Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
a9508831 by Salvatore Bonaccorso at 2026-02-07T10:09:10+01:00
Process some more NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -16,7 +16,7 @@ CVE-2026-2069 (A flaw has been found in ggml-org llama.cpp up
to 55abc39. Impact
- llama.cpp <unfixed>
NOTE: https://github.com/ggml-org/llama.cpp/issues/18988
CVE-2026-2068 (A vulnerability was detected in UTT \u8fdb\u53d6 520W
1.7.7-180627. Th ...)
- TODO: check
+ NOT-FOR-US: UTT
CVE-2026-2067 (A security vulnerability has been detected in UTT \u8fdb\u53d6
520W 1. ...)
NOT-FOR-US: UTT
CVE-2026-2066 (A weakness has been identified in UTT \u8fdb\u53d6 520W
1.7.7-180627. ...)
@@ -116,7 +116,7 @@ CVE-2026-1731 (BeyondTrust Remote Support (RS) and certain
older versions of Pri
CVE-2026-1727 (The Agentspace service was affected by a vulnerability that
exposed se ...)
TODO: check
CVE-2025-68621 (Trilium Notes is an open-source, cross-platform hierarchical
note taki ...)
- TODO: check
+ NOT-FOR-US: Trilium Notes
CVE-2025-31990 (Rate limiting for certain API calls is not being enforced,
making HCL ...)
NOT-FOR-US: HCL
CVE-2025-15491 (The Post Slides WordPress plugin through 1.0.1 does not
validate some ...)
@@ -132,51 +132,51 @@ CVE-2025-12159 (The Bold Page Builder plugin for
WordPress is vulnerable to Stor
CVE-2023-6763
REJECTED
CVE-2020-37171 (TapinRadio 2.12.3 contains a denial of service vulnerability
in the ap ...)
- TODO: check
+ NOT-FOR-US: TapinRadio
CVE-2020-37170 (TapinRadio 2.12.3 contains a denial of service vulnerability
in the ap ...)
- TODO: check
+ NOT-FOR-US: TapinRadio
CVE-2020-37166 (AbsoluteTelnet 11.12 contains a denial of service
vulnerability in the ...)
- TODO: check
+ NOT-FOR-US: AbsoluteTelnet
CVE-2020-37165 (AbsoluteTelnet 11.12 contains a denial of service
vulnerability that a ...)
- TODO: check
+ NOT-FOR-US: AbsoluteTelnet
CVE-2020-37164 (AbsoluteTelnet 11.12 contains a denial of service
vulnerability that a ...)
- TODO: check
+ NOT-FOR-US: AbsoluteTelnet
CVE-2020-37163 (QuickDate 1.3.2 contains a SQL injection vulnerability that
allows rem ...)
- TODO: check
+ NOT-FOR-US: QuickDate
CVE-2020-37162 (Wedding Slideshow Studio 1.36 contains a buffer overflow
vulnerability ...)
- TODO: check
+ NOT-FOR-US: Wedding Slideshow Studio
CVE-2020-37161 (Wedding Slideshow Studio 1.36 contains a buffer overflow
vulnerability ...)
- TODO: check
+ NOT-FOR-US: Wedding Slideshow Studio
CVE-2020-37160 (SprintWork 2.3.1 contains multiple local privilege escalation
vulnerab ...)
- TODO: check
+ NOT-FOR-US: SprintWork
CVE-2020-37159 (Parallaxis Cuckoo Clock 5.0 contains a buffer overflow
vulnerability t ...)
- TODO: check
+ NOT-FOR-US: Parallaxis Cuckoo Clock
CVE-2020-37157 (DBPower C300 HD Camera contains a configuration disclosure
vulnerabili ...)
- TODO: check
+ NOT-FOR-US: DBPower C300 HD Camera
CVE-2020-37155 (Core FTP Lite 1.3 contains a buffer overflow vulnerability in
the user ...)
- TODO: check
+ NOT-FOR-US: Core FTP Lite
CVE-2020-37154 (eLection 2.0 contains an authenticated SQL injection
vulnerability in ...)
- TODO: check
+ NOT-FOR-US: eLection
CVE-2020-37147 (ATutor 2.2.4 contains a SQL injection vulnerability in the
admin user ...)
- TODO: check
+ NOT-FOR-US: ATutor
CVE-2020-37146 (ACE Security WiP-90113 HD Camera contains a configuration
disclosure v ...)
- TODO: check
+ NOT-FOR-US: ACE Security WiP-90113 HD Camera
CVE-2020-37141 (AMSS++ version 4.31 contains a SQL injection vulnerability in
the mail ...)
- TODO: check
+ NOT-FOR-US: AMSS++
CVE-2020-37135 (AMSS++ 4.7 contains an authentication bypass vulnerability
that allows ...)
- TODO: check
+ NOT-FOR-US: AMSS++
CVE-2020-37122 (SpotFTP-FTP Password Recover 2.4.8 contains a denial of
service vulner ...)
- TODO: check
+ NOT-FOR-US: SpotFTP-FTP Password Recover
CVE-2020-37109 (aSc TimeTables 2020.11.4 contains a denial of service
vulnerability th ...)
- TODO: check
+ NOT-FOR-US: aSc TimeTables
CVE-2020-37107 (Core FTP LE 2.2 contains a denial of service vulnerability
that allows ...)
- TODO: check
+ NOT-FOR-US: Core FTP LE
CVE-2020-37106 (Business Live Chat Software 1.0 contains a cross-site request
forgery ...)
- TODO: check
+ NOT-FOR-US: Business Live Chat Software
CVE-2020-37095 (Cyberoam Authentication Client 2.1.2.7 contains a buffer
overflow vuln ...)
- TODO: check
+ NOT-FOR-US: Cyberoam Authentication Client
CVE-2020-37079 (Wing FTP Server versions prior to 6.2.7 contain a cross-site
request f ...)
- TODO: check
+ NOT-FOR-US: Wing FTP Server
CVE-2026-2100 [NULL dereference via C_DeriveKey with specific NULL parameters]
- p11-kit <unfixed>
NOTE: Fixed by:
https://github.com/p11-glue/p11-kit/commit/39f3b5ed3deccc2772e21ffb7d269329e3ecb600
(0.26.2)
@@ -701,7 +701,7 @@ CVE-2020-37126 (Free Desktop Clock 3.0 contains a stack
overflow vulnerability i
CVE-2020-37125 (Edimax EW-7438RPn-v3 Mini 1.27 contains a remote code
execution vulner ...)
NOT-FOR-US: Edimax
CVE-2020-37124 (B64dec 1.1.2 contains a buffer overflow vulnerability that
allows atta ...)
- TODO: check
+ NOT-FOR-US: B64dec
CVE-2020-37123 (Pinger 1.0 contains a remote code execution vulnerability that
allows ...)
NOT-FOR-US: Pinger
CVE-2020-37121 (CODE::BLOCKS 16.01 contains a buffer overflow vulnerability
that allow ...)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/a950883152966246ab3b3301b93051a6bb8a2e1b
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/a950883152966246ab3b3301b93051a6bb8a2e1b
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
