Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
a7d9ccfe by security tracker role at 2026-03-25T08:13:15+00:00
automatic update
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,7 +1,247 @@
-CVE-2026-4371
+CVE-2026-4784 (A vulnerability was found in code-projects Simple Laundry
System 1.0. ...)
+ TODO: check
+CVE-2026-4783 (A vulnerability has been found in itsourcecode College
Management Syst ...)
+ TODO: check
+CVE-2026-4781 (A flaw has been found in SourceCodester Sales and Inventory
System 1.0 ...)
+ TODO: check
+CVE-2026-4780 (A vulnerability was detected in SourceCodester Sales and
Inventory Sys ...)
+ TODO: check
+CVE-2026-4779 (A security vulnerability has been detected in SourceCodester
Sales and ...)
+ TODO: check
+CVE-2026-4778 (A weakness has been identified in SourceCodester Sales and
Inventory S ...)
+ TODO: check
+CVE-2026-4777 (A security flaw has been discovered in SourceCodester Sales and
Invent ...)
+ TODO: check
+CVE-2026-4766 (The Easy Image Gallery plugin for WordPress is vulnerable to
Stored Cr ...)
+ TODO: check
+CVE-2026-4433 (An SSH misconfigurations exists in Tenable OT that led to the
potentia ...)
+ TODO: check
+CVE-2026-3912 (Injection vulnerabilities due to validation/sanitisation of
user-suppl ...)
+ TODO: check
+CVE-2026-33253 (SANUPS SOFTWARE provided by SANYO DENKI CO., LTD. registers
Windows se ...)
+ TODO: check
+CVE-2026-33215 (NATS-Server is a High-Performance server for NATS.io, a cloud
and edge ...)
+ TODO: check
+CVE-2026-32326 (SHARP routers do not perform authentication for some web APIs.
The dev ...)
+ TODO: check
+CVE-2026-2343 (The PeproDev Ultimate Invoice WordPress plugin through 2.2.5
has a bul ...)
+ TODO: check
+CVE-2026-2072 (Cross-Site Scripting vulnerability in Hitachi Infrastructure
Analytics ...)
+ TODO: check
+CVE-2026-28895 (The issue was addressed with improved checks. This issue is
fixed in i ...)
+ TODO: check
+CVE-2026-28894 (A denial-of-service issue was addressed with improved input
validation ...)
+ TODO: check
+CVE-2026-28893 (A privacy issue was addressed with improved handling of
temporary file ...)
+ TODO: check
+CVE-2026-28892 (A permissions issue was addressed by removing the vulnerable
code. Thi ...)
+ TODO: check
+CVE-2026-28891 (A race condition was addressed with additional validation.
This issue ...)
+ TODO: check
+CVE-2026-28890 (An out-of-bounds read was addressed with improved bounds
checking. Thi ...)
+ TODO: check
+CVE-2026-28889 (A permissions issue was addressed with additional
restrictions. This i ...)
+ TODO: check
+CVE-2026-28888 (A race condition was addressed with improved state handling.
This issu ...)
+ TODO: check
+CVE-2026-28886 (A null pointer dereference was addressed with improved input
validatio ...)
+ TODO: check
+CVE-2026-28882 (This issue was addressed with improved checks. This issue is
fixed in ...)
+ TODO: check
+CVE-2026-28881 (A privacy issue was addressed by moving sensitive data. This
issue is ...)
+ TODO: check
+CVE-2026-28880 (A permissions issue was addressed with additional
restrictions. This i ...)
+ TODO: check
+CVE-2026-28879 (A use-after-free issue was addressed with improved memory
management. ...)
+ TODO: check
+CVE-2026-28878 (A privacy issue was addressed by removing sensitive data. This
issue i ...)
+ TODO: check
+CVE-2026-28877 (An authorization issue was addressed with improved state
management. T ...)
+ TODO: check
+CVE-2026-28876 (A parsing issue in the handling of directory paths was
addressed with ...)
+ TODO: check
+CVE-2026-28875 (A buffer overflow was addressed with improved bounds checking.
This is ...)
+ TODO: check
+CVE-2026-28874 (The issue was addressed with improved checks. This issue is
fixed in i ...)
+ TODO: check
+CVE-2026-28871 (A logic issue was addressed with improved checks. This issue
is fixed ...)
+ TODO: check
+CVE-2026-28870 (An information leakage was addressed with additional
validation. This ...)
+ TODO: check
+CVE-2026-28868 (A logging issue was addressed with improved data redaction.
This issue ...)
+ TODO: check
+CVE-2026-28867 (This issue was addressed with improved authentication. This
issue is f ...)
+ TODO: check
+CVE-2026-28866 (This issue was addressed with improved validation of symlinks.
This is ...)
+ TODO: check
+CVE-2026-28865 (An authentication issue was addressed with improved state
management. ...)
+ TODO: check
+CVE-2026-28864 (This issue was addressed with improved permissions checking.
This issu ...)
+ TODO: check
+CVE-2026-28863 (A permissions issue was addressed with additional
restrictions. This i ...)
+ TODO: check
+CVE-2026-28862 (A privacy issue was addressed with improved private data
redaction for ...)
+ TODO: check
+CVE-2026-28861 (A logic issue was addressed with improved state management.
This issue ...)
+ TODO: check
+CVE-2026-28859 (The issue was addressed with improved memory handling. This
issue is f ...)
+ TODO: check
+CVE-2026-28858 (A buffer overflow was addressed with improved bounds checking.
This is ...)
+ TODO: check
+CVE-2026-28857 (The issue was addressed with improved memory handling. This
issue is f ...)
+ TODO: check
+CVE-2026-28856 (The issue was addressed with improved authentication. This
issue is fi ...)
+ TODO: check
+CVE-2026-28855 (A permissions issue was addressed with additional
restrictions. This i ...)
+ TODO: check
+CVE-2026-28852 (A stack overflow was addressed with improved input validation.
This is ...)
+ TODO: check
+CVE-2026-28845 (An authorization issue was addressed with improved state
management. T ...)
+ TODO: check
+CVE-2026-28844 (A file access issue was addressed with improved input
validation. This ...)
+ TODO: check
+CVE-2026-28842 (The issue was addressed with improved bounds checks. This
issue is fix ...)
+ TODO: check
+CVE-2026-28841 (A buffer overflow was addressed with improved size validation.
This is ...)
+ TODO: check
+CVE-2026-28839 (The issue was addressed with improved checks. This issue is
fixed in m ...)
+ TODO: check
+CVE-2026-28838 (A permissions issue was addressed with additional sandbox
restrictions ...)
+ TODO: check
+CVE-2026-28837 (A logic issue was addressed with improved checks. This issue
is fixed ...)
+ TODO: check
+CVE-2026-28835 (A use-after-free issue was addressed with improved memory
management. ...)
+ TODO: check
+CVE-2026-28834 (A race condition was addressed with improved state handling.
This issu ...)
+ TODO: check
+CVE-2026-28833 (A permissions issue was addressed with additional
restrictions. This i ...)
+ TODO: check
+CVE-2026-28832 (An out-of-bounds read was addressed with improved bounds
checking. Thi ...)
+ TODO: check
+CVE-2026-28831 (An authorization issue was addressed with improved state
management. T ...)
+ TODO: check
+CVE-2026-28829 (A permissions issue was addressed with additional
restrictions. This i ...)
+ TODO: check
+CVE-2026-28828 (A permissions issue was addressed by removing the vulnerable
code. Thi ...)
+ TODO: check
+CVE-2026-28827 (A parsing issue in the handling of directory paths was
addressed with ...)
+ TODO: check
+CVE-2026-28826 (A logic issue was addressed with improved restrictions. This
issue is ...)
+ TODO: check
+CVE-2026-28825 (An out-of-bounds write issue was addressed with improved
bounds checki ...)
+ TODO: check
+CVE-2026-28824 (An authorization issue was addressed with improved state
management. T ...)
+ TODO: check
+CVE-2026-28823 (A path handling issue was addressed with improved validation.
This iss ...)
+ TODO: check
+CVE-2026-28822 (A type confusion issue was addressed with improved memory
handling. Th ...)
+ TODO: check
+CVE-2026-28821 (A validation issue existed in the entitlement verification.
This issue ...)
+ TODO: check
+CVE-2026-28820 (This issue was addressed with improved checks. This issue is
fixed in ...)
+ TODO: check
+CVE-2026-28818 (A logging issue was addressed with improved data redaction.
This issue ...)
+ TODO: check
+CVE-2026-28817 (A race condition was addressed with improved state handling.
This issu ...)
+ TODO: check
+CVE-2026-28816 (A path handling issue was addressed with improved validation.
This iss ...)
+ TODO: check
+CVE-2026-26306 (The installer for OM Workspace (Windows Edition) Ver 2.4 and
earlier i ...)
+ TODO: check
+CVE-2026-24159 (NVIDIA NeMo Framework contains a vulnerability where an
attacker may c ...)
+ TODO: check
+CVE-2026-24158 (NVIDIA Triton Inference Server contains a vulnerability in the
HTTP en ...)
+ TODO: check
+CVE-2026-24157 (NVIDIA NeMo Framework contains a vulnerability in checkpoint
loading w ...)
+ TODO: check
+CVE-2026-24152 (NVIDIA Megatron-LM contains a vulnerability in checkpoint
loading wher ...)
+ TODO: check
+CVE-2026-24151 (NVIDIA Megatron-LM contains a vulnerability in inferencing
where an At ...)
+ TODO: check
+CVE-2026-24150 (NVIDIA Megatron-LM contains a vulnerability in checkpoint
loading wher ...)
+ TODO: check
+CVE-2026-24141 (NVIDIA Model Optimizer for Windows and Linux contains a
vulnerability ...)
+ TODO: check
+CVE-2026-21790 (HCL Traveler is susceptible to a weak default HTTP header
validation v ...)
+ TODO: check
+CVE-2026-20701 (An access issue was addressed with additional sandbox
restrictions. Th ...)
+ TODO: check
+CVE-2026-20699 (A downgrade issue affecting Intel-based Mac computers was
addressed wi ...)
+ TODO: check
+CVE-2026-20698 (The issue was addressed with improved memory handling. This
issue is f ...)
+ TODO: check
+CVE-2026-20697 (A permissions issue was addressed with additional
restrictions. This i ...)
+ TODO: check
+CVE-2026-20695 (An information disclosure issue was addressed with improved
memory man ...)
+ TODO: check
+CVE-2026-20694 (This issue was addressed with improved handling of symlinks.
This issu ...)
+ TODO: check
+CVE-2026-20693 (This issue was addressed through improved state management.
This issue ...)
+ TODO: check
+CVE-2026-20692 (A privacy issue was addressed with improved handling of user
preferenc ...)
+ TODO: check
+CVE-2026-20691 (An authorization issue was addressed with improved state
management. T ...)
+ TODO: check
+CVE-2026-20690 (An out-of-bounds access issue was addressed with improved
bounds check ...)
+ TODO: check
+CVE-2026-20688 (A path handling issue was addressed with improved validation.
This iss ...)
+ TODO: check
+CVE-2026-20687 (A use after free issue was addressed with improved memory
management. ...)
+ TODO: check
+CVE-2026-20686 (This issue was addressed with improved input validation. This
issue is ...)
+ TODO: check
+CVE-2026-20684 (A permissions issue was addressed with additional
restrictions. This i ...)
+ TODO: check
+CVE-2026-20670 (An authorization issue was addressed with improved state
management. T ...)
+ TODO: check
+CVE-2026-20668 (A logging issue was addressed with improved data redaction.
This issue ...)
+ TODO: check
+CVE-2026-20665 (This issue was addressed through improved state management.
This issue ...)
+ TODO: check
+CVE-2026-20664 (The issue was addressed with improved memory handling. This
issue is f ...)
+ TODO: check
+CVE-2026-20657 (The issue was addressed with improved memory handling. This
issue is f ...)
+ TODO: check
+CVE-2026-20651 (A privacy issue was addressed with improved handling of
temporary file ...)
+ TODO: check
+CVE-2026-20639 (An integer overflow was addressed with improved input
validation. This ...)
+ TODO: check
+CVE-2026-20637 (A use after free issue was addressed with improved memory
management. ...)
+ TODO: check
+CVE-2026-20633 (This issue was addressed with improved handling of symlinks.
This issu ...)
+ TODO: check
+CVE-2026-20632 (A parsing issue in the handling of directory paths was
addressed with ...)
+ TODO: check
+CVE-2026-20631 (A logic issue was addressed with improved checks. This issue
is fixed ...)
+ TODO: check
+CVE-2026-20622 (A privacy issue was addressed with improved handling of
temporary file ...)
+ TODO: check
+CVE-2026-20607 (A permissions issue was addressed with additional
restrictions. This i ...)
+ TODO: check
+CVE-2026-1166 (Open Redirect vulnerability in Hitachi Ops Center
Administrator.This i ...)
+ TODO: check
+CVE-2025-43534 (A path handling issue was addressed with improved validation.
This iss ...)
+ TODO: check
+CVE-2025-33254 (NVIDIA Triton Inference Server contains a vulnerability where
an attac ...)
+ TODO: check
+CVE-2025-33248 (NVIDIA Megatron-LM contains a vulnerability in the hybrid
conversion s ...)
+ TODO: check
+CVE-2025-33247 (NVIDIA Megatron LM contains a vulnerability in quantization
configurat ...)
+ TODO: check
+CVE-2025-33244 (NVIDIA APEX for Linux contains a vulnerability where an
unauthorized a ...)
+ TODO: check
+CVE-2025-33242 (NVIDIA B300 MCU contains a vulnerability in the CX8 MCU that
could all ...)
+ TODO: check
+CVE-2025-33238 (NVIDIA Triton Inference Server Sagemaker HTTP server contains
a vulner ...)
+ TODO: check
+CVE-2025-33216 (NVIDIA SNAP-4 Container contains a vulnerability in the
configuration ...)
+ TODO: check
+CVE-2025-33215 (NVIDIA SNAP-4 Container contains a vulnerability in the
VIRTIO-BLK com ...)
+ TODO: check
+CVE-2026-4371 (A malicious mail server could send malformed strings with
negative len ...)
- thunderbird <unfixed>
NOTE:
https://www.mozilla.org/en-US/security/advisories/mfsa2026-24/#CVE-2026-4371
-CVE-2026-3889
+CVE-2026-3889 (Spoofing issue in Thunderbird. This vulnerability affects
Thunderbird ...)
- thunderbird <unfixed>
NOTE:
https://www.mozilla.org/en-US/security/advisories/mfsa2026-24/#CVE-2026-3889
CVE-2026-3836
@@ -843,27 +1083,35 @@ CVE-2025-60946 (Census CSWeb 8.0.1 allows arbitrary file
path input. A remote, a
CVE-2025-41660 (A low-privileged remote attacker may be able to replace the
boot appli ...)
NOT-FOR-US: CODESYS
CVE-2026-4680 (Use after free in FedCM in Google Chrome prior to
146.0.7680.165 allow ...)
+ {DSA-6177-1}
- chromium 146.0.7680.164-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-4679 (Integer overflow in Fonts in Google Chrome prior to
146.0.7680.165 all ...)
+ {DSA-6177-1}
- chromium 146.0.7680.164-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-4678 (Use after free in WebGPU in Google Chrome prior to
146.0.7680.165 allo ...)
+ {DSA-6177-1}
- chromium 146.0.7680.164-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-4677 (Inappropriate implementation in WebAudio in Google Chrome prior
to 146 ...)
+ {DSA-6177-1}
- chromium 146.0.7680.164-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-4676 (Use after free in Dawn in Google Chrome prior to 146.0.7680.165
allowe ...)
+ {DSA-6177-1}
- chromium 146.0.7680.164-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-4675 (Heap buffer overflow in WebGL in Google Chrome prior to
146.0.7680.165 ...)
+ {DSA-6177-1}
- chromium 146.0.7680.164-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-4674 (Out of bounds read in CSS in Google Chrome prior to
146.0.7680.165 all ...)
+ {DSA-6177-1}
- chromium 146.0.7680.164-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-4673 (Heap buffer overflow in WebAudio in Google Chrome prior to
146.0.7680. ...)
+ {DSA-6177-1}
- chromium 146.0.7680.164-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2026-4647 (A flaw was found in the GNU Binutils BFD library, a widely used
compon ...)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/a7d9ccfec43f60877a56b6b6a56cd3025a7531bb
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/a7d9ccfec43f60877a56b6b6a56cd3025a7531bb
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
