Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
378317a7 by security tracker role at 2026-02-03T08:13:49+00:00
automatic NOT-FOR-US entries update
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -17,15 +17,15 @@ CVE-2026-25060 (OpenList Frontend is a UI component for
OpenList. Prior to 4.1.1
CVE-2026-25059 (OpenList Frontend is a UI component for OpenList. Prior to
4.1.10, the ...)
TODO: check
CVE-2026-24936 (When a specific function is enabled while joining a AD Domain
from ADM ...)
- TODO: check
+ NOT-FOR-US: Asustor
CVE-2026-24935 (A third-party NAT traversal module fails to validate SSL/TLS
certifica ...)
- TODO: check
+ NOT-FOR-US: Asustor
CVE-2026-24934 (The DDNS function uses an insecure HTTP connection or fails to
validat ...)
- TODO: check
+ NOT-FOR-US: Asustor
CVE-2026-24933 (The API communication component fails to validate the SSL/TLS
certific ...)
- TODO: check
+ NOT-FOR-US: Asustor
CVE-2026-24932 (The DDNS update function in ADM fails to properly validate the
hostnam ...)
- TODO: check
+ NOT-FOR-US: Asustor
CVE-2026-24763 (OpenClaw (formerly Clawdbot) is a personal AI assistant you
run on yo ...)
TODO: check
CVE-2026-24737 (jsPDF is a library to generate PDFs in JavaScript. Prior to
4.1.0, use ...)
@@ -47,7 +47,7 @@ CVE-2026-24043 (jsPDF is a library to generate PDFs in
JavaScript. Prior to 4.1.
CVE-2026-24040 (jsPDF is a library to generate PDFs in JavaScript. Prior to
4.1.0, the ...)
TODO: check
CVE-2026-24007 (Tuleap is an Open Source Suite for management of software
development ...)
- TODO: check
+ NOT-FOR-US: Tuleap
CVE-2026-23997 (FacturaScripts is open-source enterprise resource planning and
account ...)
TODO: check
CVE-2026-23515 (Signal K Server is a server application that runs on a central
hub in ...)
@@ -65,39 +65,39 @@ CVE-2026-20704 (Cross-site request forgery vulnerability
exists in WRC-X1500GS-B
CVE-2026-1788 (: Out-of-bounds Write vulnerability in Xquic Project Xquic
Server xqui ...)
TODO: check
CVE-2026-1778 (Amazon SageMaker Python SDK before v3.1.1 or v2.256.0 disables
TLS cer ...)
- TODO: check
+ NOT-FOR-US: Amazon
CVE-2026-1777 (The Amazon SageMaker Python SDK before v3.2.0 and v2.256.0
includes th ...)
- TODO: check
+ NOT-FOR-US: Amazon
CVE-2026-1730 (The OS DataHub Maps plugin for WordPress is vulnerable to
arbitrary fi ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2026-1592 (Foxit PDF Editor Cloud (pdfonline) contains a stored cross-site
script ...)
- TODO: check
+ NOT-FOR-US: Foxit
CVE-2026-1591 (Foxit PDF Editor Cloud (pdfonline) contains a stored cross-site
script ...)
- TODO: check
+ NOT-FOR-US: Foxit
CVE-2026-1447 (The Mail Mint plugin for WordPress is vulnerable to Cross-Site
Request ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2026-1375 (The Tutor LMS \u2013 eLearning and online course solution
plugin for W ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2026-1371 (The Tutor LMS \u2013 eLearning and online course solution
plugin for W ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2026-1210 (The Happy Addons for Elementor plugin for WordPress is
vulnerable to S ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2026-1065 (The Form Maker by 10Web plugin for WordPress is vulnerable to
Stored C ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2026-1058 (The Form Maker plugin for WordPress is vulnerable to Stored
Cross-Site ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2026-0950 (The Spectra Gutenberg Blocks \u2013 Website Builder for the
Block Edit ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2026-0924 (BuhoCleanercontains an insecure XPC service that allows local,
unprivi ...)
TODO: check
CVE-2026-0909 (The WP ULike plugin for WordPress is vulnerable to Insecure
Direct Obj ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2026-0617 (The LatePoint \u2013 Calendar Booking Plugin for Appointments
and Even ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2026-0383 (A vulnerability in Brocade Fabric OS could allow an
authenticated, loc ...)
- TODO: check
+ NOT-FOR-US: Brocade
CVE-2025-9711 (A vulnerability in Brocade Fabric OS before 9.2.1c3 could allow
elevat ...)
- TODO: check
+ NOT-FOR-US: Brocade
CVE-2025-8590 (Exposure of Sensitive Information to an Unauthorized Actor
vulnerabili ...)
TODO: check
CVE-2025-8589 (Improper Neutralization of Input During Web Page Generation
(XSS or 'C ...)
@@ -121,39 +121,39 @@ CVE-2025-61647 (Vulnerability in Wikimedia Foundation
CheckUser. This vulnerabil
CVE-2025-61644 (Improper Neutralization of Input During Web Page Generation
(XSS or 'C ...)
TODO: check
CVE-2025-58383 (A vulnerability in Brocade Fabric OS versions before 9.2.1c2
could all ...)
- TODO: check
+ NOT-FOR-US: Brocade
CVE-2025-58382 (A vulnerability in the secure configuration of authentication
and man ...)
- TODO: check
+ NOT-FOR-US: Brocade
CVE-2025-58381 (A vulnerability in Brocade Fabric OS before 9.2.1c2 could
allow an a ...)
- TODO: check
+ NOT-FOR-US: Brocade
CVE-2025-58380 (A vulnerability in Brocade Fabric OS before 9.2.1 could allow
an authe ...)
- TODO: check
+ NOT-FOR-US: Brocade
CVE-2025-58379 (Brocade Fabric OS before 9.2.1 has a vulnerability that could
allow a ...)
- TODO: check
+ NOT-FOR-US: Brocade
CVE-2025-36436 (IBM Cloud Pak for Business Automation 25.0.0 through 25.0.0
Interim Fi ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2025-36253 (IBM Concert 1.0.0 through 2.1.0 uses weaker than expected
cryptographi ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2025-36238 (IBM PowerVM Hypervisor FW1110.00 through FW1110.03, FW1060.00
through ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2025-36194 (IBM PowerVM Hypervisor FW1110.00 through FW1110.03, FW1060.00
through ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2025-15556 (Notepad++ versions prior to 8.8.9, when using the WinGUp
updater, cont ...)
TODO: check
CVE-2025-14274 (The Unlimited Elements for Elementor plugin for WordPress is
vulnerabl ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-13096 (IBM Business Automation Workflow containers V25.0.0 through
V25.0.0-IF ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2025-12774 (A vulnerability in the migration script for Brocade SANnav
before 3.0 ...)
- TODO: check
+ NOT-FOR-US: Brocade
CVE-2025-12773 (A vulnerability in update-reports-purge-settings.sh script
logging for ...)
- TODO: check
+ NOT-FOR-US: Brocade
CVE-2025-12772 (Brocade SANnav before 2.4.0b logs the Brocade Fabric OS Switch
admin p ...)
- TODO: check
+ NOT-FOR-US: Brocade
CVE-2025-12680 (Brocade SANnav before Brocade SANnav 2.4.0b logs database
passwords in ...)
- TODO: check
+ NOT-FOR-US: Brocade
CVE-2025-12679 (A vulnerability in Brocade SANnav before 2.4.0b prints the
Password-B ...)
- TODO: check
+ NOT-FOR-US: Brocade
CVE-2026-24514
NOT-FOR-US: Kubernetes ingress-nginx
CVE-2026-24513
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/378317a7ba3862fb20d4cfdd97a79fe7486a3694
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/378317a7ba3862fb20d4cfdd97a79fe7486a3694
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
