[Git][security-tracker-team/security-tracker][master] Process NFUs
Salvatore Bonaccorso (@carnil)
carnil at debian.org
Tue Aug 3 21:19:13 BST 2021
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
36da80df by Salvatore Bonaccorso at 2021-08-03T22:18:50+02:00
Process NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -2544,7 +2544,7 @@ CVE-2021-36765
CVE-2021-36764
RESERVED
CVE-2021-36763 (In CODESYS V3 web server before 3.5.17.10, files or directories are ac ...)
- TODO: check
+ NOT-FOR-US: CODESYS V3 web server
CVE-2021-36762
RESERVED
CVE-2021-36761
@@ -2802,7 +2802,7 @@ CVE-2021-36656
CVE-2021-36655
RESERVED
CVE-2021-36654 (CMSuno 1.7 is vulnerable to an authenticated stored cross site scripti ...)
- TODO: check
+ NOT-FOR-US: CMSuno
CVE-2021-36653
RESERVED
CVE-2021-36652
@@ -2864,9 +2864,9 @@ CVE-2021-36625
CVE-2021-36624 (Sourcecodester Phone Shop Sales Managements System version 1.0 suffers ...)
NOT-FOR-US: Sourcecodester
CVE-2021-36623 (Arbitrary File Upload in Sourcecodester Phone Shop Sales Management Sy ...)
- TODO: check
+ NOT-FOR-US: Sourcecodester
CVE-2021-36622 (Sourcecodester Online Covid Vaccination Scheduler System 1.0 is affect ...)
- TODO: check
+ NOT-FOR-US: Sourcecodester
CVE-2021-36621 (Sourcecodester Online Covid Vaccination Scheduler System 1.0 is vulner ...)
NOT-FOR-US: Sourcecodester
CVE-2021-36620
@@ -3024,9 +3024,9 @@ CVE-2021-36545
CVE-2021-36544
RESERVED
CVE-2021-36543 (Cross-Site Request Forgery (CSRF) vulnerability in the /op/op.UnlockDo ...)
- TODO: check
+ NOT-FOR-US: SeedDMS
CVE-2021-36542 (Cross-Site Request Forgery (CSRF) vulnerability in the /op/op.LockDocu ...)
- TODO: check
+ NOT-FOR-US: SeedDMS
CVE-2021-36541
RESERVED
CVE-2021-36540
@@ -5773,7 +5773,7 @@ CVE-2021-35345
CVE-2021-35344
RESERVED
CVE-2021-35343 (Cross-Site Request Forgery (CSRF) vulnerability in the /op/op.Ajax.php ...)
- TODO: check
+ NOT-FOR-US: SeedDMS
CVE-2021-35342
RESERVED
CVE-2021-35341
@@ -5935,7 +5935,7 @@ CVE-2021-35267
CVE-2021-35266
RESERVED
CVE-2021-35265 (A reflected cross-site scripting (XSS) vulnerability in MaxSite CMS be ...)
- TODO: check
+ NOT-FOR-US: MaxSite CMS
CVE-2021-35264
RESERVED
CVE-2021-35263
@@ -7342,13 +7342,13 @@ CVE-2021-34637 (The Post Index WordPress plugin is vulnerable to Cross-Site Requ
CVE-2021-34636
RESERVED
CVE-2021-34635 (The Poll Maker WordPress plugin is vulnerable to Reflected Cross-Site ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2021-34634
RESERVED
CVE-2021-34633
RESERVED
CVE-2021-34632 (The SEO Backlinks WordPress plugin is vulnerable to Cross-Site Request ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2021-34631
RESERVED
CVE-2021-34630 (In the Pro and Enterprise versions of GTranslate < 2.8.65, the gtra ...)
@@ -7356,7 +7356,7 @@ CVE-2021-34630 (In the Pro and Enterprise versions of GTranslate < 2.8.65, th
CVE-2021-34629 (The SendGrid WordPress plugin is vulnerable to authorization bypass vi ...)
NOT-FOR-US: WordPress plugin
CVE-2021-34628 (The Admin Custom Login WordPress plugin is vulnerable to Cross-Site Re ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2021-34627 (A vulnerability in the getSelectedMimeTypesByRole function of the WP U ...)
NOT-FOR-US: WordPress plugin
CVE-2021-34626 (A vulnerability in the deleteCustomType function of the WP Upload Rest ...)
@@ -10035,9 +10035,9 @@ CVE-2021-33488
CVE-2021-33487
RESERVED
CVE-2021-33486 (All versions of the CODESYS V3 Runtime Toolkit for VxWorks from versio ...)
- TODO: check
+ NOT-FOR-US: CODESYS V3 Runtime Toolkit for VxWorks
CVE-2021-33485 (CODESYS Control Runtime system before 3.5.17.10 has a Heap-based Buffe ...)
- TODO: check
+ NOT-FOR-US: CODESYS Control Runtime
CVE-2021-3562
RESERVED
CVE-2021-33484
@@ -10360,27 +10360,27 @@ CVE-2021-33332
CVE-2021-33331
RESERVED
CVE-2021-33330 (Liferay Portal 7.2.0 through 7.3.2, and Liferay DXP 7.2 before fix pac ...)
- TODO: check
+ NOT-FOR-US: Liferay
CVE-2021-33329
RESERVED
CVE-2021-33328 (Cross-site scripting (XSS) vulnerability in the Asset module's edit vo ...)
- TODO: check
+ NOT-FOR-US: Liferay
CVE-2021-33327 (The Portlet Configuration module in Liferay Portal 7.2.0 through 7.3.3 ...)
- TODO: check
+ NOT-FOR-US: Liferay
CVE-2021-33326 (Cross-site scripting (XSS) vulnerability in the Frontend JS module in ...)
- TODO: check
+ NOT-FOR-US: Liferay
CVE-2021-33325 (The Portal Workflow module in Liferay Portal 7.3.2 and earlier, and Li ...)
- TODO: check
+ NOT-FOR-US: Liferay
CVE-2021-33324 (The Layout module in Liferay Portal 7.1.0 through 7.3.1, and Liferay D ...)
- TODO: check
+ NOT-FOR-US: Liferay
CVE-2021-33323 (The Dynamic Data Mapping module in Liferay Portal 7.1.0 through 7.3.2, ...)
- TODO: check
+ NOT-FOR-US: Liferay
CVE-2021-33322 (In Liferay Portal 7.3.0 and earlier, and Liferay DXP 7.0 before fix pa ...)
- TODO: check
+ NOT-FOR-US: Liferay
CVE-2021-33321 (Insecure default configuration in Liferay Portal 6.2.3 through 7.3.2, ...)
- TODO: check
+ NOT-FOR-US: Liferay
CVE-2021-33320 (The Flags module in Liferay Portal 7.3.1 and earlier, and Liferay DXP ...)
- TODO: check
+ NOT-FOR-US: Liferay
CVE-2021-33319
RESERVED
CVE-2021-33318
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/36da80dfbd9335f3b71a73a88b4146f609cecf46
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/36da80dfbd9335f3b71a73a88b4146f609cecf46
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20210803/bf5766f3/attachment.htm>
More information about the debian-security-tracker-commits
mailing list