Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
784b32e1 by Salvatore Bonaccorso at 2026-04-02T09:01:18+02:00
Process some NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -105,9 +105,9 @@ CVE-2026-34072 (Cr*nMaster (cronmaster) is a Cronjob
management UI with human re
CVE-2026-33990 (Docker Model Runner (DMR) is software used to manage, run, and
deploy ...)
TODO: check
CVE-2026-33978 (Notesnook is a note-taking app focused on user privacy & ease
of use. ...)
- TODO: check
+ NOT-FOR-US: Notesnook
CVE-2026-33949 (Tina is a headless content management system. Prior to version
2.2.2, ...)
- TODO: check
+ NOT-FOR-US: Tina CMS
CVE-2026-31027 (TOTOlink A3600R v5.9c.4959 contains a buffer overflow
vulnerability in ...)
NOT-FOR-US: TOTOLINK
CVE-2026-30643 (An issue was discovered in DedeCMS 5.7.118 allowing attackers
to execu ...)
@@ -125,17 +125,17 @@ CVE-2026-30292 (An arbitrary file overwrite vulnerability
in Docudepot PDF Reade
CVE-2026-30291 (An arbitrary file overwrite vulnerability in Ora Tools PDF
Reader ' Re ...)
TODO: check
CVE-2026-30289 (An arbitrary file overwrite vulnerability in Tinybeans Private
Family ...)
- TODO: check
+ NOT-FOR-US: Tinybeans Private Family Album App
CVE-2026-30287 (An arbitrary file overwrite vulnerability in Deep Thought
Industries A ...)
- TODO: check
+ NOT-FOR-US: Deep Thought Industries ACE Scanner PDF Scanner
CVE-2026-30273 (pandas-ai v3.0.0 was discovered to contain a SQL injection
vulnerabili ...)
- TODO: check
+ NOT-FOR-US: pandas-ai
CVE-2026-2265 (An unauthenticated remote code execution (RCE) vulnerability
exists in ...)
TODO: check
CVE-2026-29598 (Multiple stored cross-site scripting (XSS) vulnerabilities in
the subm ...)
- TODO: check
+ NOT-FOR-US: Acora CMS
CVE-2026-29014 (MetInfo CMS versions 7.9, 8.0, and 8.1 contain an
unauthenticated PHP ...)
- TODO: check
+ NOT-FOR-US: MetInfo CMS
CVE-2026-28265 (PowerStore, contains a Path Traversal vulnerability in the
Service use ...)
NOT-FOR-US: Dell / EMC
CVE-2026-27489 (Open Neural Network Exchange (ONNX) is an open standard for
machine le ...)
@@ -415,7 +415,7 @@ CVE-2026-3469 (A denial-of-service (DoS) vulnerability
exists due to improper in
CVE-2026-3468 (A stored Cross-Site Scripting (XSS) vulnerability has been
identified ...)
NOT-FOR-US: SonicWall
CVE-2026-3356 (The MS27102A Remote Spectrum Monitor is vulnerable to an
authenticatio ...)
- TODO: check
+ NOT-FOR-US: MS27102A Remote Spectrum Monitor
CVE-2026-3308 (An integer overflow vulnerability in 'pdf-image.c' in Artifex's
MuPDF ...)
TODO: check
CVE-2026-3191 (The Minify HTML plugin for WordPress is vulnerable to
Cross-Site Reque ...)
@@ -719,15 +719,15 @@ CVE-2026-30521 (A Business Logic vulnerability exists in
SourceCodester Loan Man
CVE-2026-30520 (A Blind SQL Injection vulnerability exists in SourceCodester
Loan Mana ...)
NOT-FOR-US: SourceCodester
CVE-2026-30314 (Ridvay Code's command auto-approval module contains a critical
OS comm ...)
- TODO: check
+ NOT-FOR-US: Ridvay Code
CVE-2026-30312 (DSAI-Cline's command auto-approval module contains a critical
OS comma ...)
- TODO: check
+ NOT-FOR-US: DSAI-Cline
CVE-2026-30311 (Ridvay Code's command auto-approval module contains a critical
OS comm ...)
- TODO: check
+ NOT-FOR-US: Ridvay Code
CVE-2026-30310 (In its design for automatic terminal command execution, Sixth
offers t ...)
TODO: check
CVE-2026-30309 (InfCode's terminal auto-execution module contains a critical
command f ...)
- TODO: check
+ NOT-FOR-US: InfCode
CVE-2026-30290 (An arbitrary file overwrite vulnerability in InTouch Contacts
& Caller ...)
TODO: check
CVE-2026-30286 (An arbitrary file overwrite vulnerability in Funambol, Inc.
Zefiro Clo ...)
@@ -737,17 +737,17 @@ CVE-2026-30285 (An arbitrary file overwrite vulnerability
in Zora: Post, Trade,
CVE-2026-30284 (An arbitrary file overwrite vulnerability in UXGROUP LLC Voice
Recorde ...)
TODO: check
CVE-2026-30283 (An arbitrary file overwrite vulnerability in PEAKSEL D.O.O.
NIS Animal ...)
- TODO: check
+ NOT-FOR-US: PEAKSEL
CVE-2026-30282 (An arbitrary file overwrite vulnerability in UXGROUP LLC Cast
to TV Sc ...)
- TODO: check
+ NOT-FOR-US: UXGROUP LLC Cast to TV Screen Mirroring
CVE-2026-30281 (An arbitrary file overwrite vulnerability in MaruNuri LLC
v2.0.23 allo ...)
- TODO: check
+ NOT-FOR-US: MaruNuri LLC
CVE-2026-30280 (An arbitrary file overwrite vulnerability in RAREPROB
SOLUTIONS PRIVAT ...)
- TODO: check
+ NOT-FOR-US: RAREPROB SOLUTIONS PRIVATE LIMITED Video player Play All
Videos
CVE-2026-30279 (An arbitrary file overwrite vulnerability in Squareapps LLC My
Locatio ...)
- TODO: check
+ NOT-FOR-US: Squareapps LLC My Location Travel Timeline
CVE-2026-30278 (An arbitrary file overwrite vulnerability in FLY is FUN
Aviation Navig ...)
- TODO: check
+ NOT-FOR-US: FLY is FUN Aviation Navigation
CVE-2026-30277 (An arbitrary file overwrite vulnerability in PDF Reader App :
TA/UTAX ...)
TODO: check
CVE-2026-30276 (An arbitrary file overwrite vulnerability in DeftPDF Document
Translat ...)
@@ -763,7 +763,7 @@ CVE-2026-2394 (Buffer Over-read vulnerability in RTI
Connext Professional (Core
CVE-2026-2123 (A security audit identified a privilege escalation
vulnerability in Op ...)
NOT-FOR-US: OpenText
CVE-2026-29870 (A directory traversal vulnerability in the
agentic-context-engine proj ...)
- TODO: check
+ NOT-FOR-US: agentic-context-engine project
CVE-2026-24165 (NVIDIA BioNeMo contains a vulnerability where a user could
cause a des ...)
TODO: check
CVE-2026-24164 (NVIDIA BioNeMo contains a vulnerability where a user could
cause a des ...)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/784b32e1f0546a542da23389ec5f986c1f6f7a72
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/784b32e1f0546a542da23389ec5f986c1f6f7a72
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
