[Git][security-tracker-team/security-tracker][master] Process some more NFUs
Salvatore Bonaccorso (@carnil)
carnil at debian.org
Mon Aug 2 21:32:41 BST 2021
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
29ee17a2 by Salvatore Bonaccorso at 2021-08-02T22:30:47+02:00
Process some more NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,11 +1,11 @@
CVE-2021-37843 (The resolution SAML SSO apps for Atlassian products allow a remote att ...)
- TODO: check
+ NOT-FOR-US: resolution SAML SSO apps for Atlassian products
CVE-2021-37842
RESERVED
CVE-2021-37841
RESERVED
CVE-2021-37840 (aaPanel through 6.8.12 allows Cross-Site WebSocket Hijacking (CSWH) in ...)
- TODO: check
+ NOT-FOR-US: aaPanel
CVE-2021-37839
RESERVED
CVE-2021-3674
@@ -1316,7 +1316,7 @@ CVE-2021-3658
[stretch] - bluez <no-dsa> (Minor issue)
NOTE: https://git.kernel.org/pub/scm/bluetooth/bluez.git/commit/?id=b497b5942a8beb8f89ca1c359c54ad67ec843055
CVE-2021-37216 (QSAN Storage Manager header page parameters does not filter special ch ...)
- TODO: check
+ NOT-FOR-US: QSAN Storage Manager
CVE-2021-37215
RESERVED
CVE-2021-37214
@@ -1414,21 +1414,21 @@ CVE-2021-37169
CVE-2021-37168
RESERVED
CVE-2021-37167 (An insecure permissions issue was discovered in HMI3 Control Panel in ...)
- TODO: check
+ NOT-FOR-US: Swisslog Healthcare Nexus Panel
CVE-2021-37166 (A buffer overflow issue leading to denial of service was discovered in ...)
- TODO: check
+ NOT-FOR-US: Swisslog Healthcare Nexus Panel
CVE-2021-37165 (A buffer overflow issue was discovered in HMI3 Control Panel in Swissl ...)
- TODO: check
+ NOT-FOR-US: Swisslog Healthcare Nexus Panel
CVE-2021-37164 (A buffer overflow issue was discovered in HMI3 Control Panel in Swissl ...)
- TODO: check
+ NOT-FOR-US: Swisslog Healthcare Nexus Panel
CVE-2021-37163 (An insecure permissions issue was discovered in HMI3 Control Panel in ...)
- TODO: check
+ NOT-FOR-US: Swisslog Healthcare Nexus Panel
CVE-2021-37162 (A buffer overflow issue was discovered in HMI3 Control Panel in Swissl ...)
- TODO: check
+ NOT-FOR-US: Swisslog Healthcare Nexus Panel
CVE-2021-37161 (A buffer overflow issue was discovered in the HMI3 Control Panel conta ...)
- TODO: check
+ NOT-FOR-US: Swisslog Healthcare Nexus Panel
CVE-2021-37160 (A firmware validation issue was discovered in HMI3 Control Panel in Sw ...)
- TODO: check
+ NOT-FOR-US: Swisslog Healthcare Nexus Panel
CVE-2021-37158
RESERVED
CVE-2021-37157
@@ -5350,7 +5350,7 @@ CVE-2021-35452
CVE-2021-35451 (In Teradici PCoIP Management Console-Enterprise 20.07.0, an unauthenti ...)
NOT-FOR-US: Teradici PCoIP Management Console-Enterprise
CVE-2021-35450 (A Server Side Template Injection in the Entando Admin Console 6.3.9 an ...)
- TODO: check
+ NOT-FOR-US: Entando Admin Console
CVE-2021-35449 (The Lexmark Universal Print Driver version 2.15.1.0 and below, G2 driv ...)
NOT-FOR-US: Lexmark
CVE-2021-35448 (Emote Interactive Remote Mouse 3.008 on Windows allows attackers to ex ...)
@@ -7254,9 +7254,9 @@ CVE-2021-34577
CVE-2021-34576
RESERVED
CVE-2021-34575 (In MB connect line mymbCONNECT24, mbCONNECT24 in versions <= 2.8.0 ...)
- TODO: check
+ NOT-FOR-US: MB connect line
CVE-2021-34574 (In MB connect line mymbCONNECT24, mbCONNECT24 in versions <= 2.8.0 ...)
- TODO: check
+ NOT-FOR-US: MB connect line
CVE-2021-34573
RESERVED
CVE-2021-34572
@@ -9715,9 +9715,9 @@ CVE-2021-33529 (In Weidmueller Industrial WLAN devices in multiple versions the
CVE-2021-33528 (In Weidmueller Industrial WLAN devices in multiple versions an exploit ...)
NOT-FOR-US: Weidmueller Industrial WLAN devices
CVE-2021-33527 (In MB connect line mbDIALUP versions <= 3.9R0.0 a low privileged lo ...)
- TODO: check
+ NOT-FOR-US: MB connect line
CVE-2021-33526 (In MB connect line mbDIALUP versions <= 3.9R0.0 a low privileged lo ...)
- TODO: check
+ NOT-FOR-US: MB connect line
CVE-2021-33525 (EyesOfNetwork eonweb through 5.3-11 allows Remote Command Execution (b ...)
NOT-FOR-US: EyesOfNetwork (EON) eonweb
CVE-2021-3564 (A flaw double-free memory corruption in the Linux kernel HCI device in ...)
@@ -31975,9 +31975,9 @@ CVE-2021-24506
CVE-2021-24505
RESERVED
CVE-2021-24504 (The WP LMS – Best WordPress LMS Plugin WordPress plugin through ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2021-24503 (The Popular Brand Icons – Simple Icons WordPress plugin before 2 ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2021-24502
RESERVED
CVE-2021-24501
@@ -31987,11 +31987,11 @@ CVE-2021-24500
CVE-2021-24499
RESERVED
CVE-2021-24498 (The Calendar Event Multi View WordPress plugin before 1.4.01 does not ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2021-24497
RESERVED
CVE-2021-24496 (The Community Events WordPress plugin before 1.4.8 does not sanitise, ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2021-24495
RESERVED
CVE-2021-24494 (The WP Offload SES Lite WordPress plugin before 1.4.5 did not escape s ...)
@@ -31999,7 +31999,7 @@ CVE-2021-24494 (The WP Offload SES Lite WordPress plugin before 1.4.5 did not es
CVE-2021-24493
RESERVED
CVE-2021-24492 (The hndtst_action_instance_callback AJAX call of the Handsome Testimon ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2021-24491
RESERVED
CVE-2021-24490
@@ -32007,7 +32007,7 @@ CVE-2021-24490
CVE-2021-24489
RESERVED
CVE-2021-24488 (The slider import search feature and tab parameter of the Post Grid Wo ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2021-24487
RESERVED
CVE-2021-24486
@@ -32015,39 +32015,39 @@ CVE-2021-24486
CVE-2021-24485
RESERVED
CVE-2021-24484 (The get_reports() function in the Secure Copy Content Protection and C ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2021-24483 (The get_poll_categories(), get_polls() and get_reports() functions in ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2021-24482 (The Related Posts for WordPress plugin through 2.0.4 does not sanitise ...)
NOT-FOR-US: WordPress plugin
CVE-2021-24481 (The Any Hostname WordPress plugin through 1.0.6 does not sanitise or e ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2021-24480 (The Event Geek WordPress plugin through 2.5.2 does not sanitise or esc ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2021-24479 (The DrawBlog WordPress plugin through 0.90 does not sanitise or valida ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2021-24478 (The Bookshelf WordPress plugin through 2.0.4 does not sanitise or esca ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2021-24477 (The Migrate Users WordPress plugin through 1.0.1 does not sanitise or ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2021-24476 (The Steam Group Viewer WordPress plugin through 2.1 does not sanitise ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2021-24475
RESERVED
CVE-2021-24474 (The Awesome Weather Widget WordPress plugin through 3.0.2 does not san ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2021-24473 (The User Profile Picture WordPress plugin before 2.6.0 was affected by ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2021-24472 (The OnAir2 WordPress theme before 3.9.9.2 and QT KenthaRadio WordPress ...)
- TODO: check
+ NOT-FOR-US: WordPress theme
CVE-2021-24471
RESERVED
CVE-2021-24470 (The Yada Wiki WordPress plugin before 3.4.1 did not sanitise, validate ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2021-24469
RESERVED
CVE-2021-24468 (The Leaflet Map WordPress plugin before 3.0.0 does not escape some sho ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2021-24467
RESERVED
CVE-2021-24466
@@ -32055,25 +32055,25 @@ CVE-2021-24466
CVE-2021-24465
RESERVED
CVE-2021-24464 (The YouTube Embed, Playlist and Popup by WpDevArt WordPress plugin bef ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2021-24463 (The get_sliders() function in the Image Slider by Ays- Responsive Slid ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2021-24462 (The get_gallery_categories() and get_galleries() functions in the Phot ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2021-24461 (The get_faqs() function in the FAQ Builder AYS WordPress plugin before ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2021-24460 (The get_fb_likeboxes() function in the Popup Like box – Page Plu ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2021-24459 (The get_results() and get_items() functions in the Survey Maker WordPr ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2021-24458 (The get_ays_popupboxes() and get_popup_categories() functions of the P ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2021-24457 (The get_portfolios() and get_portfolio_attributes() functions in the c ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2021-24456 (The Quiz Maker WordPress plugin before 6.2.0.9 did not properly saniti ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2021-24455 (The Tutor LMS – eLearning and online course solution WordPress p ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2021-24454 (In the YOP Poll WordPress plugin before 6.2.8, when a pool is created ...)
NOT-FOR-US: Wordpress plugin
CVE-2021-24453 (The Include Me WordPress plugin through 1.2.1 is vulnerable to path tr ...)
@@ -32083,11 +32083,11 @@ CVE-2021-24452 (The W3 Total Cache WordPress plugin before 2.1.5 was affected by
CVE-2021-24451 (The Export Users With Meta WordPress plugin before 0.6.5 did not escap ...)
NOT-FOR-US: Wordpress plugin
CVE-2021-24450 (The User Registration, User Profiles, Login & Membership – P ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2021-24449
RESERVED
CVE-2021-24448 (The User Registration & User Profile – Profile Builder WordP ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2021-24447 (The WP Image Zoom WordPress plugin before 1.47 did not validate its ta ...)
NOT-FOR-US: WordPress plugin
CVE-2021-24446
@@ -32095,9 +32095,9 @@ CVE-2021-24446
CVE-2021-24445
RESERVED
CVE-2021-24444 (The TaxoPress – Create and Manage Taxonomies, Tags, Categories W ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2021-24443 (The About Me widget of the Youzify – BuddyPress Community, User ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2021-24442 (The Poll, Survey, Questionnaire and Voting system WordPress plugin bef ...)
NOT-FOR-US: Wordpress plugin
CVE-2021-24441 (The Sign-up Sheets WordPress plugin before 1.0.14 does not not sanitis ...)
@@ -32127,13 +32127,13 @@ CVE-2021-24430 (The Speed Booster Pack ⚡ PageSpeed Optimization Suite Word
CVE-2021-24429 (The Salon booking system WordPress plugin before 6.3.1 does not proper ...)
NOT-FOR-US: Wordpress plugin
CVE-2021-24428 (The RSS for Yandex Turbo WordPress plugin through 1.30 does not saniti ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2021-24427 (The W3 Total Cache WordPress plugin before 2.1.3 did not sanitise or e ...)
NOT-FOR-US: Wordpress plugin
CVE-2021-24426 (The Backup by 10Web – Backup and Restore Plugin WordPress plugin ...)
NOT-FOR-US: Wordpress plugin
CVE-2021-24425 (The Floating Notification Bar, Sticky Menu on Scroll, and Sticky Heade ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2021-24424 (The WP Reset – Most Advanced WordPress Reset Tool WordPress plug ...)
NOT-FOR-US: Wordpress plugin
CVE-2021-24423
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/29ee17a210611ed377f88b8e89ed164679d4fba9
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/29ee17a210611ed377f88b8e89ed164679d4fba9
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20210802/59899621/attachment.htm>
More information about the debian-security-tracker-commits
mailing list