Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
76e09ccf by Salvatore Bonaccorso at 2021-10-05T09:54:00+02:00
Process several NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -8216,23 +8216,23 @@ CVE-2021-38402 (Delta Electronic DOPSoft 2 (Version
2.00.07 and prior) lacks pro
CVE-2021-38401
RESERVED
CVE-2021-38400 (An attacker with physical access to Boston Scientific Zoom
Latitude Mo ...)
- TODO: check
+ NOT-FOR-US: Boston Scientific Zoom Latitude Model 3120
CVE-2021-38399
RESERVED
CVE-2021-38398 (The affected device uses off-the-shelf software components
that contai ...)
- TODO: check
+ NOT-FOR-US: Boston Scientific
CVE-2021-38397
RESERVED
CVE-2021-38396 (The programmer installation utility does not perform a
cryptographic a ...)
- TODO: check
+ NOT-FOR-US: Boston Scientific
CVE-2021-38395
RESERVED
CVE-2021-38394 (An attacker with physical access to the device can extract the
binary ...)
- TODO: check
+ NOT-FOR-US: Boston Scientific
CVE-2021-38393 (A Blind SQL injection vulnerability exists in the
/DataHandler/Handler ...)
NOT-FOR-US: Delta Electronics
CVE-2021-38392 (A skilled attacker with physical access to the affected device
can gai ...)
- TODO: check
+ NOT-FOR-US: Boston Scientific
CVE-2021-38391 (A Blind SQL injection vulnerability exists in the
/DataHandler/AM/AM_H ...)
NOT-FOR-US: Delta Electronics
CVE-2021-38390 (A Blind SQL injection vulnerability exists in the
/DataHandler/Handler ...)
@@ -9802,7 +9802,7 @@ CVE-2021-37779
CVE-2021-37778
RESERVED
CVE-2021-37777 (Gila CMS 2.2.0 is vulnerable to Insecure Direct Object
Reference (IDOR ...)
- TODO: check
+ NOT-FOR-US: Gila CMS
CVE-2021-37776
RESERVED
CVE-2021-37775
@@ -10786,13 +10786,13 @@ CVE-2021-37335
CVE-2021-37334 (A security issue in Umbraco Forms 4.0.0 to and including 8.7.5
could l ...)
NOT-FOR-US: Umbraco Forms
CVE-2021-37333 (Laravel Booking System Booking Core 2.0 is vulnerable to
Session Manag ...)
- TODO: check
+ NOT-FOR-US: Laravel Booking System Booking Core
CVE-2021-37332
RESERVED
CVE-2021-37331 (Laravel Booking System Booking Core 2.0 is vulnerable to
Incorrect Acc ...)
- TODO: check
+ NOT-FOR-US: Laravel Booking System Booking Core
CVE-2021-37330 (Laravel Booking System Booking Core 2.0 is vulnerable to Cross
Site Sc ...)
- TODO: check
+ NOT-FOR-US: Laravel Booking System Booking Core
CVE-2021-37329
RESERVED
CVE-2021-37328
@@ -11850,7 +11850,7 @@ CVE-2021-36852
CVE-2021-36851
RESERVED
CVE-2021-36850 (Cross-Site Request Forgery (CSRF) vulnerability in WordPress
Media Fil ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2021-36849
RESERVED
CVE-2021-36848
@@ -15546,7 +15546,7 @@ CVE-2021-35298 (Cross Site Scripting (XSS) in Zammad
1.0.x up to 4.0.0 allows re
CVE-2021-35297 (Scalabium dBase Viewer version 2.6 (Build 5.751) is vulnerable
to remo ...)
NOT-FOR-US: Scalabium dBase Viewer
CVE-2021-35296 (An issue in the administrator authentication panel of PTCL
HG150-Ub v3 ...)
- TODO: check
+ NOT-FOR-US: PTCL HG150-Ub
CVE-2021-35295
RESERVED
CVE-2021-35294
@@ -41936,7 +41936,7 @@ CVE-2021-24689
CVE-2021-24688
RESERVED
CVE-2021-24687 (The Modern Events Calendar Lite WordPress plugin before 5.22.2
does no ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2021-24686
RESERVED
CVE-2021-24685
@@ -41952,19 +41952,19 @@ CVE-2021-24681
CVE-2021-24680
RESERVED
CVE-2021-24679 (The Bitcoin / AltCoin Payment Gateway for WooCommerce
WordPress plugin ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2021-24678 (The CM Tooltip Glossary WordPress plugin before 3.9.21 does
not escape ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2021-24677
RESERVED
CVE-2021-24676 (The Better Find and Replace WordPress plugin before 1.2.9 does
not esc ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2021-24675
RESERVED
CVE-2021-24674
RESERVED
CVE-2021-24673 (The Appointment Hour Booking WordPress plugin before 1.3.16
does not e ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2021-24672
RESERVED
CVE-2021-24671 (The MX Time Zone Clocks WordPress plugin before 3.4.1 does not
escape ...)
@@ -42002,7 +42002,7 @@ CVE-2021-24656
CVE-2021-24655
RESERVED
CVE-2021-24654 (The User Registration WordPress plugin before 2.0.2 does not
properly ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2021-24653
RESERVED
CVE-2021-24652 (The PostX – Gutenberg Blocks for Post Grid WordPress
plugin befo ...)
@@ -42380,7 +42380,7 @@ CVE-2021-24467 (The Leaflet Map WordPress plugin before
3.0.0 does not verify th
CVE-2021-24466 (The Verse-O-Matic WordPress plugin through 4.1.1 does not have
any CSR ...)
NOT-FOR-US: WordPress plugin
CVE-2021-24465 (The Meow Gallery WordPress plugin before 4.1.9 does not
sanitise, vali ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2021-24464 (The YouTube Embed, Playlist and Popup by WpDevArt WordPress
plugin bef ...)
NOT-FOR-US: WordPress plugin
CVE-2021-24463 (The get_sliders() function in the Image Slider by Ays-
Responsive Slid ...)
@@ -63989,7 +63989,7 @@ CVE-2020-28121
CVE-2020-28120
RESERVED
CVE-2020-28119 (Cross site scripting vulnerability in 53KF < 2.0.0.2 that
allows fo ...)
- TODO: check
+ NOT-FOR-US: 53KF
CVE-2020-28118
RESERVED
CVE-2020-28117
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/76e09ccfcb27c9908a5d222dad2cac2ac25fe417
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/76e09ccfcb27c9908a5d222dad2cac2ac25fe417
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
