[Git][security-tracker-team/security-tracker][master] auto-nfu: Extend Oracle rule
Moritz Muehlenhoff (@jmm)
jmm at debian.org
Wed Jun 17 10:54:47 BST 2026
Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker
Commits:
2359579d by Moritz Muehlenhoff at 2026-06-17T11:54:17+02:00
auto-nfu: Extend Oracle rule
- - - - -
2 changed files:
- data/CVE/list
- data/packages/nfu.yaml
Changes:
=====================================
data/CVE/list
=====================================
@@ -59,15 +59,15 @@ CVE-2026-46976 (Vulnerability in the Oracle Public Sector Payroll product of Ora
CVE-2026-46974 (Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualiza ...)
- virtualbox <unfixed>
CVE-2026-46973 (Vulnerability in the Oracle Outsourced Mfg for Discrete Industries pro ...)
- TODO: check
+ NOT-FOR-US: Oracle
CVE-2026-46972 (Vulnerability in the Oracle Outsourced Mfg for Discrete Industries pro ...)
- TODO: check
+ NOT-FOR-US: Oracle
CVE-2026-46971 (Vulnerability in the Oracle HR Intelligence product of Oracle E-Busine ...)
NOT-FOR-US: Oracle
CVE-2026-46970 (Vulnerability in the Oracle HR Intelligence product of Oracle E-Busine ...)
NOT-FOR-US: Oracle
CVE-2026-46969 (Vulnerability in the Oracle Financials for EMEA product of Oracle E-Bu ...)
- TODO: check
+ NOT-FOR-US: Oracle
CVE-2026-46967 (Vulnerability in the Oracle Public Sector Financials (International) p ...)
NOT-FOR-US: Oracle
CVE-2026-46966 (Vulnerability in the Oracle Universal Work Queue product of Oracle E-B ...)
@@ -95,7 +95,7 @@ CVE-2026-46956 (Vulnerability in the Oracle Property Manager product of Oracle E
CVE-2026-46955 (Vulnerability in the Oracle Human Resources product of Oracle E-Busine ...)
NOT-FOR-US: Oracle
CVE-2026-46953 (Vulnerability in the Oracle HRMS (UK) product of Oracle E-Business Sui ...)
- TODO: check
+ NOT-FOR-US: Oracle
CVE-2026-46952 (Vulnerability in the Oracle Quality product of Oracle E-Business Suite ...)
NOT-FOR-US: Oracle
CVE-2026-46951 (Vulnerability in the Oracle Quality product of Oracle E-Business Suite ...)
@@ -133,13 +133,13 @@ CVE-2026-46932 (Vulnerability in the Oracle Enterprise Asset Management product
CVE-2026-46931 (Vulnerability in the Oracle Enterprise Asset Management product of Ora ...)
NOT-FOR-US: Oracle
CVE-2026-46930 (Vulnerability in the Oracle In-Memory Cost Management for Discrete Ind ...)
- TODO: check
+ NOT-FOR-US: Oracle
CVE-2026-46929 (Vulnerability in the Oracle Cost Management product of Oracle E-Busine ...)
NOT-FOR-US: Oracle
CVE-2026-46928 (Vulnerability in the Oracle Spares Management product of Oracle E-Busi ...)
- TODO: check
+ NOT-FOR-US: Oracle
CVE-2026-46927 (Vulnerability in the Oracle Receivables product of Oracle E-Business S ...)
- TODO: check
+ NOT-FOR-US: Oracle
CVE-2026-46926 (Vulnerability in the Siebel CRM Cloud Applications product of Oracle S ...)
NOT-FOR-US: Oracle
CVE-2026-46925 (Vulnerability in the Siebel CRM Cloud Applications product of Oracle S ...)
@@ -367,15 +367,15 @@ CVE-2026-46786 (Vulnerability in the Oracle WebCenter Content product of Oracle
CVE-2026-46785 (Vulnerability in the Oracle WebCenter Content product of Oracle Fusion ...)
NOT-FOR-US: Oracle
CVE-2026-46784 (Vulnerability in the WebCenter Content: Imaging product of Oracle Fusi ...)
- TODO: check
+ NOT-FOR-US: Oracle
CVE-2026-46783 (Vulnerability in the WebCenter Content: Imaging product of Oracle Fusi ...)
- TODO: check
+ NOT-FOR-US: Oracle
CVE-2026-46782 (Vulnerability in the Oracle WebCenter Enterprise Capture product of Or ...)
NOT-FOR-US: Oracle
CVE-2026-46781 (Vulnerability in the Oracle WebCenter Enterprise Capture product of Or ...)
NOT-FOR-US: Oracle
CVE-2026-46780 (Vulnerability in the WebCenter Content: Imaging product of Oracle Fusi ...)
- TODO: check
+ NOT-FOR-US: Oracle
CVE-2026-46779 (Vulnerability in the Oracle WebCenter Enterprise Capture product of Or ...)
NOT-FOR-US: Oracle
CVE-2026-46778 (Vulnerability in the Oracle WebCenter Enterprise Capture product of Or ...)
@@ -383,11 +383,11 @@ CVE-2026-46778 (Vulnerability in the Oracle WebCenter Enterprise Capture product
CVE-2026-46777 (Vulnerability in the Oracle WebCenter Content product of Oracle Fusion ...)
NOT-FOR-US: Oracle
CVE-2026-46776 (Vulnerability in the Oracle Unified Directory product of Oracle Fusion ...)
- TODO: check
+ NOT-FOR-US: Oracle
CVE-2026-46774 (Vulnerability in the Oracle Unified Directory product of Oracle Fusion ...)
- TODO: check
+ NOT-FOR-US: Oracle
CVE-2026-46773 (Vulnerability in the Oracle Unified Directory product of Oracle Fusion ...)
- TODO: check
+ NOT-FOR-US: Oracle
CVE-2026-46772 (Vulnerability in the Oracle Application Development Framework (ADF) pr ...)
NOT-FOR-US: Oracle
CVE-2026-46771 (Vulnerability in the Oracle Application Development Framework (ADF) pr ...)
@@ -491,35 +491,35 @@ CVE-2026-35314 (Vulnerability in the Oracle Access Manager product of Oracle Fus
CVE-2026-35313 (Vulnerability in the Oracle Access Manager product of Oracle Fusion Mi ...)
NOT-FOR-US: Oracle
CVE-2026-35312 (Vulnerability in the Oracle Virtual Directory product of Oracle Fusion ...)
- TODO: check
+ NOT-FOR-US: Oracle
CVE-2026-35311 (Vulnerability in the WebLogic Server product of Oracle Fusion Middlewa ...)
- TODO: check
+ NOT-FOR-US: Oracle
CVE-2026-35310 (Vulnerability in the Oracle Coherence product of Oracle Fusion Middlew ...)
- TODO: check
+ NOT-FOR-US: Oracle
CVE-2026-35309 (Vulnerability in the Oracle Coherence product of Oracle Fusion Middlew ...)
- TODO: check
+ NOT-FOR-US: Oracle
CVE-2026-35308 (Vulnerability in the Oracle Coherence product of Oracle Fusion Middlew ...)
- TODO: check
+ NOT-FOR-US: Oracle
CVE-2026-35307 (Vulnerability in the Oracle Coherence product of Oracle Fusion Middlew ...)
- TODO: check
+ NOT-FOR-US: Oracle
CVE-2026-35306 (Vulnerability in the Oracle Coherence product of Oracle Fusion Middlew ...)
- TODO: check
+ NOT-FOR-US: Oracle
CVE-2026-35305 (Vulnerability in the Oracle Coherence product of Oracle Fusion Middlew ...)
- TODO: check
+ NOT-FOR-US: Oracle
CVE-2026-35304 (Vulnerability in the Oracle Coherence product of Oracle Fusion Middlew ...)
- TODO: check
+ NOT-FOR-US: Oracle
CVE-2026-35303 (Vulnerability in the WebLogic Server product of Oracle Fusion Middlewa ...)
- TODO: check
+ NOT-FOR-US: Oracle
CVE-2026-35302 (Vulnerability in the WebLogic Server product of Oracle Fusion Middlewa ...)
- TODO: check
+ NOT-FOR-US: Oracle
CVE-2026-35301 (Vulnerability in the WebLogic Server product of Oracle Fusion Middlewa ...)
- TODO: check
+ NOT-FOR-US: Oracle
CVE-2026-35300 (Vulnerability in the WebLogic Server product of Oracle Fusion Middlewa ...)
- TODO: check
+ NOT-FOR-US: Oracle
CVE-2026-35299 (Vulnerability in the WebLogic Server product of Oracle Fusion Middlewa ...)
- TODO: check
+ NOT-FOR-US: Oracle
CVE-2026-35298 (Vulnerability in the WebLogic Server product of Oracle Fusion Middlewa ...)
- TODO: check
+ NOT-FOR-US: Oracle
CVE-2026-35296 (Vulnerability in the Oracle WebCenter Sites product of Oracle Fusion M ...)
NOT-FOR-US: Oracle
CVE-2026-35295 (Vulnerability in the Oracle WebCenter Sites product of Oracle Fusion M ...)
@@ -529,13 +529,13 @@ CVE-2026-35294 (Vulnerability in the Identity Manager Connector product of Oracl
CVE-2026-35293 (Vulnerability in the Oracle WebCenter Sites product of Oracle Fusion M ...)
NOT-FOR-US: Oracle
CVE-2026-35292 (Vulnerability in the WebLogic Server product of Oracle Fusion Middlewa ...)
- TODO: check
+ NOT-FOR-US: Oracle
CVE-2026-35291 (Vulnerability in the WebLogic Server product of Oracle Fusion Middlewa ...)
- TODO: check
+ NOT-FOR-US: Oracle
CVE-2026-35289 (Vulnerability in the PeopleSoft Enterprise PT PeopleTools product of O ...)
- TODO: check
+ NOT-FOR-US: Oracle
CVE-2026-35288 (Vulnerability in the PeopleSoft Enterprise PT PeopleTools product of O ...)
- TODO: check
+ NOT-FOR-US: Oracle
CVE-2026-35286 (Vulnerability in the Oracle WebCenter Content product of Oracle Fusion ...)
NOT-FOR-US: Oracle
CVE-2026-35285 (Vulnerability in the Oracle WebCenter Enterprise Capture product of Or ...)
@@ -551,19 +551,19 @@ CVE-2026-35281 (Vulnerability in the Oracle WebCenter Enterprise Capture product
CVE-2026-35280 (Vulnerability in the Oracle WebCenter Enterprise Capture product of Or ...)
NOT-FOR-US: Oracle
CVE-2026-35279 (Vulnerability in the PeopleSoft Enterprise PT PeopleTools product of O ...)
- TODO: check
+ NOT-FOR-US: Oracle
CVE-2026-35278 (Vulnerability in the PeopleSoft Enterprise PT PeopleTools product of O ...)
- TODO: check
+ NOT-FOR-US: Oracle
CVE-2026-35276 (Vulnerability in the PeopleSoft Enterprise PT PeopleTools product of O ...)
- TODO: check
+ NOT-FOR-US: Oracle
CVE-2026-35275 (Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualiza ...)
- virtualbox <unfixed>
CVE-2026-35274 (Vulnerability in the PeopleSoft Enterprise PT PeopleTools product of O ...)
- TODO: check
+ NOT-FOR-US: Oracle
CVE-2026-35272 (Vulnerability in the PeopleSoft Enterprise PT PeopleTools product of O ...)
- TODO: check
+ NOT-FOR-US: Oracle
CVE-2026-35271 (Vulnerability in the PeopleSoft Enterprise PT PeopleTools product of O ...)
- TODO: check
+ NOT-FOR-US: Oracle
CVE-2026-35270 (Vulnerability in the Oracle WebCenter Content product of Oracle Fusion ...)
NOT-FOR-US: Oracle
CVE-2026-35269 (Vulnerability in the Identity Manager product of Oracle Fusion Middlew ...)
@@ -575,15 +575,15 @@ CVE-2026-35267 (Vulnerability in the Identity Manager product of Oracle Fusion M
CVE-2026-35265 (Vulnerability in the Identity Manager product of Oracle Fusion Middlew ...)
NOT-FOR-US: Oracle
CVE-2026-35263 (Vulnerability in the WebLogic Server product of Oracle Fusion Middlewa ...)
- TODO: check
+ NOT-FOR-US: Oracle
CVE-2026-35262 (Vulnerability in the Oracle Data Integrator product of Oracle Fusion M ...)
TODO: check
CVE-2026-35261 (Vulnerability in the Oracle Access Manager product of Oracle Fusion Mi ...)
NOT-FOR-US: Oracle
CVE-2026-35259 (Vulnerability in the WebLogic Server product of Oracle Fusion Middlewa ...)
- TODO: check
+ NOT-FOR-US: Oracle
CVE-2026-35258 (Vulnerability in the WebLogic Server product of Oracle Fusion Middlewa ...)
- TODO: check
+ NOT-FOR-US: Oracle
CVE-2026-34895 (Unauthenticated Local File Inclusion in Softlab Core < 1.2.11 versions ...)
NOT-FOR-US: WordPress plugin or theme
CVE-2026-34894 (Unauthenticated Local File Inclusion in Integrio Core < 1.2.8 versions ...)
=====================================
data/packages/nfu.yaml
=====================================
@@ -606,6 +606,7 @@
- product: Oracle Business Intelligence Enterprise Edition
- product: Oracle Business Process Management Suite
- product: Oracle CRM Technical Foundation
+ - product: Oracle Coherence
- product: Oracle Commerce Platform
- product: Oracle Common Applications
- product: Oracle Communications Order and Service Management
@@ -614,6 +615,7 @@
- product: Oracle Configure to Order
- product: Oracle Configurator
- product: Oracle Cost Management
+ - product: Oracle Data Integrator
- product: Oracle Database Server
- product: Oracle Enterprise Asset Management
- product: Oracle Enterprise Command Center Framework
@@ -625,10 +627,12 @@
- product: Oracle Financial Services Customer Screening
- product: Oracle Financial Services Revenue Management and Billing
- product: Oracle Financial Services Transaction Filtering
+ - product: Oracle Financials for EMEA
- product: Oracle Fusion Middleware
- product: Oracle GoldenGate
- product: Oracle HCM Common Architecture
- product: Oracle Health Sciences Data Management Workbench
+ - product: Oracle HRMS (UK)
- product: Oracle Hospitality OPERA 5
- product: Oracle Hospitality OPERA 5 Property Services
- product: Oracle Hospitality Simphony
@@ -639,6 +643,7 @@
- product: Oracle Hyperion Infrastructure Technology
- product: Oracle Identity Manager
- product: Oracle Identity Manager Connector
+ - prodict: Oracle In-Memory Cost Management for Discrete Industries
- product: Oracle iSetup
- product: Oracle iSupport
- product: Oracle Lease and Finance Management
@@ -650,6 +655,7 @@
- product: Oracle MES for Process Manufacturing
- product: Oracle Marketing
- product: Oracle Mobile Field Service
+ - product: Oracle Outsourced Mfg for Discrete Industries
- product: Oracle Planning and Budgeting Cloud Service
- product: Oracle Process Manufacturing Product Development
- product: Oracle Process Manufacturing Process Planning
@@ -659,17 +665,21 @@
- product: Oracle Public Sector Financials (International)
- product: Oracle Public Sector Payroll
- product: Oracle Quality
+ - product: Oracle Receivables
- product: Oracle REST Data Services
- product: Oracle Scripting
- product: Oracle Secure Backup
- product: Oracle Security Service
- product: Oracle Smart View for Office
- product: Oracle Solaris
+ - product: Oracle Spares Management
- product: Oracle Subledger Accounting
- product: Oracle Teleservice
+ - product: Oracle Unified Directory
- product: Oracle Universal Work Queue
- product: Oracle User Management
- product: Oracle Utilities Application Framework
+ - product: Oracle Virtual Directory
- product: Oracle WebCenter Content
- product: Oracle WebCenter Enterprise Capture
- product: Oracle WebCenter Portal
@@ -695,6 +705,7 @@
- product: PeopleSoft Enterprise HCM Shared Components
- product: PeopleSoft Enterprise HCM Talent Acquisition Manager
- product: PeopleSoft Enterprise PeopleTools
+ - product: PeopleSoft Enterprise PT PeopleTools
- product: PeopleSoft Enterprise SCM Purchasing
- product: Primavera P6 Enterprise Project Portfolio Management
- product: Siebel Apps - Marketing
@@ -702,6 +713,7 @@
- product: Siebel CRM End User
- product: Siebel CRM Deployment
- product: Siebel CRM Integration
+ - product: WebLogic Server
- reason: SUSE
allOf:
- cna: suse
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/2359579d695682ef27680d1b95780a5d4ad3a09f
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/2359579d695682ef27680d1b95780a5d4ad3a09f
You're receiving this email because of your account on salsa.debian.org. Manage all notifications: https://salsa.debian.org/-/profile/notifications | Help: https://salsa.debian.org/help
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20260617/3438d555/attachment-0001.htm>
More information about the debian-security-tracker-commits
mailing list