Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
2f3e1516 by security tracker role at 2026-02-01T20:13:13+00:00
automatic update
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,3 +1,67 @@
+CVE-2023-54343 (QWE DL 2.0.1 mobile web application contains a persistent
input valida ...)
+ TODO: check
+CVE-2022-50952 (Banco Guayaquil 8.0.0 mobile iOS application contains a
persistent cro ...)
+ TODO: check
+CVE-2022-50951 (WiFi File Transfer 1.0.8 contains a persistent cross-site
scripting vu ...)
+ TODO: check
+CVE-2022-50950 (Webile 1.0.1 contains a directory traversal vulnerability that
allows ...)
+ TODO: check
+CVE-2022-50942 (Inciga Web 2.8.2 contains a client-side cross-site scripting
vulnerabi ...)
+ TODO: check
+CVE-2022-50941 (BootCommerce 3.2.1 contains persistent input validation
vulnerabilitie ...)
+ TODO: check
+CVE-2022-50940 (Knap Advanced PHP Login 3.1.3 contains a persistent cross-site
scripti ...)
+ TODO: check
+CVE-2022-50797 (Stripe Green Downloads Wordpress Plugin 2.03 contains a
persistent cro ...)
+ TODO: check
+CVE-2021-47921 (Free Photo & Video Vault 0.0.2 contains a directory traversal
web vuln ...)
+ TODO: check
+CVE-2021-47920 (WebMO Job Manager 20.0 contains a cross-site scripting
vulnerability i ...)
+ TODO: check
+CVE-2021-47919 (Simple CMS 2.1 contains a non-persistent cross-site scripting
vulnerab ...)
+ TODO: check
+CVE-2021-47918 (Simple CMS 2.1 contains a remote SQL injection vulnerability
that allo ...)
+ TODO: check
+CVE-2021-47917 (Simple CMS 2.1 contains a persistent cross-site scripting
vulnerabilit ...)
+ TODO: check
+CVE-2021-47916 (Simple CMS 2.1 contains a remote SQL injection vulnerability
that allo ...)
+ TODO: check
+CVE-2021-47915 (PHP Melody version 3.0 contains a remote SQL injection
vulnerability i ...)
+ TODO: check
+CVE-2021-47914 (PHP Melody version 3.0 contains a persistent cross-site
scripting vuln ...)
+ TODO: check
+CVE-2021-47913 (PHP Melody 3.0 contains a persistent cross-site scripting
vulnerabilit ...)
+ TODO: check
+CVE-2021-47912 (PHP Melody version 3.0 contains multiple non-persistent
cross-site scr ...)
+ TODO: check
+CVE-2021-47911 (Affiliate Pro 1.7 contains multiple reflected cross-site
scripting vul ...)
+ TODO: check
+CVE-2021-47909 (Mult-E-Cart Ultimate 2.4 contains multiple SQL injection
vulnerabiliti ...)
+ TODO: check
+CVE-2021-47908 (Ultimate POS 4.4 contains a persistent cross-site scripting
vulnerabil ...)
+ TODO: check
+CVE-2021-47885 (Multiple payment terminal versions contain non-persistent
cross-site s ...)
+ TODO: check
+CVE-2021-47856 (Easy Cart Shopping Cart 2021 contains a non-persistent
cross-site scri ...)
+ TODO: check
+CVE-2020-37064 (EPSON EasyMP Network Projection 2.81 contains an unquoted
service path ...)
+ TODO: check
+CVE-2020-37063 (TFTP Turbo 4.6.1273 contains an unquoted service path
vulnerability th ...)
+ TODO: check
+CVE-2020-37062 (DHCP Turbo 4.61298 contains an unquoted service path
vulnerability tha ...)
+ TODO: check
+CVE-2020-37061 (BOOTP Turbo 2.0.1214 contains an unquoted service path
vulnerability t ...)
+ TODO: check
+CVE-2020-37055 (SpyHunter 4 contains an unquoted service path vulnerability
that allow ...)
+ TODO: check
+CVE-2020-37048 (Iskysoft Application Framework Service 2.4.3.241 contains an
unquoted ...)
+ TODO: check
+CVE-2020-37047 (Deep Instinct Windows Agent 1.2.29.0 contains an unquoted
service path ...)
+ TODO: check
+CVE-2020-37045 (Veritas NetBackup 7.0 contains an unquoted service path
vulnerability ...)
+ TODO: check
+CVE-2020-37037 (Avast SecureLine 5.5.522.0 contains an unquoted service path
vulnerabi ...)
+ TODO: check
CVE-2026-25069 (SunFounder Pironman Dashboard (pm_dashboard) version 1.3.13
and prior ...)
NOT-FOR-US: SunFounder Pironman Dashboard (pm_dashboard)
CVE-2026-1165 (The Popup Box plugin for WordPress is vulnerable to Cross-Site
Request ...)
@@ -4073,7 +4137,8 @@ CVE-2021-47855 (Openlitespeed 1.7.9 contains a stored
cross-site scripting vulne
NOT-FOR-US: OpenLiteSpeed
CVE-2021-47854 (DD-WRT version 45723 contains a buffer overflow vulnerability
in the U ...)
NOT-FOR-US: DD-WRT
-CVE-2021-47853 (phpPgAdmin 7.13.0 contains a remote command execution
vulnerability th ...)
+CVE-2021-47853
+ REJECTED
- phppgadmin <undetermined>
NOTE: https://www.exploit-db.com/exploits/49736
CVE-2021-47852 (Rockstar Games Launcher 1.0.37.349 contains a privilege
escalation vul ...)
@@ -5321,7 +5386,7 @@ CVE-2026-23528 (Dask distributed is a distributed task
scheduler for Dask. Prior
CVE-2026-23523 (Dive is an open-source MCP Host Desktop Application that
enables integ ...)
NOT-FOR-US: Dive
CVE-2026-23490 (pyasn1 is a generic ASN.1 library for Python. Prior to 0.6.2,
a Denial ...)
- {DSA-6114-1}
+ {DSA-6114-1 DLA-4463-1}
- pyasn1 0.6.2-1 (bug #1125753)
NOTE:
https://github.com/pyasn1/pyasn1/security/advisories/GHSA-63vm-454h-vhhq
NOTE: Fixed by:
https://github.com/pyasn1/pyasn1/commit/3908f144229eed4df24bd569d16e5991ace44970
(v0.6.2)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/2f3e15166e9f84c7c9ae9d86a188d2552f58ebd6
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/2f3e15166e9f84c7c9ae9d86a188d2552f58ebd6
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
