Moritz Muehlenhoff pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
9616802b by Moritz Muehlenhoff at 2026-05-06T22:52:48+02:00
NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -422,15 +422,15 @@ CVE-2026-42509 (Improper Neutralization of Input During
Web Page Generation ('Cr
CVE-2026-42503 (gopls by default communicates via pipe. However, -port and
-listen fla ...)
TODO: check
CVE-2026-41938 (Vvveb before version 1.0.8.2 contains an unrestricted file
upload vuln ...)
- TODO: check
+ NOT-FOR-US: Vvveb CMS
CVE-2026-41936 (Vvveb before version 1.0.8.2 contains an XML external entity
(XXE) inj ...)
- TODO: check
+ NOT-FOR-US: Vvveb CMS
CVE-2026-41934 (Vvveb before version 1.0.8.2 contains an authenticated remote
code exe ...)
- TODO: check
+ NOT-FOR-US: Vvveb CMS
CVE-2026-41931 (Vvveb before version 1.0.8.2 contains an information
disclosure vulner ...)
- TODO: check
+ NOT-FOR-US: Vvveb CMS
CVE-2026-41930 (Vvveb before version 1.0.8.2 contains a hard-coded credentials
vulnera ...)
- TODO: check
+ NOT-FOR-US: Vvveb CMS
CVE-2026-41288 (Incorrect permission assignment for a resource in the patch
management ...)
NOT-FOR-US: WatchGuard
CVE-2026-41287 (Stack-based Buffer Overflow vulnerability in the WatchGuard
Agent disc ...)
@@ -450,9 +450,9 @@ CVE-2026-35254 (Vulnerability in the Oracle OCI CLI product
of Oracle Open Sourc
CVE-2026-35253 (Vulnerability in the Oracle Macoron Tool product of Oracle
Open Source ...)
TODO: check
CVE-2026-34474 (Sensitive data exposure leading to admin/WLAN credential leak
in ZTE Z ...)
- TODO: check
+ NOT-FOR-US: ZTE
CVE-2026-34473 (Unauthenticated DoS in ZTE H8102E, H168N, H167A, H199A, H288A,
H198A, ...)
- TODO: check
+ NOT-FOR-US: ZTE
CVE-2026-33079 (In versions 3.0.0a1 through 3.2.0 of Mistune, there is a ReDoS
(Regula ...)
TODO: check
CVE-2026-29090 (### Summary A SQL injection vulnerability exists in Rucio
versions 1. ...)
@@ -478,21 +478,21 @@ CVE-2026-20193 (A vulnerability in the RADIUS Policy API
endpoints of Cisco ISE
CVE-2026-20189 (A vulnerability in the log file download functionality of
Cisco Prime ...)
NOT-FOR-US: Cisco
CVE-2026-20188 (A vulnerability in the connection-handling mechanism of Cisco
Crosswor ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2026-20185 (A vulnerability in the Simple Network Management Protocol
(SNMP) subsy ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2026-20172 (A vulnerability in the Lite Agent feature of Cisco Enterprise
Chat and ...)
NOT-FOR-US: Cisco
CVE-2026-20169 (A vulnerability in the web-based management interface of Cisco
IoT Fie ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2026-20168 (A vulnerability in the web-based management interface of Cisco
IoT Fie ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2026-20167 (A vulnerability in the web-based management interface of Cisco
IoT Fie ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2026-20035 (A vulnerability in the web UI of Cisco Unity Connection Web
Inbox coul ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2026-20034 (A vulnerability in the web-based management interface of Cisco
Unity C ...)
- TODO: check
+ NOT-FOR-US: Cisco
CVE-2026-1719 (The Gravity Bookings Premium plugin for WordPress is vulnerable
to SQL ...)
NOT-FOR-US: WordPress plugin
CVE-2026-0300 (A buffer overflow vulnerability in the User-ID\u2122
Authentication Po ...)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/9616802b799e163ddc48ff12ea8dd27d4c6d829b
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/9616802b799e163ddc48ff12ea8dd27d4c6d829b
You're receiving this email because of your account on salsa.debian.org. Manage
all notifications: https://salsa.debian.org/-/profile/notifications | Help:
https://salsa.debian.org/help
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
