Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
3ee60729 by Salvatore Bonaccorso at 2026-03-02T21:58:15+01:00
Process some NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -176,9 +176,9 @@ CVE-2026-20416 (In pcie, there is a possible out of bounds
write due to a missin
CVE-2026-1628 (Mattermost Desktop App versions <=5.13.3 fail to attach
listeners rest ...)
NOT-FOR-US: Mattermost Desktop App
CVE-2026-0995 (An issue has been identified in Arm C1-Pro before r1p2-50eac0,
where, ...)
- TODO: check
+ NOT-FOR-US: Arm C1-Pro
CVE-2026-0689 (In ExtremeCloud IQ \u2013 Site Engine (XIQ\u2011SE) before
26.2.10, a ...)
- TODO: check
+ NOT-FOR-US: ExtremeCloud IQ
CVE-2026-0655 (Improper Limitation of a Pathname to a Restricted Directory
('Path Tra ...)
NOT-FOR-US: TPLink
CVE-2026-0654 (Improper input handling in the administration web interface on
TP-Link ...)
@@ -242,69 +242,69 @@ CVE-2026-0005 (In onServiceDisconnected of
KeyguardServiceDelegate.java, there i
CVE-2025-70252 (An issue was discovered in /goform/WifiWpsStart in Tenda
AC6V2.0 V15.0 ...)
NOT-FOR-US: Tenda
CVE-2025-66880 (Cross Site Scripting vulnerability in Wethink Technology Inc
720yun pa ...)
- TODO: check
+ NOT-FOR-US: Wethink Technology Inc 720yun pano-sdk
CVE-2025-65465 (A reflected Cross-Site Scripting (XSS) vulnerability in the
RaiseError ...)
- TODO: check
+ NOT-FOR-US: Skrol29 TbsZip
CVE-2025-64427 (ZimaOS is a fork of CasaOS, an operating system for Zima
devices and x ...)
- TODO: check
+ NOT-FOR-US: ZimaOS
CVE-2025-59603 (Memory Corruption when processing invalid user address with
nonstandar ...)
NOT-FOR-US: Qualcomm
CVE-2025-59600 (Memory Corruption when adding user-supplied data without
checking avai ...)
NOT-FOR-US: Qualcomm
CVE-2025-58406 (The CGM CLININET application respond without essential
security HTTP h ...)
- TODO: check
+ NOT-FOR-US: CGM CLININET application
CVE-2025-58405 (The CGM CLININET application does not implement any mechanisms
that pr ...)
- TODO: check
+ NOT-FOR-US: CGM CLININET application
CVE-2025-58402 (The CGM CLININET application uses direct, sequential object
identifier ...)
- TODO: check
+ NOT-FOR-US: CGM CLININET application
CVE-2025-58107 (In Microsoft Exchange through 2019, Exchange ActiveSync (EAS)
configur ...)
- TODO: check
+ NOT-FOR-US: Microsoft
CVE-2025-52998 (Chamilo is a learning management system. Prior to version
1.11.30, in ...)
- TODO: check
+ NOT-FOR-US: Chamilo LMS
CVE-2025-52564 (Chamilo is a learning management system. Prior to version
1.11.30, the ...)
- TODO: check
+ NOT-FOR-US: Chamilo LMS
CVE-2025-52563 (Chamilo is a learning management system. Prior to version
1.11.30, the ...)
- TODO: check
+ NOT-FOR-US: Chamilo LMS
CVE-2025-52482 (Chamilo is a learning management system. Prior to version
1.11.30, a S ...)
- TODO: check
+ NOT-FOR-US: Chamilo LMS
CVE-2025-52476 (Chamilo is a learning management system. Prior to version
1.11.30, the ...)
- TODO: check
+ NOT-FOR-US: Chamilo LMS
CVE-2025-52475 (Chamilo is a learning management system. Prior to version
1.11.30, the ...)
- TODO: check
+ NOT-FOR-US: Chamilo LMS
CVE-2025-52470 (Chamilo is a learning management system. Prior to version
1.11.30, a s ...)
- TODO: check
+ NOT-FOR-US: Chamilo LMS
CVE-2025-52469 (Chamilo is a learning management system. Prior to version
1.11.30, a l ...)
- TODO: check
+ NOT-FOR-US: Chamilo LMS
CVE-2025-52468 (Chamilo is a learning management system. Prior to version
1.11.30, an ...)
- TODO: check
+ NOT-FOR-US: Chamilo LMS
CVE-2025-50199 (Chamilo is a learning management system. Prior to version
1.11.30, the ...)
- TODO: check
+ NOT-FOR-US: Chamilo LMS
CVE-2025-50198 (Chamilo is a learning management system. Prior to version
1.11.30, Cha ...)
- TODO: check
+ NOT-FOR-US: Chamilo LMS
CVE-2025-50197 (Chamilo is a learning management system. Prior to version
1.11.30, the ...)
- TODO: check
+ NOT-FOR-US: Chamilo LMS
CVE-2025-50196 (Chamilo is a learning management system. Prior to version
1.11.30, the ...)
- TODO: check
+ NOT-FOR-US: Chamilo LMS
CVE-2025-50195 (Chamilo is a learning management system. Prior to version
1.11.30, the ...)
- TODO: check
+ NOT-FOR-US: Chamilo LMS
CVE-2025-50194 (Chamilo is a learning management system. Prior to version
1.11.30, the ...)
- TODO: check
+ NOT-FOR-US: Chamilo LMS
CVE-2025-50193 (Chamilo is a learning management system. Prior to version
1.11.30, the ...)
- TODO: check
+ NOT-FOR-US: Chamilo LMS
CVE-2025-50192 (Chamilo is a learning management system. Prior to version
1.11.30, the ...)
- TODO: check
+ NOT-FOR-US: Chamilo LMS
CVE-2025-50191 (Chamilo is a learning management system. Prior to version
1.11.30, the ...)
- TODO: check
+ NOT-FOR-US: Chamilo LMS
CVE-2025-50190 (Chamilo is a learning management system. Prior to version
1.11.30, the ...)
- TODO: check
+ NOT-FOR-US: Chamilo LMS
CVE-2025-50189 (Chamilo is a learning management system. Prior to version
1.11.30, the ...)
- TODO: check
+ NOT-FOR-US: Chamilo LMS
CVE-2025-50188 (Chamilo is a learning management system. Prior to version
1.11.30, the ...)
- TODO: check
+ NOT-FOR-US: Chamilo LMS
CVE-2025-50187 (Chamilo is a learning management system. Prior to version
1.11.28, par ...)
- TODO: check
+ NOT-FOR-US: Chamilo LMS
CVE-2025-50186 (Chamilo is a learning management system. Prior to version
1.11.30, a s ...)
- TODO: check
+ NOT-FOR-US: Chamilo LMS
CVE-2025-48654 (In onStart of CompanionDeviceManagerService.java, there is a
possible ...)
NOT-FOR-US: Android
CVE-2025-48653 (In loadDataAndPostValue of multiple files, there is a possible
way to ...)
@@ -384,23 +384,23 @@ CVE-2025-47371 (Transient DOS when an LTE RLC packet with
invalid TB is received
CVE-2025-32313 (In UsageEvents of UsageEvents.java, there is a possible out of
bounds ...)
NOT-FOR-US: Android
CVE-2025-30062 (In the "CheckUnitCodeAndKey.pl" service, the "validateOrgUnit"
functio ...)
- TODO: check
+ NOT-FOR-US: CheckUnitCodeAndKey.pl service in CGM CLININET system
CVE-2025-30044 (In the endpoints
"/cgi-bin/CliniNET.prd/utils/usrlogstat_simple.pl", " ...)
- TODO: check
+ NOT-FOR-US: CGM CLININET application
CVE-2025-30042 (The CGM CLININET system provides smart card authentication;
however, a ...)
- TODO: check
+ NOT-FOR-US: CGM CLININET system
CVE-2025-30035 (The vulnerability enables an attacker to fully bypass
authentication i ...)
- TODO: check
+ NOT-FOR-US: CGM CLININET
CVE-2025-14532 (DobryCMS's upload file functionality allows an unauthenticated
remote ...)
- TODO: check
+ NOT-FOR-US: DobryCMS
CVE-2025-12462 (A Blind SQL injection vulnerability has been identified in
DobryCMS. A ...)
- TODO: check
+ NOT-FOR-US: DobryCMS
CVE-2025-10350 (SQL Injection vulnerability in "imageserver" module when
processing C- ...)
- TODO: check
+ NOT-FOR-US: CGM CLININET
CVE-2024-50337 (Chamilo is a learning management system. Prior to version
1.11.28, the ...)
- TODO: check
+ NOT-FOR-US: Chamilo LMS
CVE-2024-47886 (Chamilo is a learning management system. Chamillo is affected
by a pos ...)
- TODO: check
+ NOT-FOR-US: Chamilo LMS
CVE-2024-43766 (In multiple functions of btm_ble_sec.cc, there is a possible
unencrypt ...)
NOT-FOR-US: Android
CVE-2024-31328 (In broadcastIntentLockedTraced of BroadcastController.java,
there is a ...)
@@ -449,7 +449,7 @@ CVE-2026-3000 (IDExpert Windows Logon Agent developed by
Changing has a Remote C
CVE-2026-2999 (IDExpert Windows Logon Agent developed by Changing has a Remote
Code E ...)
NOT-FOR-US: IDExpert Windows Logon Agent
CVE-2025-15597 (A vulnerability has been found in Dataease SQLBot up to 1.4.0.
This af ...)
- TODO: check
+ NOT-FOR-US: Dataease SQLBot
CVE-2026-3395 (A flaw has been found in MaxSite CMS up to 109.1. This impacts
the fun ...)
NOT-FOR-US: MaxSite CMS
CVE-2026-3394 (A vulnerability was detected in jarikomppa soloud up to
20200207. This ...)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/3ee60729fd88cf7acb1c9a97f54c776c66704ad4
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/3ee60729fd88cf7acb1c9a97f54c776c66704ad4
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
