Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
e7ea0d57 by Salvatore Bonaccorso at 2026-05-06T08:08:22+02:00
Process some NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -23,7 +23,7 @@ CVE-2026-7833 (A weakness has been identified in EFM ipTIME
C200 up to 1.092. Th
CVE-2026-7832 (A security flaw has been discovered in IObit Advanced
SystemCare 19. T ...)
NOT-FOR-US: IObit
CVE-2026-7778 (An issue that could allow a dashboard configuration to be
viewed from ...)
- TODO: check
+ NOT-FOR-US: runZero
CVE-2026-7412 (In Eclipse BaSyx Java Server SDK versions prior to
2.0.0-milestone-10, ...)
TODO: check
CVE-2026-7411 (In Eclipse BaSyx Java Server SDK versions prior to
2.0.0-milestone-10, ...)
@@ -116,9 +116,9 @@ CVE-2026-38431 (ERPNext v15.103.1 and before is vulnerable
to Server-Side Templa
CVE-2026-38429 (OpenCMS v20 and before is vulnerable to XML External Entity
(XXE) in t ...)
NOT-FOR-US: OpenCMS
CVE-2026-38428 (Kestra v1.3.3 and before is vulnerable to SQL Injection. The
vulnerabi ...)
- TODO: check
+ NOT-FOR-US: Kestra
CVE-2026-36356 (The GoAhead web server on MeiG Smart FORGE_SLT711 devices
(firmware MD ...)
- TODO: check
+ NOT-FOR-US: MeiG Smart FORGE_SLT711 devices
CVE-2026-36355 (The rtl8192cd Wi-Fi kernel driver in the Realtek rtl819x
Jungle SDK (a ...)
TODO: check
CVE-2026-34408 (An issue was discovered in Gambio 4.9.2.0 (patched in 2024-02
v1.0.0 f ...)
@@ -128,14 +128,14 @@ CVE-2026-32689 (Allocation of Resources Without Limits or
Throttling vulnerabili
CVE-2026-31835 (Vaultwarden is a Bitwarden-compatible server written in Rust.
In versi ...)
TODO: check
CVE-2026-31196 (The traceroute diagnostic handler in /bin/httpd_clientside for
ALTICE ...)
- TODO: check
+ NOT-FOR-US: ALTICE
CVE-2026-31195 (The ping diagnostic handler in /bin/httpd_clientside for
ALTICE LABS / ...)
- TODO: check
+ NOT-FOR-US: ALTICE
CVE-2026-30923 (ModSecurity is an open source, cross platform web application
firewall ...)
- modsecurity <unfixed>
NOTE:
https://github.com/owasp-modsecurity/ModSecurity/security/advisories/GHSA-qrjc-3jpc-3h2g
CVE-2026-30246 (Fiber is a web framework for Go. In
github.com/gofiber/fiber/v3 versio ...)
- TODO: check
+ NOT-FOR-US: Fiber
CVE-2026-29168 (Allocation of Resources Without Limits or Throttling
vulnerability in ...)
- apache2 2.4.67-1
NOTE:
https://httpd.apache.org/security/vulnerabilities_24.html#CVE-2026-29168
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/e7ea0d5774f293f6fed4bc398838f147fe25a2ac
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/e7ea0d5774f293f6fed4bc398838f147fe25a2ac
You're receiving this email because of your account on salsa.debian.org. Manage
all notifications: https://salsa.debian.org/-/profile/notifications | Help:
https://salsa.debian.org/help
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
