Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits: 1dbda634 by Salvatore Bonaccorso at 2021-06-22T22:27:33+02:00 Process NFUs - - - - - 1 changed file: - data/CVE/list Changes: ===================================== data/CVE/list ===================================== @@ -357,9 +357,9 @@ CVE-2021-35048 CVE-2021-35047 RESERVED CVE-2021-35046 (A session fixation vulnerability was discovered in Ice Hrm 29.0.0 OS w ...) - TODO: check + NOT-FOR-US: Ice Hrm CVE-2021-35045 (Cross site scripting (XSS) vulnerability in Ice Hrm 29.0.0.OS, allows ...) - TODO: check + NOT-FOR-US: Ice Hrm CVE-2021-35044 RESERVED CVE-2021-35043 @@ -2131,9 +2131,9 @@ CVE-2021-34246 CVE-2021-34245 RESERVED CVE-2021-34244 (A cross site request forgery (CSRF) vulnerability was discovered in Ic ...) - TODO: check + NOT-FOR-US: Ice Hrm CVE-2021-34243 (A stored cross site scripting (XSS) vulnerability was discovered in Ic ...) - TODO: check + NOT-FOR-US: Ice Hrm CVE-2021-34242 RESERVED CVE-2021-34241 @@ -25806,7 +25806,7 @@ CVE-2021-24385 CVE-2021-24384 RESERVED CVE-2021-24383 (The WP Google Maps WordPress plugin before 8.1.12 did not sanitise, va ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2021-24382 (The Smart Slider 3 Free and pro WordPress plugins before 3.5.0.9 did n ...) NOT-FOR-US: WordPress plugin CVE-2021-24381 @@ -25814,43 +25814,43 @@ CVE-2021-24381 CVE-2021-24380 RESERVED CVE-2021-24379 (The Comments Like Dislike WordPress plugin before 1.1.4 allows users t ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2021-24378 (The Autoptimize WordPress plugin before 2.7.8 does not check for malic ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2021-24377 (The Autoptimize WordPress plugin before 2.7.8 attempts to remove poten ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2021-24376 (The Autoptimize WordPress plugin before 2.7.8 attempts to delete malic ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2021-24375 RESERVED CVE-2021-24374 (The Jetpack Carousel module of the JetPack WordPress plugin before 9.8 ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2021-24373 (The WP Hardening – Fix Your WordPress Security WordPress plugin ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2021-24372 (The WP Hardening – Fix Your WordPress Security WordPress plugin ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2021-24371 RESERVED CVE-2021-24370 (The Fancy Product Designer WordPress plugin before 4.6.9 allows unauth ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2021-24369 (In the GetPaid WordPress plugin before 2.3.4, users with the contribut ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2021-24368 (The Quiz And Survey Master – Best Quiz, Exam and Survey Plugin W ...) NOT-FOR-US: WordPress plugin CVE-2021-24367 (The WP Config File Editor WordPress plugin through 1.7.1 was affected ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2021-24366 (The Admin Columns Free WordPress plugin before 4.3 and Admin Columns P ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2021-24365 RESERVED CVE-2021-24364 (The Jannah WordPress theme before 5.4.4 did not properly sanitize the ...) - TODO: check + NOT-FOR-US: WordPress theme CVE-2021-24363 RESERVED CVE-2021-24362 RESERVED CVE-2021-24361 (In the Location Manager WordPress plugin before 2.1.0.10, the AJAX act ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2021-24360 (The Yes/No Chart WordPress plugin before 1.0.12 did not sanitise its s ...) NOT-FOR-US: WordPress plugin CVE-2021-24359 (The Plus Addons for Elementor Page Builder WordPress plugin before 4.1 ...) @@ -25894,9 +25894,9 @@ CVE-2021-24341 (When deleting a date in the Xllentech English Islamic Calendar W CVE-2021-24340 (The WP Statistics WordPress plugin before 13.0.8 relied on using the W ...) NOT-FOR-US: WordPress plugin CVE-2021-24339 (The Pods – Custom Content Types and Fields WordPress plugin befo ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2021-24338 (The Pods – Custom Content Types and Fields WordPress plugin befo ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2021-24337 (The id GET parameter of one of the Video Embed WordPress plugin throug ...) NOT-FOR-US: WordPress plugin CVE-2021-24336 (The FlightLog WordPress plugin through 3.0.2 does not sanitise, valida ...) @@ -28597,7 +28597,7 @@ CVE-2021-3046 CVE-2021-3045 RESERVED CVE-2021-3044 (An improper authorization vulnerability in Palo Alto Networks Cortex X ...) - TODO: check + NOT-FOR-US: Palo Alto Networks CVE-2021-3043 RESERVED CVE-2021-3042 @@ -30363,7 +30363,7 @@ CVE-2021-22384 CVE-2021-22383 (There is an out-of-bounds read vulnerability in eCNS280_TD V100R005C10 ...) TODO: check CVE-2021-22382 (Huawei LTE USB Dongle products have an improper permission assignment ...) - TODO: check + NOT-FOR-US: Huawei CVE-2021-22381 RESERVED CVE-2021-22380 @@ -30443,7 +30443,7 @@ CVE-2021-22344 CVE-2021-22343 RESERVED CVE-2021-22342 (There is an information leak vulnerability in Huawei products. A modul ...) - TODO: check + NOT-FOR-US: Huawei CVE-2021-22341 RESERVED CVE-2021-22340 @@ -35602,13 +35602,13 @@ CVE-2021-20746 CVE-2021-20745 RESERVED CVE-2021-20744 (Cross-site scripting vulnerability in EC-CUBE Category contents plugin ...) - TODO: check + NOT-FOR-US: EC-CUBE Category contents plugin CVE-2021-20743 (Cross-site scripting vulnerability in EC-CUBE Email newsletters manage ...) - TODO: check + NOT-FOR-US: EC-CUBE Email newsletters management plugin CVE-2021-20742 (Cross-site scripting vulnerability in EC-CUBE Business form output plu ...) - TODO: check + NOT-FOR-US: EC-CUBE Business form output plugin CVE-2021-20741 (Cross-site scripting vulnerability in Hitachi Application Server Help ...) - TODO: check + NOT-FOR-US: Hitachi CVE-2021-20740 RESERVED CVE-2021-20739 @@ -35620,9 +35620,9 @@ CVE-2021-20737 (Improper authentication vulnerability in GROWI versions prior to CVE-2021-20736 (NoSQL injection vulnerability in GROWI versions prior to v4.2.20 allow ...) TODO: check CVE-2021-20735 (Cross-site scripting vulnerability in ETUNA EC-CUBE plugins (Delivery ...) - TODO: check + NOT-FOR-US: ETUNA EC-CUBE plugins CVE-2021-20734 (Cross-site scripting vulnerability in Welcart e-Commerce versions prio ...) - TODO: check + NOT-FOR-US: Welcart e-Commerce CVE-2021-20733 (Improper authorization in handler for custom URL scheme vulnerability ...) TODO: check CVE-2021-20732 (The ATOM (ATOM - Smart life App for Android versions prior to 1.8.1 an ...) View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/1dbda634526b63f6749346b1bdb5f74eb90f6435 -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/1dbda634526b63f6749346b1bdb5f74eb90f6435 You're receiving this email because of your account on salsa.debian.org.
_______________________________________________ debian-security-tracker-commits mailing list debian-security-tracker-commits@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits