Moritz Muehlenhoff pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
fbdc3ab3 by Moritz Muehlenhoff at 2026-02-09T16:30:17+01:00
NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -90,7 +90,7 @@ CVE-2026-1868 (GitLab has remediated a vulnerability in the
Duo Workflow Service
CVE-2026-1615 (All versions of the package jsonpath are vulnerable to
Arbitrary Code ...)
TODO: check
CVE-2026-0870 (MacroHub developed by GIGABYTE has a Local Privilege Escalation
vulner ...)
- TODO: check
+ NOT-FOR-US: MacroHub
CVE-2025-66608 (A vulnerability has been found in FAST/TOOLS provided by
Yokogawa Elec ...)
NOT-FOR-US: Yokogawa
CVE-2025-66607 (A vulnerability has been found in FAST/TOOLS provided by
Yokogawa Elec ...)
@@ -3179,7 +3179,7 @@ CVE-2026-1701 (A security vulnerability has been detected
in itsourcecode Studen
CVE-2026-1700 (A weakness has been identified in projectworlds House Rental
and Prope ...)
NOT-FOR-US: projectworlds House Rental and Property Listing
CVE-2026-1699 (In the Eclipse Theia Website repository, the GitHub Actions
workflow . ...)
- TODO: check
+ NOT-FOR-US: Eclipse Theia hosting
CVE-2026-1691 (A vulnerability has been found in bolo-solo up to 2.6.4. This
impacts ...)
NOT-FOR-US: bolo-solo
CVE-2026-1690 (A flaw has been found in Tenda HG10
US_HG7_HG9_HG10re_300001138_en_xpo ...)
@@ -4514,7 +4514,7 @@ CVE-2020-36941 (Knockpy 4.1.1 contains a CSV injection
vulnerability that allows
CVE-2020-36940 (Easy CD & DVD Cover Creator 4.13 contains a buffer overflow
vulnerabil ...)
NOT-FOR-US: Easy CD & DVD Cover Creator
CVE-2020-36939 (Cassandra Web 0.5.0 contains a directory traversal
vulnerability that ...)
- TODO: check
+ NOT-FOR-US: Cassandra Web
CVE-2020-36938 (WinAVR version 20100110 contains an insecure permissions
vulnerability ...)
NOT-FOR-US: WinAVR
CVE-2026-24883 (In GnuPG before 2.5.17, a long signature packet length causes
parse_si ...)
@@ -4726,7 +4726,7 @@ CVE-2026-24429 (Shenzhen Tenda W30E V2 firmware versions
up to and including V16
CVE-2026-24428 (Shenzhen Tenda W30E V2 firmware versions up to and including
V16.01.0. ...)
NOT-FOR-US: Tenda
CVE-2026-23864 (Multiple denial of service vulnerabilities exist in React
Server Compo ...)
- TODO: check
+ NOT-FOR-US: react-server-dom-webpack
CVE-2026-21509 (Reliance on untrusted inputs in a security decision in
Microsoft Offic ...)
NOT-FOR-US: Microsoft
CVE-2026-1446 (There is a Cross\u2011Site Scripting (XSS) issue in Esri ArcGIS
Pro ve ...)
@@ -896647,7 +896647,6 @@ CVE-2006-6895 (The Bluetooth stack in the Sony
Ericsson T60 does not properly im
CVE-2006-6894 (Multiple unspecified vulnerabilities in SPINE before 1.2 have
unknown ...)
NOT-FOR-US: SPINE
CVE-2006-6893 (Tor allows remote attackers to discover the IP address of a
hidden ser ...)
- - tor <unfixed> (unimportant)
NOTE: It could be argued that this is a laws-of-physics vulnerability
NOTE: that is a fundamental design limitation of certain hardware
NOTE: implementations.
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/fbdc3ab3dd6df4186ff0d7e4b2103259225bde6e
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/fbdc3ab3dd6df4186ff0d7e4b2103259225bde6e
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
