Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
491e3744 by security tracker role at 2026-02-05T08:13:40+00:00
automatic NOT-FOR-US entries update
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -75,25 +75,25 @@ CVE-2026-1892 (A security vulnerability has been detected
in WeKan up to 8.20. T
CVE-2026-1884 (A weakness has been identified in ZenTao up to 21.7.6-85642.
The impac ...)
TODO: check
CVE-2026-1554 (XML Injection (aka Blind XPath Injection) vulnerability in
Drupal Cent ...)
- TODO: check
+ NOT-FOR-US: Drupal core and addons
CVE-2026-1553 (Incorrect Authorization vulnerability in Drupal Drupal Canvas
allows F ...)
- TODO: check
+ NOT-FOR-US: Drupal core and addons
CVE-2026-1268 (The Dynamic Widget Content plugin for WordPress is vulnerable
to Store ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2026-1246 (The ShortPixel Image Optimizer plugin for WordPress is
vulnerable to A ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2026-0948 (Authentication Bypass Using an Alternate Path or Channel
vulnerability ...)
- TODO: check
+ NOT-FOR-US: Drupal core and addons
CVE-2026-0947 (Improper Neutralization of Input During Web Page Generation
("Cross-si ...)
- TODO: check
+ NOT-FOR-US: Drupal core and addons
CVE-2026-0946 (Improper Neutralization of Input During Web Page Generation
("Cross-si ...)
- TODO: check
+ NOT-FOR-US: Drupal core and addons
CVE-2026-0945 (Privilege Defined With Unsafe Actions vulnerability in Drupal
Role Del ...)
- TODO: check
+ NOT-FOR-US: Drupal core and addons
CVE-2026-0944 (Improper Check for Unusual or Exceptional Conditions
vulnerability in ...)
- TODO: check
+ NOT-FOR-US: Drupal core and addons
CVE-2026-0867 (The Essential Widgets plugin for WordPress is vulnerable to
Stored Cro ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-71031 (Water-Melon Melon commit 9df9292 and below is vulnerable to
Denial of ...)
TODO: check
CVE-2025-62616 (AutoGPT is a platform that allows users to create, deploy, and
manage ...)
@@ -103,39 +103,39 @@ CVE-2025-62615 (AutoGPT is a platform that allows users
to create, deploy, and m
CVE-2025-61732 (A discrepancy between how Go and C/C++ comments were parsed
allowed fo ...)
TODO: check
CVE-2025-2134 (IBM Jazz Reporting Service could allow an authenticated user on
the ne ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2025-27550 (IBM Jazz Reporting Service could allow an authenticated user
on the ho ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2025-1823 (IBM Jazz Reporting Service could allow an authenticated user on
the ho ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2025-15555 (A security flaw has been discovered in Open5GS up to 2.7.6.
Affected b ...)
TODO: check
CVE-2025-15080 (Improper Validation of Specified Quantity in Input
vulnerability in Mi ...)
- TODO: check
+ NOT-FOR-US: Mitsubishi
CVE-2025-13375 (IBM Common Cryptographic Architecture (CCA)7.5.52 and8.4.82
could allo ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2025-13192 (The Popup builder with Gamification, Multi-Step Popups,
Page-Level Tar ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2025-11730 (A post\u2011authentication command injection vulnerability in
the Dyna ...)
- TODO: check
+ NOT-FOR-US: Zyxel
CVE-2025-10314 (Incorrect Default Permissions vulnerability in Mitsubishi
Electric Cor ...)
- TODO: check
+ NOT-FOR-US: Mitsubishi
CVE-2025-10258 (Infinera DNA is vulnerable to a time-based SQL injection
vulnerability ...)
- TODO: check
+ NOT-FOR-US: Nokia
CVE-2024-51451 (IBM Concert 1.0.0 through 2.1.0 is vulnerable to HTTP header
injection ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2024-43181 (IBM Concert 1.0.0 through 2.1.0 does not invalidate session
after logo ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2024-40685 (IBM Operations Analytics \u2013 Log Analysis versions 1.3.5.0
through ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2024-39724 (IBM Db2 Big SQL on Cloud Pak for Data versions 7.6 (on CP4D
4.8), 7.7 ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2023-38281 (IBM Cloud Pak System does not set the secure attribute on
authorizatio ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2023-38017 (IBM Cloud Pak Systemis vulnerable to cross-site scripting.
This vulner ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2023-38010 (IBM Cloud Pak System displays sensitive information in user
messages t ...)
- TODO: check
+ NOT-FOR-US: IBM
CVE-2019-25288 (Wacom WTabletService 6.6.7-3 contains an unquoted service path
vulnera ...)
TODO: check
CVE-2019-25287 (Adaware Web Companion version 4.8.2078.3950 contains an
unquoted servi ...)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/491e37444c7fc5ea33ec6e049f6de8d5c876bed0
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/491e37444c7fc5ea33ec6e049f6de8d5c876bed0
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
