[Git][security-tracker-team/security-tracker][master] NFUs

Moritz Muehlenhoff (@jmm) jmm at debian.org
Thu Jan 22 10:41:29 GMT 2026 


Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker


Commits:
6ff11cd2 by Moritz Muehlenhoff at 2026-01-22T11:41:07+01:00
NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -11,15 +11,15 @@ CVE-2026-23755 (D-Link D-View 8 versions 2.0.1.107 and below contain an uncontro
 CVE-2026-23754 (D-Link D-View 8 versions 2.0.1.107 and below contain an improper acces ...)
 	NOT-FOR-US: D-Link
 CVE-2026-20109 (Multiple vulnerabilities in the web-based management interface of Cisc ...)
-	TODO: check
+	NOT-FOR-US: Cisco
 CVE-2026-20092 (A vulnerability in the read-only maintenance shell of Cisco Intersight ...)
-	TODO: check
+	NOT-FOR-US: Cisco
 CVE-2026-20080 (A vulnerability in the SSH service of Cisco IEC6400 Wireless Backhaul  ...)
-	TODO: check
+	NOT-FOR-US: Cisco
 CVE-2026-20055 (Multiple vulnerabilities in the web-based management interface of Cisc ...)
-	TODO: check
+	NOT-FOR-US: Cisco
 CVE-2026-20045 (A vulnerability in Cisco Unified Communications Manager (Unified CM),  ...)
-	TODO: check
+	NOT-FOR-US: Cisco
 CVE-2026-1290 (Authentication Bypass by Primary Weakness vulnerability in Jamf Jamf P ...)
 	NOT-FOR-US: Jamf
 CVE-2026-0834 (Logic vulnerability in TP-Link Archer C20 v6.0 and Archer AX53 v1.0 (T ...)
@@ -128,53 +128,53 @@ CVE-2021-47866 (WIN-PACK PRO 4.8 contains an unquoted service path vulnerability
 CVE-2021-47865 (ProFTPD 1.3.7a contains a denial of service vulnerability that allows  ...)
 	TODO: check
 CVE-2021-47864 (OSAS Traverse Extension 11 contains an unquoted service path vulnerabi ...)
-	TODO: check
+	NOT-FOR-US: OSAS Traverse Extension
 CVE-2021-47863 (MacPaw Encrypto 1.0.1 contains an unquoted service path vulnerability  ...)
 	NOT-FOR-US: MacPaw Encrypto
 CVE-2021-47862 (Hi-Rez Studios 5.1.6.3 contains an unquoted service path vulnerability ...)
 	NOT-FOR-US: Hi-Rez Studios
 CVE-2021-47861 (Event Log Explorer 4.9.3 contains an unquoted service path vulnerabili ...)
-	TODO: check
+	NOT-FOR-US: Event Log Explorer
 CVE-2021-47860 (GetSimple CMS Custom JS 0.1 plugin contains a cross-site request forge ...)
 	NOT-FOR-US: GetSimple CMS Custom JS plugin
 CVE-2021-47859 (ActivIdentity 8.2 contains an unquoted service path vulnerability in t ...)
-	TODO: check
+	NOT-FOR-US: ActivIdentity
 CVE-2021-47858 (Genexis Platinum-4410 P4410-V2-1.31A contains a stored cross-site scri ...)
-	TODO: check
+	NOT-FOR-US: Genexis Platinum-4410
 CVE-2021-47857 (Moodle 3.10.3 contains a persistent cross-site scripting vulnerability ...)
 	- moodle <removed>
 CVE-2021-47855 (Openlitespeed 1.7.9 contains a stored cross-site scripting vulnerabili ...)
-	TODO: check
+	NOT-FOR-US: OpenLiteSpeed
 CVE-2021-47854 (DD-WRT version 45723 contains a buffer overflow vulnerability in the U ...)
-	TODO: check
+	NOT-FOR-US: DD-WRT
 CVE-2021-47853 (phpPgAdmin 7.13.0 contains a remote command execution vulnerability th ...)
 	TODO: check
 CVE-2021-47852 (Rockstar Games Launcher 1.0.37.349 contains a privilege escalation vul ...)
-	TODO: check
+	NOT-FOR-US: Rockstar Games Launcher
 CVE-2021-47851 (Mini Mouse 9.2.0 contains a remote code execution vulnerability that a ...)
-	TODO: check
+	NOT-FOR-US: Mini Mouse
 CVE-2021-47850 (Mini Mouse 9.2.0 contains a path traversal vulnerability that allows r ...)
-	TODO: check
+	NOT-FOR-US: Mini Mouse
 CVE-2021-47849 (Mini Mouse 9.3.0 contains a path traversal vulnerability that allows a ...)
-	TODO: check
+	NOT-FOR-US: Mini Mouse
 CVE-2021-47848 (Blitar Tourism 1.0 contains an authentication bypass vulnerability tha ...)
-	TODO: check
+	NOT-FOR-US: Blitar Tourism
 CVE-2021-47846 (Digital Crime Report Management System 1.0 contains a critical SQL inj ...)
-	TODO: check
+	NOT-FOR-US: Digital Crime Report Management System
 CVE-2021-47830 (GetSimple CMS My SMTP Contact Plugin 1.1.1 contains a cross-site reque ...)
-	TODO: check
+	NOT-FOR-US: GetSimple CMS My SMTP Contact Plugin
 CVE-2021-47817 (OpenEMR 5.0.2.1 contains a cross-site scripting vulnerability that all ...)
 	NOT-FOR-US: OpenEMR
 CVE-2021-47802 (Tenda D151 and D301 routers contain an unauthenticated configuration d ...)
 	NOT-FOR-US: Tenda
 CVE-2021-47778 (GetSimple CMS My SMTP Contact Plugin 1.1.2 contains a PHP code injecti ...)
-	TODO: check
+	NOT-FOR-US: GetSimple CMS My SMTP Contact Plugin
 CVE-2021-47770 (OpenPLC v3 contains an authenticated remote code execution vulnerabili ...)
-	TODO: check
+	NOT-FOR-US: OpenPLC
 CVE-2021-47748 (Hasura GraphQL 1.3.3 contains a remote code execution vulnerability th ...)
 	TODO: check
 CVE-2021-47746 (NodeBB Plugin Emoji 3.2.1 contains an arbitrary file write vulnerabili ...)
-	TODO: check
+	NOT-FOR-US: NodeBB Plugin Emoji
 CVE-2026-22977 (In the Linux kernel, the following vulnerability has been resolved:  n ...)
 	- linux <unfixed>
 	NOTE: https://git.kernel.org/linus/2a71a1a8d0ed718b1c7a9ac61f07e5755c47ae20 (6.19-rc5)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/6ff11cd24e1e9098e821dfafe2167ba1d13e7558

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/6ff11cd24e1e9098e821dfafe2167ba1d13e7558
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20260122/d1934dde/attachment-0001.htm>

More information about the debian-security-tracker-commits mailing list