Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
57542580 by Salvatore Bonaccorso at 2026-01-05T21:26:27+01:00
Process some NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,9 +1,9 @@
CVE-2026-21635 (An Improper Access Control could allow a malicious actor in
Wi-Fi rang ...)
- TODO: check
+ NOT-FOR-US: Ubiquiti
CVE-2026-21634 (A malicious actor with access to the adjacent network could
overflow t ...)
- TODO: check
+ NOT-FOR-US: Ubiquiti
CVE-2026-21633 (A malicious actor with access to the adjacent network could
obtain una ...)
- TODO: check
+ NOT-FOR-US: Ubiquiti
CVE-2026-0597 (A flaw has been found in Campcodes Supplier Management System
1.0. Aff ...)
NOT-FOR-US: Campcodes
CVE-2026-0592 (A security flaw has been discovered in code-projects Online
Product Re ...)
@@ -15,9 +15,9 @@ CVE-2026-0590 (A vulnerability was determined in
code-projects Online Product Re
CVE-2026-0589 (A vulnerability was found in code-projects Online Product
Reservation ...)
NOT-FOR-US: code-projects
CVE-2026-0588 (A weakness has been identified in Xinhu Rainrock RockOA up to
2.7.1. A ...)
- TODO: check
+ NOT-FOR-US: Xinhu Rainrock RockOA
CVE-2026-0587 (A security flaw has been discovered in Xinhu Rainrock RockOA up
to 2.7 ...)
- TODO: check
+ NOT-FOR-US: Xinhu Rainrock RockOA
CVE-2026-0586 (A vulnerability was detected in code-projects Online Product
Reservati ...)
NOT-FOR-US: code-projects
CVE-2026-0585 (A security vulnerability has been detected in code-projects
Online Pro ...)
@@ -53,15 +53,15 @@ CVE-2025-68029 (Insertion of Sensitive Information Into
Sent Data vulnerability
CVE-2025-68014 (Insertion of Sensitive Information Into Sent Data
vulnerability in Awe ...)
NOT-FOR-US: WordPress plugin or theme
CVE-2025-67427 (A Blind Server-Side Request Forgery (SSRF) vulnerability in
evershop 2 ...)
- TODO: check
+ NOT-FOR-US: EverShop
CVE-2025-67419 (A Denial of Service (DoS) vulnerability in evershop 2.1.0 and
prior al ...)
- TODO: check
+ NOT-FOR-US: EverShop
CVE-2025-67397 (An issue in Passy v.1.6.3 allows a remote authenticated
attacker to ex ...)
- TODO: check
+ NOT-FOR-US: Passy
CVE-2025-67316 (An issue in realme Internet browser v.45.13.4.1 allows a
remote attack ...)
- TODO: check
+ NOT-FOR-US: realme Internet browser
CVE-2025-67315 (Cross Site Request Forgery vulnerability in Employee Leave
Management ...)
- TODO: check
+ NOT-FOR-US: Employee Leave Management System
CVE-2025-67303 (An issue in ComfyUI-Manager prior to version 3.38 allowed
remote attac ...)
TODO: check
CVE-2025-66518 (Any client who can access to Apache Kyuubi Server via Kyuubi
frontend ...)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/575425801ea3a079d56793e7947244c05a0320a6
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/575425801ea3a079d56793e7947244c05a0320a6
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
