Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
626b4429 by security tracker role at 2026-01-30T20:14:01+00:00
automatic NOT-FOR-US entries update
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -3,27 +3,27 @@ CVE-2026-25128 (fast-xml-parser allows users to validate XML,
parse XML to JS ob
CVE-2026-25050 (Vendure is an open-source headless commerce platform. Prior to
version ...)
TODO: check
CVE-2026-24855 (ChurchCRM is an open-source church management system. Versions
prior t ...)
- TODO: check
+ NOT-FOR-US: ChurchCRM
CVE-2026-24854 (ChurchCRM is an open-source church management system. A SQL
Injection ...)
- TODO: check
+ NOT-FOR-US: ChurchCRM
CVE-2026-23835 (LobeHub is an open source human-and-AI-agent network. Prior to
version ...)
TODO: check
CVE-2026-22626 (Due to insufficient input parameter validation on the
interface, authe ...)
- TODO: check
+ NOT-FOR-US: Hikvision
CVE-2026-22625 (Improper handling of filenames in certain HIKSEMI NAS products
may lea ...)
- TODO: check
+ NOT-FOR-US: Hikvision
CVE-2026-22624 (Due to inadequate access control, authenticated users of
certain HIKSE ...)
- TODO: check
+ NOT-FOR-US: Hikvision
CVE-2026-22623 (Due to insufficient input parameter validation on the
interface, authe ...)
- TODO: check
+ NOT-FOR-US: Hikvision
CVE-2026-22277 (Dell UnityVSA, version(s) 5.4 and prior, contain(s) an
Improper Neutra ...)
- TODO: check
+ NOT-FOR-US: Dell / EMC
CVE-2026-21418 (Dell Unity, version(s) 5.5.2 and prior, contain(s) an Improper
Neutral ...)
- TODO: check
+ NOT-FOR-US: Dell / EMC
CVE-2026-1702 (A vulnerability was detected in SourceCodester Pet Grooming
Management ...)
- TODO: check
+ NOT-FOR-US: SourceCodester
CVE-2026-1701 (A security vulnerability has been detected in itsourcecode
Student Man ...)
- TODO: check
+ NOT-FOR-US: itsourcecode System
CVE-2026-1700 (A weakness has been identified in projectworlds House Rental
and Prope ...)
TODO: check
CVE-2026-1699 (In the Eclipse Theia Website repository, the GitHub Actions
workflow . ...)
@@ -31,17 +31,17 @@ CVE-2026-1699 (In the Eclipse Theia Website repository, the
GitHub Actions workf
CVE-2026-1691 (A vulnerability has been found in bolo-solo up to 2.6.4. This
impacts ...)
TODO: check
CVE-2026-1690 (A flaw has been found in Tenda HG10
US_HG7_HG9_HG10re_300001138_en_xpo ...)
- TODO: check
+ NOT-FOR-US: Tenda
CVE-2026-1689 (A vulnerability was detected in Tenda HG10
US_HG7_HG9_HG10re_300001138 ...)
- TODO: check
+ NOT-FOR-US: Tenda
CVE-2026-1688 (A security vulnerability has been detected in itsourcecode
Directory M ...)
- TODO: check
+ NOT-FOR-US: itsourcecode System
CVE-2026-1687 (A weakness has been identified in Tenda HG10
US_HG7_HG9_HG10re_3000011 ...)
- TODO: check
+ NOT-FOR-US: Tenda
CVE-2026-1686 (A security flaw has been discovered in Totolink A3600R
5.9c.4959. This ...)
- TODO: check
+ NOT-FOR-US: TOTOLINK
CVE-2026-1685 (A vulnerability was identified in D-Link DIR-823X 250416. This
vulnera ...)
- TODO: check
+ NOT-FOR-US: D-Link
CVE-2026-1684 (A vulnerability was found in Free5GC SMF up to 4.1.0. Affected
by this ...)
TODO: check
CVE-2026-1683 (A vulnerability has been found in Free5GC SMF up to 4.1.0.
Affected by ...)
@@ -49,15 +49,15 @@ CVE-2026-1683 (A vulnerability has been found in Free5GC
SMF up to 4.1.0. Affect
CVE-2026-1682 (A flaw has been found in Free5GC SMF up to 4.1.0. Affected is
the func ...)
TODO: check
CVE-2026-1498 (An LDAP Injection vulnerability in WatchGuard Fireware OS may
allow a ...)
- TODO: check
+ NOT-FOR-US: WatchGuard
CVE-2026-0709 (Some Hikvision Wireless Access Points are vulnerable to
authenticated ...)
- TODO: check
+ NOT-FOR-US: Hikvision
CVE-2025-9226 (Zohocorp ManageEngine OpManager, NetFlow Analyzer, and OpUtils
version ...)
- TODO: check
+ NOT-FOR-US: Zoho
CVE-2025-7964 (After receiving a malformed 802.15.4 MAC Data Request the
Zigbee C ...)
- TODO: check
+ NOT-FOR-US: Silicon Labs
CVE-2025-6723 (Chef InSpec up to version 5.23 creates named pipes with overly
permiss ...)
- TODO: check
+ NOT-FOR-US: Progress Software
CVE-2025-69662 (SQL injection vulnerability in geopandas before v.1.1.2 allows
an atta ...)
TODO: check
CVE-2025-62349 (Salt contains an authentication protocol version downgrade
weakness th ...)
@@ -69,13 +69,13 @@ CVE-2025-51958 (aelsantex runcommand 2014-04-01, a plugin
for DokuWiki, allows u
CVE-2025-4686 (Improper Neutralization of Special Elements used in an SQL
Command ('S ...)
TODO: check
CVE-2025-26385 (Johnson Controls Metasys component listed below have Improper
Neutral ...)
- TODO: check
+ NOT-FOR-US: Johnson Controls
CVE-2025-1395 (Generation of Error Message Containing Sensitive Information
vulnerabi ...)
TODO: check
CVE-2025-13176 (Planting a custom configuration file in ESET Inspect
Connectorallow ...)
TODO: check
CVE-2024-9432 (Cleartext Storage of Sensitive Information vulnerability in
OpenText\u ...)
- TODO: check
+ NOT-FOR-US: OpenText
CVE-2024-4027 (A flaw was found in Undertow. Servlets using a method that
calls HttpS ...)
TODO: check
CVE-2020-37060 (Atomic Alarm Clock 6.3 contains a local privilege escalation
vulnerabi ...)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/626b4429fe7887b93917346457d28b2fe1ce7d76
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/626b4429fe7887b93917346457d28b2fe1ce7d76
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
