Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
a2972a8d by security tracker role at 2026-03-10T08:13:31+00:00
automatic update
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,4 +1,150 @@
-CVE-2026-3288
+CVE-2026-3585 (The The Events Calendar plugin for WordPress is vulnerable to
Path Tra ...)
+ TODO: check
+CVE-2026-31816 (Budibase is a low code platform for creating internal tools,
workflows ...)
+ TODO: check
+CVE-2026-31802 (node-tar is a full-featured Tar for Node.js. Prior to version
7.5.11, ...)
+ TODO: check
+CVE-2026-30937 (ImageMagick is free and open-source software used for editing
and mani ...)
+ TODO: check
+CVE-2026-30936 (ImageMagick is free and open-source software used for editing
and mani ...)
+ TODO: check
+CVE-2026-30935 (ImageMagick is free and open-source software used for editing
and mani ...)
+ TODO: check
+CVE-2026-30931 (ImageMagick is free and open-source software used for editing
and mani ...)
+ TODO: check
+CVE-2026-30929 (ImageMagick is free and open-source software used for editing
and mani ...)
+ TODO: check
+CVE-2026-30927 (Admidio is an open-source user management solution. Prior to
5.0.6, in ...)
+ TODO: check
+CVE-2026-30926 (SiYuan is a personal knowledge management system. Prior to
3.5.10, a p ...)
+ TODO: check
+CVE-2026-30925 (Parse Server is an open source backend that can be deployed to
any inf ...)
+ TODO: check
+CVE-2026-30921 (OneUptime is a solution for monitoring and managing online
services. P ...)
+ TODO: check
+CVE-2026-30920 (OneUptime is a solution for monitoring and managing online
services. P ...)
+ TODO: check
+CVE-2026-30919 (facileManager is a modular suite of web apps built with the
sysadmin i ...)
+ TODO: check
+CVE-2026-30918 (facileManager is a modular suite of web apps built with the
sysadmin i ...)
+ TODO: check
+CVE-2026-30917 (Bucket is a MediaWiki extension to store and retrieve
structured data ...)
+ TODO: check
+CVE-2026-30916 (Shescape is a simple shell escape library for JavaScript.
Prior to 2.1 ...)
+ TODO: check
+CVE-2026-30913 (Flarum is open-source forum software. When the
flarum/nicknames extens ...)
+ TODO: check
+CVE-2026-30887 (OneUptime is a solution for monitoring and managing online
services. P ...)
+ TODO: check
+CVE-2026-30885 (WWBN AVideo is an open source video platform. Prior to 25.0,
the /obje ...)
+ TODO: check
+CVE-2026-30883 (ImageMagick is free and open-source software used for editing
and mani ...)
+ TODO: check
+CVE-2026-30870 (PowerSync Service is the server-side component of the
PowerSync sync e ...)
+ TODO: check
+CVE-2026-30869 (SiYuan is a personal knowledge management system. Prior to
3.5.10, a p ...)
+ TODO: check
+CVE-2026-30862 (Appsmith is a platform to build admin panels, internal tools,
and dash ...)
+ TODO: check
+CVE-2026-30240 (Budibase is a low code platform for creating internal tools,
workflows ...)
+ TODO: check
+CVE-2026-2364 (If a legitimate user confirms a self-update prompt or initiate
an inst ...)
+ TODO: check
+CVE-2026-29773 (Kubewarden is a policy engine for Kubernetes. Kubewarden
cluster opera ...)
+ TODO: check
+CVE-2026-28693 (ImageMagick is free and open-source software used for editing
and mani ...)
+ TODO: check
+CVE-2026-28692 (ImageMagick is free and open-source software used for editing
and mani ...)
+ TODO: check
+CVE-2026-28691 (ImageMagick is free and open-source software used for editing
and mani ...)
+ TODO: check
+CVE-2026-28690 (ImageMagick is free and open-source software used for editing
and mani ...)
+ TODO: check
+CVE-2026-28689 (ImageMagick is free and open-source software used for editing
and mani ...)
+ TODO: check
+CVE-2026-28688 (ImageMagick is free and open-source software used for editing
and mani ...)
+ TODO: check
+CVE-2026-28687 (ImageMagick is free and open-source software used for editing
and mani ...)
+ TODO: check
+CVE-2026-28686 (ImageMagick is free and open-source software used for editing
and mani ...)
+ TODO: check
+CVE-2026-28513 (Pocket ID is an OIDC provider that allows users to
authenticate with t ...)
+ TODO: check
+CVE-2026-28512 (Pocket ID is an OIDC provider that allows users to
authenticate with t ...)
+ TODO: check
+CVE-2026-28494 (ImageMagick is free and open-source software used for editing
and mani ...)
+ TODO: check
+CVE-2026-28493 (ImageMagick is free and open-source software used for editing
and mani ...)
+ TODO: check
+CVE-2026-28433 (Misskey is an open source, federated social media platform.
All Misske ...)
+ TODO: check
+CVE-2026-28432 (Misskey is an open source, federated social media platform.
All Misske ...)
+ TODO: check
+CVE-2026-28431 (Misskey is an open source, federated social media platform.
All Misske ...)
+ TODO: check
+CVE-2026-28281 (InstantCMS is a free and open source content management
system. Prior ...)
+ TODO: check
+CVE-2026-28267 (Multiple i-\u30d5\u30a3\u30eb\u30bf\u30fc products are
configured with ...)
+ TODO: check
+CVE-2026-27689 (Due to an uncontrolled resource consumption (Denial of
Service) vulner ...)
+ TODO: check
+CVE-2026-27688 (Due to a missing authorization check in SAP NetWeaver
Application Serv ...)
+ TODO: check
+CVE-2026-27687 (Due to missing authorization check in SAP S/4HANA HCM Portugal
and SAP ...)
+ TODO: check
+CVE-2026-27686 (Due to a Missing Authorization Check in SAP Business Warehouse
(Servic ...)
+ TODO: check
+CVE-2026-27685 (SAP NetWeaver Enterprise Portal Administration is vulnerable
if a priv ...)
+ TODO: check
+CVE-2026-27684 (SAP NetWeaver Feedback Notifications Service contains a SQL
injection ...)
+ TODO: check
+CVE-2026-26982 (Ghostty is a cross-platform terminal emulator. Ghostty allows
control ...)
+ TODO: check
+CVE-2026-25960 (vLLM is an inference and serving engine for large language
models (LLM ...)
+ TODO: check
+CVE-2026-25737 (Budibase is a low code platform for creating internal tools,
workflows ...)
+ TODO: check
+CVE-2026-25045 (Budibase is a low code platform for creating internal tools,
workflows ...)
+ TODO: check
+CVE-2026-24317 (SAP GUI for Windows allows DLL files to be loaded from
arbitrary direc ...)
+ TODO: check
+CVE-2026-24316 (SAP NetWeaver Application Server for ABAP provides an ABAP
Report for ...)
+ TODO: check
+CVE-2026-24313 (SAP Solution Tools Plug-In (ST-PI) contains a function module
that doe ...)
+ TODO: check
+CVE-2026-24311 (The SAP Customer Checkout application exhibits certain design
characte ...)
+ TODO: check
+CVE-2026-24310 (Due to missing authorization check in SAP NetWeaver
Application Server ...)
+ TODO: check
+CVE-2026-24309 (Due to missing authorization check in SAP NetWeaver
Application Server ...)
+ TODO: check
+CVE-2026-1920 (The Booking Calendar for Appointments and Service Businesses
\u2013 Bo ...)
+ TODO: check
+CVE-2026-1919 (The Booking Calendar for Appointments and Service Businesses
\u2013 Bo ...)
+ TODO: check
+CVE-2026-1776 (Camaleon CMS versions 2.4.5.0 through 2.9.0, prior to commit
f54a77e, ...)
+ TODO: check
+CVE-2026-1508 (The Court Reservation WordPress plugin before 1.10.9 does not
have CS ...)
+ TODO: check
+CVE-2026-0953 (The Tutor LMS Pro plugin for WordPress is vulnerable to
authentication ...)
+ TODO: check
+CVE-2026-0489 (Due to insufficient validation of user-controlled input in the
URLs qu ...)
+ TODO: check
+CVE-2025-70973 (ScadaBR 1.12.4 is vulnerable to Session Fixation. The
application assi ...)
+ TODO: check
+CVE-2025-70028 (An issue pertaining to CWE-22: Improper Limitation of a
Pathname to a ...)
+ TODO: check
+CVE-2025-36173 (Affected Product(s)Version(s)InfoSphere Data Architect9.2.1)
+ TODO: check
+CVE-2025-36105 (IBM Planning Analytics Advanced Certified Containers 3.1.0
through 3.1 ...)
+ TODO: check
+CVE-2025-2399 (Improper Validation of Specified Index, Position, or Offset in
Input v ...)
+ TODO: check
+CVE-2025-15603 (A security vulnerability has been detected in open-webui up to
0.6.16. ...)
+ TODO: check
+CVE-2025-11158 (Hitachi Vantara Pentaho Data Integration & Analytics versions
before 1 ...)
+ TODO: check
+CVE-2026-3288 (A security issue was discovered in ingress-nginx where the
`nginx.ingr ...)
NOT-FOR-US: Kubernetes ingress-nginx
CVE-2026-3819 (A vulnerability has been found in SourceCodester Resort
Reservation Sy ...)
NOT-FOR-US: SourceCodester
@@ -14768,7 +14914,7 @@ CVE-2026-24514 (A security issue was discovered in
ingress-nginxwhere the valida
NOT-FOR-US: Kubernetes ingress-nginx
CVE-2026-24513 (A security issue was discovered in ingress-nginxwhere the
protection a ...)
NOT-FOR-US: Kubernetes ingress-nginx
-CVE-2026-24512 (A security issue was discovered in ingress-nginx cthe
`rules.http.path ...)
+CVE-2026-24512 (A security issue was discovered in ingress-nginx where the
`rules.http ...)
NOT-FOR-US: Kubernetes ingress-nginx
CVE-2026-1580 (A security issue was discovered in ingress-nginxwhere the
`nginx.ingre ...)
NOT-FOR-US: Kubernetes ingress-nginx
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/a2972a8d9884eab594990390e6aa9198db8ccf1b
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/a2972a8d9884eab594990390e6aa9198db8ccf1b
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
