[Git][security-tracker-team/security-tracker][master] automatic update

[Salvatore Bonaccorso (@carnil)]

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
8aea1689 by security tracker role at 2021-06-14T20:10:29+00:00
automatic update

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,3 +1,13 @@
+CVE-2021-3601
+       RESERVED
+CVE-2021-34686
+       RESERVED
+CVE-2021-34685
+       RESERVED
+CVE-2021-34684
+       RESERVED
+CVE-2021-34683
+       RESERVED
 CVE-2021-34682 (Receita Federal IRPF 2021 1.7 allows a man-in-the-middle 
attack agains ...)
        NOT-FOR-US: Receita Federal IRPF 2021 1.7
 CVE-2021-3600
@@ -4439,8 +4449,8 @@ CVE-2021-32684
        RESERVED
 CVE-2021-32683
        RESERVED
-CVE-2021-32682
-       RESERVED
+CVE-2021-32682 (elFinder is an open-source file manager for web, written in 
JavaScript ...)
+       TODO: check
 CVE-2021-32681
        RESERVED
 CVE-2021-32680
@@ -24529,8 +24539,8 @@ CVE-2021-24384
        RESERVED
 CVE-2021-24383
        RESERVED
-CVE-2021-24382
-       RESERVED
+CVE-2021-24382 (The Smart Slider 3 Free and pro WordPress plugins before 
3.5.0.9 did n ...)
+       TODO: check
 CVE-2021-24381
        RESERVED
 CVE-2021-24380
@@ -24573,46 +24583,46 @@ CVE-2021-24362
        RESERVED
 CVE-2021-24361
        RESERVED
-CVE-2021-24360
-       RESERVED
-CVE-2021-24359
-       RESERVED
-CVE-2021-24358
-       RESERVED
-CVE-2021-24357
-       RESERVED
-CVE-2021-24356
-       RESERVED
-CVE-2021-24355
-       RESERVED
-CVE-2021-24354
-       RESERVED
-CVE-2021-24353
-       RESERVED
-CVE-2021-24352
-       RESERVED
-CVE-2021-24351
-       RESERVED
-CVE-2021-24350
-       RESERVED
-CVE-2021-24349
-       RESERVED
-CVE-2021-24348
-       RESERVED
-CVE-2021-24347
-       RESERVED
-CVE-2021-24346
-       RESERVED
-CVE-2021-24345
-       RESERVED
+CVE-2021-24360 (The Yes/No Chart WordPress plugin before 1.0.12 did not 
sanitise its s ...)
+       TODO: check
+CVE-2021-24359 (The Plus Addons for Elementor Page Builder WordPress plugin 
before 4.1 ...)
+       TODO: check
+CVE-2021-24358 (The Plus Addons for Elementor Page Builder WordPress plugin 
before 4.1 ...)
+       TODO: check
+CVE-2021-24357 (In the Best Image Gallery & Responsive Photo Gallery 
– FooGa ...)
+       TODO: check
+CVE-2021-24356 (In the Simple 301 Redirects by BetterLinks WordPress plugin 
before 2.0 ...)
+       TODO: check
+CVE-2021-24355 (In the Simple 301 Redirects by BetterLinks WordPress plugin 
before 2.0 ...)
+       TODO: check
+CVE-2021-24354 (A lack of capability checks and insufficient nonce check on 
the AJAX a ...)
+       TODO: check
+CVE-2021-24353 (The import_data function of the Simple 301 Redirects by 
BetterLinks Wo ...)
+       TODO: check
+CVE-2021-24352 (The export_data function of the Simple 301 Redirects by 
BetterLinks Wo ...)
+       TODO: check
+CVE-2021-24351 (The theplus_more_post AJAX action of The Plus Addons for 
Elementor Pag ...)
+       TODO: check
+CVE-2021-24350 (The Visitors WordPress plugin through 0.3 is affected by an 
Unauthenti ...)
+       TODO: check
+CVE-2021-24349 (This Gallery from files WordPress plugin through 1.6.0 gives 
the funct ...)
+       TODO: check
+CVE-2021-24348 (The menu delete functionality of the Side Menu – add 
fixed side  ...)
+       TODO: check
+CVE-2021-24347 (The SP Project & Document Manager WordPress plugin before 
4.22 all ...)
+       TODO: check
+CVE-2021-24346 (The Stock in & out WordPress plugin through 1.0.4 has a 
search fun ...)
+       TODO: check
+CVE-2021-24345 (The page lists-management feature of the Sendit WP Newsletter 
WordPres ...)
+       TODO: check
 CVE-2021-24344 (The Easy Preloader WordPress plugin through 1.0.0 does not 
sanitise it ...)
        NOT-FOR-US: WordPress plugin
 CVE-2021-24343 (The iFlyChat - WordPress Chat plugin through 4.6.4 does not 
sanitise i ...)
        NOT-FOR-US: WordPress plugin
 CVE-2021-24342 (The JNews WordPress theme before 8.0.6 did not sanitise the 
cat_id par ...)
        NOT-FOR-US: WordPress theme
-CVE-2021-24341
-       RESERVED
+CVE-2021-24341 (When deleting a date in the Xllentech English Islamic Calendar 
WordPre ...)
+       TODO: check
 CVE-2021-24340 (The WP Statistics WordPress plugin before 13.0.8 relied on 
using the W ...)
        NOT-FOR-US: WordPress plugin
 CVE-2021-24339
@@ -31790,8 +31800,8 @@ CVE-2021-21441
        RESERVED
 CVE-2021-21440
        RESERVED
-CVE-2021-21439
-       RESERVED
+CVE-2021-21439 (DoS attack can be performed when an email contains specially 
designed  ...)
+       TODO: check
 CVE-2021-21438 (Agents are able to see linked FAQ articles without permissions 
(define ...)
        NOT-FOR-US: OTRS FAQ addon (and OTRS 7 which is proprietary)
 CVE-2021-21437 (Agents are able to see linked Config Items without 
permissions, which  ...)



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/8aea168970d7a2a54334559cf9fac5a7d9583a22

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/8aea168970d7a2a54334559cf9fac5a7d9583a22
You're receiving this email because of your account on salsa.debian.org.



_______________________________________________
debian-security-tracker-commits mailing list
debian-security-tracker-commits@alioth-lists.debian.net
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits