Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
22e1555b by security tracker role at 2026-03-11T20:13:03+00:00
automatic update
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,4 +1,324 @@
-CVE-2026-3904 [nscd client crash on x86_64 under high nscd load]
+CVE-2026-3954 (A weakness has been identified in OpenBMB XAgent 1.0.0.
Affected by th ...)
+ TODO: check
+CVE-2026-3951 (A security flaw has been discovered in LockerProject Locker
0.0.0/0.0. ...)
+ TODO: check
+CVE-2026-3950 (A vulnerability was identified in strukturag libheif up to
1.21.2. Thi ...)
+ TODO: check
+CVE-2026-3949 (A vulnerability was determined in strukturag libheif up to
1.21.2. Thi ...)
+ TODO: check
+CVE-2026-3946 (A vulnerability was detected in PHPEMS 11.0. The affected
element is a ...)
+ TODO: check
+CVE-2026-3944 (A vulnerability was determined in itsourcecode University
Management S ...)
+ TODO: check
+CVE-2026-3943 (A vulnerability was found in H3C ACG1000-AK230 up to 20260227.
This af ...)
+ TODO: check
+CVE-2026-3906 (WordPress core is vulnerable to unauthorized access in versions
6.9 th ...)
+ TODO: check
+CVE-2026-3848 (GitLab has remediated an issue in GitLab CE/EE affecting all
versions ...)
+ TODO: check
+CVE-2026-3496 (The JetBooking plugin for WordPress is vulnerable to SQL
Injection via ...)
+ TODO: check
+CVE-2026-3492 (The Gravity Forms plugin for WordPress is vulnerable to Stored
Cross-S ...)
+ TODO: check
+CVE-2026-3231 (The Checkout Field Editor (Checkout Manager) for WooCommerce
plugin fo ...)
+ TODO: check
+CVE-2026-3178 (The Name Directory plugin for WordPress is vulnerable to Stored
Cross- ...)
+ TODO: check
+CVE-2026-3013 (Coppermine Photo Gallery in versions 1.6.09 through 1.6.27is
vulnerabl ...)
+ TODO: check
+CVE-2026-32234 (Parse Server is an open source backend that can be deployed to
any inf ...)
+ TODO: check
+CVE-2026-32229 (In JetBrains Hub before 2026.1 possible on sign-in account
mismatch wi ...)
+ TODO: check
+CVE-2026-32098 (Parse Server is an open source backend that can be deployed to
any inf ...)
+ TODO: check
+CVE-2026-32097 (PingPong is a platform for using large language models (LLMs)
for teac ...)
+ TODO: check
+CVE-2026-32096 (Plunk is an open-source email platform built on top of AWS
SES. Prior ...)
+ TODO: check
+CVE-2026-32095 (Plunk is an open-source email platform built on top of AWS
SES. Prior ...)
+ TODO: check
+CVE-2026-32094 (Shescape is a simple shell escape library for JavaScript.
Prior to 2.1 ...)
+ TODO: check
+CVE-2026-32063 (OpenClaw version 2026.2.19-2 prior to 2026.2.21 contains a
command inj ...)
+ TODO: check
+CVE-2026-32062 (OpenClaw versions2026.2.21-2 prior to 2026.2.22 and
@openclaw/voice-ca ...)
+ TODO: check
+CVE-2026-32061 (OpenClaw versions prior to 2026.2.17 contain a path traversal
vulnerab ...)
+ TODO: check
+CVE-2026-32060 (OpenClaw versions prior to 2026.2.14 contain a path traversal
vulnerab ...)
+ TODO: check
+CVE-2026-32059 (OpenClaw version 2026.2.22-2 prior to 2026.2.23
tools.exec.safeBins va ...)
+ TODO: check
+CVE-2026-31979 (Himmelblau is an interoperability suite for Microsoft Azure
Entra ID a ...)
+ TODO: check
+CVE-2026-31976 (xygeni-action is the GitHub Action for Xygeni Scanner. On
March 3, 202 ...)
+ TODO: check
+CVE-2026-31975 (Cloud CLI (aka Claude Code UI) is a desktop and mobile UI for
Claude C ...)
+ TODO: check
+CVE-2026-31974 (OpenProject is an open-source, web-based project management
software. ...)
+ TODO: check
+CVE-2026-31961 (Quill provides simple mac binary signing and notarization from
any pla ...)
+ TODO: check
+CVE-2026-31960 (Quill provides simple mac binary signing and notarization from
any pla ...)
+ TODO: check
+CVE-2026-31959 (Quill provides simple mac binary signing and notarization from
any pla ...)
+ TODO: check
+CVE-2026-31958 (Tornado is a Python web framework and asynchronous networking
library. ...)
+ TODO: check
+CVE-2026-31957 (Himmelblau is an interoperability suite for Microsoft Azure
Entra ID a ...)
+ TODO: check
+CVE-2026-31954 (Emlog is an open source website building system. In 2.6.6 and
earlier, ...)
+ TODO: check
+CVE-2026-31901 (Parse Server is an open source backend that can be deployed to
any inf ...)
+ TODO: check
+CVE-2026-31900 (Black is the uncompromising Python code formatter. Black
provides a Gi ...)
+ TODO: check
+CVE-2026-31896 (WeGIA is a web manager for charitable institutions. Prior to
version 3 ...)
+ TODO: check
+CVE-2026-31895 (WeGIA is a web manager for charitable institutions. Prior to
version 3 ...)
+ TODO: check
+CVE-2026-31894 (WeGIA is a web manager for charitable institutions. In 3.6.5,
The patc ...)
+ TODO: check
+CVE-2026-31892 (Argo Workflows is an open source container-native workflow
engine for ...)
+ TODO: check
+CVE-2026-31889 (Shopware is an open commerce platform. Prior to 6.6.10.15 and
6.7.8.1, ...)
+ TODO: check
+CVE-2026-31888 (Shopware is an open commerce platform. Prior to 6.7.8.1 and
6.6.10.15, ...)
+ TODO: check
+CVE-2026-31887 (Shopware is an open commerce platform. Prior to 6.7.8.1 and
6.6.10.15, ...)
+ TODO: check
+CVE-2026-31881 (Runtipi is a personal homeserver orchestrator. Prior to 4.8.0,
an unau ...)
+ TODO: check
+CVE-2026-31879 (Frappe is a full-stack web application framework. Prior to
14.100.2, 1 ...)
+ TODO: check
+CVE-2026-31878 (Frappe is a full-stack web application framework. Prior to
14.100.1, 1 ...)
+ TODO: check
+CVE-2026-31877 (Frappe is a full-stack web application framework. Prior to
15.84.0 and ...)
+ TODO: check
+CVE-2026-31876 (Notesnook is a note-taking app focused on user privacy & ease
of use. ...)
+ TODO: check
+CVE-2026-31875 (Parse Server is an open source backend that can be deployed to
any inf ...)
+ TODO: check
+CVE-2026-31874 (Taskosaur is an open source project management platform with
conversat ...)
+ TODO: check
+CVE-2026-31872 (Parse Server is an open source backend that can be deployed to
any inf ...)
+ TODO: check
+CVE-2026-31871 (Parse Server is an open source backend that can be deployed to
any inf ...)
+ TODO: check
+CVE-2026-31870 (cpp-httplib is a C++11 single-file header-only cross platform
HTTP/HTT ...)
+ TODO: check
+CVE-2026-31868 (Parse Server is an open source backend that can be deployed to
any inf ...)
+ TODO: check
+CVE-2026-31867 (Craft Commerce is an ecommerce platform for Craft CMS. Prior
to 4.11.0 ...)
+ TODO: check
+CVE-2026-31866 (flagd is a feature flag daemon with a Unix philosophy. Prior
to 0.14.2 ...)
+ TODO: check
+CVE-2026-31863 (Anytype Heart is the middleware library for Anytype. The
challenge-bas ...)
+ TODO: check
+CVE-2026-31862 (Cloud CLI (aka Claude Code UI) is a desktop and mobile UI for
Claude C ...)
+ TODO: check
+CVE-2026-31861 (Cloud CLI (aka Claude Code UI) is a desktop and mobile UI for
Claude C ...)
+ TODO: check
+CVE-2026-31859 (Craft is a content management system (CMS). The fix for
CVE-2025-35939 ...)
+ TODO: check
+CVE-2026-31858 (Craft is a content management system (CMS). The
ElementSearchControlle ...)
+ TODO: check
+CVE-2026-31857 (Craft is a content management system (CMS). Prior to 5.9.9 and
4.17.4, ...)
+ TODO: check
+CVE-2026-31856 (Parse Server is an open source backend that can be deployed to
any inf ...)
+ TODO: check
+CVE-2026-31854 (Cursor is a code editor built for programming with AI. Prior
to 2.0 ,i ...)
+ TODO: check
+CVE-2026-31853 (ImageMagick is free and open-source software used for editing
and mani ...)
+ TODO: check
+CVE-2026-31852 (Jellyfin is an open-source media system. The code-quality.yml
GitHub A ...)
+ TODO: check
+CVE-2026-31840 (Parse Server is an open source backend that can be deployed to
any inf ...)
+ TODO: check
+CVE-2026-31839 (Striae is a firearms examiner's comparison companion. A
high-severity ...)
+ TODO: check
+CVE-2026-31813 (Supabase Auth is a JWT based API for managing users and
issuing JWT to ...)
+ TODO: check
+CVE-2026-30903 (External Control of File Name or Path in the Mail feature of
Zoom Work ...)
+ TODO: check
+CVE-2026-30902 (Improper Privilege Management in certain Zoom Clients for
Windows may ...)
+ TODO: check
+CVE-2026-30901 (Improper Input Validation in Zoom Rooms for Windows before
6.6.5 in Ki ...)
+ TODO: check
+CVE-2026-30900 (Improper Check of minimum version in update functionality of
certain Z ...)
+ TODO: check
+CVE-2026-30868 (OPNsense is a FreeBSD based firewall and routing platform.
Prior to 26 ...)
+ TODO: check
+CVE-2026-30741 (A remote code execution (RCE) vulnerability in OpenClaw Agent
Platform ...)
+ TODO: check
+CVE-2026-30239 (OpenProject is an open-source, web-based project management
software. ...)
+ TODO: check
+CVE-2026-30236 (OpenProject is an open-source, web-based project management
software. ...)
+ TODO: check
+CVE-2026-30235 (OpenProject is an open-source, web-based project management
software. ...)
+ TODO: check
+CVE-2026-30234 (OpenProject is an open-source, web-based project management
software. ...)
+ TODO: check
+CVE-2026-30226 (Svelte devalue is a JavaScript library that serializes values
into str ...)
+ TODO: check
+CVE-2026-29777 (Traefik is an HTTP reverse proxy and load balancer. Prior to
3.6.10, A ...)
+ TODO: check
+CVE-2026-28803 (Open Forms allows users create and publish smart forms. Prior
to 3.3.1 ...)
+ TODO: check
+CVE-2026-28229 (Argo Workflows is an open source container-native workflow
engine for ...)
+ TODO: check
+CVE-2026-27897 (Vociferous provides cross-platform, offline speech-to-text
with local ...)
+ TODO: check
+CVE-2026-27703 (RIOT is an open-source microcontroller operating system,
designed to m ...)
+ TODO: check
+CVE-2026-27478 (Unity Catalog is an open, multi-modal Catalog for data and AI.
In 0.4. ...)
+ TODO: check
+CVE-2026-24510 (Dell Alienware Command Center (AWCC), versions prior to
6.12.24.0, con ...)
+ TODO: check
+CVE-2026-24509 (Dell Alienware Command Center (AWCC), versions prior to
6.12.24.0, con ...)
+ TODO: check
+CVE-2026-24508 (Dell Alienware Command Center (AWCC), versions prior to
6.12.24.0, con ...)
+ TODO: check
+CVE-2026-22248 (GLPI is an open-source asset and IT management software
package that p ...)
+ TODO: check
+CVE-2026-21888 (NanoMQ MQTT Broker (NanoMQ) is an all-around Edge Messaging
Platform. ...)
+ TODO: check
+CVE-2026-20166 (In Splunk Enterprise versions below 10.2.1 and 10.0.4, and
Splunk Clou ...)
+ TODO: check
+CVE-2026-20165 (In Splunk Enterprise versions below 10.2.1, 10.0.4, 9.4.9, and
9.3.10, ...)
+ TODO: check
+CVE-2026-20164 (In Splunk Enterprise versions below 10.2.0, 10.0.3, 9.4.9, and
9.3.10, ...)
+ TODO: check
+CVE-2026-20163 (In Splunk Enterprise versions below 10.2.0, 10.0.4, 9.4.9, and
9.3.10, ...)
+ TODO: check
+CVE-2026-20162 (In Splunk Enterprise versions below 10.2.0, 10.0.3, 9.4.9, and
9.3.9, ...)
+ TODO: check
+CVE-2026-20118 (A vulnerability in the handling of an Egress Packet Network
Interface ...)
+ TODO: check
+CVE-2026-20117 (A vulnerability in the web-based management interface of Cisco
Unified ...)
+ TODO: check
+CVE-2026-20116 (A vulnerability in the web-based management interface of
Cisco F ...)
+ TODO: check
+CVE-2026-20074 (A vulnerability in the Intermediate System-to-Intermediate
System (IS- ...)
+ TODO: check
+CVE-2026-20046 (A vulnerability in task group assignment for a specific CLI
command in ...)
+ TODO: check
+CVE-2026-20040 (A vulnerability in the CLI of Cisco IOS XR Software could
allow an aut ...)
+ TODO: check
+CVE-2026-1993 (The ExactMetrics \u2013 Google Analytics Dashboard for
WordPress plugi ...)
+ TODO: check
+CVE-2026-1992 (The ExactMetrics \u2013 Google Analytics Dashboard for
WordPress plugi ...)
+ TODO: check
+CVE-2026-1732 (GitLab has remediated an issue in GitLab CE/EE affecting all
versions ...)
+ TODO: check
+CVE-2026-1663 (GitLab has remediated an issue in GitLab CE/EE affecting all
versions ...)
+ TODO: check
+CVE-2026-1524 (An edgecase in SSO implementation in Neo4j Enterprise edition
versions ...)
+ TODO: check
+CVE-2026-1497 (Incorrect resolving of namespaces in composite databases in
Neo4j Ente ...)
+ TODO: check
+CVE-2026-1471 (Excessive caching of authentication context in Neo4j Enterprise
editio ...)
+ TODO: check
+CVE-2026-1454 (The Responsive Contact Form Builder & Lead Generation Plugin
plugin fo ...)
+ TODO: check
+CVE-2026-1230 (GitLab has remediated an issue in GitLab CE/EE affecting all
versions ...)
+ TODO: check
+CVE-2026-1090 (GitLab has remediated an issue in GitLab CE/EE affecting all
versions ...)
+ TODO: check
+CVE-2026-1069 (GitLab has remediated an issue in GitLab CE/EE affecting all
versions ...)
+ TODO: check
+CVE-2026-0602 (GitLab has remediated an issue in GitLab CE/EE affecting all
versions ...)
+ TODO: check
+CVE-2026-0231 (An information disclosure vulnerability inPalo Alto Networks
Cortex XD ...)
+ TODO: check
+CVE-2026-0230 (A problem with a protection mechanism in the Palo Alto Networks
Cortex ...)
+ TODO: check
+CVE-2025-70330 (Easy Grade Pro 4.1.0.2 contains a file parsing logic flaw in
the handl ...)
+ TODO: check
+CVE-2025-70082 (An issue in Lantronix EDS3000PS v.3.1.0.0R2 allows an attacker
to exec ...)
+ TODO: check
+CVE-2025-70027 (An issue pertaining to CWE-918: Server-Side Request Forgery
was discov ...)
+ TODO: check
+CVE-2025-68623 (In Microsoft DirectX End-User Runtime Web Installer
9.29.1974.0, a low ...)
+ TODO: check
+CVE-2025-67298 (An issue in ClasroomIO before v.0.2.6 allows a remote attacker
to esca ...)
+ TODO: check
+CVE-2025-67041 (An issue was discovered in Lantronix EDS3000PS 3.1.0.0R2. The
host par ...)
+ TODO: check
+CVE-2025-67039 (An issue was discovered in Lantronix EDS3000PS 3.1.0.0R2. The
authenti ...)
+ TODO: check
+CVE-2025-67038 (An issue was discovered in Lantronix EDS5000 2.1.0.0R3. The
HTTP RPC m ...)
+ TODO: check
+CVE-2025-67037 (An issue was discovered in Lantronix EDS5000 2.1.0.0R3. An
authenticat ...)
+ TODO: check
+CVE-2025-67036 (An issue was discovered in Lantronix EDS5000 2.1.0.0R3. The
Log Info p ...)
+ TODO: check
+CVE-2025-67035 (An issue was discovered in Lantronix EDS5000 2.1.0.0R3. The
SSH Client ...)
+ TODO: check
+CVE-2025-67034 (An issue was discovered in Lantronix EDS5000 2.1.0.0R3. An
authenticat ...)
+ TODO: check
+CVE-2025-14513 (GitLab has remediated an issue in GitLab CE/EE affecting all
versions ...)
+ TODO: check
+CVE-2025-13929 (GitLab has remediated an issue in GitLab CE/EE affecting all
versions ...)
+ TODO: check
+CVE-2025-13690 (GitLab has remediated an issue in GitLab CE/EE affecting all
versions ...)
+ TODO: check
+CVE-2025-12704 (GitLab has remediated an issue in GitLab EE affecting all
versions fro ...)
+ TODO: check
+CVE-2025-12697 (GitLab has remediated an issue in GitLab CE/EE affecting all
versions ...)
+ TODO: check
+CVE-2025-12690 (Execution with unnecessary privileges in Forcepoint NGFW
Engine allows ...)
+ TODO: check
+CVE-2025-12576 (GitLab has remediated an issue in GitLab CE/EE affecting all
versions ...)
+ TODO: check
+CVE-2025-12555 (GitLab has remediated an issue in GitLab CE/EE affecting all
versions ...)
+ TODO: check
+CVE-2019-25487 (SAPIDO RB-1732 V2.0.43 contains a remote command execution
vulnerabili ...)
+ TODO: check
+CVE-2019-25486 (Varient 1.6.1 contains an SQL injection vulnerability that
allows unau ...)
+ TODO: check
+CVE-2019-25485 (R 3.4.4 on Windows x64 contains a buffer overflow
vulnerability in the ...)
+ TODO: check
+CVE-2019-25484 (WinMPG iPod Convert 3.0 contains a buffer overflow
vulnerability in th ...)
+ TODO: check
+CVE-2019-25483 (Comtrend AR-5310 GE31-412SSG-C01_R10.A2pG039u.d24k contains a
restrict ...)
+ TODO: check
+CVE-2019-25480 (ARMBot contains an unrestricted file upload vulnerability in
upload.ph ...)
+ TODO: check
+CVE-2019-25478 (GetGo Download Manager 6.2.2.3300 contains a buffer overflow
vulnerabi ...)
+ TODO: check
+CVE-2019-25477 (RAR Password Recovery 1.80 contains a buffer overflow
vulnerability th ...)
+ TODO: check
+CVE-2019-25476 (Outlook Password Recovery 2.10 contains a buffer overflow
vulnerabilit ...)
+ TODO: check
+CVE-2019-25475 (SQL Server Password Changer 1.90 contains a buffer overflow
vulnerabil ...)
+ TODO: check
+CVE-2019-25474 (Easy MP3 Downloader 4.7.8.8 contains a buffer overflow
vulnerability t ...)
+ TODO: check
+CVE-2019-25472 (IntelBras Telefone IP TIP200 and 200 LITE contain an
unauthenticated a ...)
+ TODO: check
+CVE-2019-25471 (FileThingie 2.5.7 contains an arbitrary file upload
vulnerability that ...)
+ TODO: check
+CVE-2019-25470 (eWON Firmware versions 12.2 to 13.0 contain an authentication
bypass v ...)
+ TODO: check
+CVE-2019-25469 (Folder Lock 7.7.9 contains a buffer overflow vulnerability in
the seri ...)
+ TODO: check
+CVE-2019-25468 (NetGain EM Plus 10.1.68 contains a remote code execution
vulnerability ...)
+ TODO: check
+CVE-2019-25467 (Verypdf docPrint Pro 8.0 contains a structured exception
handling buff ...)
+ TODO: check
+CVE-2019-25466 (Easy File Sharing Web Server 7.2 contains a local structured
exception ...)
+ TODO: check
+CVE-2019-25465 (Hisilicon HiIpcam V100R003 contains a directory traversal
vulnerabilit ...)
+ TODO: check
+CVE-2019-25464 (InputMapper 1.6.10 contains a buffer overflow vulnerability in
the use ...)
+ TODO: check
+CVE-2019-25463 (SpotIE Internet Explorer Password Recovery 2.9.5 contains a
denial of ...)
+ TODO: check
+CVE-2018-25159 (Epross AVCON6 systems management platform contains an
object-graph nav ...)
+ TODO: check
+CVE-2026-3904 (Calling NSS-backed functions that support caching via nscd may
call th ...)
- glibc 2.36-9 (bug #1033931)
[bullseye] - glibc <not-affected> (Vulnerable code introduced later)
NOTE:
https://sourceware.org/git/?p=glibc.git;a=blob;f=advisories/GLIBC-SA-2026-0004
@@ -372,7 +692,7 @@ CVE-2024-14025 (An SQL injection vulnerability has been
reported to affect Video
NOT-FOR-US: QNAP
CVE-2024-14024 (An improper certificate validation vulnerability has been
reported to ...)
NOT-FOR-US: QNAP
-CVE-2026-3805
+CVE-2026-3805 (When doing a second SMB request to the same host again, curl
would wro ...)
- curl <unfixed>
[trixie] - curl <no-dsa> (Minor issue)
[bookworm] - curl <not-affected> (Vulnerable code introduced later)
@@ -380,21 +700,21 @@ CVE-2026-3805
NOTE: https://curl.se/docs/CVE-2026-3805.html
NOTE: Introduced with:
https://github.com/curl/curl/commit/f4831daa9b2a97e8a2921d6b62cc4dfdd0d8646e
(curl-8_13_0)
NOTE: Fixed by:
https://github.com/curl/curl/commit/e090be9f73a7a71459ef678c7cc4b1f75e3ea883
(curl-8_19_0)
-CVE-2026-3784
+CVE-2026-3784 (curl would wrongly reuse an existing HTTP proxy connection
doing CONNE ...)
- curl <unfixed>
[trixie] - curl <no-dsa> (Minor issue)
[bookworm] - curl <no-dsa> (Minor issue)
NOTE: https://curl.se/docs/CVE-2026-3784.html
NOTE: Introduced with:
https://github.com/curl/curl/commit/a1d6ad26100bc493c7b04f1301b1634b7f5aa8b4
(curl-7_7_alpha2)
NOTE: Fixed by:
https://github.com/curl/curl/commit/5f13a7645e565c5c1a06f3ef86e97afb856fb364
(curl-8_19_0)
-CVE-2026-3783
+CVE-2026-3783 (When an OAuth2 bearer token is used for an HTTP(S) transfer,
and that ...)
- curl <unfixed>
[trixie] - curl <no-dsa> (Minor issue)
[bookworm] - curl <no-dsa> (Minor issue)
NOTE: https://curl.se/docs/CVE-2026-3783.html
NOTE: Introduced with:
https://github.com/curl/curl/commit/06c1bea72faabb6fad4b7ef818aafaa336c9a7aa
(curl-7_33_0)
NOTE: Fixed by:
https://github.com/curl/curl/commit/e3d7401a32a46516c9e5ee877e613e62ed35bddc
(curl-8_19_0)
-CVE-2026-1965
+CVE-2026-1965 (libcurl can in some circumstances reuse the wrong connection
when aske ...)
- curl 8.19.0~rc3-1
[trixie] - curl <no-dsa> (Minor issue)
[bookworm] - curl <no-dsa> (Minor issue)
@@ -4050,7 +4370,7 @@ CVE-2026-3441
- binutils <unfixed> (unimportant)
NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=2443826
NOTE: binutils not covered by security support
-CVE-2026-3429
+CVE-2026-3429 (A flaw was identified in the Account REST API of Keycloak that
allows ...)
- keycloak <itp> (bug #1088287)
CVE-2026-3432 (On SimStudio version below to 0.5.74, the
`/api/auth/oauth/token` endp ...)
NOT-FOR-US: SimStudio
@@ -16634,7 +16954,7 @@ CVE-2025-9226 (Zohocorp ManageEngine OpManager, NetFlow
Analyzer, and OpUtils ve
NOT-FOR-US: Zoho
CVE-2025-7964 (After receiving a malformed 802.15.4 MAC Data Request the
Zigbee C ...)
NOT-FOR-US: Silicon Labs
-CVE-2025-6723 (Chef InSpec up to version 5.23 creates named pipes with overly
permiss ...)
+CVE-2025-6723 (Chef InSpec versions up to 5.23 and before 7.0.107 creates
named pipes ...)
NOT-FOR-US: Progress Software
CVE-2025-69662 (SQL injection vulnerability in geopandas before v.1.1.2 allows
an atta ...)
- python-geopandas 1.1.2-1
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/22e1555b3ad1324962a69fa3d02c953396aa4e79
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/22e1555b3ad1324962a69fa3d02c953396aa4e79
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
