Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
e92e35b9 by security tracker role at 2026-07-04T19:13:26+00:00
automatic update

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,3 +1,65 @@
+CVE-2026-14647 (A weakness has been identified in onnx up to 1.21.x. This 
vulnerabilit ...)
+       TODO: check
+CVE-2026-14642 (A vulnerability was identified in SourceCodester Class and 
Exam Timeta ...)
+       TODO: check
+CVE-2026-14641 (A vulnerability was determined in SourceCodester Class and 
Exam Timeta ...)
+       TODO: check
+CVE-2026-14640 (A vulnerability was found in CodeAstro Apartment Visitor 
Management Sy ...)
+       TODO: check
+CVE-2026-14639 (A vulnerability has been found in CodeAstro Ecommerce Website 
1.0. Thi ...)
+       TODO: check
+CVE-2026-14638 (A flaw has been found in itsourcecode Hospital Management 
System 1.0.  ...)
+       TODO: check
+CVE-2026-14637 (A security vulnerability has been detected in kirilkirkov 
Ecommerce-Co ...)
+       TODO: check
+CVE-2026-14636 (A weakness has been identified in kirilkirkov 
Ecommerce-CodeIgniter-Bo ...)
+       TODO: check
+CVE-2026-14635 (A security flaw has been discovered in kirilkirkov 
Ecommerce-CodeIgnit ...)
+       TODO: check
+CVE-2026-14634 (A vulnerability was identified in kirilkirkov 
Ecommerce-CodeIgniter-Bo ...)
+       TODO: check
+CVE-2026-14633 (A vulnerability was determined in kirilkirkov 
Ecommerce-CodeIgniter-Bo ...)
+       TODO: check
+CVE-2026-14632 (A vulnerability was found in kirilkirkov 
Ecommerce-CodeIgniter-Bootstr ...)
+       TODO: check
+CVE-2026-14630 (A vulnerability has been found in ForceInjection 
AI-fundermentals 2.0/ ...)
+       TODO: check
+CVE-2026-14629 (A flaw has been found in RT-Thread up to 5.2.2. Affected is 
the functi ...)
+       TODO: check
+CVE-2026-14628 (A vulnerability was detected in NousResearch hermes-agent up 
to 2026.5 ...)
+       TODO: check
+CVE-2026-14627 (A security vulnerability has been detected in NousResearch 
hermes-agen ...)
+       TODO: check
+CVE-2026-14626 (A weakness has been identified in NousResearch hermes-agent up 
to 2026 ...)
+       TODO: check
+CVE-2026-14625 (A security flaw has been discovered in NousResearch 
hermes-agent up to ...)
+       TODO: check
+CVE-2026-14624 (A vulnerability was identified in omec-project amf up to 
2.0.2/2.1.1.  ...)
+       TODO: check
+CVE-2026-14623 (A vulnerability was determined in omec-project amf up to 
2.1.1. This i ...)
+       TODO: check
+CVE-2026-14622 (A vulnerability was found in jairiidriss 
restaurant-website-php-mysql  ...)
+       TODO: check
+CVE-2026-14621 (A vulnerability has been found in FederatedAI FATE up to 
2.2.0. This a ...)
+       TODO: check
+CVE-2026-14619 (A flaw has been found in itsourcecode Hospital Management 
System 1.0.  ...)
+       TODO: check
+CVE-2026-14535 (In Trail of Bits fickling versions up to and including 0.1.11, 
the Uns ...)
+       TODO: check
+CVE-2026-14534 (Trail of Bits fickling versions up to and including 0.1.10 do 
not incl ...)
+       TODO: check
+CVE-2026-12746 (Dancer2::Plugin::Auth::OAuth::Provider versions before 0.23 
for Perl d ...)
+       TODO: check
+CVE-2026-12740 (Plack::Middleware::OAuth versions through 0.10 for Perl do not 
support ...)
+       TODO: check
+CVE-2026-12196 (HestiaCP panel cronjob feature is affected by a broken access 
control  ...)
+       TODO: check
+CVE-2026-12195 (myVesta is affected by an authenticated remote code execution 
vulnerab ...)
+       TODO: check
+CVE-2026-12194 (PHPIPAM is affected by an authenticated local file inclusion 
vulnerabi ...)
+       TODO: check
+CVE-2025-13475 (In multi-tenanted deployments, the application consent 
management mech ...)
+       TODO: check
 CVE-2026-XXXX [RUSTSEC-2026-0185]
        - rust-quinn-proto <unfixed>
        [trixie] - rust-quinn-proto <no-dsa> (Minor issue)
@@ -15,21 +77,21 @@ CVE-2026-XXXX [RUSTSEC-2026-0186]
        [trixie] - rust-memmap2 <no-dsa> (Minor issue)
        NOTE: https://rustsec.org/advisories/RUSTSEC-2026-0186.html
        NOTE: https://github.com/RazrFalcon/memmap2-rs/commit/cee7cf0 (v0.9.11)
-CVE-2026-53360 [KVM: SEV: Require in-GHCB scratch area if GHCB v2+ is in use]
+CVE-2026-53360 (In the Linux kernel, the following vulnerability has been 
resolved:  K ...)
        - linux 7.0.12-1
        [trixie] - linux 6.12.94-1
        [bookworm] - linux <not-affected> (Vulnerable code not present)
        [bullseye] - linux <not-affected> (Vulnerable code not present)
        NOTE: 
https://git.kernel.org/linus/db3f2195d29344a3cf1e9dd9ab7f21ced7308cf7 (7.1-rc6)
-CVE-2026-53362 [ipv6: account for fraggap on the paged allocation path]
+CVE-2026-53362 (In the Linux kernel, the following vulnerability has been 
resolved:  i ...)
        - linux 7.1.3-1
        [bullseye] - linux <not-affected> (Vulnerable code not present)
        NOTE: 
https://git.kernel.org/linus/736b380e28d0480c7bc3e022f1950f31fe53a7c5 (7.2-rc1)
-CVE-2026-53361 [af_unix: Set gc_in_progress to true in unix_gc().]
+CVE-2026-53361 (In the Linux kernel, the following vulnerability has been 
resolved:  a ...)
        - linux 7.1.3-1
        [bullseye] - linux <not-affected> (Vulnerable code not present)
        NOTE: 
https://git.kernel.org/linus/d82ba05263c69fa2437fe93e4e561cc40f4c03af (7.1-rc3)
-CVE-2026-53359 [KVM: x86: Fix shadow paging use-after-free due to unexpected 
role]
+CVE-2026-53359 (In the Linux kernel, the following vulnerability has been 
resolved:  K ...)
        - linux 7.1.3-1
        NOTE: 
https://git.kernel.org/linus/81ccda30b4e83d8f5cc4fd50503c44e3a33abfeb (7.2-rc1)
 CVE-2026-49297
@@ -430,6 +492,7 @@ CVE-2026-10055 (In Eclipse Theia since version 1.26.0, the 
backend /services/req
 CVE-2026-10054 (In affected versions of Eclipse Theia (1.8.1 and later), the 
browser b ...)
        NOT-FOR-US: Eclipse
 CVE-2026-14355 (In PHP versions 8.2.* before 8.2.32, 8.3.* before 8.3.32, 
8.4.* before ...)
+       {DSA-6377-1 DLA-4669-1}
        - php8.4 8.4.23-1
        - php8.2 <removed>
        - php7.4 <removed>
@@ -231853,7 +231916,7 @@ CVE-2024-10972 (Velocidex WinPmem versions 4.1 and 
below suffer from an Improper
 CVE-2024-10095 (In Progress Telerik UI for WPF versions prior to 2024 Q4 
(2024.4.1213) ...)
        NOT-FOR-US: Telerik
 CVE-2024-55919 [Improper input validation on generic SSO login]
-       {DLA-4027-1}
+       {DLA-4668-1 DLA-4027-1}
        - sympa 6.2.74~dfsg-1 (bug #1090188)
        NOTE: https://www.sympa.community/security/2024-001.html
        NOTE: Patch: 
https://github.com/sympa-community/sympa/releases/download/6.2.74/sympa-6.2.72-sa-2024-001-r1.patch



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/e92e35b9c8f89daa336b9eb650a5ea479b2ff482

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/e92e35b9c8f89daa336b9eb650a5ea479b2ff482
You're receiving this email because of your account on salsa.debian.org. Manage 
all notifications: https://salsa.debian.org/-/profile/notifications | Help: 
https://salsa.debian.org/help


_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

Reply via email to