Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
53171348 by security tracker role at 2026-02-04T20:14:08+00:00
automatic NOT-FOR-US entries update
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -55,7 +55,7 @@ CVE-2026-23624 (GLPI is a free asset and IT management
software package. In vers
CVE-2026-22549 (A vulnerability exists in F5 BIG-IP Container Ingress Services
that ma ...)
TODO: check
CVE-2026-22548 (When a BIG-IP Advanced WAF or ASM security policy is
configured on a v ...)
- TODO: check
+ NOT-FOR-US: F5
CVE-2026-22247 (GLPI is a free asset and IT management software package. From
version ...)
TODO: check
CVE-2026-22044 (GLPI is a free asset and IT management software package. From
version ...)
@@ -63,7 +63,7 @@ CVE-2026-22044 (GLPI is a free asset and IT management
software package. From ve
CVE-2026-21893 (n8n is an open source workflow automation platform. From
version 0.187 ...)
TODO: check
CVE-2026-20732 (A vulnerability exists in an undisclosed BIG-IP Configuration
utility ...)
- TODO: check
+ NOT-FOR-US: F5
CVE-2026-20730 (A vulnerability exists in BIG-IP Edge Client and browser VPN
clients o ...)
TODO: check
CVE-2026-20123 (A vulnerability in the web-based management interface of Cisco
Evolved ...)
@@ -81,35 +81,35 @@ CVE-2026-1642 (A vulnerability exists in NGINX OSS and
NGINX Plus when configure
CVE-2026-1622 (Neo4j Enterprise and Community editions versions prior to
2026.01.3 an ...)
TODO: check
CVE-2026-1370 (The SIBS woocommerce payment gateway plugin for WordPress is
vulnerabl ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2026-0873 (On a Cryptobox platform where administrator segregation based
on entit ...)
TODO: check
CVE-2026-0816 (The All push notification for WP plugin for WordPress is
vulnerable to ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2026-0743 (The WP Content Permission plugin for WordPress is vulnerable to
Stored ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2026-0742 (The Smart Appointment & Booking plugin for WordPress is
vulnerable to ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2026-0681 (The Extended Random Number Generator plugin for WordPress is
vulnerabl ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2026-0679 (The Fortis for WooCommerce plugin for WordPress is vulnerable
to autho ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2026-0662 (A maliciously crafted project directory, when opening a max
file in Au ...)
- TODO: check
+ NOT-FOR-US: Autodesk
CVE-2026-0661 (A maliciously crafted RGB file, when parsed through Autodesk
3ds Max, ...)
- TODO: check
+ NOT-FOR-US: Autodesk
CVE-2026-0660 (A maliciously crafted GIF file, when parsed through Autodesk
3ds Max, ...)
- TODO: check
+ NOT-FOR-US: Autodesk
CVE-2026-0659 (A maliciously crafted USD file, when loaded or imported into
Autodesk ...)
- TODO: check
+ NOT-FOR-US: Autodesk
CVE-2026-0572 (The WebPurify Profanity Filter plugin for WordPress is
vulnerable to u ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2026-0538 (A maliciously crafted GIF file, when parsed through Autodesk
3ds Max, ...)
- TODO: check
+ NOT-FOR-US: Autodesk
CVE-2026-0537 (A maliciously crafted RGB file, when parsed through Autodesk
3ds Max, ...)
- TODO: check
+ NOT-FOR-US: Autodesk
CVE-2026-0536 (A maliciously crafted GIF file, when parsed through Autodesk
3ds Max, ...)
- TODO: check
+ NOT-FOR-US: Autodesk
CVE-2025-70997 (A vulnerability has been discovered in eladmin v2.7 and
before. This v ...)
TODO: check
CVE-2025-70545 (A stored cross-site scripting (XSS) vulnerability exists in
the web ma ...)
@@ -133,25 +133,25 @@ CVE-2025-59818 (This vulnerability allows authenticated
attackers to execute arb
CVE-2025-41085 (Stored Cross-Site Scripting (XSS) vulnerability type in Apidog
in the ...)
TODO: check
CVE-2025-15508 (The Magic Import Document Extractor plugin for WordPress is
vulnerable ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-15507 (The Magic Import Document Extractor plugin for WordPress is
vulnerable ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-15487 (The Code Explorer plugin for WordPress is vulnerable to Path
Traversal ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-15482 (The Chapa Payment Gateway Plugin for WooCommerce plugin for
WordPress ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-15368 (The SportsPress plugin for WordPress is vulnerable to Local
File Inclu ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-15285 (The SEO Flow by LupsOnline plugin for WordPress is vulnerable
to unaut ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-15268 (The Infility Global plugin for WordPress is vulnerable to
unauthentica ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-15260 (The MyRewards \u2013 Loyalty Points and Rewards for
WooCommerce plugin ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-14740 (Docker Desktop for Windows contains multiple incorrect
permission assi ...)
- TODO: check
+ NOT-FOR-US: Docker products not packaged in Debian
CVE-2025-14461 (The Xendit Payment plugin for WordPress is vulnerable to
unauthorized ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2026-23109 (In the Linux kernel, the following vulnerability has been
resolved: f ...)
- linux 6.18.8-1
[trixie] - linux <not-affected> (Vulnerable code not present)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/53171348f9ee8b80bebd79c9740073438713b80d
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/53171348f9ee8b80bebd79c9740073438713b80d
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
