Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
9fdfb603 by Salvatore Bonaccorso at 2021-09-10T22:24:51+02:00
Process NFUs
- - - - -
0946576d by Salvatore Bonaccorso at 2021-09-10T22:24:52+02:00
Add CVE-2021-40839/python-rencode
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,5 +1,5 @@
CVE-2021-40864 (The Translate plugin 6.1.x through 6.3.x before 6.3.0.72 for
ONLYOFFIC ...)
- TODO: check
+ NOT-FOR-US: Translate plugin for ONLYOFFICE Document Server
CVE-2021-40863
RESERVED
CVE-2021-40862
@@ -49,7 +49,9 @@ CVE-2021-40841
CVE-2021-40840
RESERVED
CVE-2021-40839 (The rencode package through 1.0.6 for Python allows an
infinite loop i ...)
- TODO: check
+ - python-rencode 1.0.6-2
+ NOTE:
https://github.com/aresch/rencode/commit/572ff74586d9b1daab904c6f7f7009ce0143bb75
+ NOTE: https://github.com/aresch/rencode/pull/29
CVE-2021-40838
RESERVED
CVE-2021-40837
@@ -1099,7 +1101,7 @@ CVE-2021-40375
CVE-2021-40374
RESERVED
CVE-2021-40373 (playSMS before 1.4.5 allows Arbitrary Code Execution by
entering PHP c ...)
- TODO: check
+ NOT-FOR-US: playSMS
CVE-2021-40372
RESERVED
CVE-2021-40371
@@ -5646,33 +5648,33 @@ CVE-2021-38362
CVE-2021-38361
RESERVED
CVE-2021-38360 (The wp-publications WordPress plugin is vulnerable to
restrictive loca ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2021-38359 (The WordPress InviteBox Plugin for viral Refer-a-Friend
Promotions Wor ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2021-38358 (The MoolaMojo WordPress plugin is vulnerable to Reflected
Cross-Site S ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2021-38357 (The SMS OVH WordPress plugin is vulnerable to Reflected
Cross-Site Scr ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2021-38356
RESERVED
CVE-2021-38355 (The Bug Library WordPress plugin is vulnerable to Reflected
Cross-Site ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2021-38354 (The GNU-Mailman Integration WordPress plugin is vulnerable to
Reflecte ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2021-38353 (The Dropdown and scrollable Text WordPress plugin is
vulnerable to Ref ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2021-38352 (The Feedify – Web Push Notifications WordPress plugin is
vulnera ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2021-38351 (The OSD Subscribe WordPress plugin is vulnerable to Reflected
Cross-Si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2021-38350 (The spideranalyse WordPress plugin is vulnerable to Reflected
Cross-Si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2021-38349 (The Integration of Moneybird for WooCommerce WordPress plugin
is vulne ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2021-38348 (The Advance Search WordPress plugin is vulnerable to Reflected
Cross-S ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2021-38347 (The Custom Website Data WordPress plugin is vulnerable to
Reflected Cr ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2021-38346
RESERVED
CVE-2021-38345
@@ -5684,37 +5686,37 @@ CVE-2021-38343 (The Nested Pages WordPress plugin <=
3.1.15 was vulnerable to
CVE-2021-38342 (The Nested Pages WordPress plugin <= 3.1.15 was vulnerable
to Cross ...)
NOT-FOR-US: WordPress plugin
CVE-2021-38341 (The WooCommerce Payment Gateway Per Category WordPress plugin
is vulne ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2021-38340 (The Wordpress Simple Shop WordPress plugin is vulnerable to
Reflected ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2021-38339 (The Simple Matted Thumbnails WordPress plugin is vulnerable to
Reflect ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2021-38338 (The Border Loading Bar WordPress plugin is vulnerable to
Reflected Cro ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2021-38337 (The RSVPMaker Excel WordPress plugin is vulnerable to
Reflected Cross- ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2021-38336 (The Edit Comments XT WordPress plugin is vulnerable to
Reflected Cross ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2021-38335 (The Wise Agent Capture Forms WordPress plugin is vulnerable to
Reflect ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2021-38334 (The WP Design Maps & Places WordPress plugin is vulnerable
to Refl ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2021-38333 (The WP Scrippets WordPress plugin is vulnerable to Reflected
Cross-Sit ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2021-38332 (The On Page SEO + Whatsapp Chat Button Plugin WordPress plugin
is vuln ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2021-38331 (The WP-T-Wap WordPress plugin is vulnerable to Reflected
Cross-Site Sc ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2021-38330 (The Yet Another bol.com Plugin WordPress plugin is vulnerable
to Refle ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2021-38329 (The DJ EmailPublish WordPress plugin is vulnerable to
Reflected Cross- ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2021-38328 (The Notices WordPress plugin is vulnerable to Reflected
Cross-Site Scr ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2021-38327 (The YouTube Video Inserter WordPress plugin is vulnerable to
Reflected ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2021-38326 (The Post Title Counter WordPress plugin is vulnerable to
Reflected Cro ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2021-38325 (The User Activation Email WordPress plugin is vulnerable to
Reflected ...)
NOT-FOR-US: WordPress plugin
CVE-2021-38324 (The SP Rental Manager WordPress plugin is vulnerable to SQL
Injection ...)
@@ -7820,9 +7822,9 @@ CVE-2021-37425 (Altova MobileTogether Server before 7.3
SP1 allows XXE attacks,
CVE-2021-37424
RESERVED
CVE-2021-37423 (Zoho ManageEngine ADSelfService Plus 6111 and prior is
vulnerable to l ...)
- TODO: check
+ NOT-FOR-US: Zoho ManageEngine
CVE-2021-37422 (Zoho ManageEngine ADSelfService Plus 6111 and prior is
vulnerable to S ...)
- TODO: check
+ NOT-FOR-US: Zoho ManageEngine
CVE-2021-37421 (Zoho ManageEngine ADSelfService Plus 6103 and prior is
vulnerable to a ...)
NOT-FOR-US: Zoho ManageEngine
CVE-2021-37420
@@ -7838,7 +7840,7 @@ CVE-2021-37416 (Zoho ManageEngine ADSelfService Plus
version 6103 and prior is v
CVE-2021-37415 (Zoho ManageEngine ServiceDesk Plus before 11302 is vulnerable
to authe ...)
NOT-FOR-US: Zoho ManageEngine
CVE-2021-37414 (Zoho ManageEngine DesktopCentral version 10.1.2119.7 and prior
allows ...)
- TODO: check
+ NOT-FOR-US: Zoho ManageEngine
CVE-2021-37413
RESERVED
CVE-2021-37412
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/bc2d376263fa3716ec6a367001e0a190380edb20...0946576dc21285dde73cfb1549e4861ee92aa8f5
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/bc2d376263fa3716ec6a367001e0a190380edb20...0946576dc21285dde73cfb1549e4861ee92aa8f5
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
