[Git][security-tracker-team/security-tracker][master] automatic update

Salvatore Bonaccorso (@carnil) Mon, 23 Mar 2026 01:15:02 -0700


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker



Commits:
6a2d6be8 by security tracker role at 2026-03-23T08:13:01+00:00
automatic update

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,3 +1,71 @@
+CVE-2026-4606 (GV Edge Recording Manager (ERM) v2.3.1 improperly runs 
application com ...)
+       TODO: check
+CVE-2026-4603 (Versions of the package jsrsasign before 11.1.1 are vulnerable 
to Divi ...)
+       TODO: check
+CVE-2026-4602 (Versions of the package jsrsasign before 11.1.1 are vulnerable 
to Inco ...)
+       TODO: check
+CVE-2026-4601 (Versions of the package jsrsasign before 11.1.1 are vulnerable 
to Miss ...)
+       TODO: check
+CVE-2026-4600 (Versions of the package jsrsasign before 11.1.1 are vulnerable 
to Impr ...)
+       TODO: check
+CVE-2026-4599 (Versions of the package jsrsasign from 7.0.0 and before 11.1.1 
are vul ...)
+       TODO: check
+CVE-2026-4598 (Versions of the package jsrsasign before 11.1.1 are vulnerable 
to Infi ...)
+       TODO: check
+CVE-2026-4579 (A vulnerability was identified in code-projects Simple Laundry 
System  ...)
+       TODO: check
+CVE-2026-4578 (A vulnerability was determined in code-projects Exam Form 
Submission 1 ...)
+       TODO: check
+CVE-2026-4577 (A vulnerability was found in code-projects Exam Form Submission 
1.0. T ...)
+       TODO: check
+CVE-2026-4576 (A vulnerability has been found in code-projects Exam Form 
Submission 1 ...)
+       TODO: check
+CVE-2026-4575 (A flaw has been found in code-projects Exam Form Submission 
1.0. This  ...)
+       TODO: check
+CVE-2026-4574 (A vulnerability was detected in SourceCodester Simple 
E-learning Syste ...)
+       TODO: check
+CVE-2026-4573 (A security vulnerability has been detected in SourceCodester 
Simple E- ...)
+       TODO: check
+CVE-2026-4572 (A weakness has been identified in SourceCodester Sales and 
Inventory S ...)
+       TODO: check
+CVE-2026-4571 (A security flaw has been discovered in SourceCodester Sales and 
Invent ...)
+       TODO: check
+CVE-2026-4570 (A vulnerability was identified in SourceCodester Sales and 
Inventory S ...)
+       TODO: check
+CVE-2026-4569 (A vulnerability was determined in SourceCodester Sales and 
Inventory S ...)
+       TODO: check
+CVE-2026-4568 (A vulnerability was found in SourceCodester Sales and Inventory 
System ...)
+       TODO: check
+CVE-2026-4567 (A vulnerability has been found in Tenda A15 15.13.07.13. The 
impacted  ...)
+       TODO: check
+CVE-2026-4566 (A flaw has been found in Belkin F9K1122 1.00.33. The affected 
element  ...)
+       TODO: check
+CVE-2026-4565 (A vulnerability was detected in Tenda AC21 16.03.08.16. 
Impacted is th ...)
+       TODO: check
+CVE-2026-4564 (A security vulnerability has been detected in yangzongzhuan 
RuoYi up t ...)
+       TODO: check
+CVE-2026-4563 (A weakness has been identified in MacCMS up to 2025.1000.4052. 
This vu ...)
+       TODO: check
+CVE-2026-4562 (A security flaw has been discovered in MacCMS 2025.1000.4052. 
This aff ...)
+       TODO: check
+CVE-2026-3587 (An unauthenticated remote attacker can exploit a hidden 
function in th ...)
+       TODO: check
+CVE-2026-2580 (The WP Maps \u2013 Store Locator,Google 
Maps,OpenStreetMap,Mapbox,List ...)
+       TODO: check
+CVE-2026-1969 (The trx_addons WordPress plugin before 2.38.5 does not 
correctly valid ...)
+       TODO: check
+CVE-2025-6229 (The Sina Extension for Elementor (Header Builder, Footer 
Builter, Them ...)
+       TODO: check
+CVE-2025-13997 (The King Addons for Elementor \u2013 4,000+ ready Elementor 
sections,  ...)
+       TODO: check
+CVE-2025-10736 (The ReviewX \u2013 WooCommerce Product Reviews with 
Multi-Criteria, Re ...)
+       TODO: check
+CVE-2025-10734 (The ReviewX \u2013 WooCommerce Product Reviews with 
Multi-Criteria, Re ...)
+       TODO: check
+CVE-2025-10731 (The ReviewX \u2013 WooCommerce Product Reviews with 
Multi-Criteria, Re ...)
+       TODO: check
+CVE-2025-10679 (The ReviewX \u2013 WooCommerce Product Reviews with 
Multi-Criteria, Re ...)
+       TODO: check
 CVE-2026-4558 (A flaw has been found in Linksys MR9600 2.0.6.206937. Affected 
is the  ...)
        NOT-FOR-US: Linksys
 CVE-2026-4557 (A vulnerability was detected in code-projects Exam Form 
Submission 1.0 ...)
@@ -14464,6 +14532,7 @@ CVE-2026-27100 (Jenkins 2.550 and earlier, LTS 2.541.1 
and earlier accepts Run P
 CVE-2026-27099 (Jenkins 2.483 through 2.550 (both inclusive), LTS 2.492.1 
through 2.54 ...)
        NOT-FOR-US: Jenkins (core or plugin)
 CVE-2026-25500 (Rack is a modular Ruby web server interface. Prior to versions 
2.2.22, ...)
+       {DLA-4505-1}
        - ruby-rack 3.2.5-1 (bug #1128480)
        NOTE: 
https://github.com/rack/rack/security/advisories/GHSA-whrj-4476-wvmp
        NOTE: Fixed by: 
https://github.com/rack/rack/commit/f2f225f297b99fbee3d9f51255d41f601fc40aff 
(main)
@@ -14473,6 +14542,7 @@ CVE-2026-25500 (Rack is a modular Ruby web server 
interface. Prior to versions 2
 CVE-2026-23491 (InvoicePlane is a self-hosted open source application for 
managing inv ...)
        NOT-FOR-US: InvoicePlane
 CVE-2026-22860 (Rack is a modular Ruby web server interface. Prior to versions 
2.2.22, ...)
+       {DLA-4505-1}
        - ruby-rack 3.2.5-1 (bug #1128479)
        NOTE: 
https://github.com/rack/rack/security/advisories/GHSA-mxw3-3hh2-x2mh
        NOTE: Fixed by: 
https://github.com/rack/rack/commit/75c5745c286637a8f049a33790c71237762069e7 
(main)
@@ -71914,6 +71984,7 @@ CVE-2025-59671
 CVE-2025-59670
        REJECTED
 CVE-2025-59431 (MapServer is a system for developing web-based GIS 
applications. Prior ...)
+       {DLA-4506-1}
        - mapserver 8.4.1-1
        [trixie] - mapserver 8.4.0-4+deb13u1
        [bookworm] - mapserver <no-dsa> (Minor issue)
@@ -97859,13 +97930,13 @@ CVE-2025-23970 (Incorrect Privilege Assignment 
vulnerability in aonetheme Servic
        NOT-FOR-US: WordPress plugin
 CVE-2024-9453 (A vulnerability was found in Red Hat OpenShift Jenkins. The 
bearer tok ...)
        NOT-FOR-US: Red Hat OpenShift Jenkins
-CVE-2026-23555
+CVE-2026-23555 (Any guest issuing a Xenstore command accessing a node using 
the (illeg ...)
        - xen <unfixed> (unimportant)
        [bookworm] - xen <not-affected> (Vulnerable code not present)
        [bullseye] - xen <end-of-life> (EOLed in Bullseye)
        NOTE: https://xenbits.xen.org/xsa/advisory-481.html
        NOTE: Debian uses the ocaml-based xenstored
-CVE-2026-23554
+CVE-2026-23554 (The Intel EPT paging code uses an optimization to defer 
flushing of an ...)
        - xen <unfixed>
        [bullseye] - xen <not-affected> (Vulnerable code not present)
        NOTE: https://xenbits.xen.org/xsa/advisory-480.html
@@ -446163,6 +446234,7 @@ CVE-2021-32064
 CVE-2021-32063
        RESERVED
 CVE-2021-32062 (MapServer before 7.0.8, 7.1.x and 7.2.x before 7.2.3, 7.3.x 
and 7.4.x  ...)
+       {DLA-4506-1}
        [experimental] - mapserver 7.6.3-1~exp1
        - mapserver 7.6.2-2 (bug #988208)
        [buster] - mapserver <no-dsa> (Minor issue; will be fixed via point 
release)



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/6a2d6be85d5587620dcf3def4c3de9724ac33459

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/6a2d6be85d5587620dcf3def4c3de9724ac33459
You're receiving this email because of your account on salsa.debian.org.

_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

[Git][security-tracker-team/security-tracker][master] automatic update

Reply via email to