[Git][security-tracker-team/security-tracker][master] Process some more NFUs

Sat Feb 7 09:09:32 GMT 2026


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
a9508831 by Salvatore Bonaccorso at 2026-02-07T10:09:10+01:00
Process some more NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -16,7 +16,7 @@ CVE-2026-2069 (A flaw has been found in ggml-org llama.cpp up to 55abc39. Impact
 	- llama.cpp <unfixed>
 	NOTE: https://github.com/ggml-org/llama.cpp/issues/18988
 CVE-2026-2068 (A vulnerability was detected in UTT \u8fdb\u53d6 520W 1.7.7-180627. Th ...)
-	TODO: check
+	NOT-FOR-US: UTT
 CVE-2026-2067 (A security vulnerability has been detected in UTT \u8fdb\u53d6 520W 1. ...)
 	NOT-FOR-US: UTT
 CVE-2026-2066 (A weakness has been identified in UTT \u8fdb\u53d6 520W 1.7.7-180627.  ...)
@@ -116,7 +116,7 @@ CVE-2026-1731 (BeyondTrust Remote Support (RS) and certain older versions of Pri
 CVE-2026-1727 (The Agentspace service was affected by a vulnerability that exposed se ...)
 	TODO: check
 CVE-2025-68621 (Trilium Notes is an open-source, cross-platform hierarchical note taki ...)
-	TODO: check
+	NOT-FOR-US: Trilium Notes
 CVE-2025-31990 (Rate limiting for certain API calls is not being enforced, making HCL  ...)
 	NOT-FOR-US: HCL
 CVE-2025-15491 (The Post Slides WordPress plugin through 1.0.1 does not validate some  ...)
@@ -132,51 +132,51 @@ CVE-2025-12159 (The Bold Page Builder plugin for WordPress is vulnerable to Stor
 CVE-2023-6763
 	REJECTED
 CVE-2020-37171 (TapinRadio 2.12.3 contains a denial of service vulnerability in the ap ...)
-	TODO: check
+	NOT-FOR-US: TapinRadio
 CVE-2020-37170 (TapinRadio 2.12.3 contains a denial of service vulnerability in the ap ...)
-	TODO: check
+	NOT-FOR-US: TapinRadio
 CVE-2020-37166 (AbsoluteTelnet 11.12 contains a denial of service vulnerability in the ...)
-	TODO: check
+	NOT-FOR-US: AbsoluteTelnet
 CVE-2020-37165 (AbsoluteTelnet 11.12 contains a denial of service vulnerability that a ...)
-	TODO: check
+	NOT-FOR-US: AbsoluteTelnet
 CVE-2020-37164 (AbsoluteTelnet 11.12 contains a denial of service vulnerability that a ...)
-	TODO: check
+	NOT-FOR-US: AbsoluteTelnet
 CVE-2020-37163 (QuickDate 1.3.2 contains a SQL injection vulnerability that allows rem ...)
-	TODO: check
+	NOT-FOR-US: QuickDate
 CVE-2020-37162 (Wedding Slideshow Studio 1.36 contains a buffer overflow vulnerability ...)
-	TODO: check
+	NOT-FOR-US: Wedding Slideshow Studio
 CVE-2020-37161 (Wedding Slideshow Studio 1.36 contains a buffer overflow vulnerability ...)
-	TODO: check
+	NOT-FOR-US: Wedding Slideshow Studio
 CVE-2020-37160 (SprintWork 2.3.1 contains multiple local privilege escalation vulnerab ...)
-	TODO: check
+	NOT-FOR-US: SprintWork
 CVE-2020-37159 (Parallaxis Cuckoo Clock 5.0 contains a buffer overflow vulnerability t ...)
-	TODO: check
+	NOT-FOR-US: Parallaxis Cuckoo Clock
 CVE-2020-37157 (DBPower C300 HD Camera contains a configuration disclosure vulnerabili ...)
-	TODO: check
+	NOT-FOR-US: DBPower C300 HD Camera
 CVE-2020-37155 (Core FTP Lite 1.3 contains a buffer overflow vulnerability in the user ...)
-	TODO: check
+	NOT-FOR-US: Core FTP Lite
 CVE-2020-37154 (eLection 2.0 contains an authenticated SQL injection vulnerability in  ...)
-	TODO: check
+	NOT-FOR-US: eLection
 CVE-2020-37147 (ATutor 2.2.4 contains a SQL injection vulnerability in the admin user  ...)
-	TODO: check
+	NOT-FOR-US: ATutor
 CVE-2020-37146 (ACE Security WiP-90113 HD Camera contains a configuration disclosure v ...)
-	TODO: check
+	NOT-FOR-US: ACE Security WiP-90113 HD Camera
 CVE-2020-37141 (AMSS++ version 4.31 contains a SQL injection vulnerability in the mail ...)
-	TODO: check
+	NOT-FOR-US: AMSS++
 CVE-2020-37135 (AMSS++ 4.7 contains an authentication bypass vulnerability that allows ...)
-	TODO: check
+	NOT-FOR-US: AMSS++
 CVE-2020-37122 (SpotFTP-FTP Password Recover 2.4.8 contains a denial of service vulner ...)
-	TODO: check
+	NOT-FOR-US: SpotFTP-FTP Password Recover
 CVE-2020-37109 (aSc TimeTables 2020.11.4 contains a denial of service vulnerability th ...)
-	TODO: check
+	NOT-FOR-US: aSc TimeTables
 CVE-2020-37107 (Core FTP LE 2.2 contains a denial of service vulnerability that allows ...)
-	TODO: check
+	NOT-FOR-US: Core FTP LE
 CVE-2020-37106 (Business Live Chat Software 1.0 contains a cross-site request forgery  ...)
-	TODO: check
+	NOT-FOR-US: Business Live Chat Software
 CVE-2020-37095 (Cyberoam Authentication Client 2.1.2.7 contains a buffer overflow vuln ...)
-	TODO: check
+	NOT-FOR-US: Cyberoam Authentication Client
 CVE-2020-37079 (Wing FTP Server versions prior to 6.2.7 contain a cross-site request f ...)
-	TODO: check
+	NOT-FOR-US: Wing FTP Server
 CVE-2026-2100 [NULL dereference via C_DeriveKey with specific NULL parameters]
 	- p11-kit <unfixed>
 	NOTE: Fixed by: https://github.com/p11-glue/p11-kit/commit/39f3b5ed3deccc2772e21ffb7d269329e3ecb600 (0.26.2)
@@ -701,7 +701,7 @@ CVE-2020-37126 (Free Desktop Clock 3.0 contains a stack overflow vulnerability i
 CVE-2020-37125 (Edimax EW-7438RPn-v3 Mini 1.27 contains a remote code execution vulner ...)
 	NOT-FOR-US: Edimax
 CVE-2020-37124 (B64dec 1.1.2 contains a buffer overflow vulnerability that allows atta ...)
-	TODO: check
+	NOT-FOR-US: B64dec
 CVE-2020-37123 (Pinger 1.0 contains a remote code execution vulnerability that allows  ...)
 	NOT-FOR-US: Pinger
 CVE-2020-37121 (CODE::BLOCKS 16.01 contains a buffer overflow vulnerability that allow ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/a950883152966246ab3b3301b93051a6bb8a2e1b

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/a950883152966246ab3b3301b93051a6bb8a2e1b
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20260207/cc1a8a9f/attachment.htm>
