Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
e0ca429a by security tracker role at 2026-02-19T08:13:07+00:00
automatic update
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,13 +1,323 @@
-CVE-2026-2650
+CVE-2026-2733 (A flaw was identified in the Docker v2 authentication endpoint
of Keyc ...)
+ TODO: check
+CVE-2026-2731 (Path traversal and content injection in
JobRunnerBackground.aspx in Dy ...)
+ TODO: check
+CVE-2026-2711 (A vulnerability has been found in zhutoutoutousan
worldquant-miner up ...)
+ TODO: check
+CVE-2026-2709 (A flaw has been found in busy up to 2.5.5. The affected element
is an ...)
+ TODO: check
+CVE-2026-2706 (A flaw has been found in code-projects Patient Record
Management Syste ...)
+ TODO: check
+CVE-2026-2705 (A vulnerability was detected in Open Babel up to 3.1.1. The
impacted e ...)
+ TODO: check
+CVE-2026-2704 (A security vulnerability has been detected in Open Babel up to
3.1.1. ...)
+ TODO: check
+CVE-2026-2703 (A weakness has been identified in xlnt-community xlnt up to
1.6.1. Imp ...)
+ TODO: check
+CVE-2026-2702 (A security flaw has been discovered in Beetel 777VR1 up to
01.00.09. T ...)
+ TODO: check
+CVE-2026-2693 (A vulnerability was determined in CoCoTeaNet CyreneAdmin up to
1.3.0. ...)
+ TODO: check
+CVE-2026-2692 (A vulnerability was found in CoCoTeaNet CyreneAdmin up to
1.3.0. This ...)
+ TODO: check
+CVE-2026-2691 (A vulnerability has been found in itsourcecode Event Management
System ...)
+ TODO: check
+CVE-2026-2690 (A flaw has been found in itsourcecode Event Management System
1.0. Aff ...)
+ TODO: check
+CVE-2026-2689 (A vulnerability was detected in itsourcecode Event Management
System 1 ...)
+ TODO: check
+CVE-2026-2686 (A security vulnerability has been detected in SECCN Dingcheng
G10 3.1. ...)
+ TODO: check
+CVE-2026-2684 (A vulnerability was determined in Tsinghua Unigroup Electronic
Archive ...)
+ TODO: check
+CVE-2026-2683 (A vulnerability was found in Tsinghua Unigroup Electronic
Archives Sys ...)
+ TODO: check
+CVE-2026-2682 (A vulnerability has been found in Tsinghua Unigroup Electronic
Archive ...)
+ TODO: check
+CVE-2026-2676 (A weakness has been identified in GoogTech sms-ssm up to
e8534c766fd13 ...)
+ TODO: check
+CVE-2026-2672 (A security flaw has been discovered in Tsinghua Unigroup
Electronic Ar ...)
+ TODO: check
+CVE-2026-2670 (A vulnerability was identified in Advantech WISE-6610
1.2.1_20251110. ...)
+ TODO: check
+CVE-2026-2669 (A vulnerability was determined in Rongzhitong Visual Integrated
Comman ...)
+ TODO: check
+CVE-2026-2668 (A vulnerability was found in Rongzhitong Visual Integrated
Command and ...)
+ TODO: check
+CVE-2026-2667 (A vulnerability has been found in Rongzhitong Visual Integrated
Comman ...)
+ TODO: check
+CVE-2026-2666 (A flaw has been found in mingSoft MCMS 6.1.1. The affected
element is ...)
+ TODO: check
+CVE-2026-2665 (A vulnerability was detected in huanzi-qch base-admin up to
57a8126bb3 ...)
+ TODO: check
+CVE-2026-2504 (The Dealia \u2013 Request a quote plugin for WordPress is
vulnerable t ...)
+ TODO: check
+CVE-2026-2502 (The xmlrpc attacks blocker plugin for WordPress is vulnerable
to Store ...)
+ TODO: check
+CVE-2026-2284 (The News Element Elementor Blog Magazine plugin for WordPress
is vulne ...)
+ TODO: check
+CVE-2026-2282 (The Slidorion plugin for WordPress is vulnerable to Stored
Cross-Site ...)
+ TODO: check
+CVE-2026-27182 (Saturn Remote Mouse Server contains a command injection
vulnerability ...)
+ TODO: check
+CVE-2026-27181 (MajorDoMo (aka Major Domestic Module) allows unauthenticated
arbitrary ...)
+ TODO: check
+CVE-2026-27180 (MajorDoMo (aka Major Domestic Module) is vulnerable to
unauthenticated ...)
+ TODO: check
+CVE-2026-27179 (MajorDoMo (aka Major Domestic Module) contains an
unauthenticated SQL ...)
+ TODO: check
+CVE-2026-27178 (MajorDoMo (aka Major Domestic Module) contains a stored
cross-site scr ...)
+ TODO: check
+CVE-2026-27177 (MajorDoMo (aka Major Domestic Module) contains a stored
cross-site scr ...)
+ TODO: check
+CVE-2026-27176 (MajorDoMo (aka Major Domestic Module) contains a reflected
cross-site ...)
+ TODO: check
+CVE-2026-27175 (MajorDoMo (aka Major Domestic Module) is vulnerable to
unauthenticated ...)
+ TODO: check
+CVE-2026-27174 (MajorDoMo (aka Major Domestic Module) allows unauthenticated
remote co ...)
+ TODO: check
+CVE-2026-26281 (InvoicePlane is a self-hosted open source application for
managing inv ...)
+ TODO: check
+CVE-2026-26270 (InvoicePlane is a self-hosted open source application for
managing inv ...)
+ TODO: check
+CVE-2026-25926 (Notepad++ is a free and open-source source code editor. An
Unsafe Sear ...)
+ TODO: check
+CVE-2026-25596 (InvoicePlane is a self-hosted open source application for
managing inv ...)
+ TODO: check
+CVE-2026-25595 (InvoicePlane is a self-hosted open source application for
managing inv ...)
+ TODO: check
+CVE-2026-25594 (InvoicePlane is a self-hosted open source application for
managing inv ...)
+ TODO: check
+CVE-2026-25548 (InvoicePlane is a self-hosted open source application for
managing inv ...)
+ TODO: check
+CVE-2026-25474 (OpenClaw is a personal AI assistant. In versions 2026.1.30 and
below, ...)
+ TODO: check
+CVE-2026-25242 (Gogs is an open source self-hosted Git service. Versions
0.13.4 and be ...)
+ TODO: check
+CVE-2026-25232 (Gogs is an open source self-hosted Git service. Versions
0.13.4 and be ...)
+ TODO: check
+CVE-2026-25229 (Gogs is an open source self-hosted Git service. Versions
0.13.4 and be ...)
+ TODO: check
+CVE-2026-25120 (Gogs is an open source self-hosted Git service. In versions
0.13.4 and ...)
+ TODO: check
+CVE-2026-24764 (OpenClaw (formerly Clawdbot) is a personal AI assistant users
run on t ...)
+ TODO: check
+CVE-2026-24746 (InvoicePlane is a self-hosted open source application for
managing inv ...)
+ TODO: check
+CVE-2026-24745 (InvoicePlane is a self-hosted open source application for
managing inv ...)
+ TODO: check
+CVE-2026-24744 (InvoicePlane is a self-hosted open source application for
managing inv ...)
+ TODO: check
+CVE-2026-24743 (InvoicePlane is a self-hosted open source application for
managing inv ...)
+ TODO: check
+CVE-2026-24126 (Weblate is a web based localization tool. Prior to 5.16.0, the
SSH man ...)
+ TODO: check
+CVE-2026-1999 (An incorrect authorization vulnerability was identified in
GitHub Ente ...)
+ TODO: check
+CVE-2026-1994 (The s2Member plugin for WordPress is vulnerable to privilege
escalatio ...)
+ TODO: check
+CVE-2026-1646 (The Advance Block Extend plugin for WordPress is vulnerable to
Stored ...)
+ TODO: check
+CVE-2026-1455 (The Whatsiplus Scheduled Notification for Woocommerce plugin
for WordP ...)
+ TODO: check
+CVE-2026-1405 (The Slider Future plugin for WordPress is vulnerable to
arbitrary file ...)
+ TODO: check
+CVE-2026-1373 (The Easy Author Image plugin for WordPress is vulnerable to
Stored Cro ...)
+ TODO: check
+CVE-2026-1355 (A Missing Authorization vulnerability was identified in GitHub
Enterpr ...)
+ TODO: check
+CVE-2026-1055 (The TalkJS plugin for WordPress is vulnerable to Stored
Cross-Site Scr ...)
+ TODO: check
+CVE-2026-1047 (The salavat counter Plugin plugin for WordPress is vulnerable
to Store ...)
+ TODO: check
+CVE-2026-1044 (The Tennis Court Bookings plugin for WordPress is vulnerable to
Stored ...)
+ TODO: check
+CVE-2026-1043 (The PostmarkApp Email Integrator plugin for WordPress is
vulnerable to ...)
+ TODO: check
+CVE-2026-0974 (The Orderable \u2013 WordPress Restaurant Online Ordering
System and F ...)
+ TODO: check
+CVE-2026-0926 (The Prodigy Commerce plugin for WordPress is vulnerable to
Local File ...)
+ TODO: check
+CVE-2026-0912 (The Toret Manager plugin for WordPress is vulnerable to
unauthorized m ...)
+ TODO: check
+CVE-2026-0722 (The Shield Security plugin for WordPress is vulnerable to
Cross-Site R ...)
+ TODO: check
+CVE-2026-0573 (An URL redirection vulnerability was identified in GitHub
Enterprise S ...)
+ TODO: check
+CVE-2026-0561 (The Shield Security plugin for WordPress is vulnerable to
Reflected Cr ...)
+ TODO: check
+CVE-2026-0556 (The XO Event Calendar plugin for WordPress is vulnerable to
Stored Cro ...)
+ TODO: check
+CVE-2026-0549 (The Groups plugin for WordPress is vulnerable to Stored
Cross-Site Scr ...)
+ TODO: check
+CVE-2025-4960 (The com.epson.InstallNavi.helper tool, deployed with the EPSON
printer ...)
+ TODO: check
+CVE-2025-4521 (The IDonate \u2013 Blood Donation, Request And Donor Management
System ...)
+ TODO: check
+CVE-2025-15586 (OGP-Website installs prior git commit
52f865a4fba763594453068acf8fa9e3 ...)
+ TODO: check
+CVE-2025-15585 (Fileflows versions before 25.05.2 are affected by an
authenticated SQL ...)
+ TODO: check
+CVE-2025-15581 (Orthanc versions before 1.12.10 are affected by an
authorisation logic ...)
+ TODO: check
+CVE-2025-15041 (The BackWPup \u2013 WordPress Backup & Restore Plugin plugin
for WordP ...)
+ TODO: check
+CVE-2025-14983 (The Advanced Custom Fields: Font Awesome Field plugin for
WordPress is ...)
+ TODO: check
+CVE-2025-14864 (The Virusdie - One-click website security plugin for WordPress
is vuln ...)
+ TODO: check
+CVE-2025-14851 (The YaMaps for WordPress plugin for WordPress is vulnerable to
Stored ...)
+ TODO: check
+CVE-2025-14452 (The WP Customer Reviews plugin for WordPress is vulnerable to
Reflecte ...)
+ TODO: check
+CVE-2025-14445 (The Image Hotspot by DevVN plugin for WordPress is vulnerable
to Store ...)
+ TODO: check
+CVE-2025-14427 (The Shield Security: Blocks Bots, Protects Users, and Prevents
Securit ...)
+ TODO: check
+CVE-2025-14357 (The Mega Store Woocommerce theme for WordPress is vulnerable
to unauth ...)
+ TODO: check
+CVE-2025-14342 (The SEO Plugin by Squirrly SEO plugin for WordPress is
vulnerable to u ...)
+ TODO: check
+CVE-2025-14294 (The Razorpay for WooCommerce plugin for WordPress is
vulnerable to una ...)
+ TODO: check
+CVE-2025-14270 (The OneClick Chat to Order plugin for WordPress is vulnerable
to autho ...)
+ TODO: check
+CVE-2025-14167 (The Remove Post Type Slug plugin for WordPress is vulnerable
to Cross- ...)
+ TODO: check
+CVE-2025-14076 (The iXML \u2013 Google XML sitemap generator plugin for
WordPress is v ...)
+ TODO: check
+CVE-2025-13930 (The Checkout Field Manager (Checkout Manager) for WooCommerce
plugin f ...)
+ TODO: check
+CVE-2025-13864 (The Breeze - WordPress Cache Plugin plugin for WordPress is
vulnerable ...)
+ TODO: check
+CVE-2025-13851 (The Buyent Classified plugin for WordPress (bundled with
Buyent theme) ...)
+ TODO: check
+CVE-2025-13842 (The Breadcrumb NavXT plugin for WordPress is vulnerable to
authorizati ...)
+ TODO: check
+CVE-2025-13738 (The Easy Table of Contents plugin for WordPress is vulnerable
to Store ...)
+ TODO: check
+CVE-2025-13732 (The s2Member \u2013 Excellent for All Kinds of Memberships,
Content Re ...)
+ TODO: check
+CVE-2025-13617 (The Apollo13 Framework Extensions plugin for WordPress is
vulnerable t ...)
+ TODO: check
+CVE-2025-13612 (The Album and Image Gallery plus Lightbox plugin for WordPress
is vuln ...)
+ TODO: check
+CVE-2025-13603 (The WP AUDIO GALLERY plugin for WordPress is vulnerable to
Unauthorize ...)
+ TODO: check
+CVE-2025-13587 (The Two Factor (2FA) Authentication via Email plugin for
WordPress is ...)
+ TODO: check
+CVE-2025-13563 (The Lizza LMS Pro plugin for WordPress is vulnerable to
Privilege Esca ...)
+ TODO: check
+CVE-2025-13438 (The Page Title, Description & Open Graph Updater plugin for
WordPress ...)
+ TODO: check
+CVE-2025-13413 (The Country Blocker for AdSense plugin for WordPress is
vulnerable to ...)
+ TODO: check
+CVE-2025-13113 (The Web Accessibility by accessiBe plugin for WordPress is
vulnerable ...)
+ TODO: check
+CVE-2025-13091 (The Shopire theme for WordPress is vulnerable to unauthorized
modifica ...)
+ TODO: check
+CVE-2025-13079 (The Popup Builder \u2013 Create highly converting, mobile
friendly mar ...)
+ TODO: check
+CVE-2025-13048 (The StatCounter \u2013 Free Real Time Visitor Stats plugin for
WordPre ...)
+ TODO: check
+CVE-2025-12975 (The CTX Feed \u2013 WooCommerce Product Feed Manager plugin
for WordPr ...)
+ TODO: check
+CVE-2025-12884 (The Advanced Ads \u2013 Ad Manager & AdSense plugin for
WordPress is v ...)
+ TODO: check
+CVE-2025-12882 (The Clasifico Listing plugin for WordPress is vulnerable to
privilege ...)
+ TODO: check
+CVE-2025-12845 (The Tablesome Table \u2013 Contact Form DB \u2013 WPForms,
CF7, Gravit ...)
+ TODO: check
+CVE-2025-12821 (The NewsBlogger theme for WordPress is vulnerable to
Cross-Site Reques ...)
+ TODO: check
+CVE-2025-12812 (Improper Neutralization of Special Elements used in an SQL
Command ('S ...)
+ TODO: check
+CVE-2025-12811 (Improper Inconsistent Interpretation of HTTP Requests ('HTTP
Request S ...)
+ TODO: check
+CVE-2025-12707 (The Library Management System plugin for WordPress is
vulnerable to SQ ...)
+ TODO: check
+CVE-2025-12500 (The Checkout Field Manager (Checkout Manager) for WooCommerce
plugin f ...)
+ TODO: check
+CVE-2025-12451 (The Easy SVG Support plugin for WordPress is vulnerable to
Stored Cros ...)
+ TODO: check
+CVE-2025-12448 (The Smartsupp \u2013 live chat, AI shopping assistant and
chatbots plu ...)
+ TODO: check
+CVE-2025-12375 (The Printful Integration for WooCommerce plugin for WordPress
is vulne ...)
+ TODO: check
+CVE-2025-12172 (The Mailchimp List Subscribe Form plugin for WordPress is
vulnerable t ...)
+ TODO: check
+CVE-2025-12117 (The Renden theme for WordPress is vulnerable to Stored
Cross-Site Scri ...)
+ TODO: check
+CVE-2025-12116 (The Drift theme for WordPress is vulnerable to Stored
Cross-Site Scrip ...)
+ TODO: check
+CVE-2025-12081 (The ACF Photo Gallery Field plugin for WordPress is vulnerable
to unau ...)
+ TODO: check
+CVE-2025-12027 (The Mesmerize Companion plugin for WordPress is vulnerable to
unauthor ...)
+ TODO: check
+CVE-2025-11754 (The GDPR Cookie Consent plugin for WordPress is vulnerable to
unauthor ...)
+ TODO: check
+CVE-2025-11725 (The Aruba HiSpeed Cache plugin for WordPress is vulnerable to
unauthor ...)
+ TODO: check
+CVE-2025-11706 (The Aruba HiSpeed Cache plugin for WordPress is vulnerable to
Reflecte ...)
+ TODO: check
+CVE-2019-25401 (Bematech (formerly Logic Controls, now Elgin) MP-4200 TH
printer conta ...)
+ TODO: check
+CVE-2019-25400 (IPFire 2.21 Core Update 127 contains multiple reflected
cross-site scr ...)
+ TODO: check
+CVE-2019-25399 (IPFire 2.21 Core Update 127 contains multiple stored
cross-site script ...)
+ TODO: check
+CVE-2019-25398 (IPFire 2.21 Core Update 127 contains multiple cross-site
scripting vul ...)
+ TODO: check
+CVE-2019-25397 (IPFire 2.21 Core Update 127 contains multiple reflected
cross-site scr ...)
+ TODO: check
+CVE-2019-25396 (IPFire 2.21 Core Update 127 contains a reflected cross-site
scripting ...)
+ TODO: check
+CVE-2019-25365 (ChaosPro 2.0 contains a buffer overflow vulnerability in the
configura ...)
+ TODO: check
+CVE-2019-25364 (MailCarrier 2.51 contains a buffer overflow vulnerability in
the POP3 ...)
+ TODO: check
+CVE-2019-25363 (WMV to AVI MPEG DVD WMV Convertor 4.6.1217 contains a buffer
overflow ...)
+ TODO: check
+CVE-2019-25362 (WMV to AVI MPEG DVD WMV Convertor 4.6.1217 contains a buffer
overflow ...)
+ TODO: check
+CVE-2019-25361 (Ayukov NFTP client 1.71 contains a buffer overflow
vulnerability in th ...)
+ TODO: check
+CVE-2019-25360 (Aida64 Engineer 6.10.5200 contains a buffer overflow
vulnerability in ...)
+ TODO: check
+CVE-2019-25359 (SD.NET RIM versions before 4.7.3c contain a SQL injection
vulnerabilit ...)
+ TODO: check
+CVE-2019-25358 (FileOptimizer 14.00.2524 contains a denial of service
vulnerability th ...)
+ TODO: check
+CVE-2019-25357 (Control Center PRO 6.2.9 contains a stack-based buffer
overflow vulner ...)
+ TODO: check
+CVE-2019-25356 (Bematech (formerly Logic Controls, now Elgin) MP-4200 TH
printer conta ...)
+ TODO: check
+CVE-2019-25355 (gSOAP 2.8 contains a directory traversal vulnerability that
allows una ...)
+ TODO: check
+CVE-2019-25354 (iSmartViewPro 1.3.34 contains a denial of service
vulnerability that a ...)
+ TODO: check
+CVE-2019-25353 (Foscam Video Management System 1.1.4.9 contains a denial of
service vu ...)
+ TODO: check
+CVE-2019-25352 (Crystal Live HTTP Server 6.01 contains a directory traversal
vulnerabi ...)
+ TODO: check
+CVE-2019-25351 (Centova Cast 3.2.11 contains a file download vulnerability
that allows ...)
+ TODO: check
+CVE-2019-25350 (XMedia Recode 3.4.8.6 contains a denial of service
vulnerability that ...)
+ TODO: check
+CVE-2019-25349 (ScadaApp for iOS 1.1.4.0 contains a denial of service
vulnerability th ...)
+ TODO: check
+CVE-2019-25326 (ipPulse 1.92 contains a denial of service vulnerability that
allows lo ...)
+ TODO: check
+CVE-2026-2650 (Heap buffer overflow in Media in Google Chrome prior to
145.0.7632.109 ...)
- chromium <unfixed>
[bullseye] - chromium <end-of-life> (see #1061268)
-CVE-2026-2649
+CVE-2026-2649 (Integer overflow in V8 in Google Chrome prior to 145.0.7632.109
allowe ...)
- chromium <unfixed>
[bullseye] - chromium <end-of-life> (see #1061268)
-CVE-2026-2648
+CVE-2026-2648 (Heap buffer overflow in PDFium in Google Chrome prior to
145.0.7632.10 ...)
- chromium <unfixed>
[bullseye] - chromium <end-of-life> (see #1061268)
-CVE-2026-2681
+CVE-2026-2681 (A flaw was found in the blst cryptographic library. This
out-of-bounds ...)
- golang-github-supranational-blst <itp> (bug #1109308)
CVE-2026-2663 (A security vulnerability has been detected in Alixhan
xh-admin-backend ...)
NOT-FOR-US: Alixhan xh-admin-backend
@@ -11173,7 +11483,7 @@ CVE-2026-22977 (In the Linux kernel, the following
vulnerability has been resolv
{DSA-6127-1 DSA-6126-1 DLA-4476-1 DLA-4475-1}
- linux 6.18.8-1
NOTE:
https://git.kernel.org/linus/2a71a1a8d0ed718b1c7a9ac61f07e5755c47ae20 (6.19-rc5)
-CVE-2026-1200
+CVE-2026-1200 (A flaw was found in the rgaufman/live555 fork of live555. A
remote att ...)
- liblivemedia <removed>
CVE-2026-1190 (A flaw was found in Keycloak's SAML brokering functionality.
When Keyc ...)
- keycloak <itp> (bug #1088287)
@@ -15132,7 +15442,7 @@ CVE-2026-22695 (LIBPNG is a reference library for use
in applications that read,
NOTE: Fixed by:
https://github.com/pnggroup/libpng/commit/e4f7ad4ea2a471776c81dda4846b7691925d9786
NOTE: Introducing fix for CVE-2025-65018 got backported into older
suites
NOTE: https://github.com/pnggroup/libpng/issues/778
-CVE-2026-0665 [qemu: Heap off-by-one in KVM Xen PHYSDEVOP_map_pirq]
+CVE-2026-0665 (An off-by-one error was found in QEMU's KVM Xen guest support.
A malic ...)
- qemu 1:10.2.0+ds-2 (bug #1125423)
[trixie] - qemu <no-dsa> (Minor issue)
[bookworm] - qemu <not-affected> (Vulnerable code introduced later)
@@ -24873,7 +25183,7 @@ CVE-2025-13008 (An information disclosure vulnerability
in M-Files Server before
NOT-FOR-US: M-Files
CVE-2025-11774 (Improper Neutralization of Special Elements used in an OS
Command ('OS ...)
NOT-FOR-US: Mitsubishi
-CVE-2025-14876
+CVE-2025-14876 (A flaw was found in the virtio-crypto device of QEMU. A
malicious gues ...)
- qemu 1:10.2.1+ds-1 (bug #1123670)
[trixie] - qemu <no-dsa> (Minor issue)
[bookworm] - qemu <no-dsa> (Minor issue)
@@ -43814,7 +44124,7 @@ CVE-2025-10150 (Webserver crash caused by scanning on
TCP port 80 in Softing Ind
NOT-FOR-US: Softing
CVE-2025-10145
REJECTED
-CVE-2025-12343
+CVE-2025-12343 (A flaw was found in FFmpeg\u2019s TensorFlow backend within
the libavf ...)
{DSA-6007-1}
- ffmpeg 7:7.1.2-1
[bookworm] - ffmpeg <not-affected> (Vulnerable code not present)
@@ -61563,7 +61873,7 @@ CVE-2025-39792 (In the Linux kernel, the following
vulnerability has been resolv
[bookworm] - linux <not-affected> (Vulnerable code not present)
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE:
https://git.kernel.org/linus/2df7168717b7d2d32bcf017c68be16e4aae9dd13 (6.17-rc1)
-CVE-2025-10256
+CVE-2025-10256 (A NULL pointer dereference vulnerability exists in
FFmpeg\u2019s Fireq ...)
{DSA-6007-1 DLA-4440-1}
- ffmpeg 7:7.1.2-1
[bookworm] - ffmpeg <postponed> (Minor issue, wait until it's fixed in
the 5.1 branch)
@@ -71801,7 +72111,7 @@ CVE-2025-49456 (Race condition in the installer for
certain Zoom Clients for Win
NOT-FOR-US: Zoom
CVE-2025-0818 (Several WordPress plugins using elFinder versions 2.1.64 and
prior are ...)
NOT-FOR-US: WordPress plugin
-CVE-2025-8860
+CVE-2025-8860 (A flaw was found in QEMU in the uefi-vars virtual device. When
the gue ...)
[experimental] - qemu 1:10.1.0~rc3+ds-1
- qemu 1:10.0.3+ds-4 (bug #1111030)
[trixie] - qemu <no-dsa> (Minor issue)
@@ -130311,7 +130621,7 @@ CVE-2023-34397 (Mercedes Benz head-unit NTG 6
contains functions to import or ex
NOT-FOR-US: Mercedes Benz NTG
CVE-2025-1057 (A flaw was found in Keylime, a remote attestation solution,
where stri ...)
NOT-FOR-US: Keylime
-CVE-2025-1272
+CVE-2025-1272 (The Linux Kernel lockdown mode for kernel versions starting on
6.12 an ...)
- linux <not-affected> (Red Hat specific lockdown regression)
NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=2345615
NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=2333706
@@ -135885,7 +136195,7 @@ CVE-2024-11913 (The Activity Plus Reloaded for
BuddyPress plugin for WordPress i
NOT-FOR-US: WordPress plugin
CVE-2024-10324 (The RomethemeKit For Elementor plugin for WordPress is
vulnerable to S ...)
NOT-FOR-US: WordPress plugin
-CVE-2025-0577
+CVE-2025-0577 (An insufficient entropy vulnerability was found in glibc. The
getrando ...)
- glibc <not-affected> (Doesn't affect any released version of glibc)
NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=2338871
CVE-2025-23012 (Fedora Repository 3.8.x includes a service account
(fedoraIntCallUser) ...)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/e0ca429a21cc0fe2579e14bf3355596f2b7d651d
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/e0ca429a21cc0fe2579e14bf3355596f2b7d651d
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
