Moritz Muehlenhoff pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
f722c98a by Moritz Muehlenhoff at 2026-01-08T09:46:01+01:00
NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -23,11 +23,11 @@ CVE-2026-22185 (OpenLDAP Lightning Memory-Mapped Database
(LMDB) mdb_load contai
CVE-2026-22184 (zlib versions up to and including 1.3.1.2 contain a global
buffer over ...)
TODO: check
CVE-2026-22047 (iccDEV provides a set of libraries and tools that allow for
the intera ...)
- TODO: check
+ NOT-FOR-US: iccDEV
CVE-2026-22046 (iccDEV provides a set of libraries and tools that allow for
the intera ...)
- TODO: check
+ NOT-FOR-US: iccDEV
CVE-2026-22035 (Greenshot is an open source Windows screenshot utility.
Versions 1.3.3 ...)
- TODO: check
+ NOT-FOR-US: Greenshot
CVE-2026-21883 (Bokeh is an interactive visualization library written in
Python. In ve ...)
TODO: check
CVE-2026-21881 (Kanboard is project management software focused on Kanban
methodology. ...)
@@ -66,37 +66,37 @@ CVE-2026-21695 (Titra is open source project time tracking
software. In versions
CVE-2026-21694 (Titra is open source project time tracking software. Versions
0.99.49 ...)
TODO: check
CVE-2026-21693 (iccDEV provides a set of libraries and tools that allow for
the intera ...)
- TODO: check
+ NOT-FOR-US: iccDEV
CVE-2026-21692 (iccDEV provides a set of libraries and tools that allow for
the intera ...)
- TODO: check
+ NOT-FOR-US: iccDEV
CVE-2026-21691 (iccDEV provides a set of libraries and tools that allow for
the intera ...)
- TODO: check
+ NOT-FOR-US: iccDEV
CVE-2026-21690 (iccDEV provides a set of libraries and tools that allow for
the intera ...)
- TODO: check
+ NOT-FOR-US: iccDEV
CVE-2026-21689 (iccDEV provides a set of libraries and tools that allow for
the intera ...)
- TODO: check
+ NOT-FOR-US: iccDEV
CVE-2026-21688 (iccDEV provides a set of libraries and tools that allow for
the intera ...)
- TODO: check
+ NOT-FOR-US: iccDEV
CVE-2026-21687 (iccDEV provides a set of libraries and tools that allow for
the intera ...)
- TODO: check
+ NOT-FOR-US: iccDEV
CVE-2026-21686 (iccDEV provides a set of libraries and tools that allow for
the intera ...)
- TODO: check
+ NOT-FOR-US: iccDEV
CVE-2026-21685 (iccDEV provides a set of libraries and tools that allow for
the intera ...)
- TODO: check
+ NOT-FOR-US: iccDEV
CVE-2026-21684 (iccDEV provides a set of libraries and tools that allow for
the intera ...)
- TODO: check
+ NOT-FOR-US: iccDEV
CVE-2026-21683 (iccDEV provides a set of libraries and tools that allow for
the intera ...)
- TODO: check
+ NOT-FOR-US: iccDEV
CVE-2026-21682 (iccDEV provides a set of libraries and tools that allow for
the intera ...)
- TODO: check
+ NOT-FOR-US: iccDEV
CVE-2026-21681 (iccDEV provides a set of libraries and tools that allow for
the intera ...)
- TODO: check
+ NOT-FOR-US: iccDEV
CVE-2026-21441 (urllib3 is an HTTP client library for Python. urllib3's
streaming API ...)
TODO: check
CVE-2026-21427 (The installers for multiple products provided by PIONEER
CORPORATION c ...)
- TODO: check
+ NOT-FOR-US: Pioneer
CVE-2026-0707 (A flaw was found in Keycloak. The Keycloak Authorization header
parser ...)
- TODO: check
+ - keycloak <itp> (bug #1088287)
CVE-2026-0700 (A vulnerability was determined in code-projects Intern
Membership Mana ...)
NOT-FOR-US: code-projects
CVE-2026-0699 (A vulnerability was found in code-projects Intern Membership
Managemen ...)
@@ -106,25 +106,25 @@ CVE-2026-0698 (A vulnerability has been found in
code-projects Intern Membership
CVE-2026-0697 (A flaw has been found in code-projects Intern Membership
Management Sy ...)
NOT-FOR-US: code-projects
CVE-2025-69264 (pnpm is a package manager. Versions 10.0.0 through 10.25 allow
git-hos ...)
- TODO: check
+ NOT-FOR-US: pnpm
CVE-2025-69263 (pnpm is a package manager. Versions 10.26.2 and below store
HTTP tarba ...)
- TODO: check
+ NOT-FOR-US: pnpm
CVE-2025-69255 (RustFS is a distributed object storage system built in Rust.
In versio ...)
- TODO: check
+ NOT-FOR-US: RustFS
CVE-2025-69222 (LibreChat is a ChatGPT clone with additional features. Version
0.8.1-r ...)
- TODO: check
+ NOT-FOR-US: LibreChat
CVE-2025-69221 (LibreChat is a ChatGPT clone with additional features. Version
0.8.1-r ...)
- TODO: check
+ NOT-FOR-US: LibreChat
CVE-2025-69220 (LibreChat is a ChatGPT clone with additional features. Version
0.8.1-r ...)
- TODO: check
+ NOT-FOR-US: LibreChat
CVE-2025-68705 (RustFS is a distributed object storage system built in Rust.
In versio ...)
- TODO: check
+ NOT-FOR-US: RustFS
CVE-2025-66620 (An unused webshell in MicroServer allows unlimited login
attempts, wit ...)
- TODO: check
+ NOT-FOR-US: MicroServer
CVE-2025-64305 (MicroServer copies parts of the system firmware to an
unencrypted exte ...)
- TODO: check
+ NOT-FOR-US: MicroServer
CVE-2025-62224 (User interface (ui) misrepresentation of critical information
in Micro ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2025-15346 (A vulnerability in the handling of verify_mode = CERT_REQUIRED
in the ...)
TODO: check
CVE-2025-14275 (The Jeg Elementor Kit plugin for WordPress is vulnerable to
Stored Cro ...)
@@ -138,47 +138,47 @@ CVE-2025-12776 (The Report Builder component of the
application stores user inpu
CVE-2025-12640 (The Folders \u2013 Unlimited Folders to Organize Media Library
Folder, ...)
NOT-FOR-US: WordPress plugin
CVE-2023-7333 (A weakness has been identified in bluelabsio records-mover up
to 1.5.4 ...)
- TODO: check
+ NOT-FOR-US: bluelabsio records-mover
CVE-2019-25296 (The WP Cost Estimation plugin for WordPress is vulnerable to
arbitrary ...)
NOT-FOR-US: WordPress plugin
CVE-2019-25295 (The WP Cost Estimation plugin for WordPress is vulnerable to
Upload Di ...)
NOT-FOR-US: WordPress plugin
CVE-2019-25291 (INIM Electronics Smartliving SmartLAN/G/SI <=6.x contains
hard-coded c ...)
- TODO: check
+ NOT-FOR-US: INIM Electronics Smartliving
CVE-2019-25290 (Smartliving SmartLAN/G/SI <=6.x contains an unauthenticated
server-sid ...)
- TODO: check
+ NOT-FOR-US: Smartliving SmartLAN
CVE-2019-25289 (SmartLiving SmartLAN <=6.x contains an authenticated remote
command in ...)
- TODO: check
+ NOT-FOR-US: Smartliving SmartLAN
CVE-2019-25284 (V-SOL GPON/EPON OLT Platform v2.03 contains multiple reflected
cross-s ...)
- TODO: check
+ NOT-FOR-US: V-SOL GPON/EPON OLT Platform
CVE-2019-25282 (V-SOL GPON/EPON OLT Platform v2.03 contains an open redirect
vulnerabi ...)
- TODO: check
+ NOT-FOR-US: V-SOL GPON/EPON OLT Platform
CVE-2019-25280 (Yahei-PHP Prober 0.4.7 contains a remote HTML injection
vulnerability ...)
- TODO: check
+ NOT-FOR-US: Yahei-PHP Prober
CVE-2019-25279 (FaceSentry Access Control System 6.4.8 contains a cleartext
password s ...)
- TODO: check
+ NOT-FOR-US: FaceSentry Access Control System
CVE-2019-25278 (FaceSentry Access Control System 6.4.8 contains a cleartext
transmissi ...)
- TODO: check
+ NOT-FOR-US: FaceSentry Access Control System
CVE-2019-25277 (FaceSentry Access Control System 6.4.8 contains a cross-site
scripting ...)
- TODO: check
+ NOT-FOR-US: FaceSentry Access Control System
CVE-2019-25270 (SOCA Access Control System 180612 contains a cross-site
scripting vuln ...)
- TODO: check
+ NOT-FOR-US: SOCA Access Control System
CVE-2019-25268 (NREL BEopt 2.8.0.0 contains a DLL hijacking vulnerability that
allows ...)
- TODO: check
+ NOT-FOR-US: NREL BEopt
CVE-2019-25259 (Leica Geosystems GR10/GR25/GR30/GR50 GNSS 4.30.063 contains a
cross-si ...)
- TODO: check
+ NOT-FOR-US: Leica Geosystems
CVE-2019-25231 (devolo dLAN Cockpit 4.3.1 contains an unquoted service path
vulnerabil ...)
- TODO: check
+ NOT-FOR-US: devolo dLAN Cockpit
CVE-2017-20216 (FLIR Thermal Camera PT-Series firmware version 8.0.0.64
contains multi ...)
- TODO: check
+ NOT-FOR-US: FLIR Thermal cameras
CVE-2017-20215 (FLIR Thermal Camera FC-S/PT firmware version 8.0.0.64 contains
an auth ...)
- TODO: check
+ NOT-FOR-US: FLIR Thermal cameras
CVE-2017-20214 (FLIR Thermal Camera F/FC/PT/D firmware version 8.0.0.64
contains hard- ...)
- TODO: check
+ NOT-FOR-US: FLIR Thermal cameras
CVE-2017-20213 (FLIR Thermal Camera F/FC/PT/D Stream firmware version 8.0.0.64
contain ...)
- TODO: check
+ NOT-FOR-US: FLIR Thermal cameras
CVE-2017-20212 (FLIR Thermal Camera F/FC/PT/D firmware version 8.0.0.64
contains an in ...)
- TODO: check
+ NOT-FOR-US: FLIR Thermal cameras
CVE-2025-69262 (pnpm is a package manager. Versions 6.25.0 through 10.26.2
have a Comm ...)
NOT-FOR-US: pnpm
CVE-2025-3950
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/f722c98af937f6eea91bb00d0837551691fe5da3
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/f722c98af937f6eea91bb00d0837551691fe5da3
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
