Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
740ebc0c by security tracker role at 2026-03-05T20:14:10+00:00
automatic NOT-FOR-US entries update
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,9 +1,9 @@
CVE-2026-3598 (Use of a Broken or Risky Cryptographic Algorithm vulnerability
in rust ...)
TODO: check
CVE-2026-3459 (The Drag and Drop Multiple File Upload - Contact Form 7 plugin
for Wor ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2026-3236 (In affected versions of Octopus Server it was possible to
create a new ...)
- TODO: check
+ NOT-FOR-US: Octopus Deploy
CVE-2026-3047 (A flaw was found in org.keycloak.broker.saml. When a disabled
Security ...)
TODO: check
CVE-2026-3009 (A security flaw in the IdentityBrokerService.performLogin
endpoint of ...)
@@ -35,7 +35,7 @@ CVE-2026-30784 (Missing Authorization, Missing Authentication
for Critical Funct
CVE-2026-30783 (A vulnerability in rustdesk-client RustDesk Client
rustdesk-client on ...)
TODO: check
CVE-2026-2599 (The Database for Contact Form 7, WPforms, Elementor forms
plugin for W ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2026-29054 (Traefik is an HTTP reverse proxy and load balancer. From
version 2.11. ...)
TODO: check
CVE-2026-28790 (OliveTin gives access to predefined shell commands from a web
interfac ...)
@@ -43,17 +43,17 @@ CVE-2026-28790 (OliveTin gives access to predefined shell
commands from a web in
CVE-2026-28789 (OliveTin gives access to predefined shell commands from a web
interfac ...)
TODO: check
CVE-2026-28551 (Race condition vulnerability in the device security management
module. ...)
- TODO: check
+ NOT-FOR-US: Huawei
CVE-2026-28549 (Race condition vulnerability in the permission management
service.Impa ...)
- TODO: check
+ NOT-FOR-US: Huawei
CVE-2026-28548 (Vulnerability of improper verification in the email
application.Impact ...)
- TODO: check
+ NOT-FOR-US: Huawei
CVE-2026-28547 (Vulnerability of uninitialized pointer access in the scanning
module.I ...)
- TODO: check
+ NOT-FOR-US: Huawei
CVE-2026-28546 (Buffer overflow vulnerability in the scanning module.Impact:
Successfu ...)
- TODO: check
+ NOT-FOR-US: Huawei
CVE-2026-28542 (Permission bypass vulnerability in the system service
framework.Impact ...)
- TODO: check
+ NOT-FOR-US: Huawei
CVE-2026-28353 (Trivy Vulnerability Scanner is a VS Code extension that helps
find vul ...)
TODO: check
CVE-2026-28350 (lxml_html_clean is a project for HTML cleaning functionalities
copied ...)
@@ -119,27 +119,27 @@ CVE-2026-25048 (xgrammar is an open-source library for
efficient, flexible, and
CVE-2026-24457 (An unsafe parsing of OpenMQ's configuration, allows a remote
attacker ...)
TODO: check
CVE-2026-21628 (A improperly secured file management feature allows uploads of
dangero ...)
- TODO: check
+ NOT-FOR-US: Joomla
CVE-2026-21621 (Incorrect Authorization vulnerability in hexpm hexpm/hexpm
('Elixir.He ...)
TODO: check
CVE-2026-1720 (The WowOptin: Next-Gen Popup Maker \u2013 Create Stunning
Popups and O ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2026-1605 (In Eclipse Jetty, versions 12.0.0-12.0.31 and 12.1.0-12.0.5,
class Gzi ...)
TODO: check
CVE-2025-7375 (A denial-of-service (DoS) vulnerability was identified in Omada
EAP610 ...)
- TODO: check
+ NOT-FOR-US: TPLink
CVE-2025-70616 (A stack buffer overflow vulnerability exists in the Wincor
Nixdorf wnB ...)
TODO: check
CVE-2025-70233 (Stack buffer overflow vulnerability in D-Link DIR-513 v1.10
via the cu ...)
- TODO: check
+ NOT-FOR-US: D-Link
CVE-2025-70232 (Stack buffer overflow vulnerability in D-Link DIR-513 v1.10
via the cu ...)
- TODO: check
+ NOT-FOR-US: D-Link
CVE-2025-70231 (D-Link DIR-513 version 1.10 contains a critical-level
vulnerability. W ...)
- TODO: check
+ NOT-FOR-US: D-Link
CVE-2025-70230 (Stack buffer overflow vulnerability in D-Link DIR-513 v1.10
via the cu ...)
- TODO: check
+ NOT-FOR-US: D-Link
CVE-2025-70229 (Stack buffer overflow vulnerability in D-Link DIR-513 v1.10
via the cu ...)
- TODO: check
+ NOT-FOR-US: D-Link
CVE-2025-69534 (Python-Markdown version 3.8 contain a vulnerability where
malformed HT ...)
TODO: check
CVE-2025-64166 (Mercurius is a GraphQL adapter for Fastify. Prior to version
16.4.0, a ...)
@@ -147,7 +147,7 @@ CVE-2025-64166 (Mercurius is a GraphQL adapter for Fastify.
Prior to version 16.
CVE-2025-45691 (An Arbitrary File Read vulnerability exists in the
ImageTextPromptValu ...)
TODO: check
CVE-2025-29165 (An issue in D-Link DIR-1253 MESH V1.6.1684 allows an attacker
to escal ...)
- TODO: check
+ NOT-FOR-US: D-Link
CVE-2025-13476 (Rakuten Viber Cloak mode in Android v25.7.2.0g and Windows
v25.6.0.0\u ...)
TODO: check
CVE-2025-13350 (Ubuntu Linux 6.8 GA retains the legacy AF_UNIX garbage
collector but b ...)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/740ebc0cde4981aea3e17c25cf56349b3db865c9
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/740ebc0cde4981aea3e17c25cf56349b3db865c9
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
