Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
38f1e9fc by security tracker role at 2026-05-17T19:13:39+00:00
automatic update
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,3 +1,117 @@
+CVE-2026-8759 (A vulnerability was identified in xiandafu beetl up to 3.20.2.
Affecte ...)
+ TODO: check
+CVE-2026-8758 (A vulnerability was determined in Metasoft
\u7f8e\u7279\u8f6f\u4ef6 Me ...)
+ TODO: check
+CVE-2026-8757 (A vulnerability was found in adenhq hive up to 0.11.0. This
affects th ...)
+ TODO: check
+CVE-2026-8756 (A vulnerability has been found in fishaudio Bert-VITS2 up to
8f7fbd8c4 ...)
+ TODO: check
+CVE-2026-8755 (A flaw has been found in fishaudio Bert-VITS2 up to
8f7fbd8c4770965225 ...)
+ TODO: check
+CVE-2026-8754 (A vulnerability was detected in AstrBotDevs AstrBot up to
4.23.5. Impa ...)
+ TODO: check
+CVE-2026-8753 (A security vulnerability has been detected in kalcaddle Kodbox
up to 1 ...)
+ TODO: check
+CVE-2026-8752 (A weakness has been identified in h2oai h2o-3 up to 7402. This
vulnera ...)
+ TODO: check
+CVE-2026-8751 (A security flaw has been discovered in h2oai h2o-3 up to 7402.
This af ...)
+ TODO: check
+CVE-2026-8750 (A vulnerability was identified in h2oai h2o-3 up to 7402.
Affected by ...)
+ TODO: check
+CVE-2026-8747 (A weakness has been identified in Z-BlogPHP 1.7.4.3430. This
affects t ...)
+ TODO: check
+CVE-2026-8746 (A security flaw has been discovered in Open5GS up to 2.7.7.
Affected b ...)
+ TODO: check
+CVE-2026-8745 (A vulnerability was identified in Open5GS up to 2.7.7. Affected
by thi ...)
+ TODO: check
+CVE-2026-8744 (A vulnerability was determined in Open5GS up to 2.7.7. Affected
is the ...)
+ TODO: check
+CVE-2026-8743 (A vulnerability was found in Open5GS up to 2.7.6. This impacts
the fun ...)
+ TODO: check
+CVE-2026-8741 (A vulnerability has been found in EMQX up to 6.2.0. This
affects an un ...)
+ TODO: check
+CVE-2026-8740 (A flaw has been found in Sanluan PublicCMS 5.202506.d. The
impacted el ...)
+ TODO: check
+CVE-2026-8739 (A vulnerability was detected in Sanluan PublicCMS 5.202506.d.
The affe ...)
+ TODO: check
+CVE-2026-8738 (A security vulnerability has been detected in Sanluan PublicCMS
5.2025 ...)
+ TODO: check
+CVE-2026-8737 (A weakness has been identified in Sanluan PublicCMS 5.202506.d.
This i ...)
+ TODO: check
+CVE-2026-8736 (A security flaw has been discovered in Oinone Pamirs up to
7.2.0. This ...)
+ TODO: check
+CVE-2026-8735 (A vulnerability was identified in Oinone Pamirs up to 7.2.0.
This affe ...)
+ TODO: check
+CVE-2026-8734 (A vulnerability was determined in Oinone Pamirs up to 7.2.0.
Affected ...)
+ TODO: check
+CVE-2026-8733 (A vulnerability was found in Investintech SlimPDFReader up to
2.0.13. ...)
+ TODO: check
+CVE-2026-8731 (A vulnerability has been found in Open5GS up to 2.7.7. Affected
is the ...)
+ TODO: check
+CVE-2026-8730 (A flaw has been found in Open5GS up to 2.7.6. This impacts the
functio ...)
+ TODO: check
+CVE-2026-8729 (A vulnerability was detected in Open5GS up to 2.7.7. This
affects an u ...)
+ TODO: check
+CVE-2026-8728 (A security vulnerability has been detected in Open5GS up to
2.7.7. The ...)
+ TODO: check
+CVE-2026-8725 (A weakness has been identified in CoreWorxLab CAAL up to 1.6.0.
The af ...)
+ TODO: check
+CVE-2026-8724 (A security flaw has been discovered in Dataease 2.10.20.
Impacted is t ...)
+ TODO: check
+CVE-2026-8723 (### Summary `qs.stringify` throws `TypeError` when called
with `arr ...)
+ TODO: check
+CVE-2026-8721 (Crypt::OpenSSL::PKCS12 versions through 1.94 for Perl truncates
passwo ...)
+ TODO: check
+CVE-2026-8719 (The AI Engine \u2013 The Chatbot, AI Framework & MCP for
WordPress plu ...)
+ TODO: check
+CVE-2026-8507 (Crypt::OpenSSL::PKCS12 versions through 1.94 for Perl have out
of boun ...)
+ TODO: check
+CVE-2026-6050
+ REJECTED
+CVE-2026-46720 (Net::Statsd::Tiny versions before 0.3.8 for Perl allowed
metric inject ...)
+ TODO: check
+CVE-2018-25339 (Zechat 1.5 contains a SQL injection vulnerability in the v
parameter t ...)
+ TODO: check
+CVE-2018-25338 (Zechat 1.5 contains a SQL injection vulnerability in the
hashtag param ...)
+ TODO: check
+CVE-2018-25337 (Joomla JoomOCShop 1.0 contains a cross-site request forgery
vulnerabil ...)
+ TODO: check
+CVE-2018-25336 (Joomla jCart for OpenCart 2.3.0.2 contains a cross-site
request forger ...)
+ TODO: check
+CVE-2018-25335 (WordPress Plugin Peugeot Music 1.0 contains an arbitrary file
upload v ...)
+ TODO: check
+CVE-2018-25334 (Zechat 1.5 contains a Cross-Site Request Forgery (CSRF)
vulnerability ...)
+ TODO: check
+CVE-2018-25333 (Nordex N149/4.0-4.5 Wind Turbine Web Server 4.0 contains an
SQL inject ...)
+ TODO: check
+CVE-2018-25332 (GitBucket 4.23.1 contains an unauthenticated remote code
execution vul ...)
+ TODO: check
+CVE-2018-25331 (Zenar Content Management System contains a cross-site
scripting vulner ...)
+ TODO: check
+CVE-2018-25330 (Joomla! extension EkRishta 2.10 contains persistent cross-site
scripti ...)
+ TODO: check
+CVE-2018-25329 (WordPress Plugin WP with Spritz 1.0 contains a remote file
inclusion v ...)
+ TODO: check
+CVE-2018-25328 (VX Search 10.6.18 contains a local buffer overflow
vulnerability that ...)
+ TODO: check
+CVE-2018-25327 (Joomla! Component Js Jobs 1.2.0 contains a cross-site request
forgery ...)
+ TODO: check
+CVE-2018-25326 (Google Drive for WordPress 2.2 contains a path traversal
vulnerability ...)
+ TODO: check
+CVE-2018-25325 (Woocommerce CSV Importer 3.3.6 contains a path traversal
vulnerability ...)
+ TODO: check
+CVE-2018-25324 (Simple Fields 0.2 through 0.3.5 WordPress Plugin contains a
local file ...)
+ TODO: check
+CVE-2018-25323 (Allok AVI DivX MPEG to DVD Converter 2.6.1217 contains a
structured ex ...)
+ TODO: check
+CVE-2018-25322 (Allok Fast AVI MPEG Splitter 1.2 contains a stack based buffer
overflo ...)
+ TODO: check
+CVE-2018-25321 (TP-Link TL-WR720N wireless router contains a cross-site
request forger ...)
+ TODO: check
+CVE-2018-25320 (ACL Analytics versions 11.x through 13.0.0.579 contain an
arbitrary co ...)
+ TODO: check
+CVE-2018-25319 (Redaxo CMS Addon MyEvents 2.2.1 contains an SQL injection
vulnerabilit ...)
+ TODO: check
CVE-2025-4202 (The Multicollab: Content Team Collaboration and Editorial
Workflow plu ...)
NOT-FOR-US: WordPress plugin
CVE-2021-47981 (Quick.CMS 6.7 contains a cross-site scripting vulnerability in
the sli ...)
@@ -34148,7 +34262,7 @@ CVE-2026-33291 (Discourse is an open-source discussion
platform. Prior to versio
NOT-FOR-US: Discourse
CVE-2026-33251 (Discourse is an open-source discussion platform. Prior to
versions 202 ...)
NOT-FOR-US: Discourse
-CVE-2026-46728
+CVE-2026-46728 (Das U-Boot before 2026.04 allows FIT (Flat Image Tree)
signature verif ...)
- u-boot <unfixed> (bug #1136954)
[trixie] - u-boot <no-dsa> (Minor issue)
[bookworm] - u-boot <no-dsa> (Minor issue)
@@ -46301,7 +46415,7 @@ CVE-2026-23521 (Versions of the Traccar open-source GPS
tracking system up to an
CVE-2026-21864 (Valkey-Bloom is a Rust based Valkey module which brings a
Bloom Filter ...)
NOT-FOR-US: Valkey-Bloom
CVE-2026-21863 (Valkey is a distributed key-value database. Prior to versions
9.0.2, 8 ...)
- {DSA-6198-1}
+ {DSA-6279-1 DSA-6198-1}
- redis 5:8.0.6-1 (bug #1132205)
[bullseye] - redis <not-affected> (Vulnerable code not present, cluster
branch merged for version 7.2.4-rc1)
- redict 7.3.6+ds-2 (bug #1132206)
@@ -46344,7 +46458,7 @@ CVE-2025-69208 (free5GC UDR is the user data repository
(UDR) for free5GC, an an
CVE-2025-68930 (Versions of the Traccar open-source GPS tracking system up to
and incl ...)
NOT-FOR-US: Traccar
CVE-2025-67733 (Valkey is a distributed key-value database. Prior to versions
9.0.2, 8 ...)
- {DSA-6198-1}
+ {DSA-6279-1 DSA-6198-1}
- redis 5:8.0.6-1 (bug #1132205)
[bullseye] - redis <not-affected> (Vulnerable code not present)
- redict 7.3.6+ds-2 (bug #1132206)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/38f1e9fc1c39f9a3a1f43bf8525b6ee8eec3a230
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/38f1e9fc1c39f9a3a1f43bf8525b6ee8eec3a230
You're receiving this email because of your account on salsa.debian.org. Manage
all notifications: https://salsa.debian.org/-/profile/notifications | Help:
https://salsa.debian.org/help
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
