CVE-2019-15685 (Kaspersky Anti-Virus, Kaspersky Internet Security, Kaspersky Total Sec ...)
	NOT-FOR-US: Kaspersky
CVE-2019-15684 (Kaspersky Protection extension for web browser Google Chrome prior to  ...)
	NOT-FOR-US: Kaspersky Protection extension for web browser Google Chrome
CVE-2019-15683 (TurboVNC server code contains stack buffer overflow vulnerability in c ...)
	NOT-FOR-US: TurboVNC
CVE-2019-15682 (RDesktop version 1.8.4 contains multiple out-of-bound access read vuln ...)
	{DSA-4473-1 DLA-1837-1}
	- rdesktop 1.8.6-1
	NOTE: https://ics-cert.kaspersky.com/advisories/klcert-advisories/2019/10/30/klcert-19-032-denial-of-service-in-rdesktop-before-1-8-4/
CVE-2019-15681 (LibVNC commit before d01e1bb4246323ba6fcee3b82ef1faa9b1dac82a contains ...)
	{DLA-2045-1 DLA-2014-1 DLA-1979-1 DLA-1977-1}
	[experimental] - libvncserver 0.9.12+dfsg-1
	- libvncserver 0.9.12+dfsg-3 (low; bug #943793)
	[buster] - libvncserver 0.9.11+dfsg-1.3+deb10u1
	[stretch] - libvncserver 0.9.11+dfsg-1.3~deb9u2
	- italc <removed>
	[stretch] - italc 1:3.0.3+dfsg1-1+deb9u1
	- tightvnc 1:1.3.9-9.1
	[buster] - tightvnc 1:1.3.9-9deb10u1
	[stretch] - tightvnc 1:1.3.9-9+deb9u1
	- vino 3.22.0-6 (bug #945784)
	[buster] - vino <no-dsa> (Minor issue)
	[stretch] - vino <no-dsa> (Minor issue)
	NOTE: https://github.com/LibVNC/libvncserver/commit/d01e1bb4246323ba6fcee3b82ef1faa9b1dac82a
CVE-2019-15680 (TightVNC code version 1.3.10 contains null pointer dereference in Hand ...)
	{DLA-2045-1}
	- tightvnc 1:1.3.9-9.1 (unimportant; bug #945364)
	[buster] - tightvnc 1:1.3.9-9deb10u1
	[stretch] - tightvnc 1:1.3.9-9+deb9u1
	- italc <removed> (unimportant)
	- libvncserver <unfixed> (unimportant)
	NOTE: https://www.openwall.com/lists/oss-security/2018/12/10/5
	NOTE: https://github.com/sunweaver/libvncserver/commit/85d00057b5daf71675462c9b175d8cb2d47cd0e1
	NOTE: Non-issue in libvncserver's case: https://github.com/LibVNC/libvncserver/issues/359#issuecomment-599202068
CVE-2019-15679 (TightVNC code version 1.3.10 contains heap buffer overflow in Initiali ...)
	{DLA-2045-1}
	- tightvnc 1:1.3.9-9.1 (bug #945364)
	[buster] - tightvnc 1:1.3.9-9deb10u1
	[stretch] - tightvnc 1:1.3.9-9+deb9u1
	NOTE: https://www.openwall.com/lists/oss-security/2018/12/10/5
	NOTE: https://github.com/LibVNC/libvncserver/commit/c2c4b81e6cb3b485fb1ec7ba9e7defeb889f6ba7
	NOTE: part of CVE-2018-20748/libvncserver
CVE-2019-15678 (TightVNC code version 1.3.10 contains heap buffer overflow in rfbServe ...)
	{DLA-2045-1}
	- tightvnc 1:1.3.9-9.1 (bug #945364)
	[buster] - tightvnc 1:1.3.9-9deb10u1
	[stretch] - tightvnc 1:1.3.9-9+deb9u1
	NOTE: https://www.openwall.com/lists/oss-security/2018/12/10/5
	NOTE: https://github.com/LibVNC/libvncserver/commit/c5ba3fee85a7ecbbca1df5ffd46d32b92757bc2a
	NOTE: part of CVE-2018-20748/libvnvserver
CVE-2019-15677
	RESERVED
CVE-2019-15676
	RESERVED
CVE-2019-15675
	RESERVED
CVE-2019-15674
	RESERVED
CVE-2019-15673
	RESERVED
CVE-2019-15672
	RESERVED
CVE-2019-15671
	RESERVED
CVE-2019-15670
	RESERVED
CVE-2019-15669
	RESERVED
CVE-2019-15668
	RESERVED
CVE-2019-15667
	RESERVED
CVE-2019-15666 (An issue was discovered in the Linux kernel before 5.0.19. There is an ...)
	{DLA-1919-1}
	- linux 5.2.6-1
	[buster] - linux 4.19.67-1
	[stretch] - linux 4.9.184-1
	[jessie] - linux 3.16.72-1
	NOTE: https://git.kernel.org/linus/b805d78d300bcf2c83d6df7da0c818b0fee41427
CVE-2019-15665 (An issue was discovered in Rivet Killer Control Center before 2.1.1352 ...)
	NOT-FOR-US: Rivet Killer Control Center
CVE-2019-15664 (An issue was discovered in Rivet Killer Control Center before 2.1.1352 ...)
	NOT-FOR-US: Rivet Killer Control Center
CVE-2019-15663 (An issue was discovered in Rivet Killer Control Center before 2.1.1352 ...)
	NOT-FOR-US: Rivet Killer Control Center
CVE-2019-15662 (An issue was discovered in Rivet Killer Control Center before 2.1.1352 ...)
	NOT-FOR-US: Rivet Killer Control Center
CVE-2019-15661 (An issue was discovered in Rivet Killer Control Center before 2.1.1352 ...)
	NOT-FOR-US: Rivet Killer Control Center
CVE-2019-15660 (The wp-members plugin before 3.2.8 for WordPress has CSRF. ...)
	NOT-FOR-US: wp-members plugin for WordPress
CVE-2019-15659 (The pie-register plugin before 3.1.2 for WordPress has SQL injection,  ...)
	NOT-FOR-US: pie-register plugin for WordPress
CVE-2019-15658 (connect-pg-simple before 6.0.1 allows SQL injection if tableName or sc ...)
	NOT-FOR-US: connect-pg-simple
CVE-2019-15657 (In eslint-utils before 1.4.1, the getStaticValue function can execute  ...)
	NOT-FOR-US: eslint-utils
CVE-2019-15656 (D-Link DSL-2875AL and DSL-2877AL devices through 1.00.05 are prone to  ...)
	NOT-FOR-US: D-Link
CVE-2019-15655 (D-Link DSL-2875AL devices through 1.00.05 are prone to password disclo ...)
	NOT-FOR-US: D-Link
CVE-2019-15654 (Comba AP2600-I devices through A02,0202N00PD2 are prone to password di ...)
	NOT-FOR-US: Comba
CVE-2019-15653 (Comba AP2600-I devices through A02,0202N00PD2 are prone to password di ...)
	NOT-FOR-US: Comba
CVE-2019-15652 (The web interface for NSSLGlobal SatLink VSAT Modem Unit (VMU) devices ...)
	NOT-FOR-US: NSSLGlobal SatLink VSAT Modem Unit (VMU) devices
CVE-2019-15651 (wolfSSL 4.1.0 has a one-byte heap-based buffer over-read in DecodeCert ...)
	- wolfssl 4.1.0+dfsg-2
	NOTE: https://github.com/wolfSSL/wolfssl/issues/2421
CVE-2019-15650 (The stops-core-theme-and-plugin-updates plugin before 8.0.5 for WordPr ...)
	NOT-FOR-US: stops-core-theme-and-plugin-updates plugin for WordPress
CVE-2019-15649 (The insert-or-embed-articulate-content-into-wordpress plugin before 4. ...)
	NOT-FOR-US: insert-or-embed-articulate-content-into-wordpress plugin for WordPress
CVE-2019-15648 (The insert-or-embed-articulate-content-into-wordpress plugin before 4. ...)
	NOT-FOR-US: insert-or-embed-articulate-content-into-wordpress plugin for WordPress
CVE-2019-15647 (The groundhogg plugin before 1.3.5 for WordPress has wp-admin/admin-aj ...)
	NOT-FOR-US: groundhogg plugin for WordPress
CVE-2019-15646 (The rsvpmaker plugin before 6.2 for WordPress has SQL injection. ...)
	NOT-FOR-US: rsvpmaker plugin for WordPress
CVE-2019-15645 (The zoho-salesiq plugin before 1.0.9 for WordPress has CSRF. ...)
	NOT-FOR-US: zoho-salesiq plugin for WordPress
CVE-2019-15644 (The zoho-salesiq plugin before 1.0.9 for WordPress has stored XSS. ...)
	NOT-FOR-US: zoho-salesiq plugin for WordPress
CVE-2019-15643 (The ultimate-faqs plugin before 1.8.22 for WordPress has XSS. ...)
	NOT-FOR-US: ultimate-faqs plugin for WordPress
CVE-2019-15642 (rpc.cgi in Webmin through 1.920 allows authenticated Remote Code Execu ...)
	- webmin <removed>
CVE-2019-15641 (xmlrpc.cgi in Webmin through 1.930 allows authenticated XXE attacks. B ...)
	- webmin <removed>
CVE-2019-15640 (Limesurvey before 3.17.10 does not validate both the MIME type and fil ...)
	- limesurvey <itp> (bug #472802)
CVE-2019-15639 (main/translate.c in Sangoma Asterisk 13.28.0 and 16.5.0 allows a remot ...)
	- asterisk <not-affected> (Vulnerable code introduced later)
	NOTE: https://downloads.asterisk.org/pub/security/AST-2019-005.html
	NOTE: https://issues.asterisk.org/jira/browse/ASTERISK-28499
	NOTE: Issue was introduced specifically only in versions 13.28.0 and 16.5.0 upstream
	NOTE: and got fixed in 13.28.1 respectively 16.5.1.
CVE-2019-15638 (COPA-DATA zenone32 zenon Editor through 8.10 has an Uncontrolled Searc ...)
	NOT-FOR-US: COPA-DATA zenone32 zenon Editor
CVE-2019-15637 (Numerous Tableau products are vulnerable to XXE via a malicious workbo ...)
	NOT-FOR-US: Tableau
CVE-2019-15636
	RESERVED
CVE-2019-15635 (An issue was discovered in Grafana 5.4.0. Passwords for data sources u ...)
	- grafana <removed>
CVE-2019-15634
	RESERVED
CVE-2019-15633
	RESERVED
CVE-2019-15632
	RESERVED
CVE-2019-15631 (Remote Code Execution vulnerability in MuleSoft Mule CE/EE 3.x and API ...)
	NOT-FOR-US: MuleSoft
CVE-2019-15630 (Directory Traversal in APIkit, HTTP connector, and OAuth2 Provider com ...)
	NOT-FOR-US: MuleSoft
CVE-2019-15629 (Trend Micro Password Manager versions 3.x, 5.0, and 5.1 for Android is ...)
	NOT-FOR-US: Trend Micro
CVE-2019-15628 (Trend Micro Security (Consumer) 2020 (v16.0.1221 and below) is affecte ...)
	NOT-FOR-US: Trend Micro
CVE-2019-15627 (Versions 10.0, 11.0 and 12.0 of the Trend Micro Deep Security Agent ar ...)
	NOT-FOR-US: Trend Micro
CVE-2019-15626 (The Deep Security Manager application (Versions 10.0, 11.0 and 12.0),  ...)
	NOT-FOR-US: Deep Security Manager application (Trend Micro)
CVE-2019-15625 (A memory usage vulnerability exists in Trend Micro Password Manager 3. ...)
	NOT-FOR-US: Trend Micro
CVE-2019-15624 (Improper Input Validation in Nextcloud Server 15.0.7 allows group admi ...)
	- nextcloud-server <itp> (bug #941708)
CVE-2019-15623 (Exposure of Private Information in Nextcloud Server 16.0.1 causes the  ...)
	- nextcloud-server <itp> (bug #941708)
CVE-2019-15622 (Not strictly enough sanitization in the Nextcloud Android app 3.6.0 al ...)
	NOT-FOR-US: Nextcloud Android App
CVE-2019-15621 (Improper permissions preservation in Nextcloud Server 16.0.1 causes sh ...)
	- nextcloud-server <itp> (bug #941708)
CVE-2019-15620 (Improper access control in Nextcloud Talk 6.0.3 leaks the existance an ...)
	NOT-FOR-US: Nextcloud Talk
CVE-2019-15619 (Improper neutralization of file names, conversation names and board na ...)
	- nextcloud-server <itp> (bug #941708)
CVE-2019-15618 (Missing escaping of HTML in the Updater of Nextcloud 15.0.5 allowed a  ...)
	- nextcloud-server <itp> (bug #941708)
CVE-2019-15617 (A missing check in Nextcloud Server 17.0.0 allowed an attacker to set  ...)
	- nextcloud-server <itp> (bug #941708)
CVE-2019-15616 (Dangling remote share attempts in Nextcloud 16 allow a DNS pollution w ...)
	- nextcloud-server <itp> (bug #941708)
CVE-2019-15615 (A wrong check for the system time in the Android App 3.9.0 causes a by ...)
	NOT-FOR-US: Nextcloud Android app
CVE-2019-15614 (Missing sanitization in the iOS App 2.24.4 causes an XSS when opening  ...)
	NOT-FOR-US: Nextcloud iOS App
CVE-2019-15613 (A bug in Nextcloud Server 17.0.1 causes the workflow rules to depend t ...)
	- nextcloud-server <itp> (bug #941708)
CVE-2019-15612 (A bug in Nextcloud Server 15.0.2 causes pending 2FA logins to not be c ...)
	- nextcloud-server <itp> (bug #941708)
CVE-2019-15611 (Violation of Secure Design Principles in the iOS App 2.23.0 causes the ...)
	NOT-FOR-US: Nextcloud iOS App
CVE-2019-15610 (Improper authorization in the Circles app 0.17.7 causes retaining acce ...)
	NOT-FOR-US: Circles app
CVE-2019-15609 (The kill-port-process package version &lt; 2.2.0 is vulnerable to a Co ...)
	NOT-FOR-US: Node kill-port-process
CVE-2019-15608 (The package integrity validation in yarn &lt; 1.19.0 contains a TOCTOU ...)
	- node-yarnpkg 1.19.1-1
	NOTE: https://hackerone.com/reports/703138
CVE-2019-15607 (A stored XSS vulnerability is present within node-red (version: &lt;=  ...)
	NOT-FOR-US: node-red
CVE-2019-15606 (Including trailing white space in HTTP header values in Nodejs 10, 12, ...)
	- nodejs 10.19.0~dfsg-1
	[jessie] - nodejs <end-of-life> (Nodejs in jessie not covered by security support)
	NOTE: https://hackerone.com/reports/730779
	NOTE: https://github.com/nodejs/node/commit/2eee90e959ca4abaf53caf238d063c396f2ea17c (v10.19.0)
CVE-2019-15605 (HTTP request smuggling in Node.js 10, 12, and 13 causes malicious payl ...)
	- nodejs 10.19.0~dfsg-1
	[jessie] - nodejs <end-of-life> (Nodejs in jessie not covered by security support)
	[experimental] - http-parser 2.9.3-1
	- http-parser <unfixed>
	[jessie] - http-parser <ignored> (Invasive patch, requires prior content-length support and public struct changes that break ABI)
	NOTE: https://hackerone.com/reports/735748
	NOTE: https://github.com/nodejs/http-parser/commit/7d5c99d09f6743b055d53fc3f642746d9801479b (http-parser)
	NOTE: nodejs/10.19.0~dfsg-1 contains both the source fix but switches as well
	NOTE: back to use shared libhttp-parser again.
CVE-2019-15604 (Improper Certificate Validation in Node.js 10, 12, and 13 causes the p ...)
	- nodejs 10.19.0~dfsg-1
	[jessie] - nodejs <end-of-life> (Nodejs in jessie not covered by security support)
	NOTE: https://hackerone.com/reports/746733
	NOTE: https://github.com/nodejs/node/commit/f940bee3b7da865e28093472dee9ce664f273f6d (v10.19.0)
CVE-2019-15603 (The seefl package v0.1.1 is vulnerable to a stored Cross-Site Scriptin ...)
	NOT-FOR-US: seefl
CVE-2019-15602 (The fileview package v0.1.6 has inadequate output encoding and escapin ...)
	NOT-FOR-US: fileview
CVE-2019-15601 (CURL before 7.68.0 lacks proper input validation, which allows users t ...)
	- curl <not-affected> (Windows only)
CVE-2019-15600 (A Path traversal exists in http_server which allows an attacker to rea ...)
	NOT-FOR-US: Node module http_server
CVE-2019-15599 (A Code Injection exists in tree-kill on Windows which allows a remote  ...)
	NOT-FOR-US: Node module tree-kill
CVE-2019-15598 (A Code Injection exists in treekill on Windows which allows a remote c ...)
	NOT-FOR-US: Node module treekill
CVE-2019-15597 (A code injection exists in node-df v0.1.4 that can allow an attacker t ...)
	NOT-FOR-US: Node module node-df
CVE-2019-15596 (A path traversal in statics-server exists in all version that allows a ...)
	NOT-FOR-US: Node module statics-server
CVE-2019-15595 (A privilege escalation exists in UniFi Video Controller =&lt;3.10.6 th ...)
	NOT-FOR-US: UniFi Video Controller
CVE-2019-15594 (GitLab 11.8 and later contains a security vulnerability that allows a  ...)
	- gitlab <not-affected> (Only affects Gitlab EE)
	NOTE: https://about.gitlab.com/releases/2019/07/29/security-release-gitlab-12-dot-1-dot-2-released/
CVE-2019-15593 (GitLab 12.2.3 contains a security vulnerability that allows a user to  ...)
	[experimental] - gitlab 12.0.8-1
	- gitlab 12.6.8-3
	NOTE: https://hackerone.com/reports/557154
	NOTE: https://gitlab.com/gitlab-org/gitlab/commit/5af535d919c50951513f5859730afd924a01c29b
CVE-2019-15592 (GitLab 12.2.2 and below contains a security vulnerability that allows  ...)
	[experimental] - gitlab 12.0.8-1
	- gitlab 12.6.8-3
	NOTE: https://about.gitlab.com/releases/2019/08/29/security-release-gitlab-12-dot-2-dot-3-released/
CVE-2019-15591 (An improper access control vulnerability exists in GitLab &lt;12.3.3 t ...)
	- gitlab 12.6.8-3
	NOTE: https://hackerone.com/reports/676976
CVE-2019-15590 (An access control issue exists in &lt; 12.3.5, &lt; 12.2.8, and &lt; 1 ...)
	- gitlab <not-affected> (Only affects GitLab EE 11.5 and later)
	NOTE: https://hackerone.com/reports/701144
	NOTE: https://about.gitlab.com/releases/2019/10/07/security-release-gitlab-12-dot-3-dot-5-released/
CVE-2019-15589 (An improper access control vulnerability exists in Gitlab &lt;v12.3.2, ...)
	- gitlab 12.6.8-3
	NOTE: https://hackerone.com/reports/497047
	NOTE: https://about.gitlab.com/releases/2019/09/30/security-release-gitlab-12-dot-3-dot-2-released/
CVE-2019-15588 (There is an OS Command Injection in Nexus Repository Manager &lt;= 2.1 ...)
	NOT-FOR-US: Nexus Repository Manager
CVE-2019-15587 (In the Loofah gem for Ruby through v2.3.0 unsanitized JavaScript may o ...)
	{DSA-4554-1}
	- ruby-loofah 2.3.1+dfsg-1 (bug #942894)
	NOTE: https://github.com/flavorjones/loofah/issues/171
CVE-2019-15586 (A XSS exists in Gitlab CE/EE &lt; 12.1.10 in the Mermaid plugin. ...)
	- gitlab <not-affected> (Only affects Gitlab 12.1)
	NOTE: https://about.gitlab.com/releases/2019/09/30/security-release-gitlab-12-dot-3-dot-2-released/
CVE-2019-15585 (Improper authentication exists in &lt; 12.3.2, &lt; 12.2.6, and &lt; 1 ...)
	- gitlab 12.6.8-3
	NOTE: https://about.gitlab.com/releases/2019/09/30/security-release-gitlab-12-dot-3-dot-2-released/
CVE-2019-15584 (A denial of service exists in gitlab &lt;v12.3.2, &lt;v12.2.6, and &lt ...)
	- gitlab 12.6.8-3
	NOTE: https://hackerone.com/reports/670572
	NOTE: https://about.gitlab.com/releases/2019/09/30/security-release-gitlab-12-dot-3-dot-2-released/
CVE-2019-15583 (An information disclosure exists in &lt; 12.3.2, &lt; 12.2.6, and &lt; ...)
	- gitlab 12.6.8-3
	NOTE: https://about.gitlab.com/releases/2019/09/30/security-release-gitlab-12-dot-3-dot-2-released/
CVE-2019-15582 (An IDOR was discovered in &lt; 12.3.2, &lt; 12.2.6, and &lt; 12.1.12 f ...)
	- gitlab 12.6.8-3
	NOTE: https://about.gitlab.com/releases/2019/09/30/security-release-gitlab-12-dot-3-dot-2-released/
CVE-2019-15581 (An IDOR exists in &lt; 12.3.2, &lt; 12.2.6, and &lt; 12.1.12 for GitLa ...)
	- gitlab 12.6.8-3
	NOTE: https://about.gitlab.com/releases/2019/09/30/security-release-gitlab-12-dot-3-dot-2-released/
CVE-2019-15580 (An information exposure vulnerability exists in gitlab.com &lt;v12.3.2 ...)
	- gitlab <not-affected> (Only affects EE)
	NOTE: https://about.gitlab.com/releases/2019/09/30/security-release-gitlab-12-dot-3-dot-2-released/
CVE-2019-15579 (An information disclosure exists in &lt; 12.3.2, &lt; 12.2.6, and &lt; ...)
	- gitlab 12.6.8-3
	NOTE: https://about.gitlab.com/releases/2019/09/30/security-release-gitlab-12-dot-3-dot-2-released/
CVE-2019-15578 (An information disclosure exists in &lt; 12.3.2, &lt; 12.2.6, and &lt; ...)
	- gitlab 12.6.8-3
	NOTE: https://about.gitlab.com/releases/2019/09/30/security-release-gitlab-12-dot-3-dot-2-released/
CVE-2019-15577 (An information disclosure vulnerability exists in GitLab CE/EE &lt;v12 ...)
	- gitlab 12.6.8-3
	NOTE: https://hackerone.com/reports/636560
	NOTE: https://about.gitlab.com/releases/2019/09/30/security-release-gitlab-12-dot-3-dot-2-released/
CVE-2019-15576 (An information disclosure vulnerability exists in GitLab CE/EE &lt;v12 ...)
	- gitlab 12.6.8-3
	NOTE: https://hackerone.com/reports/633001
	NOTE: https://about.gitlab.com/releases/2019/09/30/security-release-gitlab-12-dot-3-dot-2-released/
CVE-2019-15575 (A command injection exists in GitLab CE/EE &lt;v12.3.2, &lt;v12.2.6, a ...)
	- gitlab 12.6.8-3
	NOTE: https://hackerone.com/reports/682442
	NOTE: https://about.gitlab.com/releases/2019/09/30/security-release-gitlab-12-dot-3-dot-2-released/
CVE-2019-15574 (Gesior-AAC before 2019-05-01 allows serviceID SQL injection in account ...)
	NOT-FOR-US: Gesior-AAC
CVE-2019-15573 (Gesior-AAC before 2019-05-01 allows SQL injection in tankyou.php. ...)
	NOT-FOR-US: Gesior-AAC
CVE-2019-15572 (Gesior-AAC before 2019-05-01 allows ServiceCategoryID SQL injection in ...)
	NOT-FOR-US: Gesior-AAC
CVE-2019-15571 (The WEB control panel before 2019-04-30 for ClonOS allows SQL injectio ...)
	NOT-FOR-US: WEB control panel for ClonOS
CVE-2019-15570 (BEdita through 4.0.0-RC2 allows SQL injection during a save operation  ...)
	NOT-FOR-US: BEdita
CVE-2019-15569 (HM Courts &amp; Tribunals ccd-data-store-api before 2019-06-10 allows  ...)
	NOT-FOR-US: HM Courts
CVE-2019-15568 (idseq-web before 2019-07-01 in Infectious Disease Sequencing Platform  ...)
	NOT-FOR-US: idseq-web
CVE-2019-15567 (OpenForis Arena before 2019-05-07 allows SQL injection in the sorting  ...)
	NOT-FOR-US: OpenForis Arena
CVE-2019-15566 (The Alfresco application before 1.8.7 for Android allows SQL injection ...)
	NOT-FOR-US: Alfresco application for Android
CVE-2019-15565 (The ICOMMKT connector before 1.0.7 for PrestaShop allows SQL injection ...)
	NOT-FOR-US: PrestaShop
CVE-2019-15564 (The Compassion Switzerland addons 10.01.4 for Odoo allow SQL injection ...)
	NOT-FOR-US: Compassion Switzerland addons for Odoo
CVE-2019-15563 (Observational Health Data Sciences and Informatics (OHDSI) WebAPI befo ...)
	NOT-FOR-US: Observational Health Data Sciences and Informatics
CVE-2019-15562 (GORM before 1.9.10 allows SQL injection via incomplete parentheses. ...)
	NOT-FOR-US: GORM
CVE-2019-15561 (FlashLingo before 2019-06-12 allows SQL injection, related to flashlin ...)
	NOT-FOR-US: FlashLingo
CVE-2019-15560 (The Reviews Module before 2019-06-14 for OpenSource Table allows SQL i ...)
	NOT-FOR-US: OpenSource Table addon
CVE-2019-15559 (DianoxDragon Hawn before 2019-07-10 allows SQL injection. ...)
	NOT-FOR-US: DianoxDragon Hawn
CVE-2019-15558 (XM^online 2 Common Utils and Endpoints 0.2.1 allows SQL injection, rel ...)
	NOT-FOR-US: XM^online 2
CVE-2019-15557 (XM^online 2 User Account and Authentication server 1.0.0 allows SQL in ...)
	NOT-FOR-US: XM^online 2
CVE-2019-15556 (Pvanloon1983 social_network before 2019-07-03 allows SQL injection in  ...)
	NOT-FOR-US: Pvanloon1983
CVE-2019-15555 (FredReinink Wellness-app before 2019-06-19 allows SQL injection, relat ...)
	NOT-FOR-US: FredReinink Wellness-app
CVE-2019-15554 (An issue was discovered in the smallvec crate before 0.6.10 for Rust.  ...)
	- rust-smallvec 0.6.10-1
	[buster] - rust-smallvec <no-dsa> (Minor issue)
	NOTE: https://github.com/servo/rust-smallvec/issues/149
	NOTE: https://rustsec.org/advisories/RUSTSEC-2019-0012.html
CVE-2019-15553 (An issue was discovered in the memoffset crate before 0.5.0 for Rust.  ...)
	- rust-memoffset 0.5.1-1 (bug #936025)
	[buster] - rust-memoffset <no-dsa> (Minor issue)
	NOTE: https://github.com/Gilnaa/memoffset/issues/9#issuecomment-505461490
	NOTE: https://rustsec.org/advisories/RUSTSEC-2019-0011.html
CVE-2019-15552 (An issue was discovered in the libflate crate before 0.1.25 for Rust.  ...)
	- rust-libflate 0.1.25-1
	[buster] - rust-libflate <no-dsa> (Minor issue)
	NOTE: https://github.com/sile/libflate/issues/35
	NOTE: https://rustsec.org/advisories/RUSTSEC-2019-0010.html
CVE-2019-15551 (An issue was discovered in the smallvec crate before 0.6.10 for Rust.  ...)
	- rust-smallvec 0.6.10-1
	[buster] - rust-smallvec <no-dsa> (Minor issue)
	NOTE: https://github.com/servo/rust-smallvec/issues/148
	NOTE: https://rustsec.org/advisories/RUSTSEC-2019-0009.html
CVE-2019-15550 (An issue was discovered in the simd-json crate before 0.1.15 for Rust. ...)
	NOT-FOR-US: Rust crate simd-json
CVE-2019-15549 (An issue was discovered in the asn1_der crate before 0.6.2 for Rust. A ...)
	NOT-FOR-US: Rust crate asn1_der
CVE-2019-15548 (An issue was discovered in the ncurses crate through 5.99.0 for Rust.  ...)
	NOT-FOR-US: Rust crate ncurses
CVE-2019-15547 (An issue was discovered in the ncurses crate through 5.99.0 for Rust.  ...)
	NOT-FOR-US: Rust crate ncurses
CVE-2019-15546 (An issue was discovered in the pancurses crate through 0.16.1 for Rust ...)
	NOT-FOR-US: Rust crate pancurses
CVE-2019-15545 (An issue was discovered in the libp2p-core crate before 0.8.1 for Rust ...)
	NOT-FOR-US: Rust crate libp2p-core
CVE-2019-15544 (An issue was discovered in the protobuf crate before 2.6.0 for Rust. A ...)
	NOT-FOR-US: Rust crate protobuf
CVE-2019-15543 (An issue was discovered in the slice-deque crate before 0.2.0 for Rust ...)
	NOT-FOR-US: Rust crate slice-deque
CVE-2019-15542 (An issue was discovered in the ammonia crate before 2.1.0 for Rust. Th ...)
	NOT-FOR-US: Rust crate ammonia
CVE-2019-15541 (rustls-mio/examples/tlsserver.rs in the rustls crate before 0.16.0 for ...)
	NOT-FOR-US: Rust crate rustls
CVE-2019-15540 (filters/filter-cso/filter-stream.c in the CSO filter in libMirage 3.2. ...)
	NOT-FOR-US: libMirage
CVE-2019-15539 (The proj_doc_edit_page.php Project Documentation feature in MantisBT b ...)
	- mantis <removed>
CVE-2019-15538 (An issue was discovered in xfs_setattr_nonsize in fs/xfs/xfs_iops.c in ...)
	{DLA-1919-1}
	- linux 5.2.17-1
	[buster] - linux 4.19.67-2
	[stretch] - linux 4.9.189-2
	[jessie] - linux <not-affected> (Vulnerable code introduced later)
	NOTE: https://git.kernel.org/linus/1fb254aa983bf190cfd685d40c64a480a9bafaee
CVE-2019-15537 (The proxystatistics module before 3.1.0 for SimpleSAMLphp allows SQL I ...)
	NOT-FOR-US: SimpleSAMLphp module proxystatistics
CVE-2019-15536 (The Acclaim block plugin before 2019-06-26 for Moodle allows SQL Injec ...)
	NOT-FOR-US: Acclaim block plugin for Moodle
CVE-2019-15535 (Tasking Manager before 3.4.0 allows SQL Injection via custom SQL. ...)
	NOT-FOR-US: Tasking Manager
CVE-2019-15534 (Raml-Module-Builder 26.4.0 allows SQL Injection in PostgresClient.upda ...)
	NOT-FOR-US: Raml-Module-Builder
CVE-2019-15533 (XENFCoreSharp before 2019-07-16 allows SQL injection in web/verify.php ...)
	NOT-FOR-US: XENFCoreSharp
CVE-2019-15532 (CyberChef before 8.31.2 allows XSS in core/operations/TextEncodingBrut ...)
	NOT-FOR-US: CyberChef
CVE-2019-15531 (GNU Libextractor through 1.9 has a heap-based buffer over-read in the  ...)
	{DLA-1904-1}
	- libextractor 1:1.9-2 (bug #935553)
	[buster] - libextractor <no-dsa> (Minor issue)
	[stretch] - libextractor <no-dsa> (Minor issue)
	NOTE: https://bugs.gnunet.org/view.php?id=5846
	NOTE: https://git.gnunet.org/libextractor.git/commit/?id=d2b032452241708bee68d02aa02092cfbfba951a
CVE-2019-15530 (An issue was discovered on D-Link DIR-823G devices with firmware V1.0. ...)
	NOT-FOR-US: D-Link
CVE-2019-15529 (An issue was discovered on D-Link DIR-823G devices with firmware V1.0. ...)
	NOT-FOR-US: D-Link
CVE-2019-15528 (An issue was discovered on D-Link DIR-823G devices with firmware V1.0. ...)
	NOT-FOR-US: D-Link
CVE-2019-15527 (An issue was discovered on D-Link DIR-823G devices with firmware V1.0. ...)
	NOT-FOR-US: D-Link
CVE-2019-15526 (An issue was discovered on D-Link DIR-823G devices with firmware V1.0. ...)
	NOT-FOR-US: D-Link
CVE-2019-15525 (There is Missing SSL Certificate Validation in the pw3270 terminal emu ...)
	NOT-FOR-US: pw3270 terminal emulator
CVE-2019-15524 (CSZ CMS 1.2.3 allows arbitrary file upload, as demonstrated by a .php  ...)
	NOT-FOR-US: CSZ CMS
CVE-2019-15523
	RESERVED
CVE-2019-15522 (An issue was discovered in LINBIT csync2 through 2.0. csync_daemon_ses ...)
	- csync2 2.0-25-gc0faaf9-1 (bug #955445)
	[buster] - csync2 <no-dsa> (Minor issue)
	[stretch] - csync2 <no-dsa> (Minor issue)
	[jessie] - csync2 <no-dsa> (Minor issue)
	NOTE: https://github.com/LINBIT/csync2/pull/13/commits/0ecfc333da51575f188dd7cf6ac4974d13a800b1
CVE-2019-15521 (Spoon Library through 2014-02-06, as used in Fork CMS before 1.4.1 and ...)
	NOT-FOR-US: Spoon Library
CVE-2019-15520 (comelz Quark before 2019-03-26 allows directory traversal to locations ...)
	NOT-FOR-US: comelz Quark
CVE-2019-15519 (Power-Response before 2019-02-02 allows directory traversal (up to the ...)
	NOT-FOR-US: Power-Response
CVE-2019-15518 (Swoole before 4.2.13 allows directory traversal in swPort_http_static_ ...)
	NOT-FOR-US: Swoole
CVE-2019-15517 (jc21 Nginx Proxy Manager before 2.0.13 allows %2e%2e%2f directory trav ...)
	NOT-FOR-US: jc21 Nginx Proxy Manager
CVE-2019-15516 (Cuberite before 2019-06-11 allows webadmin directory traversal via ... ...)
	NOT-FOR-US: Cuberite
CVE-2019-15515 (Discourse 2.3.2 sends the CSRF token in the query string. ...)
	NOT-FOR-US: Discourse
CVE-2019-15514 (The Privacy &gt; Phone Number feature in the Telegram app 5.10 for And ...)
	NOT-FOR-US: Telegram app for Android and iOS
CVE-2019-15513 (An issue was discovered in OpenWrt libuci (aka Library for the Unified ...)
	NOT-FOR-US: OpenWrt libuci
CVE-2019-15512
	RESERVED
CVE-2019-15511 (An exploitable local privilege escalation vulnerability exists in the  ...)
	NOT-FOR-US: GOG Galaxy
CVE-2019-15510 (ManageEngine_DesktopCentral.exe in Zoho ManageEngine Desktop Central 1 ...)
	NOT-FOR-US: Zoho
CVE-2019-15509
	RESERVED
CVE-2019-15508 (In Octopus Tentacle versions 3.0.8 to 5.0.0, when a web request proxy  ...)
	NOT-FOR-US: Octopus Tentacle
CVE-2019-15507 (In Octopus Deploy versions 2018.8.4 to 2019.7.6, when a web request pr ...)
	NOT-FOR-US: Octopus Deploy
CVE-2019-15506 (An issue was discovered in Kaseya Virtual System Administrator (VSA) t ...)
	NOT-FOR-US: Kaseya Virtual System Administrator (VSA)
CVE-2019-15505 (drivers/media/usb/dvb-usb/technisat-usb2.c in the Linux kernel through ...)
	{DLA-2114-1 DLA-2068-1}
	- linux 5.2.17-1
	[buster] - linux 4.19.87-1
	[stretch] - linux 4.9.210-1
CVE-2019-15504 (drivers/net/wireless/rsi/rsi_91x_usb.c in the Linux kernel through 5.2 ...)
	- linux 5.2.17-1
	[buster] - linux 4.19.87-1
	[stretch] - linux <not-affected> (Vulnerability introduced later)
	[jessie] - linux <not-affected> (Vulnerability introduced later)
CVE-2019-15503 (cgi-cpn/xcoding/prontus_videocut.cgi in AltaVoz Prontus (aka ProntusCM ...)
	NOT-FOR-US: AltaVoz Prontus
CVE-2019-15502 (The TeamSpeak client before 3.3.2 allows remote servers to trigger a c ...)
	- teamspeak-client <removed>
CVE-2019-15501 (Reflected cross site scripting (XSS) in L-Soft LISTSERV before 16.5-20 ...)
	NOT-FOR-US: L-Soft LISTSERV
CVE-2019-15500
	RESERVED
CVE-2019-15499 (CodiMD 1.3.1, when Safari is used, allows XSS via an IFRAME element wi ...)
	NOT-FOR-US: CodiMD
CVE-2019-15498 (cgi-bin/cmh/webcam.sh in Vera Edge Home Controller 1.7.4452 allows rem ...)
	NOT-FOR-US: Vera Edge Home Controller
CVE-2019-15497 (Black Box iCOMPEL 9.2.3 through 11.1.4, as used in ONELAN Net-Top-Box  ...)
	NOT-FOR-US: Black Box iCOMPEL
CVE-2019-15496 (MyT Project Management 1.5.1 lacks CSRF protection and, for example, a ...)
	NOT-FOR-US: MyT Project Management
CVE-2019-15495
	RESERVED
CVE-2019-15494 (openITCOCKPIT before 3.7.1 allows SSRF, aka RVID 5-445b21. ...)
	NOT-FOR-US: openITCOCKPIT
CVE-2019-15493 (openITCOCKPIT before 3.7.1 allows deletion of files, aka RVID 4-445b21 ...)
	NOT-FOR-US: openITCOCKPIT
CVE-2019-15492 (openITCOCKPIT before 3.7.1 has reflected XSS, aka RVID 3-445b21. ...)
	NOT-FOR-US: openITCOCKPIT
CVE-2019-15491 (openITCOCKPIT before 3.7.1 has CSRF, aka RVID 2-445b21. ...)
	NOT-FOR-US: openITCOCKPIT
CVE-2019-15490 (openITCOCKPIT before 3.7.1 allows code injection, aka RVID 1-445b21. ...)
	NOT-FOR-US: openITCOCKPIT
CVE-2019-15489 (laracom (aka Laravel FREE E-Commerce Software) 1.4.11 has search?q= XS ...)
	NOT-FOR-US: laracom (aka Laravel FREE E-Commerce Software)
CVE-2019-15488 (Ignite Realtime Openfire before 4.4.1 has reflected XSS via an LDAP se ...)
	NOT-FOR-US: Ignite Realtime Openfire
CVE-2019-15487 (DfE School Experience before v16333-GA has XSS via a teacher training  ...)
	NOT-FOR-US: DfE School Experience
CVE-2019-15486 (django-js-reverse (aka Django JS Reverse) before 0.9.1 has XSS via js_ ...)
	- django-js-reverse <not-affected> (Issue introduced in 0.9.0)
	NOTE: https://github.com/ierror/django-js-reverse/pull/81
	NOTE: https://github.com/ierror/django-js-reverse/commit/a3b57d1e4424e2fadabcd526d170c4868d55159c (0.9.1)
CVE-2019-15485 (Bolt before 3.6.10 has XSS via createFolder or createFile in Controlle ...)
	NOT-FOR-US: Bolt CMS
CVE-2019-15484 (Bolt before 3.6.10 has XSS via an image's alt or title field. ...)
	NOT-FOR-US: Bolt CMS
CVE-2019-15483 (Bolt before 3.6.10 has XSS via a title that is mishandled in the syste ...)
	NOT-FOR-US: Bolt CMS
CVE-2019-15482 (selectize-plugin-a11y before 1.1.0 has XSS via the msg field. ...)
	NOT-FOR-US: selectize-plugin-a11y
CVE-2019-15481 (Kimai v2 before 1.1 has XSS via a timesheet description. ...)
	NOT-FOR-US: Kimai
CVE-2019-15480 (Domoticz 4.10717 has XSS via item.Name. ...)
	- domoticz <itp> (bug #899058)
CVE-2019-15479 (Status Board 1.1.81 has reflected XSS via dashboard.ts. ...)
	NOT-FOR-US: Status Board
CVE-2019-15478 (Status Board 1.1.81 has reflected XSS via logic.ts. ...)
	NOT-FOR-US: Status Board
CVE-2019-15477 (Jooby before 1.6.4 has XSS via the default error handler. ...)
	NOT-FOR-US: Jooby
CVE-2019-15476 (Former before 4.2.1 has XSS via a checkbox value. ...)
	NOT-FOR-US: Former
CVE-2019-15475 (The Xiaomi Mi A3 Android device with a build fingerprint of xiaomi/onc ...)
	NOT-FOR-US: Xiaomi Mi A3 Android device
CVE-2019-15474 (The Xiaomi Cepheus Android device with a build fingerprint of Xiaomi/c ...)
	NOT-FOR-US: Xiaomi Cepheus Android device
CVE-2019-15473 (The Xiaomi Mi A2 Lite Android device with a build fingerprint of xiaom ...)
	NOT-FOR-US: Xiaomi Mi A2 Lite Android device
CVE-2019-15472 (The Xiaomi Mi A2 Lite Android device with a build fingerprint of xiaom ...)
	NOT-FOR-US: Xiaomi Mi A2 Lite Android device
CVE-2019-15471 (The Xiaomi Mi Mix 2S Android device with a build fingerprint of Xiaomi ...)
	NOT-FOR-US: Xiaomi Mi Mix 2S Android device
CVE-2019-15470 (The Xiaomi Redmi Note 6 Pro Android device with a build fingerprint of ...)
	NOT-FOR-US: Xiaomi Redmi Note 6 Pro Android device
CVE-2019-15469 (The Xiaomi Mi Pad 4 Android device with a build fingerprint of Xiaomi/ ...)
	NOT-FOR-US: Xiaomi Mi Pad 4 Android device
CVE-2019-15468 (The Xiaomi Mi A2 Lite Android device with a build fingerprint of xiaom ...)
	NOT-FOR-US: Xiaomi Mi A2 Lite Android devic
CVE-2019-15467 (The Xiaomi Mi Mix 2S Android device with a build fingerprint of Xiaomi ...)
	NOT-FOR-US: Xiaomi Mi Mix 2S Android device
CVE-2019-15466 (The Xiaomi Redmi 6 Pro Android device with a build fingerprint of xiao ...)
	NOT-FOR-US: Xiaomi Redmi 6 Pro Android device
CVE-2019-15465 (The Samsung J7 Pro Android device with a build fingerprint of samsung/ ...)
	NOT-FOR-US: Samsung
CVE-2019-15464 (The Samsung J7 Pro Android device with a build fingerprint of samsung/ ...)
	NOT-FOR-US: Samsung
CVE-2019-15463 (The Samsung j7popeltemtr Android device with a build fingerprint of sa ...)
	NOT-FOR-US: Samsung
CVE-2019-15462 (The Samsung J7 Duo Android device with a build fingerprint of samsung/ ...)
	NOT-FOR-US: Samsung
CVE-2019-15461 (The Samsung J7 Neo Android device with a build fingerprint of samsung/ ...)
	NOT-FOR-US: Samsung
CVE-2019-15460 (The Samsung J7 Neo Android device with a build fingerprint of samsung/ ...)
	NOT-FOR-US: Samsung
CVE-2019-15459 (The Samsung J7 Neo Android device with a build fingerprint of samsung/ ...)
	NOT-FOR-US: Samsung
CVE-2019-15458 (The Samsung J7 Neo Android device with a build fingerprint of samsung/ ...)
	NOT-FOR-US: Samsung
CVE-2019-15457 (The Samsung J6 Android device with a build fingerprint of samsung/j6lt ...)
	NOT-FOR-US: Samsung
CVE-2019-15456 (The Samsung J6 Android device with a build fingerprint of samsung/j6lt ...)
	NOT-FOR-US: Samsung
CVE-2019-15455 (The Samsung J5 Android device with a build fingerprint of samsung/j5y1 ...)
	NOT-FOR-US: Samsung
CVE-2019-15454 (The Samsung J4 Android device with a build fingerprint of samsung/j4lt ...)
	NOT-FOR-US: Samsung
CVE-2019-15453 (The Samsung J4 Android device with a build fingerprint of samsung/j4lt ...)
	NOT-FOR-US: Samsung
CVE-2019-15452 (The Samsung J3 Android device with a build fingerprint of samsung/j3y1 ...)
	NOT-FOR-US: Samsung
CVE-2019-15451 (The Samsung J3 Android device with a build fingerprint of samsung/j3y1 ...)
	NOT-FOR-US: Samsung
CVE-2019-15450 (The Samsung j3popeltecan Android device with a build fingerprint of sa ...)
	NOT-FOR-US: Samsung
CVE-2019-15449 (The Samsung S7 Edge Android device with a build fingerprint of samsung ...)
	NOT-FOR-US: Samsung
CVE-2019-15448 (The Samsung S7 Edge Android device with a build fingerprint of samsung ...)
	NOT-FOR-US: Samsung
CVE-2019-15447 (The Samsung S7 Edge Android device with a build fingerprint of samsung ...)
	NOT-FOR-US: Samsung
CVE-2019-15446 (The Samsung S7 Android device with a build fingerprint of samsung/hero ...)
	NOT-FOR-US: Samsung
CVE-2019-15445 (The Samsung S7 Android device with a build fingerprint of samsung/hero ...)
	NOT-FOR-US: Samsung
CVE-2019-15444 (The Samsung S7 Android device with a build fingerprint of samsung/hero ...)
	NOT-FOR-US: Samsung
CVE-2019-15443 (The Samsung J7 Max Android device with a build fingerprint of samsung/ ...)
	NOT-FOR-US: Samsung
CVE-2019-15442 (The Samsung on7xelteskt Android device with a build fingerprint of sam ...)
	NOT-FOR-US: Samsung
CVE-2019-15441 (The Samsung on7xeltelgt Android device with a build fingerprint of sam ...)
	NOT-FOR-US: Samsung
CVE-2019-15440 (The Samsung J5 Android device with a build fingerprint of samsung/on5x ...)
	NOT-FOR-US: Samsung
CVE-2019-15439 (The Samsung XCover4 Android device with a build fingerprint of samsung ...)
	NOT-FOR-US: Samsung
CVE-2019-15438 (The Samsung XCover4 Android device with a build fingerprint of samsung ...)
	NOT-FOR-US: Samsung
CVE-2019-15437 (The Samsung XCover4 Android device with a build fingerprint of samsung ...)
	NOT-FOR-US: Samsung
CVE-2019-15436 (The Samsung A8+ Android device with a build fingerprint of samsung/jac ...)
	NOT-FOR-US: Samsung
CVE-2019-15435 (The Samsung A7 Android device with a build fingerprint of samsung/a7y1 ...)
	NOT-FOR-US: Samsung
CVE-2019-15434 (The Samsung A5 Android device with a build fingerprint of samsung/a5y1 ...)
	NOT-FOR-US: Samsung
CVE-2019-15433 (The Samsung A3 Android device with a build fingerprint of samsung/a3y1 ...)
	NOT-FOR-US: Samsung
CVE-2019-15432 (The Evercoss U6 Android device with a build fingerprint of EVERCOSS/U6 ...)
	NOT-FOR-US: Evercoss
CVE-2019-15431 (The Evercoss U50A Android device with a build fingerprint of EVERCOSS/ ...)
	NOT-FOR-US: Evercoss
CVE-2019-15430 (The Bluboo D3 Pro Android device with a build fingerprint of BLUBOO/Bl ...)
	NOT-FOR-US: Bluboo
CVE-2019-15429 (The Panasonic ELUGA_I9 Android device with a build fingerprint of Pana ...)
	NOT-FOR-US: Panasonic
CVE-2019-15428 (The Xiaomi Mi Note 2 Android device with a build fingerprint of Xiaomi ...)
	NOT-FOR-US: Xiaomi Mi Note 2 Android device
CVE-2019-15427 (The Xiaomi Mi Mix Android device with a build fingerprint of Xiaomi/li ...)
	NOT-FOR-US: Xiaomi Mi Mix Android device
CVE-2019-15426 (The Xiaomi 5S Plus Android device with a build fingerprint of Xiaomi/n ...)
	NOT-FOR-US: Xiaomi 5S Plus Android device
CVE-2019-15425 (The Kata M4s Android device with a build fingerprint of alps/full_hct6 ...)
	NOT-FOR-US: Kata M4s Android device
CVE-2019-15424 (The Doogee BL5000 Android device with a build fingerprint of DOOGEE/BL ...)
	NOT-FOR-US: Doogee BL5000 Android device
CVE-2019-15423 (The Bluboo Bluboo_S1 Android device with a build fingerprint of BLUBOO ...)
	NOT-FOR-US: Bluboo Bluboo_S1 Android device
CVE-2019-15422 (The Doogee Mix Android device with a build fingerprint of DOOGEE/MIX/M ...)
	NOT-FOR-US: Doogee Mix Android device
CVE-2019-15421 (The Blackview BV7000_Pro Android device with a build fingerprint of Bl ...)
	NOT-FOR-US: The Blackview
CVE-2019-15420 (The Blackview BV9000Pro-F Android device with a build fingerprint of B ...)
	NOT-FOR-US: Blackview
CVE-2019-15419 (The Asus ASUS_X015_1 Android device with a build fingerprint of asus/C ...)
	NOT-FOR-US: Asus
CVE-2019-15418 (The Asus ASUS_X00K_1 Android device with a build fingerprint of asus/C ...)
	NOT-FOR-US: Asus
CVE-2019-15417 (The Tecno Spark Pro Android device with a build fingerprint of TECNO/H ...)
	NOT-FOR-US: Tecno Spark Pro Android device
CVE-2019-15416 (The Sony keyaki_kddi Android device with a build fingerprint of Sony/k ...)
	NOT-FOR-US: Sony
CVE-2019-15415 (The Xiaomi Redmi 5 Android device with a build fingerprint of xiaomi/v ...)
	NOT-FOR-US: Xiaomi Redmi 5 Android device
CVE-2019-15414 (The Asus ZenFone AR Android device with a build fingerprint of asus/WW ...)
	NOT-FOR-US: Asus
CVE-2019-15413 (The Asus ZenFone 3 Ultra Android device with a build fingerprint of as ...)
	NOT-FOR-US: Asus
CVE-2019-15412 (The Asus ZenFone 4 Selfie Android device with a build fingerprint of a ...)
	NOT-FOR-US: Asus
CVE-2019-15411 (The Asus ZenFone 3 Laser Android device with a build fingerprint of as ...)
	NOT-FOR-US: Asus
CVE-2019-15410 (The Asus ZenFone 5Q Android device with a build fingerprint of asus/WW ...)
	NOT-FOR-US: Asus
CVE-2019-15409 (The Asus ZenFone 5Q Android device with a build fingerprint of asus/WW ...)
	NOT-FOR-US: Asus
CVE-2019-15408 (The Asus ZenFone 5 Lite Android device with a build fingerprint of asu ...)
	NOT-FOR-US: Asus
CVE-2019-15407 (The Asus ASUS_X015_1 Android device with a build fingerprint of asus/C ...)
	NOT-FOR-US: Asus
CVE-2019-15406 (The Asus ASUS_X00LD_3 Android device with a build fingerprint of asus/ ...)
	NOT-FOR-US: Asus
CVE-2019-15405 (The Asus ASUS_X00K_1 Android device with a build fingerprint of asus/C ...)
	NOT-FOR-US: Asus
CVE-2019-15404 (The Asus ZenFone Max 4 Android device with a build fingerprint of asus ...)
	NOT-FOR-US: Asus
CVE-2019-15403 (The Asus ZenFone 3s Max Android device with a build fingerprint of asu ...)
	NOT-FOR-US: Asus
CVE-2019-15402 (The Asus ASUS_A002_2 Android device with a build fingerprint of asus/W ...)
	NOT-FOR-US: Asus
CVE-2019-15401 (The Asus ASUS_A002 Android device with a build fingerprint of asus/WW_ ...)
	NOT-FOR-US: Asus
CVE-2019-15400 (The Asus ZenFone 3 Ultra Android device with a build fingerprint of as ...)
	NOT-FOR-US: Asus
CVE-2019-15399 (The Asus ZenFone 5Q Android device with a build fingerprint of asus/WW ...)
	NOT-FOR-US: Asus
CVE-2019-15398 (The Asus ZenFone 4 Selfie Android device with a build fingerprint of a ...)
	NOT-FOR-US: Asus
CVE-2019-15397 (The Asus ZenFone Max 4 Android device with a build fingerprint of asus ...)
	NOT-FOR-US: Asus
CVE-2019-15396 (The Asus ZenFone 3 Android device with a build fingerprint of asus/WW_ ...)
	NOT-FOR-US: Asus
CVE-2019-15395 (The Asus ZenFone 3s Max Android device with a build fingerprint of asu ...)
	NOT-FOR-US: Asus
CVE-2019-15394 (The Asus ZenFone 5 Selfie Android device with a build fingerprint of a ...)
	NOT-FOR-US: Asus
CVE-2019-15393 (The Asus ZenFone Live Android device with a build fingerprint of asus/ ...)
	NOT-FOR-US: Asus
CVE-2019-15392 (The Asus ZenFone 4 Selfie Android device with a build fingerprint of A ...)
	NOT-FOR-US: Asus
CVE-2019-15391 (The Asus ZenFone 4 Selfie Android device with a build fingerprint of a ...)
	NOT-FOR-US: Asus
CVE-2019-15390 (The Haier G8 Android device with a build fingerprint of Haier/HM-G559- ...)
	NOT-FOR-US: Haier G8 Android device
CVE-2019-15389 (The Haier A6 Android device with a build fingerprint of Haier/A6/A6:8. ...)
	NOT-FOR-US: Haier A6 Android device
CVE-2019-15388 (The Coolpad 1851 Android device with a build fingerprint of Coolpad/an ...)
	NOT-FOR-US: Coolpad
CVE-2019-15387 (The Archos Core 101 Android device with a build fingerprint of archos/ ...)
	NOT-FOR-US: Archos
CVE-2019-15386 (The Lava Z60s Android device with a build fingerprint of LAVA/Z60s/Z60 ...)
	NOT-FOR-US: Lava
CVE-2019-15385 (The Infinix Note 5 Android device with a build fingerprint of Infinix/ ...)
	NOT-FOR-US: Infinix Note 5 Android device
CVE-2019-15384 (The Elephone A4 Android device with a build fingerprint of Elephone/A4 ...)
	NOT-FOR-US: Elephone
CVE-2019-15383 (The Allview X5 Android device with a build fingerprint of ALLVIEW/X5_S ...)
	NOT-FOR-US: Allview
CVE-2019-15382 (The Cubot Nova Android device with a build fingerprint of CUBOT/CUBOT_ ...)
	NOT-FOR-US: Cubot Nova
CVE-2019-15381 (The BQ 5515L Android device with a build fingerprint of BQru/BQru-5515 ...)
	NOT-FOR-US: BQ 5515L Android device
CVE-2019-15380 (The Fly Photo Pro Android device with a build fingerprint of Fly/Photo ...)
	NOT-FOR-US: Fly Photo Pro Android device
CVE-2019-15379 (The Walton Primo G3 Android device with a build fingerprint of WALTON/ ...)
	NOT-FOR-US: Walton Primo G3 Android device
CVE-2019-15378 (The Panasonic Eluga Ray 600 Android device with a build fingerprint of ...)
	NOT-FOR-US: Panasonic
CVE-2019-15377 (The Cherry Flare S7 Android device with a build fingerprint of Cherry_ ...)
	NOT-FOR-US: Cherry Flare S7 Android device
CVE-2019-15376 (The Panasonic Eluga Ray 530 Android device with a build fingerprint of ...)
	NOT-FOR-US: Panasonic
CVE-2019-15375 (The Haier G8 Android device with a build fingerprint of Haier/HM-G559- ...)
	NOT-FOR-US: Haier G8 Android device
CVE-2019-15374 (The Lava Iris 88 Lite Android device with a build fingerprint of LAVA/ ...)
	NOT-FOR-US: Lava Iris 88 Lite Android device
CVE-2019-15373 (The Symphony i95 Lite Android device with a build fingerprint of LAVA/ ...)
	NOT-FOR-US: Symphony i95 Lite Android device
CVE-2019-15372 (The Hisense F17 Android device with a build fingerprint of Hisense/F17 ...)
	NOT-FOR-US: Hisense F17 Android device
CVE-2019-15371 (The Symphony G100 Android device with a build fingerprint of Symphony/ ...)
	NOT-FOR-US: Symphony G100 Android device
CVE-2019-15370 (The Haier G8 Android device with a build fingerprint of Haier/HM-G559- ...)
	NOT-FOR-US: Haier G8 Android device
CVE-2019-15369 (The Lava Z61 Turbo Android device with a build fingerprint of LAVA/Z61 ...)
	NOT-FOR-US: Lava Z61 Turbo Android device
CVE-2019-15368 (The Coolpad 1851 Android device with a build fingerprint of Coolpad/an ...)
	NOT-FOR-US: Coolpad
CVE-2019-15367 (The Haier P10 Android device with a build fingerprint of Haier/P10/P10 ...)
	NOT-FOR-US: Haier P10 Android device
CVE-2019-15366 (The Infinix Note 5 Android device with a build fingerprint of Infinix/ ...)
	NOT-FOR-US: Infinix Note 5 Android device
CVE-2019-15365 (The Lava Z92 Android device with a build fingerprint of LAVA/Z92/Z92:8 ...)
	NOT-FOR-US: Lava Z92 Android device
CVE-2019-15364 (The Dexp BL250 Android device with a build fingerprint of DEXP/BL250/B ...)
	NOT-FOR-US: Dexp BL250 Android device
CVE-2019-15363 (The Leagoo Power 5 Android device with a build fingerprint of LEAGOO/P ...)
	NOT-FOR-US: Leagoo Power 5 Android device
CVE-2019-15362 (The Lava Iris 88 Go Android device with a build fingerprint of LAVA/ir ...)
	NOT-FOR-US: Lava Iris 88 Go Android device
CVE-2019-15361 (The Infinix Note 5 Android device with a build fingerprint of Infinix/ ...)
	NOT-FOR-US: Infinix Note 5 Android device
CVE-2019-15360 (The Hisense U965 Android device with a build fingerprint of Hisense/U9 ...)
	NOT-FOR-US: Hisense U965 Android device
CVE-2019-15359 (The Haier A6 Android device with a build fingerprint of Haier/A6/A6:8. ...)
	NOT-FOR-US: Haier A6 Android device
CVE-2019-15358 (The Dexp Z250 Android device with a build fingerprint of DEXP/Z250/Z25 ...)
	NOT-FOR-US: Dexp Z250 Android device
CVE-2019-15357 (The Advan i6A Android device with a build fingerprint of ADVAN/i6A/i6A ...)
	NOT-FOR-US: Advan i6A Android device
CVE-2019-15356 (The Lava Flair Z1 Android device with a build fingerprint of LAVA/Z1/Z ...)
	NOT-FOR-US: Lava Flair Z1 Android device
CVE-2019-15355 (The Tecno Camon iClick Android device with a build fingerprint of TECN ...)
	NOT-FOR-US: Tecno Camon iClick Android device
CVE-2019-15354 (The Ulefone Armor 5 Android device with a build fingerprint of Ulefone ...)
	NOT-FOR-US: Ulefone Armor 5 Android device
CVE-2019-15353 (The Coolpad N3C Android device with a build fingerprint of Coolpad/N3C ...)
	NOT-FOR-US: Coolpad N3C Android device
CVE-2019-15352 (The Coolpad 1851 Android device with a build fingerprint of Coolpad/an ...)
	NOT-FOR-US: Coolpad 1851 Android device
CVE-2019-15351 (The Tecno Camon Android device with a build fingerprint of TECNO/H622/ ...)
	NOT-FOR-US: Tecno Camon Android device
CVE-2019-15350 (The Tecno Camon Android device with a build fingerprint of TECNO/H622/ ...)
	NOT-FOR-US: Tecno Camon Android device
CVE-2019-15349 (The Tecno Camon Android device with a build fingerprint of TECNO/H612/ ...)
	NOT-FOR-US: Tecno Camon Android device
CVE-2019-15348 (The Tecno Camon Android device with a build fingerprint of TECNO/H612/ ...)
	NOT-FOR-US: Tecno Camon Android device
CVE-2019-15347 (The Tecno Camon iClick 2 Android device with a build fingerprint of TE ...)
	NOT-FOR-US: Tecno Camon iClick 2 Android device
CVE-2019-15346 (The Tecno Camon iClick 2 Android device with a build fingerprint of TE ...)
	NOT-FOR-US: Tecno Camon iClick 2 Android device
CVE-2019-15345 (The Tecno Camon iClick Android device with a build fingerprint of TECN ...)
	NOT-FOR-US: Tecno Camon iClick Android device
CVE-2019-15344 (The Tecno Camon iClick Android device with a build fingerprint of TECN ...)
	NOT-FOR-US: Tecno Camon iClick Android device
CVE-2019-15343 (The Tecno Camon iClick Android device with a build fingerprint of TECN ...)
	NOT-FOR-US: Tecno Camon iClick Android device
CVE-2019-15342 (The Tecno Camon iAir 2 Plus Android device with a build fingerprint of ...)
	NOT-FOR-US: Tecno Camon iAir 2 Plus Android device
CVE-2019-15341 (The Tecno Camon iAir 2 Plus Android device with a build fingerprint of ...)
	NOT-FOR-US: Tecno Camon iAir 2 Plus Android device
CVE-2019-15340 (The Xiaomi Redmi 6 Pro Android device with a build fingerprint of xiao ...)
	NOT-FOR-US: Xiaomi Redmi 6 Pro Android device
CVE-2019-15339 (The Lava Z60s Android device with a build fingerprint of LAVA/Z60s/Z60 ...)
	NOT-FOR-US: Lava Z60s Android device
CVE-2019-15338 (The Lava Iris 88 Lite Android device with a build fingerprint of LAVA/ ...)
	NOT-FOR-US: Lava Iris 88 Lite Android device
CVE-2019-15337 (The Lava Z81 Android device with a build fingerprint of LAVA/Z81/Z81:8 ...)
	NOT-FOR-US: Lava Z81 Android device
CVE-2019-15336 (The Lava Z61 Turbo Android device with a build fingerprint of LAVA/Z61 ...)
	NOT-FOR-US: Lava Z61 Turbo Android device
CVE-2019-15335 (The Lava Z92 Android device with a build fingerprint of LAVA/Z92/Z92:8 ...)
	NOT-FOR-US: Lava Z92 Android device
CVE-2019-15334 (The Lava Iris 88 Go Android device with a build fingerprint of LAVA/ir ...)
	NOT-FOR-US: Lava Iris 88 Go Android device
CVE-2019-15333 (The Lava Flair Z1 Android device with a build fingerprint of LAVA/Z1/Z ...)
	NOT-FOR-US: Lava Flair Z1 Android device
CVE-2019-15332 (The Lava Z61 Android device with a build fingerprint of LAVA/Z61_2GB/Z ...)
	NOT-FOR-US: Lava Z61 Android device
CVE-2019-15331 (The wp-support-plus-responsive-ticket-system plugin before 9.1.2 for W ...)
	NOT-FOR-US: wp-support-plus-responsive-ticket-system plugin for WordPress
CVE-2019-15330 (The webp-express plugin before 0.14.11 for WordPress has insufficient  ...)
	NOT-FOR-US: webp-express plugin for WordPress
CVE-2019-15329 (The import-users-from-csv-with-meta plugin before 1.14.0.3 for WordPre ...)
	NOT-FOR-US: import-users-from-csv-with-meta plugin for WordPress
CVE-2019-15328 (The import-users-from-csv-with-meta plugin before 1.14.0.3 for WordPre ...)
	NOT-FOR-US: import-users-from-csv-with-meta plugin for WordPress
CVE-2019-15327 (The import-users-from-csv-with-meta plugin before 1.14.1.3 for WordPre ...)
	NOT-FOR-US: import-users-from-csv-with-meta plugin for WordPress
CVE-2019-15326 (The import-users-from-csv-with-meta plugin before 1.14.2.1 for WordPre ...)
	NOT-FOR-US: import-users-from-csv-with-meta plugin for WordPress
CVE-2019-15325 (In GalliumOS 3.0, CONFIG_SECURITY_YAMA is disabled but /etc/sysctl.d/1 ...)
	NOT-FOR-US: GalliumOS
CVE-2019-15324 (The ad-inserter plugin before 2.4.22 for WordPress has remote code exe ...)
	NOT-FOR-US: ad-inserter plugin for WordPress
CVE-2019-15323 (The ad-inserter plugin before 2.4.20 for WordPress has path traversal. ...)
	NOT-FOR-US: ad-inserter plugin for WordPress
CVE-2019-15322 (The shortcode-factory plugin before 2.8 for WordPress has Local File I ...)
	NOT-FOR-US: shortcode-factory plugin for WordPress
CVE-2019-15321 (The option-tree plugin before 2.7.3 for WordPress has Object Injection ...)
	NOT-FOR-US: option-tree plugin for WordPress
CVE-2019-15320 (The option-tree plugin before 2.7.3 for WordPress has Object Injection ...)
	NOT-FOR-US: option-tree plugin for WordPress
CVE-2019-15319 (The option-tree plugin before 2.7.0 for WordPress has Object Injection ...)
	NOT-FOR-US: option-tree plugin for WordPress
CVE-2019-15318 (The yikes-inc-easy-mailchimp-extender plugin before 6.5.3 for WordPres ...)
	NOT-FOR-US: yikes-inc-easy-mailchimp-extender plugin for WordPress
CVE-2019-15317 (The give plugin before 2.4.7 for WordPress has XSS via a donor name. ...)
	NOT-FOR-US: give plugin for WordPress
CVE-2019-15316 (Valve Steam Client for Windows through 2019-08-20 has weak folder perm ...)
	NOT-FOR-US: Valve Steam Client for Windows
CVE-2019-15315 (Valve Steam Client for Windows through 2019-08-16 allows privilege esc ...)
	NOT-FOR-US: Valve Steam Client for Windows
CVE-2019-15314 (tiki/tiki-upload_file.php in Tiki 18.4 allows remote attackers to uplo ...)
	- tikiwiki <removed>
CVE-2019-15313 (In Zimbra Collaboration before 8.8.15 Patch 1, there is a non-persiste ...)
	NOT-FOR-US: Zimbra Collaboration
CVE-2019-15312
	RESERVED
CVE-2019-15311
	RESERVED
CVE-2019-15310
	RESERVED
CVE-2019-15309
	RESERVED
CVE-2019-15308
	RESERVED
CVE-2019-15307
	RESERVED
CVE-2019-15306
	RESERVED
CVE-2019-15305
	RESERVED
CVE-2019-15304 (Lierda Grill Temperature Monitor V1.00_50006 has a default password of ...)
	NOT-FOR-US: Lierda Grill Temperature Monitor
CVE-2019-15303
	RESERVED
CVE-2019-15302 (The pad management logic in XWiki labs CryptPad before 3.0.0 allows a  ...)
	NOT-FOR-US: CryptPad
CVE-2019-15301 (A SQL injection vulnerability in the method Terrasoft.Core.DB.Column.C ...)
	NOT-FOR-US: Terrasoft Bpm'online CRM-System SDK
CVE-2019-15300 (A problem was found in Centreon Web through 19.04.3. An authenticated  ...)
	- centreon-web <itp> (bug #913903)
CVE-2019-15299 (An issue was discovered in Centreon Web through 19.04.3. When a user c ...)
	- centreon-web <itp> (bug #913903)
CVE-2019-15298 (A problem was found in Centreon Web through 19.04.3. An authenticated  ...)
	- centreon-web <itp> (bug #913903)
CVE-2019-15297 (res_pjsip_t38 in Sangoma Asterisk 13.21-cert4, 15.7.3, and 16.5.0 allo ...)
	- asterisk <unfixed> (low; bug #940060)
	[buster] - asterisk <no-dsa> (Minor issue)
	[stretch] - asterisk <no-dsa> (Minor issue)
	[jessie] - asterisk <not-affected> (The vulnerable code is not present)
	NOTE: https://downloads.asterisk.org/pub/security/AST-2019-004.html
	NOTE: https://issues.asterisk.org/jira/browse/ASTERISK-28495
CVE-2019-15296 (An issue was discovered in Freeware Advanced Audio Decoder 2 (FAAD2) 2 ...)
	{DSA-4522-1 DLA-1899-1}
	- faad2 2.8.8-3
	NOTE: https://github.com/knik0/faad2/commit/942c3e0aee748ea6fe97cb2c1aa5893225316174
CVE-2019-15295 (An Untrusted Search Path vulnerability in the ServiceInstance.dll libr ...)
	NOT-FOR-US: Bitdefender Antivirus Free
CVE-2019-15294 (An issue was discovered in Gallagher Command Centre 8.10 before 8.10.1 ...)
	NOT-FOR-US: Gallagher Command Centre
CVE-2019-15293 (An issue was discovered in ACDSee Photo Studio Standard 22.1 Build 115 ...)
	NOT-FOR-US: ACDSee
CVE-2019-15289
	RESERVED
CVE-2019-15288 (A vulnerability in the CLI of Cisco TelePresence Collaboration Endpoin ...)
	NOT-FOR-US: Cisco
CVE-2019-15287
	RESERVED
CVE-2019-15286 (Multiple vulnerabilities in Cisco Webex Network Recording Player for M ...)
	NOT-FOR-US: Cisco
CVE-2019-15285
	RESERVED
CVE-2019-15284 (Multiple vulnerabilities in Cisco Webex Network Recording Player for M ...)
	NOT-FOR-US: Cisco
CVE-2019-15283
	RESERVED
CVE-2019-15282 (A vulnerability in the web-based management interface of Cisco Identit ...)
	NOT-FOR-US: Cisco
CVE-2019-15281 (A vulnerability in the web-based management interface of Cisco Identit ...)
	NOT-FOR-US: Cisco
CVE-2019-15280 (A vulnerability in the web-based management interface of Cisco Firepow ...)
	NOT-FOR-US: Cisco
CVE-2019-15279
	RESERVED
CVE-2019-15278 (A vulnerability in the web-based management interface of Cisco Finesse ...)
	NOT-FOR-US: Cisco
CVE-2019-15277 (A vulnerability in the CLI of Cisco TelePresence Collaboration Endpoin ...)
	NOT-FOR-US: Cisco
CVE-2019-15276 (A vulnerability in the web interface of Cisco Wireless LAN Controller  ...)
	NOT-FOR-US: Cisco
CVE-2019-15275 (A vulnerability in the CLI of Cisco TelePresence Collaboration Endpoin ...)
	NOT-FOR-US: Cisco
CVE-2019-15274 (A vulnerability in the CLI of Cisco TelePresence Collaboration Endpoin ...)
	NOT-FOR-US: Cisco
CVE-2019-15273 (Multiple vulnerabilities in the CLI of Cisco TelePresence Collaboratio ...)
	NOT-FOR-US: Cisco
CVE-2019-15272 (A vulnerability in the web-based interface of Cisco Unified Communicat ...)
	NOT-FOR-US: Cisco
CVE-2019-15271 (A vulnerability in the web-based management interface of certain Cisco ...)
	NOT-FOR-US: Cisco
CVE-2019-15270 (A vulnerability in the web-based management interface of Cisco Firepow ...)
	NOT-FOR-US: Cisco
CVE-2019-15269 (Multiple vulnerabilities in the web-based management interface of Cisc ...)
	NOT-FOR-US: Cisco
CVE-2019-15268 (Multiple vulnerabilities in the web-based management interface of Cisc ...)
	NOT-FOR-US: Cisco
CVE-2019-15267
	RESERVED
CVE-2019-15266 (A vulnerability in the CLI of Cisco Wireless LAN Controller (WLC) Soft ...)
	NOT-FOR-US: Cisco
CVE-2019-15265 (A vulnerability in the bridge protocol data unit (BPDU) forwarding fun ...)
	NOT-FOR-US: Cisco
CVE-2019-15264 (A vulnerability in the Control and Provisioning of Wireless Access Poi ...)
	NOT-FOR-US: Cisco
CVE-2019-15263
	RESERVED
CVE-2019-15262 (A vulnerability in the Secure Shell (SSH) session management for Cisco ...)
	NOT-FOR-US: Cisco
CVE-2019-15261 (A vulnerability in the Point-to-Point Tunneling Protocol (PPTP) VPN pa ...)
	NOT-FOR-US: Cisco
CVE-2019-15260 (A vulnerability in Cisco Aironet Access Points (APs) Software could al ...)
	NOT-FOR-US: Cisco
CVE-2019-15259 (A vulnerability in Cisco Unified Contact Center Express (UCCX) Softwar ...)
	NOT-FOR-US: Cisco
CVE-2019-15258 (A vulnerability in the web-based management interface of Cisco SPA100  ...)
	NOT-FOR-US: Cisco
CVE-2019-15257 (A vulnerability in the web-based management interface of Cisco SPA100  ...)
	NOT-FOR-US: Cisco
CVE-2019-15256 (A vulnerability in the Internet Key Exchange version 1 (IKEv1) feature ...)
	NOT-FOR-US: Cisco
CVE-2019-15255 (A vulnerability in the web-based management interface of Cisco Identit ...)
	NOT-FOR-US: Cisco
CVE-2019-15254
	RESERVED
CVE-2019-15253 (A vulnerability in the web-based management interface of Cisco Digital ...)
	NOT-FOR-US: Cisco
CVE-2019-15252 (Multiple vulnerabilities in Cisco SPA100 Series Analog Telephone Adapt ...)
	NOT-FOR-US: Cisco
CVE-2019-15251 (Multiple vulnerabilities in Cisco SPA100 Series Analog Telephone Adapt ...)
	NOT-FOR-US: Cisco
CVE-2019-15250 (Multiple vulnerabilities in Cisco SPA100 Series Analog Telephone Adapt ...)
	NOT-FOR-US: Cisco
CVE-2019-15249 (Multiple vulnerabilities in Cisco SPA100 Series Analog Telephone Adapt ...)
	NOT-FOR-US: Cisco
CVE-2019-15248 (Multiple vulnerabilities in Cisco SPA100 Series Analog Telephone Adapt ...)
	NOT-FOR-US: Cisco
CVE-2019-15247 (Multiple vulnerabilities in Cisco SPA100 Series Analog Telephone Adapt ...)
	NOT-FOR-US: Cisco
CVE-2019-15246 (Multiple vulnerabilities in Cisco SPA100 Series Analog Telephone Adapt ...)
	NOT-FOR-US: Cisco
CVE-2019-15245 (Multiple vulnerabilities in Cisco SPA100 Series Analog Telephone Adapt ...)
	NOT-FOR-US: Cisco
CVE-2019-15244 (Multiple vulnerabilities in Cisco SPA100 Series Analog Telephone Adapt ...)
	NOT-FOR-US: Cisco
CVE-2019-15243 (Multiple vulnerabilities in Cisco SPA100 Series Analog Telephone Adapt ...)
	NOT-FOR-US: Cisco
CVE-2019-15242 (Multiple vulnerabilities in Cisco SPA100 Series Analog Telephone Adapt ...)
	NOT-FOR-US: Cisco
CVE-2019-15241 (Multiple vulnerabilities in Cisco SPA100 Series Analog Telephone Adapt ...)
	NOT-FOR-US: Cisco
CVE-2019-15240 (Multiple vulnerabilities in Cisco SPA100 Series Analog Telephone Adapt ...)
	NOT-FOR-US: Cisco
CVE-2019-15292 (An issue was discovered in the Linux kernel before 5.0.9. There is a u ...)
	{DLA-1930-1 DLA-1919-1}
	- linux 4.19.37-1
	[stretch] - linux 4.9.184-1
CVE-2019-15291 (An issue was discovered in the Linux kernel through 5.2.9. There is a  ...)
	{DLA-2114-1 DLA-2068-1}
	- linux 5.3.15-1
	[buster] - linux 4.19.87-1
	[stretch] - linux 4.9.210-1
	NOTE: https://www.openwall.com/lists/oss-security/2019/08/20/2
CVE-2019-15290
	REJECTED
CVE-2019-15239 (In the Linux kernel, a certain net/ipv4/tcp_output.c change, which was ...)
	{DSA-4497-1 DLA-1884-1}
	- linux 4.15.4-1
	NOTE: https://pulsesecurity.co.nz/advisories/linux-kernel-4.9-tcpsocketsuaf
	NOTE: Workaround entry for main entry as the issue never affected upstream version
	NOTE: actually and is specific to the stable versions backports.
CVE-2019-15238 (The cforms2 plugin before 15.0.2 for WordPress has CSRF related to the ...)
	NOT-FOR-US: Wordpress plugin
CVE-2019-15237 (Roundcube Webmail through 1.3.9 mishandles Punycode xn-- domain names, ...)
	- roundcube <unfixed> (low; bug #949629)
	[buster] - roundcube <no-dsa> (Minor issue)
	[stretch] - roundcube <no-dsa> (Minor issue)
	NOTE: https://github.com/roundcube/roundcubemail/issues/6891
CVE-2019-15236
	RESERVED
CVE-2019-15235 (CentOS-WebPanel.com (aka CWP) CentOS Web Panel 0.9.8.864 allows an att ...)
	NOT-FOR-US: CentOS-WebPanel.com CentOS Web Panel
CVE-2019-15234
	RESERVED
CVE-2019-15233 (The Live:Text Box macro in the Old Street Live Input Macros app before ...)
	NOT-FOR-US: Old Street Live Input Macros app for Confluence
CVE-2019-15232 (Live555 before 2019.08.16 has a Use-After-Free because GenericMediaSer ...)
	[experimental] - liblivemedia 2019.08.16-1
	- liblivemedia 2019.10.11-2 (low)
	[buster] - liblivemedia <postponed> (Can be fixed along in future update)
	[stretch] - liblivemedia <postponed> (Can be fixed along in future update)
	[jessie] - liblivemedia <postponed> (Can be fixed along with more important patches)
	NOTE: Fixed upstream in 2019.08.16 according to available information.
CVE-2019-15231
	REJECTED
CVE-2019-15230 (LibreNMS v1.54 has XSS in the Create User, Inventory, Add Device, Noti ...)
	NOT-FOR-US: LibreNMS
CVE-2019-15229 (FUEL CMS 1.4.4 has CSRF in the blocks/create/ Create Blocks section of ...)
	NOT-FOR-US: FUEL CMS
CVE-2019-15228 (FUEL CMS 1.4.4 has XSS in the Create Blocks section of the Admin conso ...)
	NOT-FOR-US: FUEL CMS
CVE-2019-15227 (FlightPath 4.8.3 has XSS in the Content, Edit urgent message, and User ...)
	NOT-FOR-US: FlightPath
CVE-2019-15226 (Upon receiving each incoming request header data, Envoy will iterate o ...)
	NOT-FOR-US: envoy proxy (not the same as itp'ed envoy, #758651)
CVE-2019-15225 (In Envoy through 1.11.1, users may configure a route to match incoming ...)
	NOT-FOR-US: envoy proxy (not the same as itp'ed envoy, #758651)
CVE-2019-15224 (The rest-client gem 1.6.10 through 1.6.13 for Ruby, as distributed on  ...)
	- ruby-rest-client <not-affected> (Backdoored version not uploaded to Debian)
CVE-2019-15223 (An issue was discovered in the Linux kernel before 5.1.8. There is a N ...)
	- linux <not-affected> (Vulnerable code not present)
	NOTE: https://git.kernel.org/linus/0b074ab7fc0d575247b9cc9f93bb7e007ca38840
CVE-2019-15222 (An issue was discovered in the Linux kernel before 5.2.8. There is a N ...)
	- linux <not-affected> (Vulnerable code not present in any released version)
	NOTE: https://git.kernel.org/linus/5d78e1c2b7f4be00bbe62141603a631dc7812f35
CVE-2019-15221 (An issue was discovered in the Linux kernel before 5.1.17. There is a  ...)
	{DLA-1930-1 DLA-1919-1}
	- linux 5.2.6-1
	[buster] - linux 4.19.67-1
	[stretch] - linux 4.9.185-1
	NOTE: https://git.kernel.org/linus/3450121997ce872eb7f1248417225827ea249710
CVE-2019-15220 (An issue was discovered in the Linux kernel before 5.2.1. There is a u ...)
	{DLA-1930-1 DLA-1919-1}
	- linux 5.2.6-1
	[buster] - linux 4.19.67-1
	[stretch] - linux 4.9.189-1
	NOTE: https://git.kernel.org/linus/6e41e2257f1094acc37618bf6c856115374c6922
CVE-2019-15219 (An issue was discovered in the Linux kernel before 5.1.8. There is a N ...)
	{DLA-1930-1 DLA-1919-1}
	- linux 5.2.6-1
	[buster] - linux 4.19.67-1
	[stretch] - linux 4.9.184-1
	NOTE: https://git.kernel.org/linus/9a5729f68d3a82786aea110b1bfe610be318f80a
CVE-2019-15218 (An issue was discovered in the Linux kernel before 5.1.8. There is a N ...)
	{DLA-1930-1 DLA-1919-1}
	- linux 5.2.6-1
	[buster] - linux 4.19.67-1
	[stretch] - linux 4.9.184-1
	NOTE: https://git.kernel.org/linus/31e0456de5be379b10fea0fa94a681057114a96e
CVE-2019-15217 (An issue was discovered in the Linux kernel before 5.2.3. There is a N ...)
	{DLA-2114-1 DLA-2068-1}
	- linux 5.2.6-1
	[buster] - linux 4.19.98-1
	[stretch] - linux 4.9.210-1
	NOTE: https://git.kernel.org/linus/5d2e73a5f80a5b5aff3caf1ec6d39b5b3f54b26e
CVE-2019-15216 (An issue was discovered in the Linux kernel before 5.0.14. There is a  ...)
	{DLA-1919-1 DLA-1884-1}
	- linux 5.2.6-1
	[buster] - linux 4.19.67-1
	[stretch] - linux 4.9.184-1
	NOTE: https://git.kernel.org/linus/ef61eb43ada6c1d6b94668f0f514e4c268093ff3
CVE-2019-15215 (An issue was discovered in the Linux kernel before 5.2.6. There is a u ...)
	{DLA-1930-1 DLA-1919-1}
	- linux 5.2.6-1
	[buster] - linux 4.19.67-1
	[stretch] - linux 4.9.189-1
	NOTE: https://git.kernel.org/linus/eff73de2b1600ad8230692f00bc0ab49b166512a
CVE-2019-15214 (An issue was discovered in the Linux kernel before 5.0.10. There is a  ...)
	{DLA-1884-1}
	- linux 4.19.37-1
	[stretch] - linux 4.9.184-1
CVE-2019-15213 (An issue was discovered in the Linux kernel before 5.2.3. There is a u ...)
	- linux <unfixed>
	[stretch] - linux <not-affected> (Vulnerable code introduced later)
	[jessie] - linux <not-affected> (Vulnerable code introduced later)
CVE-2019-15212 (An issue was discovered in the Linux kernel before 5.1.8. There is a d ...)
	{DLA-1930-1 DLA-1919-1}
	- linux 5.2.6-1
	[buster] - linux 4.19.67-1
	[stretch] - linux 4.9.184-1
	NOTE: https://git.kernel.org/linus/3864d33943b4a76c6e64616280e98d2410b1190f
CVE-2019-15211 (An issue was discovered in the Linux kernel before 5.2.6. There is a u ...)
	{DLA-1930-1 DLA-1919-1}
	- linux 5.2.6-1
	[buster] - linux 4.19.67-1
	[stretch] - linux 4.9.189-1
	NOTE: https://git.kernel.org/linus/c666355e60ddb4748ead3bdd983e3f7f2224aaf0
CVE-2019-15210
	RESERVED
CVE-2019-15209
	RESERVED
CVE-2019-15208
	RESERVED
CVE-2019-15207
	RESERVED
CVE-2019-15206
	RESERVED
CVE-2019-15205
	RESERVED
CVE-2019-15204
	RESERVED
CVE-2019-15203
	RESERVED
CVE-2019-15202
	RESERVED
CVE-2019-15201
	RESERVED
CVE-2019-15200
	RESERVED
CVE-2019-15199
	RESERVED
CVE-2019-15198
	RESERVED
CVE-2019-15197
	RESERVED
CVE-2019-15196
	RESERVED
CVE-2019-15195
	RESERVED
CVE-2019-15194
	RESERVED
CVE-2019-15193
	RESERVED
CVE-2019-15192
	RESERVED
CVE-2019-15191
	RESERVED
CVE-2019-15190
	RESERVED
CVE-2019-15189
	RESERVED
CVE-2019-15188
	RESERVED
CVE-2019-15187
	RESERVED
CVE-2019-15186
	RESERVED
CVE-2019-15185
	RESERVED
CVE-2019-15184
	RESERVED
CVE-2019-15183
	RESERVED
CVE-2019-15182
	RESERVED
CVE-2019-15181
	RESERVED
CVE-2019-15180
	RESERVED
CVE-2019-15179
	RESERVED
CVE-2019-15178
	RESERVED
CVE-2019-15177
	RESERVED
CVE-2019-15176
	RESERVED
CVE-2019-15175
	RESERVED
CVE-2019-15174
	RESERVED
CVE-2019-15173
	RESERVED
CVE-2019-15172
	RESERVED
CVE-2019-15171
	RESERVED
CVE-2019-15170
	RESERVED
CVE-2019-15169
	RESERVED
CVE-2019-15168
	RESERVED
CVE-2019-15167
	RESERVED
CVE-2019-15166 (lmp_print_data_link_subobjs() in print-lmp.c in tcpdump before 4.9.3 l ...)
	{DSA-4547-1 DLA-1955-1}
	- tcpdump 4.9.3-1 (bug #941698)
	NOTE: https://github.com/the-tcpdump-group/tcpdump/commit/0b661e0aa61850234b64394585cf577aac570bf4
CVE-2019-15165 (sf-pcapng.c in libpcap before 1.9.1 does not properly validate the PHB ...)
	{DLA-1967-1}
	- libpcap 1.9.1-1 (low; bug #941697)
	[buster] - libpcap <no-dsa> (Minor issue)
	[stretch] - libpcap <no-dsa> (Minor issue)
	NOTE: https://github.com/the-tcpdump-group/libpcap/commit/87d6bef033062f969e70fa40c43dfd945d5a20ab
	NOTE: https://github.com/the-tcpdump-group/libpcap/commit/a5a36d9e82dde7265e38fe1f87b7f11c461c29f6
CVE-2019-15164 (rpcapd/daemon.c in libpcap before 1.9.1 allows SSRF because a URL may  ...)
	- libpcap 1.9.1-1 (unimportant)
	[buster] - libpcap <not-affected> (Vulnerable code introduced in 1.9.0)
	[stretch] - libpcap <not-affected> (Vulnerable code introduced in 1.9.0)
	[jessie] - libpcap <not-affected> (Vulnerable code introduced in 1.9.0)
	NOTE: https://github.com/the-tcpdump-group/libpcap/commit/33834cb2a4d035b52aa2a26742f832a112e90a0a
	NOTE: rpcapd not build in Debian.
CVE-2019-15163 (rpcapd/daemon.c in libpcap before 1.9.1 allows attackers to cause a de ...)
	- libpcap 1.9.1-1 (unimportant)
	[buster] - libpcap <not-affected> (Vulnerable code introduced in 1.9.0)
	[stretch] - libpcap <not-affected> (Vulnerable code introduced in 1.9.0)
	[jessie] - libpcap <not-affected> (Vulnerable code introduced in 1.9.0)
	NOTE: https://github.com/the-tcpdump-group/libpcap/commit/437b273761adedcbd880f714bfa44afeec186a31
	NOTE: rpcapd not build in Debian.
CVE-2019-15162 (rpcapd/daemon.c in libpcap before 1.9.1 on non-Windows platforms provi ...)
	- libpcap 1.9.1-1 (unimportant)
	[buster] - libpcap <not-affected> (Vulnerable code introduced in 1.9.0)
	[stretch] - libpcap <not-affected> (Vulnerable code introduced in 1.9.0)
	[jessie] - libpcap <not-affected> (Vulnerable code introduced in 1.9.0)
	NOTE: https://github.com/the-tcpdump-group/libpcap/commit/484d60cbf7ca4ec758c3cbb8a82d68b244a78d58
	NOTE: rpcapd not build in Debian.
CVE-2019-15161 (rpcapd/daemon.c in libpcap before 1.9.1 mishandles certain length valu ...)
	- libpcap 1.9.1-1 (unimportant)
	[buster] - libpcap <not-affected> (Vulnerable code introduced in 1.9.0)
	[stretch] - libpcap <not-affected> (Vulnerable code introduced in 1.9.0)
	[jessie] - libpcap <not-affected> (Vulnerable code introduced in 1.9.0)
	NOTE: https://github.com/the-tcpdump-group/libpcap/commit/617b12c0339db4891d117b661982126c495439ea
	NOTE: rpcapd not built in Debian.
CVE-2019-15160 (The SweetXml (aka sweet_xml) package through 0.6.6 for Erlang and Elix ...)
	NOT-FOR-US: SweetXml (aka sweet_xml) package for Erlang and Elixir
CVE-2019-15159
	RESERVED
CVE-2019-15158
	RESERVED
CVE-2019-15157
	RESERVED
CVE-2019-15156
	RESERVED
CVE-2019-15155
	RESERVED
CVE-2019-15154
	RESERVED
CVE-2019-15153
	RESERVED
CVE-2019-15152
	RESERVED
CVE-2019-15151 (AdPlug 2.3.1 has a double free in the Cu6mPlayer class in u6m.h. ...)
	- adplug <unfixed> (bug #946340)
	[buster] - adplug <no-dsa> (Minor issue)
	[stretch] - adplug <no-dsa> (Minor issue)
	[jessie] - adplug <no-dsa> (Minor issue)
	NOTE: https://github.com/adplug/adplug/issues/91
CVE-2019-15150 (In the OAuth2 Client extension before 0.4 for MediaWiki, a CSRF vulner ...)
	NOT-FOR-US: OAuth2 Client MediaWiki extension
CVE-2019-15149 (** DISPUTED ** core.py in Mitogen before 0.2.8 has a typo that drops t ...)
	NOT-FOR-US: Mitogen
CVE-2019-15148 (GoPro GPMF-parser 1.2.2 has an out-of-bounds write in OpenMP4Source in ...)
	NOT-FOR-US: gpmf-parser
CVE-2019-15147 (GoPro GPMF-parser 1.2.2 has an out-of-bounds read and SEGV in GPMF_Nex ...)
	NOT-FOR-US: gpmf-parser
CVE-2019-15146 (GoPro GPMF-parser 1.2.2 has a heap-based buffer over-read (4 bytes) in ...)
	NOT-FOR-US: gpmf-parser
CVE-2019-15145 (DjVuLibre 3.5.27 allows attackers to cause a denial-of-service attack  ...)
	{DLA-1902-1}
	- djvulibre 3.5.27.1-11 (low)
	[buster] - djvulibre <no-dsa> (Minor issue)
	[stretch] - djvulibre <no-dsa> (Minor issue)
	NOTE: https://sourceforge.net/p/djvu/bugs/298/
	NOTE: https://sourceforge.net/p/djvu/djvulibre-git/ci/9658b01431cd7ff6344d7787f855179e73fe81a7/
CVE-2019-15144 (In DjVuLibre 3.5.27, the sorting functionality (aka GArrayTemplate&lt; ...)
	{DLA-1902-1}
	- djvulibre 3.5.27.1-11 (low)
	[buster] - djvulibre <no-dsa> (Minor issue)
	[stretch] - djvulibre <no-dsa> (Minor issue)
	NOTE: https://sourceforge.net/p/djvu/bugs/299/
	NOTE: https://sourceforge.net/p/djvu/djvulibre-git/ci/e15d51510048927f172f1bf1f27ede65907d940d/
CVE-2019-15143 (In DjVuLibre 3.5.27, the bitmap reader component allows attackers to c ...)
	{DLA-1902-1}
	- djvulibre 3.5.27.1-11 (low)
	[buster] - djvulibre <no-dsa> (Minor issue)
	[stretch] - djvulibre <no-dsa> (Minor issue)
	NOTE: https://sourceforge.net/p/djvu/bugs/297/
	NOTE: https://sourceforge.net/p/djvu/djvulibre-git/ci/b1f4e1b2187d9e5010cd01ceccf20b4a11ce723f/
CVE-2019-15142 (In DjVuLibre 3.5.27, DjVmDir.cpp in the DJVU reader component allows a ...)
	{DLA-1902-1}
	- djvulibre 3.5.27.1-11 (low)
	[buster] - djvulibre <no-dsa> (Minor issue)
	[stretch] - djvulibre <no-dsa> (Minor issue)
	NOTE: https://sourceforge.net/p/djvu/bugs/296/
	NOTE: https://sourceforge.net/p/djvu/djvulibre-git/ci/970fb11a296b5bbdc5e8425851253d2c5913c45e/
CVE-2019-15141 (WriteTIFFImage in coders/tiff.c in ImageMagick 7.0.8-43 Q16 allows att ...)
	- imagemagick <not-affected> (Incomplete fix for CVE-2019-11597 not applied)
	NOTE: https://github.com/ImageMagick/ImageMagick/issues/1560
	NOTE: https://github.com/ImageMagick/ImageMagick6/commit/3c53413eb544cc567309b4c86485eae43e956112
CVE-2019-15140 (coders/mat.c in ImageMagick 7.0.8-43 Q16 allows remote attackers to ca ...)
	{DLA-1968-1}
	- imagemagick <unfixed> (bug #941671)
	NOTE: https://github.com/ImageMagick/ImageMagick/commit/f7206618d27c2e69d977abf40e3035a33e5f6be0
	NOTE: ImageMagick6: https://github.com/ImageMagick/ImageMagick6/commit/5caef6e97f3f575cf7bea497865a4c1e624b8010
	NOTE: followup, previous patch introduced compiler warnings
	NOTE: https://github.com/ImageMagick/ImageMagick6/commit/5caef6e97f3f575cf7bea497865a4c1e624b8010
	NOTE: https://github.com/ImageMagick/ImageMagick/issues/1554
CVE-2019-15139 (The XWD image (X Window System window dumping file) parsing component  ...)
	{DLA-1968-1}
	- imagemagick <unfixed> (bug #941670)
	[buster] - imagemagick <ignored> (Minor issue)
	[stretch] - imagemagick <ignored> (Minor issue)
	NOTE: https://github.com/ImageMagick/ImageMagick/commit/c78993d138bf480ab4652b5a48379d4ff75ba5f7
	NOTE: ImageMagick6: https://github.com/ImageMagick/ImageMagick6/commit/6d46f0a046a58e7c4567a86ba1b9cb847d5b1968
	NOTE: ImageMagick6: followup, partly reverts previous patch:
	NOTE: https://github.com/ImageMagick/ImageMagick6/commit/e295b8193a1413a39d5c0b3e18fa7ca952c35cdf
	NOTE: https://github.com/ImageMagick/ImageMagick/issues/1553
CVE-2019-15138 (The html-pdf package 2.2.0 for Node.js has an arbitrary file read vuln ...)
	NOT-FOR-US: node html-pdf
CVE-2019-15137 (The Access Control plugin in eProsima Fast RTPS through 1.9.0 allows f ...)
	NOT-FOR-US: eProsima Fast RTPS
CVE-2019-15136 (The Access Control plugin in eProsima Fast RTPS through 1.9.0 does not ...)
	NOT-FOR-US: eProsima Fast RTPS
CVE-2019-15135 (The handshake protocol in Object Management Group (OMG) DDS Security 1 ...)
	NOT-FOR-US: Object Management Group (OMG) DDS Security
CVE-2019-15134 (RIOT through 2019.07 contains a memory leak in the TCP implementation  ...)
	NOT-FOR-US: RIOT RIOT-OS
CVE-2019-15133 (In GIFLIB before 2019-02-16, a malformed GIF file triggers a divide-by ...)
	[experimental] - giflib 5.1.8-1
	- giflib 5.1.9-1
	[buster] - giflib <no-dsa> (Minor issue)
	[stretch] - giflib <no-dsa> (Minor issue)
	[jessie] - giflib <no-dsa> (Minor issue)
	NOTE: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=13008
	NOTE: https://sourceforge.net/p/giflib/code/ci/799eb6a3af8a3dd81e2429bf11a72a57e541f908/
	NOTE: https://sourceforge.net/p/giflib/bugs/119/
CVE-2019-15132 (Zabbix through 4.4.0alpha1 allows User Enumeration. With login request ...)
	- zabbix <unfixed> (bug #935027)
	[buster] - zabbix <no-dsa> (Minor issue)
	[stretch] - zabbix <no-dsa> (Minor issue)
	[jessie] - zabbix <postponed> (Minor issue)
	NOTE: https://support.zabbix.com/browse/ZBX-16532
CVE-2019-15131 (In Code42 Enterprise 6.7.5 and earlier, 6.8.4 through 6.8.8, and 7.0.0 ...)
	NOT-FOR-US: Code42
CVE-2019-15130 (The Recruitment module in Humanica Humatrix 7 1.0.0.203 and 1.0.0.681  ...)
	NOT-FOR-US: Recruitment module in Humanica Humatrix
CVE-2019-15129 (The Recruitment module in Humanica Humatrix 7 1.0.0.203 and 1.0.0.681  ...)
	NOT-FOR-US: Recruitment module in Humanica Humatrix
CVE-2019-15128 (iF.SVNAdmin through 1.6.2 allows svnadmin/usercreate.php CSRF to creat ...)
	NOT-FOR-US: iF.SVNAdmin
CVE-2019-15127 (REDCap before 9.3.0 allows XSS attacks against non-administrator accou ...)
	NOT-FOR-US: REDCap
CVE-2019-15126 (An issue was discovered on Broadcom Wi-Fi client devices. Specifically ...)
	NOT-FOR-US: Broadcom
CVE-2019-15125
	RESERVED
CVE-2019-15124 (In the MobileFrontend extension for MediaWiki, XSS exists within the e ...)
	NOT-FOR-US: MobileFrontend extension for MediaWiki
CVE-2019-15123
	RESERVED
CVE-2019-15122
	RESERVED
CVE-2019-15121
	RESERVED
CVE-2019-15120 (The Kunena extension before 5.1.14 for Joomla! allows XSS via BBCode. ...)
	NOT-FOR-US: Kunena extension for Joomla!
CVE-2019-15119 (lib/install/install.go in cnlh nps through 0.23.2 uses 0777 permission ...)
	NOT-FOR-US: cnlh nps
CVE-2019-15118 (check_input_term in sound/usb/mixer.c in the Linux kernel through 5.2. ...)
	{DSA-4531-1 DLA-1940-1 DLA-1930-1}
	- linux 5.2.17-1
	NOTE: Fixed by: https://git.kernel.org/linus/19bce474c45be69a284ecee660aa12d8f1e88f18
CVE-2019-15117 (parse_audio_mixer_unit in sound/usb/mixer.c in the Linux kernel throug ...)
	{DSA-4531-1 DLA-1940-1 DLA-1930-1}
	- linux 5.2.17-1
	NOTE: Fixed by: https://git.kernel.org/linus/daac07156b330b18eb5071aec4b3ddca1c377f2c
CVE-2019-15116 (The easy-digital-downloads plugin before 2.9.16 for WordPress has XSS  ...)
	NOT-FOR-US: easy-digital-downloads plugin for WordPress
CVE-2019-15115 (The peters-login-redirect plugin before 2.9.2 for WordPress has CSRF. ...)
	NOT-FOR-US: peters-login-redirect plugin for WordPress
CVE-2019-15114 (The formcraft-form-builder plugin before 1.2.2 for WordPress has CSRF. ...)
	NOT-FOR-US: formcraft-form-builder plugin for WordPress
CVE-2019-15113 (The companion-sitemap-generator plugin before 3.7.0 for WordPress has  ...)
	NOT-FOR-US: companion-sitemap-generator plugin for WordPress
CVE-2019-15112 (The wp-slimstat plugin before 4.8.1 for WordPress has XSS. ...)
	NOT-FOR-US: wp-slimstat plugin for WordPress
CVE-2019-15111 (The wp-front-end-profile plugin before 0.2.2 for WordPress has a privi ...)
	NOT-FOR-US: wp-front-end-profile plugin for WordPress
CVE-2019-15110 (The wp-front-end-profile plugin before 0.2.2 for WordPress has XSS. ...)
	NOT-FOR-US: wp-front-end-profile plugin for WordPress
CVE-2019-15109 (The the-events-calendar plugin before 4.8.2 for WordPress has XSS via  ...)
	NOT-FOR-US: the-events-calendar plugin for WordPress
CVE-2019-15108 (An issue was discovered in WSO2 API Manager 2.6.0 before WSO2-CARBON-P ...)
	NOT-FOR-US: WSO2 API Manager
CVE-2019-15107 (An issue was discovered in Webmin &lt;=1.920. The parameter old in pas ...)
	- webmin <removed>
CVE-2019-15106 (An issue was discovered in Zoho ManageEngine OpManager in builds befor ...)
	NOT-FOR-US: Zoho ManageEngine OpManager
CVE-2019-15105 (An issue was discovered in Zoho ManageEngine Application Manager throu ...)
	NOT-FOR-US: Zoho ManageEngine Application Manager
CVE-2019-15104 (An issue was discovered in Zoho ManageEngine OpManager through 12.4x.  ...)
	NOT-FOR-US: Zoho ManageEngine OpManager
CVE-2019-15103
	RESERVED
CVE-2019-15102 (An issue was discovered in Tyto Sahi Pro 6.x through 8.0.0. TestRunner ...)
	NOT-FOR-US: Tyto Sahi Pro
CVE-2019-15101
	RESERVED
CVE-2019-15100
	RESERVED
CVE-2019-15097
	RESERVED
CVE-2019-15096
	RESERVED
CVE-2019-15095 (DWSurvey through 2019-07-22 has reflected XSS via the design/qu-multi- ...)
	NOT-FOR-US: DWSurvey
CVE-2019-15094
	RESERVED
CVE-2019-15093
	RESERVED
CVE-2019-15092 (The webtoffee "WordPress Users &amp; WooCommerce Customers Import Expo ...)
	NOT-FOR-US: webtoffee "WordPress Users & WooCommerce Customers Import Export" plugin for WordPress
CVE-2019-15091 (filemgr.php in Artica Integria IMS 5.0.86 allows index.php?sec=wiki&am ...)
	NOT-FOR-US: Artica Integria IMS
CVE-2019-15089 (An issue was discovered in PRiSE adAS 1.7.0. Forms have no CSRF protec ...)
	NOT-FOR-US: PRiSE adAS
CVE-2019-15088 (An issue was discovered in PRiSE adAS 1.7.0. Password hashes are compa ...)
	NOT-FOR-US: PRiSE adAS
CVE-2019-15087 (An issue was discovered in PRiSE adAS 1.7.0. An authenticated user can ...)
	NOT-FOR-US: PRiSE adAS
CVE-2019-15086 (An issue was discovered in PRiSE adAS 1.7.0. The newentityID parameter ...)
	NOT-FOR-US: PRiSE adAS
CVE-2019-15085 (An issue was discovered in PRiSE adAS 1.7.0. The current database pass ...)
	NOT-FOR-US: PRiSE adAS
CVE-2019-15084 (Realtek Waves MaxxAudio driver 1.6.2.0, as used on Dell laptops, insta ...)
	NOT-FOR-US: Realtek
CVE-2019-15083
	RESERVED
CVE-2019-15099 (drivers/net/wireless/ath/ath10k/usb.c in the Linux kernel through 5.2. ...)
	- linux 5.3.15-1
	[buster] - linux 4.19.87-1
	[stretch] - linux <not-affected> (Vulnerable code not present)
	[jessie] - linux <not-affected> (Vulnerable code not present)
	NOTE: https://lore.kernel.org/linux-wireless/20190804003101.11541-1-benquike@gmail.com/T/#u
CVE-2019-15098 (drivers/net/wireless/ath/ath6kl/usb.c in the Linux kernel through 5.2. ...)
	{DLA-2114-1 DLA-2068-1}
	- linux 5.3.7-1
	[buster] - linux 4.19.87-1
	[stretch] - linux 4.9.210-1
	NOTE: https://lore.kernel.org/linux-wireless/20190804002905.11292-1-benquike@gmail.com/T/#u
CVE-2019-15090 (An issue was discovered in drivers/scsi/qedi/qedi_dbg.c in the Linux k ...)
	- linux 5.2.6-1
	[buster] - linux 4.19.67-1
	[stretch] - linux <not-affected> (Vulnerable code introduced later)
	[jessie] - linux <not-affected> (Vulnerable code introduced later)
	NOTE: Fixed by: https://git.kernel.org/linus/c09581a52765a85f19fc35340127396d5e3379cc
CVE-2019-15082 (The 360-product-rotation plugin before 1.4.8 for WordPress has reflect ...)
	NOT-FOR-US: Wordpress plugin
CVE-2019-15081 (OpenCart 3.x, when the attacker has login access to the admin panel, a ...)
	NOT-FOR-US: OpenCart
CVE-2019-15080
	RESERVED
CVE-2019-15079
	RESERVED
CVE-2019-15078
	RESERVED
CVE-2019-15077
	RESERVED
CVE-2019-15076
	RESERVED
CVE-2019-15075 (An issue was discovered in iNextrix ASTPP before 4.0.1. web_interface/ ...)
	NOT-FOR-US: iNextrix ASTPP
CVE-2019-15074 (The Timeline feature in my_view_page.php in MantisBT through 2.21.1 ha ...)
	- mantis <removed>
	NOTE: https://github.com/mantisbt/mantisbt/commit/9cee1971c498bbe0a72bca1c773fae50171d8c27
	NOTE: https://mantisbt.org/bugs/view.php?id=25995
CVE-2019-15073 (An Open Redirect vulnerability for all browsers in MAIL2000 through ve ...)
	NOT-FOR-US: Openfind MAIL2000
CVE-2019-15072 (The login feature in "/cgi-bin/portal" in MAIL2000 through version 6.0 ...)
	NOT-FOR-US: Openfind MAIL2000
CVE-2019-15071 (The "/cgi-bin/go" page in MAIL2000 through version 6.0 and 7.0 has a c ...)
	NOT-FOR-US: Openfind MAIL2000
CVE-2019-15070
	RESERVED
CVE-2019-15069 (An unsafe authentication interface was discovered in Smart Battery A4, ...)
	NOT-FOR-US: Smart Battery
CVE-2019-15068 (A broken access control vulnerability in Smart Battery A4, a multifunc ...)
	NOT-FOR-US: Smart Battery
CVE-2019-15067 (An authentication bypass vulnerability discovered in Smart Battery A2- ...)
	NOT-FOR-US: Smart Battery
CVE-2019-15066 (An &#8220;invalid command&#8221; handler issue was discovered in HiNet ...)
	NOT-FOR-US: HiNet GPON firmware
CVE-2019-15065 (A service which is hosted on port 6998 in HiNet GPON firmware &lt; I04 ...)
	NOT-FOR-US: HiNet GPON firmware
CVE-2019-15064 (HiNet GPON firmware version &lt; I040GWR190731 allows an attacker logi ...)
	NOT-FOR-US: HiNet GPON firmware
CVE-2019-15063
	RESERVED
CVE-2019-15062 (An issue was discovered in Dolibarr 11.0.0-alpha. A user can store an  ...)
	- dolibarr <removed>
	NOTE: https://github.com/Dolibarr/dolibarr/issues/11671
CVE-2019-15061
	RESERVED
CVE-2019-15060 (The traceroute function on the TP-Link TL-WR840N v4 router with firmwa ...)
	NOT-FOR-US: TP-Link
CVE-2019-15059
	RESERVED
CVE-2019-15058 (stb_image.h (aka the stb image loader) 2.23 has a heap-based buffer ov ...)
	- libstb <unfixed> (bug #934973)
	[buster] - libstb <no-dsa> (Minor issue)
	NOTE: https://github.com/nothings/stb/issues/790
	NOTE: Potentially also affects libsixel, mame, libsfml, love, zynaddsubfx, yquake2, ccextractor, zam-plugins, osgearth, catimg, darknet, gem, retroarch, renderdoc, goxel
CVE-2019-15057
	RESERVED
CVE-2019-15056
	RESERVED
CVE-2019-15055 (MikroTik RouterOS through 6.44.5 and 6.45.x through 6.45.3 improperly  ...)
	NOT-FOR-US: MikroTik RouterOS
CVE-2019-15054 (Multiple cross-site scripting (XSS) vulnerabilities in Mailbird before ...)
	NOT-FOR-US: Mailbird
CVE-2019-15053 (The "HTML Include and replace macro" plugin before 1.5.0 for Confluenc ...)
	NOT-FOR-US: "HTML Include and replace macro" plugin for Confluence Server
CVE-2019-15052 (The HTTP client in Gradle before 5.6 sends authentication credentials  ...)
	- gradle <unfixed> (low; bug #941187)
	[buster] - gradle <no-dsa> (Minor issue)
	[stretch] - gradle <no-dsa> (Minor issue)
	[jessie] - gradle <postponed> (Minor issue, old gradle mainly used for building Debian packages with system libraries)
	NOTE: https://github.com/gradle/gradle/issues/10278
	NOTE: https://github.com/gradle/gradle/pull/10176
	NOTE: https://github.com/gradle/gradle/security/advisories/GHSA-4cwg-f7qc-6r95
CVE-2019-15051 (An issue was discovered in Softing uaGate (SI, MB, 840D) firmware thro ...)
	NOT-FOR-US: Softing uaGate
CVE-2019-15050 (An issue was discovered in Bento4 1.5.1.0. There is a heap-based buffe ...)
	NOT-FOR-US: Bento4
CVE-2019-15049 (An issue was discovered in Bento4 1.5.1.0. There is a heap-based buffe ...)
	NOT-FOR-US: Bento4
CVE-2019-15048 (An issue was discovered in Bento4 1.5.1.0. There is a heap-based buffe ...)
	NOT-FOR-US: Bento4
CVE-2019-15047 (An issue was discovered in Bento4 1.5.1.0. There is a heap-based buffe ...)
	NOT-FOR-US: Bento4
CVE-2019-15046 (Zoho ManageEngine ServiceDesk Plus 10 before 10509 allows unauthentica ...)
	NOT-FOR-US: Zoho ManageEngine ServiceDesk Plus
CVE-2019-15045 (** DISPUTED ** AjaxDomainServlet in Zoho ManageEngine ServiceDesk Plus ...)
	NOT-FOR-US: Zoho ManageEngine ServiceDesk Plus
CVE-2019-15044
	RESERVED
	NOT-FOR-US: Qualcomm components for Android
CVE-2019-15043 (In Grafana 2.x through 6.x before 6.3.4, parts of the HTTP API allow u ...)
	- grafana <removed>
CVE-2019-15042 (An issue was discovered in JetBrains TeamCity 2018.2.4. It had no SSL  ...)
	NOT-FOR-US: JetBrains TeamCity
CVE-2019-15041 (JetBrains YouTrack versions before 2019.1.52545 allowed unbounded URL  ...)
	NOT-FOR-US: JetBrains YouTrack
CVE-2019-15040 (JetBrains YouTrack versions before 2019.1 had a CSRF vulnerability on  ...)
	NOT-FOR-US: JetBrains YouTrack
CVE-2019-15039 (An issue was discovered in JetBrains TeamCity 2018.2.4. It had a possi ...)
	NOT-FOR-US: JetBrains TeamCity
CVE-2019-15038 (An issue was discovered in JetBrains TeamCity 2018.2.4. The TeamCity s ...)
	NOT-FOR-US: JetBrains TeamCity
CVE-2019-15037 (An issue was discovered in JetBrains TeamCity 2018.2.4. It had several ...)
	NOT-FOR-US: JetBrains TeamCity
CVE-2019-15036 (An issue was discovered in JetBrains TeamCity 2018.2.4. A TeamCity Pro ...)
	NOT-FOR-US: JetBrains TeamCity
CVE-2019-15035 (An issue was discovered in JetBrains TeamCity 2018.2.4. A TeamCity Pro ...)
	NOT-FOR-US: JetBrains TeamCity
CVE-2019-15034 (hw/display/bochs-display.c in QEMU 4.0.0 does not ensure a sufficient  ...)
	- qemu 1:4.1-1
	[stretch] - qemu <not-affected> (Vulnerable code introduced later)
	[jessie] - qemu <not-affected> (Vulnerable code introduced later)
	- qemu-kvm <removed>
	NOTE: https://lists.gnu.org/archive/html/qemu-devel/2019-08/msg01959.html
	NOTE: https://git.qemu.org/?p=qemu.git;a=commitdiff;h=5e7bcdcfe69ce0fad66012b2cfb2035003c37eef
CVE-2019-15033 (Pydio 6.0.8 allows Authenticated SSRF during a Remote Link Feature dow ...)
	- ajaxplorer <itp> (bug #668381)
CVE-2019-15032 (Pydio 6.0.8 mishandles error reporting when a directory allows unauthe ...)
	- ajaxplorer <itp> (bug #668381)
CVE-2019-15031 (In the Linux kernel through 5.2.14 on the powerpc platform, a local us ...)
	- linux 5.2.17-1
	[buster] - linux 4.19.87-1
	[stretch] - linux <not-affected> (Vulnerable code introduced later)
	[jessie] - linux <not-affected> (Vulnerable code introduced later)
	NOTE: https://git.kernel.org/linus/a8318c13e79badb92bc6640704a64cc022a6eb97
CVE-2019-15030 (In the Linux kernel through 5.2.14 on the powerpc platform, a local us ...)
	- linux 5.2.17-1
	[buster] - linux 4.19.87-1
	[stretch] - linux 4.9.210-1
	[jessie] - linux <not-affected> (Vulnerable code not present)
	NOTE: https://git.kernel.org/linus/8205d5d98ef7f155de211f5e2eb6ca03d95a5a60
CVE-2019-15029 (FusionPBX 4.4.8 allows an attacker to execute arbitrary system command ...)
	NOT-FOR-US: FusionPBX
CVE-2019-15028 (In Joomla! before 3.9.11, inadequate checks in com_contact could allow ...)
	NOT-FOR-US: Joomla!
CVE-2019-15027 (The MediaTek Embedded Multimedia Card (eMMC) subsystem for Android on  ...)
	NOT-FOR-US: Mediatek
CVE-2019-15026 (memcached 1.5.16, when UNIX sockets are used, has a stack-based buffer ...)
	{DLA-1913-1}
	- memcached 1.5.17-1 (bug #939337)
	[buster] - memcached <no-dsa> (Minor issue)
	[stretch] - memcached <no-dsa> (Minor issue)
	NOTE: Fixed by: https://github.com/memcached/memcached/commit/554b56687a19300a75ec24184746b5512580c819
CVE-2019-15025 (The ninja-forms plugin before 3.3.21.2 for WordPress has SQL injection ...)
	NOT-FOR-US: ninja-forms plugin for WordPress
CVE-2019-15024 (In all versions of ClickHouse before 19.14.3, an attacker having write ...)
	NOT-FOR-US: ClickHouse
CVE-2019-15023 (A security vulnerability exists in Zingbox Inspector versions 1.294 an ...)
	NOT-FOR-US: Zingbox Inspector
CVE-2019-15022 (A security vulnerability exists in Zingbox Inspector versions 1.294 an ...)
	NOT-FOR-US: Zingbox Inspector
CVE-2019-15021 (A security vulnerability exists in the Zingbox Inspector versions 1.29 ...)
	NOT-FOR-US: Zingbox Inspector
CVE-2019-15020 (A security vulnerability exists in the Zingbox Inspector versions 1.29 ...)
	NOT-FOR-US: Zingbox Inspector
CVE-2019-15019 (A security vulnerability exists in the Zingbox Inspector versions 1.29 ...)
	NOT-FOR-US: Zingbox Inspector
CVE-2019-15018 (A security vulnerability exists in the Zingbox Inspector versions 1.28 ...)
	NOT-FOR-US: Zingbox Inspector
CVE-2019-15017 (The SSH service is enabled on the Zingbox Inspector versions 1.294 and ...)
	NOT-FOR-US: Zingbox Inspector
CVE-2019-15016 (An SQL injection vulnerability exists in the management interface of Z ...)
	NOT-FOR-US: Zingbox Inspector
CVE-2019-15015 (In the Zingbox Inspector, versions 1.294 and earlier, hardcoded creden ...)
	NOT-FOR-US: Zingbox Inspector
CVE-2019-15014 (A command injection vulnerability exists in the Zingbox Inspector vers ...)
	NOT-FOR-US: Zingbox Inspector
CVE-2019-15013 (The WorkflowResource class removeStatus method in Jira before version  ...)
	NOT-FOR-US: Atlassian
CVE-2019-15012 (Bitbucket Server and Bitbucket Data Center from version 4.13. before 5 ...)
	NOT-FOR-US: Bitbucket Server and Bitbucket Data Center
CVE-2019-15011 (The ListEntityLinksServlet resource in Application Links before versio ...)
	NOT-FOR-US: Application Links
CVE-2019-15010 (Bitbucket Server and Bitbucket Data Center versions starting from vers ...)
	NOT-FOR-US: Bitbucket Server and Bitbucket Data Center
CVE-2019-15009 (The /json/profile/removeStarAjax.do resource in Atlassian Fisheye and  ...)
	NOT-FOR-US: Atlassian Fisheye and Crucible
CVE-2019-15008 (The /plugins/servlet/branchreview resource in Atlassian Fisheye and Cr ...)
	NOT-FOR-US: Atlassian Fisheye and Crucible
CVE-2019-15007 (The review resource in Atlassian Fisheye and Crucible before version 4 ...)
	NOT-FOR-US: Atlassian Fisheye and Crucible
CVE-2019-15006 (There was a man-in-the-middle (MITM) vulnerability present in the Conf ...)
	NOT-FOR-US: Confluence
CVE-2019-15005 (The Atlassian Troubleshooting and Support Tools plugin prior to versio ...)
	NOT-FOR-US: Atlassian
CVE-2019-15004 (The Customer Context Filter in Atlassian Jira Service Desk Server and  ...)
	NOT-FOR-US: Atlassian
CVE-2019-15003 (The Customer Context Filter in Atlassian Jira Service Desk Server and  ...)
	NOT-FOR-US: Atlassian
CVE-2019-15002
	RESERVED
CVE-2019-15001 (The Jira Importers Plugin in Atlassian Jira Server and Data Cente from ...)
	NOT-FOR-US: Atlassian
CVE-2019-15000 (The commit diff rest endpoint in Bitbucket Server and Data Center befo ...)
	NOT-FOR-US: Atlassian
CVE-2019-14999 (The Uninstall REST endpoint in Atlassian Universal Plugin Manager befo ...)
	NOT-FOR-US: Atlassian
CVE-2019-14998 (The Webwork action Cross-Site Request Forgery (CSRF) protection implem ...)
	NOT-FOR-US: Atlassian Jira
CVE-2019-14997 (The AccessLogFilter class in Jira before version 8.4.0 allows remote a ...)
	NOT-FOR-US: Atlassian Jira
CVE-2019-14996 (The FilterPickerPopup.jspa resource in Jira before version 7.13.7, and ...)
	NOT-FOR-US: Atlassian Jira
CVE-2019-14995 (The /rest/api/1.0/render resource in Jira before version 8.4.0 allows  ...)
	NOT-FOR-US: Atlassian Jira
CVE-2019-14994 (The Customer Context Filter in Atlassian Jira Service Desk Server and  ...)
	NOT-FOR-US: Atlassian
CVE-2019-14993 (Istio before 1.1.13 and 1.2.x before 1.2.4 mishandles regular expressi ...)
	NOT-FOR-US: Istio
CVE-2019-14992
	REJECTED
CVE-2019-14991
	REJECTED
CVE-2019-14990
	REJECTED
CVE-2019-14989
	REJECTED
CVE-2019-14988
	REJECTED
CVE-2019-14987 (Adive Framework through 2.0.7 is affected by XSS in the Create New Tab ...)
	NOT-FOR-US: Adive Framework
CVE-2019-14986 (eQ-3 Homematic CCU2 and CCU3 with the CUxD AddOn before 2.3.0 installe ...)
	NOT-FOR-US: eQ-3 Homematic CCU2 and CCU3
CVE-2019-14985 (eQ-3 Homematic CCU2 and CCU3 with the CUxD AddOn installed allow Remot ...)
	NOT-FOR-US: eQ-3 Homematic CCU2 and CCU3
CVE-2019-14984 (eQ-3 Homematic CCU2 and CCU3 with the XML-API through 1.2.0 AddOn inst ...)
	NOT-FOR-US: eQ-3 Homematic CCU2 and CCU3
CVE-2019-14983
	RESERVED
CVE-2019-14982 (In Exiv2 before v0.27.2, there is an integer overflow vulnerability in ...)
	- exiv2 <not-affected> (Vulnerable code not present)
	NOTE: https://github.com/Exiv2/exiv2/issues/960
	NOTE: https://github.com/Exiv2/exiv2/pull/962/commits/e925bc5addd881543fa503470c8a859e112cca62
CVE-2019-14981 (In ImageMagick 7.x before 7.0.8-41 and 6.x before 6.9.10-41, there is  ...)
	{DLA-1968-1}
	- imagemagick <unfixed> (bug #955025)
	[buster] - imagemagick <ignored> (Minor issue)
	[stretch] - imagemagick <ignored> (Minor issue)
	NOTE: https://github.com/ImageMagick/ImageMagick/issues/1552
	NOTE: https://github.com/ImageMagick/ImageMagick6/commit/b522d2d857d2f75b659936b59b0da9df1682c256
CVE-2019-14980 (In ImageMagick 7.x before 7.0.8-42 and 6.x before 6.9.10-42, there is  ...)
	- imagemagick <not-affected> (Vulnerable code introduced later)
	NOTE: https://github.com/ImageMagick/ImageMagick6/issues/43
	NOTE: Introduced in https://github.com/ImageMagick/ImageMagick6/commit/6f29b3755748a899145b639195dd3bc640d36bb4 (6.9.10-24)
	NOTE: Fixed by: https://github.com/ImageMagick/ImageMagick6/commit/614a257295bdcdeda347086761062ac7658b6830 (6.9.10-42)
CVE-2019-14979 (** DISPUTED ** cgi-bin/webscr?cmd=_cart in the WooCommerce PayPal Chec ...)
	NOT-FOR-US: WooCommerce PayPal Checkout Payment Gateway plugin for WordPress
CVE-2019-14978 (/payu/icpcheckout/ in the WooCommerce PayU India Payment Gateway plugi ...)
	NOT-FOR-US: WooCommerce PayU India Payment Gateway plugin for WordPress
CVE-2019-14977
	REJECTED
CVE-2019-14976 (iCMS 7.0.15 allows admincp.php?app=apps XSS via the keywords parameter ...)
	NOT-FOR-US: idreamsoft iCMS
CVE-2019-14975 (Artifex MuPDF before 1.16.0 has a heap-based buffer over-read in fz_ch ...)
	- mupdf <not-affected> (Vulnerable code introduced later)
	NOTE: https://bugs.ghostscript.com/show_bug.cgi?id=701292
	NOTE: Introduced by: http://git.ghostscript.com/?p=mupdf.git;a=commit;h=abcb3e68670ebc2e5127953462a026fe1a5dd321 (1.16.0-rc1)
	NOTE: Fixed by: http://git.ghostscript.com/?p=mupdf.git;a=commit;h=97096297d409ec6f206298444ba00719607e8ba8 (1.16.0)
CVE-2019-14974 (SugarCRM Enterprise 9.0.0 allows mobile/error-not-supported-platform.h ...)
	NOT-FOR-US: SugarCRM
CVE-2019-14973 (_TIFFCheckMalloc and _TIFFCheckRealloc in tif_aux.c in LibTIFF through ...)
	{DSA-4608-1 DLA-1897-1}
	- tiff 4.0.10+git190814-1 (low; bug #934780)
	[stretch] - tiff <no-dsa> (Minor issue)
	- tiff3 <removed>
	NOTE: https://gitlab.com/libtiff/libtiff/merge_requests/90
	NOTE: https://gitlab.com/libtiff/libtiff/commit/1b5e3b6a23827c33acf19ad50ce5ce78f12b3773
CVE-2019-14972
	RESERVED
CVE-2019-14971
	RESERVED
CVE-2019-14970 (A vulnerability in mkv::event_thread_t in VideoLAN VLC media player 3. ...)
	{DSA-4504-1}
	- vlc 3.0.8-1
	[jessie] - vlc <end-of-life> (https://lists.debian.org/debian-security-announce/2018/msg00130.html)
	NOTE: https://www.videolan.org/security/sb-vlc308.html
CVE-2019-14969 (Netwrix Auditor before 9.8 has insecure permissions on %PROGRAMDATA%\N ...)
	NOT-FOR-US: Netwrix Auditor
CVE-2019-14968 (An issue was discovered in imcat 4.9. There is SQL Injection via the i ...)
	NOT-FOR-US: imcat
CVE-2019-14967 (An issue was discovered in Frappe Framework 10, 11 before 11.1.46, and ...)
	NOT-FOR-US: Frappe Framework
CVE-2019-14966 (An issue was discovered in Frappe Framework 10 through 12 before 12.0. ...)
	NOT-FOR-US: Frappe Framework
CVE-2019-14965 (An issue was discovered in Frappe Framework 10 through 12 before 12.0. ...)
	NOT-FOR-US: Frappe Framework
CVE-2019-14964
	RESERVED
CVE-2019-14963
	RESERVED
CVE-2019-14962
	RESERVED
CVE-2019-14961 (JetBrains Upsource before 2019.1.1412 was not properly escaping HTML t ...)
	NOT-FOR-US: JetBrains Upsource
CVE-2019-14960 (JetBrains Rider before 2019.1.2 was using an unsigned JetBrains.Rider. ...)
	NOT-FOR-US: JetBrains Rider
CVE-2019-14959 (JetBrains Toolbox before 1.15.5605 was resolving an internal URL via a ...)
	NOT-FOR-US: JetBrains Toolbox
CVE-2019-14958 (JetBrains PyCharm before 2019.2 was allocating a buffer of unknown siz ...)
	- pycharm <itp> (bug #742394)
CVE-2019-14957 (The JetBrains Vim plugin before version 0.52 was storing individual pr ...)
	NOT-FOR-US: JetBrains Vim plugin
CVE-2019-14956 (JetBrains YouTrack before 2019.2.53938 was using incorrect settings, a ...)
	NOT-FOR-US: JetBrains YouTrack
CVE-2019-14955 (In JetBrains Hub versions earlier than 2018.4.11436, there was no opti ...)
	NOT-FOR-US: JetBrains Hub
CVE-2019-14954 (JetBrains IntelliJ IDEA before 2019.2 was resolving the markdown plant ...)
	- intellij-idea <itp> (bug #747616)
CVE-2019-14953 (JetBrains YouTrack versions before 2019.2.53938 had a possible XSS thr ...)
	NOT-FOR-US: JetBrains YouTrack
CVE-2019-14952 (JetBrains YouTrack versions before 2019.1.52584 had a possible XSS in  ...)
	NOT-FOR-US: JetBrains YouTrack
CVE-2019-14951 (The Telenav Scout GPS Link app 1.x for iOS, as used with Toyota and Le ...)
	NOT-FOR-US: Telenav Scout GPS Link app
CVE-2019-14950 (The wp-live-chat-support plugin before 8.0.27 for WordPress has XSS vi ...)
	NOT-FOR-US: wp-live-chat-support plugin for WordPress
CVE-2019-14949 (The wp-database-backup plugin before 5.1.2 for WordPress has XSS. ...)
	NOT-FOR-US: wp-database-backup plugin for WordPress
CVE-2019-14948 (The woocommerce-product-addon plugin before 18.4 for WordPress has XSS ...)
	NOT-FOR-US: woocommerce-product-addon plugin for WordPress
CVE-2019-14947 (The ultimate-member plugin before 2.0.52 for WordPress has XSS during  ...)
	NOT-FOR-US: ultimate-member plugin for WordPress
CVE-2019-14946 (The ultimate-member plugin before 2.0.52 for WordPress has XSS related ...)
	NOT-FOR-US: ultimate-member plugin for WordPress
CVE-2019-14945 (The ultimate-member plugin before 2.0.54 for WordPress has XSS. ...)
	NOT-FOR-US: ultimate-member plugin for WordPress
CVE-2019-14944 [Multiple Command-Line Flag Injection Vulnerabilities]
	RESERVED
	[experimental] - gitlab 11.11.8+dfsg-1
	- gitlab 12.6.8-3 (bug #934708)
	NOTE: https://about.gitlab.com/2019/08/12/critical-security-release-gitlab-12-dot-1-dot-6-released/
CVE-2019-14943 (An issue was discovered in GitLab Community and Enterprise Edition 12. ...)
	- gitlab <not-affected> (Only affects GitLab CE/EE 12.0 and later)
	NOTE: https://about.gitlab.com/2019/08/12/critical-security-release-gitlab-12-dot-1-dot-6-released/
CVE-2019-14942 [Insecure Cookie Handling on GitLab Pages]
	RESERVED
	[experimental] - gitlab 11.11.8+dfsg-1
	- gitlab 12.6.8-3 (bug #934708)
	NOTE: https://about.gitlab.com/2019/08/12/critical-security-release-gitlab-12-dot-1-dot-6-released/
CVE-2019-14941
	RESERVED
CVE-2019-14940 (In Storage Performance Development Kit (SPDK) before 19.07, a user of  ...)
	NOT-FOR-US: Storage Performance Development Kit
CVE-2019-14939 (An issue was discovered in the mysql (aka mysqljs) module 2.17.1 for N ...)
	- node-mysql 2.18.0-1 (bug #934712)
	[buster] - node-mysql <no-dsa> (Minor issue)
	[stretch] - node-mysql <end-of-life> (Nodejs in stretch not covered by security support)
	[jessie] - node-mysql <end-of-life> (Nodejs in jessie not covered by security support)
	NOTE: https://github.com/mysqljs/mysql/issues/2257
CVE-2019-14938
	RESERVED
CVE-2019-14937 (REDCap before 9.3.0 allows time-based SQL injection in the edit calend ...)
	NOT-FOR-US: REDCap
CVE-2019-14936 (Easy!Appointments 1.3.2 plugin for WordPress allows Sensitive Informat ...)
	NOT-FOR-US: Easy!Appointments plugin for WordPress
CVE-2019-14935 (3CX Phone 15 on Windows has insecure permissions on the "%PROGRAMDATA% ...)
	NOT-FOR-US: 3CX Phone 15 on Windows
CVE-2019-14934 (An issue was discovered in PDFResurrect before 0.18. pdf_load_pages_ki ...)
	- pdfresurrect 0.18-1
	[buster] - pdfresurrect <no-dsa> (Minor issue)
	[stretch] - pdfresurrect <no-dsa> (Minor issue)
	[jessie] - pdfresurrect <no-dsa> (Minor issue)
	NOTE: https://github.com/enferex/pdfresurrect/commit/0c4120fffa3dffe97b95c486a120eded82afe8a6
	NOTE: https://github.com/enferex/pdfresurrect/issues/6
	NOTE: CVE specific to the calloc_some.pdf and malloc_some.pdf issues.
CVE-2019-14933 (Bagisto 0.1.5 allows CSRF under /admin URIs. ...)
	NOT-FOR-US: Bagisto
CVE-2019-14932 (The Recruitment module in Humanica Humatrix 7 1.0.0.681 and 1.0.0.203  ...)
	NOT-FOR-US: Recruitment module in Humanica Humatrix
CVE-2019-14931 (An issue was discovered on Mitsubishi Electric ME-RTU devices through  ...)
	NOT-FOR-US: Mitsubishi Electric ME-RTU devices
CVE-2019-14930 (An issue was discovered on Mitsubishi Electric ME-RTU devices through  ...)
	NOT-FOR-US: Mitsubishi Electric ME-RTU devices
CVE-2019-14929 (An issue was discovered on Mitsubishi Electric ME-RTU devices through  ...)
	NOT-FOR-US: Mitsubishi Electric ME-RTU devices
CVE-2019-14928 (An issue was discovered on Mitsubishi Electric ME-RTU devices through  ...)
	NOT-FOR-US: Mitsubishi Electric ME-RTU devices
CVE-2019-14927 (An issue was discovered on Mitsubishi Electric ME-RTU devices through  ...)
	NOT-FOR-US: Mitsubishi Electric ME-RTU devices
CVE-2019-14926 (An issue was discovered on Mitsubishi Electric ME-RTU devices through  ...)
	NOT-FOR-US: Mitsubishi Electric ME-RTU devices
CVE-2019-14925 (An issue was discovered on Mitsubishi Electric ME-RTU devices through  ...)
	NOT-FOR-US: Mitsubishi Electric ME-RTU devices
CVE-2019-14924 (An issue was discovered in GCDWebServer before 3.5.3. The method moveI ...)
	NOT-FOR-US: GCDWebServer
CVE-2019-14923 (EyesOfNetwork 5.1 allows Remote Command Execution via shell metacharac ...)
	NOT-FOR-US: EyesOfNetwork (EON)
CVE-2019-14922
	RESERVED
CVE-2019-14921
	RESERVED
CVE-2019-14920 (Billion Smart Energy Router SG600R2 Firmware v3.02.rc6 allows an authe ...)
	NOT-FOR-US: Billion Smart Energy Router SG600R2 Firmware
CVE-2019-14919 (An exposed Telnet Service on the Billion Smart Energy Router SG600R2 w ...)
	NOT-FOR-US: Billion Smart Energy Router SG600R2 Firmware
CVE-2019-14918 (XSS in the DHCP lease-status table in Billion Smart Energy Router SG60 ...)
	NOT-FOR-US: Billion Smart Energy Router SG600R2 Firmware
CVE-2019-14917
	RESERVED
CVE-2019-14916 (An issue was discovered in PRiSE adAS 1.7.0. A file's format is not pr ...)
	NOT-FOR-US: PRiSE adAS
CVE-2019-14915 (An issue was discovered in PRiSE adAS 1.7.0. Certificate data are not  ...)
	NOT-FOR-US: PRiSE adAS
CVE-2019-14914 (An issue was discovered in PRiSE adAS 1.7.0. The path is not properly  ...)
	NOT-FOR-US: PRiSE adAS
CVE-2019-14913 (An issue was discovered in PRiSE adAS 1.7.0. Log data are not properly ...)
	NOT-FOR-US: PRiSE adAS
CVE-2019-14912 (An issue was discovered in PRiSE adAS 1.7.0. The OPENSSO module does n ...)
	NOT-FOR-US: PRiSE adAS
CVE-2019-14911 (An issue was discovered in PRiSE adAS 1.7.0. The OPENSSO module does n ...)
	NOT-FOR-US: PRiSE adAS
CVE-2019-14910 (A vulnerability was found in keycloak 7.x, when keycloak is configured ...)
	NOT-FOR-US: Keycloak
CVE-2019-14909 (A vulnerability was found in Keycloak 7.x where the user federation LD ...)
	NOT-FOR-US: Keycloak
CVE-2019-14908
	RESERVED
CVE-2019-14907 (All samba versions 4.9.x before 4.9.18, 4.10.x before 4.10.12 and 4.11 ...)
	- samba 2:4.11.5+dfsg-1
	[buster] - samba <no-dsa> (Minor issue)
	[stretch] - samba <no-dsa> (Minor issue)
	[jessie] - samba <no-dsa> (Minor issue)
	NOTE: https://www.samba.org/samba/security/CVE-2019-14907.html
CVE-2019-14906 (A flaw was found with the RHSA-2019:3950 erratum, where it did not fix ...)
	NOT-FOR-US: Specific CVE assignment for incorrect/incomplete fix of CVE-2019-13616 in RHEL 7
CVE-2019-14905 (A vulnerability was found in Ansible Engine versions 2.9.x before 2.9. ...)
	- ansible 2.9.4+dfsg-1 (low)
	[buster] - ansible <no-dsa> (Minor issue)
	[stretch] - ansible <no-dsa> (Minor issue)
	[jessie] - ansible <ignored> (Minor issue)
	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1776943
CVE-2019-14904 [vulnerability in solaris_zone module via crafted solaris zone]
	RESERVED
	- ansible 2.9.4+dfsg-1 (low)
	[buster] - ansible <no-dsa> (Minor issue)
	[stretch] - ansible <no-dsa> (Minor issue)
	[jessie] - ansible <ignored> (Minor issue)
	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1776944
CVE-2019-14903
	RESERVED
CVE-2019-14902 (There is an issue in all samba 4.11.x versions before 4.11.5, all samb ...)
	- samba 2:4.11.5+dfsg-1
	[buster] - samba <no-dsa> (Minor issue)
	[stretch] - samba <no-dsa> (Minor issue)
	[jessie] - samba <no-dsa> (Minor issue)
	NOTE: https://www.samba.org/samba/security/CVE-2019-14902.html
CVE-2019-14901 (A heap overflow flaw was found in the Linux kernel, all versions 3.x.x ...)
	{DLA-2114-1 DLA-2068-1}
	- linux 5.4.13-1
	[buster] - linux 4.19.98-1
	[stretch] - linux 4.9.210-1
	NOTE: https://www.openwall.com/lists/oss-security/2019/11/22/2
CVE-2019-14900
	RESERVED
CVE-2019-14899 (A vulnerability was discovered in Linux, FreeBSD, OpenBSD, MacOS, iOS, ...)
	NOTE: https://www.openwall.com/lists/oss-security/2019/12/05/1
CVE-2019-14898 [RHEL-7 specific incompete fix issue for CVE-2019-11599]
	RESERVED
	- linux <not-affected> (RHEL-7 specific incomplete fix for CVE-2019-11599)
CVE-2019-14897 (A stack-based buffer overflow was found in the Linux kernel, version k ...)
	{DLA-2114-1 DLA-2068-1}
	- linux 5.4.19-1
	[buster] - linux 4.19.98-1
	[stretch] - linux 4.9.210-1
	NOTE: https://www.openwall.com/lists/oss-security/2019/11/22/1
CVE-2019-14896 (A heap-based buffer overflow vulnerability was found in the Linux kern ...)
	{DLA-2114-1 DLA-2068-1}
	- linux 5.4.19-1
	[buster] - linux 4.19.98-1
	[stretch] - linux 4.9.210-1
	NOTE: https://www.openwall.com/lists/oss-security/2019/11/22/1
CVE-2019-14895 (A heap-based buffer overflow was discovered in the Linux kernel, all v ...)
	{DLA-2114-1 DLA-2068-1}
	- linux 5.4.13-1
	[buster] - linux 4.19.98-1
	[stretch] - linux 4.9.210-1
	NOTE: https://www.openwall.com/lists/oss-security/2019/11/22/1
CVE-2019-14894
	RESERVED
	NOT-FOR-US: Red Hat CloudForm
CVE-2019-14893 (A flaw was discovered in FasterXML jackson-databind in all versions be ...)
	- jackson-databind 2.10.0-1
	[buster] - jackson-databind 2.9.8-3+deb10u1
	[stretch] - jackson-databind 2.8.6-1+deb9u6
	[jessie] - jackson-databind 2.4.2-2+deb8u9
	NOTE: https://github.com/FasterXML/jackson-databind/issues/2469
	NOTE: https://github.com/FasterXML/jackson-databind/commit/998efd708284778f29d83d7962a9bd935c228317
CVE-2019-14892 (A flaw was discovered in jackson-databind in versions before 2.9.10, 2 ...)
	- jackson-databind 2.10.0-1
	[buster] - jackson-databind 2.9.8-3+deb10u1
	[stretch] - jackson-databind 2.8.6-1+deb9u6
	[jessie] - jackson-databind 2.4.2-2+deb8u9
	NOTE: https://github.com/FasterXML/jackson-databind/issues/2462
	NOTE: https://github.com/FasterXML/jackson-databind/commit/41b7f9b90149e9d44a65a8261a8deedc7186f6af
	NOTE: https://github.com/FasterXML/jackson-databind/commit/819cdbcab51c6da9fb896380f2d46e9b7d4fdc3b
CVE-2019-14891 (A flaw was found in cri-o, as a result of all pod-related processes be ...)
	NOT-FOR-US: Kubernetes CRI-O
CVE-2019-14890 (A vulnerability was found in Ansible Tower before 3.6.1 where an attac ...)
	NOT-FOR-US: Ansible Tower
CVE-2019-14889 (A flaw was found with the libssh API function ssh_scp_new() in version ...)
	{DLA-2038-1}
	- libssh 0.9.3-1 (bug #946548)
	[buster] - libssh <no-dsa> (Minor issue)
	[stretch] - libssh <no-dsa> (Minor issue)
	NOTE: https://www.libssh.org/security/advisories/CVE-2019-14889.txt
	NOTE: https://bugs.libssh.org/T181
	NOTE: The fix in libssh makes an update in x2goclient necessary, cf:
	NOTE: https://bugs.debian.org/947129
	NOTE: https://code.x2go.org/gitweb?p=x2goclient.git;a=commitdiff;h=ce559d163a943737fe4160f7233925df2eee1f9a
CVE-2019-14888 (A vulnerability was found in the Undertow HTTP server in versions befo ...)
	- undertow <undetermined>
	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1772464
CVE-2019-14887 (A flaw was found when an OpenSSL security provider is used with Wildfl ...)
	- wildfly <itp> (bug #752018)
CVE-2019-14886 (A vulnerability was found in business-central, as shipped in rhdm-7.5. ...)
	NOT-FOR-US: Business central
CVE-2019-14885 (A flaw was found in the JBoss EAP Vault system in all versions before  ...)
	NOT-FOR-US: JBoss EAP
CVE-2019-14884 (A vulnerability was found in Moodle 3.7 before 3.73, 3.6 before 3.6.7  ...)
	- moodle <removed>
CVE-2019-14883 (A vulnerability was found in Moodle 3.6 before 3.6.7 and 3.7 before 3. ...)
	- moodle <removed>
CVE-2019-14882 (A vulnerability was found in Moodle 3.7 to 3.7.3, 3.6 to 3.6.7, 3.5 to ...)
	- moodle <removed>
CVE-2019-14881 (A vulnerability was found in moodle 3.7 before 3.7.3, where there is b ...)
	- moodle <removed>
CVE-2019-14880 (A vulnerability was found in Moodle versions 3.7 before 3.7.3, 3.6 bef ...)
	- moodle <removed>
CVE-2019-14879 (A vulnerability was found in Moodle versions 3.7.x before 3.7.3, 3.6.x ...)
	- moodle <removed>
CVE-2019-14878 (In the __d2b function of the newlib libc library, all versions prior t ...)
	- newlib 3.3.0-1
	[buster] - newlib <no-dsa> (Minor issue)
	[stretch] - newlib <no-dsa> (Minor issue)
	[jessie] - newlib <ignored> (Minor issue)
	NOTE: https://census-labs.com/news/2020/01/31/multiple-null-pointer-dereference-vulnerabilities-in-newlib/
	TODO: picolibc might be affected, not yet in the archive
CVE-2019-14877 (In the __mdiff function of the newlib libc library, all versions prior ...)
	- newlib 3.3.0-1
	[buster] - newlib <no-dsa> (Minor issue)
	[stretch] - newlib <no-dsa> (Minor issue)
	[jessie] - newlib <ignored> (Minor issue)
	NOTE: https://census-labs.com/news/2020/01/31/multiple-null-pointer-dereference-vulnerabilities-in-newlib/
	TODO: picolibc might be affected, not yet in the archive
CVE-2019-14876 (In the __lshift function of the newlib libc library, all versions prio ...)
	- newlib 3.3.0-1
	[buster] - newlib <no-dsa> (Minor issue)
	[stretch] - newlib <no-dsa> (Minor issue)
	[jessie] - newlib <ignored> (Minor issue)
	NOTE: https://census-labs.com/news/2020/01/31/multiple-null-pointer-dereference-vulnerabilities-in-newlib/
	TODO: picolibc might be affected, not yet in the archive
CVE-2019-14875 (In the __multiply function of the newlib libc library, all versions pr ...)
	- newlib 3.3.0-1
	[buster] - newlib <no-dsa> (Minor issue)
	[stretch] - newlib <no-dsa> (Minor issue)
	[jessie] - newlib <ignored> (Minor issue)
	NOTE: https://census-labs.com/news/2020/01/31/multiple-null-pointer-dereference-vulnerabilities-in-newlib/
	TODO: picolibc might be affected, not yet in the archive
CVE-2019-14874 (In the __i2b function of the newlib libc library, all versions prior t ...)
	- newlib 3.3.0-1
	[buster] - newlib <no-dsa> (Minor issue)
	[stretch] - newlib <no-dsa> (Minor issue)
	[jessie] - newlib <ignored> (Minor issue)
	NOTE: https://census-labs.com/news/2020/01/31/multiple-null-pointer-dereference-vulnerabilities-in-newlib/
	TODO: picolibc might be affected, not yet in the archive
CVE-2019-14873 (In the __multadd function of the newlib libc library, prior to version ...)
	- newlib 3.3.0-1
	[buster] - newlib <no-dsa> (Minor issue)
	[stretch] - newlib <no-dsa> (Minor issue)
	[jessie] - newlib <ignored> (Minor issue)
	NOTE: https://census-labs.com/news/2020/01/31/multiple-null-pointer-dereference-vulnerabilities-in-newlib/
	TODO: picolibc might be affected, not yet in the archive
CVE-2019-14872 (The _dtoa_r function of the newlib libc library, prior to version 3.3. ...)
	- newlib 3.3.0-1
	[buster] - newlib <no-dsa> (Minor issue)
	[stretch] - newlib <no-dsa> (Minor issue)
	[jessie] - newlib <ignored> (Minor issue)
	NOTE: https://census-labs.com/news/2020/01/31/multiple-null-pointer-dereference-vulnerabilities-in-newlib/
	TODO: picolibc might be affected, not yet in the archive
CVE-2019-14871 (The REENT_CHECK macro (see newlib/libc/include/sys/reent.h) as used by ...)
	- newlib 3.3.0-1
	[buster] - newlib <no-dsa> (Minor issue)
	[stretch] - newlib <no-dsa> (Minor issue)
	[jessie] - newlib <ignored> (Minor issue)
	NOTE: https://census-labs.com/news/2020/01/31/multiple-null-pointer-dereference-vulnerabilities-in-newlib/
	TODO: picolibc might be affected, not yet in the archive
CVE-2019-14870 (All Samba versions 4.x.x before 4.9.17, 4.10.x before 4.10.11 and 4.11 ...)
	- samba 2:4.11.3+dfsg-1
	[buster] - samba <no-dsa> (Minor issue)
	[stretch] - samba <no-dsa> (Minor issue)
	[jessie] - samba <no-dsa> (Minor issue)
	- heimdal 7.7.0+dfsg-1 (bug #946786)
	[buster] - heimdal <no-dsa> (Minor issue)
	[stretch] - heimdal <no-dsa> (Minor issue)
	[jessie] - heimdal <no-dsa> (Minor issue)
	NOTE: https://www.samba.org/samba/security/CVE-2019-14870.html
	NOTE: https://github.com/heimdal/heimdal/pull/663
	NOTE: https://github.com/heimdal/heimdal/pull/664 (port to 7.1 branch)
CVE-2019-14869 (A flaw was found in all versions of ghostscript 9.x before 9.50, where ...)
	{DSA-4569-1 DLA-1992-1}
	- ghostscript 9.50~dfsg-3 (bug #944760)
	NOTE: https://git.ghostscript.com/?p=ghostpdl.git;a=commitdiff;h=485904772c5f0aa1140032746e5a0abfc40f4cef
	NOTE: https://bugs.ghostscript.com/show_bug.cgi?id=701841
	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1768911
	NOTE: For recent versions (9.28~~rc1~dfsg-1) the issue is mitigated starting
	NOTE: from http://git.ghostscript.com/?p=ghostpdl.git;a=commitdiff;h=7ecbfda92b4c8dbf6f6c2bf8fc82020a29219eff
	NOTE: which changed the access to file permissions.
CVE-2019-14868 (In ksh version 20120801, a flaw was found in the way it evaluates cert ...)
	- ksh 2020.0.0-2.1 (bug #948989)
	[jessie] - ksh <ignored> (Minor issue)
	NOTE: https://github.com/att/ast/commit/c7de8b641266bac7c77942239ac659edfee9ecd2
CVE-2019-14867 (A flaw was found in IPA, all 4.6.x versions before 4.6.7, all 4.7.x ve ...)
	- freeipa 4.8.3-1
	[buster] - freeipa <no-dsa> (Minor issue; can be fixed via point release)
	NOTE: https://pagure.io/freeipa/c/4abd2f76d76c4c1a1ec5087ec447f4515b63c2c6
CVE-2019-14866 (In all versions of cpio before 2.13 does not properly validate input f ...)
	{DLA-1981-1}
	- cpio 2.13+dfsg-1 (low; bug #941412)
	[buster] - cpio <no-dsa> (Minor issue)
	[stretch] - cpio <no-dsa> (Minor issue)
	NOTE: https://lists.gnu.org/archive/html/bug-cpio/2019-08/msg00003.html
	NOTE: http://git.savannah.gnu.org/cgit/cpio.git/commit/?id=7554e3e42cd72f6f8304410c47fe6f8918e9bfd7
CVE-2019-14865 (A flaw was found in the grub2-set-bootflag utility of grub2. A local a ...)
	- grub2 <not-affected> (Red Hat-specific patch)
	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1764925
	NOTE: https://seclists.org/oss-sec/2019/q4/101
	NOTE: Red Hat-specific patch, get added as 0131-Add-grub-set-bootflag-utility.patch in their SRPM
CVE-2019-14864 (Ansible, versions 2.9.x before 2.9.1, 2.8.x before 2.8.7 and Ansible v ...)
	- ansible 2.9.2+dfsg-1 (low; bug #943768)
	[buster] - ansible <no-dsa> (Minor issue)
	[stretch] - ansible <no-dsa> (Minor issue)
	[jessie] - ansible <ignored> (Minor issue)
	NOTE: https://github.com/ansible/ansible/issues/63522
	NOTE: https://github.com/ansible/ansible/pull/63527
CVE-2019-14863 (There is a vulnerability in all angular versions before 1.5.0-beta.0,  ...)
	{DLA-1995-1}
	- angular.js 1.5.3-2 (bug #942833)
	NOTE: https://snyk.io/vuln/npm:angular:20150807
	NOTE: https://github.com/angular/angular.js/commit/f33ce173c90736e349cf594df717ae3ee41e0f7a
	NOTE: https://github.com/angular/angular.js/pull/12524
CVE-2019-14862 (There is a vulnerability in knockout before version 3.5.0-beta, where  ...)
	- node-knockout 3.4.2-3 (unimportant; bug #943560)
	NOTE: https://github.com/knockout/knockout/issues/1244
	NOTE: https://github.com/knockout/knockout/pull/2345
	NOTE: https://github.com/knockout/knockout/commit/7e280b2b8a04cc19176b5171263a5c68bda98efb
	NOTE: Only impacts browsers which are totally insecure and EOLed anyway
CVE-2019-14861 (All Samba versions 4.x.x before 4.9.17, 4.10.x before 4.10.11 and 4.11 ...)
	- samba 2:4.11.3+dfsg-1
	[buster] - samba <no-dsa> (Minor issue)
	[stretch] - samba <no-dsa> (Minor issue)
	[jessie] - samba <no-dsa> (Minor issue)
	NOTE: https://www.samba.org/samba/security/CVE-2019-14861.html
CVE-2019-14860 (It was found that the Syndesis configuration for Cross-Origin Resource ...)
	NOT-FOR-US: Syndesis
CVE-2019-14859 (A flaw was found in all python-ecdsa versions before 0.13.3, where it  ...)
	{DSA-4588-1 DLA-1978-1}
	- python-ecdsa 0.13.3-1
	NOTE: https://github.com/warner/python-ecdsa/issues/114
	NOTE: Upstream patches:
	NOTE: https://github.com/warner/python-ecdsa/pull/115
	NOTE: https://github.com/warner/python-ecdsa/pull/124
	NOTE: Fix for CVE-2019-14853 fixes as well CVE-2019-14859.
CVE-2019-14858 (A vulnerability was found in Ansible engine 2.x up to 2.8 and Ansible  ...)
	- ansible 2.8.6+dfsg-1 (bug #942332)
	[buster] - ansible <no-dsa> (Minor issue)
	[stretch] - ansible <no-dsa> (Minor issue)
	[jessie] - ansible <ignored> (Minor issue)
	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1760593
	NOTE: https://github.com/ansible/ansible/pull/63405
CVE-2019-14857 (A flaw was found in mod_auth_openidc before version 2.4.0.1. An open r ...)
	{DLA-1996-1}
	- libapache2-mod-auth-openidc 2.4.0.3-1 (bug #942165)
	[buster] - libapache2-mod-auth-openidc <no-dsa> (Minor issue)
	[stretch] - libapache2-mod-auth-openidc <no-dsa> (Minor issue)
	NOTE: https://github.com/zmartzone/mod_auth_openidc/commit/5c15dfb08106c2451c2c44ce7ace6813c216ba75
	NOTE: https://github.com/zmartzone/mod_auth_openidc/commit/ce37080c6aea30aabae8b4a9b4eea7808445cc8e
	NOTE: https://github.com/zmartzone/mod_auth_openidc/pull/451
	NOTE: https://groups.google.com/forum/#!topic/mod_auth_openidc/boy1Ba3Gdk4
CVE-2019-14855 (A flaw was found in the way certificate signatures could be forged usi ...)
	- gnupg2 2.2.19-1 (low; bug #945859)
	[buster] - gnupg2 <no-dsa> (Minor issue)
	[stretch] - gnupg2 <no-dsa> (Minor issue)
	[jessie] - gnupg2 <ignored> (No backport to version << 2.2.x, low impact, danger of breaking things)
	- gnupg1 <unfixed> (low)
	[buster] - gnupg1 <no-dsa> (Minor issue)
	[stretch] - gnupg1 <no-dsa> (Minor issue)
	- gnupg <removed> (low)
	[jessie] - gnupg <ignored> (No backport to version << 2.2.x, low impact, danger of breaking things)
	NOTE: https://dev.gnupg.org/T4755
	NOTE: https://git.gnupg.org/cgi-bin/gitweb.cgi?p=gnupg.git;a=commit;h=c4f2d9e3e1d77d2f1f168764fcdfed32f7d1dfc4
	NOTE: https://git.gnupg.org/cgi-bin/gitweb.cgi?p=gnupg.git;a=commit;h=7d9aad63c4f1aefe97da61baf5acd96c12c0278e
	NOTE: https://git.gnupg.org/cgi-bin/gitweb.cgi?p=gnupg.git;a=commit;h=dd18be979e138dd3712315ee390463e8ee1fe8c1
	NOTE: https://eprint.iacr.org/2020/014.pdf
CVE-2019-14854 (OpenShift Container Platform 4 does not sanitize secret data written t ...)
	NOT-FOR-US: OpenShift
CVE-2019-14853 (An error-handling flaw was found in python-ecdsa before version 0.13.3 ...)
	{DSA-4588-1 DLA-1978-1}
	- python-ecdsa 0.13.3-1
	NOTE: https://github.com/warner/python-ecdsa/issues/114
	NOTE: Upstream patches:
	NOTE: https://github.com/warner/python-ecdsa/pull/115
	NOTE: https://github.com/warner/python-ecdsa/pull/124
	NOTE: Fix for CVE-2019-14853 fixes as well CVE-2019-14859.
CVE-2019-14852
	RESERVED
CVE-2019-14851 [assertion failure by issuing commands in the wrong order]
	RESERVED
	- nbdkit 1.14.2-1
	[buster] - nbdkit <not-affected> (Issue introduced by the fix for CVE-2019-14850)
	[stretch] - nbdkit <not-affected> (Issue introduced by the fix for CVE-2019-14850)
	[jessie] - nbdkit <not-affected> (introduced by CVE-2019-14850)
	NOTE: https://www.redhat.com/archives/libguestfs/2019-September/msg00272.html
	NOTE: 1.15 (development branch):
	NOTE: https://github.com/libguestfs/nbdkit/commit/a6b88b195a959b17524d1c8353fd425d4891dc5f
	NOTE: 1.14:
	NOTE: https://github.com/libguestfs/nbdkit/commit/bf0d61883a2f02f4388ec10dc92d4c61c093679e
	NOTE: 1.12:
	NOTE: https://github.com/libguestfs/nbdkit/commit/b2bc6683ea3cd1f6be694e8a681dfa411b7d15f3
CVE-2019-14850 [denial of service due to premature opening of back-end connection]
	RESERVED
	- nbdkit 1.14.1-1
	[buster] - nbdkit <no-dsa> (Minor issue)
	[stretch] - nbdkit <no-dsa> (Minor issue)
	[jessie] - nbdkit <ignored> (Minor issue, DoS/amplification for specific configuration, non-trivial backport, low popcon)
	NOTE: https://www.redhat.com/archives/libguestfs/2019-September/msg00084.html
	NOTE: 1.15 (development branch):
	NOTE: https://github.com/libguestfs/nbdkit/commit/c05686f9577fa91b6a3a4d8c065954ca6fc3fd62
	NOTE: https://github.com/libguestfs/nbdkit/commit/a6b88b195a959b17524d1c8353fd425d4891dc5f
	NOTE: 1.14:
	NOTE: https://github.com/libguestfs/nbdkit/commit/e06cde00659ff97182173d0e33fff784041bcb4a
	NOTE: https://github.com/libguestfs/nbdkit/commit/bf0d61883a2f02f4388ec10dc92d4c61c093679e
	NOTE: 1.12:
	NOTE: https://github.com/libguestfs/nbdkit/commit/22b30adb796bb6dca264a38598f80b8a234ff978
	NOTE: https://github.com/libguestfs/nbdkit/commit/b2bc6683ea3cd1f6be694e8a681dfa411b7d15f3
CVE-2019-14849 (A vulnerability was found in 3scale before version 2.6, did not set th ...)
	NOT-FOR-US: Red Hat 3scale
CVE-2019-14848
	RESERVED
CVE-2019-14847 (A flaw was found in samba 4.0.0 before samba 4.9.15 and samba 4.10.x b ...)
	- samba 2:4.11.0+dfsg-6
	[buster] - samba <no-dsa> (Minor issue)
	[stretch] - samba <no-dsa> (Minor issue)
	[jessie] - samba <no-dsa> (Minor issue)
	NOTE: https://www.samba.org/samba/security/CVE-2019-14847.html
CVE-2019-14846 (Ansible, all ansible_engine-2.x versions and ansible_engine-3.x up to  ...)
	- ansible 2.8.6+dfsg-1 (low; bug #942188)
	[buster] - ansible <no-dsa> (Minor issue)
	[stretch] - ansible <no-dsa> (Minor issue)
	[jessie] - ansible <ignored> (Minor issue)
	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1755373
	NOTE: https://github.com/ansible/ansible/pull/63366
CVE-2019-14845 (A vulnerability was found in OpenShift builds, versions 4.1 up to 4.3. ...)
	NOT-FOR-US: OpenShift
CVE-2019-14844 (A flaw was found in, Fedora versions of krb5 from 1.16.1 to, including ...)
	- krb5 <not-affected> (Vulnerable code not present; problematic commit not backported; not present in any MIT krb5 release)
	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1753589
	NOTE: Introduced by: https://github.com/krb5/krb5/commit/a649279727490687d54becad91fde8cf7429d951
	NOTE: Fixed by: https://github.com/krb5/krb5/commit/275c9a1aad36a1a7b56042f1a2c21c33e7d16eaf
CVE-2019-14843 (A flaw was found in Wildfly Security Manager, running under JDK 11 or  ...)
	- wildfly <itp> (bug #752018)
CVE-2019-14841
	RESERVED
CVE-2019-14840
	RESERVED
CVE-2019-14839
	RESERVED
CVE-2019-14838 (A flaw was found in wildfly-core before 7.2.5.GA. The Management users ...)
	- wildfly <itp> (bug #752018)
CVE-2019-14837 (A flaw was found in keycloack before version 8.0.0. The owner of 'plac ...)
	NOT-FOR-US: Keycloak
CVE-2019-14836
	RESERVED
CVE-2019-14835 (A buffer overflow flaw was found, in versions from 2.6.34 to 5.2.x, in ...)
	{DSA-4531-1 DLA-1940-1 DLA-1930-1}
	- linux 5.2.17-1
	NOTE: https://www.openwall.com/lists/oss-security/2019/09/17/1
	NOTE: https://git.kernel.org/linus/060423bfdee3f8bc6e2c1bac97de24d5415e2bc4
CVE-2019-14834 (A vulnerability was found in dnsmasq before version 2.81, where the me ...)
	- dnsmasq <unfixed> (bug #948373)
	[buster] - dnsmasq <no-dsa> (Minor issue)
	[stretch] - dnsmasq <no-dsa> (Minor issue)
	[jessie] - dnsmasq <no-dsa> (Minor issue)
	NOTE: http://thekelleys.org.uk/gitweb/?p=dnsmasq.git;a=commit;h=69bc94779c2f035a9fffdb5327a54c3aeca73ed5
	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1764425
CVE-2019-14833 (A flaw was found in Samba, all versions starting samba 4.5.0 before sa ...)
	- samba 2:4.11.1+dfsg-2
	[buster] - samba <no-dsa> (Minor issue)
	[stretch] - samba <no-dsa> (Minor issue)
	[jessie] - samba <no-dsa> (Minor issue)
	NOTE: https://www.samba.org/samba/security/CVE-2019-14833.html
CVE-2019-14832 (A flaw was found in the Keycloak REST API before version 8.0.0 where i ...)
	NOT-FOR-US: Keycloak
CVE-2019-14831
	RESERVED
CVE-2019-14830
	RESERVED
CVE-2019-14829
	RESERVED
CVE-2019-14828
	RESERVED
CVE-2019-14827
	RESERVED
CVE-2019-14826 (A flaw was found in FreeIPA versions 4.5.0 and later. Session cookies  ...)
	- freeipa <unfixed> (bug #940913)
	[buster] - freeipa <no-dsa> (Minor issue)
	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1746944
	NOTE: Introduced by https://pagure.io/freeipa/c/b895f4a34bcbd0b1787d2bfc1db25f34c3584b9c
	NOTE: due to fix for https://fedorahosted.org/freeipa/ticket/6682.
CVE-2019-14825 (A cleartext password storage issue was discovered in Katello, versions ...)
	NOT-FOR-US: Katello
CVE-2019-14824 (A flaw was found in the 'deref' plugin of 389-ds-base where it could u ...)
	{DLA-2004-1}
	- 389-ds-base 1.4.2.4-1 (bug #944150)
	[buster] - 389-ds-base <no-dsa> (Minor issue)
	[stretch] - 389-ds-base <no-dsa> (Minor issue)
	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1747448
	NOTE: https://pagure.io/freeipa/issue/8050
CVE-2019-14823 (A flaw was found in the "Leaf and Chain" OCSP policy implementation in ...)
	- jss 4.6.2-1 (bug #942463)
	[buster] - jss <not-affected> (Vulnerable code backported only in 4.5.3 onwards)
	[stretch] - jss <not-affected> (Vulnerable code not present)
	[jessie] - jss <not-affected> (Vulnerable code not present)
	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1747435
	NOTE: https://github.com/dogtagpki/jss/pull/284
	NOTE: https://github.com/dogtagpki/jss/commit/be37ff4738b4696d529a13b6ed33c7ac56d97ba4
CVE-2019-14822 (A flaw was discovered in ibus that allows any unprivileged user to mon ...)
	{DSA-4525-1}
	- ibus 1.5.21-1 (bug #940267)
	[jessie] - ibus <ignored> (Hard to exploit, regression risk)
	NOTE: https://www.openwall.com/lists/oss-security/2019/09/13/1
	NOTE: Fixed by: https://github.com/ibus/ibus/commit/3d442dbf936d197aa11ca0a71663c2bc61696151
	NOTE: The original fix introduces regression with Qt applications (the fix uncovered an
	NOTE: interoperability bug between GLib's implementation of D-Bus and the reference implementation
	NOTE: libdbus):
	NOTE: https://bugs.debian.org/941018
	NOTE: https://launchpad.net/bugs/1844853
	NOTE: https://github.com/ibus/ibus/issues/2137
CVE-2019-14821 (An out-of-bounds access issue was found in the Linux kernel, all versi ...)
	{DSA-4531-1 DLA-1940-1 DLA-1930-1}
	- linux 5.2.17-1
	NOTE: https://git.kernel.org/linus/b60fe990c6b07ef6d4df67bc0530c7c90a62623a
CVE-2019-14820 (It was found that keycloak before version 8.0.0 exposes internal adapt ...)
	NOT-FOR-US: Keycloak
CVE-2019-14819 (A flaw was found during the upgrade of an existing OpenShift Container ...)
	NOT-FOR-US: openshift-ansible
CVE-2019-14818 (A flaw was found in all dpdk version 17.x.x before 17.11.8, 16.x.x bef ...)
	{DSA-4567-1}
	- dpdk 18.11.4-1
	NOTE: http://mails.dpdk.org/archives/announce/2019-November/000293.html
	NOTE: https://bugs.dpdk.org/show_bug.cgi?id=363
CVE-2019-14817 (A flaw was found in, ghostscript versions prior to 9.50, in the .pdfex ...)
	{DSA-4518-1 DLA-1915-1}
	- ghostscript 9.28~~rc2~dfsg-1
	NOTE: https://bugs.ghostscript.com/show_bug.cgi?id=701450
	NOTE: http://git.ghostscript.com/?p=ghostpdl.git;a=commitdiff;h=cd1b1cacadac2479e291efe611979bdc1b3bdb19
	NOTE: https://www.openwall.com/lists/oss-security/2019/08/28/2
	NOTE: For recent versions (9.28~~rc1~dfsg-1) the issue is mitigated starting
	NOTE: from http://git.ghostscript.com/?p=ghostpdl.git;a=commitdiff;h=7ecbfda92b4c8dbf6f6c2bf8fc82020a29219eff
	NOTE: which changed the access to file permissions.
CVE-2019-14816 (There is heap-based buffer overflow in kernel, all versions up to, exc ...)
	{DLA-2114-1 DLA-1930-1}
	- linux 5.2.17-1
	[buster] - linux 4.19.87-1
	[stretch] - linux 4.9.210-1
CVE-2019-14815 (A vulnerability was found in Linux Kernel, where a Heap Overflow was f ...)
	{DLA-2114-1 DLA-1930-1}
	- linux 5.2.17-1
	[buster] - linux 4.19.87-1
	[stretch] - linux 4.9.210-1
	[jessie] - linux <not-affected> (Vulnerability introduced later)
CVE-2019-14814 (There is heap-based buffer overflow in Linux kernel, all versions up t ...)
	{DLA-2114-1 DLA-1930-1}
	- linux 5.2.17-1
	[buster] - linux 4.19.87-1
	[stretch] - linux 4.9.210-1
CVE-2019-14813 (A flaw was found in ghostscript, versions 9.x before 9.50, in the sets ...)
	{DSA-4518-1 DLA-1915-1}
	- ghostscript 9.28~~rc2~dfsg-1
	NOTE: https://bugs.ghostscript.com/show_bug.cgi?id=701443
	NOTE: http://git.ghostscript.com/?p=ghostpdl.git;a=commitdiff;h=885444fcbe10dc42787ecb76686c8ee4dd33bf33
	NOTE: https://www.openwall.com/lists/oss-security/2019/08/28/2
	NOTE: For recent versions (9.28~~rc1~dfsg-1) the issue is mitigated starting
	NOTE: from http://git.ghostscript.com/?p=ghostpdl.git;a=commitdiff;h=7ecbfda92b4c8dbf6f6c2bf8fc82020a29219eff
	NOTE: which changed the access to file permissions.
CVE-2019-14812 (A flaw was found in all ghostscript versions 9.x before 9.50, in the . ...)
	{DSA-4518-1 DLA-1915-1}
	- ghostscript 9.28~~rc2~dfsg-1
	NOTE: https://bugs.ghostscript.com/show_bug.cgi?id=701444
	NOTE: http://git.ghostscript.com/?p=ghostpdl.git;a=commitdiff;h=885444fcbe10dc42787ecb76686c8ee4dd33bf33
	NOTE: https://www.openwall.com/lists/oss-security/2019/08/28/2
	NOTE: For recent versions (9.28~~rc1~dfsg-1) the issue is mitigated starting
	NOTE: from http://git.ghostscript.com/?p=ghostpdl.git;a=commitdiff;h=7ecbfda92b4c8dbf6f6c2bf8fc82020a29219eff
	NOTE: which changed the access to file permissions.
CVE-2019-14811 (A flaw was found in, ghostscript versions prior to 9.50, in the .pdf_h ...)
	{DSA-4518-1 DLA-1915-1}
	- ghostscript 9.28~~rc2~dfsg-1
	NOTE: https://bugs.ghostscript.com/show_bug.cgi?id=701445
	NOTE: http://git.ghostscript.com/?p=ghostpdl.git;a=commitdiff;h=885444fcbe10dc42787ecb76686c8ee4dd33bf33
	NOTE: https://www.openwall.com/lists/oss-security/2019/08/28/2
	NOTE: For recent versions (9.28~~rc1~dfsg-1) the issue is mitigated starting
	NOTE: from http://git.ghostscript.com/?p=ghostpdl.git;a=commitdiff;h=7ecbfda92b4c8dbf6f6c2bf8fc82020a29219eff
	NOTE: which changed the access to file permissions.
CVE-2019-14810 (A vulnerability has been found in the implementation of the Label Dist ...)
	NOT-FOR-US: EOS
CVE-2019-14809 (net/url in Go before 1.11.13 and 1.12.x before 1.12.8 mishandles malfo ...)
	{DSA-4503-1}
	- golang-1.13 1.13~beta1-3 (bug #934954)
	- golang-1.12 1.12.8-1
	- golang-1.11 1.11.13-1
	- golang-1.8 <removed>
	[stretch] - golang-1.8 <ignored> (Minor issue)
	- golang-1.7 <removed>
	[stretch] - golang-1.7 <ignored> (Minor issue)
	- golang <removed>
	[jessie] - golang <ignored> (Fix too invasive to backport, url.go file in jessie too far behind upstream)
	NOTE: Issue: https://github.com/golang/go/issues/29098
	NOTE: https://github.com/golang/go/commit/c1d9ca70995dc232a2145e3214f94e03409f6fcc (golang-1.11)
	NOTE: https://github.com/golang/go/commit/3226f2d492963d361af9dfc6714ef141ba606713 (golang-1.12)
CVE-2019-14808 (An issue was discovered in the RENPHO application 3.0.0 for iOS. It tr ...)
	NOT-FOR-US: RENPHO
CVE-2019-14807 (In the MobileFrontend extension 1.31 through 1.33 for MediaWiki, XSS e ...)
	NOT-FOR-US: MobileFrontend extension for MediaWiki
CVE-2019-14806 (Pallets Werkzeug before 0.15.3, when used with Docker, has insufficien ...)
	- python-werkzeug 0.15.6+dfsg1-1 (low; bug #940935)
	[buster] - python-werkzeug 0.14.1+dfsg1-4+deb10u1
	[stretch] - python-werkzeug 0.11.15+dfsg1-1+deb9u1
	[jessie] - python-werkzeug <not-affected> (Vulnerable code not present)
	NOTE: https://github.com/pallets/werkzeug/commit/00bc43b1672e662e5e3b8cecd79e67fc968fa246
CVE-2019-14805 (studio/builder_menu.php?page=sets in UNA 10.0.0-RC1 allows XSS via the ...)
	NOT-FOR-US: UNA
CVE-2019-14804 (studio/polyglot.php?page=etemplates in UNA 10.0.0-RC1 allows XSS via t ...)
	NOT-FOR-US: UNA
CVE-2019-14803
	RESERVED
CVE-2019-14802
	RESERVED
CVE-2019-14801 (The FV Flowplayer Video Player plugin before 7.3.15.727 for WordPress  ...)
	NOT-FOR-US: FV Flowplayer Video Player plugin for WordPress
CVE-2019-14800 (The FV Flowplayer Video Player plugin before 7.3.15.727 for WordPress  ...)
	NOT-FOR-US: FV Flowplayer Video Player plugin for WordPress
CVE-2019-14799 (The FV Flowplayer Video Player plugin before 7.3.14.727 for WordPress  ...)
	NOT-FOR-US: FV Flowplayer Video Player plugin for WordPress
CVE-2019-14798 (The 10Web Photo Gallery plugin before 1.5.25 for WordPress has Authent ...)
	NOT-FOR-US: 10Web Photo Gallery plugin for WordPress
CVE-2019-14797 (The 10Web Photo Gallery plugin before 1.5.23 for WordPress has authent ...)
	NOT-FOR-US: 10Web Photo Gallery plugin for WordPress
CVE-2019-14796 (The mq-woocommerce-products-price-bulk-edit (aka Woocommerce Products  ...)
	NOT-FOR-US: mq-woocommerce-products-price-bulk-edit (aka Woocommerce Products Price Bulk Edit) plugin for WordPress
CVE-2019-14795 (The toggle-the-title (aka Toggle The Title) plugin 1.4 for WordPress h ...)
	NOT-FOR-US: toggle-the-title (aka Toggle The Title) plugin for WordPress
CVE-2019-14794 (The Meta Box plugin before 4.16.2 for WordPress mishandles the uploadi ...)
	NOT-FOR-US: Meta Box plugin for WordPress
CVE-2019-14793 (The Meta Box plugin before 4.16.3 for WordPress allows file deletion v ...)
	NOT-FOR-US: Meta Box plugin for WordPress
CVE-2019-14792 (The WP Google Maps plugin before 7.11.35 for WordPress allows XSS via  ...)
	NOT-FOR-US: WP Google Maps plugin for WordPress
CVE-2019-14791 (The Appointment Booking Calendar plugin 1.3.18 for WordPress allows XS ...)
	NOT-FOR-US: Appointment Booking Calendar plugin for WordPress
CVE-2019-14790 (The limb-gallery (aka Limb Gallery) plugin 1.4.0 for WordPress has XSS ...)
	NOT-FOR-US: limb-gallery (aka Limb Gallery) plugin for WordPress
CVE-2019-14789 (The Custom 404 Pro plugin 3.2.8 for WordPress has XSS via the wp-admin ...)
	NOT-FOR-US: Custom 404 Pro plugin for WordPress
CVE-2019-14788 (wp-admin/admin-ajax.php?action=newsletters_exportmultiple in the Tribu ...)
	NOT-FOR-US: Tribulant Newsletters plugin for WordPress
CVE-2019-14787 (The Tribulant Newsletters plugin before 4.6.19 for WordPress allows XS ...)
	NOT-FOR-US: Tribulant Newsletters plugin for WordPress
CVE-2019-14786 (The Rank Math SEO plugin 1.0.27 for WordPress allows non-admin users t ...)
	NOT-FOR-US: Rank Math SEO plugin for WordPress
CVE-2019-14785 (The "CP Contact Form with PayPal" plugin before 1.2.99 for WordPress h ...)
	NOT-FOR-US: "CP Contact Form with PayPal" plugin for WordPress
CVE-2019-14784 (The "CP Contact Form with PayPal" plugin before 1.2.98 for WordPress h ...)
	NOT-FOR-US: "CP Contact Form with PayPal" plugin for WordPress
CVE-2019-14783 (On Samsung mobile devices with N(7.x), and O(8.x), P(9.0) software, Fo ...)
	NOT-FOR-US: Samsung
CVE-2019-14782 (CentOS-WebPanel.com (aka CWP) CentOS Web Panel 0.9.8.856 through 0.9.8 ...)
	NOT-FOR-US: CentOS-WebPanel.com CentOS Web Panel
CVE-2019-14781
	RESERVED
CVE-2019-14780
	RESERVED
CVE-2019-14779
	RESERVED
CVE-2019-14778 (The mkv::virtual_segment_c::seek method of demux/mkv/virtual_segment.c ...)
	{DSA-4504-1}
	- vlc 3.0.8-1
	[jessie] - vlc <end-of-life> (https://lists.debian.org/debian-security-announce/2018/msg00130.html)
	NOTE: https://www.videolan.org/security/sb-vlc308.html
CVE-2019-14777 (The Control function of demux/mkv/mkv.cpp in VideoLAN VLC media player ...)
	{DSA-4504-1}
	- vlc 3.0.8-1
	[jessie] - vlc <end-of-life> (https://lists.debian.org/debian-security-announce/2018/msg00130.html)
	NOTE: https://www.videolan.org/security/sb-vlc308.html
CVE-2019-14776 (A heap-based buffer over-read exists in DemuxInit() in demux/asf/asf.c ...)
	{DSA-4504-1}
	- vlc 3.0.8-1
	[jessie] - vlc <end-of-life> (https://lists.debian.org/debian-security-announce/2018/msg00130.html)
	NOTE: https://www.videolan.org/security/sb-vlc308.html
CVE-2019-14775
	RESERVED
CVE-2019-12625 (ClamAV versions prior to 0.101.3 are susceptible to a zip bomb vulnera ...)
	{DLA-1953-1}
	- clamav 0.101.4+dfsg-1 (bug #934359)
	[buster] - clamav 0.101.4+dfsg-0+deb10u1
	[stretch] - clamav 0.101.4+dfsg-0+deb9u1
	NOTE: https://www.openwall.com/lists/oss-security/2019/08/06/3
	NOTE: https://bugzilla.clamav.net/show_bug.cgi?id=12356
	NOTE: Partially adressed already in 0.101.2+dfsg-3 but incomplete.
	NOTE: https://blog.clamav.net/2019/08/clamav-01014-security-patch-release-has.html
CVE-2019-14774 (The woo-variation-swatches (aka Variation Swatches for WooCommerce) pl ...)
	NOT-FOR-US: Wordpress plugin
CVE-2019-14773 (admin/includes/class.actions.snippet.php in the "Woody ad snippets" pl ...)
	NOT-FOR-US: Wordpress plugin
CVE-2019-14772 (verdaccio before 3.12.0 allows XSS. ...)
	NOT-FOR-US: verdaccio
CVE-2019-14771 (Backdrop CMS 1.12.x before 1.12.8 and 1.13.x before 1.13.3 allows the  ...)
	- backdrop <itp> (bug #914257)
CVE-2019-14770 (In Backdrop CMS 1.12.x before 1.12.8 and 1.13.x before 1.13.3, some me ...)
	- backdrop <itp> (bug #914257)
CVE-2019-14769 (Backdrop CMS 1.12.x before 1.12.8 and 1.13.x before 1.13.3 doesn't suf ...)
	- backdrop <itp> (bug #914257)
CVE-2019-14768 (An Arbitrary File Upload issue in the file browser of DIMO YellowBox C ...)
	NOT-FOR-US: DIMO YellowBox CRM
CVE-2019-14767 (In DIMO YellowBox CRM before 6.3.4, Path Traversal in images/Apparence ...)
	NOT-FOR-US: DIMO YellowBox CRM
CVE-2019-14766 (Path Traversal in the file browser of DIMO YellowBox CRM before 6.3.4  ...)
	NOT-FOR-US: DIMO YellowBox CRM
CVE-2019-14765 (Incorrect Access Control in AfficheExplorateurParam() in DIMO YellowBo ...)
	NOT-FOR-US: DIMO YellowBox CRM
CVE-2019-14764
	RESERVED
CVE-2019-14763 (In the Linux kernel before 4.16.4, a double-locking error in drivers/u ...)
	- linux 4.16.5-1
	[stretch] - linux <not-affected> (Vulnerability introduced later)
	[jessie] - linux <not-affected> (Vulnerability introduced later)
CVE-2019-14762
	RESERVED
CVE-2019-14761
	RESERVED
CVE-2019-14760
	RESERVED
CVE-2019-14759
	RESERVED
CVE-2019-14758
	RESERVED
CVE-2019-14757
	RESERVED
CVE-2019-14756
	RESERVED
CVE-2019-14755 (The profile photo upload feature in Leaf Admin 61.9.0212.10 f allows U ...)
	NOT-FOR-US: Leaf Admin
CVE-2019-14754 (Open-School 3.0, and Community Edition 2.3, allows SQL Injection via t ...)
	NOT-FOR-US: Open-School
CVE-2019-14753 (SICK FX0-GPNT00000 and FX0-GENT00000 devices through 3.4.0 have a Buff ...)
	NOT-FOR-US: SICK FX0-GPNT00000 and FX0-GENT00000 devices
CVE-2019-14752 (SuiteCRM 7.10.x and 7.11.x before 7.10.20 and 7.11.8 has XSS. ...)
	NOT-FOR-US: SuiteCRM
CVE-2019-14751 (NLTK Downloader before 3.4.5 is vulnerable to a directory traversal, a ...)
	- nltk 3.4.5-1 (low; bug #935201)
	[buster] - nltk <no-dsa> (Minor issue)
	[stretch] - nltk <no-dsa> (Minor issue)
	[jessie] - nltk <no-dsa> (Minor issue; user has to configure a compromised server)
	NOTE: https://salvatoresecurity.com/zip-slip-in-nltk-cve-2019-14751/
	NOTE: https://github.com/nltk/nltk/commit/f59d7ed8df2e0e957f7f247fe218032abdbe9a10
CVE-2019-14750 (An issue was discovered in osTicket before 1.10.7 and 1.12.x before 1. ...)
	NOT-FOR-US: osTicket
CVE-2019-14749 (An issue was discovered in osTicket before 1.10.7 and 1.12.x before 1. ...)
	NOT-FOR-US: osTicket
CVE-2019-14748 (An issue was discovered in osTicket before 1.10.7 and 1.12.x before 1. ...)
	NOT-FOR-US: osTicket
CVE-2019-14747 (DWSurvey through 2019-07-22 has stored XSS via the design/my-survey-de ...)
	NOT-FOR-US: DWSurvey
CVE-2019-14746 (A issue was discovered in KuaiFanCMS 5.0. It allows eval injection by  ...)
	NOT-FOR-US: KuaiFanCMS
CVE-2019-14745 (In radare2 before 3.7.0, a command injection vulnerability exists in b ...)
	- radare2 3.9.0+dfsg-1 (bug #934204)
	[jessie] - radare2 <no-dsa> (Minor issue)
	NOTE: https://github.com/radare/radare2/pull/14690
	NOTE: When fixing this ussue make sure to not only apply the initial commits but
	NOTE: as well the followups to avoid opening CVE-2019-16718:
	NOTE: https://github.com/radareorg/radare2/commit/5411543a310a470b1257fb93273cdd6e8dfcb3af
	NOTE: https://github.com/radareorg/radare2/commit/dd739f5a45b3af3d1f65f00fe19af1dbfec7aea7
CVE-2019-14744 (In KDE Frameworks KConfig before 5.61.0, malicious desktop files and c ...)
	{DSA-4494-1 DLA-1890-1}
	- kconfig 5.54.0-2 (bug #934267)
	- kde4libs 4:4.14.38-4 (bug #934268)
	[buster] - kde4libs <no-dsa> (Minor issue)
	[stretch] - kde4libs <no-dsa> (Minor issue)
	NOTE: https://gist.githubusercontent.com/zeropwn/630832df151029cb8f22d5b6b9efaefb/raw/64aa3d30279acb207f787ce9c135eefd5e52643b/kde-kdesktopfile-command-injection.txt
	NOTE: https://kde.org/info/security/advisory-20190807-1.txt
	NOTE: kconfig: https://cgit.kde.org/kconfig.git/commit/?id=5d3e71b1d2ecd2cb2f910036e614ffdfc895aa22
	NOTE: kdelibs: https://cgit.kde.org/kdelibs.git/commit/?id=2c3762feddf7e66cf6b64d9058f625a715694a00
CVE-2019-14743 (In Valve Steam Client for Windows through 2019-08-07, HKLM\SOFTWARE\Wo ...)
	NOT-FOR-US: Valve Steam Client for Windows
CVE-2019-14742
	RESERVED
CVE-2019-14741
	RESERVED
CVE-2019-14740
	RESERVED
CVE-2019-14739
	RESERVED
CVE-2019-14738
	RESERVED
CVE-2019-14737 (Ubisoft Uplay 92.0.0.6280 has Insecure Permissions. ...)
	NOT-FOR-US: Ubisoft Uplay
CVE-2019-14736
	RESERVED
CVE-2019-14735
	RESERVED
CVE-2019-14734 (AdPlug 2.3.1 has multiple heap-based buffer overflows in CmtkLoader::l ...)
	- adplug <unfixed>
	[buster] - adplug <no-dsa> (Minor issue)
	[stretch] - adplug <no-dsa> (Minor issue)
	[jessie] - adplug <no-dsa> (Minor issue)
	NOTE: https://github.com/adplug/adplug/issues/90
CVE-2019-14733 (AdPlug 2.3.1 has multiple heap-based buffer overflows in CradLoader::l ...)
	- adplug <unfixed>
	[buster] - adplug <no-dsa> (Minor issue)
	[stretch] - adplug <no-dsa> (Minor issue)
	[jessie] - adplug <no-dsa> (Minor issue)
	NOTE: https://github.com/adplug/adplug/issues/89
CVE-2019-14732 (AdPlug 2.3.1 has multiple heap-based buffer overflows in Ca2mLoader::l ...)
	- adplug <unfixed>
	[buster] - adplug <no-dsa> (Minor issue)
	[stretch] - adplug <no-dsa> (Minor issue)
	[jessie] - adplug <no-dsa> (Minor issue)
	NOTE: https://github.com/adplug/adplug/issues/88
CVE-2019-14731 (An issue was discovered in ZenTao 11.5.1. There is an XSS (stored) vul ...)
	NOT-FOR-US: ZenTao CMS
CVE-2019-14730 (In CentOS-WebPanel.com (aka CWP) CentOS Web Panel 0.9.8.851, an insecu ...)
	NOT-FOR-US: CentOS-WebPanel.com CentOS Web Panel
CVE-2019-14729 (In CentOS-WebPanel.com (aka CWP) CentOS Web Panel 0.9.8.851, an insecu ...)
	NOT-FOR-US: CentOS-WebPanel.com CentOS Web Panel
CVE-2019-14728 (In CentOS-WebPanel.com (aka CWP) CentOS Web Panel 0.9.8.851, an insecu ...)
	NOT-FOR-US: CentOS-WebPanel.com CentOS Web Panel
CVE-2019-14727 (In CentOS-WebPanel.com (aka CWP) CentOS Web Panel 0.9.8.851, an insecu ...)
	NOT-FOR-US: CentOS-WebPanel.com CentOS Web Panel
CVE-2019-14726 (In CentOS-WebPanel.com (aka CWP) CentOS Web Panel 0.9.8.851, an insecu ...)
	NOT-FOR-US: CentOS-WebPanel.com CentOS Web Panel
CVE-2019-14725 (In CentOS-WebPanel.com (aka CWP) CentOS Web Panel 0.9.8.851, an insecu ...)
	NOT-FOR-US: CentOS-WebPanel.com CentOS Web Panel
CVE-2019-14724 (In CentOS-WebPanel.com (aka CWP) CentOS Web Panel 0.9.8.851, an insecu ...)
	NOT-FOR-US: CentOS-WebPanel.com CentOS Web Panel
CVE-2019-14723 (In CentOS-WebPanel.com (aka CWP) CentOS Web Panel 0.9.8.851, an insecu ...)
	NOT-FOR-US: CentOS-WebPanel.com CentOS Web Panel
CVE-2019-14722 (In CentOS-WebPanel.com (aka CWP) CentOS Web Panel 0.9.8.851, an insecu ...)
	NOT-FOR-US: CentOS-WebPanel.com CentOS Web Panel
CVE-2019-14721 (In CentOS-WebPanel.com (aka CWP) CentOS Web Panel 0.9.8.851, an insecu ...)
	NOT-FOR-US: CentOS-WebPanel.com CentOS Web Panel
CVE-2019-14720
	RESERVED
CVE-2019-14719
	RESERVED
CVE-2019-14718
	RESERVED
CVE-2019-14717
	RESERVED
CVE-2019-14716
	RESERVED
CVE-2019-14715
	RESERVED
CVE-2019-14714
	RESERVED
CVE-2019-14713
	RESERVED
CVE-2019-14712
	RESERVED
CVE-2019-14711
	RESERVED
CVE-2019-14710
	RESERVED
CVE-2019-14709 (A cleartext password storage issue was discovered on MicroDigital N-se ...)
	NOT-FOR-US: MicroDigital
CVE-2019-14708 (An issue was discovered on MicroDigital N-series cameras with firmware ...)
	NOT-FOR-US: MicroDigital
CVE-2019-14707 (An issue was discovered on MicroDigital N-series cameras with firmware ...)
	NOT-FOR-US: MicroDigital
CVE-2019-14706 (A denial of service issue in HTTPD was discovered on MicroDigital N-se ...)
	NOT-FOR-US: MicroDigital
CVE-2019-14705 (An Incorrect Access Control issue was discovered on MicroDigital N-ser ...)
	NOT-FOR-US: MicroDigital
CVE-2019-14704 (An SSRF issue was discovered in HTTPD on MicroDigital N-series cameras ...)
	NOT-FOR-US: MicroDigital
CVE-2019-14703 (A CSRF issue was discovered in webparam?user&amp;action=set&amp;param= ...)
	NOT-FOR-US: MicroDigital
CVE-2019-14702 (An issue was discovered on MicroDigital N-series cameras with firmware ...)
	NOT-FOR-US: MicroDigital
CVE-2019-14701 (An issue was discovered on MicroDigital N-series cameras with firmware ...)
	NOT-FOR-US: MicroDigital
CVE-2019-14700 (An issue was discovered on MicroDigital N-series cameras with firmware ...)
	NOT-FOR-US: MicroDigital
CVE-2019-14699 (An issue was discovered on MicroDigital N-series cameras with firmware ...)
	NOT-FOR-US: MicroDigital
CVE-2019-14698 (An issue was discovered on MicroDigital N-series cameras with firmware ...)
	NOT-FOR-US: MicroDigital
CVE-2019-14696 (Open-School 3.0, and Community Edition 2.3, allows XSS via the osv/ind ...)
	NOT-FOR-US: Open-School
CVE-2019-14695 (A SQL injection vulnerability exists in the Sygnoos Popup Builder plug ...)
	NOT-FOR-US: Sygnoos Popup Builder plugin for WordPress
CVE-2019-14694 (A use-after-free flaw in the sandbox container implemented in cmdguard ...)
	NOT-FOR-US: Comodo Antivirus
CVE-2019-14693 (Zoho ManageEngine AssetExplorer 6.2.0 is vulnerable to an XML External ...)
	NOT-FOR-US: Zoho ManageEngine AssetExplorer
CVE-2019-14692 (AdPlug 2.3.1 has a heap-based buffer overflow in CmkjPlayer::load() in ...)
	- adplug <unfixed> (bug #943927)
	[buster] - adplug <no-dsa> (Minor issue)
	[stretch] - adplug <no-dsa> (Minor issue)
	[jessie] - adplug <no-dsa> (Minor issue)
	NOTE: https://github.com/adplug/adplug/issues/87
CVE-2019-14691 (AdPlug 2.3.1 has a heap-based buffer overflow in CdtmLoader::load() in ...)
	- adplug <unfixed> (bug #943928)
	[buster] - adplug <no-dsa> (Minor issue)
	[stretch] - adplug <no-dsa> (Minor issue)
	[jessie] - adplug <no-dsa> (Minor issue)
	NOTE: https://github.com/adplug/adplug/issues/86
CVE-2019-14690 (AdPlug 2.3.1 has a heap-based buffer overflow in CxadbmfPlayer::__bmf_ ...)
	- adplug <unfixed> (bug #943929)
	[buster] - adplug <no-dsa> (Minor issue)
	[stretch] - adplug <no-dsa> (Minor issue)
	[jessie] - adplug <no-dsa> (Minor issue)
	NOTE: https://github.com/adplug/adplug/issues/85
CVE-2019-14697 (musl libc through 1.1.23 has an x87 floating-point stack adjustment im ...)
	- musl 1.1.23-2
	[buster] - musl <no-dsa> (Minor issue)
	[stretch] - musl <no-dsa> (Minor issue)
	[jessie] - musl <no-dsa> (Minor issue)
	NOTE: https://git.musl-libc.org/cgit/musl/patch/?id=f3ed8bfe8a82af1870ddc8696ed4cc1d5aa6b441
	NOTE: https://git.musl-libc.org/cgit/musl/patch/?id=6818c31c9bc4bbad5357f1de14bedf781e5b349e
	NOTE: https://www.openwall.com/lists/oss-security/2019/08/06/1
CVE-2019-14689
	RESERVED
CVE-2019-14688 (Trend Micro has repackaged installers for several Trend Micro products ...)
	NOT-FOR-US: Trend Micro
CVE-2019-14687 (A DLL hijacking vulnerability exists in Trend Micro Password Manager 5 ...)
	NOT-FOR-US: Trend Micro
CVE-2019-14686 (A DLL hijacking vulnerability exists in the Trend Micro Security's 201 ...)
	NOT-FOR-US: Trend Micro
CVE-2019-14685 (A local privilege escalation vulnerability exists in Trend Micro Secur ...)
	NOT-FOR-US: Trend Micro
CVE-2019-14684 (A DLL hijacking vulnerability exists in Trend Micro Password Manager 5 ...)
	NOT-FOR-US: Trend Micro
CVE-2019-14683 (The codection "Import users from CSV with meta" plugin before 1.14.2.2 ...)
	NOT-FOR-US: Wordpress plugin
CVE-2019-14682 (The acf-better-search (aka ACF: Better Search) plugin before 3.3.1 for ...)
	NOT-FOR-US: Wordpress plugin
CVE-2019-14681 (The Deny All Firewall plugin before 1.1.7 for WordPress allows wp-admi ...)
	NOT-FOR-US: Wordpress plugin
CVE-2019-14680 (The admin-renamer-extended (aka Admin renamer extended) plugin 3.2.1 f ...)
	NOT-FOR-US: Wordpress plugin
CVE-2019-14679 (core/views/arprice_import_export.php in the ARPrice Lite plugin 2.2 fo ...)
	NOT-FOR-US: Wordpress plugin
CVE-2019-14678 (SAS XML Mapper 9.45 has an XML External Entity (XXE) vulnerability tha ...)
	NOT-FOR-US: SAP
CVE-2019-14677
	RESERVED
CVE-2019-14676
	RESERVED
CVE-2019-14675
	RESERVED
CVE-2019-14674
	RESERVED
CVE-2019-14673
	RESERVED
CVE-2019-14672 (Firefly III 4.7.17.5 is vulnerable to stored XSS due to the lack of fi ...)
	NOT-FOR-US: Firefly
CVE-2019-14671 (Firefly III 4.7.17.3 is vulnerable to local file enumeration. An attac ...)
	NOT-FOR-US: Firefly
CVE-2019-14670 (Firefly III 4.7.17.3 is vulnerable to stored XSS due to the lack of fi ...)
	NOT-FOR-US: Firefly
CVE-2019-14669 (Firefly III 4.7.17.3 is vulnerable to stored XSS due to the lack of fi ...)
	NOT-FOR-US: Firefly
CVE-2019-14668 (Firefly III 4.7.17.3 is vulnerable to stored XSS due to the lack of fi ...)
	NOT-FOR-US: Firefly
CVE-2019-14667 (Firefly III 4.7.17.4 is vulnerable to multiple stored XSS issues due t ...)
	NOT-FOR-US: Firefly
CVE-2019-14666 (GLPI through 9.4.3 is prone to account takeover by abusing the ajax/au ...)
	- glpi <removed> (unimportant)
	NOTE: https://github.com/glpi-project/glpi/security/advisories/GHSA-47hq-pfrr-jh5q
	NOTE: Only supported behind an authenticated HTTP zone
CVE-2019-14665 (Brandy 1.20.1 has a heap-based buffer overflow in define_array in vari ...)
	- brandy <unfixed> (unimportant; bug #933996)
	NOTE: https://sourceforge.net/p/brandy/bugs/8/
	NOTE: Negligible security impact
CVE-2019-14664 (In Enigmail below 2.1, an attacker in possession of PGP encrypted emai ...)
	- enigmail <unfixed>
	[buster] - enigmail <ignored> (Minor issue and too intrusive to backport)
	[stretch] - enigmail <ignored> (Minor issue and too intrusive to backport)
	[jessie] - enigmail <end-of-life> (see https://lists.debian.org/debian-lts-announce/2019/02/msg00002.html)
	NOTE: https://sourceforge.net/p/enigmail/bugs/984/
CVE-2019-14663 (Brandy 1.20.1 has a stack-based buffer overflow in fileio_openin in fi ...)
	- brandy <unfixed> (unimportant; bug #933996)
	NOTE: https://sourceforge.net/p/brandy/bugs/6/
	NOTE: Negligible security impact
CVE-2019-14662 (Brandy 1.20.1 has a stack-based buffer overflow in fileio_openout in f ...)
	- brandy <unfixed> (unimportant; bug #933996)
	NOTE: https://sourceforge.net/p/brandy/bugs/7/
	NOTE: Negligible security impact
CVE-2019-14661
	RESERVED
CVE-2019-14660
	RESERVED
CVE-2019-14659
	REJECTED
CVE-2019-14658
	RESERVED
CVE-2019-14657 (Yealink phones through 2019-08-04 have an issue with OpenVPN file uplo ...)
	NOT-FOR-US: Yealink
CVE-2019-14656 (Yealink phones through 2019-08-04 do not properly check user roles in  ...)
	NOT-FOR-US: Yealink
CVE-2019-14655
	REJECTED
CVE-2019-14654 (In Joomla! 3.9.7 and 3.9.8, inadequate filtering allows users authoris ...)
	NOT-FOR-US: Joomla!
CVE-2019-XXXX [Buffer overflow during processing of large server replies]
	- pump <removed> (bug #933674)
	[jessie] - pump 0.8.24-7+deb8u1
CVE-2019-14653 (pandao Editor.md 1.5.0 allows XSS via an attribute of an ABBR or SUP e ...)
	NOT-FOR-US: pandao Editor.md
CVE-2019-14652 (explorer.js in Amazon AWS JavaScript S3 Explorer (aka aws-js-s3-explor ...)
	NOT-FOR-US: Amazon AWS JavaScript S3 Explorer
CVE-2019-14651
	RESERVED
CVE-2019-14650
	RESERVED
CVE-2019-14649
	RESERVED
CVE-2019-14648
	RESERVED
CVE-2019-14647
	RESERVED
CVE-2019-14646
	RESERVED
CVE-2019-14645
	RESERVED
CVE-2019-14644
	RESERVED
CVE-2019-14643
	RESERVED
CVE-2019-14642
	RESERVED
CVE-2019-14641
	RESERVED
CVE-2019-14640
	RESERVED
CVE-2019-14639
	RESERVED
CVE-2019-14638
	RESERVED
CVE-2019-14637
	RESERVED
CVE-2019-14636
	RESERVED
CVE-2019-14635
	RESERVED
CVE-2019-14634
	RESERVED
CVE-2019-14633
	RESERVED
CVE-2019-14632
	RESERVED
CVE-2019-14631
	RESERVED
CVE-2019-14630
	RESERVED
CVE-2019-14629 (Improper permissions in Intel(R) DAAL before version 2020 Gold may all ...)
	NOT-FOR-US: Intel
CVE-2019-14628
	RESERVED
CVE-2019-14627
	RESERVED
CVE-2019-14626 (Improper access control in PCIe function for the Intel&#174; FPGA Prog ...)
	NOT-FOR-US: Intel
CVE-2019-14625 (Improper access control in on-card storage for the Intel&#174; FPGA Pr ...)
	NOT-FOR-US: Intel
CVE-2019-14624
	RESERVED
CVE-2019-14623
	RESERVED
CVE-2019-14622
	RESERVED
CVE-2019-14621
	RESERVED
CVE-2019-14620
	RESERVED
CVE-2019-14619
	RESERVED
CVE-2019-14618
	RESERVED
CVE-2019-14617
	RESERVED
CVE-2019-14616
	RESERVED
CVE-2019-14615 (Insufficient control flow in certain data structures for some Intel(R) ...)
	{DLA-2114-1}
	- linux 5.4.13-1
	[buster] - linux 4.19.98-1
	[stretch] - linux 4.9.210-1
	[jessie] - linux <not-affected> (Driver doesn't support this hardware)
	NOTE: https://git.kernel.org/linus/bc8a76a152c5f9ef3b48104154a65a68a8b76946
CVE-2019-14614
	RESERVED
CVE-2019-14613 (Improper access control in driver for Intel(R) VTune(TM) Amplifier for ...)
	NOT-FOR-US: Intel
CVE-2019-14612 (Out of bounds write in firmware for Intel(R) NUC(R) may allow a privil ...)
	NOT-FOR-US: Intel
CVE-2019-14611 (Integer overflow in firmware for Intel(R) NUC(R) may allow a privilege ...)
	NOT-FOR-US: Intel
CVE-2019-14610 (Improper access control in firmware for Intel(R) NUC(R) may allow an a ...)
	NOT-FOR-US: Intel
CVE-2019-14609 (Improper input validation in firmware for Intel(R) NUC(R) may allow a  ...)
	NOT-FOR-US: Intel
CVE-2019-14608 (Improper buffer restrictions in firmware for Intel(R) NUC(R) may allow ...)
	NOT-FOR-US: Intel
CVE-2019-14607 (Improper conditions check in multiple Intel&#174; Processors may allow ...)
	{DSA-4565-2}
	- intel-microcode 3.20191115.1
	NOTE: https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00317.html
CVE-2019-14606
	RESERVED
CVE-2019-14605 (Improper permissions in the installer for the Intel(R) SCS Platform Di ...)
	NOT-FOR-US: Intel
CVE-2019-14604 (Null pointer dereference in the FPGA kernel driver for Intel(R) Quartu ...)
	NOT-FOR-US: Intel
CVE-2019-14603 (Improper permissions in the installer for the License Server software  ...)
	NOT-FOR-US: Intel
CVE-2019-14602 (Improper permissions in the installer for the Nuvoton* CIR Driver vers ...)
	NOT-FOR-US: Nuvoton* CIR Driver
CVE-2019-14601 (Improper permissions in the installer for Intel(R) RWC 3 for Windows b ...)
	NOT-FOR-US: Intel
CVE-2019-14600 (Uncontrolled search path element in the installer for Intel(R) SNMP Su ...)
	NOT-FOR-US: Intel
CVE-2019-14599 (Unquoted service path in Control Center-I version 2.1.0.0 and earlier  ...)
	NOT-FOR-US: Intel
CVE-2019-14598 (Improper Authentication in subsystem in Intel(R) CSME versions 12.0 th ...)
	NOT-FOR-US: Intel
CVE-2019-14597
	RESERVED
CVE-2019-14596 (Improper access control in the installer for Intel(R) Chipset Device S ...)
	NOT-FOR-US: Intel
CVE-2019-14595
	RESERVED
CVE-2019-14594
	RESERVED
CVE-2019-14593
	RESERVED
CVE-2019-14592
	RESERVED
CVE-2019-14591 (Improper input validation in the API for Intel(R) Graphics Driver vers ...)
	NOT-FOR-US: Intel Windows graphics driver
CVE-2019-14590 (Improper access control in the API for the Intel(R) Graphics Driver ve ...)
	NOT-FOR-US: Intel Windows graphics driver
CVE-2019-14589
	RESERVED
CVE-2019-14588
	RESERVED
CVE-2019-14587
	RESERVED
	- edk2 0~20200229.4c0f6e34-1
	[buster] - edk2 <no-dsa> (Minor issue)
	[stretch] - edk2 <no-dsa> (Minor issue)
	[jessie] - edk2 <end-of-life> (non-free)
CVE-2019-14586
	RESERVED
	- edk2 0~20200229.4c0f6e34-1
	[buster] - edk2 <no-dsa> (Minor issue)
	[stretch] - edk2 <no-dsa> (Minor issue)
	[jessie] - edk2 <end-of-life> (non-free)
CVE-2019-14585
	RESERVED
CVE-2019-14584
	RESERVED
CVE-2019-14583
	RESERVED
CVE-2019-14582
	RESERVED
CVE-2019-14581
	RESERVED
CVE-2019-14580
	RESERVED
CVE-2019-14579
	RESERVED
CVE-2019-14578
	RESERVED
CVE-2019-14577
	RESERVED
CVE-2019-14576
	RESERVED
CVE-2019-14575 [DxeImageVerificationHandler() fails open in case of dbx signature check]
	RESERVED
	- edk2 0~20200229.4c0f6e34-1 (low; bug #952935)
	[buster] - edk2 <no-dsa> (Minor issue)
	[stretch] - edk2 <no-dsa> (Minor issue)
	[jessie] - edk2 <end-of-life> (non-free)
	NOTE: https://bugzilla.tianocore.org/show_bug.cgi?id=1608
CVE-2019-14574 (Out of bounds read in a subsystem for Intel(R) Graphics Driver version ...)
	NOT-FOR-US: Intel Windows graphics driver
CVE-2019-14573
	RESERVED
CVE-2019-14572
	RESERVED
CVE-2019-14571
	RESERVED
CVE-2019-14570 (Memory corruption in system firmware for Intel(R) NUC may allow a priv ...)
	NOT-FOR-US: Intel
CVE-2019-14569 (Pointer corruption in system firmware for Intel(R) NUC may allow a pri ...)
	NOT-FOR-US: Intel
CVE-2019-14568 (Improper permissions in the executable for Intel(R) RST before version ...)
	NOT-FOR-US: Intel
CVE-2019-14567
	RESERVED
CVE-2019-14566 (Insufficient input validation in Intel(R) SGX SDK multiple Linux and W ...)
	NOT-FOR-US: Intel
CVE-2019-14565 (Insufficient initialization in Intel(R) SGX SDK Windows versions 2.4.1 ...)
	NOT-FOR-US: Intel
CVE-2019-14564
	RESERVED
CVE-2019-14563 [numeric truncation in MdeModulePkg/PiDxeS3BootScriptLib]
	RESERVED
	- edk2 0~20200229.4c0f6e34-1 (low; bug #952934)
	[buster] - edk2 <no-dsa> (Minor issue)
	[stretch] - edk2 <no-dsa> (Minor issue)
	[jessie] - edk2 <end-of-life> (non-free)
	NOTE: https://github.com/tianocore/edk2/commit/322ac05f8bbc1bce066af1dabd1b70ccdbe28891
	NOTE: https://bugzilla.tianocore.org/show_bug.cgi?id=2001
CVE-2019-14562
	RESERVED
CVE-2019-14561
	RESERVED
CVE-2019-14560
	RESERVED
CVE-2019-14559 [memory leak in ArpOnFrameRcvdDpc]
	RESERVED
	- edk2 0~20200229.4c0f6e34-1 (bug #952926; low)
	[buster] - edk2 <no-dsa> (Minor issue)
	[stretch] - edk2 <no-dsa> (Minor issue)
	[jessie] - edk2 <end-of-life> (non-free)
	NOTE: https://bugzilla.tianocore.org/show_bug.cgi?id=2550
	NOTE: https://bugzilla.tianocore.org/show_bug.cgi?id=2031
CVE-2019-14558
	RESERVED
	- edk2 0~20200229.4c0f6e34-1
	[buster] - edk2 <no-dsa> (Minor issue)
	[stretch] - edk2 <no-dsa> (Minor issue)
	[jessie] - edk2 <end-of-life> (non-free)
CVE-2019-14557
	RESERVED
CVE-2019-14556
	RESERVED
CVE-2019-14555
	RESERVED
CVE-2019-14554
	RESERVED
CVE-2019-14553 [invalid server certificate accepted in HTTPS-over-IPv6 boot]
	RESERVED
	- edk2 0~20190828.37eef910-4 (unimportant; bug #941775)
	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1758518
	NOTE: https://bugzilla.tianocore.org/show_bug.cgi?id=960
	NOTE: unimportant, as Debian builds do not enable HTTPSBOOT (via
	NOTE: -DNETWORK_TLS_ENABLE=TRUE).
CVE-2019-14552
	RESERVED
CVE-2019-14551 (Das Q before 2019-08-02 allows web sites to execute arbitrary code on  ...)
	NOT-FOR-US: Das Keyboard Q
CVE-2019-14550 (An issue was discovered in EspoCRM before 5.6.9. Stored XSS was execut ...)
	NOT-FOR-US: EspoCRM
CVE-2019-14549 (An issue was discovered in EspoCRM before 5.6.9. Stored XSS was execut ...)
	NOT-FOR-US: EspoCRM
CVE-2019-14548 (An issue was discovered in EspoCRM before 5.6.9. Stored XSS in the bod ...)
	NOT-FOR-US: EspoCRM
CVE-2019-14547 (An issue was discovered in EspoCRM before 5.6.9. Stored XSS was execut ...)
	NOT-FOR-US: EspoCRM
CVE-2019-14546 (An issue was discovered in EspoCRM before 5.6.9. Stored XSS was execut ...)
	NOT-FOR-US: EspoCRM
CVE-2019-14545
	RESERVED
CVE-2019-14544 (routes/api/v1/api.go in Gogs 0.11.86 lacks permission checks for route ...)
	NOT-FOR-US: Go Git Service
CVE-2019-14543
	RESERVED
CVE-2019-14542
	RESERVED
CVE-2019-14541 (GnuCOBOL 2.2 has a stack-based buffer overflow in cb_encode_program_id ...)
	- gnucobol <unfixed> (low; bug #933884)
	[buster] - gnucobol <ignored> (Minor issue)
	- open-cobol <removed>
	[stretch] - open-cobol <ignored> (Minor issue)
	[jessie] - open-cobol <no-dsa> (Minor issue)
	NOTE: https://sourceforge.net/p/open-cobol/bugs/584/
CVE-2019-14540 (A Polymorphic Typing issue was discovered in FasterXML jackson-databin ...)
	{DSA-4542-1 DLA-1943-1}
	- jackson-databind 2.10.0-1 (bug #940498)
	NOTE: https://github.com/FasterXML/jackson-databind/issues/2410
	NOTE: https://github.com/FasterXML/jackson-databind/issues/2449
	NOTE: https://github.com/FasterXML/jackson-databind/commit/d4983c740fec7d5576b207a8c30a63d3ea7443de
CVE-2019-14539
	RESERVED
CVE-2019-14538
	RESERVED
CVE-2019-14537 (YOURLS through 1.7.3 is affected by a type juggling vulnerability in t ...)
	NOT-FOR-US: YOURLS
CVE-2019-14536
	RESERVED
CVE-2019-14535 (A divide-by-zero error exists in the SeekIndex function of demux/asf/a ...)
	{DSA-4504-1}
	- vlc 3.0.8-1
	[jessie] - vlc <end-of-life> (https://lists.debian.org/debian-security-announce/2018/msg00130.html)
	NOTE: https://www.videolan.org/security/sb-vlc308.html
CVE-2019-14534 (In VideoLAN VLC media player 3.0.7.1, there is a NULL pointer derefere ...)
	{DSA-4504-1}
	- vlc 3.0.8-1
	[jessie] - vlc <end-of-life> (https://lists.debian.org/debian-security-announce/2018/msg00130.html)
	NOTE: https://www.videolan.org/security/sb-vlc308.html
CVE-2019-14533 (The Control function of demux/asf/asf.c in VideoLAN VLC media player 3 ...)
	{DSA-4504-1}
	- vlc 3.0.8-1
	[jessie] - vlc <end-of-life> (https://lists.debian.org/debian-security-announce/2018/msg00130.html)
	NOTE: https://www.videolan.org/security/sb-vlc308.html
CVE-2019-14532 (An issue was discovered in The Sleuth Kit (TSK) 4.6.6. There is an off ...)
	- sleuthkit <unfixed> (unimportant)
	NOTE: https://github.com/sleuthkit/sleuthkit/issues/1575
	NOTE: Negligible security impact
CVE-2019-14531 (An issue was discovered in The Sleuth Kit (TSK) 4.6.6. There is an out ...)
	- sleuthkit <unfixed> (unimportant)
	NOTE: https://github.com/sleuthkit/sleuthkit/issues/1576
	NOTE: Negligible security impact
CVE-2019-14530 (An issue was discovered in custom/ajax_download.php in OpenEMR before  ...)
	NOT-FOR-US: OpenEMR
CVE-2019-14529 (OpenEMR before 5.0.2 allows SQL Injection in interface/forms/eye_mag/s ...)
	NOT-FOR-US: OpenEMR
CVE-2019-14528 (GnuCOBOL 2.2 has a heap-based buffer overflow in read_literal in cobc/ ...)
	- gnucobol <unfixed> (low; bug #933884)
	[buster] - gnucobol <ignored> (Minor issue)
	- open-cobol <removed>
	[stretch] - open-cobol <ignored> (Minor issue)
	[jessie] - open-cobol <no-dsa> (Minor issue)
	NOTE: https://sourceforge.net/p/open-cobol/bugs/583/
CVE-2019-14527 (An issue was discovered on NETGEAR Nighthawk M1 (MR1100) devices befor ...)
	NOT-FOR-US: NETGEAR
CVE-2019-14526 (An issue was discovered on NETGEAR Nighthawk M1 (MR1100) devices befor ...)
	NOT-FOR-US: NETGEAR
CVE-2019-14525 (In Octopus Deploy 2019.4.0 through 2019.6.x before 2019.6.6, and 2019. ...)
	NOT-FOR-US: Octopus Deploy
CVE-2019-14524 (An issue was discovered in Schism Tracker through 20190722. There is a ...)
	- schism 2:20190805-1 (bug #933808)
	[buster] - schism <no-dsa> (Minor issue)
	[stretch] - schism <no-dsa> (Minor issue)
	[jessie] - schism <no-dsa> (Minor issue)
	NOTE: https://github.com/schismtracker/schismtracker/issues/201
CVE-2019-14523 (An issue was discovered in Schism Tracker through 20190722. There is a ...)
	- schism 2:20190805-1 (bug #933809)
	[buster] - schism <no-dsa> (Minor issue)
	[stretch] - schism <no-dsa> (Minor issue)
	[jessie] - schism <no-dsa> (Minor issue)
	NOTE: https://github.com/schismtracker/schismtracker/issues/202
CVE-2019-14522
	RESERVED
CVE-2019-14521 (The api/admin/logoupload Logo File upload feature in EMCA Energy Logse ...)
	NOT-FOR-US: EMCA Energy Logserver
CVE-2019-14520
	RESERVED
CVE-2019-14519
	RESERVED
CVE-2019-14518 (** DISPUTED ** Evolution CMS 2.0.x allows XSS via a description and ne ...)
	NOT-FOR-US: Evolution CMS
CVE-2019-14517 (pandao Editor.md 1.5.0 allows XSS via the Javas&amp;#99;ript: string. ...)
	NOT-FOR-US: pandao Editor.md
CVE-2019-14516 (The mAadhaar application 1.2.7 for Android lacks SSL Certificate Valid ...)
	NOT-FOR-US: mAadhaar application for Android
CVE-2019-14515
	RESERVED
CVE-2019-14514 (An issue was discovered in Microvirt MEmu all versions prior to 7.0.2. ...)
	NOT-FOR-US: Microvirt MEmu
CVE-2019-14513 (Improper bounds checking in Dnsmasq before 2.76 allows an attacker con ...)
	{DLA-1921-1}
	- dnsmasq 2.76-1
	[buster] - dnsmasq <no-dsa> (Minor issue)
	[stretch] - dnsmasq <no-dsa> (Minor issue)
	NOTE: https://github.com/Slovejoy/dnsmasq-pre2.76
	NOTE: http://thekelleys.org.uk/gitweb/?p=dnsmasq.git;a=commitdiff;h=d3a8b39c7df2f0debf3b5f274a1c37a9e261f94e
CVE-2019-14512 (LimeSurvey 3.17.7+190627 has XSS via Boxes in application/extensions/P ...)
	- limesurvey <itp> (bug #472802)
CVE-2019-14511 (Sphinx Technologies Sphinx 3.1.1 by default has no authentication and  ...)
	- sphinxsearch <unfixed> (unimportant; bug #939762)
	NOTE: Issue is just with the default configuration, but can be easily reconfigured
	NOTE: to listen on localhost only. sphinxsearch will not be started automatically
	NOTE: and an admin needs first to create anyway a /etc/sphinxsearch/sphinx.conf
	NOTE: starting from a sample.
	NOTE: sphinxsearch should ideally update the defaults in sample configs to bind
	NOTE: listeners to localhost.
	NOTE: This is not treated as a vulnerability, subject to design choices for deployment
CVE-2019-14510 (An issue was discovered in Kaseya VSA RMM through 9.5.0.22. When using ...)
	NOT-FOR-US: Kaseya VSA RMM
CVE-2019-14509
	RESERVED
CVE-2019-14508
	REJECTED
CVE-2019-14507
	REJECTED
CVE-2019-14506
	REJECTED
CVE-2019-14505
	REJECTED
CVE-2019-14504
	REJECTED
CVE-2019-14503
	REJECTED
CVE-2019-14502
	REJECTED
CVE-2019-14501
	REJECTED
CVE-2019-14500
	REJECTED
CVE-2019-14499
	REJECTED
CVE-2019-14498 (A divide-by-zero error exists in the Control function of demux/caf.c i ...)
	{DSA-4504-1}
	- vlc 3.0.8-1
	[jessie] - vlc <end-of-life> (https://lists.debian.org/debian-security-announce/2018/msg00130.html)
	NOTE: https://www.videolan.org/security/sb-vlc308.html
CVE-2019-14497 (ModuleEditor::convertInstrument in tracker/ModuleEditor.cpp in MilkyTr ...)
	{DLA-1961-1}
	- milkytracker 1.02.00+dfsg-2 (bug #933964)
	[buster] - milkytracker <no-dsa> (Minor issue)
	[stretch] - milkytracker <no-dsa> (Minor issue)
	NOTE: https://github.com/milkytracker/MilkyTracker/issues/182
	NOTE: https://github.com/milkytracker/MilkyTracker/commit/ea7772a3fae0a9dd0a322e8fec441d15843703b7
CVE-2019-14496 (LoaderXM::load in LoaderXM.cpp in milkyplay in MilkyTracker 1.02.00 ha ...)
	{DLA-1961-1}
	- milkytracker 1.02.00+dfsg-2 (bug #933964)
	[buster] - milkytracker <no-dsa> (Minor issue)
	[stretch] - milkytracker <no-dsa> (Minor issue)
	NOTE: https://github.com/milkytracker/MilkyTracker/issues/183
	NOTE: https://github.com/milkytracker/MilkyTracker/commit/ea7772a3fae0a9dd0a322e8fec441d15843703b7
CVE-2019-14495 (webadmin.c in 3proxy before 0.8.13 has an out-of-bounds write in the a ...)
	- 3proxy <itp> (bug #718219)
CVE-2019-14494 (An issue was discovered in Poppler through 0.78.0. There is a divide-b ...)
	[experimental] - poppler 0.81.0-1
	- poppler <unfixed> (bug #933812)
	[buster] - poppler <ignored> (Minor issue)
	[stretch] - poppler <ignored> (Minor issue)
	[jessie] - poppler <no-dsa> (Minor issue)
	NOTE: https://gitlab.freedesktop.org/poppler/poppler/issues/802
	NOTE: https://gitlab.freedesktop.org/poppler/poppler/merge_requests/317
	NOTE: https://gitlab.freedesktop.org/poppler/poppler/commit/b224e2f5739fe61de9fa69955d016725b2a4b78d
CVE-2019-14493 (An issue was discovered in OpenCV before 4.1.1. There is a NULL pointe ...)
	[experimental] - opencv 4.1.1+dfsg-1
	- opencv 4.1.2+dfsg-3
	[buster] - opencv <no-dsa> (Minor issue)
	[stretch] - opencv <no-dsa> (Minor issue)
	[jessie] - opencv <postponed> (Minor issue, DoS, PoC not crashing)
	NOTE: https://github.com/opencv/opencv/issues/15127
	NOTE: https://github.com/opencv/opencv/commit/5691d998ead1d9b0542bcfced36c2dceb3a59023
	NOTE: In older versions of opencv missing NULL pointer check(s) are in
	NOTE: modules/core/src/persistence.cpp (before refactoring).
	TODO: check if the old code though is really affected, might been introduced with the refactoring
CVE-2019-14492 (An issue was discovered in OpenCV before 3.4.7 and 4.x before 4.1.1. T ...)
	[experimental] - opencv 4.1.1+dfsg-1
	- opencv 4.1.2+dfsg-3
	[buster] - opencv <no-dsa> (Minor issue; can be fixed via point release)
	[stretch] - opencv <no-dsa> (Minor issue; can be fixed via point release)
	[jessie] - opencv <postponed> (Minor issue, DoS, PoC not crashing)
	NOTE: https://github.com/opencv/opencv/issues/15124
	NOTE: https://github.com/opencv/opencv/commit/ac425f67e4c1d0da9afb9203f0918d8d57c067ed
CVE-2019-14491 (An issue was discovered in OpenCV before 3.4.7 and 4.x before 4.1.1. T ...)
	[experimental] - opencv 4.1.1+dfsg-1
	- opencv 4.1.2+dfsg-3
	[buster] - opencv <no-dsa> (Minor issue; can be fixed via point release)
	[stretch] - opencv <no-dsa> (Minor issue; can be fixed via point release)
	[jessie] - opencv <postponed> (Minor issue, DoS, PoC not crashing)
	NOTE: https://github.com/opencv/opencv/issues/15125
	NOTE: https://github.com/opencv/opencv/commit/ac425f67e4c1d0da9afb9203f0918d8d57c067ed
CVE-2019-14490
	RESERVED
CVE-2019-14489
	RESERVED
CVE-2019-14488
	RESERVED
CVE-2019-14487
	RESERVED
CVE-2019-14486 (GnuCOBOL 2.2 has a buffer overflow in cb_evaluate_expr in cobc/field.c ...)
	- gnucobol <unfixed> (low; bug #933884)
	[buster] - gnucobol <ignored> (Minor issue)
	- open-cobol <removed>
	[stretch] - open-cobol <ignored> (Minor issue)
	[jessie] - open-cobol <no-dsa> (Minor issue)
	NOTE: https://sourceforge.net/p/open-cobol/bugs/582/
CVE-2019-14485
	RESERVED
CVE-2019-14484
	RESERVED
CVE-2019-14483
	RESERVED
CVE-2019-14482
	RESERVED
CVE-2019-14481
	RESERVED
CVE-2019-14480
	RESERVED
CVE-2019-14479
	RESERVED
CVE-2019-14478
	RESERVED
CVE-2019-14477
	RESERVED
CVE-2019-14476
	RESERVED
CVE-2019-14475 (eQ-3 Homematic CCU2 2.47.15 and prior and CCU3 3.47.15 and prior use s ...)
	NOT-FOR-US: eQ-3 Homematic CCU2 and CCU3
CVE-2019-14474 (eQ-3 Homematic CCU3 3.47.15 and prior has Improper Input Validation in ...)
	NOT-FOR-US: eQ-3 Homematic CCU3
CVE-2019-14473 (eQ-3 Homematic CCU2 and CCU3 use session IDs for authentication but la ...)
	NOT-FOR-US: eQ-3 Homematic CCU2 and CCU3
CVE-2019-14472 (Zurmo 3.2.7-2 has XSS via the app/index.php/zurmo/default PATH_INFO. ...)
	NOT-FOR-US: Zumo
CVE-2019-14471 (TestLink 1.9.19 has XSS via the error.php message parameter. ...)
	NOT-FOR-US: TestLink
CVE-2019-14470 (cosenary Instagram-PHP-API (aka Instagram PHP API V2), as used in the  ...)
	NOT-FOR-US: cosenary Instagram-PHP-API
CVE-2019-14469 (In Nexus Repository Manager before 3.18.0, users with elevated privile ...)
	NOT-FOR-US: Nexus Repository Manager
CVE-2019-14468 (GnuCOBOL 2.2 has a buffer overflow in cb_push_op in cobc/field.c via c ...)
	- gnucobol <unfixed> (low; bug #933884)
	[buster] - gnucobol <ignored> (Minor issue)
	- open-cobol <removed>
	[stretch] - open-cobol <ignored> (Minor issue)
	[jessie] - open-cobol <no-dsa> (Minor issue)
	NOTE: https://sourceforge.net/p/open-cobol/bugs/581/
CVE-2019-14467 (The Social Photo Gallery plugin 1.0 for WordPress allows Remote Code E ...)
	NOT-FOR-US: Social Photo Gallery plugin for WordPress
CVE-2019-14466 (The GOsa_Filter_Settings cookie in GONICUS GOsa 2.7.5.2 is vulnerable  ...)
	{DLA-1905-1}
	- gosa 2.7.4+reloaded3-10
	NOTE: https://github.com/gosa-project/gosa-core/commit/e1504e9765db2adde8b4685b5c93fbba57df868b (fix)
	NOTE: https://github.com/gosa-project/gosa-core/commit/90b674960335d888c76ca5e99027df8e7fa66f3a (fixing the prev commit)
	NOTE: https://github.com/gosa-project/gosa-core/pull/30#issuecomment-521975100
CVE-2019-14465 (fmt_mtm_load_song in fmt/mtm.c in Schism Tracker 20190722 has a heap-b ...)
	- schism 2:20190805-1 (bug #933807)
	[buster] - schism <no-dsa> (Minor issue)
	[stretch] - schism <no-dsa> (Minor issue)
	[jessie] - schism <no-dsa> (Minor issue)
	NOTE: https://github.com/schismtracker/schismtracker/issues/198
	NOTE: https://github.com/schismtracker/schismtracker/commit/b78e8d32883f8a865035436af4fa6d541b6ebb42
CVE-2019-14464 (XMFile::read in XMFile.cpp in milkyplay in MilkyTracker 1.02.00 has a  ...)
	{DLA-1961-1}
	- milkytracker 1.02.00+dfsg-2 (bug #933964)
	[buster] - milkytracker <no-dsa> (Minor issue)
	[stretch] - milkytracker <no-dsa> (Minor issue)
	NOTE: https://github.com/milkytracker/MilkyTracker/issues/184
	NOTE: https://github.com/milkytracker/MilkyTracker/commit/fd607a3439fcdd0992e5efded3c16fc79c804e34
CVE-2019-14463 (An issue was discovered in libmodbus before 3.0.7 and 3.1.x before 3.1 ...)
	- libmodbus 3.1.6-1 (bug #933805)
	[buster] - libmodbus <no-dsa> (Minor issue)
	[stretch] - libmodbus <no-dsa> (Minor issue)
	[jessie] - libmodbus <no-dsa> (Minor issue)
	NOTE: https://github.com/stephane/libmodbus/commit/5ccdf5ef79d742640355d1132fa9e2abc7fbaefc (3.1.5)
	NOTE: https://github.com/stephane/libmodbus/commit/6f915d4215c06be3c719761423d9b5e8aa3cb820 (3.1.5)
	NOTE: https://github.com/stephane/libmodbus/commit/2b5cb5896120d7564f4c34fdc5aaa4f22a97e45c (3.0.7)
	NOTE: https://github.com/stephane/libmodbus/commit/64cd092bcc421a70431fe1fb6b7f1e6f491f7cf8 (3.0.8)
CVE-2019-14462 (An issue was discovered in libmodbus before 3.0.7 and 3.1.x before 3.1 ...)
	- libmodbus 3.1.6-1 (bug #933805)
	[buster] - libmodbus <no-dsa> (Minor issue)
	[stretch] - libmodbus <no-dsa> (Minor issue)
	[jessie] - libmodbus <no-dsa> (Minor issue)
	NOTE: https://github.com/stephane/libmodbus/commit/5ccdf5ef79d742640355d1132fa9e2abc7fbaefc (3.1.5)
	NOTE: https://github.com/stephane/libmodbus/commit/6f915d4215c06be3c719761423d9b5e8aa3cb820 (3.1.5)
	NOTE: https://github.com/stephane/libmodbus/commit/2b5cb5896120d7564f4c34fdc5aaa4f22a97e45c (3.0.7)
	NOTE: https://github.com/stephane/libmodbus/commit/64cd092bcc421a70431fe1fb6b7f1e6f491f7cf8 (3.0.8)
CVE-2019-14461
	RESERVED
CVE-2019-14460
	RESERVED
CVE-2019-14459 (nfdump 1.6.17 and earlier is affected by an integer overflow in the fu ...)
	- nfdump 1.6.18-1 (bug #933740)
	[buster] - nfdump <no-dsa> (Minor issue)
	[stretch] - nfdump <no-dsa> (Minor issue)
	NOTE: https://github.com/phaag/nfdump/issues/171
	NOTE: https://github.com/phaag/nfdump/commit/3b006ededaf351f1723aea6c727c9edd1b1fff9b
CVE-2019-14458 (VIVOTEK IP Camera devices with firmware before 0x20x allow a denial of ...)
	NOT-FOR-US: VIVOTEK IP Camera devices
CVE-2019-14457 (VIVOTEK IP Camera devices with firmware before 0x20x have a stack-base ...)
	NOT-FOR-US: VIVOTEK IP Camera devices
CVE-2019-14456 (Opengear console server firmware releases prior to 4.5.0 have a stored ...)
	NOT-FOR-US: Opengear console server firmware
CVE-2019-14455
	RESERVED
CVE-2019-14454 (SuiteCRM 7.11.x and 7.10.x before 7.11.8 and 7.10.20 is vulnerable to  ...)
	NOT-FOR-US: SuiteCRM
CVE-2019-14453
	RESERVED
CVE-2019-14452 (Sigil before 0.9.16 is vulnerable to a directory traversal, allowing a ...)
	- sigil 0.9.16+dfsg-1 (bug #933797)
	[buster] - sigil <no-dsa> (Minor issue)
	[stretch] - sigil <no-dsa> (Minor issue)
	NOTE: https://github.com/Sigil-Ebook/Sigil/commit/04e2f280cc4a0766bedcc7b9eb56449ceecc2ad4
	NOTE: https://github.com/Sigil-Ebook/Sigil/commit/0979ba8d10c96ebca330715bfd4494ea0e019a8f
	NOTE: https://github.com/Sigil-Ebook/Sigil/commit/369eebe936e4a8c83cc54662a3412ce8bef189e4
CVE-2019-14451 (RepetierServer.exe in Repetier-Server 0.8 through 0.91 does not proper ...)
	NOT-FOR-US: Repetier-Server
CVE-2019-14450 (A directory traversal vulnerability was discovered in RepetierServer.e ...)
	NOT-FOR-US: Repetier-Server
CVE-2019-14449 (An issue was discovered in Cloudera Manager 5.x before 5.16.2, 6.0.x b ...)
	NOT-FOR-US: Cloudera
CVE-2019-14448
	RESERVED
CVE-2019-14447
	RESERVED
CVE-2019-14446
	RESERVED
CVE-2019-14445
	RESERVED
CVE-2019-14444 (apply_relocations in readelf.c in GNU Binutils 2.32 contains an intege ...)
	- binutils 2.32.51.20190813-1 (unimportant)
	NOTE: https://sourceware.org/bugzilla/show_bug.cgi?id=24829
	NOTE: https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=e17869db99195849826eaaf5d2d0eb2cfdd7a2a7
	NOTE: binutils not covered by security support
CVE-2019-14443 (An issue was discovered in Libav 12.3. Division by zero in range_decod ...)
	{DLA-2021-1}
	- libav <removed>
	NOTE: https://bugzilla.libav.org/show_bug.cgi?id=1161#c1
CVE-2019-14442 (In mpc8_read_header in libavformat/mpc8.c in Libav 12.3, an input file ...)
	{DLA-1907-1}
	- libav <removed>
	NOTE: https://bugzilla.libav.org/show_bug.cgi?id=1159
CVE-2019-14441 (** DISPUTED ** An issue was discovered in Libav 12.3. An access violat ...)
	- libav <removed>
	[jessie] - libav <postponed> (cf. CVE-2018-19129)
	NOTE: https://bugzilla.libav.org/show_bug.cgi?id=1161#c0
	NOTE: Duplicate of CVE-2018-19129
CVE-2019-14440
	RESERVED
CVE-2019-14439 (A Polymorphic Typing issue was discovered in FasterXML jackson-databin ...)
	{DSA-4542-1 DLA-1879-1}
	- jackson-databind 2.9.9.3-1 (bug #933393)
	NOTE: https://github.com/FasterXML/jackson-databind/issues/2389
	NOTE: https://github.com/FasterXML/jackson-databind/commit/ad418eeb974e357f2797aef64aa0e3ffaaa6125b
CVE-2019-14438 (A heap-based buffer over-read in xiph_PackHeaders() in modules/demux/x ...)
	{DSA-4504-1}
	- vlc 3.0.8-1
	[jessie] - vlc <end-of-life> (https://lists.debian.org/debian-security-announce/2018/msg00130.html)
	NOTE: https://www.videolan.org/security/sb-vlc308.html
CVE-2019-14437 (The xiph_SplitHeaders function in modules/demux/xiph.h in VideoLAN VLC ...)
	{DSA-4504-1}
	- vlc 3.0.8-1
	[jessie] - vlc <end-of-life> (https://lists.debian.org/debian-security-announce/2018/msg00130.html)
	NOTE: https://www.videolan.org/security/sb-vlc308.html
CVE-2019-14436
	RESERVED
CVE-2019-14435
	RESERVED
CVE-2019-14434
	RESERVED
CVE-2019-14433 (An issue was discovered in OpenStack Nova before 17.0.12, 18.x before  ...)
	- nova 2:19.0.2-1 (low; bug #934114)
	[buster] - nova <no-dsa> (Minor issue)
	[stretch] - nova <no-dsa> (Minor issue)
	[jessie] - nova <no-dsa> (Minor issue)
	NOTE: https://security.openstack.org/ossa/OSSA-2019-003.html
	NOTE: https://launchpad.net/bugs/1837877
CVE-2019-14432 (Incorrect authentication of application WebSocket connections in Loom  ...)
	NOT-FOR-US: Loom Desktop for Mac
CVE-2019-14431 (In MatrixSSL 3.8.3 Open through 4.2.1 Open, the DTLS server mishandles ...)
	- matrixssl <removed>
CVE-2019-14430 (plugin/Audit/Objects/AuditTable.php in YouPHPTube through 7.2 allows S ...)
	NOT-FOR-US: YouPHPTube
CVE-2019-14429
	RESERVED
CVE-2019-14428
	RESERVED
CVE-2019-14427 (XSS exists in WEB STUDIO Ultimate Loan Manager 2.0 by adding a branch  ...)
	NOT-FOR-US: WEB STUDIO Ultimate Loan Manager
CVE-2019-14426
	RESERVED
CVE-2019-14425
	RESERVED
CVE-2019-14424 (A Local File Inclusion (LFI) issue in the addon CUx-Daemon 1.11a of th ...)
	NOT-FOR-US: eQ-3 Homematic CCU-Firmware
CVE-2019-14423 (A Remote Code Execution (RCE) issue in the addon CUx-Daemon 1.11a of t ...)
	NOT-FOR-US: eQ-3 Homematic CCU-Firmware
CVE-2019-14422 (An issue was discovered in in TortoiseSVN 1.12.1. The Tsvncmd: URI han ...)
	NOT-FOR-US: TortoiseSVN
CVE-2019-14421
	RESERVED
CVE-2019-14420
	RESERVED
CVE-2019-14419
	RESERVED
CVE-2019-14418 (An issue was discovered in Veritas Resiliency Platform (VRP) before 3. ...)
	NOT-FOR-US: Veritas Resiliency Platform (VRP)
CVE-2019-14417 (An issue was discovered in Veritas Resiliency Platform (VRP) before 3. ...)
	NOT-FOR-US: Veritas Resiliency Platform (VRP)
CVE-2019-14416 (An issue was discovered in Veritas Resiliency Platform (VRP) before 3. ...)
	NOT-FOR-US: Veritas Resiliency Platform (VRP)
CVE-2019-14415 (An issue was discovered in Veritas Resiliency Platform (VRP) before 3. ...)
	NOT-FOR-US: Veritas Resiliency Platform (VRP)
CVE-2019-14414 (In cPanel before 78.0.2, a Userdata cache temporary file can conflict  ...)
	NOT-FOR-US: cPanel
CVE-2019-14413 (cPanel before 78.0.2 allows certain file-write operations as shared us ...)
	NOT-FOR-US: cPanel
CVE-2019-14412 (Maketext in cPanel before 78.0.2 allows format-string injection in the ...)
	NOT-FOR-US: cPanel
CVE-2019-14411 (cPanel before 78.0.2 does not properly restrict demo accounts from wri ...)
	NOT-FOR-US: cPanel
CVE-2019-14410 (Maketext in cPanel before 78.0.2 allows format-string injection in the ...)
	NOT-FOR-US: cPanel
CVE-2019-14409 (cPanel before 78.0.2 allows arbitrary file-read operations via Passeng ...)
	NOT-FOR-US: cPanel
CVE-2019-14408 (cPanel before 78.0.2 allows a demo account to link with an OpenID prov ...)
	NOT-FOR-US: cPanel
CVE-2019-14407 (cPanel before 78.0.2 reveals internal data to OpenID providers (SEC-41 ...)
	NOT-FOR-US: cPanel
CVE-2019-14406 (cPanel before 78.0.18 has stored XSS in the BoxTrapper Queue Listing ( ...)
	NOT-FOR-US: cPanel
CVE-2019-14405 (cPanel before 78.0.18 allows demo accounts to execute code via securit ...)
	NOT-FOR-US: cPanel
CVE-2019-14404 (cPanel before 78.0.18 allows certain file-read operations in the conte ...)
	NOT-FOR-US: cPanel
CVE-2019-14403 (cPanel before 78.0.18 offers an open mail relay because of incorrect d ...)
	NOT-FOR-US: cPanel
CVE-2019-14402 (cPanel before 78.0.18 unsafely determines terminal capabilities by usi ...)
	NOT-FOR-US: cPanel
CVE-2019-14401 (cPanel before 78.0.18 allows code execution via an addforward API1 cal ...)
	NOT-FOR-US: cPanel
CVE-2019-14400 (cPanel before 78.0.18 allows local users to escalate to root access be ...)
	NOT-FOR-US: cPanel
CVE-2019-14399 (The SSL certificate-storage feature in cPanel before 78.0.18 allows un ...)
	NOT-FOR-US: cPanel
CVE-2019-14398 (cPanel before 80.0.5 allows demo accounts to execute arbitrary code vi ...)
	NOT-FOR-US: cPanel
CVE-2019-14397 (cPanel before 80.0.5 allows demo accounts to modify arbitrary files vi ...)
	NOT-FOR-US: cPanel
CVE-2019-14396 (API Analytics adminbin in cPanel before 80.0.5 allows spoofed insertio ...)
	NOT-FOR-US: cPanel
CVE-2019-14395 (cPanel before 80.0.5 uses world-readable permissions for the Queueproc ...)
	NOT-FOR-US: cPanel
CVE-2019-14394 (cPanel before 80.0.5 allows unsafe file operations in the context of t ...)
	NOT-FOR-US: cPanel
CVE-2019-14393 (cPanel before 80.0.5 allows local code execution in the context of a d ...)
	NOT-FOR-US: cPanel
CVE-2019-14392 (cPanel before 80.0.22 allows remote code execution by a demo account b ...)
	NOT-FOR-US: cPanel
CVE-2019-14391 (cPanel before 82.0.2 does not properly enforce Reseller package creati ...)
	NOT-FOR-US: cPanel
CVE-2019-14390 (cPanel before 82.0.2 has stored XSS in the WHM Modify Account interfac ...)
	NOT-FOR-US: cPanel
CVE-2019-14389 (cPanel before 82.0.2 allows local users to discover the MySQL root pas ...)
	NOT-FOR-US: cPanel
CVE-2019-14388 (cPanel before 82.0.2 allows unauthenticated file creation because Exim ...)
	NOT-FOR-US: cPanel
CVE-2019-14387 (cPanel before 82.0.2 has Self XSS in the cPanel and webmail master tem ...)
	NOT-FOR-US: cPanel
CVE-2019-14386 (cPanel before 82.0.2 has stored XSS in the WHM Tomcat Manager interfac ...)
	NOT-FOR-US: cPanel
CVE-2019-14385
	RESERVED
CVE-2019-14384
	RESERVED
CVE-2019-14383 (J2B in libopenmpt before 0.4.2 allows an assertion failure during file ...)
	- libopenmpt 0.4.2-1 (unimportant)
	NOTE: https://lib.openmpt.org/libopenmpt/2019/01/22/security-updates-0.4.2-0.3.15-0.2.11253-beta37-0.2.7561-beta20.5-p13-0.2.7386-beta20.3-p16/
	NOTE: https://source.openmpt.org/browse/openmpt/trunk/?op=revision&rev=11216
	NOTE: Negligible security impact
CVE-2019-14382 (DSM in libopenmpt before 0.4.2 allows an assertion failure during file ...)
	- libopenmpt 0.4.2-1 (unimportant)
	NOTE: https://lib.openmpt.org/libopenmpt/2019/01/22/security-updates-0.4.2-0.3.15-0.2.11253-beta37-0.2.7561-beta20.5-p13-0.2.7386-beta20.3-p16/
	NOTE: https://source.openmpt.org/browse/openmpt/trunk/?op=revision&rev=11209
	NOTE: Negligible security impact
CVE-2019-14381 (libopenmpt before 0.4.3 allows a crash due to a NULL pointer dereferen ...)
	- libopenmpt 0.4.3-1
	[stretch] - libopenmpt <not-affected> (Vulnerable code not present in 0.2.x series)
	NOTE: https://lib.openmpt.org/libopenmpt/2019/02/11/security-update-0.4.3/
CVE-2019-14380 (libopenmpt before 0.4.5 allows a crash during playback due to an out-o ...)
	- libopenmpt 0.4.5-1 (low)
	[buster] - libopenmpt <no-dsa> (Minor issue)
	[stretch] - libopenmpt <not-affected> (Vulnerable code not present in 0.2 branch)
	NOTE: https://lib.openmpt.org/libopenmpt/2019/05/27/security-update-0.4.5/
CVE-2019-14379 (SubTypeValidator.java in FasterXML jackson-databind before 2.9.9.2 mis ...)
	{DSA-4542-1 DLA-1879-1}
	- jackson-databind 2.9.9.3-1 (bug #933393)
	NOTE: https://github.com/FasterXML/jackson-databind/issues/2387
	NOTE: https://github.com/FasterXML/jackson-databind/commit/ad418eeb974e357f2797aef64aa0e3ffaaa6125b
CVE-2019-14378 (ip_reass in ip_input.c in libslirp 4.0.0 has a heap-based buffer overf ...)
	{DSA-4512-1 DSA-4506-1 DLA-1927-1}
	- qemu 1:4.1-1 (bug #933741)
	- qemu-kvm <removed>
	- slirp4netns 0.3.2-1 (bug #933742)
	[buster] - slirp4netns 0.2.3-1
	NOTE: https://gitlab.freedesktop.org/slirp/libslirp/commit/126c04acbabd7ad32c2b018fe10dfac2a3bc1210
CVE-2019-14377
	RESERVED
CVE-2019-14376
	RESERVED
CVE-2019-14375
	RESERVED
CVE-2019-14374
	RESERVED
CVE-2019-14373 (An issue was discovered in image_save_png in image/image-png.cpp in Fr ...)
	- flif <removed>
	NOTE: https://github.com/FLIF-hub/FLIF/issues/541
CVE-2019-14372 (In Libav 12.3, there is an infinite loop in the function wv_read_block ...)
	{DLA-1907-1}
	- libav <removed>
	NOTE: https://bugzilla.libav.org/show_bug.cgi?id=1165
CVE-2019-14371 (An issue was discovered in Libav 12.3. There is an infinite loop in th ...)
	{DLA-1907-1}
	- libav <removed>
	NOTE: https://bugzilla.libav.org/show_bug.cgi?id=1163
	NOTE: fixed through CVE-2018-11102 / https://git.ffmpeg.org/gitweb/ffmpeg.git/commitdiff/7abf394814d818973db562102f21ab9d10540840
CVE-2019-14370 (In Exiv2 0.27.99.0, there is an out-of-bounds read in Exiv2::MrwImage: ...)
	- exiv2 0.27.2-6
	[buster] - exiv2 <no-dsa> (Minor issue)
	[stretch] - exiv2 <no-dsa> (Minor issue)
	[jessie] - exiv2 <not-affected> (poc not triggered with asan/valgrind, different MemIo::seek bound check)
	NOTE: https://github.com/Exiv2/exiv2/issues/954
	NOTE: fixed through CVE-2019-13504
	NOTE: https://github.com/Exiv2/exiv2/commit/bd0afe0390439b2c424d881c8c6eb0c5624e31d9
CVE-2019-14369 (Exiv2::PngImage::readMetadata() in pngimage.cpp in Exiv2 0.27.99.0 all ...)
	- exiv2 0.27.2-6
	[buster] - exiv2 <ignored> (Minor issue)
	[stretch] - exiv2 <ignored> (Minor issue)
	[jessie] - exiv2 <not-affected> (poc not triggered with asan/valgrind, different MemIo::seek bound check)
	NOTE: https://github.com/Exiv2/exiv2/issues/953
	NOTE: fixed through CVE-2019-13504
	NOTE: https://github.com/Exiv2/exiv2/commit/bd0afe0390439b2c424d881c8c6eb0c5624e31d9
CVE-2019-14368 (Exiv2 0.27.99.0 has a heap-based buffer over-read in Exiv2::RafImage:: ...)
	- exiv2 <not-affected> (Vulnerable code introduced later)
	NOTE: https://github.com/Exiv2/exiv2/issues/952
	NOTE: Fixed by: https://github.com/Exiv2/exiv2/commit/bd0afe0390439b2c424d881c8c6eb0c5624e31d9
	NOTE: Introduced by: https://github.com/Exiv2/exiv2/commit/c72d16f4c402a8acc2dfe06fe3d58bf6cf99069e
CVE-2019-14367 (Slack-Chat through 1.5.5 leaks a Slack Access Token in source code. An ...)
	NOT-FOR-US: Slack-Chat
CVE-2019-14366 (WP SlackSync plugin through 1.8.5 for WordPress leaks a Slack Access T ...)
	NOT-FOR-US: WP SlackSync plugin for WordPress
CVE-2019-14365 (The Intercom plugin through 1.2.1 for WordPress leaks a Slack Access T ...)
	NOT-FOR-US: Intercom plugin for WordPress
CVE-2019-14364 (An XSS vulnerability in the "Email Subscribers &amp; Newsletters" plug ...)
	NOT-FOR-US: "Email Subscribers & Newsletters" plugin for WordPress
CVE-2019-14363 (A stack-based buffer overflow in the upnpd binary running on NETGEAR W ...)
	NOT-FOR-US: NETGEAR
CVE-2019-14362 (Openbravo ERP before 3.0PR19Q1.3 is affected by Directory Traversal. T ...)
	NOT-FOR-US: Openbravo ERP
CVE-2019-14361
	REJECTED
CVE-2019-14360 (On Hyundai Pay Kasse HK-1000 devices, a side channel for the row-based ...)
	NOT-FOR-US: Hyundai Pay Kasse HK-1000 devices
CVE-2019-14359 (** DISPUTED ** On BC Vault devices, a side channel for the row-based S ...)
	NOT-FOR-US: BC Vault devices
CVE-2019-14358 (On Archos Safe-T devices, a side channel for the row-based OLED displa ...)
	NOT-FOR-US: Archos Safe-T devices
CVE-2019-14357 (** DISPUTED ** On Mooltipass Mini devices, a side channel for the row- ...)
	NOT-FOR-US: Mooltipass Mini devices
CVE-2019-14356 (** DISPUTED ** On Coldcard MK1 and MK2 devices, a side channel for the ...)
	NOT-FOR-US: Coldcard
CVE-2019-14355 (** DISPUTED ** On ShapeShift KeepKey devices, a side channel for the r ...)
	NOT-FOR-US: ShapeShift KeepKey devices
CVE-2019-14354 (On Ledger Nano S and Nano X devices, a side channel for the row-based  ...)
	NOT-FOR-US: Ledger Nano S and Nano X devices
CVE-2019-14353 (On Trezor One devices before 1.8.2, a side channel for the row-based O ...)
	NOT-FOR-US: Trezor One devices
CVE-2019-14352 (** DISPUTED ** In Joget Workflow 6.0.20, CSV Injection, also known as  ...)
	NOT-FOR-US: Joget Workflow
CVE-2019-14351 (EspoCRM 5.6.4 is vulnerable to user password hash enumeration. A malic ...)
	NOT-FOR-US: EspoCRM
CVE-2019-14350 (EspoCRM 5.6.4 is vulnerable to stored XSS due to lack of filtration of ...)
	NOT-FOR-US: EspoCRM
CVE-2019-14349 (EspoCRM version 5.6.4 is vulnerable to stored XSS due to lack of filtr ...)
	NOT-FOR-US: EspoCRM
CVE-2019-14348 (The BearDev JoomSport plugin 3.3 for WordPress allows SQL injection to ...)
	NOT-FOR-US: BearDev JoomSport plugin for WordPress
CVE-2019-14347 (Internal/Views/addUsers.php in Schben Adive 2.0.7 allows remote unpriv ...)
	NOT-FOR-US: Schben Adive
CVE-2019-14346 (Internal/Views/config.php in Schben Adive 2.0.7 allows admin/config CS ...)
	NOT-FOR-US: Schben Adive
CVE-2019-14345 (TemaTres 3.0 allows remote unprivileged users to create an administrat ...)
	NOT-FOR-US: TemaTres
CVE-2019-14344 (TemaTres 3.0 has reflected XSS via the replace_string or search_string ...)
	NOT-FOR-US: TemaTres
CVE-2019-14343 (TemaTres 3.0 has stored XSS via the value parameter to the vocab/admin ...)
	NOT-FOR-US: TemaTres
CVE-2019-14342
	RESERVED
CVE-2019-14341
	RESERVED
CVE-2019-14340
	RESERVED
CVE-2019-14339 (The ContentProvider in the Canon PRINT jp.co.canon.bsd.ad.pixmaprint 2 ...)
	NOT-FOR-US: CANON
CVE-2019-14338 (An issue was discovered on D-Link 6600-AP and DWL-3600AP Ax 4.2.0.14 2 ...)
	NOT-FOR-US: D-Link
CVE-2019-14337 (An issue was discovered on D-Link 6600-AP and DWL-3600AP Ax 4.2.0.14 2 ...)
	NOT-FOR-US: D-Link
CVE-2019-14336 (An issue was discovered on D-Link 6600-AP and DWL-3600AP Ax 4.2.0.14 2 ...)
	NOT-FOR-US: D-Link
CVE-2019-14335 (An issue was discovered on D-Link 6600-AP and DWL-3600AP Ax 4.2.0.14 2 ...)
	NOT-FOR-US: D-Link
CVE-2019-14334 (An issue was discovered on D-Link 6600-AP, DWL-3600AP, and DWL-8610AP  ...)
	NOT-FOR-US: D-Link
CVE-2019-14333 (An issue was discovered on D-Link 6600-AP and DWL-3600AP Ax 4.2.0.14 2 ...)
	NOT-FOR-US: D-Link
CVE-2019-14332 (An issue was discovered on D-Link 6600-AP and DWL-3600AP Ax 4.2.0.14 2 ...)
	NOT-FOR-US: D-Link
CVE-2019-14331 (An issue was discovered in EspoCRM before 5.6.6. Stored XSS exists due ...)
	NOT-FOR-US: EspoCRM
CVE-2019-14330 (An issue was discovered in EspoCRM before 5.6.6. Stored XSS exists due ...)
	NOT-FOR-US: EspoCRM
CVE-2019-14329 (An issue was discovered in EspoCRM before 5.6.6. There is stored XSS d ...)
	NOT-FOR-US: EspoCRM
CVE-2019-14328 (The Simple Membership plugin before 3.8.5 for WordPress has CSRF affec ...)
	NOT-FOR-US: Simple Membership plugin for WordPress
CVE-2019-14327 (A CSRF vulnerability in Settings form in the Custom Simple Rss plugin  ...)
	NOT-FOR-US: Custom Simple Rss plugin for WordPress
CVE-2019-14326
	RESERVED
CVE-2019-14325
	RESERVED
CVE-2019-14324
	RESERVED
CVE-2019-14323 (SSDP Responder 1.x through 1.5 mishandles incoming network messages, l ...)
	NOT-FOR-US: SSDP Responder
CVE-2019-14322 (In Pallets Werkzeug before 0.15.5, SharedDataMiddleware mishandles dri ...)
	- python-werkzeug <not-affected> (Windows-specific)
CVE-2019-14321
	RESERVED
CVE-2019-14320
	RESERVED
CVE-2019-14319 (The TikTok (formerly Musical.ly) application 12.2.0 for Android and iO ...)
	NOT-FOR-US: TikTok
CVE-2019-14318 (Crypto++ 8.3.0 and earlier contains a timing side channel in ECDSA sig ...)
	[experimental] - libcrypto++ 8.2.0-2
	- libcrypto++ 5.6.4-9 (low; bug #934326)
	[buster] - libcrypto++ <no-dsa> (Minor issue)
	[stretch] - libcrypto++ <no-dsa> (Minor issue)
	[jessie] - libcrypto++ <no-dsa> (Minor issue)
	NOTE: https://github.com/weidai11/cryptopp/issues/869
CVE-2019-14317 (wolfSSL and wolfCrypt 4.1.0 and earlier (formerly known as CyaSSL) gen ...)
	- wolfssl 4.2.0+dfsg-1
CVE-2019-14316
	RESERVED
CVE-2019-14315 (A cross-site scripting (XSS) vulnerability in upload.php in SunHater K ...)
	NOT-FOR-US: SunHater KCFinder
CVE-2019-14314 (A SQL injection vulnerability exists in the Imagely NextGEN Gallery pl ...)
	NOT-FOR-US: Imagely NextGEN Gallery plugin for WordPress
CVE-2019-14313 (A SQL injection vulnerability exists in the 10Web Photo Gallery plugin ...)
	NOT-FOR-US: 10Web Photo Gallery plugin for WordPress
CVE-2019-14312 (Aptana Jaxer 1.0.3.4547 is vulnerable to a local file inclusion vulner ...)
	NOT-FOR-US: Aptana Jaxer
CVE-2019-14311
	RESERVED
CVE-2019-14310 (Ricoh SP C250DN 1.05 devices allow denial of service (issue 2 of 3). U ...)
	NOT-FOR-US: Ricoh
CVE-2019-14309 (Ricoh SP C250DN 1.05 devices have a fixed password. FTP service creden ...)
	NOT-FOR-US: Ricoh
CVE-2019-14308 (Several Ricoh printers have multiple buffer overflows parsing LPD pack ...)
	NOT-FOR-US: Ricoh
CVE-2019-14307 (Several Ricoh printers have multiple buffer overflows parsing HTTP par ...)
	NOT-FOR-US: Ricoh
CVE-2019-14306 (Ricoh SP C250DN 1.06 devices have Incorrect Access Control (issue 2 of ...)
	NOT-FOR-US: Ricoh SP C250DN 1.06 devices
CVE-2019-14305 (Several Ricoh printers have multiple buffer overflows parsing HTTP par ...)
	NOT-FOR-US: Ricoh
CVE-2019-14304 (Ricoh SP C250DN 1.06 devices allow CSRF. ...)
	NOT-FOR-US: Ricoh SP C250DN 1.06 devices
CVE-2019-14303 (Ricoh SP C250DN 1.05 devices allow denial of service (issue 1 of 3). S ...)
	NOT-FOR-US: Ricoh
CVE-2019-14302 (On Ricoh SP C250DN 1.06 devices, a debug port can be used. ...)
	NOT-FOR-US: Ricoh SP C250DN 1.06 devices
CVE-2019-14301 (Ricoh SP C250DN 1.06 devices have Incorrect Access Control (issue 1 of ...)
	NOT-FOR-US: Ricoh SP C250DN 1.06 devices
CVE-2019-14300 (Several Ricoh printers have multiple buffer overflows parsing HTTP coo ...)
	NOT-FOR-US: Ricoh
CVE-2019-14299 (Ricoh SP C250DN 1.05 devices have an Authentication Method Vulnerable  ...)
	NOT-FOR-US: Ricoh
CVE-2019-14298 (Veeam ONE Reporter 9.5.0.3201 allows XSS via a crafted Description(con ...)
	NOT-FOR-US: Veeam ONE Reporter
CVE-2019-14297 (Veeam ONE Reporter 9.5.0.3201 allows XSS via the Add/Edit Widget with  ...)
	NOT-FOR-US: Veeam ONE Reporter
CVE-2019-14296 (canUnpack in p_vmlinx.cpp in UPX 3.95 allows remote attackers to cause ...)
	- upx-ucl 3.95-2 (unimportant; bug #933232)
	NOTE: https://github.com/upx/upx/issues/287
	NOTE: https://github.com/upx/upx/commit/276b748aa6021c38a2dc699153f61b10e76bc3d2
CVE-2019-14295 (An Integer overflow in the getElfSections function in p_vmlinx.cpp in  ...)
	- upx-ucl 3.95-2 (unimportant; bug #933232)
	NOTE: https://github.com/upx/upx/issues/286
	NOTE: https://github.com/upx/upx/commit/58b122d97da1e02dfec24b10b6b8f56218b5622c
	NOTE: https://github.com/upx/upx/commit/6a53c0b3d499d62346a5c51034db543a4ef78ea3
CVE-2019-14294 (An issue was discovered in Xpdf 4.01.01. There is a use-after-free in  ...)
	- xpdf <not-affected> (xpdf in Debian uses poppler, which is fixed)
	NOTE: https://gitlab.freedesktop.org/poppler/poppler/commit/f7990386d268a444c297958e9c50ed27a0825a00
	NOTE: https://gitlab.freedesktop.org/poppler/poppler/commit/2c0f70afff03798165c2b609e115dc7e9c034c57
CVE-2019-14293 (An issue was discovered in Xpdf 4.01.01. There is an out of bounds rea ...)
	- xpdf <not-affected> (xpdf in Debian uses poppler, which is fixed)
	NOTE: https://gitlab.freedesktop.org/poppler/poppler/commit/44cd46a6e04a87bd702dab4a662042f69f16c4ad
CVE-2019-14292 (An issue was discovered in Xpdf 4.01.01. There is an out of bounds rea ...)
	- xpdf <not-affected> (xpdf in Debian uses poppler, which is fixed)
	NOTE: https://gitlab.freedesktop.org/poppler/poppler/commit/44cd46a6e04a87bd702dab4a662042f69f16c4ad
CVE-2019-14291 (An issue was discovered in Xpdf 4.01.01. There is an out of bounds rea ...)
	- xpdf <not-affected> (xpdf in Debian uses poppler, which is fixed)
	NOTE: https://gitlab.freedesktop.org/poppler/poppler/commit/44cd46a6e04a87bd702dab4a662042f69f16c4ad
CVE-2019-14290 (An issue was discovered in Xpdf 4.01.01. There is an out of bounds rea ...)
	- xpdf <not-affected> (xpdf in Debian uses poppler, which is fixed)
	NOTE: https://gitlab.freedesktop.org/poppler/poppler/commit/44cd46a6e04a87bd702dab4a662042f69f16c4ad
CVE-2019-14289 (An issue was discovered in Xpdf 4.01.01. There is an integer overflow  ...)
	- xpdf <not-affected> (xpdf in Debian uses poppler, which is fixed)
	NOTE: https://gitlab.freedesktop.org/poppler/poppler/commit/55db66c69fd56826b8523710046deab1a8d14ba2
	NOTE: https://gitlab.freedesktop.org/poppler/poppler/commit/22c4701d5f7be0010ee4519daa546fba5ab7ac13
	NOTE: Issue correspond to CVE-2017-9776 for src:poppler
CVE-2019-14288 (An issue was discovered in Xpdf 4.01.01. There is an Integer overflow  ...)
	- xpdf <not-affected> (xpdf in Debian uses poppler, which is fixed)
	NOTE: https://gitlab.freedesktop.org/poppler/poppler/commit/55db66c69fd56826b8523710046deab1a8d14ba2
	NOTE: https://gitlab.freedesktop.org/poppler/poppler/commit/22c4701d5f7be0010ee4519daa546fba5ab7ac13
	NOTE: Issue correspond to CVE-2017-9776 for src:poppler
CVE-2019-14287 (In Sudo before 1.8.28, an attacker with access to a Runas ALL sudoer a ...)
	{DSA-4543-1 DLA-1964-1}
	- sudo 1.8.27-1.1 (bug #942322)
	NOTE: https://www.sudo.ws/alerts/minus_1_uid.html
	NOTE: Patch: https://www.sudo.ws/repos/sudo/rev/83db8dba09e7
	NOTE: Fix test regression: https://www.sudo.ws/repos/sudo/rev/db06a8336c09
	NOTE: Patch: https://www.openwall.com/lists/oss-security/2019/10/15/2 (1.8.5, 1.8.10)
CVE-2019-14286 (In app/webroot/js/event-graph.js in MISP 2.4.111, a stored XSS vulnera ...)
	NOT-FOR-US: MISP
CVE-2019-14285
	RESERVED
CVE-2019-1000033
	REJECTED
CVE-2019-14284 (In the Linux kernel before 5.2.3, drivers/block/floppy.c allows a deni ...)
	{DSA-4497-1 DSA-4495-1 DLA-1885-1 DLA-1884-1}
	- linux 5.2.6-1
	NOTE: Fixed by: https://git.kernel.org/linus/f3554aeb991214cbfafd17d55e2bfddb50282e32
CVE-2019-14283 (In the Linux kernel before 5.2.3, set_geometry in drivers/block/floppy ...)
	{DSA-4497-1 DSA-4495-1 DLA-1885-1 DLA-1884-1}
	- linux 5.2.6-1
	NOTE: Fixed by: https://git.kernel.org/linus/da99466ac243f15fbba65bd261bfc75ffa1532b6
CVE-2019-1020019 (invenio-previewer before 1.0.0a12 allows XSS. ...)
	NOT-FOR-US: invenio-previewer
CVE-2019-1020018 (Discourse before 2.3.0 and 2.4.x before 2.4.0.beta3 lacks a confirmati ...)
	NOT-FOR-US: Discourse
CVE-2019-1020017 (Discourse before 2.3.0 and 2.4.x before 2.4.0.beta3 lacks a confirmati ...)
	NOT-FOR-US: Discourse
CVE-2019-1020016 (ASH-AIO before 2.0.0.3 allows an open redirect. ...)
	NOT-FOR-US: ASH-AIO
CVE-2019-1020015 (graphql-engine (aka Hasura GraphQL Engine) before 1.0.0-beta.3 mishand ...)
	NOT-FOR-US: graphql-engine (aka Hasura GraphQL Engine)
CVE-2019-1020014 (docker-credential-helpers before 0.6.3 has a double free in the List f ...)
	- golang-github-docker-docker-credential-helpers 0.6.1-3 (bug #933801)
	[buster] - golang-github-docker-docker-credential-helpers <no-dsa> (Minor issue, can be fixed in point release)
	NOTE: https://github.com/docker/docker-credential-helpers/commit/1c9f7ede70a5ab9851f4c9cb37d317fd89cd318a
CVE-2019-1020013 (parse-server before 3.6.0 allows account enumeration. ...)
	NOT-FOR-US: parse-server
CVE-2019-1020012 (parse-server before 3.4.1 allows DoS after any POST to a volatile clas ...)
	NOT-FOR-US: parse-server
CVE-2019-1020011 (SmokeDetector intentionally does automatic deployments of updated copi ...)
	NOT-FOR-US: SmokeDetector
CVE-2019-1020010 (Misskey before 10.102.4 allows hijacking a user's token. ...)
	NOT-FOR-US: Misskey
CVE-2019-1020009 (Fleet before 2.1.2 allows exposure of SMTP credentials. ...)
	NOT-FOR-US: Fleet (osquery frontend)
CVE-2019-1020008 (stacktable.js before 1.0.4 allows XSS. ...)
	NOT-FOR-US: stacktable.js
CVE-2019-1020007 (Dependency-Track before 3.5.1 allows XSS. ...)
	NOT-FOR-US: Dependency-Track
CVE-2019-1020006 (invenio-app before 1.1.1 allows host header injection. ...)
	NOT-FOR-US: invenio-app
CVE-2019-1020005 (invenio-communities before 1.0.0a20 allows XSS. ...)
	NOT-FOR-US: invenio-communities
CVE-2019-1020004 (Tridactyl before 1.16.0 allows fake key events. ...)
	NOT-FOR-US: Tridactyl
CVE-2019-1020003 (invenio-records before 1.2.2 allows XSS. ...)
	NOT-FOR-US: invenio-records
CVE-2019-1020002 (Pterodactyl before 0.7.14 with 2FA allows credential sniffing. ...)
	NOT-FOR-US: Pterodactyl
CVE-2019-1020001 (yard before 0.9.20 allows path traversal. ...)
	- yard 0.9.20-1 (low; bug #945369)
	[buster] - yard <no-dsa> (Minor issue)
	[stretch] - yard <no-dsa> (Minor issue)
	[jessie] - yard <not-affected> (Bug was introduced in 0.9.6)
	NOTE: https://github.com/lsegal/yard/security/advisories/GHSA-xfhh-rx56-rxcr
	NOTE: Introduced in: https://github.com/lsegal/yard/commit/b32a2efe40e7bd8e5daac7fae119493376a73cde (0.9.6)
CVE-2019-14282 (The simple_captcha2 gem 0.2.3 for Ruby, as distributed on RubyGems.org ...)
	- ruby-simple-captcha2 <not-affected> (Backdoored versions not available in a Debian release)
	NOTE: https://github.com/rubygems/rubygems.org/issues/2073
CVE-2019-14281 (The datagrid gem 1.0.6 for Ruby, as distributed on RubyGems.org, inclu ...)
	NOT-FOR-US: Ruby datagrid gem
CVE-2019-14280 (In some circumstances, Craft 2 before 2.7.10 and 3 before 3.2.6 wasn't ...)
	NOT-FOR-US: Craft CMS
CVE-2019-14279
	RESERVED
CVE-2019-14278 (In Knowage through 6.1.1, an unauthenticated user can enumerated valid ...)
	NOT-FOR-US: Knowage
CVE-2019-14277 (** DISPUTED ** Axway SecureTransport 5.x through 5.3 (or 5.x through 5 ...)
	NOT-FOR-US: Axway SecureTransport
CVE-2019-14276 (WUSTL XNAT 1.7.5.3 allows XXE attacks via a POST request body. ...)
	NOT-FOR-US: WUSTL XNAT
CVE-2019-14275 (Xfig fig2dev 3.2.7a has a stack-based buffer overflow in the calc_arro ...)
	{DLA-2073-1}
	- fig2dev 1:3.2.7a-7 (unimportant; bug #933075)
	[buster] - fig2dev 1:3.2.7a-5+deb10u1
	[stretch] - fig2dev 1:3.2.6a-2+deb9u2
	- transfig <removed> (unimportant)
	NOTE: https://sourceforge.net/p/mcj/tickets/52/
	NOTE: Crash in CLI tool, no security impact, hardening build
CVE-2019-14274 (MCPP 2.7.2 has a heap-based buffer overflow in the do_msg() function i ...)
	- mcpp 2.7.2-5 (bug #933497)
	[buster] - mcpp <no-dsa> (Minor issue)
	[stretch] - mcpp <no-dsa> (Minor issue)
	[jessie] - mcpp <no-dsa> (Minor issue)
	NOTE: https://sourceforge.net/p/mcpp/bugs/13/
CVE-2019-14273 (In SilverStripe assets 4.0, there is broken access control on files. ...)
	NOT-FOR-US: SilverStripe
CVE-2019-14272 (In SilverStripe asset-admin 4.0, there is XSS in file titles managed t ...)
	NOT-FOR-US: SilverStripe
CVE-2019-14271 (In Docker 19.03.x before 19.03.1 linked against the GNU C Library (aka ...)
	{DSA-4521-1}
	- docker.io 18.09.1+dfsg1-9
	NOTE: https://github.com/moby/moby/issues/39449
	NOTE: https://github.com/moby/moby/pull/39612 (19.03.x)
	NOTE: Fix needs to be backported to 18.09 as well:
	NOTE: https://github.com/docker/engine/pull/305 (18.09.x)
	NOTE: https://github.com/moby/moby/pull/39612#issuecomment-517999360
CVE-2019-14270 (Comodo Antivirus through 12.0.0.6870, Comodo Firewall through 12.0.0.6 ...)
	NOT-FOR-US: Comodo Antivirus
CVE-2019-14269
	RESERVED
CVE-2019-14268 (In Octopus Deploy versions 3.0.19 to 2019.7.2, when a web request prox ...)
	NOT-FOR-US: Octopus Deploy
CVE-2019-14267 (PDFResurrect 0.15 has a buffer overflow via a crafted PDF file because ...)
	- pdfresurrect 0.16-1 (unimportant)
	NOTE: https://github.com/enferex/pdfresurrect/commit/4ea7a6f4f51d0440da651d099247e2273f811dbc
	NOTE: Crash in CLI tool, negligible security impact, hardening build
CVE-2019-14266 (OpenSNS v6.1.0 allows SQL Injection via the index.php?s=/ucenter/Confi ...)
	NOT-FOR-US: OpenSNS
CVE-2019-14265
	RESERVED
CVE-2019-14264
	RESERVED
CVE-2019-14263
	RESERVED
CVE-2019-14262 (MetadataExtractor 2.1.0 allows stack consumption. ...)
	NOT-FOR-US: MetadataExtractor
CVE-2019-14261 (An issue was discovered on ABUS Secvest FUAA50000 3.01.01 devices. Due ...)
	NOT-FOR-US: ABUS Secvest FUAA50000 3.01.01 devices
CVE-2019-14260 (On the Alcatel-Lucent Enterprise (ALE) 8008 Cloud Edition Deskphone Vo ...)
	NOT-FOR-US: Alcatel-Lucent Enterprise (ALE) 8008 Cloud Edition Deskphone VoIP phone
CVE-2019-14259 (On the Polycom Obihai Obi1022 VoIP phone with firmware 5.1.11, a comma ...)
	NOT-FOR-US: Polycom Obihai Obi1022 VoIP phone
CVE-2019-14258 (The XML-RPC subsystem in Zenoss 2.5.3 allows XXE attacks that lead to  ...)
	- zenoss <itp> (bug #361253)
CVE-2019-14257 (pyraw in Zenoss 2.5.3 allows local privilege escalation by modifying e ...)
	- zenoss <itp> (bug #361253)
CVE-2019-14256
	RESERVED
CVE-2019-14255 (A Server Side Request Forgery (SSRF) vulnerability in go-camo up to ve ...)
	NOT-FOR-US: go-camo
CVE-2019-14254 (An issue was discovered in the secure portal in Publisure 2.1.2. Becau ...)
	NOT-FOR-US: Publisure
CVE-2019-14253 (An issue was discovered in servletcontroller in the secure portal in P ...)
	NOT-FOR-US: Publisure
CVE-2019-14252 (An issue was discovered in the secure portal in Publisure 2.1.2. Once  ...)
	NOT-FOR-US: Publisure
CVE-2019-14251 (An issue was discovered in T24 in TEMENOS Channels R15.01. The login p ...)
	NOT-FOR-US: T24 in TEMENOS Channels R15.01
CVE-2019-14250 (An issue was discovered in GNU libiberty, as distributed in GNU Binuti ...)
	- binutils 2.33-1 (unimportant)
	NOTE: https://gcc.gnu.org/bugzilla/show_bug.cgi?id=90924
	NOTE: https://gcc.gnu.org/ml/gcc-patches/2019-07/msg01003.html
	NOTE: binutils not covered by security support
CVE-2019-14249 (dwarf_elf_load_headers.c in libdwarf before 2019-07-05 allows attacker ...)
	- dwarfutils <not-affected> (Vulnerable code introduced in 20190505 version)
	NOTE: https://sourceforge.net/p/libdwarf/code/merge-requests/4/
	NOTE: Fixed by: https://sourceforge.net/p/libdwarf/code/ci/cb7198abde46c2ae29957ad460da6886eaa606ba
	NOTE: Introduced in: https://sourceforge.net/p/libdwarf/code/ci/4709f63c8b7488241b5b522267a796834a66db3a
CVE-2019-14248 (In libnasm.a in Netwide Assembler (NASM) 2.14.xx, asm/pragma.c allows  ...)
	- nasm <unfixed> (unimportant; bug #932907)
	NOTE: https://bugzilla.nasm.us/show_bug.cgi?id=3392576
	NOTE: Crash in CLI tool, no security impact
CVE-2019-14247 (The scan() function in mad.c in mpg321 0.3.2 allows remote attackers t ...)
	- mpg321 0.3.2-2
	[stretch] - mpg321 <no-dsa> (Minor issue)
	[jessie] - mpg321 <no-dsa> (Minor issue)
	NOTE: https://sourceforge.net/p/mpg321/bugs/51/
	NOTE: Fixed by handle_illegal_bitrate_value.patch
CVE-2019-14246 (In CentOS-WebPanel.com (aka CWP) CentOS Web Panel 0.9.8.851, an insecu ...)
	NOT-FOR-US: CentOS-WebPanel.com CentOS Web Panel
CVE-2019-14245 (In CentOS-WebPanel.com (aka CWP) CentOS Web Panel 0.9.8.851, an insecu ...)
	NOT-FOR-US: CentOS-WebPanel.com CentOS Web Panel
CVE-2019-14244
	RESERVED
CVE-2019-14243 (headerv2.go in mastercactapus proxyprotocol before 0.0.2, as used in t ...)
	NOT-FOR-US: mastercactapus proxyprotocol
CVE-2019-14242 (An issue was discovered in Bitdefender products for Windows (Bitdefend ...)
	NOT-FOR-US: Bitdefender products for Windows
CVE-2019-14241 (HAProxy through 2.0.2 allows attackers to cause a denial of service (h ...)
	- haproxy <not-affected> (Vulnerable code not present)
	NOTE: https://github.com/haproxy/haproxy/issues/181
CVE-2019-14240 (WCMS v0.3.2 has a CSRF vulnerability, with resultant directory travers ...)
	NOT-FOR-US: WCMS
CVE-2019-14239 (On NXP Kinetis KV1x, Kinetis KV3x, and Kinetis K8x devices, Flash Acce ...)
	NOT-FOR-US: NXP Kinetis
CVE-2019-14238 (On STMicroelectronics STM32F7 devices, Proprietary Code Read Out Prote ...)
	NOT-FOR-US: STMicroelectronics
CVE-2019-14237 (On NXP Kinetis KV1x, Kinetis KV3x, and Kinetis K8x devices, Flash Acce ...)
	NOT-FOR-US: NXP Kinetis KV1x, Kinetis KV3x, and Kinetis K8x devices
CVE-2019-14236 (On STMicroelectronics STM32L0, STM32L1, STM32L4, STM32F4, STM32F7, and ...)
	NOT-FOR-US: STMicroelectronics STM32L0, STM32L1, STM32L4, STM32F4, STM32F7, and STM32H7 devices
CVE-2019-14235 (An issue was discovered in Django 1.11.x before 1.11.23, 2.1.x before  ...)
	{DSA-4498-1}
	- python-django 2:2.2.4-1 (bug #934026)
	[jessie] - python-django <not-affected> (Vulnerable code not present)
	NOTE: https://www.djangoproject.com/weblog/2019/aug/01/security-releases/
	NOTE: https://github.com/django/django/commit/cf694e6852b0da7799f8b53f1fb2f7d20cf17534 (2.2.x)
	NOTE: https://github.com/django/django/commit/869b34e9b3be3a4cfcb3a145f218ffd3f5e3fd79 (1.11.x)
CVE-2019-14234 (An issue was discovered in Django 1.11.x before 1.11.23, 2.1.x before  ...)
	{DSA-4498-1}
	- python-django 2:2.2.4-1 (bug #934026)
	[jessie] - python-django <not-affected> (Vulnerable code not present)
	NOTE: https://www.djangoproject.com/weblog/2019/aug/01/security-releases/
	NOTE: https://github.com/django/django/commit/4f5b58f5cd3c57fee9972ab074f8dc6895d8f387 (2.2.x)
	NOTE: https://github.com/django/django/commit/ed682a24fca774818542757651bfba576c3fc3ef (1.11.x)
CVE-2019-14233 (An issue was discovered in Django 1.11.x before 1.11.23, 2.1.x before  ...)
	{DSA-4498-1 DLA-1872-1}
	- python-django 2:2.2.4-1 (bug #934026)
	NOTE: https://www.djangoproject.com/weblog/2019/aug/01/security-releases/
	NOTE: https://github.com/django/django/commit/e34f3c0e9ee5fc9022428fe91640638bafd4cda7 (2.2.x)
	NOTE: https://github.com/django/django/commit/52479acce792ad80bb0f915f20b835f919993c72 (1.11.x)
CVE-2019-14232 (An issue was discovered in Django 1.11.x before 1.11.23, 2.1.x before  ...)
	{DSA-4498-1 DLA-1872-1}
	- python-django 2:2.2.4-1 (bug #934026)
	NOTE: https://www.djangoproject.com/weblog/2019/aug/01/security-releases/
	NOTE: https://github.com/django/django/commit/c3289717c6f21a8cf23daff1c78c0c014b94041f (2.2.x)
	NOTE: https://github.com/django/django/commit/42a66e969023c00536256469f0e8b8a099ef109d (1.11.x)
CVE-2019-14231 (An issue was discovered in the Viral Quiz Maker - OnionBuzz plugin bef ...)
	NOT-FOR-US: Viral Quiz Maker
CVE-2019-14230 (An issue was discovered in the Viral Quiz Maker - OnionBuzz plugin bef ...)
	NOT-FOR-US: Viral Quiz Maker
CVE-2019-14229
	RESERVED
CVE-2019-14228 (Xavier PHP Management Panel 3.0 is vulnerable to Reflected POST-based  ...)
	NOT-FOR-US: Xavier PHP Management Panel
CVE-2019-14227 (OX App Suite 7.10.1 and 7.10.2 allows XSS. ...)
	NOT-FOR-US: Open-Xchange App Suite
CVE-2019-14226 (OX App Suite through 7.10.2 has Insecure Permissions. ...)
	NOT-FOR-US: Open-Xchange App Suite
CVE-2019-14225 (OX App Suite 7.10.1 and 7.10.2 allows SSRF. ...)
	NOT-FOR-US: Open-Xchange App Suite
CVE-2019-14224 (An issue was discovered in Alfresco Community Edition 5.2 201707. By l ...)
	NOT-FOR-US: Alfresco
CVE-2019-14223 (An issue was discovered in Alfresco Community Edition versions below 5 ...)
	NOT-FOR-US: Alfresco
CVE-2019-14222 (An issue was discovered in Alfresco Community Edition versions 6.0 and ...)
	NOT-FOR-US: Alfresco
CVE-2019-14221 (1CRM On-Premise Software 8.5.7 allows XSS via a payload that is mishan ...)
	NOT-FOR-US: 1CRM On-Premise Software
CVE-2019-14220 (An issue was discovered in BlueStacks 4.110 and below on macOS and on  ...)
	NOT-FOR-US: BlueStacks
CVE-2019-14219
	RESERVED
CVE-2019-14218
	RESERVED
CVE-2019-14217
	RESERVED
CVE-2019-14216 (An issue was discovered in the svg-vector-icon-plugin (aka WP SVG Icon ...)
	NOT-FOR-US: svg-vector-icon-plugin (aka WP SVG Icons) plugin for WordPress
CVE-2019-14215 (An issue was discovered in Foxit PhantomPDF before 8.3.11. The applica ...)
	NOT-FOR-US: Foxit PhantomPDF
CVE-2019-14214 (An issue was discovered in Foxit PhantomPDF before 8.3.10. The applica ...)
	NOT-FOR-US: Foxit PhantomPDF
CVE-2019-14213 (An issue was discovered in Foxit PhantomPDF before 8.3.11. The applica ...)
	NOT-FOR-US: Foxit PhantomPDF
CVE-2019-14212 (An issue was discovered in Foxit PhantomPDF before 8.3.11. The applica ...)
	NOT-FOR-US: Foxit PhantomPDF
CVE-2019-14211 (An issue was discovered in Foxit PhantomPDF before 8.3.11. The applica ...)
	NOT-FOR-US: Foxit PhantomPDF
CVE-2019-14210 (An issue was discovered in Foxit PhantomPDF before 8.3.10. The applica ...)
	NOT-FOR-US: Foxit PhantomPDF
CVE-2019-14209 (An issue was discovered in Foxit PhantomPDF before 8.3.10. The applica ...)
	NOT-FOR-US: Foxit PhantomPDF
CVE-2019-14208 (An issue was discovered in Foxit PhantomPDF before 8.3.10. The applica ...)
	NOT-FOR-US: Foxit PhantomPDF
CVE-2019-14207 (An issue was discovered in Foxit PhantomPDF before 8.3.11. The applica ...)
	NOT-FOR-US: Foxit PhantomPDF
CVE-2019-14206 (An Arbitrary File Deletion vulnerability in the Nevma Adaptive Images  ...)
	NOT-FOR-US: Nevma Adaptive Images plugin for WordPress
CVE-2019-14205 (A Local File Inclusion vulnerability in the Nevma Adaptive Images plug ...)
	NOT-FOR-US: Nevma Adaptive Images plugin for WordPress
CVE-2019-14204 (An issue was discovered in Das U-Boot through 2019.07. There is a stac ...)
	- u-boot 2020.01+dfsg-1
	[buster] - u-boot <no-dsa> (Minor issue)
	[stretch] - u-boot <no-dsa> (Minor issue)
	[jessie] - u-boot <no-dsa> (Minor issue)
	NOTE: https://blog.semmle.com/uboot-rce-nfs-vulnerability/
	NOTE: https://gitlab.denx.de/u-boot/u-boot/commit/741a8a08ebe5bc3ccfe3cde6c2b44ee53891af21
CVE-2019-14203 (An issue was discovered in Das U-Boot through 2019.07. There is a stac ...)
	- u-boot 2020.01+dfsg-1
	[buster] - u-boot <no-dsa> (Minor issue)
	[stretch] - u-boot <no-dsa> (Minor issue)
	[jessie] - u-boot <no-dsa> (Minor issue)
	NOTE: https://blog.semmle.com/uboot-rce-nfs-vulnerability/
	NOTE: https://gitlab.denx.de/u-boot/u-boot/commit/741a8a08ebe5bc3ccfe3cde6c2b44ee53891af21
CVE-2019-14202 (An issue was discovered in Das U-Boot through 2019.07. There is a stac ...)
	- u-boot 2020.01+dfsg-1
	[buster] - u-boot <no-dsa> (Minor issue)
	[stretch] - u-boot <no-dsa> (Minor issue)
	[jessie] - u-boot <no-dsa> (Minor issue)
	NOTE: https://blog.semmle.com/uboot-rce-nfs-vulnerability/
	NOTE: https://gitlab.denx.de/u-boot/u-boot/commit/741a8a08ebe5bc3ccfe3cde6c2b44ee53891af21
CVE-2019-14201 (An issue was discovered in Das U-Boot through 2019.07. There is a stac ...)
	- u-boot 2020.01+dfsg-1
	[buster] - u-boot <no-dsa> (Minor issue)
	[stretch] - u-boot <no-dsa> (Minor issue)
	[jessie] - u-boot <no-dsa> (Minor issue)
	NOTE: https://blog.semmle.com/uboot-rce-nfs-vulnerability/
	NOTE: https://gitlab.denx.de/u-boot/u-boot/commit/741a8a08ebe5bc3ccfe3cde6c2b44ee53891af21
CVE-2019-14200 (An issue was discovered in Das U-Boot through 2019.07. There is a stac ...)
	- u-boot 2020.01+dfsg-1
	[buster] - u-boot <no-dsa> (Minor issue)
	[stretch] - u-boot <no-dsa> (Minor issue)
	[jessie] - u-boot <no-dsa> (Minor issue)
	NOTE: https://blog.semmle.com/uboot-rce-nfs-vulnerability/
	NOTE: https://gitlab.denx.de/u-boot/u-boot/commit/741a8a08ebe5bc3ccfe3cde6c2b44ee53891af21
CVE-2019-14199 (An issue was discovered in Das U-Boot through 2019.07. There is an unb ...)
	- u-boot 2020.01+dfsg-1
	[buster] - u-boot <no-dsa> (Minor issue)
	[stretch] - u-boot <no-dsa> (Minor issue)
	[jessie] - u-boot <no-dsa> (Minor issue)
	NOTE: https://blog.semmle.com/uboot-rce-nfs-vulnerability/
	NOTE: https://gitlab.denx.de/u-boot/u-boot/commit/fe7288069d2e6659117049f7d27e261b550bb725
CVE-2019-14198 (An issue was discovered in Das U-Boot through 2019.07. There is an unb ...)
	- u-boot 2020.01+dfsg-1
	[buster] - u-boot <no-dsa> (Minor issue)
	[stretch] - u-boot <no-dsa> (Minor issue)
	[jessie] - u-boot <no-dsa> (Minor issue)
	NOTE: https://blog.semmle.com/uboot-rce-nfs-vulnerability/
	NOTE: https://gitlab.denx.de/u-boot/u-boot/commit/aa207cf3a6d68f39d64cd29057a4fb63943e9078
CVE-2019-14197 (An issue was discovered in Das U-Boot through 2019.07. There is a read ...)
	- u-boot 2020.01+dfsg-1
	[buster] - u-boot <no-dsa> (Minor issue)
	[stretch] - u-boot <no-dsa> (Minor issue)
	[jessie] - u-boot <no-dsa> (Minor issue)
	NOTE: https://blog.semmle.com/uboot-rce-nfs-vulnerability/
	NOTE: https://gitlab.denx.de/u-boot/u-boot/commit/741a8a08ebe5bc3ccfe3cde6c2b44ee53891af21
CVE-2019-14196 (An issue was discovered in Das U-Boot through 2019.07. There is an unb ...)
	- u-boot 2020.01+dfsg-1
	[buster] - u-boot <no-dsa> (Minor issue)
	[stretch] - u-boot <no-dsa> (Minor issue)
	[jessie] - u-boot <no-dsa> (Minor issue)
	NOTE: https://blog.semmle.com/uboot-rce-nfs-vulnerability/
	NOTE: https://gitlab.denx.de/u-boot/u-boot/commit/5d14ee4e53a81055d34ba280cb8fd90330f22a96
CVE-2019-14195 (An issue was discovered in Das U-Boot through 2019.07. There is an unb ...)
	- u-boot 2020.01+dfsg-1
	[buster] - u-boot <no-dsa> (Minor issue)
	[stretch] - u-boot <no-dsa> (Minor issue)
	[jessie] - u-boot <no-dsa> (Minor issue)
	NOTE: https://blog.semmle.com/uboot-rce-nfs-vulnerability/
	NOTE: https://gitlab.denx.de/u-boot/u-boot/commit/cf3a4f1e86ecdd24f87b615051b49d8e1968c230
CVE-2019-14194 (An issue was discovered in Das U-Boot through 2019.07. There is an unb ...)
	- u-boot 2020.01+dfsg-1
	[buster] - u-boot <no-dsa> (Minor issue)
	[stretch] - u-boot <no-dsa> (Minor issue)
	[jessie] - u-boot <no-dsa> (Minor issue)
	NOTE: https://blog.semmle.com/uboot-rce-nfs-vulnerability/
	NOTE: https://gitlab.denx.de/u-boot/u-boot/commit/aa207cf3a6d68f39d64cd29057a4fb63943e9078
CVE-2019-14193 (An issue was discovered in Das U-Boot through 2019.07. There is an unb ...)
	- u-boot 2020.01+dfsg-1
	[buster] - u-boot <no-dsa> (Minor issue)
	[stretch] - u-boot <no-dsa> (Minor issue)
	[jessie] - u-boot <no-dsa> (Minor issue)
	NOTE: https://blog.semmle.com/uboot-rce-nfs-vulnerability/
	NOTE: https://gitlab.denx.de/u-boot/u-boot/commit/fe7288069d2e6659117049f7d27e261b550bb725
CVE-2019-14192 (An issue was discovered in Das U-Boot through 2019.07. There is an unb ...)
	- u-boot 2020.01+dfsg-1
	[buster] - u-boot <no-dsa> (Minor issue)
	[stretch] - u-boot <no-dsa> (Minor issue)
	[jessie] - u-boot <no-dsa> (Minor issue)
	NOTE: https://blog.semmle.com/uboot-rce-nfs-vulnerability/
	NOTE: https://gitlab.denx.de/u-boot/u-boot/commit/fe7288069d2e6659117049f7d27e261b550bb725
CVE-2019-14191
	RESERVED
CVE-2019-14190
	RESERVED
CVE-2019-14189
	RESERVED
CVE-2019-14188
	RESERVED
CVE-2019-14187
	RESERVED
CVE-2019-14186
	RESERVED
CVE-2019-14185
	RESERVED
CVE-2019-14184
	RESERVED
CVE-2019-14183
	RESERVED
CVE-2019-14182
	RESERVED
CVE-2019-14181
	RESERVED
CVE-2019-14180
	RESERVED
CVE-2019-14179
	RESERVED
CVE-2019-14178
	RESERVED
CVE-2019-14177
	RESERVED
CVE-2019-14176
	RESERVED
CVE-2019-14175
	RESERVED
CVE-2019-14174
	RESERVED
CVE-2019-14173
	RESERVED
CVE-2019-14172
	RESERVED
CVE-2019-14171
	RESERVED
CVE-2019-14170
	RESERVED
CVE-2019-14169
	RESERVED
CVE-2019-14168
	RESERVED
CVE-2019-14167
	RESERVED
CVE-2019-14166
	RESERVED
CVE-2019-14165
	RESERVED
CVE-2019-14164
	RESERVED
CVE-2019-14163
	RESERVED
CVE-2019-14162
	RESERVED
CVE-2019-14161
	RESERVED
CVE-2019-14160
	RESERVED
CVE-2019-14159
	RESERVED
CVE-2019-14158
	RESERVED
CVE-2019-14157
	RESERVED
CVE-2019-14156
	RESERVED
CVE-2019-14155
	RESERVED
CVE-2019-14154
	RESERVED
CVE-2019-14153
	RESERVED
CVE-2019-14152
	RESERVED
CVE-2019-14151
	RESERVED
CVE-2019-14150
	RESERVED
CVE-2019-14149
	RESERVED
CVE-2019-14148
	RESERVED
CVE-2019-14147
	RESERVED
CVE-2019-14146
	RESERVED
CVE-2019-14145
	RESERVED
CVE-2019-14144
	RESERVED
CVE-2019-14143
	RESERVED
CVE-2019-14142
	RESERVED
CVE-2019-14141
	RESERVED
CVE-2019-14140
	RESERVED
CVE-2019-14139
	RESERVED
CVE-2019-14138
	RESERVED
CVE-2019-14137
	RESERVED
CVE-2019-14136
	RESERVED
CVE-2019-14135
	RESERVED
	NOT-FOR-US: Qualcomm components for Android
CVE-2019-14134
	RESERVED
	NOT-FOR-US: Qualcomm components for Android
CVE-2019-14133
	RESERVED
CVE-2019-14132
	RESERVED
	NOT-FOR-US: Qualcomm components for Android
CVE-2019-14131
	RESERVED
	NOT-FOR-US: Qualcomm components for Android
CVE-2019-14130
	RESERVED
CVE-2019-14129
	RESERVED
CVE-2019-14128
	RESERVED
CVE-2019-14127
	RESERVED
	NOT-FOR-US: Qualcomm components for Android
CVE-2019-14126
	RESERVED
CVE-2019-14125
	RESERVED
CVE-2019-14124
	RESERVED
CVE-2019-14123
	RESERVED
CVE-2019-14122
	RESERVED
	NOT-FOR-US: Qualcomm components for Android
CVE-2019-14121
	RESERVED
CVE-2019-14120
	RESERVED
CVE-2019-14119
	RESERVED
CVE-2019-14118
	RESERVED
CVE-2019-14117
	RESERVED
CVE-2019-14116
	RESERVED
CVE-2019-14115
	RESERVED
CVE-2019-14114
	RESERVED
	NOT-FOR-US: Qualcomm components for Android
CVE-2019-14113
	RESERVED
	NOT-FOR-US: Qualcomm components for Android
CVE-2019-14112
	RESERVED
	NOT-FOR-US: Qualcomm components for Android
CVE-2019-14111
	RESERVED
	NOT-FOR-US: Qualcomm components for Android
CVE-2019-14110
	RESERVED
	NOT-FOR-US: Qualcomm components for Android
CVE-2019-14109
	RESERVED
CVE-2019-14108
	RESERVED
CVE-2019-14107
	RESERVED
CVE-2019-14106
	RESERVED
CVE-2019-14105
	RESERVED
	NOT-FOR-US: Qualcomm components for Android
CVE-2019-14104
	RESERVED
	NOT-FOR-US: Qualcomm components for Android
CVE-2019-14103
	RESERVED
CVE-2019-14102
	RESERVED
CVE-2019-14101
	RESERVED
CVE-2019-14100
	RESERVED
CVE-2019-14099
	RESERVED
CVE-2019-14098 (Possible buffer overflow in data offload handler due to lack of check  ...)
	NOT-FOR-US: Qualcomm components for Android
CVE-2019-14097 (Possible buffer overflow in WLAN Parser due to lack of length check wh ...)
	NOT-FOR-US: Qualcomm components for Android
CVE-2019-14096
	RESERVED
CVE-2019-14095 (Buffer overflow occurs while processing LMP packet in which name lengt ...)
	NOT-FOR-US: Qualcomm components for Android
CVE-2019-14094
	RESERVED
CVE-2019-14093
	RESERVED
CVE-2019-14092
	RESERVED
CVE-2019-14091
	RESERVED
CVE-2019-14090
	RESERVED
CVE-2019-14089
	RESERVED
CVE-2019-14088 (Possible use after free issue while CRM is accessing the link pointer  ...)
	NOT-FOR-US: Snapdragon
CVE-2019-14087
	RESERVED
CVE-2019-14086 (Possible integer overflow while checking the length of frame which is  ...)
	NOT-FOR-US: Qualcomm components for Android
CVE-2019-14085 (Possible Integer underflow in WLAN function due to lack of check of da ...)
	NOT-FOR-US: Qualcomm components for Android
CVE-2019-14084
	RESERVED
CVE-2019-14083 (While parsing Service Descriptor Extended Attribute received as part o ...)
	NOT-FOR-US: Qualcomm components for Android
CVE-2019-14082 (Potential buffer over-read due to lack of bound check of memory offset ...)
	NOT-FOR-US: Qualcomm components for Android
CVE-2019-14081 (Buffer Over-read when WLAN module gets a WMI message for SAR limits wi ...)
	NOT-FOR-US: Qualcomm components for Android
CVE-2019-14080
	RESERVED
CVE-2019-14079 (Access to the uninitialized variable when the driver tries to unmap th ...)
	NOT-FOR-US: Qualcomm components for Android
CVE-2019-14078
	RESERVED
CVE-2019-14077
	RESERVED
CVE-2019-14076
	RESERVED
CVE-2019-14075
	RESERVED
	NOT-FOR-US: Qualcomm components for Android
CVE-2019-14074
	RESERVED
CVE-2019-14073
	RESERVED
CVE-2019-14072 (Unhandled paging request is observed due to dereferencing an already f ...)
	NOT-FOR-US: Qualcomm components for Android
CVE-2019-14071 (Compromised reset handler may bypass access control due to AC config i ...)
	NOT-FOR-US: Qualcomm components for Android
CVE-2019-14070
	RESERVED
	NOT-FOR-US: Qualcomm components for Android
CVE-2019-14069
	RESERVED
CVE-2019-14068 (Out of bound access in msm routing due to lack of check of size before ...)
	NOT-FOR-US: Qualcomm components for Android
CVE-2019-14067
	RESERVED
CVE-2019-14066
	RESERVED
CVE-2019-14065
	RESERVED
CVE-2019-14064
	RESERVED
CVE-2019-14063 (Out of bound access due to Invalid inputs to dapm mux settings which r ...)
	NOT-FOR-US: Snapdragon
CVE-2019-14062
	RESERVED
CVE-2019-14061 (Null-pointer dereference can occur while accessing the segment element ...)
	NOT-FOR-US: Qualcomm components for Android
CVE-2019-14060 (Uninitialized stack data gets used If memory is not allocated for blob ...)
	NOT-FOR-US: Snapdragon
CVE-2019-14059
	RESERVED
CVE-2019-14058
	RESERVED
CVE-2019-14057 (Buffer Over read of codec private data while parsing an mkv file due t ...)
	NOT-FOR-US: Snapdragon
CVE-2019-14056
	RESERVED
CVE-2019-14055 (Possibility of use-after-free and double free because of not marking b ...)
	NOT-FOR-US: Snapdragon
CVE-2019-14054
	RESERVED
CVE-2019-14053
	RESERVED
CVE-2019-14052
	RESERVED
CVE-2019-14051 (Subsequent additions performed during Module loading while allocating  ...)
	NOT-FOR-US: Snapdragon
CVE-2019-14050 (Out-of-bound writes occurs due to lack of check of buffer size will ca ...)
	NOT-FOR-US: Qualcomm components for Android
CVE-2019-14049 (Stage-2 fault will occur while writing to an ION system allocation whi ...)
	NOT-FOR-US: Snapdragon
CVE-2019-14048 (Possible out of bound memory access while playing a crafted clip in me ...)
	NOT-FOR-US: Qualcomm components for Android
CVE-2019-14047
	RESERVED
CVE-2019-14046 (Out of bound access while allocating memory for an array in camera due ...)
	NOT-FOR-US: Snapdragon
CVE-2019-14045 (Possible buffer overflow while processing clientlog and serverlog due  ...)
	NOT-FOR-US: Qualcomm components for Android
CVE-2019-14044 (Out of bound access due to access of uninitialized memory segment in a ...)
	NOT-FOR-US: Snapdragon
CVE-2019-14043
	RESERVED
CVE-2019-14042
	RESERVED
CVE-2019-14041 (During listener modified response processing, a buffer overrun occurs  ...)
	NOT-FOR-US: Snapdragon
CVE-2019-14040 (Using memory after being freed in qsee due to wrong implementation can ...)
	NOT-FOR-US: Snapdragon
CVE-2019-14039
	RESERVED
CVE-2019-14038
	RESERVED
CVE-2019-14037
	RESERVED
CVE-2019-14036 (Possible buffer overflow issue in error processing due to improper val ...)
	NOT-FOR-US: Qualcomm components for Android
CVE-2019-14035
	RESERVED
CVE-2019-14034 (Use after free while processing eeprom query as there is a chance to n ...)
	NOT-FOR-US: Qualcomm components for Android
CVE-2019-14033
	RESERVED
	NOT-FOR-US: Qualcomm components for Android
CVE-2019-14032 (Memory use after free issue in audio due to lack of resource control i ...)
	NOT-FOR-US: Qualcomm components for Android
CVE-2019-14031 (Buffer overflow can occur while parsing RSN IE containing list of PMK  ...)
	NOT-FOR-US: Qualcomm components for Android
CVE-2019-14030 (The size of a buffer is determined by addition and multiplications ope ...)
	NOT-FOR-US: Qualcomm components for Android
CVE-2019-14029 (Use-after-free in graphics module due to destroying already queued syn ...)
	NOT-FOR-US: Qualcomm components for Android
CVE-2019-14028 (Buffer overwrite during memcpy due to lack of check on SSID length val ...)
	NOT-FOR-US: Qualcomm components for Android
CVE-2019-14027 (Buffer overflow due to lack of upper bound check on channel length whi ...)
	NOT-FOR-US: Qualcomm components for Android
CVE-2019-14026 (Possible buffer overflow in WLAN WMI handler due to lack of ssid lengt ...)
	NOT-FOR-US: Qualcomm components for Android
CVE-2019-14025
	RESERVED
CVE-2019-14024 (Possible stack-use-after-scope issue in NFC usecase for card emulation ...)
	NOT-FOR-US: Qualcomm components for Android
CVE-2019-14023 (String format issue will occur while processing HLOS data as there is  ...)
	NOT-FOR-US: Qualcomm components for Android
CVE-2019-14022
	RESERVED
	NOT-FOR-US: Qualcomm components for Android
CVE-2019-14021
	RESERVED
	NOT-FOR-US: Qualcomm components for Android
CVE-2019-14020
	RESERVED
	NOT-FOR-US: Qualcomm components for Android
CVE-2019-14019
	RESERVED
	NOT-FOR-US: Qualcomm components for Android
CVE-2019-14018
	RESERVED
	NOT-FOR-US: Qualcomm components for Android
CVE-2019-14017 (Heap buffer overflow can occur while parsing invalid MKV clip which is ...)
	NOT-FOR-US: Qualcomm components for Android
CVE-2019-14016 (Integer overflow occurs while playing the clip which is nonstandard in ...)
	NOT-FOR-US: Qualcomm components for Android
CVE-2019-14015 (A stack-based buffer overflow exists in the initialization of the iden ...)
	NOT-FOR-US: Qualcomm components for Android
CVE-2019-14014 (Possible buffer overflow when byte array receives incorrect input from ...)
	NOT-FOR-US: Qualcomm components for Android
CVE-2019-14013 (While parsing invalid super index table, elements within super index t ...)
	NOT-FOR-US: Qualcomm components for Android
CVE-2019-14012
	RESERVED
	NOT-FOR-US: Qualcomm components for Android
CVE-2019-14011
	RESERVED
	NOT-FOR-US: Qualcomm components for Android
CVE-2019-14010 (The device may enter into error state when some tool or application ge ...)
	NOT-FOR-US: Qualcomm components for Android
CVE-2019-14009
	RESERVED
	NOT-FOR-US: Qualcomm components for Android
CVE-2019-14008 (Possible null pointer dereference issue in location assistance data pr ...)
	NOT-FOR-US: Qualcomm components for Android
CVE-2019-14007
	RESERVED
	NOT-FOR-US: Qualcomm components for Android
CVE-2019-14006 (Buffer overflow occur while playing the clip which is nonstandard due  ...)
	NOT-FOR-US: Qualcomm components for Android
CVE-2019-14005 (Buffer overflow occur while playing the clip which is nonstandard due  ...)
	NOT-FOR-US: Qualcomm components for Android
CVE-2019-14004 (Buffer overflow occurs while processing invalid MKV clip, which has in ...)
	NOT-FOR-US: Qualcomm components for Android
CVE-2019-14003 (Null pointer exception can happen while parsing invalid MKV clip where ...)
	NOT-FOR-US: Qualcomm components for Android
CVE-2019-14002 (APKs without proper permission may bind to CallEnhancementService and  ...)
	NOT-FOR-US: Qualcomm components for Android
CVE-2019-14001
	RESERVED
	NOT-FOR-US: Qualcomm components for Android
CVE-2019-14000 (Lack of check that the RX FIFO write index that is read from shared RA ...)
	NOT-FOR-US: Qualcomm components for Android
CVE-2019-13999
	RESERVED
CVE-2019-13998
	RESERVED
CVE-2019-13997
	RESERVED
CVE-2019-13996
	RESERVED
CVE-2019-13995
	RESERVED
CVE-2019-13994
	RESERVED
CVE-2019-13993
	RESERVED
CVE-2019-13992
	RESERVED
CVE-2019-13991 (Embedded systems based on Arduino before Rev3 allow remote attackers t ...)
	NOT-FOR-US: Issue on embedded systems based on Arduino before Rev3
CVE-2019-13990 (initDocumentParser in xml/XMLSchedulingDataProcessor.java in Terracott ...)
	- libquartz-java <unfixed> (bug #933169)
	[buster] - libquartz-java <no-dsa> (Minor issue)
	[stretch] - libquartz-java <no-dsa> (Minor issue)
	[jessie] - libquartz-java <no-dsa> (Minor issue)
	- libquartz2-java <unfixed> (bug #933170)
	[buster] - libquartz2-java <no-dsa> (Minor issue)
	[stretch] - libquartz2-java <no-dsa> (Minor issue)
	NOTE: https://github.com/quartz-scheduler/quartz/issues/467
	NOTE: https://github.com/quartz-scheduler/quartz/commit/a1395ba118df306c7fe67c24fb0c9a95a4473140
CVE-2019-13989 (dpic 2019.06.20 has a Stack-based Buffer Overflow in the wfloat() func ...)
	- dpic <not-affected> (Fixed before initial upload to Debian)
	NOTE: https://gitlab.com/aplevich/dpic/issues/4
	NOTE: https://gitlab.com/aplevich/dpic/commit/aa9fc45e207134cbfefa4b9e7a1b49cf11e9397d
CVE-2019-13988
	RESERVED
CVE-2019-13987
	RESERVED
CVE-2019-13986
	RESERVED
CVE-2019-13985
	RESERVED
CVE-2019-13984 (Directus 7 API before 2.3.0 does not validate uploaded files. Regardle ...)
	NOT-FOR-US: Directus
CVE-2019-13983 (Directus 7 API before 2.2.2 has insufficient anti-automation, as demon ...)
	NOT-FOR-US: Directus
CVE-2019-13982 (interfaces/markdown/input.vue in Directus 7 Application before 7.7.0 d ...)
	NOT-FOR-US: Directus
CVE-2019-13981 (In Directus 7 API through 2.3.0, remote attackers can read image files ...)
	NOT-FOR-US: Directus
CVE-2019-13980 (In Directus 7 API through 2.3.0, uploading of PHP files is blocked onl ...)
	NOT-FOR-US: Directus
CVE-2019-13979 (In Directus 7 API before 2.2.1, uploading of PHP files is not blocked, ...)
	NOT-FOR-US: Directus
CVE-2019-13978 (Ovidentia 8.4.3 has SQL Injection via the id parameter in an index.php ...)
	NOT-FOR-US: Ovidentia
CVE-2019-13977 (index.php in Ovidentia 8.4.3 has XSS via tg=groups, tg=maildoms&amp;id ...)
	NOT-FOR-US: Ovidentia
CVE-2019-13976 (eGain Chat 15.0.3 allows unrestricted file upload. ...)
	NOT-FOR-US: eGain Chat
CVE-2019-13975 (eGain Chat 15.0.3 allows HTML Injection. ...)
	NOT-FOR-US: eGain Chat
CVE-2019-13974 (LayerBB 1.1.3 allows conversations.php/cmd/new CSRF. ...)
	NOT-FOR-US: LayerBB
CVE-2019-13973 (LayerBB 1.1.3 allows admin/general.php arbitrary file upload because t ...)
	NOT-FOR-US: LayerBB
CVE-2019-13972 (LayerBB 1.1.3 allows XSS via the application/commands/new.php pm_title ...)
	NOT-FOR-US: LayerBB
CVE-2019-13971 (OTCMS 3.81 allows XSS via the mode parameter in an apiRun.php?mudi=aut ...)
	NOT-FOR-US: OTCMS
CVE-2019-13970 (In antSword before 2.1.0, self-XSS in the database configuration leads ...)
	NOT-FOR-US: antSword
CVE-2019-13969 (Metinfo 6.x allows SQL Injection via the id parameter in an admin/inde ...)
	NOT-FOR-US: Metinfo
CVE-2019-13968
	RESERVED
CVE-2019-13967 (iTop 2.2.0 through 2.6.0 allows remote attackers to cause a denial of  ...)
	NOT-FOR-US: iTop (not the same as src:itop)
CVE-2019-13966 (In iTop through 2.6.0, an XSS payload can be delivered in certain fiel ...)
	NOT-FOR-US: iTop (not the same as src:itop)
CVE-2019-13965 (Because of a lack of sanitization around error messages, multiple Refl ...)
	NOT-FOR-US: iTop (not the same as src:itop)
CVE-2019-13964
	RESERVED
CVE-2019-13963
	RESERVED
CVE-2019-13962 (lavc_CopyPicture in modules/codec/avcodec/video.c in VideoLAN VLC medi ...)
	{DSA-4504-1}
	- vlc 3.0.8-1 (low)
	[jessie] - vlc <end-of-life> (https://lists.debian.org/debian-security-announce/2018/msg00130.html)
	NOTE: http://git.videolan.org/?p=vlc/vlc-3.0.git;a=commit;h=2b4f9d0b0e0861f262c90e9b9b94e7d53b864509
	NOTE: https://trac.videolan.org/vlc/ticket/22240
	NOTE: https://www.videolan.org/security/sb-vlc308.html
CVE-2019-13961 (A CSRF vulnerability was found in flatCore before 1.5, leading to the  ...)
	NOT-FOR-US: flatCore
CVE-2019-13960 (** DISPUTED ** In libjpeg-turbo 2.0.2, a large amount of memory can be ...)
	NOT-FOR-US: Disputed libjpeg issue, issue would be in application using libjpeg
CVE-2019-13959 (In Bento4 1.5.1-627, AP4_DataBuffer::SetDataSize does not handle reall ...)
	NOT-FOR-US: Bento4
CVE-2019-13958
	RESERVED
CVE-2019-13957 (In Umbraco 7.3.8, there is SQL Injection in the backoffice/PageWApprov ...)
	NOT-FOR-US: Umbraco
CVE-2019-13956 (Discuz!ML 3.2 through 3.4 allows remote attackers to execute arbitrary ...)
	NOT-FOR-US: Discuz!ML
CVE-2019-13955 (Mikrotik RouterOS before 6.44.5 (long-term release tree) is vulnerable ...)
	NOT-FOR-US: Mikrotik RouterOS
CVE-2019-13954 (Mikrotik RouterOS before 6.44.5 (long-term release tree) is vulnerable ...)
	NOT-FOR-US: Mikrotik RouterOS
CVE-2019-13953 (An exploitable authentication bypass vulnerability exists in the Bluet ...)
	NOT-FOR-US: YI M1 Mirrorless Camera
CVE-2019-13952 (The set_ipv6() function in zscan_rfc1035.rl in gdnsd before 2.4.3 and  ...)
	- gdnsd <unfixed> (unimportant; bug #932407)
	NOTE: https://github.com/gdnsd/gdnsd/issues/185
	NOTE: No security impact, data is under administrative control
	NOTE: Patches: https://github.com/gdnsd/gdnsd/issues/185#issuecomment-513288786
CVE-2019-13951 (The set_ipv4() function in zscan_rfc1035.rl in gdnsd 3.x before 3.2.1  ...)
	- gdnsd <not-affected> (Vulnerable code not present, introduced in 3.x)
	NOTE: https://github.com/gdnsd/gdnsd/issues/185
	NOTE: No security impact, data is under administrative control
	NOTE: Introduced in https://github.com/gdnsd/gdnsd/commit/15715fc30d5e41e53d4a16d2434fc5c3190e129b
	NOTE: Patches: https://github.com/gdnsd/gdnsd/issues/185#issuecomment-513288786
CVE-2019-13950 (index.php?c=admin&amp;a=index in SyGuestBook A5 Version 1.2 has stored ...)
	NOT-FOR-US: SyGuestBook A5
CVE-2019-13949 (SyGuestBook A5 Version 1.2 has no CSRF protection mechanism, as demons ...)
	NOT-FOR-US: SyGuestBook A5
CVE-2019-13948 (SyGuestBook A5 Version 1.2 allows stored XSS because the isValidData f ...)
	NOT-FOR-US: SyGuestBook A5
CVE-2019-13947 (A vulnerability has been identified in SiNVR 3 Central Control Server  ...)
	NOT-FOR-US: Siemens
CVE-2019-13946 (A vulnerability has been identified in Development/Evaluation Kits for ...)
	NOT-FOR-US: Siemens
CVE-2019-13945 (A vulnerability has been identified in SIMATIC S7-1200 CPU family (inc ...)
	NOT-FOR-US: Siemens
CVE-2019-13944 (A vulnerability has been identified in EN100 Ethernet module DNP3 vari ...)
	NOT-FOR-US: Siemens
CVE-2019-13943 (A vulnerability has been identified in EN100 Ethernet module DNP3 vari ...)
	NOT-FOR-US: Siemens
CVE-2019-13942 (A vulnerability has been identified in EN100 Ethernet module DNP3 vari ...)
	NOT-FOR-US: Siemens
CVE-2019-13941 (A vulnerability has been identified in OZW672 (All versions &lt; V10.0 ...)
	NOT-FOR-US: Siemens
CVE-2019-13940 (A vulnerability has been identified in SIMATIC S7-1200 CPU family (inc ...)
	NOT-FOR-US: Siemens
CVE-2019-13939 (A vulnerability has been identified in Nucleus NET (All versions), Nuc ...)
	NOT-FOR-US: Nucleus
CVE-2019-13938
	RESERVED
CVE-2019-13937
	RESERVED
CVE-2019-13936 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
	NOT-FOR-US: Siemens
CVE-2019-13935 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
	NOT-FOR-US: Siemens
CVE-2019-13934 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
	NOT-FOR-US: Siemens
CVE-2019-13933 (A vulnerability has been identified in SCALANCE X-200RNA switch family ...)
	NOT-FOR-US: Siemens
CVE-2019-13932 (A vulnerability has been identified in XHQ (All versions &lt; V6.0.0.2 ...)
	NOT-FOR-US: Siemens
CVE-2019-13931 (A vulnerability has been identified in XHQ (All versions &lt; V6.0.0.2 ...)
	NOT-FOR-US: Siemens
CVE-2019-13930 (A vulnerability has been identified in XHQ (All versions &lt; V6.0.0.2 ...)
	NOT-FOR-US: Siemens
CVE-2019-13929 (A vulnerability has been identified in SIMATIC IT UADM (All versions & ...)
	NOT-FOR-US: Siemens
CVE-2019-13928
	RESERVED
CVE-2019-13927 (A vulnerability has been identified in Desigo PX automation controller ...)
	NOT-FOR-US: Siemens
CVE-2019-13926 (A vulnerability has been identified in SCALANCE S602 (All versions &gt ...)
	NOT-FOR-US: Siemens
CVE-2019-13925 (A vulnerability has been identified in SCALANCE S602 (All versions &gt ...)
	NOT-FOR-US: Siemens
CVE-2019-13924 (A vulnerability has been identified in SCALANCE X-200 switch family (i ...)
	NOT-FOR-US: Siemens
CVE-2019-13923 (A vulnerability has been identified in IE/WSN-PA Link WirelessHART Gat ...)
	NOT-FOR-US: Siemens
CVE-2019-13922 (A vulnerability has been identified in SINEMA Remote Connect Server (A ...)
	NOT-FOR-US: Siemens
CVE-2019-13921 (A vulnerability has been identified in SIMATIC WinAC RTX (F) 2010 (All ...)
	NOT-FOR-US: Siemens
CVE-2019-13920 (A vulnerability has been identified in SINEMA Remote Connect Server (A ...)
	NOT-FOR-US: Siemens
CVE-2019-13919 (A vulnerability has been identified in SINEMA Remote Connect Server (A ...)
	NOT-FOR-US: Siemens
CVE-2019-13918 (A vulnerability has been identified in SINEMA Remote Connect Server (A ...)
	NOT-FOR-US: Siemens
CVE-2019-13917 (Exim 4.85 through 4.92 (fixed in 4.92.1) allows remote code execution  ...)
	{DSA-4488-1}
	- exim4 4.92-10
	[jessie] - exim4 <not-affected> (Vulnerable code confirmed as introduced in version 4.85)
	NOTE: https://www.openwall.com/lists/oss-security/2019/07/22/3
	NOTE: https://www.exim.org/static/doc/security/CVE-2019-13917.txt
	NOTE: https://git.exim.org/exim.git/commit/21aa05977abff1eaa69bb97ef99080220915f7c0
CVE-2019-13916
	RESERVED
CVE-2019-13915 (b3log Wide before 1.6.0 allows three types of attacks to access arbitr ...)
	NOT-FOR-US: b3log Wide
CVE-2019-13914
	RESERVED
CVE-2019-13913
	RESERVED
CVE-2019-13912
	RESERVED
CVE-2019-13911
	RESERVED
CVE-2019-13910
	RESERVED
CVE-2019-13909
	RESERVED
CVE-2019-13908
	RESERVED
CVE-2019-13907
	RESERVED
CVE-2019-13906
	RESERVED
CVE-2019-13905
	RESERVED
CVE-2019-13904
	RESERVED
CVE-2019-13903
	RESERVED
CVE-2019-13902
	RESERVED
CVE-2019-13901
	RESERVED
CVE-2019-13900
	RESERVED
CVE-2019-13899
	RESERVED
CVE-2019-13898
	RESERVED
CVE-2019-13897
	RESERVED
CVE-2019-13896
	RESERVED
CVE-2019-13895
	RESERVED
CVE-2019-13894
	RESERVED
CVE-2019-13893
	RESERVED
CVE-2019-13892
	RESERVED
CVE-2019-13891
	RESERVED
CVE-2019-13890
	RESERVED
CVE-2019-13889
	RESERVED
CVE-2019-13888
	RESERVED
CVE-2019-13887
	RESERVED
CVE-2019-13886
	RESERVED
CVE-2019-13885
	RESERVED
CVE-2019-13884
	RESERVED
CVE-2019-13883
	RESERVED
CVE-2019-13882
	RESERVED
CVE-2019-13881
	RESERVED
CVE-2019-13880
	RESERVED
CVE-2019-13879
	RESERVED
CVE-2019-13878
	RESERVED
CVE-2019-13877
	RESERVED
CVE-2019-13876
	RESERVED
CVE-2019-13875
	RESERVED
CVE-2019-13874
	RESERVED
CVE-2019-13873
	RESERVED
CVE-2019-13872
	RESERVED
CVE-2019-13871
	RESERVED
CVE-2019-13870
	RESERVED
CVE-2019-13869
	RESERVED
CVE-2019-13868
	RESERVED
CVE-2019-13867
	RESERVED
CVE-2019-13866
	RESERVED
CVE-2019-13865
	RESERVED
CVE-2019-13864
	RESERVED
CVE-2019-13863
	RESERVED
CVE-2019-13862
	RESERVED
CVE-2019-13861
	RESERVED
CVE-2019-13860
	RESERVED
CVE-2019-13859
	RESERVED
CVE-2019-13858
	RESERVED
CVE-2019-13857
	RESERVED
CVE-2019-13856
	RESERVED
CVE-2019-13855
	RESERVED
CVE-2019-13854
	RESERVED
CVE-2019-13853
	RESERVED
CVE-2019-13852
	RESERVED
CVE-2019-13851
	RESERVED
CVE-2019-13850
	RESERVED
CVE-2019-13849
	RESERVED
CVE-2019-13848
	RESERVED
CVE-2019-13847
	RESERVED
CVE-2019-13846
	RESERVED
CVE-2019-13845
	RESERVED
CVE-2019-13844
	RESERVED
CVE-2019-13843
	RESERVED
CVE-2019-13842
	RESERVED
CVE-2019-13841
	RESERVED
CVE-2019-13840
	RESERVED
CVE-2019-13839
	RESERVED
CVE-2019-13838
	RESERVED
CVE-2019-13837
	RESERVED
CVE-2019-13836
	RESERVED
CVE-2019-13835
	RESERVED
CVE-2019-13834
	RESERVED
CVE-2019-13833
	RESERVED
CVE-2019-13832
	RESERVED
CVE-2019-13831
	RESERVED
CVE-2019-13830
	RESERVED
CVE-2019-13829
	RESERVED
CVE-2019-13828
	RESERVED
CVE-2019-13827
	RESERVED
CVE-2019-13826
	RESERVED
CVE-2019-13825
	RESERVED
CVE-2019-13824
	RESERVED
CVE-2019-13823
	RESERVED
CVE-2019-13822
	RESERVED
CVE-2019-13821
	RESERVED
CVE-2019-13820
	RESERVED
CVE-2019-13819
	RESERVED
CVE-2019-13818
	RESERVED
CVE-2019-13817
	RESERVED
CVE-2019-13816
	RESERVED
CVE-2019-13815
	RESERVED
CVE-2019-13814
	RESERVED
CVE-2019-13813
	RESERVED
CVE-2019-13812
	RESERVED
CVE-2019-13811
	RESERVED
CVE-2019-13810
	RESERVED
CVE-2019-13809
	RESERVED
CVE-2019-13808
	RESERVED
CVE-2019-13807
	RESERVED
CVE-2019-13806
	RESERVED
CVE-2019-13805
	RESERVED
CVE-2019-13804
	RESERVED
CVE-2019-13803
	RESERVED
CVE-2019-13802
	RESERVED
CVE-2019-13801
	RESERVED
CVE-2019-13800
	RESERVED
CVE-2019-13799
	RESERVED
CVE-2019-13798
	RESERVED
CVE-2019-13797
	RESERVED
CVE-2019-13796
	RESERVED
CVE-2019-13795
	RESERVED
CVE-2019-13794
	RESERVED
CVE-2019-13793
	RESERVED
CVE-2019-13792
	RESERVED
CVE-2019-13791
	RESERVED
CVE-2019-13790
	RESERVED
CVE-2019-13789
	RESERVED
CVE-2019-13788
	RESERVED
CVE-2019-13787
	RESERVED
CVE-2019-13786
	RESERVED
CVE-2019-13785
	RESERVED
CVE-2019-13784
	RESERVED
CVE-2019-13783
	RESERVED
CVE-2019-13782
	RESERVED
CVE-2019-13781
	RESERVED
CVE-2019-13780
	RESERVED
CVE-2019-13779
	RESERVED
CVE-2019-13778
	RESERVED
CVE-2019-13777
	RESERVED
CVE-2019-13776
	RESERVED
CVE-2019-13775
	RESERVED
CVE-2019-13774
	RESERVED
CVE-2019-13773
	RESERVED
CVE-2019-13772
	RESERVED
CVE-2019-13771
	RESERVED
CVE-2019-13770
	RESERVED
CVE-2019-13769
	RESERVED
CVE-2019-13768
	RESERVED
CVE-2019-13767 (Use after free in media picker in Google Chrome prior to 79.0.3945.88  ...)
	{DSA-4606-1}
	- chromium 79.0.3945.130-1
	[stretch] - chromium <end-of-life> (see DSA 4562)
CVE-2019-13766 (Use-after-free in accessibility in Google Chrome prior to 77.0.3865.75 ...)
	{DSA-4562-1}
	- chromium 78.0.3904.87-1
	[stretch] - chromium <end-of-life> (see DSA 4562)
CVE-2019-13765 (Use-after-free in content delivery manager in Google Chrome prior to 7 ...)
	{DSA-4562-1}
	- chromium 78.0.3904.87-1
	[stretch] - chromium <end-of-life> (see DSA 4562)
CVE-2019-13764 (Type confusion in JavaScript in Google Chrome prior to 79.0.3945.79 al ...)
	{DSA-4606-1}
	- chromium 79.0.3945.79-1
	[stretch] - chromium <end-of-life> (see DSA 4562)
CVE-2019-13763 (Insufficient policy enforcement in payments in Google Chrome prior to  ...)
	{DSA-4606-1}
	- chromium 79.0.3945.79-1
	[stretch] - chromium <end-of-life> (see DSA 4562)
CVE-2019-13762 (Insufficient policy enforcement in downloads in Google Chrome on Windo ...)
	{DSA-4606-1}
	- chromium 79.0.3945.79-1
	[stretch] - chromium <end-of-life> (see DSA 4562)
CVE-2019-13761 (Incorrect security UI in Omnibox in Google Chrome prior to 79.0.3945.7 ...)
	{DSA-4606-1}
	- chromium 79.0.3945.79-1
	[stretch] - chromium <end-of-life> (see DSA 4562)
CVE-2019-13760
	RESERVED
CVE-2019-13759 (Incorrect security UI in interstitials in Google Chrome prior to 79.0. ...)
	{DSA-4606-1}
	- chromium 79.0.3945.79-1
	[stretch] - chromium <end-of-life> (see DSA 4562)
CVE-2019-13758 (Insufficient policy enforcement in navigation in Google Chrome on Andr ...)
	{DSA-4606-1}
	- chromium 79.0.3945.79-1
	[stretch] - chromium <end-of-life> (see DSA 4562)
CVE-2019-13757 (Incorrect security UI in Omnibox in Google Chrome prior to 79.0.3945.7 ...)
	{DSA-4606-1}
	- chromium 79.0.3945.79-1
	[stretch] - chromium <end-of-life> (see DSA 4562)
CVE-2019-13756 (Incorrect security UI in printing in Google Chrome prior to 79.0.3945. ...)
	{DSA-4606-1}
	- chromium 79.0.3945.79-1
	[stretch] - chromium <end-of-life> (see DSA 4562)
CVE-2019-13755 (Insufficient policy enforcement in extensions in Google Chrome prior t ...)
	{DSA-4606-1}
	- chromium 79.0.3945.79-1
	[stretch] - chromium <end-of-life> (see DSA 4562)
CVE-2019-13754 (Insufficient policy enforcement in extensions in Google Chrome prior t ...)
	{DSA-4606-1}
	- chromium 79.0.3945.79-1
	[stretch] - chromium <end-of-life> (see DSA 4562)
CVE-2019-13753 (Out of bounds read in SQLite in Google Chrome prior to 79.0.3945.79 al ...)
	{DSA-4606-1}
	- chromium 79.0.3945.79-1
	[stretch] - chromium <end-of-life> (see DSA 4562)
CVE-2019-13752 (Out of bounds read in SQLite in Google Chrome prior to 79.0.3945.79 al ...)
	{DSA-4606-1}
	- chromium 79.0.3945.79-1
	[stretch] - chromium <end-of-life> (see DSA 4562)
CVE-2019-13751 (Uninitialized data in SQLite in Google Chrome prior to 79.0.3945.79 al ...)
	{DSA-4606-1}
	- chromium 79.0.3945.79-1
	[stretch] - chromium <end-of-life> (see DSA 4562)
CVE-2019-13750 (Insufficient data validation in SQLite in Google Chrome prior to 79.0. ...)
	{DSA-4606-1}
	- chromium 79.0.3945.79-1
	[stretch] - chromium <end-of-life> (see DSA 4562)
CVE-2019-13749 (Incorrect security UI in Omnibox in Google Chrome on iOS prior to 79.0 ...)
	{DSA-4606-1}
	- chromium 79.0.3945.79-1
	[stretch] - chromium <end-of-life> (see DSA 4562)
CVE-2019-13748 (Insufficient policy enforcement in developer tools in Google Chrome pr ...)
	{DSA-4606-1}
	- chromium 79.0.3945.79-1
	[stretch] - chromium <end-of-life> (see DSA 4562)
CVE-2019-13747 (Uninitialized data in rendering in Google Chrome on Android prior to 7 ...)
	{DSA-4606-1}
	- chromium 79.0.3945.79-1
	[stretch] - chromium <end-of-life> (see DSA 4562)
CVE-2019-13746 (Insufficient policy enforcement in Omnibox in Google Chrome prior to 7 ...)
	{DSA-4606-1}
	- chromium 79.0.3945.79-1
	[stretch] - chromium <end-of-life> (see DSA 4562)
CVE-2019-13745 (Insufficient policy enforcement in audio in Google Chrome prior to 79. ...)
	{DSA-4606-1}
	- chromium 79.0.3945.79-1
	[stretch] - chromium <end-of-life> (see DSA 4562)
CVE-2019-13744 (Insufficient policy enforcement in cookies in Google Chrome prior to 7 ...)
	{DSA-4606-1}
	- chromium 79.0.3945.79-1
	[stretch] - chromium <end-of-life> (see DSA 4562)
CVE-2019-13743 (Incorrect security UI in external protocol handling in Google Chrome p ...)
	{DSA-4606-1}
	- chromium 79.0.3945.79-1
	[stretch] - chromium <end-of-life> (see DSA 4562)
CVE-2019-13742 (Incorrect security UI in Omnibox in Google Chrome on iOS prior to 79.0 ...)
	{DSA-4606-1}
	- chromium 79.0.3945.79-1
	[stretch] - chromium <end-of-life> (see DSA 4562)
CVE-2019-13741 (Insufficient validation of untrusted input in Blink in Google Chrome p ...)
	{DSA-4606-1}
	- chromium 79.0.3945.79-1
	[stretch] - chromium <end-of-life> (see DSA 4562)
CVE-2019-13740 (Incorrect security UI in sharing in Google Chrome prior to 79.0.3945.7 ...)
	{DSA-4606-1}
	- chromium 79.0.3945.79-1
	[stretch] - chromium <end-of-life> (see DSA 4562)
CVE-2019-13739 (Insufficient policy enforcement in Omnibox in Google Chrome prior to 7 ...)
	{DSA-4606-1}
	- chromium 79.0.3945.79-1
	[stretch] - chromium <end-of-life> (see DSA 4562)
CVE-2019-13738 (Insufficient policy enforcement in navigation in Google Chrome prior t ...)
	{DSA-4606-1}
	- chromium 79.0.3945.79-1
	[stretch] - chromium <end-of-life> (see DSA 4562)
CVE-2019-13737 (Insufficient policy enforcement in autocomplete in Google Chrome prior ...)
	{DSA-4606-1}
	- chromium 79.0.3945.79-1
	[stretch] - chromium <end-of-life> (see DSA 4562)
CVE-2019-13736 (Integer overflow in PDFium in Google Chrome prior to 79.0.3945.79 allo ...)
	{DSA-4606-1}
	- chromium 79.0.3945.79-1
	[stretch] - chromium <end-of-life> (see DSA 4562)
CVE-2019-13735 (Out of bounds write in JavaScript in Google Chrome prior to 79.0.3945. ...)
	{DSA-4606-1}
	- chromium 79.0.3945.79-1
	[stretch] - chromium <end-of-life> (see DSA 4562)
CVE-2019-13734 (Out of bounds write in SQLite in Google Chrome prior to 79.0.3945.79 a ...)
	{DSA-4606-1}
	- chromium 79.0.3945.79-1
	[stretch] - chromium <end-of-life> (see DSA 4562)
CVE-2019-13733
	RESERVED
CVE-2019-13732 (Use-after-free in WebAudio in Google Chrome prior to 79.0.3945.79 allo ...)
	{DSA-4606-1}
	- chromium 79.0.3945.79-1
CVE-2019-13731
	RESERVED
CVE-2019-13730 (Type confusion in JavaScript in Google Chrome prior to 79.0.3945.79 al ...)
	{DSA-4606-1}
	- chromium 79.0.3945.79-1
	[stretch] - chromium <end-of-life> (see DSA 4562)
CVE-2019-13729 (Use-after-free in WebSockets in Google Chrome prior to 79.0.3945.79 al ...)
	{DSA-4606-1}
	- chromium 79.0.3945.79-1
	[stretch] - chromium <end-of-life> (see DSA 4562)
CVE-2019-13728 (Out of bounds write in JavaScript in Google Chrome prior to 79.0.3945. ...)
	{DSA-4606-1}
	- chromium 79.0.3945.79-1
	[stretch] - chromium <end-of-life> (see DSA 4562)
CVE-2019-13727 (Insufficient policy enforcement in WebSockets in Google Chrome prior t ...)
	{DSA-4606-1}
	- chromium 79.0.3945.79-1
	[stretch] - chromium <end-of-life> (see DSA 4562)
CVE-2019-13726 (Buffer overflow in password manager in Google Chrome prior to 79.0.394 ...)
	{DSA-4606-1}
	- chromium 79.0.3945.79-1
	[stretch] - chromium <end-of-life> (see DSA 4562)
CVE-2019-13725 (Use-after-free in Bluetooth in Google Chrome prior to 79.0.3945.79 all ...)
	{DSA-4606-1}
	- chromium 79.0.3945.79-1
	[stretch] - chromium <end-of-life> (see DSA 4562)
CVE-2019-13724 (Out of bounds memory access in WebBluetooth in Google Chrome prior to  ...)
	{DSA-4575-1}
	- chromium 78.0.3904.108-1
	[stretch] - chromium <end-of-life> (see DSA 4562)
CVE-2019-13723 (Use after free in WebBluetooth in Google Chrome prior to 78.0.3904.108 ...)
	{DSA-4575-1}
	- chromium 78.0.3904.108-1
	[stretch] - chromium <end-of-life> (see DSA 4562)
CVE-2019-13722 (Inappropriate implementation in WebRTC in Google Chrome prior to 79.0. ...)
	- firefox <not-affected> (Windows-specific)
	- firefox-esr <not-affected> (Windows-specific)
	- thunderbird <not-affected> (Windows-specific)
	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2019-36/#CVE-2019-13722
	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2019-37/#CVE-2019-13722
	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2019-38/#CVE-2019-13722
CVE-2019-13721 (Use after free in PDFium in Google Chrome prior to 78.0.3904.87 allowe ...)
	{DSA-4562-1}
	- chromium 78.0.3904.87-1
	[stretch] - chromium <end-of-life> (see DSA 4562)
CVE-2019-13720 (Use after free in WebAudio in Google Chrome prior to 78.0.3904.87 allo ...)
	{DSA-4562-1}
	- chromium 78.0.3904.87-1
	[stretch] - chromium <end-of-life> (see DSA 4562)
CVE-2019-13719 (Incorrect security UI in full screen mode in Google Chrome prior to 78 ...)
	{DSA-4562-1}
	- chromium 78.0.3904.87-1
	[stretch] - chromium <end-of-life> (see DSA 4562)
CVE-2019-13718 (Insufficient data validation in Omnibox in Google Chrome prior to 78.0 ...)
	{DSA-4562-1}
	- chromium 78.0.3904.87-1
	[stretch] - chromium <end-of-life> (see DSA 4562)
CVE-2019-13717 (Incorrect security UI in full screen mode in Google Chrome prior to 78 ...)
	{DSA-4562-1}
	- chromium 78.0.3904.87-1
	[stretch] - chromium <end-of-life> (see DSA 4562)
CVE-2019-13716 (Insufficient policy enforcement in service workers in Google Chrome pr ...)
	{DSA-4562-1}
	- chromium 78.0.3904.87-1
	[stretch] - chromium <end-of-life> (see DSA 4562)
CVE-2019-13715 (Insufficient validation of untrusted input in Omnibox in Google Chrome ...)
	{DSA-4562-1}
	- chromium 78.0.3904.87-1
	[stretch] - chromium <end-of-life> (see DSA 4562)
CVE-2019-13714 (Insufficient validation of untrusted input in Color Enhancer extension ...)
	{DSA-4562-1}
	- chromium 78.0.3904.87-1
	[stretch] - chromium <end-of-life> (see DSA 4562)
CVE-2019-13713 (Insufficient policy enforcement in JavaScript in Google Chrome prior t ...)
	{DSA-4562-1}
	- chromium 78.0.3904.87-1
	[stretch] - chromium <end-of-life> (see DSA 4562)
CVE-2019-13712
	RESERVED
CVE-2019-13711 (Insufficient policy enforcement in JavaScript in Google Chrome prior t ...)
	{DSA-4562-1}
	- chromium 78.0.3904.87-1
	[stretch] - chromium <end-of-life> (see DSA 4562)
CVE-2019-13710 (Insufficient validation of untrusted input in downloads in Google Chro ...)
	{DSA-4562-1}
	- chromium 78.0.3904.87-1
	[stretch] - chromium <end-of-life> (see DSA 4562)
CVE-2019-13709 (Insufficient policy enforcement in downloads in Google Chrome prior to ...)
	{DSA-4562-1}
	- chromium 78.0.3904.87-1
	[stretch] - chromium <end-of-life> (see DSA 4562)
CVE-2019-13708 (Inappropriate implementation in navigation in Google Chrome on iOS pri ...)
	{DSA-4562-1}
	- chromium 78.0.3904.87-1
	[stretch] - chromium <end-of-life> (see DSA 4562)
CVE-2019-13707 (Insufficient validation of untrusted input in intents in Google Chrome ...)
	{DSA-4562-1}
	- chromium 78.0.3904.87-1
	[stretch] - chromium <end-of-life> (see DSA 4562)
CVE-2019-13706 (Out of bounds memory access in PDFium in Google Chrome prior to 78.0.3 ...)
	{DSA-4562-1}
	- chromium 78.0.3904.87-1
	[stretch] - chromium <end-of-life> (see DSA 4562)
CVE-2019-13705 (Insufficient policy enforcement in extensions in Google Chrome prior t ...)
	{DSA-4562-1}
	- chromium 78.0.3904.87-1
	[stretch] - chromium <end-of-life> (see DSA 4562)
CVE-2019-13704 (Insufficient policy enforcement in navigation in Google Chrome prior t ...)
	{DSA-4562-1}
	- chromium 78.0.3904.87-1
	[stretch] - chromium <end-of-life> (see DSA 4562)
CVE-2019-13703 (Insufficient policy enforcement in the Omnibox in Google Chrome on And ...)
	{DSA-4562-1}
	- chromium 78.0.3904.87-1
	[stretch] - chromium <end-of-life> (see DSA 4562)
CVE-2019-13702 (Inappropriate implementation in installer in Google Chrome on Windows  ...)
	{DSA-4562-1}
	- chromium 78.0.3904.87-1
	[stretch] - chromium <end-of-life> (see DSA 4562)
CVE-2019-13701 (Incorrect implementation in navigation in Google Chrome prior to 78.0. ...)
	{DSA-4562-1}
	- chromium 78.0.3904.87-1
	[stretch] - chromium <end-of-life> (see DSA 4562)
CVE-2019-13700 (Out of bounds memory access in the gamepad API in Google Chrome prior  ...)
	{DSA-4562-1}
	- chromium 78.0.3904.87-1
	[stretch] - chromium <end-of-life> (see DSA 4562)
CVE-2019-13699 (Use after free in media in Google Chrome prior to 78.0.3904.70 allowed ...)
	{DSA-4562-1}
	- chromium 78.0.3904.87-1
	[stretch] - chromium <end-of-life> (see DSA 4562)
CVE-2019-13698 (Out of bounds memory access in JavaScript in Google Chrome prior to 73 ...)
	{DSA-4500-1}
	- chromium 74.0.3729.108-1
	[stretch] - chromium <end-of-life> (see DSA 4562)
CVE-2019-13697 (Insufficient policy enforcement in performance APIs in Google Chrome p ...)
	{DSA-4562-1}
	- chromium 78.0.3904.87-1
	[stretch] - chromium <end-of-life> (see DSA 4562)
CVE-2019-13696 (Use after free in JavaScript in Google Chrome prior to 77.0.3865.120 a ...)
	{DSA-4562-1}
	- chromium 78.0.3904.87-1
	[stretch] - chromium <end-of-life> (see DSA 4562)
CVE-2019-13695 (Use after free in audio in Google Chrome on Android prior to 77.0.3865 ...)
	{DSA-4562-1}
	- chromium 78.0.3904.87-1
	[stretch] - chromium <end-of-life> (see DSA 4562)
CVE-2019-13694 (Use after free in WebRTC in Google Chrome prior to 77.0.3865.120 allow ...)
	{DSA-4562-1}
	- chromium 78.0.3904.87-1
	[stretch] - chromium <end-of-life> (see DSA 4562)
CVE-2019-13693 (Use after free in IndexedDB in Google Chrome prior to 77.0.3865.120 al ...)
	{DSA-4562-1}
	- chromium 78.0.3904.87-1
	[stretch] - chromium <end-of-life> (see DSA 4562)
CVE-2019-13692 (Insufficient policy enforcement in reader mode in Google Chrome prior  ...)
	{DSA-4562-1}
	- chromium 78.0.3904.87-1
	[stretch] - chromium <end-of-life> (see DSA 4562)
CVE-2019-13691 (Insufficient validation of untrusted input in navigation in Google Chr ...)
	{DSA-4562-1}
	- chromium 78.0.3904.87-1
	[stretch] - chromium <end-of-life> (see DSA 4562)
CVE-2019-13690
	RESERVED
CVE-2019-13689
	RESERVED
CVE-2019-13688 (Use after free in Blink in Google Chrome prior to 77.0.3865.90 allowed ...)
	{DSA-4562-1}
	- chromium 78.0.3904.87-1
	[stretch] - chromium <end-of-life> (see DSA 4562)
CVE-2019-13687 (Use after free in Blink in Google Chrome prior to 77.0.3865.90 allowed ...)
	{DSA-4562-1}
	- chromium 78.0.3904.87-1
	[stretch] - chromium <end-of-life> (see DSA 4562)
CVE-2019-13686 (Use after free in offline mode in Google Chrome prior to 77.0.3865.90  ...)
	{DSA-4562-1}
	- chromium 78.0.3904.87-1
	[stretch] - chromium <end-of-life> (see DSA 4562)
CVE-2019-13685 (Use after free in sharing view in Google Chrome prior to 77.0.3865.90  ...)
	{DSA-4562-1}
	- chromium 78.0.3904.87-1
	[stretch] - chromium <end-of-life> (see DSA 4562)
CVE-2019-13684 (Inappropriate implementation in JavaScript in Google Chrome prior to 7 ...)
	{DSA-4395-1}
	- chromium 72.0.3626.81-1
	[stretch] - chromium <end-of-life> (see DSA 4562)
CVE-2019-13683 (Insufficient policy enforcement in developer tools in Google Chrome pr ...)
	{DSA-4562-1}
	- chromium 78.0.3904.87-1
	[stretch] - chromium <end-of-life> (see DSA 4562)
CVE-2019-13682 (Insufficient policy enforcement in external protocol handling in Googl ...)
	{DSA-4562-1}
	- chromium 78.0.3904.87-1
	[stretch] - chromium <end-of-life> (see DSA 4562)
CVE-2019-13681 (Insufficient data validation in downloads in Google Chrome prior to 77 ...)
	{DSA-4562-1}
	- chromium 78.0.3904.87-1
	[stretch] - chromium <end-of-life> (see DSA 4562)
CVE-2019-13680 (Inappropriate implementation in TLS in Google Chrome prior to 77.0.386 ...)
	{DSA-4562-1}
	- chromium 78.0.3904.87-1
CVE-2019-13679 (Insufficient policy enforcement in PDFium in Google Chrome prior to 77 ...)
	{DSA-4562-1}
	- chromium 78.0.3904.87-1
	[stretch] - chromium <end-of-life> (see DSA 4562)
CVE-2019-13678 (Incorrect data validation in downloads in Google Chrome prior to 77.0. ...)
	{DSA-4562-1}
	- chromium 78.0.3904.87-1
	[stretch] - chromium <end-of-life> (see DSA 4562)
CVE-2019-13677 (Insufficient policy enforcement in site isolation in Google Chrome pri ...)
	{DSA-4562-1}
	- chromium 78.0.3904.87-1
	[stretch] - chromium <end-of-life> (see DSA 4562)
CVE-2019-13676 (Insufficient policy enforcement in Chromium in Google Chrome prior to  ...)
	{DSA-4562-1}
	- chromium 78.0.3904.87-1
	[stretch] - chromium <end-of-life> (see DSA 4562)
CVE-2019-13675 (Insufficient data validation in extensions in Google Chrome prior to 7 ...)
	{DSA-4562-1}
	- chromium 78.0.3904.87-1
	[stretch] - chromium <end-of-life> (see DSA 4562)
CVE-2019-13674 (IDN spoofing in Omnibox in Google Chrome prior to 77.0.3865.75 allowed ...)
	{DSA-4562-1}
	- chromium 78.0.3904.87-1
	[stretch] - chromium <end-of-life> (see DSA 4562)
CVE-2019-13673 (Insufficient data validation in developer tools in Google Chrome prior ...)
	{DSA-4562-1}
	- chromium 78.0.3904.87-1
	[stretch] - chromium <end-of-life> (see DSA 4562)
CVE-2019-13672 (Incorrect security UI in Omnibox in Google Chrome prior to 77.0.3865.7 ...)
	{DSA-4562-1}
	- chromium 78.0.3904.87-1
	[stretch] - chromium <end-of-life> (see DSA 4562)
CVE-2019-13671 (UI spoofing in Blink in Google Chrome prior to 77.0.3865.75 allowed a  ...)
	{DSA-4562-1}
	- chromium 78.0.3904.87-1
	[stretch] - chromium <end-of-life> (see DSA 4562)
CVE-2019-13670 (Insufficient data validation in JavaScript in Google Chrome prior to 7 ...)
	{DSA-4562-1}
	- chromium 78.0.3904.87-1
	[stretch] - chromium <end-of-life> (see DSA 4562)
CVE-2019-13669 (Incorrect data validation in navigation in Google Chrome prior to 77.0 ...)
	{DSA-4562-1}
	- chromium 78.0.3904.87-1
	[stretch] - chromium <end-of-life> (see DSA 4562)
CVE-2019-13668 (Insufficient policy enforcement in developer tools in Google Chrome pr ...)
	{DSA-4562-1}
	- chromium 78.0.3904.87-1
	[stretch] - chromium <end-of-life> (see DSA 4562)
CVE-2019-13667 (Inappropriate implementation in Omnibox in Google Chrome on iOS prior  ...)
	{DSA-4562-1}
	- chromium 78.0.3904.87-1
	[stretch] - chromium <end-of-life> (see DSA 4562)
CVE-2019-13666 (Information leak in storage in Google Chrome prior to 77.0.3865.75 all ...)
	{DSA-4562-1}
	- chromium 78.0.3904.87-1
	[stretch] - chromium <end-of-life> (see DSA 4562)
CVE-2019-13665 (Insufficient filtering in Blink in Google Chrome prior to 77.0.3865.75 ...)
	{DSA-4562-1}
	- chromium 78.0.3904.87-1
	[stretch] - chromium <end-of-life> (see DSA 4562)
CVE-2019-13664 (Insufficient policy enforcement in Blink in Google Chrome prior to 77. ...)
	{DSA-4562-1}
	- chromium 78.0.3904.87-1
	[stretch] - chromium <end-of-life> (see DSA 4562)
CVE-2019-13663 (IDN spoofing in Omnibox in Google Chrome prior to 77.0.3865.75 allowed ...)
	{DSA-4562-1}
	- chromium 78.0.3904.87-1
	[stretch] - chromium <end-of-life> (see DSA 4562)
CVE-2019-13662 (Insufficient policy enforcement in navigations in Google Chrome prior  ...)
	{DSA-4562-1}
	- chromium 78.0.3904.87-1
	[stretch] - chromium <end-of-life> (see DSA 4562)
CVE-2019-13661 (UI spoofing in Chromium in Google Chrome prior to 77.0.3865.75 allowed ...)
	{DSA-4562-1}
	- chromium 78.0.3904.87-1
	[stretch] - chromium <end-of-life> (see DSA 4562)
CVE-2019-13660 (UI spoofing in Chromium in Google Chrome prior to 77.0.3865.75 allowed ...)
	{DSA-4562-1}
	- chromium 78.0.3904.87-1
	[stretch] - chromium <end-of-life> (see DSA 4562)
CVE-2019-13659 (IDN spoofing in Omnibox in Google Chrome prior to 77.0.3865.75 allowed ...)
	{DSA-4562-1}
	- chromium 78.0.3904.87-1
	[stretch] - chromium <end-of-life> (see DSA 4562)
CVE-2019-13658 (CA Network Flow Analysis 9.x and 10.0.x have a default credential vuln ...)
	NOT-FOR-US: CA Network Flow Analysis
CVE-2019-13657 (CA Performance Management 3.5.x, 3.6.x before 3.6.9, and 3.7.x before  ...)
	NOT-FOR-US: CA Performance Management
CVE-2019-13656 (An access vulnerability in CA Common Services DIA of CA Technologies C ...)
	NOT-FOR-US: CA Technologies Client Automation
CVE-2019-13655 (Imgix through 2019-06-19 allows remote attackers to cause a denial of  ...)
	NOT-FOR-US: Imgix
CVE-2019-13654
	RESERVED
CVE-2019-13653 (TP-Link M7350 devices through 1.0.16 Build 181220 Rel.1116n allow trig ...)
	NOT-FOR-US: TP-Link
CVE-2019-13652 (TP-Link M7350 devices through 1.0.16 Build 181220 Rel.1116n allow serv ...)
	NOT-FOR-US: TP-Link
CVE-2019-13651 (TP-Link M7350 devices through 1.0.16 Build 181220 Rel.1116n allow port ...)
	NOT-FOR-US: TP-Link
CVE-2019-13650 (TP-Link M7350 devices through 1.0.16 Build 181220 Rel.1116n allow inte ...)
	NOT-FOR-US: TP-Link
CVE-2019-13649 (TP-Link M7350 devices through 1.0.16 Build 181220 Rel.1116n allow exte ...)
	NOT-FOR-US: TP-Link
CVE-2019-13648 (In the Linux kernel through 5.2.1 on the powerpc platform, when hardwa ...)
	{DSA-4497-1 DSA-4495-1 DLA-1885-1}
	- linux 5.2.6-1
	NOTE: https://patchwork.ozlabs.org/patch/1133904/
CVE-2019-13647 (Firefly III before 4.7.17.3 is vulnerable to stored XSS due to lack of ...)
	NOT-FOR-US: Firefly
CVE-2019-13646 (Firefly III before 4.7.17.3 is vulnerable to reflected XSS due to lack ...)
	NOT-FOR-US: Firefly
CVE-2019-13645 (Firefly III before 4.7.17.3 is vulnerable to stored XSS due to lack of ...)
	NOT-FOR-US: Firefly
CVE-2019-13644 (Firefly III before 4.7.17.1 is vulnerable to stored XSS due to lack of ...)
	NOT-FOR-US: Firefly
CVE-2019-13643 (Stored XSS in EspoCRM before 5.6.4 allows remote attackers to execute  ...)
	NOT-FOR-US: EspoCRM
CVE-2019-13642
	RESERVED
CVE-2019-13641
	RESERVED
CVE-2019-13640 (In qBittorrent before 4.1.7, the function Application::runExternalProg ...)
	{DSA-4650-1}
	- qbittorrent 4.1.7-1 (bug #932539)
	[jessie] - qbittorrent <not-affected> (Vulnerable code not present in 3.1.x series)
	NOTE: https://github.com/qbittorrent/qBittorrent/issues/10925
CVE-2019-13639
	RESERVED
CVE-2019-13638 (GNU patch through 2.7.6 is vulnerable to OS shell command injection th ...)
	{DSA-4489-1 DLA-1864-1}
	- patch 2.7.6-5
	NOTE: https://git.savannah.gnu.org/cgit/patch.git/commit/?id=3fcd042d26d70856e826a42b5f93dc4854d80bf0
CVE-2019-13637 (In LogMeIn join.me before 3.16.0.5505, an attacker could execute arbit ...)
	NOT-FOR-US: LogMeIn join.me
CVE-2019-13636 (In GNU patch through 2.7.6, the following of symlinks is mishandled in ...)
	{DSA-4489-1 DLA-1856-1}
	- patch 2.7.6-5 (bug #932401)
	NOTE: https://git.savannah.gnu.org/cgit/patch.git/commit/?id=dce4683cbbe107a95f1f0d45fabc304acfb5d71a
CVE-2019-13635 (The WP Fastest Cache plugin through 0.8.9.5 for WordPress allows wpFas ...)
	NOT-FOR-US: WP Fastest Cache plugin for WordPress
CVE-2019-13634
	RESERVED
CVE-2019-13633
	RESERVED
CVE-2019-13632
	RESERVED
CVE-2019-13631 (In parse_hid_report_descriptor in drivers/input/tablet/gtco.c in the L ...)
	{DSA-4497-1 DSA-4495-1 DLA-1885-1 DLA-1884-1}
	- linux 5.2.6-1
	NOTE: https://patchwork.kernel.org/patch/11040813/
CVE-2019-13630
	RESERVED
CVE-2019-13629 (MatrixSSL 4.2.1 and earlier contains a timing side channel in ECDSA si ...)
	- matrixssl <removed>
CVE-2019-13628 (wolfSSL and wolfCrypt 4.0.0 and earlier (when configured without --ena ...)
	- wolfssl 4.1.0+dfsg-1
	NOTE: https://github.com/wolfSSL/wolfssl/pull/2353
CVE-2019-13627 (It was discovered that there was a ECDSA timing attack in the libgcryp ...)
	{DLA-1931-2 DLA-1931-1}
	- libgcrypt20 1.8.5-1 (bug #938938)
	[buster] - libgcrypt20 <no-dsa> (Minor issue)
	[stretch] - libgcrypt20 <no-dsa> (Minor issue)
	- libgcrypt11 <removed>
	NOTE: https://git.gnupg.org/cgi-bin/gitweb.cgi?p=libgcrypt.git;a=commit;h=b9577f7c89b4327edc09f2231bc8b31521102c79 (master)
	NOTE: https://git.gnupg.org/cgi-bin/gitweb.cgi?p=libgcrypt.git;a=commit;h=7c2943309d14407b51c8166c4dcecb56a3628567 (master)
	NOTE: https://git.gnupg.org/cgi-bin/gitweb.cgi?p=libgcrypt.git;a=commit;h=d5407b78cca9f9d318a4f4d2f6ba2b8388584cd9 (1.8.5)
	NOTE: https://git.gnupg.org/cgi-bin/gitweb.cgi?p=libgcrypt.git;a=commit;h=db4e9976cc31b314aafad6626b2894e86ee44d60 (1.8.5)
CVE-2019-13626 (SDL (Simple DirectMedia Layer) 2.x through 2.0.9 has a heap-based buff ...)
	- libsdl2 2.0.10+dfsg1-1
	[buster] - libsdl2 <no-dsa> (Minor issue)
	[stretch] - libsdl2 <no-dsa> (Minor issue)
	[jessie] - libsdl2 <no-dsa> (Minor issue)
	- libsdl1.2 <not-affected> (Vulnerable code added later)
	NOTE: https://bugzilla.libsdl.org/show_bug.cgi?id=4522
	NOTE: 24-bit PCM WAVE introduced in SDL 2.0
CVE-2019-13625 (NSA Ghidra before 9.0.1 allows XXE when a project is opened or restore ...)
	- ghidra <itp> (bug #923851)
CVE-2019-13624 (In ONOS 1.15.0, apps/yang/web/src/main/java/org/onosproject/yang/web/Y ...)
	NOT-FOR-US: ONOS
CVE-2019-13623 (In NSA Ghidra before 9.1, path traversal can occur in RestoreTask.java ...)
	- ghidra <itp> (bug #923851)
CVE-2019-13622
	RESERVED
CVE-2019-13621
	RESERVED
CVE-2019-13620
	RESERVED
CVE-2019-13619 (In Wireshark 3.0.0 to 3.0.2, 2.6.0 to 2.6.9, and 2.4.0 to 2.4.15, the  ...)
	- wireshark 2.6.10-1 (low)
	[buster] - wireshark <postponed> (Can be fixed along in next 2.6.x release)
	[stretch] - wireshark <postponed> (Can be fixed along in next 2.6.x release)
	[jessie] - wireshark <not-affected> (vulnerable code not present, binary encoding not yet supported)
	NOTE: https://www.wireshark.org/security/wnpa-sec-2019-20.html
	NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=15870
	NOTE: https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=7e90aed666e809c0db5de9d1816802a7dcea28d9
CVE-2019-13618 (In GPAC before 0.8.0, isomedia/isom_read.c in libgpac.a has a heap-bas ...)
	{DLA-2072-1}
	- gpac <unfixed> (low; bug #932242)
	[buster] - gpac <no-dsa> (Minor issue)
	[stretch] - gpac <no-dsa> (Minor issue)
	NOTE: https://github.com/gpac/gpac/issues/1250
	NOTE: https://github.com/gpac/gpac/commit/c23d54ed15a70b4543e3191e6ead5097cda0878b
CVE-2019-13617 (njs through 0.3.3, used in NGINX, has a heap-based buffer over-read in ...)
	NOT-FOR-US: njs
CVE-2019-13616 (SDL (Simple DirectMedia Layer) through 1.2.15 and 2.x through 2.0.9 ha ...)
	- libsdl2 2.0.10+dfsg1-1
	[buster] - libsdl2 <no-dsa> (Minor issue)
	[stretch] - libsdl2 <no-dsa> (Minor issue)
	[jessie] - libsdl2 <postponed> (can be fixed along with more important patches)
	- libsdl1.2 1.2.15+dfsg2-5
	[buster] - libsdl1.2 <no-dsa> (Minor issue)
	[stretch] - libsdl1.2 <no-dsa> (Minor issue)
	[jessie] - libsdl1.2 <postponed> (can be fixed along with more important patches)
	- libsdl2-image 2.0.5+dfsg1-2 (bug #940934)
	[buster] - libsdl2-image <no-dsa> (Minor issue)
	[stretch] - libsdl2-image <no-dsa> (Minor issue)
	[jessie] - libsdl2-image <postponed> (can be fixed along with more important patches)
	- sdl-image1.2 1.2.12-12
	[buster] - sdl-image1.2 <no-dsa> (Minor issue)
	[stretch] - sdl-image1.2 <no-dsa> (Minor issue)
	[jessie] - sdl-image1.2 <postponed> (can be fixed along with more important patches)
	NOTE: https://bugzilla.libsdl.org/show_bug.cgi?id=4538
	NOTE: libsdl2: https://hg.libsdl.org/SDL/rev/e7ba650a643a
	NOTE: libsdl1.2: https://hg.libsdl.org/SDL/rev/ad1bbfbca760
	NOTE: libsdl2-image: https://hg.libsdl.org/SDL_image/rev/ba45f00879ba
	NOTE: sdl-image1.2: https://hg.libsdl.org/SDL_image/rev/a59bfe382008
CVE-2019-13615 (libebml before 1.3.6, as used in the MKV module in VideoLAN VLC Media  ...)
	- libebml 1.3.6-1 (low; bug #932241)
	[stretch] - libebml 1.3.4-1+deb9u1
	[jessie] - libebml <no-dsa> (Minor issue)
	NOTE: https://trac.videolan.org/vlc/ticket/22474
	NOTE: Issue was originally reported to vlc project, but the underlying issue is
	NOTE: found in the libebml library
	NOTE: https://github.com/Matroska-Org/libebml/commit/05beb69ba60acce09f73ed491bb76f332849c3a0
	NOTE: https://github.com/Matroska-Org/libebml/commit/ff0dc3cc21494578ce731f5d7dcde5fdec23d40f
	NOTE: https://github.com/Matroska-Org/libebml/commit/b66ca475be967547af9a3784e720fbbacd381be6
	NOTE: https://github.com/Matroska-Org/libebml/commit/534dfdb995edc18e528de8ce9fa20b3df88426ae
CVE-2019-13614 (CMD_SET_CONFIG_COUNTRY in the TP-Link Device Debug protocol in TP-Link ...)
	NOT-FOR-US: TP-Link
CVE-2019-13613 (CMD_FTEST_CONFIG in the TP-Link Device Debug protocol in TP-Link Wirel ...)
	NOT-FOR-US: TP-Link
CVE-2019-13612 (MDaemon Email Server 19 skips SpamAssassin checks by default for e-mai ...)
	NOT-FOR-US: MDaemon Email Server
CVE-2019-13611 (An issue was discovered in python-engineio through 3.8.2. There is a C ...)
	- python-engineio 3.11.1-1 (bug #932538)
	[buster] - python-engineio <no-dsa> (Minor issue)
	NOTE: https://github.com/miguelgrinberg/python-engineio/issues/128
	NOTE: https://github.com/miguelgrinberg/python-engineio/security/advisories/GHSA-j3jp-gvr5-7hwq
CVE-2019-13610
	RESERVED
CVE-2019-13609
	RESERVED
CVE-2019-13608 (Citrix StoreFront Server before 1903, 7.15 LTSR before CU4 (3.12.4000) ...)
	NOT-FOR-US: Citrix StoreFront Server
CVE-2019-13607 (The Opera Mini application through 16.0.14 for iOS has a UXSS vulnerab ...)
	NOT-FOR-US: Opera Mini application for iOS
CVE-2019-13606
	RESERVED
CVE-2019-13605 (In CentOS-WebPanel.com (aka CWP) CentOS Web Panel 0.9.8.838 to 0.9.8.8 ...)
	NOT-FOR-US: CentOS-WebPanel.com CentOS Web Panel
CVE-2019-13604 (There is a short key vulnerability in HID Global DigitalPersona (forme ...)
	NOT-FOR-US: HID Global DigitalPersona U.are.U 4500 Fingerprint Reader
CVE-2019-13603 (An issue was discovered in the HID Global DigitalPersona (formerly Cro ...)
	NOT-FOR-US: HID Global DigitalPersona U.are.U 4500 Fingerprint Reader Windows Biometric Framework driver
CVE-2019-13602 (An Integer Underflow in MP4_EIA608_Convert() in modules/demux/mp4/mp4. ...)
	{DSA-4504-1}
	- vlc 3.0.7.1-2 (bug #932131)
	[jessie] - vlc <end-of-life> (https://lists.debian.org/debian-security-announce/2018/msg00130.html)
	NOTE: https://git.videolan.org/?p=vlc.git;a=commit;h=8e8e0d72447f8378244f5b4a3dcde036dbeb1491
	NOTE: https://git.videolan.org/?p=vlc.git;a=commit;h=b2b157076d9e94df34502dd8df0787deb940e938
	NOTE: https://www.videolan.org/security/sb-vlc308.html
CVE-2019-13601
	RESERVED
CVE-2019-13600
	RESERVED
CVE-2019-13599 (In CentOS-WebPanel.com (aka CWP) CentOS Web Panel 0.9.8.848, the Login ...)
	NOT-FOR-US: CentOS-WebPanel.com CentOS Web Panel
CVE-2019-13598 (LuaUPnP in Vera Edge Home Controller 1.7.4452 allows remote unauthenti ...)
	NOT-FOR-US: LuaUPnP in Vera Edge Home Controller
CVE-2019-13597 (_s_/sprm/_s_/dyn/Player_setScriptFile in Sahi Pro 8.0.0 allows command ...)
	NOT-FOR-US: Sahi Pro
CVE-2019-13596
	RESERVED
CVE-2019-13595
	RESERVED
CVE-2019-13594 (In Mirumee Saleor 2.7.0 (fixed in 2.8.0), CSRF protection middleware w ...)
	NOT-FOR-US: Mirumee Saleor
CVE-2019-13593
	RESERVED
CVE-2019-13592
	RESERVED
CVE-2019-13591
	RESERVED
CVE-2019-13590 (An issue was discovered in libsox.a in SoX 14.4.2. In sox-fmt.h (start ...)
	- sox 14.4.2+git20190427-2 (low; bug #932082)
	[buster] - sox <ignored> (Minor issue)
	[stretch] - sox <ignored> (Minor issue)
	[jessie] - sox <ignored> (Minor issue)
	NOTE: https://sourceforge.net/p/sox/bugs/325/
	NOTE: https://sourceforge.net/p/sox/code/ci/7b6a889217d62ed7e28188621403cc7542fd1f7e/
CVE-2019-13589 (The paranoid2 gem 1.1.6 for Ruby, as distributed on RubyGems.org, incl ...)
	NOT-FOR-US: backdoor in paranoid_2 gem, different from src:ruby-paranoia
CVE-2019-13588 (A cross-site scripting (XSS) vulnerability in getPagingStart() in core ...)
	NOT-FOR-US: WIKINDX
CVE-2019-13587
	RESERVED
CVE-2019-13586
	RESERVED
CVE-2019-13585 (The remote admin webserver on FANUC Robotics Virtual Robot Controller  ...)
	NOT-FOR-US: FANUC Robotics Virtual Robot Controller
CVE-2019-13584 (The remote admin webserver on FANUC Robotics Virtual Robot Controller  ...)
	NOT-FOR-US: FANUC Robotics Virtual Robot Controller
CVE-2019-13583
	RESERVED
CVE-2019-13582 (An issue was discovered in Marvell 88W8688 Wi-Fi firmware before versi ...)
	NOT-FOR-US: Tesla
CVE-2019-13581 (An issue was discovered in Marvell 88W8688 Wi-Fi firmware before versi ...)
	NOT-FOR-US: Tesla
CVE-2019-13580
	RESERVED
CVE-2019-13579
	RESERVED
CVE-2019-13578 (A SQL injection vulnerability exists in the Impress GiveWP Give plugin ...)
	NOT-FOR-US: Impress GiveWP Give plugin for WordPress
CVE-2019-13577 (SnmpAdm.exe in MAPLE WBT SNMP Administrator v2.0.195.15 has an Unauthe ...)
	NOT-FOR-US: SnmpAdm.exe in MAPLE WBT SNMP Administrator
CVE-2019-13576
	RESERVED
CVE-2019-13575 (A SQL injection vulnerability exists in WPEverest Everest Forms plugin ...)
	NOT-FOR-US: WPEverest Everest Forms plugin for WordPress
CVE-2019-13574 (In lib/mini_magick/image.rb in MiniMagick before 4.9.4, a fetched remo ...)
	{DSA-4481-1 DLA-1948-1}
	- ruby-mini-magick 4.9.2-1.1 (bug #931932)
CVE-2019-13573 (A SQL injection vulnerability exists in the FolioVision FV Flowplayer  ...)
	NOT-FOR-US: FolioVision FV Flowplayer Video Player plugin for WordPress
CVE-2019-13572 (The Adenion Blog2Social plugin through 5.5.0 for WordPress allows SQL  ...)
	NOT-FOR-US: Adenion Blog2Social plugin for WordPress
CVE-2019-13571 (A SQL injection vulnerability exists in the Vsourz Digital Advanced CF ...)
	NOT-FOR-US: Vsourz Digital Advanced CF7 DB plugin for WordPress
CVE-2019-13570 (The AJdG AdRotate plugin before 5.3 for WordPress allows SQL Injection ...)
	NOT-FOR-US: WordPress plugin AJdG AdRotate
CVE-2019-13569 (A SQL injection vulnerability exists in the Icegram Email Subscribers  ...)
	NOT-FOR-US: Icegram Email Subscribers & Newsletters plugin for WordPress
CVE-2019-13568 (CImg through 2.6.7 has a heap-based buffer overflow in _load_bmp in CI ...)
	- cimg 2.8.4+dfsg-1 (bug #940952)
	[buster] - cimg <no-dsa> (Minor issue)
	[stretch] - cimg <no-dsa> (Minor issue)
	[jessie] - cimg <not-affected> (Vulnerable code added later)
	NOTE: https://github.com/dtschump/CImg/commit/ac8003393569aba51048c9d67e1491559877b1d1
CVE-2019-13567 (The Zoom Client before 4.4.53932.0709 on macOS allows remote code exec ...)
	NOT-FOR-US: Zoom
CVE-2019-13566 (An issue was discovered in the ROS communications-related packages (ak ...)
	- ros-ros-comm 1.14.3+ds1-10 (bug #945361)
	[buster] - ros-ros-comm 1.14.3+ds1-5+deb10u1
	[stretch] - ros-ros-comm 1.12.6-2+deb9u1
	NOTE: https://github.com/ros/ros_comm/issues/1735
	NOTE: https://github.com/ros/ros_comm/pull/1771
CVE-2019-13565 (An issue was discovered in OpenLDAP 2.x before 2.4.48. When using SASL ...)
	{DLA-1891-1}
	- openldap 2.4.48+dfsg-1 (low; bug #932998)
	[buster] - openldap 2.4.47+dfsg-3+deb10u1
	[stretch] - openldap 2.4.44+dfsg-5+deb9u3
	NOTE: https://openldap.org/its/?findid=9052
CVE-2019-13564 (XSS exists in Ping Identity Agentless Integration Kit before 1.5. ...)
	NOT-FOR-US: Ping Identity Agentless Integration Kit
CVE-2019-13563 (D-Link DIR-655 C devices before 3.02B05 BETA03 allow CSRF for the enti ...)
	NOT-FOR-US: D-Link
CVE-2019-13562 (D-Link DIR-655 C devices before 3.02B05 BETA03 allow XSS, as demonstra ...)
	NOT-FOR-US: D-Link
CVE-2019-13561 (D-Link DIR-655 C devices before 3.02B05 BETA03 allow remote attackers  ...)
	NOT-FOR-US: D-Link
CVE-2019-13560 (D-Link DIR-655 C devices before 3.02B05 BETA03 allow remote attackers  ...)
	NOT-FOR-US: D-Link
CVE-2019-13559 (GE Mark VIe Controller is shipped with pre-configured hard-coded crede ...)
	NOT-FOR-US: GE Mark VIe Controller
CVE-2019-13558 (In WebAccess versions 8.4.1 and prior, an exploit executed over the ne ...)
	NOT-FOR-US: WebAccess
CVE-2019-13557 (In Tasy EMR, Tasy WebPortal Versions 3.02.1757 and prior, there is an  ...)
	NOT-FOR-US: Tasy
CVE-2019-13556 (In WebAccess versions 8.4.1 and prior, multiple stack-based buffer ove ...)
	NOT-FOR-US: WebAccess
CVE-2019-13555 (In Mitsubishi Electric MELSEC-Q Series Q03/04/06/13/26UDVCPU: serial n ...)
	NOT-FOR-US: Mitsubishi
CVE-2019-13554 (GE Mark VIe Controller has an unsecured Telnet protocol that may allow ...)
	NOT-FOR-US: GE Mark VIe Controller
CVE-2019-13553 (Rittal Chiller SK 3232-Series web interface as built upon Carel pCOWeb ...)
	NOT-FOR-US: Rittal Chiller SK 3232-Series
CVE-2019-13552 (In WebAccess versions 8.4.1 and prior, multiple command injection vuln ...)
	NOT-FOR-US: WebAccess
CVE-2019-13551 (Advantech WISE-PaaS/RMM, Versions 3.3.29 and prior. Path traversal vul ...)
	NOT-FOR-US: Advantech
CVE-2019-13550 (In WebAccess, versions 8.4.1 and prior, an improper authorization vuln ...)
	NOT-FOR-US: WebAccess
CVE-2019-13549 (Rittal Chiller SK 3232-Series web interface as built upon Carel pCOWeb ...)
	NOT-FOR-US: Rittal Chiller SK 3232-Series
CVE-2019-13548 (CODESYS V3 web server, all versions prior to 3.5.14.10, allows an atta ...)
	NOT-FOR-US: CODESYS
CVE-2019-13547 (Advantech WISE-PaaS/RMM, Versions 3.3.29 and prior. There is an unsecu ...)
	NOT-FOR-US: Advantech
CVE-2019-13546 (In IntelliSpace Perinatal, Versions K and prior, a vulnerability withi ...)
	NOT-FOR-US: IntelliSpace Perinatal
CVE-2019-13545 (In Horner Automation Cscape 9.90 and prior, improper validation of dat ...)
	NOT-FOR-US: Horner Automation Cscape
CVE-2019-13544 (Delta Electronics TPEditor, Versions 1.94 and prior. Multiple out-of-b ...)
	NOT-FOR-US: Delta Electronics TPEditor
CVE-2019-13543 (Medtronic Valleylab Exchange Client version 3.4 and below, Valleylab F ...)
	NOT-FOR-US: Medtronic
CVE-2019-13542 (3S-Smart Software Solutions GmbH CODESYS V3 OPC UA Server, all version ...)
	NOT-FOR-US: 3S-Smart
CVE-2019-13541 (In Horner Automation Cscape 9.90 and prior, an improper input validati ...)
	NOT-FOR-US: Horner Automation Cscape
CVE-2019-13540 (Delta Electronics TPEditor, Versions 1.94 and prior. Multiple stack-ba ...)
	NOT-FOR-US: Delta Electronics TPEditor
CVE-2019-13539 (Medtronic Valleylab Exchange Client version 3.4 and below, Valleylab F ...)
	NOT-FOR-US: Medtronic
CVE-2019-13538 (3S-Smart Software Solutions GmbH CODESYS V3 Library Manager, all versi ...)
	NOT-FOR-US: 3S-Smart
CVE-2019-13537 (The IEC870IP driver for AVEVA&#8217;s Vijeo Citect and Citect SCADA an ...)
	NOT-FOR-US: IEC870IP driver
CVE-2019-13536 (Delta Electronics TPEditor, Versions 1.94 and prior. Multiple heap-bas ...)
	NOT-FOR-US: Delta Electronics TPEditor
CVE-2019-13535 (In Medtronic Valleylab FT10 Energy Platform (VLFT10GEN) version 2.1.0  ...)
	NOT-FOR-US: Medtronic Valleylab FT10 Energy Platform
CVE-2019-13534 (Philips IntelliVue WLAN, portable patient monitors, WLAN Version A, Fi ...)
	NOT-FOR-US: Philips
CVE-2019-13533 (In Omron PLC CJ series, all versions, and Omron PLC CS series, all ver ...)
	NOT-FOR-US: Omron
CVE-2019-13532 (CODESYS V3 web server, all versions prior to 3.5.14.10, allows an atta ...)
	NOT-FOR-US: CODESYS
CVE-2019-13531 (In Medtronic Valleylab FT10 Energy Platform (VLFT10GEN) version 2.1.0  ...)
	NOT-FOR-US: Medtronic Valleylab FT10 Energy Platform
CVE-2019-13530 (Philips IntelliVue WLAN, portable patient monitors, WLAN Version A, Fi ...)
	NOT-FOR-US: Philips
CVE-2019-13529 (An attacker could send a malicious link to an authenticated operator,  ...)
	NOT-FOR-US: Sunny WebBox Firmware
CVE-2019-13528 (A specific utility may allow an attacker to gain read access to privil ...)
	NOT-FOR-US: Niagara
CVE-2019-13527 (In Rockwell Automation Arena Simulation Software Cat. 9502-Ax, Version ...)
	NOT-FOR-US: Rockwell
CVE-2019-13526 (Datalogic AV7000 Linear barcode scanner all versions prior to 4.6.0.0  ...)
	NOT-FOR-US: Datalogic AV7000 Linear barcode scanner
CVE-2019-13525 (In IP-AK2 Access Control Panel Version 1.04.07 and prior, the integrat ...)
	NOT-FOR-US: IP-AK2 Access Control Panel
CVE-2019-13524 (GE PACSystems RX3i CPE100/115: All versions prior to R9.85,CPE302/305/ ...)
	NOT-FOR-US: GE/Emerson
CVE-2019-13523 (In Honeywell Performance IP Cameras and Performance NVRs, the integrat ...)
	NOT-FOR-US: Honeywell
CVE-2019-13522 (An attacker could use a specially crafted project file to corrupt the  ...)
	NOT-FOR-US: EZ PLC Editor
CVE-2019-13521 (A maliciously crafted program file opened by an unsuspecting user of R ...)
	NOT-FOR-US: Rockwell
CVE-2019-13520 (Multiple buffer overflow issues have been identified in Alpha5 Smart L ...)
	NOT-FOR-US: Fuji Electric
CVE-2019-13519 (A maliciously crafted program file opened by an unsuspecting user of R ...)
	NOT-FOR-US: Rockwell
CVE-2019-13518 (An attacker could use a specially crafted project file to overflow the ...)
	NOT-FOR-US: EZAutomation
CVE-2019-13517 (In Pyxis ES Versions 1.3.4 through to 1.6.1 and Pyxis Enterprise Serve ...)
	NOT-FOR-US: Pyxis
CVE-2019-13516 (In OSIsoft PI Web API and prior, the affected product is vulnerable to ...)
	NOT-FOR-US: OSIsoft LLC
CVE-2019-13515 (OSIsoft PI Web API 2018 and prior may allow disclosure of sensitive in ...)
	NOT-FOR-US: OSIsoft LLC
CVE-2019-13514 (In Delta Industrial Automation DOPSoft, Version 4.00.06.15 and prior,  ...)
	NOT-FOR-US: Delta Industrial Automation DOPSoft
CVE-2019-13513 (In Delta Industrial Automation DOPSoft, Version 4.00.06.15 and prior,  ...)
	NOT-FOR-US: Delta Industrial Automation DOPSoft
CVE-2019-13512 (Fuji Electric FRENIC Loader 3.5.0.0 and prior is vulnerable to an out- ...)
	NOT-FOR-US: Fuji Electric FRENIC Loader
CVE-2019-13511 (Rockwell Automation Arena Simulation Software versions 16.00.00 and ea ...)
	NOT-FOR-US: Rockwell Automation Arena Simulation Software
CVE-2019-13510 (Rockwell Automation Arena Simulation Software versions 16.00.00 and ea ...)
	NOT-FOR-US: Rockwell Automation Arena Simulation Software
CVE-2019-13509 (In Docker CE and EE before 18.09.8 (as well as Docker EE before 17.06. ...)
	{DSA-4521-1}
	- docker.io 18.09.1+dfsg1-8 (bug #932673)
CVE-2019-13508 (FreeTDS through 1.1.11 has a Buffer Overflow. ...)
	- freetds 1.1.6-1.1 (bug #944012)
	[buster] - freetds 1.00.104-1+deb10u1
	[stretch] - freetds <not-affected> (Vulnerable code introduced in 0.95 upstream)
	[jessie] - freetds <not-affected> (Vulnerable code introduced in 0.95 upstream)
	NOTE: https://github.com/FreeTDS/freetds/commit/0df4eb82a0e3ff844e373d7c9f9c6c813925e2ac
	NOTE: https://bugs.launchpad.net/bugs/1835896
	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1736255
	NOTE: https://bugzilla.novell.com/show_bug.cgi?id=1141132
CVE-2019-13507 (hidea.com AZ Admin 1.0 has news_det.php?cod= SQL Injection. ...)
	NOT-FOR-US: hidea.com AZ Admin
CVE-2019-13506 (@nuxt/devalue before 1.2.3, as used in Nuxt.js before 2.6.2, mishandle ...)
	NOT-FOR-US: Nuxt.js
CVE-2019-13505 (The Appointment Hour Booking plugin 1.1.44 for WordPress allows XSS vi ...)
	NOT-FOR-US: Appointment Hour Booking plugin for WordPress
CVE-2019-13504 (There is an out-of-bounds read in Exiv2::MrwImage::readMetadata in mrw ...)
	{DLA-1855-1}
	- exiv2 0.27.2-6 (low; bug #932467)
	[buster] - exiv2 <ignored> (Minor issue)
	[stretch] - exiv2 <ignored> (Minor issue)
	NOTE: https://github.com/Exiv2/exiv2/pull/943
	NOTE: https://github.com/Exiv2/exiv2/pull/944
	NOTE: https://github.com/Exiv2/exiv2/commit/bd0afe0390439b2c424d881c8c6eb0c5624e31d9
	NOTE: https://github.com/Exiv2/exiv2/pull/946 (complementary fix)
	NOTE: https://github.com/Exiv2/exiv2/commit/54f0bebca032d0286a0e48f47e67dfc6141fedff
CVE-2019-13503 (mq_parse_http in mongoose.c in Mongoose 6.15 has a heap-based buffer o ...)
	NOT-FOR-US: Cesanta Mongoose
	NOTE: smplayer embeds a copy, which is unused in any released version and disabled since 18.5.0~ds1-1
CVE-2019-13502
	RESERVED
CVE-2019-13501
	RESERVED
CVE-2019-13500
	RESERVED
CVE-2019-13499
	RESERVED
CVE-2019-13498 (One Identity Cloud Access Manager 8.1.3 does not use HTTP Strict Trans ...)
	NOT-FOR-US: One Identity Cloud Access Manager
CVE-2019-13497 (One Identity Cloud Access Manager before 8.1.4 Hotfix 1 allows CSRF fo ...)
	NOT-FOR-US: One Identity Cloud Access Manager
CVE-2019-13496 (One Identity Cloud Access Manager before 8.1.4 Hotfix 1 allows OTP byp ...)
	NOT-FOR-US: One Identity Cloud Access Manager
CVE-2019-13495 (In firmware version 4.50 of Zyxel XGS2210-52HP, multiple stored cross- ...)
	NOT-FOR-US: Zyxel
CVE-2019-13494 (nodeimp.exe in Castle Rock SNMPc before 9.0.12.1 and 10.x before 10.0. ...)
	NOT-FOR-US: Castle Rock SNMPc
CVE-2019-13493 (In Sitecore 9.0 rev 171002, Persistent XSS exists in the Media Library ...)
	NOT-FOR-US: Sitecore
CVE-2019-13492
	RESERVED
CVE-2019-13491
	RESERVED
CVE-2019-13490
	RESERVED
CVE-2019-13489 (Trape through 2019-05-08 has SQL injection via the data[2] variable in ...)
	NOT-FOR-US: Trape
CVE-2019-13488 (A cross-site scripting (XSS) vulnerability in static/js/trape.js in Tr ...)
	NOT-FOR-US: Trape
CVE-2019-13487
	RESERVED
CVE-2019-13486 (In Xymon through 4.3.28, a stack-based buffer overflow exists in the s ...)
	{DLA-1898-1}
	- xymon 4.3.29-1
	[buster] - xymon 4.3.28-5+deb10u1
	[stretch] - xymon 4.3.28-2+deb9u1
	NOTE: https://lists.xymon.com/archive/2019-July/046570.html
CVE-2019-13485 (In Xymon through 4.3.28, a stack-based buffer overflow vulnerability e ...)
	{DLA-1898-1}
	- xymon 4.3.29-1
	[buster] - xymon 4.3.28-5+deb10u1
	[stretch] - xymon 4.3.28-2+deb9u1
	NOTE: https://lists.xymon.com/archive/2019-July/046570.html
CVE-2019-13484 (In Xymon through 4.3.28, a buffer overflow exists in the status-log vi ...)
	{DLA-1898-1}
	- xymon 4.3.29-1
	[buster] - xymon 4.3.28-5+deb10u1
	[stretch] - xymon 4.3.28-2+deb9u1
	NOTE: https://lists.xymon.com/archive/2019-July/046570.html
CVE-2019-13483 (Auth0 Passport-SharePoint before 0.4.0 does not validate the JWT signa ...)
	NOT-FOR-US: Auth0 Passport-SharePoint
CVE-2019-13482 (An issue was discovered on D-Link DIR-818LW devices with firmware 2.06 ...)
	NOT-FOR-US: D-Link
CVE-2019-13481 (An issue was discovered on D-Link DIR-818LW devices with firmware 2.06 ...)
	NOT-FOR-US: D-Link
CVE-2019-13480
	RESERVED
CVE-2019-13479
	RESERVED
CVE-2019-13478 (The Yoast SEO plugin before 11.6-RC5 for WordPress does not properly r ...)
	NOT-FOR-US: Wordpress plugin
CVE-2019-13477 (In CentOS-WebPanel.com (aka CWP) CentOS Web Panel 0.9.8.837, CSRF in t ...)
	NOT-FOR-US: CentOS-WebPanel.com CentOS Web Panel
CVE-2019-13476 (In CentOS-WebPanel.com (aka CWP) CentOS Web Panel 0.9.8.837, XSS in th ...)
	NOT-FOR-US: CentOS-WebPanel.com CentOS Web Panel
CVE-2019-13475 (In MobaXterm 11.1, the mobaxterm: URI handler has an argument injectio ...)
	NOT-FOR-US: MobaXterm
CVE-2019-13474 (TELESTAR Bobs Rock Radio, Dabman D10, Dabman i30 Stereo, Imperial i110 ...)
	NOT-FOR-US: TELESTAR
CVE-2019-13473 (TELESTAR Bobs Rock Radio, Dabman D10, Dabman i30 Stereo, Imperial i110 ...)
	NOT-FOR-US: TELESTAR
CVE-2019-13472 (PHPWind 9.1.0 has XSS vulnerabilities in the c and m parameters of the ...)
	NOT-FOR-US: PHPWind
CVE-2019-13471
	RESERVED
CVE-2019-13470 (MatrixSSL before 4.2.1 has an out-of-bounds read during ASN.1 handling ...)
	- matrixssl <removed>
CVE-2019-13469
	RESERVED
CVE-2019-13468
	RESERVED
CVE-2019-13467 (Description: Western Digital SSD Dashboard before 2.5.1.0 and SanDisk  ...)
	NOT-FOR-US: Western Digital SSD Dashboard and SanDisk SSD Dashboard applications
CVE-2019-13466 (Western Digital SSD Dashboard before 2.5.1.0 and SanDisk SSD Dashboard ...)
	NOT-FOR-US: Western Digital SSD Dashboard and SanDisk SSD Dashboard
CVE-2019-13465 (An issue was discovered in the ROS communications-related packages (ak ...)
	- ros-ros-comm 1.14.3+ds1-10 (bug #947946)
	[buster] - ros-ros-comm 1.14.3+ds1-5+deb10u1
	[stretch] - ros-ros-comm 1.12.6-2+deb9u1
	NOTE: https://github.com/ros/ros_comm/issues/1752
	NOTE: https://github.com/ros/ros_comm/pull/1763
CVE-2019-13464 (An issue was discovered in OWASP ModSecurity Core Rule Set (CRS) 3.0.2 ...)
	- modsecurity-crs 3.2.0-1 (low; bug #943773)
	[buster] - modsecurity-crs 3.1.0-1+deb10u1
	[stretch] - modsecurity-crs <no-dsa> (Minor issue)
	[jessie] - modsecurity-crs <not-affected> (incorrect rule does not exist)
	NOTE: https://github.com/SpiderLabs/owasp-modsecurity-crs/commit/6090d6b0a90417f1a60aa68a01eb777cef2e1184
	NOTE: https://github.com/SpiderLabs/owasp-modsecurity-crs/issues/1386
CVE-2019-13463 (An XSS vulnerability in qcopd-shortcode-generator.php in the Simple Li ...)
	NOT-FOR-US: Simple Link Directory plugin for WordPress
CVE-2019-13462 (Lansweeper before 7.1.117.4 allows unauthenticated SQL injection. ...)
	NOT-FOR-US: Lansweeper
CVE-2019-13461 (In PrestaShop before 1.7.6.0 RC2, the id_address_delivery and id_addre ...)
	NOT-FOR-US: PrestaShop
CVE-2019-13460
	RESERVED
CVE-2019-13459
	RESERVED
CVE-2019-13458 (An issue was discovered in Open Ticket Request System (OTRS) 7.0.x thr ...)
	{DLA-1877-1}
	- otrs2 6.0.20-1
	[buster] - otrs2 <no-dsa> (Non-free not supported)
	[stretch] - otrs2 <no-dsa> (Non-free not supported)
	NOTE: https://community.otrs.com/security-advisory-2019-12-security-update-for-otrs-framework/
	NOTE: OTRS 6.0: https://github.com/OTRS/otrs/commit/69430f260d52e5a7afc185048da0cfc2eef2659a
	NOTE: OTRS 5.0: https://github.com/OTRS/otrs/commit/0e26066dfff8efff0039da13e29609ca7f00d9a2
CVE-2019-13457 (An issue was discovered in Open Ticket Request System (OTRS) 7.0.x thr ...)
	- otrs2 <not-affected> (Only affects 7.x series)
	NOTE: https://otrs.com/release-notes/otrs-security-advisory-2019-11/
CVE-2019-13456 (In FreeRADIUS 3.0 through 3.0.19, on average 1 in every 2048 EAP-pwd h ...)
	- freeradius 3.0.20+dfsg-1
	[jessie] - freeradius <not-affected> (Vulnerable code introduced later in version 3.0.0)
	NOTE: https://github.com/FreeRADIUS/freeradius-server/commit/3ea2a5a026e73d81cd9a3e9bbd4300c433004bfa (release_3_0_20)
	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1737663
	NOTE: https://wpa3.mathyvanhoef.com/#new
CVE-2019-13455 (In Xymon through 4.3.28, a stack-based buffer overflow vulnerability e ...)
	{DLA-1898-1}
	- xymon 4.3.29-1
	[buster] - xymon 4.3.28-5+deb10u1
	[stretch] - xymon 4.3.28-2+deb9u1
	NOTE: https://lists.xymon.com/archive/2019-July/046570.html
CVE-2019-13454 (ImageMagick 7.0.8-54 Q16 allows Division by Zero in RemoveDuplicateLay ...)
	- imagemagick <unfixed> (low; bug #931740)
	[buster] - imagemagick <ignored> (Minor issue)
	[stretch] - imagemagick <ignored> (Minor issue)
	[jessie] - imagemagick <ignored> (low impact issue)
	NOTE: https://github.com/ImageMagick/ImageMagick/issues/1629
	NOTE: https://github.com/ImageMagick/ImageMagick6/commit/4f31d78716ac94c85c244efcea368fea202e2ed4
CVE-2019-13453 (Zipios before 0.1.7 does not properly handle certain malformed zip arc ...)
	- zipios++ 0.1.5.9+cvs.2007.04.28-11 (low; bug #932556)
	[buster] - zipios++ <no-dsa> (Minor issue)
	[stretch] - zipios++ <no-dsa> (Minor issue)
	[jessie] - zipios++ <no-dsa> (Minor issue)
	NOTE: https://sourceforge.net/p/zipios/news/2019/07/version-017-cve-/
	NOTE: Patch: https://sourceforge.net/p/zipios/code-git/ci/96e26640573410709bb863b8916a8216f4c6a546/tree/infinite_loop.patch
CVE-2019-13452 (In Xymon through 4.3.28, a buffer overflow vulnerability exists in rep ...)
	{DLA-1898-1}
	- xymon 4.3.29-1
	[buster] - xymon 4.3.28-5+deb10u1
	[stretch] - xymon 4.3.28-2+deb9u1
	NOTE: https://lists.xymon.com/archive/2019-July/046570.html
CVE-2019-13451 (In Xymon through 4.3.28, a buffer overflow vulnerability exists in his ...)
	{DLA-1898-1}
	- xymon 4.3.29-1
	[buster] - xymon 4.3.28-5+deb10u1
	[stretch] - xymon 4.3.28-2+deb9u1
	NOTE: https://lists.xymon.com/archive/2019-July/046570.html
CVE-2019-17351 (An issue was discovered in drivers/xen/balloon.c in the Linux kernel b ...)
	- linux 5.2.6-1
	[buster] - linux 4.19.67-1
	[stretch] - linux 4.9.168-1+deb9u5
	NOTE: https://xenbits.xen.org/xsa/advisory-300.html
CVE-2019-13450 (In the Zoom Client through 4.4.4 and RingCentral 7.0.136380.0312 on ma ...)
	NOT-FOR-US: Zoom Client and RingCentral on MacOS
CVE-2019-13449 (In the Zoom Client before 4.4.2 on macOS, remote attackers can cause a ...)
	NOT-FOR-US: Zoom Client on macOS
CVE-2019-13448 (An issue was discovered in Sertek Xpare 3.67. The login form does not  ...)
	NOT-FOR-US: Sertek Xpare
CVE-2019-13447 (An issue was discovered in Sertek Xpare 3.67. The login form does not  ...)
	NOT-FOR-US: Sertek Xpare
CVE-2019-13446
	REJECTED
CVE-2019-13445 (An issue was discovered in the ROS communications-related packages (ak ...)
	- ros-ros-comm 1.14.3+ds1-11 (bug #947947)
	[buster] - ros-ros-comm 1.14.3+ds1-5+deb10u1
	[stretch] - ros-ros-comm 1.12.6-2+deb9u2
	NOTE: https://github.com/ros/ros_comm/issues/1738
	NOTE: https://github.com/ros/ros_comm/pull/1741
CVE-2019-13444
	RESERVED
CVE-2019-13443
	RESERVED
CVE-2019-13442
	RESERVED
CVE-2019-13441
	RESERVED
CVE-2019-13440
	RESERVED
CVE-2019-13439
	RESERVED
CVE-2019-13438
	RESERVED
CVE-2019-13437
	RESERVED
CVE-2019-13436
	RESERVED
CVE-2019-13435
	RESERVED
CVE-2019-13434
	RESERVED
CVE-2019-13433
	RESERVED
CVE-2019-13432
	RESERVED
CVE-2019-13431
	RESERVED
CVE-2019-13430
	RESERVED
CVE-2019-13429
	RESERVED
CVE-2019-13428
	RESERVED
CVE-2019-13427
	RESERVED
CVE-2019-13426
	RESERVED
CVE-2019-13425
	RESERVED
CVE-2019-13424
	RESERVED
CVE-2019-13423 (Search Guard Kibana Plugin versions before 5.6.8-7 and before 6.x.y-12 ...)
	NOT-FOR-US: Search Guard
CVE-2019-13422 (Search Guard Kibana Plugin versions before 5.6.8-7 and before 6.x.y-12 ...)
	NOT-FOR-US: Search Guard
CVE-2019-13421 (Search Guard versions before 23.1 had an issue that an administrative  ...)
	NOT-FOR-US: Search Guard
CVE-2019-13420 (Search Guard versions before 21.0 had an timing side channel issue whe ...)
	NOT-FOR-US: Search Guard
CVE-2019-13419 (Search Guard versions before 23.1 had an issue that for aggregations c ...)
	NOT-FOR-US: Search Guard
CVE-2019-13418 (Search Guard versions before 24.0 had an issue that values of string a ...)
	NOT-FOR-US: Search Guard
CVE-2019-13417 (Search Guard versions before 24.0 had an issue that field caps and map ...)
	NOT-FOR-US: Search Guard
CVE-2019-13416 (Search Guard versions before 24.3 had an issue when Cross Cluster Sear ...)
	NOT-FOR-US: Search Guard
CVE-2019-13415 (Search Guard versions before 24.3 had an issue when Cross Cluster Sear ...)
	NOT-FOR-US: Search Guard
CVE-2019-13414 (The Rencontre plugin before 3.1.3 for WordPress allows XSS via inc/ren ...)
	NOT-FOR-US: Wordpress plugin
CVE-2019-13413 (The Rencontre plugin before 3.1.3 for WordPress allows SQL Injection v ...)
	NOT-FOR-US: Wordpress plugin
CVE-2019-13412 (A service which is hosted on port 3097 in HiNet GPON firmware &lt; I04 ...)
	NOT-FOR-US: HiNet GPON firmware
CVE-2019-13411 (An &#8220;invalid command&#8221; handler issue was discovered in HiNet ...)
	NOT-FOR-US: HiNet GPON firmware
CVE-2019-13410 (TOPMeeting before version 8.8 (2019/08/19) shows attendees account and ...)
	NOT-FOR-US: TOPMeeting
CVE-2019-13409 (A SQL injection vulnerability was discovered in TOPMeeting before vers ...)
	NOT-FOR-US: TOPMeeting
CVE-2019-13408 (A relative path traversal vulnerability found in Advan VD-1 firmware v ...)
	NOT-FOR-US: Advan VD-1 firmware
CVE-2019-13407 (A XSS found in Advan VD-1 firmware versions up to 230. VD-1 responses  ...)
	NOT-FOR-US: Advan VD-1 firmware
CVE-2019-13406 (A broken access control vulnerability found in Advan VD-1 firmware ver ...)
	NOT-FOR-US: Advan VD-1 firmware
CVE-2019-13405 (A broken access control vulnerability found in Advan VD-1 firmware ver ...)
	NOT-FOR-US: Advan VD-1 firmware
CVE-2019-13404 (** DISPUTED ** The MSI installer for Python through 2.7.16 on Windows  ...)
	NOT-FOR-US: Disputed issue for Windows installer for Python
CVE-2019-13403 (Temenos CWX version 8.9 has an Broken Access Control vulnerability in  ...)
	NOT-FOR-US: Temenos CWX
CVE-2019-13402 (/usr/sbin/default.sh and /usr/apache/htdocs/cgi-bin/admin/hardfactoryd ...)
	NOT-FOR-US: Dynacolor
CVE-2019-13401 (Dynacolor FCM-MB40 v1.2.0.0 devices have CSRF in all scripts under cgi ...)
	NOT-FOR-US: Dynacolor
CVE-2019-13400 (Dynacolor FCM-MB40 v1.2.0.0 use /etc/appWeb/appweb.pass to store admin ...)
	NOT-FOR-US: Dynacolor
CVE-2019-13399 (Dynacolor FCM-MB40 v1.2.0.0 devices have a hard-coded SSL/TLS key that ...)
	NOT-FOR-US: Dynacolor
CVE-2019-13398 (Dynacolor FCM-MB40 v1.2.0.0 devices allow remote attackers to execute  ...)
	NOT-FOR-US: Dynacolor
CVE-2019-13397 (Unauthenticated Stored XSS in osTicket 1.10.1 allows a remote attacker ...)
	NOT-FOR-US: osTicket
CVE-2019-13396 (FlightPath 4.x and 5.0-x allows directory traversal and Local File Inc ...)
	NOT-FOR-US: FlightPath
CVE-2019-13395 (The Voo branded NETGEAR CG3700b custom firmware V2.02.03 allows CSRF a ...)
	NOT-FOR-US: Netgear
CVE-2019-13394 (The Voo branded NETGEAR CG3700b custom firmware V2.02.03 uses HTTP Bas ...)
	NOT-FOR-US: Netgear
CVE-2019-13393 (The Voo branded NETGEAR CG3700b custom firmware V2.02.03 uses the same ...)
	NOT-FOR-US: Netgear
CVE-2019-13392 (A reflected Cross-Site Scripting (XSS) vulnerability in MindPalette Na ...)
	NOT-FOR-US: MindPalette NateMail
CVE-2019-13391 (In ImageMagick 7.0.8-50 Q16, ComplexImages in MagickCore/fourier.c has ...)
	- imagemagick <unfixed> (bug #931633)
	[jessie] - imagemagick <postponed> (minor, wait for upstream to clear patch-related questions)
	NOTE: https://github.com/ImageMagick/ImageMagick/issues/1588
	NOTE: https://github.com/ImageMagick/ImageMagick6/commit/f6ffc702c6eecd963587273a429dcd608c648984
	NOTE: Patch is insufficient, partly reverted by the CVE-2019-13308 patch
	NOTE: which seems to be the actual patch for this issue.
CVE-2019-13390 (In FFmpeg 4.1.3, there is a division by zero at adx_write_trailer in l ...)
	- ffmpeg 7:4.2.1-1 (low; bug #932535)
	[buster] - ffmpeg <postponed> (Minor issue, wait until fixed in 4.1.x branch)
	[stretch] - ffmpeg <postponed> (Minor issue, wait until fixed in 3.2.x branch)
	NOTE: https://trac.ffmpeg.org/ticket/7979
	NOTE: https://git.videolan.org/?p=ffmpeg.git;a=commitdiff;h=aef24efb0c1e65097ab77a4bf9264189bdf3ace3
CVE-2019-13389 (RainLoop Webmail before 1.13.0 lacks XSS protection mechanisms such as ...)
	NOT-FOR-US: RainLoop Webmail
CVE-2019-13388
	RESERVED
CVE-2019-13387 (In CentOS-WebPanel.com (aka CWP) CentOS Web Panel 0.9.8.846, Reflected ...)
	NOT-FOR-US: CentOS-WebPanel.com CentOS Web Panel
CVE-2019-13386 (In CentOS-WebPanel.com (aka CWP) CentOS Web Panel 0.9.8.846, a hidden  ...)
	NOT-FOR-US: CentOS-WebPanel.com CentOS Web Panel
CVE-2019-13385 (In CentOS-WebPanel.com (aka CWP) CentOS Web Panel 0.9.8.840, File and  ...)
	NOT-FOR-US: CentOS-WebPanel.com CentOS Web Panel
CVE-2019-13384
	RESERVED
CVE-2019-13383 (In CentOS-WebPanel.com (aka CWP) CentOS Web Panel 0.9.8.846, the Login ...)
	NOT-FOR-US: CentOS-WebPanel.com CentOS Web Panel
CVE-2019-13382 (UploaderService in SnagIT 2019.1.2 allows elevation of privilege by pl ...)
	NOT-FOR-US: SnagIT
CVE-2019-13381
	REJECTED
CVE-2019-13380 (KEYNTO Team Password Manager 1.5.0 allows XSS because data saved from  ...)
	NOT-FOR-US: KEYNTO Team Password Manager
CVE-2019-13379 (On AVTECH Room Alert 3E devices before 2.2.5, an attacker with access  ...)
	NOT-FOR-US: AVTECH Room Alert
CVE-2019-13378
	RESERVED
CVE-2019-13377 (The implementations of SAE and EAP-pwd in hostapd and wpa_supplicant 2 ...)
	{DSA-4538-1}
	- wpa 2:2.9-1 (bug #934180)
	[stretch] - wpa <not-affected> (Introduced in 2.5)
	[jessie] - wpa <not-affected> (Introduced in 2.5)
	NOTE: https://wpa3.mathyvanhoef.com/#new
	NOTE: Added in v2.5: https://w1.fi/cgit/hostap/plain/wpa_supplicant/ChangeLog:
	NOTE: "added support for Brainpool Elliptic Curves with SAE"
	NOTE: Patches: https://w1.fi/security/2019-6/
CVE-2019-13376 (phpBB version 3.2.7 allows the stealing of an Administration Control P ...)
	{DLA-1942-2 DLA-1942-1}
	- phpbb3 <removed>
	NOTE: https://ssd-disclosure.com/archives/4007/ssd-advisory-phpbb-csrf-token-hijacking-leading-to-stored-xss
	NOTE: fixed in 3.2.8 as 'SECURITY-246'
	NOTE: https://github.com/phpbb/phpbb/commit/cdf4f5ef85f05c0f94eae1a9edb1c28d4ac3515f
	NOTE: follow-up to incomplete fix for CVE-2019-16993
CVE-2019-16993 (In phpBB before 3.1.7-PL1, includes/acp/acp_bbcodes.php has improper v ...)
	{DLA-1942-2 DLA-1942-1}
	- phpbb3 <removed>
	NOTE: https://github.com/phpbb/phpbb/commit/18abef716ecf42a35416444f3f84f5459d573789
	NOTE: https://www.phpbb.com/community/viewtopic.php?t=2352606
CVE-2019-13375 (A SQL Injection was discovered in D-Link Central WiFi Manager CWM(100) ...)
	NOT-FOR-US: D-Link
CVE-2019-13374 (A cross-site scripting (XSS) vulnerability in resource view in PayActi ...)
	NOT-FOR-US: D-Link
CVE-2019-13373 (An issue was discovered in the D-Link Central WiFi Manager CWM(100) be ...)
	NOT-FOR-US: D-Link
CVE-2019-13372 (/web/Lib/Action/IndexAction.class.php in D-Link Central WiFi Manager C ...)
	NOT-FOR-US: D-Link
CVE-2019-13371
	RESERVED
CVE-2019-13370 (index.php/admin/permissions in Ignited CMS through 2017-02-19 allows C ...)
	NOT-FOR-US: Ignited CMS
CVE-2019-13369
	REJECTED
CVE-2019-13368
	REJECTED
CVE-2019-13367
	REJECTED
CVE-2019-13366
	RESERVED
CVE-2019-13365
	RESERVED
CVE-2019-13364 (admin.php?page=account_billing in Piwigo 2.9.5 has XSS via the vat&amp ...)
	- piwigo <removed>
CVE-2019-13363 (admin.php?page=notification_by_mail in Piwigo 2.9.5 has XSS via the nb ...)
	- piwigo <removed>
CVE-2019-13362 (Codedoc v3.2 has a stack-based buffer overflow in add_variable in code ...)
	NOT-FOR-US: Codedoc
CVE-2019-13361 (Smanos W100 1.0.0 devices have Insecure Permissions, exploitable by an ...)
	NOT-FOR-US: Smanos W100 1.0.0 devices
CVE-2019-13360 (In CentOS-WebPanel.com (aka CWP) CentOS Web Panel 0.9.8.836, remote at ...)
	NOT-FOR-US: CentOS-WebPanel.com CentOS Web Panel
CVE-2019-13359 (In CentOS-WebPanel.com (aka CWP) CentOS Web Panel 0.9.8.836, a cwpsrv- ...)
	NOT-FOR-US: CentOS-WebPanel.com CentOS Web Panel
CVE-2019-13358 (lib/DocumentToText.php in OpenCats before 0.9.4-3 has XXE that allows  ...)
	NOT-FOR-US: OpenCats
CVE-2019-13357 (In Total Defense Anti-virus 9.0.0.773, resource acquisition from the u ...)
	NOT-FOR-US: Total Defense Anti-virus
CVE-2019-13356 (In Total Defense Anti-virus 9.0.0.773, insecure access control for the ...)
	NOT-FOR-US: Total Defense Anti-virus
CVE-2019-13355 (In Total Defense Anti-virus 9.0.0.773, insecure access control for the ...)
	NOT-FOR-US: Total Defense Anti-virus
CVE-2019-13354 (The strong_password gem 0.0.7 for Ruby, as distributed on RubyGems.org ...)
	NOT-FOR-US: strong_password gem
CVE-2019-13353
	RESERVED
CVE-2019-13352 (WolfVision Cynap before 1.30j uses a static, hard-coded cryptographic  ...)
	NOT-FOR-US: WolfVision Cynap
CVE-2019-13351 (posix/JackSocket.cpp in libjack in JACK2 1.9.1 through 1.9.12 (as dist ...)
	- jackd2 <unfixed> (low; bug #931488)
	[buster] - jackd2 <no-dsa> (Minor issue)
	[stretch] - jackd2 <no-dsa> (Minor issue)
	[jessie] - jackd2 <postponed> (Minor issue, hard to reproduce crash with theoretically possible file corruption, no sensitive data to leak)
	NOTE: https://github.com/jackaudio/jack2/pull/480
	NOTE: https://github.com/jackaudio/jack2/commit/994e225bbb07a89f56147f7ce7d59beb49f8cfba
CVE-2019-13350
	RESERVED
CVE-2019-13349 (In Knowage through 6.1.1, an authenticated user that accesses the user ...)
	NOT-FOR-US: Knowage
CVE-2019-13348 (In Knowage through 6.1.1, an authenticated user who accesses the datas ...)
	NOT-FOR-US: Knowage
CVE-2019-13347 (An issue was discovered in the SAML Single Sign On (SSO) plugin for se ...)
	NOT-FOR-US: SAML Single Sign On plugin for several Atlassian products
CVE-2019-13346 (In MyT 1.5.1, the User[username] parameter has XSS. ...)
	NOT-FOR-US: MyT
CVE-2019-13345 (The cachemgr.cgi web module of Squid through 4.7 has XSS via the user_ ...)
	{DSA-4507-1 DLA-1847-1}
	- squid 4.8-1 (bug #931478)
	- squid3 <removed>
	NOTE: http://www.squid-cache.org/Advisories/SQUID-2019_6.txt
	NOTE: https://bugs.squid-cache.org/show_bug.cgi?id=4957
	NOTE: https://github.com/squid-cache/squid/pull/429
	NOTE: Squid 4: http://www.squid-cache.org/Versions/v4/changesets/squid-4-be1dc8614e7514103ba84d4067ed6fd15ab8f82e.patch
	NOTE: Squid 3.x: http://www.squid-cache.org/Versions/v3/3.5/changesets/squid-3.5-5730c2b5cb56e7639dc423dd62651c8736a54e35.patch
CVE-2019-13344 (An authentication bypass vulnerability in the CRUDLab WP Like Button p ...)
	NOT-FOR-US: CRUDLab WP Like Button plugin for WordPress
CVE-2019-13343 (Butor Portal before 1.0.27 is affected by a Path Traversal vulnerabili ...)
	NOT-FOR-US: Butor Portal
CVE-2019-13342
	RESERVED
CVE-2019-13341 (In MiniCMS V1.10, stored XSS was found in mc-admin/conf.php (comment b ...)
	NOT-FOR-US: MiniCMS
CVE-2019-13340 (In MiniCMS V1.10, stored XSS was found in mc-admin/post-edit.php via t ...)
	NOT-FOR-US: MiniCMS
CVE-2019-13339 (In MiniCMS V1.10, stored XSS was found in mc-admin/page-edit.php (cont ...)
	NOT-FOR-US: MiniCMS
CVE-2019-13338 (In WESEEK GROWI before 3.5.0, a remote attacker can obtain the passwor ...)
	NOT-FOR-US: WESEEK GROWI
CVE-2019-13337 (In WESEEK GROWI before 3.5.0, the site-wide basic authentication can b ...)
	NOT-FOR-US: WESEEK GROWI
CVE-2019-13336 (The dbell Wi-Fi Smart Video Doorbell DB01-S Gen 1 allows remote attack ...)
	NOT-FOR-US: dbell Wi-Fi Smart Video Doorbell
CVE-2019-13335 (SalesAgility SuiteCRM 7.10.x 7.10.19 and 7.11.x before and 7.11.7 has  ...)
	NOT-FOR-US: SalesAgility SuiteCRM
CVE-2019-13334 (This vulnerability allows remote attackers to execute arbitrary code o ...)
	NOT-FOR-US: Foxit PhantomPDF
CVE-2019-13333 (This vulnerability allows remote attackers to execute arbitrary code o ...)
	NOT-FOR-US: Foxit PhantomPDF
CVE-2019-13332 (This vulnerability allows remote attackers to execute arbitrary code o ...)
	NOT-FOR-US: Foxit Reader
CVE-2019-13331 (This vulnerability allows remote attackers to execute arbitrary code o ...)
	NOT-FOR-US: Foxit Reader
CVE-2019-13330 (This vulnerability allows remote attackers to execute arbitrary code o ...)
	NOT-FOR-US: Foxit Reader
CVE-2019-13329 (This vulnerability allows remote attackers to execute arbitrary code o ...)
	NOT-FOR-US: Foxit Reader
CVE-2019-13328 (This vulnerability allows remote attackers to execute arbitrary code o ...)
	NOT-FOR-US: Foxit Reader
CVE-2019-13327 (This vulnerability allows remote attackers to execute arbitrary code o ...)
	NOT-FOR-US: Foxit Reader
CVE-2019-13326 (This vulnerability allows remote attackers to execute arbitrary code o ...)
	NOT-FOR-US: Foxit Reader
CVE-2019-13325 (This vulnerability allows remote attackers to execute arbitrary code o ...)
	NOT-FOR-US: Foxit Studio Photo
CVE-2019-13324 (This vulnerability allows remote attackers to execute arbitrary code o ...)
	NOT-FOR-US: Foxit Studio Photo
CVE-2019-13323 (This vulnerability allows remote attackers to execute arbitrary code o ...)
	NOT-FOR-US: Foxit Studio Photo
CVE-2019-13322 (This vulnerability allows remote attackers to execute arbitrary code o ...)
	NOT-FOR-US: Foxit
CVE-2019-13321 (This vulnerability allows network adjacent attackers to execute arbitr ...)
	NOT-FOR-US: Foxit
CVE-2019-13320 (This vulnerability allows remote attackers to execute arbitrary code o ...)
	NOT-FOR-US: Foxit Reader
CVE-2019-13319 (This vulnerability allows remote attackers to execute arbitrary code o ...)
	NOT-FOR-US: Foxit Reader
CVE-2019-13318 (This vulnerability allows remote attackers to disclose sensitive infor ...)
	NOT-FOR-US: Foxit Reader
CVE-2019-13317 (This vulnerability allows remote atackers to execute arbitrary code on ...)
	NOT-FOR-US: Foxit PhantomPDF
CVE-2019-13316 (This vulnerability allows remote atackers to execute arbitrary code on ...)
	NOT-FOR-US: Foxit PhantomPDF
CVE-2019-13315 (This vulnerability allows remote atackers to execute arbitrary code on ...)
	NOT-FOR-US: Foxit Reader
CVE-2019-13314 (virt-bootstrap 1.1.0 allows local users to discover a root password by ...)
	- virt-bootstrap <itp> (bug #871621)
CVE-2019-13313 (libosinfo 1.5.0 allows local users to discover credentials by listing  ...)
	- libosinfo 1.6.0-1 (bug #931479)
	[buster] - libosinfo <ignored> (Minor issue)
	[stretch] - libosinfo <ignored> (Minor issue)
	[jessie] - libosinfo <postponed> (Minor issue, local transient password leak in `ps`, affected binary not used by other packages)
	NOTE: https://www.redhat.com/archives/libosinfo/2019-July/msg00026.html
CVE-2019-13312 (block_cmp() in libavcodec/zmbvenc.c in FFmpeg 4.1.3 has a heap-based b ...)
	- ffmpeg <not-affected> (Vulnerable code not present)
	NOTE: https://trac.ffmpeg.org/ticket/7980
	NOTE: Introduced in http://git.videolan.org/?p=ffmpeg.git;a=commitdiff;h=0321370601833f4ae47e8e11c44570ea4bd382a4
CVE-2019-13311 (ImageMagick 7.0.8-50 Q16 has memory leaks at AcquireMagickMemory becau ...)
	- imagemagick <unfixed> (unimportant)
	NOTE: https://github.com/ImageMagick/ImageMagick/issues/1623
	NOTE: https://github.com/ImageMagick/ImageMagick6/commit/bb812022d0bc12107db215c981cab0b1ccd73d91
CVE-2019-13310 (ImageMagick 7.0.8-50 Q16 has memory leaks at AcquireMagickMemory becau ...)
	- imagemagick <unfixed> (unimportant)
	NOTE: https://github.com/ImageMagick/ImageMagick/issues/1616
	NOTE: https://github.com/ImageMagick/ImageMagick6/commit/5982632109cad48bc6dab867298fdea4dea57c51
CVE-2019-13309 (ImageMagick 7.0.8-50 Q16 has memory leaks at AcquireMagickMemory becau ...)
	- imagemagick <unfixed> (unimportant)
	NOTE: https://github.com/ImageMagick/ImageMagick/issues/1616
	NOTE: https://github.com/ImageMagick/ImageMagick6/commit/5982632109cad48bc6dab867298fdea4dea57c51
CVE-2019-13308 (ImageMagick 7.0.8-50 Q16 has a heap-based buffer overflow in MagickCor ...)
	- imagemagick <unfixed> (bug #931447)
	[buster] - imagemagick <postponed> (Needs further clarification on patch)
	[stretch] - imagemagick <postponed> (Needs further clarification on patch)
	[jessie] - imagemagick <postponed> (minor, wait for upstream to clear patch-related questions)
	NOTE: https://github.com/ImageMagick/ImageMagick/issues/1595
	NOTE: https://github.com/ImageMagick/ImageMagick6/commit/19651f3db63fa1511ed83a348c4c82fa553f8d01
CVE-2019-13307 (ImageMagick 7.0.8-50 Q16 has a heap-based buffer overflow at MagickCor ...)
	- imagemagick <unfixed> (bug #931448)
	[jessie] - imagemagick <ignored> (minor issue, patch fairly intrusive)
	NOTE: https://github.com/ImageMagick/ImageMagick/issues/1615
	NOTE: https://github.com/ImageMagick/ImageMagick6/commit/91e58d967a92250439ede038ccfb0913a81e59fe
	NOTE: incomplete, introduces a memory leak, follow-up patches:
	NOTE: https://github.com/ImageMagick/ImageMagick6/commit/e6d26d4e2f07375ddbf46a857d309d51eeff7ee1
	NOTE: https://github.com/ImageMagick/ImageMagick6/commit/643921ca69a20b203faebd0b287d8b7012dc749d
CVE-2019-13306 (ImageMagick 7.0.8-50 Q16 has a stack-based buffer overflow at coders/p ...)
	{DLA-1888-1}
	- imagemagick <unfixed> (bug #931449)
	NOTE: https://github.com/ImageMagick/ImageMagick/issues/1612
	NOTE: initial fix:
	NOTE: https://github.com/ImageMagick/ImageMagick6/commit/cb5ec7d98195aa74d5ed299b38eff2a68122f3fa
	NOTE: later reverted by the CVE-2019-13305 fix which is the right one:
	NOTE: https://github.com/ImageMagick/ImageMagick6/commit/5c7fbf9a14fb83c9685ad69d48899f490a37609d
CVE-2019-13305 (ImageMagick 7.0.8-50 Q16 has a stack-based buffer overflow at coders/p ...)
	{DLA-1888-1}
	- imagemagick <unfixed> (bug #931452)
	NOTE: https://github.com/ImageMagick/ImageMagick/issues/1613
	NOTE: https://github.com/ImageMagick/ImageMagick6/commit/5c7fbf9a14fb83c9685ad69d48899f490a37609d
CVE-2019-13304 (ImageMagick 7.0.8-50 Q16 has a stack-based buffer overflow at coders/p ...)
	{DLA-1888-1}
	- imagemagick <unfixed> (bug #931453)
	NOTE: https://github.com/ImageMagick/ImageMagick/issues/1614
	NOTE: https://github.com/ImageMagick/ImageMagick6/commit/bfa3b9610c83227894c92b0d312ad327fceb6241
	NOTE: https://github.com/ImageMagick/ImageMagick6/commit/a2f84f23d064e98f423aa0d050ff98838cf0a1b1
CVE-2019-13303 (ImageMagick 7.0.8-50 Q16 has a heap-based buffer over-read in MagickCo ...)
	- imagemagick <not-affected> (Only affects Imagemagick 7)
	NOTE: https://github.com/ImageMagick/ImageMagick/commit/d29148fae06c01ef215940e084cf41853c117bab
	NOTE: https://github.com/ImageMagick/ImageMagick/issues/1603
CVE-2019-13302 (ImageMagick 7.0.8-50 Q16 has a heap-based buffer over-read in MagickCo ...)
	- imagemagick <not-affected> (Only affects Imagemagick 7)
	NOTE: https://github.com/ImageMagick/ImageMagick/commit/d5089971bd792311aaab5cb73460326d7ef7f32d
	NOTE: https://github.com/ImageMagick/ImageMagick/issues/1597
CVE-2019-13301 (ImageMagick 7.0.8-50 Q16 has memory leaks in AcquireMagickMemory becau ...)
	- imagemagick <unfixed> (unimportant)
	NOTE: https://github.com/ImageMagick/ImageMagick6/commit/0b7d3675438cbcde824e751895847a0794406e08
CVE-2019-13300 (ImageMagick 7.0.8-50 Q16 has a heap-based buffer overflow at MagickCor ...)
	- imagemagick <unfixed> (bug #931454)
	[jessie] - imagemagick <ignored> (minor issue, patch fairly intrusive)
	NOTE: https://github.com/ImageMagick/ImageMagick/issues/1586
	NOTE: https://github.com/ImageMagick/ImageMagick6/commit/5e409ae7a389cdf2ed17469303be3f3f21cec450
CVE-2019-13299 (ImageMagick 7.0.8-50 Q16 has a heap-based buffer over-read at MagickCo ...)
	- imagemagick <not-affected> (Only affects Imagemagick 7)
	NOTE: https://github.com/ImageMagick/ImageMagick/commit/8187d2d8fd010d2d6b1a3a8edd935beec404dddc
	NOTE: https://github.com/ImageMagick/ImageMagick/issues/1610
CVE-2019-13298 (ImageMagick 7.0.8-50 Q16 has a heap-based buffer overflow at MagickCor ...)
	- imagemagick <not-affected> (Only affects Imagemagick 7)
	NOTE: https://github.com/ImageMagick/ImageMagick/issues/1611
	NOTE: https://github.com/ImageMagick/ImageMagick/commit/d4fc44b58a14f76b1ac997517d742ee12c9dc5d3
CVE-2019-13297 (ImageMagick 7.0.8-50 Q16 has a heap-based buffer over-read at MagickCo ...)
	{DLA-1888-1}
	- imagemagick <unfixed> (bug #931455)
	NOTE: https://github.com/ImageMagick/ImageMagick/issues/1609
	NOTE: https://github.com/ImageMagick/ImageMagick6/commit/35c7032723d85eee7318ff6c82f031fa2666b773
	NOTE: Some older version before the fixing commit did as well not check for
	NOTE: width size (cf. CVE-2019-13295).
CVE-2019-13296 (ImageMagick 7.0.8-50 Q16 has direct memory leaks in AcquireMagickMemor ...)
	- imagemagick <not-affected> (Only affects Imagemagick 7)
	NOTE: https://github.com/ImageMagick/ImageMagick/commit/ce08a3691a8ac29125e29fc41967b3737fa3f425
	NOTE: https://github.com/ImageMagick/ImageMagick/issues/1604
CVE-2019-13295 (ImageMagick 7.0.8-50 Q16 has a heap-based buffer over-read at MagickCo ...)
	{DLA-1888-1}
	- imagemagick <unfixed> (bug #931457)
	NOTE: https://github.com/ImageMagick/ImageMagick/issues/1608
	NOTE: https://github.com/ImageMagick/ImageMagick6/commit/55e6dc49f1a381d9d511ee2f888fdc3e3c3e3953
CVE-2019-13294 (AROX School-ERP Pro has a command execution vulnerability. import_stud ...)
	NOT-FOR-US: AROX School-ERP Pro
CVE-2019-13293
	RESERVED
CVE-2019-13292 (A SQL Injection issue was discovered in webERP 4.15. Payments.php acce ...)
	NOT-FOR-US: webERP
CVE-2019-13291 (In Xpdf 4.01.01, there is a heap-based buffer over-read in the functio ...)
	- xpdf <not-affected> (xpdf in Debian uses poppler, which is fixed)
CVE-2019-13290 (Artifex MuPDF 1.15.0 has a heap-based buffer overflow in fz_append_dis ...)
	- mupdf 1.15.0+ds1-1 (bug #931475)
	[jessie] - mupdf <not-affected> (Vulnerable code introduced later)
	NOTE: https://bugs.ghostscript.com/show_bug.cgi?id=701118
	NOTE: http://git.ghostscript.com/?p=mupdf.git;h=aaf794439e40a2ef544f15b50c20e657414dec7a
	NOTE: http://git.ghostscript.com/?p=mupdf.git;h=ed19bc806809ad10c4ddce515d375581b86ede85
	NOTE: Introduced in 1.6 / http://git.ghostscript.com/?p=mupdf.git;a=commit;f=source/fitz/list-device.c;h=e9411aba2b71b67b8521f55917ab26585c464b88
CVE-2019-13289 (In Xpdf 4.01.01, there is a use-after-free vulnerability in the functi ...)
	- xpdf <not-affected> (xpdf in Debian uses poppler, which is fixed)
CVE-2019-13288 (In Xpdf 4.01.01, the Parser::getObj() function in Parser.cc may cause  ...)
	- xpdf <not-affected> (xpdf in Debian uses poppler, which is fixed)
CVE-2019-13287 (In Xpdf 4.01.01, there is an out-of-bounds read vulnerability in the f ...)
	- xpdf <not-affected> (xpdf in Debian uses poppler, which is fixed)
CVE-2019-13286 (In Xpdf 4.01.01, there is a heap-based buffer over-read in the functio ...)
	- xpdf <not-affected> (xpdf in Debian uses poppler, which is fixed)
CVE-2019-13285
	RESERVED
CVE-2019-13284
	RESERVED
CVE-2019-13283 (In Xpdf 4.01.01, a heap-based buffer over-read could be triggered in s ...)
	- xpdf <not-affected> (xpdf in Debian uses poppler, which is fixed)
CVE-2019-13282 (In Xpdf 4.01.01, a heap-based buffer over-read could be triggered in S ...)
	- xpdf <not-affected> (xpdf in Debian uses poppler, which is fixed)
CVE-2019-13281 (In Xpdf 4.01.01, a heap-based buffer overflow could be triggered in DC ...)
	- xpdf <not-affected> (xpdf in Debian uses poppler, which is fixed)
CVE-2019-13280 (TRENDnet TEW-827DRU with firmware up to and including 2.04B03 contains ...)
	NOT-FOR-US: TRENDnet
CVE-2019-13279 (TRENDnet TEW-827DRU with firmware up to and including 2.04B03 contains ...)
	NOT-FOR-US: TRENDnet
CVE-2019-13278 (TRENDnet TEW-827DRU with firmware up to and including 2.04B03 contains ...)
	NOT-FOR-US: TRENDnet
CVE-2019-13277 (TRENDnet TEW-827DRU with firmware up to and including 2.04B03 allows a ...)
	NOT-FOR-US: TRENDnet TEW-827DRU
CVE-2019-13276 (TRENDnet TEW-827DRU with firmware up to and including 2.04B03 contains ...)
	NOT-FOR-US: TRENDnet
CVE-2019-13275 (An issue was discovered in the VeronaLabs wp-statistics plugin before  ...)
	NOT-FOR-US: VeronaLabs wp-statistics plugin for WordPress
CVE-2019-13274 (In Xymon through 4.3.28, an XSS vulnerability exists in the csvinfo CG ...)
	{DLA-1898-1}
	- xymon 4.3.29-1
	[buster] - xymon 4.3.28-5+deb10u1
	[stretch] - xymon 4.3.28-2+deb9u1
	NOTE: https://lists.xymon.com/archive/2019-July/046570.html
CVE-2019-13273 (In Xymon through 4.3.28, a buffer overflow vulnerability exists in the ...)
	{DLA-1898-1}
	- xymon 4.3.29-1
	[buster] - xymon 4.3.28-5+deb10u1
	[stretch] - xymon 4.3.28-2+deb9u1
	NOTE: https://lists.xymon.com/archive/2019-July/046570.html
CVE-2019-13272 (In the Linux kernel before 5.1.17, ptrace_link in kernel/ptrace.c mish ...)
	{DSA-4484-1 DLA-1863-1 DLA-1862-1}
	- linux 4.19.37-6
	NOTE: https://bugzilla.suse.com/show_bug.cgi?id=1140671
	NOTE: https://bugs.chromium.org/p/project-zero/issues/detail?id=1903
	NOTE: https://git.kernel.org/linus/6994eefb0053799d2e07cd140df6c2ea106c41ee
CVE-2019-13271 (Edimax BR-6208AC V1 devices have Insufficient Compartmentalization bet ...)
	NOT-FOR-US: Edimax BR-6208AC V1 devices
CVE-2019-13270 (Edimax BR-6208AC V1 devices have Insufficient Compartmentalization bet ...)
	NOT-FOR-US: Edimax BR-6208AC V1 devices
CVE-2019-13269 (Edimax BR-6208AC V1 devices have Insufficient Compartmentalization bet ...)
	NOT-FOR-US: Edimax BR-6208AC V1 devices
CVE-2019-13268 (TP-Link Archer C3200 V1 and Archer C2 V1 devices have Insufficient Com ...)
	NOT-FOR-US: TP-Link
CVE-2019-13267 (TP-Link Archer C3200 V1 and Archer C2 V1 devices have Insufficient Com ...)
	NOT-FOR-US: TP-Link
CVE-2019-13266 (TP-Link Archer C3200 V1 and Archer C2 V1 devices have Insufficient Com ...)
	NOT-FOR-US: TP-Link
CVE-2019-13265 (D-link DIR-825AC G1 devices have Insufficient Compartmentalization bet ...)
	NOT-FOR-US: D-link
CVE-2019-13264 (D-link DIR-825AC G1 devices have Insufficient Compartmentalization bet ...)
	NOT-FOR-US: D-link
CVE-2019-13263 (D-link DIR-825AC G1 devices have Insufficient Compartmentalization bet ...)
	NOT-FOR-US: D-link
CVE-2019-13262 (XnView Classic 2.48 has a User Mode Write AV starting at xnview+0x0000 ...)
	NOT-FOR-US: XnView
CVE-2019-13261 (XnView Classic 2.48 has a User Mode Write AV starting at xnview+0x0000 ...)
	NOT-FOR-US: XnView
CVE-2019-13260 (XnView Classic 2.48 has a User Mode Write AV starting at xnview+0x0000 ...)
	NOT-FOR-US: XnView
CVE-2019-13259 (XnView Classic 2.48 has a User Mode Write AV starting at xnview+0x0000 ...)
	NOT-FOR-US: XnView
CVE-2019-13258 (XnView Classic 2.48 has a User Mode Write AV starting at xnview+0x0000 ...)
	NOT-FOR-US: XnView
CVE-2019-13257 (XnView Classic 2.48 has a User Mode Write AV starting at xnview+0x0000 ...)
	NOT-FOR-US: XnView
CVE-2019-13256 (XnView Classic 2.48 has a User Mode Write AV starting at xnview+0x0000 ...)
	NOT-FOR-US: XnView
CVE-2019-13255 (XnView Classic 2.48 has a User Mode Write AV starting at xnview+0x0000 ...)
	NOT-FOR-US: XnView
CVE-2019-13254 (XnView Classic 2.48 has a User Mode Write AV starting at xnview+0x0000 ...)
	NOT-FOR-US: XnView
CVE-2019-13253 (XnView Classic 2.48 has a User Mode Write AV starting at xnview+0x0000 ...)
	NOT-FOR-US: XnView
CVE-2019-13252 (ACDSee Free 1.1.21 has a User Mode Write AV starting at IDE_ACDStd!IEP ...)
	NOT-FOR-US: ACDSee Free
CVE-2019-13251 (ACDSee Free 1.1.21 has a User Mode Write AV starting at IDE_ACDStd!IEP ...)
	NOT-FOR-US: ACDSee Free
CVE-2019-13250 (ACDSee Free 1.1.21 has a User Mode Write AV starting at IDE_ACDStd!IEP ...)
	NOT-FOR-US: ACDSee Free
CVE-2019-13249 (ACDSee Free 1.1.21 has a User Mode Write AV starting at IDE_ACDStd!IEP ...)
	NOT-FOR-US: ACDSee Free
CVE-2019-13248 (ACDSee Free 1.1.21 has a User Mode Write AV starting at IDE_ACDStd!JPE ...)
	NOT-FOR-US: ACDSee Free
CVE-2019-13247 (ACDSee Free 1.1.21 has a User Mode Write AV starting at IDE_ACDStd!JPE ...)
	NOT-FOR-US: ACDSee Free
CVE-2019-13246 (FastStone Image Viewer 7.0 has a User Mode Write AV starting at image0 ...)
	NOT-FOR-US: FastStone Image Viewer
CVE-2019-13245 (FastStone Image Viewer 7.0 has a User Mode Write AV starting at image0 ...)
	NOT-FOR-US: FastStone Image Viewer
CVE-2019-13244 (FastStone Image Viewer 7.0 has a User Mode Write AV starting at image0 ...)
	NOT-FOR-US: FastStone Image Viewer
CVE-2019-13243 (IrfanView 4.52 has a User Mode Write AV starting at image00400000+0x00 ...)
	NOT-FOR-US: IrfanView
CVE-2019-13242 (IrfanView 4.52 has a User Mode Write AV starting at image00400000+0x00 ...)
	NOT-FOR-US: IrfanView
CVE-2019-13241 (FlightCrew v0.9.2 and older are vulnerable to a directory traversal, a ...)
	- flightcrew 0.7.2+dfsg-14
	[buster] - flightcrew 0.7.2+dfsg-13+deb10u1
	[stretch] - flightcrew 0.7.2+dfsg-9+deb9u1
	NOTE: https://github.com/Sigil-Ebook/flightcrew/issues/52
CVE-2019-13240 (An issue was discovered in GLPI before 9.4.1. After a successful passw ...)
	- glpi <removed> (unimportant)
	NOTE: https://github.com/glpi-project/glpi/commit/5da9f99b2d81713b1e36016b47ce656a33648bc7
	NOTE: https://github.com/glpi-project/glpi/commit/86a43ae47b3dd844947f40a2ffcf1a36e53dbba6
	NOTE: Only supported behind an authenticated HTTP zone
CVE-2019-13239 (inc/user.class.php in GLPI before 9.4.3 allows XSS via a user picture. ...)
	- glpi <removed> (unimportant)
	NOTE: https://github.com/glpi-project/glpi/commit/c2aa7a7cd6af28be3809acc7e7842d2d2008c0fb
	NOTE: Only supported behind an authenticated HTTP zone
CVE-2019-13238 (An issue was discovered in Bento4 1.5.1.0. A memory allocation failure ...)
	NOT-FOR-US: Bento4
CVE-2019-13237 (In Alkacon OpenCms 10.5.4 and 10.5.5, there are multiple resources vul ...)
	NOT-FOR-US: Alkacon OpenCms
CVE-2019-13236 (In system/workplace/ in Alkacon OpenCms 10.5.4 and 10.5.5, there are m ...)
	NOT-FOR-US: Alkacon OpenCms
CVE-2019-13235 (In the Alkacon OpenCms Apollo Template 10.5.4 and 10.5.5, there is XSS ...)
	NOT-FOR-US: Alkacon OpenCms
CVE-2019-13234 (In the Alkacon OpenCms Apollo Template 10.5.4 and 10.5.5, there is XSS ...)
	NOT-FOR-US: Alkacon OpenCms
CVE-2019-13232 (Info-ZIP UnZip 6.0 mishandles the overlapping of files inside a ZIP co ...)
	{DLA-1846-1}
	- unzip 6.0-24 (unimportant; bug #931433)
	[buster] - unzip 6.0-23+deb10u1
	[stretch] - unzip 6.0-21+deb9u2
	NOTE: https://www.bamsoftware.com/hacks/zipbomb/
	NOTE: Fixed by: https://github.com/madler/unzip/commit/47b3ceae397d21bf822bc2ac73052a4b1daf8e1c
	NOTE: Fix depends on: https://github.com/madler/unzip/commit/41beb477c5744bc396fa1162ee0c14218ec12213
	NOTE: Further commit needed: https://github.com/madler/unzip/commit/6d351831be705cc26d897db44f878a978f4138fc
	NOTE: No security impact, crash in CLI tool, any server implementing automatic extraction needs
	NOTE: to apply resource limits anyway
	NOTE: https://www.openwall.com/lists/oss-security/2019/08/06/3
CVE-2019-13231
	RESERVED
CVE-2019-13230
	RESERVED
CVE-2019-13229 (deepin-clone before 1.1.3 uses a fixed path /tmp/partclone.log in the  ...)
	- deepin-clone <itp> (bug #873045)
CVE-2019-13228 (deepin-clone before 1.1.3 uses a fixed path /tmp/repo.iso in the BootD ...)
	- deepin-clone <itp> (bug #873045)
CVE-2019-13227 (In GUI mode, deepin-clone before 1.1.3 creates a log file at the fixed ...)
	- deepin-clone <itp> (bug #873045)
CVE-2019-13226 (deepin-clone before 1.1.3 uses a predictable path /tmp/.deepin-clone/m ...)
	- deepin-clone <itp> (bug #873045)
CVE-2019-13233 (In arch/x86/lib/insn-eval.c in the Linux kernel before 5.1.9, there is ...)
	{DSA-4495-1}
	- linux 5.2.6-1
	[stretch] - linux <not-affected> (Vulnerable code introduced later)
	[jessie] - linux <not-affected> (Vulnerable code introduced later)
	NOTE: https://bugs.chromium.org/p/project-zero/issues/detail?id=1879
	NOTE: Fixed by: https://git.kernel.org/linus/de9f869616dd95e95c00bdd6b0fcd3421e8a4323
CVE-2019-13225 (A NULL Pointer Dereference in match_at() in regexec.c in Oniguruma 6.9 ...)
	- libonig 6.9.2-1 (low; bug #931878)
	[buster] - libonig <no-dsa> (Minor issue)
	[stretch] - libonig <no-dsa> (Minor issue)
	[jessie] - libonig <not-affected> (vulnerable code was introduced later)
	NOTE: https://github.com/kkos/oniguruma/commit/c509265c5f6ae7264f7b8a8aae1cfa5fc59d108c
CVE-2019-13224 (A use-after-free in onig_new_deluxe() in regext.c in Oniguruma 6.9.2 a ...)
	{DLA-1854-1}
	- libonig 6.9.2-1 (low; bug #931878)
	[buster] - libonig <no-dsa> (Minor issue)
	[stretch] - libonig <no-dsa> (Minor issue)
	NOTE: https://github.com/kkos/oniguruma/commit/0f7f61ed1b7b697e283e37bd2d731d0bd57adb55
CVE-2019-13223 (A reachable assertion in the lookup1_values function in stb_vorbis thr ...)
	- libstb 0.0~git20190817.1.052dce1-1 (bug #934966)
	[buster] - libstb <no-dsa> (Minor issue)
	NOTE: https://github.com/nothings/stb/commit/98fdfc6df88b1e34a736d5e126e6c8139c8de1a6
	NOTE: Potentially affects liblivemedia, retroarch, godot, yquake2, pax-britannica, libxmp, faudio
CVE-2019-13222 (An out-of-bounds read of a global buffer in the draw_line function in  ...)
	- libstb 0.0~git20190817.1.052dce1-1 (bug #934966)
	[buster] - libstb <no-dsa> (Minor issue)
	NOTE: https://github.com/nothings/stb/commit/98fdfc6df88b1e34a736d5e126e6c8139c8de1a6
	NOTE: Potentially affects liblivemedia, retroarch, godot, yquake2, pax-britannica, libxmp, faudio
CVE-2019-13221 (A stack buffer overflow in the compute_codewords function in stb_vorbi ...)
	- libstb 0.0~git20190817.1.052dce1-1 (bug #934966)
	[buster] - libstb <no-dsa> (Minor issue)
	NOTE: https://github.com/nothings/stb/commit/98fdfc6df88b1e34a736d5e126e6c8139c8de1a6
	NOTE: Potentially affects godot, libxmp, pax-britannica, faudio, retroarch, yquake2
CVE-2019-13220 (Use of uninitialized stack variables in the start_decoder function in  ...)
	- libstb 0.0~git20190817.1.052dce1-1 (bug #934966)
	[buster] - libstb <no-dsa> (Minor issue)
	NOTE: https://github.com/nothings/stb/commit/98fdfc6df88b1e34a736d5e126e6c8139c8de1a6
	NOTE: Potentially affects liblivemedia, retroarch, godot, yquake2, pax-britannica, libxmp, faudio
CVE-2019-13219 (A NULL pointer dereference in the get_window function in stb_vorbis th ...)
	- libstb 0.0~git20190817.1.052dce1-1 (bug #934966)
	[buster] - libstb <no-dsa> (Minor issue)
	NOTE: https://github.com/nothings/stb/commit/98fdfc6df88b1e34a736d5e126e6c8139c8de1a6
	NOTE: Potentially affects liblivemedia, retroarch, godot, yquake2, pax-britannica, libxmp, faudio
CVE-2019-13218 (Division by zero in the predict_point function in stb_vorbis through 2 ...)
	- libstb 0.0~git20190817.1.052dce1-1 (bug #934966)
	[buster] - libstb <no-dsa> (Minor issue)
	NOTE: https://github.com/nothings/stb/commit/98fdfc6df88b1e34a736d5e126e6c8139c8de1a6
	NOTE: Potentially affects godot, libxmp, pax-britannica, faudio, retroarch, yquake2
CVE-2019-13217 (A heap buffer overflow in the start_decoder function in stb_vorbis thr ...)
	- libstb 0.0~git20190817.1.052dce1-1 (bug #934966)
	[buster] - libstb <no-dsa> (Minor issue)
	NOTE: https://github.com/nothings/stb/commit/98fdfc6df88b1e34a736d5e126e6c8139c8de1a6
	NOTE: Potentially affects liblivemedia, retroarch, godot, yquake2, pax-britannica, libxmp, faudio
CVE-2019-13216
	RESERVED
CVE-2019-13215
	RESERVED
CVE-2019-13214
	RESERVED
CVE-2019-13213
	RESERVED
CVE-2019-13212
	RESERVED
CVE-2019-13211
	RESERVED
CVE-2019-13210
	RESERVED
CVE-2019-13209 (Rancher 2 through 2.2.4 is vulnerable to a Cross-Site Websocket Hijack ...)
	NOT-FOR-US: Rancher
CVE-2019-13208 (WavesSysSvc in Waves MAXX Audio allows privilege escalation because th ...)
	NOT-FOR-US: Waves MAXX Audio
CVE-2019-13207 (nsd-checkzone in NLnet Labs NSD 4.2.0 has a Stack-based Buffer Overflo ...)
	- nsd 4.2.4-1 (low; bug #931476)
	[buster] - nsd <no-dsa> (Minor issue)
	[stretch] - nsd <no-dsa> (Minor issue)
	[jessie] - nsd <postponed> (Minor issue, crash on malformed admin-controlled disk configuration)
	- nsd3 <removed>
	NOTE: https://github.com/NLnetLabs/nsd/issues/20
	NOTE: https://github.com/NLnetLabs/nsd/commit/91102da24d5949ccfec8fdab5bae2d01c4cabab5
CVE-2019-13206 (Some Kyocera printers (such as the ECOSYS M5526cdw 2R7_2000.001.701) w ...)
	NOT-FOR-US: Kyocera
CVE-2019-13205 (All configuration parameters of certain Kyocera printers (such as the  ...)
	NOT-FOR-US: Kyocera
CVE-2019-13204 (Some Kyocera printers (such as the ECOSYS M5526cdw 2R7_2000.001.701) w ...)
	NOT-FOR-US: Kyocera
CVE-2019-13203 (Some Kyocera printers (such as the ECOSYS M5526cdw 2R7_2000.001.701) w ...)
	NOT-FOR-US: Kyocera
CVE-2019-13202 (Some Kyocera printers (such as the ECOSYS M5526cdw 2R7_2000.001.701) w ...)
	NOT-FOR-US: Kyocera
CVE-2019-13201 (Some Kyocera printers (such as the ECOSYS M5526cdw 2R7_2000.001.701) w ...)
	NOT-FOR-US: Kyocera
CVE-2019-13200 (The web application of several Kyocera printers (such as the ECOSYS M5 ...)
	NOT-FOR-US: Kyocera
CVE-2019-13199 (Some Kyocera printers (such as the ECOSYS M5526cdw 2R7_2000.001.701) d ...)
	NOT-FOR-US: Kyocera
CVE-2019-13198 (The web application of several Kyocera printers (such as the ECOSYS M5 ...)
	NOT-FOR-US: Kyocera
CVE-2019-13197 (Some Kyocera printers (such as the ECOSYS M5526cdw 2R7_2000.001.701) w ...)
	NOT-FOR-US: Kyocera
CVE-2019-13196 (Some Kyocera printers (such as the ECOSYS M5526cdw 2R7_2000.001.701) w ...)
	NOT-FOR-US: Kyocera
CVE-2019-13195 (The web application of some Kyocera printers (such as the ECOSYS M5526 ...)
	NOT-FOR-US: Kyocera
CVE-2019-13194 (Some Brother printers (such as the HL-L8360CDW v1.20) were affected by ...)
	NOT-FOR-US: Brother
CVE-2019-13193 (Some Brother printers (such as the HL-L8360CDW v1.20) were affected by ...)
	NOT-FOR-US: Brother
CVE-2019-13192 (Some Brother printers (such as the HL-L8360CDW v1.20) were affected by ...)
	NOT-FOR-US: Brother
CVE-2019-13191 (A SQL injection vulnerability in IntraMaps MapControl 8 allows attacke ...)
	NOT-FOR-US: IntraMaps MapControl
CVE-2019-13190 (In Knowage through 6.1.1, the sign up page does not invalidate a valid ...)
	NOT-FOR-US: Knowage
CVE-2019-13189 (In Knowage through 6.1.1, there is XSS via the start_url or user_id fi ...)
	NOT-FOR-US: Knowage
CVE-2019-13188 (In Knowage through 6.1.1, an unauthenticated user can bypass access co ...)
	NOT-FOR-US: Knowage
CVE-2019-13187 (The Rich Text Formatter (Redactor) extension through v1.1.1 for Sympho ...)
	NOT-FOR-US: Symphony CMS addon
CVE-2019-13186 (In MiniCMS V1.10, stored XSS was found in mc-admin/post-edit.php via t ...)
	NOT-FOR-US: MiniCMS
CVE-2019-13185
	RESERVED
CVE-2019-13184
	RESERVED
CVE-2019-13183 (Flarum before 0.1.0-beta.9 allows CSRF against all POST endpoints, as  ...)
	NOT-FOR-US: Flarum
CVE-2019-13182 (A stored cross-site scripting (XSS) vulnerability exists in the web UI ...)
	NOT-FOR-US: SolarWinds
CVE-2019-13181 (A CSV injection vulnerability exists in the web UI of SolarWinds Serv- ...)
	NOT-FOR-US: SolarWinds
CVE-2019-13180
	RESERVED
CVE-2019-13179 (Calamares versions 3.1 through 3.2.10 copies a LUKS encryption keyfile ...)
	- calamares 3.2.11-1 (bug #931392)
	[buster] - calamares <ignored> (Mitigated via calamares-settings-debian in Debian)
	- calamares-settings-debian 10.0.23-1 (bug #931373)
	[buster] - calamares-settings-debian 10.0.20-1+deb10u1
	NOTE: https://github.com/calamares/calamares/issues/1191
	NOTE: https://github.com/calamares/calamares/commit/003096698627a527b589c0c929dda4d58f23fd93
	NOTE: The issue itself can be adressed as well via calamares-settings-debian and
	NOTE: placing a more restrictive umask override in /etc/initramfs-tools/conf.d
	NOTE: directory.
	NOTE: https://github.com/calamares/calamares/commit/43eb664e7d44d963bb7b82d03215d84b47100ba0
	NOTE: Fixed by: https://github.com/calamares/calamares/commit/c9b675cbc64ac5aab35ddd86a64311abd50f7720
CVE-2019-13178 (modules/luksbootkeyfile/main.py in Calamares versions 3.1 through 3.2. ...)
	- calamares 3.2.11-1 (unimportant; bug #931391)
	NOTE: https://github.com/calamares/calamares/issues/1190
	NOTE: Fixed by: https://github.com/calamares/calamares/commit/c9b675cbc64ac5aab35ddd86a64311abd50f7720
	NOTE: Negligible security impact, Debian live media grant a sudo root shell anyway
CVE-2019-13177 (verification.py in django-rest-registration (aka Django REST Registrat ...)
	NOT-FOR-US: django-rest-registration
CVE-2019-13176 (An issue was discovered in the 3CX Phone system (web) management conso ...)
	NOT-FOR-US: 3CX Phone system
CVE-2019-13175 (Read the Docs before 3.5.1 has an Open Redirect if certain user-define ...)
	NOT-FOR-US: Read the Docs
CVE-2019-13174
	RESERVED
CVE-2019-13173 (fstream before 1.0.12 is vulnerable to Arbitrary File Overwrite. Extra ...)
	- node-fstream 1.0.12-1 (bug #931408)
	[buster] - node-fstream 1.0.10-1+deb10u1
	[stretch] - node-fstream 1.0.10-1+deb9u1
	[jessie] - node-fstream <end-of-life> (Nodejs in jessie not covered by security support)
	NOTE: https://www.npmjs.com/advisories/886
	NOTE: https://github.com/npm/fstream/commit/6a77d2fa6e1462693cf8e46f930da96ec1b0bb22
CVE-2019-13172 (Some Xerox printers (such as the Phaser 3320 V53.006.16.000) were affe ...)
	NOT-FOR-US: Xerox
CVE-2019-13171 (Some Xerox printers (such as the Phaser 3320 V53.006.16.000) were affe ...)
	NOT-FOR-US: Xerox
CVE-2019-13170 (Some Xerox printers (such as the Phaser 3320 V53.006.16.000) did not i ...)
	NOT-FOR-US: Xerox
CVE-2019-13169 (Some Xerox printers (such as the Phaser 3320 V53.006.16.000) were affe ...)
	NOT-FOR-US: Xerox
CVE-2019-13168 (Some Xerox printers (such as the Phaser 3320 V53.006.16.000) were affe ...)
	NOT-FOR-US: Xerox
CVE-2019-13167 (Multiple Stored XSS vulnerabilities were found in the Xerox Web Applic ...)
	NOT-FOR-US: Xerox
CVE-2019-13166 (Some Xerox printers (such as the Phaser 3320 V53.006.16.000) did not i ...)
	NOT-FOR-US: Xerox
CVE-2019-13165 (Some Xerox printers (such as the Phaser 3320 V53.006.16.000) were affe ...)
	NOT-FOR-US: Xerox
CVE-2019-13164 (qemu-bridge-helper.c in QEMU 4.0.0 does not ensure that a network inte ...)
	{DSA-4512-1 DSA-4506-1 DLA-1927-1}
	- qemu 1:4.1-1 (bug #931351)
	- qemu-kvm <removed>
	NOTE: https://lists.gnu.org/archive/html/qemu-devel/2019-07/msg00245.html
	NOTE: https://git.qemu.org/?p=qemu.git;a=commitdiff;h=6f5d8671225dc77190647f18a27a0d156d4ca97a
CVE-2019-13163 (The Fujitsu TLS library allows a man-in-the-middle attack. This affect ...)
	NOT-FOR-US: Fujitsu
CVE-2019-13162
	RESERVED
CVE-2019-13161 (An issue was discovered in Asterisk Open Source through 13.27.0, 14.x  ...)
	- asterisk 1:16.2.1~dfsg-2 (low; bug #931981)
	[buster] - asterisk 1:16.2.1~dfsg-1+deb10u1
	[stretch] - asterisk <no-dsa> (Minor issue)
	[jessie] - asterisk <postponed> (Minor issue)
	NOTE: http://downloads.digium.com/pub/security/AST-2019-003.html
	NOTE: https://issues.asterisk.org/jira/browse/ASTERISK-28465
CVE-2019-13160
	RESERVED
CVE-2019-13159
	RESERVED
CVE-2019-13158
	RESERVED
CVE-2019-13157 (nsGreen.dll in Naver Vaccine 2.1.4 allows remote attackers to overwrit ...)
	NOT-FOR-US: Naver Vaccine
CVE-2019-13156 (NDrive(1.2.2).sys in Naver Cloud Explorer has a stack-based buffer ove ...)
	NOT-FOR-US: Naver Cloud Explorer
CVE-2019-13155 (An issue was discovered in TRENDnet TEW-827DRU firmware before 2.05B11 ...)
	NOT-FOR-US: TRENDnet TEW-827DRU firmware
CVE-2019-13154 (An issue was discovered in TRENDnet TEW-827DRU firmware before 2.05B11 ...)
	NOT-FOR-US: TRENDnet TEW-827DRU firmware
CVE-2019-13153 (An issue was discovered in TRENDnet TEW-827DRU firmware before 2.05B11 ...)
	NOT-FOR-US: TRENDnet TEW-827DRU firmware
CVE-2019-13152 (An issue was discovered in TRENDnet TEW-827DRU firmware before 2.05B11 ...)
	NOT-FOR-US: TRENDnet TEW-827DRU firmware
CVE-2019-13151 (An issue was discovered in TRENDnet TEW-827DRU firmware before 2.05B11 ...)
	NOT-FOR-US: TRENDnet TEW-827DRU firmware
CVE-2019-13150 (An issue was discovered in TRENDnet TEW-827DRU firmware before 2.05B11 ...)
	NOT-FOR-US: TRENDnet TEW-827DRU firmware
CVE-2019-13149 (An issue was discovered in TRENDnet TEW-827DRU firmware before 2.05B11 ...)
	NOT-FOR-US: TRENDnet TEW-827DRU firmware
CVE-2019-13148 (An issue was discovered in TRENDnet TEW-827DRU firmware before 2.05B11 ...)
	NOT-FOR-US: TRENDnet TEW-827DRU firmware
CVE-2019-13147 (In Audio File Library (aka audiofile) 0.3.6, there exists one NULL poi ...)
	- audiofile <unfixed> (low; bug #931343)
	[buster] - audiofile <no-dsa> (Minor issue)
	[stretch] - audiofile <no-dsa> (Minor issue)
	[jessie] - audiofile <postponed> (Minor issue, local DoS)
	NOTE: https://github.com/mpruett/audiofile/issues/54
CVE-2019-13146 (The field_test gem 0.3.0 for Ruby has unvalidated input. A method call ...)
	NOT-FOR-US: field_test gem
CVE-2019-13145
	REJECTED
CVE-2019-13144 (myTinyTodo 1.3.3 through 1.4.3 allows CSV Injection. This is fixed in  ...)
	NOT-FOR-US: myTinyTodo
CVE-2019-13143 (An HTTP parameter pollution issue was discovered on Shenzhen Dragon Br ...)
	NOT-FOR-US: Shenzhen Dragon Brothers Fingerprint Bluetooth Round Padlock FB50
CVE-2019-13142 (The RzSurroundVADStreamingService (RzSurroundVADStreamingService.exe)  ...)
	NOT-FOR-US: Razer Surround
CVE-2019-13141
	RESERVED
CVE-2019-13140 (Inteno EG200 EG200-WU7P1U_ADAMO3.16.4-190226_1650 routers have a JUCI  ...)
	NOT-FOR-US: Inteno
CVE-2019-13139 (In Docker before 18.09.4, an attacker who is capable of supplying or m ...)
	{DSA-4521-1}
	[experimental] - docker.io 18.09.5+dfsg1-1
	- docker.io 18.09.1+dfsg1-8 (bug #933002)
	NOTE: https://github.com/moby/moby/pull/38944
	NOTE: https://staaldraad.github.io/post/2019-07-16-cve-2019-13139-docker-build/
CVE-2019-13138
	RESERVED
CVE-2019-13137 (ImageMagick before 7.0.8-50 has a memory leak vulnerability in the fun ...)
	- imagemagick <unfixed> (unimportant; bug #931342)
	NOTE: https://github.com/ImageMagick/ImageMagick/issues/1601
	NOTE: https://github.com/ImageMagick/ImageMagick6/commit/7d11230060fa9c8f67e53c85224daf6648805c7b
CVE-2019-13136 (ImageMagick before 7.0.8-50 has an integer overflow vulnerability in t ...)
	- imagemagick <not-affected> (Vulnerable code introduced later)
	NOTE: https://github.com/ImageMagick/ImageMagick/commit/fe5f4b85e6b1b54d3b4588a77133c06ade46d891
	NOTE: https://github.com/ImageMagick/ImageMagick/issues/1602
CVE-2019-13135 (ImageMagick before 7.0.8-50 has a "use of uninitialized value" vulnera ...)
	{DLA-1888-1}
	- imagemagick <unfixed> (bug #932079)
	[buster] - imagemagick <ignored> (Minor issue)
	[stretch] - imagemagick <ignored> (Minor issue)
	NOTE: https://github.com/ImageMagick/ImageMagick/issues/1599
	NOTE: https://github.com/ImageMagick/ImageMagick/commit/cdb383749ef7b68a38891440af8cc23e0115306d (7.x)
	NOTE: https://github.com/ImageMagick/ImageMagick6/commit/1e59b29e520d2beab73e8c78aacd5f1c0d76196d (6.x)
CVE-2019-13134 (ImageMagick before 7.0.8-50 has a memory leak vulnerability in the fun ...)
	- imagemagick <not-affected> (Only affects Imagemagick 7)
	NOTE: https://github.com/ImageMagick/ImageMagick/commit/fe3066122ef72c82415811d25e9e3fad622c0a99
	NOTE: https://github.com/ImageMagick/ImageMagick/issues/1600
CVE-2019-13133 (ImageMagick before 7.0.8-50 has a memory leak vulnerability in the fun ...)
	- imagemagick <not-affected> (Only affects Imagemagick 7)
	NOTE: https://github.com/ImageMagick/ImageMagick/commit/fe3066122ef72c82415811d25e9e3fad622c0a99
	NOTE: https://github.com/ImageMagick/ImageMagick/issues/1600
CVE-2019-13132 (In ZeroMQ libzmq before 4.0.9, 4.1.x before 4.1.7, and 4.2.x before 4. ...)
	{DSA-4477-1 DLA-1849-1}
	- zeromq3 4.3.1-5
	NOTE: https://github.com/zeromq/libzmq/issues/3558
CVE-2019-13131 (Super Micro SuperDoctor 5, when restrictions are not implemented in ag ...)
	NOT-FOR-US: Super Micro SuperDoctor
CVE-2019-13130
	RESERVED
CVE-2019-13129 (On the Motorola router CX2L MWR04L 1.01, there is a stack consumption  ...)
	NOT-FOR-US: Motorola
CVE-2019-13128 (An issue was discovered on D-Link DIR-823G devices with firmware 1.02B ...)
	NOT-FOR-US: D-Link
CVE-2019-13127 (An issue was discovered in mxGraph through 4.0.0, related to the "draw ...)
	NOT-FOR-US: mxGraph
CVE-2019-13126 (An integer overflow in NATS Server before 2.0.2 allows a remote attack ...)
	NOT-FOR-US: NATS Server
CVE-2019-13125 (HaboMalHunter through 2.0.0.3 in Tencent Habo allows attackers to evad ...)
	NOT-FOR-US: Tencent
CVE-2019-13124 (Foxit Reader 9.6.0.25114 and earlier has two unique RecursiveCall bugs ...)
	NOT-FOR-US: Foxit Reader
CVE-2019-13123 (Foxit Reader 9.6.0.25114 and earlier has two unique RecursiveCall bugs ...)
	NOT-FOR-US: Foxit Reader
CVE-2019-13122 (A Cross Site Scripting (XSS) vulnerability exists in the template tag  ...)
	NOT-FOR-US: Patchwork
CVE-2019-13121 (An issue was discovered in GitLab Enterprise Edition 10.6 through 12.0 ...)
	[experimental] - gitlab 11.10.8+dfsg-1
	- gitlab 12.6.8-3
	NOTE: https://about.gitlab.com/2019/07/03/security-release-gitlab-12-dot-0-dot-3-released/
CVE-2019-13120 (Amazon FreeRTOS up to and including v1.4.8 lacks length checking in pr ...)
	NOT-FOR-US: Amazon FreeRTOS
CVE-2019-13119
	RESERVED
CVE-2019-13118 (In numbers.c in libxslt 1.1.33, a type holding grouping characters of  ...)
	{DLA-1860-1}
	- libxslt 1.1.32-2.1 (low; bug #931320; bug #933743)
	[buster] - libxslt 1.1.32-2.1~deb10u1
	[stretch] - libxslt 1.1.29-2.1+deb9u1
	NOTE: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=15069
	NOTE: https://gitlab.gnome.org/GNOME/libxslt/commit/6ce8de69330783977dd14f6569419489875fb71b
	NOTE: https://oss-fuzz.com/testcase-detail/5197371471822848
CVE-2019-13117 (In numbers.c in libxslt 1.1.33, an xsl:number with certain format stri ...)
	{DLA-1860-1}
	- libxslt 1.1.32-2.1 (low; bug #931321; bug #933743)
	[buster] - libxslt 1.1.32-2.1~deb10u1
	[stretch] - libxslt 1.1.29-2.1+deb9u1
	NOTE: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=14471
	NOTE: https://gitlab.gnome.org/GNOME/libxslt/commit/c5eb6cf3aba0af048596106ed839b4ae17ecbcb1
	NOTE: https://oss-fuzz.com/testcase-detail/5631739747106816
CVE-2019-13116 (The MuleSoft Mule Community Edition runtime engine before 3.8 allows r ...)
	NOT-FOR-US: MuleSoft Mule
CVE-2019-13115 (In libssh2 before 1.9.0, kex_method_diffie_hellman_group_exchange_sha2 ...)
	{DLA-1730-3}
	- libssh2 <unfixed> (bug #932329)
	[buster] - libssh2 <no-dsa> (Minor issue)
	[stretch] - libssh2 <no-dsa> (Minor issue)
	NOTE: https://blog.semmle.com/libssh2-integer-overflow/
	NOTE: https://github.com/libssh2/libssh2/pull/350
CVE-2019-13114 (http.c in Exiv2 through 0.27.1 allows a malicious http server to cause ...)
	- exiv2 0.27.2-6 (low)
	[buster] - exiv2 <ignored> (Minor issue)
	[stretch] - exiv2 <ignored> (Minor issue)
	[jessie] - exiv2 <not-affected> (HTTP support yet added in 0.25)
	NOTE: https://github.com/Exiv2/exiv2/commit/ccde30afa8ca787a3fe17388a15977f107a53b72
	NOTE: https://github.com/Exiv2/exiv2/issues/793
CVE-2019-13113 (Exiv2 through 0.27.1 allows an attacker to cause a denial of service ( ...)
	- exiv2 0.27.2-6 (unimportant)
	NOTE: https://github.com/Exiv2/exiv2/commit/6212806b7637be683a56c769a8d905153996d933
	NOTE: https://github.com/Exiv2/exiv2/commit/ccde30afa8ca787a3fe17388a15977f107a53b72
	NOTE: https://github.com/Exiv2/exiv2/issues/841
	NOTE: Negligible security impact
CVE-2019-13112 (A PngChunk::parseChunkContent uncontrolled memory allocation in Exiv2  ...)
	- exiv2 0.27.2-6 (low)
	[buster] - exiv2 <ignored> (Minor issue)
	[stretch] - exiv2 <ignored> (Minor issue)
	[jessie] - exiv2 <ignored> (Minor issue, clean exception / local DoS)
	NOTE: https://github.com/Exiv2/exiv2/commit/1ed1e03c83802547585833fa9d4433af94798778
	NOTE: https://github.com/Exiv2/exiv2/issues/845
CVE-2019-13111 (A WebPImage::decodeChunks integer overflow in Exiv2 through 0.27.1 all ...)
	- exiv2 <not-affected> (Only affected 0.27, vulnerable versions were only in experimental)
	NOTE: https://github.com/Exiv2/exiv2/issues/791
	NOTE: https://github.com/Exiv2/exiv2/pull/797/commits
CVE-2019-13110 (A CiffDirectory::readDirectory integer overflow and out-of-bounds read ...)
	- exiv2 0.27.2-6 (low)
	[buster] - exiv2 <ignored> (Minor issue)
	[stretch] - exiv2 <ignored> (Minor issue)
	[jessie] - exiv2 <ignored> (Minor issue, read segfault)
	NOTE: https://github.com/Exiv2/exiv2/issues/843
	NOTE: https://github.com/Exiv2/exiv2/commit/9628f82084ed30d494ddd4f7360d233801e22967
CVE-2019-13109 (An integer overflow in Exiv2 through 0.27.1 allows an attacker to caus ...)
	- exiv2 0.27.2-6 (low)
	[buster] - exiv2 <ignored> (Minor issue)
	[stretch] - exiv2 <ignored> (Minor issue)
	[jessie] - exiv2 <not-affected> (ICC-specific support added in 0.26, PoC doesn't crash)
	NOTE: https://github.com/Exiv2/exiv2/commit/491c3ebe3b3faa6d8f75fb28146186792c2439da
	NOTE: https://github.com/Exiv2/exiv2/issues/790
CVE-2019-13108 (An integer overflow in Exiv2 through 0.27.1 allows an attacker to caus ...)
	- exiv2 0.27.2-6 (low)
	[buster] - exiv2 <ignored> (Minor issue)
	[stretch] - exiv2 <ignored> (Minor issue)
	[jessie] - exiv2 <not-affected> (ICC-specific support added in 0.26, PoC doesn't crash)
	NOTE: https://github.com/Exiv2/exiv2/commit/5d1d6981229b5e44401bf5c503100553fc7d877a
	NOTE: https://github.com/Exiv2/exiv2/issues/789
CVE-2019-13107 (Multiple integer overflows exist in MATIO before 1.5.16, related to ma ...)
	[experimental] - libmatio 1.5.16-1
	- libmatio 1.5.17-3 (bug #931323)
	[buster] - libmatio <no-dsa> (Minor issue)
	[stretch] - libmatio <no-dsa> (Minor issue)
	NOTE: Several commits between 1.5.15..1.5.16: https://github.com/tbeu/matio/compare/f8cd397...fabac6c
CVE-2019-13106 (Das U-Boot versions 2016.09 through 2019.07-rc4 can memset() too much  ...)
	- u-boot 2020.01+dfsg-1 (low)
	[buster] - u-boot <no-dsa> (Minor issue)
	[stretch] - u-boot <no-dsa> (Minor issue)
	[jessie] - u-boot <no-dsa> (Minor issue)
	NOTE: https://lists.denx.de/pipermail/u-boot/2019-July/375516.html
	NOTE: https://gitlab.denx.de/u-boot/u-boot/commit/e205896c5383c938274262524adceb2775fb03ba
CVE-2019-13105 (Das U-Boot versions 2019.07-rc1 through 2019.07-rc4 can double-free a  ...)
	- u-boot 2020.01+dfsg-1 (low)
	[buster] - u-boot <no-dsa> (Minor issue)
	[stretch] - u-boot <no-dsa> (Minor issue)
	[jessie] - u-boot <no-dsa> (Minor issue)
	NOTE: https://lists.denx.de/pipermail/u-boot/2019-July/375513.html
	NOTE: https://gitlab.denx.de/u-boot/u-boot/commit/6e5a79de658cb1c8012c86e0837379aa6eabd024
CVE-2019-13104 (In Das U-Boot versions 2016.11-rc1 through 2019.07-rc4, an underflow c ...)
	- u-boot 2020.01+dfsg-1 (low)
	[buster] - u-boot <no-dsa> (Minor issue)
	[stretch] - u-boot <no-dsa> (Minor issue)
	[jessie] - u-boot <no-dsa> (Minor issue)
	NOTE: https://lists.denx.de/pipermail/u-boot/2019-July/375514.html
	NOTE: https://gitlab.denx.de/u-boot/u-boot/commit/878269dbe74229005dd7f27aca66c554e31dad8e
CVE-2019-13103 (A crafted self-referential DOS partition table will cause all Das U-Bo ...)
	- u-boot 2020.01+dfsg-1 (low)
	[buster] - u-boot <no-dsa> (Minor issue)
	[stretch] - u-boot <no-dsa> (Minor issue)
	[jessie] - u-boot <no-dsa> (Minor issue)
	NOTE: https://lists.denx.de/pipermail/u-boot/2019-July/375512.html
	NOTE: https://gitlab.denx.de/u-boot/u-boot/commit/232e2f4fd9a24bf08215ddc8c53ccadffc841fb5
CVE-2019-13102
	RESERVED
CVE-2019-13101 (An issue was discovered on D-Link DIR-600M 3.02, 3.03, 3.04, and 3.06  ...)
	NOT-FOR-US: D-Link
CVE-2019-13100 (The Send Anywhere application 9.4.18 for Android stores confidential i ...)
	NOT-FOR-US: Send Anywhere application for Android
CVE-2019-13099 (The Momo application 2.1.9 for Android stores confidential information ...)
	NOT-FOR-US: Momo application for Android
CVE-2019-13098 (The user password via the registration form of TronLink Wallet 2.2.0 i ...)
	NOT-FOR-US: TronLink Wallet
CVE-2019-13097 (The application API of Cat Runner Decorate Home version 2.8.0 for Andr ...)
	NOT-FOR-US: Cat Runner Decorate Home
CVE-2019-13096 (TronLink Wallet 2.2.0 stores user wallet keystore in plaintext and pla ...)
	NOT-FOR-US: TronLink Wallet
CVE-2019-13095
	RESERVED
CVE-2019-13094
	RESERVED
CVE-2019-13093
	RESERVED
CVE-2019-13092
	RESERVED
CVE-2019-13091
	RESERVED
CVE-2019-13090
	RESERVED
CVE-2019-13089
	RESERVED
CVE-2019-13088
	RESERVED
CVE-2019-13087
	RESERVED
CVE-2019-13086 (core/MY_Security.php in CSZ CMS 1.2.2 before 2019-06-20 has member/log ...)
	NOT-FOR-US: CSZ CMS
CVE-2019-13085 (XnView Classic 2.48 has a User Mode Write AV starting at xnview+0x0000 ...)
	NOT-FOR-US: XnView
CVE-2019-13084 (XnView Classic 2.48 has a User Mode Write AV starting at xnview+0x0000 ...)
	NOT-FOR-US: XnView
CVE-2019-13083 (XnView Classic 2.48 has a User Mode Write AV starting at xnview+0x0000 ...)
	NOT-FOR-US: XnView
CVE-2019-13082 (Chamilo LMS 1.11.8 and 2.x allows remote code execution through an lp_ ...)
	NOT-FOR-US: Chamilo LMS
CVE-2019-13081 (Quest KACE Systems Management Appliance Server Center 9.1.317 has an X ...)
	NOT-FOR-US: Quest KACE Systems Management Appliance Server Center
CVE-2019-13080 (Quest KACE Systems Management Appliance Server Center 9.1.317 has an X ...)
	NOT-FOR-US: Quest KACE Systems Management Appliance Server Center
CVE-2019-13079 (Quest KACE Systems Management Appliance Server Center 9.1.317 is vulne ...)
	NOT-FOR-US: Quest KACE Systems Management Appliance Server Center
CVE-2019-13078 (Quest KACE Systems Management Appliance Server Center 9.1.317 is vulne ...)
	NOT-FOR-US: Quest KACE Systems Management Appliance Server Center
CVE-2019-13077 (Quest KACE Systems Management Appliance Server Center 9.1.317 has an X ...)
	NOT-FOR-US: Quest KACE Systems Management Appliance Server Center
CVE-2019-13076 (Quest KACE Systems Management Appliance Server Center 9.1.317 is vulne ...)
	NOT-FOR-US: Quest KACE Systems Management Appliance Server Center
CVE-2019-13075 (Tor Browser through 8.5.3 has an information exposure vulnerability. I ...)
	- firefox-esr 68.2.0esr-1 (unimportant)
	- firefox 68.0-1 (unimportant)
	NOTE: https://hackerone.com/reports/588239
	NOTE: https://trac.torproject.org/projects/tor/ticket/30657
	NOTE: This affects Firefox, but it's not a security issue in Firefox by itself
CVE-2019-13074 (A vulnerability in the FTP daemon on MikroTik routers through 6.44.3 c ...)
	NOT-FOR-US: MikroTik
CVE-2019-13073
	RESERVED
CVE-2019-13072 (Stored XSS in the Filters page (Name field) in ZoneMinder 1.32.3 allow ...)
	- zoneminder 1.34.6-1
	NOTE: https://github.com/ZoneMinder/zoneminder/issues/2642
CVE-2019-13071 (CSRF in the Agent/Center component of CyberPower PowerPanel Business E ...)
	NOT-FOR-US: CyberPower PowerPanel Business Edition
CVE-2019-13070 (A stored XSS vulnerability in the Agent/Center component of CyberPower ...)
	NOT-FOR-US: CyberPower PowerPanel Business Edition
CVE-2019-13069 (extenua SilverSHielD 6.x fails to secure its ProgramData folder, leadi ...)
	NOT-FOR-US: extenua SilverSHielD
CVE-2019-13068 (public/app/features/panel/panel_ctrl.ts in Grafana before 6.2.5 allows ...)
	- grafana <removed>
	NOTE: https://github.com/grafana/grafana/issues/17718
CVE-2019-13067 (njs through 0.3.3, used in NGINX, has a buffer over-read in nxt_utf8_d ...)
	NOT-FOR-US: njs
CVE-2019-13066 (Sahi Pro 8.0.0 has a script manager arena located at _s_/dyn/pro/DBRep ...)
	NOT-FOR-US: Sahi Pro
CVE-2019-13065
	RESERVED
CVE-2019-13064
	RESERVED
CVE-2019-13063 (Within Sahi Pro 8.0.0, an attacker can send a specially crafted URL to ...)
	NOT-FOR-US: Sahi Pro
CVE-2019-13062
	RESERVED
CVE-2019-13061
	RESERVED
CVE-2019-13060
	RESERVED
CVE-2019-13059
	RESERVED
CVE-2019-13058
	RESERVED
CVE-2019-13057 (An issue was discovered in the server in OpenLDAP before 2.4.48. When  ...)
	{DLA-1891-1}
	- openldap 2.4.48+dfsg-1 (low; bug #932997)
	[buster] - openldap 2.4.47+dfsg-3+deb10u1
	[stretch] - openldap 2.4.44+dfsg-5+deb9u3
	NOTE: https://openldap.org/its/?findid=9038
CVE-2019-13056 (An issue was discovered in CyberPanel through 1.8.4. On the user edit  ...)
	NOT-FOR-US: CyberPanel
CVE-2019-13055 (Certain Logitech Unifying devices allow attackers to dump AES keys and ...)
	NOT-FOR-US: Logitech
CVE-2019-13054 (The Logitech R500 presentation clicker allows attackers to determine t ...)
	NOT-FOR-US: Logitech
CVE-2019-13053 (Logitech Unifying devices allow keystroke injection, bypassing encrypt ...)
	NOT-FOR-US: Logitech
CVE-2019-13052 (Logitech Unifying devices allow live decryption if the pairing of a ke ...)
	NOT-FOR-US: Logitech
CVE-2019-13051 (Pi-Hole 4.3 allows Command Injection. ...)
	NOT-FOR-US: Pi-Hole
CVE-2019-13050 (Interaction between the sks-keyserver code through 1.2.0 of the SKS ke ...)
	NOT-FOR-US: Conceptual weakness in PGP keyserver design
CVE-2019-13049 (An integer wrap in kernel/sys/syscall.c in ToaruOS 1.10.10 allows user ...)
	NOT-FOR-US: ToaruOS
CVE-2019-13048 (kernel/sys/syscall.c in ToaruOS through 1.10.9 allows a denial of serv ...)
	NOT-FOR-US: ToaruOS
CVE-2019-13047 (kernel/sys/syscall.c in ToaruOS through 1.10.9 has incorrect access co ...)
	NOT-FOR-US: ToaruOS
CVE-2019-13046 (linker/linker.c in ToaruOS through 1.10.9 has insecure LD_LIBRARY_PATH ...)
	NOT-FOR-US: ToaruOS
CVE-2019-13044
	REJECTED
CVE-2019-13043
	RESERVED
CVE-2019-13042
	RESERVED
CVE-2019-13041
	RESERVED
CVE-2019-13040
	RESERVED
CVE-2019-13039
	RESERVED
CVE-2019-13038 (mod_auth_mellon through 0.14.2 has an Open Redirect via the login?Retu ...)
	- libapache2-mod-auth-mellon 0.15.0-1 (low; bug #931265)
	[buster] - libapache2-mod-auth-mellon <no-dsa> (Minor issue)
	[stretch] - libapache2-mod-auth-mellon <no-dsa> (Minor issue)
	[jessie] - libapache2-mod-auth-mellon <ignored> (Open Redirect protection not implemented yet)
	NOTE: https://github.com/Uninett/mod_auth_mellon/issues/35#issuecomment-503974885
CVE-2019-13037
	RESERVED
CVE-2019-13036
	RESERVED
CVE-2019-13035 (Artica Pandora FMS 7.0 NG before 735 suffers from local privilege esca ...)
	NOT-FOR-US: Artica Pandora FMS
CVE-2019-13034
	RESERVED
CVE-2019-13045 (Irssi before 1.0.8, 1.1.x before 1.1.3, and 1.2.x before 1.2.1, when S ...)
	- irssi 1.2.1-1 (low; bug #931264)
	[buster] - irssi <no-dsa> (Minor issue)
	[stretch] - irssi <no-dsa> (Minor issue)
	[jessie] - irssi <not-affected> (vulnerable sasl code is not present)
	NOTE: https://irssi.org/security/irssi_sa_2019_06.txt
	NOTE: https://github.com/irssi/irssi/pull/1058
	NOTE: https://github.com/irssi/irssi/commit/5a67b983dc97caeb5df1139aabd0bc4f260a47d8
	NOTE: Fixed in 1.0.8, 1.1.3, 1.2.1
CVE-2019-13033
	RESERVED
CVE-2019-13032 (An issue was discovered in FlightCrew v0.9.2 and earlier. A NULL point ...)
	- flightcrew 0.7.2+dfsg-14 (unimportant; bug #931246)
	[buster] - flightcrew 0.7.2+dfsg-13+deb10u1
	[stretch] - flightcrew 0.7.2+dfsg-9+deb9u1
	NOTE: https://github.com/Sigil-Ebook/flightcrew/issues/53
	NOTE: https://github.com/Sigil-Ebook/flightcrew/commit/c75c100218ed5c0e7652947051e28b54a75212ae
	NOTE: https://github.com/Sigil-Ebook/flightcrew/commit/b4f4a70f604ddcb4e8e343aa0e690764fc46d780
	NOTE: Negligible security impact
CVE-2019-13030 (eQ-3 Homematic CCU3 AddOn 'Mediola NEO Server for Homematic CCU3' prio ...)
	NOT-FOR-US: eQ-3 Homematic CCU3
CVE-2019-13029 (Multiple stored Cross-site scripting (XSS) issues in the admin panel a ...)
	NOT-FOR-US: REDCap
CVE-2019-13028 (An incorrect implementation of a local web server in eID client (Windo ...)
	NOT-FOR-US: local web server in eID client (Product from the Ministry of Interior of the Slovak Republic)
CVE-2019-13027 (Realization Concerto Critical Chain Planner (aka CCPM) 5.10.8071 has S ...)
	NOT-FOR-US: Realization Concerto Critical Chain Planner
CVE-2019-13026 (OXID eShop 6.0.x before 6.0.5 and 6.1.x before 6.1.4 allows SQL Inject ...)
	NOT-FOR-US: OXID eShop
CVE-2019-13025 (Compal CH7465LG CH7465LG-NCIP-6.12.18.24-5p8-NOSH devices have Incorre ...)
	NOT-FOR-US: Compal CH7465LG CH7465LG-NCIP-6.12.18.24-5p8-NOSH devices
CVE-2019-13024 (Centreon 18.x before 18.10.6, 19.x before 19.04.3, and Centreon web be ...)
	- centreon-web <itp> (bug #913903)
CVE-2019-13023
	RESERVED
CVE-2019-13022
	RESERVED
CVE-2019-13021
	RESERVED
CVE-2019-13020 (The fetch API in Tightrope Media Carousel before 7.1.3 has CarouselAPI ...)
	NOT-FOR-US: Tightrope Media Carousel
CVE-2019-13019
	RESERVED
	NOT-FOR-US: Microsoft .NET
CVE-2019-13018
	RESERVED
CVE-2019-13017
	RESERVED
CVE-2019-13016
	RESERVED
CVE-2019-13015
	RESERVED
CVE-2019-13014 (Little Snitch versions 4.4.0 fixes a vulnerability in a privileged hel ...)
	NOT-FOR-US: Little Snitch
CVE-2019-13013 (Little Snitch versions 4.3.0 to 4.3.2 have a local privilege escalatio ...)
	NOT-FOR-US: Little Snitch
CVE-2019-13011 (An issue was discovered in GitLab Enterprise Edition 8.11.0 through 12 ...)
	[experimental] - gitlab 11.10.8+dfsg-1
	- gitlab 12.6.8-3
	NOTE: https://about.gitlab.com/2019/07/03/security-release-gitlab-12-dot-0-dot-3-released/
CVE-2019-13010 (An issue was discovered in GitLab Enterprise Edition 8.3 through 12.0. ...)
	[experimental] - gitlab 11.10.8+dfsg-1
	- gitlab 12.6.8-3
	NOTE: https://about.gitlab.com/2019/07/03/security-release-gitlab-12-dot-0-dot-3-released/
CVE-2019-13009 (An issue was discovered in GitLab Community and Enterprise Edition 9.2 ...)
	[experimental] - gitlab 11.10.8+dfsg-1
	- gitlab 12.6.8-3
	NOTE: https://about.gitlab.com/2019/07/03/security-release-gitlab-12-dot-0-dot-3-released/
CVE-2019-13008
	RESERVED
CVE-2019-13007 (An issue was discovered in GitLab Community and Enterprise Edition 11. ...)
	- gitlab <not-affected> (Only affects 11.1 and later)
	NOTE: https://about.gitlab.com/2019/07/03/security-release-gitlab-12-dot-0-dot-3-released/
CVE-2019-13006 (An issue was discovered in GitLab Community and Enterprise Edition 9.0 ...)
	[experimental] - gitlab 11.10.8+dfsg-1
	- gitlab 12.6.8-3
	NOTE: https://about.gitlab.com/2019/07/03/security-release-gitlab-12-dot-0-dot-3-released/
CVE-2019-13005 (An issue was discovered in GitLab Enterprise Edition and Community Edi ...)
	[experimental] - gitlab 11.10.8+dfsg-1
	- gitlab <not-affected> (Only affects 11.10 and later)
	NOTE: https://about.gitlab.com/2019/07/03/security-release-gitlab-12-dot-0-dot-3-released/
CVE-2019-13004 (An issue was discovered in GitLab Community and Enterprise Edition 11. ...)
	- gitlab <not-affected> (Only affects 11.1 and later)
	NOTE: https://about.gitlab.com/2019/07/03/security-release-gitlab-12-dot-0-dot-3-released/
CVE-2019-13003 (An issue was discovered in GitLab Community and Enterprise Edition bef ...)
	[experimental] - gitlab 11.10.8+dfsg-1
	- gitlab 12.6.8-3
	NOTE: https://about.gitlab.com/2019/07/03/security-release-gitlab-12-dot-0-dot-3-released/
CVE-2019-13002 (An issue was discovered in GitLab Community and Enterprise Edition 11. ...)
	[experimental] - gitlab 11.10.8+dfsg-1
	- gitlab <not-affected> (Only affects 11.10 and later)
	NOTE: https://about.gitlab.com/2019/07/03/security-release-gitlab-12-dot-0-dot-3-released/
CVE-2019-13001 (An issue was discovered in GitLab Community and Enterprise Edition 11. ...)
	[experimental] - gitlab 11.10.8+dfsg-1
	- gitlab <not-affected> (Only affects 11.9 and later)
	NOTE: https://about.gitlab.com/2019/07/03/security-release-gitlab-12-dot-0-dot-3-released/
CVE-2019-13000 (Eclair through 0.3 allows attackers to trigger loss of funds because o ...)
	NOT-FOR-US: Eclair
CVE-2019-12999 (Lightning Network Daemon (lnd) before 0.7 allows attackers to trigger  ...)
	- lnd <itp> (bug #886577)
CVE-2019-12998 (c-lightning before 0.7.1 allows attackers to trigger loss of funds bec ...)
	NOT-FOR-US: c-lightning
CVE-2019-12997 (In Loopchain through 2.2.1.3, an attacker can escalate privileges from ...)
	NOT-FOR-US: Loopchain
CVE-2019-12996 (In Mendix 7.23.5 and earlier, issue in XML import mappings allow DOCTY ...)
	NOT-FOR-US: Mendix
CVE-2019-12995 (Istio before 1.2.2 mishandles certain access tokens, leading to "Epoch ...)
	NOT-FOR-US: Istio
CVE-2019-12994 (Server Side Request Forgery (SSRF) exists in Zoho ManageEngine AssetEx ...)
	NOT-FOR-US: Zoho ManageEngine AssetExplorer
CVE-2019-12993
	RESERVED
CVE-2019-12992 (Citrix SD-WAN 10.2.x before 10.2.3 and NetScaler SD-WAN 10.0.x before  ...)
	NOT-FOR-US: Citrix and NetScaler SD-WAN
CVE-2019-12991 (Citrix SD-WAN 10.2.x before 10.2.3 and NetScaler SD-WAN 10.0.x before  ...)
	NOT-FOR-US: Citrix and NetScaler SD-WAN
CVE-2019-12990 (Citrix SD-WAN 10.2.x before 10.2.3 and NetScaler SD-WAN 10.0.x before  ...)
	NOT-FOR-US: Citrix and NetScaler SD-WAN
CVE-2019-12989 (Citrix SD-WAN 10.2.x before 10.2.3 and NetScaler SD-WAN 10.0.x before  ...)
	NOT-FOR-US: Citrix and NetScaler SD-WAN
CVE-2019-12988 (Citrix SD-WAN 10.2.x before 10.2.3 and NetScaler SD-WAN 10.0.x before  ...)
	NOT-FOR-US: Citrix and NetScaler SD-WAN
CVE-2019-12987 (Citrix SD-WAN 10.2.x before 10.2.3 and NetScaler SD-WAN 10.0.x before  ...)
	NOT-FOR-US: Citrix and NetScaler SD-WAN
CVE-2019-12986 (Citrix SD-WAN 10.2.x before 10.2.3 and NetScaler SD-WAN 10.0.x before  ...)
	NOT-FOR-US: Citrix and NetScaler SD-WAN
CVE-2019-12985 (Citrix SD-WAN 10.2.x before 10.2.3 and NetScaler SD-WAN 10.0.x before  ...)
	NOT-FOR-US: Citrix and NetScaler SD-WAN
CVE-2019-12984 (A NULL pointer dereference vulnerability in the function nfc_genl_deac ...)
	{DSA-4495-1}
	- linux 5.2.6-1
	NOTE: Fixed by: https://git.kernel.org/linus/385097a3675749cbc9e97c085c0e5dfe4269ca51
CVE-2019-12983
	REJECTED
CVE-2019-12982 (Ming (aka libming) 0.4.8 has a heap buffer overflow and underflow in t ...)
	- ming <removed>
	NOTE: https://github.com/libming/libming/pull/179/commits/2be22fcf56a223dafe8de0e8a20fe20e8bbdb0b9
CVE-2019-12981 (Ming (aka libming) 0.4.8 has an "fill overflow" vulnerability in the f ...)
	- ming <removed>
	NOTE: https://github.com/libming/libming/pull/179/commits/3dc0338e4a36a3092720ebaa5b908ba3dca467d9
CVE-2019-12980 (In Ming (aka libming) 0.4.8, there is an integer overflow (caused by a ...)
	- ming <removed>
	NOTE: https://github.com/libming/libming/pull/179/commits/2223f7a1e431455a1411bee77c90db94a6f8e8fe
CVE-2019-12979 (ImageMagick 7.0.8-34 has a "use of uninitialized value" vulnerability  ...)
	- imagemagick <unfixed> (bug #931189)
	[buster] - imagemagick <ignored> (Minor issue)
	[stretch] - imagemagick <ignored> (Minor issue)
	[jessie] - imagemagick <ignored> (minor security impact)
	NOTE: https://github.com/ImageMagick/ImageMagick/issues/1522
	NOTE: https://github.com/ImageMagick/ImageMagick6/commit/27b1c74979ac473a430e266ff6c4b645664bc805
CVE-2019-12978 (ImageMagick 7.0.8-34 has a "use of uninitialized value" vulnerability  ...)
	- imagemagick <unfixed> (low; bug #931190)
	[buster] - imagemagick <ignored> (Minor issue)
	[stretch] - imagemagick <ignored> (Minor issue)
	[jessie] - imagemagick <ignored> (minor security impact)
	NOTE: https://github.com/ImageMagick/ImageMagick/issues/1519
	NOTE: https://github.com/ImageMagick/ImageMagick6/commit/ae1ded6140bfa8ae9f6dcba5413b72d98ed94614
CVE-2019-12977 (ImageMagick 7.0.8-34 has a "use of uninitialized value" vulnerability  ...)
	- imagemagick <unfixed> (low; bug #931191)
	[buster] - imagemagick <ignored> (Minor issue)
	[stretch] - imagemagick <ignored> (Minor issue)
	[jessie] - imagemagick <ignored> (minor security impact)
	NOTE: https://github.com/ImageMagick/ImageMagick/issues/1518
	NOTE: https://github.com/ImageMagick/ImageMagick6/commit/e6103897fae2ed47e24b9cf7de719eea877b0504
CVE-2019-12976 (ImageMagick 7.0.8-34 has a memory leak in the ReadPCLImage function in ...)
	- imagemagick <unfixed> (unimportant; bug #931192)
	NOTE: https://github.com/ImageMagick/ImageMagick/issues/1520
CVE-2019-12975 (ImageMagick 7.0.8-34 has a memory leak vulnerability in the WriteDPXIm ...)
	- imagemagick <unfixed> (unimportant; bug #931193)
	NOTE: https://github.com/ImageMagick/ImageMagick/issues/1517
CVE-2019-12974 (A NULL pointer dereference in the function ReadPANGOImage in coders/pa ...)
	{DLA-1888-1}
	- imagemagick <unfixed> (low; bug #931196)
	[buster] - imagemagick <ignored> (Minor issue)
	[stretch] - imagemagick <ignored> (Minor issue)
	NOTE: https://github.com/ImageMagick/ImageMagick/issues/1515
	NOTE: https://github.com/ImageMagick/ImageMagick6/commit/b4391bdd60df0a77e97a6ef1674f2ffef0e19e24
CVE-2019-12973 (In OpenJPEG 2.3.1, there is excessive iteration in the opj_t1_encode_c ...)
	- openjpeg2 <unfixed> (bug #931292)
	[buster] - openjpeg2 <no-dsa> (Minor issue)
	[stretch] - openjpeg2 <no-dsa> (Minor issue)
	[jessie] - openjpeg2 <not-affected> (vulnerable code is not present)
	NOTE: https://github.com/uclouvain/openjpeg/pull/1185
	NOTE: https://github.com/uclouvain/openjpeg/commit/21399f6b7d318fcdf4406d5e88723c4922202aa3
	NOTE: https://github.com/uclouvain/openjpeg/commit/3aef207f90e937d4931daf6d411e092f76d82e66
	NOTE: Issue is similar to CVE-2018-6616.
CVE-2019-12972 (An issue was discovered in the Binary File Descriptor (BFD) library (a ...)
	- binutils 2.32.51.20190707-1 (unimportant)
	NOTE: https://sourceware.org/bugzilla/show_bug.cgi?id=24689
	NOTE: https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=890f750a3b053532a4b839a2dd6243076de12031
	NOTE: binutils not covered by security support
CVE-2019-12971 (BKS EBK Ethernet-Buskoppler Pro before 3.01 allows Unrestricted Upload ...)
	NOT-FOR-US: BKS EBK Ethernet-Buskoppler Pro
CVE-2019-12970 (XSS was discovered in SquirrelMail through 1.4.22 and 1.5.x through 1. ...)
	{DLA-1868-1}
	- squirrelmail <removed>
	NOTE: https://www.syss.de/fileadmin/dokumente/Publikationen/Advisories/SYSS-2019-016.txt
	NOTE: https://sourceforge.net/p/squirrelmail/code/14828/
CVE-2019-12969
	RESERVED
CVE-2019-12968 (A vulnerability was found in the Sonic Robo Blast 2 (SRB2) plugin (EP_ ...)
	NOT-FOR-US: Sonic Robo Blast 2
CVE-2019-12967 (Stephan Mooltipass Moolticute through 0.42.1 (and possibly earlier ver ...)
	NOT-FOR-US: Stephan Mooltipass Moolticute
CVE-2019-12966 (FeHelper through 2019-06-19 allows arbitrary code execution during a J ...)
	NOT-FOR-US: FeHelper
CVE-2019-13031 (LemonLDAP::NG before 1.9.20 has an XML External Entity (XXE) issue whe ...)
	{DLA-1844-1}
	- lemonldap-ng 2.0.0+ds-1 (bug #931117)
	[stretch] - lemonldap-ng 1.9.7-3+deb9u2
	NOTE: Upstream issue: https://gitlab.ow2.org/lemonldap-ng/lemonldap-ng/issues/1820
	NOTE: Issue explained in: https://gitlab.ow2.org/lemonldap-ng/lemonldap-ng/issues/1818
	NOTE: 2.0.0 upstream replaced the (old) feature with a new REST/JSON service, and
	NOTE: added a "oldXMLFormat" option which is functionwise broken up to 2.0.5.
	NOTE: By default the notification server is not enabled and has a 'deny all' rule.
CVE-2019-12965
	RESERVED
CVE-2019-12964 (LiveZilla Server before 8.0.1.1 is vulnerable to XSS in the ticket.php ...)
	NOT-FOR-US: LiveZilla Server
CVE-2019-12963 (LiveZilla Server before 8.0.1.1 is vulnerable to XSS in the chat.php C ...)
	NOT-FOR-US: LiveZilla Server
CVE-2019-12962 (LiveZilla Server before 8.0.1.1 is vulnerable to XSS in mobile/index.p ...)
	NOT-FOR-US: LiveZilla Server
CVE-2019-12961 (LiveZilla Server before 8.0.1.1 is vulnerable to CSV Injection in the  ...)
	NOT-FOR-US: LiveZilla Server
CVE-2019-12960 (LiveZilla Server before 8.0.1.1 is vulnerable to SQL Injection in func ...)
	NOT-FOR-US: LiveZilla Server
CVE-2019-12959 (Server Side Request Forgery (SSRF) exists in Zoho ManageEngine AssetEx ...)
	NOT-FOR-US: Zoho ManageEngine AssetExplorer
CVE-2019-12958 (In Xpdf 4.01.01, a heap-based buffer over-read could be triggered in F ...)
	- xpdf <not-affected> (xpdf in Debian uses poppler, which is fixed)
	NOTE: CVE-2017-14976 in poppler
CVE-2019-12957 (In Xpdf 4.01.01, a buffer over-read could be triggered in FoFiType1C:: ...)
	- xpdf <not-affected> (xpdf in Debian uses poppler, which is fixed)
	- poppler 0.22.5-4
	NOTE: poppler fix: https://gitlab.freedesktop.org/poppler/poppler/commit/96931732f343d2bbda9af9488b485da031866c3b
CVE-2019-12956
	RESERVED
CVE-2019-12955
	RESERVED
CVE-2019-12954 (SolarWinds Network Performance Monitor (Orion Platform 2018, NPM 12.3, ...)
	NOT-FOR-US: SolarWinds
CVE-2019-12953
	RESERVED
CVE-2019-12952
	RESERVED
CVE-2019-12951 (An issue was discovered in Mongoose before 6.15. The parse_mqtt() func ...)
	NOT-FOR-US: Cesanta Mongoose
	NOTE: smplayer embeds a copy, which is unused in any released version and disabled since 18.5.0~ds1-1
CVE-2019-12950 (An issue was discovered in TeamPass 2.1.27.35. From the sources/items. ...)
	- teampass <itp> (bug #730180)
CVE-2019-12949 (In pfSense 2.4.4-p2 and 2.4.4-p3, if it is possible to trick an authen ...)
	NOT-FOR-US: pfSense
CVE-2019-12948 (A vulnerability in the web-based management interface of VVX, Trio, So ...)
	NOT-FOR-US: Polycom UC Software
CVE-2019-12947
	RESERVED
CVE-2019-12946 (Elcom CMS before 10.7 has SQL Injection via EventSearchByState.aspx an ...)
	NOT-FOR-US: Elcom CMS
CVE-2019-12945
	REJECTED
CVE-2019-12944 (Glue Smart Lock 2.7.8 devices do not properly block guest access in ce ...)
	NOT-FOR-US: Glue Smart Lock devices
CVE-2019-12943 (TTLock devices do not properly restrict password-reset attempts, leadi ...)
	NOT-FOR-US: TTLock devices
CVE-2019-12942 (TTLock devices do not properly block guest access in certain situation ...)
	NOT-FOR-US: TTLock devices
CVE-2019-12941 (AutoPi Wi-Fi/NB and 4G/LTE devices before 2019-10-15 allows an attacke ...)
	NOT-FOR-US: AutoPi Wi-Fi/NB and 4G/LTE devices
CVE-2019-12940 (LiveZilla Server before 8.0.1.1 is vulnerable to Denial Of Service (me ...)
	NOT-FOR-US: LiveZilla
CVE-2019-12939 (LiveZilla Server before 8.0.1.1 is vulnerable to SQL Injection in serv ...)
	NOT-FOR-US: LiveZilla
CVE-2019-12938 (The Roundcube component of Analogic Poste.io 2.1.6 uses .htaccess to p ...)
	NOT-FOR-US: Roundcube component of Analogic Poste.io
CVE-2019-12937 (apps/gsudo.c in gsudo in ToaruOS through 1.10.9 has a buffer overflow  ...)
	NOT-FOR-US: gsudo in ToaruOS
CVE-2019-12936 (BlueStacks App Player 2, 3, and 4 before 4.90 allows DNS Rebinding for ...)
	NOT-FOR-US: BlueStacks App Player
CVE-2019-12934 (An issue was discovered in the wp-code-highlightjs plugin through 0.6. ...)
	NOT-FOR-US: wp-code-highlightjs plugin for WordPress
CVE-2019-12935 (Shopware before 5.5.8 has XSS via the Query String to the backend/Logi ...)
	NOT-FOR-US: Shopware
CVE-2019-12933
	REJECTED
CVE-2019-12932 (A stored XSS vulnerability was found in SeedDMS 5.1.11 due to poorly e ...)
	NOT-FOR-US: SeedDMS
CVE-2019-12931
	RESERVED
CVE-2019-12930 (A cross-site scripting (XSS) vulnerability in noMenu() and noSubMenu() ...)
	NOT-FOR-US: WIKINDX
CVE-2019-12929 (** DISPUTED ** The QMP guest_exec command in QEMU 4.0.0 and earlier is ...)
	- qemu <unfixed> (unimportant)
	- qemu-kvm <removed> (unimportant)
	NOTE: https://fakhrizulkifli.github.io/posts/2019/06/06/CVE-2019-12929/
	NOTE: The QEMU machine protocol (QMP) should not be exposed to unprivileged users,
	NOTE: and is only intended for administrative control of QEMU instances.
CVE-2019-12928 (** DISPUTED ** The QMP migrate command in QEMU version 4.0.0 and earli ...)
	- qemu <unfixed> (unimportant)
	- qemu-kvm <removed> (unimportant)
	NOTE: https://fakhrizulkifli.github.io/posts/2019/06/05/CVE-2019-12928/
	NOTE: The QEMU machine protocol (QMP) should not be exposed to unprivileged users,
	NOTE: and is only intended for administrative control of QEMU instances.
CVE-2019-12927 (MailEnable Enterprise Premium 10.23 was vulnerable to stored and refle ...)
	NOT-FOR-US: MailEnable Enterprise Premium
CVE-2019-12926 (MailEnable Enterprise Premium 10.23 did not use appropriate access con ...)
	NOT-FOR-US: MailEnable Enterprise Premium
CVE-2019-12925 (MailEnable Enterprise Premium 10.23 was vulnerable to multiple directo ...)
	NOT-FOR-US: MailEnable Enterprise Premium
CVE-2019-12924 (MailEnable Enterprise Premium 10.23 was vulnerable to XML External Ent ...)
	NOT-FOR-US: MailEnable Enterprise Premium
CVE-2019-12923 (In MailEnable Enterprise Premium 10.23, the potential cross-site reque ...)
	NOT-FOR-US: MailEnable Enterprise Premium
CVE-2019-12922 (A CSRF issue in phpMyAdmin 4.9.0.1 allows deletion of any server in th ...)
	- phpmyadmin 4:4.9.1+dfsg1-2
	[stretch] - phpmyadmin <no-dsa> (Minor issue)
	[jessie] - phpmyadmin <postponed> (Minor issue, target only accessible is setup is enabled and htpasswd.setup populated)
	NOTE: https://seclists.org/fulldisclosure/2019/Sep/23
	NOTE: https://github.com/phpmyadmin/phpmyadmin/commit/427fbed55d3154d96ecfc1c7784d49eaa3c04161 (4.9.1)
CVE-2019-12921 (In GraphicsMagick before 1.3.32, the text filename component allows re ...)
	{DLA-2152-1}
	- graphicsmagick 1.4~hg16039-1
	NOTE: https://github.com/d0ge/data-processing/blob/master/CVE-2019-12921.md
	NOTE: http://hg.graphicsmagick.org/hg/GraphicsMagick/rev/f780c290b4ab
CVE-2019-12920 (On Shenzhen Cylan Clever Dog Smart Camera DOG-2W and DOG-2W-V4 devices ...)
	NOT-FOR-US: Shenzhen Cylan Clever Dog Smart Cameraa DOG-2W and DOG-2W-V4 devices
CVE-2019-12919 (On Shenzhen Cylan Clever Dog Smart Camera DOG-2W and DOG-2W-V4 devices ...)
	NOT-FOR-US: Shenzhen Cylan Clever Dog Smart Camera DOG-2W and DOG-2W-V4 devices
CVE-2019-12918 (Quest KACE Systems Management Appliance Server Center version 9.1.317  ...)
	NOT-FOR-US: Quest KACE Systems Management Appliance Server Center
CVE-2019-12917 (A reflected XSS vulnerability exists in Quest KACE Systems Management  ...)
	NOT-FOR-US: Quest KACE Systems Management Appliance Server Center
CVE-2019-12916
	REJECTED
CVE-2019-12915
	REJECTED
CVE-2019-12914 (Redbrick Shift through 3.4.3 allows an attacker to extract authenticat ...)
	NOT-FOR-US: Redbrick Shift
CVE-2019-12913 (Redbrick Shift through 3.4.3 allows an attacker to extract emails of s ...)
	NOT-FOR-US: Redbrick Shift
CVE-2019-12912 (Redbrick Shift through 3.4.3 allows an attacker to extract emails of s ...)
	NOT-FOR-US: Redbrick Shift
CVE-2019-12911 (Redbrick Shift through 3.4.3 allows an attacker to extract authenticat ...)
	NOT-FOR-US: Redbrick Shift
CVE-2019-12910
	RESERVED
CVE-2019-12909
	RESERVED
CVE-2019-12908
	RESERVED
CVE-2019-12907
	RESERVED
CVE-2019-12906
	RESERVED
CVE-2019-12905 (FileRun 2019.05.21 allows XSS via the filename to the ?module=fileman& ...)
	NOT-FOR-US: FileRun
CVE-2019-12904 (In Libgcrypt 1.8.4, the C implementation of AES is vulnerable to a flu ...)
	- libgcrypt20 <unfixed> (bug #930885)
	[buster] - libgcrypt20 <no-dsa> (Minor issue)
	[stretch] - libgcrypt20 <no-dsa> (Minor issue)
	[jessie] - libgcrypt20 <not-affected> (Vulnerable code introduced later in version 1.7.0)
	- libgcrypt11 <removed>
	NOTE: https://dev.gnupg.org/T4541
	NOTE: https://github.com/gpg/libgcrypt/commit/a4c561aab1014c3630bc88faf6f5246fee16b020
	NOTE: https://github.com/gpg/libgcrypt/commit/daedbbb5541cd8ecda1459d3b843ea4d92788762
CVE-2019-12903 (Pydio Cells before 1.5.0, when supplied with a Name field in an unexpe ...)
	NOT-FOR-US: Pydio Cells (relates to Pydio product)
CVE-2019-12902 (Pydio Cells before 1.5.0 does incomplete cleanup of a user's data upon ...)
	NOT-FOR-US: Pydio Cells (relates to Pydio product)
CVE-2019-12901 (Pydio Cells before 1.5.0 fails to neutralize '../' elements, allowing  ...)
	NOT-FOR-US: Pydio Cells (relates to Pydio product)
CVE-2019-12900 (BZ2_decompress in decompress.c in bzip2 through 1.0.6 has an out-of-bo ...)
	{DLA-1953-1 DLA-1833-1}
	- bzip2 1.0.6-9.1 (bug #930886)
	[stretch] - bzip2 <no-dsa> (Not exploitable; potential dangerous parts already guarded)
	- clamav 0.101.4+dfsg-1 (bug #934359)
	[buster] - clamav 0.101.4+dfsg-0+deb10u1
	[stretch] - clamav 0.101.4+dfsg-0+deb9u1
	NOTE: https://gitlab.com/federicomenaquintero/bzip2/commit/74de1e2e6ffc9d51ef9824db71a8ffee5962cdbc
	NOTE: The original fix introduces regressions when extracting certain lbzip2 files
	NOTE: which were created with a buggy libzip2: https://bugs.debian.org/931278
	NOTE: Details on followup: https://sourceware.org/ml/bzip2-devel/2019-q3/msg00007.html
	NOTE: explaining as well why, whilst the issue described by CVE-2019-12900 is definitvely
	NOTE: an issue, it was not exploitable in the first place.
	NOTE: Regression fix: https://sourceware.org/git/?p=bzip2.git;a=commit;h=b07b105d1b66e32760095e3602261738443b9e13
	NOTE: Clamav: https://blog.clamav.net/2019/08/clamav-01014-security-patch-release-has.html
	NOTE: clamav uses libbz2 but the "nsis" scanner/decompressor has a decompress.c from bzip2
CVE-2019-12899 (Delta Electronics DeviceNet Builder 2.04 has a User Mode Write AV star ...)
	NOT-FOR-US: Delta Electronics DeviceNet Builder
CVE-2019-12898 (Delta Electronics DeviceNet Builder 2.04 has a User Mode Write AV star ...)
	NOT-FOR-US: Delta Electronics DeviceNet Builder
CVE-2019-12897 (Edraw Max 7.9.3 has a Read Access Violation at the Instruction Pointer ...)
	NOT-FOR-US: Edraw Max
CVE-2019-12896 (Edraw Max 7.9.3 has Heap Corruption starting at ntdll!RtlpNtMakeTempor ...)
	NOT-FOR-US: Edraw Max
CVE-2019-12895 (In Alternate Pic View 2.600, the Exception Handler Chain is Corrupted  ...)
	NOT-FOR-US: Alternate Pic View
CVE-2019-12894 (Alternate Pic View 2.600 has a Read Access Violation at the Instructio ...)
	NOT-FOR-US: Alternate Pic View
CVE-2019-12893 (Alternate Pic View 2.600 has a User Mode Write AV starting at PicViewe ...)
	NOT-FOR-US: Alternate Pic View
CVE-2019-12892
	RESERVED
CVE-2019-12891
	RESERVED
CVE-2019-12890 (RedwoodHQ 2.5.5 does not require any authentication for database opera ...)
	NOT-FOR-US: RedwoodHQ
CVE-2019-12889 (An unauthenticated privilege escalation exists in SailPoint Desktop Pa ...)
	NOT-FOR-US: SailPoint Desktop Password Reset
CVE-2019-12888
	REJECTED
CVE-2019-12887 (KeyIdentity LinOTP before 2.10.5.3 has Incorrect Access Control (issue ...)
	NOT-FOR-US: KeyIdentity LinOTP
CVE-2019-12886
	RESERVED
CVE-2019-12885
	RESERVED
CVE-2019-12884
	RESERVED
CVE-2019-12883
	RESERVED
CVE-2019-12882
	REJECTED
CVE-2019-12881 (i915_gem_userptr_get_pages in drivers/gpu/drm/i915/i915_gem_userptr.c  ...)
	- linux <undetermined>
	NOTE: https://gist.github.com/oxagast/472866fb2c3d439e10499d7141d0a520
CVE-2019-12880 (BCN Quark Quarking Password Manager 3.1.84 suffers from a clickjacking ...)
	NOT-FOR-US: BCN Quark Quarking Password Manager
CVE-2019-12879
	RESERVED
CVE-2019-12878
	RESERVED
CVE-2019-12877
	RESERVED
CVE-2019-12876 (Zoho ManageEngine ADManager Plus 6.6.5, ADSelfService Plus 5.7, and De ...)
	NOT-FOR-US: Zoho ManageEngine
CVE-2019-12875 (Alpine Linux abuild through 3.4.0 allows an unprivileged member of the ...)
	NOT-FOR-US: Alpine Linux
CVE-2019-12874 (An issue was discovered in zlib_decompress_extra in modules/demux/mkv/ ...)
	{DSA-4459-1}
	- vlc 3.0.7-1
	[jessie] - vlc <end-of-life> (https://lists.debian.org/debian-security-announce/2018/msg00130.html)
	NOTE: http://git.videolan.org/?p=vlc.git;a=commit;h=81023659c7de5ac2637b4a879195efef50846102
CVE-2019-12873
	RESERVED
CVE-2019-12872 (dotCMS before 5.1.6 is vulnerable to a SQL injection that can be explo ...)
	NOT-FOR-US: dotCMS
CVE-2019-12871 (An issue was discovered in PHOENIX CONTACT PC Worx through 1.86, PC Wo ...)
	NOT-FOR-US: PHOENIX CONTACT PC Worx
CVE-2019-12870 (An issue was discovered in PHOENIX CONTACT PC Worx through 1.86, PC Wo ...)
	NOT-FOR-US: PHOENIX CONTACT PC Worx
CVE-2019-12869 (An issue was discovered in PHOENIX CONTACT PC Worx through 1.86, PC Wo ...)
	NOT-FOR-US: PHOENIX CONTACT PC Worx
CVE-2019-12868 (app/Model/Server.php in MISP 2.4.109 allows remote command execution b ...)
	NOT-FOR-US: MISP
CVE-2019-12867 (Certain actions could cause privilege escalation for issue attachments ...)
	NOT-FOR-US: JetBrains YouTrack
CVE-2019-12866 (An Insecure Direct Object Reference, with Authorization Bypass through ...)
	NOT-FOR-US: JetBrains YouTrack
CVE-2019-12865 (In radare2 through 3.5.1, cmd_mount in libr/core/cmd_mount.c has a dou ...)
	- radare2 3.8.0+dfsg-1 (bug #930704)
	[jessie] - radare2 <no-dsa> (Minor issue)
	NOTE: https://github.com/radare/radare2/issues/14334
	NOTE: https://github.com/radare/radare2/commit/40453029179d230cf02ffed205f2d63e33981b8f
CVE-2019-12864
	RESERVED
CVE-2019-12863 (SolarWinds Orion Platform 2018.4 HF3 (NPM 12.4, NetPath 1.1.4) allows  ...)
	NOT-FOR-US: SolarWinds
CVE-2019-12862
	RESERVED
CVE-2019-12861
	RESERVED
CVE-2019-12860
	RESERVED
CVE-2019-12859
	RESERVED
CVE-2019-12858
	RESERVED
CVE-2019-12857
	RESERVED
CVE-2019-12856
	RESERVED
CVE-2019-12855 (In words.protocols.jabber.xmlstream in Twisted through 19.2.1, XMPP su ...)
	- twisted 18.9.0-7 (bug #930626)
	[buster] - twisted <no-dsa> (Minor issue)
	[stretch] - twisted <no-dsa> (Minor issue)
	[jessie] - twisted <no-dsa> (Minor issue)
	NOTE: https://github.com/twisted/twisted/pull/1147
	NOTE: https://twistedmatrix.com/trac/ticket/9561
CVE-2019-12854 (Due to incorrect string termination, Squid cachemgr.cgi 4.0 through 4. ...)
	{DSA-4507-1}
	- squid 4.8-1
	- squid3 <not-affected> (Vulnerable code not present; Vulnerable code only in 4.x series)
	NOTE: http://www.squid-cache.org/Advisories/SQUID-2019_1.txt
	NOTE: http://www.squid-cache.org/Versions/v4/changesets/squid-4-2981a957716c61ff7e21eee1d7d6eb5a237e466d.patch
CVE-2019-12853
	RESERVED
CVE-2019-12852 (An SSRF attack was possible on a JetBrains YouTrack server. The issue  ...)
	NOT-FOR-US: JetBrains YouTrack
CVE-2019-12851 (A CSRF vulnerability was detected in one of the admin endpoints of Jet ...)
	NOT-FOR-US: JetBrains YouTrack
CVE-2019-12850 (A query injection was possible in JetBrains YouTrack. The issue was fi ...)
	NOT-FOR-US: JetBrains YouTrack
CVE-2019-12849
	RESERVED
CVE-2019-12848
	RESERVED
CVE-2019-12847 (In JetBrains Hub versions earlier than 2018.4.11298, the audit events  ...)
	NOT-FOR-US: JetBrains Hub
CVE-2019-12846 (A user without the required permissions could gain access to some JetB ...)
	NOT-FOR-US: JetBrains
CVE-2019-12845 (The generated Kotlin DSL settings allowed usage of an unencrypted conn ...)
	NOT-FOR-US: JetBrains
CVE-2019-12844 (A possible stored JavaScript injection was detected on one of the JetB ...)
	NOT-FOR-US: JetBrains
CVE-2019-12843 (A possible stored JavaScript injection requiring a deliberate server a ...)
	NOT-FOR-US: JetBrains
CVE-2019-12842 (A reflected XSS on a user page was detected on one of the JetBrains Te ...)
	NOT-FOR-US: JetBrains
CVE-2019-12841 (Incorrect handling of user input in ZIP extraction was detected in Jet ...)
	NOT-FOR-US: JetBrains
CVE-2019-12840 (In Webmin through 1.910, any user authorized to the "Package Updates"  ...)
	- webmin <removed>
CVE-2019-12839 (In OrangeHRM 4.3.1 and before, there is an input validation error with ...)
	NOT-FOR-US: OrangeHRM
CVE-2019-12838 (SchedMD Slurm 17.11.x, 18.08.0 through 18.08.7, and 19.05.0 allows SQL ...)
	{DSA-4572-1 DLA-2143-1}
	- slurm-llnl 19.05.3.2-1 (bug #931880)
	[stretch] - slurm-llnl <no-dsa> (Too intrusive to backport)
	NOTE: https://github.com/SchedMD/slurm/commit/afa7d743f407c60a7c8a4bd98a10be32c82988b5
	NOTE: https://lists.schedmd.com/pipermail/slurm-announce/2019/000025.html
CVE-2019-12837 (The Java API in accesuniversitat.gencat.cat 1.7.5 allows remote attack ...)
	NOT-FOR-US: Java API in Generalitat de Catalunya accesuniversitat.gencat.cat
CVE-2019-12836 (The Bobronix JEditor editor before 3.0.6 for Jira allows an attacker t ...)
	NOT-FOR-US: Bobronix JEditor editor for Jira
CVE-2019-12835 (formats/xml.cpp in Leanify 0.4.3 allows for a controlled out-of-bounds ...)
	NOT-FOR-US: Leanify
CVE-2019-12834 (In HT2 Labs Learning Locker 3.15.1, it's possible to inject malicious  ...)
	NOT-FOR-US: HT2 Labs Learning Locker
CVE-2019-12833
	RESERVED
CVE-2019-12832
	RESERVED
CVE-2019-12831 (In MyBB before 1.8.21, an attacker can abuse a default behavior of MyS ...)
	NOT-FOR-US: MyBB
CVE-2019-12830 (In MyBB before 1.8.21, an attacker can exploit a parsing flaw in the P ...)
	NOT-FOR-US: MyBB
CVE-2019-12829 (radare2 through 3.5.1 mishandles the RParse API, which allows remote a ...)
	- radare2 3.8.0+dfsg-1 (bug #930590)
	[jessie] - radare2 <no-dsa> (Minor issue)
	NOTE: https://github.com/radare/radare2/issues/14303
	NOTE: https://github.com/radare/radare2/commit/b282620b7a8818910c42a29b8f0855a2d13eec14
CVE-2019-12828 (An issue was discovered in Electronic Arts Origin before 10.5.39. Due  ...)
	NOT-FOR-US: Electronic Arts Origin
CVE-2019-12827 (Buffer overflow in res_pjsip_messaging in Digium Asterisk versions 13. ...)
	- asterisk 1:16.2.1~dfsg-2 (bug #931980)
	[buster] - asterisk 1:16.2.1~dfsg-1+deb10u1
	[stretch] - asterisk <no-dsa> (Minor issue)
	[jessie] - asterisk <not-affected> (Vulnerable code not present)
	NOTE: https://downloads.asterisk.org/pub/security/AST-2019-002.html
	NOTE: https://issues.asterisk.org/jira/browse/ASTERISK-28447
CVE-2019-12826 (A Cross-Site-Request-Forgery (CSRF) vulnerability in widget_logic.php  ...)
	NOT-FOR-US: 2by2host Widget Logic plugin for WordPress
CVE-2019-12825 (Unauthorized Access to the Container Registry of other groups was disc ...)
	- gitlab <not-affected> (Only affects Gitlab EE)
CVE-2019-12824
	RESERVED
CVE-2019-12823 (Craft CMS 3.1.30 has XSS. ...)
	NOT-FOR-US: Craft CMS
CVE-2019-12822 (In http.c in Embedthis GoAhead before 4.1.1 and 5.x before 5.0.1, a he ...)
	NOT-FOR-US: Embedthis GoAhead
CVE-2019-12821 (A vulnerability was found in the app 2.0 of the Shenzhen Jisiwei i3 ro ...)
	NOT-FOR-US: app of the Shenzhen Jisiwei i3 robot vacuum cleaner
CVE-2019-12820 (A vulnerability was found in the app 2.0 of the Shenzhen Jisiwei i3 ro ...)
	NOT-FOR-US: app of the Shenzhen Jisiwei i3 robot vacuum cleaner
CVE-2019-12817 (arch/powerpc/mm/mmu_context_book3s64.c in the Linux kernel before 5.1. ...)
	{DSA-4495-1}
	- linux 5.2.6-1
	[stretch] - linux <not-affected> (Vulnerable code not present)
	[jessie] - linux <not-affected> (Vulnerable code not present)
CVE-2019-12816 (Modules.cpp in ZNC before 1.7.4-rc1 allows remote authenticated non-ad ...)
	{DSA-4463-1 DLA-1830-1}
	- znc 1.7.2-3
	NOTE: Versions affected: 0.098 - 1.7.3
	NOTE: https://github.com/znc/znc/commit/8de9e376ce531fe7f3c8b0aa4876d15b479b7311
CVE-2019-12815 (An arbitrary file copy vulnerability in mod_copy in ProFTPD up to 1.3. ...)
	{DSA-4491-1 DLA-1873-1}
	- proftpd-dfsg 1.3.6-6 (low; bug #932453)
	NOTE: http://bugs.proftpd.org/show_bug.cgi?id=4372
	NOTE: https://github.com/proftpd/proftpd/pull/816
	NOTE: https://tbspace.de/cve201912815proftpd.html
CVE-2019-12814 (A Polymorphic Typing issue was discovered in FasterXML jackson-databin ...)
	{DLA-1831-1}
	- jackson-databind 2.9.8-3 (bug #930750)
	[stretch] - jackson-databind 2.8.6-1+deb9u6
	NOTE: https://github.com/FasterXML/jackson-databind/issues/2341
	NOTE: https://github.com/FasterXML/jackson-databind/commit/5f7c69bba07a7155adde130d9dee2e54a54f1fa5
CVE-2019-12813 (An issue was discovered in Digital Persona U.are.U 4500 Fingerprint Re ...)
	NOT-FOR-US: Digital Persona U.are.U 4500 Fingerprint Reader
CVE-2019-12812 (MyBuilder viewer before 6.2.2019.814 allow an attacker to execute arbi ...)
	NOT-FOR-US: MyBuilder
CVE-2019-12811 (ActiveX Control in MyBuilder before 6.2.2019.814 allow an attacker to  ...)
	NOT-FOR-US: MyBuilder
CVE-2019-12810 (A memory corruption vulnerability exists in the .PSD parsing functiona ...)
	NOT-FOR-US: ALSee
CVE-2019-12809 (Yes24ViewerX ActiveX Control 1.0.327.50126 and earlier versions contai ...)
	NOT-FOR-US: Yes24ViewerX ActiveX Control
CVE-2019-12808 (ALTOOLS update service 18.1 and earlier versions contains a local priv ...)
	NOT-FOR-US: ALTOOLS update service
CVE-2019-12807 (Alzip 10.83 and earlier version contains a stack-based buffer overflow ...)
	NOT-FOR-US: ALZip
CVE-2019-12806 (UniSign 2.0.4.0 and earlier version contains a stack-based buffer over ...)
	NOT-FOR-US: UniSign
CVE-2019-12805 (NCSOFT Game Launcher, NC Launcher2 2.4.1.691 and earlier versions have ...)
	NOT-FOR-US: NCSOFT Game Launcher
CVE-2019-12804 (In Hunesion i-oneNet version 3.0.7 ~ 3.0.53 and 4.0.4 ~ 4.0.16, due to ...)
	NOT-FOR-US: Hunesion i-oneNet
CVE-2019-12803 (In Hunesion i-oneNet version 3.0.7 ~ 3.0.53 and 4.0.4 ~ 4.0.16, the sp ...)
	NOT-FOR-US: Hunesion i-oneNet
CVE-2019-12802 (In radare2 through 3.5.1, the rcc_context function of libr/egg/egg_lan ...)
	- radare2 3.8.0+dfsg-1 (bug #930510)
	[jessie] - radare2 <no-dsa> (Minor issue)
	NOTE: https://github.com/radare/radare2/issues/14296
CVE-2019-12801 (out/out.GroupMgr.php in SeedDMS 5.1.11 has Stored XSS by making a new  ...)
	NOT-FOR-US: SeedDMS
CVE-2019-12800
	RESERVED
CVE-2019-12819 (An issue was discovered in the Linux kernel before 5.0. The function _ ...)
	- linux 4.19.37-1
	[stretch] - linux 4.9.168-1
	[jessie] - linux 3.16.68-1
	NOTE: https://git.kernel.org/linus/6ff7b060535e87c2ae14dd8548512abfdda528fb
CVE-2019-12818 (An issue was discovered in the Linux kernel before 4.20.15. The nfc_ll ...)
	- linux 4.19.28-1
	[stretch] - linux 4.9.168-1
	[jessie] - linux 3.16.68-1
	NOTE: https://git.kernel.org/linus/58bdd544e2933a21a51eecf17c3f5f94038261b5
CVE-2019-12799 (In createInstanceFromNamedArguments in Shopware through 5.6.x, a craft ...)
	NOT-FOR-US: Shopware
CVE-2019-12798 (An issue was discovered in Artifex MuJS 1.0.5. regcompx in regexp.c do ...)
	NOT-FOR-US: MuJS
CVE-2019-12797 (A clone version of an ELM327 OBD2 Bluetooth device has a hardcoded PIN ...)
	NOT-FOR-US: ELM327 OBD2 Bluetooth device
CVE-2019-12796
	RESERVED
CVE-2019-12795 (daemon/gvfsdaemon.c in gvfsd from GNOME gvfs before 1.38.3, 1.40.x bef ...)
	{DLA-1827-1}
	- gvfs 1.38.1-5 (bug #930376)
	[stretch] - gvfs <no-dsa> (Minor issue)
	NOTE: https://gitlab.gnome.org/GNOME/gvfs/commit/70dbfc68a79faac49bd3423e079cb6902522082a (master)
	NOTE: https://gitlab.gnome.org/GNOME/gvfs/commit/d8c9138bf240975848b1c54db648ec4cd516a48f (gnome-3-32)
	NOTE: https://gitlab.gnome.org/GNOME/gvfs/commit/e3808a1b4042761055b1d975333a8243d67b8bfe (gnome-3-30)
CVE-2019-12794 (An issue was discovered in MISP 2.4.108. Organization admins could res ...)
	NOT-FOR-US: MISP
CVE-2019-XXXX [security issues fixed in 1.8.5]
	- rdesktop 1.8.6-1 (bug #930387)
	[stretch] - rdesktop 1.8.6-2~deb9u1
	[jessie] - rdesktop 1.8.6-0+deb8u1
	NOTE: Workaround entry for DSA-4473-1/DLA-1837-1 until CVEs assigned
CVE-2019-12793
	RESERVED
CVE-2019-12792 (A command injection vulnerability in UploadHandler.php in Vesta Contro ...)
	NOT-FOR-US: Vesta Control Panel
CVE-2019-12791 (A directory traversal vulnerability in the v-list-user script in Vesta ...)
	NOT-FOR-US: Vesta Control Panel
CVE-2019-12790 (In radare2 through 3.5.1, there is a heap-based buffer over-read in th ...)
	- radare2 3.8.0+dfsg-1 (bug #930344)
	[jessie] - radare2 <no-dsa> (Minor issue)
	NOTE: https://github.com/radare/radare2/issues/14211
CVE-2019-12789 (An issue was discovered on Actiontec T2200H T2200H-31.128L.08 devices, ...)
	NOT-FOR-US: Actiontec devices
CVE-2019-12788 (An issue was discovered in Photodex ProShow Producer v9.0.3797 (an app ...)
	NOT-FOR-US: Photodex ProShow Producer
CVE-2019-12787 (An issue was discovered on D-Link DIR-818LW devices from 2.05.B03 to 2 ...)
	NOT-FOR-US: D-Link
CVE-2019-12786 (An issue was discovered on D-Link DIR-818LW devices from 2.05.B03 to 2 ...)
	NOT-FOR-US: D-Link
CVE-2019-12785
	RESERVED
CVE-2019-12784
	RESERVED
CVE-2019-12783
	RESERVED
CVE-2019-12782 (An authorization bypass vulnerability in pinboard updates in ThoughtSp ...)
	NOT-FOR-US: ThoughtSpot
CVE-2019-12781 (An issue was discovered in Django 1.11 before 1.11.22, 2.1 before 2.1. ...)
	{DSA-4476-1 DLA-1842-1}
	- python-django 1:1.11.22-1 (bug #931316)
	[buster] - python-django 1:1.11.22-1~deb10u1
	NOTE: https://www.djangoproject.com/weblog/2019/jul/01/security-releases/
	NOTE: https://github.com/django/django/commit/54d0f5e62f54c29a12dd96f44bacd810cbe03ac8 (master)
	NOTE: https://github.com/django/django/commit/77706a3e4766da5d5fb75c4db22a0a59a28e6cd6 (2.2)
	NOTE: https://github.com/django/django/commit/1e40f427bb8d0fb37cc9f830096a97c36c97af6f (2.1)
	NOTE: https://github.com/django/django/commit/32124fc41e75074141b05f10fc55a4f01ff7f050 (1.11)
CVE-2019-12780 (The Belkin Wemo Enabled Crock-Pot allows command injection in the Wemo ...)
	NOT-FOR-US: Belkin Wemo Enabled Crock-Pot
CVE-2019-5439 (A Buffer Overflow in VLC Media Player &lt; 3.0.7 causes a crash which  ...)
	{DSA-4459-1}
	- vlc 3.0.7-1 (bug #930276)
	[jessie] - vlc <end-of-life> (https://lists.debian.org/debian-security-announce/2018/msg00130.html)
	NOTE: https://hackerone.com/reports/484398
	NOTE: http://www.jbkempf.com/blog/post/2019/VLC-3.0.7-and-security
CVE-2019-12779 (libqb before 1.0.5 allows local users to overwrite arbitrary files via ...)
	- libqb 1.0.4-1 (unimportant; bug #927159)
	[jessie] - libqb <end-of-life> (https://salsa.debian.org/debian/debian-security-support/commit/ba638006d397eda2cc094761ed7a7bfdca9e534b)
	NOTE: https://github.com/ClusterLabs/libqb/issues/338
	NOTE: https://github.com/ClusterLabs/libqb/commit/6a4067c1d1764d93d255eccecfd8bf9f43cb0b4d
	NOTE: Regression fix: https://github.com/ClusterLabs/libqb/pull/349
	NOTE: Neutralised by kernel hardening
CVE-2019-12778
	RESERVED
CVE-2019-12777 (An issue was discovered on the ENTTEC Datagate MK2, Storm 24, Pixelato ...)
	NOT-FOR-US: ENTTEC
CVE-2019-12776 (An issue was discovered on the ENTTEC Datagate MK2, Storm 24, Pixelato ...)
	NOT-FOR-US: ENTTEC
CVE-2019-12775 (An issue was discovered on the ENTTEC Datagate MK2, Storm 24, Pixelato ...)
	NOT-FOR-US: ENTTEC
CVE-2019-12774 (A number of stored XSS vulnerabilities have been identified in the web ...)
	NOT-FOR-US: ENTTEC
CVE-2019-12773
	RESERVED
CVE-2019-12772
	RESERVED
CVE-2019-12771 (Command injection is possible in ThinStation through 6.1.1 via shell m ...)
	NOT-FOR-US: ThinStation
CVE-2019-12770
	RESERVED
CVE-2019-12769 (SolarWinds Serv-U Managed File Transfer (MFT) Web client before 15.1.6 ...)
	NOT-FOR-US: SolarWinds
CVE-2019-12768
	RESERVED
CVE-2019-12767 (An issue was discovered on D-Link DAP-1650 devices before 1.04B02_J65H ...)
	NOT-FOR-US: D-Link
CVE-2019-12766 (An issue was discovered in Joomla! before 3.9.7. The subform fieldtype ...)
	NOT-FOR-US: Joomla!
CVE-2019-12765 (An issue was discovered in Joomla! before 3.9.7. The CSV export of com ...)
	NOT-FOR-US: Joomla!
CVE-2019-12764 (An issue was discovered in Joomla! before 3.9.7. The update server URL ...)
	NOT-FOR-US: Joomla!
CVE-2019-12763 (The Security Camera CZ application through 1.6.8 for Android stores po ...)
	NOT-FOR-US: Security Camera CZ application for Android
CVE-2019-12762 (Xiaomi Mi 5s Plus devices allow attackers to trigger touchscreen anoma ...)
	NOT-FOR-US: Xiaomi Mi 5s Plus devices
CVE-2019-12761 (A code injection issue was discovered in PyXDG before 0.26 via crafted ...)
	{DLA-1819-1}
	- pyxdg <unfixed> (low; bug #930099)
	[buster] - pyxdg <no-dsa> (Minor issue)
	[stretch] - pyxdg <no-dsa> (Minor issue)
	NOTE: https://snyk.io/vuln/SNYK-PYTHON-PYXDG-174562
	NOTE: https://gitlab.freedesktop.org/xdg/pyxdg/issues/14
CVE-2019-12760 (** DISPUTED ** A deserialization vulnerability exists in the way parso ...)
	- parso 0.5.1-0.1 (unimportant; bug #930356)
	NOTE: https://gist.github.com/dhondta/f71ae7e5c4234f8edfd2f12503a5dcc7
	NOTE: https://github.com/davidhalter/parso/issues/75
	NOTE: Not considered a security issue by upstream
CVE-2019-12759 (Symantec Endpoint Protection Manager (SEPM) and Symantec Mail Security ...)
	NOT-FOR-US: Symantec
CVE-2019-12758 (Symantec Endpoint Protection, prior to 14.2 RU2, may be susceptible to ...)
	NOT-FOR-US: Symantec
CVE-2019-12757 (Symantec Endpoint Protection (SEP), prior to 14.2 RU2 &amp; 12.1 RU6 M ...)
	NOT-FOR-US: Symantec
CVE-2019-12756 (Symantec Endpoint Protection (SEP), prior to 14.2 RU2 may be susceptib ...)
	NOT-FOR-US: Symantec
CVE-2019-12755 (Norton Password Manager, prior to 6.5.0.2104, may be susceptible to an ...)
	NOT-FOR-US: Norton
CVE-2019-12754 (Symantec My VIP portal, previous version which has already been auto u ...)
	NOT-FOR-US: Symantec My VIP portal
CVE-2019-12753 (An information disclosure vulnerability in Symantec Reporter web UI 10 ...)
	NOT-FOR-US: Symantec
CVE-2019-12752 (The Symantec SONAR component, prior to 12.0.2, may be susceptible to a ...)
	NOT-FOR-US: Symantec
CVE-2019-12751 (Symantec Messaging Gateway, prior to 10.7.1, may be susceptible to a p ...)
	NOT-FOR-US: Symantec
CVE-2019-12750 (Symantec Endpoint Protection, prior to 14.2 RU1 &amp; 12.1 RU6 MP10 an ...)
	NOT-FOR-US: Symantec Endpoint Protection
CVE-2019-12749 (dbus before 1.10.28, 1.12.x before 1.12.16, and 1.13.x before 1.13.12, ...)
	{DSA-4462-1 DLA-1818-1}
	- dbus 1.12.16-1 (bug #930375)
	NOTE: https://www.openwall.com/lists/oss-security/2019/06/11/2
	NOTE: https://gitlab.freedesktop.org/dbus/dbus/issues/269
	NOTE: https://gitlab.freedesktop.org/dbus/dbus/commit/47b1a4c41004bf494b87370987b222c934b19016
CVE-2019-12748 (TYPO3 8.3.0 through 8.7.26 and 9.0.0 through 9.5.7 allows XSS. ...)
	NOT-FOR-US: TYPO3
CVE-2019-12747 (TYPO3 8.x through 8.7.26 and 9.x through 9.5.7 allows Deserialization  ...)
	NOT-FOR-US: TYPO3
CVE-2019-12746 (An issue was discovered in Open Ticket Request System (OTRS) Community ...)
	{DLA-1877-1}
	- otrs2 6.0.20-1
	[buster] - otrs2 <no-dsa> (Non-free not supported)
	[stretch] - otrs2 <no-dsa> (Non-free not supported)
	NOTE: https://community.otrs.com/security-advisory-2019-10-security-update-for-otrs-framework/
	NOTE: OTRS 6: https://github.com/OTRS/otrs/commit/fab16a8e54aaf033f460e5f98c673248f29ea49c
	NOTE: OTRS 6: https://github.com/OTRS/otrs/commit/cc08cb7df9f6dde05de2f8c6cbd59cd5d0952627
	NOTE: OTRS 5: https://github.com/OTRS/otrs/commit/7ab33e51a4db9f712e979040f644d0d0c39ff0af
CVE-2019-12745 (out/out.UsrMgr.php in SeedDMS before 5.1.11 allows Stored Cross-Site S ...)
	NOT-FOR-US: SeedDMS
CVE-2019-12744 (SeedDMS before 5.1.11 allows Remote Command Execution (RCE) because of ...)
	NOT-FOR-US: SeedDMS
CVE-2019-12743 (HumHub Social Network Kit Enterprise v1.3.13 allows remote attackers t ...)
	NOT-FOR-US: HumHub Social Network Kit Enterprise
CVE-2019-12742 (Bludit prior to 3.9.1 allows a non-privileged user to change the passw ...)
	NOT-FOR-US: bludit
CVE-2019-12741 (XSS exists in the HAPI FHIR testpage overlay module of the HAPI FHIR l ...)
	NOT-FOR-US: HAPI FHIR library
CVE-2019-12740
	RESERVED
CVE-2019-12739 (lib/Controller/ExtractionController.php in the Extract add-on before 1 ...)
	- nextcloud <itp> (bug #835086)
CVE-2019-12738
	RESERVED
CVE-2019-12737 (UserHashedTableAuth in JetBrains Ktor framework before 1.2.0-rc uses a ...)
	NOT-FOR-US: JetBrains Ktor
CVE-2019-12736 (JetBrains Ktor framework before 1.2.0-rc does not sanitize the usernam ...)
	NOT-FOR-US: JetBrains Ktor
CVE-2019-12734 (SiteVision 4 has Incorrect Access Control. ...)
	NOT-FOR-US: SiteVision
CVE-2019-12733 (SiteVision 4 allows Remote Code Execution. ...)
	NOT-FOR-US: SiteVision
CVE-2019-12735 (getchar.c in Vim before 8.1.1365 and Neovim before 0.3.6 allows remote ...)
	{DSA-4487-1 DSA-4467-1 DLA-1871-1}
	- vim 2:8.1.0875-4 (bug #930020)
	- neovim 0.3.4-3 (bug #930024)
	NOTE: https://github.com/numirias/security/blob/master/doc/2019-06-04_ace-vim-neovim.md
	NOTE: vim patches: https://github.com/vim/vim/commit/53575521406739cf20bbe4e384d88e7dca11f040
	NOTE: neovim pull request: https://github.com/neovim/neovim/pull/10082
CVE-2019-12732 (The Chartkick gem through 3.1.0 for Ruby allows XSS. ...)
	NOT-FOR-US: Chartkick Ruby gem
CVE-2019-12731 (The Windows versions of Snapview Mikogo, versions before 5.10.2 are af ...)
	NOT-FOR-US: Snapview Mikogo
CVE-2019-12730 (aa_read_header in libavformat/aadec.c in FFmpeg before 3.2.14 and 4.x  ...)
	{DSA-4502-1 DSA-4449-1}
	- ffmpeg 7:4.1.4-1 (low; bug #932469)
	NOTE: https://github.com/FFmpeg/FFmpeg/commit/ed188f6dcdf0935c939ed813cf8745d50742014b
CVE-2019-12729
	RESERVED
CVE-2019-12728 (Grails before 3.3.10 used cleartext HTTP to resolve the SDKMan notific ...)
	- grails <itp> (bug #473213)
CVE-2019-12727 (On Ubiquiti airCam 3.1.4 devices, a Denial of Service vulnerability ex ...)
	NOT-FOR-US: Ubiquiti airCam devices
CVE-2019-12726
	RESERVED
CVE-2019-12725 (Zeroshell 3.9.0 is prone to a remote command execution vulnerability.  ...)
	NOT-FOR-US: Zeroshell
CVE-2019-12724 (An issue was discovered in the Teclib News plugin through 1.5.2 for GL ...)
	NOT-FOR-US: Teclib
CVE-2019-12723 (An issue was discovered in the Teclib Fields plugin through 1.9.2 for  ...)
	NOT-FOR-US: Teclib
CVE-2019-12722
	RESERVED
CVE-2019-12721
	RESERVED
CVE-2019-12720 (AUO SunVeillance Monitoring System before v1.1.9e is vulnerable to mvc ...)
	NOT-FOR-US: AUO SunVeillance Monitoring System
CVE-2019-12719 (An issue was discovered in Picture_Manage_mvc.aspx in AUO SunVeillance ...)
	NOT-FOR-US: AUO SunVeillance Monitoring System
CVE-2019-12718 (A vulnerability in the web-based interface of Cisco Small Business Sma ...)
	NOT-FOR-US: Cisco
CVE-2019-12717 (A vulnerability in a CLI command related to the virtualization manager ...)
	NOT-FOR-US: Cisco
CVE-2019-12716 (A vulnerability in the web-based interface of Cisco Unified Communicat ...)
	NOT-FOR-US: Cisco
CVE-2019-12715 (A vulnerability in the web-based interface of Cisco Unified Communicat ...)
	NOT-FOR-US: Cisco
CVE-2019-12714 (A vulnerability in the web-based management interface of Cisco IC3000  ...)
	NOT-FOR-US: Cisco
CVE-2019-12713 (A vulnerability in the web-based management interface of Cisco Prime I ...)
	NOT-FOR-US: Cisco
CVE-2019-12712 (A vulnerability in the web-based management interface of Cisco Prime I ...)
	NOT-FOR-US: Cisco
CVE-2019-12711 (A vulnerability in the web-based interface of Cisco Unified Communicat ...)
	NOT-FOR-US: Cisco
CVE-2019-12710 (A vulnerability in the web-based interface of Cisco Unified Communicat ...)
	NOT-FOR-US: Cisco
CVE-2019-12709 (A vulnerability in a CLI command related to the virtualization manager ...)
	NOT-FOR-US: Cisco
CVE-2019-12708 (A vulnerability in the web-based management interface of Cisco SPA100  ...)
	NOT-FOR-US: Cisco
CVE-2019-12707 (A vulnerability in the web-based interface of multiple Cisco Unified C ...)
	NOT-FOR-US: Cisco
CVE-2019-12706 (A vulnerability in the Sender Policy Framework (SPF) functionality of  ...)
	NOT-FOR-US: Cisco
CVE-2019-12705 (A vulnerability in the web-based management interface of Cisco Express ...)
	NOT-FOR-US: Cisco
CVE-2019-12704 (A vulnerability in the web-based management interface of Cisco SPA100  ...)
	NOT-FOR-US: Cisco
CVE-2019-12703 (A vulnerability in the web-based management interface of Cisco SPA122  ...)
	NOT-FOR-US: Cisco
CVE-2019-12702 (A vulnerability in the web-based management interface of Cisco SPA100  ...)
	NOT-FOR-US: Cisco
CVE-2019-12701 (A vulnerability in the file and malware inspection feature of Cisco Fi ...)
	NOT-FOR-US: Cisco
CVE-2019-12700 (A vulnerability in the configuration of the Pluggable Authentication M ...)
	NOT-FOR-US: Cisco
CVE-2019-12699 (Multiple vulnerabilities in the CLI of Cisco FXOS Software and Cisco F ...)
	NOT-FOR-US: Cisco
CVE-2019-12698 (A vulnerability in the WebVPN feature of Cisco Adaptive Security Appli ...)
	NOT-FOR-US: Cisco
CVE-2019-12697 (Multiple vulnerabilities in the Cisco Firepower System Software Detect ...)
	NOT-FOR-US: Cisco
CVE-2019-12696 (Multiple vulnerabilities in the Cisco Firepower System Software Detect ...)
	NOT-FOR-US: Cisco
CVE-2019-12695 (A vulnerability in the Clientless SSL VPN (WebVPN) portal of Cisco Ada ...)
	NOT-FOR-US: Cisco
CVE-2019-12694 (A vulnerability in the command line interface (CLI) of Cisco Firepower ...)
	NOT-FOR-US: Cisco
CVE-2019-12693 (A vulnerability in the Secure Copy (SCP) feature of Cisco Adaptive Sec ...)
	NOT-FOR-US: Cisco
CVE-2019-12692
	RESERVED
CVE-2019-12691 (A vulnerability in the web-based management interface of Cisco Firepow ...)
	NOT-FOR-US: Cisco
CVE-2019-12690 (A vulnerability in the web UI of the Cisco Firepower Management Center ...)
	NOT-FOR-US: Cisco
CVE-2019-12689 (A vulnerability in the web-based management interface of Cisco Firepow ...)
	NOT-FOR-US: Cisco
CVE-2019-12688 (A vulnerability in the web UI of the Cisco Firepower Management Center ...)
	NOT-FOR-US: Cisco
CVE-2019-12687 (A vulnerability in the web UI of the Cisco Firepower Management Center ...)
	NOT-FOR-US: Cisco
CVE-2019-12686 (Multiple vulnerabilities in the web-based management interface of Cisc ...)
	NOT-FOR-US: Cisco
CVE-2019-12685 (Multiple vulnerabilities in the web-based management interface of Cisc ...)
	NOT-FOR-US: Cisco
CVE-2019-12684 (Multiple vulnerabilities in the web-based management interface of Cisc ...)
	NOT-FOR-US: Cisco
CVE-2019-12683 (Multiple vulnerabilities in the web-based management interface of Cisc ...)
	NOT-FOR-US: Cisco
CVE-2019-12682 (Multiple vulnerabilities in the web-based management interface of Cisc ...)
	NOT-FOR-US: Cisco
CVE-2019-12681 (Multiple vulnerabilities in the web-based management interface of Cisc ...)
	NOT-FOR-US: Cisco
CVE-2019-12680 (Multiple vulnerabilities in the web-based management interface of Cisc ...)
	NOT-FOR-US: Cisco
CVE-2019-12679 (Multiple vulnerabilities in the web-based management interface of Cisc ...)
	NOT-FOR-US: Cisco
CVE-2019-12678 (A vulnerability in the Session Initiation Protocol (SIP) inspection mo ...)
	NOT-FOR-US: Cisco
CVE-2019-12677 (A vulnerability in the Secure Sockets Layer (SSL) VPN feature of Cisco ...)
	NOT-FOR-US: Cisco
CVE-2019-12676 (A vulnerability in the Open Shortest Path First (OSPF) implementation  ...)
	NOT-FOR-US: Cisco
CVE-2019-12675 (Multiple vulnerabilities in the multi-instance feature of Cisco Firepo ...)
	NOT-FOR-US: Cisco
CVE-2019-12674 (Multiple vulnerabilities in the multi-instance feature of Cisco Firepo ...)
	NOT-FOR-US: Cisco
CVE-2019-12673 (A vulnerability in the FTP inspection engine of Cisco Adaptive Securit ...)
	NOT-FOR-US: Cisco
CVE-2019-12672 (A vulnerability in the filesystem of Cisco IOS XE Software could allow ...)
	NOT-FOR-US: Cisco
CVE-2019-12671 (A vulnerability in the CLI of Cisco IOS XE Software could allow an aut ...)
	NOT-FOR-US: Cisco
CVE-2019-12670 (A vulnerability in the filesystem of Cisco IOS XE Software could allow ...)
	NOT-FOR-US: Cisco
CVE-2019-12669 (A vulnerability in the RADIUS Change of Authorization (CoA) code of Ci ...)
	NOT-FOR-US: Cisco
CVE-2019-12668 (A vulnerability in the web framework code of Cisco IOS and Cisco IOS X ...)
	NOT-FOR-US: Cisco
CVE-2019-12667 (A vulnerability in the web framework code of Cisco IOS XE Software cou ...)
	NOT-FOR-US: Cisco
CVE-2019-12666 (A vulnerability in the Guest Shell of Cisco IOS XE Software could allo ...)
	NOT-FOR-US: Cisco
CVE-2019-12665 (A vulnerability in the HTTP client feature of Cisco IOS and IOS XE Sof ...)
	NOT-FOR-US: Cisco
CVE-2019-12664 (A vulnerability in the Dialer interface feature for ISDN connections i ...)
	NOT-FOR-US: Cisco
CVE-2019-12663 (A vulnerability in the Cisco TrustSec (CTS) Protected Access Credentia ...)
	NOT-FOR-US: Cisco
CVE-2019-12662 (A vulnerability in Cisco NX-OS Software and Cisco IOS XE Software coul ...)
	NOT-FOR-US: Cisco
CVE-2019-12661 (A vulnerability in a Virtualization Manager (VMAN) related CLI command ...)
	NOT-FOR-US: Cisco
CVE-2019-12660 (A vulnerability in the CLI of Cisco IOS XE Software could allow an aut ...)
	NOT-FOR-US: Cisco
CVE-2019-12659 (A vulnerability in the HTTP server code of Cisco IOS XE Software could ...)
	NOT-FOR-US: Cisco
CVE-2019-12658 (A vulnerability in the filesystem resource management code of Cisco IO ...)
	NOT-FOR-US: Cisco
CVE-2019-12657 (A vulnerability in Unified Threat Defense (UTD) in Cisco IOS XE Softwa ...)
	NOT-FOR-US: Cisco
CVE-2019-12656 (A vulnerability in the IOx application environment of multiple Cisco p ...)
	NOT-FOR-US: Cisco
CVE-2019-12655 (A vulnerability in the FTP application layer gateway (ALG) functionali ...)
	NOT-FOR-US: Cisco
CVE-2019-12654 (A vulnerability in the common Session Initiation Protocol (SIP) librar ...)
	NOT-FOR-US: Cisco
CVE-2019-12653 (A vulnerability in the Raw Socket Transport feature of Cisco IOS XE So ...)
	NOT-FOR-US: Cisco
CVE-2019-12652 (A vulnerability in the ingress packet processing function of Cisco IOS ...)
	NOT-FOR-US: Cisco
CVE-2019-12651 (Multiple vulnerabilities in the web-based user interface (Web UI) of C ...)
	NOT-FOR-US: Cisco
CVE-2019-12650 (Multiple vulnerabilities in the web-based user interface (Web UI) of C ...)
	NOT-FOR-US: Cisco
CVE-2019-12649 (A vulnerability in the Image Verification feature of Cisco IOS XE Soft ...)
	NOT-FOR-US: Cisco
CVE-2019-12648 (A vulnerability in the IOx application environment for Cisco IOS Softw ...)
	NOT-FOR-US: Cisco
CVE-2019-12647 (A vulnerability in the Ident protocol handler of Cisco IOS and IOS XE  ...)
	NOT-FOR-US: Cisco
CVE-2019-12646 (A vulnerability in the Network Address Translation (NAT) Session Initi ...)
	NOT-FOR-US: Cisco
CVE-2019-12645 (A vulnerability in Cisco Jabber Client Framework (JCF) for Mac Softwar ...)
	NOT-FOR-US: Cisco
CVE-2019-12644 (A vulnerability in the web-based management interface of Cisco Identit ...)
	NOT-FOR-US: Cisco
CVE-2019-12643 (A vulnerability in the Cisco REST API virtual service container for Ci ...)
	NOT-FOR-US: Cisco
CVE-2019-12642
	RESERVED
CVE-2019-12641
	RESERVED
CVE-2019-12640
	RESERVED
CVE-2019-12639
	RESERVED
CVE-2019-12638 (A vulnerability in the web-based management interface of Cisco Identit ...)
	NOT-FOR-US: Cisco
CVE-2019-12637 (Multiple vulnerabilities in the web-based management interface of Cisc ...)
	NOT-FOR-US: Cisco
CVE-2019-12636 (A vulnerability in the web-based management interface of Cisco Small B ...)
	NOT-FOR-US: Cisco
CVE-2019-12635 (A vulnerability in the authorization module of Cisco Content Security  ...)
	NOT-FOR-US: Cisco
CVE-2019-12634 (A vulnerability in the web-based management interface of Cisco Integra ...)
	NOT-FOR-US: Cisco
CVE-2019-12633 (A vulnerability in Cisco Unified Contact Center Express (Unified CCX)  ...)
	NOT-FOR-US: Cisco
CVE-2019-12632 (A vulnerability in Cisco Finesse could allow an unauthenticated, remot ...)
	NOT-FOR-US: Cisco
CVE-2019-12631 (A vulnerability in the web-based guest portal of Cisco Identity Servic ...)
	NOT-FOR-US: Cisco
CVE-2019-12630 (A vulnerability in the Java deserialization function used by Cisco Sec ...)
	NOT-FOR-US: Cisco
CVE-2019-12629 (A vulnerability in the WebUI of the Cisco SD-WAN Solution could allow  ...)
	NOT-FOR-US: Cisco
CVE-2019-12628
	RESERVED
CVE-2019-12627 (A vulnerability in the application policy configuration of the Cisco F ...)
	NOT-FOR-US: Cisco
CVE-2019-12626 (A vulnerability in the web-based management interface of Cisco Unified ...)
	NOT-FOR-US: Cisco
CVE-2019-12624 (A vulnerability in the web-based management interface of Cisco IOS XE  ...)
	NOT-FOR-US: Cisco
CVE-2019-12623 (A vulnerability in the web server functionality of Cisco Enterprise Ne ...)
	NOT-FOR-US: Cisco
CVE-2019-12622 (A vulnerability in Cisco RoomOS Software could allow an authenticated, ...)
	NOT-FOR-US: Cisco
CVE-2019-12621 (A vulnerability in Cisco HyperFlex Software could allow an unauthentic ...)
	NOT-FOR-US: Cisco
CVE-2019-12620 (A vulnerability in the statistics collection service of Cisco HyperFle ...)
	NOT-FOR-US: Cisco
CVE-2019-12619 (A vulnerability in the web interface for Cisco SD-WAN Solution vManage ...)
	NOT-FOR-US: Cisco
CVE-2019-12618 (HashiCorp Nomad 0.9.0 through 0.9.1 has Incorrect Access Control via t ...)
	- nomad <not-affected> (Vulnerability introduced in 0.9.0)
	NOTE: https://www.hashicorp.com/blog/hashicorp-nomad-0-9-2
	NOTE: https://github.com/hashicorp/nomad/issues/5783
CVE-2019-12617 (In SilverStripe through 4.3.3, there is access escalation for CMS user ...)
	NOT-FOR-US: SilverStripe
CVE-2019-12616 (An issue was discovered in phpMyAdmin before 4.9.0. A vulnerability wa ...)
	{DLA-1821-1}
	- phpmyadmin 4:4.9.1+dfsg1-2 (bug #930017)
	[stretch] - phpmyadmin <no-dsa> (Minor issue; can be fixed via point release)
	NOTE: https://www.phpmyadmin.net/security/PMASA-2019-4/
	NOTE: https://github.com/phpmyadmin/phpmyadmin/commit/015c404038c44279d95b6430ee5a0dddc97691ec
CVE-2019-12613
	REJECTED
CVE-2019-12612 (An issue was discovered in Bitdefender BOX firmware versions before 2. ...)
	NOT-FOR-US: Bitdefender BOX firmware
CVE-2019-12611 (An issue was discovered in Bitdefender BOX firmware versions before 2. ...)
	NOT-FOR-US: Bitdefender BOX firmware
CVE-2019-12610
	RESERVED
CVE-2019-12609
	RESERVED
CVE-2019-12608
	RESERVED
CVE-2019-12607
	RESERVED
CVE-2019-12606
	RESERVED
CVE-2019-12605
	RESERVED
CVE-2019-12604
	RESERVED
CVE-2019-12603
	RESERVED
CVE-2019-12602
	RESERVED
CVE-2019-12615 (An issue was discovered in get_vdev_port_node_info in arch/sparc/kerne ...)
	- linux 5.2.6-1 (unimportant)
	NOTE: https://git.kernel.org/linus/80caf43549e7e41a695c6d1e11066286538b336f
	NOTE: This is a potential null pointer dereference that looks like it can
	NOTE: only be invoked by root or the hypervisor.  Probably no security impact.
CVE-2019-12614 (An issue was discovered in dlpar_parse_cc_property in arch/powerpc/pla ...)
	- linux 5.3.7-1 (unimportant)
	[buster] - linux 4.19.98-1
	[stretch] - linux 4.9.210-1
	NOTE: https://lkml.org/lkml/2019/6/3/526
	NOTE: This is a potential null pointer dereference that looks like it can
	NOTE: only be invoked by root or the hypervisor.  Probably no security impact.
CVE-2019-12601 (SuiteCRM 7.8.x before 7.8.30, 7.10.x before 7.10.17, and 7.11.x before ...)
	NOT-FOR-US: SuiteCRM
CVE-2019-12600 (SuiteCRM 7.8.x before 7.8.30, 7.10.x before 7.10.17, and 7.11.x before ...)
	NOT-FOR-US: SuiteCRM
CVE-2019-12599 (SuiteCRM 7.10.x before 7.10.17 and 7.11.x before 7.11.5 allows SQL Inj ...)
	NOT-FOR-US: SuiteCRM
CVE-2019-12598 (SuiteCRM 7.8.x before 7.8.30, 7.10.x before 7.10.17, and 7.11.x before ...)
	NOT-FOR-US: SuiteCRM
CVE-2019-12597 (An issue was discovered in Zoho ManageEngine AssetExplorer. There is X ...)
	NOT-FOR-US: Zoho ManageEngine AssetExplorer
CVE-2019-12596 (An issue was discovered in Zoho ManageEngine AssetExplorer. There is X ...)
	NOT-FOR-US: Zoho ManageEngine AssetExplorer
CVE-2019-12595 (An issue was discovered in Zoho ManageEngine AssetExplorer. There is X ...)
	NOT-FOR-US: Zoho ManageEngine AssetExplorer
CVE-2019-12594 (DOSBox 0.74-2 has Incorrect Access Control. ...)
	{DSA-4478-1 DLA-1845-1}
	- dosbox 0.74-3-1 (bug #931222)
	NOTE: Fixed in 0.74-3 upstream.
	NOTE: https://github.com/Alexandre-Bartel/CVE-2019-12594
	NOTE: Upstream clarification https://sourceforge.net/p/dosbox/bugs/508/
	NOTE: Fixed by https://sourceforge.net/p/dosbox/code-0/4246/
CVE-2019-12593 (IceWarp Mail Server through 10.4.4 is prone to a local file inclusion  ...)
	NOT-FOR-US: IceWarp Mail Server
CVE-2019-12592 (A universal Cross-site scripting (UXSS) vulnerability in the Evernote  ...)
	NOT-FOR-US: Evernote
CVE-2019-12591 (NETGEAR Insight Cloud with firmware before Insight 5.6 allows remote a ...)
	NOT-FOR-US: NETGEAR
CVE-2019-12590
	RESERVED
CVE-2019-12588 (The client 802.11 mac implementation in Espressif ESP8266_NONOS_SDK 2. ...)
	NOT-FOR-US: Espressif
CVE-2019-12587 (The EAP peer implementation in Espressif ESP-IDF 2.0.0 through 4.0.0 a ...)
	NOT-FOR-US: Espressif
CVE-2019-12586 (The EAP peer implementation in Espressif ESP-IDF 2.0.0 through 4.0.0 a ...)
	NOT-FOR-US: Espressif
CVE-2019-12585 (Apcupsd 0.3.91_5, as used in pfSense through 2.4.4-RELEASE-p3 and othe ...)
	- apcupsd <not-affected> (Vulnerable code in pfSense-specific status page)
CVE-2019-12584 (Apcupsd 0.3.91_5, as used in pfSense through 2.4.4-RELEASE-p3 and othe ...)
	- apcupsd <not-affected> (Vulnerable code in pfSense-specific status page)
CVE-2019-12583 (Missing Access Control in the "Free Time" component of several Zyxel U ...)
	NOT-FOR-US: Zyxel
CVE-2019-12582
	REJECTED
CVE-2019-12581 (A reflective Cross-site scripting (XSS) vulnerability in the free_time ...)
	NOT-FOR-US: Zyxel
CVE-2019-12580
	RESERVED
CVE-2019-12579 (A vulnerability in the London Trust Media Private Internet Access (PIA ...)
	NOT-FOR-US: Private Internet Access client
CVE-2019-12578 (A vulnerability in the London Trust Media Private Internet Access (PIA ...)
	NOT-FOR-US: Private Internet Access client
CVE-2019-12577 (A vulnerability in the London Trust Media Private Internet Access (PIA ...)
	NOT-FOR-US: Private Internet Access client
CVE-2019-12576 (A vulnerability in the London Trust Media Private Internet Access (PIA ...)
	NOT-FOR-US: Private Internet Access client
CVE-2019-12575 (A vulnerability in the London Trust Media Private Internet Access (PIA ...)
	NOT-FOR-US: Private Internet Access client
CVE-2019-12574 (A vulnerability in the London Trust Media Private Internet Access (PIA ...)
	NOT-FOR-US: Private Internet Access client
CVE-2019-12573 (A vulnerability in the London Trust Media Private Internet Access (PIA ...)
	NOT-FOR-US: Private Internet Access client
CVE-2019-12572 (A vulnerability in the London Trust Media Private Internet Access (PIA ...)
	NOT-FOR-US: London Trust Media Private Internet Access (PIA) VPN Client
CVE-2019-12571 (A vulnerability in the London Trust Media Private Internet Access (PIA ...)
	NOT-FOR-US: Private Internet Access client
CVE-2019-12570 (A SQL injection vulnerability in the Xpert Solution "Server Status by  ...)
	NOT-FOR-US: Xpert Solution "Server Status by Hostname/IP" plugin for WordPress
CVE-2019-12569 (A vulnerability in Viber before 10.7.0 for Desktop (Windows) could all ...)
	NOT-FOR-US: Viber
CVE-2019-12568 (Stack-based overflow vulnerability in the logMess function in Open TFT ...)
	NOT-FOR-US: Open TFTP Server
CVE-2019-12567 (Stack-based overflow vulnerability in the logMess function in Open TFT ...)
	NOT-FOR-US: Open TFTP Server
CVE-2019-12566 (The WP Statistics plugin through 12.6.5 for Wordpress has stored XSS i ...)
	NOT-FOR-US: WP Statistics plugin for WordPress
CVE-2019-12565
	RESERVED
CVE-2019-12564 (In DouCo DouPHP v1.5 Release 20190516, remote attackers can view the d ...)
	NOT-FOR-US: DouCo DouPHP
CVE-2019-12563
	RESERVED
CVE-2019-12562 (Stored Cross-Site Scripting in DotNetNuke (DNN) Version before 9.4.0 a ...)
	NOT-FOR-US: DNN
CVE-2019-12561
	RESERVED
CVE-2019-12560
	RESERVED
CVE-2019-12559
	RESERVED
CVE-2019-12558
	RESERVED
CVE-2019-12557
	RESERVED
CVE-2019-12556
	RESERVED
CVE-2019-12555 (In SweetScape 010 Editor 9.0.1, improper validation of arguments in th ...)
	NOT-FOR-US: SweetScape 010 Editor
CVE-2019-12554 (In SweetScape 010 Editor 9.0.1, improper validation of arguments in th ...)
	NOT-FOR-US: SweetScape 010 Editor
CVE-2019-12553 (In SweetScape 010 Editor 9.0.1, improper validation of arguments in th ...)
	NOT-FOR-US: SweetScape 010 Editor
CVE-2019-12552 (In SweetScape 010 Editor 9.0.1, an integer overflow during the initial ...)
	NOT-FOR-US: SweetScape 010 Editor
CVE-2019-12551 (In SweetScape 010 Editor 9.0.1, improper validation of arguments in th ...)
	NOT-FOR-US: SweetScape 010 Editor
CVE-2019-12550 (WAGO 852-303 before FW06, 852-1305 before FW06, and 852-1505 before FW ...)
	NOT-FOR-US: WAGO devices
CVE-2019-12549 (WAGO 852-303 before FW06, 852-1305 before FW06, and 852-1505 before FW ...)
	NOT-FOR-US: WAGO devices
CVE-2019-12548 (Bludit before 3.9.0 allows remote code execution for an authenticated  ...)
	NOT-FOR-US: bludit
CVE-2019-12547
	RESERVED
CVE-2019-12546
	RESERVED
CVE-2019-12545
	RESERVED
CVE-2019-12544
	RESERVED
CVE-2019-12543 (An issue was discovered in Zoho ManageEngine ServiceDesk Plus 9.3. The ...)
	NOT-FOR-US: Zoho ManageEngine ServiceDesk
CVE-2019-12542 (An issue was discovered in Zoho ManageEngine ServiceDesk Plus 9.3. The ...)
	NOT-FOR-US: Zoho ManageEngine ServiceDesk
CVE-2019-12541 (An issue was discovered in Zoho ManageEngine ServiceDesk Plus 9.3. The ...)
	NOT-FOR-US: Zoho ManageEngine ServiceDesk
CVE-2019-12540 (An issue was discovered in Zoho ManageEngine ServiceDesk Plus 10.5. Th ...)
	NOT-FOR-US: Zoho ManageEngine ServiceDesk
CVE-2019-12539 (An issue was discovered in the Purchase component of Zoho ManageEngine ...)
	NOT-FOR-US: Zoho ManageEngine ServiceDesk Plus
CVE-2019-12538 (An issue was discovered in Zoho ManageEngine ServiceDesk Plus 9.3. The ...)
	NOT-FOR-US: Zoho ManageEngine ServiceDesk
CVE-2019-12537 (An issue was discovered in Zoho ManageEngine AssetExplorer. There is X ...)
	NOT-FOR-US: Zoho ManageEngine AssetExplorer
CVE-2019-12536
	RESERVED
CVE-2019-12535
	RESERVED
CVE-2019-12534
	RESERVED
CVE-2019-12533
	RESERVED
CVE-2019-12532 (Improper access control in the Insyde software tools may allow an auth ...)
	NOT-FOR-US: Insyde software tools
CVE-2019-12531
	RESERVED
CVE-2019-12530 (Incorrect access control was discovered in the stdonato Dashboard plug ...)
	NOT-FOR-US: Dashboard plugin for GLPI
CVE-2019-12529 (An issue was discovered in Squid 2.x through 2.7.STABLE9, 3.x through  ...)
	{DSA-4507-1 DLA-1858-1}
	- squid 4.8-1
	- squid3 <removed>
	NOTE: http://www.squid-cache.org/Advisories/SQUID-2019_2.txt
	NOTE: Squid 4: http://www.squid-cache.org/Versions/v4/changesets/squid-4-dd46b5417809647f561d8a5e0e74c3aacd235258.patch
CVE-2019-12528 (An issue was discovered in Squid before 4.10. It allows a crafted FTP  ...)
	- squid 4.10-1 (bug #950925)
	- squid3 <removed>
	NOTE: http://www.squid-cache.org/Advisories/SQUID-2020_2.txt
	NOTE: Squid 3: http://www.squid-cache.org/Versions/v3/3.5/changesets/squid-3.5-8cdb18ca1829a0b7faa1c9e472604ed0e7e105ac.patch
	NOTE: Squid 4: http://www.squid-cache.org/Versions/v4/changesets/squid-4-c1bebac9c1135b7add6589db35c62f16db195b8f.patch
CVE-2019-12527 (An issue was discovered in Squid 4.0.23 through 4.7. When checking Bas ...)
	{DSA-4507-1}
	- squid 4.8-1
	- squid3 <not-affected> (Vulnerable code introduced in 4.0.23)
	NOTE: http://www.squid-cache.org/Advisories/SQUID-2019_5.txt
	NOTE: http://www.squid-cache.org/Versions/v4/changesets/squid-4-7f73e9c5d17664b882ed32590e6af310c247f320.patch
	NOTE: The code in squid 3.x limits the amount of input data decoded to one byte less
	NOTE: than the length of the target buffer, whilst in 4.x the entire input is decoded
	NOTE: without regard for the size of the target buffer.
CVE-2019-12526 (An issue was discovered in Squid before 4.9. URN response handling in  ...)
	{DLA-2028-1}
	- squid 4.9-1
	- squid3 <removed>
	NOTE: Squid 4: http://www.squid-cache.org/Versions/v4/changesets/squid-4-7aa0184a720fd216191474e079f4fe87de7c4f5a.patch
	NOTE: http://www.squid-cache.org/Advisories/SQUID-2019_7.txt
CVE-2019-12525 (An issue was discovered in Squid 3.3.9 through 3.5.28 and 4.x through  ...)
	{DSA-4507-1 DLA-1858-1}
	- squid 4.8-1
	- squid3 <removed>
	NOTE: http://www.squid-cache.org/Advisories/SQUID-2019_3.txt
	NOTE: Squid 4: http://www.squid-cache.org/Versions/v4/changesets/squid-4-409956536647b3a05ee1e367424a24ae6b8f13fd.patch
	NOTE: Squid 3.5: http://www.squid-cache.org/Versions/v3/3.5/changesets/squid-3.5-ec0d0f39cf28da14eead0ba5e777e95855bc2f67.patch
CVE-2019-12524
	RESERVED
CVE-2019-12523 (An issue was discovered in Squid before 4.9. When handling a URN reque ...)
	- squid 4.9-1
	- squid3 <removed>
	NOTE: http://www.squid-cache.org/Advisories/SQUID-2019_8.txt
	NOTE: Squid 4: http://www.squid-cache.org/Versions/v4/changesets/squid-4-fbbdf75efd7a5cc244b4886a9d42ea458c5a3a73.patch
CVE-2019-12522
	RESERVED
CVE-2019-12521
	RESERVED
CVE-2019-12520
	RESERVED
CVE-2019-12519
	RESERVED
CVE-2019-12518 (Anviz CrossChex access control management software 4.3.8.0 and 4.3.12  ...)
	NOT-FOR-US: Anviz CrossChex
CVE-2019-12517 (An XSS issue was discovered in the slickquiz plugin through 1.3.7.1 fo ...)
	NOT-FOR-US: slickquiz plugin for WordPress
CVE-2019-12516 (The slickquiz plugin through 1.3.7.1 for WordPress allows SQL Injectio ...)
	NOT-FOR-US: slickquiz plugin for WordPress
CVE-2019-12515 (There is an out-of-bounds read vulnerability in the function FlateStre ...)
	- xpdf <not-affected> (xpdf in Debian uses poppler, which is not affected or fixed)
	NOTE: https://github.com/PanguL4b/pocs/tree/master/xpdf/out-of-bounds-read-in-FlateStream__getChar
CVE-2019-12514
	RESERVED
CVE-2019-12513 (In NETGEAR Nighthawk X10-R900 prior to 1.0.4.24, by sending a DHCP dis ...)
	NOT-FOR-US: Netgear
CVE-2019-12512 (In NETGEAR Nighthawk X10-R900 prior to 1.0.4.24, an attacker may execu ...)
	NOT-FOR-US: Netgear
CVE-2019-12511 (In NETGEAR Nighthawk X10-R9000 prior to 1.0.4.26, an attacker may exec ...)
	NOT-FOR-US: Netgear
CVE-2019-12510 (In NETGEAR Nighthawk X10-R900 prior to 1.0.4.26, an attacker may bypas ...)
	NOT-FOR-US: Netgear
CVE-2019-12509
	RESERVED
CVE-2019-12508
	RESERVED
CVE-2019-12507 (An XSS vulnerability exists in PHPRelativePath (aka Relative Path) thr ...)
	NOT-FOR-US: Relative Path PHP library
CVE-2019-12506 (Due to unencrypted and unauthenticated data communication, the wireles ...)
	NOT-FOR-US: Logitech
CVE-2019-12505 (Due to unencrypted and unauthenticated data communication, the wireles ...)
	NOT-FOR-US: Inateck
CVE-2019-12504 (Due to unencrypted and unauthenticated data communication, the wireles ...)
	NOT-FOR-US: Inateck
CVE-2019-12503 (Due to unencrypted and unauthenticated data communication, the wireles ...)
	NOT-FOR-US: Inateck
CVE-2019-12502 (There is a lack of CSRF countermeasures on MOBOTIX S14 MX-V4.2.1.61 ca ...)
	NOT-FOR-US: MOBOTIX cameras
CVE-2019-12501
	RESERVED
CVE-2019-12500 (The Xiaomi M365 scooter 2019-02-12 before 1.5.1 allows spoofing of "su ...)
	NOT-FOR-US: Xiaomi M365 scooter
CVE-2019-12498 (The WP Live Chat Support plugin before 8.0.33 for WordPress accepts ce ...)
	NOT-FOR-US: WP Live Chat Support plugin for WordPress
CVE-2019-12497 (An issue was discovered in Open Ticket Request System (OTRS) 7.0.x thr ...)
	{DLA-1816-1}
	- otrs2 6.0.19-1
	[buster] - otrs2 <no-dsa> (Non-free not supported)
	[stretch] - otrs2 <no-dsa> (Non-free not supported)
	NOTE: https://community.otrs.com/security-advisory-2019-09-security-update-for-otrs-framework/
	NOTE: OTRS 6: https://github.com/OTRS/otrs/commit/f8bcf08dfc5f06915c1352c07e5f626f9b5ecfc2
	NOTE: OTRS 5: https://github.com/OTRS/otrs/commit/d4cc3f0e24937fa53870132003aec6af460b9b57
CVE-2019-12496 (An issue was discovered in Hybrid Group Gobot before 1.13.0. The mqtt  ...)
	NOT-FOR-US: Hybrid Group Gobot
CVE-2019-12495 (An issue was discovered in Tiny C Compiler (aka TinyCC or TCC) 0.9.27. ...)
	- tcc <unfixed> (bug #929872)
	[buster] - tcc <ignored> (Minor issue)
	[stretch] - tcc <ignored> (Minor issue)
	[jessie] - tcc <no-dsa> (Minor issue)
	NOTE: https://lists.nongnu.org/archive/html/tinycc-devel/2019-05/msg00044.html
	NOTE: https://repo.or.cz/tinycc.git/commit/d04ce7772c2bc2781ab2502e0b1f1964488814b5
CVE-2019-12494 (In Gardener before 0.20.0, incorrect access control in seed clusters a ...)
	NOT-FOR-US: Gardener
CVE-2019-12493 (A stack-based buffer over-read exists in PostScriptFunction::transform ...)
	{DLA-1939-1}
	- xpdf <not-affected> (xpdf in Debian uses poppler, which is not affected or fixed)
	- poppler 0.44.0-2
	NOTE: https://gitlab.freedesktop.org/poppler/poppler/commit/37840827c4073dedfd37915a74eb8fe0c44843c3
CVE-2019-12492 (Gallagher Command Centre before 7.80.939, 7.90.x before 7.90.961, and  ...)
	NOT-FOR-US: Gallagher Command Centre
CVE-2019-12491 (OnApp before 5.0.0-88, 5.5.0-93, and 6.0.0-196 allows an attacker to r ...)
	NOT-FOR-US: OnApp
CVE-2019-12490 (An issue was discovered in Simple Machines Forum (SMF) before 2.0.16.  ...)
	NOT-FOR-US: Simple Machines Forum (SMF)
CVE-2019-12489 (An issue was discovered on Fastweb Askey RTV1907VW 0.00.81_FW_200_Aske ...)
	NOT-FOR-US: Fastweb Askey RTV1907VW devices
CVE-2019-12488
	RESERVED
CVE-2019-12487
	RESERVED
CVE-2019-12486
	RESERVED
CVE-2019-12485
	RESERVED
CVE-2019-12484
	RESERVED
CVE-2019-12483 (An issue was discovered in GPAC 0.7.1. There is a heap-based buffer ov ...)
	{DLA-1841-1}
	- gpac <unfixed> (bug #931088)
	[buster] - gpac <no-dsa> (Minor issue)
	[stretch] - gpac <no-dsa> (Minor issue)
	NOTE: https://github.com/gpac/gpac/issues/1249
	NOTE: https://github.com/gpac/gpac/commit/f40aaaf959d4d1f7fa0dcd04c0666592e615c8f1
CVE-2019-12482 (An issue was discovered in GPAC 0.7.1. There is a NULL pointer derefer ...)
	{DLA-1841-1}
	- gpac <unfixed> (bug #931088)
	[buster] - gpac <no-dsa> (Minor issue)
	[stretch] - gpac <no-dsa> (Minor issue)
	NOTE: https://github.com/gpac/gpac/issues/1249
	NOTE: https://github.com/gpac/gpac/commit/f40aaaf959d4d1f7fa0dcd04c0666592e615c8f1
CVE-2019-12481 (An issue was discovered in GPAC 0.7.1. There is a NULL pointer derefer ...)
	{DLA-1841-1}
	- gpac <unfixed> (bug #931088)
	[buster] - gpac <no-dsa> (Minor issue)
	[stretch] - gpac <no-dsa> (Minor issue)
	NOTE: https://github.com/gpac/gpac/issues/1249
	NOTE: https://github.com/gpac/gpac/commit/f40aaaf959d4d1f7fa0dcd04c0666592e615c8f1
CVE-2019-12480 (BACnet Protocol Stack through 0.8.6 has a segmentation fault leading t ...)
	NOT-FOR-US: BACnet Protocol Stack
CVE-2019-12479 (An issue was discovered in 20|20 Storage 2.11.0. A Path Traversal vuln ...)
	NOT-FOR-US: 20|20 Storage
CVE-2019-12478
	RESERVED
CVE-2019-12477 (Supra Smart Cloud TV allows remote file inclusion in the openLiveURL f ...)
	NOT-FOR-US: Supra Smart Cloud TV
CVE-2019-12476 (An authentication bypass vulnerability in the password reset functiona ...)
	NOT-FOR-US: Zoho ManageEngine ADSelfService Plus
CVE-2019-12475 (In MicroStrategy Web before 10.4.6, there is stored XSS in metric due  ...)
	NOT-FOR-US: MicroStrategy Web
CVE-2019-12474 (Wikimedia MediaWiki 1.23.0 through 1.32.1 has an information leak. Pri ...)
	{DSA-4460-1}
	- mediawiki 1:1.31.2-1
	NOTE: https://lists.wikimedia.org/pipermail/wikitech-l/2019-June/092152.html
	NOTE: https://phabricator.wikimedia.org/T212118
CVE-2019-12473 (Wikimedia MediaWiki 1.27.0 through 1.32.1 might allow DoS. Passing inv ...)
	{DSA-4460-1}
	- mediawiki 1:1.31.2-1
	NOTE: https://lists.wikimedia.org/pipermail/wikitech-l/2019-June/092152.html
	NOTE: https://phabricator.wikimedia.org/T204729
CVE-2019-12472 (An Incorrect Access Control vulnerability was found in Wikimedia Media ...)
	{DSA-4460-1}
	- mediawiki 1:1.31.2-1
	NOTE: https://lists.wikimedia.org/pipermail/wikitech-l/2019-June/092152.html
	NOTE: https://phabricator.wikimedia.org/T199540
CVE-2019-12471 (Wikimedia MediaWiki 1.30.0 through 1.32.1 has XSS. Loading user JavaSc ...)
	{DSA-4460-1}
	- mediawiki 1:1.31.2-1
	NOTE: https://lists.wikimedia.org/pipermail/wikitech-l/2019-June/092152.html
	NOTE: https://phabricator.wikimedia.org/T207603
CVE-2019-12470 (Wikimedia MediaWiki through 1.32.1 has Incorrect Access Control. Suppr ...)
	{DSA-4460-1}
	- mediawiki 1:1.31.2-1
	NOTE: https://lists.wikimedia.org/pipermail/wikitech-l/2019-June/092152.html
	NOTE: https://phabricator.wikimedia.org/T222038
CVE-2019-12469 (MediaWiki through 1.32.1 has Incorrect Access Control. Suppressed user ...)
	{DSA-4460-1}
	- mediawiki 1:1.31.2-1
	NOTE: https://lists.wikimedia.org/pipermail/wikitech-l/2019-June/092152.html
	NOTE: https://phabricator.wikimedia.org/T222036
CVE-2019-12468 (An Incorrect Access Control vulnerability was found in Wikimedia Media ...)
	{DSA-4460-1}
	- mediawiki 1:1.31.2-1
	NOTE: https://lists.wikimedia.org/pipermail/wikitech-l/2019-June/092152.html
	NOTE: https://phabricator.wikimedia.org/T197279
CVE-2019-12467 (MediaWiki through 1.32.1 has Incorrect Access Control (issue 1 of 3).  ...)
	{DSA-4460-1}
	- mediawiki 1:1.31.2-1
	NOTE: https://lists.wikimedia.org/pipermail/wikitech-l/2019-June/092152.html
	NOTE: https://phabricator.wikimedia.org/T209794
CVE-2019-12466 (Wikimedia MediaWiki through 1.32.1 allows CSRF. ...)
	{DSA-4460-1}
	- mediawiki 1:1.31.2-1
	NOTE: https://lists.wikimedia.org/pipermail/wikitech-l/2019-June/092152.html
	NOTE: https://phabricator.wikimedia.org/T25227
CVE-2019-12465 (An issue was discovered in LibreNMS 1.50.1. A SQL injection flaw was i ...)
	NOT-FOR-US: LibreNMS
CVE-2019-12464 (An issue was discovered in LibreNMS 1.50.1. An authenticated user can  ...)
	NOT-FOR-US: LibreNMS
CVE-2019-12463 (An issue was discovered in LibreNMS 1.50.1. The scripts that handle gr ...)
	NOT-FOR-US: LibreNMS
CVE-2019-12462
	RESERVED
CVE-2019-12461 (Web Port 1.19.1 allows XSS via the /log type parameter. ...)
	NOT-FOR-US: Web Port
CVE-2019-12460 (Web Port 1.19.1 allows XSS via the /access/setup type parameter. ...)
	NOT-FOR-US: Web Port
CVE-2019-12459 (FileRun 2019.05.21 allows customizables/plugins/audio_player Directory ...)
	NOT-FOR-US: FileRun
CVE-2019-12458 (FileRun 2019.05.21 allows css/ext-ux Directory Listing. This issue has ...)
	NOT-FOR-US: FileRun
CVE-2019-12457 (FileRun 2019.05.21 allows images/extjs Directory Listing. This issue h ...)
	NOT-FOR-US: FileRun
CVE-2019-12499 (Firejail before 0.9.60 allows truncation (resizing to length 0) of the ...)
	- firejail 0.9.58.2-2 (bug #929733)
	[stretch] - firejail <no-dsa> (Minor issue)
	NOTE: https://github.com/netblue30/firejail/issues/2401
	NOTE: https://github.com/netblue30/firejail/commit/eecf35c2f8249489a1d3e512bb07f0d427183134
CVE-2019-12589 (In Firejail before 0.9.60, seccomp filters are writable inside the jai ...)
	- firejail 0.9.58.2-2 (bug #929732)
	[stretch] - firejail <no-dsa> (Minor issue)
	NOTE: https://github.com/netblue30/firejail/issues/2718
	NOTE: https://github.com/netblue30/firejail/commit/eecf35c2f8249489a1d3e512bb07f0d427183134
CVE-2019-12456 (** DISPUTED ** An issue was discovered in the MPT3COMMAND case in _ctl ...)
	- linux <unfixed> (unimportant)
	NOTE: The double-fetched value is not used after the second fetch, thus an invalid issue
	NOTE: from security impact perspective. CVE should probably be rejected.
CVE-2019-12455 (** DISPUTED ** An issue was discovered in sunxi_divs_clk_setup in driv ...)
	- linux <unfixed> (unimportant)
	NOTE: No/negligible security impact
CVE-2019-12454 (** DISPUTED ** An issue was discovered in wcd9335_codec_enable_dec in  ...)
	- linux <not-affected> (Vulnerable code not present, introduced in 5.1-rc1)
CVE-2019-12453 (In MicroStrategy Web before 10.1 patch 10, stored XSS is possible in t ...)
	NOT-FOR-US: MicroStrategy Web
CVE-2019-12452 (types/types.go in Containous Traefik 1.7.x through 1.7.11, when the -- ...)
	NOT-FOR-US: Containous Traefik
CVE-2019-12451
	RESERVED
CVE-2019-13012 (The keyfile settings backend in GNOME GLib (aka glib2.0) before 2.60.0 ...)
	{DLA-1866-2 DLA-1866-1}
	[experimental] - glib2.0 2.60.0-1
	- glib2.0 2.60.5-1 (bug #931234)
	[buster] - glib2.0 2.58.3-2+deb10u1
	[stretch] - glib2.0 2.50.3-2+deb9u1
	NOTE: https://gitlab.gnome.org/GNOME/glib/issues/1658
	NOTE: https://gitlab.gnome.org/GNOME/glib/merge_requests/450
	NOTE: https://gitlab.gnome.org/GNOME/glib/commit/5e4da714f00f6bfb2ccd6d73d61329c6f3a08429
CVE-2019-12450 (file_copy_fallback in gio/gfile.c in GNOME GLib 2.15.0 through 2.61.1  ...)
	{DLA-1826-1}
	- glib2.0 2.58.3-2 (bug #929753)
	[stretch] - glib2.0 2.50.3-2+deb9u1
	NOTE: https://gitlab.gnome.org/GNOME/glib/commit/d8f8f4d637ce43f8699ba94c9b7648beda0ca174
CVE-2019-12449 (An issue was discovered in GNOME gvfs 1.29.4 through 1.41.2. daemon/gv ...)
	- gvfs 1.38.1-4 (bug #929755)
	[stretch] - gvfs <no-dsa> (Minor issue)
	[jessie] - gvfs <not-affected> (Vulnerable code introduced later)
	NOTE: https://gitlab.gnome.org/GNOME/gvfs/commit/d5dfd823c94045488aef8727c553f1e0f7666b90
CVE-2019-12448 (An issue was discovered in GNOME gvfs 1.29.4 through 1.41.2. daemon/gv ...)
	- gvfs 1.38.1-4 (bug #929755)
	[stretch] - gvfs <no-dsa> (Minor issue)
	[jessie] - gvfs <not-affected> (Vulnerable code introduced later)
	NOTE: https://gitlab.gnome.org/GNOME/gvfs/commit/5cd76d627f4d1982b6e77a0e271ef9301732d09e
CVE-2019-12447 (An issue was discovered in GNOME gvfs 1.29.4 through 1.41.2. daemon/gv ...)
	- gvfs 1.38.1-4 (bug #929755)
	[stretch] - gvfs <no-dsa> (Minor issue)
	[jessie] - gvfs <not-affected> (Vulnerable code introduced later)
	NOTE: https://gitlab.gnome.org/GNOME/gvfs/commit/daf1163aba229afcfddf0f925aef7e97047e8959
	NOTE: https://gitlab.gnome.org/GNOME/gvfs/commit/3895e09d784ebec0fbc4614d5c37068736120e1d
CVE-2019-12446 (An issue was discovered in GitLab Community and Enterprise Edition 8.3 ...)
	[experimental] - gitlab 11.10.5+dfsg-1
	- gitlab 12.6.8-3 (bug #930004)
	NOTE: https://about.gitlab.com/2019/06/03/security-release-gitlab-11-dot-11-dot-1-released/
CVE-2019-12445 (An issue was discovered in GitLab Community and Enterprise Edition 8.4 ...)
	[experimental] - gitlab 11.10.5+dfsg-1
	- gitlab 12.6.8-3 (bug #930004)
	NOTE: https://about.gitlab.com/2019/06/03/security-release-gitlab-11-dot-11-dot-1-released/
CVE-2019-12444 (An issue was discovered in GitLab Community and Enterprise Edition 8.9 ...)
	[experimental] - gitlab 11.10.5+dfsg-1
	- gitlab 12.6.8-3 (bug #930004)
	NOTE: https://about.gitlab.com/2019/06/03/security-release-gitlab-11-dot-11-dot-1-released/
CVE-2019-12443 (An issue was discovered in GitLab Community and Enterprise Edition 10. ...)
	[experimental] - gitlab 11.10.5+dfsg-1
	- gitlab 12.6.8-3 (bug #930004)
	NOTE: https://about.gitlab.com/2019/06/03/security-release-gitlab-11-dot-11-dot-1-released/
CVE-2019-12442 (An issue was discovered in GitLab Enterprise Edition 11.7 through 11.1 ...)
	[experimental] - gitlab 11.10.5+dfsg-1
	- gitlab 12.6.8-3 (bug #930004)
	NOTE: https://about.gitlab.com/2019/06/03/security-release-gitlab-11-dot-11-dot-1-released/
CVE-2019-12441 (An issue was discovered in GitLab Community and Enterprise Edition 8.4 ...)
	[experimental] - gitlab 11.10.5+dfsg-1
	- gitlab 12.6.8-3 (bug #930004)
	NOTE: https://about.gitlab.com/2019/06/03/security-release-gitlab-11-dot-11-dot-1-released/
CVE-2019-12440 (The Sitecore Rocks plugin before 2.1.149 for Sitecore allows an unauth ...)
	NOT-FOR-US: Sitecore CMS
CVE-2019-12438
	RESERVED
CVE-2019-12437 (In SilverStripe through 4.3.3, the previous fix for SS-2018-007 does n ...)
	NOT-FOR-US: SilverStripe
CVE-2019-12436 (Samba 4.10.x before 4.10.5 has a NULL pointer dereference, leading to  ...)
	- samba <not-affected> (Only affects Samba since 4.10.0)
	NOTE: https://www.samba.org/samba/security/CVE-2019-12436.html
CVE-2019-12435 (Samba 4.9.x before 4.9.9 and 4.10.x before 4.10.5 has a NULL pointer d ...)
	- samba 2:4.9.5+dfsg-5 (bug #930748)
	[stretch] - samba <not-affected> (Only affects Samba since 4.9)
	[jessie] - samba <not-affected> (Only affects Samba since 4.9)
	NOTE: https://www.samba.org/samba/security/CVE-2019-12435.html
CVE-2019-12434 (An issue was discovered in GitLab Community and Enterprise Edition 10. ...)
	[experimental] - gitlab 11.10.5+dfsg-1
	- gitlab 12.6.8-3 (bug #930004)
	NOTE: https://about.gitlab.com/2019/06/03/security-release-gitlab-11-dot-11-dot-1-released/
CVE-2019-12433 (An issue was discovered in GitLab Community and Enterprise Edition 11. ...)
	[experimental] - gitlab 11.10.5+dfsg-1
	- gitlab 12.6.8-3 (bug #930004)
	NOTE: https://about.gitlab.com/2019/06/03/security-release-gitlab-11-dot-11-dot-1-released/
CVE-2019-12432 (An issue was discovered in GitLab Community and Enterprise Edition 8.1 ...)
	[experimental] - gitlab 11.10.5+dfsg-1
	- gitlab 12.6.8-3 (bug #930004)
	NOTE: https://about.gitlab.com/2019/06/03/security-release-gitlab-11-dot-11-dot-1-released/
CVE-2019-12431 (An issue was discovered in GitLab Community and Enterprise Edition 8.1 ...)
	[experimental] - gitlab 11.10.5+dfsg-1
	- gitlab 12.6.8-3 (bug #930004)
	NOTE: https://about.gitlab.com/2019/06/03/security-release-gitlab-11-dot-11-dot-1-released/
CVE-2019-12430 (An issue was discovered in GitLab Community and Enterprise Edition 11. ...)
	- gitlab <not-affected> (Only affects 11.11)
	NOTE: https://about.gitlab.com/2019/06/03/security-release-gitlab-11-dot-11-dot-1-released/
CVE-2019-12429 (An issue was discovered in GitLab Community and Enterprise Edition 11. ...)
	- gitlab <not-affected> (Only affects 11.9 and later)
	NOTE: https://about.gitlab.com/2019/06/03/security-release-gitlab-11-dot-11-dot-1-released/
CVE-2019-12428 (An issue was discovered in GitLab Community and Enterprise Edition 6.8 ...)
	[experimental] - gitlab 11.10.5+dfsg-1
	- gitlab 12.6.8-3 (bug #930004)
	NOTE: https://about.gitlab.com/2019/06/03/security-release-gitlab-11-dot-11-dot-1-released/
CVE-2019-12427 (Zimbra Collaboration before 8.8.15 Patch 1 is vulnerable to a non-pers ...)
	NOT-FOR-US: Zimbra Collaboration
CVE-2019-12426 (an unauthenticated user could get access to information of some backen ...)
	NOT-FOR-US: Apache OFBiz
CVE-2019-12425
	RESERVED
CVE-2019-12424
	REJECTED
CVE-2019-12423 (Apache CXF ships with a OpenId Connect JWK Keys service, which allows  ...)
	NOT-FOR-US: Apache CFX
CVE-2019-12422 (Apache Shiro before 1.4.2, when using the default "remember me" config ...)
	- shiro <unfixed> (low; bug #947945)
	[buster] - shiro <no-dsa> (Minor issue)
	[stretch] - shiro <no-dsa> (Minor issue)
	[jessie] - shiro <no-dsa> (Minor issue)
	NOTE: https://www.openwall.com/lists/oss-security/2019/11/18/1
	NOTE: Fixed by https://github.com/apache/shiro/commit/44f6548b97610cdf661976969d5735c0be14a57b#diff-a8fc9cf5d6f24966aa18cdf0850a730e
CVE-2019-12421 (When using an authentication mechanism other than PKI, when the user c ...)
	NOT-FOR-US: Apache NiFi
CVE-2019-12420 (In Apache SpamAssassin before 3.4.3, a message can be crafted in a way ...)
	{DSA-4584-1 DLA-2037-1}
	- spamassassin 3.4.3~rc6-1 (bug #946653)
	NOTE: https://www.openwall.com/lists/oss-security/2019/12/12/2
	NOTE: https://markmail.org/message/pyp425yrulfxyhrn
	NOTE: https://svn.apache.org/r1866128
CVE-2019-12419 (Apache CXF before 3.3.4 and 3.2.11 provides all of the components that ...)
	NOT-FOR-US: Apache CFX
CVE-2019-12418 (When Apache Tomcat 9.0.0.M1 to 9.0.28, 8.5.0 to 8.5.47, 7.0.0 and 7.0. ...)
	{DSA-4596-1 DLA-2155-1 DLA-2077-1}
	- tomcat9 9.0.31-1
	- tomcat8 <removed>
	- tomcat7 <removed>
	NOTE: https://github.com/apache/tomcat/commit/1fc9f589dbdd8295cf313b2667ab041c425f99c3 (9.0.29)
	NOTE: https://github.com/apache/tomcat/commit/a91d7db4047d372b2f12999d3cf2bc3254c20d00 (8.5.48)
	NOTE: https://github.com/apache/tomcat/commit/bef3f40400243348d12f4abfe9b413f43897c02b (7.0.98)
CVE-2019-12417 (A malicious admin user could edit the state of objects in the Airflow  ...)
	- airflow <itp> (bug #819700)
CVE-2019-12416 (we got reports for 2 injection attacks against the DeltaSpike windowha ...)
	NOT-FOR-US: DeltaSpike
CVE-2019-12415 (In Apache POI up to 4.1.0, when using the tool XSSFExportToXml to conv ...)
	- libapache-poi-java <unfixed> (bug #943565)
	[buster] - libapache-poi-java <no-dsa> (Minor issue)
	[stretch] - libapache-poi-java <no-dsa> (Minor issue)
	[jessie] - libapache-poi-java <no-dsa> (Minor issue)
	NOTE: https://www.openwall.com/lists/oss-security/2019/10/23/1
CVE-2019-12414 (In Apache Incubator Superset before 0.32, a user can view database nam ...)
	NOT-FOR-US: Apache Superset
CVE-2019-12413 (In Apache Incubator Superset before 0.31 user could query database met ...)
	NOT-FOR-US: Apache Superset
CVE-2019-12411
	RESERVED
CVE-2019-12410 (While investigating UBSAN errors in https://github.com/apache/arrow/pu ...)
	NOT-FOR-US: Apache Arrow
CVE-2019-12409 (The 8.1.1 and 8.2.0 releases of Apache Solr contain an insecure settin ...)
	- lucene-solr <not-affected> (Vulnerable code was introduced later)
	NOTE: https://lists.apache.org/thread.html/6640c7e370fce2b74e466a605a46244ccc40666ad9e3064a4e04a85d@%3Csolr-user.lucene.apache.org%3E
CVE-2019-12408 (It was discovered that the C++ implementation (which underlies the R,  ...)
	NOT-FOR-US: Apache Arrow
CVE-2019-12407 (On Apache JSPWiki, up to version 2.11.0.M4, a carefully crafted plugin ...)
	- jspwiki <removed>
CVE-2019-12406 (Apache CXF before 3.3.4 and 3.2.11 does not restrict the number of mes ...)
	NOT-FOR-US: Apache CFX
CVE-2019-12405 (Improper authentication is possible in Apache Traffic Control versions ...)
	NOT-FOR-US: Apache Traffic Control
CVE-2019-12404 (On Apache JSPWiki, up to version 2.11.0.M4, a carefully crafted plugin ...)
	- jspwiki <removed>
CVE-2019-12403
	REJECTED
CVE-2019-12402 (The file name encoding algorithm used internally in Apache Commons Com ...)
	- libcommons-compress-java 1.18-3 (low; bug #939610)
	[buster] - libcommons-compress-java <no-dsa> (Minor issue)
	[stretch] - libcommons-compress-java <not-affected> (Vulnerable code introduced later)
	[jessie] - libcommons-compress-java <not-affected> (Vulnerable code introduced later)
	NOTE: https://www.openwall.com/lists/oss-security/2019/08/27/1
	NOTE: Fixed in upstream commit: https://gitbox.apache.org/repos/asf?p=commons-compress.git;a=commitdiff;h=4ad5d80a6272e007f64a6ac66829ca189a8093b9;hp=16a0c84e84b93cc8c107b7ff3080bd11317ab581
CVE-2019-12401 (Solr versions 1.3.0 to 1.4.1, 3.1.0 to 3.6.2 and 4.0.0 to 4.10.4 are v ...)
	- lucene-solr <not-affected> (system libraries of libwoodstox-java and libstax-api-java are used in Debian)
	NOTE: https://issues.apache.org/jira/browse/SOLR-13750
	NOTE: https://www.openwall.com/lists/oss-security/2019/09/10/1
	NOTE: Upstream's fix (upgrading dependencies) suggests the issue is in libwoodstox-java:
	NOTE: https://issues.apache.org/jira/browse/SOLR-6830
	NOTE: May be related to the change in the 4.x series of libwoodstox-java to
	NOTE: disabling coalescing by default which can trigger large memory consumption
	NOTE: when parsing specially crafted XML data.
CVE-2019-12400 (In version 2.0.3 Apache Santuario XML Security for Java, a caching mec ...)
	- libxml-security-java <unfixed> (bug #935548)
	[stretch] - libxml-security-java <not-affected> (Vulnerable code introduced in 2.0.3)
	[jessie] - libxml-security-java <not-affected> (Vulnerable code introduced in 2.0.3)
	NOTE: http://santuario.apache.org/secadv.data/CVE-2019-12400.asc
CVE-2019-12399 (When Connect workers in Apache Kafka 2.0.0, 2.0.1, 2.1.0, 2.1.1, 2.2.0 ...)
	- kafka <itp> (bug #786460)
CVE-2019-12398 (In Apache Airflow before 1.10.5 when running with the "classic" UI, a  ...)
	- airflow <itp> (bug #819700)
CVE-2019-12397 (Policy import functionality in Apache Ranger 0.7.0 to 1.2.0 is vulnera ...)
	NOT-FOR-US: Apache Ranger
CVE-2019-12396
	REJECTED
CVE-2019-12395 (In Webbukkit Dynmap 3.0-beta-3 or below, due to a missing login check  ...)
	NOT-FOR-US: Webbukkit Dynmap
CVE-2019-12394 (Anviz access control devices allow unverified password change which al ...)
	NOT-FOR-US: Anviz
CVE-2019-12393 (Anviz access control devices are vulnerable to replay attacks which co ...)
	NOT-FOR-US: Anviz
CVE-2019-12392 (Anviz access control devices allow remote attackers to issue commands  ...)
	NOT-FOR-US: Anviz
CVE-2019-12391 (The Anviz Management System for access control has insufficient loggin ...)
	NOT-FOR-US: Anviz
CVE-2019-12390 (Anviz access control devices expose private Information (pin code and  ...)
	NOT-FOR-US: Anviz
CVE-2019-12389 (Anviz access control devices expose credentials (names and passwords)  ...)
	NOT-FOR-US: Anviz
CVE-2019-12388 (Anviz access control devices perform cleartext transmission of sensiti ...)
	NOT-FOR-US: Anviz
CVE-2019-12387 (In Twisted before 19.2.1, twisted.web did not validate or sanitize URI ...)
	- twisted 18.9.0-7 (bug #930389)
	[buster] - twisted <no-dsa> (Minor issue)
	[stretch] - twisted <no-dsa> (Minor issue)
	[jessie] - twisted <no-dsa> (Minor issue)
	NOTE: https://github.com/twisted/twisted/commit/6c61fc4503ae39ab8ecee52d10f10ee2c371d7e2
CVE-2019-12386 (An issue was discovered in Ampache through 3.9.1. A stored XSS exists  ...)
	{DLA-1988-1}
	- ampache <removed>
	NOTE: https://github.com/ampache/ampache/issues/1872
	NOTE: according to the github issue, it is not really fixed yet
CVE-2019-12385 (An issue was discovered in Ampache through 3.9.1. The search engine is ...)
	{DLA-1988-1}
	- ampache <removed>
	NOTE: https://github.com/ampache/ampache/issues/1872
	NOTE: according to the github issue, it is not really fixed yet
CVE-2019-12384 (FasterXML jackson-databind 2.x before 2.9.9.1 might allow attackers to ...)
	{DLA-1831-1}
	- jackson-databind 2.9.8-3 (bug #930750)
	[stretch] - jackson-databind 2.8.6-1+deb9u6
	NOTE: https://github.com/FasterXML/jackson-databind/issues/2334
	NOTE: https://github.com/FasterXML/jackson-databind/commit/c9ef4a10d6f6633cf470d6a469514b68fa2be234
CVE-2019-12383 (Tor Browser before 8.0.1 has an information exposure vulnerability. It ...)
	- firefox-esr <unfixed> (unimportant)
	- firefox <unfixed> (unimportant)
	NOTE: https://gitweb.torproject.org/tor-browser.git/commit/?id=cbb04b72c68272c2de42f157d40cd7d29a6b7b55
	NOTE: https://hackerone.com/reports/282748
	NOTE: https://trac.torproject.org/projects/tor/ticket/24056
	NOTE: This affects Firefox, but it's not a security issue in Firefox by itself
CVE-2019-12382 (** DISPUTED ** An issue was discovered in drm_load_edid_firmware in dr ...)
	- linux <unfixed> (unimportant)
	NOTE: Issue with no security impact, see kernel-sec, invalid issue
CVE-2019-12381 (** DISPUTED ** An issue was discovered in ip_ra_control in net/ipv4/ip ...)
	- linux <unfixed> (unimportant)
	NOTE: Issue with no security impact, see kernel-sec, invalid issue
CVE-2019-12380 (**DISPUTED** An issue was discovered in the efi subsystem in the Linux ...)
	- linux <unfixed> (unimportant)
	NOTE: No security impact, all code involved runs at boot before userland starts
CVE-2019-12379 (** DISPUTED ** An issue was discovered in con_insert_unipair in driver ...)
	- linux <unfixed> (unimportant)
	NOTE: No real security issue and fix introduces real security issue, see kernel-sec
CVE-2019-12378 (** DISPUTED ** An issue was discovered in ip6_ra_control in net/ipv6/i ...)
	- linux <unfixed> (unimportant)
	NOTE: Issue with no security impact, see kernel-sec, invalid issue
CVE-2019-12377 (A vulnerable upl/async_upload.asp web API endpoint in Ivanti LANDESK M ...)
	NOT-FOR-US: LANDESK
CVE-2019-12376 (Use of a hard-coded encryption key in Ivanti LANDESK Management Suite  ...)
	NOT-FOR-US: LANDESK
CVE-2019-12375 (Open directories in Ivanti LANDESK Management Suite (LDMS, aka Endpoin ...)
	NOT-FOR-US: LANDESK
CVE-2019-12374 (A SQL Injection vulnerability exists in Ivanti LANDESK Management Suit ...)
	NOT-FOR-US: LANDESK
CVE-2019-12373 (Improper access control and open directories in Ivanti LANDESK Managem ...)
	NOT-FOR-US: LANDESK
CVE-2019-12372 (Petraware pTransformer ADC before 2.1.7.22827 allows SQL Injection via ...)
	NOT-FOR-US: Petraware pTransformer ADC
CVE-2019-12371
	RESERVED
CVE-2019-12370 (The Spark application through 2.0.2 for Android allows XSS via an even ...)
	NOT-FOR-US: some Android application
CVE-2019-12369 (The TypeApp application through 1.9.5.35 for Android allows XSS via an ...)
	NOT-FOR-US: some Android application
CVE-2019-12368 (The Edison Mail application through 1.7.1 for Android allows XSS via a ...)
	NOT-FOR-US: some Android application
CVE-2019-12367 (The BlueMail application through 1.9.5.36 for Android allows XSS via a ...)
	NOT-FOR-US: some Android application
CVE-2019-12366 (The Nine application through 4.5.3a for Android allows XSS via an even ...)
	NOT-FOR-US: some Android application
CVE-2019-12365 (The Newton application through 10.0.23 for Android allows XSS via an e ...)
	NOT-FOR-US: some Android application
CVE-2019-12364
	RESERVED
CVE-2019-12363 (An CSRF issue was discovered in the JN-Jones MyBB-2FA plugin through 2 ...)
	NOT-FOR-US: MyBB plugin
CVE-2019-12362 (EmpireCMS 7.5.0 has XSS via the HTTP Referer header to e/member/doacti ...)
	NOT-FOR-US: EmpireCMS
CVE-2019-12361 (EmpireCMS 7.5.0 has XSS via the from parameter to e/member/doaction.ph ...)
	NOT-FOR-US: EmpireCMS
CVE-2019-12360 (A stack-based buffer over-read exists in FoFiTrueType::dumpString in f ...)
	{DLA-1815-1}
	- xpdf <not-affected> (xpdf in Debian uses poppler, which is not affected or fixed)
	- poppler 0.38.0-2
	NOTE: https://forum.xpdfreader.com/viewtopic.php?f=3&t=41801
	NOTE: https://gitlab.freedesktop.org/poppler/poppler/commit/cdb7ad95f7c8fbf63ade040d8a07ec96467042fc (poppler-0.32.0)
	NOTE: https://gitlab.freedesktop.org/poppler/poppler/commit/bf4aae25a244b1033a2479b9a8f633224f7d5de5 (poppler-0.32.0)
	NOTE: https://bugs.freedesktop.org/show_bug.cgi?id=85243
	NOTE: https://bugzilla.suse.com/show_bug.cgi?id=1136620
CVE-2019-12359
	RESERVED
CVE-2019-12358
	RESERVED
CVE-2019-12357
	RESERVED
CVE-2019-12356
	RESERVED
CVE-2019-12355
	RESERVED
CVE-2019-12354
	RESERVED
CVE-2019-12353
	RESERVED
CVE-2019-12352
	RESERVED
CVE-2019-12351
	RESERVED
CVE-2019-12350
	RESERVED
CVE-2019-12349
	RESERVED
CVE-2019-12348
	RESERVED
CVE-2019-12347 (In pfSense 2.4.4-p3, a stored XSS vulnerability occurs when attackers  ...)
	NOT-FOR-US: pfSense
CVE-2019-12346 (In the miniOrange SAML SP Single Sign On plugin before 4.8.73 for Word ...)
	NOT-FOR-US: miniOrange SAML SP Single Sign On plugin for WordPress
CVE-2019-12345 (XSS exists in the Kiboko Hostel plugin before 1.1.4 for WordPress. ...)
	NOT-FOR-US: Kiboko Hostel plugin for WordPress
CVE-2019-12344
	RESERVED
CVE-2019-12343
	RESERVED
CVE-2019-12342
	RESERVED
CVE-2019-12341
	RESERVED
CVE-2019-12340
	RESERVED
CVE-2019-12339
	RESERVED
CVE-2019-12338
	RESERVED
CVE-2019-12337
	RESERVED
CVE-2019-12336
	RESERVED
CVE-2019-12335
	RESERVED
CVE-2019-12334
	RESERVED
CVE-2019-12333
	RESERVED
CVE-2019-12332
	RESERVED
CVE-2019-12331 (PHPOffice PhpSpreadsheet before 1.8.0 has an XXE issue. The XmlScanner ...)
	NOT-FOR-US: PHPOffice PhpSpreadsheet
CVE-2019-12330
	RESERVED
CVE-2019-12329
	RESERVED
CVE-2019-12328 (A command injection (missing input validation) issue in the remote pho ...)
	NOT-FOR-US: Atcom A10W VoIP phone
CVE-2019-12327 (Hardcoded credentials in the Akuvox R50P VoIP phone 50.0.6.156 allow a ...)
	NOT-FOR-US: Akuvox R50P VoIP phone
CVE-2019-12326 (Missing file and path validation in the ringtone upload function of th ...)
	NOT-FOR-US: Akuvox R50P VoIP phone
CVE-2019-12325 (The Htek UC902 VoIP phone web management interface contains several bu ...)
	NOT-FOR-US: Htek UC902 VoIP phone
CVE-2019-12324 (A command injection (missing input validation) issue in the IP address ...)
	NOT-FOR-US: Akuvox R50P VoIP phone
CVE-2019-12323 (The HC.Server service in Hosting Controller HC10 10.14 allows an Inval ...)
	NOT-FOR-US: Hosting Controller HC10
CVE-2019-12322
	RESERVED
CVE-2019-12321
	REJECTED
CVE-2019-12320
	RESERVED
CVE-2019-12319
	RESERVED
CVE-2019-12318
	RESERVED
CVE-2019-12317
	RESERVED
CVE-2019-12316
	RESERVED
CVE-2019-12315 (Samsung SCX-824 printers allow a reflected Cross-Site-Scripting (XSS)  ...)
	NOT-FOR-US: Samsung
CVE-2019-12314 (Deltek Maconomy 2.2.5 is prone to local file inclusion via absolute pa ...)
	NOT-FOR-US: Deltek Maconomy
CVE-2019-12313 (XSS exists in Shave before 2.5.3 because output encoding is mishandled ...)
	NOT-FOR-US: Shave
CVE-2019-12312 (In Libreswan 3.27 an assertion failure can lead to a pluto IKE daemon  ...)
	[experimental] - libreswan 3.28-1
	- libreswan 3.27-5 (bug #929916)
	NOTE: https://github.com/libreswan/libreswan/issues/246
	NOTE: https://github.com/libreswan/libreswan/commit/7142d2c37d58cf024595a7549f0fb0d3946682f8
	NOTE: https://libreswan.org/security/CVE-2019-12312/CVE-2019-12312.txt
	NOTE: https://libreswan.org/security/CVE-2019-12312/libreswan-3.27-CVE-2019-12312.patch
CVE-2019-12311 (Sandline Centraleyezer (On Premises) allows Unrestricted File Upload l ...)
	NOT-FOR-US: Sandline Centraleyezer
CVE-2019-12310 (ExaGrid appliances with firmware version v4.8.1.1044.P50 have a /monit ...)
	NOT-FOR-US: ExaGrid appliances
CVE-2019-12309 (dotCMS before 5.1.0 has a path traversal vulnerability exploitable by  ...)
	NOT-FOR-US: dotCMS
CVE-2019-12308 (An issue was discovered in Django 1.11 before 1.11.21, 2.1 before 2.1. ...)
	{DSA-4476-1 DLA-1814-1}
	- python-django 1:1.11.21-1 (bug #929927)
	NOTE: https://github.com/django/django/commit/deeba6d92006999fee9adfbd8be79bf0a59e8008 (master)
	NOTE: https://github.com/django/django/commit/c238701859a52d584f349cce15d56c8e8137c52b (1.11.21)
CVE-2019-12307
	RESERVED
CVE-2019-12306
	RESERVED
CVE-2019-12305
	RESERVED
CVE-2019-12304
	RESERVED
CVE-2019-12303 (In Rancher 2 through 2.2.3, Project owners can inject additional fluen ...)
	NOT-FOR-US: Rancher
CVE-2019-12302
	RESERVED
CVE-2019-12301 (The Percona Server 5.6.44-85.0-1 packages for Debian and Ubuntu suffer ...)
	NOT-FOR-US: Percona server
CVE-2019-12300 (Buildbot before 1.8.2 and 2.x before 2.3.1 accepts a user-submitted au ...)
	- buildbot 2.0.1-2 (bug #929849)
	[stretch] - buildbot <not-affected> (Vulnerable code introduced later)
	[jessie] - buildbot <not-affected> (Vulnerable code got added later)
	NOTE: https://github.com/buildbot/buildbot/wiki/OAuth-vulnerability-in-using-submitted-authorization-token-for-authentication
CVE-2019-12299 (Sandline Centraleyezer (On Premises) allows Stored XSS using HTML enti ...)
	NOT-FOR-US: Sandline Centraleyezer
CVE-2019-12298 (Leanify 0.4.3 allows remote attackers to trigger an out-of-bounds writ ...)
	NOT-FOR-US: Leanify
CVE-2019-12297 (An issue was discovered in scopd on Motorola routers CX2 1.01 and M2 1 ...)
	NOT-FOR-US: Motorola
CVE-2019-12296
	RESERVED
CVE-2019-12295 (In Wireshark 3.0.0 to 3.0.1, 2.6.0 to 2.6.8, and 2.4.0 to 2.4.14, the  ...)
	- wireshark 2.6.8-1.1 (low; bug #929446)
	[stretch] - wireshark <no-dsa> (Minor issue)
	[jessie] - wireshark <postponed> (Minor, can be fixed along in a future update)
	NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=15778
	NOTE: https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=7b6e197da4c497e229ed3ebf6952bae5c426a820
	NOTE: https://www.wireshark.org/security/wnpa-sec-2019-19.html
CVE-2019-12294
	RESERVED
CVE-2019-12293 (In Poppler through 0.76.1, there is a heap-based buffer over-read in J ...)
	{DLA-1815-1}
	- poppler 0.71.0-5 (bug #929423)
	NOTE: https://gitlab.freedesktop.org/poppler/poppler/issues/768
	NOTE: https://gitlab.freedesktop.org/poppler/poppler/commit/89a5367d49b2556a2635dbb6d48d6a6b182a2c6c
CVE-2019-12292 (Citrix AppDNA before 7 1906.1.0.472 has Incorrect Access Control. ...)
	NOT-FOR-US: Citrix AppDNA
CVE-2019-12291 (HashiCorp Consul 1.4.0 through 1.5.0 has Incorrect Access Control. Key ...)
	- consul 1.4.5+dfsg1-1
	[buster] - consul <not-affected> (Vulnerable code introduced in 1.4.0)
	NOTE: https://github.com/hashicorp/consul/issues/5888
CVE-2019-12290 (GNU libidn2 before 2.2.0 fails to perform the roundtrip checks specifi ...)
	- libidn2 2.2.0-1
	[buster] - libidn2 <no-dsa> (Minor issue; intrusive to backport)
	NOTE: https://gitlab.com/libidn/libidn2/commit/241e8f486134793cb0f4a5b0e5817a97883401f5 (2.2.0)
	NOTE: https://gitlab.com/libidn/libidn2/merge_requests/71
CVE-2019-12289 (An issue was discovered in upgrade_firmware.cgi on VStarcam 100T (C782 ...)
	NOT-FOR-US: VStarcam
CVE-2019-12288 (An issue was discovered in upgrade_htmls.cgi on VStarcam 100T (C7824WI ...)
	NOT-FOR-US: VStarcam
CVE-2019-12287
	RESERVED
CVE-2019-12286
	RESERVED
CVE-2019-12285
	RESERVED
CVE-2019-12284
	RESERVED
CVE-2019-12283
	RESERVED
CVE-2019-12282
	RESERVED
CVE-2019-12281
	RESERVED
CVE-2019-12280 (PC-Doctor Toolbox before 7.3 has an Uncontrolled Search Path Element. ...)
	NOT-FOR-US: PC-Doctor Toolbox
CVE-2019-12279 (** DISPUTED ** Nagios XI 5.6.1 allows SQL injection via the username p ...)
	NOT-FOR-US: Nagios XI
CVE-2019-12278 (Opera through 53 on Android allows Address Bar Spoofing. Characters fr ...)
	NOT-FOR-US: Opera
CVE-2019-12277 (Blogifier 2.3 before 2019-05-11 does not properly restrict APIs, as de ...)
	NOT-FOR-US: Blogifier
CVE-2019-12276 (A Path Traversal vulnerability in Controllers/LetsEncryptController.cs ...)
	NOT-FOR-US: GrandNode
CVE-2019-12275
	RESERVED
CVE-2019-12274 (In Rancher 1 and 2 through 2.2.3, unprivileged users (if allowed to de ...)
	NOT-FOR-US: Rancher
CVE-2019-12273 (** DISPUTED ** OutSystems Platform 10 through 11 allows ImageResourceD ...)
	NOT-FOR-US: OutSystems Platform
CVE-2019-12272 (In OpenWrt LuCI through 0.10, the endpoints admin/status/realtime/band ...)
	NOT-FOR-US: OpenWrt LuCI
CVE-2019-12271 (Sandline Centraleyezer (On Premises) allows unrestricted File Upload w ...)
	NOT-FOR-US: Sandline Centraleyezer
CVE-2019-12270 (OpenText Brava! Enterprise and Brava! Server 7.5 through 16.4 configur ...)
	NOT-FOR-US: OpenText Brava!
CVE-2019-12269 (Enigmail before 2.0.11 allows PGP signature spoofing: for an inline PG ...)
	- enigmail 2:2.0.11+ds1-1 (bug #929363)
	[buster] - enigmail 2:2.0.12+ds1-1~deb10u1
	[stretch] - enigmail <no-dsa> (Issue can be fixed via point release)
	[jessie] - enigmail <end-of-life> (see https://lists.debian.org/debian-lts-announce/2019/02/msg00002.html)
	NOTE: https://sourceforge.net/p/enigmail/bugs/983/
CVE-2019-12268
	RESERVED
CVE-2019-12267
	RESERVED
CVE-2019-12266
	RESERVED
CVE-2019-12265 (Wind River VxWorks 6.5, 6.6, 6.7, 6.8, 6.9.3 and 6.9.4 has a Memory Le ...)
	NOT-FOR-US: Wind River VxWorks
CVE-2019-12264 (Wind River VxWorks 6.6, 6.7, 6.8, 6.9.3, 6.9.4, and Vx7 has Incorrect  ...)
	NOT-FOR-US: Wind River VxWorks
CVE-2019-12263 (Wind River VxWorks 6.9.4 and vx7 has a Buffer Overflow in the TCP comp ...)
	NOT-FOR-US: Wind River VxWorks
CVE-2019-12262 (Wind River VxWorks 6.6, 6.7, 6.8, 6.9 and 7 has Incorrect Access Contr ...)
	NOT-FOR-US: Wind River VxWorks
CVE-2019-12261 (Wind River VxWorks 6.7 though 6.9 and vx7 has a Buffer Overflow in the ...)
	NOT-FOR-US: Wind River VxWorks
CVE-2019-12260 (Wind River VxWorks 6.9 and vx7 has a Buffer Overflow in the TCP compon ...)
	NOT-FOR-US: Wind River VxWorks
CVE-2019-12259 (Wind River VxWorks 6.6, 6.7, 6.8, 6.9 and vx7 has an array index error ...)
	NOT-FOR-US: Wind River VxWorks
CVE-2019-12258 (Wind River VxWorks 6.6 through vx7 has Session Fixation in the TCP com ...)
	NOT-FOR-US: Wind River VxWorks
CVE-2019-12257 (Wind River VxWorks 6.6 through 6.9 has a Buffer Overflow in the DHCP c ...)
	NOT-FOR-US: Wind River VxWorks
CVE-2019-12256 (Wind River VxWorks 6.9 and vx7 has a Buffer Overflow in the IPv4 compo ...)
	NOT-FOR-US: Wind River VxWorks
CVE-2019-12255 (Wind River VxWorks has a Buffer Overflow in the TCP component (issue 1 ...)
	NOT-FOR-US: Wind River VxWorks
CVE-2019-12254
	RESERVED
CVE-2019-12253 (my little forum before 2.4.20 allows CSRF to delete posts, as demonstr ...)
	NOT-FOR-US: my little forum
CVE-2019-12252 (In Zoho ManageEngine ServiceDesk Plus through 10.5, users with the low ...)
	NOT-FOR-US: Zoho ManageEngine ServiceDesk Plus
CVE-2019-12251 (sadmin/ceditpost.php in UCMS 1.4.7 allows SQL Injection via the index. ...)
	NOT-FOR-US: UCMS
CVE-2019-12250 (** DISPUTED ** IdentityServer IdentityServer4 through 2.4 has stored X ...)
	NOT-FOR-US: IdentityServer
CVE-2019-12249
	RESERVED
CVE-2019-12248 (An issue was discovered in Open Ticket Request System (OTRS) 7.0.x thr ...)
	{DLA-1816-1}
	- otrs2 6.0.19-1
	[buster] - otrs2 <no-dsa> (Non-free not supported)
	[stretch] - otrs2 <no-dsa> (Non-free not supported)
	NOTE: https://community.otrs.com/security-advisory-2019-08-security-update-for-otrs-framework/
	NOTE: OTRS 6: https://github.com/OTRS/otrs/commit/4e06ef439c33e7d90af16451719415c780e0c29c
	NOTE: OTRS 6: https://github.com/OTRS/otrs/commit/0713999042e3ce7fa60067d3cd165206899224bf
	NOTE: OTRS 5: https://github.com/OTRS/otrs/commit/edbc7371a52fc5d0032e934d2456b5f39da317f1
	NOTE: OTRS 5: https://github.com/OTRS/otrs/commit/2d85ce89515db8e94b36ea8ba97f21e27aa66efd
CVE-2019-12247 (** DISPUTED ** QEMU 3.0.0 has an Integer Overflow because the qga/comm ...)
	- qemu <unfixed> (unimportant; bug #929365)
	- qemu-kvm <removed> (unimportant)
	NOTE: https://lists.gnu.org/archive/html/qemu-devel/2019-05/msg04596.html
	NOTE: https://lists.gnu.org/archive/html/qemu-devel/2019-05/msg05457.html
	NOTE: Disputed upstream as not beeing exploitable.
CVE-2019-12246 (SilverStripe through 4.3.3 allows a Denial of Service on flush and dev ...)
	NOT-FOR-US: SilverStripe
CVE-2019-12245 (SilverStripe through 4.3.3 has incorrect access control for protected  ...)
	NOT-FOR-US: SilverStripe
CVE-2019-12244
	RESERVED
CVE-2019-12243 (Istio 1.1.x through 1.1.6 has Incorrect Access Control. ...)
	NOT-FOR-US: Istio
CVE-2019-12242
	RESERVED
CVE-2019-12241 (The Carts Guru plugin 1.4.5 for WordPress allows Insecure Deserializat ...)
	NOT-FOR-US: Wordpress plugin
CVE-2019-12240 (The Virim plugin 0.4 for WordPress allows Insecure Deserialization via ...)
	NOT-FOR-US: Wordpress plugin
CVE-2019-12239 (The WP Booking System plugin 1.5.1 for WordPress has no CSRF protectio ...)
	NOT-FOR-US: Wordpress plugin
CVE-2019-12238
	RESERVED
CVE-2019-12237
	RESERVED
CVE-2019-12236
	RESERVED
CVE-2019-12235
	RESERVED
CVE-2019-12234
	RESERVED
CVE-2019-12233
	RESERVED
CVE-2019-12232
	RESERVED
CVE-2019-12231
	RESERVED
CVE-2019-12230
	RESERVED
CVE-2019-12229
	RESERVED
CVE-2019-12228
	RESERVED
CVE-2019-12227
	RESERVED
CVE-2019-12226
	RESERVED
CVE-2019-12225
	RESERVED
CVE-2019-12224
	RESERVED
CVE-2019-12223 (An issue was discovered in NVR WebViewer on Hanwah Techwin SRN-472s 1. ...)
	NOT-FOR-US: Hanwah Techwin SRN-472s devices
CVE-2019-12222 (An issue was discovered in libSDL2.a in Simple DirectMedia Layer (SDL) ...)
	{DLA-1865-1 DLA-1861-1}
	- libsdl2-image 2.0.5+dfsg1-1 (bug #932754)
	[buster] - libsdl2-image 2.0.4+dfsg1-1+deb10u1
	[stretch] - libsdl2-image 2.0.1+dfsg-2+deb9u2
	- sdl-image1.2 1.2.12-11 (bug #932755)
	[buster] - sdl-image1.2 1.2.12-10+deb10u1
	[stretch] - sdl-image1.2 1.2.12-5+deb9u2
	NOTE: https://bugzilla.libsdl.org/show_bug.cgi?id=4621
	NOTE: https://hg.libsdl.org/SDL_image/rev/e7e9786a1a34
CVE-2019-12221 (An issue was discovered in libSDL2.a in Simple DirectMedia Layer (SDL) ...)
	{DLA-1865-1 DLA-1861-1}
	- libsdl2-image 2.0.5+dfsg1-1 (bug #932754)
	[buster] - libsdl2-image 2.0.4+dfsg1-1+deb10u1
	[stretch] - libsdl2-image 2.0.1+dfsg-2+deb9u2
	- sdl-image1.2 1.2.12-11 (bug #932755)
	[buster] - sdl-image1.2 1.2.12-10+deb10u1
	[stretch] - sdl-image1.2 1.2.12-5+deb9u2
	NOTE: https://bugzilla.libsdl.org/show_bug.cgi?id=4628
	NOTE: https://hg.libsdl.org/SDL_image/rev/e7e9786a1a34
CVE-2019-12220 (An issue was discovered in libSDL2.a in Simple DirectMedia Layer (SDL) ...)
	{DLA-1865-1 DLA-1861-1}
	- libsdl2-image 2.0.5+dfsg1-1 (bug #932754)
	[buster] - libsdl2-image 2.0.4+dfsg1-1+deb10u1
	[stretch] - libsdl2-image 2.0.1+dfsg-2+deb9u2
	- sdl-image1.2 1.2.12-11 (bug #932755)
	[buster] - sdl-image1.2 1.2.12-10+deb10u1
	[stretch] - sdl-image1.2 1.2.12-5+deb9u2
	NOTE: https://bugzilla.libsdl.org/show_bug.cgi?id=4627
	NOTE: https://hg.libsdl.org/SDL_image/rev/e7e9786a1a34
CVE-2019-12219 (An issue was discovered in libSDL2.a in Simple DirectMedia Layer (SDL) ...)
	{DLA-1865-1 DLA-1861-1}
	- libsdl2-image 2.0.5+dfsg1-1 (bug #932754)
	[buster] - libsdl2-image 2.0.4+dfsg1-1+deb10u1
	[stretch] - libsdl2-image 2.0.1+dfsg-2+deb9u2
	- sdl-image1.2 1.2.12-11 (bug #932755)
	[buster] - sdl-image1.2 1.2.12-10+deb10u1
	[stretch] - sdl-image1.2 1.2.12-5+deb9u2
	NOTE: https://bugzilla.libsdl.org/show_bug.cgi?id=4625
	NOTE: https://hg.libsdl.org/SDL_image/rev/e7e9786a1a34
CVE-2019-12218 (An issue was discovered in libSDL2.a in Simple DirectMedia Layer (SDL) ...)
	{DLA-1865-1 DLA-1861-1}
	- libsdl2-image 2.0.5+dfsg1-1 (bug #932754)
	[buster] - libsdl2-image 2.0.4+dfsg1-1+deb10u1
	[stretch] - libsdl2-image 2.0.1+dfsg-2+deb9u2
	- sdl-image1.2 1.2.12-11 (bug #932755)
	[buster] - sdl-image1.2 1.2.12-10+deb10u1
	[stretch] - sdl-image1.2 1.2.12-5+deb9u2
	NOTE: https://bugzilla.libsdl.org/show_bug.cgi?id=4620
	NOTE: https://hg.libsdl.org/SDL_image/rev/7453e79c8cdb
CVE-2019-12217 (An issue was discovered in libSDL2.a in Simple DirectMedia Layer (SDL) ...)
	{DLA-1865-1 DLA-1861-1}
	- libsdl2-image 2.0.5+dfsg1-1 (bug #932754)
	[buster] - libsdl2-image 2.0.4+dfsg1-1+deb10u1
	[stretch] - libsdl2-image 2.0.1+dfsg-2+deb9u2
	- sdl-image1.2 1.2.12-11 (bug #932755)
	[buster] - sdl-image1.2 1.2.12-10+deb10u1
	[stretch] - sdl-image1.2 1.2.12-5+deb9u2
	NOTE: https://bugzilla.libsdl.org/show_bug.cgi?id=4626
	NOTE: https://hg.libsdl.org/SDL_image/rev/e7e9786a1a34
CVE-2019-12216 (An issue was discovered in libSDL2.a in Simple DirectMedia Layer (SDL) ...)
	{DLA-1865-1 DLA-1861-1}
	- libsdl2-image 2.0.5+dfsg1-1 (bug #932754)
	[buster] - libsdl2-image 2.0.4+dfsg1-1+deb10u1
	[stretch] - libsdl2-image 2.0.1+dfsg-2+deb9u2
	- sdl-image1.2 1.2.12-11 (bug #932755)
	[buster] - sdl-image1.2 1.2.12-10+deb10u1
	[stretch] - sdl-image1.2 1.2.12-5+deb9u2
	NOTE: https://bugzilla.libsdl.org/show_bug.cgi?id=4619
	NOTE: https://hg.libsdl.org/SDL_image/rev/7453e79c8cdb
CVE-2019-12215 (** DISPUTED ** A full path disclosure vulnerability was discovered in  ...)
	- matomo <itp> (bug #448532)
CVE-2019-12214 (In FreeImage 3.18.0, an out-of-bounds access occurs because of mishand ...)
	- freeimage <unfixed> (bug #947478)
	[buster] - freeimage <postponed> (Revisit when upstream fixes are available)
	[stretch] - freeimage <postponed> (Revisit when upstream fixes are available)
	[jessie] - freeimage <postponed> (Revisit when upstream fixes are available)
	NOTE: https://sourceforge.net/p/freeimage/discussion/36111/thread/e06734bed5/
	NOTE: very few information regarding this vulnerability, which is seemingly located
	NOTE: in libopenjpeg, not freeimage. Without reproducer or stacktrace, this is
	NOTE: nearly unfixable.
CVE-2019-12213 (When FreeImage 3.18.0 reads a special TIFF file, the TIFFReadDirectory ...)
	{DSA-4593-1 DLA-2031-1}
	- freeimage 3.18.0+ds2-3 (bug #929597)
	[buster] - freeimage <postponed> (Revisit when upstream fixes are available)
	[stretch] - freeimage <postponed> (Revisit when upstream fixes are available)
	NOTE: https://sourceforge.net/p/freeimage/discussion/36111/thread/e06734bed5/
	NOTE: https://sourceforge.net/p/freeimage/svn/1825/
CVE-2019-12212 (When FreeImage 3.18.0 reads a special JXR file, the StreamCalcIFDSize  ...)
	- freeimage <unfixed> (bug #947477)
	[buster] - freeimage <postponed> (Revisit when upstream fixes are available)
	[stretch] - freeimage <postponed> (Revisit when upstream fixes are available)
	[jessie] - freeimage <postponed> (Revisit when upstream fixes are available)
	NOTE: https://sourceforge.net/p/freeimage/discussion/36111/thread/e06734bed5/
CVE-2019-12211 (When FreeImage 3.18.0 reads a tiff file, it will be handed to the Load ...)
	{DSA-4593-1 DLA-2031-1}
	- freeimage 3.18.0+ds2-3 (bug #929597)
	[buster] - freeimage <postponed> (Revisit when upstream fixes are available)
	[stretch] - freeimage <postponed> (Revisit when upstream fixes are available)
	NOTE: https://sourceforge.net/p/freeimage/discussion/36111/thread/e06734bed5/
	NOTE: https://sourceforge.net/p/freeimage/svn/1825/
CVE-2019-12210 (In Yubico pam-u2f 1.0.7, when configured with debug and a custom debug ...)
	- pam-u2f 1.0.8-1 (low; bug #930023)
	[buster] - pam-u2f 1.0.7-1+deb10u1
	[stretch] - pam-u2f <no-dsa> (Minor issue)
	NOTE: https://github.com/Yubico/pam-u2f/commit/18b1914e32b74ff52000f10e97067e841e5fff62
	NOTE: https://www.openwall.com/lists/oss-security/2019/06/05/1
CVE-2019-12209 (Yubico pam-u2f 1.0.7 attempts parsing of the configured authfile (defa ...)
	- pam-u2f 1.0.8-1 (low; bug #930021)
	[buster] - pam-u2f 1.0.7-1+deb10u1
	[stretch] - pam-u2f <no-dsa> (Minor issue)
	NOTE: https://github.com/Yubico/pam-u2f/commit/7db3386fcdb454e33a3ea30dcfb8e8960d4c3aa3
	NOTE: https://www.openwall.com/lists/oss-security/2019/06/05/1
CVE-2019-12208 (njs through 0.3.1, used in NGINX, has a heap-based buffer overflow in  ...)
	NOT-FOR-US: njs
CVE-2019-12207 (njs through 0.3.1, used in NGINX, has a heap-based buffer over-read in ...)
	NOT-FOR-US: njs
CVE-2019-12206 (njs through 0.3.1, used in NGINX, has a heap-based buffer overflow in  ...)
	NOT-FOR-US: njs
CVE-2019-12205 (SilverStripe through 4.3.3 has Flash Clipboard Reflected XSS. ...)
	NOT-FOR-US: SilverStripe
CVE-2019-12204 (In SilverStripe through 4.3.3, a missing warning about leaving install ...)
	NOT-FOR-US: SilverStripe
CVE-2019-12203 (SilverStripe through 4.3.3 allows session fixation in the "change pass ...)
	NOT-FOR-US: SilverStripe
CVE-2019-12202
	RESERVED
CVE-2019-12201
	RESERVED
CVE-2019-12200
	RESERVED
CVE-2019-12199
	RESERVED
CVE-2019-12198 (In GoHttp through 2017-07-25, there is a stack-based buffer over-read  ...)
	NOT-FOR-US: GoHttp
CVE-2019-12197
	RESERVED
CVE-2019-12196 (A SQL injection vulnerability in /client/api/json/v2/nfareports/compar ...)
	NOT-FOR-US: Zoho ManageEngine NetFlow Analyzer
CVE-2019-12195 (TP-Link TL-WR840N v5 00000005 devices allow XSS via the network name.  ...)
	NOT-FOR-US: TP-Link
CVE-2019-12194
	RESERVED
CVE-2019-12193 (H3C H3Cloud OS all versions allows SQL injection via the ear/grid_even ...)
	NOT-FOR-US: H3C H3Cloud OS
CVE-2019-12192
	RESERVED
CVE-2019-12191
	RESERVED
CVE-2019-12190 (XSS was discovered in CentOS-WebPanel.com (aka CWP) CentOS Web Panel t ...)
	NOT-FOR-US: CentOS-WebPanel.com CentOS Web Panel
CVE-2019-12189 (An issue was discovered in Zoho ManageEngine ServiceDesk Plus 9.3. The ...)
	NOT-FOR-US: Zoho ManageEngine ServiceDesk Plus
CVE-2019-12188
	RESERVED
CVE-2019-12187
	RESERVED
CVE-2019-12186 (An issue was discovered in Sylius products. Missing input sanitization ...)
	NOT-FOR-US: Sylius
CVE-2019-12185 (eLabFTW 1.8.5 is vulnerable to arbitrary file uploads via the /app/con ...)
	NOT-FOR-US: eLabFTW
CVE-2019-12184 (There is XSS in browser/components/MarkdownPreview.js in BoostIO Boost ...)
	NOT-FOR-US: Boostnote
CVE-2019-12183 (Incorrect Access Control in Safescan Timemoto TM-616 and TA-8000 serie ...)
	NOT-FOR-US: Safescan Timemoto
CVE-2019-12182 (Directory Traversal in Safescan Timemoto and TA-8000 series version 1. ...)
	NOT-FOR-US: Safescan Timemoto and TA-8000 series
CVE-2019-12181 (A privilege escalation vulnerability exists in SolarWinds Serv-U befor ...)
	NOT-FOR-US: SolarWinds
CVE-2019-12180 (An issue was discovered in SmartBear ReadyAPI through 2.8.2 and 3.0.0  ...)
	NOT-FOR-US: SmartBear ReadyAPI
CVE-2019-12179
	RESERVED
CVE-2019-12178
	RESERVED
CVE-2019-12177 (Privilege escalation due to insecure directory permissions affecting V ...)
	NOT-FOR-US: HTC VIVEPORT
CVE-2019-12176 (Privilege escalation in the "HTC Account Service" and "ViveportDesktop ...)
	NOT-FOR-US: HTC VIVEPORT
CVE-2019-12175 (In Zeek Network Security Monitor (formerly known as Bro) before 2.6.2, ...)
	- bro 2.6.4+ds1-1 (low)
	[buster] - bro <no-dsa> (Minor issue)
	[stretch] - bro <no-dsa> (Minor issue)
CVE-2019-12174 (hide.me before 2.4.4 on macOS suffers from a privilege escalation vuln ...)
	NOT-FOR-US: hide.me
CVE-2019-12173 (MacDown 0.7.1 (870) allows remote code execution via a file:\\\ URI, w ...)
	NOT-FOR-US: MacDown
CVE-2019-12172 (Typora 0.9.9.21.1 (1913) allows arbitrary code execution via a modifie ...)
	NOT-FOR-US: Typora
CVE-2019-12171 (Dropbox.exe (and QtWebEngineProcess.exe in the Web Helper) in the Drop ...)
	NOT-FOR-US: Dropbox desktop application
CVE-2019-12170 (ATutor through 2.2.4 is vulnerable to arbitrary file uploads via the m ...)
	NOT-FOR-US: ATutor
CVE-2019-12169 (ATutor 2.2.4 allows Arbitrary File Upload and Directory Traversal, res ...)
	NOT-FOR-US: ATutor
CVE-2019-12168 (Four-Faith Wireless Mobile Router F3x24 v1.0 devices allow remote code ...)
	NOT-FOR-US: Four-Faith Wireless Mobile Router F3x24 devices
CVE-2019-12167 (httpGetSet/httpGet.htm on Emerson Network Power Liebert Challenger 5.1 ...)
	NOT-FOR-US: Emerson Network Power Liebert Challenger
CVE-2019-12166
	RESERVED
CVE-2019-12165 (MiCollab 7.3 PR2 (7.3.0.204) and earlier, 7.2 (7.2.2.13) and earlier,  ...)
	NOT-FOR-US: MiCollab
CVE-2019-12164 (ubuntu-server.js in Status React Native Desktop before v0.57.8_mobile_ ...)
	NOT-FOR-US: Status React Native Desktop
CVE-2019-12163 (GAT-Ship Web Module through 1.30 allows remote attackers to obtain pot ...)
	NOT-FOR-US: GAT-Ship Web Module
CVE-2019-12162 (Upwork Time Tracker 5.2.2.716 doesn't verify the SHA256 hash of the do ...)
	NOT-FOR-US: Upwork Time Tracker
CVE-2019-12161 (WPO WebPageTest 19.04 allows SSRF because ValidateURL in www/runtest.p ...)
	NOT-FOR-US: WPO WebPageTest
CVE-2019-12160 (GoHTTP through 2017-07-25 has a sendHeader use-after-free. ...)
	NOT-FOR-US: GoHTTP
CVE-2019-12159 (GoHTTP through 2017-07-25 has a stack-based buffer over-read in the sc ...)
	NOT-FOR-US: GoHTTP
CVE-2019-12158 (GoHTTP through 2017-07-25 has a GetExtension heap-based buffer overflo ...)
	NOT-FOR-US: GoHTTP
CVE-2019-12157 (In JetBrains TeamCity versions before 2018.2.5 and UpSource versions b ...)
	NOT-FOR-US: JetBrains TeamCity
CVE-2019-12156 (Server metadata could be exposed because one of the error messages ref ...)
	NOT-FOR-US: JetBrains TeamCity
CVE-2019-12155 (interface_release_resource in hw/display/qxl.c in QEMU 4.0.0 has a NUL ...)
	{DSA-4454-1 DLA-1927-1}
	- qemu 1:3.1+dfsg-8 (bug #929353)
	[buster] - qemu 1:3.1+dfsg-8~deb10u1
	- qemu-kvm <removed>
	NOTE: https://www.openwall.com/lists/oss-security/2019/05/22/1
	NOTE: https://git.qemu.org/?p=qemu.git;a=commit;h=d52680fc932efb8a2f334cc6993e705ed1e31e99
CVE-2019-12154 (XXE in the XML parser library in RealObjects PDFreactor before 10.1.10 ...)
	NOT-FOR-US: PDFreactor
CVE-2019-12153 (Lack of validation in the HTML parser in RealObjects PDFreactor before ...)
	NOT-FOR-US: PDFreactor
CVE-2019-12152
	RESERVED
CVE-2019-12151
	RESERVED
CVE-2019-12150 (Karamasoft UltimateEditor 1 does not ensure that an uploaded file is a ...)
	NOT-FOR-US: Karamasoft UltimateEditor
CVE-2019-12149 (SQL injection vulnerability in silverstripe/restfulserver module 1.0.x ...)
	NOT-FOR-US: SilverStripe
CVE-2019-12148 (The Sangoma Session Border Controller (SBC) 2.3.23-119 GA web interfac ...)
	NOT-FOR-US: Sangoma Session Border Controller
CVE-2019-12147 (The Sangoma Session Border Controller (SBC) 2.3.23-119 GA web interfac ...)
	NOT-FOR-US: Sangoma Session Border Controller
CVE-2019-12146 (A Directory Traversal issue was discovered in SSHServerAPI.dll in Prog ...)
	NOT-FOR-US: Progress ipswitch WS_FTP Server
CVE-2019-12145 (A Directory Traversal issue was discovered in SSHServerAPI.dll in Prog ...)
	NOT-FOR-US: Progress ipswitch WS_FTP Server
CVE-2019-12144 (An issue was discovered in SSHServerAPI.dll in Progress ipswitch WS_FT ...)
	NOT-FOR-US: Progress ipswitch WS_FTP Server
CVE-2019-12143 (A Directory Traversal issue was discovered in SSHServerAPI.dll in Prog ...)
	NOT-FOR-US: Progress ipswitch WS_FTP Server
CVE-2019-12142
	RESERVED
CVE-2019-12141
	RESERVED
CVE-2019-12140
	RESERVED
CVE-2019-12139 (An XSS issue was discovered in the Admin UI in eZ Platform 2.x. This a ...)
	NOT-FOR-US: eZ Platform
CVE-2019-12138 (MacDown 0.7.1 allows directory traversal, for execution of arbitrary p ...)
	NOT-FOR-US: MacDown
CVE-2019-12137 (Typora 0.9.9.24.6 on macOS allows directory traversal, for execution o ...)
	NOT-FOR-US: Typora
CVE-2019-12136 (There is XSS in BoostIO Boostnote 0.11.15 via a label named mermaid, a ...)
	NOT-FOR-US: Boostnote
CVE-2019-12135 (An unspecified vulnerability in the application server in PaperCut MF  ...)
	NOT-FOR-US: PaperCut
CVE-2019-12134 (CSV Injection (aka Excel Macro Injection or Formula Injection) exists  ...)
	NOT-FOR-US: Workday
CVE-2019-12133 (Multiple Zoho ManageEngine products suffer from local privilege escala ...)
	NOT-FOR-US: Zoho ManageEngine
CVE-2019-12132 (An issue was discovered in ONAP SDNC before Dublin. By executing sla/d ...)
	NOT-FOR-US: ONAP
CVE-2019-12131 (An issue was detected in ONAP APPC through Dublin and SDC through Dubl ...)
	NOT-FOR-US: ONAP
CVE-2019-12130 (In ONAP CLI through Dublin, by accessing an applicable port (30234, 30 ...)
	NOT-FOR-US: ONAP
CVE-2019-12129 (In ONAP MSB through Dublin, by accessing an applicable port (30234, 30 ...)
	NOT-FOR-US: ONAP
CVE-2019-12128 (In ONAP SO through Dublin, by accessing an applicable port (30234, 302 ...)
	NOT-FOR-US: ONAP
CVE-2019-12127 (In ONAP OOM through Dublin, by accessing an applicable port (30234, 30 ...)
	NOT-FOR-US: ONAP
CVE-2019-12126 (In ONAP DCAE through Dublin, by accessing an applicable port (30234, 3 ...)
	NOT-FOR-US: ONAP
CVE-2019-12125 (In ONAP Logging through Dublin, by accessing an applicable port (30234 ...)
	NOT-FOR-US: ONAP
CVE-2019-12124 (An issue was discovered in ONAP APPC before Dublin. By using an expose ...)
	NOT-FOR-US: ONAP
CVE-2019-12123 (An issue was discovered in ONAP SDNC before Dublin. By executing sla/p ...)
	NOT-FOR-US: ONAP
CVE-2019-12122 (An issue was discovered in ONAP Portal through Dublin. By executing a  ...)
	NOT-FOR-US: ONAP
CVE-2019-12121 (An issue was detected in ONAP Portal through Dublin. By executing a pa ...)
	NOT-FOR-US: ONAP
CVE-2019-12120 (An issue was discovered in ONAP VNFSDK through Dublin. By accessing po ...)
	NOT-FOR-US: ONAP
CVE-2019-12119 (An issue was discovered in ONAP SDC through Dublin. By accessing port  ...)
	NOT-FOR-US: ONAP
CVE-2019-12118 (An issue was discovered in ONAP SDC through Dublin. By accessing port  ...)
	NOT-FOR-US: ONAP
CVE-2019-12117 (An issue was discovered in ONAP SDC through Dublin. By accessing port  ...)
	NOT-FOR-US: ONAP
CVE-2019-12116 (An issue was discovered in ONAP SDC through Dublin. By accessing port  ...)
	NOT-FOR-US: ONAP
CVE-2019-12115 (An issue was discovered in ONAP SDC through Dublin. By accessing port  ...)
	NOT-FOR-US: ONAP
CVE-2019-12114 (An issue was discovered in ONAP HOLMES before Dublin. By accessing por ...)
	NOT-FOR-US: ONAP
CVE-2019-12113 (An issue was discovered in ONAP SDNC before Dublin. By executing sla/p ...)
	NOT-FOR-US: ONAP
CVE-2019-12112 (An issue was discovered in ONAP SDNC before Dublin. By executing sla/u ...)
	NOT-FOR-US: ONAP
CVE-2019-12111 (A Denial Of Service vulnerability in MiniUPnP MiniUPnPd through 2.1 ex ...)
	{DLA-1811-1}
	- miniupnpd 2.1-6 (bug #930050)
	[stretch] - miniupnpd <no-dsa> (Minor issue)
	NOTE: copyIPv6IfDifferent helper introduced in https://github.com/miniupnp/miniupnp/commit/3b12b8fb4e64e90a6319ae0aef3c240a44093439
	NOTE: but possible NULL pointer dereference on the respective argument is present before.
	NOTE: Fixed by: https://github.com/miniupnp/miniupnp/commit/cb8a02af7a5677cf608e86d57ab04241cf34e24f
CVE-2019-12110 (An AddPortMapping Denial Of Service vulnerability in MiniUPnP MiniUPnP ...)
	{DLA-1811-1}
	- miniupnpd 2.1-6 (bug #930050)
	[stretch] - miniupnpd 1.8.20140523-4.1+deb9u2
	NOTE: https://github.com/miniupnp/miniupnp/commit/f321c2066b96d18afa5158dfa2d2873a2957ef38
CVE-2019-12109 (A Denial Of Service vulnerability in MiniUPnP MiniUPnPd through 2.1 ex ...)
	{DLA-1811-1}
	- miniupnpd 2.1-6 (bug #930050)
	[stretch] - miniupnpd 1.8.20140523-4.1+deb9u2
	NOTE: https://github.com/miniupnp/miniupnp/commit/13585f15c7f7dc28bbbba1661efb280d530d114c
	NOTE: https://github.com/miniupnp/miniupnp/commit/86030db849260dd8fb2ed975b9890aef1b62b692
CVE-2019-12108 (A Denial Of Service vulnerability in MiniUPnP MiniUPnPd through 2.1 ex ...)
	{DLA-1811-1}
	- miniupnpd 2.1-6 (bug #930050)
	[stretch] - miniupnpd 1.8.20140523-4.1+deb9u2
	NOTE: https://github.com/miniupnp/miniupnp/commit/13585f15c7f7dc28bbbba1661efb280d530d114c
	NOTE: https://github.com/miniupnp/miniupnp/commit/86030db849260dd8fb2ed975b9890aef1b62b692
CVE-2019-12107 (The upnp_event_prepare function in upnpevents.c in MiniUPnP MiniUPnPd  ...)
	{DLA-1811-1}
	- miniupnpd 2.1-6 (bug #930050)
	[stretch] - miniupnpd 1.8.20140523-4.1+deb9u2
	NOTE: https://github.com/miniupnp/miniupnp/commit/bec6ccec63cadc95655721bc0e1dd49dac759d94
	TODO: check, might affect minidlna
CVE-2019-12106 (The updateDevice function in minissdpd.c in MiniUPnP MiniSSDPd 1.4 and ...)
	{DLA-1805-1}
	- minissdpd 1.5.20190210-1 (bug #929297)
	[stretch] - minissdpd 1.2.20130907-4.1+deb9u1
	NOTE: https://github.com/miniupnp/miniupnp/commit/cd506a67e174a45c6a202eff182a712955ed6d6f
CVE-2019-12105 (** DISPUTED ** In Supervisor through 4.0.2, an unauthenticated user ca ...)
	- supervisor <unfixed> (unimportant)
	NOTE: https://github.com/Supervisor/supervisor/issues/1245
	NOTE: Disupted upstream to be vulnerability. inet_http_server is not enabled by
	NOTE: default (neither upstream nor in Debian packaging). Details in the upstream
	NOTE: issue.
CVE-2019-12104 (The web-based configuration interface of the TP-Link M7350 V3 with fir ...)
	NOT-FOR-US: TP-Link
CVE-2019-12103 (The web-based configuration interface of the TP-Link M7350 V3 with fir ...)
	NOT-FOR-US: TP-Link
CVE-2019-12102 (** DISPUTED ** Kentico 11 through 12 lets attackers upload and explore ...)
	NOT-FOR-US: Kentico
CVE-2019-12101 (coap_decode_option in coap.c in LibNyoci 0.07.00rc1 mishandles certain ...)
	NOT-FOR-US: LibNyoci
CVE-2019-12100
	RESERVED
CVE-2019-12099 (In PHP-Fusion 9.03.00, edit_profile.php allows remote authenticated us ...)
	NOT-FOR-US: PHP-Fusion
CVE-2019-12098 (In the client side of Heimdal before 7.6.0, failure to verify anonymou ...)
	{DSA-4455-1}
	- heimdal 7.5.0+dfsg-3 (bug #929064)
	[jessie] - heimdal <no-dsa> (Minor issue)
	NOTE: Fixed by: https://github.com/heimdal/heimdal/commit/2f7f3d9960aa6ea21358bdf3687cee5149aa35cf (7.6.0)
	NOTE: Introduced by: https://github.com/heimdal/heimdal/commit/a1ef548600c5bb51cf52a9a9ea12676506ede19f (1.4.0)
CVE-2019-12097 (Telerik Fiddler v5.0.20182.28034 doesn't verify the hash of EnableLoop ...)
	NOT-FOR-US: Telerik Fiddler
CVE-2019-12096
	RESERVED
CVE-2019-12095 (Horde Trean, as used in Horde Groupware Webmail Edition through 5.2.22 ...)
	{DLA-2033-1}
	- php-horde-trean <unfixed>
	[buster] - php-horde-trean <no-dsa> (Minor issue)
	[stretch] - php-horde-trean <no-dsa> (Minor issue)
	[jessie] - php-horde-trean <no-dsa> (Minor issue)
	- php-horde 5.2.21+debian0-1
	[buster] - php-horde 5.2.20+debian0-1+deb10u1
	[stretch] - php-horde 5.2.13+debian0-1+deb9u1
	NOTE: https://github.com/horde/base/commit/81a7b53973506856db67e7f0b0263be29528aa75
	NOTE: https://bugs.horde.org/ticket/14926 (for the stored XSS)
CVE-2019-12094 (Horde Groupware Webmail Edition through 5.2.22 allows XSS via an admin ...)
	- php-horde <unfixed>
	[buster] - php-horde <no-dsa> (Minor issue)
	[stretch] - php-horde <no-dsa> (Minor issue)
	[jessie] - php-horde <no-dsa> (Minor issue)
	NOTE: https://bugs.horde.org/ticket/14926 (for the reflected XSS)
CVE-2019-12093
	RESERVED
CVE-2019-12092
	RESERVED
CVE-2019-12091 (The Netskope client service, v57 before 57.2.0.219 and v60 before 60.2 ...)
	NOT-FOR-US: Netskope
CVE-2019-12090
	RESERVED
CVE-2019-12089
	RESERVED
CVE-2019-12088
	RESERVED
CVE-2019-12087 (** DISPUTED ** Samsung S9+, S10, and XCover 4 P(9.0) devices can becom ...)
	NOT-FOR-US: Samsung devices
CVE-2019-12086 (A Polymorphic Typing issue was discovered in FasterXML jackson-databin ...)
	{DSA-4452-1 DLA-1798-1}
	- jackson-databind 2.9.8-2 (bug #929177)
	NOTE: https://github.com/FasterXML/jackson-databind/issues/2326
	NOTE: https://github.com/FasterXML/jackson-databind/commit/dda513bd7251b4f32b7b60b1c13740e3b5a43024
CVE-2019-12085
	RESERVED
CVE-2019-12084
	RESERVED
CVE-2019-12083 (The Rust Programming Language Standard Library 1.34.x before 1.34.2 co ...)
	- rustc <not-affected> (Introduced in 1.34)
	NOTE: https://blog.rust-lang.org/2019/05/13/Security-advisory.html
CVE-2019-12082
	RESERVED
CVE-2019-12081
	RESERVED
CVE-2019-12080
	RESERVED
CVE-2019-12079
	RESERVED
CVE-2019-12078
	RESERVED
CVE-2019-12077
	RESERVED
CVE-2019-12076
	RESERVED
CVE-2019-12075
	RESERVED
CVE-2019-12074
	RESERVED
CVE-2019-12073
	RESERVED
CVE-2019-12072
	RESERVED
CVE-2019-12071
	RESERVED
CVE-2019-12070
	RESERVED
CVE-2019-12069
	RESERVED
CVE-2019-12068 (In QEMU 1:4.1-1, 1:2.1+dfsg-12+deb8u6, 1:2.8+dfsg-6+deb9u8, 1:3.1+dfsg ...)
	{DLA-1927-1}
	- qemu 1:4.1-2 (low)
	[buster] - qemu <postponed> (Minor issue, can be fixed along in future update)
	[stretch] - qemu <postponed> (Minor issue, can be fixed along in future update)
	- qemu-kvm <removed>
	NOTE: https://lists.gnu.org/archive/html/qemu-devel/2019-08/msg01518.html
	NOTE: https://git.qemu.org/?p=qemu.git;a=commit;h=de594e47659029316bbf9391efb79da0a1a08e08
CVE-2019-12067 [ide: ahci: add check to avoid null dereference]
	RESERVED
	- qemu <unfixed> (low)
	[buster] - qemu <postponed> (Minor issue, can be fixed along in future update)
	[stretch] - qemu <postponed> (Minor issue, can be fixed along in future update)
	[jessie] - qemu <postponed> (Minor issue, can be fixed along in future update)
	- qemu-kvm <removed>
	NOTE: https://lists.gnu.org/archive/html/qemu-devel/2019-08/msg01358.html
	NOTE: patch not sanctioned as of 20190909
	NOTE: patched function introduced in 2014/2.1.50 but affected code pre-existed
	NOTE: https://github.com/qemu/qemu/commit/659142ecf71a0da240ab0ff7cf929ee25c32b9bc
CVE-2019-12066
	RESERVED
CVE-2019-12065
	RESERVED
CVE-2019-12064
	RESERVED
CVE-2019-12063
	RESERVED
CVE-2019-12062
	RESERVED
CVE-2019-12061
	RESERVED
CVE-2019-12060
	RESERVED
CVE-2019-12059
	RESERVED
CVE-2019-12058
	RESERVED
CVE-2019-12057
	RESERVED
CVE-2019-12056
	RESERVED
CVE-2019-12055
	RESERVED
CVE-2019-12054
	RESERVED
CVE-2019-12053
	RESERVED
CVE-2019-12052
	RESERVED
CVE-2019-12051
	RESERVED
CVE-2019-12050
	RESERVED
CVE-2019-12049
	RESERVED
CVE-2019-12048
	RESERVED
CVE-2019-12047 (Gridea v0.8.0 has an XSS vulnerability through which the Nodejs module ...)
	NOT-FOR-US: Gridea
CVE-2019-12045
	RESERVED
CVE-2019-12044 (A Buffer Overflow exists in Citrix NetScaler Gateway 10.5.x before 10. ...)
	NOT-FOR-US: Citrix NetScaler Gateway
CVE-2019-12043 (In remarkable 1.7.1, lib/parser_inline.js mishandles URL filtering, wh ...)
	NOT-FOR-US: remarkable
CVE-2019-12042 (Insecure permissions of the section object Global\PandaDevicesAgentSha ...)
	NOT-FOR-US: Panda products
CVE-2019-12041 (lib/common/html_re.js in remarkable 1.7.1 allows Regular Expression De ...)
	NOT-FOR-US: remarkable
CVE-2019-12040
	RESERVED
CVE-2019-12039
	RESERVED
CVE-2019-12038
	RESERVED
CVE-2019-12037
	RESERVED
CVE-2019-12036
	RESERVED
CVE-2019-12035
	RESERVED
CVE-2019-12034
	RESERVED
CVE-2019-12033
	RESERVED
CVE-2019-12032
	RESERVED
CVE-2019-12031
	RESERVED
CVE-2019-12030
	RESERVED
CVE-2019-12029
	RESERVED
CVE-2019-12028
	RESERVED
CVE-2019-12027
	RESERVED
CVE-2019-12026
	RESERVED
CVE-2019-12025
	RESERVED
CVE-2019-12024
	RESERVED
CVE-2019-12023
	RESERVED
CVE-2019-12022
	RESERVED
CVE-2019-12021
	RESERVED
CVE-2019-12020
	RESERVED
CVE-2019-12019
	RESERVED
CVE-2019-12018
	RESERVED
CVE-2019-12017 (A remote code execution vulnerability exists in MapR CLDB code, specif ...)
	NOT-FOR-US: MapR
CVE-2019-12016
	RESERVED
CVE-2019-12015
	RESERVED
CVE-2019-12014
	RESERVED
CVE-2019-12013
	RESERVED
CVE-2019-12012
	RESERVED
CVE-2019-12011
	RESERVED
CVE-2019-12010
	RESERVED
CVE-2019-12009
	RESERVED
CVE-2019-12008
	RESERVED
CVE-2019-12007
	RESERVED
CVE-2019-12006
	RESERVED
CVE-2019-12005
	RESERVED
CVE-2019-12004
	RESERVED
CVE-2019-12003
	RESERVED
CVE-2019-12002
	RESERVED
CVE-2019-12001
	RESERVED
CVE-2019-12000
	RESERVED
CVE-2019-11999
	RESERVED
CVE-2019-11998 (HPE Superdome Flex Server is vulnerable to multiple remote vulnerabili ...)
	NOT-FOR-US: HPE Superdome Flex Server
CVE-2019-11997 (A potential security vulnerability has been identified in HPE enhanced ...)
	NOT-FOR-US: HPE
CVE-2019-11996 (Potential security vulnerabilities have been identified with HPE Nimbl ...)
	NOT-FOR-US: HPE
CVE-2019-11995 (Security vulnerabilities in HPE UIoT version 1.2.4.2 could allow unaut ...)
	NOT-FOR-US: HPE UIoT
CVE-2019-11994 (A security vulnerability has been identified in HPE SimpliVity 380 Gen ...)
	NOT-FOR-US: HPE
CVE-2019-11993 (A security vulnerability has been identified in HPE SimpliVity 380 Gen ...)
	NOT-FOR-US: HPE
CVE-2019-11992 (A security vulnerability in HPE OneView for VMware vCenter 9.5 could b ...)
	NOT-FOR-US: HPE OneView for VMware vCenter
CVE-2019-11991 (HPE has identified a vulnerability in HPE 3PAR Service Processor (SP)  ...)
	NOT-FOR-US: HPE 3PAR Service Processor
CVE-2019-11990 (Security vulnerabilities in HPE UIoT versions 1.6, 1.5, 1.4.2, 1.4.1,  ...)
	NOT-FOR-US: HPE IceWall
CVE-2019-11989 (A security vulnerability in HPE IceWall SSO Agent Option and IceWall M ...)
	NOT-FOR-US: HPE IceWall
CVE-2019-11988 (A Remote Unauthorized Access vulnerability was identified in HPE Smart ...)
	NOT-FOR-US: HPE
CVE-2019-11987 (A security vulnerability in HPE Smart Update Manager (SUM) prior to v8 ...)
	NOT-FOR-US: HPE
CVE-2019-11986 (A remote code execution vulnerability was identified in HPE Intelligen ...)
	NOT-FOR-US: HPE
CVE-2019-11985 (A remote code execution vulnerability was identified in HPE Intelligen ...)
	NOT-FOR-US: HPE
CVE-2019-11984 (A SQL injection code execution vulnerability was identified in HPE Int ...)
	NOT-FOR-US: HPE
CVE-2019-11983 (A remote buffer overflow vulnerability was identified in HPE Integrate ...)
	NOT-FOR-US: HPE
CVE-2019-11982 (A remote cross site scripting vulnerability was identified in HPE Inte ...)
	NOT-FOR-US: HPE
CVE-2019-11981
	REJECTED
CVE-2019-11980 (A remote code exection vulnerability was identified in HPE Intelligent ...)
	NOT-FOR-US: HPE
CVE-2019-11979 (A SQL injection code execution vulnerability was identified in HPE Int ...)
	NOT-FOR-US: HPE
CVE-2019-11978 (A SQL injection code execution vulnerability was identified in HPE Int ...)
	NOT-FOR-US: HPE
CVE-2019-11977 (A SQL injection code execution vulnerability was identified in HPE Int ...)
	NOT-FOR-US: HPE
CVE-2019-11976 (A SQL injection code execution vulnerability was identified in HPE Int ...)
	NOT-FOR-US: HPE
CVE-2019-11975 (A SQL injection code execution vulnerability was identified in HPE Int ...)
	NOT-FOR-US: HPE
CVE-2019-11974 (A SQL injection code execution vulnerability was identified in HPE Int ...)
	NOT-FOR-US: HPE
CVE-2019-11973 (A SQL injection code execution vulnerability was identified in HPE Int ...)
	NOT-FOR-US: HPE
CVE-2019-11972 (A SQL injection code execution vulnerability was identified in HPE Int ...)
	NOT-FOR-US: HPE
CVE-2019-11971 (A SQL injection code execution vulnerability was identified in HPE Int ...)
	NOT-FOR-US: HPE
CVE-2019-11970 (A SQL injection code execution vulnerability was identified in HPE Int ...)
	NOT-FOR-US: HPE
CVE-2019-11969 (A remote code execution vulnerability was identified in HPE Intelligen ...)
	NOT-FOR-US: HPE
CVE-2019-11968 (A remote code execution vulnerability was identified in HPE Intelligen ...)
	NOT-FOR-US: HPE
CVE-2019-11967 (A remote code execution vulnerability was identified in HPE Intelligen ...)
	NOT-FOR-US: HPE
CVE-2019-11966 (A remote privilege escalation vulnerability was identified in HPE Inte ...)
	NOT-FOR-US: HPE
CVE-2019-11965 (A remote code execution vulnerability was identified in HPE Intelligen ...)
	NOT-FOR-US: HPE
CVE-2019-11964 (A remote code execution vulnerability was identified in HPE Intelligen ...)
	NOT-FOR-US: HPE
CVE-2019-11963 (A remote code execution vulnerability was identified in HPE Intelligen ...)
	NOT-FOR-US: HPE
CVE-2019-11962 (A remote code execution vulnerability was identified in HPE Intelligen ...)
	NOT-FOR-US: HPE
CVE-2019-11961 (A remote code execution vulnerability was identified in HPE Intelligen ...)
	NOT-FOR-US: HPE
CVE-2019-11960 (A remote code execution vulnerability was identified in HPE Intelligen ...)
	NOT-FOR-US: HPE
CVE-2019-11959 (A remote code execution vulnerability was identified in HPE Intelligen ...)
	NOT-FOR-US: HPE
CVE-2019-11958 (A remote code execution vulnerability was identified in HPE Intelligen ...)
	NOT-FOR-US: HPE
CVE-2019-11957 (A remote code execution vulnerability was identified in HPE Intelligen ...)
	NOT-FOR-US: HPE
CVE-2019-11956 (A remote code execution vulnerability was identified in HPE Intelligen ...)
	NOT-FOR-US: HPE
CVE-2019-11955 (A remote code execution vulnerability was identified in HPE Intelligen ...)
	NOT-FOR-US: HPE
CVE-2019-11954 (A remote code execution vulnerability was identified in HPE Intelligen ...)
	NOT-FOR-US: HPE
CVE-2019-11953 (A remote code execution vulnerability was identified in HPE Intelligen ...)
	NOT-FOR-US: HPE
CVE-2019-11952 (A remote code execution vulnerability was identified in HPE Intelligen ...)
	NOT-FOR-US: HPE
CVE-2019-11951 (A remote code execution vulnerability was identified in HPE Intelligen ...)
	NOT-FOR-US: HPE
CVE-2019-11950 (A remote code execution vulnerability was identified in HPE Intelligen ...)
	NOT-FOR-US: HPE
CVE-2019-11949 (A remote code execution vulnerability was identified in HPE Intelligen ...)
	NOT-FOR-US: HPE
CVE-2019-11948 (A remote code execution vulnerability was identified in HPE Intelligen ...)
	NOT-FOR-US: HPE
CVE-2019-11947 (A remote code execution vulnerability was identified in HPE Intelligen ...)
	NOT-FOR-US: HPE
CVE-2019-11946 (A remote credential disclosure vulnerability was identified in HPE Int ...)
	NOT-FOR-US: HPE
CVE-2019-11945 (A remote code execution vulnerability was identified in HPE Intelligen ...)
	NOT-FOR-US: HPE
CVE-2019-11944 (A remote code execution vulnerability was identified in HPE Intelligen ...)
	NOT-FOR-US: HPE
CVE-2019-11943 (A remote code execution vulnerability was identified in HPE Intelligen ...)
	NOT-FOR-US: HPE
CVE-2019-11942 (A remote code execution vulnerability was identified in HPE Intelligen ...)
	NOT-FOR-US: HPE
CVE-2019-11941 (A remote code execution vulnerability was identified in HPE Intelligen ...)
	NOT-FOR-US: HPE
CVE-2019-11940 (In the course of decompressing HPACK inside the HTTP2 protocol, an une ...)
	NOT-FOR-US: Facebook Proxygen
CVE-2019-11939 (Golang Facebook Thrift servers would not error upon receiving messages ...)
	- thrift <unfixed>
	NOTE: https://github.com/facebook/fbthrift/commit/483ed864d69f307e9e3b9dadec048216100c0757
CVE-2019-11938 (Java Facebook Thrift servers would not error upon receiving messages d ...)
	TODO: check
CVE-2019-11937 (In Mcrouter prior to v0.41.0, a large struct input provided to the Car ...)
	NOT-FOR-US: mcrouter
	NOTE: https://github.com/facebook/mcrouter/releases
CVE-2019-11936 (Various APC functions accept keys containing null bytes as input, lead ...)
	- hhvm <removed>
CVE-2019-11935 (Insufficient boundary checks when processing a string in mb_ereg_repla ...)
	- hhvm <removed>
CVE-2019-11934 (Improper handling of close_notify alerts can result in an out-of-bound ...)
	NOT-FOR-US: Facebook folly
CVE-2019-11933 (A heap buffer overflow bug in libpl_droidsonroids_gif before 1.2.19, a ...)
	NOT-FOR-US: libpl_droidsonroids_gif
CVE-2019-11932 (A double free vulnerability in the DDGifSlurp function in decoding.c i ...)
	NOT-FOR-US: libpl_droidsonroids_gif
CVE-2019-11931 (A stack-based buffer overflow could be triggered in WhatsApp by sendin ...)
	NOT-FOR-US: WhatsApp
CVE-2019-11930 (An invalid free in mb_detect_order can cause the application to crash  ...)
	- hhvm <removed>
CVE-2019-11929 (Insufficient boundary checks when formatting numbers in number_format  ...)
	- hhvm <removed>
CVE-2019-11928
	RESERVED
CVE-2019-11927 (An integer overflow in WhatsApp media parsing libraries allows a remot ...)
	NOT-FOR-US: WhatsApp
CVE-2019-11926 (Insufficient boundary checks when processing M_SOFx markers from JPEG  ...)
	- hhvm <removed>
CVE-2019-11925 (Insufficient boundary checks when processing the JPEG APP12 block mark ...)
	- hhvm <removed>
CVE-2019-11924 (A peer could send empty handshake fragments containing only padding wh ...)
	NOT-FOR-US: fizz
CVE-2019-11923 (In Mcrouter prior to v0.41.0, the deprecated ASCII parser would alloca ...)
	NOT-FOR-US: mcrouter
	NOTE: https://github.com/facebook/mcrouter/releases
CVE-2019-11922 (A race condition in the one-pass compression functions of Zstandard pr ...)
	- libzstd 1.3.8+dfsg-2
	[stretch] - libzstd <not-affected> (Vulnerable code not present)
	NOTE: https://github.com/facebook/zstd/commit/3e5cdf1b6a85843e991d7d10f6a2567c15580da0
CVE-2019-11921 (An out of bounds write is possible via a specially crafted packet in c ...)
	NOT-FOR-US: Facebook Proxygen
CVE-2019-11920
	RESERVED
CVE-2019-11919
	RESERVED
CVE-2019-11918
	RESERVED
CVE-2019-11917
	RESERVED
CVE-2019-11916
	RESERVED
CVE-2019-11915
	RESERVED
CVE-2019-11914
	RESERVED
CVE-2019-11913
	RESERVED
CVE-2019-11912
	RESERVED
CVE-2019-11911
	RESERVED
CVE-2019-11910
	RESERVED
CVE-2019-11909
	RESERVED
CVE-2019-11908
	RESERVED
CVE-2019-11907
	RESERVED
CVE-2019-11906
	RESERVED
CVE-2019-11905
	RESERVED
CVE-2019-11904
	RESERVED
CVE-2019-11903
	RESERVED
CVE-2019-11902
	RESERVED
CVE-2019-11901
	RESERVED
CVE-2019-11900
	RESERVED
CVE-2019-11899 (An unauthenticated attacker can achieve unauthorized access to sensiti ...)
	NOT-FOR-US: Bosch Access Professional Edition
CVE-2019-11898 (Unauthorized APE administration privileges can be achieved by reverse  ...)
	NOT-FOR-US: Bosch Access Professional Edition
CVE-2019-11897 (A Server-Side Request Forgery (SSRF) vulnerability in the backup &amp; ...)
	NOT-FOR-US: proSyst
CVE-2019-11896 (A potential incorrect privilege assignment vulnerability exists in the ...)
	NOT-FOR-US: Bosch
CVE-2019-11895 (A potential improper access control vulnerability exists in the JSON-R ...)
	NOT-FOR-US: Bosch
CVE-2019-11894 (A potential improper access control vulnerability exists in the backup ...)
	NOT-FOR-US: Bosch
CVE-2019-11893 (A potential incorrect privilege assignment vulnerability exists in the ...)
	NOT-FOR-US: Bosch
CVE-2019-11892 (A potential improper access control vulnerability exists in the JSON-R ...)
	NOT-FOR-US: Bosch
CVE-2019-11891 (A potential incorrect privilege assignment vulnerability exists in the ...)
	NOT-FOR-US: Bosch
CVE-2019-12046 (LemonLDAP::NG -2.0.3 has Incorrect Access Control. ...)
	{DSA-4446-1 DLA-1790-1}
	- lemonldap-ng 2.0.2+ds-7+deb10u1 (bug #928944)
	NOTE: https://gitlab.ow2.org/lemonldap-ng/lemonldap-ng/issues/1742
CVE-2019-11890 (Sony Bravia Smart TV devices allow remote attackers to cause a denial  ...)
	NOT-FOR-US: Sony Bravia Smart TV devices
CVE-2019-11889 (Sony BRAVIA Smart TV devices allow remote attackers to cause a denial  ...)
	NOT-FOR-US: Sony BRAVIA Smart TV devices
CVE-2019-11888 (Go through 1.12.5 on Windows mishandles process creation with a nil en ...)
	- golang-1.12 <not-affected> (Only affects Go on Windows)
	- golang-1.11 <not-affected> (Only affects Go on Windows)
	NOTE: https://go-review.googlesource.com/c/go/+/176619
CVE-2019-11887 (SimplyBook.me through 2019-05-11 does not properly restrict File Uploa ...)
	NOT-FOR-US: SimplyBook.me
CVE-2019-11886 (The WaspThemes Visual CSS Style Editor (aka yellow-pencil-visual-theme ...)
	NOT-FOR-US: WaspThemes Visual CSS Style Editor plugin for WordPress
CVE-2019-11885 (eyeDisk implements the unlock feature by sending a cleartext password. ...)
	NOT-FOR-US: eyeDisk
CVE-2019-11884 (The do_hidp_sock_ioctl function in net/bluetooth/hidp/sock.c in the Li ...)
	{DSA-4465-1 DLA-1824-1 DLA-1823-1}
	- linux 4.19.37-4
	NOTE: https://git.kernel.org/linus/a1616a5ac99ede5d605047a9012481ce7ff18b16
CVE-2019-11883
	RESERVED
CVE-2019-11882
	RESERVED
CVE-2019-11881 (A vulnerability exists in Rancher 2.1.4 in the login component, where  ...)
	NOT-FOR-US: Rancher
CVE-2019-11880 (CommSy through 8.6.5 has SQL Injection via the cid parameter. This is  ...)
	NOT-FOR-US: CommSy
CVE-2019-11879 (** DISPUTED ** The WEBrick gem 1.4.2 for Ruby allows directory travers ...)
	NOT-FOR-US: Non issue in webrick gem
CVE-2019-11878 (An issue was discovered on XiongMai Besder IP20H1 V4.02.R12.00035520.1 ...)
	NOT-FOR-US: XiongMai Besder IP20H1 cameras
CVE-2019-11877 (XSS on the PIX-Link Repeater/Router LV-WR09 with firmware v28K.MiniRou ...)
	NOT-FOR-US: PIX-Link Repeater/Router LV-WR09
CVE-2019-11876 (In PrestaShop 1.7.5.2, the shop_country parameter in the install/index ...)
	NOT-FOR-US: PrestaShop
CVE-2019-11875 (In AutomateAppCore.dll in Blue Prism Robotic Process Automation 6.4.0. ...)
	NOT-FOR-US: Blue Prism Robotic Process Automation
CVE-2019-11874
	RESERVED
CVE-2019-11873 (wolfSSL 4.0.0 has a Buffer Overflow in DoPreSharedKeys in tls13.c when ...)
	- wolfssl 4.1.0+dfsg-1 (bug #929468)
CVE-2019-11872 (The Hustle (aka wordpress-popup) plugin 6.0.7 for WordPress is vulnera ...)
	NOT-FOR-US: Hustle (aka wordpress-popup) plugin for WordPress
CVE-2019-11871 (The Custom Field Suite plugin before 2.5.15 for WordPress has XSS for  ...)
	NOT-FOR-US: Custom Field Suite plugin for WordPress
CVE-2019-11870 (Serendipity before 2.1.5 has XSS via EXIF data that is mishandled in t ...)
	- serendipity <removed>
CVE-2019-11869 (The Yuzo Related Posts plugin 5.12.94 for WordPress has XSS because it ...)
	NOT-FOR-US: WordPress plugin yuzo-related-post
CVE-2019-11868 (See.sys, up to version 4.25, in SoftEther VPN Server versions 4.29 or  ...)
	NOT-FOR-US: SoftEther VPN Server
CVE-2019-11867 (Realtek NDIS driver rt640x64.sys, file version 10.1.505.2015, fails to ...)
	NOT-FOR-US: Realtek NDIS driver rt640x64.sys
CVE-2019-11866
	RESERVED
CVE-2019-11865
	RESERVED
CVE-2019-11864
	RESERVED
CVE-2019-11863
	RESERVED
CVE-2019-11862
	RESERVED
CVE-2019-11861
	RESERVED
CVE-2019-11860
	RESERVED
CVE-2019-11859
	RESERVED
CVE-2019-11858
	RESERVED
CVE-2019-11857
	RESERVED
CVE-2019-11856
	RESERVED
CVE-2019-11855
	RESERVED
CVE-2019-11854
	RESERVED
CVE-2019-11853
	RESERVED
CVE-2019-11852
	RESERVED
CVE-2019-11851
	RESERVED
CVE-2019-11850
	RESERVED
CVE-2019-11849
	RESERVED
CVE-2019-11848
	RESERVED
CVE-2019-11847
	RESERVED
CVE-2019-11846 (/servlets/ajax_file_upload?fieldName=binary3 in dotCMS 5.1.1 allows XS ...)
	NOT-FOR-US: dotCMS
CVE-2019-11845 (An HTML Injection vulnerability has been discovered on the RICOH SP 45 ...)
	NOT-FOR-US: RICOH
CVE-2019-11844 (An HTML Injection vulnerability has been discovered on the RICOH SP 45 ...)
	NOT-FOR-US: RICOH
CVE-2019-11843
	RESERVED
CVE-2019-11841 (A message-forgery issue was discovered in crypto/openpgp/clearsign/cle ...)
	{DLA-1920-1}
	- golang-go.crypto 1:0.0~git20200221.2aa609c-1
	NOTE: https://go.googlesource.com/crypto/+/c05e17bb3b2dca130fc919668a96b4bec9eb9442
	NOTE: Patch fixes the second part of the CVE ("prepend arbitrary text")
	NOTE: but not the first ("ignores the value of [the Hash] header"), as hinted at reporter's 2019-05-09 note:
	NOTE: https://packetstormsecurity.com/files/152840/Go-Cryptography-Libraries-Cleartext-Message-Spoofing.html
CVE-2019-11840 (An issue was discovered in supplementary Go cryptography libraries, ak ...)
	{DLA-1840-1}
	- golang-go.crypto 1:0.0~git20200221.2aa609c-1
	NOTE: https://github.com/golang/go/issues/30965
	NOTE: https://go.googlesource.com/crypto/+/b7391e95e576cacdcdd422573063bc057239113d
	NOTE: https://groups.google.com/forum/#!msg/golang-announce/tjyNcJxb2vQ/n0NRBziSCAAJ
CVE-2019-11839 (njs through 0.3.1, used in NGINX, has a heap-based buffer overflow in  ...)
	NOT-FOR-US: njs
CVE-2019-11838 (njs through 0.3.1, used in NGINX, has a heap-based buffer overflow in  ...)
	NOT-FOR-US: njs
CVE-2019-11837 (njs through 0.3.1, used in NGINX, has a segmentation fault in String.p ...)
	NOT-FOR-US: njs
CVE-2019-11836 (The Rediffmail (aka com.rediff.mail.and) application 2.2.6 for Android ...)
	NOT-FOR-US: Rediffmail
CVE-2019-11842 (An issue was discovered in Matrix Sydent before 1.0.3 and Synapse befo ...)
	- matrix-synapse 0.99.2-5
	NOTE: https://matrix.org/blog/2019/05/03/security-updates-sydent-1-0-3-synapse-0-99-3-1-and-riot-android-0-9-0-0-8-99-0-8-28-a/
CVE-2019-11835 (cJSON before 1.7.11 allows out-of-bounds access, related to multiline  ...)
	- cjson 1.7.10-1.1 (bug #928726)
	NOTE: https://github.com/DaveGamble/cJSON/issues/338
CVE-2019-11834 (cJSON before 1.7.11 allows out-of-bounds access, related to \x00 in a  ...)
	- cjson 1.7.10-1.1 (bug #928726)
	NOTE: https://github.com/DaveGamble/cJSON/issues/337
CVE-2019-11833 (fs/ext4/extents.c in the Linux kernel through 5.1.2 does not zero out  ...)
	{DSA-4465-1 DLA-1824-1 DLA-1823-1}
	- linux 4.19.37-4
	NOTE: Fixed by: https://git.kernel.org/linus/592acbf16821288ecdc4192c47e3774a4c48bb64
CVE-2019-11832 (TYPO3 8.x before 8.7.25 and 9.x before 9.5.6 allows remote code execut ...)
	NOT-FOR-US: TYPO3
CVE-2019-11831 (The PharStreamWrapper (aka phar-stream-wrapper) package 2.x before 2.1 ...)
	{DSA-4445-1 DLA-1797-1}
	- drupal7 <removed> (bug #928688)
	NOTE: https://www.drupal.org/SA-CORE-2019-007
CVE-2019-11830 (PharMetaDataInterceptor in the PharStreamWrapper (aka phar-stream-wrap ...)
	NOT-FOR-US: phar-stream-wrapper
CVE-2019-11829 (OS command injection vulnerability in drivers_syno_import_user.php in  ...)
	NOT-FOR-US: Synology
CVE-2019-11828 (Cross-site scripting (XSS) vulnerability in Chart in Synology Office b ...)
	NOT-FOR-US: Synology
CVE-2019-11827 (Cross-site scripting (XSS) vulnerability in SYNO.NoteStation.Shard in  ...)
	NOT-FOR-US: Synology
CVE-2019-11826 (Relative path traversal vulnerability in SYNO.PhotoTeam.Upload.Item in ...)
	NOT-FOR-US: Synology
CVE-2019-11825 (Cross-site scripting (XSS) vulnerability in Event Editor in Synology C ...)
	NOT-FOR-US: Synology
CVE-2019-11824
	RESERVED
CVE-2019-11823
	RESERVED
CVE-2019-11822 (Relative path traversal vulnerability in SYNO.PhotoStation.File in Syn ...)
	NOT-FOR-US: Synology
CVE-2019-11821 (SQL injection vulnerability in synophoto_csPhotoDB.php in Synology Pho ...)
	NOT-FOR-US: Synology
CVE-2019-11820 (Information exposure through process environment vulnerability in Syno ...)
	NOT-FOR-US: Synology Calendar
CVE-2019-11819 (Alkacon OpenCMS v10.5.4 and before is affected by CSV (aka Excel Macro ...)
	NOT-FOR-US: Alkacon OpenCMS
CVE-2019-11818 (Alkacon OpenCMS v10.5.4 and before is affected by stored cross site sc ...)
	NOT-FOR-US: Alkacon OpenCMS
CVE-2019-11817
	RESERVED
CVE-2019-11816 (Incorrect access control in the WebUI in OPNsense before version 19.1. ...)
	NOT-FOR-US: OPNsense
CVE-2019-11814 (An issue was discovered in app/webroot/js/misp.js in MISP before 2.4.1 ...)
	NOT-FOR-US: MISP
CVE-2019-11813 (An issue was discovered in app/View/Elements/Events/View/value_field.c ...)
	NOT-FOR-US: MISP
CVE-2019-11812 (A persistent XSS issue was discovered in app/View/Helper/CommandHelper ...)
	NOT-FOR-US: MISP
CVE-2019-11815 (An issue was discovered in rds_tcp_kill_sock in net/rds/tcp.c in the L ...)
	{DSA-4465-1 DLA-1824-1}
	- linux 4.19.37-1 (bug #928989)
	[jessie] - linux <not-affected> (Vulnerable code introduced later)
	NOTE: Fixed by: https://git.kernel.org/linus/cb66ddd156203daefb8d71158036b27b0e2caf63
CVE-2019-11811 (An issue was discovered in the Linux kernel before 5.0.4. There is a u ...)
	- linux 4.19.37-1
	[stretch] - linux <not-affected> (Vulnerable code not present)
	[jessie] - linux <not-affected> (Vulnerable code not present)
	NOTE: Fixed by: https://git.kernel.org/linus/401e7e88d4ef80188ffa07095ac00456f901b8c4
CVE-2019-11810 (An issue was discovered in the Linux kernel before 5.0.7. A NULL point ...)
	{DLA-1823-1}
	- linux 4.19.37-1
	[stretch] - linux 4.9.168-1
	NOTE: Fixed by: https://git.kernel.org/linus/bcf3b67d16a4c8ffae0aa79de5853435e683945c
CVE-2019-11809 (An issue was discovered in Joomla! before 3.9.6. The debug views of co ...)
	NOT-FOR-US: Joomla!
CVE-2019-11808 (Ratpack versions before 1.6.1 generate a session ID using a cryptograp ...)
	NOT-FOR-US: Ratpack
CVE-2019-11807 (The WooCommerce Checkout Manager plugin before 4.3 for WordPress allow ...)
	NOT-FOR-US: WooCommerce Checkout Manager plugin for WordPress
CVE-2019-11806 (OX App Suite 7.10.1 and earlier has Insecure Permissions. ...)
	NOT-FOR-US: OX App Suite
CVE-2019-11805
	RESERVED
CVE-2019-11804
	RESERVED
CVE-2019-11803
	RESERVED
CVE-2019-11802
	RESERVED
CVE-2019-11801
	RESERVED
CVE-2019-11800
	RESERVED
CVE-2019-11799
	RESERVED
CVE-2019-11798
	RESERVED
CVE-2019-11797
	RESERVED
CVE-2019-11796
	RESERVED
CVE-2019-11795
	RESERVED
CVE-2019-11794
	RESERVED
CVE-2019-11793
	RESERVED
CVE-2019-11792
	RESERVED
CVE-2019-11791
	RESERVED
CVE-2019-11790
	RESERVED
CVE-2019-11789
	RESERVED
CVE-2019-11788
	RESERVED
CVE-2019-11787
	RESERVED
CVE-2019-11786
	RESERVED
CVE-2019-11785
	RESERVED
CVE-2019-11784
	RESERVED
CVE-2019-11783
	RESERVED
CVE-2019-11782
	RESERVED
CVE-2019-11781
	RESERVED
CVE-2019-11780 (Improper access control in the computed fields system of the framework ...)
	NOT-FOR-US: Odoo
CVE-2019-11779 (In Eclipse Mosquitto 1.5.0 to 1.6.5 inclusive, if a malicious MQTT cli ...)
	{DSA-4570-1 DLA-1972-1}
	- mosquitto 1.6.6-1 (bug #940654)
	[stretch] - mosquitto <not-affected> (Vulnerable code introduced later)
	NOTE: https://bugs.eclipse.org/bugs/show_bug.cgi?id=551160
	NOTE: https://github.com/eclipse/mosquitto/issues/1412
	NOTE: Introduced by: https://github.com/eclipse/mosquitto/commit/883af8af5379092097c6552a7a4a8c52409d2566 (v1.5)
	NOTE: Fixed by: https://github.com/eclipse/mosquitto/commit/106675093177335b18521bc0e5ad1d95343ad652 (1.6.6)
	NOTE: Fixed by: https://github.com/eclipse/mosquitto/commit/84681d9728ceb7f6ea2b6751b4d87200d8a62f14 (1.5.9)
	NOTE: https://mosquitto.org/blog/2019/09/version-1-6-6-released/
	NOTE: The issue manifests in versions 1.5.0 and onwards only, because some structs
	NOTE: increased in size enough to cause the stack overflow vulnerability for excessive
	NOTE: topic hierarchies. In earlier versions, the maximum possible hierarchy depth of
	NOTE: 65535 wouldn't cause a stack overflow.
CVE-2019-11778 (If an MQTT v5 client connects to Eclipse Mosquitto versions 1.6.0 to 1 ...)
	- mosquitto 1.6.6-1
	[buster] - mosquitto <not-affected> (Session expiry interval support introduced in 1.6)
	[stretch] - mosquitto <not-affected> (Session expiry interval support introduced in 1.6)
	[jessie] - mosquitto <not-affected> (Session expiry interval support introduced in 1.6)
	NOTE: https://bugs.eclipse.org/bugs/show_bug.cgi?id=551162
	NOTE: https://github.com/eclipse/mosquitto/issues/1401
	NOTE: https://github.com/eclipse/mosquitto/commit/8407c6d146d1e8299127737d9735afc782e04ea8
	NOTE: https://github.com/eclipse/mosquitto/commit/6f3e7b9ceb43e2626a32340c26b69ac8ae5e9c8c
	NOTE: https://mosquitto.org/blog/2019/09/version-1-6-6-released/
CVE-2019-11777 (In the Eclipse Paho Java client library version 1.2.0, when connecting ...)
	NOT-FOR-US: Eclipse Paho Java client
CVE-2019-11776 (In Eclipse BIRT versions 1.0 to 4.7, the Report Viewer allows Reflecte ...)
	NOT-FOR-US: Eclipse BIRT
CVE-2019-11775 (All builds of Eclipse OpenJ9 prior to 0.15 contain a bug where the loo ...)
	NOT-FOR-US: Eclipse OpenJ9
CVE-2019-11774 (Prior to 0.1, all builds of Eclipse OMR contain a bug where the loop v ...)
	NOT-FOR-US: Eclipe OMR
CVE-2019-11773 (Prior to 0.1, AIX builds of Eclipse OMR contain unused RPATHs which ma ...)
	NOT-FOR-US: Eclipe OMR
CVE-2019-11772 (In Eclipse OpenJ9 prior to 0.15, the String.getBytes(int, int, byte[], ...)
	NOT-FOR-US: Eclipse OpenJ9
CVE-2019-11771 (AIX builds of Eclipse OpenJ9 before 0.15.0 contain unused RPATHs which ...)
	NOT-FOR-US: Eclipse OpenJ9
CVE-2019-11770 (In Eclipse Buildship versions prior to 3.1.1, the build files indicate ...)
	NOT-FOR-US: Eclipse Buildship
CVE-2019-11769 (An issue was discovered in TeamViewer 14.2.2558. Updating the product  ...)
	NOT-FOR-US: TeamViewer
CVE-2019-11768 (An issue was discovered in phpMyAdmin before 4.9.0.1. A vulnerability  ...)
	- phpmyadmin 4:4.9.1+dfsg1-2 (bug #930048)
	[stretch] - phpmyadmin <no-dsa> (Minor issue; can be fixed via point release)
	[jessie] - phpmyadmin <not-affected> (vulnerable code is not present)
	NOTE: https://www.phpmyadmin.net/security/PMASA-2019-3/
	NOTE: https://github.com/phpmyadmin/phpmyadmin/commit/c1ecafc38319e8f768c9259d4d580e42acd5ee86
	NOTE: Code in earlier versions in js/pmd/move.js.
CVE-2019-11767 (Server side request forgery (SSRF) in phpBB before 3.2.6 allows checki ...)
	- phpbb3 <removed>
	[jessie] - phpbb3 <postponed> (Minor issue, solution/workaround is to disable the remote avatar function)
	NOTE: https://www.phpbb.com/community/viewtopic.php?f=14&t=2509941
CVE-2019-11766 (dhcp6.c in dhcpcd before 6.11.7 and 7.x before 7.2.2 has a buffer over ...)
	- dhcpcd5 7.1.0-2 (bug #928440)
	[stretch] - dhcpcd5 <no-dsa> (Minor issue)
	[jessie] - dhcpcd5 <not-affected> (Vulnerable code not present; D6_OPTION_PD_EXCLUDE support added later)
	NOTE: https://roy.marples.name/cgit/dhcpcd.git/commit/?&id=c1ebeaafeb324bac997984abdcee2d4e8b61a8a8
	NOTE: https://roy.marples.name/cgit/dhcpcd.git/commit/?&id=896ef4a54b0578985e5e1360b141593f1d62837b
CVE-2019-11765 (A compromised content process could send a message to the parent proce ...)
	- firefox 70.0-1
	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2019-34/#CVE-2019-11765
CVE-2019-11764 (Mozilla developers and community members reported memory safety bugs p ...)
	{DSA-4571-1 DSA-4549-1 DLA-1997-1 DLA-1987-1}
	- firefox 70.0-1
	- firefox-esr 68.2.0esr-1
	- thunderbird 1:68.2.1-1
	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2019-33/#CVE-2019-11764
	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2019-34/#CVE-2019-11764
	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2019-35/#CVE-2019-11764
CVE-2019-11763 (Failure to correctly handle null bytes when processing HTML entities r ...)
	{DSA-4571-1 DSA-4549-1 DLA-1997-1 DLA-1987-1}
	- firefox 70.0-1
	- firefox-esr 68.2.0esr-1
	- thunderbird 1:68.2.1-1
	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2019-33/#CVE-2019-11763
	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2019-34/#CVE-2019-11763
	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2019-35/#CVE-2019-11763
CVE-2019-11762 (If two same-origin documents set document.domain differently to become ...)
	{DSA-4571-1 DSA-4549-1 DLA-1997-1 DLA-1987-1}
	- firefox 70.0-1
	- firefox-esr 68.2.0esr-1
	- thunderbird 1:68.2.1-1
	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2019-33/#CVE-2019-11762
	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2019-34/#CVE-2019-11762
	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2019-35/#CVE-2019-11762
CVE-2019-11761 (By using a form with a data URI it was possible to gain access to the  ...)
	{DSA-4571-1 DSA-4549-1 DLA-1997-1 DLA-1987-1}
	- firefox 70.0-1
	- firefox-esr 68.2.0esr-1
	- thunderbird 1:68.2.1-1
	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2019-33/#CVE-2019-11761
	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2019-34/#CVE-2019-11761
	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2019-35/#CVE-2019-11761
CVE-2019-11760 (A fixed-size stack buffer could overflow in nrappkit when doing WebRTC ...)
	{DSA-4571-1 DSA-4549-1 DLA-1997-1 DLA-1987-1}
	- firefox 70.0-1
	- firefox-esr 68.2.0esr-1
	- thunderbird 1:68.2.1-1
	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2019-33/#CVE-2019-11760
	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2019-34/#CVE-2019-11760
	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2019-35/#CVE-2019-11760
CVE-2019-11759 (An attacker could have caused 4 bytes of HMAC output to be written pas ...)
	{DSA-4571-1 DSA-4549-1 DLA-1997-1 DLA-1987-1}
	- firefox 70.0-1
	- firefox-esr 68.2.0esr-1
	- thunderbird 1:68.2.1-1
	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2019-33/#CVE-2019-11759
	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2019-34/#CVE-2019-11759
	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2019-35/#CVE-2019-11759
CVE-2019-11758 (Mozilla community member Philipp reported a memory safety bug present  ...)
	- firefox-esr <not-affected> (Only an issue in combination with 360 Total Security)
	- thunderbird <not-affected> (Only an issue in combination with 360 Total Security)
	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2019-33/#CVE-2019-11758
	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2019-35/#CVE-2019-11758
CVE-2019-11757 (When following the value's prototype chain, it was possible to retain  ...)
	{DSA-4571-1 DSA-4549-1 DLA-1997-1 DLA-1987-1}
	- firefox 70.0-1
	- firefox-esr 68.2.0esr-1
	- thunderbird 1:68.2.1-1
	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2019-33/#CVE-2019-11757
	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2019-34/#CVE-2019-11757
	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2019-35/#CVE-2019-11757
CVE-2019-11756 (Improper refcounting of soft token session objects could cause a use-a ...)
	- firefox 71.0-1
	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2019-36/#CVE-2019-11756
CVE-2019-11755 (A crafted S/MIME message consisting of an inner encryption layer and a ...)
	{DSA-4571-1 DLA-1997-1}
	[experimental] - thunderbird 1:68.1.1-1~exp1
	- thunderbird 1:68.2.1-1
	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2019-32/#CVE-2019-11755
CVE-2019-11754 (When the pointer lock is enabled by a website though requestPointerLoc ...)
	- firefox 69.0.1-1
	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2019-31/#CVE-2019-11754
CVE-2019-11753 (The Firefox installer allows Firefox to be installed to a custom user  ...)
	- firefox <not-affected> (Windows-specific)
	- firefox-esr <not-affected> (Windows-specific)
	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2019-25/#CVE-2019-11753
	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2019-26/#CVE-2019-11753
	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2019-27/#CVE-2019-11753
	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2019-29/#CVE-2019-11753
CVE-2019-11752 (It is possible to delete an IndexedDB key value and subsequently try t ...)
	{DSA-4523-1 DSA-4516-1 DLA-1926-1 DLA-1910-1}
	- firefox 69.0-1
	- firefox-esr 68.1.0esr-1
	- thunderbird 1:60.9.0-1
	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2019-25/#CVE-2019-11752
	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2019-26/#CVE-2019-11752
	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2019-27/#CVE-2019-11752
	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2019-29/#CVE-2019-11742
CVE-2019-11751 (Logging-related command line parameters are not properly sanitized whe ...)
	- firefox <not-affected> (Windows-specific)
	- firefox-esr <not-affected> (Windows-specific)
	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2019-25/#CVE-2019-11751
	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2019-26/#CVE-2019-11751
CVE-2019-11750 (A type confusion vulnerability exists in Spidermonkey, which results i ...)
	- firefox 69.0-1
	- firefox-esr 68.1.0esr-1
	[buster] - firefox-esr <not-affected> (Doesn't affect ESR60)
	[stretch] - firefox-esr <not-affected> (Doesn't affect ESR60)
	[jessie] - firefox-esr <not-affected> (Doesn't affect ESR60)
	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2019-25/#CVE-2019-11750
	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2019-26/#CVE-2019-11750
CVE-2019-11749 (A vulnerability exists in WebRTC where malicious web content can use p ...)
	- firefox 69.0-1
	- firefox-esr 68.1.0esr-1
	[buster] - firefox-esr <not-affected> (Doesn't affect ESR60)
	[stretch] - firefox-esr <not-affected> (Doesn't affect ESR60)
	[jessie] - firefox-esr <not-affected> (Doesn't affect ESR60)
	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2019-25/#CVE-2019-11749
	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2019-26/#CVE-2019-11749
CVE-2019-11748 (WebRTC in Firefox will honor persisted permissions given to sites for  ...)
	- firefox 69.0-1
	- firefox-esr 68.1.0esr-1
	[buster] - firefox-esr <not-affected> (Doesn't affect ESR60)
	[stretch] - firefox-esr <not-affected> (Doesn't affect ESR60)
	[jessie] - firefox-esr <not-affected> (Doesn't affect ESR60)
	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2019-25/#CVE-2019-11748
	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2019-26/#CVE-2019-11748
CVE-2019-11747 (The "Forget about this site" feature in the History pane is intended t ...)
	- firefox 69.0-1
	- firefox-esr 68.1.0esr-1
	[buster] - firefox-esr <not-affected> (Doesn't affect ESR60)
	[stretch] - firefox-esr <not-affected> (Doesn't affect ESR60)
	[jessie] - firefox-esr <not-affected> (Doesn't affect ESR60)
	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2019-25/#CVE-2019-11747
	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2019-26/#CVE-2019-11747
CVE-2019-11746 (A use-after-free vulnerability can occur while manipulating video elem ...)
	{DSA-4523-1 DSA-4516-1 DLA-1926-1 DLA-1910-1}
	- firefox 69.0-1
	- firefox-esr 68.1.0esr-1
	- thunderbird 1:60.9.0-1
	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2019-25/#CVE-2019-11746
	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2019-26/#CVE-2019-11746
	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2019-27/#CVE-2019-11746
	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2019-29/#CVE-2019-11746
CVE-2019-11745 (When encrypting with a block cipher, if a call to NSC_EncryptUpdate wa ...)
	{DSA-4579-1 DLA-2008-1}
	- nss 2:3.47.1-1
	NOTE: https://bugzilla.mozilla.org/show_bug.cgi?id=1586176 (not public)
	NOTE: https://hg.mozilla.org/projects/nss/rev/1e22a0c93afe9f46545560c86caedef9dab6cfda
	NOTE: Fixed in 3.44.3 and 3.47.1 upstream.
CVE-2019-11744 (Some HTML elements, such as &amp;lt;title&amp;gt; and &amp;lt;textarea ...)
	{DSA-4523-1 DSA-4516-1 DLA-1926-1 DLA-1910-1}
	- firefox 69.0-1
	- firefox-esr 68.1.0esr-1
	- thunderbird 1:60.9.0-1
	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2019-25/#CVE-2019-11744
	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2019-26/#CVE-2019-11744
	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2019-27/#CVE-2019-11744
	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2019-29/#CVE-2019-11744
CVE-2019-11743 (Navigation events were not fully adhering to the W3C's "Navigation-Tim ...)
	{DSA-4523-1 DSA-4516-1 DLA-1926-1 DLA-1910-1}
	- firefox 69.0-1
	- firefox-esr 68.1.0esr-1
	- thunderbird 1:60.9.0-1
	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2019-25/#CVE-2019-11743
	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2019-26/#CVE-2019-11743
	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2019-27/#CVE-2019-11743
CVE-2019-11742 (A same-origin policy violation occurs allowing the theft of cross-orig ...)
	{DSA-4523-1 DSA-4516-1 DLA-1926-1 DLA-1910-1}
	- firefox 69.0-1
	- firefox-esr 68.1.0esr-1
	- thunderbird 1:60.9.0-1
	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2019-25/#CVE-2019-11742
	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2019-26/#CVE-2019-11742
	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2019-27/#CVE-2019-11742
	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2019-29/#CVE-2019-11742
CVE-2019-11741 (A compromised sandboxed content process can perform a Universal Cross- ...)
	- firefox 69.0-1
	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2019-25/#CVE-2019-11741
CVE-2019-11740 (Mozilla developers and community members reported memory safety bugs p ...)
	{DSA-4523-1 DSA-4516-1 DLA-1926-1 DLA-1910-1}
	- firefox 69.0-1
	- firefox-esr 68.1.0esr-1
	- thunderbird 1:60.9.0-1
	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2019-25/#CVE-2019-11740
	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2019-26/#CVE-2019-11740
	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2019-27/#CVE-2019-11740
	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2019-29/#CVE-2019-11740
CVE-2019-11739 (Encrypted S/MIME parts in a crafted multipart/alternative message can  ...)
	{DSA-4523-1 DLA-1926-1}
	- thunderbird 1:60.9.0-1
	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2019-29/#CVE-2019-11739
CVE-2019-11738 (If a Content Security Policy (CSP) directive is defined that uses a ha ...)
	- firefox 69.0-1
	- firefox-esr 68.1.0esr-1
	[buster] - firefox-esr <not-affected> (Doesn't affect ESR60)
	[stretch] - firefox-esr <not-affected> (Doesn't affect ESR60)
	[jessie] - firefox-esr <not-affected> (Doesn't affect ESR60)
	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2019-25/#CVE-2019-11738
	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2019-26/#CVE-2019-11738
CVE-2019-11737 (If a wildcard ('*') is specified for the host in Content Security Poli ...)
	- firefox 69.0-1
	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2019-25/#CVE-2019-11737
CVE-2019-11736 (The Mozilla Maintenance Service does not guard against files being har ...)
	- firefox <not-affected> (Windows-specific)
	- firefox-esr <not-affected> (Windows-specific)
	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2019-25/#CVE-2019-11736
	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2019-26/#CVE-2019-11736
CVE-2019-11735 (Mozilla developers and community members reported memory safety bugs p ...)
	- firefox 69.0-1
	- firefox-esr 68.1.0esr-1
	[buster] - firefox-esr <not-affected> (Doesn't affect ESR60)
	[stretch] - firefox-esr <not-affected> (Doesn't affect ESR60)
	[jessie] - firefox-esr <not-affected> (Doesn't affect ESR60)
	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2019-25/#CVE-2019-11735
	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2019-26/#CVE-2019-11735
CVE-2019-11734 (Mozilla developers and community members reported memory safety bugs p ...)
	- firefox 69.0-1
	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2019-25/#CVE-2019-11734
CVE-2019-11733 (When a master password is set, it is required to be entered again befo ...)
	- firefox 68.0.2-1
	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2019-24/#CVE-2019-11733
CVE-2019-11732
	RESERVED
CVE-2019-11731
	RESERVED
CVE-2019-11730 (A vulnerability exists where if a user opens a locally saved HTML file ...)
	{DSA-4482-1 DSA-4479-1 DLA-1870-1 DLA-1869-1}
	- firefox 68.0-1
	- firefox-esr 60.8.0esr-1
	- thunderbird 1:60.8.0-1
	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2019-21/#CVE-2019-11730
	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2019-22/#CVE-2019-11730
	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2019-23/#CVE-2019-11730
CVE-2019-11729 (Empty or malformed p256-ECDH public keys may trigger a segmentation fa ...)
	{DLA-1857-1}
	- firefox 68.0-1 (unimportant)
	- firefox-esr 60.8.0esr-1 (unimportant)
	[buster] - firefox-esr 60.8.0esr-1~deb10u1
	[stretch] - firefox-esr 60.8.0esr-1~deb9u1
	- thunderbird 1:60.8.0-1 (unimportant)
	[buster] - thunderbird 1:60.8.0-1~deb10u1
	[stretch] - thunderbird 1:60.8.0-1~deb9u1
	- nss 2:3.45-1
	[buster] - nss 2:3.42.1-1+deb10u1
	[stretch] - nss <no-dsa> (Minor issue)
	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2019-21/#CVE-2019-11729
	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2019-22/#CVE-2019-11729
	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2019-23/#CVE-2019-11729
	NOTE: https://hg.mozilla.org/projects/nss/rev/dabfe1160c682b4d1d19c5a7a13ab3828bb9d37f
	NOTE: https://hg.mozilla.org/projects/nss/rev/ebc93d6daeaa9001d31fd18b5199779da99ae9aa
	NOTE: firefox-esr in older suites than buster use the embedded copy and thus issue
	NOTE: is just fixed by updating firefox-esr to 60.8.0. For the others an update to
	NOTE: src:nss is needed as firefox-esr uses the system library.
CVE-2019-11728 (The HTTP Alternative Services header, Alt-Svc, can be used by a malici ...)
	- firefox 68.0-1
	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2019-21/#CVE-2019-11728
CVE-2019-11727 (A vulnerability exists where it possible to force Network Security Ser ...)
	- firefox 68.0-1 (unimportant)
	- nss 2:3.45-1
	[buster] - nss 2:3.42.1-1+deb10u1
	[stretch] - nss <no-dsa> (Minor issue)
	[jessie] - nss <ignored> (Issue is specific to TLS 1.3 and support was not really complete in 3.26; code has diverged significantly since and applying the fix would be very disruptive)
	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2019-21/#CVE-2019-11727
	NOTE: https://hg.mozilla.org/projects/nss/rev/0a4e8b72a92e144663c2f35d3836f7828cfc97f2
	NOTE: firefox-esr in older suites than buster use the embedded copy and thus issue
	NOTE: is just fixed by updating firefox-esr to 60.8.0. For the others an update to
	NOTE: src:nss is needed as firefox-esr uses the system library.
CVE-2019-11726
	RESERVED
CVE-2019-11725 (When a user navigates to site marked as unsafe by the Safebrowsing API ...)
	- firefox 68.0-1
	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2019-21/#CVE-2019-11725
CVE-2019-11724 (Application permissions give additional remote troubleshooting permiss ...)
	- firefox 68.0-1
	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2019-21/#CVE-2019-11724
CVE-2019-11723 (A vulnerability exists during the installation of add-ons where the in ...)
	- firefox 68.0-1
	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2019-21/#CVE-2019-11723
CVE-2019-11722
	REJECTED
CVE-2019-11721 (The unicode latin 'kra' character can be used to spoof a standard 'k'  ...)
	- firefox 68.0-1
	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2019-21/#CVE-2019-11721
CVE-2019-11720 (Some unicode characters are incorrectly treated as whitespace during t ...)
	- firefox 68.0-1
	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2019-21/#CVE-2019-11720
CVE-2019-11719 (When importing a curve25519 private key in PKCS#8format with leading 0 ...)
	{DLA-1857-1}
	- firefox 68.0-1 (unimportant)
	- firefox-esr 60.8.0esr-1 (unimportant)
	[buster] - firefox-esr 60.8.0esr-1~deb10u1
	[stretch] - firefox-esr 60.8.0esr-1~deb9u1
	- thunderbird 1:60.8.0-1 (unimportant)
	[buster] - thunderbird 1:60.8.0-1~deb10u1
	[stretch] - thunderbird 1:60.8.0-1~deb9u1
	- nss 2:3.45-1
	[buster] - nss 2:3.42.1-1+deb10u1
	[stretch] - nss <no-dsa> (Minor issue)
	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2019-21/#CVE-2019-11719
	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2019-22/#CVE-2019-11719
	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2019-23/#CVE-2019-11719
	NOTE: https://hg.mozilla.org/projects/nss/rev/6cfb54d262d030783137aa6478b45ecb3cbfc624
	NOTE: firefox-esr in older suites than buster use the embedded copy and thus issue
	NOTE: is just fixed by updating firefox-esr to 60.8.0. For the others an update to
	NOTE: src:nss is needed as firefox-esr uses the system library.
CVE-2019-11718 (Activity Stream can display content from sent from the Snippet Service ...)
	- firefox 68.0-1
	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2019-21/#CVE-2019-11718
CVE-2019-11717 (A vulnerability exists where the caret ("^") character is improperly e ...)
	{DSA-4482-1 DSA-4479-1 DLA-1870-1 DLA-1869-1}
	- firefox 68.0-1
	- firefox-esr 60.8.0esr-1
	- thunderbird 1:60.8.0-1
	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2019-21/#CVE-2019-11717
	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2019-22/#CVE-2019-11717
	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2019-23/#CVE-2019-11717
CVE-2019-11716 (Until explicitly accessed by script, window.globalThis is not enumerab ...)
	- firefox 68.0-1
	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2019-21/#CVE-2019-11716
CVE-2019-11715 (Due to an error while parsing page content, it is possible for properl ...)
	{DSA-4482-1 DSA-4479-1 DLA-1870-1 DLA-1869-1}
	- firefox 68.0-1
	- firefox-esr 60.8.0esr-1
	- thunderbird 1:60.8.0-1
	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2019-21/#CVE-2019-11715
	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2019-22/#CVE-2019-11715
	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2019-23/#CVE-2019-11715
CVE-2019-11714 (Necko can access a child on the wrong thread during UDP connections, r ...)
	- firefox 68.0-1
	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2019-21/#CVE-2019-11714
CVE-2019-11713 (A use-after-free vulnerability can occur in HTTP/2 when a cached HTTP/ ...)
	{DSA-4482-1 DSA-4479-1 DLA-1870-1 DLA-1869-1}
	- firefox 68.0-1
	- firefox-esr 60.8.0esr-1
	- thunderbird 1:60.8.0-1
	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2019-21/#CVE-2019-11713
	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2019-22/#CVE-2019-11713
	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2019-23/#CVE-2019-11713
CVE-2019-11712 (POST requests made by NPAPI plugins, such as Flash, that receive a sta ...)
	{DSA-4482-1 DSA-4479-1 DLA-1870-1 DLA-1869-1}
	- firefox 68.0-1
	- firefox-esr 60.8.0esr-1
	- thunderbird 1:60.8.0-1
	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2019-21/#CVE-2019-11712
	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2019-22/#CVE-2019-11712
	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2019-23/#CVE-2019-11712
CVE-2019-11711 (When an inner window is reused, it does not consider the use of docume ...)
	{DSA-4482-1 DSA-4479-1 DLA-1870-1 DLA-1869-1}
	- firefox 68.0-1
	- firefox-esr 60.8.0esr-1
	- thunderbird 1:60.8.0-1
	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2019-21/#CVE-2019-11711
	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2019-22/#CVE-2019-11711
	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2019-23/#CVE-2019-11711
CVE-2019-11710 (Mozilla developers and community members reported memory safety bugs p ...)
	- firefox 68.0-1
	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2019-21/#CVE-2019-11710
CVE-2019-11709 (Mozilla developers and community members reported memory safety bugs p ...)
	{DSA-4482-1 DSA-4479-1 DLA-1870-1 DLA-1869-1}
	- firefox 68.0-1
	- firefox-esr 60.8.0esr-1
	- thunderbird 1:60.8.0-1
	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2019-21/#CVE-2019-11709
	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2019-22/#CVE-2019-11709
	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2019-23/#CVE-2019-11709
CVE-2019-11708 (Insufficient vetting of parameters passed with the Prompt:Open IPC mes ...)
	{DSA-4474-1 DSA-4471-1 DLA-1836-1}
	- firefox 67.0.4-1
	- firefox-esr 60.7.2esr-1
	- thunderbird 1:60.7.2-1
	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2019-19/#CVE-2019-11708
	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2019-20/#CVE-2019-11708
CVE-2019-11707 (A type confusion vulnerability can occur when manipulating JavaScript  ...)
	{DSA-4471-1 DSA-4466-1 DLA-1836-1 DLA-1829-1}
	- firefox 67.0.3-1
	- firefox-esr 60.7.1esr-1
	- thunderbird 1:60.7.2-1
	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2019-18/#CVE-2019-11707
	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2019-20/#CVE-2019-11707
CVE-2019-11706 (A flaw in Thunderbird's implementation of iCal causes a type confusion ...)
	{DSA-4464-1 DLA-1820-1}
	- thunderbird 1:60.7.1-1
	NOTE: https://www.openwall.com/lists/oss-security/2019/06/13/4
	NOTE: https://bugzilla.mozilla.org/show_bug.cgi?id=1555646
	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2019-17/#CVE-2019-11706
CVE-2019-11705 (A flaw in Thunderbird's implementation of iCal causes a stack buffer o ...)
	{DSA-4464-1 DLA-1820-1}
	- thunderbird 1:60.7.1-1
	NOTE: https://www.openwall.com/lists/oss-security/2019/06/13/3
	NOTE: https://bugzilla.mozilla.org/show_bug.cgi?id=1553808
	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2019-17/#CVE-2019-11705
CVE-2019-11704 (A flaw in Thunderbird's implementation of iCal causes a heap buffer ov ...)
	{DSA-4464-1 DLA-1820-1}
	- thunderbird 1:60.7.1-1
	NOTE: https://www.openwall.com/lists/oss-security/2019/06/13/1
	NOTE: https://bugzilla.mozilla.org/show_bug.cgi?id=1553814
	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2019-17/#CVE-2019-11704
CVE-2019-11703 (A flaw in Thunderbird's implementation of iCal causes a heap buffer ov ...)
	{DSA-4464-1 DLA-1820-1}
	- thunderbird 1:60.7.1-1
	NOTE: https://www.openwall.com/lists/oss-security/2019/06/13/2
	NOTE: https://bugzilla.mozilla.org/show_bug.cgi?id=1553820
	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2019-17/#CVE-2019-11703
CVE-2019-11702 (A hyperlink using protocols associated with Internet Explorer, such as ...)
	- firefox <not-affected> (Windows-specific)
	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2019-16/#CVE-2019-11702
CVE-2019-11701 (The default webcal: protocol handler will load a web site vulnerable t ...)
	[experimental] - firefox 67.0-1
	- firefox 67.0-2
	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2019-13/#CVE-2019-11701
CVE-2019-11700 (A hyperlink using the res: protocol can be used to open local files at ...)
	- firefox <not-affected> (Windows-specific)
	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2019-13/#CVE-2019-11700
CVE-2019-11699 (A malicious page can briefly cause the wrong name to be highlighted as ...)
	[experimental] - firefox 67.0-1
	- firefox 67.0-2
	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2019-13/#CVE-2019-11699
CVE-2019-11698 (If a crafted hyperlink is dragged and dropped to the bookmark bar or s ...)
	{DSA-4451-1 DSA-4448-1 DLA-1806-1 DLA-1800-1}
	[experimental] - firefox 67.0-1
	- firefox 67.0-2
	- firefox-esr 60.7.0esr-1
	- thunderbird 1:60.7.0-1
	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2019-13/#CVE-2019-11698
	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2019-14/#CVE-2019-11698
	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2019-15/#CVE-2019-11698
CVE-2019-11697 (If the ALT and "a" keys are pressed when users receive an extension in ...)
	[experimental] - firefox 67.0-1
	- firefox 67.0-2
	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2019-13/#CVE-2019-11697
CVE-2019-11696 (Files with the .JNLP extension used for "Java web start" applications  ...)
	[experimental] - firefox 67.0-1
	- firefox 67.0-2
	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2019-13/#CVE-2019-11696
CVE-2019-11695 (A custom cursor defined by scripting on a site can position itself ove ...)
	[experimental] - firefox 67.0-1
	- firefox 67.0-2
	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2019-13/#CVE-2019-11695
CVE-2019-11694 (A vulnerability exists in the Windows sandbox where an uninitialized v ...)
	- firefox <not-affected> (Windows-specific)
	- firefox-esr <not-affected> (Windows-specific)
	- thunderbird <not-affected> (Windows-specific)
	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2019-13/#CVE-2019-11694
	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2019-14/#CVE-2019-11694
	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2019-15/#CVE-2019-11694
CVE-2019-11693 (The bufferdata function in WebGL is vulnerable to a buffer overflow wi ...)
	{DSA-4451-1 DSA-4448-1 DLA-1806-1 DLA-1800-1}
	[experimental] - firefox 67.0-1
	- firefox 67.0-2
	- firefox-esr 60.7.0esr-1
	- thunderbird 1:60.7.0-1
	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2019-13/#CVE-2019-11693
	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2019-14/#CVE-2019-11693
	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2019-15/#CVE-2019-11693
CVE-2019-11692 (A use-after-free vulnerability can occur when listeners are removed fr ...)
	{DSA-4451-1 DSA-4448-1 DLA-1806-1 DLA-1800-1}
	[experimental] - firefox 67.0-1
	- firefox 67.0-2
	- firefox-esr 60.7.0esr-1
	- thunderbird 1:60.7.0-1
	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2019-13/#CVE-2019-11692
	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2019-14/#CVE-2019-11692
	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2019-15/#CVE-2019-11692
CVE-2019-11691 (A use-after-free vulnerability can occur when working with XMLHttpRequ ...)
	{DSA-4451-1 DSA-4448-1 DLA-1806-1 DLA-1800-1}
	[experimental] - firefox 67.0-1
	- firefox 67.0-2
	- firefox-esr 60.7.0esr-1
	- thunderbird 1:60.7.0-1
	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2019-13/#CVE-2019-11691
	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2019-14/#CVE-2019-11691
	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2019-15/#CVE-2019-11691
CVE-2019-11690 (gen_rand_uuid in lib/uuid.c in Das U-Boot v2014.04 through v2019.04 la ...)
	- u-boot 2019.01+dfsg-6 (low; bug #928557)
	[stretch] - u-boot <no-dsa> (Minor issue)
	[jessie] - u-boot <ignored> (Minor issue)
	NOTE: https://patchwork.ozlabs.org/patch/1092945
CVE-2019-11689 (An issue was discovered in ASUSTOR exFAT Driver through 1.0.0.r20. Whe ...)
	NOT-FOR-US: ASUSTOR
CVE-2019-11688 (An issue was discovered in ASUSTOR exFAT Driver through 1.0.0.r20. Whe ...)
	NOT-FOR-US: ASUSTOR
CVE-2019-11687 (An issue was discovered in the DICOM Part 10 File Format in the NEMA D ...)
	NOT-FOR-US: DICOM
CVE-2019-11686 (Western Digital SanDisk X300, X300s, X400, and X600 devices: A vulnera ...)
	NOT-FOR-US: Western Digital
CVE-2019-11685
	RESERVED
CVE-2019-11684
	RESERVED
CVE-2019-11683 (udp_gro_receive_segment in net/ipv4/udp_offload.c in the Linux kernel  ...)
	- linux <not-affected> (Vulnerable code introduced later)
	NOTE: Fixed by: https://git.kernel.org/linus/4dd2b82d5adfbe0b1587ccad7a8f76d826120f37
CVE-2019-11682 (A buffer overflow in the SMTP response service in MailCarrier 2.51 all ...)
	NOT-FOR-US: MailCarrier
CVE-2019-11681
	RESERVED
CVE-2019-11680 (KonaKart 8.9.0.0 is vulnerable to Remote Code Execution by uploading a ...)
	NOT-FOR-US: KonaKart
CVE-2019-11679
	RESERVED
CVE-2019-11678 (The "default reports" feature in Zoho ManageEngine Firewall Analyzer b ...)
	NOT-FOR-US: Zoho ManageEngine Firewall Analyzer
CVE-2019-11677 (The Custom Report import function in Zoho ManageEngine Firewall Analyz ...)
	NOT-FOR-US: Zoho ManageEngine Firewall Analyzer
CVE-2019-11676 (The user defined DNS name in Zoho ManageEngine Firewall Analyzer befor ...)
	NOT-FOR-US: Zoho ManageEngine Firewall Analyzer
CVE-2019-11674 (Man-in-the-middle vulnerability in Micro Focus Self Service Password R ...)
	NOT-FOR-US: Micro Focus
CVE-2019-11673
	RESERVED
CVE-2019-11672
	RESERVED
CVE-2019-11671
	RESERVED
CVE-2019-11670
	RESERVED
CVE-2019-11669 (Modifiable read only check box In Micro Focus Service Manager, version ...)
	NOT-FOR-US: Micro Focus
CVE-2019-11668 (HTTP cookie in Micro Focus Service manager, Versions 9.30, 9.31, 9.32, ...)
	NOT-FOR-US: Micro Focus
CVE-2019-11667 (Unauthorized access to contact information in Micro Focus Service Mana ...)
	NOT-FOR-US: Micro Focus
CVE-2019-11666 (Insecure deserialization of untrusted data in Micro Focus Service Mana ...)
	NOT-FOR-US: Micro Focus
CVE-2019-11665 (Data exposure in Micro Focus Service Manager product versions 9.30, 9. ...)
	NOT-FOR-US: Micro Focus
CVE-2019-11664 (Clear text password in browser in Micro Focus Service Manager product  ...)
	NOT-FOR-US: Micro Focus
CVE-2019-11663 (Clear text credentials are used to access managers app in Tomcat in Mi ...)
	NOT-FOR-US: Micro Focus
CVE-2019-11662 (Class and method names in error message in Micro Focus Service Manager ...)
	NOT-FOR-US: Micro Focus
CVE-2019-11661 (Allow changes to some table by non-SysAdmin in Micro Focus Service Man ...)
	NOT-FOR-US: Micro Focus
CVE-2019-11660 (Privileges manipulation in Micro Focus Data Protector, versions 10.00, ...)
	NOT-FOR-US: Micro Focus
CVE-2019-11659
	RESERVED
CVE-2019-11658 (Information exposure in Micro Focus Content Manager, versions 9.1, 9.2 ...)
	NOT-FOR-US: Micro Focus
CVE-2019-11657 (Cross-Site Request Forgery vulnerability in all Micro Focus ArcSight L ...)
	NOT-FOR-US: Micro Focus
CVE-2019-11656 (Stored XSS vulnerability in Micro Focus ArcSight Logger, affects versi ...)
	NOT-FOR-US: Micro Focus
CVE-2019-11655 (Unrestricted file upload vulnerability in Micro Focus ArcSight Logger, ...)
	NOT-FOR-US: Micro Focus
CVE-2019-11654 (Path traversal vulnerability in Micro Focus Verastream Host Integrator ...)
	NOT-FOR-US: Micro Focus
CVE-2019-11653 (Remote Access Control Bypass in Micro Focus Content Manager. versions  ...)
	NOT-FOR-US: Micro Focus
CVE-2019-11652 (A potential authorization bypass issue was found in Micro Focus Self S ...)
	NOT-FOR-US: Micro Focus
CVE-2019-11651 (Reflected XSS on Micro Focus Enterprise Developer and Enterprise Serve ...)
	NOT-FOR-US: Micro Focus
CVE-2019-11650 (A potential Man in the Middle attack (MITM) was found in NetIQ Advance ...)
	NOT-FOR-US: NetIQ Advanced Authentication Framework
CVE-2019-11649 (Cross-Site Scripting vulnerability in Micro Focus Fortify Software Sec ...)
	NOT-FOR-US: Micro Focus Fortify software security center server
CVE-2019-11648 (An information leakage exists in Micro Focus NetIQ Self Service Passwo ...)
	NOT-FOR-US: Micro Focus NetIQ
CVE-2019-11647 (A potential XSS exists in Self Service Password Reset, in Micro Focus  ...)
	NOT-FOR-US: Micro Focus NetIQ
CVE-2019-11646 (Remote unauthorized command execution and unauthorized disclosure of i ...)
	NOT-FOR-US: Micro Focus Service Manager
CVE-2019-11645
	RESERVED
CVE-2019-11675 (The groonga-httpd package 6.1.5-1 for Debian sets the /var/log/groonga ...)
	- groonga 9.0.1-2 (bug #928304)
	[buster] - groonga 9.0.0-1+deb10u1
	[stretch] - groonga 6.1.5-1+deb9u1
CVE-2019-11644 (In the F-Secure installer in F-Secure SAFE for Windows before 17.6, F- ...)
	NOT-FOR-US: F-Secure
CVE-2019-11643 (Persistent XSS has been found in the OneShield Policy (Dragon Core) fr ...)
	NOT-FOR-US: OneShield Policy (Dragon Core) framework
CVE-2019-11642 (A log poisoning vulnerability has been discovered in the OneShield Pol ...)
	NOT-FOR-US: OneShield Policy (Dragon Core) framework
CVE-2019-11641 (Anomali Agave (formerly Drupot) through 1.0.0 fails to avoid fingerpri ...)
	NOT-FOR-US: Anomali Agave
CVE-2019-11640 (An issue was discovered in GNU recutils 1.8. There is a heap-based buf ...)
	- recutils <unfixed> (unimportant)
	NOTE: Negligible security impact
CVE-2019-11639 (An issue was discovered in GNU recutils 1.8. There is a stack-based bu ...)
	- recutils <unfixed> (unimportant)
	NOTE: Negligible security impact
CVE-2019-11638 (An issue was discovered in GNU recutils 1.8. There is a NULL pointer d ...)
	- recutils <unfixed> (unimportant)
	NOTE: Negligible security impact
CVE-2019-11637 (An issue was discovered in GNU recutils 1.8. There is a NULL pointer d ...)
	- recutils <unfixed> (unimportant)
	NOTE: Negligible security impact
CVE-2019-11636 (Zcash 2.x allows an inexpensive approach to "fill all transactions of  ...)
	- zcash <itp> (bug #842388)
CVE-2019-11635
	RESERVED
CVE-2019-11634 (Citrix Workspace App before 1904 for Windows has Incorrect Access Cont ...)
	NOT-FOR-US: Citrix Workspace App
CVE-2019-11633 (HoneyPress through 2016-09-27 can be fingerprinted by attackers becaus ...)
	NOT-FOR-US: HoneyPress
CVE-2019-11632 (In Octopus Deploy 2019.1.0 through 2019.3.1 and 2019.4.0 through 2019. ...)
	NOT-FOR-US: Octopus Deploy
CVE-2019-11631
	REJECTED
CVE-2019-11630
	RESERVED
CVE-2019-11629 (Sonatype Nexus Repository Manager 2.x before 2.14.13 allows XSS. ...)
	NOT-FOR-US: Sonatype Nexus Repository Manager
CVE-2019-11628 (An issue was discovered in QlikView Server before 11.20 SR19, 12.00 an ...)
	NOT-FOR-US: Qlik products
CVE-2019-11626 (routers/ajaxRouter.php in doorGets 7.0 has a web site physical path le ...)
	NOT-FOR-US: doorGets
CVE-2019-11625 (doorGets 7.0 has a SQL injection vulnerability in /doorgets/app/reques ...)
	NOT-FOR-US: doorGets
CVE-2019-11624 (doorGets 7.0 has an arbitrary file deletion vulnerability in /doorgets ...)
	NOT-FOR-US: doorGets
CVE-2019-11623 (doorGets 7.0 has a SQL injection vulnerability in /doorgets/app/reques ...)
	NOT-FOR-US: doorGets
CVE-2019-11622 (doorGets 7.0 has a SQL injection vulnerability in /doorgets/app/reques ...)
	NOT-FOR-US: doorGets
CVE-2019-11621 (doorGets 7.0 has a SQL injection vulnerability in /doorgets/app/reques ...)
	NOT-FOR-US: doorGets
CVE-2019-11620 (doorGets 7.0 has a SQL injection vulnerability in /doorgets/app/reques ...)
	NOT-FOR-US: doorGets
CVE-2019-11619 (doorGets 7.0 has a SQL injection vulnerability in /doorgets/app/reques ...)
	NOT-FOR-US: doorGets
CVE-2019-11618 (doorGets 7.0 has a default administrator credential vulnerability. A r ...)
	NOT-FOR-US: doorGets
CVE-2019-11617 (doorGets 7.0 has a CSRF vulnerability in /doorgets/app/requests/user/c ...)
	NOT-FOR-US: doorGets
CVE-2019-11616 (doorGets 7.0 has a sensitive information disclosure vulnerability in / ...)
	NOT-FOR-US: doorGets
CVE-2019-11615 (/fileman/php/upload.php in doorGets 7.0 has an arbitrary file upload v ...)
	NOT-FOR-US: doorGets
CVE-2019-11614 (doorGets 7.0 has a SQL injection vulnerability in /doorgets/app/views/ ...)
	NOT-FOR-US: doorGets
CVE-2019-11613 (doorGets 7.0 has a SQL injection vulnerability in /doorgets/app/views/ ...)
	NOT-FOR-US: doorGets
CVE-2019-11612 (doorGets 7.0 has an arbitrary file deletion vulnerability in /fileman/ ...)
	NOT-FOR-US: doorGets
CVE-2019-11611 (doorGets 7.0 has a sensitive information disclosure vulnerability in / ...)
	NOT-FOR-US: doorGets
CVE-2019-11610 (doorGets 7.0 has a sensitive information disclosure vulnerability in / ...)
	NOT-FOR-US: doorGets
CVE-2019-11609 (doorGets 7.0 has a sensitive information disclosure vulnerability in / ...)
	NOT-FOR-US: doorGets
CVE-2019-11608 (doorGets 7.0 has a sensitive information disclosure vulnerability in / ...)
	NOT-FOR-US: doorGets
CVE-2019-11607 (doorGets 7.0 has a sensitive information disclosure vulnerability in / ...)
	NOT-FOR-US: doorGets
CVE-2019-11606 (doorGets 7.0 has a sensitive information disclosure vulnerability in / ...)
	NOT-FOR-US: doorGets
CVE-2019-11605 (An issue was discovered in GitLab Community and Enterprise Edition 11. ...)
	- gitlab 11.8.10+dfsg-1
	NOTE: https://about.gitlab.com/2019/04/30/security-release-gitlab-11-dot-10-dot-3-released/
CVE-2019-11604 (An issue was discovered in Quest KACE Systems Management Appliance bef ...)
	NOT-FOR-US: Quest KACE Systems Management Appliance
CVE-2019-11603 (A HTTP Traversal Attack in earlier versions than ProSyst mBS SDK 8.2.6 ...)
	NOT-FOR-US: ProSyst mBS SDK and Bosch IoT Gateway Software
CVE-2019-11602 (Leakage of stack traces in remote access to backup &amp; restore in ea ...)
	NOT-FOR-US: ProSyst mBS SDK and Bosch IoT Gateway Software
CVE-2019-11601 (A directory traversal vulnerability in remote access to backup &amp; r ...)
	NOT-FOR-US: ProSyst mBS SDK and Bosch IoT Gateway Software
CVE-2019-11600 (A SQL injection vulnerability in the activities API in OpenProject bef ...)
	NOT-FOR-US: OpenProject
CVE-2019-11627 (gpg-key2ps in signing-party 1.1.x and 2.x before 2.10-1 contains an un ...)
	{DLA-1773-1}
	- signing-party 2.10-1 (bug #928256)
	[stretch] - signing-party 2.5-1+deb9u1
	NOTE: https://salsa.debian.org/signing-party-team/signing-party/commit/cd69b6c0426a6160ef3de03fce9c7f112166d5a8
CVE-2019-11599 (The coredump implementation in the Linux kernel before 5.0.10 does not ...)
	{DSA-4465-1 DLA-1824-1 DLA-1799-1}
	- linux 4.19.37-1
	NOTE: https://marc.info/?l=linux-mm&m=155355419911404&w=2
	NOTE: https://bugs.chromium.org/p/project-zero/issues/detail?id=1790
CVE-2019-11598 (In ImageMagick 7.0.8-40 Q16, there is a heap-based buffer over-read in ...)
	{DLA-1785-1}
	- imagemagick <unfixed> (bug #928206)
	[stretch] - imagemagick <postponed> (Fix along in next DSA)
	NOTE: https://github.com/ImageMagick/ImageMagick/issues/1540
	NOTE: https://github.com/ImageMagick/ImageMagick6/commit/e2a21735e3a3f3930bd431585ec36334c4c2eb77
	NOTE: patch introduces new (potentially security relevant) bugs, see:
	NOTE: https://github.com/ImageMagick/ImageMagick/issues/1540#issuecomment-491504100
	NOTE: https://github.com/ImageMagick/ImageMagick6/commit/dd8efbac0b7fa9dd2da527ea3f629f39bf1c02cb
CVE-2019-11597 (In ImageMagick 7.0.8-43 Q16, there is a heap-based buffer over-read in ...)
	{DLA-1785-1}
	- imagemagick <unfixed> (bug #928207)
	[stretch] - imagemagick <postponed> (Fix along in next DSA)
	NOTE: https://github.com/ImageMagick/ImageMagick/issues/1555
	NOTE: https://github.com/ImageMagick/ImageMagick6/commit/1d6c036f0388d7857c725342f7212b60e39a14c1
	NOTE: https://github.com/ImageMagick/ImageMagick6/commit/c979b348d64a25a04f12ea7fe7888b2b23f230a7
	NOTE: fix appears to be insufficient: https://github.com/ImageMagick/ImageMagick/issues/1560
	NOTE: https://github.com/ImageMagick/ImageMagick6/commit/3c53413eb544cc567309b4c86485eae43e956112
	NOTE: The followup-fix got assigned CVE-2019-15141 (which is only applicable if incomplete
	NOTE: fix is applied). Make sure to fix issue completely when addressing this issue.
CVE-2019-11596 (In memcached before 1.5.14, a NULL pointer dereference was found in th ...)
	- memcached 1.5.6-1.1 (bug #928205)
	[stretch] - memcached <not-affected> (Vulnerable code introduced later)
	[jessie] - memcached <not-affected> (Vulnerable code introduced later)
	NOTE: https://github.com/memcached/memcached/commit/d35334f368817a77a6bd1f33c6a5676b2c402c02
	NOTE: https://github.com/memcached/memcached/issues/474
CVE-2019-11595 (In uBlock before 0.9.5.15, the $rewrite filter option allows filter-li ...)
	NOT-FOR-US: uBlock
CVE-2019-11594 (In AdBlock before 3.45.0, the $rewrite filter option allows filter-lis ...)
	NOT-FOR-US: AdBlock
CVE-2019-11593 (In Adblock Plus before 3.5.2, the $rewrite filter option allows filter ...)
	NOT-FOR-US: AdBlock Plus
CVE-2019-11592 (WeBid 1.2.2 has reflected XSS via the id parameter to admin/deletenews ...)
	NOT-FOR-US: WeBid Auction Script
CVE-2019-11589 (The ChangeSharedFilterOwner resource in Jira before version 7.13.6, fr ...)
	NOT-FOR-US: Atlassian Jira
CVE-2019-11588 (The ViewSystemInfo class doGarbageCollection method in Jira before ver ...)
	NOT-FOR-US: Atlassian Jira
CVE-2019-11587 (Various exposed resources of the ViewLogging class in Jira before vers ...)
	NOT-FOR-US: Atlassian Jira
CVE-2019-11586 (The AddResolution.jspa resource in Jira before version 7.13.6, from ve ...)
	NOT-FOR-US: Atlassian Jira
CVE-2019-11585 (The startup.jsp resource in Jira before version 7.13.6, from version 8 ...)
	NOT-FOR-US: Atlassian Jira
CVE-2019-11584 (The MigratePriorityScheme resource in Jira before version 8.3.2 allows ...)
	NOT-FOR-US: Atlassian Jira
CVE-2019-11583 (The issue searching component in Jira before version 8.1.0 allows remo ...)
	NOT-FOR-US: issue searching component in Jira
CVE-2019-11582 (An argument injection vulnerability in Atlassian Sourcetree for Window ...)
	NOT-FOR-US: Atlassian Sourcetree
CVE-2019-11581 (There was a server-side template injection vulnerability in Jira Serve ...)
	NOT-FOR-US: Atlassian Jira
CVE-2019-11580 (Atlassian Crowd and Crowd Data Center had the pdkinstall development p ...)
	NOT-FOR-US: Atlassian Crowd and Crowd Data Center
CVE-2019-11591 (The WebDorado Contact Form plugin before 1.13.5 for WordPress allows C ...)
	NOT-FOR-US: WordPress plugin contact-form-maker
CVE-2019-11590 (The 10Web Form Maker plugin before 1.13.5 for WordPress allows CSRF vi ...)
	NOT-FOR-US: WordPress plugin form-maker
CVE-2019-11577 (dhcpcd before 7.2.1 contains a buffer overflow in dhcp6_findna in dhcp ...)
	- dhcpcd5 7.1.0-2 (bug #928105)
	[stretch] - dhcpcd5 <not-affected> (Vulnerable code not present)
	[jessie] - dhcpcd5 <not-affected> (Vulnerable code not present)
	NOTE: https://roy.marples.name/git/dhcpcd.git/commit/?id=8d11b33f6c60e2db257130fa383ba76b6018bcf6
CVE-2019-11579 (dhcp.c in dhcpcd before 7.2.1 contains a 1-byte read overflow with DHO ...)
	{DLA-1793-1}
	- dhcpcd5 7.1.0-2 (low; bug #928104)
	[stretch] - dhcpcd5 <no-dsa> (Minor issue)
	NOTE: https://roy.marples.name/git/dhcpcd.git/commit/?id=4b67f6f1038fd4ad5ca7734eaaeba1b2ec4816b8
CVE-2019-11578 (auth.c in dhcpcd before 7.2.1 allowed attackers to infer secrets by pe ...)
	- dhcpcd5 7.1.0-2 (low; bug #928056)
	[stretch] - dhcpcd5 <no-dsa> (Minor issue)
	[jessie] - dhcpcd5 <not-affected> (Authentication code added in later versions)
	NOTE: https://roy.marples.name/git/dhcpcd.git/commit/?id=7121040790b611ca3fbc400a1bbcd4364ef57233
	NOTE: https://roy.marples.name/git/dhcpcd.git/commit/?id=cfde89ab66cb4e5957b1c4b68ad6a9449e2784da
	NOTE: https://roy.marples.name/git/dhcpcd.git/commit/?id=aee631aadeef4283c8a749c1caf77823304acf5e
CVE-2019-11576 (Gitea before 1.8.0 allows 1FA for user accounts that have completed 2F ...)
	- gitea <removed>
CVE-2019-11575
	RESERVED
CVE-2019-11574 (An issue was discovered in Simple Machines Forum (SMF) before release  ...)
	NOT-FOR-US: Simple Machines Forum
CVE-2019-11573
	RESERVED
CVE-2019-11572
	RESERVED
CVE-2019-11571
	RESERVED
CVE-2019-11570
	RESERVED
CVE-2019-11569 (Veeam ONE Reporter 9.5.0.3201 allows CSRF. ...)
	NOT-FOR-US: Veeam ONE Reporter
CVE-2019-11568 (An issue was discovered in AikCms v2.0. There is a File upload vulnera ...)
	NOT-FOR-US: AikCms
CVE-2019-11567 (An issue was discovered in AikCms v2.0. There is a SQL Injection vulne ...)
	NOT-FOR-US: AikCms
CVE-2019-11566
	RESERVED
CVE-2019-11565 (Server Side Request Forgery (SSRF) exists in the Print My Blog plugin  ...)
	NOT-FOR-US: Print My Blog plugin for WordPress
CVE-2019-11564 (A cross-site scripting (XSS) vulnerability in HumHub 1.3.12 allows rem ...)
	NOT-FOR-US: HumHub
CVE-2019-11563
	REJECTED
CVE-2019-11562
	RESERVED
CVE-2019-11561 (The Chuango 433 MHz burglar-alarm product line is vulnerable to a Deni ...)
	NOT-FOR-US: Chuango
CVE-2019-11560 (A buffer overflow vulnerability in the streaming server provided by hi ...)
	NOT-FOR-US: hisilicon
CVE-2019-11559 (A reflected Cross-site scripting (XSS) vulnerability in HRworks V 1.16 ...)
	NOT-FOR-US: HRworks
CVE-2019-11558
	RESERVED
CVE-2019-11557 (The WebDorado Contact Form Builder plugin before 1.0.69 for WordPress  ...)
	NOT-FOR-US: WebDorado Contact Form Builder plugi for WordPress
CVE-2019-11556
	RESERVED
CVE-2019-11554 (The Audible application through 2.34.0 for Android has Missing SSL Cer ...)
	NOT-FOR-US: Audible application for Android
CVE-2019-11553 (In Code42 for Enterprise through 6.8.4, an administrator without web r ...)
	NOT-FOR-US: Code42 for Enterprise
CVE-2019-11552 (Code42 Enterprise and Crashplan for Small Business Client version 6.7  ...)
	NOT-FOR-US: Code42
CVE-2019-11551 (In Code42 Enterprise and Crashplan for Small Business through Client v ...)
	NOT-FOR-US: Code42 Enterprise and Crashplan for Small Business
CVE-2019-11550 (Citrix SD-WAN 10.2.x before 10.2.1 and NetScaler SD-WAN 10.0.x before  ...)
	NOT-FOR-US: Citrix
CVE-2019-11549 (An issue was discovered in GitLab Community and Enterprise Edition 9.x ...)
	- gitlab 11.8.9+dfsg-1 (bug #928221)
	NOTE: https://about.gitlab.com/2019/04/29/security-release-gitlab-11-dot-10-dot-2-released/
CVE-2019-11548 (An issue was discovered in GitLab Community and Enterprise Edition bef ...)
	- gitlab 11.8.9+dfsg-1 (bug #928221)
	NOTE: https://about.gitlab.com/2019/04/29/security-release-gitlab-11-dot-10-dot-2-released/
CVE-2019-11547 (An issue was discovered in GitLab Community and Enterprise Edition bef ...)
	- gitlab 11.8.9+dfsg-1 (bug #928221)
	NOTE: https://about.gitlab.com/2019/04/29/security-release-gitlab-11-dot-10-dot-2-released/
CVE-2019-11546 (An issue was discovered in GitLab Community and Enterprise Edition bef ...)
	- gitlab 11.8.9+dfsg-1 (bug #928221)
	NOTE: https://about.gitlab.com/2019/04/29/security-release-gitlab-11-dot-10-dot-2-released/
CVE-2019-11545 (An issue was discovered in GitLab Community Edition 11.9.x before 11.9 ...)
	- gitlab <not-affected> (Vulnerable code introduced in 11.9)
	NOTE: https://about.gitlab.com/2019/04/29/security-release-gitlab-11-dot-10-dot-2-released/
CVE-2019-11544 (An issue was discovered in GitLab Community and Enterprise Edition 8.x ...)
	- gitlab 11.8.9+dfsg-1 (bug #928221)
	NOTE: https://about.gitlab.com/2019/04/29/security-release-gitlab-11-dot-10-dot-2-released/
CVE-2019-11543 (XSS exists in the admin web console in Pulse Secure Pulse Connect Secu ...)
	NOT-FOR-US: Pulse Secure Pulse Connect Secure
CVE-2019-11542 (In Pulse Secure Pulse Connect Secure version 9.0RX before 9.0R3.4, 8.3 ...)
	NOT-FOR-US: Pulse Secure Pulse Connect Secure
CVE-2019-11541 (In Pulse Secure Pulse Connect Secure version 9.0RX before 9.0R3.4, 8.3 ...)
	NOT-FOR-US: Pulse Secure Pulse Connect Secure
CVE-2019-11540 (In Pulse Secure Pulse Connect Secure version 9.0RX before 9.0R3.4 and  ...)
	NOT-FOR-US: Pulse Secure Pulse Connect Secure
CVE-2019-11539 (In Pulse Secure Pulse Connect Secure version 9.0RX before 9.0R3.4, 8.3 ...)
	NOT-FOR-US: Pulse Secure Pulse Connect Secure
CVE-2019-11538 (In Pulse Secure Pulse Connect Secure version 9.0RX before 9.0R3.4, 8.3 ...)
	NOT-FOR-US: Pulse Secure Pulse Connect Secure
CVE-2019-11537 (In osTicket before 1.12, XSS exists via /upload/file.php, /upload/scp/ ...)
	NOT-FOR-US: osTicket
CVE-2019-11536 (Kalki Kalkitech SYNC3000 Substation DCU GPC v2.22.6, 2.23.0, 2.24.0, 3 ...)
	NOT-FOR-US: Kalki Kalkitech
CVE-2019-11535 (Unsanitized user input in the web interface for Linksys WiFi extender  ...)
	NOT-FOR-US: Linksys
CVE-2019-11534
	RESERVED
CVE-2019-11533 (Cross-site scripting (XSS) vulnerability in ProjectSend before r1070 a ...)
	NOT-FOR-US: ProjectSend
CVE-2019-11532
	RESERVED
CVE-2019-11531
	RESERVED
CVE-2019-11530
	RESERVED
CVE-2019-11529
	RESERVED
CVE-2019-11528 (An issue was discovered in Softing uaGate SI 1.60.01. A system default ...)
	NOT-FOR-US: Softing uaGate
CVE-2019-11527 (An issue was discovered in Softing uaGate SI 1.60.01. A CGI script is  ...)
	NOT-FOR-US: Softing uaGate
CVE-2019-11526 (An issue was discovered in Softing uaGate SI 1.60.01. A maintenance sc ...)
	NOT-FOR-US: Softing uaGate
CVE-2019-11525
	RESERVED
CVE-2019-11524
	RESERVED
CVE-2019-11523 (Anviz Global M3 Outdoor RFID Access Control executes any command recei ...)
	NOT-FOR-US: Anviz Global M3 Outdoor RFID Access Control
CVE-2019-11522 (OX App Suite 7.10.0 to 7.10.2 allows XSS. ...)
	NOT-FOR-US: OX App Suite
CVE-2019-11521 (OX App Suite 7.10.1 allows Content Spoofing. ...)
	NOT-FOR-US: OX App Suite
CVE-2019-11520
	RESERVED
CVE-2019-11519 (Libraries/Nop.Services/Localization/LocalizationService.cs in nopComme ...)
	NOT-FOR-US: nopCommerce
CVE-2019-11518 (An issue was discovered in SEMCMS 3.8. SEMCMS_Inquiry.php allows AID[] ...)
	NOT-FOR-US: SEMCMS
CVE-2019-11517 (WampServer before 3.1.9 has CSRF in add_vhost.php because the synchron ...)
	NOT-FOR-US: WampServer
CVE-2019-11516 (An issue was discovered in the Bluetooth component of the Cypress (for ...)
	NOT-FOR-US: Cypress
CVE-2019-11515 (core/classes/db_backup.php in Gila CMS 1.10.1 allows admin/db_backup?d ...)
	NOT-FOR-US: Gila CMS
CVE-2019-11514 (User/Command/ConfirmEmailHandler.php in Flarum before 0.1.0-beta.8 mis ...)
	NOT-FOR-US: Flarum
CVE-2019-11513 (The File Manager in CMS Made Simple through 2.2.10 has Reflected XSS v ...)
	NOT-FOR-US: CMS Made Simple
CVE-2019-11512 (Contao 4.x allows SQL Injection. Fixed in Contao 4.4.39 and Contao 4.7 ...)
	NOT-FOR-US: Contao
CVE-2019-11511 (Zoho ManageEngine ADSelfService Plus before build 5708 has XSS via the ...)
	NOT-FOR-US: Zoho ManageEngine ADSelfService Plus
CVE-2019-11510 (In Pulse Secure Pulse Connect Secure (PCS) 8.2 before 8.2R12.1, 8.3 be ...)
	NOT-FOR-US: Pulse Secure Pulse Connect Secure
CVE-2019-11509 (In Pulse Secure Pulse Connect Secure (PCS) before 8.1R15.1, 8.2 before ...)
	NOT-FOR-US: Pulse Secure Pulse Connect Secure
CVE-2019-11508 (In Pulse Secure Pulse Connect Secure (PCS) before 8.1R15.1, 8.2 before ...)
	NOT-FOR-US: Pulse Secure Pulse Connect Secure
CVE-2019-11507 (In Pulse Secure Pulse Connect Secure (PCS) 8.3.x before 8.3R7.1 and 9. ...)
	NOT-FOR-US: Pulse Secure Pulse Connect Secure
CVE-2019-11506 (In GraphicsMagick from version 1.3.30 to 1.4 snapshot-20190403 Q8, the ...)
	{DLA-1795-1}
	- graphicsmagick 1.4~hg15968-1
	[stretch] - graphicsmagick 1.3.30+hg15796-1~deb9u3
	NOTE: http://hg.graphicsmagick.org/hg/GraphicsMagick/rev/57ac0ae85e2a
	NOTE: https://sourceforge.net/p/graphicsmagick/bugs/604/
CVE-2019-11505 (In GraphicsMagick from version 1.3.8 to 1.4 snapshot-20190403 Q8, ther ...)
	{DLA-1795-1}
	- graphicsmagick 1.4~hg15968-1
	[stretch] - graphicsmagick 1.3.30+hg15796-1~deb9u3
	NOTE: http://hg.graphicsmagick.org/hg/GraphicsMagick/rev/85f5bdcd246a
	NOTE: https://sourceforge.net/p/graphicsmagick/bugs/605/
CVE-2019-11504 (Zotonic before version 0.47 has mod_admin XSS. ...)
	NOT-FOR-US: Zotonic
CVE-2019-11503 (snap-confine as included in snapd before 2.39 did not guard against sy ...)
	- snapd 2.40-1 (low; bug #928052)
	[buster] - snapd <no-dsa> (Minor issue)
	[stretch] - snapd <no-dsa> (Minor issue)
	NOTE: https://github.com/snapcore/snapd/pull/6642
CVE-2019-11502 (snap-confine in snapd before 2.38 incorrectly set the ownership of a s ...)
	- snapd 2.40-1 (low; bug #928052)
	[buster] - snapd <no-dsa> (Minor issue)
	[stretch] - snapd <no-dsa> (Minor issue)
	NOTE: https://github.com/snapcore/snapd/commit/bdbfeebef03245176ae0dc323392bb0522a339b1
CVE-2019-11501
	RESERVED
CVE-2019-11500 (In Dovecot before 2.2.36.4 and 2.3.x before 2.3.7.2 (and Pigeonhole be ...)
	{DSA-4510-1 DLA-1901-1}
	- dovecot 1:2.3.7.2-1 (bug #936014)
	NOTE: https://dovecot.org/pipermail/dovecot-news/2019-August/000418.html
	NOTE: core: https://github.com/dovecot/core/commit/85fcb895ca7f0bcb8ee72047fe0e1e78532ff90b
	NOTE: core: https://github.com/dovecot/core/commit/f904cbdfec25582bc5e2a7435bf82ff769f2526a
	NOTE: pigeonhole: https://github.com/dovecot/pigeonhole/commit/7ce9990a5e6ba59e89b7fe1c07f574279aed922c
	NOTE: pigeonhole: https://github.com/dovecot/pigeonhole/commit/4a299840cdb51f61f8d1ebc0210b19c40dfbc1cc
CVE-2019-11499 (In the IMAP Server in Dovecot 2.3.3 through 2.3.5.2, the submission-lo ...)
	- dovecot 1:2.3.4.1-5 (bug #928235)
	[stretch] - dovecot <not-affected> (Vulnerable code not present, introduced in 2.3)
	[jessie] - dovecot <not-affected> (Vulnerable code not present, introduced in 2.3)
	NOTE: https://dovecot.org/pipermail/dovecot/2019-April/115758.html
CVE-2019-11498 (WavpackSetConfiguration64 in pack_utils.c in libwavpack.a in WavPack t ...)
	- wavpack 5.1.0-6 (low; bug #927903)
	[stretch] - wavpack <no-dsa> (Minor issue)
	[jessie] - wavpack <not-affected> (Vulnerable code not present, introduced in 5.0.0)
	NOTE: https://github.com/dbry/WavPack/issues/67
	NOTE: https://github.com/dbry/WavPack/commit/bc6cba3f552c44565f7f1e66dc1580189addb2b4
CVE-2019-11497 (In Couchbase Server 5.0.0, when an invalid Remote Cluster Certificate  ...)
	NOT-FOR-US: Couchbase
CVE-2019-11496 (In versions of Couchbase Server prior to 5.0, the bucket named "defaul ...)
	NOT-FOR-US: Couchbase
CVE-2019-11495 (In Couchbase Server 5.1.1, the cookie used for intra-node communicatio ...)
	NOT-FOR-US: Couchbase
CVE-2019-11494 (In the IMAP Server in Dovecot 2.3.3 through 2.3.5.2, the submission-lo ...)
	- dovecot 1:2.3.4.1-5 (bug #928235)
	[stretch] - dovecot <not-affected> (Vulnerable code not present, introduced in 2.3)
	[jessie] - dovecot <not-affected> (Vulnerable code not present, introduced in 2.3)
	NOTE: https://dovecot.org/pipermail/dovecot/2019-April/115757.html
CVE-2019-11493 (VeryPDF 4.1 has a Memory Overflow leading to Code Execution because pd ...)
	NOT-FOR-US: VeryPDF
CVE-2019-11492 (ProjectSend before r1070 writes user passwords to the server logs. ...)
	NOT-FOR-US: ProjectSend
CVE-2019-11491
	RESERVED
CVE-2019-11490 (An issue was discovered in Npcap 0.992. Sending a malformed .pcap file ...)
	NOT-FOR-US: Npcap
CVE-2019-11489 (Incorrect Access Control in the Administrative Management Interface in ...)
	NOT-FOR-US: SimplyBook.me Enterprise
CVE-2019-11488 (Incorrect Access Control in the Account Access / Password Reset Link i ...)
	NOT-FOR-US: SimplyBook.me Enterprise
CVE-2019-11487 (The Linux kernel before 5.1-rc5 allows page-&gt;_refcount reference co ...)
	{DLA-1919-1}
	- linux 4.19.37-1
	[stretch] - linux 4.9.184-1
	[jessie] - linux <ignored> (Minor issue and high risk of regression)
	NOTE: https://bugs.chromium.org/p/project-zero/issues/detail?id=1752
	NOTE: https://lwn.net/Articles/786044/
CVE-2019-11486 (The Siemens R3964 line discipline driver in drivers/tty/n_r3964.c in t ...)
	{DSA-4465-1 DLA-1824-1 DLA-1799-1}
	- linux 4.19.37-1
	NOTE: https://git.kernel.org/linus/c7084edc3f6d67750f50d4183134c4fb5712a5c8
	NOTE: Upstream commits marks driver as BROKEN and can be considered fixed starting
	NOTE: from versions including this commit (or backport) or versions which disable
	NOTE: CONFIG_R3964 already.
CVE-2019-11485 (Sander Bos discovered Apport's lock file was in a world-writable direc ...)
	NOT-FOR-US: Apport
CVE-2019-11484 (Kevin Backhouse discovered an integer overflow in bson_ensure_space, a ...)
	NOT-FOR-US: whoopsie
CVE-2019-11483 (Sander Bos discovered Apport mishandled crash dumps originating from c ...)
	NOT-FOR-US: Apport
CVE-2019-11482 (Sander Bos discovered a time of check to time of use (TOCTTOU) vulnera ...)
	NOT-FOR-US: Apport
CVE-2019-11481 (Kevin Backhouse discovered that apport would read a user-supplied conf ...)
	NOT-FOR-US: Apport
CVE-2019-11480
	RESERVED
CVE-2019-11479 (Jonathan Looney discovered that the Linux kernel default MSS is hard-c ...)
	{DSA-4465-1 DLA-1824-1 DLA-1823-1}
	- linux 4.19.37-4
CVE-2019-11478 (Jonathan Looney discovered that the TCP retransmission queue implement ...)
	{DSA-4465-1 DLA-1824-1 DLA-1823-1}
	- linux 4.19.37-4
CVE-2019-11477 (Jonathan Looney discovered that the TCP_SKB_CB(skb)-&gt;tcp_gso_segs v ...)
	{DSA-4465-1 DLA-1824-1 DLA-1823-1}
	- linux 4.19.37-4
CVE-2019-11476 (An integer overflow in whoopsie before versions 0.2.52.5ubuntu0.1, 0.2 ...)
	NOT-FOR-US: whoopsie
CVE-2019-11475
	RESERVED
CVE-2019-11474 (coders/xwd.c in GraphicsMagick 1.3.31 allows attackers to cause a deni ...)
	{DLA-1795-1}
	- graphicsmagick 1.4~hg15976-1
	[stretch] - graphicsmagick 1.3.30+hg15796-1~deb9u3
	NOTE: http://hg.graphicsmagick.org/hg/GraphicsMagick/rev/5402c5cbd8bd
	NOTE: http://hg.graphicsmagick.org/hg/GraphicsMagick/rev/944dcbc457f8
	NOTE: http://hg.graphicsmagick.org/hg/GraphicsMagick/rev/53d4a99c6dad
CVE-2019-11473 (coders/xwd.c in GraphicsMagick 1.3.31 allows attackers to cause a deni ...)
	{DLA-1795-1}
	- graphicsmagick 1.4~hg15976-1
	[stretch] - graphicsmagick 1.3.30+hg15796-1~deb9u3
	NOTE: http://hg.graphicsmagick.org/hg/GraphicsMagick/rev/5402c5cbd8bd
	NOTE: http://hg.graphicsmagick.org/hg/GraphicsMagick/rev/944dcbc457f8
	NOTE: http://hg.graphicsmagick.org/hg/GraphicsMagick/rev/53d4a99c6dad
CVE-2019-11472 (ReadXWDImage in coders/xwd.c in the XWD image parsing component of Ima ...)
	- imagemagick <unfixed> (low; bug #927828)
	[buster] - imagemagick <ignored> (Minor issue)
	[stretch] - imagemagick <ignored> (Minor issue)
	[jessie] - imagemagick <ignored> (Minor issue)
	NOTE: https://github.com/ImageMagick/ImageMagick/issues/1546
	NOTE: https://github.com/ImageMagick/ImageMagick6/commit/f663dfb8431c97d95682a2b533cca1c8233d21b4
CVE-2019-11471 (libheif 1.4.0 has a use-after-free in heif::HeifContext::Image::set_al ...)
	- libheif 1.3.2-2 (bug #928210)
	[buster] - libheif 1.3.2-2~deb10u1
	NOTE: https://github.com/strukturag/libheif/commit/995a4283d8ed2d0d2c1ceb1a577b993df2f0e014
	NOTE: https://github.com/strukturag/libheif/issues/123
CVE-2019-11470 (The cineon parsing component in ImageMagick 7.0.8-26 Q16 allows attack ...)
	{DLA-1968-1}
	- imagemagick <unfixed> (low; bug #927830)
	[buster] - imagemagick <ignored> (Minor issue)
	[stretch] - imagemagick <ignored> (Minor issue)
	NOTE: https://github.com/ImageMagick/ImageMagick/issues/1472
	NOTE: https://github.com/ImageMagick/ImageMagick6/commit/a0473b29add9521ffd4c74f6f623b418811762b0
CVE-2019-11469 (Zoho ManageEngine Applications Manager 12 through 14 allows FaultTempl ...)
	NOT-FOR-US: Zoho ManageEngine Applications Manager
CVE-2019-11468
	RESERVED
CVE-2019-11467 (In Couchbase Server 4.6.3 and 5.5.0, secondary indexing encodes the en ...)
	NOT-FOR-US: Couchbase
CVE-2019-11466 (In Couchbase Server 6.0.0 and 5.5.0, the eventing service exposes syst ...)
	NOT-FOR-US: Couchbase
CVE-2019-11465 (An issue was discovered in Couchbase Server 5.5.x through 5.5.3 and 6. ...)
	NOT-FOR-US: Couchbase
CVE-2019-11464 (Some enterprises require that REST API endpoints include security-rela ...)
	NOT-FOR-US: Couchbase
CVE-2019-11463 (A memory leak in archive_read_format_zip_cleanup in archive_read_suppo ...)
	- libarchive <not-affected> (Vulnerable code not present)
	NOTE: Introduced in https://github.com/libarchive/libarchive/commit/121035c83e18b70d3128e9ac966109ebedb7e516
	NOTE: Fix: https://github.com/libarchive/libarchive/commit/ba641f73f3d758d9032b3f0e5597a9c6e593a505
CVE-2019-11462
	RESERVED
CVE-2019-11461 (An issue was discovered in GNOME Nautilus 3.30 prior to 3.30.6 and 3.3 ...)
	- nautilus 3.30.5-2 (bug #928054)
	[stretch] - nautilus <not-affected> (Vulnerable embedded gnome-desktop thumbnail script introduced later)
	[jessie] - nautilus <not-affected> (Vulnerable embedded gnome-desktop thumbnail script introduced later)
	NOTE: https://gitlab.gnome.org/GNOME/nautilus/issues/987
	NOTE: https://gitlab.gnome.org/GNOME/nautilus/commit/2ddba428ef2b13d0620bd599c3635b9c11044659
CVE-2019-11460 (An issue was discovered in GNOME gnome-desktop 3.26, 3.28, and 3.30 pr ...)
	[experimental] - gnome-desktop3 3.32.2-1
	- gnome-desktop3 3.30.2.1-2 (low; bug #928732)
	[buster] - gnome-desktop3 <no-dsa> (Minor issue)
	[stretch] - gnome-desktop3 <not-affected> (Vulnerable embedded gnome-desktop thumbnail script introduced later)
	[jessie] - gnome-desktop3 <not-affected> (Vulnerable embedded gnome-desktop thumbnail script introduced later)
	NOTE: https://gitlab.gnome.org/GNOME/gnome-desktop/issues/112
CVE-2019-11459 (The tiff_document_render() and tiff_document_get_thumbnail() functions ...)
	{DSA-4624-1 DLA-1882-1 DLA-1881-1}
	- atril 1.22.3-1 (unimportant; bug #927821)
	[buster] - atril 1.20.3-1+deb10u1
	- evince 3.32.0-3 (unimportant; bug #927820)
	[buster] - evince 3.30.2-3+deb10u1
	NOTE: https://gitlab.gnome.org/GNOME/evince/issues/1129
	NOTE: Fixed by: https://gitlab.gnome.org/GNOME/evince/commit/3e38d5ad724a042eebadcba8c2d57b0f48b7a8c7
	NOTE: Negligible security impact
CVE-2019-11458 (An issue was discovered in SmtpTransport in CakePHP 3.7.6. An unserial ...)
	- cakephp <not-affected> (Vulnerable code introduced in 3.0.0)
	NOTE: https://github.com/cakephp/cakephp/commit/1a74e798309192a9895c9cedabd714ceee345f4e
	NOTE: https://github.com/cakephp/cakephp/pull/13153
CVE-2019-11457 (Multiple CSRF issues exist in MicroPyramid Django CRM 0.2.1 via /chang ...)
	NOT-FOR-US: MicroPyramid Django CRM
CVE-2019-11456 (Gila CMS 1.10.1 allows fm/save CSRF for executing arbitrary PHP code. ...)
	NOT-FOR-US: Gila CMS
CVE-2019-11455 (A buffer over-read in Util_urlDecode in util.c in Tildeslash Monit bef ...)
	{DLA-1767-1}
	- monit 1:5.25.3-1 (bug #927775)
	[stretch] - monit <no-dsa> (Minor issue)
	NOTE: https://bitbucket.org/tildeslash/monit/commits/f12d0cdb42d4e74dffe1525d4062c815c48ac57a
CVE-2019-11454 (Persistent cross-site scripting (XSS) in http/cervlet.c in Tildeslash  ...)
	{DLA-1767-1}
	- monit 1:5.25.3-1 (bug #927775)
	[stretch] - monit <no-dsa> (Minor issue)
	NOTE: https://bitbucket.org/tildeslash/monit/commits/1a8295eab6815072a18019b668fe084945b751f3
	NOTE: https://bitbucket.org/tildeslash/monit/commits/328f60773057641c4b2075fab9820145e95b728c
CVE-2019-11453
	RESERVED
CVE-2019-11452 (whatsns 4.0 allows index.php?admin_category/remove.html cid[] SQL inje ...)
	NOT-FOR-US: whatsns
CVE-2019-11451 (whatsns 4.0 allows index.php?inform/add.html qid SQL injection. ...)
	NOT-FOR-US: whatsns
CVE-2019-11450 (whatsns 4.0 allows index.php?question/ajaxadd.html title SQL injection ...)
	NOT-FOR-US: whatsns
CVE-2019-11449 (I, Librarian 4.10 has XSS via the notes.php notes parameter. ...)
	- i-librarian <itp> (bug #649291)
CVE-2019-11448 (An issue was discovered in Zoho ManageEngine Applications Manager 11.0 ...)
	NOT-FOR-US: Zoho ManageEngine Applications Manager
CVE-2019-11447 (An issue was discovered in CutePHP CuteNews 2.1.2. An attacker can inf ...)
	NOT-FOR-US: CuteNews
CVE-2019-11446 (An issue was discovered in ATutor through 2.2.4. It allows the user to ...)
	NOT-FOR-US: ATutor
CVE-2019-11445 (OpenKM 6.3.2 through 6.3.7 allows an attacker to upload a malicious JS ...)
	NOT-FOR-US: OpenKM
CVE-2019-11444 (** DISPUTED ** An issue was discovered in Liferay Portal CE 7.1.2 GA3. ...)
	NOT-FOR-US: Liferay Portal CE
CVE-2019-11443
	RESERVED
CVE-2019-11442
	RESERVED
CVE-2019-11441
	RESERVED
CVE-2019-11440
	RESERVED
CVE-2019-11439
	RESERVED
CVE-2019-11438
	RESERVED
CVE-2019-11437
	RESERVED
CVE-2019-11436
	RESERVED
CVE-2019-11435
	RESERVED
CVE-2019-11434
	RESERVED
CVE-2019-11433
	RESERVED
CVE-2019-11432
	RESERVED
CVE-2019-11431
	RESERVED
CVE-2019-11430
	RESERVED
CVE-2019-11429 (CentOS-WebPanel.com (aka CWP) CentOS Web Panel 0.9.8.793 (Free/Open So ...)
	NOT-FOR-US: CentOS-WebPanel.com
CVE-2019-11428 (I, Librarian 4.10 has XSS via the export.php export_files parameter. ...)
	- i-librarian <itp> (bug #649291)
CVE-2019-11427 (An XSS issue was discovered in app/search/search.app.php in idreamsoft ...)
	NOT-FOR-US: idreamsoft iCMS
CVE-2019-11426 (An XSS issue was discovered in app/admincp/template/admincp.header.php ...)
	NOT-FOR-US: idreamsoft iCMS
CVE-2019-11425
	RESERVED
CVE-2019-11424
	RESERVED
CVE-2019-11423
	RESERVED
CVE-2019-11422
	RESERVED
CVE-2019-11421
	RESERVED
CVE-2019-11420
	RESERVED
CVE-2019-11419 (vcodec2_hls_filter in libvoipCodec_v7a.so in the WeChat application th ...)
	NOT-FOR-US: WeChat
CVE-2019-11418 (apply.cgi on the TRENDnet TEW-632BRP 1.010B32 router has a buffer over ...)
	NOT-FOR-US: TRENDnet router
CVE-2019-11417 (system.cgi on TRENDnet TV-IP110WN cameras has a buffer overflow caused ...)
	NOT-FOR-US: TRENDnet cameras
CVE-2019-11416 (A CSRF issue was discovered on Intelbras IWR 3000N 1.5.0 devices, lead ...)
	NOT-FOR-US: Intelbras IWR 3000N 1.5.0 devices
CVE-2019-11415 (An issue was discovered on Intelbras IWR 3000N 1.5.0 devices. A malfor ...)
	NOT-FOR-US: Intelbras IWR 3000N 1.5.0 devices
CVE-2019-11414 (An issue was discovered on Intelbras IWR 3000N 1.5.0 devices. When the ...)
	NOT-FOR-US: Intelbras IWR 3000N 1.5.0 devices
CVE-2019-11413 (An issue was discovered in Artifex MuJS 1.0.5. It has unlimited recurs ...)
	NOT-FOR-US: MuJS
CVE-2019-11412 (An issue was discovered in Artifex MuJS 1.0.5. jscompile.c can cause a ...)
	NOT-FOR-US: MuJS
CVE-2019-11411 (An issue was discovered in Artifex MuJS 1.0.5. The Number#toFixed() an ...)
	NOT-FOR-US: MuJS
CVE-2019-11410 (app/backup/index.php in the Backup Module in FusionPBX 4.4.3 suffers f ...)
	NOT-FOR-US: FreePBX
CVE-2019-11409 (app/operator_panel/exec.php in the Operator Panel module in FusionPBX  ...)
	NOT-FOR-US: FreePBX
CVE-2019-11408 (XSS in app/operator_panel/index_inc.php in the Operator Panel module i ...)
	NOT-FOR-US: FusionPBX
CVE-2019-11407 (app/operator_panel/index_inc.php in the Operator Panel module in Fusio ...)
	NOT-FOR-US: FusionPBX
CVE-2019-11406 (Subrion CMS 4.2.1 allows _core/en/contacts/ XSS via the name, email, o ...)
	NOT-FOR-US: Subrion CMS
CVE-2019-11405 (OpenAPI Tools OpenAPI Generator before 4.0.0-20190419.052012-560 uses  ...)
	NOT-FOR-US: OpenAPI Tools OpenAPI Generator
CVE-2019-11404 (arrow-kt Arrow before 0.9.0 resolved Gradle build artifacts (for compi ...)
	NOT-FOR-US: arrow-kt Arrow
CVE-2019-11403 (In Gradle Enterprise before 2018.5.2, Build Cache Nodes would reflect  ...)
	NOT-FOR-US: Gradle Enterprise
CVE-2019-11402 (In Gradle Enterprise before 2018.5.3, Build Cache Nodes did not store  ...)
	NOT-FOR-US: Gradle Enterprise
CVE-2019-11401 (A issue was discovered in SiteServer CMS 6.9.0. It allows remote attac ...)
	NOT-FOR-US: SiteServer CMS
CVE-2019-11400 (An issue was discovered on TRENDnet TEW-651BR 2.04B1, TEW-652BRP 3.04b ...)
	NOT-FOR-US: TRENDnet
CVE-2019-11399 (An issue was discovered on TRENDnet TEW-651BR 2.04B1, TEW-652BRP 3.04b ...)
	NOT-FOR-US: TRENDnet
CVE-2019-11398 (Multiple cross-site scripting (XSS) vulnerabilities in UliCMS 2019.2 a ...)
	NOT-FOR-US: UliCMS
CVE-2019-11397 (GetFile.aspx in Rapid4 RapidFlows Enterprise Application Builder 4.5M. ...)
	NOT-FOR-US: Rapid4
CVE-2019-11396 (An issue was discovered in Avira Free Security Suite 10. The permissiv ...)
	NOT-FOR-US: Avira Free Security Suite
CVE-2019-11395 (A buffer overflow in MailCarrier 2.51 allows remote attackers to execu ...)
	NOT-FOR-US: MailCarrier
CVE-2019-11394
	RESERVED
CVE-2019-11393 (An issue was discovered in /admin/users/update in M/Monit before 3.7.3 ...)
	NOT-FOR-US: M/Monit
CVE-2019-11392 (BlogEngine.NET 3.3.7 and earlier allows XXE via an apml file to syndic ...)
	NOT-FOR-US: BlogEngine.NET
CVE-2019-11391 (** DISPUTED ** An issue was discovered in OWASP ModSecurity Core Rule  ...)
	- modsecurity-crs <unfixed> (unimportant; bug #928053)
	NOTE: https://github.com/SpiderLabs/owasp-modsecurity-crs/issues/1357
	NOTE: Negligible security impact, doesn't affect the CRS rule set as used
	NOTE: by libapache2-mod-security2, only affects libmodsecurity3 in non-standard settings
CVE-2019-11390 (** DISPUTED ** An issue was discovered in OWASP ModSecurity Core Rule  ...)
	- modsecurity-crs <unfixed> (unimportant; bug #928053)
	NOTE: https://github.com/SpiderLabs/owasp-modsecurity-crs/issues/1358
	NOTE: Negligible security impact, doesn't affect the CRS rule set as used
	NOTE: by libapache2-mod-security2, only affects libmodsecurity3 in non-standard settings
CVE-2019-11389 (** DISPUTED ** An issue was discovered in OWASP ModSecurity Core Rule  ...)
	- modsecurity-crs <unfixed> (unimportant; bug #928053)
	NOTE: https://github.com/SpiderLabs/owasp-modsecurity-crs/issues/1356
	NOTE: Negligible security impact, doesn't affect the CRS rule set as used
	NOTE: by libapache2-mod-security2, only affects libmodsecurity3 in non-standard settings
CVE-2019-11388 (** DISPUTED ** An issue was discovered in OWASP ModSecurity Core Rule  ...)
	- modsecurity-crs <unfixed> (unimportant; bug #928053)
	NOTE: https://github.com/SpiderLabs/owasp-modsecurity-crs/issues/1354
	NOTE: Negligible security impact, doesn't affect the CRS rule set as used
	NOTE: by libapache2-mod-security2, only affects libmodsecurity3 in non-standard settings
CVE-2019-11387 (An issue was discovered in OWASP ModSecurity Core Rule Set (CRS) throu ...)
	- modsecurity-crs 3.1.1-1 (unimportant; bug #928053)
	NOTE: https://github.com/SpiderLabs/owasp-modsecurity-crs/issues/1359
	NOTE: Negligible security impact, doesn't affect the CRS rule set as used
	NOTE: by libapache2-mod-security2, only affects libmodsecurity3 in non-standard settings
CVE-2019-11386
	RESERVED
CVE-2019-11385
	RESERVED
CVE-2019-11384 (The Zalora application 6.15.1 for Android stores confidential informat ...)
	NOT-FOR-US: Zalora application for Android
CVE-2019-11383 (An issue was discovered in the Medha WiFi FTP Server application 1.8.3 ...)
	NOT-FOR-US: Medha WiFi FTP Server application for Android
CVE-2019-11382
	RESERVED
CVE-2019-11381
	RESERVED
CVE-2019-11380 (The master-password feature in the ES File Explorer File Manager appli ...)
	NOT-FOR-US: ES File Explorer File Manager application for Android
CVE-2019-11379
	RESERVED
CVE-2019-11378 (An issue was discovered in ProjectSend r1053. upload-process-form.php  ...)
	NOT-FOR-US: ProjectSend
CVE-2019-11377 (wcms/wex/finder/action.php in WCMS v0.3.2 has a Arbitrary File Upload  ...)
	NOT-FOR-US: WCMS
CVE-2019-11376 (** DISPUTED ** SOY CMS v3.0.2 allows remote attackers to execute arbit ...)
	NOT-FOR-US: SOY CMS
CVE-2019-11375 (Msvod v10 has a CSRF vulnerability to change user information via the  ...)
	NOT-FOR-US: Msvod
CVE-2019-11374 (74CMS v5.0.1 has a CSRF vulnerability to add a new admin user via the  ...)
	NOT-FOR-US: 74CMS
CVE-2019-11373 (An out-of-bounds read in File__Analyze::Get_L8 in File__Analyze_Buffer ...)
	[experimental] - libmediainfo 19.04+dfsg-1
	- libmediainfo 18.12-2 (low; bug #927672)
	[stretch] - libmediainfo <no-dsa> (Minor issue)
	[jessie] - libmediainfo <no-dsa> (Minor issue)
	NOTE: https://github.com/MediaArea/MediaInfoLib/pull/1111
	NOTE: https://sourceforge.net/p/mediainfo/bugs/1101/
CVE-2019-11372 (An out-of-bounds read in MediaInfoLib::File__Tags_Helper::Synched_Test ...)
	[experimental] - libmediainfo 19.04+dfsg-1
	- libmediainfo 18.12-2 (low; bug #927672)
	[stretch] - libmediainfo <no-dsa> (Minor issue)
	[jessie] - libmediainfo <no-dsa> (Minor issue)
	NOTE: https://github.com/MediaArea/MediaInfoLib/pull/1111
	NOTE: https://sourceforge.net/p/mediainfo/bugs/1101/
CVE-2019-11371 (BWA (aka Burrow-Wheeler Aligner) 0.7.17 r1198 has a Buffer Overflow vi ...)
	- bwa <unfixed> (unimportant)
	NOTE: https://github.com/lh3/bwa/issues/239
	NOTE: Neutralised by toolchain hardening
CVE-2019-11370 (Stored XSS was discovered in Carel pCOWeb prior to B1.2.4, as demonstr ...)
	NOT-FOR-US: Carel pCOWeb
CVE-2019-11369 (An issue was discovered in Carel pCOWeb prior to B1.2.4. In /config/pw ...)
	NOT-FOR-US: Carel pCOWeb
CVE-2019-11368 (Stored XSS was discovered in AUO Solar Data Recorder before 1.3.0 via  ...)
	NOT-FOR-US: AUO Solar Data Recorder
CVE-2019-11367 (An issue was discovered in AUO Solar Data Recorder before 1.3.0. The w ...)
	NOT-FOR-US: AUO Solar Data Recorder
CVE-2019-11364 (An OS Command Injection vulnerability in Snare Central before 7.4.5 al ...)
	NOT-FOR-US: Snare Central
CVE-2019-11363 (A SQL injection vulnerability in Snare Central before 7.4.5 allows rem ...)
	NOT-FOR-US: Snare Central
CVE-2019-11362 (app/controllers/frontend/PostController.php in ROCBOSS V2.2.1 has SQL  ...)
	NOT-FOR-US: ROCBOSS
CVE-2019-11361 (Zoho ManageEngine Remote Access Plus 10.0.258 does not validate user p ...)
	NOT-FOR-US: Zoho
CVE-2019-11366 (An issue was discovered in atftpd in atftp 0.7.1. It does not lock the ...)
	{DSA-4438-1 DLA-1783-1}
	- atftp 0.7.git20120829-3.1 (bug #927553)
	NOTE: https://pulsesecurity.co.nz/advisories/atftpd-multiple-vulnerabilities
	NOTE: https://sourceforge.net/p/atftp/code/ci/382f76a90b44f81fec00e2f609a94def4a5d3580/
CVE-2019-11365 (An issue was discovered in atftpd in atftp 0.7.1. A remote attacker ma ...)
	{DSA-4438-1 DLA-1783-1}
	- atftp 0.7.git20120829-3.1 (bug #927553)
	NOTE: https://pulsesecurity.co.nz/advisories/atftpd-multiple-vulnerabilities
	NOTE: https://sourceforge.net/p/atftp/code/ci/abed7d245d8e8bdfeab24f9f7f55a52c3140f96b/
CVE-2019-11360 (A buffer overflow in iptables-restore in netfilter iptables 1.8.2 allo ...)
	- iptables 1.8.3-2 (unimportant)
	NOTE: https://git.netfilter.org/iptables/commit/iptables/xshared.c?id=2ae1099a42e6a0f06de305ca13a842ac83d4683e (1.8.3)
	NOTE: https://0day.work/cve-2019-11360-bufferoverflow-in-iptables-restore-v1-8-2/
	NOTE: Negligible security impact
CVE-2019-11359 (Cross-site scripting (XSS) vulnerability in display.php in I, Libraria ...)
	- i-librarian <itp> (bug #649291)
CVE-2019-11357
	RESERVED
CVE-2019-11356 (The CalDAV feature in httpd in Cyrus IMAP 2.5.x through 2.5.12 and 3.0 ...)
	{DSA-4458-1}
	- cyrus-imapd 3.0.8-6
	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1717828
	NOTE: https://github.com/cyrusimap/cyrus-imapd/commit/a5779db8163b99463e25e7c476f9cbba438b65f3
CVE-2019-11355 (An issue was discovered in Poly (formerly Polycom) HDX 3.1.13. A featu ...)
	NOT-FOR-US: Poly (formerly Polycom) HDX
CVE-2019-11354 (The client in Electronic Arts (EA) Origin 10.5.36 on Windows allows te ...)
	NOT-FOR-US: client in Electronic Arts (EA) Origin on Windows
CVE-2019-11353 (The EnGenius EWS660AP router with firmware 2.0.284 allows an attacker  ...)
	NOT-FOR-US: EnGenius EWS660AP
CVE-2019-11352
	RESERVED
CVE-2019-11351 (TeamSpeak 3 Client before 3.2.5 allows remote code execution in the Qt ...)
	- teamspeak-client <removed>
CVE-2019-11350 (CloudBees Jenkins Operations Center 2.150.2.3, when an expired trial l ...)
	NOT-FOR-US: CloudBees Jenkins Operations Center
CVE-2019-11349
	RESERVED
CVE-2019-11348
	RESERVED
CVE-2019-11347
	RESERVED
CVE-2019-11555 (The EAP-pwd implementation in hostapd (EAP server) before 2.8 and wpa_ ...)
	{DSA-4450-1 DLA-1867-1}
	- wpa 2:2.7+git20190128+0c1e29f-5 (bug #927463)
	NOTE: https://w1.fi/security/2019-5/eap-pwd-message-reassembly-issue-with-unexpected-fragment.txt
	NOTE: Patches: https://w1.fi/security/2019-5/
CVE-2019-11346
	RESERVED
CVE-2019-11345 (Citrix SD-WAN Center 10.2.x before 10.2.1 and NetScaler SD-WAN Center  ...)
	NOT-FOR-US: Citrix
CVE-2019-11344 (data/inc/files.php in Pluck 4.7.8 allows remote attackers to execute a ...)
	NOT-FOR-US: Pluck CMS
CVE-2019-11343 (Torpedo Query before 2.5.3 mishandles the LIKE operator in ConditionBu ...)
	NOT-FOR-US: Torpedo Query
CVE-2019-11342
	RESERVED
CVE-2019-11341 (On certain Samsung P(9.0) phones, an attacker with physical access can ...)
	NOT-FOR-US: Samsung
CVE-2019-11340 (util/emailutils.py in Matrix Sydent before 1.0.2 mishandles registrati ...)
	NOT-FOR-US: Matrix Sydent
CVE-2019-11339 (The studio profile decoder in libavcodec/mpeg4videodec.c in FFmpeg 4.0 ...)
	- ffmpeg 7:4.1.3-1
	[stretch] - ffmpeg <not-affected> (Vulnerable code not present)
	- libav <not-affected> (Vulnerable code not present)
	NOTE: https://github.com/FFmpeg/FFmpeg/commit/1f686d023b95219db933394a7704ad9aa5f01cbb
	NOTE: https://github.com/FFmpeg/FFmpeg/commit/d227ed5d598340e719eff7156b1aa0a4469e9a6a
CVE-2019-11338 (libavcodec/hevcdec.c in FFmpeg 4.1.2 mishandles detection of duplicate ...)
	{DSA-4449-1 DLA-1809-1}
	- ffmpeg 7:4.1.3-1
	- libav <removed>
	NOTE: https://github.com/FFmpeg/FFmpeg/commit/54655623a82632e7624714d7b2a3e039dc5faa7e
CVE-2019-11337
	RESERVED
CVE-2019-11336 (Sony Bravia Smart TV devices allow remote attackers to retrieve the st ...)
	NOT-FOR-US: Sony Bravia Smart TV devices
CVE-2019-11335
	RESERVED
CVE-2019-11334 (An authentication bypass in website post requests in the Tzumi Electro ...)
	NOT-FOR-US: Tzumi Electronics Klic Lock application for mobile devices
CVE-2019-11333
	RESERVED
CVE-2019-11332 (MKCMS 5.0 allows remote attackers to take over arbitrary user accounts ...)
	NOT-FOR-US: MKCMS
CVE-2019-11331 (Network Time Protocol (NTP), as specified in RFC 5905, uses port 123 e ...)
	NOT-FOR-US: Generic NTP protocol flaw
CVE-2019-11330
	RESERVED
CVE-2019-11329
	RESERVED
CVE-2019-11328 (An issue was discovered in Singularity 3.1.0 to 3.2.0-rc2, a malicious ...)
	- singularity-container <not-affected> (No released Debian version contains the issue, cf bug #929042)
	NOTE: https://www.openwall.com/lists/oss-security/2019/05/16/1
CVE-2019-11327 (An issue was discovered on Topcon Positioning Net-G5 GNSS Receiver dev ...)
	NOT-FOR-US: Topcon Positioning Net-G5 GNSS Receiver
CVE-2019-11326 (An issue was discovered on Topcon Positioning Net-G5 GNSS Receiver dev ...)
	NOT-FOR-US: Topcon Positioning Net-G5 GNSS Receiver
CVE-2019-11325 (An issue was discovered in Symfony before 4.2.12 and 4.3.x before 4.3. ...)
	- symfony 4.3.8+dfsg-1
	[buster] - symfony <not-affected> (Vulnerable code not present)
	[stretch] - symfony <not-affected> (Vulnerable code not present)
	[jessie] - symfony <not-affected> (Vulnerable code not present)
	NOTE: https://symfony.com/blog/cve-2019-11325-fix-escaping-of-strings-in-varexporter
	NOTE: https://github.com/symfony/symfony/commit/0524868cbf3d3a36e0af804432016d5a6d98169a
CVE-2019-11323 (HAProxy before 1.9.7 mishandles a reload with rotated keys, which trig ...)
	- haproxy <not-affected> (Vulnerable code introduced in 1.9.x series in v1.9.2)
	NOTE: Introduced in: https://git.haproxy.org/?p=haproxy.git;a=commit;h=9e7547740cc2d0a6851de8ca9ac57488bdbb8bf2
	NOTE: Fixed by: https://git.haproxy.org/?p=haproxy.git;a=commit;h=8ef706502aa2000531d36e4ac56dbdc7c30f718d
CVE-2019-11324 (The urllib3 library before 1.24.2 for Python mishandles certain cases  ...)
	- python-urllib3 <unfixed> (bug #927412)
	[buster] - python-urllib3 <no-dsa> (Minor issue)
	[stretch] - python-urllib3 <no-dsa> (Minor issue)
	[jessie] - python-urllib3 <not-affected> (Vulnerable code introduced later)
	NOTE: https://github.com/urllib3/urllib3/compare/a6ec68a...1efadf4
	NOTE: https://www.openwall.com/lists/oss-security/2019/04/17/3
CVE-2019-11322 (An issue was discovered in Motorola CX2 1.01 and M2 1.01. There is a c ...)
	NOT-FOR-US: Motorola
CVE-2019-11321 (An issue was discovered in Motorola CX2 1.01 and M2 1.01. The router o ...)
	NOT-FOR-US: Motorola
CVE-2019-11320 (In Motorola CX2 1.01 and M2 1.01, users can access the router's /priv_ ...)
	NOT-FOR-US: Motorola
CVE-2019-11319 (An issue was discovered in Motorola CX2 1.01 and M2 1.01. There is a c ...)
	NOT-FOR-US: Motorola
CVE-2019-11318 (Zimbra Collaboration before 8.8.12 Patch 1 has persistent XSS. ...)
	NOT-FOR-US: Zimbra Collaboration
CVE-2019-11317
	RESERVED
CVE-2019-11316
	RESERVED
CVE-2019-11315
	RESERVED
CVE-2019-11314
	RESERVED
CVE-2019-11313
	RESERVED
CVE-2019-11312
	RESERVED
CVE-2019-11311
	RESERVED
CVE-2019-11310
	RESERVED
CVE-2019-11309
	RESERVED
CVE-2019-11308
	RESERVED
CVE-2019-11307
	RESERVED
CVE-2019-11306
	RESERVED
CVE-2019-11305
	RESERVED
CVE-2019-11304
	RESERVED
CVE-2019-11303
	RESERVED
CVE-2019-11302
	RESERVED
CVE-2019-11301
	RESERVED
CVE-2019-11300
	RESERVED
CVE-2019-11299
	RESERVED
CVE-2019-11298
	RESERVED
CVE-2019-11297
	RESERVED
CVE-2019-11296
	RESERVED
CVE-2019-11295
	RESERVED
CVE-2019-11294 (Cloud Foundry Cloud Controller API (CAPI), version 1.88.0, allows spac ...)
	NOT-FOR-US: Cloud Foundry
CVE-2019-11293 (Cloud Foundry UAA Release, versions prior to v74.10.0, when set to log ...)
	NOT-FOR-US: Cloud Foundry UAA Release
CVE-2019-11292 (Pivotal Ops Manager, versions 2.4.x prior to 2.4.27, 2.5.x prior to 2. ...)
	NOT-FOR-US: Pivotal
CVE-2019-11291 (Pivotal RabbitMQ, 3.7 versions prior to v3.7.20 and 3.8 version prior  ...)
	- rabbitmq-server <unfixed> (bug #945601)
	[buster] - rabbitmq-server <no-dsa> (Minor issue)
	[stretch] - rabbitmq-server <no-dsa> (Minor issue)
	[jessie] - rabbitmq-server <postponed> (Minor issue)
	NOTE: https://pivotal.io/security/cve-2019-11291
CVE-2019-11290 (Cloud Foundry UAA Release, versions prior to v74.8.0, logs all query p ...)
	NOT-FOR-US: Cloud Foundry
CVE-2019-11289 (Cloud Foundry Routing, all versions before 0.193.0, does not properly  ...)
	NOT-FOR-US: Cloud Foundry Routing
CVE-2019-11288 (In Pivotal tc Server, 3.x versions prior to 3.2.19 and 4.x versions pr ...)
	NOT-FOR-US: Pivotal
CVE-2019-11287 (Pivotal RabbitMQ, versions 3.7.x prior to 3.7.21 and 3.8.x prior to 3. ...)
	- rabbitmq-server <unfixed> (bug #945600)
	[buster] - rabbitmq-server <no-dsa> (Minor issue)
	[stretch] - rabbitmq-server <no-dsa> (Minor issue)
	[jessie] - rabbitmq-server <postponed> (Minor issue)
	NOTE: https://pivotal.io/security/cve-2019-11287
CVE-2019-11286
	RESERVED
CVE-2019-11285
	RESERVED
CVE-2019-11284 (Pivotal Reactor Netty, versions prior to 0.8.11, passes headers throug ...)
	NOT-FOR-US: Pivotal
CVE-2019-11283 (Cloud Foundry SMB Volume, versions prior to v2.0.3, accidentally outpu ...)
	NOT-FOR-US: Cloud Foundry
CVE-2019-11282 (Cloud Foundry UAA, versions prior to v74.3.0, contains an endpoint tha ...)
	NOT-FOR-US: Cloud Foundry
CVE-2019-11281 (Pivotal RabbitMQ, versions prior to v3.7.18, and RabbitMQ for PCF, ver ...)
	- rabbitmq-server 3.7.18-1 (low)
	[buster] - rabbitmq-server <no-dsa> (Minor issue)
	[stretch] - rabbitmq-server <no-dsa> (Minor issue)
	[jessie] - rabbitmq-server <no-dsa> (Minor issue; one plugin not vulnerable, the other only exploitable by malicious admin)
	NOTE: https://pivotal.io/security/cve-2019-11281
	NOTE: fix for vhost limit feature: https://github.com/rabbitmq/rabbitmq-management/commit/42def1b51243397c1cb9192d6d064351e358bacc
	NOTE: which was only introduced in 3.7.0-beta.19
	NOTE: federation management plugin: exploitable only by a remote authenticated malicious user
	NOTE:  with administrative access
CVE-2019-11280 (Pivotal Apps Manager, included in Pivotal Application Service versions ...)
	NOT-FOR-US: Pivotal
CVE-2019-11279 (CF UAA versions prior to 74.1.0 can request scopes for a client that s ...)
	NOT-FOR-US: Cloud Foundry
CVE-2019-11278 (CF UAA versions prior to 74.1.0, allow external input to be directly q ...)
	NOT-FOR-US: Cloud Foundry
CVE-2019-11277 (Cloud Foundry NFS Volume Service, 1.7.x versions prior to 1.7.11 and 2 ...)
	NOT-FOR-US: Cloud Foundry
CVE-2019-11276 (Pivotal Apps Manager, included in Pivotal Application Service versions ...)
	NOT-FOR-US: Pivotal
CVE-2019-11275 (Pivotal Application Manager, versions 666.0.x prior to 666.0.36, versi ...)
	NOT-FOR-US: Pivotal Application Manager
CVE-2019-11274 (Cloud Foundry UAA, versions prior to 74.0.0, is vulnerable to an XSS a ...)
	NOT-FOR-US: Cloud Foundry UAA
CVE-2019-11273 (Pivotal Container Services (PKS) versions 1.3.x prior to 1.3.7, and ve ...)
	NOT-FOR-US: Pivotal Container Services
CVE-2019-11272 (Spring Security, versions 4.2.x up to 4.2.12, and older unsupported ve ...)
	{DLA-1848-1}
	- libspring-security-2.0-java <removed>
	NOTE: https://github.com/spring-projects/spring-security/commit/b2d4fec3617c497c5a8eb9c7e5270e0c7db293ee
CVE-2019-11271 (Cloud Foundry BOSH 270.x versions prior to v270.1.1, contain a BOSH Di ...)
	NOT-FOR-US: Cloud Foundry
CVE-2019-11270 (Cloud Foundry UAA versions prior to v73.4.0 contain a vulnerability wh ...)
	NOT-FOR-US: Cloud Foundry
CVE-2019-11269 (Spring Security OAuth versions 2.3 prior to 2.3.6, 2.2 prior to 2.2.5, ...)
	NOT-FOR-US: Spring Security OAuth
CVE-2019-11268 (Cloud Foundry UAA version prior to 73.3.0, contain endpoints that cont ...)
	NOT-FOR-US: Cloud Foundry UAA
CVE-2019-11358 (jQuery before 3.4.0, as used in Drupal, Backdrop CMS, and other produc ...)
	{DSA-4460-1 DSA-4434-1 DLA-2118-1 DLA-1797-1 DLA-1777-1}
	- drupal7 <removed> (bug #927330)
	- jquery 3.3.1~dfsg-2 (bug #927385)
	[stretch] - jquery 3.1.1-2+deb9u1
	- node-jquery 2.2.4+dfsg-4 (bug #927466)
	- mediawiki 1:1.31.2-1
	- otrs2 6.0.26-1
	[buster] - otrs2 <no-dsa> (Non-free not supported)
	[stretch] - otrs2 <no-dsa> (Non-free not supported)
	NOTE: https://www.drupal.org/sa-core-2019-006
	NOTE: https://blog.jquery.com/2019/04/10/jquery-3-4-0-released/
	NOTE: https://github.com/DanielRuf/snyk-js-jquery-174006?files=1
	NOTE: https://snyk.io/vuln/SNYK-JS-JQUERY-174006
	NOTE: https://phabricator.wikimedia.org/T221739
	NOTE: https://lists.wikimedia.org/pipermail/wikitech-l/2019-June/092152.html
	NOTE: https://community.otrs.com/security-advisory-2020-05/
CVE-2019-11267
	REJECTED
CVE-2019-11266
	REJECTED
CVE-2019-11265
	REJECTED
CVE-2019-11264
	REJECTED
CVE-2019-11263
	REJECTED
CVE-2019-11262
	REJECTED
CVE-2019-11261
	REJECTED
CVE-2019-11260
	REJECTED
CVE-2019-11259
	REJECTED
CVE-2019-11258
	REJECTED
CVE-2019-11257
	REJECTED
CVE-2019-11256
	REJECTED
CVE-2019-11255 (Improper input validation in Kubernetes CSI sidecar containers for ext ...)
	NOT-FOR-US: kubernetes-csi
CVE-2019-11254 (The Kubernetes API Server component in versions 1.1-1.14, and versions ...)
	- kubernetes 1.17.4-1
	NOTE: https://github.com/kubernetes/kubernetes/issues/89535
CVE-2019-11253 (Improper input validation in the Kubernetes API server in versions v1. ...)
	- kubernetes 1.17.4-1
	NOTE: https://github.com/kubernetes/kubernetes/issues/83253
CVE-2019-11252
	RESERVED
CVE-2019-11251 (The Kubernetes kubectl cp command in versions 1.1-1.12, and versions p ...)
	- kubernetes <not-affected> (Vulnerable code not present)
CVE-2019-11250 (The Kubernetes client-go library logs request headers at verbosity lev ...)
	- kubernetes 1.17.4-1 (bug #934801)
	NOTE: https://github.com/kubernetes/kubernetes/issues/81114
CVE-2019-11249 (The kubectl cp command allows copying files between containers and the ...)
	- kubernetes <not-affected> (Vulnerable code not present; incomplete fix not applied)
	NOTE: https://github.com/kubernetes/kubernetes/issues/80984
CVE-2019-11248 (The debugging endpoint /debug/pprof is exposed over the unauthenticate ...)
	- kubernetes 1.17.4-1 (bug #934182)
	NOTE: https://github.com/kubernetes/kubernetes/issues/81023
	NOTE: https://groups.google.com/forum/#!topic/kubernetes-security-announce/pKELclHIov8
CVE-2019-11247 (The Kubernetes kube-apiserver mistakenly allows access to a cluster-sc ...)
	- kubernetes 1.17.4-1 (bug #933988)
	NOTE: https://github.com/kubernetes/kubernetes/issues/80983
CVE-2019-11246 (The kubectl cp command allows copying files between containers and the ...)
	- kubernetes <not-affected> (Vulnerable code not present; incomplete fix not applied)
	NOTE: https://github.com/kubernetes/kubernetes/pull/76788
CVE-2019-11245 (In kubelet v1.13.6 and v1.14.2, containers for pods that do not specif ...)
	- kubernetes <not-affected> (Vulnerable code not present)
	NOTE: https://discuss.kubernetes.io/t/security-regression-in-kubernetes-kubelet-v1-13-6-and-v1-14-2-only-cve-2019-11245/6584
	NOTE: https://github.com/kubernetes/kubernetes/issues/78308
CVE-2019-11244 (In Kubernetes v1.8.x-v1.14.x, schema info is cached by kubectl in the  ...)
	- kubernetes <not-affected> (Vulnerable code introduced in 1.8.x onwards)
	NOTE: https://github.com/kubernetes/kubernetes/issues/76676
CVE-2019-11243 (In Kubernetes v1.12.0-v1.12.4 and v1.13.0, the rest.AnonymousClientCon ...)
	- kubernetes <not-affected> (Only affects v1.12.0-v1.12.4 and v1.13.0 upstream)
	NOTE: https://github.com/kubernetes/kubernetes/issues/76797
CVE-2019-11242 (A man-in-the-middle vulnerability related to vCenter access was found  ...)
	NOT-FOR-US: Cohesity DataPlatform
CVE-2019-11241
	RESERVED
CVE-2019-11240
	RESERVED
CVE-2019-11239
	RESERVED
CVE-2019-11238
	RESERVED
CVE-2019-11237
	RESERVED
CVE-2019-11236 (In the urllib3 library through 1.24.1 for Python, CRLF injection is po ...)
	{DLA-1828-1}
	[experimental] - python-urllib3 1.25.6-1
	- python-urllib3 <unfixed> (bug #927172)
	[buster] - python-urllib3 <no-dsa> (Minor issue)
	[stretch] - python-urllib3 <no-dsa> (Minor issue)
	NOTE: https://github.com/urllib3/urllib3/issues/1553
	NOTE: https://github.com/urllib3/urllib3/commit/9b76785331243689a9d52cef3db05ef7462cb02d
	NOTE: https://github.com/urllib3/urllib3/commit/efddd7e7bad26188c3b692d1090cba768afa9162
CVE-2019-11235 (FreeRADIUS before 3.0.19 mishandles the "each participant verifies tha ...)
	- freeradius 3.0.17+dfsg-1.1 (bug #926958)
	[stretch] - freeradius <no-dsa> (Minor issue; plugin not enabled by default)
	[jessie] - freeradius <not-affected> (EAP-PWD only introduced in 3.0.0)
	NOTE: https://github.com/FreeRADIUS/freeradius-server/commit/85497b5ff37ccb656895b826b88585898c209586
	NOTE: https://github.com/FreeRADIUS/freeradius-server/commit/ab4c767099f263a7cd4109bcdca80ee74210a769
CVE-2019-11234 (FreeRADIUS before 3.0.19 does not prevent use of reflection for authen ...)
	- freeradius 3.0.17+dfsg-1.1 (bug #926958)
	[stretch] - freeradius <no-dsa> (Minor issue; plugin not enabled by default)
	[jessie] - freeradius <not-affected> (EAP-PWD only introduced in 3.0.0)
	NOTE: https://github.com/FreeRADIUS/freeradius-server/commit/85497b5ff37ccb656895b826b88585898c209586
	NOTE: https://github.com/FreeRADIUS/freeradius-server/commit/ab4c767099f263a7cd4109bcdca80ee74210a769
CVE-2019-11233 (EXCELLENT INFOTEK BiYan v1.57 ~ v2.8 allows an attacker to leak user i ...)
	NOT-FOR-US: EXCELLENT INFOTEK BiYan
CVE-2019-11232 (EXCELLENT INFOTEK BiYan v1.57 ~ v2.8 allows an attacker to leak user i ...)
	NOT-FOR-US: EXCELLENT INFOTEK BiYan
CVE-2019-11231 (An issue was discovered in GetSimple CMS through 3.3.15. insufficient  ...)
	NOT-FOR-US: GetSimple CMS
CVE-2019-11230 (In Avast Antivirus before 19.4, a local administrator can trick the pr ...)
	NOT-FOR-US: Avast Antivirus
CVE-2019-11229 (models/repo_mirror.go in Gitea before 1.7.6 and 1.8.x before 1.8-RC3 m ...)
	- gitea <removed>
CVE-2019-11228 (repo/setting.go in Gitea before 1.7.6 and 1.8.x before 1.8-RC3 does no ...)
	- gitea <removed>
CVE-2019-11227
	RESERVED
CVE-2019-11226 (CMS Made Simple 2.2.10 has XSS via the m1_name parameter in "Add Artic ...)
	NOT-FOR-US: CMS Made Simple
CVE-2019-11225
	RESERVED
CVE-2019-11224 (HARMAN AMX MVP5150 v2.87.13 devices allow remote OS Command Injection. ...)
	NOT-FOR-US: HARMAN AMX MVP5150 devices
CVE-2019-11223 (An Unrestricted File Upload Vulnerability in the SupportCandy plugin t ...)
	NOT-FOR-US: SupportCandy plugin for WordPress
CVE-2019-11222 (gf_bin128_parse in utils/os_divers.c in GPAC 0.7.1 has a buffer overfl ...)
	{DLA-1765-1}
	- gpac 0.5.2-426-gc5ad4e4+dfsg5-5 (bug #926961)
	[stretch] - gpac <no-dsa> (Minor issue)
	NOTE: https://github.com/gpac/gpac/commit/f36525c5beafb78959c3a07d6622c9028de348da
	NOTE: https://github.com/gpac/gpac/issues/1204
	NOTE: https://github.com/gpac/gpac/issues/1205
CVE-2019-11221 (GPAC 0.7.1 has a buffer overflow issue in gf_import_message() in media ...)
	{DLA-1765-1}
	- gpac 0.5.2-426-gc5ad4e4+dfsg5-5 (bug #926963)
	[stretch] - gpac <no-dsa> (Minor issue)
	NOTE: https://github.com/gpac/gpac/commit/f4616202e5578e65746cf7e7ceeba63bee1b094b
	NOTE: https://github.com/gpac/gpac/issues/1203
CVE-2019-11220 (An authentication flaw in Shenzhen Yunni Technology iLnkP2P allows rem ...)
	NOT-FOR-US: Shenzhen Yunni Technology iLnkP2P
CVE-2019-11219 (The algorithm used to generate device IDs (UIDs) for devices that util ...)
	NOT-FOR-US: Shenzhen Yunni Technology iLnkP2P
CVE-2019-11218 (Improper handling of extra parameters in the AccountController (User P ...)
	NOT-FOR-US: Bonobo Git Server
CVE-2019-11217 (The GitController in Jakub Chodounsky Bonobo Git Server before 6.5.0 a ...)
	NOT-FOR-US: Bonobo Git Server
CVE-2019-11216 (BMC Smart Reporting 7.3 20180418 allows authenticated XXE within the i ...)
	NOT-FOR-US: BMC Smart Reporting
CVE-2019-11215 (In Combodo iTop 2.2.0 through 2.6.0, if the configuration file is writ ...)
	NOT-FOR-US: iTop (not the same as src:itop)
CVE-2019-11214
	RESERVED
CVE-2019-11213 (In Pulse Secure Pulse Desktop Client and Network Connect, an attacker  ...)
	NOT-FOR-US: Pulse Secure Pulse Desktop Client and Network Connect
CVE-2019-11212 (The MDM server component of TIBCO Software Inc's TIBCO MDM contains mu ...)
	NOT-FOR-US: TIBCO
CVE-2019-11211 (The server component of TIBCO Software Inc.'s TIBCO Enterprise Runtime ...)
	NOT-FOR-US: TIBCO
CVE-2019-11210 (The server component of TIBCO Software Inc.'s TIBCO Enterprise Runtime ...)
	NOT-FOR-US: TIBCO
CVE-2019-11209 (The realm configuration component of TIBCO Software Inc.'s TIBCO FTL C ...)
	NOT-FOR-US: TIBCO
CVE-2019-11208 (The authorization component of TIBCO Software Inc.'s TIBCO API Exchang ...)
	NOT-FOR-US: TIBCO
CVE-2019-11207 (The web server component of TIBCO Software Inc.'s TIBCO LogLogic Enter ...)
	NOT-FOR-US: TIBCO
CVE-2019-11206 (The Spotfire library component of TIBCO Software Inc.'s TIBCO Spotfire ...)
	NOT-FOR-US: TIBCO
CVE-2019-11205 (The web server component of TIBCO Software Inc.'s TIBCO Spotfire Analy ...)
	NOT-FOR-US: TIBCO
CVE-2019-11204 (The web interface component of TIBCO Software Inc.'s TIBCO Spotfire St ...)
	NOT-FOR-US: TIBCO
CVE-2019-11203 (The workspace client, openspace client, app development client, and RE ...)
	NOT-FOR-US: TIBCO
CVE-2019-11202 (An issue was discovered that affects the following versions of Rancher ...)
	NOT-FOR-US: Rancher
CVE-2019-11201 (Dolibarr ERP/CRM 9.0.1 provides a module named website that provides f ...)
	- dolibarr <removed>
CVE-2019-11200 (Dolibarr ERP/CRM 9.0.1 provides a web-based functionality that backs u ...)
	- dolibarr <removed>
CVE-2019-11199 (Dolibarr ERP/CRM 9.0.1 was affected by stored XSS within uploaded file ...)
	- dolibarr <removed>
CVE-2019-11198 (Multiple cross-site scripting (XSS) vulnerabilities in Sitecore CMS 9. ...)
	NOT-FOR-US: Sitecore CMS
CVE-2019-11197
	RESERVED
CVE-2019-11196 (An authentication bypass vulnerability in all versions of ValuePLUS In ...)
	NOT-FOR-US: ValuePLUS Integrated University Management System (IUMS)
CVE-2019-11195
	RESERVED
CVE-2019-11194
	RESERVED
CVE-2019-11193 (The FileManager in InfinitumIT DirectAdmin through v1.561 has XSS via  ...)
	NOT-FOR-US: DirectAdmin
CVE-2019-11192
	RESERVED
CVE-2019-11189 (Authentication Bypass by Spoofing in org.onosproject.acl (access contr ...)
	NOT-FOR-US: Open Network Operating System (ONOS)
CVE-2019-11191 (** DISPUTED ** The Linux kernel through 5.0.7, when CONFIG_IA32_AOUT i ...)
	- linux <unfixed> (unimportant)
	NOTE: https://www.openwall.com/lists/oss-security/2019/04/03/4
CVE-2019-11190 (The Linux kernel before 4.8 allows local users to bypass ASLR on setui ...)
	{DLA-1799-1}
	- linux 4.8.5-1
	NOTE: https://git.kernel.org/linus/9f834ec18defc369d73ccf9e87a2790bfa05bf46 (4.8-rc5)
	NOTE: https://www.openwall.com/lists/oss-security/2019/04/03/4
CVE-2019-11188
	RESERVED
CVE-2019-11187 (Incorrect Access Control in the LDAP class of GONICUS GOsa through 201 ...)
	{DLA-1876-1 DLA-1875-1}
	- fusiondirectory 1.2.3-5
	[buster] - fusiondirectory 1.2.3-4+deb10u1
	[stretch] - fusiondirectory 1.0.19-1+deb9u1
	- gosa 2.7.4+reloaded3-9
	[buster] - gosa 2.7.4+reloaded3-8+deb10u1
	[stretch] - gosa <no-dsa> (Minor issue)
CVE-2019-11186
	RESERVED
CVE-2019-11185 (The WP Live Chat Support Pro plugin through 8.0.26 for WordPress conta ...)
	NOT-FOR-US: WP Live Chat Support Pro plugin for WordPress
CVE-2019-11184 (A race condition in specific microprocessors using Intel (R) DDIO cach ...)
	NOT-FOR-US: HW Issue with processors supporting Intel Data-Direct I/O Technology (Intel DDIO) and Remote Direct Memory Access (RDMA)
CVE-2019-11183
	RESERVED
CVE-2019-11182 (Memory corruption in Intel(R) Baseboard Management Controller firmware ...)
	NOT-FOR-US: Intel
CVE-2019-11181 (Out of bound read in Intel(R) Baseboard Management Controller firmware ...)
	NOT-FOR-US: Intel
CVE-2019-11180 (Insufficient input validation in Intel(R) Baseboard Management Control ...)
	NOT-FOR-US: Intel
CVE-2019-11179 (Insufficient input validation in Intel(R) Baseboard Management Control ...)
	NOT-FOR-US: Intel
CVE-2019-11178 (Stack overflow in Intel(R) Baseboard Management Controller firmware ma ...)
	NOT-FOR-US: Intel
CVE-2019-11177 (Unhandled exception in Intel(R) Baseboard Management Controller firmwa ...)
	NOT-FOR-US: Intel
CVE-2019-11176
	RESERVED
CVE-2019-11175 (Insufficient input validation in Intel(R) Baseboard Management Control ...)
	NOT-FOR-US: Intel
CVE-2019-11174 (Insufficient access control in Intel(R) Baseboard Management Controlle ...)
	NOT-FOR-US: Intel
CVE-2019-11173 (Insufficient session validation in Intel(R) Baseboard Management Contr ...)
	NOT-FOR-US: Intel
CVE-2019-11172 (Out of bound read in Intel(R) Baseboard Management Controller firmware ...)
	NOT-FOR-US: Intel
CVE-2019-11171 (Heap corruption in Intel(R) Baseboard Management Controller firmware m ...)
	NOT-FOR-US: Intel
CVE-2019-11170 (Authentication bypass in Intel(R) Baseboard Management Controller firm ...)
	NOT-FOR-US: Intel
CVE-2019-11169
	RESERVED
CVE-2019-11168 (Insufficient session validation in Intel(R) Baseboard Management Contr ...)
	NOT-FOR-US: Intel
CVE-2019-11167 (Improper file permission in software installer for Intel(R) Smart Conn ...)
	NOT-FOR-US: Intel
CVE-2019-11166 (Improper file permissions in the installer for Intel(R) Easy Streaming ...)
	NOT-FOR-US: Intel
CVE-2019-11165 (Improper conditions check in the Linux kernel driver for the Intel(R)  ...)
	NOT-FOR-US: Intel, driver doesn't seem to be upstreamed
CVE-2019-11164
	RESERVED
CVE-2019-11163 (Insufficient access control in a hardware abstraction driver for Intel ...)
	NOT-FOR-US: Intel(R) Processor Identification Utility for Windows
CVE-2019-11162 (Insufficient access control in hardware abstraction in SEMA driver for ...)
	NOT-FOR-US: Intel
CVE-2019-11161
	RESERVED
CVE-2019-11160
	RESERVED
CVE-2019-11159
	RESERVED
CVE-2019-11158
	RESERVED
CVE-2019-11157 (Improper conditions check in voltage settings for some Intel(R) Proces ...)
	NOT-FOR-US: Intel
CVE-2019-11156 (Logic errors in Intel(R) PROSet/Wireless WiFi Software before version  ...)
	NOT-FOR-US: Intel
CVE-2019-11155 (Improper directory permissions in Intel(R) PROSet/Wireless WiFi Softwa ...)
	NOT-FOR-US: Intel
CVE-2019-11154 (Improper directory permissions in Intel(R) PROSet/Wireless WiFi Softwa ...)
	NOT-FOR-US: Intel
CVE-2019-11153 (Memory corruption issues in Intel(R) PROSet/Wireless WiFi Software ext ...)
	NOT-FOR-US: Intel
CVE-2019-11152 (Memory corruption issues in Intel(R) WIFI Drivers before version 21.40 ...)
	NOT-FOR-US: Intel
CVE-2019-11151 (Memory corruption issues in Intel(R) WIFI Drivers before version 21.40 ...)
	NOT-FOR-US: Intel
CVE-2019-11150
	RESERVED
CVE-2019-11149
	RESERVED
CVE-2019-11148 (Improper permissions in the installer for Intel(R) Remote Displays SDK ...)
	NOT-FOR-US: Intel
CVE-2019-11147 (Insufficient access control in hardware abstraction driver for MEInfo  ...)
	NOT-FOR-US: Intel
CVE-2019-11146 (Improper file verification in Intel&#174; Driver &amp; Support Assista ...)
	NOT-FOR-US: Intel
CVE-2019-11145 (Improper file verification in Intel&#174; Driver &amp; Support Assista ...)
	NOT-FOR-US: Intel
CVE-2019-11144
	RESERVED
CVE-2019-11143 (Improper permissions in the software installer for Intel(R) Authentica ...)
	NOT-FOR-US: Intel
CVE-2019-11142
	RESERVED
CVE-2019-11141
	RESERVED
CVE-2019-11140 (Insufficient session validation in system firmware for Intel(R) NUC ma ...)
	NOT-FOR-US: Intel
CVE-2019-11139 (Improper conditions check in the voltage modulation interface for some ...)
	{DSA-4565-1 DLA-2051-1}
	- intel-microcode 3.20191112.1
	NOTE: https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00271.html
	NOTE: The 3.20191112.1 release for intel-microcode did contain most updates, additional
	NOTE: update for CFL-S was added in 3.20191113.1.
CVE-2019-11138
	RESERVED
CVE-2019-11137 (Insufficient input validation in system firmware for Intel(R) Xeon(R)  ...)
	NOT-FOR-US: Intel
CVE-2019-11136 (Insufficient access control in system firmware for Intel(R) Xeon(R) Sc ...)
	NOT-FOR-US: Intel
CVE-2019-11135 (TSX Asynchronous Abort condition on some CPUs utilizing speculative ex ...)
	{DSA-4602-1 DSA-4565-1 DSA-4564-1 DLA-2051-1 DLA-1990-1 DLA-1989-1}
	- linux 5.3.9-2
	- intel-microcode 3.20191112.1
	- xen 4.11.3+24-g14b62ab3e5-1 (bug #947944)
	[jessie] - xen <end-of-life> (Not supported in jessie LTS)
	NOTE: https://software.intel.com/security-software-guidance/insights/deep-dive-intel-transactional-synchronization-extensions-intel-tsx-asynchronous-abort
	NOTE: https://xenbits.xen.org/xsa/advisory-305.html
	NOTE: The 3.20191112.1 release for intel-microcode did contain most updates, additional
	NOTE: update for CFL-S was added in 3.20191113.1.
CVE-2019-11134
	RESERVED
CVE-2019-11133 (Improper access control in the Intel(R) Processor Diagnostic Tool befo ...)
	NOT-FOR-US: Intel
CVE-2019-11132 (Cross site scripting in subsystem in Intel(R) AMT before versions 11.8 ...)
	NOT-FOR-US: Intel
CVE-2019-11131 (Logic issue in subsystem in Intel(R) AMT before versions 11.8.70, 11.1 ...)
	NOT-FOR-US: Intel
CVE-2019-11130
	RESERVED
CVE-2019-11129 (Out of bound read/write in system firmware for Intel(R) NUC Kit may al ...)
	NOT-FOR-US: Intel
CVE-2019-11128 (Insufficient input validation in system firmware for Intel(R) NUC Kit  ...)
	NOT-FOR-US: Intel
CVE-2019-11127 (Buffer overflow in system firmware for Intel(R) NUC Kit may allow a pr ...)
	NOT-FOR-US: Intel
CVE-2019-11126 (Pointer corruption in system firmware for Intel(R) NUC Kit may allow a ...)
	NOT-FOR-US: Intel
CVE-2019-11125 (Insufficient input validation in system firmware for Intel(R) NUC Kit  ...)
	NOT-FOR-US: Intel
CVE-2019-11124 (Out of bound read/write in system firmware for Intel(R) NUC Kit may al ...)
	NOT-FOR-US: Intel
CVE-2019-11123 (Insufficient session validation in system firmware for Intel(R) NUC Ki ...)
	NOT-FOR-US: Intel
CVE-2019-11122
	RESERVED
CVE-2019-11121
	RESERVED
CVE-2019-11120 (Insufficient path checking in the installer for Intel(R) Active System ...)
	NOT-FOR-US: Intel
CVE-2019-11119 (Insufficient session validation in the service API for Intel(R) RWC3 v ...)
	NOT-FOR-US: Intel
CVE-2019-11118
	RESERVED
CVE-2019-11117 (Improper permissions in the installer for Intel(R) Omni-Path Fabric Ma ...)
	NOT-FOR-US: Intel
CVE-2019-11116
	RESERVED
CVE-2019-11115
	RESERVED
CVE-2019-11114 (Insufficient input validation in Intel(R) Driver &amp; Support Assista ...)
	NOT-FOR-US: Intel(R) Driver & Support Assistant
CVE-2019-11113 (Buffer overflow in Kernel Mode module for Intel(R) Graphics Driver bef ...)
	NOT-FOR-US: Intel Windows graphics driver
CVE-2019-11112 (Memory corruption in Kernel Mode Driver in Intel(R) Graphics Driver be ...)
	NOT-FOR-US: Intel Windows graphics driver
CVE-2019-11111 (Pointer corruption in the Unified Shader Compiler in Intel(R) Graphics ...)
	NOT-FOR-US: Intel Windows graphics driver
CVE-2019-11110 (Authentication bypass in the subsystem for Intel(R) CSME before versio ...)
	NOT-FOR-US: Intel
CVE-2019-11109 (Logic issue in the subsystem for Intel(R) SPS before versions SPS_E5_0 ...)
	NOT-FOR-US: Intel
CVE-2019-11108 (Insufficient input validation in subsystem for Intel(R) CSME before ve ...)
	NOT-FOR-US: Intel
CVE-2019-11107 (Insufficient input validation in the subsystem for Intel(R) AMT before ...)
	NOT-FOR-US: Intel
CVE-2019-11106 (Insufficient session validation in the subsystem for Intel(R) CSME bef ...)
	NOT-FOR-US: Intel
CVE-2019-11105 (Logic issue in subsystem for Intel(R) CSME before versions 12.0.45, 13 ...)
	NOT-FOR-US: Intel
CVE-2019-11104 (Insufficient input validation in MEInfo software for Intel(R) CSME bef ...)
	NOT-FOR-US: Intel
CVE-2019-11103 (Insufficient input validation in firmware update software for Intel(R) ...)
	NOT-FOR-US: Intel
CVE-2019-11102 (Insufficient input validation in Intel(R) DAL software for Intel(R) CS ...)
	NOT-FOR-US: Intel
CVE-2019-11101 (Insufficient input validation in the subsystem for Intel(R) CSME befor ...)
	NOT-FOR-US: Intel
CVE-2019-11100 (Insufficient input validation in the subsystem for Intel(R) AMT before ...)
	NOT-FOR-US: Intel
CVE-2019-11099
	RESERVED
CVE-2019-11098
	RESERVED
CVE-2019-11097 (Improper directory permissions in the installer for Intel(R) Managemen ...)
	NOT-FOR-US: Intel
CVE-2019-11096 (Insufficient memory protection for Intel(R) Ethernet I218 Adapter driv ...)
	NOT-FOR-US: Intel(R) Ethernet I218 Adapter driver for Windows
CVE-2019-11095 (Insufficient access control in Intel(R) Driver &amp; Support Assistant ...)
	NOT-FOR-US: Intel(R) Driver & Support Assistant
CVE-2019-11094 (Insufficient input validation in system firmware for Intel (R) NUC Kit ...)
	NOT-FOR-US: Intel (R) NUC Kit
CVE-2019-11093 (Unquoted service path in the installer for the Intel(R) SCS Discovery  ...)
	NOT-FOR-US: Intel(R) SCS Discovery Utility
CVE-2019-11092 (Insufficient password protection in the attestation database for Open  ...)
	NOT-FOR-US: Open CIT
CVE-2019-11091 (Microarchitectural Data Sampling Uncacheable Memory (MDSUM): Uncacheab ...)
	{DSA-4447-1 DSA-4444-1 DLA-1789-2 DLA-1799-1 DLA-1789-1 DLA-1787-1}
	- intel-microcode 3.20190514.1
	- linux 4.19.37-2
	- xen 4.11.1+92-g6c33308a8d-1 (bug #929129)
	[stretch] - xen 4.8.5.final+shim4.10.4-1+deb9u12
	[jessie] - xen <ignored> (Depends on fix for CVE-2017-5715, CVE-2017-5753, CVE-2017-5754)
	NOTE: https://git.kernel.org/linus/fa4bff165070dc40a3de35b78e4f8da8e8d85ec5
	NOTE: https://software.intel.com/security-software-guidance/software-guidance/microarchitectural-data-sampling
	NOTE: https://xenbits.xen.org/xsa/advisory-297.html
	NOTE: libvirt support for md-clear CPUID bit:
	NOTE: https://libvirt.org/git/?p=libvirt.git;a=commit;h=538d873571d7a682852dc1d70e5f4478f4d64e85
	NOTE: qemu and libvirt need updates to passthrough md-clear, see #929067 for qemu and #929154 for libvirt
CVE-2019-11090 (Cryptographic timing conditions in the subsystem for Intel(R) PTT befo ...)
	NOT-FOR-US: Intel
CVE-2019-11089 (Insufficient input validation in Kernel Mode module for Intel(R) Graph ...)
	NOT-FOR-US: Intel Windows graphics driver
CVE-2019-11088 (Insufficient input validation in subsystem in Intel(R) AMT before vers ...)
	NOT-FOR-US: Intel
CVE-2019-11087 (Insufficient input validation in the subsystem for Intel(R) CSME befor ...)
	NOT-FOR-US: Intel
CVE-2019-11086 (Insufficient input validation in subsystem for Intel(R) AMT before ver ...)
	NOT-FOR-US: Intel
CVE-2019-11085 (Insufficient input validation in Kernel Mode Driver in Intel(R) i915 G ...)
	- linux 4.19.20-1
	[stretch] - linux <not-affected> (Vulnerable code introduced later)
	[jessie] - linux <not-affected> (Vulnerable code introduced later)
	NOTE: https://git.kernel.org/linus/51b00d8509dc69c98740da2ad07308b630d3eb7d
	NOTE: https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00249.html
CVE-2019-11084 (GAuth 0.9.9 beta has stored XSS that shows a popup repeatedly and disc ...)
	NOT-FOR-US: GAuth
CVE-2019-11083
	RESERVED
CVE-2019-11082 (core/api/datasets/internal/actions/Explode.java in the Dataset API in  ...)
	NOT-FOR-US: DKPro Core
CVE-2019-11081 (A default username and password in Dentsply Sirona Sidexis 4.2 and pos ...)
	NOT-FOR-US: Dentsply Sirona Sidexis
CVE-2019-11080 (Sitecore Experience Platform (XP) prior to 9.1.1 is vulnerable to remo ...)
	NOT-FOR-US: Sitecore Experience Platform
CVE-2019-11079
	RESERVED
CVE-2019-11078 (MKCMS V5.0 has a CSRF vulnerability to add a new admin user via the uc ...)
	NOT-FOR-US: MKCMS
CVE-2019-11077 (FastAdmin V1.0.0.20190111_beta has a CSRF vulnerability to add a new a ...)
	NOT-FOR-US: FastAdmin
CVE-2019-11076 (Cribl UI 1.5.0 allows remote attackers to run arbitrary commands via a ...)
	NOT-FOR-US: Cribl UI
CVE-2019-11075
	RESERVED
CVE-2019-11074 (A Write to Arbitrary Location in Disk vulnerability exists in PRTG Net ...)
	NOT-FOR-US: PRTG Network Monitor
CVE-2019-11073 (A Remote Code Execution vulnerability exists in PRTG Network Monitor b ...)
	NOT-FOR-US: PRTG Network Monitor
CVE-2019-11072 (** DISPUTED ** lighttpd before 1.4.54 has a signed integer overflow, w ...)
	- lighttpd 1.4.53-4 (bug #926885)
	[stretch] - lighttpd <not-affected> (Vulnerable code introduced later)
	[jessie] - lighttpd <not-affected> (Vulnerable code introduced later)
	NOTE: https://redmine.lighttpd.net/issues/2945
	NOTE: Fixed by: https://github.com/lighttpd/lighttpd1.4/commit/32120d5b8b3203fc21ccb9eafb0eaf824bb59354
	NOTE: Introduced with: https://github.com/lighttpd/lighttpd1.4/commit/3eb7902e10ba75b3f2eb159e244d0d8e5037ccd2
CVE-2019-11070 (WebKitGTK and WPE WebKit prior to version 2.24.1 failed to properly ap ...)
	- webkit2gtk 2.24.1-1
	[stretch] - webkit2gtk <ignored> (Not covered by security support in stretch)
	[jessie] - webkit2gtk <ignored> (Not covered by security support in jessie)
	NOTE: https://webkitgtk.org/security/WSA-2019-0002.html
CVE-2019-11069 (Sequelize version 5 before 5.3.0 does not properly ensure that standar ...)
	NOT-FOR-US: Sequelize
CVE-2019-11068 (libxslt through 1.1.33 allows bypass of a protection mechanism because ...)
	{DLA-1756-1}
	- libxslt 1.1.32-2.1 (bug #926895; bug #933743)
	[buster] - libxslt 1.1.32-2.1~deb10u1
	[stretch] - libxslt 1.1.29-2.1+deb9u1
	NOTE: https://gitlab.gnome.org/GNOME/libxslt/issues/12
	NOTE: https://gitlab.gnome.org/GNOME/libxslt/commit/e03553605b45c88f0b4b2980adfbbb8f6fca2fd6
CVE-2019-11067
	RESERVED
CVE-2019-1003050 (The f:validateButton form control for the Jenkins UI did not properly  ...)
	NOT-FOR-US: Jenkins
CVE-2019-1003049 (Users who cached their CLI authentication before Jenkins was updated t ...)
	NOT-FOR-US: Jenkins
CVE-2019-11066 (openid.php in LightOpenID through 1.3.1 allows SSRF via a crafted Open ...)
	NOT-FOR-US: LightOpenID
CVE-2019-11065 (Gradle versions from 1.4 to 5.3.1 use an insecure HTTP URL to download ...)
	- gradle 4.4.1-10 (bug #926923)
	[buster] - gradle <no-dsa> (Minor issue)
	[stretch] - gradle <no-dsa> (Minor issue)
	[jessie] - gradle <no-dsa> (Minor issue)
	NOTE: https://github.com/gradle/gradle/pull/8927
	NOTE: https://lists.debian.org/debian-lts/2019/05/msg00021.html
CVE-2019-11071 (SPIP 3.1 before 3.1.10 and 3.2 before 3.2.4 allows authenticated visit ...)
	{DSA-4429-1}
	- spip 3.2.4-1 (bug #926764)
	[jessie] - spip <not-affected> (SPIP 3.0 and earlier are not affected)
	NOTE: https://blog.spip.net/Mise-a-jour-CRITIQUE-de-securite-Sortie-de-SPIP-3-1-10-et-SPIP-3-2-4.html
	NOTE: https://github.com/spip/SPIP/commit/3ef87c525bc0768c926646f999a54222b37b5d36
	NOTE: https://github.com/spip/SPIP/commit/824d17f424bf77d17af89c18c3dc807a3199567e
CVE-2019-11064 (A vulnerability of remote credential disclosure was discovered in Adva ...)
	NOT-FOR-US: Advan VD-1 firmware
CVE-2019-11063 (A broken access control vulnerability in SmartHome app (Android versio ...)
	NOT-FOR-US: SmartHome app
CVE-2019-11062 (The SUNNET WMPro v5.0 and v5.1 for eLearning system has OS Command Inj ...)
	NOT-FOR-US: SUNNET WMPro for eLearning system
CVE-2019-11061 (A broken access control vulnerability in HG100 firmware versions up to ...)
	NOT-FOR-US: HG100 firmware
CVE-2019-11060 (The web api server on Port 8080 of ASUS HG100 firmware up to 1.05.12,  ...)
	NOT-FOR-US: ASUS HG100 firmware
CVE-2019-11059 (Das U-Boot 2016.11-rc1 through 2019.04 mishandles the ext4 64-bit exte ...)
	- u-boot 2019.01+dfsg-6 (bug #928800)
	[stretch] - u-boot <no-dsa> (Minor issue)
	[jessie] - u-boot <ignored> (Minor issue)
	NOTE: https://git.denx.de/?p=u-boot.git;a=commit;h=febbc583319b567fe3d83e521cc2ace9be8d1501
CVE-2019-11058
	RESERVED
CVE-2019-11057 (SQL injection vulnerability in Vtiger CRM before 7.1.0 hotfix3 allows  ...)
	NOT-FOR-US: Vtiger CRM
CVE-2019-11056
	RESERVED
CVE-2019-11055
	RESERVED
CVE-2019-11054
	RESERVED
CVE-2019-11053
	RESERVED
CVE-2019-11052
	RESERVED
CVE-2019-11051
	RESERVED
CVE-2019-11050 (When PHP EXIF extension is parsing EXIF information from an image, e.g ...)
	{DSA-4628-1 DSA-4626-1 DLA-2050-1}
	- php7.3 7.3.15-1
	- php7.0 <removed>
	- php5 <removed>
	NOTE: Fixed in PHP 7.4.1, 7.3.13
	NOTE: PHP Bug: http://bugs.php.net/78793
CVE-2019-11049 (In PHP versions 7.3.x below 7.3.13 and 7.4.0 on Windows, when supplyin ...)
	- php7.3 <not-affected> (Windows specific issue)
	- php7.0 <not-affected> (Windows specific issue)
	- php5 <not-affected> (Windows specific issue)
	NOTE: Fixed in PHP 7.4.1, 7.3.13
	NOTE: PHP Bug: http://bugs.php.net/78943
CVE-2019-11048
	RESERVED
CVE-2019-11047 (When PHP EXIF extension is parsing EXIF information from an image, e.g ...)
	{DSA-4628-1 DSA-4626-1 DLA-2050-1}
	- php7.3 7.3.15-1
	- php7.0 <removed>
	- php5 <removed>
	NOTE: Fixed in PHP 7.4.1, 7.3.13
	NOTE: PHP Bug: http://bugs.php.net/78910
CVE-2019-11046 (In PHP versions 7.2.x below 7.2.26, 7.3.x below 7.3.13 and 7.4.0, PHP  ...)
	{DSA-4628-1 DSA-4626-1 DLA-2050-1}
	- php7.3 7.3.15-1
	- php7.0 <removed>
	- php5 <removed>
	NOTE: Fixed in PHP 7.4.1, 7.3.13
	NOTE: PHP Bug: http://bugs.php.net/78878
	NOTE: http://git.php.net/?p=php-src.git;a=patch;h=2d07f00b73d8f94099850e0f5983e1cc5817c196
CVE-2019-11045 (In PHP versions 7.2.x below 7.2.26, 7.3.x below 7.3.13 and 7.4.0, PHP  ...)
	{DSA-4628-1 DSA-4626-1 DLA-2050-1}
	- php7.3 7.3.15-1
	- php7.0 <removed>
	- php5 <removed>
	NOTE: Fixed in PHP 7.4.1, 7.3.13
	NOTE: PHP Bug: http://bugs.php.net/78863
	NOTE: http://git.php.net/?p=php-src.git;a=patch;h=d74907b8575e6edb83b728c2a94df434c23e1f79
CVE-2019-11044 (In PHP versions 7.2.x below 7.2.26, 7.3.x below 7.3.13 and 7.4.0 on Wi ...)
	- php7.3 <not-affected> (Windows specific issue)
	- php7.0 <not-affected> (Windows specific issue)
	- php5 <not-affected> (Windows specific issue)
	NOTE: Fixed in PHP 7.4.1, 7.3.13
	NOTE: PHP Bug: http://bugs.php.net/78862
CVE-2019-11043 (In PHP versions 7.1.x below 7.1.33, 7.2.x below 7.2.24 and 7.3.x below ...)
	{DSA-4553-1 DSA-4552-1 DLA-1970-1}
	- php7.3 7.3.11-1~deb10u1 (bug #943468; bug #943764)
	- php7.0 <removed>
	- php5 <removed>
	NOTE: Fixed in PHP 7.3.11, 7.2.24
	NOTE: PHP Bug: https://bugs.php.net/bug.php?id=78599
	NOTE: https://www.tenable.com/blog/cve-2019-11043-vulnerability-in-php-fpm-could-lead-to-remote-code-execution-on-nginx
	NOTE: http://git.php.net/?p=php-src.git;a=commit;h=ab061f95ca966731b1c84cf5b7b20155c0a1c06a
CVE-2019-11042 (When PHP EXIF extension is parsing EXIF information from an image, e.g ...)
	{DSA-4529-1 DSA-4527-1 DLA-1878-1}
	- php7.3 7.3.8-1
	- php7.0 <removed>
	- php5 <removed>
	NOTE: Fixed in 7.1.31, 7.2.21, 7.3.8
	NOTE: PHP Bug: https://bugs.php.net/bug.php?id=78256
CVE-2019-11041 (When PHP EXIF extension is parsing EXIF information from an image, e.g ...)
	{DSA-4529-1 DSA-4527-1 DLA-1878-1}
	- php7.3 7.3.8-1
	- php7.0 <removed>
	- php5 <removed>
	NOTE: Fixed in 7.1.31, 7.2.21, 7.3.8
	NOTE: PHP Bug: https://bugs.php.net/bug.php?id=78222
CVE-2019-11040 (When PHP EXIF extension is parsing EXIF information from an image, e.g ...)
	{DSA-4529-1 DSA-4527-1 DLA-1813-1}
	- php7.3 7.3.6-1
	- php7.0 <removed>
	- php5 <removed>
	NOTE: Fixed in 7.1.30, 7.2.19, 7.3.6
	NOTE: PHP Bug: https://bugs.php.net/bug.php?id=77988
CVE-2019-11039 (Function iconv_mime_decode_headers() in PHP versions 7.1.x below 7.1.3 ...)
	{DSA-4529-1 DSA-4527-1 DLA-1813-1}
	- php7.3 7.3.6-1
	- php7.0 <removed>
	- php5 <removed>
	NOTE: Fixed in 7.1.30, 7.2.19, 7.3.6
	NOTE: PHP Bug: https://bugs.php.net/bug.php?id=78069
CVE-2019-11038 (When using the gdImageCreateFromXbm() function in the GD Graphics Libr ...)
	{DSA-4529-1 DLA-1817-1}
	- libgd2 2.2.5-5.2 (low; bug #929821)
	[stretch] - libgd2 2.2.4-2+deb9u5
	- php7.3 7.3.6-1 (unimportant)
	- php7.0 <removed> (unimportant)
	- php5 <removed> (unimportant)
	NOTE: Fixed in 7.1.30, 7.2.19, 7.3.6
	NOTE: PHP Bug: https://bugs.php.net/bug.php?id=77973
	NOTE: https://github.com/libgd/libgd/issues/501
	NOTE: https://github.com/libgd/libgd/commit/e13a342c079aeb73e31dfa19eaca119761bac3f3
CVE-2019-11037 (In PHP imagick extension in versions between 3.3.0 and 3.4.4, writing  ...)
	{DSA-4576-1}
	- php-imagick 3.4.3-4.1 (bug #928420)
	[jessie] - php-imagick <not-affected> (vulnerable code is not present)
	NOTE: https://bugs.php.net/bug.php?id=77791
	NOTE: https://github.com/mkoppanen/imagick/commits/bugfix_77791
	NOTE: Introduced by: https://github.com/mkoppanen/imagick/commit/a3cc177f8ed38937960e27765816e2f7a6de7391
	NOTE: Fixed by: https://github.com/Imagick/imagick/compare/d57a444766a321fa226266f51f1f42ee2cc29cc7...a827e4fd94aba346e919dc2ae8e8da2cec5a7445
CVE-2019-11036 (When processing certain files, PHP EXIF extension in versions 7.1.x be ...)
	{DSA-4529-1 DSA-4527-1 DLA-1803-1}
	- php7.3 7.3.6-1 (bug #928421)
	- php7.0 <removed>
	- php5 <removed>
	NOTE: Fixed in 7.1.29, 7.2.18, 7.3.5
	NOTE: PHP Bug: https://bugs.php.net/bug.php?id=77950
CVE-2019-11035 (When processing certain files, PHP EXIF extension in versions 7.1.x be ...)
	{DSA-4529-1 DLA-1803-1}
	- php7.3 7.3.4-1
	- php7.0 <removed>
	- php5 <removed>
	NOTE: Fixed in 7.1.28, 7.2.17, 7.3.4
	NOTE: PHP Bug: https://bugs.php.net/bug.php?id=77831
CVE-2019-11034 (When processing certain files, PHP EXIF extension in versions 7.1.x be ...)
	{DSA-4529-1 DLA-1803-1}
	- php7.3 7.3.4-1
	- php7.0 <removed>
	- php5 <removed>
	NOTE: Fixed in 7.1.28, 7.2.17, 7.3.4
	NOTE: PHP Bug: https://bugs.php.net/bug.php?id=77753
CVE-2019-11033 (Applaud HCM 4.0.42+ uses HTML tag fields for HTML inputs in a form. Th ...)
	NOT-FOR-US: Applaud HCM
CVE-2019-11032 (In EasyToRecruit (E2R) before 2.11, the upload feature and the Candida ...)
	NOT-FOR-US: EasyToRecruit
CVE-2019-11031 (Mirasys VMS before V7.6.1 and 8.x before V8.3.2 mishandles the auto-up ...)
	NOT-FOR-US: Mirasys VMS
CVE-2019-11030 (Mirasys VMS before V7.6.1 and 8.x before V8.3.2 mishandles the Mirasys ...)
	NOT-FOR-US: Mirasys VMS
CVE-2019-11029 (Mirasys VMS before V7.6.1 and 8.x before V8.3.2 mishandles the Downloa ...)
	NOT-FOR-US: Mirasys VMS
CVE-2019-11028 (GAT-Ship Web Module before 1.40 suffers from a vulnerability allowing  ...)
	NOT-FOR-US: GAT-Ship Web Module
CVE-2019-11027 (Ruby OpenID (aka ruby-openid) through 2.8.0 has a remotely exploitable ...)
	{DLA-1956-1}
	- ruby-openid 2.9.2debian-1 (bug #930388)
	[buster] - ruby-openid <no-dsa> (Minor issue)
	[stretch] - ruby-openid <no-dsa> (Minor issue)
	NOTE: https://github.com/openid/ruby-openid/issues/122
	NOTE: https://github.com/openid/ruby-openid/issues/122#issuecomment-520304211
	NOTE: https://github.com/openid/ruby-openid/commit/8a4c31a6740a949cdc29d956c276ba3c4021dfa8
	NOTE: https://github.com/openid/ruby-openid/commit/f526132c6cb5d9195351c16ed36dced4ca3db496
CVE-2019-11026 (FontInfoScanner::scanFonts in FontInfo.cc in Poppler 0.75.0 has infini ...)
	[experimental] - poppler 0.81.0-1
	- poppler <unfixed> (low; bug #926721)
	[buster] - poppler <ignored> (Minor issue)
	[stretch] - poppler <ignored> (Minor issue)
	[jessie] - poppler <ignored> (Minor issue)
	NOTE: https://gitlab.freedesktop.org/poppler/poppler/issues/752
	NOTE: https://gitlab.freedesktop.org/poppler/poppler/commit/8051f678b3b43326e5fdfd7c03f39de21059f426
CVE-2019-11025 (In clearFilter() in utilities.php in Cacti before 1.2.3, no escaping o ...)
	{DLA-1757-1}
	- cacti 1.2.2+ds1-2 (low; bug #926700)
	[stretch] - cacti <no-dsa> (Minor issue)
	NOTE: https://github.com/Cacti/cacti/issues/2581
CVE-2019-11024 (The load_pnm function in frompnm.c in libsixel.a in libsixel 1.8.2 has ...)
	- libsixel 1.8.6-1 (unimportant)
	NOTE: https://github.com/saitoha/libsixel/issues/85
	NOTE: Negligible security impact
CVE-2019-11023 (The agroot() function in cgraph\obj.c in libcgraph.a in Graphviz 2.39. ...)
	- graphviz <unfixed> (unimportant; bug #926724)
	NOTE: https://gitlab.com/graphviz/graphviz/issues/1517
	NOTE: https://gitlab.com/graphviz/graphviz/commit/839085f8026afd6f6920a0c31ad2a9d880d97932
	NOTE: Crash in CLI tool, no security impact
CVE-2019-11022
	RESERVED
CVE-2019-11021 (** DISPUTED ** admin/app/mediamanager in Schlix CMS 2.1.8-7 allows Aut ...)
	NOT-FOR-US: Schlix CMS
CVE-2019-11020 (Lack of authentication in file-viewing components in DDRT Dashcom Live ...)
	NOT-FOR-US: DDRT Dashcom
CVE-2019-11019 (Lack of authentication in case-exporting components in DDRT Dashcom Li ...)
	NOT-FOR-US: DDRT Dashcom
CVE-2019-11018 (application\admin\controller\User.php in ThinkAdmin V4.0 does not prev ...)
	NOT-FOR-US: ThinkAdmin
CVE-2019-11017 (On D-Link DI-524 V2.06RU devices, multiple Stored and Reflected XSS vu ...)
	NOT-FOR-US: D-Link
CVE-2019-11016 (Elgg before 1.12.18 and 2.3.x before 2.3.11 has an open redirect. ...)
	NOT-FOR-US: Elgg
CVE-2019-11015 (A vulnerability was found in the MIUI OS version 10.1.3.0 that allows  ...)
	NOT-FOR-US: MIUI OS
CVE-2019-11014 (The VStarCam vstc.vscam.client library and vstc.vscam shared object, a ...)
	NOT-FOR-US: VStarCam
CVE-2019-11013 (Nimble Streamer 3.0.2-2 through 3.5.4-9 has a ../ directory traversal  ...)
	NOT-FOR-US: Nimble Streamer
CVE-2019-11012
	RESERVED
CVE-2019-11011 (Akamai CloudTest before 58.30 allows remote code execution. ...)
	NOT-FOR-US: Akamai CloudTest
CVE-2019-11010 (In GraphicsMagick 1.4 snapshot-20190322 Q8, there is a memory leak in  ...)
	{DLA-1755-1}
	- graphicsmagick 1.4~hg15968-1 (bug #927029)
	[stretch] - graphicsmagick 1.3.30+hg15796-1~deb9u3
	NOTE: http://hg.graphicsmagick.org/hg/GraphicsMagick/rev/a348d9661019
	NOTE: https://sourceforge.net/p/graphicsmagick/bugs/601/
CVE-2019-11009 (In GraphicsMagick 1.4 snapshot-20190322 Q8, there is a heap-based buff ...)
	{DLA-1755-1}
	- graphicsmagick 1.4~hg15968-1 (bug #927029)
	[stretch] - graphicsmagick 1.3.30+hg15796-1~deb9u3
	NOTE: http://hg.graphicsmagick.org/hg/GraphicsMagick/rev/7cff2b1792de
	NOTE: https://sourceforge.net/p/graphicsmagick/bugs/597/
CVE-2019-11008 (In GraphicsMagick 1.4 snapshot-20190322 Q8, there is a heap-based buff ...)
	{DLA-1755-1}
	- graphicsmagick 1.4~hg15968-1 (bug #927029)
	[stretch] - graphicsmagick 1.3.30+hg15796-1~deb9u3
	NOTE: http://hg.graphicsmagick.org/hg/GraphicsMagick/rev/d823d23a474b
	NOTE: https://sourceforge.net/p/graphicsmagick/bugs/599/
CVE-2019-11007 (In GraphicsMagick 1.4 snapshot-20190322 Q8, there is a heap-based buff ...)
	{DLA-1755-1}
	- graphicsmagick 1.4~hg15968-1 (bug #927029)
	[stretch] - graphicsmagick 1.3.30+hg15796-1~deb9u3
	NOTE: http://hg.graphicsmagick.org/hg/GraphicsMagick/rev/40fc71472b98
	NOTE: http://hg.graphicsmagick.org/hg/GraphicsMagick/rev/86a9295e7c83
	NOTE: https://sourceforge.net/p/graphicsmagick/bugs/596/
CVE-2019-11006 (In GraphicsMagick 1.4 snapshot-20190322 Q8, there is a heap-based buff ...)
	{DLA-1755-1}
	- graphicsmagick 1.4~hg15968-1 (bug #927029)
	[stretch] - graphicsmagick 1.3.30+hg15796-1~deb9u3
	NOTE: http://hg.graphicsmagick.org/hg/GraphicsMagick/rev/f7610c1281c1
	NOTE: https://sourceforge.net/p/graphicsmagick/bugs/598/
CVE-2019-11005 (In GraphicsMagick 1.4 snapshot-20190322 Q8, there is a stack-based buf ...)
	- graphicsmagick 1.4~hg15968-1 (bug #927029)
	[stretch] - graphicsmagick 1.3.30+hg15796-1~deb9u3
	[jessie] - graphicsmagick <not-affected> (The vulnerable code is not present)
	NOTE: http://hg.graphicsmagick.org/hg/GraphicsMagick/rev/b6fb77d7d54d
	NOTE: https://sourceforge.net/p/graphicsmagick/bugs/600/
CVE-2019-11004 (In Materialize through 1.0.0, XSS is possible via the Toast feature. ...)
	NOT-FOR-US: Materialize
CVE-2019-11003 (In Materialize through 1.0.0, XSS is possible via the Autocomplete fea ...)
	NOT-FOR-US: Materialize
CVE-2019-11002 (In Materialize through 1.0.0, XSS is possible via the Tooltip feature. ...)
	NOT-FOR-US: Materialize
CVE-2019-11001 (On Reolink RLC-410W, C1 Pro, C2 Pro, RLC-422W, and RLC-511W devices th ...)
	NOT-FOR-US: Reolink devices
CVE-2019-11000 (An issue was discovered in GitLab Enterprise Edition before 11.7.11, 1 ...)
	- gitlab <not-affected> (Only affects Gitlab EE)
	NOTE: https://about.gitlab.com/2019/04/10/critical-security-release-gitlab-11-dot-9-dot-7-released/
CVE-2019-10999 (The D-Link DCS series of Wi-Fi cameras contains a stack-based buffer o ...)
	NOT-FOR-US: D-Link
CVE-2019-10998 (An issue was discovered on Phoenix Contact AXC F 2152 (No.2404267) bef ...)
	NOT-FOR-US: Phoenix Contact
CVE-2019-10997 (An issue was discovered on Phoenix Contact AXC F 2152 (No.2404267) bef ...)
	NOT-FOR-US: Phoenix Contact
CVE-2019-10996 (Red Lion Controls Crimson, version 3.0 and prior and version 3.1 prior ...)
	NOT-FOR-US: Red Lion Controls Crimson
CVE-2019-10995 (ABB CP651 HMI products revision BSP UN30 v1.76 and prior implement hid ...)
	NOT-FOR-US: ABB CP651 HMI products
CVE-2019-10994 (Processing a specially crafted project file in LAquis SCADA 4.3.1.71 m ...)
	NOT-FOR-US: LAquis SCADA
CVE-2019-10993 (In WebAccess/SCADA Versions 8.3.5 and prior, multiple untrusted pointe ...)
	NOT-FOR-US: WebAccess/SCADA
CVE-2019-10992 (Delta Electronics CNCSoft ScreenEditor, Versions 1.00.89 and prior. Mu ...)
	NOT-FOR-US: Delta Electronics CNCSoft ScreenEditor
CVE-2019-10991 (In WebAccess/SCADA, Versions 8.3.5 and prior, multiple stack-based buf ...)
	NOT-FOR-US: WebAccess/SCADA
CVE-2019-10990 (Red Lion Controls Crimson, version 3.0 and prior and version 3.1 prior ...)
	NOT-FOR-US: Red Lion Controls Crimson
CVE-2019-10989 (In WebAccess/SCADA Versions 8.3.5 and prior, multiple heap-based buffe ...)
	NOT-FOR-US: WebAccess/SCADA
CVE-2019-10988 (In Philips HDI 4000 Ultrasound Systems, all versions running on old, u ...)
	NOT-FOR-US: Philips HDI 4000 Ultrasound Systems
CVE-2019-10987 (In WebAccess/SCADA Versions 8.3.5 and prior, multiple out-of-bounds wr ...)
	NOT-FOR-US: WebAccess/SCADA
CVE-2019-10986
	RESERVED
CVE-2019-10985 (In WebAccess/SCADA, Versions 8.3.5 and prior, a path traversal vulnera ...)
	NOT-FOR-US: WebAccess/SCADA
CVE-2019-10984 (Red Lion Controls Crimson, version 3.0 and prior and version 3.1 prior ...)
	NOT-FOR-US: Red Lion Controls Crimson
CVE-2019-10983 (In WebAccess/SCADA Versions 8.3.5 and prior, an out-of-bounds read vul ...)
	NOT-FOR-US: WebAccess/SCADA
CVE-2019-10982 (Delta Electronics CNCSoft ScreenEditor, Versions 1.00.89 and prior. Mu ...)
	NOT-FOR-US: Delta Electronics CNCSoft ScreenEditor
CVE-2019-10981 (In Vijeo Citect 7.30 and 7.40, and CitectSCADA 7.30 and 7.40, a vulner ...)
	NOT-FOR-US: AVEVA
CVE-2019-10980 (A type confusion vulnerability may be exploited when LAquis SCADA 4.3. ...)
	NOT-FOR-US: LAquis SCADA
CVE-2019-10979 (SICK MSC800 all versions prior to Version 4.0, the affected firmware v ...)
	NOT-FOR-US: SICK MSC800
CVE-2019-10978 (Red Lion Controls Crimson, version 3.0 and prior and version 3.1 prior ...)
	NOT-FOR-US: Red Lion Controls Crimson
CVE-2019-10977 (In Mitsubishi Electric MELSEC-Q series Ethernet module QJ71E71-100 ser ...)
	NOT-FOR-US: Mitsubishi
CVE-2019-10976 (Mitsubishi Electric FR Configurator2, Version 1.16S and prior. This vu ...)
	NOT-FOR-US: Mitsubishi Electric FR Configurator2
CVE-2019-10975 (An out-of-bounds read vulnerability has been identified in Fuji Electr ...)
	NOT-FOR-US: Fuji Electric
CVE-2019-10974 (NREL EnergyPlus, Versions 8.6.0 and possibly prior versions, The appli ...)
	NOT-FOR-US: NREL EnergyPlus
CVE-2019-10973 (Quest KACE, all versions prior to version 8.0.x, 8.1.x, and 9.0.x, all ...)
	NOT-FOR-US: Quest KACE
CVE-2019-10972 (Mitsubishi Electric FR Configurator2, Version 1.16S and prior. This vu ...)
	NOT-FOR-US: Mitsubishi Electric FR Configurator2
CVE-2019-10971 (The application (Network Configurator for DeviceNet Safety 3.41 and pr ...)
	NOT-FOR-US: Omron
CVE-2019-10970 (In Rockwell Automation PanelView 5510 (all versions manufactured befor ...)
	NOT-FOR-US: Rockwell Automation PanelView
CVE-2019-10969 (Moxa EDR 810, all versions 5.1 and prior, allows an authenticated atta ...)
	NOT-FOR-US: Moxa
CVE-2019-10968 (Philips Holter 2010 Plus, all versions. A vulnerability has been ident ...)
	NOT-FOR-US: Philips Holter 2010 Plus
CVE-2019-10967 (In Emerson Ovation OCR400 Controller 3.3.1 and earlier, a stack-based  ...)
	NOT-FOR-US: Emerson
CVE-2019-10966 (In GE Aestiva and Aespire versions 7100 and 7900, a vulnerability exis ...)
	NOT-FOR-US: GE Aestiva and Aespire
CVE-2019-10965 (In Emerson Ovation OCR400 Controller 3.3.1 and earlier, a heap-based b ...)
	NOT-FOR-US: Emerson
CVE-2019-10964 (In Medtronic MinMed 508 and Medtronic Minimed Paradigm Insulin Pumps,  ...)
	NOT-FOR-US: Medtronic
CVE-2019-10963 (Moxa EDR 810, all versions 5.1 and prior, allows an unauthenticated at ...)
	NOT-FOR-US: Moxa
CVE-2019-10962 (BD Alaris Gateway versions, 1.0.13,1.1.3 Build 10,1.1.3 MR Build 11,1. ...)
	NOT-FOR-US: BD Alaris Gateway
CVE-2019-10961 (In Advantech WebAccess HMI Designer Version 2.1.9.23 and prior, proces ...)
	NOT-FOR-US: Advantech WebAccess HMI Designer
CVE-2019-10960 (Zebra Industrial Printers All Versions, Zebra printers are shipped wit ...)
	NOT-FOR-US: Zebra Industrial Printers
CVE-2019-10959 (BD Alaris Gateway Workstation Versions, 1.1.3 Build 10, 1.1.3 MR Build ...)
	NOT-FOR-US: BD Alaris Gateway
CVE-2019-10958 (Geutebruck IP Cameras G-Code(EEC-2xxx), G-Cam(EBC-21xx/EFD-22xx/ETHC-2 ...)
	NOT-FOR-US: Geutebruck IP Cameras
CVE-2019-10957 (Geutebruck IP Cameras G-Code(EEC-2xxx), G-Cam(EBC-21xx/EFD-22xx/ETHC-2 ...)
	NOT-FOR-US: Geutebruck IP Cameras
CVE-2019-10956 (Geutebruck IP Cameras G-Code(EEC-2xxx), G-Cam(EBC-21xx/EFD-22xx/ETHC-2 ...)
	NOT-FOR-US: Geutebruck IP Cameras
CVE-2019-10955 (In Rockwell Automation MicroLogix 1400 Controllers Series A, All Versi ...)
	NOT-FOR-US: Rockwell Automation
CVE-2019-10954 (An attacker could send crafted SMTP packets to cause a denial-of-servi ...)
	NOT-FOR-US: Rockwell Automation
CVE-2019-10953 (ABB, Phoenix Contact, Schneider Electric, Siemens, WAGO - Programmable ...)
	NOT-FOR-US: Programmable Logic Controllers of various vendors
CVE-2019-10952 (An attacker could send a crafted HTTP/HTTPS request to render the web  ...)
	NOT-FOR-US: Rockwell Automation
CVE-2019-10951 (Delta Industrial Automation CNCSoft, CNCSoft ScreenEditor Version 1.00 ...)
	NOT-FOR-US: Delta Electronics
CVE-2019-10950 (Fujifilm FCR Capsula X/ Carbon X/ FCR XC-2, model versions CR-IR 357 F ...)
	NOT-FOR-US: Fujifilm
CVE-2019-10949 (Delta Industrial Automation CNCSoft, CNCSoft ScreenEditor Version 1.00 ...)
	NOT-FOR-US: Delta Electronics
CVE-2019-10948 (Fujifilm FCR Capsula X/ Carbon X/ FCR XC-2, model versions CR-IR 357 F ...)
	NOT-FOR-US: Fujifilm
CVE-2019-10947 (Delta Industrial Automation CNCSoft, CNCSoft ScreenEditor Version 1.00 ...)
	NOT-FOR-US: Delta Electronics
CVE-2019-10946 (An issue was discovered in Joomla! before 3.9.5. The "refresh list of  ...)
	NOT-FOR-US: Joomla!
CVE-2019-10945 (An issue was discovered in Joomla! before 3.9.5. The Media Manager com ...)
	NOT-FOR-US: Joomla!
CVE-2019-10944
	RESERVED
CVE-2019-10943 (A vulnerability has been identified in SIMATIC ET 200SP Open Controlle ...)
	NOT-FOR-US: Siemens
CVE-2019-10942 (A vulnerability has been identified in SCALANCE X-200 (All versions),  ...)
	NOT-FOR-US: Siemens
CVE-2019-10941
	RESERVED
CVE-2019-10940 (A vulnerability has been identified in SINEMA Server (All versions &lt ...)
	NOT-FOR-US: Siemens
CVE-2019-10939
	RESERVED
CVE-2019-10938 (A vulnerability has been identified in SIPROTEC 5 devices with CPU var ...)
	NOT-FOR-US: Ethernet plug-in communication modules for SIPROTEC 5 devices
CVE-2019-10937 (A vulnerability has been identified in SIMATIC TDC CP51M1 (All version ...)
	NOT-FOR-US: SIMATIC TDC CP51M1
CVE-2019-10936 (A vulnerability has been identified in Development/Evaluation Kits for ...)
	NOT-FOR-US: Siemens
CVE-2019-10935 (A vulnerability has been identified in SIMATIC PCS 7 V8.0 and earlier  ...)
	NOT-FOR-US: Siemens
CVE-2019-10934 (A vulnerability has been identified in TIA Portal V14 (All versions),  ...)
	NOT-FOR-US: Siemens
CVE-2019-10933 (A vulnerability has been identified in Spectrum Power 3 (Corporate Use ...)
	NOT-FOR-US: Siemens
CVE-2019-10932
	RESERVED
CVE-2019-10931 (A vulnerability has been identified in All other SIPROTEC 5 device typ ...)
	NOT-FOR-US: Siemens
CVE-2019-10930 (A vulnerability has been identified in All other SIPROTEC 5 device typ ...)
	NOT-FOR-US: Siemens
CVE-2019-10929 (A vulnerability has been identified in SIMATIC CP 1626 (All versions), ...)
	NOT-FOR-US: Siemens
CVE-2019-10928 (A vulnerability has been identified in SCALANCE SC-600 (V2.0). An auth ...)
	NOT-FOR-US: Siemens
CVE-2019-10927 (A vulnerability has been identified in SCALANCE SC-600 (V2.0), SCALANC ...)
	NOT-FOR-US: Siemens
CVE-2019-10926 (A vulnerability has been identified in SIMATIC Ident MV420 family (All ...)
	NOT-FOR-US: Siemens
CVE-2019-10925 (A vulnerability has been identified in SIMATIC Ident MV420 family (All ...)
	NOT-FOR-US: Siemens
CVE-2019-10924 (A vulnerability has been identified in LOGO! Soft Comfort (All version ...)
	NOT-FOR-US: Siemens
CVE-2019-10923 (A vulnerability has been identified in CP1604 (All versions &lt; V2.8) ...)
	NOT-FOR-US: Siemens
CVE-2019-10922 (A vulnerability has been identified in SIMATIC PCS 7 V8.0 and earlier  ...)
	NOT-FOR-US: Siemens
CVE-2019-10921 (A vulnerability has been identified in LOGO!8 BM (All versions). Unenc ...)
	NOT-FOR-US: Siemens
CVE-2019-10920 (A vulnerability has been identified in LOGO!8 BM (All versions). Proje ...)
	NOT-FOR-US: Siemens
CVE-2019-10919 (A vulnerability has been identified in LOGO!8 BM (All versions). Attac ...)
	NOT-FOR-US: Siemens
CVE-2019-10918 (A vulnerability has been identified in SIMATIC PCS 7 V8.0 and earlier  ...)
	NOT-FOR-US: Siemens
CVE-2019-10917 (A vulnerability has been identified in SIMATIC PCS 7 V8.0 and earlier  ...)
	NOT-FOR-US: Siemens
CVE-2019-10916 (A vulnerability has been identified in SIMATIC PCS 7 V8.0 and earlier  ...)
	NOT-FOR-US: Siemens
CVE-2019-10915 (A vulnerability has been identified in TIA Administrator (All versions ...)
	NOT-FOR-US: Siemens
CVE-2019-10914 (pubRsaDecryptSignedElementExt in MatrixSSL 4.0.1 Open, as used in Insi ...)
	- matrixssl <removed>
	NOTE: https://bugs.chromium.org/p/project-zero/issues/detail?id=1785
	NOTE: https://github.com/matrixssl/matrixssl/issues/26
CVE-2019-10913 (In Symfony before 2.7.51, 2.8.x before 2.8.50, 3.x before 3.4.26, 4.x  ...)
	{DSA-4441-1 DLA-1778-1}
	- symfony 3.4.22+dfsg-2
	NOTE: https://symfony.com/blog/cve-2019-10913-reject-invalid-http-method-overrides
CVE-2019-10912 (In Symfony before 2.8.50, 3.x before 3.4.26, 4.x before 4.1.12, and 4. ...)
	{DSA-4441-1}
	- symfony 3.4.22+dfsg-2
	[jessie] - symfony <not-affected> (vulnerable code is not present)
	NOTE: https://symfony.com/blog/cve-2019-10912-prevent-destructors-with-side-effects-from-being-unserialized
CVE-2019-10911 (In Symfony before 2.7.51, 2.8.x before 2.8.50, 3.x before 3.4.26, 4.x  ...)
	{DSA-4441-1 DLA-1778-1}
	- drupal7 <not-affected> (Drupal 7 core not affected)
	- symfony 3.4.22+dfsg-2
	NOTE: https://www.drupal.org/SA-CORE-2019-005
	NOTE: https://symfony.com/blog/cve-2019-10911-add-a-separator-in-the-remember-me-cookie-hash
CVE-2019-10910 (In Symfony before 2.7.51, 2.8.x before 2.8.50, 3.x before 3.4.26, 4.x  ...)
	{DSA-4441-1 DLA-1778-1}
	- drupal7 <not-affected> (Drupal 7 core not affected)
	- symfony 3.4.22+dfsg-2
	NOTE: https://www.drupal.org/SA-CORE-2019-005
	NOTE: https://symfony.com/blog/cve-2019-10910-check-service-ids-are-valid
CVE-2019-10909 (In Symfony before 2.7.51, 2.8.x before 2.8.50, 3.x before 3.4.26, 4.x  ...)
	{DSA-4441-1 DLA-1778-1}
	- drupal7 <not-affected> (Drupal 7 core not affected)
	- symfony 3.4.22+dfsg-2
	NOTE: https://www.drupal.org/SA-CORE-2019-005
	NOTE: https://symfony.com/blog/cve-2019-10909-escape-validation-messages-in-the-php-templating-engine
CVE-2019-10908 (In Airsonic 10.2.1, RecoverController.java generates passwords via org ...)
	NOT-FOR-US: Airsonic
CVE-2019-10907 (Airsonic 10.2.1 uses Spring's default remember-me mechanism based on M ...)
	NOT-FOR-US: Airsonic
CVE-2019-10906 (In Pallets Jinja before 2.10.1, str.format_map allows a sandbox escape ...)
	- jinja2 2.10-2 (bug #926602)
	[stretch] - jinja2 <no-dsa> (Minor issue)
	[jessie] - jinja2 <no-dsa> (Minor issue)
	NOTE: https://palletsprojects.com/blog/jinja-2-10-1-released/
	NOTE: https://github.com/pallets/jinja/commit/a2a6c930bcca591a25d2b316fcfd2d6793897b26
CVE-2019-10905 (Parsedown before 1.7.2, when safe mode is used and HTML markup is disa ...)
	NOT-FOR-US: Parsedown
CVE-2019-10904 (Roundup 1.6 allows XSS via the URI because frontends/roundup.cgi and r ...)
	{DLA-1750-1}
	- roundup <removed> (bug #926587)
	NOTE: https://github.com/python/bugs.python.org/issues/34
	NOTE: https://issues.roundup-tracker.org/issue2551035
	NOTE: https://bitbucket.org/python/roundup/commits/51682dc2cd7e28421d749117c25bec58f632ee5f
CVE-2019-10903 (In Wireshark 2.4.0 to 2.4.13, 2.6.0 to 2.6.7, and 3.0.0, the DCERPC SP ...)
	{DLA-1802-1}
	- wireshark 2.6.8-1 (low; bug #926718)
	[stretch] - wireshark <postponed> (Can be fixed along in next 2.6.x release)
	NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=15568
	NOTE: https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=eafdcfa4b6d5187a5326442a82608ab03d9dddcb
	NOTE: https://www.wireshark.org/security/wnpa-sec-2019-18.html
CVE-2019-10902 (In Wireshark 3.0.0, the TSDNS dissector could crash. This was addresse ...)
	- wireshark 2.6.8-1 (low; bug #926718)
	[stretch] - wireshark <postponed> (Can be fixed along in next 2.6.x release)
	[jessie] - wireshark <not-affected> (vulnerable code is not present)
	NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=15619
	NOTE: https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=95571f17d5e2de39735e62e5251583f930c06d51
	NOTE: https://www.wireshark.org/security/wnpa-sec-2019-16.html
CVE-2019-10901 (In Wireshark 2.4.0 to 2.4.13, 2.6.0 to 2.6.7, and 3.0.0, the LDSS diss ...)
	{DLA-1802-1}
	- wireshark 2.6.8-1 (low; bug #926718)
	[stretch] - wireshark <postponed> (Can be fixed along in next 2.6.x release)
	NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=15620
	NOTE: https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=cf801a25074f76dc3ae62d8ec53ace75f56ce2cd
	NOTE: https://www.wireshark.org/security/wnpa-sec-2019-17.html
CVE-2019-10900 (In Wireshark 3.0.0, the Rbm dissector could go into an infinite loop.  ...)
	- wireshark <not-affected> (Vulnerable code introduced later in 3.0.0)
	NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=15612
	NOTE: https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=26eee01f57f0a86fb375892c7937eac24ede4610
	NOTE: https://www.wireshark.org/security/wnpa-sec-2019-13.html
CVE-2019-10899 (In Wireshark 2.4.0 to 2.4.13, 2.6.0 to 2.6.7, and 3.0.0, the SRVLOC di ...)
	{DLA-1802-1}
	- wireshark 2.6.8-1 (low; bug #926718)
	[stretch] - wireshark <postponed> (Can be fixed along in next 2.6.x release)
	NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=15546
	NOTE: https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=b16fea2f175a3297edac118c8844c7987d31c1cb
	NOTE: https://www.wireshark.org/security/wnpa-sec-2019-10.html
CVE-2019-10898 (In Wireshark 3.0.0, the GSUP dissector could go into an infinite loop. ...)
	- wireshark <not-affected> (Vulnerable code introduced later; GSUP dissector introduced in 3.0.0)
	NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=15585
	NOTE: https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=f80b7d1b279fb6c13f640019a1bbc42b18bf7469
	NOTE: https://www.wireshark.org/security/wnpa-sec-2019-12.html
CVE-2019-10897 (In Wireshark 3.0.0, the IEEE 802.11 dissector could go into an infinit ...)
	- wireshark <not-affected> (Vulnerable code introduced in 3.0.0)
	NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=15553
	NOTE: https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=00d5e9e9fb377f52ab7696f25c1dbc011ef0244d
	NOTE: https://www.wireshark.org/security/wnpa-sec-2019-11.html
CVE-2019-10896 (In Wireshark 2.4.0 to 2.4.13, 2.6.0 to 2.6.7, and 3.0.0, the DOF disse ...)
	- wireshark 2.6.8-1 (low; bug #926718)
	[stretch] - wireshark <postponed> (Can be fixed along in next 2.6.x release)
	[jessie] - wireshark <not-affected> (vulnerable code is not present)
	NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=15617
	NOTE: https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=441b6d9071d6341e58dfe10719375489c5b8e3f0
	NOTE: https://www.wireshark.org/security/wnpa-sec-2019-15.html
CVE-2019-10895 (In Wireshark 2.4.0 to 2.4.13, 2.6.0 to 2.6.7, and 3.0.0, the NetScaler ...)
	{DLA-1802-1}
	- wireshark 2.6.8-1 (low; bug #926718)
	[stretch] - wireshark <postponed> (Can be fixed along in next 2.6.x release)
	NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=15497
	NOTE: https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=2fbbde780e5d5d82e31dca656217daf278cf62bb
	NOTE: https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=38680c4c69f9f4e0f39e29b66fe2b02d88eb629d
	NOTE: introduced bug: https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=1660f7437198113c0c90cec22daa6abcd3af22cc
	NOTE: https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=cab0cff6abdd7a5b5b0bfa4ee204eea951e129e9
	NOTE: https://www.wireshark.org/security/wnpa-sec-2019-09.html
CVE-2019-10894 (In Wireshark 2.4.0 to 2.4.13, 2.6.0 to 2.6.7, and 3.0.0, the GSS-API d ...)
	{DLA-1802-1}
	- wireshark 2.6.8-1 (low; bug #926718)
	[stretch] - wireshark <postponed> (Can be fixed along in next 2.6.x release)
	NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=15613
	NOTE: https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=b20e5d8aae2580e29c83ddaf0b6b2e640603e4aa
	NOTE: https://www.wireshark.org/security/wnpa-sec-2019-14.html
CVE-2019-10893 (CentOS-WebPanel.com (aka CWP) CentOS Web Panel 0.9.8.793 (Free/Open So ...)
	NOT-FOR-US: CentOS-WebPanel.com
CVE-2019-10892 (An issue was discovered in D-Link DIR-806 devices. There is a stack-ba ...)
	NOT-FOR-US: D-Link
CVE-2019-10891 (An issue was discovered in D-Link DIR-806 devices. There is a command  ...)
	NOT-FOR-US: D-Link
CVE-2019-10890
	RESERVED
CVE-2019-10889
	RESERVED
CVE-2019-10888 (A CSRF Issue that can add an admin user was discovered in UKcms v1.1.1 ...)
	NOT-FOR-US: UKcms
CVE-2019-10887 (A reflected HTML injection vulnerability on Salicru SLC-20-cube3(5) de ...)
	NOT-FOR-US: Salicru SLC-20-cube3(5) devices
CVE-2019-10886 (An incorrect access control exists in the Sony Photo Sharing Plus appl ...)
	NOT-FOR-US: Sony Photo Sharing Plus application
CVE-2019-10885 (An issue was discovered in Ivanti Workspace Control before 10.3.90.0.  ...)
	NOT-FOR-US: Ivanti Workspace Control
CVE-2019-10884 (Uniqkey Password Manager 1.14 contains a vulnerability because it fail ...)
	NOT-FOR-US: Uniqkey Password Manager
CVE-2019-10883 (Citrix SD-WAN Center 10.2.x before 10.2.1 and NetScaler SD-WAN Center  ...)
	NOT-FOR-US: Citrix
CVE-2019-10882 (The Netskope client service, v57 before 57.2.0.219 and v60 before 60.2 ...)
	NOT-FOR-US: Netskope
CVE-2019-10881
	RESERVED
CVE-2019-10880 (Within multiple XEROX products a vulnerability allows remote command e ...)
	NOT-FOR-US: XEROX
CVE-2019-10879 (In Teeworlds 0.7.2, there is an integer overflow in CDataFileReader::O ...)
	- teeworlds 0.7.2-4 (bug #927152)
	[jessie] - teeworlds <end-of-life> (Not supported in jessie LTS)
	NOTE: https://github.com/teeworlds/teeworlds/issues/2070
	NOTE: https://github.com/teeworlds/teeworlds/commit/4d529dcd2d01022e979ebfa0b91167dee37cdb8e
CVE-2019-10878 (In Teeworlds 0.7.2, there is a failed bounds check in CDataFileReader: ...)
	- teeworlds 0.7.2-5 (bug #927152)
	[jessie] - teeworlds <end-of-life> (Not supported in jessie LTS)
	NOTE: https://github.com/teeworlds/teeworlds/issues/2073
	NOTE: https://github.com/teeworlds/teeworlds/commit/e086f4b35b1adf7edc35b4ad332dc7ed1edc5988
	NOTE: https://github.com/teeworlds/teeworlds/commit/cc3d59ae706752956d6cb8acc4187c8398b61c5c
CVE-2019-10877 (In Teeworlds 0.7.2, there is an integer overflow in CMap::Load() in en ...)
	- teeworlds 0.7.2-4 (bug #927152)
	[jessie] - teeworlds <end-of-life> (Not supported in jessie LTS)
	NOTE: https://github.com/teeworlds/teeworlds/issues/2071
	NOTE: https://github.com/teeworlds/teeworlds/commit/d25869626a8cfbdd320929ba93ce73abed1402ce
	NOTE: https://github.com/teeworlds/teeworlds/commit/e086f4b35b1adf7edc35b4ad332dc7ed1edc5988
CVE-2019-10876 (An issue was discovered in OpenStack Neutron 11.x before 11.0.7, 12.x  ...)
	- neutron 2:13.0.2-15 (bug #926502)
	[stretch] - neutron <not-affected> (Vulnerable code introduced later; Around Pike Openstack release)
	[jessie] - neutron <not-affected> (Vulnerable code introduced later; Around Pike Openstack release)
	NOTE: https://bugs.launchpad.net/ossa/+bug/1813007
	NOTE: https://review.openstack.org/#/q/topic:bug/1813007
CVE-2019-10875 (A URL spoofing vulnerability was found in all international versions o ...)
	NOT-FOR-US: Xiaomi Mi browser
CVE-2019-10874 (Cross Site Request Forgery (CSRF) in the bolt/upload File Upload featu ...)
	NOT-FOR-US: Bolt CMS
CVE-2019-10873 (An issue was discovered in Poppler 0.74.0. There is a NULL pointer der ...)
	- poppler 0.71.0-4 (low; bug #926532)
	[stretch] - poppler <ignored> (Minor issue)
	[jessie] - poppler <not-affected> (vulnerable code is not present)
	NOTE: https://gitlab.freedesktop.org/poppler/poppler/issues/748
	NOTE: https://gitlab.freedesktop.org/poppler/poppler/commit/8dbe2e6c480405dab9347075cf4be626f90f1d05
CVE-2019-10872 (An issue was discovered in Poppler 0.74.0. There is a heap-based buffe ...)
	{DLA-1815-1}
	- poppler 0.71.0-5 (low; bug #926530)
	[stretch] - poppler <postponed> (Revisit when fixed upstream)
	NOTE: https://gitlab.freedesktop.org/poppler/poppler/issues/750
	NOTE: https://gitlab.freedesktop.org/poppler/poppler/commit/6a1580e84f492b5671d23be98192267bb73de250
CVE-2019-10871 (An issue was discovered in Poppler 0.74.0. There is a heap-based buffe ...)
	[experimental] - poppler 0.81.0-1
	- poppler <unfixed> (low; bug #926529)
	[buster] - poppler <postponed> (Revisit when fixed upstream)
	[stretch] - poppler <postponed> (Revisit when fixed upstream)
	[jessie] - poppler <postponed> (Revisit when fixed upstream)
	NOTE: https://gitlab.freedesktop.org/poppler/poppler/issues/751
	NOTE: https://gitlab.freedesktop.org/poppler/poppler/merge_requests/266 (rejected in favor of always enabling SPLASH_CMYK)
	NOTE: https://gitlab.freedesktop.org/poppler/poppler/merge_requests/341 (always enable SPLASH_CMYK)
CVE-2019-10870
	RESERVED
CVE-2019-10869 (Path Traversal and Unrestricted File Upload exists in the Ninja Forms  ...)
	NOT-FOR-US: Ninja Forms plugin for WordPress
CVE-2019-10867 (An issue was discovered in Pimcore before 5.7.1. An attacker with clas ...)
	NOT-FOR-US: Pimcore
CVE-2019-10866 (In the Form Maker plugin before 1.13.3 for WordPress, it's possible to ...)
	NOT-FOR-US: Form Maker plugin for WordPress
CVE-2019-10865
	RESERVED
CVE-2019-10864 (The WP Statistics plugin through 12.6.2 for WordPress has XSS, allowin ...)
	NOT-FOR-US: Wordpress plugin
CVE-2019-10863 (A command injection vulnerability exists in TeemIp versions before 2.4 ...)
	NOT-FOR-US: TeemIp IPAM
CVE-2019-10862
	RESERVED
CVE-2019-10861
	RESERVED
CVE-2019-10860
	RESERVED
CVE-2019-10859
	RESERVED
CVE-2019-10858
	RESERVED
CVE-2019-10857
	RESERVED
CVE-2019-10856 (In Jupyter Notebook before 5.7.8, an open redirect can occur via an em ...)
	- jupyter-notebook <not-affected> (Incomplete fix for CVE-2019-10255 not applied)
	NOTE: https://blog.jupyter.org/open-redirect-vulnerability-in-jupyter-jupyterhub-adf43583f1e4
	NOTE: https://github.com/jupyter/notebook/commit/979e0bd15e794ceb00cc63737fcd5fd9addc4a99
CVE-2019-10855 (Computrols CBAS 18.0.0 mishandles password hashes. The approach is MD5 ...)
	NOT-FOR-US: Computrols CBAS
CVE-2019-10854 (Computrols CBAS 18.0.0 allows Authenticated Command Injection. ...)
	NOT-FOR-US: Computrols CBAS
CVE-2019-10853 (Computrols CBAS 18.0.0 allows Authentication Bypass. ...)
	NOT-FOR-US: Computrols CBAS
CVE-2019-10852 (Computrols CBAS 18.0.0 allows Authenticated Blind SQL Injection via th ...)
	NOT-FOR-US: Computrols CBAS
CVE-2019-10851 (Computrols CBAS 18.0.0 has hard-coded encryption keys. ...)
	NOT-FOR-US: Computrols CBAS
CVE-2019-10850 (Computrols CBAS 18.0.0 has Default Credentials. ...)
	NOT-FOR-US: Computrols CBAS
CVE-2019-10849 (Computrols CBAS 18.0.0 allows unprotected Subversion (SVN) directory / ...)
	NOT-FOR-US: Computrols CBAS
CVE-2019-10848 (Computrols CBAS 18.0.0 allows Username Enumeration. ...)
	NOT-FOR-US: Computrols CBAS
CVE-2019-10847 (Computrols CBAS 18.0.0 allows Cross-Site Request Forgery. ...)
	NOT-FOR-US: Computrols CBAS
CVE-2019-10846 (Computrols CBAS 18.0.0 allows Unauthenticated Reflected Cross-Site Scr ...)
	NOT-FOR-US: Computrols CBAS
CVE-2019-10845 (An issue was discovered in Uniqkey Password Manager 1.14. When enterin ...)
	NOT-FOR-US: Uniqkey Password Manager
CVE-2019-10844 (nbla/logger.cpp in libnnabla.a in Sony Neural Network Libraries (aka n ...)
	NOT-FOR-US: Sony
CVE-2019-10843
	REJECTED
CVE-2019-10842 (Arbitrary code execution (via backdoor code) was discovered in bootstr ...)
	NOT-FOR-US: backdoored version of bootstrap-sass
CVE-2019-10841
	RESERVED
CVE-2019-10840
	RESERVED
CVE-2019-10839
	RESERVED
CVE-2019-10838
	RESERVED
CVE-2019-10837
	RESERVED
CVE-2019-10836
	RESERVED
CVE-2019-10835
	RESERVED
CVE-2019-10834
	RESERVED
CVE-2019-10833
	RESERVED
CVE-2019-10832
	RESERVED
CVE-2019-10831
	RESERVED
CVE-2019-10830
	RESERVED
CVE-2019-10829
	RESERVED
CVE-2019-10828
	RESERVED
CVE-2019-10827
	RESERVED
CVE-2019-10826
	RESERVED
CVE-2019-10825
	RESERVED
CVE-2019-10824
	RESERVED
CVE-2019-10823
	RESERVED
CVE-2019-10822
	RESERVED
CVE-2019-10821
	RESERVED
CVE-2019-10820
	RESERVED
CVE-2019-10819
	RESERVED
CVE-2019-10818
	RESERVED
CVE-2019-10817
	RESERVED
CVE-2019-10816
	RESERVED
CVE-2019-10815
	RESERVED
CVE-2019-10814
	RESERVED
CVE-2019-10813
	RESERVED
CVE-2019-10812
	RESERVED
CVE-2019-10811
	RESERVED
CVE-2019-10810
	RESERVED
CVE-2019-10809
	RESERVED
CVE-2019-10808 (utilitify prior to 1.0.3 allows modification of object properties. The ...)
	NOT-FOR-US: utilitify
CVE-2019-10807 (Blamer versions prior to 1.0.1 allows execution of arbitrary commands. ...)
	NOT-FOR-US: Node blamer
CVE-2019-10806 (vega-util prior to 1.13.1 allows manipulation of object prototype. The ...)
	NOT-FOR-US: Node vega-util
CVE-2019-10805 (valib through 2.0.0 allows Internal Property Tampering. A maliciously  ...)
	NOT-FOR-US: Node valib
CVE-2019-10804 (serial-number through 1.3.0 allows execution of arbritary commands. Th ...)
	NOT-FOR-US: Node serial-number
CVE-2019-10803 (push-dir through 0.4.1 allows execution of arbritary commands. Argumen ...)
	NOT-FOR-US: Node push-dir
CVE-2019-10802 (giting version prior to 0.0.8 allows execution of arbritary commands.  ...)
	NOT-FOR-US: Node giting
CVE-2019-10801 (enpeem through 2.2.0 allows execution of arbitrary commands. The "opti ...)
	NOT-FOR-US: Node enpeem
CVE-2019-10800
	RESERVED
CVE-2019-10799 (compile-sass prior to 1.0.5 allows execution of arbritary commands. Th ...)
	NOT-FOR-US: Node module compile-sass
CVE-2019-10798 (rdf-graph-array through 0.3.0-rc6 manipulation of JavaScript objects r ...)
	NOT-FOR-US: Node module rdf-graph-array
CVE-2019-10797 (Netty in WSO2 transport-http before v6.3.1 is vulnerable to HTTP Respo ...)
	NOT-FOR-US: WSO2
CVE-2019-10796 (rpi through 0.0.3 allows execution of arbritary commands. The variable ...)
	NOT-FOR-US: Node module rpi
CVE-2019-10795 (undefsafe before 2.0.3 is vulnerable to Prototype Pollution. The 'a' f ...)
	NOT-FOR-US: undefsafe
CVE-2019-10794 (All versions of component-flatten are vulnerable to Prototype Pollutio ...)
	NOT-FOR-US: Node module component-flatten
CVE-2019-10793 (dot-object before 2.1.3 is vulnerable to Prototype Pollution. The set  ...)
	NOT-FOR-US: Node module dot-object
CVE-2019-10792 (bodymen before 1.1.1 is vulnerable to Prototype Pollution. The handler ...)
	NOT-FOR-US: Node module bodymen
CVE-2019-10791 (promise-probe before 0.10.0 allows remote attackers to perform a comma ...)
	NOT-FOR-US: Node module promise-probe
CVE-2019-10790 (taffy through 2.6.2 allows attackers to forge adding additional proper ...)
	NOT-FOR-US: Node module taffy
CVE-2019-10789 (All versions of curling.js are vulnerable to Command Injection via the ...)
	NOT-FOR-US: curling.js
CVE-2019-10788 (im-metadata through 3.0.1 allows remote attackers to execute arbitrary ...)
	NOT-FOR-US: im-metadata node module
CVE-2019-10787 (im-resize through 2.3.2 allows remote attackers to execute arbitrary c ...)
	NOT-FOR-US: im-resize node module
CVE-2019-10786 (network-manager through 1.0.2 allows remote attackers to execute arbit ...)
	NOT-FOR-US: network-manager node module
CVE-2019-10785 (dojox is vulnerable to Cross-site Scripting in all versions before ver ...)
	{DLA-2127-1}
	- dojo 1.15.2+dfsg1-1 (bug #952771)
	[buster] - dojo <no-dsa> (Minor issue)
	NOTE: https://github.com/dojo/dojox/security/advisories/GHSA-pg97-ww7h-5mjr
	NOTE: https://snyk.io/vuln/SNYK-JS-DOJOX-548257
	NOTE: https://github.com/dojo/dojox/pull/315
CVE-2019-10784 (phppgadmin through 7.12.1 allows sensitive actions to be performed wit ...)
	- phppgadmin <unfixed> (bug #953945)
	[buster] - phppgadmin <no-dsa> (Minor issue)
	[stretch] - phppgadmin <no-dsa> (Minor issue)
	[jessie] - phppgadmin <no-dsa> (Minor issue)
	NOTE: https://snyk.io/vuln/SNYK-PHP-PHPPGADMINPHPPGADMIN-543885
	NOTE: https://github.com/phppgadmin/phppgadmin/issues/94
CVE-2019-10783 (All versions including 0.0.4 of lsof npm module are vulnerable to Comm ...)
	NOT-FOR-US: lsof node module
CVE-2019-10781 (In schema-inspector before 1.6.9, a maliciously crafted JavaScript obj ...)
	NOT-FOR-US: schema-inspector node module
CVE-2019-10780 (BibTeX-ruby before 5.1.0 allows shell command injection due to unsanit ...)
	NOT-FOR-US: BibTeX-ruby
CVE-2019-10779 (All versions of stroom:stroom-app before 5.5.12 and all versions of th ...)
	NOT-FOR-US: Stroom
CVE-2019-10778 (devcert-sanscache before 0.4.7 allows remote attackers to execute arbi ...)
	NOT-FOR-US: devcert-sanscache
CVE-2019-10777 (In aws-lambda versions prior to version 1.0.5, the "config.FunctioName ...)
	NOT-FOR-US: aws-lambda
CVE-2019-10776 (In "index.js" file line 240, the run command executes the git command  ...)
	NOT-FOR-US: git-diff-apply
CVE-2019-10775 (ecstatic have a denial of service vulnerability. Successful exploitati ...)
	- node-ecstatic <itp> (bug #910614)
CVE-2019-10774 (php-shellcommand versions before 1.6.1 have a command injection vulner ...)
	- php-shellcommand 1.6.1-1
	NOTE: https://snyk.io/vuln/SNYK-PHP-MIKEHAERTLPHPSHELLCOMMAND-538426
	NOTE: https://github.com/mikehaertl/php-shellcommand/commit/8d98d8536e05abafe76a491da87296d824939076
	NOTE: https://github.com/mikehaertl/php-shellcommand/issues/44
CVE-2019-10773 (In Yarn before 1.21.1, the package install functionality can be abused ...)
	- node-yarnpkg 1.21.1-1
	NOTE: https://github.com/yarnpkg/yarn/issues/7761#issuecomment-565493023
	NOTE: https://blog.daniel-ruf.de/critical-design-flaw-npm-pnpm-yarn/
	NOTE: https://github.com/yarnpkg/yarn/commit/039bafd74b7b1a88a53a54f8fa6fa872615e90e7
	NOTE: https://snyk.io/vuln/SNYK-JS-YARN-537806
CVE-2019-10772 (It is possible to bypass enshrined/svg-sanitize before 0.13.1 using th ...)
	NOT-FOR-US: svg-sanitize
CVE-2019-10771 (Characters in the GET url path are not properly escaped and can be ref ...)
	NOT-FOR-US: IOBroker
CVE-2019-10770 (All versions of io.ratpack:ratpack-core from 0.9.10 inclusive and befo ...)
	NOT-FOR-US: ratpack-core
CVE-2019-10769 (safer-eval is a npm package to sandbox the he evaluation of code used  ...)
	NOT-FOR-US: safer-eval Node module
CVE-2019-10768 (In AngularJS before 1.7.9 the function `merge()` could be tricked into ...)
	- angular.js 1.7.9-1 (bug #945249)
	[buster] - angular.js <no-dsa> (Minor issue; can be fixed via point release)
	[stretch] - angular.js <ignored> (Nodejs in stretch not covered by security support)
	[jessie] - angular.js <not-affected> (vulnerable code is not present, deep merging introduced later)
	NOTE: https://github.com/angular/angular.js/commit/add78e62004e80bb1e16ab2dfe224afa8e513bc3
	NOTE: https://snyk.io/vuln/SNYK-JS-ANGULAR-534884
CVE-2019-10767 (An attacker can include file contents from outside the `/adapter/xxx/` ...)
	NOT-FOR-US: ioBroker
CVE-2019-10766 (Pixie versions 1.0.x before 1.0.3, and 2.0.x before 2.0.2 allow SQL In ...)
	NOT-FOR-US: Pixie CMS
CVE-2019-10765 (iobroker.admin before 3.6.12 allows attacker to include file contents  ...)
	NOT-FOR-US: ioBroker
CVE-2019-10764 (In elliptic-php versions priot to 1.0.6, Timing attacks might be possi ...)
	NOT-FOR-US: elliptic-php
CVE-2019-10763 (pimcore/pimcore before 6.3.0 is vulnerable to SQL Injection. An attack ...)
	NOT-FOR-US: Pimcore
CVE-2019-10762 (columnQuote in medoo before 1.7.5 allows remote attackers to perform a ...)
	NOT-FOR-US: medoo
CVE-2019-10761
	RESERVED
CVE-2019-10760 (safer-eval before 1.3.2 are vulnerable to Arbitrary Code Execution. A  ...)
	NOT-FOR-US: safer-eval Node module
CVE-2019-10759 (safer-eval before 1.3.4 are vulnerable to Arbitrary Code Execution. A  ...)
	NOT-FOR-US: safer-eval Node module
CVE-2019-10758 (mongo-express before 0.54.0 is vulnerable to Remote Code Execution via ...)
	NOT-FOR-US: mongo-express
CVE-2019-10757 (knex.js versions before 0.19.5 are vulnerable to SQL Injection attack. ...)
	NOT-FOR-US: knex.js
CVE-2019-10756 (It is possible to inject JavaScript within node-red-dashboard versions ...)
	NOT-FOR-US: node-red-dashboard
CVE-2019-10755 (The SAML identifier generated within SAML2Utils.java was found to make ...)
	NOT-FOR-US: SAML2Utils.java
CVE-2019-10754 (Multiple classes used within Apereo CAS before release 6.1.0-RC5 makes ...)
	NOT-FOR-US: Apereo Central Authentication Service
CVE-2019-10753 (In all versions prior to version 3.9.6 for eclipse-wtp, all versions p ...)
	NOT-FOR-US: eclipse-wtp
CVE-2019-10752 (Sequelize, all versions prior to version 4.44.3 and 5.15.1, is vulnera ...)
	NOT-FOR-US: sequelize Node module
CVE-2019-10751 (All versions of the HTTPie package prior to version 1.0.3 are vulnerab ...)
	{DLA-1937-1}
	- httpie 1.0.3-1 (bug #940058)
	[buster] - httpie <no-dsa> (Minor issue)
	[stretch] - httpie <no-dsa> (Minor issue)
	NOTE: https://snyk.io/vuln/SNYK-PYTHON-HTTPIE-460107
	NOTE: https://github.com/jakubroztocil/httpie/commit/df36d6255df5793129b02ac82f1010171bd8a0a8
CVE-2019-10750 (deeply is vulnerable to Prototype Pollution in versions before 3.1.0.  ...)
	NOT-FOR-US: deeply
CVE-2019-10749 (sequelize before version 3.35.1 allows attackers to perform a SQL Inje ...)
	NOT-FOR-US: sequelize
CVE-2019-10748 (Sequelize all versions prior to 3.35.1, 4.44.3, and 5.8.11 are vulnera ...)
	NOT-FOR-US: sequelize
CVE-2019-10747 (set-value is vulnerable to Prototype Pollution in versions lower than  ...)
	[experimental] - node-set-value 3.0.1-1
	- node-set-value 0.4.0-2 (bug #941189)
	[buster] - node-set-value 0.4.0-1+deb10u1
	[stretch] - node-set-value <ignored> (Nodejs in stretch not covered by security support)
	NOTE: https://snyk.io/vuln/SNYK-JS-SETVALUE-450213
CVE-2019-10746 (mixin-deep is vulnerable to Prototype Pollution in versions before 1.3 ...)
	- node-mixin-deep 2.0.1-1 (bug #932500)
	[buster] - node-mixin-deep 1.1.3-3+deb10u1
	[stretch] - node-mixin-deep 1.1.3-1+deb9u1
	NOTE: https://snyk.io/vuln/SNYK-JS-MIXINDEEP-450212
	NOTE: https://github.com/jonschlinkert/mixin-deep/commit/8f464c8ce9761a8c9c2b3457eaeee9d404fa7af9
	NOTE: https://github.com/jonschlinkert/mixin-deep/issues/6
CVE-2019-10745 (assign-deep is vulnerable to Prototype Pollution in versions before 0. ...)
	NOT-FOR-US: Node assign-deep
CVE-2019-10744 (Versions of lodash lower than 4.17.12 are vulnerable to Prototype Poll ...)
	- node-lodash 4.17.15+dfsg-1 (bug #933079)
	[buster] - node-lodash 4.17.11+dfsg-2+deb10u1
	[stretch] - node-lodash <end-of-life> (Nodejs in stretch not covered by security support)
	[jessie] - node-lodash <end-of-life> (Nodejs in jessie not covered by security support)
	NOTE: https://snyk.io/vuln/SNYK-JS-LODASH-450202
	NOTE: https://github.com/lodash/lodash/issues/4348
	NOTE: https://github.com/lodash/lodash/pull/4336
CVE-2019-10743 (All versions of archiver allow attacker to perform a Zip Slip attack v ...)
	NOT-FOR-US: archiver
CVE-2019-10742 (Axios up to and including 0.18.0 allows attackers to cause a denial of ...)
	- node-axios 0.17.1+dfsg-2 (bug #928624)
	NOTE: https://app.snyk.io/vuln/SNYK-JS-AXIOS-174505
	NOTE: https://github.com/axios/axios/issues/1098
	NOTE: https://github.com/axios/axios/pull/1485
CVE-2019-10741 (K-9 Mail v5.600 can include the original quoted HTML code of a special ...)
	NOT-FOR-US: K-9 Mail
CVE-2019-10740 (In Roundcube Webmail before 1.3.10, an attacker in possession of S/MIM ...)
	- roundcube 1.3.10+dfsg.1-1 (bug #927713)
	[buster] - roundcube 1.3.10+dfsg.1-1~deb10u1
	[stretch] - roundcube <ignored> (Relies on php-crypt-gpg, not in stretch. Old version in 1.3 doesn't verify signature anyway)
	NOTE: https://github.com/roundcube/roundcubemail/issues/6638
	NOTE: https://github.com/roundcube/roundcubemail/commit/de25226d310de11f6a9eb0aa7ea1c90d82dc70d8 (release-1.3)
	NOTE: https://github.com/roundcube/roundcubemail/commit/8fe12e2fadac9b1ce212341ca3632f85781cfea4 (master)
CVE-2019-10739
	RESERVED
CVE-2019-10738
	RESERVED
CVE-2019-10737
	RESERVED
CVE-2019-10736
	RESERVED
CVE-2019-10735 (In Claws Mail 3.14.1, an attacker in possession of S/MIME or PGP encry ...)
	- claws-mail <unfixed> (low; bug #926705)
	[buster] - claws-mail <postponed> (Revisit when fixed upstream)
	[stretch] - claws-mail <postponed> (Revisit when fixed upstream)
	[jessie] - claws-mail <postponed> (Revisit when fixed upstream)
	NOTE: https://www.thewildbeast.co.uk/claws-mail/bugzilla/show_bug.cgi?id=4159
CVE-2019-10734 (In KDE Trojita 0.7, an attacker in possession of S/MIME or PGP encrypt ...)
	- trojita <itp> (bug #795701)
	NOTE: https://bugs.kde.org/show_bug.cgi?id=404697
CVE-2019-10733
	RESERVED
CVE-2019-10732 (In KDE KMail 5.2.3, an attacker in possession of S/MIME or PGP encrypt ...)
	{DLA-1825-1}
	- kf5-messagelib 4:19.08.3-1 (bug #926996)
	[buster] - kf5-messagelib <no-dsa> (Minor issue)
	[stretch] - kf5-messagelib <no-dsa> (Minor issue)
	- kdepim <removed>
	[stretch] - kdepim <no-dsa> (Minor issue)
	NOTE: https://bugs.kde.org/show_bug.cgi?id=404698
	NOTE: https://cgit.kde.org/messagelib.git/commit/?id=8f9b85b664be0987014c5d2485e706ab5a198e1b (v19.04.2)
CVE-2019-10731
	RESERVED
CVE-2019-10730
	RESERVED
CVE-2019-10729
	RESERVED
CVE-2019-10728
	RESERVED
CVE-2019-10727
	RESERVED
CVE-2019-10726
	RESERVED
CVE-2019-10725
	RESERVED
CVE-2019-10724 (There is a vulnerability with the Dolby DAX2 API system services in wh ...)
	NOT-FOR-US: Dolby
CVE-2019-10723 (An issue was discovered in PoDoFo 0.9.6. The PdfPagesTreeCache class i ...)
	- libpodofo <unfixed> (low; bug #926667)
	[buster] - libpodofo <no-dsa> (Minor issue)
	[stretch] - libpodofo <no-dsa> (Minor issue)
	[jessie] - libpodofo <postponed> (clean exception quit/DoS, low popcon)
	NOTE: https://sourceforge.net/p/podofo/tickets/46/
CVE-2019-1003099 (A missing permission check in Jenkins openid Plugin in the OpenIdSsoSe ...)
	NOT-FOR-US: Jenkins openid Plugin
CVE-2019-1003098 (A cross-site request forgery vulnerability in Jenkins openid Plugin in ...)
	NOT-FOR-US: Jenkins openid Plugin
CVE-2019-1003097 (Jenkins Crowd Integration Plugin stores credentials unencrypted in the ...)
	NOT-FOR-US: Jenkins Crowd Integration Plugin
CVE-2019-1003096 (Jenkins TestFairy Plugin stores credentials unencrypted in job config. ...)
	NOT-FOR-US: Jenkins TestFairy Plugin
CVE-2019-1003095 (Jenkins Perfecto Mobile Plugin stores credentials unencrypted in its g ...)
	NOT-FOR-US: Jenkins Perfecto Mobile Plugin
CVE-2019-1003094 (Jenkins Open STF Plugin stores credentials unencrypted in its global c ...)
	NOT-FOR-US: Jenkins Open STF Plugin
CVE-2019-1003093 (A missing permission check in Jenkins Nomad Plugin in the NomadCloud.D ...)
	NOT-FOR-US: Jenkins Nomad Plugin
CVE-2019-1003092 (A cross-site request forgery vulnerability in Jenkins Nomad Plugin in  ...)
	NOT-FOR-US: Jenkins Nomad Plugin
CVE-2019-1003091 (A missing permission check in Jenkins SOASTA CloudTest Plugin in the C ...)
	NOT-FOR-US: Jenkins SOASTA CloudTest Plugin
CVE-2019-1003090 (A cross-site request forgery vulnerability in Jenkins SOASTA CloudTest ...)
	NOT-FOR-US: Jenkins SOASTA CloudTest Plugin
CVE-2019-1003089 (Jenkins Upload to pgyer Plugin stores credentials unencrypted in job c ...)
	NOT-FOR-US: Jenkins Upload to pgyer Plugin
CVE-2019-1003088 (Jenkins Fabric Beta Publisher Plugin stores credentials unencrypted in ...)
	NOT-FOR-US: Jenkins Fabric Beta Publisher Plugin
CVE-2019-1003087 (A missing permission check in Jenkins Chef Sinatra Plugin in the ChefB ...)
	NOT-FOR-US: Jenkins Chef Sinatra Plugin
CVE-2019-1003086 (A cross-site request forgery vulnerability in Jenkins Chef Sinatra Plu ...)
	NOT-FOR-US: Jenkins plugin
CVE-2019-1003085 (A missing permission check in Jenkins Zephyr Enterprise Test Managemen ...)
	NOT-FOR-US: Jenkins plugin
CVE-2019-1003084 (A cross-site request forgery vulnerability in Jenkins Zephyr Enterpris ...)
	NOT-FOR-US: Jenkins plugin
CVE-2019-1003083 (A missing permission check in Jenkins Gearman Plugin in the GearmanPlu ...)
	NOT-FOR-US: Jenkins plugin
CVE-2019-1003082 (A cross-site request forgery vulnerability in Jenkins Gearman Plugin i ...)
	NOT-FOR-US: Jenkins plugin
CVE-2019-1003081 (A missing permission check in Jenkins OpenShift Deployer Plugin in the ...)
	NOT-FOR-US: Jenkins plugin
CVE-2019-1003080 (A cross-site request forgery vulnerability in Jenkins OpenShift Deploy ...)
	NOT-FOR-US: Jenkins plugin
CVE-2019-1003079 (A missing permission check in Jenkins VMware Lab Manager Slaves Plugin ...)
	NOT-FOR-US: Jenkins plugin
CVE-2019-1003078 (A cross-site request forgery vulnerability in Jenkins VMware Lab Manag ...)
	NOT-FOR-US: Jenkins plugin
CVE-2019-1003077 (A missing permission check in Jenkins Audit to Database Plugin in the  ...)
	NOT-FOR-US: Jenkins plugin
CVE-2019-1003076 (A cross-site request forgery vulnerability in Jenkins Audit to Databas ...)
	NOT-FOR-US: Jenkins plugin
CVE-2019-1003075 (Jenkins Audit to Database Plugin stores credentials unencrypted in its ...)
	NOT-FOR-US: Jenkins plugin
CVE-2019-1003074 (Jenkins Hyper.sh Commons Plugin stores credentials unencrypted in its  ...)
	NOT-FOR-US: Jenkins plugin
CVE-2019-1003073 (Jenkins VS Team Services Continuous Deployment Plugin stores credentia ...)
	NOT-FOR-US: Jenkins plugin
CVE-2019-1003072 (Jenkins WildFly Deployer Plugin stores credentials unencrypted in job  ...)
	NOT-FOR-US: Jenkins plugin
CVE-2019-1003071 (Jenkins OctopusDeploy Plugin stores credentials unencrypted in its glo ...)
	NOT-FOR-US: Jenkins plugin
CVE-2019-1003070 (Jenkins veracode-scanner Plugin stores credentials unencrypted in its  ...)
	NOT-FOR-US: Jenkins plugin
CVE-2019-1003069 (Jenkins Aqua Security Scanner Plugin stores credentials unencrypted in ...)
	NOT-FOR-US: Jenkins plugin
CVE-2019-1003068 (Jenkins VMware vRealize Automation Plugin stores credentials unencrypt ...)
	NOT-FOR-US: Jenkins plugin
CVE-2019-1003067 (Jenkins Trac Publisher Plugin stores credentials unencrypted in job co ...)
	NOT-FOR-US: Jenkins plugin
CVE-2019-1003066 (Jenkins Bugzilla Plugin stores credentials unencrypted in its global c ...)
	NOT-FOR-US: Jenkins plugin
CVE-2019-1003065 (Jenkins CloudShare Docker-Machine Plugin stores credentials unencrypte ...)
	NOT-FOR-US: Jenkins plugin
CVE-2019-1003064 (Jenkins aws-device-farm Plugin stores credentials unencrypted in its g ...)
	NOT-FOR-US: Jenkins plugin
CVE-2019-1003063 (Jenkins Amazon SNS Build Notifier Plugin stores credentials unencrypte ...)
	NOT-FOR-US: Jenkins plugin
CVE-2019-1003062 (Jenkins AWS CloudWatch Logs Publisher Plugin stores credentials unencr ...)
	NOT-FOR-US: Jenkins plugin
CVE-2019-1003061 (Jenkins jenkins-cloudformation-plugin Plugin stores credentials unencr ...)
	NOT-FOR-US: Jenkins plugin
CVE-2019-1003060 (Jenkins Official OWASP ZAP Plugin stores credentials unencrypted in it ...)
	NOT-FOR-US: Jenkins plugin
CVE-2019-1003059 (A missing permission check in Jenkins FTP publisher Plugin in the FTPP ...)
	NOT-FOR-US: Jenkins plugin
CVE-2019-1003058 (A cross-site request forgery vulnerability in Jenkins FTP publisher Pl ...)
	NOT-FOR-US: Jenkins plugin
CVE-2019-1003057 (Jenkins Bitbucket Approve Plugin stores credentials unencrypted in its ...)
	NOT-FOR-US: Jenkins plugin
CVE-2019-1003056 (Jenkins WebSphere Deployer Plugin stores credentials unencrypted in jo ...)
	NOT-FOR-US: Jenkins plugin
CVE-2019-1003055 (Jenkins FTP publisher Plugin stores credentials unencrypted in its glo ...)
	NOT-FOR-US: Jenkins plugin
CVE-2019-1003054 (Jenkins Jira Issue Updater Plugin stores credentials unencrypted in jo ...)
	NOT-FOR-US: Jenkins plugin
CVE-2019-1003053 (Jenkins HockeyApp Plugin stores credentials unencrypted in job config. ...)
	NOT-FOR-US: Jenkins plugin
CVE-2019-1003052 (Jenkins AWS Elastic Beanstalk Publisher Plugin stores credentials unen ...)
	NOT-FOR-US: Jenkins plugin
CVE-2019-1003051 (Jenkins IRC Plugin stores credentials unencrypted in its global config ...)
	NOT-FOR-US: Jenkins plugin
CVE-2019-10868 (In trytond/model/modelstorage.py in Tryton 4.2 before 4.2.21, 4.4 befo ...)
	{DSA-4426-1}
	- tryton-server 5.0.4-2
	[jessie] - tryton-server <not-affected> (vulnerable code is not present)
	NOTE: https://discuss.tryton.org/t/security-release-for-issue8189/1262
	NOTE: https://bugs.tryton.org/issue8189
	NOTE: https://hg.tryton.org/trytond/rev/f58bbfe0aefb
CVE-2019-10722
	RESERVED
CVE-2019-10721 (BlogEngine.NET 3.3.7.0 allows a Client Side URL Redirect via the Retur ...)
	NOT-FOR-US: BlogEngine.NET
CVE-2019-10720 (BlogEngine.NET 3.3.7.0 and earlier allows Directory Traversal and Remo ...)
	NOT-FOR-US: BlogEngine.NET
CVE-2019-10719 (BlogEngine.NET 3.3.7.0 and earlier allows Directory Traversal and Remo ...)
	NOT-FOR-US: BlogEngine.NET
CVE-2019-10718 (BlogEngine.NET 3.3.7.0 and earlier allows XML External Entity Blind In ...)
	NOT-FOR-US: BlogEngine.NET
CVE-2019-10717 (BlogEngine.NET 3.3.7.0 allows /api/filemanager Directory Traversal via ...)
	NOT-FOR-US: BlogEngine.NET
CVE-2019-10716 (An Information Disclosure issue in Verodin Director 3.5.3.1 and earlie ...)
	NOT-FOR-US: Verodin Director
CVE-2019-10715 (There is Stored XSS in Verodin Director 3.5.3.0 and earlier via input  ...)
	NOT-FOR-US: Verodin Director
CVE-2019-10714 (LocaleLowercase in MagickCore/locale.c in ImageMagick before 7.0.8-32  ...)
	- imagemagick <not-affected> (Vulnerable code introduced later)
	NOTE: https://github.com/ImageMagick/ImageMagick/issues/1495
	NOTE: ImageMagick6: https://github.com/ImageMagick/ImageMagick6/commit/aa6a769bd85f6750c26e53e53dcd8a2678745501
	NOTE: Issue introduced while fixing https://github.com/ImageMagick/ImageMagick/issues/1455
CVE-2019-10713
	RESERVED
CVE-2019-10712 (The Web-GUI on WAGO Series 750-88x (750-330, 750-352, 750-829, 750-831 ...)
	NOT-FOR-US: WAGO Series devices
CVE-2019-10711 (Incorrect access control in the RTSP stream and web portal on all IP c ...)
	NOT-FOR-US: IP cameras based on Hisilicon Hi3510 firmware
CVE-2019-10710 (Insecure permissions in the Web management portal on all IP cameras ba ...)
	NOT-FOR-US: IP cameras based on Hisilicon Hi3510 firmware
CVE-2019-10709 (AsusPTPFilter.sys on Asus Precision TouchPad 11.0.0.25 hardware has a  ...)
	NOT-FOR-US: Asus
CVE-2019-10708 (S-CMS PHP v1.0 has SQL injection via the 4/js/scms.php?action=unlike i ...)
	NOT-FOR-US: S-CMS PHP
CVE-2019-10707 (MKCMS V5.0 has SQL injection via the bplay.php play parameter. ...)
	NOT-FOR-US: MKCMS
CVE-2019-10706 (Western Digital SanDisk SanDisk X300, X300s, X400, and X600 devices: T ...)
	NOT-FOR-US: Western Digital
CVE-2019-10705 (Western Digital SanDisk X600 devices in certain configurations, a vuln ...)
	NOT-FOR-US: Western Digital
CVE-2019-10704
	RESERVED
CVE-2019-10703
	RESERVED
CVE-2019-10702
	RESERVED
CVE-2019-10701
	RESERVED
CVE-2019-10700
	RESERVED
CVE-2019-10699
	RESERVED
CVE-2019-10698
	RESERVED
CVE-2019-10697
	RESERVED
CVE-2019-10696
	RESERVED
CVE-2019-10695 (When using the cd4pe::root_configuration task to configure a Continuou ...)
	NOT-FOR-US: cd4pe Puppet module
CVE-2019-10694 (The express install, which is the suggested way to install Puppet Ente ...)
	NOT-FOR-US: Puppet Enterprise
CVE-2019-10693
	RESERVED
CVE-2019-10692 (In the wp-google-maps plugin before 7.11.18 for WordPress, includes/cl ...)
	NOT-FOR-US: wp-google-maps plugin for WordPress
CVE-2019-10691 (The JSON encoder in Dovecot before 2.3.5.2 allows attackers to repeate ...)
	- dovecot 1:2.3.4.1-4
	[stretch] - dovecot <not-affected> (Vulnerable code not present, introduced in 2.3)
	[jessie] - dovecot <not-affected> (Vulnerable code not present, introduced in 2.3)
	NOTE: https://www.openwall.com/lists/oss-security/2019/04/18/3
CVE-2019-10690
	RESERVED
CVE-2019-10689 (VVX products using UCS software version 5.9.2 and earlier with Better  ...)
	NOT-FOR-US: VVX products using UCS software
CVE-2019-10688 (VVX products with software versions including and prior to, UCS 5.9.2  ...)
	NOT-FOR-US: VVX products using UCS
CVE-2019-10687 (KBPublisher 6.0.2.1 has SQL Injection via the admin/index.php?module=r ...)
	NOT-FOR-US: KBPublisher
CVE-2019-10686 (An SSRF vulnerability was found in an API from Ctrip Apollo through 1. ...)
	NOT-FOR-US: Ctrip Apollo
CVE-2019-10685 (A Reflected Cross Site Scripting (XSS) Vulnerability was discovered in ...)
	NOT-FOR-US: Heidelberg Prinect Archiver
CVE-2019-10684 (Application/Admin/Controller/ConfigController.class.php in 74cms v5.0. ...)
	NOT-FOR-US: 74cms
CVE-2019-10683
	RESERVED
CVE-2019-10682 (django-nopassword before 5.0.0 stores cleartext secrets in the databas ...)
	NOT-FOR-US: django-nopassword
CVE-2019-10681
	RESERVED
CVE-2019-10680
	RESERVED
CVE-2019-10679
	RESERVED
CVE-2019-10678 (Domoticz before 4.10579 neglects to categorize \n and \r as insecure a ...)
	- domoticz <itp> (bug #899058)
CVE-2019-10677 (Multiple Cross-Site Scripting (XSS) issues in the web interface on DAS ...)
	NOT-FOR-US: DASAN
CVE-2019-10676 (An issue was discovered in Uniqkey Password Manager 1.14. Upon enterin ...)
	NOT-FOR-US: Uniqkey Password Manager
CVE-2019-10675
	REJECTED
CVE-2019-10674
	RESERVED
CVE-2019-10673 (A CSRF vulnerability in a logged-in user's profile edit form in the Ul ...)
	NOT-FOR-US: Ultimate Member plugin for WordPress
CVE-2019-10671 (An issue was discovered in LibreNMS through 1.47. It does not paramete ...)
	NOT-FOR-US: LibreNMS
CVE-2019-10670 (An issue was discovered in LibreNMS through 1.47. Many of the scripts  ...)
	NOT-FOR-US: LibreNMS
CVE-2019-10669 (An issue was discovered in LibreNMS through 1.47. There is a command i ...)
	NOT-FOR-US: LibreNMS
CVE-2019-10668 (An issue was discovered in LibreNMS through 1.47. A number of scripts  ...)
	NOT-FOR-US: LibreNMS
CVE-2019-10667 (An issue was discovered in LibreNMS through 1.47. Information disclosu ...)
	NOT-FOR-US: LibreNMS
CVE-2019-10666 (An issue was discovered in LibreNMS through 1.47. Several of the scrip ...)
	NOT-FOR-US: LibreNMS
CVE-2019-10665 (An issue was discovered in LibreNMS through 1.47. The scripts that han ...)
	NOT-FOR-US: LibreNMS
CVE-2019-10664 (Domoticz before 4.10578 allows SQL Injection via the idx parameter in  ...)
	- domoticz <itp> (bug #899058)
CVE-2019-10672 (treeRead in hdf/btree.c in libmysofa before 0.7 does not properly vali ...)
	- libmysofa 0.6~dfsg0-3 (bug #926125)
	NOTE: https://github.com/hoene/libmysofa/commit/d39a171e9c6a1c44dbdf43f9db6c3fbd887e38c1
CVE-2019-10663 (Grandstream UCM6204 before 1.0.19.20 devices allow remote authenticate ...)
	NOT-FOR-US: Grandstream
CVE-2019-10662 (Grandstream UCM6204 before 1.0.19.20 devices allow remote authenticate ...)
	NOT-FOR-US: Grandstream
CVE-2019-10661 (On Grandstream GXV3611IR_HD before 1.0.3.23 devices, the root account  ...)
	NOT-FOR-US: Grandstream
CVE-2019-10660 (Grandstream GXV3611IR_HD before 1.0.3.23 devices allow remote authenti ...)
	NOT-FOR-US: Grandstream
CVE-2019-10659 (Grandstream GXV3370 before 1.0.1.41 and WP820 before 1.0.3.6 devices a ...)
	NOT-FOR-US: Grandstream
CVE-2019-10658 (Grandstream GWN7610 before 1.0.8.18 devices allow remote authenticated ...)
	NOT-FOR-US: Grandstream
CVE-2019-10657 (Grandstream GWN7000 before 1.0.6.32 and GWN7610 before 1.0.8.18 device ...)
	NOT-FOR-US: Grandstream
CVE-2019-10656 (Grandstream GWN7000 before 1.0.6.32 devices allow remote authenticated ...)
	NOT-FOR-US: Grandstream
CVE-2019-10655 (Grandstream GAC2500 1.0.3.35, GXP2200 1.0.3.27, GVC3202 1.0.3.51, GXV3 ...)
	NOT-FOR-US: Grandstream
CVE-2019-10654 (The lzo1x_decompress function in liblzo2.so.2 in LZO 2.10, as used in  ...)
	- lrzip <unfixed> (unimportant)
	NOTE: https://github.com/ckolivas/lrzip/issues/108
	NOTE: Crash in CLI tool, no security impact
CVE-2019-10653 (An issue was discovered in Hsycms V1.1. There is a SQL injection vulne ...)
	NOT-FOR-US: Hsycms
CVE-2019-10652 (An issue was discovered in flatCore 1.4.7. acp/acp.php allows remote a ...)
	NOT-FOR-US: flatCore
CVE-2019-10651 (An issue was discovered in the Core Server in Ivanti Endpoint Manager  ...)
	NOT-FOR-US: Ivanti
CVE-2019-10650 (In ImageMagick 7.0.8-36 Q16, there is a heap-based buffer over-read in ...)
	{DSA-4436-1 DLA-1785-1}
	- imagemagick 8:6.9.10.23+dfsg-2.1 (bug #926091)
	NOTE: https://github.com/ImageMagick/ImageMagick/issues/1532
	NOTE: https://github.com/ImageMagick/ImageMagick6/commit/4800ae0dabdb3012f82820af946060c3ca9fdb87
	NOTE: https://github.com/ImageMagick/ImageMagick6/commit/d8d844c6f23f4d90d8fe893fe9225dd78fc1e6ef
CVE-2019-10649 (In ImageMagick 7.0.8-36 Q16, there is a memory leak in the function SV ...)
	- imagemagick <unfixed> (unimportant)
	NOTE: https://github.com/ImageMagick/ImageMagick/issues/1533
	NOTE: https://github.com/ImageMagick/ImageMagick/commit/d3ae9c19125c8704b4866381f7a064ca2cbdc006
	NOTE: ImageMagick6: https://github.com/ImageMagick/ImageMagick6/commit/e3417aebe17cbe274b7361aa92c83226ca5b646b
CVE-2019-10648 (Robocode through 1.9.3.5 allows remote attackers to cause external ser ...)
	- robocode 1.9.3.3-2 (low; bug #926088)
	[stretch] - robocode <no-dsa> (Minor issue)
	[jessie] - robocode <end-of-life> (games are not supported)
	NOTE: https://github.com/robo-code/robocode/commit/836c84635e982e74f2f2771b2c8640c3a34221bd#diff-0296a8f9d4a509789f4dc4f052d9c36f
	NOTE: https://sourceforge.net/p/robocode/bugs/406/
CVE-2019-10647 (ZZZCMS zzzphp v1.6.3 allows remote attackers to execute arbitrary PHP  ...)
	NOT-FOR-US: ZZZCMS zzzphp
CVE-2019-10646 (Wolf CMS v0.8.3.1 is affected by cross site scripting (XSS) in the mod ...)
	NOT-FOR-US: Wolf CMS
CVE-2019-10645
	RESERVED
CVE-2019-10644 (An issue was discovered in HYBBS 2.2. /?admin/user.html has a CSRF vul ...)
	NOT-FOR-US: HYBBS
CVE-2019-10643 (Contao 4.7 allows Use of a Key Past its Expiration Date. ...)
	NOT-FOR-US: Contao
CVE-2019-10642 (Contao 4.7 allows CSRF. ...)
	NOT-FOR-US: Contao
CVE-2019-10641 (Contao before 3.5.39 and 4.x before 4.7.3 has a Weak Password Recovery ...)
	NOT-FOR-US: Contao
CVE-2019-10640 (An issue was discovered in GitLab Community and Enterprise Edition bef ...)
	- gitlab 11.8.6+dfsg-1 (bug #926482)
	NOTE: https://about.gitlab.com/2019/04/01/security-release-gitlab-11-dot-9-dot-4-released/
CVE-2019-10639 (The Linux kernel 4.x (starting from 4.1) and 5.x before 5.0.8 allows I ...)
	{DSA-4497-1 DLA-1885-1 DLA-1862-1}
	- linux 4.19.37-1
	NOTE: https://arxiv.org/pdf/1906.10478.pdf
CVE-2019-10638 (In the Linux kernel before 5.1.7, a device can be tracked by an attack ...)
	{DSA-4497-1 DSA-4495-1 DLA-1885-1 DLA-1884-1}
	- linux 5.2.6-1
	NOTE: https://arxiv.org/pdf/1906.10478.pdf
CVE-2019-10637 (Marvell SSD Controller (88SS1074, 88SS1079, 88SS1080, 88SS1093, 88SS10 ...)
	NOT-FOR-US: Marvell
CVE-2019-10636 (Marvell SSD Controller (88SS1074, 88SS1079, 88SS1080, 88SS1093, 88SS10 ...)
	NOT-FOR-US: Marvell
CVE-2019-10635
	RESERVED
CVE-2019-10634 (An XSS vulnerability in the Zyxel NAS 326 version 5.21 and below allow ...)
	NOT-FOR-US: Zyxel
CVE-2019-10633 (An eval injection vulnerability in the Python web server routing on th ...)
	NOT-FOR-US: Zyxel
CVE-2019-10632 (A directory traversal vulnerability in the file browser component on t ...)
	NOT-FOR-US: Zyxel
CVE-2019-10631 (Shell Metacharacter Injection in the package installer on Zyxel NAS 32 ...)
	NOT-FOR-US: Zyxel
CVE-2019-10630 (A plaintext password vulnerability in the Zyxel NAS 326 through 5.21 a ...)
	NOT-FOR-US: Zyxel
CVE-2019-10629
	RESERVED
CVE-2019-10628
	RESERVED
CVE-2019-10627 (Integer overflow to buffer overflow vulnerability in PostScript image  ...)
	NOT-FOR-US: Qualcomm
CVE-2019-10626
	RESERVED
CVE-2019-10625
	RESERVED
	NOT-FOR-US: Qualcomm components for Android
CVE-2019-10624
	RESERVED
	NOT-FOR-US: Qualcomm components for Android
CVE-2019-10623
	RESERVED
	NOT-FOR-US: Qualcomm components for Android
CVE-2019-10622
	RESERVED
	NOT-FOR-US: Qualcomm components for Android
CVE-2019-10621
	RESERVED
	NOT-FOR-US: Qualcomm components for Android
CVE-2019-10620
	RESERVED
	NOT-FOR-US: Qualcomm components for Android
CVE-2019-10619
	RESERVED
CVE-2019-10618 (Driver may access an invalid address while processing IO control due t ...)
	NOT-FOR-US: Snapdragon
CVE-2019-10617 (Low privilege users can access service configuration which contains re ...)
	NOT-FOR-US: Qualcomm
CVE-2019-10616 (Possibility of null pointer access if the SPDM commands are executed i ...)
	NOT-FOR-US: Qualcomm components for Android
CVE-2019-10615
	RESERVED
CVE-2019-10614 (Out of boundary access is possible as there is no validation of data a ...)
	NOT-FOR-US: Snapdragon
CVE-2019-10613
	RESERVED
CVE-2019-10612 (UTCB object has a function pointer called by the reaper to deallocate  ...)
	NOT-FOR-US: Qualcomm components for Android
CVE-2019-10611 (Buffer overflow can occur while processing clip due to lack of check o ...)
	NOT-FOR-US: Qualcomm components for Android
CVE-2019-10610
	RESERVED
	NOT-FOR-US: Qualcomm components for Android
CVE-2019-10609
	RESERVED
	NOT-FOR-US: Qualcomm components for Android
CVE-2019-10608
	RESERVED
	NOT-FOR-US: Qualcomm components for Android
CVE-2019-10607 (Out of bounds memcpy can occur by providing the embedded NULL characte ...)
	NOT-FOR-US: Qualcomm components for Android
CVE-2019-10606 (Out-of-bound access will occur in USB driver due to lack of check to v ...)
	NOT-FOR-US: Qualcomm components for Android
CVE-2019-10605 (Buffer overwrite can occur in IEEE80211 header filling function due to ...)
	NOT-FOR-US: Qualcomm components for Android
CVE-2019-10604 (Possibility of heap-buffer-overflow during last iteration of loop whil ...)
	NOT-FOR-US: Qualcomm components for Android
CVE-2019-10603 (Use after free issue occurs If the real device interface goes down and ...)
	NOT-FOR-US: Qualcomm components for Android
CVE-2019-10602 (Potential use-after-free heap error during Validate/Present calls on d ...)
	NOT-FOR-US: Qualcomm components for Android
CVE-2019-10601 (Out of bound access can occur while processing firmware event due to l ...)
	NOT-FOR-US: Qualcomm components for Android
CVE-2019-10600 (Use of local variable as argument to netlink CB callback goes out of i ...)
	NOT-FOR-US: Snapdragon
CVE-2019-10599
	RESERVED
CVE-2019-10598 (Out of bound access can occur while processing peer info in IBSS conne ...)
	NOT-FOR-US: Qualcomm components for Android
CVE-2019-10597
	RESERVED
CVE-2019-10596
	RESERVED
CVE-2019-10595 (Possible buffer overwrite in message handler due to lack of validation ...)
	NOT-FOR-US: Qualcomm components for Android
CVE-2019-10594 (Stack overflow can occur when SDP is received with multiple payload ty ...)
	NOT-FOR-US: Qualcomm components for Android
CVE-2019-10593 (Buffer overflow can occur when processing non standard SDP video Image ...)
	NOT-FOR-US: Qualcomm components for Android
CVE-2019-10592 (Possible integer overflow while multiplying two integers of 32 bit in  ...)
	NOT-FOR-US: Snapdragon
CVE-2019-10591 (Null pointer dereference can happen when parsing udta atom which is no ...)
	NOT-FOR-US: Qualcomm components for Android
CVE-2019-10590 (Out of bound access while parsing dts atom, which is non-standard as i ...)
	NOT-FOR-US: Snapdragon
CVE-2019-10589
	RESERVED
	NOT-FOR-US: Qualcomm components for Android
CVE-2019-10588
	RESERVED
	NOT-FOR-US: Qualcomm components for Android
CVE-2019-10587 (Possible Stack overflow can occur when processing a large SDP body or  ...)
	NOT-FOR-US: Qualcomm components for Android
CVE-2019-10586 (Filling media attribute tag names without validating the destination b ...)
	NOT-FOR-US: Qualcomm components for Android
CVE-2019-10585 (Possible integer overflow happens when mmap find function will increme ...)
	NOT-FOR-US: Qualcomm components for Android
CVE-2019-10584 (Possibility of out of bound access in debug queue, if packet size fiel ...)
	NOT-FOR-US: Snapdragon
CVE-2019-10583 (Use after free issue occurs when camera access sensors data through di ...)
	NOT-FOR-US: Qualcomm components for Android
CVE-2019-10582 (Use after free issue due to using of invalidated iterator to delete an ...)
	NOT-FOR-US: Qualcomm components for Android
CVE-2019-10581 (NULL is assigned to local instance of audio device pointer after free  ...)
	NOT-FOR-US: Qualcomm components for Android
CVE-2019-10580
	RESERVED
CVE-2019-10579 (Buffer over-read can occur while playing the video clip which is not s ...)
	NOT-FOR-US: Qualcomm components for Android
CVE-2019-10578 (Null pointer dereference can occur while parsing the clip which is non ...)
	NOT-FOR-US: Qualcomm components for Android
CVE-2019-10577 (Improper input validation while processing SIP URI received from the n ...)
	NOT-FOR-US: Qualcomm components for Android
CVE-2019-10576
	RESERVED
CVE-2019-10575
	RESERVED
	NOT-FOR-US: Qualcomm components for Android
CVE-2019-10574
	RESERVED
	NOT-FOR-US: Qualcomm components for Android
CVE-2019-10573
	RESERVED
CVE-2019-10572 (Improper check in video driver while processing data from video firmwa ...)
	NOT-FOR-US: Snapdragon
CVE-2019-10571 (Snapshot of IB can lead to invalid address access due to missing check ...)
	NOT-FOR-US: Qualcomm components for Android
CVE-2019-10570
	RESERVED
CVE-2019-10569 (Stack buffer overflow due to instance id is misplaced inside definitio ...)
	NOT-FOR-US: Qualcomm components for Android
CVE-2019-10568
	RESERVED
CVE-2019-10567 (There is a way to deceive the GPU kernel driver into thinking there is ...)
	NOT-FOR-US: Snapdragon
CVE-2019-10566 (Buffer overflow can occur in wlan module if supported rates or extende ...)
	NOT-FOR-US: Snapdragon
CVE-2019-10565 (Double free issue can happen when sensor power settings is freed by so ...)
	NOT-FOR-US: Snapdragon
CVE-2019-10564 (Possible OOB issue in EEPROM due to lack of check while accessing memo ...)
	NOT-FOR-US: Snapdragon
CVE-2019-10563 (Buffer over-read can occur in fast message handler due to improper inp ...)
	NOT-FOR-US: Snapdragon
CVE-2019-10562
	RESERVED
CVE-2019-10561 (Improper initialization of local variables which are parameters to sfs ...)
	NOT-FOR-US: Snapdragon
CVE-2019-10560
	RESERVED
CVE-2019-10559 (Accessing data buffer beyond the available data while parsing ogg clip ...)
	NOT-FOR-US: Qualcomm components for Android
CVE-2019-10558 (While transferring data from APPS to DSP, Out of bound in FastRPC HLOS ...)
	NOT-FOR-US: Qualcomm components for Android
CVE-2019-10557 (Out-of-bound read in the wireless driver in the Linux kernel due to la ...)
	NOT-FOR-US: Qualcomm components for Android
CVE-2019-10556
	RESERVED
	NOT-FOR-US: Qualcomm components for Android
CVE-2019-10555 (Buffer overflow can occur due to usage of wrong datatype and missing l ...)
	NOT-FOR-US: Qualcomm components for Android
CVE-2019-10554 (Multiple Read overflows issue due to improper length check while decod ...)
	NOT-FOR-US: Qualcomm components for Android
CVE-2019-10553 (Multiple Read overflows due to improper length checks while decoding a ...)
	NOT-FOR-US: Qualcomm components for Android
CVE-2019-10552 (Multiple Buffer Over-read issue can happen due to improper length chec ...)
	NOT-FOR-US: Qualcomm components for Android
CVE-2019-10551
	RESERVED
	NOT-FOR-US: Qualcomm components for Android
CVE-2019-10550 (Buffer Over-read when UE is trying to process the message received for ...)
	NOT-FOR-US: Qualcomm components for Android
CVE-2019-10549 (Null pointer dereference issue can happen due to improper validation o ...)
	NOT-FOR-US: Qualcomm components for Android
CVE-2019-10548 (While trying to obtain datad ipc handle during DPL initialization, Hea ...)
	NOT-FOR-US: Qualcomm components for Android
CVE-2019-10547
	RESERVED
	NOT-FOR-US: Qualcomm components for Android
CVE-2019-10546 (Buffer overflow can occur in WLAN firmware while parsing beacon/probe_ ...)
	NOT-FOR-US: Qualcomm components for Android
CVE-2019-10545 (Null pointer dereference issue in kernel due to missing check related  ...)
	NOT-FOR-US: Qualcomm components for Android
CVE-2019-10544 (Improper length check on source buffer to handle userspace data receiv ...)
	NOT-FOR-US: Snapdragon
CVE-2019-10543
	RESERVED
CVE-2019-10542 (Buffer over-read may occur when downloading a corrupted firmware file  ...)
	NOT-FOR-US: Snapdragon
CVE-2019-10541 (Dereference on uninitialized buffer can happen when parsing FLV clip w ...)
	NOT-FOR-US: Snapdragon
CVE-2019-10540 (Buffer overflow in WLAN NAN function due to lack of check of count val ...)
	NOT-FOR-US: Snapdragon
CVE-2019-10539 (Possible buffer overflow issue due to lack of length check when parsin ...)
	NOT-FOR-US: Snapdragon
CVE-2019-10538 (Lack of check of address range received from firmware response allows  ...)
	NOT-FOR-US: Snapdragon
CVE-2019-10537 (Improper validation of event buffer extracted from FW response can lea ...)
	NOT-FOR-US: Qualcomm components for Android
CVE-2019-10536 (Potential double free scenario if driver receives another DIAG_EVENT_L ...)
	NOT-FOR-US: Qualcomm components for Android
CVE-2019-10535 (Improper validation for loop variable received from firmware can lead  ...)
	NOT-FOR-US: Snapdragon
CVE-2019-10534 (Null-pointer dereference can occur while accessing the super index ent ...)
	NOT-FOR-US: Snapdragon
CVE-2019-10533 (Out of bound access due to improper validation of array index cause th ...)
	NOT-FOR-US: Snapdragon
CVE-2019-10532 (Null-pointer dereference issue can occur while calculating string leng ...)
	NOT-FOR-US: Qualcomm components for Android
CVE-2019-10531 (Incorrect reading of system image resulting in buffer overflow when si ...)
	NOT-FOR-US: Snapdragon
CVE-2019-10530 (Lack of check of data truncation on user supplied data in kernel leads ...)
	NOT-FOR-US: Qualcomm components for Android
CVE-2019-10529 (Possible use after free issue due to race condition while attempting t ...)
	NOT-FOR-US: Snapdragon
CVE-2019-10528 (Use after free issue in kernel while accessing freed mdlog session inf ...)
	NOT-FOR-US: Snapdragon
CVE-2019-10527
	RESERVED
CVE-2019-10526 (Out of bound write in WLAN driver due to NULL character not properly p ...)
	NOT-FOR-US: Qualcomm components for Android
CVE-2019-10525 (Buffer overflow during SIB read when network configures complete sib l ...)
	NOT-FOR-US: Snapdragon
CVE-2019-10524 (Lack of check for a negative value returned for get_clk is wrongly int ...)
	NOT-FOR-US: Snapdragon
CVE-2019-10523
	RESERVED
	NOT-FOR-US: Qualcomm components for Android
CVE-2019-10522 (While playing the clip which is nonstandard buffer overflow can occur  ...)
	NOT-FOR-US: Snapdragon
CVE-2019-10521
	RESERVED
CVE-2019-10520 (An unprivileged application can allocate GPU memory by calling memory  ...)
	NOT-FOR-US: Qualcomm components for Android
CVE-2019-10519
	RESERVED
CVE-2019-10518 (Use after free of a pointer in iWLAN scenario during netmgr state tran ...)
	NOT-FOR-US: Snapdragon
CVE-2019-10517 (Memory is being freed up twice when two concurrent threads are executi ...)
	NOT-FOR-US: Snapdragon
CVE-2019-10516 (Multiple read overflows in MM while decoding service accept,service re ...)
	NOT-FOR-US: Snapdragon
CVE-2019-10515 (DCI client which might be preemptively freed up might be accessed for  ...)
	NOT-FOR-US: Snapdragon
CVE-2019-10514
	RESERVED
CVE-2019-10513 (Possibility of Null pointer access if the SPDM commands are executed i ...)
	NOT-FOR-US: Snapdragon
CVE-2019-10512 (Payload size is not checked before using it as array index in audio in ...)
	NOT-FOR-US: Snapdragon
CVE-2019-10511 (Possibility of memory overflow while decoding GSNDCP compressed mode P ...)
	NOT-FOR-US: Qualcomm components for Android
CVE-2019-10510 (BT process died and BT toggled due to null pointer dereference when in ...)
	NOT-FOR-US: Snapdragon
CVE-2019-10509 (Device record of the pairing device used after free during ACL disconn ...)
	NOT-FOR-US: Snapdragon
CVE-2019-10508 (Lack of input validation for data received from user space can lead to ...)
	NOT-FOR-US: Snapdragon
CVE-2019-10507 (Lack of check of extscan change results received from firmware can lea ...)
	NOT-FOR-US: Snapdragon
CVE-2019-10506 (While processing QCA_NL80211_VENDOR_SUBCMD_AVOID_FREQUENCY vendor comm ...)
	NOT-FOR-US: Snapdragon
CVE-2019-10505 (Out of bound access while processing a non-standard IE measurement req ...)
	NOT-FOR-US: Snapdragon
CVE-2019-10504 (Firmware not able to send EXT scan response to host within 1 sec due t ...)
	NOT-FOR-US: Snapdragon
CVE-2019-10503 (Out-of-bounds access can occur in camera driver due to improper valida ...)
	NOT-FOR-US: Snapdragon
CVE-2019-10502 (Possible stack overflow when an index equal to io buffer size is acces ...)
	NOT-FOR-US: Snapdragon
CVE-2019-10501 (Possible use after free issue due to improper input validation in volu ...)
	NOT-FOR-US: Snapdragon
CVE-2019-10500 (While processing MT Secondary PDP request, Buffer overflow will happen ...)
	NOT-FOR-US: Snapdragon
CVE-2019-10499 (Improper validation of read and write index of tx and rx fifo`s before ...)
	NOT-FOR-US: Snapdragon
CVE-2019-10498 (Buffer overflow scenario if the client sends more than 5 io_vec reques ...)
	NOT-FOR-US: Snapdragon
CVE-2019-10497 (Use after free issue occurs If another instance of open for voice_svc  ...)
	NOT-FOR-US: Snapdragon
CVE-2019-10496 (Lack of checking a variable received from driver and populating in Fir ...)
	NOT-FOR-US: Snapdragon
CVE-2019-10495 (Arbitrary buffer write issue while processing sequence header during H ...)
	NOT-FOR-US: Snapdragon
CVE-2019-10494 (Race condition between the camera functions due to lack of resource lo ...)
	NOT-FOR-US: Snapdragon
CVE-2019-10493 (Position determination accuracy may be degraded due to wrongly decoded ...)
	NOT-FOR-US: Qualcomm components for Android
CVE-2019-10492 (Boot image not getting verified by AVB in Snapdragon Auto, Snapdragon  ...)
	NOT-FOR-US: Snapdragon
CVE-2019-10491 (ADSP can be compromised since it`s a general-purpose CPU processing un ...)
	NOT-FOR-US: Snapdragon
CVE-2019-10490 (Use after free issue in Xtra daemon shutdown due to static object inst ...)
	NOT-FOR-US: Snapdragon
CVE-2019-10489 (Possible null-pointer dereference can occur while parsing avi clip dur ...)
	NOT-FOR-US: Snapdragon
CVE-2019-10488 (Null pointer dereference can occur while parsing invalid chunks while  ...)
	NOT-FOR-US: Snapdragon
CVE-2019-10487 (Buffer over read can happen while parsing SMS OTA messages at transpor ...)
	NOT-FOR-US: Snapdragon
CVE-2019-10486 (Race condition due to the lack of resource lock which will be concurre ...)
	NOT-FOR-US: Snapdragon
CVE-2019-10485 (Infinite loop while decoding compressed data can lead to overrun condi ...)
	NOT-FOR-US: Qualcomm components for Android
CVE-2019-10484 (Use after free issue occurs when command destructors access dynamicall ...)
	NOT-FOR-US: Qualcomm components for Android
CVE-2019-10483
	RESERVED
	NOT-FOR-US: Qualcomm components for Android
CVE-2019-10482 (Due to the use of non-time-constant comparison functions there is issu ...)
	NOT-FOR-US: Snapdragon
CVE-2019-10481 (Out of bound access occurs while handling the WMI FW event due to lack ...)
	NOT-FOR-US: Qualcomm components for Android
CVE-2019-10480 (Out of bound write can happen in WMI firmware event handler due to lac ...)
	NOT-FOR-US: Qualcomm components for Android
CVE-2019-10479 (An issue was discovered on Glory RBW-100 devices with firmware ISP-K05 ...)
	NOT-FOR-US: Glory RBW-100 devices
CVE-2019-10478 (An issue was discovered on Glory RBW-100 devices with firmware ISP-K05 ...)
	NOT-FOR-US: Glory RBW-100 devices
CVE-2019-10477 (The FusionInventory plugin before 1.4 for GLPI 9.3.x and before 1.1 fo ...)
	NOT-FOR-US: GLPI plugin
CVE-2019-10476 (Jenkins Zulip Plugin 1.1.0 and earlier stored credentials unencrypted  ...)
	NOT-FOR-US: Jenkins plugin
CVE-2019-10475 (A reflected cross-site scripting vulnerability in Jenkins build-metric ...)
	NOT-FOR-US: Jenkins plugin
CVE-2019-10474 (A missing permission check in Jenkins Global Post Script Plugin in all ...)
	NOT-FOR-US: Jenkins plugin
CVE-2019-10473 (A missing permission check in Jenkins Libvirt Slaves Plugin in form-re ...)
	NOT-FOR-US: Jenkins plugin
CVE-2019-10472 (A missing permission check in Jenkins Libvirt Slaves Plugin allows att ...)
	NOT-FOR-US: Jenkins plugin
CVE-2019-10471 (A cross-site request forgery vulnerability in Jenkins Libvirt Slaves P ...)
	NOT-FOR-US: Jenkins plugin
CVE-2019-10470 (A missing permission check in Jenkins ElasticBox Jenkins Kubernetes CI ...)
	NOT-FOR-US: Jenkins plugin
CVE-2019-10469 (A missing permission check in Jenkins ElasticBox Jenkins Kubernetes CI ...)
	NOT-FOR-US: Jenkins plugin
CVE-2019-10468 (A cross-site request forgery vulnerability in Jenkins ElasticBox Jenki ...)
	NOT-FOR-US: Jenkins plugin
CVE-2019-10467 (Jenkins Sonar Gerrit Plugin stores credentials unencrypted in job conf ...)
	NOT-FOR-US: Jenkins plugin
CVE-2019-10466 (An XML external entities (XXE) vulnerability in Jenkins 360 FireLine P ...)
	NOT-FOR-US: Jenkins plugin
CVE-2019-10465 (A missing permission check in Jenkins Deploy WebLogic Plugin allows at ...)
	NOT-FOR-US: Jenkins plugin
CVE-2019-10464 (A cross-site request forgery vulnerability in Jenkins Deploy WebLogic  ...)
	NOT-FOR-US: Jenkins plugin
CVE-2019-10463 (A missing permission check in Jenkins Dynatrace Application Monitoring ...)
	NOT-FOR-US: Jenkins plugin
CVE-2019-10462 (A cross-site request forgery vulnerability in Jenkins Dynatrace Applic ...)
	NOT-FOR-US: Jenkins plugin
CVE-2019-10461 (Jenkins Dynatrace Application Monitoring Plugin 2.1.3 and earlier stor ...)
	NOT-FOR-US: Jenkins plugin
CVE-2019-10460 (Jenkins Bitbucket OAuth Plugin 0.9 and earlier stored credentials unen ...)
	NOT-FOR-US: Jenkins plugin
CVE-2019-10459 (Jenkins Mattermost Notification Plugin 2.7.0 and earlier stored webhoo ...)
	NOT-FOR-US: Jenkins plugin
CVE-2019-10458 (Jenkins Puppet Enterprise Pipeline 1.3.1 and earlier specifies unsafe  ...)
	NOT-FOR-US: Jenkins plugin
CVE-2019-10457 (A missing permission check in Jenkins Oracle Cloud Infrastructure Comp ...)
	NOT-FOR-US: Jenkins plugin
CVE-2019-10456 (A cross-site request forgery vulnerability in Jenkins Oracle Cloud Inf ...)
	NOT-FOR-US: Jenkins plugin
CVE-2019-10455 (A missing permission check in Jenkins Rundeck Plugin allows attackers  ...)
	NOT-FOR-US: Jenkins plugin
CVE-2019-10454 (A cross-site request forgery vulnerability in Jenkins Rundeck Plugin a ...)
	NOT-FOR-US: Jenkins plugin
CVE-2019-10453 (Jenkins Delphix Plugin stores credentials unencrypted in its global co ...)
	NOT-FOR-US: Jenkins plugin
CVE-2019-10452 (Jenkins View26 Test-Reporting Plugin stores credentials unencrypted in ...)
	NOT-FOR-US: Jenkins plugin
CVE-2019-10451 (Jenkins SOASTA CloudTest Plugin stores credentials unencrypted in its  ...)
	NOT-FOR-US: Jenkins plugin
CVE-2019-10450 (Jenkins ElasticBox CI Plugin stores credentials unencrypted in the glo ...)
	NOT-FOR-US: Jenkins plugin
CVE-2019-10449 (Jenkins Fortify on Demand Plugin stores credentials unencrypted in job ...)
	NOT-FOR-US: Jenkins plugin
CVE-2019-10448 (Jenkins Extensive Testing Plugin stores credentials unencrypted in job ...)
	NOT-FOR-US: Jenkins plugin
CVE-2019-10447 (Jenkins Sofy.AI Plugin stores credentials unencrypted in job config.xm ...)
	NOT-FOR-US: Jenkins plugin
CVE-2019-10446 (Jenkins Cadence vManager Plugin 2.7.0 and earlier disabled SSL/TLS and ...)
	NOT-FOR-US: Jenkins plugin
CVE-2019-10445 (A missing permission check in Jenkins Google Kubernetes Engine Plugin  ...)
	NOT-FOR-US: Jenkins plugin
CVE-2019-10444 (Jenkins Bumblebee HP ALM Plugin 4.1.3 and earlier unconditionally disa ...)
	NOT-FOR-US: Jenkins plugin
CVE-2019-10443 (Jenkins iceScrum Plugin 1.1.4 and earlier stored credentials unencrypt ...)
	NOT-FOR-US: Jenkins plugin
CVE-2019-10442 (A missing permission check in Jenkins iceScrum Plugin 1.1.5 and earlie ...)
	NOT-FOR-US: Jenkins plugin
CVE-2019-10441 (A cross-site request forgery vulnerability in Jenkins iceScrum Plugin  ...)
	NOT-FOR-US: Jenkins plugin
CVE-2019-10440 (Jenkins NeoLoad Plugin 2.2.5 and earlier stored credentials unencrypte ...)
	NOT-FOR-US: Jenkins plugin
CVE-2019-10439 (A missing permission check in Jenkins CRX Content Package Deployer Plu ...)
	NOT-FOR-US: Jenkins plugin
CVE-2019-10438 (A missing permission check in Jenkins CRX Content Package Deployer Plu ...)
	NOT-FOR-US: Jenkins plugin
CVE-2019-10437 (A cross-site request forgery vulnerability in Jenkins CRX Content Pack ...)
	NOT-FOR-US: Jenkins plugin
CVE-2019-10436 (An arbitrary file read vulnerability in Jenkins Google OAuth Credentia ...)
	NOT-FOR-US: Jenkins plugin
CVE-2019-10435 (Jenkins SourceGear Vault Plugin transmits configured credentials in pl ...)
	NOT-FOR-US: Jenkins plugin
CVE-2019-10434 (Jenkins LDAP Email Plugin transmits configured credentials in plain te ...)
	NOT-FOR-US: Jenkins plugin
CVE-2019-10433 (Jenkins Dingding[&#38025;&#38025;] Plugin stores credentials unencrypt ...)
	NOT-FOR-US: Jenkins plugin
CVE-2019-10432 (Jenkins HTML Publisher Plugin 1.20 and earlier did not escape the proj ...)
	NOT-FOR-US: Jenkins plugin
CVE-2019-10431 (A sandbox bypass vulnerability in Jenkins Script Security Plugin 1.64  ...)
	NOT-FOR-US: Jenkins plugin
CVE-2019-10430 (Jenkins NeuVector Vulnerability Scanner Plugin 1.5 and earlier stored  ...)
	NOT-FOR-US: Jenkins plugin
CVE-2019-10429 (Jenkins GitLab Logo Plugin stores credentials unencrypted in its globa ...)
	NOT-FOR-US: Jenkins plugin
CVE-2019-10428 (Jenkins Aqua Security Scanner Plugin 3.0.17 and earlier transmitted co ...)
	NOT-FOR-US: Jenkins plugin
CVE-2019-10427 (Jenkins Aqua MicroScanner Plugin 1.0.7 and earlier transmitted configu ...)
	NOT-FOR-US: Jenkins plugin
CVE-2019-10426 (Jenkins Gem Publisher Plugin stores credentials unencrypted in its glo ...)
	NOT-FOR-US: Jenkins plugin
CVE-2019-10425 (Jenkins Google Calendar Plugin stores credentials unencrypted in job c ...)
	NOT-FOR-US: Jenkins plugin
CVE-2019-10424 (Jenkins elOyente Plugin stores credentials unencrypted in its global c ...)
	NOT-FOR-US: Jenkins plugin
CVE-2019-10423 (Jenkins CodeScan Plugin stores credentials unencrypted in its global c ...)
	NOT-FOR-US: Jenkins plugin
CVE-2019-10422 (Jenkins Call Remote Job Plugin stores credentials unencrypted in job c ...)
	NOT-FOR-US: Jenkins plugin
CVE-2019-10421 (Jenkins Azure Event Grid Build Notifier Plugin stores credentials unen ...)
	NOT-FOR-US: Jenkins plugin
CVE-2019-10420 (Jenkins Assembla Plugin stores credentials unencrypted in its global c ...)
	NOT-FOR-US: Jenkins plugin
CVE-2019-10419 (Jenkins vFabric Application Director Plugin stores credentials unencry ...)
	NOT-FOR-US: Jenkins plugin
CVE-2019-10418 (Jenkins Kubernetes :: Pipeline :: Arquillian Steps Plugin provides a c ...)
	NOT-FOR-US: Jenkins plugin
CVE-2019-10417 (Jenkins Kubernetes :: Pipeline :: Kubernetes Steps Plugin provides a c ...)
	NOT-FOR-US: Jenkins plugin
CVE-2019-10416 (Jenkins Violation Comments to GitLab Plugin 2.28 and earlier stored cr ...)
	NOT-FOR-US: Jenkins plugin
CVE-2019-10415 (Jenkins Violation Comments to GitLab Plugin 2.28 and earlier stored cr ...)
	NOT-FOR-US: Jenkins plugin
CVE-2019-10414 (Jenkins Git Changelog Plugin 2.17 and earlier stored credentials unenc ...)
	NOT-FOR-US: Jenkins plugin
CVE-2019-10413 (Jenkins Data Theorem: CI/CD Plugin 1.3 and earlier stored credentials  ...)
	NOT-FOR-US: Jenkins plugin
CVE-2019-10412 (Jenkins Inedo ProGet Plugin 1.2 and earlier transmitted configured cre ...)
	NOT-FOR-US: Jenkins plugin
CVE-2019-10411 (Jenkins Inedo BuildMaster Plugin 2.4.0 and earlier transmitted configu ...)
	NOT-FOR-US: Jenkins plugin
CVE-2019-10410 (Jenkins Log Parser Plugin 2.0 and earlier did not escape an error mess ...)
	NOT-FOR-US: Jenkins plugin
CVE-2019-10409 (A missing permission check in Jenkins Project Inheritance Plugin 2.0.0 ...)
	NOT-FOR-US: Jenkins plugin
CVE-2019-10408 (A cross-site request forgery vulnerability in Jenkins Project Inherita ...)
	NOT-FOR-US: Jenkins plugin
CVE-2019-10407 (Jenkins Project Inheritance Plugin 2.0.0 and earlier displayed a list  ...)
	NOT-FOR-US: Jenkins plugin
CVE-2019-10406 (Jenkins 2.196 and earlier, LTS 2.176.3 and earlier did not restrict or ...)
	NOT-FOR-US: Jenkins
CVE-2019-10405 (Jenkins 2.196 and earlier, LTS 2.176.3 and earlier printed the value o ...)
	NOT-FOR-US: Jenkins
CVE-2019-10404 (Jenkins 2.196 and earlier, LTS 2.176.3 and earlier did not escape the  ...)
	NOT-FOR-US: Jenkins
CVE-2019-10403 (Jenkins 2.196 and earlier, LTS 2.176.3 and earlier did not escape the  ...)
	NOT-FOR-US: Jenkins
CVE-2019-10402 (In Jenkins 2.196 and earlier, LTS 2.176.3 and earlier, the f:combobox  ...)
	NOT-FOR-US: Jenkins
CVE-2019-10401 (In Jenkins 2.196 and earlier, LTS 2.176.3 and earlier, the f:expandabl ...)
	NOT-FOR-US: Jenkins
CVE-2019-10400 (A sandbox bypass vulnerability in Jenkins Script Security Plugin 1.62  ...)
	NOT-FOR-US: Jenkins plugin
CVE-2019-10399 (A sandbox bypass vulnerability in Jenkins Script Security Plugin 1.62  ...)
	NOT-FOR-US: Jenkins plugin
CVE-2019-10398 (Jenkins Beaker Builder Plugin 1.9 and earlier stored credentials unenc ...)
	NOT-FOR-US: Jenkins plugin
CVE-2019-10397 (Jenkins Aqua Security Serverless Scanner Plugin 1.0.4 and earlier tran ...)
	NOT-FOR-US: Jenkins plugin
CVE-2019-10396 (Jenkins Dashboard View Plugin 2.11 and earlier did not escape build de ...)
	NOT-FOR-US: Jenkins plugin
CVE-2019-10395 (Jenkins Build Environment Plugin 1.6 and earlier did not escape variab ...)
	NOT-FOR-US: Jenkins plugin
CVE-2019-10394 (A sandbox bypass vulnerability in Jenkins Script Security Plugin 1.62  ...)
	NOT-FOR-US: Jenkins plugin
CVE-2019-10393 (A sandbox bypass vulnerability in Jenkins Script Security Plugin 1.62  ...)
	NOT-FOR-US: Jenkins plugin
CVE-2019-10392 (Jenkins Git Client Plugin 2.8.4 and earlier did not properly restrict  ...)
	NOT-FOR-US: Jenkins plugin
CVE-2019-10391 (Jenkins IBM Application Security on Cloud Plugin 1.2.4 and earlier tra ...)
	NOT-FOR-US: IBM
CVE-2019-10390 (A sandbox bypass vulnerability in Jenkins Splunk Plugin 1.7.4 and earl ...)
	NOT-FOR-US: Jenkins plugin
CVE-2019-10389 (A missing permission check in Jenkins Relution Enterprise Appstore Pub ...)
	NOT-FOR-US: Jenkins plugin
CVE-2019-10388 (A cross-site request forgery vulnerability in Jenkins Relution Enterpr ...)
	NOT-FOR-US: Jenkins plugin
CVE-2019-10387 (A missing permission check in Jenkins XL TestView Plugin 1.2.0 and ear ...)
	NOT-FOR-US: Jenkins plugin
CVE-2019-10386 (A cross-site request forgery vulnerability in Jenkins XL TestView Plug ...)
	NOT-FOR-US: Jenkins plugin
CVE-2019-10385 (Jenkins eggPlant Plugin 2.2 and earlier stores credentials unencrypted ...)
	NOT-FOR-US: Jenkins plugin
CVE-2019-10384 (Jenkins 2.191 and earlier, LTS 2.176.2 and earlier allowed users to ob ...)
	NOT-FOR-US: Jenkins
CVE-2019-10383 (A stored cross-site scripting vulnerability in Jenkins 2.191 and earli ...)
	NOT-FOR-US: Jenkins
CVE-2019-10382 (Jenkins VMware Lab Manager Slaves Plugin 0.2.8 and earlier disables SS ...)
	NOT-FOR-US: Jenkins plugin
CVE-2019-10381 (Jenkins Codefresh Integration Plugin 1.8 and earlier disables SSL/TLS  ...)
	NOT-FOR-US: Jenkins plugin
CVE-2019-10380 (Jenkins Simple Travis Pipeline Runner Plugin 1.0 and earlier specifies ...)
	NOT-FOR-US: Jenkins plugin
CVE-2019-10379 (Jenkins Google Cloud Messaging Notification Plugin 1.0 and earlier sto ...)
	NOT-FOR-US: Jenkins plugin
CVE-2019-10378 (Jenkins TestLink Plugin 3.16 and earlier stores credentials unencrypte ...)
	NOT-FOR-US: Jenkins plugin
CVE-2019-10377 (A missing permission check in Jenkins Avatar Plugin 1.2 and earlier al ...)
	NOT-FOR-US: Jenkins plugin
CVE-2019-10376 (A reflected cross-site scripting vulnerability in Jenkins Wall Display ...)
	NOT-FOR-US: Jenkins plugin
CVE-2019-10375 (An arbitrary file read vulnerability in Jenkins File System SCM Plugin ...)
	NOT-FOR-US: Jenkins plugin
CVE-2019-10374 (A stored cross-site scripting vulnerability in Jenkins PegDown Formatt ...)
	NOT-FOR-US: Jenkins plugin
CVE-2019-10373 (A stored cross-site scripting vulnerability in Jenkins Build Pipeline  ...)
	NOT-FOR-US: Jenkins plugin
CVE-2019-10372 (An open redirect vulnerability in Jenkins Gitlab Authentication Plugin ...)
	NOT-FOR-US: Jenkins plugin
CVE-2019-10371 (A session fixation vulnerability in Jenkins Gitlab Authentication Plug ...)
	NOT-FOR-US: Jenkins plugin
CVE-2019-10370 (Jenkins Mask Passwords Plugin 2.12.0 and earlier transmits globally co ...)
	NOT-FOR-US: Jenkins plugin
CVE-2019-10369 (A missing permission check in Jenkins JClouds Plugin 2.14 and earlier  ...)
	NOT-FOR-US: Jenkins plugin
CVE-2019-10368 (A cross-site request forgery vulnerability in Jenkins JClouds Plugin 2 ...)
	NOT-FOR-US: Jenkins plugin
CVE-2019-10367 (Due to an incomplete fix of CVE-2019-10343, Jenkins Configuration as C ...)
	NOT-FOR-US: Jenkins plugin
CVE-2019-10366 (Jenkins Skytap Cloud CI Plugin 2.06 and earlier stored credentials une ...)
	NOT-FOR-US: Jenkins Skytap Cloud CI Plugin
CVE-2019-10365 (Jenkins Google Kubernetes Engine Plugin 0.6.2 and earlier created a te ...)
	NOT-FOR-US: Jenkins Google Kubernetes Engine Plugin
CVE-2019-10364 (Jenkins Amazon EC2 Plugin 1.43 and earlier wrote the beginning of priv ...)
	NOT-FOR-US: Jenkins Amazon EC2 Plugin
CVE-2019-10363 (Jenkins Configuration as Code Plugin 1.24 and earlier did not reliably ...)
	NOT-FOR-US: Jenkins Configuration as Code Plugin
CVE-2019-10362 (Jenkins Configuration as Code Plugin 1.24 and earlier did not escape v ...)
	NOT-FOR-US: Jenkins Configuration as Code Plugin
CVE-2019-10361 (Jenkins Maven Release Plugin 0.14.0 and earlier stored credentials une ...)
	NOT-FOR-US: Jenkins Maven Release Plugin
CVE-2019-10360 (A stored cross site scripting vulnerability in Jenkins Maven Release P ...)
	NOT-FOR-US: Jenkins Maven Release Plugin
CVE-2019-10359 (A cross-site request forgery vulnerability in Jenkins Maven Release Pl ...)
	NOT-FOR-US: Jenkins Maven Release Plugin
CVE-2019-10358 (Jenkins Maven Integration Plugin 3.3 and earlier did not apply build l ...)
	NOT-FOR-US: Jenkins Maven Integration Plugi
CVE-2019-10357 (A missing permission check in Jenkins Pipeline: Shared Groovy Librarie ...)
	NOT-FOR-US: Jenkins Pipeline: Shared Groovy Libraries Plugin
CVE-2019-10356 (A sandbox bypass vulnerability in Jenkins Script Security Plugin 1.61  ...)
	NOT-FOR-US: Jenkins Script Security Plugin
CVE-2019-10355 (A sandbox bypass vulnerability in Jenkins Script Security Plugin 1.61  ...)
	NOT-FOR-US: Jenkins Script Security Plugin
CVE-2019-10354 (A vulnerability in the Stapler web framework used in Jenkins 2.185 and ...)
	NOT-FOR-US: Jenkins
CVE-2019-10353 (CSRF tokens in Jenkins 2.185 and earlier, LTS 2.176.1 and earlier did  ...)
	NOT-FOR-US: Jenkins
CVE-2019-10352 (A path traversal vulnerability in Jenkins 2.185 and earlier, LTS 2.176 ...)
	NOT-FOR-US: Jenkins
CVE-2019-10351 (Jenkins Caliper CI Plugin stores credentials unencrypted in job config ...)
	NOT-FOR-US: Jenkins plugin
CVE-2019-10350 (Jenkins Port Allocator Plugin stores credentials unencrypted in job co ...)
	NOT-FOR-US: Jenkins plugin
CVE-2019-10349 (A stored cross site scripting vulnerability in Jenkins Dependency Grap ...)
	NOT-FOR-US: Jenkins plugin
CVE-2019-10348 (Jenkins Gogs Plugin stored credentials unencrypted in job config.xml f ...)
	NOT-FOR-US: Jenkins plugin
CVE-2019-10347 (Jenkins Mashup Portlets Plugin stored credentials unencrypted on the J ...)
	NOT-FOR-US: Jenkins plugin
CVE-2019-10346 (A reflected cross site scripting vulnerability in Jenkins Embeddable B ...)
	NOT-FOR-US: Jenkins plugin
CVE-2019-10345 (Jenkins Configuration as Code Plugin 1.20 and earlier did not treat th ...)
	NOT-FOR-US: Jenkins Configuration as Code Plugin
CVE-2019-10344 (Missing permission checks in Jenkins Configuration as Code Plugin 1.24 ...)
	NOT-FOR-US: Jenkins Configuration as Code Plugin
CVE-2019-10343 (Jenkins Configuration as Code Plugin 1.24 and earlier did not properly ...)
	NOT-FOR-US: Jenkins Configuration as Code Plugin
CVE-2019-10342 (A missing permission check in Jenkins Docker Plugin 1.1.6 and earlier  ...)
	NOT-FOR-US: Jenkins plugin
CVE-2019-10341 (A missing permission check in Jenkins Docker Plugin 1.1.6 and earlier  ...)
	NOT-FOR-US: Jenkins plugin
CVE-2019-10340 (A cross-site request forgery vulnerability in Jenkins Docker Plugin 1. ...)
	NOT-FOR-US: Jenkins plugin
CVE-2019-10339 (A missing permission check in Jenkins JX Resources Plugin 1.0.36 and e ...)
	NOT-FOR-US: Jenkins plugin
CVE-2019-10338 (A cross-site request forgery vulnerability in Jenkins JX Resources Plu ...)
	NOT-FOR-US: Jenkins plugin
CVE-2019-10337 (An XML external entities (XXE) vulnerability in Jenkins Token Macro Pl ...)
	NOT-FOR-US: Jenkins plugin
CVE-2019-10336 (A reflected cross site scripting vulnerability in Jenkins ElectricFlow ...)
	NOT-FOR-US: Jenkins plugin
CVE-2019-10335 (A stored cross site scripting vulnerability in Jenkins ElectricFlow Pl ...)
	NOT-FOR-US: Jenkins plugin
CVE-2019-10334 (Jenkins ElectricFlow Plugin 1.1.5 and earlier disabled SSL/TLS and hos ...)
	NOT-FOR-US: Jenkins plugin
CVE-2019-10333 (Missing permission checks in Jenkins ElectricFlow Plugin 1.1.5 and ear ...)
	NOT-FOR-US: Jenkins plugin
CVE-2019-10332 (A missing permission check in Jenkins ElectricFlow Plugin 1.1.5 and ea ...)
	NOT-FOR-US: Jenkins plugin
CVE-2019-10331 (A cross-site request forgery vulnerability in Jenkins ElectricFlow Plu ...)
	NOT-FOR-US: Jenkins plugin
CVE-2019-10330 (Jenkins Gitea Plugin 1.1.1 and earlier did not implement trusted revis ...)
	NOT-FOR-US: Jenkins plugin
CVE-2019-10329 (Jenkins InfluxDB Plugin 1.21 and earlier stored credentials unencrypte ...)
	NOT-FOR-US: Jenkins plugin
CVE-2019-10328 (Jenkins Pipeline Remote Loader Plugin 1.4 and earlier provided a custo ...)
	NOT-FOR-US: Jenkins plugin
CVE-2019-10327 (An XML external entities (XXE) vulnerability in Jenkins Pipeline Maven ...)
	NOT-FOR-US: Jenkins plugin
CVE-2019-10326 (A cross-site request forgery vulnerability in Jenkins Warnings NG Plug ...)
	NOT-FOR-US: Jenkins plugin
CVE-2019-10325 (A cross-site scripting vulnerability in Jenkins Warnings NG Plugin 5.0 ...)
	NOT-FOR-US: Jenkins plugin
CVE-2019-10324 (A cross-site request forgery vulnerability in Jenkins Artifactory Plug ...)
	NOT-FOR-US: Jenkins plugin
CVE-2019-10323 (A missing permission check in Jenkins Artifactory Plugin 3.2.3 and ear ...)
	NOT-FOR-US: Jenkins plugin
CVE-2019-10322 (A missing permission check in Jenkins Artifactory Plugin 3.2.2 and ear ...)
	NOT-FOR-US: Jenkins plugin
CVE-2019-10321 (A cross-site request forgery vulnerability in Jenkins Artifactory Plug ...)
	NOT-FOR-US: Jenkins plugin
CVE-2019-10320 (Jenkins Credentials Plugin 2.1.18 and earlier allowed users with permi ...)
	NOT-FOR-US: Jenkins plugin
CVE-2019-10319 (A missing permission check in Jenkins PAM Authentication Plugin 1.5 an ...)
	NOT-FOR-US: Jenkins plugin
CVE-2019-10318 (Jenkins Azure AD Plugin 0.3.3 and earlier stored the client secret une ...)
	NOT-FOR-US: Jenkins Azure AD Plugin
CVE-2019-10317 (Jenkins SiteMonitor Plugin 0.5 and earlier disabled SSL/TLS and hostna ...)
	NOT-FOR-US: Jenkins SiteMonitor Plugin
CVE-2019-10316 (Jenkins Aqua MicroScanner Plugin 1.0.5 and earlier stored credentials  ...)
	NOT-FOR-US: Jenkins Aqua MicroScanner Plugin
CVE-2019-10315 (Jenkins GitHub Authentication Plugin 0.31 and earlier did not use the  ...)
	NOT-FOR-US: Jenkins GitHub Authentication Plugin
CVE-2019-10314 (Jenkins Koji Plugin disables SSL/TLS and hostname verification globall ...)
	NOT-FOR-US: Jenkins Koji Plugin
CVE-2019-10313 (Jenkins Twitter Plugin stores credentials unencrypted in its global co ...)
	NOT-FOR-US: Jenkins Twitter Plugin
CVE-2019-10312 (A missing permission check in Jenkins Ansible Tower Plugin 0.9.1 and e ...)
	NOT-FOR-US: Jenkins Ansible Tower Plugin
CVE-2019-10311 (A missing permission check in Jenkins Ansible Tower Plugin 0.9.1 and e ...)
	NOT-FOR-US: Jenkins Ansible Tower Plugin
CVE-2019-10310 (A cross-site request forgery vulnerability in Jenkins Ansible Tower Pl ...)
	NOT-FOR-US: Jenkins Ansible Tower Plugin
CVE-2019-10309 (Jenkins Self-Organizing Swarm Plug-in Modules Plugin clients that use  ...)
	NOT-FOR-US: Jenkins Self-Organizing Swarm Plug-in Modules Plugin clients
CVE-2019-10308 (A missing permission check in Jenkins Static Analysis Utilities Plugin ...)
	NOT-FOR-US: Jenkins Static Analysis Utilities Plugin
CVE-2019-10307 (A cross-site request forgery vulnerability in Jenkins Static Analysis  ...)
	NOT-FOR-US: Jenkins Static Analysis Utilities Plugin
CVE-2019-10306 (A sandbox bypass vulnerability in Jenkins ontrack Plugin 3.4 and earli ...)
	NOT-FOR-US: Jenkins plugin
CVE-2019-10305 (A missing permission check in Jenkins XebiaLabs XL Deploy Plugin in th ...)
	NOT-FOR-US: Jenkins plugin
CVE-2019-10304 (A cross-site request forgery vulnerability in Jenkins XebiaLabs XL Dep ...)
	NOT-FOR-US: Jenkins plugin
CVE-2019-10303 (Jenkins Azure PublisherSettings Credentials Plugin 1.2 and earlier sto ...)
	NOT-FOR-US: Jenkins plugin
CVE-2019-10302 (Jenkins jira-ext Plugin 0.8 and earlier stored credentials unencrypted ...)
	NOT-FOR-US: Jenkins plugin
CVE-2019-10301 (A missing permission check in Jenkins GitLab Plugin 1.5.11 and earlier ...)
	NOT-FOR-US: Jenkins plugin
CVE-2019-10300 (A cross-site request forgery vulnerability in Jenkins GitLab Plugin 1. ...)
	NOT-FOR-US: Jenkins plugin
CVE-2019-10299 (Jenkins CloudCoreo DeployTime Plugin stores credentials unencrypted in ...)
	NOT-FOR-US: Jenkins CloudCoreo DeployTime Plugin
CVE-2019-10298 (Jenkins Koji Plugin stores credentials unencrypted in its global confi ...)
	NOT-FOR-US: Jenkins Koji Plugin
CVE-2019-10297 (Jenkins Sametime Plugin stores credentials unencrypted in its global c ...)
	NOT-FOR-US: Jenkins Sametime Plugin
CVE-2019-10296 (Jenkins Serena SRA Deploy Plugin stores credentials unencrypted in its ...)
	NOT-FOR-US: Jenkins Serena SRA Deploy Plugin
CVE-2019-10295 (Jenkins crittercism-dsym Plugin stores credentials unencrypted in job  ...)
	NOT-FOR-US: Jenkins crittercism-dsym Plugin
CVE-2019-10294 (Jenkins Kmap Plugin stores credentials unencrypted in job config.xml f ...)
	NOT-FOR-US: Jenkins Kmap Plugin
CVE-2019-10293 (A missing permission check in Jenkins Kmap Plugin in KmapJenkinsBuilde ...)
	NOT-FOR-US: Jenkins Kmap Plugin
CVE-2019-10292 (A cross-site request forgery vulnerability in Jenkins Kmap Plugin in K ...)
	NOT-FOR-US: Jenkins Kmap Plugin
CVE-2019-10291 (Jenkins Netsparker Cloud Scan Plugin 1.1.5 and older stored credential ...)
	NOT-FOR-US: Jenkins Netsparker Cloud Scan Plugin
CVE-2019-10290 (A missing permission check in Jenkins Netsparker Cloud Scan Plugin 1.1 ...)
	NOT-FOR-US: Jenkins Netsparker Cloud Scan Plugin
CVE-2019-10289 (A cross-site request forgery vulnerability in Jenkins Netsparker Cloud ...)
	NOT-FOR-US: Jenkins Netsparker Cloud Scan Plugin
CVE-2019-10288 (Jenkins Jabber Server Plugin stores credentials unencrypted in its glo ...)
	NOT-FOR-US: Jenkins Jabber Server Plugin
CVE-2019-10287 (Jenkins youtrack-plugin Plugin 0.7.1 and older stored credentials unen ...)
	NOT-FOR-US: Jenkins youtrack-plugin Plugin
CVE-2019-10286 (Jenkins DeployHub Plugin stores credentials unencrypted in job config. ...)
	NOT-FOR-US: Jenkins DeployHub Plugin
CVE-2019-10285 (Jenkins Minio Storage Plugin stores credentials unencrypted in its glo ...)
	NOT-FOR-US: Jenkins Minio Storage Plugin
CVE-2019-10284 (Jenkins Diawi Upload Plugin stores credentials unencrypted in job conf ...)
	NOT-FOR-US: Jenkins Diawi Upload Plugin
CVE-2019-10283 (Jenkins mabl Plugin stores credentials unencrypted in job config.xml f ...)
	NOT-FOR-US: Jenkins mabl Plugin
CVE-2019-10282 (Jenkins Klaros-Testmanagement Plugin stores credentials unencrypted in ...)
	NOT-FOR-US: Jenkins Klaros-Testmanagement Plugin
CVE-2019-10281 (Jenkins Relution Enterprise Appstore Publisher Plugin stores credentia ...)
	NOT-FOR-US: Jenkins Relution Enterprise Appstore Publisher Plugin
CVE-2019-10280 (Jenkins Assembla Auth Plugin stores credentials unencrypted in the glo ...)
	NOT-FOR-US: Jenkins Assembla Auth Plugin
CVE-2019-10279 (A missing permission check in Jenkins jenkins-reviewbot Plugin in the  ...)
	NOT-FOR-US: Jenkins jenkins-reviewbot Plugin
CVE-2019-10278 (A cross-site request forgery vulnerability in Jenkins jenkins-reviewbo ...)
	NOT-FOR-US: Jenkins jenkins-reviewbot Plugin
CVE-2019-10277 (Jenkins StarTeam Plugin stores credentials unencrypted in job config.x ...)
	NOT-FOR-US: Jenkins StarTeam Plugin
CVE-2019-XXXX [insecure handling of /tmp/VMwareDnD]
	- open-vm-tools 2:10.3.10-1 (bug #925959; unimportant)
	[stretch] - open-vm-tools 2:10.1.5-5055683-4+deb9u2
	NOTE: https://github.com/vmware/open-vm-tools/commit/e88f91b00a715b79255de6576506d80ecfdb064c
	NOTE: Neutralised by kernel hardening
CVE-2019-10276 (Western Bridge Cobub Razor 0.8.0 has a file upload vulnerability via t ...)
	NOT-FOR-US: Western Bridge Cobub Razor
CVE-2019-10275
	RESERVED
CVE-2019-10274
	RESERVED
CVE-2019-10273 (Information leakage vulnerability in the /mc login page in ManageEngin ...)
	NOT-FOR-US: ManageEngine ServiceDesk Plus
CVE-2019-10272 (An issue was discovered in Weaver e-cology 9.0. There is a CRLF Inject ...)
	NOT-FOR-US: Weaver e-cology
CVE-2019-10271 (An issue was discovered in the Ultimate Member plugin 2.39 for WordPre ...)
	NOT-FOR-US: Ultimate Member plugin for WordPress
CVE-2019-10270 (An arbitrary password reset issue was discovered in the Ultimate Membe ...)
	NOT-FOR-US: Ultimate Member plugin for WordPress
CVE-2019-10269 (BWA (aka Burrow-Wheeler Aligner) before 2019-01-23 has a stack-based b ...)
	- bwa 0.7.17-3 (low; bug #926014)
	[stretch] - bwa 0.7.15-2+deb9u1
	[jessie] - bwa <not-affected> (vulnerable code is not present)
	NOTE: https://github.com/lh3/bwa/pull/232
	NOTE: https://github.com/lh3/bwa/commit/20d0a13092aa4cb73230492b05f9697d5ef0b88e
CVE-2019-10268
	REJECTED
CVE-2019-10267 (An insecure file upload and code execution issue was discovered in Ahs ...)
	NOT-FOR-US: Ahsay Cloud Backup Suite
CVE-2019-10266 (An issue was discovered in Ahsay Cloud Backup Suite before 8.1.1.50. W ...)
	NOT-FOR-US: Ahsay Cloud Backup Suite
CVE-2019-10265 (An issue was discovered in Ahsay Cloud Backup Suite before 8.1.1.50. O ...)
	NOT-FOR-US: Ahsay Cloud Backup Suite
CVE-2019-10264 (An issue was discovered in Ahsay Cloud Backup Suite before 8.1.1.50. W ...)
	NOT-FOR-US: Ahsay Cloud Backup Suite
CVE-2019-10263 (An issue was discovered in Ahsay Cloud Backup Suite before 8.1.1.50. W ...)
	NOT-FOR-US: Ahsay Cloud Backup Suite
CVE-2019-10262 (A SQL Injection issue was discovered in BlueCMS 1.6. The variable $ad_ ...)
	NOT-FOR-US: BlueCMS
CVE-2019-1002162
	- skopeo <itp> (bug #880199)
CVE-2019-1002101 (The kubectl cp command allows copying files between containers and the ...)
	- kubernetes <not-affected> (Vulnerable code introduced later)
	NOTE: Introduced by: https://github.com/kubernetes/kubernetes/commit/b1f85e2dfec6e64d8e1bc272251277df0058ab20
	NOTE: Upstream patch: https://github.com/kubernetes/kubernetes/pull/75037
CVE-2019-10261 (CentOS Web Panel (CWP) 0.9.8.789 is vulnerable to Stored/Persistent XS ...)
	NOT-FOR-US: CentOS Web Panel
CVE-2019-10260 (Total.js CMS 12.0.0 has XSS related to themes/admin/views/index.html ( ...)
	NOT-FOR-US: Total.js CMS
CVE-2019-10259
	RESERVED
CVE-2019-10258
	RESERVED
CVE-2019-10257 (Zucchetti HR Portal through 2019-03-15 allows Directory Traversal. Una ...)
	NOT-FOR-US: Zucchetti HR Portal
CVE-2019-10256 (An authentication bypass vulnerability in VIVOTEK IPCam versions prior ...)
	NOT-FOR-US: VIVOTEK IPCam
CVE-2019-10255 (An Open Redirect vulnerability for all browsers in Jupyter Notebook be ...)
	- jupyter-notebook 5.7.8-1 (bug #925939)
	NOTE: https://github.com/jupyter/notebook/commit/08c4c898182edbe97aadef1815cce50448f975cb
	NOTE: https://github.com/jupyter/notebook/commit/70fe9f0ddb3023162ece21fbb77d5564306b913b
	NOTE: When adressing this issue make sure to not open CVE-2019-10856 and apply the
	NOTE: complete fix.
	NOTE: https://blog.jupyter.org/open-redirect-vulnerability-in-jupyter-jupyterhub-adf43583f1e4
	NOTE: https://github.com/jupyter/notebook/commit/979e0bd15e794ceb00cc63737fcd5fd9addc4a99
CVE-2019-10254 (In MISP before 2.4.105, the app/View/Layouts/default.ctp default layou ...)
	NOT-FOR-US: MISP
CVE-2019-10253 (A Cross-Site Request Forgery (CSRF) vulnerability exists in TeamMate+  ...)
	NOT-FOR-US: TeamMate+
CVE-2019-10252
	RESERVED
CVE-2019-10251 (The UCWeb UC Browser application through 2019-03-26 for Android uses H ...)
	NOT-FOR-US: UCWeb UC Browser application for Android
CVE-2019-10250 (UCWeb UC Browser 7.0.185.1002 on Windows uses HTTP for downloading cer ...)
	NOT-FOR-US: UCWeb UC Browser
CVE-2019-1003048 (A vulnerability in Jenkins PRQA Plugin 3.1.0 and earlier allows attack ...)
	NOT-FOR-US: Jenkins plugin
CVE-2019-1003047 (A missing permission check in Jenkins Fortify on Demand Uploader Plugi ...)
	NOT-FOR-US: Jenkins plugin
CVE-2019-1003046 (A cross-site request forgery vulnerability in Jenkins Fortify on Deman ...)
	NOT-FOR-US: Jenkins plugin
CVE-2019-1003045 (A vulnerability in Jenkins ECS Publisher Plugin 1.0.0 and earlier allo ...)
	NOT-FOR-US: Jenkins plugin
CVE-2019-1003044 (A cross-site request forgery vulnerability in Jenkins Slack Notificati ...)
	NOT-FOR-US: Jenkins plugin
CVE-2019-1003043 (A missing permission check in Jenkins Slack Notification Plugin 2.19 a ...)
	NOT-FOR-US: Jenkins plugin
CVE-2019-1003042 (A cross site scripting vulnerability in Jenkins Lockable Resources Plu ...)
	NOT-FOR-US: Jenkins plugin
CVE-2019-1003041 (A sandbox bypass vulnerability in Jenkins Pipeline: Groovy Plugin 2.64 ...)
	NOT-FOR-US: Jenkins plugin
CVE-2019-1003040 (A sandbox bypass vulnerability in Jenkins Script Security Plugin 1.55  ...)
	NOT-FOR-US: Jenkins plugin
CVE-2019-10249 (All Xtext &amp; Xtend versions prior to 2.18.0 were built using HTTP i ...)
	NOT-FOR-US: Eclipse Xtext & Xtend
CVE-2019-10248 (Eclipse Vorto versions prior to 0.11 resolved Maven build artifacts fo ...)
	NOT-FOR-US: Eclipse Vorto
CVE-2019-10247 (In Eclipse Jetty version 7.x, 8.x, 9.2.27 and older, 9.3.26 and older, ...)
	[experimental] - jetty9 9.4.18-1
	- jetty9 <unfixed> (bug #928444)
	[buster] - jetty9 <no-dsa> (Minor issue)
	[stretch] - jetty9 <no-dsa> (Minor issue)
	- jetty8 <removed>
	[jessie] - jetty8 <no-dsa> (Minor issue)
	- jetty <removed>
	[jessie] - jetty <no-dsa> (Minor issue)
	NOTE: https://bugs.eclipse.org/bugs/show_bug.cgi?id=546577
	NOTE: https://github.com/eclipse/jetty.project/issues/3555
CVE-2019-10246 (In Eclipse Jetty version 9.2.27, 9.3.26, and 9.4.16, the server runnin ...)
	- jetty9 <not-affected> (Only affects Jetty on Windows)
	- jetty8 <not-affected> (Only affects Jetty on Windows)
	- jetty <not-affected> (Only affects Jetty on Windows)
	NOTE: https://bugs.eclipse.org/bugs/show_bug.cgi?id=546576
	NOTE: https://github.com/eclipse/jetty.project/issues/3549
CVE-2019-10245 (In Eclipse OpenJ9 prior to the 0.14.0 release, the Java bytecode verif ...)
	NOT-FOR-US: Eclipse OpenJ9
CVE-2019-10244 (In Eclipse Kura versions up to 4.0.0, the Web UI package and component ...)
	NOT-FOR-US: Eclipse Kura
CVE-2019-10243 (In Eclipse Kura versions up to 4.0.0, Kura exposes the underlying Ui W ...)
	NOT-FOR-US: Eclipse Kura
CVE-2019-10242 (In Eclipse Kura versions up to 4.0.0, the SkinServlet did not checked  ...)
	NOT-FOR-US: Eclipse Kura
CVE-2019-10241 (In Eclipse Jetty version 9.2.26 and older, 9.3.25 and older, and 9.4.1 ...)
	[experimental] - jetty9 9.4.18-1
	- jetty9 <unfixed> (bug #928444)
	[buster] - jetty9 <no-dsa> (Minor issue)
	[stretch] - jetty9 <no-dsa> (Minor issue)
	- jetty8 <removed>
	[jessie] - jetty8 <no-dsa> (Minor issue)
	- jetty <removed>
	[jessie] - jetty <no-dsa> (Minor issue)
	NOTE: https://bugs.eclipse.org/bugs/show_bug.cgi?id=546121
CVE-2019-10240 (Eclipse hawkBit versions prior to 0.3.0M2 resolved Maven build artifac ...)
	NOT-FOR-US: Eclipse hawkBit
CVE-2019-10239 (Robotronic RunAsSpc 3.7.0.0 protects stored credentials insufficiently ...)
	NOT-FOR-US: Robotronic RunAsSpc
CVE-2019-10238 (Sitemagic CMS v4.4 has XSS in SMFiles/FrmUpload.class.php via the file ...)
	NOT-FOR-US: Sitemagic CMS
CVE-2019-10237 (S-CMS PHP v1.0 has a CSRF vulnerability to add a new admin user via th ...)
	NOT-FOR-US: S-CMS PHP
CVE-2019-10236
	RESERVED
CVE-2019-10235
	RESERVED
CVE-2019-10234
	RESERVED
CVE-2019-10233 (Teclib GLPI before 9.4.1.1 is affected by a timing attack associated w ...)
	- glpi <removed> (unimportant)
	NOTE: https://github.com/glpi-project/glpi/pull/5562
	NOTE: Only supported behind an authenticated HTTP zone
CVE-2019-10232 (Teclib GLPI through 9.3.3 has SQL injection via the "cycle" parameter  ...)
	- glpi <removed> (unimportant)
	NOTE: https://github.com/glpi-project/glpi/commit/684d4fc423652ec7dde21cac4d41c2df53f56b3c
	NOTE: Only supported behind an authenticated HTTP zone
CVE-2019-10231 (Teclib GLPI before 9.4.1.1 is affected by a PHP type juggling vulnerab ...)
	- glpi <removed> (unimportant)
	NOTE: https://github.com/glpi-project/glpi/pull/5520
	NOTE: Only supported behind an authenticated HTTP zone
CVE-2019-10230
	RESERVED
CVE-2019-10229 (An issue was discovered in MailStore Server (and Service Provider Edit ...)
	NOT-FOR-US: MailStore
CVE-2019-10228
	RESERVED
CVE-2019-10227 (openITCOCKPIT before 3.7.1 has reflected XSS in the 404-not-found comp ...)
	NOT-FOR-US: openITCOCKPIT
CVE-2019-10226 (HTML Injection has been discovered in the v0.19.0 version of the Fat F ...)
	NOT-FOR-US: Fat Free CRM
CVE-2019-10225
	RESERVED
	NOT-FOR-US: OpenShift
CVE-2019-10224 (A flaw has been found in 389-ds-base versions 1.4.x.x before 1.4.1.3.  ...)
	- 389-ds-base 1.4.1.5-1
	[buster] - 389-ds-base <no-dsa> (Minor issue)
	[stretch] - 389-ds-base <not-affected> (vulnerable code not present)
	[jessie] - 389-ds-base <not-affected> (vulnerable code not present)
	- python-lib389 <removed>
	[stretch] - python-lib389 <no-dsa> (Minor issue)
	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1677147
	NOTE: https://pagure.io/389-ds-base/issue/50251
	NOTE: https://pagure.io/389-ds-base/c/632ecb90d96ac0535656f5aaf67fd2be4b81d310
CVE-2019-10223 (A security issue was discovered in the kube-state-metrics versions v1. ...)
	NOT-FOR-US: kube-state-metrics
CVE-2019-10222 (A flaw was found in the Ceph RGW configuration with Beast as the front ...)
	- ceph 14.2.4-1 (bug #936015)
	[buster] - ceph <no-dsa> (Minor issue; only triggerable if experimental feature enabled)
	[stretch] - ceph <not-affected> (Vulnerable code not present)
	[jessie] - ceph <not-affected> (Vulnerable code not present)
	NOTE: https://www.openwall.com/lists/oss-security/2019/08/28/9
	NOTE: https://github.com/ceph/ceph/pull/29967
	NOTE: https://github.com/ceph/ceph/commit/6171399fdedd928b4249d135b4036e3de25079aa
	NOTE: 12.2.x installations only affected by the vulnerability if experimental
	NOTE: features are enabled.
CVE-2019-10221 (A Reflected Cross Site Scripting vulnerability was found in all pki-co ...)
	- dogtag-pki <unfixed>
	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1732565
CVE-2019-10220 (Linux kernel CIFS implementation, version 4.9.0 is vulnerable to a rel ...)
	{DLA-2114-1 DLA-2068-1}
	- linux 5.3.9-1
	[buster] - linux 4.19.98-1
	[stretch] - linux 4.9.210-1
CVE-2019-10219 (A vulnerability was found in Hibernate-Validator. The SafeHtml validat ...)
	- libhibernate-validator-java <unfixed> (bug #948235)
	[buster] - libhibernate-validator-java <not-affected> (Vulnerable code was introduced later.)
	[stretch] - libhibernate-validator-java <not-affected> (Vulnerable code was introduced later.)
	[jessie] - libhibernate-validator-java <not-affected> (Vulnerable code was introduced later.)
	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1738673
	NOTE: https://hibernate.atlassian.net/browse/HV-1739
	NOTE: Fixed by https://github.com/hibernate/hibernate-validator/commit/124b7dd6d9a4ad24d4d49f74701f05a13e56ceee
CVE-2019-10218 (A flaw was found in the samba client, all samba versions before samba  ...)
	- samba 2:4.11.1+dfsg-2
	[buster] - samba <no-dsa> (Minor issue)
	[stretch] - samba <no-dsa> (Minor issue)
	[jessie] - samba <no-dsa> (Minor issue)
	NOTE: https://www.samba.org/samba/security/CVE-2019-10218.html
CVE-2019-10217 (A flaw was found in ansible 2.8.0 before 2.8.4. Fields managing sensit ...)
	- ansible 2.8.6+dfsg-1 (bug #934128)
	[buster] - ansible <not-affected> (Vulnerable code introduced later)
	[stretch] - ansible <not-affected> (Vulnerable code introduced later)
	[jessie] - ansible <not-affected> (vulnerable code introduced later)
	NOTE: https://github.com/ansible/ansible/issues/56269
	NOTE: https://github.com/ansible/ansible/pull/59427
	NOTE: Introduced by: https://github.com/ansible/ansible/commit/08918c6c2bcd73eb40b89af31736d3fcbe55e75a (v2.8.0a1)
	NOTE: Fixed by: https://github.com/ansible/ansible/commit/c1ee1f142db1e669b710a65147ea32be47a91519
CVE-2019-10216 (In ghostscript before version 9.50, the .buildfont1 procedure did not  ...)
	{DSA-4499-1 DLA-1880-1}
	- ghostscript 9.27~dfsg-3.1 (bug #934638)
	NOTE: https://www.openwall.com/lists/oss-security/2019/08/12/4
	NOTE: https://bugs.ghostscript.com/show_bug.cgi?id=701394
	NOTE: http://git.ghostscript.com/?p=ghostpdl.git;a=commitdiff;h=5b85ddd19
CVE-2019-10215 (Bootstrap-3-Typeahead after version 4.0.2 is vulnerable to a cross-sit ...)
	NOT-FOR-US: Bootstrap-3-Typeahead
CVE-2019-10214 (The containers/image library used by the container tools Podman, Build ...)
	- golang-github-containers-image <not-affected> (Vulnerable version was never in unstable)
	- singularity-container 3.5.0+ds1-1
	NOTE: https://github.com/containers/image/issues/654
	NOTE: https://github.com/containers/image/pull/669
CVE-2019-10213 (OpenShift Container Platform, versions 4.1 and 4.2, does not sanitize  ...)
	NOT-FOR-US: OpenShift
CVE-2019-10212 (A flaw was found in, all under 2.0.20, in the Undertow DEBUG log for i ...)
	- undertow 2.0.27-1
	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1731984
	NOTE: https://github.com/undertow-io/undertow/pull/817
CVE-2019-10211 (Postgresql Windows installer before versions 11.5, 10.10, 9.6.15, 9.5. ...)
	NOT-FOR-US: EnterpriseDB Windows installer
CVE-2019-10210 (Postgresql Windows installer before versions 11.5, 10.10, 9.6.15, 9.5. ...)
	NOT-FOR-US: EnterpriseDB Windows installer
CVE-2019-10209 (Postgresql, versions 11.x before 11.5, is vulnerable to a memory discl ...)
	{DSA-4493-1}
	- postgresql-11 11.5-1
	- postgresql-9.6 <not-affected> (Only affects PostgreSQL 11)
	- postgresql-9.4 <not-affected> (Only affects PostgreSQL 11)
	NOTE: https://www.postgresql.org/about/news/1960/
CVE-2019-10208 (A flaw was discovered in postgresql versions 9.4.x before 9.4.24, 9.5. ...)
	{DSA-4493-1 DSA-4492-1 DLA-1874-1}
	- postgresql-11 11.5-1
	- postgresql-9.6 <removed>
	- postgresql-9.4 <removed>
	NOTE: https://www.postgresql.org/about/news/1960/
CVE-2019-10207 (A flaw was found in the Linux kernel's Bluetooth implementation of UAR ...)
	{DSA-4497-1 DSA-4495-1 DLA-1885-1 DLA-1884-1}
	- linux 5.2.6-1
	NOTE: https://www.openwall.com/lists/oss-security/2019/07/25/1
	NOTE: https://lore.kernel.org/linux-bluetooth/20190725120909.31235-1-vdronov@redhat.com/T/#u
	NOTE: https://git.kernel.org/linus/b36a1552d7319bbfd5cf7f08726c23c5c66d4f73
CVE-2019-14856 (ansible before versions 2.8.6, 2.7.14, 2.6.20 is vulnerable to a None ...)
	- ansible <not-affected> (Incomplete fix for CVE-2019-10206 not applied)
	NOTE: https://github.com/ansible/ansible/pull/63351
	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1760829
CVE-2019-10206 (ansible-playbook -k and ansible cli tools, all versions 2.8.x before 2 ...)
	- ansible 2.8.6+dfsg-1 (bug #933005)
	[buster] - ansible <no-dsa> (Minor issue)
	[stretch] - ansible <no-dsa> (Minor issue)
	[jessie] - ansible <no-dsa> (Minor issue)
	NOTE: https://github.com/ansible/ansible/pull/59246
	NOTE: 2.8.x https://github.com/ansible/ansible/pull/59552
	NOTE: 2.7.x https://github.com/ansible/ansible/pull/59553
	NOTE: 2.6.x https://github.com/ansible/ansible/pull/59554
	NOTE: When fixing this issue is needed to make the fix complete with
	NOTE: https://github.com/ansible/ansible/pull/63351 to not open
	NOTE: CVE-2019-14856.
CVE-2019-10205 (A flaw was found in the way Red Hat Quay stores robot account tokens i ...)
	NOT-FOR-US: Red Hat Quay
CVE-2019-10204
	RESERVED
CVE-2019-10203 (PowerDNS Authoritative daemon , pdns versions 4.0.x before 4.0.9, 4.1. ...)
	- pdns 4.2.0-1 (low)
	[buster] - pdns <no-dsa> (Minor issue)
	[stretch] - pdns <no-dsa> (Minor issue)
	[jessie] - pdns <no-dsa> (Minor issue)
	NOTE: Fixed in 4.2.0, 4.1.11, 4.0.9, for existing installations a manual schema update
	NOTE: needs to be performed.
	NOTE: https://doc.powerdns.com/authoritative/security-advisories/powerdns-advisory-2019-06.html
CVE-2019-10202 (A series of deserialization vulnerabilities have been discovered in Co ...)
	NOT-FOR-US: Codehaus
CVE-2019-10201 (It was found that Keycloak's SAML broker, versions up to 6.0.1, did no ...)
	NOT-FOR-US: Keycloak
CVE-2019-10200
	RESERVED
	NOT-FOR-US: OpenShift
CVE-2019-10199 (It was found that Keycloak's account console, up to 6.0.1, did not per ...)
	NOT-FOR-US: Keycloak
CVE-2019-10198 (An authentication bypass vulnerability was discovered in foreman-tasks ...)
	- foreman <itp> (bug #663101)
CVE-2019-10197 (A flaw was found in samba versions 4.9.x up to 4.9.13, samba 4.10.x up ...)
	{DSA-4513-1}
	- samba 2:4.9.13+dfsg-1
	[stretch] - samba <not-affected> (Issue introduced in 4.9.0 upstream)
	[jessie] - samba <not-affected> (Issue introduced in 4.9.0 upstream)
	NOTE: https://www.samba.org/samba/security/CVE-2019-10197.html
CVE-2019-10196
	RESERVED
	NOT-FOR-US: nodejs-http-proxy-agent
CVE-2019-10195 (A flaw was found in IPA, all 4.6.x versions before 4.6.7, all 4.7.x ve ...)
	- freeipa 4.8.3-1
	[buster] - freeipa <no-dsa> (Minor issue; can be fixed via point release)
	NOTE: https://pagure.io/freeipa/c/02ce407f5e10e670d4788778037892b58f80adc0
CVE-2019-10194 (Sensitive passwords used in deployment and configuration of oVirt Metr ...)
	NOT-FOR-US: ovirt-engine-metrics
CVE-2019-10193 (A stack-buffer overflow vulnerability was found in the Redis hyperlogl ...)
	{DSA-4480-1}
	- redis 5:5.0.4-1 (bug #931625)
	[stretch] - redis <not-affected> (vulnerable code added later)
	[jessie] - redis <not-affected> (vulnerable code added later)
	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1727668
	NOTE: https://github.com/antirez/redis/issues/6214
	NOTE: https://github.com/antirez/redis/issues/6215 (upstream announcement)
	NOTE: https://github.com/antirez/redis/commit/a4b90be9fcd5e1668ac941cabce3b1ab38dbe326 (master)
	NOTE: https://github.com/antirez/redis/commit/12b5ff109508c2a192f700c7738da7e7f09670f1 (5.0.4)
CVE-2019-10192 (A heap-buffer overflow vulnerability was found in the Redis hyperloglo ...)
	{DSA-4480-1 DLA-1850-1}
	- redis 5:5.0.4-1 (bug #931625)
	NOTE: https://github.com/antirez/redis/issues/6215 (upstream announcement)
	NOTE: https://github.com/antirez/redis/commit/e216ceaf0e099536fe3658a29dcb725d812364e0
	NOTE: https://github.com/antirez/redis/commit/9f13b2bd4967334b1701c6eccdf53760cb13f79e
	NOTE: https://github.com/antirez/redis/commit/ef1833b3f9d02261617b757fd6ebe0ec3f1be507 (5.0.4)
	NOTE: https://github.com/antirez/redis/commit/7f79849caa006f0d760b6c7e17f7796e3be92b4f (5.0.4)
CVE-2019-10191 (A vulnerability was discovered in DNS resolver of knot resolver before ...)
	- knot-resolver 5.0.1-1 (bug #932048)
	NOTE: https://www.knot-resolver.cz/2019-07-10-knot-resolver-4.1.0.html
	NOTE: https://gitlab.labs.nic.cz/knot/knot-resolver/merge_requests/839
	NOTE: https://www.openwall.com/lists/oss-security/2019/07/14/1
CVE-2019-10190 (A vulnerability was discovered in DNS resolver component of knot resol ...)
	- knot-resolver 5.0.1-1 (bug #932048)
	NOTE: https://www.knot-resolver.cz/2019-07-10-knot-resolver-4.1.0.html
	NOTE: https://gitlab.labs.nic.cz/knot/knot-resolver/merge_requests/827
	NOTE: https://www.openwall.com/lists/oss-security/2019/07/14/1
CVE-2019-10189 (A flaw was found in moodle before versions 3.7.1, 3.6.5, 3.5.7. Teache ...)
	- moodle <removed>
CVE-2019-10188 (A flaw was found in moodle before versions 3.7.1, 3.6.5, 3.5.7. Teache ...)
	- moodle <removed>
CVE-2019-10187 (A flaw was found in moodle before versions 3.7.1, 3.6.5, 3.5.7. Users  ...)
	- moodle <removed>
CVE-2019-10186 (A flaw was found in moodle before versions 3.7.1, 3.6.5, 3.5.7. A sess ...)
	- moodle <removed>
CVE-2019-10185 (It was found that icedtea-web up to and including 1.7.2 and 1.8.2 was  ...)
	{DLA-1914-1}
	- icedtea-web 1.8.3-1 (bug #934319)
	[buster] - icedtea-web <no-dsa> (Minor issue)
	[stretch] - icedtea-web <no-dsa> (Minor issue)
	NOTE: https://www.openwall.com/lists/oss-security/2019/07/31/2
	NOTE: https://github.com/AdoptOpenJDK/IcedTea-Web/commit/26305807b41a5b4e9813db42531acd754899207f (1.7)
	NOTE: https://github.com/AdoptOpenJDK/IcedTea-Web/commit/686213a6d68c21879d92cea3699b279c8f2662fa (1.8)
CVE-2019-10184 (undertow before version 2.0.23.Final is vulnerable to an information l ...)
	- undertow 2.0.23-1
	NOTE: https://issues.jboss.org/browse/UNDERTOW-1578
	NOTE: https://github.com/undertow-io/undertow/pull/794
CVE-2019-10183 (Virt-install(1) utility used to provision new virtual machines has int ...)
	- virt-manager <not-affected> (Vulnerable code introduced in v2.2.0)
	NOTE: https://www.redhat.com/archives/virt-tools-list/2019-July/msg00014.html
CVE-2019-10182 (It was found that icedtea-web though 1.7.2 and 1.8.2 did not properly  ...)
	{DLA-1914-1}
	- icedtea-web 1.8.3-1 (bug #934319)
	[buster] - icedtea-web <no-dsa> (Minor issue)
	[stretch] - icedtea-web <no-dsa> (Minor issue)
	NOTE: https://www.openwall.com/lists/oss-security/2019/07/31/2
	NOTE: https://github.com/AdoptOpenJDK/IcedTea-Web/commit/f9c2cf7fd24415ba2bb2619b69259035338ee5b6 (1.7)
	NOTE: https://github.com/AdoptOpenJDK/IcedTea-Web/commit/7958049eedc213be1ad4ae80ee312b167ddb320f (1.8)
CVE-2019-10181 (It was found that in icedtea-web up to and including 1.7.2 and 1.8.2 e ...)
	{DLA-1914-1}
	- icedtea-web 1.8.3-1 (bug #934319)
	[buster] - icedtea-web <no-dsa> (Minor issue)
	[stretch] - icedtea-web <no-dsa> (Minor issue)
	NOTE: https://www.openwall.com/lists/oss-security/2019/07/31/2
	NOTE: https://github.com/AdoptOpenJDK/IcedTea-Web/commit/32d174def953d801eb1cfc9d989bff5e80aac3cd (1.7)
	NOTE: https://github.com/AdoptOpenJDK/IcedTea-Web/commit/528cb8163b7053576a658b9602b5694b21957b0e (1.8)
CVE-2019-10180 (A vulnerability was found in all pki-core 10.x.x version, where the To ...)
	- dogtag-pki <unfixed>
	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1721137
CVE-2019-10179 (A vulnerability was found in all pki-core 10.x.x versions, where the K ...)
	- dogtag-pki <unfixed>
	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1695901
CVE-2019-10178 (It was found that the Token Processing Service (TPS) did not properly  ...)
	- dogtag-pki <unfixed>
	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1719042
CVE-2019-10177 (A stored cross-site scripting (XSS) vulnerability was found in the PDF ...)
	NOT-FOR-US: Red Hat CloudForms
CVE-2019-10176 (A flaw was found in OpenShift Container Platform, versions 3.11 and la ...)
	NOT-FOR-US: OpenShift
CVE-2019-10175 (A flaw was found in the containerized-data-importer in virt-cdi-cloner ...)
	NOT-FOR-US: KubeVirt
CVE-2019-10174 (A vulnerability was found in Infinispan such that the invokeAccessibly ...)
	NOT-FOR-US: infinispan
CVE-2019-10173 (It was found that xstream API version 1.4.10 before 1.4.11 introduced  ...)
	- libxstream-java 1.4.11-1
	[stretch] - libxstream-java <not-affected> (Regression introduced in 1.4.10)
	[jessie] - libxstream-java <not-affected> (Regression introduced in 1.4.10)
	NOTE: http://x-stream.github.io/changes.html#1.4.11
	NOTE: Regression introduced and present only in 1.4.10.
CVE-2019-10172 (A flaw was found in org.codehaus.jackson:jackson-mapper-asl:1.9.x libr ...)
	{DLA-2091-1}
	- libjackson-json-java <unfixed>
	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1715075
	NOTE: https://stackoverflow.com/questions/38017676/small-fix-for-cve-2016-3720-with-older-versions-of-jackson-all-1-9-11-and-in-ja/38017721
CVE-2019-10171 (It was found that the fix for CVE-2018-14648 in 389-ds-base, versions  ...)
	- 389-ds-base <not-affected> (Incomplete RHEL backport)
CVE-2019-10170
	RESERVED
CVE-2019-10169
	RESERVED
CVE-2019-10168 (The virConnectBaselineHypervisorCPU() and virConnectCompareHypervisorC ...)
	- libvirt 5.0.0-4
	[stretch] - libvirt <not-affected> (Vulnerable code introduced later)
	[jessie] - libvirt <not-affected> (Vulnerable code introduced later)
	NOTE: https://access.redhat.com/libvirt-privesc-vulnerabilities
	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1720118
	NOTE: https://libvirt.org/git/?p=libvirt.git;a=commit;h=bf6c2830b6c338b1f5699b095df36f374777b291
CVE-2019-10167 (The virConnectGetDomainCapabilities() libvirt API, versions 4.x.x befo ...)
	{DSA-4469-1 DLA-1832-1}
	- libvirt 5.0.0-4
	NOTE: https://access.redhat.com/libvirt-privesc-vulnerabilities
	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1720117
	NOTE: https://libvirt.org/git/?p=libvirt.git;a=commit;h=8afa68bac0cf99d1f8aaa6566685c43c22622f26
CVE-2019-10166 (It was discovered that libvirtd, versions 4.x.x before 4.10.1 and 5.x. ...)
	- libvirt 5.0.0-4
	[stretch] - libvirt <not-affected> (Vulnerable code introduced in 3.6.1)
	[jessie] - libvirt <not-affected> (Vulnerable code introduced in 3.6.1)
	NOTE: https://access.redhat.com/libvirt-privesc-vulnerabilities
	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1720114
	NOTE: https://libvirt.org/git/?p=libvirt.git;a=commit;h=db0b78457f183e4c7ac45bc94de86044a1e2056a
CVE-2019-10165 (OpenShift Container Platform before version 4.1.3 writes OAuth tokens  ...)
	NOT-FOR-US: OpenShift
CVE-2019-10164 (PostgreSQL versions 10.x before 10.9 and versions 11.x before 11.4 are ...)
	- postgresql-11 11.4-1
	- postgresql-9.6 <not-affected> (Only affects 10.x and later)
	- postgresql-9.4 <not-affected> (Only affects 10.x and later)
	NOTE: https://www.postgresql.org/about/news/1949/
CVE-2019-10163 (A Vulnerability has been found in PowerDNS Authoritative Server before ...)
	{DSA-4470-1 DLA-1843-1}
	- pdns 4.1.6-3
	NOTE: https://www.openwall.com/lists/oss-security/2019/06/21/5
	NOTE: https://doc.powerdns.com/authoritative/security-advisories/powerdns-advisory-2019-05.html
CVE-2019-10162 (A vulnerability has been found in PowerDNS Authoritative Server before ...)
	{DSA-4470-1 DLA-1843-1}
	- pdns 4.1.6-3
	NOTE: https://www.openwall.com/lists/oss-security/2019/06/21/5
	NOTE: https://doc.powerdns.com/authoritative/security-advisories/powerdns-advisory-2019-04.html
CVE-2019-10161 (It was discovered that libvirtd before versions 4.10.1 and 5.4.1 would ...)
	{DSA-4469-1 DLA-1832-1}
	- libvirt 5.0.0-4
	NOTE: https://access.redhat.com/libvirt-privesc-vulnerabilities
	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1720115
	NOTE: https://libvirt.org/git/?p=libvirt.git;a=commit;h=aed6a032cead4386472afb24b16196579e239580
CVE-2019-10160 (A security regression of CVE-2019-9636 was discovered in python since  ...)
	- python3.7 3.7.4~rc2-2
	[buster] - python3.7 3.7.3-2+deb10u1
	- python3.6 <not-affected> (Incomplete fix for CVE-2019-9636 not applied)
	- python3.5 <not-affected> (Incomplete fix for CVE-2019-9636 not applied)
	- python3.4 <not-affected> (Incomplete fix for CVE-2019-9636 not applied)
	- python2.7 2.7.16-3
	[buster] - python2.7 2.7.16-2+deb10u1
	[stretch] - python2.7 <not-affected> (Incomplete fix for CVE-2019-9636 not applied)
	[jessie] - python2.7 <not-affected> (Incomplete fix for CVE-2019-9636 not applied)
	NOTE: Introduced by: https://github.com/python/cpython/commit/d537ab0ff9767ef024f26246899728f0116b1ec3 (v3.8.0a4)
	NOTE: Fixed by: https://github.com/python/cpython/commit/8d0ef0b5edeae52960c7ed05ae8a12388324f87e (v3.8.0b1)
	NOTE: https://github.com/python/cpython/commit/250b62acc59921d399f0db47db3b462cd6037e09 (3.7)
	NOTE: https://bugs.python.org/issue36742
	NOTE: Patches for 2.7:
	NOTE: https://github.com/python/cpython/commit/98a4dcefbbc3bce5ab07e7c0830a183157250259
	NOTE: https://github.com/python/cpython/commit/f61599b050c621386a3fc6bc480359e2d3bb93de
	NOTE: https://github.com/python/cpython/commit/2b578479b96aa3deeeb8bac313a02b5cf3cb1aff
CVE-2019-10159 (cfme-gemset versions 5.10.4.3 and below, 5.9.9.3 and below are vulnera ...)
	NOT-FOR-US: Red Hat CloudForms Management Engine
CVE-2019-10158 (A flaw was found in Infinispan through version 9.4.14.Final. An improp ...)
	NOT-FOR-US: infinispan
CVE-2019-10157 (It was found that Keycloak's Node.js adapter before version 4.8.3 did  ...)
	NOT-FOR-US: Keycloak
CVE-2019-10156 (A flaw was discovered in the way Ansible templating was implemented in ...)
	{DLA-1923-1}
	- ansible 2.8.3+dfsg-1 (low; bug #930065)
	[buster] - ansible <no-dsa> (Minor issue)
	[stretch] - ansible <no-dsa> (Minor issue)
	NOTE: https://github.com/ansible/ansible/pull/57188
CVE-2019-10155 (The Libreswan Project has found a vulnerability in the processing of I ...)
	- libreswan 3.27-6 (bug #930338)
	- strongswan 5.1.0-1
	- openswan <removed>
	- freeswan <removed>
	NOTE: https://libreswan.org/security/CVE-2019-10155/
	NOTE: Not vulnerable: libreswan 3.29 and later, strongswan 5.0 and later, freeswan
CVE-2019-10154 (A flaw was found in Moodle before versions 3.7, 3.6.4. A web service f ...)
	- moodle <removed>
CVE-2019-10153 (A flaw was discovered in fence-agents, prior to version 4.3.4, where u ...)
	- fence-agents 4.3.3-2 (low; bug #930887)
	[stretch] - fence-agents 4.0.25-1+deb9u1
	[jessie] - fence-agents <not-affected> (Vulnerable code introduced later)
	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1670460
	NOTE: https://github.com/ClusterLabs/fence-agents/pull/255
	NOTE: https://github.com/ClusterLabs/fence-agents/pull/272
CVE-2019-10152 (A path traversal vulnerability has been discovered in podman before ve ...)
	- podman <itp> (bug #930440)
CVE-2019-10151
	RESERVED
CVE-2019-10150 (It was found that OpenShift Container Platform versions 3.6.x - 4.6.0  ...)
	NOT-FOR-US: OpenShift
CVE-2019-10149 (A flaw was found in Exim versions 4.87 to 4.91 (inclusive). Improper v ...)
	{DSA-4456-1}
	- exim4 4.92~RC3-1
	[jessie] - exim4 <not-affected> (Vulnerable code introduced in 4.87)
	NOTE: https://www.openwall.com/lists/oss-security/2019/06/04/1
	NOTE: https://www.exim.org/static/doc/security/CVE-2019-10149.txt
	NOTE: https://www.openwall.com/lists/oss-security/2019/06/06/1
	NOTE: https://github.com/Exim/exim/commit/7ea1237c783e380d7bdb86c90b13d8203c7ecf26 (exim-4.92-RC1)
	NOTE: https://git.exim.org/exim.git/commit/d740d2111f189760593a303124ff6b9b1f83453d (exim-4_91+fixes)
CVE-2019-10148
	RESERVED
CVE-2019-10147 (rkt through version 1.30.0 does not isolate processes in containers th ...)
	- rkt <unfixed> (bug #929781)
	NOTE: https://www.twistlock.com/labs-blog/breaking-out-of-coresos-rkt-3-new-cves/
	NOTE: https://github.com/rkt/rkt/issues/3998
CVE-2019-10146 (A Reflected Cross Site Scripting flaw was found in all pki-core 10.x.x ...)
	- dogtag-pki <unfixed>
	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1710171
CVE-2019-10145 (rkt through version 1.30.0 does not isolate processes in containers th ...)
	- rkt <unfixed> (bug #929781)
	NOTE: https://www.twistlock.com/labs-blog/breaking-out-of-coresos-rkt-3-new-cves/
	NOTE: https://github.com/rkt/rkt/issues/3998
CVE-2019-10144 (rkt through version 1.30.0 does not isolate processes in containers th ...)
	- rkt <unfixed> (bug #929781)
	NOTE: https://www.twistlock.com/labs-blog/breaking-out-of-coresos-rkt-3-new-cves/
	NOTE: https://github.com/rkt/rkt/issues/3998
CVE-2019-10143 (** DISPUTED ** It was discovered freeradius up to and including versio ...)
	- freeradius <unfixed> (unimportant; bug #929466)
	NOTE: https://github.com/FreeRADIUS/freeradius-server/pull/2666
	NOTE: https://github.com/FreeRADIUS/freeradius-server/commit/1f233773962bf1a9c2d228a180eacddb9db2d574
	NOTE: This is not a security issue per se
CVE-2019-10142 (A flaw was found in the Linux kernel's freescale hypervisor manager im ...)
	- linux 5.2.6-1 (unimportant)
	[buster] - linux 4.19.67-1
	[stretch] - linux 4.9.184-1
	[jessie] - linux 3.16.70-1
	NOTE: Fixed by: https://git.kernel.org/linus/6a024330650e24556b8a18cc654ad00cfecf6c6c
	NOTE: CONFIG_FSL_HV_MANAGER not enabled in kernel builds in Debian.
CVE-2019-10141 (A vulnerability was found in openstack-ironic-inspector all versions e ...)
	- ironic-inspector 8.0.0-3 (bug #929332)
	[stretch] - ironic-inspector <no-dsa> (Minor issue)
	NOTE: https://review.opendev.org/#/c/660234/
	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1711722
CVE-2019-10140 (A vulnerability was found in Linux kernel's, versions up to 3.10, impl ...)
	- linux <not-affected> (Vulnerability introduce in Red Hat specific backport)
CVE-2019-10139 (During HE deployment via cockpit-ovirt, cockpit-ovirt generates an ans ...)
	NOT-FOR-US: cockpit-ovirt
CVE-2019-10138 (A flaw was discovered in the python-novajoin plugin, all versions up t ...)
	NOT-FOR-US: python-novajoin plugin for OpenStack
CVE-2019-10137 (A path traversal flaw was found in spacewalk-proxy, all versions throu ...)
	NOT-FOR-US: Red Hat Satellite / Spacewalk
CVE-2019-10136 (It was found that Spacewalk, all versions through 2.9, did not safely  ...)
	NOT-FOR-US: Red Hat Satellite / Spacewalk
CVE-2019-10135 (A flaw was found in the yaml.load() function in the osbs-client versio ...)
	NOTE: OpenShift Build Service client
CVE-2019-10134 (A flaw was found in Moodle before 3.7, 3.6.4, 3.5.6, 3.4.9 and 3.1.18. ...)
	- moodle <removed>
CVE-2019-10133 (A flaw was found in Moodle before 3.7, 3.6.4, 3.5.6, 3.4.9 and 3.1.18. ...)
	- moodle <removed>
CVE-2019-10132 (A vulnerability was found in libvirt &gt;= 4.1.0 in the virtlockd-admi ...)
	- libvirt 5.0.0-3 (bug #929334)
	[stretch] - libvirt <not-affected> (Vulnerable code introduced in 4.1.0-rc1)
	[jessie] - libvirt <not-affected> (Vulnerable code introduced in 4.1.0-rc1)
	NOTE: https://security.libvirt.org/2019/0003.html
CVE-2019-10131 (An off-by-one read vulnerability was discovered in ImageMagick before  ...)
	[experimental] - imagemagick 8:6.9.10.2+dfsg-1
	- imagemagick 8:6.9.10.2+dfsg-2
	[stretch] - imagemagick <no-dsa> (Minor issue)
	[jessie] - imagemagick <no-dsa> (Minor issue)
	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1704762
	NOTE: https://github.com/ImageMagick/ImageMagick/commit/cb1214c124e1bd61f7dd551b94a794864861592e
	NOTE: https://github.com/ImageMagick/ImageMagick6/commit/7ccc28ee4c777d915f95919ac3bcf8adf93037a7
CVE-2019-10130 (A vulnerability was found in PostgreSQL versions 11.x up to excluding  ...)
	{DSA-4439-1}
	- postgresql-11 11.3-1
	- postgresql-9.6 <removed>
	- postgresql-9.4 <removed>
	[jessie] - postgresql-9.4 <not-affected> (Row security was introduced in 9.5)
	NOTE: https://www.postgresql.org/about/news/1939/
CVE-2019-10129 (A vulnerability was found in postgresql versions 11.x prior to 11.3. U ...)
	- postgresql-11 11.3-1
	NOTE: https://www.postgresql.org/about/news/1939/
CVE-2019-10128
	RESERVED
	- postgresql-11 <not-affected> (Windows-specific)
	NOTE: https://www.postgresql.org/about/news/1939/
CVE-2019-10127
	RESERVED
	- postgresql-11 <not-affected> (Windows-specific)
	NOTE: https://www.postgresql.org/about/news/1939/
CVE-2019-10126 (A flaw was found in the Linux kernel. A heap based buffer overflow in  ...)
	{DSA-4465-1 DLA-1824-1 DLA-1823-1}
	- linux 4.19.37-4
	NOTE: https://lore.kernel.org/linux-wireless/20190531131841.7552-1-tiwai@suse.de
CVE-2019-10125 (An issue was discovered in aio_poll() in fs/aio.c in the Linux kernel  ...)
	- linux 4.19.37-1
	[stretch] - linux <not-affected> (Vulnerable code introduced later)
	[jessie] - linux <not-affected> (Vulnerable code introduced later)
	NOTE: https://patchwork.kernel.org/patch/10828359/
	NOTE: https://git.kernel.org/linus/84c4e1f89fefe70554da0ab33be72c9be7994379
CVE-2019-10124
	REJECTED
CVE-2019-10123 (SQL Injection in Advanced InfoData Systems (AIS) ESEL-Server 67 (which ...)
	NOT-FOR-US: Advanced InfoData Systems (AIS)
CVE-2019-10122 (eQ-3 HomeMatic CCU2 devices before 2.41.9 and CCU3 devices before 3.43 ...)
	NOT-FOR-US: eQ-3 HomeMatic CCU2 and CCU3 devices
CVE-2019-10121 (eQ-3 HomeMatic CCU2 devices before 2.41.8 and CCU3 devices before 3.43 ...)
	NOT-FOR-US: eQ-3 HomeMatic CCU2 and CCU3 devices
CVE-2019-10120 (On eQ-3 HomeMatic CCU2 devices before 2.41.8 and CCU3 devices before 3 ...)
	NOT-FOR-US: eQ-3 HomeMatic CCU2 and CCU3 devices
CVE-2019-10119 (eQ-3 HomeMatic CCU2 devices before 2.41.8 and CCU3 devices before 3.43 ...)
	NOT-FOR-US: eQ-3 HomeMatic CCU2 and CCU3 devices
CVE-2019-10118 (Snipe-IT before 4.6.14 has XSS, as demonstrated by log_meta values and ...)
	NOT-FOR-US: Snipe-IT
CVE-2019-10117 (An Open Redirect issue was discovered in GitLab Community and Enterpri ...)
	- gitlab <not-affected> (Only affects 11.9 and later)
	NOTE: https://about.gitlab.com/2019/04/01/security-release-gitlab-11-dot-9-dot-4-released/
CVE-2019-10116 (An Insecure Permissions issue (issue 3 of 3) was discovered in GitLab  ...)
	- gitlab 11.8.6+dfsg-1 (bug #926482)
	NOTE: https://about.gitlab.com/2019/04/01/security-release-gitlab-11-dot-9-dot-4-released/
CVE-2019-10115 (An Insecure Permissions issue (issue 2 of 3) was discovered in GitLab  ...)
	- gitlab 11.8.6+dfsg-1 (bug #926482)
	NOTE: https://about.gitlab.com/2019/04/01/security-release-gitlab-11-dot-9-dot-4-released/
CVE-2019-10114 (An Information Exposure issue (issue 2 of 2) was discovered in GitLab  ...)
	- gitlab <not-affected> (Only affects 11.9 and later)
	NOTE: https://about.gitlab.com/2019/04/01/security-release-gitlab-11-dot-9-dot-4-released/
CVE-2019-10113 (An issue was discovered in GitLab Community and Enterprise Edition bef ...)
	- gitlab 11.8.6+dfsg-1 (bug #926482)
	NOTE: https://about.gitlab.com/2019/04/01/security-release-gitlab-11-dot-9-dot-4-released/
CVE-2019-10112 (An issue was discovered in GitLab Community and Enterprise Edition bef ...)
	- gitlab <not-affected> (Only affects 11.9 and later)
	NOTE: https://about.gitlab.com/2019/04/01/security-release-gitlab-11-dot-9-dot-4-released/
CVE-2019-10111 (An issue was discovered in GitLab Community and Enterprise Edition bef ...)
	- gitlab 11.8.6+dfsg-1 (bug #926482)
	NOTE: https://about.gitlab.com/2019/04/01/security-release-gitlab-11-dot-9-dot-4-released/
CVE-2019-10110 (An Insecure Permissions issue (issue 1 of 3) was discovered in GitLab  ...)
	- gitlab 11.8.6+dfsg-1 (bug #926482)
	NOTE: https://about.gitlab.com/2019/04/01/security-release-gitlab-11-dot-9-dot-4-released/
CVE-2019-10109 (An Information Exposure issue (issue 1 of 2) was discovered in GitLab  ...)
	- gitlab 11.8.6+dfsg-1 (bug #926482)
	NOTE: https://about.gitlab.com/2019/04/01/security-release-gitlab-11-dot-9-dot-4-released/
CVE-2019-10108 (An Incorrect Access Control (issue 1 of 2) was discovered in GitLab Co ...)
	- gitlab <not-affected> (Only affects 11.8.4 and later)
	NOTE: https://about.gitlab.com/2019/04/01/security-release-gitlab-11-dot-9-dot-4-released/
CVE-2019-10107 (CMS Made Simple 2.2.10 has XSS via the myaccount.php "Email Address" f ...)
	NOT-FOR-US: CMS Made Simple
CVE-2019-10106 (CMS Made Simple 2.2.10 has XSS via the 'moduleinterface.php' Name fiel ...)
	NOT-FOR-US: CMS Made Simple
CVE-2019-10105 (CMS Made Simple 2.2.10 has a Self-XSS vulnerability via the Layout Des ...)
	NOT-FOR-US: CMS Made Simple
CVE-2019-10104 (In several JetBrains IntelliJ IDEA Ultimate versions, an Application S ...)
	- intellij-idea <itp> (bug #747616)
CVE-2019-10103 (JetBrains IntelliJ IDEA projects created using the Kotlin (JS Client/J ...)
	- intellij-idea <itp> (bug #747616)
CVE-2019-10102 (JetBrains Ktor framework (created using the Kotlin IDE template) versi ...)
	NOT-FOR-US: JetBrains
CVE-2019-10101 (JetBrains Kotlin versions before 1.3.30 were resolving artifacts using ...)
	NOT-FOR-US: JetBrains
CVE-2019-10100 (In JetBrains YouTrack Confluence plugin versions before 1.8.1.3, it wa ...)
	NOT-FOR-US: JetBrains YouTrack Confluence plugin
CVE-2019-1000031 (A disk space or quota exhaustion issue exists in article2pdf_getfile.p ...)
	NOT-FOR-US: article2pdf Wordpress plugin
CVE-2019-10099 (Prior to Spark 2.3.3, in certain situations Spark would write user dat ...)
	NOT-FOR-US: Apache Spark
CVE-2019-10098 (In Apache HTTP server 2.4.0 to 2.4.39, Redirects configured with mod_r ...)
	{DSA-4509-1 DLA-1900-1}
	- apache2 2.4.41-1
	NOTE: Affects upstream versions 2.4.0 to 2.4.39
	NOTE: https://httpd.apache.org/security/vulnerabilities_24.html#CVE-2019-10098
	NOTE: https://svn.apache.org/r1864192
CVE-2019-10097 (In Apache HTTP Server 2.4.32-2.4.39, when mod_remoteip was configured  ...)
	- apache2 2.4.41-1
	[buster] - apache2 2.4.38-3+deb10u1
	[stretch] - apache2 <not-affected> (PROXY protocol support in mod_remoteip added later)
	[jessie] - apache2 <not-affected> (PROXY protocol support in mod_remoteip added later)
	NOTE: Affects upstream versions 2.4.32 to 2.4.39
	NOTE: https://httpd.apache.org/security/vulnerabilities_24.html#CVE-2019-10097
	NOTE: https://svn.apache.org/r1864613
CVE-2019-10096
	RESERVED
CVE-2019-10095
	RESERVED
CVE-2019-10094 (A carefully crafted package/compressed file that, when unzipped/uncomp ...)
	- tika 1.22-1 (bug #933746)
	[buster] - tika <no-dsa> (Minor issue)
	[jessie] - tika <not-affected> (Vulnerable feature introduced in 1.7)
	NOTE: https://www.openwall.com/lists/oss-security/2019/08/02/4
	NOTE: https://github.com/apache/tika/commit/c4e63c9be8665cccea8b680c59a6f5cfbc03e0fc
CVE-2019-10093 (In Apache Tika 1.19 to 1.21, a carefully crafted 2003ml or 2006ml file ...)
	- tika 1.22-1 (bug #933745)
	[buster] - tika <no-dsa> (Minor issue)
	[jessie] - tika <not-affected> (The vulnerable code was introduced later)
	NOTE: https://www.openwall.com/lists/oss-security/2019/08/02/3
	NOTE: https://github.com/apache/tika/commit/81c21ab0aac6b3e4102a1a8906c8c7eab6f96dae
CVE-2019-10092 (In Apache HTTP Server 2.4.0-2.4.39, a limited cross-site scripting iss ...)
	{DSA-4509-3 DSA-4509-1 DLA-1900-1}
	- apache2 2.4.41-1
	NOTE: Affects upstream versions 2.4.0 to 2.4.39
	NOTE: https://httpd.apache.org/security/vulnerabilities_24.html#CVE-2019-10092
	NOTE: https://bz.apache.org/bugzilla/show_bug.cgi?id=63688#c5
	NOTE: https://svn.apache.org/r1864191
	NOTE: Regression: https://bugs.debian.org/941202
CVE-2019-10091 (When TLS is enabled with ssl-endpoint-identification-enabled set to tr ...)
	NOT-FOR-US: Apache Geode
CVE-2019-10090 (On Apache JSPWiki, up to version 2.11.0.M4, a carefully crafted plugin ...)
	- jspwiki <removed>
CVE-2019-10089 (On Apache JSPWiki, up to version 2.11.0.M4, a carefully crafted plugin ...)
	- jspwiki <removed>
CVE-2019-10088 (A carefully crafted or corrupt zip file can cause an OOM in Apache Tik ...)
	- tika 1.22-1 (bug #933744)
	[buster] - tika <no-dsa> (Minor issue)
	[jessie] - tika <not-affected> (Vulnerable feature introduced in 1.7)
	NOTE: https://www.openwall.com/lists/oss-security/2019/08/02/2
	NOTE: https://github.com/apache/tika/commit/426be73b9e7500fa3d441231fa4e473de34743f6
CVE-2019-10087 (On Apache JSPWiki, up to version 2.11.0.M4, a carefully crafted plugin ...)
	- jspwiki <removed>
CVE-2019-10086 (In Apache Commons Beanutils 1.9.2, a special BeanIntrospector class wa ...)
	{DLA-1896-1}
	- commons-beanutils 1.9.4-1
	[buster] - commons-beanutils <no-dsa> (Minor issue; can be fixed via point release)
	[stretch] - commons-beanutils <no-dsa> (Minor issue; can be fixed via point release)
	NOTE: https://issues.apache.org/jira/browse/BEANUTILS-520
	NOTE: https://github.com/apache/commons-beanutils/pull/7
	NOTE: https://github.com/apache/commons-beanutils/commit/dd48f4e589462a8cdb1f29bbbccb35d6b0291d58
	NOTE: With the patch applied, the libary is secured by default. To opt-out and allow
	NOTE: access to the 'class' property one needs to remove the feature explicitly. Cf.
	NOTE: https://github.com/apache/commons-beanutils/pull/7#issue-281406699
CVE-2019-10085 (In Apache Allura prior to 1.11.0, a vulnerability exists for stored XS ...)
	NOT-FOR-US: Apache Allura
CVE-2019-10084 (In Apache Impala 2.7.0 to 3.2.0, an authenticated user with access to  ...)
	NOT-FOR-US: Apache Impala
CVE-2019-10083 (When updating a Process Group via the API in NiFi versions 1.3.0 to 1. ...)
	NOT-FOR-US: Apache NiFi
CVE-2019-10082 (In Apache HTTP Server 2.4.18-2.4.39, using fuzzed network input, the h ...)
	{DSA-4509-1}
	- apache2 2.4.41-1
	[jessie] - apache2 <not-affected> (HTTP/2 support only available since version 2.4.17 and later)
	NOTE: Affects upstream versions 2.4.18 to 2.4.39
	NOTE: https://httpd.apache.org/security/vulnerabilities_24.html#CVE-2019-10082
CVE-2019-10081 (HTTP/2 (2.4.20 through 2.4.39) very early pushes, for example configur ...)
	{DSA-4509-1}
	- apache2 2.4.41-1
	[jessie] - apache2 <not-affected> (HTTP/2 support only available since version 2.4.17 and later)
	NOTE: Affects upstream versions 2.4.20 to 2.4.39
	NOTE: https://httpd.apache.org/security/vulnerabilities_24.html#CVE-2019-10081
CVE-2019-10080 (The XMLFileLookupService in NiFi versions 1.3.0 to 1.9.2 allowed trust ...)
	NOT-FOR-US: Apache NiFi
CVE-2019-10079 (Apache Traffic Server is vulnerable to HTTP/2 setting flood attacks. E ...)
	{DSA-4520-1}
	- trafficserver 8.0.5+ds-1
	NOTE: https://lists.apache.org/thread.html/ad3d01e767199c1aed8033bb6b3f5bf98c011c7c536f07a5d34b3c19@%3Cannounce.trafficserver.apache.org%3E
CVE-2019-10078 (A carefully crafted plugin link invocation could trigger an XSS vulner ...)
	- jspwiki <removed>
CVE-2019-10077 (A carefully crafted InterWiki link could trigger an XSS vulnerability  ...)
	- jspwiki <removed>
CVE-2019-10076 (A carefully crafted malicious attachment could trigger an XSS vulnerab ...)
	- jspwiki <removed>
CVE-2019-10075
	REJECTED
CVE-2019-10074 (An RCE is possible by entering Freemarker markup in an Apache OFBiz Fo ...)
	NOT-FOR-US: Apache OFBiz
CVE-2019-10073 (The "Blog", "Forum", "Contact Us" screens of the template "ecommerce"  ...)
	NOT-FOR-US: Apache OFBiz
CVE-2019-10072 (The fix for CVE-2019-0199 was incomplete and did not address HTTP/2 co ...)
	- tomcat9 9.0.22-1 (bug #931131; bug #930872)
	- tomcat8 <removed> (bug #30873)
	[stretch] - tomcat8 <not-affected> (Incomplete fix for CVE-2019-0199 not applied)
	[jessie] - tomcat8 <not-affected> (HTTP/2 support not implemented)
	NOTE: https://lists.apache.org/thread.html/df1a2c1b87c8a6c500ecdbbaf134c7f1491c8d79d98b48c6b9f0fa6a@%3Cannounce.tomcat.apache.org%3E
CVE-2019-10071 (The code which checks HMAC in form submissions used String.equals() fo ...)
	NOT-FOR-US: Apache Tapestry
CVE-2019-10070 (Apache Atlas versions 0.8.3 and 1.1.0 were found vulnerable to Stored  ...)
	NOT-FOR-US: Apache Atlas
CVE-2019-10069 (In Godot through 3.1, remote code execution is possible due to the des ...)
	NOT-FOR-US: Godot
CVE-2019-10068 (An issue was discovered in Kentico before 12.0.15. Due to a failure to ...)
	NOT-FOR-US: Kentico
CVE-2019-10067 (An issue was discovered in Open Ticket Request System (OTRS) 7.x throu ...)
	- otrs2 6.0.18-1
	[buster] - otrs2 6.0.16-2
	[stretch] - otrs2 <no-dsa> (Non-free not supported)
	[jessie] - otrs2 <not-affected> (vulnerable code is not present)
	NOTE: OTRS 6: https://github.com/OTRS/otrs/commit/8a489236336ddc82e745c27abb32dfa1ceefb0f4
	NOTE: OTRS 5: https://github.com/OTRS/otrs/commit/67158d8b08309859572c795982ecc7c52484ab0e
	NOTE: https://community.otrs.com/security-advisory-2019-05-security-update-for-otrs-framework/
CVE-2019-10066 (An issue was discovered in Open Ticket Request System (OTRS) 7.x throu ...)
	- otrs2 6.0.18-1
	[buster] - otrs2 6.0.16-2
	[stretch] - otrs2 <not-affected> (Vulnerable code introduced later)
	[jessie] - otrs2 <not-affected> (vulnerable code is not present)
	NOTE: OTRS 6: https://github.com/OTRS/otrs/commit/b99cad21f2dd1c2d52299424a589b0b2f20d7ba8
	NOTE: https://community.otrs.com/security-advisory-2019-06-security-update-for-otrs-framework/
CVE-2019-10065 (An issue was discovered in Open Ticket Request System (OTRS) 7.0 throu ...)
	- otrs2 <not-affected> (Only affects 7.x series)
	NOTE: https://otrs.com/release-notes/otrs-security-advisory-2019-07/
CVE-2019-10064 (hostapd before 2.6, in EAP mode, makes calls to the rand() and random( ...)
	{DLA-2138-1}
	- wpa 2:2.6-7
	NOTE: https://www.openwall.com/lists/oss-security/2020/02/27/1
	NOTE: Comment from upstream: https://www.openwall.com/lists/oss-security/2020/02/27/2
	NOTE: Issue fixed in conjunction with CVE-2016-10743.
	NOTE: https://w1.fi/cgit/hostap/commit/?id=4b16c15bbc8b20a85bb3d6f45bba5621a047618e
	NOTE: There was already a 2.6 upload late in 2016 but then reverted to a 2.4 based
	NOTE: version and only reuploaded as 2:2.6-7 to unstable.
CVE-2019-10063 (Flatpak before 1.0.8, 1.1.x and 1.2.x before 1.2.4, and 1.3.x before 1 ...)
	- flatpak 1.2.3-2 (bug #925541)
	[stretch] - flatpak 0.8.9-0+deb9u3
	NOTE: https://github.com/flatpak/flatpak/issues/2782
	NOTE: https://github.com/flatpak/flatpak/commit/a9107feeb4b8275b78965b36bf21b92d5724699e
CVE-2019-10062
	RESERVED
CVE-2019-10061 (utils/find-opencv.js in node-opencv (aka OpenCV bindings for Node.js)  ...)
	- node-opencv 6.0.0+git20180416.cfc96ba0-3 (unimportant; bug #925571)
	NOTE: https://www.npmjs.com/advisories/789
	NOTE: https://github.com/peterbraden/node-opencv/commit/81a4b8620188e89f7e4fc985f3c89b58d4bcc86b
	NOTE: https://github.com/peterbraden/node-opencv/commit/aaece6921d7368577511f06c94c99dd4e9653563
	NOTE: Nodejs not covered by security support
CVE-2019-10060 (The Verix Multi-app Conductor application 2.7 for Verifone Verix suffe ...)
	NOT-FOR-US: Verix Multi-app Conductor application for Verifone Verix
CVE-2019-10059 (The legacy finger service (TCP port 79) is enabled by default on vario ...)
	NOT-FOR-US: Lexmark
CVE-2019-10058 (Various Lexmark products have Incorrect Access Control. ...)
	NOT-FOR-US: Lexmark
CVE-2019-10057 (Various Lexmark products have CSRF. ...)
	NOT-FOR-US: Lexmark
CVE-2019-10056 (An issue was discovered in Suricata 4.1.3. The code mishandles the cas ...)
	- suricata 1:4.1.4-1
	[buster] - suricata <no-dsa> (Minor issue)
	[stretch] - suricata <no-dsa> (Minor issue)
	[jessie] - suricata <no-dsa> (Minor issue)
	NOTE: https://redmine.openinfosecfoundation.org/issues/2946
CVE-2019-10055 (An issue was discovered in Suricata 4.1.3. The function ftp_pasv_respo ...)
	- suricata 1:4.1.4-1
	[buster] - suricata <no-dsa> (Minor issue)
	[stretch] - suricata <no-dsa> (Minor issue)
	[jessie] - suricata <no-dsa> (Minor issue)
	NOTE: https://redmine.openinfosecfoundation.org/issues/2949
CVE-2019-10054 (An issue was discovered in Suricata 4.1.3. The function process_reply_ ...)
	- suricata 1:4.1.4-1
	[buster] - suricata <no-dsa> (Minor issue)
	[stretch] - suricata <no-dsa> (Minor issue)
	[jessie] - suricata <no-dsa> (Minor issue)
	NOTE: https://redmine.openinfosecfoundation.org/issues/2943
CVE-2019-10053 (An issue was discovered in Suricata 4.1.x before 4.1.4. If the input o ...)
	- suricata 1:4.1.4-1
	[buster] - suricata <no-dsa> (Minor issue)
	[stretch] - suricata <no-dsa> (Minor issue)
	[jessie] - suricata <no-dsa> (Minor issue)
	NOTE: https://redmine.openinfosecfoundation.org/issues/2883
	NOTE: https://github.com/OISF/suricata/commit/51790d3824bc381e24aaeef20338dd6b8bd4e453
CVE-2019-10052 (An issue was discovered in Suricata 4.1.3. If the network packet does  ...)
	- suricata 1:4.1.4-1
	[buster] - suricata <no-dsa> (Minor issue)
	[stretch] - suricata <no-dsa> (Minor issue)
	[jessie] - suricata <not-affected> (Vulnerable code not present)
	NOTE: https://redmine.openinfosecfoundation.org/issues/2902
	NOTE: https://redmine.openinfosecfoundation.org/issues/2947
CVE-2019-10051 (An issue was discovered in Suricata 4.1.3. If the function filetracker ...)
	- suricata 1:4.1.4-1
	[buster] - suricata <no-dsa> (Minor issue)
	[stretch] - suricata <no-dsa> (Minor issue)
	[jessie] - suricata <not-affected> (Vulnerable code not present)
	NOTE: https://github.com/OISF/suricata/pull/3734
	NOTE: https://redmine.openinfosecfoundation.org/issues/2896
CVE-2019-10050 (A buffer over-read issue was discovered in Suricata 4.1.x before 4.1.4 ...)
	- suricata 1:4.1.4-1
	[buster] - suricata <no-dsa> (Minor issue)
	[stretch] - suricata <no-dsa> (Minor issue)
	[jessie] - suricata <no-dsa> (Minor issue)
	NOTE: https://redmine.openinfosecfoundation.org/issues/2884
	NOTE: https://github.com/OISF/suricata/commit/4609d5c80acda9adf02f8fb9a6aa8238495bfa13
CVE-2019-10049 (It is possible for an attacker with regular user access to the web app ...)
	- ajaxplorer <itp> (bug #668381)
CVE-2019-10048 (The ImageMagick plugin that is installed by default in Pydio through 8 ...)
	- ajaxplorer <itp> (bug #668381)
CVE-2019-10047 (A stored XSS vulnerability exists in the web application of Pydio thro ...)
	- ajaxplorer <itp> (bug #668381)
CVE-2019-10046 (An unauthenticated attacker can obtain information about the Pydio 8.2 ...)
	- ajaxplorer <itp> (bug #668381)
CVE-2019-10045 (The "action" get_sess_id in the web application of Pydio through 8.2.2 ...)
	- ajaxplorer <itp> (bug #668381)
CVE-2019-10044 (Telegram Desktop before 1.5.12 on Windows, and the Telegram applicatio ...)
	- telegram-desktop 1.8.4-1 (bug #927711)
	[buster] - telegram-desktop <ignored> (Minor issue)
	NOTE: https://github.com/blazeinfosec/advisories/blob/master/telegram-advisory.txt
CVE-2019-10043
	RESERVED
CVE-2019-10042 (The D-Link DIR-816 A2 1.11 router only checks the random token when au ...)
	NOT-FOR-US: D-Link
CVE-2019-10041 (The D-Link DIR-816 A2 1.11 router only checks the random token when au ...)
	NOT-FOR-US: D-Link
CVE-2019-10040 (The D-Link DIR-816 A2 1.11 router only checks the random token when au ...)
	NOT-FOR-US: D-Link
CVE-2019-10039 (The D-Link DIR-816 A2 1.11 router only checks the random token when au ...)
	NOT-FOR-US: D-Link
CVE-2019-10038 (Evernote 7.9 on macOS allows attackers to execute arbitrary programs b ...)
	NOT-FOR-US: Evernote
CVE-2019-10037
	RESERVED
CVE-2019-10036
	RESERVED
CVE-2019-10035
	RESERVED
CVE-2019-10034
	RESERVED
CVE-2019-10033
	RESERVED
CVE-2019-10032
	RESERVED
CVE-2019-10031
	RESERVED
CVE-2019-10030
	RESERVED
CVE-2019-10029
	RESERVED
CVE-2019-10028 (Denial of Service (DOS) in Dial Reference Source Code Used before June ...)
	NOT-FOR-US: Dial Reference Source Code Repo
CVE-2019-10027 (PHPCMS 9.6.x through 9.6.3 has XSS via the mailbox (aka E-mail) field  ...)
	NOT-FOR-US: PHPCMS
CVE-2019-10026 (An issue was discovered in Xpdf 4.01.01. There is an FPE in the functi ...)
	- xpdf <not-affected> (xpdf in Debian uses poppler, which is not affected or fixed)
CVE-2019-10025 (An issue was discovered in Xpdf 4.01.01. There is an FPE in the functi ...)
	- xpdf <not-affected> (xpdf in Debian uses poppler, which is not affected or fixed)
CVE-2019-10024 (An issue was discovered in Xpdf 4.01.01. There is an FPE in the functi ...)
	- xpdf <not-affected> (xpdf in Debian uses poppler, which is not affected or fixed)
CVE-2019-10023 (An issue was discovered in Xpdf 4.01.01. There is an FPE in the functi ...)
	- xpdf <not-affected> (xpdf in Debian uses poppler, which is not affected or fixed)
CVE-2019-10022 (An issue was discovered in Xpdf 4.01.01. There is a NULL pointer deref ...)
	- xpdf <not-affected> (xpdf in Debian uses poppler, which is not affected or fixed)
CVE-2019-10021 (An issue was discovered in Xpdf 4.01.01. There is an FPE in the functi ...)
	- xpdf <not-affected> (xpdf in Debian uses poppler, which is not affected or fixed)
CVE-2019-10020 (An issue was discovered in Xpdf 4.01.01. There is an FPE in the functi ...)
	- xpdf <not-affected> (xpdf in Debian uses poppler, which is not affected or fixed)
CVE-2019-10019 (An issue was discovered in Xpdf 4.01.01. There is an FPE in the functi ...)
	- xpdf <not-affected> (xpdf in Debian uses poppler, which is not affected or fixed)
CVE-2019-10018 (An issue was discovered in Xpdf 4.01.01. There is an FPE in the functi ...)
	- poppler 0.57.0-2 (low; bug #926133)
	[stretch] - poppler <ignored> (Minor issue)
	[jessie] - poppler <ignored> (Minor issue)
	NOTE: https://forum.xpdfreader.com/viewtopic.php?f=3&t=41276 (PostScriptFunction::exec@Function.cc:1374-42___FPE PoC)
	NOTE: https://bugs.freedesktop.org/show_bug.cgi?id=101500
	NOTE: https://cgit.freedesktop.org/poppler/poppler/commit/?id=e2ab2fa9d8c41e0115b2c276a2594cd2f7c217e6
CVE-2019-10017 (CMS Made Simple 2.2.10 has XSS via the moduleinterface.php Name field, ...)
	NOT-FOR-US: CMS Made Simple
CVE-2019-10016 (GForge Advanced Server 6.4.4 allows XSS via the commonsearch.php words ...)
	NOT-FOR-US: GForge Advanced Server
CVE-2019-10015 (baigoStudio baigoSSO v3.0.1 allows remote attackers to execute arbitra ...)
	NOT-FOR-US: baigoStudio
CVE-2019-10014 (In DedeCMS 5.7SP2, member/resetpassword.php allows remote authenticate ...)
	NOT-FOR-US: DedeCMS
CVE-2019-9999
	RESERVED
CVE-2019-9998
	RESERVED
CVE-2019-9997
	RESERVED
CVE-2019-9996
	RESERVED
CVE-2019-9995
	RESERVED
CVE-2019-9994
	RESERVED
CVE-2019-9993
	RESERVED
CVE-2019-9992
	RESERVED
CVE-2019-9991
	RESERVED
CVE-2019-9990
	RESERVED
CVE-2019-9989
	RESERVED
CVE-2019-9988
	RESERVED
CVE-2019-9987
	RESERVED
CVE-2019-9986
	RESERVED
CVE-2019-9985
	RESERVED
CVE-2019-9984
	RESERVED
CVE-2019-9983
	RESERVED
CVE-2019-9982
	RESERVED
CVE-2019-9981
	RESERVED
CVE-2019-9980
	RESERVED
CVE-2019-9979
	RESERVED
CVE-2019-9978 (The social-warfare plugin before 3.5.3 for WordPress has stored XSS vi ...)
	NOT-FOR-US: social-warfare plugin for WordPress
CVE-2019-9977 (The renderer process in the entertainment system on Tesla Model 3 vehi ...)
	NOT-FOR-US: entertainment system on Tesla Model 3 vehicles
CVE-2019-9976 (The Boa server configuration on DASAN H660RM devices with firmware 1.0 ...)
	- boa <removed>
CVE-2019-9975 (DASAN H660RM devices with firmware 1.03-0022 use a hard-coded key for  ...)
	NOT-FOR-US: DASAN
CVE-2019-9974 (diag_tool.cgi on DASAN H660RM GPON routers with firmware 1.03-0022 lac ...)
	NOT-FOR-US: DASAN
CVE-2019-9973
	RESERVED
CVE-2019-10013 (The asn1_signature function in asn1.c in Cameron Hamilton-Rich axTLS t ...)
	- axtls <unfixed> (bug #953326)
CVE-2019-10012 (Jenzabar JICS (aka Internet Campus Solution) before 9 allows remote at ...)
	NOT-FOR-US: Jenzabar
CVE-2019-10011 (ICS/StaticPages/AddTestUsers.aspx in Jenzabar JICS (aka Internet Campu ...)
	NOT-FOR-US: Jenzabar
CVE-2019-10010 (Cross-site scripting (XSS) vulnerability in the PHP League CommonMark  ...)
	NOT-FOR-US: PHP League CommonMark library
CVE-2019-10009 (A Directory Traversal issue was discovered in the Web GUI in Titan FTP ...)
	NOT-FOR-US: Titan FTP
CVE-2019-10008 (Zoho ManageEngine ServiceDesk 9.3 allows session hijacking and privile ...)
	NOT-FOR-US: Zoho ManageEngine ServiceDesk
CVE-2019-10007
	RESERVED
CVE-2019-10006
	RESERVED
CVE-2019-10005
	RESERVED
CVE-2019-10004
	RESERVED
CVE-2019-10003
	RESERVED
CVE-2019-10002
	RESERVED
CVE-2019-10001
	RESERVED
CVE-2019-10000
	RESERVED
CVE-2019-9972
	RESERVED
CVE-2019-9971
	RESERVED
CVE-2019-9970 (Open Whisper Signal (aka Signal-Desktop) through 1.23.1 and the Signal ...)
	- signal-desktop <itp> (bug #842943)
CVE-2019-9969 (XnView Classic 2.48 on Windows allows remote attackers to cause a deni ...)
	NOT-FOR-US: XnView
CVE-2019-9968 (XnView Classic 2.48 on Windows allows remote attackers to cause a deni ...)
	NOT-FOR-US: XnView
CVE-2019-9967 (XnView Classic 2.48 on Windows allows remote attackers to cause a deni ...)
	NOT-FOR-US: XnView
CVE-2019-9966 (XnView Classic 2.48 on Windows allows remote attackers to cause a deni ...)
	NOT-FOR-US: XnView
CVE-2019-9965 (XnView MP 0.93.1 on Windows allows remote attackers to cause a denial  ...)
	NOT-FOR-US: XnView
CVE-2019-9964 (XnView MP 0.93.1 on Windows allows remote attackers to cause a denial  ...)
	NOT-FOR-US: XnView
CVE-2019-9963 (XnView MP 0.93.1 on Windows allows remote attackers to cause a denial  ...)
	NOT-FOR-US: XnView
CVE-2019-9962 (XnView MP 0.93.1 on Windows allows remote attackers to cause a denial  ...)
	NOT-FOR-US: XnView
CVE-2019-9961 (A cross-site scripting (XSS) vulnerability in ressource view in core/m ...)
	NOT-FOR-US: Wikindx
CVE-2019-9960 (The downloadZip function in application/controllers/admin/export.php i ...)
	- limesurvey <itp> (bug #472802)
CVE-2019-9959 (The JPXStream::init function in Poppler 0.78.0 and earlier doesn't che ...)
	{DLA-1963-1}
	[experimental] - poppler 0.81.0-1
	- poppler <unfixed> (low; bug #941776)
	[buster] - poppler <ignored> (Minor issue)
	[stretch] - poppler <ignored> (Minor issue)
	NOTE: https://gitlab.freedesktop.org/poppler/poppler/issues/805
	NOTE: Patch: https://gitlab.freedesktop.org/poppler/poppler/commit/68ef84e5968a4249c2162b839ca6d7975048a557 (poppler-0.79.0)
	NOTE: Reproducer: https://gitlab.freedesktop.org/poppler/poppler/uploads/3f22837ebd503f87e730b51221b89742/raiter_issue5465.pdf
CVE-2019-9958 (CSRF within the admin panel in Quadbase EspressReport ES (ERES) v7.0 u ...)
	NOT-FOR-US: Quadbase EspressReport ES (ERES)
CVE-2019-9957 (Stored XSS within Quadbase EspressReport ES (ERES) v7.0 update 7 allow ...)
	NOT-FOR-US: Quadbase EspressReport ES (ERES)
CVE-2019-9956 (In ImageMagick 7.0.8-35 Q16, there is a stack-based buffer overflow in ...)
	{DSA-4436-1 DLA-1785-1}
	- imagemagick 8:6.9.10.23+dfsg-2.1 (bug #925395)
	NOTE: https://github.com/ImageMagick/ImageMagick/issues/1523
	NOTE: https://github.com/ImageMagick/ImageMagick/commit/34a6a5a45e83a4af852090b4e43f168a380df979
	NOTE: ImageMagick6: https://github.com/ImageMagick/ImageMagick6/commit/90401e430840c5ff31ad870f4370bbda1318ac94
CVE-2019-9955 (On Zyxel ATP200, ATP500, ATP800, USG20-VPN, USG20W-VPN, USG40, USG40W, ...)
	NOT-FOR-US: Zyxel
CVE-2019-9954
	RESERVED
CVE-2019-9953
	RESERVED
CVE-2019-9952
	RESERVED
CVE-2019-9951 (Western Digital My Cloud, My Cloud Mirror Gen2, My Cloud EX2 Ultra, My ...)
	NOT-FOR-US: Western Digital
CVE-2019-9950 (Western Digital My Cloud, My Cloud Mirror Gen2, My Cloud EX2 Ultra, My ...)
	NOT-FOR-US: Western Digital
CVE-2019-9949 (Western Digital My Cloud Cloud, Mirror Gen2, EX2 Ultra, EX2100, EX4100 ...)
	NOT-FOR-US: Western Digital
CVE-2019-9948 (urllib in Python 2.x through 2.7.16 supports the local_file: scheme, w ...)
	{DLA-1852-1 DLA-1834-1}
	- python3.7 3.7.4~rc2-2
	[buster] - python3.7 3.7.3-2+deb10u1
	- python3.6 <removed>
	- python3.5 <removed>
	- python3.4 <removed>
	- python2.7 2.7.16-2
	[stretch] - python2.7 <no-dsa> (Minor issue)
	NOTE: https://bugs.python.org/issue35907
	NOTE: https://github.com/python/cpython/pull/11842
	NOTE: https://github.com/python/cpython/commit/34bab215596671d0dec2066ae7d7450cd73f638b (3.7)
	NOTE: https://github.com/python/cpython/commit/4f06dae5d8d4400ba38d8502da620f07d4a5696e (3.6)
	NOTE: https://github.com/python/cpython/commit/b15bde8058e821b383d81fcae68b335a752083ca (2.7)
	NOTE: https://github.com/python/cpython/commit/942c31dffbe886ff02e25a319cc3891220b8c641 (2.7)
CVE-2019-9947 (An issue was discovered in urllib2 in Python 2.x through 2.7.16 and ur ...)
	{DLA-1835-1 DLA-1834-1}
	- python3.7 3.7.4~rc2-2
	[buster] - python3.7 3.7.3-2+deb10u1
	- python3.6 <removed>
	- python3.5 <removed>
	- python3.4 <removed>
	- python2.7 2.7.16-3
	[buster] - python2.7 2.7.16-2+deb10u1
	[stretch] - python2.7 <no-dsa> (Minor issue)
	NOTE: https://bugs.python.org/issue35906
	NOTE: Introduced by: https://github.com/python/cpython/commit/cc54c1c0d2d05fe7404ba64c53df4b1352ed2262
	NOTE: CVE-2019-9947 issue fixed with same fix as for CVE-2019-9740
	NOTE: Patch 2.7: https://github.com/python/cpython/commit/bb8071a4cae5ab3fe321481dd3d73662ffb26052
CVE-2019-9946 (Cloud Native Computing Foundation (CNCF) CNI (Container Networking Int ...)
	- kubernetes <undetermined>
	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1692712
	TODO: singularity-container seems to embed as well a copy of cni
CVE-2019-9945 (SoftNAS Cloud 4.2.0 and 4.2.1 allows remote command execution. The NGI ...)
	NOT-FOR-US: SoftNAS Cloud
CVE-2019-9944
	RESERVED
CVE-2019-9943
	RESERVED
CVE-2019-9942 (A sandbox information disclosure exists in Twig before 1.38.0 and 2.x  ...)
	{DSA-4419-1}
	[experimental] - twig 2.7.1-1
	- twig 2.6.2-2
	[jessie] - twig <no-dsa> (low priority, sandbox disabled by default)
	NOTE: https://github.com/twigphp/Twig/commit/eac5422956e1dcca89a3669a03a3ff32f0502077
	NOTE: https://symfony.com/blog/twig-sandbox-information-disclosure
CVE-2019-9941
	RESERVED
CVE-2019-9940
	RESERVED
CVE-2019-9939 (The SHAREit application before 4.0.36 for Android allows a remote atta ...)
	NOT-FOR-US: SHAREit
CVE-2019-9938 (The SHAREit application before 4.0.42 for Android allows a remote atta ...)
	NOT-FOR-US: SHAREit
CVE-2019-9937 (In SQLite 3.27.2, interleaving reads and writes in a single transactio ...)
	- sqlite3 3.27.2-2 (low; bug #925290)
	[stretch] - sqlite3 <no-dsa> (Minor issue)
	[jessie] - sqlite3 <not-affected> (fts5 introducded later, function not available for fts3)
	NOTE: https://sqlite.org/src/info/45c73deb440496e8
CVE-2019-9936 (In SQLite 3.27.2, running fts5 prefix queries inside a transaction cou ...)
	- sqlite3 3.27.2-2 (low; bug #925289)
	[stretch] - sqlite3 <no-dsa> (Minor issue)
	[jessie] - sqlite3 <not-affected> (fts5 introducded later, function not available for fts3)
	NOTE: https://sqlite.org/src/info/b3fa58dd7403dbd4
CVE-2019-9935 (Various Lexmark products have Incorrect Access Control (issue 2 of 2). ...)
	NOT-FOR-US: Lexmark
CVE-2019-9934 (Various Lexmark products have Incorrect Access Control (issue 1 of 2). ...)
	NOT-FOR-US: Lexmark
CVE-2019-9933 (Various Lexmark products have a Buffer Overflow (issue 3 of 3). ...)
	NOT-FOR-US: Lexmark
CVE-2019-9932 (Various Lexmark products have a Buffer Overflow (issue 2 of 3). ...)
	NOT-FOR-US: Lexmark
CVE-2019-9931 (Various Lexmark printers contain a denial of service vulnerability in  ...)
	NOT-FOR-US: Lexmark
CVE-2019-9930 (Various Lexmark products have an Integer Overflow. ...)
	NOT-FOR-US: Lexmark
CVE-2019-9929 (Northern.tech CFEngine Enterprise 3.12.1 has Insecure Permissions. ...)
	- cfengine3 <not-affected> (Issue only affecting CFEngine Enterprise 3.x version)
	NOTE: Issue is specific to Enterprise version leaking CFE_ROBOT user secrets on
	NOTE: installation of CFEngine Enterprise Hub package.
CVE-2019-9928 (GStreamer before 1.16.0 has a heap-based buffer overflow in the RTSP c ...)
	{DSA-4437-1 DLA-1770-1 DLA-1769-1}
	[experimental] - gst-plugins-base1.0 1.15.90-1
	- gst-plugins-base1.0 1.14.4-2 (bug #927978)
	- gst-plugins-base0.10 <removed>
	NOTE: https://gstreamer.freedesktop.org/security/sa-2019-0001.html
	NOTE: https://gitlab.freedesktop.org/gstreamer/gst-plugins-base/merge_requests/157
	NOTE: https://gitlab.freedesktop.org/gstreamer/gst-plugins-base/commit/f672277509705c4034bc92a141eefee4524d15aa (1.15.90)
CVE-2019-9927 (Caret before 2019-02-22 allows Remote Code Execution. ...)
	NOT-FOR-US: Caret editor
CVE-2019-9926 (An issue was discovered in LabKey Server 19.1.0. It is possible to for ...)
	NOT-FOR-US: LabKey Server
CVE-2019-9925 (S-CMS PHP v1.0 has XSS in 4.edu.php via the S_id parameter. ...)
	NOT-FOR-US: S-CMS PHP
CVE-2019-9924 (rbash in Bash before 4.4-beta2 did not prevent the shell user from mod ...)
	{DLA-1726-1}
	- bash 4.4-1 (low)
	NOTE: https://bugs.launchpad.net/ubuntu/+source/bash/+bug/1803441
CVE-2019-9923 (pax_decode_header in sparse.c in GNU Tar before 1.32 had a NULL pointe ...)
	- tar <unfixed> (unimportant; bug #925286)
	NOTE: http://git.savannah.gnu.org/cgit/tar.git/commit/?id=cb07844454d8cc9fb21f53ace75975f91185a120
	NOTE: http://savannah.gnu.org/bugs/?55369 (private)
	NOTE: https://bugs.launchpad.net/ubuntu/+source/tar/+bug/1810241
	NOTE: Crash in CLI tool, no security impact
CVE-2019-9922 (An issue was discovered in the Harmis JE Messenger component 1.2.2 for ...)
	NOT-FOR-US: Harmis JE Messenger component for Joomla!
CVE-2019-9921 (An issue was discovered in the Harmis JE Messenger component 1.2.2 for ...)
	NOT-FOR-US: Harmis JE Messenger component for Joomla!
CVE-2019-9920 (An issue was discovered in the Harmis JE Messenger component 1.2.2 for ...)
	NOT-FOR-US: Harmis JE Messenger component for Joomla!
CVE-2019-9919 (An issue was discovered in the Harmis JE Messenger component 1.2.2 for ...)
	NOT-FOR-US: Harmis JE Messenger component for Joomla!
CVE-2019-9918 (An issue was discovered in the Harmis JE Messenger component 1.2.2 for ...)
	NOT-FOR-US: Harmis JE Messenger component for Joomla!
CVE-2019-9917 (ZNC before 1.7.3-rc1 allows an existing remote user to cause a Denial  ...)
	{DSA-4463-1}
	- znc 1.7.2-2 (bug #925285)
	[jessie] - znc <ignored> (Minor issue, workaround is to disable modpython)
	NOTE: https://github.com/znc/znc/commit/64613bc8b6b4adf1e32231f9844d99cd512b8973
	NOTE: Every version between 0.096 and 1.7.2 (incl) is vulnerable to the issue,
	NOTE: but earlier versions could not be fixed without a major rewrite. A workaround
	NOTE: though is to disable modpython.
CVE-2019-9916
	RESERVED
CVE-2019-9915 (GetSimpleCMS 3.3.13 has an Open Redirect via the admin/index.php redir ...)
	NOT-FOR-US: GetSimpleCMS
CVE-2019-9914 (The yop-poll plugin before 6.0.3 for WordPress has wp-admin/admin.php? ...)
	NOT-FOR-US: Wordpress plugin
CVE-2019-9913 (The wp-live-chat-support plugin before 8.0.18 for WordPress has wp-adm ...)
	NOT-FOR-US: Wordpress plugin
CVE-2019-9912 (The wp-google-maps plugin before 7.10.43 for WordPress has XSS via the ...)
	NOT-FOR-US: Wordpress plugin
CVE-2019-9911 (The social-networks-auto-poster-facebook-twitter-g plugin before 4.2.8 ...)
	NOT-FOR-US: Wordpress plugin
CVE-2019-9910 (The kingcomposer plugin 2.7.6 for WordPress has wp-admin/admin.php?pag ...)
	NOT-FOR-US: Wordpress plugin
CVE-2019-9909 (The "Donation Plugin and Fundraising Platform" plugin before 2.3.1 for ...)
	NOT-FOR-US: Wordpress plugin
CVE-2019-9908 (The font-organizer plugin 2.1.1 for WordPress has wp-admin/options-gen ...)
	NOT-FOR-US: Wordpress plugin
CVE-2019-9907
	RESERVED
CVE-2019-9906
	RESERVED
CVE-2019-9905
	RESERVED
CVE-2019-9904 (An issue was discovered in lib\cdt\dttree.c in libcdt.a in graphviz 2. ...)
	- graphviz <unfixed> (low; bug #925284)
	[buster] - graphviz <no-dsa> (Minor issue)
	[stretch] - graphviz <no-dsa> (Minor issue)
	[jessie] - graphviz <no-dsa> (Minor issue)
	NOTE: https://gitlab.com/graphviz/graphviz/issues/1512
CVE-2019-9903 (PDFDoc::markObject in PDFDoc.cc in Poppler 0.74.0 mishandles dict mark ...)
	[experimental] - poppler 0.81.0-1
	- poppler <unfixed> (low; bug #925264)
	[buster] - poppler <ignored> (Minor issue)
	[stretch] - poppler <ignored> (Minor issue)
	[jessie] - poppler <not-affected> (Vulnerable code not present)
	NOTE: https://gitlab.freedesktop.org/poppler/poppler/issues/741
	NOTE: https://gitlab.freedesktop.org/poppler/poppler/commit/fada09a2ccc11a3a1d308e810f1336d8df6011fd
CVE-2019-9902
	RESERVED
CVE-2019-9901 (Envoy 1.9.0 and before does not normalize HTTP URL paths. A remote att ...)
	NOT-FOR-US: envoy proxy (not the same as itp'ed envoy, #758651)
CVE-2019-9900 (When parsing HTTP/1.x header values, Envoy 1.9.0 and before does not r ...)
	NOT-FOR-US: envoy proxy (not the same as itp'ed envoy, #758651)
CVE-2019-9899
	RESERVED
CVE-2019-9898 (Potential recycling of random numbers used in cryptography exists with ...)
	{DSA-4423-1 DLA-1763-1}
	- putty 0.70-6
	NOTE: https://www.chiark.greenend.org.uk/~sgtatham/putty/wishlist/vuln-rng-reuse.html
	NOTE: https://git.tartarus.org/?p=simon/putty.git;a=commitdiff;h=320bf8479ff5bcbad239db4f9f4aa63656b0675e
CVE-2019-9897 (Multiple denial-of-service attacks that can be triggered by writing to ...)
	{DSA-4423-1 DLA-1763-1}
	- putty 0.70-6
	NOTE: https://www.chiark.greenend.org.uk/~sgtatham/putty/wishlist/vuln-terminal-dos-one-column-cjk.html
	NOTE: https://git.tartarus.org/?p=simon/putty.git;a=commitdiff;h=03777723e553024e94d8bfcf182f3a2e92ffb914
	NOTE: https://www.chiark.greenend.org.uk/~sgtatham/putty/wishlist/vuln-terminal-dos-combining-chars-double-width-gtk.html
	NOTE: https://git.tartarus.org/?p=simon/putty.git;a=commitdiff;h=daf91ef8ae9780bb1dfb534afa79e4babb89ba26
	NOTE: https://www.chiark.greenend.org.uk/~sgtatham/putty/wishlist/vuln-terminal-dos-combining-chars.html
	NOTE: https://git.tartarus.org/?p=simon/putty.git;a=commitdiff;h=da1c8f15b1bc14c855f0027cf06ba7f1a9c36f3c
CVE-2019-9896 (In PuTTY versions before 0.71 on Windows, local attackers could hijack ...)
	- putty <not-affected> (Only affects PuTTY specific on Windows)
CVE-2019-9895 (In PuTTY versions before 0.71 on Unix, a remotely triggerable buffer o ...)
	{DSA-4423-1}
	- putty 0.70-6
	[jessie] - putty <ignored> (Too intrusive to backport, patch uses callback handling that is not yet available in Jessie)
	NOTE: https://www.chiark.greenend.org.uk/~sgtatham/putty/wishlist/vuln-fd-set-overflow.html
	NOTE: https://git.tartarus.org/?p=simon/putty.git;a=commitdiff;h=5c926d9ea4a9e0a0a2384f06c7583648cdff3ed6
CVE-2019-9894 (A remotely triggerable memory overwrite in RSA key exchange in PuTTY b ...)
	{DSA-4423-1 DLA-1763-1}
	- putty 0.70-6
	NOTE: https://www.chiark.greenend.org.uk/~sgtatham/putty/wishlist/vuln-rsa-kex-integer-overflow.html
	NOTE: https://git.tartarus.org/?p=simon/putty.git;a=commitdiff;h=d82854999516046122501b2e145099740ed0284f
CVE-2019-9892 (An issue was discovered in Open Ticket Request System (OTRS) 5.x throu ...)
	{DLA-1774-1}
	- otrs2 6.0.18-1
	[buster] - otrs2 6.0.16-2
	[stretch] - otrs2 <no-dsa> (Non-free not supported)
	NOTE: OTRS 6: https://github.com/OTRS/otrs/commit/3617488c6c28e06203e4127c7b031140f775a685
	NOTE: OTRS 5: https://github.com/OTRS/otrs/commit/c3b9342a85c6f2c9382e074ad9cc440ce80a6f34
	NOTE: https://community.otrs.com/security-advisory-2019-04-security-update-for-otrs-framework/
CVE-2019-9891 (The function getopt_simple as described in Advanced Bash Scripting Gui ...)
	NOT-FOR-US: Advanced Bash Scripting Guide
CVE-2019-9890 (An issue was discovered in GitLab Community and Enterprise Edition 10. ...)
	[experimental] - gitlab 11.8.2-1
	- gitlab 11.8.2-2 (bug #924447)
	NOTE: https://about.gitlab.com/2019/03/04/security-release-gitlab-11-dot-8-dot-1-released/
CVE-2019-9889 (In Vanilla before 2.6.4, a flaw exists within the getSingleIndex funct ...)
	NOT-FOR-US: Vanilla Forums
CVE-2019-9888
	RESERVED
CVE-2019-1010319 (WavPack 5.1.0 and earlier is affected by: CWE-457: Use of Uninitialize ...)
	- wavpack 5.1.0-7 (low; bug #932061)
	[buster] - wavpack <no-dsa> (Minor issue)
	[stretch] - wavpack <no-dsa> (Minor issue)
	[jessie] - wavpack <no-dsa> (Minor issue)
	NOTE: https://github.com/dbry/WavPack/commit/33a0025d1d63ccd05d9dbaa6923d52b1446a62fe
	NOTE: https://github.com/dbry/WavPack/issues/68
CVE-2019-1010318
	REJECTED
CVE-2019-1010317 (WavPack 5.1.0 and earlier is affected by: CWE-457: Use of Uninitialize ...)
	- wavpack 5.1.0-7 (low; bug #932060)
	[buster] - wavpack <no-dsa> (Minor issue)
	[stretch] - wavpack <no-dsa> (Minor issue)
	[jessie] - wavpack <no-dsa> (Minor issue)
	NOTE: https://github.com/dbry/WavPack/commit/f68a9555b548306c5b1ee45199ccdc4a16a6101b
	NOTE: https://github.com/dbry/WavPack/issues/66
CVE-2019-1010316 (pyxtrlock 0.3 and earlier is affected by: Incorrect Access Control. Th ...)
	NOT-FOR-US: pyxtrlock
CVE-2019-1010315 (WavPack 5.1 and earlier is affected by: CWE 369: Divide by Zero. The i ...)
	- wavpack 5.1.0-6 (low)
	[stretch] - wavpack <no-dsa> (Minor issue)
	[jessie] - wavpack <no-dsa> (Minor issue)
	NOTE: https://github.com/dbry/WavPack/commit/4c0faba32fddbd0745cbfaf1e1aeb3da5d35b9fc
	NOTE: https://github.com/dbry/WavPack/issues/65
CVE-2019-1010314 (Gitea 1.7.2, 1.7.3 is affected by: Cross Site Scripting (XSS). The imp ...)
	- gitea <removed>
CVE-2019-1010313
	RESERVED
CVE-2019-1010312
	REJECTED
CVE-2019-1010311
	REJECTED
CVE-2019-1010310 (GLPI GLPI Product 9.3.1 is affected by: Frame and Form tags Injection  ...)
	- glpi <removed> (unimportant)
	NOTE: https://github.com/glpi-project/glpi/pull/5519
	NOTE: Only supported behind an authenticated HTTP zone
CVE-2019-1010309
	REJECTED
CVE-2019-1010308 (Aquaverde GmbH Aquarius CMS prior to version 4.1.1 is affected by: Inc ...)
	NOT-FOR-US: Aquaverde GmbH Aquarius CMS
CVE-2019-1010307 (GLPI GLPI Product 9.3.1 is affected by: Cross Site Scripting (XSS). Th ...)
	- glpi <removed> (unimportant)
	NOTE: Only supported behind an authenticated HTTP zone
CVE-2019-1010306 (Slanger 0.6.0 is affected by: Remote Code Execution (RCE). The impact  ...)
	NOT-FOR-US: Slanger
CVE-2019-1010305 (libmspack 0.9.1alpha is affected by: Buffer Overflow. The impact is: I ...)
	{DLA-1895-1}
	- libmspack 0.10.1-1
	[stretch] - libmspack <no-dsa> (Minor issue)
	NOTE: https://github.com/kyz/libmspack/commit/2f084136cfe0d05e5bf5703f3e83c6d955234b4d
	NOTE: https://github.com/kyz/libmspack/issues/27
CVE-2019-1010304 (Saleor Issue was introduced by merge commit: e1b01bad0703afd08d297ed3f ...)
	NOT-FOR-US: Mirumee Saleor
CVE-2019-1010303
	RESERVED
CVE-2019-1010302 (jhead 3.03 is affected by: Incorrect Access Control. The impact is: De ...)
	{DLA-2054-1}
	- jhead 1:3.03-2 (unimportant; bug #932146)
	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1679978
	NOTE: No security impact, crash in CLI tool
CVE-2019-1010301 (jhead 3.03 is affected by: Buffer Overflow. The impact is: Denial of s ...)
	{DLA-2054-1}
	- jhead 1:3.03-2 (unimportant; bug #932145)
	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1679952
	NOTE: No security impact, crash in CLI tool
CVE-2019-1010300 (mz-automation libiec61850 1.3.2 1.3.1 1.3.0 is affected by: Buffer Ove ...)
	NOT-FOR-US: libIEC61850
CVE-2019-1010299 (The Rust Programming Language Standard Library 1.18.0 and later is aff ...)
	- rustc 1.30.0+dfsg1-1
	[stretch] - rustc <ignored> (Minor issue)
	[jessie] - rustc <ignored> (Minor issue)
	NOTE: https://github.com/rust-lang/rust/issues/53566
	NOTE: https://github.com/rust-lang/rust/pull/53571/commits/b85e4cc8fadaabd41da5b9645c08c68b8f89908d
CVE-2019-1010298 (Linaro/OP-TEE OP-TEE 3.3.0 and earlier is affected by: Buffer Overflow ...)
	NOT-FOR-US: Linaro/OP-TEE OP-TEE
CVE-2019-1010297 (Linaro/OP-TEE OP-TEE 3.3.0 and earlier is affected by: Buffer Overflow ...)
	NOT-FOR-US: Linaro/OP-TEE OP-TEE
CVE-2019-1010296 (Linaro/OP-TEE OP-TEE 3.3.0 and earlier is affected by: Buffer Overflow ...)
	NOT-FOR-US: Linaro/OP-TEE OP-TEE
CVE-2019-1010295 (Linaro/OP-TEE OP-TEE 3.3.0 and earlier is affected by: Buffer Overflow ...)
	NOT-FOR-US: Linaro/OP-TEE OP-TEE
CVE-2019-1010294 (Linaro/OP-TEE OP-TEE 3.3.0 and earlier is affected by: Rounding error. ...)
	NOT-FOR-US: Linaro/OP-TEE OP-TEE
CVE-2019-1010293 (Linaro/OP-TEE OP-TEE 3.3.0 and earlier is affected by: Boundary crossi ...)
	NOT-FOR-US: Linaro/OP-TEE OP-TEE
CVE-2019-1010292 (Linaro/OP-TEE OP-TEE Prior to version v3.4.0 is affected by: Boundary  ...)
	NOT-FOR-US: Linaro/OP-TEE OP-TEE
CVE-2019-1010291
	RESERVED
CVE-2019-1010290 (Babel: Multilingual site Babel All is affected by: Open Redirection. T ...)
	NOT-FOR-US: Babel: Multilingual
CVE-2019-1010289
	RESERVED
CVE-2019-1010288
	RESERVED
CVE-2019-1010287 (Timesheet Next Gen 1.5.3 and earlier is affected by: Cross Site Script ...)
	NOT-FOR-US: Timesheet Next Gen
CVE-2019-1010286
	RESERVED
CVE-2019-1010285
	RESERVED
CVE-2019-1010284
	RESERVED
CVE-2019-1010283 (Univention Corporate Server univention-directory-notifier 12.0.1-3 and ...)
	NOT-FOR-US: Univention Corporate Server univention-directory-notifier
CVE-2019-1010282
	RESERVED
CVE-2019-1010281
	RESERVED
CVE-2019-1010280
	RESERVED
CVE-2019-1010279 (Open Information Security Foundation Suricata prior to version 4.1.3 i ...)
	- suricata 1:4.1.3-1 (low)
	[buster] - suricata <no-dsa> (Minor issue)
	[stretch] - suricata <no-dsa> (Minor issue)
	[jessie] - suricata <no-dsa> (Minor issue)
	NOTE: https://github.com/OISF/suricata/pull/3625
	NOTE: https://github.com/OISF/suricata/commit/d8634daf74c882356659addb65fb142b738a186b
	NOTE: https://redmine.openinfosecfoundation.org/issues/2770
CVE-2019-1010278
	RESERVED
CVE-2019-1010277
	RESERVED
CVE-2019-1010276
	RESERVED
CVE-2019-1010275 (helm Before 2.7.2 is affected by: CWE-295: Improper Certificate Valida ...)
	- helm-kubernetes <itp> (bug #910799)
CVE-2019-1010274
	RESERVED
CVE-2019-1010273
	RESERVED
CVE-2019-1010272
	RESERVED
CVE-2019-1010271
	RESERVED
CVE-2019-1010270
	RESERVED
CVE-2019-1010269
	RESERVED
CVE-2019-1010268 (Ladon since 0.6.1 (since ebef0aae48af78c159b6fce81bc6f5e7e0ddb059) is  ...)
	NOT-FOR-US: Ladon
CVE-2019-1010267
	RESERVED
CVE-2019-1010266 (lodash prior to 4.17.11 is affected by: CWE-400: Uncontrolled Resource ...)
	- node-lodash 4.17.11+dfsg-1 (unimportant)
	NOTE: https://github.com/lodash/lodash/issues/3359
	NOTE: https://snyk.io/vuln/SNYK-JS-LODASH-73639
	NOTE: nodejs not covered by security support
CVE-2019-1010265
	RESERVED
CVE-2019-1010264
	RESERVED
CVE-2019-1010263 (Perl Crypt::JWT prior to 0.023 is affected by: Incorrect Access Contro ...)
	- libcrypt-jwt-perl <not-affected> (Fixed with the initial upload to Debian)
	NOTE: https://github.com/DCIT/perl-Crypt-JWT/commit/b98a59b42ded9f9e51b2560410106207c2152d6c
	NOTE: https://www.openwall.com/lists/oss-security/2018/09/07/1
CVE-2019-1010262
	REJECTED
CVE-2019-1010261 (Gitea 1.7.0 and earlier is affected by: Cross Site Scripting (XSS). Th ...)
	- gitea <removed>
CVE-2019-1010260 (Using ktlint to download and execute custom rulesets can result in arb ...)
	NOT-FOR-US: ktlint
CVE-2019-1010259 (SaltStack Salt 2018.3, 2019.2 is affected by: SQL Injection. The impac ...)
	- salt 2018.3.4~git20180207+dfsg1-1
	[jessie] - salt <not-affected> (vulnerable MySQL queries are not present)
	NOTE: https://github.com/saltstack/salt/pull/51462
CVE-2019-1010258 (nanosvg library nanosvg after commit c1f6e209c16b18b46aa9f45d7e619acf4 ...)
	NOT-FOR-US: nanosvg
CVE-2019-1010257 (An Information Disclosure / Data Modification issue exists in article2 ...)
	NOT-FOR-US: article2pdf Wordpress plugin
CVE-2019-1010256
	RESERVED
CVE-2019-1010255
	RESERVED
CVE-2019-1010254
	RESERVED
CVE-2019-1010253
	RESERVED
CVE-2019-1010252 (The Linux Foundation ONOS 2.0.0 and earlier is affected by: Poor Input ...)
	NOT-FOR-US: ONOS
CVE-2019-1010251 (Open Information Security Foundation Suricata prior to version 4.1.2 i ...)
	- suricata 1:4.1.2-2 (low)
	[buster] - suricata <no-dsa> (Minor issue)
	[stretch] - suricata <no-dsa> (Minor issue)
	[jessie] - suricata <no-dsa> (Minor issue)
	NOTE: https://github.com/OISF/suricata/commit/11f3659f64a4e42e90cb3c09fcef66894205aefe
	NOTE: https://github.com/OISF/suricata/commit/8357ef3f8ffc7d99ef6571350724160de356158b
	NOTE: https://redmine.openinfosecfoundation.org/issues/2736
CVE-2019-1010250 (The Linux Foundation ONOS 2.0.0 and earlier is affected by: Poor Input ...)
	NOT-FOR-US: ONOS
CVE-2019-1010249 (The Linux Foundation ONOS 2.0.0 and earlier is affected by: Integer Ov ...)
	NOT-FOR-US: ONOS
CVE-2019-1010248 (Synetics GmbH I-doit 1.12 and earlier is affected by: SQL Injection. T ...)
	NOT-FOR-US: ONOS
CVE-2019-1010247 (ZmartZone IAM mod_auth_openidc 2.3.10.1 and earlier is affected by: Cr ...)
	{DLA-1894-1}
	- libapache2-mod-auth-openidc 2.3.10.2-1
	NOTE: Fixed by: https://github.com/zmartzone/mod_auth_openidc/commit/132a4111bf3791e76437619a66336dce2ce4c79b (v2.3.10.2)
	NOTE: https://www.compass-security.com/fileadmin/Datein/Research/Advisories/CSNC-2019-001_mod_auth_openidc_reflected_xss.txt
CVE-2019-1010246 (MailCleaner before c888fbb6aaa7c5f8400f637bcf1cbb844de46cd9 is affecte ...)
	NOT-FOR-US: MailCleaner
CVE-2019-1010245 (The Linux Foundation ONOS SDN Controller 1.15 and earlier versions is  ...)
	NOT-FOR-US: ONOS
CVE-2019-1010244
	RESERVED
CVE-2019-1010243
	RESERVED
CVE-2019-1010242
	RESERVED
CVE-2019-1010241 (Jenkins Credentials Binding Plugin Jenkins 1.17 is affected by: CWE-25 ...)
	NOT-FOR-US: Jenkins plugin
CVE-2019-1010240
	RESERVED
CVE-2019-1010239 (DaveGamble/cJSON cJSON 1.7.8 is affected by: Improper Check for Unusua ...)
	- cjson 1.7.10-1
	NOTE: https://github.com/DaveGamble/cJSON/commit/be749d7efa7c9021da746e685bd6dec79f9dd99b
	NOTE: https://github.com/DaveGamble/cJSON/issues/315
CVE-2019-1010238 (Gnome Pango 1.42 and later is affected by: Buffer Overflow. The impact ...)
	{DSA-4496-1}
	- pango1.0 1.42.4-7 (bug #933860)
	[stretch] - pango1.0 <not-affected> (Vulnerable code introduced later)
	[jessie] - pango1.0 <not-affected> (Vulnerable code introduced later)
	NOTE: https://gitlab.gnome.org/GNOME/pango/issues/342
	NOTE: https://gitlab.gnome.org/GNOME/pango/commit/490f8979a260c16b1df055eab386345da18a2d54 (1.44)
CVE-2019-1010237 (Ilias 5.3 before 5.3.12; 5.2 before 5.2.21 is affected by: Cross Site  ...)
	NOT-FOR-US: ILIAS
CVE-2019-1010236
	RESERVED
CVE-2019-1010235 (Frog CMS 1.1 is affected by: Cross Site Scripting (XSS). The impact is ...)
	NOT-FOR-US: Frog CMS
CVE-2019-1010234 (The Linux Foundation ONOS 1.15.0 and ealier is affected by: Improper I ...)
	NOT-FOR-US: ONOS
CVE-2019-1010233
	RESERVED
CVE-2019-1010232 (Juniper juniper/libslax libslax latest version (as of commit 084ddf6ab ...)
	NOT-FOR-US: Juniper
CVE-2019-1010231
	RESERVED
CVE-2019-1010230
	RESERVED
CVE-2019-1010229
	RESERVED
CVE-2019-1010228 (OFFIS.de DCMTK 3.6.3 and below is affected by: Buffer Overflow. The im ...)
	- dcmtk 3.6.4-1 (low)
	[stretch] - dcmtk <no-dsa> (Minor issue)
	[jessie] - dcmtk <no-dsa> (Minor issue)
	NOTE: https://support.dcmtk.org/redmine/issues/858
	NOTE: https://github.com/commontk/DCMTK/commit/40917614e
CVE-2019-1010227
	RESERVED
CVE-2019-1010226
	RESERVED
CVE-2019-1010225
	RESERVED
CVE-2019-1010224
	REJECTED
CVE-2019-1010223
	REJECTED
CVE-2019-1010222
	REJECTED
CVE-2019-1010221 (LineageOS 16.0 and earlier is affected by: Incorrect Access Control. T ...)
	NOT-FOR-US: LineageOS
CVE-2019-1010220 (tcpdump.org tcpdump 4.9.2 is affected by: CWE-126: Buffer Over-read. T ...)
	- tcpdump <unfixed> (unimportant)
	NOTE: No security impact
CVE-2019-1010219
	RESERVED
CVE-2019-1010218 (Cherokee Webserver Latest Cherokee Web server Upto Version 1.2.103 (Cu ...)
	- cherokee <removed>
CVE-2019-1010217
	RESERVED
CVE-2019-1010216
	RESERVED
CVE-2019-1010215
	RESERVED
CVE-2019-1010214
	RESERVED
CVE-2019-1010213
	RESERVED
CVE-2019-1010212
	RESERVED
CVE-2019-1010211
	RESERVED
CVE-2019-1010210
	RESERVED
CVE-2019-1010209 (GoUrl.io GoURL Wordpress Plugin 1.4.13 and earlier is affected by: CWE ...)
	NOT-FOR-US: GoUrl.io GoURL Wordpress Plugin
CVE-2019-1010208 (IDRIX, Truecrypt Veracrypt, Truecrypt Prior to 1.23-Hotfix-1 (Veracryp ...)
	NOT-FOR-US: VeraCrypt
CVE-2019-1010207 (Genetechsolutions Pie Register 3.0.15 is affected by: Cross Site Scrip ...)
	NOT-FOR-US: Genetechsolutions Pie Register
CVE-2019-1010206 (OSS Http Request (Apache Cordova Plugin) 6 is affected by: Missing SSL ...)
	NOT-FOR-US: OSS Http Request (Apache Cordova Plugin)
CVE-2019-1010205 (LINAGORA hublin latest (commit 72ead897082403126bf8df9264e70f0a9de247f ...)
	NOT-FOR-US: LINAGORA hublin
CVE-2019-1010204 (GNU binutils gold gold v1.11-v1.16 (GNU binutils v2.21-v2.31.1) is aff ...)
	- binutils <unfixed> (unimportant)
	NOTE: https://sourceware.org/bugzilla/show_bug.cgi?id=23765
	NOTE: binutils not covered by security support
CVE-2019-1010203
	RESERVED
CVE-2019-1010202 (Jeesite 1.2.7 is affected by: XML External Entity (XXE). The impact is ...)
	NOT-FOR-US: Jeesite
CVE-2019-1010201 (Jeesite 1.2.7 is affected by: SQL Injection. The impact is: sensitive  ...)
	NOT-FOR-US: Jeesite
CVE-2019-1010200 (Voice Builder Prior to commit c145d4604df67e6fc625992412eef0bf9a85e26b ...)
	NOT-FOR-US: Voice Builder
CVE-2019-1010199 (ServiceStack ServiceStack Framework 4.5.14 is affected by: Cross Site  ...)
	NOT-FOR-US: ServiceStack ServiceStack Framework
CVE-2019-1010198
	RESERVED
CVE-2019-1010197
	RESERVED
CVE-2019-1010196
	RESERVED
CVE-2019-1010195
	RESERVED
CVE-2019-1010194
	RESERVED
CVE-2019-1010193 (hisiphp 1.0.8 is affected by: Cross Site Scripting (XSS). ...)
	NOT-FOR-US: hisiphp
CVE-2019-1010192
	RESERVED
CVE-2019-1010191 (marginalia &lt; 1.6 is affected by: SQL Injection. The impact is: The  ...)
	NOT-FOR-US: marginalia
CVE-2019-1010190 (mgetty prior to 1.2.1 is affected by: out-of-bounds read. The impact i ...)
	- mgetty 1.2.1-1
	[stretch] - mgetty <no-dsa> (Minor issue)
	[jessie] - mgetty <no-dsa> (Minor issue)
	NOTE: https://www.x41-dsec.de/lab/advisories/x41-2018-007-mgetty/
CVE-2019-1010189 (mgetty prior to version 1.2.1 is affected by: Infinite Loop. The impac ...)
	- mgetty 1.2.1-1
	[stretch] - mgetty <no-dsa> (Minor issue)
	[jessie] - mgetty <no-dsa> (Minor issue)
	NOTE: https://www.x41-dsec.de/lab/advisories/x41-2018-007-mgetty/
CVE-2019-1010188
	RESERVED
CVE-2019-1010187
	RESERVED
CVE-2019-1010186
	RESERVED
CVE-2019-1010185
	RESERVED
CVE-2019-1010184
	RESERVED
CVE-2019-1010183 (serde serde_yaml 0.6.0 to 0.8.3 is affected by: Uncontrolled Recursion ...)
	NOT-FOR-US: serde_yaml
CVE-2019-1010182 (yaml-rust 0.4.0 and earlier is affected by: Uncontrolled Recursion. Th ...)
	- rust-yaml-rust <not-affected> (Fixed before initial release to Debian)
	NOTE: https://github.com/chyh1990/yaml-rust/pull/109
CVE-2019-1010181
	RESERVED
CVE-2019-1010180 (GNU gdb All versions is affected by: Buffer Overflow - Out of bound me ...)
	- binutils 2.32.51.20190707-1 (unimportant)
	NOTE: https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=8ff71a9c80cfcf64c54d4ae938c644b1b1ea19fb
	NOTE: https://sourceware.org/bugzilla/show_bug.cgi?id=23657
CVE-2019-1010179 (PHKP including commit 88fd9cfdf14ea4b6ac3e3967feea7bcaabb6f03b is affe ...)
	NOT-FOR-US: PHKP
CVE-2019-1010178 (Fred MODX Revolution &lt; 1.0.0-beta5 is affected by: Incorrect Access ...)
	NOT-FOR-US: Fred MODX Revolution
CVE-2019-1010177 (Jsish 2.4.70 2.047 is affected by: Use After Free. The impact is: deni ...)
	NOT-FOR-US: Jsish
CVE-2019-1010176 (JerryScript commit 4e58ccf68070671e1fff5cd6673f0c1d5b80b166 is affecte ...)
	NOT-FOR-US: JerryScript
CVE-2019-1010175
	RESERVED
CVE-2019-1010174 (CImg The CImg Library v.2.3.3 and earlier is affected by: command inje ...)
	{DLA-1934-1}
	- cimg 2.3.6+dfsg-1
	NOTE: https://framagit.org/dtschump/CImg/commit/5ce7a426b77f814973e56182a0e76a2b04904146 (v.2.3.4)
CVE-2019-1010173 (Jsish 2.4.84 2.0484 is affected by: Reachable Assertion. The impact is ...)
	NOT-FOR-US: Jsish
CVE-2019-1010172 (Jsish 2.4.84 2.0484 is affected by: Uncontrolled Resource Consumption. ...)
	NOT-FOR-US: Jsish
CVE-2019-1010171 (Jsish 2.4.83 2.0483 is affected by: Nullpointer dereference. The impac ...)
	NOT-FOR-US: Jsish
CVE-2019-1010170 (Jsish 2.4.77 2.0477 is affected by: Use After Free. The impact is: den ...)
	NOT-FOR-US: Jsish
CVE-2019-1010169 (Jsish 2.4.77 2.0477 is affected by: Out-of-bounds Read. The impact is: ...)
	NOT-FOR-US: Jsish
CVE-2019-1010168
	RESERVED
CVE-2019-1010167
	RESERVED
CVE-2019-1010166
	RESERVED
CVE-2019-1010165
	RESERVED
CVE-2019-1010164
	RESERVED
CVE-2019-1010163 (Socusoft Co Photo 2 Video Converter 8.0.0 is affected by: Buffer Overf ...)
	NOT-FOR-US: Socusoft Co Photo 2 Video Converter
CVE-2019-1010162 (jsish 2.4.74 2.0474 is affected by: CWE-476: NULL Pointer Dereference. ...)
	NOT-FOR-US: Jsish
CVE-2019-1010161 (perl-CRYPT-JWT 0.022 and earlier is affected by: Incorrect Access Cont ...)
	- libcrypt-jwt-perl <not-affected> (Fixed with initial upload to Debian)
	NOTE: https://github.com/DCIT/perl-Crypt-JWT/issues/3#issuecomment-417947483
CVE-2019-1010160
	RESERVED
CVE-2019-1010159
	RESERVED
CVE-2019-1010158
	RESERVED
CVE-2019-1010157
	RESERVED
CVE-2019-1010156
	REJECTED
CVE-2019-1010155 (** DISPUTED ** D-Link DSL-2750U 1.11 is affected by: Authentication By ...)
	NOT-FOR-US: D-Link
CVE-2019-1010154
	RESERVED
CVE-2019-1010153 (zzcms 8.3 and earlier is affected by: SQL Injection. The impact is: sq ...)
	NOT-FOR-US: zzcms
CVE-2019-1010152 (zzcms 8.3 and earlier is affected by: File Delete to Code Execution. T ...)
	NOT-FOR-US: zzcms
CVE-2019-1010151 (zzcms zzmcms 8.3 and earlier is affected by: File Delete to getshell.  ...)
	NOT-FOR-US: zzcms
CVE-2019-1010150 (zzcms 8.3 and earlier is affected by: File Delete to Code Execution. T ...)
	NOT-FOR-US: zzcms
CVE-2019-1010149 (zzcms version 8.3 and earlier is affected by: File Delete to Code Exec ...)
	NOT-FOR-US: zzcms
CVE-2019-1010148 (zzcms version 8.3 and earlier is affected by: SQL Injection. The impac ...)
	NOT-FOR-US: zzcms
CVE-2019-1010147 (Yellowfin Smart Reporting All Versions Prior to 7.3 is affected by: In ...)
	NOT-FOR-US: Yellowfin Smart Reporting
CVE-2019-1010146
	RESERVED
CVE-2019-1010145
	RESERVED
CVE-2019-1010144
	RESERVED
CVE-2019-1010143
	RESERVED
CVE-2019-1010142 (scapy 2.4.0 is affected by: Denial of Service. The impact is: infinite ...)
	- scapy 2.4.2-1
	[buster] - scapy <no-dsa> (Minor issue)
	[stretch] - scapy <not-affected> (Vulnerable code not present)
	[jessie] - scapy <not-affected> (Vulnerable code not present)
	NOTE: https://github.com/secdev/scapy/pull/1409
	NOTE: https://github.com/secdev/scapy/commit/0d7ae2b039f650a40e511d09eb961c782da025d9 (v2.4.1)
	NOTE: https://github.com/secdev/scapy/pull/1409/files#diff-441eff981e466959968111fc6314fe93L1058
CVE-2019-1010141
	RESERVED
CVE-2019-1010140
	RESERVED
CVE-2019-1010139
	RESERVED
CVE-2019-1010138
	RESERVED
CVE-2019-1010137
	RESERVED
CVE-2019-1010136 (ChinaMobile GPN2.4P21-C-CN W2001EN-00 is affected by: Incorrect Access ...)
	NOT-FOR-US: ChinaMobile GPN2.4P21-C-CN W2001EN-00
CVE-2019-1010135
	RESERVED
CVE-2019-1010134
	RESERVED
CVE-2019-1010133
	RESERVED
CVE-2019-1010132
	RESERVED
CVE-2019-1010131
	RESERVED
CVE-2019-1010130
	RESERVED
CVE-2019-1010129
	REJECTED
CVE-2019-1010128
	RESERVED
CVE-2019-1010127 (VCFTools vcftools prior to version 0.1.15 is affected by: Use-after-fr ...)
	- vcftools 0.1.16-1
	[stretch] - vcftools 0.1.14+dfsg-4+deb9u1
	[jessie] - vcftools 0.1.12+dfsg-1+deb8u1
	NOTE: https://github.com/vcftools/vcftools/commit/00a5b615a61054f23c01a04ebb6790a55029f695 (v0.1.16)
	NOTE: https://github.com/vcftools/vcftools/commit/e94e2992e2c0f4cc95864a42fe470c040f95712e (v0.1.16)
	NOTE: https://github.com/vcftools/vcftools/commit/d657d60e37f5d705f9dbb578b516db6e420fb424 (v0.1.16)
	NOTE: https://github.com/vcftools/vcftools/commit/f6453c581b8113053a25689226920f7ded2e8270 (fix for typo in warning log message))
	NOTE: CVE-2019-1010127 is a different issue than CVE-2018-11099, CVE-2018-11129 and
	NOTE: CVE-2018-11130 but covered with same set of upstream commits.
CVE-2019-1010126
	RESERVED
CVE-2019-1010125
	RESERVED
CVE-2019-1010124 (WebAppick WooCommerce Product Feed 2.2.18 and earlier is affected by:  ...)
	NOT-FOR-US: WebAppick WooCommerce Product Feed
CVE-2019-1010123 (MODX Revolution Gallery 1.7.0 is affected by: CWE-434: Unrestricted Up ...)
	NOT-FOR-US: MODX Revolution Gallery
CVE-2019-1010122
	RESERVED
CVE-2019-1010121
	RESERVED
CVE-2019-1010120
	RESERVED
CVE-2019-1010119
	RESERVED
CVE-2019-1010118
	RESERVED
CVE-2019-1010117
	RESERVED
CVE-2019-1010116
	RESERVED
CVE-2019-1010115
	RESERVED
CVE-2019-1010114
	RESERVED
CVE-2019-1010113 (Premium Software CLEditor 1.4.5 and earlier is affected by: Cross Site ...)
	NOT-FOR-US: Premium Software CLEditor
CVE-2019-1010112 (OECMS v4.3.R60321 and v4.3 later is affected by: Cross Site Request Fo ...)
	NOT-FOR-US: OECMS
CVE-2019-1010111
	RESERVED
CVE-2019-1010110
	RESERVED
CVE-2019-1010109
	RESERVED
CVE-2019-1010108
	RESERVED
CVE-2019-1010107
	RESERVED
CVE-2019-1010106
	RESERVED
CVE-2019-1010105
	RESERVED
CVE-2019-1010104 (TechyTalk Quick Chat WordPress Plugin All up to the latest is affected ...)
	NOT-FOR-US: TechyTalk Quick Chat WordPress Plugin All
CVE-2019-1010103
	RESERVED
CVE-2019-1010102
	RESERVED
CVE-2019-1010101 (Akeo Consulting Rufus 3.0 and earlier is affected by: Insecure Permiss ...)
	NOT-FOR-US: Akeo Consulting Rufus
CVE-2019-1010100 (Akeo Consulting Rufus 3.0 and earlier is affected by: DLL search order ...)
	NOT-FOR-US: Akeo Consulting Rufus
CVE-2019-1010099
	RESERVED
CVE-2019-1010098
	RESERVED
CVE-2019-1010097
	RESERVED
CVE-2019-1010096 (DomainMOD v4.10.0 is affected by: Cross Site Request Forgery (CSRF). T ...)
	NOT-FOR-US: domainmod
CVE-2019-1010095 (DomainMOD v4.10.0 is affected by: Cross Site Request Forgery (CSRF). T ...)
	NOT-FOR-US: domainmod
CVE-2019-1010094 (domainmod v4.10.0 is affected by: Cross Site Request Forgery (CSRF). T ...)
	NOT-FOR-US: domainmod
CVE-2019-1010093
	RESERVED
CVE-2019-1010092
	RESERVED
CVE-2019-1010091 (tinymce 4.7.11, 4.7.12 is affected by: CWE-79: Improper Neutralization ...)
	- tinymce <undetermined>
	[jessie] - tinymce <ignored> (Minor issue, requires manually copy/pasting javascript to execute it, can't reproduce on Jessie)
	NOTE: https://github.com/tinymce/tinymce/issues/4394
	TODO: check
CVE-2019-1010090
	RESERVED
CVE-2019-1010089
	RESERVED
CVE-2019-1010088
	RESERVED
CVE-2019-1010087
	RESERVED
CVE-2019-1010086
	RESERVED
CVE-2019-1010085
	RESERVED
CVE-2019-1010084 (Dancer::Plugin::SimpleCRUD 1.14 and earlier is affected by: Incorrect  ...)
	NOT-FOR-US: Dancer::Plugin::SimpleCRUD
CVE-2019-1010083 (The Pallets Project Flask before 1.0 is affected by: unexpected memory ...)
	- flask 1.0.2-1
	[stretch] - flask <no-dsa> (Minor issue)
	[jessie] - flask <no-dsa> (Minor issue)
	NOTE: https://www.palletsprojects.com/blog/flask-1-0-released/
	NOTE: https://github.com/pallets/flask/pull/2691/commits/ab4142215d836b0298fc47fa1e4b75408b9c37a0
	NOTE: After communication with MITRE, this CVE *might* overlap CVE-2018-1000656.
	NOTE: CVE-2019-1010083 was back then assigned by the DWF CNA, but the exact scope
	NOTE: of the CVE is unclear and might for instance be for an incomplete fix of
	NOTE: CVE-2018-1000656. As such it was only noted with a "may overlap". The
	NOTE: CVE-2019-1010083 only refers to the 1.0 release announcement and it is
	NOTE: guaranteed that it relates as well to pull request 2691. Upstream itself did
	NOTE: not comment on direct pings/questions back.
CVE-2019-1010082
	RESERVED
CVE-2019-1010081
	RESERVED
CVE-2019-1010080
	RESERVED
CVE-2019-1010079
	RESERVED
CVE-2019-1010078
	RESERVED
CVE-2019-1010077
	RESERVED
CVE-2019-1010076
	RESERVED
CVE-2019-1010075
	RESERVED
CVE-2019-1010074
	RESERVED
CVE-2019-1010073
	REJECTED
CVE-2019-1010072
	RESERVED
CVE-2019-1010071
	RESERVED
CVE-2019-1010070
	RESERVED
CVE-2019-1010069 (moinejf abcm2ps 8.13.20 is affected by: Incorrect Access Control. The  ...)
	- abcm2ps 8.14.2-0.1 (unimportant)
	NOTE: https://github.com/leesavide/abcm2ps/issues/18
	NOTE: https://github.com/leesavide/abcm2ps/commit/08aef597656d065e86075f3d53fda89765845eae (v8.13.21)
	NOTE: Crash in CLI tool, no security impact
CVE-2019-1010068
	RESERVED
CVE-2019-1010067
	RESERVED
CVE-2019-1010066 (Lawrence Livermore National Laboratory msr-safe v1.1.0 is affected by: ...)
	NOT-FOR-US: Lawrence Livermore National Laboratory msr-safe
CVE-2019-1010065 (The Sleuth Kit 4.6.0 and earlier is affected by: Integer Overflow. The ...)
	- sleuthkit 4.6.1-1 (unimportant)
	NOTE: https://github.com/sleuthkit/sleuthkit/commit/114cd3d0aac8bd1aeaf4b33840feb0163d342d5b (4.6.1)
	NOTE: Negligible security impact
CVE-2019-1010064
	RESERVED
CVE-2019-1010063
	RESERVED
CVE-2019-1010062 (PluckCMS 4.7.4 and earlier is affected by: CWE-434 Unrestricted Upload ...)
	NOT-FOR-US: PluckCMS
CVE-2019-1010061
	REJECTED
CVE-2019-1010060 (NASA CFITSIO prior to 3.43 is affected by: Buffer Overflow. The impact ...)
	- cfitsio 3.430-1 (low; bug #892458)
	[stretch] - cfitsio <no-dsa> (Minor issue)
	[jessie] - cfitsio <no-dsa> (Minor issue)
	NOTE: The issue is specifically to other issues not covered by CVE-2018-3846,
	NOTE: CVE-2018-3847, CVE-2018-3848, and CVE-2018-3849 but fixed in 3.43. One
	NOTE: example is ftp_status in drvrnet.c mishandling a long string beginning
	NOTE: with a '4' character.
CVE-2019-1010059
	RESERVED
CVE-2019-1010058
	RESERVED
CVE-2019-1010057 (nfdump 1.6.16 and earlier is affected by: Buffer Overflow. The impact  ...)
	- nfdump 1.6.17-1
	[stretch] - nfdump <no-dsa> (Minor issue; can be fixed via point release)
	NOTE: https://github.com/phaag/nfdump/issues/104
	NOTE: https://github.com/phaag/nfdump/commit/9f0fe9563366f62a71d34c92229da3432ec5cf0e
CVE-2019-1010056
	RESERVED
CVE-2019-1010055
	RESERVED
CVE-2019-1010054 (Dolibarr 7.0.0 is affected by: Cross Site Request Forgery (CSRF). The  ...)
	- dolibarr <removed>
CVE-2019-1010053
	RESERVED
CVE-2019-1010052
	RESERVED
CVE-2019-1010051
	RESERVED
CVE-2019-1010050
	RESERVED
CVE-2019-1010049
	RESERVED
CVE-2019-1010048
	REJECTED
CVE-2019-1010047
	RESERVED
CVE-2019-1010046
	RESERVED
CVE-2019-1010045
	RESERVED
CVE-2019-1010044 (borg-reducer c6d5240 is affected by: Buffer Overflow. The impact is: P ...)
	NOT-FOR-US: borg-reducer
CVE-2019-1010043 (Quake3e &lt; 5ed740d is affected by: Buffer Overflow. The impact is: P ...)
	- ioquake3 <unfixed> (unimportant)
	NOTE: https://github.com/ec-/Quake3e/issues/9
	NOTE: https://github.com/ec-/Quake3e/commit/fea3c4144c7b325634cdf638d1582c772a2db3bd
	NOTE: No security impact
CVE-2019-1010042
	REJECTED
CVE-2019-1010041
	RESERVED
CVE-2019-1010040
	RESERVED
CVE-2019-1010039 (uLaunchELF &lt; commit 170827a is affected by: Buffer Overflow. The im ...)
	NOT-FOR-US: uLaunchELF
CVE-2019-1010038 (OpenModelica OMCompiler is affected by: Buffer Overflow. The impact is ...)
	NOT-FOR-US: OpenModelica OMCompiler
CVE-2019-1010037
	RESERVED
CVE-2019-1010036
	RESERVED
CVE-2019-1010035
	RESERVED
CVE-2019-1010034 (Deepwoods Software WebLibrarian 3.5.2 and earlier is affected by: SQL  ...)
	NOT-FOR-US: Deepwoods Software WebLibrarian
CVE-2019-1010033
	RESERVED
CVE-2019-1010032
	RESERVED
CVE-2019-1010031
	RESERVED
CVE-2019-1010030
	REJECTED
CVE-2019-1010029
	RESERVED
CVE-2019-1010028 (phpscriptsmall.com School College Portal with ERP Script 2.6.1 and ear ...)
	NOT-FOR-US: School College Portal
CVE-2019-1010027
	RESERVED
CVE-2019-1010026
	RESERVED
CVE-2019-1010025 (** DISPUTED ** GNU Libc current is affected by: Mitigation bypass. The ...)
	- glibc <unfixed> (unimportant)
	NOTE: Not treated as a security issue by upstream
	NOTE: https://sourceware.org/bugzilla/show_bug.cgi?id=22853
CVE-2019-1010024 (GNU Libc current is affected by: Mitigation bypass. The impact is: Att ...)
	- glibc <unfixed> (unimportant)
	NOTE: Not treated as a security issue by upstream
	NOTE: https://sourceware.org/bugzilla/show_bug.cgi?id=22852
CVE-2019-1010023 (GNU Libc current is affected by: Re-mapping current loaded libray with ...)
	- glibc <unfixed> (unimportant)
	NOTE: Not treated as a security issue by upstream
	NOTE: https://sourceware.org/bugzilla/show_bug.cgi?id=22851
CVE-2019-1010022 (GNU Libc current is affected by: Mitigation bypass. The impact is: Att ...)
	- glibc <unfixed> (unimportant)
	NOTE: Not treated as a security issue by upstream
	NOTE: https://sourceware.org/bugzilla/show_bug.cgi?id=22850
CVE-2019-1010021
	RESERVED
CVE-2019-1010020
	RESERVED
CVE-2019-1010019
	RESERVED
CVE-2019-1010018 (Zammad GmbH Zammad 2.3.0 and earlier is affected by: Cross Site Script ...)
	- zammad <itp> (bug #841355)
CVE-2019-1010017 (libnmap &lt; v0.6.3 is affected by: XML Injection. The impact is: Deni ...)
	- python-libnmap <unfixed> (low)
	[buster] - python-libnmap <no-dsa> (Minor issue)
	NOTE: https://github.com/savon-noir/python-libnmap/issues/87
CVE-2019-1010016 (Dolibarr 6.0.4 is affected by: Cross Site Scripting (XSS). The impact  ...)
	- dolibarr <removed>
	NOTE: https://github.com/Dolibarr/dolibarr/issues/7962
CVE-2019-1010015
	RESERVED
CVE-2019-1010014
	RESERVED
CVE-2019-1010013
	RESERVED
CVE-2019-1010012
	RESERVED
CVE-2019-1010011
	REJECTED
CVE-2019-1010010
	RESERVED
CVE-2019-1010009 (DGLogik Inc DGLux Server All Versions is affected by: Insecure Permiss ...)
	NOT-FOR-US: DGLogik Inc DGLux Server
CVE-2019-1010008 (OpenEnergyMonitor Project Emoncms 9.8.8 is affected by: Cross Site Scr ...)
	NOT-FOR-US: OpenEnergyMonitor Project Emoncms
CVE-2019-1010007
	RESERVED
CVE-2019-1010006 (Evince 3.26.0 is affected by buffer overflow. The impact is: DOS / Pos ...)
	{DSA-4624-1 DLA-1882-1 DLA-1881-1}
	- atril 1.22.2-1
	[buster] - atril 1.20.3-1+deb10u1
	- evince 3.27.92-1
	NOTE: https://bugzilla.gnome.org/show_bug.cgi?id=788980
	NOTE: https://gitlab.gnome.org/GNOME/evince/commit/e6ed0d4cdb6326e329c8f61f9cc19ff9331cb0ce (3.27.91)
	NOTE: https://gitlab.gnome.org/GNOME/evince/commit/e02fe9170ad0ac2fd46c75329c4f1d4502d4a362 (3.27.91)
CVE-2019-1010005 (HexoEditor v1.1.8-beta is affected by: XSS to code execution. ...)
	NOT-FOR-US: HexoEditor
CVE-2019-1010004 (SoX - Sound eXchange 14.4.2 and earlier is affected by: Out-of-bounds  ...)
	{DLA-1695-1 DLA-1197-1}
	- sox 14.4.2-2 (bug #881121)
	[stretch] - sox 14.4.1-5+deb9u2
	NOTE: https://github.com/mansr/sox/commit/7a8ceb86212b28243bbb6d0de636f0dfbe833e53
CVE-2019-1010003 (Leanote prior to version 2.6 is affected by: Cross Site Scripting (XSS ...)
	NOT-FOR-US: Leanote
CVE-2019-1010002
	RESERVED
CVE-2019-1010001
	RESERVED
CVE-2019-6341 (In Drupal 7 versions prior to 7.65; Drupal 8.6 versions prior to 8.6.1 ...)
	{DSA-4412-1 DLA-1746-1}
	- drupal7 <removed> (bug #925176)
	NOTE: https://www.drupal.org/SA-CORE-2019-004
CVE-2019-9893 (libseccomp before 2.4.0 did not correctly generate 64-bit syscall argu ...)
	- libseccomp 2.4.1-1 (unimportant; bug #924646)
	NOTE: https://github.com/seccomp/libseccomp/issues/139
	NOTE: No security issue by itself
CVE-2019-9887
	RESERVED
CVE-2019-9886 (Any URLs with download_attachment.php under templates or home folders  ...)
	NOT-FOR-US: BroadLearning eClass
CVE-2019-9885 (eClass platform &lt; ip.2.5.10.2.1 allows an attacker to execute SQL c ...)
	NOT-FOR-US: eClass platform
CVE-2019-9884 (eClass platform &lt; ip.2.5.10.2.1 allows an attacker to use GETS meth ...)
	NOT-FOR-US: eClass platform
CVE-2019-9883 (Multi modules of MailSherlock MSR35 and MSR45 lead to a CSRF vulnerabi ...)
	NOT-FOR-US: MailSherlock
CVE-2019-9882 (Multi modules of MailSherlock MSR35 and MSR45 lead to a CSRF vulnerabi ...)
	NOT-FOR-US: MailSherlock
CVE-2019-9881 (The createComment mutation in the WPGraphQL 0.2.3 plugin for WordPress ...)
	NOT-FOR-US: WPGraphQL plugin for WordPress
CVE-2019-9880 (An issue was discovered in the WPGraphQL 0.2.3 plugin for WordPress. B ...)
	NOT-FOR-US: WPGraphQL plugin for WordPress
CVE-2019-9879 (The WPGraphQL 0.2.3 plugin for WordPress allows remote attackers to re ...)
	NOT-FOR-US: WPGraphQL plugin for WordPress
CVE-2019-9878 (There is an invalid memory access in the function GfxIndexedColorSpace ...)
	- xpdf <not-affected> (xpdf in Debian uses poppler, which is not affected or fixed)
CVE-2019-9877 (There is an invalid memory access vulnerability in the function TextPa ...)
	- xpdf <not-affected> (xpdf in Debian uses poppler, which doesn't contain the vulnerable code)
CVE-2019-9876
	RESERVED
CVE-2019-9875 (Deserialization of Untrusted Data in the anti CSRF module in Sitecore  ...)
	NOT-FOR-US: Sitecore CMS
CVE-2019-9874 (Deserialization of Untrusted Data in the Sitecore.Security.AntiCSRF (a ...)
	NOT-FOR-US: Sitecore CMS
CVE-2019-9873 (In several versions of JetBrains IntelliJ IDEA Ultimate, creating Task ...)
	- intellij-idea <itp> (bug #747616)
CVE-2019-9872 (In several versions of JetBrains IntelliJ IDEA Ultimate, creating run  ...)
	- intellij-idea <itp> (bug #747616)
CVE-2019-9871 (Jector Smart TV FM-K75 devices allow remote code execution because the ...)
	NOT-FOR-US: Jector Smart TV FM-K75 devices
CVE-2019-9870 (plugin.js in the w8tcha oEmbed plugin before 2019-03-14 for CKEditor m ...)
	NOT-FOR-US: w8tcha oEmbed plugin for CKEditor
CVE-2019-9869
	RESERVED
CVE-2019-9868 (An issue was discovered in the Web Console in Veritas NetBackup Applia ...)
	NOT-FOR-US: Veritas NetBackup Appliance
CVE-2019-9867 (An issue was discovered in the Web Console in Veritas NetBackup Applia ...)
	NOT-FOR-US: Veritas NetBackup Appliance
CVE-2019-9866 (An issue was discovered in GitLab Community and Enterprise Edition 11. ...)
	- gitlab 11.8.3-1 (bug #925196)
	NOTE: https://about.gitlab.com/2019/03/20/critical-security-release-gitlab-11-dot-8-dot-3-released/
CVE-2019-9865 (When RPC is enabled in Wind River VxWorks 6.9 prior to 6.9.1, a specia ...)
	NOT-FOR-US: Wind River VxWorks
CVE-2019-9864 (PHP Scripts Mall Amazon Affiliate Store 2.1.6 allows Parameter Tamperi ...)
	NOT-FOR-US: PHP Scripts Mall Amazon Affiliate Store
CVE-2019-9863 (Due to the use of an insecure algorithm for rolling codes in the ABUS  ...)
	NOT-FOR-US: ABUS
CVE-2019-9862 (An issue was discovered on ABUS Secvest wireless alarm system FUAA5000 ...)
	NOT-FOR-US: ABUS
CVE-2019-9861 (Due to the use of an insecure RFID technology (MIFARE Classic), ABUS p ...)
	NOT-FOR-US: ABUS
CVE-2019-9860 (Due to unencrypted signal communication and predictability of rolling  ...)
	NOT-FOR-US: ABUS
CVE-2019-9859 (Vesta Control Panel (VestaCP) 0.9.7 through 0.9.8-23 is vulnerable to  ...)
	NOT-FOR-US: Vesta Control Panel (VestaCP)
CVE-2019-9858 (Remote code execution was discovered in Horde Groupware Webmail 5.2.22 ...)
	{DSA-4468-1 DLA-1822-1}
	- php-horde-form 2.0.18-3.1 (bug #930321)
	NOTE: https://ssd-disclosure.com/archives/3814/ssd-advisory-horde-groupware-webmail-authenticated-arbitrary-file-injection-to-rce
	NOTE: https://github.com/horde/Form/commit/c916ba979ad1613d76a9407dd0b67968a9594c0e
CVE-2019-9856
	RESERVED
CVE-2019-9855 (LibreOffice is typically bundled with LibreLogo, a programmable turtle ...)
	- libreoffice <not-affected> (Windows-specific)
	NOTE: https://www.libreoffice.org/about-us/security/advisories/cve-2019-9855/
CVE-2019-9854 (LibreOffice has a feature where documents can specify that pre-install ...)
	{DSA-4519-1 DLA-1947-1}
	- libreoffice 1:6.3.1~rc2-1
	NOTE: https://www.libreoffice.org/about-us/security/advisories/cve-2019-9854/
CVE-2019-9853 (LibreOffice documents can contain macros. The execution of those macro ...)
	{DSA-4501-1 DLA-1947-1}
	- libreoffice 1:6.3.0-1
	NOTE: https://www.libreoffice.org/about-us/security/advisories/cve-2019-9853
CVE-2019-9852 (LibreOffice has a feature where documents can specify that pre-install ...)
	{DSA-4501-1 DLA-1947-1}
	- libreoffice 1:6.3.0-1
	NOTE: https://www.libreoffice.org/about-us/security/advisories/cve-2019-9852/
CVE-2019-9851 (LibreOffice is typically bundled with LibreLogo, a programmable turtle ...)
	{DSA-4501-1 DLA-1947-1}
	- libreoffice 1:6.3.0-1
	NOTE: https://www.libreoffice.org/about-us/security/advisories/cve-2019-9851/
CVE-2019-9850 (LibreOffice is typically bundled with LibreLogo, a programmable turtle ...)
	{DSA-4501-1 DLA-1947-1}
	- libreoffice 1:6.3.0-1
	NOTE: https://www.libreoffice.org/about-us/security/advisories/cve-2019-9850/
CVE-2019-9849 (LibreOffice has a 'stealth mode' in which only documents from location ...)
	{DSA-4483-1 DLA-1947-1}
	[experimental] - libreoffice 1:6.3.0~beta2-1
	- libreoffice 1:6.3.0~rc1-1
	NOTE: https://www.libreoffice.org/about-us/security/advisories/cve-2019-9849/
CVE-2019-9848 (LibreOffice has a feature where documents can specify that pre-install ...)
	{DSA-4483-1 DLA-1947-1}
	[experimental] - libreoffice 1:6.3.0~beta2-1
	- libreoffice 1:6.3.0~rc1-1
	NOTE: https://www.libreoffice.org/about-us/security/advisories/cve-2019-9848/
CVE-2019-9847 (A vulnerability in LibreOffice hyperlink processing allows an attacker ...)
	- libreoffice <not-affected> (Only affects Libreoffice on Windows and macOS)
	NOTE: https://www.libreoffice.org/about-us/security/advisories/cve-2019-9847/
CVE-2019-9857 (In the Linux kernel through 5.0.2, the function inotify_update_existin ...)
	- linux 4.19.37-1
	[stretch] - linux <not-affected> (Vulnerable code not present)
	[jessie] - linux <not-affected> (Vulnerable code not present)
	NOTE: https://git.kernel.org/linus/62c9d2674b31d4c8a674bee86b7edc6da2803aea
CVE-2019-9846 (RockOA 1.8.7 allows remote attackers to obtain sensitive information b ...)
	NOT-FOR-US: RockOA
CVE-2019-9845 (madskristensen Miniblog.Core through 2019-01-16 allows remote attacker ...)
	NOT-FOR-US: madskristensen Miniblog.Core
CVE-2019-9844 (simple-markdown.js in Khan Academy simple-markdown before 0.4.4 allows ...)
	NOT-FOR-US: Khan Academy simple-markdown
CVE-2019-9843 (In DiffPlug Spotless before 1.20.0 (library and Maven plugin) and befo ...)
	NOT-FOR-US: DiffPlug Spotless
CVE-2019-9842 (madskristensen MiniBlog through 2018-05-18 allows remote attackers to  ...)
	NOT-FOR-US: madskristensen Miniblog
CVE-2019-9841 (Vesta Control Panel 0.9.8-23 allows XSS via a crafted URL. ...)
	NOT-FOR-US: Vesta Control Panel
CVE-2019-9840
	RESERVED
CVE-2019-9839 (VFront 0.99.5 has Reflected XSS via the admin/menu_registri.php descri ...)
	NOT-FOR-US: VFront
CVE-2019-9838 (VFront 0.99.5 has stored XSS via the admin/sync_reg_tab.php azzera par ...)
	NOT-FOR-US: VFront
CVE-2019-9837 (Doorkeeper::OpenidConnect (aka the OpenID Connect extension for Doorke ...)
	- ruby-doorkeeper-openid-connect 1.5.5-1 (bug #924747)
	NOTE: https://github.com/doorkeeper-gem/doorkeeper-openid_connect/issues/61
	NOTE: https://github.com/doorkeeper-gem/doorkeeper-openid_connect/pull/66
CVE-2019-9836 (Secure Encrypted Virtualization (SEV) on Advanced Micro Devices (AMD)  ...)
	NOT-FOR-US: AMD Secure Encrypted Virtualization (SEV)
CVE-2019-9835 (The receiver (aka bridge) component of Fujitsu Wireless Keyboard Set L ...)
	NOT-FOR-US: Fujitsu Wireless Keyboard Set LX901 GK900 devices
CVE-2019-9834 (** DISPUTED ** The Netdata web application through 1.13.0 allows remot ...)
	- netdata <unfixed> (unimportant)
	NOTE: https://github.com/netdata/netdata/issues/5800#issuecomment-510986112
	NOTE: Risk disupted by upstream because there is a clear warning next to the
	NOTE: button for importing a snapshot, thus treat the issue as unimportant with
	NOTE: negligible impact.
CVE-2019-9833 (The Screen Stream application through 3.0.15 for Android allows remote ...)
	NOT-FOR-US: Screen Stream application for Android
CVE-2019-9832 (The AirDrop application through 2.0 for Android allows remote attacker ...)
	NOT-FOR-US: AirDrop application for Android
CVE-2019-9831 (The AirMore application through 1.6.1 for Android allows remote attack ...)
	NOT-FOR-US: AirMore application for Android
CVE-2019-9830
	RESERVED
CVE-2019-9829 (Maccms 10 allows remote attackers to execute arbitrary PHP code by ent ...)
	NOT-FOR-US: Maccms
CVE-2019-9828
	RESERVED
CVE-2019-9827 (Hawt Hawtio through 2.5.0 is vulnerable to SSRF, allowing a remote att ...)
	NOT-FOR-US: Hawtio
CVE-2019-9826 (The fulltext search component in phpBB before 3.2.6 allows Denial of S ...)
	{DLA-1775-1}
	- phpbb3 <removed>
	NOTE: https://www.openwall.com/lists/oss-security/2019/04/29/3
	NOTE: Fixed by https://github.com/phpbb/phpbb/commit/3075d2fecc9f5bb780bb478c0851a704c7f9b392
CVE-2019-9825 (FeiFeiCMS 4.1.190209 allows remote attackers to upload and execute arb ...)
	NOT-FOR-US: FeiFeiCMS
CVE-2019-9824 (tcp_emu in slirp/tcp_subr.c (aka slirp/src/tcp_subr.c) in QEMU 3.0.0 u ...)
	{DSA-4454-1 DLA-1781-1}
	- qemu 1:3.1+dfsg-6
	- qemu-kvm <removed>
	- slirp4netns 0.3.1-1
	[buster] - slirp4netns 0.2.3-1
	NOTE: https://lists.gnu.org/archive/html/qemu-devel/2019-03/msg01871.html
	NOTE: https://www.openwall.com/lists/oss-security/2019/03/18/1
	NOTE: https://github.com/qemu/qemu/commit/d3222975c7d6cda9e25809dea05241188457b113
CVE-2019-9823 (In several JetBrains IntelliJ IDEA versions, creating remote run confi ...)
	- intellij-idea <itp> (bug #747616)
CVE-2019-9822
	RESERVED
CVE-2019-9821 (A use-after-free vulnerability can occur in AssertWorkerThread due to  ...)
	[experimental] - firefox 67.0-1
	- firefox 67.0-2
	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2019-13/#CVE-2019-9821
CVE-2019-9820 (A use-after-free vulnerability can occur in the chrome event handler w ...)
	{DSA-4451-1 DSA-4448-1 DLA-1806-1 DLA-1800-1}
	[experimental] - firefox 67.0-1
	- firefox 67.0-2
	- firefox-esr 60.7.0esr-1
	- thunderbird 1:60.7.0-1
	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2019-13/#CVE-2019-9820
	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2019-14/#CVE-2019-9820
	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2019-15/#CVE-2019-9820
CVE-2019-9819 (A vulnerability where a JavaScript compartment mismatch can occur whil ...)
	{DSA-4451-1 DSA-4448-1 DLA-1806-1 DLA-1800-1}
	[experimental] - firefox 67.0-1
	- firefox 67.0-2
	- firefox-esr 60.7.0esr-1
	- thunderbird 1:60.7.0-1
	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2019-13/#CVE-2019-9819
	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2019-14/#CVE-2019-9819
	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2019-15/#CVE-2019-9819
CVE-2019-9818 (A race condition is present in the crash generation server used to gen ...)
	- firefox <not-affected> (Windows-specific)
	- firefox-esr <not-affected> (Windows-specific)
	- thunderbird <not-affected> (Windows-specific)
	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2019-13/#CVE-2019-9818
	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2019-14/#CVE-2019-9818
	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2019-15/#CVE-2019-9818
CVE-2019-9817 (Images from a different domain can be read using a canvas object in so ...)
	{DSA-4451-1 DSA-4448-1 DLA-1806-1 DLA-1800-1}
	[experimental] - firefox 67.0-1
	- firefox 67.0-2
	- firefox-esr 60.7.0esr-1
	- thunderbird 1:60.7.0-1
	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2019-13/#CVE-2019-9817
	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2019-14/#CVE-2019-9817
	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2019-15/#CVE-2019-9817
CVE-2019-9816 (A possible vulnerability exists where type confusion can occur when ma ...)
	{DSA-4451-1 DSA-4448-1 DLA-1806-1 DLA-1800-1}
	[experimental] - firefox 67.0-1
	- firefox 67.0-2
	- firefox-esr 60.7.0esr-1
	- thunderbird 1:60.7.0-1
	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2019-13/#CVE-2019-9816
	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2019-14/#CVE-2019-9816
	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2019-15/#CVE-2019-9816
CVE-2019-9815 (If hyperthreading is not disabled, a timing attack vulnerability exist ...)
	- firefox <not-affected> (MacOS-specific)
	- firefox-esr <not-affected> (MacOS-specific)
	- thunderbird <not-affected> (MacOS-specific)
	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2019-13/#CVE-2019-9815
	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2019-14/#CVE-2019-9815
	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2019-15/#CVE-2019-9815
CVE-2019-9814 (Mozilla developers and community members reported memory safety bugs p ...)
	[experimental] - firefox 67.0-1
	- firefox 67.0-2
	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2019-13/#CVE-2019-9814
CVE-2019-9813 (Incorrect handling of __proto__ mutations may lead to type confusion i ...)
	{DSA-4417-1 DLA-1727-1}
	- firefox 66.0.1-1
	- firefox-esr 60.6.1esr-1
	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2019-09/#CVE-2019-9813
	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2019-10/#CVE-2019-9813
CVE-2019-9812 (Given a compromised sandboxed content process due to a separate vulner ...)
	{DSA-4516-1 DLA-1910-1}
	- firefox 69.0-1
	- firefox-esr 68.1.0esr-1
	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2019-25/#CVE-2019-9812
	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2019-26/#CVE-2019-9812
	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2019-27/#CVE-2019-9812
CVE-2019-9811 (As part of a winning Pwn2Own entry, a researcher demonstrated a sandbo ...)
	{DSA-4482-1 DSA-4479-1 DLA-1870-1 DLA-1869-1}
	- firefox 68.0-1
	- firefox-esr 60.8.0esr-1
	- thunderbird 1:60.8.0-1
	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2019-21/#CVE-2019-9811
	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2019-22/#CVE-2019-9811
	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2019-23/#CVE-2019-9811
CVE-2019-9810 (Incorrect alias information in IonMonkey JIT compiler for Array.protot ...)
	{DSA-4417-1 DLA-1727-1}
	- firefox 66.0.1-1
	- firefox-esr 60.6.1esr-1
	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2019-09/#CVE-2019-9810
	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2019-10/#CVE-2019-9810
CVE-2019-9809 (If the source for resources on a page is through an FTP connection, it ...)
	- firefox 66.0-1
	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2019-07/#CVE-2019-9809
CVE-2019-9808 (If WebRTC permission is requested from documents with data: or blob: U ...)
	- firefox 66.0-1
	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2019-07/#CVE-2019-9808
CVE-2019-9807 (When arbitrary text is sent over an FTP connection and a page reload i ...)
	- firefox 66.0-1
	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2019-07/#CVE-2019-9807
CVE-2019-9806 (A vulnerability exists during authorization prompting for FTP transact ...)
	- firefox 66.0-1
	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2019-07/#CVE-2019-9806
CVE-2019-9805 (A latent vulnerability exists in the Prio library where data may be re ...)
	- firefox 66.0-1
	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2019-07/#CVE-2019-9805
CVE-2019-9804 (In Firefox Developer Tools it is possible that pasting the result of t ...)
	- firefox <not-affected> (MacOS-specific)
	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2019-07/#CVE-2019-9804
CVE-2019-9803 (The Upgrade-Insecure-Requests (UIR) specification states that if UIR i ...)
	- firefox 66.0-1
	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2019-07/#CVE-2019-9803
CVE-2019-9802 (If a Sandbox content process is compromised, it can initiate an FTP do ...)
	- firefox 66.0-1
	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2019-07/#CVE-2019-9802
CVE-2019-9801 (Firefox will accept any registered Program ID as an external protocol  ...)
	- firefox-esr <not-affected> (Windows-specific)
	- firefox <not-affected> (Windows-specific)
	- thunderbird <not-affected> (Windows-specific)
	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2019-08/#CVE-2019-9801
	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2019-07/#CVE-2019-9801
	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2019-11/#CVE-2019-9801
CVE-2019-9800 (Mozilla developers and community members reported memory safety bugs p ...)
	{DSA-4451-1 DSA-4448-1 DLA-1806-1 DLA-1800-1}
	[experimental] - firefox 67.0-1
	- firefox 67.0-2
	- firefox-esr 60.7.0esr-1
	- thunderbird 1:60.7.0-1
	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2019-13/#CVE-2019-9800
	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2019-14/#CVE-2019-9800
	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2019-15/#CVE-2019-9800
CVE-2019-9799 (Insufficient bounds checking of data during inter-process communicatio ...)
	- firefox 66.0-1
	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2019-07/#CVE-2019-9799
CVE-2019-9798 (On Android systems, Firefox can load a library from APITRACE_LIB, whic ...)
	- firefox <not-affected> (Android-specific)
	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2019-07/#CVE-2019-9798
CVE-2019-9797 (Cross-origin images can be read in violation of the same-origin policy ...)
	{DSA-4451-1 DSA-4448-1 DLA-1806-1 DLA-1800-1}
	- firefox 66.0-1
	- firefox-esr 60.7.0esr-1
	- thunderbird 1:60.7.0-1
	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2019-07/#CVE-2019-9797
	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2019-14/#CVE-2019-9797
	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2019-15/#CVE-2019-9797
CVE-2019-9796 (A use-after-free vulnerability can occur when the SMIL animation contr ...)
	{DSA-4420-1 DSA-4411-1 DLA-1743-1 DLA-1722-1}
	- firefox-esr 60.6.0esr-1
	- firefox 66.0-1
	- thunderbird 1:60.6.1-1
	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2019-08/#CVE-2019-9796
	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2019-07/#CVE-2019-9796
	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2019-11/#CVE-2019-9796
CVE-2019-9795 (A vulnerability where type-confusion in the IonMonkey just-in-time (JI ...)
	{DSA-4420-1 DSA-4411-1 DLA-1743-1 DLA-1722-1}
	- firefox-esr 60.6.0esr-1
	- firefox 66.0-1
	- thunderbird 1:60.6.1-1
	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2019-08/#CVE-2019-9795
	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2019-07/#CVE-2019-9795
	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2019-11/#CVE-2019-9795
CVE-2019-9794 (A vulnerability was discovered where specific command line arguments a ...)
	- firefox-esr <not-affected> (Windows-specific)
	- firefox <not-affected> (Windows-specific)
	- thunderbird <not-affected> (Windows-specific)
	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2019-08/#CVE-2019-9794
	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2019-07/#CVE-2019-9794
	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2019-11/#CVE-2019-9794
CVE-2019-9793 (A mechanism was discovered that removes some bounds checking for strin ...)
	{DSA-4420-1 DSA-4411-1 DLA-1743-1 DLA-1722-1}
	- firefox-esr 60.6.0esr-1
	- firefox 66.0-1
	- thunderbird 1:60.6.1-1
	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2019-08/#CVE-2019-9793
	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2019-07/#CVE-2019-9793
	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2019-11/#CVE-2019-9793
CVE-2019-9792 (The IonMonkey just-in-time (JIT) compiler can leak an internal JS_OPTI ...)
	{DSA-4420-1 DSA-4411-1 DLA-1743-1 DLA-1722-1}
	- firefox-esr 60.6.0esr-1
	- firefox 66.0-1
	- thunderbird 1:60.6.1-1
	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2019-08/#CVE-2019-9792
	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2019-07/#CVE-2019-9792
	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2019-11/#CVE-2019-9792
CVE-2019-9791 (The type inference system allows the compilation of functions that can ...)
	{DSA-4420-1 DSA-4411-1 DLA-1743-1 DLA-1722-1}
	- firefox-esr 60.6.0esr-1
	- firefox 66.0-1
	- thunderbird 1:60.6.1-1
	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2019-08/#CVE-2019-9791
	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2019-07/#CVE-2019-9791
	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2019-11/#CVE-2019-9791
CVE-2019-9790 (A use-after-free vulnerability can occur when a raw pointer to a DOM e ...)
	{DSA-4420-1 DSA-4411-1 DLA-1743-1 DLA-1722-1}
	- firefox-esr 60.6.0esr-1
	- firefox 66.0-1
	- thunderbird 1:60.6.1-1
	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2019-08/#CVE-2019-9790
	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2019-07/#CVE-2019-9790
	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2019-11/#CVE-2019-9790
CVE-2019-9789 (Mozilla developers and community members reported memory safety bugs p ...)
	- firefox 66.0-1
	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2019-07/#CVE-2019-9789
CVE-2019-9788 (Mozilla developers and community members reported memory safety bugs p ...)
	{DSA-4420-1 DSA-4411-1 DLA-1743-1 DLA-1722-1}
	- firefox-esr 60.6.0esr-1
	- firefox 66.0-1
	- thunderbird 1:60.6.1-1
	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2019-08/#CVE-2019-9788
	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2019-07/#CVE-2019-9788
	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2019-11/#CVE-2019-9788
CVE-2019-9786
	RESERVED
CVE-2019-9785 (gitnote 3.1.0 allows remote attackers to execute arbitrary code via a  ...)
	NOT-FOR-US: gitnote
CVE-2019-9784
	RESERVED
CVE-2019-9783
	RESERVED
CVE-2019-9782
	RESERVED
CVE-2019-9781
	RESERVED
CVE-2019-9780
	RESERVED
CVE-2019-9787 (WordPress before 5.1.1 does not properly filter comment content, leadi ...)
	{DLA-1742-1}
	- wordpress 5.1.1+dfsg1-1 (bug #924546)
	[buster] - wordpress 5.0.4+dfsg1-1
	NOTE: https://blog.ripstech.com/2019/wordpress-csrf-to-rce/
	NOTE: Fixed by: https://github.com/WordPress/WordPress/commit/0292de60ec78c5a44956765189403654fe4d080b
CVE-2019-9779 (An issue was discovered in GNU LibreDWG 0.7 and 0.7.1645. There is a N ...)
	- libredwg <itp> (bug #595191)
CVE-2019-9778 (An issue was discovered in GNU LibreDWG 0.7 and 0.7.1645. There is a h ...)
	- libredwg <itp> (bug #595191)
CVE-2019-9777 (An issue was discovered in GNU LibreDWG 0.7 and 0.7.1645. There is a h ...)
	- libredwg <itp> (bug #595191)
CVE-2019-9776 (An issue was discovered in GNU LibreDWG 0.7 and 0.7.1645. There is a N ...)
	- libredwg <itp> (bug #595191)
CVE-2019-9775 (An issue was discovered in GNU LibreDWG 0.7 and 0.7.1645. There is an  ...)
	- libredwg <itp> (bug #595191)
CVE-2019-9774 (An issue was discovered in GNU LibreDWG 0.7 and 0.7.1645. There is an  ...)
	- libredwg <itp> (bug #595191)
CVE-2019-9773 (An issue was discovered in GNU LibreDWG 0.7 and 0.7.1645. There is a h ...)
	- libredwg <itp> (bug #595191)
CVE-2019-9772 (An issue was discovered in GNU LibreDWG 0.7 and 0.7.1645. There is a N ...)
	- libredwg <itp> (bug #595191)
CVE-2019-9771 (An issue was discovered in GNU LibreDWG 0.7 and 0.7.1645. There is a N ...)
	- libredwg <itp> (bug #595191)
CVE-2019-9770 (An issue was discovered in GNU LibreDWG 0.7 and 0.7.1645. There is a h ...)
	- libredwg <itp> (bug #595191)
CVE-2019-9769 (PilusCart 1.4.1 is vulnerable to index.php?module=users&amp;action=new ...)
	NOT-FOR-US: PilusCart
CVE-2019-9768 (Thinkst Canarytokens through commit hash 4e89ee0 (2019-03-01) relies o ...)
	NOT-FOR-US: Thinkst Canarytokens
CVE-2019-9767 (Stack-based buffer overflow in Free MP3 CD Ripper 2.6, when converting ...)
	NOT-FOR-US: Free MP3 CD Ripper
CVE-2019-9766 (Stack-based buffer overflow in Free MP3 CD Ripper 2.6, when converting ...)
	NOT-FOR-US: Free MP3 CD Ripper
CVE-2019-9765 (In Blog_mini 1.0, XSS exists via the author name of a comment reply in ...)
	NOT-FOR-US: Blog_mini
CVE-2019-9764 (HashiCorp Consul 1.4.3 lacks server hostname verification for agent-to ...)
	- consul <not-affected> (Only affected 1.4.3 version)
	NOTE: https://github.com/hashicorp/consul/issues/5519
CVE-2019-9763 (An issue was discovered in Openfind Mail2000 6.0 and 7.0 Webmail. XSS  ...)
	NOT-FOR-US: Openfind Mail2000 Webmail
CVE-2019-9762 (A SQL Injection was discovered in PHPSHE 1.7 in include/plugin/payment ...)
	NOT-FOR-US: PHPSHE
CVE-2019-9761 (An XXE issue was discovered in PHPSHE 1.7, which can be used to read a ...)
	NOT-FOR-US: PHPSHE
CVE-2019-9760 (FTPGetter Standard v.5.97.0.177 allows remote code execution when a us ...)
	NOT-FOR-US: FTPGetter
CVE-2019-9759 (An issue was discovered in TONGDA Office Anywhere 10.18.190121. There  ...)
	NOT-FOR-US: TONGDA Office Anywhere
CVE-2019-9758 (An issue was discovered in LabKey Server 19.1.0. The display name of a ...)
	NOT-FOR-US: LabKey Server
CVE-2019-9757 (An issue was discovered in LabKey Server 19.1.0. Sending an SVG contai ...)
	NOT-FOR-US: LabKey Server
CVE-2019-9756 (An issue was discovered in GitLab Community and Enterprise Edition 10. ...)
	[experimental] - gitlab 11.8.2-1
	- gitlab 11.8.2-2 (bug #924447)
	NOTE: https://about.gitlab.com/2019/03/04/security-release-gitlab-11-dot-8-dot-1-released/
CVE-2019-9755 (An integer underflow issue exists in ntfs-3g 2017.3.23. A local attack ...)
	{DSA-4413-1 DLA-1724-1}
	- ntfs-3g 1:2017.3.23AR.3-3 (bug #925255)
	NOTE: https://sourceforge.net/p/ntfs-3g/ntfs-3g/ci/85c1634a26faa572d3c558d4cf8aaaca5202d4e9/
CVE-2019-9754 (An issue was discovered in Tiny C Compiler (aka TinyCC or TCC) 0.9.27. ...)
	- tcc <unfixed> (low; bug #925127)
	[buster] - tcc <ignored> (Minor issue)
	[stretch] - tcc <ignored> (Minor issue)
	[jessie] - tcc <no-dsa> (Minor issue)
	NOTE: https://lists.nongnu.org/archive/html/tinycc-devel/2019-03/msg00038.html
CVE-2019-9753 (An issue was discovered in Open Ticket Request System (OTRS) 7.x befor ...)
	- otrs2 <not-affected> (Only affects 7.x series)
	NOTE: https://community.otrs.com/security-advisory-2019-03-security-update-for-otrs-framework
CVE-2019-9752 (An issue was discovered in Open Ticket Request System (OTRS) 5.x befor ...)
	{DLA-1721-1}
	- otrs2 6.0.16-1
	[stretch] - otrs2 <no-dsa> (Non-free not supported)
	NOTE: https://community.otrs.com/security-advisory-2019-01-security-update-for-otrs-framework/
	NOTE: OTRS 6: https://github.com/OTRS/otrs/commit/341c4096222819a108feb02256aba878943bf810
	NOTE: OTRS 5: https://github.com/OTRS/otrs/commit/d4e3dfbaa054762b29df54705aa412685dd37e15
CVE-2019-9751 (An issue was discovered in Open Ticket Request System (OTRS) 6.x befor ...)
	- otrs2 6.0.17-1
	[buster] - otrs2 6.0.16-2
	[stretch] - otrs2 <no-dsa> (Non-free not supported)
	[jessie] - otrs2 <not-affected> (Vulnerable code not present)
	NOTE: https://community.otrs.com/security-advisory-2019-02-security-update-for-otrs-framework
	NOTE: OTRS 6: https://github.com/OTRS/otrs/commit/1afb2b995e59551b927c2105e234e8b87efcc37a
CVE-2019-9750 (In IoTivity through 1.3.1, the CoAP server interface can be used for D ...)
	- iotivity <itp> (bug #824155)
CVE-2019-9749 (An issue was discovered in the MQTT input plugin in Fluent Bit through ...)
	NOT-FOR-US: Fluent Bit
CVE-2019-9748 (In tinysvcmdns through 2018-01-16, an mDNS server processing a crafted ...)
	NOT-FOR-US: tinysvcmdns
CVE-2019-9747 (In tinysvcmdns through 2018-01-16, a maliciously crafted mDNS (Multica ...)
	NOT-FOR-US: tinysvcmdns
CVE-2019-9746 (In libwebm before 2019-03-08, a NULL pointer dereference caused by the ...)
	NOT-FOR-US: libwebm
	NOTE: Chromium and qtwebengine bundle the library, but not a security issue there
CVE-2019-9745 (CloudCTI HIP Integrator Recognition Configuration Tool allows privileg ...)
	NOT-FOR-US: CloudCTI HIP Integrator Recognition Configuration Tool
CVE-2019-9744 (An issue was discovered on PHOENIX CONTACT FL NAT SMCS 8TX, FL NAT SMN ...)
	NOT-FOR-US: PHOENIX
CVE-2019-9743 (An issue was discovered on PHOENIX CONTACT RAD-80211-XD and RAD-80211- ...)
	NOT-FOR-US: PHOENIX CONTACT RAD-80211-XD and RAD-80211-XD/HP-BUS devices
CVE-2019-9742 (gdwfpcd.sys in G Data Total Security before 2019-02-22 allows an attac ...)
	NOT-FOR-US: G Data Total Security
CVE-2019-9741 (An issue was discovered in net/http in Go 1.11.5. CRLF injection is po ...)
	{DLA-1749-1}
	- golang-1.12 1.12-1
	- golang-1.11 1.11.6-1 (bug #924630)
	- golang-1.8 <removed>
	[stretch] - golang-1.8 <ignored> (Minor issue)
	- golang-1.7 <removed>
	[stretch] - golang-1.7 <ignored> (Minor issue)
	- golang <removed>
	NOTE: https://github.com/golang/go/issues/30794
	NOTE: https://github.com/golang/go/commit/829c5df58694b3345cb5ea41206783c8ccf5c3ca#diff-b97af51863ce82bf2a13003b52034aa9
	NOTE: https://github.com/golang/go/commit/f1d662f34788f4a5f087581d0951cdf4e0f6e708#diff-b97af51863ce82bf2a13003b52034aa9
CVE-2019-9740 (An issue was discovered in urllib2 in Python 2.x through 2.7.16 and ur ...)
	{DLA-1835-1 DLA-1834-1}
	- python3.7 3.7.4~rc2-2
	[buster] - python3.7 3.7.3-2+deb10u1
	- python3.6 <removed>
	- python3.5 <removed>
	- python3.4 <removed>
	- python2.7 2.7.16-3
	[buster] - python2.7 2.7.16-2+deb10u1
	[stretch] - python2.7 <no-dsa> (Minor issue)
	NOTE: https://bugs.python.org/issue36276
	NOTE: https://bugs.python.org/issue30458
	NOTE: CVE-2019-9947 issue fixed with same fix as for CVE-2019-9740
	NOTE: Patch 2.7: https://github.com/python/cpython/commit/bb8071a4cae5ab3fe321481dd3d73662ffb26052
CVE-2019-9739
	RESERVED
CVE-2019-9738 (jimmykuu Gopher 2.0 has DOM-based XSS via vectors involving the '&lt;E ...)
	NOT-FOR-US: jimmykuu Gopher
CVE-2019-9737 (Editor.md 1.5.0 has DOM-based XSS via vectors involving the '&lt;EMBED ...)
	NOT-FOR-US: pandao Editor.md
CVE-2019-9736 (DOM-based XSS exists in 1024Tools Markdown 1.0 via vectors involving t ...)
	NOT-FOR-US: 1024Tools Markdown
CVE-2019-9735 (An issue was discovered in the iptables firewall module in OpenStack N ...)
	{DSA-4409-1}
	- neutron 2:13.0.2-13 (bug #924508)
	[jessie] - neutron <not-affected> (Vulnerable code not present, all supported protocols are handled correctly)
	NOTE: https://launchpad.net/bugs/1818385
CVE-2019-9734 (Aquarius CMS through 4.3.5 writes POST and GET parameters (including p ...)
	NOT-FOR-US: aquaverde Aquarius CMS
CVE-2019-9733 (An issue was discovered in JFrog Artifactory 6.7.3. By default, the ac ...)
	NOT-FOR-US: JFrog Artifactory
CVE-2019-9732 (An issue was discovered in GitLab Community and Enterprise Edition 10. ...)
	[experimental] - gitlab 11.8.2-1
	- gitlab 11.8.2-2
	NOTE: https://about.gitlab.com/2019/03/14/gitlab-11-8-2-released/
CVE-2019-9731
	RESERVED
CVE-2019-9730 (Incorrect access control in the CxUtilSvc component of the Synaptics S ...)
	NOT-FOR-US: Lenovo
CVE-2019-9729 (In Shanda MapleStory Online V160, the SdoKeyCrypt.sys driver allows pr ...)
	NOT-FOR-US: Shanda MapleStory Online
CVE-2019-9728
	RESERVED
CVE-2019-9727 (Unauthenticated password hash disclosure in the User.getUserPWD method ...)
	NOT-FOR-US: eQ-3 AG Homematic CCU3
CVE-2019-9726 (Directory Traversal / Arbitrary File Read in eQ-3 AG Homematic CCU3 3. ...)
	NOT-FOR-US: eQ-3 AG Homematic CCU3
CVE-2019-9725 (The Web manager (aka Commander) on Korenix JetPort 5601 and 5601f devi ...)
	NOT-FOR-US: Korenix JetPort devices
CVE-2019-9724 (aquaverde Aquarius CMS through 4.3.5 allows Information Exposure throu ...)
	NOT-FOR-US: aquaverde Aquarius CMS
CVE-2019-9723 (LogicalDOC Community Edition 8.x before 8.2.1 has a path traversal vul ...)
	NOT-FOR-US: LogicalDOC
CVE-2019-9722
	RESERVED
CVE-2019-9721 (A denial of service in the subtitle decoder in FFmpeg 4.1 allows attac ...)
	- ffmpeg 7:4.1.3-1 (bug #926666)
	[stretch] - ffmpeg <not-affected> (Vulnerable code not present)
	NOTE: https://git.ffmpeg.org/gitweb/ffmpeg.git/commit/894995c41e0795c7a44f81adc4838dedc3932e65
	- libav <removed>
	[jessie] - libav <not-affected> (Vulnerable code not present)
CVE-2019-9720 (A stack-based buffer overflow in the subtitle decoder in Libav 12.3 al ...)
	- libav <removed> (unimportant)
	NOTE: Actual vulnerability description is (https://lgtm.com/security/):
	NOTE: "Denial of service due to quadratic call to strstr in srtdec.c"
	NOTE: Using strstr is not an actual DoS
CVE-2019-9719 (** DISPUTED ** A stack-based buffer overflow in the subtitle decoder i ...)
	- libav <unfixed> (unimportant)
	NOTE: Generic low-certainty warning about snprintf usage without rationale
CVE-2019-9718 (In FFmpeg 4.1, a denial of service in the subtitle decoder allows atta ...)
	{DSA-4449-1}
	- ffmpeg 7:4.1.3-1 (low; bug #926666)
	NOTE: https://git.ffmpeg.org/gitweb/ffmpeg.git/commit/1f00c97bc3475c477f3c468cf2d924d5761d0982
	- libav <removed>
	[jessie] - libav <not-affected> (Vulnerable code not present)
CVE-2019-9717 (In Libav 12.3, a denial of service in the subtitle decoder allows atta ...)
	- libav <removed> (unimportant)
	NOTE: Non-trivial sscanf format is not an actual DoS
CVE-2019-9716
	RESERVED
CVE-2019-9715
	RESERVED
CVE-2019-9714 (An issue was discovered in Joomla! before 3.9.4. The media form field  ...)
	NOT-FOR-US: Joomla!
CVE-2019-9713 (An issue was discovered in Joomla! before 3.9.4. The sample data plugi ...)
	NOT-FOR-US: Joomla!
CVE-2019-9712 (An issue was discovered in Joomla! before 3.9.4. The JSON handler in c ...)
	NOT-FOR-US: Joomla!
CVE-2019-9711 (An issue was discovered in Joomla! before 3.9.4. The item_title layout ...)
	NOT-FOR-US: Joomla!
CVE-2019-9710 (An issue was discovered in webargs before 5.1.3, as used with marshmal ...)
	NOT-FOR-US: webargs
CVE-2019-9709 (An issue was discovered in Mahara 17.10 before 17.10.8, 18.04 before 1 ...)
	- mahara <removed>
CVE-2019-9708 (An issue was discovered in Mahara 17.10 before 17.10.8, 18.04 before 1 ...)
	- mahara <removed>
CVE-2019-9707
	RESERVED
CVE-2019-9705 (Vixie Cron before the 3.0pl1-133 Debian package allows local users to  ...)
	{DLA-1723-1}
	- cron 3.0pl1-133 (low)
	[stretch] - cron <no-dsa> (Minor issue, will be fixed via point update)
	NOTE: Fixed by: https://salsa.debian.org/debian/cron/commit/26814a26
CVE-2019-9706 (Vixie Cron before the 3.0pl1-133 Debian package allows local users to  ...)
	{DLA-1723-1}
	- cron 3.0pl1-133 (bug #809167)
	[stretch] - cron <no-dsa> (Minor issue, will be fixed via point update)
	NOTE: Fixed by: https://salsa.debian.org/debian/cron/commit/40791b93
CVE-2019-9704 (Vixie Cron before the 3.0pl1-133 Debian package allows local users to  ...)
	{DLA-1723-1}
	- cron 3.0pl1-133 (low)
	[stretch] - cron <no-dsa> (Minor issue, will be fixed via point update)
	NOTE: Fixed by: https://salsa.debian.org/debian/cron/commit/f2525567
CVE-2019-9703 (Symantec Endpoint Encryption, prior to SEE 11.3.0, may be susceptible  ...)
	NOT-FOR-US: Symantec
CVE-2019-9702 (Symantec Endpoint Encryption, prior to SEE 11.3.0, may be susceptible  ...)
	NOT-FOR-US: Symantec
CVE-2019-9701 (DLP 15.5 MP1 and all prior versions may be susceptible to a cross-site ...)
	NOT-FOR-US: DLP (Symantec)
CVE-2019-9700 (Norton Password Manager, prior to 6.3.0.2082, may be susceptible to an ...)
	NOT-FOR-US: Norton Password Manager
CVE-2019-9699 (Symantec Messaging Gateway (prior to 10.7.0), may be susceptible to an ...)
	NOT-FOR-US: Symantec
CVE-2019-9698 (Symantec AV Engine, prior to 13.0.9r17, may be susceptible to an arbit ...)
	NOT-FOR-US: Symantec
CVE-2019-9697 (An information disclosure vulnerability in the Management Center (MC)  ...)
	NOT-FOR-US: Symantec
CVE-2019-9696 (Symantec VIP Enterprise Gateway (all versions) may be susceptible to a ...)
	NOT-FOR-US: Symantec
CVE-2019-9695 (Norton Core prior to v278 may be susceptible to an arbitrary code exec ...)
	NOT-FOR-US: Norton Core
CVE-2019-9694 (Symantec Endpoint Encryption prior to SEE 11.2.1 MP1 may be susceptibl ...)
	NOT-FOR-US: Symantec
CVE-2019-9693 (In CMS Made Simple (CMSMS) before 2.2.10, an authenticated user can ac ...)
	NOT-FOR-US: CMS Made Simple
CVE-2019-9692 (class.showtime2_image.php in CMS Made Simple (CMSMS) before 2.2.10 doe ...)
	NOT-FOR-US: CMS Made Simple
CVE-2019-9691
	RESERVED
CVE-2019-9690
	RESERVED
CVE-2019-9689 (process_certificate in tls1.c in Cameron Hamilton-Rich axTLS through 2 ...)
	- axtls <unfixed> (bug #953326)
CVE-2019-9688 (sftnow through 2018-12-29 allows index.php?g=Admin&amp;m=User&amp;a=ad ...)
	NOT-FOR-US: sftnow
CVE-2019-9687 (PoDoFo 0.9.6 has a heap-based buffer overflow in PdfString::ConvertUTF ...)
	- libpodofo 0.9.6+dfsg-5 (bug #924430)
	[stretch] - libpodofo <no-dsa> (Minor issue)
	[jessie] - libpodofo <no-dsa> (Minor issue)
	NOTE: https://sourceforge.net/p/podofo/code/1969
CVE-2019-9686 (pacman before 5.1.3 allows directory traversal when installing a remot ...)
	NOT-FOR-US: pacman package manager for arch, different from src:pacman
CVE-2019-9685
	RESERVED
CVE-2019-9684
	RESERVED
CVE-2019-9683
	RESERVED
CVE-2019-9682
	RESERVED
CVE-2019-9681 (Online upgrade information in some firmware packages of Dahua products ...)
	NOT-FOR-US: Dahua
CVE-2019-9680 (Some Dahua products have information leakage issues. Attackers can obt ...)
	NOT-FOR-US: Dahua
CVE-2019-9679 (Some of Dahua's Debug functions do not have permission separation. Low ...)
	NOT-FOR-US: Dahua
CVE-2019-9678 (Some Dahua products have the problem of denial of service during the l ...)
	NOT-FOR-US: Dahua
CVE-2019-9677 (The specific fields of CGI interface of some Dahua products are not st ...)
	NOT-FOR-US: Dahua
CVE-2019-9676 (Buffer overflow vulnerability found in some Dahua IP Camera devices IP ...)
	NOT-FOR-US: Dahua IP Camera devices
CVE-2019-9675 (** DISPUTED ** An issue was discovered in PHP 7.x before 7.1.27 and 7. ...)
	{DSA-4403-1}
	- php7.3 7.3.3-1 (unimportant)
	- php7.0 <removed> (unimportant)
	- php5 <removed> (unimportant)
	NOTE: Fixed in 7.1.27, 7.3.3
	NOTE: PHP Bug: https://bugs.php.net/bug.php?id=77586
CVE-2019-9674 (Lib/zipfile.py in Python through 3.7.2 allows remote attackers to caus ...)
	- python3.8 <unfixed> (unimportant)
	- python3.7 <unfixed> (unimportant)
	- python3.5 <removed> (unimportant)
	- python3.4 <removed> (unimportant)
	- python2.7 <unfixed> (unimportant)
	NOTE: https://bugs.python.org/issue36260
	NOTE: https://bugs.python.org/issue36462
	NOTE: Improved documentation: https://github.com/python/cpython/commit/3ba51d587f6897a45301ce9126300c14fcd4eba2
CVE-2019-9673 (Freenet 1483 has a MIME type bypass that allows arbitrary JavaScript e ...)
	NOT-FOR-US: Freenet
CVE-2019-9672
	RESERVED
CVE-2019-9671
	RESERVED
CVE-2019-9670 (mailboxd component in Synacor Zimbra Collaboration Suite 8.7.x before  ...)
	NOT-FOR-US: Synacor Zimbra Collaboration Suite
CVE-2019-9669 (The Wordfence plugin 7.2.3 for WordPress allows XSS via a unique attac ...)
	NOT-FOR-US: Wordfence plugin for WordPress
CVE-2019-9668 (An issue was discovered in rovinbhandari FTP through 2012-03-28. recei ...)
	NOT-FOR-US: rovinbhandari FTP
CVE-2019-9667
	RESERVED
CVE-2019-9666
	RESERVED
CVE-2019-9665
	RESERVED
CVE-2019-9664
	RESERVED
CVE-2019-9663
	RESERVED
CVE-2019-9662 (An issue was discovered in JTBC(PHP) 3.0.1.8. Its cache management mod ...)
	NOT-FOR-US: JTBC(PHP)
CVE-2019-9661 (Stored XSS exists in YzmCMS 5.2 via the admin/system_manage/user_confi ...)
	NOT-FOR-US: YzmCMS
CVE-2019-9660 (Stored XSS exists in YzmCMS 5.2 via the admin/category/edit.html "catn ...)
	NOT-FOR-US: YzmCMS
CVE-2019-9659 (The Chuango 433 MHz burglar-alarm product line uses static codes in th ...)
	NOT-FOR-US: Chuango
CVE-2019-10782 (All versions of com.puppycrawl.tools:checkstyle before 8.29 are vulner ...)
	{DLA-2099-1}
	- checkstyle 8.29-1
	[buster] - checkstyle <not-affected> (Incomplete fix for CVE-2019-9658 not applied)
	[stretch] - checkstyle <not-affected> (Incomplete fix for CVE-2019-9658 not applied)
	NOTE: https://snyk.io/vuln/SNYK-JAVA-COMPUPPYCRAWLTOOLS-543266
	NOTE: https://github.com/checkstyle/checkstyle/issues/7468
	NOTE: https://github.com/checkstyle/checkstyle/security/advisories/GHSA-763g-fqq7-48wg
CVE-2019-9658 (Checkstyle before 8.18 loads external DTDs by default. ...)
	{DLA-1768-1}
	- checkstyle 8.26-1 (low; bug #924598)
	[buster] - checkstyle <no-dsa> (Minor issue)
	[stretch] - checkstyle <no-dsa> (Minor issue)
	NOTE: https://github.com/checkstyle/checkstyle/issues/6474
	NOTE: https://github.com/checkstyle/checkstyle/issues/6478
	NOTE: https://github.com/checkstyle/checkstyle/pull/6476
	NOTE: https://github.com/checkstyle/checkstyle/commit/180b4fe37a2249d4489d584505f2b7b3ab162ec6
	NOTE: When fixing this issue make sure to apply the complete fix to not open
	NOTE: CVE-2019-10782.
CVE-2019-9657 (Alarm.com ADC-V522IR 0100b9 devices have Incorrect Access Control, a d ...)
	NOT-FOR-US: Alarm.com ADC-V522IR 0100b9 devices
CVE-2019-9656 (An issue was discovered in LibOFX 0.9.14. There is a NULL pointer dere ...)
	{DLA-2001-1}
	- libofx 1:0.9.15-1 (unimportant; bug #924350)
	[buster] - libofx 1:0.9.14-1+deb10u1
	[stretch] - libofx 1:0.9.10-2+deb9u2
	NOTE: https://github.com/libofx/libofx/issues/22
	NOTE: Negligible security impact
CVE-2019-9655
	RESERVED
CVE-2019-9654
	RESERVED
CVE-2019-9653 (NUUO Network Video Recorder Firmware 1.7.x through 3.3.x allows unauth ...)
	NOT-FOR-US: NUUO Network Video Recorder Firmware
CVE-2019-9652 (There is a CSRF in SDCMS V1.7 via an m=admin&amp;c=theme&amp;a=edit re ...)
	NOT-FOR-US: SDCMS
CVE-2019-9651 (An issue was discovered in SDCMS V1.7. In the \app\admin\controller\th ...)
	NOT-FOR-US: SDCMS
CVE-2019-9650 (An XSS issue was discovered in upcoming_events.php in the Upcoming Eve ...)
	NOT-FOR-US: MyBB plugin
CVE-2019-9649 (An issue was discovered in the SFTP Server component in Core FTP 2.0 B ...)
	NOT-FOR-US: Core FTP
CVE-2019-9648 (An issue was discovered in the SFTP Server component in Core FTP 2.0 B ...)
	NOT-FOR-US: Core FTP
CVE-2019-9647 (Gila CMS 1.9.1 has XSS. ...)
	NOT-FOR-US: Gila CMS
CVE-2019-9645
	RESERVED
CVE-2019-9646 (The Contact Form Email plugin before 1.2.66 for WordPress allows wp-ad ...)
	NOT-FOR-US: WordPress plugin contact-form-to-email
CVE-2019-9644 (An XSSI (cross-site inclusion) vulnerability in Jupyter Notebook befor ...)
	- jupyter-notebook 5.7.8-1 (bug #924515)
	NOTE: https://github.com/jupyter/notebook/commit/cfc335b76466ccf1538ce545b654b29b5ab0097c
	NOTE: https://github.com/jupyter/notebook/commit/b5105814fc41c6d789b317fa59f786bad7f9d798
	NOTE: https://github.com/jupyter/notebook/commit/bfaa61385729ed4fb453863053f9a79141f01119
CVE-2019-9643
	RESERVED
CVE-2019-9642 (An issue was discovered in proxy.php in pydio-core in Pydio through 8. ...)
	- extplorer <removed>
CVE-2019-9636 (Python 2.7.x through 2.7.16 and 3.x through 3.7.2 is affected by: Impr ...)
	{DLA-1835-1 DLA-1834-1}
	- python3.7 3.7.3~rc1-1 (bug #924072)
	- python3.6 <removed>
	- python3.5 <removed>
	- python3.4 <removed>
	- python2.7 2.7.16-2 (bug #924073)
	[stretch] - python2.7 <no-dsa> (Minor issue)
	NOTE: https://bugs.python.org/issue36216
	NOTE: https://github.com/python/cpython/pull/12201
	NOTE: https://python-security.readthedocs.io/vuln/urlsplit-nfkc-normalization.html
	NOTE: https://github.com/python/cpython/commit/daad2c482c91de32d8305abbccc76a5de8b3a8be (3.7.x)
	NOTE: https://github.com/python/cpython/commit/e37ef41289b77e0f0bb9a6aedb0360664c55bdd5 (2.7.x)
	NOTE: Regression fix: https://bugs.python.org/issue36742
	NOTE: When fixing this issue make sure to not open CVE-2019-10160.
CVE-2019-9635 (NULL pointer dereference in Google TensorFlow before 1.12.2 could caus ...)
	- tensorflow <itp> (bug #804612)
CVE-2019-1003039 (An insufficiently protected credentials vulnerability exists in Jenkin ...)
	NOT-FOR-US: Jenkins plugin
CVE-2019-1003038 (An insufficiently protected credentials vulnerability exists in Jenkin ...)
	NOT-FOR-US: Jenkins plugin
CVE-2019-1003037 (An information exposure vulnerability exists in Jenkins Azure VM Agent ...)
	NOT-FOR-US: Jenkins plugin
CVE-2019-1003036 (A data modification vulnerability exists in Jenkins Azure VM Agents Pl ...)
	NOT-FOR-US: Jenkins plugin
CVE-2019-1003035 (An information exposure vulnerability exists in Jenkins Azure VM Agent ...)
	NOT-FOR-US: Jenkins plugin
CVE-2019-1003034 (A sandbox bypass vulnerability exists in Jenkins Job DSL Plugin 1.71 a ...)
	NOT-FOR-US: Jenkins plugin
CVE-2019-1003033 (A sandbox bypass vulnerability exists in Jenkins Groovy Plugin 2.1 and ...)
	NOT-FOR-US: Jenkins plugin
CVE-2019-1003032 (A sandbox bypass vulnerability exists in Jenkins Email Extension Plugi ...)
	NOT-FOR-US: Jenkins plugin
CVE-2019-1003031 (A sandbox bypass vulnerability exists in Jenkins Matrix Project Plugin ...)
	NOT-FOR-US: Jenkins plugin
CVE-2019-1003030 (A sandbox bypass vulnerability exists in Jenkins Pipeline: Groovy Plug ...)
	NOT-FOR-US: Jenkins plugin
CVE-2019-1003029 (A sandbox bypass vulnerability exists in Jenkins Script Security Plugi ...)
	NOT-FOR-US: Jenkins plugin
CVE-2019-9634 (Go through 1.12 on Windows misuses certain LoadLibrary functionality,  ...)
	- golang-1.12 <not-affected> (Only affects Go on Windows)
	- golang-1.11 <not-affected> (Only affects Go on Windows)
	- golang-1.10 <not-affected> (Only affects Go on Windows)
CVE-2019-9637 (An issue was discovered in PHP before 7.1.27, 7.2.x before 7.2.16, and ...)
	{DSA-4403-1 DLA-1741-1}
	- php7.3 7.3.3-1
	- php7.0 <removed>
	- php5 <removed>
	NOTE: Fixed in 7.1.27, 7.2.16, 7.3.3
	NOTE: PHP Bug: https://bugs.php.net/bug.php?id=77630
CVE-2019-9641 (An issue was discovered in the EXIF component in PHP before 7.1.27, 7. ...)
	{DSA-4403-1 DLA-1741-1}
	- php7.3 7.3.3-1
	- php7.0 <removed>
	- php5 <removed>
	NOTE: Fixed in 7.1.27, 7.2.16, 7.3.3
	NOTE: PHP Bug: https://bugs.php.net/bug.php?id=77509
CVE-2019-9640 (An issue was discovered in the EXIF component in PHP before 7.1.27, 7. ...)
	{DSA-4403-1 DLA-1741-1}
	- php7.3 7.3.3-1
	- php7.0 <removed>
	- php5 <removed>
	NOTE: Fixed in 7.1.27, 7.2.16, 7.3.3
	NOTE: PHP Bug: https://bugs.php.net/bug.php?id=77540
CVE-2019-9639 (An issue was discovered in the EXIF component in PHP before 7.1.27, 7. ...)
	{DSA-4403-1 DLA-1741-1}
	- php7.3 7.3.3-1 (unimportant)
	- php7.0 <removed> (unimportant)
	- php5 <removed> (unimportant)
	NOTE: Fixed in 7.1.27, 7.2.16, 7.3.3
	NOTE: PHP Bug: https://bugs.php.net/bug.php?id=77659
CVE-2019-9638 (An issue was discovered in the EXIF component in PHP before 7.1.27, 7. ...)
	{DSA-4403-1 DLA-1741-1}
	- php7.3 7.3.3-1
	- php7.0 <removed>
	- php5 <removed>
	NOTE: Fixed in 7.1.27, 7.2.16, 7.3.3
	NOTE: PHP Bug: https://bugs.php.net/bug.php?id=77563
CVE-2019-9633 (gio/gsocketclient.c in GNOME GLib 2.59.2 does not ensure that a parent ...)
	- glib2.0 <not-affected> (Vulnerable code introduced in 2.59.1, cf #924344)
	NOTE: https://gitlab.gnome.org/GNOME/glib/issues/1649
	NOTE: https://gitlab.gnome.org/GNOME/glib/commit/d553d92d6e9f53cbe5a34166fcb919ba652c6a8e (2.59.2)
	NOTE: Issue only in 2.59.1 and fixed in 2.59.2.
CVE-2019-9632 (ESAFENET CDG V3 and V5 has an arbitrary file download vulnerability vi ...)
	NOT-FOR-US: ESAFENET CDG
CVE-2019-9631 (Poppler 0.74.0 has a heap-based buffer over-read in the CairoRescaleBo ...)
	{DLA-1752-1}
	- poppler 0.71.0-4 (bug #926673)
	NOTE: https://gitlab.freedesktop.org/poppler/poppler/issues/736
	NOTE: https://gitlab.freedesktop.org/poppler/poppler/commit/8122f6d6d409b53151a20c5578fc525ee97315e8
CVE-2019-9630 (Sonatype Nexus Repository Manager before 3.17.0 has a weak default of  ...)
	NOT-FOR-US: Sonatype Nexus Repository Manager
CVE-2019-9629 (Sonatype Nexus Repository Manager before 3.17.0 establishes a default  ...)
	NOT-FOR-US: Sonatype Nexus Repository Manager
CVE-2019-9628 (The XMLTooling library all versions prior to V3.0.4, provided with the ...)
	{DSA-4407-1 DLA-1710-1}
	- xmltooling 3.0.4-1 (bug #924346)
	NOTE: https://shibboleth.net/community/advisories/secadv_20190311.txt
	NOTE: https://issues.shibboleth.net/jira/browse/CPPXT-143
	NOTE: https://git.shibboleth.net/view/?p=cpp-xmltooling.git;a=commit;h=af27c422f551e16989ff6f1722d83614c8550eb5
CVE-2019-9627 (A buffer overflow in the kernel driver CybKernelTracker.sys in CyberAr ...)
	NOT-FOR-US: CyberArk Endpoint Privilege Manager
CVE-2019-9626 (PHPSHE 1.7 allows module/index/cart.php pintuan_id SQL Injection to in ...)
	NOT-FOR-US: PHPSHE
CVE-2019-9625 (JBMC DirectAdmin 1.55 allows CSRF via the /CMD_ACCOUNT_ADMIN URI to cr ...)
	NOT-FOR-US: JBMC DirectAdmin
CVE-2019-XXXX [high memory usage with some long running sessions]
	- proftpd-dfsg 1.3.5d-1 (bug #923926)
	[stretch] - proftpd-dfsg <ignored> (Minor issue)
	[jessie] - proftpd-dfsg 1.3.5e-0+deb8u1
	NOTE: https://github.com/proftpd/proftpd/issues/330#issuecomment-276891713
	NOTE: https://forum.armbian.com/topic/9692-nanopi-neo-2-memory-leak-in-proftpd-even-worse-if-ssl-encrypted/?do=findComment&comment=73069
CVE-2019-9624 (Webmin 1.900 allows remote attackers to execute arbitrary code by leve ...)
	- webmin <removed>
CVE-2019-9623 (Feng Office 3.7.0.5 allows remote attackers to execute arbitrary code  ...)
	NOT-FOR-US: Feng Office
CVE-2019-9622 (eBrigade through 4.5 allows Arbitrary File Download via ../ directory  ...)
	NOT-FOR-US: eBrigade
CVE-2019-9621 (Zimbra Collaboration Suite before 8.6 patch 13, 8.7.x before 8.7.11 pa ...)
	NOT-FOR-US: Zimbra
CVE-2019-9620
	RESERVED
CVE-2019-9619
	REJECTED
CVE-2019-9618 (The GraceMedia Media Player plugin 1.0 for WordPress allows Local File ...)
	NOT-FOR-US: GraceMedia Media Player plugin for WordPress
CVE-2019-9617 (An issue was discovered in OFCMS before 1.1.3. Remote attackers can ex ...)
	NOT-FOR-US: OFCMS
CVE-2019-9616 (An issue was discovered in OFCMS before 1.1.3. Remote attackers can ex ...)
	NOT-FOR-US: OFCMS
CVE-2019-9615 (An issue was discovered in OFCMS before 1.1.3. It allows admin/system/ ...)
	NOT-FOR-US: OFCMS
CVE-2019-9614 (An issue was discovered in OFCMS before 1.1.3. A command execution vul ...)
	NOT-FOR-US: OFCMS
CVE-2019-9613 (An issue was discovered in OFCMS before 1.1.3. Remote attackers can ex ...)
	NOT-FOR-US: OFCMS
CVE-2019-9612 (An issue was discovered in OFCMS before 1.1.3. Remote attackers can ex ...)
	NOT-FOR-US: OFCMS
CVE-2019-9611 (An issue was discovered in OFCMS before 1.1.3. It allows admin/cms/tem ...)
	NOT-FOR-US: OFCMS
CVE-2019-9610 (An issue was discovered in OFCMS before 1.1.3. It has admin/cms/templa ...)
	NOT-FOR-US: OFCMS
CVE-2019-9609 (An issue was discovered in OFCMS before 1.1.3. Remote attackers can ex ...)
	NOT-FOR-US: OFCMS
CVE-2019-9608 (An issue was discovered in OFCMS before 1.1.3. Remote attackers can ex ...)
	NOT-FOR-US: OFCMS
CVE-2019-9607 (PHP Scripts Mall Medical Store Script 3.0.3 allows Path Traversal by n ...)
	NOT-FOR-US: PHP Scripts Mall Medical Store Script
CVE-2019-9606 (PHP Scripts Mall Personal Video Collection Script 4.0.4 has Stored XSS ...)
	NOT-FOR-US: PHP Scripts Mall Personal Video Collection Script
CVE-2019-9605 (PHP Scripts Mall Online Lottery PHP Readymade Script 1.7.0 has Reflect ...)
	NOT-FOR-US: PHP Scripts Mall Online Lottery PHP Readymade Script
CVE-2019-9604 (PHP Scripts Mall Online Lottery PHP Readymade Script 1.7.0 has Cross-S ...)
	NOT-FOR-US: PHP Scripts Mall Online Lottery PHP Readymade Script
CVE-2019-9603 (MiniCMS 1.10 allows mc-admin/post.php?state=publish&amp;delete= CSRF t ...)
	NOT-FOR-US: MiniCMS
CVE-2019-9602
	RESERVED
CVE-2019-9601 (The ApowerManager application through 3.1.7 for Android allows remote  ...)
	NOT-FOR-US: ApowerManager application for Android
CVE-2019-9600 (The Olive Tree FTP Server (aka com.theolivetree.ftpserver) application ...)
	NOT-FOR-US: Olive Tree FTP Server application for Android
CVE-2019-9599 (The AirDroid application through 4.2.1.6 for Android allows remote att ...)
	NOT-FOR-US: AirDroid application for Android
CVE-2019-9598 (An issue was discovered in Cscms 4.1.0. There is an admin.php/pay CSRF ...)
	NOT-FOR-US: Cscms
CVE-2019-9597 (Darktrace Enterprise Immune System before 3.1 allows CSRF via the /con ...)
	NOT-FOR-US: Darktrace Enterprise Immune System
CVE-2019-9596 (Darktrace Enterprise Immune System before 3.1 allows CSRF via the /whi ...)
	NOT-FOR-US: Darktrace Enterprise Immune System
CVE-2019-9595 (AppCMS 2.0.101 allows XSS via the upload/callback.php params parameter ...)
	NOT-FOR-US: AppCMS
CVE-2019-9594 (BlueCMS 1.6 allows SQL Injection via the user_id parameter in an uploa ...)
	NOT-FOR-US: BlueCMS
CVE-2019-9593 (A reflected Cross-site scripting (XSS) vulnerability in ShoreTel Conne ...)
	NOT-FOR-US: ShoreTel Connect
CVE-2019-9592 (A reflected Cross-site scripting (XSS) vulnerability in ShoreTel Conne ...)
	NOT-FOR-US: ShoreTel Connect
CVE-2019-9591 (A reflected Cross-site scripting (XSS) vulnerability in ShoreTel Conne ...)
	NOT-FOR-US: ShoreTel Connect
CVE-2019-9590 (An issue was discovered on TENGCONTROL T-920 PLC v5.5 devices. It allo ...)
	NOT-FOR-US: TENGCONTROL devices
CVE-2019-9589 (There is a NULL pointer dereference vulnerability in PSOutputDev::setu ...)
	- xpdf <not-affected> (xpdf in Debian uses poppler, which doesn't contain the vulnerable code)
CVE-2019-9588 (There is an Invalid memory access in gAtomicIncrement() located at GMu ...)
	- xpdf <not-affected> (xpdf in Debian uses poppler, which doesn't contain the vulnerable code)
CVE-2019-9587 (There is a stack consumption issue in md5Round1() located in Decrypt.c ...)
	- xpdf <not-affected> (xpdf in Debian uses poppler, which is not affected or fixed)
CVE-2019-9586
	RESERVED
CVE-2019-9585 (eQ-3 Homematic CCU2 prior to 2.47.10 and CCU3 prior to 3.47.10 JSON AP ...)
	NOT-FOR-US: eQ-3 Homematic
CVE-2019-9584 (eQ-3 Homematic AddOn 'CloudMatic' on CCU2 and CCU3 allows uncontrolled ...)
	NOT-FOR-US: eQ-3 Homematic
CVE-2019-9583 (eQ-3 Homematic CCU2 and CCU3 obtain session IDs without login. This al ...)
	NOT-FOR-US: eQ-3 Homematic
CVE-2019-9582 (eQ-3 Homematic CCU2 outdated base software packages allows Denial of S ...)
	NOT-FOR-US: eQ-3 Homematic
CVE-2019-9581 (phpscheduleit Booked Scheduler 2.7.5 allows arbitrary file upload via  ...)
	NOT-FOR-US: phpscheduleit Booked Scheduler
CVE-2019-9580 (In st2web in StackStorm Web UI before 2.9.3 and 2.10.x before 2.10.3,  ...)
	NOT-FOR-US: StackStorm
CVE-2019-9579
	RESERVED
CVE-2019-9578 (In devs.c in Yubico libu2f-host before 1.1.8, the response to init is  ...)
	- libu2f-host 1.1.9-1 (low; bug #923874)
	[stretch] - libu2f-host 1.1.2-2+deb9u2
	NOTE: https://github.com/Yubico/libu2f-host/commit/e4bb58cc8b6202a421e65f8230217d8ae6e16eb5
CVE-2019-9577
	RESERVED
CVE-2019-17350 (An issue was discovered in Xen through 4.12.x allowing Arm domU attack ...)
	{DSA-4602-1}
	- xen 4.11.3+24-g14b62ab3e5-1
	[jessie] - xen <end-of-life> (Not supported in jessie LTS)
	NOTE: https://xenbits.xen.org/xsa/advisory-295.html
CVE-2019-17349 (An issue was discovered in Xen through 4.12.x allowing Arm domU attack ...)
	{DSA-4602-1}
	- xen 4.11.3+24-g14b62ab3e5-1
	[jessie] - xen <end-of-life> (Not supported in jessie LTS)
	NOTE: https://xenbits.xen.org/xsa/advisory-295.html
CVE-2019-17348 (An issue was discovered in Xen through 4.11.x allowing x86 PV guest OS ...)
	- xen 4.11.1+92-g6c33308a8d-1 (bug #929992)
	[stretch] - xen 4.8.5.final+shim4.10.4-1+deb9u12
	[jessie] - xen <not-affected> (PCID support not backported)
	NOTE: https://xenbits.xen.org/xsa/advisory-294.html
CVE-2019-17347 (An issue was discovered in Xen through 4.11.x allowing x86 PV guest OS ...)
	- xen 4.11.1+92-g6c33308a8d-1 (bug #929999)
	[stretch] - xen 4.8.5.final+shim4.10.4-1+deb9u12
	[jessie] - xen <end-of-life> (Not supported in jessie LTS)
	NOTE: https://xenbits.xen.org/xsa/advisory-293.html
CVE-2019-17346 (An issue was discovered in Xen through 4.11.x allowing x86 PV guest OS ...)
	- xen 4.11.1+92-g6c33308a8d-1 (bug #929993)
	[stretch] - xen 4.8.5.final+shim4.10.4-1+deb9u12
	[jessie] - xen <not-affected> (PCID support not backported)
	NOTE: https://xenbits.xen.org/xsa/advisory-292.html
CVE-2019-17345 (An issue was discovered in Xen 4.8.x through 4.11.x allowing x86 PV gu ...)
	- xen 4.11.1+92-g6c33308a8d-1 (bug #929995)
	[stretch] - xen 4.8.5.final+shim4.10.4-1+deb9u12
	[jessie] - xen <not-affected> (only 4.8 and later affected)
	NOTE: https://xenbits.xen.org/xsa/advisory-291.html
CVE-2019-17344 (An issue was discovered in Xen through 4.11.x allowing x86 PV guest OS ...)
	- xen 4.11.1+92-g6c33308a8d-1 (bug #929996)
	[stretch] - xen 4.8.5.final+shim4.10.4-1+deb9u12
	[jessie] - xen <not-affected> (Introduced by ignored fix for CVE-2018-3646)
	NOTE: https://xenbits.xen.org/xsa/advisory-290.html
CVE-2019-17343 (An issue was discovered in Xen through 4.11.x allowing x86 PV guest OS ...)
	{DLA-1949-1}
	- xen 4.11.1+92-g6c33308a8d-1 (bug #929994)
	[stretch] - xen 4.8.5.final+shim4.10.4-1+deb9u12
	NOTE: https://xenbits.xen.org/xsa/advisory-288.html
CVE-2019-17342 (An issue was discovered in Xen through 4.11.x allowing x86 PV guest OS ...)
	{DLA-1949-1}
	- xen 4.11.1+92-g6c33308a8d-1 (bug #930001)
	[stretch] - xen 4.8.5.final+shim4.10.4-1+deb9u12
	NOTE: https://xenbits.xen.org/xsa/advisory-287.html
CVE-2019-17341 (An issue was discovered in Xen through 4.11.x allowing x86 PV guest OS ...)
	{DLA-1949-1}
	- xen 4.11.1+92-g6c33308a8d-1 (bug #929998)
	[stretch] - xen 4.8.5.final+shim4.10.4-1+deb9u12
	NOTE: https://xenbits.xen.org/xsa/advisory-285.html
CVE-2019-17340 (An issue was discovered in Xen through 4.11.x allowing x86 guest OS us ...)
	- xen 4.11.1+92-g6c33308a8d-1 (bug #929991)
	[stretch] - xen 4.8.5.final+shim4.10.4-1+deb9u12
	[jessie] - xen <ignored> (memory leak on huge memory machines)
	NOTE: https://xenbits.xen.org/xsa/advisory-284.html
CVE-2019-9576 (The Blog2Social plugin before 5.0.3 for WordPress allows wp-admin/admi ...)
	NOT-FOR-US: WordPress plugin blog2social
CVE-2019-9575 (The Quiz And Survey Master plugin 6.0.4 for WordPress allows wp-admin/ ...)
	NOT-FOR-US: WordPress plugin quiz-master-next
CVE-2019-9574 (The WP Human Resource Management plugin before 2.2.6 for WordPress doe ...)
	NOT-FOR-US: WordPress plugin hrm
CVE-2019-9573 (The WP Human Resource Management plugin before 2.2.6 for WordPress mis ...)
	NOT-FOR-US: WordPress plugin hrm
CVE-2019-9572 (SchoolCMS version 2.3.1 allows file upload via the theme upload featur ...)
	NOT-FOR-US: SchoolCMS
CVE-2019-9571
	RESERVED
CVE-2019-9570 (An issue was discovered in YzmCMS 5.2.0. It has XSS via the bottom tex ...)
	NOT-FOR-US: YzmCMS
CVE-2019-9569 (Buffer Overflow in dactetra in Delta Controls enteliBUS Manager V3.40_ ...)
	NOT-FOR-US: Delta Controls enteliBUS Manager
CVE-2019-9568 (The "Forminator Contact Form, Poll &amp; Quiz Builder" plugin before 1 ...)
	NOT-FOR-US: WordPress plugin forminator
CVE-2019-9567 (The "Forminator Contact Form, Poll &amp; Quiz Builder" plugin before 1 ...)
	NOT-FOR-US: WordPress plugin forminator
CVE-2019-9566 (FlarumChina v0.1.0-beta.7C has SQL injection via a /?q= request. ...)
	NOT-FOR-US: FlarumChina
CVE-2019-9565 (Druide Antidote RX, HD, 8 before 8.05.2287, 9 before 9.5.3937 and 10 b ...)
	NOT-FOR-US: Druide Antidote
CVE-2019-9564
	RESERVED
CVE-2019-9563 (In BlueMind 3.5.x before 3.5.11 Hotfix 7 and 4.x before 4.0-beta3, the ...)
	NOT-FOR-US: BlueMind
CVE-2019-9562
	RESERVED
CVE-2019-9561
	RESERVED
CVE-2019-9560
	RESERVED
CVE-2019-9559
	RESERVED
CVE-2019-9558 (Mailtraq WebMail version 2.17.7.3550 has Persistent Cross Site Scripti ...)
	NOT-FOR-US: Mailtraq WebMail
CVE-2019-9557 (Ability Mail Server 4.2.6 has Persistent Cross Site Scripting (XSS) vi ...)
	NOT-FOR-US: Ability Mail Server
CVE-2019-9556 (FiberHome an5506-04-f RP2669 devices have XSS. ...)
	NOT-FOR-US: FiberHome an5506-04-f RP2669 devices
CVE-2019-9555 (Sagemcom F@st 5260 routers using firmware version 0.4.39, in WPA mode, ...)
	NOT-FOR-US: Sagemcom routers
CVE-2019-9554 (In the 3.1.12 Pro version of Craft CMS, XSS has been discovered in the ...)
	NOT-FOR-US: Craft CMS
CVE-2019-9553 (Bolt 3.6.4 has XSS via the slug, teaser, or title parameter to editcon ...)
	NOT-FOR-US: Bolt CMS
CVE-2019-9552 (Eloan V3.0 through 2018-09-20 allows remote attackers to list files vi ...)
	NOT-FOR-US: Eloan
CVE-2019-9551 (An issue was discovered in DOYO (aka doyocms) 2.3 through 2015-05-06.  ...)
	NOT-FOR-US: doyocms
CVE-2019-9550 (DhCms through 2017-09-18 has admin.php?r=admin/Index/index XSS. ...)
	NOT-FOR-US: DhCms
CVE-2019-9549 (An issue was discovered in PopojiCMS v2.0.1. It has CSRF via the po-ad ...)
	NOT-FOR-US: PopojiCMS
CVE-2019-12439 (bubblewrap.c in Bubblewrap before 0.3.3 misuses temporary directories  ...)
	- bubblewrap 0.3.1-3 (unimportant; bug #923557)
	NOTE: https://github.com/projectatomic/bubblewrap/issues/304
	NOTE: Negligable security impact
CVE-2019-1002100 (In all Kubernetes versions prior to v1.11.8, v1.12.6, and v1.13.4, use ...)
	- kubernetes 1.17.4-1 (bug #923686)
	NOTE: https://github.com/kubernetes/kubernetes/issues/74534
	NOTE: https://github.com/kubernetes/kubernetes/pull/74000
CVE-2019-9548 (Citrix Application Delivery Management (ADM) 12.1.x before 12.1.50.33  ...)
	NOT-FOR-US: Citrix Application Delivery Management
CVE-2019-9547 (In Storage Performance Development Kit (SPDK) before 19.01, a maliciou ...)
	NOT-FOR-US: Storage Performance Development Kit (SPDK)
CVE-2019-9546 (SolarWinds Orion Platform before 2018.4 Hotfix 2 allows privilege esca ...)
	NOT-FOR-US: SolarWinds Orion Platform
CVE-2019-9545 (An issue was discovered in Poppler 0.74.0. A recursive function call,  ...)
	- poppler <unfixed> (low; bug #923552)
	[buster] - poppler <ignored> (Minor issue)
	[stretch] - poppler <ignored> (Minor issue)
	[jessie] - poppler <ignored> (Minor issue)
	NOTE: https://gitlab.freedesktop.org/poppler/poppler/issues/731
CVE-2019-9544 (An issue was discovered in Bento4 1.5.1-628. An out of bounds write oc ...)
	NOT-FOR-US: Bento4
CVE-2019-9543 (An issue was discovered in Poppler 0.74.0. A recursive function call,  ...)
	- poppler <unfixed> (low; bug #923553)
	[buster] - poppler <ignored> (Minor issue)
	[stretch] - poppler <ignored> (Minor issue)
	[jessie] - poppler <postponed> (Minor issue; revisit when fixed upstream)
	NOTE: https://gitlab.freedesktop.org/poppler/poppler/issues/730
CVE-2019-9542 (: Improper Neutralization of Input During Web Page Generation ('Cross- ...)
	NOT-FOR-US: Telos Automated Message Handling System
CVE-2019-9541 (: Information Exposure vulnerability in itemlookup.asp of Telos Automa ...)
	NOT-FOR-US: Telos Automated Message Handling System
CVE-2019-9540 (: Improper Neutralization of Input During Web Page Generation ('Cross- ...)
	NOT-FOR-US: Telos Automated Message Handling System
CVE-2019-9539 (: Improper Neutralization of Input During Web Page Generation ('Cross- ...)
	NOT-FOR-US: Telos Automated Message Handling System
CVE-2019-9538 (: Improper Neutralization of Input During Web Page Generation ('Cross- ...)
	NOT-FOR-US: Telos Automated Message Handling System
CVE-2019-9537 (: Improper Neutralization of Input During Web Page Generation ('Cross- ...)
	NOT-FOR-US: Telos Automated Message Handling System
CVE-2019-9536 (Apple iPhone 3GS bootrom malloc implementation returns a non-NULL poin ...)
	NOT-FOR-US: Apple iPhone 3GS
CVE-2019-9535 (A vulnerability exists in the way that iTerm2 integrates with tmux's c ...)
	NOT-FOR-US: iTerm2
CVE-2019-9534 (The Cobham EXPLORER 710, firmware version 1.07, does not validate its  ...)
	NOT-FOR-US: Cobham EXPLORER
CVE-2019-9533 (The root password of the Cobham EXPLORER 710 is the same for all versi ...)
	NOT-FOR-US: Cobham EXPLORER
CVE-2019-9532 (The web application portal of the Cobham EXPLORER 710, firmware versio ...)
	NOT-FOR-US: Cobham EXPLORER
CVE-2019-9531 (The web application portal of the Cobham EXPLORER 710, firmware versio ...)
	NOT-FOR-US: Cobham EXPLORER
CVE-2019-9530 (The web root directory of the Cobham EXPLORER 710, firmware version 1. ...)
	NOT-FOR-US: Cobham EXPLORER
CVE-2019-9529 (The web application portal of the Cobham EXPLORER 710, firmware versio ...)
	NOT-FOR-US: Cobham EXPLORER
CVE-2019-9528
	RESERVED
CVE-2019-9527
	RESERVED
CVE-2019-9526
	RESERVED
CVE-2019-9525
	RESERVED
CVE-2019-9524
	RESERVED
CVE-2019-9523
	RESERVED
CVE-2019-9522
	RESERVED
CVE-2019-9521
	RESERVED
CVE-2019-9520
	RESERVED
CVE-2019-9519
	RESERVED
CVE-2019-9518 (Some HTTP/2 implementations are vulnerable to a flood of empty frames, ...)
	{DSA-4520-1}
	- trafficserver 8.0.5+ds-1 (bug #935314)
	NOTE: https://github.com/Netflix/security-bulletins/blob/master/advisories/third-party/2019-002.md
	NOTE: https://github.com/apache/trafficserver/pull/5850
	NOTE: https://github.com/apache/trafficserver/blob/8.0.x/CHANGELOG-8.0.5
CVE-2019-9517 (Some HTTP/2 implementations are vulnerable to unconstrained interal da ...)
	{DSA-4509-1}
	- apache2 2.4.41-1
	[jessie] - apache2 <not-affected> (HTTP/2 support only available since version 2.4.17 and later)
	NOTE: Affects upstream versions 2.4.20 to 2.4.39
	NOTE: https://httpd.apache.org/security/vulnerabilities_24.html#CVE-2019-9517
	NOTE: https://github.com/Netflix/security-bulletins/blob/master/advisories/third-party/2019-002.md
CVE-2019-9516 (Some HTTP/2 implementations are vulnerable to a header leak, potential ...)
	{DSA-4505-1}
	- nginx 1.14.2-3 (bug #935037)
	[jessie] - nginx <not-affected> (HTTP2 support only exists since version 1.9.5)
	NOTE: https://www.nginx.com/blog/nginx-updates-mitigate-august-2019-http-2-vulnerabilities/
	NOTE: https://github.com/nginx/nginx/commit/6dfbc8b1c2116f362bb871efebbf9df576738e89 (master)
	NOTE: https://github.com/nginx/nginx/commit/dbdd9ffea81d9db46fb88b5eba828f2ad080d388 (release-1.16.1)
	NOTE: https://github.com/Netflix/security-bulletins/blob/master/advisories/third-party/2019-002.md
CVE-2019-9515 (Some HTTP/2 implementations are vulnerable to a settings flood, potent ...)
	{DSA-4520-1 DSA-4508-1}
	- trafficserver 8.0.5+ds-1 (bug #934887)
	- h2o 2.2.5+dfsg2-3 (bug #934886)
	NOTE: https://github.com/Netflix/security-bulletins/blob/master/advisories/third-party/2019-002.md
	NOTE: https://nodejs.org/en/blog/vulnerability/aug-2019-security-releases/
	NOTE: https://raw.githubusercontent.com/apache/trafficserver/8.0.x/CHANGELOG-8.0.4
	NOTE: https://github.com/h2o/h2o/issues/2090
	NOTE: https://github.com/h2o/h2o/commit/743d6b6118c29b75d0b84ef7950a2721c32dfe3f
CVE-2019-9514 (Some HTTP/2 implementations are vulnerable to a reset flood, potential ...)
	{DSA-4520-1 DSA-4508-1 DSA-4503-1}
	- golang-1.13 1.13~beta1-3 (bug #934955)
	- golang-1.12 1.12.8-1
	- golang-1.11 1.11.13-1
	- golang-1.8 <removed>
	[stretch] - golang-1.8 <ignored> (Minor issue)
	- golang-1.7 <removed>
	[stretch] - golang-1.7 <ignored> (Minor issue)
	- golang <removed>
	[jessie] - golang <not-affected> (No HTTP2 support yet)
	- golang-golang-x-net-dev 1:0.0+git20190811.74dc4d7+dfsg-1
	- nodejs 10.16.3~dfsg-1 (bug #934885)
	[stretch] - nodejs <not-affected> (No HTTP2 support yet)
	[jessie] - nodejs <not-affected> (No HTTP2 support yet)
	- trafficserver 8.0.5+ds-1 (bug #934887)
	- h2o 2.2.5+dfsg2-3 (bug #934886)
	NOTE: Issue: https://github.com/golang/go/issues/33606
	NOTE: https://github.com/golang/go/commit/e152b01a468a1c18a290bf9aec52ccea7693c7f2 (golang-1.11)
	NOTE: https://github.com/golang/go/commit/7139b45d1410ded14e1e131151fd8dfc435ede6c (golang-1.12)
	NOTE: https://github.com/Netflix/security-bulletins/blob/master/advisories/third-party/2019-002.md
	NOTE: https://nodejs.org/en/blog/vulnerability/aug-2019-security-releases/
	NOTE: https://raw.githubusercontent.com/apache/trafficserver/8.0.x/CHANGELOG-8.0.4
	NOTE: https://github.com/h2o/h2o/issues/2090
	NOTE: https://github.com/h2o/h2o/commit/743d6b6118c29b75d0b84ef7950a2721c32dfe3f
CVE-2019-9513 (Some HTTP/2 implementations are vulnerable to resource loops, potentia ...)
	{DSA-4511-1 DSA-4505-1}
	- nginx 1.14.2-3 (bug #935037)
	[jessie] - nginx <not-affected> (HTTP2 support only exists since version 1.9.5)
	- nodejs 10.16.3~dfsg-1 (bug #934885)
	[stretch] - nodejs <not-affected> (No HTTP2 support yet)
	[jessie] - nodejs <not-affected> (No HTTP2 support yet)
	- nghttp2 1.39.2-1
	[jessie] - nghttp2 <not-affected> (Vulnerable code not present)
	NOTE: https://www.nginx.com/blog/nginx-updates-mitigate-august-2019-http-2-vulnerabilities/
	NOTE: https://github.com/nginx/nginx/commit/5ae726912654da10a9a81b2c8436829f3e94f69f (master)
	NOTE: https://github.com/nginx/nginx/commit/39bb3b9d4a33bd03c8ae0134dedc8a7700ae7b2b (release-1.16.1)
	NOTE: https://github.com/Netflix/security-bulletins/blob/master/advisories/third-party/2019-002.md
	NOTE: https://nodejs.org/en/blog/vulnerability/aug-2019-security-releases/
	NOTE: https://github.com/nghttp2/nghttp2/releases/tag/v1.39.2
CVE-2019-9512 (Some HTTP/2 implementations are vulnerable to ping floods, potentially ...)
	{DSA-4520-1 DSA-4508-1 DSA-4503-1}
	- golang-1.13 1.13~beta1-3 (bug #934955)
	- golang-1.12 1.12.8-1
	- golang-1.11 1.11.13-1
	- golang-1.8 <removed>
	[stretch] - golang-1.8 <ignored> (Minor issue)
	- golang-1.7 <removed>
	[stretch] - golang-1.7 <ignored> (Minor issue)
	- golang <removed>
	[jessie] - golang <not-affected> (No HTTP2 support yet)
	- golang-golang-x-net-dev 1:0.0+git20190811.74dc4d7+dfsg-1
	- trafficserver 8.0.5+ds-1 (bug #934887)
	- h2o 2.2.5+dfsg2-3 (bug #934886)
	NOTE: Issue: https://github.com/golang/go/issues/33606
	NOTE: https://github.com/golang/go/commit/e152b01a468a1c18a290bf9aec52ccea7693c7f2 (golang-1.11)
	NOTE: https://github.com/golang/go/commit/7139b45d1410ded14e1e131151fd8dfc435ede6c (golang-1.12)
	NOTE: https://github.com/Netflix/security-bulletins/blob/master/advisories/third-party/2019-002.md
	NOTE: https://nodejs.org/en/blog/vulnerability/aug-2019-security-releases/
	NOTE: https://raw.githubusercontent.com/apache/trafficserver/8.0.x/CHANGELOG-8.0.4
	NOTE: https://github.com/h2o/h2o/issues/2090
	NOTE: https://github.com/h2o/h2o/commit/743d6b6118c29b75d0b84ef7950a2721c32dfe3f
CVE-2019-9511 (Some HTTP/2 implementations are vulnerable to window size manipulation ...)
	{DSA-4511-1 DSA-4505-1}
	- nginx 1.14.2-3 (bug #935037)
	[jessie] - nginx <not-affected> (HTTP2 support only exists since version 1.9.5)
	- nodejs 10.16.3~dfsg-1 (bug #934885)
	[stretch] - nodejs <not-affected> (No HTTP2 support yet)
	[jessie] - nodejs <not-affected> (No HTTP2 support yet)
	- nghttp2 1.39.2-1
	[jessie] - nghttp2 <not-affected> (Vulnerable code not present)
	NOTE: https://www.nginx.com/blog/nginx-updates-mitigate-august-2019-http-2-vulnerabilities/
	NOTE: https://github.com/nginx/nginx/commit/a987f81dd19210bc30b62591db331e31d3d74089 (master)
	NOTE: https://github.com/nginx/nginx/commit/94c5eb142e58a86f81eb1369fa6fcb96c2f23d6b (release-1.16.1)
	NOTE: https://github.com/Netflix/security-bulletins/blob/master/advisories/third-party/2019-002.md
	NOTE: https://nodejs.org/en/blog/vulnerability/aug-2019-security-releases/
	NOTE: https://github.com/nghttp2/nghttp2/releases/tag/v1.39.2
CVE-2019-9510 (A vulnerability in Microsoft Windows 10 1803 and Windows Server 2019 a ...)
	NOT-FOR-US: Microsoft
CVE-2019-9509 (The web interface of the Vertiv Avocent UMG-4000 version 4.2.1.19 is v ...)
	NOT-FOR-US: Vertiv Avocent UMG-4000
CVE-2019-9508 (The web interface of the Vertiv Avocent UMG-4000 version 4.2.1.19 is v ...)
	NOT-FOR-US: Vertiv Avocent UMG-4000
CVE-2019-9507 (The web interface of the Vertiv Avocent UMG-4000 version 4.2.1.19 is v ...)
	NOT-FOR-US: Vertiv Avocent UMG-4000
CVE-2019-9506 (The Bluetooth BR/EDR specification up to and including version 5.1 per ...)
	{DLA-1930-1 DLA-1919-1}
	- linux 5.2.6-1
	[buster] - linux 4.19.67-1
	[stretch] - linux 4.9.185-1
	NOTE: Hardware issue, but mitigation in Linux kernel can be applied:
	NOTE: https://git.kernel.org/linus/d5bb334a8e171b262e48f378bd2096c0ea458265 (5.2-rc1)
	NOTE: https://git.kernel.org/linus/693cd8ce3f882524a5d06f7800dd8492411877b3 (5.2-rc6)
	NOTE: https://git.kernel.org/linus/eca94432934fe5f141d084f2e36ee2c0e614cc04 (5.2)
CVE-2019-9505 (The PrinterLogic Print Management software, versions up to and includi ...)
	NOT-FOR-US: PrinterLogic Print Management
CVE-2019-9504
	RESERVED
CVE-2019-9503 (The Broadcom brcmfmac WiFi driver prior to commit a4176ec356c73a46c07c ...)
	{DSA-4465-1 DLA-1824-1 DLA-1799-1}
	- linux 4.19.37-4
	NOTE: https://git.kernel.org/linus/a4176ec356c73a46c07c181c6d04039fafa34a9f (5.1-rc1)
CVE-2019-9502 (The Broadcom wl WiFi driver is vulnerable to a heap buffer overflow. I ...)
	NOT-FOR-US: Broadcom
CVE-2019-9501 (The Broadcom wl WiFi driver is vulnerable to a heap buffer overflow. B ...)
	NOT-FOR-US: Broadcom
CVE-2019-9500 (The Broadcom brcmfmac WiFi driver prior to commit 1b5e2423164b3670e8bc ...)
	{DSA-4465-1 DLA-1824-1}
	- linux 4.19.37-4
	[jessie] - linux <not-affected> (Vulnerable code introduced later)
	NOTE: https://git.kernel.org/linus/1b5e2423164b3670e8bc9174e4762d297990deff (5.1-rc1)
CVE-2019-9499 (The implementations of EAP-PWD in wpa_supplicant EAP Peer, when built  ...)
	{DSA-4430-1 DLA-1867-1}
	- wpa 2:2.7+git20190128+0c1e29f-4 (bug #926801)
	NOTE: https://w1.fi/security/2019-4/eap-pwd-missing-commit-validation.txt
	NOTE: Patches: https://w1.fi/security/2019-4/
CVE-2019-9498 (The implementations of EAP-PWD in hostapd EAP Server, when built again ...)
	{DSA-4430-1 DLA-1867-1}
	- wpa 2:2.7+git20190128+0c1e29f-4 (bug #926801)
	NOTE: https://w1.fi/security/2019-4/eap-pwd-missing-commit-validation.txt
	NOTE: Patches: https://w1.fi/security/2019-4/
CVE-2019-9497 (The implementations of EAP-PWD in hostapd EAP Server and wpa_supplican ...)
	{DSA-4430-1 DLA-1867-1}
	- wpa 2:2.7+git20190128+0c1e29f-4 (bug #926801)
	NOTE: https://w1.fi/security/2019-4/eap-pwd-missing-commit-validation.txt
	NOTE: Patches: https://w1.fi/security/2019-4/
CVE-2019-9496 (An invalid authentication sequence could result in the hostapd process ...)
	- wpa 2:2.7+git20190128+0c1e29f-4 (bug #926801)
	[stretch] - wpa <ignored> (SAE code not enabled for build in stretch)
	[jessie] - wpa <ignored> (SAE code not enabled for build in jessie)
	NOTE: https://w1.fi/security/2019-3/sae-confirm-missing-state-validation.txt
	NOTE: Patches: https://w1.fi/security/2019-3/
	NOTE: CONFIG_SAE=y enabled since 2:2.7~git20180706+420b5dd-1
CVE-2019-9495 (The implementations of EAP-PWD in hostapd and wpa_supplicant are vulne ...)
	{DSA-4430-1 DLA-1867-1}
	- wpa 2:2.7+git20190128+0c1e29f-4 (bug #926801)
	NOTE: https://w1.fi/security/2019-2/eap-pwd-side-channel-attack.txt
	NOTE: Patches: https://w1.fi/security/2019-2/
CVE-2019-9494 (The implementations of SAE in hostapd and wpa_supplicant are vulnerabl ...)
	- wpa 2:2.7+git20190128+0c1e29f-4 (bug #926801)
	[stretch] - wpa <ignored> (SAE code not enabled for build in stretch)
	[jessie] - wpa <ignored> (SAE code not enabled for build in jessie)
	NOTE: https://w1.fi/security/2019-1/sae-side-channel-attacks.txt
	NOTE: Patches: https://w1.fi/security/2019-1/
	NOTE: CONFIG_SAE=y enabled since 2:2.7~git20180706+420b5dd-1
CVE-2019-9493 (The MyCar Controls of AutoMobility Distribution Inc., mobile applicati ...)
	NOT-FOR-US: MyCar Controls
CVE-2019-9492 (A DLL side-loading vulnerability in Trend Micro OfficeScan 11.0 SP1 an ...)
	NOT-FOR-US: Trend Micro
CVE-2019-9491 (Trend Micro Anti-Threat Toolkit (ATTK) versions 1.62.0.1218 and below  ...)
	NOT-FOR-US: Trend Micro
CVE-2019-9490 (A vulnerability in Trend Micro InterScan Web Security Virtual Applianc ...)
	NOT-FOR-US: Trend Micro InterScan Web Security Virtual Appliance
CVE-2019-9489 (A directory traversal vulnerability in Trend Micro Apex One, OfficeSca ...)
	NOT-FOR-US: Trend Micro
CVE-2019-9488 (Trend Micro Deep Security Manager (10.x, 11.x) and Vulnerability Prote ...)
	NOT-FOR-US: Trend Micro
CVE-2019-9487
	RESERVED
CVE-2019-9486 (STRATO HiDrive Desktop Client 5.0.1.0 for Windows suffers from a SYSTE ...)
	NOT-FOR-US: STRATO HiDrive Desktop Client
CVE-2019-9485 (An issue was discovered in GitLab Community and Enterprise Edition bef ...)
	[experimental] - gitlab 11.8.2-1
	- gitlab 11.8.2-2 (bug #924447)
	NOTE: https://about.gitlab.com/2019/03/04/security-release-gitlab-11-dot-8-dot-1-released/
CVE-2019-9484 (The Glen Dimplex Deutschland GmbH implementation of the Carel pCOWeb c ...)
	NOT-FOR-US: Glen Dimplex Deutschland GmbH implementation of the Carel pCOWeb configuration tool
CVE-2019-9483 (Amazon Ring Doorbell before 3.4.7 mishandles encryption, which allows  ...)
	NOT-FOR-US: Amazon Ring Doorbell
CVE-2019-9482 (In MISP 2.4.102, an authenticated user can view sightings that they sh ...)
	NOT-FOR-US: MISP
CVE-2019-9481
	RESERVED
CVE-2019-9480
	RESERVED
CVE-2019-9479
	RESERVED
CVE-2019-9478
	RESERVED
CVE-2019-9477
	RESERVED
CVE-2019-9476
	RESERVED
CVE-2019-9475
	RESERVED
CVE-2019-9474 (In Bluetooth, there is a possible out of bounds read due to a missing  ...)
	NOT-FOR-US: Android
CVE-2019-9473 (In Bluetooth, there is a possible out of bounds read due to a missing  ...)
	NOT-FOR-US: Android
CVE-2019-9472 (In DCRYPTO_equals of compare.c, there is a possible timing attack due  ...)
	NOT-FOR-US: Android
CVE-2019-9471 (In set_outbound_iatu of abc-pcie.c, there is a possible out of bounds  ...)
	NOT-FOR-US: Android
CVE-2019-9470 (In dma_sblk_start of abc-pcie.c, there is a possible out of bounds wri ...)
	NOT-FOR-US: Android
CVE-2019-9469 (In km_compute_shared_hmac of km4.c, there is a possible out of bounds  ...)
	NOT-FOR-US: Android
CVE-2019-9468 (In export_key_der of export_key.cpp, there is possible memory corrupti ...)
	NOT-FOR-US: Android
CVE-2019-9467 (In the Bootloader, there is a possible kernel command injection due to ...)
	NOT-FOR-US: LG components for Android
CVE-2019-9466
	REJECTED
CVE-2019-9465 (In the Titan M handling of cryptographic operations, there is a possib ...)
	NOT-FOR-US: Android
CVE-2019-9464 (In various functions of RecentLocationApps.java, DevicePolicyManagerSe ...)
	NOT-FOR-US: Android
CVE-2019-9463 (In Platform, there is a possible bypass of user interaction requiremen ...)
	NOT-FOR-US: Android
CVE-2019-9462 (In Bluetooth, there is a possible out of bounds read due to an incorre ...)
	NOT-FOR-US: Android
CVE-2019-9461 (In the Android kernel in VPN routing there is a possible information d ...)
	NOT-FOR-US: Android
CVE-2019-9460
	REJECTED
CVE-2019-9459 (In libttspico, there is a possible OOB write due to a heap buffer over ...)
	NOT-FOR-US: Android
CVE-2019-9458 (In the Android kernel in the video driver there is a use after free du ...)
	- linux 4.18.20-1
	[stretch] - linux 4.9.135-1
	[jessie] - linux 3.16.64-1
	NOTE: https://git.kernel.org/linus/ad608fbcf166fec809e402d548761768f602702c
CVE-2019-9457
	REJECTED
CVE-2019-9456 (In the Android kernel in Pixel C USB monitor driver there is a possibl ...)
	- linux 4.15.11-1
	[stretch] - linux 4.9.88-1
	[jessie] - linux 3.16.57-1
	NOTE: https://git.kernel.org/linus/a5f596830e27e15f7a0ecd6be55e433d776986d8
CVE-2019-9455 (In the Android kernel in the video driver there is a kernel pointer le ...)
	- linux 4.19.37-1
	[stretch] - linux 4.9.168-1
	[jessie] - linux <not-affected> (Vulnerable code not present)
	NOTE: https://git.kernel.org/linus/5e99456c20f712dcc13d9f6ca4278937d5367355
CVE-2019-9454 (In the Android kernel in i2c driver there is a possible out of bounds  ...)
	- linux 4.14.17-1
	[stretch] - linux 4.9.168-1
	[jessie] - linux 3.16.56-1
	NOTE: https://git.kernel.org/linus/89c6efa61f5709327ecfa24bff18e57a4e80c7fa
	NOTE: Commit wise a duplicate of CVE-2017-18551
CVE-2019-9453 (In the Android kernel in F2FS touch driver there is a possible out of  ...)
	- linux 5.2.6-1
	[buster] - linux 4.19.67-1
	NOTE: https://git.kernel.org/linus/2777e654371dd4207a3a7f4fb5fa39550053a080
CVE-2019-9452 (In the Android kernel in SEC_TS touch driver there is a possible out o ...)
	NOT-FOR-US: Android kernel (sec_ts not in mainline)
CVE-2019-9451 (In the Android kernel in the touchscreen driver there is a possible ou ...)
	NOT-FOR-US: Android kernel (sec_ts not in mainline)
CVE-2019-9450 (In the Android kernel in the FingerTipS touchscreen driver there is a  ...)
	NOT-FOR-US: Android kernel (stm not in mainline)
CVE-2019-9449 (In the Android kernel in FingerTipS touchscreen driver there is a poss ...)
	NOT-FOR-US: Android kernel (stm not in mainline)
CVE-2019-9448 (In the Android kernel in the FingerTipS touchscreen driver there is a  ...)
	NOT-FOR-US: Android kernel (stm not in mainline)
CVE-2019-9447 (In the Android kernel in the FingerTipS touchscreen driver there is a  ...)
	NOT-FOR-US: Android kernel
CVE-2019-9446 (In the Android kernel in the FingerTipS touchscreen driver there is a  ...)
	NOT-FOR-US: Android kernel
CVE-2019-9445 (In the Android kernel in F2FS driver there is a possible out of bounds ...)
	- linux 5.2.6-1
	[buster] - linux 4.19.98-1
	NOTE: https://git.kernel.org/linus/720db068634c91553a8e1d9a0fcd8c7050e06d2b
CVE-2019-9444 (In the Android kernel in sync debug fs driver there is a kernel pointe ...)
	- linux 4.15.4-1
	[stretch] - linux <ignored> (Minor issue)
	[jessie] - linux <ignored> (Minor issue)
	NOTE: https://lore.kernel.org/patchwork/patch/902287/
CVE-2019-9443 (In the Android kernel in the vl53L0 driver there is a possible out of  ...)
	NOT-FOR-US: Android kernel
CVE-2019-9442 (In the Android kernel in the mnh driver there is possible memory corru ...)
	NOT-FOR-US: Android kernel
CVE-2019-9441 (In the Android kernel in the mnh driver there is a possible out of bou ...)
	NOT-FOR-US: Android kernel
CVE-2019-9440 (In AOSP Email, there is a possible information disclosure due to a con ...)
	NOT-FOR-US: Android
CVE-2019-9439
	RESERVED
CVE-2019-9438 (In the Package Manager service, there is a possible information disclo ...)
	NOT-FOR-US: Android
CVE-2019-9437
	RESERVED
CVE-2019-9436 (In the Android kernel in the bootloader there is a possible secure boo ...)
	NOT-FOR-US: LG components for Android
CVE-2019-9435 (In Bluetooth, there is a possible out of bounds read due to a missing  ...)
	NOT-FOR-US: Android
CVE-2019-9434 (In Bluetooth, there is a possible out of bounds read due to a missing  ...)
	NOT-FOR-US: Android
CVE-2019-9433 (In libvpx, there is a possible information disclosure due to improper  ...)
	{DSA-4578-1 DLA-2012-1}
	- libvpx 1.8.1-2
	NOTE: https://github.com/webmproject/libvpx/commit/52add5896661d186dec284ed646a4b33b607d2c7
CVE-2019-9432 (In Bluetooth, there is a possible out of bounds read due to improper i ...)
	NOT-FOR-US: Android
CVE-2019-9431 (In Bluetooth, there is a possible out of bounds read due to a use afte ...)
	NOT-FOR-US: Android
CVE-2019-9430 (In Bluetooth, there is a possible null pointer dereference due to a mi ...)
	NOT-FOR-US: Android
CVE-2019-9429 (In profman, there is a possible out of bounds write due to memory corr ...)
	NOT-FOR-US: Android
CVE-2019-9428 (In the Framework, it is possible to set up BROWSEABLE intents to take  ...)
	NOT-FOR-US: Android
CVE-2019-9427 (In Bluetooth, there is a possible information disclosure due to a use  ...)
	NOT-FOR-US: Android
CVE-2019-9426 (In the Android kernel in Bluetooth there is a possible out of bounds w ...)
	NOT-FOR-US: Broadcom components for Android
CVE-2019-9425 (In Bluetooth, there is a possible out of bounds read due to a missing  ...)
	NOT-FOR-US: Android
CVE-2019-9424 (In the Screen Lock, there is a possible information disclosure due to  ...)
	NOT-FOR-US: Android
CVE-2019-9423 (In opencv calls that use libpng, there is a possible out of bounds wri ...)
	- opencv <undetermined>
	NOTE: Currently no further information available
CVE-2019-9422 (In Bluetooth, there is a possible out of bounds read due to a missing  ...)
	NOT-FOR-US: Android
CVE-2019-9421 (In libandroidfw, there is a possible OOB read due to an integer overfl ...)
	NOT-FOR-US: Android
CVE-2019-9420 (In libhevc, there is a possible out of bounds read due to an integer o ...)
	NOT-FOR-US: Android
CVE-2019-9419 (In Bluetooth, there is a possible out of bounds read due to a missing  ...)
	NOT-FOR-US: Android
CVE-2019-9418 (In libstagefright, there is a possible resource exhaustion due to a mi ...)
	NOT-FOR-US: Android
CVE-2019-9417 (In Bluetooth, there is a possible out of bounds read due to a missing  ...)
	NOT-FOR-US: Android
CVE-2019-9416 (In libstagefright there is a possible information disclosure due to un ...)
	NOT-FOR-US: Android
CVE-2019-9415 (In libstagefright there is a possible information disclosure due to un ...)
	NOT-FOR-US: Android
CVE-2019-9414 (In wpa_supplicant, there is a possible man in the middle vulnerability ...)
	NOT-FOR-US: Android
CVE-2019-9413 (In Bluetooth, there is a possible out of bounds read due to a missing  ...)
	NOT-FOR-US: Android
CVE-2019-9412 (In libSBRdec there is a possible out of bounds read due to incorrect b ...)
	NOT-FOR-US: Android
CVE-2019-9411 (In libavc there is a possible information disclosure due to uninitiali ...)
	NOT-FOR-US: Android
CVE-2019-9410 (In libavc there is a possible information disclosure due to uninitiali ...)
	NOT-FOR-US: Android
CVE-2019-9409 (In libhevc there is a possible information disclosure due to uninitial ...)
	NOT-FOR-US: Android
CVE-2019-9408 (In libavc there is a possible information disclosure due to uninitiali ...)
	NOT-FOR-US: Android
CVE-2019-9407 (In notification management of the service manager, there is a possible ...)
	NOT-FOR-US: Android
CVE-2019-9406 (In libhevc there is a possible information disclosure due to uninitial ...)
	NOT-FOR-US: Android
CVE-2019-9405 (In libAACdec, there is a possible out of bounds write due to an intege ...)
	NOT-FOR-US: Android
CVE-2019-9404 (In Bluetooth, there is possible controlled termination due to a missin ...)
	NOT-FOR-US: Android
CVE-2019-9403 (In cn-cbor, there is a possible out of bounds read due to improper cas ...)
	NOT-FOR-US: Android
CVE-2019-9402 (In Bluetooth, there is possible controlled termination due to a missin ...)
	NOT-FOR-US: Android
CVE-2019-9401 (In Bluetooth, there is possible controlled termination due to a missin ...)
	NOT-FOR-US: Android
CVE-2019-9400 (In Bluetooth, there is a possible null pointer dereference due to a mi ...)
	NOT-FOR-US: Android
CVE-2019-9399 (The Print Service is susceptible to man in the middle attacks due to i ...)
	NOT-FOR-US: Android
CVE-2019-9398 (In Bluetooth, there is possible controlled termination due to a missin ...)
	NOT-FOR-US: Android
CVE-2019-9397 (In Bluetooth, there is possible controlled termination due to a missin ...)
	NOT-FOR-US: Android
CVE-2019-9396 (In Bluetooth, there is possible controlled termination due to a missin ...)
	NOT-FOR-US: Android
CVE-2019-9395 (In Bluetooth, there is possible controlled termination due to a missin ...)
	NOT-FOR-US: Android
CVE-2019-9394 (In Bluetooth, there is possible controlled termination due to a missin ...)
	NOT-FOR-US: Android
CVE-2019-9393 (In Bluetooth, there is possible controlled termination due to a missin ...)
	NOT-FOR-US: Android
CVE-2019-9392
	RESERVED
CVE-2019-9391 (In libxaac, there is a possible out of bounds read due to uninitialize ...)
	NOT-FOR-US: Android
CVE-2019-9390 (In Bluetooth, there is a possible out of bounds read due to a missing  ...)
	NOT-FOR-US: Android
CVE-2019-9389 (In Bluetooth, there is a possible out of bounds read due to a missing  ...)
	NOT-FOR-US: Android
CVE-2019-9388 (In Bluetooth, there is a possible out of bounds read due to a missing  ...)
	NOT-FOR-US: Android
CVE-2019-9387 (In Bluetooth, there is a possible out of bounds read due to a missing  ...)
	NOT-FOR-US: Android
CVE-2019-9386 (In NFC server, there is a possible out of bounds write due to a missin ...)
	NOT-FOR-US: Android
CVE-2019-9385 (In libxaac, there is a possible out of bounds read due to a missing bo ...)
	NOT-FOR-US: Android
CVE-2019-9384 (In LockPatternUtils, there is a possible escalation of privilege due t ...)
	NOT-FOR-US: Android
CVE-2019-9383 (In NFC server, there is a possible out of bounds read due to a missing ...)
	NOT-FOR-US: Android
CVE-2019-9382 (In libeffects, there is a possible out of bounds write due to a missin ...)
	NOT-FOR-US: Android
CVE-2019-9381 (In netd, there is a possible out of bounds read due to a use after fre ...)
	NOT-FOR-US: Android
CVE-2019-9380 (In the settings UI, there is a possible spoofing vulnerability due to  ...)
	NOT-FOR-US: Android
CVE-2019-9379 (In libstagefright, there is a possible resource exhaustion due to a mi ...)
	NOT-FOR-US: Android
CVE-2019-9378 (In the Activity Manager service, there is a possible permission bypass ...)
	NOT-FOR-US: Android
CVE-2019-9377 (In FingerprintService, there is a possible bypass for operating system ...)
	NOT-FOR-US: Android
CVE-2019-9376 (In the Accounts package, there is a possible crash due to improper inp ...)
	NOT-FOR-US: Android
CVE-2019-9375 (In hostapd, there is a possible out of bounds write due to a race cond ...)
	NOT-FOR-US: Android
CVE-2019-9374 (In CompanionDeviceManager, there is a possible bypass of user interact ...)
	NOT-FOR-US: Android
CVE-2019-9373 (In JobStore, there is a mismatched serialization/deserialization for t ...)
	NOT-FOR-US: Android
CVE-2019-9372 (In libskia, there is a possible crash due to a missing null check. Thi ...)
	- skia <itp> (bug #818180)
CVE-2019-9371 (In libvpx, there is a possible resource exhaustion due to improper inp ...)
	- libvpx 1.8.1-2 (low)
	[buster] - libvpx 1.7.0-3+deb10u1
	[stretch] - libvpx <ignored> (Minor issue)
	[jessie] - libvpx <not-affected> (Vunerable code introduced in 1.4.0)
	NOTE: Commits in libwebm:
	NOTE: https://chromium.googlesource.com/webm/libwebm/+/027a472efe49ff3a24be619442d2150658dbaaa0
	NOTE: https://chromium.googlesource.com/webm/libwebm/+/cb5a9477073cf7ae4a28356d6e3e5638aba78dc9
	NOTE: Sync to libvpx via:
	NOTE: https://github.com/webmproject/libvpx/commit/34d54b04e98dd0bac32e9aab0fbda0bf501bc742
	NOTE: https://github.com/webmproject/libvpx/commit/f00890eecdf8365ea125ac16769a83aa6b68792d
CVE-2019-9370 (In sonivox, there is a possible out of bounds read due to an incorrect ...)
	NOT-FOR-US: Android
CVE-2019-9369 (In Bluetooth, there is a use of uninitialized variable. This could lea ...)
	NOT-FOR-US: Android
CVE-2019-9368 (In Bluetooth, there is a possible out of bounds read due to a missing  ...)
	NOT-FOR-US: Android
CVE-2019-9367 (In Bluetooth, there is a possible out of bounds read due to a missing  ...)
	NOT-FOR-US: Android
CVE-2019-9366 (In libSBRdec there is a possible out of bounds read due to a missing b ...)
	NOT-FOR-US: Android
CVE-2019-9365 (In Bluetooth, there is a possible deserialization error due to missing ...)
	NOT-FOR-US: Android
CVE-2019-9364 (In AudioService, there is a possible trigger of background user audio  ...)
	NOT-FOR-US: Android
CVE-2019-9363 (In Bluetooth, there is a possible out of bounds write due to a missing ...)
	NOT-FOR-US: Android
CVE-2019-9362 (In libSACdec, there is a possible out of bounds read due to a missing  ...)
	NOT-FOR-US: Android
CVE-2019-9361 (In libavc there is a possible information disclosure due to uninitiali ...)
	NOT-FOR-US: Android
CVE-2019-9360 (In the TEE, there's a possible out of bounds read due to a missing bou ...)
	NOT-FOR-US: Android
CVE-2019-9359 (In libavc there is a possible information disclosure due to uninitiali ...)
	NOT-FOR-US: Android
CVE-2019-9358 (In NFC, there is a possible out of bounds write due to a missing bound ...)
	NOT-FOR-US: Android
CVE-2019-9357 (In libAACdec, there is a possible out of bounds write due to an intege ...)
	NOT-FOR-US: Android
CVE-2019-9356 (In NFC server, there is a possible out of bounds read due to a missing ...)
	NOT-FOR-US: Android
CVE-2019-9355 (In Bluetooth, there is a possible out of bounds read due to a missing  ...)
	NOT-FOR-US: Android
CVE-2019-9354 (In NFC server, there's a possible out of bounds read due to a missing  ...)
	NOT-FOR-US: Android
CVE-2019-9353 (In Bluetooth, there is a possible out of bounds read due to a missing  ...)
	NOT-FOR-US: Android
CVE-2019-9352 (In libstagefright, there is a possible resource exhaustion due to a mi ...)
	NOT-FOR-US: Android
CVE-2019-9351 (In SyncStatusObserver, there is a possible bypass for operating system ...)
	NOT-FOR-US: Android
CVE-2019-9350 (In Keymaster, there is a possible EoP due to a use after free. This co ...)
	NOT-FOR-US: Android
CVE-2019-9349 (In libstagefright, there is a possible resource exhaustion due to impr ...)
	NOT-FOR-US: Android
CVE-2019-9348 (In libstagefright, there is a possible resource exhaustion due to impr ...)
	NOT-FOR-US: Android
CVE-2019-9347 (In the m4v_h263 codec, there is a possible out of bounds read due to a ...)
	NOT-FOR-US: Android
CVE-2019-9346 (In libstagefright, there is a possible out of bounds write due to a he ...)
	NOT-FOR-US: Android
CVE-2019-9345 (In the Android kernel in sdcardfs there is a possible violation of the ...)
	NOT-FOR-US: Android kernel
CVE-2019-9344 (In NFC server, there is a possible out of bounds read due to a missing ...)
	NOT-FOR-US: Android
CVE-2019-9343 (In Bluetooth, there is a possible out of bounds read due to a missing  ...)
	NOT-FOR-US: Android
CVE-2019-9342 (In Bluetooth, there is a possible out of bounds read due to a missing  ...)
	NOT-FOR-US: Android
CVE-2019-9341 (In Bluetooth, there is a possible out of bounds read due to a missing  ...)
	NOT-FOR-US: Android
CVE-2019-9340
	RESERVED
CVE-2019-9339
	RESERVED
CVE-2019-9338 (In libavc there is a possible information disclosure due to uninitiali ...)
	NOT-FOR-US: Android
CVE-2019-9337 (In libavc there is a possible information disclosure due to uninitiali ...)
	NOT-FOR-US: Android
CVE-2019-9336 (In libavc there is a possible information disclosure due to uninitiali ...)
	NOT-FOR-US: Android
CVE-2019-9335 (In libavc there is a possible information disclosure due to uninitiali ...)
	NOT-FOR-US: Android
CVE-2019-9334 (In libhevc there is a possible information disclosure due to uninitial ...)
	NOT-FOR-US: Android
CVE-2019-9333 (In Bluetooth, there is a possible out of bounds read due to a missing  ...)
	NOT-FOR-US: Android
CVE-2019-9332 (In Bluetooth, there is a possible out of bounds read due to a missing  ...)
	NOT-FOR-US: Android
CVE-2019-9331 (In Bluetooth, there is a possible out of bounds read due to a missing  ...)
	NOT-FOR-US: Android
CVE-2019-9330 (In Bluetooth, there is a possible out of bounds read due to a missing  ...)
	NOT-FOR-US: Android
CVE-2019-9329 (In Bluetooth, there is a possible out of bounds read due to uninitiali ...)
	NOT-FOR-US: Android
CVE-2019-9328 (In Bluetooth, there is a possible out of bounds read due to a missing  ...)
	NOT-FOR-US: Android
CVE-2019-9327 (In Bluetooth, there is a possible out of bounds read due to a missing  ...)
	NOT-FOR-US: Android
CVE-2019-9326 (In Bluetooth, there is a possible out of bounds read due to a missing  ...)
	NOT-FOR-US: Android
CVE-2019-9325 (In libvpx, there is a possible out of bounds read due to a missing bou ...)
	{DSA-4578-1}
	- libvpx 1.8.1-2
	[jessie] - libvpx <not-affected> (Vunerable code introduced in 1.4.0)
	NOTE: https://github.com/webmproject/libvpx/commit/0681cff1ad36b3ef8ec242f59b5a6c4234ccfb88
CVE-2019-9324
	RESERVED
CVE-2019-9323 (In the Wallpaper Manager service, there is a possible information disc ...)
	NOT-FOR-US: Android
CVE-2019-9322 (In libavc there is a possible information disclosure due to uninitiali ...)
	NOT-FOR-US: Android
CVE-2019-9321 (In libavc, there is a missing variable initialization. This could lead ...)
	NOT-FOR-US: Android
CVE-2019-9320 (In libavc, there is a missing variable initialization. This could lead ...)
	NOT-FOR-US: Android
CVE-2019-9319 (In libavc, there is a missing variable initialization. This could lead ...)
	NOT-FOR-US: Android
CVE-2019-9318 (In libhevc, there is a missing variable initialization. This could lea ...)
	NOT-FOR-US: Android
CVE-2019-9317 (In libstagefright, there is a missing variable initialization. This co ...)
	NOT-FOR-US: Android
CVE-2019-9316 (In libstagefright, there is a missing variable initialization. This co ...)
	NOT-FOR-US: Android
CVE-2019-9315 (In libhevc, there is a missing variable initialization. This could lea ...)
	NOT-FOR-US: Android
CVE-2019-9314 (In libavc, there is a missing variable initialization. This could lead ...)
	NOT-FOR-US: Android
CVE-2019-9313 (In libstagefright, there is a missing variable initialization. This co ...)
	NOT-FOR-US: Android
CVE-2019-9312 (In Bluetooth, there is a possible out of bounds read due to a missing  ...)
	NOT-FOR-US: Android
CVE-2019-9311 (In Bluetooth, there is a possible crash due to an integer overflow. Th ...)
	NOT-FOR-US: Android
CVE-2019-9310 (In libFDK, there is a possible out of bounds write due to an integer o ...)
	NOT-FOR-US: Android
CVE-2019-9309 (In NFC, there is a possible out of bounds write due to a missing bound ...)
	NOT-FOR-US: Android
CVE-2019-9308 (In libAACdec, there is a possible out of bounds write due to an intege ...)
	NOT-FOR-US: Android
CVE-2019-9307 (In libAACdec, there is a possible out of bounds write due to an intege ...)
	NOT-FOR-US: Android
CVE-2019-9306 (In libMpegTPDec, there is a possible out of bounds write due to an int ...)
	NOT-FOR-US: Android
CVE-2019-9305 (In libAACdec, there is a possible out of bounds write due to an intege ...)
	NOT-FOR-US: Android
CVE-2019-9304 (In libMpegTPDec, there is a possible out of bounds write due to an int ...)
	NOT-FOR-US: Android
CVE-2019-9303 (In libFDK, there is a possible out of bounds write due to an integer o ...)
	NOT-FOR-US: Android
CVE-2019-9302 (In libAACdec, there is a possible out of bounds write due to an intege ...)
	NOT-FOR-US: Android
CVE-2019-9301 (In libAACdec, there is a possible out of bounds write due to an intege ...)
	NOT-FOR-US: Android
CVE-2019-9300 (In libAACdec, there is a possible out of bounds write due to an intege ...)
	NOT-FOR-US: Android
CVE-2019-9299 (In libAACdec, there is a possible out of bounds write due to an intege ...)
	NOT-FOR-US: Android
CVE-2019-9298 (In libAACdec, there is a possible out of bounds write due to an intege ...)
	NOT-FOR-US: Android
CVE-2019-9297 (In libAACdec, there is a possible out of bounds write due to an intege ...)
	NOT-FOR-US: Android
CVE-2019-9296 (In NFC, there is a possible out of bounds read due to a missing bounds ...)
	NOT-FOR-US: Android
CVE-2019-9295 (In com.android.apps.tag, there is a possible bypass of user interactio ...)
	NOT-FOR-US: Android
CVE-2019-9294 (In libstagefright, there is a possible out of bounds read due to a mis ...)
	NOT-FOR-US: Android
CVE-2019-9293 (In libstagefright, there is a possible out of bounds read due to a mis ...)
	NOT-FOR-US: Android
CVE-2019-9292 (In the Activity Manager service, there is a possible information discl ...)
	NOT-FOR-US: Android
CVE-2019-9291 (In Bluetooth, there is a possible remote code execution due to an impr ...)
	NOT-FOR-US: Android
CVE-2019-9290 (In tzdata there is possible memory corruption due to a mismatch betwee ...)
	NOT-FOR-US: Android
CVE-2019-9289 (In Bluetooth, there is a possible out of bounds read due to a missing  ...)
	NOT-FOR-US: Android
CVE-2019-9288 (In libhidcommand_jni, there is a possible out of bounds write due to a ...)
	NOT-FOR-US: Android
CVE-2019-9287 (In Bluetooth, there is a possible out of bounds read due to a missing  ...)
	NOT-FOR-US: Android
CVE-2019-9286 (In Bluetooth, there is a possible out of bounds read due to a missing  ...)
	NOT-FOR-US: Android
CVE-2019-9285 (In Bluetooth, there is a possible out of bounds read due to a missing  ...)
	NOT-FOR-US: Android
CVE-2019-9284 (In Bluetooth, there is a possible out of bounds read due to a missing  ...)
	NOT-FOR-US: Android
CVE-2019-9283 (In AAC Codec, there is a possible resource exhaustion due to improper  ...)
	NOT-FOR-US: Android
CVE-2019-9282 (In skia, there is a possible out of bounds read due to a missing bound ...)
	- skia <itp> (bug #818180)
CVE-2019-9281 (In GoogleContactsSyncAdapter, there is a possible path traversal due t ...)
	NOT-FOR-US: Android
CVE-2019-9280 (In keyguard, there is a possible escalation of privilege due to improp ...)
	NOT-FOR-US: Android
CVE-2019-9279 (In the wifi hotspot service, there is a possible denial of service due ...)
	NOT-FOR-US: Android
CVE-2019-9278 (In libexif, there is a possible out of bounds write due to an integer  ...)
	{DSA-4618-1 DLA-2100-1}
	- libexif 0.6.21-6 (bug #945948)
	NOTE: https://android.googlesource.com/platform/external/libexif/+/a5e8e5812a11ec9686294de8a5d68aaf2ab72475%5E%21/#F0
	NOTE: https://github.com/libexif/libexif/issues/26
	NOTE: https://github.com/libexif/libexif/commit/75aa73267fdb1e0ebfbc00369e7312bac43d0566
CVE-2019-9277 (In the proc filesystem, there is a possible information disclosure due ...)
	NOT-FOR-US: Android
CVE-2019-9276 (In the Android kernel in the synaptics_dsx_htc touchscreen driver ther ...)
	NOT-FOR-US: Android kernel
CVE-2019-9275 (In the Android kernel in the mnh driver there is a use after free due  ...)
	NOT-FOR-US: Android kernel
CVE-2019-9274 (In the Android kernel in the mnh driver there is a possible out of bou ...)
	NOT-FOR-US: Android kernel
CVE-2019-9273 (In the Android kernel in the synaptics_dsx_htc touchscreen driver ther ...)
	NOT-FOR-US: Android kernel
CVE-2019-9272 (In WiFi, there is a possible leak of WiFi state due to a permissions b ...)
	NOT-FOR-US: Android
CVE-2019-9271 (In the Android kernel in the mnh driver there is a race condition due  ...)
	NOT-FOR-US: Android kernel
CVE-2019-9270 (In the Android kernel in unifi and r8180 WiFi drivers there is a possi ...)
	NOT-FOR-US: Android kernel
CVE-2019-9269 (In System Settings, there is a possible permissions bypass due to a ca ...)
	NOT-FOR-US: Android
CVE-2019-9268 (In libstagefright, there is a possible use-after-free due to improper  ...)
	NOT-FOR-US: Android
CVE-2019-9267
	RESERVED
CVE-2019-9266 (In sensorservice, there is a possible out of bounds write due to a mis ...)
	NOT-FOR-US: Android
CVE-2019-9265 (In Bluetooth, there is a possible out of bounds read due to an incorre ...)
	NOT-FOR-US: Android
CVE-2019-9264 (In libxaac there is a possible out of bounds read due to missing bound ...)
	NOT-FOR-US: Android
CVE-2019-9263 (In telephony, there is a possible bypass of user interaction requireme ...)
	NOT-FOR-US: Android
CVE-2019-9262 (In MPEG4Extractor, there is a possible out of bounds write due to an i ...)
	NOT-FOR-US: Android
CVE-2019-9261 (In libxaac there is a possible out of bounds read due to missing bound ...)
	NOT-FOR-US: Android
CVE-2019-9260 (In Bluetooth, there is a possible out of bounds read due to an incorre ...)
	NOT-FOR-US: Android
CVE-2019-9259 (In the Bluetooth stack, there is a possible out of bounds write due to ...)
	NOT-FOR-US: Android
CVE-2019-9258 (In wifilogd, there is a possible out of bounds write due to a missing  ...)
	NOT-FOR-US: Android
CVE-2019-9257 (In Bluetooth, there is a possible out of bounds write due to an intege ...)
	NOT-FOR-US: Android
CVE-2019-9256 (In libmediaextractor there is a possible out of bounds write due to an ...)
	NOT-FOR-US: Android
CVE-2019-9255
	RESERVED
CVE-2019-9254 (In readArgumentList of zygote.java in Android 10, there is a possible  ...)
	NOT-FOR-US: Android
CVE-2019-9253 (In KeyStore, there is a possible storage of symmetric keys in the TEE  ...)
	NOT-FOR-US: Android
CVE-2019-9252 (In libavc there is a possible out of bounds read due to uninitialized  ...)
	NOT-FOR-US: Android
CVE-2019-9251 (In NFC, there is a possible out of bounds read due to a missing bounds ...)
	NOT-FOR-US: Android
CVE-2019-9250 (In Bluetooth, there is a possible out of bounds read due to a missing  ...)
	NOT-FOR-US: Android
CVE-2019-9249 (In Bluetooth, there is a possible out of bounds read due to a missing  ...)
	NOT-FOR-US: Android
CVE-2019-9248 (In the Android kernel in the FingerTipS touchscreen driver there is a  ...)
	NOT-FOR-US: Android kernel
CVE-2019-9247 (In AAC Codec, there is a missing variable initialization. This could l ...)
	NOT-FOR-US: Android
CVE-2019-9246 (In NFC, there is a possible out of bounds read due to a missing bounds ...)
	NOT-FOR-US: Android
CVE-2019-9245 (In the Android kernel in the f2fs driver there is a possible out of bo ...)
	- linux 4.19.16-1
	NOTE: https://git.kernel.org/linus/64beba0558fce7b59e9a8a7afd77290e82a22163
CVE-2019-9244 (In NFC, there is a possible out of bounds read due to a missing bounds ...)
	NOT-FOR-US: Android
CVE-2019-9243 (In wpa_supplicant_8, there is a possible out of bounds read due to a m ...)
	NOT-FOR-US: Android
CVE-2019-9242 (In NFC, there is a possible out of bounds read due to a missing bounds ...)
	NOT-FOR-US: Android
CVE-2019-9241 (In Bluetooth, there is a possible out of bounds read due to a missing  ...)
	NOT-FOR-US: Android
CVE-2019-9240 (In NFC, there is a possible out of bounds read due to a missing bounds ...)
	NOT-FOR-US: Android
CVE-2019-9239 (In NFC, there is a possible out of bounds read due to a missing bounds ...)
	NOT-FOR-US: Android
CVE-2019-9238 (In the NFC stack, there is a possible out of bounds write due to a mis ...)
	NOT-FOR-US: Android
CVE-2019-9237 (In Bluetooth, there is a possible out of bounds read due to a missing  ...)
	NOT-FOR-US: Android
CVE-2019-9236 (In NFC, there is a possible out of bounds read due to a missing bounds ...)
	NOT-FOR-US: Android
CVE-2019-9235 (In NFC, there is a possible out of bounds read due to a missing bounds ...)
	NOT-FOR-US: Android
CVE-2019-9234 (In wpa_supplicant_8, there is a possible out of bounds read due to a m ...)
	NOT-FOR-US: Android
CVE-2019-9233 (In wpa_supplicant_8, there is a possible out of bounds read due to an  ...)
	NOT-FOR-US: Android
CVE-2019-9232 (In libvpx, there is a possible out of bounds read due to a missing bou ...)
	{DSA-4578-1 DLA-2012-1}
	- libvpx 1.8.1-2
	NOTE: https://github.com/webmproject/libvpx/commit/46e17f0cb4a80b36755c84b8bf15731d3386c08f
CVE-2019-9231 (An issue was discovered on AudioCodes Mediant 500L-MSBR, 500-MBSR, M80 ...)
	NOT-FOR-US: AudioCodes Mediant devices
CVE-2019-9230 (An issue was discovered on AudioCodes Mediant 500L-MSBR, 500-MBSR, M80 ...)
	NOT-FOR-US: AudioCodes Mediant devices
CVE-2019-9229 (An issue was discovered on AudioCodes Mediant 500L-MSBR, 500-MBSR, M80 ...)
	NOT-FOR-US: AudioCodes
CVE-2019-9228 (** DISPUTED ** An issue was discovered on AudioCodes Mediant 500L-MSBR ...)
	NOT-FOR-US: AudioCodes
CVE-2019-9227 (An issue was discovered in baigo CMS 2.1.1. There is a vulnerability t ...)
	NOT-FOR-US: baigo CMS
CVE-2019-9226 (An issue was discovered in baigo CMS 2.1.1. There is a persistent XSS  ...)
	NOT-FOR-US: baigo CMS
CVE-2019-9225 (An issue was discovered in GitLab Community and Enterprise Edition bef ...)
	[experimental] - gitlab 11.8.2-1
	- gitlab 11.8.2-2 (bug #924447)
	NOTE: https://about.gitlab.com/2019/03/04/security-release-gitlab-11-dot-8-dot-1-released/
CVE-2019-9224 (An issue was discovered in GitLab Community and Enterprise Edition bef ...)
	[experimental] - gitlab 11.8.2-1
	- gitlab 11.8.2-2 (bug #924447)
	NOTE: https://about.gitlab.com/2019/03/04/security-release-gitlab-11-dot-8-dot-1-released/
CVE-2019-9223 (An issue was discovered in GitLab Community and Enterprise Edition bef ...)
	[experimental] - gitlab 11.8.2-1
	- gitlab 11.8.2-2 (bug #924447)
	NOTE: https://about.gitlab.com/2019/03/04/security-release-gitlab-11-dot-8-dot-1-released/
CVE-2019-9222 (An issue was discovered in GitLab Community and Enterprise Edition bef ...)
	[experimental] - gitlab 11.8.2-1
	- gitlab 11.8.2-2 (bug #924447)
	NOTE: https://about.gitlab.com/2019/03/04/security-release-gitlab-11-dot-8-dot-1-released/
CVE-2019-9221 (An issue was discovered in GitLab Community and Enterprise Edition bef ...)
	[experimental] - gitlab 11.8.2-1
	- gitlab 11.8.2-2 (bug #924447)
	NOTE: https://about.gitlab.com/2019/03/04/security-release-gitlab-11-dot-8-dot-1-released/
CVE-2019-9220 (An issue was discovered in GitLab Community and Enterprise Edition bef ...)
	[experimental] - gitlab 11.8.2-1
	- gitlab 11.8.2-2 (bug #924447)
	NOTE: https://about.gitlab.com/2019/03/04/security-release-gitlab-11-dot-8-dot-1-released/
CVE-2019-9219 (An issue was discovered in GitLab Community and Enterprise Edition bef ...)
	[experimental] - gitlab 11.8.2-1
	- gitlab 11.8.2-2 (bug #924447)
	NOTE: https://about.gitlab.com/2019/03/04/security-release-gitlab-11-dot-8-dot-1-released/
CVE-2019-9218 (An issue was discovered in GitLab Community and Enterprise Edition bef ...)
	[experimental] - gitlab 11.8.2-1
	- gitlab 11.8.2-2 (bug #924447)
	NOTE: https://about.gitlab.com/2019/03/04/security-release-gitlab-11-dot-8-dot-1-released/
CVE-2019-9217 (An issue was discovered in GitLab Community and Enterprise Edition bef ...)
	[experimental] - gitlab 11.8.2-1
	- gitlab 11.8.2-2 (bug #924447)
	NOTE: https://about.gitlab.com/2019/03/04/security-release-gitlab-11-dot-8-dot-1-released/
CVE-2019-9216
	RESERVED
CVE-2019-9215 (In Live555 before 2019.02.27, malformed headers lead to invalid memory ...)
	{DSA-4408-1 DLA-1720-1}
	[experimental] - liblivemedia 2019.02.27-1
	- liblivemedia 2018.11.26-1.1 (bug #924655)
	NOTE: Reporter advisory and analysis: https://tools.cisco.com/security/center/viewAlert.x?alertId=59708
CVE-2019-9214 (In Wireshark 2.4.0 to 2.4.12 and 2.6.0 to 2.6.6, the RPCAP dissector c ...)
	{DSA-4416-1}
	- wireshark 2.6.7-1 (bug #923611)
	[jessie] - wireshark <not-affected> (Vulnerable code not present)
	NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=15536
	NOTE: https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=c557bb0910be271e49563756411a690a1bc53ce5
	NOTE: https://www.wireshark.org/security/wnpa-sec-2019-08.html
CVE-2019-9213 (In the Linux kernel before 4.20.14, expand_downwards in mm/mmap.c lack ...)
	{DLA-1771-1 DLA-1731-1}
	- linux 4.19.28-1
	[stretch] - linux 4.9.168-1
	NOTE: Fixed by: https://git.kernel.org/linus/0a1d52994d440e21def1c2174932410b4f2a98a1 (5.0)
	NOTE: https://bugs.chromium.org/p/project-zero/issues/detail?id=1792
CVE-2019-9212 (** DISPUTED ** SOFA-Hessian through 4.0.2 allows remote attackers to e ...)
	NOT-FOR-US: SOFA-Hessian
CVE-2019-9211 (There is a reachable assertion abort in the function write_long_string ...)
	- pspp <unfixed> (unimportant; bug #923417)
	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1683499
	NOTE: Crash in CLI tool, no security impact
CVE-2019-9210 (In AdvanceCOMP 2.1, png_compress in pngex.cc in advpng has an integer  ...)
	{DLA-1702-1}
	- advancecomp 2.1-2 (low; bug #923416)
	[stretch] - advancecomp <no-dsa> (Minor issue)
	NOTE: https://sourceforge.net/p/advancemame/bugs/277/
	NOTE: Fixed by https://github.com/amadvance/advancecomp/commit/fcf71a89265c78fc26243574dda3a872574a5c02
CVE-2019-9209 (In Wireshark 2.4.0 to 2.4.12 and 2.6.0 to 2.6.6, the ASN.1 BER and rel ...)
	{DSA-4416-1 DLA-1729-1}
	- wireshark 2.6.7-1 (bug #923611)
	NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=15447
	NOTE: https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=f8fbe9f934d65b2694fa74622e5eb2e1dc8cd20b
	NOTE: https://www.wireshark.org/security/wnpa-sec-2019-06.html
CVE-2019-9208 (In Wireshark 2.4.0 to 2.4.12 and 2.6.0 to 2.6.6, the TCAP dissector co ...)
	{DSA-4416-1}
	- wireshark 2.6.7-1 (bug #923611)
	[jessie] - wireshark <not-affected> (Vulnerable code not present)
	NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=15464
	NOTE: https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=3d1b8004ed3a07422ca5d4e4ee8097150b934fd2
	NOTE: https://www.wireshark.org/security/wnpa-sec-2019-07.html
CVE-2019-9207 (PRTG Network Monitor v7.1.3.3378 allows XSS via the /search.htm search ...)
	NOT-FOR-US: PRTG Network Monitor
CVE-2019-9206 (PRTG Network Monitor v7.1.3.3378 allows XSS via the /public/login.htm  ...)
	NOT-FOR-US: PRTG Network Monitor
CVE-2019-9205
	RESERVED
CVE-2019-9204 (SQL injection vulnerability in Nagios IM (component of Nagios XI) befo ...)
	NOT-FOR-US: Nagios XI
CVE-2019-9203 (Authorization bypass in Nagios IM (component of Nagios XI) before 2.2. ...)
	NOT-FOR-US: Nagios XI
CVE-2019-9202 (Nagios IM (component of Nagios XI) before 2.2.7 allows authenticated u ...)
	NOT-FOR-US: Nagios XI
CVE-2019-9201 (Phoenix Contact ILC 131 ETH, ILC 131 ETH/XC, ILC 151 ETH, ILC 151 ETH/ ...)
	NOT-FOR-US: Phoenix Contact ILC
CVE-2019-9200 (A heap-based buffer underwrite exists in ImageStream::getLine() locate ...)
	{DLA-1706-1}
	- poppler 0.71.0-4 (bug #923414)
	NOTE: https://gitlab.freedesktop.org/poppler/poppler/issues/728
	NOTE: https://gitlab.freedesktop.org/poppler/poppler/commit/f4136a6353162db249f63ddb0f20611622ab61b4
CVE-2019-9199 (PoDoFo::Impose::PdfTranslator::setSource() in pdftranslator.cpp in PoD ...)
	- libpodofo 0.9.6+dfsg-5 (low; bug #923469)
	[stretch] - libpodofo <no-dsa> (Minor issue)
	[jessie] - libpodofo <no-dsa> (Minor issue)
	NOTE: https://sourceforge.net/p/podofo/tickets/40/
	NOTE: upstream fix: https://sourceforge.net/p/podofo/code/1971/
CVE-2019-9198
	RESERVED
CVE-2019-9197 (The com.unity3d.kharma protocol handler in Unity Editor 2018.3 allows  ...)
	NOT-FOR-US: Unity Editor
CVE-2019-9196 (The Face authentication component in Aware mobile liveness 2.2.1 sdk 2 ...)
	NOT-FOR-US: Aware mobile liveness
CVE-2019-9195 (util/src/zip.rs in Grin before 1.0.2 mishandles suspicious files. An a ...)
	NOT-FOR-US: Grin
CVE-2019-9194 (elFinder before 2.1.48 has a command injection vulnerability in the PH ...)
	NOT-FOR-US: elFinder
CVE-2019-9193 (** DISPUTED ** In PostgreSQL 9.3 through 11.2, the "COPY TO/FROM PROGR ...)
	- postgresql-11 <unfixed> (unimportant)
	- postgresql-9.6 <removed> (unimportant)
	- postgresql-9.4 <removed> (unimportant)
	NOTE: https://medium.com/greenwolf-security/authenticated-arbitrary-command-execution-on-postgresql-9-3-latest-cd18945914d5
	NOTE: https://paquier.xyz/postgresql-2/postgres-9-3-feature-highlight-copy-tofrom-program/
	NOTE: Upstream statement: https://www.postgresql.org/about/news/1935/
	NOTE: Issue is not to be considered a vulnerability and disupted to be valid.
CVE-2019-9191 (The ETSI Enterprise Transport Security (ETS, formerly known as eTLS) p ...)
	NOT-FOR-US: ETSI protocol
CVE-2019-9190
	RESERVED
CVE-2019-9189 (Prima Systems FlexAir, Versions 2.4.9api3 and prior. The application a ...)
	NOT-FOR-US: Prima Systems FlexAir devices
CVE-2019-9188
	RESERVED
CVE-2019-9187 (ikiwiki before 3.20170111.1 and 3.2018x and 3.2019x before 3.20190228  ...)
	{DSA-4399-1 DLA-1716-1}
	- ikiwiki 3.20190228-1
	NOTE: https://ikiwiki.info/security/#cve-2019-9187
	NOTE: https://www.openwall.com/lists/oss-security/2019/02/28/1
	NOTE: http://source.ikiwiki.branchable.com/?p=source.git;a=commitdiff;h=e7b0d4a
	NOTE: http://source.ikiwiki.branchable.com/?p=source.git;a=commitdiff;h=67543ce
	NOTE: http://source.ikiwiki.branchable.com/?p=source.git;a=commitdiff;h=d283e4c
	NOTE: http://source.ikiwiki.branchable.com/?p=source.git;a=commitdiff;h=9a275b2
CVE-2019-9186 (In several JetBrains IntelliJ IDEA versions, a Spring Boot run configu ...)
	- intellij-idea <itp> (bug #747616)
CVE-2019-9185 (Controller/Async/FilesystemManager.php in the filemanager in Bolt befo ...)
	NOT-FOR-US: Bolt CMS
CVE-2019-9184 (SQL injection vulnerability in the J2Store plugin 3.x before 3.3.7 for ...)
	NOT-FOR-US: J2Store plugin for Joomla!
CVE-2019-9183
	RESERVED
CVE-2019-9182 (There is a CSRF in ZZZCMS zzzphp V1.6.1 via a /admin015/save.php?act=e ...)
	NOT-FOR-US: ZZZCMS
CVE-2019-9181 (SchoolCMS version 2.3.1 allows file upload via the logo upload feature ...)
	NOT-FOR-US: SchoolCMS
CVE-2019-9180
	RESERVED
CVE-2019-9179 (An issue was discovered in GitLab Community and Enterprise Edition bef ...)
	[experimental] - gitlab 11.8.2-1
	- gitlab 11.8.2-2 (bug #924447)
	NOTE: https://about.gitlab.com/2019/03/04/security-release-gitlab-11-dot-8-dot-1-released/
CVE-2019-9178 (An issue was discovered in GitLab Community and Enterprise Edition bef ...)
	[experimental] - gitlab 11.8.2-1
	- gitlab 11.8.2-2 (bug #924447)
	NOTE: https://about.gitlab.com/2019/03/04/security-release-gitlab-11-dot-8-dot-1-released/
CVE-2019-9177
	REJECTED
CVE-2019-9176 (An issue was discovered in GitLab Community and Enterprise Edition bef ...)
	[experimental] - gitlab 11.8.2-1
	- gitlab 11.8.2-2 (bug #924447)
	NOTE: https://about.gitlab.com/2019/03/04/security-release-gitlab-11-dot-8-dot-1-released/
CVE-2019-9175 (An issue was discovered in GitLab Community and Enterprise Edition bef ...)
	[experimental] - gitlab 11.8.2-1
	- gitlab 11.8.2-2 (bug #924447)
	NOTE: https://about.gitlab.com/2019/03/04/security-release-gitlab-11-dot-8-dot-1-released/
CVE-2019-9174 (An issue was discovered in GitLab Community and Enterprise Edition bef ...)
	[experimental] - gitlab 11.8.2-1
	- gitlab 11.8.2-2 (bug #924447)
	NOTE: https://about.gitlab.com/2019/03/04/security-release-gitlab-11-dot-8-dot-1-released/
CVE-2019-9173
	RESERVED
CVE-2019-9172 (An issue was discovered in GitLab Community and Enterprise Edition bef ...)
	[experimental] - gitlab 11.8.2-1
	- gitlab 11.8.2-2 (bug #924447)
	NOTE: https://about.gitlab.com/2019/03/04/security-release-gitlab-11-dot-8-dot-1-released/
CVE-2019-9171 (An issue was discovered in GitLab Community and Enterprise Edition bef ...)
	[experimental] - gitlab 11.8.2-1
	- gitlab 11.8.2-2 (bug #924447)
	NOTE: https://about.gitlab.com/2019/03/04/security-release-gitlab-11-dot-8-dot-1-released/
CVE-2019-9170 (An issue was discovered in GitLab Community and Enterprise Edition bef ...)
	[experimental] - gitlab 11.8.2-1
	- gitlab 11.8.2-2 (bug #924447)
	NOTE: https://about.gitlab.com/2019/03/04/security-release-gitlab-11-dot-8-dot-1-released/
CVE-2019-9169 (In the GNU C Library (aka glibc or libc6) through 2.29, proceed_next_n ...)
	- glibc 2.28-9 (bug #924612)
	[stretch] - glibc <no-dsa> (Minor issue)
	[jessie] - glibc <no-dsa> (Minor issue)
	- eglibc <removed>
	NOTE: https://debbugs.gnu.org/cgi/bugreport.cgi?bug=34140
	NOTE: https://debbugs.gnu.org/cgi/bugreport.cgi?bug=34142
	NOTE: https://sourceware.org/bugzilla/show_bug.cgi?id=24114
	NOTE: https://sourceware.org/git/gitweb.cgi?p=glibc.git;a=commit;h=583dd860d5b833037175247230a328f0050dbfe9
CVE-2019-9168 (WooCommerce before 3.5.5 allows XSS via a Photoswipe caption. ...)
	NOT-FOR-US: WooCommerce
CVE-2019-9167 (Cross-site scripting (XSS) vulnerability in Nagios XI before 5.5.11 al ...)
	NOT-FOR-US: Nagios XI
CVE-2019-9166 (Privilege escalation in Nagios XI before 5.5.11 allows local attackers ...)
	NOT-FOR-US: Nagios XI
CVE-2019-9165 (SQL injection vulnerability in Nagios XI before 5.5.11 allows attacker ...)
	NOT-FOR-US: Nagios XI
CVE-2019-9164 (Command injection in Nagios XI before 5.5.11 allows an authenticated u ...)
	NOT-FOR-US: Nagios XI
CVE-2019-9163 (The connection initiation process in March Networks Command Client bef ...)
	NOT-FOR-US: March Networks
CVE-2019-9161 (WAC on the Sangfor Sundray WLAN Controller version 3.7.4.2 and earlier ...)
	NOT-FOR-US: Sangfor Sundray WLAN Controller
CVE-2019-9160 (WAC on the Sangfor Sundray WLAN Controller version 3.7.4.2 and earlier ...)
	NOT-FOR-US: Sangfor Sundray WLAN Controller
CVE-2019-9159
	RESERVED
CVE-2019-9158 (Gemalto DS3 Authentication Server 2.6.1-SP01 has Broken Access Control ...)
	NOT-FOR-US: Gemalto DS3 Authentication Server
CVE-2019-9157 (Gemalto DS3 Authentication Server 2.6.1-SP01 allows Local File Disclos ...)
	NOT-FOR-US: Gemalto DS3 Authentication Server
CVE-2019-9156 (Gemalto DS3 Authentication Server 2.6.1-SP01 allows OS Command Injecti ...)
	NOT-FOR-US: Gemalto DS3 Authentication Server
CVE-2019-9192 (** DISPUTED ** In the GNU C Library (aka glibc or libc6) through 2.29, ...)
	- glibc <unfixed> (unimportant)
	- eglibc <removed> (unimportant)
	NOTE: https://sourceware.org/bugzilla/show_bug.cgi?id=24269
CVE-2019-9162 (In the Linux kernel before 4.20.12, net/ipv4/netfilter/nf_nat_snmp_bas ...)
	- linux 4.19.28-1
	[stretch] - linux <not-affected> (Vulnerable code not present)
	[jessie] - linux <not-affected> (Vulnerable code not present)
	NOTE: Fixed by: https://git.kernel.org/linus/c4c07b4d6fa1f11880eab8e076d3d060ef3f55fc
	NOTE: https://bugs.chromium.org/p/project-zero/issues/detail?id=1776
CVE-2019-9155 (A cryptographic issue in OpenPGP.js &lt;=4.2.0 allows an attacker who  ...)
	- node-openpgp <itp> (bug #787774)
CVE-2019-9154 (Improper Verification of a Cryptographic Signature in OpenPGP.js &lt;= ...)
	- node-openpgp <itp> (bug #787774)
CVE-2019-9153 (Improper Verification of a Cryptographic Signature in OpenPGP.js &lt;= ...)
	- node-openpgp <itp> (bug #787774)
CVE-2019-9152 (An issue was discovered in the HDF HDF5 1.10.4 library. There is an ou ...)
	- hdf5 <unfixed>
	[buster] - hdf5 <no-dsa> (Minor issue)
	[stretch] - hdf5 <no-dsa> (Minor issue)
	[jessie] - hdf5 <ignored> (Minor issue)
	NOTE: https://github.com/magicSwordsMan/PAAFS/tree/master/vul8
	NOTE: issue in upstream bug tracker: https://jira.hdfgroup.org/browse/HDFFV-10719
CVE-2019-9151 (An issue was discovered in the HDF HDF5 1.10.4 library. There is an ou ...)
	- hdf5 <unfixed>
	[buster] - hdf5 <no-dsa> (Minor issue)
	[stretch] - hdf5 <no-dsa> (Minor issue)
	[jessie] - hdf5 <ignored> (Minor issue)
	NOTE: https://github.com/magicSwordsMan/PAAFS/tree/master/vul7
	NOTE: issue in upstream bug tracker: https://jira.hdfgroup.org/browse/HDFFV-10718
CVE-2019-9150 (Mailvelope prior to 3.3.0 does not require user interaction to import  ...)
	NOT-FOR-US: Mailvelope
CVE-2019-9149 (Mailvelope prior to 3.3.0 allows private key operations without user i ...)
	NOT-FOR-US: Mailvelope
CVE-2019-9148 (Mailvelope prior to 3.3.0 accepts or operates with invalid PGP public  ...)
	NOT-FOR-US: Mailvelope
CVE-2019-9147 (Mailvelope prior to 3.1.0 is vulnerable to a clickjacking attack again ...)
	NOT-FOR-US: Mailvelope
CVE-2019-9146 (Jamf Self Service 10.9.0 allows man-in-the-middle attackers to obtain  ...)
	NOT-FOR-US: Jamf Self Service
CVE-2019-9145 (An issue was discovered in Hsycms V1.1. There is an XSS vulnerability  ...)
	NOT-FOR-US: Hsycms
CVE-2019-9144 (An issue was discovered in Exiv2 0.27. There is infinite recursion at  ...)
	- exiv2 0.27.2-8 (low; bug #923473)
	[buster] - exiv2 <not-affected> (Vulnerable code introduced later)
	[stretch] - exiv2 <not-affected> (Vulnerable code introduced later)
	[jessie] - exiv2 <not-affected> (Vulnerable code introduced later)
	NOTE: https://github.com/Exiv2/exiv2/issues/712
CVE-2019-9143 (An issue was discovered in Exiv2 0.27. There is infinite recursion at  ...)
	- exiv2 0.27.2-8 (low; bug #923472)
	[buster] - exiv2 <not-affected> (Vulnerable code introduced later)
	[stretch] - exiv2 <not-affected> (Vulnerable code introduced later)
	[jessie] - exiv2 <not-affected> (Vulnerable code introduced later)
	NOTE: https://github.com/Exiv2/exiv2/issues/711
CVE-2019-9142 (An issue was discovered in b3log Symphony (aka Sym) before v3.4.7. XSS ...)
	NOT-FOR-US: b3log Symphony (aka Sym)
CVE-2019-9141 (ZInsVX.dll ActiveX Control 2018.02 and earlier in Zoneplayer contains  ...)
	NOT-FOR-US: Zoneplayer
CVE-2019-9140 (When processing Deeplink scheme, Happypoint mobile app 6.3.19 and earl ...)
	NOT-FOR-US: Happypoint mobile app
CVE-2019-9139 (DaviewIndy 8.98.7 and earlier versions have a Integer overflow vulnera ...)
	NOT-FOR-US: DaviewIndy
CVE-2019-9138 (DaviewIndy 8.98.7 and earlier versions have a Integer overflow vulnera ...)
	NOT-FOR-US: DaviewIndy
CVE-2019-9137 (DaviewIndy 8.98.7 and earlier versions have a Integer overflow vulnera ...)
	NOT-FOR-US: DaviewIndy
CVE-2019-9136 (DaviewIndy 8.98.7 and earlier versions have a Heap-based overflow vuln ...)
	NOT-FOR-US: DaviewIndy
CVE-2019-9135 (DaviewIndy 8.98.7 and earlier versions have a Heap-based overflow vuln ...)
	NOT-FOR-US: DaviewIndy
CVE-2019-9134 (Architectural Information System 1.0 and earlier versions have a Stack ...)
	NOT-FOR-US: Architectural Information System
CVE-2019-9133 (When processing subtitles format media file, KMPlayer version 2018.12. ...)
	NOT-FOR-US: KMPlayer (different from src:kmplayer)
CVE-2019-9132 (Remote code execution vulnerability exists in KaKaoTalk PC messenger w ...)
	NOT-FOR-US: KaKaoTalk PC messenger
CVE-2019-9131
	RESERVED
CVE-2019-9130
	RESERVED
CVE-2019-9129
	RESERVED
CVE-2019-9128
	RESERVED
CVE-2019-9127
	RESERVED
CVE-2019-9126 (An issue was discovered on D-Link DIR-825 Rev.B 2.10 devices. There is ...)
	NOT-FOR-US: D-Link
CVE-2019-9125 (An issue was discovered on D-Link DIR-878 1.12B01 devices. Because str ...)
	NOT-FOR-US: D-Link
CVE-2019-9124 (An issue was discovered on D-Link DIR-878 1.12B01 devices. At the /HNA ...)
	NOT-FOR-US: D-Link
CVE-2019-9123 (An issue was discovered on D-Link DIR-825 Rev.B 2.10 devices. The "use ...)
	NOT-FOR-US: D-Link
CVE-2019-9122 (An issue was discovered on D-Link DIR-825 Rev.B 2.10 devices. They all ...)
	NOT-FOR-US: D-Link
CVE-2019-9121 (An issue was discovered on Motorola C1 and M2 devices with firmware 1. ...)
	NOT-FOR-US: Motorola
CVE-2019-9120 (An issue was discovered on Motorola C1 and M2 devices with firmware 1. ...)
	NOT-FOR-US: Motorola
CVE-2019-9119 (An issue was discovered on Motorola C1 and M2 devices with firmware 1. ...)
	NOT-FOR-US: Motorola
CVE-2019-9118 (An issue was discovered on Motorola C1 and M2 devices with firmware 1. ...)
	NOT-FOR-US: Motorola
CVE-2019-9117 (An issue was discovered on Motorola C1 and M2 devices with firmware 1. ...)
	NOT-FOR-US: Motorola
CVE-2019-9116 (** DISPUTED ** DLL hijacking is possible in Sublime Text 3 version 3.1 ...)
	NOT-FOR-US: Sublime Text Windows build
CVE-2019-9115 (In irisnet-crypto before 1.1.7 for IRISnet, the util/utils.js file all ...)
	NOT-FOR-US: IRISnet
CVE-2019-9114 (Ming (aka libming) 0.4.8 has an out of bounds write vulnerability in t ...)
	- ming <removed>
	NOTE: https://github.com/libming/libming/issues/170
CVE-2019-9113 (Ming (aka libming) 0.4.8 has a NULL pointer dereference in the functio ...)
	- ming <removed>
	NOTE: https://github.com/libming/libming/issues/171
CVE-2019-9112 (The msm gpu driver for custom Linux kernels on the Xiaomi perseus-p-os ...)
	NOT-FOR-US: Xiaomi-specific driver not in the mainline msm driver
CVE-2019-9111 (The msm gpu driver for custom Linux kernels on the Xiaomi perseus-p-os ...)
	NOT-FOR-US: Xiaomi-specific driver not in the mainline msm driver
CVE-2019-9110 (XSS exists in WUZHI CMS 4.1.0 via index.php?m=content&amp;f=postinfo&a ...)
	NOT-FOR-US: WUZHI CMS
CVE-2019-9109 (XSS exists in WUZHI CMS 4.1.0 via index.php?m=message&amp;f=message&am ...)
	NOT-FOR-US: WUZHI CMS
CVE-2019-9108 (XSS exists in WUZHI CMS 4.1.0 via index.php?m=core&amp;f=map&amp;v=bai ...)
	NOT-FOR-US: WUZHI CMS
CVE-2019-9107 (XSS exists in WUZHI CMS 4.1.0 via index.php?m=attachment&amp;f=imagecu ...)
	NOT-FOR-US: WUZHI CMS
CVE-2019-9106 (The WebApp v04.68 in the supervisor on SAET Impianti Speciali TEBE Sma ...)
	NOT-FOR-US: SAET Impianti Speciali TEBE Small devices
CVE-2019-9105 (The WebApp v04.68 in the supervisor on SAET Impianti Speciali TEBE Sma ...)
	NOT-FOR-US: SAET Impianti Speciali TEBE Small devices
CVE-2019-9104 (An issue was discovered on Moxa MGate MB3170 and MB3270 devices before ...)
	NOT-FOR-US: Moxa
CVE-2019-9103 (An issue was discovered on Moxa MGate MB3170 and MB3270 devices before ...)
	NOT-FOR-US: Moxa
CVE-2019-9102 (An issue was discovered on Moxa MGate MB3170 and MB3270 devices before ...)
	NOT-FOR-US: Moxa
CVE-2019-9101 (An issue was discovered on Moxa MGate MB3170 and MB3270 devices before ...)
	NOT-FOR-US: Moxa
CVE-2019-9100
	RESERVED
CVE-2019-9099 (An issue was discovered on Moxa MGate MB3170 and MB3270 devices before ...)
	NOT-FOR-US: Moxa
CVE-2019-9098 (An issue was discovered on Moxa MGate MB3170 and MB3270 devices before ...)
	NOT-FOR-US: Moxa
CVE-2019-9097 (An issue was discovered on Moxa MGate MB3170 and MB3270 devices before ...)
	NOT-FOR-US: Moxa
CVE-2019-9096 (An issue was discovered on Moxa MGate MB3170 and MB3270 devices before ...)
	NOT-FOR-US: Moxa
CVE-2019-9095 (An issue was discovered on Moxa MGate MB3170 and MB3270 devices before ...)
	NOT-FOR-US: Moxa
CVE-2019-9094 (A Reflected Cross Site Scripting (XSS) Vulnerability was discovered in ...)
	NOT-FOR-US: Humhub
CVE-2019-9093 (A Reflected Cross Site Scripting (XSS) Vulnerability was discovered in ...)
	NOT-FOR-US: Humhub
CVE-2019-9092
	RESERVED
CVE-2019-9091
	RESERVED
CVE-2019-9090
	RESERVED
CVE-2019-9089
	RESERVED
CVE-2019-9088
	RESERVED
CVE-2019-9087 (HotelDruid before v2.3.1 has SQL Injection via the /tab_tariffe.php nu ...)
	- hoteldruid 2.3.2-1
	[stretch] - hoteldruid <ignored> (Minor issue)
	[jessie] - hoteldruid <no-dsa> (low popcon)
CVE-2019-9086 (HotelDruid before v2.3.1 has SQL Injection via the /visualizza_tabelle ...)
	- hoteldruid 2.3.2-1
	[stretch] - hoteldruid <ignored> (Minor issue)
	[jessie] - hoteldruid <no-dsa> (low popcon)
CVE-2019-9085 (Hoteldruid before v2.3.1 allows remote authenticated users to cause a  ...)
	- hoteldruid 2.3.2-1
	[stretch] - hoteldruid <ignored> (Minor issue)
	[jessie] - hoteldruid <no-dsa> (low popcon)
CVE-2019-9084 (In Hoteldruid before 2.3.1, a division by zero was discovered in $num_ ...)
	- hoteldruid 2.3.2-1
	[stretch] - hoteldruid <ignored> (Minor issue)
	[jessie] - hoteldruid <no-dsa> (low popcon)
CVE-2019-9083 (SQLiteManager 1.20 and 1.24 allows SQL injection via the /sqlitemanage ...)
	NOT-FOR-US: SQLiteManager
CVE-2019-9082 (ThinkPHP before 3.2.4, as used in Open Source BMS v1.1.1 and other pro ...)
	NOT-FOR-US: ThinkPHP
CVE-2019-9081 (The Illuminate component of Laravel Framework 5.7.x has a deserializat ...)
	NOT-FOR-US: Laravel Framework
CVE-2019-9080
	RESERVED
CVE-2019-9079
	RESERVED
CVE-2019-9078 (zzcms 2019 has XSS via an arbitrary user/ask.php?do=modify parameter b ...)
	NOT-FOR-US: zzcms
CVE-2019-9077 (An issue was discovered in GNU Binutils 2.32. It is a heap-based buffe ...)
	- binutils 2.32.51.20190707-1 (unimportant)
	NOTE: https://sourceware.org/bugzilla/show_bug.cgi?id=24243
	NOTE: https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=7fc0c668f2aceb8582d74db1ad2528e2bba8a921
	NOTE: binutils not covered by security support
CVE-2019-9076 (An issue was discovered in the Binary File Descriptor (BFD) library (a ...)
	NOTE: Disputed by binutils upstream, not considered a bug
	NOTE: https://sourceware.org/bugzilla/show_bug.cgi?id=24238
CVE-2019-9075 (An issue was discovered in the Binary File Descriptor (BFD) library (a ...)
	- binutils 2.32.51.20190707-1 (unimportant)
	NOTE: https://sourceware.org/bugzilla/show_bug.cgi?id=24236
	NOTE: https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=8abac8031ed369a2734b1cdb7df28a39a54b4b49
	NOTE: binutils not covered by security support
CVE-2019-9074 (An issue was discovered in the Binary File Descriptor (BFD) library (a ...)
	- binutils 2.32.51.20190707-1 (unimportant)
	NOTE: https://sourceware.org/bugzilla/show_bug.cgi?id=24235
	NOTE: https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=179f2db0d9c397d7dd8a59907b84208b79f7f48c
	NOTE: binutils not covered by security support
CVE-2019-9073 (An issue was discovered in the Binary File Descriptor (BFD) library (a ...)
	- binutils 2.32.51.20190707-1 (unimportant)
	NOTE: https://sourceware.org/bugzilla/show_bug.cgi?id=24233
	NOTE: https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=7d272a55caebfc26ab2e15d1e9439bac978b9bb7
	NOTE: binutils not covered by security support
CVE-2019-9072 (An issue was discovered in the Binary File Descriptor (BFD) library (a ...)
	NOTE: Disputed by binutils upstream, not considered a bug
	NOTE: https://gcc.gnu.org/bugzilla/show_bug.cgi?id=89396
	NOTE: https://sourceware.org/bugzilla/show_bug.cgi?id=24232
	NOTE: https://sourceware.org/bugzilla/show_bug.cgi?id=24237
CVE-2019-9071 (An issue was discovered in GNU libiberty, as distributed in GNU Binuti ...)
	- binutils 2.32.51.20190707-1 (unimportant)
	NOTE: https://gcc.gnu.org/bugzilla/show_bug.cgi?id=89394
	NOTE: https://sourceware.org/bugzilla/show_bug.cgi?id=24227
	NOTE: binutils not covered by security support
CVE-2019-9070 (An issue was discovered in GNU libiberty, as distributed in GNU Binuti ...)
	- binutils 2.32.51.20190707-1 (unimportant)
	NOTE: https://gcc.gnu.org/bugzilla/show_bug.cgi?id=89395
	NOTE: https://sourceware.org/bugzilla/show_bug.cgi?id=24229
	NOTE: binutils not covered by security support
CVE-2019-9069
	RESERVED
CVE-2019-9068
	RESERVED
CVE-2019-9067
	RESERVED
CVE-2019-9066 (PHP Scripts Mall PHP Appointment Booking Script 3.0.3 allows HTML inje ...)
	NOT-FOR-US: PHP Scripts Mall PHP Appointment Booking Script
CVE-2019-9065 (PHP Scripts Mall Custom T-Shirt Ecommerce Script 3.1.1 allows paramete ...)
	NOT-FOR-US: PHP Scripts Mall Custom T-Shirt Ecommerce Script
CVE-2019-9064 (PHP Scripts Mall Cab Booking Script 1.0.3 allows Directory Traversal i ...)
	NOT-FOR-US: PHP Scripts Mall Cab Booking Script
CVE-2019-9063 (PHP Scripts Mall Auction website script 2.0.4 allows parameter tamperi ...)
	NOT-FOR-US: PHP Scripts Mall Auction website script
CVE-2019-9062 (PHP Scripts Mall Online Food Ordering Script 1.0 has Cross-Site Reques ...)
	NOT-FOR-US: PHP Scripts Mall Online Food Ordering Script
CVE-2019-9061 (An issue was discovered in CMS Made Simple 2.2.8. In the module Module ...)
	NOT-FOR-US: CMS Made Simple
CVE-2019-9060
	RESERVED
CVE-2019-9059 (An issue was discovered in CMS Made Simple 2.2.8. It is possible, with ...)
	NOT-FOR-US: CMS Made Simple
CVE-2019-9058 (An issue was discovered in CMS Made Simple 2.2.8. In the administrator ...)
	NOT-FOR-US: CMS Made Simple
CVE-2019-9057 (An issue was discovered in CMS Made Simple 2.2.8. In the module FilePi ...)
	NOT-FOR-US: CMS Made Simple
CVE-2019-9056 (An issue was discovered in CMS Made Simple 2.2.8. In the module FrontE ...)
	NOT-FOR-US: CMS Made Simple
CVE-2019-9055 (An issue was discovered in CMS Made Simple 2.2.8. In the module Design ...)
	NOT-FOR-US: CMS Made Simple
CVE-2019-9054
	RESERVED
CVE-2019-9053 (An issue was discovered in CMS Made Simple 2.2.8. It is possible with  ...)
	NOT-FOR-US: CMS Made Simple
CVE-2019-9052 (An issue was discovered in Pluck 4.7.9-dev1. There is a CSRF vulnerabi ...)
	NOT-FOR-US: Pluck CMS
CVE-2019-9051 (An issue was discovered in Pluck 4.7.9-dev1. There is a CSRF vulnerabi ...)
	NOT-FOR-US: Pluck CMS
CVE-2019-9050 (An issue was discovered in Pluck 4.7.9-dev1. It allows administrators  ...)
	NOT-FOR-US: Pluck CMS
CVE-2019-9049 (An issue was discovered in Pluck 4.7.9-dev1. There is a CSRF vulnerabi ...)
	NOT-FOR-US: Pluck CMS
CVE-2019-9048 (An issue was discovered in Pluck 4.7.9-dev1. There is a CSRF vulnerabi ...)
	NOT-FOR-US: Pluck CMS
CVE-2019-9047 (GoRose v1.0.4 has SQL Injection when the order_by or group_by paramete ...)
	NOT-FOR-US: GoRose
CVE-2019-9046
	RESERVED
CVE-2019-9045
	RESERVED
CVE-2019-9044
	RESERVED
CVE-2019-9043
	RESERVED
CVE-2019-9042 (** DISPUTED ** An issue was discovered in Sitemagic CMS v4.4. In the i ...)
	NOT-FOR-US: Sitemagic CMS
CVE-2019-9041 (An issue was discovered in ZZZCMS zzzphp V1.6.1. In the inc/zzz_templa ...)
	NOT-FOR-US: ZZZCMS
CVE-2019-9040 (S-CMS PHP v3.0 has a CSRF vulnerability to add a new admin user via th ...)
	NOT-FOR-US: S-CMS
CVE-2019-9039 (In Couchbase Sync Gateway 2.1.2, an attacker with access to the Sync G ...)
	NOT-FOR-US: Couchbase Sync Gateway
CVE-2019-9038 (An issue was discovered in libmatio.a in matio (aka MAT File I/O Libra ...)
	- libmatio 1.5.13-2 (low; bug #924185)
	[stretch] - libmatio <no-dsa> (Minor issue)
	NOTE: https://github.com/tbeu/matio/issues/103
	NOTE: https://github.com/tbeu/matio/commit/a0539135c9b1ab7613aa7953279da9224da88775
	NOTE: https://github.com/tbeu/matio/commit/2c20d2178017b3eb13ab160cef239648f9915bdb
CVE-2019-9037 (An issue was discovered in libmatio.a in matio (aka MAT File I/O Libra ...)
	- libmatio 1.5.13-2 (low; bug #924185)
	[stretch] - libmatio <no-dsa> (Minor issue)
	NOTE: https://github.com/tbeu/matio/issues/103
	NOTE: https://github.com/tbeu/matio/commit/a0539135c9b1ab7613aa7953279da9224da88775
	NOTE: https://github.com/tbeu/matio/commit/2c20d2178017b3eb13ab160cef239648f9915bdb
CVE-2019-9036 (An issue was discovered in libmatio.a in matio (aka MAT File I/O Libra ...)
	- libmatio 1.5.13-2 (low; bug #924185)
	[stretch] - libmatio <no-dsa> (Minor issue)
	NOTE: https://github.com/tbeu/matio/issues/103
	NOTE: https://github.com/tbeu/matio/commit/a0539135c9b1ab7613aa7953279da9224da88775
	NOTE: https://github.com/tbeu/matio/commit/2c20d2178017b3eb13ab160cef239648f9915bdb
	NOTE: Not completely fixed with the initial two commits, cf.
	NOTE: https://github.com/tbeu/matio/issues/103#issuecomment-472020538 ff
CVE-2019-9035 (An issue was discovered in libmatio.a in matio (aka MAT File I/O Libra ...)
	- libmatio 1.5.13-2 (low; bug #924185)
	[stretch] - libmatio <no-dsa> (Minor issue)
	NOTE: https://github.com/tbeu/matio/issues/103
	NOTE: https://github.com/tbeu/matio/commit/a0539135c9b1ab7613aa7953279da9224da88775
	NOTE: https://github.com/tbeu/matio/commit/2c20d2178017b3eb13ab160cef239648f9915bdb
CVE-2019-9034 (An issue was discovered in libmatio.a in matio (aka MAT File I/O Libra ...)
	- libmatio 1.5.13-2 (low; bug #924185)
	[stretch] - libmatio <no-dsa> (Minor issue)
	NOTE: https://github.com/tbeu/matio/issues/103
	NOTE: https://github.com/tbeu/matio/commit/a0539135c9b1ab7613aa7953279da9224da88775
	NOTE: https://github.com/tbeu/matio/commit/2c20d2178017b3eb13ab160cef239648f9915bdb
CVE-2019-9033 (An issue was discovered in libmatio.a in matio (aka MAT File I/O Libra ...)
	- libmatio 1.5.13-2 (low; bug #924185)
	[stretch] - libmatio <no-dsa> (Minor issue)
	NOTE: https://github.com/tbeu/matio/issues/103
	NOTE: https://github.com/tbeu/matio/commit/a0539135c9b1ab7613aa7953279da9224da88775
	NOTE: https://github.com/tbeu/matio/commit/2c20d2178017b3eb13ab160cef239648f9915bdb
CVE-2019-9032 (An issue was discovered in libmatio.a in matio (aka MAT File I/O Libra ...)
	- libmatio 1.5.13-2 (low; bug #924185)
	[stretch] - libmatio <no-dsa> (Minor issue)
	NOTE: https://github.com/tbeu/matio/issues/103
	NOTE: https://github.com/tbeu/matio/commit/a0539135c9b1ab7613aa7953279da9224da88775
	NOTE: https://github.com/tbeu/matio/commit/2c20d2178017b3eb13ab160cef239648f9915bdb
CVE-2019-9031 (An issue was discovered in libmatio.a in matio (aka MAT File I/O Libra ...)
	- libmatio 1.5.13-2 (low; bug #924185)
	[stretch] - libmatio <no-dsa> (Minor issue)
	NOTE: https://github.com/tbeu/matio/issues/103
	NOTE: https://github.com/tbeu/matio/commit/a0539135c9b1ab7613aa7953279da9224da88775
	NOTE: https://github.com/tbeu/matio/commit/2c20d2178017b3eb13ab160cef239648f9915bdb
CVE-2019-9030 (An issue was discovered in libmatio.a in matio (aka MAT File I/O Libra ...)
	- libmatio 1.5.13-2 (low; bug #924185)
	[stretch] - libmatio <no-dsa> (Minor issue)
	NOTE: https://github.com/tbeu/matio/issues/103
	NOTE: https://github.com/tbeu/matio/commit/a0539135c9b1ab7613aa7953279da9224da88775
	NOTE: https://github.com/tbeu/matio/commit/2c20d2178017b3eb13ab160cef239648f9915bdb
CVE-2019-9029 (An issue was discovered in libmatio.a in matio (aka MAT File I/O Libra ...)
	- libmatio 1.5.13-2 (low; bug #924185)
	[stretch] - libmatio <no-dsa> (Minor issue)
	NOTE: https://github.com/tbeu/matio/issues/103
	NOTE: https://github.com/tbeu/matio/commit/a0539135c9b1ab7613aa7953279da9224da88775
	NOTE: https://github.com/tbeu/matio/commit/2c20d2178017b3eb13ab160cef239648f9915bdb
CVE-2019-9028 (An issue was discovered in libmatio.a in matio (aka MAT File I/O Libra ...)
	- libmatio 1.5.13-2 (low; bug #924185)
	[stretch] - libmatio <no-dsa> (Minor issue)
	NOTE: https://github.com/tbeu/matio/issues/103
	NOTE: https://github.com/tbeu/matio/commit/a0539135c9b1ab7613aa7953279da9224da88775
	NOTE: https://github.com/tbeu/matio/commit/2c20d2178017b3eb13ab160cef239648f9915bdb
CVE-2019-9027 (An issue was discovered in libmatio.a in matio (aka MAT File I/O Libra ...)
	- libmatio 1.5.13-2 (low; bug #924185)
	[stretch] - libmatio <no-dsa> (Minor issue)
	NOTE: https://github.com/tbeu/matio/issues/103
	NOTE: https://github.com/tbeu/matio/commit/a0539135c9b1ab7613aa7953279da9224da88775
	NOTE: https://github.com/tbeu/matio/commit/2c20d2178017b3eb13ab160cef239648f9915bdb
CVE-2019-9026 (An issue was discovered in libmatio.a in matio (aka MAT File I/O Libra ...)
	- libmatio 1.5.13-2 (low; bug #924185)
	[stretch] - libmatio <no-dsa> (Minor issue)
	NOTE: https://github.com/tbeu/matio/issues/103
	NOTE: https://github.com/tbeu/matio/commit/a0539135c9b1ab7613aa7953279da9224da88775
	NOTE: https://github.com/tbeu/matio/commit/2c20d2178017b3eb13ab160cef239648f9915bdb
CVE-2019-9019 (The British Airways Entertainment System, as installed on Boeing 777-3 ...)
	NOT-FOR-US: British Airways Entertainment System
CVE-2019-9025 (An issue was discovered in PHP 7.3.x before 7.3.1. An invalid multibyt ...)
	- php7.3 7.3.1-1
	NOTE: Fixed in 7.3.1
	NOTE: PHP Bug: https://bugs.php.net/bug.php?id=77367
CVE-2019-9024 (An issue was discovered in PHP before 5.6.40, 7.x before 7.1.26, 7.2.x ...)
	{DSA-4398-1 DLA-1679-1}
	- php7.3 7.3.1-1
	- php7.0 <removed>
	- php5 <removed>
	NOTE: Fixed in 5.6.40, 7.1.26, 7.2.14, 7.3.1
	NOTE: PHP Bug: https://bugs.php.net/bug.php?id=77380
	NOTE: https://github.com/php/php-src/commit/4feb9e66ff9636ad44bc23a91b7ebd37d83ddf1d (7.1)
CVE-2019-9023 (An issue was discovered in PHP before 5.6.40, 7.x before 7.1.26, 7.2.x ...)
	{DSA-4398-1 DLA-1679-1}
	- php7.3 7.3.1-1
	- php7.0 <removed>
	- php5 <removed>
	NOTE: Fixed in 5.6.40, 7.1.26, 7.2.14, 7.3.1
	NOTE: PHP Bug: https://bugs.php.net/bug.php?id=77370
	NOTE: PHP Bug: https://bugs.php.net/bug.php?id=77371
	NOTE: PHP Bug: https://bugs.php.net/bug.php?id=77381
	NOTE: PHP Bug: https://bugs.php.net/bug.php?id=77382
	NOTE: PHP Bug: https://bugs.php.net/bug.php?id=77385
	NOTE: PHP Bug: https://bugs.php.net/bug.php?id=77394
	NOTE: PHP Bug: https://bugs.php.net/bug.php?id=77418
	NOTE: https://github.com/php/php-src/commit/20407d06ca3cb5eeb10f876a812b40c381574bcc (7.1)
	NOTE: https://github.com/php/php-src/commit/31f59e1f3074ab344b473dde6077a6844ca87264 (7.1)
	NOTE: https://github.com/php/php-src/commit/28362ed4fae6969b5a8878591a5a06eadf114e03 (7.1)
	NOTE: https://github.com/php/php-src/commit/9d6c59eeea88a3e9d7039cb4fed5126ef704593a (7.1)
CVE-2019-9022 (An issue was discovered in PHP 7.x before 7.1.26, 7.2.x before 7.2.14, ...)
	{DSA-4398-1 DLA-1741-1}
	- php7.3 7.3.2-1
	- php7.0 <removed>
	- php5 <removed>
	NOTE: Fixed in 7.1.26, 7.2.14, 7.3.2
	NOTE: PHP Bug: https://bugs.php.net/bug.php?id=77369
	NOTE: https://github.com/php/php-src/commit/8d3dfabef459fe7815e8ea2fd68753fd17859d7b (7.1)
CVE-2019-9021 (An issue was discovered in PHP before 5.6.40, 7.x before 7.1.26, 7.2.x ...)
	{DSA-4398-1 DLA-1679-1}
	- php7.3 7.3.1-1
	- php7.0 <removed>
	- php5 <removed>
	NOTE: Fixed in 5.6.40, 7.1.26, 7.2.14, 7.3.1
	NOTE: PHP Bug: https://bugs.php.net/bug.php?id=77247
	NOTE: https://github.com/php/php-src/commit/78bd3477745f1ada9578a79f61edb41886bec1cb (7.1)
CVE-2019-9020 (An issue was discovered in PHP before 5.6.40, 7.x before 7.1.26, 7.2.x ...)
	{DSA-4398-1 DLA-1679-1}
	- php7.3 7.3.1-1
	- php7.0 <removed>
	- php5 <removed>
	NOTE: Fixed in 5.6.40, 7.1.26, 7.2.14, 7.3.1
	NOTE: PHP Bug: https://bugs.php.net/bug.php?id=77242
	NOTE: PHP Bug: https://bugs.php.net/bug.php?id=77249
	NOTE: https://github.com/php/php-src/commit/9c62b95e5e6a1ac3922a8819f2d56d8ea998d97a (7.1)
CVE-2019-9018
	RESERVED
CVE-2019-9017 (DWRCC in SolarWinds DameWare Mini Remote Control 10.0 x64 has a Buffer ...)
	NOT-FOR-US: SolarWinds
CVE-2019-9016 (An XSS vulnerability was discovered in MOPCMS through 2018-11-30. Ther ...)
	NOT-FOR-US: MOPCMS
CVE-2019-9015 (A Path Traversal vulnerability was discovered in MOPCMS through 2018-1 ...)
	NOT-FOR-US: MOPCMS
CVE-2019-9014
	RESERVED
CVE-2019-9013 (An issue was discovered in 3S-Smart CODESYS V3 products. The applicati ...)
	NOT-FOR-US: 3S-Smart CODESYS V3
CVE-2019-9012 (An issue was discovered in 3S-Smart CODESYS V3 products. A crafted com ...)
	NOT-FOR-US: 3S-Smart CODESYS V3
CVE-2019-9011
	RESERVED
CVE-2019-9010 (An issue was discovered in 3S-Smart CODESYS V3 products. The CODESYS G ...)
	NOT-FOR-US: 3S-Smart CODESYS V3
CVE-2019-9009 (An issue was discovered in 3S-Smart CODESYS before 3.5.15.0 . Crafted  ...)
	NOT-FOR-US: 3S-Smart
CVE-2019-9008 (An issue was discovered in 3S-Smart CODESYS V3 through 3.5.12.30. A us ...)
	NOT-FOR-US: 3S-Smart
CVE-2019-9007
	RESERVED
CVE-2019-9006
	RESERVED
CVE-2019-9005 (The Cprime Power Scripts app before 4.0.14 for Atlassian Jira allows D ...)
	NOT-FOR-US: Cprime Power Scripts app for Atlassian Jira
CVE-2019-9004 (In Eclipse Wakaama (formerly liblwm2m) 1.0, core/er-coap-13/er-coap-13 ...)
	NOT-FOR-US: Eclipse Wakaama
CVE-2019-9003 (In the Linux kernel before 4.20.5, attackers can trigger a drivers/cha ...)
	- linux 4.19.20-1
	[stretch] - linux <not-affected> (Vulnerable code not present)
	[jessie] - linux <not-affected> (Vulnerable code not present)
	NOTE: Fixed by: https://git.kernel.org/linus/77f8269606bf95fcb232ee86f6da80886f1dfae8
CVE-2019-9002 (An issue was discovered in Tiny Issue 1.3.1 and pixeline Bugs through  ...)
	NOT-FOR-US: Tiny Issue
CVE-2019-9001
	RESERVED
CVE-2019-9000
	RESERVED
CVE-2019-8999 (An XML External Entity vulnerability in the UEM Core of BlackBerry UEM ...)
	NOT-FOR-US: BlackBerry
CVE-2019-8998 (An information disclosure vulnerability leading to a potential local e ...)
	NOT-FOR-US: BlackBerry QNX Software Development Platform
CVE-2019-8997 (An XML External Entity Injection (XXE) vulnerability in the Management ...)
	NOT-FOR-US: BlackBerry
CVE-2019-8996 (In Signiant Manager+Agents before 13.5, the implementation of the set  ...)
	NOT-FOR-US: Signiant
CVE-2019-8995 (The workspace client, openspace client, and app development client of  ...)
	NOT-FOR-US: TIBCO
CVE-2019-8994 (The workspace client of TIBCO Software Inc.'s TIBCO ActiveMatrix BPM,  ...)
	NOT-FOR-US: TIBCO
CVE-2019-8993 (The administrative web server component of TIBCO Software Inc.'s TIBCO ...)
	NOT-FOR-US: TIBCO
CVE-2019-8992 (The administrative server component of TIBCO Software Inc.'s TIBCO Act ...)
	NOT-FOR-US: TIBCO
CVE-2019-8991 (The administrator web interface of TIBCO Software Inc.'s TIBCO ActiveM ...)
	NOT-FOR-US: TIBCO
CVE-2019-8990 (The HTTP Connector component of TIBCO Software Inc.'s TIBCO ActiveMatr ...)
	NOT-FOR-US: TIBCO
CVE-2019-8989 (The application server component of TIBCO Software Inc.'s TIBCO Data S ...)
	NOT-FOR-US: TIBCO
CVE-2019-8988 (The application server component of TIBCO Software Inc.'s TIBCO Data S ...)
	NOT-FOR-US: TIBCO
CVE-2019-8987 (The application server component of TIBCO Software Inc.'s TIBCO Data S ...)
	NOT-FOR-US: TIBCO
CVE-2019-8986 (The SOAP API component vulnerability of TIBCO Software Inc.'s TIBCO Ja ...)
	NOT-FOR-US: TIBCO
CVE-2019-8985 (On Netis WF2411 with firmware 2.1.36123 and other Netis WF2xxx devices ...)
	NOT-FOR-US: Netis devices
CVE-2019-8984 (MDaemon Webmail 14.x through 18.x before 18.5.2 has XSS (issue 2 of 2) ...)
	NOT-FOR-US: MDaemon Webmail
CVE-2019-8983 (MDaemon Webmail 14.x through 18.x before 18.5.2 has XSS (issue 1 of 2) ...)
	NOT-FOR-US: MDaemon Webmail
CVE-2019-8982 (com/wavemaker/studio/StudioService.java in WaveMaker Studio 6.6 mishan ...)
	NOT-FOR-US: WaveMaker Studio
CVE-2019-8981 (tls1.c in Cameron Hamilton-Rich axTLS before 2.1.5 has a Buffer Overfl ...)
	- axtls <not-affected> (Fixed with initial upload to Debian)
CVE-2019-8980 (A memory leak in the kernel_read_file function in fs/exec.c in the Lin ...)
	{DLA-1771-1}
	- linux 4.19.28-1
	[stretch] - linux 4.9.168-1
	[jessie] - linux <not-affected> (Vulnerable code not present)
	NOTE: https://lore.kernel.org/lkml/20190219021038.11340-1-yuehaibing@huawei.com/
	NOTE: https://lore.kernel.org/lkml/20190219022512.GW2217@ZenIV.linux.org.uk/
CVE-2019-8979 (Kohana through 3.3.6 has SQL Injection when the order_by() parameter c ...)
	- libkohana2-php <removed>
	[jessie] - libkohana2-php <not-affected> (orderby function properly checks for allowed values)
	NOTE: https://github.com/huzr2018/orderby_SQLi/tree/master/kohana
	NOTE: https://github.com/koseven/koseven/issues/323
CVE-2019-8978 (An improper authentication vulnerability can be exploited through a ra ...)
	NOT-FOR-US: Ellucian Banner Web Tailor
CVE-2019-8977
	RESERVED
CVE-2019-8976
	RESERVED
CVE-2019-8975
	RESERVED
CVE-2019-8974
	RESERVED
CVE-2019-8973
	RESERVED
CVE-2019-8972
	RESERVED
CVE-2019-8971
	RESERVED
CVE-2019-8970
	RESERVED
CVE-2019-8969
	RESERVED
CVE-2019-8968
	RESERVED
CVE-2019-8967
	RESERVED
CVE-2019-8966
	RESERVED
CVE-2019-8965
	RESERVED
CVE-2019-8964
	RESERVED
CVE-2019-8963
	RESERVED
CVE-2019-8962
	RESERVED
CVE-2019-8961
	RESERVED
CVE-2019-8960
	RESERVED
CVE-2019-8959
	RESERVED
CVE-2019-8958
	RESERVED
CVE-2019-8957
	RESERVED
CVE-2019-8956 (In the Linux Kernel before versions 4.20.8 and 4.19.21 a use-after-fre ...)
	- linux 4.19.28-1
	[stretch] - linux <not-affected> (Vulnerable code not present)
	[jessie] - linux <not-affected> (Vulnerable code not present)
	NOTE: Fixed by: https://git.kernel.org/linus/ba59fb0273076637f0add4311faa990a5eec27c0
CVE-2019-1000049
	REJECTED
CVE-2019-1000048
	REJECTED
CVE-2019-1000047
	REJECTED
CVE-2019-1000041
	REJECTED
CVE-2019-1000030
	REJECTED
CVE-2019-8955 (In Tor before 0.3.3.12, 0.3.4.x before 0.3.4.11, 0.3.5.x before 0.3.5. ...)
	- tor 0.3.5.8-1
	[stretch] - tor <not-affected> (Only affects 0.3.2.1 and later)
	[jessie] - tor <not-affected> (Only affects 0.3.2.1 and later)
	NOTE: https://blog.torproject.org/new-releases-tor-0402-alpha-0358-03411-and-03312
	NOTE: https://trac.torproject.org/projects/tor/ticket/29168
CVE-2019-8954 (In Indexhibit 2.1.5, remote attackers can execute arbitrary code via t ...)
	NOT-FOR-US: Indexhibit
CVE-2019-8953 (The HAProxy package before 0.59_16 for pfSense has XSS via the desc (a ...)
	NOT-FOR-US: HAProxy package for pfSense
CVE-2019-8952 (A Path Traversal vulnerability located in the webserver affects severa ...)
	NOT-FOR-US: Bosch
CVE-2019-8951 (An Open Redirect vulnerability located in the webserver affects severa ...)
	NOT-FOR-US: Bosch
CVE-2019-1003028 (A server-side request forgery vulnerability exists in Jenkins JMS Mess ...)
	NOT-FOR-US: Jenkins
CVE-2019-1003027 (A server-side request forgery vulnerability exists in Jenkins OctopusD ...)
	NOT-FOR-US: Jenkins
CVE-2019-1003026 (A server-side request forgery vulnerability exists in Jenkins Mattermo ...)
	NOT-FOR-US: Jenkins
CVE-2019-1003025 (A exposure of sensitive information vulnerability exists in Jenkins Cl ...)
	NOT-FOR-US: Jenkins
CVE-2019-1003024 (A sandbox bypass vulnerability exists in Jenkins Script Security Plugi ...)
	NOT-FOR-US: Jenkins
CVE-2019-8950 (The backdoor account dnsekakf2$$ in /bin/login on DASAN H665 devices w ...)
	NOT-FOR-US: DASAN
CVE-2019-8949
	RESERVED
CVE-2019-8948 (PaperCut MF before 18.3.6 and PaperCut NG before 18.3.6 allow script i ...)
	NOT-FOR-US: PaperCut MF
CVE-2019-8947 (Zimbra Collaboration 8.7.x - 8.8.11P2 contains non-persistent XSS. ...)
	NOT-FOR-US: Zimbra Collaboration
CVE-2019-8946 (Zimbra Collaboration 8.7.x - 8.8.11P2 contains persistent XSS. ...)
	NOT-FOR-US: Zimbra Collaboration
CVE-2019-8945 (Zimbra Collaboration 8.7.x - 8.8.11P2 contains persistent XSS. ...)
	NOT-FOR-US: Zimbra Collaboration
CVE-2019-8944 (An Information Exposure issue in the Terraform deployment step in Octo ...)
	NOT-FOR-US: Terraform
CVE-2019-8943 (WordPress through 5.0.3 allows Path Traversal in wp_crop_image(). An a ...)
	- wordpress <unfixed> (bug #923583)
	[jessie] - wordpress <postponed> (requires privileged account, not directly exploitable as CVE-2019-8942 is fixed, no official patch)
	NOTE: https://blog.ripstech.com/2019/wordpress-image-remote-code-execution/
	NOTE: This CVE is explicitly for the mentioned Path Traversal in wp_crop_image().
	NOTE: Patching CVE-2019-8942 makes CVE-2019-8943 (RCE) not directly exploitable
	NOTE: RCE would now require a vulnerable plugin, and a crop-resistant PHP webshell embedded in an image (preserved EXIF data, PNG IDAT reverse deflate...)
	NOTE: https://blog.ripstech.com/2019/wordpress-image-remote-code-execution/#path-traversal-via-modified-post-meta
	NOTE: https://blog.ripstech.com/2019/wordpress-image-remote-code-execution/#exploiting-the-path-traversal-lfi-in-theme-directory
CVE-2019-8942 (WordPress before 4.9.9 and 5.x before 5.0.1 allows remote code executi ...)
	{DSA-4401-1 DLA-1742-1}
	- wordpress 5.0.1+dfsg1-1
	NOTE: https://blog.ripstech.com/2019/wordpress-image-remote-code-execution/
	NOTE: Issue fixed in 4.9.9 and 5.0.1 upstream
CVE-2019-8941
	RESERVED
CVE-2019-8940
	RESERVED
CVE-2019-8939 (data/interfaces/default/history.html in Tautulli 2.1.26 has XSS via a  ...)
	NOT-FOR-US: Tautulli
CVE-2019-8938 (VertrigoServ 2.17 allows XSS via the /inc/extensions.php ext parameter ...)
	NOT-FOR-US: VertrigoServ
CVE-2019-8937 (HotelDruid 2.3.0 has XSS affecting the nsextt, cambia1, mese_fine, ori ...)
	- hoteldruid 2.3.2-1 (bug #929136)
	[stretch] - hoteldruid <ignored> (Minor issue)
	[jessie] - hoteldruid <no-dsa> (Minor issue)
	NOTE: https://www.exploit-db.com/exploits/46429/
CVE-2019-8936 (NTP through 4.2.8p12 has a NULL Pointer Dereference. ...)
	[experimental] - ntp 1:4.2.8p13+dfsg-1
	- ntp 1:4.2.8p12+dfsg-4 (bug #924228)
	[stretch] - ntp <not-affected> (Introduced with the fix for CVE-2018-7182, not backported to stretch)
	[jessie] - ntp <not-affected> (Introduced with the fix for CVE-2018-7182, not backported to jessie)
	NOTE: http://bugs.ntp.org/show_bug.cgi?id=3565
	NOTE: http://bk.ntp.org/ntp-stable/ntpd/ntp_control.c?PAGE=diffs&REV=5c8106e7wWtXdh0lzg1ytlWribBTcQ
	NOTE: Relates/corresponds to https://gitlab.com/NTPsec/ntpsec/issues/509 for ntpsec
	NOTE: which has a separate CVE id CVE-2019-6445 specifically for src:ntpsec
CVE-2019-8934 (hw/ppc/spapr.c in QEMU through 3.1.0 allows Information Exposure becau ...)
	- qemu 1:4.1-1 (low; bug #922923)
	[buster] - qemu <ignored> (Too intrusive to backport, marginal impact)
	[stretch] - qemu <ignored> (Too intrusive to backport, marginal impact)
	[jessie] - qemu <ignored> (Too intrusive to backport, marginal impact, ppc not supported in jessie-lts)
	- qemu-kvm <removed>
	NOTE: https://lists.gnu.org/archive/html/qemu-devel/2019-02/msg04821.html
CVE-2019-8933 (In DedeCMS 5.7SP2, attackers can upload a .php file to the uploads/ di ...)
	NOT-FOR-US: DedeCMS
CVE-2019-8935 (Collabtive 3.1 allows XSS via the manageuser.php?action=profile id par ...)
	- collabtive <removed>
	[jessie] - collabtive <ignored> (Minor issue)
CVE-2019-8932 (Redbrick Shift through 3.4.3 allows an attacker to extract authenticat ...)
	NOT-FOR-US: Redbrick Shift
CVE-2019-8931 (Redbrick Shift through 3.4.3 allows an attacker to extract emails of s ...)
	NOT-FOR-US: Redbrick Shift
CVE-2019-8930
	RESERVED
CVE-2019-8929 (An issue was discovered in Zoho ManageEngine Netflow Analyzer Professi ...)
	NOT-FOR-US: Zoho ManageEngine Netflow Analyzer Professional
CVE-2019-8928 (An issue was discovered in Zoho ManageEngine Netflow Analyzer Professi ...)
	NOT-FOR-US: Zoho ManageEngine Netflow Analyzer Professional
CVE-2019-8927 (An issue was discovered in Zoho ManageEngine Netflow Analyzer Professi ...)
	NOT-FOR-US: Zoho ManageEngine Netflow Analyzer Professional
CVE-2019-8926 (An issue was discovered in Zoho ManageEngine Netflow Analyzer Professi ...)
	NOT-FOR-US: Zoho ManageEngine Netflow Analyzer Professional
CVE-2019-8925 (An issue was discovered in Zoho ManageEngine Netflow Analyzer Professi ...)
	NOT-FOR-US: Zoho ManageEngine Netflow Analyzer Professional
CVE-2019-8924 (XAMPP through 5.6.8 allows XSS via the cds-fpdf.php interpret or titel ...)
	NOT-FOR-US: XAMPP
CVE-2019-8923 (XAMPP through 5.6.8 and previous allows SQL injection via the cds-fpdf ...)
	NOT-FOR-US: XAMPP
CVE-2019-8922
	RESERVED
CVE-2019-8921
	RESERVED
CVE-2019-8920 (iart.php in XAMPP 1.7.0 has XSS, a related issue to CVE-2008-3569. ...)
	NOT-FOR-US: XAMPP
CVE-2019-8919 (The seadroid (aka Seafile Android Client) application through 2.2.13 f ...)
	NOT-FOR-US: Seafile Android Client
CVE-2019-8918
	RESERVED
CVE-2019-8917 (SolarWinds Orion NPM before 12.4 suffers from a SYSTEM remote code exe ...)
	NOT-FOR-US: SolarWinds Orion NPM
CVE-2019-8916
	RESERVED
CVE-2019-8915
	RESERVED
CVE-2019-8914
	RESERVED
CVE-2019-8913
	RESERVED
CVE-2019-8912 (In the Linux kernel through 4.20.11, af_alg_release() in crypto/af_alg ...)
	- linux 4.19.28-1
	[stretch] - linux <not-affected> (Vulnerable code introduced later)
	[jessie] - linux <not-affected> (Vulnerable code introduced later)
CVE-2019-8911 (An issue was discovered in WTCMS 1.0. It has stored XSS via the third  ...)
	NOT-FOR-US: WTCMS
CVE-2019-8910 (An issue was discovered in WTCMS 1.0. It allows index.php?g=admin&amp; ...)
	NOT-FOR-US: WTCMS
CVE-2019-8909 (An issue was discovered in WTCMS 1.0. It allows remote attackers to ca ...)
	NOT-FOR-US: WTCMS
CVE-2019-8908 (An issue was discovered in WTCMS 1.0. It allows remote attackers to ex ...)
	NOT-FOR-US: WTCMS
CVE-2019-8907 (do_core_note in readelf.c in libmagic.a in file 5.35 allows remote att ...)
	{DLA-1698-1}
	- file 1:5.35-3 (bug #922968)
	[stretch] - file <no-dsa> (Minor issue; will be fixed in point release)
	NOTE: https://bugs.astron.com/view.php?id=65
	NOTE: https://github.com/file/file/commit/d65781527c8134a1202b2649695d48d5701ac60b
CVE-2019-8906 (do_core_note in readelf.c in libmagic.a in file 5.35 has an out-of-bou ...)
	- file 1:5.35-3 (bug #922969)
	[stretch] - file <not-affected> (vulnerable code introduced later)
	[jessie] - file <not-affected> (vulnerable code introduced later)
	NOTE: https://bugs.astron.com/view.php?id=64
	NOTE: Introduced by: https://github.com/file/file/commit/0ac0678c52e248fd2a632a84b638694f205aef9d (FILE5_31)
	NOTE: Fixed by: https://github.com/file/file/commit/2858eaf99f6cc5aae129bcbf1e24ad160240185f (FILE5_36)
CVE-2019-8905 (do_core_note in readelf.c in libmagic.a in file 5.35 has a stack-based ...)
	{DLA-1698-1}
	- file 1:5.35-3 (bug #922968)
	[stretch] - file <no-dsa> (Minor issue; will be fixed in point release)
	NOTE: https://bugs.astron.com/view.php?id=63
	NOTE: https://github.com/file/file/commit/d65781527c8134a1202b2649695d48d5701ac60b
CVE-2019-8904 (do_bid_note in readelf.c in libmagic.a in file 5.35 has a stack-based  ...)
	- file 1:5.35-3 (bug #922967)
	[stretch] - file <not-affected> (vulnerable code introduced later)
	[jessie] - file <not-affected> (vulnerable code introduced later)
	NOTE: https://bugs.astron.com/view.php?id=62
	NOTE: Introduced by: https://github.com/file/file/commit/76c55eae2f9b0b378332762f6dce544d05eb24d7 (FILE5_34)
	NOTE: Fixed by: https://github.com/file/file/commit/94b7501f48e134e77716e7ebefc73d6bbe72ba55 (FILE5_36)
CVE-2019-8903 (index.js in Total.js Platform before 3.2.3 allows path traversal. ...)
	NOT-FOR-US: Total.js Platform
CVE-2019-8902 (An issue was discovered in idreamsoft iCMS through 7.0.14. A CSRF vuln ...)
	NOT-FOR-US: idreamsoft iCMS
CVE-2019-8901
	RESERVED
CVE-2019-8900
	RESERVED
CVE-2019-8899
	RESERVED
CVE-2019-8898
	RESERVED
CVE-2019-8897
	RESERVED
CVE-2019-8896
	RESERVED
CVE-2019-8895
	RESERVED
CVE-2019-8894
	RESERVED
CVE-2019-8893
	RESERVED
CVE-2019-8892
	RESERVED
CVE-2019-8891
	RESERVED
CVE-2019-8890
	RESERVED
CVE-2019-8889
	RESERVED
CVE-2019-8888
	RESERVED
CVE-2019-8887
	RESERVED
CVE-2019-8886
	RESERVED
CVE-2019-8885
	RESERVED
CVE-2019-8884
	RESERVED
CVE-2019-8883
	RESERVED
CVE-2019-8882
	RESERVED
CVE-2019-8881
	RESERVED
CVE-2019-8880
	RESERVED
CVE-2019-8879
	RESERVED
CVE-2019-8878
	RESERVED
CVE-2019-8877
	RESERVED
CVE-2019-8876
	RESERVED
CVE-2019-8875
	RESERVED
CVE-2019-8874
	RESERVED
CVE-2019-8873
	RESERVED
CVE-2019-8872
	RESERVED
CVE-2019-8871
	RESERVED
CVE-2019-8870
	RESERVED
CVE-2019-8869
	RESERVED
CVE-2019-8868
	RESERVED
CVE-2019-8867
	RESERVED
CVE-2019-8866
	RESERVED
CVE-2019-8865
	RESERVED
CVE-2019-8864
	RESERVED
CVE-2019-8863
	RESERVED
CVE-2019-8862
	RESERVED
CVE-2019-8861
	RESERVED
CVE-2019-8860
	RESERVED
CVE-2019-8859
	RESERVED
CVE-2019-8858
	RESERVED
CVE-2019-8857
	RESERVED
CVE-2019-8856
	RESERVED
CVE-2019-8855
	RESERVED
CVE-2019-8854
	RESERVED
CVE-2019-8853
	RESERVED
CVE-2019-8852
	RESERVED
CVE-2019-8851
	RESERVED
CVE-2019-8850
	RESERVED
CVE-2019-8849 (The issue was addressed by signaling that an executable stack is not r ...)
	NOT-FOR-US: Apple
CVE-2019-8848
	RESERVED
CVE-2019-8847
	RESERVED
CVE-2019-8846
	RESERVED
	{DSA-4610-1}
	- webkit2gtk 2.26.3-1
	[stretch] - webkit2gtk <ignored> (Not covered by security support in stretch)
	[jessie] - webkit2gtk <ignored> (Not covered by security support in jessie)
	NOTE: https://webkitgtk.org/security/WSA-2020-0001.html
CVE-2019-8845
	RESERVED
CVE-2019-8844
	RESERVED
	{DSA-4610-1}
	- webkit2gtk 2.26.3-1
	[stretch] - webkit2gtk <ignored> (Not covered by security support in stretch)
	[jessie] - webkit2gtk <ignored> (Not covered by security support in jessie)
	NOTE: https://webkitgtk.org/security/WSA-2020-0001.html
CVE-2019-8843
	RESERVED
CVE-2019-8842
	RESERVED
CVE-2019-8841
	RESERVED
CVE-2019-8840
	RESERVED
CVE-2019-8839
	RESERVED
CVE-2019-8838
	RESERVED
CVE-2019-8837
	RESERVED
CVE-2019-8836
	RESERVED
CVE-2019-8835
	RESERVED
	{DSA-4610-1}
	- webkit2gtk 2.26.3-1
	[stretch] - webkit2gtk <ignored> (Not covered by security support in stretch)
	[jessie] - webkit2gtk <ignored> (Not covered by security support in jessie)
	NOTE: https://webkitgtk.org/security/WSA-2020-0001.html
CVE-2019-8834
	RESERVED
CVE-2019-8833
	RESERVED
CVE-2019-8832
	RESERVED
CVE-2019-8831
	RESERVED
CVE-2019-8830
	RESERVED
CVE-2019-8829
	RESERVED
CVE-2019-8828
	RESERVED
CVE-2019-8827
	RESERVED
CVE-2019-8826
	RESERVED
CVE-2019-8825
	RESERVED
CVE-2019-8824
	RESERVED
CVE-2019-8823 (Multiple memory corruption issues were addressed with improved memory  ...)
	{DSA-4558-1}
	- webkit2gtk 2.26.1-1
	[stretch] - webkit2gtk <ignored> (Not covered by security support in stretch)
	[jessie] - webkit2gtk <ignored> (Not covered by security support in jessie)
	NOTE: https://webkitgtk.org/security/WSA-2019-0006.html
CVE-2019-8822 (Multiple memory corruption issues were addressed with improved memory  ...)
	{DSA-4515-1}
	- webkit2gtk 2.24.4-1
	[stretch] - webkit2gtk <ignored> (Not covered by security support in stretch)
	[jessie] - webkit2gtk <ignored> (Not covered by security support in jessie)
	NOTE: https://webkitgtk.org/security/WSA-2019-0006.html
CVE-2019-8821 (Multiple memory corruption issues were addressed with improved memory  ...)
	{DSA-4515-1}
	- webkit2gtk 2.24.4-1
	[stretch] - webkit2gtk <ignored> (Not covered by security support in stretch)
	[jessie] - webkit2gtk <ignored> (Not covered by security support in jessie)
	NOTE: https://webkitgtk.org/security/WSA-2019-0006.html
CVE-2019-8820 (Multiple memory corruption issues were addressed with improved memory  ...)
	{DSA-4558-1}
	- webkit2gtk 2.26.1-1
	[stretch] - webkit2gtk <ignored> (Not covered by security support in stretch)
	[jessie] - webkit2gtk <ignored> (Not covered by security support in jessie)
	NOTE: https://webkitgtk.org/security/WSA-2019-0006.html
CVE-2019-8819 (Multiple memory corruption issues were addressed with improved memory  ...)
	{DSA-4558-1}
	- webkit2gtk 2.26.1-1
	[stretch] - webkit2gtk <ignored> (Not covered by security support in stretch)
	[jessie] - webkit2gtk <ignored> (Not covered by security support in jessie)
	NOTE: https://webkitgtk.org/security/WSA-2019-0006.html
CVE-2019-8818
	RESERVED
CVE-2019-8817 (A validation issue was addressed with improved input sanitization. Thi ...)
	NOT-FOR-US: Apple
CVE-2019-8816 (Multiple memory corruption issues were addressed with improved memory  ...)
	{DSA-4558-1}
	- webkit2gtk 2.26.1-1
	[stretch] - webkit2gtk <ignored> (Not covered by security support in stretch)
	[jessie] - webkit2gtk <ignored> (Not covered by security support in jessie)
	NOTE: https://webkitgtk.org/security/WSA-2019-0006.html
CVE-2019-8815 (Multiple memory corruption issues were addressed with improved memory  ...)
	{DSA-4558-1}
	- webkit2gtk 2.26.0-1
	[stretch] - webkit2gtk <ignored> (Not covered by security support in stretch)
	[jessie] - webkit2gtk <ignored> (Not covered by security support in jessie)
	NOTE: https://webkitgtk.org/security/WSA-2019-0006.html
CVE-2019-8814 (Multiple memory corruption issues were addressed with improved memory  ...)
	{DSA-4563-1}
	- webkit2gtk 2.26.2-1
	[stretch] - webkit2gtk <ignored> (Not covered by security support in stretch)
	[jessie] - webkit2gtk <ignored> (Not covered by security support in jessie)
	NOTE: https://webkitgtk.org/security/WSA-2019-0006.html
CVE-2019-8813 (A logic issue was addressed with improved state management. This issue ...)
	{DSA-4558-1}
	- webkit2gtk 2.26.1-1
	[stretch] - webkit2gtk <ignored> (Not covered by security support in stretch)
	[jessie] - webkit2gtk <ignored> (Not covered by security support in jessie)
	NOTE: https://webkitgtk.org/security/WSA-2019-0006.html
CVE-2019-8812 (Multiple memory corruption issues were addressed with improved memory  ...)
	{DSA-4563-1}
	- webkit2gtk 2.26.2-1
	[stretch] - webkit2gtk <ignored> (Not covered by security support in stretch)
	[jessie] - webkit2gtk <ignored> (Not covered by security support in jessie)
	NOTE: https://webkitgtk.org/security/WSA-2019-0006.html
CVE-2019-8811 (Multiple memory corruption issues were addressed with improved memory  ...)
	{DSA-4558-1}
	- webkit2gtk 2.26.1-1
	[stretch] - webkit2gtk <ignored> (Not covered by security support in stretch)
	[jessie] - webkit2gtk <ignored> (Not covered by security support in jessie)
	NOTE: https://webkitgtk.org/security/WSA-2019-0006.html
CVE-2019-8810
	RESERVED
CVE-2019-8809
	RESERVED
CVE-2019-8808 (Multiple memory corruption issues were addressed with improved memory  ...)
	{DSA-4558-1}
	- webkit2gtk 2.26.0-1
	[stretch] - webkit2gtk <ignored> (Not covered by security support in stretch)
	[jessie] - webkit2gtk <ignored> (Not covered by security support in jessie)
	NOTE: https://webkitgtk.org/security/WSA-2019-0006.html
CVE-2019-8807 (A memory corruption issue was addressed with improved memory handling. ...)
	NOT-FOR-US: Apple
CVE-2019-8806 (A memory corruption issue was addressed with improved validation. This ...)
	NOT-FOR-US: Apple
CVE-2019-8805 (A validation issue existed in the entitlement verification. This issue ...)
	NOT-FOR-US: Apple
CVE-2019-8804 (An inconsistency in Wi-Fi network configuration settings was addressed ...)
	NOT-FOR-US: Apple
CVE-2019-8803 (An authentication issue was addressed with improved state management.  ...)
	NOT-FOR-US: Apple
CVE-2019-8802 (A validation issue was addressed with improved logic. This issue is fi ...)
	NOT-FOR-US: Apple
CVE-2019-8801 (A dynamic library loading issue existed in iTunes setup. This was addr ...)
	NOT-FOR-US: Apple
CVE-2019-8800 (A memory corruption issue was addressed with improved validation. This ...)
	NOT-FOR-US: Apple
CVE-2019-8799
	RESERVED
CVE-2019-8798 (A memory corruption issue was addressed with improved memory handling. ...)
	NOT-FOR-US: Apple
CVE-2019-8797 (A memory corruption issue was addressed with improved memory handling. ...)
	NOT-FOR-US: Apple
CVE-2019-8796
	RESERVED
CVE-2019-8795 (A memory corruption issue was addressed with improved memory handling. ...)
	NOT-FOR-US: Apple
CVE-2019-8794 (A validation issue was addressed with improved input sanitization. Thi ...)
	NOT-FOR-US: Apple
CVE-2019-8793 (A consistency issue existed in deciding when to show the screen record ...)
	NOT-FOR-US: Apple
CVE-2019-8792 (An injection issue was addressed with improved validation. This issue  ...)
	NOT-FOR-US: Shazam Android App
CVE-2019-8791 (An issue existed in the parsing of URL schemes. This issue was address ...)
	NOT-FOR-US: Shazam Android App
CVE-2019-8790
	RESERVED
CVE-2019-8789 (A validation issue existed in the handling of symlinks. This issue was ...)
	NOT-FOR-US: Apple
CVE-2019-8788 (An issue existed in the parsing of URLs. This issue was addressed with ...)
	NOT-FOR-US: Apple
CVE-2019-8787 (An out-of-bounds read was addressed with improved input validation. Th ...)
	NOT-FOR-US: Apple
CVE-2019-8786 (A memory corruption issue was addressed with improved memory handling. ...)
	NOT-FOR-US: Apple
CVE-2019-8785 (A memory corruption issue was addressed with improved memory handling. ...)
	NOT-FOR-US: Apple
CVE-2019-8784 (A memory corruption issue was addressed with improved memory handling. ...)
	NOT-FOR-US: Apple
CVE-2019-8783 (Multiple memory corruption issues were addressed with improved memory  ...)
	{DSA-4558-1}
	- webkit2gtk 2.26.1-1
	[stretch] - webkit2gtk <ignored> (Not covered by security support in stretch)
	[jessie] - webkit2gtk <ignored> (Not covered by security support in jessie)
	NOTE: https://webkitgtk.org/security/WSA-2019-0006.html
CVE-2019-8782 (Multiple memory corruption issues were addressed with improved memory  ...)
	{DSA-4558-1}
	- webkit2gtk 2.26.0-1
	[stretch] - webkit2gtk <ignored> (Not covered by security support in stretch)
	[jessie] - webkit2gtk <ignored> (Not covered by security support in jessie)
	NOTE: https://webkitgtk.org/security/WSA-2019-0006.html
CVE-2019-8781 (A memory corruption issue was addressed with improved state management ...)
	NOT-FOR-US: Apple
CVE-2019-8780
	RESERVED
CVE-2019-8779 (A logic issue applied the incorrect restrictions. This issue was addre ...)
	NOT-FOR-US: Apple
CVE-2019-8778
	RESERVED
CVE-2019-8777
	RESERVED
CVE-2019-8776
	RESERVED
CVE-2019-8775 (The issue was addressed by restricting options offered on a locked dev ...)
	NOT-FOR-US: Apple
CVE-2019-8774
	RESERVED
CVE-2019-8773
	RESERVED
CVE-2019-8772 (An issue existed in the handling of links in encrypted PDFs. This issu ...)
	NOT-FOR-US: Apple
CVE-2019-8771
	RESERVED
	{DSA-4558-1}
	- webkit2gtk 2.26.0-1
	[stretch] - webkit2gtk <ignored> (Not covered by security support in stretch)
	[jessie] - webkit2gtk <ignored> (Not covered by security support in jessie)
	NOTE: https://webkitgtk.org/security/WSA-2019-0005.html
CVE-2019-8770 (The issue was addressed with improved permissions logic. This issue is ...)
	NOT-FOR-US: Apple
CVE-2019-8769 (An issue existed in the drawing of web page elements. The issue was ad ...)
	{DSA-4558-1}
	- webkit2gtk 2.26.0-1
	[stretch] - webkit2gtk <ignored> (Not covered by security support in stretch)
	[jessie] - webkit2gtk <ignored> (Not covered by security support in jessie)
	NOTE: https://webkitgtk.org/security/WSA-2019-0005.html
CVE-2019-8768 ("Clear History and Website Data" did not clear the history. The issue  ...)
	- webkit2gtk 2.24.0-1
	[stretch] - webkit2gtk <ignored> (Not covered by security support in stretch)
	[jessie] - webkit2gtk <ignored> (Not covered by security support in jessie)
	NOTE: https://webkitgtk.org/security/WSA-2019-0005.html
CVE-2019-8767
	RESERVED
CVE-2019-8766 (Multiple memory corruption issues were addressed with improved memory  ...)
	{DSA-4558-1}
	- webkit2gtk 2.26.0-1
	[stretch] - webkit2gtk <ignored> (Not covered by security support in stretch)
	[jessie] - webkit2gtk <ignored> (Not covered by security support in jessie)
	NOTE: https://webkitgtk.org/security/WSA-2019-0006.html
CVE-2019-8765 (Multiple memory corruption issues were addressed with improved memory  ...)
	{DSA-4515-1}
	- webkit2gtk 2.24.4-1
	[stretch] - webkit2gtk <ignored> (Not covered by security support in stretch)
	[jessie] - webkit2gtk <ignored> (Not covered by security support in jessie)
	NOTE: https://webkitgtk.org/security/WSA-2019-0006.html
CVE-2019-8764 (A logic issue was addressed with improved state management. This issue ...)
	{DSA-4558-1}
	- webkit2gtk 2.26.0-1
	[stretch] - webkit2gtk <ignored> (Not covered by security support in stretch)
	[jessie] - webkit2gtk <ignored> (Not covered by security support in jessie)
	NOTE: https://webkitgtk.org/security/WSA-2019-0006.html
CVE-2019-8763 (Multiple memory corruption issues were addressed with improved memory  ...)
	{DSA-4515-1}
	- webkit2gtk 2.24.4-1
	[stretch] - webkit2gtk <ignored> (Not covered by security support in stretch)
	[jessie] - webkit2gtk <ignored> (Not covered by security support in jessie)
	NOTE: https://webkitgtk.org/security/WSA-2019-0005.html
CVE-2019-8762
	RESERVED
CVE-2019-8761
	RESERVED
CVE-2019-8760 (This issue was addressed by improving Face ID machine learning models. ...)
	NOT-FOR-US: Apple
CVE-2019-8759
	RESERVED
CVE-2019-8758 (A memory corruption issue was addressed with improved memory handling. ...)
	NOT-FOR-US: Apple
CVE-2019-8757 (A race condition existed when reading and writing user preferences. Th ...)
	NOT-FOR-US: Apple
CVE-2019-8756
	RESERVED
CVE-2019-8755 (A logic issue was addressed with improved restrictions. This issue is  ...)
	NOT-FOR-US: Apple
CVE-2019-8754
	RESERVED
CVE-2019-8753
	RESERVED
CVE-2019-8752
	RESERVED
CVE-2019-8751
	RESERVED
CVE-2019-8750 (Multiple memory corruption issues were addressed with improved input v ...)
	NOT-FOR-US: Apple
CVE-2019-8749
	RESERVED
CVE-2019-8748 (A memory corruption issue was addressed with improved memory handling. ...)
	NOT-FOR-US: Apple
CVE-2019-8747 (A memory corruption vulnerability was addressed with improved locking. ...)
	NOT-FOR-US: Apple
CVE-2019-8746
	RESERVED
CVE-2019-8745 (A buffer overflow was addressed with improved bounds checking. This is ...)
	NOT-FOR-US: Apple
CVE-2019-8744
	RESERVED
CVE-2019-8743 (Multiple memory corruption issues were addressed with improved memory  ...)
	{DSA-4558-1}
	- webkit2gtk 2.26.0-1
	[stretch] - webkit2gtk <ignored> (Not covered by security support in stretch)
	[jessie] - webkit2gtk <ignored> (Not covered by security support in jessie)
	NOTE: https://webkitgtk.org/security/WSA-2019-0006.html
CVE-2019-8742 (The issue was addressed by restricting options offered on a locked dev ...)
	NOT-FOR-US: Apple
CVE-2019-8741 (A denial of service issue was addressed with improved input validation ...)
	NOT-FOR-US: Apple
CVE-2019-8740
	RESERVED
CVE-2019-8739 (A memory corruption issue was addressed with improved state management ...)
	NOT-FOR-US: Apple
CVE-2019-8738 (A memory corruption issue was addressed with improved state management ...)
	NOT-FOR-US: Apple
CVE-2019-8737
	RESERVED
CVE-2019-8736
	RESERVED
CVE-2019-8735 (Multiple memory corruption issues were addressed with improved memory  ...)
	- webkit2gtk 2.24.2-1
	[stretch] - webkit2gtk <ignored> (Not covered by security support in stretch)
	[jessie] - webkit2gtk <ignored> (Not covered by security support in jessie)
	NOTE: https://webkitgtk.org/security/WSA-2019-0005.html
CVE-2019-8734
	RESERVED
CVE-2019-8733 (Multiple memory corruption issues were addressed with improved memory  ...)
	{DSA-4515-1}
	- webkit2gtk 2.24.4-1
	[stretch] - webkit2gtk <ignored> (Not covered by security support in stretch)
	[jessie] - webkit2gtk <ignored> (Not covered by security support in jessie)
	NOTE: https://webkitgtk.org/security/WSA-2019-0005.html
CVE-2019-8732
	RESERVED
CVE-2019-8731 (A permissions issue existed in which execute permission was incorrectl ...)
	NOT-FOR-US: Apple
CVE-2019-8730 (The contents of locked notes sometimes appeared in search results. Thi ...)
	NOT-FOR-US: Apple
CVE-2019-8729
	RESERVED
CVE-2019-8728
	RESERVED
CVE-2019-8727 (A logic issue was addressed with improved state management. This issue ...)
	NOT-FOR-US: Apple
CVE-2019-8726 (Multiple memory corruption issues were addressed with improved memory  ...)
	- webkit2gtk 2.24.3-1
	[stretch] - webkit2gtk <ignored> (Not covered by security support in stretch)
	[jessie] - webkit2gtk <ignored> (Not covered by security support in jessie)
	NOTE: https://webkitgtk.org/security/WSA-2019-0005.html
CVE-2019-8725 (The issue was addressed with improved handling of service worker lifet ...)
	NOT-FOR-US: Apple
CVE-2019-8724 (Multiple issues in ld64 in the Xcode toolchains were addressed by upda ...)
	NOT-FOR-US: Apple
CVE-2019-8723 (Multiple issues in ld64 in the Xcode toolchains were addressed by upda ...)
	NOT-FOR-US: Apple
CVE-2019-8722 (Multiple issues in ld64 in the Xcode toolchains were addressed by upda ...)
	NOT-FOR-US: Apple
CVE-2019-8721 (Multiple issues in ld64 in the Xcode toolchains were addressed by upda ...)
	NOT-FOR-US: Apple
CVE-2019-8720
	RESERVED
	{DSA-4558-1}
	- webkit2gtk 2.26.0-1
	[stretch] - webkit2gtk <ignored> (Not covered by security support in stretch)
	[jessie] - webkit2gtk <ignored> (Not covered by security support in jessie)
	NOTE: https://webkitgtk.org/security/WSA-2019-0005.html
CVE-2019-8719 (A logic issue was addressed with improved state management. This issue ...)
	{DSA-4515-1}
	- webkit2gtk 2.24.4-1
	[stretch] - webkit2gtk <ignored> (Not covered by security support in stretch)
	[jessie] - webkit2gtk <ignored> (Not covered by security support in jessie)
	NOTE: https://webkitgtk.org/security/WSA-2019-0005.html
CVE-2019-8718
	RESERVED
CVE-2019-8717 (A memory corruption issue was addressed with improved memory handling. ...)
	NOT-FOR-US: Apple
CVE-2019-8716
	RESERVED
CVE-2019-8715
	RESERVED
CVE-2019-8714
	RESERVED
CVE-2019-8713
	RESERVED
CVE-2019-8712
	RESERVED
CVE-2019-8711 (A logic issue existed with the display of notification previews. This  ...)
	NOT-FOR-US: Apple
CVE-2019-8710 (Multiple memory corruption issues were addressed with improved memory  ...)
	{DSA-4558-1}
	- webkit2gtk 2.26.0-1
	[stretch] - webkit2gtk <ignored> (Not covered by security support in stretch)
	[jessie] - webkit2gtk <ignored> (Not covered by security support in jessie)
	NOTE: https://webkitgtk.org/security/WSA-2019-0006.html
CVE-2019-8709
	RESERVED
CVE-2019-8708
	RESERVED
CVE-2019-8707 (Multiple memory corruption issues were addressed with improved memory  ...)
	{DSA-4515-1}
	- webkit2gtk 2.24.4-1
	[stretch] - webkit2gtk <ignored> (Not covered by security support in stretch)
	[jessie] - webkit2gtk <ignored> (Not covered by security support in jessie)
	NOTE: https://webkitgtk.org/security/WSA-2019-0005.html
CVE-2019-8706
	RESERVED
CVE-2019-8705 (A memory corruption issue was addressed with improved validation. This ...)
	NOT-FOR-US: Apple
CVE-2019-8704 (An authentication issue was addressed with improved state management.  ...)
	NOT-FOR-US: Apple
CVE-2019-8703
	RESERVED
CVE-2019-8702
	RESERVED
CVE-2019-8701 (A memory corruption issue was addressed with improved memory handling. ...)
	NOT-FOR-US: Apple
CVE-2019-8700
	RESERVED
CVE-2019-8699 (A logic issue existed in the handling of answering phone calls. The is ...)
	NOT-FOR-US: Apple
CVE-2019-8698 (A validation issue existed in the entitlement verification. This issue ...)
	NOT-FOR-US: Apple
CVE-2019-8697 (A memory corruption issue was addressed with improved memory handling. ...)
	NOT-FOR-US: Apple
CVE-2019-8696 [stack-buffer-overflow in libcups's asn1_get_packed function]
	RESERVED
	{DLA-1893-1}
	- cups 2.2.12-1 (bug #934957)
	[buster] - cups 2.2.10-6+deb10u1
	[stretch] - cups 2.2.1-8+deb9u4
	NOTE: https://github.com/apple/cups/commit/f24e6cf6a39300ad0c3726a41a4aab51ad54c109
CVE-2019-8695 (A memory corruption issue was addressed with improved memory handling. ...)
	NOT-FOR-US: Apple
CVE-2019-8694 (A memory corruption issue was addressed with improved memory handling. ...)
	NOT-FOR-US: Apple
CVE-2019-8693 (A validation issue was addressed with improved input sanitization. Thi ...)
	NOT-FOR-US: Apple
CVE-2019-8692 (A validation issue was addressed with improved input sanitization. Thi ...)
	NOT-FOR-US: Apple
CVE-2019-8691 (A validation issue was addressed with improved input sanitization. Thi ...)
	NOT-FOR-US: Apple
CVE-2019-8690 (A logic issue existed in the handling of document loads. This issue wa ...)
	{DSA-4515-1}
	- webkit2gtk 2.24.3-1
	[stretch] - webkit2gtk <ignored> (Not covered by security support in stretch)
	[jessie] - webkit2gtk <ignored> (Not covered by security support in jessie)
	NOTE: https://webkitgtk.org/security/WSA-2019-0004.html
CVE-2019-8689 (Multiple memory corruption issues were addressed with improved memory  ...)
	{DSA-4515-1}
	- webkit2gtk 2.24.3-1
	[stretch] - webkit2gtk <ignored> (Not covered by security support in stretch)
	[jessie] - webkit2gtk <ignored> (Not covered by security support in jessie)
	NOTE: https://webkitgtk.org/security/WSA-2019-0004.html
CVE-2019-8688 (Multiple memory corruption issues were addressed with improved memory  ...)
	{DSA-4515-1}
	- webkit2gtk 2.24.4-1
	[stretch] - webkit2gtk <ignored> (Not covered by security support in stretch)
	[jessie] - webkit2gtk <ignored> (Not covered by security support in jessie)
	NOTE: https://webkitgtk.org/security/WSA-2019-0004.html
CVE-2019-8687 (Multiple memory corruption issues were addressed with improved memory  ...)
	{DSA-4515-1}
	- webkit2gtk 2.24.3-1
	[stretch] - webkit2gtk <ignored> (Not covered by security support in stretch)
	[jessie] - webkit2gtk <ignored> (Not covered by security support in jessie)
	NOTE: https://webkitgtk.org/security/WSA-2019-0004.html
CVE-2019-8686 (Multiple memory corruption issues were addressed with improved memory  ...)
	{DSA-4515-1}
	- webkit2gtk 2.24.2-1
	[stretch] - webkit2gtk <ignored> (Not covered by security support in stretch)
	[jessie] - webkit2gtk <ignored> (Not covered by security support in jessie)
	NOTE: https://webkitgtk.org/security/WSA-2019-0004.html
CVE-2019-8685 (Multiple memory corruption issues were addressed with improved memory  ...)
	NOT-FOR-US: Apple
CVE-2019-8684 (Multiple memory corruption issues were addressed with improved memory  ...)
	{DSA-4515-1}
	- webkit2gtk 2.24.4-1
	[stretch] - webkit2gtk <ignored> (Not covered by security support in stretch)
	[jessie] - webkit2gtk <ignored> (Not covered by security support in jessie)
	NOTE: https://webkitgtk.org/security/WSA-2019-0004.html
CVE-2019-8683 (Multiple memory corruption issues were addressed with improved memory  ...)
	{DSA-4515-1}
	- webkit2gtk 2.24.4-1
	[stretch] - webkit2gtk <ignored> (Not covered by security support in stretch)
	[jessie] - webkit2gtk <ignored> (Not covered by security support in jessie)
	NOTE: https://webkitgtk.org/security/WSA-2019-0004.html
CVE-2019-8682 (The issue was addressed with improved UI handling. This issue is fixed ...)
	NOT-FOR-US: Apple
CVE-2019-8681 (Multiple memory corruption issues were addressed with improved memory  ...)
	{DSA-4515-1}
	- webkit2gtk 2.24.3-1
	[stretch] - webkit2gtk <ignored> (Not covered by security support in stretch)
	[jessie] - webkit2gtk <ignored> (Not covered by security support in jessie)
	NOTE: https://webkitgtk.org/security/WSA-2019-0004.html
CVE-2019-8680 (Multiple memory corruption issues were addressed with improved memory  ...)
	{DSA-4515-1}
	- webkit2gtk 2.24.4-1
	[stretch] - webkit2gtk <ignored> (Not covered by security support in stretch)
	[jessie] - webkit2gtk <ignored> (Not covered by security support in jessie)
	NOTE: https://webkitgtk.org/security/WSA-2019-0004.html
CVE-2019-8679 (Multiple memory corruption issues were addressed with improved memory  ...)
	{DSA-4515-1}
	- webkit2gtk 2.24.2-1
	[stretch] - webkit2gtk <ignored> (Not covered by security support in stretch)
	[jessie] - webkit2gtk <ignored> (Not covered by security support in jessie)
	NOTE: https://webkitgtk.org/security/WSA-2019-0004.html
CVE-2019-8678 (Multiple memory corruption issues were addressed with improved memory  ...)
	{DSA-4515-1}
	- webkit2gtk 2.24.4-1
	[stretch] - webkit2gtk <ignored> (Not covered by security support in stretch)
	[jessie] - webkit2gtk <ignored> (Not covered by security support in jessie)
	NOTE: https://webkitgtk.org/security/WSA-2019-0004.html
CVE-2019-8677 (Multiple memory corruption issues were addressed with improved memory  ...)
	{DSA-4515-1}
	- webkit2gtk 2.24.2-1
	[stretch] - webkit2gtk <ignored> (Not covered by security support in stretch)
	[jessie] - webkit2gtk <ignored> (Not covered by security support in jessie)
	NOTE: https://webkitgtk.org/security/WSA-2019-0004.html
CVE-2019-8676 (Multiple memory corruption issues were addressed with improved memory  ...)
	{DSA-4515-1}
	- webkit2gtk 2.24.3-1
	[stretch] - webkit2gtk <ignored> (Not covered by security support in stretch)
	[jessie] - webkit2gtk <ignored> (Not covered by security support in jessie)
	NOTE: https://webkitgtk.org/security/WSA-2019-0004.html
CVE-2019-8675 [stack-buffer-overflow in libcups's asn1_get_type function]
	RESERVED
	{DLA-1893-1}
	- cups 2.2.12-1 (bug #934957)
	[buster] - cups 2.2.10-6+deb10u1
	[stretch] - cups 2.2.1-8+deb9u4
	NOTE: https://github.com/apple/cups/commit/f24e6cf6a39300ad0c3726a41a4aab51ad54c109
CVE-2019-8674 (A logic issue was addressed with improved state management. This issue ...)
	{DSA-4515-1}
	- webkit2gtk 2.24.4-1
	[stretch] - webkit2gtk <ignored> (Not covered by security support in stretch)
	[jessie] - webkit2gtk <ignored> (Not covered by security support in jessie)
	NOTE: https://webkitgtk.org/security/WSA-2019-0005.html
CVE-2019-8673 (Multiple memory corruption issues were addressed with improved memory  ...)
	{DSA-4515-1}
	- webkit2gtk 2.24.3-1
	[stretch] - webkit2gtk <ignored> (Not covered by security support in stretch)
	[jessie] - webkit2gtk <ignored> (Not covered by security support in jessie)
	NOTE: https://webkitgtk.org/security/WSA-2019-0004.html
CVE-2019-8672 (Multiple memory corruption issues were addressed with improved memory  ...)
	{DSA-4515-1}
	- webkit2gtk 2.24.2-1
	[stretch] - webkit2gtk <ignored> (Not covered by security support in stretch)
	[jessie] - webkit2gtk <ignored> (Not covered by security support in jessie)
	NOTE: https://webkitgtk.org/security/WSA-2019-0004.html
CVE-2019-8671 (Multiple memory corruption issues were addressed with improved memory  ...)
	{DSA-4515-1}
	- webkit2gtk 2.24.2-1
	[stretch] - webkit2gtk <ignored> (Not covered by security support in stretch)
	[jessie] - webkit2gtk <ignored> (Not covered by security support in jessie)
	NOTE: https://webkitgtk.org/security/WSA-2019-0004.html
CVE-2019-8670 (An inconsistent user interface issue was addressed with improved state ...)
	NOT-FOR-US: Apple
CVE-2019-8669 (Multiple memory corruption issues were addressed with improved memory  ...)
	{DSA-4515-1}
	- webkit2gtk 2.24.4-1
	[stretch] - webkit2gtk <ignored> (Not covered by security support in stretch)
	[jessie] - webkit2gtk <ignored> (Not covered by security support in jessie)
	NOTE: https://webkitgtk.org/security/WSA-2019-0004.html
CVE-2019-8668
	RESERVED
CVE-2019-8667 (An inconsistent user interface issue was addressed with improved state ...)
	NOT-FOR-US: Apple
CVE-2019-8666 (Multiple memory corruption issues were addressed with improved memory  ...)
	{DSA-4515-1}
	- webkit2gtk 2.24.3-1
	[stretch] - webkit2gtk <ignored> (Not covered by security support in stretch)
	[jessie] - webkit2gtk <ignored> (Not covered by security support in jessie)
	NOTE: https://webkitgtk.org/security/WSA-2019-0004.html
CVE-2019-8665 (A denial of service issue was addressed with improved validation. This ...)
	NOT-FOR-US: Apple
CVE-2019-8664
	RESERVED
CVE-2019-8663 (This issue was addressed with improved checks. This issue is fixed in  ...)
	NOT-FOR-US: Apple
CVE-2019-8662 (This issue was addressed with improved checks. This issue is fixed in  ...)
	NOT-FOR-US: Apple
CVE-2019-8661 (A use after free issue was addressed with improved memory management.  ...)
	NOT-FOR-US: Apple
CVE-2019-8660 (A memory corruption issue was addressed with improved input validation ...)
	NOT-FOR-US: Apple
CVE-2019-8659 (This issue was addressed with improved checks. This issue is fixed in  ...)
	NOT-FOR-US: Apple
CVE-2019-8658 (A logic issue was addressed with improved state management. This issue ...)
	{DSA-4515-1}
	- webkit2gtk 2.24.4-1
	[stretch] - webkit2gtk <ignored> (Not covered by security support in stretch)
	[jessie] - webkit2gtk <ignored> (Not covered by security support in jessie)
	NOTE: https://webkitgtk.org/security/WSA-2019-0004.html
CVE-2019-8657 (An out-of-bounds read was addressed with improved input validation. Th ...)
	NOT-FOR-US: Apple
CVE-2019-8656
	RESERVED
CVE-2019-8655
	RESERVED
CVE-2019-8654 (An inconsistent user interface issue was addressed with improved state ...)
	NOT-FOR-US: Apple
CVE-2019-8653
	RESERVED
CVE-2019-8652
	RESERVED
CVE-2019-8651
	RESERVED
CVE-2019-8650
	RESERVED
CVE-2019-8649 (A logic issue existed in the handling of synchronous page loads. This  ...)
	{DSA-4515-1}
	- webkit2gtk 2.24.4-1
	[stretch] - webkit2gtk <ignored> (Not covered by security support in stretch)
	[jessie] - webkit2gtk <ignored> (Not covered by security support in jessie)
	NOTE: https://webkitgtk.org/security/WSA-2019-0004.html
CVE-2019-8648 (A memory corruption issue was addressed with improved input validation ...)
	NOT-FOR-US: Apple
CVE-2019-8647 (A use after free issue was addressed with improved memory management.  ...)
	NOT-FOR-US: Apple
CVE-2019-8646 (An out-of-bounds read was addressed with improved input validation. Th ...)
	NOT-FOR-US: Apple
CVE-2019-8645
	RESERVED
CVE-2019-8644 (Multiple memory corruption issues were addressed with improved memory  ...)
	{DSA-4515-1}
	- webkit2gtk 2.24.4-1
	[stretch] - webkit2gtk <ignored> (Not covered by security support in stretch)
	[jessie] - webkit2gtk <ignored> (Not covered by security support in jessie)
	NOTE: https://webkitgtk.org/security/WSA-2019-0004.html
CVE-2019-8643
	RESERVED
CVE-2019-8642
	RESERVED
CVE-2019-8641 (An out-of-bounds read was addressed with improved input validation. ...)
	NOT-FOR-US: Apple
CVE-2019-8640
	RESERVED
CVE-2019-8639
	RESERVED
CVE-2019-8638
	RESERVED
CVE-2019-8637 (An input validation issue was addressed with improved input validation ...)
	NOT-FOR-US: Apple
CVE-2019-8636
	RESERVED
CVE-2019-8635 (A memory corruption issue was addressed with improved memory handling. ...)
	NOT-FOR-US: Apple
CVE-2019-8634 (An authentication issue was addressed with improved state management.  ...)
	NOT-FOR-US: Apple
CVE-2019-8633
	RESERVED
CVE-2019-8632 (Some analytics data was sent using HTTP rather than HTTPS. This was ad ...)
	NOT-FOR-US: Apple
CVE-2019-8631
	RESERVED
CVE-2019-8630 (The issue was addressed with improved UI handling. This issue is fixed ...)
	NOT-FOR-US: Apple
CVE-2019-8629 (A memory initialization issue was addressed with improved memory handl ...)
	NOT-FOR-US: Apple
CVE-2019-8628 (Multiple memory corruption issues were addressed with improved memory  ...)
	NOT-FOR-US: Apple
CVE-2019-8627
	RESERVED
CVE-2019-8626 (An input validation issue was addressed with improved input validation ...)
	NOT-FOR-US: Apple
CVE-2019-8625 (A logic issue was addressed with improved state management. This issue ...)
	{DSA-4558-1}
	- webkit2gtk 2.26.0-1
	[stretch] - webkit2gtk <ignored> (Not covered by security support in stretch)
	[jessie] - webkit2gtk <ignored> (Not covered by security support in jessie)
	NOTE: https://webkitgtk.org/security/WSA-2019-0005.html
CVE-2019-8624 (An out-of-bounds read was addressed with improved input validation. Th ...)
	NOT-FOR-US: Apple
CVE-2019-8623 (Multiple memory corruption issues were addressed with improved memory  ...)
	- webkit2gtk 2.24.1-1
	[stretch] - webkit2gtk <ignored> (Not covered by security support in stretch)
	[jessie] - webkit2gtk <ignored> (Not covered by security support in jessie)
	NOTE: https://webkitgtk.org/security/WSA-2019-0003.html
CVE-2019-8622 (Multiple memory corruption issues were addressed with improved memory  ...)
	- webkit2gtk 2.24.1-1
	[stretch] - webkit2gtk <ignored> (Not covered by security support in stretch)
	[jessie] - webkit2gtk <ignored> (Not covered by security support in jessie)
	NOTE: https://webkitgtk.org/security/WSA-2019-0003.html
CVE-2019-8621
	RESERVED
CVE-2019-8620 (A user privacy issue was addressed by removing the broadcast MAC addre ...)
	NOT-FOR-US: Apple
CVE-2019-8619 (Multiple memory corruption issues were addressed with improved memory  ...)
	- webkit2gtk 2.24.1-1
	[stretch] - webkit2gtk <ignored> (Not covered by security support in stretch)
	[jessie] - webkit2gtk <ignored> (Not covered by security support in jessie)
	NOTE: https://webkitgtk.org/security/WSA-2019-0003.html
CVE-2019-8618
	RESERVED
CVE-2019-8617 (An access issue was addressed with additional sandbox restrictions. Th ...)
	NOT-FOR-US: Apple
CVE-2019-8616 (A memory corruption issue was addressed with improved memory handling. ...)
	NOT-FOR-US: Apple
CVE-2019-8615 (Multiple memory corruption issues were addressed with improved memory  ...)
	- webkit2gtk 2.24.2-1
	[stretch] - webkit2gtk <ignored> (Not covered by security support in stretch)
	[jessie] - webkit2gtk <ignored> (Not covered by security support in jessie)
CVE-2019-8614
	RESERVED
CVE-2019-8613 (A use after free issue was addressed with improved memory management.  ...)
	NOT-FOR-US: Apple
CVE-2019-8612
	RESERVED
CVE-2019-8611 (Multiple memory corruption issues were addressed with improved memory  ...)
	- webkit2gtk 2.24.1-1
	[stretch] - webkit2gtk <ignored> (Not covered by security support in stretch)
	[jessie] - webkit2gtk <ignored> (Not covered by security support in jessie)
	NOTE: https://webkitgtk.org/security/WSA-2019-0003.html
CVE-2019-8610 (Multiple memory corruption issues were addressed with improved memory  ...)
	- webkit2gtk 2.24.1-1
	[stretch] - webkit2gtk <ignored> (Not covered by security support in stretch)
	[jessie] - webkit2gtk <ignored> (Not covered by security support in jessie)
	NOTE: https://webkitgtk.org/security/WSA-2019-0003.html
CVE-2019-8609 (Multiple memory corruption issues were addressed with improved memory  ...)
	- webkit2gtk 2.24.1-1
	[stretch] - webkit2gtk <ignored> (Not covered by security support in stretch)
	[jessie] - webkit2gtk <ignored> (Not covered by security support in jessie)
	NOTE: https://webkitgtk.org/security/WSA-2019-0003.html
CVE-2019-8608 (Multiple memory corruption issues were addressed with improved memory  ...)
	- webkit2gtk 2.24.1-1
	[stretch] - webkit2gtk <ignored> (Not covered by security support in stretch)
	[jessie] - webkit2gtk <ignored> (Not covered by security support in jessie)
	NOTE: https://webkitgtk.org/security/WSA-2019-0003.html
CVE-2019-8607 (An out-of-bounds read was addressed with improved input validation. Th ...)
	- webkit2gtk 2.24.2-1
	[stretch] - webkit2gtk <ignored> (Not covered by security support in stretch)
	[jessie] - webkit2gtk <ignored> (Not covered by security support in jessie)
CVE-2019-8606 (A validation issue existed in the handling of symlinks. This issue was ...)
	NOT-FOR-US: Apple
CVE-2019-8605 (A use after free issue was addressed with improved memory management.  ...)
	NOT-FOR-US: Apple
CVE-2019-8604 (A memory corruption issue was addressed with improved memory handling. ...)
	NOT-FOR-US: Apple
CVE-2019-8603 (A validation issue was addressed with improved input sanitization. Thi ...)
	NOT-FOR-US: Apple
CVE-2019-8602 (A memory corruption issue was addressed by removing the vulnerable cod ...)
	NOT-FOR-US: Apple
CVE-2019-8601 (Multiple memory corruption issues were addressed with improved memory  ...)
	- webkit2gtk 2.24.1-1
	[stretch] - webkit2gtk <ignored> (Not covered by security support in stretch)
	[jessie] - webkit2gtk <ignored> (Not covered by security support in jessie)
	NOTE: https://webkitgtk.org/security/WSA-2019-0003.html
CVE-2019-8600 (A memory corruption issue was addressed with improved input validation ...)
	NOT-FOR-US: Apple
CVE-2019-8599 (A logic issue was addressed with improved restrictions. This issue is  ...)
	NOT-FOR-US: Apple
CVE-2019-8598 (An input validation issue was addressed with improved input validation ...)
	NOT-FOR-US: Apple
CVE-2019-8597 (Multiple memory corruption issues were addressed with improved memory  ...)
	- webkit2gtk 2.24.1-1
	[stretch] - webkit2gtk <ignored> (Not covered by security support in stretch)
	[jessie] - webkit2gtk <ignored> (Not covered by security support in jessie)
	NOTE: https://webkitgtk.org/security/WSA-2019-0003.html
CVE-2019-8596 (Multiple memory corruption issues were addressed with improved memory  ...)
	- webkit2gtk 2.24.1-1
	[stretch] - webkit2gtk <ignored> (Not covered by security support in stretch)
	[jessie] - webkit2gtk <ignored> (Not covered by security support in jessie)
	NOTE: https://webkitgtk.org/security/WSA-2019-0003.html
CVE-2019-8595 (Multiple memory corruption issues were addressed with improved memory  ...)
	- webkit2gtk 2.24.2-1
	[stretch] - webkit2gtk <ignored> (Not covered by security support in stretch)
	[jessie] - webkit2gtk <ignored> (Not covered by security support in jessie)
CVE-2019-8594 (Multiple memory corruption issues were addressed with improved memory  ...)
	- webkit2gtk 2.24.1-1
	[stretch] - webkit2gtk <ignored> (Not covered by security support in stretch)
	[jessie] - webkit2gtk <ignored> (Not covered by security support in jessie)
	NOTE: https://webkitgtk.org/security/WSA-2019-0003.html
CVE-2019-8593 (A memory corruption issue was addressed with improved memory handling. ...)
	NOT-FOR-US: Apple
CVE-2019-8592
	RESERVED
CVE-2019-8591 (A type confusion issue was addressed with improved memory handling. Th ...)
	NOT-FOR-US: Apple
CVE-2019-8590 (A logic issue was addressed with improved restrictions. This issue is  ...)
	NOT-FOR-US: Apple
CVE-2019-8589 (This issue was addressed with improved checks. This issue is fixed in  ...)
	NOT-FOR-US: Apple
CVE-2019-8588
	RESERVED
CVE-2019-8587 (Multiple memory corruption issues were addressed with improved memory  ...)
	- webkit2gtk 2.24.1-1
	[stretch] - webkit2gtk <ignored> (Not covered by security support in stretch)
	[jessie] - webkit2gtk <ignored> (Not covered by security support in jessie)
	NOTE: https://webkitgtk.org/security/WSA-2019-0003.html
CVE-2019-8586 (Multiple memory corruption issues were addressed with improved memory  ...)
	- webkit2gtk 2.24.1-1
	[stretch] - webkit2gtk <ignored> (Not covered by security support in stretch)
	[jessie] - webkit2gtk <ignored> (Not covered by security support in jessie)
	NOTE: https://webkitgtk.org/security/WSA-2019-0003.html
CVE-2019-8585 (An out-of-bounds read was addressed with improved input validation. Th ...)
	NOT-FOR-US: Apple
CVE-2019-8584 (Multiple memory corruption issues were addressed with improved memory  ...)
	- webkit2gtk 2.24.1-1
	[stretch] - webkit2gtk <ignored> (Not covered by security support in stretch)
	[jessie] - webkit2gtk <ignored> (Not covered by security support in jessie)
	NOTE: https://webkitgtk.org/security/WSA-2019-0003.html
CVE-2019-8583 (Multiple memory corruption issues were addressed with improved memory  ...)
	- webkit2gtk 2.24.1-1
	[stretch] - webkit2gtk <ignored> (Not covered by security support in stretch)
	[jessie] - webkit2gtk <ignored> (Not covered by security support in jessie)
	NOTE: https://webkitgtk.org/security/WSA-2019-0003.html
CVE-2019-8582
	RESERVED
CVE-2019-8581
	RESERVED
CVE-2019-8580
	RESERVED
CVE-2019-8579
	RESERVED
CVE-2019-8578
	RESERVED
CVE-2019-8577 (An input validation issue was addressed with improved memory handling. ...)
	NOT-FOR-US: Apple
CVE-2019-8576 (An out-of-bounds read was addressed with improved bounds checking. Thi ...)
	NOT-FOR-US: Apple
CVE-2019-8575
	RESERVED
CVE-2019-8574 (A memory corruption issue was addressed with improved memory handling. ...)
	NOT-FOR-US: Apple
CVE-2019-8573
	RESERVED
CVE-2019-8572
	RESERVED
CVE-2019-8571 (Multiple memory corruption issues were addressed with improved memory  ...)
	- webkit2gtk 2.24.1-1
	[stretch] - webkit2gtk <ignored> (Not covered by security support in stretch)
	[jessie] - webkit2gtk <ignored> (Not covered by security support in jessie)
	NOTE: https://webkitgtk.org/security/WSA-2019-0003.html
CVE-2019-8570
	RESERVED
CVE-2019-8569
	RESERVED
CVE-2019-8568 (A validation issue existed in the handling of symlinks. This issue was ...)
	NOT-FOR-US: Apple
CVE-2019-8567 (A user privacy issue was addressed by removing the broadcast MAC addre ...)
	NOT-FOR-US: Apple
CVE-2019-8566 (An API issue existed in the handling of microphone data. This issue wa ...)
	NOT-FOR-US: Apple
CVE-2019-8565 (A race condition was addressed with additional validation. This issue  ...)
	NOT-FOR-US: Apple
CVE-2019-8564
	RESERVED
CVE-2019-8563 (Multiple memory corruption issues were addressed with improved memory  ...)
	- webkit2gtk 2.24.1-1
	[stretch] - webkit2gtk <ignored> (Not covered by security support in stretch)
	[jessie] - webkit2gtk <ignored> (Not covered by security support in jessie)
	NOTE: https://webkitgtk.org/security/WSA-2019-0002.html
CVE-2019-8562 (A memory corruption issue was addressed with improved validation. This ...)
	NOT-FOR-US: Apple
CVE-2019-8561 (A logic issue was addressed with improved validation. This issue is fi ...)
	NOT-FOR-US: Apple
CVE-2019-8560 (An out-of-bounds read was addressed with improved bounds checking. Thi ...)
	NOT-FOR-US: Apple
CVE-2019-8559 (Multiple memory corruption issues were addressed with improved memory  ...)
	- webkit2gtk 2.24.1-1
	[stretch] - webkit2gtk <ignored> (Not covered by security support in stretch)
	[jessie] - webkit2gtk <ignored> (Not covered by security support in jessie)
	NOTE: https://webkitgtk.org/security/WSA-2019-0002.html
CVE-2019-8558 (Multiple memory corruption issues were addressed with improved memory  ...)
	- webkit2gtk 2.24.1-1
	[stretch] - webkit2gtk <ignored> (Not covered by security support in stretch)
	[jessie] - webkit2gtk <ignored> (Not covered by security support in jessie)
	NOTE: https://webkitgtk.org/security/WSA-2019-0002.html
CVE-2019-8557
	RESERVED
CVE-2019-8556 (A use after free issue was addressed with improved memory management.  ...)
	NOT-FOR-US: Apple
CVE-2019-8555 (A buffer overflow was addressed with improved size validation. This is ...)
	NOT-FOR-US: Apple
CVE-2019-8554 (A permissions issue existed in the handling of motion and orientation  ...)
	NOT-FOR-US: Apple
CVE-2019-8553 (A memory corruption issue was addressed with improved validation. This ...)
	NOT-FOR-US: Apple
CVE-2019-8552 (A memory initialization issue was addressed with improved memory handl ...)
	NOT-FOR-US: Apple
CVE-2019-8551 (A logic issue was addressed with improved validation. This issue is fi ...)
	- webkit2gtk 2.24.1-1
	[stretch] - webkit2gtk <ignored> (Not covered by security support in stretch)
	[jessie] - webkit2gtk <ignored> (Not covered by security support in jessie)
	NOTE: https://webkitgtk.org/security/WSA-2019-0002.html
CVE-2019-8550 (An issue existed in the pausing of FaceTime video. The issue was resol ...)
	NOT-FOR-US: Apple
CVE-2019-8549 (Multiple input validation issues existed in MIG generated code. These  ...)
	NOT-FOR-US: Apple
CVE-2019-8548 (An issue existed where partially entered passcodes may not clear when  ...)
	NOT-FOR-US: Apple
CVE-2019-8547
	RESERVED
CVE-2019-8546 (An access issue was addressed with additional sandbox restrictions. Th ...)
	NOT-FOR-US: Apple
CVE-2019-8545 (A memory corruption issue was addressed with improved state management ...)
	NOT-FOR-US: Apple
CVE-2019-8544 (A memory corruption issue was addressed with improved memory handling. ...)
	- webkit2gtk 2.24.1-1
	[stretch] - webkit2gtk <ignored> (Not covered by security support in stretch)
	[jessie] - webkit2gtk <ignored> (Not covered by security support in jessie)
	NOTE: https://webkitgtk.org/security/WSA-2019-0002.html
CVE-2019-8543
	RESERVED
CVE-2019-8542 (A buffer overflow was addressed with improved bounds checking. This is ...)
	NOT-FOR-US: Apple
CVE-2019-8541 (A privacy issue existed in motion sensor calibration. This issue was a ...)
	NOT-FOR-US: Apple
CVE-2019-8540 (A memory initialization issue was addressed with improved memory handl ...)
	NOT-FOR-US: Apple
CVE-2019-8539
	RESERVED
CVE-2019-8538
	RESERVED
CVE-2019-8537 (An access issue was addressed with improved memory management. This is ...)
	NOT-FOR-US: Apple
CVE-2019-8536 (A memory corruption issue was addressed with improved memory handling. ...)
	- webkit2gtk 2.24.1-1
	[stretch] - webkit2gtk <ignored> (Not covered by security support in stretch)
	[jessie] - webkit2gtk <ignored> (Not covered by security support in jessie)
	NOTE: https://webkitgtk.org/security/WSA-2019-0002.html
CVE-2019-8535 (A memory corruption issue was addressed with improved state management ...)
	- webkit2gtk 2.24.1-1
	[stretch] - webkit2gtk <ignored> (Not covered by security support in stretch)
	[jessie] - webkit2gtk <ignored> (Not covered by security support in jessie)
	NOTE: https://webkitgtk.org/security/WSA-2019-0002.html
CVE-2019-8534
	RESERVED
CVE-2019-8533 (A lock handling issue was addressed with improved lock handling. This  ...)
	NOT-FOR-US: Apple
CVE-2019-8532
	RESERVED
CVE-2019-8531
	RESERVED
CVE-2019-8530 (This issue was addressed with improved checks. This issue is fixed in  ...)
	NOT-FOR-US: Apple
CVE-2019-8529 (A memory corruption issue was addressed with improved input validation ...)
	NOT-FOR-US: Apple
CVE-2019-8528
	RESERVED
CVE-2019-8527 (A buffer overflow was addressed with improved size validation. This is ...)
	NOT-FOR-US: Apple
CVE-2019-8526 (A use after free issue was addressed with improved memory management.  ...)
	NOT-FOR-US: Apple
CVE-2019-8525
	RESERVED
CVE-2019-8524 (Multiple memory corruption issues were addressed with improved memory  ...)
	- webkit2gtk 2.24.1-1
	[stretch] - webkit2gtk <ignored> (Not covered by security support in stretch)
	[jessie] - webkit2gtk <ignored> (Not covered by security support in jessie)
	NOTE: https://webkitgtk.org/security/WSA-2019-0002.html
CVE-2019-8523 (Multiple memory corruption issues were addressed with improved memory  ...)
	- webkit2gtk 2.24.1-1
	[stretch] - webkit2gtk <ignored> (Not covered by security support in stretch)
	[jessie] - webkit2gtk <ignored> (Not covered by security support in jessie)
	NOTE: https://webkitgtk.org/security/WSA-2019-0002.html
CVE-2019-8522 (A logic issue was addressed with improved state management. This issue ...)
	NOT-FOR-US: Apple
CVE-2019-8521 (This issue was addressed with improved checks. This issue is fixed in  ...)
	NOT-FOR-US: Apple
CVE-2019-8520 (An out-of-bounds read was addressed with improved bounds checking. Thi ...)
	NOT-FOR-US: Apple
CVE-2019-8519 (An out-of-bounds read was addressed with improved bounds checking. Thi ...)
	NOT-FOR-US: Apple
CVE-2019-8518 (Multiple memory corruption issues were addressed with improved memory  ...)
	- webkit2gtk 2.24.1-1
	[stretch] - webkit2gtk <ignored> (Not covered by security support in stretch)
	[jessie] - webkit2gtk <ignored> (Not covered by security support in jessie)
	NOTE: https://webkitgtk.org/security/WSA-2019-0002.html
CVE-2019-8517 (An out-of-bounds read was addressed with improved bounds checking. Thi ...)
	NOT-FOR-US: Apple
CVE-2019-8516 (A validation issue was addressed with improved logic. This issue is fi ...)
	NOT-FOR-US: Apple
CVE-2019-8515 (A cross-origin issue existed with the fetch API. This was addressed wi ...)
	- webkit2gtk 2.24.1-1
	[stretch] - webkit2gtk <ignored> (Not covered by security support in stretch)
	[jessie] - webkit2gtk <ignored> (Not covered by security support in jessie)
	NOTE: https://webkitgtk.org/security/WSA-2019-0002.html
CVE-2019-8514 (A logic issue was addressed with improved state management. This issue ...)
	NOT-FOR-US: Apple
CVE-2019-8513 (This issue was addressed with improved checks. This issue is fixed in  ...)
	NOT-FOR-US: Apple
CVE-2019-8512 (This issue was addressed with improved transparency. This issue is fix ...)
	NOT-FOR-US: Apple
CVE-2019-8511 (A buffer overflow issue was addressed with improved memory handling. T ...)
	NOT-FOR-US: Apple
CVE-2019-8510 (An out-of-bounds read issue existed that led to the disclosure of kern ...)
	NOT-FOR-US: Apple
CVE-2019-8509
	RESERVED
CVE-2019-8508 (A buffer overflow was addressed with improved bounds checking. This is ...)
	NOT-FOR-US: Apple
CVE-2019-8507 (Multiple memory corruption issues were addressed with improved input v ...)
	NOT-FOR-US: Apple
CVE-2019-8506 (A type confusion issue was addressed with improved memory handling. Th ...)
	- webkit2gtk 2.24.1-1
	[stretch] - webkit2gtk <ignored> (Not covered by security support in stretch)
	[jessie] - webkit2gtk <ignored> (Not covered by security support in jessie)
	NOTE: https://webkitgtk.org/security/WSA-2019-0002.html
CVE-2019-8505 (A logic issue was addressed with improved validation. This issue is fi ...)
	NOT-FOR-US: Apple
CVE-2019-8504 (A memory initialization issue was addressed with improved memory handl ...)
	NOT-FOR-US: Apple
CVE-2019-8503 (A logic issue was addressed with improved validation. This issue is fi ...)
	- webkit2gtk 2.24.1-1
	[stretch] - webkit2gtk <ignored> (Not covered by security support in stretch)
	[jessie] - webkit2gtk <ignored> (Not covered by security support in jessie)
	NOTE: https://webkitgtk.org/security/WSA-2019-0002.html
CVE-2019-8502 (An API issue existed in the handling of dictation requests. This issue ...)
	NOT-FOR-US: Apple
CVE-2019-8501
	RESERVED
CVE-2019-8500
	RESERVED
CVE-2019-8499
	RESERVED
CVE-2019-8498
	RESERVED
CVE-2019-8497
	RESERVED
CVE-2019-8496
	RESERVED
CVE-2019-8495
	RESERVED
CVE-2019-8494
	RESERVED
CVE-2019-8493
	RESERVED
CVE-2019-8492
	RESERVED
CVE-2019-8491
	RESERVED
CVE-2019-8490
	RESERVED
CVE-2019-8489
	RESERVED
CVE-2019-8488
	RESERVED
CVE-2019-8487
	RESERVED
CVE-2019-8486
	RESERVED
CVE-2019-8485
	RESERVED
CVE-2019-8484
	RESERVED
CVE-2019-8483
	RESERVED
CVE-2019-8482
	RESERVED
CVE-2019-8481
	RESERVED
CVE-2019-8480
	RESERVED
CVE-2019-8479
	RESERVED
CVE-2019-8478
	RESERVED
CVE-2019-8477
	RESERVED
CVE-2019-8476
	RESERVED
CVE-2019-8475
	RESERVED
CVE-2019-8474
	RESERVED
CVE-2019-8473
	RESERVED
CVE-2019-8472
	RESERVED
CVE-2019-8471
	RESERVED
CVE-2019-8470
	RESERVED
CVE-2019-8469
	RESERVED
CVE-2019-8468
	RESERVED
CVE-2019-8467
	RESERVED
CVE-2019-8466
	RESERVED
CVE-2019-8465
	RESERVED
CVE-2019-8464
	RESERVED
CVE-2019-8463 (A denial of service vulnerability was reported in Check Point Endpoint ...)
	NOT-FOR-US: Check Point Endpoint Security Client for Windows
CVE-2019-8462 (In a rare scenario, Check Point R80.30 Security Gateway before JHF Tak ...)
	NOT-FOR-US: Check Point R80.30 Security Gateway
CVE-2019-8461 (Check Point Endpoint Security Initial Client for Windows before versio ...)
	NOT-FOR-US: Check Point
CVE-2019-8460 (OpenBSD kernel version &lt;= 6.5 can be forced to create long chains o ...)
	NOT-FOR-US: Check Point
CVE-2019-8459 (Check Point Endpoint Security Client for Windows, with the VPN blade,  ...)
	NOT-FOR-US: Check Point Endpoint Security Client for Windows
CVE-2019-8458 (Check Point Endpoint Security Client for Windows, with Anti-Malware bl ...)
	NOT-FOR-US: Check Point Endpoint Security Client for Windows
CVE-2019-8457 (SQLite3 from 3.6.0 to and including 3.27.2 is vulnerable to heap out-o ...)
	- sqlite3 3.27.2-3 (bug #929775)
	[stretch] - sqlite3 <no-dsa> (Minor issue; can be fixed via point release)
	[jessie] - sqlite3 <no-dsa> (Minor issue)
	NOTE: Fixed by: https://www.sqlite.org/src/info/90acdbfce9c08858
	NOTE: Make the internal dynamic string interface available to extensions:
	NOTE: https://sqlite.org/src/info/87f261f0cb800b06
	NOTE: Affected function is not used in Debian and meant for debugging purposes,
	NOTE: backporting the fix would be very complex.
	NOTE: https://lists.debian.org/debian-lts/2019/06/msg00013.html
	NOTE: https://lists.debian.org/debian-lts/2019/06/msg00036.html
CVE-2019-8456 (Check Point IKEv2 IPsec VPN up to R80.30, in some less common conditio ...)
	NOT-FOR-US: Check Point
CVE-2019-8455 (A hard-link created from the log file of Check Point ZoneAlarm up to 1 ...)
	NOT-FOR-US: Check Point ZoneAlarm
CVE-2019-8454 (A local attacker can create a hard-link between a file to which the Ch ...)
	NOT-FOR-US: Check Point Endpoint Security client for Windows
CVE-2019-8453 (Some of the DLLs loaded by Check Point ZoneAlarm up to 15.4.062 are ta ...)
	NOT-FOR-US: Check Point ZoneAlarm
CVE-2019-8452 (A hard-link created from log file archive of Check Point ZoneAlarm up  ...)
	NOT-FOR-US: Check Point ZoneAlarm
CVE-2019-8451 (The /plugins/servlet/gadgets/makeRequest resource in Jira before versi ...)
	NOT-FOR-US: Jira
CVE-2019-8450 (Various templates of the Optimization plugin in Jira before version 7. ...)
	NOT-FOR-US: Jira
CVE-2019-8449 (The /rest/api/latest/groupuserpicker resource in Jira before version 8 ...)
	NOT-FOR-US: Jira
CVE-2019-8448 (The login.jsp resource in Jira before version 7.13.4, and from version ...)
	NOT-FOR-US: Atlassian Jira
CVE-2019-8447 (The ServiceExecutor resource in Jira before version 8.3.2 allows remot ...)
	NOT-FOR-US: Atlassian Jira
CVE-2019-8446 (The /rest/issueNav/1/issueTable resource in Jira before version 8.3.2  ...)
	NOT-FOR-US: Atlassian Jira
CVE-2019-8445 (Several worklog rest resources in Jira before version 7.13.7, and from ...)
	NOT-FOR-US: Atlassian Jira
CVE-2019-8444 (The wikirenderer component in Jira before version 7.13.6, and from ver ...)
	NOT-FOR-US: Atlassian Jira
CVE-2019-8443 (The ViewUpgrades resource in Jira before version 7.13.4, from version  ...)
	NOT-FOR-US: Atlassian Jira
CVE-2019-8442 (The CachingResourceDownloadRewriteRule class in Jira before version 7. ...)
	NOT-FOR-US: Atlassian Jira
CVE-2019-8441
	RESERVED
CVE-2019-8440 (An issue was discovered in DiliCMS 2.4.0. There is a Stored XSS Vulner ...)
	NOT-FOR-US: DiliCMS
CVE-2019-8439 (An issue was discovered in DiliCMS 2.4.0. There is a Stored XSS Vulner ...)
	NOT-FOR-US: DiliCMS
CVE-2019-8438 (An issue was discovered in DiliCMS 2.4.0. There is a Stored XSS Vulner ...)
	NOT-FOR-US: DiliCMS
CVE-2019-8437 (njiandan-cms through 2013-05-23 has index.php/admin/user_new CSRF to a ...)
	NOT-FOR-US: njiandan-cms
CVE-2019-8436 (imcat 4.5 has Stored XSS via the root/run/adm.php fm[instop][note] par ...)
	NOT-FOR-US: imcat
CVE-2019-8435 (admin/default.php in PHPMyWind v5.5 has XSS via an HTTP Host header. ...)
	NOT-FOR-US: PHPMyWind
CVE-2019-8434 (In CmsEasy 7.0, there is XSS via the ckplayer.php autoplay parameter. ...)
	NOT-FOR-US: CmsEasy
CVE-2019-8433 (JTBC(PHP) 3.0.1.8 allows Arbitrary File Upload via the console/#/conso ...)
	NOT-FOR-US: JTBC(PHP)
CVE-2019-8432 (In CmsEasy 7.0, there is XSS via the ckplayer.php url parameter. ...)
	NOT-FOR-US: CmsEasy
CVE-2019-8431
	RESERVED
CVE-2019-8430
	RESERVED
CVE-2019-8429 (ZoneMinder before 1.32.3 has SQL Injection via the ajax/status.php fil ...)
	- zoneminder <unfixed> (bug #922724)
CVE-2019-8428 (ZoneMinder before 1.32.3 has SQL Injection via the skins/classic/views ...)
	- zoneminder <unfixed> (bug #922724)
CVE-2019-8427 (daemonControl in includes/functions.php in ZoneMinder before 1.32.3 al ...)
	- zoneminder <unfixed> (bug #922724)
CVE-2019-8426 (skins/classic/views/controlcap.php in ZoneMinder before 1.32.3 has XSS ...)
	- zoneminder <unfixed> (bug #922724)
CVE-2019-8425 (includes/database.php in ZoneMinder before 1.32.3 has XSS in the const ...)
	- zoneminder <unfixed> (bug #922724)
CVE-2019-8424 (ZoneMinder before 1.32.3 has SQL Injection via the ajax/status.php sor ...)
	- zoneminder <unfixed> (bug #922724)
CVE-2019-8423 (ZoneMinder through 1.32.3 has SQL Injection via the skins/classic/view ...)
	- zoneminder <unfixed> (bug #922724)
CVE-2019-8422 (A SQL Injection vulnerability exists in PbootCMS v1.3.2 via the descri ...)
	NOT-FOR-US: PbootCMS
CVE-2019-8421 (upload/protected/modules/admini/views/post/index.php in BageCMS throug ...)
	NOT-FOR-US: BageCMS
CVE-2019-8420
	RESERVED
CVE-2019-8419 (VNote 2.2 has XSS via a new text note. ...)
	NOT-FOR-US: VNote
CVE-2019-8418 (SeaCMS 7.2 mishandles member.php?mod=repsw4 requests. ...)
	NOT-FOR-US: SeaCMS
CVE-2019-8417
	RESERVED
CVE-2019-8416
	RESERVED
CVE-2019-8415
	RESERVED
CVE-2019-8414
	RESERVED
CVE-2019-8413 (On Xiaomi MIX 2 devices with the 4.4.78 kernel, a NULL pointer derefer ...)
	NOT-FOR-US: Xiaomi
CVE-2019-8412 (FeiFeiCms 4.0.181010 on Windows allows remote attackers to read or del ...)
	NOT-FOR-US: FeiFeiCms
CVE-2019-8411 (admin/dl_data.php in zzcms 2018 (2018-10-19) allows remote attackers t ...)
	NOT-FOR-US: zzcms
CVE-2019-8410 (Maccms 8.0 allows XSS via the inc/config/cache.php t_key parameter bec ...)
	NOT-FOR-US: Maccms
CVE-2019-8409
	RESERVED
CVE-2019-8408 (OneFileCMS 3.6.13 allows remote attackers to modify onefilecms.php by  ...)
	NOT-FOR-US: OneFileCMS
CVE-2019-8407 (HongCMS 3.0.0 allows arbitrary file read and write operations via a .. ...)
	NOT-FOR-US: HongCMS
CVE-2019-8406
	RESERVED
CVE-2019-8405
	RESERVED
CVE-2019-8404 (An issue was discovered in Webiness Inventory 2.3. The ProductModel co ...)
	NOT-FOR-US: Webiness Inventory
CVE-2019-8403
	RESERVED
CVE-2019-8402
	RESERVED
CVE-2019-8401
	REJECTED
CVE-2019-8400 (ORY Hydra before v1.0.0-rc.3+oryOS.9 has Reflected XSS via the oauth2/ ...)
	NOT-FOR-US: ORY Hydra
CVE-2019-8399
	RESERVED
CVE-2019-8398 (An issue was discovered in the HDF HDF5 1.10.4 library. There is an ou ...)
	- hdf5 <undetermined>
	NOTE: https://github.com/magicSwordsMan/PAAFS/tree/master/vul6
	NOTE: https://jira.hdfgroup.org/browse/HDFFV-10710
CVE-2019-8397 (An issue was discovered in the HDF HDF5 1.10.4 library. There is an ou ...)
	- hdf5 <unfixed>
	[buster] - hdf5 <no-dsa> (Minor issue)
	[stretch] - hdf5 <no-dsa> (Minor issue)
	[jessie] - hdf5 <ignored> (Minor issue)
	NOTE: https://github.com/magicSwordsMan/PAAFS/tree/master/vul5
	NOTE: issue in upstream bug tracker: https://jira.hdfgroup.org/browse/HDFFV-10711
CVE-2019-8396 (A buffer overflow in H5O__layout_encode in H5Olayout.c in the HDF HDF5 ...)
	- hdf5 <undetermined>
	NOTE: https://github.com/magicSwordsMan/PAAFS/tree/master/vul4
	NOTE: https://jira.hdfgroup.org/browse/HDFFV-10712
CVE-2019-8395 (An Insecure Direct Object Reference (IDOR) vulnerability exists in Zoh ...)
	NOT-FOR-US: Zoho ManageEngine ServiceDesk Plus
CVE-2019-8394 (Zoho ManageEngine ServiceDesk Plus (SDP) before 10.0 build 10012 allow ...)
	NOT-FOR-US: Zoho ManageEngine ServiceDesk Plus
CVE-2019-8393 (Hotels_Server through 2018-11-05 has SQL Injection via the API because ...)
	NOT-FOR-US: Hotels_Server
CVE-2019-8392 (An issue was discovered on D-Link DIR-823G devices with firmware 1.02B ...)
	NOT-FOR-US: D-Link
CVE-2019-8391 (qdPM 9.1 suffers from Cross-site Scripting (XSS) via configuration?typ ...)
	NOT-FOR-US: qdPM
CVE-2019-8390 (qdPM 9.1 suffers from Cross-site Scripting (XSS) in the search[keyword ...)
	NOT-FOR-US: qdPM
CVE-2019-8389 (A file-read vulnerability was identified in the Wi-Fi transfer feature ...)
	NOT-FOR-US: Musicloud
CVE-2019-8388
	RESERVED
CVE-2019-8387 (MASTER IPCAMERA01 3.3.4.2103 devices allow Remote Command Execution, r ...)
	NOT-FOR-US: MASTER IPCAMERA01 devices
CVE-2019-8386
	RESERVED
CVE-2019-8385 (An issue was discovered in Thomson Reuters Desktop Extensions 1.9.0.35 ...)
	NOT-FOR-US: Thomson Reuters Desktop Extensions
CVE-2019-8384
	RESERVED
CVE-2019-8383 (An issue was discovered in AdvanceCOMP through 2.1. An invalid memory  ...)
	- advancecomp 2.1-2.1 (bug #928730)
	[stretch] - advancecomp <no-dsa> (Minor issue)
	[jessie] - advancecomp <ignored> (Minor issue)
	NOTE: https://sourceforge.net/p/advancemame/bugs/272/
	NOTE: https://github.com/amadvance/advancecomp/commit/78a56b21340157775be2462a19276b4d31d2bd01
CVE-2019-8382 (An issue was discovered in Bento4 1.5.1-628. A NULL pointer dereferenc ...)
	NOT-FOR-US: Bento4
CVE-2019-8381 (An issue was discovered in Tcpreplay 4.3.1. An invalid memory access o ...)
	- tcpreplay 4.3.1-2 (unimportant; bug #922622)
	NOTE: https://github.com/appneta/tcpreplay/issues/538
	NOTE: Crash in a CLI tool, no security impact
CVE-2019-8380 (An issue was discovered in Bento4 1.5.1-628. A NULL pointer dereferenc ...)
	NOT-FOR-US: Bento4
CVE-2019-8379 (An issue was discovered in AdvanceCOMP through 2.1. A NULL pointer der ...)
	- advancecomp 2.1-2.1 (bug #928729)
	[stretch] - advancecomp <no-dsa> (Minor issue)
	[jessie] - advancecomp <ignored> (Minor issue)
	NOTE: https://sourceforge.net/p/advancemame/bugs/271/
	NOTE: https://github.com/amadvance/advancecomp/commit/7894a6e684ce68ddff9f4f4919ab8e3911ac8040
CVE-2019-8378 (An issue was discovered in Bento4 1.5.1-628. A heap-based buffer over- ...)
	NOT-FOR-US: Bento4
CVE-2019-8377 (An issue was discovered in Tcpreplay 4.3.1. A NULL pointer dereference ...)
	- tcpreplay 4.3.1-2 (unimportant; bug #922623)
	NOTE: https://github.com/appneta/tcpreplay/issues/536
	NOTE: Crash in a CLI tool, no security impact
CVE-2019-8376 (An issue was discovered in Tcpreplay 4.3.1. A NULL pointer dereference ...)
	- tcpreplay 4.3.1-2 (unimportant; bug #922624)
	NOTE: https://github.com/appneta/tcpreplay/issues/537
	NOTE: Crash in a CLI tool, no security impact
CVE-2019-8375 (The UIProcess subsystem in WebKit, as used in WebKitGTK through 2.23.9 ...)
	- webkit2gtk 2.24.1-1 (unimportant)
	NOTE: https://github.com/WebKit/webkit/commit/6f9b511a115311b13c06eb58038ddc2c78da5531
	NOTE: https://trac.webkit.org/changeset/241515/webkit
	NOTE: https://www.inputzero.io/2019/02/fuzzing-webkit.html
	NOTE: Not covered by security support
CVE-2019-8374
	RESERVED
CVE-2019-8373
	RESERVED
CVE-2019-8372 (The LHA.sys driver before 1.1.1811.2101 in LG Device Manager exposes f ...)
	NOT-FOR-US: LG
CVE-2019-8371 (OpenEMR v5.0.1-6 allows code execution. ...)
	NOT-FOR-US: OpenEMR
CVE-2019-8370
	REJECTED
CVE-2019-8369
	REJECTED
CVE-2019-8368 (OpenEMR v5.0.1-6 allows XSS. ...)
	NOT-FOR-US: OpenEMR
CVE-2019-8367
	RESERVED
CVE-2019-8366
	RESERVED
CVE-2019-8365
	RESERVED
CVE-2019-8364
	RESERVED
CVE-2019-8363 (Verydows 2.0 has XSS via the index.php?c=main a parameter, as demonstr ...)
	NOT-FOR-US: Verydows
CVE-2019-8362 (DedeCMS through V5.7SP2 allows arbitrary file upload in dede/album_edi ...)
	NOT-FOR-US: DedeCMS
CVE-2019-8361 (PHP Scripts Mall Responsive Video News Script has XSS via the Search B ...)
	NOT-FOR-US: PHP Scripts Mall Responsive Video News Script
CVE-2019-8360 (Themerig Find a Place CMS Directory 1.5 has SQL Injection via the find ...)
	NOT-FOR-US: Themerig Find a Place CMS Directory
CVE-2019-8359
	RESERVED
CVE-2019-8358 (In Hiawatha before 10.8.4, a remote attacker is able to do directory t ...)
	NOT-FOR-US: Hiawatha
CVE-2019-8357 (An issue was discovered in SoX 14.4.2. lsx_make_lpf in effect_i_dsp.c  ...)
	{DLA-1808-1}
	- sox 14.4.2+git20190427-1 (low; bug #927906)
	[stretch] - sox 14.4.1-5+deb9u2
	NOTE: https://sourceforge.net/p/sox/bugs/318
	NOTE: https://sourceforge.net/p/sox/code/ci/2ce02fea7b350de9ddfbcf542ba4dd59a8ab255b/
CVE-2019-8356 (An issue was discovered in SoX 14.4.2. One of the arguments to bitrv2  ...)
	{DLA-1808-1}
	- sox 14.4.2+git20190427-1 (bug #927906)
	[stretch] - sox 14.4.1-5+deb9u2
	NOTE: https://sourceforge.net/p/sox/bugs/321
	NOTE: https://sourceforge.net/p/sox/code/ci/b7883ae1398499daaa926ae6621f088f0f531ed8/
CVE-2019-8355 (An issue was discovered in SoX 14.4.2. In xmalloc.h, there is an integ ...)
	{DLA-1808-1}
	- sox 14.4.2+git20190427-1 (bug #927906)
	[stretch] - sox 14.4.1-5+deb9u2
	NOTE: https://sourceforge.net/p/sox/bugs/320
	NOTE: https://sourceforge.net/p/sox/code/ci/f8587e2d50dad72d40453ac1191c539ee9e50381/
CVE-2019-8354 (An issue was discovered in SoX 14.4.2. lsx_make_lpf in effect_i_dsp.c  ...)
	{DLA-1808-1}
	- sox 14.4.2+git20190427-1 (bug #927906)
	[stretch] - sox 14.4.1-5+deb9u2
	NOTE: https://sourceforge.net/p/sox/bugs/319
	NOTE: https://sourceforge.net/p/sox/code/ci/f70911261a84333b077c29908e1242f69d7439eb
CVE-2019-8353
	RESERVED
CVE-2019-8352 (By default, BMC PATROL Agent through 11.3.01 uses a static encryption  ...)
	NOT-FOR-US: BMC PATROL Agent
CVE-2019-8351 (Heimdal Thor Agent 2.5.17x before 2.5.173 does not verify X.509 certif ...)
	NOT-FOR-US: Heimdal Thor Agent
CVE-2019-8350 (The Simple - Better Banking application 2.45.0 through 2.45.3 (fixed i ...)
	NOT-FOR-US: Simple - Better Banking application for Android
CVE-2019-8349 (Multiple cross-site scripting (XSS) vulnerabilities in HTMLy 2.7.4 all ...)
	NOT-FOR-US: HTMLy
CVE-2019-8348
	RESERVED
CVE-2019-8347 (BEESCMS 4.0 has a CSRF vulnerability to add arbitrary VIP accounts via ...)
	NOT-FOR-US: BEESCMS
CVE-2019-8346 (In Zoho ManageEngine ADSelfService Plus 5.x through 5704, an authoriza ...)
	NOT-FOR-US: Zoho ManageEngine ADSelfService Plus
CVE-2019-8345 (The Help feature in the ES File Explorer File Manager application 4.1. ...)
	NOT-FOR-US: ES File Explorer File Manager
CVE-2019-8344
	RESERVED
CVE-2019-8343 (In Netwide Assembler (NASM) 2.14.02, there is a use-after-free in past ...)
	- nasm <unfixed> (unimportant; bug #922433)
	NOTE: https://bugzilla.nasm.us/show_bug.cgi?id=3392556
	NOTE: Crash in CLI tool, no security impact
CVE-2019-8342 (A Local Privilege Escalation in libqcocoa.dylib in Foxit Reader 3.1.0. ...)
	NOT-FOR-US: Foxit Reader
CVE-2019-8341 (** DISPUTED ** An issue was discovered in Jinja2 2.10. The from_string ...)
	- jinja2 <unfixed> (unimportant)
	NOTE: https://github.com/JameelNabbo/Jinja2-Code-execution
	NOTE: No real security impact and upstream indicates the CVE is invalid
CVE-2019-8340
	RESERVED
CVE-2019-8339 (An issue was discovered in Falco through 0.14.0. A missing indicator f ...)
	NOT-FOR-US: Falco
CVE-2019-8338 (The signature verification routine in the Airmail GPG-PGP Plugin, vers ...)
	NOT-FOR-US: Airmail
CVE-2019-8336 (HashiCorp Consul (and Consul Enterprise) 1.4.x before 1.4.3 allows a c ...)
	- consul <not-affected> (Only affected 1.4.x series up, vulnerable code never present in Debian)
	NOTE: https://github.com/hashicorp/consul/issues/5423
CVE-2019-8335 (An issue was discovered in SchoolCMS 2.3.1. There is an XSS vulnerabil ...)
	NOT-FOR-US: SchoolCMS
CVE-2019-8334 (An issue was discovered in SchoolCMS 2.3.1. There is an XSS vulnerabil ...)
	NOT-FOR-US: SchoolCMS
CVE-2019-8333
	RESERVED
CVE-2019-8332
	RESERVED
CVE-2019-8331 (In Bootstrap before 3.4.1 and 4.3.x before 4.3.1, XSS is possible in t ...)
	- twitter-bootstrap4 4.3.1+dfsg2-1
	- twitter-bootstrap3 3.4.1+dfsg-1
	[stretch] - twitter-bootstrap3 3.3.7+dfsg-2+deb9u2
	[jessie] - twitter-bootstrap3 <no-dsa> (Minor issue)
	- twitter-bootstrap <removed>
	[stretch] - twitter-bootstrap <no-dsa> (Minor issue; XSS in developer-issued input when HTML is enabled)
	[jessie] - twitter-bootstrap <no-dsa> (Minor issue; XSS in developer-issued input when HTML is enabled)
	NOTE: https://github.com/twbs/bootstrap/pull/28236
CVE-2019-8330
	RESERVED
CVE-2019-8329
	RESERVED
CVE-2019-8328
	RESERVED
CVE-2019-8327
	RESERVED
CVE-2019-8326
	RESERVED
CVE-2019-8325 (An issue was discovered in RubyGems 2.6 and later through 3.0.2. Since ...)
	{DSA-4433-1 DLA-1796-1 DLA-1735-1}
	- ruby2.5 2.5.5-1
	- ruby2.3 <removed>
	- ruby2.1 <removed>
	- rubygems <removed>
	- jruby 9.1.17.0-3 (bug #925987)
	NOTE: https://www.ruby-lang.org/en/news/2019/03/05/multiple-vulnerabilities-in-rubygems/
	NOTE: https://blog.rubygems.org/2019/03/05/security-advisories-2019-03.html
	NOTE: https://github.com/rubygems/rubygems/commit/56c0bbb69e4506bda7ef7f447dfec5db820df20b
CVE-2019-8324 (An issue was discovered in RubyGems 2.6 and later through 3.0.2. A cra ...)
	{DSA-4433-1 DLA-1796-1 DLA-1735-1}
	- ruby2.5 2.5.5-1
	- ruby2.3 <removed>
	- ruby2.1 <removed>
	- rubygems <removed>
	- jruby 9.1.17.0-3 (bug #925987)
	NOTE: https://www.ruby-lang.org/en/news/2019/03/05/multiple-vulnerabilities-in-rubygems/
	NOTE: https://blog.rubygems.org/2019/03/05/security-advisories-2019-03.html
	NOTE: https://github.com/rubygems/rubygems/commit/56c0bbb69e4506bda7ef7f447dfec5db820df20b
CVE-2019-8323 (An issue was discovered in RubyGems 2.6 and later through 3.0.2. Gem:: ...)
	{DSA-4433-1 DLA-1796-1 DLA-1735-1}
	- ruby2.5 2.5.5-1
	- ruby2.3 <removed>
	- ruby2.1 <removed>
	- rubygems <removed>
	- jruby 9.1.17.0-3 (bug #925987)
	NOTE: https://www.ruby-lang.org/en/news/2019/03/05/multiple-vulnerabilities-in-rubygems/
	NOTE: https://blog.rubygems.org/2019/03/05/security-advisories-2019-03.html
	NOTE: https://github.com/rubygems/rubygems/commit/56c0bbb69e4506bda7ef7f447dfec5db820df20b
CVE-2019-8322 (An issue was discovered in RubyGems 2.6 and later through 3.0.2. The g ...)
	{DSA-4433-1 DLA-1796-1 DLA-1735-1}
	- ruby2.5 2.5.5-1
	- ruby2.3 <removed>
	- ruby2.1 <removed>
	- rubygems <removed>
	- jruby 9.1.17.0-3 (bug #925987)
	NOTE: https://www.ruby-lang.org/en/news/2019/03/05/multiple-vulnerabilities-in-rubygems/
	NOTE: https://blog.rubygems.org/2019/03/05/security-advisories-2019-03.html
	NOTE: https://github.com/rubygems/rubygems/commit/56c0bbb69e4506bda7ef7f447dfec5db820df20b
CVE-2019-8321 (An issue was discovered in RubyGems 2.6 and later through 3.0.2. Since ...)
	{DSA-4433-1 DLA-1796-1}
	- ruby2.5 2.5.5-1
	- ruby2.3 <removed>
	- ruby2.1 <removed>
	[jessie] - ruby2.1 <not-affected> (Vulnerable code introduced later)
	- rubygems <removed>
	- jruby 9.1.17.0-3 (bug #925987)
	NOTE: https://www.ruby-lang.org/en/news/2019/03/05/multiple-vulnerabilities-in-rubygems/
	NOTE: https://blog.rubygems.org/2019/03/05/security-advisories-2019-03.html
	NOTE: https://github.com/rubygems/rubygems/commit/56c0bbb69e4506bda7ef7f447dfec5db820df20b
CVE-2019-8320 (A Directory Traversal issue was discovered in RubyGems 2.7.6 and later ...)
	{DSA-4433-1 DLA-1735-1}
	- ruby2.5 2.5.5-1
	- ruby2.3 <removed>
	- ruby2.1 <removed>
	- rubygems <removed>
	- jruby 9.1.17.0-3 (bug #925987)
	[jessie] - jruby <not-affected> (Vulnerable code introduced later)
	NOTE: https://www.ruby-lang.org/en/news/2019/03/05/multiple-vulnerabilities-in-rubygems/
	NOTE: https://blog.rubygems.org/2019/03/05/security-advisories-2019-03.html
	NOTE: https://github.com/rubygems/rubygems/commit/56c0bbb69e4506bda7ef7f447dfec5db820df20b
CVE-2019-8319 (An issue was discovered on D-Link DIR-878 devices with firmware 1.12A1 ...)
	NOT-FOR-US: D-Link
CVE-2019-8318 (An issue was discovered on D-Link DIR-878 devices with firmware 1.12A1 ...)
	NOT-FOR-US: D-Link
CVE-2019-8317 (An issue was discovered on D-Link DIR-878 devices with firmware 1.12A1 ...)
	NOT-FOR-US: D-Link
CVE-2019-8316 (An issue was discovered on D-Link DIR-878 devices with firmware 1.12A1 ...)
	NOT-FOR-US: D-Link
CVE-2019-8315 (An issue was discovered on D-Link DIR-878 devices with firmware 1.12A1 ...)
	NOT-FOR-US: D-Link
CVE-2019-8314 (An issue was discovered on D-Link DIR-878 devices with firmware 1.12A1 ...)
	NOT-FOR-US: D-Link
CVE-2019-8313 (An issue was discovered on D-Link DIR-878 devices with firmware 1.12A1 ...)
	NOT-FOR-US: D-Link
CVE-2019-8312 (An issue was discovered on D-Link DIR-878 devices with firmware 1.12A1 ...)
	NOT-FOR-US: D-Link
CVE-2019-8337 (In msmtp 1.8.2 and mpop 1.4.3, when tls_trust_file has its default con ...)
	- mpop 1.4.3-1
	[stretch] - mpop <not-affected> (Vulnerable code introduced later)
	[jessie] - mpop <not-affected> (Vulnerable code introduced later)
	- msmtp 1.8.3-1 (bug #922345)
	[stretch] - msmtp <not-affected> (Vulnerable code introduced later)
	[jessie] - msmtp <not-affected> (Vulnerable code introduced later)
	NOTE: mpop: Introduced by: https://git.marlam.de/gitweb/?p=mpop.git;a=commit;h=3162356734663a0ea0f88857c4ace21fac1b023b (1.4.2)
	NOTE: mpop: Fixed by: https://git.marlam.de/gitweb/?p=mpop.git;a=commit;h=95b96da443a24a4a9cb6664aefff9f6fcc7ac86e (1.4.3)
	NOTE: msmtp: Introduced by: https://git.marlam.de/gitweb/?p=msmtp.git;a=commit;h=37371fa07729bfc11761b6d11befd7271528090d (1.8.2)
	NOTE: msmtp: Fixed by: https://git.marlam.de/gitweb/?p=msmtp.git;a=commit;h=a81d0a5126304f9f8b29a75d058044dc67d07663 (1.8.3)
CVE-2019-8311
	RESERVED
CVE-2019-8310
	RESERVED
CVE-2019-8309
	RESERVED
CVE-2019-8307
	RESERVED
CVE-2019-8306
	RESERVED
CVE-2019-8305
	RESERVED
CVE-2019-8304
	RESERVED
CVE-2019-8303
	RESERVED
CVE-2019-8302
	RESERVED
CVE-2019-8301
	RESERVED
CVE-2019-8300
	RESERVED
CVE-2019-8299
	RESERVED
CVE-2019-8298
	RESERVED
CVE-2019-8297
	RESERVED
CVE-2019-8296
	RESERVED
CVE-2019-8295
	RESERVED
CVE-2019-8294
	RESERVED
CVE-2019-8293 (Due to a logic error in the code, upload-image-with-ajax v1.0 allows a ...)
	NOT-FOR-US: upload-image-with-ajax
CVE-2019-8292 (Online Store System v1.0 delete_product.php doesn't check to see if a  ...)
	NOT-FOR-US: Online Store System
CVE-2019-8291 (Online Store System v1.0 delete_file.php doesn't check to see if a use ...)
	NOT-FOR-US: Online Store System
CVE-2019-8290 (Vulnerability in Online Store v1.0, The registration form requirements ...)
	NOT-FOR-US: Online Store System
CVE-2019-8289 (Vulnerability in Online Store v1.0, stored XSS in admin/user_view.php  ...)
	NOT-FOR-US: Online Store System
CVE-2019-8288 (Vulnerability in Online Store v1.0, Stored XSS in user_view.php where  ...)
	NOT-FOR-US: Online Store System
CVE-2019-8287 (TightVNC code version 1.3.10 contains global buffer overflow in Handle ...)
	{DLA-2045-1}
	- tightvnc 1:1.3.9-9.1 (bug #945364)
	[buster] - tightvnc 1:1.3.9-9deb10u1
	[stretch] - tightvnc 1:1.3.9-9+deb9u1
	NOTE: https://www.openwall.com/lists/oss-security/2018/12/10/5
	NOTE: same as CVE-2018-20020/libvncserver
CVE-2019-8286 (Information Disclosure in Kaspersky Anti-Virus, Kaspersky Internet Sec ...)
	NOT-FOR-US: Kaspersky
CVE-2019-8285 (Kaspersky Lab Antivirus Engine version before 04.apr.2019 has a heap-b ...)
	NOT-FOR-US: Kaspersky Lab Antivirus Engine
CVE-2019-8284
	RESERVED
CVE-2019-8283 (Hasplm cookie in Gemalto Admin Control Center, all versions prior to 7 ...)
	NOT-FOR-US: Gemalto Admin Control Center
CVE-2019-8282 (Gemalto Admin Control Center, all versions prior to 7.92, uses clearte ...)
	NOT-FOR-US: Gemalto Admin Control Center
CVE-2019-8281
	RESERVED
CVE-2019-8280 (UltraVNC revision 1203 has out-of-bounds access vulnerability in VNC c ...)
	NOT-FOR-US: UltraVNC
CVE-2019-8279 (Multiple stored XSS in Vanilla Forums before 2.5 allow remote attacker ...)
	NOT-FOR-US: Vanilla Forums
CVE-2019-8278 (Stored XSS in Invision Power Board versions 3.3.1 - 3.4.8 leads to Rem ...)
	NOT-FOR-US: Invision Power Board
CVE-2019-8277 (UltraVNC revision 1211 contains multiple memory leaks (CWE-665) in VNC ...)
	NOT-FOR-US: UltraVNC
CVE-2019-8276 (UltraVNC revision 1211 has a stack buffer overflow vulnerability in VN ...)
	NOT-FOR-US: UltraVNC
CVE-2019-8275 (UltraVNC revision 1211 has multiple improper null termination vulnerab ...)
	NOT-FOR-US: UltraVNC
CVE-2019-8274 (UltraVNC revision 1211 has a heap buffer overflow vulnerability in VNC ...)
	NOT-FOR-US: UltraVNC
CVE-2019-8273 (UltraVNC revision 1211 has a heap buffer overflow vulnerability in VNC ...)
	NOT-FOR-US: UltraVNC
CVE-2019-8272 (UltraVNC revision 1211 has multiple off-by-one vulnerabilities in VNC  ...)
	NOT-FOR-US: UltraVNC
CVE-2019-8271 (UltraVNC revision 1211 has a heap buffer overflow vulnerability in VNC ...)
	NOT-FOR-US: UltraVNC
CVE-2019-8270 (UltraVNC revision 1210 has out-of-bounds read vulnerability in VNC cli ...)
	NOT-FOR-US: UltraVNC
CVE-2019-8269 (UltraVNC revision 1206 has stack-based Buffer overflow vulnerability i ...)
	NOT-FOR-US: UltraVNC
CVE-2019-8268 (UltraVNC revision 1206 has multiple off-by-one vulnerabilities in VNC  ...)
	NOT-FOR-US: UltraVNC
CVE-2019-8267 (UltraVNC revision 1207 has out-of-bounds read vulnerability in VNC cli ...)
	NOT-FOR-US: UltraVNC
CVE-2019-8266 (UltraVNC revision 1207 has multiple out-of-bounds access vulnerabiliti ...)
	NOT-FOR-US: UltraVNC
CVE-2019-8265 (UltraVNC revision 1207 has multiple out-of-bounds access vulnerabiliti ...)
	NOT-FOR-US: UltraVNC
CVE-2019-8264 (UltraVNC revision 1203 has out-of-bounds access vulnerability in VNC c ...)
	NOT-FOR-US: UltraVNC
CVE-2019-8263 (UltraVNC revision 1205 has stack-based buffer overflow vulnerability i ...)
	NOT-FOR-US: UltraVNC
CVE-2019-8262 (UltraVNC revision 1203 has multiple heap buffer overflow vulnerabiliti ...)
	NOT-FOR-US: UltraVNC
CVE-2019-8261 (UltraVNC revision 1199 has a out-of-bounds read vulnerability in VNC c ...)
	NOT-FOR-US: UltraVNC
CVE-2019-8260 (UltraVNC revision 1199 has a out-of-bounds read vulnerability in VNC c ...)
	NOT-FOR-US: UltraVNC
CVE-2019-8259 (UltraVNC revision 1198 contains multiple memory leaks (CWE-655) in VNC ...)
	NOT-FOR-US: UltraVNC
CVE-2019-8258 (UltraVNC revision 1198 has a heap buffer overflow vulnerability in VNC ...)
	NOT-FOR-US: UltraVNC
CVE-2019-8257 (Adobe Acrobat and Reader versions , 2019.012.20035 and earlier, 2019.0 ...)
	NOT-FOR-US: Adobe
CVE-2019-8256 (ColdFusion versions Update 6 and earlier have an insecure inherited pe ...)
	NOT-FOR-US: ColdFusion
CVE-2019-8255 (Brackets versions 1.14 and earlier have a command injection vulnerabil ...)
	NOT-FOR-US: Adobe
CVE-2019-8254 (Adobe Photoshop CC versions before 20.0.8 and 21.0.x before 21.0.2 hav ...)
	NOT-FOR-US: Adobe
CVE-2019-8253 (Adobe Photoshop CC versions before 20.0.8 and 21.0.x before 21.0.2 hav ...)
	NOT-FOR-US: Adobe
CVE-2019-8252
	RESERVED
CVE-2019-8251
	RESERVED
CVE-2019-8250
	RESERVED
CVE-2019-8249
	RESERVED
CVE-2019-8248 (Adobe Illustrator CC versions 23.1 and earlier have a memory corruptio ...)
	NOT-FOR-US: Adobe
CVE-2019-8247 (Adobe Illustrator CC versions 23.1 and earlier have a memory corruptio ...)
	NOT-FOR-US: Adobe
CVE-2019-8246 (Adobe Media Encoder versions 13.1 and earlier have an out-of-bounds wr ...)
	NOT-FOR-US: Adobe
CVE-2019-8245
	RESERVED
CVE-2019-8244 (Adobe Media Encoder versions 13.1 and earlier have an out-of-bounds re ...)
	NOT-FOR-US: Adobe
CVE-2019-8243 (Adobe Media Encoder versions 13.1 and earlier have an out-of-bounds re ...)
	NOT-FOR-US: Adobe
CVE-2019-8242 (Adobe Media Encoder versions 13.1 and earlier have an out-of-bounds re ...)
	NOT-FOR-US: Adobe
CVE-2019-8241 (Adobe Media Encoder versions 13.1 and earlier have an out-of-bounds re ...)
	NOT-FOR-US: Adobe
CVE-2019-8240 (Adobe Bridge CC versions 9.1 and earlier have a memory corruption vuln ...)
	NOT-FOR-US: Adobe
CVE-2019-8239 (Adobe Bridge CC versions 9.1 and earlier have a memory corruption vuln ...)
	NOT-FOR-US: Adobe
CVE-2019-8238 (Adobe Acrobat and Reader versions 2019.010.20100 and earlier; 2019.010 ...)
	NOT-FOR-US: Adobe
CVE-2019-8237 (Adobe Acrobat and Reader versions 2019.012.20034 and earlier; 2019.012 ...)
	NOT-FOR-US: Adobe
CVE-2019-8236 (Creative Cloud Desktop Application version 4.6.1 and earlier versions  ...)
	NOT-FOR-US: Adobe
CVE-2019-8235 (An insecure direct object reference (IDOR) vulnerability exists in Mag ...)
	NOT-FOR-US: Magento
CVE-2019-8234 (Adobe Experience Manager versions 6.4, 6.3 and 6.2 have a cross-site r ...)
	NOT-FOR-US: Adobe
CVE-2019-8233 (In Magento 2.2 prior to 2.2.10, Magento 2.3 prior to 2.3.3 or 2.3.2-p1 ...)
	NOT-FOR-US: Magento
CVE-2019-8232 (In Magento prior to 1.9.4.3, Magento prior to 1.14.4.3, Magento 2.2 pr ...)
	NOT-FOR-US: Magento
CVE-2019-8231 (In Magento to 1.9.4.3 and Magento prior to 1.14.4.3, an authenticated  ...)
	NOT-FOR-US: Magento
CVE-2019-8230 (In Magentoprior to 1.9.4.3, and Magento prior to 1.14.4.3, an authenti ...)
	NOT-FOR-US: Magento
CVE-2019-8229 (In Magento prior to 1.9.4.3, and Magento prior to 1.14.4.3, an authent ...)
	NOT-FOR-US: Magento
CVE-2019-8228 (in Magento prior to 1.9.4.3 and Magento prior to 1.14.4.3, an authenti ...)
	NOT-FOR-US: Magento
CVE-2019-8227 (In Magento prior to 1.9.4.3 and Magento prior to 1.14.4.3, an authenti ...)
	NOT-FOR-US: Magento
CVE-2019-8226 (Adobe Acrobat and Reader versions , 2019.012.20040 and earlier, 2017.0 ...)
	NOT-FOR-US: Adobe
CVE-2019-8225 (Adobe Acrobat and Reader versions , 2019.012.20040 and earlier, 2017.0 ...)
	NOT-FOR-US: Adobe
CVE-2019-8224 (Adobe Acrobat and Reader versions , 2019.012.20040 and earlier, 2017.0 ...)
	NOT-FOR-US: Adobe
CVE-2019-8223 (Adobe Acrobat and Reader versions , 2019.012.20040 and earlier, 2017.0 ...)
	NOT-FOR-US: Adobe
CVE-2019-8222 (Adobe Acrobat and Reader versions , 2019.012.20040 and earlier, 2017.0 ...)
	NOT-FOR-US: Adobe
CVE-2019-8221 (Adobe Acrobat and Reader versions , 2019.012.20040 and earlier, 2017.0 ...)
	NOT-FOR-US: Adobe
CVE-2019-8220 (Adobe Acrobat and Reader versions, 2019.012.20040 and earlier, 2017.01 ...)
	NOT-FOR-US: Adobe
CVE-2019-8219 (Adobe Acrobat and Reader versions , 2019.012.20040 and earlier, 2017.0 ...)
	NOT-FOR-US: Adobe
CVE-2019-8218 (Adobe Acrobat and Reader versions , 2019.012.20040 and earlier, 2017.0 ...)
	NOT-FOR-US: Adobe
CVE-2019-8217 (Adobe Acrobat and Reader versions , 2019.012.20040 and earlier, 2017.0 ...)
	NOT-FOR-US: Adobe
CVE-2019-8216 (Adobe Acrobat and Reader versions , 2019.012.20040 and earlier, 2017.0 ...)
	NOT-FOR-US: Adobe
CVE-2019-8215 (Adobe Acrobat and Reader versions , 2019.012.20040 and earlier, 2017.0 ...)
	NOT-FOR-US: Adobe
CVE-2019-8214 (Adobe Acrobat and Reader versions , 2019.012.20040 and earlier, 2017.0 ...)
	NOT-FOR-US: Adobe
CVE-2019-8213 (Adobe Acrobat and Reader versions , 2019.012.20040 and earlier, 2017.0 ...)
	NOT-FOR-US: Adobe
CVE-2019-8212 (Adobe Acrobat and Reader versions , 2019.012.20040 and earlier, 2017.0 ...)
	NOT-FOR-US: Adobe
CVE-2019-8211 (Adobe Acrobat and Reader versions , 2019.012.20040 and earlier, 2017.0 ...)
	NOT-FOR-US: Adobe
CVE-2019-8210 (Adobe Acrobat and Reader versions , 2019.012.20040 and earlier, 2017.0 ...)
	NOT-FOR-US: Adobe
CVE-2019-8209 (Adobe Acrobat and Reader versions , 2019.012.20040 and earlier, 2017.0 ...)
	NOT-FOR-US: Adobe
CVE-2019-8208 (Adobe Acrobat and Reader versions , 2019.012.20040 and earlier, 2017.0 ...)
	NOT-FOR-US: Adobe
CVE-2019-8207 (Adobe Acrobat and Reader versions , 2019.012.20040 and earlier, 2017.0 ...)
	NOT-FOR-US: Adobe
CVE-2019-8206 (Adobe Acrobat and Reader versions , 2019.012.20040 and earlier, 2017.0 ...)
	NOT-FOR-US: Adobe
CVE-2019-8205 (Adobe Acrobat and Reader versions , 2019.012.20040 and earlier, 2017.0 ...)
	NOT-FOR-US: Adobe
CVE-2019-8204 (Adobe Acrobat and Reader versions , 2019.012.20040 and earlier, 2017.0 ...)
	NOT-FOR-US: Adobe
CVE-2019-8203 (Adobe Acrobat and Reader versions , 2019.012.20040 and earlier, 2017.0 ...)
	NOT-FOR-US: Adobe
CVE-2019-8202 (Adobe Acrobat and Reader versions , 2019.012.20040 and earlier, 2017.0 ...)
	NOT-FOR-US: Adobe
CVE-2019-8201 (Adobe Acrobat and Reader versions , 2019.012.20040 and earlier, 2017.0 ...)
	NOT-FOR-US: Adobe
CVE-2019-8200 (Adobe Acrobat and Reader versions , 2019.012.20040 and earlier, 2017.0 ...)
	NOT-FOR-US: Adobe
CVE-2019-8199 (Adobe Acrobat and Reader versions , 2019.012.20040 and earlier, 2017.0 ...)
	NOT-FOR-US: Adobe
CVE-2019-8198 (Adobe Acrobat and Reader versions , 2019.012.20040 and earlier, 2017.0 ...)
	NOT-FOR-US: Adobe
CVE-2019-8197 (Adobe Acrobat and Reader versions , 2019.012.20040 and earlier, 2017.0 ...)
	NOT-FOR-US: Adobe
CVE-2019-8196 (Adobe Acrobat and Reader versions , 2019.012.20040 and earlier, 2017.0 ...)
	NOT-FOR-US: Adobe
CVE-2019-8195 (Adobe Acrobat and Reader versions , 2019.012.20040 and earlier, 2017.0 ...)
	NOT-FOR-US: Adobe
CVE-2019-8194 (Adobe Acrobat and Reader versions , 2019.012.20040 and earlier, 2017.0 ...)
	NOT-FOR-US: Adobe
CVE-2019-8193 (Adobe Acrobat and Reader versions , 2019.012.20040 and earlier, 2017.0 ...)
	NOT-FOR-US: Adobe
CVE-2019-8192 (Adobe Acrobat and Reader versions , 2019.012.20040 and earlier, 2017.0 ...)
	NOT-FOR-US: Adobe
CVE-2019-8191 (Adobe Acrobat and Reader versions , 2019.012.20040 and earlier, 2017.0 ...)
	NOT-FOR-US: Adobe
CVE-2019-8190 (Adobe Acrobat and Reader versions , 2019.012.20040 and earlier, 2017.0 ...)
	NOT-FOR-US: Adobe
CVE-2019-8189 (Adobe Acrobat and Reader versions , 2019.012.20040 and earlier, 2017.0 ...)
	NOT-FOR-US: Adobe
CVE-2019-8188 (Adobe Acrobat and Reader versions , 2019.012.20040 and earlier, 2017.0 ...)
	NOT-FOR-US: Adobe
CVE-2019-8187 (Adobe Acrobat and Reader versions , 2019.012.20040 and earlier, 2017.0 ...)
	NOT-FOR-US: Adobe
CVE-2019-8186 (Adobe Acrobat and Reader versions , 2019.012.20040 and earlier, 2017.0 ...)
	NOT-FOR-US: Adobe
CVE-2019-8185 (Adobe Acrobat and Reader versions , 2019.012.20040 and earlier, 2017.0 ...)
	NOT-FOR-US: Adobe
CVE-2019-8184 (Adobe Acrobat and Reader versions , 2019.012.20040 and earlier, 2017.0 ...)
	NOT-FOR-US: Adobe
CVE-2019-8183 (Adobe Acrobat and Reader versions , 2019.012.20040 and earlier, 2017.0 ...)
	NOT-FOR-US: Adobe
CVE-2019-8182 (Adobe Acrobat and Reader versions , 2019.012.20040 and earlier, 2017.0 ...)
	NOT-FOR-US: Adobe
CVE-2019-8181 (Adobe Acrobat and Reader versions , 2019.012.20040 and earlier, 2017.0 ...)
	NOT-FOR-US: Adobe
CVE-2019-8180 (Adobe Acrobat and Reader versions , 2019.012.20040 and earlier, 2017.0 ...)
	NOT-FOR-US: Adobe
CVE-2019-8179 (Adobe Acrobat and Reader versions , 2019.012.20040 and earlier, 2017.0 ...)
	NOT-FOR-US: Adobe
CVE-2019-8178 (Adobe Acrobat and Reader versions , 2019.012.20040 and earlier, 2017.0 ...)
	NOT-FOR-US: Adobe
CVE-2019-8177 (Adobe Acrobat and Reader versions , 2019.012.20040 and earlier, 2017.0 ...)
	NOT-FOR-US: Adobe
CVE-2019-8176 (Adobe Acrobat and Reader versions , 2019.012.20040 and earlier, 2017.0 ...)
	NOT-FOR-US: Adobe
CVE-2019-8175 (Adobe Acrobat and Reader versions , 2019.012.20040 and earlier, 2017.0 ...)
	NOT-FOR-US: Adobe
CVE-2019-8174 (Adobe Acrobat and Reader versions , 2019.012.20040 and earlier, 2017.0 ...)
	NOT-FOR-US: Adobe
CVE-2019-8173 (Adobe Acrobat and Reader versions , 2019.012.20040 and earlier, 2017.0 ...)
	NOT-FOR-US: Adobe
CVE-2019-8172 (Adobe Acrobat and Reader versions , 2019.012.20040 and earlier, 2017.0 ...)
	NOT-FOR-US: Adobe
CVE-2019-8171 (Adobe Acrobat and Reader versions , 2019.012.20040 and earlier, 2017.0 ...)
	NOT-FOR-US: Adobe
CVE-2019-8170 (Adobe Acrobat and Reader versions , 2019.012.20040 and earlier, 2017.0 ...)
	NOT-FOR-US: Adobe
CVE-2019-8169 (Adobe Acrobat and Reader versions , 2019.012.20040 and earlier, 2017.0 ...)
	NOT-FOR-US: Adobe
CVE-2019-8168 (Adobe Acrobat and Reader versions , 2019.012.20040 and earlier, 2017.0 ...)
	NOT-FOR-US: Adobe
CVE-2019-8167 (Adobe Acrobat and Reader versions , 2019.012.20040 and earlier, 2017.0 ...)
	NOT-FOR-US: Adobe
CVE-2019-8166 (Adobe Acrobat and Reader versions , 2019.012.20040 and earlier, 2017.0 ...)
	NOT-FOR-US: Adobe
CVE-2019-8165 (Adobe Acrobat and Reader versions , 2019.012.20040 and earlier, 2017.0 ...)
	NOT-FOR-US: Adobe
CVE-2019-8164 (Adobe Acrobat and Reader versions , 2019.012.20040 and earlier, 2017.0 ...)
	NOT-FOR-US: Adobe
CVE-2019-8163 (Adobe Acrobat and Reader versions , 2019.012.20040 and earlier, 2017.0 ...)
	NOT-FOR-US: Adobe
CVE-2019-8162 (Adobe Acrobat and Reader versions , 2019.012.20040 and earlier, 2017.0 ...)
	NOT-FOR-US: Adobe
CVE-2019-8161 (Adobe Acrobat and Reader versions , 2019.012.20040 and earlier, 2017.0 ...)
	NOT-FOR-US: Adobe
CVE-2019-8160 (Adobe Acrobat and Reader versions , 2019.012.20040 and earlier, 2017.0 ...)
	NOT-FOR-US: Adobe
CVE-2019-8159 (A remote code execution vulnerability exists in Magento 2.2 prior to 2 ...)
	NOT-FOR-US: Magento
CVE-2019-8158 (An XPath entity injection vulnerability exists in Magento 2.2 prior to ...)
	NOT-FOR-US: Magento
CVE-2019-8157 (A stored cross-site scripting (XSS) vulnerability exists in Magento 2. ...)
	NOT-FOR-US: Magento
CVE-2019-8156 (A server-side request forgery (SSRF) vulnerability exists in Magento 2 ...)
	NOT-FOR-US: Magento
CVE-2019-8155 (Magento prior to 1.9.4.3 and prior to 1.14.4.3 included a user's CSRF  ...)
	NOT-FOR-US: Magento
CVE-2019-8154 (A remote code execution vulnerability exists in Magento 2.2 prior to 2 ...)
	NOT-FOR-US: Magento
CVE-2019-8153 (A mitigation bypass to prevent cross-site scripting (XSS) exists in Ma ...)
	NOT-FOR-US: Magento
CVE-2019-8152 (A stored cross-site scripting (XSS) vulnerability exists in in Magento ...)
	NOT-FOR-US: Magento
CVE-2019-8151 (A remote code execution vulnerability exists in Magento 2.2 prior to 2 ...)
	NOT-FOR-US: Magento
CVE-2019-8150 (A remote code execution vulnerability exists in Magento 2.2 prior to 2 ...)
	NOT-FOR-US: Magento
CVE-2019-8149 (Insecure authentication and session management vulnerability exists in ...)
	NOT-FOR-US: Magento
CVE-2019-8148 (A stored cross-site scripting (XSS) vulnerability exists in Magento 2. ...)
	NOT-FOR-US: Magento
CVE-2019-8147 (A stored cross-site scripting (XSS) vulnerability exists in Magento 2. ...)
	NOT-FOR-US: Magento
CVE-2019-8146 (A stored cross-site scripting (XSS) vulnerability exists in Magento 2. ...)
	NOT-FOR-US: Magento
CVE-2019-8145 (A stored cross-site scripting (XSS) vulnerability exists in Magento 2. ...)
	NOT-FOR-US: Magento
CVE-2019-8144 (A remote code execution vulnerability exists in Magento 2.3 prior to 2 ...)
	NOT-FOR-US: Magento
CVE-2019-8143 (A SQL injection vulnerability exists in Magento 2.2 prior to 2.2.10, M ...)
	NOT-FOR-US: Magento
CVE-2019-8142 (A stored cross-site scripting (XSS) vulnerability exists in Magento 2. ...)
	NOT-FOR-US: Magento
CVE-2019-8141 (A remote code execution vulnerability exists in Magento 2.1 prior to 2 ...)
	NOT-FOR-US: Magento
CVE-2019-8140 (An unrestricted file upload vulnerability exists in Magento 2.2 prior  ...)
	NOT-FOR-US: Magento
CVE-2019-8139 (A stored cross-site scripting (XSS) vulnerability exists in Magento 2. ...)
	NOT-FOR-US: Magento
CVE-2019-8138 (A stored cross-site scripting (XSS) vulnerability exists in Magento 2. ...)
	NOT-FOR-US: Magento
CVE-2019-8137 (A remote code execution vulnerability exists in Magento 2.2 prior to 2 ...)
	NOT-FOR-US: Magento
CVE-2019-8136 (An insecure component vulnerability exists in Magento 2.2 prior to 2.2 ...)
	NOT-FOR-US: Magento
CVE-2019-8135 (A remote code execution vulnerability exists in Magento 2.2 prior to 2 ...)
	NOT-FOR-US: Magento
CVE-2019-8134 (A SQL injection vulnerability exists in Magento 2.2 prior to 2.2.10, M ...)
	NOT-FOR-US: Magento
CVE-2019-8133 (A security bypass vulnerability exists in Magento 2.2 prior to 2.2.10, ...)
	NOT-FOR-US: Magento
CVE-2019-8132 (A stored cross-site scripting (XSS) vulnerability exists in Magento 2. ...)
	NOT-FOR-US: Magento
CVE-2019-8131 (A stored cross-site scripting (XSS) vulnerability exists in Magento 2. ...)
	NOT-FOR-US: Magento
CVE-2019-8130 (A SQL injection vulnerability exists in Magento 2.2 prior to 2.2.10, M ...)
	NOT-FOR-US: Magento
CVE-2019-8129 (A stored cross-site scripting (XSS) vulnerability exists in Magento 2. ...)
	NOT-FOR-US: Magento
CVE-2019-8128 (A stored cross-site scripting (XSS) vulnerability exists in Magento 2. ...)
	NOT-FOR-US: Magento
CVE-2019-8127 (A SQL injection vulnerability exists in Magento 2.2 prior to 2.2.10, M ...)
	NOT-FOR-US: Magento
CVE-2019-8126 (An XML entity injection vulnerability exists in Magento 2.2 prior to 2 ...)
	NOT-FOR-US: Magento
CVE-2019-8125 (A remote code execution vulnerability exists in Magento 1 prior to 1.9 ...)
	NOT-FOR-US: Magento
CVE-2019-8124 (An insufficient logging and monitoring vulnerability exists in Magento ...)
	NOT-FOR-US: Magento
CVE-2019-8123 (An insufficient logging and monitoring vulnerability exists in Magento ...)
	NOT-FOR-US: Magento
CVE-2019-8122 (A remote code execution vulnerability exists in Magento 2.1 prior to 2 ...)
	NOT-FOR-US: Magento
CVE-2019-8121 (An insecure component vulnerability exists in Magento 2.1 prior to 2.1 ...)
	NOT-FOR-US: Magento
CVE-2019-8120 (A stored cross-site scripting (XSS) vulnerability exists in Magento 2. ...)
	NOT-FOR-US: Magento
CVE-2019-8119 (A remote code execution vulnerability exists in Magento 2.1 prior to 2 ...)
	NOT-FOR-US: Magento
CVE-2019-8118 (Magento 2.1 prior to 2.1.19, Magento 2.2 prior to 2.2.10, Magento 2.3  ...)
	NOT-FOR-US: Magento
CVE-2019-8117 (A stored cross-site scripting (XSS) vulnerability exists in Magento 2. ...)
	NOT-FOR-US: Magento
CVE-2019-8116 (Insecure authentication and session management vulnerability exists in ...)
	NOT-FOR-US: Magento
CVE-2019-8115 (A reflected cross-site scripting (XSS) vulnerability exists in Magento ...)
	NOT-FOR-US: Magento
CVE-2019-8114 (A remote code execution vulnerability exists in Magento 1 prior to 1.9 ...)
	NOT-FOR-US: Magento
CVE-2019-8113 (Magento 2.2 prior to 2.2.10, Magento 2.3 prior to 2.3.3 or 2.3.2-p1 us ...)
	NOT-FOR-US: Magento
CVE-2019-8112 (A security bypass vulnerability exists in Magento 2.2 prior to 2.2.10, ...)
	NOT-FOR-US: Magento
CVE-2019-8111 (A remote code execution vulnerability exists in Magento 2.2 prior to 2 ...)
	NOT-FOR-US: Magento
CVE-2019-8110 (A remote code execution vulnerability exists in Magento 2.2 prior to 2 ...)
	NOT-FOR-US: Magento
CVE-2019-8109 (A remote code execution vulnerability exists in Magento 2.2 prior to 2 ...)
	NOT-FOR-US: Magento
CVE-2019-8108 (Insecure authentication and session management vulnerability exists in ...)
	NOT-FOR-US: Magento
CVE-2019-8107 (An arbitrary file deletion vulnerability exists in Magento 2.2 prior t ...)
	NOT-FOR-US: Magento
CVE-2019-8106 (Adobe Acrobat and Reader versions, 2019.012.20035 and earlier, 2019.01 ...)
	NOT-FOR-US: Adobe
CVE-2019-8105 (Adobe Acrobat and Reader versions, 2019.012.20035 and earlier, 2019.01 ...)
	NOT-FOR-US: Adobe
CVE-2019-8104 (Adobe Acrobat and Reader versions, 2019.012.20035 and earlier, 2019.01 ...)
	NOT-FOR-US: Adobe
CVE-2019-8103 (Adobe Acrobat and Reader versions, 2019.012.20035 and earlier, 2019.01 ...)
	NOT-FOR-US: Adobe
CVE-2019-8102 (Adobe Acrobat and Reader versions, 2019.012.20035 and earlier, 2019.01 ...)
	NOT-FOR-US: Adobe
CVE-2019-8101 (Adobe Acrobat and Reader versions , 2019.012.20035 and earlier, 2019.0 ...)
	NOT-FOR-US: Adobe
CVE-2019-8100 (Adobe Acrobat and Reader versions, 2019.012.20035 and earlier, 2019.01 ...)
	NOT-FOR-US: Adobe
CVE-2019-8099 (Adobe Acrobat and Reader versions , 2019.012.20035 and earlier, 2019.0 ...)
	NOT-FOR-US: Adobe
CVE-2019-8098 (Adobe Acrobat and Reader versions, 2019.012.20035 and earlier, 2019.01 ...)
	NOT-FOR-US: Adobe
CVE-2019-8097 (Adobe Acrobat and Reader versions , 2019.012.20035 and earlier, 2019.0 ...)
	NOT-FOR-US: Adobe
CVE-2019-8096 (Adobe Acrobat and Reader versions, 2019.012.20035 and earlier, 2019.01 ...)
	NOT-FOR-US: Adobe
CVE-2019-8095 (Adobe Acrobat and Reader versions, 2019.012.20035 and earlier, 2019.01 ...)
	NOT-FOR-US: Adobe
CVE-2019-8094 (Adobe Acrobat and Reader versions, 2019.012.20035 and earlier, 2019.01 ...)
	NOT-FOR-US: Adobe
CVE-2019-8093 (An arbitrary file access vulnerability exists in Magento 2.2 prior to  ...)
	NOT-FOR-US: Magento
CVE-2019-8092 (A reflected cross-site scripting (XSS) vulnerability exists in Magento ...)
	NOT-FOR-US: Magento
CVE-2019-8091 (A remote code execution vulnerability exists in Magento 1 prior to 1.9 ...)
	NOT-FOR-US: Magento
CVE-2019-8090 (An arbitrary file deletion vulnerability exists in Magento 2.1 prior t ...)
	NOT-FOR-US: Magento
CVE-2019-8089 (Adobe Experience Manager Forms versions 6.3-6.5 have a reflected cross ...)
	NOT-FOR-US: Adobe
CVE-2019-8088 (Adobe Experience Manager versions 6.5, 6.4, 6.3 and 6.2 have a command ...)
	NOT-FOR-US: Adobe
CVE-2019-8087 (Adobe Experience Manager versions 6.5, 6.4, 6.3 and 6.2 have a xml ext ...)
	NOT-FOR-US: Adobe
CVE-2019-8086 (Adobe Experience Manager versions 6.5, 6.4, 6.3 and 6.2 have a xml ext ...)
	NOT-FOR-US: Adobe
CVE-2019-8085 (Adobe Experience Manager versions 6.5, 6.4, 6.3 and 6.2 have a reflect ...)
	NOT-FOR-US: Adobe
CVE-2019-8084 (Adobe Experience Manager versions 6.5, 6.4, 6.3 and 6.2 have a reflect ...)
	NOT-FOR-US: Adobe
CVE-2019-8083 (Adobe Experience Manager versions 6.5, 6.4 and 6.3 have a cross site s ...)
	NOT-FOR-US: Adobe
CVE-2019-8082 (Adobe Experience Manager versions 6.4, 6.3 and 6.2 have a xml external ...)
	NOT-FOR-US: Adobe
CVE-2019-8081 (Adobe Experience Manager versions 6.5, 6.4, 6.3 and 6.2 have an authen ...)
	NOT-FOR-US: Adobe
CVE-2019-8080 (Adobe Experience Manager versions 6.4 and 6.3 have a stored cross site ...)
	NOT-FOR-US: Adobe
CVE-2019-8079 (Adobe Experience Manager versions 6.4, 6.3, 6.2, 6.1, and 6.0 have a s ...)
	NOT-FOR-US: Adobe
CVE-2019-8078 (Adobe Experience Manager versions 6.4, 6.3 and 6.2 have a reflected cr ...)
	NOT-FOR-US: Adobe
CVE-2019-8077 (Adobe Acrobat and Reader versions, 2019.012.20035 and earlier, 2019.01 ...)
	NOT-FOR-US: Adobe
CVE-2019-8076 (Adobe application manager installer version 10.0 have an Insecure Libr ...)
	NOT-FOR-US: Adobe
CVE-2019-8075 (Adobe Flash Player version 32.0.0.192 and earlier versions have a Same ...)
	NOT-FOR-US: Adobe
CVE-2019-8074 (ColdFusion 2018- update 4 and earlier and ColdFusion 2016- update 11 a ...)
	NOT-FOR-US: Adobe
CVE-2019-8073 (ColdFusion 2018- update 4 and earlier and ColdFusion 2016- update 11 a ...)
	NOT-FOR-US: Adobe
CVE-2019-8072 (ColdFusion 2018- update 4 and earlier and ColdFusion 2016- update 11 a ...)
	NOT-FOR-US: Adobe
CVE-2019-8071 (Adobe Download Manager versions 2.0.0.363 have an insecure file permis ...)
	NOT-FOR-US: Adobe
CVE-2019-8070 (Adobe Flash Player 32.0.0.238 and earlier versions, 32.0.0.207 and ear ...)
	NOT-FOR-US: Adobe
CVE-2019-8069 (Adobe Flash Player 32.0.0.238 and earlier versions, 32.0.0.207 and ear ...)
	NOT-FOR-US: Adobe
CVE-2019-8068
	RESERVED
CVE-2019-8067
	RESERVED
CVE-2019-8066
	RESERVED
CVE-2019-8065
	RESERVED
CVE-2019-8064 (Adobe Acrobat and Reader versions , 2019.012.20040 and earlier, 2017.0 ...)
	NOT-FOR-US: Adobe
CVE-2019-8063 (Creative Cloud Desktop Application 4.6.1 and earlier versions have an  ...)
	NOT-FOR-US: Creative Cloud Desktop Application
CVE-2019-8062 (Adobe After Effects versions 16 and earlier have an insecure library l ...)
	NOT-FOR-US: Adobe
CVE-2019-8061 (Adobe Acrobat and Reader versions, 2019.012.20035 and earlier, 2019.01 ...)
	NOT-FOR-US: Adobe
CVE-2019-8060 (Adobe Acrobat and Reader versions , 2019.012.20035 and earlier, 2019.0 ...)
	NOT-FOR-US: Adobe
CVE-2019-8059 (Adobe Acrobat and Reader versions , 2019.012.20035 and earlier, 2019.0 ...)
	NOT-FOR-US: Adobe
CVE-2019-8058 (Adobe Acrobat and Reader versions, 2019.012.20035 and earlier, 2019.01 ...)
	NOT-FOR-US: Adobe
CVE-2019-8057 (Adobe Acrobat and Reader versions, 2019.012.20035 and earlier, 2019.01 ...)
	NOT-FOR-US: Adobe
CVE-2019-8056 (Adobe Acrobat and Reader versions, 2019.012.20035 and earlier, 2019.01 ...)
	NOT-FOR-US: Adobe
CVE-2019-8055 (Adobe Acrobat and Reader versions, 2019.012.20035 and earlier, 2019.01 ...)
	NOT-FOR-US: Adobe
CVE-2019-8054 (Adobe Acrobat and Reader versions, 2019.012.20035 and earlier, 2019.01 ...)
	NOT-FOR-US: Adobe
CVE-2019-8053 (Adobe Acrobat and Reader versions, 2019.012.20035 and earlier, 2019.01 ...)
	NOT-FOR-US: Adobe
CVE-2019-8052 (Adobe Acrobat and Reader versions, 2019.012.20035 and earlier, 2019.01 ...)
	NOT-FOR-US: Adobe
CVE-2019-8051 (Adobe Acrobat and Reader versions, 2019.012.20035 and earlier, 2019.01 ...)
	NOT-FOR-US: Adobe
CVE-2019-8050 (Adobe Acrobat and Reader versions, 2019.012.20035 and earlier, 2019.01 ...)
	NOT-FOR-US: Adobe
CVE-2019-8049 (Adobe Acrobat and Reader versions, 2019.012.20035 and earlier, 2019.01 ...)
	NOT-FOR-US: Adobe
CVE-2019-8048 (Adobe Acrobat and Reader versions, 2019.012.20035 and earlier, 2019.01 ...)
	NOT-FOR-US: Adobe
CVE-2019-8047 (Adobe Acrobat and Reader versions, 2019.012.20035 and earlier, 2019.01 ...)
	NOT-FOR-US: Adobe
CVE-2019-8046 (Adobe Acrobat and Reader versions, 2019.012.20035 and earlier, 2019.01 ...)
	NOT-FOR-US: Adobe
CVE-2019-8045 (Adobe Acrobat and Reader versions , 2019.012.20035 and earlier, 2019.0 ...)
	NOT-FOR-US: Adobe
CVE-2019-8044 (Adobe Acrobat and Reader versions, 2019.012.20035 and earlier, 2019.01 ...)
	NOT-FOR-US: Adobe
CVE-2019-8043 (Adobe Acrobat and Reader versions, 2019.012.20035 and earlier, 2019.01 ...)
	NOT-FOR-US: Adobe
CVE-2019-8042 (Adobe Acrobat and Reader versions, 2019.012.20035 and earlier, 2019.01 ...)
	NOT-FOR-US: Adobe
CVE-2019-8041 (Adobe Acrobat and Reader versions , 2019.012.20035 and earlier, 2019.0 ...)
	NOT-FOR-US: Adobe
CVE-2019-8040 (Adobe Acrobat and Reader versions, 2019.012.20035 and earlier, 2019.01 ...)
	NOT-FOR-US: Adobe
CVE-2019-8039 (Adobe Acrobat and Reader versions, 2019.012.20035 and earlier, 2019.01 ...)
	NOT-FOR-US: Adobe
CVE-2019-8038 (Adobe Acrobat and Reader versions, 2019.012.20035 and earlier, 2019.01 ...)
	NOT-FOR-US: Adobe
CVE-2019-8037 (Adobe Acrobat and Reader versions , 2019.012.20035 and earlier, 2019.0 ...)
	NOT-FOR-US: Adobe
CVE-2019-8036 (Adobe Acrobat and Reader versions, 2019.012.20035 and earlier, 2019.01 ...)
	NOT-FOR-US: Adobe
CVE-2019-8035 (Adobe Acrobat and Reader versions , 2019.012.20035 and earlier, 2019.0 ...)
	NOT-FOR-US: Adobe
CVE-2019-8034 (Adobe Acrobat and Reader versions, 2019.012.20035 and earlier, 2019.01 ...)
	NOT-FOR-US: Adobe
CVE-2019-8033 (Adobe Acrobat and Reader versions, 2019.012.20035 and earlier, 2019.01 ...)
	NOT-FOR-US: Adobe
CVE-2019-8032 (Adobe Acrobat and Reader versions , 2019.012.20035 and earlier, 2019.0 ...)
	NOT-FOR-US: Adobe
CVE-2019-8031 (Adobe Acrobat and Reader versions, 2019.012.20035 and earlier, 2019.01 ...)
	NOT-FOR-US: Adobe
CVE-2019-8030 (Adobe Acrobat and Reader versions, 2019.012.20035 and earlier, 2019.01 ...)
	NOT-FOR-US: Adobe
CVE-2019-8029 (Adobe Acrobat and Reader versions, 2019.012.20035 and earlier, 2019.01 ...)
	NOT-FOR-US: Adobe
CVE-2019-8028 (Adobe Acrobat and Reader versions, 2019.012.20035 and earlier, 2019.01 ...)
	NOT-FOR-US: Adobe
CVE-2019-8027 (Adobe Acrobat and Reader versions, 2019.012.20035 and earlier, 2019.01 ...)
	NOT-FOR-US: Adobe
CVE-2019-8026 (Adobe Acrobat and Reader versions, 2019.012.20035 and earlier, 2019.01 ...)
	NOT-FOR-US: Adobe
CVE-2019-8025 (Adobe Acrobat and Reader versions, 2019.012.20035 and earlier, 2019.01 ...)
	NOT-FOR-US: Adobe
CVE-2019-8024 (Adobe Acrobat and Reader versions, 2019.012.20035 and earlier, 2019.01 ...)
	NOT-FOR-US: Adobe
CVE-2019-8023 (Adobe Acrobat and Reader versions, 2019.012.20035 and earlier, 2019.01 ...)
	NOT-FOR-US: Adobe
CVE-2019-8022 (Adobe Acrobat and Reader versions, 2019.012.20035 and earlier, 2019.01 ...)
	NOT-FOR-US: Adobe
CVE-2019-8021 (Adobe Acrobat and Reader versions, 2019.012.20035 and earlier, 2019.01 ...)
	NOT-FOR-US: Adobe
CVE-2019-8020 (Adobe Acrobat and Reader versions, 2019.012.20035 and earlier, 2019.01 ...)
	NOT-FOR-US: Adobe
CVE-2019-8019 (Adobe Acrobat and Reader versions , 2019.012.20035 and earlier, 2019.0 ...)
	NOT-FOR-US: Adobe
CVE-2019-8018 (Adobe Acrobat and Reader versions , 2019.012.20035 and earlier, 2019.0 ...)
	NOT-FOR-US: Adobe
CVE-2019-8017 (Adobe Acrobat and Reader versions , 2019.012.20035 and earlier, 2019.0 ...)
	NOT-FOR-US: Adobe
CVE-2019-8016 (Adobe Acrobat and Reader versions, 2019.012.20035 and earlier, 2019.01 ...)
	NOT-FOR-US: Adobe
CVE-2019-8015 (Adobe Acrobat and Reader versions , 2019.012.20035 and earlier, 2019.0 ...)
	NOT-FOR-US: Adobe
CVE-2019-8014 (Adobe Acrobat and Reader versions , 2019.012.20035 and earlier, 2019.0 ...)
	NOT-FOR-US: Adobe
CVE-2019-8013 (Adobe Acrobat and Reader versions, 2019.012.20035 and earlier, 2019.01 ...)
	NOT-FOR-US: Adobe
CVE-2019-8012 (Adobe Acrobat and Reader versions, 2019.012.20035 and earlier, 2019.01 ...)
	NOT-FOR-US: Adobe
CVE-2019-8011 (Adobe Acrobat and Reader versions, 2019.012.20035 and earlier, 2019.01 ...)
	NOT-FOR-US: Adobe
CVE-2019-8010 (Adobe Acrobat and Reader versions, 2019.012.20035 and earlier, 2019.01 ...)
	NOT-FOR-US: Adobe
CVE-2019-8009 (Adobe Acrobat and Reader versions, 2019.012.20035 and earlier, 2019.01 ...)
	NOT-FOR-US: Adobe
CVE-2019-8008 (Adobe Acrobat and Reader versions , 2019.012.20035 and earlier, 2019.0 ...)
	NOT-FOR-US: Adobe
CVE-2019-8007 (Adobe Acrobat and Reader versions , 2019.012.20035 and earlier, 2019.0 ...)
	NOT-FOR-US: Adobe
CVE-2019-8006 (Adobe Acrobat and Reader versions , 2019.012.20035 and earlier, 2019.0 ...)
	NOT-FOR-US: Adobe
CVE-2019-8005 (Adobe Acrobat and Reader versions , 2019.012.20035 and earlier, 2019.0 ...)
	NOT-FOR-US: Adobe
CVE-2019-8004 (Adobe Acrobat and Reader versions , 2019.012.20035 and earlier, 2019.0 ...)
	NOT-FOR-US: Adobe
CVE-2019-8003 (Adobe Acrobat and Reader versions , 2019.012.20035 and earlier, 2019.0 ...)
	NOT-FOR-US: Adobe
CVE-2019-8002 (Adobe Acrobat and Reader versions , 2019.012.20035 and earlier, 2019.0 ...)
	NOT-FOR-US: Adobe
CVE-2019-8001 (Adobe Photoshop CC versions 19.1.8 and earlier and 20.0.5 and earlier  ...)
	NOT-FOR-US: Adobe
CVE-2019-8000 (Adobe Photoshop CC versions 19.1.8 and earlier and 20.0.5 and earlier  ...)
	NOT-FOR-US: Adobe
CVE-2019-7999 (Adobe Photoshop CC versions 19.1.8 and earlier and 20.0.5 and earlier  ...)
	NOT-FOR-US: Adobe
CVE-2019-7998 (Adobe Photoshop CC versions 19.1.8 and earlier and 20.0.5 and earlier  ...)
	NOT-FOR-US: Adobe
CVE-2019-7997 (Adobe Photoshop CC versions 19.1.8 and earlier and 20.0.5 and earlier  ...)
	NOT-FOR-US: Adobe
CVE-2019-7996 (Adobe Photoshop CC versions 19.1.8 and earlier and 20.0.5 and earlier  ...)
	NOT-FOR-US: Adobe
CVE-2019-7995 (Adobe Photoshop CC versions 19.1.8 and earlier and 20.0.5 and earlier  ...)
	NOT-FOR-US: Adobe
CVE-2019-7994 (Adobe Photoshop CC versions 19.1.8 and earlier and 20.0.5 and earlier  ...)
	NOT-FOR-US: Adobe
CVE-2019-7993 (Adobe Photoshop CC versions 19.1.8 and earlier and 20.0.5 and earlier  ...)
	NOT-FOR-US: Adobe
CVE-2019-7992 (Adobe Photoshop CC versions 19.1.8 and earlier and 20.0.5 and earlier  ...)
	NOT-FOR-US: Adobe
CVE-2019-7991 (Adobe Photoshop CC versions 19.1.8 and earlier and 20.0.5 and earlier  ...)
	NOT-FOR-US: Adobe
CVE-2019-7990 (Adobe Photoshop CC versions 19.1.8 and earlier and 20.0.5 and earlier  ...)
	NOT-FOR-US: Adobe
CVE-2019-7989 (Adobe Photoshop CC versions 19.1.8 and earlier and 20.0.5 and earlier  ...)
	NOT-FOR-US: Adobe
CVE-2019-7988 (Adobe Photoshop CC versions 19.1.8 and earlier and 20.0.5 and earlier  ...)
	NOT-FOR-US: Adobe
CVE-2019-7987 (Adobe Photoshop CC versions 19.1.8 and earlier and 20.0.5 and earlier  ...)
	NOT-FOR-US: Adobe
CVE-2019-7986 (Adobe Photoshop CC versions 19.1.8 and earlier and 20.0.5 and earlier  ...)
	NOT-FOR-US: Adobe
CVE-2019-7985 (Adobe Photoshop CC versions 19.1.8 and earlier and 20.0.5 and earlier  ...)
	NOT-FOR-US: Adobe
CVE-2019-7984 (Adobe Photoshop CC versions 19.1.8 and earlier and 20.0.5 and earlier  ...)
	NOT-FOR-US: Adobe
CVE-2019-7983 (Adobe Photoshop CC versions 19.1.8 and earlier and 20.0.5 and earlier  ...)
	NOT-FOR-US: Adobe
CVE-2019-7982 (Adobe Photoshop CC versions 19.1.8 and earlier and 20.0.5 and earlier  ...)
	NOT-FOR-US: Adobe
CVE-2019-7981 (Adobe Photoshop CC versions 19.1.8 and earlier and 20.0.5 and earlier  ...)
	NOT-FOR-US: Adobe
CVE-2019-7980 (Adobe Photoshop CC versions 19.1.8 and earlier and 20.0.5 and earlier  ...)
	NOT-FOR-US: Adobe
CVE-2019-7979 (Adobe Photoshop CC versions 19.1.8 and earlier and 20.0.5 and earlier  ...)
	NOT-FOR-US: Adobe
CVE-2019-7978 (Adobe Photoshop CC versions 19.1.8 and earlier and 20.0.5 and earlier  ...)
	NOT-FOR-US: Adobe
CVE-2019-7977 (Adobe Photoshop CC versions 19.1.8 and earlier and 20.0.5 and earlier  ...)
	NOT-FOR-US: Adobe
CVE-2019-7976 (Adobe Photoshop CC versions 19.1.8 and earlier and 20.0.5 and earlier  ...)
	NOT-FOR-US: Adobe
CVE-2019-7975 (Adobe Photoshop CC versions 19.1.8 and earlier and 20.0.5 and earlier  ...)
	NOT-FOR-US: Adobe
CVE-2019-7974 (Adobe Photoshop CC versions 19.1.8 and earlier and 20.0.5 and earlier  ...)
	NOT-FOR-US: Adobe
CVE-2019-7973 (Adobe Photoshop CC versions 19.1.8 and earlier and 20.0.5 and earlier  ...)
	NOT-FOR-US: Adobe
CVE-2019-7972 (Adobe Photoshop CC versions 19.1.8 and earlier and 20.0.5 and earlier  ...)
	NOT-FOR-US: Adobe
CVE-2019-7971 (Adobe Photoshop CC versions 19.1.8 and earlier and 20.0.5 and earlier  ...)
	NOT-FOR-US: Adobe
CVE-2019-7970 (Adobe Photoshop CC versions 19.1.8 and earlier and 20.0.5 and earlier  ...)
	NOT-FOR-US: Adobe
CVE-2019-7969 (Adobe Photoshop CC versions 19.1.8 and earlier and 20.0.5 and earlier  ...)
	NOT-FOR-US: Adobe
CVE-2019-7968 (Adobe Photoshop CC versions 19.1.8 and earlier and 20.0.5 and earlier  ...)
	NOT-FOR-US: Adobe
CVE-2019-7967
	RESERVED
CVE-2019-7966
	RESERVED
CVE-2019-7965 (Adobe Acrobat and Reader versions , 2019.012.20035 and earlier, 2019.0 ...)
	NOT-FOR-US: Adobe
CVE-2019-7964 (Adobe Experience Manager versions 6.5, and 6.4 have an authentication  ...)
	NOT-FOR-US: Adobe Experience Manager
CVE-2019-7963 (Adobe Bridge CC version 9.0.2 and earlier versions have an out of boun ...)
	NOT-FOR-US: Adobe Bridge CC
CVE-2019-7962 (Adobe Illustrator CC versions 23.1 and earlier have an insecure librar ...)
	NOT-FOR-US: Adobe
CVE-2019-7961 (Adobe Prelude CC versions 8.1 and earlier have an insecure library loa ...)
	NOT-FOR-US: Adobe
CVE-2019-7960 (Adobe Animate CC versions 19.2.1 and earlier have an insecure library  ...)
	NOT-FOR-US: Adobe
CVE-2019-7959 (Creative Cloud Desktop Application versions 4.6.1 and earlier have a u ...)
	NOT-FOR-US: Creative Cloud Desktop Application
CVE-2019-7958 (Creative Cloud Desktop Application versions 4.6.1 and earlier have an  ...)
	NOT-FOR-US: Creative Cloud Desktop Application
CVE-2019-7957 (Creative Cloud Desktop Application versions 4.6.1 and earlier have a s ...)
	NOT-FOR-US: Creative Cloud Desktop Application
CVE-2019-7956 (Adobe Dreamweaver direct download installer versions 19.0 and below, 1 ...)
	NOT-FOR-US: Adobe
CVE-2019-7955 (Adobe Experience Manager version 6.4 and ealier have a Reflected Cross ...)
	NOT-FOR-US: Adobe
CVE-2019-7954 (Adobe Experience Manager version 6.4 and ealier have a Stored Cross-si ...)
	NOT-FOR-US: Adobe
CVE-2019-7953 (Adobe Experience Manager version 6.4 and ealier have a Cross-Site Requ ...)
	NOT-FOR-US: Adobe
CVE-2019-7952
	RESERVED
CVE-2019-7951 (An information leakage vulnerability exists in Magento 2.1 prior to 2. ...)
	NOT-FOR-US: Magento
CVE-2019-7950 (An access control bypass vulnerability exists in Magento 2.1 prior to  ...)
	NOT-FOR-US: Magento
CVE-2019-7949
	RESERVED
CVE-2019-7948
	RESERVED
CVE-2019-7947 (A cross-site request forgery vulnerability exists in the GiftCardAccou ...)
	NOT-FOR-US: Magento
CVE-2019-7946
	RESERVED
CVE-2019-7945 (A stored cross-cite scripting vulnerability exists in Magento Open Sou ...)
	NOT-FOR-US: Magento
CVE-2019-7944 (A stored cross-site scripting vulnerability exists in the product comm ...)
	NOT-FOR-US: Magento
CVE-2019-7943
	RESERVED
CVE-2019-7942 (A remote code execution vulnerability exists in Magento 2.1 prior to 2 ...)
	NOT-FOR-US: Magento
CVE-2019-7941 (Adobe Campaign Classic version 18.10.5-8984 and earlier versions have  ...)
	NOT-FOR-US: Adobe
CVE-2019-7940 (A stored cross-site scripting vulnerability exists in the admin panel  ...)
	NOT-FOR-US: Magento
CVE-2019-7939 (A reflected cross-site scripting vulnerability exists on the customer  ...)
	NOT-FOR-US: Magento
CVE-2019-7938 (A stored cross-site scripting vulnerability exists in the admin panel  ...)
	NOT-FOR-US: Magento
CVE-2019-7937 (A stored cross-site scripting vulnerability exists in the admin panel  ...)
	NOT-FOR-US: Magento
CVE-2019-7936 (A stored cross-site scripting vulnerability exists in the admin panel  ...)
	NOT-FOR-US: Magento
CVE-2019-7935 (A stored cross-site scripting vulnerability exists in the admin panel  ...)
	NOT-FOR-US: Magento
CVE-2019-7934 (A stored cross-site scripting vulnerability exists in the admin panel  ...)
	NOT-FOR-US: Magento
CVE-2019-7933
	RESERVED
CVE-2019-7932 (A remote code execution vulnerability exists in Magento Open Source pr ...)
	NOT-FOR-US: Magento
CVE-2019-7931 (Adobe Premiere Pro CC versions 13.1.2 and earlier have an insecure lib ...)
	NOT-FOR-US: Adobe
CVE-2019-7930 (A file upload restriction bypass exists in Magento 2.1 prior to 2.1.18 ...)
	NOT-FOR-US: Magento
CVE-2019-7929 (An information leakage vulnerability exists in Magento 2.1 prior to 2. ...)
	NOT-FOR-US: Magento
CVE-2019-7928 (A denial-of-service (DoS) vulnerability exists in Magento 2.1 prior to ...)
	NOT-FOR-US: Magento
CVE-2019-7927 (A stored cross-site scripting vulnerability exists in the admin panel  ...)
	NOT-FOR-US: Magento
CVE-2019-7926 (A stored cross-site scripting vulnerability exists in the admin panel  ...)
	NOT-FOR-US: Magento
CVE-2019-7925 (An insecure direct object reference (IDOR) vulnerability exists in Mag ...)
	NOT-FOR-US: Magento
CVE-2019-7924
	RESERVED
CVE-2019-7923 (A server-side request forgery (SSRF) vulnerability exists in Magento 2 ...)
	NOT-FOR-US: Magento
CVE-2019-7922
	RESERVED
CVE-2019-7921 (A stored cross-site scripting vulnerability exists in the product cata ...)
	NOT-FOR-US: Magento
CVE-2019-7920
	RESERVED
CVE-2019-7919
	RESERVED
CVE-2019-7918
	RESERVED
CVE-2019-7917
	RESERVED
CVE-2019-7916
	RESERVED
CVE-2019-7915 (A denial-of-service vulnerability exists in Magento 2.1 prior to 2.1.1 ...)
	NOT-FOR-US: Magento
CVE-2019-7914
	RESERVED
CVE-2019-7913 (A server-side request forgery (SSRF) vulnerability exists in Magento 2 ...)
	NOT-FOR-US: Magento
CVE-2019-7912 (A file upload filter bypass exists in Magento 2.1 prior to 2.1.18, Mag ...)
	NOT-FOR-US: Magento
CVE-2019-7911 (A server-side request forgery (SSRF) vulnerability exists in Magento O ...)
	NOT-FOR-US: Magento
CVE-2019-7910
	RESERVED
CVE-2019-7909 (A stored cross-site scripting vulnerability exists in the admin panel  ...)
	NOT-FOR-US: Magento
CVE-2019-7908 (A stored cross-site scripting vulnerability exists in the admin panel  ...)
	NOT-FOR-US: Magento
CVE-2019-7907
	RESERVED
CVE-2019-7906
	RESERVED
CVE-2019-7905
	RESERVED
CVE-2019-7904 (Insufficient enforcement of user access controls in Magento 2.1 prior  ...)
	NOT-FOR-US: Magento
CVE-2019-7903 (A remote code execution vulnerability exists in Magento 2.1 prior to 2 ...)
	NOT-FOR-US: Magento
CVE-2019-7902
	RESERVED
CVE-2019-7901
	RESERVED
CVE-2019-7900
	RESERVED
CVE-2019-7899 (Names of disabled downloadable products could be disclosed due to inad ...)
	NOT-FOR-US: Magento
CVE-2019-7898 (Samples of disabled downloadable products are accessible in Magento Op ...)
	NOT-FOR-US: Magento
CVE-2019-7897 (A stored cross-site scripting vulnerability exists in the admin panel  ...)
	NOT-FOR-US: Magento
CVE-2019-7896 (A remote code execution vulnerability exists in Magento 2.1 prior to 2 ...)
	NOT-FOR-US: Magento
CVE-2019-7895 (A remote code execution vulnerability exists in Magento 2.1 prior to 2 ...)
	NOT-FOR-US: Magento
CVE-2019-7894
	RESERVED
CVE-2019-7893
	RESERVED
CVE-2019-7892 (A remote code execution vulnerability exists in Magento 2.1 prior to 2 ...)
	NOT-FOR-US: Magento
CVE-2019-7891
	RESERVED
CVE-2019-7890 (An Insecure Direct Object Reference (IDOR) vulnerability exists in the ...)
	NOT-FOR-US: Magento
CVE-2019-7889 (An injection vulnerability exists in Magento Open Source prior to 1.9. ...)
	NOT-FOR-US: Magento
CVE-2019-7888 (An information disclosure vulnerability exists in Magento 2.1 prior to ...)
	NOT-FOR-US: Magento
CVE-2019-7887 (A reflected cross-site scripting vulnerability exists in the admin pan ...)
	NOT-FOR-US: Magento
CVE-2019-7886 (A cryptograhic flaw exists in Magento 2.1 prior to 2.1.18, Magento 2.2 ...)
	NOT-FOR-US: Magento
CVE-2019-7885 (Insufficient input validation in the config builder of the Elastic sea ...)
	NOT-FOR-US: Magento
CVE-2019-7884
	RESERVED
CVE-2019-7883
	RESERVED
CVE-2019-7882 (A stored cross-site scripting vulnerability exists in the WYSIWYG edit ...)
	NOT-FOR-US: Magento
CVE-2019-7881 (A cross-site scripting mitigation bypass exists in Magento 2.1 prior t ...)
	NOT-FOR-US: Magento
CVE-2019-7880 (A stored cross-site scripting vulnerability exists in the admin panel  ...)
	NOT-FOR-US: Magento
CVE-2019-7879
	RESERVED
CVE-2019-7878
	RESERVED
CVE-2019-7877 (A stored cross-site scripting vulnerability exists in the admin panel  ...)
	NOT-FOR-US: Magento
CVE-2019-7876 (A remote code execution vulnerability exists in Magento 2.1 prior to 2 ...)
	NOT-FOR-US: Magento
CVE-2019-7875 (A stored cross-site scripting vulnerability exists in the admin panel  ...)
	NOT-FOR-US: Magento
CVE-2019-7874 (A cross-site request forgery vulnerability exists in Magento 2.1 prior ...)
	NOT-FOR-US: Magento
CVE-2019-7873 (A cross-site request forgery vulnerability exists in Magento 2.1 prior ...)
	NOT-FOR-US: Magento
CVE-2019-7872 (An insecure direct object reference (IDOR) vulnerability exists in Mag ...)
	NOT-FOR-US: Magento
CVE-2019-7871 (A security bypass exists in Magento 2.1 prior to 2.1.18, Magento 2.2 p ...)
	NOT-FOR-US: Magento
CVE-2019-7870 (Adobe Character Animator versions 2.1 and earlier have an insecure lib ...)
	NOT-FOR-US: Adobe
CVE-2019-7869 (A stored cross-site scripting vulnerability exists in the admin panel  ...)
	NOT-FOR-US: Magento
CVE-2019-7868 (A stored cross-site scripting vulnerability exists in the admin panel  ...)
	NOT-FOR-US: Magento
CVE-2019-7867 (A stored cross-site scripting vulnerability exists in the admin panel  ...)
	NOT-FOR-US: Magento
CVE-2019-7866 (A stored cross-site scripting vulnerability exists in the admin panel  ...)
	NOT-FOR-US: Magento
CVE-2019-7865 (A cross-site request forgery (CSRF) vulnerability exists in the checko ...)
	NOT-FOR-US: Magento
CVE-2019-7864 (An insecure direct object reference (IDOR) vulnerability exists in the ...)
	NOT-FOR-US: Magento
CVE-2019-7863 (A stored cross-site scripting vulnerability exists in the admin panel  ...)
	NOT-FOR-US: Magento
CVE-2019-7862 (A reflected cross-site scripting vulnerability exists in the Product w ...)
	NOT-FOR-US: Magento
CVE-2019-7861 (Insufficient server-side validation of user input could allow an attac ...)
	NOT-FOR-US: Magento
CVE-2019-7860 (A cryptographically weak pseudo-rando number generator is used in mult ...)
	NOT-FOR-US: Magento
CVE-2019-7859 (A path traversal vulnerability in the WYSIWYG editor for Magento 2.1 p ...)
	NOT-FOR-US: Magento
CVE-2019-7858 (A cryptographic flaw in Magento 2.1 prior to 2.1.18, Magento 2.2 prior ...)
	NOT-FOR-US: Magento
CVE-2019-7857 (A cross-site request forgery vulnerability in Magento 2.1 prior to 2.1 ...)
	NOT-FOR-US: Magento
CVE-2019-7856
	RESERVED
CVE-2019-7855 (A cryptograhic flaw in Magento 2.1 prior to 2.1.18, Magento 2.2 prior  ...)
	NOT-FOR-US: Magento
CVE-2019-7854 (An insecure direct object reference (IDOR) vulnerability in Magento 2. ...)
	NOT-FOR-US: Magento
CVE-2019-7853 (A stored cross-site scripting vulnerability exists in Magento 2.1 prio ...)
	NOT-FOR-US: Magento
CVE-2019-7852 (A path disclosure vulnerability exists in Magento 2.1 prior to 2.1.18, ...)
	NOT-FOR-US: Magento
CVE-2019-7851 (A cross-site request forgery vulnerability in Magento 2.1 prior to 2.1 ...)
	NOT-FOR-US: Magento
CVE-2019-7850 (Adobe Campaign Classic version 18.10.5-8984 and earlier versions have  ...)
	NOT-FOR-US: Adobe
CVE-2019-7849 (A defense-in-depth check was added to mitigate inadequate session vali ...)
	NOT-FOR-US: Magento
CVE-2019-7848 (Adobe Campaign Classic version 18.10.5-8984 and earlier versions have  ...)
	NOT-FOR-US: Adobe
CVE-2019-7847 (Adobe Campaign Classic version 18.10.5-8984 and earlier versions have  ...)
	NOT-FOR-US: Adobe
CVE-2019-7846 (Adobe Campaign Classic version 18.10.5-8984 and earlier versions have  ...)
	NOT-FOR-US: Adobe
CVE-2019-7845 (Adobe Flash Player versions 32.0.0.192 and earlier, 32.0.0.192 and ear ...)
	NOT-FOR-US: Adobe
CVE-2019-7844 (Adobe Media Encoder version 13.0.2 has an out-of-bounds read vulnerabi ...)
	NOT-FOR-US: Adobe
CVE-2019-7843 (Adobe Campaign Classic version 18.10.5-8984 and earlier versions have  ...)
	NOT-FOR-US: Adobe
CVE-2019-7842 (Adobe Media Encoder version 13.0.2 has a use-after-free vulnerability. ...)
	NOT-FOR-US: Adobe
CVE-2019-7841 (Adobe Acrobat and Reader versions 2019.010.20100 and earlier, 2019.010 ...)
	NOT-FOR-US: Adobe
CVE-2019-7840 (ColdFusion versions Update 3 and earlier, Update 10 and earlier, and U ...)
	NOT-FOR-US: Adobe ColdFusion
CVE-2019-7839 (ColdFusion versions Update 3 and earlier, Update 10 and earlier, and U ...)
	NOT-FOR-US: Adobe ColdFusion
CVE-2019-7838 (ColdFusion versions Update 3 and earlier, Update 10 and earlier, and U ...)
	NOT-FOR-US: Adobe ColdFusion
CVE-2019-7837 (Adobe Flash Player versions 32.0.0.171 and earlier, 32.0.0.171 and ear ...)
	NOT-FOR-US: Adobe
CVE-2019-7836 (Adobe Acrobat and Reader versions 2019.010.20100 and earlier, 2019.010 ...)
	NOT-FOR-US: Adobe
CVE-2019-7835 (Adobe Acrobat and Reader versions 2019.010.20100 and earlier, 2019.010 ...)
	NOT-FOR-US: Adobe
CVE-2019-7834 (Adobe Acrobat and Reader versions 2019.010.20100 and earlier, 2019.010 ...)
	NOT-FOR-US: Adobe
CVE-2019-7833 (Adobe Acrobat and Reader versions 2019.010.20100 and earlier, 2019.010 ...)
	NOT-FOR-US: Adobe
CVE-2019-7832 (Adobe Acrobat and Reader versions , 2019.012.20035 and earlier, 2019.0 ...)
	NOT-FOR-US: Adobe
CVE-2019-7831 (Adobe Acrobat and Reader versions 2019.010.20100 and earlier, 2019.010 ...)
	NOT-FOR-US: Adobe
CVE-2019-7830 (Adobe Acrobat and Reader versions 2019.010.20100 and earlier, 2019.010 ...)
	NOT-FOR-US: Adobe
CVE-2019-7829 (Adobe Acrobat and Reader versions 2019.010.20100 and earlier, 2019.010 ...)
	NOT-FOR-US: Adobe
CVE-2019-7828 (Adobe Acrobat and Reader versions 2019.010.20100 and earlier, 2019.010 ...)
	NOT-FOR-US: Adobe
CVE-2019-7827 (Adobe Acrobat and Reader versions 2019.010.20100 and earlier, 2019.010 ...)
	NOT-FOR-US: Adobe
CVE-2019-7826 (Adobe Acrobat and Reader versions 2019.010.20100 and earlier, 2019.010 ...)
	NOT-FOR-US: Adobe
CVE-2019-7825 (Adobe Acrobat and Reader versions 2019.010.20100 and earlier, 2019.010 ...)
	NOT-FOR-US: Adobe
CVE-2019-7824 (Adobe Acrobat and Reader versions 2019.010.20100 and earlier, 2019.010 ...)
	NOT-FOR-US: Adobe
CVE-2019-7823 (Adobe Acrobat and Reader versions 2019.010.20100 and earlier, 2019.010 ...)
	NOT-FOR-US: Adobe
CVE-2019-7822 (Adobe Acrobat and Reader versions 2019.010.20100 and earlier, 2019.010 ...)
	NOT-FOR-US: Adobe
CVE-2019-7821 (Adobe Acrobat and Reader versions 2019.010.20100 and earlier, 2019.010 ...)
	NOT-FOR-US: Adobe
CVE-2019-7820 (Adobe Acrobat and Reader versions 2019.010.20100 and earlier, 2019.010 ...)
	NOT-FOR-US: Adobe
CVE-2019-7819
	RESERVED
CVE-2019-7818 (Adobe Acrobat and Reader versions 2019.010.20100 and earlier, 2019.010 ...)
	NOT-FOR-US: Adobe
CVE-2019-7817 (Adobe Acrobat and Reader versions 2019.010.20100 and earlier, 2019.010 ...)
	NOT-FOR-US: Adobe
CVE-2019-7816 (ColdFusion versions Update 2 and earlier, Update 9 and earlier, and Up ...)
	NOT-FOR-US: Adobe
CVE-2019-7815 (Adobe Acrobat and Reader versions 2019.010.20091 and earlier, 2019.010 ...)
	NOT-FOR-US: Adobe
CVE-2019-7814 (Adobe Acrobat and Reader versions 2019.010.20100 and earlier, 2019.010 ...)
	NOT-FOR-US: Adobe
CVE-2019-7813 (Adobe Acrobat and Reader versions 2019.010.20100 and earlier, 2019.010 ...)
	NOT-FOR-US: Adobe
CVE-2019-7812 (Adobe Acrobat and Reader versions 2019.010.20100 and earlier, 2019.010 ...)
	NOT-FOR-US: Adobe
CVE-2019-7811 (Adobe Acrobat and Reader versions 2019.010.20100 and earlier, 2019.010 ...)
	NOT-FOR-US: Adobe
CVE-2019-7810 (Adobe Acrobat and Reader versions 2019.010.20100 and earlier, 2019.010 ...)
	NOT-FOR-US: Adobe
CVE-2019-7809 (Adobe Acrobat and Reader versions 2019.010.20100 and earlier, 2019.010 ...)
	NOT-FOR-US: Adobe
CVE-2019-7808 (Adobe Acrobat and Reader versions 2019.010.20100 and earlier, 2019.010 ...)
	NOT-FOR-US: Adobe
CVE-2019-7807 (Adobe Acrobat and Reader versions 2019.010.20100 and earlier, 2019.010 ...)
	NOT-FOR-US: Adobe
CVE-2019-7806 (Adobe Acrobat and Reader versions 2019.010.20100 and earlier, 2019.010 ...)
	NOT-FOR-US: Adobe
CVE-2019-7805 (Adobe Acrobat and Reader versions 2019.010.20100 and earlier, 2019.010 ...)
	NOT-FOR-US: Adobe
CVE-2019-7804 (Adobe Acrobat and Reader versions 2019.010.20100 and earlier, 2019.010 ...)
	NOT-FOR-US: Adobe
CVE-2019-7803 (Adobe Acrobat and Reader versions 2019.010.20100 and earlier, 2019.010 ...)
	NOT-FOR-US: Adobe
CVE-2019-7802 (Adobe Acrobat and Reader versions 2019.010.20100 and earlier, 2019.010 ...)
	NOT-FOR-US: Adobe
CVE-2019-7801 (Adobe Acrobat and Reader versions 2019.010.20100 and earlier, 2019.010 ...)
	NOT-FOR-US: Adobe
CVE-2019-7800 (Adobe Acrobat and Reader versions 2019.010.20100 and earlier, 2019.010 ...)
	NOT-FOR-US: Adobe
CVE-2019-7799 (Adobe Acrobat and Reader versions 2019.010.20100 and earlier, 2019.010 ...)
	NOT-FOR-US: Adobe
CVE-2019-7798 (Adobe Acrobat and Reader versions 2019.010.20100 and earlier, 2019.010 ...)
	NOT-FOR-US: Adobe
CVE-2019-7797 (Adobe Acrobat and Reader versions 2019.010.20100 and earlier, 2019.010 ...)
	NOT-FOR-US: Adobe
CVE-2019-7796 (Adobe Acrobat and Reader versions 2019.010.20100 and earlier, 2019.010 ...)
	NOT-FOR-US: Adobe
CVE-2019-7795 (Adobe Acrobat and Reader versions 2019.010.20100 and earlier, 2019.010 ...)
	NOT-FOR-US: Adobe
CVE-2019-7794 (Adobe Acrobat and Reader versions 2019.010.20100 and earlier, 2019.010 ...)
	NOT-FOR-US: Adobe
CVE-2019-7793 (Adobe Acrobat and Reader versions 2019.010.20100 and earlier, 2019.010 ...)
	NOT-FOR-US: Adobe
CVE-2019-7792 (Adobe Acrobat and Reader versions 2019.010.20100 and earlier, 2019.010 ...)
	NOT-FOR-US: Adobe
CVE-2019-7791 (Adobe Acrobat and Reader versions 2019.010.20100 and earlier, 2019.010 ...)
	NOT-FOR-US: Adobe
CVE-2019-7790 (Adobe Acrobat and Reader versions 2019.010.20100 and earlier, 2019.010 ...)
	NOT-FOR-US: Adobe
CVE-2019-7789 (Adobe Acrobat and Reader versions 2019.010.20100 and earlier, 2019.010 ...)
	NOT-FOR-US: Adobe
CVE-2019-7788 (Adobe Acrobat and Reader versions 2019.010.20100 and earlier, 2019.010 ...)
	NOT-FOR-US: Adobe
CVE-2019-7787 (Adobe Acrobat and Reader versions 2019.010.20100 and earlier, 2019.010 ...)
	NOT-FOR-US: Adobe
CVE-2019-7786 (Adobe Acrobat and Reader versions 2019.010.20100 and earlier, 2019.010 ...)
	NOT-FOR-US: Adobe
CVE-2019-7785 (Adobe Acrobat and Reader versions 2019.010.20100 and earlier, 2019.010 ...)
	NOT-FOR-US: Adobe
CVE-2019-7784 (Adobe Acrobat and Reader versions 2019.010.20100 and earlier, 2019.010 ...)
	NOT-FOR-US: Adobe
CVE-2019-7783 (Adobe Acrobat and Reader versions 2019.010.20100 and earlier, 2019.010 ...)
	NOT-FOR-US: Adobe
CVE-2019-7782 (Adobe Acrobat and Reader versions 2019.010.20100 and earlier, 2019.010 ...)
	NOT-FOR-US: Adobe
CVE-2019-7781 (Adobe Acrobat and Reader versions 2019.010.20100 and earlier, 2019.010 ...)
	NOT-FOR-US: Adobe
CVE-2019-7780 (Adobe Acrobat and Reader versions 2019.010.20100 and earlier, 2019.010 ...)
	NOT-FOR-US: Adobe
CVE-2019-7779 (Adobe Acrobat and Reader versions 2019.010.20100 and earlier, 2019.010 ...)
	NOT-FOR-US: Adobe
CVE-2019-7778 (Adobe Acrobat and Reader versions 2019.010.20100 and earlier, 2019.010 ...)
	NOT-FOR-US: Adobe
CVE-2019-7777 (Adobe Acrobat and Reader versions 2019.010.20100 and earlier, 2019.010 ...)
	NOT-FOR-US: Adobe
CVE-2019-7776 (Adobe Acrobat and Reader versions 2019.010.20100 and earlier, 2019.010 ...)
	NOT-FOR-US: Adobe
CVE-2019-7775 (Adobe Acrobat and Reader versions 2019.010.20100 and earlier, 2019.010 ...)
	NOT-FOR-US: Adobe
CVE-2019-7774 (Adobe Acrobat and Reader versions 2019.010.20100 and earlier, 2019.010 ...)
	NOT-FOR-US: Adobe
CVE-2019-7773 (Adobe Acrobat and Reader versions 2019.010.20100 and earlier, 2019.010 ...)
	NOT-FOR-US: Adobe
CVE-2019-7772 (Adobe Acrobat and Reader versions 2019.010.20100 and earlier, 2019.010 ...)
	NOT-FOR-US: Adobe
CVE-2019-7771 (Adobe Acrobat and Reader versions 2019.010.20100 and earlier, 2019.010 ...)
	NOT-FOR-US: Adobe
CVE-2019-7770 (Adobe Acrobat and Reader versions 2019.010.20100 and earlier, 2019.010 ...)
	NOT-FOR-US: Adobe
CVE-2019-7769 (Adobe Acrobat and Reader versions 2019.010.20100 and earlier, 2019.010 ...)
	NOT-FOR-US: Adobe
CVE-2019-7768 (Adobe Acrobat and Reader versions 2019.010.20100 and earlier, 2019.010 ...)
	NOT-FOR-US: Adobe
CVE-2019-7767 (Adobe Acrobat and Reader versions 2019.010.20100 and earlier, 2019.010 ...)
	NOT-FOR-US: Adobe
CVE-2019-7766 (Adobe Acrobat and Reader versions 2019.010.20100 and earlier, 2019.010 ...)
	NOT-FOR-US: Adobe
CVE-2019-7765 (Adobe Acrobat and Reader versions 2019.010.20100 and earlier, 2019.010 ...)
	NOT-FOR-US: Adobe
CVE-2019-7764 (Adobe Acrobat and Reader versions 2019.010.20100 and earlier, 2019.010 ...)
	NOT-FOR-US: Adobe
CVE-2019-7763 (Adobe Acrobat and Reader versions 2019.010.20100 and earlier, 2019.010 ...)
	NOT-FOR-US: Adobe
CVE-2019-7762 (Adobe Acrobat and Reader versions 2019.010.20100 and earlier, 2019.010 ...)
	NOT-FOR-US: Adobe
CVE-2019-7761 (Adobe Acrobat and Reader versions 2019.010.20100 and earlier, 2019.010 ...)
	NOT-FOR-US: Adobe
CVE-2019-7760 (Adobe Acrobat and Reader versions 2019.010.20100 and earlier, 2019.010 ...)
	NOT-FOR-US: Adobe
CVE-2019-7759 (Adobe Acrobat and Reader versions 2019.010.20100 and earlier, 2019.010 ...)
	NOT-FOR-US: Adobe
CVE-2019-7758 (Adobe Acrobat and Reader versions 2019.010.20100 and earlier, 2019.010 ...)
	NOT-FOR-US: Adobe
CVE-2019-7757
	RESERVED
CVE-2019-7756
	RESERVED
CVE-2019-7755 (In webERP 4.15, the Import Bank Transactions function fails to sanitiz ...)
	NOT-FOR-US: webERP
CVE-2019-7754
	RESERVED
CVE-2019-7753 (Verydows 2.0 has XSS via the index.php?m=api&amp;c=stats&amp;a=count r ...)
	NOT-FOR-US: Verydows
CVE-2019-7752
	RESERVED
CVE-2019-7751 (A directory traversal and local file inclusion vulnerability in FPProd ...)
	NOT-FOR-US: Ricoh
CVE-2019-7750
	RESERVED
CVE-2019-7749
	RESERVED
CVE-2019-7748 (_includes\online.php in DbNinja 3.2.7 allows XSS via the data.php task ...)
	NOT-FOR-US: DbNinja
CVE-2019-7747 (DbNinja 3.2.7 allows session fixation via the data.php sessid paramete ...)
	NOT-FOR-US: DbNinja
CVE-2019-7746 (JioFi 4 jmr1140 Amtel_JMR1140_R12.07 devices allow remote attackers to ...)
	NOT-FOR-US: JioFi 4 jmr1140 Amtel_JMR1140_R12.07 devices
CVE-2019-7745 (JioFi 4 jmr1140 Amtel_JMR1140_R12.07 devices allow remote attackers to ...)
	NOT-FOR-US: JioFi 4 jmr1140 Amtel_JMR1140_R12.07 devices
CVE-2019-7744 (An issue was discovered in Joomla! before 3.9.3. Inadequate filtering  ...)
	NOT-FOR-US: Joomla!
CVE-2019-7743 (An issue was discovered in Joomla! before 3.9.3. The phar:// stream wr ...)
	NOT-FOR-US: Joomla!
CVE-2019-7742 (An issue was discovered in Joomla! before 3.9.3. A combination of spec ...)
	NOT-FOR-US: Joomla!
CVE-2019-7741 (An issue was discovered in Joomla! before 3.9.3. Inadequate checks at  ...)
	NOT-FOR-US: Joomla!
CVE-2019-7740 (An issue was discovered in Joomla! before 3.9.3. Inadequate parameter  ...)
	NOT-FOR-US: Joomla!
CVE-2019-7739 (An issue was discovered in Joomla! before 3.9.3. The "No Filtering" te ...)
	NOT-FOR-US: Joomla!
CVE-2019-7738 (C.P.Sub before 5.3 allows CSRF via a manage.php?p=article_del&amp;id=  ...)
	NOT-FOR-US: C.P.Sub
CVE-2019-7737 (A CSRF vulnerability was found in Verydows v2.0 that can add an admin  ...)
	NOT-FOR-US: Verydows
CVE-2019-7736 (D-Link DIR-600M C1 3.04 devices allow authentication bypass via a dire ...)
	NOT-FOR-US: D-Link
CVE-2019-7735
	RESERVED
CVE-2019-7734
	RESERVED
CVE-2019-7733 (In Live555 0.95, there is a buffer overflow via a large integer in a C ...)
	[experimental] - liblivemedia 2019.05.12-1
	- liblivemedia 2019.10.11-2 (low; bug #929948)
	[buster] - liblivemedia <no-dsa> (Minor issue)
	[stretch] - liblivemedia <no-dsa> (Minor issue)
	[jessie] - liblivemedia <postponed> (Minor issue)
	NOTE: https://github.com/rgaufman/live555/issues/21
	NOTE: fixed in 2019.05.12: http://www.live555.com/liveMedia/public/changelog.txt
CVE-2019-7732 (In Live555 0.95, a setup packet can cause a memory leak leading to DoS ...)
	- liblivemedia <unfixed> (unimportant)
	[stretch] - liblivemedia <no-dsa> (Minor issue)
	[jessie] - liblivemedia <no-dsa> (Minor issue, unlikely to be exploited in practice)
	NOTE: https://github.com/rgaufman/live555/issues/20
	NOTE: upstream considers this issue invalid: http://lists.live555.com/pipermail/live-devel/2019-May/021218.html
CVE-2019-7731 (MyWebSQL 3.7 has a remote code execution (RCE) vulnerability after an  ...)
	NOT-FOR-US: MyWebSQL
CVE-2019-7730 (MyWebSQL 3.7 has a Cross-site request forgery (CSRF) vulnerability for ...)
	NOT-FOR-US: MyWebSQL
CVE-2019-7729 (An issue was discovered in the Bosch Smart Camera App before 1.3.1 for ...)
	NOT-FOR-US: Bosch Smart Camera App
CVE-2019-7728 (An issue was discovered in the Bosch Smart Camera App before 1.3.1 for ...)
	NOT-FOR-US: Bosch Smart Camera App
CVE-2019-7727 (In NICE Engage through 6.5, the default configuration binds an unauthe ...)
	NOT-FOR-US: NICE Engage
CVE-2019-7726
	RESERVED
CVE-2019-7725
	RESERVED
CVE-2019-7724
	RESERVED
CVE-2019-7723
	RESERVED
CVE-2019-7722 (PMD 5.8.1 and earlier processes XML external entities in ruleset files ...)
	NOT-FOR-US: PMD
CVE-2019-XXXX [fuse mount exposes backup to unauthorized users]
	- borgbackup 1.1.9-1 (bug #922080)
	[stretch] - borgbackup <no-dsa> (Minor issue)
	NOTE: https://github.com/borgbackup/borg/issues/3903
CVE-2019-7721 (lib/NCCms.class.php in nc-cms 3.5 allows upload of .php files via the  ...)
	NOT-FOR-US: nc-cms
CVE-2019-7720 (taocms through 2014-05-24 allows eval injection by placing PHP code in ...)
	NOT-FOR-US: taocms
CVE-2019-7719 (Nibbleblog 4.0.5 allows eval injection by placing PHP code in the inst ...)
	NOT-FOR-US: Nibbleblog
CVE-2019-7718 (An issue was discovered in Metinfo 6.x. An attacker can leverage a rac ...)
	NOT-FOR-US: Metinfo
CVE-2019-7717
	RESERVED
CVE-2019-7716
	RESERVED
CVE-2019-7715 (An issue was discovered in the Interpeak IPCOMShell TELNET server on G ...)
	NOT-FOR-US: Interpeak
CVE-2019-7714 (An issue was discovered in Interpeak IPWEBS on Green Hills INTEGRITY R ...)
	NOT-FOR-US: Interpeak
CVE-2019-7713 (An issue was discovered in the Interpeak IPCOMShell TELNET server on G ...)
	NOT-FOR-US: Interpeak
CVE-2019-7712 (An issue was discovered in handler_ipcom_shell_pwd in the Interpeak IP ...)
	NOT-FOR-US: Interpeak
CVE-2019-7711 (An issue was discovered in the Interpeak IPCOMShell TELNET server on G ...)
	NOT-FOR-US: Interpeak
CVE-2019-7710
	RESERVED
CVE-2019-7709
	RESERVED
CVE-2019-7708
	RESERVED
CVE-2019-7707
	RESERVED
CVE-2019-7706
	RESERVED
CVE-2019-7705
	RESERVED
CVE-2019-7704 (wasm::WasmBinaryBuilder::readUserSection in wasm-binary.cpp in Binarye ...)
	- binaryen 64-1
	NOTE: https://github.com/WebAssembly/binaryen/issues/1866
CVE-2019-7703 (In Binaryen 1.38.22, there is a use-after-free problem in wasm::WasmBi ...)
	- binaryen 64-1
	NOTE: https://github.com/WebAssembly/binaryen/issues/1865
CVE-2019-7702 (A NULL pointer dereference was discovered in wasm::SExpressionWasmBuil ...)
	- binaryen 64-1
	NOTE: https://github.com/WebAssembly/binaryen/issues/1867
CVE-2019-7701 (A heap-based buffer over-read was discovered in wasm::SExpressionParse ...)
	- binaryen 64-1
	NOTE: https://github.com/WebAssembly/binaryen/issues/1863
CVE-2019-7700 (A heap-based buffer over-read was discovered in wasm::WasmBinaryBuilde ...)
	- binaryen 64-1
	NOTE: https://github.com/WebAssembly/binaryen/issues/1864
CVE-2019-7699 (A heap-based buffer over-read occurs in AP4_BitStream::WriteBytes in C ...)
	NOT-FOR-US: Bento4
CVE-2019-7698 (An issue was discovered in AP4_Array&lt;AP4_CttsTableEntry&gt;::Ensure ...)
	NOT-FOR-US: Bento4
CVE-2019-7697 (An issue was discovered in Bento4 v1.5.1-627. There is an assertion fa ...)
	NOT-FOR-US: Bento4
CVE-2019-7696
	RESERVED
CVE-2019-7695
	RESERVED
CVE-2019-7694
	RESERVED
CVE-2019-7693 (Axios Italia Axios RE 1.7.0/7.0.0 devices have XSS via the RELogOff.as ...)
	NOT-FOR-US: Axios Italia Axios RE devices
CVE-2019-7692 (install/install.php in CIM 0.9.3 allows remote attackers to execute ar ...)
	NOT-FOR-US: CIM
CVE-2019-7691
	RESERVED
CVE-2019-7690 (In MobaTek MobaXterm Personal Edition v11.1 Build 3860, the SSH privat ...)
	NOT-FOR-US: MobaTek MobaXterm
CVE-2019-7689
	RESERVED
CVE-2019-7688
	RESERVED
CVE-2019-7687 (cgi-bin/qcmap_web_cgi on JioFi 4 jmr1140 Amtel_JMR1140_R12.07 devices  ...)
	NOT-FOR-US: JioFi 4 jmr1140 Amtel_JMR1140_R12.07 devices
CVE-2019-7686
	RESERVED
CVE-2019-7685
	RESERVED
CVE-2019-7684 (inxedu through 2018-12-24 has a vulnerability that can lead to the upl ...)
	NOT-FOR-US: inxedu
CVE-2019-7683
	RESERVED
CVE-2019-7682
	RESERVED
CVE-2019-7681
	RESERVED
CVE-2019-7680
	RESERVED
CVE-2019-7679
	RESERVED
CVE-2019-7678 (A directory traversal vulnerability was discovered in Enphase Envoy R3 ...)
	NOT-FOR-US: Enphase Envoy
CVE-2019-7677 (XSS exists in Enphase Envoy R3.*.* via the profileName parameter to th ...)
	NOT-FOR-US: Enphase Envoy
CVE-2019-7676 (A weak password vulnerability was discovered in Enphase Envoy R3.*.*.  ...)
	NOT-FOR-US: Enphase Envoy
CVE-2019-7675 (An issue was discovered on MOBOTIX S14 MX-V4.2.1.61 devices. The defau ...)
	NOT-FOR-US: MOBOTIX
CVE-2019-7674 (An issue was discovered on MOBOTIX S14 MX-V4.2.1.61 devices. /admin/ac ...)
	NOT-FOR-US: MOBOTIX
CVE-2019-7673 (An issue was discovered on MOBOTIX S14 MX-V4.2.1.61 devices. Administr ...)
	NOT-FOR-US: MOBOTIX
CVE-2019-7672 (Prima Systems FlexAir, Versions 2.3.38 and prior. The flash version of ...)
	NOT-FOR-US: Prima Systems FlexAir devices
CVE-2019-7671 (Prima Systems FlexAir, Versions 2.3.38 and prior. Parameters sent to s ...)
	NOT-FOR-US: Prima Systems FlexAir devices
CVE-2019-7670 (Prima Systems FlexAir, Versions 2.3.38 and prior. The application inco ...)
	NOT-FOR-US: Prima Systems FlexAir devices
CVE-2019-7669 (Prima Systems FlexAir, Versions 2.3.38 and prior. Improper validation  ...)
	NOT-FOR-US: Prima Systems FlexAir devices
CVE-2019-7668 (Prima Systems FlexAir devices have Default Credentials. ...)
	NOT-FOR-US: Prima Systems FlexAir devices
CVE-2019-7667 (Prima Systems FlexAir, Versions 2.3.38 and prior. The application gene ...)
	NOT-FOR-US: Prima Systems FlexAir devices
CVE-2019-7666 (Prima Systems FlexAir, Versions 2.3.38 and prior. The application allo ...)
	NOT-FOR-US: Prima Systems FlexAir devices
CVE-2019-7665 (In elfutils 0.175, a heap-based buffer over-read was discovered in the ...)
	{DLA-1689-1}
	- elfutils 0.176-1 (low; bug #921880)
	[stretch] - elfutils <no-dsa> (Minor issue)
	NOTE: https://sourceware.org/bugzilla/show_bug.cgi?id=24089
	NOTE: https://sourceware.org/ml/elfutils-devel/2019-q1/msg00049.html
	NOTE: https://sourceware.org/git/?p=elfutils.git;a=commit;h=de01cc6f9446187d69b9748bb3636361c79e77a4
CVE-2019-7664 (In elfutils 0.175, a negative-sized memcpy is attempted in elf_cvt_not ...)
	- elfutils 0.176-1 (low; bug #921881)
	[stretch] - elfutils <no-dsa> (Minor issue)
	[jessie] - elfutils <not-affected> (Vulnerable code introduced later)
	NOTE: https://sourceware.org/bugzilla/show_bug.cgi?id=24084
	NOTE: https://sourceware.org/git/?p=elfutils.git;a=commit;h=e65d91d21cb09d83b001fef9435e576ba447db32
CVE-2019-7663 (An Invalid Address dereference was discovered in TIFFWriteDirectoryTag ...)
	{DLA-1680-1}
	- tiff 4.0.10-4
	[stretch] - tiff <postponed> (Minor issue)
	- tiff3 <removed>
	NOTE: http://bugzilla.maptools.org/show_bug.cgi?id=2833
	NOTE: Fixed by: https://gitlab.com/libtiff/libtiff/commit/802d3cbf3043be5dce5317e140ccb1c17a6a2d39
	NOTE: Same patch as CVE-2018-17000 but different issue. As well different
	NOTE: issue than CVE-2018-12900.
CVE-2019-7662 (An assertion failure was discovered in wasm::WasmBinaryBuilder::getTyp ...)
	- binaryen 66-1
	NOTE: https://github.com/WebAssembly/binaryen/issues/1872
CVE-2019-7661 (An issue was discovered in PHPMyWind 5.5. The method parameter of the  ...)
	NOT-FOR-US: PHPMyWind
CVE-2019-7660 (An issue was discovered in PHPMyWind 5.5. The username parameter of th ...)
	NOT-FOR-US: PHPMyWind
CVE-2019-7659 (Genivia gSOAP 2.7.x and 2.8.x before 2.8.75 allows attackers to cause  ...)
	{DLA-1681-1}
	- gsoap 2.8.75-1
	[stretch] - gsoap 2.8.35-4+deb9u2
	- r-other-x4r 1.0.1+git20150806.c6bd9bd-2
	NOTE: https://www.genivia.com/advisory.html#Bug_in_gSOAP_versions_2.7.0_to_2.8.74_for_applications_built_with_the_WITH_COOKIES_flag_enabled_
	NOTE: https://lists.debian.org/debian-lts/2019/02/msg00131.html
CVE-2019-7658
	RESERVED
CVE-2019-7657
	RESERVED
CVE-2019-7656 (A privilege escalation vulnerability in Wowza Streaming Engine 4.7.7 a ...)
	NOT-FOR-US: Wowza Streaming Engine
CVE-2019-7655 (Wowza Streaming Engine 4.7.7 and 4.7.8 suffers from multiple authentic ...)
	NOT-FOR-US: Wowza Streaming Engine
CVE-2019-7654 (Wowza Streaming Engine 4.7.7 and 4.7.8 suffers from multiple CSRF vuln ...)
	NOT-FOR-US: Wowza Streaming Engine
CVE-2019-7652 (TheHive Project UnshortenLink analyzer before 1.1, included in Cortex- ...)
	NOT-FOR-US: TheHive Project UnshortenLink analyzer
CVE-2019-7651 (EPP.sys in Emsisoft Anti-Malware prior to version 2018.12 allows an at ...)
	NOT-FOR-US: Emsisoft Anti-Malware
CVE-2019-7650
	RESERVED
CVE-2019-7653 (The Debian python-rdflib-tools 4.2.2-1 package for RDFLib 4.2.2 has CL ...)
	{DLA-1717-1}
	- rdflib 4.2.2-2 (low; bug #921751)
	[stretch] - rdflib <no-dsa> (Minor issue)
	NOTE: Debian specific issue as respective scripts are overwritten in Debian
	NOTE: packaging as wrappers invoking python -m.
CVE-2019-7649 (global.encryptPassword in bootstrap/global.js in CMSWing 1.3.7 relies  ...)
	NOT-FOR-US: CMSWing
CVE-2019-7648 (controller/fetchpwd.php and controller/doAction.php in Hotels_Server t ...)
	NOT-FOR-US: Hotels_Server
CVE-2019-7647
	RESERVED
CVE-2019-7646 (CentOS-WebPanel.com (aka CWP) CentOS Web Panel through 0.9.8.763 is vu ...)
	NOT-FOR-US: CentOS Web Panel
CVE-2019-7645
	RESERVED
CVE-2019-7644 (Auth0 Auth0-WCF-Service-JWT before 1.0.4 leaks the expected JWT signat ...)
	NOT-FOR-US: Auth0 Auth0-WCF-Service-JWT
CVE-2019-7643
	RESERVED
CVE-2019-7642 (D-Link routers with the mydlink feature have some web interfaces witho ...)
	NOT-FOR-US: D-Link
CVE-2019-7641
	RESERVED
CVE-2019-7640
	RESERVED
CVE-2019-7639 (An issue was discovered in gsi-openssh-server 7.9p1 on Fedora 29. If P ...)
	NOT-FOR-US: gsi-openssh-server (OpenSSH patched with openssh-7.9p1-gsissh.patch)
CVE-2019-7638 (SDL (Simple DirectMedia Layer) through 1.2.15 and 2.x through 2.0.9 ha ...)
	{DLA-1714-1 DLA-1713-1}
	- libsdl1.2 1.2.15+dfsg2-5 (bug #924609)
	[buster] - libsdl1.2 <no-dsa> (Minor issue)
	[stretch] - libsdl1.2 <no-dsa> (Minor issue)
	- libsdl2 2.0.10+dfsg1-1 (bug #924610)
	[buster] - libsdl2 <no-dsa> (Minor issue)
	[stretch] - libsdl2 <no-dsa> (Minor issue)
	NOTE: https://bugzilla.libsdl.org/show_bug.cgi?id=4500
	NOTE: https://hg.libsdl.org/SDL/rev/19d8c3b9c251 (SDL-1.2)
	NOTE: https://hg.libsdl.org/SDL/rev/07c39cbbeacf
CVE-2019-7637 (SDL (Simple DirectMedia Layer) through 1.2.15 and 2.x through 2.0.9 ha ...)
	{DLA-1714-1 DLA-1713-1}
	- libsdl1.2 1.2.15+dfsg2-5 (bug #924609)
	[buster] - libsdl1.2 <no-dsa> (Minor issue)
	[stretch] - libsdl1.2 <no-dsa> (Minor issue)
	- libsdl2 2.0.6+dfsg1-4 (bug #924610)
	[stretch] - libsdl2 <no-dsa> (Minor issue)
	NOTE: https://bugzilla.libsdl.org/show_bug.cgi?id=4497
	NOTE: https://hg.libsdl.org/SDL/rev/9b0e5c555c0f (SDL-1.2)
	NOTE: https://hg.libsdl.org/SDL/rev/32075e9e2135 (SDL-1.2)
	NOTE: Patch causes regressions for some applications/games:
	NOTE: https://bugzilla.suse.com/show_bug.cgi?id=1124825
	NOTE: https://hg.libsdl.org/SDL/rev/81a4950907a0 (SDL-2)
	NOTE: For SDL-2 the fix for CVE-2017-2888 fixes as well CVE-2019-7637.
CVE-2019-7636 (SDL (Simple DirectMedia Layer) through 1.2.15 and 2.x through 2.0.9 ha ...)
	{DLA-1714-1 DLA-1713-1}
	- libsdl1.2 1.2.15+dfsg2-5 (bug #924609)
	[buster] - libsdl1.2 <no-dsa> (Minor issue)
	[stretch] - libsdl1.2 <no-dsa> (Minor issue)
	- libsdl2 2.0.10+dfsg1-1 (bug #924610)
	[buster] - libsdl2 <no-dsa> (Minor issue)
	[stretch] - libsdl2 <no-dsa> (Minor issue)
	NOTE: https://bugzilla.libsdl.org/show_bug.cgi?id=4499
	NOTE: https://hg.libsdl.org/SDL/rev/19d8c3b9c251 (SDL-1.2)
	NOTE: https://hg.libsdl.org/SDL/rev/07c39cbbeacf (SDL-2)
CVE-2019-7635 (SDL (Simple DirectMedia Layer) through 1.2.15 and 2.x through 2.0.9 ha ...)
	{DLA-1865-1 DLA-1861-1 DLA-1714-1 DLA-1713-1}
	- libsdl1.2 1.2.15+dfsg2-5 (bug #924609)
	[buster] - libsdl1.2 <no-dsa> (Minor issue)
	[stretch] - libsdl1.2 <no-dsa> (Minor issue)
	- libsdl2 2.0.10+dfsg1-1 (bug #924610)
	[buster] - libsdl2 <no-dsa> (Minor issue)
	[stretch] - libsdl2 <no-dsa> (Minor issue)
	- sdl-image1.2 1.2.12-11 (bug #932755)
	[buster] - sdl-image1.2 1.2.12-10+deb10u1
	[stretch] - sdl-image1.2 1.2.12-5+deb9u2
	- libsdl2-image 2.0.5+dfsg1-1 (bug #932754)
	[buster] - libsdl2-image 2.0.4+dfsg1-1+deb10u1
	[stretch] - libsdl2-image 2.0.1+dfsg-2+deb9u2
	NOTE: https://bugzilla.libsdl.org/show_bug.cgi?id=4498
	NOTE: https://hg.libsdl.org/SDL/rev/7c643f1c1887 (SDL-2)
	NOTE: two patches initially merged for SDL-1.2:
	NOTE: https://hg.libsdl.org/SDL/rev/08f3b4992538 (SDL-1.2) (correct)
	NOTE: https://hg.libsdl.org/SDL/rev/4646533663ae (SDL-1.2) (broken)
	NOTE: the second one is incorrect as was reverted in
	NOTE: https://hg.libsdl.org/SDL/rev/33940ce0a0ba
	NOTE: https://hg.libsdl.org/SDL_image/rev/03bd33e8cb49 (SDL_image-2)
	NOTE: https://hg.libsdl.org/SDL_image/rev/a3a7cac00d5f (SDL_image-1.2)
CVE-2019-7634
	RESERVED
CVE-2019-7633
	RESERVED
CVE-2019-7632 (LifeSize Team, Room, Passport, and Networker 220 devices allow Authent ...)
	NOT-FOR-US: LifeSize devices
CVE-2019-7631
	RESERVED
CVE-2019-7630 (An issue was discovered in gdrv.sys in Gigabyte APP Center before 19.0 ...)
	NOT-FOR-US: Gigabyte APP Center
CVE-2019-7629 (Stack-based buffer overflow in the strip_vt102_codes function in TinTi ...)
	- tintin++ 2.01.5-2 (low; bug #924348)
	[stretch] - tintin++ <no-dsa> (Minor issue)
	[jessie] - tintin++ <no-dsa> (Minor issue)
CVE-2019-7628 (Pagure 5.2 leaks API keys by e-mailing them to users. Few e-mail serve ...)
	- pagure <not-affected> (Fixed before initial upload to the archive)
CVE-2019-7627
	RESERVED
CVE-2019-7626
	RESERVED
CVE-2019-7625
	RESERVED
CVE-2019-7624
	RESERVED
CVE-2019-7623
	RESERVED
CVE-2019-7622
	RESERVED
CVE-2019-7621 (Kibana versions before 6.8.6 and 7.5.1 contain a cross site scripting  ...)
	- kibana <itp> (bug #700337)
CVE-2019-7620 (Logstash versions before 7.4.1 and 6.8.4 contain a denial of service f ...)
	NOT-FOR-US: Logstash Beats
CVE-2019-7619 (Elasticsearch versions 7.0.0-7.3.2 and 6.7.0-6.8.3 contain a username  ...)
	- elasticsearch <removed>
CVE-2019-7618 (A local file disclosure flaw was found in Elastic Code versions 7.3.0, ...)
	NOT-FOR-US: Elastic Code
CVE-2019-7617 (When the Elastic APM agent for Python versions before 5.1.0 is run as  ...)
	NOT-FOR-US: Elastic APM agent for Python
CVE-2019-7616 (Kibana versions before 6.8.2 and 7.2.1 contain a server side request f ...)
	- kibana <itp> (bug #700337)
CVE-2019-7615 (A TLS certificate validation flaw was found in Elastic APM agent for R ...)
	NOT-FOR-US: Elastic
CVE-2019-7614 (A race condition flaw was found in the response headers Elasticsearch  ...)
	- elasticsearch <removed>
CVE-2019-7613 (Winlogbeat versions before 5.6.16 and 6.6.2 had an insufficient loggin ...)
	NOT-FOR-US: Winlogbeat
CVE-2019-7612 (A sensitive data disclosure flaw was found in the way Logstash version ...)
	- logstash <itp> (bug #664841)
CVE-2019-7611 (A permission issue was found in Elasticsearch versions before 5.6.15 a ...)
	- elasticsearch <removed>
CVE-2019-7610 (Kibana versions before 6.6.1 contain an arbitrary code execution flaw  ...)
	- kibana <itp> (bug #700337)
CVE-2019-7609 (Kibana versions before 5.6.15 and 6.6.1 contain an arbitrary code exec ...)
	- kibana <itp> (bug #700337)
CVE-2019-7608 (Kibana versions before 5.6.15 and 6.6.1 had a cross-site scripting (XS ...)
	- kibana <itp> (bug #700337)
CVE-2019-7607
	RESERVED
CVE-2019-7606
	RESERVED
CVE-2019-7605
	RESERVED
CVE-2019-7604
	RESERVED
CVE-2019-7603
	RESERVED
CVE-2019-7602
	RESERVED
CVE-2019-7601
	RESERVED
CVE-2019-7600
	RESERVED
CVE-2019-7599
	RESERVED
CVE-2019-7598
	RESERVED
CVE-2019-7597
	RESERVED
CVE-2019-7596
	RESERVED
CVE-2019-7595
	RESERVED
CVE-2019-7594 (Metasys&#174; ADS/ADX servers and NAE/NIE/NCE engines prior to 9.0 mak ...)
	NOT-FOR-US: Metasys ADS/ADX
CVE-2019-7593 (Metasys&#174; ADS/ADX servers and NAE/NIE/NCE engines prior to 9.0 mak ...)
	NOT-FOR-US: Metasys ADS/ADX
CVE-2019-7592
	RESERVED
CVE-2019-7591
	RESERVED
CVE-2019-7590 (ExacqVision Server&#8217;s services 'exacqVisionServer', 'dvrdhcpserve ...)
	NOT-FOR-US: ExacqVision
CVE-2019-7589 (A vulnerability with the SmartService API Service option exists whereb ...)
	NOT-FOR-US: SmartService API Service
CVE-2019-7588 (A vulnerability in the exacqVision Enterprise System Manager (ESM) v5. ...)
	NOT-FOR-US: exacqVision Enterprise System Manager
CVE-2019-7587 (Bo-blog Wind through 1.6.0-r allows SQL Injection via the admin.php/co ...)
	NOT-FOR-US: Bo-blog Wind
CVE-2019-7586
	RESERVED
CVE-2019-7585 (An issue was discovered in Waimai Super Cms 20150505. web/Lib/Action/P ...)
	NOT-FOR-US: Waimai Super Cms
CVE-2019-7584
	RESERVED
CVE-2019-7583
	RESERVED
CVE-2019-7582 (The readBytes function in util/read.c in libming through 0.4.8 allows  ...)
	- ming <removed>
	NOTE: https://github.com/libming/libming/issues/172
CVE-2019-7581 (The parseSWF_ACTIONRECORD function in util/parser.c in libming through ...)
	- ming <removed>
	NOTE: https://github.com/libming/libming/issues/173
CVE-2019-7580 (ThinkCMF 5.0.190111 allows remote attackers to execute arbitrary PHP c ...)
	NOT-FOR-US: ThinkCMF
CVE-2019-7579 (An issue was discovered on Linksys WRT1900ACS 1.0.3.187766 devices. An ...)
	NOT-FOR-US: Linksys
CVE-2019-7578 (SDL (Simple DirectMedia Layer) through 1.2.15 and 2.x through 2.0.9 ha ...)
	{DLA-1714-1 DLA-1713-1}
	- libsdl1.2 1.2.15+dfsg2-5 (bug #924609)
	[buster] - libsdl1.2 <no-dsa> (Minor issue)
	[stretch] - libsdl1.2 <no-dsa> (Minor issue)
	- libsdl2 2.0.10+dfsg1-1 (bug #924610)
	[buster] - libsdl2 <no-dsa> (Minor issue)
	[stretch] - libsdl2 <no-dsa> (Minor issue)
	NOTE: https://bugzilla.libsdl.org/show_bug.cgi?id=4494
	NOTE: https://hg.libsdl.org/SDL/rev/388987dff7bf (SDL-1.2)
	NOTE: https://hg.libsdl.org/SDL/rev/f9a9d6c76b21 (SDL-2)
CVE-2019-7577 (SDL (Simple DirectMedia Layer) through 1.2.15 and 2.x through 2.0.9 ha ...)
	{DLA-1714-1 DLA-1713-1}
	- libsdl1.2 1.2.15+dfsg2-5 (bug #924609)
	[buster] - libsdl1.2 <no-dsa> (Minor issue)
	[stretch] - libsdl1.2 <no-dsa> (Minor issue)
	- libsdl2 2.0.10+dfsg1-1 (bug #924610)
	[buster] - libsdl2 <no-dsa> (Minor issue)
	[stretch] - libsdl2 <no-dsa> (Minor issue)
	NOTE: https://bugzilla.libsdl.org/show_bug.cgi?id=4492
	NOTE: https://hg.libsdl.org/SDL/rev/faf9abbcfb5f (SDL-1.2)
	NOTE: https://hg.libsdl.org/SDL/rev/416136310b88 (SDL-1.2)
	NOTE: SDL2 was probably fixed during a refactoring, no targeted fix available:
	NOTE: https://hg.libsdl.org/SDL/rev/b06fa7da012b (SDL-2)
CVE-2019-7576 (SDL (Simple DirectMedia Layer) through 1.2.15 and 2.x through 2.0.9 ha ...)
	{DLA-1714-1 DLA-1713-1}
	- libsdl1.2 1.2.15+dfsg2-5 (bug #924609)
	[buster] - libsdl1.2 <no-dsa> (Minor issue)
	[stretch] - libsdl1.2 <no-dsa> (Minor issue)
	- libsdl2 2.0.10+dfsg1-1 (bug #924610)
	[buster] - libsdl2 <no-dsa> (Minor issue)
	[stretch] - libsdl2 <no-dsa> (Minor issue)
	NOTE: https://bugzilla.libsdl.org/show_bug.cgi?id=4490
	NOTE: Proposed patch: https://bugzilla.libsdl.org/attachment.cgi?id=3620&action=diff
	NOTE: very similar bug to CVE-2019-7573, fix for CVE-2019-7573 is applicable to this
CVE-2019-7575 (SDL (Simple DirectMedia Layer) through 1.2.15 and 2.x through 2.0.9 ha ...)
	{DLA-1714-1 DLA-1713-1}
	- libsdl1.2 1.2.15+dfsg2-5 (bug #924609)
	[buster] - libsdl1.2 <no-dsa> (Minor issue)
	[stretch] - libsdl1.2 <no-dsa> (Minor issue)
	- libsdl2 2.0.10+dfsg1-1 (bug #924610)
	[buster] - libsdl2 <no-dsa> (Minor issue)
	[stretch] - libsdl2 <no-dsa> (Minor issue)
	NOTE: https://bugzilla.libsdl.org/show_bug.cgi?id=4493
	NOTE: https://hg.libsdl.org/SDL/rev/a936f9bd3e38 (SDL-1.2)
	NOTE: SDL2 was probably fixed during a refactoring, no targeted fix available:
	NOTE: https://hg.libsdl.org/SDL/rev/b06fa7da012b (SDL-2)
CVE-2019-7574 (SDL (Simple DirectMedia Layer) through 1.2.15 and 2.x through 2.0.9 ha ...)
	{DLA-1714-1 DLA-1713-1}
	- libsdl1.2 1.2.15+dfsg2-5 (bug #924609)
	[buster] - libsdl1.2 <no-dsa> (Minor issue)
	[stretch] - libsdl1.2 <no-dsa> (Minor issue)
	- libsdl2 2.0.10+dfsg1-1 (bug #924610)
	[buster] - libsdl2 <no-dsa> (Minor issue)
	[stretch] - libsdl2 <no-dsa> (Minor issue)
	NOTE: https://bugzilla.libsdl.org/show_bug.cgi?id=4496
	NOTE: https://hg.libsdl.org/SDL/rev/a6e3d2f5183e (SDL-1.2)
	NOTE: SDL2 was probably fixed during a refactoring, no targeted fix available:
	NOTE: https://hg.libsdl.org/SDL/rev/b06fa7da012b (SDL-2)
CVE-2019-7573 (SDL (Simple DirectMedia Layer) through 1.2.15 and 2.x through 2.0.9 ha ...)
	{DLA-1714-1 DLA-1713-1}
	- libsdl1.2 1.2.15+dfsg2-5 (bug #924609)
	[buster] - libsdl1.2 <no-dsa> (Minor issue)
	[stretch] - libsdl1.2 <no-dsa> (Minor issue)
	- libsdl2 2.0.10+dfsg1-1 (bug #924610)
	[buster] - libsdl2 <no-dsa> (Minor issue)
	[stretch] - libsdl2 <no-dsa> (Minor issue)
	NOTE: https://bugzilla.libsdl.org/show_bug.cgi?id=4491
	NOTE: same patch as CVE-2019-7576
	NOTE: https://hg.libsdl.org/SDL/rev/fcbecae42795 (SDL-1.2)
	NOTE: SDL2 was probably fixed during a refactoring, no targeted fix available:
	NOTE: https://hg.libsdl.org/SDL/rev/b06fa7da012b (SDL-2)
CVE-2019-7572 (SDL (Simple DirectMedia Layer) through 1.2.15 and 2.x through 2.0.9 ha ...)
	{DLA-1714-1 DLA-1713-1}
	- libsdl1.2 1.2.15+dfsg2-5 (bug #924609)
	[buster] - libsdl1.2 <no-dsa> (Minor issue)
	[stretch] - libsdl1.2 <no-dsa> (Minor issue)
	- libsdl2 2.0.10+dfsg1-1 (bug #924610)
	[buster] - libsdl2 <no-dsa> (Minor issue)
	[stretch] - libsdl2 <no-dsa> (Minor issue)
	NOTE: https://bugzilla.libsdl.org/show_bug.cgi?id=4495
	NOTE: https://hg.libsdl.org/SDL/rev/e52413f52586 (SDL-1.2)
	NOTE: https://hg.libsdl.org/SDL/rev/a8afedbcaea0 (SDL-1.2)
	NOTE: SDL2 was probably fixed during a refactoring, no targeted fix available:
	NOTE: https://hg.libsdl.org/SDL/rev/b06fa7da012b (SDL-2)
CVE-2019-7571
	RESERVED
CVE-2019-7570 (A CSRF vulnerability was found in PbootCMS v1.3.6 that can delete user ...)
	NOT-FOR-US: PbootCMS
CVE-2019-7569 (An issue was discovered in DOYO (aka doyocms) 2.3(20140425 update). Th ...)
	NOT-FOR-US: doyocms
CVE-2019-7568 (An issue was discovered in baijiacms V4 that can result in time-based  ...)
	NOT-FOR-US: baijiacms
CVE-2019-7567 (An issue was discovered in Waimai Super Cms 20150505. admin.php?m=Memb ...)
	NOT-FOR-US: Waimai Super Cms
CVE-2019-7566 (CSZ CMS 1.1.8 has CSRF via admin/users/new/add. ...)
	NOT-FOR-US: CSZ CMS
CVE-2019-7565
	RESERVED
CVE-2019-7564 (An issue was discovered on Shenzhen Coship WM3300 WiFi Router 5.0.0.55 ...)
	NOT-FOR-US: Shenzhen Coship WM3300 WiFi Router devices
CVE-2019-7563
	RESERVED
CVE-2019-7562
	RESERVED
CVE-2019-7561
	RESERVED
CVE-2019-7560 (In parser/btorsmt2.c in Boolector 3.0.0, opening a specially crafted i ...)
	- boolector <not-affected> (Vulnerable code introduced later)
	NOTE: https://github.com/Boolector/boolector/issues/28
	NOTE: https://github.com/Boolector/boolector/issues/29
	NOTE: https://github.com/Boolector/boolector/commit/8d979d02e0482c7137c9f3a34e6d430dbfd1f5c5
CVE-2019-7559 (In btor2parser/btor2parser.c in Boolector Btor2Tools before 2019-01-15 ...)
	NOT-FOR-US: Boolector Btor2Tools
CVE-2019-7558
	RESERVED
CVE-2019-7557
	RESERVED
CVE-2019-7556
	RESERVED
CVE-2019-7555
	RESERVED
CVE-2019-7554 (An issue was discovered in PHP Scripts Mall API Based Travel Booking 3 ...)
	NOT-FOR-US: PHP Scripts Mall API Based Travel Booking
CVE-2019-7553 (PHP Scripts Mall Chartered Accountant : Auditor Website 2.0.1 has Stor ...)
	NOT-FOR-US: PHP Scripts Mall Chartered Accountant : Auditor Website
CVE-2019-7552 (An issue was discovered in PHP Scripts Mall Investment MLM Software 2. ...)
	NOT-FOR-US: PHP Scripts Mall Investment MLM Software
CVE-2019-7551 (Cantemo Portal before 3.2.13, 3.3.x before 3.3.8, and 3.4.x before 3.4 ...)
	NOT-FOR-US: Cantemo Portal
CVE-2019-7550 (In JForum 2.1.8, an unauthenticated, remote attacker can enumerate whe ...)
	NOT-FOR-US: JForum
CVE-2019-7549 (An issue was discovered in GitLab Community and Enterprise Edition 10. ...)
	- gitlab 11.5.10+dfsg-1 (bug #921059)
	NOTE: https://about.gitlab.com/2019/01/31/security-release-gitlab-11-dot-7-dot-3-released/
CVE-2019-7548 (SQLAlchemy 1.2.17 has SQL Injection when the group_by parameter can be ...)
	{DLA-1718-1}
	[experimental] - sqlalchemy 1.3.0~b3+ds1-1
	- sqlalchemy 1.2.18+ds1-2 (bug #922669)
	NOTE: https://github.com/sqlalchemy/sqlalchemy/issues/4481
	NOTE: https://github.com/sqlalchemy/sqlalchemy/commit/30307c4616ad67c01ddae2e1e8e34fabf6028414
CVE-2019-7547 (An issue was discovered in SIDU 6.0. Because the database name is not  ...)
	NOT-FOR-US: SIDU
CVE-2019-7546 (An issue was discovered in SIDU 6.0. The dbs parameter of the conn.php ...)
	NOT-FOR-US: SIDU
CVE-2019-7545 (In DbNinja 3.2.7, the Add Host function of the Manage Hosts pages has  ...)
	NOT-FOR-US: DbNinja
CVE-2019-7544 (An issue was discovered in MyWebSQL 3.7. The Add User function of the  ...)
	NOT-FOR-US: MyWebSQL
CVE-2019-7543 (In KindEditor 4.1.11, the php/demo.php content1 parameter has a reflec ...)
	NOT-FOR-US: KindEditor
CVE-2019-7542
	RESERVED
CVE-2019-7541 (Rukovoditel through 2.4.1 allows XSS via a URL that lacks a module=use ...)
	NOT-FOR-US: Rukovoditel
CVE-2019-7540
	RESERVED
CVE-2019-7539 (A code injection issue was discovered in ipycache through 2016-05-31. ...)
	NOT-FOR-US: ipycache
CVE-2019-7538
	RESERVED
CVE-2019-7537 (An issue was discovered in Donfig 0.3.0. There is a vulnerability in t ...)
	NOT-FOR-US: Donfig
CVE-2019-7536
	RESERVED
CVE-2019-7535 (index.php in Gurock TestRail 5.3.0.3603 returns potentially sensitive  ...)
	NOT-FOR-US: Gurock TestRail
CVE-2019-7534
	RESERVED
CVE-2019-7533
	RESERVED
CVE-2019-7532
	RESERVED
CVE-2019-7531
	RESERVED
CVE-2019-7530
	RESERVED
CVE-2019-7529
	RESERVED
CVE-2019-7528
	RESERVED
CVE-2019-7527
	RESERVED
CVE-2019-7526
	RESERVED
CVE-2019-7525
	RESERVED
CVE-2019-7524 (In Dovecot before 2.2.36.3 and 2.3.x before 2.3.5.1, a local attacker  ...)
	{DSA-4418-1 DLA-1736-1}
	- dovecot 1:2.3.4.1-3
	NOTE: https://github.com/dovecot/core/commit/37eeaef1587a3b99be97cb090094de19e374905c
	NOTE: https://github.com/dovecot/core/commit/a02c16889f1f3411e9a16b96221c2795d5fdb974
CVE-2019-7523
	RESERVED
CVE-2019-7522
	RESERVED
CVE-2019-7521
	RESERVED
CVE-2019-7520
	RESERVED
CVE-2019-7519
	RESERVED
CVE-2019-7518
	RESERVED
CVE-2019-7517
	RESERVED
CVE-2019-7516
	RESERVED
CVE-2019-7515
	RESERVED
CVE-2019-7514
	RESERVED
CVE-2019-7513
	RESERVED
CVE-2019-7512
	RESERVED
CVE-2019-7511
	RESERVED
CVE-2019-7510
	RESERVED
CVE-2019-7509
	RESERVED
CVE-2019-7508
	RESERVED
CVE-2019-7507
	RESERVED
CVE-2019-7506
	RESERVED
CVE-2019-7505
	RESERVED
CVE-2019-7504
	RESERVED
CVE-2019-7503
	RESERVED
CVE-2019-7502
	RESERVED
CVE-2019-7501
	RESERVED
CVE-2019-7500
	RESERVED
CVE-2019-7499
	RESERVED
CVE-2019-7498
	RESERVED
CVE-2019-7497
	RESERVED
CVE-2019-7496
	RESERVED
CVE-2019-7495
	RESERVED
CVE-2019-7494
	RESERVED
CVE-2019-7493
	RESERVED
CVE-2019-7492
	RESERVED
CVE-2019-7491
	RESERVED
CVE-2019-7490
	RESERVED
CVE-2019-7489 (A vulnerability in SonicWall Email Security appliance allow an unauthe ...)
	NOT-FOR-US: SonicWall Email Security appliance
CVE-2019-7488 (Weak default password cause vulnerability in SonicWall Email Security  ...)
	NOT-FOR-US: SonicWall Email Security appliance
CVE-2019-7487 (Installation of the SonicOS SSLVPN NACagent 3.5 on the Windows operati ...)
	NOT-FOR-US: onicOS SSLVPN NACagent
CVE-2019-7486 (Code injection in SonicWall SMA100 allows an authenticated user to exe ...)
	NOT-FOR-US: SonicWall SMA100
CVE-2019-7485 (Buffer overflow in SonicWall SMA100 allows an authenticated user to ex ...)
	NOT-FOR-US: SonicWall SMA100
CVE-2019-7484 (Authenticated SQL Injection in SonicWall SMA100 allow user to gain rea ...)
	NOT-FOR-US: SonicWall SMA100
CVE-2019-7483 (In SonicWall SMA100, an unauthenticated Directory Traversal vulnerabil ...)
	NOT-FOR-US: SonicWall SMA100
CVE-2019-7482 (Stack-based buffer overflow in SonicWall SMA100 allows an unauthentica ...)
	NOT-FOR-US: SonicWall SMA100
CVE-2019-7481 (Vulnerability in SonicWall SMA100 allow unauthenticated user to gain r ...)
	NOT-FOR-US: SonicWall SMA100
CVE-2019-7480
	RESERVED
CVE-2019-7479 (A vulnerability in SonicOS allow authenticated read-only admin can ele ...)
	NOT-FOR-US: SonicOS
CVE-2019-7478 (A vulnerability in GMS allow unauthenticated user to SQL injection in  ...)
	NOT-FOR-US: SonicWall
CVE-2019-7477 (A vulnerability in SonicWall SonicOS and SonicOSv TLS CBC Cipher allow ...)
	NOT-FOR-US: SonicWall
CVE-2019-7476 (A vulnerability in SonicWall Global Management System (GMS), allow a r ...)
	NOT-FOR-US: SonicWall Global Management System
CVE-2019-7475 (A vulnerability in SonicWall SonicOS and SonicOSv with management enab ...)
	NOT-FOR-US: SonicWall
CVE-2019-7474 (A vulnerability in SonicWall SonicOS and SonicOSv, allow authenticated ...)
	NOT-FOR-US: SonicWall
CVE-2019-7473
	RESERVED
CVE-2019-7472
	RESERVED
CVE-2019-7471
	RESERVED
CVE-2019-7470
	RESERVED
CVE-2019-7469
	RESERVED
CVE-2019-7468
	RESERVED
CVE-2019-7467
	RESERVED
CVE-2019-7466
	RESERVED
CVE-2019-7465
	RESERVED
CVE-2019-7464
	RESERVED
CVE-2019-7463
	RESERVED
CVE-2019-7462
	RESERVED
CVE-2019-XXXX [netmask: buffer overflow vulnerability]
	- netmask 2.4.4-1 (unimportant; bug #921565)
	[jessie] - netmask 2.3.12+deb8u1
	NOTE: https://github.com/tlby/netmask/issues/3
	NOTE: https://github.com/tlby/netmask/commit/29a9c239bd1008363f5b34ffd6c2cef906f3660c
	NOTE: No security impact due to toolchain hardening in stretch, negligable impact in older suites
CVE-2019-1003023 (A cross-site scripting vulnerability exists in Jenkins Warnings Next G ...)
	NOT-FOR-US: Jenkins plugin
CVE-2019-1003022 (A denial of service vulnerability exists in Jenkins Monitoring Plugin  ...)
	NOT-FOR-US: Jenkins plugin
CVE-2019-1003021 (An exposure of sensitive information vulnerability exists in Jenkins O ...)
	NOT-FOR-US: Jenkins plugin
CVE-2019-1003020 (A server-side request forgery vulnerability exists in Jenkins Kanboard ...)
	NOT-FOR-US: Jenkins plugin
CVE-2019-1003019 (An session fixation vulnerability exists in Jenkins GitHub Authenticat ...)
	NOT-FOR-US: Jenkins plugin
CVE-2019-1003018 (An exposure of sensitive information vulnerability exists in Jenkins G ...)
	NOT-FOR-US: Jenkins plugin
CVE-2019-1003017 (A data modification vulnerability exists in Jenkins Job Import Plugin  ...)
	NOT-FOR-US: Jenkins plugin
CVE-2019-1003016 (An exposure of sensitive information vulnerability exists in Jenkins J ...)
	NOT-FOR-US: Jenkins plugin
CVE-2019-1003015 (An XML external entity processing vulnerability exists in Jenkins Job  ...)
	NOT-FOR-US: Jenkins plugin
CVE-2019-1003014 (An cross-site scripting vulnerability exists in Jenkins Config File Pr ...)
	NOT-FOR-US: Jenkins plugin
CVE-2019-1003013 (An cross-site scripting vulnerability exists in Jenkins Blue Ocean Plu ...)
	NOT-FOR-US: Jenkins plugin
CVE-2019-1003012 (A data modification vulnerability exists in Jenkins Blue Ocean Plugins ...)
	NOT-FOR-US: Jenkins plugin
CVE-2019-1003011 (An information exposure and denial of service vulnerability exists in  ...)
	NOT-FOR-US: Jenkins plugin
CVE-2019-1003010 (A cross-site request forgery vulnerability exists in Jenkins Git Plugi ...)
	NOT-FOR-US: Jenkins plugin
CVE-2019-1003009 (An improper certificate validation vulnerability exists in Jenkins Act ...)
	NOT-FOR-US: Jenkins plugin
CVE-2019-1003008 (A cross-site request forgery vulnerability exists in Jenkins Warnings  ...)
	NOT-FOR-US: Jenkins plugin
CVE-2019-1003007 (A cross-site request forgery vulnerability exists in Jenkins Warnings  ...)
	NOT-FOR-US: Jenkins plugin
CVE-2019-1003006 (A sandbox bypass vulnerability exists in Jenkins Groovy Plugin 2.0 and ...)
	NOT-FOR-US: Jenkins plugin
CVE-2019-1003005 (A sandbox bypass vulnerability exists in Jenkins Script Security Plugi ...)
	NOT-FOR-US: Jenkins plugin
CVE-2019-7461
	RESERVED
CVE-2019-7460
	RESERVED
CVE-2019-7459
	RESERVED
CVE-2019-7458
	RESERVED
CVE-2019-7457
	RESERVED
CVE-2019-7456
	RESERVED
CVE-2019-7455
	RESERVED
CVE-2019-7454
	RESERVED
CVE-2019-7453
	RESERVED
CVE-2019-7452
	RESERVED
CVE-2019-7451
	RESERVED
CVE-2019-7450
	RESERVED
CVE-2019-7449
	RESERVED
CVE-2019-7448
	RESERVED
CVE-2019-7447
	RESERVED
CVE-2019-7446
	RESERVED
CVE-2019-7445
	RESERVED
CVE-2019-7444
	RESERVED
CVE-2019-7443 (KDE KAuth before 5.55 allows the passing of parameters with arbitrary  ...)
	- kauth 5.54.0-2 (bug #921995)
	[stretch] - kauth 5.28.0-2+deb9u1
	- kde4libs <removed> (bug #922727)
	[buster] - kde4libs <ignored> (Minor issue)
	[stretch] - kde4libs <ignored> (Minor issue)
	[jessie] - kde4libs <no-dsa> (Minor issue)
	NOTE: https://mail.kde.org/pipermail/kde-announce/2019-February/000011.html
	NOTE: https://cgit.kde.org/kauth.git/commit/?id=fc70fb0161c1b9144d26389434d34dd135cd3f4a
CVE-2019-7442 (An XML external entity (XXE) vulnerability in the Password Vault Web A ...)
	NOT-FOR-US: CyberArk Enterprise Password Vault
CVE-2019-7441 (** DISPUTED ** cgi-bin/webscr?cmd=_cart in the WooCommerce PayPal Chec ...)
	NOT-FOR-US: WooCommerce
CVE-2019-7440 (JioFi 4G M2S 1.0.2 devices have CSRF via the SSID name and Security Ke ...)
	NOT-FOR-US: JioFi
CVE-2019-7439 (cgi-bin/qcmap_web_cgi on JioFi 4G M2S 1.0.2 devices allows a DoS (Hang ...)
	NOT-FOR-US: JioFi
CVE-2019-7438 (cgi-bin/qcmap_web_cgi on JioFi 4G M2S 1.0.2 devices has XSS and HTML i ...)
	NOT-FOR-US: JioFi
CVE-2019-7437 (PHP Scripts Mall Opensource Classified Ads Script 3.2.2 has reflected  ...)
	NOT-FOR-US: PHP Scripts Mall
CVE-2019-7436 (PHP Scripts Mall Opensource Classified Ads Script 3.2.2 has directory  ...)
	NOT-FOR-US: PHP Scripts Mall
CVE-2019-7435 (PHP Scripts Mall Opensource Classified Ads Script 3.2.2 has reflected  ...)
	NOT-FOR-US: PHP Scripts Mall
CVE-2019-7434 (PHP Scripts Mall Rental Bike Script 2.0.3 has directory traversal via  ...)
	NOT-FOR-US: PHP Scripts Mall
CVE-2019-7433 (PHP Scripts Mall Rental Bike Script 2.0.3 has Cross-Site Request Forge ...)
	NOT-FOR-US: PHP Scripts Mall
CVE-2019-7432 (PHP Scripts Mall Rental Bike Script 2.0.3 has HTML injection via the S ...)
	NOT-FOR-US: PHP Scripts Mall
CVE-2019-7431 (PHP Scripts Mall Image Sharing Script 1.3.4 has directory traversal vi ...)
	NOT-FOR-US: PHP Scripts Mall
CVE-2019-7430 (PHP Scripts Mall Image Sharing Script 1.3.4 has HTML injection via the ...)
	NOT-FOR-US: PHP Scripts Mall
CVE-2019-7429 (PHP Scripts Mall Property Rental Software 2.1.4 has directory traversa ...)
	NOT-FOR-US: PHP Scripts Mall
CVE-2019-7428
	RESERVED
CVE-2019-7427 (XSS exists in Zoho ManageEngine Netflow Analyzer Professional v7.0.0.2 ...)
	NOT-FOR-US: Zoho ManageEngine Netflow Analyzer Professional
CVE-2019-7426 (XSS exists in Zoho ManageEngine Netflow Analyzer Professional v7.0.0.2 ...)
	NOT-FOR-US: Zoho ManageEngine Netflow Analyzer Professional
CVE-2019-7425 (XSS exists in Zoho ManageEngine Netflow Analyzer Professional v7.0.0.2 ...)
	NOT-FOR-US: Zoho ManageEngine Netflow Analyzer Professional
CVE-2019-7424 (XSS exists in Zoho ManageEngine Netflow Analyzer Professional v7.0.0.2 ...)
	NOT-FOR-US: Zoho ManageEngine Netflow Analyzer Professional
CVE-2019-7423 (XSS exists in Zoho ManageEngine Netflow Analyzer Professional v7.0.0.2 ...)
	NOT-FOR-US: Zoho ManageEngine Netflow Analyzer Professional
CVE-2019-7422 (XSS exists in Zoho ManageEngine Netflow Analyzer Professional v7.0.0.2 ...)
	NOT-FOR-US: Zoho ManageEngine Netflow Analyzer Professional
CVE-2019-7421 (XSS exists in SAMSUNG X7400GX SyncThru Web Service V6.A6.25 V11.01.05. ...)
	NOT-FOR-US: SAMSUNG X7400GX SyncThru Web Service
CVE-2019-7420 (XSS exists in SAMSUNG X7400GX SyncThru Web Service V6.A6.25 V11.01.05. ...)
	NOT-FOR-US: SAMSUNG X7400GX SyncThru Web Service
CVE-2019-7419 (XSS exists in SAMSUNG X7400GX SyncThru Web Service V6.A6.25 V11.01.05. ...)
	NOT-FOR-US: SAMSUNG X7400GX SyncThru Web Service
CVE-2019-7418 (XSS exists in SAMSUNG X7400GX SyncThru Web Service V6.A6.25 V11.01.05. ...)
	NOT-FOR-US: SAMSUNG X7400GX SyncThru Web Service
CVE-2019-7417 (XSS exists in Ericsson Active Library Explorer (ALEX) 14.3 in multiple ...)
	NOT-FOR-US: Ericsson Active Library Explorer (ALEX)
CVE-2019-7416 (XSS and/or a Client Side URL Redirect exists in OpenText Documentum We ...)
	NOT-FOR-US: OpenText Documentum Webtop
CVE-2019-7415
	RESERVED
CVE-2019-7414
	RESERVED
CVE-2019-7413 (In the Parallax Scroll (aka adamrob-parallax-scroll) plugin before 2.1 ...)
	NOT-FOR-US: Wordpress plugin
CVE-2019-7412 (The PS PHPCaptcha WP plugin before v1.2.0 for WordPress mishandles san ...)
	NOT-FOR-US: Wordpress plugin
CVE-2019-7411 (Multiple stored cross-site scripting (XSS) in the MyThemeShop Launcher ...)
	NOT-FOR-US: MyThemeShop Launcher plugin for WordPress
CVE-2019-7410
	RESERVED
CVE-2019-7409 (Multiple cross-site scripting (XSS) vulnerabilities in ProfileDesign C ...)
	NOT-FOR-US: ProfileDesign CMS
CVE-2019-7408
	RESERVED
CVE-2019-7407
	RESERVED
CVE-2019-7406
	RESERVED
CVE-2019-7405
	RESERVED
CVE-2019-7404 (An issue was discovered on LG GAMP-7100, GAPM-7200, and GAPM-8000 rout ...)
	NOT-FOR-US: LG routers
CVE-2019-7403 (An issue was discovered in PHPMyWind 5.5. It allows remote attackers t ...)
	NOT-FOR-US: PHPMyWind
CVE-2019-7402 (An issue was discovered in PHPMyWind 5.5. The GetQQ function in includ ...)
	NOT-FOR-US: PHPMyWind
CVE-2019-7401 (NGINX Unit before 1.7.1 might allow an attacker to cause a heap-based  ...)
	NOT-FOR-US: NGINX Unit (different from FLOSS nginx)
CVE-2019-7400 (Rukovoditel before 2.4.1 allows XSS. ...)
	NOT-FOR-US: Rukovoditel
CVE-2019-7399 (Amazon Fire OS before 5.3.6.4 allows a man-in-the-middle attack agains ...)
	NOT-FOR-US: Amazon Fire OS
CVE-2019-7398 (In ImageMagick before 7.0.8-25, a memory leak exists in WriteDIBImage  ...)
	- imagemagick <unfixed> (unimportant)
	NOTE: https://github.com/ImageMagick/ImageMagick/issues/1453
CVE-2019-7397 (In ImageMagick before 7.0.8-25 and GraphicsMagick through 1.3.31, seve ...)
	- imagemagick <unfixed> (unimportant)
	- graphicsmagick 1.4~hg15896-1 (unimportant)
	NOTE: https://github.com/ImageMagick/ImageMagick/commit/306c1f0fa5754ca78efd16ab752f0e981d4f6b82
	NOTE: https://github.com/ImageMagick/ImageMagick/issues/1454
CVE-2019-7396 (In ImageMagick before 7.0.8-25, a memory leak exists in ReadSIXELImage ...)
	- imagemagick <unfixed> (unimportant)
	NOTE: https://github.com/ImageMagick/ImageMagick/commit/748a03651e5b138bcaf160d15133de2f4b1b89ce
	NOTE: https://github.com/ImageMagick/ImageMagick/issues/1452
CVE-2019-7395 (In ImageMagick before 7.0.8-25, a memory leak exists in WritePSDChanne ...)
	- imagemagick <unfixed> (unimportant)
	NOTE: https://github.com/ImageMagick/ImageMagick/commit/8a43abefb38c5e29138e1c9c515b313363541c06
	NOTE: https://github.com/ImageMagick/ImageMagick/issues/1451
CVE-2019-7394 (A privilege escalation vulnerability in the administrative user interf ...)
	NOT-FOR-US: CA Technologies
CVE-2019-7393 (A UI redress vulnerability in the administrative user interface of CA  ...)
	NOT-FOR-US: CA Technologies
CVE-2019-7392 (An improper authentication vulnerability in CA Privileged Access Manag ...)
	NOT-FOR-US: CA Privileged Access Manager
CVE-2019-7391 (ZyXEL VMG3312-B10B DSL-491HNU-B1B v2 devices allow login/login-page.cg ...)
	NOT-FOR-US: ZyXEL
CVE-2019-7390 (An issue was discovered in /bin/goahead on D-Link DIR-823G devices wit ...)
	NOT-FOR-US: D-Link
CVE-2019-7389 (An issue was discovered in /bin/goahead on D-Link DIR-823G devices wit ...)
	NOT-FOR-US: D-Link
CVE-2019-7388 (An issue was discovered in /bin/goahead on D-Link DIR-823G devices wit ...)
	NOT-FOR-US: D-Link
CVE-2019-7387 (A local file inclusion vulnerability exists in the web interface of Sy ...)
	NOT-FOR-US: Systrome
CVE-2019-7386 (A Denial of Service issue has been discovered in the Gecko component o ...)
	NOT-FOR-US: KaiOS on Nokia devices
CVE-2019-7385 (An authenticated shell command injection issue has been discovered in  ...)
	NOT-FOR-US: Raisecom GPON Devices
CVE-2019-7384 (An authenticated shell command injection issue has been discovered in  ...)
	NOT-FOR-US: Raisecom GPON Devices
CVE-2019-7383 (An issue was discovered on Systrome Cumilon ISG-600C, ISG-600H, and IS ...)
	NOT-FOR-US: Systrome devices
CVE-2019-7382
	RESERVED
CVE-2019-7381
	RESERVED
CVE-2019-7380
	RESERVED
CVE-2019-7379
	RESERVED
CVE-2019-7378
	RESERVED
CVE-2019-7377
	RESERVED
CVE-2019-7376
	RESERVED
CVE-2019-7375
	RESERVED
CVE-2019-7374
	RESERVED
CVE-2019-7373
	RESERVED
CVE-2019-7372
	RESERVED
CVE-2019-7371
	RESERVED
CVE-2019-7370
	RESERVED
CVE-2019-7369
	RESERVED
CVE-2019-7368
	RESERVED
CVE-2019-7367
	RESERVED
CVE-2019-7366 (Buffer overflow vulnerability in Autodesk FBX Software Development Kit ...)
	NOT-FOR-US: Autodesk FBX Software Development Kit
CVE-2019-7365 (DLL preloading vulnerability in Autodesk Desktop Application versions  ...)
	NOT-FOR-US: Autodesk Desktop Application
CVE-2019-7364 (DLL preloading vulnerability in versions 2017, 2018, 2019, and 2020 of ...)
	NOT-FOR-US: Autodesk
CVE-2019-7363 (Use-after-free vulnerability in Autodesk Design Review versions 2011,  ...)
	NOT-FOR-US: Autodesk
CVE-2019-7362 (DLL preloading vulnerability in Autodesk Design Review versions 2011,  ...)
	NOT-FOR-US: Autodesk
CVE-2019-7361 (An attacker may convince a victim to open a malicious action micro (.a ...)
	NOT-FOR-US: Autodesk
CVE-2019-7360 (An exploitable use-after-free vulnerability in the DXF-parsing functio ...)
	NOT-FOR-US: Autodesk
CVE-2019-7359 (An exploitable heap overflow vulnerability in the AcCellMargin handlin ...)
	NOT-FOR-US: Autodesk
CVE-2019-7358 (An exploitable heap overflow vulnerability in the DXF-parsing function ...)
	NOT-FOR-US: Autodesk
CVE-2019-7357
	RESERVED
CVE-2019-7356
	RESERVED
CVE-2019-1000024 (OPT/NET BV NG-NetMS version v3.6-2 and earlier versions contains a Cro ...)
	NOT-FOR-US: OPT/NET BV
CVE-2019-1000023 (OPT/NET BV OPTOSS Next Gen Network Management System (NG-NetMS) versio ...)
	NOT-FOR-US: OPT/NET BV
CVE-2019-1000022 (Taoensso Sente version Prior to version 1.14.0 contains a Cross Site R ...)
	NOT-FOR-US: Taoensso Sente
CVE-2019-1000021 (slixmpp version before commit 7cd73b594e8122dddf847953fcfc85ab4d316416 ...)
	- slixmpp 1.4.2-1 (bug #922509)
	[stretch] - slixmpp <no-dsa> (Minor issue)
	NOTE: https://lab.louiz.org/poezio/slixmpp/commit/7cd73b594e8122dddf847953fcfc85ab4d316416
CVE-2019-1000020 (libarchive version commit 5a98dcf8a86364b3c2c469c85b93647dfb139961 onw ...)
	{DLA-1668-1}
	- libarchive 3.3.3-4 (low)
	[stretch] - libarchive 3.2.2-2+deb9u2
	NOTE: https://github.com/libarchive/libarchive/pull/1120
	NOTE: https://github.com/libarchive/libarchive/commit/8312eaa576014cd9b965012af51bc1f967b12423
CVE-2019-1000019 (libarchive version commit bf9aec176c6748f0ee7a678c5f9f9555b9a757c1 onw ...)
	{DLA-1668-1}
	- libarchive 3.3.3-4 (low)
	[stretch] - libarchive 3.2.2-2+deb9u2
	NOTE: https://github.com/libarchive/libarchive/pull/1120
	NOTE: https://github.com/libarchive/libarchive/commit/65a23f5dbee4497064e9bb467f81138a62b0dae1
CVE-2019-1000017 (Chamilo Chamilo-lms version 1.11.8 and earlier contains an Incorrect A ...)
	NOT-FOR-US: Chamilo Chamilo-lms
CVE-2019-1000016 (FFMPEG version 4.1 contains a CWE-129: Improper Validation of Array In ...)
	- ffmpeg 7:4.1.1-1 (low; bug #922066)
	[stretch] - ffmpeg <not-affected> (Vulnerable code not present)
	NOTE: https://github.com/FFmpeg/FFmpeg/commit/b97a4b658814b2de8b9f2a3bce491c002d34de31#diff-cd7e24986650014d67f484f3ffceef3f
	- libav <removed>
	[jessie] - libav <not-affected> (Vulnerable code not present)
CVE-2019-1000015 (Chamilo Chamilo-lms version 1.11.8 and earlier contains a Cross Site S ...)
	NOT-FOR-US: Chamilo Chamilo-lms
CVE-2019-1000014 (Erlang/OTP Rebar3 version 3.7.0 through 3.7.5 contains a Signing oracl ...)
	- rebar <not-affected> (vulnerable code is not present)
	NOTE: https://github.com/erlang/rebar3/pull/1986
CVE-2019-1000013 (Hex package manager hex_core version 0.3.0 and earlier contains a Sign ...)
	NOT-FOR-US: Hex package manager
CVE-2019-1000012 (Hex package manager version 0.14.0 through 0.18.2 contains a Signing o ...)
	NOT-FOR-US: Hex package manager
CVE-2019-1000011 (API Platform version from 2.2.0 to 2.3.5 contains an Incorrect Access  ...)
	NOT-FOR-US: API Platform
CVE-2019-1000010 (phpIPAM version 1.3.2 and earlier contains a Cross Site Scripting (XSS ...)
	NOT-FOR-US: phpIPAM
CVE-2019-1000009 (Helm ChartMuseum version &gt;=0.1.0 and &lt; 0.8.1 contains a CWE-22:  ...)
	NOT-FOR-US: Helm ChartMuseum
CVE-2019-1000008 (All versions of Helm between Helm &gt;=2.0.0 and &lt; 2.12.2 contains  ...)
	- helm-kubernetes <itp> (bug #910799)
CVE-2019-1000007 (aioxmpp version 0.10.2 and earlier contains a Improper Handling of Str ...)
	- python-aioxmpp 0.10.3-1
	NOTE: https://github.com/horazont/aioxmpp/pull/268
CVE-2019-1000006 (RIOT RIOT-OS version after commit 7af03ab624db0412c727eed9ab7630a5282e ...)
	NOT-FOR-US: RIOT RIOT-OS
CVE-2019-1000005 (mPDF version 7.1.7 and earlier contains a CWE-502: Deserialization of  ...)
	NOT-FOR-US: mPDF
CVE-2019-1000004 (yugandhargangu JspMyAdmin2 version 1.0.6 and earlier contains a Cross  ...)
	NOT-FOR-US: yugandhargangu JspMyAdmin2
CVE-2019-1000003 (MapSVG MapSVG Lite version 3.2.3 contains a Cross Site Request Forgery ...)
	NOT-FOR-US: Wordpress plugin
CVE-2019-1000002 (Gitea version 1.6.2 and earlier contains a Incorrect Access Control vu ...)
	- gitea <removed>
	NOTE: https://github.com/go-gitea/gitea/pull/5631
CVE-2019-1000001 (TeamPass version 2.1.27 and earlier contains a Storing Passwords in a  ...)
	- teampass <itp> (bug #730180)
CVE-2019-7355
	RESERVED
CVE-2019-7354
	RESERVED
CVE-2019-7353 (An Incorrect Access Control issue was discovered in GitLab Community a ...)
	- gitlab <not-affected> (Only affects 11.7)
	NOTE: https://about.gitlab.com/2019/02/05/critical-security-release-gitlab-11-dot-7-dot-4-released/
CVE-2019-7352 (Self - Stored Cross Site Scripting (XSS) exists in ZoneMinder through  ...)
	- zoneminder <unfixed> (bug #922724)
	NOTE: https://github.com/ZoneMinder/zoneminder/issues/2475
CVE-2019-7351 (Log Injection exists in ZoneMinder through 1.32.3, as an attacker can  ...)
	- zoneminder <unfixed> (bug #922724)
	NOTE: https://github.com/ZoneMinder/zoneminder/issues/2466
CVE-2019-7350 (Session fixation exists in ZoneMinder through 1.32.3, as an attacker c ...)
	- zoneminder <unfixed> (bug #922724)
	NOTE: https://github.com/ZoneMinder/zoneminder/issues/2471
CVE-2019-7349 (Reflected Cross Site Scripting (XSS) exists in ZoneMinder through 1.32 ...)
	- zoneminder <unfixed> (bug #922724)
	NOTE: https://github.com/ZoneMinder/zoneminder/issues/2465
CVE-2019-7348 (Self - Stored Cross Site Scripting (XSS) exists in ZoneMinder through  ...)
	- zoneminder <unfixed> (bug #922724)
	NOTE: https://github.com/ZoneMinder/zoneminder/issues/2467
CVE-2019-7347 (A Time-of-check Time-of-use (TOCTOU) Race Condition exists in ZoneMind ...)
	- zoneminder <unfixed> (bug #922724)
	NOTE: https://github.com/ZoneMinder/zoneminder/issues/2476
CVE-2019-7346 (A CSRF check issue exists in ZoneMinder through 1.32.3 as whenever a C ...)
	- zoneminder <unfixed> (bug #922724)
	NOTE: https://github.com/ZoneMinder/zoneminder/issues/2469
CVE-2019-7345 (Self - Stored Cross Site Scripting (XSS) exists in ZoneMinder through  ...)
	- zoneminder <unfixed> (bug #922724)
	NOTE: https://github.com/ZoneMinder/zoneminder/issues/2468
CVE-2019-7344 (Reflected XSS exists in ZoneMinder through 1.32.3, allowing an attacke ...)
	- zoneminder <unfixed> (bug #922724)
	NOTE: https://github.com/ZoneMinder/zoneminder/issues/2455
CVE-2019-7343 (Reflected - Cross Site Scripting (XSS) exists in ZoneMinder through 1. ...)
	- zoneminder <unfixed> (bug #922724)
	NOTE: https://github.com/ZoneMinder/zoneminder/issues/2464
CVE-2019-7342 (POST - Cross Site Scripting (XSS) exists in ZoneMinder through 1.32.3, ...)
	- zoneminder <unfixed> (bug #922724)
	NOTE: https://github.com/ZoneMinder/zoneminder/issues/2461
CVE-2019-7341 (Reflected - Cross Site Scripting (XSS) exists in ZoneMinder through 1. ...)
	- zoneminder <unfixed> (bug #922724)
	NOTE: https://github.com/ZoneMinder/zoneminder/issues/2463
CVE-2019-7340 (POST - Cross Site Scripting (XSS) exists in ZoneMinder through 1.32.3, ...)
	- zoneminder <unfixed> (bug #922724)
	NOTE: https://github.com/ZoneMinder/zoneminder/issues/2462
CVE-2019-7339 (POST - Cross Site Scripting (XSS) exists in ZoneMinder through 1.32.3, ...)
	- zoneminder <unfixed> (bug #922724)
	NOTE: https://github.com/ZoneMinder/zoneminder/issues/2460
CVE-2019-7338 (Self - Stored XSS exists in ZoneMinder through 1.32.3, allowing an att ...)
	- zoneminder <unfixed> (bug #922724)
	NOTE: https://github.com/ZoneMinder/zoneminder/issues/2454
CVE-2019-7337 (Reflected Cross Site Scripting (XSS) exists in ZoneMinder through 1.32 ...)
	- zoneminder <unfixed> (bug #922724)
	NOTE: https://github.com/ZoneMinder/zoneminder/issues/2456
CVE-2019-7336 (Self - Stored Cross Site Scripting (XSS) exists in ZoneMinder through  ...)
	- zoneminder <unfixed> (bug #922724)
	NOTE: https://github.com/ZoneMinder/zoneminder/issues/2457
CVE-2019-7335 (Self - Stored XSS exists in ZoneMinder through 1.32.3, allowing an att ...)
	- zoneminder <unfixed> (bug #922724)
	NOTE: https://github.com/ZoneMinder/zoneminder/issues/2453
CVE-2019-7334 (Reflected Cross Site Scripting (XSS) exists in ZoneMinder through 1.32 ...)
	- zoneminder <unfixed> (bug #922724)
	NOTE: https://github.com/ZoneMinder/zoneminder/issues/2443
CVE-2019-7333 (Reflected Cross Site Scripting (XSS) exists in ZoneMinder through 1.32 ...)
	- zoneminder <unfixed> (bug #922724)
	NOTE: https://github.com/ZoneMinder/zoneminder/issues/2441
CVE-2019-7332 (Reflected Cross Site Scripting (XSS) exists in ZoneMinder through 1.32 ...)
	- zoneminder <unfixed> (bug #922724)
	NOTE: https://github.com/ZoneMinder/zoneminder/issues/2442
CVE-2019-7331 (Self - Stored Cross Site Scripting (XSS) exists in ZoneMinder through  ...)
	- zoneminder <unfixed> (bug #922724)
	NOTE: https://github.com/ZoneMinder/zoneminder/issues/2451
CVE-2019-7330 (Reflected Cross Site Scripting (XSS) exists in ZoneMinder through 1.32 ...)
	- zoneminder <unfixed> (bug #922724)
	NOTE: https://github.com/ZoneMinder/zoneminder/issues/2448
CVE-2019-7329 (Reflected Cross Site Scripting (XSS) exists in ZoneMinder through 1.32 ...)
	- zoneminder <unfixed> (bug #922724)
	NOTE: https://github.com/ZoneMinder/zoneminder/issues/2446
CVE-2019-7328 (Reflected Cross Site Scripting (XSS) exists in ZoneMinder through 1.32 ...)
	- zoneminder <unfixed> (bug #922724)
	NOTE: https://github.com/ZoneMinder/zoneminder/issues/2449
CVE-2019-7327 (Reflected Cross Site Scripting (XSS) exists in ZoneMinder through 1.32 ...)
	- zoneminder <unfixed> (bug #922724)
	NOTE: https://github.com/ZoneMinder/zoneminder/issues/2447
CVE-2019-7326 (Self - Stored Cross Site Scripting (XSS) exists in ZoneMinder through  ...)
	- zoneminder <unfixed> (bug #922724)
	NOTE: https://github.com/ZoneMinder/zoneminder/issues/2452
CVE-2019-7325 (Reflected Cross Site Scripting (XSS) exists in ZoneMinder through 1.32 ...)
	- zoneminder <unfixed> (bug #922724)
	NOTE: https://github.com/ZoneMinder/zoneminder/issues/2450
CVE-2019-7324 (app/Core/Paginator.php in Kanboard before 1.2.8 has XSS in pagination  ...)
	- kanboard <itp> (bug #790814)
CVE-2019-7323 (GUP (generic update process) in LightySoft LogMX before 7.4.0 does not ...)
	NOT-FOR-US: LightySoft LogMX
CVE-2019-7322
	RESERVED
CVE-2019-7321 (Usage of an uninitialized variable in the function fz_load_jpeg in Art ...)
	- mupdf <not-affected> (Vulnerable code introduced later)
	NOTE: https://bugs.ghostscript.com/show_bug.cgi?id=700560
	NOTE: Introduced by: http://git.ghostscript.com/?p=mupdf.git;h=7d52765c5b8a5c76e459d148cd94dbaf51e562ec (1.15.0-rc1)
	NOTE: Fixed by: http://git.ghostscript.com/?p=mupdf.git;h=2be83b57e77938fddbb06bdffb11979ad89a9c7d (1.15.0-rc1)
CVE-2019-7320
	RESERVED
CVE-2019-7319 (An issue was discovered in Cloudera Hue 6.0.0 through 6.1.0. When usin ...)
	NOT-FOR-US: Cloudera
CVE-2019-7318
	RESERVED
CVE-2019-7317 (png_image_free in png.c in libpng 1.6.x before 1.6.37 has a use-after- ...)
	{DSA-4451-1 DSA-4448-1 DSA-4435-1 DLA-1806-1 DLA-1800-1}
	- libpng1.6 1.6.36-4 (bug #921355)
	- libpng <removed>
	[jessie] - libpng <not-affected> (Vulnerable code not present)
	[experimental] - firefox 67.0-1
	- firefox 67.0-2
	- firefox-esr 60.7.0esr-1
	- thunderbird 1:60.7.0-1
	NOTE: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=12803
	NOTE: https://github.com/glennrp/libpng/issues/275
	NOTE: https://github.com/glennrp/libpng/commit/9c0d5c77bf5bf2d7c1e11f388de40a70e0191550
	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2019-13/#CVE-2019-7317
	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2019-14/#CVE-2019-7317
	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2019-15/#CVE-2019-7317
CVE-2019-7316 (An issue was discovered in CSS-TRICKS Chat2 through 2015-05-05. The us ...)
	NOT-FOR-US: CSS-TRICKS Chat2
CVE-2019-7315 (Genie Access WIP3BVAF WISH IP 3MP IR Auto Focus Bullet Camera devices  ...)
	NOT-FOR-US: Genie Access WIP3BVAF WISH IP 3MP IR Auto Focus Bullet Camera devices
CVE-2019-7314 (liblivemedia in Live555 before 2019.02.03 mishandles the termination o ...)
	{DSA-4408-1 DLA-1690-1}
	[experimental] - liblivemedia 2019.02.03-1
	- liblivemedia 2018.11.26-1.1 (bug #924656)
	NOTE: http://lists.live555.com/pipermail/live-devel/2019-February/021143.html
CVE-2019-7313 (www/resource.py in Buildbot before 1.8.1 allows CRLF injection in the  ...)
	- buildbot 2.0.0-1 (bug #921271)
	[stretch] - buildbot <not-affected> (Vulnerable code introduced in 0.9.0)
	[jessie] - buildbot <not-affected> (Vulnerable code introduced in 0.9.0)
	NOTE: https://github.com/buildbot/buildbot/wiki/CRLF-injection-in-Buildbot-login-and-logout-redirect-code
	NOTE: https://github.com/buildbot/buildbot/pull/4584/files#diff-a2e7e3ee5f6a1d3cd9c6abf0328c21e0
CVE-2019-7312 (Limited plaintext disclosure exists in PRIMX Zed Entreprise for Window ...)
	NOT-FOR-US: PRIMX Zed Enterprise
CVE-2019-7311 (An issue was discovered on Linksys WRT1900ACS 1.0.3.187766 devices. A  ...)
	NOT-FOR-US: Linksys
CVE-2019-7310 (In Poppler 0.73.0, a heap-based buffer over-read (due to an integer si ...)
	{DLA-1706-1}
	- poppler 0.71.0-4 (bug #921215)
	[stretch] - poppler <ignored> (Minor issue)
	NOTE: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=12797
	NOTE: https://gitlab.freedesktop.org/poppler/poppler/issues/717
	NOTE: https://gitlab.freedesktop.org/poppler/poppler/merge_requests/172
	NOTE: https://gitlab.freedesktop.org/poppler/poppler/commit/b54e1fc3e0d2600621a28d50f9f085b9e38619c2
CVE-2019-7309 (In the GNU C Library (aka glibc or libc6) through 2.29, the memcmp fun ...)
	- glibc 2.28-6 (unimportant)
	NOTE: https://sourceware.org/bugzilla/show_bug.cgi?id=24155
	NOTE: https://sourceware.org/ml/libc-alpha/2019-02/msg00041.html
	NOTE: x32 not officially supported
CVE-2019-7308 (kernel/bpf/verifier.c in the Linux kernel before 4.20.6 performs undes ...)
	- linux 4.19.20-1
	[stretch] - linux <not-affected> (Vulnerable code not present)
	[jessie] - linux <not-affected> (Vulnerable code not present)
	NOTE: https://bugs.chromium.org/p/project-zero/issues/detail?id=1711
	NOTE: Fixed by: https://git.kernel.org/linus/979d63d50c0c0f7bc537bf821e056cc9fe5abd38
	NOTE: Fixed by: https://git.kernel.org/linus/d3bd7413e0ca40b60cf60d4003246d067cafdeda
CVE-2019-7307 (Apport before versions 2.14.1-0ubuntu3.29+esm1, 2.20.1-0ubuntu2.19, 2. ...)
	NOT-FOR-US: Apport
CVE-2019-7306 [Apport hook may expose sensitive information]
	RESERVED
	- byobu <unfixed> (unimportant)
	NOTE: https://bugs.launchpad.net/ubuntu/+source/byobu/+bug/1827202
	NOTE: Issue in /usr/share/apport/package-hooks/source_byobu.py hook,
	NOTE: non-issue in Debian as Apport not present.
CVE-2019-7305 [extplorer exposes /usr and /etc/extplorer over HTTP]
	RESERVED
	- extplorer <removed>
	NOTE: https://bugs.launchpad.net/ubuntu/+source/extplorer/+bug/1822013
CVE-2019-7304 (Canonical snapd before version 2.37.1 incorrectly performed socket own ...)
	- snapd 2.37.1-1
	[stretch] - snapd <not-affected> (Vulnerable code introduced later)
	NOTE: https://bugs.launchpad.net/snapd/+bug/1813365
	NOTE: Introduced in 2.28, fixed in 2.37.1
CVE-2019-7303 (A vulnerability in the seccomp filters of Canonical snapd before versi ...)
	- snapd 2.37.4-1 (low)
	[stretch] - snapd <no-dsa> (Minor issue)
	NOTE: https://bugs.launchpad.net/snapd/+bug/1812973
CVE-2019-7302
	RESERVED
CVE-2019-7301 (Zen Load Balancer 3.10.1 allows remote authenticated admin users to ex ...)
	NOT-FOR-US: Zen Load Balancer
CVE-2019-7300 (Artica Proxy 3.06.200056 allows remote attackers to execute arbitrary  ...)
	NOT-FOR-US: Artica Proxy
CVE-2019-7299 (A stored cross-site scripting (XSS) vulnerability in the submit_ticket ...)
	NOT-FOR-US: WP Support Plus Responsive Ticket System plugin for WordPress
CVE-2019-7298 (An issue was discovered on D-Link DIR-823G devices with firmware throu ...)
	NOT-FOR-US: D-Link
CVE-2019-7297 (An issue was discovered on D-Link DIR-823G devices with firmware throu ...)
	NOT-FOR-US: D-Link
CVE-2019-7296 (typora through 0.9.64 has XSS, with resultant remote command execution ...)
	NOT-FOR-US: typora
CVE-2019-7295 (typora through 0.9.63 has XSS, with resultant remote command execution ...)
	NOT-FOR-US: typora
CVE-2019-7294
	RESERVED
CVE-2019-7293 (A memory corruption issue was addressed with improved memory handling. ...)
	NOT-FOR-US: Apple
CVE-2019-7292 (A validation issue was addressed with improved logic. This issue is fi ...)
	- webkit2gtk 2.24.1-1
	[stretch] - webkit2gtk <ignored> (Not covered by security support in stretch)
	[jessie] - webkit2gtk <ignored> (Not covered by security support in jessie)
	NOTE: https://webkitgtk.org/security/WSA-2019-0002.html
CVE-2019-7291
	RESERVED
CVE-2019-7290 (An access issue was addressed with additional sandbox restrictions. Th ...)
	NOT-FOR-US: Shortcuts for iOS
CVE-2019-7289 (A parsing issue in the handling of directory paths was addressed with  ...)
	NOT-FOR-US: Shortcuts for iOS
CVE-2019-7288
	RESERVED
CVE-2019-7287 (A memory corruption issue was addressed with improved input validation ...)
	NOT-FOR-US: Apple
CVE-2019-7286 (A memory corruption issue was addressed with improved input validation ...)
	NOT-FOR-US: Apple
CVE-2019-7285 (A use after free issue was addressed with improved memory management.  ...)
	- webkit2gtk 2.24.1-1
	[stretch] - webkit2gtk <ignored> (Not covered by security support in stretch)
	[jessie] - webkit2gtk <ignored> (Not covered by security support in jessie)
	NOTE: https://webkitgtk.org/security/WSA-2019-0002.html
CVE-2019-7284 (This issue was addressed with improved checks. This issue is fixed in  ...)
	NOT-FOR-US: Apple
CVE-2019-7281 (Prima Systems FlexAir, Versions 2.3.38 and prior. An unauthenticated u ...)
	NOT-FOR-US: Prima Systems FlexAir
CVE-2019-7280 (Prima Systems FlexAir, Versions 2.3.38 and prior. The session-ID is of ...)
	NOT-FOR-US: Prima Systems FlexAir
CVE-2019-7279 (Optergy Proton/Enterprise devices have Hard-coded Credentials. ...)
	NOT-FOR-US: Optergy Proton
CVE-2019-7278 (Optergy Proton/Enterprise devices have an Unauthenticated SMS Sending  ...)
	NOT-FOR-US: Optergy Proton
CVE-2019-7277 (Optergy Proton/Enterprise devices allow Unauthenticated Internal Netwo ...)
	NOT-FOR-US: Optergy Proton
CVE-2019-7276 (Optergy Proton/Enterprise devices allow Remote Root Code Execution via ...)
	NOT-FOR-US: Optergy Proton
CVE-2019-7275 (Optergy Proton/Enterprise devices allow Open Redirect. ...)
	NOT-FOR-US: Optergy Proton
CVE-2019-7274 (Optergy Proton/Enterprise devices allow Authenticated File Upload with ...)
	NOT-FOR-US: Optergy Proton
CVE-2019-7273 (Optergy Proton/Enterprise devices allow Cross-Site Request Forgery (CS ...)
	NOT-FOR-US: Optergy Proton
CVE-2019-7272 (Optergy Proton/Enterprise devices allow Username Disclosure. ...)
	NOT-FOR-US: Optergy Proton
CVE-2019-7271 (Nortek Linear eMerge 50P/5000P devices have Default Credentials. ...)
	NOT-FOR-US: Nortek Linear
CVE-2019-7270 (Linear eMerge 50P/5000P devices allow Cross-Site Request Forgery (CSRF ...)
	NOT-FOR-US: Linear eMerge 50P/5000P devices
CVE-2019-7269 (Linear eMerge 50P/5000P devices allow Authenticated Command Injection  ...)
	NOT-FOR-US: Linear eMerge 50P/5000P devices
CVE-2019-7268 (Linear eMerge 50P/5000P devices allow Unauthenticated File Upload. ...)
	NOT-FOR-US: Linear eMerge 50P/5000P devices
CVE-2019-7267 (Linear eMerge 50P/5000P devices allow Cookie Path Traversal. ...)
	NOT-FOR-US: Linear eMerge 50P/5000P devices
CVE-2019-7266 (Linear eMerge 50P/5000P devices allow Authentication Bypass. ...)
	NOT-FOR-US: Linear eMerge 50P/5000P devices
CVE-2019-7265 (Linear eMerge E3-Series devices allow Remote Code Execution (root acce ...)
	NOT-FOR-US: Linear eMerge E3-Series devices
CVE-2019-7264 (Linear eMerge E3-Series devices allow a Stack-based Buffer Overflow on ...)
	NOT-FOR-US: Linear eMerge E3-Series devices
CVE-2019-7263 (Linear eMerge E3-Series devices have a Version Control Failure. ...)
	NOT-FOR-US: Linear eMerge E3-Series devices
CVE-2019-7262 (Linear eMerge E3-Series devices allow Cross-Site Request Forgery (CSRF ...)
	NOT-FOR-US: Linear eMerge E3-Series devices
CVE-2019-7261 (Linear eMerge E3-Series devices have Hard-coded Credentials. ...)
	NOT-FOR-US: Linear eMerge E3-Series devices
CVE-2019-7260 (Linear eMerge E3-Series devices have Cleartext Credentials in a Databa ...)
	NOT-FOR-US: Linear eMerge E3-Series devices
CVE-2019-7259 (Linear eMerge E3-Series devices allow Authorization Bypass with Inform ...)
	NOT-FOR-US: Linear eMerge E3-Series devices
CVE-2019-7258 (Linear eMerge E3-Series devices allow Privilege Escalation. ...)
	NOT-FOR-US: Linear eMerge E3-Series devices
CVE-2019-7257 (Linear eMerge E3-Series devices allow Unrestricted File Upload. ...)
	NOT-FOR-US: Linear eMerge E3-Series devices
CVE-2019-7256 (Linear eMerge E3-Series devices allow Command Injections. ...)
	NOT-FOR-US: Linear eMerge E3-Series devices
CVE-2019-7255 (Linear eMerge E3-Series devices allow XSS. ...)
	NOT-FOR-US: Linear eMerge E3-Series devices
CVE-2019-7254 (Linear eMerge E3-Series devices allow File Inclusion. ...)
	NOT-FOR-US: Linear eMerge E3-Series devices
CVE-2019-7253 (Linear eMerge E3-Series devices allow Directory Traversal. ...)
	NOT-FOR-US: Linear eMerge E3-Series devices
CVE-2019-7252 (Linear eMerge E3-Series devices have Default Credentials. ...)
	NOT-FOR-US: Linear eMerge E3-Series devices
CVE-2019-7251 (An Integer Signedness issue (for a return code) in the res_pjsip_sdp_r ...)
	- asterisk 1:16.2.1~dfsg-1 (bug #923690)
	[stretch] - asterisk <not-affected> (Vulnerable code not present)
	[jessie] - asterisk <not-affected> (Vulnerable code introduced later)
	NOTE: https://downloads.asterisk.org/pub/security/AST-2019-001.html
CVE-2019-7250 (An issue was discovered in the Cross Reference Add-on 36 for Google Do ...)
	NOT-FOR-US: Cross Reference Add-on for Google Docs
CVE-2019-7249 (In Keybase before 2.12.6 on macOS, the move RPC to the Helper was susc ...)
	NOT-FOR-US: Keybase on MacOS
CVE-2019-7283 (An issue was discovered in rcp in NetKit through 0.17. For an rcp oper ...)
	- netkit-rsh 0.17-20 (bug #920486)
	[stretch] - netkit-rsh <no-dsa> (Minor issue)
	[jessie] - netkit-rsh <no-dsa> (Minor issue)
CVE-2019-7282 (In NetKit through 0.17, rcp.c in the rcp client allows remote rsh serv ...)
	- netkit-rsh 0.17-20 (bug #920486)
	[stretch] - netkit-rsh <no-dsa> (Minor issue)
	[jessie] - netkit-rsh <no-dsa> (Minor issue)
CVE-2019-7248
	RESERVED
CVE-2019-7247
	RESERVED
CVE-2019-7246
	RESERVED
CVE-2019-7245 (An issue was discovered in GPU-Z.sys in TechPowerUp GPU-Z before 2.23. ...)
	NOT-FOR-US: TechPowerUp GPU-Z
CVE-2019-7244 (An issue was discovered in kerneld.sys in AIDA64 before 5.99. The vuln ...)
	NOT-FOR-US: AIDA64
CVE-2019-7243
	RESERVED
CVE-2019-7242
	RESERVED
CVE-2019-7241
	RESERVED
CVE-2019-7240 (An issue was discovered in WinRing0x64.sys in Moo0 System Monitor 1.83 ...)
	NOT-FOR-US: Moo0 System Monitor
CVE-2019-7239
	RESERVED
CVE-2019-7238 (Sonatype Nexus Repository Manager before 3.15.0 has Incorrect Access C ...)
	NOT-FOR-US: Sonatype Nexus Repository Manager
CVE-2019-7237 (An issue was discovered in idreamsoft iCMS 7.0.13 on Windows. editor/e ...)
	NOT-FOR-US: idreamsoft iCMS
CVE-2019-7236 (An issue was discovered in idreamsoft iCMS 7.0.13. editor/editor.admin ...)
	NOT-FOR-US: idreamsoft iCMS
CVE-2019-7235 (An issue was discovered in idreamsoft iCMS 7.0.13. admincp.php?app=app ...)
	NOT-FOR-US: idreamsoft iCMS
CVE-2019-7234 (An issue was discovered in idreamsoft iCMS 7.0.13. admincp.php?app=app ...)
	NOT-FOR-US: idreamsoft iCMS
CVE-2019-7233 (In libdoc through 2019-01-28, doc2text in catdoc.c has a NULL pointer  ...)
	- catdoc <unfixed> (unimportant)
	NOTE: https://github.com/uvoteam/libdoc/issues/6
	NOTE: Crash in CLI tool, no security impact
CVE-2019-7232 (The ABB IDAL HTTP server is vulnerable to a buffer overflow when a lon ...)
	NOT-FOR-US: ABB IDAL HTTP server
CVE-2019-7231 (The ABB IDAL FTP server is vulnerable to a buffer overflow when a long ...)
	NOT-FOR-US: ABB IDAL FTP server
CVE-2019-7230 (The ABB IDAL FTP server mishandles format strings in a username during ...)
	NOT-FOR-US: ABB IDAL FTP server
CVE-2019-7229 (The ABB CP635 HMI uses two different transmission methods to upgrade i ...)
	NOT-FOR-US: ABB CP635 HMI
CVE-2019-7228 (The ABB IDAL HTTP server mishandles format strings in a username or co ...)
	NOT-FOR-US: ABB IDAL HTTP server
CVE-2019-7227 (In the ABB IDAL FTP server, an authenticated attacker can traverse to  ...)
	NOT-FOR-US: ABB IDAL FTP server
CVE-2019-7226 (The ABB IDAL HTTP server CGI interface contains a URL that allows an u ...)
	NOT-FOR-US: ABB IDAL HTTP server
CVE-2019-7225 (The ABB HMI components implement hidden administrative accounts that a ...)
	NOT-FOR-US: ABB HMI components
CVE-2019-7224
	RESERVED
CVE-2019-7223 (InvoicePlane 1.5 has stored XSS via the index.php/invoices/ajax/save i ...)
	NOT-FOR-US: InvoicePlane
CVE-2019-7222 (The KVM implementation in the Linux kernel through 4.20.5 has an Infor ...)
	{DLA-1771-1 DLA-1731-1}
	- linux 4.19.20-1
	[stretch] - linux 4.9.161-1
	NOTE: https://git.kernel.org/linus/353c0956a618a07ba4bbe7ad00ff29fe70e8412a
	NOTE: https://bugs.chromium.org/p/project-zero/issues/detail?id=1759&desc=2
CVE-2019-7221 (The KVM implementation in the Linux kernel through 4.20.5 has a Use-af ...)
	{DLA-1771-1 DLA-1731-1}
	- linux 4.19.20-1
	[stretch] - linux 4.9.161-1
	NOTE: https://git.kernel.org/linus/ecec76885bcfe3294685dc363fd1273df0d5d65f
	NOTE: https://bugs.chromium.org/p/project-zero/issues/detail?id=1760
CVE-2019-7220 (X-Cart V5 is vulnerable to XSS via the CategoryFilter2 parameter. ...)
	NOT-FOR-US: X-Cart
CVE-2019-7219 (Unauthenticated reflected cross-site scripting (XSS) exists in Zarafa  ...)
	- zarafa <itp> (bug #658433)
CVE-2019-7218 (Citrix ShareFile before 19.23 allows a downgrade from two-factor authe ...)
	NOT-FOR-US: Citrix ShareFile
CVE-2019-7217 (Citrix ShareFile before 19.12 allows User Enumeration. It is possible  ...)
	NOT-FOR-US: Citrix ShareFile
CVE-2019-7216 (An issue was discovered in FileChucker 4.99e-free-e02. filechucker.cgi ...)
	NOT-FOR-US: FileChucker
CVE-2019-7215 (Progress Sitefinity 10.1.6536 does not invalidate session cookies upon ...)
	NOT-FOR-US: Progress Sitefinity
CVE-2019-7214 (SmarterTools SmarterMail 16.x before build 6985 allows deserialization ...)
	NOT-FOR-US: SmarterTools SmarterMail
CVE-2019-7213 (SmarterTools SmarterMail 16.x before build 6985 allows directory trave ...)
	NOT-FOR-US: SmarterTools SmarterMail
CVE-2019-7212 (SmarterTools SmarterMail 16.x before build 6985 has hardcoded secret k ...)
	NOT-FOR-US: SmarterTools SmarterMail
CVE-2019-7211 (SmarterTools SmarterMail 16.x before build 6995 has stored XSS. JavaSc ...)
	NOT-FOR-US: SmarterTools SmarterMail
CVE-2019-7210
	RESERVED
CVE-2019-7209
	RESERVED
CVE-2019-7208
	RESERVED
CVE-2019-7207
	RESERVED
CVE-2019-7206
	RESERVED
CVE-2019-7205
	RESERVED
CVE-2019-7204
	RESERVED
CVE-2019-7203
	RESERVED
CVE-2019-7202
	RESERVED
CVE-2019-7201 (An unquoted service path vulnerability is reported to affect the servi ...)
	NOT-FOR-US: QNAP NetBak Replicator
CVE-2019-7200
	RESERVED
CVE-2019-7199
	RESERVED
CVE-2019-7198
	RESERVED
CVE-2019-7197 (A stored cross-site scripting (XSS) vulnerability has been reported to ...)
	NOT-FOR-US: QNAP
CVE-2019-7196
	RESERVED
CVE-2019-7195 (This external control of file name or path vulnerability allows remote ...)
	NOT-FOR-US: QNAP
CVE-2019-7194 (This external control of file name or path vulnerability allows remote ...)
	NOT-FOR-US: QNAP
CVE-2019-7193 (This improper input validation vulnerability allows remote attackers t ...)
	NOT-FOR-US: QNAP
CVE-2019-7192 (This improper access control vulnerability allows remote attackers to  ...)
	NOT-FOR-US: QNAP
CVE-2019-7191
	RESERVED
CVE-2019-7190
	RESERVED
CVE-2019-7189
	RESERVED
CVE-2019-7188
	RESERVED
CVE-2019-7187
	RESERVED
CVE-2019-7186
	RESERVED
CVE-2019-7185 (This cross-site scripting (XSS) vulnerability in Music Station allows  ...)
	NOT-FOR-US: QNAP
CVE-2019-7184 (This cross-site scripting (XSS) vulnerability in Video Station allows  ...)
	NOT-FOR-US: QNAP
CVE-2019-7183 (This improper link resolution vulnerability allows remote attackers to ...)
	NOT-FOR-US: QNAP
CVE-2019-7182
	RESERVED
CVE-2019-7181 (Buffer Overflow vulnerability in myQNAPcloud Connect 1.3.3.0925 and ea ...)
	NOT-FOR-US: myQNAPcloud Connect
CVE-2019-7180
	RESERVED
CVE-2019-7179
	RESERVED
CVE-2019-7178
	RESERVED
CVE-2019-7177
	RESERVED
CVE-2019-7176 (An issue was discovered in GitLab Community and Enterprise Edition 8.x ...)
	- gitlab 11.5.10+dfsg-1 (bug #921059)
	NOTE: https://about.gitlab.com/2019/01/31/security-release-gitlab-11-dot-7-dot-3-released/
CVE-2019-7175 (In ImageMagick before 7.0.8-25, some memory leaks exist in DecodeImage ...)
	- imagemagick <unfixed> (unimportant)
	NOTE: https://github.com/ImageMagick/ImageMagick/commit/1e6a3ace073c9ec9c71e439c111d23c6e66cb6ae
	NOTE: https://github.com/ImageMagick/ImageMagick/issues/1450
CVE-2019-7174 (Roxy Fileman 1.4.5 allows attackers to execute renamefile.php (aka Ren ...)
	NOT-FOR-US: Roxy Fileman
CVE-2019-7173 (A stored-self XSS exists in Croogo through v3.0.5, allowing an attacke ...)
	NOT-FOR-US: Croogo
CVE-2019-7172 (A stored-self XSS exists in ATutor through v2.2.4, allowing an attacke ...)
	NOT-FOR-US: ATutor
CVE-2019-7171 (A stored-self XSS exists in Croogo through v3.0.5, allowing an attacke ...)
	NOT-FOR-US: Croogo
CVE-2019-7170 (A stored-self XSS exists in Croogo through v3.0.5, allowing an attacke ...)
	NOT-FOR-US: Croogo
CVE-2019-7169 (A stored-self XSS exists in Croogo through v3.0.5, allowing an attacke ...)
	NOT-FOR-US: Croogo
CVE-2019-7168 (A stored-self XSS exists in Croogo through v3.0.5, allowing an attacke ...)
	NOT-FOR-US: Croogo
CVE-2019-7167 (Zcash, before the Sapling network upgrade (2018-10-28), had a counterf ...)
	NOT-FOR-US: Zcash
CVE-2019-7166
	RESERVED
CVE-2019-7165 (A buffer overflow in DOSBox 0.74-2 allows attackers to execute arbitra ...)
	{DSA-4478-1 DLA-1845-1}
	- dosbox 0.74-3-1 (bug #931222)
	NOTE: Fixed in 0.74-3 upstream.
	NOTE: Upstream clarification https://sourceforge.net/p/dosbox/bugs/508/
	NOTE: Fixed by https://sourceforge.net/p/dosbox/code-0/3925/
CVE-2019-7164 (SQLAlchemy through 1.2.17 and 1.3.x through 1.3.0b2 allows SQL Injecti ...)
	{DLA-1718-1}
	[experimental] - sqlalchemy 1.3.0~b3+ds1-1
	- sqlalchemy 1.2.18+ds1-2 (bug #922669)
	NOTE: https://github.com/sqlalchemy/sqlalchemy/issues/4481
	NOTE: https://github.com/sqlalchemy/sqlalchemy/commit/30307c4616ad67c01ddae2e1e8e34fabf6028414
CVE-2019-7163 (The web interface of Alcatel LINKZONE MW40-V-V1.0 MW40_LU_02.00_02 dev ...)
	NOT-FOR-US: Alcatel
CVE-2019-7162 (An issue was discovered in Zoho ManageEngine ADSelfService Plus 5.6 Bu ...)
	NOT-FOR-US: Zoho ManageEngine
CVE-2019-7161 (An issue was discovered in Zoho ManageEngine ADSelfService Plus 5.x th ...)
	NOT-FOR-US: Zoho ManageEngine ADSelfService Plus
CVE-2019-7160 (idreamsoft iCMS 7.0.13 allows admincp.php?app=files ../ Directory Trav ...)
	NOT-FOR-US: idreamsoft iCMS
CVE-2019-7159 (OX App Suite 7.10.1 and earlier allows Information Exposure. ...)
	NOT-FOR-US: Open-Xchange App Suite
CVE-2019-7158 (OX App Suite 7.10.0 and earlier has Incorrect Access Control. ...)
	NOT-FOR-US: Open-Xchange App Suite
CVE-2019-7157
	RESERVED
CVE-2019-7156 (In libdoc through 2019-01-28, calcFileBlockOffset in ole.c allows divi ...)
	- catdoc <unfixed> (unimportant)
	NOTE: https://github.com/uvoteam/libdoc/issues/5
	NOTE: catdoc embeds the code; crash in CLI tool, no security impact
CVE-2019-7155 (An issue was discovered in GitLab Community and Enterprise Edition 9.x ...)
	- gitlab 11.5.10+dfsg-1 (bug #921059)
	NOTE: https://about.gitlab.com/2019/01/31/security-release-gitlab-11-dot-7-dot-3-released/
CVE-2019-7154 (The main function in tools/wasm2js.cpp in Binaryen 1.38.22 has a heap- ...)
	- binaryen 66-1 (bug #920853)
	NOTE: https://github.com/WebAssembly/binaryen/issues/1876
	NOTE: https://github.com/WebAssembly/binaryen/commit/79a4fbc80d7ffce4cbcfd04315ce3a0efa88d7fa
CVE-2019-7153 (A NULL pointer dereference was discovered in wasm::WasmBinaryBuilder:: ...)
	- binaryen 66-1 (bug #920853)
	NOTE: https://github.com/WebAssembly/binaryen/issues/1879
	NOTE: https://github.com/WebAssembly/binaryen/commit/2127e64f42da55bb5b9b0ab1995b3ca7fc4e0d0b
	NOTE: https://github.com/WebAssembly/binaryen/commit/85e95e315a8023c46eb804fe80ebc244bcfdae3e
CVE-2019-7152 (A heap-based buffer over-read was discovered in wasm::WasmBinaryBuilde ...)
	- binaryen 66-1 (bug #920853)
	NOTE: https://github.com/WebAssembly/binaryen/issues/1880
	NOTE: Same set of fixes as for https://github.com/WebAssembly/binaryen/issues/1879
	NOTE: address the issue.
	NOTE: https://github.com/WebAssembly/binaryen/commit/2127e64f42da55bb5b9b0ab1995b3ca7fc4e0d0b
	NOTE: https://github.com/WebAssembly/binaryen/commit/85e95e315a8023c46eb804fe80ebc244bcfdae3e
CVE-2019-7151 (A NULL pointer dereference was discovered in wasm::Module::getFunction ...)
	- binaryen 66-1 (bug #920853)
	NOTE: https://github.com/WebAssembly/binaryen/issues/1881
	NOTE: Same set of fixes as for https://github.com/WebAssembly/binaryen/issues/1879
	NOTE: address the issue.
	NOTE: https://github.com/WebAssembly/binaryen/commit/2127e64f42da55bb5b9b0ab1995b3ca7fc4e0d0b
	NOTE: https://github.com/WebAssembly/binaryen/commit/85e95e315a8023c46eb804fe80ebc244bcfdae3e
CVE-2019-7150 (An issue was discovered in elfutils 0.175. A segmentation fault can oc ...)
	{DLA-1689-1}
	- elfutils 0.176-1 (low; bug #920909)
	[stretch] - elfutils <no-dsa> (Minor issue)
	NOTE: https://sourceware.org/bugzilla/show_bug.cgi?id=24103
	NOTE: https://sourceware.org/ml/elfutils-devel/2019-q1/msg00070.html
	NOTE: https://sourceware.org/git/?p=elfutils.git;a=commit;h=da5c5336a1eaf519de246f7d9f0f5585e1d4ac59
CVE-2019-7149 (A heap-based buffer over-read was discovered in the function read_srcl ...)
	{DLA-1689-1}
	- elfutils 0.176-1 (low; bug #920910)
	[stretch] - elfutils <no-dsa> (Minor issue)
	NOTE: https://sourceware.org/bugzilla/show_bug.cgi?id=24102
	NOTE: https://sourceware.org/ml/elfutils-devel/2019-q1/msg00068.html
	NOTE: https://sourceware.org/git/?p=elfutils.git;a=commit;h=2562759d6fe5b364fe224852e64e8bda39eb2e35
CVE-2019-7148 (**DISPUTED** An attempted excessive memory allocation was discovered i ...)
	- elfutils 0.176-1 (unimportant)
	NOTE: https://sourceware.org/bugzilla/show_bug.cgi?id=24085
	NOTE: https://sourceware.org/git/?p=elfutils.git;a=commit;h=e32380ecefbb23448541367283d3b94930762986
	NOTE: malloc can fail on invalid file, but "nothing" bad with security implication will
	NOTE: happen, negligible security impact.
CVE-2019-7147 (A buffer over-read exists in the function crc64ib in crc64.c in nasmli ...)
	- nasm <not-affected> (Vulnerable code introduced later)
	NOTE: https://bugzilla.nasm.us/show_bug.cgi?id=3392544
CVE-2019-7146 (In elfutils 0.175, there is a buffer over-read in the ebl_object_note  ...)
	- elfutils 0.176-1 (bug #920911)
	[stretch] - elfutils <not-affected> (Vulnerable code introduced in 0.175)
	[jessie] - elfutils <not-affected> (Vulnerable code introduced in 0.175)
	NOTE: https://sourceware.org/bugzilla/show_bug.cgi?id=24075
	NOTE: https://sourceware.org/bugzilla/show_bug.cgi?id=24081
	NOTE: https://sourceware.org/git/?p=elfutils.git;a=commit;h=012018907ca05eb0ab51d424a596ef38fc87cae1
	NOTE: https://sourceware.org/git/?p=elfutils.git;a=commit;h=cd7ded3df43f655af945c869976401a602e46fcd
CVE-2019-7145 (Adobe Acrobat and Reader versions 2019.010.20100 and earlier, 2019.010 ...)
	NOT-FOR-US: Adobe
CVE-2019-7144 (Adobe Acrobat and Reader versions 2019.010.20100 and earlier, 2019.010 ...)
	NOT-FOR-US: Adobe
CVE-2019-7143 (Adobe Acrobat and Reader versions 2019.010.20100 and earlier, 2019.010 ...)
	NOT-FOR-US: Adobe
CVE-2019-7142 (Adobe Acrobat and Reader versions 2019.010.20100 and earlier, 2019.010 ...)
	NOT-FOR-US: Adobe
CVE-2019-7141 (Adobe Acrobat and Reader versions 2019.010.20100 and earlier, 2019.010 ...)
	NOT-FOR-US: Adobe
CVE-2019-7140 (Adobe Acrobat and Reader versions 2019.010.20100 and earlier, 2019.010 ...)
	NOT-FOR-US: Adobe
CVE-2019-7139 (An unauthenticated user can execute SQL statements that allow arbitrar ...)
	NOT-FOR-US: Magento
CVE-2019-7138 (Adobe Bridge CC versions 9.0.2 have an out-of-bounds read vulnerabilit ...)
	NOT-FOR-US: Adobe
CVE-2019-7137 (Adobe Bridge CC versions 9.0.2 have a memory corruption vulnerability. ...)
	NOT-FOR-US: Adobe
CVE-2019-7136 (Adobe Bridge CC versions 9.0.2 have an use after free vulnerability. S ...)
	NOT-FOR-US: Adobe
CVE-2019-7135 (Adobe Bridge CC versions 9.0.2 have an out-of-bounds read vulnerabilit ...)
	NOT-FOR-US: Adobe
CVE-2019-7134 (Adobe Bridge CC versions 9.0.2 have an out-of-bounds read vulnerabilit ...)
	NOT-FOR-US: Adobe
CVE-2019-7133 (Adobe Bridge CC versions 9.0.2 have an out-of-bounds read vulnerabilit ...)
	NOT-FOR-US: Adobe
CVE-2019-7132 (Adobe Bridge CC versions 9.0.2 have an out-of-bounds write vulnerabili ...)
	NOT-FOR-US: Adobe
CVE-2019-7131 (Adobe Acrobat and Reader versions 2019.010.20064 and earlier, 2019.010 ...)
	NOT-FOR-US: Adobe
CVE-2019-7130 (Adobe Bridge CC versions 9.0.2 have a heap overflow vulnerability. Suc ...)
	NOT-FOR-US: Adobe
CVE-2019-7129 (Adobe Experience Manager Forms versions 6.2, 6.3 and 6.4 have a stored ...)
	NOT-FOR-US: Adobe
CVE-2019-7128 (Adobe Acrobat and Reader versions 2019.010.20098 and earlier, 2019.010 ...)
	NOT-FOR-US: Adobe
CVE-2019-7127 (Adobe Acrobat and Reader versions 2019.010.20098 and earlier, 2019.010 ...)
	NOT-FOR-US: Adobe
CVE-2019-7126
	RESERVED
CVE-2019-7125 (Adobe Acrobat and Reader versions 2019.010.20098 and earlier, 2019.010 ...)
	NOT-FOR-US: Adobe
CVE-2019-7124 (Adobe Acrobat and Reader versions 2019.010.20098 and earlier, 2019.010 ...)
	NOT-FOR-US: Adobe
CVE-2019-7123 (Adobe Acrobat and Reader versions 2019.010.20098 and earlier, 2019.010 ...)
	NOT-FOR-US: Adobe
CVE-2019-7122 (Adobe Acrobat and Reader versions 2019.010.20098 and earlier, 2019.010 ...)
	NOT-FOR-US: Adobe
CVE-2019-7121 (Adobe Acrobat and Reader versions 2019.010.20098 and earlier, 2019.010 ...)
	NOT-FOR-US: Adobe
CVE-2019-7120 (Adobe Acrobat and Reader versions 2019.010.20098 and earlier, 2019.010 ...)
	NOT-FOR-US: Adobe
CVE-2019-7119 (Adobe Acrobat and Reader versions 2019.010.20098 and earlier, 2019.010 ...)
	NOT-FOR-US: Adobe
CVE-2019-7118 (Adobe Acrobat and Reader versions 2019.010.20098 and earlier, 2019.010 ...)
	NOT-FOR-US: Adobe
CVE-2019-7117 (Adobe Acrobat and Reader versions 2019.010.20098 and earlier, 2019.010 ...)
	NOT-FOR-US: Adobe
CVE-2019-7116 (Adobe Acrobat and Reader versions 2019.010.20098 and earlier, 2019.010 ...)
	NOT-FOR-US: Adobe
CVE-2019-7115 (Adobe Acrobat and Reader versions 2019.010.20098 and earlier, 2019.010 ...)
	NOT-FOR-US: Adobe
CVE-2019-7114 (Adobe Acrobat and Reader versions 2019.010.20098 and earlier, 2019.010 ...)
	NOT-FOR-US: Adobe
CVE-2019-7113 (Adobe Acrobat and Reader versions 2019.010.20098 and earlier, 2019.010 ...)
	NOT-FOR-US: Adobe
CVE-2019-7112 (Adobe Acrobat and Reader versions 2019.010.20098 and earlier, 2019.010 ...)
	NOT-FOR-US: Adobe
CVE-2019-7111 (Adobe Acrobat and Reader versions 2019.010.20098 and earlier, 2019.010 ...)
	NOT-FOR-US: Adobe
CVE-2019-7110 (Adobe Acrobat and Reader versions 2019.010.20098 and earlier, 2019.010 ...)
	NOT-FOR-US: Adobe
CVE-2019-7109 (Adobe Acrobat and Reader versions 2019.010.20098 and earlier, 2019.010 ...)
	NOT-FOR-US: Adobe
CVE-2019-7108 (Adobe Flash Player versions 32.0.0.156 and earlier, 32.0.0.156 and ear ...)
	NOT-FOR-US: Adobe Flash Player
CVE-2019-7107 (Adobe InDesign versions 14.0.1 and below have an unsafe hyperlink proc ...)
	NOT-FOR-US: Adobe
CVE-2019-7106 (Adobe XD versions 16.0 and earlier have a path traversal vulnerability ...)
	NOT-FOR-US: Adobe
CVE-2019-7105 (Adobe XD versions 16.0 and earlier have a path traversal vulnerability ...)
	NOT-FOR-US: Adobe
CVE-2019-7104 (Adobe Shockwave Player versions 12.3.4.204 and earlier have a memory c ...)
	NOT-FOR-US: Adobe
CVE-2019-7103 (Adobe Shockwave Player versions 12.3.4.204 and earlier have a memory c ...)
	NOT-FOR-US: Adobe
CVE-2019-7102 (Adobe Shockwave Player versions 12.3.4.204 and earlier have a memory c ...)
	NOT-FOR-US: Adobe
CVE-2019-7101 (Adobe Shockwave Player versions 12.3.4.204 and earlier have a memory c ...)
	NOT-FOR-US: Adobe
CVE-2019-7100 (Adobe Shockwave Player versions 12.3.4.204 and earlier have a memory c ...)
	NOT-FOR-US: Adobe
CVE-2019-7099 (Adobe Shockwave Player versions 12.3.4.204 and earlier have a memory c ...)
	NOT-FOR-US: Adobe
CVE-2019-7098 (Adobe Shockwave Player versions 12.3.4.204 and earlier have a memory c ...)
	NOT-FOR-US: Adobe
CVE-2019-7097 (Adobe Dreamweaver versions 19.0 and earlier have an insecure protocol  ...)
	NOT-FOR-US: Adobe
CVE-2019-7096 (Adobe Flash Player versions 32.0.0.156 and earlier, 32.0.0.156 and ear ...)
	NOT-FOR-US: Adobe Flash Player
CVE-2019-7095 (Adobe Digital Editions versions 4.5.10.185749 and below have a heap ov ...)
	NOT-FOR-US: Adobe
CVE-2019-7094 (Adobe Photoshop CC 19.1.7 and earlier, and 20.0.2 and earlier have a h ...)
	NOT-FOR-US: Adobe
CVE-2019-7093 (Creative Cloud Desktop Application (installer) versions 4.7.0.400 and  ...)
	NOT-FOR-US: Adobe
CVE-2019-7092 (ColdFusion versions Update 1 and earlier, Update 7 and earlier, and Up ...)
	NOT-FOR-US: Adobe
CVE-2019-7091 (ColdFusion versions Update 1 and earlier, Update 7 and earlier, and Up ...)
	NOT-FOR-US: Adobe
CVE-2019-7090 (Flash Player Desktop Runtime versions 32.0.0.114 and earlier, Flash Pl ...)
	NOT-FOR-US: Adobe
CVE-2019-7089 (Adobe Acrobat and Reader versions 2019.010.20069 and earlier, 2019.010 ...)
	NOT-FOR-US: Adobe
CVE-2019-7088 (Adobe Acrobat and Reader versions 2019.010.20098 and earlier, 2019.010 ...)
	NOT-FOR-US: Adobe
CVE-2019-7087 (Adobe Acrobat and Reader versions 2019.010.20069 and earlier, 2019.010 ...)
	NOT-FOR-US: Adobe
CVE-2019-7086 (Adobe Acrobat and Reader versions 2019.010.20069 and earlier, 2019.010 ...)
	NOT-FOR-US: Adobe
CVE-2019-7085 (Adobe Acrobat and Reader versions 2019.010.20069 and earlier, 2019.010 ...)
	NOT-FOR-US: Adobe
CVE-2019-7084 (Adobe Acrobat and Reader versions 2019.010.20069 and earlier, 2019.010 ...)
	NOT-FOR-US: Adobe
CVE-2019-7083 (Adobe Acrobat and Reader versions 2019.010.20069 and earlier, 2019.010 ...)
	NOT-FOR-US: Adobe
CVE-2019-7082 (Adobe Acrobat and Reader versions 2019.010.20069 and earlier, 2019.010 ...)
	NOT-FOR-US: Adobe
CVE-2019-7081 (Adobe Acrobat and Reader versions 2019.010.20069 and earlier, 2019.010 ...)
	NOT-FOR-US: Adobe
CVE-2019-7080 (Adobe Acrobat and Reader versions 2019.010.20069 and earlier, 2019.010 ...)
	NOT-FOR-US: Adobe
CVE-2019-7079 (Adobe Acrobat and Reader versions 2019.010.20069 and earlier, 2019.010 ...)
	NOT-FOR-US: Adobe
CVE-2019-7078 (Adobe Acrobat and Reader versions 2019.010.20069 and earlier, 2019.010 ...)
	NOT-FOR-US: Adobe
CVE-2019-7077 (Adobe Acrobat and Reader versions 2019.010.20069 and earlier, 2019.010 ...)
	NOT-FOR-US: Adobe
CVE-2019-7076 (Adobe Acrobat and Reader versions 2019.010.20069 and earlier, 2019.010 ...)
	NOT-FOR-US: Adobe
CVE-2019-7075 (Adobe Acrobat and Reader versions 2019.010.20069 and earlier, 2019.010 ...)
	NOT-FOR-US: Adobe
CVE-2019-7074 (Adobe Acrobat and Reader versions 2019.010.20069 and earlier, 2019.010 ...)
	NOT-FOR-US: Adobe
CVE-2019-7073 (Adobe Acrobat and Reader versions 2019.010.20069 and earlier, 2019.010 ...)
	NOT-FOR-US: Adobe
CVE-2019-7072 (Adobe Acrobat and Reader versions 2019.010.20069 and earlier, 2019.010 ...)
	NOT-FOR-US: Adobe
CVE-2019-7071 (Adobe Acrobat and Reader versions 2019.010.20069 and earlier, 2019.010 ...)
	NOT-FOR-US: Adobe
CVE-2019-7070 (Adobe Acrobat and Reader versions 2019.010.20069 and earlier, 2019.010 ...)
	NOT-FOR-US: Adobe
CVE-2019-7069 (Adobe Acrobat and Reader versions 2019.010.20069 and earlier, 2019.010 ...)
	NOT-FOR-US: Adobe
CVE-2019-7068 (Adobe Acrobat and Reader versions 2019.010.20069 and earlier, 2019.010 ...)
	NOT-FOR-US: Adobe
CVE-2019-7067 (Adobe Acrobat and Reader versions 2019.010.20069 and earlier, 2019.010 ...)
	NOT-FOR-US: Adobe
CVE-2019-7066 (Adobe Acrobat and Reader versions 2019.010.20069 and earlier, 2019.010 ...)
	NOT-FOR-US: Adobe
CVE-2019-7065 (Adobe Acrobat and Reader versions 2019.010.20069 and earlier, 2019.010 ...)
	NOT-FOR-US: Adobe
CVE-2019-7064 (Adobe Acrobat and Reader versions 2019.010.20069 and earlier, 2019.010 ...)
	NOT-FOR-US: Adobe
CVE-2019-7063 (Adobe Acrobat and Reader versions 2019.010.20069 and earlier, 2019.010 ...)
	NOT-FOR-US: Adobe
CVE-2019-7062 (Adobe Acrobat and Reader versions 2019.010.20069 and earlier, 2019.010 ...)
	NOT-FOR-US: Adobe
CVE-2019-7061 (Adobe Acrobat and Reader versions 2019.010.20098 and earlier, 2019.010 ...)
	NOT-FOR-US: Adobe
CVE-2019-7060 (Adobe Acrobat and Reader versions 2019.010.20069 and earlier, 2019.010 ...)
	NOT-FOR-US: Adobe
CVE-2019-7059 (Adobe Acrobat and Reader versions 2019.010.20069 and earlier, 2019.010 ...)
	NOT-FOR-US: Adobe
CVE-2019-7058 (Adobe Acrobat and Reader versions 2019.010.20069 and earlier, 2019.010 ...)
	NOT-FOR-US: Adobe
CVE-2019-7057 (Adobe Acrobat and Reader versions 2019.010.20069 and earlier, 2019.010 ...)
	NOT-FOR-US: Adobe
CVE-2019-7056 (Adobe Acrobat and Reader versions 2019.010.20069 and earlier, 2019.010 ...)
	NOT-FOR-US: Adobe
CVE-2019-7055 (Adobe Acrobat and Reader versions 2019.010.20069 and earlier, 2019.010 ...)
	NOT-FOR-US: Adobe
CVE-2019-7054 (Adobe Acrobat and Reader versions 2019.010.20069 and earlier, 2019.010 ...)
	NOT-FOR-US: Adobe
CVE-2019-7053 (Adobe Acrobat and Reader versions 2019.010.20069 and earlier, 2019.010 ...)
	NOT-FOR-US: Adobe
CVE-2019-7052 (Adobe Acrobat and Reader versions 2019.010.20069 and earlier, 2019.010 ...)
	NOT-FOR-US: Adobe
CVE-2019-7051 (Adobe Acrobat and Reader versions 2019.010.20069 and earlier, 2019.010 ...)
	NOT-FOR-US: Adobe
CVE-2019-7050 (Adobe Acrobat and Reader versions 2019.010.20069 and earlier, 2019.010 ...)
	NOT-FOR-US: Adobe
CVE-2019-7049 (Adobe Acrobat and Reader versions 2019.010.20069 and earlier, 2019.010 ...)
	NOT-FOR-US: Adobe
CVE-2019-7048 (Adobe Acrobat and Reader versions 2019.010.20069 and earlier, 2019.010 ...)
	NOT-FOR-US: Adobe
CVE-2019-7047 (Adobe Acrobat and Reader versions 2019.010.20069 and earlier, 2019.010 ...)
	NOT-FOR-US: Adobe
CVE-2019-7046 (Adobe Acrobat and Reader versions 2019.010.20069 and earlier, 2019.010 ...)
	NOT-FOR-US: Adobe
CVE-2019-7045 (Adobe Acrobat and Reader versions 2019.010.20069 and earlier, 2019.010 ...)
	NOT-FOR-US: Adobe
CVE-2019-7044 (Adobe Acrobat and Reader versions 2019.010.20069 and earlier, 2019.010 ...)
	NOT-FOR-US: Adobe
CVE-2019-7043 (Adobe Acrobat and Reader versions 2019.010.20069 and earlier, 2019.010 ...)
	NOT-FOR-US: Adobe
CVE-2019-7042 (Adobe Acrobat and Reader versions 2019.010.20069 and earlier, 2019.010 ...)
	NOT-FOR-US: Adobe
CVE-2019-7041 (Adobe Acrobat and Reader versions 2019.010.20069 and earlier, 2019.010 ...)
	NOT-FOR-US: Adobe
CVE-2019-7040 (Adobe Acrobat and Reader versions 2019.010.20069 and earlier, 2019.010 ...)
	NOT-FOR-US: Adobe
CVE-2019-7039 (Adobe Acrobat and Reader versions 2019.010.20069 and earlier, 2019.010 ...)
	NOT-FOR-US: Adobe
CVE-2019-7038 (Adobe Acrobat and Reader versions 2019.010.20069 and earlier, 2019.010 ...)
	NOT-FOR-US: Adobe
CVE-2019-7037 (Adobe Acrobat and Reader versions 2019.010.20069 and earlier, 2019.010 ...)
	NOT-FOR-US: Adobe
CVE-2019-7036 (Adobe Acrobat and Reader versions 2019.010.20069 and earlier, 2019.010 ...)
	NOT-FOR-US: Adobe
CVE-2019-7035 (Adobe Acrobat and Reader versions 2019.010.20069 and earlier, 2019.010 ...)
	NOT-FOR-US: Adobe
CVE-2019-7034 (Adobe Acrobat and Reader versions 2019.010.20069 and earlier, 2019.010 ...)
	NOT-FOR-US: Adobe
CVE-2019-7033 (Adobe Acrobat and Reader versions 2019.010.20069 and earlier, 2019.010 ...)
	NOT-FOR-US: Adobe
CVE-2019-7032 (Adobe Acrobat and Reader versions 2019.010.20069 and earlier, 2019.010 ...)
	NOT-FOR-US: Adobe
CVE-2019-7031 (Adobe Acrobat and Reader versions 2019.010.20069 and earlier, 2019.010 ...)
	NOT-FOR-US: Adobe
CVE-2019-7030 (Adobe Acrobat and Reader versions 2019.010.20069 and earlier, 2019.010 ...)
	NOT-FOR-US: Adobe
CVE-2019-7029 (Adobe Acrobat and Reader versions 2019.010.20069 and earlier, 2019.010 ...)
	NOT-FOR-US: Adobe
CVE-2019-7028 (Adobe Acrobat and Reader versions 2019.010.20069 and earlier, 2019.010 ...)
	NOT-FOR-US: Adobe
CVE-2019-7027 (Adobe Acrobat and Reader versions 2019.010.20069 and earlier, 2019.010 ...)
	NOT-FOR-US: Adobe
CVE-2019-7026 (Adobe Acrobat and Reader versions 2019.010.20069 and earlier, 2019.010 ...)
	NOT-FOR-US: Adobe
CVE-2019-7025 (Adobe Acrobat and Reader versions 2019.010.20069 and earlier, 2019.010 ...)
	NOT-FOR-US: Adobe
CVE-2019-7024 (Adobe Acrobat and Reader versions 2019.010.20069 and earlier, 2019.010 ...)
	NOT-FOR-US: Adobe
CVE-2019-7023 (Adobe Acrobat and Reader versions 2019.010.20069 and earlier, 2019.010 ...)
	NOT-FOR-US: Adobe
CVE-2019-7022 (Adobe Acrobat and Reader versions 2019.010.20069 and earlier, 2019.010 ...)
	NOT-FOR-US: Adobe
CVE-2019-7021 (Adobe Acrobat and Reader versions 2019.010.20069 and earlier, 2019.010 ...)
	NOT-FOR-US: Adobe
CVE-2019-7020 (Adobe Acrobat and Reader versions 2019.010.20069 and earlier, 2019.010 ...)
	NOT-FOR-US: Adobe
CVE-2019-7019 (Adobe Acrobat and Reader versions 2019.010.20069 and earlier, 2019.010 ...)
	NOT-FOR-US: Adobe
CVE-2019-7018 (Adobe Acrobat and Reader versions 2019.010.20069 and earlier, 2019.010 ...)
	NOT-FOR-US: Adobe
CVE-2019-7017
	REJECTED
CVE-2019-7016
	REJECTED
CVE-2019-7015
	REJECTED
CVE-2019-7014
	REJECTED
CVE-2019-7013
	REJECTED
CVE-2019-7012
	REJECTED
CVE-2019-7011
	REJECTED
CVE-2019-7010
	REJECTED
CVE-2019-7009
	REJECTED
CVE-2019-7008
	REJECTED
CVE-2019-7007 (A directory traversal vulnerability has been found in the Avaya Equino ...)
	NOT-FOR-US: Avaya
CVE-2019-7006 (Avaya one-X Communicator uses weak cryptographic algorithms in the cli ...)
	NOT-FOR-US: Avaya
CVE-2019-7005
	RESERVED
CVE-2019-7004 (A Cross-Site Scripting (XSS) vulnerability in the WebUI component of I ...)
	NOT-FOR-US: Avaya
CVE-2019-7003 (A SQL injection vulnerability in the reporting component of Avaya Cont ...)
	NOT-FOR-US: Avaya
CVE-2019-7002
	RESERVED
CVE-2019-7001 (A SQL injection vulnerability in the WebUI component of IP Office Cont ...)
	NOT-FOR-US: IP Office Contact Center
CVE-2019-7000 (A Cross-Site Scripting (XSS) vulnerability in the Web UI of Avaya Aura ...)
	NOT-FOR-US: Web UI of Avaya Aura Conferencing
CVE-2019-6999
	REJECTED
CVE-2019-6998
	RESERVED
CVE-2019-6997 (An issue was discovered in GitLab Community and Enterprise Edition 10. ...)
	- gitlab 11.5.10+dfsg-1 (bug #921059)
	NOTE: https://about.gitlab.com/2019/01/31/security-release-gitlab-11-dot-7-dot-3-released/
CVE-2019-6996 (An issue was discovered in GitLab Enterprise Edition 10.x (starting in ...)
	- gitlab <not-affected> (Only affects EE)
	NOTE: https://about.gitlab.com/2019/01/31/security-release-gitlab-11-dot-7-dot-3-released/
CVE-2019-6995 (An issue was discovered in GitLab Community and Enterprise Edition 8.x ...)
	- gitlab 11.5.10+dfsg-1 (bug #921059)
	NOTE: https://about.gitlab.com/2019/01/31/security-release-gitlab-11-dot-7-dot-3-released/
CVE-2019-6994
	RESERVED
CVE-2019-6993
	RESERVED
CVE-2019-6992 (A stored-self XSS exists in web/skins/classic/views/controlcaps.php of ...)
	- zoneminder 1.32.3-2 (bug #920999)
	NOTE: https://github.com/ZoneMinder/zoneminder/commit/8c5687ca308e441742725e0aff9075779fa1a498
	NOTE: https://github.com/ZoneMinder/zoneminder/issues/2445
CVE-2019-6991 (A classic Stack-based buffer overflow exists in the zmLoadUser() funct ...)
	- zoneminder 1.32.3-2 (bug #921000)
	NOTE: https://github.com/ZoneMinder/zoneminder/issues/2478
	NOTE: https://github.com/ZoneMinder/zoneminder/pull/2482
CVE-2019-6990 (A stored-self XSS exists in web/skins/classic/views/zones.php of ZoneM ...)
	- zoneminder 1.32.3-2 (bug #921001)
	NOTE: https://github.com/ZoneMinder/zoneminder/commit/a3e8fd4fd5b579865f35aac3b964bc78d5b7a94a
	NOTE: https://github.com/ZoneMinder/zoneminder/issues/2444
CVE-2019-1000018 (rssh version 2.3.4 contains a CWE-77: Improper Neutralization of Speci ...)
	{DSA-4377-1 DLA-1650-1}
	- rssh 2.3.4-9 (bug #919623)
	NOTE: https://sourceforge.net/p/rssh/mailman/message/36519118/
CVE-2019-6989 (TP-Link TL-WR940N is vulnerable to a stack-based buffer overflow, caus ...)
	NOT-FOR-US: TP-Link
CVE-2019-6988 (An issue was discovered in OpenJPEG 2.3.0. It allows remote attackers  ...)
	- openjpeg2 <unfixed> (low; bug #922648)
	[buster] - openjpeg2 <ignored> (Minor issue)
	[stretch] - openjpeg2 <ignored> (Minor issue)
	[jessie] - openjpeg2 <ignored> (Minor issue)
	NOTE: https://github.com/uclouvain/openjpeg/issues/1178
CVE-2019-6987
	RESERVED
CVE-2019-6986 (SPARQL Injection in VIVO Vitro v1.10.0 allows a remote attacker to exe ...)
	NOT-FOR-US: VIVO Vitro
CVE-2019-6985 (An issue was discovered in Foxit 3D Plugin Beta before 9.4.0.16807 for ...)
	NOT-FOR-US: Foxit Reader
CVE-2019-6984 (An issue was discovered in Foxit 3D Plugin Beta before 9.4.0.16807 for ...)
	NOT-FOR-US: Foxit Reader
CVE-2019-6983 (An issue was discovered in Foxit 3D Plugin Beta before 9.4.0.16807 for ...)
	NOT-FOR-US: Foxit Reader
CVE-2019-6982 (An issue was discovered in Foxit 3D Plugin Beta before 9.4.0.16807 for ...)
	NOT-FOR-US: Foxit Reader
CVE-2019-6981 (Zimbra Collaboration Suite 8.7.x through 8.8.11 allows Blind SSRF in t ...)
	NOT-FOR-US: Zimbra
CVE-2019-6980 (Synacor Zimbra Collaboration Suite 8.7.x through 8.8.11 allows insecur ...)
	NOT-FOR-US: Zimbra
CVE-2019-6979 (An issue was discovered in the User IP History Logs (aka IP_History_Lo ...)
	NOT-FOR-US: IP History Logs plugin for MyBB
CVE-2019-6978 (The GD Graphics Library (aka LibGD) 2.2.5 has a double free in the gdI ...)
	{DSA-4384-1 DLA-1651-1}
	- libgd2 2.2.5-5.1 (bug #920728)
	NOTE: https://github.com/libgd/libgd/issues/492
	NOTE: https://github.com/libgd/libgd/commit/553702980ae89c83f2d6e254d62cf82e204956d0
CVE-2019-1000029 [DoS due to changing # of allowed users in root channel]
	- mumble 1.3.0~git20190125.440b173+dfsg-1 (bug #920476)
	[stretch] - mumble <not-affected> (Vulnerable code introduced later)
	[jessie] - mumble <not-affected> (Vulnerable code introduced later)
	NOTE: https://github.com/mumble-voip/mumble/issues/3585
	NOTE: Introduced in: https://github.com/mumble-voip/mumble/commit/84b1bcecef790a84d10b2d1f2060c1681a2bb836
	NOTE: Fixed by: https://github.com/mumble-voip/mumble/commit/3edc46ff7308691d342f8c08ce1afaaefce35a5c
CVE-2019-6977 (gdImageColorMatch in gd_color_match.c in the GD Graphics Library (aka  ...)
	{DSA-4384-1 DLA-1651-1}
	- libgd2 2.2.5-5.1 (bug #920645)
	- php7.3 7.3.1-1 (unimportant)
	- php7.0 <removed> (unimportant)
	- php5 <removed> (unimportant)
	NOTE: Fixed in 5.6.40, 7.1.26, 7.2.14, 7.3.1
	NOTE: PHP Bug: https://bugs.php.net/bug.php?id=77270
	NOTE: Proposed patch: https://gist.github.com/cmb69/1f36d285eb297ed326f5c821d7aafced
CVE-2019-6976 (libvips before 8.7.4 generates output images from uninitialized memory ...)
	- vips 8.7.4-1 (low)
	[stretch] - vips 8.4.5-1+deb9u1
	[jessie] - vips <ignored> (Minor Issue)
	NOTE: https://github.com/libvips/libvips/commit/00622428bda8d7521db8d74260b519fa41d69d0a
CVE-2019-6975 (Django 1.11.x before 1.11.19, 2.0.x before 2.0.11, and 2.1.x before 2. ...)
	{DSA-4476-1}
	- python-django 1:1.11.20-1 (low; bug #922027)
	[jessie] - python-django <not-affected> (Vulnerable code not present)
	NOTE: Upstream re-released https://code.djangoproject.com/ticket/30175
	NOTE: https://www.djangoproject.com/weblog/2019/feb/11/security-releases/
	NOTE: https://github.com/django/django/commit/0bbb560183fabf0533289700845dafa94951f227 (1.11 branch)
CVE-2019-6974 (In the Linux kernel before 4.20.8, kvm_ioctl_create_device in virt/kvm ...)
	{DLA-1771-1 DLA-1731-1}
	- linux 4.19.20-1
	[stretch] - linux 4.9.161-1
	NOTE: https://git.kernel.org/linus/cfa39381173d5f969daf43582c95ad679189cbc9
CVE-2019-6973 (Sricam IP CCTV cameras are vulnerable to denial of service via multipl ...)
	NOT-FOR-US: Sricam IP CCTV cameras
CVE-2019-6972 (An issue was discovered on TP-Link TL-WR1043ND V2 devices. The credent ...)
	NOT-FOR-US: TP-Link
CVE-2019-6971 (An issue was discovered on TP-Link TL-WR1043ND V2 devices. An attacker ...)
	NOT-FOR-US: TP-Link
CVE-2019-6970 (Moodle 3.5.x before 3.5.4 allows SSRF. ...)
	- moodle <removed>
CVE-2019-6969 (The web interface of the D-Link DVA-5592 20180823 is vulnerable to an  ...)
	NOT-FOR-US: D-Link
CVE-2019-6968 (The web interface of the D-Link DVA-5592 20180823 is vulnerable to XSS ...)
	NOT-FOR-US: D-Link
CVE-2019-6967 (AirTies Air5341 1.0.0.12 devices allow cgi-bin/login CSRF. ...)
	NOT-FOR-US: AirTies devices
CVE-2019-6966 (An issue was discovered in Bento4 1.5.1-628. The AP4_ElstAtom class in ...)
	NOT-FOR-US: Bento4
CVE-2019-6965 (An XSS issue was discovered in i-doit Open 1.12 via the src/tools/php/ ...)
	NOT-FOR-US: i-doit
CVE-2019-6964 (A heap-based buffer over-read in Service_SetParamStringValue in cosa_x ...)
	NOT-FOR-US: RDK (Reference Design Kit)
CVE-2019-6963 (A heap-based buffer overflow in cosa_dhcpv4_dml.c in the RDK RDKB-2018 ...)
	NOT-FOR-US: RDK (Reference Design Kit)
CVE-2019-6962 (A shell injection issue in cosa_wifi_apis.c in the RDK RDKB-20181217-1 ...)
	NOT-FOR-US: RDK (Reference Design Kit)
CVE-2019-6961 (Incorrect access control in actionHandlerUtility.php in the RDK RDKB-2 ...)
	NOT-FOR-US: RDK (Reference Design Kit)
CVE-2019-6960 (An issue was discovered in GitLab Community and Enterprise Edition 9.x ...)
	- gitlab 11.5.10+dfsg-1 (bug #921059)
	NOTE: https://about.gitlab.com/2019/01/31/security-release-gitlab-11-dot-7-dot-3-released/
CVE-2019-6959
	RESERVED
CVE-2019-6958 (A recently discovered security vulnerability affects all Bosch Video M ...)
	NOT-FOR-US: Bosch
CVE-2019-6957 (A recently discovered security vulnerability affects all Bosch Video M ...)
	NOT-FOR-US: Bosch
CVE-2019-6956 (An issue was discovered in Freeware Advanced Audio Decoder 2 (FAAD2) 2 ...)
	{DLA-1899-1}
	- faad2 2.8.8-3.1 (bug #914641)
	[buster] - faad2 <no-dsa> (Minor issue)
	[stretch] - faad2 <no-dsa> (Minor issue)
	NOTE: https://sourceforge.net/p/faac/bugs/240/
	NOTE: https://github.com/knik0/faad2/issues/39
	NOTE: https://github.com/knik0/faad2/commit/6823e6610c9af1b0080cb22b9da03efb208d7d57
CVE-2019-6955
	RESERVED
CVE-2019-6954
	RESERVED
CVE-2019-6953
	RESERVED
CVE-2019-6952
	RESERVED
CVE-2019-6951
	RESERVED
CVE-2019-6950
	RESERVED
CVE-2019-6949
	RESERVED
CVE-2019-6948
	RESERVED
CVE-2019-6947
	RESERVED
CVE-2019-6946
	RESERVED
CVE-2019-6945
	RESERVED
CVE-2019-6944
	RESERVED
CVE-2019-6943
	RESERVED
CVE-2019-6942
	RESERVED
CVE-2019-6941
	RESERVED
CVE-2019-6940
	RESERVED
CVE-2019-6939
	RESERVED
CVE-2019-6938
	RESERVED
CVE-2019-6937
	RESERVED
CVE-2019-6936
	RESERVED
CVE-2019-6935
	RESERVED
CVE-2019-6934
	RESERVED
CVE-2019-6933
	RESERVED
CVE-2019-6932
	RESERVED
CVE-2019-6931
	RESERVED
CVE-2019-6930
	RESERVED
CVE-2019-6929
	RESERVED
CVE-2019-6928
	RESERVED
CVE-2019-6927
	RESERVED
CVE-2019-6926
	RESERVED
CVE-2019-6925
	RESERVED
CVE-2019-6924
	RESERVED
CVE-2019-6923
	RESERVED
CVE-2019-6922
	RESERVED
CVE-2019-6921
	RESERVED
CVE-2019-6920
	RESERVED
CVE-2019-6919
	RESERVED
CVE-2019-6918
	RESERVED
CVE-2019-6917
	RESERVED
CVE-2019-6916
	RESERVED
CVE-2019-6915
	RESERVED
CVE-2019-6914
	RESERVED
CVE-2019-6913
	RESERVED
CVE-2019-6912
	RESERVED
CVE-2019-6911
	RESERVED
CVE-2019-6910
	RESERVED
CVE-2019-6909
	RESERVED
CVE-2019-6908
	RESERVED
CVE-2019-6907
	RESERVED
CVE-2019-6906
	RESERVED
CVE-2019-6905
	RESERVED
CVE-2019-6904
	RESERVED
CVE-2019-6903
	RESERVED
CVE-2019-6902
	RESERVED
CVE-2019-6901
	RESERVED
CVE-2019-6900
	RESERVED
CVE-2019-6899
	RESERVED
CVE-2019-6898
	RESERVED
CVE-2019-6897
	RESERVED
CVE-2019-6896
	RESERVED
CVE-2019-6895
	RESERVED
CVE-2019-6894
	RESERVED
CVE-2019-6893
	RESERVED
CVE-2019-6892
	RESERVED
CVE-2019-6891
	RESERVED
CVE-2019-6890
	RESERVED
CVE-2019-6889
	RESERVED
CVE-2019-6888
	RESERVED
CVE-2019-6887
	RESERVED
CVE-2019-6886
	RESERVED
CVE-2019-6885
	RESERVED
CVE-2019-6884
	RESERVED
CVE-2019-6883
	RESERVED
CVE-2019-6882
	RESERVED
CVE-2019-6881
	RESERVED
CVE-2019-6880
	RESERVED
CVE-2019-6879
	RESERVED
CVE-2019-6878
	RESERVED
CVE-2019-6877
	RESERVED
CVE-2019-6876
	RESERVED
CVE-2019-6875
	RESERVED
CVE-2019-6874
	RESERVED
CVE-2019-6873
	RESERVED
CVE-2019-6872
	RESERVED
CVE-2019-6871
	RESERVED
CVE-2019-6870
	RESERVED
CVE-2019-6869
	RESERVED
CVE-2019-6868
	RESERVED
CVE-2019-6867
	RESERVED
CVE-2019-6866
	RESERVED
CVE-2019-6865
	RESERVED
CVE-2019-6864
	RESERVED
CVE-2019-6863
	RESERVED
CVE-2019-6862
	RESERVED
CVE-2019-6861
	RESERVED
CVE-2019-6860
	RESERVED
CVE-2019-6859
	RESERVED
CVE-2019-6858 (A CWE-427:Uncontrolled Search Path Element vulnerability exists in MSX ...)
	NOT-FOR-US: MSX Configurator
CVE-2019-6857 (A CWE-754: Improper Check for Unusual or Exceptional Conditions vulner ...)
	NOT-FOR-US: Modicon
CVE-2019-6856 (A CWE-754: Improper Check for Unusual or Exceptional Conditions vulner ...)
	NOT-FOR-US: Modicon
CVE-2019-6855 (An Improper Authorization - CWE-285 vulnerability exists in EcoStruxur ...)
	NOT-FOR-US: EcoStruxure Control Expert
CVE-2019-6854 (A CWE-264 Permissions, Privileges, and Access Controls vulnerability e ...)
	NOT-FOR-US: EcoStruxure Geo SCADA Expert
CVE-2019-6853 (A CWE-79: Failure to Preserve Web Page Structure vulnerability exists  ...)
	NOT-FOR-US: Andover Continuum
CVE-2019-6852 (A CWE-200: Information Exposure vulnerability exists in Modicon Contro ...)
	NOT-FOR-US: Schneider Electric
CVE-2019-6851 (A CWE-538: File and Directory Information Exposure vulnerability exist ...)
	NOT-FOR-US: Modicon
CVE-2019-6850 (A CWE-200: Information Exposure vulnerability exists in Modicon M580,  ...)
	NOT-FOR-US: Modicon
CVE-2019-6849 (A CWE-200: Information Exposure vulnerability exists in Modicon M580,  ...)
	NOT-FOR-US: Modicon
CVE-2019-6848 (A CWE-248: Uncaught Exception vulnerability exists in Modicon M580, Mo ...)
	NOT-FOR-US: Modicon
CVE-2019-6847 (A CWE-248: Uncaught Exception vulnerability exists in Modicon M580, Mo ...)
	NOT-FOR-US: Modicon
CVE-2019-6846 (A CWE-319: Cleartext Transmission of Sensitive Information vulnerabili ...)
	NOT-FOR-US: Modicon
CVE-2019-6845 (A CWE-319: Cleartext Transmission of Sensitive Information vulnerabili ...)
	NOT-FOR-US: Modicon
CVE-2019-6844 (A CWE-248: Uncaught Exception vulnerability exists in Modicon M580, Mo ...)
	NOT-FOR-US: Modicon
CVE-2019-6843 (A CWE-248: Uncaught Exception vulnerability exists in Modicon M580, Mo ...)
	NOT-FOR-US: Modicon
CVE-2019-6842 (A CWE-248: Uncaught Exception vulnerability exists in Modicon M580, Mo ...)
	NOT-FOR-US: Modicon
CVE-2019-6841 (A CWE-248: Uncaught Exception vulnerability exists in Modicon M580, Mo ...)
	NOT-FOR-US: Modicon
CVE-2019-6840 (A Format String: CWE-134 vulnerability exists in U.motion Server (MEG6 ...)
	NOT-FOR-US: Schneider
CVE-2019-6839 (An Improper Access Control: CWE-284 vulnerability exists in U.motion S ...)
	NOT-FOR-US: Schneider
CVE-2019-6838 (An Improper Access Control: CWE-284 vulnerability exists in U.motion S ...)
	NOT-FOR-US: Schneider
CVE-2019-6837 (A Server-Side Request Forgery (SSRF): CWE-918 vulnerability exists in  ...)
	NOT-FOR-US: Schneider
CVE-2019-6836 (An Improper Access Control: CWE-284 vulnerability exists in U.motion S ...)
	NOT-FOR-US: Schneider
CVE-2019-6835 (A Cross-Site Scripting (XSS) CWE-79 vulnerability exists in U.motion S ...)
	NOT-FOR-US: Schneider
CVE-2019-6834
	RESERVED
CVE-2019-6833 (A CWE-754 &#8211; Improper Check for Unusual or Exceptional Conditions ...)
	NOT-FOR-US: Schneider
CVE-2019-6832 (A CWE-287: Authentication vulnerability exists in spaceLYnk (all versi ...)
	NOT-FOR-US: Schneider
CVE-2019-6831 (A CWE-754: Improper Check for Unusual or Exceptional Conditions vulner ...)
	NOT-FOR-US: Schneider
CVE-2019-6830 (A CWE-248: Uncaught Exception vulnerability exists IN Modicon M580 all ...)
	NOT-FOR-US: Schneider
CVE-2019-6829 (A CWE-248: Uncaught Exception vulnerability exists in Modicon M580 (fi ...)
	NOT-FOR-US: Schneider
CVE-2019-6828 (A CWE-248: Uncaught Exception vulnerability exists Modicon M580 (firmw ...)
	NOT-FOR-US: Schneider
CVE-2019-6827 (A CWE-787: Out-of-bounds Write vulnerability exists in Interactive Gra ...)
	NOT-FOR-US: Interactive Graphical SCADA System (IGSS)
CVE-2019-6826 (A CWE-426: Untrusted Search Path vulnerability exists in SoMachine HVA ...)
	NOT-FOR-US: Schneider
CVE-2019-6825 (A CWE-427: Uncontrolled Search Path Element vulnerability exists in Pr ...)
	NOT-FOR-US: ProClima
CVE-2019-6824 (A CWE-119: Buffer Errors vulnerability exists in ProClima (all version ...)
	NOT-FOR-US: ProClima
CVE-2019-6823 (A CWE-94: Code Injection vulnerability exists in ProClima (all version ...)
	NOT-FOR-US: ProClima
CVE-2019-6822 (A Use After Free: CWE-416 vulnerability exists in Zelio Soft 2, V5.2 a ...)
	NOT-FOR-US: Zelio Soft 2
CVE-2019-6821 (CWE-330: Use of Insufficiently Random Values vulnerability, which coul ...)
	NOT-FOR-US: Schneider Electric
CVE-2019-6820 (A CWE-306: Missing Authentication for Critical Function vulnerability  ...)
	NOT-FOR-US: Schneider Electric
CVE-2019-6819 (A CWE-754: Improper Check for Unusual or Exceptional Conditions vulner ...)
	NOT-FOR-US: Schneider Electric
CVE-2019-6818
	RESERVED
CVE-2019-6817
	RESERVED
CVE-2019-6816 (In Modicon Quantum all firmware versions, a CWE-94: Code Injection vul ...)
	NOT-FOR-US: Schneider Electric
CVE-2019-6815 (In Modicon Quantum all firmware versions, CWE-264: Permissions, Privil ...)
	NOT-FOR-US: Schneider Electric
CVE-2019-6814 (An Improper Access Control: CWE-284 vulnerability exists in the NET55X ...)
	NOT-FOR-US: Schneider Electric
CVE-2019-6813 (A CWE-754: Improper Check for Unusual or Exceptional Conditions vulner ...)
	NOT-FOR-US: Schneider
CVE-2019-6812 (A CWE-798 use of hardcoded credentials vulnerability exists in BMX-NOR ...)
	NOT-FOR-US: Schneider Electric
CVE-2019-6811 (An Improper Check for Unusual or Exceptional Conditions (CWE-754) vuln ...)
	NOT-FOR-US: Schneider
CVE-2019-6810 (CWE-284: Improper Access Control vulnerability exists in BMXNOR0200H E ...)
	NOT-FOR-US: Schneider
CVE-2019-6809 (A CWE-248: Uncaught Exception vulnerability exists in Modicon M580 (fi ...)
	NOT-FOR-US: Schneider
CVE-2019-6808 (A CWE-284: Improper Access Control vulnerability exists in all version ...)
	NOT-FOR-US: Schneider Electric
CVE-2019-6807 (A CWE-248: Uncaught Exception vulnerability exists in all versions of  ...)
	NOT-FOR-US: Schneider Electric
CVE-2019-6806 (A CWE-200: Information Exposure vulnerability exists in all versions o ...)
	NOT-FOR-US: Schneider Electric
CVE-2019-6805 (SQL Injection was found in S-CMS version V3.0 via the alipay/alipayapi ...)
	NOT-FOR-US: S-CMS
CVE-2019-6804 (An XSS issue was discovered on the Job Edit page in Rundeck Community  ...)
	NOT-FOR-US: Rundeck Community Edition
CVE-2019-6803 (typora through 0.9.9.20.3 beta has XSS, with resultant remote command  ...)
	NOT-FOR-US: Typora
CVE-2019-6802 (CRLF Injection in pypiserver 1.2.5 and below allows attackers to set a ...)
	NOT-FOR-US: pypiserver
CVE-2019-6801
	RESERVED
CVE-2019-6800 (In TitanHQ SpamTitan through 7.03, a vulnerability exists in the spam  ...)
	NOT-FOR-US: TitanHQ SpamTitan
CVE-2019-6799 (An issue was discovered in phpMyAdmin before 4.8.5. When the AllowArbi ...)
	{DLA-1692-1}
	- phpmyadmin 4:4.9.1+dfsg1-2 (bug #920823)
	[stretch] - phpmyadmin <no-dsa> (Minor issue; can be fixed via point release)
	NOTE: https://www.phpmyadmin.net/security/PMASA-2019-1/
	NOTE: https://github.com/phpmyadmin/phpmyadmin/commit/aeac90623e525057a7672ab3d98154b5c57c15ec
	NOTE: https://github.com/phpmyadmin/phpmyadmin/commit/c5e01f84ad48c5c626001cb92d7a95500920a900
CVE-2019-6798 (An issue was discovered in phpMyAdmin before 4.8.5. A vulnerability wa ...)
	- phpmyadmin 4:4.9.1+dfsg1-2 (bug #920822)
	[stretch] - phpmyadmin <no-dsa> (Minor issue; can be fixed via point release)
	[jessie] - phpmyadmin <not-affected> (Vulnerable code introduced later >= 4.5.0)
	NOTE: https://www.phpmyadmin.net/security/PMASA-2019-2/
	NOTE: https://github.com/phpmyadmin/phpmyadmin/commit/469934cf7d3bd19a839eb78670590f7511399435
CVE-2019-6797 (An information disclosure issue was discovered in GitLab Enterprise Ed ...)
	- gitlab <not-affected> (Only affects EE)
	NOTE: https://about.gitlab.com/2019/01/31/security-release-gitlab-11-dot-7-dot-3-released/
CVE-2019-6796 (An issue was discovered in GitLab Community and Enterprise Edition bef ...)
	- gitlab 11.5.10+dfsg-1 (bug #921059)
	NOTE: https://about.gitlab.com/2019/01/31/security-release-gitlab-11-dot-7-dot-3-released/
CVE-2019-6795 (An issue was discovered in GitLab Community and Enterprise Edition bef ...)
	- gitlab 11.5.10+dfsg-1 (bug #921059)
	NOTE: https://about.gitlab.com/2019/01/31/security-release-gitlab-11-dot-7-dot-3-released/
CVE-2019-6794 (An issue was discovered in GitLab Community and Enterprise Edition bef ...)
	- gitlab 11.5.10+dfsg-1 (bug #921059)
	NOTE: https://about.gitlab.com/2019/01/31/security-release-gitlab-11-dot-7-dot-3-released/
CVE-2019-6793 (An issue was discovered in GitLab Enterprise Edition before 11.5.8, 11 ...)
	- gitlab <not-affected> (Only affects EE)
	NOTE: https://about.gitlab.com/2019/01/31/security-release-gitlab-11-dot-7-dot-3-released/
CVE-2019-6792 (An issue was discovered in GitLab Community and Enterprise Edition bef ...)
	- gitlab 11.5.10+dfsg-1 (bug #921059)
	NOTE: https://about.gitlab.com/2019/01/31/security-release-gitlab-11-dot-7-dot-3-released/
CVE-2019-6791 (An issue was discovered in GitLab Community and Enterprise Edition bef ...)
	- gitlab 11.5.10+dfsg-1 (bug #921059)
	NOTE: https://about.gitlab.com/2019/01/31/security-release-gitlab-11-dot-7-dot-3-released/
CVE-2019-6790 (An Incorrect Access Control (issue 2 of 3) issue was discovered in Git ...)
	- gitlab 11.5.10+dfsg-1 (bug #921059)
	NOTE: https://about.gitlab.com/2019/01/31/security-release-gitlab-11-dot-7-dot-3-released/
CVE-2019-6789 (An issue was discovered in GitLab Community and Enterprise Edition bef ...)
	- gitlab 11.5.10+dfsg-1 (bug #921059)
	NOTE: https://about.gitlab.com/2019/01/31/security-release-gitlab-11-dot-7-dot-3-released/
CVE-2019-6788 (An issue was discovered in GitLab Community and Enterprise Edition bef ...)
	- gitlab 11.5.10+dfsg-1 (bug #921059)
	NOTE: https://about.gitlab.com/2019/01/31/security-release-gitlab-11-dot-7-dot-3-released/
CVE-2019-6787 (An Incorrect Access Control issue was discovered in GitLab Community a ...)
	- gitlab 11.5.10+dfsg-1 (bug #921059)
	NOTE: https://about.gitlab.com/2019/01/31/security-release-gitlab-11-dot-7-dot-3-released/
CVE-2019-6786 (An issue was discovered in GitLab Community and Enterprise Edition bef ...)
	- gitlab 11.5.10+dfsg-1 (bug #921059)
	NOTE: https://about.gitlab.com/2019/01/31/security-release-gitlab-11-dot-7-dot-3-released/
CVE-2019-6785 (An issue was discovered in GitLab Community and Enterprise Edition bef ...)
	- gitlab 11.5.10+dfsg-1 (bug #921059)
	NOTE: https://about.gitlab.com/2019/01/31/security-release-gitlab-11-dot-7-dot-3-released/
CVE-2019-6784 (An issue was discovered in GitLab Community and Enterprise Edition bef ...)
	- gitlab 11.5.10+dfsg-1 (bug #921059)
	NOTE: https://about.gitlab.com/2019/01/31/security-release-gitlab-11-dot-7-dot-3-released/
CVE-2019-6783 (An issue was discovered in GitLab Community and Enterprise Edition bef ...)
	- gitlab 11.5.10+dfsg-1 (bug #921059)
	NOTE: https://about.gitlab.com/2019/01/31/security-release-gitlab-11-dot-7-dot-3-released/
CVE-2019-6782 (An issue was discovered in GitLab Community and Enterprise Edition bef ...)
	- gitlab 11.5.10+dfsg-1 (bug #921059)
	NOTE: https://about.gitlab.com/2019/01/31/security-release-gitlab-11-dot-7-dot-3-released/
CVE-2019-6781 (An Improper Input Validation issue was discovered in GitLab Community  ...)
	- gitlab 11.5.10+dfsg-1 (bug #921059)
	NOTE: https://about.gitlab.com/2019/01/31/security-release-gitlab-11-dot-7-dot-3-released/
CVE-2019-6780 (The Wise Chat plugin before 2.7 for WordPress mishandles external link ...)
	NOT-FOR-US: WordPress plugin wise-chat
CVE-2019-6779 (Cscms 4.1.8 allows admin.php/links/save CSRF to add, modify, or delete ...)
	NOT-FOR-US: Cscms
CVE-2019-6778 (In QEMU 3.0.0, tcp_emu in slirp/tcp_subr.c has a heap-based buffer ove ...)
	{DSA-4454-1 DLA-1694-1}
	- qemu 1:3.1+dfsg-3 (bug #921525)
	- qemu-kvm <removed>
	- slirp4netns 0.2.1-1
	NOTE: https://lists.gnu.org/archive/html/qemu-devel/2019-01/msg03132.html
	NOTE: https://git.qemu.org/?p=qemu.git;a=commit;h=a7104eda7dab99d0cdbd3595c211864cba415905
CVE-2019-6777 (An issue was discovered in ZoneMinder v1.32.3. Reflected XSS exists in ...)
	- zoneminder 1.32.3-2 (bug #920375)
	NOTE: https://github.com/ZoneMinder/zoneminder/issues/2436
	NOTE: https://github.com/mnoorenberghe/ZoneMinder/commit/59cc65411f02c7e39a270fda3ecb4966d7b48d41
CVE-2019-6776 (This vulnerability allows remote attackers to execute arbitrary code o ...)
	NOT-FOR-US: Foxit PhantomPDF
CVE-2019-6775 (This vulnerability allows remote attackers to execute arbitrary code o ...)
	NOT-FOR-US: Foxit Reader
CVE-2019-6774 (This vulnerability allows remote attackers to execute arbitrary code o ...)
	NOT-FOR-US: Foxit Reader
CVE-2019-6773 (This vulnerability allows remote attackers to disclose sensitive infor ...)
	NOT-FOR-US: Foxit Reader
CVE-2019-6772 (This vulnerability allows remote attackers to disclose sensitive infor ...)
	NOT-FOR-US: Foxit Reader
CVE-2019-6771 (This vulnerability allows remote attackers to disclose sensitive infor ...)
	NOT-FOR-US: Foxit Reader
CVE-2019-6770 (This vulnerability allows remote attackers to disclose sensitive infor ...)
	NOT-FOR-US: Foxit Reader
CVE-2019-6769 (This vulnerability allows remote attackers to execute arbitrary code o ...)
	NOT-FOR-US: Foxit Reader
CVE-2019-6768 (This vulnerability allows remote attackers to execute arbitrary code o ...)
	NOT-FOR-US: Foxit Reader
CVE-2019-6767 (This vulnerability allows remote attackers to execute arbitrary code o ...)
	NOT-FOR-US: Foxit Reader
CVE-2019-6766 (This vulnerability allows remote attackers to disclose sensitive infor ...)
	NOT-FOR-US: Foxit Reader
CVE-2019-6765 (This vulnerability allows remote attackers to execute arbitrary code o ...)
	NOT-FOR-US: Foxit PhantomPDF
CVE-2019-6764 (This vulnerability allows remote attackers to execute arbitrary code o ...)
	NOT-FOR-US: Foxit Reader
CVE-2019-6763 (This vulnerability allows remote attackers to execute arbitrary code o ...)
	NOT-FOR-US: Foxit Reader
CVE-2019-6762 (This vulnerability allows remote attackers to execute arbitrary code o ...)
	NOT-FOR-US: Foxit PhantomPDF
CVE-2019-6761 (This vulnerability allows remote attackers to execute arbitrary code o ...)
	NOT-FOR-US: Foxit Reader
CVE-2019-6760 (This vulnerability allows remote attackers to execute arbitrary code o ...)
	NOT-FOR-US: Foxit Reader
CVE-2019-6759 (This vulnerability allows remote attackers to execute arbitrary code o ...)
	NOT-FOR-US: Foxit Reader
CVE-2019-6758 (This vulnerability allows remote attackers to disclose sensitive infor ...)
	NOT-FOR-US: Foxit Reader
CVE-2019-6757 (This vulnerability allows remote attackers to execute arbitrary code o ...)
	NOT-FOR-US: Foxit Reader
CVE-2019-6756 (This vulnerability allows remote attackers to disclose sensitive infor ...)
	NOT-FOR-US: Foxit PhantomPDF
CVE-2019-6755 (This vulnerability allows remote attackers to execute arbitrary code o ...)
	NOT-FOR-US: Foxit Reader
CVE-2019-6754 (This vulnerability allows remote attackers to execute arbitrary code o ...)
	NOT-FOR-US: Foxit Reader
CVE-2019-6753 (This vulnerability allows remote attackers to disclose sensitive infor ...)
	NOT-FOR-US: Foxit Reader
CVE-2019-6752 (This vulnerability allows remote attackers to disclose sensitive infor ...)
	NOT-FOR-US: Foxit PhantomPDF
CVE-2019-6751 (This vulnerability allows remote attackers to execute arbitrary code o ...)
	NOT-FOR-US: Foxit Studio Photo
CVE-2019-6750 (This vulnerability allows remote attackers to execute arbitrary code o ...)
	NOT-FOR-US: Foxit Studio Photo
CVE-2019-6749 (This vulnerability allows remote attackers to execute arbitrary code o ...)
	NOT-FOR-US: Foxit Studio Photo
CVE-2019-6748 (This vulnerability allows remote attackers to execute arbitrary code o ...)
	NOT-FOR-US: Foxit Studio Photo
CVE-2019-6747 (This vulnerability allows remote attackers to execute arbitrary code o ...)
	NOT-FOR-US: Foxit Studio Photo
CVE-2019-6746 (This vulnerability allows remote attackers to disclose sensitive infor ...)
	NOT-FOR-US: Foxit Studio Photo
CVE-2019-6745
	REJECTED
CVE-2019-6744 (This vulnerability allows local attackers to disclose sensitive inform ...)
	NOT-FOR-US: Samsung
CVE-2019-6743 (This vulnerability allows remote attackers to execute arbitrary code o ...)
	NOT-FOR-US: Xiaomi Mi6 Browser
CVE-2019-6742 (This vulnerability allows remote attackers to execute arbitrary code o ...)
	NOT-FOR-US: GameServiceReceiver update mechanism as used in Samsung Galaxy S9
CVE-2019-6741 (This vulnerability allows remote attackers to execute arbitrary code o ...)
	NOT-FOR-US: Samsung
CVE-2019-6740 (This vulnerability allows remote attackers to execute arbitrary code o ...)
	NOT-FOR-US: Samsung
CVE-2019-6739 (This vulnerability allows remote attackers to execute arbitrary code o ...)
	NOT-FOR-US: Malwarebytes Antimalware
CVE-2019-6738 (This vulnerability allows remote attackers to execute arbitrary code o ...)
	NOT-FOR-US: Bitdefender SafePay
CVE-2019-6737 (This vulnerability allows remote attackers to execute arbitrary code o ...)
	NOT-FOR-US: Bitdefender SafePay
CVE-2019-6736 (This vulnerability allows remote attackers to execute arbitrary code o ...)
	NOT-FOR-US: Bitdefender SafePay
CVE-2019-6735 (This vulnerability allows remote attackers to disclose sensitive infor ...)
	NOT-FOR-US: Foxit Reader
CVE-2019-6734 (This vulnerability allows remote attackers to disclose sensitive infor ...)
	NOT-FOR-US: Foxit PhantomPDF
CVE-2019-6733 (This vulnerability allows remote attackers to disclose sensitive infor ...)
	NOT-FOR-US: Foxit PhantomPDF
CVE-2019-6732 (This vulnerability allows remote attackers to disclose sensitive infor ...)
	NOT-FOR-US: Foxit PhantomPDF
CVE-2019-6731 (This vulnerability allows remote attackers to execute arbitrary code o ...)
	NOT-FOR-US: Foxit PhantomPDF
CVE-2019-6730 (This vulnerability allows remote attackers to execute arbitrary code o ...)
	NOT-FOR-US: Foxit Reader
CVE-2019-6729 (This vulnerability allows remote attackers to execute arbitrary code o ...)
	NOT-FOR-US: Foxit Reader
CVE-2019-6728 (This vulnerability allows remote attackers to disclose sensitive infor ...)
	NOT-FOR-US: Foxit Reader
CVE-2019-6727 (This vulnerability allows remote attackers to execute arbitrary code o ...)
	NOT-FOR-US: Foxit Reader
CVE-2019-6726 (The WP Fastest Cache plugin through 0.8.9.0 for WordPress allows remot ...)
	NOT-FOR-US: WP Fastest Cache plugin for WordPress
CVE-2019-6725 (The rpWLANRedirect.asp ASP page is accessible without authentication o ...)
	NOT-FOR-US: ZyXEL
CVE-2019-6724 (The barracudavpn component of the Barracuda VPN Client prior to versio ...)
	NOT-FOR-US: Barracuda VPN Client
CVE-2019-6723
	RESERVED
CVE-2019-6722
	RESERVED
CVE-2019-6721
	RESERVED
CVE-2019-6720
	RESERVED
CVE-2019-6719 (An issue has been found in libIEC61850 v1.3.1. There is a use-after-fr ...)
	NOT-FOR-US: libIEC61850
CVE-2019-6718
	RESERVED
CVE-2019-6717
	RESERVED
CVE-2019-6716 (An unauthenticated Insecure Direct Object Reference (IDOR) in Wicket C ...)
	NOT-FOR-US: LogonBox Nervepoint Access Manager
CVE-2019-6715 (pub/sns.php in the W3 Total Cache plugin before 0.9.4 for WordPress al ...)
	NOT-FOR-US: W3 Total Cache plugin for WordPress
CVE-2019-6714 (An issue was discovered in BlogEngine.NET through 3.3.6.0. A path trav ...)
	NOT-FOR-US: BlogEngine.NET
CVE-2019-6713 (app\admin\controller\RouteController.php in ThinkCMF 5.0.190111 allows ...)
	NOT-FOR-US: ThinkCMF
CVE-2019-6712
	RESERVED
CVE-2019-6711
	RESERVED
CVE-2019-6710 (Zyxel NBG-418N v2 v1.00(AAXM.4)C0 devices allow login.cgi CSRF. ...)
	NOT-FOR-US: Zyxel
CVE-2019-6709
	RESERVED
CVE-2019-6708 (PHPSHE 1.7 has SQL injection via the admin.php?mod=order state paramet ...)
	NOT-FOR-US: PHPSHE
CVE-2019-6707 (PHPSHE 1.7 has SQL injection via the admin.php?mod=product&amp;act=sta ...)
	NOT-FOR-US: PHPSHE
CVE-2019-6706 (Lua 5.3.5 has a use-after-free in lua_upvaluejoin in lapi.c. For examp ...)
	- lua5.3 <unfixed> (bug #920321)
	[buster] - lua5.3 <postponed> (Minor issue, revisit when fixed upstream)
	[stretch] - lua5.3 <postponed> (Minor issue, revisit when fixed upstream)
	- lua5.2 <not-affected> (Vulnerable code introduced later)
	- lua5.1 <not-affected> (Vulnerable code introduced later)
	- lua50 <not-affected> (Vulnerable code introduced later)
	NOTE: http://lua.2524044.n2.nabble.com/Bug-Report-Use-after-free-in-debug-upvaluejoin-tc7685506.html
	NOTE: lua50 and lua5.1 don't have the affected code.
	NOTE: lua5.2 is not vulnerable as it doesn't free the value before using it.
CVE-2019-6705
	RESERVED
CVE-2019-6704
	RESERVED
CVE-2019-6703 (Incorrect access control in migla_ajax_functions.php in the Calmar Web ...)
	NOT-FOR-US: Calmar Webmedia Total Donations plugin for WordPress
CVE-2019-6702 (The MasterCard Qkr! app before 5.0.8 for iOS has Missing SSL Certifica ...)
	NOT-FOR-US: MasterCard Qkr! app
CVE-2019-6701
	RESERVED
CVE-2019-6700 (An information exposure vulnerability in the external authentication p ...)
	NOT-FOR-US: FortiSIEM (Fortiguard)
CVE-2019-6699 (An improper neutralization of input vulnerability in Fortinet FortiADC ...)
	NOT-FOR-US: Fortiguard
CVE-2019-6698 (Use of Hard-coded Credentials vulnerability in FortiRecorder all versi ...)
	NOT-FOR-US: Fortinet
CVE-2019-6697
	RESERVED
CVE-2019-6696 (An improper input validation vulnerability in FortiOS 6.2.1, 6.2.0, 6. ...)
	NOT-FOR-US: Fortiguard
CVE-2019-6695 (Lack of root file system integrity checking in Fortinet FortiManager V ...)
	NOT-FOR-US: Fortinet
CVE-2019-6694
	RESERVED
CVE-2019-6693 (Use of a hard-coded cryptographic key to cipher sensitive data in Fort ...)
	NOT-FOR-US: Fortinet
CVE-2019-6692 (A malicious DLL preload vulnerability in Fortinet FortiClient for Wind ...)
	NOT-FOR-US: Fortinet
CVE-2019-6691 (phpwind 9.0.2.170426 UTF8 allows SQL Injection via the admin.php?m=bac ...)
	NOT-FOR-US: phpwind
CVE-2019-6690 (python-gnupg 0.4.3 allows context-dependent attackers to trick gnupg t ...)
	{DLA-1675-1}
	- python-gnupg 0.4.4-1
	[stretch] - python-gnupg <no-dsa> (Minor issue)
	NOTE: https://github.com/stigtsp/CVE-2019-6690-python-gnupg-vulnerability
	NOTE: https://github.com/vsajip/python-gnupg/commit/39eca266dd837e2ad89c94eb17b7a6f50b25e7cf#diff-88b99bb28683bd5b7e3a204826ead112
	NOTE: https://github.com/vsajip/python-gnupg/commit/3003b654ca1c29b0510a54b9848571b3ad57df19#diff-88b99bb28683bd5b7e3a204826ead112
CVE-2019-6689 (An issue was discovered in Dillon Kane Tidal Workload Automation Agent ...)
	NOT-FOR-US: Dillon Kane Tidal Workload Automation Agent
CVE-2019-6688 (On BIG-IP versions 15.0.0-15.0.1.1, 14.1.0-14.1.2.2, 14.0.0-14.0.1, 13 ...)
	NOT-FOR-US: F5 BIG-IP
CVE-2019-6687 (On versions 15.0.0-15.0.1.1, the BIG-IP ASM Cloud Security Services pr ...)
	NOT-FOR-US: F5 BIG-IP
CVE-2019-6686 (On BIG-IP versions 15.0.0-15.0.1.1, 14.1.0-14.1.2, 14.0.0-14.0.1, 13.1 ...)
	NOT-FOR-US: F5 BIG-IP
CVE-2019-6685 (On BIG-IP versions 15.0.0-15.0.1.1, 14.1.0-14.1.2.2, 14.0.0-14.0.1, 13 ...)
	NOT-FOR-US: F5 BIG-IP
CVE-2019-6684 (On versions 15.0.0-15.0.1.1, 14.0.0-14.1.2.2, 13.1.0-13.1.3.1, 12.1.0- ...)
	NOT-FOR-US: F5 BIG-IP
CVE-2019-6683 (On versions 15.0.0-15.0.1.1, 14.1.0-14.1.2.2, 14.0.0-14.0.1, 13.1.0-13 ...)
	NOT-FOR-US: F5 BIG-IP
CVE-2019-6682 (On versions 15.0.0-15.0.1.1, 14.0.0-14.1.2.2, 13.1.0-13.1.3.1, 12.1.0- ...)
	NOT-FOR-US: F5 BIG-IP
CVE-2019-6681 (On BIG-IP versions 15.0.0-15.0.1.1, 14.1.0-14.1.2, 14.0.0-14.0.1, 13.1 ...)
	NOT-FOR-US: F5 BIG-IP
CVE-2019-6680 (On BIG-IP versions 15.0.0-15.0.1, 14.1.0-14.1.2, 14.0.0-14.0.1, 13.1.0 ...)
	NOT-FOR-US: F5 BIG-IP
CVE-2019-6679 (On BIG-IP versions 15.0.0-15.0.1, 14.1.0.2-14.1.2.2, 14.0.0.5-14.0.1,  ...)
	NOT-FOR-US: F5 BIG-IP
CVE-2019-6678 (On BIG-IP versions 15.0.0-15.0.1, 14.1.0-14.1.2.2, 14.0.0-14.0.1, and  ...)
	NOT-FOR-US: F5 BIG-IP
CVE-2019-6677 (On BIG-IP versions 15.0.0-15.0.1, 14.1.0-14.1.2, 14.0.0-14.0.1, 13.1.0 ...)
	NOT-FOR-US: F5 BIG-IP
CVE-2019-6676 (On versions 15.0.0-15.0.1, 14.0.0-14.1.2.2, and 13.1.0-13.1.3.1, TMM m ...)
	NOT-FOR-US: F5 BIG-IP
CVE-2019-6675 (BIG-IP configurations using Active Directory, LDAP, or Client Certific ...)
	NOT-FOR-US: F5 BIG-IP
CVE-2019-6674 (On F5 SSL Orchestrator 15.0.0-15.0.1 and 14.0.0-14.1.2, TMM may crash  ...)
	NOT-FOR-US: F5
CVE-2019-6673 (On versions 15.0.0-15.0.1 and 14.0.0-14.1.2, when the BIG-IP is config ...)
	NOT-FOR-US: F5 BIG-IP
CVE-2019-6672 (On BIG-IP AFM 15.0.0-15.0.1, 14.0.0-14.1.2, and 13.1.0-13.1.3.1, when  ...)
	NOT-FOR-US: F5 BIG-IP
CVE-2019-6671 (On BIG-IP 15.0.0-15.0.1, 14.1.0-14.1.2, 14.0.0-14.0.1, and 13.1.0-13.1 ...)
	NOT-FOR-US: F5 BIG-IP
CVE-2019-6670 (On BIG-IP 15.0.0-15.0.1, 14.1.0-14.1.2, 14.0.0-14.0.1, 13.1.0-13.1.3.1 ...)
	NOT-FOR-US: F5 BIG-IP
CVE-2019-6669 (On BIG-IP 15.0.0-15.0.1, 14.1.0-14.1.2, 14.0.0-14.0.1, 13.1.0-13.1.3.1 ...)
	NOT-FOR-US: F5 BIG-IP
CVE-2019-6668 (The BIG-IP APM Edge Client for macOS bundled with BIG-IP APM 15.0.0-15 ...)
	NOT-FOR-US: F5 BIG-IP
CVE-2019-6667 (On BIG-IP 15.0.0-15.0.1, 14.1.0-14.1.0.5, 14.0.0-14.0.0.4, 13.1.0-13.1 ...)
	NOT-FOR-US: F5 BIG-IP
CVE-2019-6666 (On BIG-IP 15.0.0-15.0.1, 14.1.0-14.1.0.5, 14.0.0-14.0.0.4, and 13.1.0- ...)
	NOT-FOR-US: F5 BIG-IP
CVE-2019-6665 (On BIG-IP ASM 15.0.0-15.0.1, 14.1.0-14.1.2, 14.0.0-14.0.1, and 13.1.0- ...)
	NOT-FOR-US: F5 BIG-IP
CVE-2019-6664 (On BIG-IP 15.0.0 and 14.1.0-14.1.0.6, under certain conditions, networ ...)
	NOT-FOR-US: F5 BIG-IP
CVE-2019-6663 (The BIG-IP 15.0.0-15.0.1, 14.0.0-14.1.2.2, 13.1.0-13.1.3.1, 12.1.0-12. ...)
	NOT-FOR-US: F5 BIG-IP
CVE-2019-6662 (On BIG-IP 13.1.0-13.1.1.4, sensitive information is logged into the lo ...)
	NOT-FOR-US: F5 BIG-IP
CVE-2019-6661 (When the BIG-IP APM 14.1.0-14.1.2, 14.0.0-14.0.1, 13.1.0-13.1.3.1, 12. ...)
	NOT-FOR-US: F5 BIG-IP
CVE-2019-6660 (On BIG-IP 14.1.0-14.1.2, 14.0.0-14.0.1, and 13.1.0-13.1.1, undisclosed ...)
	NOT-FOR-US: F5 BIG-IP
CVE-2019-6659 (On version 14.0.0-14.1.0.1, BIG-IP virtual servers with TLSv1.3 enable ...)
	NOT-FOR-US: F5 BIG-IP
CVE-2019-6658 (On BIG-IP AFM 15.0.0-15.0.1, 14.0.0-14.1.2, 13.1.0-13.1.3.1, and 12.1. ...)
	NOT-FOR-US: F5
CVE-2019-6657 (On BIG-IP 13.1.0-13.1.3.1, 12.1.0-12.1.5, and 11.5.2-11.6.5.1, a refle ...)
	NOT-FOR-US: F5
CVE-2019-6656 (BIG-IP APM Edge Client before version 7.1.8 (7180.2019.508.705) logs t ...)
	NOT-FOR-US: F5
CVE-2019-6655 (On versions 13.0.0-13.1.0.1, 12.1.0-12.1.4.1, 11.6.1-11.6.4, and 11.5. ...)
	NOT-FOR-US: F5
CVE-2019-6654 (On versions 14.0.0-14.1.2, 13.0.0-13.1.3, 12.1.0-12.1.5, and 11.5.1-11 ...)
	NOT-FOR-US: F5
CVE-2019-6653 (There is a Stored Cross Site Scripting vulnerability in the undisclose ...)
	NOT-FOR-US: F5
CVE-2019-6652 (In BIG-IQ 6.0.0-6.1.0, services for stats do not require authenticatio ...)
	NOT-FOR-US: F5
CVE-2019-6651 (In BIG-IP 15.0.0, 14.1.0-14.1.0.6, 14.0.0-14.0.0.5, 13.0.0-13.1.1.5, 1 ...)
	NOT-FOR-US: F5
CVE-2019-6650 (F5 BIG-IP ASM 15.0.0, 14.1.0-14.1.0.6, 14.0.0-14.0.0.5, 13.0.0-13.1.1. ...)
	NOT-FOR-US: F5
CVE-2019-6649 (F5 BIG-IP 15.0.0, 14.1.0-14.1.0.6, 14.0.0-14.0.0.5, 13.0.0-13.1.1.5, 1 ...)
	NOT-FOR-US: F5
CVE-2019-6648 (On version 1.9.0, If DEBUG logging is enable, F5 Container Ingress Ser ...)
	NOT-FOR-US: F5
CVE-2019-6647 (On BIG-IP 14.1.0-14.1.0.5, 14.0.0-14.0.0.4, 13.0.0-13.1.2, 12.1.0-12.1 ...)
	NOT-FOR-US: F5
CVE-2019-6646 (On BIG-IP 11.5.2-11.6.4 and Enterprise Manager 3.1.1, REST users with  ...)
	NOT-FOR-US: F5
CVE-2019-6645 (On BIG-IP 14.0.0-14.1.0.5, 13.0.0-13.1.2, 12.1.0-12.1.4.1, 11.5.2-11.6 ...)
	NOT-FOR-US: F5
CVE-2019-6644 (Similar to the issue identified in CVE-2018-12120, on versions 14.1.0- ...)
	NOT-FOR-US: F5
CVE-2019-6643 (On versions 14.1.0-14.1.0.5, 14.0.0-14.0.0.4, 13.0.0-13.1.2, 12.1.0-12 ...)
	NOT-FOR-US: F5
CVE-2019-6642 (In BIG-IP 15.0.0, 14.0.0-14.1.0.5, 13.0.0-13.1.1.5, 12.1.0-12.1.4.2, a ...)
	NOT-FOR-US: F5 BIG-IP
CVE-2019-6641 (On BIG-IP 12.1.0-12.1.4.1, undisclosed requests can cause iControl RES ...)
	NOT-FOR-US: F5 BIG-IP
CVE-2019-6640 (On BIG-IP 14.1.0-14.1.0.5, 14.0.0-14.0.0.4, 13.0.0-13.1.1.4, 12.1.0-12 ...)
	NOT-FOR-US: F5 BIG-IP
CVE-2019-6639 (On BIG-IP (AFM, PEM) 14.1.0-14.1.0.5, 14.0.0-14.0.0.4, 13.0.0-13.1.1.4 ...)
	NOT-FOR-US: F5 BIG-IP
CVE-2019-6638 (On BIG-IP 14.1.0-14.1.0.5 and 14.0.0-14.0.0.4, Malformed http requests ...)
	NOT-FOR-US: F5 BIG-IP
CVE-2019-6637 (On BIG-IP (ASM) 14.1.0-14.1.0.5, 14.0.0-14.0.0.4, 13.0.0-13.1.1.4, and ...)
	NOT-FOR-US: F5 BIG-IP
CVE-2019-6636 (On BIG-IP (AFM, ASM) 14.1.0-14.1.0.5, 14.0.0-14.0.0.4, 13.0.0-13.1.1.4 ...)
	NOT-FOR-US: F5 BIG-IP
CVE-2019-6635 (On BIG-IP 14.1.0-14.1.0.5, 14.0.0-14.0.0.4, 13.0.0-13.1.1.4, 12.1.0-12 ...)
	NOT-FOR-US: F5 BIG-IP
CVE-2019-6634 (On BIG-IP 14.1.0-14.1.0.5, 14.0.0-14.0.0.4, 13.0.0-13.1.1.4, and 12.1. ...)
	NOT-FOR-US: F5 BIG-IP
CVE-2019-6633 (On BIG-IP 14.1.0-14.1.0.5, 14.0.0-14.0.0.4, 13.0.0-13.1.1.4, 12.1.0-12 ...)
	NOT-FOR-US: F5 BIG-IP
CVE-2019-6632 (On BIG-IP 14.1.0-14.1.0.5, 14.0.0-14.0.0.4, 13.0.0-13.1.1.4, and 12.1. ...)
	NOT-FOR-US: F5 BIG-IP
CVE-2019-6631 (On BIG-IP 11.5.1-11.6.4, iRules performing HTTP header manipulation ma ...)
	NOT-FOR-US: F5 BIG-IP
CVE-2019-6630 (On F5 SSL Orchestrator 14.1.0-14.1.0.5 and 14.0.0-14.0.0.4, undisclose ...)
	NOT-FOR-US: F5 SSL Orchestrator
CVE-2019-6629 (On BIG-IP 14.1.0-14.1.0.5, undisclosed SSL traffic to a virtual server ...)
	NOT-FOR-US: F5 BIG-IP
CVE-2019-6628 (On BIG-IP PEM 14.1.0-14.1.0.5 and 14.0.0-14.0.0.4, under certain condi ...)
	NOT-FOR-US: F5 BIG-IP
CVE-2019-6627 (On F5 SSL Orchestrator 14.1.0-14.1.0.5, on rare occasions, specific to ...)
	NOT-FOR-US: F5 SSL Orchestrator
CVE-2019-6626 (On BIG-IP (AFM, Analytics, ASM) 14.1.0-14.1.0.5, 14.0.0-14.0.0.4, 13.0 ...)
	NOT-FOR-US: F5 BIG-IP
CVE-2019-6625 (On BIG-IP 14.1.0-14.1.0.5, 14.0.0-14.0.0.4, 13.0.0-13.1.1.4, 12.1.0-12 ...)
	NOT-FOR-US: F5 BIG-IP
CVE-2019-6624 (On BIG-IP 14.1.0-14.1.0.5, 14.0.0-14.0.0.4, 13.0.0-13.1.1.4, and 12.1. ...)
	NOT-FOR-US: F5 BIG-IP
CVE-2019-6623 (On BIG-IP 14.1.0-14.1.0.5, 14.0.0-14.0.0.4, 13.0.0-13.1.1.4, and 12.1. ...)
	NOT-FOR-US: F5 BIG-IP
CVE-2019-6622 (On BIG-IP 14.1.0-14.1.0.5, 14.0.0-14.0.0.5, 13.0.0-13.1.1.4, 12.1.0-12 ...)
	NOT-FOR-US: F5 BIG-IP
CVE-2019-6621 (On BIG-IP 14.1.0-14.1.0.5, 14.0.0-14.0.0.5, 13.0.0-13.1.1.4, 12.1.0-12 ...)
	NOT-FOR-US: F5 BIG-IP
CVE-2019-6620 (On BIG-IP 14.1.0-14.1.0.5, 14.0.0-14.0.0.5, 13.0.0-13.1.1.4, 12.1.0-12 ...)
	NOT-FOR-US: F5 BIG-IP
CVE-2019-6619 (On BIG-IP 14.0.0-14.1.0.1, 13.0.0-13.1.1.4, and 12.1.0-12.1.4, the Tra ...)
	NOT-FOR-US: F5 BIG-IP
CVE-2019-6618 (On BIG-IP 14.0.0-14.1.0.1, 13.0.0-13.1.1.4, 12.1.0-12.1.4, 11.6.1-11.6 ...)
	NOT-FOR-US: F5 BIG-IP
CVE-2019-6617 (On BIG-IP 14.0.0-14.1.0.1, 13.0.0-13.1.1.4, 12.1.0-12.1.4, 11.6.1-11.6 ...)
	NOT-FOR-US: F5 BIG-IP
CVE-2019-6616 (On BIG-IP 14.0.0-14.1.0.1, 13.0.0-13.1.1.4, 12.1.0-12.1.4, 11.6.1-11.6 ...)
	NOT-FOR-US: F5 BIG-IP
CVE-2019-6615 (On BIG-IP 14.0.0-14.1.0.1, 13.0.0-13.1.1.4, 12.1.0-12.1.4, 11.6.1-11.6 ...)
	NOT-FOR-US: F5 BIG-IP
CVE-2019-6614 (On BIG-IP 14.0.0-14.1.0.1, 13.0.0-13.1.1.4, and 12.1.0-12.1.4, interna ...)
	NOT-FOR-US: F5 BIG-IP
CVE-2019-6613 (On BIG-IP 13.0.0-13.1.1.4, 12.1.0-12.1.4, 11.6.1-11.6.3.4, and 11.5.2- ...)
	NOT-FOR-US: F5 BIG-IP
CVE-2019-6612 (On BIG-IP 14.0.0-14.1.0.1, 13.0.0-13.1.1.4, 12.1.0-12.1.4, 11.6.1-11.6 ...)
	NOT-FOR-US: F5 BIG-IP
CVE-2019-6611 (When BIG-IP 14.0.0-14.1.0.1, 13.0.0-13.1.1.4, 12.1.0-12.1.4, 11.6.1-11 ...)
	NOT-FOR-US: F5 BIG-IP
CVE-2019-6610 (On BIG-IP versions 14.0.0-14.0.0.4, 13.0.0-13.1.1.1, 12.1.0-12.1.4, 11 ...)
	NOT-FOR-US: F5 BIG-IP
CVE-2019-6609 (Platform dependent weakness. This issue only impacts iSeries platforms ...)
	NOT-FOR-US: BIG-IP APM
CVE-2019-6608 (On BIG-IP 11.5.1-11.6.3, 12.1.0-12.1.3, 13.0.0-13.1.1.1, and 14.0.0-14 ...)
	NOT-FOR-US: F5 BIG-IP
CVE-2019-6607 (On BIG-IP ASM 11.5.1-11.5.8, 11.6.1-11.6.3, 12.1.0-12.1.3, 13.0.0-13.1 ...)
	NOT-FOR-US: F5 BIG-IP
CVE-2019-6606 (On BIG-IP 11.5.1-11.6.3.4, 12.1.0-12.1.3.7, 13.0.0-13.1.1.3, and 14.0. ...)
	NOT-FOR-US: F5 BIG-IP
CVE-2019-6605 (On BIG-IP 11.5.1-11.5.8, 11.6.1-11.6.3, and 12.0.x, an undisclosed seq ...)
	NOT-FOR-US: F5 BIG-IP
CVE-2019-6604 (On BIG-IP 11.5.1-11.5.8, 11.6.1-11.6.3, 12.1.0-12.1.3.6, 13.0.0-13.1.1 ...)
	NOT-FOR-US: F5 BIG-IP
CVE-2019-6603 (In BIG-IP 11.5.1-11.5.8, 11.6.1-11.6.3, 12.1.0-12.1.3, and 13.0.0-13.0 ...)
	NOT-FOR-US: F5 BIG-IP
CVE-2019-6602 (In BIG-IP 11.5.1-11.5.8 and 11.6.1-11.6.3, the Configuration Utility l ...)
	NOT-FOR-US: F5 BIG-IP
CVE-2019-6601 (In BIG-IP 13.0.0, 12.1.0-12.1.3.7, 11.6.1-11.6.3.2, or 11.5.1-11.5.8,  ...)
	NOT-FOR-US: F5 BIG-IP
CVE-2019-6600 (In BIG-IP 14.0.0-14.0.0.2, 13.0.0-13.1.1.3, 12.1.0-12.1.3.7, 11.6.1-11 ...)
	NOT-FOR-US: F5 BIG-IP
CVE-2019-6599 (In BIG-IP 11.6.1-11.6.3.2 or 11.5.1-11.5.8, or Enterprise Manager 3.1. ...)
	NOT-FOR-US: F5 BIG-IP
CVE-2019-6598 (In BIG-IP 14.0.0-14.0.0.2, 13.0.0-13.1.0.7, 12.1.0-12.1.3.5, 11.6.1-11 ...)
	NOT-FOR-US: F5 BIG-IP
CVE-2019-6597 (In BIG-IP 13.0.0-13.1.1.1, 12.1.0-12.1.3.7, 11.6.1-11.6.3.2, or 11.5.1 ...)
	NOT-FOR-US: F5 BIG-IP
CVE-2019-6596 (In BIG-IP 14.0.0-14.0.0.2, 13.0.0-13.1.1.1, 12.1.0-12.1.3.6, 11.6.1-11 ...)
	NOT-FOR-US: F5 BIG-IP
CVE-2019-6595 (Cross-site scripting (XSS) vulnerability in F5 BIG-IP Access Policy Ma ...)
	NOT-FOR-US: F5 BIG-IP
CVE-2019-6594 (On BIG-IP 11.5.1-11.6.3.2, 12.1.3.4-12.1.3.7, 13.0.0 HF1-13.1.1.1, and ...)
	NOT-FOR-US: F5 BIG-IP
CVE-2019-6593 (On BIG-IP 11.5.1-11.5.4, 11.6.1, and 12.1.0, a virtual server configur ...)
	NOT-FOR-US: F5 BIG-IP
CVE-2019-6592 (On BIG-IP 14.1.0-14.1.0.1, TMM may restart and produce a core file whe ...)
	NOT-FOR-US: F5 BIG-IP
CVE-2019-6591 (On BIG-IP APM 14.0.0 to 14.0.0.4, 13.0.0 to 13.1.1.3 and 12.1.0 to 12. ...)
	NOT-FOR-US: BIG-IP
CVE-2019-6590 (On BIG-IP LTM 13.0.0 to 13.0.1 and 12.1.0 to 12.1.3.6, under certain c ...)
	NOT-FOR-US: BIG-IP
CVE-2019-6589 (On BIG-IP 14.0.0-14.0.0.2, 13.0.0-13.1.1.3, 12.1.0-12.1.3.7, and 11.6. ...)
	NOT-FOR-US: F5 BIG-IP
CVE-2019-6588 (In Liferay Portal before 7.1 CE GA4, an XSS vulnerability exists in th ...)
	NOT-FOR-US: Liferay Portal CE
CVE-2019-6587
	RESERVED
CVE-2019-6586
	RESERVED
CVE-2019-6585 (A vulnerability has been identified in SCALANCE S602 (All versions &gt ...)
	NOT-FOR-US: Siemens
CVE-2019-6584 (A vulnerability has been identified in SIEMENS LOGO!8 (6ED1052-xyyxx-0 ...)
	NOT-FOR-US: Siemens
CVE-2019-6583
	RESERVED
CVE-2019-6582 (A vulnerability has been identified in Siveillance VMS 2017 R2 (All ve ...)
	NOT-FOR-US: Siemens
CVE-2019-6581 (A vulnerability has been identified in Siveillance VMS 2017 R2 (All ve ...)
	NOT-FOR-US: Siemens
CVE-2019-6580 (A vulnerability has been identified in Siveillance VMS 2017 R2 (All ve ...)
	NOT-FOR-US: Siemens
CVE-2019-6579 (A vulnerability has been identified in Spectrum Power 4 (with Web Offi ...)
	NOT-FOR-US: Spectrum Power
CVE-2019-6578 (A vulnerability has been identified in SINAMICS PERFECT HARMONY GH180  ...)
	NOT-FOR-US: Siemens
CVE-2019-6577 (A vulnerability has been identified in SIMATIC HMI Comfort Panels 4" - ...)
	NOT-FOR-US: Siemens
CVE-2019-6576 (A vulnerability has been identified in SIMATIC HMI Comfort Panels 4" - ...)
	NOT-FOR-US: Siemens
CVE-2019-6575 (A vulnerability has been identified in SIMATIC CP 443-1 OPC UA (All ve ...)
	NOT-FOR-US: Siemens
CVE-2019-6574 (A vulnerability has been identified in SINAMICS PERFECT HARMONY GH180  ...)
	NOT-FOR-US: Siemens
CVE-2019-6573
	RESERVED
CVE-2019-6572 (A vulnerability has been identified in SIMATIC HMI Comfort Panels 4" - ...)
	NOT-FOR-US: Siemens
CVE-2019-6571 (A vulnerability has been identified in SIEMENS LOGO!8 (6ED1052-xyyxx-0 ...)
	NOT-FOR-US: Siemens
CVE-2019-6570 (A vulnerability has been identified in SINEMA Remote Connect Server (A ...)
	NOT-FOR-US: Siemens
CVE-2019-6569 (A vulnerability has been identified in SCALANCE X-200 switch family (i ...)
	NOT-FOR-US: Scalance
CVE-2019-6568 (A vulnerability has been identified in CP1604, CP1616, CP343-1 Advance ...)
	NOT-FOR-US: Siemens
CVE-2019-6567 (A vulnerability has been identified in SCALANCE X-200 switch family (i ...)
	NOT-FOR-US: Siemens
CVE-2019-6566 (GE Communicator, all versions prior to 4.0.517, allows a non-administr ...)
	NOT-FOR-US: GE Communicator
CVE-2019-6565 (Moxa IKS and EDS fails to properly validate user input, giving unauthe ...)
	NOT-FOR-US: Moxa
CVE-2019-6564 (GE Communicator, all versions prior to 4.0.517, allows a non-administr ...)
	NOT-FOR-US: GE Communicator
CVE-2019-6563 (Moxa IKS and EDS generate a predictable cookie calculated with an MD5  ...)
	NOT-FOR-US: Moxa
CVE-2019-6562 (In Philips Tasy EMR, Tasy EMR Versions 3.02.1744 and prior, the softwa ...)
	NOT-FOR-US: Philips
CVE-2019-6561 (Cross-site request forgery has been identified in Moxa IKS and EDS, wh ...)
	NOT-FOR-US: Moxa
CVE-2019-6560 (In Auto-Maskin RP210E Versions 3.7 and prior, DCU210E Versions 3.7 and ...)
	NOT-FOR-US: Auto-Maskin RP210E
CVE-2019-6559 (Moxa IKS and EDS allow remote authenticated users to cause a denial of ...)
	NOT-FOR-US: Moxa
CVE-2019-6558 (In Auto-Maskin RP210E Versions 3.7 and prior, DCU210E Versions 3.7 and ...)
	NOT-FOR-US: Auto-Maskin RP210E
CVE-2019-6557 (Several buffer overflow vulnerabilities have been identified in Moxa I ...)
	NOT-FOR-US: Moxa
CVE-2019-6556 (When processing project files, the application (Omron CX-Programmer v9 ...)
	NOT-FOR-US: Omron
CVE-2019-6555 (Cscape, 9.80 SP4 and prior. An improper input validation vulnerability ...)
	NOT-FOR-US: Cscape
CVE-2019-6554 (Advantech WebAccess/SCADA, Versions 8.3.5 and prior. An improper acces ...)
	NOT-FOR-US: Advantech WebAccess/SCADA
CVE-2019-6553 (A vulnerability was found in Rockwell Automation RSLinx Classic versio ...)
	NOT-FOR-US: Rockwell Automation
CVE-2019-6552 (Advantech WebAccess/SCADA, Versions 8.3.5 and prior. Multiple command  ...)
	NOT-FOR-US: Advantech WebAccess/SCADA
CVE-2019-6551 (Pangea Communications Internet FAX ATA all Versions 3.1.8 and prior al ...)
	NOT-FOR-US: Pangea Communications Internet FAX ATA
CVE-2019-6550 (Advantech WebAccess/SCADA, Versions 8.3.5 and prior. Multiple stack-ba ...)
	NOT-FOR-US: Advantech WebAccess/SCADA
CVE-2019-6549 (An attacker could retrieve plain-text credentials stored in a XML file ...)
	NOT-FOR-US: PR100088 Modbus
CVE-2019-6548 (GE Communicator, all versions prior to 4.0.517, contains two backdoor  ...)
	NOT-FOR-US: GE Communicator
CVE-2019-6547 (Delta Industrial Automation CNCSoft, CNCSoft ScreenEditor Version 1.00 ...)
	NOT-FOR-US: Delta Industrial Automation CNCSoft
CVE-2019-6546 (GE Communicator, all versions prior to 4.0.517, allows an attacker to  ...)
	NOT-FOR-US: GE Communicator
CVE-2019-6545 (AVEVA Software, LLC InduSoft Web Studio prior to Version 8.1 SP3 and I ...)
	NOT-FOR-US: AVEVA
CVE-2019-6544 (GE Communicator, all versions prior to 4.0.517, has a service running  ...)
	NOT-FOR-US: GE Communicator
CVE-2019-6543 (AVEVA Software, LLC InduSoft Web Studio prior to Version 8.1 SP3 and I ...)
	NOT-FOR-US: AVEVA
CVE-2019-6542 (ENTTEC Datagate MK2, Storm 24, Pixelator all firmware versions prior t ...)
	NOT-FOR-US: ENTTEC firmware
CVE-2019-6541 (A memory corruption vulnerability has been identified in WECON LeviStu ...)
	NOT-FOR-US: WECON
CVE-2019-6540 (The Conexus telemetry protocol utilized within Medtronic MyCareLink Mo ...)
	NOT-FOR-US: Medtronic
CVE-2019-6539 (Several heap-based buffer overflow vulnerabilities in WECON LeviStudio ...)
	NOT-FOR-US: WECON
CVE-2019-6538 (The Conexus telemetry protocol utilized within Medtronic MyCareLink Mo ...)
	NOT-FOR-US: Medtronic
CVE-2019-6537 (Multiple stack-based buffer overflow vulnerabilities in WECON LeviStud ...)
	NOT-FOR-US: WECON
CVE-2019-6536 (Opening a specially crafted LCDS LAquis SCADA before 4.3.1.71 ELS file ...)
	NOT-FOR-US: LCDS
CVE-2019-6535 (Mitsubishi Electric Q03/04/06/13/26UDVCPU: serial number 20081 and pri ...)
	NOT-FOR-US: Mitsubishi Electric MELSEC-Q Series PLCs
CVE-2019-6534 (The uncontrolled search path element vulnerability in Gemalto Sentinel ...)
	NOT-FOR-US: Gemalto Sentinel UltraPro Client Library ux32w.dll
CVE-2019-6533 (Registers used to store Modbus values can be read and written from the ...)
	NOT-FOR-US: PR100088 Modbus
CVE-2019-6532 (Panasonic FPWIN Pro version 7.3.0.0 and prior allows attacker-created  ...)
	NOT-FOR-US: Panasonic
CVE-2019-6531 (An attacker could retrieve passwords from a HTTP GET request from the  ...)
	NOT-FOR-US: Kunbus
CVE-2019-6530 (Panasonic FPWIN Pro version 7.3.0.0 and prior allows attacker-created  ...)
	NOT-FOR-US: Panasonic
CVE-2019-6529 (An attacker could specially craft an FTP request that could crash the  ...)
	NOT-FOR-US: Kunbus
CVE-2019-6528 (PSI GridConnect GmbH Telecontrol Gateway and Smart Telecontrol Unit fa ...)
	NOT-FOR-US: PSI GridConnect GmbH
CVE-2019-6527 (PR100088 Modbus gateway versions prior to Release R02 (or Software Ver ...)
	NOT-FOR-US: PR100088 Modbus
CVE-2019-6526 (Moxa IKS-G6824A series Versions 4.5 and prior, EDS-405A series Version ...)
	NOT-FOR-US: Moxa
CVE-2019-6525 (AVEVA Wonderware System Platform 2017 Update 2 and prior uses an Arche ...)
	NOT-FOR-US: AVEVA Wonderware System Platform
CVE-2019-6524 (Moxa IKS and EDS do not implement sufficient measures to prevent multi ...)
	NOT-FOR-US: Moxa
CVE-2019-6523 (WebAccess/SCADA, Version 8.3. The software does not properly sanitize  ...)
	NOT-FOR-US: Advantech WebAccess/SCADA
CVE-2019-6522 (Moxa IKS and EDS fails to properly check array bounds which may allow  ...)
	NOT-FOR-US: Moxa
CVE-2019-6521 (WebAccess/SCADA, Version 8.3. Specially crafted requests could allow a ...)
	NOT-FOR-US: Advantech WebAccess/SCADA
CVE-2019-6520 (Moxa IKS and EDS does not properly check authority on server side, whi ...)
	NOT-FOR-US: Moxa
CVE-2019-6519 (WebAccess/SCADA, Version 8.3. An improper authentication vulnerability ...)
	NOT-FOR-US: Advantech WebAccess/SCADA
CVE-2019-6518 (Moxa IKS and EDS store plaintext passwords, which may allow sensitive  ...)
	NOT-FOR-US: Moxa
CVE-2019-6517 (BD FACSLyric Research Use Only, Windows 10 Professional Operating Syst ...)
	NOT-FOR-US: BD FACSLyric
CVE-2019-6516 (An issue was discovered in WSO2 Dashboard Server 2.0.0. It is possible ...)
	NOT-FOR-US: WSO2
CVE-2019-6515 (An issue was discovered in WSO2 API Manager 2.6.0. Uploaded documents  ...)
	NOT-FOR-US: WSO2
CVE-2019-6514 (An issue was discovered in WSO2 Dashboard Server 2.0.0. It is possible ...)
	NOT-FOR-US: WSO2
CVE-2019-6513 (An issue was discovered in WSO2 API Manager 2.6.0. It is possible for  ...)
	NOT-FOR-US: WSO2
CVE-2019-6512 (An issue was discovered in WSO2 API Manager 2.6.0. It is possible to f ...)
	NOT-FOR-US: WSO2
CVE-2019-6511
	RESERVED
CVE-2019-6510 (An issue was discovered in creditease-sec insight through 2018-09-11.  ...)
	NOT-FOR-US: creditease-sec
CVE-2019-6509 (An issue was discovered in creditease-sec insight through 2018-09-11.  ...)
	NOT-FOR-US: creditease-sec
CVE-2019-6508 (An issue was discovered in creditease-sec insight through 2018-09-11.  ...)
	NOT-FOR-US: creditease-sec
CVE-2019-6507 (An issue was discovered in creditease-sec insight through 2018-09-11.  ...)
	NOT-FOR-US: creditease-sec
CVE-2019-6506 (SuiteCRM before 7.8.28, 7.9.x and 7.10.x before 7.10.15, and 7.11.x be ...)
	NOT-FOR-US: SalesAgility SuiteCRM
CVE-2019-6505
	RESERVED
CVE-2019-6504 (Insufficient output sanitization in the Automic Web Interface (AWI), i ...)
	NOT-FOR-US: CA Automic Workload Automation
CVE-2019-6503 (There is a deserialization vulnerability in Chatopera cosin v3.10.0. A ...)
	NOT-FOR-US: Chatopera cosin
CVE-2019-6502 (sc_context_create in ctx.c in libopensc in OpenSC 0.19.0 has a memory  ...)
	- opensc 0.20.0-1 (unimportant)
	NOTE: https://github.com/OpenSC/OpenSC/issues/1586
	NOTE: https://github.com/OpenSC/OpenSC/commit/0d7967549751b7032f22b437106b41444aff0ba9 (0.20.0-rc1)
	NOTE: Negligible security impact, assigning a CVE seems out of proportion...
CVE-2019-1003004 (An improper authorization vulnerability exists in Jenkins 2.158 and ea ...)
	NOT-FOR-US: Jenkins
CVE-2019-1003003 (An improper authorization vulnerability exists in Jenkins 2.158 and ea ...)
	NOT-FOR-US: Jenkins
CVE-2019-1003002 (A sandbox bypass vulnerability exists in Pipeline: Declarative Plugin  ...)
	NOT-FOR-US: Jenkins plugin
CVE-2019-1003001 (A sandbox bypass vulnerability exists in Pipeline: Groovy Plugin 2.61  ...)
	NOT-FOR-US: Jenkins plugin
CVE-2019-1003000 (A sandbox bypass vulnerability exists in Script Security Plugin 1.49 a ...)
	NOT-FOR-US: Jenkins plugin
CVE-2019-6501 (In QEMU 3.1, scsi_handle_inquiry_reply in hw/scsi/scsi-generic.c allow ...)
	- qemu 1:3.1+dfsg-3 (bug #920222)
	[stretch] - qemu <not-affected> (vulnerable code introduced later)
	[jessie] - qemu <not-affected> (vulnerable code introduced later)
	- qemu-kvm <removed>
	NOTE: https://lists.gnu.org/archive/html/qemu-devel/2019-01/msg02324.html
	NOTE: Code introduced by https://git.qemu.org/?p=qemu.git;a=commit;h=6c219fc8a1 ,
	NOTE: but but the overflow was already possible before.
	NOTE: https://git.qemu.org/?p=qemu.git;a=commit;h=e909ff93698851777faac3c45d03c1b73f311ea6
	NOTE: Overflow introduced by https://git.qemu.org/?p=qemu.git;a=commit;h=a71c775b24,
	NOTE: vulnerability not present prior 2.12.50
CVE-2019-6500 (In Axway File Transfer Direct 2.7.1, an unauthenticated Directory Trav ...)
	NOT-FOR-US: Axway File Transfer Direct
CVE-2019-6499 (Teradata Viewpoint before 14.0 and 16.20.00.02-b80 contains a hardcode ...)
	NOT-FOR-US: Teradata Viewpoint
CVE-2019-6498 (GattLib 0.2 has a stack-based buffer over-read in gattlib_connect in d ...)
	NOT-FOR-US: GattLib
CVE-2019-6497 (Hotels_Server through 2018-11-05 has SQL Injection via the controller/ ...)
	NOT-FOR-US: Hotels_Server
CVE-2019-6496 (The ThreadX-based firmware on Marvell Avastar Wi-Fi devices, models 88 ...)
	NOT-FOR-US: ThreadX-based firmware on Marvell Avastar Wi-Fi devices
CVE-2019-6495
	RESERVED
CVE-2019-6494 (IMFForceDelete.sys in IObit Malware Fighter 6.2 allows a low privilege ...)
	NOT-FOR-US: IObit Malware Fighter
CVE-2019-6493 (SmartDefragDriver.sys (2.0) in IObit Smart Defrag 6 never frees an exe ...)
	NOT-FOR-US: IObit Smart Defrag
CVE-2019-6492 (SmartDefragDriver.sys (2.0) in IObit Smart Defrag 6 never frees an exe ...)
	NOT-FOR-US: IObit Smart Defrag
CVE-2019-6491 (RISI Gestao de Horarios v3201.09.08 rev.23 allows SQL Injection. ...)
	NOT-FOR-US: RISI Gestao de Horarios
CVE-2019-6490
	RESERVED
CVE-2019-6489 (Certain Lexmark CX, MX, X, XC, XM, XS, and 6500e devices before 2019-0 ...)
	NOT-FOR-US: Lexmark
CVE-2019-6488 (The string component in the GNU C Library (aka glibc or libc6) through ...)
	- glibc 2.28-6 (unimportant)
	NOTE: https://sourceware.org/bugzilla/show_bug.cgi?id=24097
	NOTE: x32 not officially supported
CVE-2019-6487 (TP-Link WDR Series devices through firmware v3 (such as TL-WDR5620 V3. ...)
	NOT-FOR-US: TP-Link
CVE-2019-6486 (Go before 1.10.8 and 1.11.x before 1.11.5 mishandles P-521 and P-384 e ...)
	{DSA-4380-1 DSA-4379-1 DLA-1664-1}
	- golang-1.12 1.12~beta2-2 (bug #920548)
	- golang-1.11 1.11.5-1
	- golang-1.10 <removed>
	- golang-1.8 <removed>
	- golang-1.7 <removed>
	- golang <removed>
	NOTE: https://groups.google.com/forum/m/#!topic/golang-announce/mVeX35iXuSw
	NOTE: https://golang.org/issue/29903
	NOTE: https://github.com/golang/go/commit/42b42f71
CVE-2019-6485 (Citrix NetScaler Gateway 12.1 before build 50.31, 12.0 before build 60 ...)
	NOT-FOR-US: Citrix
CVE-2019-6484
	RESERVED
CVE-2019-6338 (In Drupal Core versions 7.x prior to 7.62, 8.6.x prior to 8.6.6 and 8. ...)
	{DSA-4370-1 DLA-1685-1}
	- drupal7 <removed>
	NOTE: https://www.drupal.org/sa-core-2019-001
CVE-2019-6339 (In Drupal Core versions 7.x prior to 7.62, 8.6.x prior to 8.6.6 and 8. ...)
	{DSA-4370-1 DLA-1659-1}
	- drupal7 <removed>
	NOTE: https://www.drupal.org/sa-core-2019-002
CVE-2019-6483
	RESERVED
CVE-2019-6482
	RESERVED
CVE-2019-6481 (Abine Blur 7.8.2431 allows remote attackers to conduct "Second-Factor  ...)
	NOT-FOR-US: Abine Blur
CVE-2019-6480
	RESERVED
CVE-2019-6479
	REJECTED
CVE-2019-6478
	REJECTED
CVE-2019-6477 (With pipelining enabled each incoming query on a TCP connection requir ...)
	- bind9 1:9.11.14+dfsg-1 (bug #945171)
	[buster] - bind9 <no-dsa> (Minor issue; can be fixed via point release)
	[stretch] - bind9 <no-dsa> (Minor issue; can be fixed via point release)
	[jessie] - bind9 <not-affected> (Vulnerable code not present)
	NOTE: https://kb.isc.org/docs/cve-2019-6477
CVE-2019-6476 (A defect in code added to support QNAME minimization can cause named t ...)
	- bind9 <not-affected> (Vulnerable code not present)
	NOTE: https://kb.isc.org/docs/cve-2019-6476
CVE-2019-6475 (Mirror zones are a BIND feature allowing recursive servers to pre-cach ...)
	- bind9 <not-affected> (Vulnerable code not present)
	NOTE: https://kb.isc.org/docs/cve-2019-6475
CVE-2019-6474 (A missing check on incoming client requests can be exploited to cause  ...)
	- isc-kea 1.7.5-1 (bug #936040)
	[stretch] - isc-kea <no-dsa> (Minor issue)
	NOTE: https://kb.isc.org/docs/cve-2019-6474
CVE-2019-6473 (An invalid hostname option can trigger an assertion failure in the Kea ...)
	- isc-kea 1.7.5-1 (bug #936040)
	[stretch] - isc-kea <no-dsa> (Minor issue)
	NOTE: https://kb.isc.org/docs/cve-2019-6473
CVE-2019-6472 (A packet containing a malformed DUID can cause the Kea DHCPv6 server p ...)
	- isc-kea 1.7.5-1 (bug #936040)
	[stretch] - isc-kea <no-dsa> (Minor issue)
	NOTE: https://kb.isc.org/docs/cve-2019-6472
CVE-2019-6471 (A race condition which may occur when discarding malformed packets can ...)
	- bind9 1:9.11.5.P4+dfsg-5.1 (bug #930746)
	[stretch] - bind9 <not-affected> (Only affects 9.11 and later)
	[jessie] - bind9 <not-affected> (Only affects 9.11 and later)
	NOTE: https://kb.isc.org/v1/docs/cve-2019-6471
	NOTE: https://gitlab.isc.org/isc-projects/bind9/commit/60c42f849d520564ed42e5ed0ba46b4b69c07712 (master)
	NOTE: https://gitlab.isc.org/isc-projects/bind9/commit/3a9c7bb80d4a609b86427406d9dd783199920b5b (v9_11)
CVE-2019-6470 (There had existed in one of the ISC BIND libraries a bug in a function ...)
	- isc-dhcp 4.4.1-2 (bug #896122)
	[stretch] - isc-dhcp <ignored> (Issue triggerable only when build against bind >= 9.11.3)
	[jessie] - isc-dhcp <ignored> (Issue triggerable only when build against bind >= 9.11.3)
	NOTE: https://bugs.isc.org/Public/Ticket/Display.html?id=48804
	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1641246
	NOTE: https://bugs.launchpad.net/ubuntu/%2Bsource/isc-dhcp/%2Bbug/1781699
	NOTE: Issue is caused by https://gitlab.isc.org/wpk/bind9/commit/65a483106e45704e19781bfe4f4634db4f77562e
	NOTE: isc-dhcp builds against system bind library, and commit for upstream
	NOTE: issue 4829 is first introduced in 9.11.3+dfsg-1. The underlying issue
	NOTE: is only uncovered when build gainst versions >= 9.11.3.
CVE-2019-6469 (An error in the EDNS Client Subnet (ECS) feature for recursive resolve ...)
	- bind9 <not-affected> (Only affects Supported Preview Edition/Subscription Edition)
	NOTE: https://kb.isc.org/docs/cve-2019-6469
CVE-2019-6468 (In BIND Supported Preview Edition, an error in the nxdomain-redirect f ...)
	- bind9 <not-affected> (Only affects Supported Preview Edition/Subscription Edition)
	NOTE: https://kb.isc.org/docs/cve-2019-6468
CVE-2019-6467 (A programming error in the nxdomain-redirect feature can cause an asse ...)
	- bind9 <not-affected> (Vulnerable code only present in 9.12 onwards)
	NOTE: https://kb.isc.org/docs/cve-2019-6467
CVE-2019-6466
	REJECTED
CVE-2019-6465 (Controls for zone transfers may not be properly applied to Dynamically ...)
	{DSA-4440-1 DLA-1697-1}
	- bind9 1:9.11.5.P4+dfsg-1 (low; bug #922955)
	NOTE: https://kb.isc.org/docs/cve-2019-6465
	NOTE: https://gitlab.isc.org/isc-projects/bind9/commit/a9307de85e147f4756c75d15aa221d2262df7d67
CVE-2019-6464
	RESERVED
CVE-2019-6463
	RESERVED
CVE-2019-6462 (An issue was discovered in cairo 1.16.0. There is an infinite loop in  ...)
	- cairo <unfixed> (low; bug #929945)
	[buster] - cairo <no-dsa> (Minor issue)
	[stretch] - cairo <no-dsa> (Minor issue)
	[jessie] - cairo <no-dsa> (Minor issue)
	NOTE: https://gitlab.freedesktop.org/cairo/cairo/issues/353
CVE-2019-6461 (An issue was discovered in cairo 1.16.0. There is an assertion problem ...)
	- cairo <unfixed> (low; bug #929944)
	[buster] - cairo <no-dsa> (Minor issue)
	[stretch] - cairo <no-dsa> (Minor issue)
	[jessie] - cairo <no-dsa> (Minor issue)
	NOTE: https://gitlab.freedesktop.org/cairo/cairo/issues/352
CVE-2019-6460 (An issue was discovered in GNU Recutils 1.8. There is a NULL pointer d ...)
	- recutils <unfixed> (unimportant)
	NOTE: Negligible security impact
CVE-2019-6459 (An issue was discovered in GNU Recutils 1.8. There is a memory leak in ...)
	- recutils <unfixed> (unimportant)
	NOTE: Negligible security impact
CVE-2019-6458 (An issue was discovered in GNU Recutils 1.8. There is a memory leak in ...)
	- recutils <unfixed> (unimportant)
	NOTE: Negligible security impact
CVE-2019-6457 (An issue was discovered in GNU Recutils 1.8. There is a memory leak in ...)
	- recutils <unfixed> (unimportant)
	NOTE: Negligible security impact
CVE-2019-6456 (An issue was discovered in GNU Recutils 1.8. There is a NULL pointer d ...)
	- recutils <unfixed> (unimportant)
	NOTE: Negligible security impact
CVE-2019-6455 (An issue was discovered in GNU Recutils 1.8. There is a double-free pr ...)
	- recutils <unfixed> (unimportant)
	NOTE: Negligible security impact
CVE-2019-6454 (An issue was discovered in sd-bus in systemd 239. bus_process_object() ...)
	{DSA-4393-1 DLA-1684-1}
	- systemd 240-6
	NOTE: https://www.openwall.com/lists/oss-security/2019/02/18/3
	NOTE: https://github.com/systemd/systemd/commit/798ebaf9aea9b8ae3b8a0cc2702bc8de71acb3c6
	NOTE: https://github.com/systemd/systemd/commit/6d586a13717ae057aa1b4127400c3de61cd5b9e7
	NOTE: https://github.com/systemd/systemd/commit/f519a19bcd5afe674a9b8fc462cd77d8bad403c1
CVE-2019-6453 (mIRC before 7.55 allows remote command execution by using argument inj ...)
	NOT-FOR-US: mIRC
CVE-2019-6452 (Kyocera Command Center RX TASKalfa4501i and TASKalfa5052ci allows remo ...)
	NOT-FOR-US: Kyocera Command Center
CVE-2019-6451 (On SOYAL AR-727H and AR-829Ev5 devices, all CGI programs allow unauthe ...)
	NOT-FOR-US: SOYAL AR-727H and AR-829Ev5 devices
CVE-2019-6450
	RESERVED
CVE-2019-6449
	RESERVED
CVE-2019-6448
	RESERVED
CVE-2019-6447 (The ES File Explorer File Manager application through 4.1.9.7.4 for An ...)
	NOT-FOR-US: ES File Explorer File Manager application
CVE-2019-6446
	- python-numpy 1:1.10.4-1
	[jessie] - python-numpy <no-dsa> (Minor issue)
	NOTE: https://github.com/numpy/numpy/issues/12759
	NOTE: For upstream this works as intended and is documented.
	NOTE: https://github.com/numpy/numpy/commit/a2bd3a7eabfe053d6d16a2130fdcad9e5211f6bb
	NOTE: added support to disable use of picke in load/save, marking that as the fixed
	NOTE: version. The use of that is at the discretion of anyone using numpy
	NOTE: Further discussion at https://github.com/numpy/numpy/pull/12889
CVE-2019-6445 (An issue was discovered in NTPsec before 1.1.3. An authenticated attac ...)
	- ntpsec 1.1.3+dfsg1-1 (bug #919513)
	NOTE: https://gitlab.com/NTPsec/ntpsec/issues/509
	NOTE: https://gitlab.com/NTPsec/ntpsec/commit/acb2ecdcabad2ab42e9c6352999e174dd102eb3f
CVE-2019-6444 (An issue was discovered in NTPsec before 1.1.3. process_control() in n ...)
	- ntpsec 1.1.3+dfsg1-1 (bug #919513)
CVE-2019-6443 (An issue was discovered in NTPsec before 1.1.3. Because of a bug in ct ...)
	- ntpsec 1.1.3+dfsg1-1 (bug #919513)
CVE-2019-6442 (An issue was discovered in NTPsec before 1.1.3. An authenticated attac ...)
	- ntpsec 1.1.3+dfsg1-1 (bug #919513)
CVE-2019-6441 (An issue was discovered on Shenzhen Coship RT3050 4.0.0.40, RT3052 4.0 ...)
	NOT-FOR-US: Shenzhen Coship devices
CVE-2019-6440 (Zemana AntiMalware before 3.0.658 Beta mishandles update logic. ...)
	NOT-FOR-US: Zemana AntiMalware
CVE-2019-6439 (examples/benchmark/tls_bench.c in a benchmark tool in wolfSSL through  ...)
	- wolfssl 4.1.0+dfsg-1 (unimportant)
	NOTE: https://github.com/wolfSSL/wolfssl/issues/2032
	NOTE: Issue only in example code
CVE-2019-6438 (SchedMD Slurm before 17.11.13 and 18.x before 18.08.5 mishandles 32-bi ...)
	{DLA-2143-1}
	- slurm-llnl 18.08.5.2-1 (low; bug #920997)
	[stretch] - slurm-llnl 16.05.9-1+deb9u3
	NOTE: https://www.schedmd.com/news.php?id=213
	NOTE: https://lists.schedmd.com/pipermail/slurm-announce/2019/000018.html
	NOTE: https://github.com/SchedMD/slurm/commit/750cc23edcc6fddfff21d33bdaf4fb7deb28cfda
	NOTE: https://github.com/SchedMD/slurm/commit/a8159065d1a57d6eadf802efa6837ebf4e56f671
CVE-2019-6437
	RESERVED
CVE-2019-6436
	RESERVED
CVE-2019-6435
	RESERVED
CVE-2019-6434
	RESERVED
CVE-2019-6433
	RESERVED
CVE-2019-6432
	RESERVED
CVE-2019-6431
	RESERVED
CVE-2019-6430
	RESERVED
CVE-2019-6429
	RESERVED
CVE-2019-6428
	RESERVED
CVE-2019-6427
	RESERVED
CVE-2019-6426
	RESERVED
CVE-2019-6425
	RESERVED
CVE-2019-6424
	RESERVED
CVE-2019-6423
	RESERVED
CVE-2019-6422
	RESERVED
CVE-2019-6421
	RESERVED
CVE-2019-6420
	RESERVED
CVE-2019-6419
	RESERVED
CVE-2019-6418
	RESERVED
CVE-2019-6417
	RESERVED
CVE-2019-6416
	RESERVED
CVE-2019-6415
	RESERVED
CVE-2019-6414
	RESERVED
CVE-2019-6413
	RESERVED
CVE-2019-6412
	RESERVED
CVE-2019-6411
	RESERVED
CVE-2019-6410
	RESERVED
CVE-2019-6409
	RESERVED
CVE-2019-6408
	RESERVED
CVE-2019-6407
	RESERVED
CVE-2019-6406
	RESERVED
CVE-2019-6405
	RESERVED
CVE-2019-6404
	RESERVED
CVE-2019-6403
	RESERVED
CVE-2019-6402
	RESERVED
CVE-2019-6401
	RESERVED
CVE-2019-6400
	RESERVED
CVE-2019-6399
	RESERVED
CVE-2019-6398
	RESERVED
CVE-2019-6397
	RESERVED
CVE-2019-6396
	RESERVED
CVE-2019-6395
	RESERVED
CVE-2019-6394
	RESERVED
CVE-2019-6393
	RESERVED
CVE-2019-6392
	RESERVED
CVE-2019-6391
	RESERVED
CVE-2019-6390
	RESERVED
CVE-2019-6389
	RESERVED
CVE-2019-6388
	RESERVED
CVE-2019-6387
	RESERVED
CVE-2019-6386
	RESERVED
CVE-2019-6385
	RESERVED
CVE-2019-6384
	RESERVED
CVE-2019-6383
	RESERVED
CVE-2019-6382
	RESERVED
CVE-2019-6381
	RESERVED
CVE-2019-6380
	RESERVED
CVE-2019-6379
	RESERVED
CVE-2019-6378
	RESERVED
CVE-2019-6377
	RESERVED
CVE-2019-6376
	RESERVED
CVE-2019-6375
	RESERVED
CVE-2019-6374
	RESERVED
CVE-2019-6373
	RESERVED
CVE-2019-6372
	RESERVED
CVE-2019-6371
	RESERVED
CVE-2019-6370
	RESERVED
CVE-2019-6369
	RESERVED
CVE-2019-6368
	RESERVED
CVE-2019-6367
	RESERVED
CVE-2019-6366
	RESERVED
CVE-2019-6365
	RESERVED
CVE-2019-6364
	RESERVED
CVE-2019-6363
	RESERVED
CVE-2019-6362
	RESERVED
CVE-2019-6361
	RESERVED
CVE-2019-6360
	RESERVED
CVE-2019-6359
	RESERVED
CVE-2019-6358
	RESERVED
CVE-2019-6357
	RESERVED
CVE-2019-6356
	RESERVED
CVE-2019-6355
	RESERVED
CVE-2019-6354
	RESERVED
CVE-2019-6353
	RESERVED
CVE-2019-6352
	RESERVED
CVE-2019-6351
	RESERVED
CVE-2019-6350
	RESERVED
CVE-2019-6349
	RESERVED
CVE-2019-6348
	RESERVED
CVE-2019-6347
	RESERVED
CVE-2019-6346
	RESERVED
CVE-2019-6345
	RESERVED
CVE-2019-6344
	RESERVED
CVE-2019-6343
	RESERVED
CVE-2019-6342
	RESERVED
	- drupal7 <not-affected> (Drupal 7 not affected)
	NOTE: https://www.drupal.org/sa-core-2019-008
CVE-2019-6340 (Some field types do not properly sanitize data from non-form sources i ...)
	- drupal7 <not-affected> (Drupal 7 core not affected)
	NOTE: https://www.drupal.org/sa-core-2019-003
CVE-2019-6337 (For the printers listed a maliciously crafted print file might cause c ...)
	NOT-FOR-US: HP Inkjet printers
CVE-2019-6336
	RESERVED
CVE-2019-6335 (A potential security vulnerability has been identified with Samsung La ...)
	NOT-FOR-US: Samsung Laser Printers
CVE-2019-6334 (HP LaserJet, PageWide, OfficeJet Enterprise, and LaserJet Managed Prin ...)
	NOT-FOR-US: HP printers
CVE-2019-6333 (A potential security vulnerability has been identified with certain ve ...)
	NOT-FOR-US: HP Touchpoint Analytics
CVE-2019-6332 (A potential security vulnerability has been identified with certain HP ...)
	NOT-FOR-US: HP InkJet printers
CVE-2019-6331 (An issue was found in Samsung Mobile Print (Android) versions prior to ...)
	NOT-FOR-US: HP
CVE-2019-6330 (A potential security vulnerability has been identified in the software ...)
	NOT-FOR-US: HP Access Control
CVE-2019-6329 (HP Support Assistant 8.7.50 and earlier allows a user to gain system p ...)
	NOT-FOR-US: HP Support Assistant
CVE-2019-6328 (HP Support Assistant 8.7.50 and earlier allows a user to gain system p ...)
	NOT-FOR-US: HP Support Assistant
CVE-2019-6327 (HP Color LaserJet Pro M280-M281 Multifunction Printer series (before v ...)
	NOT-FOR-US: HP
CVE-2019-6326 (HP Color LaserJet Pro M280-M281 Multifunction Printer series (before v ...)
	NOT-FOR-US: HP
CVE-2019-6325 (HP Color LaserJet Pro M280-M281 Multifunction Printer series (before v ...)
	NOT-FOR-US: HP
CVE-2019-6324 (HP Color LaserJet Pro M280-M281 Multifunction Printer series (before v ...)
	NOT-FOR-US: HP
CVE-2019-6323 (HP Color LaserJet Pro M280-M281 Multifunction Printer series (before v ...)
	NOT-FOR-US: HP
CVE-2019-6322 (HP has identified a security vulnerability with some versions of Works ...)
	NOT-FOR-US: HP
CVE-2019-6321 (HP has identified a security vulnerability with some versions of Works ...)
	NOT-FOR-US: HP
CVE-2019-6320 (Certain HP DeskJet 3630 All-in-One Printers models F5S43A - F5S57A, K4 ...)
	NOT-FOR-US: HP DeskJet 3630 All-in-One Printers models
CVE-2019-6319 (HP DeskJet 3630 All-in-One Printers models F5S43A - F5S57A, K4T93A - K ...)
	NOT-FOR-US: HP DeskJet 3630 All-in-One Printers models
CVE-2019-6318 (HP LaserJet Enterprise printers, HP PageWide Enterprise printers, HP L ...)
	NOT-FOR-US: HP
CVE-2019-6317
	RESERVED
CVE-2019-6316
	RESERVED
CVE-2019-6315
	RESERVED
CVE-2019-6314
	RESERVED
CVE-2019-6313
	RESERVED
CVE-2019-6312
	RESERVED
CVE-2019-6311
	RESERVED
CVE-2019-6310
	RESERVED
CVE-2019-6309
	RESERVED
CVE-2019-6308
	RESERVED
CVE-2019-6307
	RESERVED
CVE-2019-6306
	RESERVED
CVE-2019-6305
	RESERVED
CVE-2019-6304
	RESERVED
CVE-2019-6303
	RESERVED
CVE-2019-6302
	RESERVED
CVE-2019-6301
	RESERVED
CVE-2019-6300
	RESERVED
CVE-2019-6299
	RESERVED
CVE-2019-6298
	RESERVED
CVE-2019-6297
	RESERVED
CVE-2019-6296 (Cleanto 5.0 has SQL Injection via the assets/lib/export_ajax.php id pa ...)
	NOT-FOR-US: Cleanto
CVE-2019-6295 (Cleanto 5.0 has SQL Injection via the assets/lib/service_method_ajax.p ...)
	NOT-FOR-US: Cleanto
CVE-2019-6294 (An issue was discovered in EasyCMS 1.5. There is CSRF via the index.ph ...)
	NOT-FOR-US: EasyCMS
CVE-2019-6293 (An issue was discovered in the function mark_beginning_as_normal in nf ...)
	- flex <unfixed> (low; bug #919428)
	[buster] - flex <no-dsa> (Minor issue)
	[stretch] - flex <no-dsa> (Minor issue)
	[jessie] - flex <no-dsa> (Minor issue)
	NOTE: https://github.com/westes/flex/issues/414
CVE-2019-6292 (An issue was discovered in singledocparser.cpp in yaml-cpp (aka LibYam ...)
	- yaml-cpp <unfixed> (low; bug #919430)
	[buster] - yaml-cpp <no-dsa> (Minor issue)
	[stretch] - yaml-cpp <no-dsa> (Minor issue)
	[jessie] - yaml-cpp <no-dsa> (Minor issue)
	- yaml-cpp0.3 <removed>
	[stretch] - yaml-cpp0.3 <no-dsa> (Minor issue)
	[jessie] - yaml-cpp0.3 <no-dsa> (Minor issue)
	NOTE: https://github.com/jbeder/yaml-cpp/issues/657
CVE-2019-6291 (An issue was discovered in the function expr6 in eval.c in Netwide Ass ...)
	- nasm <unfixed> (unimportant)
	NOTE: https://bugzilla.nasm.us/show_bug.cgi?id=3392549
	NOTE: Crash in CLI tool, no security impact
CVE-2019-6290 (An infinite recursion issue was discovered in eval.c in Netwide Assemb ...)
	- nasm <unfixed> (unimportant)
	NOTE: https://bugzilla.nasm.us/show_bug.cgi?id=3392548
	NOTE: Crash in CLI tool, no security impact
CVE-2019-6289 (uploads/include/dialog/select_soft.php in DedeCMS V57_UTF8_SP2 allows  ...)
	NOT-FOR-US: DedeCMS
CVE-2019-6288
	RESERVED
CVE-2019-6287 (In Rancher 2.0.0 through 2.1.5, project members have continued access  ...)
	NOT-FOR-US: Rancher
CVE-2019-6286 (In LibSass 3.5.5, a heap-based buffer over-read exists in Sass::Prelex ...)
	- libsass 3.5.5-3 (low)
	[stretch] - libsass <no-dsa> (Minor issue)
	NOTE: https://github.com/sass/libsass/issues/2815
CVE-2019-6285 (The SingleDocParser::HandleFlowSequence function in yaml-cpp (aka LibY ...)
	- yaml-cpp <unfixed> (low; bug #919432)
	[buster] - yaml-cpp <no-dsa> (Minor issue)
	[stretch] - yaml-cpp <no-dsa> (Minor issue)
	[jessie] - yaml-cpp <no-dsa> (Minor issue)
	- yaml-cpp0.3 <removed>
	[stretch] - yaml-cpp0.3 <no-dsa> (Minor issue)
	[jessie] - yaml-cpp0.3 <no-dsa> (Minor issue)
	NOTE: https://github.com/jbeder/yaml-cpp/issues/660
CVE-2019-6284 (In LibSass 3.5.5, a heap-based buffer over-read exists in Sass::Prelex ...)
	- libsass 3.5.5-3 (low)
	[stretch] - libsass <no-dsa> (Minor issue)
	NOTE: https://github.com/sass/libsass/issues/2816
CVE-2019-6283 (In LibSass 3.5.5, a heap-based buffer over-read exists in Sass::Prelex ...)
	- libsass 3.5.5-3 (low)
	[stretch] - libsass <no-dsa> (Minor issue)
	NOTE: https://github.com/sass/libsass/issues/2814
CVE-2019-6282 (ChinaMobile PLC Wireless Router GPN2.4P21-C-CN devices with firmware W ...)
	NOT-FOR-US: ChinaMobile PLC Wireless Router GPN2.4P21-C-CN devices
CVE-2019-6281
	RESERVED
CVE-2019-6280
	RESERVED
CVE-2019-6279 (ChinaMobile PLC Wireless Router GPN2.4P21-C-CN devices with firmware W ...)
	NOT-FOR-US: ChinaMobile PLC Wireless Router GPN2.4P21-C-CN devices
CVE-2019-6278 (XSS exists in JPress v1.0.4 via Markdown input, or Markdown input with ...)
	NOT-FOR-US: JPress
CVE-2019-6277
	RESERVED
CVE-2019-6276
	RESERVED
CVE-2019-6275 (Command injection vulnerability in firmware_cgi in GL.iNet GL-AR300M-L ...)
	NOT-FOR-US: GL.iNet GL-AR300M-Lite devices
CVE-2019-6274 (Directory traversal vulnerability in storage_cgi in GL.iNet GL-AR300M- ...)
	NOT-FOR-US: GL.iNet GL-AR300M-Lite devices
CVE-2019-6273 (download_file in GL.iNet GL-AR300M-Lite devices with firmware 2.27 all ...)
	NOT-FOR-US: GL.iNet GL-AR300M-Lite devices
CVE-2019-6272 (Command injection vulnerability in login_cgi in GL.iNet GL-AR300M-Lite ...)
	NOT-FOR-US: GL.iNet GL-AR300M-Lite devices
CVE-2019-6271
	RESERVED
CVE-2019-6270
	RESERVED
CVE-2019-6269
	RESERVED
CVE-2019-6268
	RESERVED
CVE-2019-6267 (The Premium WP Suite Easy Redirect Manager plugin 28.07-17 for WordPre ...)
	NOT-FOR-US: Premium WP Suite Easy Redirect Manager plugin for WordPress
CVE-2019-6266 (Cordaware bestinformed Microsoft Windows client before 6.2.1.0 is affe ...)
	NOT-FOR-US: Cordaware bestinformed
CVE-2019-6265 (The Scripting and AutoUpdate functionality in Cordaware bestinformed M ...)
	NOT-FOR-US: Cordaware bestinformed
CVE-2019-6264 (An issue was discovered in Joomla! before 3.9.2. Inadequate escaping i ...)
	NOT-FOR-US: Joomla!
CVE-2019-6263 (An issue was discovered in Joomla! before 3.9.2. Inadequate checks of  ...)
	NOT-FOR-US: Joomla!
CVE-2019-6262 (An issue was discovered in Joomla! before 3.9.2. Inadequate checks of  ...)
	NOT-FOR-US: Joomla!
CVE-2019-6261 (An issue was discovered in Joomla! before 3.9.2. Inadequate escaping i ...)
	NOT-FOR-US: Joomla!
CVE-2019-6260 (The ASPEED ast2400 and ast2500 Baseband Management Controller (BMC) ha ...)
	NOT-FOR-US: ASPEED
CVE-2019-6259 (An issue was discovered in idreamsoft iCMS V7.0.13. There is SQL Injec ...)
	NOT-FOR-US: idreamsoft iCMS
CVE-2019-6258
	RESERVED
CVE-2019-6257 (A Server Side Request Forgery (SSRF) vulnerability in elFinder before  ...)
	NOT-FOR-US: elFinder
CVE-2019-6256 (A Denial of Service issue was discovered in the LIVE555 Streaming Medi ...)
	{DSA-4408-1 DLA-1690-1}
	- liblivemedia 2018.11.26-1 (bug #919529)
	NOTE: https://github.com/rgaufman/live555/issues/19
CVE-2019-6255
	RESERVED
CVE-2019-6254
	RESERVED
CVE-2019-6253
	RESERVED
CVE-2019-6252
	RESERVED
CVE-2019-6251 (WebKitGTK and WPE WebKit prior to version 2.24.1 are vulnerable to add ...)
	- webkit2gtk 2.24.1-1
	[stretch] - webkit2gtk <ignored> (Not covered by security support in stretch)
	[jessie] - webkit2gtk <ignored> (Not covered by security support in jessie)
	NOTE: https://gitlab.gnome.org/GNOME/epiphany/issues/532
	NOTE: https://bugs.webkit.org/show_bug.cgi?id=194131
	NOTE: https://bugs.webkit.org/show_bug.cgi?id=194208
	NOTE: https://webkitgtk.org/security/WSA-2019-0002.html
CVE-2019-6249 (An issue was discovered in HuCart v5.7.4. There is a CSRF vulnerabilit ...)
	NOT-FOR-US: HuCart
CVE-2019-6250 (A pointer overflow, with code execution, was discovered in ZeroMQ libz ...)
	{DSA-4368-1}
	- zeromq3 4.3.1-1 (bug #919098)
	[jessie] - zeromq3 <not-affected> (Vulnerable code introduced later)
	NOTE: https://github.com/zeromq/libzmq/issues/3351
CVE-2019-6248 (PHP Scripts Mall Citysearch / Hotfrog / Gelbeseiten Clone Script 2.0.1 ...)
	NOT-FOR-US: PHP Scripts Mall Citysearch / Hotfrog / Gelbeseiten Clone Script
CVE-2019-6247 (An issue was discovered in Anti-Grain Geometry (AGG) 2.4 as used in SV ...)
	- svgpp <unfixed> (unimportant; bug #919321)
	NOTE: https://github.com/svgpp/svgpp/issues/70
	NOTE: Issue only in src:svgpp which does not call the AGG-API in correct way.
	NOTE: No security impact, only used to build examples, see #921097
CVE-2019-6246 (An issue was discovered in SVG++ (aka svgpp) 1.2.3. After calling the  ...)
	- svgpp 1.2.3+dfsg1-5 (bug #919321)
	NOTE: https://github.com/svgpp/svgpp/issues/70
CVE-2019-6245 (An issue was discovered in Anti-Grain Geometry (AGG) 2.4 as used in SV ...)
	{DLA-1656-1}
	- agg 1:2.4-r127+dfsg1-1 (low; bug #919322)
	[stretch] - agg <no-dsa> (Minor issue)
	- svgpp <unfixed> (unimportant; bug #919321)
	NOTE: https://github.com/svgpp/svgpp/issues/70
	NOTE: Fixed in src:agg with: https://sourceforge.net/p/agg/svn/119/
	NOTE: and possibly already fixed with the inclusion of 05-fix-recursion-crash.patch
	NOTE: in 2.5+dfsg1-3.
	NOTE: No security impact on svgpp, only used to build examples, see #921097
CVE-2019-6244 (An issue was discovered in UsualToolCMS 8.0. cmsadmin/a_sqlbackx.php?t ...)
	NOT-FOR-US: UsualToolCMS
CVE-2019-6243 (Frog CMS 0.9.5 allows XSS via the forgot password page (aka the /admin ...)
	NOT-FOR-US: Frog CMS
CVE-2019-6242 (** DISPUTED ** Kentico v10.0.42 allows Global Administrators to read t ...)
	NOT-FOR-US: Kentico
CVE-2019-6241 (In Bevywise MQTTRoute 1.1 build 1018-002, a connect packet combined wi ...)
	NOT-FOR-US: Bevywise MQTTRoute
CVE-2019-6240 (An issue was discovered in GitLab Community and Enterprise Edition bef ...)
	- gitlab 11.5.7+dfsg-1 (bug #919822)
	NOTE: https://about.gitlab.com/2019/01/16/critical-security-release-gitlab-11-dot-6-dot-4-released/
CVE-2019-6239 (This issue was addressed with improved handling of file metadata. This ...)
	NOT-FOR-US: Apple
CVE-2019-6238
	RESERVED
CVE-2019-6237 (Multiple memory corruption issues were addressed with improved memory  ...)
	- webkit2gtk 2.24.1-1
	[stretch] - webkit2gtk <ignored> (Not covered by security support in stretch)
	[jessie] - webkit2gtk <ignored> (Not covered by security support in jessie)
	NOTE: https://webkitgtk.org/security/WSA-2019-0003.html
CVE-2019-6236 (A race condition existed during the installation of iCloud for Windows ...)
	NOT-FOR-US: Apple
CVE-2019-6235 (A memory corruption issue was addressed with improved validation. This ...)
	NOT-FOR-US: Apple
CVE-2019-6234 (A memory corruption issue was addressed with improved memory handling. ...)
	- webkit2gtk 2.22.4-1 (unimportant)
	NOTE: Not covered by security support
CVE-2019-6233 (A memory corruption issue was addressed with improved memory handling. ...)
	- webkit2gtk 2.22.4-1 (unimportant)
	NOTE: Not covered by security support
CVE-2019-6232 (A race condition existed during the installation of iTunes for Windows ...)
	NOT-FOR-US: Apple
CVE-2019-6231 (An out-of-bounds read was addressed with improved bounds checking. Thi ...)
	NOT-FOR-US: Apple
CVE-2019-6230 (A memory initialization issue was addressed with improved memory handl ...)
	NOT-FOR-US: Apple
CVE-2019-6229 (A logic issue was addressed with improved validation. This issue is fi ...)
	- webkit2gtk 2.22.5-1 (unimportant)
	NOTE: Not covered by security support
CVE-2019-6228 (A cross-site scripting issue existed in Safari. This issue was address ...)
	NOT-FOR-US: Apple Safari
CVE-2019-6227 (A memory corruption issue was addressed with improved memory handling. ...)
	- webkit2gtk 2.22.5-1 (unimportant)
	NOTE: Not covered by security support
CVE-2019-6226 (Multiple memory corruption issues were addressed with improved memory  ...)
	- webkit2gtk 2.22.0-2 (unimportant)
	NOTE: Not covered by security support
CVE-2019-6225 (A memory corruption issue was addressed with improved validation. This ...)
	NOT-FOR-US: Apple
CVE-2019-6224 (A buffer overflow issue was addressed with improved memory handling. T ...)
	NOT-FOR-US: Apple
CVE-2019-6223 (A logic issue existed in the handling of Group FaceTime calls. The iss ...)
	NOT-FOR-US: Apple
CVE-2019-6222 (A consistency issue was addressed with improved state handling. This i ...)
	NOT-FOR-US: Apple
CVE-2019-6221 (An out-of-bounds read was addressed with improved bounds checking. Thi ...)
	NOT-FOR-US: Apple
CVE-2019-6220 (An out-of-bounds read was addressed with improved input validation. Th ...)
	NOT-FOR-US: Apple
CVE-2019-6219 (A denial of service issue was addressed with improved validation. This ...)
	NOT-FOR-US: Apple
CVE-2019-6218 (A memory corruption issue was addressed with improved input validation ...)
	NOT-FOR-US: Apple
CVE-2019-6217 (Multiple memory corruption issues were addressed with improved memory  ...)
	- webkit2gtk 2.22.5-1 (unimportant)
	NOTE: Not covered by security support
CVE-2019-6216 (Multiple memory corruption issues were addressed with improved memory  ...)
	- webkit2gtk 2.22.5-1 (unimportant)
	NOTE: Not covered by security support
CVE-2019-6215 (A type confusion issue was addressed with improved memory handling. Th ...)
	- webkit2gtk 2.22.6-1 (unimportant)
	NOTE: Not covered by security support
CVE-2019-6214 (A type confusion issue was addressed with improved memory handling. Th ...)
	NOT-FOR-US: Apple
CVE-2019-6213 (A buffer overflow was addressed with improved bounds checking. This is ...)
	NOT-FOR-US: Apple
CVE-2019-6212 (Multiple memory corruption issues were addressed with improved memory  ...)
	- webkit2gtk 2.22.6-1 (unimportant)
	NOTE: Not covered by security support
CVE-2019-6211 (A memory corruption issue was addressed with improved state management ...)
	NOT-FOR-US: Apple
CVE-2019-6210 (A memory corruption issue was addressed with improved input validation ...)
	NOT-FOR-US: Apple
CVE-2019-6209 (An out-of-bounds read issue existed that led to the disclosure of kern ...)
	NOT-FOR-US: Apple
CVE-2019-6208 (A memory initialization issue was addressed with improved memory handl ...)
	NOT-FOR-US: Apple
CVE-2019-6207 (An out-of-bounds read issue existed that led to the disclosure of kern ...)
	NOT-FOR-US: Apple
CVE-2019-6206 (An issue existed with autofill resuming after it was canceled. The iss ...)
	NOT-FOR-US: autofill in iOS
CVE-2019-6205 (A memory corruption issue was addressed with improved lock state check ...)
	NOT-FOR-US: Apple
CVE-2019-6204 (A logic issue was addressed with improved validation. This issue is fi ...)
	NOT-FOR-US: Apple
CVE-2019-6203
	RESERVED
CVE-2019-6202 (An out-of-bounds read was addressed with improved bounds checking. Thi ...)
	NOT-FOR-US: Apple
CVE-2019-6201 (Multiple memory corruption issues were addressed with improved memory  ...)
	- webkit2gtk 2.24.1-1
	[stretch] - webkit2gtk <ignored> (Not covered by security support in stretch)
	[jessie] - webkit2gtk <ignored> (Not covered by security support in jessie)
	NOTE: https://webkitgtk.org/security/WSA-2019-0002.html
CVE-2019-6200 (An out-of-bounds read was addressed with improved input validation. Th ...)
	NOT-FOR-US: Apple
CVE-2019-6199
	RESERVED
CVE-2019-6198
	RESERVED
CVE-2019-6197
	RESERVED
CVE-2019-6196
	RESERVED
CVE-2019-6195 (An authorization bypass exists in Lenovo XClarity Controller (XCC) ver ...)
	NOT-FOR-US: Lenovo
CVE-2019-6194 (An XML External Entity (XXE) processing vulnerability was reported in  ...)
	NOT-FOR-US: Lenovo
CVE-2019-6193 (An information disclosure vulnerability was reported in Lenovo XClarit ...)
	NOT-FOR-US: Lenovo
CVE-2019-6192 (A potential vulnerability has been reported in Lenovo Power Management ...)
	NOT-FOR-US: Lenovo
CVE-2019-6191 (A potential vulnerability in the discontinued LenovoPaper software ver ...)
	NOT-FOR-US: Lenovo
CVE-2019-6190 (Lenovo was notified of a potential denial of service vulnerability, af ...)
	NOT-FOR-US: Lenovo
CVE-2019-6189 (A potential vulnerability was reported in Lenovo System Interface Foun ...)
	NOT-FOR-US: Lenovo
CVE-2019-6188 (The BIOS tamper detection mechanism was not triggered in Lenovo ThinkP ...)
	NOT-FOR-US: Lenovo
CVE-2019-6187 (A stored CSV Injection vulnerability was reported in Lenovo XClarity C ...)
	NOT-FOR-US: Lenovo
CVE-2019-6186 (A potential vulnerability was reported in Lenovo System Interface Foun ...)
	NOT-FOR-US: Lenovo
CVE-2019-6185
	RESERVED
CVE-2019-6184 (A potential vulnerability in the discontinued Customer Engagement Serv ...)
	NOT-FOR-US: Lenovo
CVE-2019-6183 (A denial of service vulnerability has been reported in Lenovo Energy M ...)
	NOT-FOR-US: Lenovo
CVE-2019-6182 (A stored CSV Injection vulnerability was reported in Lenovo XClarity A ...)
	NOT-FOR-US: Lenovo
CVE-2019-6181 (A reflected cross-site scripting (XSS) vulnerability was reported in L ...)
	NOT-FOR-US: Lenovo
CVE-2019-6180 (A stored cross-site scripting (XSS) vulnerability was reported in Leno ...)
	NOT-FOR-US: Lenovo
CVE-2019-6179 (An XML External Entity (XXE) processing vulnerability was reported in  ...)
	NOT-FOR-US: Lenovo
CVE-2019-6178 (An information leakage vulnerability in Iomega and LenovoEMC NAS produ ...)
	NOT-FOR-US: Iomega and LenovoEMC NAS products
CVE-2019-6177 (A vulnerability reported in Lenovo Solution Center version 03.12.003,  ...)
	NOT-FOR-US: Lenovo
CVE-2019-6176 (A potential vulnerability reported in ThinkPad USB-C Dock Firmware ver ...)
	NOT-FOR-US: Lenovo
CVE-2019-6175 (A denial of service vulnerability was reported in Lenovo System Update ...)
	NOT-FOR-US: Lenovo
CVE-2019-6174
	RESERVED
CVE-2019-6173
	RESERVED
CVE-2019-6172 (A potential vulnerability in the SMI callback function in some Lenovo  ...)
	NOT-FOR-US: Lenovo
CVE-2019-6171 (A vulnerability was reported in various BIOS versions of older ThinkPa ...)
	NOT-FOR-US: Lenovo
CVE-2019-6170 (A potential vulnerability in some Lenovo ThinkPads may allow an attack ...)
	NOT-FOR-US: Lenovo
CVE-2019-6169 (A vulnerability reported in Lenovo Service Bridge before version 4.1.0 ...)
	NOT-FOR-US: Lenovo Service Bridge
CVE-2019-6168 (A vulnerability reported in Lenovo Service Bridge before version 4.1.0 ...)
	NOT-FOR-US: Lenovo Service Bridge
CVE-2019-6167 (A vulnerability reported in Lenovo Service Bridge before version 4.1.0 ...)
	NOT-FOR-US: Lenovo Service Bridge
CVE-2019-6166 (A vulnerability reported in Lenovo Service Bridge before version 4.1.0 ...)
	NOT-FOR-US: Lenovo Service Bridge
CVE-2019-6165 (A DLL search path vulnerability was reported in PaperDisplay Hotkey Se ...)
	NOT-FOR-US: Lenovo
CVE-2019-6164
	RESERVED
CVE-2019-6163 (A denial of service vulnerability was reported in Lenovo System Update ...)
	NOT-FOR-US: Lenovo System Update
CVE-2019-6162
	RESERVED
CVE-2019-6161 (An internal product security audit discovered a session handling vulne ...)
	NOT-FOR-US: Lenovo
CVE-2019-6160 (A vulnerability in various versions of Iomega and LenovoEMC NAS produc ...)
	NOT-FOR-US: Iomega and LenovoEMC NAS products
CVE-2019-6159 (A stored cross-site scripting (XSS) vulnerability exists in various fi ...)
	NOT-FOR-US: IBM
CVE-2019-6158 (An internal product security audit of Lenovo XClarity Administrator (L ...)
	NOT-FOR-US: Lenovo XClarity Administrator (LXCA)
CVE-2019-6157 (In various firmware versions of Lenovo System x, the integrated manage ...)
	NOT-FOR-US: Lenovo
CVE-2019-6156 (In Lenovo systems, SMM BIOS Write Protection is used to prevent writes ...)
	NOT-FOR-US: Lenovo
CVE-2019-6155 (A potential vulnerability was found in an SMI handler in various BIOS  ...)
	NOT-FOR-US: Lenovo
CVE-2019-6154 (A DLL search path vulnerability was reported in Lenovo Bootable Genera ...)
	NOT-FOR-US: Lenovo
CVE-2019-6153
	REJECTED
CVE-2019-6152
	REJECTED
CVE-2019-6151
	REJECTED
CVE-2019-6150
	REJECTED
CVE-2019-6149 (An unquoted search path vulnerability was identified in Lenovo Dynamic ...)
	NOT-FOR-US: Lenovo
CVE-2019-6148
	RESERVED
CVE-2019-6147 (Forcepoint NGFW Security Management Center (SMC) versions lower than 6 ...)
	NOT-FOR-US: Forcepoint NGFW Security Management Center
CVE-2019-6146 (It has been reported that cross-site scripting (XSS) is possible in Fo ...)
	NOT-FOR-US: Forcepoint Web Security
CVE-2019-6145 (Forcepoint VPN Client for Windows versions lower than 6.6.1 have an un ...)
	NOT-FOR-US: Forcepoint
CVE-2019-6144 (This vulnerability allows a normal (non-admin) user to disable the For ...)
	NOT-FOR-US: Forcepoint
CVE-2019-6143 (Forcepoint Next Generation Firewall (Forcepoint NGFW) 6.4.x before 6.4 ...)
	NOT-FOR-US: Forcepoint Next Generation Firewall (Forcepoint NGFW)
CVE-2019-6142 (It has been reported that XSS is possible in Forcepoint Email Security ...)
	NOT-FOR-US: Forcepoint
CVE-2019-6141
	RESERVED
CVE-2019-6140 (A configuration issue has been discovered in Forcepoint Email Security ...)
	NOT-FOR-US: Forcepoint Email Security
CVE-2019-6139 (Forcepoint User ID (FUID) server versions up to 1.2 have a remote arbi ...)
	NOT-FOR-US: Forcepoint User ID (FUID) server
CVE-2019-6138 (An issue has been found in libIEC61850 v1.3.1. Memory_malloc and Memor ...)
	NOT-FOR-US: libIEC61850
CVE-2019-6137 (An issue was discovered in lib60870 2.1.1. LinkLayer_setAddress in lin ...)
	NOT-FOR-US: lib60870
CVE-2019-6136 (An issue has been found in libIEC61850 v1.3.1. Ethernet_setProtocolFil ...)
	NOT-FOR-US: libIEC61850
CVE-2019-6135 (An issue has been found in libIEC61850 v1.3.1. Memory_malloc in hal/me ...)
	NOT-FOR-US: libIEC61850
CVE-2019-6134
	RESERVED
CVE-2019-6133 (In PolicyKit (aka polkit) 0.115, the "start time" protection mechanism ...)
	{DLA-1799-1 DLA-1644-1}
	- linux 4.19.16-1
	[stretch] - linux 4.9.161-1
	- policykit-1 0.105-25 (bug #918985)
	[stretch] - policykit-1 <no-dsa> (Minor issue, kernel mitigation will land in next 4.9.x rebase)
	NOTE: https://bugs.chromium.org/p/project-zero/issues/detail?id=1692
	NOTE: https://gitlab.freedesktop.org/polkit/polkit/merge_requests/19
	NOTE: https://gitlab.freedesktop.org/polkit/polkit/commit/c898fdf4b1aafaa04f8ada9d73d77c8bb76e2f81
	NOTE: Issue can be mitigated in kernel with
	NOTE: https://git.kernel.org/linus/7b55851367136b1efd84d98fea81ba57a98304cf (landed in 4.9.150)
CVE-2019-6132 (An issue was discovered in Bento4 v1.5.1-627. There is a memory leak i ...)
	NOT-FOR-US: Bento4
CVE-2019-6131 (svg-run.c in Artifex MuPDF 1.14.0 has infinite recursion with stack co ...)
	- mupdf 1.14.0+ds1-3 (bug #918970)
	[stretch] - mupdf <no-dsa> (Minor issue)
	[jessie] - mupdf <not-affected> (vulnerable code not present)
	NOTE: https://bugs.ghostscript.com/show_bug.cgi?id=700442
	NOTE: http://www.ghostscript.com/cgi-bin/findgit.cgi?c8f7e48ff74720a5e984ae19d978a5ab4d5dde5b
CVE-2019-6130 (Artifex MuPDF 1.14.0 has a SEGV in the function fz_load_page of the fi ...)
	{DLA-1838-1}
	- mupdf 1.14.0+ds1-3 (bug #918971)
	[stretch] - mupdf <no-dsa> (Minor issue)
	NOTE: https://bugs.ghostscript.com/show_bug.cgi?id=700446
	NOTE: http://www.ghostscript.com/cgi-bin/findgit.cgi?faf47b94e24314d74907f3f6bc874105f2c962ed
CVE-2019-6129 (** DISPUTED ** png_create_info_struct in png.c in libpng 1.6.36 has a  ...)
	- libpng1.6 <unfixed> (unimportant)
	- libpng <removed> (unimportant)
	NOTE: https://github.com/glennrp/libpng/issues/269
	NOTE: Memory leak in CLI tool, no security impact
CVE-2019-6128 (The TIFFFdOpen function in tif_unix.c in LibTIFF 4.0.10 has a memory l ...)
	{DLA-2009-1}
	- tiff 4.0.10-4 (bug #921157; unimportant)
	- tiff3 <removed> (unimportant)
	NOTE: http://bugzilla.maptools.org/show_bug.cgi?id=2836
	NOTE: Fixed by: https://gitlab.com/libtiff/libtiff/commit/ae0bed1fe530a82faf2e9ea1775109dbf301a971
CVE-2019-6127 (An issue was discovered in XiaoCms 20141229. It allows admin/index.php ...)
	NOT-FOR-US: XiaoCms
CVE-2019-6126 (The Admin Panel of PHP Scripts Mall Advance Peer to Peer MLM Script v1 ...)
	NOT-FOR-US: Admin Panel of PHP Scripts Mall Advance Peer to Peer MLM Script
CVE-2019-6125
	RESERVED
CVE-2019-6124
	RESERVED
CVE-2019-6123
	RESERVED
CVE-2019-6122 (A Username Enumeration via Error Message issue was discovered in NiceH ...)
	NOT-FOR-US: NiceHash Miner
CVE-2019-6121 (An issue was discovered in NiceHash Miner before 2.0.3.0. Missing Auth ...)
	NOT-FOR-US: NiceHash Miner
CVE-2019-6120 (An issue was discovered in NiceHash Miner before 2.0.3.0. A missing ra ...)
	NOT-FOR-US: NiceHash Miner
CVE-2019-6119
	RESERVED
CVE-2019-6118
	RESERVED
CVE-2019-6117 (The wpape APE GALLERY plugin 1.6.14 for WordPress has stored XSS via t ...)
	NOT-FOR-US: wpape APE GALLERY plugin for WordPress
CVE-2019-6116 (In Artifex Ghostscript through 9.26, ephemeral or transient procedures ...)
	{DSA-4372-1 DLA-1670-1}
	- ghostscript 9.26a~dfsg-1
	NOTE: https://www.openwall.com/lists/oss-security/2019/01/23/5
	NOTE: http://git.ghostscript.com/?p=ghostpdl.git;a=commitdiff;h=13b0a36f8181db66a91bcc8cea139998b53a8996
	NOTE: http://git.ghostscript.com/?p=ghostpdl.git;a=commitdiff;h=2db98f9c66135601efb103d8db7d020a672308db
	NOTE: http://git.ghostscript.com/?p=ghostpdl.git;a=commitdiff;h=99f13091a3f309bdc95d275ea9fec10bb9f42d9a
	NOTE: http://git.ghostscript.com/?p=ghostpdl.git;a=commitdiff;h=59d8f4deef90c1598ff50616519d5576756b4495
	NOTE: http://git.ghostscript.com/?p=ghostpdl.git;a=commitdiff;h=2768d1a6dddb83f5c061207a7ed2813999c1b5c9
	NOTE: http://git.ghostscript.com/?p=ghostpdl.git;a=commitdiff;h=49c8092da88ef6bb0aa281fe294ae0925a44b5b9
	NOTE: https://bugs.chromium.org/p/project-zero/issues/detail?id=1729
	NOTE: https://bugs.ghostscript.com/show_bug.cgi?id=700317
CVE-2019-6115
	RESERVED
CVE-2019-6114 (An issue was discovered in Corel PaintShop Pro 2019 21.0.0.119. An int ...)
	NOT-FOR-US: Corel PaintShop Pro
CVE-2019-6113 (Directory traversal vulnerability on ONKYO TX-NR686 1030-5000-1040-001 ...)
	NOT-FOR-US: ONKYO
CVE-2019-6112
	RESERVED
CVE-2019-6111 (An issue was discovered in OpenSSH 7.9. Due to the scp implementation  ...)
	{DSA-4387-2 DSA-4387-1 DLA-1728-1}
	- openssh 1:7.9p1-9 (bug #923486)
	NOTE: https://sintonen.fi/advisories/scp-client-multiple-vulnerabilities.txt
	NOTE: https://github.com/openssh/openssh-portable/commit/391ffc4b9d31fa1f4ad566499fef9176ff8a07dc
	NOTE: https://github.com/openssh/openssh-portable/commit/3d896c157c722bc47adca51a58dca859225b5874
	NOTE: For unstable partially fixed in 1:7.9p1-6, applied complete fix in 1:7.9p1-9.
CVE-2019-6110 (In OpenSSH 7.9, due to accepting and displaying arbitrary stderr outpu ...)
	- openssh <unfixed> (unimportant)
	NOTE: https://sintonen.fi/advisories/scp-client-multiple-vulnerabilities.txt
	NOTE: Not considered a vulnerability by upstream, cf.
	NOTE: https://lists.mindrot.org/pipermail/openssh-unix-dev/2019-January/037475.html
CVE-2019-6109 (An issue was discovered in OpenSSH 7.9. Due to missing character encod ...)
	{DSA-4387-1 DLA-1728-1}
	- openssh 1:7.9p1-6 (bug #793412)
	NOTE: https://sintonen.fi/advisories/scp-client-multiple-vulnerabilities.txt
	NOTE: https://bugzilla.mindrot.org/show_bug.cgi?id=2434
	NOTE: Patch: https://bugzilla.mindrot.org/attachment.cgi?id=3228
	NOTE: Fixed by: https://github.com/openssh/openssh-portable/commit/8976f1c4b2721c26e878151f52bdf346dfe2d54c
	NOTE: possibly additionally needed: https://github.com/openssh/openssh-portable/commit/bdc6c63c80b55bcbaa66b5fde31c1cb1d09a41eb
CVE-2019-6108
	RESERVED
CVE-2019-6107
	RESERVED
CVE-2019-6106
	RESERVED
CVE-2019-6105
	RESERVED
CVE-2019-6104
	RESERVED
CVE-2019-6103
	RESERVED
CVE-2019-6102
	RESERVED
CVE-2019-6101
	RESERVED
CVE-2019-6100
	RESERVED
CVE-2019-6099
	RESERVED
CVE-2019-6098
	RESERVED
CVE-2019-6097
	RESERVED
CVE-2019-6096
	RESERVED
CVE-2019-6095
	RESERVED
CVE-2019-6094
	RESERVED
CVE-2019-6093
	RESERVED
CVE-2019-6092
	RESERVED
CVE-2019-6091
	RESERVED
CVE-2019-6090
	RESERVED
CVE-2019-6089
	RESERVED
CVE-2019-6088
	RESERVED
CVE-2019-6087
	RESERVED
CVE-2019-6086
	RESERVED
CVE-2019-6085
	RESERVED
CVE-2019-6084
	RESERVED
CVE-2019-6083
	RESERVED
CVE-2019-6082
	RESERVED
CVE-2019-6081
	RESERVED
CVE-2019-6080
	RESERVED
CVE-2019-6079
	RESERVED
CVE-2019-6078
	RESERVED
CVE-2019-6077
	RESERVED
CVE-2019-6076
	RESERVED
CVE-2019-6075
	RESERVED
CVE-2019-6074
	RESERVED
CVE-2019-6073
	RESERVED
CVE-2019-6072
	RESERVED
CVE-2019-6071
	RESERVED
CVE-2019-6070
	RESERVED
CVE-2019-6069
	RESERVED
CVE-2019-6068
	RESERVED
CVE-2019-6067
	RESERVED
CVE-2019-6066
	RESERVED
CVE-2019-6065
	RESERVED
CVE-2019-6064
	RESERVED
CVE-2019-6063
	RESERVED
CVE-2019-6062
	RESERVED
CVE-2019-6061
	RESERVED
CVE-2019-6060
	RESERVED
CVE-2019-6059
	RESERVED
CVE-2019-6058
	RESERVED
CVE-2019-6057
	RESERVED
CVE-2019-6056
	RESERVED
CVE-2019-6055
	RESERVED
CVE-2019-6054
	RESERVED
CVE-2019-6053
	RESERVED
CVE-2019-6052
	RESERVED
CVE-2019-6051
	RESERVED
CVE-2019-6050
	RESERVED
CVE-2019-6049
	RESERVED
CVE-2019-6048
	RESERVED
CVE-2019-6047
	RESERVED
CVE-2019-6046
	RESERVED
CVE-2019-6045
	RESERVED
CVE-2019-6044
	RESERVED
CVE-2019-6043
	RESERVED
CVE-2019-6042
	RESERVED
CVE-2019-6041
	RESERVED
CVE-2019-6040
	RESERVED
CVE-2019-6039
	RESERVED
CVE-2019-6038
	RESERVED
CVE-2019-6037
	RESERVED
CVE-2019-6036 (Cross-site scripting vulnerability in F-RevoCRM 6.0 to F-RevoCRM 6.5 p ...)
	NOT-FOR-US: F-RevoCRM
CVE-2019-6035 (Open redirect vulnerability in Athenz v1.8.24 and earlier allows remot ...)
	NOT-FOR-US: Athenz
CVE-2019-6034 (a-blog cms versions prior to Ver.2.10.23 (Ver.2.10.x), Ver.2.9.26 (Ver ...)
	NOT-FOR-US: a-blog cms
CVE-2019-6033 (Cross-site scripting vulnerability in a-blog cms versions prior to Ver ...)
	NOT-FOR-US: a-blog cms
CVE-2019-6032 (The NTV News24 prior to Ver.3.0.0 does not verify X.509 certificates f ...)
	NOT-FOR-US: NTV News24
CVE-2019-6031 (Cross-site scripting vulnerability in KINZA for Windows version 5.9.2  ...)
	NOT-FOR-US: KINZA for Windows
CVE-2019-6030 (Cross-site request forgery (CSRF) vulnerability in Custom Body Class 0 ...)
	NOT-FOR-US: Custom Body Class
CVE-2019-6029 (Cross-site scripting vulnerability in Custom Body Class 0.6.0 and earl ...)
	NOT-FOR-US: Custom Body Class
CVE-2019-6028
	RESERVED
CVE-2019-6027 (Cross-site request forgery (CSRF) vulnerability in WP Spell Check 7.1. ...)
	NOT-FOR-US: WP Spell Check Wordpress Plugin
CVE-2019-6026 (Privilege escalation vulnerability in Multiple MOTEX products (LanScop ...)
	NOT-FOR-US: MOTEX
CVE-2019-6025 (Open redirect vulnerability in Movable Type series Movable Type 7 r.46 ...)
	- movabletype-opensource <removed>
CVE-2019-6024 (Rakuma App for Android version 7.15.0 and earlier, and for iOS version ...)
	NOT-FOR-US: Rakuma App for Android
CVE-2019-6023 (Cybozu Office 10.0.0 to 10.8.3 allows remote authenticated attackers t ...)
	NOT-FOR-US: Cybozu Office
CVE-2019-6022 (Directory traversal vulnerability in Cybozu Office 10.0.0 to 10.8.3 al ...)
	NOT-FOR-US: Cybozu Office
CVE-2019-6021 (Open redirect vulnerability in Library Information Management System L ...)
	NOT-FOR-US: Library Information Management System LIMEDIO
CVE-2019-6020 (Open redirect vulnerability in PowerCMS 5.12 and earlier (PowerCMS 5.x ...)
	NOT-FOR-US: PowerCMS
CVE-2019-6019 (Untrusted search path vulnerability in STAMP Workbench installer all v ...)
	NOT-FOR-US: STAMP Workbench installer
CVE-2019-6018 (Cross-site scripting vulnerability in NetCommons 3.2.2 and earlier (Ne ...)
	NOT-FOR-US: NetCommons
CVE-2019-6017 (REMISE Payment Module (2.11, 2.12 and 2.13) version 3.0.12 and earlier ...)
	NOT-FOR-US: REMISE Payment Module
CVE-2019-6016 (Cross-site scripting vulnerability in REMISE Payment Module (2.11, 2.1 ...)
	NOT-FOR-US: REMISE Payment Module
CVE-2019-6015 (FON2601E-SE, FON2601E-RE, FON2601E-FSW-S, and FON2601E-FSW-B with firm ...)
	NOT-FOR-US: FON routers
CVE-2019-6014 (DBA-1510P firmware 1.70b009 and earlier allows an attacker to execute  ...)
	NOT-FOR-US: DBA-1510P firmware
CVE-2019-6013 (DBA-1510P firmware 1.70b009 and earlier allows authenticated attackers ...)
	NOT-FOR-US: DBA-1510P firmware
CVE-2019-6012 (SQL injection vulnerability in the wpDataTables Lite Version 2.0.11 an ...)
	NOT-FOR-US: wpDataTables Lite
CVE-2019-6011 (Cross-site scripting vulnerability in wpDataTables Lite Version 2.0.11 ...)
	NOT-FOR-US: wpDataTables Lite
CVE-2019-6010 (Integer overflow vulnerability in LINE(Android) from 4.4.0 to the vers ...)
	NOT-FOR-US: LINE(Android)
CVE-2019-6009 (Open redirect vulnerability in SHIRASAGI v1.7.0 and earlier allows rem ...)
	NOT-FOR-US: SHIRASAGI
CVE-2019-6008 (An unquoted search path vulnerability in Multiple Yokogawa products fo ...)
	NOT-FOR-US: Yokogawa
CVE-2019-6007 (Integer overflow vulnerability in apng-drawable 1.0.0 to 1.6.0 allows  ...)
	NOT-FOR-US: apng-drawable
CVE-2019-6006
	RESERVED
CVE-2019-6005 (Smart TV Box firmware version prior to 1300 allows remote attackers to ...)
	NOT-FOR-US: Smart TV Box
CVE-2019-6004 (Open redirect vulnerability in ApeosWare Management Suite Ver.1.4.0.18 ...)
	NOT-FOR-US: ApeosWare Management Suite
CVE-2019-6003 (Cross-site scripting vulnerability in EC-CUBE plugin 'Amazon Pay Plugi ...)
	NOT-FOR-US: EC-CUBE
CVE-2019-6002 (Cross-site scripting vulnerability in Central Dogma 0.17.0 to 0.40.1 a ...)
	NOT-FOR-US: Central Dogma
CVE-2019-6001 (Buffer overflow in PTP (Picture Transfer Protocol) of EOS series digit ...)
	NOT-FOR-US: Canon
CVE-2019-6000 (Buffer overflow in PTP (Picture Transfer Protocol) of EOS series digit ...)
	NOT-FOR-US: Canon
CVE-2019-5999 (Buffer overflow in PTP (Picture Transfer Protocol) of EOS series digit ...)
	NOT-FOR-US: Canon
CVE-2019-5998 (Buffer overflow in PTP (Picture Transfer Protocol) of EOS series digit ...)
	NOT-FOR-US: Canon
CVE-2019-5997
	RESERVED
CVE-2019-5996 (SQL injection vulnerability in the Video Insight VMS 7.3.2.5 and earli ...)
	NOT-FOR-US: Video Insight VMS
CVE-2019-5995 (Missing authorization vulnerability exists in EOS series digital camer ...)
	NOT-FOR-US: Canon
CVE-2019-5994 (Buffer overflow in PTP (Picture Transfer Protocol) of EOS series digit ...)
	NOT-FOR-US: Canon
CVE-2019-5993 (Cross-site request forgery (CSRF) vulnerability in Category Specific R ...)
	NOT-FOR-US: Category Specific RSS feed Subscription
CVE-2019-5992 (Cross-site request forgery (CSRF) vulnerability in WordPress Ultra Sim ...)
	NOT-FOR-US: WordPress Ultra Simple Paypal Shopping Cart
CVE-2019-5991 (SQL injection vulnerability in the Cybozu Garoon 4.0.0 to 4.10.3 allow ...)
	NOT-FOR-US: Cybozu Garoon
CVE-2019-5990 (Access analysis CGI An-Analyzer released in 2019 June 24 and earlier a ...)
	NOT-FOR-US: CGI An-Analyzer
CVE-2019-5989 (DOM-based cross-site scripting vulnerability in Access analysis CGI An ...)
	NOT-FOR-US: CGI An-Analyzer
CVE-2019-5988 (Stored cross-site scripting vulnerability in Access analysis CGI An-An ...)
	NOT-FOR-US: CGI An-Analyzer
CVE-2019-5987 (Access analysis CGI An-Analyzer released in 2019 June 24 and earlier a ...)
	NOT-FOR-US: CGI An-Analyzer
CVE-2019-5986 (Cross-site request forgery (CSRF) vulnerability in Hikari Denwa router ...)
	NOT-FOR-US: Hikari
CVE-2019-5985 (Cross-site scripting vulnerability in Hikari Denwa router/Home GateWay ...)
	NOT-FOR-US: Hikari
CVE-2019-5984 (Cross-site request forgery (CSRF) vulnerability in Custom CSS Pro 1.0. ...)
	NOT-FOR-US: Custom CSS Pro
CVE-2019-5983 (Cross-site request forgery (CSRF) vulnerability in HTML5 Maps 1.6.5.6  ...)
	NOT-FOR-US: HTML5 Maps
CVE-2019-5982 (Improper download file verification vulnerability in VAIO Update 7.3.0 ...)
	NOT-FOR-US: VAIO Update
CVE-2019-5981 (Improper authorization vulnerability in VAIO Update 7.3.0.03150 and ea ...)
	NOT-FOR-US: VAIO Update
CVE-2019-5980 (Cross-site request forgery (CSRF) vulnerability in Related YouTube Vid ...)
	NOT-FOR-US: Related YouTube Videos
CVE-2019-5979 (Cross-site request forgery (CSRF) vulnerability in Personalized WooCom ...)
	NOT-FOR-US: Personalized WooCommerce Cart Page
CVE-2019-5978 (Open redirect vulnerability in Cybozu Garoon 4.0.0 to 4.10.2 allows re ...)
	NOT-FOR-US: Cybozu Garoon
CVE-2019-5977 (Mail header injection vulnerability in Cybozu Garoon 4.0.0 to 4.10.2 m ...)
	NOT-FOR-US: Cybozu Garoon
CVE-2019-5976 (Cybozu Garoon 4.0.0 to 4.10.2 allows an attacker with administrative r ...)
	NOT-FOR-US: Cybozu Garoon
CVE-2019-5975 (DOM-based cross-site scripting vulnerability in Cybozu Garoon 4.6.0 to ...)
	NOT-FOR-US: Cybozu Garoon
CVE-2019-5974 (Cross-site request forgery (CSRF) vulnerability in Contest Gallery ver ...)
	NOT-FOR-US: Contest Gallery
CVE-2019-5973 (Cross-site request forgery (CSRF) vulnerability in Online Lesson Booki ...)
	NOT-FOR-US: Online Lesson Booking
CVE-2019-5972 (Cross-site scripting vulnerability in Online Lesson Booking 0.8.6 and  ...)
	NOT-FOR-US: Online Lesson Booking
CVE-2019-5971 (Cross-site request forgery (CSRF) vulnerability in Attendance Manager  ...)
	NOT-FOR-US: Attendance Manager
CVE-2019-5970 (Cross-site scripting vulnerability in Attendance Manager 0.5.6 and ear ...)
	NOT-FOR-US: Attendance Manager
CVE-2019-5969 (Open redirect vulnerability in GROWI v3.4.6 and earlier allows remote  ...)
	NOT-FOR-US: GROWI
CVE-2019-5968 (Cross-site request forgery (CSRF) vulnerability in GROWI v3.4.6 and ea ...)
	NOT-FOR-US: GROWI
CVE-2019-5967 (Cross-site scripting vulnerability in Joruri CMS 2017 Release2 and ear ...)
	NOT-FOR-US: Joruri CMS
CVE-2019-5966 (Joruri Mail 2.1.4 and earlier does not properly manage sessions, which ...)
	NOT-FOR-US: Joruri Mail
CVE-2019-5965 (Open redirect vulnerability in Joruri Mail 2.1.4 and earlier allows re ...)
	NOT-FOR-US: Joruri Mail
CVE-2019-5964 (iDoors Reader 2.10.17 and earlier allows an attacker on the same netwo ...)
	NOT-FOR-US: iDoors Reader
CVE-2019-5963 (Cross-site request forgery (CSRF) vulnerability in Zoho SalesIQ 1.0.8  ...)
	NOT-FOR-US: Zoho SalesIQ
CVE-2019-5962 (Cross-site scripting vulnerability in Zoho SalesIQ 1.0.8 and earlier a ...)
	NOT-FOR-US: Zoho SalesIQ
CVE-2019-5961 (The Android App 'Tootdon for Mastodon' version 3.4.1 and earlier does  ...)
	NOT-FOR-US: Android App 'Tootdon for Mastodon'
CVE-2019-5960 (Cross-site request forgery (CSRF) vulnerability in WP Open Graph 1.6.1 ...)
	NOT-FOR-US: WP Open Graph
CVE-2019-5959
	RESERVED
CVE-2019-5958 (Untrusted search path vulnerability in Electronic reception and examin ...)
	NOT-FOR-US: Electronic reception and examination of application for radio licenses Offline
CVE-2019-5957 (Untrusted search path vulnerability in Installer of Electronic recepti ...)
	NOT-FOR-US: Electronic reception and examination of application for radio licenses Online
CVE-2019-5956 (Directory traversal vulnerability in WonderCMS 2.6.0 and earlier allow ...)
	NOT-FOR-US: WonderCMS
CVE-2019-5955 (CREATE SD official App for Android version 1.0.2 and earlier allows re ...)
	NOT-FOR-US: CREATE SD official App for Android
CVE-2019-5954 (JR East Japan train operation information push notification App for An ...)
	NOT-FOR-US: JR East Japan train operation information push notification App for Android
CVE-2019-5953 (Buffer overflow in GNU Wget 1.20.1 and earlier allows remote attackers ...)
	{DSA-4425-1 DLA-1760-1}
	- wget 1.20.1-1.1 (bug #926389)
	NOTE: https://jvn.jp/en/jp/JVN25261088/
	NOTE: https://lists.gnu.org/archive/html/bug-wget/2019-04/msg00001.html
	NOTE: https://lists.gnu.org/archive/html/bug-wget/2019-04/msg00012.html
	NOTE: https://git.savannah.gnu.org/cgit/wget.git/commit/?id=692d5c5215de0db482c252492a92fc424cc6a97c
	NOTE: https://git.savannah.gnu.org/cgit/wget.git/commit/?id=562eacb76a2b64d5dc80a443f0f739bc9ef76c17 (removed unneeded debug lines in fixing commit)
	NOTE: Fixed in 1.20.3
CVE-2019-5952
	RESERVED
CVE-2019-5951
	RESERVED
CVE-2019-5950
	RESERVED
CVE-2019-5949
	RESERVED
CVE-2019-5948
	RESERVED
CVE-2019-5947 (Cross-site scripting vulnerability in Cybozu Garoon 4.6.0 to 4.10.1 al ...)
	NOT-FOR-US: Cybozu Garoon
CVE-2019-5946 (Open redirect vulnerability in Cybozu Garoon 4.2.4 to 4.10.1 allows re ...)
	NOT-FOR-US: Cybozu Garoon
CVE-2019-5945 (Cybozu Garoon 4.2.4 to 4.10.1 allow remote attackers to obtain the use ...)
	NOT-FOR-US: Cybozu Garoon
CVE-2019-5944 (Cybozu Garoon 4.0.0 to 4.10.1 allows remote authenticated attackers to ...)
	NOT-FOR-US: Cybozu Garoon
CVE-2019-5943 (Cybozu Garoon 4.0.0 to 4.10.1 allows remote authenticated attackers to ...)
	NOT-FOR-US: Cybozu Garoon
CVE-2019-5942 (Cybozu Garoon 4.0.0 to 4.10.1 allows remote authenticated attackers to ...)
	NOT-FOR-US: Cybozu Garoon
CVE-2019-5941 (Cybozu Garoon 4.0.0 to 4.10.1 allows remote authenticated attackers to ...)
	NOT-FOR-US: Cybozu Garoon
CVE-2019-5940 (Cross-site scripting vulnerability in Cybozu Garoon 4.0.0 to 4.10.1 al ...)
	NOT-FOR-US: Cybozu Garoon
CVE-2019-5939 (Cross-site scripting vulnerability in Cybozu Garoon 4.0.0 to 4.10.1 al ...)
	NOT-FOR-US: Cybozu Garoon
CVE-2019-5938 (Cross-site scripting vulnerability in Cybozu Garoon 4.0.0 to 4.10.1 al ...)
	NOT-FOR-US: Cybozu Garoon
CVE-2019-5937 (Cross-site scripting vulnerability in Cybozu Garoon 4.0.0 to 4.10.1 al ...)
	NOT-FOR-US: Cybozu Garoon
CVE-2019-5936 (Directory traversal vulnerability in Cybozu Garoon 4.0.0 to 4.10.1 all ...)
	NOT-FOR-US: Cybozu Garoon
CVE-2019-5935 (Cybozu Garoon 4.0.0 to 4.10.1 allows remote authenticated attackers to ...)
	NOT-FOR-US: Cybozu Garoon
CVE-2019-5934 (SQL injection vulnerability in the Cybozu Garoon 4.0.0 to 4.10.0 allow ...)
	NOT-FOR-US: Cybozu Garoon
CVE-2019-5933 (Cybozu Garoon 4.0.0 to 4.10.0 allows remote authenticated attackers to ...)
	NOT-FOR-US: Cybozu Garoon
CVE-2019-5932 (Cross-site scripting vulnerability in Cybozu Garoon 4.6.0 to 4.6.3 all ...)
	NOT-FOR-US: Cybozu Garoon
CVE-2019-5931 (Cybozu Garoon 4.0.0 to 4.6.3 allows authenticated attackers to alter t ...)
	NOT-FOR-US: Cybozu Garoon
CVE-2019-5930 (Cybozu Garoon 4.0.0 to 4.6.3 allows remote attackers to bypass access  ...)
	NOT-FOR-US: Cybozu Garoon
CVE-2019-5929 (Cross-site scripting vulnerability in Cybozu Garoon 4.0.0 to 4.6.3 all ...)
	NOT-FOR-US: Cybozu Garoon
CVE-2019-5928 (Cross-site scripting vulnerability in Cybozu Garoon 4.0.0 to 4.6.3 all ...)
	NOT-FOR-US: Cybozu Garoon
CVE-2019-5927 (Directory traversal vulnerability in 'an' App for iOS Version 3.2.0 an ...)
	NOT-FOR-US: 'an' App for iOS
CVE-2019-5926 (Cross-site scripting vulnerability in KinagaCMS versions prior to 6.5  ...)
	NOT-FOR-US: KinagaCMS
CVE-2019-5925 (Cross-site scripting vulnerability in Dradis Community Edition Dradis  ...)
	NOT-FOR-US: Dradis
CVE-2019-5924 (Cross-site request forgery (CSRF) vulnerability in Smart Forms 2.6.15  ...)
	NOT-FOR-US: Smart Forms
CVE-2019-5923 (Directory traversal vulnerability in iChain Insurance Wallet App for i ...)
	NOT-FOR-US: iChain Insurance Wallet App for iOS
CVE-2019-5922 (Untrusted search path vulnerability in The installer of Microsoft Team ...)
	NOT-FOR-US: Microsoft
CVE-2019-5921 (Untrusted search path vulnerability in Windows 7 allows an attacker to ...)
	NOT-FOR-US: Microsoft Windows
CVE-2019-5920 (Cross-site request forgery (CSRF) vulnerability in FormCraft 1.2.1 and ...)
	NOT-FOR-US: FormCraft
CVE-2019-5919 (An incomplete cryptography of the data store function by using hidden  ...)
	NOT-FOR-US: Nablarch
CVE-2019-5918 (Nablarch 5 (5, and 5u1 to 5u13) allows remote attackers to conduct XML ...)
	NOT-FOR-US: Nablarch
CVE-2019-5917 (azure-umqtt-c (available through GitHub prior to 2017 October 6) allow ...)
	NOT-FOR-US: azure-umqtt-c
CVE-2019-5916 (Input validation issue in POWER EGG(Ver 2.0.1, Ver 2.02 Patch 3 and ea ...)
	NOT-FOR-US: POWER EGG
CVE-2019-5915 (Open redirect vulnerability in OpenAM (Open Source Edition) 13.0 allow ...)
	NOT-FOR-US: OpenAM (different from src:openam)
CVE-2019-5914 (V20 PRO L-01J software version L01J20c and L01J20d has a NULL pointer  ...)
	NOT-FOR-US: V20 PRO L-01J
CVE-2019-5913 (Untrusted search path vulnerability in the installer of LHMelting (LHM ...)
	NOT-FOR-US: LHMelting
CVE-2019-5912 (Untrusted search path vulnerability in the installer of UNARJ32.DLL (U ...)
	NOT-FOR-US: Some Windows installer
CVE-2019-5911 (Untrusted search path vulnerability in the installer of UNLHA32.DLL (U ...)
	NOT-FOR-US: Some Windows installer
CVE-2019-5910 (Directory traversal vulnerability in HOUSE GATE App for iOS 1.7.8 and  ...)
	NOT-FOR-US: HOUSE GATE App for iOS
CVE-2019-5909 (License Manager Service of YOKOGAWA products (CENTUM VP (R5.01.00 - R6 ...)
	NOT-FOR-US: Yokogawa License Manager Service
CVE-2019-5908
	RESERVED
CVE-2019-5907
	RESERVED
CVE-2019-5906
	RESERVED
CVE-2019-5905
	RESERVED
CVE-2019-5904
	RESERVED
CVE-2019-5903
	RESERVED
CVE-2019-5902
	RESERVED
CVE-2019-5901
	RESERVED
CVE-2019-5900
	RESERVED
CVE-2019-5899
	RESERVED
CVE-2019-5898
	RESERVED
CVE-2019-5897
	RESERVED
CVE-2019-5896
	RESERVED
CVE-2019-5895
	RESERVED
CVE-2019-5894
	RESERVED
CVE-2019-5893 (Nelson Open Source ERP v6.3.1 allows SQL Injection via the db/utils/qu ...)
	NOT-FOR-US: Nelson Open Source ERP
CVE-2019-5892 (bgpd in FRRouting FRR (aka Free Range Routing) 2.x and 3.x before 3.0. ...)
	- frr <not-affected> (Fixed before initial upload)
CVE-2019-5891 (An issue was discovered in OverIT Geocall 6.3 before build 2:346977. A ...)
	NOT-FOR-US: OverIT Geocall
CVE-2019-5890 (An issue was discovered in OverIT Geocall 6.3 before build 2:346977. W ...)
	NOT-FOR-US: OverIT Geocall
CVE-2019-5889 (An log-management directory traversal issue was discovered in OverIT G ...)
	NOT-FOR-US: OverIT Geocall
CVE-2019-5888 (Multiple XSS vulnerabilities were discovered in OverIT Geocall 6.3 bef ...)
	NOT-FOR-US: OverIT Geocall
CVE-2019-5887 (An issue was discovered in ShopXO 1.2.0. In the UnlinkDir method of th ...)
	NOT-FOR-US: ShopXO
CVE-2019-5886 (An issue was discovered in ShopXO 1.2.0. In the application\install\co ...)
	NOT-FOR-US: ShopXO
CVE-2019-5885 (Matrix Synapse before 0.34.0.1, when the macaroon_secret_key authentic ...)
	- matrix-synapse 0.34.1.1-1
	NOTE: https://matrix.org/blog/2019/01/10/critical-security-update-synapse-0-34-0-1-synapse-0-34-1-1/
	NOTE: https://matrix.org/blog/2019/01/15/further-details-on-critical-security-update-in-synapse-affecting-all-versions-prior-to-0-34-1-cve-2019-5885/
CVE-2019-5884 (php/elFinder.class.php in elFinder before 2.1.45 leaks information if  ...)
	NOT-FOR-US: elFinder
CVE-2019-5883 (An Incorrect Access Control issue was discovered in GitLab Community a ...)
	- gitlab 11.3.11+dfsg-1
	NOTE: https://about.gitlab.com/2018/11/28/security-release-gitlab-11-dot-5-dot-1-released/
CVE-2019-5881 (Out of bounds read in SwiftShader in Google Chrome prior to 77.0.3865. ...)
	- chromium 78.0.3904.87-1
CVE-2019-5880 (Insufficient policy enforcement in Blink in Google Chrome prior to 77. ...)
	{DSA-4562-1}
	- chromium 78.0.3904.87-1
CVE-2019-5879 (Insufficient policy enforcement in extensions in Google Chrome prior t ...)
	{DSA-4562-1}
	- chromium 78.0.3904.87-1
CVE-2019-5878 (Use after free in V8 in Google Chrome prior to 77.0.3865.75 allowed a  ...)
	{DSA-4562-1}
	- chromium 78.0.3904.87-1
CVE-2019-5877 (Out of bounds memory access in JavaScript in Google Chrome prior to 77 ...)
	{DSA-4562-1}
	- chromium 78.0.3904.87-1
CVE-2019-5876 (Use after free in media in Google Chrome on Android prior to 77.0.3865 ...)
	{DSA-4562-1}
	- chromium 78.0.3904.87-1
CVE-2019-5875 (Insufficient data validation in downloads in Google Chrome prior to 77 ...)
	{DSA-4562-1}
	- chromium 78.0.3904.87-1
CVE-2019-5874 (Insufficient filtering in URI schemes in Google Chrome on Windows prio ...)
	{DSA-4562-1}
	- chromium 78.0.3904.87-1
CVE-2019-5873 (Insufficient policy validation in navigation in Google Chrome on iOS p ...)
	- chromium <not-affected> (iOS specific issue)
CVE-2019-5872 (Use after free in Mojo in Google Chrome prior to 77.0.3865.75 allowed  ...)
	{DSA-4562-1}
	- chromium 78.0.3904.87-1
CVE-2019-5871 (Heap buffer overflow in Skia in Google Chrome prior to 77.0.3865.75 al ...)
	{DSA-4562-1}
	- chromium 78.0.3904.87-1
CVE-2019-5870 (Use after free in media in Google Chrome prior to 77.0.3865.75 allowed ...)
	{DSA-4562-1}
	- chromium 78.0.3904.87-1
CVE-2019-5869 (Use after free in Blink in Google Chrome prior to 76.0.3809.132 allowe ...)
	{DSA-4562-1}
	- chromium 78.0.3904.87-1
CVE-2019-5868 (Use after free in PDFium in Google Chrome prior to 76.0.3809.100 allow ...)
	{DSA-4500-1}
	- chromium 76.0.3809.100-1
CVE-2019-5867 (Out of bounds read in JavaScript in Google Chrome prior to 76.0.3809.1 ...)
	{DSA-4500-1}
	- chromium 76.0.3809.100-1
CVE-2019-5866 (Out of bounds memory access in JavaScript in Google Chrome prior to 75 ...)
	- chromium 76.0.3809.71-1
CVE-2019-5865 (Insufficient policy enforcement in navigations in Google Chrome prior  ...)
	{DSA-4500-1}
	- chromium 76.0.3809.87-1
CVE-2019-5864 (Insufficient data validation in CORS in Google Chrome prior to 76.0.38 ...)
	{DSA-4500-1}
	- chromium 76.0.3809.87-1
CVE-2019-5863
	RESERVED
	- chromium <not-affected> (Windows-specific)
CVE-2019-5862 (Insufficient data validation in AppCache in Google Chrome prior to 76. ...)
	{DSA-4500-1}
	- chromium 76.0.3809.87-1
CVE-2019-5861 (Insufficient data validation in Blink in Google Chrome prior to 76.0.3 ...)
	{DSA-4500-1}
	- chromium 76.0.3809.87-1
CVE-2019-5860 (Use after free in PDFium in Google Chrome prior to 76.0.3809.87 allowe ...)
	{DSA-4500-1}
	- chromium 76.0.3809.87-1
CVE-2019-5859 (Insufficient filtering in URI schemes in Google Chrome on Windows prio ...)
	{DSA-4500-1}
	- chromium 76.0.3809.87-1
CVE-2019-5858 (Incorrect security UI in MacOS services integration in Google Chrome o ...)
	{DSA-4500-1}
	- chromium 76.0.3809.87-1
CVE-2019-5857 (Inappropriate implementation in JavaScript in Google Chrome prior to 7 ...)
	{DSA-4500-1}
	- chromium 76.0.3809.87-1
CVE-2019-5856 (Insufficient policy enforcement in storage in Google Chrome prior to 7 ...)
	{DSA-4500-1}
	- chromium 76.0.3809.87-1
CVE-2019-5855 (Integer overflow in PDFium in Google Chrome prior to 76.0.3809.87 allo ...)
	{DSA-4500-1}
	- chromium 76.0.3809.87-1
CVE-2019-5854 (Integer overflow in PDFium in Google Chrome prior to 76.0.3809.87 allo ...)
	{DSA-4500-1}
	- chromium 76.0.3809.87-1
CVE-2019-5853 (Inappropriate implementation in JavaScript in Google Chrome prior to 7 ...)
	{DSA-4500-1}
	- chromium 76.0.3809.87-1
CVE-2019-5852 (Inappropriate implementation in JavaScript in Google Chrome prior to 7 ...)
	{DSA-4500-1}
	- chromium 76.0.3809.87-1
CVE-2019-5851 (Use after free in WebAudio in Google Chrome prior to 76.0.3809.87 allo ...)
	{DSA-4500-1}
	- chromium 76.0.3809.87-1
CVE-2019-5850 (Use after free in offline mode in Google Chrome prior to 76.0.3809.87  ...)
	{DSA-4500-1}
	- chromium 76.0.3809.87-1
CVE-2019-5849 (Out of bounds read in Skia in Google Chrome prior to 75.0.3770.80 allo ...)
	{DSA-4500-1}
	- chromium 76.0.3809.87-1
	- firefox 69.0-1
	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2019-25/#CVE-2019-5849
CVE-2019-5848 (Incorrect font handling in autofill in Google Chrome prior to 75.0.377 ...)
	{DSA-4500-1}
	- chromium 76.0.3809.87-1
CVE-2019-5847 (Inappropriate implementation in JavaScript in Google Chrome prior to 7 ...)
	{DSA-4500-1}
	- chromium 76.0.3809.87-1
CVE-2019-5846 (Out of bounds access in SwiftShader in Google Chrome prior to 73.0.368 ...)
	{DSA-4421-1}
	- chromium 73.0.3683.75-1
CVE-2019-5845 (Out of bounds access in SwiftShader in Google Chrome prior to 73.0.368 ...)
	{DSA-4421-1}
	- chromium 73.0.3683.75-1
CVE-2019-5844 (Out of bounds access in SwiftShader in Google Chrome prior to 73.0.368 ...)
	{DSA-4421-1}
	- chromium 73.0.3683.75-1
CVE-2019-5843 (Out of bounds memory access in JavaScript in Google Chrome prior to 74 ...)
	{DSA-4500-1}
	- chromium 74.0.3729.108-1
CVE-2019-5842 (Use after free in Blink in Google Chrome prior to 75.0.3770.90 allowed ...)
	{DSA-4500-1}
	- chromium 75.0.3770.90-1
CVE-2019-5841 (Out of bounds memory access in JavaScript in Google Chrome prior to 75 ...)
	{DSA-4500-1}
	- chromium 75.0.3770.80-1
CVE-2019-5840 (Incorrect security UI in popup blocker in Google Chrome on iOS prior t ...)
	{DSA-4500-1}
	- chromium 75.0.3770.80-1
CVE-2019-5839 (Excessive data validation in URL parser in Google Chrome prior to 75.0 ...)
	{DSA-4500-1}
	- chromium 75.0.3770.80-1
CVE-2019-5838 (Insufficient policy enforcement in extensions API in Google Chrome pri ...)
	{DSA-4500-1}
	- chromium 75.0.3770.80-1
CVE-2019-5837 (Resource size information leakage in Blink in Google Chrome prior to 7 ...)
	{DSA-4500-1}
	- chromium 75.0.3770.80-1
CVE-2019-5836 (Heap buffer overflow in ANGLE in Google Chrome prior to 75.0.3770.80 a ...)
	{DSA-4500-1}
	- chromium 75.0.3770.80-1
CVE-2019-5835 (Object lifecycle issue in SwiftShader in Google Chrome prior to 75.0.3 ...)
	- chromium 75.0.3770.80-1
CVE-2019-5834 (Insufficient data validation in Blink in Google Chrome prior to 75.0.3 ...)
	{DSA-4500-1}
	- chromium <not-affected> (iOS-specific)
CVE-2019-5833 (Incorrect dialog box scoping in browser in Google Chrome on Android pr ...)
	{DSA-4500-1}
	- chromium 75.0.3770.80-1
CVE-2019-5832 (Insufficient policy enforcement in XMLHttpRequest in Google Chrome pri ...)
	{DSA-4500-1}
	- chromium 75.0.3770.80-1
CVE-2019-5831 (Object lifecycle issue in V8 in Google Chrome prior to 75.0.3770.80 al ...)
	{DSA-4500-1}
	- chromium 75.0.3770.80-1
CVE-2019-5830 (Insufficient policy enforcement in CORS in Google Chrome prior to 75.0 ...)
	{DSA-4500-1}
	- chromium 75.0.3770.80-1
CVE-2019-5829 (Integer overflow in download manager in Google Chrome prior to 75.0.37 ...)
	{DSA-4500-1}
	- chromium 75.0.3770.80-1
CVE-2019-5828 (Object lifecycle issue in ServiceWorker in Google Chrome prior to 75.0 ...)
	{DSA-4500-1}
	- chromium 75.0.3770.80-1
CVE-2019-5827 (Integer overflow in SQLite via WebSQL in Google Chrome prior to 74.0.3 ...)
	{DSA-4500-1}
	- chromium 75.0.3770.80-1
	- sqlite3 3.27.2-3
	[stretch] - sqlite3 <no-dsa> (Minor issue; mainly with inpact in chromium)
	[jessie] - sqlite3 <no-dsa> (Minor issue; mainly with inpact in chromium)
	NOTE: https://www.sqlite.org/src/info/07ee06fd390bfebe
	NOTE: https://www.sqlite.org/src/info/0b6ae032c28e7fe3
CVE-2019-5826 (Use after free in IndexedDB in Google Chrome prior to 73.0.3683.86 all ...)
	{DSA-4500-1}
	- chromium 75.0.3770.80-1
CVE-2019-5825 (Out of bounds write in JavaScript in Google Chrome prior to 73.0.3683. ...)
	{DSA-4500-1}
	- chromium 75.0.3770.80-1
CVE-2019-5824 (Parameter passing error in media in Google Chrome prior to 74.0.3729.1 ...)
	{DSA-4500-1}
	- chromium 75.0.3770.80-1
CVE-2019-5823 (Insufficient policy enforcement in service workers in Google Chrome pr ...)
	{DSA-4500-1}
	- chromium 74.0.3729.108-1
CVE-2019-5822 (Inappropriate implementation in Blink in Google Chrome prior to 74.0.3 ...)
	{DSA-4500-1}
	- chromium 74.0.3729.108-1
CVE-2019-5821 (Integer overflow in PDFium in Google Chrome prior to 74.0.3729.108 all ...)
	{DSA-4500-1}
	- chromium 74.0.3729.108-1
CVE-2019-5820 (Integer overflow in PDFium in Google Chrome prior to 74.0.3729.108 all ...)
	{DSA-4500-1}
	- chromium 74.0.3729.108-1
CVE-2019-5819 (Insufficient data validation in developer tools in Google Chrome on OS ...)
	{DSA-4500-1}
	- chromium 74.0.3729.108-1
CVE-2019-5818 (Uninitialized data in media in Google Chrome prior to 74.0.3729.108 al ...)
	{DSA-4500-1}
	- chromium 74.0.3729.108-1
CVE-2019-5817 (Heap buffer overflow in ANGLE in Google Chrome on Windows prior to 74. ...)
	- chromium <not-affected> (Windows-specific)
CVE-2019-5816 (Process lifetime issue in Chrome in Google Chrome on Android prior to  ...)
	- chromium <not-affected> (Android-specific issue)
CVE-2019-5815 (Type confusion in xsltNumberFormatGetMultipleLevel prior to libxslt 1. ...)
	{DSA-4500-1}
	- chromium 74.0.3729.108-1
CVE-2019-5814 (Insufficient policy enforcement in Blink in Google Chrome prior to 74. ...)
	{DSA-4500-1}
	- chromium 74.0.3729.108-1
CVE-2019-5813 (Use after free in V8 in Google Chrome prior to 74.0.3729.108 allowed a ...)
	{DSA-4500-1}
	- chromium 74.0.3729.108-1
CVE-2019-5812 (Inadequate security UI in iOS UI in Google Chrome prior to 74.0.3729.1 ...)
	- chromium <not-affected> (iOS specific)
CVE-2019-5811 (Incorrect handling of CORS in ServiceWorker in Google Chrome prior to  ...)
	{DSA-4500-1}
	- chromium 74.0.3729.108-1
CVE-2019-5810 (Information leak in autofill in Google Chrome prior to 74.0.3729.108 a ...)
	{DSA-4500-1}
	- chromium 74.0.3729.108-1
CVE-2019-5809 (Use after free in file chooser in Google Chrome prior to 74.0.3729.108 ...)
	{DSA-4500-1}
	- chromium 74.0.3729.108-1
CVE-2019-5808 (Use after free in Blink in Google Chrome prior to 74.0.3729.108 allowe ...)
	{DSA-4500-1}
	- chromium 74.0.3729.108-1
CVE-2019-5807 (Object lifetime issue in V8 in Google Chrome prior to 74.0.3729.108 al ...)
	{DSA-4500-1}
	- chromium 74.0.3729.108-1
CVE-2019-5806 (Integer overflow in ANGLE in Google Chrome on Windows prior to 74.0.37 ...)
	{DSA-4500-1}
	- chromium 74.0.3729.108-1
CVE-2019-5805 (Use-after-free in PDFium in Google Chrome prior to 74.0.3729.108 allow ...)
	{DSA-4500-1}
	- chromium 74.0.3729.108-1
CVE-2019-5804 (Incorrect command line processing in Chrome in Google Chrome prior to  ...)
	- chromium <not-affected> (Windows-specific)
CVE-2019-5803 (Insufficient policy enforcement in Content Security Policy in Google C ...)
	{DSA-4421-1}
	- chromium 73.0.3683.75-1
CVE-2019-5802 (Incorrect handling of download origins in Navigation in Google Chrome  ...)
	{DSA-4421-1}
	- chromium 73.0.3683.75-1
CVE-2019-5801 (Incorrect eliding of URLs in Omnibox in Google Chrome on iOS prior to  ...)
	- chromium <not-affected> (iOS specific)
CVE-2019-5800 (Insufficient policy enforcement in Blink in Google Chrome prior to 73. ...)
	{DSA-4421-1}
	- chromium 73.0.3683.75-1
CVE-2019-5799 (Incorrect inheritance of a new document's policy in Content Security P ...)
	{DSA-4421-1}
	- chromium 73.0.3683.75-1
CVE-2019-5798 (Lack of correct bounds checking in Skia in Google Chrome prior to 73.0 ...)
	{DSA-4451-1 DSA-4448-1 DSA-4421-1 DLA-1806-1 DLA-1800-1}
	- chromium 73.0.3683.75-1
	- firefox-esr 60.7.0esr-1
	- thunderbird 1:60.7.0-1
	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2019-14/#CVE-2019-5798
	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2019-15/#CVE-2019-5798
CVE-2019-5797
	RESERVED
	{DSA-4421-1}
	- chromium 73.0.3683.75-1
CVE-2019-5796 (Data race in extensions guest view in Google Chrome prior to 73.0.3683 ...)
	{DSA-4421-1}
	- chromium 73.0.3683.75-1
CVE-2019-5795 (Integer overflow in PDFium in Google Chrome prior to 73.0.3683.75 allo ...)
	{DSA-4421-1}
	- chromium 73.0.3683.75-1
CVE-2019-5794 (Incorrect handling of cancelled requests in Navigation in Google Chrom ...)
	{DSA-4421-1}
	- chromium 73.0.3683.75-1
CVE-2019-5793 (Insufficient policy enforcement in extensions in Google Chrome prior t ...)
	{DSA-4421-1}
	- chromium 73.0.3683.75-1
CVE-2019-5792 (Integer overflow in PDFium in Google Chrome prior to 73.0.3683.75 allo ...)
	{DSA-4421-1}
	- chromium 73.0.3683.75-1
CVE-2019-5791 (Inappropriate optimization in V8 in Google Chrome prior to 73.0.3683.7 ...)
	{DSA-4421-1}
	- chromium 73.0.3683.75-1
CVE-2019-5790 (An integer overflow leading to an incorrect capacity of a buffer in Ja ...)
	{DSA-4421-1}
	- chromium 73.0.3683.75-1
CVE-2019-5789 (An integer overflow that leads to a use-after-free in WebMIDI in Googl ...)
	{DSA-4421-1}
	- chromium 73.0.3683.75-1
CVE-2019-5788 (An integer overflow that leads to a use-after-free in Blink Storage in ...)
	{DSA-4421-1}
	- chromium 73.0.3683.75-1
CVE-2019-5787 (Use-after-garbage-collection in Blink in Google Chrome prior to 73.0.3 ...)
	{DSA-4421-1}
	- chromium 73.0.3683.75-1
CVE-2019-5786 (Object lifetime issue in Blink in Google Chrome prior to 72.0.3626.121 ...)
	{DSA-4404-1}
	- chromium 72.0.3626.121-1
CVE-2019-5785 (Incorrect convexity calculations in Skia in Google Chrome prior to 72. ...)
	{DSA-4392-1 DSA-4391-1 DLA-1678-1 DLA-1677-1}
	- firefox 65.0.1-1
	- firefox-esr 60.5.1esr-1
	- thunderbird 1:60.5.1-1
	- skia <itp> (bug #818180)
	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2019-04/#CVE-2019-5785
	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2019-05/#CVE-2019-5785
	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2019-06/#CVE-2019-5785
CVE-2019-5784 (Incorrect handling of deferred code in V8 in Google Chrome prior to 72 ...)
	{DSA-4395-1}
	- chromium 72.0.3626.109-1
CVE-2019-5783 (Missing URI encoding of untrusted input in DevTools in Google Chrome p ...)
	{DSA-4395-1}
	- chromium 72.0.3626.81-1
CVE-2019-5782 (Incorrect optimization assumptions in V8 in Google Chrome prior to 72. ...)
	{DSA-4395-1}
	- chromium 72.0.3626.81-1
CVE-2019-5781 (Incorrect handling of a confusable character in Omnibox in Google Chro ...)
	{DSA-4395-1}
	- chromium 72.0.3626.81-1
CVE-2019-5780 (Insufficient restrictions on what can be done with Apple Events in Goo ...)
	{DSA-4395-1}
	- chromium 72.0.3626.81-1
CVE-2019-5779 (Insufficient policy validation in ServiceWorker in Google Chrome prior ...)
	{DSA-4395-1}
	- chromium 72.0.3626.81-1
CVE-2019-5778 (A missing case for handling special schemes in permission request chec ...)
	{DSA-4395-1}
	- chromium 72.0.3626.81-1
CVE-2019-5777 (Incorrect handling of a confusable character in Omnibox in Google Chro ...)
	{DSA-4395-1}
	- chromium 72.0.3626.81-1
CVE-2019-5776 (Incorrect handling of a confusable character in Omnibox in Google Chro ...)
	{DSA-4395-1}
	- chromium 72.0.3626.81-1
CVE-2019-5775 (Incorrect handling of a confusable character in Omnibox in Google Chro ...)
	{DSA-4395-1}
	- chromium 72.0.3626.81-1
CVE-2019-5774 (Omission of the .desktop filetype from the Safe Browsing checklist in  ...)
	{DSA-4395-1}
	- chromium 72.0.3626.81-1
CVE-2019-5773 (Insufficient origin validation in IndexedDB in Google Chrome prior to  ...)
	{DSA-4395-1}
	- chromium 72.0.3626.81-1
CVE-2019-5772 (Sharing of objects over calls into JavaScript runtime in PDFium in Goo ...)
	{DSA-4395-1}
	- chromium 72.0.3626.81-1
CVE-2019-5771 (An incorrect JIT of GLSL shaders in SwiftShader in Google Chrome prior ...)
	- chromium <not-affected> (chromium package does not build swiftshader)
CVE-2019-5770 (Insufficient input validation in WebGL in Google Chrome prior to 72.0. ...)
	{DSA-4395-1}
	- chromium 72.0.3626.81-1
CVE-2019-5769 (Incorrect handling of invalid end character position when front render ...)
	{DSA-4395-1}
	- chromium 72.0.3626.81-1
CVE-2019-5768 (DevTools API not correctly gating on extension capability in DevTools  ...)
	{DSA-4395-1}
	- chromium 72.0.3626.81-1
CVE-2019-5767 (Insufficient protection of permission UI in WebAPKs in Google Chrome o ...)
	{DSA-4395-1}
	- chromium 72.0.3626.81-1
CVE-2019-5766 (Incorrect handling of origin taint checking in Canvas in Google Chrome ...)
	{DSA-4395-1}
	- chromium 72.0.3626.81-1
CVE-2019-5765 (An exposed debugging endpoint in the browser in Google Chrome on Andro ...)
	{DSA-4395-1}
	- chromium 72.0.3626.81-1
CVE-2019-5764 (Incorrect pointer management in WebRTC in Google Chrome prior to 72.0. ...)
	{DSA-4395-1}
	- chromium 72.0.3626.81-1
CVE-2019-5763 (Failure to check error conditions in V8 in Google Chrome prior to 72.0 ...)
	{DSA-4395-1}
	- chromium 72.0.3626.81-1
CVE-2019-5762 (Inappropriate memory management when caching in PDFium in Google Chrom ...)
	{DSA-4395-1}
	- chromium 72.0.3626.81-1
CVE-2019-5761 (Incorrect object lifecycle management in SwiftShader in Google Chrome  ...)
	- chromium <not-affected> (chromium package does not build swiftshader)
CVE-2019-5760 (Insufficient checks of pointer validity in WebRTC in Google Chrome pri ...)
	{DSA-4395-1}
	- chromium 72.0.3626.81-1
CVE-2019-5759 (Incorrect lifetime handling in HTML select elements in Google Chrome o ...)
	{DSA-4395-1}
	- chromium 72.0.3626.81-1
CVE-2019-5758 (Incorrect object lifecycle management in Blink in Google Chrome prior  ...)
	{DSA-4395-1}
	- chromium 72.0.3626.81-1
CVE-2019-5757 (An incorrect object type assumption in SVG in Google Chrome prior to 7 ...)
	{DSA-4395-1}
	- chromium 72.0.3626.81-1
CVE-2019-5756 (Inappropriate memory management when caching in PDFium in Google Chrom ...)
	{DSA-4395-1}
	- chromium 72.0.3626.81-1
CVE-2019-5755 (Incorrect handling of negative zero in V8 in Google Chrome prior to 72 ...)
	{DSA-4395-1}
	- chromium 72.0.3626.81-1
CVE-2019-5754 (Implementation error in QUIC Networking in Google Chrome prior to 72.0 ...)
	{DSA-4395-1}
	- chromium 72.0.3626.81-1
CVE-2019-5882 (Irssi 1.1.x before 1.1.2 has a use after free when hidden lines are ex ...)
	- irssi 1.1.2-1 (bug #918865)
	[stretch] - irssi <not-affected> (Vulnerable code not present)
	[jessie] - irssi <not-affected> (Vulnerable code not present)
	NOTE: https://irssi.org/security/irssi_sa_2019_01.txt
	NOTE: https://github.com/irssi/irssi/pull/948
	NOTE: https://github.com/irssi/irssi//commit/8684ccb45c267fdeaaa779fce9323047aa5a9e38
	NOTE: Introduced with support for hidden lines in https://github.com/irssi/irssi/commit/8dfeca57ede1e726de07522a87203ce13676882d
CVE-2019-5753
	RESERVED
CVE-2019-5752
	RESERVED
CVE-2019-5751
	RESERVED
CVE-2019-5750
	RESERVED
CVE-2019-5749
	RESERVED
CVE-2019-5748 (In Traccar Server version 4.2, protocol/SpotProtocolDecoder.java might ...)
	NOT-FOR-US: Traccar Server
CVE-2019-5747 (An issue was discovered in BusyBox through 1.30.0. An out of bounds re ...)
	- busybox 1:1.30.1-2
	[buster] - busybox <not-affected> (Incomplete fix for CVE-2018-20679 did not reach buster)
	[stretch] - busybox <not-affected> (Incomplete fix for CVE-2018-20679 not applied)
	[jessie] - busybox <not-affected> (Incomplete fix for CVE-2018-20679 not applied)
	NOTE: https://bugs.busybox.net/show_bug.cgi?id=11506
	NOTE: https://git.busybox.net/busybox/commit/?id=74d9f1ba37010face4bd1449df4d60dd84450b06
CVE-2019-5746
	RESERVED
CVE-2019-5745
	RESERVED
CVE-2019-5744
	RESERVED
CVE-2019-5743
	RESERVED
CVE-2019-5742
	RESERVED
CVE-2019-5741
	RESERVED
CVE-2019-5740
	RESERVED
CVE-2019-5739 (Keep-alive HTTP and HTTPS connections can remain open and inactive for ...)
	- nodejs 8.9.3~dfsg-5 (unimportant)
	NOTE: https://nodejs.org/en/blog/vulnerability/february-2019-security-releases/
	NOTE: Nodejs not covered by security support
CVE-2019-5738
	RESERVED
CVE-2019-5737 (In Node.js including 6.x before 6.17.0, 8.x before 8.15.1, 10.x before ...)
	- nodejs 10.15.2~dfsg-1 (unimportant)
	NOTE: https://nodejs.org/en/blog/vulnerability/february-2019-security-releases/
	NOTE: Nodejs not covered by security support
CVE-2019-8308 (Flatpak before 1.0.7, and 1.1.x and 1.2.x before 1.2.3, exposes /proc  ...)
	{DSA-4390-1}
	- flatpak 1.2.3-1 (bug #922059)
CVE-2019-5736 (runc through 1.0-rc6, as used in Docker before 18.09.2 and other produ ...)
	- lxc 1:3.1.0+really3.0.3-4 (bug #922169; unimportant)
	- runc 1.0.0~rc6+dfsg1-2 (bug #922050)
	[stretch] - runc 0.1.1+dfsg1-2+deb9u1
	NOTE: https://www.openwall.com/lists/oss-security/2019/02/11/2
	NOTE: runc: Fixed by: https://github.com/opencontainers/runc/commit/0a8e4117e7f715d5fbeef398405813ce8e88558b
	NOTE: lxc: Fixed by: https://github.com/lxc/lxc/commit/6400238d08cdf1ca20d49bafb85f4e224348bf9d
	NOTE: Not considered a security issue by LXC upstream
CVE-2019-5735
	RESERVED
CVE-2019-5734
	RESERVED
CVE-2019-5733
	RESERVED
CVE-2019-5732
	RESERVED
CVE-2019-5731
	RESERVED
CVE-2019-5730
	RESERVED
CVE-2019-5729 (Splunk-SDK-Python before 1.6.6 does not properly verify untrusted TLS  ...)
	NOT-FOR-US: Splunk
CVE-2019-5728
	RESERVED
CVE-2019-5727 (Splunk Web in Splunk Enterprise 6.5.x before 6.5.5, 6.4.x before 6.4.9 ...)
	NOT-FOR-US: Splunk
CVE-2019-5726
	RESERVED
CVE-2019-5725 (qibosoft through V7 allows remote attackers to read arbitrary files vi ...)
	NOT-FOR-US: qibosoft
CVE-2019-5724
	RESERVED
CVE-2019-5723 (An issue was discovered in portier vision 4.4.4.2 and 4.4.4.6. Passwor ...)
	NOT-FOR-US: portier vision
CVE-2019-5722 (An issue was discovered in portier vision 4.4.4.2 and 4.4.4.6. Due to  ...)
	NOT-FOR-US: portier vision
CVE-2019-5721 (In Wireshark 2.4.0 to 2.4.11, the ENIP dissector could crash. This was ...)
	- wireshark 2.6.1-1
	[stretch] - wireshark 2.6.3-1~deb9u1
	[jessie] - wireshark <not-affected> (Vulnerable code not present)
	NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=14470
	NOTE: https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=1c66174ec7aa19e2ddc79178cf59f15a654fc4fe
	NOTE: https://www.wireshark.org/security/wnpa-sec-2019-05.html
	NOTE: Fix for 2.4.x was a cherry pick of:
	NOTE: https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=177962a5b4a05759b40fb6fc07a4a6eec306a9bf (2.5.1)
CVE-2019-5720 (includes/db/class.reflines_db.inc in FrontAccounting 2.4.6 contains a  ...)
	- frontaccounting <removed>
CVE-2019-5719 (In Wireshark 2.6.0 to 2.6.5 and 2.4.0 to 2.4.11, the ISAKMP dissector  ...)
	{DSA-4416-1 DLA-1645-1}
	- wireshark 2.6.6-1 (low)
	NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=15374
	NOTE: https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=b5b02f2a9b8772d8814096f86c60a32889d61f2c
	NOTE: https://www.wireshark.org/security/wnpa-sec-2019-04.html
CVE-2019-5718 (In Wireshark 2.6.0 to 2.6.5 and 2.4.0 to 2.4.11, the RTSE dissector an ...)
	{DSA-4416-1}
	- wireshark 2.6.6-1 (low)
	[jessie] - wireshark <not-affected> (Vulnerable code introduced later)
	NOTE: https://bugs.chromium.org/p/project-zero/issues/detail?id=1746
	NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=15373
	NOTE: https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=cd09cb5cfb673beca3cce20b1d6a9bc67a134ae1
	NOTE: https://www.wireshark.org/security/wnpa-sec-2019-03.html
CVE-2019-5717 (In Wireshark 2.6.0 to 2.6.5 and 2.4.0 to 2.4.11, the P_MUL dissector c ...)
	{DSA-4416-1 DLA-1645-1}
	- wireshark 2.6.6-1 (low)
	NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=15337
	NOTE: https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=bf9272a92f3df1e4ccfaad434e123222ae5313f7
	NOTE: https://www.wireshark.org/security/wnpa-sec-2019-02.html
CVE-2019-5716 (In Wireshark 2.6.0 to 2.6.5, the 6LoWPAN dissector could crash. This w ...)
	{DSA-4416-1 DLA-1645-1}
	- wireshark 2.6.6-1 (low)
	NOTE: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=15217
	NOTE: https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=2b2eea1793dbff813896e1ae9dff1bedb39ee010
	NOTE: https://www.wireshark.org/security/wnpa-sec-2019-01.html
CVE-2019-5715 (All versions of SilverStripe 3 prior to 3.6.7 and 3.7.3, and all versi ...)
	NOT-FOR-US: SilverStripe
CVE-2019-5714
	REJECTED
CVE-2019-5713
	REJECTED
CVE-2019-5712
	REJECTED
CVE-2019-5711
	REJECTED
CVE-2019-5710
	REJECTED
CVE-2019-5709
	REJECTED
CVE-2019-5708
	REJECTED
CVE-2019-5707
	REJECTED
CVE-2019-5706
	REJECTED
CVE-2019-5705
	REJECTED
CVE-2019-5704
	REJECTED
CVE-2019-5703
	REJECTED
CVE-2019-5702 (NVIDIA GeForce Experience, all versions prior to 3.20.2, contains a vu ...)
	NOT-FOR-US: NVIDIA
CVE-2019-5701 (NVIDIA GeForce Experience, all versions prior to 3.20.0.118, contains  ...)
	NOT-FOR-US: NVIDIA GeForce Experience
CVE-2019-5700 (NVIDIA Shield TV Experience prior to v8.0.1, NVIDIA Tegra software con ...)
	NOT-FOR-US: NVIDIA Shield TV Experience
CVE-2019-5699 (NVIDIA Shield TV Experience prior to v8.0.1, NVIDIA Tegra bootloader c ...)
	NOT-FOR-US: NVIDIA Shield TV Experience
CVE-2019-5698 (NVIDIA Virtual GPU Manager, all versions, contains a vulnerability in  ...)
	NOT-FOR-US: NVIDIA Virtual GPU Manager
CVE-2019-5697 (NVIDIA Virtual GPU Manager, all versions, contains a vulnerability in  ...)
	NOT-FOR-US: NVIDIA Virtual GPU Manager
CVE-2019-5696 (NVIDIA Virtual GPU Manager, all versions, contains a vulnerability in  ...)
	NOT-FOR-US: NVIDIA Virtual GPU Manager
CVE-2019-5695 (NVIDIA GeForce Experience (prior to 3.20.1) and Windows GPU Display Dr ...)
	NOT-FOR-US: NVIDIA
CVE-2019-5694 (NVIDIA Windows GPU Display Driver, R390 driver version, contains a vul ...)
	NOT-FOR-US: NVIDIA Windows GPU Display Driver
CVE-2019-5693 (NVIDIA Windows GPU Display Driver, all versions, contains a vulnerabil ...)
	NOT-FOR-US: NVIDIA Windows GPU Display Driver
CVE-2019-5692 (NVIDIA Windows GPU Display Driver, all versions, contains a vulnerabil ...)
	NOT-FOR-US: NVIDIA Windows GPU Display Driver
CVE-2019-5691 (NVIDIA Windows GPU Display Driver, all versions, contains a vulnerabil ...)
	NOT-FOR-US: NVIDIA Windows GPU Display Driver
CVE-2019-5690 (NVIDIA Windows GPU Display Driver, all versions, contains a vulnerabil ...)
	NOT-FOR-US: NVIDIA Windows GPU Display Driver
CVE-2019-5689 (NVIDIA GeForce Experience, all versions prior to 3.20.1, contains a vu ...)
	NOT-FOR-US: NVIDIA GeForce Experience
CVE-2019-5688 (NVIDIA NVFlash, NVUFlash Tool prior to v5.588.0 and GPUModeSwitch Tool ...)
	NOT-FOR-US: NVIDIA
CVE-2019-5687 (NVIDIA Windows GPU Display Driver (all versions) contains a vulnerabil ...)
	NOT-FOR-US: NVIDIA Windows driver
CVE-2019-5686 (NVIDIA Windows GPU Display Driver (all versions) contains a vulnerabil ...)
	NOT-FOR-US: NVIDIA Windows driver
CVE-2019-5685 (NVIDIA Windows GPU Display Driver (all versions) contains a vulnerabil ...)
	NOT-FOR-US: NVIDIA Windows driver
CVE-2019-5684 (NVIDIA Windows GPU Display Driver (all versions) contains a vulnerabil ...)
	NOT-FOR-US: NVIDIA Windows driver
CVE-2019-5683 (NVIDIA Windows GPU Display Driver (all versions) contains a vulnerabil ...)
	NOT-FOR-US: NVIDIA Windows driver
CVE-2019-5682 (NVIDIA Shield TV Experience prior to v8.0, contains a vulnerability in ...)
	NOT-FOR-US: NVIDIA Shield
CVE-2019-5681 (NVIDIA Shield TV Experience prior to v8.0, contains a vulnerability in ...)
	NOT-FOR-US: NVIDIA Shield
CVE-2019-5680 (In NVIDIA Jetson TX1 L4T R32 version branch prior to R32.2, Tegra boot ...)
	NOT-FOR-US: NVIDIA
CVE-2019-5679 (NVIDIA Shield TV Experience prior to v8.0, NVIDIA Tegra bootloader con ...)
	NOT-FOR-US: NVIDIA Shield
CVE-2019-5678 (NVIDIA GeForce Experience versions prior to 3.19 contains a vulnerabil ...)
	NOT-FOR-US: NVIDIA GeForce Experience
CVE-2019-5677 (NVIDIA Windows GPU Display driver software for Windows (all versions)  ...)
	NOT-FOR-US: NVIDIA Windows GPU Display driver software for Windows
CVE-2019-5676 (NVIDIA Windows GPU Display driver software for Windows (all versions)  ...)
	NOT-FOR-US: NVIDIA Windows GPU Display driver software for Windows
CVE-2019-5675 (NVIDIA Windows GPU Display driver software for Windows (all versions)  ...)
	NOT-FOR-US: NVIDIA Windows GPU Display driver software for Windows
CVE-2019-5674 (NVIDIA GeForce Experience before 3.18 contains a vulnerability when Sh ...)
	NOT-FOR-US: NVIDIA GeForce Experience
CVE-2019-5673 (NVIDIA Jetson TX2 contains a vulnerability in the kernel driver (on al ...)
	NOT-FOR-US: Nvidia Tegra
CVE-2019-5672 (NVIDIA Jetson TX1 and TX2 contain a vulnerability in the Linux for Teg ...)
	NOT-FOR-US: Nvidia Tegra
CVE-2019-5671 (NVIDIA Windows GPU Display Driver contains a vulnerability in the kern ...)
	NOT-FOR-US: Nvidia drivers on Windows
CVE-2019-5670 (NVIDIA Windows GPU Display Driver contains a vulnerability in the kern ...)
	NOT-FOR-US: Nvidia drivers on Windows
CVE-2019-5669 (NVIDIA Windows GPU Display Driver contains a vulnerability in the kern ...)
	NOT-FOR-US: Nvidia drivers on Windows
CVE-2019-5668 (NVIDIA Windows GPU Display Driver contains a vulnerability in the kern ...)
	NOT-FOR-US: Nvidia drivers on Windows
CVE-2019-5667 (NVIDIA Windows GPU Display Driver contains a vulnerability in the kern ...)
	NOT-FOR-US: Nvidia drivers on Windows
CVE-2019-5666 (NVIDIA Windows GPU Display Driver contains a vulnerability in the kern ...)
	NOT-FOR-US: Nvidia drivers on Windows
CVE-2019-5665 (NVIDIA Windows GPU Display driver contains a vulnerability in the 3D v ...)
	NOT-FOR-US: Nvidia drivers on Windows
CVE-2019-5664
	REJECTED
CVE-2019-5663
	REJECTED
CVE-2019-5662
	REJECTED
CVE-2019-5661
	REJECTED
CVE-2019-5660
	REJECTED
CVE-2019-5659
	REJECTED
CVE-2019-5658
	REJECTED
CVE-2019-5657
	REJECTED
CVE-2019-5656
	REJECTED
CVE-2019-5655
	REJECTED
CVE-2019-5654
	REJECTED
CVE-2019-5653
	REJECTED
CVE-2019-5652
	REJECTED
CVE-2019-5651
	REJECTED
CVE-2019-5650
	REJECTED
CVE-2019-5649
	RESERVED
CVE-2019-5648 (Authenticated, administrative access to a Barracuda Load Balancer ADC  ...)
	NOT-FOR-US: Barracuda
CVE-2019-5647 (The Chrome Plugin for Rapid7 AppSpider can incorrectly keep browser se ...)
	NOT-FOR-US: Chrome Plugin for Rapid7 AppSpider
CVE-2019-5646
	RESERVED
CVE-2019-5645
	RESERVED
CVE-2019-5644 (Computing For Good's Basic Laboratory Information System (also known a ...)
	NOT-FOR-US: Computing For Good's Basic Laboratory Information System
CVE-2019-5643 (Computing For Good's Basic Laboratory Information System (also known a ...)
	NOT-FOR-US: Computing For Good's Basic Laboratory Information System
CVE-2019-5642 (Rapid7 Metasploit Pro version 4.16.0-2019081901 and prior suffers from ...)
	NOT-FOR-US: Rapid7 Metasploit Pro
CVE-2019-5641
	RESERVED
CVE-2019-5640
	RESERVED
CVE-2019-5639
	RESERVED
CVE-2019-5638 (Rapid7 Nexpose versions 6.5.50 and prior suffer from insufficient sess ...)
	NOT-FOR-US: Rapid7 Nexpose
CVE-2019-5637 (When Beckhoff TwinCAT is configured to use the Profinet driver, a deni ...)
	NOT-FOR-US: Beckhoff
CVE-2019-5636 (When a Beckhoff TwinCAT Runtime receives a malformed UDP packet, the A ...)
	NOT-FOR-US: Beckhoff
CVE-2019-5635 (A cleartext transmission of sensitive information vulnerability is pre ...)
	NOT-FOR-US: Hickory
CVE-2019-5634 (An inclusion of sensitive information in log files vulnerability is pr ...)
	NOT-FOR-US: Hickory
CVE-2019-5633 (An insecure storage of sensitive information vulnerability is present  ...)
	NOT-FOR-US: Hickory
CVE-2019-5632 (An insecure storage of sensitive information vulnerability is present  ...)
	NOT-FOR-US: Hickory
CVE-2019-5631 (The Rapid7 InsightAppSec broker suffers from a DLL injection vulnerabi ...)
	NOT-FOR-US: Rapid7 InsightAppSec broker
CVE-2019-5630 (A Cross-Site Request Forgery (CSRF) vulnerability was found in Rapid7  ...)
	NOT-FOR-US: Rapid7 Nexpose InsightVM Security Console
CVE-2019-5629 (Rapid7 Insight Agent, version 2.6.3 and prior, suffers from a local pr ...)
	NOT-FOR-US: Rapid7 Insight Agent
CVE-2019-5628
	RESERVED
CVE-2019-5627 (The iOS mobile application BlueCats Reveal before 5.14 stores the user ...)
	NOT-FOR-US: iOS mobile application BlueCats Reveal
CVE-2019-5626 (The Android mobile application BlueCats Reveal before 3.0.19 stores th ...)
	NOT-FOR-US: Android mobile application BlueCats Reveal
CVE-2019-5625 (The Android mobile application Halo Home before 1.11.0 stores OAuth au ...)
	NOT-FOR-US: Android mobile application Halo Home
CVE-2019-5624 (Rapid7 Metasploit Framework suffers from an instance of CWE-22, Improp ...)
	NOT-FOR-US: Rapid7 Metasploit Framework
CVE-2019-5623
	RESERVED
CVE-2019-5622
	RESERVED
CVE-2019-5621
	RESERVED
CVE-2019-5620
	RESERVED
CVE-2019-5619
	RESERVED
CVE-2019-5618
	RESERVED
CVE-2019-5617 (Computing For Good's Basic Laboratory Information System (also known a ...)
	NOT-FOR-US: Computing For Good's Basic Laboratory Information System
CVE-2019-5616 (CircuitWerkes Sicon-8, a hardware device used for managing electrical  ...)
	NOT-FOR-US: CircuitWerkes Sicon-8
CVE-2019-5615 (Users with Site-level permissions can access files containing the user ...)
	NOT-FOR-US: Rapid7 InsightVM
CVE-2019-5614
	RESERVED
CVE-2019-5613 (In FreeBSD 12.0-RELEASE before 12.0-RELEASE-p13, a missing check in th ...)
	- kfreebsd-10 <not-affected> (Only affects kfreebsd 12)
	NOTE: https://www.freebsd.org/security/advisories/FreeBSD-SA-20:02.ipsec.asc
CVE-2019-5612 (In FreeBSD 12.0-STABLE before r351264, 12.0-RELEASE before 12.0-RELEAS ...)
	- kfreebsd-10 <unfixed> (unimportant)
	NOTE: https://www.freebsd.org/security/advisories/FreeBSD-SA-19:23.midi.asc
CVE-2019-5611 (In FreeBSD 12.0-STABLE before r350828, 12.0-RELEASE before 12.0-RELEAS ...)
	- kfreebsd-10 <unfixed> (unimportant)
	NOTE: https://www.freebsd.org/security/advisories/FreeBSD-SA-19:22.mbuf.asc
CVE-2019-5610 (In FreeBSD 12.0-STABLE before r350637, 12.0-RELEASE before 12.0-RELEAS ...)
	NOT-FOR-US: FreeBSD
CVE-2019-5609 (In FreeBSD 12.0-STABLE before r350619, 12.0-RELEASE before 12.0-RELEAS ...)
	- kfreebsd-10 <unfixed> (unimportant)
	NOTE: https://www.freebsd.org/security/advisories/FreeBSD-SA-19:21.bhyve.asc
CVE-2019-5608 (In FreeBSD 12.0-STABLE before r350648, 12.0-RELEASE before 12.0-RELEAS ...)
	NOT-FOR-US: FreeBSD
CVE-2019-5607 (In FreeBSD 12.0-STABLE before r350222, 12.0-RELEASE before 12.0-RELEAS ...)
	NOT-FOR-US: FreeBSD userspace
CVE-2019-5606 (In FreeBSD 12.0-STABLE before r349805, 12.0-RELEASE before 12.0-RELEAS ...)
	- kfreebsd-10 <unfixed> (unimportant)
	NOTE: https://www.freebsd.org/security/advisories/FreeBSD-SA-19:13.pts.asc
CVE-2019-5605 (In FreeBSD 11.3-STABLE before r350217, 11.3-RELEASE before 11.3-RELEAS ...)
	- kfreebsd-10 <unfixed> (unimportant)
	NOTE: https://www.freebsd.org/security/advisories/FreeBSD-SA-19:14.freebsd32.asc
CVE-2019-5604 (In FreeBSD 12.0-STABLE before r350246, 12.0-RELEASE before 12.0-RELEAS ...)
	NOT-FOR-US: bhyve
CVE-2019-5603 (In FreeBSD 12.0-STABLE before r350261, 12.0-RELEASE before 12.0-RELEAS ...)
	- kfreebsd-10 <unfixed> (unimportant)
	NOTE: https://www.freebsd.org/security/advisories/FreeBSD-SA-19:15.mqueuefs.asc
CVE-2019-5602 (In FreeBSD 12.0-STABLE before r349628, 12.0-RELEASE before 12.0-RELEAS ...)
	- kfreebsd-10 <unfixed> (unimportant)
	NOTE: https://www.freebsd.org/security/advisories/FreeBSD-SA-19:11.cd_ioctl.asc
	NOTE: kfreebsd not covered by security support
CVE-2019-5601 (In FreeBSD 12.0-STABLE before r347474, 12.0-RELEASE before 12.0-RELEAS ...)
	- kfreebsd-10 <unfixed> (unimportant)
	NOTE: https://www.freebsd.org/security/advisories/FreeBSD-SA-19:10.ufs.asc
	NOTE: kfreebsd not covered by security support
CVE-2019-5600 (In FreeBSD 12.0-STABLE before r349622, 12.0-RELEASE before 12.0-RELEAS ...)
	NOT-FOR-US: FreeBSD iconv
CVE-2019-5599 (In FreeBSD 12.0-STABLE before r349197 and 12.0-RELEASE before 12.0-REL ...)
	- kfreebsd-10 <not-affected> (Only affects FreeBSD 12)
CVE-2019-5598 (In FreeBSD 11.3-PRERELEASE before r345378, 12.0-STABLE before r345377, ...)
	- kfreebsd-10 <unfixed> (unimportant)
	NOTE: https://security.FreeBSD.org/advisories/FreeBSD-SA-19:06.pf.asc
	NOTE: kfreebsd not covered by security support
CVE-2019-5597 (In FreeBSD 11.3-PRERELEASE and 12.0-STABLE before r347591, 11.2-RELEAS ...)
	- kfreebsd-10 <unfixed> (unimportant)
	NOTE: https://security.FreeBSD.org/advisories/FreeBSD-SA-19:05.pf.asc
	NOTE: kfreebsd not covered by security support
CVE-2019-5596 (In FreeBSD 11.2-STABLE after r338618 and before r343786, 12.0-STABLE b ...)
	- kfreebsd-10 <unfixed> (unimportant)
	NOTE: https://www.freebsd.org/security/advisories/FreeBSD-SA-19:02.fd.asc
	NOTE: kfreebsd not covered by security support
CVE-2019-5595 (In FreeBSD before 11.2-STABLE(r343782), 11.2-RELEASE-p9, 12.0-STABLE(r ...)
	- kfreebsd-10 <unfixed> (unimportant)
	NOTE: https://www.freebsd.org/security/advisories/FreeBSD-SA-19:01.syscall.asc
	NOTE: kfreebsd not covered by security support
CVE-2019-5594 (An Improper Neutralization of Input During Web Page Generation ("Cross ...)
	NOT-FOR-US: Fortinet
CVE-2019-5593 (Improper permission or value checking in the CLI console may allow a n ...)
	NOT-FOR-US: FortiOS
CVE-2019-5592 (Multiple padding oracle vulnerabilities (Zombie POODLE, GOLDENDOODLE,  ...)
	NOT-FOR-US: Fortinet
CVE-2019-5591
	RESERVED
CVE-2019-5590 (The URL part of the report message is not encoded in Fortinet FortiWeb ...)
	NOT-FOR-US: Fortinet
CVE-2019-5589 (An Unsafe Search Path vulnerability in FortiClient Online Installer (W ...)
	NOT-FOR-US: FortiGuard
CVE-2019-5588 (A reflected Cross-Site-Scripting (XSS) vulnerability in Fortinet Forti ...)
	NOT-FOR-US: Fortinet FortiOS
CVE-2019-5587 (Lack of root file system integrity checking in Fortinet FortiOS VM app ...)
	NOT-FOR-US: Fortinet FortiOS
CVE-2019-5586 (A reflected Cross-Site-Scripting (XSS) vulnerability in Fortinet Forti ...)
	NOT-FOR-US: Fortinet FortiOS
CVE-2019-5585 (An improper access control vulnerability in FortiClientMac before 6.0. ...)
	NOT-FOR-US: Fortiguard FortiClientMac
CVE-2019-5584
	REJECTED
CVE-2019-5583
	REJECTED
CVE-2019-5582
	REJECTED
CVE-2019-5581
	REJECTED
CVE-2019-5580
	REJECTED
CVE-2019-5579
	REJECTED
CVE-2019-5578
	REJECTED
CVE-2019-5577
	REJECTED
CVE-2019-5576
	REJECTED
CVE-2019-5575
	REJECTED
CVE-2019-5574
	REJECTED
CVE-2019-5573
	REJECTED
CVE-2019-5572
	REJECTED
CVE-2019-5571
	REJECTED
CVE-2019-5570
	REJECTED
CVE-2019-5569
	REJECTED
CVE-2019-5568
	REJECTED
CVE-2019-5567
	REJECTED
CVE-2019-5566
	REJECTED
CVE-2019-5565
	REJECTED
CVE-2019-5564
	REJECTED
CVE-2019-5563
	REJECTED
CVE-2019-5562
	REJECTED
CVE-2019-5561
	REJECTED
CVE-2019-5560
	REJECTED
CVE-2019-5559
	REJECTED
CVE-2019-5558
	REJECTED
CVE-2019-5557
	REJECTED
CVE-2019-5556
	REJECTED
CVE-2019-5555
	REJECTED
CVE-2019-5554
	REJECTED
CVE-2019-5553
	REJECTED
CVE-2019-5552
	REJECTED
CVE-2019-5551
	REJECTED
CVE-2019-5550
	REJECTED
CVE-2019-5549
	REJECTED
CVE-2019-5548
	REJECTED
CVE-2019-5547
	REJECTED
CVE-2019-5546
	REJECTED
CVE-2019-5545
	RESERVED
CVE-2019-5544 (OpenSLP as used in ESXi and the Horizon DaaS appliances has a heap ove ...)
	{DLA-2025-1}
	- openslp-dfsg <removed>
	NOTE: https://www.openwall.com/lists/oss-security/2019/12/06/1
CVE-2019-5543 (For VMware Horizon Client for Windows (5.x and prior before 5.3.0), VM ...)
	NOT-FOR-US: VMware
CVE-2019-5542 (VMware Workstation (15.x before 15.5.1) and Fusion (11.x before 11.5.1 ...)
	NOT-FOR-US: VMware
CVE-2019-5541 (VMware Workstation (15.x before 15.5.1) and Fusion (11.x before 11.5.1 ...)
	NOT-FOR-US: VMware
CVE-2019-5540 (VMware Workstation (15.x before 15.5.1) and Fusion (11.x before 11.5.1 ...)
	NOT-FOR-US: VMware
CVE-2019-5539 (VMware Workstation (15.x prior to 15.5.1) and Horizon View Agent (7.10 ...)
	NOT-FOR-US: VMware
CVE-2019-5538 (Sensitive information disclosure vulnerability resulting from a lack o ...)
	NOT-FOR-US: VMware
CVE-2019-5537 (Sensitive information disclosure vulnerability resulting from a lack o ...)
	NOT-FOR-US: VMware
CVE-2019-5536 (VMware ESXi (6.7 before ESXi670-201908101-SG and 6.5 before ESXi650-20 ...)
	NOT-FOR-US: VMware
CVE-2019-5535 (VMware Workstation and Fusion contain a network denial-of-service vuln ...)
	NOT-FOR-US: VMware
CVE-2019-5534 (VMware vCenter Server (6.7.x prior to 6.7 U3, 6.5 prior to 6.5 U3 and  ...)
	NOT-FOR-US: VMware
CVE-2019-5533 (In VMware SD-WAN by VeloCloud versions 3.x prior to 3.3.0, the VeloClo ...)
	NOT-FOR-US: VMware
CVE-2019-5532 (VMware vCenter Server (6.7.x prior to 6.7 U3, 6.5 prior to 6.5 U3 and  ...)
	NOT-FOR-US: VMware
CVE-2019-5531 (VMware vSphere ESXi (6.7 prior to ESXi670-201810101-SG, 6.5 prior to E ...)
	NOT-FOR-US: VMware
CVE-2019-5530 (Windows binaries generated with InstallBuilder versions earlier than 1 ...)
	NOT-FOR-US: InstallBuilder
CVE-2019-5529
	RESERVED
CVE-2019-5528 (VMware ESXi 6.5 suffers from partial denial of service vulnerability i ...)
	NOT-FOR-US: VMware
CVE-2019-5527 (ESXi, Workstation, Fusion, VMRC and Horizon Client contain a use-after ...)
	NOT-FOR-US: VMware
CVE-2019-5526 (VMware Workstation (15.x before 15.1.0) contains a DLL hijacking issue ...)
	NOT-FOR-US: VMware
CVE-2019-5525 (VMware Workstation (15.x before 15.1.0) contains a use-after-free vuln ...)
	NOT-FOR-US: VMware
CVE-2019-5524 (VMware Workstation (14.x before 14.1.6) and Fusion (10.x before 10.1.6 ...)
	NOT-FOR-US: VMware
CVE-2019-5523 (VMware vCloud Director for Service Providers 9.5.x prior to 9.5.0.3 up ...)
	NOT-FOR-US: VMware vCloud Director for Service Providers
CVE-2019-5522 (VMware Tools for Windows update addresses an out of bounds read vulner ...)
	NOT-FOR-US: VMware
CVE-2019-5521 (VMware ESXi (6.7 before ESXi670-201904101-SG and 6.5 before ESXi650-20 ...)
	NOT-FOR-US: VMware
CVE-2019-5520 (VMware ESXi (6.7 before ESXi670-201904101-SG and 6.5 before ESXi650-20 ...)
	NOT-FOR-US: VMware
CVE-2019-5519 (VMware ESXi (6.7 before ESXi670-201903001, 6.5 before ESXi650-20190300 ...)
	NOT-FOR-US: VMware
CVE-2019-5518 (VMware ESXi (6.7 before ESXi670-201903001, 6.5 before ESXi650-20190300 ...)
	NOT-FOR-US: VMware
CVE-2019-5517 (VMware ESXi (6.7 before ESXi670-201904101-SG and 6.5 before ESXi650-20 ...)
	NOT-FOR-US: VMware
CVE-2019-5516 (VMware ESXi (6.7 before ESXi670-201904101-SG and 6.5 before ESXi650-20 ...)
	NOT-FOR-US: VMware
CVE-2019-5515 (VMware Workstation (15.x before 15.0.3, 14.x before 14.1.6) and Fusion ...)
	NOT-FOR-US: VMware
CVE-2019-5514 (VMware VMware Fusion (11.x before 11.0.3) contains a security vulnerab ...)
	NOT-FOR-US: VMware
CVE-2019-5513 (VMware Horizon Connection Server (7.x before 7.8, 7.5.x before 7.5.2,  ...)
	NOT-FOR-US: VMware
CVE-2019-5512 (VMware Workstation (15.x before 15.0.3, 14.x before 14.1.6) running on ...)
	NOT-FOR-US: VMware
CVE-2019-5511 (VMware Workstation (15.x before 15.0.3, 14.x before 14.1.6) running on ...)
	NOT-FOR-US: VMware
CVE-2019-5510
	RESERVED
CVE-2019-5509 (ONTAP Select Deploy administration utility versions 2.11.2 through 2.1 ...)
	NOT-FOR-US: ONTAP Select Deploy administration utility
CVE-2019-5508 (Clustered Data ONTAP versions 9.2 through 9.6 are susceptible to a vul ...)
	NOT-FOR-US: Clustered Data ONTAP
CVE-2019-5507 (SnapManager for Oracle prior to version 3.4.2P1 are susceptible to a v ...)
	NOT-FOR-US: SnapManager for Oracle
CVE-2019-5506 (Clustered Data ONTAP versions 9.0 and higher do not enforce hostname v ...)
	NOT-FOR-US: Clustered Data ONTAP
CVE-2019-5505 (ONTAP Select Deploy administration utility versions 2.2 through 2.12.1 ...)
	NOT-FOR-US: ONTAP
CVE-2019-5504 (ONTAP Select Deploy administration utility versions 2.12 &amp; 2.12.1  ...)
	NOT-FOR-US: ONTAP
CVE-2019-5503 (OnCommand Workflow Automation versions prior to 5.0 shipped without ce ...)
	NOT-FOR-US: OnCommand Workflow Automation
CVE-2019-5502 (SMB in Data ONTAP operating in 7-Mode versions prior to 8.2.5P3 has we ...)
	NOT-FOR-US: Data ONTAP
CVE-2019-5501 (Data ONTAP operating in 7-Mode versions prior to 8.2.5P3 may disclose  ...)
	NOT-FOR-US: Data ONTAP
CVE-2019-5500
	RESERVED
CVE-2019-5499
	RESERVED
CVE-2019-5498 (OnCommand Insight versions through 7.3.6 may disclose sensitive accoun ...)
	NOT-FOR-US: OnCommand Insight
CVE-2019-5497 (NetApp AFF A700s Baseboard Management Controller (BMC) firmware versio ...)
	NOT-FOR-US: NetApp AFF A700s Baseboard Management Controller firmware
CVE-2019-5496 (Oncommand Insight versions prior to 7.3.5 shipped without certain HTTP ...)
	NOT-FOR-US: Oncommand Insight / Netapp
CVE-2019-5495 (OnCommand Unified Manager for VMware vSphere, Linux and Windows prior  ...)
	NOT-FOR-US: OnCommand Unified Manager for VMware vSphere, Linux and Windows / Netapp
CVE-2019-5494 (OnCommand Unified Manager 7-Mode prior to version 5.2.4 shipped withou ...)
	NOT-FOR-US: OnCommand Unified Manager 7-Mode / Netapp
CVE-2019-5493 (Data ONTAP operating in 7-Mode versions prior to 8.2.5P3 are susceptib ...)
	NOT-FOR-US: Data ONTAP
CVE-2019-5492 (Element Plug-in for vCenter Server versions prior to 4.2.3 may disclos ...)
	NOT-FOR-US: NetApp HCI Compute Node
CVE-2019-5491 (Clustered Data ONTAP versions prior to 9.1P15 and 9.3 prior to 9.3P7 a ...)
	NOT-FOR-US: Clustered Data ONTAP
CVE-2019-5490 (Certain versions between 2.x to 5.x (refer to advisory) of the NetApp  ...)
	NOT-FOR-US: NetApp
CVE-2019-5488 (EARCLINK ESPCMS-P8 has SQL injection in the install_pack/index.php?ac= ...)
	NOT-FOR-US: EARCLINK ESPCMS-P8
CVE-2019-5489 (The mincore() implementation in mm/mincore.c in the Linux kernel throu ...)
	{DSA-4465-1 DLA-1824-1 DLA-1823-1}
	- linux 4.19.37-4
CVE-2019-5487 (An improper access control vulnerability exists in Gitlab EE &lt;v12.3 ...)
	- gitlab <not-affected> (Only affects Gitlab EE)
	NOTE: https://hackerone.com/reports/692252
CVE-2019-5486 (A authentication bypass vulnerability exists in GitLab CE/EE &lt;v12.3 ...)
	- gitlab 12.6.8-3
	NOTE: https://hackerone.com/reports/617896
	NOTE: https://about.gitlab.com/releases/2019/09/30/security-release-gitlab-12-dot-3-dot-2-released/
CVE-2019-5485 (NPM package gitlabhook version 0.0.17 is vulnerable to a Command Injec ...)
	NOT-FOR-US: node gitlabhook
CVE-2019-5484 (Bower before 1.8.8 has a path traversal vulnerability permitting file  ...)
	NOT-FOR-US: Bower
CVE-2019-5483 (Seneca &lt; 3.9.0 contains a vulnerability that could lead to exposing ...)
	NOT-FOR-US: Seneca
CVE-2019-5482 (Heap buffer overflow in the TFTP protocol handler in cURL 7.19.4 to 7. ...)
	{DSA-4633-1 DLA-1917-1}
	- curl 7.66.0-1 (bug #940010)
	NOTE: https://curl.haxx.se/docs/CVE-2019-5482.html
	NOTE: Introduced by: https://github.com/curl/curl/commit/0516ce7786e9500c2e447d48aa9b3f24a6ca70f9
	NOTE: Fixed by: https://github.com/curl/curl/commit/facb0e4662415b5f28163e853dc6742ac5fafb3d (curl-7_66_0)
CVE-2019-5481 (Double-free vulnerability in the FTP-kerberos code in cURL 7.52.0 to 7 ...)
	{DSA-4633-1}
	- curl 7.66.0-1 (bug #940009)
	[jessie] - curl <not-affected> (Vulnerable code introduced later)
	NOTE: https://curl.haxx.se/docs/CVE-2019-5481.html
	NOTE: Introduced by: https://github.com/curl/curl/commit/0649433da53c7165f839e24e889e131e2894dd32 (curl-7_52_0)
	NOTE: Fixed by: https://github.com/curl/curl/commit/9069838b30fb3b48af0123e39f664cea683254a5 (curl-7_66_0)
CVE-2019-5480 (A path traversal vulnerability in &lt;= v0.9.7 of statichttpserver npm ...)
	NOT-FOR-US: Node statichttpserver
CVE-2019-5479 (An unintended require vulnerability in &lt;v0.5.5 larvitbase-api may a ...)
	NOT-FOR-US: Node larvitbase-api
CVE-2019-5478 (A weakness was found in Encrypt Only boot mode in Zynq UltraScale+ dev ...)
	NOT-FOR-US: Encrypt Only boot mode in Zynq UltraScale+ devices
CVE-2019-5477 (A command injection vulnerability in Nokogiri v1.10.3 and earlier allo ...)
	{DLA-1933-1}
	- rexical 1.0.7-1 (bug #940905)
	[buster] - rexical <no-dsa> (Minor issue, can be fixed via point release)
	[stretch] - rexical <no-dsa> (Minor issue, can be fixed via point release)
	- ruby-nokogiri 1.10.4+dfsg1-1 (bug #934802)
	[buster] - ruby-nokogiri <no-dsa> (Minor issue, can be fixed via point release)
	[stretch] - ruby-nokogiri <no-dsa> (Minor issue, can be fixed via point release)
	NOTE: https://github.com/sparklemotion/nokogiri/issues/1915
	NOTE: Processes are vulnerable only if the undocumented method Nokogiri::CSS::Tokenizer#load_file
	NOTE: is being passed untrusted user input.
	NOTE: https://github.com/tenderlove/rexical/commit/a652474dbc66be350055db3e8f9b3a7b3fd75926
	NOTE: Change in rexical is covered by the scope of this CVE.
CVE-2019-5476 (An SQL Injection in the Nextcloud Lookup-Server &lt; v0.3.0 (running o ...)
	NOT-FOR-US: Nextcloud Lookup-Server
CVE-2019-5475 (The Nexus Yum Repository Plugin in v2 is vulnerable to Remote Code Exe ...)
	NOT-FOR-US: Nexus Yum Repository Plugin
CVE-2019-5474 (An authorization issue was discovered in GitLab EE &lt; 12.1.2, &lt; 1 ...)
	- gitlab <not-affected> (Only affects Gitlab EE 11.8 and later)
	NOTE: https://about.gitlab.com/2019/07/29/security-release-gitlab-12-dot-1-dot-2-released/
CVE-2019-5473 (An authentication issue was discovered in GitLab that allowed a bypass ...)
	- gitlab <not-affected> (Only affects Gitlab EE 12.0 and later)
	NOTE: https://about.gitlab.com/2019/07/29/security-release-gitlab-12-dot-1-dot-2-released/
CVE-2019-5472 (An authorization issue was discovered in Gitlab versions &lt; 12.1.2,  ...)
	- gitlab <not-affected> (Only affects Gitlab EE 10.7 and later)
	NOTE: https://about.gitlab.com/2019/07/29/security-release-gitlab-12-dot-1-dot-2-released/
CVE-2019-5471 (An input validation and output encoding issue was discovered in the Gi ...)
	- gitlab <not-affected> (Only affects Gitlab EE 8.9 and later)
	NOTE: https://about.gitlab.com/2019/07/29/security-release-gitlab-12-dot-1-dot-2-released/
CVE-2019-5470 (An information disclosure issue was discovered GitLab versions &lt; 12 ...)
	[experimental] - gitlab 11.11.7+dfsg-1
	- gitlab 12.6.8-3 (bug #933785)
	NOTE: https://about.gitlab.com/2019/07/29/security-release-gitlab-12-dot-1-dot-2-released/
CVE-2019-5469 (An IDOR vulnerability exists in GitLab &lt;v12.1.2, &lt;v12.0.4, and & ...)
	[experimental] - gitlab 11.11.7+dfsg-1
	- gitlab 12.6.8-3 (bug #933785)
	NOTE: https://about.gitlab.com/2019/07/29/security-release-gitlab-12-dot-1-dot-2-released/
CVE-2019-5468 (An privilege escalation issue was discovered in Gitlab versions &lt; 1 ...)
	[experimental] - gitlab 11.11.7+dfsg-1
	- gitlab 12.6.8-3 (bug #933785)
	NOTE: https://about.gitlab.com/2019/07/29/security-release-gitlab-12-dot-1-dot-2-released/
CVE-2019-5467 (An input validation and output encoding issue was discovered in the Gi ...)
	- gitlab <not-affected> (Only affects 11.10 and later)
	NOTE: https://about.gitlab.com/2019/07/29/security-release-gitlab-12-dot-1-dot-2-released/
CVE-2019-5466 (An IDOR was discovered in GitLab CE/EE 11.5 and later that allowed new ...)
	[experimental] - gitlab 11.11.7+dfsg-1
	- gitlab 12.6.8-3 (bug #933785)
	NOTE: https://about.gitlab.com/2019/07/29/security-release-gitlab-12-dot-1-dot-2-released/
CVE-2019-5465 (An information disclosure issue was discovered in GitLab CE/EE 8.14 an ...)
	[experimental] - gitlab 11.11.7+dfsg-1
	- gitlab 12.6.8-3 (bug #933785)
	NOTE: https://about.gitlab.com/2019/07/29/security-release-gitlab-12-dot-1-dot-2-released/
CVE-2019-5464 (A flawed DNS rebinding protection issue was discovered in GitLab CE/EE ...)
	[experimental] - gitlab 11.11.7+dfsg-1
	- gitlab 12.6.8-3 (bug #933785)
	NOTE: https://about.gitlab.com/2019/07/29/security-release-gitlab-12-dot-1-dot-2-released/
CVE-2019-5463 (An authorization issue was discovered in the GitLab CE/EE CI badge ima ...)
	[experimental] - gitlab 11.11.7+dfsg-1
	- gitlab 12.6.8-3 (bug #933785)
	NOTE: https://about.gitlab.com/2019/07/29/security-release-gitlab-12-dot-1-dot-2-released/
CVE-2019-5462 (A privilege escalation issue was discovered in GitLab CE/EE 9.0 and la ...)
	[experimental] - gitlab 11.11.7+dfsg-1
	- gitlab 12.6.8-3 (bug #933785)
	NOTE: https://about.gitlab.com/2019/07/29/security-release-gitlab-12-dot-1-dot-2-released/
CVE-2019-5461 (An input validation problem was discovered in the GitHub service integ ...)
	[experimental] - gitlab 11.11.7+dfsg-1
	- gitlab 12.6.8-3 (bug #933785)
	NOTE: https://about.gitlab.com/2019/07/29/security-release-gitlab-12-dot-1-dot-2-released/
CVE-2019-5460 (Double Free in VLC versions &lt;= 3.0.6 leads to a crash. ...)
	{DSA-4459-1}
	- vlc 3.0.7-1
	[jessie] - vlc <end-of-life> (https://lists.debian.org/debian-security-announce/2018/msg00130.html)
	NOTE: https://hackerone.com/reports/503208
CVE-2019-5459 (An Integer underflow in VLC Media Player versions &lt; 3.0.7 leads to  ...)
	{DSA-4459-1}
	- vlc 3.0.7-1
	[jessie] - vlc <end-of-life> (https://lists.debian.org/debian-security-announce/2018/msg00130.html)
	NOTE: https://hackerone.com/reports/502816
CVE-2019-5458 (Cross-site scripting (XSS) vulnerability in http-file-server (all vers ...)
	NOT-FOR-US: http-file-server Node.js module
CVE-2019-5457 (Cross-site scripting (XSS) vulnerability in min-http-server (all versi ...)
	NOT-FOR-US: min-http-server Node module
CVE-2019-5456 (SMTP MITM refers to a malicious actor setting up an SMTP proxy server  ...)
	NOT-FOR-US: SMTP MITM
CVE-2019-5455 (Bypassing lock protection exists in Nextcloud Android app 3.6.0 when c ...)
	NOT-FOR-US: Nextcloud Android app
CVE-2019-5454 (SQL Injection in the Nextcloud Android app prior to version 3.0.0 allo ...)
	NOT-FOR-US: Nextcloud Android app
CVE-2019-5453 (Bypass lock protection in the Nextcloud Android app prior to version 3 ...)
	NOT-FOR-US: Nextcloud Android app
CVE-2019-5452 (Bypass lock protection in the Nextcloud Android app prior to version 3 ...)
	NOT-FOR-US: Nextcloud Android app
CVE-2019-5451 (Bypass lock protection in the Nextcloud Android app prior to version 3 ...)
	NOT-FOR-US: Nextcloud Android app
CVE-2019-5450 (Improper sanitization of HTML in directory names in the Nextcloud Andr ...)
	NOT-FOR-US: Nextcloud Android app
CVE-2019-5449 (A missing check in the Nextcloud Server prior to version 15.0.1 causes ...)
	- nextcloud <itp> (bug #835086)
CVE-2019-5448 (Yarn before 1.17.3 is vulnerable to Missing Encryption of Sensitive Da ...)
	- node-yarnpkg 1.13.0-3 (bug #941354)
	[buster] - node-yarnpkg 1.13.0-1+deb10u1
	NOTE: https://hackerone.com/reports/640904
	NOTE: https://github.com/ChALkeR/notes/blob/master/Yarn-vuln.md
	NOTE: https://github.com/yarnpkg/yarn/pull/7393
	NOTE: https://github.com/yarnpkg/yarn/commit/2f08a7405cc3f6fe47c30293050bb0ac94850932
CVE-2019-5447 (A path traversal vulnerability in &lt;= v0.2.6 of http-file-server npm ...)
	NOT-FOR-US: http-file-server Node.js module
CVE-2019-5446 (Command Injection in EdgeMAX EdgeSwitch prior to 1.8.2 allow an Admin  ...)
	NOT-FOR-US: EdgeSwitch
CVE-2019-5445 (DoS in EdgeMAX EdgeSwitch prior to 1.8.2 allow an Admin user to Crash  ...)
	NOT-FOR-US: EdgeSwitch
CVE-2019-5444 (Path traversal vulnerability in version up to v1.1.3 in serve-here.js  ...)
	NOT-FOR-US: serve-here.js npm module
CVE-2019-5443 (A non-privileged user or program can put code and a config file in a k ...)
	- curl <not-affected> (Windows-specific build issue)
CVE-2019-5442 (XML Entity Expansion (Billion Laughs Attack) on Pippo 1.12.0 results i ...)
	NOT-FOR-US: Pippo
CVE-2019-5441
	REJECTED
CVE-2019-5440 (Use of cryptographically weak PRNG in the password recovery token gene ...)
	NOT-FOR-US: Revive Adserver
CVE-2019-5438 (Path traversal using symlink in npm harp module versions &lt;= 0.29.0. ...)
	NOT-FOR-US: npm harp module
CVE-2019-5437 (Information exposure through the directory listing in npm's harp modul ...)
	NOT-FOR-US: npm harp module
CVE-2019-5436 (A heap buffer overflow in the TFTP receiving code allows for DoS or ar ...)
	{DLA-1804-1}
	- curl 7.64.0-4 (bug #929351)
	[stretch] - curl 7.52.1-5+deb9u10
	NOTE: https://curl.haxx.se/docs/CVE-2019-5436.html
	NOTE: Introduced by: https://github.com/curl/curl/commit/0516ce7786e95
	NOTE: Fixed by: https://github.com/curl/curl/commit/2576003415625d7b5f0e390902f8097830b82275
CVE-2019-5435 (An integer overflow in curl's URL API results in a buffer overflow in  ...)
	- curl 7.64.0-4 (bug #929352)
	[stretch] - curl <not-affected> (Vulnerable code introduced later)
	[jessie] - curl <not-affected> (Vulnerable code introduced later)
	NOTE: https://curl.haxx.se/docs/CVE-2019-5435.html
	NOTE: Introduced by: https://github.com/curl/curl/commit/fb30ac5a2d63773c52
	NOTE: Fixed by: https://github.com/curl/curl/commit/5fc28510a4664f4
CVE-2019-5434 (An attacker could send a specifically crafted payload to the XML-RPC i ...)
	NOT-FOR-US: Revive Adserver
CVE-2019-5433 (A user having access to the UI of a Revive Adserver instance could be  ...)
	NOT-FOR-US: Revive Adserver
CVE-2019-5432 (A specifically malformed MQTT Subscribe packet crashes MQTT Brokers us ...)
	- node-mqtt-packet 6.0.0-2 (bug #928673)
	NOTE: https://hackerone.com/reports/541354
CVE-2019-5431 (This vulnerability was caused by an incomplete fix to CVE-2017-0911. T ...)
	NOT-FOR-US: Twitter Kit for iOS
CVE-2019-5430 (In UniFi Video 3.10.0 and prior, due to the lack of CSRF protection, i ...)
	NOT-FOR-US: Ubiquiti Networks UniFi Video
CVE-2019-5429 (Untrusted search path in FileZilla before 3.41.0-rc1 allows an attacke ...)
	- filezilla 3.45.1-1 (low; bug #928282)
	[buster] - filezilla <no-dsa> (Minor issue)
	[stretch] - filezilla <no-dsa> (Minor issue)
	[jessie] - filezilla <no-dsa> (Minor issue)
	NOTE: https://svn.filezilla-project.org/filezilla?revision=9097&view=revision
	NOTE: https://www.tenable.com/security/research/tra-2019-14
CVE-2019-5428
	REJECTED
CVE-2019-5427 (c3p0 version &lt; 0.9.5.4 may be exploited by a billion laughs attack  ...)
	- c3p0 <unfixed> (low; bug #927936)
	[buster] - c3p0 <no-dsa> (Minor issue)
	[stretch] - c3p0 <no-dsa> (Minor issue)
	[jessie] - c3p0 <no-dsa> (Minor issue)
	NOTE: https://hackerone.com/reports/509315
	NOTE: Fixed by: https://github.com/swaldman/c3p0/commit/f38f27635c384806c2a9d6500d80183d9f09d78b
CVE-2019-5426 (In Ubiquiti Networks EdgeSwitch X v1.1.0 and prior, an unauthenticated ...)
	NOT-FOR-US: Ubiquiti
CVE-2019-5425 (In Ubiquiti Networks EdgeSwitch X v1.1.0 and prior, an authenticated u ...)
	NOT-FOR-US: Ubiquiti
CVE-2019-5424 (In Ubiquiti Networks EdgeSwitch X v1.1.0 and prior, a privileged user  ...)
	NOT-FOR-US: Ubiquiti
CVE-2019-5423 (Path traversal vulnerability in http-live-simulator npm package versio ...)
	NOT-FOR-US: http-live-simulator node module
CVE-2019-5422 (XSS in buttle npm package version 0.2.0 causes execution of attacker-p ...)
	NOT-FOR-US: buttle node module
CVE-2019-5421 (Plataformatec Devise version 4.5.0 and earlier, using the lockable mod ...)
	- ruby-devise 4.5.0-3 (bug #926348)
	[stretch] - ruby-devise <no-dsa> (Minor issue)
	NOTE: https://github.com/plataformatec/devise/issues/4981
	NOTE: https://github.com/plataformatec/devise/pull/4996
CVE-2019-5420 (A remote code execution vulnerability in development mode Rails &lt;5. ...)
	- rails 2:5.2.2.1+dfsg-1 (bug #924521)
	[stretch] - rails <not-affected> (Vulnerable code not present)
	[jessie] - rails <not-affected> (vulnerable code is not present in 4.x)
	NOTE: https://www.openwall.com/lists/oss-security/2019/03/13/3
	NOTE: Introduced in https://github.com/rails/rails/commit/69f976b859cae7f9d050152103da018b7f5dda6d
CVE-2019-5419 (There is a possible denial of service vulnerability in Action View (Ra ...)
	{DLA-1739-1}
	- rails 2:5.2.2.1+dfsg-1 (bug #924520)
	[stretch] - rails 2:4.2.7.1-1+deb9u1
	NOTE: https://www.openwall.com/lists/oss-security/2019/03/13/4
CVE-2019-5418 (There is a File Content Disclosure vulnerability in Action View &lt;5. ...)
	{DLA-1739-1}
	- rails 2:5.2.2.1+dfsg-1 (bug #924520)
	[stretch] - rails 2:4.2.7.1-1+deb9u1
	NOTE: https://www.openwall.com/lists/oss-security/2019/03/13/5
CVE-2019-5417 (A path traversal vulnerability in serve npm package version 7.0.1 allo ...)
	NOT-FOR-US: node serve module
CVE-2019-5416 (A path traversal vulnerability in localhost-now npm package version 1. ...)
	NOT-FOR-US: node localhost-now module
CVE-2019-5415 (A bug in handling the ignore files and directories feature in serve 6. ...)
	NOT-FOR-US: node serve module
CVE-2019-5414 (If an attacker can control the port, which in itself is a very sensiti ...)
	NOT-FOR-US: kill-port node module
CVE-2019-5413 (An attacker can use the format parameter to inject arbitrary commands  ...)
	NOT-FOR-US: morgan node module
CVE-2019-5412
	RESERVED
CVE-2019-5411
	RESERVED
CVE-2019-5410
	RESERVED
CVE-2019-5409
	RESERVED
CVE-2019-5408 (Command View Advanced Edition (CVAE) products contain a vulnerability  ...)
	NOT-FOR-US: Command View Advanced Edition (CVAE) products
CVE-2019-5407 (A remote information disclosure vulnerability was discovered in HPE 3P ...)
	NOT-FOR-US: HPE 3PAR StoreServ Management and Core Software Media
CVE-2019-5406 (A remote session reuse vulnerability was discovered in HPE 3PAR StoreS ...)
	NOT-FOR-US: HPE 3PAR StoreServ Management and Core Software Media
CVE-2019-5405 (A remote authorization bypass vulnerability was discovered in HPE 3PAR ...)
	NOT-FOR-US: HPE 3PAR StoreServ Management and Core Software Media
CVE-2019-5404 (A remote script injection vulnerability was discovered in HPE 3PAR Sto ...)
	NOT-FOR-US: HPE 3PAR StoreServ Management and Core Software Media
CVE-2019-5403 (A remote multiple cross-site scripting vulnerability was discovered in ...)
	NOT-FOR-US: HPE 3PAR StoreServ Management and Core Software Media
CVE-2019-5402 (A remote authorization bypass vulnerability was discovered in HPE 3PAR ...)
	NOT-FOR-US: HPE 3PAR StoreServ Management and Core Software Media
CVE-2019-5401 (A potential security vulnerability has been identified in HP2910al-48G ...)
	NOT-FOR-US: HP HP2910al-48G
CVE-2019-5400 (A remote session reuse vulnerability was discovered in HPE 3PAR Servic ...)
	NOT-FOR-US: HPE
CVE-2019-5399 (A remote gain authorized access vulnerability was discovered in HPE 3P ...)
	NOT-FOR-US: HPE
CVE-2019-5398 (A remote multiple multiple cross-site vulnerability was discovered in  ...)
	NOT-FOR-US: HPE
CVE-2019-5397 (A remote bypass of security restrictions vulnerability was discovered  ...)
	NOT-FOR-US: HPE
CVE-2019-5396 (A remote authentication bypass vulnerability was discovered in HPE 3PA ...)
	NOT-FOR-US: HPE
CVE-2019-5395 (A remote arbitrary file upload vulnerability was discovered in HPE 3PA ...)
	NOT-FOR-US: HPE
CVE-2019-5394 (The HPE Nonstop Maintenance Entity family of products are vulnerable t ...)
	NOT-FOR-US: HPE
CVE-2019-5393 (A remote code execution vulnerability was identified in HPE Intelligen ...)
	NOT-FOR-US: HPE
CVE-2019-5392 (A disclosure of information vulnerability was identified in HPE Intell ...)
	NOT-FOR-US: HPE
CVE-2019-5391 (A stack buffer overflow vulnerability was identified in HPE Intelligen ...)
	NOT-FOR-US: HPE
CVE-2019-5390 (A remote command injection vulnerability was identified in HPE Intelli ...)
	NOT-FOR-US: HPE
CVE-2019-5389 (A remote code execution vulnerability was identified in HPE Intelligen ...)
	NOT-FOR-US: HPE
CVE-2019-5388 (A remote code execution vulnerability was identified in HPE Intelligen ...)
	NOT-FOR-US: HPE
CVE-2019-5387 (A remote code execution vulnerability was identified in HPE Intelligen ...)
	NOT-FOR-US: HPE
CVE-2019-5386 (A remote code execution vulnerability was identified in HPE Intelligen ...)
	NOT-FOR-US: HPE
CVE-2019-5385 (A remote code execution vulnerability was identified in HPE Intelligen ...)
	NOT-FOR-US: HPE
CVE-2019-5384 (A remote code execution vulnerability was identified in HPE Intelligen ...)
	NOT-FOR-US: HPE
CVE-2019-5383 (A remote code execution vulnerability was identified in HPE Intelligen ...)
	NOT-FOR-US: HPE
CVE-2019-5382 (A remote code execution vulnerability was identified in HPE Intelligen ...)
	NOT-FOR-US: HPE
CVE-2019-5381 (A remote code execution vulnerability was identified in HPE Intelligen ...)
	NOT-FOR-US: HPE
CVE-2019-5380 (A remote code execution vulnerability was identified in HPE Intelligen ...)
	NOT-FOR-US: HPE
CVE-2019-5379 (A remote code execution vulnerability was identified in HPE Intelligen ...)
	NOT-FOR-US: HPE
CVE-2019-5378 (A remote code execution vulnerability was identified in HPE Intelligen ...)
	NOT-FOR-US: HPE
CVE-2019-5377 (A remote code execution vulnerability was identified in HPE Intelligen ...)
	NOT-FOR-US: HPE
CVE-2019-5376 (A remote code execution vulnerability was identified in HPE Intelligen ...)
	NOT-FOR-US: HPE
CVE-2019-5375 (A remote code execution vulnerability was identified in HPE Intelligen ...)
	NOT-FOR-US: HPE
CVE-2019-5374 (A remote code execution vulnerability was identified in HPE Intelligen ...)
	NOT-FOR-US: HPE
CVE-2019-5373 (A remote code execution vulnerability was identified in HPE Intelligen ...)
	NOT-FOR-US: HPE
CVE-2019-5372 (A remote code execution vulnerability was identified in HPE Intelligen ...)
	NOT-FOR-US: HPE
CVE-2019-5371 (A remote code execution vulnerability was identified in HPE Intelligen ...)
	NOT-FOR-US: HPE
CVE-2019-5370 (A remote code execution vulnerability was identified in HPE Intelligen ...)
	NOT-FOR-US: HPE
CVE-2019-5369 (A remote code execution vulnerability was identified in HPE Intelligen ...)
	NOT-FOR-US: HPE
CVE-2019-5368 (A remote code execution vulnerability was identified in HPE Intelligen ...)
	NOT-FOR-US: HPE
CVE-2019-5367 (A remote code execution vulnerability was identified in HPE Intelligen ...)
	NOT-FOR-US: HPE
CVE-2019-5366 (A remote code execution vulnerability was identified in HPE Intelligen ...)
	NOT-FOR-US: HPE
CVE-2019-5365 (A remote code execution vulnerability was identified in HPE Intelligen ...)
	NOT-FOR-US: HPE
CVE-2019-5364 (A remote code execution vulnerability was identified in HPE Intelligen ...)
	NOT-FOR-US: HPE
CVE-2019-5363 (A remote code execution vulnerability was identified in HPE Intelligen ...)
	NOT-FOR-US: HPE
CVE-2019-5362 (A remote code execution vulnerability was identified in HPE Intelligen ...)
	NOT-FOR-US: HPE
CVE-2019-5361 (A remote code execution vulnerability was identified in HPE Intelligen ...)
	NOT-FOR-US: HPE
CVE-2019-5360 (A remote code execution vulnerability was identified in HPE Intelligen ...)
	NOT-FOR-US: HPE
CVE-2019-5359 (A remote code execution vulnerability was identified in HPE Intelligen ...)
	NOT-FOR-US: HPE
CVE-2019-5358 (A remote code execution vulnerability was identified in HPE Intelligen ...)
	NOT-FOR-US: HPE
CVE-2019-5357 (A remote code execution vulnerability was identified in HPE Intelligen ...)
	NOT-FOR-US: HPE
CVE-2019-5356 (A remote code execution vulnerability was identified in HPE Intelligen ...)
	NOT-FOR-US: HPE
CVE-2019-5355 (A remote denial of service vulnerability was identified in HPE Intelli ...)
	NOT-FOR-US: HPE
CVE-2019-5354 (A remote code execution vulnerability was identified in HPE Intelligen ...)
	NOT-FOR-US: HPE
CVE-2019-5353 (A remote code execution vulnerability was identified in HPE Intelligen ...)
	NOT-FOR-US: HPE
CVE-2019-5352 (A remote code execution vulnerability was identified in HPE Intelligen ...)
	NOT-FOR-US: HPE
CVE-2019-5351 (A remote code execution vulnerability was identified in HPE Intelligen ...)
	NOT-FOR-US: HPE
CVE-2019-5350 (A remote code execution vulnerability was identified in HPE Intelligen ...)
	NOT-FOR-US: HPE
CVE-2019-5349 (A remote code execution vulnerability was identified in HPE Intelligen ...)
	NOT-FOR-US: HPE
CVE-2019-5348 (A remote code execution vulnerability was identified in HPE Intelligen ...)
	NOT-FOR-US: HPE
CVE-2019-5347 (A remote authentication bypass vulnerability was identified in HPE Int ...)
	NOT-FOR-US: HPE
CVE-2019-5346 (A remote code execution vulnerability was identified in HPE Intelligen ...)
	NOT-FOR-US: HPE
CVE-2019-5345 (A remote code execution vulnerability was identified in HPE Intelligen ...)
	NOT-FOR-US: HPE
CVE-2019-5344 (A remote code execution vulnerability was identified in HPE Intelligen ...)
	NOT-FOR-US: HPE
CVE-2019-5343 (A remote code execution vulnerability was identified in HPE Intelligen ...)
	NOT-FOR-US: HPE
CVE-2019-5342 (A remote code execution vulnerability was identified in HPE Intelligen ...)
	NOT-FOR-US: HPE
CVE-2019-5341 (A remote code execution vulnerability was identified in HPE Intelligen ...)
	NOT-FOR-US: HPE
CVE-2019-5340 (A remote code execution vulnerability was identified in HPE Intelligen ...)
	NOT-FOR-US: HPE
CVE-2019-5339 (A remote code execution vulnerability was identified in HPE Intelligen ...)
	NOT-FOR-US: HPE
CVE-2019-5338 (A remote code execution vulnerability was identified in HPE Intelligen ...)
	NOT-FOR-US: HPE
CVE-2019-5337
	RESERVED
CVE-2019-5336
	RESERVED
CVE-2019-5335
	RESERVED
CVE-2019-5334
	RESERVED
CVE-2019-5333
	RESERVED
CVE-2019-5332
	RESERVED
CVE-2019-5331
	RESERVED
CVE-2019-5330
	RESERVED
CVE-2019-5329
	RESERVED
CVE-2019-5328
	RESERVED
CVE-2019-5327
	RESERVED
CVE-2019-5326 (An administrative application user of or application user with write a ...)
	NOT-FOR-US: Aruba Airwave VisualRF
CVE-2019-5325
	RESERVED
CVE-2019-5324
	RESERVED
CVE-2019-5323 (There are command injection vulnerabilities present in the AirWave app ...)
	NOT-FOR-US: Aruba Airwave
CVE-2019-5322 (A remotely exploitable information disclosure vulnerability is present ...)
	NOT-FOR-US: Edge Switch models
CVE-2019-5321
	RESERVED
CVE-2019-5320
	RESERVED
CVE-2019-5319
	RESERVED
CVE-2019-5318
	RESERVED
CVE-2019-5317
	RESERVED
CVE-2019-5316
	RESERVED
CVE-2019-5315 (A command injection vulnerability is present in the web management int ...)
	NOT-FOR-US: ArubaOS
CVE-2019-5314 (Some web components in the ArubaOS software are vulnerable to HTTP Res ...)
	NOT-FOR-US: ArubaOS
CVE-2019-5313
	RESERVED
CVE-2019-5312 (An issue was discovered in weixin-java-tools v3.3.0. There is an XXE v ...)
	NOT-FOR-US: weixin-java-tools
CVE-2019-5311 (An issue was discovered in YUNUCMS V1.1.8. app/index/controller/Show.p ...)
	NOT-FOR-US: YUNUCMS
CVE-2019-5310 (YUNUCMS 1.1.8 has XSS in app/admin/controller/System.php because craft ...)
	NOT-FOR-US: YUNUCMS
CVE-2019-5309 (Honor play smartphones with versions earlier than 9.1.0.333(C00E333R1P ...)
	NOT-FOR-US: Honor play smartphones
CVE-2019-5308 (Mate 20 RS smartphones with versions earlier than 9.1.0.135(C786E133R3 ...)
	NOT-FOR-US: Mate 20 RS smartphones
CVE-2019-5307 (Some Huawei 4G LTE devices, P30 versions before ELE-AL00 9.1.0.162(C01 ...)
	NOT-FOR-US: Huawei
CVE-2019-5306 (There is a Factory Reset Protection (FRP) bypass security vulnerabilit ...)
	NOT-FOR-US: Huawei
CVE-2019-5305 (The image processing module of some Huawei Mate 10 smartphones version ...)
	NOT-FOR-US: Huawei
CVE-2019-5304 (Some Huawei products have a buffer error vulnerability. An unauthentic ...)
	NOT-FOR-US: Huawei
CVE-2019-5303
	RESERVED
CVE-2019-5302
	RESERVED
CVE-2019-5301 (Huawei smart phones Honor V20 with the versions before 9.0.1.161(C00E1 ...)
	NOT-FOR-US: Huawei
CVE-2019-5300 (There is a digital signature verification bypass vulnerability in AR12 ...)
	NOT-FOR-US: Huawei
CVE-2019-5299 (Huawei mobile phones Hima-AL00Bhave with Versions earlier than HMA-AL0 ...)
	NOT-FOR-US: Huawei
CVE-2019-5298 (There is an improper authentication vulnerability in some Huawei AP pr ...)
	NOT-FOR-US: Huawei
CVE-2019-5297 (Emily-L29C Huawei phones versions earlier than 9.0.0.159 (C185E2R1P12T ...)
	NOT-FOR-US: Huawei
CVE-2019-5296 (Mate20 Huawei smartphones versions earlier than HMA-AL00C00B175 have a ...)
	NOT-FOR-US: Huawei
CVE-2019-5295 (Huawei Honor V10 smartphones versions earlier than Berkeley-AL20 9.0.0 ...)
	NOT-FOR-US: Huawei
CVE-2019-5294 (There is an out of bound read vulnerability in some Huawei products. A ...)
	NOT-FOR-US: Huawei
CVE-2019-5293 (Some Huawei products have a memory leak vulnerability when handling so ...)
	NOT-FOR-US: Huawei
CVE-2019-5292 (Honor 10 Lite, Honor 8A, Huawei Y6 mobile phones with the versions bef ...)
	NOT-FOR-US: Huawei
CVE-2019-5291 (Some Huawei products have an insufficient verification of data authent ...)
	NOT-FOR-US: Huawei
CVE-2019-5290 (Huawei S5700 and S6700 have a DoS security vulnerability. Attackers wi ...)
	NOT-FOR-US: Huawei
CVE-2019-5289 (Gauss100 OLTP database in ManageOne with versions of 6.5.0 have an out ...)
	NOT-FOR-US: Huawei
CVE-2019-5288 (P30 smart phones with versions earlier than ELLE-AL00B 9.1.0.193(C00E1 ...)
	NOT-FOR-US: Huawei
CVE-2019-5287 (P30 smart phones with versions earlier than ELLE-AL00B 9.1.0.193(C00E1 ...)
	NOT-FOR-US: Huawei
CVE-2019-5286 (There is a reflection XSS vulnerability in the HedEx products. Remote  ...)
	NOT-FOR-US: HedEx / Huawei
CVE-2019-5285 (Some Huawei S series switches have a DoS vulnerability. An unauthentic ...)
	NOT-FOR-US: Huawei
CVE-2019-5284 (There is a DoS vulnerability in RTSP module of Leland-AL00A Huawei sma ...)
	NOT-FOR-US: Huawei
CVE-2019-5283 (There is Factory Reset Protection (FRP) bypass security vulnerability  ...)
	NOT-FOR-US: Huawei
CVE-2019-5282 (Bastet module of some Huawei smartphones with Versions earlier than Em ...)
	NOT-FOR-US: Huawei
CVE-2019-5281 (There is an information leak vulnerability in some Huawei phones, vers ...)
	NOT-FOR-US: Huawei
CVE-2019-5280 (The SIP TLS module of Huawei CloudLink Phone 7900 with V600R019C10 has ...)
	NOT-FOR-US: Huawei
CVE-2019-5279 (Huawei smart phones Emily-L29C with Versions earlier than 9.1.0.311(C1 ...)
	NOT-FOR-US: Huawei
CVE-2019-5278 (There is an out-of-bounds read vulnerability in the Advanced Packages  ...)
	NOT-FOR-US: Huawei
CVE-2019-5277 (Huawei CloudUSM-EUA V600R006C10;V600R019C00 have an information leak v ...)
	NOT-FOR-US: Huawei
CVE-2019-5276 (Huawei smart phones with earlier versions than ELLE-AL00B 9.1.0.222(C0 ...)
	NOT-FOR-US: Huawei
CVE-2019-5275 (USG9500 with versions of V500R001C30;V500R001C60 have a denial of serv ...)
	NOT-FOR-US: Huawei
CVE-2019-5274 (USG9500 with versions of V500R001C30;V500R001C60 have a denial of serv ...)
	NOT-FOR-US: Huawei
CVE-2019-5273 (USG9500 with versions of V500R001C30;V500R001C60 have a denial of serv ...)
	NOT-FOR-US: Huawei
CVE-2019-5272 (USG9500 with versions of V500R001C30;V500R001C60 have a missing integr ...)
	NOT-FOR-US: Huawei
CVE-2019-5271 (There is an information leak vulnerability in Huawei smart speaker Myn ...)
	NOT-FOR-US: Huawei
CVE-2019-5270
	RESERVED
CVE-2019-5269 (Some Huawei home routers have an improper authorization vulnerability. ...)
	NOT-FOR-US: Huawei
CVE-2019-5268 (Some Huawei home routers have an input validation vulnerability. Due t ...)
	NOT-FOR-US: Huawei
CVE-2019-5267 (Huawei OceanStor SNS3096 V100R002C01 have an information disclosure vu ...)
	NOT-FOR-US: Huawei
CVE-2019-5266 (Huawei Share function in P30 9.1.0.193(C00E190R2P1) smartphone has an  ...)
	NOT-FOR-US: Huawei
CVE-2019-5265 (Huawei Share function in P30 9.1.0.193(C00E190R2P1) smartphone has an  ...)
	NOT-FOR-US: Huawei
CVE-2019-5264 (There is an information disclosure vulnerability in certain Huawei sma ...)
	NOT-FOR-US: Huawei
CVE-2019-5263 (HiSuite with 9.1.0.305 and earlier versions and 9.1.0.305(MAC) and ear ...)
	NOT-FOR-US: Huawei
CVE-2019-5262
	RESERVED
CVE-2019-5261
	RESERVED
CVE-2019-5260 (Huawei smartphones HUAWEI Y9 2019 and Honor View 20 have a denial of s ...)
	NOT-FOR-US: Huawei
CVE-2019-5259 (There is an information leakage vulnerability on some Huawei products( ...)
	NOT-FOR-US: Huawei
CVE-2019-5258 (Certain Huawei products (AP2000;IPS Module;NGFW Module;NIP6300;NIP6600 ...)
	NOT-FOR-US: Huawei
CVE-2019-5257 (Certain Huawei products (AP2000;IPS Module;NGFW Module;NIP6300;NIP6600 ...)
	NOT-FOR-US: Huawei
CVE-2019-5256 (Certain Huawei products (AP2000;IPS Module;NGFW Module;NIP6300;NIP6600 ...)
	NOT-FOR-US: Huawei
CVE-2019-5255 (Certain Huawei products (AP2000;IPS Module;NGFW Module;NIP6300;NIP6600 ...)
	NOT-FOR-US: Huawei
CVE-2019-5254 (Certain Huawei products (AP2000;IPS Module;NGFW Module;NIP6300;NIP6600 ...)
	NOT-FOR-US: Huawei
CVE-2019-5253 (E5572-855 with versions earlier than 8.0.1.3(H335SP1C233) has an impro ...)
	NOT-FOR-US: Huawei
CVE-2019-5252 (There is an improper authentication vulnerability in Huawei smartphone ...)
	NOT-FOR-US: Huawei
CVE-2019-5251 (There is a path traversal vulnerability in several Huawei smartphones. ...)
	NOT-FOR-US: Huawei
CVE-2019-5250 (Mate 20 Pro smartphones with versions earlier than 9.1.0.135(C00E133R3 ...)
	NOT-FOR-US: Mate 20 Pro smartphones
CVE-2019-5249
	RESERVED
CVE-2019-5248 (CloudEngine 12800 has a DoS vulnerability. An attacker of a neighborin ...)
	NOT-FOR-US: CloudEngine 12800
CVE-2019-5247 (Huawei Atlas 300, Atlas 500 have a buffer overflow vulnerability. A lo ...)
	NOT-FOR-US: Huawei
CVE-2019-5246 (Smartphones with software of ELLE-AL00B 9.1.0.109(C00E106R1P21), 9.1.0 ...)
	NOT-FOR-US: Huawei
CVE-2019-5245 (HiSuite 9.1.0.300 versions and earlier contains a DLL hijacking vulner ...)
	NOT-FOR-US: Huawei
CVE-2019-5244 (Mate 9 Pro Huawei smartphones earlier than LON-L29C 8.0.0.361(C636) ve ...)
	NOT-FOR-US: Huawei
CVE-2019-5243 (There is a Clickjacking vulnerability in Huawei HG255s product. An att ...)
	NOT-FOR-US: Huawei
CVE-2019-5242 (There is a code execution vulnerability in Huawei PCManager versions e ...)
	NOT-FOR-US: Huawei
CVE-2019-5241 (There is a privilege escalation vulnerability in Huawei PCManager vers ...)
	NOT-FOR-US: Huawei
CVE-2019-5240
	RESERVED
CVE-2019-5239 (Huawei PCManager with the versions before 9.0.1.66 (Oversea) and versi ...)
	NOT-FOR-US: Huawei
CVE-2019-5238 (Huawei PCManager with the versions before 9.0.1.66 (Oversea) and versi ...)
	NOT-FOR-US: Huawei
CVE-2019-5237 (Huawei PCManager with the versions before 9.0.1.66 (Oversea) and versi ...)
	NOT-FOR-US: Huawei
CVE-2019-5236 (Huawei smart phones Emily-L29C with versions of 8.1.0.132a(C432), 8.1. ...)
	NOT-FOR-US: Huawei
CVE-2019-5235 (Some Huawei smart phones have a null pointer dereference vulnerability ...)
	NOT-FOR-US: Huawei
CVE-2019-5234
	RESERVED
CVE-2019-5233 (Huawei smartphones with versions earlier than Taurus-AL00B 10.0.0.41(S ...)
	NOT-FOR-US: Huawei
CVE-2019-5232 (There is a use of insufficiently random values vulnerability in Huawei ...)
	NOT-FOR-US: Huawei
CVE-2019-5231 (P30 smartphones with versions earlier than ELLE-AL00B 9.1.0.186(C00E18 ...)
	NOT-FOR-US: Huawei
CVE-2019-5230 (P20 Pro, P20, Mate RS smartphones with versions earlier than Charlotte ...)
	NOT-FOR-US: Huawei
CVE-2019-5229 (P30 smartphones with versions earlier than ELLE-AL00B 9.1.0.193(C00E19 ...)
	NOT-FOR-US: P30 smartphones
CVE-2019-5228 (Certain detection module of P30, P30 Pro, Honor V20 smartphone whith V ...)
	NOT-FOR-US: Huawei
CVE-2019-5227 (P30, P30 Pro, Mate 20 smartphones with software of versions earlier th ...)
	NOT-FOR-US: Huawei
CVE-2019-5226 (P30, P30 Pro, Mate 20 smartphones with software of versions earlier th ...)
	NOT-FOR-US: Huawei
CVE-2019-5225 (P30, Mate 20, P30 Pro smartphones with software of versions earlier th ...)
	NOT-FOR-US: Huawei
CVE-2019-5224 (P30 smartphones with versions earlier than ELLE-AL00B 9.1.0.193(C00E19 ...)
	NOT-FOR-US: Huawei
CVE-2019-5223 (PCManager 9.1.3.1 has an improper authentication vulnerability. The ce ...)
	NOT-FOR-US: PCManager
CVE-2019-5222 (There is an information disclosure vulnerability on Secure Input of ce ...)
	NOT-FOR-US: Huawei
CVE-2019-5221 (There is a path traversal vulnerability on Huawei Share. The software  ...)
	NOT-FOR-US: Huawei
CVE-2019-5220 (There is a Factory Reset Protection (FRP) bypass vulnerability on seve ...)
	NOT-FOR-US: Huawei
CVE-2019-5219 (There is a double free vulnerability on certain drivers of Huawei Mate ...)
	NOT-FOR-US: Huawei
CVE-2019-5218 (There is an insufficient authentication vulnerability in Huawei Band 2 ...)
	NOT-FOR-US: Huawei
CVE-2019-5217 (There is an information disclosure vulnerability on Mate 9 Pro Huawei  ...)
	NOT-FOR-US: Huawei
CVE-2019-5216 (There is a race condition vulnerability on Huawei Honor V10 smartphone ...)
	NOT-FOR-US: Huawei
CVE-2019-5215 (There is a man-in-the-middle (MITM) vulnerability on Huawei P30 smartp ...)
	NOT-FOR-US: Huawei
CVE-2019-5214 (There is a use after free vulnerability on certain driver component in ...)
	NOT-FOR-US: Huawei
CVE-2019-5213 (Honor play smartphones with versions earlier than Cornell-AL00A 9.1.0. ...)
	NOT-FOR-US: Honor play smartphones
CVE-2019-5212 (There is an improper access control vulnerability in Huawei Share. The ...)
	NOT-FOR-US: Huawei
CVE-2019-5211 (The Huawei Share function of P20 phones with versions earlier than Emi ...)
	NOT-FOR-US: Huawei
CVE-2019-5210 (Nova 5i pro and Nova 5 smartphones with versions earlier than 9.1.1.19 ...)
	NOT-FOR-US: Huawei
CVE-2019-5209
	REJECTED
CVE-2019-5208
	REJECTED
CVE-2019-5207
	REJECTED
CVE-2019-5206
	REJECTED
CVE-2019-5205
	REJECTED
CVE-2019-5204
	RESERVED
CVE-2019-5203
	RESERVED
CVE-2019-5202
	RESERVED
CVE-2019-5201
	RESERVED
CVE-2019-5200
	RESERVED
CVE-2019-5199
	RESERVED
CVE-2019-5198
	RESERVED
CVE-2019-5197
	RESERVED
CVE-2019-5196
	RESERVED
CVE-2019-5195
	RESERVED
CVE-2019-5194
	RESERVED
CVE-2019-5193
	RESERVED
CVE-2019-5192
	RESERVED
CVE-2019-5191
	RESERVED
CVE-2019-5190
	RESERVED
CVE-2019-5189
	RESERVED
CVE-2019-5188 (A code execution vulnerability exists in the directory rehashing funct ...)
	{DLA-2156-1}
	- e2fsprogs 1.45.5-1 (bug #948508)
	[buster] - e2fsprogs 1.44.5-1+deb10u3
	[stretch] - e2fsprogs <no-dsa> (Minor issue)
	NOTE: Fixed by: https://git.kernel.org/pub/scm/fs/ext2/e2fsprogs.git/commit/?id=8dd73c149f418238f19791f9d666089ef9734dff
	NOTE: Further hardening: https://git.kernel.org/pub/scm/fs/ext2/e2fsprogs.git/commit/?id=71ba137571ba13755337e19c9a826dfc874562a36e1b24d3
	NOTE: https://talosintelligence.com/vulnerability_reports/TALOS-2019-0973
CVE-2019-5187 (An exploitable out-of-bounds write vulnerability exists in the TIFread ...)
	NOT-FOR-US: Accusoft ImageGear
CVE-2019-5186 (An exploitable stack buffer overflow vulnerability vulnerability exist ...)
	NOT-FOR-US: WAGO
CVE-2019-5185 (An exploitable stack buffer overflow vulnerability vulnerability exist ...)
	NOT-FOR-US: WAGO
CVE-2019-5184 (An exploitable double free vulnerability exists in the iocheckd servic ...)
	NOT-FOR-US: WAGO
CVE-2019-5183 (An exploitable type confusion vulnerability exists in AMD ATIDXX64.DLL ...)
	NOT-FOR-US: AMD ATIDXX64.DLL driver
CVE-2019-5182 (An exploitable stack buffer overflow vulnerability vulnerability exist ...)
	NOT-FOR-US: WAGO
CVE-2019-5181 (An exploitable stack buffer overflow vulnerability vulnerability exist ...)
	NOT-FOR-US: WAGO
CVE-2019-5180 (An exploitable stack buffer overflow vulnerability vulnerability exist ...)
	NOT-FOR-US: WAGO
CVE-2019-5179 (An exploitable stack buffer overflow vulnerability vulnerability exist ...)
	NOT-FOR-US: WAGO
CVE-2019-5178 (An exploitable stack buffer overflow vulnerability vulnerability exist ...)
	NOT-FOR-US: WAGO
CVE-2019-5177 (An exploitable stack buffer overflow vulnerability vulnerability exist ...)
	NOT-FOR-US: WAGO
CVE-2019-5176 (An exploitable stack buffer overflow vulnerability vulnerability exist ...)
	NOT-FOR-US: WAGO
CVE-2019-5175 (An exploitable command injection vulnerability exists in the iocheckd  ...)
	NOT-FOR-US: WAGO
CVE-2019-5174 (An exploitable command injection vulnerability exists in the iocheckd  ...)
	NOT-FOR-US: WAGO
CVE-2019-5173 (An exploitable command injection vulnerability exists in the iocheckd  ...)
	NOT-FOR-US: WAGO
CVE-2019-5172 (An exploitable command injection vulnerability exists in the iocheckd  ...)
	NOT-FOR-US: WAGO
CVE-2019-5171 (An exploitable command injection vulnerability exists in the iocheckd  ...)
	NOT-FOR-US: WAGO
CVE-2019-5170 (An exploitable command injection vulnerability exists in the iocheckd  ...)
	NOT-FOR-US: WAGO
CVE-2019-5169 (An exploitable command injection vulnerability exists in the iocheckd  ...)
	NOT-FOR-US: WAGO
CVE-2019-5168 (An exploitable command injection vulnerability exists in the iocheckd  ...)
	NOT-FOR-US: WAGO
CVE-2019-5167 (An exploitable command injection vulnerability exists in the iocheckd  ...)
	NOT-FOR-US: WAGO
CVE-2019-5166 (An exploitable stack buffer overflow vulnerability exists in the ioche ...)
	NOT-FOR-US: WAGO
CVE-2019-5165 (An exploitable authentication bypass vulnerability exists in the hostn ...)
	NOT-FOR-US: Moxa
CVE-2019-5164 (An exploitable code execution vulnerability exists in the ss-manager b ...)
	- shadowsocks-libev 3.3.3+ds-2
	[buster] - shadowsocks-libev <no-dsa> (Minor issue)
	[stretch] - shadowsocks-libev <no-dsa> (Minor issue)
	NOTE: https://talosintelligence.com/vulnerability_reports/TALOS-2019-0958
	NOTE: https://github.com/shadowsocks/shadowsocks-libev/issues/2537
	NOTE: Mitigation: Using a unix socket with ss-manager via --manager-socket.
	NOTE: Exposing ss-manager to pubic is always dangerous.
CVE-2019-5163 (An exploitable denial-of-service vulnerability exists in the UDPRelay  ...)
	- shadowsocks-libev 3.3.3+ds-2
	[buster] - shadowsocks-libev <no-dsa> (Minor issue)
	[stretch] - shadowsocks-libev <no-dsa> (Minor issue)
	NOTE: https://talosintelligence.com/vulnerability_reports/TALOS-2019-0956
	NOTE: https://github.com/shadowsocks/shadowsocks-libev/issues/2536
CVE-2019-5162 (An exploitable improper access control vulnerability exists in the iw_ ...)
	NOT-FOR-US: Moxa
CVE-2019-5161 (An exploitable remote code execution vulnerability exists in the Cloud ...)
	NOT-FOR-US: WAGO
CVE-2019-5160 (An exploitable improper host validation vulnerability exists in the Cl ...)
	NOT-FOR-US: WAGO
CVE-2019-5159 (An exploitable improper input validation vulnerability exists in the f ...)
	NOT-FOR-US: WAGO
CVE-2019-5158 (An exploitable firmware downgrade vulnerability exists in the firmware ...)
	NOT-FOR-US: WAGO
CVE-2019-5157 (An exploitable command injection vulnerability exists in the Cloud Con ...)
	NOT-FOR-US: WAGO
CVE-2019-5156 (An exploitable command injection vulnerability exists in the cloud con ...)
	NOT-FOR-US: WAGO
CVE-2019-5155 (An exploitable command injection vulnerability exists in the cloud con ...)
	NOT-FOR-US: WAGO
CVE-2019-5154 (An exploitable heap overflow vulnerability exists in the JPEG2000 pars ...)
	NOT-FOR-US: LEADTOOLS
CVE-2019-5153 (An exploitable remote code execution vulnerability exists in the iw_we ...)
	NOT-FOR-US: Moxa
CVE-2019-5152 (An exploitable information disclosure vulnerability exists in the netw ...)
	- shadowsocks-libev <unfixed> (unimportant)
	NOTE: https://talosintelligence.com/vulnerability_reports/TALOS-2019-0942
	NOTE: https://github.com/shadowsocks/shadowsocks-libev/issues/2525
	NOTE: Upstream has no plan to remove stream ciphers as per
	NOTE: https://github.com/shadowsocks/shadowsocks-libev/issues/2525#issuecomment-557551274
	NOTE: Documented insecure use case provided for backwards compatibility.
CVE-2019-5151 (An exploitable SQL injection vulnerability exist in YouPHPTube 7.7. A  ...)
	NOT-FOR-US: YouPHPTube
CVE-2019-5150 (An exploitable SQL injection vulnerability exist in YouPHPTube 7.7. Wh ...)
	NOT-FOR-US: YouPHPTube
CVE-2019-5149 (The WBM web application on firmwares prior to 03.02.02 and 03.01.07 on ...)
	NOT-FOR-US: WAGO
CVE-2019-5148 (An exploitable denial-of-service vulnerability exists in ServiceAgent  ...)
	NOT-FOR-US: Moxa
CVE-2019-5147 (An exploitable out-of-bounds read vulnerability exists in AMD ATIDXX64 ...)
	NOT-FOR-US: AMD ATIDXX64.DLL driver
CVE-2019-5146 (An exploitable out-of-bounds read vulnerability exists in AMD ATIDXX64 ...)
	NOT-FOR-US: AMD ATIDXX64.DLL driver
CVE-2019-5145 (An exploitable use-after-free vulnerability exists in the JavaScript e ...)
	NOT-FOR-US: Foxit PDF Reader
CVE-2019-5144 (An exploitable heap underflow vulnerability exists in the derive_taps_ ...)
	NOT-FOR-US: Kakadu Software SDK
CVE-2019-5143 (An exploitable format string vulnerability exists in the iw_console co ...)
	NOT-FOR-US: Moxa
CVE-2019-5142 (An exploitable command injection vulnerability exists in the hostname  ...)
	NOT-FOR-US: Moxa
CVE-2019-5141 (An exploitable command injection vulnerability exists in the iw_webs f ...)
	NOT-FOR-US: Moxa
CVE-2019-5140 (An exploitable command injection vulnerability exists in the iwwebs fu ...)
	NOT-FOR-US: Moxa
CVE-2019-5139 (An exploitable use of hard-coded credentials vulnerability exists in m ...)
	NOT-FOR-US: Moxa
CVE-2019-5138 (An exploitable command injection vulnerability exists in encrypted dia ...)
	NOT-FOR-US: Moxa
CVE-2019-5137 (The usage of hard-coded cryptographic keys within the ServiceAgent bin ...)
	NOT-FOR-US: Moxa
CVE-2019-5136 (An exploitable privilege escalation vulnerability exists in the iw_con ...)
	NOT-FOR-US: Moxa
CVE-2019-5135 (An exploitable timing discrepancy vulnerability exists in the authenti ...)
	NOT-FOR-US: WAGO
CVE-2019-5134 (An exploitable regular expression without anchors vulnerability exists ...)
	NOT-FOR-US: WAGO
CVE-2019-5133 (An exploitable out-of-bounds write vulnerability exists in the igcore1 ...)
	NOT-FOR-US: ImageGear
CVE-2019-5132 (An exploitable out-of-bounds write vulnerability exists in the igcore1 ...)
	NOT-FOR-US: ImageGear
CVE-2019-5131 (An exploitable use-after-free vulnerability exists in the JavaScript e ...)
	NOT-FOR-US: Foxit PDF Reader
CVE-2019-5130 (An exploitable use-after-free vulnerability exists in the JavaScript e ...)
	NOT-FOR-US: Foxit PDF Reader
CVE-2019-5129 (A command injection have been found in YouPHPTube Encoder. A successfu ...)
	NOT-FOR-US: YouPHPTube Encoder
CVE-2019-5128 (A command injection have been found in YouPHPTube Encoder. A successfu ...)
	NOT-FOR-US: YouPHPTube Encoder
CVE-2019-5127 (A command injection have been found in YouPHPTube Encoder. A successfu ...)
	NOT-FOR-US: YouPHPTube Encoder
CVE-2019-5126 (An exploitable use-after-free vulnerability exists in the JavaScript e ...)
	NOT-FOR-US: Foxit PDF Reader
CVE-2019-5125 (An exploitable heap overflow vulnerability exists in the JPEG2000 pars ...)
	NOT-FOR-US: LEADTOOLS
CVE-2019-5124 (An exploitable out-of-bounds read vulnerability exists in AMD ATIDXX64 ...)
	NOT-FOR-US: AMD ATIDXX64.DLL driver
CVE-2019-5123 (Specially crafted web requests can cause SQL injections in YouPHPTube  ...)
	NOT-FOR-US: YouPHPTube
CVE-2019-5122 (SQL injection vulnerabilities exists in the authenticated part of YouP ...)
	NOT-FOR-US: YouPHPTube
CVE-2019-5121 (SQL injection vulnerabilities exists in the authenticated part of YouP ...)
	NOT-FOR-US: YouPHPTube
CVE-2019-5120 (An exploitable SQL injection vulnerability exists in the authenticated ...)
	NOT-FOR-US: YouPHPTube
CVE-2019-5119 (An exploitable SQL injection vulnerability exist in the authenticated  ...)
	NOT-FOR-US: YouPHPTube
CVE-2019-5118
	RESERVED
CVE-2019-5117 (Exploitable SQL injection vulnerabilities exists in the authenticated  ...)
	NOT-FOR-US: YouPHPTube
CVE-2019-5116 (An exploitable SQL injection vulnerability exists in the authenticated ...)
	NOT-FOR-US: YouPHPTube
CVE-2019-5115
	RESERVED
CVE-2019-5114 (An exploitable SQL injection vulnerability exists in the authenticated ...)
	NOT-FOR-US: YouPHPTube
CVE-2019-5113
	RESERVED
CVE-2019-5112 (Exploitable SQL injection vulnerability exists in the authenticated po ...)
	NOT-FOR-US: Forma LMS
CVE-2019-5111 (Exploitable SQL injection vulnerability exists in the authenticated po ...)
	NOT-FOR-US: Forma LMS
CVE-2019-5110 (Exploitable SQL injection vulnerabilities exist in the authenticated p ...)
	NOT-FOR-US: Forma LMS
CVE-2019-5109 (Exploitable SQL injection vulnerabilities exists in the authenticated  ...)
	NOT-FOR-US: Forma LMS
CVE-2019-5108 (An exploitable denial-of-service vulnerability exists in the Linux ker ...)
	- linux 5.3.7-1
	[buster] - linux 4.19.98-1
	NOTE: https://talosintelligence.com/vulnerability_reports/TALOS-2019-0900
	NOTE: https://git.kernel.org/linus/3e493173b7841259a08c5c8e5cbe90adb349da7e
CVE-2019-5107 (A cleartext transmission vulnerability exists in the network communica ...)
	NOT-FOR-US: WAGO
CVE-2019-5106 (A hard-coded encryption key vulnerability exists in the authentication ...)
	NOT-FOR-US: WAGO
CVE-2019-5105 (An exploitable memory corruption vulnerability exists in the Name Serv ...)
	NOT-FOR-US: 3S-Smart Software Solutions CODESYS GatewayService
CVE-2019-5104
	REJECTED
CVE-2019-5103
	RESERVED
CVE-2019-5102 (An exploitable information leak vulnerability exists in the ustream-ss ...)
	NOT-FOR-US: ustream-ssl library of OpenWrt
CVE-2019-5101 (An exploitable information leak vulnerability exists in the ustream-ss ...)
	NOT-FOR-US: ustream-ssl library of OpenWrt
CVE-2019-5100 (An exploitable integer overflow vulnerability exists in the BMP header ...)
	NOT-FOR-US: LEADTOOLS
CVE-2019-5099 (An exploitable integer underflow vulnerability exists in the CMP-parsi ...)
	NOT-FOR-US: LEADTOOLS
CVE-2019-5098 (An exploitable out-of-bounds read vulnerability exists in AMD ATIDXX64 ...)
	NOT-FOR-US: AMD ATIDXX64.DLL driver
CVE-2019-5097 (A denial-of-service vulnerability exists in the processing of multi-pa ...)
	NOT-FOR-US: GoAhead
CVE-2019-5096 (An exploitable code execution vulnerability exists in the processing o ...)
	NOT-FOR-US: GoAhead
CVE-2019-5095 (An issue summary information disclosure vulnerability exists in Atlass ...)
	NOT-FOR-US: Atlassian
CVE-2019-5094 (An exploitable code execution vulnerability exists in the quota file f ...)
	{DSA-4535-1 DLA-1935-1}
	- e2fsprogs 1.45.4-1 (bug #941139)
	NOTE: https://git.kernel.org/pub/scm/fs/ext2/e2fsprogs.git/commit/?h=maint&id=8dbe7b475ec5e91ed767239f0e85880f416fc384
	NOTE: https://talosintelligence.com/vulnerability_reports/TALOS-2019-0887
CVE-2019-5093 (An exploitable code execution vulnerability exists in the DICOM networ ...)
	NOT-FOR-US: LEADTOOLS
CVE-2019-5092 (An exploitable heap out of bounds write vulnerability exists in the UI ...)
	NOT-FOR-US: LEADTOOLS
CVE-2019-5091 (An exploitable denial-of-service vulnerability exists in the Dicom-pac ...)
	NOT-FOR-US: LEADTOOLS
CVE-2019-5090 (An exploitable information disclosure vulnerability exists in the DICO ...)
	NOT-FOR-US: LEADTOOLS
CVE-2019-5089 (An exploitable memory corruption vulnerability exists in Investintech  ...)
	NOT-FOR-US: Investintech
CVE-2019-5088 (An exploitable memory corruption vulnerability exists in Investintech  ...)
	NOT-FOR-US: Investintech
CVE-2019-5087 (An exploitable integer overflow vulnerability exists in the flattenInc ...)
	- xcftools <unfixed> (bug #945317)
	NOTE: https://github.com/j-jorge/xcftools/issues/13
	NOTE: https://talosintelligence.com/vulnerability_reports/TALOS-2019-0879
CVE-2019-5086 (An exploitable integer overflow vulnerability exists in the flattenInc ...)
	- xcftools <unfixed> (bug #945317)
	NOTE: https://github.com/j-jorge/xcftools/issues/12
	NOTE: https://talosintelligence.com/vulnerability_reports/TALOS-2019-0878
CVE-2019-5085 (An exploitable code execution vulnerability exists in the DICOM packet ...)
	NOT-FOR-US: LEADTOOLS
CVE-2019-5084 (An exploitable heap out-of-bounds write vulnerability exists in the TI ...)
	NOT-FOR-US: LEADTOOLS
CVE-2019-5083 (An exploitable out-of-bounds write vulnerability exists in the igcore1 ...)
	NOT-FOR-US: Accusoft ImageGear
CVE-2019-5082 (An exploitable heap buffer overflow vulnerability exists in the iochec ...)
	NOT-FOR-US: WAGO Firmware
CVE-2019-5081 (An exploitable heap buffer overflow vulnerability exists in the iochec ...)
	NOT-FOR-US: WAGO
CVE-2019-5080 (An exploitable denial-of-service vulnerability exists in the iocheckd  ...)
	NOT-FOR-US: WAGO
CVE-2019-5079 (An exploitable heap buffer overflow vulnerability exists in the iochec ...)
	NOT-FOR-US: WAGO
CVE-2019-5078 (An exploitable denial of service vulnerability exists in the iocheckd  ...)
	NOT-FOR-US: WAGO
CVE-2019-5077 (An exploitable denial-of-service vulnerability exists in the iocheckd  ...)
	NOT-FOR-US: WAGO
CVE-2019-5076 (An exploitable out-of-bounds write vulnerability exists in the igcore1 ...)
	NOT-FOR-US: Accusoft ImageGear
CVE-2019-5075 (An exploitable stack buffer overflow vulnerability exists in the comma ...)
	NOT-FOR-US: WAGO
CVE-2019-5074 (An exploitable stack buffer overflow vulnerability exists in the ioche ...)
	NOT-FOR-US: WAGO
CVE-2019-5073 (An exploitable information exposure vulnerability exists in the iochec ...)
	NOT-FOR-US: WAGO
CVE-2019-5072 (An exploitable command injection vulnerability exists in the /goform/W ...)
	NOT-FOR-US: Tenda
CVE-2019-5071 (An exploitable command injection vulnerability exists in the /goform/W ...)
	NOT-FOR-US: Tenda
CVE-2019-5070 (An exploitable SQL injection vulnerability exists in the unauthenticat ...)
	NOT-FOR-US: eFront LMS
CVE-2019-5069 (A code execution vulnerability exists in Epignosis eFront LMS v5.2.12. ...)
	NOT-FOR-US: Epignosis eFront LMS
CVE-2019-5068 (An exploitable shared memory permissions vulnerability exists in the f ...)
	{DLA-1993-1}
	- mesa 19.2.6-1 (low; bug #944298)
	[buster] - mesa 18.3.6-2+deb10u1
	[stretch] - mesa <no-dsa> (Minor issue)
	NOTE: https://talosintelligence.com/vulnerability_reports/TALOS-2019-0857
	NOTE: https://lists.freedesktop.org/pipermail/mesa-dev/2019-October/223704.html
	NOTE: https://cgit.freedesktop.org/mesa/mesa/commit/?id=02c3dad0f3b4d26e0faa5cc51d06bc50d693dcdc
CVE-2019-5067 (An uninitialized memory access vulnerability exists in the way Aspose. ...)
	NOT-FOR-US: Aspose
CVE-2019-5066 (An exploitable use-after-free vulnerability exists in the way LZW-comp ...)
	NOT-FOR-US: Aspose
CVE-2019-5065 (An exploitable information disclosure vulnerability exists in the pack ...)
	NOT-FOR-US: Blynk
CVE-2019-5064 (An exploitable heap buffer overflow vulnerability exists in the data s ...)
	[experimental] - opencv 4.2.0+dfsg-1
	- opencv <unfixed> (bug #948180)
	[buster] - opencv <not-affected> (Vulnerable code introduced later)
	[stretch] - opencv <not-affected> (Vulnerable code introduced later)
	[jessie] - opencv <not-affected> (The vulnerable code was introduced later)
	NOTE: https://talosintelligence.com/vulnerability_reports/TALOS-2019-0853
	NOTE: Fixed by: https://github.com/opencv/opencv/commit/f42d5399aac80d371b17d689851406669c9b9111 (4.2.0)
	NOTE: https://github.com/opencv/opencv/issues/15857
	NOTE: Persistence implementation refactored in: https://github.com/opencv/opencv/pull/13011
CVE-2019-5063 (An exploitable heap buffer overflow vulnerability exists in the data s ...)
	[experimental] - opencv 4.2.0+dfsg-1
	- opencv <unfixed> (bug #948180)
	[buster] - opencv <not-affected> (Vulnerable code introduced later)
	[stretch] - opencv <not-affected> (Vulnerable code introduced later)
	[jessie] - opencv <not-affected> (The vulnerable code was introduced later)
	NOTE: https://talosintelligence.com/vulnerability_reports/TALOS-2019-0852
	NOTE: Fixed by: https://github.com/opencv/opencv/commit/f42d5399aac80d371b17d689851406669c9b9111 (4.2.0)
	NOTE: https://github.com/opencv/opencv/issues/15857
	NOTE: Persistence implementation refactored in: https://github.com/opencv/opencv/pull/13011
CVE-2019-5062 (An exploitable denial-of-service vulnerability exists in the 802.11w s ...)
	- wpa <unfixed> (unimportant)
	NOTE: https://talosintelligence.com/vulnerability_reports/TALOS-2019-0850
	NOTE: Issue is not considered the report recieved bogus and at most with very
	NOTE: negligible impact. Issue likely would need to be disputed or rejected.
CVE-2019-5061 (An exploitable denial-of-service vulnerability exists in the hostapd 2 ...)
	- wpa 2:2.9+git20200213+877d9a0-1 (unimportant)
	NOTE: https://talosintelligence.com/vulnerability_reports/TALOS-2019-0849
	NOTE: https://w1.fi/cgit/hostap/commit/?id=018edec9b2bd3db20605117c32ff79c1e625c432
	NOTE: removes IAPP functionality from hostapd. IAPP implementation furthermore
	NOTE: was never really completed on wpa side and this obsoleted functionality in
	NOTE: hostapd had been moved to the kernel driver already.
CVE-2019-5060 (An exploitable code execution vulnerability exists in the XPM image re ...)
	- libsdl2-image 2.0.5+dfsg1-1
	[buster] - libsdl2-image <no-dsa> (Minor issue)
	[stretch] - libsdl2-image <no-dsa> (Minor issue)
	[jessie] - libsdl2-image <no-dsa> (Minor issue)
	- sdl-image1.2 1.2.12-12
	[buster] - sdl-image1.2 <no-dsa> (Minor issue)
	[stretch] - sdl-image1.2 <no-dsa> (Minor issue)
	[jessie] - sdl-image1.2 <no-dsa> (Minor issue)
	NOTE: https://talosintelligence.com/vulnerability_reports/TALOS-2019-0844
	NOTE: https://hg.libsdl.org/SDL_image/rev/26061e601c81
CVE-2019-5059 (An exploitable code execution vulnerability exists in the XPM image re ...)
	- libsdl2-image 2.0.5+dfsg1-1
	[buster] - libsdl2-image <no-dsa> (Minor issue)
	[stretch] - libsdl2-image <no-dsa> (Minor issue)
	[jessie] - libsdl2-image <no-dsa> (Minor issue)
	- sdl-image1.2 1.2.12-12
	[buster] - sdl-image1.2 <no-dsa> (Minor issue)
	[stretch] - sdl-image1.2 <no-dsa> (Minor issue)
	[jessie] - sdl-image1.2 <no-dsa> (Minor issue)
	NOTE: https://talosintelligence.com/vulnerability_reports/TALOS-2019-0843
	NOTE: https://hg.libsdl.org/SDL_image/rev/95fc7da55247
CVE-2019-5058 (An exploitable code execution vulnerability exists in the XCF image re ...)
	- libsdl2-image 2.0.5+dfsg1-1 (bug #932754)
	[buster] - libsdl2-image 2.0.4+dfsg1-1+deb10u1
	[stretch] - libsdl2-image 2.0.1+dfsg-2+deb9u2
	[jessie] - libsdl2-image 2.0.0+dfsg-3+deb8u2
	- sdl-image1.2 1.2.12-11 (bug #932755)
	[buster] - sdl-image1.2 1.2.12-10+deb10u1
	[stretch] - sdl-image1.2 1.2.12-5+deb9u2
	[jessie] - sdl-image1.2 1.2.12-5+deb8u2
	NOTE: https://talosintelligence.com/vulnerability_reports/TALOS-2019-0842
	NOTE: https://hg.libsdl.org/SDL_image/rev/b1a80aec2b10
	NOTE: CVE-2019-5058 can be considered a CVE for an incomplete fix for CVE-2018-3977.
CVE-2019-5057 (An exploitable code execution vulnerability exists in the PCX image-re ...)
	- libsdl2-image 2.0.5+dfsg1-1 (bug #932754)
	[buster] - libsdl2-image 2.0.4+dfsg1-1+deb10u1
	[stretch] - libsdl2-image 2.0.1+dfsg-2+deb9u2
	[jessie] - libsdl2-image <no-dsa> (Minor issue)
	- sdl-image1.2 1.2.12-11 (bug #932755)
	[buster] - sdl-image1.2 1.2.12-10+deb10u1
	[stretch] - sdl-image1.2 1.2.12-5+deb9u2
	[jessie] - sdl-image1.2 <no-dsa> (Minor issue)
	NOTE: https://talosintelligence.com/vulnerability_reports/TALOS-2019-0841
	NOTE: https://hg.libsdl.org/SDL_image/rev/7453e79c8cdb
CVE-2019-5056
	RESERVED
CVE-2019-5055 (An exploitable denial-of-service vulnerability exists in the Host Acce ...)
	NOT-FOR-US: Netgear
CVE-2019-5054 (An exploitable denial-of-service vulnerability exists in the session h ...)
	NOT-FOR-US: Netgear
CVE-2019-5053 (An exploitable use-after-free vulnerability exists in the Length parsi ...)
	NOT-FOR-US: NitroPDF
CVE-2019-5052 (An exploitable integer overflow vulnerability exists when loading a PC ...)
	{DLA-1865-1 DLA-1861-1}
	- libsdl2-image 2.0.5+dfsg1-1 (bug #932754)
	[buster] - libsdl2-image 2.0.4+dfsg1-1+deb10u1
	[stretch] - libsdl2-image 2.0.1+dfsg-2+deb9u2
	- sdl-image1.2 1.2.12-11 (bug #932755)
	[buster] - sdl-image1.2 1.2.12-10+deb10u1
	[stretch] - sdl-image1.2 1.2.12-5+deb9u2
	NOTE: https://talosintelligence.com/vulnerability_reports/TALOS-2019-0821
	NOTE: https://hg.libsdl.org/SDL_image/rev/b920be2b3fc6
CVE-2019-5051 (An exploitable heap-based buffer overflow vulnerability exists when lo ...)
	{DLA-1865-1 DLA-1861-1}
	- libsdl2-image 2.0.5+dfsg1-1 (bug #932754)
	[buster] - libsdl2-image 2.0.4+dfsg1-1+deb10u1
	[stretch] - libsdl2-image 2.0.1+dfsg-2+deb9u2
	- sdl-image1.2 1.2.12-11 (bug #932755)
	[buster] - sdl-image1.2 1.2.12-10+deb10u1
	[stretch] - sdl-image1.2 1.2.12-5+deb9u2
	NOTE: https://talosintelligence.com/vulnerability_reports/TALOS-2019-0820
	NOTE: https://hg.libsdl.org/SDL_image/rev/e7e9786a1a34
CVE-2019-5050 (A specifically crafted PDF file can lead to a heap corruption when ope ...)
	NOT-FOR-US: NitroPDF
CVE-2019-5049 (An exploitable memory corruption vulnerability exists in AMD ATIDXX64. ...)
	NOT-FOR-US: AMD Windows driver
CVE-2019-5048 (A specifically crafted PDF file can lead to a heap corruption when ope ...)
	NOT-FOR-US: NitroPDF
CVE-2019-5047 (An exploitable Use After Free vulnerability exists in the CharProcs pa ...)
	NOT-FOR-US: NitroPDF
CVE-2019-5046 (A specifically crafted jpeg2000 file embedded in a PDF file can lead t ...)
	NOT-FOR-US: NitroPDF
CVE-2019-5045 (A specifically crafted jpeg2000 file embedded in a PDF file can lead t ...)
	NOT-FOR-US: NitroPDF
CVE-2019-5044
	REJECTED
CVE-2019-5043 (An exploitable denial-of-service vulnerability exists in the Weave dae ...)
	NOT-FOR-US: Nest
CVE-2019-5042 (An exploitable Use-After-Free vulnerability exists in the way Function ...)
	NOT-FOR-US: Aspose
CVE-2019-5041 (An exploitable Stack Based Buffer Overflow vulnerability exists in the ...)
	NOT-FOR-US: Aspose
CVE-2019-5040 (An exploitable information disclosure vulnerability exists in the Weav ...)
	NOT-FOR-US: OpenWeave
CVE-2019-5039 (An exploitable command execution vulnerability exists in the ASN1 cert ...)
	NOT-FOR-US: OpenWeave
CVE-2019-5038 (An exploitable command execution vulnerability exists in the print-tlv ...)
	NOT-FOR-US: OpenWeave
CVE-2019-5037 (An exploitable denial-of-service vulnerability exists in the Weave cer ...)
	NOT-FOR-US: Nest
CVE-2019-5036 (An exploitable denial-of-service vulnerability exists in the Weave err ...)
	NOT-FOR-US: Nest
CVE-2019-5035 (An exploitable information disclosure vulnerability exists in the Weav ...)
	NOT-FOR-US: Nest
CVE-2019-5034 (An exploitable information disclosure vulnerability exists in the Weav ...)
	NOT-FOR-US: Nest
CVE-2019-5033 (An exploitable out-of-bounds read vulnerability exists in the Number r ...)
	NOT-FOR-US: Aspose
CVE-2019-5032 (An exploitable out-of-bounds read vulnerability exists in the LabelSst ...)
	NOT-FOR-US: Aspose
CVE-2019-5031 (An exploitable memory corruption vulnerability exists in the JavaScrip ...)
	NOT-FOR-US: Foxit PDF Reader
CVE-2019-5030 (A buffer overflow vulnerability exists in the PowerPoint document conv ...)
	NOT-FOR-US: Rainbow PDF Office Server Document Converter
CVE-2019-5029 (An exploitable command injection vulnerability exists in the Config ed ...)
	NOT-FOR-US: Exhibitor Web UI
CVE-2019-5028
	REJECTED
CVE-2019-5027
	REJECTED
CVE-2019-5026
	REJECTED
CVE-2019-5025
	REJECTED
CVE-2019-5024 (A restricted environment escape vulnerability exists in the "kiosk mod ...)
	NOT-FOR-US: Capsule Technologies SmartLinx Neuron
CVE-2019-5023 (An exploitable vulnerability exists in the grsecurity PaX patch for th ...)
	- linux-grsec <removed>
CVE-2019-5022
	REJECTED
CVE-2019-5021 (Versions of the Official Alpine Linux Docker images (since v3.3) conta ...)
	NOT-FOR-US: Official Alpine Linux Docker images
CVE-2019-5020 (An exploitable denial of service vulnerability exists in the object lo ...)
	- yara 3.9.0-1
	[stretch] - yara <not-affected> (dex module introduced in 3.8.0)
	[jessie] - yara <not-affected> (dex module introduced in 3.8.0)
	NOTE: https://talosintelligence.com/vulnerability_reports/TALOS-2019-0781
	NOTE: https://github.com/VirusTotal/yara/issues/1023
	NOTE: https://github.com/VirusTotal/yara/commit/1ecb0e66431bf5c5b4c2fdf622be969eb5f4a7cc
	NOTE: https://github.com/VirusTotal/yara/commit/a3784d3855029bd0ad24071e72746cc0c31b8cba
CVE-2019-5019 (A heap-based overflow vulnerability exists in the PowerPoint document  ...)
	NOT-FOR-US: Rainbow PDF Office Server Document Converter
CVE-2019-5018 (An exploitable use after free vulnerability exists in the window funct ...)
	- sqlite3 3.27.2-3 (bug #928770)
	[stretch] - sqlite3 <not-affected> (windowfuncs introduced in 3.25.0)
	[jessie] - sqlite3 <not-affected> (windowfuncs introduced in 3.25.0)
	NOTE: https://www.talosintelligence.com/vulnerability_reports/TALOS-2019-0777
CVE-2019-5017 (An exploitable information disclosure vulnerability exists in the KCod ...)
	NOT-FOR-US: NETGEAR
CVE-2019-5016 (An exploitable arbitrary memory read vulnerability exists in the KCode ...)
	NOT-FOR-US: NETGEAR
CVE-2019-5015 (A local privilege escalation vulnerability exists in the Mac OS X vers ...)
	NOT-FOR-US: Apple
CVE-2019-5014 (An exploitable improper access control vulnerability exists in the blu ...)
	NOT-FOR-US: Winco Fireworks FireFly FW-1007
CVE-2019-5013 (An exploitable privilege escalation vulnerability exists in the Wacom, ...)
	NOT-FOR-US: Wacom MacOS driver
CVE-2019-5012 (An exploitable privilege escalation vulnerability exists in the Wacom, ...)
	NOT-FOR-US: Wacom MacOS driver
CVE-2019-5011 (An exploitable privilege escalation vulnerability exists in the helper ...)
	NOT-FOR-US: CleanMyMac
CVE-2019-5010 (An exploitable denial-of-service vulnerability exists in the X509 cert ...)
	{DLA-1834-1 DLA-1663-1}
	- python3.7 3.7.2-2 (bug #921064)
	- python3.6 <removed> (bug #921063)
	- python3.5 <removed>
	[stretch] - python3.5 <postponed> (Minor issue, can be fixed along in a future DSA)
	- python3.4 <removed>
	- python2.7 2.7.15-6 (bug #921040)
	[stretch] - python2.7 <postponed> (Minor issue, can be fixed along in a future DSA)
	NOTE: https://bugs.python.org/issue35746
	NOTE: https://github.com/python/cpython/pull/11569
	NOTE: https://github.com/python/cpython/commit/be5de958e9052e322b0087c6dba81cdad0c3e031 (3.7.x)
	NOTE: https://github.com/python/cpython/commit/216a4d83c3b72f4fdcd81b588dc3f42cc461739a (3.6.x)
	NOTE: https://github.com/python/cpython/commit/06b15424b0dcacb1c551b2a36e739fffa8d0c595 (2.7.x)
CVE-2019-5009 (Vtiger CRM 7.1.0 before Hotfix2 allows uploading files with the extens ...)
	NOT-FOR-US: Vtiger CRM
CVE-2019-5008 (hw/sparc64/sun4u.c in QEMU 3.1.50 is vulnerable to a NULL pointer dere ...)
	- qemu 1:3.1+dfsg-8 (low; bug #927439)
	[buster] - qemu 1:3.1+dfsg-8~deb10u1
	[stretch] - qemu <ignored> (Minor issue)
	[jessie] - qemu <not-affected> (Vulnerable code not present)
	- qemu-kvm <removed>
	NOTE: https://fakhrizulkifli.github.io/posts/2019/01/03/CVE-2019-5008/
	NOTE: https://git.qemu.org/?p=qemu.git;a=commit;h=ad280559c68360c9f1cd7be063857853759e6a73 (4.0.0-rc0)
CVE-2019-5007 (An issue was discovered in Foxit Reader and PhantomPDF before 9.4 on W ...)
	NOT-FOR-US: Foxit Reader and PhantomPDF
CVE-2019-5006 (An issue was discovered in Foxit Reader and PhantomPDF before 9.4 on W ...)
	NOT-FOR-US: Foxit Reader and PhantomPDF
CVE-2019-5005 (An issue was discovered in Foxit Reader and PhantomPDF before 9.4 on W ...)
	NOT-FOR-US: Foxit Reader and PhantomPDF
CVE-2019-5004
	RESERVED
CVE-2019-5003
	REJECTED
CVE-2019-5002
	REJECTED
CVE-2019-5001
	REJECTED
CVE-2019-5000
	REJECTED
CVE-2019-4999
	REJECTED
CVE-2019-4998
	REJECTED
CVE-2019-4997
	REJECTED
CVE-2019-4996
	REJECTED
CVE-2019-4995
	REJECTED
CVE-2019-4994
	REJECTED
CVE-2019-4993
	REJECTED
CVE-2019-4992
	REJECTED
CVE-2019-4991
	REJECTED
CVE-2019-4990
	REJECTED
CVE-2019-4989
	REJECTED
CVE-2019-4988
	REJECTED
CVE-2019-4987
	REJECTED
CVE-2019-4986
	REJECTED
CVE-2019-4985
	REJECTED
CVE-2019-4984
	REJECTED
CVE-2019-4983
	REJECTED
CVE-2019-4982
	REJECTED
CVE-2019-4981
	REJECTED
CVE-2019-4980
	REJECTED
CVE-2019-4979
	REJECTED
CVE-2019-4978
	REJECTED
CVE-2019-4977
	REJECTED
CVE-2019-4976
	REJECTED
CVE-2019-4975
	REJECTED
CVE-2019-4974
	REJECTED
CVE-2019-4973
	REJECTED
CVE-2019-4972
	REJECTED
CVE-2019-4971
	REJECTED
CVE-2019-4970
	REJECTED
CVE-2019-4969
	REJECTED
CVE-2019-4968
	REJECTED
CVE-2019-4967
	REJECTED
CVE-2019-4966
	REJECTED
CVE-2019-4965
	REJECTED
CVE-2019-4964
	REJECTED
CVE-2019-4963
	REJECTED
CVE-2019-4962
	REJECTED
CVE-2019-4961
	REJECTED
CVE-2019-4960
	REJECTED
CVE-2019-4959
	REJECTED
CVE-2019-4958
	REJECTED
CVE-2019-4957
	REJECTED
CVE-2019-4956
	REJECTED
CVE-2019-4955
	REJECTED
CVE-2019-4954
	REJECTED
CVE-2019-4953
	REJECTED
CVE-2019-4952
	REJECTED
CVE-2019-4951
	REJECTED
CVE-2019-4950
	REJECTED
CVE-2019-4949
	REJECTED
CVE-2019-4948
	REJECTED
CVE-2019-4947
	REJECTED
CVE-2019-4946
	REJECTED
CVE-2019-4945
	REJECTED
CVE-2019-4944
	REJECTED
CVE-2019-4943
	REJECTED
CVE-2019-4942
	REJECTED
CVE-2019-4941
	REJECTED
CVE-2019-4940
	REJECTED
CVE-2019-4939
	REJECTED
CVE-2019-4938
	REJECTED
CVE-2019-4937
	REJECTED
CVE-2019-4936
	REJECTED
CVE-2019-4935
	REJECTED
CVE-2019-4934
	REJECTED
CVE-2019-4933
	REJECTED
CVE-2019-4932
	REJECTED
CVE-2019-4931
	REJECTED
CVE-2019-4930
	REJECTED
CVE-2019-4929
	REJECTED
CVE-2019-4928
	REJECTED
CVE-2019-4927
	REJECTED
CVE-2019-4926
	REJECTED
CVE-2019-4925
	REJECTED
CVE-2019-4924
	REJECTED
CVE-2019-4923
	REJECTED
CVE-2019-4922
	REJECTED
CVE-2019-4921
	REJECTED
CVE-2019-4920
	REJECTED
CVE-2019-4919
	REJECTED
CVE-2019-4918
	REJECTED
CVE-2019-4917
	REJECTED
CVE-2019-4916
	REJECTED
CVE-2019-4915
	REJECTED
CVE-2019-4914
	REJECTED
CVE-2019-4913
	REJECTED
CVE-2019-4912
	REJECTED
CVE-2019-4911
	REJECTED
CVE-2019-4910
	REJECTED
CVE-2019-4909
	REJECTED
CVE-2019-4908
	REJECTED
CVE-2019-4907
	REJECTED
CVE-2019-4906
	REJECTED
CVE-2019-4905
	REJECTED
CVE-2019-4904
	REJECTED
CVE-2019-4903
	REJECTED
CVE-2019-4902
	REJECTED
CVE-2019-4901
	REJECTED
CVE-2019-4900
	REJECTED
CVE-2019-4899
	REJECTED
CVE-2019-4898
	REJECTED
CVE-2019-4897
	REJECTED
CVE-2019-4896
	REJECTED
CVE-2019-4895
	REJECTED
CVE-2019-4894
	REJECTED
CVE-2019-4893
	REJECTED
CVE-2019-4892
	REJECTED
CVE-2019-4891
	REJECTED
CVE-2019-4890
	REJECTED
CVE-2019-4889
	REJECTED
CVE-2019-4888
	REJECTED
CVE-2019-4887
	REJECTED
CVE-2019-4886
	REJECTED
CVE-2019-4885
	REJECTED
CVE-2019-4884
	REJECTED
CVE-2019-4883
	REJECTED
CVE-2019-4882
	REJECTED
CVE-2019-4881
	REJECTED
CVE-2019-4880
	REJECTED
CVE-2019-4879
	REJECTED
CVE-2019-4878
	REJECTED
CVE-2019-4877
	REJECTED
CVE-2019-4876
	REJECTED
CVE-2019-4875
	REJECTED
CVE-2019-4874
	REJECTED
CVE-2019-4873
	REJECTED
CVE-2019-4872
	REJECTED
CVE-2019-4871
	REJECTED
CVE-2019-4870
	REJECTED
CVE-2019-4869
	REJECTED
CVE-2019-4868
	REJECTED
CVE-2019-4867
	REJECTED
CVE-2019-4866
	REJECTED
CVE-2019-4865
	REJECTED
CVE-2019-4864
	REJECTED
CVE-2019-4863
	REJECTED
CVE-2019-4862
	REJECTED
CVE-2019-4861
	REJECTED
CVE-2019-4860
	REJECTED
CVE-2019-4859
	REJECTED
CVE-2019-4858
	REJECTED
CVE-2019-4857
	REJECTED
CVE-2019-4856
	REJECTED
CVE-2019-4855
	REJECTED
CVE-2019-4854
	REJECTED
CVE-2019-4853
	REJECTED
CVE-2019-4852
	REJECTED
CVE-2019-4851
	REJECTED
CVE-2019-4850
	REJECTED
CVE-2019-4849
	REJECTED
CVE-2019-4848
	REJECTED
CVE-2019-4847
	REJECTED
CVE-2019-4846
	REJECTED
CVE-2019-4845
	REJECTED
CVE-2019-4844
	REJECTED
CVE-2019-4843
	REJECTED
CVE-2019-4842
	REJECTED
CVE-2019-4841
	REJECTED
CVE-2019-4840
	REJECTED
CVE-2019-4839
	REJECTED
CVE-2019-4838
	REJECTED
CVE-2019-4837
	REJECTED
CVE-2019-4836
	REJECTED
CVE-2019-4835
	REJECTED
CVE-2019-4834
	REJECTED
CVE-2019-4833
	REJECTED
CVE-2019-4832
	REJECTED
CVE-2019-4831
	REJECTED
CVE-2019-4830
	REJECTED
CVE-2019-4829
	REJECTED
CVE-2019-4828
	REJECTED
CVE-2019-4827
	REJECTED
CVE-2019-4826
	REJECTED
CVE-2019-4825
	REJECTED
CVE-2019-4824
	REJECTED
CVE-2019-4823
	REJECTED
CVE-2019-4822
	REJECTED
CVE-2019-4821
	REJECTED
CVE-2019-4820
	REJECTED
CVE-2019-4819
	REJECTED
CVE-2019-4818
	REJECTED
CVE-2019-4817
	REJECTED
CVE-2019-4816
	REJECTED
CVE-2019-4815
	REJECTED
CVE-2019-4814
	REJECTED
CVE-2019-4813
	REJECTED
CVE-2019-4812
	REJECTED
CVE-2019-4811
	REJECTED
CVE-2019-4810
	REJECTED
CVE-2019-4809
	REJECTED
CVE-2019-4808
	REJECTED
CVE-2019-4807
	REJECTED
CVE-2019-4806
	REJECTED
CVE-2019-4805
	REJECTED
CVE-2019-4804
	REJECTED
CVE-2019-4803
	REJECTED
CVE-2019-4802
	REJECTED
CVE-2019-4801
	REJECTED
CVE-2019-4800
	REJECTED
CVE-2019-4799
	REJECTED
CVE-2019-4798
	REJECTED
CVE-2019-4797
	REJECTED
CVE-2019-4796
	REJECTED
CVE-2019-4795
	REJECTED
CVE-2019-4794
	REJECTED
CVE-2019-4793
	REJECTED
CVE-2019-4792
	REJECTED
CVE-2019-4791
	REJECTED
CVE-2019-4790
	REJECTED
CVE-2019-4789
	REJECTED
CVE-2019-4788
	REJECTED
CVE-2019-4787
	REJECTED
CVE-2019-4786
	REJECTED
CVE-2019-4785
	REJECTED
CVE-2019-4784
	REJECTED
CVE-2019-4783
	REJECTED
CVE-2019-4782
	REJECTED
CVE-2019-4781
	REJECTED
CVE-2019-4780
	REJECTED
CVE-2019-4779
	REJECTED
CVE-2019-4778
	REJECTED
CVE-2019-4777
	REJECTED
CVE-2019-4776
	REJECTED
CVE-2019-4775
	REJECTED
CVE-2019-4774
	REJECTED
CVE-2019-4773
	REJECTED
CVE-2019-4772
	REJECTED
CVE-2019-4771
	REJECTED
CVE-2019-4770
	REJECTED
CVE-2019-4769
	REJECTED
CVE-2019-4768
	REJECTED
CVE-2019-4767
	REJECTED
CVE-2019-4766
	REJECTED
CVE-2019-4765
	REJECTED
CVE-2019-4764
	REJECTED
CVE-2019-4763
	REJECTED
CVE-2019-4762
	RESERVED
CVE-2019-4761
	RESERVED
CVE-2019-4760
	RESERVED
CVE-2019-4759
	RESERVED
CVE-2019-4758
	RESERVED
CVE-2019-4757
	RESERVED
CVE-2019-4756
	RESERVED
CVE-2019-4755
	RESERVED
CVE-2019-4754
	RESERVED
CVE-2019-4753
	RESERVED
CVE-2019-4752 (IBM Emptoris Spend Analysis and IBM Emptoris Strategic Supply Manageme ...)
	NOT-FOR-US: IBM
CVE-2019-4751
	RESERVED
CVE-2019-4750
	RESERVED
CVE-2019-4749
	RESERVED
CVE-2019-4748
	RESERVED
CVE-2019-4747
	RESERVED
CVE-2019-4746 (IBM DOORS Next Generation (DNG/RRC) 6.0.2. 6.0.6, and 6.0.61 is vulner ...)
	NOT-FOR-US: IBM
CVE-2019-4745 (IBM Maximo Asset Management 7.6.1.0 could allow a remote attacker to d ...)
	NOT-FOR-US: IBM
CVE-2019-4744 (IBM Financial Transaction Manager 3.0 is vulnerable to cross-site scri ...)
	NOT-FOR-US: IBM
CVE-2019-4743 (IBM Financial Transaction Manager 3.0 does not set the secure attribut ...)
	NOT-FOR-US: IBM
CVE-2019-4742 (IBM Financial Transaction Manager 3.0 could allow a remote attacker to ...)
	NOT-FOR-US: IBM
CVE-2019-4741 (IBM Content Navigator 3.0CD is vulnerable to Server Side Request Forge ...)
	NOT-FOR-US: IBM
CVE-2019-4740 (IBM DOORS Next Generation (DNG/RRC) 6.0.2. 6.0.6, and 6.0.61 is vulner ...)
	NOT-FOR-US: IBM
CVE-2019-4739
	RESERVED
CVE-2019-4738
	RESERVED
CVE-2019-4737 (IBM DOORS Next Generation (DNG/RRC) 6.0.2. 6.0.6, and 6.0.61 is vulner ...)
	NOT-FOR-US: IBM
CVE-2019-4736 (IBM Financial Transaction Manager 3.0 is vulnerable to cross-site requ ...)
	NOT-FOR-US: IBM
CVE-2019-4735
	RESERVED
CVE-2019-4734
	RESERVED
CVE-2019-4733
	RESERVED
CVE-2019-4732 (IBM SDK, Java Technology Edition Version 7.0.0.0 through 7.0.10.55, 7. ...)
	NOT-FOR-US: IBM
CVE-2019-4731
	RESERVED
CVE-2019-4730
	RESERVED
CVE-2019-4729
	RESERVED
CVE-2019-4728
	RESERVED
CVE-2019-4727
	RESERVED
CVE-2019-4726 (IBM Sterling B2B Integrator Standard Edition 5.2.0.0 through 5.2.6.5 i ...)
	NOT-FOR-US: IBM
CVE-2019-4725
	RESERVED
CVE-2019-4724
	RESERVED
CVE-2019-4723
	RESERVED
CVE-2019-4722
	RESERVED
CVE-2019-4721
	RESERVED
CVE-2019-4720 (IBM WebSphere Application Server 7.0, 8.0, 8.5, and 9.0 is vulnerable  ...)
	NOT-FOR-US: IBM
CVE-2019-4719 (IBM MQ and IBM MQ Appliance 7.1, 7.5, 8.0, 9.0 LTS, 9.1 LTS, and 9.1 C ...)
	NOT-FOR-US: IBM
CVE-2019-4718 (IBM Jazz for Service Management 3.13 is vulnerable to cross-site scrip ...)
	NOT-FOR-US: IBM
CVE-2019-4717
	RESERVED
CVE-2019-4716 (IBM Planning Analytics 2.0.0 through 2.0.8 is vulnerable to a configur ...)
	NOT-FOR-US: IBM
CVE-2019-4715 (IBM Spectrum Scale 4.2 and 5.0 could allow a remote authenticated atta ...)
	NOT-FOR-US: IBM
CVE-2019-4714
	RESERVED
CVE-2019-4713
	RESERVED
CVE-2019-4712
	RESERVED
CVE-2019-4711
	RESERVED
CVE-2019-4710
	RESERVED
CVE-2019-4709
	RESERVED
CVE-2019-4708
	RESERVED
CVE-2019-4707 (IBM Security Access Manager Appliance 9.0.7.0 is vulnerable to an XML  ...)
	NOT-FOR-US: IBM
CVE-2019-4706
	RESERVED
CVE-2019-4705
	RESERVED
CVE-2019-4704
	RESERVED
CVE-2019-4703 (IBM Spectrum Protect Plus 10.1.0 and 10.5.0, when protecting Microsoft ...)
	NOT-FOR-US: IBM
CVE-2019-4702
	RESERVED
CVE-2019-4701
	RESERVED
CVE-2019-4700
	RESERVED
CVE-2019-4699
	RESERVED
CVE-2019-4698
	RESERVED
CVE-2019-4697
	RESERVED
CVE-2019-4696
	RESERVED
CVE-2019-4695
	RESERVED
CVE-2019-4694
	RESERVED
CVE-2019-4693
	RESERVED
CVE-2019-4692
	RESERVED
CVE-2019-4691
	RESERVED
CVE-2019-4690
	RESERVED
CVE-2019-4689
	RESERVED
CVE-2019-4688
	RESERVED
CVE-2019-4687
	RESERVED
CVE-2019-4686
	RESERVED
CVE-2019-4685
	RESERVED
CVE-2019-4684
	RESERVED
CVE-2019-4683
	RESERVED
CVE-2019-4682
	RESERVED
CVE-2019-4681 (IBM Tivoli Netcool Impact 7.1.0.0 through 7.1.0.17 is vulnerable to cr ...)
	NOT-FOR-US: IBM
CVE-2019-4680
	RESERVED
CVE-2019-4679 (IBM Content Navigator 3.0CD could allow an authenticated user to gain  ...)
	NOT-FOR-US: IBM
CVE-2019-4678
	RESERVED
CVE-2019-4677
	RESERVED
CVE-2019-4676
	RESERVED
CVE-2019-4675 (IBM Security Identity Manager 7.0.1 contains hard-coded credentials, s ...)
	NOT-FOR-US: IBM
CVE-2019-4674 (IBM Security Identity Manager 7.0.1 could allow a remote attacker to t ...)
	NOT-FOR-US: IBM
CVE-2019-4673
	RESERVED
CVE-2019-4672 (IBM QRadar Advisor 1.1 through 2.5 could allow an unauthorized attacke ...)
	NOT-FOR-US: IBM
CVE-2019-4671
	RESERVED
CVE-2019-4670 (IBM WebSphere Application Server 7.0, 8.0, 8.5, and 9.0 could allow a  ...)
	NOT-FOR-US: IBM
CVE-2019-4669 (IBM Business Process Manager 8.5.7.0 through 8.5.7.0 2017.06, 8.6.0.0  ...)
	NOT-FOR-US: IBM
CVE-2019-4668
	RESERVED
CVE-2019-4667
	RESERVED
CVE-2019-4666 (IBM UrbanCode Deploy (UCD) 7.0.3 and IBM UrbanCode Build 6.1.5 could a ...)
	NOT-FOR-US: IBM
CVE-2019-4665 (IBM Spectrum Scale 4.2 and 5.0 is vulnerable to cross-site scripting.  ...)
	NOT-FOR-US: IBM
CVE-2019-4664
	RESERVED
CVE-2019-4663 (IBM WebSphere Application Server - Liberty is vulnerable to cross-site ...)
	NOT-FOR-US: IBM
CVE-2019-4662
	RESERVED
CVE-2019-4661
	RESERVED
CVE-2019-4660
	RESERVED
CVE-2019-4659
	RESERVED
CVE-2019-4658
	RESERVED
CVE-2019-4657
	RESERVED
CVE-2019-4656 (IBM MQ and IBM MQ Appliance 7.1, 7.5, 8.0, 9.0 LTS, 9.1 LTS, and 9.1 C ...)
	NOT-FOR-US: IBM
CVE-2019-4655 (IBM MQ 9.1.0.0, 9.1.0.1, 9.1.0.2, 9.1.0.3, 9.1.1, 9.1.2, and 9.1.3 is  ...)
	NOT-FOR-US: IBM
CVE-2019-4654
	RESERVED
CVE-2019-4653
	RESERVED
CVE-2019-4652 (IBM Spectrum Protect Plus 10.1.0 through 10.1.4 uses insecure file per ...)
	NOT-FOR-US: IBM Spectrum Protect Plus
CVE-2019-4651 (IBM Jazz Reporting Service (JRS) 6.0.6.1 is vulnerable to SQL injectio ...)
	NOT-FOR-US: IBM
CVE-2019-4650
	RESERVED
CVE-2019-4649
	RESERVED
CVE-2019-4648
	RESERVED
CVE-2019-4647
	RESERVED
CVE-2019-4646
	RESERVED
CVE-2019-4645 (IBM Cognos Analytics 11.0 and 11.1 is vulnerable to cross-site scripti ...)
	NOT-FOR-US: IBM
CVE-2019-4644
	RESERVED
CVE-2019-4643
	RESERVED
CVE-2019-4642
	RESERVED
CVE-2019-4641
	RESERVED
CVE-2019-4640 (IBM Security Secret Server 10.7 processes patches, image backups and o ...)
	NOT-FOR-US: IBM
CVE-2019-4639 (IBM Security Secret Server 10.7 uses weaker than expected cryptographi ...)
	NOT-FOR-US: IBM
CVE-2019-4638 (IBM Security Secret Server 10.7 does not set the secure attribute on a ...)
	NOT-FOR-US: IBM
CVE-2019-4637 (IBM Security Secret Server 10.7 uses incomplete blacklisting for input ...)
	NOT-FOR-US: IBM
CVE-2019-4636 (IBM Security Secret Server 10.7 could disclose sensitive information t ...)
	NOT-FOR-US: IBM
CVE-2019-4635 (IBM Security Secret Server 10.7 could allow a privileged user to perfo ...)
	NOT-FOR-US: IBM
CVE-2019-4634
	RESERVED
CVE-2019-4633 (IBM Security Secret Server 10.7 could allow an attacker to obtain sens ...)
	NOT-FOR-US: IBM
CVE-2019-4632 (IBM Security Secret Server 10.7 is vulnerable to cross-site scripting. ...)
	NOT-FOR-US: IBM
CVE-2019-4631 (IBM Security Secret Server 10.7 could allow a remote attacker to condu ...)
	NOT-FOR-US: IBM
CVE-2019-4630
	RESERVED
CVE-2019-4629
	RESERVED
CVE-2019-4628
	RESERVED
CVE-2019-4627
	RESERVED
CVE-2019-4626
	RESERVED
CVE-2019-4625
	RESERVED
CVE-2019-4624
	RESERVED
CVE-2019-4623 (IBM Cognos Analytics 11.0 and 11.1 is vulnerable to cross-site scripti ...)
	NOT-FOR-US: IBM
CVE-2019-4622
	RESERVED
CVE-2019-4621 (IBM DataPower Gateway 7.6.0.0-7 throug 6.0.14 and 2018.4.1.0 through 2 ...)
	NOT-FOR-US: IBM
CVE-2019-4620 (IBM MQ Appliance 8.0 and 9.0 LTS could allow a local attacker to bypas ...)
	NOT-FOR-US: IBM
CVE-2019-4619 (IBM MQ and IBM MQ Appliance 7.1, 7.5, 8.0, 9.0 LTS, 9.1 LTS, and 9.1 C ...)
	NOT-FOR-US: IBM
CVE-2019-4618
	RESERVED
CVE-2019-4617 (IBM Cloud Automation Manager 3.2.1.0 does not renew a session variable ...)
	NOT-FOR-US: IBM
CVE-2019-4616 (IBM Cloud Automation Manager 3.2.1.0 does not set the secure attribute ...)
	NOT-FOR-US: IBM
CVE-2019-4615
	RESERVED
CVE-2019-4614 (IBM MQ and IBM MQ Appliance 8.0 and 9.0 LTS client connecting to a Que ...)
	NOT-FOR-US: IBM
CVE-2019-4613 (IBM Planning Analytics 2.0 is vulnerable to cross-site request forgery ...)
	NOT-FOR-US: IBM
CVE-2019-4612 (IBM Planning Analytics 2.0 is vulnerable to malicious file upload in t ...)
	NOT-FOR-US: IBM
CVE-2019-4611 (IBM Planning Analytics 2.0 is vulnerable to cross-site scripting. This ...)
	NOT-FOR-US: IBM
CVE-2019-4610
	RESERVED
CVE-2019-4609 (IBM API Connect 2018.4.1.7 uses weaker than expected cryptographic alg ...)
	NOT-FOR-US: IBM
CVE-2019-4608 (IBM Tivoli Workload Scheduler 9.3 is vulnerable to cross-site scriptin ...)
	NOT-FOR-US: IBM
CVE-2019-4607
	RESERVED
CVE-2019-4606 (IBM DB2 High Performance Unload load for LUW 6.1 and 6.5 could allow a ...)
	NOT-FOR-US: IBM
CVE-2019-4605
	RESERVED
CVE-2019-4604
	RESERVED
CVE-2019-4603 (IBM Quality Manager (RQM) 6.02, 6.06, and 6.0.6.1 could allow an authe ...)
	NOT-FOR-US: IBM
CVE-2019-4602 (IBM Quality Manager (RQM) 6.02, 6.06, and 6.0.6.1 is vulnerable to cro ...)
	NOT-FOR-US: IBM
CVE-2019-4601 (IBM Quality Manager (RQM) 6.02, 6.06, and 6.0.6.1 could allow an authe ...)
	NOT-FOR-US: IBM
CVE-2019-4600 (IBM API Connect version V5.0.0.0 through 5.0.8.7 could reveal sensitiv ...)
	NOT-FOR-US: IBM
CVE-2019-4599
	RESERVED
CVE-2019-4598 (IBM Sterling B2B Integrator Standard Edition 5.2.0.0 through 5.2.6.5 i ...)
	NOT-FOR-US: IBM
CVE-2019-4597 (IBM Sterling B2B Integrator Standard Edition 5.2.0.0 through 5.2.6.5 i ...)
	NOT-FOR-US: IBM
CVE-2019-4596 (IBM Sterling B2B Integrator Standard Edition 5.2.0.0 through 5.2.6.5 i ...)
	NOT-FOR-US: IBM
CVE-2019-4595 (IBM Sterling B2B Integrator Standard Edition 5.2.0.0 through 5.2.6.5 c ...)
	NOT-FOR-US: IBM
CVE-2019-4594
	RESERVED
CVE-2019-4593
	RESERVED
CVE-2019-4592 (IBM Tivoli Monitoring Service 6.3.0.7.3 through 6.3.0.7.10 could allow ...)
	NOT-FOR-US: IBM
CVE-2019-4591
	RESERVED
CVE-2019-4590
	RESERVED
CVE-2019-4589
	RESERVED
CVE-2019-4588
	RESERVED
CVE-2019-4587
	RESERVED
CVE-2019-4586
	RESERVED
CVE-2019-4585
	RESERVED
CVE-2019-4584
	RESERVED
CVE-2019-4583 (IBM Maximo Asset Management 7.6.0.10 and 7.6.1.1 could allow an authen ...)
	NOT-FOR-US: IBM
CVE-2019-4582
	RESERVED
CVE-2019-4581 (IBM QRadar 7.3.0 to 7.3.2 Patch 4 is vulnerable to cross-site scriptin ...)
	NOT-FOR-US: IBM
CVE-2019-4580
	RESERVED
CVE-2019-4579
	RESERVED
CVE-2019-4578
	RESERVED
CVE-2019-4577
	RESERVED
CVE-2019-4576
	RESERVED
CVE-2019-4575
	RESERVED
CVE-2019-4574
	RESERVED
CVE-2019-4573
	RESERVED
CVE-2019-4572 (IBM FileNet Content Manager 5.5.2 and 5.5.3 in specific configurations ...)
	NOT-FOR-US: IBM
CVE-2019-4571 (IBM Content Navigator 3.0CD is vulnerable to cross-site scripting. Thi ...)
	NOT-FOR-US: IBM
CVE-2019-4570 (IBM Tivoli Netcool Impact 7.1.0 through 7.1.0.16 generates an error me ...)
	NOT-FOR-US: IBM
CVE-2019-4569 (IBM Tivoli Netcool Impact 7.1.0.0 through 7.1.0.16 is vulnerable to cr ...)
	NOT-FOR-US: IBM
CVE-2019-4568 (IBM MQ and IBM MQ Appliance 8.0 and 9.0 LTS could allow a remote attac ...)
	NOT-FOR-US: IBM
CVE-2019-4567
	RESERVED
CVE-2019-4566 (IBM Security Key Lifecycle Manager 3.0 and 3.0.1 stores user credentia ...)
	NOT-FOR-US: IBM
CVE-2019-4565 (IBM Security Key Lifecycle Manager 3.0 and 3.0.1 does not require that ...)
	NOT-FOR-US: IBM
CVE-2019-4564 (IBM Security Key Lifecycle Manager 2.6, 2.7, 3.0, and 3.0.1 is vulnera ...)
	NOT-FOR-US: IBM
CVE-2019-4563
	RESERVED
CVE-2019-4562 (IBM Security Directory Server 6.4.0 stores sensitive information in UR ...)
	NOT-FOR-US: IBM
CVE-2019-4561 (IBM Security Identity Manager 6.0.0 could allow a remote attacker to e ...)
	NOT-FOR-US: IBM
CVE-2019-4560 (IBM MQ and IBM MQ Appliance 9.1 CD, 9.1 LTS, 9.0 LTS, and 8.0 is vulne ...)
	NOT-FOR-US: IBM
CVE-2019-4559 (IBM QRadar SIEM 7.3.0 through 7.3.3 discloses sensitive information to ...)
	NOT-FOR-US: IBM
CVE-2019-4558 (A security vulnerability has been identified in all levels of IBM Spec ...)
	NOT-FOR-US: IBM
CVE-2019-4557 (IBM Qradar Advisor 1.1 through 2.5 with Watson uses weaker than expect ...)
	NOT-FOR-US: IBM
CVE-2019-4556 (IBM QRadar Advisor 1.0.0 through 2.4.0 uses incomplete blacklisting fo ...)
	NOT-FOR-US: IBM
CVE-2019-4555 (IBM Cognos Analytics 11.0 and 11.0 is vulnerable to cross-site scripti ...)
	NOT-FOR-US: IBM
CVE-2019-4554
	RESERVED
CVE-2019-4553 (IBM API Connect V5.0.0.0 through 5.0.8.7iFix3 uses weaker than expecte ...)
	NOT-FOR-US: IBM
CVE-2019-4552
	RESERVED
CVE-2019-4551 (IBM Security Directory Server 6.4.0 does not perform an authentication ...)
	NOT-FOR-US: IBM
CVE-2019-4550 (IBM Security Directory Server 6.4.0 is deployed with active debugging  ...)
	NOT-FOR-US: IBM
CVE-2019-4549 (IBM Security Directory Server 6.4.0 discloses sensitive information to ...)
	NOT-FOR-US: IBM
CVE-2019-4548 (IBM Security Directory Server 6.4.0 could allow a remote attacker to h ...)
	NOT-FOR-US: IBM
CVE-2019-4547
	RESERVED
CVE-2019-4546 (After installing the IBM Maximo Health- Safety and Environment Manager ...)
	NOT-FOR-US: IBM
CVE-2019-4545
	RESERVED
CVE-2019-4544
	RESERVED
CVE-2019-4543
	RESERVED
CVE-2019-4542 (IBM Security Directory Server 6.4.0 is vulnerable to cross-site script ...)
	NOT-FOR-US: IBM
CVE-2019-4541 (IBM Security Directory Server 6.4.0 uses incomplete blacklisting for i ...)
	NOT-FOR-US: IBM
CVE-2019-4540 (IBM Security Directory Server 6.4.0 uses weaker than expected cryptogr ...)
	NOT-FOR-US: IBM
CVE-2019-4539 (IBM Security Directory Server 6.4.0 does not properly neutralize speci ...)
	NOT-FOR-US: IBM
CVE-2019-4538 (IBM Security Directory Server 6.4.0 could allow a remote attacker to c ...)
	NOT-FOR-US: IBM
CVE-2019-4537 (IBM WebSphere Service Registry and Repository 8.5 could allow a user t ...)
	NOT-FOR-US: IBM
CVE-2019-4536 (IBM i 7.4 users who have done a Restore User Profile (RSTUSRPRF) on a  ...)
	NOT-FOR-US: IBM
CVE-2019-4535
	RESERVED
CVE-2019-4534
	RESERVED
CVE-2019-4533
	RESERVED
CVE-2019-4532
	RESERVED
CVE-2019-4531
	RESERVED
CVE-2019-4530 (IBM Maximo Asset Management 7.6, 7.6.1, and 7.6.1.1 could allow an aut ...)
	NOT-FOR-US: IBM
CVE-2019-4529
	RESERVED
CVE-2019-4528
	RESERVED
CVE-2019-4527
	RESERVED
CVE-2019-4526
	RESERVED
CVE-2019-4525
	RESERVED
CVE-2019-4524
	RESERVED
CVE-2019-4523 (IBM DB2 High Performance Unload load for LUW 6.1 and 6.5 is vulnerable ...)
	NOT-FOR-US: IBM
CVE-2019-4522
	RESERVED
CVE-2019-4521 (Platform System Manager in IBM Cloud Pak System 2.3 is potentially vul ...)
	NOT-FOR-US: IBM
CVE-2019-4520 (IBM Security Directory Server 6.4.0 uses an inadequate account lockout ...)
	NOT-FOR-US: IBM
CVE-2019-4519
	RESERVED
CVE-2019-4518
	RESERVED
CVE-2019-4517
	RESERVED
CVE-2019-4516
	RESERVED
CVE-2019-4515 (IBM Security Key Lifecycle Manager 3.0 and 3.0.1 is vulnerable to cros ...)
	NOT-FOR-US: IBM
CVE-2019-4514 (IBM Security Key Lifecycle Manager 2.6, 2.7, 3.0, and 3.0.1 discloses  ...)
	NOT-FOR-US: IBM
CVE-2019-4513 (IBM Security Access Manager for Enterprise Single Sign-On 8.2.2 is vul ...)
	NOT-FOR-US: IBM
CVE-2019-4512 (IBM Maximo Asset Management 7.6.1.1 generates an error message that in ...)
	NOT-FOR-US: IBM
CVE-2019-4511
	RESERVED
CVE-2019-4510
	RESERVED
CVE-2019-4509 (IBM QRadar 7.3.0 to 7.3.2 Patch 4 is vulnerable to incorrect authoriza ...)
	NOT-FOR-US: IBM
CVE-2019-4508 (IBM QRadar SIEM 7.3.0 through 7.3.3 uses weak credential storage in so ...)
	NOT-FOR-US: IBM
CVE-2019-4507
	RESERVED
CVE-2019-4506
	RESERVED
CVE-2019-4505 (IBM WebSphere Application Server 7.0, 8.0, 8.5, and 9.0 Network Deploy ...)
	NOT-FOR-US: IBM
CVE-2019-4504
	RESERVED
CVE-2019-4503
	RESERVED
CVE-2019-4502
	RESERVED
CVE-2019-4501
	RESERVED
CVE-2019-4500
	RESERVED
CVE-2019-4499
	RESERVED
CVE-2019-4498
	RESERVED
CVE-2019-4497 (IBM Jazz Reporting Service (JRS) 6.0, 6.0.1, 6.0.2, 6.0.3, 6.0.4, 6.0. ...)
	NOT-FOR-US: IBM
CVE-2019-4496
	RESERVED
CVE-2019-4495 (IBM Jazz Reporting Service (JRS) 6.0, 6.0.1, 6.0.2, 6.0.3, 6.0.4, 6.0. ...)
	NOT-FOR-US: IBM
CVE-2019-4494 (IBM Jazz Reporting Service (JRS) 6.0, 6.0.1, 6.0.2, 6.0.3, 6.0.4, 6.0. ...)
	NOT-FOR-US: IBM
CVE-2019-4493
	RESERVED
CVE-2019-4492
	RESERVED
CVE-2019-4491
	RESERVED
CVE-2019-4490
	RESERVED
CVE-2019-4489
	RESERVED
CVE-2019-4488
	RESERVED
CVE-2019-4487
	RESERVED
CVE-2019-4486 (IBM Maximo Asset Management 7.6 is vulnerable to cross-site scripting. ...)
	NOT-FOR-US: IBM
CVE-2019-4485 (IBM Emptoris Sourcing 10.1.0 through 10.1.3, IBM Contract Management 1 ...)
	NOT-FOR-US: IBM
CVE-2019-4484 (IBM Emptoris Sourcing 10.1.0 through 10.1.3, IBM Contract Management 1 ...)
	NOT-FOR-US: IBM
CVE-2019-4483 (IBM Contract Management 10.1.0 through 10.1.3 and IBM Emptoris Spend A ...)
	NOT-FOR-US: IBM
CVE-2019-4482 (IBM Emptoris Spend Analysis 10.1.0 through 10.1.3 is vulnerable to cro ...)
	NOT-FOR-US: IBM
CVE-2019-4481 (IBM Contract Management 10.1.0 through 10.1.3 and IBM Emptoris Spend A ...)
	NOT-FOR-US: IBM
CVE-2019-4480
	RESERVED
CVE-2019-4479
	RESERVED
CVE-2019-4478
	RESERVED
CVE-2019-4477 (IBM WebSphere Application Server 7.0, 8.0, 8.5, and 9.0 could allow a  ...)
	NOT-FOR-US: IBM
CVE-2019-4476
	RESERVED
CVE-2019-4475
	RESERVED
CVE-2019-4474
	RESERVED
CVE-2019-4473 (Multiple binaries in IBM SDK, Java Technology Edition 7, 7R, and 8 on  ...)
	NOT-FOR-US: IBM
CVE-2019-4472
	RESERVED
CVE-2019-4471
	RESERVED
CVE-2019-4470 (IBM QRadar 7.3.0 to 7.3.2 Patch 4 is vulnerable to cross-site scriptin ...)
	NOT-FOR-US: IBM
CVE-2019-4469
	RESERVED
CVE-2019-4468 (IBM Cloud Pak System 2.3 and 2.3.0.1 is vulnerable to cross-site scrip ...)
	NOT-FOR-US: IBM
CVE-2019-4467 (IBM Cloud Pak System 2.3 and 2.3.0.1 is vulnerable to cross-site scrip ...)
	NOT-FOR-US: IBM
CVE-2019-4466
	RESERVED
CVE-2019-4465 (IBM Cloud Pak System 2.3 and 2.3.0.1 allows web pages to be stored loc ...)
	NOT-FOR-US: IBM
CVE-2019-4464
	RESERVED
CVE-2019-4463
	RESERVED
CVE-2019-4462
	RESERVED
CVE-2019-4461 (IBM Cloud Orchestrator 2.4 through 2.4.0.5 and 2.5 through 2.5.0.9 is  ...)
	NOT-FOR-US: IBM
CVE-2019-4460 (IBM API Connect 5.0.0.0 through 5.0.8.6 developer portal could allow a ...)
	NOT-FOR-US: IBM
CVE-2019-4459 (IBM Cloud Orchestrator and IBM Cloud Orchestrator Enterprise 2.5 throu ...)
	NOT-FOR-US: IBM
CVE-2019-4458
	RESERVED
CVE-2019-4457 (IBM Jazz Foundation 6.0, 6.0.1, 6.0.2, 6.0.3, 6.0.4, 6.0.5, 6.0.6, and ...)
	NOT-FOR-US: IBM
CVE-2019-4456 (IBM Daeja ViewONE Professional, Standard &amp; Virtual 5.0.5 and 5.0.6 ...)
	NOT-FOR-US: IBM
CVE-2019-4455
	RESERVED
CVE-2019-4454 (IBM QRadar 7.3.0 to 7.3.2 Patch 4 is vulnerable to cross-site scriptin ...)
	NOT-FOR-US: IBM
CVE-2019-4453
	RESERVED
CVE-2019-4452
	RESERVED
CVE-2019-4451 (IBM Security Identity Manager 6.0.0 is vulnerable to cross-site script ...)
	NOT-FOR-US: IBM
CVE-2019-4450 (IBM i 7.2, 7.3, and 7.4 for i is vulnerable to cross-site scripting. T ...)
	NOT-FOR-US: IBM
CVE-2019-4449
	RESERVED
CVE-2019-4448 (IBM DB2 High Performance Unload load for LUW 6.1, 6.1.0.1, 6.1.0.1 IF1 ...)
	NOT-FOR-US: IBM
CVE-2019-4447 (IBM DB2 High Performance Unload load for LUW 6.1, 6.1.0.1, 6.1.0.1 IF1 ...)
	NOT-FOR-US: IBM
CVE-2019-4446
	RESERVED
CVE-2019-4445
	RESERVED
CVE-2019-4444 (IBM API Connect 2018.1 through 2018.4.1.7 Developer Portal's user regi ...)
	NOT-FOR-US: IBM
CVE-2019-4443
	RESERVED
CVE-2019-4442 (IBM WebSphere Application Server 7.0, 8.0, 8.5, and 9,0 could allow a  ...)
	NOT-FOR-US: IBM
CVE-2019-4441 (IBM WebSphere Application Server 7.0, 8.0, 8.5, 9.0, and Liberty could ...)
	NOT-FOR-US: IBM
CVE-2019-4440
	RESERVED
CVE-2019-4439 (IBM Cloud Private 3.1.0, 3.1.1, and 3.1.2 does not invalidate session  ...)
	NOT-FOR-US: IBM
CVE-2019-4438
	RESERVED
CVE-2019-4437 (IBM API Connect 2018.1 through 2018.4.1.6 may inadvertently leak sensi ...)
	NOT-FOR-US: IBM
CVE-2019-4436
	RESERVED
CVE-2019-4435
	RESERVED
CVE-2019-4434
	RESERVED
CVE-2019-4433 (IBM InfoSphere Global Name Management 5.0 and 6.0 and IBM InfoSphere I ...)
	NOT-FOR-US: IBM
CVE-2019-4432
	RESERVED
CVE-2019-4431 (IBM Rational Publishing Engine 6.0.6 and 6.0.6.1 is vulnerable to cros ...)
	NOT-FOR-US: IBM
CVE-2019-4430 (IBM Maximo Asset Management 7.6 could allow a remote attacker to trave ...)
	NOT-FOR-US: IBM
CVE-2019-4429 (IBM Maximo Asset Management 7.6.0 and 7.6.1 is vulnerable to cross-sit ...)
	NOT-FOR-US: IBM
CVE-2019-4428 (IBM Watson Assistant for IBM Cloud Pak for Data 1.0.0 through 1.3.0 is ...)
	NOT-FOR-US: IBM
CVE-2019-4427 (IBM Cloud CLI 0.6.0 through 0.16.1 windows installers are signed using ...)
	NOT-FOR-US: IBM
CVE-2019-4426 (The Case Builder component shipped with 18.0.0.1 through 19.0.0.2 and  ...)
	NOT-FOR-US: IBM
CVE-2019-4425 (IBM Business Automation Workflow 18.0.0.0, 18.0.0.1, and 18.0.0.2 coul ...)
	NOT-FOR-US: IBM
CVE-2019-4424 (IBM Business Automation Workflow 18.0.0.0, 18.0.0.1, 18.0.0.2, 19.0.0. ...)
	NOT-FOR-US: IBM
CVE-2019-4423 (IBM Sterling File Gateway 2.2.0.0 through 6.0.1.0 could allow a remote ...)
	NOT-FOR-US: IBM
CVE-2019-4422 (IBM Security Guardium 9.0, 9.5, and 10.6 are vulnerable to a privilege ...)
	NOT-FOR-US: IBM
CVE-2019-4421
	RESERVED
CVE-2019-4420 (IBM Intelligent Operations Center V5.1.0 through V5.2.0 could disclose ...)
	NOT-FOR-US: IBM
CVE-2019-4419 (IBM Intelligent Operations Center V5.1.0 through V5.2.0 is vulnerable  ...)
	NOT-FOR-US: IBM
CVE-2019-4418
	RESERVED
CVE-2019-4417
	RESERVED
CVE-2019-4416
	RESERVED
CVE-2019-4415 (IBM Cloud Private 3.1.1 and 3.1.2 could allow a local user to obtain e ...)
	NOT-FOR-US: IBM
CVE-2019-4414
	RESERVED
CVE-2019-4413
	RESERVED
CVE-2019-4412 (IBM Cognos Controller stores sensitive information in URL parameters.  ...)
	NOT-FOR-US: IBM
CVE-2019-4411 (IBM Cognos Controller 10.3.0, 10.3.1, 10.4.0, and 10.4.1 could allow a ...)
	NOT-FOR-US: IBM
CVE-2019-4410 (IBM Business Automation Workflow 18.0.0.0, 18.0.0.1, 18.0.0.2, and 19. ...)
	NOT-FOR-US: IBM
CVE-2019-4409 (HCL Traveler versions 9.x and earlier are susceptible to cross-site sc ...)
	NOT-FOR-US: HCL Traveler
CVE-2019-4408
	RESERVED
CVE-2019-4407
	RESERVED
CVE-2019-4406 (IBM Spectrum Protect Backup-Archive Client 7.1 and 8.1 may be vulnerab ...)
	NOT-FOR-US: IBM
CVE-2019-4405
	RESERVED
CVE-2019-4404
	RESERVED
CVE-2019-4403 (IBM Connections 6.0 is vulnerable to cross-site scripting. This vulner ...)
	NOT-FOR-US: IBM
CVE-2019-4402 (IBM API Connect 2018.1 through 2018.4.1.6 developer portal could allow ...)
	NOT-FOR-US: IBM
CVE-2019-4401
	RESERVED
CVE-2019-4400 (IBM Cloud Orchestrator 2.4 through 2.4.0.5 and 2.5 through 2.5.0.9 cou ...)
	NOT-FOR-US: IBM
CVE-2019-4399 (IBM Cloud Orchestrator 2.4 through 2.4.0.5 and 2.5 through 2.5.0.9 use ...)
	NOT-FOR-US: IBM
CVE-2019-4398 (IBM Cloud Orchestrator and IBM Cloud Orchestrator Enterprise 2.5 throu ...)
	NOT-FOR-US: IBM
CVE-2019-4397 (IBM Cloud Orchestrator and IBM Cloud Orchestrator Enterprise 2.5 throu ...)
	NOT-FOR-US: IBM
CVE-2019-4396 (IBM Cloud Orchestrator 2.4 through 2.4.0.5 and 2.5 through 2.5.0.9 is  ...)
	NOT-FOR-US: IBM
CVE-2019-4395 (IBM Cloud Orchestrator 2.4 through 2.4.0.5 and 2.5 through 2.5.0.9 cou ...)
	NOT-FOR-US: IBM
CVE-2019-4394 (IBM Cloud Orchestrator 2.4 through 2.4.0.5 and 2.5 through 2.5.0.9 con ...)
	NOT-FOR-US: IBM
CVE-2019-4393 (HCL AppScan Standard is vulnerable to excessive authorization attempts ...)
	NOT-FOR-US: HCL AppScan
CVE-2019-4392 (HCL AppScan Standard Edition 9.0.3.13 and earlier uses hard-coded cred ...)
	NOT-FOR-US: HCL AppScan
CVE-2019-4391 (HCL AppScan Standard is vulnerable to XML External Entity Injection (X ...)
	NOT-FOR-US: HCL AppScan
CVE-2019-4390
	RESERVED
CVE-2019-4389
	RESERVED
CVE-2019-4388 (HCL AppScan Source 9.0.3.13 and earlier is susceptible to cross-site s ...)
	NOT-FOR-US: HCL AppScan Source
CVE-2019-4387 (IBM Sterling B2B Integrator Standard Edition 6.0.0.0 through 6.0.2.0 i ...)
	NOT-FOR-US: IBM
CVE-2019-4386 (IBM DB2 for Linux, UNIX and Windows (includes DB2 Connect Server) 11.1 ...)
	NOT-FOR-US: IBM
CVE-2019-4385 (IBM Spectrum Protect Plus 10.1.2 may display the vSnap CIFS password i ...)
	NOT-FOR-US: IBM
CVE-2019-4384 (IBM Campaign 9.1.2 and 10.1 could allow a remote attacker to traverse  ...)
	NOT-FOR-US: IBM
CVE-2019-4383 (When using IBM Spectrum Protect Plus 10.1.0, 10.1.2, and 10.1.3 to pro ...)
	NOT-FOR-US: IBM
CVE-2019-4382 (IBM API Connect 5.0.0.0 through 5.0.8.6 could allow an unauthorized us ...)
	NOT-FOR-US: IBM
CVE-2019-4381 (IBM i 7.27.3 Clustering could allow a local attacker to obtain sensiti ...)
	NOT-FOR-US: IBM
CVE-2019-4380
	RESERVED
CVE-2019-4379
	RESERVED
CVE-2019-4378 (IBM MQ 7.5.0.0 - 7.5.0.9, 7.1.0.0 - 7.1.0.9, 8.0.0.0 - 8.0.0.12, 9.0.0 ...)
	NOT-FOR-US: IBM
CVE-2019-4377 (IBM Sterling B2B Integrator 6.0.0.0 and 6.0.0.1 reveals sensitive info ...)
	NOT-FOR-US: IBM
CVE-2019-4376
	RESERVED
CVE-2019-4375
	RESERVED
CVE-2019-4374
	RESERVED
CVE-2019-4373
	RESERVED
CVE-2019-4372
	RESERVED
CVE-2019-4371
	RESERVED
CVE-2019-4370
	RESERVED
CVE-2019-4369 (IBM BigFix Inventory v9 (SUA v9 / ILMT v9) discloses sensitive informa ...)
	NOT-FOR-US: IBM
CVE-2019-4368
	RESERVED
CVE-2019-4367
	RESERVED
CVE-2019-4366
	RESERVED
CVE-2019-4365
	RESERVED
CVE-2019-4364 (IBM Maximo Asset Management 7.6 is vulnerable to CSV injection, which  ...)
	NOT-FOR-US: IBM
CVE-2019-4363
	RESERVED
CVE-2019-4362
	RESERVED
CVE-2019-4361
	RESERVED
CVE-2019-4360
	RESERVED
CVE-2019-4359
	RESERVED
CVE-2019-4358
	RESERVED
CVE-2019-4357 (When using IBM Spectrum Protect Plus 10.1.0, 10.1.2, and 10.1.3 to pro ...)
	NOT-FOR-US: IBM
CVE-2019-4356
	RESERVED
CVE-2019-4355
	RESERVED
CVE-2019-4354
	RESERVED
CVE-2019-4353
	RESERVED
CVE-2019-4352
	RESERVED
CVE-2019-4351
	RESERVED
CVE-2019-4350
	RESERVED
CVE-2019-4349
	RESERVED
CVE-2019-4348
	RESERVED
CVE-2019-4347
	RESERVED
CVE-2019-4346
	RESERVED
CVE-2019-4345
	RESERVED
CVE-2019-4344
	RESERVED
CVE-2019-4343 (IBM Cognos Analytics 11.0 and 11.1 allows overly permissive cross-orig ...)
	NOT-FOR-US: IBM
CVE-2019-4342 (IBM Cognos Analytics 11.0 and 11.1 is vulnerable to cross-site scripti ...)
	NOT-FOR-US: IBM
CVE-2019-4341
	RESERVED
CVE-2019-4340 (IBM Security Guardium Big Data Intelligence 4.0 (SonarG) is vulnerable ...)
	NOT-FOR-US: IBM
CVE-2019-4339 (IBM Security Guardium Big Data Intelligence (SonarG) 4.0 uses weaker t ...)
	NOT-FOR-US: IBM
CVE-2019-4338 (IBM Security Guardium Big Data Intelligence 4.0 (SonarG) does not prop ...)
	NOT-FOR-US: IBM
CVE-2019-4337 (IBM Robotic Process Automation with Automation Anywhere 11 could allow ...)
	NOT-FOR-US: IBM
CVE-2019-4336 (IBM Robotic Process Automation with Automation Anywhere 11 uses an ina ...)
	NOT-FOR-US: IBM
CVE-2019-4335 (IBM Watson Studio Local 1.2.3 stores key files in the user's home dire ...)
	NOT-FOR-US: IBM
CVE-2019-4334 (IBM Cognos Analytics 11.0 and 11.1 could reveal sensitive information  ...)
	NOT-FOR-US: IBM
CVE-2019-4333
	RESERVED
CVE-2019-4332
	RESERVED
CVE-2019-4331
	RESERVED
CVE-2019-4330 (IBM Security Guardium Big Data Intelligence (SonarG) 4.0 does not set  ...)
	NOT-FOR-US: IBM
CVE-2019-4329 (IBM Security Guardium Big Data Intelligence (SonarG) 4.0 uses incomple ...)
	NOT-FOR-US: IBM
CVE-2019-4328
	RESERVED
CVE-2019-4327
	RESERVED
CVE-2019-4326
	RESERVED
CVE-2019-4325
	RESERVED
CVE-2019-4324
	RESERVED
CVE-2019-4323
	RESERVED
CVE-2019-4322 (IBM DB2 for Linux, UNIX and Windows (includes DB2 Connect Server) 9.7, ...)
	NOT-FOR-US: IBM
CVE-2019-4321 (IBM Intelligent Operations Center V5.1.0 - V5.2.0, IBM Intelligent Ope ...)
	NOT-FOR-US: IBM
CVE-2019-4320
	RESERVED
CVE-2019-4319
	RESERVED
CVE-2019-4318
	RESERVED
CVE-2019-4317
	RESERVED
CVE-2019-4316
	RESERVED
CVE-2019-4315
	RESERVED
CVE-2019-4314 (IBM Security Guardium Big Data Intelligence (SonarG) 4.0 stores sensit ...)
	NOT-FOR-US: IBM
CVE-2019-4313
	RESERVED
CVE-2019-4312
	RESERVED
CVE-2019-4311 (IBM Security Guardium Big Data Intelligence (SonarG) 4.0 discloses sen ...)
	NOT-FOR-US: IBM
CVE-2019-4310 (IBM Security Guardium Big Data Intelligence 4.0 (SonarG) uses an inade ...)
	NOT-FOR-US: IBM
CVE-2019-4309 (IBM Security Guardium Big Data Intelligence (SonarG) 4.0 uses hard cod ...)
	NOT-FOR-US: IBM
CVE-2019-4308 (IBM Emptoris Sourcing 10.1.0 through 10.1.3, IBM Contract Management 1 ...)
	NOT-FOR-US: IBM
CVE-2019-4307 (IBM Security Guardium Big Data Intelligence (SonarG) 4.0 stores user c ...)
	NOT-FOR-US: IBM
CVE-2019-4306 (IBM Security Guardium Big Data Intelligence (SonarG) 4.0 specifies per ...)
	NOT-FOR-US: IBM
CVE-2019-4305 (IBM WebSphere Application Server Liberty could allow a remote attacker ...)
	NOT-FOR-US: IBM
CVE-2019-4304 (IBM WebSphere Application Server - Liberty could allow a remote attack ...)
	NOT-FOR-US: IBM
CVE-2019-4303 (IBM Maximo Asset Management 7.6 is vulnerable to cross-site scripting. ...)
	NOT-FOR-US: IBM
CVE-2019-4302
	RESERVED
CVE-2019-4301 (BigFix Self-Service Application (SSA) is vulnerable to arbitrary code  ...)
	NOT-FOR-US: BigFix Self-Service Application
CVE-2019-4300
	RESERVED
CVE-2019-4299 (IBM Robotic Process Automation with Automation Anywhere 11 could allow ...)
	NOT-FOR-US: IBM
CVE-2019-4298 (IBM Robotic Process Automation with Automation Anywhere 11 uses a high ...)
	NOT-FOR-US: IBM
CVE-2019-4297 (IBM Robotic Process Automation with Automation Anywhere 11 could allow ...)
	NOT-FOR-US: IBM
CVE-2019-4296 (IBM Robotic Process Automation with Automation Anywhere 11 information ...)
	NOT-FOR-US: IBM
CVE-2019-4295 (IBM Robotic Process Automation with Automation Anywhere 11 could allow ...)
	NOT-FOR-US: IBM
CVE-2019-4294 (IBM DataPower Gateway 2018.4.1.0 through 2018.4.1.6, 7.6.0.0 through 7 ...)
	NOT-FOR-US: IBM
CVE-2019-4293 (IBM Storwize V7000 Unified (2073) 1.6 configuration may allow an attac ...)
	NOT-FOR-US: IBM
CVE-2019-4292 (IBM Security Guardium 10.5 could allow a remote attacker to upload arb ...)
	NOT-FOR-US: IBM
CVE-2019-4291
	RESERVED
CVE-2019-4290
	RESERVED
CVE-2019-4289
	RESERVED
CVE-2019-4288
	RESERVED
CVE-2019-4287
	RESERVED
CVE-2019-4286
	RESERVED
CVE-2019-4285 (IBM WebSphere Application Server - Liberty Admin Center could allow a  ...)
	NOT-FOR-US: IBM
CVE-2019-4284 (IBM Cloud Private 2.1.0 , 3.1.0, 3.1.1, and 3.1.2 could allow a local  ...)
	NOT-FOR-US: IBM
CVE-2019-4283
	RESERVED
CVE-2019-4282
	RESERVED
CVE-2019-4281
	RESERVED
CVE-2019-4280 (IBM Sterling File Gateway 2.2.0.0 through 6.0.1.0 displays sensitive i ...)
	NOT-FOR-US: IBM
CVE-2019-4279 (IBM WebSphere Application Server 8.5 and 9.0 could allow a remote atta ...)
	NOT-FOR-US: IBM
CVE-2019-4278
	RESERVED
CVE-2019-4277
	RESERVED
CVE-2019-4276
	RESERVED
CVE-2019-4275 (IBM Jazz for Service Management 1.1.3, 1.1.3.1, and 1.1.3.2 could allo ...)
	NOT-FOR-US: IBM
CVE-2019-4274
	RESERVED
CVE-2019-4273
	RESERVED
CVE-2019-4272
	RESERVED
CVE-2019-4271 (IBM WebSphere Application Server 7.0, 8.0, 8.5, and 9.0 Admin console  ...)
	NOT-FOR-US: IBM
CVE-2019-4270 (IBM WebSphere Application Server 7.0, 8.0, 8.5, and 9.0 Admin Console  ...)
	NOT-FOR-US: IBM
CVE-2019-4269 (IBM WebSphere Application Server 7.0, 8.0, 8.5, and 9.0 Admin Console  ...)
	NOT-FOR-US: IBM
CVE-2019-4268 (IBM WebSphere Application Server 7.0, 8.0, 8.5, and 9.0 could allow a  ...)
	NOT-FOR-US: IBM
CVE-2019-4267 (The IBM Spectrum Protect 7.1 and 8.1 Backup-Archive Client is vulnerab ...)
	NOT-FOR-US: IBM
CVE-2019-4266
	RESERVED
CVE-2019-4265 (IBM Maximo Anywhere 7.6.0, 7.6.1, 7.6.2, and 7.6.3 does not have devic ...)
	NOT-FOR-US: IBM
CVE-2019-4264 (IBM QRadar SIEM 7.2.8 WinCollect could allow an attacker to obtain sen ...)
	NOT-FOR-US: IBM
CVE-2019-4263 (IBM Content Navigator 3.0CD is vulnerable to local file inclusion, all ...)
	NOT-FOR-US: IBM
CVE-2019-4262 (IBM QRadar SIEM 7.2 and 7.3 is vulnerable to Server Side Request Forge ...)
	NOT-FOR-US: IBM
CVE-2019-4261 (IBM WebSphere MQ V7.1, 7.5, IBM MQ V8, IBM MQ V9.0LTS, IBM MQ V9.1 LTS ...)
	NOT-FOR-US: IBM
CVE-2019-4260 (IBM Daeja ViewONE Professional, Standard &amp; Virtual 5.0 through 5.0 ...)
	NOT-FOR-US: IBM
CVE-2019-4259 (A security vulnerability has been identified in IBM Spectrum Scale 4.1 ...)
	NOT-FOR-US: IBM
CVE-2019-4258 (IBM Sterling B2B Integrator 6.0.0.0 and 6.0.0.1 Standard Edition is vu ...)
	NOT-FOR-US: IBM
CVE-2019-4257 (IBM InfoSphere Information Server 11.5 and 11.7 is affected by an info ...)
	NOT-FOR-US: IBM
CVE-2019-4256 (IBM API Connect 5.0.0.0 through 5.0.8.6 uses weaker than expected cryp ...)
	NOT-FOR-US: IBM
CVE-2019-4255
	RESERVED
CVE-2019-4254
	RESERVED
CVE-2019-4253 (IBM Informix Dynamic Server Enterprise Edition 12.1 could allow a loca ...)
	NOT-FOR-US: IBM
CVE-2019-4252 (IBM Rational Collaborative Lifecycle Management 6.0 through 6.0.6.1 co ...)
	NOT-FOR-US: IBM
CVE-2019-4251
	RESERVED
CVE-2019-4250 (IBM Jazz Foundation products (IBM Rational Collaborative Lifecycle Man ...)
	NOT-FOR-US: IBM
CVE-2019-4249 (IBM Rational Collaborative Lifecycle Management 6.0 through 6.0.6.1 is ...)
	NOT-FOR-US: IBM
CVE-2019-4248
	RESERVED
CVE-2019-4247
	RESERVED
CVE-2019-4246 (IBM Daeja ViewONE Virtual 5.0 through 5.0.6 could expose internal para ...)
	NOT-FOR-US: IBM
CVE-2019-4245
	RESERVED
CVE-2019-4244 (IBM SmartCloud Analytics 1.3.1 through 1.3.5 could allow a remote atta ...)
	NOT-FOR-US: IBM
CVE-2019-4243 (IBM SmartCloud Analytics 1.3.1 through 1.3.5 allows unauthorized discl ...)
	NOT-FOR-US: IBM
CVE-2019-4242
	RESERVED
CVE-2019-4241 (IBM PureApplication System 2.2.3.0 through 2.2.5.3 could allow an auth ...)
	NOT-FOR-US: IBM
CVE-2019-4240
	RESERVED
CVE-2019-4239 (IBM MQ Advanced Cloud Pak (IBM Cloud Private 1.0.0 through 3.0.1) stor ...)
	NOT-FOR-US: IBM
CVE-2019-4238 (IBM InfoSphere Information Server 11.3, 11.5, and 11.7 is vulnerable t ...)
	NOT-FOR-US: IBM
CVE-2019-4237 (A Cross-Frame Scripting vulnerability in IBM InfoSphere Information Se ...)
	NOT-FOR-US: IBM
CVE-2019-4236 (A IBM Spectrum Protect 7.l client backup or archive operation running  ...)
	NOT-FOR-US: IBM
CVE-2019-4235 (IBM PureApplication System 2.2.3.0 through 2.2.5.3 does not require th ...)
	NOT-FOR-US: IBM
CVE-2019-4234 (IBM PureApplication System 2.2.3.0 through 2.2.5.3 weakness in the imp ...)
	NOT-FOR-US: IBM
CVE-2019-4233
	RESERVED
CVE-2019-4232
	RESERVED
CVE-2019-4231 (IBM Cognos Analytics 11.0 and 11.1 is vulnerable to cross-site request ...)
	NOT-FOR-US: IBM
CVE-2019-4230
	RESERVED
CVE-2019-4229
	RESERVED
CVE-2019-4228
	RESERVED
CVE-2019-4227 (IBM MQ 8.0.0.4 - 8.0.0.12, 9.0.0.0 - 9.0.0.6, 9.1.0.0 - 9.1.0.2, and 9 ...)
	NOT-FOR-US: IBM
CVE-2019-4226 (IBM Cloud Pak System 2.3 and 2.3.0.1 is vulnerable to cross-site scrip ...)
	NOT-FOR-US: IBM
CVE-2019-4225 (IBM PureApplication System 2.2.3.0 through 2.2.5.3 stores potentially  ...)
	NOT-FOR-US: IBM
CVE-2019-4224 (IBM PureApplication System 2.2.3.0 through 2.2.5.3 is vulnerable to SQ ...)
	NOT-FOR-US: IBM
CVE-2019-4223
	RESERVED
CVE-2019-4222 (IBM Sterling B2B Integrator Standard Edition 6.0.0.0 and 6.0.0.1 could ...)
	NOT-FOR-US: IBM
CVE-2019-4221
	RESERVED
CVE-2019-4220 (IBM InfoSphere Information Server 11.7.1.0 stores a common hard coded  ...)
	NOT-FOR-US: IBM
CVE-2019-4219 (IBM Security Information Queue (ISIQ) 1.0.0, 1.0.1, and 1.0.2 generate ...)
	NOT-FOR-US: IBM
CVE-2019-4218 (IBM Security Information Queue (ISIQ) 1.0.0, 1.0.1, and 1.0.2 allows w ...)
	NOT-FOR-US: IBM
CVE-2019-4217 (IBM Security Information Queue (ISIQ) 1.0.0, 1.0.1, and 1.0.2 could al ...)
	NOT-FOR-US: IBM
CVE-2019-4216 (IBM SmartCloud Analytics 1.3.1 through 1.3.5 is vulnerable to possible ...)
	NOT-FOR-US: IBM
CVE-2019-4215 (IBM SmartCloud Analytics 1.3.1 through 1.3.5 could allow a remote atta ...)
	NOT-FOR-US: IBM
CVE-2019-4214 (IBM SmartCloud Analytics 1.3.1 through 1.3.5 does not set the secure a ...)
	NOT-FOR-US: IBM
CVE-2019-4213
	RESERVED
CVE-2019-4212 (IBM QRadar SIEM 7.2 and 7.3 is vulnerable to cross-site request forger ...)
	NOT-FOR-US: IBM
CVE-2019-4211 (IBM QRadar SIEM 7.2 and 7.3 is vulnerable to cross-site scripting. Thi ...)
	NOT-FOR-US: IBM
CVE-2019-4210 (IBM QRadar SIEM 7.3.2 could allow a user to bypass authentication expo ...)
	NOT-FOR-US: IBM
CVE-2019-4209
	RESERVED
CVE-2019-4208 (IBM TRIRIGA Application Platform 3.5.3 and 3.6.0 is vulnerable to an X ...)
	NOT-FOR-US: IBM
CVE-2019-4207 (IBM TRIRIGA Application Platform 3.5.3 and 3.6.0 may disclose sensitiv ...)
	NOT-FOR-US: IBM
CVE-2019-4206
	RESERVED
CVE-2019-4205
	RESERVED
CVE-2019-4204 (IBM Business Automation Workflow 18.0.0.0, 18.0.0.1, 18.0.0.2, and 19. ...)
	NOT-FOR-US: IBM
CVE-2019-4203 (IBM API Connect 5.0.0.0 and 5.0.8.6 Developer Portal can be exploited  ...)
	NOT-FOR-US: IBM
CVE-2019-4202 (IBM API Connect 5.0.0.0 and 5.0.8.6 Developer Portal is vulnerable to  ...)
	NOT-FOR-US: IBM
CVE-2019-4201 (IBM Jazz for Service Management 1.1.3, 1.1.3.1, and 1.1.3.2 could allo ...)
	NOT-FOR-US: IBM
CVE-2019-4200
	RESERVED
CVE-2019-4199
	RESERVED
CVE-2019-4198
	RESERVED
CVE-2019-4197
	RESERVED
CVE-2019-4196
	RESERVED
CVE-2019-4195
	RESERVED
CVE-2019-4194 (IBM Jazz for Service Management 1.1.3, 1.1.3.1, and 1.1.3.2 is missing ...)
	NOT-FOR-US: IBM
CVE-2019-4193 (IBM Jazz for Service Management 1.1.3 and 1.1.3.2 stores sensitive inf ...)
	NOT-FOR-US: IBM
CVE-2019-4192
	RESERVED
CVE-2019-4191
	RESERVED
CVE-2019-4190
	RESERVED
CVE-2019-4189
	RESERVED
CVE-2019-4188
	RESERVED
CVE-2019-4187
	RESERVED
CVE-2019-4186 (IBM Jazz for Service Management 1.1.3 is vulnerable to HTTP header inj ...)
	NOT-FOR-US: IBM
CVE-2019-4185 (IBM InfoSphere Information Server 11.7.1 containers are vulnerable to  ...)
	NOT-FOR-US: IBM
CVE-2019-4184 (IBM Jazz Reporting Service 6.0 through 6.0.6.1 is vulnerable to cross- ...)
	NOT-FOR-US: IBM
CVE-2019-4183 (IBM Cognos Analytics 11.0, and 11.1 is vulnerable to a denial of servi ...)
	NOT-FOR-US: IBM
CVE-2019-4182
	RESERVED
CVE-2019-4181
	RESERVED
CVE-2019-4180
	RESERVED
CVE-2019-4179
	RESERVED
CVE-2019-4178 (IBM Cognos Analytics 11 could allow a remote attacker to traverse dire ...)
	NOT-FOR-US: IBM
CVE-2019-4177 (IBM Cognos Controller 10.2.0, 10.2.1, 10.3.0, 10.3.1, and 10.4.0 allow ...)
	NOT-FOR-US: IBM
CVE-2019-4176 (IBM Cognos Controller 10.2.0, 10.2.1, 10.3.0, 10.3.1, and 10.4.0 could ...)
	NOT-FOR-US: IBM
CVE-2019-4175 (IBM Cognos Controller 10.3.0, 10.3.1, 10.4.0, and 10.4.1 uses weaker t ...)
	NOT-FOR-US: IBM
CVE-2019-4174 (IBM Cognos Controller 10.2.0, 10.2.1, 10.3.0, 10.3.1, and 10.4.0 allow ...)
	NOT-FOR-US: IBM
CVE-2019-4173 (IBM Cognos Controller 10.2.0, 10.2.1, 10.3.0, 10.3.1, and 10.4.0 could ...)
	NOT-FOR-US: IBM
CVE-2019-4172
	RESERVED
CVE-2019-4171 (IBM Cognos Controller 10.3.0, 10.3.1, 10.4.0, and 10.4.1 does not set  ...)
	NOT-FOR-US: IBM
CVE-2019-4170
	RESERVED
CVE-2019-4169 (IBM Open Power Firmware OP910 and OP920 could allow access to BMC via  ...)
	NOT-FOR-US: IBM
CVE-2019-4168
	RESERVED
CVE-2019-4167 (IBM StoredIQ 7.6.0 is vulnerable to cross-site request forgery which c ...)
	NOT-FOR-US: IBM
CVE-2019-4166 (IBM StoredIQ 7.6 could allow a remote attacker to conduct phishing att ...)
	NOT-FOR-US: IBM
CVE-2019-4165 (IBM StoreIQ 7.6.0.0. through 7.6.0.18 could allow a remote attacker to ...)
	NOT-FOR-US: IBM
CVE-2019-4164
	RESERVED
CVE-2019-4163 (IBM StoreIQ 7.6.0.0. through 7.6.0.18 could allow an authenticated use ...)
	NOT-FOR-US: IBM
CVE-2019-4162 (IBM Security Information Queue (ISIQ) 1.0.0, 1.0.1, and 1.0.2 is missi ...)
	NOT-FOR-US: IBM
CVE-2019-4161 (IBM Security Information Queue (ISIQ) 1.0.0, 1.0.1, and 1.0.2 disclose ...)
	NOT-FOR-US: IBM
CVE-2019-4160
	RESERVED
CVE-2019-4159
	REJECTED
CVE-2019-4158 (IBM Security Access Manager 9.0.1 through 9.0.6 does not prove that a  ...)
	NOT-FOR-US: IBM
CVE-2019-4157 (IBM Security Access Manager 9.0.1 through 9.0.6 is vulnerable to cross ...)
	NOT-FOR-US: IBM
CVE-2019-4156 (IBM Security Access Manager 9.0.1 through 9.0.6 uses weaker than expec ...)
	NOT-FOR-US: IBM
CVE-2019-4155 (IBM API Connect's Developer Portal 2018.1 and 2018.4.1.3 is impacted b ...)
	NOT-FOR-US: IBM
CVE-2019-4154 (IBM DB2 for Linux, UNIX and Windows (includes DB2 Connect Server) 9.7, ...)
	NOT-FOR-US: IBM
CVE-2019-4153 (IBM Security Access Manager 9.0.1 through 9.0.6 could allow a remote a ...)
	NOT-FOR-US: IBM
CVE-2019-4152 (IBM Security Access Manager 9.0.1 through 9.0.6 does not invalidate se ...)
	NOT-FOR-US: IBM
CVE-2019-4151 (IBM Security Access Manager 9.0.1 through 9.0.6 uses weaker than expec ...)
	NOT-FOR-US: IBM
CVE-2019-4150 (IBM Security Access Manager 9.0.1 through 9.0.6 does not validate, or  ...)
	NOT-FOR-US: IBM
CVE-2019-4149 (IBM Business Automation Workflow V18.0.0.0 through V18.0.0.2 and IBM B ...)
	NOT-FOR-US: IBM
CVE-2019-4148 (IBM Sterling B2B Integrator Standard Edition 6.0.0.0 and 6.0.0.1 is vu ...)
	NOT-FOR-US: IBM
CVE-2019-4147 (IBM Sterling File Gateway 2.2.0.0 through 6.0.1.0 is vulnerable to SQL ...)
	NOT-FOR-US: IBM
CVE-2019-4146 (IBM Sterling B2B Integrator Standard Edition 6.0.0.0 and 6.0.0.1 could ...)
	NOT-FOR-US: IBM
CVE-2019-4145 (IBM Security Access Manager 9.0.1 through 9.0.6 could reveal highly se ...)
	NOT-FOR-US: IBM
CVE-2019-4144
	RESERVED
CVE-2019-4143 (The IBM Cloud Private Key Management Service (IBM Cloud Private 3.1.1  ...)
	NOT-FOR-US: IBM
CVE-2019-4142 (IBM Cloud Private 2.1.0, 3.1.0, 3.1.1, and 3.1.2 is vulnerable to cros ...)
	NOT-FOR-US: IBM
CVE-2019-4141 (IBM MQ 7.1.0.0 - 7.1.0.9, 7.5.0.0 - 7.5.0.9, 8.0.0.0 - 8.0.0.11, 9.0.0 ...)
	NOT-FOR-US: IBM
CVE-2019-4140 (IBM Tivoli Storage Manager Server (IBM Spectrum Protect 7.1 and 8.1) c ...)
	NOT-FOR-US: IBM
CVE-2019-4139 (IBM Cognos Analytics 11.0, 11.1.0, and 11.1.1 is vulnerable to cross-s ...)
	NOT-FOR-US: IBM
CVE-2019-4138 (IBM Tivoli Storage Productivity Center 5.2.13 through 5.3.0.1 could al ...)
	NOT-FOR-US: IBM
CVE-2019-4137 (IBM Tivoli Storage Productivity Center 5.2.13 through 5.3.0.1 is vulne ...)
	NOT-FOR-US: IBM
CVE-2019-4136 (IBM Cognos Controller 10.2.0, 10.2.1, 10.3.0, 10.3.1, and 10.4.0 is vu ...)
	NOT-FOR-US: IBM
CVE-2019-4135 (IBM Security Access Manager 9.0.1 through 9.0.6 is affected by a secur ...)
	NOT-FOR-US: IBM
CVE-2019-4134 (IBM Planning Analytics 2.0 is vulnerable to cross-site scripting. This ...)
	NOT-FOR-US: IBM
CVE-2019-4133 (IBM Cloud Automation Manager 3.1.2 could allow a malicious user on the ...)
	NOT-FOR-US: IBM
CVE-2019-4132 (IBM Cloud Automation Manager 3.1.2 could allow a user to be impropertl ...)
	NOT-FOR-US: IBM
CVE-2019-4131 (IBM Application Performance Management (IBM Monitoring 8.1.4) could al ...)
	NOT-FOR-US: IBM
CVE-2019-4130 (IBM Cloud Pak System 2.3 and 2.3.0.1 could allow a remote attacker to  ...)
	NOT-FOR-US: IBM
CVE-2019-4129 (IBM Spectrum Protect Operations Center 7.1 and 8.1 could allow a remot ...)
	NOT-FOR-US: IBM
CVE-2019-4128
	RESERVED
CVE-2019-4127
	RESERVED
CVE-2019-4126
	RESERVED
CVE-2019-4125
	RESERVED
CVE-2019-4124
	RESERVED
CVE-2019-4123
	RESERVED
CVE-2019-4122
	RESERVED
CVE-2019-4121
	RESERVED
CVE-2019-4120 (IBM Cloud Private 3.1.1 and 3.1.2 is vulnerable to cross-site scriptin ...)
	NOT-FOR-US: IBM
CVE-2019-4119 (IBM Cloud Private Kubernetes API server 2.1.0, 3.1.0, 3.1.1, and 3.1.2 ...)
	NOT-FOR-US: IBM
CVE-2019-4118 (IBM Multicloud Manager 3.1.0, 3.1.1, and 3.1.2 ibm-mcm-chart could all ...)
	NOT-FOR-US: IBM
CVE-2019-4117 (IBM Cloud Private 3.1.1 and 3.1.2 is vulnerable to cross-site request  ...)
	NOT-FOR-US: IBM
CVE-2019-4116 (IBM Cloud Private 2.1.0, 3.1.0, and 3.1.1 could disclose highly sensit ...)
	NOT-FOR-US: IBM
CVE-2019-4115 (IBM WebSphere eXtreme Scale 8.6 Admin API is vulnerable to cross-site  ...)
	NOT-FOR-US: IBM
CVE-2019-4114
	RESERVED
CVE-2019-4113
	RESERVED
CVE-2019-4112 (IBM WebSphere eXtreme Scale 8.6 Admin Console allows web pages to be s ...)
	NOT-FOR-US: IBM
CVE-2019-4111
	RESERVED
CVE-2019-4110
	RESERVED
CVE-2019-4109 (IBM WebSphere eXtreme Scale 8.6 Admin Console could allow a remote att ...)
	NOT-FOR-US: IBM
CVE-2019-4108
	RESERVED
CVE-2019-4107
	RESERVED
CVE-2019-4106 (IBM WebSphere eXtreme Scale 8.6 Admin Console is vulnerable to cross-s ...)
	NOT-FOR-US: IBM
CVE-2019-4105
	RESERVED
CVE-2019-4104
	RESERVED
CVE-2019-4103 (IBM Tivoli Netcool/Impact 7.1.0 allows for remote execution of command ...)
	NOT-FOR-US: IBM
CVE-2019-4102 (IBM DB2 for Linux, UNIX and Windows (includes DB2 Connect Server) 9.7, ...)
	NOT-FOR-US: IBM
CVE-2019-4101 (IBM DB2 for Linux, UNIX and Windows (includes DB2 Connect Server) 10.1 ...)
	NOT-FOR-US: IBM
CVE-2019-4100
	RESERVED
CVE-2019-4099
	RESERVED
CVE-2019-4098 (IBM Cloud Pak System 2.3 and 2.3.0.1 is vulnerable to cross-site scrip ...)
	NOT-FOR-US: IBM
CVE-2019-4097
	RESERVED
CVE-2019-4096
	RESERVED
CVE-2019-4095 (IBM Cloud Pak System 2.3 is vulnerable to cross-site request forgery w ...)
	NOT-FOR-US: IBM
CVE-2019-4094 (IBM DB2 for Linux, UNIX and Windows (includes DB2 Connect Server) 9.7, ...)
	NOT-FOR-US: IBM
CVE-2019-4093 (IBM Tivoli Storage Manager (IBM Spectrum Protect 8.1.7) could allow a  ...)
	NOT-FOR-US: IBM
CVE-2019-4092 (IBM Content Navigator 2.0.3 and 3.0CD could allow a remote attacker to ...)
	NOT-FOR-US: IBM
CVE-2019-4091
	RESERVED
CVE-2019-4090
	RESERVED
CVE-2019-4089
	RESERVED
CVE-2019-4088 (IBM Spectrum Protect Servers 7.1 and 8.1 and Storage Agents could allo ...)
	NOT-FOR-US: IBM
CVE-2019-4087 (IBM Spectrum Protect Servers 7.1 and 8.1 and Storage Agents are vulner ...)
	NOT-FOR-US: IBM
CVE-2019-4086 (IBM Cloud Application Performance Management 8.1.4 could allow a remot ...)
	NOT-FOR-US: IBM
CVE-2019-4085
	RESERVED
CVE-2019-4084 (IBM Jazz Foundation products (IBM Rational Collaborative Lifecycle Man ...)
	NOT-FOR-US: IBM
CVE-2019-4083 (IBM Jazz Foundation products (IBM Rational Collaborative Lifecycle Man ...)
	NOT-FOR-US: IBM
CVE-2019-4082
	RESERVED
CVE-2019-4081
	RESERVED
CVE-2019-4080 (IBM WebSphere Application Server Admin Console 7.5, 8.0, 8.5, and 9.0  ...)
	NOT-FOR-US: IBM
CVE-2019-4079
	RESERVED
CVE-2019-4078 (IBM WebSphere MQ 8.0.0.0 through 8.0.0.9 and 9.0.0.0 through 9.1.1 cou ...)
	NOT-FOR-US: IBM
CVE-2019-4077 (IBM Sterling B2B Integrator Standard Edition 6.0.0.0 and 6.0.0.1 is vu ...)
	NOT-FOR-US: IBM
CVE-2019-4076 (IBM Sterling B2B Integrator Standard Edition 6.0.0.0 and 6.0.0.1 is vu ...)
	NOT-FOR-US: IBM
CVE-2019-4075 (IBM Sterling B2B Integrator Standard Edition 6.0.0.0 and 6.0.0.1 is vu ...)
	NOT-FOR-US: IBM
CVE-2019-4074 (IBM Sterling B2B Integrator Standard Edition 6.0.0.0 and 6.0.0.1 is vu ...)
	NOT-FOR-US: IBM
CVE-2019-4073 (IBM Sterling B2B Integrator Standard Edition 6.0.0.0 and 6.0.0.1 is vu ...)
	NOT-FOR-US: IBM
CVE-2019-4072 (IBM Tivoli Storage Productivity Center (IBM Spectrum Control Standard  ...)
	NOT-FOR-US: IBM
CVE-2019-4071 (IBM Tivoli Storage Productivity Center (IBM Spectrum Control Standard  ...)
	NOT-FOR-US: IBM
CVE-2019-4070 (IBM Intelligent Operations Center (IOC) 5.1.0 through 5.2.0 is vulnera ...)
	NOT-FOR-US: IBM
CVE-2019-4069 (IBM Intelligent Operations Center (IOC) 5.1.0 through 5.2.0 does not p ...)
	NOT-FOR-US: IBM
CVE-2019-4068 (IBM Intelligent Operations Center (IOC) 5.1.0 through 5.2.0 is vulnera ...)
	NOT-FOR-US: IBM
CVE-2019-4067 (IBM Intelligent Operations Center (IOC) 5.1.0 through 5.2.0 does not r ...)
	NOT-FOR-US: IBM
CVE-2019-4066 (IBM Intelligent Operations Center (IOC) 5.1.0 through 5.2.0 could allo ...)
	NOT-FOR-US: IBM
CVE-2019-4065
	RESERVED
CVE-2019-4064
	RESERVED
CVE-2019-4063 (IBM Sterling B2B Integrator 5.2.0.1 through 6.0.0.0 Standard Edition c ...)
	NOT-FOR-US: IBM
CVE-2019-4062 (IBM i2 Intelligent Analyis Platform 9.0.0 through 9.1.1 is vulnerable  ...)
	NOT-FOR-US: IBM
CVE-2019-4061 (IBM BigFix Platform 9.2 and 9.5 could allow an attacker to query the r ...)
	NOT-FOR-US: IBM
CVE-2019-4060
	RESERVED
CVE-2019-4059 (IBM Rational ClearCase 1.0.0.0 GIT connector does not sufficiently pro ...)
	NOT-FOR-US: IBM
CVE-2019-4058 (IBM BigFix Platform 9.2 and 9.5 could allow a low-privilege user to ma ...)
	NOT-FOR-US: IBM
CVE-2019-4057 (IBM DB2 for Linux, UNIX and Windows (includes DB2 Connect Server) 9.7, ...)
	NOT-FOR-US: IBM
CVE-2019-4056 (IBM Maximo Asset Management 7.6 Work Centers' application does not val ...)
	NOT-FOR-US: IBM Maximo Asset Management
CVE-2019-4055 (IBM MQ 8.0.0.0 through 8.0.0.10, 9.0.0.0 through 9.0.0.5, and 9.1.0.0  ...)
	NOT-FOR-US: IBM
CVE-2019-4054 (IBM QRadar SIEM 7.2 and 7.3 could allow a local user to obtain sensiti ...)
	NOT-FOR-US: IBM
CVE-2019-4053
	RESERVED
CVE-2019-4052 (IBM API Connect 2018.1 and 2018.4.1.2 apis can be leveraged by unauthe ...)
	NOT-FOR-US: IBM
CVE-2019-4051 (Some URIs in IBM API Connect 2018.1 and 2018.4.1.3 disclose system spe ...)
	NOT-FOR-US: IBM
CVE-2019-4050
	RESERVED
CVE-2019-4049 (IBM MQ 9.1.0.0, 9.1.0.1, 9.1.1, and 9.1.0.2 is vulnerable to a denial  ...)
	NOT-FOR-US: IBM
CVE-2019-4048 (IBM Maximo Asset Management 7.6 could allow a physical user of the sys ...)
	NOT-FOR-US: IBM Maximo Asset Management
CVE-2019-4047 (IBM Jazz Reporting Service (JRS) 6.0.6 could allow an authenticated us ...)
	NOT-FOR-US: IBM
CVE-2019-4046 (IBM WebSphere Application Server 7.0, 8.0, 8.5, and 9.0 is vulnerable  ...)
	NOT-FOR-US: IBM
CVE-2019-4045 (IBM Business Automation Workflow and IBM Business Process Manager 18.0 ...)
	NOT-FOR-US: IBM
CVE-2019-4044
	RESERVED
CVE-2019-4043 (IBM Sterling B2B Integrator Standard Edition 5.2.0 snf 6.0.0.0 is vuln ...)
	NOT-FOR-US: IBM
CVE-2019-4042
	RESERVED
CVE-2019-4041
	RESERVED
CVE-2019-4040 (IBM I 7.2 and 7.3 is vulnerable to cross-site scripting. This vulnerab ...)
	NOT-FOR-US: IBM
CVE-2019-4039 (IBM WebSphere MQ 8.0.0.0 through 8.0.0.9 and 9.0.0.0 through 9.1.1 cou ...)
	NOT-FOR-US: IBM
CVE-2019-4038 (IBM Security Identity Manager 6.0 and 7.0 could allow an attacker to c ...)
	NOT-FOR-US: IBM
CVE-2019-4037
	RESERVED
CVE-2019-4036 (IBM Security Access Manager Appliance could allow unauthenticated atta ...)
	NOT-FOR-US: IBM
CVE-2019-4035 (IBM Content Navigator 3.0CD could allow attackers to direct web traffi ...)
	NOT-FOR-US: IBM
CVE-2019-4034 (IBM Content Navigator 3.0CD is could allow an attacker to execute arbi ...)
	NOT-FOR-US: IBM
CVE-2019-4033 (IBM Content Navigator 2.0.3 and 3.0CD is vulnerable to cross-site scri ...)
	NOT-FOR-US: IBM
CVE-2019-4032 (IBM Financial Transaction Manager for Digital Payments for Multi-Platf ...)
	NOT-FOR-US: IBM
CVE-2019-4031 (IBM Workload Scheduler Distributed 9.2, 9.3, 9.4, and 9.5 contains a v ...)
	NOT-FOR-US: IBM
CVE-2019-4030 (IBM WebSphere Application Server 8.5 and 9.0 is vulnerable to cross-si ...)
	NOT-FOR-US: IBM
CVE-2019-4029 (IBM Sterling B2B Integrator 5.2.0.1 through 6.0.0.0 is vulnerable to c ...)
	NOT-FOR-US: IBM
CVE-2019-4028 (IBM Sterling B2B Integrator 5.2.0.1 through 6.0.0.0 is vulnerable to c ...)
	NOT-FOR-US: IBM
CVE-2019-4027 (IBM Sterling B2B Integrator 5.2.0.1 through 6.0.0.0 is vulnerable to c ...)
	NOT-FOR-US: IBM
CVE-2019-4026
	RESERVED
CVE-2019-4025
	RESERVED
CVE-2019-4024
	RESERVED
CVE-2019-4023
	RESERVED
CVE-2019-4022
	RESERVED
CVE-2019-4021
	RESERVED
CVE-2019-4020
	RESERVED
CVE-2019-4019
	RESERVED
CVE-2019-4018
	RESERVED
CVE-2019-4017
	RESERVED
CVE-2019-4016 (IBM DB2 for Linux, UNIX and Windows (includes DB2 Connect Server) 9.7, ...)
	NOT-FOR-US: IBM
CVE-2019-4015 (IBM DB2 for Linux, UNIX and Windows (includes DB2 Connect Server) 9.7, ...)
	NOT-FOR-US: IBM
CVE-2019-4014 (IBM DB2 for Linux, UNIX and Windows (includes DB2 Connect Server) 9.7, ...)
	NOT-FOR-US: IBM
CVE-2019-4013 (IBM BigFix Platform 9.5 could allow any authenticated user to upload a ...)
	NOT-FOR-US: IBM
CVE-2019-4012 (IBM BigFix WebUI Profile Management 6 and Software Distribution 23 is  ...)
	NOT-FOR-US: IBM
CVE-2019-4011 (IBM BigFix Platform 9.2 and 9.5 is vulnerable to cross-site scripting. ...)
	NOT-FOR-US: IBM
CVE-2019-4010
	RESERVED
CVE-2019-4009
	RESERVED
CVE-2019-4008 (API Connect V2018.1 through 2018.4.1.1 is impacted by access token lea ...)
	NOT-FOR-US: IBM
CVE-2019-4007
	RESERVED
CVE-2019-4006
	RESERVED
CVE-2019-4005
	RESERVED
CVE-2019-4004
	RESERVED
CVE-2019-4003
	RESERVED
CVE-2019-4002
	RESERVED
CVE-2019-4001 (Improper input validation in Druva inSync Client 6.5.0 allows a local, ...)
	NOT-FOR-US: Druva inSync Client
CVE-2019-4000 (Improper neutralization of directives in dynamically evaluated code in ...)
	NOT-FOR-US: Druva inSync Mac OS Client
CVE-2019-3999 (Improper neutralization of special elements used in an OS command in D ...)
	NOT-FOR-US: Druva inSync Windows Client
CVE-2019-3998 (Authentication bypass using an alternate path or channel in SimpliSafe ...)
	NOT-FOR-US: SimpliSafe SS3 firmware
CVE-2019-3997 (Authentication bypass using an alternate path or channel in SimpliSafe ...)
	NOT-FOR-US: SimpliSafe SS3 firmware
CVE-2019-3996 (ELOG 3.1.4-57bea22 and below can be used as an HTTP GET request proxy  ...)
	NOT-FOR-US: Electronic Logbook (ELOG)
CVE-2019-3995 (ELOG 3.1.4-57bea22 and below is affected by a denial of service vulner ...)
	NOT-FOR-US: Electronic Logbook (ELOG)
CVE-2019-3994 (ELOG 3.1.4-57bea22 and below is affected by a denial of service vulner ...)
	NOT-FOR-US: Electronic Logbook (ELOG)
CVE-2019-3993 (ELOG 3.1.4-57bea22 and below is affected by an information disclosure  ...)
	NOT-FOR-US: Electronic Logbook (ELOG)
CVE-2019-3992 (ELOG 3.1.4-57bea22 and below is affected by an information disclosure  ...)
	NOT-FOR-US: Electronic Logbook (ELOG)
CVE-2019-3991
	RESERVED
CVE-2019-3990 (A User Enumeration flaw exists in Harbor. The issue is present in the  ...)
	NOT-FOR-US: Harbor
CVE-2019-3989 (Blink XT2 Sync Module firmware prior to 2.13.11 allows remote attacker ...)
	NOT-FOR-US: Blink XT2
CVE-2019-3988 (Blink XT2 Sync Module firmware prior to 2.13.11 allows remote attacker ...)
	NOT-FOR-US: Blink XT2
CVE-2019-3987 (Blink XT2 Sync Module firmware prior to 2.13.11 allows remote attacker ...)
	NOT-FOR-US: Blink XT2
CVE-2019-3986 (Blink XT2 Sync Module firmware prior to 2.13.11 allows remote attacker ...)
	NOT-FOR-US: Blink XT2
CVE-2019-3985 (Blink XT2 Sync Module firmware prior to 2.13.11 allows remote attacker ...)
	NOT-FOR-US: Blink XT2
CVE-2019-3984 (Blink XT2 Sync Module firmware prior to 2.13.11 allows remote attacker ...)
	NOT-FOR-US: Blink XT2 Sync Module firmware
CVE-2019-3983 (Blink XT2 Sync Module firmware prior to 2.13.11 allows remote attacker ...)
	NOT-FOR-US: Blink XT2
CVE-2019-3982 (Nessus versions 8.6.0 and earlier were found to contain a Denial of Se ...)
	NOT-FOR-US: Nessus
CVE-2019-3981 (MikroTik Winbox 3.20 and below is vulnerable to man in the middle atta ...)
	NOT-FOR-US: MikroTik Winbox
CVE-2019-3980 (The Solarwinds Dameware Mini Remote Client agent v12.1.0.89 supports s ...)
	NOT-FOR-US: Solarwinds
CVE-2019-3979 (RouterOS versions 6.45.6 Stable, 6.44.5 Long-term, and below are vulne ...)
	NOT-FOR-US: RouterOS
CVE-2019-3978 (RouterOS versions 6.45.6 Stable, 6.44.5 Long-term, and below allow rem ...)
	NOT-FOR-US: RouterOS
CVE-2019-3977 (RouterOS 6.45.6 Stable, RouterOS 6.44.5 Long-term, and below insuffici ...)
	NOT-FOR-US: RouterOS
CVE-2019-3976 (RouterOS 6.45.6 Stable, RouterOS 6.44.5 Long-term, and below are vulne ...)
	NOT-FOR-US: RouterOS
CVE-2019-3975 (Stack-based buffer overflow in Advantech WebAccess/SCADA 8.4.1 allows  ...)
	NOT-FOR-US: Advantech WebAccess/SCADA
CVE-2019-3974 (Nessus 8.5.2 and earlier on Windows platforms were found to contain an ...)
	NOT-FOR-US: Nessus
CVE-2019-3973 (Comodo Antivirus versions 11.0.0.6582 and below are vulnerable to Deni ...)
	NOT-FOR-US: Comodo Antivirus
CVE-2019-3972 (Comodo Antivirus versions 12.0.0.6810 and below are vulnerable to Deni ...)
	NOT-FOR-US: Comodo Antivirus
CVE-2019-3971 (Comodo Antivirus versions up to 12.0.0.6810 are vulnerable to a local  ...)
	NOT-FOR-US: Comodo Antivirus
CVE-2019-3970 (Comodo Antivirus versions up to 12.0.0.6810 are vulnerable to Arbitrar ...)
	NOT-FOR-US: Comodo Antivirus
CVE-2019-3969 (Comodo Antivirus versions up to 12.0.0.6810 are vulnerable to Local Pr ...)
	NOT-FOR-US: Comodo Antivirus
CVE-2019-3968 (In OpenEMR 5.0.1 and earlier, an authenticated attacker can execute ar ...)
	NOT-FOR-US: OpenEMR
CVE-2019-3967 (In OpenEMR 5.0.1 and earlier, the patient file download interface cont ...)
	NOT-FOR-US: OpenEMR
CVE-2019-3966 (In OpenEMR 5.0.1 and earlier, controller.php contains a reflected XSS  ...)
	NOT-FOR-US: OpenEMR
CVE-2019-3965 (In OpenEMR 5.0.1 and earlier, controller.php contains a reflected XSS  ...)
	NOT-FOR-US: OpenEMR
CVE-2019-3964 (In OpenEMR 5.0.1 and earlier, controller.php contains a reflected XSS  ...)
	NOT-FOR-US: OpenEMR
CVE-2019-3963 (In OpenEMR 5.0.1 and earlier, controller.php contains a reflected XSS  ...)
	NOT-FOR-US: OpenEMR
CVE-2019-3962 (Content Injection vulnerability in Tenable Nessus prior to 8.5.0 may a ...)
	NOT-FOR-US: Nessus
CVE-2019-3961 (Nessus versions 8.4.0 and earlier were found to contain a reflected XS ...)
	NOT-FOR-US: Nessus
CVE-2019-3960 (Unrestricted upload of file with dangerous type in WallacePOS 1.4.3 al ...)
	NOT-FOR-US: WallacePOS
CVE-2019-3959 (Cross-site request forgery in WallacePOS 1.4.3 allows a remote attacke ...)
	NOT-FOR-US: WallacePOS
CVE-2019-3958 (Insufficient output sanitization in WallacePOS 1.4.3 allows a remote,  ...)
	NOT-FOR-US: WallacePOS
CVE-2019-3957 (Dameware Remote Mini Control version 12.1.0.34 and prior contains an u ...)
	NOT-FOR-US: Dameware Remote Mini Control
CVE-2019-3956 (Dameware Remote Mini Control version 12.1.0.34 and prior contains an u ...)
	NOT-FOR-US: Dameware Remote Mini Control
CVE-2019-3955 (Dameware Remote Mini Control version 12.1.0.34 and prior contains a un ...)
	NOT-FOR-US: Dameware Remote Mini Control
CVE-2019-3954 (Stack-based buffer overflow in Advantech WebAccess/SCADA 8.4.0 allows  ...)
	NOT-FOR-US: Advantech WebAccess/SCADA
CVE-2019-3953 (Stack-based buffer overflow in Advantech WebAccess/SCADA 8.4.0 allows  ...)
	NOT-FOR-US: Advantech WebAccess/SCADA
CVE-2019-3952
	RESERVED
CVE-2019-3951 (Advantech WebAccess before 8.4.3 allows unauthenticated remote attacke ...)
	NOT-FOR-US: Advantech WebAccess
CVE-2019-3950 (Arlo Basestation firmware 1.12.0.1_27940 and prior contain a hardcoded ...)
	NOT-FOR-US: Arlo Basestation firmware
CVE-2019-3949 (Arlo Basestation firmware 1.12.0.1_27940 and prior firmware contain a  ...)
	NOT-FOR-US: Arlo Basestation firmware
CVE-2019-3948 (The Amcrest IP2M-841B V2.520.AC00.18.R, Dahua IPC-XXBXX V2.622.0000000 ...)
	NOT-FOR-US: Amcrest IP2M-841B IP camera firmware
CVE-2019-3947 (Fuji Electric V-Server before 6.0.33.0 stores database credentials in  ...)
	NOT-FOR-US: Fuji Electric V-Server
CVE-2019-3946 (Fuji Electric V-Server before 6.0.33.0 is vulnerable to denial of serv ...)
	NOT-FOR-US: Fuji Electric V-Server
CVE-2019-3945 (Web server running on Parrot ANAFI can be crashed due to the SDK comma ...)
	NOT-FOR-US: Parrot ANAFI
CVE-2019-3944 (Parrot ANAFI is vulnerable to Wi-Fi deauthentication attack, allowing  ...)
	NOT-FOR-US: Parrot ANAFI
CVE-2019-3943 (MikroTik RouterOS versions Stable 6.43.12 and below, Long-term 6.42.12 ...)
	NOT-FOR-US: MikroTik
CVE-2019-3942 (Advantech WebAccess 8.3.4 does not properly restrict an RPC call that  ...)
	NOT-FOR-US: Advantech WebAccess
CVE-2019-3941 (Advantech WebAccess 8.3.4 allows unauthenticated, remote attackers to  ...)
	NOT-FOR-US: Advantech WebAccess
CVE-2019-3940 (Advantech WebAccess 8.3.4 is vulnerable to file upload attacks via una ...)
	NOT-FOR-US: Advantech WebAccess
CVE-2019-3939 (Crestron AM-100 with firmware 1.6.0.2 and AM-101 with firmware 2.7.0.2 ...)
	NOT-FOR-US: Crestron AM-100
CVE-2019-3938 (Crestron AM-100 with firmware 1.6.0.2 and AM-101 with firmware 2.7.0.2 ...)
	NOT-FOR-US: Crestron AM-100
CVE-2019-3937 (Crestron AM-100 with firmware 1.6.0.2 and AM-101 with firmware 2.7.0.2 ...)
	NOT-FOR-US: Crestron AM-100
CVE-2019-3936 (Crestron AM-100 with firmware 1.6.0.2 and AM-101 with firmware 2.7.0.2 ...)
	NOT-FOR-US: Crestron AM-100
CVE-2019-3935 (Crestron AM-100 with firmware 1.6.0.2 and AM-101 with firmware 2.7.0.2 ...)
	NOT-FOR-US: Crestron AM-100
CVE-2019-3934 (Crestron AM-100 with firmware 1.6.0.2 and AM-101 with firmware 2.7.0.2 ...)
	NOT-FOR-US: Crestron AM-100
CVE-2019-3933 (Crestron AM-100 with firmware 1.6.0.2 and AM-101 with firmware 2.7.0.2 ...)
	NOT-FOR-US: Crestron AM-100
CVE-2019-3932 (Crestron AM-100 with firmware 1.6.0.2 and AM-101 with firmware 2.7.0.2 ...)
	NOT-FOR-US: Crestron AM-100
CVE-2019-3931 (Crestron AM-100 with firmware 1.6.0.2 and AM-101 with firmware 2.7.0.2 ...)
	NOT-FOR-US: Crestron AM-100
CVE-2019-3930 (The Crestron AM-100 firmware 1.6.0.2, Crestron AM-101 firmware 2.7.0.1 ...)
	NOT-FOR-US: Crestron AM-100
CVE-2019-3929 (The Crestron AM-100 firmware 1.6.0.2, Crestron AM-101 firmware 2.7.0.1 ...)
	NOT-FOR-US: Crestron AM-100
CVE-2019-3928 (Crestron AM-100 with firmware 1.6.0.2 and AM-101 with firmware 2.7.0.2 ...)
	NOT-FOR-US: Crestron AM-100
CVE-2019-3927 (Crestron AM-100 with firmware 1.6.0.2 and AM-101 with firmware 2.7.0.2 ...)
	NOT-FOR-US: Crestron AM-100
CVE-2019-3926 (Crestron AM-100 with firmware 1.6.0.2 and AM-101 with firmware 2.7.0.2 ...)
	NOT-FOR-US: Crestron AM-100
CVE-2019-3925 (Crestron AM-100 with firmware 1.6.0.2 and AM-101 with firmware 2.7.0.2 ...)
	NOT-FOR-US: Crestron AM-100
CVE-2019-3924 (MikroTik RouterOS before 6.43.12 (stable) and 6.42.12 (long-term) is v ...)
	NOT-FOR-US: MikroTik
CVE-2019-3923 (Nessus versions 8.2.1 and earlier were found to contain a stored XSS v ...)
	NOT-FOR-US: Nessus
CVE-2019-3922 (The Alcatel Lucent I-240W-Q GPON ONT using firmware version 3FE54567BO ...)
	NOT-FOR-US: Alcatel Lucent
CVE-2019-3921 (The Alcatel Lucent I-240W-Q GPON ONT using firmware version 3FE54567BO ...)
	NOT-FOR-US: Alcatel Lucent
CVE-2019-3920 (The Alcatel Lucent I-240W-Q GPON ONT using firmware version 3FE54567BO ...)
	NOT-FOR-US: Alcatel Lucent
CVE-2019-3919 (The Alcatel Lucent I-240W-Q GPON ONT using firmware version 3FE54567BO ...)
	NOT-FOR-US: Alcatel Lucent
CVE-2019-3918 (The Alcatel Lucent I-240W-Q GPON ONT using firmware version 3FE54567BO ...)
	NOT-FOR-US: Alcatel Lucent
CVE-2019-3917 (The Alcatel Lucent I-240W-Q GPON ONT using firmware version 3FE54567BO ...)
	NOT-FOR-US: Alcatel Lucent
CVE-2019-3916 (Information disclosure vulnerability in Verizon Fios Quantum Gateway ( ...)
	NOT-FOR-US: Verizon
CVE-2019-3915 (Authentication Bypass by Capture-replay vulnerability in Verizon Fios  ...)
	NOT-FOR-US: Verizon
CVE-2019-3914 (Remote command injection vulnerability in Verizon Fios Quantum Gateway ...)
	NOT-FOR-US: Verizon
CVE-2019-3913 (Command manipulation in LabKey Server Community Edition before 18.3.0- ...)
	NOT-FOR-US: LabKey Server
CVE-2019-3912 (An open redirect vulnerability in LabKey Server Community Edition befo ...)
	NOT-FOR-US: LabKey Server
CVE-2019-3911 (Reflected cross-site scripting (XSS) vulnerability in LabKey Server Co ...)
	NOT-FOR-US: LabKey Server
CVE-2019-3910 (Crestron AM-100 before firmware version 1.6.0.2 contains an authentica ...)
	NOT-FOR-US: Creston
CVE-2019-3909 (Premisys Identicard version 3.1.190 database uses default credentials. ...)
	NOT-FOR-US: Premisys Identicard
CVE-2019-3908 (Premisys Identicard version 3.1.190 stores backup files as encrypted z ...)
	NOT-FOR-US: Premisys Identicard
CVE-2019-3907 (Premisys Identicard version 3.1.190 stores user credentials and other  ...)
	NOT-FOR-US: Premisys Identicard
CVE-2019-3906 (Premisys Identicard version 3.1.190 contains hardcoded credentials in  ...)
	NOT-FOR-US: Premisys Identicard
CVE-2019-3905 (Zoho ManageEngine ADSelfService Plus 5.x before build 5703 has SSRF. ...)
	NOT-FOR-US: Zoho ManageEngine ADSelfService Plus
CVE-2019-3904
	RESERVED
CVE-2019-3903
	RESERVED
CVE-2019-3902 (A flaw was found in Mercurial before 4.9. It was possible to use symli ...)
	{DLA-1764-1}
	- mercurial 4.9-1 (bug #927674)
	[buster] - mercurial 4.8.2-1+deb10u1
	NOTE: https://www.mercurial-scm.org/wiki/WhatsNew#Mercurial_4.9_.282019-02-01.29
	NOTE: https://www.mercurial-scm.org/repo/hg/rev/6c10eba6b9cd
	NOTE: https://www.mercurial-scm.org/repo/hg/rev/31286c9282df
	NOTE: https://www.mercurial-scm.org/repo/hg/rev/83377b4b4ae0
CVE-2019-3901 (A race condition in perf_event_open() allows local attackers to leak s ...)
	{DLA-1799-1}
	- linux 4.6.1-1
	NOTE: https://bugs.chromium.org/p/project-zero/issues/detail?id=807
	NOTE: Fixed by: https://git.kernel.org/linus/79c9ce57eb2d5f1497546a3946b4ae21b6fdc438
CVE-2019-3900 (An infinite loop issue was found in the vhost_net kernel module in Lin ...)
	{DSA-4497-1 DLA-1885-1 DLA-1884-1}
	- linux 5.2.6-1
	[buster] - linux 4.19.67-1
CVE-2019-3899 (It was found that default configuration of Heketi does not require any ...)
	- heketi <itp> (bug #903384)
CVE-2019-3898
	RESERVED
CVE-2019-3897
	RESERVED
	NOT-FOR-US: redhat-certification
CVE-2019-3896 (A double-free can happen in idr_remove_all() in lib/idr.c in the Linux ...)
	- linux 3.2.41-1
	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1694812
CVE-2019-3895 (An access-control flaw was found in the Octavia service when the cloud ...)
	- octavia <not-affected> (Fixed before initial upload to the archive)
	NOTE: https://bugs.launchpad.net/octavia/+bug/1620629
	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1694608
CVE-2019-3894 (It was discovered that the ElytronManagedThread in Wildfly's Elytron s ...)
	- wildfly <itp> (bug #752018)
CVE-2019-3893 (In Foreman it was discovered that the delete compute resource operatio ...)
	- foreman <itp> (bug #663101)
CVE-2019-3892
	REJECTED
CVE-2019-3891 (It was discovered that a world-readable log file belonging to Candlepi ...)
	NOT-FOR-US: Candlepin
CVE-2019-3890 (It was discovered evolution-ews before 3.31.3 does not check the valid ...)
	[experimental] - evolution-ews 3.31.90-1
	- evolution-ews 3.30.5-1.1 (bug #926712)
	[stretch] - evolution-ews <no-dsa> (Minor issue)
	[jessie] - evolution-ews <no-dsa> (Minor issue)
	NOTE: https://gitlab.gnome.org/GNOME/evolution-ews/issues/27
	NOTE: https://gitlab.gnome.org/GNOME/evolution-ews/issues/36
	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1678313
	NOTE: https://gitlab.gnome.org/GNOME/evolution-ews/commit/915226eca9454b8b3e5adb6f2fff9698451778de
	NOTE: Depends on evolution-data-server patch: https://gitlab.gnome.org/GNOME/evolution-data-server/commit/6672b8236139bd6ef41ecb915f4c72e2a052dba5
CVE-2019-3889 (A reflected XSS vulnerability exists in authorization flow of OpenShif ...)
	NOT-FOR-US: OpenShift
CVE-2019-3888 (A vulnerability was found in Undertow web server before 2.0.21. An inf ...)
	- undertow 2.0.23-1 (bug #930349)
	NOTE: https://github.com/undertow-io/undertow/pull/736
CVE-2019-3887 (A flaw was found in the way KVM hypervisor handled x2APIC Machine Spec ...)
	- linux 4.19.37-1
	[stretch] - linux <not-affected> (Vulnerability introduced later)
	[jessie] - linux <not-affected> (Vulnerability introduced later)
	NOTE: Fixed by: https://git.kernel.org/linus/acff78477b9b4f26ecdf65733a4ed77fe837e9dc
	NOTE: Fixed by: https://git.kernel.org/linus/c73f4c998e1fd4249b9edfa39e23f4fda2b9b041
CVE-2019-3886 (An incorrect permissions check was discovered in libvirt 4.8.0 and abo ...)
	- libvirt 5.0.0-2 (low; bug #926418)
	[stretch] - libvirt <not-affected> (Vulnerable code not present)
	[jessie] - libvirt <not-affected> (Vulnerable code not present)
	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1694880
	NOTE: https://www.redhat.com/archives/libvir-list/2019-April/msg00339.html
	NOTE: https://bugzilla.suse.com/show_bug.cgi?id=1131595#c3
	NOTE: Introduced in: https://libvirt.org/git/?p=libvirt.git;a=commit;h=25736a4c7ed50c101b4f87935f350f1a39a89f6e (v4.8.0-rc1)
	NOTE: Fixed by: https://libvirt.org/git/?p=libvirt.git;a=commit;h=2a07c990bd9143d7a0fe8d1b6b7c763c52185240
	NOTE: Fixed by: https://libvirt.org/git/?p=libvirt.git;a=commit;h=ae076bb40e0e150aef41361b64001138d04d6c60
CVE-2019-3885 (A use-after-free flaw was found in pacemaker up to and including versi ...)
	- pacemaker 2.0.1-3 (bug #927714)
	[stretch] - pacemaker <not-affected> (Vulnerable code introduced later)
	NOTE: https://www.openwall.com/lists/oss-security/2019/04/17/1
	NOTE: https://github.com/ClusterLabs/pacemaker/pull/1749 (master)
	NOTE: https://github.com/ClusterLabs/pacemaker/pull/1750 (1.1)
	NOTE: https://lists.clusterlabs.org/pipermail/users/2019-May/025822.html
CVE-2019-3884 (A vulnerability exists in the garbage collection mechanism of atomic-o ...)
	NOT-FOR-US: atomic-openshift
CVE-2019-3883 (In 389-ds-base up to version 1.4.1.2, requests are handled by workers  ...)
	{DLA-1779-1}
	- 389-ds-base 1.4.1.5-1 (bug #927939)
	[buster] - 389-ds-base <no-dsa> (Minor issue)
	[stretch] - 389-ds-base <no-dsa> (Minor issue)
	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1693612
	NOTE: https://pagure.io/389-ds-base/issue/50329
	NOTE: https://pagure.io/389-ds-base/c/4d9cc24da (master)
	NOTE: https://pagure.io/389-ds-base/c/fcf2b5ddb (389-ds-base-1.4.0)
	NOTE: https://pagure.io/389-ds-base/c/dd4b69b55 (389-ds-base-1.3.9)
	NOTE: Patch was applied upstream but then reverted again, as it introduces
	NOTE: regressions:
	NOTE: https://pagure.io/389-ds-base/c/f35ad37100ab5915445d6d37f8921dd46f83656e
	NOTE: Fixed properly via:
	NOTE: https://pagure.io/389-ds-base/pull-request/50398
	NOTE: https://pagure.io/389-ds-base/c/f20e982c68a700b5ba2c41e5b6f3cdeb5fcb5fab (389-ds-base-1.4.1.4)
	NOTE: https://pagure.io/389-ds-base/c/7b0e7f6f51f6a117f6a40aa3967cad656eafb811 (389-ds-base-1.4.0.24)
	NOTE: https://pagure.io/389-ds-base/c/33ac4f5a78d1a42385d1c011d88cef26771e99f5 (389-ds-base-1.3.9 branch)
CVE-2019-3882 (A flaw was found in the Linux kernel's vfio interface implementation t ...)
	{DSA-4497-1 DLA-1885-1 DLA-1799-1}
	- linux 4.19.37-1
	NOTE: https://www.openwall.com/lists/oss-security/2019/04/03/1
	NOTE: https://lore.kernel.org/lkml/155414977872.12780.13728555131525362206.stgit@gimli.home/T/#u
	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1689426
	NOTE: Fixed by: https://git.kernel.org/linus/492855939bdb59c6f947b0b5b44af9ad82b7e38c
CVE-2019-3881 [tmp_home_path insecure]
	RESERVED
	- bundler 1.16.1-2 (bug #881749; bug #796383)
	[stretch] - bundler <no-dsa> (Minor issue)
	[jessie] - bundler <not-affected> (This version just uses mktmpdir which creates temporary directories with 0700 permissions by default.)
	NOTE: Upstream issue: https://github.com/bundler/bundler/issues/6501
	NOTE: https://salsa.debian.org/ruby-team/bundler/blob/debian/1.16.1-2/debian/patches/0006-Don-t-use-insecure-temporary-directory-as-home-direc.patch
	NOTE: https://salsa.debian.org/ruby-team/bundler/blob/debian/1.16.1-2/debian/patches/0007-Remove-temporary-home-directories.patch
CVE-2019-3880 (A flaw was found in the way samba implemented an RPC endpoint emulatin ...)
	{DSA-4427-1 DLA-1754-1}
	- samba 2:4.9.5+dfsg-3
	NOTE: https://www.samba.org/samba/security/CVE-2019-3880.html
CVE-2019-3879 (It was discovered that in the ovirt's REST API before version 4.3.2.1, ...)
	NOT-FOR-US: ovirt-engine
CVE-2019-3878 (A vulnerability was found in mod_auth_mellon before v0.14.2. If Apache ...)
	{DSA-4414-1}
	- libapache2-mod-auth-mellon 0.14.2-1 (bug #925197)
	[jessie] - libapache2-mod-auth-mellon <not-affected> (Vulnerable code not present)
	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1576719
	NOTE: https://github.com/Uninett/mod_auth_mellon/pull/196
	NOTE: https://github.com/Uninett/mod_auth_mellon/commit/e09a28a30e13e5c22b481010f26b4a7743a09280
CVE-2019-3877 (A vulnerability was found in mod_auth_mellon before v0.14.2. An open r ...)
	{DSA-4414-1}
	- libapache2-mod-auth-mellon 0.14.2-1
	[jessie] - libapache2-mod-auth-mellon <no-dsa> (Open redirect protection not present in the first place)
	NOTE: https://github.com/Uninett/mod_auth_mellon/commit/62041428a32de402e0be6ba45fe12df6a83bedb8
CVE-2019-3876 (A flaw was found in the /oauth/token/request custom endpoint of the Op ...)
	NOT-FOR-US: Openshift OAuth server
CVE-2019-3875 (A vulnerability was found in keycloak before 6.0.2. The X.509 authenti ...)
	NOT-FOR-US: Keycloak
CVE-2019-3874 (The SCTP socket buffer used by a userspace application is not accounte ...)
	- linux 5.2.6-1
	[stretch] - linux <ignored> (Minor issue)
	[jessie] - linux <ignored> (Minor issue)
	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1686373
CVE-2019-3873 (It was found that Picketlink as shipped with Jboss Enterprise Applicat ...)
	NOT-FOR-US: Picketlink
CVE-2019-3872 (It was found that a SAMLRequest containing a script could be processed ...)
	NOT-FOR-US: Picketlink
CVE-2019-3871 (A vulnerability was found in PowerDNS Authoritative Server before 4.0. ...)
	{DSA-4424-1 DLA-1737-1}
	- pdns 4.1.6-2 (bug #924966)
	NOTE: https://github.com/PowerDNS/pdns/issues/7573
	NOTE: https://docs.powerdns.com/authoritative/security-advisories/powerdns-advisory-2019-03.html
	NOTE: Patches: https://downloads.powerdns.com/patches/2019-03/
CVE-2019-3870 (A vulnerability was found in Samba from version (including) 4.9 to ver ...)
	- samba 2:4.9.5+dfsg-3
	[stretch] - samba <not-affected> (Vulnerable code not present)
	[jessie] - samba <not-affected> (Vulnerable code not present)
	NOTE: https://www.samba.org/samba/security/CVE-2019-3870.html
CVE-2019-3869 (When running Tower before 3.4.3 on OpenShift or Kubernetes, applicatio ...)
	NOT-FOR-US: Ansible Tower
CVE-2019-3868 (Keycloak up to version 6.0.0 allows the end user token (access or id t ...)
	NOT-FOR-US: Keycloak
CVE-2019-3867
	RESERVED
	NOT-FOR-US: OpenShift (web-cosnole issue specific to OpenShift only)
CVE-2019-3866 (An information-exposure vulnerability was discovered where openstack-m ...)
	- python-oslo.utils 3.41.3-1 (low; bug #946060)
	[buster] - python-oslo.utils <no-dsa> (Minor issue; can be fixed via point release)
	[stretch] - python-oslo.utils <no-dsa> (Minor issue; can be fixed via point release)
	[jessie] - python-oslo.utils <not-affected> (regex pattern rewrite)
	- python-mistral-lib 1.2.0-3
	[buster] - python-mistral-lib <no-dsa> (Minor issue; can be fixed via point release)
	- mistral 5.1.0-2
	[stretch] - mistral <no-dsa> (Minor issue; can be fixed via point release)
	NOTE: In mistral/5.0.0 the problematic code was moved to the python library.
	NOTE: To be apply the fixes in mistral/python-mistral-lib as pre-requiste the
	NOTE: python-oslo.utils package needs an update.
	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1768731
	NOTE: https://bugs.launchpad.net/tripleo/+bug/1850843
	NOTE: https://opendev.org/openstack/oslo.utils/commit/b41268417cecb12d1d5955ee3107067edf050221
	NOTE: Patch for Pike and newer: https://launchpadlibrarian.net/449473654/0001-Ensure-we-mask-sensitive-data-from-Mistral-Action-lo.patch
	NOTE: Patch for Pike and newer: https://launchpadlibrarian.net/449472809/0001-Ensure-we-mask-sensitive-data-from-Mistral-Action-lo.patch
CVE-2019-3865
	RESERVED
	NOT-FOR-US: Quay
CVE-2019-3864 (A vulnerability was discovered in all quay-2 versions before quay-3.0. ...)
	NOT-FOR-US: Quay
CVE-2019-3863 (A flaw was found in libssh2 before 1.8.1. A server could send a multip ...)
	{DSA-4431-1 DLA-1730-1}
	- libssh2 1.8.0-2.1 (bug #924965)
	NOTE: https://www.libssh2.org/CVE-2019-3863.html
	NOTE: Patch: https://libssh2.org/1.8.0-CVE/CVE-2019-3863.patch
	NOTE: https://github.com/libssh2/libssh2/pull/315
CVE-2019-3862 (An out of bounds read flaw was discovered in libssh2 before 1.8.1 in t ...)
	{DSA-4431-1 DLA-1730-1}
	- libssh2 1.8.0-2.1 (bug #924965)
	NOTE: https://libssh2.org/CVE-2019-3862.html
	NOTE: Patch: https://libssh2.org/1.8.0-CVE/CVE-2019-3862.patch
	NOTE: https://github.com/libssh2/libssh2/pull/316
CVE-2019-3861 (An out of bounds read flaw was discovered in libssh2 before 1.8.1 in t ...)
	{DSA-4431-1 DLA-1730-1}
	- libssh2 1.8.0-2.1 (bug #924965)
	NOTE: https://libssh2.org/CVE-2019-3861.html
	NOTE: Patch: https://libssh2.org/1.8.0-CVE/CVE-2019-3861.patch
	NOTE: https://github.com/libssh2/libssh2/pull/316
CVE-2019-3860 (An out of bounds read flaw was discovered in libssh2 before 1.8.1 in t ...)
	{DSA-4431-1 DLA-1730-4 DLA-1730-1}
	- libssh2 1.8.0-2.1 (bug #924965)
	NOTE: https://libssh2.org/CVE-2019-3860.html
	NOTE: Patch: https://libssh2.org/1.8.0-CVE/CVE-2019-3860.patch
	NOTE: https://github.com/libssh2/libssh2/pull/316
CVE-2019-3859 (An out of bounds read flaw was discovered in libssh2 before 1.8.1 in t ...)
	{DSA-4431-1 DLA-1730-3 DLA-1730-1}
	- libssh2 1.8.0-2.1 (bug #924965)
	NOTE: https://www.libssh2.org/CVE-2019-3859.html
	NOTE: Patch: https://libssh2.org/1.8.0-CVE/CVE-2019-3859.patch
	NOTE: https://github.com/libssh2/libssh2/pull/315
CVE-2019-3858 (An out of bounds read flaw was discovered in libssh2 before 1.8.1 when ...)
	{DSA-4431-1 DLA-1730-1}
	- libssh2 1.8.0-2.1 (bug #924965)
	NOTE: https://libssh2.org/CVE-2019-3858.html
	NOTE: Patch: https://libssh2.org/1.8.0-CVE/CVE-2019-3858.patch
	NOTE: https://github.com/libssh2/libssh2/pull/316
CVE-2019-3857 (An integer overflow flaw which could lead to an out of bounds write wa ...)
	{DSA-4431-1 DLA-1730-1}
	- libssh2 1.8.0-2.1 (bug #924965)
	NOTE: https://www.libssh2.org/CVE-2019-3857.html
	NOTE: Patch: https://libssh2.org/1.8.0-CVE/CVE-2019-3857.patch
	NOTE: https://github.com/libssh2/libssh2/pull/315
CVE-2019-3856 (An integer overflow flaw, which could lead to an out of bounds write,  ...)
	{DSA-4431-1 DLA-1730-1}
	- libssh2 1.8.0-2.1 (bug #924965)
	NOTE: https://www.libssh2.org/CVE-2019-3856.html
	NOTE: Patch: https://libssh2.org/1.8.0-CVE/CVE-2019-3856.patch
	NOTE: https://github.com/libssh2/libssh2/pull/315
CVE-2019-3855 (An integer overflow flaw which could lead to an out of bounds write wa ...)
	{DSA-4431-1 DLA-1730-1}
	- libssh2 1.8.0-2.1 (bug #924965)
	NOTE: https://www.libssh2.org/CVE-2019-3855.html
	NOTE: Patch: https://libssh2.org/1.8.0-CVE/CVE-2019-3855.patch
	NOTE: https://github.com/libssh2/libssh2/pull/315
CVE-2019-3854
	REJECTED
CVE-2019-3853
	RESERVED
CVE-2019-3852 (A vulnerability was found in moodle before version 3.6.3. The get_with ...)
	- moodle <removed>
CVE-2019-3851 (A vulnerability was found in moodle before versions 3.6.3 and 3.5.5. T ...)
	- moodle <removed>
CVE-2019-3850 (A vulnerability was found in moodle before versions 3.6.3, 3.5.5, 3.4. ...)
	- moodle <removed>
CVE-2019-3849 (A vulnerability was found in moodle before versions 3.6.3, 3.5.5 and 3 ...)
	- moodle <removed>
CVE-2019-3848 (A vulnerability was found in moodle before versions 3.6.3, 3.5.5 and 3 ...)
	- moodle <removed>
CVE-2019-3847 (A vulnerability was found in moodle before versions 3.6.3, 3.5.5, 3.4. ...)
	- moodle <removed>
CVE-2019-3846 (A flaw that allowed an attacker to corrupt memory and possibly escalat ...)
	{DSA-4465-1 DLA-1824-1 DLA-1823-1}
	- linux 4.19.37-4
	NOTE: https://lore.kernel.org/linux-wireless/20190529125220.17066-1-tiwai@suse.de/
CVE-2019-3845 (A lack of access control was found in the message queues maintained by ...)
	NOT-FOR-US: qpid dispatch router
CVE-2019-3844 (It was discovered that a systemd service that uses DynamicUser propert ...)
	[experimental] - systemd 242-1
	- systemd 242-4 (bug #928102)
	[buster] - systemd <ignored> (Minor issue; exploit vector needs control both of the service and a helper outside)
	[stretch] - systemd <ignored> (Minor issue; exploit vector needs control both of the service and a helper outside)
	[jessie] - systemd <not-affected> (Vulnerable code introduced later)
	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1684610
	NOTE: https://github.com/systemd/systemd/commit/bf65b7e0c9fc215897b676ab9a7c9d1c688143ba
	NOTE: https://bugs.chromium.org/p/project-zero/issues/detail?id=1771
	NOTE: https://bugs.launchpad.net/ubuntu/+source/systemd/+bug/1814596
CVE-2019-3843 (It was discovered that a systemd service that uses DynamicUser propert ...)
	[experimental] - systemd 242-1
	- systemd 242-4 (bug #928102)
	[buster] - systemd <ignored> (Minor issue; exploit vector needs control both of the service and a helper outside)
	[stretch] - systemd <ignored> (Minor issue; exploit vector needs control both of the service and a helper outside)
	[jessie] - systemd <not-affected> (Vulnerable code introduced later)
	NOTE: https://github.com/systemd/systemd/commit/3c27973b13724ede05a06a5d346a569794cda433
	NOTE: https://github.com/systemd/systemd/commit/f69567cbe26d09eac9d387c0be0fc32c65a83ada
	NOTE: https://github.com/systemd/systemd/commit/9d880b70ba5c6ca83c82952f4c90e86e56c7b70c
	NOTE: https://github.com/systemd/systemd/commit/7445db6eb70e8d5989f481d0c5a08ace7047ae5b
	NOTE: https://github.com/systemd/systemd/commit/62aa29247c3d74bcec0607c347f2be23cd90675d
	NOTE: https://github.com/systemd/systemd/commit/bf65b7e0c9fc215897b676ab9a7c9d1c688143ba
	NOTE: https://bugs.chromium.org/p/project-zero/issues/detail?id=1771
	NOTE: https://bugs.launchpad.net/ubuntu/+source/systemd/+bug/1814596
	NOTE: https://github.com/systemd/systemd-stable/pull/54 (backport for v241-stable)
CVE-2019-3842 (In systemd before v242-rc4, it was discovered that pam_systemd does no ...)
	{DSA-4428-1 DLA-1762-1}
	- systemd 241-3
	NOTE: https://bugs.chromium.org/p/project-zero/issues/detail?id=1756
	NOTE: https://bugs.launchpad.net/bugs/1812316
	NOTE: https://github.com/systemd/systemd/commit/83d4ab55336ff8a0643c6aa627b31e351a24040a
CVE-2019-3841 (Kubevirt/virt-cdi-importer, versions 1.4.0 to 1.5.3 inclusive, were re ...)
	NOT-FOR-US: KubeVirt
CVE-2019-3840 (A NULL pointer dereference flaw was discovered in libvirt before versi ...)
	- libvirt 5.0.0-1
	[stretch] - libvirt <no-dsa> (Minor issue)
	[jessie] - libvirt <not-affected> (vulnerable code was introduced in 1.2.14)
	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1663051
	NOTE: https://www.redhat.com/archives/libvir-list/2019-January/msg00241.html
	NOTE: https://libvirt.org/git/?p=libvirt.git;a=commit;h=7cfd1fbb1332ae5df678b9f41a62156cb2e88c73
CVE-2019-3839 (It was found that in ghostscript some privileged operators remained ac ...)
	{DSA-4442-1 DLA-1792-1}
	- ghostscript 9.27~dfsg-1
	NOTE: http://git.ghostscript.com/?p=ghostpdl.git;a=commitdiff;h=4ec9ca74bed49f2a82acb4bf430eae0d8b3b75c9
	NOTE: To prevent pdf2dsc regression additionally:
	NOTE: http://git.ghostscript.com/?p=ghostpdl.git;a=commitdiff;h=db24f253409d5d085c2760c814c3e1d3fa2dac59
CVE-2019-3838 (It was found that the forceput operator could be extracted from the De ...)
	{DSA-4432-1 DLA-1761-1}
	[experimental] - ghostscript 9.27~~dc1~dfsg-1
	- ghostscript 9.27~dfsg-1 (bug #925257)
	NOTE: https://www.openwall.com/lists/oss-security/2019/03/21/1
	NOTE: https://git.ghostscript.com/?p=ghostpdl.git;a=commitdiff;h=ed9fcd95bb01f0768bf273b2526732e381202319
	NOTE: https://git.ghostscript.com/?p=ghostpdl.git;a=commitdiff;h=a82601e8f95a2f2147f3b3b9e44ec2b8f3a6be8b
	NOTE: https://bugs.ghostscript.com/show_bug.cgi?id=700576
CVE-2019-3837 (It was found that the net_dma code in tcp_recvmsg() in the 2.6.32 kern ...)
	- linux 3.13.4-1
	NOTE: https://git.kernel.org/linus/77873803363c9e831fc1d1e6895c084279090c22
	NOTE: https://git.kernel.org/linus/7bced397510ab569d31de4c70b39e13355046387
CVE-2019-3836 (It was discovered in gnutls before version 3.6.7 upstream that there i ...)
	[experimental] - gnutls28 3.6.7-1
	- gnutls28 3.6.7-2
	[jessie] - gnutls28 <not-affected> (vulnerable code was introduced later)
	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1678411
	NOTE: https://gitlab.com/gnutls/gnutls/issues/704
	NOTE: https://www.gnutls.org/security-new.html#GNUTLS-SA-2019-03-27
	NOTE: Upstream versions affected are 3.6.3 and later before 3.6.7
CVE-2019-3835 (It was found that the superexec operator was available in the internal ...)
	{DSA-4432-1 DLA-1761-1}
	[experimental] - ghostscript 9.27~~dc1~dfsg-1
	- ghostscript 9.27~dfsg-1 (bug #925256)
	NOTE: https://www.openwall.com/lists/oss-security/2019/03/21/1
	NOTE: https://git.ghostscript.com/?p=ghostpdl.git;a=commitdiff;h=205591753126802da850ada6511a0ff8411aa287
	NOTE: https://git.ghostscript.com/?p=ghostpdl.git;a=commitdiff;h=d683d1e6450d74619e6277efeebfc222d9a5cb91 (needed dependency)
	NOTE: https://bugs.ghostscript.com/show_bug.cgi?id=700585
CVE-2019-3834 (It was found that the fix for CVE-2014-0114 had been reverted in JBoss ...)
	NOT-FOR-US: JBoss Operations Network 3 (JON) specific CVE assignment
CVE-2019-3833 (Openwsman, versions up to and including 2.6.9, are vulnerable to infin ...)
	- openwsman <itp> (bug #754501)
CVE-2019-3832 (It was discovered the fix for CVE-2018-19758 (libsndfile) was not comp ...)
	{DLA-1712-1}
	- libsndfile 1.0.28-6 (bug #922372)
	[stretch] - libsndfile <not-affected> (Incomplete fix for CVE-2018-19758 not applied)
	NOTE: https://github.com/erikd/libsndfile/issues/456#issuecomment-463542436
	NOTE: https://github.com/erikd/libsndfile/pull/460
	NOTE: https://github.com/erikd/libsndfile/commit/6d7ce94c020cc720a6b28719d1a7879181790008
CVE-2019-3831 (A vulnerability was discovered in vdsm, version 4.19 through 4.30.3 an ...)
	- vdsm <itp> (bug #668538)
CVE-2019-3830 (A vulnerability was found in ceilometer before version 12.0.0.0rc1. An ...)
	- ceilometer 1:11.0.1-5 (bug #925298)
	[stretch] - ceilometer <not-affected> (Vulnerable code not present)
	[jessie] - ceilometer <not-affected> (vulnerable code is not present)
	NOTE: https://bugs.launchpad.net/ceilometer/+bug/1811098/
	NOTE: Introduced in https://github.com/openstack/ceilometer/commit/50415c0d08a3199d2280f3638dd121779585f0fe (10.0.0.0)
	NOTE: Fixed in https://github.com/openstack/ceilometer/commit/8881a42af169a2d7c912b1434911f978883c83f3
CVE-2019-3829 (A vulnerability was found in gnutls versions from 3.5.8 before 3.6.7.  ...)
	[experimental] - gnutls28 3.6.7-1
	- gnutls28 3.6.7-2
	[jessie] - gnutls28 <not-affected> (vulnerable code was introduced later)
	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1677048
	NOTE: https://gitlab.com/gnutls/gnutls/issues/694
	NOTE: https://www.gnutls.org/security-new.html#GNUTLS-SA-2019-03-27
	NOTE: Upstream versions affected are from 3.5.8 and before 3.6.7.
CVE-2019-3828 (Ansible fetch module before versions 2.5.15, 2.6.14, 2.7.8 has a path  ...)
	{DSA-4396-1}
	- ansible 2.7.7+dfsg-1 (bug #922537)
	[jessie] - ansible <not-affected> (Vulnerable code not present)
	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1676689
	NOTE: https://github.com/ansible/ansible/pull/52133
CVE-2019-3827 (An incorrect permission check in the admin backend in gvfs before vers ...)
	- gvfs 1.38.1-3 (bug #921816)
	[stretch] - gvfs <no-dsa> (Minor issue)
	[jessie] - gvfs <not-affected> (Vulnerable code not present)
	NOTE: https://gitlab.gnome.org/GNOME/gvfs/issues/355
	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1665578
	NOTE: Affecting gvfs since 1.29.4 where admin backend was introduced.
CVE-2019-3826 (A stored, DOM based, cross-site scripting (XSS) flaw was found in Prom ...)
	- prometheus 2.7.1+ds-1 (bug #921615)
	[stretch] - prometheus <not-affected> (Only affects 2.1.0 onwards)
	NOTE: https://github.com/prometheus/prometheus/pull/5163
CVE-2019-3825 (A vulnerability was discovered in gdm before 3.31.4. When timed login  ...)
	- gdm3 3.30.2-3 (low; bug #921764)
	[stretch] - gdm3 <no-dsa> (Minor issue)
	[jessie] - gdm3 <ignored> (Minor issue)
	NOTE: https://gitlab.gnome.org/GNOME/gdm/issues/460
CVE-2019-3824 (A flaw was found in the way an LDAP search expression could crash the  ...)
	{DSA-4397-1 DLA-1699-1}
	- ldb 2:1.5.1+really1.4.3-2
	- samba 2:4.9.5+dfsg-1 (unimportant)
	NOTE: https://bugzilla.samba.org/show_bug.cgi?id=13773
	NOTE: Samba uses the System ldb library
CVE-2019-3823 (libcurl versions from 7.34.0 to before 7.64.0 are vulnerable to a heap ...)
	{DSA-4386-1 DLA-1672-1}
	- curl 7.64.0-1
	NOTE: https://curl.haxx.se/docs/CVE-2019-3823.html
	NOTE: Fixed by: https://github.com/curl/curl/commit/39df4073e5413fcdbb5a38da0c1ce6f1c0ceb484
	NOTE: Introduced by: https://github.com/curl/curl/commit/2766262a68688c1dd8143f9c4be84b46c408b70a
CVE-2019-3822 (libcurl versions from 7.36.0 to before 7.64.0 are vulnerable to a stac ...)
	{DSA-4386-1 DLA-1672-1}
	- curl 7.64.0-1
	NOTE: https://curl.haxx.se/docs/CVE-2019-3822.html
	NOTE: Fixed by: https://github.com/curl/curl/commit/50c9484278c63b958655a717844f0721263939cc
	NOTE: Introduced by: https://github.com/curl/curl/commit/86724581b6c02d160b52f817550cfdfc9c93af62
CVE-2019-3821 (A flaw was found in the way civetweb frontend was handling requests fo ...)
	- ceph <not-affected> (Vulnerable code introduced later)
	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1656852
	NOTE: https://github.com/ceph/civetweb/pull/33
CVE-2019-3820 (It was discovered that the gnome-shell lock screen since version 3.15. ...)
	- gnome-shell 3.30.2-3 (bug #921490)
	[stretch] - gnome-shell <no-dsa> (Minor issue)
	[jessie] - gnome-shell <not-affected> (Vulnerable code not present)
	NOTE: Introduced by: https://bugzilla.gnome.org/show_bug.cgi?id=745039
	NOTE: Introduced by: https://gitlab.gnome.org/GNOME/gnome-shell/commit/c79d24b60e773262091023feb6ee1b3deef1c471
	NOTE: Upstream issue: https://gitlab.gnome.org/GNOME/gnome-shell/issues/851
CVE-2019-3819 (A flaw was found in the Linux kernel in the function hid_debug_events_ ...)
	{DLA-1771-1 DLA-1731-1}
	- linux 4.19.20-1
	[stretch] - linux 4.9.161-1
	NOTE: Proposed patch: https://marc.info/?l=linux-input&m=154841031101012&w=2
CVE-2019-3818 (The kube-rbac-proxy container before version 0.4.1 as used in Red Hat  ...)
	NOT-FOR-US: kube-rbac-proxy
CVE-2019-3817 (A use-after-free flaw has been discovered in libcomps before version 0 ...)
	NOT-FOR-US: libcomps
CVE-2019-3816 (Openwsman, versions up to and including 2.6.9, are vulnerable to arbit ...)
	- openwsman <itp> (bug #754501)
CVE-2019-3815 (A memory leak was discovered in the backport of fixes for CVE-2018-168 ...)
	{DLA-1711-1}
	- systemd <not-affected> (This only affected backports to older suites, not the version in sid)
	[stretch] - systemd 232-25+deb9u8
	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1666690
	NOTE: For stable it affected DSA-4367-1 and was corrected in DSA-4367-2
	NOTE: specifically the backport of the fix for CVE-2018-16864.
CVE-2019-3814 (It was discovered that Dovecot before versions 2.2.36.1 and 2.3.4.1 in ...)
	{DSA-4385-1 DLA-1667-1}
	- dovecot 1:2.3.4.1-1
	NOTE: https://www.openwall.com/lists/oss-security/2019/02/05/1
CVE-2019-3813 (Spice, versions 0.5.2 through 0.14.1, are vulnerable to an out-of-boun ...)
	{DSA-4375-1 DLA-1649-1}
	- spice 0.14.0-1.3 (bug #920762)
	NOTE: https://www.openwall.com/lists/oss-security/2019/01/28/2
	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1665371
CVE-2019-3812 (QEMU, through version 2.10 and through version 3.1.0, is vulnerable to ...)
	{DSA-4454-1}
	- qemu 1:3.1+dfsg-5 (bug #922635)
	[jessie] - qemu <not-affected> (vulnerable code introduced later)
	- qemu-kvm <removed>
	NOTE: https://git.qemu.org/?p=qemu.git;a=commit;h=b05b267840515730dbf6753495d5b7bd8b04ad1c
	NOTE: vulnerable code not present prior 2.6.50, introduced in
	NOTE: https://git.qemu.org/?p=qemu.git;a=commit;h=78c71af8049c40657b646d9dd722867fa15c0f1b
CVE-2019-3811 (A vulnerability was found in sssd. If a user was configured with no ho ...)
	{DLA-1635-1}
	- sssd 2.2.0-1 (bug #919051)
	[buster] - sssd <no-dsa> (Minor issue)
	[stretch] - sssd <no-dsa> (Minor issue)
	NOTE: Upstream ticket: https://pagure.io/SSSD/sssd/issue/3901
	NOTE: Pull request: https://github.com/SSSD/sssd/pull/703
	NOTE: Fixed by: https://github.com/SSSD/sssd/commit/90f32399b4100ce39cf665649fde82d215e5eb49 (master)
	NOTE: Fixed by: https://github.com/SSSD/sssd/commit/28792523a01a7d21bcc8931794164f253e691a68 (sssd-1-16)
CVE-2019-3810 (A flaw was found in moodle versions 3.6 to 3.6.1, 3.5 to 3.5.3, 3.4 to ...)
	- moodle <removed>
	NOTE: https://moodle.org/mod/forum/discuss.php?d=381230#p1536767
	NOTE: http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-64372
CVE-2019-3809 (A flaw was found in Moodle versions 3.1 to 3.1.15 and earlier unsuppor ...)
	- moodle <removed>
	NOTE: https://moodle.org/mod/forum/discuss.php?d=381229#p1536766
	NOTE: http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-64222
CVE-2019-3808 (A flaw was found in Moodle versions 3.6 to 3.6.1, 3.5 to 3.5.3, 3.4 to ...)
	- moodle <removed>
	NOTE: https://moodle.org/mod/forum/discuss.php?d=381228#p1536765
	NOTE: http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-64395
CVE-2019-3807 (An issue has been found in PowerDNS Recursor versions 4.1.x before 4.1 ...)
	- pdns-recursor 4.1.9-1
	[stretch] - pdns-recursor <not-affected> (Only affects 4.1.x)
	[jessie] - pdns-recursor <not-affected> (Only affects 4.1.x)
	NOTE: https://docs.powerdns.com/recursor/security-advisories/powerdns-advisory-2019-02.html
CVE-2019-3806 (An issue has been found in PowerDNS Recursor versions after 4.1.3 befo ...)
	- pdns-recursor 4.1.9-1
	[stretch] - pdns-recursor <not-affected> (Only affects 4.1.x)
	[jessie] - pdns-recursor <not-affected> (Only affects 4.1.x)
	NOTE: https://docs.powerdns.com/recursor/security-advisories/powerdns-advisory-2019-01.html
CVE-2019-3805 (A flaw was discovered in wildfly versions up to 16.0.0.Final that woul ...)
	- wildfly <itp> (bug #752018)
CVE-2019-3804 (It was found that cockpit before version 184 used glib's base64 decode ...)
	- cockpit 184-1
	NOTE: https://github.com/cockpit-project/cockpit/pull/10819
	NOTE: https://github.com/cockpit-project/cockpit/commit/c51f6177576d7e12
CVE-2019-3803 (Pivotal Concourse, all versions prior to 4.2.2, puts the user access t ...)
	NOT-FOR-US: Pivotal Concourse
CVE-2019-3802 (This affects Spring Data JPA in versions up to and including 2.1.6, 2. ...)
	NOT-FOR-US: Pivotal Spring Data JPA
CVE-2019-3801 (Cloud Foundry cf-deployment, versions prior to 7.9.0, contain java com ...)
	NOT-FOR-US: Cloud Foundry
CVE-2019-3800 (CF CLI version prior to v6.45.0 (bosh release version 1.16.0) writes t ...)
	NOT-FOR-US: Cloud Foundry
CVE-2019-3799 (Spring Cloud Config, versions 2.1.x prior to 2.1.2, versions 2.0.x pri ...)
	NOT-FOR-US: Spring Cloud Config
CVE-2019-3798 (Cloud Foundry Cloud Controller API Release, versions prior to 1.79.0,  ...)
	NOT-FOR-US: Cloud Foundry
CVE-2019-3797 (This affects Spring Data JPA in versions up to and including 2.1.5, 2. ...)
	NOT-FOR-US: Spring Data JPA
CVE-2019-3796
	REJECTED
CVE-2019-3795 (Spring Security versions 4.2.x prior to 4.2.12, 5.0.x prior to 5.0.12, ...)
	{DLA-1794-1}
	- libspring-security-2.0-java <removed>
	NOTE: https://github.com/spring-projects/spring-security/commit/6f02f690ac65ccf99d8df47ac3d730a68f87c569
CVE-2019-3794 (Cloud Foundry UAA, versions prior to v73.4.0, does not set an X-FRAME- ...)
	NOT-FOR-US: Cloud Foundry
CVE-2019-3793 (Pivotal Apps Manager Release, versions 665.0.x prior to 665.0.28, vers ...)
	NOT-FOR-US: Pivotal
CVE-2019-3792 (Pivotal Concourse version 5.0.0, contains an API that is vulnerable to ...)
	NOT-FOR-US: Pivotal
CVE-2019-3791
	REJECTED
CVE-2019-3790 (The Pivotal Ops Manager, 2.2.x versions prior to 2.2.23, 2.3.x version ...)
	NOT-FOR-US: Pivotal Ops Manager
CVE-2019-3789 (Cloud Foundry Routing Release, all versions prior to 0.188.0, contains ...)
	NOT-FOR-US: Cloud Foundry
CVE-2019-3788 (Cloud Foundry UAA Release, versions prior to 71.0, allows clients to b ...)
	NOT-FOR-US: Cloud Foundry
CVE-2019-3787 (Cloud Foundry UAA, versions prior to 73.0.0, falls back to appending & ...)
	NOT-FOR-US: Cloud Foundry UAA
CVE-2019-3786 (Cloud Foundry BOSH Backup and Restore CLI, all versions prior to 1.5.0 ...)
	NOT-FOR-US: Cloud Foundry
CVE-2019-3785 (Cloud Foundry Cloud Controller, versions prior to 1.78.0, contain an e ...)
	NOT-FOR-US: Cloud Foundry
CVE-2019-3784 (Cloud Foundry Stratos, versions prior to 2.3.0, contains an insecure s ...)
	NOT-FOR-US: Cloud Foundry Stratos
CVE-2019-3783 (Cloud Foundry Stratos, versions prior to 2.3.0, deploys with a public  ...)
	NOT-FOR-US: Cloud Foundry Stratos
CVE-2019-3782 (Cloud Foundry CredHub CLI, versions prior to 2.2.1, inadvertently writ ...)
	NOT-FOR-US: Cloud Foundry
CVE-2019-3781 (Cloud Foundry CLI, versions prior to v6.43.0, improperly exposes passw ...)
	NOT-FOR-US: Cloud Foundry CLI
CVE-2019-3780 (Cloud Foundry Container Runtime, versions prior to 0.28.0, deploys K8s ...)
	NOT-FOR-US: Cloud Foundry
CVE-2019-3779 (Cloud Foundry Container Runtime, versions prior to 0.29.0, deploys Kub ...)
	NOT-FOR-US: Cloud Foundry
CVE-2019-3778 (Spring Security OAuth, versions 2.3 prior to 2.3.5, and 2.2 prior to 2 ...)
	NOT-FOR-US: Spring Security OAuth
CVE-2019-3777 (Pivotal Application Service (PAS), versions 2.2.x prior to 2.2.12, 2.3 ...)
	NOT-FOR-US: Pivotal
CVE-2019-3776 (Pivotal Operations Manager, 2.1.x versions prior to 2.1.20, 2.2.x vers ...)
	NOT-FOR-US: Pivotal
CVE-2019-3775 (Cloud Foundry UAA, versions prior to v70.0, allows a user to update th ...)
	NOT-FOR-US: Cloud Foundry UAA
CVE-2019-3774 (Spring Batch versions 3.0.9, 4.0.1, 4.1.0, and older unsupported versi ...)
	NOT-FOR-US: Spring Batch
CVE-2019-3773 (Spring Web Services, versions 2.4.3, 3.0.4, and older unsupported vers ...)
	NOT-FOR-US: Spring Web Services
CVE-2019-3772 (Spring Integration (spring-integration-xml and spring-integration-ws m ...)
	NOT-FOR-US: Spring Integration
CVE-2019-3771
	RESERVED
CVE-2019-3770 (Dell Wyse Management Suite versions prior to 1.4.1 contain a stored cr ...)
	NOT-FOR-US: Dell
CVE-2019-3769 (Dell Wyse Management Suite versions prior to 1.4.1 contain a stored cr ...)
	NOT-FOR-US: Dell
CVE-2019-3768 (RSA Authentication Manager versions prior to 8.4 P7 contain an XML Ent ...)
	NOT-FOR-US: RSA Authentication Manager
CVE-2019-3767 (Dell ImageAssist versions prior to 8.7.15 contain an information discl ...)
	NOT-FOR-US: Dell ImageAssist
CVE-2019-3766 (Dell EMC ECS versions prior to 3.4.0.0 contain an improper restriction ...)
	NOT-FOR-US: EMC
CVE-2019-3765 (Dell EMC Avamar Server versions 7.4.1, 7.5.0, 7.5.1, 18.2 and 19.1 and ...)
	NOT-FOR-US: EMC
CVE-2019-3764 (Dell EMC iDRAC7 versions prior to 2.65.65.65, iDRAC8 versions prior to ...)
	NOT-FOR-US: EMC
CVE-2019-3763 (The RSA Identity Governance and Lifecycle software and RSA Via Lifecyc ...)
	NOT-FOR-US: RSA
CVE-2019-3762 (Data Protection Central versions 1.0, 1.0.1, 18.1, 18.2, and 19.1 cont ...)
	NOT-FOR-US: Dell
CVE-2019-3761 (The RSA Identity Governance and Lifecycle software and RSA Via Lifecyc ...)
	NOT-FOR-US: RSA
CVE-2019-3760 (The RSA Identity Governance and Lifecycle software and RSA Via Lifecyc ...)
	NOT-FOR-US: RSA
CVE-2019-3759 (The RSA Identity Governance and Lifecycle software and RSA Via Lifecyc ...)
	NOT-FOR-US: RSA
CVE-2019-3758 (RSA Archer, versions prior to 6.6 P2 (6.6.0.2), contain an improper au ...)
	NOT-FOR-US: RSA
CVE-2019-3757
	RESERVED
CVE-2019-3756 (RSA Archer, versions prior to 6.6 P3 (6.6.0.3), contain an information ...)
	NOT-FOR-US: RSA
CVE-2019-3755
	RESERVED
CVE-2019-3754 (Dell EMC Unity Operating Environment versions prior to 5.0.0.0.5.116,  ...)
	NOT-FOR-US: EMC
CVE-2019-3753 (Dell EMC PowerConnect 8024, 7000, M6348, M6220, M8024 and M8024-K runn ...)
	NOT-FOR-US: EMC
CVE-2019-3752
	RESERVED
CVE-2019-3751 (Dell EMC Enterprise Copy Data Management (eCDM) versions 1.0, 1.1, 2.0 ...)
	NOT-FOR-US: EMC
CVE-2019-3750 (Dell Command Update versions prior to 3.1 contain an Arbitrary File De ...)
	NOT-FOR-US: Dell Command Update
CVE-2019-3749 (Dell Command Update versions prior to 3.1 contain an Arbitrary File De ...)
	NOT-FOR-US: Dell Command Update
CVE-2019-3748
	RESERVED
CVE-2019-3747 (Dell EMC Integrated Data Protection Appliance versions prior to 2.3 co ...)
	NOT-FOR-US: EMC
CVE-2019-3746 (Dell EMC Integrated Data Protection Appliance versions prior to 2.3 do ...)
	NOT-FOR-US: EMC
CVE-2019-3745 (The vulnerability is limited to the installers of Dell Encryption Ente ...)
	NOT-FOR-US: Dell
CVE-2019-3744 (Dell/Alienware Digital Delivery versions prior to 4.0.41 contain a pri ...)
	NOT-FOR-US: Dell/Alienware Digital Delivery
CVE-2019-3743
	RESERVED
CVE-2019-3742 (Dell/Alienware Digital Delivery versions prior to 3.5.2013 contain a p ...)
	NOT-FOR-US: Dell/Alienware Digital Delivery
CVE-2019-3741 (Dell EMC Unity and UnityVSA versions prior to 5.0.0.0.5.116 contain a  ...)
	NOT-FOR-US: EMC
CVE-2019-3740 (RSA BSAFE Crypto-J versions prior to 6.2.5 are vulnerable to an Inform ...)
	NOT-FOR-US: RSA
CVE-2019-3739 (RSA BSAFE Crypto-J versions prior to 6.2.5 are vulnerable to Informati ...)
	NOT-FOR-US: RSA
CVE-2019-3738 (RSA BSAFE Crypto-J versions prior to 6.2.5 are vulnerable to a Missing ...)
	NOT-FOR-US: RSA
CVE-2019-3737 (Dell EMC Avamar ADMe Web Interface 1.0.50 and 1.0.51 are affected by a ...)
	NOT-FOR-US: Dell EMC Avamar ADMe Web Interface
CVE-2019-3736 (Dell EMC Integrated Data Protection Appliance versions prior to 2.3 co ...)
	NOT-FOR-US: EMC
CVE-2019-3735 (Dell SupportAssist for Business PCs version 2.0 and Dell SupportAssist ...)
	NOT-FOR-US: Dell SupportAssist
CVE-2019-3734 (Dell EMC Unity and UnityVSA versions prior to 5.0.0.0.5.116 contain an ...)
	NOT-FOR-US: EMC
CVE-2019-3733 (RSA BSAFE Crypto-C Micro Edition, all versions prior to 4.1.4, is vuln ...)
	NOT-FOR-US: RSA
CVE-2019-3732 (RSA BSAFE Crypto-C Micro Edition, versions prior to 4.0.5.3 (in 4.0.x) ...)
	NOT-FOR-US: RSA
CVE-2019-3731 (RSA BSAFE Crypto-C Micro Edition versions prior to 4.1.4 and RSA Micro ...)
	NOT-FOR-US: RSA
CVE-2019-3730 (RSA BSAFE Micro Edition Suite versions prior to 4.1.6.3 (in 4.1.x) and ...)
	NOT-FOR-US: RSA
CVE-2019-3729 (RSA BSAFE Micro Edition Suite versions prior to 4.4 (in 4.0.x, 4.1.x,  ...)
	NOT-FOR-US: RSA
CVE-2019-3728 (RSA BSAFE Crypto-C Micro Edition versions prior to 4.0.5.4 (in 4.0.x)  ...)
	NOT-FOR-US: RSA
CVE-2019-3727 (Dell EMC RecoverPoint versions prior to 5.1.3 and RecoverPoint for VMs ...)
	NOT-FOR-US: Dell EMC RecoverPoint
CVE-2019-3726 (An Uncontrolled Search Path Vulnerability is applicable to the followi ...)
	NOT-FOR-US: EMC
CVE-2019-3725 (RSA Netwitness Platform versions prior to 11.2.1.1 and RSA Security An ...)
	NOT-FOR-US: RSA Netwitness Platform
CVE-2019-3724 (RSA Netwitness Platform versions prior to 11.2.1.1 is vulnerable to an ...)
	NOT-FOR-US: RSA Netwitness Platform
CVE-2019-3723 (Dell EMC OpenManage Server Administrator (OMSA) versions prior to 9.1. ...)
	NOT-FOR-US: Dell EMC OpenManage Server Administrator
CVE-2019-3722 (Dell EMC OpenManage Server Administrator (OMSA) versions prior to 9.1. ...)
	NOT-FOR-US: Dell EMC OpenManage Server Administrator
CVE-2019-3721 (Dell EMC Open Manage System Administrator (OMSA) versions prior to 9.3 ...)
	NOT-FOR-US: Dell
CVE-2019-3720 (Dell EMC Open Manage System Administrator (OMSA) versions prior to 9.3 ...)
	NOT-FOR-US: Dell
CVE-2019-3719 (Dell SupportAssist Client versions prior to 3.2.0.90 contain a remote  ...)
	NOT-FOR-US: Dell
CVE-2019-3718 (Dell SupportAssist Client versions prior to 3.2.0.90 contain an improp ...)
	NOT-FOR-US: Dell
CVE-2019-3717 (Select Dell Client Commercial and Consumer platforms contain an Improp ...)
	NOT-FOR-US: Select Dell Client Commercial and Consumer platforms
CVE-2019-3716 (RSA Archer versions, prior to 6.5 SP2, contain an information exposure ...)
	NOT-FOR-US: RSA
CVE-2019-3715 (RSA Archer versions, prior to 6.5 SP1, contain an information exposure ...)
	NOT-FOR-US: RSA
CVE-2019-3714
	RESERVED
CVE-2019-3713
	RESERVED
CVE-2019-3712 (Dell WES Wyse Device Agent versions prior to 14.1.2.9 and Dell Wyse Th ...)
	NOT-FOR-US: Dell
CVE-2019-3711 (RSA Authentication Manager versions prior to 8.4 P1 contain an Insecur ...)
	NOT-FOR-US: RSA
CVE-2019-3710 (Dell EMC Networking OS10 versions prior to 10.4.3 contain a cryptograp ...)
	NOT-FOR-US: Dell Networking OS10
CVE-2019-3709 (IsilonSD Management Server 1.1.0 contains a cross-site scripting vulne ...)
	NOT-FOR-US: IsilonSD Management Server
CVE-2019-3708 (IsilonSD Management Server 1.1.0 contains a cross-site scripting vulne ...)
	NOT-FOR-US: IsilonSD Management Server
CVE-2019-3707 (Dell EMC iDRAC9 versions prior to 3.30.30.30 contain an authentication ...)
	NOT-FOR-US: EMC
CVE-2019-3706 (Dell EMC iDRAC9 versions prior to 3.24.24.24, 3.21.26.22, 3.22.22.22 a ...)
	NOT-FOR-US: EMC
CVE-2019-3705 (Dell EMC iDRAC6 versions prior to 2.92, iDRAC7/iDRAC8 versions prior t ...)
	NOT-FOR-US: EMC
CVE-2019-3704 (VNX Control Station in Dell EMC VNX2 OE for File versions prior to 8.1 ...)
	NOT-FOR-US: EMC
CVE-2019-3703
	RESERVED
CVE-2019-3702 (A Remote Code Execution issue in the DNS Query Web UI in Lifesize Icon ...)
	NOT-FOR-US: Lifesize
CVE-2019-3701 (An issue was discovered in can_can_gw_rcv in net/can/gw.c in the Linux ...)
	{DLA-1771-1 DLA-1731-1}
	- linux 4.19.20-1 (unimportant)
	[stretch] - linux 4.9.161-1
	NOTE: https://bugzilla.suse.com/show_bug.cgi?id=1120386
	NOTE: https://marc.info/?l=linux-netdev&m=154651842302479&w=2
CVE-2019-3700 (yast2-security didn't use secure defaults to protect passwords. This b ...)
	NOT-FOR-US: yast2
CVE-2019-3699 (UNIX Symbolic Link (Symlink) Following vulnerability in the packaging  ...)
	NOT-FOR-US: SUSE-specific privoxy issue
CVE-2019-3698 (UNIX Symbolic Link (Symlink) Following vulnerability in the cronjob sh ...)
	NOT-FOR-US: SUSE-specific Nagios issue
CVE-2019-3697 (UNIX Symbolic Link (Symlink) Following vulnerability in the packaging  ...)
	NOT-FOR-US: SuSE-specific issue in gnump3d (removed for a decade from Debian)
CVE-2019-3696 (A Improper Limitation of a Pathname to a Restricted Directory vulnerab ...)
	NOT-FOR-US: SAP
CVE-2019-3695 (A Improper Control of Generation of Code vulnerability in the packagin ...)
	NOT-FOR-US: SAP
CVE-2019-3694 (A Symbolic Link (Symlink) Following vulnerability in the packaging of  ...)
	NOT-FOR-US: SuSE packaging of munin
CVE-2019-3693 (A symlink following vulnerability in the packaging of mailman in SUSE  ...)
	NOT-FOR-US: SuSE packaging of mailman
CVE-2019-3692 (The packaging of inn on SUSE Linux Enterprise Server 11; openSUSE Fact ...)
	NOT-FOR-US: SUSE packaging of inn
CVE-2019-3691 (A Symbolic Link (Symlink) Following vulnerability in the packaging of  ...)
	NOT-FOR-US: SUSE packaging of munge
CVE-2019-3690 (The chkstat tool in the permissions package followed symlinks before c ...)
	NOT-FOR-US: SuSE-specific tool
CVE-2019-3689 (The nfs-utils package in SUSE Linux Enterprise Server 12 before and in ...)
	{DLA-1965-1}
	- nfs-utils 1:1.3.4-3 (bug #940848)
	[buster] - nfs-utils <no-dsa> (Minor issue)
	[stretch] - nfs-utils <no-dsa> (Minor issue)
	NOTE: https://git.linux-nfs.org/?p=steved/nfs-utils.git;a=commitdiff;h=fee2cc29e888f2ced6a76990923aef19d326dc0e
CVE-2019-3688 (The /usr/sbin/pinger binary packaged with squid in SUSE Linux Enterpri ...)
	- squid <not-affected> (/usr/lib/squid/pinger permissions are root:root)
	- squid3 <not-affected> (/usr/lib/squid/pinger permissions are root:root)
CVE-2019-3687 (The permission package in SUSE Linux Enterprise Server allowed all loc ...)
	NOT-FOR-US: SuSE
CVE-2019-3686 (openQA before commit c172e8883d8f32fced5e02f9b6faaacc913df27b was vuln ...)
	- openqa <itp> (bug #840253)
CVE-2019-3685 (Open Build Service before version 0.165.4 diddn't validate TLS certifi ...)
	- osc <not-affected> (Affects 0.165.x only, bug #941667)
CVE-2019-3684 (SUSE Manager until version 4.0.7 and Uyuni until commit 1b426ad5ed0a71 ...)
	NOT-FOR-US: SUSE Manager
CVE-2019-3683 (The keystone-json-assignment package in SUSE Openstack Cloud 8 before  ...)
	NOT-FOR-US: SuSE Openstack Cloud
CVE-2019-3682 (The docker-kubic package in SUSE CaaS Platform 3.0 before 17.09.1_ce-7 ...)
	NOT-FOR-US: SuSE
CVE-2019-3681
	RESERVED
CVE-2019-3680
	RESERVED
CVE-2019-3679
	RESERVED
CVE-2019-3678
	RESERVED
CVE-2019-3677
	RESERVED
CVE-2019-3676
	RESERVED
CVE-2019-3675
	RESERVED
CVE-2019-3674
	RESERVED
CVE-2019-3673
	RESERVED
CVE-2019-3672
	RESERVED
CVE-2019-3671
	RESERVED
CVE-2019-3670 (Remote Code Execution vulnerability in the web interface in McAfee Web ...)
	NOT-FOR-US: McAfee
CVE-2019-3669
	RESERVED
CVE-2019-3668
	RESERVED
CVE-2019-3667 (DLL Search Order Hijacking vulnerability in the Microsoft Windows clie ...)
	NOT-FOR-US: McAfee
CVE-2019-3666 (API Abuse/Misuse vulnerability in the web interface in McAfee Web Advi ...)
	NOT-FOR-US: McAfee
CVE-2019-3665 (Code Injection vulnerability in the web interface in McAfee Web Adviso ...)
	NOT-FOR-US: McAfee
CVE-2019-3664
	RESERVED
CVE-2019-3663 (Unprotected Storage of Credentials vulnerability in McAfee Advanced Th ...)
	NOT-FOR-US: McAfee
CVE-2019-3662 (Path Traversal: '/absolute/pathname/here' vulnerability in McAfee Adva ...)
	NOT-FOR-US: McAfee
CVE-2019-3661 (Improper Neutralization of Special Elements used in an SQL Command ('S ...)
	NOT-FOR-US: McAfee
CVE-2019-3660 (Improper Neutralization of HTTP requests in McAfee Advanced Threat Def ...)
	NOT-FOR-US: McAfee
CVE-2019-3659
	RESERVED
CVE-2019-3658
	RESERVED
CVE-2019-3657
	RESERVED
CVE-2019-3656
	RESERVED
CVE-2019-3655
	RESERVED
CVE-2019-3654 (Authentication Bypass vulnerability in the Microsoft Windows client in ...)
	NOT-FOR-US: McAfee
CVE-2019-3653 (Improper access control vulnerability in Configuration tool in McAfee  ...)
	NOT-FOR-US: McAfee Endpoint Security (ENS)
CVE-2019-3652 (Code Injection vulnerability in EPSetup.exe in McAfee Endpoint Securit ...)
	NOT-FOR-US: McAfee Endpoint Security (ENS)
CVE-2019-3651 (Information Disclosure vulnerability in McAfee Advanced Threat Defense ...)
	NOT-FOR-US: McAfee
CVE-2019-3650 (Information Disclosure vulnerability in McAfee Advanced Threat Defense ...)
	NOT-FOR-US: McAfee
CVE-2019-3649 (Information Disclosure vulnerability in McAfee Advanced Threat Defense ...)
	NOT-FOR-US: McAfee
CVE-2019-3648 (A Privilege Escalation vulnerability in the Microsoft Windows client i ...)
	NOT-FOR-US: McAfee Total Protection
CVE-2019-3647
	RESERVED
CVE-2019-3646 (DLL Search Order Hijacking vulnerability in Microsoft Windows client i ...)
	NOT-FOR-US: McAfee
CVE-2019-3645
	RESERVED
CVE-2019-3644 (McAfee Web Gateway (MWG) earlier than 7.8.2.13 is vulnerable to a remo ...)
	NOT-FOR-US: McAfee
CVE-2019-3643 (McAfee Web Gateway (MWG) earlier than 7.8.2.13 is vulnerable to a remo ...)
	NOT-FOR-US: McAfee
CVE-2019-3642
	RESERVED
CVE-2019-3641 (Abuse of Authorization vulnerability in APIs exposed by TIE server in  ...)
	NOT-FOR-US: McAfee
CVE-2019-3640 (Unprotected Transport of Credentials in ePO extension in McAfee Data L ...)
	NOT-FOR-US: McAfee
CVE-2019-3639 (Clickjack vulnerability in Adminstrator web console in McAfee Web Gate ...)
	NOT-FOR-US: McAfee
CVE-2019-3638 (Reflected Cross Site Scripting vulnerability in Administrators web con ...)
	NOT-FOR-US: McAfee
CVE-2019-3637 (Privilege Escalation vulnerability in McAfee FRP 5.x prior to 5.1.0.20 ...)
	NOT-FOR-US: McAfee
CVE-2019-3636 (A File Masquerade vulnerability in McAfee Total Protection (MTP) versi ...)
	NOT-FOR-US: McAfee
CVE-2019-3635 (Exfiltration of Data in McAfee Web Gateway (MWG) 7.8.2.x prior to 7.8. ...)
	NOT-FOR-US: McAfee
CVE-2019-3634 (Buffer overflow in McAfee Data Loss Prevention (DLPe) for Windows 11.x ...)
	NOT-FOR-US: McAfee
CVE-2019-3633 (Buffer overflow in McAfee Data Loss Prevention (DLPe) for Windows 11.x ...)
	NOT-FOR-US: McAfee
CVE-2019-3632 (Directory Traversal vulnerability in McAfee Enterprise Security Manage ...)
	NOT-FOR-US: McAfee
CVE-2019-3631 (Command Injection vulnerability in McAfee Enterprise Security Manager  ...)
	NOT-FOR-US: McAfee
CVE-2019-3630 (Command Injection vulnerability in McAfee Enterprise Security Manager  ...)
	NOT-FOR-US: McAfee
CVE-2019-3629 (Application protection bypass vulnerability in McAfee Enterprise Secur ...)
	NOT-FOR-US: McAfee
CVE-2019-3628 (Privilege escalation in McAfee Enterprise Security Manager (ESM) 11.x  ...)
	NOT-FOR-US: McAfee
CVE-2019-3627
	RESERVED
CVE-2019-3626
	RESERVED
CVE-2019-3625
	RESERVED
CVE-2019-3624
	RESERVED
CVE-2019-3623
	RESERVED
CVE-2019-3622 (Files or Directories Accessible to External Parties in McAfee Data Los ...)
	NOT-FOR-US: McAfee
CVE-2019-3621 (Authentication protection bypass vulnerability in McAfee Data Loss Pre ...)
	NOT-FOR-US: McAfee
CVE-2019-3620
	RESERVED
CVE-2019-3619 (Information Disclosure vulnerability in the Agent Handler in McAfee eP ...)
	NOT-FOR-US: McAfee
CVE-2019-3618
	RESERVED
CVE-2019-3617
	RESERVED
CVE-2019-3616
	RESERVED
CVE-2019-3615 (Data Leakage Attacks vulnerability in the web interface in McAfee Data ...)
	NOT-FOR-US: McAfee
CVE-2019-3614
	RESERVED
CVE-2019-3613
	RESERVED
CVE-2019-3612 (Information Disclosure vulnerability in McAfee DXL Platform and TIE Se ...)
	NOT-FOR-US: McAFee
CVE-2019-3611
	RESERVED
CVE-2019-3610 (Data Leakage Attacks vulnerability in Microsoft Windows client in McAf ...)
	NOT-FOR-US: McAfee True Key
CVE-2019-3609
	RESERVED
CVE-2019-3608
	RESERVED
CVE-2019-3607
	RESERVED
CVE-2019-3606 (Data Leakage Attacks vulnerability in the web portal component when in ...)
	NOT-FOR-US: McAfee
CVE-2019-3605
	RESERVED
CVE-2019-3604 (Cross-Site Request Forgery (CSRF) vulnerability in McAfee ePO (legacy) ...)
	NOT-FOR-US: McAfee
CVE-2019-3603
	RESERVED
CVE-2019-3602 (Cross Site Scripting (XSS) vulnerability in McAfee Network Security Ma ...)
	NOT-FOR-US: McAfee
CVE-2019-3601
	RESERVED
CVE-2019-3600
	RESERVED
CVE-2019-3599 (Information Disclosure vulnerability in Remote logging (which is disab ...)
	NOT-FOR-US: McAfee Agent
CVE-2019-3598 (Buffer Access with Incorrect Length Value in McAfee Agent (MA) 5.x all ...)
	NOT-FOR-US: McAfee Agent
CVE-2019-3597 (Authentication Bypass vulnerability in McAfee Network Security Manager ...)
	NOT-FOR-US: McAfee
CVE-2019-3596
	RESERVED
CVE-2019-3595 (Improper Neutralization of Special Elements used in a Command ('Comman ...)
	NOT-FOR-US: McAfee
CVE-2019-3594
	RESERVED
CVE-2019-3593 (Exploitation of Privilege/Trust vulnerability in Microsoft Windows cli ...)
	NOT-FOR-US: McAfee
CVE-2019-3592 (Privilege escalation vulnerability in McAfee Agent (MA) before 5.6.1 H ...)
	NOT-FOR-US: McAfee
CVE-2019-3591 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
	NOT-FOR-US: McAfee
CVE-2019-3590
	RESERVED
CVE-2019-3589
	RESERVED
CVE-2019-3588
	RESERVED
CVE-2019-3587 (DLL Search Order Hijacking vulnerability in Microsoft Windows client i ...)
	NOT-FOR-US: McAfee
CVE-2019-3586 (Protection Mechanism Failure in the Firewall in McAfee Endpoint Securi ...)
	NOT-FOR-US: McAfee
CVE-2019-3585
	RESERVED
CVE-2019-3584 (Exploitation of Authentication vulnerability in MVision Endpoint in Mc ...)
	NOT-FOR-US: McAfee
CVE-2019-3583
	RESERVED
CVE-2019-3582 (Privilege Escalation vulnerability in Microsoft Windows client in McAf ...)
	NOT-FOR-US: McAfee
CVE-2019-3581 (Improper input validation in the proxy component of McAfee Web Gateway ...)
	NOT-FOR-US: McAfee
CVE-2019-3580 (OpenRefine through 3.1 allows arbitrary file write because Directory T ...)
	NOT-FOR-US: OpenRefine
CVE-2019-3579 (MyBB 1.8.19 allows remote attackers to obtain sensitive information be ...)
	NOT-FOR-US: MyBB
CVE-2019-3578 (MyBB 1.8.19 has XSS in the resetpassword function. ...)
	NOT-FOR-US: MyBB
CVE-2019-3577 (An issue was discovered in Waimai Super Cms 20150505. web/Lib/Action/P ...)
	NOT-FOR-US: Waimai Super Cms
CVE-2019-3576 (inxedu through 2018-12-24 has a SQL Injection vulnerability that can l ...)
	NOT-FOR-US: inxedu
CVE-2019-3575 (Sqla_yaml_fixtures 0.9.1 allows local users to execute arbitrary pytho ...)
	NOT-FOR-US: Sqla_yaml_fixtures
CVE-2019-3574 (In libsixel v1.8.2, there is a heap-based buffer over-read in the func ...)
	- libsixel 1.8.2-2 (low; bug #922460)
	[buster] - libsixel 1.8.2-1+deb10u1
	[stretch] - libsixel 1.5.2-2+deb9u1
	[jessie] - libsixel <no-dsa> (Minor issue)
	NOTE: https://github.com/saitoha/libsixel/issues/83
CVE-2019-3573 (In libsixel v1.8.2, there is an infinite loop in the function sixel_de ...)
	- libsixel 1.8.2-2 (low; bug #922460)
	[buster] - libsixel 1.8.2-1+deb10u1
	[stretch] - libsixel 1.5.2-2+deb9u1
	[jessie] - libsixel <postponed> (Minor issue)
	NOTE: https://github.com/saitoha/libsixel/issues/83
CVE-2019-3572 (An issue was discovered in libming 0.4.8. There is a heap-based buffer ...)
	- ming <removed>
	NOTE: https://github.com/libming/libming/issues/169
CVE-2019-3571 (An input validation issue affected WhatsApp Desktop versions prior to  ...)
	NOT-FOR-US: WhatsApp Desktop
CVE-2019-3570 (Call to the scrypt_enc() function in HHVM can lead to heap corruption  ...)
	- hhvm <removed>
	NOTE: https://hhvm.com/blog/2019/06/10/hhvm-4.9.0.html
CVE-2019-3569 (HHVM, when used with FastCGI, would bind by default to all available i ...)
	- hhvm <removed>
	NOTE: https://hhvm.com/blog/2019/06/10/hhvm-4.9.0.html
CVE-2019-3568 (A buffer overflow vulnerability in WhatsApp VOIP stack allowed remote  ...)
	NOT-FOR-US: Whatsapp
CVE-2019-3567 (In some configurations an attacker can inject a new executable path in ...)
	NOT-FOR-US: osquery
CVE-2019-3566 (A bug in WhatsApp for Android's messaging logic would potentially allo ...)
	NOT-FOR-US: WhatsApp for Android
CVE-2019-3565 (Legacy C++ Facebook Thrift servers (using cpp instead of cpp2) would n ...)
	NOT-FOR-US: Thrift servers
CVE-2019-3564 (Go Facebook Thrift servers would not error upon receiving messages wit ...)
	NOT-FOR-US: Thrift servers
CVE-2019-3563 (Wangle's LineBasedFrameDecoder contains logic for identifying newlines ...)
	NOT-FOR-US: Facebook Wangle
CVE-2019-3562 (A remote web page could inject arbitrary HTML code into the Oculus Bro ...)
	NOT-FOR-US: Oculus Browser UI
CVE-2019-3561 (Insufficient boundary checks for the strrpos and strripos functions al ...)
	- hhvm <removed>
CVE-2019-3560 (An improperly performed length calculation on a buffer in PlaintextRec ...)
	NOT-FOR-US: Fizz
CVE-2019-3559 (Java Facebook Thrift servers would not error upon receiving messages w ...)
	NOT-FOR-US: Thrift servers
CVE-2019-3558 (Python Facebook Thrift servers would not error upon receiving messages ...)
	NOT-FOR-US: Thrift servers
CVE-2019-3557 (The implementations of streams for bz2 and php://output improperly imp ...)
	- hhvm <removed>
CVE-2019-3556
	RESERVED
CVE-2019-3555
	RESERVED
CVE-2019-3554 (Wangle's AcceptRoutingHandler incorrectly casts a socket when acceptin ...)
	NOT-FOR-US: Facebook Wangle
CVE-2019-3553 (C++ Facebook Thrift servers would not error upon receiving messages de ...)
	NOT-FOR-US: Thrift servers
CVE-2019-3552 (C++ Facebook Thrift servers (using cpp2) would not error upon receivin ...)
	NOT-FOR-US: Thrift servers
CVE-2019-3551
	RESERVED
CVE-2019-3550
	RESERVED
CVE-2019-3549
	RESERVED
CVE-2019-3548
	RESERVED
CVE-2019-3547
	RESERVED
CVE-2019-3546
	RESERVED
CVE-2019-3545
	RESERVED
CVE-2019-3544
	RESERVED
CVE-2019-3543
	RESERVED
CVE-2019-3542
	RESERVED
CVE-2019-3541
	RESERVED
CVE-2019-3540
	RESERVED
CVE-2019-3539
	RESERVED
CVE-2019-3538
	RESERVED
CVE-2019-3537
	RESERVED
CVE-2019-3536
	RESERVED
CVE-2019-3535
	RESERVED
CVE-2019-3534
	RESERVED
CVE-2019-3533
	RESERVED
CVE-2019-3532
	RESERVED
CVE-2019-3531
	RESERVED
CVE-2019-3530
	RESERVED
CVE-2019-3529
	RESERVED
CVE-2019-3528
	RESERVED
CVE-2019-3527
	RESERVED
CVE-2019-3526
	RESERVED
CVE-2019-3525
	RESERVED
CVE-2019-3524
	RESERVED
CVE-2019-3523
	RESERVED
CVE-2019-3522
	RESERVED
CVE-2019-3521
	RESERVED
CVE-2019-3520
	RESERVED
CVE-2019-3519
	RESERVED
CVE-2019-3518
	RESERVED
CVE-2019-3517
	RESERVED
CVE-2019-3516
	RESERVED
CVE-2019-3515
	RESERVED
CVE-2019-3514
	RESERVED
CVE-2019-3513
	RESERVED
CVE-2019-3512
	RESERVED
CVE-2019-3511
	RESERVED
CVE-2019-3510
	RESERVED
CVE-2019-3509
	RESERVED
CVE-2019-3508
	RESERVED
CVE-2019-3507
	RESERVED
CVE-2019-3506
	RESERVED
CVE-2019-3505
	RESERVED
CVE-2019-3504
	RESERVED
CVE-2019-3503
	RESERVED
CVE-2019-3502
	RESERVED
CVE-2019-3501 (The OUGC Awards plugin before 1.8.19 for MyBB allows XSS via a crafted ...)
	NOT-FOR-US: OUGC Awards plugin for MyBB
CVE-2019-3500 (aria2c in aria2 1.33.1, when --log is used, can store an HTTP Basic Au ...)
	{DLA-1636-1}
	- aria2 1.34.0-4 (low; bug #918058)
	[stretch] - aria2 <no-dsa> (Minor issue)
	NOTE: https://github.com/aria2/aria2/issues/1329
	NOTE: Masking of all authorization and cookie header fields (but not userinfo in URL):
	NOTE: https://github.com/aria2/aria2/commit/37368130ca7de5491a75fd18a20c5c5cc641824a
CVE-2019-3499
	RESERVED
CVE-2019-3498 (In Django 1.11.x before 1.11.18, 2.0.x before 2.0.10, and 2.1.x before ...)
	{DSA-4363-1 DLA-1629-1}
	- python-django 1:1.11.18-1 (bug #918230)
	NOTE: https://www.djangoproject.com/weblog/2019/jan/04/security-releases/
	NOTE: https://github.com/django/django/commit/1cd00fcf52d089ef0fe03beabd05d59df8ea052a (1.11.x)
	NOTE: https://github.com/django/django/commit/64d2396e83aedba3fcc84ca40f23fbd22f0b9b5b (2.1.x)
CVE-2019-3497 (An issue was discovered on Wifi-soft UniBox controller 0.x through 2.x ...)
	NOT-FOR-US: Wifi-soft UniBox controller devices
CVE-2019-3496 (An issue was discovered on Wifi-soft UniBox controller 3.x devices. Th ...)
	NOT-FOR-US: Wifi-soft UniBox controller devices
CVE-2019-3495 (An issue was discovered on Wifi-soft UniBox controller 0.x through 2.x ...)
	NOT-FOR-US: Wifi-soft UniBox controller devices
CVE-2019-3494 (Simply-Blog through 2019-01-01 has SQL Injection via the admin/deleteC ...)
	NOT-FOR-US: Simply-Blog
CVE-2019-3493 (A potential security vulnerability has been identified in Micro Focus  ...)
	NOT-FOR-US: Micro Focus
CVE-2019-3492
	RESERVED
CVE-2019-3491
	RESERVED
CVE-2019-3490 (A DOM based XSS vulnerability has been identified in the Netstorage co ...)
	NOT-FOR-US: Micro Focus Netstorage
CVE-2019-3489 (An unauthenticated file upload vulnerability has been identified in th ...)
	NOT-FOR-US: Micro Focus Content Manager
CVE-2019-3488
	RESERVED
CVE-2019-3487
	RESERVED
CVE-2019-3486 (Mitigates a stored cross site scripting issue in ArcSight Security Man ...)
	NOT-FOR-US: ArcSight Security Management Center
CVE-2019-3485 (Mitigates a stored cross site scripting issue in ArcSight Logger versi ...)
	NOT-FOR-US: ArcSight Logger
CVE-2019-3484 (Mitigates a remote code execution issue in ArcSight Logger versions pr ...)
	NOT-FOR-US: ArcSight Logger
CVE-2019-3483 (Mitigates a potential information leakage issue in ArcSight Logger ver ...)
	NOT-FOR-US: ArcSight Logger
CVE-2019-3482 (Mitigates a directory traversal issue in ArcSight Logger versions prio ...)
	NOT-FOR-US: ArcSight Logger
CVE-2019-3481 (Mitigates a XML External Entity Parsing issue in ArcSight Logger versi ...)
	NOT-FOR-US: ArcSight Logger
CVE-2019-3480 (Mitigates a stored/reflected XSS issue in ArcSight Logger versions pri ...)
	NOT-FOR-US: ArcSight Logger
CVE-2019-3479 (Mitigates a potential remote code execution issue in ArcSight Logger v ...)
	NOT-FOR-US: ArcSight Logger
CVE-2019-3478
	RESERVED
CVE-2019-3477 (Micro Focus Solution Business Manager versions prior to 11.4.2 is susc ...)
	NOT-FOR-US: Micro Focus Solution Business Manager
CVE-2019-3476 (Remote arbitrary code execution in Micro Focus Data Protector, version ...)
	NOT-FOR-US: Micro Focus Data Protector
CVE-2019-3475 (A local privilege escalation vulnerability in the famtd component of M ...)
	NOT-FOR-US: Micro Focus Filr
CVE-2019-3474 (A path traversal vulnerability in the web application component of Mic ...)
	NOT-FOR-US: Micro Focus Filr
CVE-2019-3473
	REJECTED
CVE-2019-3472
	REJECTED
CVE-2019-3471
	REJECTED
CVE-2019-3470
	REJECTED
CVE-2019-3469
	REJECTED
CVE-2019-3468
	REJECTED
CVE-2019-3466 (The pg_ctlcluster script in postgresql-common in versions prior to 210 ...)
	{DSA-4568-1 DLA-1994-1}
	- postgresql-common 210
	NOTE: https://salsa.debian.org/postgresql/postgresql-common/commit/ec9d984b62ed79f61be97b786a9ff4381309979c
	NOTE: https://blog.mirch.io/2019/11/15/cve-2019-3466-debian-ubuntu-pg_ctlcluster-privilege-escalation/
CVE-2019-3465 (Rob Richards XmlSecLibs, all versions prior to v3.0.3, as used for exa ...)
	{DSA-4560-1 DLA-1983-1}
	- simplesamlphp 1.17.6-2 (bug #944107)
	NOTE: https://groups.google.com/forum/#!msg/simplesamlphp-announce/2odMqz63z7k/6zQQeM91EwAJ
	NOTE: https://simplesamlphp.org/security/201911-01
CVE-2019-3464 (Insufficient sanitization of environment variables passed to rsync can ...)
	{DSA-4382-1 DLA-1660-1}
	- rssh 2.3.4-10
CVE-2019-3463 (Insufficient sanitization of arguments passed to rsync can bypass the  ...)
	{DSA-4382-1 DLA-1660-1}
	- rssh 2.3.4-10
CVE-2019-3462 (Incorrect sanitation of the 302 redirect field in HTTP transport metho ...)
	{DSA-4371-1 DLA-1637-1}
	- apt 1.8.0~alpha3.1
	NOTE: https://bugs.launchpad.net/ubuntu/+source/apt/+bug/1812353
	NOTE: https://justi.cz/security/2019/01/22/apt-rce.html
CVE-2019-3461 (Debian tmpreaper version 1.6.13+nmu1 has a race condition when doing a ...)
	{DSA-4365-1 DLA-1640-1}
	- tmpreaper 1.6.14 (bug #918956)
CVE-2019-3460 (A heap data infoleak in multiple locations including L2CAP_PARSE_CONF_ ...)
	{DLA-1799-1 DLA-1771-1}
	- linux 4.19.37-1
	[stretch] - linux 4.9.168-1
	NOTE: https://lore.kernel.org/linux-bluetooth/20190110062917.GB15047@kroah.com/
	NOTE: https://git.kernel.org/linus/af3d5d1c87664a4f150fcf3534c6567cb19909b0
CVE-2019-3459 (A heap address information leak while using L2CAP_GET_CONF_OPT was dis ...)
	{DLA-1799-1 DLA-1771-1}
	- linux 4.19.37-1
	[stretch] - linux 4.9.168-1
	NOTE: https://lore.kernel.org/linux-bluetooth/20190110062833.GA15047@kroah.com/
	NOTE: https://git.kernel.org/linus/7c9cbd0b5e38a1672fcd137894ace3b042dfbf69
CVE-2019-3458
	RESERVED
CVE-2019-3457
	RESERVED
CVE-2019-3456
	RESERVED
CVE-2019-3455
	RESERVED
CVE-2019-3454
	RESERVED
CVE-2019-3453
	RESERVED
CVE-2019-3452
	RESERVED
CVE-2019-3451
	RESERVED
CVE-2019-3450
	RESERVED
CVE-2019-3449
	RESERVED
CVE-2019-3448
	RESERVED
CVE-2019-3447
	RESERVED
CVE-2019-3446
	RESERVED
CVE-2019-3445
	RESERVED
CVE-2019-3444
	RESERVED
CVE-2019-3443
	RESERVED
CVE-2019-3442
	RESERVED
CVE-2019-3441
	RESERVED
CVE-2019-3440
	RESERVED
CVE-2019-3439
	RESERVED
CVE-2019-3438
	RESERVED
CVE-2019-3437
	RESERVED
CVE-2019-3436
	RESERVED
CVE-2019-3435
	RESERVED
CVE-2019-3434
	RESERVED
CVE-2019-3433
	RESERVED
CVE-2019-3432
	RESERVED
CVE-2019-3431 (All versions up to V4.01.01.02 of ZTE ZXCLOUD GoldenData VAP product h ...)
	NOT-FOR-US: ZTE
CVE-2019-3430 (All versions up to V4.01.01.02 of ZTE ZXCLOUD GoldenData VAP product h ...)
	NOT-FOR-US: ZTE
CVE-2019-3429 (All versions up to V4.01.01.02 of ZTE ZXCLOUD GoldenData VAP product h ...)
	NOT-FOR-US: ZTE
CVE-2019-3428 (The version V6.01.03.01 of ZTE ZXCDN IAMWEB product is impacted by a c ...)
	NOT-FOR-US: ZTE
CVE-2019-3427 (The version V6.01.03.01 of ZTE ZXCDN IAMWEB product is impacted by a c ...)
	NOT-FOR-US: ZTE
CVE-2019-3426 (The 9000EV5.0R1B12 version, and all earlier versions of ZTE product ZX ...)
	NOT-FOR-US: ZTE
CVE-2019-3425 (The 9000EV5.0R1B12 version, and all earlier versions of ZTE product ZX ...)
	NOT-FOR-US: ZTE
CVE-2019-3424 (authentication issues vulnerability, which exists in V2.1.14 and below ...)
	NOT-FOR-US: C520V21 smart camera devices
CVE-2019-3423 (permission and access control vulnerability, which exists in V2.1.14 a ...)
	NOT-FOR-US: C520V21 smart camera devices
CVE-2019-3422 (The Sec Consult Security Lab reported an information disclosure vulner ...)
	NOT-FOR-US: ZTE
CVE-2019-3421 (The 7520V3V1.0.0B09P27 version, and all earlier versions of ZTE produc ...)
	NOT-FOR-US: ZTE
CVE-2019-3420 (All versions up to V2.5.0_EG1T5_TED of ZTE ZXHN H108N product are impa ...)
	NOT-FOR-US: ZTE
CVE-2019-3419 (A security vulnerability exists in a management port in the version of ...)
	NOT-FOR-US: ZTE
CVE-2019-3418 (All versions up to V1.1.10P3T18 of ZTE ZXHN F670 product are impacted  ...)
	NOT-FOR-US: ZTE
CVE-2019-3417 (All versions up to V1.1.10P3T18 of ZTE ZXHN F670 product are impacted  ...)
	NOT-FOR-US: ZTE
CVE-2019-3416 (All versions up to V81511329.1008 of ZTE ZXV10 B860A products are impa ...)
	NOT-FOR-US: ZTE
CVE-2019-3415 (ZTE MW NR8000V2.4.4.03 and NR8000V2.4.4.04 are impacted by path traver ...)
	NOT-FOR-US: ZTE
CVE-2019-3414 (All versions up to V1.19.20.02 of ZTE OTCP product are impacted by XSS ...)
	NOT-FOR-US: ZTE
CVE-2019-3413 (All versions up to V20.18.40.R7.B1of ZTE NetNumen DAP product have an  ...)
	NOT-FOR-US: ZTE
CVE-2019-3412 (All versions up to BD_R218V2.4 of ZTE MF920 product are impacted by co ...)
	NOT-FOR-US: ZTE
CVE-2019-3411 (All versions up to BD_R218V2.4 of ZTE MF920 product are impacted by in ...)
	NOT-FOR-US: ZTE
CVE-2019-3410 (All versions up to UKBB_WF820+_1.0.0B06 of ZTE WF820+ LTE Outdoor CPE  ...)
	NOT-FOR-US: ZTE
CVE-2019-3409 (All versions up to UKBB_WF820+_1.0.0B06 of ZTE WF820+ LTE Outdoor CPE  ...)
	NOT-FOR-US: ZTE
CVE-2019-3408
	RESERVED
CVE-2019-3407
	RESERVED
CVE-2019-3406
	RESERVED
CVE-2019-3405
	RESERVED
CVE-2019-3404 (By adding some special fields to the uri ofrouter app function, the us ...)
	NOT-FOR-US: ofrouter
CVE-2019-3403 (The /rest/api/2/user/picker rest resource in Jira before version 7.13. ...)
	NOT-FOR-US: Atlassian Jira
CVE-2019-3402 (The ConfigurePortalPages.jspa resource in Jira before version 7.13.3 a ...)
	NOT-FOR-US: Atlassian Jira
CVE-2019-3401 (The ManageFilters.jspa resource in Jira before version 7.13.3 and from ...)
	NOT-FOR-US: Atlassian Jira
CVE-2019-3400 (The labels gadget in Jira before version 7.13.2, and from version 8.0. ...)
	NOT-FOR-US: Atlassian
CVE-2019-3399 (The BrowseProjects.jspa resource in Jira before version 7.13.2, and fr ...)
	NOT-FOR-US: Atlassian
CVE-2019-3398 (Confluence Server and Data Center had a path traversal vulnerability i ...)
	NOT-FOR-US: Confluence Server and Data Center
CVE-2019-3397 (Atlassian Bitbucket Data Center licensed instances starting with versi ...)
	NOT-FOR-US: Atlassian
CVE-2019-3396 (The Widget Connector macro in Atlassian Confluence Server before versi ...)
	NOT-FOR-US: Atlassian Confluence Server
CVE-2019-3395 (The WebDAV endpoint in Atlassian Confluence Server and Data Center bef ...)
	NOT-FOR-US: Atlassian Confluence Server
CVE-2019-3394 (There was a local file disclosure vulnerability in Confluence Server a ...)
	NOT-FOR-US: Confluence
CVE-2019-3393
	RESERVED
CVE-2019-3392
	RESERVED
CVE-2019-3391
	RESERVED
CVE-2019-3390
	RESERVED
CVE-2019-3389
	RESERVED
CVE-2019-3388
	RESERVED
CVE-2019-3387
	RESERVED
CVE-2019-3386
	RESERVED
CVE-2019-3385
	RESERVED
CVE-2019-3384
	RESERVED
CVE-2019-3383
	RESERVED
CVE-2019-3382
	RESERVED
CVE-2019-3381
	RESERVED
CVE-2019-3380
	RESERVED
CVE-2019-3379
	RESERVED
CVE-2019-3378
	RESERVED
CVE-2019-3377
	RESERVED
CVE-2019-3376
	RESERVED
CVE-2019-3375
	RESERVED
CVE-2019-3374
	RESERVED
CVE-2019-3373
	RESERVED
CVE-2019-3372
	RESERVED
CVE-2019-3371
	RESERVED
CVE-2019-3370
	RESERVED
CVE-2019-3369
	RESERVED
CVE-2019-3368
	RESERVED
CVE-2019-3367
	RESERVED
CVE-2019-3366
	RESERVED
CVE-2019-3365
	RESERVED
CVE-2019-3364
	RESERVED
CVE-2019-3363
	RESERVED
CVE-2019-3362
	RESERVED
CVE-2019-3361
	RESERVED
CVE-2019-3360
	RESERVED
CVE-2019-3359
	RESERVED
CVE-2019-3358
	RESERVED
CVE-2019-3357
	RESERVED
CVE-2019-3356
	RESERVED
CVE-2019-3355
	RESERVED
CVE-2019-3354
	RESERVED
CVE-2019-3353
	RESERVED
CVE-2019-3352
	RESERVED
CVE-2019-3351
	RESERVED
CVE-2019-3350
	RESERVED
CVE-2019-3349
	RESERVED
CVE-2019-3348
	RESERVED
CVE-2019-3347
	RESERVED
CVE-2019-3346
	RESERVED
CVE-2019-3345
	RESERVED
CVE-2019-3344
	RESERVED
CVE-2019-3343
	RESERVED
CVE-2019-3342
	RESERVED
CVE-2019-3341
	RESERVED
CVE-2019-3340
	RESERVED
CVE-2019-3339
	RESERVED
CVE-2019-3338
	RESERVED
CVE-2019-3337
	RESERVED
CVE-2019-3336
	RESERVED
CVE-2019-3335
	RESERVED
CVE-2019-3334
	RESERVED
CVE-2019-3333
	RESERVED
CVE-2019-3332
	RESERVED
CVE-2019-3331
	RESERVED
CVE-2019-3330
	RESERVED
CVE-2019-3329
	RESERVED
CVE-2019-3328
	RESERVED
CVE-2019-3327
	RESERVED
CVE-2019-3326
	RESERVED
CVE-2019-3325
	RESERVED
CVE-2019-3324
	RESERVED
CVE-2019-3323
	RESERVED
CVE-2019-3322
	RESERVED
CVE-2019-3321
	RESERVED
CVE-2019-3320
	RESERVED
CVE-2019-3319
	RESERVED
CVE-2019-3318
	RESERVED
CVE-2019-3317
	RESERVED
CVE-2019-3316
	RESERVED
CVE-2019-3315
	RESERVED
CVE-2019-3314
	RESERVED
CVE-2019-3313
	RESERVED
CVE-2019-3312
	RESERVED
CVE-2019-3311
	RESERVED
CVE-2019-3310
	RESERVED
CVE-2019-3309
	RESERVED
	- virtualbox 5.2.24-dfsg-1
	[jessie] - virtualbox <end-of-life> (DSA-3699-1)
CVE-2019-3308
	RESERVED
CVE-2019-3307
	RESERVED
CVE-2019-3306
	RESERVED
CVE-2019-3305
	RESERVED
CVE-2019-3304
	RESERVED
CVE-2019-3303
	RESERVED
CVE-2019-3302
	RESERVED
CVE-2019-3301
	RESERVED
CVE-2019-3300
	RESERVED
CVE-2019-3299
	RESERVED
CVE-2019-3298
	RESERVED
CVE-2019-3297
	RESERVED
CVE-2019-3296
	RESERVED
CVE-2019-3295
	RESERVED
CVE-2019-3294
	RESERVED
CVE-2019-3293
	RESERVED
CVE-2019-3292
	RESERVED
CVE-2019-3291
	RESERVED
CVE-2019-3290
	RESERVED
CVE-2019-3289
	RESERVED
CVE-2019-3288
	RESERVED
CVE-2019-3287
	RESERVED
CVE-2019-3286
	RESERVED
CVE-2019-3285
	RESERVED
CVE-2019-3284
	RESERVED
CVE-2019-3283
	RESERVED
CVE-2019-3282
	RESERVED
CVE-2019-3281
	RESERVED
CVE-2019-3280
	RESERVED
CVE-2019-3279
	RESERVED
CVE-2019-3278
	RESERVED
CVE-2019-3277
	RESERVED
CVE-2019-3276
	RESERVED
CVE-2019-3275
	RESERVED
CVE-2019-3274
	RESERVED
CVE-2019-3273
	RESERVED
CVE-2019-3272
	RESERVED
CVE-2019-3271
	RESERVED
CVE-2019-3270
	RESERVED
CVE-2019-3269
	RESERVED
CVE-2019-3268
	RESERVED
CVE-2019-3267
	RESERVED
CVE-2019-3266
	RESERVED
CVE-2019-3265
	RESERVED
CVE-2019-3264
	RESERVED
CVE-2019-3263
	RESERVED
CVE-2019-3262
	RESERVED
CVE-2019-3261
	RESERVED
CVE-2019-3260
	RESERVED
CVE-2019-3259
	RESERVED
CVE-2019-3258
	RESERVED
CVE-2019-3257
	RESERVED
CVE-2019-3256
	RESERVED
CVE-2019-3255
	RESERVED
CVE-2019-3254
	RESERVED
CVE-2019-3253
	RESERVED
CVE-2019-3252
	RESERVED
CVE-2019-3251
	RESERVED
CVE-2019-3250
	RESERVED
CVE-2019-3249
	RESERVED
CVE-2019-3248
	RESERVED
CVE-2019-3247
	RESERVED
CVE-2019-3246
	RESERVED
CVE-2019-3245
	RESERVED
CVE-2019-3244
	RESERVED
CVE-2019-3243
	RESERVED
CVE-2019-3242
	RESERVED
CVE-2019-3241
	RESERVED
CVE-2019-3240
	RESERVED
CVE-2019-3239
	RESERVED
CVE-2019-3238
	RESERVED
CVE-2019-3237
	RESERVED
CVE-2019-3236
	RESERVED
CVE-2019-3235
	RESERVED
CVE-2019-3234
	RESERVED
CVE-2019-3233
	RESERVED
CVE-2019-3232
	RESERVED
CVE-2019-3231
	RESERVED
CVE-2019-3230
	RESERVED
CVE-2019-3229
	RESERVED
CVE-2019-3228
	RESERVED
CVE-2019-3227
	RESERVED
CVE-2019-3226
	RESERVED
CVE-2019-3225
	RESERVED
CVE-2019-3224
	RESERVED
CVE-2019-3223
	RESERVED
CVE-2019-3222
	RESERVED
CVE-2019-3221
	RESERVED
CVE-2019-3220
	RESERVED
CVE-2019-3219
	RESERVED
CVE-2019-3218
	RESERVED
CVE-2019-3217
	RESERVED
CVE-2019-3216
	RESERVED
CVE-2019-3215
	RESERVED
CVE-2019-3214
	RESERVED
CVE-2019-3213
	RESERVED
CVE-2019-3212
	RESERVED
CVE-2019-3211
	RESERVED
CVE-2019-3210
	RESERVED
CVE-2019-3209
	RESERVED
CVE-2019-3208
	RESERVED
CVE-2019-3207
	RESERVED
CVE-2019-3206
	RESERVED
CVE-2019-3205
	RESERVED
CVE-2019-3204
	RESERVED
CVE-2019-3203
	RESERVED
CVE-2019-3202
	RESERVED
CVE-2019-3201
	RESERVED
CVE-2019-3200
	RESERVED
CVE-2019-3199
	RESERVED
CVE-2019-3198
	RESERVED
CVE-2019-3197
	RESERVED
CVE-2019-3196
	RESERVED
CVE-2019-3195
	RESERVED
CVE-2019-3194
	RESERVED
CVE-2019-3193
	RESERVED
CVE-2019-3192
	RESERVED
CVE-2019-3191
	RESERVED
CVE-2019-3190
	RESERVED
CVE-2019-3189
	RESERVED
CVE-2019-3188
	RESERVED
CVE-2019-3187
	RESERVED
CVE-2019-3186
	RESERVED
CVE-2019-3185
	RESERVED
CVE-2019-3184
	RESERVED
CVE-2019-3183
	RESERVED
CVE-2019-3182
	RESERVED
CVE-2019-3181
	RESERVED
CVE-2019-3180
	RESERVED
CVE-2019-3179
	RESERVED
CVE-2019-3178
	RESERVED
CVE-2019-3177
	RESERVED
CVE-2019-3176
	RESERVED
CVE-2019-3175
	RESERVED
CVE-2019-3174
	RESERVED
CVE-2019-3173
	RESERVED
CVE-2019-3172
	RESERVED
CVE-2019-3171
	RESERVED
CVE-2019-3170
	RESERVED
CVE-2019-3169
	RESERVED
CVE-2019-3168
	RESERVED
CVE-2019-3167
	RESERVED
CVE-2019-3166
	RESERVED
CVE-2019-3165
	RESERVED
CVE-2019-3164
	RESERVED
CVE-2019-3163
	RESERVED
CVE-2019-3162
	RESERVED
CVE-2019-3161
	RESERVED
CVE-2019-3160
	RESERVED
CVE-2019-3159
	RESERVED
CVE-2019-3158
	RESERVED
CVE-2019-3157
	RESERVED
CVE-2019-3156
	RESERVED
CVE-2019-3155
	RESERVED
CVE-2019-3154
	RESERVED
CVE-2019-3153
	RESERVED
CVE-2019-3152
	RESERVED
CVE-2019-3151
	RESERVED
CVE-2019-3150
	RESERVED
CVE-2019-3149
	RESERVED
CVE-2019-3148
	RESERVED
CVE-2019-3147
	RESERVED
CVE-2019-3146
	RESERVED
CVE-2019-3145
	RESERVED
CVE-2019-3144
	RESERVED
CVE-2019-3143
	RESERVED
CVE-2019-3142
	RESERVED
CVE-2019-3141
	RESERVED
CVE-2019-3140
	RESERVED
CVE-2019-3139
	RESERVED
CVE-2019-3138
	RESERVED
CVE-2019-3137
	RESERVED
CVE-2019-3136
	RESERVED
CVE-2019-3135
	RESERVED
CVE-2019-3134
	RESERVED
CVE-2019-3133
	RESERVED
CVE-2019-3132
	RESERVED
CVE-2019-3131
	RESERVED
CVE-2019-3130
	RESERVED
CVE-2019-3129
	RESERVED
CVE-2019-3128
	RESERVED
CVE-2019-3127
	RESERVED
CVE-2019-3126
	RESERVED
CVE-2019-3125
	RESERVED
CVE-2019-3124
	RESERVED
CVE-2019-3123
	RESERVED
CVE-2019-3122
	RESERVED
CVE-2019-3121
	RESERVED
CVE-2019-3120
	RESERVED
CVE-2019-3119
	RESERVED
CVE-2019-3118
	RESERVED
CVE-2019-3117
	RESERVED
CVE-2019-3116
	RESERVED
CVE-2019-3115
	RESERVED
CVE-2019-3114
	RESERVED
CVE-2019-3113
	RESERVED
CVE-2019-3112
	RESERVED
CVE-2019-3111
	RESERVED
CVE-2019-3110
	RESERVED
CVE-2019-3109
	RESERVED
CVE-2019-3108
	RESERVED
CVE-2019-3107
	RESERVED
CVE-2019-3106
	RESERVED
CVE-2019-3105
	RESERVED
CVE-2019-3104
	RESERVED
CVE-2019-3103
	RESERVED
CVE-2019-3102
	RESERVED
CVE-2019-3101
	RESERVED
CVE-2019-3100
	RESERVED
CVE-2019-3099
	RESERVED
CVE-2019-3098
	RESERVED
CVE-2019-3097
	RESERVED
CVE-2019-3096
	RESERVED
CVE-2019-3095
	RESERVED
CVE-2019-3094
	RESERVED
CVE-2019-3093
	RESERVED
CVE-2019-3092
	RESERVED
CVE-2019-3091
	RESERVED
CVE-2019-3090
	RESERVED
CVE-2019-3089
	RESERVED
CVE-2019-3088
	RESERVED
CVE-2019-3087
	RESERVED
CVE-2019-3086
	RESERVED
CVE-2019-3085
	RESERVED
CVE-2019-3084
	RESERVED
CVE-2019-3083
	RESERVED
CVE-2019-3082
	RESERVED
CVE-2019-3081
	RESERVED
CVE-2019-3080
	RESERVED
CVE-2019-3079
	RESERVED
CVE-2019-3078
	RESERVED
CVE-2019-3077
	RESERVED
CVE-2019-3076
	RESERVED
CVE-2019-3075
	RESERVED
CVE-2019-3074
	RESERVED
CVE-2019-3073
	RESERVED
CVE-2019-3072
	RESERVED
CVE-2019-3071
	RESERVED
CVE-2019-3070
	RESERVED
CVE-2019-3069
	RESERVED
CVE-2019-3068
	RESERVED
CVE-2019-3067
	RESERVED
CVE-2019-3066
	RESERVED
CVE-2019-3065
	RESERVED
CVE-2019-3064
	RESERVED
CVE-2019-3063
	RESERVED
CVE-2019-3062
	RESERVED
CVE-2019-3061
	RESERVED
CVE-2019-3060
	RESERVED
CVE-2019-3059
	RESERVED
CVE-2019-3058
	RESERVED
CVE-2019-3057
	RESERVED
CVE-2019-3056
	RESERVED
CVE-2019-3055
	RESERVED
CVE-2019-3054
	RESERVED
CVE-2019-3053
	RESERVED
CVE-2019-3052
	RESERVED
CVE-2019-3051
	RESERVED
CVE-2019-3050
	RESERVED
CVE-2019-3049
	RESERVED
CVE-2019-3048
	RESERVED
CVE-2019-3047
	RESERVED
CVE-2019-3046
	RESERVED
CVE-2019-3045
	RESERVED
CVE-2019-3044
	RESERVED
CVE-2019-3043
	RESERVED
CVE-2019-3042
	RESERVED
CVE-2019-3041
	RESERVED
CVE-2019-3040
	RESERVED
CVE-2019-3039
	RESERVED
CVE-2019-3038
	RESERVED
CVE-2019-3037
	RESERVED
CVE-2019-3036
	RESERVED
CVE-2019-3035
	RESERVED
CVE-2019-3034
	RESERVED
CVE-2019-3033
	RESERVED
CVE-2019-3032
	RESERVED
CVE-2019-3031 (Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualiza ...)
	- virtualbox 6.0.14-dfsg-1
	[jessie] - virtualbox <end-of-life> (DSA-3699-1)
CVE-2019-3030
	RESERVED
CVE-2019-3029
	RESERVED
CVE-2019-3028 (Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualiza ...)
	- virtualbox 6.0.14-dfsg-1
	[jessie] - virtualbox <end-of-life> (DSA-3699-1)
CVE-2019-3027 (Vulnerability in the Oracle Application Object Library product of Orac ...)
	NOT-FOR-US: Oracle
CVE-2019-3026 (Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualiza ...)
	- virtualbox 6.0.14-dfsg-1
	[jessie] - virtualbox <end-of-life> (DSA-3699-1)
CVE-2019-3025 (Vulnerability in the Oracle Hospitality RES 3700 component of Oracle F ...)
	NOT-FOR-US: Oracle
CVE-2019-3024 (Vulnerability in the Oracle Installed Base product of Oracle E-Busines ...)
	NOT-FOR-US: Oracle
CVE-2019-3023 (Vulnerability in the PeopleSoft Enterprise PeopleTools product of Orac ...)
	NOT-FOR-US: Oracle
CVE-2019-3022 (Vulnerability in the Oracle Content Manager product of Oracle E-Busine ...)
	NOT-FOR-US: Oracle
CVE-2019-3021 (Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualiza ...)
	- virtualbox 6.0.14-dfsg-1
	[jessie] - virtualbox <end-of-life> (DSA-3699-1)
CVE-2019-3020 (Vulnerability in the Primavera P6 Enterprise Project Portfolio Managem ...)
	NOT-FOR-US: Oracle
CVE-2019-3019 (Vulnerability in the Oracle Banking Digital Experience product of Orac ...)
	NOT-FOR-US: Oracle
CVE-2019-3018 (Vulnerability in the MySQL Server product of Oracle MySQL (component:  ...)
	- mysql-5.7 <not-affected> (Only affects MySQL 8)
CVE-2019-3017 (Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualiza ...)
	- virtualbox 6.0.14-dfsg-1
	[jessie] - virtualbox <end-of-life> (DSA-3699-1)
CVE-2019-3016 (In a Linux KVM guest that has PV TLB enabled, a process in the guest k ...)
	- linux 5.4.19-1
	[stretch] - linux <not-affected> (Vulnerability introduced later)
	[jessie] - linux <not-affected> (Vulnerability introduced later)
CVE-2019-3015 (Vulnerability in the PeopleSoft Enterprise PeopleTools product of Orac ...)
	NOT-FOR-US: Oracle
CVE-2019-3014 (Vulnerability in the PeopleSoft Enterprise PeopleTools product of Orac ...)
	NOT-FOR-US: Oracle
CVE-2019-3013
	RESERVED
CVE-2019-3012 (Vulnerability in the Oracle Business Intelligence Enterprise Edition p ...)
	NOT-FOR-US: Oracle
CVE-2019-3011 (Vulnerability in the MySQL Server product of Oracle MySQL (component:  ...)
	- mysql-5.7 <not-affected> (Only affects MySQL 8)
CVE-2019-3010 (Vulnerability in the Oracle Solaris product of Oracle Systems (compone ...)
	NOT-FOR-US: Oracle
CVE-2019-3009 (Vulnerability in the MySQL Server product of Oracle MySQL (component:  ...)
	- mysql-5.7 <not-affected> (Only affects MySQL 8)
CVE-2019-3008 (Vulnerability in the Oracle Solaris product of Oracle Systems (compone ...)
	NOT-FOR-US: Oracle
CVE-2019-3007
	RESERVED
CVE-2019-3006
	RESERVED
CVE-2019-3005 (Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualiza ...)
	- virtualbox 6.0.14-dfsg-1
	[jessie] - virtualbox <end-of-life> (DSA-3699-1)
CVE-2019-3004 (Vulnerability in the MySQL Server product of Oracle MySQL (component:  ...)
	- mysql-5.7 <not-affected> (Only affects MySQL 8)
CVE-2019-3003 (Vulnerability in the MySQL Server product of Oracle MySQL (component:  ...)
	- mysql-5.7 <not-affected> (Only affects MySQL 8)
CVE-2019-3002 (Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualiza ...)
	- virtualbox 6.0.14-dfsg-1
	[jessie] - virtualbox <end-of-life> (DSA-3699-1)
CVE-2019-3001 (Vulnerability in the PeopleSoft Enterprise SCM eProcurement product of ...)
	NOT-FOR-US: Oracle
CVE-2019-3000 (Vulnerability in the Oracle Marketing product of Oracle E-Business Sui ...)
	NOT-FOR-US: Oracle
CVE-2019-2999 (Vulnerability in the Java SE product of Oracle Java SE (component: Jav ...)
	{DSA-4548-1 DSA-4546-1 DLA-2023-1}
	- openjdk-11 11.0.5+10-1
	- openjdk-8 8u232-b09-1
	- openjdk-7 <removed>
CVE-2019-2998 (Vulnerability in the MySQL Server product of Oracle MySQL (component:  ...)
	- mysql-5.7 <not-affected> (Only affects MySQL 8)
CVE-2019-2997 (Vulnerability in the MySQL Server product of Oracle MySQL (component:  ...)
	- mysql-5.7 <not-affected> (Only affects MySQL 8)
CVE-2019-2996 (Vulnerability in the Java SE, Java SE Embedded product of Oracle Java  ...)
	- openjdk-8 <not-affected> (Deployment components not part of OpenJDK, only present in Oracle Java)
CVE-2019-2995 (Vulnerability in the Oracle Marketing product of Oracle E-Business Sui ...)
	NOT-FOR-US: Oracle
CVE-2019-2994 (Vulnerability in the Oracle Marketing product of Oracle E-Business Sui ...)
	NOT-FOR-US: Oracle
CVE-2019-2993 (Vulnerability in the MySQL Server product of Oracle MySQL (component:  ...)
	- mysql-5.7 <unfixed> (bug #942443)
	NOTE: https://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html#AppendixMSQL
CVE-2019-2992 (Vulnerability in the Java SE, Java SE Embedded product of Oracle Java  ...)
	{DSA-4548-1 DSA-4546-1 DLA-2023-1}
	- openjdk-11 11.0.5+10-1
	- openjdk-8 8u232-b09-1
	- openjdk-7 <removed>
CVE-2019-2991 (Vulnerability in the MySQL Server product of Oracle MySQL (component:  ...)
	- mysql-5.7 <not-affected> (Only affects MySQL 8)
CVE-2019-2990 (Vulnerability in the Oracle iStore product of Oracle E-Business Suite  ...)
	NOT-FOR-US: Oracle
CVE-2019-2989 (Vulnerability in the Java SE, Java SE Embedded product of Oracle Java  ...)
	{DSA-4548-1 DSA-4546-1 DLA-2023-1}
	- openjdk-11 11.0.5+10-1
	- openjdk-8 8u232-b09-1
	- openjdk-7 <removed>
CVE-2019-2988 (Vulnerability in the Java SE, Java SE Embedded product of Oracle Java  ...)
	{DSA-4548-1 DSA-4546-1 DLA-2023-1}
	- openjdk-11 11.0.5+10-1
	- openjdk-8 8u232-b09-1
	- openjdk-7 <removed>
CVE-2019-2987 (Vulnerability in the Java SE product of Oracle Java SE (component: 2D) ...)
	{DSA-4548-1 DSA-4546-1 DLA-2023-1}
	- openjdk-11 11.0.5+10-1
	- openjdk-8 8u232-b09-1
CVE-2019-2986 (Vulnerability in the Oracle GraalVM Enterprise Edition product of Orac ...)
	NOT-FOR-US: Oracle
CVE-2019-2985 (Vulnerability in the PeopleSoft Enterprise PeopleTools product of Orac ...)
	NOT-FOR-US: Oracle
CVE-2019-2984 (Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualiza ...)
	- virtualbox 6.0.14-dfsg-1
	[jessie] - virtualbox <end-of-life> (DSA-3699-1)
CVE-2019-2983 (Vulnerability in the Java SE, Java SE Embedded product of Oracle Java  ...)
	{DSA-4548-1 DSA-4546-1 DLA-2023-1}
	- openjdk-11 11.0.5+10-1
	- openjdk-8 8u232-b09-1
	- openjdk-7 <removed>
CVE-2019-2982 (Vulnerability in the MySQL Server product of Oracle MySQL (component:  ...)
	- mysql-5.7 <not-affected> (Only affects MySQL 8)
CVE-2019-2981 (Vulnerability in the Java SE, Java SE Embedded product of Oracle Java  ...)
	{DSA-4548-1 DSA-4546-1 DLA-2023-1}
	- openjdk-11 11.0.5+10-1
	- openjdk-8 8u232-b09-1
	- openjdk-7 <removed>
CVE-2019-2980 (Vulnerability in the Oracle FLEXCUBE Direct Banking product of Oracle  ...)
	NOT-FOR-US: Oracle
CVE-2019-2979 (Vulnerability in the Oracle FLEXCUBE Direct Banking product of Oracle  ...)
	NOT-FOR-US: Oracle
CVE-2019-2978 (Vulnerability in the Java SE, Java SE Embedded product of Oracle Java  ...)
	{DSA-4548-1 DSA-4546-1 DLA-2023-1}
	- openjdk-11 11.0.5+10-1
	- openjdk-8 8u232-b09-1
	- openjdk-7 <removed>
CVE-2019-2977 (Vulnerability in the Java SE product of Oracle Java SE (component: Hot ...)
	{DSA-4546-1}
	- openjdk-11 11.0.5+10-1
CVE-2019-2976 (Vulnerability in the Primavera P6 Enterprise Project Portfolio Managem ...)
	NOT-FOR-US: Oracle
CVE-2019-2975 (Vulnerability in the Java SE, Java SE Embedded product of Oracle Java  ...)
	{DSA-4548-1 DSA-4546-1}
	- openjdk-11 11.0.5+10-1
	- openjdk-8 8u232-b09-1
CVE-2019-2974 (Vulnerability in the MySQL Server product of Oracle MySQL (component:  ...)
	- mariadb-10.3 1:10.3.19-1
	[buster] - mariadb-10.3 1:10.3.22-0+deb10u1
	- mariadb-10.1 <removed>
	[stretch] - mariadb-10.1 10.1.44-0+deb9u1
	- mysql-5.7 <unfixed> (bug #942443)
	NOTE: https://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html#AppendixMSQL
	NOTE: MySQL: https://github.com/mysql/mysql-server/commit/52d9daf06478851548251ec2103cdc22178c48c4
	NOTE: MariaDB: https://github.com/MariaDB/server/commit/719ac0ad4af0dd1e20dbc94eff8f8c9f786b3393
	NOTE: Fixed in MariaDB: 10.3.19, 10.1.42
CVE-2019-2973 (Vulnerability in the Java SE, Java SE Embedded product of Oracle Java  ...)
	{DSA-4548-1 DSA-4546-1 DLA-2023-1}
	- openjdk-11 11.0.5+10-1
	- openjdk-8 8u232-b09-1
	- openjdk-7 <removed>
CVE-2019-2972 (Vulnerability in the Oracle Outside In Technology product of Oracle Fu ...)
	NOT-FOR-US: Oracle
CVE-2019-2971 (Vulnerability in the Oracle Outside In Technology product of Oracle Fu ...)
	NOT-FOR-US: Oracle
CVE-2019-2970 (Vulnerability in the Oracle Outside In Technology product of Oracle Fu ...)
	NOT-FOR-US: Oracle
CVE-2019-2969 (Vulnerability in the MySQL Server product of Oracle MySQL (component:  ...)
	- mysql-5.7 <unfixed> (bug #942443)
	NOTE: https://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html#AppendixMSQL
CVE-2019-2968 (Vulnerability in the MySQL Server product of Oracle MySQL (component:  ...)
	- mysql-5.7 <not-affected> (Only affects MySQL 8)
CVE-2019-2967 (Vulnerability in the MySQL Server product of Oracle MySQL (component:  ...)
	- mysql-5.7 <not-affected> (Only affects MySQL 8)
CVE-2019-2966 (Vulnerability in the MySQL Server product of Oracle MySQL (component:  ...)
	- mysql-5.7 <not-affected> (Only affects MySQL 8)
CVE-2019-2965 (Vulnerability in the Siebel Core - DB Deployment and Configuration pro ...)
	NOT-FOR-US: Oracle
CVE-2019-2964 (Vulnerability in the Java SE, Java SE Embedded product of Oracle Java  ...)
	{DSA-4548-1 DSA-4546-1 DLA-2023-1}
	- openjdk-11 11.0.5+10-1
	- openjdk-8 8u232-b09-1
	- openjdk-7 <removed>
CVE-2019-2963 (Vulnerability in the MySQL Server product of Oracle MySQL (component:  ...)
	- mysql-5.7 <not-affected> (Only affects MySQL 8)
CVE-2019-2962 (Vulnerability in the Java SE, Java SE Embedded product of Oracle Java  ...)
	{DSA-4548-1 DSA-4546-1 DLA-2023-1}
	- openjdk-11 11.0.5+10-1
	- openjdk-8 8u232-b09-1
	- openjdk-7 <removed>
CVE-2019-2961 (Vulnerability in the Oracle Solaris product of Oracle Systems (compone ...)
	NOT-FOR-US: Oracle
CVE-2019-2960 (Vulnerability in the MySQL Server product of Oracle MySQL (component:  ...)
	- mysql-5.7 <unfixed> (bug #942443)
	NOTE: https://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html#AppendixMSQL
CVE-2019-2959 (Vulnerability in the Hyperion Financial Reporting product of Oracle Hy ...)
	NOT-FOR-US: Oracle
CVE-2019-2958 (Vulnerability in the Java SE, Java SE Embedded product of Oracle Java  ...)
	{DLA-2023-1}
	- openjdk-11 <not-affected> (Apparently specific to Oracle Java)
	- openjdk-7 <not-affected> (Apparently specific to Oracle Java)
	- openjdk-8 <not-affected> (Apparently specific to Oracle Java)
CVE-2019-2957 (Vulnerability in the MySQL Server product of Oracle MySQL (component:  ...)
	- mysql-5.7 <not-affected> (Only affects MySQL 8)
CVE-2019-2956 (Vulnerability in the Core RDBMS (jackson-databind) component of Oracle ...)
	NOT-FOR-US: Oracle
CVE-2019-2955 (Vulnerability in the Core RDBMS component of Oracle Database Server. S ...)
	NOT-FOR-US: Oracle
CVE-2019-2954 (Vulnerability in the Core RDBMS component of Oracle Database Server. S ...)
	NOT-FOR-US: Oracle
CVE-2019-2953 (Vulnerability in the Oracle Hospitality Cruise Dining Room Management  ...)
	NOT-FOR-US: Oracle
CVE-2019-2952 (Vulnerability in the Oracle Hospitality Reporting and Analytics compon ...)
	NOT-FOR-US: Oracle
CVE-2019-2951 (Vulnerability in the PeopleSoft Enterprise HCM Human Resources product ...)
	NOT-FOR-US: Oracle
CVE-2019-2950 (Vulnerability in the MySQL Server product of Oracle MySQL (component:  ...)
	- mysql-5.7 <not-affected> (Only affects MySQL 8)
CVE-2019-2949 (Vulnerability in the Java SE, Java SE Embedded product of Oracle Java  ...)
	{DSA-4548-1 DSA-4546-1 DLA-2023-1}
	- openjdk-11 11.0.5+10-1
	- openjdk-8 8u232-b09-1
	- openjdk-7 <removed>
CVE-2019-2948 (Vulnerability in the MySQL Server product of Oracle MySQL (component:  ...)
	- mysql-5.7 <unfixed> (bug #942443)
	NOTE: https://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html#AppendixMSQL
CVE-2019-2947 (Vulnerability in the Oracle Hospitality Reporting and Analytics compon ...)
	NOT-FOR-US: Oracle
CVE-2019-2946 (Vulnerability in the MySQL Server product of Oracle MySQL (component:  ...)
	- mysql-5.7 <unfixed> (bug #942443)
	NOTE: https://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html#AppendixMSQL
CVE-2019-2945 (Vulnerability in the Java SE, Java SE Embedded product of Oracle Java  ...)
	{DSA-4548-1 DSA-4546-1 DLA-2023-1}
	- openjdk-11 11.0.5+10-1
	- openjdk-8 8u232-b09-1
	- openjdk-7 <removed>
CVE-2019-2944 (Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualiza ...)
	- virtualbox 6.0.14-dfsg-1
	[jessie] - virtualbox <end-of-life> (DSA-3699-1)
CVE-2019-2943 (Vulnerability in the Oracle Data Integrator product of Oracle Fusion M ...)
	NOT-FOR-US: Oracle
CVE-2019-2942 (Vulnerability in the Oracle Advanced Outbound Telephony product of Ora ...)
	NOT-FOR-US: Oracle
CVE-2019-2941 (Vulnerability in the Hyperion Profitability and Cost Management produc ...)
	NOT-FOR-US: Oracle
CVE-2019-2940 (Vulnerability in the Core RDBMS component of Oracle Database Server. S ...)
	NOT-FOR-US: Oracle
CVE-2019-2939 (Vulnerability in the Core RDBMS component of Oracle Database Server. S ...)
	NOT-FOR-US: Oracle
CVE-2019-2938 (Vulnerability in the MySQL Server product of Oracle MySQL (component:  ...)
	- mysql-5.7 <unfixed> (bug #942443)
	- mariadb-10.3 1:10.3.19-1
	[buster] - mariadb-10.3 1:10.3.22-0+deb10u1
	NOTE: https://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html#AppendixMSQL
CVE-2019-2937 (Vulnerability in the Oracle Hospitality Reporting and Analytics compon ...)
	NOT-FOR-US: Oracle
CVE-2019-2936 (Vulnerability in the Oracle Hospitality Reporting and Analytics compon ...)
	NOT-FOR-US: Oracle
CVE-2019-2935 (Vulnerability in the Siebel UI Framework product of Oracle Siebel CRM  ...)
	NOT-FOR-US: Oracle
CVE-2019-2934 (Vulnerability in the Oracle Hospitality Reporting and Analytics compon ...)
	NOT-FOR-US: Oracle
CVE-2019-2933 (Vulnerability in the Java SE, Java SE Embedded product of Oracle Java  ...)
	{DLA-2023-1}
	- openjdk-11 <not-affected> (Apparently specific to Oracle Java)
	- openjdk-7 <not-affected> (Apparently specific to Oracle Java)
	- openjdk-8 <not-affected> (Apparently specific to Oracle Java)
CVE-2019-2932 (Vulnerability in the PeopleSoft Enterprise PeopleTools product of Orac ...)
	NOT-FOR-US: Oracle
CVE-2019-2931 (Vulnerability in the PeopleSoft Enterprise PeopleTools product of Orac ...)
	NOT-FOR-US: Oracle
CVE-2019-2930 (Vulnerability in the Oracle Field Service product of Oracle E-Business ...)
	NOT-FOR-US: Oracle
CVE-2019-2929 (Vulnerability in the PeopleSoft Enterprise PeopleTools product of Orac ...)
	NOT-FOR-US: Oracle
CVE-2019-2928
	RESERVED
CVE-2019-2927 (Vulnerability in the Hyperion Data Relationship Management product of  ...)
	NOT-FOR-US: Oracle
CVE-2019-2926 (Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualiza ...)
	- virtualbox 6.0.14-dfsg-1
	[jessie] - virtualbox <end-of-life> (DSA-3699-1)
CVE-2019-2925 (Vulnerability in the Oracle Workflow product of Oracle E-Business Suit ...)
	NOT-FOR-US: Oracle
CVE-2019-2924 (Vulnerability in the MySQL Server product of Oracle MySQL (component:  ...)
	- mysql-5.7 <unfixed> (bug #942443)
	NOTE: https://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html#AppendixMSQL
CVE-2019-2923 (Vulnerability in the MySQL Server product of Oracle MySQL (component:  ...)
	- mysql-5.7 <unfixed> (bug #942443)
	NOTE: https://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html#AppendixMSQL
CVE-2019-2922 (Vulnerability in the MySQL Server product of Oracle MySQL (component:  ...)
	- mysql-5.7 <unfixed> (bug #942443)
	NOTE: https://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html#AppendixMSQL
CVE-2019-2921
	RESERVED
CVE-2019-2920 (Vulnerability in the MySQL Connectors product of Oracle MySQL (compone ...)
	- mysql-5.7 <unfixed> (bug #942443)
	NOTE: https://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html#AppendixMSQL
CVE-2019-2919
	RESERVED
CVE-2019-2918
	RESERVED
CVE-2019-2917
	RESERVED
CVE-2019-2916
	RESERVED
CVE-2019-2915 (Vulnerability in the PeopleSoft Enterprise PeopleTools product of Orac ...)
	NOT-FOR-US: Oracle
CVE-2019-2914 (Vulnerability in the MySQL Server product of Oracle MySQL (component:  ...)
	- mysql-5.7 <unfixed> (bug #942443)
	NOTE: https://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html#AppendixMSQL
CVE-2019-2913 (Vulnerability in the Core RDBMS component of Oracle Database Server. S ...)
	NOT-FOR-US: Oracle
CVE-2019-2912
	RESERVED
CVE-2019-2911 (Vulnerability in the MySQL Server product of Oracle MySQL (component:  ...)
	- mysql-5.7 <unfixed> (bug #942443)
	NOTE: https://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html#AppendixMSQL
CVE-2019-2910 (Vulnerability in the MySQL Server product of Oracle MySQL (component:  ...)
	- mysql-5.7 <unfixed> (bug #942443)
	NOTE: https://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html#AppendixMSQL
CVE-2019-2909 (Vulnerability in the Java VM component of Oracle Database Server. Supp ...)
	NOT-FOR-US: Oracle
CVE-2019-2908
	RESERVED
CVE-2019-2907 (Vulnerability in the Oracle Web Services product of Oracle Fusion Midd ...)
	NOT-FOR-US: Oracle
CVE-2019-2906 (Vulnerability in the BI Publisher (formerly XML Publisher) product of  ...)
	NOT-FOR-US: Oracle
CVE-2019-2905 (Vulnerability in the Oracle Business Intelligence Enterprise Edition p ...)
	NOT-FOR-US: Oracle
CVE-2019-2904 (Vulnerability in the Oracle JDeveloper and ADF product of Oracle Fusio ...)
	NOT-FOR-US: Oracle
CVE-2019-2903 (Vulnerability in the Oracle Outside In Technology product of Oracle Fu ...)
	NOT-FOR-US: Oracle
CVE-2019-2902 (Vulnerability in the Oracle Outside In Technology product of Oracle Fu ...)
	NOT-FOR-US: Oracle
CVE-2019-2901 (Vulnerability in the Oracle Outside In Technology product of Oracle Fu ...)
	NOT-FOR-US: Oracle
CVE-2019-2900 (Vulnerability in the Oracle Business Intelligence Enterprise Edition p ...)
	NOT-FOR-US: Oracle
CVE-2019-2899 (Vulnerability in the Oracle JDeveloper and ADF product of Oracle Fusio ...)
	NOT-FOR-US: Oracle
CVE-2019-2898 (Vulnerability in the BI Publisher (formerly XML Publisher) product of  ...)
	NOT-FOR-US: Oracle
CVE-2019-2897 (Vulnerability in the Oracle Business Intelligence Enterprise Edition p ...)
	NOT-FOR-US: Oracle
CVE-2019-2896 (Vulnerability in the MICROS Relate CRM Software product of Oracle Reta ...)
	NOT-FOR-US: Oracle
CVE-2019-2895 (Vulnerability in the Enterprise Manager for Exadata product of Oracle  ...)
	NOT-FOR-US: Oracle
CVE-2019-2894 (Vulnerability in the Java SE, Java SE Embedded product of Oracle Java  ...)
	{DSA-4548-1 DSA-4546-1 DLA-2023-1}
	- openjdk-11 11.0.5+10-1
	- openjdk-8 8u232-b09-1
	- openjdk-7 <removed>
CVE-2019-2893
	RESERVED
CVE-2019-2892
	RESERVED
CVE-2019-2891 (Vulnerability in the Oracle WebLogic Server product of Oracle Fusion M ...)
	NOT-FOR-US: Oracle
CVE-2019-2890 (Vulnerability in the Oracle WebLogic Server product of Oracle Fusion M ...)
	NOT-FOR-US: Oracle
CVE-2019-2889 (Vulnerability in the Oracle WebLogic Server product of Oracle Fusion M ...)
	NOT-FOR-US: Oracle
CVE-2019-2888 (Vulnerability in the Oracle WebLogic Server product of Oracle Fusion M ...)
	NOT-FOR-US: Oracle
CVE-2019-2887 (Vulnerability in the Oracle WebLogic Server product of Oracle Fusion M ...)
	NOT-FOR-US: Oracle
CVE-2019-2886 (Vulnerability in the Oracle Forms product of Oracle Fusion Middleware  ...)
	NOT-FOR-US: Oracle
CVE-2019-2885
	RESERVED
CVE-2019-2884 (Vulnerability in the Oracle Retail Customer Management and Segmentatio ...)
	NOT-FOR-US: Oracle
CVE-2019-2883 (Vulnerability in the Oracle Retail Customer Management and Segmentatio ...)
	NOT-FOR-US: Oracle
CVE-2019-2882
	RESERVED
CVE-2019-2881
	RESERVED
CVE-2019-2880
	RESERVED
CVE-2019-2879 (Vulnerability in the MySQL Server component of Oracle MySQL (subcompon ...)
	- mysql-5.7 <not-affected> (Only affects MySQL 8)
CVE-2019-2878 (Vulnerability in the Sun ZFS Storage Appliance Kit (AK) component of O ...)
	NOT-FOR-US: Oracle
CVE-2019-2877 (Vulnerability in the Oracle VM VirtualBox component of Oracle Virtuali ...)
	- virtualbox 6.0.10-dfsg-1
	[jessie] - virtualbox <end-of-life> (DSA-3699-1)
CVE-2019-2876 (Vulnerability in the Oracle VM VirtualBox component of Oracle Virtuali ...)
	- virtualbox 6.0.10-dfsg-1
	[jessie] - virtualbox <end-of-life> (DSA-3699-1)
CVE-2019-2875 (Vulnerability in the Oracle VM VirtualBox component of Oracle Virtuali ...)
	- virtualbox 6.0.10-dfsg-1
	[jessie] - virtualbox <end-of-life> (DSA-3699-1)
CVE-2019-2874 (Vulnerability in the Oracle VM VirtualBox component of Oracle Virtuali ...)
	- virtualbox 6.0.10-dfsg-1
	[jessie] - virtualbox <end-of-life> (DSA-3699-1)
CVE-2019-2873 (Vulnerability in the Oracle VM VirtualBox component of Oracle Virtuali ...)
	- virtualbox 6.0.10-dfsg-1
	[jessie] - virtualbox <end-of-life> (DSA-3699-1)
CVE-2019-2872 (Vulnerability in the Oracle Retail Xstore Point of Service product of  ...)
	NOT-FOR-US: Oracle
CVE-2019-2871 (Vulnerability in the Data Store component of Oracle Berkeley DB. Suppo ...)
	NOT-FOR-US: Oracle
CVE-2019-2870 (Vulnerability in the Data Store component of Oracle Berkeley DB. Suppo ...)
	NOT-FOR-US: Oracle
CVE-2019-2869 (Vulnerability in the Data Store component of Oracle Berkeley DB. Suppo ...)
	NOT-FOR-US: Oracle
CVE-2019-2868 (Vulnerability in the Data Store component of Oracle Berkeley DB. Suppo ...)
	NOT-FOR-US: Oracle
CVE-2019-2867 (Vulnerability in the Oracle VM VirtualBox component of Oracle Virtuali ...)
	- virtualbox 6.0.10-dfsg-1
	[jessie] - virtualbox <end-of-life> (DSA-3699-1)
CVE-2019-2866 (Vulnerability in the Oracle VM VirtualBox component of Oracle Virtuali ...)
	- virtualbox 6.0.10-dfsg-1
	[jessie] - virtualbox <end-of-life> (DSA-3699-1)
CVE-2019-2865 (Vulnerability in the Oracle VM VirtualBox component of Oracle Virtuali ...)
	- virtualbox 6.0.10-dfsg-1
	[jessie] - virtualbox <end-of-life> (DSA-3699-1)
CVE-2019-2864 (Vulnerability in the Oracle VM VirtualBox component of Oracle Virtuali ...)
	- virtualbox 6.0.10-dfsg-1
	[jessie] - virtualbox <end-of-life> (DSA-3699-1)
CVE-2019-2863 (Vulnerability in the Oracle VM VirtualBox component of Oracle Virtuali ...)
	- virtualbox 6.0.10-dfsg-1
	[jessie] - virtualbox <end-of-life> (DSA-3699-1)
CVE-2019-2862 (Vulnerability in the Oracle GraalVM Enterprise Edition component of Or ...)
	NOT-FOR-US: Oracle
CVE-2019-2861 (Vulnerability in the Oracle Hyperion Planning component of Oracle Hype ...)
	NOT-FOR-US: Oracle
CVE-2019-2860 (Vulnerability in the Oracle Clusterware component of Oracle Support To ...)
	NOT-FOR-US: Oracle
CVE-2019-2859 (Vulnerability in the Oracle VM VirtualBox component of Oracle Virtuali ...)
	- virtualbox 6.0.10-dfsg-1
	[jessie] - virtualbox <end-of-life> (DSA-3699-1)
CVE-2019-2858 (Vulnerability in the Oracle Identity Manager component of Oracle Fusio ...)
	NOT-FOR-US: Oracle
CVE-2019-2857 (Vulnerability in the Siebel UI Framework component of Oracle Siebel CR ...)
	NOT-FOR-US: Oracle
CVE-2019-2856 (Vulnerability in the Oracle WebLogic Server component of Oracle Fusion ...)
	NOT-FOR-US: Oracle
CVE-2019-2855 (Vulnerability in the Oracle Outside In Technology component of Oracle  ...)
	NOT-FOR-US: Oracle
CVE-2019-2854 (Vulnerability in the Oracle Outside In Technology component of Oracle  ...)
	NOT-FOR-US: Oracle
CVE-2019-2853 (Vulnerability in the Oracle Outside In Technology component of Oracle  ...)
	NOT-FOR-US: Oracle
CVE-2019-2852 (Vulnerability in the Oracle Outside In Technology component of Oracle  ...)
	NOT-FOR-US: Oracle
CVE-2019-2851
	RESERVED
CVE-2019-2850 (Vulnerability in the Oracle VM VirtualBox component of Oracle Virtuali ...)
	- virtualbox 6.0.10-dfsg-1
	[jessie] - virtualbox <end-of-life> (DSA-3699-1)
CVE-2019-2849
	RESERVED
CVE-2019-2848 (Vulnerability in the Oracle VM VirtualBox component of Oracle Virtuali ...)
	- virtualbox 6.0.10-dfsg-1
	[jessie] - virtualbox <end-of-life> (DSA-3699-1)
CVE-2019-2847 (Vulnerability in the Oracle FLEXCUBE Investor Servicing component of O ...)
	NOT-FOR-US: Oracle
CVE-2019-2846 (Vulnerability in the Oracle FLEXCUBE Investor Servicing component of O ...)
	NOT-FOR-US: Oracle
CVE-2019-2845 (Vulnerability in the Oracle FLEXCUBE Investor Servicing component of O ...)
	NOT-FOR-US: Oracle
CVE-2019-2844 (Vulnerability in the Oracle Solaris component of Oracle Sun Systems Pr ...)
	NOT-FOR-US: Oracle
CVE-2019-2843 (Vulnerability in the Oracle FLEXCUBE Investor Servicing component of O ...)
	NOT-FOR-US: Oracle
CVE-2019-2842 (Vulnerability in the Java SE component of Oracle Java SE (subcomponent ...)
	{DSA-4485-1}
	- openjdk-8 8u222-b10-1
CVE-2019-2841 (Vulnerability in the Oracle FLEXCUBE Investor Servicing component of O ...)
	NOT-FOR-US: Oracle
CVE-2019-2840 (Vulnerability in the Oracle FLEXCUBE Universal Banking component of Or ...)
	NOT-FOR-US: Oracle
CVE-2019-2839 (Vulnerability in the Oracle FLEXCUBE Universal Banking component of Or ...)
	NOT-FOR-US: Oracle
CVE-2019-2838 (Vulnerability in the Oracle Solaris component of Oracle Sun Systems Pr ...)
	NOT-FOR-US: Oracle
CVE-2019-2837 (Vulnerability in the Oracle CRM Technical Foundation component of Orac ...)
	NOT-FOR-US: Oracle
CVE-2019-2836 (Vulnerability in the Oracle Hospitality Simphony component of Oracle F ...)
	NOT-FOR-US: Oracle
CVE-2019-2835 (Vulnerability in the Oracle Outside In Technology component of Oracle  ...)
	NOT-FOR-US: Oracle
CVE-2019-2834 (Vulnerability in the MySQL Server component of Oracle MySQL (subcompon ...)
	- mysql-5.7 <not-affected> (Only affects MySQL 8)
CVE-2019-2833 (Vulnerability in the Oracle Hospitality Simphony component of Oracle F ...)
	NOT-FOR-US: Oracle
CVE-2019-2832 (Vulnerability in the Oracle Solaris component of Oracle Sun Systems Pr ...)
	NOT-FOR-US: Oracle
CVE-2019-2831 (Vulnerability in the PeopleSoft Enterprise FIN Project Costing compone ...)
	NOT-FOR-US: Oracle
CVE-2019-2830 (Vulnerability in the MySQL Server component of Oracle MySQL (subcompon ...)
	- mysql-5.7 <not-affected> (Only affects MySQL 8)
CVE-2019-2829 (Vulnerability in the Oracle iSupport component of Oracle E-Business Su ...)
	NOT-FOR-US: Oracle
CVE-2019-2828 (Vulnerability in the Oracle Field Service component of Oracle E-Busine ...)
	NOT-FOR-US: Oracle
CVE-2019-2827 (Vulnerability in the Oracle WebLogic Server component of Oracle Fusion ...)
	NOT-FOR-US: Oracle
CVE-2019-2826 (Vulnerability in the MySQL Server component of Oracle MySQL (subcompon ...)
	- mysql-5.7 <not-affected> (Only affects MySQL 8)
CVE-2019-2825 (Vulnerability in the Oracle Applications Manager component of Oracle E ...)
	NOT-FOR-US: Oracle
CVE-2019-2824 (Vulnerability in the Oracle WebLogic Server component of Oracle Fusion ...)
	NOT-FOR-US: Oracle
CVE-2019-2823 (Vulnerability in the Oracle Financial Services Analytical Applications ...)
	NOT-FOR-US: Oracle
CVE-2019-2822 (Vulnerability in the MySQL Server component of Oracle MySQL (subcompon ...)
	- mysql-5.7 <not-affected> (Only affects MySQL 8)
CVE-2019-2821 (Vulnerability in the Java SE component of Oracle Java SE (subcomponent ...)
	{DSA-4486-1}
	- openjdk-12 12.0.2+9-1
	- openjdk-11 11.0.4+11-1
CVE-2019-2820 (Vulnerability in the Oracle Solaris component of Oracle Sun Systems Pr ...)
	NOT-FOR-US: Oracle
CVE-2019-2819 (Vulnerability in the MySQL Server component of Oracle MySQL (subcompon ...)
	- mysql-5.7 <unfixed> (bug #932340)
	NOTE: https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html#AppendixMSQL
CVE-2019-2818 (Vulnerability in the Java SE component of Oracle Java SE (subcomponent ...)
	{DSA-4486-1}
	- openjdk-12 12.0.2+9-1
	- openjdk-11 11.0.4+11-1
CVE-2019-2817 (Vulnerability in the Oracle Agile PLM component of Oracle Supply Chain ...)
	NOT-FOR-US: Oracle
CVE-2019-2816 (Vulnerability in the Java SE, Java SE Embedded component of Oracle Jav ...)
	{DSA-4486-1 DSA-4485-1 DLA-1886-1}
	- openjdk-12 12.0.2+9-1
	- openjdk-11 11.0.4+11-1
	- openjdk-8 8u222-b10-1
	- openjdk-7 <removed>
CVE-2019-2815 (Vulnerability in the MySQL Server component of Oracle MySQL (subcompon ...)
	- mysql-5.7 <not-affected> (Only affects MySQL 8)
CVE-2019-2814 (Vulnerability in the MySQL Server component of Oracle MySQL (subcompon ...)
	- mysql-5.7 <not-affected> (Only affects MySQL 8)
CVE-2019-2813 (Vulnerability in the Oracle GraalVM Enterprise Edition component of Or ...)
	NOT-FOR-US: Oracle
CVE-2019-2812 (Vulnerability in the MySQL Server component of Oracle MySQL (subcompon ...)
	- mysql-5.7 <not-affected> (Only affects MySQL 8)
CVE-2019-2811 (Vulnerability in the MySQL Server component of Oracle MySQL (subcompon ...)
	- mysql-5.7 <not-affected> (Only affects MySQL 8)
CVE-2019-2810 (Vulnerability in the MySQL Server component of Oracle MySQL (subcompon ...)
	- mysql-5.7 <not-affected> (Only affects MySQL 8)
CVE-2019-2809 (Vulnerability in the Oracle iRecruitment component of Oracle E-Busines ...)
	NOT-FOR-US: Oracle
CVE-2019-2808 (Vulnerability in the MySQL Server component of Oracle MySQL (subcompon ...)
	- mysql-5.7 <not-affected> (Only affects MySQL 8)
CVE-2019-2807 (Vulnerability in the Oracle Solaris component of Oracle Sun Systems Pr ...)
	NOT-FOR-US: Oracle
CVE-2019-2806
	RESERVED
CVE-2019-2805 (Vulnerability in the MySQL Server component of Oracle MySQL (subcompon ...)
	- mariadb-10.3 1:10.3.17-1
	[buster] - mariadb-10.3 1:10.3.17-0+deb10u1
	- mariadb-10.1 <removed>
	[stretch] - mariadb-10.1 10.1.41-0+deb9u1
	- mysql-5.7 <unfixed> (bug #932340)
	NOTE: Fixed in MariaDB: 10.3.17, 10.1.41
	NOTE: https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html#AppendixMSQL
CVE-2019-2804 (Vulnerability in the Oracle Solaris component of Oracle Sun Systems Pr ...)
	NOT-FOR-US: Oracle
CVE-2019-2803 (Vulnerability in the MySQL Server component of Oracle MySQL (subcompon ...)
	- mysql-5.7 <not-affected> (Only affects MySQL 8)
CVE-2019-2802 (Vulnerability in the MySQL Server component of Oracle MySQL (subcompon ...)
	- mysql-5.7 <not-affected> (Only affects MySQL 8)
CVE-2019-2801 (Vulnerability in the MySQL Server component of Oracle MySQL (subcompon ...)
	- mysql-5.7 <not-affected> (Only affects MySQL 8)
CVE-2019-2800 (Vulnerability in the MySQL Server component of Oracle MySQL (subcompon ...)
	- mysql-5.7 <not-affected> (Only affects MySQL 8)
CVE-2019-2799 (Vulnerability in the Oracle ODBC Driver component of Oracle Database S ...)
	NOT-FOR-US: Oracle
CVE-2019-2798 (Vulnerability in the MySQL Server component of Oracle MySQL (subcompon ...)
	- mysql-5.7 <not-affected> (Only affects MySQL 8)
CVE-2019-2797 (Vulnerability in the MySQL Server component of Oracle MySQL (subcompon ...)
	- mysql-5.7 <unfixed> (bug #932340)
	NOTE: https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html#AppendixMSQL
CVE-2019-2796 (Vulnerability in the MySQL Server component of Oracle MySQL (subcompon ...)
	- mysql-5.7 <not-affected> (Only affects MySQL 8)
CVE-2019-2795 (Vulnerability in the MySQL Server component of Oracle MySQL (subcompon ...)
	- mysql-5.7 <not-affected> (Only affects MySQL 8)
CVE-2019-2794 (Vulnerability in the Oracle FLEXCUBE Universal Banking component of Or ...)
	NOT-FOR-US: Oracle
CVE-2019-2793 (Vulnerability in the Oracle FLEXCUBE Universal Banking component of Or ...)
	NOT-FOR-US: Oracle
CVE-2019-2792 (Vulnerability in the Oracle Outside In Technology component of Oracle  ...)
	NOT-FOR-US: Oracle
CVE-2019-2791 (Vulnerability in the MySQL Server component of Oracle MySQL (subcompon ...)
	- mysql-5.7 <unfixed> (bug #932340)
	NOTE: https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html#AppendixMSQL
CVE-2019-2790 (Vulnerability in the Oracle FLEXCUBE Universal Banking component of Or ...)
	NOT-FOR-US: Oracle
CVE-2019-2789 (Vulnerability in the MySQL Server component of Oracle MySQL (subcompon ...)
	- mysql-5.7 <not-affected> (Only affects MySQL 8)
CVE-2019-2788 (Vulnerability in the Solaris component of Oracle Sun Systems Products  ...)
	NOT-FOR-US: Oracle
CVE-2019-2787 (Vulnerability in the Oracle Solaris component of Oracle Sun Systems Pr ...)
	NOT-FOR-US: Oracle
CVE-2019-2786 (Vulnerability in the Java SE, Java SE Embedded component of Oracle Jav ...)
	{DSA-4486-1 DSA-4485-1}
	- openjdk-12 12.0.2+9-1
	- openjdk-11 11.0.4+11-1
	- openjdk-8 8u222-b10-1
CVE-2019-2785 (Vulnerability in the MySQL Server component of Oracle MySQL (subcompon ...)
	- mysql-5.7 <not-affected> (Only affects MySQL 8)
CVE-2019-2784 (Vulnerability in the MySQL Server component of Oracle MySQL (subcompon ...)
	- mysql-5.7 <not-affected> (Only affects MySQL 8)
CVE-2019-2783 (Vulnerability in the Oracle Payments component of Oracle E-Business Su ...)
	NOT-FOR-US: Oracle
CVE-2019-2782 (Vulnerability in the Oracle Payments component of Oracle E-Business Su ...)
	NOT-FOR-US: Oracle
CVE-2019-2781 (Vulnerability in the Oracle Hospitality Suite8 component of Oracle Hos ...)
	NOT-FOR-US: Oracle
CVE-2019-2780 (Vulnerability in the MySQL Server component of Oracle MySQL (subcompon ...)
	- mysql-5.7 <not-affected> (Only affects MySQL 8)
CVE-2019-2779 (Vulnerability in the Siebel Core - Common Components component of Orac ...)
	NOT-FOR-US: Oracle
CVE-2019-2778 (Vulnerability in the MySQL Server component of Oracle MySQL (subcompon ...)
	- mysql-5.7 <unfixed> (bug #932340)
	NOTE: https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html#AppendixMSQL
CVE-2019-2777 (Vulnerability in the Siebel Core - Server Framework component of Oracl ...)
	NOT-FOR-US: Oracle
CVE-2019-2776 (Vulnerability in the Core RDBMS component of Oracle Database Server. S ...)
	NOT-FOR-US: Oracle
CVE-2019-2775 (Vulnerability in the Oracle Payments component of Oracle E-Business Su ...)
	NOT-FOR-US: Oracle
CVE-2019-2774 (Vulnerability in the MySQL Server component of Oracle MySQL (subcompon ...)
	- mysql-5.7 <unfixed> (bug #932340)
	NOTE: https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html#AppendixMSQL
CVE-2019-2773 (Vulnerability in the Oracle Payments component of Oracle E-Business Su ...)
	NOT-FOR-US: Oracle
CVE-2019-2772 (Vulnerability in the PeopleSoft Enterprise PeopleTools component of Or ...)
	NOT-FOR-US: Oracle
CVE-2019-2771 (Vulnerability in the BI Publisher (formerly XML Publisher) component o ...)
	NOT-FOR-US: Oracle
CVE-2019-2770 (Vulnerability in the Oracle Hyperion Planning component of Oracle Hype ...)
	NOT-FOR-US: Oracle
CVE-2019-2769 (Vulnerability in the Java SE, Java SE Embedded component of Oracle Jav ...)
	{DSA-4486-1 DSA-4485-1 DLA-1886-1}
	- openjdk-12 12.0.2+9-1
	- openjdk-11 11.0.4+11-1
	- openjdk-8 8u222-b10-1
	- openjdk-7 <removed>
CVE-2019-2768 (Vulnerability in the BI Publisher (formerly XML Publisher) component o ...)
	NOT-FOR-US: Oracle
CVE-2019-2767 (Vulnerability in the BI Publisher (formerly XML Publisher) component o ...)
	NOT-FOR-US: Oracle
CVE-2019-2766 (Vulnerability in the Java SE, Java SE Embedded component of Oracle Jav ...)
	- openjdk-12 <not-affected> (Windows-specific)
	- openjdk-11 <not-affected> (Windows-specific)
	- openjdk-8 <not-affected> (Windows-specific)
	- openjdk-7 <not-affected> (Windows-specific)
CVE-2019-2765 (Vulnerability in the Oracle Solaris product of Oracle Systems (compone ...)
	NOT-FOR-US: Oracle
CVE-2019-2764 (Vulnerability in the Oracle Outside In Technology component of Oracle  ...)
	NOT-FOR-US: Oracle
CVE-2019-2763 (Vulnerability in the Oracle Hospitality Gift and Loyalty component of  ...)
	NOT-FOR-US: Oracle
CVE-2019-2762 (Vulnerability in the Java SE, Java SE Embedded component of Oracle Jav ...)
	{DSA-4486-1 DSA-4485-1 DLA-1886-1}
	- openjdk-12 12.0.2+9-1
	- openjdk-11 11.0.4+11-1
	- openjdk-8 8u222-b10-1
	- openjdk-7 <removed>
CVE-2019-2761 (Vulnerability in the Oracle Application Object Library component of Or ...)
	NOT-FOR-US: Oracle
CVE-2019-2760 (Vulnerability in the Data Store component of Oracle Berkeley DB. Suppo ...)
	NOT-FOR-US: Oracle
CVE-2019-2759 (Vulnerability in the Oracle Outside In Technology component of Oracle  ...)
	NOT-FOR-US: Oracle
CVE-2019-2758 (Vulnerability in the MySQL Server component of Oracle MySQL (subcompon ...)
	- mariadb-10.3 1:10.3.17-1
	[buster] - mariadb-10.3 1:10.3.17-0+deb10u1
	- mysql-5.7 <unfixed> (bug #932340)
	NOTE: Fixed in MariaDB: 10.3.17
	NOTE: https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html#AppendixMSQL
CVE-2019-2757 (Vulnerability in the MySQL Server component of Oracle MySQL (subcompon ...)
	- mysql-5.7 <unfixed> (bug #932340)
	NOTE: https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html#AppendixMSQL
CVE-2019-2756 (Vulnerability in the Oracle Outside In Technology component of Oracle  ...)
	NOT-FOR-US: Oracle
CVE-2019-2755 (Vulnerability in the MySQL Server component of Oracle MySQL (subcompon ...)
	- mysql-5.7 5.7.26-1
CVE-2019-2754 (Vulnerability in the Oracle FLEXCUBE Universal Banking component of Or ...)
	NOT-FOR-US: Oracle
CVE-2019-2753 (Vulnerability in the Oracle Text component of Oracle Database Server.  ...)
	NOT-FOR-US: Oracle
CVE-2019-2752 (Vulnerability in the MySQL Server component of Oracle MySQL (subcompon ...)
	- mysql-5.7 <not-affected> (Only affects MySQL 8)
CVE-2019-2751 (Vulnerability in the Oracle HTTP Server component of Oracle Fusion Mid ...)
	NOT-FOR-US: Oracle
CVE-2019-2750 (Vulnerability in the MICROS Retail-J component of Oracle Retail Applic ...)
	NOT-FOR-US: Oracle
CVE-2019-2749 (Vulnerability in the Java VM component of Oracle Database Server. Supp ...)
	NOT-FOR-US: Oracle
CVE-2019-2748 (Vulnerability in the PeopleSoft Enterprise PT PeopleTools component of ...)
	NOT-FOR-US: Oracle
CVE-2019-2747 (Vulnerability in the MySQL Server component of Oracle MySQL (subcompon ...)
	- mysql-5.7 <not-affected> (Only affects MySQL 8)
CVE-2019-2746 (Vulnerability in the MySQL Server component of Oracle MySQL (subcompon ...)
	- mysql-5.7 <not-affected> (Only affects MySQL 8)
CVE-2019-2745 (Vulnerability in the Java SE component of Oracle Java SE (subcomponent ...)
	{DSA-4486-1 DSA-4485-1 DLA-1886-1}
	- openjdk-11 11.0.4+11-1
	- openjdk-8 8u222-b10-1
	- openjdk-7 <removed>
CVE-2019-2744 (Vulnerability in the Oracle FLEXCUBE Universal Banking component of Or ...)
	NOT-FOR-US: Oracle
CVE-2019-2743 (Vulnerability in the MySQL Server component of Oracle MySQL (subcompon ...)
	- mysql-5.7 <not-affected> (Only affects MySQL 8)
CVE-2019-2742 (Vulnerability in the Oracle BI Publisher component of Oracle Fusion Mi ...)
	NOT-FOR-US: Oracle
CVE-2019-2741 (Vulnerability in the MySQL Server component of Oracle MySQL (subcompon ...)
	- mysql-5.7 <unfixed> (bug #932340)
	NOTE: https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html#AppendixMSQL
CVE-2019-2740 (Vulnerability in the MySQL Server component of Oracle MySQL (subcompon ...)
	- mariadb-10.3 1:10.3.17-1
	[buster] - mariadb-10.3 1:10.3.17-0+deb10u1
	- mariadb-10.1 <removed>
	[stretch] - mariadb-10.1 10.1.41-0+deb9u1
	- mysql-5.7 <unfixed> (bug #932340)
	NOTE: Fixed in MariaDB: 10.3.17, 10.1.41
	NOTE: https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html#AppendixMSQL
CVE-2019-2739 (Vulnerability in the MySQL Server component of Oracle MySQL (subcompon ...)
	- mariadb-10.3 1:10.3.17-1
	[buster] - mariadb-10.3 1:10.3.17-0+deb10u1
	- mariadb-10.1 <removed>
	[stretch] - mariadb-10.1 10.1.41-0+deb9u1
	- mysql-5.7 <unfixed> (bug #932340)
	NOTE: Fixed in MariaDB: 10.3.17, 10.1.41
	NOTE: https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html#AppendixMSQL
CVE-2019-2738 (Vulnerability in the MySQL Server component of Oracle MySQL (subcompon ...)
	- mysql-5.7 <unfixed> (bug #932340)
	NOTE: https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html#AppendixMSQL
CVE-2019-2737 (Vulnerability in the MySQL Server component of Oracle MySQL (subcompon ...)
	- mariadb-10.3 1:10.3.17-1
	[buster] - mariadb-10.3 1:10.3.17-0+deb10u1
	- mariadb-10.1 <removed>
	[stretch] - mariadb-10.1 10.1.41-0+deb9u1
	- mysql-5.7 <unfixed> (bug #932340)
	NOTE: Fixed in MariaDB: 10.3.17, 10.1.41
	NOTE: https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html#AppendixMSQL
CVE-2019-2736 (Vulnerability in the Oracle FLEXCUBE Investor Servicing component of O ...)
	NOT-FOR-US: Oracle
CVE-2019-2735 (Vulnerability in the Oracle Hyperion Workspace component of Oracle Hyp ...)
	NOT-FOR-US: Oracle
CVE-2019-2734 (Vulnerability in the Core RDBMS component of Oracle Database Server. S ...)
	NOT-FOR-US: Oracle
CVE-2019-2733 (Vulnerability in the Oracle Demantra Demand Management component of Or ...)
	NOT-FOR-US: Oracle
CVE-2019-2732 (Vulnerability in the Oracle Demantra Demand Management component of Or ...)
	NOT-FOR-US: Oracle
CVE-2019-2731 (Vulnerability in the MySQL Server component of Oracle MySQL (subcompon ...)
	- mysql-5.7 5.7.24-1
CVE-2019-2730 (Vulnerability in the MySQL Server component of Oracle MySQL (subcompon ...)
	- mysql-5.7 5.7.20-1
CVE-2019-2729 (Vulnerability in the Oracle WebLogic Server component of Oracle Fusion ...)
	NOT-FOR-US: Oracle
CVE-2019-2728 (Vulnerability in the Enterprise Manager Ops Center component of Oracle ...)
	NOT-FOR-US: Oracle
CVE-2019-2727 (Vulnerability in the Oracle Application Testing Suite component of Ora ...)
	NOT-FOR-US: Oracle
CVE-2019-2726 (Vulnerability in the Enterprise Manager Ops Center component of Oracle ...)
	NOT-FOR-US: Oracle
CVE-2019-2725 (Vulnerability in the Oracle WebLogic Server component of Oracle Fusion ...)
	NOT-FOR-US: Oracle
CVE-2019-2724
	RESERVED
CVE-2019-2723 (Vulnerability in the Oracle VM VirtualBox component of Oracle Virtuali ...)
	- virtualbox 6.0.6-dfsg-1
	[jessie] - virtualbox <end-of-life> (DSA-3699-1)
CVE-2019-2722 (Vulnerability in the Oracle VM VirtualBox component of Oracle Virtuali ...)
	- virtualbox 6.0.6-dfsg-1
	[jessie] - virtualbox <end-of-life> (DSA-3699-1)
CVE-2019-2721 (Vulnerability in the Oracle VM VirtualBox component of Oracle Virtuali ...)
	- virtualbox 6.0.6-dfsg-1
	[jessie] - virtualbox <end-of-life> (DSA-3699-1)
CVE-2019-2720 (Vulnerability in the Oracle Data Integrator component of Oracle Fusion ...)
	NOT-FOR-US: Oracle
CVE-2019-2719 (Vulnerability in the Oracle Knowledge component of Oracle Siebel CRM ( ...)
	NOT-FOR-US: Oracle
CVE-2019-2718
	RESERVED
CVE-2019-2717
	RESERVED
CVE-2019-2716
	RESERVED
CVE-2019-2715
	RESERVED
CVE-2019-2714
	RESERVED
CVE-2019-2713 (Vulnerability in the Oracle Commerce Merchandising component of Oracle ...)
	NOT-FOR-US: Oracle
CVE-2019-2712 (Vulnerability in the Oracle Commerce Platform component of Oracle Comm ...)
	NOT-FOR-US: Oracle
CVE-2019-2711
	RESERVED
CVE-2019-2710
	RESERVED
CVE-2019-2709 (Vulnerability in the Oracle Transportation Management component of Ora ...)
	NOT-FOR-US: Oracle
CVE-2019-2708 (Vulnerability in the Data Store component of Oracle Berkeley DB. Suppo ...)
	NOT-FOR-US: Oracle
CVE-2019-2707 (Vulnerability in the PeopleSoft Enterprise ELM Enterprise Learning Man ...)
	NOT-FOR-US: Oracle
CVE-2019-2706 (Vulnerability in the Oracle Business Process Management Suite componen ...)
	NOT-FOR-US: Oracle
CVE-2019-2705 (Vulnerability in the Oracle Outside In Technology component of Oracle  ...)
	NOT-FOR-US: Oracle
CVE-2019-2704 (Vulnerability in the Oracle Solaris component of Oracle Sun Systems Pr ...)
	NOT-FOR-US: Oracle
CVE-2019-2703 (Vulnerability in the Oracle VM VirtualBox component of Oracle Virtuali ...)
	- virtualbox 6.0.6-dfsg-1
	[jessie] - virtualbox <end-of-life> (DSA-3699-1)
CVE-2019-2702 (Vulnerability in the Oracle Hospitality Cruise Dining Room Management  ...)
	NOT-FOR-US: Oracle
CVE-2019-2701 (Vulnerability in the Primavera P6 Enterprise Project Portfolio Managem ...)
	NOT-FOR-US: Oracle
CVE-2019-2700 (Vulnerability in the PeopleSoft Enterprise ELM component of Oracle Peo ...)
	NOT-FOR-US: Oracle
CVE-2019-2699 (Vulnerability in the Java SE component of Oracle Java SE (subcomponent ...)
	- openjdk-8 <not-affected> (Windows-specific)
CVE-2019-2698 (Vulnerability in the Java SE component of Oracle Java SE (subcomponent ...)
	{DSA-4453-1 DLA-1782-1}
	- openjdk-7 <removed> (low)
	- openjdk-8 8u212-b03-1 (low)
	- openjdk-11 11.0.3+7-1 (low)
CVE-2019-2697 (Vulnerability in the Java SE component of Oracle Java SE (subcomponent ...)
	- openjdk-7 <not-affected> (proprietary 2D component only present in Oracle Java)
	- openjdk-8 <not-affected> (proprietary 2D component only present in Oracle Java)
CVE-2019-2696 (Vulnerability in the Oracle VM VirtualBox component of Oracle Virtuali ...)
	- virtualbox 6.0.6-dfsg-1
	[jessie] - virtualbox <end-of-life> (DSA-3699-1)
CVE-2019-2695 (Vulnerability in the MySQL Server component of Oracle MySQL (subcompon ...)
	- mysql-5.7 <not-affected> (Only affects MySQL 8)
CVE-2019-2694 (Vulnerability in the MySQL Server component of Oracle MySQL (subcompon ...)
	- mysql-5.7 <not-affected> (Only affects MySQL 8)
CVE-2019-2693 (Vulnerability in the MySQL Server component of Oracle MySQL (subcompon ...)
	- mysql-5.7 <not-affected> (Only affects MySQL 8)
CVE-2019-2692 (Vulnerability in the MySQL Connectors component of Oracle MySQL (subco ...)
	- mysql-connector-java <not-affected> (Only affects 8.x)
	NOTE: It's not clear whether older versions are affected, but Oracle doesn't provide
	NOTE: further information, so there's not really anything we can do about this anyway
CVE-2019-2691 (Vulnerability in the MySQL Server component of Oracle MySQL (subcompon ...)
	- mysql-5.7 <not-affected> (Only affects MySQL 8)
CVE-2019-2690 (Vulnerability in the Oracle VM VirtualBox component of Oracle Virtuali ...)
	- virtualbox 6.0.6-dfsg-1
	[jessie] - virtualbox <end-of-life> (DSA-3699-1)
CVE-2019-2689 (Vulnerability in the MySQL Server component of Oracle MySQL (subcompon ...)
	- mysql-5.7 <not-affected> (Only affects MySQL 8)
CVE-2019-2688 (Vulnerability in the MySQL Server component of Oracle MySQL (subcompon ...)
	- mysql-5.7 <not-affected> (Only affects MySQL 8)
CVE-2019-2687 (Vulnerability in the MySQL Server component of Oracle MySQL (subcompon ...)
	- mysql-5.7 <not-affected> (Only affects MySQL 8)
CVE-2019-2686 (Vulnerability in the MySQL Server component of Oracle MySQL (subcompon ...)
	- mysql-5.7 <not-affected> (Only affects MySQL 8)
CVE-2019-2685 (Vulnerability in the MySQL Server component of Oracle MySQL (subcompon ...)
	- mysql-5.7 <not-affected> (Only affects MySQL 8)
CVE-2019-2684 (Vulnerability in the Java SE, Java SE Embedded component of Oracle Jav ...)
	{DSA-4453-1 DLA-1782-1}
	- openjdk-7 <removed>
	- openjdk-8 8u212-b03-1
	- openjdk-11 11.0.3+7-1
CVE-2019-2683 (Vulnerability in the MySQL Server component of Oracle MySQL (subcompon ...)
	- mysql-5.7 5.7.26-1 (bug #927308)
	NOTE: https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html#AppendixMSQL
CVE-2019-2682 (Vulnerability in the Oracle Applications Framework component of Oracle ...)
	NOT-FOR-US: Oracle
CVE-2019-2681 (Vulnerability in the MySQL Server component of Oracle MySQL (subcompon ...)
	- mysql-5.7 <not-affected> (Only affects MySQL 8)
CVE-2019-2680 (Vulnerability in the Oracle VM VirtualBox component of Oracle Virtuali ...)
	- virtualbox 6.0.6-dfsg-1
	[jessie] - virtualbox <end-of-life> (DSA-3699-1)
CVE-2019-2679 (Vulnerability in the Oracle VM VirtualBox component of Oracle Virtuali ...)
	- virtualbox 6.0.6-dfsg-1
	[jessie] - virtualbox <end-of-life> (DSA-3699-1)
CVE-2019-2678 (Vulnerability in the Oracle VM VirtualBox component of Oracle Virtuali ...)
	- virtualbox 6.0.6-dfsg-1
	[jessie] - virtualbox <end-of-life> (DSA-3699-1)
CVE-2019-2677 (Vulnerability in the Oracle Marketing component of Oracle E-Business S ...)
	NOT-FOR-US: Oracle
CVE-2019-2676 (Vulnerability in the Oracle CRM Technical Foundation component of Orac ...)
	NOT-FOR-US: Oracle
CVE-2019-2675 (Vulnerability in the Oracle CRM Technical Foundation component of Orac ...)
	NOT-FOR-US: Oracle
CVE-2019-2674 (Vulnerability in the Oracle One-to-One Fulfillment component of Oracle ...)
	NOT-FOR-US: Oracle
CVE-2019-2673 (Vulnerability in the Oracle Marketing component of Oracle E-Business S ...)
	NOT-FOR-US: Oracle
CVE-2019-2672 (Vulnerability in the Oracle One-to-One Fulfillment component of Oracle ...)
	NOT-FOR-US: Oracle
CVE-2019-2671 (Vulnerability in the Oracle CRM Technical Foundation component of Orac ...)
	NOT-FOR-US: Oracle
CVE-2019-2670 (Vulnerability in the Oracle Marketing component of Oracle E-Business S ...)
	NOT-FOR-US: Oracle
CVE-2019-2669 (Vulnerability in the Oracle CRM Technical Foundation component of Orac ...)
	NOT-FOR-US: Oracle
CVE-2019-2668 (Vulnerability in the Oracle One-to-One Fulfillment component of Oracle ...)
	NOT-FOR-US: Oracle
CVE-2019-2667
	RESERVED
CVE-2019-2666 (Vulnerability in the Oracle One-to-One Fulfillment component of Oracle ...)
	NOT-FOR-US: Oracle
CVE-2019-2665 (Vulnerability in the Oracle Common Applications component of Oracle E- ...)
	NOT-FOR-US: Oracle
CVE-2019-2664 (Vulnerability in the Oracle Marketing component of Oracle E-Business S ...)
	NOT-FOR-US: Oracle
CVE-2019-2663 (Vulnerability in the Oracle Advanced Outbound Telephony component of O ...)
	NOT-FOR-US: Oracle
CVE-2019-2662 (Vulnerability in the Oracle Territory Management component of Oracle E ...)
	NOT-FOR-US: Oracle
CVE-2019-2661 (Vulnerability in the Oracle Email Center component of Oracle E-Busines ...)
	NOT-FOR-US: Oracle
CVE-2019-2660 (Vulnerability in the Oracle Knowledge Management component of Oracle E ...)
	NOT-FOR-US: Oracle
CVE-2019-2659 (Vulnerability in the Oracle Commerce Platform component of Oracle Comm ...)
	NOT-FOR-US: Oracle
CVE-2019-2658 (Vulnerability in the Oracle WebLogic Server component of Oracle Fusion ...)
	NOT-FOR-US: Oracle
CVE-2019-2657 (Vulnerability in the Oracle VM VirtualBox component of Oracle Virtuali ...)
	- virtualbox 6.0.6-dfsg-1
	[jessie] - virtualbox <end-of-life> (DSA-3699-1)
CVE-2019-2656 (Vulnerability in the Oracle VM VirtualBox component of Oracle Virtuali ...)
	- virtualbox 6.0.6-dfsg-1
	[jessie] - virtualbox <end-of-life> (DSA-3699-1)
CVE-2019-2655 (Vulnerability in the Oracle Interaction Center Intelligence component  ...)
	NOT-FOR-US: Oracle
CVE-2019-2654 (Vulnerability in the Oracle One-to-One Fulfillment component of Oracle ...)
	NOT-FOR-US: Oracle
CVE-2019-2653 (Vulnerability in the Oracle One-to-One Fulfillment component of Oracle ...)
	NOT-FOR-US: Oracle
CVE-2019-2652 (Vulnerability in the Oracle iStore component of Oracle E-Business Suit ...)
	NOT-FOR-US: Oracle
CVE-2019-2651 (Vulnerability in the Oracle Email Center component of Oracle E-Busines ...)
	NOT-FOR-US: Oracle
CVE-2019-2650 (Vulnerability in the Oracle WebLogic Server component of Oracle Fusion ...)
	NOT-FOR-US: Oracle
CVE-2019-2649 (Vulnerability in the Oracle WebLogic Server component of Oracle Fusion ...)
	NOT-FOR-US: Oracle
CVE-2019-2648 (Vulnerability in the Oracle WebLogic Server component of Oracle Fusion ...)
	NOT-FOR-US: Oracle
CVE-2019-2647 (Vulnerability in the Oracle WebLogic Server component of Oracle Fusion ...)
	NOT-FOR-US: Oracle
CVE-2019-2646 (Vulnerability in the Oracle WebLogic Server component of Oracle Fusion ...)
	NOT-FOR-US: Oracle
CVE-2019-2645 (Vulnerability in the Oracle WebLogic Server component of Oracle Fusion ...)
	NOT-FOR-US: Oracle
CVE-2019-2644 (Vulnerability in the MySQL Server component of Oracle MySQL (subcompon ...)
	- mysql-5.7 <not-affected> (Only affects MySQL 8)
CVE-2019-2643 (Vulnerability in the Oracle Trade Management component of Oracle E-Bus ...)
	NOT-FOR-US: Oracle
CVE-2019-2642 (Vulnerability in the Oracle Trade Management component of Oracle E-Bus ...)
	NOT-FOR-US: Oracle
CVE-2019-2641 (Vulnerability in the Oracle Trade Management component of Oracle E-Bus ...)
	NOT-FOR-US: Oracle
CVE-2019-2640 (Vulnerability in the Oracle Trade Management component of Oracle E-Bus ...)
	NOT-FOR-US: Oracle
CVE-2019-2639 (Vulnerability in the Oracle CRM Technical Foundation component of Orac ...)
	NOT-FOR-US: Oracle
CVE-2019-2638 (Vulnerability in the Oracle General Ledger component of Oracle E-Busin ...)
	NOT-FOR-US: Oracle
CVE-2019-2637 (Vulnerability in the PeopleSoft Enterprise PeopleTools component of Or ...)
	NOT-FOR-US: Oracle
CVE-2019-2636 (Vulnerability in the MySQL Server component of Oracle MySQL (subcompon ...)
	- mysql-5.7 <not-affected> (Only affects MySQL 8)
CVE-2019-2635 (Vulnerability in the MySQL Server component of Oracle MySQL (subcompon ...)
	- mysql-5.7 <not-affected> (Only affects MySQL 8)
CVE-2019-2634 (Vulnerability in the MySQL Server component of Oracle MySQL (subcompon ...)
	- mysql-5.7 <not-affected> (Only affects MySQL 8)
CVE-2019-2633 (Vulnerability in the Oracle Work in Process component of Oracle E-Busi ...)
	NOT-FOR-US: Oracle
CVE-2019-2632 (Vulnerability in the MySQL Server component of Oracle MySQL (subcompon ...)
	- mysql-5.7 5.7.26-1 (bug #927308)
	NOTE: https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html#AppendixMSQL
CVE-2019-2631 (Vulnerability in the MySQL Server component of Oracle MySQL (subcompon ...)
	- mysql-5.7 <not-affected> (Only affects MySQL 8)
CVE-2019-2630 (Vulnerability in the MySQL Server component of Oracle MySQL (subcompon ...)
	- mysql-5.7 <not-affected> (Only affects MySQL 8)
CVE-2019-2629 (Vulnerability in the Oracle Health Sciences Data Management Workbench  ...)
	NOT-FOR-US: Oracle
CVE-2019-2628 (Vulnerability in the MySQL Server component of Oracle MySQL (subcompon ...)
	- mariadb-10.3 1:10.3.15-1 (bug #928393)
	- mysql-5.7 5.7.26-1 (bug #927308)
	NOTE: https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html#AppendixMSQL
	NOTE: Fixed in MariaDB: 10.3.15
CVE-2019-2627 (Vulnerability in the MySQL Server component of Oracle MySQL (subcompon ...)
	- mariadb-10.3 1:10.3.15-1 (bug #928393)
	- mariadb-10.1 <removed>
	[stretch] - mariadb-10.1 10.1.41-0+deb9u1
	- mariadb-10.0 <removed>
	[jessie] - mariadb-10.0 <postponed> (Minor issue)
	- mysql-5.7 5.7.26-1 (bug #927308)
	NOTE: https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html#AppendixMSQL
	NOTE: Fixed in MariaDB: 10.3.15, 10.1.39
CVE-2019-2626 (Vulnerability in the MySQL Server component of Oracle MySQL (subcompon ...)
	- mysql-5.7 <not-affected> (Only affects MySQL 8)
CVE-2019-2625 (Vulnerability in the MySQL Server component of Oracle MySQL (subcompon ...)
	- mysql-5.7 <not-affected> (Only affects MySQL 8)
CVE-2019-2624 (Vulnerability in the MySQL Server component of Oracle MySQL (subcompon ...)
	- mysql-5.7 <not-affected> (Only affects MySQL 8)
CVE-2019-2623 (Vulnerability in the MySQL Server component of Oracle MySQL (subcompon ...)
	- mysql-5.7 <not-affected> (Only affects MySQL 8)
CVE-2019-2622 (Vulnerability in the Oracle Service Contracts component of Oracle E-Bu ...)
	NOT-FOR-US: Oracle
CVE-2019-2621 (Vulnerability in the Oracle Application Object Library component of Or ...)
	NOT-FOR-US: Oracle
CVE-2019-2620 (Vulnerability in the MySQL Server component of Oracle MySQL (subcompon ...)
	- mysql-5.7 <not-affected> (Only affects MySQL 8)
CVE-2019-2619 (Vulnerability in the Portable Clusterware component of Oracle Database ...)
	NOT-FOR-US: Oracle
CVE-2019-2618 (Vulnerability in the Oracle WebLogic Server component of Oracle Fusion ...)
	NOT-FOR-US: Oracle
CVE-2019-2617 (Vulnerability in the MySQL Server component of Oracle MySQL (subcompon ...)
	- mysql-5.7 <not-affected> (Only affects MySQL 8)
CVE-2019-2616 (Vulnerability in the BI Publisher (formerly XML Publisher) component o ...)
	NOT-FOR-US: Oracle
CVE-2019-2615 (Vulnerability in the Oracle WebLogic Server component of Oracle Fusion ...)
	NOT-FOR-US: Oracle
CVE-2019-2614 (Vulnerability in the MySQL Server component of Oracle MySQL (subcompon ...)
	- mariadb-10.3 1:10.3.15-1 (bug #928393)
	- mariadb-10.1 <removed>
	[stretch] - mariadb-10.1 10.1.41-0+deb9u1
	- mariadb-10.0 <removed>
	[jessie] - mariadb-10.0 <postponed> (Minor issue)
	- mysql-5.7 5.7.26-1 (bug #927308)
	NOTE: https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html#AppendixMSQL
	NOTE: Fixed in MariaDB 10.3.15, 10.1.39
CVE-2019-2613 (Vulnerability in the Oracle Outside In Technology component of Oracle  ...)
	NOT-FOR-US: Oracle
CVE-2019-2612 (Vulnerability in the Oracle Outside In Technology component of Oracle  ...)
	NOT-FOR-US: Oracle
CVE-2019-2611 (Vulnerability in the Oracle Outside In Technology component of Oracle  ...)
	NOT-FOR-US: Oracle
CVE-2019-2610 (Vulnerability in the Oracle Outside In Technology component of Oracle  ...)
	NOT-FOR-US: Oracle
CVE-2019-2609 (Vulnerability in the Oracle Outside In Technology component of Oracle  ...)
	NOT-FOR-US: Oracle
CVE-2019-2608 (Vulnerability in the Oracle Outside In Technology component of Oracle  ...)
	NOT-FOR-US: Oracle
CVE-2019-2607 (Vulnerability in the MySQL Server component of Oracle MySQL (subcompon ...)
	- mysql-5.7 <not-affected> (Only affects MySQL 8)
CVE-2019-2606 (Vulnerability in the MySQL Server component of Oracle MySQL (subcompon ...)
	- mysql-5.7 <not-affected> (Only affects MySQL 8)
CVE-2019-2605 (Vulnerability in the Oracle Business Intelligence Enterprise Edition c ...)
	NOT-FOR-US: Oracle
CVE-2019-2604 (Vulnerability in the Oracle Marketing component of Oracle E-Business S ...)
	NOT-FOR-US: Oracle
CVE-2019-2603 (Vulnerability in the Oracle One-to-One Fulfillment component of Oracle ...)
	NOT-FOR-US: Oracle
CVE-2019-2602 (Vulnerability in the Java SE, Java SE Embedded component of Oracle Jav ...)
	{DSA-4453-1 DLA-1782-1}
	- openjdk-7 <removed>
	- openjdk-8 8u212-b03-1
	- openjdk-11 11.0.3+7-1
CVE-2019-2601 (Vulnerability in the BI Publisher (formerly XML Publisher) component o ...)
	NOT-FOR-US: Oracle
CVE-2019-2600 (Vulnerability in the Oracle Email Center component of Oracle E-Busines ...)
	NOT-FOR-US: Oracle
CVE-2019-2599 (Vulnerability in the PeopleSoft Enterprise PT PeopleTools component of ...)
	NOT-FOR-US: Oracle
CVE-2019-2598 (Vulnerability in the PeopleSoft Enterprise PeopleTools component of Or ...)
	NOT-FOR-US: Oracle
CVE-2019-2597 (Vulnerability in the PeopleSoft Enterprise PeopleTools component of Or ...)
	NOT-FOR-US: Oracle
CVE-2019-2596 (Vulnerability in the MySQL Server component of Oracle MySQL (subcompon ...)
	- mysql-5.7 <not-affected> (Only affects MySQL 8)
CVE-2019-2595 (Vulnerability in the BI Publisher (formerly XML Publisher) component o ...)
	NOT-FOR-US: Oracle
CVE-2019-2594 (Vulnerability in the PeopleSoft Enterprise PT PeopleTools component of ...)
	NOT-FOR-US: Oracle
CVE-2019-2593 (Vulnerability in the MySQL Server component of Oracle MySQL (subcompon ...)
	- mysql-5.7 <not-affected> (Only affects MySQL 8)
CVE-2019-2592 (Vulnerability in the MySQL Server component of Oracle MySQL (subcompon ...)
	- mysql-5.7 5.7.26-1 (bug #927308)
	NOTE: https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html#AppendixMSQL
CVE-2019-2591 (Vulnerability in the PeopleSoft Enterprise HRMS component of Oracle Pe ...)
	NOT-FOR-US: Oracle
CVE-2019-2590 (Vulnerability in the PeopleSoft Enterprise HCM Talent Acquisition Mana ...)
	NOT-FOR-US: Oracle
CVE-2019-2589 (Vulnerability in the MySQL Server component of Oracle MySQL (subcompon ...)
	- mysql-5.7 <not-affected> (Only affects MySQL 8)
CVE-2019-2588 (Vulnerability in the BI Publisher (formerly XML Publisher) component o ...)
	NOT-FOR-US: Oracle
CVE-2019-2587 (Vulnerability in the MySQL Server component of Oracle MySQL (subcompon ...)
	- mysql-5.7 <not-affected> (Only affects MySQL 8)
CVE-2019-2586 (Vulnerability in the PeopleSoft Enterprise PT PeopleTools component of ...)
	NOT-FOR-US: Oracle
CVE-2019-2585 (Vulnerability in the MySQL Server component of Oracle MySQL (subcompon ...)
	- mysql-5.7 <not-affected> (Only affects MySQL 8)
CVE-2019-2584 (Vulnerability in the MySQL Server component of Oracle MySQL (subcompon ...)
	- mysql-5.7 <not-affected> (Only affects MySQL 8)
CVE-2019-2583 (Vulnerability in the Oracle iSupplier Portal component of Oracle E-Bus ...)
	NOT-FOR-US: Oracle
CVE-2019-2582 (Vulnerability in the Core RDBMS component of Oracle Database Server. S ...)
	NOT-FOR-US: Oracle
CVE-2019-2581 (Vulnerability in the MySQL Server component of Oracle MySQL (subcompon ...)
	- mysql-5.7 5.7.26-1 (bug #927308)
	NOTE: https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html#AppendixMSQL
CVE-2019-2580 (Vulnerability in the MySQL Server component of Oracle MySQL (subcompon ...)
	- mysql-5.7 <not-affected> (Only affects MySQL 8)
CVE-2019-2579 (Vulnerability in the Oracle WebCenter Sites component of Oracle Fusion ...)
	NOT-FOR-US: Oracle
CVE-2019-2578 (Vulnerability in the Oracle WebCenter Sites component of Oracle Fusion ...)
	NOT-FOR-US: Oracle
CVE-2019-2577 (Vulnerability in the Oracle Solaris component of Oracle Sun Systems Pr ...)
	NOT-FOR-US: Oracle
CVE-2019-2576 (Vulnerability in the Oracle Service Bus component of Oracle Fusion Mid ...)
	NOT-FOR-US: Oracle
CVE-2019-2575 (Vulnerability in the Oracle AutoVue 3D Professional Advanced component ...)
	NOT-FOR-US: Oracle
CVE-2019-2574 (Vulnerability in the Oracle VM VirtualBox component of Oracle Virtuali ...)
	- virtualbox 6.0.6-dfsg-1
	[jessie] - virtualbox <end-of-life> (DSA-3699-1)
CVE-2019-2573 (Vulnerability in the PeopleSoft Enterprise PeopleTools component of Or ...)
	NOT-FOR-US: Oracle
CVE-2019-2572 (Vulnerability in the Oracle SOA Suite component of Oracle Fusion Middl ...)
	NOT-FOR-US: Oracle
CVE-2019-2571 (Vulnerability in the RDBMS DataPump component of Oracle Database Serve ...)
	NOT-FOR-US: Oracle
CVE-2019-2570 (Vulnerability in the Siebel Core - Server BizLogic Script component of ...)
	NOT-FOR-US: Oracle
CVE-2019-2569 (Vulnerability in the Core RDBMS component of Oracle Database Server. S ...)
	NOT-FOR-US: Oracle
CVE-2019-2568 (Vulnerability in the Oracle WebLogic Server component of Oracle Fusion ...)
	NOT-FOR-US: Oracle
CVE-2019-2567 (Vulnerability in the Oracle Configurator component of Oracle Supply Ch ...)
	NOT-FOR-US: Oracle
CVE-2019-2566 (Vulnerability in the MySQL Server component of Oracle MySQL (subcompon ...)
	- mysql-5.7 5.7.26-1 (bug #927308)
	NOTE: https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html#AppendixMSQL
CVE-2019-2565 (Vulnerability in the JD Edwards World Technical Foundation component o ...)
	NOT-FOR-US: Oracle
CVE-2019-2564 (Vulnerability in the JD Edwards EnterpriseOne Tools component of Oracl ...)
	NOT-FOR-US: Oracle
CVE-2019-2563
	RESERVED
CVE-2019-2562
	RESERVED
CVE-2019-2561 (Vulnerability in the Oracle Retail Xstore Office component of Oracle R ...)
	NOT-FOR-US: Oracle
CVE-2019-2560
	RESERVED
CVE-2019-2559
	RESERVED
CVE-2019-2558 (Vulnerability in the Oracle Retail Point-of-Service component of Oracl ...)
	NOT-FOR-US: Oracle
CVE-2019-2557 (Vulnerability in the Oracle Application Testing Suite component of Ora ...)
	NOT-FOR-US: Oracle
CVE-2019-2556 (Vulnerability in the Oracle VM VirtualBox component of Oracle Virtuali ...)
	- virtualbox 5.2.24-dfsg-1
	[jessie] - virtualbox <end-of-life> (DSA-3699-1)
CVE-2019-2555 (Vulnerability in the Oracle VM VirtualBox component of Oracle Virtuali ...)
	- virtualbox 5.2.24-dfsg-1
	[jessie] - virtualbox <end-of-life> (DSA-3699-1)
CVE-2019-2554 (Vulnerability in the Oracle VM VirtualBox component of Oracle Virtuali ...)
	- virtualbox 5.2.24-dfsg-1
	[jessie] - virtualbox <end-of-life> (DSA-3699-1)
CVE-2019-2553 (Vulnerability in the Oracle VM VirtualBox component of Oracle Virtuali ...)
	- virtualbox 5.2.24-dfsg-1
	[jessie] - virtualbox <end-of-life> (DSA-3699-1)
CVE-2019-2552 (Vulnerability in the Oracle VM VirtualBox component of Oracle Virtuali ...)
	- virtualbox 5.2.24-dfsg-1
	[jessie] - virtualbox <end-of-life> (DSA-3699-1)
CVE-2019-2551 (Vulnerability in the Oracle One-to-One Fulfillment component of Oracle ...)
	NOT-FOR-US: Oracle
CVE-2019-2550 (Vulnerability in the Oracle FLEXCUBE Direct Banking component of Oracl ...)
	NOT-FOR-US: Oracle
CVE-2019-2549 (Vulnerability in the Oracle FLEXCUBE Direct Banking component of Oracl ...)
	NOT-FOR-US: Oracle
CVE-2019-2548 (Vulnerability in the Oracle VM VirtualBox component of Oracle Virtuali ...)
	- virtualbox 5.2.24-dfsg-1
	[jessie] - virtualbox <end-of-life> (DSA-3699-1)
CVE-2019-2547 (Vulnerability in the Java VM component of Oracle Database Server. Supp ...)
	NOT-FOR-US: Oracle
CVE-2019-2546 (Vulnerability in the Oracle Applications Manager component of Oracle E ...)
	NOT-FOR-US: Oracle
CVE-2019-2545 (Vulnerability in the Oracle Solaris component of Oracle Sun Systems Pr ...)
	NOT-FOR-US: Oracle
CVE-2019-2544 (Vulnerability in the Oracle Solaris component of Oracle Sun Systems Pr ...)
	NOT-FOR-US: Oracle
CVE-2019-2543 (Vulnerability in the Oracle Solaris component of Oracle Sun Systems Pr ...)
	NOT-FOR-US: Oracle
CVE-2019-2542
	RESERVED
CVE-2019-2541 (Vulnerability in the Oracle Solaris component of Oracle Sun Systems Pr ...)
	NOT-FOR-US: Oracle
CVE-2019-2540 (Vulnerability in the Java Advanced Management Console component of Ora ...)
	NOT-FOR-US: Java Advanced Management Console
CVE-2019-2539 (Vulnerability in the MySQL Server component of Oracle MySQL (subcompon ...)
	- mysql-5.7 <not-affected> (Specific to 8.x)
CVE-2019-2538 (Vulnerability in the Oracle Managed File Transfer component of Oracle  ...)
	NOT-FOR-US: Oracle
CVE-2019-2537 (Vulnerability in the MySQL Server component of Oracle MySQL (subcompon ...)
	{DLA-1655-1}
	- mysql-5.7 5.7.25-1 (bug #919817)
	- mariadb-10.3 1:10.3.13-1 (bug #920933)
	- mariadb-10.1 <removed>
	[stretch] - mariadb-10.1 10.1.38-0+deb9u1
	- mariadb-10.0 <removed>
	NOTE: Fixed in MariaDB: 10.3.13, 10.1.38, 10.0.38
CVE-2019-2536 (Vulnerability in the MySQL Server component of Oracle MySQL (subcompon ...)
	- mysql-5.7 <not-affected> (Specific to 8)
CVE-2019-2535 (Vulnerability in the MySQL Server component of Oracle MySQL (subcompon ...)
	- mysql-5.7 <not-affected> (Specific to 8)
CVE-2019-2534 (Vulnerability in the MySQL Server component of Oracle MySQL (subcompon ...)
	- mysql-5.7 5.7.25-1 (bug #919817)
CVE-2019-2533 (Vulnerability in the MySQL Server component of Oracle MySQL (subcompon ...)
	- mysql-5.7 <not-affected> (Specific to 8.x)
CVE-2019-2532 (Vulnerability in the MySQL Server component of Oracle MySQL (subcompon ...)
	- mysql-5.7 5.7.25-1 (bug #919817)
CVE-2019-2531 (Vulnerability in the MySQL Server component of Oracle MySQL (subcompon ...)
	- mysql-5.7 5.7.25-1 (bug #919817)
CVE-2019-2530 (Vulnerability in the MySQL Server component of Oracle MySQL (subcompon ...)
	- mysql-5.7 <not-affected> (Specific to 8)
CVE-2019-2529 (Vulnerability in the MySQL Server component of Oracle MySQL (subcompon ...)
	{DLA-1655-1}
	- mysql-5.7 5.7.25-1 (bug #919817)
	- mariadb-10.1 <removed>
	[stretch] - mariadb-10.1 10.1.38-0+deb9u1
	- mariadb-10.0 <removed>
	NOTE: Fixed in MariaDB: 10.1.38, 10.0.38
CVE-2019-2528 (Vulnerability in the MySQL Server component of Oracle MySQL (subcompon ...)
	- mysql-5.7 5.7.25-1 (bug #919817)
CVE-2019-2527 (Vulnerability in the Oracle VM VirtualBox component of Oracle Virtuali ...)
	- virtualbox 5.2.24-dfsg-1
	[jessie] - virtualbox <end-of-life> (DSA-3699-1)
CVE-2019-2526 (Vulnerability in the Oracle VM VirtualBox component of Oracle Virtuali ...)
	- virtualbox 5.2.24-dfsg-1
	[jessie] - virtualbox <end-of-life> (DSA-3699-1)
CVE-2019-2525 (Vulnerability in the Oracle VM VirtualBox component of Oracle Virtuali ...)
	- virtualbox 5.2.24-dfsg-1
	[jessie] - virtualbox <end-of-life> (DSA-3699-1)
CVE-2019-2524 (Vulnerability in the Oracle VM VirtualBox component of Oracle Virtuali ...)
	- virtualbox 5.2.24-dfsg-1
	[jessie] - virtualbox <end-of-life> (DSA-3699-1)
CVE-2019-2523 (Vulnerability in the Oracle VM VirtualBox component of Oracle Virtuali ...)
	- virtualbox 5.2.24-dfsg-1
	[jessie] - virtualbox <end-of-life> (DSA-3699-1)
CVE-2019-2522 (Vulnerability in the Oracle VM VirtualBox component of Oracle Virtuali ...)
	- virtualbox 5.2.24-dfsg-1
	[jessie] - virtualbox <end-of-life> (DSA-3699-1)
CVE-2019-2521 (Vulnerability in the Oracle VM VirtualBox component of Oracle Virtuali ...)
	- virtualbox 5.2.24-dfsg-1
	[jessie] - virtualbox <end-of-life> (DSA-3699-1)
CVE-2019-2520 (Vulnerability in the Oracle VM VirtualBox component of Oracle Virtuali ...)
	- virtualbox 5.2.24-dfsg-1
	[jessie] - virtualbox <end-of-life> (DSA-3699-1)
CVE-2019-2519 (Vulnerability in the PeopleSoft Enterprise SCM eProcurement component  ...)
	NOT-FOR-US: Oracle
CVE-2019-2518 (Vulnerability in the Java VM component of Oracle Database Server. Supp ...)
	NOT-FOR-US: Oracle
CVE-2019-2517 (Vulnerability in the Core RDBMS component of Oracle Database Server. S ...)
	NOT-FOR-US: Oracle
CVE-2019-2516 (Vulnerability in the Portable Clusterware component of Oracle Database ...)
	NOT-FOR-US: Oracle
CVE-2019-2515
	RESERVED
CVE-2019-2514
	RESERVED
CVE-2019-2513 (Vulnerability in the MySQL Server component of Oracle MySQL (subcompon ...)
	- mysql-5.7 <not-affected> (Specific to 8)
CVE-2019-2512 (Vulnerability in the Primavera P6 Enterprise Project Portfolio Managem ...)
	NOT-FOR-US: Oracle
CVE-2019-2511 (Vulnerability in the Oracle VM VirtualBox component of Oracle Virtuali ...)
	- virtualbox 5.2.24-dfsg-1
	[jessie] - virtualbox <end-of-life> (DSA-3699-1)
CVE-2019-2510 (Vulnerability in the MySQL Server component of Oracle MySQL (subcompon ...)
	- mysql-5.7 5.7.25-1 (bug #919817)
	- mariadb-10.3 1:10.3.13-1 (bug #920933)
	NOTE: Fixed in MariaDB: 10.3.13
CVE-2019-2509 (Vulnerability in the Oracle VM VirtualBox component of Oracle Virtuali ...)
	- virtualbox 5.2.24-dfsg-1
	[jessie] - virtualbox <end-of-life> (DSA-3699-1)
CVE-2019-2508 (Vulnerability in the Oracle VM VirtualBox component of Oracle Virtuali ...)
	- virtualbox 5.2.24-dfsg-1
	[jessie] - virtualbox <end-of-life> (DSA-3699-1)
CVE-2019-2507 (Vulnerability in the MySQL Server component of Oracle MySQL (subcompon ...)
	- mysql-5.7 5.7.25-1 (bug #919817)
CVE-2019-2506 (Vulnerability in the Oracle VM VirtualBox component of Oracle Virtuali ...)
	- virtualbox 5.2.24-dfsg-1
	[jessie] - virtualbox <end-of-life> (DSA-3699-1)
CVE-2019-2505 (Vulnerability in the Oracle VM VirtualBox component of Oracle Virtuali ...)
	- virtualbox 5.2.24-dfsg-1
	[jessie] - virtualbox <end-of-life> (DSA-3699-1)
CVE-2019-2504 (Vulnerability in the Oracle VM VirtualBox component of Oracle Virtuali ...)
	- virtualbox 5.2.24-dfsg-1
	[jessie] - virtualbox <end-of-life> (DSA-3699-1)
CVE-2019-2503 (Vulnerability in the MySQL Server component of Oracle MySQL (subcompon ...)
	{DSA-4341-1 DLA-1570-1}
	- mysql-5.7 5.7.25-1 (bug #919817)
	- mariadb-10.0 <removed>
	NOTE: Fixed in MariaDB: 10.0.37
CVE-2019-2502 (Vulnerability in the MySQL Server component of Oracle MySQL (subcompon ...)
	- mysql-5.7 <not-affected> (Specific to 8)
CVE-2019-2501 (Vulnerability in the Oracle VM VirtualBox component of Oracle Virtuali ...)
	- virtualbox 5.2.24-dfsg-1
	[jessie] - virtualbox <end-of-life> (DSA-3699-1)
CVE-2019-2500 (Vulnerability in the Oracle VM VirtualBox component of Oracle Virtuali ...)
	- virtualbox 5.2.24-dfsg-1
	[jessie] - virtualbox <end-of-life> (DSA-3699-1)
CVE-2019-2499 (Vulnerability in the PeopleSoft Enterprise PeopleTools component of Or ...)
	NOT-FOR-US: Oracle
CVE-2019-2498 (Vulnerability in the Oracle Partner Management component of Oracle E-B ...)
	NOT-FOR-US: Oracle
CVE-2019-2497 (Vulnerability in the Oracle CRM Technical Foundation component of Orac ...)
	NOT-FOR-US: Oracle
CVE-2019-2496 (Vulnerability in the Oracle CRM Technical Foundation component of Orac ...)
	NOT-FOR-US: Oracle
CVE-2019-2495 (Vulnerability in the MySQL Server component of Oracle MySQL (subcompon ...)
	- mysql-5.7 <not-affected> (Specific to 8)
CVE-2019-2494 (Vulnerability in the MySQL Server component of Oracle MySQL (subcompon ...)
	- mysql-5.7 <not-affected> (Specific to 8)
CVE-2019-2493 (Vulnerability in the PeopleSoft Enterprise CS Campus Community compone ...)
	NOT-FOR-US: Oracle
CVE-2019-2492 (Vulnerability in the Oracle Email Center component of Oracle E-Busines ...)
	NOT-FOR-US: Oracle
CVE-2019-2491 (Vulnerability in the Oracle Email Center component of Oracle E-Busines ...)
	NOT-FOR-US: Oracle
CVE-2019-2490 (Vulnerability in the PeopleSoft Enterprise PeopleTools component of Or ...)
	NOT-FOR-US: Oracle
CVE-2019-2489 (Vulnerability in the Oracle One-to-One Fulfillment component of Oracle ...)
	NOT-FOR-US: Oracle
CVE-2019-2488 (Vulnerability in the Oracle CRM Technical Foundation component of Orac ...)
	NOT-FOR-US: Oracle
CVE-2019-2487 (Vulnerability in the Oracle Transportation Management component of Ora ...)
	NOT-FOR-US: Oracle
CVE-2019-2486 (Vulnerability in the MySQL Server component of Oracle MySQL (subcompon ...)
	- mysql-5.7 5.7.25-1 (bug #919817)
CVE-2019-2485 (Vulnerability in the Oracle Mobile Field Service component of Oracle E ...)
	NOT-FOR-US: Oracle
CVE-2019-2484 (Vulnerability in the Application Express component of Oracle Database  ...)
	NOT-FOR-US: Oracle
CVE-2019-2483
	RESERVED
CVE-2019-2482 (Vulnerability in the MySQL Server component of Oracle MySQL (subcompon ...)
	- mysql-5.7 5.7.25-1 (bug #919817)
CVE-2019-2481 (Vulnerability in the MySQL Server component of Oracle MySQL (subcompon ...)
	- mysql-5.7 5.7.25-1 (bug #919817)
CVE-2019-2480 (Vulnerability in the Oracle Outside In Technology component of Oracle  ...)
	NOT-FOR-US: Oracle
CVE-2019-2479 (Vulnerability in the Oracle Outside In Technology component of Oracle  ...)
	NOT-FOR-US: Oracle
CVE-2019-2478 (Vulnerability in the Oracle Outside In Technology component of Oracle  ...)
	NOT-FOR-US: Oracle
CVE-2019-2477 (Vulnerability in the Oracle Outside In Technology component of Oracle  ...)
	NOT-FOR-US: Oracle
CVE-2019-2476 (Vulnerability in the Oracle Outside In Technology component of Oracle  ...)
	NOT-FOR-US: Oracle
CVE-2019-2475 (Vulnerability in the Oracle Outside In Technology component of Oracle  ...)
	NOT-FOR-US: Oracle
CVE-2019-2474 (Vulnerability in the Oracle Outside In Technology component of Oracle  ...)
	NOT-FOR-US: Oracle
CVE-2019-2473 (Vulnerability in the Oracle Outside In Technology component of Oracle  ...)
	NOT-FOR-US: Oracle
CVE-2019-2472 (Vulnerability in the Oracle Outside In Technology component of Oracle  ...)
	NOT-FOR-US: Oracle
CVE-2019-2471 (Vulnerability in the PeopleSoft Enterprise PeopleTools component of Or ...)
	NOT-FOR-US: Oracle
CVE-2019-2470 (Vulnerability in the Oracle Partner Management component of Oracle E-B ...)
	NOT-FOR-US: Oracle
CVE-2019-2469 (Vulnerability in the Oracle Outside In Technology component of Oracle  ...)
	NOT-FOR-US: Oracle
CVE-2019-2468 (Vulnerability in the Oracle Outside In Technology component of Oracle  ...)
	NOT-FOR-US: Oracle
CVE-2019-2467 (Vulnerability in the Oracle Outside In Technology component of Oracle  ...)
	NOT-FOR-US: Oracle
CVE-2019-2466 (Vulnerability in the Oracle Outside In Technology component of Oracle  ...)
	NOT-FOR-US: Oracle
CVE-2019-2465 (Vulnerability in the Oracle Outside In Technology component of Oracle  ...)
	NOT-FOR-US: Oracle
CVE-2019-2464 (Vulnerability in the Oracle Outside In Technology component of Oracle  ...)
	NOT-FOR-US: Oracle
CVE-2019-2463 (Vulnerability in the Oracle Outside In Technology component of Oracle  ...)
	NOT-FOR-US: Oracle
CVE-2019-2462 (Vulnerability in the Oracle Outside In Technology component of Oracle  ...)
	NOT-FOR-US: Oracle
CVE-2019-2461 (Vulnerability in the Oracle Outside In Technology component of Oracle  ...)
	NOT-FOR-US: Oracle
CVE-2019-2460 (Vulnerability in the Oracle Outside In Technology component of Oracle  ...)
	NOT-FOR-US: Oracle
CVE-2019-2459 (Vulnerability in the Oracle Outside In Technology component of Oracle  ...)
	NOT-FOR-US: Oracle
CVE-2019-2458 (Vulnerability in the Oracle Outside In Technology component of Oracle  ...)
	NOT-FOR-US: Oracle
CVE-2019-2457 (Vulnerability in the Oracle Outside In Technology component of Oracle  ...)
	NOT-FOR-US: Oracle
CVE-2019-2456 (Vulnerability in the Oracle Outside In Technology component of Oracle  ...)
	NOT-FOR-US: Oracle
CVE-2019-2455 (Vulnerability in the MySQL Server component of Oracle MySQL (subcompon ...)
	- mysql-5.7 5.7.25-1 (bug #919817)
CVE-2019-2454
	RESERVED
CVE-2019-2453 (Vulnerability in the Oracle Performance Management component of Oracle ...)
	NOT-FOR-US: Oracle
CVE-2019-2452 (Vulnerability in the Oracle WebLogic Server component of Oracle Fusion ...)
	NOT-FOR-US: Oracle
CVE-2019-2451 (Vulnerability in the Oracle VM VirtualBox component of Oracle Virtuali ...)
	- virtualbox 5.2.24-dfsg-1
	[jessie] - virtualbox <end-of-life> (DSA-3699-1)
CVE-2019-2450 (Vulnerability in the Oracle VM VirtualBox component of Oracle Virtuali ...)
	- virtualbox 5.2.24-dfsg-1
	[jessie] - virtualbox <end-of-life> (DSA-3699-1)
CVE-2019-2449 (Vulnerability in the Java SE component of Oracle Java SE (subcomponent ...)
	- openjdk-8 <not-affected> (Deployment components not part of OpenJDK, only present in Oracle Java)
CVE-2019-2448 (Vulnerability in the Oracle VM VirtualBox component of Oracle Virtuali ...)
	- virtualbox 5.2.24-dfsg-1
	[jessie] - virtualbox <end-of-life> (DSA-3699-1)
CVE-2019-2447 (Vulnerability in the Oracle Partner Management component of Oracle E-B ...)
	NOT-FOR-US: Oracle
CVE-2019-2446 (Vulnerability in the Oracle VM VirtualBox component of Oracle Virtuali ...)
	- virtualbox 5.2.24-dfsg-1
	[jessie] - virtualbox <end-of-life> (DSA-3699-1)
CVE-2019-2445 (Vulnerability in the Oracle Content Manager component of Oracle E-Busi ...)
	NOT-FOR-US: Oracle
CVE-2019-2444 (Vulnerability in the Core RDBMS component of Oracle Database Server. S ...)
	NOT-FOR-US: Oracle
CVE-2019-2443 (Vulnerability in the PeopleSoft Enterprise PeopleTools component of Or ...)
	NOT-FOR-US: Oracle
CVE-2019-2442 (Vulnerability in the PeopleSoft Enterprise PeopleTools component of Or ...)
	NOT-FOR-US: Oracle
CVE-2019-2441 (Vulnerability in the Oracle WebLogic Server component of Oracle Fusion ...)
	NOT-FOR-US: Oracle
CVE-2019-2440 (Vulnerability in the Oracle Marketing component of Oracle E-Business S ...)
	NOT-FOR-US: Oracle
CVE-2019-2439 (Vulnerability in the PeopleSoft Enterprise PeopleTools component of Or ...)
	NOT-FOR-US: Oracle
CVE-2019-2438 (Vulnerability in the Oracle Web Cache component of Oracle Fusion Middl ...)
	NOT-FOR-US: Oracle
CVE-2019-2437 (Vulnerability in the Oracle Solaris component of Oracle Sun Systems Pr ...)
	NOT-FOR-US: Oracle
CVE-2019-2436 (Vulnerability in the MySQL Server component of Oracle MySQL (subcompon ...)
	- mysql-5.7 <not-affected> (Specific to 8)
CVE-2019-2435 (Vulnerability in the MySQL Connectors component of Oracle MySQL (subco ...)
	- mysql-connector-python 8.0.14-1 (bug #919820)
	[stretch] - mysql-connector-python <ignored> (No security details disclosed, no 2.1.x release by Oracle)
	[jessie] - mysql-connector-python <ignored> (No security details disclosed, no 1.2.x release by Oracle)
	NOTE: http://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html#CVE-2019-2435
CVE-2019-2434 (Vulnerability in the MySQL Server component of Oracle MySQL (subcompon ...)
	- mysql-5.7 5.7.25-1 (bug #919817)
CVE-2019-2433 (Vulnerability in the PeopleSoft Enterprise PeopleTools component of Or ...)
	NOT-FOR-US: Oracle
CVE-2019-2432 (Vulnerability in the Oracle Argus Safety component of Oracle Health Sc ...)
	NOT-FOR-US: Oracle
CVE-2019-2431 (Vulnerability in the Oracle Argus Safety component of Oracle Health Sc ...)
	NOT-FOR-US: Oracle
CVE-2019-2430 (Vulnerability in the Oracle Argus Safety component of Oracle Health Sc ...)
	NOT-FOR-US: Oracle
CVE-2019-2429 (Vulnerability in the Oracle Outside In Technology component of Oracle  ...)
	NOT-FOR-US: Oracle
CVE-2019-2428
	RESERVED
CVE-2019-2427 (Vulnerability in the Oracle WebCenter Portal component of Oracle Fusio ...)
	NOT-FOR-US: Oracle
CVE-2019-2426 (Vulnerability in the Java SE component of Oracle Java SE (subcomponent ...)
	- openjdk-7 <not-affected> (Specific to Java on Windows)
	- openjdk-8 <not-affected> (Specific to Java on Windows)
	- openjdk-11 <not-affected> (Specific to Java on Windows)
CVE-2019-2425 (Vulnerability in the Oracle Hospitality Reporting and Analytics compon ...)
	NOT-FOR-US: Oracle
CVE-2019-2424 (Vulnerability in the Oracle Retail Convenience Store Back Office compo ...)
	NOT-FOR-US: Oracle
CVE-2019-2423 (Vulnerability in the PeopleSoft Enterprise PeopleTools component of Or ...)
	NOT-FOR-US: Oracle
CVE-2019-2422 (Vulnerability in the Java SE component of Oracle Java SE (subcomponent ...)
	{DSA-4410-1 DLA-1732-1}
	[experimental] - openjdk-7 7u211-2.6.17-1
	- openjdk-7 <unfixed>
	- openjdk-8 8u202-b26-1
	- openjdk-11 11.0.2+9-1
CVE-2019-2421 (Vulnerability in the PeopleSoft Enterprise HCM eProfile Manager Deskto ...)
	NOT-FOR-US: Oracle
CVE-2019-2420 (Vulnerability in the MySQL Server component of Oracle MySQL (subcompon ...)
	- mysql-5.7 5.7.25-1 (bug #919817)
CVE-2019-2419 (Vulnerability in the PeopleSoft Enterprise CC Common Application Objec ...)
	NOT-FOR-US: Oracle
CVE-2019-2418 (Vulnerability in the Oracle WebLogic Server component of Oracle Fusion ...)
	NOT-FOR-US: Oracle
CVE-2019-2417 (Vulnerability in the PeopleSoft Enterprise PeopleTools component of Or ...)
	NOT-FOR-US: Oracle
CVE-2019-2416 (Vulnerability in the PeopleSoft Enterprise PeopleTools component of Or ...)
	NOT-FOR-US: Oracle
CVE-2019-2415 (Vulnerability in the Hyperion BI+ component of Oracle Hyperion (subcom ...)
	NOT-FOR-US: Oracle
CVE-2019-2414 (Vulnerability in the Oracle HTTP Server component of Oracle Fusion Mid ...)
	NOT-FOR-US: Oracle
CVE-2019-2413 (Vulnerability in the Oracle Reports Developer component of Oracle Fusi ...)
	NOT-FOR-US: Oracle
CVE-2019-2412 (Vulnerability in the Sun ZFS Storage Appliance Kit (AK) component of O ...)
	NOT-FOR-US: Oracle
CVE-2019-2411 (Vulnerability in the Oracle Hospitality Cruise Shipboard Property Mana ...)
	NOT-FOR-US: Oracle
CVE-2019-2410 (Vulnerability in the Oracle Hospitality Cruise Shipboard Property Mana ...)
	NOT-FOR-US: Oracle
CVE-2019-2409 (Vulnerability in the Oracle Hospitality Cruise Shipboard Property Mana ...)
	NOT-FOR-US: Oracle
CVE-2019-2408 (Vulnerability in the PeopleSoft Enterprise PeopleTools component of Or ...)
	NOT-FOR-US: Oracle
CVE-2019-2407 (Vulnerability in the Oracle Hospitality Reporting and Analytics compon ...)
	NOT-FOR-US: Oracle
CVE-2019-2406 (Vulnerability in the Core RDBMS component of Oracle Database Server. S ...)
	NOT-FOR-US: Oracle
CVE-2019-2405 (Vulnerability in the PeopleSoft Enterprise PeopleTools component of Or ...)
	NOT-FOR-US: Oracle
CVE-2019-2404 (Vulnerability in the PeopleSoft Enterprise PeopleTools component of Or ...)
	NOT-FOR-US: Oracle
CVE-2019-2403 (Vulnerability in the Oracle Hospitality Simphony component of Oracle F ...)
	NOT-FOR-US: Oracle
CVE-2019-2402 (Vulnerability in the Oracle Hospitality Simphony component of Oracle F ...)
	NOT-FOR-US: Oracle
CVE-2019-2401 (Vulnerability in the Oracle Hospitality Reporting and Analytics compon ...)
	NOT-FOR-US: Oracle
CVE-2019-2400 (Vulnerability in the Oracle iStore component of Oracle E-Business Suit ...)
	NOT-FOR-US: Oracle
CVE-2019-2399 (Vulnerability in the Oracle Communications Diameter Signaling Router ( ...)
	NOT-FOR-US: Oracle
CVE-2019-2398 (Vulnerability in the Oracle WebLogic Server component of Oracle Fusion ...)
	NOT-FOR-US: Oracle
CVE-2019-2397 (Vulnerability in the Oracle Hospitality Reporting and Analytics compon ...)
	NOT-FOR-US: Oracle
CVE-2019-2396 (Vulnerability in the Oracle CRM Technical Foundation component of Orac ...)
	NOT-FOR-US: Oracle
CVE-2019-2395 (Vulnerability in the Oracle WebLogic Server component of Oracle Fusion ...)
	NOT-FOR-US: Oracle
CVE-2019-2394
	RESERVED
CVE-2019-2393
	RESERVED
CVE-2019-2392
	RESERVED
CVE-2019-2391 (Incorrect parsing of certain JSON input may result in js-bson not corr ...)
	TODO: check
CVE-2019-2390 (An unprivileged user or program on Microsoft Windows which can create  ...)
	NOT-FOR-US: Microsoft
CVE-2019-2389 (Incorrect scoping of kill operations in MongoDB Server's packaged SysV ...)
	- mongodb <removed> (low)
	[stretch] - mongodb <ignored> (Minor issue)
	[jessie] - mongodb <ignored> (Minor issue)
CVE-2019-2388
	RESERVED
CVE-2019-2387
	RESERVED
CVE-2019-2386 (After user deletion in MongoDB Server the improper invalidation of aut ...)
	- mongodb <removed> (low; bug #934783)
	[stretch] - mongodb <ignored> (Minor issue)
	[jessie] - mongodb <ignored> (Trivial workaround available)
	NOTE: https://jira.mongodb.org/browse/SERVER-38984
	NOTE: https://www.talosintelligence.com/vulnerability_reports/TALOS-2019-0829
CVE-2019-2385
	RESERVED
CVE-2019-2384
	RESERVED
CVE-2019-2383
	RESERVED
CVE-2019-2382
	RESERVED
CVE-2019-2381
	RESERVED
CVE-2019-2380
	RESERVED
CVE-2019-2379
	RESERVED
CVE-2019-2378
	RESERVED
CVE-2019-2377
	RESERVED
CVE-2019-2376
	RESERVED
CVE-2019-2375
	RESERVED
CVE-2019-2374
	RESERVED
CVE-2019-2373
	RESERVED
CVE-2019-2372
	RESERVED
CVE-2019-2371
	RESERVED
CVE-2019-2370
	RESERVED
CVE-2019-2369
	RESERVED
CVE-2019-2368
	RESERVED
CVE-2019-2367
	RESERVED
CVE-2019-2366
	RESERVED
CVE-2019-2365
	RESERVED
CVE-2019-2364
	RESERVED
CVE-2019-2363
	RESERVED
CVE-2019-2362
	RESERVED
CVE-2019-2361
	RESERVED
CVE-2019-2360
	RESERVED
CVE-2019-2359
	RESERVED
CVE-2019-2358
	RESERVED
CVE-2019-2357
	RESERVED
CVE-2019-2356
	RESERVED
CVE-2019-2355
	RESERVED
CVE-2019-2354
	RESERVED
CVE-2019-2353
	RESERVED
CVE-2019-2352
	RESERVED
CVE-2019-2351
	RESERVED
CVE-2019-2350
	RESERVED
CVE-2019-2349
	RESERVED
CVE-2019-2348
	RESERVED
CVE-2019-2347
	RESERVED
CVE-2019-2346 (Firmware is getting into loop of overwriting memory when scan command  ...)
	NOT-FOR-US: Qualcomm components for Android
CVE-2019-2345 (Race condition while accessing DMA buffer in jpeg driver in Snapdragon ...)
	NOT-FOR-US: Snapdragon
CVE-2019-2344
	RESERVED
CVE-2019-2343 (Out of bound read and information disclosure in firmware due to insuff ...)
	NOT-FOR-US: Snapdragon
CVE-2019-2342
	RESERVED
CVE-2019-2341 (Buffer overflow when the audio buffer size provided by user is larger  ...)
	NOT-FOR-US: Snapdragon
CVE-2019-2340
	RESERVED
CVE-2019-2339 (Out of bound access due to lack of check of whiltelist array size whil ...)
	NOT-FOR-US: Snapdragon
CVE-2019-2338 (Crafted image that has a valid signature from a non-QC entity can be l ...)
	NOT-FOR-US: Qualcomm components for Android
CVE-2019-2337 (While Skipping unknown IES, EMM is reading the buffer even if the no o ...)
	NOT-FOR-US: Qualcomm components for Android
CVE-2019-2336 (Subsequent use of the CBO listener may result in further memory corrup ...)
	NOT-FOR-US: Snapdragon
CVE-2019-2335 (While processing Attach Reject message, Valid exit condition is not me ...)
	NOT-FOR-US: Snapdragon
CVE-2019-2334 (Null pointer dereferencing can happen when playing the clip with wrong ...)
	NOT-FOR-US: Qualcomm components for Android
CVE-2019-2333 (Buffer overflow due to improper validation of buffer size while IPA dr ...)
	NOT-FOR-US: Snapdragon
CVE-2019-2332 (Memory corruption while accessing the memory as payload size is not va ...)
	NOT-FOR-US: Snapdragon
CVE-2019-2331 (Possible Integer overflow because of subtracting two integers without  ...)
	NOT-FOR-US: Snapdragon
CVE-2019-2330 (improper input validation in allocation request for secure allocations ...)
	NOT-FOR-US: Qualcomm components for Android
CVE-2019-2329 (Use after free issue in cleanup routine due to missing pointer sanitiz ...)
	NOT-FOR-US: Snapdragon
CVE-2019-2328 (Possible buffer overflow when number of channels passed is more than s ...)
	NOT-FOR-US: Qualcomm components for Android
CVE-2019-2327 (Possible buffer overflow can occur when playing clip with incorrect el ...)
	NOT-FOR-US: Qualcomm components for Android
CVE-2019-2326 (Data token is received from ADSP and is used without validation as an  ...)
	NOT-FOR-US: Qualcomm components for Android
CVE-2019-2325 (Out of boundary access due to token received from ADSP and is used wit ...)
	NOT-FOR-US: Snapdragon
CVE-2019-2324 (When ADSP is compromised, the audio port index that`s returned from AD ...)
	NOT-FOR-US: Snapdragon
CVE-2019-2323 (Lack of check to ensure crypto engine data passed by user is initializ ...)
	NOT-FOR-US: Snapdragon
CVE-2019-2322 (Buffer overflow can occur when playing specific clip which is non-stan ...)
	NOT-FOR-US: Qualcomm components for Android
CVE-2019-2321 (Incorrect length used while validating the qsee log buffer sent from H ...)
	NOT-FOR-US: Qualcomm components for Android
CVE-2019-2320 (Possible out of bounds write in a MT SMS/SS scenario due to improper v ...)
	NOT-FOR-US: Qualcomm components for Android
CVE-2019-2319 (HLOS could corrupt CPZ page table memory for S1 managed VMs in Snapdra ...)
	NOT-FOR-US: Qualcomm components for Android
CVE-2019-2318 (Non Secure Kernel can cause Trustzone to do an arbitrary memory read w ...)
	NOT-FOR-US: Snapdragon
CVE-2019-2317 (The secret key used to make the Initial Sequence Number in the TCP SYN ...)
	NOT-FOR-US: Qualcomm components for Android
CVE-2019-2316 (When computing the digest a local variable is used after going out of  ...)
	NOT-FOR-US: Snapdragon
CVE-2019-2315 (While invoking the API to copy from fd or local buffer to the secure b ...)
	NOT-FOR-US: Snapdragon
CVE-2019-2314 (Possible race condition that will cause a use-after-free when writing  ...)
	NOT-FOR-US: Snapdragon
CVE-2019-2313
	RESERVED
CVE-2019-2312 (When handling the vendor command there exists a potential buffer overf ...)
	NOT-FOR-US: Snapdragon
CVE-2019-2311 (Possible buffer overflow in WLAN handler due to lack of validation of  ...)
	NOT-FOR-US: Snapdragon
CVE-2019-2310 (Out of bound read would occur while trying to read action category and ...)
	NOT-FOR-US: Qualcomm components for Android
CVE-2019-2309 (While storing calibrated data from firmware in cache, An integer overf ...)
	NOT-FOR-US: Snapdragon
CVE-2019-2308 (User application could potentially make RPC call to the fastrpc driver ...)
	NOT-FOR-US: Qualcomm components for Android
CVE-2019-2307 (Possible integer underflow due to lack of validation before calculatio ...)
	NOT-FOR-US: Qualcomm components for Android
CVE-2019-2306 (Improper casting of structure while handling the buffer leads to out o ...)
	NOT-FOR-US: Snapdragon
CVE-2019-2305 (Out of bound access when reason code is extracted from frame data with ...)
	NOT-FOR-US: Qualcomm components for Android
CVE-2019-2304 (Integer overflow to buffer overflow due to lack of validation of event ...)
	NOT-FOR-US: Snapdragon
CVE-2019-2303 (SNDCP module may access array out side its boundary when it receives m ...)
	NOT-FOR-US: Snapdragon
CVE-2019-2302 (While processing vendor command which contains corrupted channel count ...)
	NOT-FOR-US: Snapdragon
CVE-2019-2301 (Possibility of out-of-bound read if id received from SPI is not in ran ...)
	NOT-FOR-US: Snapdragon
CVE-2019-2300 (Possible buffer overflow in WLAN handler due to lack of validation of  ...)
	NOT-FOR-US: Snapdragon
CVE-2019-2299 (An out-of-bound write can be triggered by a specially-crafted command  ...)
	NOT-FOR-US: Snapdragon
CVE-2019-2298 (Protection is missing while accessing md sessions info via macro which ...)
	NOT-FOR-US: Snapdragon
CVE-2019-2297 (Buffer overflow can occur while processing non-standard NAN message fr ...)
	NOT-FOR-US: Snapdragon
CVE-2019-2296
	RESERVED
CVE-2019-2295 (Information disclosure due to lack of address range check done on the  ...)
	NOT-FOR-US: Snapdragon
CVE-2019-2294 (Usage of hard-coded magic number for calculating heap guard bytes can  ...)
	NOT-FOR-US: Snapdragon
CVE-2019-2293 (Pointer dereference while freeing IFE resources due to lack of length  ...)
	NOT-FOR-US: Snapdragon
CVE-2019-2292 (Out of bound access can occur due to buffer copy without checking size ...)
	NOT-FOR-US: Snapdragon
CVE-2019-2291
	RESERVED
CVE-2019-2290 (Multiple open and close from multiple threads will lead camera driver  ...)
	NOT-FOR-US: Snapdragon
CVE-2019-2289 (Lack of integrity check allows MODEM to accept any NAS messages which  ...)
	NOT-FOR-US: Snapdragon
CVE-2019-2288 (Out of bound write in TZ while copying the secure dump structure on HL ...)
	NOT-FOR-US: Qualcomm components for Android
CVE-2019-2287 (Improper validation for inputs received from firmware can lead to an o ...)
	NOT-FOR-US: Snapdragon
CVE-2019-2286
	RESERVED
CVE-2019-2285 (Out of bound write issue is observed while giving information about pr ...)
	NOT-FOR-US: Snapdragon
CVE-2019-2284 (Possible use-after-free issue due to a race condition while calling ca ...)
	NOT-FOR-US: Snapdragon
CVE-2019-2283 (Improper validation of read and write index of tx and rx fifo`s before ...)
	NOT-FOR-US: Snapdragon
CVE-2019-2282
	RESERVED
CVE-2019-2281 (An unauthenticated bitmap image can be loaded in to memory and subsequ ...)
	NOT-FOR-US: Snapdragon
CVE-2019-2280
	RESERVED
CVE-2019-2279 (Shared memory gets updated with invalid data and may lead to access be ...)
	NOT-FOR-US: Snapdragon
CVE-2019-2278 (User keystore signature is ignored in boot and can lead to bypass boot ...)
	NOT-FOR-US: Qualcomm components for Android
CVE-2019-2277 (Out of bound read can happen due to lack of NULL termination on user c ...)
	NOT-FOR-US: Snapdragon
CVE-2019-2276 (Possible out of bound read occurs while processing beaconing request d ...)
	NOT-FOR-US: Qualcomm components for Android
CVE-2019-2275 (While deserializing any key blob during key operations, buffer overflo ...)
	NOT-FOR-US: Snapdragon
CVE-2019-2274 (Improper Access Control for RPU write access from secure processor in  ...)
	NOT-FOR-US: Snapdragon
CVE-2019-2273 (IOMMU page fault while playing h265 video file leads to denial of serv ...)
	NOT-FOR-US: Snapdragon
CVE-2019-2272 (Buffer overflow can occur in display function due to lack of validatio ...)
	NOT-FOR-US: Snapdragon
CVE-2019-2271 (Buffer over read can happen while parsing downlink session management  ...)
	NOT-FOR-US: Snapdragon
CVE-2019-2270
	RESERVED
CVE-2019-2269 (Possible buffer overflow while processing the high level lim process a ...)
	NOT-FOR-US: Snapdragon
CVE-2019-2268 (Possible OOB read issue in P2P action frames while handling WLAN manag ...)
	NOT-FOR-US: Snapdragon
CVE-2019-2267 (Locked regions may be modified through other interfaces in secure boot ...)
	NOT-FOR-US: Qualcomm components for Android
CVE-2019-2266 (Possible double free issue in kernel while handling the camera sensor  ...)
	NOT-FOR-US: Snapdragon
CVE-2019-2265
	RESERVED
CVE-2019-2264 (Null pointer dereference occurs for channel context while opening glin ...)
	NOT-FOR-US: Snapdragon
CVE-2019-2263 (Access to freed memory can happen while reading from diag driver due t ...)
	NOT-FOR-US: Snapdragon
CVE-2019-2262
	RESERVED
CVE-2019-2261 (Unauthorized access from GPU subsystem to HLOS or other non secure sub ...)
	NOT-FOR-US: Snapdragon
CVE-2019-2260 (A race condition occurs while processing perf-event which can lead to  ...)
	NOT-FOR-US: Snapdragon
CVE-2019-2259 (Resource allocation error while playing the video whose dimensions are ...)
	NOT-FOR-US: Qualcomm components for Android
CVE-2019-2258 (Improper validation of array index causes OOB write and then leads to  ...)
	NOT-FOR-US: Snapdragon
CVE-2019-2257 (Wrong permissions in configuration file can lead to unauthorized permi ...)
	NOT-FOR-US: Qualcomm components for Android
CVE-2019-2256 (An unprivileged user can craft a bitstream such that the payload encod ...)
	NOT-FOR-US: Qualcomm components for Android
CVE-2019-2255 (An unprivileged user can craft a bitstream such that the payload encod ...)
	NOT-FOR-US: Qualcomm components for Android
CVE-2019-2254 (Position determination accuracy may be degraded due to wrongly decoded ...)
	NOT-FOR-US: Qualcomm components for Android
CVE-2019-2253 (Buffer over-read can occur while parsing an ogg file with a corrupted  ...)
	NOT-FOR-US: Qualcomm components for Android
CVE-2019-2252 (Classic buffer overflow vulnerability while playing the specific video ...)
	NOT-FOR-US: Snapdragon
CVE-2019-2251 (If a bitmap file is loaded from any un-authenticated source, there is  ...)
	NOT-FOR-US: Snapdragon
CVE-2019-2250 (Kernel can write to arbitrary memory address passed by user while free ...)
	NOT-FOR-US: Qualcomm components for Android
CVE-2019-2249 (Kernel can do a memory read from arbitrary address passed by user duri ...)
	NOT-FOR-US: Snapdragon
CVE-2019-2248 (Buffer overflow can occur if invalid header tries to overwrite the exi ...)
	NOT-FOR-US: Snapdragon
CVE-2019-2247 (Possibility of double free issue while running multiple instances of s ...)
	NOT-FOR-US: Snapdragon
CVE-2019-2246 (Thread start can cause invalid memory writes to arbitrary memory locat ...)
	NOT-FOR-US: Snapdragon
CVE-2019-2245 (Possible integer underflow can happen when calculating length of eleme ...)
	NOT-FOR-US: Qualcomm components for Android
CVE-2019-2244 (Possible integer underflow can happen when calculating length of eleme ...)
	NOT-FOR-US: Qualcomm components for Android
CVE-2019-2243 (Possible buffer overflow at the end of iterating loop while getting th ...)
	NOT-FOR-US: Snapdragon
CVE-2019-2242 (Device memory may get corrupted because of buffer overflow/underflow.  ...)
	NOT-FOR-US: Snapdragon
CVE-2019-2241 (While rendering the layout background, Error status check is not caugh ...)
	NOT-FOR-US: Qualcomm components for Android
CVE-2019-2240 (While sending the rendered surface content to the screen, Error handli ...)
	NOT-FOR-US: Qualcomm components for Android
CVE-2019-2239 (Sanity checks are missing in layout which can lead to SUI Corruption o ...)
	NOT-FOR-US: Qualcomm components for Android
CVE-2019-2238 (Lack of check of data type can lead to subsequent loop-expression pote ...)
	NOT-FOR-US: Qualcomm components for Android
CVE-2019-2237 (Failure in taking appropriate action to handle the error case If keypa ...)
	NOT-FOR-US: Qualcomm components for Android
CVE-2019-2236 (Null pointer dereference during secure application termination using s ...)
	NOT-FOR-US: Qualcomm components for Android
CVE-2019-2235 (Buffer overflow occurs when emulated RPMB is used due to sector size a ...)
	NOT-FOR-US: Qualcomm components for Android
CVE-2019-2234
	RESERVED
CVE-2019-2233 (In getUserCount and getCount of UserSwitcherController.java, there is  ...)
	NOT-FOR-US: Android
CVE-2019-2232 (In handleRun of TextLine.java, there is a possible application crash d ...)
	NOT-FOR-US: Android
CVE-2019-2231 (In Blob::Blob of blob.cpp, there is a possible unencrypted master key  ...)
	NOT-FOR-US: Android
CVE-2019-2230 (In nfcManager_routeAid and nfcManager_unrouteAid of NativeNfcManager.c ...)
	NOT-FOR-US: Android
CVE-2019-2229 (In updateWidget of BaseWidgetProvider.java, there is a possible leak o ...)
	NOT-FOR-US: Android
CVE-2019-2228 (In array_find of array.c, there is a possible out-of-bounds read due t ...)
	{DLA-2047-1}
	- cups 2.3.1-1 (bug #946782)
	[buster] - cups 2.2.10-6+deb10u2
	[stretch] - cups 2.2.1-8+deb9u5
	NOTE: https://github.com/apple/cups/commit/b018978c278d42c7abf78941251b887c95dfdb07 (master, v2.3.1)
	NOTE: https://github.com/apple/cups/commit/8c9b3606cca99e5dfc51784a9de1634345db7579 (v2.2.13)
CVE-2019-2227 (In DeepCopy of btif_av.cc, there is a possible out of bounds read due  ...)
	NOT-FOR-US: Android
CVE-2019-2226 (In device_class_to_int of device_class.cc, there is a possible out of  ...)
	NOT-FOR-US: Android
CVE-2019-2225 (When pairing with a Bluetooth device, it may be possible to pair a mal ...)
	NOT-FOR-US: Android
CVE-2019-2224
	REJECTED
CVE-2019-2223 (In ihevcd_ref_list of ihevcd_ref_list.c, there is a possible out of bo ...)
	NOT-FOR-US: Android Media Framework
CVE-2019-2222 (n ihevcd_parse_slice_data of ihevcd_parse_slice.c, there is a possible ...)
	NOT-FOR-US: Android Media Framework
CVE-2019-2221 (In hasActivityInVisibleTask of WindowProcessController.java there&#821 ...)
	NOT-FOR-US: Android
CVE-2019-2220 (In checkOperation of AppOpsService.java, there is a possible bypass of ...)
	NOT-FOR-US: Android
CVE-2019-2219 (In System UI, there is a possible bypass of user's consent for access  ...)
	NOT-FOR-US: Android
CVE-2019-2218 (In createSessionInternal of PackageInstallerService.java, there is a p ...)
	NOT-FOR-US: Android
CVE-2019-2217 (In setCpuVulkanInUse of GpuStats.cpp, there is possible memory corrupt ...)
	NOT-FOR-US: Android
CVE-2019-2216 (In overlay notifications, there is a possible hidden notification due  ...)
	NOT-FOR-US: Android
CVE-2019-2215 (A use-after-free in binder.c allows an elevation of privilege from an  ...)
	{DLA-2114-1 DLA-2068-1}
	- linux 4.15.4-1
	[stretch] - linux 4.9.210-1
	NOTE: Fixed by: https://git.kernel.org/linus/f5cb779ba16334b45ba8946d6bfa6d9834d1527f
CVE-2019-2214 (In binder_transaction of binder.c, there is a possible out of bounds w ...)
	- linux 5.2.6-1
	[buster] - linux <not-affected> (Vulnerability introduced later)
	[stretch] - linux <not-affected> (Vulnerability introduced later)
	[jessie] - linux <not-affected> (Vulnerability introduced later)
	NOTE: https://lore.kernel.org/driverdev-devel/20190709110923.220736-1-maco@android.com/
	NOTE: https://git.kernel.org/linus/a56587065094fd96eb4c2b5ad65571daad32156d
CVE-2019-2213 (In binder_free_transaction of binder.c, there is a possible use-after- ...)
	- linux 5.2.6-1
	[buster] - linux 4.19.67-1
	NOTE: https://lore.kernel.org/patchwork/patch/1087916/
CVE-2019-2212 (In poisson_distribution of random, there is an out of bounds read. Thi ...)
	- libc++ <removed>
	[stretch] - libc++ <no-dsa> (Minor issue)
	[jessie] - libc++ <no-dsa> (Minor issue, Jessie versions of software that uses poisson distribution have low popcon)
	- llvm-toolchain-6.0 <unfixed>
	[buster] - llvm-toolchain-6.0 <no-dsa> (Minor issue)
	[jessie] - llvm-toolchain-6.0 <no-dsa> (Minor issue, Jessie versions of software that uses poisson distribution have low popcon)
	- llvm-toolchain-8 <unfixed>
	NOTE: https://android.googlesource.com/platform/external/libcxx/+/4cebe6f1f01a34546b3b843b5267619a61bd7d39
	NOTE: https://android.googlesource.com/platform/external/libcxx/+/8260b5d56f6880a29b57f73b7f4866e47e9e4818
	NOTE: https://android.googlesource.com/platform/external/libcxx/+/a16cd9df50f22ccf65cf27eddc0403791116c75a
	NOTE: template is affected, so dependencies need a rebuild
CVE-2019-2211 (In createProjectionMapForQuery of TvProvider.java, there is possible S ...)
	NOT-FOR-US: Android
CVE-2019-2210 (In load_logging_config of qmi_vs_service.cc, there is a possible out o ...)
	NOT-FOR-US: Android
CVE-2019-2209 (In BTA_DmPinReply of bta_dm_api.cc, there is a possible out of bounds  ...)
	NOT-FOR-US: Android
CVE-2019-2208 (In PromiseBuiltinsAssembler::NewPromiseCapability of builtins-promise. ...)
	NOT-FOR-US: Android
CVE-2019-2207 (In nfa_hci_handle_admin_gate_rsp of nfa_hci_act.cc, there is a possibl ...)
	NOT-FOR-US: Android
CVE-2019-2206 (In rw_i93_sm_set_read_only of rw_i93.cc, there is a possible out of bo ...)
	NOT-FOR-US: Android
CVE-2019-2205 (In ProxyResolverV8::SetPacScript of proxy_resolver_v8.cc, there is a p ...)
	NOT-FOR-US: Android
CVE-2019-2204 (In FindSharedFunctionInfo of objects.cc, there is a possible out of bo ...)
	NOT-FOR-US: Android
CVE-2019-2203 (In CryptoPlugin::decrypt of CryptoPlugin.cpp, there is a possible out  ...)
	NOT-FOR-US: Android media framework
CVE-2019-2202 (In CryptoPlugin::decrypt of CryptoPlugin.cpp, there is a possible out  ...)
	NOT-FOR-US: Android media framework
CVE-2019-2201 (In generate_jsimd_ycc_rgb_convert_neon of jsimd_arm64_neon.S, there is ...)
	[experimental] - libjpeg-turbo 1:2.0.3-1~exp1
	- libjpeg-turbo <unfixed> (low)
	[buster] - libjpeg-turbo <no-dsa> (Minor issue)
	[stretch] - libjpeg-turbo <no-dsa> (Minor issue)
	[jessie] - libjpeg-turbo <ignored> (No package in Debian jessie uses the TurboJPEG API)
	NOTE: https://source.android.com/security/bulletin/2019-11-01
	NOTE: https://android.googlesource.com/platform/external/libjpeg-turbo/+/d3db2a2634c422286f75c4b38af98837f3d2f0ff
	NOTE: https://github.com/libjpeg-turbo/libjpeg-turbo/issues/361
	NOTE: https://github.com/libjpeg-turbo/libjpeg-turbo/commit/2a9e3bd7430cfda1bc812d139e0609c6aca0b884
	NOTE: https://github.com/clearlinux-pkgs/libjpeg-turbo/commit/0a5d06c3dd4a64754d7e6ffa081fd9132714f74c
CVE-2019-2200 (In updatePermissions of PermissionManagerService.java, it may be possi ...)
	NOT-FOR-US: Android
CVE-2019-2199 (In createSessionInternal of PackageInstallerService.java, there is a p ...)
	NOT-FOR-US: Android
CVE-2019-2198 (In Download Provider, there is a possible SQL injection vulnerability. ...)
	NOT-FOR-US: Android
CVE-2019-2197 (In processPhonebookAccess of CachedBluetoothDevice.java, there is a po ...)
	NOT-FOR-US: Android
CVE-2019-2196 (In Download Provider, there is possible SQL injection. This could lead ...)
	NOT-FOR-US: Android
CVE-2019-2195 (In tokenize of sqlite3_android.cpp, there is a possible attacker contr ...)
	NOT-FOR-US: Android
CVE-2019-2194
	RESERVED
	NOT-FOR-US: Android
CVE-2019-2193 (In WelcomeActivity.java and related files, there is a possible permiss ...)
	NOT-FOR-US: Android
CVE-2019-2192 (In call of SliceProvider.java, there is a possible permissions bypass  ...)
	NOT-FOR-US: Android
CVE-2019-2191 (In LG's LAF component, there is a possible leak of information in a pr ...)
	NOT-FOR-US: LG components for Android
CVE-2019-2190 (In LG's LAF component, there is a possible leak of information in a pr ...)
	NOT-FOR-US: LG components for Android
CVE-2019-2189 (In the Easel driver, there is possible memory corruption due to race c ...)
	NOT-FOR-US: Android
CVE-2019-2188 (In the Easel driver, there is possible memory corruption due to race c ...)
	NOT-FOR-US: Android
CVE-2019-2187 (In nfc_ncif_decode_rf_params of nfc_ncif.cc, there is a possible out o ...)
	NOT-FOR-US: Android
CVE-2019-2186 (In GetMBheader of combined_decode.cpp, there is a possible out of boun ...)
	NOT-FOR-US: Android Media Framework
CVE-2019-2185 (In VlcDequantH263IntraBlock_SH of vlc_dequant.cpp, there is a possible ...)
	NOT-FOR-US: Android Media Framework
CVE-2019-2184 (In PV_DecodePredictedIntraDC of dec_pred_intra_dc.cpp, there is a poss ...)
	NOT-FOR-US: Android Media Framework
CVE-2019-2183 (In generateServicesMap of RegisteredServicesCache.java, there is a pos ...)
	NOT-FOR-US: Android
CVE-2019-2182 (In the Android kernel in the kernel MMU code there is a possible execu ...)
	- linux 4.16.5-1
	[jessie] - linux <not-affected> (Vulnerable code not present)
	NOTE: Fixed by: https://git.kernel.org/linus/15122ee2c515a253b0c66a3e618bc7ebe35105eb
CVE-2019-2181 (In binder_transaction of binder.c in the Android kernel, there is a po ...)
	- linux 5.2.6-1
	[buster] - linux <not-affected> (Vulnerable code not present)
	[stretch] - linux <not-affected> (Vulnerable code not present)
	[jessie] - linux <not-affected> (Vulnerable code not present)
	NOTE: Fixed by: https://git.kernel.org/linus/0b0509508beff65c1d50541861bc0d4973487dc5
CVE-2019-2180 (In ippSetValueTag of ipp.c in Android 8.0, 8.1 and 9, there is a possi ...)
	{DLA-1893-1}
	- cups 2.2.12-1 (bug #934957)
	[buster] - cups 2.2.10-6+deb10u1
	[stretch] - cups 2.2.1-8+deb9u4
	NOTE: Covers the "Fixed IPP buffer overflow (rdar://50035411)" angle of
	NOTE: https://github.com/apple/cups/commit/f24e6cf6a39300ad0c3726a41a4aab51ad54c109
CVE-2019-2179 (In NDEF_MsgValidate of ndef_utils in Android 7.1.1, 7.1.2, 8.0, 8.1 an ...)
	NOT-FOR-US: Android
CVE-2019-2178 (In rw_t4t_sm_read_ndef of rw_t4t in Android 7.1.1, 7.1.2, 8.0, 8.1 and ...)
	NOT-FOR-US: Android
CVE-2019-2177 (In isPreferred of HidProfile.java in Android 7.1.1, 7.1.2, 8.0, 8.1 an ...)
	NOT-FOR-US: Android
CVE-2019-2176 (In ihevcd_parse_buffering_period_sei of ihevcd_parse_headers.c in Andr ...)
	NOT-FOR-US: Android media framework
CVE-2019-2175 (In checkAccess of SliceManagerService.java in Android 9, there is a po ...)
	NOT-FOR-US: Android
CVE-2019-2174 (In SensorManager::assertStateLocked of SensorManager.cpp in Android 7. ...)
	NOT-FOR-US: Android
CVE-2019-2173 (In startActivityMayWait of ActivityStarter.java, there is a possible i ...)
	NOT-FOR-US: Android
CVE-2019-2172 (In libxaac there is a possible information disclosure due to uninitial ...)
	NOT-FOR-US: Android
CVE-2019-2171 (In libxaac there is a possible information disclosure due to uninitial ...)
	NOT-FOR-US: Android
CVE-2019-2170 (In libxaac there is a possible information disclosure due to uninitial ...)
	NOT-FOR-US: Android
CVE-2019-2169 (In libxaac there is a possible information disclosure due to uninitial ...)
	NOT-FOR-US: Android
CVE-2019-2168 (In libxaac there is a possible information disclosure due to uninitial ...)
	NOT-FOR-US: Android
CVE-2019-2167 (In libxaac there is a possible information disclosure due to uninitial ...)
	NOT-FOR-US: Android
CVE-2019-2166 (In libxaac there is a possible information disclosure due to uninitial ...)
	NOT-FOR-US: Android
CVE-2019-2165 (In libxaac there is a possible out of bounds read due to a missing bou ...)
	NOT-FOR-US: Android
CVE-2019-2164 (In libxaac there is a possible out of bounds read due to a missing bou ...)
	NOT-FOR-US: Android
CVE-2019-2163 (In libxaac there is a possible out of bounds read due to a missing bou ...)
	NOT-FOR-US: Android
CVE-2019-2162 (In libxaac there is a possible out of bounds read due to a missing bou ...)
	NOT-FOR-US: Android
CVE-2019-2161 (In libxaac there is a possible out of bounds read due to a missing bou ...)
	NOT-FOR-US: Android
CVE-2019-2160 (In libxaac there is a possible out of bounds read due to a missing bou ...)
	NOT-FOR-US: Android
CVE-2019-2159 (In libxaac there is a possible out of bounds write due to a missing bo ...)
	NOT-FOR-US: Android
CVE-2019-2158 (In libxaac, there is a possible out of bounds read due to a missing bo ...)
	NOT-FOR-US: Android
CVE-2019-2157 (In libxaac, there is a possible out of bounds read due to a missing bo ...)
	NOT-FOR-US: Android
CVE-2019-2156 (In libxaac, there is a possible out of bounds read due to a missing bo ...)
	NOT-FOR-US: Android
CVE-2019-2155 (In libxaac, there is a possible out of bounds read due to a missing bo ...)
	NOT-FOR-US: Android
CVE-2019-2154 (In libxaac, there is a possible out of bounds read due to a missing bo ...)
	NOT-FOR-US: Android
CVE-2019-2153 (In libxaac, there is a possible out of bounds read due to a missing bo ...)
	NOT-FOR-US: Android
CVE-2019-2152 (In libxaac, there is a possible out of bounds read due to a missing bo ...)
	NOT-FOR-US: Android
CVE-2019-2151 (In libxaac, there is a possible out of bounds read due to a missing bo ...)
	NOT-FOR-US: Android
CVE-2019-2150 (In libxaac, there is a possible out of bounds read due to a missing bo ...)
	NOT-FOR-US: Android
CVE-2019-2149 (In libxaac, there is a possible out of bounds read due to a missing bo ...)
	NOT-FOR-US: Android
CVE-2019-2148 (In libxaac, there is a possible out of bounds read due to a missing bo ...)
	NOT-FOR-US: Android
CVE-2019-2147 (In libxaac, there is a possible out of bounds read due to a missing bo ...)
	NOT-FOR-US: Android
CVE-2019-2146 (In libxaac, there is a possible out of bounds read due to a missing bo ...)
	NOT-FOR-US: Android
CVE-2019-2145 (In libxaac, there is a possible out of bounds read due to a missing bo ...)
	NOT-FOR-US: Android
CVE-2019-2144 (In libxaac, there is a possible out of bounds read due to a missing bo ...)
	NOT-FOR-US: Android
CVE-2019-2143 (In libxaac, there is a possible out of bounds read due to a missing bo ...)
	NOT-FOR-US: Android
CVE-2019-2142 (In libxaac, there is a possible out of bounds read due to a missing bo ...)
	NOT-FOR-US: Android
CVE-2019-2141 (In libxaac there is a possible out of bounds write due to a missing bo ...)
	NOT-FOR-US: Android
CVE-2019-2140 (In libxaac, there is a possible information disclosure due to uninitia ...)
	NOT-FOR-US: Android
CVE-2019-2139 (In libxaac, there is a possible out of bounds read due to a missing bo ...)
	NOT-FOR-US: Android
CVE-2019-2138 (In libxaac, there is a possible out of bounds read due to a missing bo ...)
	NOT-FOR-US: Android
CVE-2019-2137 (In the endCall() function of TelecomManager.java, there is a possible  ...)
	NOT-FOR-US: Android
CVE-2019-2136 (In Status::readFromParcel of Status.cpp, there is a possible out of bo ...)
	NOT-FOR-US: Android
CVE-2019-2135 (In Mfc_Transceive of phNxpExtns_MifareStd.cpp, there is a possible out ...)
	NOT-FOR-US: Android
CVE-2019-2134 (In phFriNfc_ExtnsTransceive of phNxpExtns_MifareStd.cpp, there is a po ...)
	NOT-FOR-US: Android
CVE-2019-2133 (In Mfc_Transceive of phNxpExtns_MifareStd.cpp, there is a possible out ...)
	NOT-FOR-US: Android
CVE-2019-2132 (It is possible to overlay the VPN dialog by a malicious application. T ...)
	NOT-FOR-US: Android
CVE-2019-2131 (An application with overlay permission can display overlays on top of  ...)
	NOT-FOR-US: Android
CVE-2019-2130 (In CompilationJob::FinalizeJob of compiler.cc, there is a possible rem ...)
	NOT-FOR-US: Android
CVE-2019-2129 (In extract3GPPGlobalDescriptions of TextDescriptions.cpp, there is a p ...)
	NOT-FOR-US: Android media framework
CVE-2019-2128 (In ACELP_4t64_fx of c4t64fx.c, there is a possible out of bounds write ...)
	NOT-FOR-US: Android media framework
CVE-2019-2127 (In AudioInputDescriptor::setClientActive of AudioInputDescriptor.cpp,  ...)
	NOT-FOR-US: Android media framework
CVE-2019-2126 (In ParseContentEncodingEntry of mkvparser.cc, there is a possible doub ...)
	NOT-FOR-US: Android media framework
CVE-2019-2125 (In ChangeDefaultDialerDialog.java, there is a possible escalation of p ...)
	NOT-FOR-US: Android
CVE-2019-2124 (In ComposeActivityEmailExternal of ComposeActivityEmailExternal.java i ...)
	NOT-FOR-US: Android
CVE-2019-2123 (In execTransact of Binder.java in Android 7.1.1, 7.1.2, 8.0, 8.1, and  ...)
	NOT-FOR-US: Android
CVE-2019-2122 (In LockTaskController.lockKeyguardIfNeeded of the LockTaskController.j ...)
	NOT-FOR-US: Android
CVE-2019-2121 (In ActivityManagerService.attachApplication of ActivityManagerService, ...)
	NOT-FOR-US: Android
CVE-2019-2120 (In OatFileAssistant::GenerateOatFile of oat_file_assistant.cc, there i ...)
	NOT-FOR-US: Android
CVE-2019-2119 (In multiple functions of key_store_service.cpp, there is a possible In ...)
	NOT-FOR-US: Android
CVE-2019-2118 (In various functions of Parcel.cpp, there are uninitialized or partial ...)
	NOT-FOR-US: Android
CVE-2019-2117 (In checkQueryPermission of TelephonyProvider.java, there is a possible ...)
	NOT-FOR-US: Android
CVE-2019-2116 (In save_attr_seq of sdp_discovery.cc, there is a possible out-of-bound ...)
	NOT-FOR-US: Android
CVE-2019-2115 (In GateKeeper::MintAuthToken of gatekeeper.cpp in Android 7.1.1, 7.1.2 ...)
	NOT-FOR-US: Android
CVE-2019-2114 (In the default privileges of NFC, there is a possible local bypass of  ...)
	NOT-FOR-US: Android
CVE-2019-2113 (In setup wizard there is a bypass of some checks when wifi connection  ...)
	NOT-FOR-US: Android
CVE-2019-2112 (In several functions of alarm.cc, there is possible memory corruption  ...)
	NOT-FOR-US: Android
CVE-2019-2111 (In loop of DnsTlsSocket.cpp, there is a possible heap memory corruptio ...)
	NOT-FOR-US: Android
CVE-2019-2110 (In ScreenRotationAnimation of ScreenRotationAnimation.java, there is a ...)
	NOT-FOR-US: Android
CVE-2019-2109 (In MakeMPEG4VideoCodecSpecificData of AVIExtractor.cpp, there is a pos ...)
	NOT-FOR-US: Android media framework
CVE-2019-2108 (In ihevcd_ref_list of ihevcd_ref_list.c in Android 10, there is a poss ...)
	NOT-FOR-US: Qualcomm components for Android
CVE-2019-2107 (In ihevcd_parse_pps of ihevcd_parse_headers.c, there is a possible out ...)
	NOT-FOR-US: Android media framework
CVE-2019-2106 (In ihevcd_sao_shift_ctb of ihevcd_sao.c, there is a possible out of bo ...)
	NOT-FOR-US: Android media framework
CVE-2019-2105 (In FileInputStream::Read of file_input_stream.cc, there is a possible  ...)
	NOT-FOR-US: Android
CVE-2019-2104 (In HIDL, safe_union, and other C++ structs/unions being sent to applic ...)
	NOT-FOR-US: Android
CVE-2019-2103 (In Google Assistant in Android 9, there is a possible permissions bypa ...)
	NOT-FOR-US: Android
CVE-2019-2102 (In the Bluetooth Low Energy (BLE) specification, there is a provided e ...)
	NOT-FOR-US: Android
CVE-2019-2101 (In uvc_parse_standard_control of uvc_driver.c, there is a possible out ...)
	{DLA-1862-1}
	- linux 4.19.37-1
	[stretch] - linux 4.9.168-1
	NOTE: https://git.kernel.org/linus/47bb117911b051bbc90764a8bff96543cbd2005f
CVE-2019-2100
	RESERVED
CVE-2019-2099 (In nfa_rw_store_ndef_rx_buf of nfa_rw_act.cc, there is a possible out- ...)
	NOT-FOR-US: Android
CVE-2019-2098 (In areNotificationsEnabledForPackage of NotificationManagerService.jav ...)
	NOT-FOR-US: Android
CVE-2019-2097 (In HAliasAnalyzer.Query of hydrogen-alias-analysis.h, there is possibl ...)
	NOT-FOR-US: Android
CVE-2019-2096 (In EffectRelease of EffectBundle.cpp, there is a possible memory corru ...)
	NOT-FOR-US: Android
CVE-2019-2095 (In callGenIDChangeListeners and related functions of SkPixelRef.cpp, t ...)
	NOT-FOR-US: Android
CVE-2019-2094 (In parseMPEGCCData of NuPlayerCCDecoder.cpp, there is a possible out o ...)
	NOT-FOR-US: Android
CVE-2019-2093 (In huff_dec_1D of nlc_dec.cpp, there is a possible out of bounds write ...)
	NOT-FOR-US: Android
CVE-2019-2092 (In isSeparateProfileChallengeAllowed of DevicePolicyManagerService.jav ...)
	NOT-FOR-US: Android
CVE-2019-2091 (In GetPermittedAccessibilityServicesForUser of DevicePolicyManagerServ ...)
	NOT-FOR-US: Android
CVE-2019-2090 (In isPackageDeviceAdminOnAnyUser of PackageManagerService.java, there  ...)
	NOT-FOR-US: Android
CVE-2019-2089 (In app uninstallation, there is a possible set of permissions that may ...)
	NOT-FOR-US: Android
CVE-2019-2088 (In StatsService, there is a possible out of bounds read. This could le ...)
	NOT-FOR-US: Android
CVE-2019-2087 (In libxaac, there is a possible out of bounds write due to a missing b ...)
	NOT-FOR-US: Android
CVE-2019-2086 (In libxaac, there is a possible out of bounds write due to a missing b ...)
	NOT-FOR-US: Android
CVE-2019-2085 (In libxaac there is a possible out of bounds write due to a missing bo ...)
	NOT-FOR-US: Android
CVE-2019-2084 (In libxaac there is a possible out of bounds write due to a missing bo ...)
	NOT-FOR-US: Android
CVE-2019-2083 (In libxaac there is a possible out of bounds write due to a missing bo ...)
	NOT-FOR-US: Android
CVE-2019-2082 (In libxaac there is a possible out of bounds write due to a missing bo ...)
	NOT-FOR-US: Android
CVE-2019-2081 (In libxaac there is a possible out of bounds write due to a missing bo ...)
	NOT-FOR-US: Android
CVE-2019-2080 (In libxaac, there is a possible out of bounds write due to a missing b ...)
	NOT-FOR-US: Android
CVE-2019-2079 (In libxaac, there is a possible out of bounds read due to a missing bo ...)
	NOT-FOR-US: Android
CVE-2019-2078 (In libxaac there is a possible out of bounds write due to a missing bo ...)
	NOT-FOR-US: Android
CVE-2019-2077 (In libxaac there is a possible out of bounds write due to a missing bo ...)
	NOT-FOR-US: Android
CVE-2019-2076 (In libxaac there is a possible out of bounds write due to a missing bo ...)
	NOT-FOR-US: Android
CVE-2019-2075 (In libxaac there is a possible out of bounds write due to a missing bo ...)
	NOT-FOR-US: Android
CVE-2019-2074 (In libxaac there is a possible out of bounds write due to a missing bo ...)
	NOT-FOR-US: Android
CVE-2019-2073 (In libxaac there is a possible out of bounds write to missing bounds c ...)
	NOT-FOR-US: Android
CVE-2019-2072 (In libxaac there is a possible out of bounds write due to a missing bo ...)
	NOT-FOR-US: Android
CVE-2019-2071 (In libxaac there is a possible out of bounds write due to a missing bo ...)
	NOT-FOR-US: Android
CVE-2019-2070 (In libxaac, there is a possible out of bounds write due to a missing b ...)
	NOT-FOR-US: Android
CVE-2019-2069 (In libxaac, there is a possible out of bounds write due to a missing b ...)
	NOT-FOR-US: Android
CVE-2019-2068 (In libxaac, there is a possible out of bounds write due to a missing b ...)
	NOT-FOR-US: Android
CVE-2019-2067 (In libxaac, there is a possible out of bounds write due to a missing b ...)
	NOT-FOR-US: Android
CVE-2019-2066 (In libxaac, there is a possible out of bounds write due to a missing b ...)
	NOT-FOR-US: Android
CVE-2019-2065 (In libxaac, there is a possible out of bounds write due to a missing b ...)
	NOT-FOR-US: Android
CVE-2019-2064 (In libxaac, there is a possible out of bounds write due to a missing b ...)
	NOT-FOR-US: Android
CVE-2019-2063 (In libxaac, there is a possible out of bounds write due to a missing b ...)
	NOT-FOR-US: Android
CVE-2019-2062 (In libxaac, there is a possible out of bounds write due to a missing b ...)
	NOT-FOR-US: Android
CVE-2019-2061 (In libxaac, there is a possible out of bounds write due to a missing b ...)
	NOT-FOR-US: Android
CVE-2019-2060 (In libxaac, there is a possible out of bounds read due to a missing bo ...)
	NOT-FOR-US: Android
CVE-2019-2059 (In libxaac, there is a possible out of bounds write due to a missing b ...)
	NOT-FOR-US: Android
CVE-2019-2058 (In libAACdec, there is a possible out of bounds read. This could lead  ...)
	NOT-FOR-US: Android
CVE-2019-2057
	RESERVED
CVE-2019-2056
	RESERVED
	NOT-FOR-US: Android
CVE-2019-2055 (In libxaac, there is a possible out of bounds write due to a missing b ...)
	NOT-FOR-US: Android
CVE-2019-2054 (In the seccomp implementation prior to kernel version 4.8, there is a  ...)
	- linux 4.8.5-1
	[jessie] - linux <ignored> (Documented limitation)
	NOTE: https://git.kernel.org/linus/0f3912fd934cdfd03d93f2dc6f064099795bf638
CVE-2019-2053 (In wnm_parse_neighbor_report_elem of wnm_sta.c, there is a possible ou ...)
	NOT-FOR-US: Android
CVE-2019-2052 (In VisitPointers of heap.cc, there is a possible out-of-bounds read du ...)
	NOT-FOR-US: Android
CVE-2019-2051 (In heap of spaces.h, there is a possible out of bounds read due to imp ...)
	NOT-FOR-US: Android
CVE-2019-2050 (In tearDownClientInterface of WificondControl.java, there is a possibl ...)
	NOT-FOR-US: Android
CVE-2019-2049 (In SendMediaUpdate and SendFolderUpdate of avrcp_service.cc, there is  ...)
	NOT-FOR-US: Android
CVE-2019-2048
	RESERVED
CVE-2019-2047 (In UpdateLoadElement of ic.cc, there is a possible out-of-bounds write ...)
	NOT-FOR-US: Android
CVE-2019-2046 (In CalculateInstanceSizeForDerivedClass of objects.cc, there is possib ...)
	NOT-FOR-US: Android
CVE-2019-2045 (In JSCallTyper of typer.cc, there is an out of bounds write due to an  ...)
	NOT-FOR-US: Android
CVE-2019-2044 (In MakeMP&gt;G4VideoCodecSpecificData of APacketSource.cpp, there is a ...)
	NOT-FOR-US: Android Media Framework
CVE-2019-2043 (In SmsDefaultDialog.onStart of SmsDefaultDialog.java, there is a possi ...)
	NOT-FOR-US: Android
CVE-2019-2042
	RESERVED
CVE-2019-2041 (In the configuration of NFC modules on certain devices, there is a pos ...)
	NOT-FOR-US: Android
CVE-2019-2040 (In rw_i93_process_ext_sys_info of rw_i93.cc, there is a possible out-o ...)
	NOT-FOR-US: Android
CVE-2019-2039 (In rw_i93_sm_detect_ndef of rw_i93.cc, there is a possible out-of-boun ...)
	NOT-FOR-US: Android
CVE-2019-2038 (In rw_i93_process_sys_info of rw_i93.cc, there is a possible out-of-bo ...)
	NOT-FOR-US: Android
CVE-2019-2037 (In l2cu_send_peer_config_rej of l2c_utils.cc, there is a possible out- ...)
	NOT-FOR-US: Android
CVE-2019-2036 (In okToConnect of HidHostService.java, there is a possible permission  ...)
	NOT-FOR-US: Android
CVE-2019-2035 (In rw_i93_sm_update_ndef of rw_i93.cc, there is a possible out-of-boun ...)
	NOT-FOR-US: Android
CVE-2019-2034 (In rw_i93_sm_read_ndef of rw_i93.cc, there is a possible out-of-bounds ...)
	NOT-FOR-US: Android
CVE-2019-2033 (In create_hdr of dnssd_clientstub.c, there is a possible use after fre ...)
	NOT-FOR-US: Android
CVE-2019-2032 (In SetScanResponseData of ble_advertiser_hci_interface.cc, there is a  ...)
	NOT-FOR-US: Android
CVE-2019-2031 (In rw_t3t_act_handle_check_ndef_rsp of rw_t3t.cc, there is a possible  ...)
	NOT-FOR-US: Android
CVE-2019-2030 (In removeInterfaceAddress of NetworkController.cpp, there is a possibl ...)
	NOT-FOR-US: Android
CVE-2019-2029 (In btm_proc_smp_cback of tm_ble.cc, there is a possible memory corrupt ...)
	NOT-FOR-US: Android
CVE-2019-2028 (In numerous hand-crafted functions in libmpeg2, NEON registers are not ...)
	NOT-FOR-US: Android Media Framework
CVE-2019-2027 (In floor0_inverse1 of floor0.c, there is a possible out of bounds writ ...)
	NOT-FOR-US: Android Media Framework
CVE-2019-2026 (In updateAssistMenuItems of Editor.java, there is a possible escape fr ...)
	NOT-FOR-US: Android
CVE-2019-2025 (In binder_thread_read of binder.c, there is a possible use-after-free  ...)
	- linux 4.19.9-1
	[stretch] - linux <not-affected> (Vulnerability introduced later)
	[jessie] - linux <not-affected> (Vulnerability introduced later)
	NOTE: Fixed by: https://git.kernel.org/linus/7bada55ab50697861eee6bb7d60b41e68a961a9c (4.20-rc5)
CVE-2019-2024 (In em28xx_unregister_dvb of em28xx-dvb.c, there is a possible use afte ...)
	{DLA-1799-1}
	- linux 4.16.5-1
	[stretch] - linux 4.9.144-1
	NOTE: Fixed by: https://git.kernel.org/linus/910b0797fa9e8af09c44a3fa36cb310ba7a7218d (4.16-rc1)
CVE-2019-2023 (In ServiceManager::add function in the hardware service manager, there ...)
	NOT-FOR-US: Android
CVE-2019-2022 (In rw_t3t_act_handle_fmt_rsp and rw_t3t_act_handle_sro_rsp of rw_t3t.c ...)
	NOT-FOR-US: Android
CVE-2019-2021 (In rw_t3t_act_handle_ndef_detect_rsp of rw_t3t.cc, there is a possible ...)
	NOT-FOR-US: Android
CVE-2019-2020 (In llcp_dlc_proc_rr_rnr_pdu of llcp_dlc.cc, there is a possible out-of ...)
	NOT-FOR-US: Android
CVE-2019-2019 (In ce_t4t_data_cback of ce_t4t.cc, there is a possible out-of-bound re ...)
	NOT-FOR-US: Android
CVE-2019-2018 (In resetPasswordInternal of DevicePolicyManagerService.java, there is  ...)
	NOT-FOR-US: Android
CVE-2019-2017 (In rw_t2t_handle_tlv_detect_rsp of rw_t2t_ndef.cc, there is a possible ...)
	NOT-FOR-US: Android
CVE-2019-2016 (In NFA_SendRawFrame of nfa_dm_api.cc, there is a possible out-of-bound ...)
	NOT-FOR-US: Android
CVE-2019-2015 (In rw_t3t_act_handle_check_rsp of rw_t3t.cc, there is a possible out-o ...)
	NOT-FOR-US: Android
CVE-2019-2014 (In rw_t3t_handle_get_sc_poll_rsp of rw_t3t.cc, there is a possible out ...)
	NOT-FOR-US: Android
CVE-2019-2013 (In rw_t3t_act_handle_sro_rsp of rw_t3t.cc, there is a possible out-of- ...)
	NOT-FOR-US: Android
CVE-2019-2012 (In rw_t3t_act_handle_fmt_rsp of rw_t3t.cc, there is a possible out-of- ...)
	NOT-FOR-US: Android
CVE-2019-2011 (In readNullableNativeHandleNoDup of Parcel.cpp, there is a possible ou ...)
	NOT-FOR-US: Android
CVE-2019-2010 (In phNxpNciHal_process_ext_rsp of phNxpNciHal_ext.cc, there is a possi ...)
	NOT-FOR-US: Android
CVE-2019-2009 (In l2c_lcc_proc_pdu of l2c_fcr.cc, there is a possible out of bounds w ...)
	NOT-FOR-US: Android
CVE-2019-2008 (In createEffect of AudioFlinger.cpp, there is a possible memory corrup ...)
	NOT-FOR-US: Android Media Framework
CVE-2019-2007 (In getReadIndex and getWriteIndex of FifoControllerBase.cpp, there is  ...)
	NOT-FOR-US: Android Media Framework
CVE-2019-2006 (In serviceDied of HalDeathHandlerHidl.cpp, there is a possible memory  ...)
	NOT-FOR-US: Android Media Framework
CVE-2019-2005 (In onPermissionGrantResult of GrantPermissionsActivity.java, there is  ...)
	NOT-FOR-US: Android
CVE-2019-2004 (In publishKeyEvent, publishMotionEvent and sendUnchainedFinishedSignal ...)
	NOT-FOR-US: Android
CVE-2019-2003 (In addLinks of Linkify.java, there is a possible phishing vector due t ...)
	NOT-FOR-US: Android
CVE-2019-2002
	RESERVED
CVE-2019-2001 (The permissions on /proc/iomem were world-readable. This could lead to ...)
	NOT-FOR-US: Android kernel (no source release, so apparently not in mainline)
CVE-2019-2000 (In several functions of binder.c, there is possible memory corruption  ...)
	NOT-FOR-US: Android kernel (no source release, so apparently not in mainline)
CVE-2019-1999 (In binder_alloc_free_page of binder_alloc.c, there is a possible doubl ...)
	{DSA-4495-1}
	- linux 5.2.6-1
	[stretch] - linux <not-affected> (Vulnerable code introduced later)
	[jessie] - linux <not-affected> (Vulnerable code introduced later)
	NOTE: https://git.kernel.org/linus/5cec2d2e5839f9c0fec319c523a911e0a7fd299f
CVE-2019-1998 (In event_handler of keymaster_app.c, there is possible resource exhaus ...)
	NOT-FOR-US: Android
CVE-2019-1997 (In random_get_bytes of random.c, there is a possible degradation of ra ...)
	NOT-FOR-US: Android
CVE-2019-1996 (In avrc_pars_browse_rsp of avrc_pars_ct.cc, there is a possible out of ...)
	NOT-FOR-US: Android
CVE-2019-1995 (In ComposeActivityEmail of ComposeActivityEmail.java, there is a possi ...)
	NOT-FOR-US: Android
CVE-2019-1994 (In refresh of DevelopmentTiles.java, there is the possibility of leavi ...)
	NOT-FOR-US: Android
CVE-2019-1993 (In register_app of btif_hd.cc, there is a possible memory corruption d ...)
	NOT-FOR-US: Android
CVE-2019-1992 (In bta_hl_sdp_query_results of bta_hl_main.cc, there is a possible use ...)
	NOT-FOR-US: Android
CVE-2019-1991 (In btif_dm_data_copy of btif_core.cc, there is a possible out of bound ...)
	NOT-FOR-US: Android
CVE-2019-1990 (In ihevcd_fmt_conv_420sp_to_420p of ihevcd_fmt_conv.c, there is a poss ...)
	NOT-FOR-US: Android Media Framework
CVE-2019-1989 (In ih264d_fmt_conv_420sp_to_420p of ih264d_format_conv.c, there is a p ...)
	NOT-FOR-US: Android Media Framework
CVE-2019-1988 (In sample6 of SkSwizzler.cpp, there is a possible out of bounds write  ...)
	NOT-FOR-US: Android
CVE-2019-1987 (In onSetSampleX of SkSwizzler.cpp, there is a possible out of bounds w ...)
	NOT-FOR-US: Android
CVE-2019-1986 (In SkSwizzler::onSetSampleX of SkSwizzler.cpp, there is a possible out ...)
	NOT-FOR-US: Android
CVE-2019-1985 (In findAvailSpellCheckerLocked of TextServicesManagerService.java, the ...)
	NOT-FOR-US: Android
CVE-2019-1984 (A vulnerability in Cisco Enterprise Network Functions Virtualization I ...)
	NOT-FOR-US: Cisco
CVE-2019-1983
	RESERVED
CVE-2019-1982 (A vulnerability in the HTTP traffic filtering component of Cisco Firep ...)
	NOT-FOR-US: Cisco
CVE-2019-1981 (A vulnerability in the normalization functionality of Cisco Firepower  ...)
	NOT-FOR-US: Cisco
CVE-2019-1980 (A vulnerability in the protocol detection component of Cisco Firepower ...)
	NOT-FOR-US: Cisco
CVE-2019-1979
	RESERVED
CVE-2019-1978 (A vulnerability in the stream reassembly component of Cisco Firepower  ...)
	NOT-FOR-US: Cisco
CVE-2019-1977 (A vulnerability within the Endpoint Learning feature of Cisco Nexus 90 ...)
	NOT-FOR-US: Cisco
CVE-2019-1976 (A vulnerability in the &amp;ldquo;plug-and-play&amp;rdquo; services co ...)
	NOT-FOR-US: Cisco
CVE-2019-1975 (A vulnerability in the web-based interface of Cisco HyperFlex Software ...)
	NOT-FOR-US: Cisco
CVE-2019-1974 (A vulnerability in the web-based management interface of Cisco Integra ...)
	NOT-FOR-US: Cisco
CVE-2019-1973 (A vulnerability in the web portal framework of Cisco Enterprise NFV In ...)
	NOT-FOR-US: Cisco
CVE-2019-1972 (A vulnerability the Cisco Enterprise NFV Infrastructure Software (NFVI ...)
	NOT-FOR-US: Cisco
CVE-2019-1971 (A vulnerability in the web portal of Cisco Enterprise NFV Infrastructu ...)
	NOT-FOR-US: Cisco
CVE-2019-1970 (A vulnerability in the Secure Sockets Layer (SSL)/Transport Layer Secu ...)
	NOT-FOR-US: Cisco
CVE-2019-1969 (A vulnerability in the implementation of the Simple Network Management ...)
	NOT-FOR-US: Cisco
CVE-2019-1968 (A vulnerability in the NX-API feature of Cisco NX-OS Software could al ...)
	NOT-FOR-US: Cisco
CVE-2019-1967 (A vulnerability in the Network Time Protocol (NTP) feature of Cisco NX ...)
	NOT-FOR-US: Cisco
CVE-2019-1966 (A vulnerability in a specific CLI command within the local management  ...)
	NOT-FOR-US: Cisco
CVE-2019-1965 (A vulnerability in the Virtual Shell (VSH) session management for Cisc ...)
	NOT-FOR-US: Cisco
CVE-2019-1964 (A vulnerability in the IPv6 traffic processing of Cisco NX-OS Software ...)
	NOT-FOR-US: Cisco
CVE-2019-1963 (A vulnerability in the Simple Network Management Protocol (SNMP) input ...)
	NOT-FOR-US: Cisco
CVE-2019-1962 (A vulnerability in the Cisco Fabric Services component of Cisco NX-OS  ...)
	NOT-FOR-US: Cisco
CVE-2019-1961 (A vulnerability in Cisco Enterprise NFV Infrastructure Software (NFVIS ...)
	NOT-FOR-US: Cisco
CVE-2019-1960 (Multiple vulnerabilities in Cisco Enterprise NFV Infrastructure Softwa ...)
	NOT-FOR-US: Cisco
CVE-2019-1959 (Multiple vulnerabilities in Cisco Enterprise NFV Infrastructure Softwa ...)
	NOT-FOR-US: Cisco
CVE-2019-1958 (A vulnerability in the web-based management interface of Cisco HyperFl ...)
	NOT-FOR-US: Cisco
CVE-2019-1957 (A vulnerability in the web interface of Cisco IoT Field Network Direct ...)
	NOT-FOR-US: Cisco
CVE-2019-1956 (A vulnerability in the web-based interface of the Cisco SPA112 2-Port  ...)
	NOT-FOR-US: Cisco
CVE-2019-1955 (A vulnerability in the Sender Policy Framework (SPF) functionality of  ...)
	NOT-FOR-US: Cisco
CVE-2019-1954 (A vulnerability in the web-based management interface of Cisco Webex M ...)
	NOT-FOR-US: Cisco
CVE-2019-1953 (A vulnerability in the web portal of Cisco Enterprise NFV Infrastructu ...)
	NOT-FOR-US: Cisco
CVE-2019-1952 (A vulnerability in the CLI of Cisco Enterprise NFV Infrastructure Soft ...)
	NOT-FOR-US: Cisco
CVE-2019-1951 (A vulnerability in the packet filtering features of Cisco SD-WAN Solut ...)
	NOT-FOR-US: Cisco
CVE-2019-1950 (A vulnerability in Cisco IOS XE SD-WAN Software could allow an unauthe ...)
	NOT-FOR-US: Cisco
CVE-2019-1949 (A vulnerability in the web-based management interface of Cisco Firepow ...)
	NOT-FOR-US: Cisco
CVE-2019-1948 (A vulnerability in Cisco Webex Meetings Mobile (iOS) could allow an un ...)
	NOT-FOR-US: Cisco
CVE-2019-1947
	RESERVED
CVE-2019-1946 (A vulnerability in the web-based management interface of Cisco Enterpr ...)
	NOT-FOR-US: Cisco
CVE-2019-1945 (Multiple vulnerabilities in the smart tunnel functionality of Cisco Ad ...)
	NOT-FOR-US: Cisco
CVE-2019-1944 (Multiple vulnerabilities in the smart tunnel functionality of Cisco Ad ...)
	NOT-FOR-US: Cisco
CVE-2019-1943 (A vulnerability in the web interface of Cisco Small Business 200, 300, ...)
	NOT-FOR-US: Cisco
CVE-2019-1942 (A vulnerability in the sponsor portal web interface for Cisco Identity ...)
	NOT-FOR-US: Cisco
CVE-2019-1941 (A vulnerability in the web-based management interface of Cisco Identit ...)
	NOT-FOR-US: Cisco
CVE-2019-1940 (A vulnerability in the Web Services Management Agent (WSMA) feature of ...)
	NOT-FOR-US: Cisco
CVE-2019-1939 (A vulnerability in the Cisco Webex Teams client for Windows could allo ...)
	NOT-FOR-US: Cisco
CVE-2019-1938 (A vulnerability in the web-based management interface of Cisco UCS Dir ...)
	NOT-FOR-US: Cisco
CVE-2019-1937 (A vulnerability in the web-based management interface of Cisco Integra ...)
	NOT-FOR-US: Cisco
CVE-2019-1936 (A vulnerability in the web-based management interface of Cisco Integra ...)
	NOT-FOR-US: Cisco
CVE-2019-1935 (A vulnerability in Cisco Integrated Management Controller (IMC) Superv ...)
	NOT-FOR-US: Cisco
CVE-2019-1934 (A vulnerability in the web-based management interface of Cisco Adaptiv ...)
	NOT-FOR-US: Cisco
CVE-2019-1933 (A vulnerability in the email message scanning of Cisco AsyncOS Softwar ...)
	NOT-FOR-US: Cisco
CVE-2019-1932 (A vulnerability in Cisco Advanced Malware Protection (AMP) for Endpoin ...)
	NOT-FOR-US: Cisco
CVE-2019-1931 (Multiple vulnerabilities in the RSS dashboard in the web-based managem ...)
	NOT-FOR-US: Cisco
CVE-2019-1930 (Multiple vulnerabilities in the RSS dashboard in the web-based managem ...)
	NOT-FOR-US: Cisco
CVE-2019-1929 (Multiple vulnerabilities in Cisco Webex Network Recording Player for M ...)
	NOT-FOR-US: Cisco
CVE-2019-1928 (Multiple vulnerabilities in Cisco Webex Network Recording Player for M ...)
	NOT-FOR-US: Cisco
CVE-2019-1927 (Multiple vulnerabilities in Cisco Webex Network Recording Player for M ...)
	NOT-FOR-US: Cisco
CVE-2019-1926 (Multiple vulnerabilities in Cisco Webex Network Recording Player for M ...)
	NOT-FOR-US: Cisco
CVE-2019-1925 (Multiple vulnerabilities in Cisco Webex Network Recording Player for M ...)
	NOT-FOR-US: Cisco
CVE-2019-1924 (Multiple vulnerabilities in Cisco Webex Network Recording Player for M ...)
	NOT-FOR-US: Cisco
CVE-2019-1923 (A vulnerability in Cisco Small Business SPA500 Series IP Phones could  ...)
	NOT-FOR-US: Cisco
CVE-2019-1922 (A vulnerability in Cisco SIP IP Phone Software for Cisco IP Phone 7800 ...)
	NOT-FOR-US: Cisco
CVE-2019-1921 (A vulnerability in the attachment scanning of Cisco AsyncOS Software f ...)
	NOT-FOR-US: Cisco
CVE-2019-1920 (A vulnerability in the 802.11r Fast Transition (FT) implementation for ...)
	NOT-FOR-US: Cisco
CVE-2019-1919 (A vulnerability in the Cisco FindIT Network Management Software virtua ...)
	NOT-FOR-US: Cisco
CVE-2019-1918 (A vulnerability in the implementation of Intermediate System&amp;ndash ...)
	NOT-FOR-US: Cisco
CVE-2019-1917 (A vulnerability in the REST API interface of Cisco Vision Dynamic Sign ...)
	NOT-FOR-US: Cisco
CVE-2019-1916
	RESERVED
CVE-2019-1915 (A vulnerability in the web-based interface of Cisco Unified Communicat ...)
	NOT-FOR-US: Cisco
CVE-2019-1914 (A vulnerability in the web management interface of Cisco Small Busines ...)
	NOT-FOR-US: Cisco
CVE-2019-1913 (Multiple vulnerabilities in the web management interface of Cisco Smal ...)
	NOT-FOR-US: Cisco
CVE-2019-1912 (A vulnerability in the web management interface of Cisco Small Busines ...)
	NOT-FOR-US: Cisco
CVE-2019-1911 (A vulnerability in the CLI of Cisco Unified Communications Domain Mana ...)
	NOT-FOR-US: Cisco
CVE-2019-1910 (A vulnerability in the implementation of the Intermediate System&amp;n ...)
	NOT-FOR-US: Cisco
CVE-2019-1909 (A vulnerability in the implementation of Border Gateway Protocol (BGP) ...)
	NOT-FOR-US: Cisco
CVE-2019-1908 (A vulnerability in the Intelligent Platform Management Interface (IPMI ...)
	NOT-FOR-US: Cisco
CVE-2019-1907 (A vulnerability in the web server of Cisco Integrated Management Contr ...)
	NOT-FOR-US: Cisco
CVE-2019-1906 (A vulnerability in the Virtual Domain system of Cisco Prime Infrastruc ...)
	NOT-FOR-US: Cisco
CVE-2019-1905 (A vulnerability in the GZIP decompression engine of Cisco AsyncOS Soft ...)
	NOT-FOR-US: Cisco
CVE-2019-1904 (A vulnerability in the web-based UI (web UI) of Cisco IOS XE Software  ...)
	NOT-FOR-US: Cisco
CVE-2019-1903 (A vulnerability in Cisco Security Manager could allow an unauthenticat ...)
	NOT-FOR-US: Cisco
CVE-2019-1902
	RESERVED
CVE-2019-1901 (A vulnerability in the Link Layer Discovery Protocol (LLDP) subsystem  ...)
	NOT-FOR-US: Cisco
CVE-2019-1900 (A vulnerability in the web server of Cisco Integrated Management Contr ...)
	NOT-FOR-US: Cisco
CVE-2019-1899 (A vulnerability in the web interface of Cisco RV110W, RV130W, and RV21 ...)
	NOT-FOR-US: Cisco
CVE-2019-1898 (A vulnerability in the web-based management interface of Cisco RV110W, ...)
	NOT-FOR-US: Cisco
CVE-2019-1897 (A vulnerability in the web-based management interface of Cisco RV110W, ...)
	NOT-FOR-US: Cisco
CVE-2019-1896 (A vulnerability in the web-based management interface of Cisco Integra ...)
	NOT-FOR-US: Cisco
CVE-2019-1895 (A vulnerability in the Virtual Network Computing (VNC) console impleme ...)
	NOT-FOR-US: Cisco
CVE-2019-1894 (A vulnerability in Cisco Enterprise NFV Infrastructure Software (NFVIS ...)
	NOT-FOR-US: Cisco
CVE-2019-1893 (A vulnerability in Cisco Enterprise NFV Infrastructure Software (NFVIS ...)
	NOT-FOR-US: Cisco
CVE-2019-1892 (A vulnerability in the Secure Sockets Layer (SSL) input packet process ...)
	NOT-FOR-US: Cisco
CVE-2019-1891 (A vulnerability in the web interface of Cisco Small Business 200, 300, ...)
	NOT-FOR-US: Cisco
CVE-2019-1890 (A vulnerability in the fabric infrastructure VLAN connection establish ...)
	NOT-FOR-US: Cisco
CVE-2019-1889 (A vulnerability in the REST API for software device management in Cisc ...)
	NOT-FOR-US: Cisco
CVE-2019-1888
	RESERVED
CVE-2019-1887 (A vulnerability in the Session Initiation Protocol (SIP) protocol impl ...)
	NOT-FOR-US: Cisco
CVE-2019-1886 (A vulnerability in the HTTPS decryption feature of Cisco Web Security  ...)
	NOT-FOR-US: Cisco
CVE-2019-1885 (A vulnerability in the Redfish protocol of Cisco Integrated Management ...)
	NOT-FOR-US: Cisco
CVE-2019-1884 (A vulnerability in the web proxy functionality of Cisco AsyncOS Softwa ...)
	NOT-FOR-US: Cisco
CVE-2019-1883 (A vulnerability in the command-line interface of Cisco Integrated Mana ...)
	NOT-FOR-US: Cisco
CVE-2019-1882 (A vulnerability in Cisco Industrial Network Director could allow an au ...)
	NOT-FOR-US: Cisco
CVE-2019-1881 (A vulnerability in the web-based management interface of Cisco Industr ...)
	NOT-FOR-US: Cisco
CVE-2019-1880 (A vulnerability in the BIOS upgrade utility of Cisco Unified Computing ...)
	NOT-FOR-US: Cisco
CVE-2019-1879 (A vulnerability in the CLI of Cisco Integrated Management Controller ( ...)
	NOT-FOR-US: Cisco
CVE-2019-1878 (A vulnerability in the Cisco Discovery Protocol (CDP) implementation f ...)
	NOT-FOR-US: Cisco
CVE-2019-1877 (A vulnerability in the HTTP API of Cisco Enterprise Chat and Email cou ...)
	NOT-FOR-US: Cisco
CVE-2019-1876 (A vulnerability in the HTTPS proxy feature of Cisco Wide Area Applicat ...)
	NOT-FOR-US: Cisco
CVE-2019-1875 (A vulnerability in the web-based management interface of Cisco Prime S ...)
	NOT-FOR-US: Cisco
CVE-2019-1874 (A vulnerability in the web-based management interface of Cisco Prime S ...)
	NOT-FOR-US: Cisco
CVE-2019-1873 (A vulnerability in the cryptographic driver for Cisco Adaptive Securit ...)
	NOT-FOR-US: Cisco
CVE-2019-1872 (A vulnerability in Cisco TelePresence Video Communication Server (VCS) ...)
	NOT-FOR-US: Cisco
CVE-2019-1871 (A vulnerability in the Import Cisco IMC configuration utility of Cisco ...)
	NOT-FOR-US: Cisco
CVE-2019-1870 (A vulnerability in the web-based management interface of Cisco Enterpr ...)
	NOT-FOR-US: Cisco
CVE-2019-1869 (A vulnerability in the internal packet-processing functionality of the ...)
	NOT-FOR-US: Cisco
CVE-2019-1868 (A vulnerability in the web-based management interface of Cisco Webex M ...)
	NOT-FOR-US: Cisco
CVE-2019-1867 (A vulnerability in the REST API of Cisco Elastic Services Controller ( ...)
	NOT-FOR-US: Cisco
CVE-2019-1866
	RESERVED
CVE-2019-1865 (A vulnerability in the web-based management interface of Cisco Integra ...)
	NOT-FOR-US: Cisco
CVE-2019-1864 (A vulnerability in the web-based management interface of Cisco Integra ...)
	NOT-FOR-US: Cisco
CVE-2019-1863 (A vulnerability in the web-based management interface of Cisco Integra ...)
	NOT-FOR-US: Cisco
CVE-2019-1862 (A vulnerability in the web-based user interface (Web UI) of Cisco IOS  ...)
	NOT-FOR-US: Cisco
CVE-2019-1861 (A vulnerability in the software update feature of Cisco Industrial Net ...)
	NOT-FOR-US: Cisco
CVE-2019-1860 (A vulnerability in the dashboard gadget rendering of Cisco Unified Int ...)
	NOT-FOR-US: Cisco
CVE-2019-1859 (A vulnerability in the Secure Shell (SSH) authentication process of Ci ...)
	NOT-FOR-US: Cisco
CVE-2019-1858 (A vulnerability in the Simple Network Management Protocol (SNMP) input ...)
	NOT-FOR-US: Cisco
CVE-2019-1857 (A vulnerability in the web-based management interface of Cisco HyperFl ...)
	NOT-FOR-US: Cisco
CVE-2019-1856 (A vulnerability in the web-based management interface of Cisco Prime C ...)
	NOT-FOR-US: Cisco
CVE-2019-1855 (A vulnerability in the loading mechanism of specific dynamic link libr ...)
	NOT-FOR-US: Cisco
CVE-2019-1854 (A vulnerability in the management web interface of Cisco Expressway Se ...)
	NOT-FOR-US: Cisco
CVE-2019-1853 (A vulnerability in the HostScan component of Cisco AnyConnect Secure M ...)
	NOT-FOR-US: Cisco
CVE-2019-1852 (A vulnerability in the web-based management interface of Cisco Prime N ...)
	NOT-FOR-US: Cisco
CVE-2019-1851 (A vulnerability in the External RESTful Services (ERS) API of the Cisc ...)
	NOT-FOR-US: Cisco
CVE-2019-1850 (A vulnerability in the web-based management interface of Cisco Integra ...)
	NOT-FOR-US: Cisco
CVE-2019-1849 (A vulnerability in the Border Gateway Patrol (BGP) Multiprotocol Label ...)
	NOT-FOR-US: Cisco
CVE-2019-1848 (A vulnerability in Cisco Digital Network Architecture (DNA) Center cou ...)
	NOT-FOR-US: Cisco
CVE-2019-1847
	RESERVED
CVE-2019-1846 (A vulnerability in the Multiprotocol Label Switching (MPLS) Operations ...)
	NOT-FOR-US: Cisco
CVE-2019-1845 (A vulnerability in the authentication service of the Cisco Unified Com ...)
	NOT-FOR-US: Cisco
CVE-2019-1844 (A vulnerability in certain attachment detection mechanisms of the Cisc ...)
	NOT-FOR-US: Cisco
CVE-2019-1843 (A vulnerability in the web-based management interface of the Cisco RV1 ...)
	NOT-FOR-US: Cisco
CVE-2019-1842 (A vulnerability in the Secure Shell (SSH) authentication function of C ...)
	NOT-FOR-US: Cisco
CVE-2019-1841 (A vulnerability in the Software Image Management feature of Cisco DNA  ...)
	NOT-FOR-US: Cisco
CVE-2019-1840 (A vulnerability in the DHCPv6 input packet processor of Cisco Prime Ne ...)
	NOT-FOR-US: Cisco
CVE-2019-1839 (A vulnerability in Cisco Remote PHY Device Software could allow an aut ...)
	NOT-FOR-US: Cisco
CVE-2019-1838 (A vulnerability in the web-based management interface of Cisco Applica ...)
	NOT-FOR-US: Cisco
CVE-2019-1837 (A vulnerability in the User Data Services (UDS) API of Cisco Unified C ...)
	NOT-FOR-US: Cisco
CVE-2019-1836 (A vulnerability in the system shell for Cisco Nexus 9000 Series Fabric ...)
	NOT-FOR-US: Cisco
CVE-2019-1835 (A vulnerability in the CLI of Cisco Aironet Access Points (APs) could  ...)
	NOT-FOR-US: Cisco
CVE-2019-1834 (A vulnerability in the internal packet processing of Cisco Aironet Ser ...)
	NOT-FOR-US: Cisco
CVE-2019-1833 (A vulnerability in the Secure Sockets Layer (SSL)/Transport Layer Secu ...)
	NOT-FOR-US: Cisco
CVE-2019-1832 (A vulnerability in the detection engine of Cisco Firepower Threat Defe ...)
	NOT-FOR-US: Cisco
CVE-2019-1831 (A vulnerability in the email message scanning of Cisco AsyncOS Softwar ...)
	NOT-FOR-US: Cisco
CVE-2019-1830 (A vulnerability in Locally Significant Certificate (LSC) management fo ...)
	NOT-FOR-US: Cisco
CVE-2019-1829 (A vulnerability in the CLI of Cisco Aironet Series Access Points (APs) ...)
	NOT-FOR-US: Cisco
CVE-2019-1828 (A vulnerability in the web-based management interface of Cisco Small B ...)
	NOT-FOR-US: Cisco
CVE-2019-1827 (A vulnerability in the Online Help web service of Cisco Small Business ...)
	NOT-FOR-US: Cisco
CVE-2019-1826 (A vulnerability in the quality of service (QoS) feature of Cisco Airon ...)
	NOT-FOR-US: Cisco
CVE-2019-1825 (A vulnerability in the web-based management interface of Cisco Prime I ...)
	NOT-FOR-US: Cisco
CVE-2019-1824 (A vulnerability in the web-based management interface of Cisco Prime I ...)
	NOT-FOR-US: Cisco
CVE-2019-1823 (A vulnerability in the web-based management interface of Cisco Prime I ...)
	NOT-FOR-US: Cisco
CVE-2019-1822 (A vulnerability in the web-based management interface of Cisco Prime I ...)
	NOT-FOR-US: Cisco
CVE-2019-1821 (A vulnerability in the web-based management interface of Cisco Prime I ...)
	NOT-FOR-US: Cisco
CVE-2019-1820 (A vulnerability in the web-based management interface of Cisco Prime I ...)
	NOT-FOR-US: Cisco
CVE-2019-1819 (A vulnerability in the web-based management interface of Cisco Prime I ...)
	NOT-FOR-US: Cisco
CVE-2019-1818 (A vulnerability in the web-based management interface of Cisco Prime I ...)
	NOT-FOR-US: Cisco
CVE-2019-1817 (A vulnerability in the web proxy functionality of Cisco AsyncOS Softwa ...)
	NOT-FOR-US: Cisco
CVE-2019-1816 (A vulnerability in the log subscription subsystem of the Cisco Web Sec ...)
	NOT-FOR-US: Cisco
CVE-2019-1815
	RESERVED
CVE-2019-1814 (A vulnerability in the interactions between the DHCP and TFTP features ...)
	NOT-FOR-US: Cisco
CVE-2019-1813 (A vulnerability in the Image Signature Verification feature of Cisco N ...)
	NOT-FOR-US: Cisco
CVE-2019-1812 (A vulnerability in the Image Signature Verification feature of Cisco N ...)
	NOT-FOR-US: Cisco
CVE-2019-1811 (A vulnerability in the Image Signature Verification feature of Cisco N ...)
	NOT-FOR-US: Cisco
CVE-2019-1810 (A vulnerability in the Image Signature Verification feature used in an ...)
	NOT-FOR-US: Cisco
CVE-2019-1809 (A vulnerability in the Image Signature Verification feature of Cisco N ...)
	NOT-FOR-US: Cisco
CVE-2019-1808 (A vulnerability in the Image Signature Verification feature of Cisco N ...)
	NOT-FOR-US: Cisco
CVE-2019-1807 (A vulnerability in the session management functionality of the web UI  ...)
	NOT-FOR-US: Cisco
CVE-2019-1806 (A vulnerability in the Simple Network Management Protocol (SNMP) input ...)
	NOT-FOR-US: Cisco
CVE-2019-1805 (A vulnerability in certain access control mechanisms for the Secure Sh ...)
	NOT-FOR-US: Cisco
CVE-2019-1804 (A vulnerability in the SSH key management for the Cisco Nexus 9000 Ser ...)
	NOT-FOR-US: Cisco
CVE-2019-1803 (A vulnerability in the filesystem management for the Cisco Nexus 9000  ...)
	NOT-FOR-US: Cisco
CVE-2019-1802 (A vulnerability in the web-based management interface of Cisco Firepow ...)
	NOT-FOR-US: Cisco
CVE-2019-1801
	RESERVED
CVE-2019-1800 (A vulnerability in the handling of Inter-Access Point Protocol (IAPP)  ...)
	NOT-FOR-US: Cisco
CVE-2019-1799 (A vulnerability in the handling of Inter-Access Point Protocol (IAPP)  ...)
	NOT-FOR-US: Cisco
CVE-2019-1798 (A vulnerability in the Portable Executable (PE) file scanning function ...)
	- libclamunrar 0.101.2-1
	[stretch] - libclamunrar <not-affected> (Vulnerable code only present in 0.101.1 and 0.101.0)
	[jessie] - libclamunrar <not-affected> (Vulnerable code only present in 0.101.1 and 0.101.0)
	- clamav 0.101.2+dfsg-1
	[stretch] - clamav <not-affected> (Vulnerable code only present in 0.101.1 and 0.101.0)
	[jessie] - clamav <not-affected> (Vulnerable code introduced later)
	NOTE: https://blog.clamav.net/2019/03/clamav-01012-and-01003-patches-have.html
CVE-2019-1797 (A vulnerability in the web-based management interface of Cisco Wireles ...)
	NOT-FOR-US: Cisco
CVE-2019-1796 (A vulnerability in the handling of Inter-Access Point Protocol (IAPP)  ...)
	NOT-FOR-US: Cisco
CVE-2019-1795 (A vulnerability in the CLI of Cisco FXOS Software and Cisco NX-OS Soft ...)
	NOT-FOR-US: Cisco
CVE-2019-1794 (A vulnerability in the search path processing of Cisco Directory Conne ...)
	NOT-FOR-US: Cisco
CVE-2019-1793
	RESERVED
CVE-2019-1792 (A vulnerability in the URL block page of Cisco Umbrella could allow an ...)
	NOT-FOR-US: Cisco
CVE-2019-1791 (A vulnerability in the CLI of Cisco NX-OS Software could allow an auth ...)
	NOT-FOR-US: Cisco
CVE-2019-1790 (A vulnerability in the CLI of Cisco NX-OS Software could allow an auth ...)
	NOT-FOR-US: Cisco
CVE-2019-1789 (ClamAV versions prior to 0.101.2 are susceptible to a denial of servic ...)
	{DLA-1759-1}
	- clamav 0.101.2+dfsg-1
	[stretch] - clamav 0.100.3+dfsg-0+deb9u1
	NOTE: https://blog.clamav.net/2019/03/clamav-01012-and-01003-patches-have.html
CVE-2019-1788 (A vulnerability in the Object Linking &amp; Embedding (OLE2) file scan ...)
	{DLA-1759-1}
	- clamav 0.101.2+dfsg-1
	[stretch] - clamav 0.100.3+dfsg-0+deb9u1
	NOTE: https://blog.clamav.net/2019/03/clamav-01012-and-01003-patches-have.html
CVE-2019-1787 (A vulnerability in the Portable Document Format (PDF) scanning functio ...)
	{DLA-1759-1}
	- clamav 0.101.2+dfsg-1
	[stretch] - clamav 0.100.3+dfsg-0+deb9u1
	NOTE: https://blog.clamav.net/2019/03/clamav-01012-and-01003-patches-have.html
CVE-2019-1786 (A vulnerability in the Portable Document Format (PDF) scanning functio ...)
	- clamav 0.101.2+dfsg-1
	[stretch] - clamav <not-affected> (Vulnerable code only present in 0.101.1 and 0.101.0)
	[jessie] - clamav <not-affected> (Vulnerable code introduced later)
	NOTE: https://blog.clamav.net/2019/03/clamav-01012-and-01003-patches-have.html
CVE-2019-1785 (A vulnerability in the RAR file scanning functionality of Clam AntiVir ...)
	- libclamunrar 0.101.2-1
	[stretch] - libclamunrar <not-affected> (Vulnerable code only present in 0.101.1 and 0.101.0)
	[jessie] - libclamunrar <not-affected> (Vulnerable code introduced later)
	- clamav 0.101.2+dfsg-1
	[stretch] - clamav <not-affected> (Vulnerable code only present in 0.101.1 and 0.101.0)
	[jessie] - clamav <not-affected> (Vulnerable code introduced later)
	NOTE: https://blog.clamav.net/2019/03/clamav-01012-and-01003-patches-have.html
CVE-2019-1784 (A vulnerability in the CLI of Cisco NX-OS Software could allow an auth ...)
	NOT-FOR-US: Cisco
CVE-2019-1783 (A vulnerability in the CLI of Cisco NX-OS Software could allow an auth ...)
	NOT-FOR-US: Cisco
CVE-2019-1782 (A vulnerability in the CLI of Cisco FXOS Software and Cisco NX-OS Soft ...)
	NOT-FOR-US: Cisco
CVE-2019-1781 (A vulnerability in the CLI of Cisco FXOS Software and Cisco NX-OS Soft ...)
	NOT-FOR-US: Cisco
CVE-2019-1780 (A vulnerability in the CLI of Cisco FXOS Software and Cisco NX-OS Soft ...)
	NOT-FOR-US: Cisco
CVE-2019-1779 (A vulnerability in the CLI of Cisco FXOS Software and Cisco NX-OS Soft ...)
	NOT-FOR-US: Cisco
CVE-2019-1778 (A vulnerability in the CLI of Cisco NX-OS Software could allow an auth ...)
	NOT-FOR-US: Cisco
CVE-2019-1777 (A vulnerability in the web-based interface of the Cisco Registered Env ...)
	NOT-FOR-US: Cisco
CVE-2019-1776 (A vulnerability in the CLI of Cisco NX-OS Software could allow an auth ...)
	NOT-FOR-US: Cisco
CVE-2019-1775 (A vulnerability in the CLI of Cisco NX-OS Software could allow an auth ...)
	NOT-FOR-US: Cisco
CVE-2019-1774 (A vulnerability in the CLI of Cisco NX-OS Software could allow an auth ...)
	NOT-FOR-US: Cisco
CVE-2019-1773 (A vulnerability in the Cisco Webex Network Recording Player for Micros ...)
	NOT-FOR-US: Cisco
CVE-2019-1772 (A vulnerability in the Cisco Webex Network Recording Player for Micros ...)
	NOT-FOR-US: Cisco
CVE-2019-1771 (A vulnerability in the Cisco Webex Network Recording Player for Micros ...)
	NOT-FOR-US: Cisco
CVE-2019-1770 (A vulnerability in the CLI of Cisco NX-OS Software could allow an auth ...)
	NOT-FOR-US: Cisco
CVE-2019-1769 (A vulnerability in the CLI of Cisco NX-OS Software could allow an auth ...)
	NOT-FOR-US: Cisco
CVE-2019-1768 (A vulnerability in the implementation of a specific CLI command for Ci ...)
	NOT-FOR-US: Cisco
CVE-2019-1767 (A vulnerability in the implementation of a specific CLI command for Ci ...)
	NOT-FOR-US: Cisco
CVE-2019-1766 (A vulnerability in the web-based management interface of Session Initi ...)
	NOT-FOR-US: Cisco
CVE-2019-1765 (A vulnerability in the web-based management interface of Session Initi ...)
	NOT-FOR-US: Cisco
CVE-2019-1764 (A vulnerability in the web-based management interface of Session Initi ...)
	NOT-FOR-US: Cisco
CVE-2019-1763 (A vulnerability in the web-based management interface of Session Initi ...)
	NOT-FOR-US: Cisco
CVE-2019-1762 (A vulnerability in the Secure Storage feature of Cisco IOS and IOS XE  ...)
	NOT-FOR-US: Cisco
CVE-2019-1761 (A vulnerability in the Hot Standby Router Protocol (HSRP) subsystem of ...)
	NOT-FOR-US: Cisco
CVE-2019-1760 (A vulnerability in Performance Routing Version 3 (PfRv3) of Cisco IOS  ...)
	NOT-FOR-US: Cisco
CVE-2019-1759 (A vulnerability in access control list (ACL) functionality of the Giga ...)
	NOT-FOR-US: Cisco
CVE-2019-1758 (A vulnerability in 802.1x function of Cisco IOS Software on the Cataly ...)
	NOT-FOR-US: Cisco
CVE-2019-1757 (A vulnerability in the Cisco Smart Call Home feature of Cisco IOS and  ...)
	NOT-FOR-US: Cisco
CVE-2019-1756 (A vulnerability in Cisco IOS XE Software could allow an authenticated, ...)
	NOT-FOR-US: Cisco
CVE-2019-1755 (A vulnerability in the Web Services Management Agent (WSMA) function o ...)
	NOT-FOR-US: Cisco
CVE-2019-1754 (A vulnerability in the authorization subsystem of Cisco IOS XE Softwar ...)
	NOT-FOR-US: Cisco
CVE-2019-1753 (A vulnerability in the web UI of Cisco IOS XE Software could allow an  ...)
	NOT-FOR-US: Cisco
CVE-2019-1752 (A vulnerability in the ISDN functions of Cisco IOS Software and Cisco  ...)
	NOT-FOR-US: Cisco
CVE-2019-1751 (A vulnerability in the Network Address Translation 64 (NAT64) function ...)
	NOT-FOR-US: Cisco
CVE-2019-1750 (A vulnerability in the Easy Virtual Switching System (VSS) of Cisco IO ...)
	NOT-FOR-US: Cisco
CVE-2019-1749 (A vulnerability in the ingress traffic validation of Cisco IOS XE Soft ...)
	NOT-FOR-US: Cisco
CVE-2019-1748 (A vulnerability in the Cisco Network Plug-and-Play (PnP) agent of Cisc ...)
	NOT-FOR-US: Cisco
CVE-2019-1747 (A vulnerability in the implementation of the Short Message Service (SM ...)
	NOT-FOR-US: Cisco
CVE-2019-1746 (A vulnerability in the Cluster Management Protocol (CMP) processing co ...)
	NOT-FOR-US: Cisco
CVE-2019-1745 (A vulnerability in Cisco IOS XE Software could allow an authenticated, ...)
	NOT-FOR-US: Cisco
CVE-2019-1744
	RESERVED
CVE-2019-1743 (A vulnerability in the web UI framework of Cisco IOS XE Software could ...)
	NOT-FOR-US: Cisco
CVE-2019-1742 (A vulnerability in the web UI of Cisco IOS XE Software could allow an  ...)
	NOT-FOR-US: Cisco
CVE-2019-1741 (A vulnerability in the Cisco Encrypted Traffic Analytics (ETA) feature ...)
	NOT-FOR-US: Cisco
CVE-2019-1740 (A vulnerability in the Network-Based Application Recognition (NBAR) fe ...)
	NOT-FOR-US: Cisco
CVE-2019-1739 (A vulnerability in the Network-Based Application Recognition (NBAR) fe ...)
	NOT-FOR-US: Cisco
CVE-2019-1738 (A vulnerability in the Network-Based Application Recognition (NBAR) fe ...)
	NOT-FOR-US: Cisco
CVE-2019-1737 (A vulnerability in the processing of IP Service Level Agreement (SLA)  ...)
	NOT-FOR-US: Cisco
CVE-2019-1736
	RESERVED
CVE-2019-1735 (A vulnerability in the CLI of Cisco NX-OS Software could allow an auth ...)
	NOT-FOR-US: Cisco
CVE-2019-1734 (A vulnerability in the implementation of a CLI diagnostic command in C ...)
	NOT-FOR-US: Cisco
CVE-2019-1733 (A vulnerability in the NX API (NX-API) Sandbox interface for Cisco NX- ...)
	NOT-FOR-US: Cisco
CVE-2019-1732 (A vulnerability in the Remote Package Manager (RPM) subsystem of Cisco ...)
	NOT-FOR-US: Cisco
CVE-2019-1731 (A vulnerability in the SSH CLI key management functionality of Cisco N ...)
	NOT-FOR-US: Cisco
CVE-2019-1730 (A vulnerability in the Bash shell implementation for Cisco NX-OS Softw ...)
	NOT-FOR-US: Cisco
CVE-2019-1729 (A vulnerability in the CLI implementation of a specific command used f ...)
	NOT-FOR-US: Cisco
CVE-2019-1728 (A vulnerability in the Secure Configuration Validation functionality o ...)
	NOT-FOR-US: Cisco
CVE-2019-1727 (A vulnerability in the Python scripting subsystem of Cisco NX-OS Softw ...)
	NOT-FOR-US: Cisco
CVE-2019-1726 (A vulnerability in the CLI of Cisco NX-OS Software could allow an auth ...)
	NOT-FOR-US: Cisco
CVE-2019-1725 (A vulnerability in the local management CLI implementation for specifi ...)
	NOT-FOR-US: Cisco
CVE-2019-1724 (A vulnerability in the session management functionality of the web-bas ...)
	NOT-FOR-US: Cisco
CVE-2019-1723 (A vulnerability in the Cisco Common Services Platform Collector (CSPC) ...)
	NOT-FOR-US: Cisco
CVE-2019-1722 (A vulnerability in the FindMe feature of Cisco Expressway Series and C ...)
	NOT-FOR-US: Cisco
CVE-2019-1721 (A vulnerability in the phone book feature of Cisco Expressway Series a ...)
	NOT-FOR-US: Cisco
CVE-2019-1720 (A vulnerability in the XML API of Cisco Expressway Series and Cisco Te ...)
	NOT-FOR-US: Cisco
CVE-2019-1719 (A vulnerability in the web-based guest portal of Cisco Identity Servic ...)
	NOT-FOR-US: Cisco
CVE-2019-1718 (A vulnerability in the web interface of Cisco Identity Services Engine ...)
	NOT-FOR-US: Cisco
CVE-2019-1717 (A vulnerability in the web-based management interface of Cisco Video S ...)
	NOT-FOR-US: Cisco
CVE-2019-1716 (A vulnerability in the web-based management interface of Session Initi ...)
	NOT-FOR-US: Cisco
CVE-2019-1715 (A vulnerability in the Deterministic Random Bit Generator (DRBG), also ...)
	NOT-FOR-US: Cisco
CVE-2019-1714 (A vulnerability in the implementation of Security Assertion Markup Lan ...)
	NOT-FOR-US: Cisco
CVE-2019-1713 (A vulnerability in the web-based management interface of Cisco Adaptiv ...)
	NOT-FOR-US: Cisco
CVE-2019-1712 (A vulnerability in the Protocol Independent Multicast (PIM) feature of ...)
	NOT-FOR-US: Cisco
CVE-2019-1711 (A vulnerability in the Event Management Service daemon (emsd) of Cisco ...)
	NOT-FOR-US: Cisco
CVE-2019-1710 (A vulnerability in the sysadmin virtual machine (VM) on Cisco ASR 9000 ...)
	NOT-FOR-US: Cisco
CVE-2019-1709 (A vulnerability in the CLI of Cisco Firepower Threat Defense (FTD) Sof ...)
	NOT-FOR-US: Cisco
CVE-2019-1708 (A vulnerability in the Internet Key Exchange Version 2 Mobility and Mu ...)
	NOT-FOR-US: Cisco
CVE-2019-1707 (A vulnerability in the web-based management interface of Cisco DNA Cen ...)
	NOT-FOR-US: Cisco
CVE-2019-1706 (A vulnerability in the software cryptography module of the Cisco Adapt ...)
	NOT-FOR-US: Cisco
CVE-2019-1705 (A vulnerability in the remote access VPN session manager of Cisco Adap ...)
	NOT-FOR-US: Cisco
CVE-2019-1704 (Multiple vulnerabilities in the Server Message Block (SMB) Protocol pr ...)
	NOT-FOR-US: Cisco
CVE-2019-1703 (A vulnerability in the internal packet-processing functionality of Cis ...)
	NOT-FOR-US: Cisco
CVE-2019-1702 (Multiple vulnerabilities in the web-based management interface of Cisc ...)
	NOT-FOR-US: Cisco
CVE-2019-1701 (Multiple vulnerabilities in the WebVPN service of Cisco Adaptive Secur ...)
	NOT-FOR-US: Cisco
CVE-2019-1700 (A vulnerability in field-programmable gate array (FPGA) ingress buffer ...)
	NOT-FOR-US: Cisco
CVE-2019-1699 (A vulnerability in the CLI of Cisco Firepower Threat Defense (FTD) Sof ...)
	NOT-FOR-US: Cisco
CVE-2019-1698 (A vulnerability in the web-based user interface of Cisco Internet of T ...)
	NOT-FOR-US: Cisco
CVE-2019-1697 (A vulnerability in the implementation of the Lightweight Directory Acc ...)
	NOT-FOR-US: Cisco
CVE-2019-1696 (Multiple vulnerabilities in the Server Message Block (SMB) Protocol pr ...)
	NOT-FOR-US: Cisco
CVE-2019-1695 (A vulnerability in the detection engine of Cisco Adaptive Security App ...)
	NOT-FOR-US: Cisco
CVE-2019-1694 (A vulnerability in the TCP processing engine of Cisco Adaptive Securit ...)
	NOT-FOR-US: Cisco
CVE-2019-1693 (A vulnerability in the WebVPN service of Cisco Adaptive Security Appli ...)
	NOT-FOR-US: Cisco
CVE-2019-1692 (A vulnerability in the web-based management interface of Cisco Applica ...)
	NOT-FOR-US: Cisco
CVE-2019-1691 (A vulnerability in the detection engine of Cisco Firepower Threat Defe ...)
	NOT-FOR-US: Cisco
CVE-2019-1690 (A vulnerability in the management interface of Cisco Application Polic ...)
	NOT-FOR-US: Cisco
CVE-2019-1689 (A vulnerability in the client application for iOS of Cisco Webex Teams ...)
	NOT-FOR-US: Cisco
CVE-2019-1688 (A vulnerability in the management web interface of Cisco Network Assur ...)
	NOT-FOR-US: Cisco
CVE-2019-1687 (A vulnerability in the TCP proxy functionality for Cisco Adaptive Secu ...)
	NOT-FOR-US: Cisco
CVE-2019-1686 (A vulnerability in the TCP flags inspection feature for access control ...)
	NOT-FOR-US: Cisco
CVE-2019-1685 (A vulnerability in the Security Assertion Markup Language (SAML) singl ...)
	NOT-FOR-US: Cisco
CVE-2019-1684 (A vulnerability in the Cisco Discovery Protocol or Link Layer Discover ...)
	NOT-FOR-US: Cisco
CVE-2019-1683 (A vulnerability in the certificate handling component of the Cisco SPA ...)
	NOT-FOR-US: Cisco
CVE-2019-1682 (A vulnerability in the FUSE filesystem functionality for Cisco Applica ...)
	NOT-FOR-US: Cisco
CVE-2019-1681 (A vulnerability in the TFTP service of Cisco Network Convergence Syste ...)
	NOT-FOR-US: Cisco
CVE-2019-1680 (A vulnerability in Cisco Webex Business Suite could allow an unauthent ...)
	NOT-FOR-US: Cisco
CVE-2019-1679 (A vulnerability in the web interface of Cisco TelePresence Conductor,  ...)
	NOT-FOR-US: Cisco
CVE-2019-1678 (A vulnerability in Cisco Meeting Server could allow an authenticated,  ...)
	NOT-FOR-US: Cisco
CVE-2019-1677 (A vulnerability in Cisco Webex Meetings for Android could allow an una ...)
	NOT-FOR-US: Cisco
CVE-2019-1676 (A vulnerability in the Session Initiation Protocol (SIP) call processi ...)
	NOT-FOR-US: Cisco
CVE-2019-1675 (A vulnerability in the default configuration of the Cisco Aironet Acti ...)
	NOT-FOR-US: Cisco
CVE-2019-1674 (A vulnerability in the update service of Cisco Webex Meetings Desktop  ...)
	NOT-FOR-US: Cisco
CVE-2019-1673 (A vulnerability in the web-based management interface of Cisco Identit ...)
	NOT-FOR-US: Cisco
CVE-2019-1672 (A vulnerability in the Decryption Policy Default Action functionality  ...)
	NOT-FOR-US: Cisco
CVE-2019-1671 (A vulnerability in the web-based management interface of Cisco Firepow ...)
	NOT-FOR-US: Cisco
CVE-2019-1670 (A vulnerability in the web-based management interface of Cisco Unified ...)
	NOT-FOR-US: Cisco
CVE-2019-1669 (A vulnerability in the data acquisition (DAQ) component of Cisco Firep ...)
	NOT-FOR-US: Cisco
CVE-2019-1668 (A vulnerability in the chat feed feature of Cisco SocialMiner could al ...)
	NOT-FOR-US: Cisco
CVE-2019-1667 (A vulnerability in the Graphite interface of Cisco HyperFlex software  ...)
	NOT-FOR-US: Cisco
CVE-2019-1666 (A vulnerability in the Graphite service of Cisco HyperFlex software co ...)
	NOT-FOR-US: Cisco
CVE-2019-1665 (A vulnerability in the web-based management interface of Cisco HyperFl ...)
	NOT-FOR-US: Cisco
CVE-2019-1664 (A vulnerability in the hxterm service of Cisco HyperFlex Software coul ...)
	NOT-FOR-US: Cisco
CVE-2019-1663 (A vulnerability in the web-based management interface of the Cisco RV1 ...)
	NOT-FOR-US: Cisco
CVE-2019-1662 (A vulnerability in the Quality of Voice Reporting (QOVR) service of Ci ...)
	NOT-FOR-US: Cisco
CVE-2019-1661 (A vulnerability in the web-based management interface of Cisco TelePre ...)
	NOT-FOR-US: Cisco
CVE-2019-1660 (A vulnerability in the Simple Object Access Protocol (SOAP) of Cisco T ...)
	NOT-FOR-US: Cisco
CVE-2019-1659 (A vulnerability in the Identity Services Engine (ISE) integration feat ...)
	NOT-FOR-US: Cisco
CVE-2019-1658 (A vulnerability in the web-based management interface of Cisco Unified ...)
	NOT-FOR-US: Cisco
CVE-2019-1657 (A vulnerability in Cisco AMP Threat Grid could allow an authenticated, ...)
	NOT-FOR-US: Cisco
CVE-2019-1656 (A vulnerability in the CLI of Cisco Enterprise NFV Infrastructure Soft ...)
	NOT-FOR-US: Cisco
CVE-2019-1655 (A vulnerability in the web-based management interface of Cisco Webex M ...)
	NOT-FOR-US: Cisco
CVE-2019-1654 (A vulnerability in the development shell (devshell) authentication for ...)
	NOT-FOR-US: Cisco
CVE-2019-1653 (A vulnerability in the web-based management interface of Cisco Small B ...)
	NOT-FOR-US: Cisco
CVE-2019-1652 (A vulnerability in the web-based management interface of Cisco Small B ...)
	NOT-FOR-US: Cisco
CVE-2019-1651 (A vulnerability in the vContainer of the Cisco SD-WAN Solution could a ...)
	NOT-FOR-US: Cisco
CVE-2019-1650 (A vulnerability in the Cisco SD-WAN Solution could allow an authentica ...)
	NOT-FOR-US: Cisco
CVE-2019-1649 (A vulnerability in the logic that handles access control to one of the ...)
	NOT-FOR-US: Cisco
CVE-2019-1648 (A vulnerability in the user group configuration of the Cisco SD-WAN So ...)
	NOT-FOR-US: Cisco
CVE-2019-1647 (A vulnerability in the Cisco SD-WAN Solution could allow an authentica ...)
	NOT-FOR-US: Cisco
CVE-2019-1646 (A vulnerability in the local CLI of the Cisco SD-WAN Solution could al ...)
	NOT-FOR-US: Cisco
CVE-2019-1645 (A vulnerability in the Cisco Connected Mobile Experiences (CMX) softwa ...)
	NOT-FOR-US: Cisco
CVE-2019-1644 (A vulnerability in the UDP protocol implementation for Cisco IoT Field ...)
	NOT-FOR-US: Cisco
CVE-2019-1643 (A vulnerability in the web-based management interface of Cisco Prime I ...)
	NOT-FOR-US: Cisco
CVE-2019-1642 (A vulnerability in the web-based management interface of Cisco Firepow ...)
	NOT-FOR-US: Cisco
CVE-2019-1641 (A vulnerability in the Cisco Webex Network Recording Player for Micros ...)
	NOT-FOR-US: Cisco
CVE-2019-1640 (A vulnerability in the Cisco Webex Network Recording Player for Micros ...)
	NOT-FOR-US: Cisco
CVE-2019-1639 (A vulnerability in the Cisco Webex Network Recording Player for Micros ...)
	NOT-FOR-US: Cisco
CVE-2019-1638 (A vulnerability in the Cisco Webex Network Recording Player for Micros ...)
	NOT-FOR-US: Cisco
CVE-2019-1637 (A vulnerability in the Cisco Webex Network Recording Player for Micros ...)
	NOT-FOR-US: Cisco
CVE-2019-1636 (A vulnerability in the Cisco Webex Teams client, formerly Cisco Spark, ...)
	NOT-FOR-US: Cisco
CVE-2019-1635 (A vulnerability in the call-handling functionality of Session Initiati ...)
	NOT-FOR-US: Cisco
CVE-2019-1634 (A vulnerability in the Intelligent Platform Management Interface (IPMI ...)
	NOT-FOR-US: Cisco
CVE-2019-1633
	RESERVED
CVE-2019-1632 (A vulnerability in the web-based management interface of Cisco Integra ...)
	NOT-FOR-US: Cisco
CVE-2019-1631 (A vulnerability in the web-based management interface of Cisco Integra ...)
	NOT-FOR-US: Cisco
CVE-2019-1630 (A vulnerability in the firmware signature checking program of Cisco In ...)
	NOT-FOR-US: Cisco
CVE-2019-1629 (A vulnerability in the configuration import utility of Cisco Integrate ...)
	NOT-FOR-US: Cisco
CVE-2019-1628 (A vulnerability in the web server of Cisco Integrated Management Contr ...)
	NOT-FOR-US: Cisco
CVE-2019-1627 (A vulnerability in the Server Utilities of Cisco Integrated Management ...)
	NOT-FOR-US: Cisco
CVE-2019-1626 (A vulnerability in the vManage web-based UI (Web UI) of the Cisco SD-W ...)
	NOT-FOR-US: Cisco
CVE-2019-1625 (A vulnerability in the CLI of Cisco SD-WAN Solution could allow an aut ...)
	NOT-FOR-US: Cisco
CVE-2019-1624 (A vulnerability in the vManage web-based UI (Web UI) in the Cisco SD-W ...)
	NOT-FOR-US: Cisco
CVE-2019-1623 (A vulnerability in the CLI configuration shell of Cisco Meeting Server ...)
	NOT-FOR-US: Cisco
CVE-2019-1622 (A vulnerability in the web-based management interface of Cisco Data Ce ...)
	NOT-FOR-US: Cisco
CVE-2019-1621 (A vulnerability in the web-based management interface of Cisco Data Ce ...)
	NOT-FOR-US: Cisco
CVE-2019-1620 (A vulnerability in the web-based management interface of Cisco Data Ce ...)
	NOT-FOR-US: Cisco
CVE-2019-1619 (A vulnerability in the web-based management interface of Cisco Data Ce ...)
	NOT-FOR-US: Cisco
CVE-2019-1618 (A vulnerability in the Tetration Analytics agent for Cisco Nexus 9000  ...)
	NOT-FOR-US: Cisco
CVE-2019-1617 (A vulnerability in the Fibre Channel over Ethernet (FCoE) N-port Virtu ...)
	NOT-FOR-US: Cisco
CVE-2019-1616 (A vulnerability in the Cisco Fabric Services component of Cisco NX-OS  ...)
	NOT-FOR-US: Cisco
CVE-2019-1615 (A vulnerability in the Image Signature Verification feature of Cisco N ...)
	NOT-FOR-US: Cisco
CVE-2019-1614 (A vulnerability in the NX-API feature of Cisco NX-OS Software could al ...)
	NOT-FOR-US: Cisco
CVE-2019-1613 (A vulnerability in the CLI of Cisco NX-OS Software could allow an auth ...)
	NOT-FOR-US: Cisco
CVE-2019-1612 (A vulnerability in the CLI of Cisco NX-OS Software could allow an auth ...)
	NOT-FOR-US: Cisco
CVE-2019-1611 (A vulnerability in the CLI of Cisco NX-OS Software and Cisco FXOS Soft ...)
	NOT-FOR-US: Cisco
CVE-2019-1610 (A vulnerability in the CLI of Cisco NX-OS Software could allow an auth ...)
	NOT-FOR-US: Cisco
CVE-2019-1609 (A vulnerability in the CLI of Cisco NX-OS Software could allow an auth ...)
	NOT-FOR-US: Cisco
CVE-2019-1608 (A vulnerability in the CLI of Cisco NX-OS Software could allow an auth ...)
	NOT-FOR-US: Cisco
CVE-2019-1607 (A vulnerability in the CLI of Cisco NX-OS Software could allow an auth ...)
	NOT-FOR-US: Cisco
CVE-2019-1606 (A vulnerability in the CLI of Cisco NX-OS Software could allow an auth ...)
	NOT-FOR-US: Cisco
CVE-2019-1605 (A vulnerability in the NX-API feature of Cisco NX-OS Software could al ...)
	NOT-FOR-US: Cisco
CVE-2019-1604 (A vulnerability in the user account management interface of Cisco NX-O ...)
	NOT-FOR-US: Cisco
CVE-2019-1603 (A vulnerability in the CLI of Cisco NX-OS Software could allow an auth ...)
	NOT-FOR-US: Cisco
CVE-2019-1602 (A vulnerability in the filesystem permissions of Cisco NX-OS Software  ...)
	NOT-FOR-US: Cisco
CVE-2019-1601 (A vulnerability in the filesystem permissions of Cisco NX-OS Software  ...)
	NOT-FOR-US: Cisco
CVE-2019-1600 (A vulnerability in the file system permissions of Cisco FXOS Software  ...)
	NOT-FOR-US: Cisco
CVE-2019-1599 (A vulnerability in the network stack of Cisco NX-OS Software could all ...)
	NOT-FOR-US: Cisco
CVE-2019-1598 (Multiple vulnerabilities in the implementation of the Lightweight Dire ...)
	NOT-FOR-US: Cisco
CVE-2019-1597 (Multiple vulnerabilities in the implementation of the Lightweight Dire ...)
	NOT-FOR-US: Cisco
CVE-2019-1596 (A vulnerability in the Bash shell implementation for Cisco NX-OS Softw ...)
	NOT-FOR-US: Cisco
CVE-2019-1595 (A vulnerability in the Fibre Channel over Ethernet (FCoE) protocol imp ...)
	NOT-FOR-US: Cisco
CVE-2019-1594 (A vulnerability in the 802.1X implementation for Cisco NX-OS Software  ...)
	NOT-FOR-US: Cisco
CVE-2019-1593 (A vulnerability in the Bash shell implementation for Cisco NX-OS Softw ...)
	NOT-FOR-US: Cisco
CVE-2019-1592 (A vulnerability in the background operations functionality of Cisco Ne ...)
	NOT-FOR-US: Cisco
CVE-2019-1591 (A vulnerability in a specific CLI command implementation of Cisco Nexu ...)
	NOT-FOR-US: Cisco
CVE-2019-1590 (A vulnerability in the Transport Layer Security (TLS) certificate vali ...)
	NOT-FOR-US: Cisco
CVE-2019-1589 (A vulnerability in the Trusted Platform Module (TPM) functionality of  ...)
	NOT-FOR-US: Cisco
CVE-2019-1588 (A vulnerability in the Cisco Nexus 9000 Series Fabric Switches running ...)
	NOT-FOR-US: Cisco
CVE-2019-1587 (A vulnerability in Cisco Nexus 9000 Series Fabric Switches in Applicat ...)
	NOT-FOR-US: Cisco
CVE-2019-1586 (A vulnerability in Cisco Application Policy Infrastructure Controller  ...)
	NOT-FOR-US: Cisco
CVE-2019-1585 (A vulnerability in the controller authorization functionality of Cisco ...)
	NOT-FOR-US: Cisco
CVE-2019-1584 (A security vulnerability exists in Zingbox Inspector version 1.293 and ...)
	NOT-FOR-US: Zingbox Inspector
CVE-2019-1583 (Escalation of privilege vulnerability in the Palo Alto Networks Twistl ...)
	NOT-FOR-US: Palo Alto Networks
CVE-2019-1582 (Memory corruption in PAN-OS 8.1.9 and earlier, and PAN-OS 9.0.3 and ea ...)
	NOT-FOR-US: PAN-OS
CVE-2019-1581 (A remote code execution vulnerability in the PAN-OS SSH device managem ...)
	NOT-FOR-US: PAN-OS
CVE-2019-1580 (Memory corruption in PAN-OS 7.1.24 and earlier, PAN-OS 8.0.19 and earl ...)
	NOT-FOR-US: PAN-OS
CVE-2019-1579 (Remote Code Execution in PAN-OS 7.1.18 and earlier, PAN-OS 8.0.11-h1 a ...)
	NOT-FOR-US: PAN-OS
CVE-2019-1578 (Cross-site scripting vulnerability in Palo Alto Networks MineMeld vers ...)
	NOT-FOR-US: Palo Alto Networks MineMeld
CVE-2019-1577 (Code injection vulnerability in Palo Alto Networks Traps 5.0.5 and ear ...)
	NOT-FOR-US: Palo Alto Networks Traps
CVE-2019-1576 (Command injection in PAN-0S 9.0.2 and earlier may allow an authenticat ...)
	NOT-FOR-US: PAN-0S
CVE-2019-1575 (Information disclosure in PAN-OS 7.1.23 and earlier, PAN-OS 8.0.18 and ...)
	NOT-FOR-US: PAN-0S
CVE-2019-1574 (Cross-site scripting (XSS) vulnerability in Palo Alto Networks Expedit ...)
	NOT-FOR-US: Palo Alto Networks Expedition Migration tool
CVE-2019-1573 (GlobalProtect Agent 4.1.0 for Windows and GlobalProtect Agent 4.1.10 a ...)
	NOT-FOR-US: GlobalProtect
CVE-2019-1572 (PAN-OS 9.0.0 may allow an unauthenticated remote user to access php fi ...)
	NOT-FOR-US: PAN-OS
CVE-2019-1571 (The Expedition Migration tool 1.1.8 and earlier may allow an authentic ...)
	NOT-FOR-US: Expedition Migration tool
CVE-2019-1570 (The Expedition Migration tool 1.1.8 and earlier may allow an authentic ...)
	NOT-FOR-US: Expedition Migration tool
CVE-2019-1569 (The Expedition Migration tool 1.1.8 and earlier may allow an authentic ...)
	NOT-FOR-US: Expedition Migration tool
CVE-2019-1568 (Cross-site scripting (XSS) vulnerability in Palo Alto Networks Demisto ...)
	NOT-FOR-US: Palo Alto Networks Demisto
CVE-2019-1567 (The Expedition Migration tool 1.1.6 and earlier may allow an authentic ...)
	NOT-FOR-US: Expedition Migration tool
CVE-2019-1566 (The PAN-OS management web interface in PAN-OS 7.1.21 and earlier, PAN- ...)
	NOT-FOR-US: PAN-OS
CVE-2019-1565 (The PAN-OS external dynamics lists in PAN-OS 7.1.21 and earlier, PAN-O ...)
	NOT-FOR-US: PAN-OS
CVE-2019-1564
	RESERVED
CVE-2019-1563 (In situations where an attacker receives automated notification of the ...)
	{DSA-4540-1 DSA-4539-1 DLA-1932-1}
	- openssl 1.1.1d-1
	- openssl1.0 <removed>
	NOTE: https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=08229ad838c50f644d7e928e2eef147b4308ad64 (OpenSSL_1_1_1d)
	NOTE: https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=631f94db0065c78181ca9ba5546ebc8bb3884b97 (OpenSSL_1_1_0l)
	NOTE: https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=e21f8cf78a125cd3c8c0d1a1a6c8bb0b901f893f (OpenSSL_1_0_2t)
	NOTE: https://www.openssl.org/news/secadv/20190910.txt
CVE-2019-1562
	RESERVED
CVE-2019-1561
	RESERVED
CVE-2019-1560
	RESERVED
CVE-2019-1559 (If an application encounters a fatal protocol error and then calls SSL ...)
	{DSA-4400-1 DLA-1701-1}
	- openssl1.0 <unfixed>
	- openssl 1.1.0b-2
	NOTE: OpenSSL_1_0_2-stable: https://git.openssl.org/?p=openssl.git;a=commit;h=e9bbefbf0f24c57645e7ad6a5a71ae649d18ac8e
	NOTE: OpenSSL_1_0_2-stable: https://git.openssl.org/?p=openssl.git;a=commit;h=48c8bcf5bca0ce7751f49599381e143de1b61786
	NOTE: OpenSSL_1_1_0-stable: https://git.openssl.org/?p=openssl.git;a=commit;h=5741d5bb74797e4532acc9f42e54c44a2726c179 (only hardening)
	NOTE: 1.1.0 is not impacted by CVE-2019-1559. The CVE is a result of applications
	NOTE: calling SSL_shutdown after a fatal alert has occurred. 1.1.0 is not vulnerable
	NOTE: to this issue, marking first 1.1 upload of src:openssl as fixed
	NOTE: https://www.openssl.org/news/secadv/20190226.txt
CVE-2019-1558
	RESERVED
CVE-2019-1557
	RESERVED
CVE-2019-1556
	RESERVED
CVE-2019-1555
	RESERVED
CVE-2019-1554
	RESERVED
CVE-2019-1553
	RESERVED
CVE-2019-1552 (OpenSSL has internal defaults for a directory tree where it can find a ...)
	- openssl <not-affected> (Windows-specific)
	- openssl1.0 <not-affected> (Windows-specific)
	NOTE: https://www.openssl.org/news/secadv/20190730.txt
CVE-2019-1551 (There is an overflow bug in the x64_64 Montgomery squaring procedure u ...)
	{DSA-4594-1}
	- openssl 1.1.1e-1 (low; bug #947949)
	[buster] - openssl <postponed> (Wait until next upstream security release)
	[stretch] - openssl <postponed> (Wait until next upstream security release)
	[jessie] - openssl <not-affected> (Affected modules are not present in Jessie)
	- openssl1.0 <removed> (low)
	NOTE: https://www.openssl.org/news/secadv/20191206.txt
	NOTE: OpenSSL_1_1_1-stable: https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=419102400a2811582a7a3d4a4e317d72e5ce0a8f
	NOTE: OpenSSL_1_0_2-stable: https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=f1c5eea8a817075d31e43f5876993c6710238c98
CVE-2019-1550
	RESERVED
CVE-2019-1549 (OpenSSL 1.1.1 introduced a rewritten random number generator (RNG). Th ...)
	- openssl 1.1.1d-1
	[buster] - openssl 1.1.1d-0+deb10u1
	[stretch] - openssl <not-affected> (Only affects OpenSSL 1.1.1 to 1.1.1c)
	[jessie] - openssl <not-affected> (Only affects OpenSSL 1.1.1 to 1.1.1c)
	- openssl1.0 <not-affected> (Only affects OpenSSL 1.1.1 to 1.1.1c)
	NOTE: https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=1b0fe00e2704b5e20334a16d3c9099d1ba2ef1be
	NOTE: https://www.openssl.org/news/secadv/20190910.txt
CVE-2019-1548
	RESERVED
CVE-2019-1547 (Normally in OpenSSL EC groups always have a co-factor present and this ...)
	{DSA-4540-1 DSA-4539-1 DLA-1932-1}
	- openssl 1.1.1d-1
	- openssl1.0 <removed>
	NOTE: https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=21c856b75d81eff61aa63b4f036bb64a85bf6d46 (OpenSSL_1_0_2t)
	NOTE: https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=7c1709c2da5414f5b6133d00a03fc8c5bf996c7a (OpenSSL_1_1_0l)
	NOTE: https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=30c22fa8b1d840036b8e203585738df62a03cec8 (OpenSSL_1_1_1d)
	NOTE: https://www.openssl.org/news/secadv/20190910.txt
CVE-2019-1546
	RESERVED
CVE-2019-1545
	RESERVED
CVE-2019-1544
	RESERVED
CVE-2019-1543 (ChaCha20-Poly1305 is an AEAD cipher, and requires a unique nonce input ...)
	{DSA-4475-1}
	- openssl 1.1.1c-1 (low)
	[jessie] - openssl <not-affected> (Vulnerability does not impact 1.0.1 series)
	- openssl1.0 <not-affected> (Vulnerability does not impact 1.0.2 series)
	NOTE: https://www.openssl.org/news/secadv/20190306.txt
	NOTE: OpenSSL_1_1_1-stable: https://git.openssl.org/?p=openssl.git;a=commit;h=f426625b6ae9a7831010750490a5f0ad689c5ba3 (OpenSSL_1_1_1c)
	NOTE: OpenSSL_1_1_0-stable: https://git.openssl.org/?p=openssl.git;a=commit;h=ee22257b1418438ebaf54df98af4e24f494d1809 (OpenSSL_1_1_0k)
CVE-2019-1542
	RESERVED
CVE-2019-1541
	RESERVED
CVE-2019-1540
	RESERVED
CVE-2019-1539
	RESERVED
CVE-2019-1538
	RESERVED
CVE-2019-1537
	RESERVED
CVE-2019-1536
	RESERVED
CVE-2019-1535
	RESERVED
CVE-2019-1534
	REJECTED
CVE-2019-1533
	REJECTED
CVE-2019-1532
	REJECTED
CVE-2019-1531
	REJECTED
CVE-2019-1530
	REJECTED
CVE-2019-1529
	REJECTED
CVE-2019-1528
	REJECTED
CVE-2019-1527
	REJECTED
CVE-2019-1526
	REJECTED
CVE-2019-1525
	REJECTED
CVE-2019-1524
	REJECTED
CVE-2019-1523
	REJECTED
CVE-2019-1522
	REJECTED
CVE-2019-1521
	REJECTED
CVE-2019-1520
	REJECTED
CVE-2019-1519
	REJECTED
CVE-2019-1518
	REJECTED
CVE-2019-1517
	REJECTED
CVE-2019-1516
	REJECTED
CVE-2019-1515
	REJECTED
CVE-2019-1514
	REJECTED
CVE-2019-1513
	REJECTED
CVE-2019-1512
	REJECTED
CVE-2019-1511
	REJECTED
CVE-2019-1510
	REJECTED
CVE-2019-1509
	REJECTED
CVE-2019-1508
	REJECTED
CVE-2019-1507
	REJECTED
CVE-2019-1506
	REJECTED
CVE-2019-1505
	REJECTED
CVE-2019-1504
	REJECTED
CVE-2019-1503
	REJECTED
CVE-2019-1502
	REJECTED
CVE-2019-1501
	REJECTED
CVE-2019-1500
	REJECTED
CVE-2019-1499
	REJECTED
CVE-2019-1498
	REJECTED
CVE-2019-1497
	REJECTED
CVE-2019-1496
	REJECTED
CVE-2019-1495
	REJECTED
CVE-2019-1494
	REJECTED
CVE-2019-1493
	REJECTED
CVE-2019-1492
	REJECTED
CVE-2019-1491
	RESERVED
CVE-2019-1490 (A spoofing vulnerability exists when a Skype for Business Server does  ...)
	NOT-FOR-US: Skype
CVE-2019-1489 (An information disclosure vulnerability exists when the Windows Remote ...)
	NOT-FOR-US: Microsoft
CVE-2019-1488 (A security feature bypass vulnerability exists when Microsoft Defender ...)
	NOT-FOR-US: Microsoft
CVE-2019-1487 (An information disclosure vulnerability in Android Apps using Microsof ...)
	NOT-FOR-US: Microsoft
CVE-2019-1486 (A spoofing vulnerability exists in Visual Studio Live Share when a gue ...)
	NOT-FOR-US: Microsoft
CVE-2019-1485 (A remote code execution vulnerability exists in the way that the VBScr ...)
	NOT-FOR-US: Microsoft
CVE-2019-1484 (A remote code execution vulnerability exists when Microsoft Windows OL ...)
	NOT-FOR-US: Microsoft
CVE-2019-1483 (An elevation of privilege vulnerability exists when the Windows AppX D ...)
	NOT-FOR-US: Microsoft
CVE-2019-1482
	REJECTED
CVE-2019-1481 (An information disclosure vulnerability exists in Windows Media Player ...)
	NOT-FOR-US: Microsoft
CVE-2019-1480 (An information disclosure vulnerability exists in Windows Media Player ...)
	NOT-FOR-US: Microsoft
CVE-2019-1479
	REJECTED
CVE-2019-1478 (An elevation of privilege vulnerability exists when Windows improperly ...)
	NOT-FOR-US: Microsoft
CVE-2019-1477 (An elevation of privilege vulnerability exists when the Windows Printe ...)
	NOT-FOR-US: Microsoft
CVE-2019-1476 (An elevation of privilege vulnerability exists when Windows AppX Deplo ...)
	NOT-FOR-US: Microsoft
CVE-2019-1475
	REJECTED
CVE-2019-1474 (An information disclosure vulnerability exists when the Windows kernel ...)
	NOT-FOR-US: Microsoft
CVE-2019-1473
	REJECTED
CVE-2019-1472 (An information disclosure vulnerability exists when the Windows kernel ...)
	NOT-FOR-US: Microsoft
CVE-2019-1471 (A remote code execution vulnerability exists when Windows Hyper-V on a ...)
	NOT-FOR-US: Microsoft
CVE-2019-1470 (An information disclosure vulnerability exists when Windows Hyper-V on ...)
	NOT-FOR-US: Microsoft
CVE-2019-1469 (An information disclosure vulnerability exists when the win32k compone ...)
	NOT-FOR-US: Microsoft
CVE-2019-1468 (A remote code execution vulnerability exists when the Windows font lib ...)
	NOT-FOR-US: Microsoft
CVE-2019-1467 (An information disclosure vulnerability exists when the Windows GDI co ...)
	NOT-FOR-US: Microsoft
CVE-2019-1466 (An information disclosure vulnerability exists when the Windows GDI co ...)
	NOT-FOR-US: Microsoft
CVE-2019-1465 (An information disclosure vulnerability exists when the Windows GDI co ...)
	NOT-FOR-US: Microsoft
CVE-2019-1464 (An information disclosure vulnerability exists when Microsoft Excel im ...)
	NOT-FOR-US: Microsoft
CVE-2019-1463 (An information disclosure vulnerability exists in Microsoft Access sof ...)
	NOT-FOR-US: Microsoft
CVE-2019-1462 (A remote code execution vulnerability exists in Microsoft PowerPoint s ...)
	NOT-FOR-US: Microsoft
CVE-2019-1461 (A denial of service vulnerability exists in Microsoft Word software wh ...)
	NOT-FOR-US: Microsoft
CVE-2019-1460 (A spoofing vulnerability exists in the way Microsoft Outlook for Andro ...)
	NOT-FOR-US: Microsoft Outlook for Android software
CVE-2019-1459
	REJECTED
CVE-2019-1458 (An elevation of privilege vulnerability exists in Windows when the Win ...)
	NOT-FOR-US: Microsoft
CVE-2019-1457 (A security feature bypass vulnerability exists in Microsoft Office sof ...)
	NOT-FOR-US: Microsoft
CVE-2019-1456 (A remote code execution vulnerability exists in Microsoft Windows when ...)
	NOT-FOR-US: Microsoft
CVE-2019-1455
	REJECTED
CVE-2019-1454 (An elevation of privilege vulnerability exists when the Windows User P ...)
	NOT-FOR-US: Microsoft
CVE-2019-1453 (A denial of service vulnerability exists in Remote Desktop Protocol (R ...)
	NOT-FOR-US: Microsoft
CVE-2019-1452
	REJECTED
CVE-2019-1451
	REJECTED
CVE-2019-1450
	REJECTED
CVE-2019-1449 (A security feature bypass vulnerability exists in the way that Office  ...)
	NOT-FOR-US: Microsoft
CVE-2019-1448 (A remote code execution vulnerability exists in Microsoft Excel softwa ...)
	NOT-FOR-US: Microsoft
CVE-2019-1447 (A spoofing vulnerability exists when Office Online does not validate o ...)
	NOT-FOR-US: Microsoft
CVE-2019-1446 (An information disclosure vulnerability exists when Microsoft Excel im ...)
	NOT-FOR-US: Microsoft
CVE-2019-1445 (A spoofing vulnerability exists when Office Online does not validate o ...)
	NOT-FOR-US: Microsoft
CVE-2019-1444
	REJECTED
CVE-2019-1443 (An information disclosure vulnerability exists in Microsoft SharePoint ...)
	NOT-FOR-US: Microsoft
CVE-2019-1442 (A security feature bypass vulnerability exists when Microsoft Office d ...)
	NOT-FOR-US: Microsoft
CVE-2019-1441 (A remote code execution vulnerability exists when the Windows font lib ...)
	NOT-FOR-US: Microsoft
CVE-2019-1440 (An information disclosure vulnerability exists when the win32k compone ...)
	NOT-FOR-US: Microsoft
CVE-2019-1439 (An information disclosure vulnerability exists when the Windows GDI co ...)
	NOT-FOR-US: Microsoft
CVE-2019-1438 (An elevation of privilege vulnerability exists when the Windows Graphi ...)
	NOT-FOR-US: Microsoft
CVE-2019-1437 (An elevation of privilege vulnerability exists when the Windows Graphi ...)
	NOT-FOR-US: Microsoft
CVE-2019-1436 (An information disclosure vulnerability exists when the win32k compone ...)
	NOT-FOR-US: Microsoft
CVE-2019-1435 (An elevation of privilege vulnerability exists when the Windows Graphi ...)
	NOT-FOR-US: Microsoft
CVE-2019-1434 (An elevation of privilege vulnerability exists in Windows when the Win ...)
	NOT-FOR-US: Microsoft
CVE-2019-1433 (An elevation of privilege vulnerability exists when the Windows Graphi ...)
	NOT-FOR-US: Microsoft
CVE-2019-1432 (An information disclosure vulnerability exists when DirectWrite improp ...)
	NOT-FOR-US: Microsoft
CVE-2019-1431
	REJECTED
CVE-2019-1430 (A remote code execution vulnerability exists when Windows Media Founda ...)
	NOT-FOR-US: Microsoft
CVE-2019-1429 (A remote code execution vulnerability exists in the way that the scrip ...)
	NOT-FOR-US: Microsoft
CVE-2019-1428 (A remote code execution vulnerability exists in the way that the scrip ...)
	NOT-FOR-US: Microsoft
CVE-2019-1427 (A remote code execution vulnerability exists in the way that the scrip ...)
	NOT-FOR-US: Microsoft
CVE-2019-1426 (A remote code execution vulnerability exists in the way that the scrip ...)
	NOT-FOR-US: Microsoft
CVE-2019-1425 (An elevation of privilege vulnerability exists when Visual Studio fail ...)
	NOT-FOR-US: Microsoft
CVE-2019-1424 (A security feature bypass vulnerability exists when Windows Netlogon i ...)
	NOT-FOR-US: Microsoft
CVE-2019-1423 (An elevation of privilege vulnerability exists in the way that the Sta ...)
	NOT-FOR-US: Microsoft
CVE-2019-1422 (An elevation of privilege vulnerability exists in the way that the iph ...)
	NOT-FOR-US: Microsoft
CVE-2019-1421
	REJECTED
CVE-2019-1420 (An elevation of privilege vulnerability exists in the way that the dss ...)
	NOT-FOR-US: Microsoft
CVE-2019-1419 (A remote code execution vulnerability exists in Microsoft Windows when ...)
	NOT-FOR-US: Microsoft
CVE-2019-1418 (An information vulnerability exists when Windows Modules Installer Ser ...)
	NOT-FOR-US: Microsoft
CVE-2019-1417 (An elevation of privilege vulnerability exists when the Windows Data S ...)
	NOT-FOR-US: Microsoft
CVE-2019-1416 (An elevation of privilege vulnerability exists due to a race condition ...)
	NOT-FOR-US: Microsoft
CVE-2019-1415 (An elevation of privilege vulnerability exists in Windows Installer be ...)
	NOT-FOR-US: Microsoft
CVE-2019-1414 (An elevation of privilege vulnerability exists in Visual Studio Code w ...)
	NOT-FOR-US: Microsoft
CVE-2019-1413 (A security feature bypass vulnerability exists when Microsoft Edge imp ...)
	NOT-FOR-US: Microsoft
CVE-2019-1412 (An information disclosure vulnerability exists in Windows Adobe Type M ...)
	NOT-FOR-US: Microsoft
CVE-2019-1411 (An information disclosure vulnerability exists when DirectWrite improp ...)
	NOT-FOR-US: Microsoft
CVE-2019-1410
	REJECTED
CVE-2019-1409 (An information disclosure vulnerability exists when the Windows Remote ...)
	NOT-FOR-US: Microsoft
CVE-2019-1408 (An elevation of privilege vulnerability exists in Windows when the Win ...)
	NOT-FOR-US: Microsoft
CVE-2019-1407 (An elevation of privilege vulnerability exists when the Windows Graphi ...)
	NOT-FOR-US: Microsoft
CVE-2019-1406 (A remote code execution vulnerability exists when the Windows Jet Data ...)
	NOT-FOR-US: Microsoft
CVE-2019-1405 (An elevation of privilege vulnerability exists when the Windows Univer ...)
	NOT-FOR-US: Microsoft
CVE-2019-1404
	REJECTED
CVE-2019-1403
	REJECTED
CVE-2019-1402 (An information disclosure vulnerability exists in Microsoft Office sof ...)
	NOT-FOR-US: Microsoft
CVE-2019-1401
	REJECTED
CVE-2019-1400 (An information disclosure vulnerability exists in Microsoft Access sof ...)
	NOT-FOR-US: Microsoft
CVE-2019-1399 (A denial of service vulnerability exists when Microsoft Hyper-V on a h ...)
	NOT-FOR-US: Microsoft
CVE-2019-1398 (A remote code execution vulnerability exists when Windows Hyper-V on a ...)
	NOT-FOR-US: Microsoft
CVE-2019-1397 (A remote code execution vulnerability exists when Windows Hyper-V on a ...)
	NOT-FOR-US: Microsoft
CVE-2019-1396 (An elevation of privilege vulnerability exists in Windows when the Win ...)
	NOT-FOR-US: Microsoft
CVE-2019-1395 (An elevation of privilege vulnerability exists in Windows when the Win ...)
	NOT-FOR-US: Microsoft
CVE-2019-1394 (An elevation of privilege vulnerability exists in Windows when the Win ...)
	NOT-FOR-US: Microsoft
CVE-2019-1393 (An elevation of privilege vulnerability exists in Windows when the Win ...)
	NOT-FOR-US: Microsoft
CVE-2019-1392 (An elevation of privilege vulnerability exists when the Windows kernel ...)
	NOT-FOR-US: Microsoft
CVE-2019-1391 (A denial of service vulnerability exists when Windows improperly handl ...)
	NOT-FOR-US: Microsoft
CVE-2019-1390 (A remote code execution vulnerability exists in the way that the VBScr ...)
	NOT-FOR-US: Microsoft
CVE-2019-1389 (A remote code execution vulnerability exists when Windows Hyper-V on a ...)
	NOT-FOR-US: Microsoft
CVE-2019-1388 (An elevation of privilege vulnerability exists in the Windows Certific ...)
	NOT-FOR-US: Microsoft
CVE-2019-1387 (An issue was found in Git before v2.24.1, v2.23.1, v2.22.2, v2.21.1, v ...)
	{DSA-4581-1 DLA-2059-1}
	- git 1:2.24.0-2
	NOTE: https://git.kernel.org/pub/scm/git/git.git/commit/?id=a8dee3ca610f5a1d403634492136c887f83b59d2
	NOTE: https://www.openwall.com/lists/oss-security/2019/12/13/1
CVE-2019-1386
	REJECTED
CVE-2019-1385 (An elevation of privilege vulnerability exists when the Windows AppX D ...)
	NOT-FOR-US: Microsoft
CVE-2019-1384 (A security feature bypass vulnerability exists where a NETLOGON messag ...)
	NOT-FOR-US: Microsoft
CVE-2019-1383 (An elevation of privilege vulnerability exists when the Windows Data S ...)
	NOT-FOR-US: Microsoft
CVE-2019-1382 (An elevation of privilege vulnerability exists when ActiveX Installer  ...)
	NOT-FOR-US: Microsoft
CVE-2019-1381 (An information disclosure vulnerability exists when the Windows Servic ...)
	NOT-FOR-US: Microsoft
CVE-2019-1380 (A local elevation of privilege vulnerability exists in how splwow64.ex ...)
	NOT-FOR-US: Microsoft
CVE-2019-1379 (An elevation of privilege vulnerability exists when the Windows Data S ...)
	NOT-FOR-US: Microsoft
CVE-2019-1378 (An elevation of privilege vulnerability exists in Windows 10 Update As ...)
	NOT-FOR-US: Microsoft
CVE-2019-1377
	REJECTED
CVE-2019-1376 (An information disclosure vulnerability exists in Microsoft SQL Server ...)
	NOT-FOR-US: Microsoft
CVE-2019-1375 (A cross site scripting vulnerability exists when Microsoft Dynamics 36 ...)
	NOT-FOR-US: Microsoft
CVE-2019-1374 (An information disclosure vulnerability exists in the way Windows Erro ...)
	NOT-FOR-US: Microsoft
CVE-2019-1373 (A remote code execution vulnerability exists in Microsoft Exchange thr ...)
	NOT-FOR-US: Microsoft
CVE-2019-1372 (An remote code execution vulnerability exists when Azure App Service/  ...)
	NOT-FOR-US: Microsoft
CVE-2019-1371 (A remote code execution vulnerability exists when Internet Explorer im ...)
	NOT-FOR-US: Microsoft
CVE-2019-1370 (An information disclosure vulnerability exists when affected Open Encl ...)
	NOT-FOR-US: Microsoft
CVE-2019-1369 (An information disclosure vulnerability exists when affected Open Encl ...)
	NOT-FOR-US: Microsoft
CVE-2019-1368 (A security feature bypass exists when Windows Secure Boot improperly r ...)
	NOT-FOR-US: Microsoft
CVE-2019-1367 (A remote code execution vulnerability exists in the way that the scrip ...)
	NOT-FOR-US: Microsoft
CVE-2019-1366 (A remote code execution vulnerability exists in the way that the Chakr ...)
	NOT-FOR-US: Microsoft
CVE-2019-1365 (An elevation of privilege vulnerability exists when Microsoft IIS Serv ...)
	NOT-FOR-US: Microsoft
CVE-2019-1364 (An elevation of privilege vulnerability exists in Windows when the Win ...)
	NOT-FOR-US: Microsoft
CVE-2019-1363 (An information disclosure vulnerability exists in the way that the Win ...)
	NOT-FOR-US: Microsoft
CVE-2019-1362 (An elevation of privilege vulnerability exists in Windows when the Win ...)
	NOT-FOR-US: Microsoft
CVE-2019-1361 (An information disclosure vulnerability exists in the way that Microso ...)
	NOT-FOR-US: Microsoft
CVE-2019-1360
	REJECTED
CVE-2019-1359 (A remote code execution vulnerability exists when the Windows Jet Data ...)
	NOT-FOR-US: Microsoft
CVE-2019-1358 (A remote code execution vulnerability exists when the Windows Jet Data ...)
	NOT-FOR-US: Microsoft
CVE-2019-1357 (A spoofing vulnerability exists when Microsoft Browsers improperly han ...)
	NOT-FOR-US: Microsoft
CVE-2019-1356 (An information disclosure vulnerability exists when Microsoft Edge bas ...)
	NOT-FOR-US: Microsoft
CVE-2019-1355
	REJECTED
CVE-2019-1354 (A remote code execution vulnerability exists when Git for Visual Studi ...)
	- git 1:2.24.0-2 (unimportant)
	[buster] - git 1:2.20.1-2+deb10u1
	NOTE: https://git.kernel.org/pub/scm/git/git.git/commit/?id=e1d911dd4c7b76a5a8cec0f5c8de15981e34da83
	NOTE: https://www.openwall.com/lists/oss-security/2019/12/13/1
CVE-2019-1353 (An issue was found in Git before v2.24.1, v2.23.1, v2.22.2, v2.21.1, v ...)
	{DSA-4581-1 DLA-2059-1}
	- git 1:2.24.0-2
	NOTE: https://git.kernel.org/pub/scm/git/git.git/commit/?id=9102f958ee5254b10c0be72672aa3305bf4f4704
	NOTE: https://www.openwall.com/lists/oss-security/2019/12/13/1
CVE-2019-1352 (A remote code execution vulnerability exists when Git for Visual Studi ...)
	{DSA-4581-1 DLA-2059-1}
	- git 1:2.24.0-2
	NOTE: https://git.kernel.org/pub/scm/git/git.git/commit/?id=7c3745fc6185495d5765628b4dfe1bd2c25a2981
	NOTE: https://www.openwall.com/lists/oss-security/2019/12/13/1
	NOTE: Additional hardening for .gitmodules (but not part of the CVE):
	NOTE: https://git.kernel.org/pub/scm/git/git.git/commit/?id=91bd46588e6959e6903e275f78b10bd07830d547
CVE-2019-1351 (A tampering vulnerability exists when Git for Visual Studio improperly ...)
	- git 1:2.24.0-2 (unimportant)
	[buster] - git 1:2.20.1-2+deb10u1
	NOTE: https://git.kernel.org/pub/scm/git/git.git/commit/?id=f82a97eb9197c1e3768e72648f37ce0ca3233734
	NOTE: https://www.openwall.com/lists/oss-security/2019/12/13/1
CVE-2019-1350 (A remote code execution vulnerability exists when Git for Visual Studi ...)
	- git 1:2.24.0-2 (unimportant)
	[buster] - git 1:2.20.1-2+deb10u1
	NOTE: https://git.kernel.org/pub/scm/git/git.git/commit/?id=6d8684161ee9c03bed5cb69ae76dfdddb85a0003
	NOTE: https://www.openwall.com/lists/oss-security/2019/12/13/1
CVE-2019-1349 (A remote code execution vulnerability exists when Git for Visual Studi ...)
	{DSA-4581-1 DLA-2059-1}
	- git 1:2.24.0-2
	NOTE: https://git.kernel.org/pub/scm/git/git.git/commit/?id=0060fd1511b94c918928fa3708f69a3f33895a4a
	NOTE: https://www.openwall.com/lists/oss-security/2019/12/13/1
CVE-2019-1348 (An issue was found in Git before v2.24.1, v2.23.1, v2.22.2, v2.21.1, v ...)
	{DSA-4581-1 DLA-2059-1}
	- git 1:2.24.0-2
	NOTE: https://git.kernel.org/pub/scm/git/git.git/commit/?id=68061e3470210703cb15594194718d35094afdc0
	NOTE: https://www.openwall.com/lists/oss-security/2019/12/13/1
CVE-2019-1347 (A denial of service vulnerability exists when Windows improperly handl ...)
	NOT-FOR-US: Microsoft
CVE-2019-1346 (A denial of service vulnerability exists when Windows improperly handl ...)
	NOT-FOR-US: Microsoft
CVE-2019-1345 (An information disclosure vulnerability exists when the Windows kernel ...)
	NOT-FOR-US: Microsoft
CVE-2019-1344 (An information disclosure vulnerability exists in the way that the Win ...)
	NOT-FOR-US: Microsoft
CVE-2019-1343 (A denial of service vulnerability exists when Windows improperly handl ...)
	NOT-FOR-US: Microsoft
CVE-2019-1342 (An elevation of privilege vulnerability exists when Windows Error Repo ...)
	NOT-FOR-US: Microsoft
CVE-2019-1341 (An elevation of privilege vulnerability exists when umpo.dll of the Po ...)
	NOT-FOR-US: Microsoft
CVE-2019-1340 (An elevation of privilege vulnerability exists in Windows AppX Deploym ...)
	NOT-FOR-US: Microsoft
CVE-2019-1339 (An elevation of privilege vulnerability exists when Windows Error Repo ...)
	NOT-FOR-US: Microsoft
CVE-2019-1338 (A security feature bypass vulnerability exists in Microsoft Windows wh ...)
	NOT-FOR-US: Microsoft
CVE-2019-1337 (An information disclosure vulnerability exists when Windows Update Cli ...)
	NOT-FOR-US: Microsoft
CVE-2019-1336 (An elevation of privilege vulnerability exists in the Microsoft Window ...)
	NOT-FOR-US: Microsoft
CVE-2019-1335 (A remote code execution vulnerability exists in the way that the Chakr ...)
	NOT-FOR-US: Microsoft
CVE-2019-1334 (An information disclosure vulnerability exists when the Windows kernel ...)
	NOT-FOR-US: Microsoft
CVE-2019-1333 (A remote code execution vulnerability exists in the Windows Remote Des ...)
	NOT-FOR-US: Microsoft
CVE-2019-1332 (A cross-site scripting (XSS) vulnerability exists when Microsoft SQL S ...)
	NOT-FOR-US: Microsoft
CVE-2019-1331 (A remote code execution vulnerability exists in Microsoft Excel softwa ...)
	NOT-FOR-US: Microsoft
CVE-2019-1330 (An elevation of privilege vulnerability exists in Microsoft SharePoint ...)
	NOT-FOR-US: Microsoft
CVE-2019-1329 (An elevation of privilege vulnerability exists when Microsoft SharePoi ...)
	NOT-FOR-US: Microsoft
CVE-2019-1328 (A spoofing vulnerability exists when Microsoft SharePoint Server does  ...)
	NOT-FOR-US: Microsoft
CVE-2019-1327 (A remote code execution vulnerability exists in Microsoft Excel softwa ...)
	NOT-FOR-US: Microsoft
CVE-2019-1326 (A denial of service vulnerability exists in Remote Desktop Protocol (R ...)
	NOT-FOR-US: Microsoft
CVE-2019-1325 (An elevation of privilege vulnerability exists in the Windows redirect ...)
	NOT-FOR-US: Microsoft
CVE-2019-1324 (An information disclosure vulnerability exists when the Windows TCP/IP ...)
	NOT-FOR-US: Microsoft
CVE-2019-1323 (An elevation of privilege vulnerability exists in the Microsoft Window ...)
	NOT-FOR-US: Microsoft
CVE-2019-1322 (An elevation of privilege vulnerability exists when Windows improperly ...)
	NOT-FOR-US: Microsoft
CVE-2019-1321 (An elevation of privilege vulnerability exists when Windows CloudStore ...)
	NOT-FOR-US: Microsoft
CVE-2019-1320 (An elevation of privilege vulnerability exists when Windows improperly ...)
	NOT-FOR-US: Microsoft
CVE-2019-1319 (An elevation of privilege vulnerability exists in Windows Error Report ...)
	NOT-FOR-US: Microsoft
CVE-2019-1318 (A spoofing vulnerability exists when Transport Layer Security (TLS) ac ...)
	NOT-FOR-US: Microsoft
CVE-2019-1317 (A denial of service vulnerability exists when Windows improperly handl ...)
	NOT-FOR-US: Microsoft
CVE-2019-1316 (An elevation of privilege vulnerability exists in Microsoft Windows Se ...)
	NOT-FOR-US: Microsoft
CVE-2019-1315 (An elevation of privilege vulnerability exists when Windows Error Repo ...)
	NOT-FOR-US: Microsoft
CVE-2019-1314 (A security feature bypass vulnerability exists in Windows 10 Mobile wh ...)
	NOT-FOR-US: Microsoft
CVE-2019-1313 (An information disclosure vulnerability exists in Microsoft SQL Server ...)
	NOT-FOR-US: Microsoft
CVE-2019-1312
	REJECTED
CVE-2019-1311 (A remote code execution vulnerability exists when the Windows Imaging  ...)
	NOT-FOR-US: Microsoft
CVE-2019-1310 (A denial of service vulnerability exists when Microsoft Hyper-V Networ ...)
	NOT-FOR-US: Microsoft
CVE-2019-1309 (A denial of service vulnerability exists when Microsoft Hyper-V Networ ...)
	NOT-FOR-US: Microsoft
CVE-2019-1308 (A remote code execution vulnerability exists in the way that the Chakr ...)
	NOT-FOR-US: Microsoft
CVE-2019-1307 (A remote code execution vulnerability exists in the way that the Chakr ...)
	NOT-FOR-US: Microsoft
CVE-2019-1306 (A remote code execution vulnerability exists when Azure DevOps Server  ...)
	NOT-FOR-US: Microsoft
CVE-2019-1305 (A Cross-site Scripting (XSS) vulnerability exists when Team Foundation ...)
	NOT-FOR-US: Microsoft
CVE-2019-1304
	REJECTED
CVE-2019-1303 (An elevation of privilege vulnerability exists when the Windows AppX D ...)
	NOT-FOR-US: Microsoft
CVE-2019-1302 (An elevation of privilege vulnerability exists when a ASP.NET Core web ...)
	NOT-FOR-US: Microsoft
CVE-2019-1301 (A denial of service vulnerability exists when .NET Core improperly han ...)
	NOT-FOR-US: Microsoft
CVE-2019-1300 (A remote code execution vulnerability exists in the way that the Chakr ...)
	NOT-FOR-US: Microsoft
CVE-2019-1299 (An information disclosure vulnerability exists when Microsoft Edge bas ...)
	NOT-FOR-US: Microsoft
CVE-2019-1298 (A remote code execution vulnerability exists in the way that the Chakr ...)
	NOT-FOR-US: Microsoft
CVE-2019-1297 (A remote code execution vulnerability exists in Microsoft Excel softwa ...)
	NOT-FOR-US: Microsoft
CVE-2019-1296 (A remote code execution vulnerability exists in Microsoft SharePoint w ...)
	NOT-FOR-US: Microsoft
CVE-2019-1295 (A remote code execution vulnerability exists in Microsoft SharePoint w ...)
	NOT-FOR-US: Microsoft
CVE-2019-1294 (A security feature bypass exists when Windows Secure Boot improperly r ...)
	NOT-FOR-US: Microsoft
CVE-2019-1293 (An information disclosure vulnerability exists in Windows when the Win ...)
	NOT-FOR-US: Microsoft
CVE-2019-1292 (A denial of service vulnerability exists when Windows improperly handl ...)
	NOT-FOR-US: Microsoft
CVE-2019-1291 (A remote code execution vulnerability exists in the Windows Remote Des ...)
	NOT-FOR-US: Microsoft
CVE-2019-1290 (A remote code execution vulnerability exists in the Windows Remote Des ...)
	NOT-FOR-US: Microsoft
CVE-2019-1289 (An elevation of privilege vulnerability exists when the Windows Update ...)
	NOT-FOR-US: Microsoft
CVE-2019-1288
	REJECTED
CVE-2019-1287 (An elevation of privilege vulnerability exists in the way that the Win ...)
	NOT-FOR-US: Microsoft
CVE-2019-1286 (An information disclosure vulnerability exists when the Windows GDI co ...)
	NOT-FOR-US: Microsoft
CVE-2019-1285 (An elevation of privilege vulnerability exists in Windows when the Win ...)
	NOT-FOR-US: Microsoft
CVE-2019-1284 (An elevation of privilege vulnerability exists when DirectX improperly ...)
	NOT-FOR-US: Microsoft
CVE-2019-1283 (An information disclosure vulnerability exists in the way that Microso ...)
	NOT-FOR-US: Microsoft
CVE-2019-1282 (An information disclosure exists in the Windows Common Log File System ...)
	NOT-FOR-US: Microsoft
CVE-2019-1281
	REJECTED
CVE-2019-1280 (A remote code execution vulnerability exists in Microsoft Windows that ...)
	NOT-FOR-US: Microsoft
CVE-2019-1279
	REJECTED
CVE-2019-1278 (An elevation of privilege vulnerability exists in the way that the uni ...)
	NOT-FOR-US: Microsoft
CVE-2019-1277 (An elevation of privilege vulnerability exists in Windows Audio Servic ...)
	NOT-FOR-US: Microsoft
CVE-2019-1276
	REJECTED
CVE-2019-1275
	REJECTED
CVE-2019-1274 (An information disclosure vulnerability exists when the Windows kernel ...)
	NOT-FOR-US: Microsoft
CVE-2019-1273 (A cross-site-scripting (XSS) vulnerability exists when Active Director ...)
	NOT-FOR-US: Microsoft
CVE-2019-1272 (An elevation of privilege vulnerability exists when Windows improperly ...)
	NOT-FOR-US: Microsoft
CVE-2019-1271 (An elevation of privilege exists in hdAudio.sys which may lead to an o ...)
	NOT-FOR-US: Microsoft
CVE-2019-1270 (An elevation of privilege vulnerability exists in Windows store instal ...)
	NOT-FOR-US: Microsoft
CVE-2019-1269 (An elevation of privilege vulnerability exists when Windows improperly ...)
	NOT-FOR-US: Microsoft
CVE-2019-1268 (An elevation of privilege exists when Winlogon does not properly handl ...)
	NOT-FOR-US: Microsoft
CVE-2019-1267 (An elevation of privilege vulnerability exists in Microsoft Compatibil ...)
	NOT-FOR-US: Microsoft
CVE-2019-1266 (A spoofing vulnerability exists in Microsoft Exchange Server when Outl ...)
	NOT-FOR-US: Microsoft
CVE-2019-1265 (A security feature bypass vulnerability exists when Microsoft Yammer A ...)
	NOT-FOR-US: Microsoft
CVE-2019-1264 (A security feature bypass vulnerability exists when Microsoft Office i ...)
	NOT-FOR-US: Microsoft
CVE-2019-1263 (An information disclosure vulnerability exists when Microsoft Excel im ...)
	NOT-FOR-US: Microsoft
CVE-2019-1262 (A cross-site-scripting (XSS) vulnerability exists when Microsoft Share ...)
	NOT-FOR-US: Microsoft
CVE-2019-1261 (A spoofing vulnerability exists in Microsoft SharePoint when it improp ...)
	NOT-FOR-US: Microsoft
CVE-2019-1260 (An elevation of privilege vulnerability exists in Microsoft SharePoint ...)
	NOT-FOR-US: Microsoft
CVE-2019-1259 (A spoofing vulnerability exists in Microsoft SharePoint when it improp ...)
	NOT-FOR-US: Microsoft
CVE-2019-1258 (An elevation of privilege vulnerability exists in Azure Active Directo ...)
	NOT-FOR-US: Microsoft
CVE-2019-1257 (A remote code execution vulnerability exists in Microsoft SharePoint w ...)
	NOT-FOR-US: Microsoft
CVE-2019-1256 (An elevation of privilege vulnerability exists in Windows when the Win ...)
	NOT-FOR-US: Microsoft
CVE-2019-1255 (A denial of service vulnerability exists when Microsoft Defender impro ...)
	NOT-FOR-US: Microsoft
CVE-2019-1254 (An information disclosure vulnerability exists when Windows Hyper-V wr ...)
	NOT-FOR-US: Microsoft
CVE-2019-1253 (An elevation of privilege vulnerability exists when the Windows AppX D ...)
	NOT-FOR-US: Microsoft
CVE-2019-1252 (An information disclosure vulnerability exists when the Windows GDI co ...)
	NOT-FOR-US: Microsoft
CVE-2019-1251 (An information disclosure vulnerability exists when DirectWrite improp ...)
	NOT-FOR-US: Microsoft
CVE-2019-1250 (A remote code execution vulnerability exists when the Windows Jet Data ...)
	NOT-FOR-US: Microsoft
CVE-2019-1249 (A remote code execution vulnerability exists when the Windows Jet Data ...)
	NOT-FOR-US: Microsoft
CVE-2019-1248 (A remote code execution vulnerability exists when the Windows Jet Data ...)
	NOT-FOR-US: Microsoft
CVE-2019-1247 (A remote code execution vulnerability exists when the Windows Jet Data ...)
	NOT-FOR-US: Microsoft
CVE-2019-1246 (A remote code execution vulnerability exists when the Windows Jet Data ...)
	NOT-FOR-US: Microsoft
CVE-2019-1245 (An information disclosure vulnerability exists when DirectWrite improp ...)
	NOT-FOR-US: Microsoft
CVE-2019-1244 (An information disclosure vulnerability exists when DirectWrite improp ...)
	NOT-FOR-US: Microsoft
CVE-2019-1243 (A remote code execution vulnerability exists when the Windows Jet Data ...)
	NOT-FOR-US: Microsoft
CVE-2019-1242 (A remote code execution vulnerability exists when the Windows Jet Data ...)
	NOT-FOR-US: Microsoft
CVE-2019-1241 (A remote code execution vulnerability exists when the Windows Jet Data ...)
	NOT-FOR-US: Microsoft
CVE-2019-1240 (A remote code execution vulnerability exists when the Windows Jet Data ...)
	NOT-FOR-US: Microsoft
CVE-2019-1239 (A remote code execution vulnerability exists in the way that the VBScr ...)
	NOT-FOR-US: Microsoft
CVE-2019-1238 (A remote code execution vulnerability exists in the way that the VBScr ...)
	NOT-FOR-US: Microsoft
CVE-2019-1237 (A remote code execution vulnerability exists in the way that the Chakr ...)
	NOT-FOR-US: Microsoft
CVE-2019-1236 (A remote code execution vulnerability exists in the way that the VBScr ...)
	NOT-FOR-US: Microsoft
CVE-2019-1235 (An elevation of privilege vulnerability exists in Windows Text Service ...)
	NOT-FOR-US: Microsoft
CVE-2019-1234 (A spoofing vulnerability exists when Azure Stack fails to validate cer ...)
	NOT-FOR-US: Microsoft
CVE-2019-1233 (A denial of service vulnerability exists in Microsoft Exchange Server  ...)
	NOT-FOR-US: Microsoft
CVE-2019-1232 (An elevation of privilege vulnerability exists when the Diagnostics Hu ...)
	NOT-FOR-US: Microsoft
CVE-2019-1231 (An information disclosure vulnerability exists in the way Rome SDK han ...)
	NOT-FOR-US: Microsoft
CVE-2019-1230 (An information disclosure vulnerability exists when the Windows Hyper- ...)
	NOT-FOR-US: Microsoft
CVE-2019-1229 (An elevation of privilege vulnerability exists in Dynamics On-Premise  ...)
	NOT-FOR-US: Microsoft
CVE-2019-1228 (An information disclosure vulnerability exists when the Windows kernel ...)
	NOT-FOR-US: Microsoft
CVE-2019-1227 (An information disclosure vulnerability exists when the Windows kernel ...)
	NOT-FOR-US: Microsoft
CVE-2019-1226 (A remote code execution vulnerability exists in Remote Desktop Service ...)
	NOT-FOR-US: Microsoft
CVE-2019-1225 (An information disclosure vulnerability exists when the Windows RDP se ...)
	NOT-FOR-US: Microsoft
CVE-2019-1224 (An information disclosure vulnerability exists when the Windows RDP se ...)
	NOT-FOR-US: Microsoft
CVE-2019-1223 (A denial of service vulnerability exists in Remote Desktop Protocol (R ...)
	NOT-FOR-US: Microsoft
CVE-2019-1222 (A remote code execution vulnerability exists in Remote Desktop Service ...)
	NOT-FOR-US: Microsoft
CVE-2019-1221 (A remote code execution vulnerability exists in the way that the scrip ...)
	NOT-FOR-US: Microsoft
CVE-2019-1220 (A security feature bypass vulnerability exists when Microsoft Browsers ...)
	NOT-FOR-US: Microsoft
CVE-2019-1219 (An information disclosure vulnerability exists when the Windows Transa ...)
	NOT-FOR-US: Microsoft
CVE-2019-1218 (A spoofing vulnerability exists in the way Microsoft Outlook iOS softw ...)
	NOT-FOR-US: Microsoft
CVE-2019-1217 (A remote code execution vulnerability exists in the way that the Chakr ...)
	NOT-FOR-US: Microsoft
CVE-2019-1216 (An information disclosure vulnerability exists when DirectX improperly ...)
	NOT-FOR-US: Microsoft
CVE-2019-1215 (An elevation of privilege vulnerability exists in the way that ws2ifsl ...)
	NOT-FOR-US: Microsoft
CVE-2019-1214 (An elevation of privilege vulnerability exists when the Windows Common ...)
	NOT-FOR-US: Microsoft
CVE-2019-1213 (A memory corruption vulnerability exists in the Windows Server DHCP se ...)
	NOT-FOR-US: Microsoft
CVE-2019-1212 (A memory corruption vulnerability exists in the Windows Server DHCP se ...)
	NOT-FOR-US: Microsoft
CVE-2019-1211 (An elevation of privilege vulnerability exists in Git for Visual Studi ...)
	NOT-FOR-US: Microsoft
CVE-2019-1210
	REJECTED
CVE-2019-1209 (An information disclosure vulnerability exists in Lync 2013, aka 'Lync ...)
	NOT-FOR-US: Microsoft
CVE-2019-1208 (A remote code execution vulnerability exists in the way that the VBScr ...)
	NOT-FOR-US: Microsoft
CVE-2019-1207
	REJECTED
CVE-2019-1206 (A memory corruption vulnerability exists in the Windows Server DHCP se ...)
	NOT-FOR-US: Microsoft
CVE-2019-1205 (A remote code execution vulnerability exists in Microsoft Word softwar ...)
	NOT-FOR-US: Microsoft
CVE-2019-1204 (An elevation of privilege vulnerability exists when Microsoft Outlook  ...)
	NOT-FOR-US: Microsoft
CVE-2019-1203 (A cross-site-scripting (XSS) vulnerability exists when Microsoft Share ...)
	NOT-FOR-US: Microsoft
CVE-2019-1202 (An information disclosure vulnerability exists in the way Microsoft Sh ...)
	NOT-FOR-US: Microsoft
CVE-2019-1201 (A remote code execution vulnerability exists in Microsoft Word softwar ...)
	NOT-FOR-US: Microsoft
CVE-2019-1200 (A remote code execution vulnerability exists in Microsoft Outlook soft ...)
	NOT-FOR-US: Microsoft
CVE-2019-1199 (A remote code execution vulnerability exists in Microsoft Outlook when ...)
	NOT-FOR-US: Microsoft
CVE-2019-1198 (An elevation of privilege exists in SyncController.dll, aka 'Microsoft ...)
	NOT-FOR-US: Microsoft
CVE-2019-1197 (A remote code execution vulnerability exists in the way that the Chakr ...)
	NOT-FOR-US: Microsoft
CVE-2019-1196 (A remote code execution vulnerability exists in the way that the Chakr ...)
	NOT-FOR-US: Microsoft
CVE-2019-1195 (A remote code execution vulnerability exists in the way that the Chakr ...)
	NOT-FOR-US: Microsoft
CVE-2019-1194 (A remote code execution vulnerability exists in the way that the scrip ...)
	NOT-FOR-US: Microsoft
CVE-2019-1193 (A remote code execution vulnerability exists in the way that Microsoft ...)
	NOT-FOR-US: Microsoft
CVE-2019-1192 (A security feature bypass vulnerability exists when Microsoft browsers ...)
	NOT-FOR-US: Microsoft
CVE-2019-1191
	REJECTED
CVE-2019-1190 (An elevation of privilege vulnerability exists in the way that the Win ...)
	NOT-FOR-US: Microsoft
CVE-2019-1189
	REJECTED
CVE-2019-1188 (A remote code execution vulnerability exists in Microsoft Windows that ...)
	NOT-FOR-US: Microsoft
CVE-2019-1187 (A denial of service vulnerability exists when the XmlLite runtime (Xml ...)
	NOT-FOR-US: Microsoft
CVE-2019-1186 (An elevation of privilege vulnerability exists in the way that the wcm ...)
	NOT-FOR-US: Microsoft
CVE-2019-1185 (An elevation of privilege vulnerability exists due to a stack corrupti ...)
	NOT-FOR-US: Microsoft
CVE-2019-1184 (An elevation of privilege vulnerability exists when Windows Core Shell ...)
	NOT-FOR-US: Microsoft
CVE-2019-1183 (A remote code execution vulnerability exists in the way that the VBScr ...)
	NOT-FOR-US: Microsoft
CVE-2019-1182 (A remote code execution vulnerability exists in Remote Desktop Service ...)
	NOT-FOR-US: Microsoft
CVE-2019-1181 (A remote code execution vulnerability exists in Remote Desktop Service ...)
	NOT-FOR-US: Microsoft
CVE-2019-1180 (An elevation of privilege vulnerability exists in the way that the wcm ...)
	NOT-FOR-US: Microsoft
CVE-2019-1179 (An elevation of privilege vulnerability exists in the way that the uni ...)
	NOT-FOR-US: Microsoft
CVE-2019-1178 (An elevation of privilege vulnerability exists in the way that the ssd ...)
	NOT-FOR-US: Microsoft
CVE-2019-1177 (An elevation of privilege vulnerability exists in the way that the rpc ...)
	NOT-FOR-US: Microsoft
CVE-2019-1176 (An elevation of privilege vulnerability exists when DirectX improperly ...)
	NOT-FOR-US: Microsoft
CVE-2019-1175 (An elevation of privilege vulnerability exists in the way that the psm ...)
	NOT-FOR-US: Microsoft
CVE-2019-1174 (An elevation of privilege vulnerability exists in the way that the Psm ...)
	NOT-FOR-US: Microsoft
CVE-2019-1173 (An elevation of privilege vulnerability exists in the way that the Psm ...)
	NOT-FOR-US: Microsoft
CVE-2019-1172 (An information disclosure vulnerability exists in Azure Active Directo ...)
	NOT-FOR-US: Microsoft
CVE-2019-1171 (An information disclosure vulnerability exists in SymCrypt during the  ...)
	NOT-FOR-US: Microsoft
CVE-2019-1170 (An elevation of privilege vulnerability exists when reparse points are ...)
	NOT-FOR-US: Microsoft
CVE-2019-1169 (An elevation of privilege vulnerability exists in Windows when the Win ...)
	NOT-FOR-US: Microsoft
CVE-2019-1168 (An elevation of privilege exists in the p2pimsvc service where an atta ...)
	NOT-FOR-US: Microsoft
CVE-2019-1167 (A security feature bypass vulnerability exists in Windows Defender App ...)
	NOT-FOR-US: Microsoft
CVE-2019-1166 (A tampering vulnerability exists in Microsoft Windows when a man-in-th ...)
	NOT-FOR-US: Microsoft
CVE-2019-1165
	REJECTED
CVE-2019-1164 (An elevation of privilege vulnerability exists when the Windows kernel ...)
	NOT-FOR-US: Microsoft
CVE-2019-1163 (A security feature bypass exists when Windows incorrectly validates CA ...)
	NOT-FOR-US: Microsoft
CVE-2019-1162 (An elevation of privilege vulnerability exists when Windows improperly ...)
	NOT-FOR-US: Microsoft
CVE-2019-1161 (An elevation of privilege vulnerability exists when the MpSigStub.exe  ...)
	NOT-FOR-US: Microsoft
CVE-2019-1160
	REJECTED
CVE-2019-1159 (An elevation of privilege vulnerability exists when the Windows kernel ...)
	NOT-FOR-US: Microsoft
CVE-2019-1158 (An information disclosure vulnerability exists when the Windows GDI co ...)
	NOT-FOR-US: Microsoft
CVE-2019-1157 (A remote code execution vulnerability exists when the Windows Jet Data ...)
	NOT-FOR-US: Microsoft
CVE-2019-1156 (A remote code execution vulnerability exists when the Windows Jet Data ...)
	NOT-FOR-US: Microsoft
CVE-2019-1155 (A remote code execution vulnerability exists when the Windows Jet Data ...)
	NOT-FOR-US: Microsoft
CVE-2019-1154 (An information disclosure vulnerability exists when the Windows GDI co ...)
	NOT-FOR-US: Microsoft
CVE-2019-1153 (An information disclosure vulnerability exists when the Microsoft Wind ...)
	NOT-FOR-US: Microsoft
CVE-2019-1152 (A remote code execution vulnerability exists when the Windows font lib ...)
	NOT-FOR-US: Microsoft
CVE-2019-1151 (A remote code execution vulnerability exists when the Windows font lib ...)
	NOT-FOR-US: Microsoft
CVE-2019-1150 (A remote code execution vulnerability exists when the Windows font lib ...)
	NOT-FOR-US: Microsoft
CVE-2019-1149 (A remote code execution vulnerability exists when the Windows font lib ...)
	NOT-FOR-US: Microsoft
CVE-2019-1148 (An information disclosure vulnerability exists when the Microsoft Wind ...)
	NOT-FOR-US: Microsoft
CVE-2019-1147 (A remote code execution vulnerability exists when the Windows Jet Data ...)
	NOT-FOR-US: Microsoft
CVE-2019-1146 (A remote code execution vulnerability exists when the Windows Jet Data ...)
	NOT-FOR-US: Microsoft
CVE-2019-1145 (A remote code execution vulnerability exists when the Windows font lib ...)
	NOT-FOR-US: Microsoft
CVE-2019-1144 (A remote code execution vulnerability exists when the Windows font lib ...)
	NOT-FOR-US: Microsoft
CVE-2019-1143 (An information disclosure vulnerability exists when the Windows GDI co ...)
	NOT-FOR-US: Microsoft
CVE-2019-1142 (An elevation of privilege vulnerability exists when the .NET Framework ...)
	NOT-FOR-US: Microsoft
CVE-2019-1141 (A remote code execution vulnerability exists in the way that the Chakr ...)
	NOT-FOR-US: Microsoft
CVE-2019-1140 (A remote code execution vulnerability exists in the way that the Chakr ...)
	NOT-FOR-US: Microsoft
CVE-2019-1139 (A remote code execution vulnerability exists in the way that the Chakr ...)
	NOT-FOR-US: Microsoft
CVE-2019-1138 (A remote code execution vulnerability exists in the way that the Chakr ...)
	NOT-FOR-US: Microsoft
CVE-2019-1137 (A cross-site-scripting (XSS) vulnerability exists when Microsoft Excha ...)
	NOT-FOR-US: Microsoft
CVE-2019-1136 (An elevation of privilege vulnerability exists in Microsoft Exchange S ...)
	NOT-FOR-US: Microsoft
CVE-2019-1135
	REJECTED
CVE-2019-1134 (A cross-site-scripting (XSS) vulnerability exists when Microsoft Share ...)
	NOT-FOR-US: Microsoft
CVE-2019-1133 (A remote code execution vulnerability exists in the way that the scrip ...)
	NOT-FOR-US: Microsoft
CVE-2019-1132 (An elevation of privilege vulnerability exists in Windows when the Win ...)
	NOT-FOR-US: Microsoft
CVE-2019-1131 (A remote code execution vulnerability exists in the way that the Chakr ...)
	NOT-FOR-US: Microsoft
CVE-2019-1130 (An elevation of privilege vulnerability exists when Windows AppX Deplo ...)
	NOT-FOR-US: Microsoft
CVE-2019-1129 (An elevation of privilege vulnerability exists when Windows AppX Deplo ...)
	NOT-FOR-US: Microsoft
CVE-2019-1128 (A remote code execution vulnerability exists in the way that DirectWri ...)
	NOT-FOR-US: Microsoft
CVE-2019-1127 (A remote code execution vulnerability exists in the way that DirectWri ...)
	NOT-FOR-US: Microsoft
CVE-2019-1126 (A security feature bypass vulnerability exists in Active Directory Fed ...)
	NOT-FOR-US: Microsoft
CVE-2019-1125 (An information disclosure vulnerability exists when certain central pr ...)
	{DSA-4497-1 DSA-4495-1 DLA-1885-1 DLA-1884-1}
	- linux 5.2.7-1
	NOTE: https://access.redhat.com/articles/4329821
CVE-2019-1124 (A remote code execution vulnerability exists in the way that DirectWri ...)
	NOT-FOR-US: Microsoft
CVE-2019-1123 (A remote code execution vulnerability exists in the way that DirectWri ...)
	NOT-FOR-US: Microsoft
CVE-2019-1122 (A remote code execution vulnerability exists in the way that DirectWri ...)
	NOT-FOR-US: Microsoft
CVE-2019-1121 (A remote code execution vulnerability exists in the way that DirectWri ...)
	NOT-FOR-US: Microsoft
CVE-2019-1120 (A remote code execution vulnerability exists in the way that DirectWri ...)
	NOT-FOR-US: Microsoft
CVE-2019-1119 (A remote code execution vulnerability exists in the way that DirectWri ...)
	NOT-FOR-US: Microsoft
CVE-2019-1118 (A remote code execution vulnerability exists in the way that DirectWri ...)
	NOT-FOR-US: Microsoft
CVE-2019-1117 (A remote code execution vulnerability exists in the way that DirectWri ...)
	NOT-FOR-US: Microsoft
CVE-2019-1116 (An information disclosure vulnerability exists when the Windows GDI co ...)
	NOT-FOR-US: Microsoft
CVE-2019-1115
	REJECTED
CVE-2019-1114
	REJECTED
CVE-2019-1113 (A remote code execution vulnerability exists in .NET software when the ...)
	NOT-FOR-US: Microsoft .NET
CVE-2019-1112 (An information disclosure vulnerability exists when Microsoft Excel im ...)
	NOT-FOR-US: Microsoft
CVE-2019-1111 (A remote code execution vulnerability exists in Microsoft Excel softwa ...)
	NOT-FOR-US: Microsoft
CVE-2019-1110 (A remote code execution vulnerability exists in Microsoft Excel softwa ...)
	NOT-FOR-US: Microsoft
CVE-2019-1109 (A spoofing vulnerability exists when Microsoft Office Javascript does  ...)
	NOT-FOR-US: Microsoft
CVE-2019-1108 (An information disclosure vulnerability exists when the Windows RDP cl ...)
	NOT-FOR-US: Microsoft
CVE-2019-1107 (A remote code execution vulnerability exists in the way that the Chakr ...)
	NOT-FOR-US: Microsoft
CVE-2019-1106 (A remote code execution vulnerability exists in the way that the Chakr ...)
	NOT-FOR-US: Microsoft
CVE-2019-1105 (A spoofing vulnerability exists in the way Microsoft Outlook for Andro ...)
	NOT-FOR-US: Microsoft
CVE-2019-1104 (A remote code execution vulnerability exists in the way that Microsoft ...)
	NOT-FOR-US: Microsoft
CVE-2019-1103 (A remote code execution vulnerability exists in the way that the Chakr ...)
	NOT-FOR-US: Microsoft
CVE-2019-1102 (A remote code execution vulnerability exists in the way that the Windo ...)
	NOT-FOR-US: Microsoft
CVE-2019-1101 (An information disclosure vulnerability exists when the Windows GDI co ...)
	NOT-FOR-US: Microsoft
CVE-2019-1100 (An information disclosure vulnerability exists when the Windows GDI co ...)
	NOT-FOR-US: Microsoft
CVE-2019-1099 (An information disclosure vulnerability exists when the Windows GDI co ...)
	NOT-FOR-US: Microsoft
CVE-2019-1098 (An information disclosure vulnerability exists when the Windows GDI co ...)
	NOT-FOR-US: Microsoft
CVE-2019-1097 (An information disclosure vulnerability exists when DirectWrite improp ...)
	NOT-FOR-US: Microsoft
CVE-2019-1096 (An information disclosure vulnerability exists when the win32k compone ...)
	NOT-FOR-US: Microsoft
CVE-2019-1095 (An information disclosure vulnerability exists when the Windows GDI co ...)
	NOT-FOR-US: Microsoft
CVE-2019-1094 (An information disclosure vulnerability exists when the Windows GDI co ...)
	NOT-FOR-US: Microsoft
CVE-2019-1093 (An information disclosure vulnerability exists when DirectWrite improp ...)
	NOT-FOR-US: Microsoft
CVE-2019-1092 (A remote code execution vulnerability exists in the way that the Chakr ...)
	NOT-FOR-US: Microsoft
CVE-2019-1091 (An information disclosure vulnerability exists when Unistore.dll fails ...)
	NOT-FOR-US: Microsoft
CVE-2019-1090 (An elevation of privilege vulnerability exists in the way that the dns ...)
	NOT-FOR-US: Microsoft
CVE-2019-1089 (An elevation of privilege vulnerability exists in rpcss.dll when the R ...)
	NOT-FOR-US: Microsoft
CVE-2019-1088 (An elevation of privilege exists in Windows Audio Service, aka 'Window ...)
	NOT-FOR-US: Microsoft
CVE-2019-1087 (An elevation of privilege exists in Windows Audio Service, aka 'Window ...)
	NOT-FOR-US: Microsoft
CVE-2019-1086 (An elevation of privilege exists in Windows Audio Service, aka 'Window ...)
	NOT-FOR-US: Microsoft
CVE-2019-1085 (An elevation of privilege vulnerability exists in the way that the wla ...)
	NOT-FOR-US: Microsoft
CVE-2019-1084 (An information disclosure vulnerability exists when Exchange allows cr ...)
	NOT-FOR-US: Microsoft
CVE-2019-1083 (A denial of service vulnerability exists when Microsoft Common Object  ...)
	NOT-FOR-US: Microsoft
CVE-2019-1082 (An elevation of privilege vulnerability exists in Microsoft Windows wh ...)
	NOT-FOR-US: Microsoft
CVE-2019-1081 (An information disclosure vulnerability exists when affected Microsoft ...)
	NOT-FOR-US: Microsoft
CVE-2019-1080 (A remote code execution vulnerability exists in the way the scripting  ...)
	NOT-FOR-US: Microsoft
CVE-2019-1079 (An information disclosure vulnerability exists when Visual Studio impr ...)
	NOT-FOR-US: Microsoft
CVE-2019-1078 (An information disclosure vulnerability exists when the Windows Graphi ...)
	NOT-FOR-US: Microsoft
CVE-2019-1077 (An elevation of privilege vulnerability exists when the Visual Studio  ...)
	NOT-FOR-US: Microsoft
CVE-2019-1076 (A Cross-site Scripting (XSS) vulnerability exists when Team Foundation ...)
	NOT-FOR-US: Microsoft
CVE-2019-1075 (A spoofing vulnerability exists in ASP.NET Core that could lead to an  ...)
	NOT-FOR-US: Microsoft
CVE-2019-1074 (An elevation of privilege vulnerability exists in Microsoft Windows wh ...)
	NOT-FOR-US: Microsoft
CVE-2019-1073 (An information disclosure vulnerability exists when the Windows kernel ...)
	NOT-FOR-US: Microsoft
CVE-2019-1072 (A remote code execution vulnerability exists when Azure DevOps Server  ...)
	NOT-FOR-US: Microsoft
CVE-2019-1071 (An information disclosure vulnerability exists when the Windows kernel ...)
	NOT-FOR-US: Microsoft
CVE-2019-1070 (A cross-site-scripting (XSS) vulnerability exists when Microsoft Share ...)
	NOT-FOR-US: Microsoft
CVE-2019-1069 (An elevation of privilege vulnerability exists in the way the Task Sch ...)
	NOT-FOR-US: Microsoft
CVE-2019-1068 (A remote code execution vulnerability exists in Microsoft SQL Server w ...)
	NOT-FOR-US: Microsoft
CVE-2019-1067 (An elevation of privilege vulnerability exists when the Windows kernel ...)
	NOT-FOR-US: Microsoft
CVE-2019-1066
	REJECTED
CVE-2019-1065 (An elevation of privilege vulnerability exists when the Windows kernel ...)
	NOT-FOR-US: Microsoft
CVE-2019-1064 (An elevation of privilege vulnerability exists when Windows AppX Deplo ...)
	NOT-FOR-US: Microsoft
CVE-2019-1063 (A remote code execution vulnerability exists when Internet Explorer im ...)
	NOT-FOR-US: Microsoft
CVE-2019-1062 (A remote code execution vulnerability exists in the way that the Chakr ...)
	NOT-FOR-US: Microsoft
CVE-2019-1061
	REJECTED
CVE-2019-1060 (A remote code execution vulnerability exists when the Microsoft XML Co ...)
	NOT-FOR-US: Microsoft
CVE-2019-1059 (A remote code execution vulnerability exists in the way that the scrip ...)
	NOT-FOR-US: Microsoft
CVE-2019-1058
	REJECTED
CVE-2019-1057 (A remote code execution vulnerability exists when the Microsoft XML Co ...)
	NOT-FOR-US: Microsoft
CVE-2019-1056 (A remote code execution vulnerability exists in the way that the scrip ...)
	NOT-FOR-US: Microsoft
CVE-2019-1055 (A remote code execution vulnerability exists in the way the scripting  ...)
	NOT-FOR-US: Microsoft
CVE-2019-1054 (A security feature bypass vulnerability exists in Edge that allows for ...)
	NOT-FOR-US: Microsoft
CVE-2019-1053 (An elevation of privilege vulnerability exists when the Windows Shell  ...)
	NOT-FOR-US: Microsoft
CVE-2019-1052 (A remote code execution vulnerability exists in the way that the Chakr ...)
	NOT-FOR-US: Microsoft
CVE-2019-1051 (A remote code execution vulnerability exists in the way that the Chakr ...)
	NOT-FOR-US: Microsoft
CVE-2019-1050 (An information disclosure vulnerability exists when the Windows GDI co ...)
	NOT-FOR-US: Microsoft
CVE-2019-1049 (An information disclosure vulnerability exists when the Windows GDI co ...)
	NOT-FOR-US: Microsoft
CVE-2019-1048 (An information disclosure vulnerability exists when the Windows GDI co ...)
	NOT-FOR-US: Microsoft
CVE-2019-1047 (An information disclosure vulnerability exists when the Windows GDI co ...)
	NOT-FOR-US: Microsoft
CVE-2019-1046 (An information disclosure vulnerability exists when the Windows GDI co ...)
	NOT-FOR-US: Microsoft
CVE-2019-1045 (An elevation of privilege vulnerability exists in the way that the Win ...)
	NOT-FOR-US: Microsoft
CVE-2019-1044 (A security feature bypass vulnerability exists when Windows Secure Ker ...)
	NOT-FOR-US: Microsoft
CVE-2019-1043 (A remote code execution vulnerability exists in the way that comctl32. ...)
	NOT-FOR-US: Microsoft
CVE-2019-1042
	REJECTED
CVE-2019-1041 (An elevation of privilege vulnerability exists when the Windows kernel ...)
	NOT-FOR-US: Microsoft
CVE-2019-1040 (A tampering vulnerability exists in Microsoft Windows when a man-in-th ...)
	NOT-FOR-US: Microsoft
CVE-2019-1039 (An information disclosure vulnerability exists when the Windows kernel ...)
	NOT-FOR-US: Microsoft
CVE-2019-1038 (A remote code execution vulnerability exists in the way that Microsoft ...)
	NOT-FOR-US: Microsoft
CVE-2019-1037 (An elevation of privilege vulnerability exists in the way Windows Erro ...)
	NOT-FOR-US: Microsoft
CVE-2019-1036 (A cross-site-scripting (XSS) vulnerability exists when Microsoft Share ...)
	NOT-FOR-US: Microsoft
CVE-2019-1035 (A remote code execution vulnerability exists in Microsoft Word softwar ...)
	NOT-FOR-US: Microsoft
CVE-2019-1034 (A remote code execution vulnerability exists in Microsoft Word softwar ...)
	NOT-FOR-US: Microsoft
CVE-2019-1033 (A cross-site-scripting (XSS) vulnerability exists when Microsoft Share ...)
	NOT-FOR-US: Microsoft
CVE-2019-1032 (A cross-site-scripting (XSS) vulnerability exists when Microsoft Share ...)
	NOT-FOR-US: Microsoft
CVE-2019-1031 (A cross-site-scripting (XSS) vulnerability exists when Microsoft Share ...)
	NOT-FOR-US: Microsoft
CVE-2019-1030 (An information disclosure vulnerability exists when Microsoft Edge imp ...)
	NOT-FOR-US: Microsoft
CVE-2019-1029 (A denial of service vulnerability exists in Skype for Business, aka 'S ...)
	NOT-FOR-US: Skype
CVE-2019-1028 (An elevation of privilege exists in Windows Audio Service, aka 'Window ...)
	NOT-FOR-US: Microsoft
CVE-2019-1027 (An elevation of privilege exists in Windows Audio Service, aka 'Window ...)
	NOT-FOR-US: Microsoft
CVE-2019-1026 (An elevation of privilege exists in Windows Audio Service, aka 'Window ...)
	NOT-FOR-US: Microsoft
CVE-2019-1025 (A denial of service vulnerability exists when Windows improperly handl ...)
	NOT-FOR-US: Microsoft
CVE-2019-1024 (A remote code execution vulnerability exists in the way that the Chakr ...)
	NOT-FOR-US: Microsoft
CVE-2019-1023 (An information disclosure vulnerability exists when the scripting engi ...)
	NOT-FOR-US: Microsoft
CVE-2019-1022 (An elevation of privilege exists in Windows Audio Service, aka 'Window ...)
	NOT-FOR-US: Microsoft
CVE-2019-1021 (An elevation of privilege exists in Windows Audio Service, aka 'Window ...)
	NOT-FOR-US: Microsoft
CVE-2019-1020
	REJECTED
CVE-2019-1019 (A security feature bypass vulnerability exists where a NETLOGON messag ...)
	NOT-FOR-US: Microsoft
CVE-2019-1018 (An elevation of privilege vulnerability exists when DirectX improperly ...)
	NOT-FOR-US: Microsoft
CVE-2019-1017 (An elevation of privilege vulnerability exists in Windows when the Win ...)
	NOT-FOR-US: Microsoft
CVE-2019-1016 (An information disclosure vulnerability exists when the Windows GDI co ...)
	NOT-FOR-US: Microsoft
CVE-2019-1015 (An information disclosure vulnerability exists when the Windows GDI co ...)
	NOT-FOR-US: Microsoft
CVE-2019-1014 (An elevation of privilege vulnerability exists in Windows when the Win ...)
	NOT-FOR-US: Microsoft
CVE-2019-1013 (An information disclosure vulnerability exists when the Windows GDI co ...)
	NOT-FOR-US: Microsoft
CVE-2019-1012 (An information disclosure vulnerability exists when the Windows GDI co ...)
	NOT-FOR-US: Microsoft
CVE-2019-1011 (An information disclosure vulnerability exists when the Windows GDI co ...)
	NOT-FOR-US: Microsoft
CVE-2019-1010 (An information disclosure vulnerability exists when the Windows GDI co ...)
	NOT-FOR-US: Microsoft
CVE-2019-1009 (An information disclosure vulnerability exists when the Windows GDI co ...)
	NOT-FOR-US: Microsoft
CVE-2019-1008 (A security feature bypass vulnerability exists in Dynamics On Premise, ...)
	NOT-FOR-US: Microsoft Dynamics On-Premise
CVE-2019-1007 (An elevation of privilege exists in Windows Audio Service, aka 'Window ...)
	NOT-FOR-US: Microsoft
CVE-2019-1006 (An authentication bypass vulnerability exists in Windows Communication ...)
	NOT-FOR-US: Microsoft
CVE-2019-1005 (A remote code execution vulnerability exists in the way the scripting  ...)
	NOT-FOR-US: Microsoft
CVE-2019-1004 (A remote code execution vulnerability exists in the way that the scrip ...)
	NOT-FOR-US: Microsoft
CVE-2019-1003 (A remote code execution vulnerability exists in the way that the Chakr ...)
	NOT-FOR-US: Microsoft
CVE-2019-1002 (A remote code execution vulnerability exists in the way that the Chakr ...)
	NOT-FOR-US: Microsoft
CVE-2019-1001 (A remote code execution vulnerability exists in the way the scripting  ...)
	NOT-FOR-US: Microsoft
CVE-2019-1000 (An elevation of privilege vulnerability exists in Microsoft Azure Acti ...)
	NOT-FOR-US: Microsoft
CVE-2019-0999 (An elevation of privilege vulnerability exists when DirectX improperly ...)
	NOT-FOR-US: Microsoft
CVE-2019-0998 (An elevation of privilege vulnerability exists when the Storage Servic ...)
	NOT-FOR-US: Microsoft
CVE-2019-0997
	REJECTED
CVE-2019-0996 (A spoofing vulnerability exists in Azure DevOps Server when it imprope ...)
	NOT-FOR-US: Azure DevOps Server / Microsoft
CVE-2019-0995 (A security feature bypass vulnerability exists when urlmon.dll imprope ...)
	NOT-FOR-US: Microsoft
CVE-2019-0994
	REJECTED
CVE-2019-0993 (A remote code execution vulnerability exists in the way that the Chakr ...)
	NOT-FOR-US: Microsoft
CVE-2019-0992 (A remote code execution vulnerability exists in the way that the Chakr ...)
	NOT-FOR-US: Microsoft
CVE-2019-0991 (A remote code execution vulnerability exists in the way that the Chakr ...)
	NOT-FOR-US: Microsoft
CVE-2019-0990 (An information disclosure vulnerability exists when the scripting engi ...)
	NOT-FOR-US: Microsoft
CVE-2019-0989 (A remote code execution vulnerability exists in the way that the Chakr ...)
	NOT-FOR-US: Microsoft
CVE-2019-0988 (A remote code execution vulnerability exists in the way that the scrip ...)
	NOT-FOR-US: Microsoft
CVE-2019-0987
	REJECTED
CVE-2019-0986 (An elevation of privilege vulnerability exists when the Windows User P ...)
	NOT-FOR-US: Microsoft
CVE-2019-0985 (A remote code execution vulnerability exists when the Microsoft Speech ...)
	NOT-FOR-US: Microsoft
CVE-2019-0984 (An elevation of privilege vulnerability exists when the Windows Common ...)
	NOT-FOR-US: Microsoft
CVE-2019-0983 (An elevation of privilege vulnerability exists when the Storage Servic ...)
	NOT-FOR-US: Microsoft
CVE-2019-0982 (A denial of service vulnerability exists when ASP.NET Core improperly  ...)
	NOT-FOR-US: Microsoft
CVE-2019-0981 (A denial of service vulnerability exists when .NET Framework or .NET C ...)
	NOT-FOR-US: Microsoft .NET Core
CVE-2019-0980 (A denial of service vulnerability exists when .NET Framework or .NET C ...)
	NOT-FOR-US: Microsoft .NET Core
CVE-2019-0979 (A Cross-site Scripting (XSS) vulnerability exists when Azure DevOps Se ...)
	NOT-FOR-US: Microsoft
CVE-2019-0978
	REJECTED
CVE-2019-0977 (An information disclosure vulnerability exists when the Windows GDI co ...)
	NOT-FOR-US: Microsoft
CVE-2019-0976 (A tampering vulnerability exists in the NuGet Package Manager for Linu ...)
	- nuget <not-affected> (Vulnerable code introduced in 5.0.0)
	NOTE: Fixed in NuGet.Client 5.0.2.
	NOTE: https://github.com/NuGet/Home/issues/7908
	NOTE: https://github.com/NuGet/NuGet.Client/commit/e32a2ea7096debd3e513188f6779bb1041593326 (5.0.2.5988)
CVE-2019-0975 (A security feature bypass vulnerability exists when Active Directory F ...)
	NOT-FOR-US: Microsoft
CVE-2019-0974 (A remote code execution vulnerability exists when the Windows Jet Data ...)
	NOT-FOR-US: Microsoft
CVE-2019-0973 (An elevation of privilege vulnerability exists in the Windows Installe ...)
	NOT-FOR-US: Microsoft
CVE-2019-0972 (This security update corrects a denial of service in the Local Securit ...)
	NOT-FOR-US: Microsoft
CVE-2019-0971 (An information disclosure vulnerability exists when Azure DevOps Serve ...)
	NOT-FOR-US: Microsoft
CVE-2019-0970
	REJECTED
CVE-2019-0969
	REJECTED
CVE-2019-0968 (An information disclosure vulnerability exists when the Windows GDI co ...)
	NOT-FOR-US: Microsoft
CVE-2019-0967
	REJECTED
CVE-2019-0966 (A denial of service vulnerability exists when Microsoft Hyper-V on a h ...)
	NOT-FOR-US: Microsoft
CVE-2019-0965 (A remote code execution vulnerability exists when Windows Hyper-V on a ...)
	NOT-FOR-US: Microsoft
CVE-2019-0964
	REJECTED
CVE-2019-0963 (A cross-site-scripting (XSS) vulnerability exists when Microsoft Share ...)
	NOT-FOR-US: Microsoft
CVE-2019-0962 (An elevation of privilege vulnerability exists in Azure Automation "Ru ...)
	NOT-FOR-US: Microsoft
CVE-2019-0961 (An information disclosure vulnerability exists when the Windows GDI co ...)
	NOT-FOR-US: Microsoft
CVE-2019-0960 (An elevation of privilege vulnerability exists in Windows when the Win ...)
	NOT-FOR-US: Microsoft
CVE-2019-0959 (An elevation of privilege vulnerability exists when the Windows Common ...)
	NOT-FOR-US: Microsoft
CVE-2019-0958 (An elevation of privilege vulnerability exists when Microsoft SharePoi ...)
	NOT-FOR-US: Microsoft
CVE-2019-0957 (An elevation of privilege vulnerability exists when Microsoft SharePoi ...)
	NOT-FOR-US: Microsoft
CVE-2019-0956 (An information disclosure vulnerability exists when Microsoft SharePoi ...)
	NOT-FOR-US: Microsoft
CVE-2019-0955
	REJECTED
CVE-2019-0954
	REJECTED
CVE-2019-0953 (A remote code execution vulnerability exists in Microsoft Word softwar ...)
	NOT-FOR-US: Microsoft
CVE-2019-0952 (A remote code execution vulnerability exists in Microsoft SharePoint S ...)
	NOT-FOR-US: Microsoft
CVE-2019-0951 (A spoofing vulnerability exists when Microsoft SharePoint Server does  ...)
	NOT-FOR-US: Microsoft
CVE-2019-0950 (A spoofing vulnerability exists when Microsoft SharePoint Server does  ...)
	NOT-FOR-US: Microsoft
CVE-2019-0949 (A spoofing vulnerability exists when Microsoft SharePoint Server does  ...)
	NOT-FOR-US: Microsoft
CVE-2019-0948 (An information disclosure vulnerability exists in the Windows Event Vi ...)
	NOT-FOR-US: Microsoft
CVE-2019-0947 (A remote code execution vulnerability exists when the Microsoft Office ...)
	NOT-FOR-US: Microsoft
CVE-2019-0946 (A remote code execution vulnerability exists when the Microsoft Office ...)
	NOT-FOR-US: Microsoft
CVE-2019-0945 (A remote code execution vulnerability exists when the Microsoft Office ...)
	NOT-FOR-US: Microsoft
CVE-2019-0944
	REJECTED
CVE-2019-0943 (An elevation of privilege vulnerability exists when Windows improperly ...)
	NOT-FOR-US: Microsoft
CVE-2019-0942 (An elevation of privilege vulnerability exists in the Unified Write Fi ...)
	NOT-FOR-US: Microsoft
CVE-2019-0941 (A denial of service exists in Microsoft IIS Server when the optional r ...)
	NOT-FOR-US: Microsoft
CVE-2019-0940 (A remote code execution vulnerability exists in the way that Microsoft ...)
	NOT-FOR-US: Microsoft
CVE-2019-0939
	REJECTED
CVE-2019-0938 (An elevation of privilege vulnerability exists in Microsoft Edge that  ...)
	NOT-FOR-US: Microsoft
CVE-2019-0937 (A remote code execution vulnerability exists in the way that the Chakr ...)
	NOT-FOR-US: Microsoft
CVE-2019-0936 (An elevation of privilege vulnerability exists in Microsoft Windows wh ...)
	NOT-FOR-US: Microsoft
CVE-2019-0935
	REJECTED
CVE-2019-0934
	REJECTED
CVE-2019-0933 (A remote code execution vulnerability exists in the way that the Chakr ...)
	NOT-FOR-US: Microsoft
CVE-2019-0932 (An information disclosure vulnerability exists in Skype for Android, a ...)
	NOT-FOR-US: Skype
CVE-2019-0931 (An elevation of privilege vulnerability exists when the Storage Servic ...)
	NOT-FOR-US: Microsoft
CVE-2019-0930 (An information disclosure vulnerability exists when Internet Explorer  ...)
	NOT-FOR-US: Microsoft
CVE-2019-0929 (A remote code execution vulnerability exists when Internet Explorer im ...)
	NOT-FOR-US: Microsoft
CVE-2019-0928 (A denial of service vulnerability exists when Microsoft Hyper-V on a h ...)
	NOT-FOR-US: Microsoft
CVE-2019-0927 (A remote code execution vulnerability exists in the way that the Chakr ...)
	NOT-FOR-US: Microsoft
CVE-2019-0926 (A remote code execution vulnerability exists when Microsoft Edge impro ...)
	NOT-FOR-US: Microsoft
CVE-2019-0925 (A remote code execution vulnerability exists in the way that the Chakr ...)
	NOT-FOR-US: Microsoft
CVE-2019-0924 (A remote code execution vulnerability exists in the way that the Chakr ...)
	NOT-FOR-US: Microsoft
CVE-2019-0923 (A remote code execution vulnerability exists in the way that the Chakr ...)
	NOT-FOR-US: Microsoft
CVE-2019-0922 (A remote code execution vulnerability exists in the way that the Chakr ...)
	NOT-FOR-US: Microsoft
CVE-2019-0921 (An spoofing vulnerability exists when Internet Explorer improperly han ...)
	NOT-FOR-US: Microsoft
CVE-2019-0920 (A remote code execution vulnerability exists in the way the scripting  ...)
	NOT-FOR-US: Microsoft
CVE-2019-0919
	REJECTED
CVE-2019-0918 (A remote code execution vulnerability exists in the way the scripting  ...)
	NOT-FOR-US: Microsoft
CVE-2019-0917 (A remote code execution vulnerability exists in the way that the Chakr ...)
	NOT-FOR-US: Microsoft
CVE-2019-0916 (A remote code execution vulnerability exists in the way that the Chakr ...)
	NOT-FOR-US: Microsoft
CVE-2019-0915 (A remote code execution vulnerability exists in the way that the Chakr ...)
	NOT-FOR-US: Microsoft
CVE-2019-0914 (A remote code execution vulnerability exists in the way that the Chakr ...)
	NOT-FOR-US: Microsoft
CVE-2019-0913 (A remote code execution vulnerability exists in the way that the Chakr ...)
	NOT-FOR-US: Microsoft
CVE-2019-0912 (A remote code execution vulnerability exists in the way that the Chakr ...)
	NOT-FOR-US: Microsoft
CVE-2019-0911 (A remote code execution vulnerability exists in the way the scripting  ...)
	NOT-FOR-US: Microsoft
CVE-2019-0910
	REJECTED
CVE-2019-0909 (A remote code execution vulnerability exists when the Windows Jet Data ...)
	NOT-FOR-US: Microsoft
CVE-2019-0908 (A remote code execution vulnerability exists when the Windows Jet Data ...)
	NOT-FOR-US: Microsoft
CVE-2019-0907 (A remote code execution vulnerability exists when the Windows Jet Data ...)
	NOT-FOR-US: Microsoft
CVE-2019-0906 (A remote code execution vulnerability exists when the Windows Jet Data ...)
	NOT-FOR-US: Microsoft
CVE-2019-0905 (A remote code execution vulnerability exists when the Windows Jet Data ...)
	NOT-FOR-US: Microsoft
CVE-2019-0904 (A remote code execution vulnerability exists when the Windows Jet Data ...)
	NOT-FOR-US: Microsoft
CVE-2019-0903 (A remote code execution vulnerability exists in the way that the Windo ...)
	NOT-FOR-US: Microsoft
CVE-2019-0902 (A remote code execution vulnerability exists when the Windows Jet Data ...)
	NOT-FOR-US: Microsoft
CVE-2019-0901 (A remote code execution vulnerability exists when the Windows Jet Data ...)
	NOT-FOR-US: Microsoft
CVE-2019-0900 (A remote code execution vulnerability exists when the Windows Jet Data ...)
	NOT-FOR-US: Microsoft
CVE-2019-0899 (A remote code execution vulnerability exists when the Windows Jet Data ...)
	NOT-FOR-US: Microsoft
CVE-2019-0898 (A remote code execution vulnerability exists when the Windows Jet Data ...)
	NOT-FOR-US: Microsoft
CVE-2019-0897 (A remote code execution vulnerability exists when the Windows Jet Data ...)
	NOT-FOR-US: Microsoft
CVE-2019-0896 (A remote code execution vulnerability exists when the Windows Jet Data ...)
	NOT-FOR-US: Microsoft
CVE-2019-0895 (A remote code execution vulnerability exists when the Windows Jet Data ...)
	NOT-FOR-US: Microsoft
CVE-2019-0894 (A remote code execution vulnerability exists when the Windows Jet Data ...)
	NOT-FOR-US: Microsoft
CVE-2019-0893 (A remote code execution vulnerability exists when the Windows Jet Data ...)
	NOT-FOR-US: Microsoft
CVE-2019-0892 (An elevation of privilege vulnerability exists in Windows when the Win ...)
	NOT-FOR-US: Microsoft
CVE-2019-0891 (A remote code execution vulnerability exists when the Windows Jet Data ...)
	NOT-FOR-US: Microsoft
CVE-2019-0890 (A remote code execution vulnerability exists when the Windows Jet Data ...)
	NOT-FOR-US: Microsoft
CVE-2019-0889 (A remote code execution vulnerability exists when the Windows Jet Data ...)
	NOT-FOR-US: Microsoft
CVE-2019-0888 (A remote code execution vulnerability exists in the way that ActiveX D ...)
	NOT-FOR-US: Microsoft
CVE-2019-0887 (A remote code execution vulnerability exists in Remote Desktop Service ...)
	NOT-FOR-US: Microsoft
CVE-2019-0886 (An information disclosure vulnerability exists when Windows Hyper-V on ...)
	NOT-FOR-US: Microsoft
CVE-2019-0885 (A remote code execution vulnerability exists when Microsoft Windows OL ...)
	NOT-FOR-US: Microsoft
CVE-2019-0884 (A remote code execution vulnerability exists in the way the scripting  ...)
	NOT-FOR-US: Microsoft
CVE-2019-0883
	REJECTED
CVE-2019-0882 (An information disclosure vulnerability exists when the Windows GDI co ...)
	NOT-FOR-US: Microsoft
CVE-2019-0881 (An elevation of privilege vulnerability exists when the Windows Kernel ...)
	NOT-FOR-US: Microsoft
CVE-2019-0880 (A local elevation of privilege vulnerability exists in how splwow64.ex ...)
	NOT-FOR-US: Microsoft
CVE-2019-0879 (A remote code execution vulnerability exists when the Windows Jet Data ...)
	NOT-FOR-US: Microsoft
CVE-2019-0878
	REJECTED
CVE-2019-0877 (A remote code execution vulnerability exists when the Windows Jet Data ...)
	NOT-FOR-US: Microsoft
CVE-2019-0876 (An information disclosure vulnerability exists when affected Open Encl ...)
	NOT-FOR-US: Microsoft
CVE-2019-0875 (An elevation of privilege vulnerability exists when Azure DevOps Serve ...)
	NOT-FOR-US: Microsoft
CVE-2019-0874 (A Cross-site Scripting (XSS) vulnerability exists when Azure DevOps Se ...)
	NOT-FOR-US: Microsoft
CVE-2019-0873
	REJECTED
CVE-2019-0872 (A Cross-site Scripting (XSS) vulnerability exists when Azure DevOps Se ...)
	NOT-FOR-US: Microsoft
CVE-2019-0871 (A Cross-site Scripting (XSS) vulnerability exists when Azure DevOps Se ...)
	NOT-FOR-US: Microsoft
CVE-2019-0870 (A Cross-site Scripting (XSS) vulnerability exists when Azure DevOps Se ...)
	NOT-FOR-US: Microsoft
CVE-2019-0869 (A spoofing vulnerability exists in Microsoft Azure DevOps Server when  ...)
	NOT-FOR-US: Microsoft
CVE-2019-0868 (A Cross-site Scripting (XSS) vulnerability exists when Azure DevOps Se ...)
	NOT-FOR-US: Microsoft
CVE-2019-0867 (A Cross-site Scripting (XSS) vulnerability exists when Azure DevOps Se ...)
	NOT-FOR-US: Microsoft
CVE-2019-0866 (A Cross-site Scripting (XSS) vulnerability exists when Azure DevOps Se ...)
	NOT-FOR-US: Microsoft
CVE-2019-0865 (A denial of service vulnerability exists when SymCrypt improperly hand ...)
	NOT-FOR-US: Microsoft
CVE-2019-0864 (A denial of service vulnerability exists when .NET Framework improperl ...)
	NOT-FOR-US: .NET Framework
CVE-2019-0863 (An elevation of privilege vulnerability exists in the way Windows Erro ...)
	NOT-FOR-US: Microsoft
CVE-2019-0862 (A remote code execution vulnerability exists in the way that the scrip ...)
	NOT-FOR-US: Microsoft
CVE-2019-0861 (A remote code execution vulnerability exists in the way that the Chakr ...)
	NOT-FOR-US: Microsoft
CVE-2019-0860 (A remote code execution vulnerability exists in the way that the Chakr ...)
	NOT-FOR-US: Microsoft
CVE-2019-0859 (An elevation of privilege vulnerability exists in Windows when the Win ...)
	NOT-FOR-US: Microsoft
CVE-2019-0858 (A spoofing vulnerability exists in Microsoft Exchange Server when Outl ...)
	NOT-FOR-US: Microsoft
CVE-2019-0857 (A spoofing vulnerability that could allow a security feature bypass ex ...)
	NOT-FOR-US: Microsoft
CVE-2019-0856 (A remote code execution vulnerability exists when Windows improperly h ...)
	NOT-FOR-US: Microsoft Windows
CVE-2019-0855
	REJECTED
CVE-2019-0854
	REJECTED
CVE-2019-0853 (A remote code execution vulnerability exists in the way that the Windo ...)
	NOT-FOR-US: Microsoft
CVE-2019-0852
	REJECTED
CVE-2019-0851 (A remote code execution vulnerability exists when the Windows Jet Data ...)
	NOT-FOR-US: Microsoft
CVE-2019-0850
	REJECTED
CVE-2019-0849 (An information disclosure vulnerability exists when the Windows GDI co ...)
	NOT-FOR-US: Microsoft
CVE-2019-0848 (An information disclosure vulnerability exists when the win32k compone ...)
	NOT-FOR-US: Microsoft
CVE-2019-0847 (A remote code execution vulnerability exists when the Windows Jet Data ...)
	NOT-FOR-US: Microsoft
CVE-2019-0846 (A remote code execution vulnerability exists when the Windows Jet Data ...)
	NOT-FOR-US: Microsoft
CVE-2019-0845 (A remote code execution vulnerability exists when the IOleCvt interfac ...)
	NOT-FOR-US: Microsoft
CVE-2019-0844 (An information disclosure vulnerability exists when the Windows kernel ...)
	NOT-FOR-US: Microsoft Windows
CVE-2019-0843
	REJECTED
CVE-2019-0842 (A remote code execution vulnerability exists in the way that the VBScr ...)
	NOT-FOR-US: Microsoft
CVE-2019-0841 (An elevation of privilege vulnerability exists when Windows AppX Deplo ...)
	NOT-FOR-US: Microsoft
CVE-2019-0840 (An information disclosure vulnerability exists when the Windows kernel ...)
	NOT-FOR-US: Microsoft Windows
CVE-2019-0839 (An information disclosure vulnerability exists when the Terminal Servi ...)
	NOT-FOR-US: Microsoft
CVE-2019-0838 (An information disclosure vulnerability exists when Windows Task Sched ...)
	NOT-FOR-US: Microsoft
CVE-2019-0837 (An information disclosure vulnerability exists when DirectX improperly ...)
	NOT-FOR-US: Microsoft
CVE-2019-0836 (An elevation of privilege vulnerability exists when Windows improperly ...)
	NOT-FOR-US: Microsoft
CVE-2019-0835 (An information disclosure vulnerability exists when the scripting engi ...)
	NOT-FOR-US: Microsoft
CVE-2019-0834
	REJECTED
CVE-2019-0833 (An information disclosure vulnerability exists when Microsoft Edge imp ...)
	NOT-FOR-US: Microsoft
CVE-2019-0832
	REJECTED
CVE-2019-0831 (A cross-site-scripting (XSS) vulnerability exists when Microsoft Share ...)
	NOT-FOR-US: Microsoft
CVE-2019-0830 (A cross-site-scripting (XSS) vulnerability exists when Microsoft Share ...)
	NOT-FOR-US: Microsoft
CVE-2019-0829 (A remote code execution vulnerability exists in the way that the Chakr ...)
	NOT-FOR-US: Microsoft
CVE-2019-0828 (A remote code execution vulnerability exists in Microsoft Excel softwa ...)
	NOT-FOR-US: Microsoft
CVE-2019-0827 (A remote code execution vulnerability exists when the Microsoft Office ...)
	NOT-FOR-US: Microsoft
CVE-2019-0826 (A remote code execution vulnerability exists when the Microsoft Office ...)
	NOT-FOR-US: Microsoft
CVE-2019-0825 (A remote code execution vulnerability exists when the Microsoft Office ...)
	NOT-FOR-US: Microsoft
CVE-2019-0824 (A remote code execution vulnerability exists when the Microsoft Office ...)
	NOT-FOR-US: Microsoft
CVE-2019-0823 (A remote code execution vulnerability exists when the Microsoft Office ...)
	NOT-FOR-US: Microsoft
CVE-2019-0822 (A remote code execution vulnerability exists in the way that Microsoft ...)
	NOT-FOR-US: Microsoft
CVE-2019-0821 (An information disclosure vulnerability exists in the way that the Win ...)
	NOT-FOR-US: Windows SMB Server
CVE-2019-0820 (A denial of service vulnerability exists when .NET Framework and .NET  ...)
	NOT-FOR-US: Microsoft .NET Core
CVE-2019-0819 (An information disclosure vulnerability exists in Microsoft SQL Server ...)
	NOT-FOR-US: Microsoft
CVE-2019-0818
	REJECTED
CVE-2019-0817 (A spoofing vulnerability exists in Microsoft Exchange Server when Outl ...)
	NOT-FOR-US: Microsoft
CVE-2019-0816 (A security feature bypass exists in Azure SSH Keypairs, due to a chang ...)
	- cloud-init 18.3-6 (low; bug #926043)
	[stretch] - cloud-init <no-dsa> (Doesn't affect default provisioning for Azure, only limited use cases)
	[jessie] - cloud-init <not-affected> (version uses a different mechanism to set public keys.)
	NOTE: https://code.launchpad.net/~jasonzio/cloud-init/+git/cloud-init/+merge/363445
	NOTE: https://support.microsoft.com/en-us/help/4491476/extraneous-ssh-public-keys-added-to-authorized-keys-file-on-linux-vm
CVE-2019-0815 (A denial of service vulnerability exists when ASP.NET Core improperly  ...)
	NOT-FOR-US: Microsoft
CVE-2019-0814 (An information disclosure vulnerability exists when the win32k compone ...)
	NOT-FOR-US: Microsoft
CVE-2019-0813 (An elevation of privilege vulnerability exists when Windows Admin Cent ...)
	NOT-FOR-US: Microsoft
CVE-2019-0812 (A remote code execution vulnerability exists in the way that the Chakr ...)
	NOT-FOR-US: Microsoft
CVE-2019-0811 (A denial of service vulnerability exists in Windows DNS Server when it ...)
	NOT-FOR-US: Microsoft
CVE-2019-0810 (A remote code execution vulnerability exists in the way that the Chakr ...)
	NOT-FOR-US: Microsoft
CVE-2019-0809 (A remote code execution vulnerability exists when the Visual Studio C+ ...)
	NOT-FOR-US: Microsoft
CVE-2019-0808 (An elevation of privilege vulnerability exists in Windows when the Win ...)
	NOT-FOR-US: Microsoft Windows
CVE-2019-0807
	REJECTED
CVE-2019-0806 (A remote code execution vulnerability exists in the way that the Chakr ...)
	NOT-FOR-US: Microsoft
CVE-2019-0805 (An elevation of privilege vulnerability exists when Windows improperly ...)
	NOT-FOR-US: Microsoft
CVE-2019-0804 (An information disclosure vulnerability exists in the way Azure WaLinu ...)
	{DSA-4406-1 DLA-1709-1}
	- waagent 2.2.34-3
CVE-2019-0803 (An elevation of privilege vulnerability exists in Windows when the Win ...)
	NOT-FOR-US: Microsoft
CVE-2019-0802 (An information disclosure vulnerability exists when the Windows GDI co ...)
	NOT-FOR-US: Microsoft
CVE-2019-0801 (A remote code execution vulnerability exists when Microsoft Office fai ...)
	NOT-FOR-US: Microsoft
CVE-2019-0800
	REJECTED
CVE-2019-0799
	REJECTED
CVE-2019-0798 (A spoofing vulnerability exists when a Lync Server or Skype for Busine ...)
	NOT-FOR-US: Microsoft
CVE-2019-0797 (An elevation of privilege vulnerability exists in Windows when the Win ...)
	NOT-FOR-US: Microsoft Windows
CVE-2019-0796 (An elevation of privilege vulnerability exists when Windows improperly ...)
	NOT-FOR-US: Microsoft
CVE-2019-0795 (A remote code execution vulnerability exists when the Microsoft XML Co ...)
	NOT-FOR-US: Microsoft
CVE-2019-0794 (A remote code execution vulnerability exists when OLE automation impro ...)
	NOT-FOR-US: Microsoft
CVE-2019-0793 (A remote code execution vulnerability exists when the Microsoft XML Co ...)
	NOT-FOR-US: Microsoft
CVE-2019-0792 (A remote code execution vulnerability exists when the Microsoft XML Co ...)
	NOT-FOR-US: Microsoft
CVE-2019-0791 (A remote code execution vulnerability exists when the Microsoft XML Co ...)
	NOT-FOR-US: Microsoft
CVE-2019-0790 (A remote code execution vulnerability exists when the Microsoft XML Co ...)
	NOT-FOR-US: Microsoft
CVE-2019-0789
	REJECTED
CVE-2019-0788 (A remote code execution vulnerability exists in the Windows Remote Des ...)
	NOT-FOR-US: Microsoft
CVE-2019-0787 (A remote code execution vulnerability exists in the Windows Remote Des ...)
	NOT-FOR-US: Microsoft
CVE-2019-0786 (An elevation of privilege vulnerability exists in the Microsoft Server ...)
	NOT-FOR-US: Microsoft
CVE-2019-0785 (A memory corruption vulnerability exists in the Windows Server DHCP se ...)
	NOT-FOR-US: Microsoft
CVE-2019-0784 (A remote code execution vulnerability exists in the way that the Activ ...)
	NOT-FOR-US: Microsoft
CVE-2019-0783 (A remote code execution vulnerability exists in the way that the scrip ...)
	NOT-FOR-US: Microsoft
CVE-2019-0782 (An information disclosure vulnerability exists when the Windows kernel ...)
	NOT-FOR-US: Microsoft Windows
CVE-2019-0781
	REJECTED
CVE-2019-0780 (A remote code execution vulnerability exists in the way that Microsoft ...)
	NOT-FOR-US: Microsoft
CVE-2019-0779 (A remote code execution vulnerability exists when Microsoft Edge impro ...)
	NOT-FOR-US: Microsoft
CVE-2019-0778 (A cross-site-scripting (XSS) vulnerability exists when Microsoft Share ...)
	NOT-FOR-US: Microsoft
CVE-2019-0777 (A Cross-site Scripting (XSS) vulnerability exists when Team Foundation ...)
	NOT-FOR-US: Microsoft
CVE-2019-0776 (An information disclosure vulnerability exists when the win32k compone ...)
	NOT-FOR-US: Microsoft
CVE-2019-0775 (An information disclosure vulnerability exists when the Windows kernel ...)
	NOT-FOR-US: Microsoft Windows
CVE-2019-0774 (An information disclosure vulnerability exists when the Windows GDI co ...)
	NOT-FOR-US: Microsoft Windows
CVE-2019-0773 (A remote code execution vulnerability exists in the way that the scrip ...)
	NOT-FOR-US: Microsoft
CVE-2019-0772 (A remote code execution vulnerability exists in the way that the VBScr ...)
	NOT-FOR-US: Microsoft
CVE-2019-0771 (A remote code execution vulnerability exists in the way that the scrip ...)
	NOT-FOR-US: Microsoft
CVE-2019-0770 (A remote code execution vulnerability exists in the way that the scrip ...)
	NOT-FOR-US: Microsoft
CVE-2019-0769 (A remote code execution vulnerability exists in the way that the scrip ...)
	NOT-FOR-US: Microsoft
CVE-2019-0768 (A security feature bypass vulnerability exists when Internet Explorer  ...)
	NOT-FOR-US: Microsoft
CVE-2019-0767 (An information disclosure vulnerability exists when the Windows kernel ...)
	NOT-FOR-US: Microsoft Windows
CVE-2019-0766 (An elevation of privilege vulnerability exists in Windows AppX Deploym ...)
	NOT-FOR-US: Microsoft
CVE-2019-0765 (A remote code execution vulnerability exists in the way that comctl32. ...)
	NOT-FOR-US: Microsoft
CVE-2019-0764 (A tampering vulnerability exists when Microsoft browsers do not proper ...)
	NOT-FOR-US: Microsoft
CVE-2019-0763 (A remote code execution vulnerability exists when Internet Explorer im ...)
	NOT-FOR-US: Microsoft
CVE-2019-0762 (A security feature bypass vulnerability exists when Microsoft browsers ...)
	NOT-FOR-US: Microsoft
CVE-2019-0761 (A security feature bypass vulnerability exists when Internet Explorer  ...)
	NOT-FOR-US: Microsoft
CVE-2019-0760
	REJECTED
CVE-2019-0759 (An information disclosure vulnerability exists when the Windows Print  ...)
	NOT-FOR-US: Microsoft
CVE-2019-0758 (An information disclosure vulnerability exists when the Windows GDI co ...)
	NOT-FOR-US: Microsoft
CVE-2019-0757 (A tampering vulnerability exists in the NuGet Package Manager for Linu ...)
	- nuget <not-affected> (NuGet older than 4.3 is not affected, bug #926122)
	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1685475
	NOTE: https://github.com/NuGet/Home/issues/7673
	NOTE: https://github.com/NuGet/NuGet.Client/commit/d62db666c710bf95121fe8f5c6a6cbe01985456f?w=1
	NOTE: https://github.com/NuGet/Home/issues/7673#issuecomment-478738369
CVE-2019-0756 (A remote code execution vulnerability exists when the Microsoft XML Co ...)
	NOT-FOR-US: Microsoft
CVE-2019-0755 (An information disclosure vulnerability exists when the Windows kernel ...)
	NOT-FOR-US: Microsoft Windows
CVE-2019-0754 (A denial of service vulnerability exists when Windows improperly handl ...)
	NOT-FOR-US: Microsoft Windows
CVE-2019-0753 (A remote code execution vulnerability exists in the way that the scrip ...)
	NOT-FOR-US: Microsoft
CVE-2019-0752 (A remote code execution vulnerability exists in the way that the scrip ...)
	NOT-FOR-US: Microsoft
CVE-2019-0751
	REJECTED
CVE-2019-0750
	REJECTED
CVE-2019-0749
	REJECTED
CVE-2019-0748 (A remote code execution vulnerability exists when the Microsoft Office ...)
	NOT-FOR-US: Microsoft
CVE-2019-0747
	REJECTED
CVE-2019-0746 (An information disclosure vulnerability exists when the scripting engi ...)
	NOT-FOR-US: Microsoft
CVE-2019-0745
	REJECTED
CVE-2019-0744
	REJECTED
CVE-2019-0743 (A Cross-site Scripting (XSS) vulnerability exists when Team Foundation ...)
	NOT-FOR-US: Microsoft Team Foundation Server
CVE-2019-0742 (A Cross-site Scripting (XSS) vulnerability exists when Team Foundation ...)
	NOT-FOR-US: Microsoft Team Foundation Server
CVE-2019-0741 (An information disclosure vulnerability exists in the way Azure IoT Ja ...)
	NOT-FOR-US: Microsoft
CVE-2019-0740
	REJECTED
CVE-2019-0739 (A remote code execution vulnerability exists in the way that the scrip ...)
	NOT-FOR-US: Microsoft
CVE-2019-0738
	REJECTED
CVE-2019-0737
	REJECTED
CVE-2019-0736 (A memory corruption vulnerability exists in the Windows DHCP client wh ...)
	NOT-FOR-US: Microsoft
CVE-2019-0735 (An elevation of privilege vulnerability exists when the Windows Client ...)
	NOT-FOR-US: Microsoft
CVE-2019-0734 (An elevation of privilege vulnerability exists in Microsoft Windows wh ...)
	NOT-FOR-US: Microsoft
CVE-2019-0733 (A security feature bypass vulnerability exists in Windows Defender App ...)
	NOT-FOR-US: Microsoft
CVE-2019-0732 (A security feature bypass vulnerability exists in Windows which could  ...)
	NOT-FOR-US: Microsoft
CVE-2019-0731 (An elevation of privilege vulnerability exists when Windows improperly ...)
	NOT-FOR-US: Microsoft
CVE-2019-0730 (An elevation of privilege vulnerability exists when Windows improperly ...)
	NOT-FOR-US: Microsoft
CVE-2019-0729 (An Elevation of Privilege vulnerability exists in the way Azure IoT Ja ...)
	NOT-FOR-US: Microsoft
CVE-2019-0728 (A remote code execution vulnerability exists in Visual Studio Code whe ...)
	NOT-FOR-US: Microsoft
CVE-2019-0727 (An elevation of privilege vulnerability exists when the Diagnostics Hu ...)
	NOT-FOR-US: Microsoft
CVE-2019-0726 (A memory corruption vulnerability exists in the Windows DHCP client wh ...)
	NOT-FOR-US: Microsoft
CVE-2019-0725 (A memory corruption vulnerability exists in the Windows Server DHCP se ...)
	NOT-FOR-US: Microsoft
CVE-2019-0724 (An elevation of privilege vulnerability exists in Microsoft Exchange S ...)
	NOT-FOR-US: Microsoft
CVE-2019-0723 (A denial of service vulnerability exists when Microsoft Hyper-V Networ ...)
	NOT-FOR-US: Microsoft
CVE-2019-0722 (A remote code execution vulnerability exists when Windows Hyper-V on a ...)
	NOT-FOR-US: Microsoft
CVE-2019-0721 (A remote code execution vulnerability exists when Windows Hyper-V Netw ...)
	NOT-FOR-US: Microsoft
CVE-2019-0720 (A remote code execution vulnerability exists when Windows Hyper-V Netw ...)
	NOT-FOR-US: Microsoft
CVE-2019-0719 (A remote code execution vulnerability exists when Windows Hyper-V Netw ...)
	NOT-FOR-US: Microsoft
CVE-2019-0718 (A denial of service vulnerability exists when Microsoft Hyper-V Networ ...)
	NOT-FOR-US: Microsoft
CVE-2019-0717 (A denial of service vulnerability exists when Microsoft Hyper-V Networ ...)
	NOT-FOR-US: Microsoft
CVE-2019-0716 (A denial of service vulnerability exists when Windows improperly handl ...)
	NOT-FOR-US: Microsoft
CVE-2019-0715 (A denial of service vulnerability exists when Microsoft Hyper-V Networ ...)
	NOT-FOR-US: Microsoft
CVE-2019-0714 (A denial of service vulnerability exists when Microsoft Hyper-V Networ ...)
	NOT-FOR-US: Microsoft
CVE-2019-0713 (A denial of service vulnerability exists when Microsoft Hyper-V on a h ...)
	NOT-FOR-US: Microsoft
CVE-2019-0712 (A denial of service vulnerability exists when Microsoft Hyper-V Networ ...)
	NOT-FOR-US: Microsoft
CVE-2019-0711 (A denial of service vulnerability exists when Microsoft Hyper-V on a h ...)
	NOT-FOR-US: Microsoft
CVE-2019-0710 (A denial of service vulnerability exists when Microsoft Hyper-V on a h ...)
	NOT-FOR-US: Microsoft
CVE-2019-0709 (A remote code execution vulnerability exists when Windows Hyper-V on a ...)
	NOT-FOR-US: Microsoft
CVE-2019-0708 (A remote code execution vulnerability exists in Remote Desktop Service ...)
	NOT-FOR-US: Microsoft
CVE-2019-0707 (An elevation of privilege vulnerability exists in the Network Driver I ...)
	NOT-FOR-US: Microsoft
CVE-2019-0706
	REJECTED
CVE-2019-0705
	REJECTED
CVE-2019-0704 (An information disclosure vulnerability exists in the way that the Win ...)
	NOT-FOR-US: Windows SMB Server
CVE-2019-0703 (An information disclosure vulnerability exists in the way that the Win ...)
	NOT-FOR-US: Windows SMB Server
CVE-2019-0702 (An information disclosure vulnerability exists when the Windows kernel ...)
	NOT-FOR-US: Microsoft Windows
CVE-2019-0701 (A denial of service vulnerability exists when Microsoft Hyper-V on a h ...)
	NOT-FOR-US: Microsoft
CVE-2019-0700
	REJECTED
CVE-2019-0699
	REJECTED
CVE-2019-0698 (A memory corruption vulnerability exists in the Windows DHCP client wh ...)
	NOT-FOR-US: Microsoft
CVE-2019-0697 (A memory corruption vulnerability exists in the Windows DHCP client wh ...)
	NOT-FOR-US: Microsoft
CVE-2019-0696 (An elevation of privilege vulnerability exists when the Windows kernel ...)
	NOT-FOR-US: Microsoft Windows
CVE-2019-0695 (A denial of service vulnerability exists when Microsoft Hyper-V on a h ...)
	NOT-FOR-US: Microsoft
CVE-2019-0694 (An elevation of privilege vulnerability exists due to an integer overf ...)
	NOT-FOR-US: Microsoft Windows Subsystem for Linux
CVE-2019-0693 (An elevation of privilege vulnerability exists due to an integer overf ...)
	NOT-FOR-US: Microsoft Windows Subsystem for Linux
CVE-2019-0692 (An elevation of privilege vulnerability exists due to an integer overf ...)
	NOT-FOR-US: Microsoft Windows Subsystem for Linux
CVE-2019-0691
	REJECTED
CVE-2019-0690 (A denial of service vulnerability exists when Microsoft Hyper-V Networ ...)
	NOT-FOR-US: Microsoft
CVE-2019-0689 (An elevation of privilege vulnerability exists due to an integer overf ...)
	NOT-FOR-US: Microsoft Windows Subsystem for Linux
CVE-2019-0688 (An information disclosure vulnerability exists when the Windows TCP/IP ...)
	NOT-FOR-US: Microsoft Windows
CVE-2019-0687
	REJECTED
CVE-2019-0686 (An elevation of privilege vulnerability exists in Microsoft Exchange S ...)
	NOT-FOR-US: Microsoft
CVE-2019-0685 (An elevation of privilege vulnerability exists in Windows when the Win ...)
	NOT-FOR-US: Microsoft Windows
CVE-2019-0684
	REJECTED
CVE-2019-0683 (An elevation of privilege vulnerability exists in Active Directory For ...)
	NOT-FOR-US: Microsoft
CVE-2019-0682 (An elevation of privilege vulnerability exists due to an integer overf ...)
	NOT-FOR-US: Microsoft Windows Subsystem for Linux
CVE-2019-0681
	REJECTED
CVE-2019-0680 (A remote code execution vulnerability exists in the way that the scrip ...)
	NOT-FOR-US: Microsoft
CVE-2019-0679
	REJECTED
CVE-2019-0678 (An elevation of privilege vulnerability exists when Microsoft Edge doe ...)
	NOT-FOR-US: Microsoft
CVE-2019-0677
	REJECTED
CVE-2019-0676 (An information disclosure vulnerability exists when Internet Explorer  ...)
	NOT-FOR-US: Microsoft
CVE-2019-0675 (A remote code execution vulnerability exists when the Microsoft Office ...)
	NOT-FOR-US: Microsoft
CVE-2019-0674 (A remote code execution vulnerability exists when the Microsoft Office ...)
	NOT-FOR-US: Microsoft
CVE-2019-0673 (A remote code execution vulnerability exists when the Microsoft Office ...)
	NOT-FOR-US: Microsoft
CVE-2019-0672 (A remote code execution vulnerability exists when the Microsoft Office ...)
	NOT-FOR-US: Microsoft
CVE-2019-0671 (A remote code execution vulnerability exists when the Microsoft Office ...)
	NOT-FOR-US: Microsoft
CVE-2019-0670 (A spoofing vulnerability exists in Microsoft SharePoint when the appli ...)
	NOT-FOR-US: Microsoft
CVE-2019-0669 (An information disclosure vulnerability exists when Microsoft Excel im ...)
	NOT-FOR-US: Microsoft
CVE-2019-0668 (An elevation of privilege vulnerability exists when Microsoft SharePoi ...)
	NOT-FOR-US: Microsoft
CVE-2019-0667 (A remote code execution vulnerability exists in the way that the VBScr ...)
	NOT-FOR-US: Microsoft
CVE-2019-0666 (A remote code execution vulnerability exists in the way that the VBScr ...)
	NOT-FOR-US: Microsoft
CVE-2019-0665 (A remote code execution vulnerability exists in the way that the VBScr ...)
	NOT-FOR-US: Microsoft
CVE-2019-0664 (An information disclosure vulnerability exists when the Windows GDI co ...)
	NOT-FOR-US: Microsoft
CVE-2019-0663 (An information disclosure vulnerability exists when the Windows kernel ...)
	NOT-FOR-US: Microsoft
CVE-2019-0662 (A remote code execution vulnerability exists in the way that the Windo ...)
	NOT-FOR-US: Microsoft
CVE-2019-0661 (An information disclosure vulnerability exists when the Windows kernel ...)
	NOT-FOR-US: Microsoft
CVE-2019-0660 (An information disclosure vulnerability exists when the Windows GDI co ...)
	NOT-FOR-US: Microsoft
CVE-2019-0659 (An elevation of privilege vulnerability exists when the Storage Servic ...)
	NOT-FOR-US: Microsoft
CVE-2019-0658 (An information disclosure vulnerability exists when the scripting engi ...)
	NOT-FOR-US: Microsoft
CVE-2019-0657 (A vulnerability exists in certain .Net Framework API's and Visual Stud ...)
	NOT-FOR-US: .NET core
CVE-2019-0656 (An elevation of privilege vulnerability exists when the Windows kernel ...)
	NOT-FOR-US: Microsoft
CVE-2019-0655 (A remote code execution vulnerability exists in the way that the scrip ...)
	NOT-FOR-US: Microsoft
CVE-2019-0654 (A spoofing vulnerability exists when Microsoft browsers improperly han ...)
	NOT-FOR-US: Microsoft
CVE-2019-0653
	REJECTED
CVE-2019-0652 (A remote code execution vulnerability exists in the way that the scrip ...)
	NOT-FOR-US: Microsoft
CVE-2019-0651 (A remote code execution vulnerability exists in the way that the scrip ...)
	NOT-FOR-US: Microsoft
CVE-2019-0650 (A remote code execution vulnerability exists when Microsoft Edge impro ...)
	NOT-FOR-US: Microsoft
CVE-2019-0649 (A vulnerability exists in Microsoft Chakra JIT server, aka 'Scripting  ...)
	NOT-FOR-US: Microsoft
CVE-2019-0648 (An information disclosure vulnerability exists when Chakra improperly  ...)
	NOT-FOR-US: Microsoft
CVE-2019-0647 (An information disclosure vulnerability exists when Team Foundation Se ...)
	NOT-FOR-US: Microsoft
CVE-2019-0646 (A Cross-site Scripting (XSS) vulnerability exists when Team Foundation ...)
	NOT-FOR-US: Microsoft
CVE-2019-0645 (A remote code execution vulnerability exists when Microsoft Edge impro ...)
	NOT-FOR-US: Microsoft
CVE-2019-0644 (A remote code execution vulnerability exists in the way that the scrip ...)
	NOT-FOR-US: Microsoft
CVE-2019-0643 (An information disclosure vulnerability exists in the way that Microso ...)
	NOT-FOR-US: Microsoft
CVE-2019-0642 (A remote code execution vulnerability exists in the way that the scrip ...)
	NOT-FOR-US: Microsoft
CVE-2019-0641 (A security feature bypass vulnerability exists in Microsoft Edge handl ...)
	NOT-FOR-US: Microsoft
CVE-2019-0640 (A remote code execution vulnerability exists in the way that the scrip ...)
	NOT-FOR-US: Microsoft
CVE-2019-0639 (A remote code execution vulnerability exists in the way that the Chakr ...)
	NOT-FOR-US: Microsoft
CVE-2019-0638
	REJECTED
CVE-2019-0637 (A security feature bypass vulnerability exists when Windows Defender F ...)
	NOT-FOR-US: Microsoft
CVE-2019-0636 (An information vulnerability exists when Windows improperly discloses  ...)
	NOT-FOR-US: Microsoft
CVE-2019-0635 (An information disclosure vulnerability exists when Windows Hyper-V on ...)
	NOT-FOR-US: Microsoft
CVE-2019-0634 (A remote code execution vulnerability exists when Microsoft Edge impro ...)
	NOT-FOR-US: Microsoft
CVE-2019-0633 (A remote code execution vulnerability exists in the way that the Micro ...)
	NOT-FOR-US: Microsoft
CVE-2019-0632 (A security feature bypass vulnerability exists in Windows which could  ...)
	NOT-FOR-US: Microsoft
CVE-2019-0631 (A security feature bypass vulnerability exists in Windows which could  ...)
	NOT-FOR-US: Microsoft
CVE-2019-0630 (A remote code execution vulnerability exists in the way that the Micro ...)
	NOT-FOR-US: Microsoft
CVE-2019-0629
	REJECTED
CVE-2019-0628 (An information disclosure vulnerability exists when the win32k compone ...)
	NOT-FOR-US: Microsoft
CVE-2019-0627 (A security feature bypass vulnerability exists in Windows which could  ...)
	NOT-FOR-US: Microsoft
CVE-2019-0626 (A memory corruption vulnerability exists in the Windows Server DHCP se ...)
	NOT-FOR-US: Microsoft
CVE-2019-0625 (A remote code execution vulnerability exists when the Windows Jet Data ...)
	NOT-FOR-US: Microsoft
CVE-2019-0624 (A spoofing vulnerability exists when a Skype for Business 2015 server  ...)
	NOT-FOR-US: Microsoft
CVE-2019-0623 (An elevation of privilege vulnerability exists in Windows when the Win ...)
	NOT-FOR-US: Microsoft
CVE-2019-0622 (An elevation of privilege vulnerability exists when Skype for Andriod  ...)
	NOT-FOR-US: Skype for Android
CVE-2019-0621 (An information disclosure vulnerability exists when the Windows kernel ...)
	NOT-FOR-US: Microsoft
CVE-2019-0620 (A remote code execution vulnerability exists when Windows Hyper-V on a ...)
	NOT-FOR-US: Microsoft
CVE-2019-0619 (An information disclosure vulnerability exists when the Windows GDI co ...)
	NOT-FOR-US: Microsoft
CVE-2019-0618 (A remote code execution vulnerability exists in the way that the Windo ...)
	NOT-FOR-US: Microsoft
CVE-2019-0617 (A remote code execution vulnerability exists when the Windows Jet Data ...)
	NOT-FOR-US: Microsoft
CVE-2019-0616 (An information disclosure vulnerability exists when the Windows GDI co ...)
	NOT-FOR-US: Microsoft
CVE-2019-0615 (An information disclosure vulnerability exists when the Windows GDI co ...)
	NOT-FOR-US: Microsoft
CVE-2019-0614 (An information disclosure vulnerability exists when the Windows GDI co ...)
	NOT-FOR-US: Microsoft
CVE-2019-0613 (A remote code execution vulnerability exists in .NET Framework and Vis ...)
	NOT-FOR-US: Microsoft
CVE-2019-0612 (A security feature bypass vulnerability exists when Click2Play protect ...)
	NOT-FOR-US: Microsoft
CVE-2019-0611 (A remote code execution vulnerability exists in the way that the Chakr ...)
	NOT-FOR-US: Microsoft
CVE-2019-0610 (A remote code execution vulnerability exists in the way that the scrip ...)
	NOT-FOR-US: Microsoft
CVE-2019-0609 (A remote code execution vulnerability exists in the way the scripting  ...)
	NOT-FOR-US: Microsoft
CVE-2019-0608 (A spoofing vulnerability exists when Microsoft Browsers does not prope ...)
	NOT-FOR-US: Microsoft
CVE-2019-0607 (A remote code execution vulnerability exists in the way that the scrip ...)
	NOT-FOR-US: Microsoft
CVE-2019-0606 (A remote code execution vulnerability exists when Internet Explorer im ...)
	NOT-FOR-US: Microsoft
CVE-2019-0605 (A remote code execution vulnerability exists in the way that the scrip ...)
	NOT-FOR-US: Microsoft
CVE-2019-0604 (A remote code execution vulnerability exists in Microsoft SharePoint w ...)
	NOT-FOR-US: Microsoft
CVE-2019-0603 (A remote code execution vulnerability exists in the way that Windows D ...)
	NOT-FOR-US: Microsoft
CVE-2019-0602 (An information disclosure vulnerability exists when the Windows GDI co ...)
	NOT-FOR-US: Microsoft
CVE-2019-0601 (An information disclosure vulnerability exists when the Human Interfac ...)
	NOT-FOR-US: Microsoft
CVE-2019-0600 (An information disclosure vulnerability exists when the Human Interfac ...)
	NOT-FOR-US: Microsoft
CVE-2019-0599 (A remote code execution vulnerability exists when the Windows Jet Data ...)
	NOT-FOR-US: Microsoft
CVE-2019-0598 (A remote code execution vulnerability exists when the Windows Jet Data ...)
	NOT-FOR-US: Microsoft
CVE-2019-0597 (A remote code execution vulnerability exists when the Windows Jet Data ...)
	NOT-FOR-US: Microsoft
CVE-2019-0596 (A remote code execution vulnerability exists when the Windows Jet Data ...)
	NOT-FOR-US: Microsoft
CVE-2019-0595 (A remote code execution vulnerability exists when the Windows Jet Data ...)
	NOT-FOR-US: Microsoft
CVE-2019-0594 (A remote code execution vulnerability exists in Microsoft SharePoint w ...)
	NOT-FOR-US: Microsoft
CVE-2019-0593 (A remote code execution vulnerability exists in the way that the scrip ...)
	NOT-FOR-US: Microsoft
CVE-2019-0592 (A remote code execution vulnerability exists in the way that the Chakr ...)
	NOT-FOR-US: Microsoft
CVE-2019-0591 (A remote code execution vulnerability exists in the way that the scrip ...)
	NOT-FOR-US: Microsoft
CVE-2019-0590 (A remote code execution vulnerability exists in the way that the scrip ...)
	NOT-FOR-US: Microsoft
CVE-2019-0589
	REJECTED
CVE-2019-0588 (An information disclosure vulnerability exists when the Microsoft Exch ...)
	NOT-FOR-US: Microsoft
CVE-2019-0587
	REJECTED
CVE-2019-0586 (A remote code execution vulnerability exists in Microsoft Exchange sof ...)
	NOT-FOR-US: Microsoft
CVE-2019-0585 (A remote code execution vulnerability exists in Microsoft Word softwar ...)
	NOT-FOR-US: Microsoft
CVE-2019-0584 (A remote code execution vulnerability exists when the Windows Jet Data ...)
	NOT-FOR-US: Microsoft
CVE-2019-0583 (A remote code execution vulnerability exists when the Windows Jet Data ...)
	NOT-FOR-US: Microsoft
CVE-2019-0582 (A remote code execution vulnerability exists when the Windows Jet Data ...)
	NOT-FOR-US: Microsoft
CVE-2019-0581 (A remote code execution vulnerability exists when the Windows Jet Data ...)
	NOT-FOR-US: Microsoft
CVE-2019-0580 (A remote code execution vulnerability exists when the Windows Jet Data ...)
	NOT-FOR-US: Microsoft
CVE-2019-0579 (A remote code execution vulnerability exists when the Windows Jet Data ...)
	NOT-FOR-US: Microsoft
CVE-2019-0578 (A remote code execution vulnerability exists when the Windows Jet Data ...)
	NOT-FOR-US: Microsoft
CVE-2019-0577 (A remote code execution vulnerability exists when the Windows Jet Data ...)
	NOT-FOR-US: Microsoft
CVE-2019-0576 (A remote code execution vulnerability exists when the Windows Jet Data ...)
	NOT-FOR-US: Microsoft
CVE-2019-0575 (A remote code execution vulnerability exists when the Windows Jet Data ...)
	NOT-FOR-US: Microsoft
CVE-2019-0574 (An elevation of privilege vulnerability exists when the Windows Data S ...)
	NOT-FOR-US: Microsoft
CVE-2019-0573 (An elevation of privilege vulnerability exists when the Windows Data S ...)
	NOT-FOR-US: Microsoft
CVE-2019-0572 (An elevation of privilege vulnerability exists when the Windows Data S ...)
	NOT-FOR-US: Microsoft
CVE-2019-0571 (An elevation of privilege vulnerability exists when the Windows Data S ...)
	NOT-FOR-US: Microsoft
CVE-2019-0570 (An elevation of privilege vulnerability exists when the Windows Runtim ...)
	NOT-FOR-US: Microsoft
CVE-2019-0569 (An information disclosure vulnerability exists when the Windows kernel ...)
	NOT-FOR-US: Microsoft
CVE-2019-0568 (A remote code execution vulnerability exists in the way that the Chakr ...)
	NOT-FOR-US: Microsoft
CVE-2019-0567 (A remote code execution vulnerability exists in the way that the Chakr ...)
	NOT-FOR-US: Microsoft
CVE-2019-0566 (An elevation of privilege vulnerability exists in Microsoft Edge Brows ...)
	NOT-FOR-US: Microsoft
CVE-2019-0565 (A remote code execution vulnerability exists when Microsoft Edge impro ...)
	NOT-FOR-US: Microsoft
CVE-2019-0564 (A denial of service vulnerability exists when ASP.NET Core improperly  ...)
	NOT-FOR-US: .NET core
CVE-2019-0563
	REJECTED
CVE-2019-0562 (An elevation of privilege vulnerability exists when Microsoft SharePoi ...)
	NOT-FOR-US: Microsoft
CVE-2019-0561 (An information disclosure vulnerability exists when Microsoft Word mac ...)
	NOT-FOR-US: Microsoft
CVE-2019-0560 (An information disclosure vulnerability exists when Microsoft Office i ...)
	NOT-FOR-US: Microsoft
CVE-2019-0559 (An information disclosure vulnerability exists when Microsoft Outlook  ...)
	NOT-FOR-US: Microsoft
CVE-2019-0558 (A cross-site-scripting (XSS) vulnerability exists when Microsoft Share ...)
	NOT-FOR-US: Microsoft
CVE-2019-0557 (A cross-site-scripting (XSS) vulnerability exists when Microsoft Share ...)
	NOT-FOR-US: Microsoft
CVE-2019-0556 (A cross-site-scripting (XSS) vulnerability exists when Microsoft Share ...)
	NOT-FOR-US: Microsoft
CVE-2019-0555 (An elevation of privilege vulnerability exists in the Microsoft XmlDoc ...)
	NOT-FOR-US: Microsoft
CVE-2019-0554 (An information disclosure vulnerability exists when the Windows kernel ...)
	NOT-FOR-US: Microsoft
CVE-2019-0553 (An information disclosure vulnerability exists when Windows Subsystem  ...)
	NOT-FOR-US: Microsoft
CVE-2019-0552 (An elevation of privilege exists in Windows COM Desktop Broker, aka "W ...)
	NOT-FOR-US: Microsoft
CVE-2019-0551 (A remote code execution vulnerability exists when Windows Hyper-V on a ...)
	NOT-FOR-US: Microsoft
CVE-2019-0550 (A remote code execution vulnerability exists when Windows Hyper-V on a ...)
	NOT-FOR-US: Microsoft
CVE-2019-0549 (An information disclosure vulnerability exists when the Windows kernel ...)
	NOT-FOR-US: Microsoft
CVE-2019-0548 (A denial of service vulnerability exists when ASP.NET Core improperly  ...)
	NOT-FOR-US: .NET core
CVE-2019-0547 (A memory corruption vulnerability exists in the Windows DHCP client wh ...)
	NOT-FOR-US: Microsoft
CVE-2019-0546 (A remote code execution vulnerability exists in Visual Studio when the ...)
	NOT-FOR-US: Microsoft
CVE-2019-0545 (An information disclosure vulnerability exists in .NET Framework and . ...)
	NOT-FOR-US: .NET core
CVE-2019-0544
	REJECTED
CVE-2019-0543 (An elevation of privilege vulnerability exists when Windows improperly ...)
	NOT-FOR-US: Microsoft
CVE-2019-0542 (A remote code execution vulnerability exists in Xterm.js when the comp ...)
	- node-xterm 3.8.1-1 (unimportant; bug #926670)
	NOTE: nodejs not covered by security support
CVE-2019-0541 (A remote code execution vulnerability exists in the way that the MSHTM ...)
	NOT-FOR-US: Microsoft
CVE-2019-0540 (A security feature bypass vulnerability exists when Microsoft Office d ...)
	NOT-FOR-US: Microsoft
CVE-2019-0539 (A remote code execution vulnerability exists in the way that the Chakr ...)
	NOT-FOR-US: Microsoft
CVE-2019-0538 (A remote code execution vulnerability exists when the Windows Jet Data ...)
	NOT-FOR-US: Microsoft
CVE-2019-0537 (An information disclosure vulnerability exists when Visual Studio impr ...)
	NOT-FOR-US: Microsoft
CVE-2019-0536 (An information disclosure vulnerability exists when the Windows kernel ...)
	NOT-FOR-US: Microsoft
CVE-2019-0535
	RESERVED
CVE-2019-0534
	RESERVED
CVE-2019-0533
	RESERVED
CVE-2019-0532
	RESERVED
CVE-2019-0531
	RESERVED
CVE-2019-0530
	RESERVED
CVE-2019-0529
	RESERVED
CVE-2019-0528
	RESERVED
CVE-2019-0527
	RESERVED
CVE-2019-0526
	RESERVED
CVE-2019-0525
	RESERVED
CVE-2019-0524
	RESERVED
CVE-2019-0523
	RESERVED
CVE-2019-0522
	RESERVED
CVE-2019-0521
	RESERVED
CVE-2019-0520
	RESERVED
CVE-2019-0519
	RESERVED
CVE-2019-0518
	RESERVED
CVE-2019-0517
	RESERVED
CVE-2019-0516
	RESERVED
CVE-2019-0515
	RESERVED
CVE-2019-0514
	RESERVED
CVE-2019-0513
	RESERVED
CVE-2019-0512
	RESERVED
CVE-2019-0511
	RESERVED
CVE-2019-0510
	RESERVED
CVE-2019-0509
	RESERVED
CVE-2019-0508
	RESERVED
CVE-2019-0507
	RESERVED
CVE-2019-0506
	RESERVED
CVE-2019-0505
	RESERVED
CVE-2019-0504
	RESERVED
CVE-2019-0503
	RESERVED
CVE-2019-0502
	RESERVED
CVE-2019-0501
	RESERVED
CVE-2019-0500
	RESERVED
CVE-2019-0499
	RESERVED
CVE-2019-0498
	RESERVED
CVE-2019-0497
	RESERVED
CVE-2019-0496
	RESERVED
CVE-2019-0495
	RESERVED
CVE-2019-0494
	RESERVED
CVE-2019-0493
	RESERVED
CVE-2019-0492
	RESERVED
CVE-2019-0491
	RESERVED
CVE-2019-0490
	RESERVED
CVE-2019-0489
	RESERVED
CVE-2019-0488
	RESERVED
CVE-2019-0487
	RESERVED
CVE-2019-0486
	RESERVED
CVE-2019-0485
	RESERVED
CVE-2019-0484
	RESERVED
CVE-2019-0483
	RESERVED
CVE-2019-0482
	RESERVED
CVE-2019-0481
	RESERVED
CVE-2019-0480
	RESERVED
CVE-2019-0479
	RESERVED
CVE-2019-0478
	RESERVED
CVE-2019-0477
	RESERVED
CVE-2019-0476
	RESERVED
CVE-2019-0475
	RESERVED
CVE-2019-0474
	RESERVED
CVE-2019-0473
	RESERVED
CVE-2019-0472
	RESERVED
CVE-2019-0471
	RESERVED
CVE-2019-0470
	RESERVED
CVE-2019-0469
	RESERVED
CVE-2019-0468
	RESERVED
CVE-2019-0467
	RESERVED
CVE-2019-0466
	RESERVED
CVE-2019-0465
	RESERVED
CVE-2019-0464
	RESERVED
CVE-2019-0463
	RESERVED
CVE-2019-0462
	RESERVED
CVE-2019-0461
	RESERVED
CVE-2019-0460
	RESERVED
CVE-2019-0459
	RESERVED
CVE-2019-0458
	RESERVED
CVE-2019-0457
	RESERVED
CVE-2019-0456
	RESERVED
CVE-2019-0455
	RESERVED
CVE-2019-0454
	RESERVED
CVE-2019-0453
	RESERVED
CVE-2019-0452
	RESERVED
CVE-2019-0451
	RESERVED
CVE-2019-0450
	RESERVED
CVE-2019-0449
	RESERVED
CVE-2019-0448
	RESERVED
CVE-2019-0447
	RESERVED
CVE-2019-0446
	RESERVED
CVE-2019-0445
	RESERVED
CVE-2019-0444
	RESERVED
CVE-2019-0443
	RESERVED
CVE-2019-0442
	RESERVED
CVE-2019-0441
	RESERVED
CVE-2019-0440
	RESERVED
CVE-2019-0439
	RESERVED
CVE-2019-0438
	RESERVED
CVE-2019-0437
	RESERVED
CVE-2019-0436
	RESERVED
CVE-2019-0435
	RESERVED
CVE-2019-0434
	RESERVED
CVE-2019-0433
	RESERVED
CVE-2019-0432
	RESERVED
CVE-2019-0431
	RESERVED
CVE-2019-0430
	RESERVED
CVE-2019-0429
	RESERVED
CVE-2019-0428
	RESERVED
CVE-2019-0427
	RESERVED
CVE-2019-0426
	RESERVED
CVE-2019-0425
	RESERVED
CVE-2019-0424
	RESERVED
CVE-2019-0423
	RESERVED
CVE-2019-0422
	RESERVED
CVE-2019-0421
	RESERVED
CVE-2019-0420
	RESERVED
CVE-2019-0419
	RESERVED
CVE-2019-0418
	RESERVED
CVE-2019-0417
	RESERVED
CVE-2019-0416
	RESERVED
CVE-2019-0415
	RESERVED
CVE-2019-0414
	RESERVED
CVE-2019-0413
	RESERVED
CVE-2019-0412
	RESERVED
CVE-2019-0411
	RESERVED
CVE-2019-0410
	RESERVED
CVE-2019-0409
	RESERVED
CVE-2019-0408
	RESERVED
CVE-2019-0407
	RESERVED
CVE-2019-0406
	RESERVED
CVE-2019-0405 (SAP Enable Now, before version 1911, leaks information about the exist ...)
	NOT-FOR-US: SAP
CVE-2019-0404 (SAP Enable Now, before version 1911, leaks information about network c ...)
	NOT-FOR-US: SAP
CVE-2019-0403 (SAP Enable Now, before version 1911, allows an attacker to input comma ...)
	NOT-FOR-US: SAP
CVE-2019-0402 (SAP Adaptive Server Enterprise, before versions 15.7 and 16.0, under c ...)
	NOT-FOR-US: SAP
CVE-2019-0401
	RESERVED
CVE-2019-0400
	RESERVED
CVE-2019-0399 (SAP Portfolio and Project Management, before versions S4CORE 102, 103, ...)
	NOT-FOR-US: SAP
CVE-2019-0398 (Due to insufficient CSRF protection, SAP BusinessObjects Business Inte ...)
	NOT-FOR-US: SAP
CVE-2019-0397
	RESERVED
CVE-2019-0396 (SAP BusinessObjects Business Intelligence Platform (Web Intelligence H ...)
	NOT-FOR-US: SAP
CVE-2019-0395 (SAP BusinessObjects Business Intelligence Platform (Fiori BI Launchpad ...)
	NOT-FOR-US: SAP
CVE-2019-0394
	RESERVED
CVE-2019-0393 (An SQL Injection vulnerability in SAP Quality Management (corrected in ...)
	NOT-FOR-US: SAP
CVE-2019-0392
	RESERVED
CVE-2019-0391 (Under certain conditions SAP NetWeaver AS Java (corrected in 7.10, 7.2 ...)
	NOT-FOR-US: SAP
CVE-2019-0390 (Under certain conditions SAP Data Hub (corrected in DH_Foundation vers ...)
	NOT-FOR-US: SAP
CVE-2019-0389 (An administrator of SAP NetWeaver Application Server Java (J2EE-Framew ...)
	NOT-FOR-US: SAP
CVE-2019-0388 (SAP UI5 HTTP Handler (corrected in SAP_UI versions 7.5, 7.51, 7.52, 7. ...)
	NOT-FOR-US: SAP
CVE-2019-0387
	RESERVED
CVE-2019-0386 (Order processing in SAP ERP Sales (corrected in SAP_APPL 6.0, 6.02, 6. ...)
	NOT-FOR-US: SAP
CVE-2019-0385 (SAP Enable Now, before version 1908, does not sufficiently encode user ...)
	NOT-FOR-US: SAP
CVE-2019-0384 (Transaction Management in SAP Treasury and Risk Management (corrected  ...)
	NOT-FOR-US: SAP
CVE-2019-0383 (Transaction Management in SAP Treasury and Risk Management (corrected  ...)
	NOT-FOR-US: SAP
CVE-2019-0382 (A Cross-Site Scripting vulnerability exists in SAP BusinessObjects Bus ...)
	NOT-FOR-US: SAP
CVE-2019-0381 (A binary planting in SAP SQL Anywhere, before version 17.0, SAP IQ, be ...)
	NOT-FOR-US: SAP
CVE-2019-0380 (Under certain conditions, SAP Landscape Management enterprise edition, ...)
	NOT-FOR-US: SAP
CVE-2019-0379 (SAP Process Integration, business-to-business add-on, versions 1.0, 2. ...)
	NOT-FOR-US: SAP
CVE-2019-0378 (SAP BusinessObjects Business Intelligence Platform (Web Intelligence H ...)
	NOT-FOR-US: SAP
CVE-2019-0377 (SAP BusinessObjects Business Intelligence Platform (Web Intelligence H ...)
	NOT-FOR-US: SAP
CVE-2019-0376 (SAP BusinessObjects Business Intelligence Platform (Web Intelligence H ...)
	NOT-FOR-US: SAP
CVE-2019-0375 (SAP BusinessObjects Business Intelligence Platform (Web Intelligence H ...)
	NOT-FOR-US: SAP
CVE-2019-0374 (SAP BusinessObjects Business Intelligence Platform (Web Intelligence H ...)
	NOT-FOR-US: SAP
CVE-2019-0373
	RESERVED
CVE-2019-0372
	RESERVED
CVE-2019-0371
	RESERVED
CVE-2019-0370 (Due to missing input validation, SAP Financial Consolidation, before v ...)
	NOT-FOR-US: SAP
CVE-2019-0369 (SAP Financial Consolidation, before versions 10.0 and 10.1, does not s ...)
	NOT-FOR-US: SAP
CVE-2019-0368 (SAP Customer Relationship Management (Email Management), versions: S4C ...)
	NOT-FOR-US: SAP
CVE-2019-0367 (SAP NetWeaver Process Integration (B2B Toolkit), before versions 1.0 a ...)
	NOT-FOR-US: SAP
CVE-2019-0366
	RESERVED
CVE-2019-0365 (SAP Kernel (RFC), KRNL32NUC, KRNL32UC and KRNL64NUC before versions 7. ...)
	NOT-FOR-US: SAP
CVE-2019-0364 (Attackers may misuse an HTTP/REST endpoint of SAP HANA Extended Applic ...)
	NOT-FOR-US: SAP
CVE-2019-0363 (Attackers may misuse an HTTP/REST endpoint of SAP HANA Extended Applic ...)
	NOT-FOR-US: SAP
CVE-2019-0362
	RESERVED
CVE-2019-0361 (SAP Supplier Relationship Management (Master Data Management Catalog - ...)
	NOT-FOR-US: SAP
CVE-2019-0360
	RESERVED
CVE-2019-0359
	RESERVED
CVE-2019-0358
	RESERVED
CVE-2019-0357 (The administrator of SAP HANA database, before versions 1.0 and 2.0, c ...)
	NOT-FOR-US: SAP
CVE-2019-0356 (Under certain conditions SAP NetWeaver Process Integration Runtime Wor ...)
	NOT-FOR-US: SAP
CVE-2019-0355 (SAP NetWeaver Application Server Java Web Container, ENGINEAPI (before ...)
	NOT-FOR-US: SAP
CVE-2019-0354
	RESERVED
CVE-2019-0353 (Under certain conditions SAP Business One client (B1_ON_HANA, SAP-M-BO ...)
	NOT-FOR-US: SAP
CVE-2019-0352 (In SAP Business Objects Business Intelligence Platform, before version ...)
	NOT-FOR-US: SAP
CVE-2019-0351 (A remote code execution vulnerability exists in the SAP NetWeaver UDDI ...)
	NOT-FOR-US: SAP
CVE-2019-0350 (SAP HANA Database, versions 1.0, 2.0, allows an unauthorized attacker  ...)
	NOT-FOR-US: SAP
CVE-2019-0349 (SAP Kernel (ABAP Debugger), versions KRNL32NUC 7.21, 7.21EXT, 7.22, 7. ...)
	NOT-FOR-US: SAP
CVE-2019-0348 (SAP BusinessObjects Business Intelligence Platform (Web Intelligence), ...)
	NOT-FOR-US: SAP
CVE-2019-0347
	RESERVED
CVE-2019-0346 (Unencrypted communication error in SAP Business Objects Business Intel ...)
	NOT-FOR-US: SAP
CVE-2019-0345 (A remote unauthenticated attacker can abuse a web service in SAP NetWe ...)
	NOT-FOR-US: SAP
CVE-2019-0344 (Due to unsafe deserialization used in SAP Commerce Cloud (virtualjdbc  ...)
	NOT-FOR-US: SAP
CVE-2019-0343 (SAP Commerce Cloud (Mediaconversion Extension), versions 6.4, 6.5, 6.6 ...)
	NOT-FOR-US: SAP
CVE-2019-0342
	RESERVED
CVE-2019-0341 (The session cookie used by SAP Enable Now, version 1902, does not have ...)
	NOT-FOR-US: SAP
CVE-2019-0340 (The XML parser, which is being used by SAP Enable Now, before version  ...)
	NOT-FOR-US: SAP
CVE-2019-0339
	RESERVED
CVE-2019-0338 (During an OData V2/V4 request in SAP Gateway, versions 750, 751, 752,  ...)
	NOT-FOR-US: SAP
CVE-2019-0337 (Java Proxy Runtime of SAP NetWeaver Process Integration, versions 7.10 ...)
	NOT-FOR-US: SAP
CVE-2019-0336
	RESERVED
CVE-2019-0335 (Under certain conditions SAP BusinessObjects Business Intelligence Pla ...)
	NOT-FOR-US: SAP
CVE-2019-0334 (When creating a module in SAP BusinessObjects Business Intelligence Pl ...)
	NOT-FOR-US: SAP
CVE-2019-0333 (In some situations, when a client cancels a query in SAP BusinessObjec ...)
	NOT-FOR-US: SAP
CVE-2019-0332 (SAP BusinessObjects Business Intelligence Platform (Info View), versio ...)
	NOT-FOR-US: SAP
CVE-2019-0331 (Under certain conditions, SAP BusinessObjects Business Intelligence Pl ...)
	NOT-FOR-US: SAP
CVE-2019-0330 (The OS Command Plugin in the transaction GPA_ADMIN and the OSCommand C ...)
	NOT-FOR-US: SAP
CVE-2019-0329 (SAP Information Steward, version 4.2, does not sufficiently encode use ...)
	NOT-FOR-US: SAP
CVE-2019-0328 (ABAP Tests Modules (SAP Basis, versions 7.0, 7.1, 7.3, 7.31, 7.4, 7.5) ...)
	NOT-FOR-US: SAP
CVE-2019-0327 (SAP NetWeaver for Java Application Server - Web Container, (engineapi, ...)
	NOT-FOR-US: SAP
CVE-2019-0326 (SAP BusinessObjects Business Intelligence Platform (BI Workspace) (Ent ...)
	NOT-FOR-US: SAP
CVE-2019-0325 (SAP ERP HCM (SAP_HRCES) , version 3, does not perform necessary author ...)
	NOT-FOR-US: SAP
CVE-2019-0324
	RESERVED
CVE-2019-0323
	RESERVED
CVE-2019-0322 (SAP Commerce Cloud (previously known as SAP Hybris Commerce), (HY_COM, ...)
	NOT-FOR-US: SAP
CVE-2019-0321 (ABAP Server and ABAP Platform (SAP Basis), versions, 7.31, 7.4, 7.5, d ...)
	NOT-FOR-US: SAP
CVE-2019-0320
	RESERVED
CVE-2019-0319 (The SAP Gateway, versions 7.5, 7.51, 7.52 and 7.53, allows an attacker ...)
	NOT-FOR-US: SAP
CVE-2019-0318 (Under certain conditions SAP NetWeaver Application Server for Java (St ...)
	NOT-FOR-US: SAP
CVE-2019-0317
	RESERVED
CVE-2019-0316 (SAP NetWeaver Process Integration, versions: SAP_XIESR: 7.20, SAP_XITO ...)
	NOT-FOR-US: SAP NetWeaver Process Integration
CVE-2019-0315 (Under certain conditions the PI Integration Builder Web UI of SAP NetW ...)
	NOT-FOR-US: SAP
CVE-2019-0314 (SAP Work Manager, versions: 6.3, 6.4, 6.5 and SAP Inventory Manager, v ...)
	NOT-FOR-US: SAP Work Manager
CVE-2019-0313
	RESERVED
CVE-2019-0312 (Several web pages provided SAP NetWeaver Process Integration (versions ...)
	NOT-FOR-US: SAP
CVE-2019-0311 (Automotive Dealer Portal in SAP R/3 Enterprise Application (versions:  ...)
	NOT-FOR-US: SAP
CVE-2019-0310
	RESERVED
CVE-2019-0309
	RESERVED
CVE-2019-0308 (An authenticated attacker in SAP E-Commerce (Business-to-Consumer appl ...)
	NOT-FOR-US: SAP
CVE-2019-0307 (Diagnostics Agent in Solution Manager, version 7.2, stores several cre ...)
	NOT-FOR-US: SAP / Solution Manager
CVE-2019-0306 (SAP HANA Extended Application Services (advanced model), version 1, al ...)
	NOT-FOR-US: SAP HANA Extended Application Services
CVE-2019-0305 (Java Server Pages (JSPs) provided by the SAP NetWeaver Process Integra ...)
	NOT-FOR-US: SAP NetWeaver Process Integration
CVE-2019-0304 (FTP Function of SAP NetWeaver AS ABAP Platform, versions- KRNL32NUC 7. ...)
	NOT-FOR-US: SAP NetWeaver AS ABAP Platform
CVE-2019-0303 (SAP BusinessObjects Business Intelligence Platform (Administration Con ...)
	NOT-FOR-US: SAP BusinessObjects Business Intelligence Platform
CVE-2019-0302
	RESERVED
CVE-2019-0301 (Under certain conditions, it is possible to request the modification o ...)
	NOT-FOR-US: SAP
CVE-2019-0300
	RESERVED
CVE-2019-0299
	RESERVED
CVE-2019-0298 (SAP E-Commerce (Business-to-Consumer) application does not sufficientl ...)
	NOT-FOR-US: SAP
CVE-2019-0297
	RESERVED
CVE-2019-0296
	RESERVED
CVE-2019-0295
	RESERVED
CVE-2019-0294
	RESERVED
CVE-2019-0293 (Read of RFC destination does not always perform necessary authorizatio ...)
	NOT-FOR-US: SAP
CVE-2019-0292
	RESERVED
CVE-2019-0291 (Under certain conditions Solution Manager, version 7.2, allows an atta ...)
	NOT-FOR-US: SAP
CVE-2019-0290
	RESERVED
CVE-2019-0289 (Under certain conditions SAP BusinessObjects Business Intelligence pla ...)
	NOT-FOR-US: SAP
CVE-2019-0288
	RESERVED
CVE-2019-0287 (Under certain conditions SAP BusinessObjects Business Intelligence pla ...)
	NOT-FOR-US: SAP
CVE-2019-0286
	RESERVED
CVE-2019-0285 (The .NET SDK WebForm Viewer in SAP Crystal Reports for Visual Studio ( ...)
	NOT-FOR-US: SAP
CVE-2019-0284 (SLD Registration in SAP HANA (fixed in versions 1.0, 2.0) does not suf ...)
	NOT-FOR-US: SAP
CVE-2019-0283 (SAP NetWeaver Process Integration (Adapter Engine), fixed in versions  ...)
	NOT-FOR-US: SAP
CVE-2019-0282 (Several web pages in SAP NetWeaver Process Integration (Runtime Workbe ...)
	NOT-FOR-US: SAP
CVE-2019-0281 (SAPUI5 and OpenUI5, before versions 1.38.39, 1.44.39, 1.52.25, 1.60.6  ...)
	NOT-FOR-US: SAP
CVE-2019-0280 (SAP Treasury and Risk Management (EA-FINSERV 6.0, 6.03, 6.04, 6.05, 6. ...)
	NOT-FOR-US: SAP
CVE-2019-0279 (ABAP BASIS function modules INST_CREATE_R3_RFC_DEST, INST_CREATE_TCPIP ...)
	NOT-FOR-US: SAP
CVE-2019-0278 (Under certain conditions the Monitoring Servlet of the SAP NetWeaver P ...)
	NOT-FOR-US: SAP
CVE-2019-0277 (SAP HANA extended application services, version 1, advanced does not s ...)
	NOT-FOR-US: SAP
CVE-2019-0276 (Banking services from SAP 9.0 (FSAPPL version 5) and SAP S/4HANA Finan ...)
	NOT-FOR-US: SAP
CVE-2019-0275 (SAML 1.1 SSO Demo Application in SAP NetWeaver Java Application Server ...)
	NOT-FOR-US: SAP
CVE-2019-0274 (SAP Mobile Platform SDK allows an attacker to prevent legitimate users ...)
	NOT-FOR-US: SAP
CVE-2019-0273
	RESERVED
CVE-2019-0272
	RESERVED
CVE-2019-0271 (ABAP Server (used in NetWeaver and Suite/ERP) and ABAP Platform does n ...)
	NOT-FOR-US: SAP
CVE-2019-0270 (ABAP Server of SAP NetWeaver and ABAP Platform fail to perform necessa ...)
	NOT-FOR-US: SAP
CVE-2019-0269 (SAP BusinessObjects Business Intelligence Platform (BI Workspace), ver ...)
	NOT-FOR-US: SAP
CVE-2019-0268 (SAP BusinessObjects Business Intelligence Platform (CMC Module), versi ...)
	NOT-FOR-US: SAP
CVE-2019-0267 (SAP Manufacturing Integration and Intelligence, versions 15.0, 15.1 an ...)
	NOT-FOR-US: SAP
CVE-2019-0266 (Under certain conditions SAP HANA Extended Application Services, versi ...)
	NOT-FOR-US: SAP
CVE-2019-0265 (SLD Registration of ABAP Platform allows an attacker to prevent legiti ...)
	NOT-FOR-US: ABAP Platform
CVE-2019-0264
	RESERVED
CVE-2019-0263
	RESERVED
CVE-2019-0262 (SAP WebIntelligence BILaunchPad, versions 4.10, 4.20, does not suffici ...)
	NOT-FOR-US: SAP
CVE-2019-0261 (Under certain circumstances, SAP HANA Extended Application Services, a ...)
	NOT-FOR-US: SAP
CVE-2019-0260
	RESERVED
CVE-2019-0259 (SAP BusinessObjects, versions 4.2 and 4.3, (Visual Difference) allows  ...)
	NOT-FOR-US: SAP
CVE-2019-0258 (SAP Disclosure Management, version 10.01, does not perform necessary a ...)
	NOT-FOR-US: SAP
CVE-2019-0257 (Customizing functionality of SAP NetWeaver AS ABAP Platform (fixed in  ...)
	NOT-FOR-US: SAP
CVE-2019-0256 (Under certain conditions SAP Business One Mobile Android App, version  ...)
	NOT-FOR-US: SAP
CVE-2019-0255 (SAP NetWeaver AS ABAP Platform, Krnl64nuc 7.74, krnl64UC 7.73, 7.74, K ...)
	NOT-FOR-US: SAP
CVE-2019-0254 (SAP Disclosure Management (before version 10.1 Stack 1301) does not su ...)
	NOT-FOR-US: SAP
CVE-2019-0253
	RESERVED
CVE-2019-0252
	RESERVED
CVE-2019-0251 (The Fiori Launchpad of SAP BusinessObjects, before versions 4.2 and 4. ...)
	NOT-FOR-US: SAP
CVE-2019-0250
	RESERVED
CVE-2019-0249 (Under certain conditions SAP Landscape Management (VCM 3.0) allows an  ...)
	NOT-FOR-US: SAP
CVE-2019-0248 (Under certain conditions SAP Gateway of ABAP Application Server (fixed ...)
	NOT-FOR-US: SAP
CVE-2019-0247 (SAP Cloud Connector, before version 2.11.3, allows an attacker to inje ...)
	NOT-FOR-US: SAP
CVE-2019-0246 (SAP Cloud Connector, before version 2.11.3, does not perform any authe ...)
	NOT-FOR-US: SAP
CVE-2019-0245 (SAP CRM WebClient UI (fixed in SAPSCORE 1.12; S4FND 1.02; WEBCUIF 7.31 ...)
	NOT-FOR-US: SAP
CVE-2019-0244 (SAP CRM WebClient UI (fixed in SAPSCORE 1.12; S4FND 1.02; WEBCUIF 7.31 ...)
	NOT-FOR-US: SAP
CVE-2019-0243 (Under some circumstances, masterdata maintenance in SAP BW/4HANA (fixe ...)
	NOT-FOR-US: SAP
CVE-2019-0242
	RESERVED
CVE-2019-0241 (SAP Work and Inventory Manager (Agentry_SDK , before 7.0, 7.1) allows  ...)
	NOT-FOR-US: SAP
CVE-2019-0240 (SAP Business Objects Mobile for Android (before 6.3.5) application all ...)
	NOT-FOR-US: SAP
CVE-2019-0239
	RESERVED
CVE-2019-0238 (SAP Commerce (previously known as SAP Hybris Commerce), before version ...)
	NOT-FOR-US: SAP
CVE-2019-0237
	RESERVED
CVE-2019-0236
	RESERVED
CVE-2019-0235
	RESERVED
CVE-2019-0234 (A Reflected Cross-site Scripting (XSS) vulnerability exists in Apache  ...)
	NOT-FOR-US: Apache Roller
CVE-2019-0233
	RESERVED
CVE-2019-0232 (When running on Windows with enableCmdLineArguments enabled, the CGI S ...)
	- tomcat9 <not-affected> (Windows-specific)
	- tomcat8 <not-affected> (Windows-specific)
	NOTE: https://codewhitesec.blogspot.com/2016/02/java-and-command-line-injections-in-windows.html
CVE-2019-0231 (Handling of the close_notify SSL/TLS message does not lead to a connec ...)
	NOT-FOR-US: Apache MINA
CVE-2019-0230
	RESERVED
CVE-2019-0229 (A number of HTTP endpoints in the Airflow webserver (both RBAC and cla ...)
	- airflow <itp> (bug #819700)
CVE-2019-0228 (Apache PDFBox 2.0.14 does not properly initialize the XML parser, whic ...)
	- libpdfbox2-java <not-affected> (Vulnerable code introduced in 2.0.14)
	- libpdfbox-java <not-affected> (Vulnerable code introduced in 2.0.14)
	NOTE: https://www.openwall.com/lists/oss-security/2019/04/12/1
	NOTE: https://issues.apache.org/jira/browse/PDFBOX-4505
	NOTE: Fixed by: https://svn.apache.org/r1856952 (2.0.15)
CVE-2019-0227 (A Server Side Request Forgery (SSRF) vulnerability affected the Apache ...)
	- axis <unfixed> (bug #929266; unimportant)
	NOTE: https://rhinosecuritylabs.com/application-security/cve-2019-0227-expired-domain-rce-apache-axis/
	NOTE: https://github.com/apache/axis1-java/commit/7043f1ab0397d1ae35f879f2bcc99be1e9b55644
	NOTE: StockQuoteService.jws not present in Debian binary packages
	NOTE: disclosure mentions "03/12/2019 - Apache applied SSRF patch":
	NOTE: https://github.com/RhinoSecurityLabs/CVEs/issues/1
	NOTE: https://github.com/apache/axis1-java/commit/35511b872a6460129cfc0cd35baaccbd820977b5
CVE-2019-0226 (Apache Karaf Config service provides a install method (via service or  ...)
	- apache-karaf <itp> (bug #881297)
CVE-2019-0225 (A specially crafted url could be used to access files under the ROOT d ...)
	- jspwiki <removed>
CVE-2019-0224 (In Apache JSPWiki 2.9.0 to 2.11.0.M2, a carefully crafted URL could ex ...)
	- jspwiki <removed>
CVE-2019-0223 (While investigating bug PROTON-2014, we discovered that under some cir ...)
	- qpid-proton 0.22.0-1
	[stretch] - qpid-proton <no-dsa> (Minor issue)
	[jessie] - qpid-proton <ignored> (Minor issue)
	NOTE: https://issues.apache.org/jira/browse/PROTON-2014
	NOTE: https://qpid.apache.org/cves/CVE-2019-0223.html
	NOTE: https://gitbox.apache.org/repos/asf?p=qpid-proton.git;h=97c7733
	NOTE: https://gitbox.apache.org/repos/asf?p=qpid-proton.git;h=159fac1
	NOTE: https://gitbox.apache.org/repos/asf?p=qpid-proton.git;h=4aea0fd
	NOTE: https://gitbox.apache.org/repos/asf?p=qpid-proton.git;h=2d3ba8a
	NOTE: Source-wise only fixed in 0.27.1 upstream, but 0.22.0-1 upload in
	NOTE: unstable switched to build against OpenSSL 1.1 adressing the issue.
	NOTE: The description tells that the vulnerability was introduced in 0.9 but the
	NOTE: version in jessie (0.7) seems to be vulnerable too even though one file is
	NOTE: not present in the jessie version. That part do not seem to be essential for
	NOTE: the package to be vulnerable.
CVE-2019-0222 (In Apache ActiveMQ 5.0.0 - 5.15.8, unmarshalling corrupt MQTT frame ca ...)
	- activemq 5.15.9-1 (bug #925964)
	[buster] - activemq <no-dsa> (Minor issue)
	[stretch] - activemq <no-dsa> (Minor issue)
	[jessie] - activemq <not-affected> (MQTT support not enabled)
	NOTE: http://activemq.apache.org/security-advisories.data/CVE-2019-0222-announcement.txt
CVE-2019-0221 (The SSI printenv command in Apache Tomcat 9.0.0.M1 to 9.0.0.17, 8.5.0  ...)
	{DSA-4596-1 DLA-1883-1 DLA-1810-1}
	- tomcat9 9.0.16-4 (bug #929895)
	- tomcat8 <removed>
	- tomcat7 <removed>
	NOTE: affects debug channel, unlikely to be present in production websites:
	NOTE: https://mail-archives.apache.org/mod_mbox/www-announce/201905.mbox/%3Cb1905aa6-f340-8d0b-58c4-8ac3ebcbfa54@apache.org%3E
	NOTE: https://github.com/apache/tomcat/commit/15fcd16 (9.0.19)
	NOTE: https://github.com/apache/tomcat/commit/4fcdf70 (8.5.39)
	NOTE: https://github.com/apache/tomcat/commit/44ec74c (7.0.93)
CVE-2019-0220 (A vulnerability was found in Apache HTTP Server 2.4.0 to 2.4.38. When  ...)
	{DSA-4422-1 DLA-1748-1}
	- apache2 2.4.38-3
	NOTE: https://httpd.apache.org/security/vulnerabilities_24.html#CVE-2019-0220
	NOTE: https://svn.apache.org/r1855737
	NOTE: https://svn.apache.org/r1855751
CVE-2019-0219 (A website running in the InAppBrowser webview on Android could execute ...)
	NOT-FOR-US: Apache Cordova
CVE-2019-0218 (A vulnerability was discovered wherein a specially crafted URL could e ...)
	NOT-FOR-US: Apache Pony Mail
CVE-2019-0217 (In Apache HTTP Server 2.4 release 2.4.38 and prior, a race condition i ...)
	{DSA-4422-1 DLA-1748-1}
	- apache2 2.4.38-3
	NOTE: https://httpd.apache.org/security/vulnerabilities_24.html#CVE-2019-0217
	NOTE: https://svn.apache.org/r1855298
CVE-2019-0216 (A malicious admin user could edit the state of objects in the Airflow  ...)
	- airflow <itp> (bug #819700)
CVE-2019-0215 (In Apache HTTP Server 2.4 releases 2.4.37 and 2.4.38, a bug in mod_ssl ...)
	- apache2 2.4.38-3
	[stretch] - apache2 <not-affected> (Vulnerable code introduced later)
	[jessie] - apache2 <not-affected> (Vulnerable code introduced later)
	NOTE: https://httpd.apache.org/security/vulnerabilities_24.html#CVE-2019-0215
CVE-2019-0214 (In Apache Archiva 2.0.0 - 2.2.3, it is possible to write files to the  ...)
	NOT-FOR-US: Apache Archiva
CVE-2019-0213 (In Apache Archiva before 2.2.4, it may be possible to store malicious  ...)
	NOT-FOR-US: Apache Archiva
CVE-2019-0212 (In all previously released Apache HBase 2.x versions (2.0.0-2.0.4, 2.1 ...)
	NOT-FOR-US: Apache HBase
CVE-2019-0211 (In Apache HTTP Server 2.4 releases 2.4.17 to 2.4.38, with MPM event, w ...)
	{DSA-4422-1}
	- apache2 2.4.38-3
	[jessie] - apache2 <not-affected> (Vulnerable code introduced later)
	NOTE: https://httpd.apache.org/security/vulnerabilities_24.html#CVE-2019-0211
	NOTE: https://svn.apache.org/r1855378
CVE-2019-0210 (In Apache Thrift 0.9.3 to 0.12.0, a server implemented in Go using TJS ...)
	[experimental] - thrift 0.13.0-1
	- thrift 0.13.0-2
	NOTE: https://www.openwall.com/lists/oss-security/2019/10/17/2
CVE-2019-0209
	REJECTED
CVE-2019-0208
	REJECTED
CVE-2019-0207 (Tapestry processes assets `/assets/ctx` using classes chain `StaticFil ...)
	NOT-FOR-US: Apache Tapestry
CVE-2019-0206
	REJECTED
CVE-2019-0205 (In Apache Thrift all versions up to and including 0.12.0, a server or  ...)
	[experimental] - thrift 0.13.0-1
	- thrift 0.13.0-2
	NOTE: https://www.openwall.com/lists/oss-security/2019/10/17/1
CVE-2019-0204 (A specifically crafted Docker image running under the root user can ov ...)
	- apache-mesos <itp> (bug #760315)
CVE-2019-0203 (In Apache Subversion versions up to and including 1.9.10, 1.10.4, 1.12 ...)
	{DSA-4490-1 DLA-1903-1}
	- subversion 1.10.6-1
	NOTE: https://subversion.apache.org/security/CVE-2019-0203-advisory.txt
CVE-2019-0202 (The Apache Storm Logviewer daemon exposes HTTP-accessible endpoints to ...)
	NOT-FOR-US: Apache Storm
CVE-2019-0201 (An issue is present in Apache ZooKeeper 1.0.0 to 3.4.13 and 3.5.0-alph ...)
	{DSA-4461-1 DLA-1801-1}
	- zookeeper 3.4.13-2 (bug #929283)
	NOTE: https://issues.apache.org/jira/browse/ZOOKEEPER-1392
	NOTE: Patch (3.4 branch): https://gitbox.apache.org/repos/asf?p=zookeeper.git;a=commit;h=5ff19e3672987bdde2843a3f031e2bf0010e35f1
CVE-2019-0200 (A Denial of Service vulnerability was found in Apache Qpid Broker-J ve ...)
	- qpid-java <itp> (bug #840131)
CVE-2019-0199 (The HTTP/2 implementation in Apache Tomcat 9.0.0.M1 to 9.0.14 and 8.5. ...)
	{DSA-4596-1}
	- tomcat9 9.0.16-1
	- tomcat8 8.5.38-1
	[jessie] - tomcat8 <not-affected> (HTTP/2 support not implemented)
	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1693325
	NOTE: When fixing this issue make sure to fix it completely to not open CVE-2019-10072.
CVE-2019-0198
	REJECTED
CVE-2019-0197 (A vulnerability was found in Apache HTTP Server 2.4.34 to 2.4.38. When ...)
	- apache2 2.4.38-3
	[stretch] - apache2 <not-affected> (Vulnerable code introduced later)
	[jessie] - apache2 <not-affected> (Vulnerable code introduced later)
	NOTE: https://httpd.apache.org/security/vulnerabilities_24.html#CVE-2019-0197
CVE-2019-0196 (A vulnerability was found in Apache HTTP Server 2.4.17 to 2.4.38. Usin ...)
	{DSA-4422-1}
	- apache2 2.4.38-3
	[jessie] - apache2 <not-affected> (Vulnerable code introduced later)
	NOTE: NOTE: HTTP/2 support introduced in 2.4.17
	NOTE: https://httpd.apache.org/security/vulnerabilities_24.html#CVE-2019-0196
	NOTE: https://svn.apache.org/r1852989
CVE-2019-0195 (Manipulating classpath asset file URLs, an attacker could guess the pa ...)
	NOT-FOR-US: Apache Tapestry
CVE-2019-0194 (Apache Camel's File is vulnerable to directory traversal. Camel 2.21.0 ...)
	NOT-FOR-US: Apache Camel
CVE-2019-0193 (In Apache Solr, the DataImportHandler, an optional but popular module  ...)
	{DLA-1954-1}
	- lucene-solr 3.6.2+dfsg-22 (low)
	NOTE: https://issues.apache.org/jira/browse/SOLR-13669
	NOTE: upstream recommends everybody upgrade or rework their configuration
	NOTE: consider backporting enable.dih.dataConfigParam instead:
	NOTE: https://github.com/apache/lucene-solr/commit/325824cd391c8e71f36f17d687f52344e50e9715
CVE-2019-0192 (In Apache Solr versions 5.0.0 to 5.5.5 and 6.0.0 to 6.6.5, the Config  ...)
	- lucene-solr <not-affected> (vulnerable code is not present)
	NOTE: https://issues.apache.org/jira/browse/SOLR-13301
CVE-2019-0191 (Apache Karaf kar deployer reads .kar archives and extracts the paths f ...)
	- apache-karaf <itp> (bug #881297)
CVE-2019-0190 (A bug exists in the way mod_ssl handled client renegotiations. A remot ...)
	- apache2 2.4.38-1 (bug #920220)
	[stretch] - apache2 <not-affected> (Only affects 2.4.37)
	[jessie] - apache2 <not-affected> (Only affects 2.4.37)
	NOTE: https://www.openwall.com/lists/oss-security/2019/01/22/4
CVE-2019-0189 (The java.io.ObjectInputStream is known to cause Java serialisation iss ...)
	NOT-FOR-US: Apache OFBiz
CVE-2019-0188 (Apache Camel prior to 2.24.0 contains an XML external entity injection ...)
	NOT-FOR-US: Apache Camel
CVE-2019-0187 (Unauthenticated RCE is possible when JMeter is used in distributed mod ...)
	- jakarta-jmeter <unfixed>
	[buster] - jakarta-jmeter <no-dsa> (Minor issue)
	[stretch] - jakarta-jmeter <no-dsa> (Minor issue)
	[jessie] - jakarta-jmeter <no-dsa> (Minor issue)
	NOTE: https://bz.apache.org/bugzilla/show_bug.cgi?id=62743
CVE-2019-0186 (The input fields of the Apache Pluto "Chat Room" demo portlet 3.0.0 an ...)
	NOT-FOR-US: Apache Pluto "Chat Room" demo portlet
CVE-2019-0185 (Insufficient access control in protected memory subsystem for SMM for  ...)
	NOT-FOR-US: Intel
CVE-2019-0184 (Insufficient access control in protected memory subsystem for Intel(R) ...)
	NOT-FOR-US: Intel
CVE-2019-0183 (Insufficient password protection in the attestation database for Open  ...)
	NOT-FOR-US: Open CIT
CVE-2019-0182 (Insufficient password protection in the attestation database for Open  ...)
	NOT-FOR-US: Open CIT
CVE-2019-0181 (Insufficient password protection in the attestation database for Open  ...)
	NOT-FOR-US: Open CIT
CVE-2019-0180 (Insufficient password protection in the attestation database for Open  ...)
	NOT-FOR-US: Open CIT
CVE-2019-0179 (Insufficient password protection in the attestation database for Open  ...)
	NOT-FOR-US: Open CIT
CVE-2019-0178 (Insufficient password protection in the attestation database for Open  ...)
	NOT-FOR-US: Open CIT
CVE-2019-0177 (Insufficient password protection in the attestation database for Open  ...)
	NOT-FOR-US: Open CIT
CVE-2019-0176
	RESERVED
CVE-2019-0175 (Insufficient password protection in the attestation database for Open  ...)
	NOT-FOR-US: Open CIT
CVE-2019-0174 (Logic condition in specific microprocessors may allow an authenticated ...)
	NOT-FOR-US: RamBleed hardware vulnerability
	NOTE: https://rambleed.com/
CVE-2019-0173 (Authentication bypass in the web console for Intel(R) Raid Web Console ...)
	NOT-FOR-US: Intel
CVE-2019-0172 (A logic issue in Intel Unite(R) Client for Android prior to version 4. ...)
	NOT-FOR-US: Intel Unite(R) Client for Android
CVE-2019-0171 (Improper directory permissions in the installer for Intel(R) Quartus(R ...)
	NOT-FOR-US: Intel
CVE-2019-0170 (Buffer overflow in subsystem in Intel(R) DAL before version 12.0.35 ma ...)
	NOT-FOR-US: Intel(R) DAL
CVE-2019-0169 (Heap overflow in subsystem in Intel(R) CSME before versions 11.8.70, 1 ...)
	NOT-FOR-US: Intel
CVE-2019-0168 (Insufficient input validation in the subsystem for Intel(R) CSME befor ...)
	NOT-FOR-US: Intel
CVE-2019-0167
	RESERVED
CVE-2019-0166 (Insufficient input validation in the subsystem for Intel(R) AMT before ...)
	NOT-FOR-US: Intel
CVE-2019-0165 (Insufficient Input validation in the subsystem for Intel(R) CSME befor ...)
	NOT-FOR-US: Intel
CVE-2019-0164 (Improper permissions in the installer for Intel(R) Turbo Boost Max Tec ...)
	NOT-FOR-US: installer for Intel(R) Turbo Boost Max Technology driver
CVE-2019-0163 (Insufficient input validation in system firmware for Intel(R) Broadwel ...)
	NOT-FOR-US: Intel
CVE-2019-0162 (Memory access in virtual memory mapping for some microprocessors may a ...)
	NOT-FOR-US: F5
CVE-2019-0161 (Stack overflow in XHCI for EDK II may allow an unauthenticated user to ...)
	- edk2 0~20180803.dd4cae4d-1 (low)
	[stretch] - edk2 <no-dsa> (Minor issue)
	[jessie] - edk2 <end-of-life> (non-free)
	NOTE: https://github.com/tianocore/edk2/commit/acebdf14c985c5c9f50b37ece0b15ada87767359
	NOTE: https://github.com/tianocore/edk2/commit/72750e3bf9174f15c17e78f0f117b5e7311bb49f
CVE-2019-0160 (Buffer overflow in system firmware for EDK II may allow unauthenticate ...)
	- edk2 0~20181115.85588389-1 (low)
	[stretch] - edk2 <no-dsa> (Minor issue)
	[jessie] - edk2 <end-of-life> (non-free)
	NOTE: https://github.com/tianocore/edk2/commit/4df8f5bfa28b8b881e506437e8f08d92c1a00370
	NOTE: https://github.com/tianocore/edk2/commit/b9ae1705adfdd43668027a25a2b03c2e81960219
	NOTE: https://github.com/tianocore/edk2/commit/5c0748f43f4e1cc15fdd0be64a764eacd7df92f6
	NOTE: https://github.com/tianocore/edk2/commit/89f75aa04a97293a8ed9db2a90851a5053730cf5
	NOTE: https://github.com/tianocore/edk2/commit/3b30351b75d70ea65701ac999875fbb81a89a5ca
CVE-2019-0159 (Insufficient memory protection in the Linux Administrative Tools for I ...)
	NOT-FOR-US: Linux Administrative Tools for Intel Network Adapters
CVE-2019-0158 (Insufficient path checking in the installation package for Intel(R) Gr ...)
	NOT-FOR-US: Intel
CVE-2019-0157 (Insufficient input validation in the Intel(R) SGX driver for Linux may ...)
	NOT-FOR-US: Intel
CVE-2019-0156
	RESERVED
CVE-2019-0155 (Insufficient access control in a subsystem for Intel (R) processor gra ...)
	{DSA-4564-1 DLA-1990-1}
	- linux 5.3.9-2
	[jessie] - linux <not-affected> (Driver doesn't support this hardware)
CVE-2019-0154 (Insufficient access control in subsystem for Intel (R) processor graph ...)
	{DSA-4564-1 DLA-1990-1 DLA-1989-1}
	- linux 5.3.9-2
CVE-2019-0153 (Buffer overflow in subsystem in Intel(R) CSME 12.0.0 through 12.0.34 m ...)
	NOT-FOR-US: Intel(R) CSME
CVE-2019-0152 (Insufficient memory protection in System Management Mode (SMM) and Int ...)
	NOT-FOR-US: Intel
CVE-2019-0151 (Insufficient memory protection in Intel(R) TXT for certain Intel(R) Co ...)
	NOT-FOR-US: Intel
CVE-2019-0150 (Insufficient access control in firmware Intel(R) Ethernet 700 Series C ...)
	NOT-FOR-US: Intel firmware for Ethernet 700 Series
CVE-2019-0149 (Insufficient input validation in i40e driver for Intel(R) Ethernet 700 ...)
	TODO: check
CVE-2019-0148 (Resource leak in i40e driver for Intel(R) Ethernet 700 Series Controll ...)
	TODO: check
CVE-2019-0147 (Insufficient input validation in i40e driver for Intel(R) Ethernet 700 ...)
	TODO: check
CVE-2019-0146 (Resource leak in i40e driver for Intel(R) Ethernet 700 Series Controll ...)
	TODO: check
CVE-2019-0145 (Buffer overflow in i40e driver for Intel(R) Ethernet 700 Series Contro ...)
	TODO: check
CVE-2019-0144 (Unhandled exception in firmware for Intel(R) Ethernet 700 Series Contr ...)
	NOT-FOR-US: Intel firmware for Ethernet 700 Series
CVE-2019-0143 (Unhandled exception in Kernel-mode drivers for Intel(R) Ethernet 700 S ...)
	NOT-FOR-US: Windows driver for Intel Ethernet 700 Series
CVE-2019-0142 (Insufficient access control in ilp60x64.sys driver for Intel(R) Ethern ...)
	NOT-FOR-US: ilp60x64.sys driver for Intel
CVE-2019-0141
	REJECTED
CVE-2019-0140 (Buffer overflow in firmware for Intel(R) Ethernet 700 Series Controlle ...)
	NOT-FOR-US: Intel firmware for Ethernet 700 Series
CVE-2019-0139 (Insufficient access control in firmware for Intel(R) Ethernet 700 Seri ...)
	NOT-FOR-US: Intel firmware for Ethernet 700 Series
CVE-2019-0138 (Improper directory permissions in Intel(R) ACU Wizard version 12.0.0.1 ...)
	NOT-FOR-US: Intel(R) ACU Wizard
CVE-2019-0137
	RESERVED
CVE-2019-0136 (Insufficient access control in the Intel(R) PROSet/Wireless WiFi Softw ...)
	{DLA-2114-1 DLA-1930-1 DLA-1919-1}
	- linux 5.2.6-1
	[buster] - linux 4.19.67-1
	[stretch] - linux 4.9.210-1
	NOTE: https://git.kernel.org/linus/79c92ca42b5a3e0ea172ea2ce8df8e125af237da
	NOTE: https://git.kernel.org/linus/588f7d39b3592a36fb7702ae3b8bdd9be4621e2f
CVE-2019-0135 (Improper permissions in the installer for Intel(R) Accelerated Storage ...)
	NOT-FOR-US: Intel
CVE-2019-0134 (Improper permissions in the Intel(R) Dynamic Platform and Thermal Fram ...)
	NOT-FOR-US: Intel
CVE-2019-0133
	RESERVED
CVE-2019-0132 (Data Corruption in Intel Unite(R) Client before version 3.3.176.13 may ...)
	NOT-FOR-US: Intel Unite(R) Client
CVE-2019-0131 (Insufficient input validation in subsystem in Intel(R) AMT before vers ...)
	NOT-FOR-US: Intel
CVE-2019-0130 (Reflected XSS in web interface for Intel(R) Accelerated Storage Manage ...)
	NOT-FOR-US: Intel
CVE-2019-0129 (Improper permissions for Intel(R) USB 3.0 Creator Utility all versions ...)
	NOT-FOR-US: Intel
CVE-2019-0128 (Improper permissions in the installer for Intel(R) Chipset Device Soft ...)
	NOT-FOR-US: Intel
CVE-2019-0127 (Logic error in the installer for Intel(R) OpenVINO(TM) 2018 R3 and bef ...)
	NOT-FOR-US: Intel
CVE-2019-0126 (Insufficient access control in silicon reference firmware for Intel(R) ...)
	NOT-FOR-US: Intel
CVE-2019-0125
	RESERVED
CVE-2019-0124 (Insufficient memory protection in Intel(R) 6th Generation Core Process ...)
	NOT-FOR-US: Intel
CVE-2019-0123 (Insufficient memory protection in Intel(R) 6th Generation Core Process ...)
	NOT-FOR-US: Intel
CVE-2019-0122 (Double free in Intel(R) SGX SDK for Linux before version 2.2 and Intel ...)
	NOT-FOR-US: Intel
CVE-2019-0121 (Improper permissions in Intel(R) Matrix Storage Manager 8.9.0.1023 and ...)
	NOT-FOR-US: Intel
CVE-2019-0120 (Insufficient key protection vulnerability in silicon reference firmwar ...)
	NOT-FOR-US: Intel
CVE-2019-0119 (Buffer overflow vulnerability in system firmware for Intel(R) Xeon(R)  ...)
	NOT-FOR-US: Intel
CVE-2019-0118
	RESERVED
CVE-2019-0117 (Insufficient access control in protected memory subsystem for Intel(R) ...)
	NOT-FOR-US: Intel SGX vulnerabilities
	NOTE: Fixes included in intel-microcode/3.20191112.1
CVE-2019-0116 (An out of bound read in KMD module for Intel(R) Graphics Driver before ...)
	NOT-FOR-US: Intel
CVE-2019-0115 (Insufficient input validation in KMD module for Intel(R) Graphics Driv ...)
	NOT-FOR-US: Intel
CVE-2019-0114 (A race condition in Intel(R) Graphics Drivers before version 10.18.14. ...)
	NOT-FOR-US: Intel
CVE-2019-0113 (Insufficient bounds checking in Intel(R) Graphics Drivers before versi ...)
	NOT-FOR-US: Intel
CVE-2019-0112 (Improper flow control in crypto routines for Intel(R) Data Center Mana ...)
	NOT-FOR-US: Intel
CVE-2019-0111 (Improper file permissions for Intel(R) Data Center Manager SDK before  ...)
	NOT-FOR-US: Intel
CVE-2019-0110 (Insufficient key management for Intel(R) Data Center Manager SDK befor ...)
	NOT-FOR-US: Intel
CVE-2019-0109 (Improper folder permissions in Intel(R) Data Center Manager SDK before ...)
	NOT-FOR-US: Intel
CVE-2019-0108 (Improper file permissions for Intel(R) Data Center Manager SDK before  ...)
	NOT-FOR-US: Intel
CVE-2019-0107 (Insufficient user prompt in install routine for Intel(R) Data Center M ...)
	NOT-FOR-US: Intel
CVE-2019-0106 (Insufficient run protection in install routine for Intel(R) Data Cente ...)
	NOT-FOR-US: Intel
CVE-2019-0105 (Insufficient file permissions checking in install routine for Intel(R) ...)
	NOT-FOR-US: Intel
CVE-2019-0104 (Insufficient file protection in uninstall routine for Intel(R) Data Ce ...)
	NOT-FOR-US: Intel
CVE-2019-0103 (Insufficient file protection in install routine for Intel(R) Data Cent ...)
	NOT-FOR-US: Intel
CVE-2019-0102 (Insufficient session authentication in web server for Intel(R) Data Ce ...)
	NOT-FOR-US: Intel
CVE-2019-0101 (Authentication bypass in the Intel Unite(R) solution versions 3.2 thro ...)
	NOT-FOR-US: Intel
CVE-2019-0100
	RESERVED
CVE-2019-0099 (Insufficient access control vulnerability in subsystem in Intel(R) SPS ...)
	NOT-FOR-US: Intel
CVE-2019-0098 (Logic bug vulnerability in subsystem for Intel(R) CSME before version  ...)
	NOT-FOR-US: Intel
CVE-2019-0097 (Insufficient input validation vulnerability in subsystem for Intel(R)  ...)
	NOT-FOR-US: Intel
CVE-2019-0096 (Out of bound write vulnerability in subsystem for Intel(R) AMT before  ...)
	NOT-FOR-US: Intel
CVE-2019-0095
	RESERVED
CVE-2019-0094 (Insufficient input validation vulnerability in subsystem for Intel(R)  ...)
	NOT-FOR-US: Intel
CVE-2019-0093 (Insufficient data sanitization vulnerability in HECI subsystem for Int ...)
	NOT-FOR-US: Intel
CVE-2019-0092 (Insufficient input validation vulnerability in subsystem for Intel(R)  ...)
	NOT-FOR-US: Intel
CVE-2019-0091 (Code injection vulnerability in installer for Intel(R) CSME before ver ...)
	NOT-FOR-US: Intel
CVE-2019-0090 (Insufficient access control vulnerability in subsystem for Intel(R) CS ...)
	NOT-FOR-US: Intel
CVE-2019-0089 (Improper data sanitization vulnerability in subsystem in Intel(R) SPS  ...)
	NOT-FOR-US: Intel
CVE-2019-0088 (Insufficient path checking in Intel(R) System Support Utility for Wind ...)
	NOT-FOR-US: Intel
CVE-2019-0087
	RESERVED
CVE-2019-0086 (Insufficient access control vulnerability in Dynamic Application Loade ...)
	NOT-FOR-US: Intel
CVE-2019-0085
	RESERVED
CVE-2019-0084
	RESERVED
CVE-2019-0083
	RESERVED
CVE-2019-0082
	RESERVED
CVE-2019-0081
	RESERVED
CVE-2019-0080
	RESERVED
CVE-2019-0079
	RESERVED
CVE-2019-0078
	RESERVED
CVE-2019-0077
	RESERVED
CVE-2019-0076
	RESERVED
CVE-2019-0075 (A vulnerability in the srxpfe process on Protocol Independent Multicas ...)
	NOT-FOR-US: Juniper
CVE-2019-0074 (A path traversal vulnerability in NFX150 Series and QFX10K Series, EX9 ...)
	NOT-FOR-US: Juniper
CVE-2019-0073 (The PKI keys exported using the command "run request security pki key- ...)
	NOT-FOR-US: Juniper
CVE-2019-0072 (An Unprotected Storage of Credentials vulnerability in the identity an ...)
	NOT-FOR-US: Juniper
CVE-2019-0071 (Veriexec is a kernel-based file integrity subsystem in Junos OS that e ...)
	NOT-FOR-US: Juniper
CVE-2019-0070 (An Improper Input Validation weakness allows a malicious local attacke ...)
	NOT-FOR-US: Juniper
CVE-2019-0069 (On EX4600, QFX5100 Series, NFX Series, QFX10K Series, QFX5110, QFX5200 ...)
	NOT-FOR-US: Juniper
CVE-2019-0068 (The SRX flowd process, responsible for packet forwarding, may crash an ...)
	NOT-FOR-US: Juniper
CVE-2019-0067 (Receipt of a specific link-local IPv6 packet destined to the RE may ca ...)
	NOT-FOR-US: Juniper
CVE-2019-0066 (An unexpected status return value weakness in the Next-Generation Mult ...)
	NOT-FOR-US: Juniper
CVE-2019-0065 (On MX Series, when the SIP ALG is enabled, receipt of a certain malfor ...)
	NOT-FOR-US: Juniper
CVE-2019-0064 (On SRX5000 Series devices, if 'set security zones security-zone &lt;zo ...)
	NOT-FOR-US: Juniper
CVE-2019-0063 (When an MX Series Broadband Remote Access Server (BRAS) is configured  ...)
	NOT-FOR-US: Juniper
CVE-2019-0062 (A session fixation vulnerability in J-Web on Junos OS may allow an att ...)
	NOT-FOR-US: Juniper
CVE-2019-0061 (The management daemon (MGD) is responsible for all configuration and m ...)
	NOT-FOR-US: Juniper
CVE-2019-0060 (The flowd process, responsible for forwarding traffic in SRX Series se ...)
	NOT-FOR-US: Juniper
CVE-2019-0059 (A memory leak vulnerability in the of Juniper Networks Junos OS allows ...)
	NOT-FOR-US: Juniper
CVE-2019-0058 (A vulnerability in the Veriexec subsystem of Juniper Networks Junos OS ...)
	NOT-FOR-US: Juniper
CVE-2019-0057 (An improper authorization weakness in Juniper Networks Junos OS allows ...)
	NOT-FOR-US: Juniper
CVE-2019-0056 (This issue only affects devices with three (3) or more MPC10's install ...)
	NOT-FOR-US: Juniper
CVE-2019-0055 (A vulnerability in the SIP ALG packet processing service of Juniper Ne ...)
	NOT-FOR-US: Juniper
CVE-2019-0054 (An Improper Certificate Validation weakness in the SRX Series Applicat ...)
	NOT-FOR-US: Juniper
CVE-2019-0053 (Insufficient validation of environment variables in the telnet client  ...)
	- socks4-server <removed> (low)
	[buster] - socks4-server <ignored> (Minor issue)
	[stretch] - socks4-server <ignored> (Minor issue)
	- inetutils 2:1.9.4-11 (low; bug #945861)
	[buster] - inetutils <ignored> (Minor issue)
	[stretch] - inetutils <ignored> (Minor issue)
	[jessie] - inetutils <no-dsa> (Minor issue)
	NOTE: https://www.freebsd.org/security/advisories/FreeBSD-SA-19:12.telnet.asc
	NOTE: https://raw.githubusercontent.com/hackerhouse-opensource/exploits/master/inetutils-telnet.txt
	NOTE: https://www.openwall.com/lists/oss-security/2018/12/14/8
CVE-2019-0052 (The srxpfe process may crash on SRX Series services gateways when the  ...)
	NOT-FOR-US: Juniper
CVE-2019-0051 (SSL-Proxy feature on SRX devices fails to handle a hardware resource l ...)
	NOT-FOR-US: Juniper
CVE-2019-0050 (Under certain heavy traffic conditions srxpfe process can crash and re ...)
	NOT-FOR-US: Juniper
CVE-2019-0049 (On Junos devices with the BGP graceful restart helper mode enabled or  ...)
	NOT-FOR-US: Juniper
CVE-2019-0048 (On EX4300 Series switches with TCAM optimization enabled, incoming mul ...)
	NOT-FOR-US: Juniper
CVE-2019-0047 (A persistent Cross-Site Scripting (XSS) vulnerability in Junos OS J-We ...)
	NOT-FOR-US: Juniper
CVE-2019-0046 (A vulnerability in the pfe-chassisd Chassis Manager (CMLC) daemon of J ...)
	NOT-FOR-US: Juniper
CVE-2019-0045
	RESERVED
CVE-2019-0044 (Receipt of a specific packet on the out-of-band management interface f ...)
	NOT-FOR-US: Juniper
CVE-2019-0043 (In MPLS environments, receipt of a specific SNMP packet may cause the  ...)
	NOT-FOR-US: Juniper
CVE-2019-0042 (Juniper Identity Management Service (JIMS) for Windows versions prior  ...)
	NOT-FOR-US: Juniper
CVE-2019-0041 (On EX4300-MP Series devices with any lo0 filters applied, transit netw ...)
	NOT-FOR-US: Juniper
CVE-2019-0040 (On Junos OS, rpcbind should only be listening to port 111 on the inter ...)
	NOT-FOR-US: Juniper
CVE-2019-0039 (If REST API is enabled, the Junos OS login credentials are vulnerable  ...)
	NOT-FOR-US: Juniper
CVE-2019-0038 (Crafted packets destined to the management interface (fxp0) of an SRX3 ...)
	NOT-FOR-US: Juniper
CVE-2019-0037 (In a Dynamic Host Configuration Protocol version 6 (DHCPv6) environmen ...)
	NOT-FOR-US: Juniper
CVE-2019-0036 (When configuring a stateless firewall filter in Junos OS, terms named  ...)
	NOT-FOR-US: Juniper
CVE-2019-0035 (When "set system ports console insecure" is enabled, root login is dis ...)
	NOT-FOR-US: Juniper
CVE-2019-0034
	REJECTED
CVE-2019-0033 (A firewall bypass vulnerability in the proxy ARP service of Juniper Ne ...)
	NOT-FOR-US: Juniper
CVE-2019-0032 (A password management issue exists where the Organization authenticati ...)
	NOT-FOR-US: Juniper
CVE-2019-0031 (Specific IPv6 DHCP packets received by the jdhcpd daemon will cause a  ...)
	NOT-FOR-US: Juniper
CVE-2019-0030 (Juniper ATP uses DES and a hardcoded salt for password hashing, allowi ...)
	NOT-FOR-US: Juniper
CVE-2019-0029 (Juniper ATP Series Splunk credentials are logged in a file readable by ...)
	NOT-FOR-US: Juniper
CVE-2019-0028 (On Junos devices with the BGP graceful restart helper mode enabled or  ...)
	NOT-FOR-US: Juniper
CVE-2019-0027 (A persistent cross-site scripting (XSS) vulnerability in the Snort Rul ...)
	NOT-FOR-US: Juniper
CVE-2019-0026 (A persistent cross-site scripting (XSS) vulnerability in the Zone conf ...)
	NOT-FOR-US: Juniper
CVE-2019-0025 (A persistent cross-site scripting (XSS) vulnerability in RADIUS config ...)
	NOT-FOR-US: Juniper
CVE-2019-0024 (A persistent cross-site scripting (XSS) vulnerability in the Email Col ...)
	NOT-FOR-US: Juniper
CVE-2019-0023 (A persistent cross-site scripting (XSS) vulnerability in the Golden VM ...)
	NOT-FOR-US: Juniper
CVE-2019-0022 (Juniper ATP ships with hard coded credentials in the Cyphort Core inst ...)
	NOT-FOR-US: Juniper
CVE-2019-0021 (On Juniper ATP, secret passphrase CLI inputs, such as "set mcm", are l ...)
	NOT-FOR-US: Juniper
CVE-2019-0020 (Juniper ATP ships with hard coded credentials in the Web Collector ins ...)
	NOT-FOR-US: Juniper
CVE-2019-0019 (When BGP tracing is enabled an incoming BGP message may cause the Juno ...)
	NOT-FOR-US: Juniper
CVE-2019-0018 (A persistent cross-site scripting (XSS) vulnerability in the file uplo ...)
	NOT-FOR-US: Juniper
CVE-2019-0017 (The Junos Space application, which allows Device Image files to be upl ...)
	NOT-FOR-US: Juniper
CVE-2019-0016 (A malicious authenticated user may be able to delete a device from the ...)
	NOT-FOR-US: Juniper
CVE-2019-0015 (A vulnerability in the SRX Series Service Gateway allows deleted dynam ...)
	NOT-FOR-US: Juniper
CVE-2019-0014 (On QFX and PTX Series, receipt of a malformed packet for J-Flow sampli ...)
	NOT-FOR-US: Juniper
CVE-2019-0013 (The routing protocol daemon (RPD) process will crash and restart when  ...)
	NOT-FOR-US: Juniper
CVE-2019-0012 (A Denial of Service (DoS) vulnerability in BGP in Juniper Networks Jun ...)
	NOT-FOR-US: Juniper
CVE-2019-0011 (The Junos OS kernel crashes after processing a specific incoming packe ...)
	NOT-FOR-US: Juniper
CVE-2019-0010 (An SRX Series Service Gateway configured for Unified Threat Management ...)
	NOT-FOR-US: Juniper
CVE-2019-0009 (On EX2300 and EX3400 series, high disk I/O operations may disrupt the  ...)
	NOT-FOR-US: Juniper
CVE-2019-0008 (A certain sequence of valid BGP or IPv6 BFD packets may trigger a stac ...)
	NOT-FOR-US: Juniper
CVE-2019-0007 (The vMX Series software uses a predictable IP ID Sequence Number. This ...)
	NOT-FOR-US: Juniper
CVE-2019-0006 (A certain crafted HTTP packet can trigger an uninitialized function po ...)
	NOT-FOR-US: Juniper
CVE-2019-0005 (On EX2300, EX3400, EX4600, QFX3K and QFX5K series, firewall filter con ...)
	NOT-FOR-US: Juniper
CVE-2019-0004 (On Juniper ATP, the API key and the device key are logged in a file re ...)
	NOT-FOR-US: Juniper
CVE-2019-0003 (When a specific BGP flowspec configuration is enabled and upon receipt ...)
	NOT-FOR-US: Juniper
CVE-2019-0002 (On EX2300 and EX3400 series, stateless firewall filter configuration t ...)
	NOT-FOR-US: Juniper
CVE-2019-0001 (Receipt of a malformed packet on MX Series devices with dynamic vlan c ...)
	NOT-FOR-US: Juniper
CVE-2019-19920 (sa-exim 4.2.1 allows attackers to execute arbitrary code if they can w ...)
	{DLA-2062-1}
	- sa-exim 4.2.1-19 (bug #947198)
	[buster] - sa-exim <no-dsa> (Minor issue; can be fixed via point release)
	[stretch] - sa-exim <no-dsa> (Minor issue; can be fixed via point release)
	NOTE: https://bugs.debian.org/946829#24
	NOTE: https://marc.info/?l=spamassassin-users&m=157668107325768&w=2
	NOTE: https://marc.info/?l=spamassassin-users&m=157668305026635&w=2
	NOTE: The issue is "effectively" mitigating due to the CVE-2018-11805 fix in
	NOTE: spamassassin, making the Greylisting.pm non-functional (and so a functional
	NOTE: regression as well as tracked in #946829). The security implications are
	NOTE: as well documented in /usr/share/doc/sa-exim/README.greylisting.gz

© 2014-2024 Faster IT GmbH | imprint | privacy policy