[Git][security-tracker-team/security-tracker][master] automatic update
Salvatore Bonaccorso (@carnil)
carnil at debian.org
Thu Feb 19 08:13:13 GMT 2026
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
e0ca429a by security tracker role at 2026-02-19T08:13:07+00:00
automatic update
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,13 +1,323 @@
-CVE-2026-2650
+CVE-2026-2733 (A flaw was identified in the Docker v2 authentication endpoint of Keyc ...)
+ TODO: check
+CVE-2026-2731 (Path traversal and content injection in JobRunnerBackground.aspx in Dy ...)
+ TODO: check
+CVE-2026-2711 (A vulnerability has been found in zhutoutoutousan worldquant-miner up ...)
+ TODO: check
+CVE-2026-2709 (A flaw has been found in busy up to 2.5.5. The affected element is an ...)
+ TODO: check
+CVE-2026-2706 (A flaw has been found in code-projects Patient Record Management Syste ...)
+ TODO: check
+CVE-2026-2705 (A vulnerability was detected in Open Babel up to 3.1.1. The impacted e ...)
+ TODO: check
+CVE-2026-2704 (A security vulnerability has been detected in Open Babel up to 3.1.1. ...)
+ TODO: check
+CVE-2026-2703 (A weakness has been identified in xlnt-community xlnt up to 1.6.1. Imp ...)
+ TODO: check
+CVE-2026-2702 (A security flaw has been discovered in Beetel 777VR1 up to 01.00.09. T ...)
+ TODO: check
+CVE-2026-2693 (A vulnerability was determined in CoCoTeaNet CyreneAdmin up to 1.3.0. ...)
+ TODO: check
+CVE-2026-2692 (A vulnerability was found in CoCoTeaNet CyreneAdmin up to 1.3.0. This ...)
+ TODO: check
+CVE-2026-2691 (A vulnerability has been found in itsourcecode Event Management System ...)
+ TODO: check
+CVE-2026-2690 (A flaw has been found in itsourcecode Event Management System 1.0. Aff ...)
+ TODO: check
+CVE-2026-2689 (A vulnerability was detected in itsourcecode Event Management System 1 ...)
+ TODO: check
+CVE-2026-2686 (A security vulnerability has been detected in SECCN Dingcheng G10 3.1. ...)
+ TODO: check
+CVE-2026-2684 (A vulnerability was determined in Tsinghua Unigroup Electronic Archive ...)
+ TODO: check
+CVE-2026-2683 (A vulnerability was found in Tsinghua Unigroup Electronic Archives Sys ...)
+ TODO: check
+CVE-2026-2682 (A vulnerability has been found in Tsinghua Unigroup Electronic Archive ...)
+ TODO: check
+CVE-2026-2676 (A weakness has been identified in GoogTech sms-ssm up to e8534c766fd13 ...)
+ TODO: check
+CVE-2026-2672 (A security flaw has been discovered in Tsinghua Unigroup Electronic Ar ...)
+ TODO: check
+CVE-2026-2670 (A vulnerability was identified in Advantech WISE-6610 1.2.1_20251110. ...)
+ TODO: check
+CVE-2026-2669 (A vulnerability was determined in Rongzhitong Visual Integrated Comman ...)
+ TODO: check
+CVE-2026-2668 (A vulnerability was found in Rongzhitong Visual Integrated Command and ...)
+ TODO: check
+CVE-2026-2667 (A vulnerability has been found in Rongzhitong Visual Integrated Comman ...)
+ TODO: check
+CVE-2026-2666 (A flaw has been found in mingSoft MCMS 6.1.1. The affected element is ...)
+ TODO: check
+CVE-2026-2665 (A vulnerability was detected in huanzi-qch base-admin up to 57a8126bb3 ...)
+ TODO: check
+CVE-2026-2504 (The Dealia \u2013 Request a quote plugin for WordPress is vulnerable t ...)
+ TODO: check
+CVE-2026-2502 (The xmlrpc attacks blocker plugin for WordPress is vulnerable to Store ...)
+ TODO: check
+CVE-2026-2284 (The News Element Elementor Blog Magazine plugin for WordPress is vulne ...)
+ TODO: check
+CVE-2026-2282 (The Slidorion plugin for WordPress is vulnerable to Stored Cross-Site ...)
+ TODO: check
+CVE-2026-27182 (Saturn Remote Mouse Server contains a command injection vulnerability ...)
+ TODO: check
+CVE-2026-27181 (MajorDoMo (aka Major Domestic Module) allows unauthenticated arbitrary ...)
+ TODO: check
+CVE-2026-27180 (MajorDoMo (aka Major Domestic Module) is vulnerable to unauthenticated ...)
+ TODO: check
+CVE-2026-27179 (MajorDoMo (aka Major Domestic Module) contains an unauthenticated SQL ...)
+ TODO: check
+CVE-2026-27178 (MajorDoMo (aka Major Domestic Module) contains a stored cross-site scr ...)
+ TODO: check
+CVE-2026-27177 (MajorDoMo (aka Major Domestic Module) contains a stored cross-site scr ...)
+ TODO: check
+CVE-2026-27176 (MajorDoMo (aka Major Domestic Module) contains a reflected cross-site ...)
+ TODO: check
+CVE-2026-27175 (MajorDoMo (aka Major Domestic Module) is vulnerable to unauthenticated ...)
+ TODO: check
+CVE-2026-27174 (MajorDoMo (aka Major Domestic Module) allows unauthenticated remote co ...)
+ TODO: check
+CVE-2026-26281 (InvoicePlane is a self-hosted open source application for managing inv ...)
+ TODO: check
+CVE-2026-26270 (InvoicePlane is a self-hosted open source application for managing inv ...)
+ TODO: check
+CVE-2026-25926 (Notepad++ is a free and open-source source code editor. An Unsafe Sear ...)
+ TODO: check
+CVE-2026-25596 (InvoicePlane is a self-hosted open source application for managing inv ...)
+ TODO: check
+CVE-2026-25595 (InvoicePlane is a self-hosted open source application for managing inv ...)
+ TODO: check
+CVE-2026-25594 (InvoicePlane is a self-hosted open source application for managing inv ...)
+ TODO: check
+CVE-2026-25548 (InvoicePlane is a self-hosted open source application for managing inv ...)
+ TODO: check
+CVE-2026-25474 (OpenClaw is a personal AI assistant. In versions 2026.1.30 and below, ...)
+ TODO: check
+CVE-2026-25242 (Gogs is an open source self-hosted Git service. Versions 0.13.4 and be ...)
+ TODO: check
+CVE-2026-25232 (Gogs is an open source self-hosted Git service. Versions 0.13.4 and be ...)
+ TODO: check
+CVE-2026-25229 (Gogs is an open source self-hosted Git service. Versions 0.13.4 and be ...)
+ TODO: check
+CVE-2026-25120 (Gogs is an open source self-hosted Git service. In versions 0.13.4 and ...)
+ TODO: check
+CVE-2026-24764 (OpenClaw (formerly Clawdbot) is a personal AI assistant users run on t ...)
+ TODO: check
+CVE-2026-24746 (InvoicePlane is a self-hosted open source application for managing inv ...)
+ TODO: check
+CVE-2026-24745 (InvoicePlane is a self-hosted open source application for managing inv ...)
+ TODO: check
+CVE-2026-24744 (InvoicePlane is a self-hosted open source application for managing inv ...)
+ TODO: check
+CVE-2026-24743 (InvoicePlane is a self-hosted open source application for managing inv ...)
+ TODO: check
+CVE-2026-24126 (Weblate is a web based localization tool. Prior to 5.16.0, the SSH man ...)
+ TODO: check
+CVE-2026-1999 (An incorrect authorization vulnerability was identified in GitHub Ente ...)
+ TODO: check
+CVE-2026-1994 (The s2Member plugin for WordPress is vulnerable to privilege escalatio ...)
+ TODO: check
+CVE-2026-1646 (The Advance Block Extend plugin for WordPress is vulnerable to Stored ...)
+ TODO: check
+CVE-2026-1455 (The Whatsiplus Scheduled Notification for Woocommerce plugin for WordP ...)
+ TODO: check
+CVE-2026-1405 (The Slider Future plugin for WordPress is vulnerable to arbitrary file ...)
+ TODO: check
+CVE-2026-1373 (The Easy Author Image plugin for WordPress is vulnerable to Stored Cro ...)
+ TODO: check
+CVE-2026-1355 (A Missing Authorization vulnerability was identified in GitHub Enterpr ...)
+ TODO: check
+CVE-2026-1055 (The TalkJS plugin for WordPress is vulnerable to Stored Cross-Site Scr ...)
+ TODO: check
+CVE-2026-1047 (The salavat counter Plugin plugin for WordPress is vulnerable to Store ...)
+ TODO: check
+CVE-2026-1044 (The Tennis Court Bookings plugin for WordPress is vulnerable to Stored ...)
+ TODO: check
+CVE-2026-1043 (The PostmarkApp Email Integrator plugin for WordPress is vulnerable to ...)
+ TODO: check
+CVE-2026-0974 (The Orderable \u2013 WordPress Restaurant Online Ordering System and F ...)
+ TODO: check
+CVE-2026-0926 (The Prodigy Commerce plugin for WordPress is vulnerable to Local File ...)
+ TODO: check
+CVE-2026-0912 (The Toret Manager plugin for WordPress is vulnerable to unauthorized m ...)
+ TODO: check
+CVE-2026-0722 (The Shield Security plugin for WordPress is vulnerable to Cross-Site R ...)
+ TODO: check
+CVE-2026-0573 (An URL redirection vulnerability was identified in GitHub Enterprise S ...)
+ TODO: check
+CVE-2026-0561 (The Shield Security plugin for WordPress is vulnerable to Reflected Cr ...)
+ TODO: check
+CVE-2026-0556 (The XO Event Calendar plugin for WordPress is vulnerable to Stored Cro ...)
+ TODO: check
+CVE-2026-0549 (The Groups plugin for WordPress is vulnerable to Stored Cross-Site Scr ...)
+ TODO: check
+CVE-2025-4960 (The com.epson.InstallNavi.helper tool, deployed with the EPSON printer ...)
+ TODO: check
+CVE-2025-4521 (The IDonate \u2013 Blood Donation, Request And Donor Management System ...)
+ TODO: check
+CVE-2025-15586 (OGP-Website installs prior git commit 52f865a4fba763594453068acf8fa9e3 ...)
+ TODO: check
+CVE-2025-15585 (Fileflows versions before 25.05.2 are affected by an authenticated SQL ...)
+ TODO: check
+CVE-2025-15581 (Orthanc versions before 1.12.10 are affected by an authorisation logic ...)
+ TODO: check
+CVE-2025-15041 (The BackWPup \u2013 WordPress Backup & Restore Plugin plugin for WordP ...)
+ TODO: check
+CVE-2025-14983 (The Advanced Custom Fields: Font Awesome Field plugin for WordPress is ...)
+ TODO: check
+CVE-2025-14864 (The Virusdie - One-click website security plugin for WordPress is vuln ...)
+ TODO: check
+CVE-2025-14851 (The YaMaps for WordPress plugin for WordPress is vulnerable to Stored ...)
+ TODO: check
+CVE-2025-14452 (The WP Customer Reviews plugin for WordPress is vulnerable to Reflecte ...)
+ TODO: check
+CVE-2025-14445 (The Image Hotspot by DevVN plugin for WordPress is vulnerable to Store ...)
+ TODO: check
+CVE-2025-14427 (The Shield Security: Blocks Bots, Protects Users, and Prevents Securit ...)
+ TODO: check
+CVE-2025-14357 (The Mega Store Woocommerce theme for WordPress is vulnerable to unauth ...)
+ TODO: check
+CVE-2025-14342 (The SEO Plugin by Squirrly SEO plugin for WordPress is vulnerable to u ...)
+ TODO: check
+CVE-2025-14294 (The Razorpay for WooCommerce plugin for WordPress is vulnerable to una ...)
+ TODO: check
+CVE-2025-14270 (The OneClick Chat to Order plugin for WordPress is vulnerable to autho ...)
+ TODO: check
+CVE-2025-14167 (The Remove Post Type Slug plugin for WordPress is vulnerable to Cross- ...)
+ TODO: check
+CVE-2025-14076 (The iXML \u2013 Google XML sitemap generator plugin for WordPress is v ...)
+ TODO: check
+CVE-2025-13930 (The Checkout Field Manager (Checkout Manager) for WooCommerce plugin f ...)
+ TODO: check
+CVE-2025-13864 (The Breeze - WordPress Cache Plugin plugin for WordPress is vulnerable ...)
+ TODO: check
+CVE-2025-13851 (The Buyent Classified plugin for WordPress (bundled with Buyent theme) ...)
+ TODO: check
+CVE-2025-13842 (The Breadcrumb NavXT plugin for WordPress is vulnerable to authorizati ...)
+ TODO: check
+CVE-2025-13738 (The Easy Table of Contents plugin for WordPress is vulnerable to Store ...)
+ TODO: check
+CVE-2025-13732 (The s2Member \u2013 Excellent for All Kinds of Memberships, Content Re ...)
+ TODO: check
+CVE-2025-13617 (The Apollo13 Framework Extensions plugin for WordPress is vulnerable t ...)
+ TODO: check
+CVE-2025-13612 (The Album and Image Gallery plus Lightbox plugin for WordPress is vuln ...)
+ TODO: check
+CVE-2025-13603 (The WP AUDIO GALLERY plugin for WordPress is vulnerable to Unauthorize ...)
+ TODO: check
+CVE-2025-13587 (The Two Factor (2FA) Authentication via Email plugin for WordPress is ...)
+ TODO: check
+CVE-2025-13563 (The Lizza LMS Pro plugin for WordPress is vulnerable to Privilege Esca ...)
+ TODO: check
+CVE-2025-13438 (The Page Title, Description & Open Graph Updater plugin for WordPress ...)
+ TODO: check
+CVE-2025-13413 (The Country Blocker for AdSense plugin for WordPress is vulnerable to ...)
+ TODO: check
+CVE-2025-13113 (The Web Accessibility by accessiBe plugin for WordPress is vulnerable ...)
+ TODO: check
+CVE-2025-13091 (The Shopire theme for WordPress is vulnerable to unauthorized modifica ...)
+ TODO: check
+CVE-2025-13079 (The Popup Builder \u2013 Create highly converting, mobile friendly mar ...)
+ TODO: check
+CVE-2025-13048 (The StatCounter \u2013 Free Real Time Visitor Stats plugin for WordPre ...)
+ TODO: check
+CVE-2025-12975 (The CTX Feed \u2013 WooCommerce Product Feed Manager plugin for WordPr ...)
+ TODO: check
+CVE-2025-12884 (The Advanced Ads \u2013 Ad Manager & AdSense plugin for WordPress is v ...)
+ TODO: check
+CVE-2025-12882 (The Clasifico Listing plugin for WordPress is vulnerable to privilege ...)
+ TODO: check
+CVE-2025-12845 (The Tablesome Table \u2013 Contact Form DB \u2013 WPForms, CF7, Gravit ...)
+ TODO: check
+CVE-2025-12821 (The NewsBlogger theme for WordPress is vulnerable to Cross-Site Reques ...)
+ TODO: check
+CVE-2025-12812 (Improper Neutralization of Special Elements used in an SQL Command ('S ...)
+ TODO: check
+CVE-2025-12811 (Improper Inconsistent Interpretation of HTTP Requests ('HTTP Request S ...)
+ TODO: check
+CVE-2025-12707 (The Library Management System plugin for WordPress is vulnerable to SQ ...)
+ TODO: check
+CVE-2025-12500 (The Checkout Field Manager (Checkout Manager) for WooCommerce plugin f ...)
+ TODO: check
+CVE-2025-12451 (The Easy SVG Support plugin for WordPress is vulnerable to Stored Cros ...)
+ TODO: check
+CVE-2025-12448 (The Smartsupp \u2013 live chat, AI shopping assistant and chatbots plu ...)
+ TODO: check
+CVE-2025-12375 (The Printful Integration for WooCommerce plugin for WordPress is vulne ...)
+ TODO: check
+CVE-2025-12172 (The Mailchimp List Subscribe Form plugin for WordPress is vulnerable t ...)
+ TODO: check
+CVE-2025-12117 (The Renden theme for WordPress is vulnerable to Stored Cross-Site Scri ...)
+ TODO: check
+CVE-2025-12116 (The Drift theme for WordPress is vulnerable to Stored Cross-Site Scrip ...)
+ TODO: check
+CVE-2025-12081 (The ACF Photo Gallery Field plugin for WordPress is vulnerable to unau ...)
+ TODO: check
+CVE-2025-12027 (The Mesmerize Companion plugin for WordPress is vulnerable to unauthor ...)
+ TODO: check
+CVE-2025-11754 (The GDPR Cookie Consent plugin for WordPress is vulnerable to unauthor ...)
+ TODO: check
+CVE-2025-11725 (The Aruba HiSpeed Cache plugin for WordPress is vulnerable to unauthor ...)
+ TODO: check
+CVE-2025-11706 (The Aruba HiSpeed Cache plugin for WordPress is vulnerable to Reflecte ...)
+ TODO: check
+CVE-2019-25401 (Bematech (formerly Logic Controls, now Elgin) MP-4200 TH printer conta ...)
+ TODO: check
+CVE-2019-25400 (IPFire 2.21 Core Update 127 contains multiple reflected cross-site scr ...)
+ TODO: check
+CVE-2019-25399 (IPFire 2.21 Core Update 127 contains multiple stored cross-site script ...)
+ TODO: check
+CVE-2019-25398 (IPFire 2.21 Core Update 127 contains multiple cross-site scripting vul ...)
+ TODO: check
+CVE-2019-25397 (IPFire 2.21 Core Update 127 contains multiple reflected cross-site scr ...)
+ TODO: check
+CVE-2019-25396 (IPFire 2.21 Core Update 127 contains a reflected cross-site scripting ...)
+ TODO: check
+CVE-2019-25365 (ChaosPro 2.0 contains a buffer overflow vulnerability in the configura ...)
+ TODO: check
+CVE-2019-25364 (MailCarrier 2.51 contains a buffer overflow vulnerability in the POP3 ...)
+ TODO: check
+CVE-2019-25363 (WMV to AVI MPEG DVD WMV Convertor 4.6.1217 contains a buffer overflow ...)
+ TODO: check
+CVE-2019-25362 (WMV to AVI MPEG DVD WMV Convertor 4.6.1217 contains a buffer overflow ...)
+ TODO: check
+CVE-2019-25361 (Ayukov NFTP client 1.71 contains a buffer overflow vulnerability in th ...)
+ TODO: check
+CVE-2019-25360 (Aida64 Engineer 6.10.5200 contains a buffer overflow vulnerability in ...)
+ TODO: check
+CVE-2019-25359 (SD.NET RIM versions before 4.7.3c contain a SQL injection vulnerabilit ...)
+ TODO: check
+CVE-2019-25358 (FileOptimizer 14.00.2524 contains a denial of service vulnerability th ...)
+ TODO: check
+CVE-2019-25357 (Control Center PRO 6.2.9 contains a stack-based buffer overflow vulner ...)
+ TODO: check
+CVE-2019-25356 (Bematech (formerly Logic Controls, now Elgin) MP-4200 TH printer conta ...)
+ TODO: check
+CVE-2019-25355 (gSOAP 2.8 contains a directory traversal vulnerability that allows una ...)
+ TODO: check
+CVE-2019-25354 (iSmartViewPro 1.3.34 contains a denial of service vulnerability that a ...)
+ TODO: check
+CVE-2019-25353 (Foscam Video Management System 1.1.4.9 contains a denial of service vu ...)
+ TODO: check
+CVE-2019-25352 (Crystal Live HTTP Server 6.01 contains a directory traversal vulnerabi ...)
+ TODO: check
+CVE-2019-25351 (Centova Cast 3.2.11 contains a file download vulnerability that allows ...)
+ TODO: check
+CVE-2019-25350 (XMedia Recode 3.4.8.6 contains a denial of service vulnerability that ...)
+ TODO: check
+CVE-2019-25349 (ScadaApp for iOS 1.1.4.0 contains a denial of service vulnerability th ...)
+ TODO: check
+CVE-2019-25326 (ipPulse 1.92 contains a denial of service vulnerability that allows lo ...)
+ TODO: check
+CVE-2026-2650 (Heap buffer overflow in Media in Google Chrome prior to 145.0.7632.109 ...)
- chromium <unfixed>
[bullseye] - chromium <end-of-life> (see #1061268)
-CVE-2026-2649
+CVE-2026-2649 (Integer overflow in V8 in Google Chrome prior to 145.0.7632.109 allowe ...)
- chromium <unfixed>
[bullseye] - chromium <end-of-life> (see #1061268)
-CVE-2026-2648
+CVE-2026-2648 (Heap buffer overflow in PDFium in Google Chrome prior to 145.0.7632.10 ...)
- chromium <unfixed>
[bullseye] - chromium <end-of-life> (see #1061268)
-CVE-2026-2681
+CVE-2026-2681 (A flaw was found in the blst cryptographic library. This out-of-bounds ...)
- golang-github-supranational-blst <itp> (bug #1109308)
CVE-2026-2663 (A security vulnerability has been detected in Alixhan xh-admin-backend ...)
NOT-FOR-US: Alixhan xh-admin-backend
@@ -11173,7 +11483,7 @@ CVE-2026-22977 (In the Linux kernel, the following vulnerability has been resolv
{DSA-6127-1 DSA-6126-1 DLA-4476-1 DLA-4475-1}
- linux 6.18.8-1
NOTE: https://git.kernel.org/linus/2a71a1a8d0ed718b1c7a9ac61f07e5755c47ae20 (6.19-rc5)
-CVE-2026-1200
+CVE-2026-1200 (A flaw was found in the rgaufman/live555 fork of live555. A remote att ...)
- liblivemedia <removed>
CVE-2026-1190 (A flaw was found in Keycloak's SAML brokering functionality. When Keyc ...)
- keycloak <itp> (bug #1088287)
@@ -15132,7 +15442,7 @@ CVE-2026-22695 (LIBPNG is a reference library for use in applications that read,
NOTE: Fixed by: https://github.com/pnggroup/libpng/commit/e4f7ad4ea2a471776c81dda4846b7691925d9786
NOTE: Introducing fix for CVE-2025-65018 got backported into older suites
NOTE: https://github.com/pnggroup/libpng/issues/778
-CVE-2026-0665 [qemu: Heap off-by-one in KVM Xen PHYSDEVOP_map_pirq]
+CVE-2026-0665 (An off-by-one error was found in QEMU's KVM Xen guest support. A malic ...)
- qemu 1:10.2.0+ds-2 (bug #1125423)
[trixie] - qemu <no-dsa> (Minor issue)
[bookworm] - qemu <not-affected> (Vulnerable code introduced later)
@@ -24873,7 +25183,7 @@ CVE-2025-13008 (An information disclosure vulnerability in M-Files Server before
NOT-FOR-US: M-Files
CVE-2025-11774 (Improper Neutralization of Special Elements used in an OS Command ('OS ...)
NOT-FOR-US: Mitsubishi
-CVE-2025-14876
+CVE-2025-14876 (A flaw was found in the virtio-crypto device of QEMU. A malicious gues ...)
- qemu 1:10.2.1+ds-1 (bug #1123670)
[trixie] - qemu <no-dsa> (Minor issue)
[bookworm] - qemu <no-dsa> (Minor issue)
@@ -43814,7 +44124,7 @@ CVE-2025-10150 (Webserver crash caused by scanning on TCP port 80 in Softing Ind
NOT-FOR-US: Softing
CVE-2025-10145
REJECTED
-CVE-2025-12343
+CVE-2025-12343 (A flaw was found in FFmpeg\u2019s TensorFlow backend within the libavf ...)
{DSA-6007-1}
- ffmpeg 7:7.1.2-1
[bookworm] - ffmpeg <not-affected> (Vulnerable code not present)
@@ -61563,7 +61873,7 @@ CVE-2025-39792 (In the Linux kernel, the following vulnerability has been resolv
[bookworm] - linux <not-affected> (Vulnerable code not present)
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/2df7168717b7d2d32bcf017c68be16e4aae9dd13 (6.17-rc1)
-CVE-2025-10256
+CVE-2025-10256 (A NULL pointer dereference vulnerability exists in FFmpeg\u2019s Fireq ...)
{DSA-6007-1 DLA-4440-1}
- ffmpeg 7:7.1.2-1
[bookworm] - ffmpeg <postponed> (Minor issue, wait until it's fixed in the 5.1 branch)
@@ -71801,7 +72111,7 @@ CVE-2025-49456 (Race condition in the installer for certain Zoom Clients for Win
NOT-FOR-US: Zoom
CVE-2025-0818 (Several WordPress plugins using elFinder versions 2.1.64 and prior are ...)
NOT-FOR-US: WordPress plugin
-CVE-2025-8860
+CVE-2025-8860 (A flaw was found in QEMU in the uefi-vars virtual device. When the gue ...)
[experimental] - qemu 1:10.1.0~rc3+ds-1
- qemu 1:10.0.3+ds-4 (bug #1111030)
[trixie] - qemu <no-dsa> (Minor issue)
@@ -130311,7 +130621,7 @@ CVE-2023-34397 (Mercedes Benz head-unit NTG 6 contains functions to import or ex
NOT-FOR-US: Mercedes Benz NTG
CVE-2025-1057 (A flaw was found in Keylime, a remote attestation solution, where stri ...)
NOT-FOR-US: Keylime
-CVE-2025-1272
+CVE-2025-1272 (The Linux Kernel lockdown mode for kernel versions starting on 6.12 an ...)
- linux <not-affected> (Red Hat specific lockdown regression)
NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=2345615
NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=2333706
@@ -135885,7 +136195,7 @@ CVE-2024-11913 (The Activity Plus Reloaded for BuddyPress plugin for WordPress i
NOT-FOR-US: WordPress plugin
CVE-2024-10324 (The RomethemeKit For Elementor plugin for WordPress is vulnerable to S ...)
NOT-FOR-US: WordPress plugin
-CVE-2025-0577
+CVE-2025-0577 (An insufficient entropy vulnerability was found in glibc. The getrando ...)
- glibc <not-affected> (Doesn't affect any released version of glibc)
NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=2338871
CVE-2025-23012 (Fedora Repository 3.8.x includes a service account (fedoraIntCallUser) ...)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/e0ca429a21cc0fe2579e14bf3355596f2b7d651d
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/e0ca429a21cc0fe2579e14bf3355596f2b7d651d
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20260219/ceb4873e/attachment-0001.htm>
More information about the debian-security-tracker-commits
mailing list