Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
91b6c8fc by Salvatore Bonaccorso at 2021-11-02T09:13:52+01:00
Process NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -323,7 +323,7 @@ CVE-2021-43060
CVE-2021-43059
RESERVED
CVE-2021-43058 (An open redirect vulnerability exists in Replicated Classic
versions p ...)
- TODO: check
+ NOT-FOR-US: Replicated
CVE-2021-3914
RESERVED
CVE-2021-43057 (An issue was discovered in the Linux kernel before 5.14.8. A
use-after ...)
@@ -5516,7 +5516,7 @@ CVE-2021-41312
CVE-2021-41311
RESERVED
CVE-2021-41310 (Affected versions of Atlassian Jira Server and Data Center
allow anony ...)
- TODO: check
+ NOT-FOR-US: Atlassian
CVE-2021-41309
RESERVED
CVE-2021-41308 (Affected versions of Atlassian Jira Server and Data Center
allow authe ...)
@@ -5798,7 +5798,7 @@ CVE-2021-41189 (DSpace is an open source turnkey
repository application. In vers
CVE-2021-41188 (Shopware is open source e-commerce software. Versions prior to
5.7.6 c ...)
NOT-FOR-US: Shopware
CVE-2021-41187 (DHIS 2 is an information system for data capture, management,
validati ...)
- TODO: check
+ NOT-FOR-US: DHIS
CVE-2021-41186 (Fluentd collects events from various data sources and writes
them to f ...)
- fluentd <itp> (bug #926692)
CVE-2021-41185 (Mycodo is an environmental monitoring and regulation system.
An exploi ...)
@@ -10086,7 +10086,7 @@ CVE-2021-39348 (The LearnPress WordPress plugin is
vulnerable to Stored Cross-Si
CVE-2021-39347 (The Stripe for WooCommerce WordPress plugin is missing a
capability ch ...)
NOT-FOR-US: WordPress plugin
CVE-2021-39346 (The Google Maps Easy WordPress plugin is vulnerable to Stored
Cross-Si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2021-39345 (The HAL WordPress plugin is vulnerable to Stored Cross-Site
Scripting ...)
NOT-FOR-US: WordPress plugin
CVE-2021-39344 (The KJM Admin Notices WordPress plugin is vulnerable to Stored
Cross-S ...)
@@ -10096,9 +10096,9 @@ CVE-2021-39343 (The MPL-Publisher WordPress plugin is
vulnerable to Stored Cross
CVE-2021-39342 (The Credova_Financial WordPress plugin discloses a site's
associated C ...)
NOT-FOR-US: WordPress plugin
CVE-2021-39341 (The OptinMonster WordPress plugin is vulnerable to sensitive
informati ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2021-39340 (The Notification WordPress plugin is vulnerable to Stored
Cross-Site S ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2021-39339 (The Telefication WordPress plugin is vulnerable to Open Proxy
and Serv ...)
NOT-FOR-US: WordPress plugin
CVE-2021-39338 (The MyBB Cross-Poster WordPress plugin is vulnerable to Stored
Cross-S ...)
@@ -10112,7 +10112,7 @@ CVE-2021-39335 (The WpGenius Job Listing WordPress
plugin is vulnerable to Store
CVE-2021-39334 (The Job Board Vanila WordPress plugin is vulnerable to Stored
Cross-Si ...)
NOT-FOR-US: WordPress plugin
CVE-2021-39333 (The Hashthemes Demo Importer Plugin <= 1.1.1 for WordPress
containe ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2021-39332 (The Business Manager WordPress plugin is vulnerable to Stored
Cross-Si ...)
NOT-FOR-US: WordPress plugin
CVE-2021-39331
@@ -12532,7 +12532,7 @@ CVE-2021-38358 (The MoolaMojo WordPress plugin is
vulnerable to Reflected Cross-
CVE-2021-38357 (The SMS OVH WordPress plugin is vulnerable to Reflected
Cross-Site Scr ...)
NOT-FOR-US: WordPress plugin
CVE-2021-38356 (The NextScripts: Social Networks Auto-Poster <= 4.3.20
WordPress pl ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2021-38355 (The Bug Library WordPress plugin is vulnerable to Reflected
Cross-Site ...)
NOT-FOR-US: WordPress plugin
CVE-2021-38354 (The GNU-Mailman Integration WordPress plugin is vulnerable to
Reflecte ...)
@@ -23814,7 +23814,7 @@ CVE-2021-33595 (A address bar spoofing vulnerability
was discovered in Safe Brow
CVE-2021-33594 (An address bar spoofing vulnerability was discovered in Safe
Browser f ...)
NOT-FOR-US: Safe Browser for Android
CVE-2021-33593 (Whale browser for iOS before 1.14.0 has an inconsistent user
interface ...)
- TODO: check
+ NOT-FOR-US: Whale browser for iOS
CVE-2021-33592 (NAVER Toolbar before 4.0.30.323 allows remote attackers to
execute arb ...)
NOT-FOR-US: NAVER Toolbar
CVE-2021-33591 (An exposed remote debugging port in Naver Comic Viewer prior
to 1.0.15 ...)
@@ -28337,9 +28337,9 @@ CVE-2021-31851
CVE-2021-31850
RESERVED
CVE-2021-31849 (SQL injection vulnerability in McAfee Data Loss Prevention
(DLP) ePO e ...)
- TODO: check
+ NOT-FOR-US: McAfee
CVE-2021-31848 (Cross site scripting (XSS) vulnerability in McAfee Data Loss
Preventio ...)
- TODO: check
+ NOT-FOR-US: McAfee
CVE-2021-31847 (Improper access control vulnerability in the repair process
for McAfee ...)
NOT-FOR-US: McAfee
CVE-2021-31846
@@ -58828,7 +58828,7 @@ CVE-2021-20138
CVE-2021-20137
RESERVED
CVE-2021-20136 (ManageEngine Log360 Builds < 5235 are affected by an
improper acces ...)
- TODO: check
+ NOT-FOR-US: ManageEngine
CVE-2021-20135
RESERVED
CVE-2021-20134
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/91b6c8fcc170e07b3c7981b0c827d79e1acb6942
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/91b6c8fcc170e07b3c7981b0c827d79e1acb6942
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
