[Git][security-tracker-team/security-tracker][master] automatic update
Salvatore Bonaccorso (@carnil)
carnil at debian.org
Thu Feb 12 20:13:28 GMT 2026
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
0911dc89 by security tracker role at 2026-02-12T20:13:16+00:00
automatic update
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,4 +1,124 @@
-CVE-2026-2007 [PostgreSQL pg_trgm heap buffer overflow writes pattern onto server memory]
+CVE-2026-2276 (Reflected Cross-Site Scripting (XSS) vulnerability in the Wix web appl ...)
+ TODO: check
+CVE-2026-26219 (newbee-mall stores and verifies user passwords using an unsalted MD5 h ...)
+ TODO: check
+CVE-2026-26218 (newbee-mall includes pre-seeded administrator accounts in its database ...)
+ TODO: check
+CVE-2026-26217 (Crawl4AI versions prior to 0.8.0 contain a local file inclusion vulner ...)
+ TODO: check
+CVE-2026-26216 (Crawl4AI versions prior to 0.8.0 contain a remote code execution vulne ...)
+ TODO: check
+CVE-2026-26214 (Galaxy FDS Android SDK (XiaoMi/galaxy-fds-sdk-android) version 3.0.8 a ...)
+ TODO: check
+CVE-2026-25949 (Traefik is an HTTP reverse proxy and load balancer. Prior to 3.6.8, th ...)
+ TODO: check
+CVE-2026-25933 (Arduino App Lab is a cross-platform IDE for developing Arduino Apps. P ...)
+ TODO: check
+CVE-2026-25922 (authentik is an open-source identity provider. Prior to 2025.8.6, 2025 ...)
+ TODO: check
+CVE-2026-25768 (LavinMQ is a high-performance message queue & streaming server. Before ...)
+ TODO: check
+CVE-2026-25767 (LavinMQ is a high-performance message queue & streaming server. Before ...)
+ TODO: check
+CVE-2026-25748 (authentik is an open-source identity provider. Prior to 2025.10.4 and ...)
+ TODO: check
+CVE-2026-25227 (authentik is an open-source identity provider. From 2021.3.1 to before ...)
+ TODO: check
+CVE-2026-24895 (FrankenPHP is a modern application server for PHP. Prior to 1.11.2, Fr ...)
+ TODO: check
+CVE-2026-24894 (FrankenPHP is a modern application server for PHP. Prior to 1.11.2, wh ...)
+ TODO: check
+CVE-2026-24044 (Element Server Suite Community Edition (ESS Community) deploys a Matri ...)
+ TODO: check
+CVE-2026-22821 (mreporting is the more reporting GLPI plugin. Prior to 1.9.4, there is ...)
+ TODO: check
+CVE-2026-21722 (Public dashboards with annotations enabled did not limit their annotat ...)
+ TODO: check
+CVE-2026-21438 (webtransport-go is an implementation of the WebTransport protocol. Pri ...)
+ TODO: check
+CVE-2026-21435 (webtransport-go is an implementation of the WebTransport protocol. Pri ...)
+ TODO: check
+CVE-2026-21434 (webtransport-go is an implementation of the WebTransport protocol. Fro ...)
+ TODO: check
+CVE-2026-1671 (The Activity Log for WordPress plugin for WordPress is vulnerable to u ...)
+ TODO: check
+CVE-2026-1356 (The Converter for Media \u2013 Optimize images | Convert WebP & AVIF p ...)
+ TODO: check
+CVE-2026-1320 (The Secure Copy Content Protection and Content Locking plugin for Word ...)
+ TODO: check
+CVE-2026-1316 (The Customer Reviews for WooCommerce plugin for WordPress is vulnerabl ...)
+ TODO: check
+CVE-2026-1104 (The FastDup \u2013 Fastest WordPress Migration & Duplicator plugin for ...)
+ TODO: check
+CVE-2025-70981 (CordysCRM 1.4.1 is vulnerable to SQL Injection in the employee list qu ...)
+ TODO: check
+CVE-2025-70886 (An issue in halo v.2.22.4 and before allows a remote attacker to cause ...)
+ TODO: check
+CVE-2025-70314 (webfsd 1.21 is vulnerable to a Buffer Overflow via a crafted request. ...)
+ TODO: check
+CVE-2025-69807 (p2r3 Bareiron commit: 8e4d4020d is vulnerable to Buffer Overflow, whic ...)
+ TODO: check
+CVE-2025-69806 (p2r3 bareiron commit: 8e4d4020d contains an Out-of-bounds Read, which ...)
+ TODO: check
+CVE-2025-69752 (An issue in the "My Details" user profile functionality of Ideagen Q-P ...)
+ TODO: check
+CVE-2025-69634 (Cross Site Request Forgery vulnerability in Dolibarr ERP & CRM v.22.0. ...)
+ TODO: check
+CVE-2025-67433 (A heap buffer overflow in the processRequest function of Open TFTP Ser ...)
+ TODO: check
+CVE-2025-67432 (A stack overflow in the ZBarcode_Encode function of Monkeybread Softwa ...)
+ TODO: check
+CVE-2025-63421 (An issue in filosoft Comerc.32 Commercial Invoicing v.16.0.0.3 allows ...)
+ TODO: check
+CVE-2025-61880 (In Infoblox NIOS through 9.0.7, insecure deserialization can result in ...)
+ TODO: check
+CVE-2025-61879 (In Infoblox NIOS through 9.0.7, a High-Privileged User Can Trigger an ...)
+ TODO: check
+CVE-2025-56647 (npm @farmfe/core before 1.7.6 is Missing Origin Validation in WebSocke ...)
+ TODO: check
+CVE-2025-55210 (FreePBX is an open-source web-based graphical user interface (GUI) tha ...)
+ TODO: check
+CVE-2025-54756 (BrightSign players running BrightSign OS series 4 prior to v8.5.53.1 o ...)
+ TODO: check
+CVE-2025-54519 (A DLL hijacking vulnerability in Doc Nav could allow a local attacker ...)
+ TODO: check
+CVE-2025-52533 (Improper Access Control in an on-chip debug interface could allow a pr ...)
+ TODO: check
+CVE-2025-41117 (Stack traces in Grafana's Explore Traces view can be rendered as raw H ...)
+ TODO: check
+CVE-2025-15575 (The firmware update functionality does not verify the authenticity of ...)
+ TODO: check
+CVE-2025-15574 (When connecting to the Solax Cloud MQTT server the username is the "re ...)
+ TODO: check
+CVE-2025-15573 (The affected devices do not validate the server certificate when conne ...)
+ TODO: check
+CVE-2025-14014 (Unrestricted Upload of File with Dangerous Type vulnerability in NTN I ...)
+ TODO: check
+CVE-2025-13004 (Authorization Bypass Through User-Controlled Key vulnerability in Fark ...)
+ TODO: check
+CVE-2025-13002 (Improper Neutralization of Input During Web Page Generation (XSS or 'C ...)
+ TODO: check
+CVE-2025-10969 (Improper Neutralization of Special Elements used in an SQL Command ('S ...)
+ TODO: check
+CVE-2024-36319 (Debug code left active in AMD's Video Decoder Engine Firmware (VCN FW) ...)
+ TODO: check
+CVE-2023-31323 (Type confusion in the AMD Secure Processor (ASP) could allow an attack ...)
+ TODO: check
+CVE-2023-31313 (An unintended proxy or intermediary in the AMD power management firmwa ...)
+ TODO: check
+CVE-2019-25348 (Computrols CBAS-Web 19.0.0 contains a boolean-based blind SQL injectio ...)
+ TODO: check
+CVE-2019-25347 (thesystem App 1.0 contains a SQL injection vulnerability that allows a ...)
+ TODO: check
+CVE-2019-25346 (TheSystem 1.0 contains a SQL injection vulnerability that allows attac ...)
+ TODO: check
+CVE-2019-25345 (Realtek IIS Codec Service 6.4.10041.133 contains an unquoted service p ...)
+ TODO: check
+CVE-2019-25344 (Wondershare MobileGo 8.5.0 contains an insecure file permissions vulne ...)
+ TODO: check
+CVE-2019-25343 (NextVPN 4.10 contains an insecure file permissions vulnerability that ...)
+ TODO: check
+CVE-2026-2007 (Heap buffer overflow in PostgreSQL pg_trgm allows a database user to a ...)
- postgresql-18 18.2-1
- postgresql-17 <not-affected> (Vulnerable code not present)
- postgresql-15 <not-affected> (Vulnerable code not present)
@@ -6,7 +126,8 @@ CVE-2026-2007 [PostgreSQL pg_trgm heap buffer overflow writes pattern onto serve
NOTE: https://www.postgresql.org/about/news/postgresql-182-178-1612-1516-and-1421-released-3235/
NOTE: Fixed by: https://git.postgresql.org/gitweb/?p=postgresql.git;a=commit;h=18548681da38b2376d0c071d568b9d0c1f8b6ad2 (REL_18_2)
NOTE: Fixed by: https://git.postgresql.org/gitweb/?p=postgresql.git;a=commit;h=e0965fb1a8550716db08e2183560be3546851647 (REL_18_2)
-CVE-2026-2006 [PostgreSQL missing validation of multibyte character length executes arbitrary code]
+CVE-2026-2006 (Missing validation of multibyte character length in PostgreSQL text ma ...)
+ {DSA-6133-1 DSA-6132-1}
- postgresql-18 18.2-1
- postgresql-17 <removed>
- postgresql-15 <removed>
@@ -18,14 +139,16 @@ CVE-2026-2006 [PostgreSQL missing validation of multibyte character length execu
NOTE: Fixed by: https://git.postgresql.org/gitweb/?p=postgresql.git;a=commit;h=b0f5d25bc3679afaed69d367c72efd387c763d04 (REL_18_2)
NOTE: Fixed by: https://git.postgresql.org/gitweb/?p=postgresql.git;a=commit;h=b427091947e59788289e80f0ff4279cb7d32dab1 (REL_18_2)
NOTE: Fixed by: https://git.postgresql.org/gitweb/?p=postgresql.git;a=commit;h=4543b02af3d3077b8505d533dc51bd51fa47b34a (REL_18_2)
-CVE-2026-2005 [PostgreSQL pgcrypto heap buffer overflow executes arbitrary code]
+CVE-2026-2005 (Heap buffer overflow in PostgreSQL pgcrypto allows a ciphertext provid ...)
+ {DSA-6133-1 DSA-6132-1}
- postgresql-18 18.2-1
- postgresql-17 <removed>
- postgresql-15 <removed>
- postgresql-13 <removed>
NOTE: https://www.postgresql.org/about/news/postgresql-182-178-1612-1516-and-1421-released-3235/
NOTE: Fixed by: https://git.postgresql.org/gitweb/?p=postgresql.git;a=commit;h=209f387b81660e478eea147db9130af1d1c861f2 (REL_18_2)
-CVE-2026-2004 [PostgreSQL intarray missing validation of type of input to selectivity estimator executes arbitrary code]
+CVE-2026-2004 (Missing validation of type of input in PostgreSQL intarray extension s ...)
+ {DSA-6133-1 DSA-6132-1}
- postgresql-18 18.2-1
- postgresql-17 <removed>
- postgresql-15 <removed>
@@ -33,7 +156,8 @@ CVE-2026-2004 [PostgreSQL intarray missing validation of type of input to select
NOTE: https://www.postgresql.org/about/news/postgresql-182-178-1612-1516-and-1421-released-3235/
NOTE: Fixed by: https://git.postgresql.org/gitweb/?p=postgresql.git;a=commit;h=66ddac6982c6dc0369dc7b2d251f4d210d704a57 (REL_18_2)
NOTE: Fixed by: https://git.postgresql.org/gitweb/?p=postgresql.git;a=commit;h=b69af3dda26104b54d4e728c6946edcc79a8ac61 (REL_18_2)
-CVE-2026-2003 [PostgreSQL oidvector discloses a few bytes of memory]
+CVE-2026-2003 (Improper validation of type "oidvector" in PostgreSQL allows a databas ...)
+ {DSA-6133-1 DSA-6132-1}
- postgresql-18 18.2-1
- postgresql-17 <removed>
- postgresql-15 <removed>
@@ -41,6 +165,7 @@ CVE-2026-2003 [PostgreSQL oidvector discloses a few bytes of memory]
NOTE: https://www.postgresql.org/about/news/postgresql-182-178-1612-1516-and-1421-released-3235/
NOTE: Fixed by: https://git.postgresql.org/gitweb/?p=postgresql.git;a=commit;h=3b6588cd902faa967f61f539f057f9b7643cf6a5 (REL_18_2)
CVE-2026-26081 [BUG/MAJOR: quic: reject invalid token]
+ {DSA-6130-1}
- haproxy <unfixed>
[bookworm] - haproxy <not-affected> (Vulnerable code introduced later)
[bullseye] - haproxy <not-affected> (Vulnerable code introduced later)
@@ -3061,6 +3186,7 @@ CVE-2026-20098 (A vulnerability in the Certificate Management feature of Cisco M
CVE-2026-20056 (A vulnerability in the Dynamic Vectoring and Streaming (DVS) Engine im ...)
NOT-FOR-US: Cisco
CVE-2026-1642 (A vulnerability exists in NGINX OSS and NGINX Plus when configured to ...)
+ {DSA-6131-1}
- nginx 1.28.1-3 (bug #1127053)
[bullseye] - nginx <postponed> (Minor issue)
NOTE: https://www.openwall.com/lists/oss-security/2026/02/05/1
@@ -9375,7 +9501,7 @@ CVE-2025-46270 (A reflected cross-site scripting (xss) vulnerability exists in t
NOT-FOR-US: MedDream PACS Premium
CVE-2025-44000 (A reflected cross-site scripting (xss) vulnerability exists in the sen ...)
NOT-FOR-US: MedDream PACS Premium
-CVE-2025-41768 (On an instance of TwinCAT 3 HMI Server running on a device an authenti ...)
+CVE-2025-41768 (An high privileged remote attacker can inject arbitrary content into t ...)
NOT-FOR-US: TwinCAT 3 HMI Server
CVE-2025-41084 (Stored Cross-Site Scripting (XSS) vulnerability in Sesame web applicat ...)
NOT-FOR-US: Sesame web application
@@ -322369,8 +322495,8 @@ CVE-2022-3729 (A vulnerability, which was classified as critical, has been found
NOT-FOR-US: seccome Ehoney
CVE-2022-3728 (A vulnerability was reported in ThinkPad T14s Gen 3 and X13 Gen3 that ...)
NOT-FOR-US: Lenovo
-CVE-2023-20601
- RESERVED
+CVE-2023-20601 (Improper input validation within RAS TA Driver can allow a local attac ...)
+ TODO: check
CVE-2023-20600
RESERVED
CVE-2023-20599 (Improper register access control in ASP may allow a privileged attacke ...)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/0911dc89bb1699cf5ef5e61bc2d521cbbc95c02a
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/0911dc89bb1699cf5ef5e61bc2d521cbbc95c02a
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20260212/a21821be/attachment-0001.htm>
More information about the debian-security-tracker-commits
mailing list