Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
8bdc0b11 by Salvatore Bonaccorso at 2021-09-13T22:31:11+02:00
Process NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -27108,7 +27108,7 @@ CVE-2021-29645
CVE-2021-29644
RESERVED
CVE-2021-29643 (PRTG Network Monitor before 21.3.69.1333 allows stored XSS via
an unsa ...)
- TODO: check
+ NOT-FOR-US: PRTG Network Monitor
CVE-2021-29642 (GistPad before 0.2.7 allows a crafted workspace folder to
change the U ...)
NOT-FOR-US: GistPad
CVE-2021-29641 (Directus 8 before 8.8.2 allows remote authenticated users to
execute a ...)
@@ -39148,15 +39148,15 @@ CVE-2021-24730
CVE-2021-24729
RESERVED
CVE-2021-24728 (The Membership & Content Restriction – Paid Member
Subscript ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2021-24727 (The StopBadBots WordPress plugin before 6.60 did not validate
or escap ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2021-24726 (The WP Simple Booking Calendar WordPress plugin before 2.0.6
did not e ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2021-24725 (The Comment Link Remove and Other Comment Tools WordPress
plugin befor ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2021-24724 (The Timetable and Event Schedule by MotoPress WordPress plugin
before ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2021-24723
RESERVED
CVE-2021-24722
@@ -39358,15 +39358,15 @@ CVE-2021-24625
CVE-2021-24624
RESERVED
CVE-2021-24623 (The WordPress Advanced Ticket System, Elite Support Helpdesk
WordPress ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2021-24622
RESERVED
CVE-2021-24621 (The WP Courses LMS WordPress plugin before 2.0.44 does not
sanitise it ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2021-24620 (The WordPress Simple Ecommerce Shopping Cart Plugin- Sell
products thr ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2021-24619 (The Per page add to head WordPress plugin through 1.4.4 does
not prope ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2021-24618
RESERVED
CVE-2021-24617
@@ -39376,7 +39376,7 @@ CVE-2021-24616
CVE-2021-24615
RESERVED
CVE-2021-24614 (The Book appointment online WordPress plugin before 1.39 does
not sani ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2021-24613
RESERVED
CVE-2021-24612
@@ -39394,7 +39394,7 @@ CVE-2021-24607
CVE-2021-24606
RESERVED
CVE-2021-24605 (The create_post_page AJAX action of the Custom Post View
Generator Wor ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2021-24604
RESERVED
CVE-2021-24603 (The Site Reviews WordPress plugin before 5.13.1 does not
sanitise some ...)
@@ -39432,7 +39432,7 @@ CVE-2021-24588 (The SMS Alert Order Notifications
WordPress plugin before 3.4.7
CVE-2021-24587
RESERVED
CVE-2021-24586 (The Per page add to head WordPress plugin before 1.4.4 is
lacking any ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2021-24585
RESERVED
CVE-2021-24584
@@ -39484,7 +39484,7 @@ CVE-2021-24562 (The LMS by LifterLMS – Online
Course, Membership & Lea
CVE-2021-24561 (The WP SMS WordPress plugin before 5.4.13 does not sanitise
the "wp_gr ...)
NOT-FOR-US: WordPress plugin
CVE-2021-24560 (The Software License Manager WordPress plugin before 4.4.8
does not sa ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2021-24559
RESERVED
CVE-2021-24558 (The pspin_duplicate_post_save_as_new_post function of the
Project Stat ...)
@@ -39558,7 +39558,7 @@ CVE-2021-24525
CVE-2021-24524 (The GiveWP – Donation Plugin and Fundraising Platform
WordPress ...)
NOT-FOR-US: WordPress plugin
CVE-2021-24523 (The Daily Prayer Time WordPress plugin before 2021.08.10 does
not sani ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2021-24522 (The User Registration, User Profile, Login & Membership
– Pr ...)
NOT-FOR-US: Wordpress plugin
CVE-2021-24521 (The Side Menu Lite – add sticky fixed buttons WordPress
plugin b ...)
@@ -39584,11 +39584,11 @@ CVE-2021-24512 (The Video Posts Webcam Recorder
WordPress plugin before 3.2.4 ha
CVE-2021-24511
RESERVED
CVE-2021-24510 (The MF Gig Calendar WordPress plugin through 1.1 does not
sanitise or ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2021-24509 (The Page View Count WordPress plugin before 2.4.9 does not
escape the ...)
NOT-FOR-US: Wordpress plugin
CVE-2021-24508 (The Smash Balloon Social Post Feed WordPress plugin before
2.19.2 does ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2021-24507 (The Astra Pro Addon WordPress plugin before 3.5.2 did not
properly san ...)
NOT-FOR-US: Wordpress plugin
CVE-2021-24506 (The Slider Hero with Animation, Video Background & Intro
Maker Wor ...)
@@ -39618,13 +39618,13 @@ CVE-2021-24495 (The Marmoset Viewer WordPress plugin
before 1.9.3 does not prope
CVE-2021-24494 (The WP Offload SES Lite WordPress plugin before 1.4.5 did not
escape s ...)
NOT-FOR-US: Wordpress plugin
CVE-2021-24493 (The shopp_upload_file AJAX action of the Shopp WordPress
plugin throug ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2021-24492 (The hndtst_action_instance_callback AJAX call of the Handsome
Testimon ...)
NOT-FOR-US: WordPress plugin
CVE-2021-24491 (The Fileviewer WordPress plugin through 2.2 does not have CSRF
checks ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2021-24490 (The Email Artillery (MASS EMAIL) WordPress plugin through 4.1
does not ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2021-24489
RESERVED
CVE-2021-24488 (The slider import search feature and tab parameter of the Post
Grid Wo ...)
@@ -39742,7 +39742,7 @@ CVE-2021-24433
CVE-2021-24432
RESERVED
CVE-2021-24431 (The Language Bar Flags WordPress plugin through 1.0.8 does not
have an ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2021-24430 (The Speed Booster Pack ⚡ PageSpeed Optimization Suite
WordPress ...)
NOT-FOR-US: Wordpress plugin
CVE-2021-24429 (The Salon booking system WordPress plugin before 6.3.1 does
not proper ...)
@@ -44175,15 +44175,15 @@ CVE-2021-22530
CVE-2021-22529
RESERVED
CVE-2021-22528 (Reflected Cross Site Scripting (XSS) vulnerability in NetIQ
Access Man ...)
- TODO: check
+ NOT-FOR-US: NetIQ Access Manager
CVE-2021-22527 (Information leakage vulnerability in NetIQ Access Manager
prior to 5.0 ...)
- TODO: check
+ NOT-FOR-US: NetIQ Access Manager
CVE-2021-22526 (Open Redirection vulnerability in NetIQ Access Manager prior
to 5.0.1 ...)
- TODO: check
+ NOT-FOR-US: NetIQ Access Manager
CVE-2021-22525 (This release addresses a potential information leakage
vulnerability i ...)
NOT-FOR-US: Microfocus
CVE-2021-22524 (Injection attack caused the denial of service vulnerability in
NetIQ A ...)
- TODO: check
+ NOT-FOR-US: NetIQ Access Manager
CVE-2021-22523 (XML External Entity vulnerability in Micro Focus Verastream
Host Integ ...)
NOT-FOR-US: Micro Focus
CVE-2021-22522 (Reflected Cross-Site Scripting vulnerability in Micro Focus
Verastream ...)
@@ -61648,9 +61648,9 @@ CVE-2020-27972
CVE-2020-27971
RESERVED
CVE-2020-27970 (Yandex Browser before 20.10.0 allows remote attackers to spoof
the add ...)
- TODO: check
+ NOT-FOR-US: Yandex Browser
CVE-2020-27969 (Yandex Browser for Android 20.8.4 allows remote attackers to
perform S ...)
- TODO: check
+ NOT-FOR-US: Yandex Browser
CVE-2020-27968
RESERVED
CVE-2020-27967
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/8bdc0b11df64ccb2d3d2f371c97de90543d74a2f
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/8bdc0b11df64ccb2d3d2f371c97de90543d74a2f
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
