[Git][security-tracker-team/security-tracker][master] 2 commits: Add CVE-2016-20038/ytree

[Salvatore Bonaccorso (@carnil)]

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
6ddb7805 by Salvatore Bonaccorso at 2026-03-28T21:57:13+01:00
Add CVE-2016-20038/ytree

- - - - -
48d6b5a1 by Salvatore Bonaccorso at 2026-03-28T21:58:22+01:00
Add ancient issue for xwpe

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -91,9 +91,11 @@ CVE-2016-20040 (TiEmu 3.03-nogdb+dfsg-3 contains a buffer overflow vulnerability
 CVE-2016-20039 (Multi Emulator Super System 0.154-3.1 contains a buffer overflow vulne ...)
 	NOT-FOR-US: Multi Emulator Super System
 CVE-2016-20038 (yTree 1.94-1.1 contains a stack-based buffer overflow vulnerability th ...)
-	TODO: check
+	- ytree <undetermined>
+	NOTE: https://www.exploit-db.com/exploits/39406
 CVE-2016-20037 (xwpe 1.5.30a-2.1 and prior contains a stack-based buffer overflow vuln ...)
-	TODO: check
+	- xwpe <undetermined>
+	NOTE: https://www.exploit-db.com/exploits/39285
 CVE-2026-3256 (HTTP::Session versions through 0.53 for Perl defaults to using insecur ...)
 	NOT-FOR-US: HTTP::Session Perl module
 CVE-2025-15604 (Amon2 versions before 6.17 for Perl use an insecure random_string impl ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/79855cf1a43beabd8a8277bd4bccdea14a6f321a...48d6b5a11581d64d155253a7ac66ed47b99641c1

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/79855cf1a43beabd8a8277bd4bccdea14a6f321a...48d6b5a11581d64d155253a7ac66ed47b99641c1
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20260328/80c7f70f/attachment.htm>