Moritz Muehlenhoff pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
7f26d2eb by Moritz Muehlenhoff at 2026-06-01T23:21:21+02:00
new activemq issues
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -27,9 +27,11 @@ CVE-2026-7770 (IBM i Access Family 1.1.5.0 through 1.1.9.12
IBM i Access Client
CVE-2026-49361 (Apache Fluss versions prior to 0.9.1 configure the Netty
LengthFieldBa ...)
NOT-FOR-US: Apache software not packaged in Debian
CVE-2026-49270 (Exposure of Sensitive Information Through Metadata
vulnerability in Ap ...)
- TODO: check
+ - activemq <unfixed>
+ NOTE: https://www.openwall.com/lists/oss-security/2026/05/31/22
CVE-2026-49157 (Incorrect Default Permissions vulnerability in Apache
ActiveMQ. This ...)
- TODO: check
+ - activemq <unfixed>
+ NOTE: https://www.openwall.com/lists/oss-security/2026/05/31/21
CVE-2026-49121 (AI Tensor Engine for ROCm (AITER) through 0.1.14 contains an
unauthent ...)
TODO: check
CVE-2026-48879 (Incorrect Privilege Assignment vulnerability in Sergey AIWU
allows Pri ...)
@@ -61,7 +63,8 @@ CVE-2026-48187 (An uncontrolled allocation of resources
without limits or thrott
CVE-2026-47294 (Deserialization of untrusted data in Microsoft Office
SharePoint allow ...)
NOT-FOR-US: Microsoft
CVE-2026-46605 (Incomplete authorization by Apache ActiveMQ server before
versions v6. ...)
- TODO: check
+ - activemq <unfixed>
+ NOTE: https://www.openwall.com/lists/oss-security/2026/05/31/20
CVE-2026-45810 (Nextcloud is an open source content collaboration platform. In
Nextclo ...)
- nextcloud-server <itp> (bug #941708)
CVE-2026-45729 (Thor Vector Graphics (ThorVG) is a production-ready vector
graphics en ...)
@@ -87,7 +90,8 @@ CVE-2026-45544 (Nextcloud is an open source content
collaboration platform. From
CVE-2026-45543 (Nextcloud is an open source content collaboration platform.
From versi ...)
NOT-FOR-US: Nextcloud Forms
CVE-2026-45505 (Improper Input Validation, Improper Control of Generation of
Code ('Co ...)
- TODO: check
+ - activemq <unfixed>
+ NOTE: https://www.openwall.com/lists/oss-security/2026/05/31/19
CVE-2026-45302 (parse-nested-form-data is a tiny node module for parsing
FormData by n ...)
NOT-FOR-US: parse-nested-form-data
CVE-2026-45286 (Nextcloud is an open source content collaboration platform.
From versi ...)
@@ -175,9 +179,11 @@ CVE-2026-42672 (Improper Neutralization of Special
Elements used in an SQL Comma
CVE-2026-42671 (Missing Authorization vulnerability in Paolo GeoDirectory
allows Explo ...)
NOT-FOR-US: WordPress plugin or theme
CVE-2026-42588 (Improper Input Validation, Improper Control of Generation of
Code ('Co ...)
- TODO: check
+ - activemq <unfixed>
+ NOTE: https://www.openwall.com/lists/oss-security/2026/05/31/18
CVE-2026-42253 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
- TODO: check
+ - activemq <unfixed>
+ NOTE: https://www.openwall.com/lists/oss-security/2026/05/31/17
CVE-2026-42251 (Use of hard-coded credentials in KS-SOMED allowed an
unauthorized atta ...)
NOT-FOR-US: KS-SOMED
CVE-2026-41013 (Input validation bypass in SMB volume mount handling in
CloudFoundry F ...)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/7f26d2eb67530f061512ba18c6dad6c64bff3b3f
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/7f26d2eb67530f061512ba18c6dad6c64bff3b3f
You're receiving this email because of your account on salsa.debian.org. Manage
all notifications: https://salsa.debian.org/-/profile/notifications | Help:
https://salsa.debian.org/help
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
