Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
223ecc86 by security tracker role at 2026-04-06T19:14:44+00:00
automatic NOT-FOR-US entries update
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,17 +1,17 @@
CVE-2026-5704 (A flaw was found in tar. A remote attacker could exploit this
vulnerab ...)
TODO: check
CVE-2026-5678 (A weakness has been identified in Totolink A7100RU
7.4cu.2313_b2019102 ...)
- TODO: check
+ NOT-FOR-US: TOTOLINK
CVE-2026-5677 (A security flaw has been discovered in Totolink A7100RU
7.4cu.2313_b20 ...)
- TODO: check
+ NOT-FOR-US: TOTOLINK
CVE-2026-5676 (A vulnerability was identified in Totolink A8000R
5.9c.681_B20180413. ...)
- TODO: check
+ NOT-FOR-US: TOTOLINK
CVE-2026-5675 (A vulnerability was found in itsourcecode Construction
Management Syst ...)
- TODO: check
+ NOT-FOR-US: itsourcecode System
CVE-2026-5673 (A flaw was found in libtheora. This heap-based out-of-bounds
read vuln ...)
TODO: check
CVE-2026-5672 (A vulnerability has been found in code-projects Simple IT
Discussion F ...)
- TODO: check
+ NOT-FOR-US: code-projects
CVE-2026-5671 (A vulnerability was determined in Cyber-III
Student-Management-System ...)
TODO: check
CVE-2026-5670 (A vulnerability was found in Cyber-III
Student-Management-System up to ...)
@@ -21,9 +21,9 @@ CVE-2026-5669 (A vulnerability has been found in Cyber-III
Student-Management-Sy
CVE-2026-5668 (A flaw has been found in Cyber-III Student-Management-System up
to 1a9 ...)
TODO: check
CVE-2026-5666 (A vulnerability was detected in code-projects Online FIR System
1.0. A ...)
- TODO: check
+ NOT-FOR-US: code-projects
CVE-2026-5665 (A security vulnerability has been detected in code-projects
Online FIR ...)
- TODO: check
+ NOT-FOR-US: code-projects
CVE-2026-5664
REJECTED
CVE-2026-5663 (A security flaw has been discovered in OFFIS DCMTK up to 3.7.0.
This i ...)
@@ -31,21 +31,21 @@ CVE-2026-5663 (A security flaw has been discovered in OFFIS
DCMTK up to 3.7.0. T
CVE-2026-5661 (A vulnerability was identified in Free5GC 4.2.0. This affects
an unkno ...)
TODO: check
CVE-2026-5660 (A vulnerability was determined in itsourcecode Construction
Management ...)
- TODO: check
+ NOT-FOR-US: itsourcecode System
CVE-2026-5659 (A vulnerability was found in pytries datrie up to 0.8.3. The
affected ...)
TODO: check
CVE-2026-5650 (A vulnerability was found in code-projects Online Application
System f ...)
- TODO: check
+ NOT-FOR-US: code-projects
CVE-2026-5649 (A vulnerability has been found in code-projects Online
Application Sys ...)
- TODO: check
+ NOT-FOR-US: code-projects
CVE-2026-5648 (A flaw has been found in code-projects Simple Laundry System
1.0. This ...)
- TODO: check
+ NOT-FOR-US: code-projects
CVE-2026-5647 (A vulnerability was detected in code-projects Online Shoe Store
1.0. T ...)
- TODO: check
+ NOT-FOR-US: code-projects
CVE-2026-5646 (A security vulnerability has been detected in code-projects
Easy Blog ...)
- TODO: check
+ NOT-FOR-US: code-projects
CVE-2026-5645 (A weakness has been identified in projectworlds Car Rental
System 1.0. ...)
- TODO: check
+ NOT-FOR-US: Project Worlds
CVE-2026-5644 (A security flaw has been discovered in Cyber-III
Student-Management-Sy ...)
TODO: check
CVE-2026-5643 (A vulnerability was identified in Cyber-III
Student-Management-System ...)
@@ -53,21 +53,21 @@ CVE-2026-5643 (A vulnerability was identified in Cyber-III
Student-Management-Sy
CVE-2026-5642 (A vulnerability was determined in Cyber-III
Student-Management-System ...)
TODO: check
CVE-2026-5641 (A vulnerability was found in PHPGurukul Online Shopping Portal
Project ...)
- TODO: check
+ NOT-FOR-US: PHPGurukul
CVE-2026-5640 (A vulnerability has been found in PHPGurukul Online Shopping
Portal Pr ...)
- TODO: check
+ NOT-FOR-US: PHPGurukul
CVE-2026-5639 (A flaw has been found in PHPGurukul Online Shopping Portal
Project 2.1 ...)
- TODO: check
+ NOT-FOR-US: PHPGurukul
CVE-2026-5638 (A vulnerability was detected in HerikLyma CPPWebFramework up to
3.1. T ...)
TODO: check
CVE-2026-5637 (A security vulnerability has been detected in projectworlds Car
Rental ...)
- TODO: check
+ NOT-FOR-US: Project Worlds
CVE-2026-5636 (A weakness has been identified in PHPGurukul Online Shopping
Portal Pr ...)
- TODO: check
+ NOT-FOR-US: PHPGurukul
CVE-2026-5635 (A security flaw has been discovered in PHPGurukul Online
Shopping Port ...)
- TODO: check
+ NOT-FOR-US: PHPGurukul
CVE-2026-5634 (A vulnerability was identified in projectworlds Car Rental
Project 1.0 ...)
- TODO: check
+ NOT-FOR-US: Project Worlds
CVE-2026-5633 (A vulnerability was determined in assafelovic gpt-researcher up
to 3.4 ...)
TODO: check
CVE-2026-3524 (Mattermost Plugin Legal Hold versions <=1.1.4 fail to halt
request pro ...)
@@ -145,9 +145,9 @@ CVE-2026-34950 (fast-jwt provides fast JSON Web Token (JWT)
implementation. In 6
CVE-2026-34940 (KubeAI is an AI inference operator for kubernetes. Prior to
0.23.2, th ...)
TODO: check
CVE-2026-34897 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-34885 (Improper Neutralization of Special Elements used in an SQL
Command ('S ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin or theme
CVE-2026-34841 (Bruno is an open source IDE for exploring and testing APIs.
Prior to 3 ...)
TODO: check
CVE-2026-34783 (Ferret is a declarative system for working with web data.
Prior to 2.0 ...)
@@ -167,7 +167,7 @@ CVE-2026-34588 (OpenEXR provides the specification and
reference implementation
CVE-2026-34444 (Lupa integrates the runtimes of Lua or LuaJIT2 into CPython.
In 2.6 an ...)
TODO: check
CVE-2026-34402 (ChurchCRM is an open-source church management system. Prior to
7.1.0, ...)
- TODO: check
+ NOT-FOR-US: ChurchCRM
CVE-2026-34380 (OpenEXR provides the specification and reference
implementation of the ...)
TODO: check
CVE-2026-34379 (OpenEXR provides the specification and reference
implementation of the ...)
@@ -255,29 +255,29 @@ CVE-2026-26026 (GLPI is a free asset and IT management
software package. From 11
CVE-2026-25932 (GLPI is a Free Asset and IT Management Software package. From
0.60 to ...)
TODO: check
CVE-2026-21382 (Memory Corruption when handling power management requests with
imprope ...)
- TODO: check
+ NOT-FOR-US: Qualcomm
CVE-2026-21381 (Transient DOS when receiving a service data frame with
excessive lengt ...)
- TODO: check
+ NOT-FOR-US: Qualcomm
CVE-2026-21380 (Memory Corruption when using deprecated DMABUF IOCTL calls to
manage v ...)
- TODO: check
+ NOT-FOR-US: Qualcomm
CVE-2026-21378 (Memory Corruption when accessing an output buffer without
validating i ...)
- TODO: check
+ NOT-FOR-US: Qualcomm
CVE-2026-21376 (Memory Corruption when accessing an output buffer without
validating i ...)
- TODO: check
+ NOT-FOR-US: Qualcomm
CVE-2026-21375 (Memory Corruption when accessing an output buffer without
validating i ...)
- TODO: check
+ NOT-FOR-US: Qualcomm
CVE-2026-21374 (Memory Corruption when processing auxiliary sensor
input/output contro ...)
- TODO: check
+ NOT-FOR-US: Qualcomm
CVE-2026-21373 (Memory Corruption when accessing an output buffer without
validating i ...)
- TODO: check
+ NOT-FOR-US: Qualcomm
CVE-2026-21372 (Memory Corruption when sending IOCTL requests with invalid
buffer size ...)
- TODO: check
+ NOT-FOR-US: Qualcomm
CVE-2026-21371 (Memory Corruption when retrieving output buffer with
insufficient size ...)
- TODO: check
+ NOT-FOR-US: Qualcomm
CVE-2026-21367 (Transient DOS when processing nonstandard FILS Discovery
Frames with o ...)
- TODO: check
+ NOT-FOR-US: Qualcomm
CVE-2026-0049 (In onHeaderDecoded of LocalImageResolver.java, there is a
possible per ...)
- TODO: check
+ NOT-FOR-US: Android
CVE-2025-61166 (An open redirect in Ascertia SigningHub User v10.0 allows
attackers to ...)
TODO: check
CVE-2025-59440 (An issue was discovered in USIM in Samsung Mobile Processor,
Wearable ...)
@@ -289,19 +289,19 @@ CVE-2025-57835 (An issue was discovered in RRC in Samsung
Mobile Processor, Wear
CVE-2025-54324 (An issue was discovered in NAS in Samsung Mobile Processor,
Wearable P ...)
TODO: check
CVE-2025-48651 (N/A)
- TODO: check
+ NOT-FOR-US: Android
CVE-2025-47400 (Cryptographic issue while copying data to a destination buffer
without ...)
- TODO: check
+ NOT-FOR-US: Qualcomm
CVE-2025-47392 (Memory corruption when decoding corrupted satellite data files
with in ...)
- TODO: check
+ NOT-FOR-US: Qualcomm
CVE-2025-47391 (Memory corruption while processing a frame request from user.)
- TODO: check
+ NOT-FOR-US: Qualcomm
CVE-2025-47390 (Memory corruption while preprocessing IOCTL request in JPEG
driver.)
- TODO: check
+ NOT-FOR-US: Qualcomm
CVE-2025-47389 (Memory corruption when buffer copy operation fails due to
integer over ...)
- TODO: check
+ NOT-FOR-US: Qualcomm
CVE-2025-47374 (Memory Corruption when accessing freed memory due to
concurrent fence ...)
- TODO: check
+ NOT-FOR-US: Qualcomm
CVE-2024-14032 (Twitch Studio version 0.114.8 and prior contain a privilege
escalation ...)
TODO: check
CVE-2026-31410 (In the Linux kernel, the following vulnerability has been
resolved: k ...)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/223ecc86f788c8ce35822f4e29ea07743f086650
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/223ecc86f788c8ce35822f4e29ea07743f086650
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
