Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
484c63a9 by security tracker role at 2026-01-19T08:12:20+00:00
automatic update
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,4 +1,50 @@
-CVE-2026-0943
+CVE-2026-23829 (Mailpit is an email testing tool and API for developers. Prior
to vers ...)
+ TODO: check
+CVE-2026-23733 (LobeChat is an open source chat application platform. Prior to
version ...)
+ TODO: check
+CVE-2026-23644 (esm.sh is a no-build content delivery network (CDN) for web
developmen ...)
+ TODO: check
+CVE-2026-23626 (Kimai is a web-based multi-user time-tracking application.
Prior to ve ...)
+ TODO: check
+CVE-2026-23525 (1Panel is an open-source, web-based control panel for Linux
server man ...)
+ TODO: check
+CVE-2026-1144 (A vulnerability was detected in quickjs-ng quickjs up to
0.11.0. Affec ...)
+ TODO: check
+CVE-2026-1143 (A weakness has been identified in TOTOLINK A3700R
9.1.2u.5822_B2020051 ...)
+ TODO: check
+CVE-2026-1142 (A security flaw has been discovered in PHPGurukul News Portal
1.0. The ...)
+ TODO: check
+CVE-2026-1141 (A vulnerability was identified in PHPGurukul News Portal 1.0.
The affe ...)
+ TODO: check
+CVE-2026-1140 (A vulnerability was found in UTT \u8fdb\u53d6 520W
1.7.7-180627. This ...)
+ TODO: check
+CVE-2026-1139 (A vulnerability has been found in UTT \u8fdb\u53d6 520W
1.7.7-180627. ...)
+ TODO: check
+CVE-2026-1138 (A flaw has been found in UTT \u8fdb\u53d6 520W 1.7.7-180627.
This affe ...)
+ TODO: check
+CVE-2026-1137 (A vulnerability was detected in UTT \u8fdb\u53d6 520W
1.7.7-180627. Af ...)
+ TODO: check
+CVE-2026-1136 (A weakness has been identified in lcg0124 BootDo up to
e93dd428ef6f5c8 ...)
+ TODO: check
+CVE-2026-1135 (A security flaw has been discovered in itsourcecode Society
Management ...)
+ TODO: check
+CVE-2026-1134 (A vulnerability was identified in itsourcecode Society
Management Syst ...)
+ TODO: check
+CVE-2026-1133 (A vulnerability was determined in Yonyou KSOA 9.0. The impacted
elemen ...)
+ TODO: check
+CVE-2026-1132 (A vulnerability was found in Yonyou KSOA 9.0. The affected
element is ...)
+ TODO: check
+CVE-2026-1131 (A vulnerability has been found in Yonyou KSOA 9.0. Impacted is
an unkn ...)
+ TODO: check
+CVE-2026-1130 (A flaw has been found in Yonyou KSOA 9.0. This issue affects
some unkn ...)
+ TODO: check
+CVE-2026-1129 (A vulnerability was detected in Yonyou KSOA 9.0. This
vulnerability af ...)
+ TODO: check
+CVE-2025-15539 (A vulnerability was determined in Open5GS up to 2.7.6.
Impacted is the ...)
+ TODO: check
+CVE-2025-15538 (A security vulnerability has been detected in Open Asset
Import Librar ...)
+ TODO: check
+CVE-2026-0943 (HarfBuzz::Shaper versions before 0.032 for Perl contains a
bundled lib ...)
- libharfbuzz-shaper-perl <not-affected> (Vulnerable code not present)
NOTE: Debian packaging HarfBuzz strips sources from upstream tarball
since initial
NOTE: upload to the archive.
@@ -5301,12 +5347,14 @@ CVE-2025-69414 (Plex Media Server (PMS) through
1.42.2.10156 allows retrieval of
CVE-2025-69284 (Plane is an an open-source project management tool. In
plane.io, a gue ...)
NOT-FOR-US: Plane
CVE-2025-67269 (An integer underflow vulnerability exists in the `nextstate()`
functio ...)
+ {DLA-4441-1}
- gpsd <unfixed> (bug #1124799)
[trixie] - gpsd <no-dsa> (Minor issue)
[bookworm] - gpsd <no-dsa> (Minor issue)
NOTE:
https://github.com/Jaenact/gspd_cve/blob/main/CVE-2025-67269/README.md
NOTE: Fixed by:
https://gitlab.com/gpsd/gpsd/-/commit/ffa1d6f40bca0b035fc7f5e563160ebb67199da7
(release-3.27.1)
CVE-2025-67268 (gpsd before commit dc966aa contains a heap-based out-of-bounds
write v ...)
+ {DLA-4441-1}
- gpsd <unfixed> (bug #1124800)
[trixie] - gpsd <no-dsa> (Minor issue)
[bookworm] - gpsd <no-dsa> (Minor issue)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/484c63a9663a1ce798285412098c51fd8cd287d9
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/484c63a9663a1ce798285412098c51fd8cd287d9
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
