Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits: e7bd64b4 by security tracker role at 2026-05-12T19:24:51+00:00 automatic update - - - - - 1 changed file: - data/CVE/list Changes: ===================================== data/CVE/list ===================================== @@ -1,9 +1,767 @@ +CVE-2026-8431 (An administrative user with access to configure webhooks can execute a ...) + TODO: check +CVE-2026-8430 (SPIP versions prior to 4.4.14 contain a remote code execution vulnerab ...) + TODO: check +CVE-2026-8429 (SPIP versions prior to 4.4.14 contain a remote code execution vulnerab ...) + TODO: check +CVE-2026-8407 (Missing authorization in the PAM module in Devolutions Server allows a ...) + TODO: check +CVE-2026-8401 (Sandbox escape in the Profile Backup component. This vulnerability was ...) + TODO: check +CVE-2026-8391 (Other issue in the JavaScript Engine component. This vulnerability was ...) + TODO: check +CVE-2026-8390 (Use-after-free in the JavaScript: WebAssembly component. This vulnerab ...) + TODO: check +CVE-2026-8389 (JIT miscompilation in the JavaScript Engine: JIT component. This vulne ...) + TODO: check +CVE-2026-8388 (Incorrect boundary conditions in the JavaScript Engine: JIT component. ...) + TODO: check +CVE-2026-8368 (LWP::UserAgent versions before 6.83 for Perl leak Authorization and Pr ...) + TODO: check +CVE-2026-8278 + REJECTED +CVE-2026-8162 ([email protected] and lower versions are vulnerable to denial of servic ...) + TODO: check +CVE-2026-8161 ([email protected] and lower versions are vulnerable to denial of servic ...) + TODO: check +CVE-2026-8159 ([email protected] and lower versions are vulnerable to denial of servic ...) + TODO: check +CVE-2026-8111 (SQL injection in the web consoleof Ivanti Endpoint Managerbefore versi ...) + TODO: check +CVE-2026-8110 (Incorrect permissions assignment inthe agent ofIvanti Endpoint Manager ...) + TODO: check +CVE-2026-8109 (An exposed dangerous methodonthe Core Server ofIvanti Endpoint Manager ...) + TODO: check +CVE-2026-8072 (Insecure generation of credentials in the local SAT (Technical Support ...) + TODO: check +CVE-2026-8051 (OS command injection in Ivanti Virtual Traffic Manager before version ...) + TODO: check +CVE-2026-8043 (External control of a file name in Ivanti Xtraction before version 202 ...) + TODO: check +CVE-2026-7661 (The Bootstrap Shortcode plugin for WordPress is vulnerable to Stored C ...) + TODO: check +CVE-2026-7659 (The Advanced Social Media Icons plugin for WordPress is vulnerable to ...) + TODO: check +CVE-2026-7626 (The Slek Gateway for WooCommerce plugin for WordPress is vulnerable to ...) + TODO: check +CVE-2026-7616 (The Zawgyi Embed plugin for WordPress is vulnerable to Cross-Site Requ ...) + TODO: check +CVE-2026-7562 (The WP-Redirection plugin for WordPress is vulnerable to Cross-Site Re ...) + TODO: check +CVE-2026-7561 (The Tm \u2013 WordPress Redirection plugin for WordPress is vulnerable ...) + TODO: check +CVE-2026-7464 (The WP Google Maps Integration plugin for WordPress is vulnerable to R ...) + TODO: check +CVE-2026-7437 (The AzonPost plugin for WordPress is vulnerable to Reflected Cross-Sit ...) + TODO: check +CVE-2026-7432 (A race condition in Ivanti Secure Access Client before 22.8R6 allows a ...) + TODO: check +CVE-2026-7431 (An incorrect permission assignment for critical resource of Ivanti Sec ...) + TODO: check +CVE-2026-7428 (Prior to 2025-11-03,well-intended users of Terraform or REST API for G ...) + TODO: check +CVE-2026-7050 (The Forms Rb plugin for WordPress is vulnerable to authorization bypas ...) + TODO: check +CVE-2026-6932 (The Woo Commerce Minimum Weight plugin for WordPress is vulnerable to ...) + TODO: check +CVE-2026-6913 (The Shortcodely plugin for WordPress is vulnerable to Stored Cross-Sit ...) + TODO: check +CVE-2026-6866 (CWE-1188 Initialization of a Resource with an Insecure Default vulnera ...) + TODO: check +CVE-2026-6865 (CWE-22: Improper Limitation of a Pathname to a Restricted Directory (\ ...) + TODO: check +CVE-2026-6813 (The Continually plugin for WordPress is vulnerable to Stored Cross-Sit ...) + TODO: check +CVE-2026-6808 (The Pricing Tables for WP plugin for WordPress is vulnerable to Reflec ...) + TODO: check +CVE-2026-6800 (The FastBots plugin for WordPress is vulnerable to Stored Cross-Site S ...) + TODO: check +CVE-2026-6710 (The Skysa Text Ticker App plugin for WordPress is vulnerable to Cross- ...) + TODO: check +CVE-2026-6709 (The Coinbase Commerce for Contact Form 7 plugin for WordPress is vulne ...) + TODO: check +CVE-2026-6708 (The HEL Online Classroom: AI-powered Online Classrooms plugin for Word ...) + TODO: check +CVE-2026-6690 (The LifePress plugin for WordPress is vulnerable to Stored Cross-Site ...) + TODO: check +CVE-2026-6663 (The GWD Connect plugin for WordPress is vulnerable to missing authoriz ...) + TODO: check +CVE-2026-6402 (webpack-dev-server versions up to and including 5.2.3 are vulnerable t ...) + TODO: check +CVE-2026-6256 (The Credits Shortcode plugin for WordPress is vulnerable to Stored Cro ...) + TODO: check +CVE-2026-6247 (The scratchblocks for WP plugin for WordPress is vulnerable to Stored ...) + TODO: check +CVE-2026-6237 (The Quick Table plugin for WordPress is vulnerable to Stored Cross-Sit ...) + TODO: check +CVE-2026-6001 (Authorization bypass through User-Controlled key vulnerability in ABIS ...) + TODO: check +CVE-2026-5715 (The Voyage Plus plugin for WordPress is vulnerable to Stored Cross-Sit ...) + TODO: check +CVE-2026-5693 (The Smart Appointment & Booking plugin for WordPress is vulnerable to ...) + TODO: check +CVE-2026-5340 (The Fancy Image Show plugin for WordPress is vulnerable to Stored Cros ...) + TODO: check +CVE-2026-5146 (Improper access control in the notification management endpoints in De ...) + TODO: check +CVE-2026-5061 (The consul-template library before version 0.42.0 is vulnerable to a s ...) + TODO: check +CVE-2026-5029 (A remote code execution vulnerability exists inCode Runner MCP Server ...) + TODO: check +CVE-2026-5028 (The Eight Day Week Print Workflow plugin for WordPress is vulnerable t ...) + TODO: check +CVE-2026-4920 (The Next Date plugin for WordPress is vulnerable to Stored Cross-Site ...) + TODO: check +CVE-2026-4859 (The SP Blog Designer plugin for WordPress is vulnerable to Stored Cros ...) + TODO: check +CVE-2026-4827 (CWE\u2011331 Insufficient Entropy vulnerability exists that could lead ...) + TODO: check +CVE-2026-4663 (The iPOSpays Gateways WC plugin for WordPress is vulnerable to Missing ...) + TODO: check +CVE-2026-4301 (The Rate Star Review Vote - AJAX Reviews, Votes, Star Ratings plugin f ...) + TODO: check +CVE-2026-45218 (Improper Neutralization of Special Elements used in an SQL Command ('S ...) + TODO: check +CVE-2026-45215 (Insertion of Sensitive Information Into Sent Data vulnerability in Saa ...) + TODO: check +CVE-2026-45214 (Improper Neutralization of Special Elements used in an SQL Command ('S ...) + TODO: check +CVE-2026-45213 (Improper Neutralization of Special Elements used in an SQL Command ('S ...) + TODO: check +CVE-2026-45212 (Missing Authorization vulnerability in Gabe Livan Asset CleanUp: Page ...) + TODO: check +CVE-2026-45211 (Improper Neutralization of Special Elements used in an SQL Command ('S ...) + TODO: check +CVE-2026-45210 (Missing Authorization vulnerability in Broadstreet Broadstreet Ads bro ...) + TODO: check +CVE-2026-45091 (sealed-env is a cross-stack, zero-trust secret management library for ...) + TODO: check +CVE-2026-44412 (A vulnerability has been identified in Solid Edge SE2026 (All versions ...) + TODO: check +CVE-2026-44411 (A vulnerability has been identified in Solid Edge SE2026 (All versions ...) + TODO: check +CVE-2026-44343 (WGDashboard is a dashboard for WireGuard VPN. Prior to 4.3.2, there ar ...) + TODO: check +CVE-2026-44279 (A improper export of android application components vulnerability in F ...) + TODO: check +CVE-2026-44278 (A use of hard-coded cryptographic key vulnerability in Fortinet FortiC ...) + TODO: check +CVE-2026-44277 (A improper access control vulnerability in Fortinet FortiAuthenticator ...) + TODO: check +CVE-2026-44204 (Shelf is a platform for tracking physical assets. From 1.12 to before ...) + TODO: check +CVE-2026-44196 (Pingvin Share X is a secure and easy self-hosted file sharing platform ...) + TODO: check +CVE-2026-44184 (Cleanuparr is a tool for automating the cleanup of unwanted or blocked ...) + TODO: check +CVE-2026-44183 (Cleanuparr is a tool for automating the cleanup of unwanted or blocked ...) + TODO: check +CVE-2026-44167 (phpseclib is a PHP secure communications library. Prior to 1.0.29, 2.0 ...) + TODO: check +CVE-2026-44166 (Pocketbase is an open source web backend written in go. Prior to 0.22. ...) + TODO: check +CVE-2026-43993 (JunoClaw is an agentic AI platform built on Juno Network. Prior to 0.x ...) + TODO: check +CVE-2026-43992 (JunoClaw is an agentic AI platform built on Juno Network. Prior to 0.x ...) + TODO: check +CVE-2026-43991 (JunoClaw is an agentic AI platform built on Juno Network. Prior to 0.x ...) + TODO: check +CVE-2026-43990 (JunoClaw is an agentic AI platform built on Juno Network. Prior to 0.x ...) + TODO: check +CVE-2026-43989 (JunoClaw is an agentic AI platform built on Juno Network. Prior to 0.x ...) + TODO: check +CVE-2026-43983 (Pocket ID is an OIDC provider that allows users to authenticate with t ...) + TODO: check +CVE-2026-43939 (YetAnotherForum.NET (YAF.NET) is a C# ASP.NET forum. Prior to 4.0.5 an ...) + TODO: check +CVE-2026-43938 (YetAnotherForum.NET (YAF.NET) is a C# ASP.NET forum. Prior to 4.0.5 an ...) + TODO: check +CVE-2026-43937 (YetAnotherForum.NET (YAF.NET) is a C# ASP.NET forum. Prior to 4.0.5, A ...) + TODO: check +CVE-2026-43930 (Parse Server is an open source backend that can be deployed to any inf ...) + TODO: check +CVE-2026-43929 (ssrfcheck is a library that checks if a string contains a potential SS ...) + TODO: check +CVE-2026-43916 (pam_authnft is a PAM session module binding nftables firewall rules to ...) + TODO: check +CVE-2026-43892 (AntSword is a cross-platform website management toolkit. Prior to 2.1. ...) + TODO: check +CVE-2026-43891 (changedetection.io is a free open source web page change detection too ...) + TODO: check +CVE-2026-43515 (Improper Authorization vulnerability when multiple method constraints ...) + TODO: check +CVE-2026-43514 (Observable Timing Discrepancy vulnerabilitywhen comparing AJP secret i ...) + TODO: check +CVE-2026-43513 (Improper Handling of Case Sensitivity vulnerability in LockOutRealm in ...) + TODO: check +CVE-2026-43512 (DEPRECATED: Authentication Bypass Issues vulnerability in digest authe ...) + TODO: check +CVE-2026-42899 (Loop with unreachable exit condition ('infinite loop') in ASP.NET Core ...) + TODO: check +CVE-2026-42898 (Improper control of generation of code ('code injection') in Microsoft ...) + TODO: check +CVE-2026-42896 (Integer overflow or wraparound in Windows DWM Core Library allows an a ...) + TODO: check +CVE-2026-42893 (Improper neutralization of special elements used in a command ('comman ...) + TODO: check +CVE-2026-42891 (User interface (ui) misrepresentation of critical information in Micro ...) + TODO: check +CVE-2026-42838 (Improper neutralization of special elements in output used by a downst ...) + TODO: check +CVE-2026-42833 (Execution with unnecessary privileges in Microsoft Dynamics 365 (on-pr ...) + TODO: check +CVE-2026-42832 (Improper access control in Microsoft Office allows an unauthorized att ...) + TODO: check +CVE-2026-42831 (Heap-based buffer overflow in Microsoft Office allows an unauthorized ...) + TODO: check +CVE-2026-42830 (Untrusted search path in Azure Monitor Agent allows an authorized atta ...) + TODO: check +CVE-2026-42825 (Use after free in Windows Telephony Service allows an authorized attac ...) + TODO: check +CVE-2026-42823 (Improper access control in Azure Logic Apps allows an authorized attac ...) + TODO: check +CVE-2026-42742 (Improper Neutralization of Special Elements used in an SQL Command ('S ...) + TODO: check +CVE-2026-42741 (Improper Neutralization of Special Elements used in an SQL Command ('S ...) + TODO: check +CVE-2026-42541 (Kubewarden is a policy engine for Kubernetes. Prior to , An attacker w ...) + TODO: check +CVE-2026-42498 (Exposure of HTTP Authentication Header to unexpected hosts during WebS ...) + TODO: check +CVE-2026-42348 (OpenTelemetry.OpAmp.Client is the OpAMP client for OpenTelemetry .NET. ...) + TODO: check +CVE-2026-42303 (Fides is an open-source privacy engineering platform. From 2.75.0 to b ...) + TODO: check +CVE-2026-42300 (DevGuard provides vulnerability management for the full software suppl ...) + TODO: check +CVE-2026-42260 (Open-WebSearch is a multi-engine MCP server, CLI, and local daemon for ...) + TODO: check +CVE-2026-42177 (linux-entra-sso is a browser plugin for Linux to SSO on Microsoft Entr ...) + TODO: check +CVE-2026-42175 (requests-hardened is a library that overrides the default behaviors of ...) + TODO: check +CVE-2026-42141 (Xibo is an open source digital signage platform with a web content man ...) + TODO: check +CVE-2026-42048 (Langflow is a tool for building and deploying AI-powered agents and wo ...) + TODO: check +CVE-2026-42045 (LobeHub is a work-and-lifestyle space to find, build, and collaborate ...) + TODO: check +CVE-2026-42006 (An attacker can cause uncontrolled memory usage with excessive bracing ...) + TODO: check +CVE-2026-41895 (changedetection.io is a free open source web page change detection too ...) + TODO: check +CVE-2026-41713 (A malicious user could craft input that is stored in conversation memo ...) + TODO: check +CVE-2026-41712 (Spring AI's chat memory component contained a problematic default that ...) + TODO: check +CVE-2026-41614 (Improper access control in M365 Copilot for Desktop allows an unauthor ...) + TODO: check +CVE-2026-41613 (Session fixation in Visual Studio Code allows an unauthorized attacker ...) + TODO: check +CVE-2026-41612 (Relative path traversal in Visual Studio Code allows an unauthorized a ...) + TODO: check +CVE-2026-41611 (Improper neutralization of script-related html tags in a web page (bas ...) + TODO: check +CVE-2026-41610 (Improper neutralization of input during web page generation ('cross-si ...) + TODO: check +CVE-2026-41551 (A vulnerability has been identified in ROS# (All versions < V2.2.2). A ...) + TODO: check +CVE-2026-41513 (Horilla is an HR and CRM software. In 1.5.0, the notification endpoint ...) + TODO: check +CVE-2026-41293 (Improper Input Validation vulnerability in Apache Tomcat. This issue ...) + TODO: check +CVE-2026-41284 (Allocation of Resources Without Limits or Throttling vulnerability in ...) + TODO: check +CVE-2026-41125 (A vulnerability has been identified in blueplanet 100 NX3 M8 (All vers ...) + TODO: check +CVE-2026-41109 (Improper neutralization of special elements in output used by a downst ...) + TODO: check +CVE-2026-41107 (External control of file name or path in Microsoft Edge (Chromium-base ...) + TODO: check +CVE-2026-41103 (Incorrect implementation of authentication algorithm in Microsoft SSO ...) + TODO: check +CVE-2026-41102 (Improper access control in Microsoft Office PowerPoint allows an autho ...) + TODO: check +CVE-2026-41101 (Improper access control in Microsoft Office Word allows an authorized ...) + TODO: check +CVE-2026-41100 (Improper access control in M365 Copilot allows an authorized attacker ...) + TODO: check +CVE-2026-41097 (Reliance on a component that is not updateable in Windows Secure Boot ...) + TODO: check +CVE-2026-41096 (Heap-based buffer overflow in Microsoft Windows DNS allows an unauthor ...) + TODO: check +CVE-2026-41095 (Use after free in Data Deduplication allows an authorized attacker to ...) + TODO: check +CVE-2026-41094 (Improper control of generation of code ('code injection') in Microsoft ...) + TODO: check +CVE-2026-41089 (Stack-based buffer overflow in Windows Netlogon allows an unauthorized ...) + TODO: check +CVE-2026-41088 (External control of file name or path in Windows Ancillary Function Dr ...) + TODO: check +CVE-2026-41086 (Improper access control in Windows Admin Center allows an authorized a ...) + TODO: check +CVE-2026-40638 (Dell PowerScale InsightIQ, versions 5.0.0 through 6.2.0, contains an e ...) + TODO: check +CVE-2026-40421 (External control of file name or path in Microsoft Office Word allows ...) + TODO: check +CVE-2026-40420 (Improper access control in Microsoft Office Click-To-Run allows an aut ...) + TODO: check +CVE-2026-40419 (Use after free in Microsoft Office allows an authorized attacker to el ...) + TODO: check +CVE-2026-40418 (Use after free in Microsoft Office Click-To-Run allows an authorized a ...) + TODO: check +CVE-2026-40417 (Weak authentication in Dynamics Business Central allows an authorized ...) + TODO: check +CVE-2026-40416 (User interface (ui) misrepresentation of critical information in Micro ...) + TODO: check +CVE-2026-40415 (Use after free in Windows TCP/IP allows an unauthorized attacker to ex ...) + TODO: check +CVE-2026-40414 (Null pointer dereference in Windows TCP/IP allows an unauthorized atta ...) + TODO: check +CVE-2026-40413 (Null pointer dereference in Windows TCP/IP allows an unauthorized atta ...) + TODO: check +CVE-2026-40410 (Use after free in Windows SMB Client allows an authorized attacker to ...) + TODO: check +CVE-2026-40408 (Use after free in Windows Kernel-Mode Drivers allows an authorized att ...) + TODO: check +CVE-2026-40407 (Heap-based buffer overflow in Windows Common Log File System Driver al ...) + TODO: check +CVE-2026-40406 (Use after free in Windows TCP/IP allows an unauthorized attacker to di ...) + TODO: check +CVE-2026-40405 (Null pointer dereference in Windows TCP/IP allows an unauthorized atta ...) + TODO: check +CVE-2026-40403 (Heap-based buffer overflow in Windows Win32K - GRFX allows an authoriz ...) + TODO: check +CVE-2026-40402 (Use after free in Windows Hyper-V allows an unauthorized attacker to e ...) + TODO: check +CVE-2026-40401 (Null pointer dereference in Windows TCP/IP allows an unauthorized atta ...) + TODO: check +CVE-2026-40399 (Stack-based buffer overflow in Windows TCP/IP allows an authorized att ...) + TODO: check +CVE-2026-40398 (Heap-based buffer overflow in Windows Remote Desktop allows an authori ...) + TODO: check +CVE-2026-40397 (Integer underflow (wrap or wraparound) in Windows Common Log File Syst ...) + TODO: check +CVE-2026-40382 (Use after free in Windows Telephony Service allows an authorized attac ...) + TODO: check +CVE-2026-40381 (Improper access control in Azure Connected Machine Agent allows an aut ...) + TODO: check +CVE-2026-40380 (Heap-based buffer overflow in Volume Manager Extension Driver allows a ...) + TODO: check +CVE-2026-40379 (Exposure of sensitive information to an unauthorized actor in Azure En ...) + TODO: check +CVE-2026-40377 (Heap-based buffer overflow in Windows Cryptographic Services allows an ...) + TODO: check +CVE-2026-40374 (Exposure of sensitive information to an unauthorized actor in Power Au ...) + TODO: check +CVE-2026-40370 (External control of file name or path in SQL Server allows an authoriz ...) + TODO: check +CVE-2026-40369 (Untrusted pointer dereference in Windows Kernel allows an authorized a ...) + TODO: check +CVE-2026-40368 (Deserialization of untrusted data in Microsoft Office SharePoint allow ...) + TODO: check +CVE-2026-40367 (Untrusted pointer dereference in Microsoft Office Word allows an unaut ...) + TODO: check +CVE-2026-40366 (Use after free in Microsoft Office Word allows an unauthorized attacke ...) + TODO: check +CVE-2026-40365 (Insufficient granularity of access control in Microsoft Office SharePo ...) + TODO: check +CVE-2026-40364 (Access of resource using incompatible type ('type confusion') in Micro ...) + TODO: check +CVE-2026-40363 (Heap-based buffer overflow in Microsoft Office allows an unauthorized ...) + TODO: check +CVE-2026-40362 (Heap-based buffer overflow in Microsoft Office Excel allows an unautho ...) + TODO: check +CVE-2026-40361 (Use after free in Microsoft Office Word allows an unauthorized attacke ...) + TODO: check +CVE-2026-40360 (Out-of-bounds read in Microsoft Office Excel allows an unauthorized at ...) + TODO: check +CVE-2026-40359 (Use after free in Microsoft Office Excel allows an unauthorized attack ...) + TODO: check +CVE-2026-40358 (Use after free in Microsoft Office allows an unauthorized attacker to ...) + TODO: check +CVE-2026-40357 (Deserialization of untrusted data in Microsoft Office SharePoint allow ...) + TODO: check +CVE-2026-40300 (Zulip is an open-source team collaboration tool. Prior to 12.0, With m ...) + TODO: check +CVE-2026-40020 (Attacker can use the IMAP SETACL command to inject the anyone permissi ...) + TODO: check +CVE-2026-40016 (Attacker can upload a malicious Sieve script over ManageSieve service ...) + TODO: check +CVE-2026-3604 (The WP SEO Structured Data Schema plugin for WordPress is vulnerable t ...) + TODO: check +CVE-2026-39432 (Missing Authorization vulnerability in Arraytics Timetics allows Explo ...) + TODO: check +CVE-2026-35440 (Files or directories accessible to external parties in Microsoft Offic ...) + TODO: check +CVE-2026-35439 (Deserialization of untrusted data in Microsoft Office SharePoint allow ...) + TODO: check +CVE-2026-35438 (Missing authorization in Windows Admin Center allows an authorized att ...) + TODO: check +CVE-2026-35436 (Insufficient granularity of access control in Microsoft Office Click-T ...) + TODO: check +CVE-2026-35433 (Improper input validation in .NET allows an unauthorized attacker to e ...) + TODO: check +CVE-2026-35429 (User interface (ui) misrepresentation of critical information in Micro ...) + TODO: check +CVE-2026-35424 (Missing release of memory after effective lifetime in Windows Internet ...) + TODO: check +CVE-2026-35423 (Out-of-bounds read in Telnet Client allows an unauthorized attacker to ...) + TODO: check +CVE-2026-35422 (Authentication bypass using an alternate path or channel in Windows TC ...) + TODO: check +CVE-2026-35421 (Heap-based buffer overflow in Windows GDI allows an unauthorized attac ...) + TODO: check +CVE-2026-35420 (Heap-based buffer overflow in Windows Kernel allows an authorized atta ...) + TODO: check +CVE-2026-35419 (Out-of-bounds read in Windows DWM Core Library allows an authorized at ...) + TODO: check +CVE-2026-35418 (Use after free in Windows Cloud Files Mini Filter Driver allows an aut ...) + TODO: check +CVE-2026-35417 (Access of resource using incompatible type ('type confusion') in Windo ...) + TODO: check +CVE-2026-35416 (Use after free in Windows Ancillary Function Driver for WinSock allows ...) + TODO: check +CVE-2026-35415 (Integer overflow or wraparound in Windows Storage Spaces Controller al ...) + TODO: check +CVE-2026-35227 (An unauthenticated remote attacker may exhaust all available TCP conne ...) + TODO: check +CVE-2026-35071 (Dell PowerScale InsightIQ, versions 6.0.0 through 6.2.0, contains an i ...) + TODO: check +CVE-2026-34687 (Illustrator versions 29.8.6, 30.3 and earlier are affected by a Heap-b ...) + TODO: check +CVE-2026-34684 (Substance3D - Designer versions 15.1.0 and earlier are affected by an ...) + TODO: check +CVE-2026-34683 (Substance3D - Designer versions 15.1.0 and earlier are affected by an ...) + TODO: check +CVE-2026-34682 (Substance3D - Designer versions 15.1.0 and earlier are affected by an ...) + TODO: check +CVE-2026-34681 (Substance3D - Designer versions 15.1.0 and earlier are affected by an ...) + TODO: check +CVE-2026-34676 (Substance3D - Painter versions 12.0.2 and earlier are affected by an o ...) + TODO: check +CVE-2026-34675 (Substance3D - Painter versions 12.0.2 and earlier are affected by an o ...) + TODO: check +CVE-2026-34664 (Substance3D - Designer versions 15.1.0 and earlier are affected by an ...) + TODO: check +CVE-2026-34663 (Illustrator versions 29.8.6, 30.3 and earlier are affected by an out-o ...) + TODO: check +CVE-2026-34662 (Illustrator versions 29.8.6, 30.3 and earlier are affected by a NULL P ...) + TODO: check +CVE-2026-34661 (Illustrator versions 29.8.6, 30.3 and earlier are affected by an out-o ...) + TODO: check +CVE-2026-34660 (Adobe Connect versions 2025.9.15, 2025.8.157 and earlier are affected ...) + TODO: check +CVE-2026-34659 (Adobe Connect versions 2025.9.15, 2025.8.157 and earlier are affected ...) + TODO: check +CVE-2026-34644 (After Effects versions 26.0, 25.6.4 and earlier are affected by an Int ...) + TODO: check +CVE-2026-34643 (After Effects versions 26.0, 25.6.4 and earlier are affected by an out ...) + TODO: check +CVE-2026-34642 (After Effects versions 26.0, 25.6.4 and earlier are affected by a Heap ...) + TODO: check +CVE-2026-34640 (Media Encoder versions 26.0.2, 25.6.4 and earlier are affected by an I ...) + TODO: check +CVE-2026-34639 (Media Encoder versions 26.0.2, 25.6.4 and earlier are affected by an o ...) + TODO: check +CVE-2026-34638 (Premiere Pro versions 26.0.2, 25.6.4 and earlier are affected by a Use ...) + TODO: check +CVE-2026-34637 (Premiere Pro versions 26.0.2, 25.6.4 and earlier are affected by an ou ...) + TODO: check +CVE-2026-34636 (Premiere Pro versions 26.0.2, 25.6.4 and earlier are affected by an ou ...) + TODO: check +CVE-2026-34351 (Concurrent execution using shared resource with improper synchronizati ...) + TODO: check +CVE-2026-34350 (Null pointer dereference in Windows Storport Miniport Driver allows an ...) + TODO: check +CVE-2026-34347 (Use after free in Windows Win32K - GRFX allows an authorized attacker ...) + TODO: check +CVE-2026-34345 (Concurrent execution using shared resource with improper synchronizati ...) + TODO: check +CVE-2026-34344 (Access of resource using incompatible type ('type confusion') in Windo ...) + TODO: check +CVE-2026-34343 (Heap-based buffer overflow in Windows Application Identity (AppID) Sub ...) + TODO: check +CVE-2026-34342 (Concurrent execution using shared resource with improper synchronizati ...) + TODO: check +CVE-2026-34341 (Double free in Windows Link-Layer Discovery Protocol (LLDP) allows an ...) + TODO: check +CVE-2026-34340 (Use after free in Windows Projected File System allows an authorized a ...) + TODO: check +CVE-2026-34339 (Null pointer dereference in Windows LDAP - Lightweight Directory Acces ...) + TODO: check +CVE-2026-34338 (Use after free in Windows Telephony Service allows an authorized attac ...) + TODO: check +CVE-2026-34337 (Use after free in Windows Cloud Files Mini Filter Driver allows an aut ...) + TODO: check +CVE-2026-34336 (Buffer over-read in Windows DWM Core Library allows an authorized atta ...) + TODO: check +CVE-2026-34334 (Concurrent execution using shared resource with improper synchronizati ...) + TODO: check +CVE-2026-34333 (Use after free in Windows Win32K - GRFX allows an authorized attacker ...) + TODO: check +CVE-2026-34332 (Use after free in Windows Kernel-Mode Drivers allows an authorized att ...) + TODO: check +CVE-2026-34331 (Concurrent execution using shared resource with improper synchronizati ...) + TODO: check +CVE-2026-34330 (Integer overflow or wraparound in Windows Win32K - GRFX allows an auth ...) + TODO: check +CVE-2026-34329 (Heap-based buffer overflow in Windows Message Queuing allows an unauth ...) + TODO: check +CVE-2026-34187 (Improper Neutralization of Special Elements used in an SQL Command vul ...) + TODO: check +CVE-2026-33893 (A vulnerability has been identified in Teamcenter V2312 (All versions ...) + TODO: check +CVE-2026-33862 (A vulnerability has been identified in Teamcenter V2312 (All versions ...) + TODO: check +CVE-2026-33841 (Heap-based buffer overflow in Windows Kernel allows an authorized atta ...) + TODO: check +CVE-2026-33840 (Use after free in Windows Win32K - ICOMP allows an authorized attacker ...) + TODO: check +CVE-2026-33839 (Concurrent execution using shared resource with improper synchronizati ...) + TODO: check +CVE-2026-33838 (Double free in Windows Message Queuing allows an authorized attacker t ...) + TODO: check +CVE-2026-33837 (Heap-based buffer overflow in Windows TCP/IP allows an authorized atta ...) + TODO: check +CVE-2026-33835 (Use after free in Windows Cloud Files Mini Filter Driver allows an aut ...) + TODO: check +CVE-2026-33834 (Improper access control in Windows Event Logging Service allows an aut ...) + TODO: check +CVE-2026-33833 (Improper neutralization of special elements in output used by a downst ...) + TODO: check +CVE-2026-33821 (Improper privilege management in Microsoft Dynamics 365 Customer Insig ...) + TODO: check +CVE-2026-33603 (Attacker can use a specially crafted base64 exchange between Dovecot a ...) + TODO: check +CVE-2026-33117 (Improper authentication in Azure SDK allows an unauthorized attacker t ...) + TODO: check +CVE-2026-33112 (Deserialization of untrusted data in Microsoft Office SharePoint allow ...) + TODO: check +CVE-2026-33110 (Deserialization of untrusted data in Microsoft Office SharePoint allow ...) + TODO: check +CVE-2026-32687 (Improper Neutralization of Special Elements used in an SQL Command ('S ...) + TODO: check +CVE-2026-32684 (The application does not impose strict enough restrictions on director ...) + TODO: check +CVE-2026-32209 (Improper access control in Windows Filtering Platform (WFP) allows an ...) + TODO: check +CVE-2026-32204 (External control of file name or path in Azure Monitor Agent allows an ...) + TODO: check +CVE-2026-32185 (Files or directories accessible to external parties in Microsoft Teams ...) + TODO: check +CVE-2026-32177 (Heap-based buffer overflow in .NET allows an unauthorized attacker to ...) + TODO: check +CVE-2026-32175 (A tampering vulnerability exists when .NET Core improperly handles spe ...) + TODO: check +CVE-2026-32170 (Double free in Windows Rich Text Edit Control allows an authorized att ...) + TODO: check +CVE-2026-32161 (Concurrent execution using shared resource with improper synchronizati ...) + TODO: check +CVE-2026-31245 (The mem0 1.0.0 server lacks authentication and authorization controls ...) + TODO: check +CVE-2026-31244 (The mem0 1.0.0 server lacks authentication and authorization controls ...) + TODO: check +CVE-2026-31243 (The mem0 1.0.0 server lacks authentication and authorization controls ...) + TODO: check +CVE-2026-31242 (The mem0 v1.0.0 server lacks authentication and authorization controls ...) + TODO: check +CVE-2026-31241 (The mem0 1.0.0 server lacks authentication and authorization controls ...) + TODO: check +CVE-2026-31240 (The mem0 1.0.0 server lacks authentication and authorization controls ...) + TODO: check +CVE-2026-31239 (The mamba language model framework thru 2.2.6 is vulnerable to insecur ...) + TODO: check +CVE-2026-31238 (The Ludwig framework thru 0.10.4 is vulnerable to insecure deserializa ...) + TODO: check +CVE-2026-31237 (The Ludwig framework thru 0.10.4 is vulnerable to insecure deserializa ...) + TODO: check +CVE-2026-31236 (The llm CLI tool thru 0.27.1 contains a critical code injection vulner ...) + TODO: check +CVE-2026-31235 (The imgaug library thru 0.4.0 contains an insecure deserialization vul ...) + TODO: check +CVE-2026-31234 (Horovod thru 0.28.1 contains an insecure deserialization vulnerability ...) + TODO: check +CVE-2026-31233 (Guardrails AI thru 0.6.7 contains a code injection vulnerability (CWE- ...) + TODO: check +CVE-2026-31232 (The CosyVoice project thru commit 6e01309e01bc93bbeb83bdd996b1182a81aa ...) + TODO: check +CVE-2026-31231 (Cognee thru v0.4.0 contains a critical remote code execution vulnerabi ...) + TODO: check +CVE-2026-31230 (The Adversarial Robustness Toolbox (ART) thru 1.20.1 contains a comman ...) + TODO: check +CVE-2026-31229 (The Adversarial Robustness Toolbox (ART) thru 1.20.1 contains an insec ...) + TODO: check +CVE-2026-31228 (The Adversarial Robustness Toolbox (ART) thru 1.20.1 contains a remote ...) + TODO: check +CVE-2026-31226 (The TinyZero project thru commit 6652a63c57fa7e5ccde3fc9c598c7176ff15b ...) + TODO: check +CVE-2026-31225 (The superduper project thru v0.10.0 contains a critical remote code ex ...) + TODO: check +CVE-2026-31224 (The snorkel library thru v0.10.0 contains an insecure deserialization ...) + TODO: check +CVE-2026-31223 (The snorkel library thru v0.10.0 contains a critical insecure deserial ...) + TODO: check +CVE-2026-31222 (The snorkel library thru v0.10.0 contains an insecure deserialization ...) + TODO: check +CVE-2026-31221 (PyTorch-Lightning versions 2.6.0 and earlier contain an insecure deser ...) + TODO: check +CVE-2026-31220 (PySyft (Syft Datasite/Server) versions 0.9.5 and earlier are vulnerabl ...) + TODO: check +CVE-2026-31219 (The _load_model() function in the neural_magic_training.py script of t ...) + TODO: check +CVE-2026-31218 (The _load_model() function in the neural_magic_training.py script of t ...) + TODO: check +CVE-2026-31217 (The _load_model() function in the neural_magic_training.py script of t ...) + TODO: check +CVE-2026-31216 (The nexent v1.7.5.2 backend service contains an unauthorized arbitrary ...) + TODO: check +CVE-2026-31215 (The nexent v1.7.5.2 backend service contains an unauthorized arbitrary ...) + TODO: check +CVE-2026-31214 (The torch-checkpoint-shrink.py script in the ml-engineering project in ...) + TODO: check +CVE-2026-30810 (Server-Side Request Forgery vulnerability allows Privilege Escalation ...) + TODO: check +CVE-2026-30808 (Session Fixation vulnerability allows Session Hijacking via crafted se ...) + TODO: check +CVE-2026-30807 (Cross-Site Request Forgery vulnerability allows an attacker to perform ...) + TODO: check +CVE-2026-30805 (Insecure Default Initialization of Resource vulnerability allows Authe ...) + TODO: check +CVE-2026-2993 (The AI Chatbot & Workflow Automation by AIWU plugin for WordPress is v ...) + TODO: check +CVE-2026-2465 (Incorrect Authorization vulnerability in E-Kalite Software Hardware En ...) + TODO: check +CVE-2026-2300 (The BJ Lazy Load plugin for WordPress is vulnerable to Stored Cross-Si ...) + TODO: check +CVE-2026-29204 (Insufficient ownership checks in `clientarea.php` allow an authenticat ...) + TODO: check +CVE-2026-27851 (When safe filter is used with variable expansion, all following pipeli ...) + TODO: check +CVE-2026-27662 (Affected devices do not properly restrict access to the web browser vi ...) + TODO: check +CVE-2026-26083 (A missing authorization vulnerability in Fortinet FortiSandbox 5.0.0 t ...) + TODO: check +CVE-2026-25789 (Affected devices do not properly validate and sanitize filenames on th ...) + TODO: check +CVE-2026-25787 (Affected devices do not properly validate and sanitize Technology Obje ...) + TODO: check +CVE-2026-25786 (Affected devices do not properly validate and sanitize PLC/station nam ...) + TODO: check +CVE-2026-25690 (An improper neutralization of argument delimiters in a command ('argum ...) + TODO: check +CVE-2026-25431 (Missing Authorization vulnerability in WPMU DEV Hustle allows Exploiti ...) + TODO: check +CVE-2026-25088 (An improper neutralization of special elements used in an sql command ...) + TODO: check +CVE-2026-23823 (A vulnerability in the command line interface of Access Points running ...) + TODO: check +CVE-2026-23822 (A vulnerability in the XML handling component of AOS-8 DHCP services c ...) + TODO: check +CVE-2026-23821 (A vulnerability in the configuration processing logic of Access Points ...) + TODO: check +CVE-2026-23820 (A vulnerability in the command line interface of Access Points running ...) + TODO: check +CVE-2026-23819 (A vulnerability in the web-based management interface of Access Points ...) + TODO: check +CVE-2026-22925 (A vulnerability has been identified in SIMATIC CN 4100 (All versions < ...) + TODO: check +CVE-2026-22924 (A vulnerability has been identified in SIMATIC CN 4100 (All versions < ...) + TODO: check +CVE-2026-21530 (Double free in Windows Rich Text Edit allows an authorized attacker to ...) + TODO: check +CVE-2026-20914 (Null pointer dereference for some Intel(R) QAT software drivers for Wi ...) + TODO: check +CVE-2026-20905 (Improper input validation for some Intel(R) QAT software drivers for W ...) + TODO: check +CVE-2026-20887 (Improper access control for some Intel Vision software for all version ...) + TODO: check +CVE-2026-20881 (Divide by zero for some Intel(R) QAT software drivers for Windows befo ...) + TODO: check +CVE-2026-20879 (Out-of-bounds write for the Intel(R) Data Center Graphics Driver for V ...) + TODO: check +CVE-2026-20794 (Buffer overflow for the Intel(R) Data Center Graphics Driver for VMwar ...) + TODO: check +CVE-2026-20793 (Unchecked return value for some Intel(R) QAT software drivers for Wind ...) + TODO: check +CVE-2026-20782 (Buffer overflow for some Intel(R) QAT software drivers for Windows bef ...) + TODO: check +CVE-2026-20772 (Uncontrolled search path for some Intel(R) Connectivity Performance Su ...) + TODO: check +CVE-2026-20771 (Null pointer dereference for some Intel(R) QAT software drivers for Wi ...) + TODO: check +CVE-2026-20767 (Improper input validation for some Intel(R) QAT software drivers for W ...) + TODO: check +CVE-2026-20754 (Improper conditions check in some firmware for some Intel(R) NPU Drive ...) + TODO: check +CVE-2026-20753 (Integer overflow in the UEFI firmware for the Slim Bootloader may allo ...) + TODO: check +CVE-2026-20751 (Out-of-bounds read for the Intel(R) Data Center Graphics Driver for VM ...) + TODO: check +CVE-2026-20738 (Untrusted pointer dereference for some Intel(R) QuickAssist Adapter 89 ...) + TODO: check +CVE-2026-20718 (Incorrect default permissions for some Intel(R) NPU Driver software in ...) + TODO: check +CVE-2026-20717 (Improper input validation for some Intel(R) QAT software drivers for W ...) + TODO: check +CVE-2026-20714 (Out-of-bounds write for some Intel(R) QAT software drivers for Windows ...) + TODO: check +CVE-2026-1934 (The Motors \u2013 Car Dealership & Classified Listings plugin for Word ...) + TODO: check +CVE-2025-70842 (A Stored Cross-Site Scripting (XSS) vulnerability was discovered in th ...) + TODO: check +CVE-2025-6577 (Improper neutralization of special elements used in an SQL command ('S ...) + TODO: check +CVE-2025-67604 (A use of potentially dangerous function vulnerability in Fortinet Fort ...) + TODO: check +CVE-2025-65719 (An issue in Open Source Kubectl MCP Server v1.1.1 allows attackers to ...) + TODO: check +CVE-2025-53870 (An improper neutralization of special elements used in an os command ( ...) + TODO: check +CVE-2025-53844 (A out-of-bounds write vulnerability in Fortinet FortiOS 7.6.0 through ...) + TODO: check +CVE-2025-53681 (An improper neutralization of special elements used in an SQL Command ...) + TODO: check +CVE-2025-53680 (An improper neutralization of special elements used in an OS command ( ...) + TODO: check +CVE-2025-46311 (An inconsistent user interface issue was addressed with improved state ...) + TODO: check +CVE-2025-43524 (An access issue was addressed with additional sandbox restrictions. Th ...) + TODO: check +CVE-2025-40949 (A vulnerability has been identified in RUGGEDCOM ROX MX5000 (All versi ...) + TODO: check +CVE-2025-40948 (A vulnerability has been identified in RUGGEDCOM ROX MX5000 (All versi ...) + TODO: check +CVE-2025-40947 (A vulnerability has been identified in RUGGEDCOM ROX MX5000 (All versi ...) + TODO: check +CVE-2025-40946 (A vulnerability has been identified in blueplanet 100 NX3 M8 (All vers ...) + TODO: check +CVE-2025-40833 (The affected devices contain a null pointer dereference vulnerability ...) + TODO: check +CVE-2025-36515 (Uncontrolled search path for some AI Playground software before versio ...) + TODO: check +CVE-2025-36510 (Improper buffer restrictions for some Display Virtualization for Windo ...) + TODO: check +CVE-2025-35991 (Improper initialization in the UEFI firmware for some Intel platforms ...) + TODO: check +CVE-2025-35990 (Improper input validation for some Intel Endpoint Management Assistant ...) + TODO: check +CVE-2025-35979 (Exposure of sensitive information caused by shared microarchitectural ...) + TODO: check +CVE-2025-35969 (Uncontrolled search path for some Intel(R) Server Firmware Update Util ...) + TODO: check +CVE-2025-27723 (Use after free for some Linux kernel driver for the Intel(R) Ethernet ...) + TODO: check +CVE-2025-12659 (The affected applications contains a memory corruption vulnerability w ...) + TODO: check +CVE-2024-54017 (A vulnerability has been identified in SIPROTEC 5 6MD84 (CP300) (All v ...) + TODO: check CVE-2025-54518 - xen <unfixed> [bullseye] - xen <end-of-life> (EOLed in Bullseye) NOTE: https://xenbits.xen.org/xsa/advisory-490.html NOTE: https://www.amd.com/en/resources/product-security/bulletin/amd-sb-7052.html -CVE-2026-5089 +CVE-2026-5089 (YAML::Syck versions before 1.38 for Perl has an out-of-bounds read. ...) - libyaml-syck-perl <unfixed> NOTE: https://lists.security.metacpan.org/cve-announce/msg/39981051/ NOTE: https://github.com/cpan-authors/YAML-Syck/issues/132 @@ -8417,18 +9175,22 @@ CVE-2026-7381 (Plack::Middleware::XSendfile versions through 1.0053 for Perl can NOTE: https://lists.security.metacpan.org/cve-announce/msg/39467666/ NOTE: Plack::Middleware::XSendfile documented as deprecated. CVE-2026-40684 (In Exim before 4.99.2, on systems using musl libc (not glibc), an atta ...) + {DSA-6265-1} - exim4 4.99.2-1 (unimportant) NOTE: Fixed by: https://code.exim.org/exim/exim/commit/628bbaca7672748d941a12e7cd5f0122a4e18c81 NOTE: Debian builds with glibc CVE-2026-40685 (In Exim before 4.99.2, when JSON lookup is enabled, an out-of-bounds h ...) + {DSA-6265-1} - exim4 4.99.2-1 (unimportant) NOTE: Fixed by: https://code.exim.org/exim/exim/commit/9fdc057e71b87c87a0d3d2288b2810a0efaaba57 NOTE: JSON lookup support not enabled in Debian CVE-2026-40686 (In Exim before 4.99.2, when utf8 operators are enabled, there is an ou ...) + {DSA-6265-1} - exim4 4.99.2-1 [bullseye] - exim4 <postponed> (Minor issue; can be fixed in next update) NOTE: Fixed by: https://code.exim.org/exim/exim/commit/f2570bde16fb4d4a1242ff363a4c4eecf6372efc CVE-2026-40687 (In Exim before 4.99.2, when the SPA authentication driver is used with ...) + {DSA-6265-1} - exim4 4.99.2-1 [bullseye] - exim4 <postponed> (Minor issue; can be fixed in next update) NOTE: Fixed by: https://code.exim.org/exim/exim/commit/68b963b9f75ca27b38e1c0f8c87037990199f505 @@ -19686,7 +20448,7 @@ CVE-2026-39588 (Missing Authorization vulnerability in nmerii NM Gift Registry a NOT-FOR-US: WordPress plugin or theme CVE-2026-39586 (Insertion of Sensitive Information Into Sent Data vulnerability in Ate ...) NOT-FOR-US: WordPress plugin or theme -CVE-2026-39585 (Missing Authorization vulnerability in Arraytics Booktics booktics all ...) +CVE-2026-39585 (Missing Authorization vulnerability in Arraytics Booktics allows Explo ...) NOT-FOR-US: WordPress plugin or theme CVE-2026-39575 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...) NOT-FOR-US: WordPress plugin or theme @@ -51642,9 +52404,9 @@ CVE-2026-22780 (Rizin is a UNIX-like reverse engineering framework and command-l NOT-FOR-US: Rizin CVE-2026-22778 (vLLM is an inference and serving engine for large language models (LLM ...) - vllm <itp> (bug #1095237) -CVE-2026-22550 (OS command injection vulnerability exists in WRC-X1500GS-B and WRC-X15 ...) +CVE-2026-22550 (OS command injection vulnerability exists in ELECOM wireless LAN produ ...) NOT-FOR-US: ELECOM devices -CVE-2026-20704 (Cross-site request forgery vulnerability exists in WRC-X1500GS-B and W ...) +CVE-2026-20704 (Cross-site request forgery vulnerability exists in ELECOM wireless LAN ...) NOT-FOR-US: ELECOM devices CVE-2026-1788 (: Out-of-bounds Write vulnerability in Xquic Project Xquic Server xqui ...) NOT-FOR-US: Xquic @@ -58163,7 +58925,8 @@ CVE-2026-23494 (Pimcore is an Open Source Data & Experience Management Platform. NOT-FOR-US: Pimcore CVE-2026-23493 (Pimcore is an Open Source Data & Experience Management Platform. Prior ...) NOT-FOR-US: Pimcore -CVE-2026-22920 (The device's passwords have not been adequately salted, making them vu ...) +CVE-2026-22920 + REJECTED NOT-FOR-US: SICK AG CVE-2026-22919 (An attacker with administrative access may inject malicious content in ...) NOT-FOR-US: SICK AG @@ -267693,7 +268456,7 @@ CVE-2024-29413 (Cross Site Scripting vulnerability in Webasyst v.2.9.9 allows a NOT-FOR-US: Webasyst CVE-2024-29375 (CSV Injection vulnerability in Addactis IBNRS v.3.10.3.107 allows a re ...) NOT-FOR-US: Addactis IBNRS -CVE-2024-29225 (WRC-X3200GST3-B v1.25 and earlier, and WRC-G01-W v1.24 and earlier all ...) +CVE-2024-29225 (ELECOM wireless LAN routers allow a network-adjacent unauthenticated a ...) NOT-FOR-US: WRC-X3200GST3-B CVE-2024-29167 (SVR-116 firmware version 1.6.0.30028871 allows a remote authenticated ...) NOT-FOR-US: SEEnergy Corp SVR-116 @@ -330029,8 +330792,8 @@ CVE-2023-30061 (D-Link DIR-879 v105A1 is vulnerable to Authentication Bypass via NOT-FOR-US: D-Link CVE-2023-30060 RESERVED -CVE-2023-30059 - RESERVED +CVE-2023-30059 (An insecure direct object reference in MK-Auth 23.01K4.9 allows attack ...) + TODO: check CVE-2023-30058 (novel-plus 3.6.2 is vulnerable to SQL Injection.) NOT-FOR-US: novel-plus CVE-2023-30057 (Multiple stored cross-site scripting (XSS) vulnerabilities in FICO Ori ...) @@ -337803,8 +338566,8 @@ CVE-2023-27755 (go-bbs v1 was discovered to contain an arbitrary file download v NOT-FOR-US: go-bbs CVE-2023-27754 (vox2mesh 1.0 has stack-overflow in main.cpp, this is stack-overflow ca ...) NOT-FOR-US: vox2mesh -CVE-2023-27753 - RESERVED +CVE-2023-27753 (An arbitrary file upload vulnerability in MK-Auth 23.01K4.9 allows att ...) + TODO: check CVE-2023-27752 REJECTED CVE-2023-27751 View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/e7bd64b41d300edcb8290fd9450f088ac46209ac -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/e7bd64b41d300edcb8290fd9450f088ac46209ac You're receiving this email because of your account on salsa.debian.org. Manage all notifications: https://salsa.debian.org/-/profile/notifications | Help: https://salsa.debian.org/help
_______________________________________________ debian-security-tracker-commits mailing list [email protected] https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
