[Git][security-tracker-team/security-tracker][master] automatic NOT-FOR-US entries update

Salvatore Bonaccorso (@carnil) carnil at debian.org
Wed Feb 4 08:14:43 GMT 2026 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
e40baac0 by security tracker role at 2026-02-04T08:14:34+00:00
automatic NOT-FOR-US entries update

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -31,27 +31,27 @@ CVE-2026-22875 (Movable Type contains a stored cross-site scripting vulnerabilit
 CVE-2026-21393 (Movable Type contains a stored cross-site scripting vulnerability in E ...)
 	TODO: check
 CVE-2026-20987 (Improper input validation in GalaxyDiagnostics prior to version 3.5.05 ...)
-	TODO: check
+	NOT-FOR-US: Samsung Mobile
 CVE-2026-20986 (Path traversal in Samsung Members prior to Chinese version 15.5.05.4 a ...)
-	TODO: check
+	NOT-FOR-US: Samsung Mobile
 CVE-2026-20985 (Improper input validation in Samsung Members prior to version 5.6.00.1 ...)
-	TODO: check
+	NOT-FOR-US: Samsung Mobile
 CVE-2026-20984 (Improper handling of insufficient permission in Galaxy Wearable instal ...)
-	TODO: check
+	NOT-FOR-US: Samsung Mobile
 CVE-2026-20983 (Improper export of android application components in Samsung Dialer pr ...)
-	TODO: check
+	NOT-FOR-US: Samsung Mobile
 CVE-2026-20982 (Path traversal in ShortcutService prior to SMR Feb-2026 Release 1 allo ...)
-	TODO: check
+	NOT-FOR-US: Samsung Mobile
 CVE-2026-20981 (Improper input validation in FacAtFunction prior to SMR Feb-2026 Relea ...)
-	TODO: check
+	NOT-FOR-US: Samsung Mobile
 CVE-2026-20980 (Improper input validation in PACM prior to SMR Feb-2026 Release 1 allo ...)
-	TODO: check
+	NOT-FOR-US: Samsung Mobile
 CVE-2026-20979 (Improper privilege management in Settings prior to SMR Feb-2026 Releas ...)
-	TODO: check
+	NOT-FOR-US: Samsung Mobile
 CVE-2026-20978 (Improper authorization in KnoxGuardManager prior to SMR Feb-2026 Relea ...)
-	TODO: check
+	NOT-FOR-US: Samsung Mobile
 CVE-2026-20977 (Improper access control in Emergency Sharing prior to SMR Feb-2026 Rel ...)
-	TODO: check
+	NOT-FOR-US: Samsung Mobile
 CVE-2026-1835 (A vulnerability was identified in lcg0124 BootDo up to e93dd428ef6f5c8 ...)
 	TODO: check
 CVE-2026-1819 (Improper Neutralization of Input During Web Page Generation (XSS or 'C ...)
@@ -67,9 +67,9 @@ CVE-2026-1810 (A vulnerability was detected in bolo-blog bolo-solo up to 2.6.4.
 CVE-2026-1791 (Unrestricted Upload of File with Dangerous Type vulnerability in Hills ...)
 	TODO: check
 CVE-2026-1756 (The WP FOFT Loader plugin for WordPress is vulnerable to arbitrary fil ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2026-1755 (The Menu Icons by ThemeIsle plugin for WordPress is vulnerable to Stor ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2026-1633 (The Synectix LAN 232 TRIO 3-Port serial to ethernet adapter exposes it ...)
 	TODO: check
 CVE-2026-1632 (MOMA Seismic Station Version v2.4.2520 and prior exposes its web manag ...)
@@ -81,21 +81,21 @@ CVE-2025-69621 (An arbitrary file overwrite vulnerability in the file import pro
 CVE-2025-69620 (A path traversal in Moo Chan Song v4.5.7 allows attackers to cause a D ...)
 	TODO: check
 CVE-2025-65081 (An out-of-bounds read vulnerability has been identified in the Postscr ...)
-	TODO: check
+	NOT-FOR-US: Lexmark
 CVE-2025-65080 (A type confusion vulnerability has been identified in the Postscript i ...)
-	TODO: check
+	NOT-FOR-US: Lexmark
 CVE-2025-65079 (A heap-based buffer overflow vulnerability has been identified in the  ...)
-	TODO: check
+	NOT-FOR-US: Lexmark
 CVE-2025-65078 (An untrusted search path vulnerability has been identified in the Embe ...)
-	TODO: check
+	NOT-FOR-US: Lexmark
 CVE-2025-65077 (A relative path traversal vulnerability has been identified in the Emb ...)
-	TODO: check
+	NOT-FOR-US: Lexmark
 CVE-2025-36094 (IBM Cloud Pak for Business Automation 25.0.0 through 25.0.0 Interim Fi ...)
-	TODO: check
+	NOT-FOR-US: IBM
 CVE-2025-36033 (IBM Engineering Lifecycle Management - Global Configuration Management ...)
-	TODO: check
+	NOT-FOR-US: IBM
 CVE-2025-33081 (IBM Concert 1.0.0 through 2.1.0 stores potentially sensitive informati ...)
-	TODO: check
+	NOT-FOR-US: IBM
 CVE-2025-29867 (Access of Resource Using Incompatible Type ('Type Confusion') vulnerab ...)
 	TODO: check
 CVE-2020-37097 (Edimax EW-7438RPn 1.13 contains an information disclosure vulnerabilit ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/e40baac07b1b1e1630bfd61d0bddc47bf3d55fa2

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/e40baac07b1b1e1630bfd61d0bddc47bf3d55fa2
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20260204/6c29579a/attachment-0001.htm>

More information about the debian-security-tracker-commits mailing list