Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
5d11b339 by Salvatore Bonaccorso at 2026-02-17T21:25:05+01:00
Process some NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,19 +1,19 @@
CVE-2026-2630 (A Command Injection vulnerability exists where an
authenticated, remot ...)
NOT-FOR-US: Tenable
CVE-2026-2620 (A weakness has been identified in Huace Monitoring and Early
Warning S ...)
- TODO: check
+ NOT-FOR-US: Huace Monitoring and Early Warning System
CVE-2026-2618 (A vulnerability was determined in Beetel 777VR1 up to 01.00.09.
This i ...)
- TODO: check
+ NOT-FOR-US: Beetel
CVE-2026-2617 (A vulnerability was found in Beetel 777VR1 up to 01.00.09. This
affect ...)
- TODO: check
+ NOT-FOR-US: Beetel
CVE-2026-2616 (A vulnerability has been found in Beetel 777VR1 up to 01.00.09.
The im ...)
- TODO: check
+ NOT-FOR-US: Beetel
CVE-2026-2615 (A flaw has been found in Wavlink WL-NU516U1 up to 20251208. The
affect ...)
NOT-FOR-US: Wavlink
CVE-2026-2608 (The Kadence Blocks \u2014 Page Builder Toolkit for Gutenberg
Editor pl ...)
NOT-FOR-US: WordPress plugin
CVE-2026-2247 (SQL injection vulnerability (SQLi) in Clicldeu SaaS,
specifically in t ...)
- TODO: check
+ NOT-FOR-US: Clicldeu SaaS
CVE-2026-26736 (TOTOLINK A3002RU_V3 V3.0.0-B20220304.1804 was discovered to
contain a ...)
NOT-FOR-US: TOTOLINK
CVE-2026-26732 (TOTOLINK A3002RU V2.1.1-B20211108.1455 was discovered to
contain a sta ...)
@@ -29,13 +29,13 @@ CVE-2026-24733 (Improper Input Validation vulnerability in
Apache Tomcat. Tomc
CVE-2026-23861 (Dell Unisphere for PowerMax vApp, version(s) 9.2.4.x,
contain(s) an Im ...)
NOT-FOR-US: Dell / EMC
CVE-2026-23648 (Glory RBG-100 recycler systems using the ISPK-08 software
component co ...)
- TODO: check
+ NOT-FOR-US: Glory RBG-100 recycler systems
CVE-2026-23647 (Glory RBG-100 recycler systems using the ISPK-08 software
component co ...)
- TODO: check
+ NOT-FOR-US: Glory RBG-100 recycler systems
CVE-2026-22769 (Dell RecoverPoint for Virtual Machines, versions prior to
6.0.3.1 HF1, ...)
NOT-FOR-US: Dell / EMC
CVE-2026-22208 (OpenS100 (the reference implementation S-100 viewer) prior to
commit 7 ...)
- TODO: check
+ NOT-FOR-US: OpenS100
CVE-2026-1452
REJECTED
CVE-2026-1216 (The RSS Aggregator plugin for WordPress is vulnerable to
Reflected Cro ...)
@@ -43,29 +43,29 @@ CVE-2026-1216 (The RSS Aggregator plugin for WordPress is
vulnerable to Reflecte
CVE-2026-0102 (Under specific conditions, a malicious webpage may trigger
autofill po ...)
NOT-FOR-US: Microsoft
CVE-2025-8303 (Improper Neutralization of Input During Web Page Generation
(XSS or 'C ...)
- TODO: check
+ NOT-FOR-US: EKA Software Computer Information Advertising Services Ltd
CVE-2025-7706 (Missing Authentication for Critical Function vulnerability in
TUBITAK ...)
- TODO: check
+ NOT-FOR-US: Liderahenk
CVE-2025-7631 (Improper Neutralization of Special Elements used in an SQL
Command ('S ...)
- TODO: check
+ NOT-FOR-US: Tumeva News Software
CVE-2025-70846 (lty628 aidigu v1.9.1 is vulnerable to Cross Site Scripting
(XSS) on th ...)
- TODO: check
+ NOT-FOR-US: lty628 aidigu
CVE-2025-70830 (A Server-Side Template Injection (SSTI) vulnerability in the
Freemarke ...)
- TODO: check
+ NOT-FOR-US: Datart
CVE-2025-70829 (An information exposure vulnerability in Datart v1.0.0-rc.3
allows aut ...)
- TODO: check
+ NOT-FOR-US: Datart
CVE-2025-70828 (An issue in Datart v1.0.0-rc.3 allows attackers to execute
arbitrary c ...)
- TODO: check
+ NOT-FOR-US: Datart
CVE-2025-70397 (jizhicms 2.5.6 is vulnerable to SQL Injection in
Article/deleteAll and ...)
- TODO: check
+ NOT-FOR-US: jizhicms
CVE-2025-67905 (Malwarebytes AdwCleaner before v.8.7.0 runs as Administrator
and perfo ...)
- TODO: check
+ NOT-FOR-US: Malwarebytes AdwCleaner
CVE-2025-66614 (Improper Input Validation vulnerability. This issue affects
Apache To ...)
TODO: check
CVE-2025-65753 (An issue in the TLS certification mechanism of Guardian
Gryphon v01.06 ...)
- TODO: check
+ NOT-FOR-US: Guardian Gryphon
CVE-2025-59793 (Rocket TRUfusion Enterprise through 7.10.5 exposes the
endpoint at /ax ...)
- TODO: check
+ NOT-FOR-US: Rocket TRUfusion Enterprise
CVE-2025-36598 (Dell Avamar, versions prior to 19.12 with patch 338905,
contains an Im ...)
NOT-FOR-US: Dell / EMC
CVE-2025-36597 (Dell Avamar, versions prior to 19.12 with patch 338905,
contains an Im ...)
@@ -89,7 +89,7 @@ CVE-2025-33101 (IBM Concert 1.0.0 through 2.1.0 could allow
an attacker to obtai
CVE-2025-33089 (IBM Concert 1.0.0 through 2.1.0 could allow a remote attacker
to obtai ...)
NOT-FOR-US: IBM
CVE-2025-32355 (Rocket TRUfusion Enterprise through 7.10.4.0 uses a reverse
proxy to h ...)
- TODO: check
+ NOT-FOR-US: Rocket TRUfusion Enterprise
CVE-2025-27904 (IBM DB2 Recovery Expert for LUW 5.5 Interim Fix 002 IBM Db2
Recovery E ...)
NOT-FOR-US: IBM
CVE-2025-27903 (IBM DB2 Recovery Expert for LUW 5.5 Interim Fix 002 IBM Db2
Recovery E ...)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/5d11b3390e0b277537f7532879ab8b778df1b9fd
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/5d11b3390e0b277537f7532879ab8b778df1b9fd
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
