Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
6789ffb1 by Salvatore Bonaccorso at 2026-05-06T08:56:06+02:00
Process some NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -144,19 +144,19 @@ CVE-2026-29168 (Allocation of Resources Without Limits or
Throttling vulnerabili
NOTE:
https://httpd.apache.org/security/vulnerabilities_24.html#CVE-2026-29168
NOTE:
https://github.com/apache/httpd/commit/5b1edb79aa2d0f8e4424de64879c46c1942e460a
(2.4.67-rc1-candidate)
CVE-2026-28510 (eLabFTW is an open source electronic lab notebook. In elabftw
versions ...)
- TODO: check
+ NOT-FOR-US: eLabFTW
CVE-2026-27960 (OpenCTI is an open source platform for managing cyber threat
intellige ...)
- TODO: check
+ NOT-FOR-US: OpenCTI
CVE-2026-27694 (Traccar is an open source GPS tracking system. In
org.traccar:traccar ...)
- TODO: check
+ NOT-FOR-US: Traccar
CVE-2026-27693 (Traccar is an open source GPS tracking system. In
org.traccar:traccar ...)
- TODO: check
+ NOT-FOR-US: Traccar
CVE-2026-27644 (Traccar is an open source GPS tracking system. In versions
between 6.1 ...)
- TODO: check
+ NOT-FOR-US: Traccar
CVE-2026-25589 (RedisBloom is a probabilistic data structures module for
Redis. In all ...)
- TODO: check
+ NOT-FOR-US: RedisBloom
CVE-2026-25588 (RedisTimeSeries is a time-series module for Redis. In all
versions bef ...)
- TODO: check
+ NOT-FOR-US: RedisTimeSeries Redis module
CVE-2026-25243 (Redis is an in-memory data structure store. In versions of
redis-serve ...)
TODO: check
CVE-2026-23631 (Redis is an in-memory data structure store. In all versions of
redis-s ...)
@@ -164,23 +164,23 @@ CVE-2026-23631 (Redis is an in-memory data structure
store. In all versions of r
CVE-2026-23479 (Redis is an in-memory data structure store. In redis-server
from 7.2.0 ...)
TODO: check
CVE-2025-66369 (An issue was discovered in MM in Samsung Mobile Processor,
Wearable Pr ...)
- TODO: check
+ NOT-FOR-US: Samsung
CVE-2025-61669 (Jupyter Server is the backend for Jupyter web applications. In
jupyter ...)
TODO: check
CVE-2025-52206 (ISPConfig 3.3.0 is vulnerable to Cross Site Scripting (XSS)
via the sy ...)
- TODO: check
+ NOT-FOR-US: ISPConfig
CVE-2025-42611 (RouterOS provides various services that rely on correct
verification o ...)
- TODO: check
+ NOT-FOR-US: RouterOS
CVE-2023-54349 (AmazCart CMS 3.4 contains a reflected cross-site scripting
vulnerabili ...)
- TODO: check
+ NOT-FOR-US: AmazCart CMS
CVE-2023-54348 (ERPGo SaaS 3.9 contains a CSV injection vulnerability that
allows auth ...)
- TODO: check
+ NOT-FOR-US: ERPGo SaaS
CVE-2023-54347 (OpenEMR 7.0.1 contains an authentication brute force
vulnerability tha ...)
NOT-FOR-US: OpenEMR
CVE-2023-54346 (WordPress Plugin Backup Migration 1.2.8 contains an
information disclo ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2023-54345 (Frappe Framework ERPNext 13.4.0 contains a sandbox escape
vulnerabilit ...)
- TODO: check
+ NOT-FOR-US: Frappe Framework ERPNext
CVE-2023-54344 (Eclipse Equinox OSGi 3.7.2 and earlier contains a remote code
executio ...)
TODO: check
CVE-2023-54342 (Eclipse Equinox OSGi versions 3.8 through 3.18 contain a
remote code e ...)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/6789ffb14545e2b6fd7226d85e8669cab1577ee4
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/6789ffb14545e2b6fd7226d85e8669cab1577ee4
You're receiving this email because of your account on salsa.debian.org. Manage
all notifications: https://salsa.debian.org/-/profile/notifications | Help:
https://salsa.debian.org/help
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
