Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
0b104b25 by Salvatore Bonaccorso at 2026-06-30T21:56:49+02:00
Process some NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -7,27 +7,27 @@ CVE-2026-8864 (The HP Fan Control App might allow local
escalation of privileges
CVE-2026-8655 (Multiple Memory overflow vulnerabilities inNetScaler ADC and
NetScaler ...)
TODO: check
CVE-2026-8452 (Memory overflow vulnerabilityNetScaler ADC and NetScaler
Gatewayleadin ...)
- TODO: check
+ NOT-FOR-US: Citrix
CVE-2026-8451 (Insufficient input validation inNetScaler ADC and NetScaler
Gatewaylea ...)
- TODO: check
+ NOT-FOR-US: Citrix
CVE-2026-8403 (Improper neutralization of input during web page generation
('cross-si ...)
- TODO: check
+ NOT-FOR-US: SYSGUARD 6001
CVE-2026-8402 (Improper neutralization of special elements used in an SQL
command ('S ...)
- TODO: check
+ NOT-FOR-US: SYSGUARD 6001
CVE-2026-8141 (The Ajax Load More - Filters plugin for WordPress is vulnerable
to Sto ...)
NOT-FOR-US: WordPress plugin
CVE-2026-6954 (Cross-Site Scripting (XSS) vulnerability in Intermark IT's
WebControl ...)
- TODO: check
+ NOT-FOR-US: Intermark IT's WebControl CMS
CVE-2026-6953 (HTML injection vulnerability in Intermark IT's WebControl CMS
v3.5. Th ...)
- TODO: check
+ NOT-FOR-US: Intermark IT's WebControl CMS
CVE-2026-6556 (@fastify/express versions 4.0.6 and earlier only rewrite the
plugin pr ...)
- TODO: check
+ NOT-FOR-US: fastify/express
CVE-2026-58377 (JeecgBoot through 3.9.2 contains a broken access control
vulnerability ...)
- TODO: check
+ NOT-FOR-US: JeecgBoot
CVE-2026-58376 (Dolibarr through 23.0.3, fixed in commit 14db36e, contains a
sql injec ...)
NOT-FOR-US: Dolibarr
CVE-2026-58375 (JimuReport through 2.5.0 exposes the POST
/jmreport/auto/export endpoi ...)
- TODO: check
+ NOT-FOR-US: JimuReport
CVE-2026-58374 (In hostapd before 2.12, a missing bounds check in AP-mode
Wi-Fi 7 (IEE ...)
TODO: check
CVE-2026-58373 (CVAT before 2.69.0 contains an improper authorization
vulnerability in ...)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/0b104b2500f2464bc97bd419b204b32f1f9b48e4
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/0b104b2500f2464bc97bd419b204b32f1f9b48e4
You're receiving this email because of your account on salsa.debian.org. Manage
all notifications: https://salsa.debian.org/-/profile/notifications | Help:
https://salsa.debian.org/help
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits