Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
d2a0fc8b by Salvatore Bonaccorso at 2026-07-01T22:03:56+02:00
Process some NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,25 +1,25 @@
CVE-2026-8857 (A vulnerability in Wikimedia Foundation timeline. This
vulnerability ...)
TODO: check
CVE-2026-8480 (A vulnerability was discovered on Stormshield Network Security
4.3.0 t ...)
- TODO: check
+ NOT-FOR-US: Stormshield
CVE-2026-8387 (A vulnerability in allegroai/clearml versions up to and
including 1.16 ...)
- TODO: check
+ NOT-FOR-US: allegroai/clearml
CVE-2026-6688 (FatFs R0.16 and earlier contains a downstream-caller
vulnerability pat ...)
- TODO: check
+ NOT-FOR-US: FatFs
CVE-2026-6687 (FatFs R0.16 and earlier contains a stack overflow bug in
f_getlabel() ...)
- TODO: check
+ NOT-FOR-US: FatFs
CVE-2026-6686 (FatFs R0.16 and earlier contains an uninitialized cluster
exposure whe ...)
- TODO: check
+ NOT-FOR-US: FatFs
CVE-2026-6685 (FatFs R0.16 and earlier exhibits a stale dirty-cache skip via
unsigned ...)
- TODO: check
+ NOT-FOR-US: FatFs
CVE-2026-6684 (FatFs prior to R0.16 that use GPT scanning with 'FF_LBA64 = 1'
contain ...)
- TODO: check
+ NOT-FOR-US: FatFs
CVE-2026-6683 (FatFs R0.16 and earlier contains a divide-by-zero in exFAT sync
logic ...)
- TODO: check
+ NOT-FOR-US: FatFs
CVE-2026-6682 (In FatFS R0.16 and earlier contains a FAT32 integer overflow
bug in mo ...)
- TODO: check
+ NOT-FOR-US: FatFs
CVE-2026-6283 (Improper neutralization of input during web page generation
('cross-si ...)
- TODO: check
+ NOT-FOR-US: DivvyDrive
CVE-2026-5220 (Improper neutralization of input during web page generation
('cross-si ...)
TODO: check
CVE-2026-5142 (A flaw was found in foreman. Authenticated users with
'view_keypairs' ...)
@@ -41,19 +41,19 @@ CVE-2026-58520 (URL redirection to untrusted site ('open
redirect') vulnerabilit
CVE-2026-58517 (Improper neutralization of input terminators vulnerability in
The Wiki ...)
NOT-FOR-US: MediaWiki extensions/skins not packaged in Debian
CVE-2026-58454 (JAIOTlink C492A-W6 Wi-Fi IP cameras running firmware
4.8.30.57701411 c ...)
- TODO: check
+ NOT-FOR-US: JAIOTlink C492A-W6 Wi-Fi IP cameras
CVE-2026-58453 (JAIOTlink C492A-W6 Wi-Fi IP cameras running firmware
4.8.30.57701411 c ...)
- TODO: check
+ NOT-FOR-US: JAIOTlink C492A-W6 Wi-Fi IP cameras
CVE-2026-58452 (JAIOTlink C492A-W6 Wi-Fi IP cameras running firmware
4.8.30.57701411 c ...)
- TODO: check
+ NOT-FOR-US: JAIOTlink C492A-W6 Wi-Fi IP cameras
CVE-2026-58451 (Horde IMP before 7.0.1 contains a path traversal vulnerability
in lib/ ...)
TODO: check
CVE-2026-58399 (@acastellon/auth is an authentication control system for
microservices ...)
TODO: check
CVE-2026-58127 (PACSgear MediaWriter 5.2.1 exposes a .NET Remoting TCP service
on port ...)
- TODO: check
+ NOT-FOR-US: PACSgear MediaWriter
CVE-2026-58126 (PACSgear PACS Scan 5.2.1 contains an unauthenticated remote
code execu ...)
- TODO: check
+ NOT-FOR-US: PACSgear PACS Scan
CVE-2026-58038 (Improper Neutralization of Input During Web Page Generation
(XSS or 'C ...)
TODO: check
CVE-2026-58035 (Improper Neutralization of Input During Web Page Generation
(XSS or 'C ...)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/d2a0fc8b4104592ade5c6907e4cc3f12bbc316c8
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/d2a0fc8b4104592ade5c6907e4cc3f12bbc316c8
You're receiving this email because of your account on salsa.debian.org. Manage
all notifications: https://salsa.debian.org/-/profile/notifications | Help:
https://salsa.debian.org/help
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits