Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
f1b32330 by security tracker role at 2026-02-13T08:13:01+00:00
automatic update
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,4 +1,136 @@
-CVE-2025-40905 [uses insecure rand()]
+CVE-2026-26257
+ REJECTED
+CVE-2026-26256
+ REJECTED
+CVE-2026-26255
+ REJECTED
+CVE-2026-26254
+ REJECTED
+CVE-2026-26253
+ REJECTED
+CVE-2026-26252
+ REJECTED
+CVE-2026-26251
+ REJECTED
+CVE-2026-26250
+ REJECTED
+CVE-2026-26249
+ REJECTED
+CVE-2026-26225 (Intego Personal Backup, a macOS backup utility that allows
users to cr ...)
+ TODO: check
+CVE-2026-26224 (Intego Log Reporter, a macOS diagnostic utility bundled with
Intego se ...)
+ TODO: check
+CVE-2026-26188 (Solspace Freeform plugin for Craft CMS 5.x is a super flexible
form-bu ...)
+ TODO: check
+CVE-2026-26185 (Directus is a real-time API and App dashboard for managing SQL
databas ...)
+ TODO: check
+CVE-2026-26076 (ntpd-rs is a full-featured implementation of the Network Time
Protocol ...)
+ TODO: check
+CVE-2026-26075 (FastGPT is an AI Agent building platform. Due to the fact that
FastGPT ...)
+ TODO: check
+CVE-2026-26069 (Scraparr is a Prometheus Exporter for various components of
the *arr S ...)
+ TODO: check
+CVE-2026-26068 (emp3r0r is a stealth-focused C2 designed by Linux users for
Linux envi ...)
+ TODO: check
+CVE-2026-26056 (Yoke is a Helm-inspired infrastructure-as-code (IaC) package
deployer. ...)
+ TODO: check
+CVE-2026-26055 (Yoke is a Helm-inspired infrastructure-as-code (IaC) package
deployer. ...)
+ TODO: check
+CVE-2026-26020 (AutoGPT is a platform that allows users to create, deploy, and
manage ...)
+ TODO: check
+CVE-2026-26011 (navigation2 is a ROS 2 Navigation Framework and System. In
1.3.11 and ...)
+ TODO: check
+CVE-2026-26005 (ClipBucket v5 is an open source video sharing platform. Prior
to 5.5.3 ...)
+ TODO: check
+CVE-2026-26000 (XWiki Platform is a generic wiki platform offering runtime
services fo ...)
+ TODO: check
+CVE-2026-25996 (Inspektor Gadget is a set of tools and framework for data
collection a ...)
+ TODO: check
+CVE-2026-25828 (grub-btrfs through 2026-01-31 (on Arch Linux and derivative
distributi ...)
+ TODO: check
+CVE-2026-25108 (FileZen contains an OS command injection vulnerability. When
FileZen A ...)
+ TODO: check
+CVE-2026-1721 (Summary A Reflected Cross-Site Scripting (XSS) vulnerability
was disc ...)
+ TODO: check
+CVE-2026-1358 (Airleader Master versions 6.381 and prior allow for file
uploads witho ...)
+ TODO: check
+CVE-2026-0619 (A reachable infinite loop via an integer wraparound is present
in Sili ...)
+ TODO: check
+CVE-2025-9293 (A vulnerability in the certificate validation logic may allow
applicat ...)
+ TODO: check
+CVE-2025-9292 (A permissive web security configuration may allow cross-origin
restric ...)
+ TODO: check
+CVE-2025-70845 (lty628 aidigu v1.9.1 is vulnerable to Cross Site Scripting
(XSS) exist ...)
+ TODO: check
+CVE-2025-70092 (A cross-site scripting (XSS) vulnerability in the Item Kits
function o ...)
+ TODO: check
+CVE-2025-48023 (A vulnerability has been found in Vnet/IP Interface Package
provided b ...)
+ TODO: check
+CVE-2025-48022 (A vulnerability has been found in Vnet/IP Interface Package
provided b ...)
+ TODO: check
+CVE-2025-48021 (A vulnerability has been found in Vnet/IP Interface Package
provided b ...)
+ TODO: check
+CVE-2025-48020 (A vulnerability has been found in Vnet/IP Interface Package
provided b ...)
+ TODO: check
+CVE-2025-48019 (A vulnerability has been found in Vnet/IP Interface Package
provided b ...)
+ TODO: check
+CVE-2025-1924 (A vulnerability has been found in Vnet/IP Interface Package
provided b ...)
+ TODO: check
+CVE-2025-15520 (The RegistrationMagic WordPress plugin before 6.0.7.2 checks
nonces b ...)
+ TODO: check
+CVE-2024-21961 (Improper restriction of operations within the bounds of a
memory buffe ...)
+ TODO: check
+CVE-2020-37167 (ClamAV ClamBC bytecode interpreter contains a vulnerability in
functio ...)
+ TODO: check
+CVE-2019-25342 (Centova Cast 3.2.12 contains a denial of service vulnerability
that al ...)
+ TODO: check
+CVE-2019-25341 (iNetTools for iOS 8.20 contains a denial of service
vulnerability in t ...)
+ TODO: check
+CVE-2019-25340 (SpotAuditor 5.3.2 contains a denial of service vulnerability
in its Ba ...)
+ TODO: check
+CVE-2019-25339 (GHIA CamIP 1.2 for iOS contains a denial of service
vulnerability in t ...)
+ TODO: check
+CVE-2019-25338 (DokuWiki 2018-04-22b contains a username enumeration
vulnerability in ...)
+ TODO: check
+CVE-2019-25337 (OwnCloud 8.1.8 contains a username enumeration vulnerability
that allo ...)
+ TODO: check
+CVE-2019-25336 (SpotAuditor 5.3.2 contains a local buffer overflow
vulnerability in th ...)
+ TODO: check
+CVE-2019-25335 (PRO-7070 Haz\u0131r Profesyonel Web Sitesi version 1.0
contains an aut ...)
+ TODO: check
+CVE-2019-25334 (Product Key Explorer 4.2.0.0 contains a denial of service
vulnerabilit ...)
+ TODO: check
+CVE-2019-25333 (Bullwark Momentum Series JAWS 1.0 contains a directory
traversal vulne ...)
+ TODO: check
+CVE-2019-25332 (FTP Commander Pro 8.03 contains a local stack overflow
vulnerability t ...)
+ TODO: check
+CVE-2019-25331 (AVS Audio Converter 9.1 contains a local buffer overflow
vulnerability ...)
+ TODO: check
+CVE-2019-25330 (SurfOffline Professional 2.2.0.103 contains a structured
exception han ...)
+ TODO: check
+CVE-2019-25329 (FTP Navigator 8.03 contains a denial of service vulnerability
that all ...)
+ TODO: check
+CVE-2019-25328 (XnConvert 1.82 contains a denial of service vulnerability in
its regis ...)
+ TODO: check
+CVE-2019-25327 (Prime95 version 29.8 build 6 contains a buffer overflow
vulnerability ...)
+ TODO: check
+CVE-2019-25325 (Thrive Smart Home 1.1 contains an SQL injection vulnerability
in the c ...)
+ TODO: check
+CVE-2019-25324 (RICOH Web Image Monitor 1.09 contains an HTML injection
vulnerability ...)
+ TODO: check
+CVE-2019-25323 (Heatmiser Netmonitor v3.03 contains an HTML injection
vulnerability in ...)
+ TODO: check
+CVE-2019-25322 (Heatmiser Netmonitor 3.03 contains a hardcoded credentials
vulnerabili ...)
+ TODO: check
+CVE-2019-25321 (FTP Navigator 8.03 contains a stack overflow vulnerability
that allows ...)
+ TODO: check
+CVE-2019-25320 (E Learning Script 1.0 contains an authentication bypass
vulnerability ...)
+ TODO: check
+CVE-2019-25319 (Domain Quester Pro 6.02 contains a stack overflow
vulnerability that a ...)
+ TODO: check
+CVE-2019-25318 (AVS Audio Converter 9.1.2.600 contains a stack overflow
vulnerability ...)
+ TODO: check
+CVE-2025-40905 (WWW::OAuth 1.000 and earlier for Perl uses the rand() function
as the ...)
- libwww-oauth-perl 1.001-1
[bookworm] - libwww-oauth-perl <no-dsa> (Minor issue)
NOTE: https://lists.security.metacpan.org/cve-announce/msg/36977848/
@@ -25386,7 +25518,7 @@ CVE-2023-38913 (SQL injection vulnerability in
anirbandutta9 NEWS-BUZZ v.1.0 all
NOT-FOR-US: anirbandutta9 NEWS-BUZZ
CVE-2023-36338 (Inventory Management System 1 was discovered to contain a SQL
injectio ...)
NOT-FOR-US: Inventory Management System
-CVE-2025-14282 [privilege escalation via unix stream socket forwarding]
+CVE-2025-14282 (A flaw was found in Dropbear. When running in multi-user mode
and auth ...)
{DSA-6086-1}
- dropbear 2025.89-1 (bug #1123069)
[bookworm] - dropbear <not-affected> (Vulnerable code introduced later)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/f1b323307dcf544a3216ec9b6c0943a645b816c1
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/f1b323307dcf544a3216ec9b6c0943a645b816c1
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
