[Git][security-tracker-team/security-tracker][master] Process some NFUs
Salvatore Bonaccorso (@carnil)
carnil at debian.org
Mon Mar 30 21:11:06 BST 2026
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
babde5e5 by Salvatore Bonaccorso at 2026-03-30T22:10:39+02:00
Process some NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -31,9 +31,9 @@ CVE-2026-5121 (A flaw was found in libarchive. On 32-bit systems, an integer ove
CVE-2026-4425
REJECTED
CVE-2026-4416 (The Performance Library component of Gigabyte Control Center has an In ...)
- TODO: check
+ NOT-FOR-US: Gigabyte Control Center
CVE-2026-4415 (Gigabyte Control Center developed by GIGABYTE has an Arbitrary File Wr ...)
- TODO: check
+ NOT-FOR-US: Gigabyte Control Center
CVE-2026-4315 (A Cross-Site Request Forgery (CSRF) vulnerability in the WatchGuard Fi ...)
NOT-FOR-US: WatchGuard
CVE-2026-4266 (An Insecure Deserialization vulnerability in WatchGuard Fireware OS al ...)
@@ -46,7 +46,7 @@ CVE-2026-3991 (Symantec Data Loss Prevention Windows Endpoint, prior to 25.1 MP1
CVE-2026-3945 (An integer overflow vulnerability in the HTTP chunked transfer encodin ...)
TODO: check
CVE-2026-3502 (TrueConf Client downloads application update code and applies it witho ...)
- TODO: check
+ NOT-FOR-US: TrueConf Client
CVE-2026-3321 (A vulnerability of authorization bypass through user-controlled key in ...)
TODO: check
CVE-2026-34714 (Vim before 9.2.0272 allows code execution that happens immediately upo ...)
@@ -54,21 +54,21 @@ CVE-2026-34714 (Vim before 9.2.0272 allows code execution that happens immediate
NOTE: https://github.com/vim/vim/security/advisories/GHSA-2gmj-rpqf-pxvh
NOTE: Fixed by: https://github.com/vim/vim/commit/664701eb7576edb7c7c7d9f2d600815ec1f43459 (v9.2.0272)
CVE-2026-34472 (Unauthenticated credential disclosure in the wizard interface in ZTE Z ...)
- TODO: check
+ NOT-FOR-US: ZTE
CVE-2026-33643 (SQL Injection vulnerability in SchemaHero 0.23.0 via the column parame ...)
- TODO: check
+ NOT-FOR-US: SchemaHero
CVE-2026-33373 (An issue was discovered in Zimbra Collaboration (ZCS) 10.0 and 10.1. A ...)
NOT-FOR-US: Zimbra
CVE-2026-33032 (Nginx UI is a web user interface for the Nginx web server. In versions ...)
- TODO: check
+ NOT-FOR-US: Nginx UI
CVE-2026-33030 (Nginx UI is a web user interface for the Nginx web server. In versions ...)
- TODO: check
+ NOT-FOR-US: Nginx UI
CVE-2026-33029 (Nginx UI is a web user interface for the Nginx web server. Prior to ve ...)
- TODO: check
+ NOT-FOR-US: Nginx UI
CVE-2026-33028 (Nginx UI is a web user interface for the Nginx web server. Prior to ve ...)
- TODO: check
+ NOT-FOR-US: Nginx UI
CVE-2026-33027 (Nginx UI is a web user interface for the Nginx web server. Prior to ve ...)
- TODO: check
+ NOT-FOR-US: Nginx UI
CVE-2026-30566 (A Reflected Cross-Site Scripting (XSS) vulnerability exists in SourceC ...)
NOT-FOR-US: SourceCodester
CVE-2026-30565 (A Reflected Cross-Site Scripting (XSS) vulnerability exists in SourceC ...)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/babde5e57aea5276f6186c204db8dd3c843fca81
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/babde5e57aea5276f6186c204db8dd3c843fca81
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20260330/11ffdbdf/attachment.htm>
More information about the debian-security-tracker-commits
mailing list