Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
7b832322 by Salvatore Bonaccorso at 2021-05-17T22:24:09+02:00
Process some more NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -18530,7 +18530,7 @@ CVE-2021-25266
CVE-2021-25265 (A malicious website could execute code remotely in Sophos
Connect Clie ...)
NOT-FOR-US: Sophos Connect Client
CVE-2021-25264 (In multiple versions of Sophos Endpoint products for MacOS, a
local at ...)
- TODO: check
+ NOT-FOR-US: Sophos
CVE-2021-25263
RESERVED
CVE-2021-25262
@@ -20461,13 +20461,13 @@ CVE-2021-24329
CVE-2021-24328
RESERVED
CVE-2021-24327 (The SEO Redirection Plugin – 301 Redirect Manager
WordPress plug ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2021-24326 (The tab parameter of the settings page of the All 404 Redirect
to Home ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2021-24325 (The tab parameter of the settings page of the 404 SEO
Redirection Word ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2021-24324 (The 404 SEO Redirection WordPress plugin through 1.3 is
lacking CSRF c ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2021-24323 (When taxes are enabled, the "Additional tax classes" field was
not pro ...)
TODO: check
CVE-2021-24322
@@ -20485,9 +20485,9 @@ CVE-2021-24317
CVE-2021-24316
RESERVED
CVE-2021-24315 (The GiveWP – Donation Plugin and Fundraising Platform
WordPress ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2021-24314 (The Goto WordPress theme before 2.1 did not sanitise, validate
of esca ...)
- TODO: check
+ NOT-FOR-US: WordPress theme
CVE-2021-24313
RESERVED
CVE-2021-24312
@@ -20517,7 +20517,7 @@ CVE-2021-24301
CVE-2021-24300
RESERVED
CVE-2021-24299 (The ReDi Restaurant Reservation WordPress plugin before
21.0426 provid ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2021-24298
RESERVED
CVE-2021-24297
@@ -20525,19 +20525,19 @@ CVE-2021-24297
CVE-2021-24296
RESERVED
CVE-2021-24295 (It was possible to exploit an Unauthenticated Time-Based Blind
SQL Inj ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2021-24294
RESERVED
CVE-2021-24293 (In the eCommerce module of the NextGEN Gallery Pro WordPress
plugin be ...)
NOT-FOR-US: NextGEN Gallery Pro WordPress plugin
CVE-2021-24292 (The Happy Addons for Elementor WordPress plugin before 2.24.0,
Happy A ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2021-24291 (The Photo Gallery by 10Web – Mobile-Friendly Image
Gallery WordP ...)
NOT-FOR-US: Photo Gallery by 10Web / Mobile-Friendly Image Gallery
WordPress plugin
CVE-2021-24290 (There are several endpoints in the Store Locator Plus for
WordPress pl ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2021-24289 (There is functionality in the Store Locator Plus for WordPress
plugin ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2021-24288 (When subscribing using AcyMailing, the 'redirect' parameter
isn't prop ...)
TODO: check
CVE-2021-24287 (The settings page of the Select All Categories and Taxonomies,
Change ...)
@@ -24313,7 +24313,7 @@ CVE-2021-22670 (An uninitialized pointer may be
exploited in Fatek FvDesigner Ve
CVE-2021-22669 (Incorrect permissions are set to default on the ‘Project
Managem ...)
NOT-FOR-US: WebAccess/SCADA
CVE-2021-22668 (Delta Industrial Automation CNCSoft ScreenEditor Versions
1.01.28 (wit ...)
- TODO: check
+ NOT-FOR-US: Delta Industrial Automation
CVE-2021-22667 (BB-ESWGP506-2SFP-T versions 1.01.09 and prior is vulnerable
due to the ...)
NOT-FOR-US: BB-ESWGP506-2SFP-T
CVE-2021-22666 (Fatek FvDesigner Version 1.5.76 and prior is vulnerable to a
stack-bas ...)
@@ -36049,7 +36049,7 @@ CVE-2020-29207
CVE-2020-29206
RESERVED
CVE-2020-29205 (XSS in signup form in Project Worlds Online Examination System
1.0 all ...)
- TODO: check
+ NOT-FOR-US: Project Worlds Online Examination System
CVE-2020-29204 (XXL-JOB 2.2.0 allows Stored XSS (in Add User) to bypass the
20-charact ...)
NOT-FOR-US: XXL-JOB
CVE-2020-29203 (struct2json before 2020-11-18 is affected by a Buffer Overflow
because ...)
@@ -49567,9 +49567,9 @@ CVE-2020-24994 (Stack overflow in the parse_tag
function in libass/ass_parse.c i
NOTE: https://github.com/libass/libass/issues/423
NOTE:
https://github.com/libass/libass/commit/6835731c2fe4164a0c50bc91d12c43b2a2b4e799
(0.15.0)
CVE-2020-24993 (There is a cross site scripting vulnerability on CmsWing
1.3.7. This v ...)
- TODO: check
+ NOT-FOR-US: CmsWing
CVE-2020-24992 (There is a cross site scripting vulnerability on CmsWing
1.3.7. This v ...)
- TODO: check
+ NOT-FOR-US: CmsWing
CVE-2020-24991
RESERVED
CVE-2020-24990 (An issue was discovered in QSC Q-SYS Core Manager 8.2.1. By
utilizing ...)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/7b83232279359181e32cd5e8e8de2292689ebebb
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/7b83232279359181e32cd5e8e8de2292689ebebb
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
debian-security-tracker-commits@alioth-lists.debian.net
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
