Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
2a9b5e95 by security tracker role at 2026-02-02T20:13:40+00:00
automatic NOT-FOR-US entries update
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -3,63 +3,63 @@ CVE-2026-24071 (It was found that the XPC service offered by
the privileged help
CVE-2026-24070 (During the installation of the Native Access application, a
privileged ...)
TODO: check
CVE-2026-22229 (A command injection vulnerability may be exploited after the
admin's a ...)
- TODO: check
+ NOT-FOR-US: TP-Link
CVE-2026-22227 (A command injection vulnerability may be exploited after the
admin's a ...)
- TODO: check
+ NOT-FOR-US: TP-Link
CVE-2026-22226 (A command injection vulnerability may be exploited after the
admin's a ...)
- TODO: check
+ NOT-FOR-US: TP-Link
CVE-2026-22225 (A command injection vulnerability may be exploited after the
admin's a ...)
TODO: check
CVE-2026-22224 (A command injection vulnerability may be exploited after the
admin's a ...)
- TODO: check
+ NOT-FOR-US: TP-Link
CVE-2026-22223 (An OS Command Injection vulnerability in TP-Link Archer BE230
v1.2(vpn ...)
- TODO: check
+ NOT-FOR-US: TP-Link
CVE-2026-22222 (An OS Command Injection vulnerability in TP-Link Archer BE230
v1.2(web ...)
- TODO: check
+ NOT-FOR-US: TP-Link
CVE-2026-22221 (An OS Command Injection vulnerability in TP-Link Archer BE230
v1.2(vpn ...)
- TODO: check
+ NOT-FOR-US: TP-Link
CVE-2026-20422 (In Modem, there is a possible system crash due to improper
input valid ...)
- TODO: check
+ NOT-FOR-US: MediaTek
CVE-2026-20421 (In Modem, there is a possible system crash due to improper
input valid ...)
- TODO: check
+ NOT-FOR-US: MediaTek
CVE-2026-20420 (In Modem, there is a possible system crash due to incorrect
error hand ...)
- TODO: check
+ NOT-FOR-US: MediaTek
CVE-2026-20419 (In wlan AP/STA firmware, there is a possible system becoming
irrespons ...)
- TODO: check
+ NOT-FOR-US: MediaTek
CVE-2026-20418 (In Thread, there is a possible out of bounds write due to a
missing bo ...)
- TODO: check
+ NOT-FOR-US: MediaTek
CVE-2026-20417 (In pcie, there is a possible out of bounds write due to a
missing boun ...)
- TODO: check
+ NOT-FOR-US: MediaTek
CVE-2026-20415 (In imgsys, there is a possible memory corruption due to
improper locki ...)
- TODO: check
+ NOT-FOR-US: MediaTek
CVE-2026-20414 (In imgsys, there is a possible escalation of privilege due to
use afte ...)
- TODO: check
+ NOT-FOR-US: MediaTek
CVE-2026-20413 (In imgsys, there is a possible out of bounds write due to a
missing bo ...)
- TODO: check
+ NOT-FOR-US: MediaTek
CVE-2026-20412 (In cameraisp, there is a possible out of bounds write due to a
missing ...)
- TODO: check
+ NOT-FOR-US: MediaTek
CVE-2026-20411 (In cameraisp, there is a possible escalation of privilege due
to use a ...)
- TODO: check
+ NOT-FOR-US: MediaTek
CVE-2026-20410 (In imgsys, there is a possible out of bounds write due to a
missing bo ...)
- TODO: check
+ NOT-FOR-US: MediaTek
CVE-2026-20409 (In imgsys, there is a possible out of bounds write due to a
missing bo ...)
- TODO: check
+ NOT-FOR-US: MediaTek
CVE-2026-20408 (In wlan, there is a possible out of bounds write due to a heap
buffer ...)
- TODO: check
+ NOT-FOR-US: MediaTek
CVE-2026-20407 (In wlan STA driver, there is a possible escalation of
privilege due to ...)
- TODO: check
+ NOT-FOR-US: MediaTek
CVE-2026-20406 (In Modem, there is a possible system crash due to an uncaught
exceptio ...)
- TODO: check
+ NOT-FOR-US: MediaTek
CVE-2026-20405 (In Modem, there is a possible system crash due to a missing
bounds che ...)
- TODO: check
+ NOT-FOR-US: MediaTek
CVE-2026-20404 (In Modem, there is a possible system crash due to improper
input valid ...)
- TODO: check
+ NOT-FOR-US: MediaTek
CVE-2026-20403 (In Modem, there is a possible system crash due to a missing
bounds che ...)
- TODO: check
+ NOT-FOR-US: MediaTek
CVE-2026-20402 (In Modem, there is a possible system crash due to improper
input valid ...)
- TODO: check
+ NOT-FOR-US: MediaTek
CVE-2026-20401 (In Modem, there is a possible system crash due to an uncaught
exceptio ...)
- TODO: check
+ NOT-FOR-US: MediaTek
CVE-2026-1770 (Improper Control of Dynamically-Managed Code Resources
vulnerability i ...)
TODO: check
CVE-2026-1761 (A flaw was found in libsoup. This stack-based buffer overflow
vulnerab ...)
@@ -73,7 +73,7 @@ CVE-2026-1751 (A vulnerability has been discovered in GitLab
CE/EE affecting all
CVE-2026-1703 (When pip is installing and extracting a maliciously crafted
wheel arch ...)
TODO: check
CVE-2026-1232 (A medium-severity vulnerability has been identified in
BeyondTrust Pri ...)
- TODO: check
+ NOT-FOR-US: BeyondTrust
CVE-2026-1186 (EAP Legislator is vulnerable to Path Traversal in file
extraction func ...)
TODO: check
CVE-2026-1117 (A vulnerability in the `lollms_generation_events.py` component
of pari ...)
@@ -81,13 +81,13 @@ CVE-2026-1117 (A vulnerability in the
`lollms_generation_events.py` component of
CVE-2026-0921
REJECTED
CVE-2026-0631 (An OS Command Injection vulnerability in TP-Link Archer BE230
v1.2(vpn ...)
- TODO: check
+ NOT-FOR-US: TP-Link
CVE-2026-0630 (An OS Command Injection vulnerability in TP-Link Archer BE230
v1.2(web ...)
- TODO: check
+ NOT-FOR-US: TP-Link
CVE-2026-0599 (A vulnerability in huggingface/text-generation-inference
version 3.3.6 ...)
TODO: check
CVE-2025-9974 (The unified WEBUI application of the ONT/Beacon device contains
an inp ...)
- TODO: check
+ NOT-FOR-US: Nokia
CVE-2025-8587 (Improper Neutralization of Special Elements used in an SQL
Command ('S ...)
TODO: check
CVE-2025-7105 (A vulnerability in danny-avila/librechat allows attackers to
exploit t ...)
@@ -95,35 +95,35 @@ CVE-2025-7105 (A vulnerability in danny-avila/librechat
allows attackers to expl
CVE-2025-6208 (The `SimpleDirectoryReader` component in `llama_index.core`
version 0. ...)
TODO: check
CVE-2025-47402 (Transient DOS when processing a received frame with an
excessively lar ...)
- TODO: check
+ NOT-FOR-US: Qualcomm
CVE-2025-47399 (Memory Corruption while processing IOCTL call to update sensor
propert ...)
- TODO: check
+ NOT-FOR-US: Qualcomm
CVE-2025-47398 (Memory Corruption while deallocating graphics processing unit
memory b ...)
- TODO: check
+ NOT-FOR-US: Qualcomm
CVE-2025-47397 (Memory Corruption when initiating GPU memory mapping using
scatter-gat ...)
- TODO: check
+ NOT-FOR-US: Qualcomm
CVE-2025-47366 (Cryptographic issue when a Trusted Zone with outdated code is
triggere ...)
- TODO: check
+ NOT-FOR-US: Qualcomm
CVE-2025-47364 (Memory corruption while calculating offset from partition
start point.)
- TODO: check
+ NOT-FOR-US: Qualcomm
CVE-2025-47363 (Memory corruption when calculating oversized partition sizes
without p ...)
- TODO: check
+ NOT-FOR-US: Qualcomm
CVE-2025-47359 (Memory Corruption when multiple threads simultaneously access
a memory ...)
- TODO: check
+ NOT-FOR-US: Qualcomm
CVE-2025-47358 (Memory Corruption when user space address is modified and
passed to me ...)
- TODO: check
+ NOT-FOR-US: Qualcomm
CVE-2025-15395 (IBM Jazz Foundation7.0.3 through7.0.3 iFix019 and7.1.0
through7.1.0 iF ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2025-14914 (IBM WebSphere Application Server Liberty 17.0.0.3 through
26.0.0.1coul ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2025-10279 (In mlflow version 2.20.3, the temporary directory used for
creating Py ...)
- TODO: check
+ NOT-FOR-US: mlflow
CVE-2024-5986 (A vulnerability in h2oai/h2o-3 version 3.46.0.1 allows remote
attacker ...)
TODO: check
CVE-2024-5386 (In lunary-ai/lunary version 1.2.2, an account hijacking
vulnerability ...)
TODO: check
CVE-2024-54263 (Improper Control of Filename for Include/Require Statement in
PHP Prog ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2024-4147 (In lunary-ai/lunary version 1.2.13, an insufficient granularity
of acc ...)
TODO: check
CVE-2024-2356 (A Local File Inclusion (LFI) vulnerability exists in the
'/reinstall_e ...)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/2a9b5e953e1f2296cb33bf989a571b66e408322b
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/2a9b5e953e1f2296cb33bf989a571b66e408322b
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
