Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
e7b4c080 by security tracker role at 2026-02-12T08:13:01+00:00
automatic update
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,4 +1,342 @@
-CVE-2026-25990
+CVE-2026-2391 (### Summary The `arrayLimit` option in qs does not enforce
limits for ...)
+ TODO: check
+CVE-2026-2327 (Versions of the package markdown-it from 13.0.0 and before
14.1.1 are ...)
+ TODO: check
+CVE-2026-26235 (JUNG Smart Visu Server 1.1.1050 contains a denial of service
vulnerabi ...)
+ TODO: check
+CVE-2026-26234 (JUNG Smart Visu Server 1.1.1050 contains a request header
manipulation ...)
+ TODO: check
+CVE-2026-26215 (manga-image-translator versionbeta-0.3 and prior in shared API
mode co ...)
+ TODO: check
+CVE-2026-26158 (A flaw was found in BusyBox. This vulnerability allows an
attacker to ...)
+ TODO: check
+CVE-2026-26157 (A flaw was found in BusyBox. Incomplete path sanitization in
its archi ...)
+ TODO: check
+CVE-2026-26092
+ REJECTED
+CVE-2026-26091
+ REJECTED
+CVE-2026-26090
+ REJECTED
+CVE-2026-26089
+ REJECTED
+CVE-2026-26088
+ REJECTED
+CVE-2026-26087
+ REJECTED
+CVE-2026-26086
+ REJECTED
+CVE-2026-26085
+ REJECTED
+CVE-2026-26031 (Frappe Learning Management System (LMS) is a learning system
that help ...)
+ TODO: check
+CVE-2026-26029 (sf-mcp-server is an implementation of Salesforce MCP server
for Claude ...)
+ TODO: check
+CVE-2026-26023 (Dify is an open-source LLM app development platform. Prior to
1.13.0, ...)
+ TODO: check
+CVE-2026-26021 (set-in provides the set value of nested associative structure
given ar ...)
+ TODO: check
+CVE-2026-26019 (LangChain is a framework for building LLM-powered
applications. Prior ...)
+ TODO: check
+CVE-2026-26014 (Pion DTLS is a Go implementation of Datagram Transport Layer
Security. ...)
+ TODO: check
+CVE-2026-26012 (vaultwarden is an unofficial Bitwarden compatible server
written in Ru ...)
+ TODO: check
+CVE-2026-26010 (OpenMetadata is a unified metadata platform. Prior to 1.11.8,
calls is ...)
+ TODO: check
+CVE-2026-25999 (Klaw is a self-service Apache Kafka Topic
Management/Governance tool/p ...)
+ TODO: check
+CVE-2026-25994 (PJSIP is a free and open source multimedia communication
library writt ...)
+ TODO: check
+CVE-2026-25935 (Vikunja is a todo-app to organize your life. Prior to 1.1.0,
TaskGlanc ...)
+ TODO: check
+CVE-2026-25924 (Kanboard is project management software focused on Kanban
methodology. ...)
+ TODO: check
+CVE-2026-25759 (Statmatic is a Laravel and Git powered content management
system (CMS) ...)
+ TODO: check
+CVE-2026-25676 (The installer of M-Track Duo HD version 1.0.0 contains an
issue with t ...)
+ TODO: check
+CVE-2026-25633 (Statamic is a, Laravel + Git powered CMS designed for building
website ...)
+ TODO: check
+CVE-2026-25062 (Outline is a service that allows for collaborative
documentation. Prio ...)
+ TODO: check
+CVE-2026-23857 (Dell Update Package (DUP) Framework, versions 23.12.00 through
24.12.0 ...)
+ TODO: check
+CVE-2026-23856 (Dell iDRAC Service Module (iSM) for Windows, versions prior to
6.0.3.1 ...)
+ TODO: check
+CVE-2026-20700 (A memory corruption issue was addressed with improved state
management ...)
+ TODO: check
+CVE-2026-20682 (A logic issue was addressed with improved state management.
This issue ...)
+ TODO: check
+CVE-2026-20681 (A privacy issue was addressed with improved private data
redaction for ...)
+ TODO: check
+CVE-2026-20680 (The issue was addressed with additional restrictions on the
observabil ...)
+ TODO: check
+CVE-2026-20678 (An authorization issue was addressed with improved state
management. T ...)
+ TODO: check
+CVE-2026-20677 (A race condition was addressed with improved handling of
symbolic link ...)
+ TODO: check
+CVE-2026-20676 (This issue was addressed through improved state management.
This issue ...)
+ TODO: check
+CVE-2026-20675 (The issue was addressed with improved bounds checks. This
issue is fix ...)
+ TODO: check
+CVE-2026-20674 (A privacy issue was addressed by removing sensitive data. This
issue i ...)
+ TODO: check
+CVE-2026-20673 (A logic issue was addressed with improved checks. This issue
is fixed ...)
+ TODO: check
+CVE-2026-20671 (A logic issue was addressed with improved checks. This issue
is fixed ...)
+ TODO: check
+CVE-2026-20669 (A parsing issue in the handling of directory paths was
addressed with ...)
+ TODO: check
+CVE-2026-20667 (A logic issue was addressed with improved checks. This issue
is fixed ...)
+ TODO: check
+CVE-2026-20666 (An authorization issue was addressed with improved state
management. T ...)
+ TODO: check
+CVE-2026-20663 (The issue was resolved by sanitizing logging. This issue is
fixed in i ...)
+ TODO: check
+CVE-2026-20662 (An authorization issue was addressed with improved state
management. T ...)
+ TODO: check
+CVE-2026-20661 (An authorization issue was addressed with improved state
management. T ...)
+ TODO: check
+CVE-2026-20660 (A path handling issue was addressed with improved logic. This
issue is ...)
+ TODO: check
+CVE-2026-20658 (A package validation issue was addressed by blocking the
vulnerable pa ...)
+ TODO: check
+CVE-2026-20656 (A logic issue was addressed with improved validation. This
issue is fi ...)
+ TODO: check
+CVE-2026-20655 (An authorization issue was addressed with improved state
management. T ...)
+ TODO: check
+CVE-2026-20654 (The issue was addressed with improved memory handling. This
issue is f ...)
+ TODO: check
+CVE-2026-20653 (A parsing issue in the handling of directory paths was
addressed with ...)
+ TODO: check
+CVE-2026-20652 (The issue was addressed with improved memory handling. This
issue is f ...)
+ TODO: check
+CVE-2026-20650 (A denial-of-service issue was addressed with improved
validation. This ...)
+ TODO: check
+CVE-2026-20649 (A logging issue was addressed with improved data redaction.
This issue ...)
+ TODO: check
+CVE-2026-20648 (A privacy issue was addressed by moving sensitive data to a
protected ...)
+ TODO: check
+CVE-2026-20647 (This issue was addressed with improved data protection. This
issue is ...)
+ TODO: check
+CVE-2026-20646 (A logging issue was addressed with improved data redaction.
This issue ...)
+ TODO: check
+CVE-2026-20645 (An inconsistent user interface issue was addressed with
improved state ...)
+ TODO: check
+CVE-2026-20644 (The issue was addressed with improved memory handling. This
issue is f ...)
+ TODO: check
+CVE-2026-20642 (An input validation issue was addressed. This issue is fixed
in iOS 26 ...)
+ TODO: check
+CVE-2026-20641 (A privacy issue was addressed with improved checks. This issue
is fixe ...)
+ TODO: check
+CVE-2026-20640 (An inconsistent user interface issue was addressed with
improved state ...)
+ TODO: check
+CVE-2026-20638 (A logic issue was addressed with improved checks. This issue
is fixed ...)
+ TODO: check
+CVE-2026-20636 (The issue was addressed with improved memory handling. This
issue is f ...)
+ TODO: check
+CVE-2026-20635 (The issue was addressed with improved memory handling. This
issue is f ...)
+ TODO: check
+CVE-2026-20634 (The issue was addressed with improved memory handling. This
issue is f ...)
+ TODO: check
+CVE-2026-20630 (A permissions issue was addressed with additional
restrictions. This i ...)
+ TODO: check
+CVE-2026-20629 (A privacy issue was addressed with improved handling of
temporary file ...)
+ TODO: check
+CVE-2026-20628 (A permissions issue was addressed with additional
restrictions. This i ...)
+ TODO: check
+CVE-2026-20627 (An issue existed in the handling of environment variables.
This issue ...)
+ TODO: check
+CVE-2026-20626 (This issue was addressed with improved checks. This issue is
fixed in ...)
+ TODO: check
+CVE-2026-20625 (A parsing issue in the handling of directory paths was
addressed with ...)
+ TODO: check
+CVE-2026-20624 (An injection issue was addressed with improved validation.
This issue ...)
+ TODO: check
+CVE-2026-20623 (A permissions issue was addressed by removing the vulnerable
code. Thi ...)
+ TODO: check
+CVE-2026-20621 (The issue was addressed with improved memory handling. This
issue is f ...)
+ TODO: check
+CVE-2026-20620 (An out-of-bounds read issue was addressed with improved input
validati ...)
+ TODO: check
+CVE-2026-20619 (A logging issue was addressed with improved data redaction.
This issue ...)
+ TODO: check
+CVE-2026-20618 (An issue was addressed with improved handling of temporary
files. This ...)
+ TODO: check
+CVE-2026-20617 (A race condition was addressed with improved state handling.
This issu ...)
+ TODO: check
+CVE-2026-20616 (An out-of-bounds write issue was addressed with improved
bounds checki ...)
+ TODO: check
+CVE-2026-20615 (A path handling issue was addressed with improved validation.
This iss ...)
+ TODO: check
+CVE-2026-20614 (A path handling issue was addressed with improved validation.
This iss ...)
+ TODO: check
+CVE-2026-20612 (A privacy issue was addressed with improved checks. This issue
is fixe ...)
+ TODO: check
+CVE-2026-20611 (An out-of-bounds access issue was addressed with improved
bounds check ...)
+ TODO: check
+CVE-2026-20610 (This issue was addressed with improved handling of symlinks.
This issu ...)
+ TODO: check
+CVE-2026-20609 (The issue was addressed with improved memory handling. This
issue is f ...)
+ TODO: check
+CVE-2026-20608 (This issue was addressed through improved state management.
This issue ...)
+ TODO: check
+CVE-2026-20606 (This issue was addressed by removing the vulnerable code. This
issue i ...)
+ TODO: check
+CVE-2026-20605 (The issue was addressed with improved memory handling. This
issue is f ...)
+ TODO: check
+CVE-2026-20603 (This issue was addressed with improved redaction of sensitive
informat ...)
+ TODO: check
+CVE-2026-20602 (The issue was addressed with improved handling of caches. This
issue i ...)
+ TODO: check
+CVE-2026-20601 (A permissions issue was addressed with additional
restrictions. This i ...)
+ TODO: check
+CVE-2026-1729 (The AdForest theme for WordPress is vulnerable to
authentication bypas ...)
+ TODO: check
+CVE-2026-1669 (Arbitrary file read in the model loading mechanism (HDF5
integration) ...)
+ TODO: check
+CVE-2026-1537 (The LatePoint \u2013 Calendar Booking Plugin for Appointments
and Even ...)
+ TODO: check
+CVE-2026-0969 (The serialize function used to compile MDX in next-mdx-remote
is vulne ...)
+ TODO: check
+CVE-2025-68663 (Outline is a service that allows for collaborative
documentation. Prio ...)
+ TODO: check
+CVE-2025-67135 (Weak Security in the PF-50 1.2 keyfob of PGST PG107 Alarm
System 1.25. ...)
+ TODO: check
+CVE-2025-64487 (Outline is a service that allows for collaborative
documentation. Prio ...)
+ TODO: check
+CVE-2025-64074 (A path-traversal vulnerability in the logout functionality of
Shenzhen ...)
+ TODO: check
+CVE-2025-46310 (This issue was addressed through improved state management.
This issue ...)
+ TODO: check
+CVE-2025-46305 (The issue was addressed with improved bounds checks. This
issue is fix ...)
+ TODO: check
+CVE-2025-46304 (The issue was addressed with improved bounds checks. This
issue is fix ...)
+ TODO: check
+CVE-2025-46303 (The issue was addressed with improved bounds checks. This
issue is fix ...)
+ TODO: check
+CVE-2025-46302 (The issue was addressed with improved bounds checks. This
issue is fix ...)
+ TODO: check
+CVE-2025-46301 (The issue was addressed with improved bounds checks. This
issue is fix ...)
+ TODO: check
+CVE-2025-46300 (The issue was addressed with improved bounds checks. This
issue is fix ...)
+ TODO: check
+CVE-2025-46290 (A logic issue was addressed with improved checks. This issue
is fixed ...)
+ TODO: check
+CVE-2025-43537 (A path handling issue was addressed with improved validation.
This iss ...)
+ TODO: check
+CVE-2025-43417 (A path handling issue was addressed with improved logic. This
issue is ...)
+ TODO: check
+CVE-2025-43403 (An authorization issue was addressed with improved state
management. T ...)
+ TODO: check
+CVE-2025-15577 (An unauthenticated attacker can exploit this vulnerability by
manipula ...)
+ TODO: check
+CVE-2025-14892 (The Prime Listing Manager WordPress plugin through 1.1 allows
an attac ...)
+ TODO: check
+CVE-2024-50620 (Unrestricted Upload of File with Dangerous Type
vulnerabilities exist ...)
+ TODO: check
+CVE-2024-50619 (Vulnerabilities in the My Account and User Management
components in CI ...)
+ TODO: check
+CVE-2024-50617 (Vulnerabilities in the File Download and Get File handler
components i ...)
+ TODO: check
+CVE-2020-37215 (MSN Password Recovery version 1.30 contains a denial of
service vulner ...)
+ TODO: check
+CVE-2020-37214 (Voyager 1.3.0 contains a directory traversal vulnerability
that allows ...)
+ TODO: check
+CVE-2020-37213 (TextCrawler Pro 3.1.1 contains a denial of service
vulnerability that ...)
+ TODO: check
+CVE-2020-37212 (SpotMSN 2.4.6 contains a denial of service vulnerability in
the regist ...)
+ TODO: check
+CVE-2020-37211 (SpotIM 2.2 contains a denial of service vulnerability that
allows atta ...)
+ TODO: check
+CVE-2020-37210 (SpotIE 2.9.5 contains a denial of service vulnerability in the
registr ...)
+ TODO: check
+CVE-2020-37209 (SpotFTP 3.0.0.0 contains a denial of service vulnerability in
the regi ...)
+ TODO: check
+CVE-2020-37208 (SpotFTP 3.0.0.0 contains a buffer overflow vulnerability in
the regist ...)
+ TODO: check
+CVE-2020-37207 (SpotDialup 1.6.7 contains a denial of service vulnerability in
the reg ...)
+ TODO: check
+CVE-2020-37206 (ShareAlarmPro contains a denial of service vulnerability that
allows a ...)
+ TODO: check
+CVE-2020-37205 (RemShutdown 2.9.0.0 contains a denial of service vulnerability
that al ...)
+ TODO: check
+CVE-2020-37204 (RemShutdown 2.9.0.0 contains a denial of service vulnerability
in its ...)
+ TODO: check
+CVE-2020-37203 (Office Product Key Finder 1.5.4 contains a denial of service
vulnerabi ...)
+ TODO: check
+CVE-2020-37202 (NetworkSleuth 3.0.0.0 contains a denial of service
vulnerability that ...)
+ TODO: check
+CVE-2020-37201 (NetShareWatcher 1.5.8.0 contains a buffer overflow
vulnerability in th ...)
+ TODO: check
+CVE-2020-37200 (NetShareWatcher 1.5.8.0 contains a buffer overflow
vulnerability in th ...)
+ TODO: check
+CVE-2020-37199 (NBMonitor 1.6.6.0 contains a denial of service vulnerability
in its re ...)
+ TODO: check
+CVE-2020-37198 (Duplicate Cleaner Pro 4.1.3 contains a denial of service
vulnerability ...)
+ TODO: check
+CVE-2020-37197 (Dnss Domain Name Search Software contains a denial of service
vulnerab ...)
+ TODO: check
+CVE-2020-37196 (Dnss Domain Name Search Software contains a denial of service
vulnerab ...)
+ TODO: check
+CVE-2020-37195 (BlueAuditor 1.7.2.0 contains a denial of service vulnerability
in the ...)
+ TODO: check
+CVE-2020-37194 (Backup Key Recovery 2.2.5 contains a denial of service
vulnerability t ...)
+ TODO: check
+CVE-2020-37193 (ZIP Password Recovery 2.30 contains a denial of service
vulnerability ...)
+ TODO: check
+CVE-2020-37192 (MSN Password Recovery 1.30 contains an XML external entity
injection v ...)
+ TODO: check
+CVE-2020-37191 (Top Password Software Dialup Password Recovery 1.30 contains a
denial ...)
+ TODO: check
+CVE-2020-37190 (Top Password Firefox Password Recovery 2.8 contains a denial
of servic ...)
+ TODO: check
+CVE-2020-37189 (TaskCanvas 1.4.0 contains a denial of service vulnerability in
the reg ...)
+ TODO: check
+CVE-2020-37188 (SpotOutlook 1.2.6 contains a denial of service vulnerability
in the re ...)
+ TODO: check
+CVE-2020-37187 (SpotDialup 1.6.7 contains a denial of service vulnerability in
the reg ...)
+ TODO: check
+CVE-2020-37186 (Chevereto 3.13.4 Core contains a remote code execution
vulnerability t ...)
+ TODO: check
+CVE-2020-37185 (Backup Key Recovery 2.2.5 contains a denial of service
vulnerability t ...)
+ TODO: check
+CVE-2020-37184 (Allok Video Converter 4.6.1217 contains a stack overflow
vulnerability ...)
+ TODO: check
+CVE-2020-37183 (Allok RM RMVB to AVI MPEG DVD Converter 3.6.1217 contains a
stack over ...)
+ TODO: check
+CVE-2020-37182 (Redir 3.3 contains a stack overflow vulnerability in the
doproxyconnec ...)
+ TODO: check
+CVE-2020-37181 (Torrent FLV Converter 1.51 Build 117 contains a stack overflow
vulnera ...)
+ TODO: check
+CVE-2020-37180 (GTalk Password Finder 2.2.1 contains a denial of service
vulnerability ...)
+ TODO: check
+CVE-2020-37179 (APKF Product Key Finder 2.5.8.0 contains a denial of service
vulnerabi ...)
+ TODO: check
+CVE-2020-37178 (KeePass Password Safe versions before 2.44 contain a denial of
service ...)
+ TODO: check
+CVE-2020-37177 (BOOTP Turbo 2.0 contains a denial of service vulnerability
that allows ...)
+ TODO: check
+CVE-2020-37176 (Torrent 3GP Converter 1.51 contains a stack overflow
vulnerability tha ...)
+ TODO: check
+CVE-2020-37175 (P2PWIFICAM2 for iOS 10.4.1 contains a denial of service
vulnerability ...)
+ TODO: check
+CVE-2020-37173 (AVideo Platform 8.1 contains an information disclosure
vulnerability t ...)
+ TODO: check
+CVE-2020-37172 (AVideo Platform 8.1 contains a cross-site request forgery
vulnerabilit ...)
+ TODO: check
+CVE-2020-37158 (AVideo Platform 8.1 contains a cross-site request forgery
vulnerabilit ...)
+ TODO: check
+CVE-2020-37156 (BloodX 1.0 contains an authentication bypass vulnerability in
login.ph ...)
+ TODO: check
+CVE-2020-37153 (ASTPP 4.0.1 contains multiple vulnerabilities including
cross-site scr ...)
+ TODO: check
+CVE-2020-37104 (ASTPP 4.0.1 contains an information disclosure vulnerability
that allo ...)
+ TODO: check
+CVE-2019-25313 (FlexNet Publisher 11.12.1 contains a cross-site request
forgery vulner ...)
+ TODO: check
+CVE-2026-25990 (Pillow is a Python imaging library. From 10.3.0 to before
12.1.1, n ou ...)
- pillow <unfixed>
NOTE:
https://github.com/python-pillow/Pillow/security/advisories/GHSA-cfh3-3jmp-rvhc
NOTE: Fixed by:
https://github.com/python-pillow/Pillow/commit/9000313cc5d4a31bdcdd6d7f0781101abab553aa
(12.1.1)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/e7b4c080dfc4f4a582fe2bcea61cf3a89e842e2c
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/e7b4c080dfc4f4a582fe2bcea61cf3a89e842e2c
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
