[Git][security-tracker-team/security-tracker][master] automatic NOT-FOR-US entries update

[Salvatore Bonaccorso (@carnil)]

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
e8efbf14 by security tracker role at 2026-01-13T08:13:29+00:00
automatic NOT-FOR-US entries update

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -47,51 +47,51 @@ CVE-2026-22213 (RIOT OS versions up to and including 
2026.01-devel-317 contain a
 CVE-2026-22212 (TinyOS versions up to and including 2.1.2 contain a 
stack-based buffer ...)
        TODO: check
 CVE-2026-0514 (Due to a Cross-Site Scripting (XSS) vulnerability in SAP 
Business Conn ...)
-       TODO: check
+       NOT-FOR-US: SAP
 CVE-2026-0513 (Due to an Open Redirect Vulnerability in SAP Supplier 
Relationship Man ...)
-       TODO: check
+       NOT-FOR-US: SAP
 CVE-2026-0511 (SAP Fiori App Intercompany Balance Reconciliation does not 
perform nec ...)
-       TODO: check
+       NOT-FOR-US: SAP
 CVE-2026-0510 (The User Management Engine (UME) in NetWeaver Application 
Server for J ...)
-       TODO: check
+       NOT-FOR-US: SAP
 CVE-2026-0507 (Due to an OS Command Injection vulnerability in SAP Application 
Server ...)
-       TODO: check
+       NOT-FOR-US: SAP
 CVE-2026-0506 (Due to a Missing Authorization Check vulnerability in 
Application Serv ...)
-       TODO: check
+       NOT-FOR-US: SAP
 CVE-2026-0504 (Due to insufficient input handling, the SAP Identity Management 
REST i ...)
-       TODO: check
+       NOT-FOR-US: SAP
 CVE-2026-0503 (Due to missing authorization check in the SAP ERP Central 
Component (S ...)
-       TODO: check
+       NOT-FOR-US: SAP
 CVE-2026-0501 (Due to insufficient input validation in SAP S/4HANA Private 
Cloud and  ...)
-       TODO: check
+       NOT-FOR-US: SAP
 CVE-2026-0500 (Due to the usage of vulnerable third party component in SAP 
Wily Intro ...)
-       TODO: check
+       NOT-FOR-US: SAP
 CVE-2026-0499 (SAP NetWeaver Enterprise Portal allows an unauthenticated 
attacker to  ...)
-       TODO: check
+       NOT-FOR-US: SAP
 CVE-2026-0498 (SAP S/4HANA (Private Cloud and On-Premise) allows an attacker 
with adm ...)
-       TODO: check
+       NOT-FOR-US: SAP
 CVE-2026-0497 (SAP Product Designer Web UI of Business Server Pages allows 
authentica ...)
-       TODO: check
+       NOT-FOR-US: SAP
 CVE-2026-0496 (SAP Fiori App Intercompany Balance Reconciliation allows an 
attacker w ...)
-       TODO: check
+       NOT-FOR-US: SAP
 CVE-2026-0495 (SAP Fiori App Intercompany Balance Reconciliation allows an 
attacker w ...)
-       TODO: check
+       NOT-FOR-US: SAP
 CVE-2026-0494 (Under certain conditions SAP Fiori App Intercompany Balance 
Reconcilia ...)
-       TODO: check
+       NOT-FOR-US: SAP
 CVE-2026-0493 (Due to a Cross-Site Request Forgery (CSRF) vulnerability in SAP 
Fiori  ...)
-       TODO: check
+       NOT-FOR-US: SAP
 CVE-2026-0492 (SAP HANA database is vulnerable to privilege escalation 
allowing an at ...)
-       TODO: check
+       NOT-FOR-US: SAP
 CVE-2026-0491 (SAP Landscape Transformation allows an attacker with admin 
privileges  ...)
-       TODO: check
+       NOT-FOR-US: SAP
 CVE-2025-67147 (Multiple SQL Injection vulnerabilities exist in 
amansuryawanshi Gym-Ma ...)
        TODO: check
 CVE-2025-67146 (Multiple SQL Injection vulnerabilities exist in AbhishekMali21 
GYM-MAN ...)
        TODO: check
 CVE-2025-66177 (There is a Stack overflow Vulnerability in the device Search 
and Disco ...)
-       TODO: check
+       NOT-FOR-US: Hikvision
 CVE-2025-66176 (There is a Stack overflow Vulnerability in the device Search 
and Disco ...)
-       TODO: check
+       NOT-FOR-US: Hikvision
 CVE-2025-41717 (An unauthenticated remote attacker can trick a high privileged 
user in ...)
        TODO: check
 CVE-2025-29329 (Buffer Overflow in the ippprint (Internet Printing Protocol) 
service i ...)
@@ -99,11 +99,11 @@ CVE-2025-29329 (Buffer Overflow in the ippprint (Internet 
Printing Protocol) ser
 CVE-2025-15514 (Ollama 0.11.5-rc0 through current version 0.13.5 contain a 
null pointe ...)
        TODO: check
 CVE-2025-14829 (The E-xact | Hosted Payment | WordPress plugin through 2.0 is 
vulnerab ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2025-12420 (A vulnerability has been identified in the ServiceNow AI 
Platform that ...)
-       TODO: check
+       NOT-FOR-US: ServiceNow
 CVE-2025-10915 (The Dreamer Blog WordPress theme through 1.2 is vulnerable to 
arbitrar ...)
-       TODO: check
+       NOT-FOR-US: WordPress plugin
 CVE-2024-58340 (LangChain versions up to and including 0.3.1 contain a regular 
express ...)
        TODO: check
 CVE-2024-58339 (LlamaIndex (run-llama/llama_index) versions up to and 
including 0.12.2 ...)



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/e8efbf141c74d4a3aa2d304ccd57a5803ef4abec

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/e8efbf141c74d4a3aa2d304ccd57a5803ef4abec
You're receiving this email because of your account on salsa.debian.org.



_______________________________________________
debian-security-tracker-commits mailing list
debian-security-tracker-commits@alioth-lists.debian.net
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits