Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
2a3522f3 by security tracker role at 2026-05-23T19:13:31+00:00
automatic update
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,4 +1,68 @@
-CVE-2026-43503 [net: skbuff: propagate shared-frag marker through
frag-transfer helpers]
+CVE-2026-9306 (A security vulnerability has been detected in QuantumNous
new-api up t ...)
+ TODO: check
+CVE-2026-9305 (A weakness has been identified in QuantumNous new-api up to
0.12.1. Th ...)
+ TODO: check
+CVE-2026-9304 (A security flaw has been discovered in calcom cal.diy up to
4.9.4. The ...)
+ TODO: check
+CVE-2026-9303 (A vulnerability was identified in calcom cal.diy up to 4.9.4.
Impacted ...)
+ TODO: check
+CVE-2026-9302 (A vulnerability was determined in 546669204
vps-inventory-monitoring u ...)
+ TODO: check
+CVE-2026-9301 (A vulnerability was found in omec-project amf up to 2.1.1. This
vulner ...)
+ TODO: check
+CVE-2026-9300 (A vulnerability has been found in omec-project amf up to 2.1.1.
This a ...)
+ TODO: check
+CVE-2026-9299 (A flaw has been found in omec-project amf up to 2.1.1. Affected
by thi ...)
+ TODO: check
+CVE-2026-9298 (A vulnerability was detected in omec-project amf up to 2.1.1.
Affected ...)
+ TODO: check
+CVE-2026-9297 (A security vulnerability has been detected in Edimax BR-6428NS
1.10. A ...)
+ TODO: check
+CVE-2026-9296 (A weakness has been identified in Edimax BR-6428NS 1.10. This
impacts ...)
+ TODO: check
+CVE-2026-9295 (A security flaw has been discovered in Edimax BR-6428NS 1.10.
This aff ...)
+ TODO: check
+CVE-2026-9294 (A vulnerability was identified in Edimax BR-6428NS 1.10. The
impacted ...)
+ TODO: check
+CVE-2018-25358 (D-Link DIR601 2.02NA contains a credential disclosure
vulnerability th ...)
+ TODO: check
+CVE-2018-25357 (Dolibarr ERP CRM 7.0.3 contains a remote code evaluation
vulnerability ...)
+ TODO: check
+CVE-2018-25356 (SIPp 3.6 and earlier contains a local buffer overflow
vulnerability in ...)
+ TODO: check
+CVE-2018-25355 (Audiograbber 1.83 contains a local buffer overflow
vulnerability that ...)
+ TODO: check
+CVE-2018-25354 (Joomla Component jomres 9.11.2 contains a cross-site request
forgery v ...)
+ TODO: check
+CVE-2018-25353 (Redaxo CMS Mediapool Addon 5.5.1 and older contains an
arbitrary file ...)
+ TODO: check
+CVE-2018-25352 (WordPress Ultimate Form Builder Lite plugin version 1.3.7 and
below co ...)
+ TODO: check
+CVE-2018-25351 (Joomla! Component EkRishta 2.10 contains an error-based SQL
injection ...)
+ TODO: check
+CVE-2018-25350 (userSpice 4.3.24 contains a username enumeration vulnerability
that al ...)
+ TODO: check
+CVE-2018-25349 (userSpice 4.3.24 contains a cross-site scripting vulnerability
that al ...)
+ TODO: check
+CVE-2018-25348 (Joomla! Component Ek Rishta 2.10 contains an SQL injection
vulnerabili ...)
+ TODO: check
+CVE-2018-25347 (WordPress Contact Form Maker Plugin 1.12.20 contains SQL
injection vul ...)
+ TODO: check
+CVE-2018-25346 (WordPress Form Maker Plugin 1.12.24 and below contains SQL
injection v ...)
+ TODO: check
+CVE-2018-25345 (10-Strike Network Scanner 3.0 contains a local buffer overflow
vulnera ...)
+ TODO: check
+CVE-2018-25344 (10-Strike Network Inventory Explorer 8.54 contains a
stack-based buffe ...)
+ TODO: check
+CVE-2018-25343 (Smartshop 1 contains a cross-site request forgery
vulnerability that a ...)
+ TODO: check
+CVE-2018-25342 (Smartshop 1 contains a time-based blind SQL injection
vulnerability th ...)
+ TODO: check
+CVE-2018-25341 (Smartshop 1 contains a SQL injection vulnerability that allows
unauthe ...)
+ TODO: check
+CVE-2018-25340 (Smartshop 1 contains a SQL injection vulnerability that allows
unauthe ...)
+ TODO: check
+CVE-2026-43503 (In the Linux kernel, the following vulnerability has been
resolved: n ...)
- linux 7.0.9-1
NOTE:
https://git.kernel.org/linus/48f6a5356a33dd78e7144ae1faef95ffc990aae0
CVE-2026-9284 (The WooCommerce PayPal Payments plugin for WordPress is
vulnerable to ...)
@@ -4803,7 +4867,7 @@ CVE-2026-42934 (NGINX Plus and NGINX Open Source have a
vulnerability in the ngx
NOTE: https://my.f5.com/manage/s/article/K000161028
NOTE: https://nginx.org/en/security_advisories.html
NOTE:
https://github.com/nginx/nginx/commit/54b7945961b2eaafc480d6b85d9635d0db1c126a
(release-1.30.1)
-CVE-2026-46300 [net: skbuff: preserve shared-frag marker during coalescing]
+CVE-2026-46300 (In the Linux kernel, the following vulnerability has been
resolved: n ...)
- linux 7.0.9-1
NOTE: https://github.com/v12-security/pocs/tree/main/fragnesia
NOTE:
https://lore.kernel.org/all/[email protected]/
@@ -90091,7 +90155,7 @@ CVE-2025-13120 (A vulnerability has been found in mruby
up to 3.4.0. This vulner
NOTE: Fixed by:
https://github.com/mruby/mruby/commit/eb398971bfb43c38db3e04528b68ac9a7ce509bc
CVE-2025-13119 (A flaw has been found in Fabian Ros/SourceCodester Simple
E-Banking Sy ...)
NOT-FOR-US: SourceCodester
-CVE-2025-13118 (A vulnerability was detected in macrozheng mall-swarm and mall
up to 1 ...)
+CVE-2025-13118 (A vulnerability was detected in macrozheng mall-swarm up to
1.0.3. Aff ...)
NOT-FOR-US: macrozheng mall-swarm
CVE-2025-13117 (A security vulnerability has been detected in macrozheng
mall-swarm an ...)
NOT-FOR-US: macrozheng mall-swarm
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/2a3522f3b02914fb21c3873ca2290872e0950d7b
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/2a3522f3b02914fb21c3873ca2290872e0950d7b
You're receiving this email because of your account on salsa.debian.org. Manage
all notifications: https://salsa.debian.org/-/profile/notifications | Help:
https://salsa.debian.org/help
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
