Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
77471908 by security tracker role at 2026-01-27T20:14:20+00:00
automatic NOT-FOR-US entries update
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -15,7 +15,7 @@ CVE-2026-24869 (Use-after-free in the Layout: Scrolling and
Overflow component.
CVE-2026-24868 (Mitigation bypass in the Privacy: Anti-Tracking component.
This vulner ...)
TODO: check
CVE-2026-24858 (An Authentication Bypass Using an Alternate Path or Channel
vulnerabil ...)
- TODO: check
+ NOT-FOR-US: Fortinet
CVE-2026-24832 (Out-of-bounds Write vulnerability in ixray-team
ixray-1.6-stcop.This i ...)
TODO: check
CVE-2026-24831 (Loop with Unreachable Exit Condition ('Infinite Loop')
vulnerability i ...)
@@ -123,9 +123,9 @@ CVE-2026-23892 (OctoPrint provides a web interface for
controlling consumer 3D p
CVE-2026-23881 (Kyverno is a policy engine designed for cloud native platform
engineer ...)
TODO: check
CVE-2026-23593 (A vulnerability in the web-based management interface of HPE
Aruba Net ...)
- TODO: check
+ NOT-FOR-US: HPE
CVE-2026-23592 (Insecure file operations in HPE Aruba Networking Fabric
Composer\xe2\u ...)
- TODO: check
+ NOT-FOR-US: HPE
CVE-2026-22264 (Suricata is a network IDS, IPS and NSM engine. Prior to
version 8.0.3 ...)
TODO: check
CVE-2026-22263 (Suricata is a network IDS, IPS and NSM engine. Starting in
version 8.0 ...)
@@ -147,7 +147,7 @@ CVE-2026-21721 (The dashboard permissions API does not
verify the target dashboa
CVE-2026-21720 (Every uncached /avatar/:hash request spawns a goroutine that
refreshes ...)
TODO: check
CVE-2026-21417 (Dell CloudBoost Virtual Appliance, versions prior to
19.14.0.0, contai ...)
- TODO: check
+ NOT-FOR-US: Dell / EMC
CVE-2026-1489 (A flaw was found in GLib. An integer overflow vulnerability in
its Uni ...)
TODO: check
CVE-2026-1485 (A flaw was found in Glib's content type parsing logic. This
buffer und ...)
@@ -195,21 +195,21 @@ CVE-2026-0919 (The HTTP parser of Tapo C220 v1 and C520WS
v2 cameras improperly
CVE-2026-0918 (The Tapo C220 v1 and C520WS v2 cameras\u2019 HTTP service does
not saf ...)
TODO: check
CVE-2026-0746 (The AI Engine plugin for WordPress is vulnerable to Server-Side
Reques ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2026-0705 (Local privilege escalation due to insecure folder permissions.
The fol ...)
- TODO: check
+ NOT-FOR-US: Acronis
CVE-2026-0648 (The vulnerability stems from an incorrect error-checking logic
in the ...)
TODO: check
CVE-2025-69565 (code-projects Mobile Shop Management System 1.0 is vulnerable
to File ...)
- TODO: check
+ NOT-FOR-US: code-projects
CVE-2025-69564 (code-projects Mobile Shop Management System 1.0 is vulnerable
to SQL I ...)
- TODO: check
+ NOT-FOR-US: code-projects
CVE-2025-69563 (code-projects Mobile Shop Management System 1.0 is vulnerable
to SQL I ...)
- TODO: check
+ NOT-FOR-US: code-projects
CVE-2025-69562 (code-projects Mobile Shop Management System 1.0 is vulnerable
to SQL I ...)
- TODO: check
+ NOT-FOR-US: code-projects
CVE-2025-69559 (code-projects Computer Book Store 1.0 is vulnerable to File
Upload in ...)
- TODO: check
+ NOT-FOR-US: code-projects
CVE-2025-68670 (xrdp is an open source RDP server. xrdp before v0.10.5
contains an una ...)
TODO: check
CVE-2025-65264 (The kernel driver of CPUID CPU-Z v2.17 and earlier does not
validate u ...)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/7747190868ceccfcb43acfe73e54c18c7abe158e
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/7747190868ceccfcb43acfe73e54c18c7abe158e
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
