[Git][security-tracker-team/security-tracker][master] automatic update

[Salvatore Bonaccorso (@carnil)]

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
97f0c4ce by security tracker role at 2026-03-15T08:13:23+00:00
automatic update

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,3 +1,35 @@
+CVE-2026-4179 (Issues in stm32 USB device driver (drivers/usb/device/usb_dc_stm32.c)  ...)
+	TODO: check
+CVE-2026-4170 (A weakness has been identified in Topsec TopACM 3.0. Affected by this  ...)
+	TODO: check
+CVE-2026-4169 (A security flaw has been discovered in Tecnick TCExam up to 16.6.0. Af ...)
+	TODO: check
+CVE-2026-4168 (A vulnerability was identified in Tecnick TCExam 16.5.0. This impacts  ...)
+	TODO: check
+CVE-2026-4167 (A vulnerability was determined in Belkin F9K1122 1.00.33. This affects ...)
+	TODO: check
+CVE-2026-4166 (A vulnerability was found in Wavlink WL-NU516U1 240425. The impacted e ...)
+	TODO: check
+CVE-2026-4165 (A vulnerability has been found in Worksuite HR, CRM and Project Manage ...)
+	TODO: check
+CVE-2026-4164 (A flaw has been found in Wavlink WL-WN578W2 221110. Impacted is the fu ...)
+	TODO: check
+CVE-2026-4163 (A vulnerability was detected in Wavlink WL-WN579A3 220323. This issue  ...)
+	TODO: check
+CVE-2026-32774 (Vulnogram 1.0.0 contains a stored cross-site scripting vulnerability i ...)
+	TODO: check
+CVE-2026-2233 (The User Frontend: AI Powered Frontend Posting, User Directory, Profil ...)
+	TODO: check
+CVE-2026-1947 (The NEX-Forms \u2013 Ultimate Forms Plugin for WordPress plugin for Wo ...)
+	TODO: check
+CVE-2026-1883 (The Wicked Folders \u2013 Folder Organizer for Pages, Posts, and Custo ...)
+	TODO: check
+CVE-2026-1870 (The Thim Kit for Elementor \u2013 Pre-built Templates & Widgets for El ...)
+	TODO: check
+CVE-2026-0849 (Malformed ATAES132A responses with an oversized length field overflow  ...)
+	TODO: check
+CVE-2025-54920 (This issue affects Apache Spark: before 3.5.7 and 4.0.1. Users are rec ...)
+	TODO: check
 CVE-2026-3839 (Unraid Authentication Request Path Traversal Authentication Bypass Vul ...)
 	NOT-FOR-US: Unraid
 CVE-2026-3838 (Unraid Update Request Path Traversal Remote Code Execution Vulnerabili ...)
@@ -5687,11 +5719,11 @@ CVE-2025-15595 (Privilege escalation via dll hijacking in Inno Setup 6.2.1 and e
 	NOT-FOR-US: Inno Setup
 CVE-2025-12345 (A security vulnerability has been detected in LLM-Claw 0.1.0/0.1.1/0.1 ...)
 	NOT-FOR-US: LLM-Claw
-CVE-2026-3442
+CVE-2026-3442 (A flaw was found in GNU Binutils. This vulnerability, a heap-based buf ...)
 	- binutils <unfixed> (unimportant)
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=2443828
 	NOTE: binutils not covered by security support
-CVE-2026-3441
+CVE-2026-3441 (A flaw was found in GNU Binutils. This heap-based buffer overflow vuln ...)
 	- binutils <unfixed> (unimportant)
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=2443826
 	NOTE: binutils not covered by security support
@@ -8999,7 +9031,7 @@ CVE-2026-2492 (TensorFlow HDF5 Library Uncontrolled Search Path Element Local Pr
 CVE-2026-2490 (RustDesk Client for Windows Transfer File Link Following Information D ...)
 	NOT-FOR-US: RustDesk Client for Windows
 CVE-2026-2048 (GIMP XWD File Parsing Out-Of-Bounds Write Remote Code Execution Vulner ...)
-	{DSA-6156-1}
+	{DSA-6156-1 DLA-4500-1}
 	- gimp 3.2.0~RC3-1 (bug #1128606)
 	NOTE: https://www.zerodayinitiative.com/advisories/ZDI-26-121/
 	NOTE: https://gitlab.gnome.org/GNOME/gimp/-/issues/15554
@@ -9018,7 +9050,7 @@ CVE-2026-2047 (GIMP ICNS File Parsing Heap-based Buffer Overflow Remote Code Exe
 	NOTE: Fixed by: https://gitlab.gnome.org/GNOME/gimp/-/commit/5873e16f80cf4152d25a4c86b08553008a331e90 (GIMP_3_0_8)
 	NOTE: Introduced by: https://gitlab.gnome.org/GNOME/gimp/-/commit/00232e17875d4676a2c797a429db23b1a9815db8 (GIMP_2_99_14)
 CVE-2026-2045 (GIMP XWD File Parsing Out-Of-Bounds Write Remote Code Execution Vulner ...)
-	{DSA-6156-1}
+	{DSA-6156-1 DLA-4500-1}
 	- gimp 3.2.0~RC3-1 (bug #1128604)
 	NOTE: https://www.zerodayinitiative.com/advisories/ZDI-26-119/
 	NOTE: https://gitlab.gnome.org/GNOME/gimp/-/issues/15293
@@ -9026,7 +9058,7 @@ CVE-2026-2045 (GIMP XWD File Parsing Out-Of-Bounds Write Remote Code Execution V
 	NOTE: Fixed by: https://gitlab.gnome.org/GNOME/gimp/-/commit/68b27dfb1cbd9b3f22d7fa624dbab8647ee5f275
 	NOTE: Fixed by: https://gitlab.gnome.org/GNOME/gimp/-/commit/bb896f67942557658b3fbfc67a1c073775c002c7 (GIMP_3_0_8)
 CVE-2026-2044 (GIMP PGM File Parsing Uninitialized Memory Remote Code Execution Vulne ...)
-	{DSA-6156-1}
+	{DSA-6156-1 DLA-4500-1}
 	- gimp 3.2.0~RC2-1
 	NOTE: https://www.zerodayinitiative.com/advisories/ZDI-26-118/
 	NOTE: https://gitlab.gnome.org/GNOME/gimp/-/issues/15287
@@ -9208,7 +9240,7 @@ CVE-2026-25896 (fast-xml-parser allows users to validate XML, parse XML to JS ob
 CVE-2026-24892 (openITCOCKPIT is an open source monitoring tool built for different mo ...)
 	NOT-FOR-US: openITCOCKPIT
 CVE-2026-0797 (GIMP ICO File Parsing Heap-based Buffer Overflow Remote Code Execution ...)
-	{DSA-6156-1}
+	{DSA-6156-1 DLA-4500-1}
 	- gimp 3.2.0~RC3-1 (bug #1128601)
 	NOTE: https://www.zerodayinitiative.com/advisories/ZDI-26-050/
 	NOTE: https://gitlab.gnome.org/GNOME/gimp/-/issues/15555



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/97f0c4ce7bb240f8c8b900b1beaaae068f0251f0

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/97f0c4ce7bb240f8c8b900b1beaaae068f0251f0
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20260315/bfcc4619/attachment.htm>