[Git][security-tracker-team/security-tracker][master] three bogus CVEs from Vulncheck
Moritz Muehlenhoff (@jmm)
jmm at debian.org
Mon Apr 27 08:32:39 BST 2026
Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker
Commits:
e32e77ae by Moritz Muehlenhoff at 2026-04-27T09:32:00+02:00
three bogus CVEs from Vulncheck
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -36557,9 +36557,8 @@ CVE-2019-25340 (SpotAuditor 5.3.2 contains a denial of service vulnerability in
CVE-2019-25339 (GHIA CamIP 1.2 for iOS contains a denial of service vulnerability in t ...)
NOT-FOR-US: GHIA CamIP
CVE-2019-25338 (DokuWiki 2018-04-22b contains a username enumeration vulnerability in ...)
- - dokuwiki <undetermined>
- NOTE: https://www.exploit-db.com/exploits/47731
- TODO: check upstream status
+ NOTE: Bogus CVE assignment for DokuWiki, current scheme is by design:
+ NOTE: https://github.com/dokuwiki/dokuwiki/issues/2928
CVE-2019-25337 (OwnCloud 8.1.8 contains a username enumeration vulnerability that allo ...)
NOT-FOR-US: OwnCloud
CVE-2019-25336 (SpotAuditor 5.3.2 contains a local buffer overflow vulnerability in th ...)
@@ -42673,13 +42672,9 @@ CVE-2020-36971 (Nidesoft 3GP Video Converter 2.6.18 contains a local stack buffe
CVE-2020-36970 (PMB 5.6 contains a local file disclosure vulnerability in getgif.php t ...)
NOT-FOR-US: PMB
CVE-2020-36969 (M/Monit 3.7.4 contains a privilege escalation vulnerability that allow ...)
- - monit <undetermined>
- NOTE: https://www.exploit-db.com/exploits/49080
- TODO: check, unclear upstream status
+ NOTE: Bogus CVE assignment for Monit
CVE-2020-36968 (M/Monit 3.7.4 contains an authentication vulnerability that allows aut ...)
- - monit <undetermined>
- NOTE: https://www.exploit-db.com/exploits/49081
- TODO: check, unclear upstream status
+ NOTE: Bogus CVE assignment for Monit
CVE-2020-36967 (Zortam Mp3 Media Studio 27.60 contains a buffer overflow vulnerability ...)
NOT-FOR-US: Zortam Mp3 Media Studio
CVE-2020-36965 (docPrint Pro 8.0 contains a local buffer overflow vulnerability in the ...)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/e32e77ae3a8d2f6b14e59300fec382e8d497d7d1
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/e32e77ae3a8d2f6b14e59300fec382e8d497d7d1
You're receiving this email because of your account on salsa.debian.org. Manage all notifications: https://salsa.debian.org/-/profile/notifications | Help: https://salsa.debian.org/help
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20260427/8d011031/attachment.htm>
More information about the debian-security-tracker-commits
mailing list