[Git][security-tracker-team/security-tracker][master] automatic update
Salvatore Bonaccorso (@carnil)
carnil at debian.org
Tue Dec 21 20:10:27 GMT 2021
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
36475359 by security tracker role at 2021-12-21T20:10:18+00:00
automatic update
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,3 +1,197 @@
+CVE-2022-22136
+ RESERVED
+CVE-2022-22135
+ RESERVED
+CVE-2022-22134
+ RESERVED
+CVE-2022-22133
+ RESERVED
+CVE-2022-22132
+ RESERVED
+CVE-2022-22131
+ RESERVED
+CVE-2022-22130
+ RESERVED
+CVE-2022-22129
+ RESERVED
+CVE-2022-22128
+ RESERVED
+CVE-2022-22127
+ RESERVED
+CVE-2022-22126
+ RESERVED
+CVE-2022-22125
+ RESERVED
+CVE-2022-22124
+ RESERVED
+CVE-2022-22123
+ RESERVED
+CVE-2022-22122
+ RESERVED
+CVE-2022-22121
+ RESERVED
+CVE-2022-22120
+ RESERVED
+CVE-2022-22119
+ RESERVED
+CVE-2022-22118
+ RESERVED
+CVE-2022-22117
+ RESERVED
+CVE-2022-22116
+ RESERVED
+CVE-2022-22115
+ RESERVED
+CVE-2022-22114
+ RESERVED
+CVE-2022-22113
+ RESERVED
+CVE-2022-22112
+ RESERVED
+CVE-2022-22111
+ RESERVED
+CVE-2022-22110
+ RESERVED
+CVE-2022-22109
+ RESERVED
+CVE-2022-22108
+ RESERVED
+CVE-2022-22107
+ RESERVED
+CVE-2022-22106
+ RESERVED
+CVE-2022-22105
+ RESERVED
+CVE-2022-22104
+ RESERVED
+CVE-2022-22103
+ RESERVED
+CVE-2022-22102
+ RESERVED
+CVE-2022-22101
+ RESERVED
+CVE-2022-22100
+ RESERVED
+CVE-2022-22099
+ RESERVED
+CVE-2022-22098
+ RESERVED
+CVE-2022-22097
+ RESERVED
+CVE-2022-22096
+ RESERVED
+CVE-2022-22095
+ RESERVED
+CVE-2022-22094
+ RESERVED
+CVE-2022-22093
+ RESERVED
+CVE-2022-22092
+ RESERVED
+CVE-2022-22091
+ RESERVED
+CVE-2022-22090
+ RESERVED
+CVE-2022-22089
+ RESERVED
+CVE-2022-22088
+ RESERVED
+CVE-2022-22087
+ RESERVED
+CVE-2022-22086
+ RESERVED
+CVE-2022-22085
+ RESERVED
+CVE-2022-22084
+ RESERVED
+CVE-2022-22083
+ RESERVED
+CVE-2022-22082
+ RESERVED
+CVE-2022-22081
+ RESERVED
+CVE-2022-22080
+ RESERVED
+CVE-2022-22079
+ RESERVED
+CVE-2022-22078
+ RESERVED
+CVE-2022-22077
+ RESERVED
+CVE-2022-22076
+ RESERVED
+CVE-2022-22075
+ RESERVED
+CVE-2022-22074
+ RESERVED
+CVE-2022-22073
+ RESERVED
+CVE-2022-22072
+ RESERVED
+CVE-2022-22071
+ RESERVED
+CVE-2022-22070
+ RESERVED
+CVE-2022-22069
+ RESERVED
+CVE-2022-22068
+ RESERVED
+CVE-2022-22067
+ RESERVED
+CVE-2022-22066
+ RESERVED
+CVE-2022-22065
+ RESERVED
+CVE-2022-22064
+ RESERVED
+CVE-2022-22063
+ RESERVED
+CVE-2022-22062
+ RESERVED
+CVE-2022-22061
+ RESERVED
+CVE-2022-22060
+ RESERVED
+CVE-2022-22059
+ RESERVED
+CVE-2022-22058
+ RESERVED
+CVE-2022-22057
+ RESERVED
+CVE-2022-22056
+ RESERVED
+CVE-2022-22055
+ RESERVED
+CVE-2022-22054
+ RESERVED
+CVE-2021-45458
+ RESERVED
+CVE-2021-45457
+ RESERVED
+CVE-2021-45456
+ RESERVED
+CVE-2021-45455
+ RESERVED
+CVE-2021-45454
+ RESERVED
+CVE-2021-45453
+ RESERVED
+CVE-2021-45452
+ RESERVED
+CVE-2021-4150
+ RESERVED
+CVE-2021-4149
+ RESERVED
+CVE-2021-4148
+ RESERVED
+CVE-2021-4147
+ RESERVED
+CVE-2021-4146
+ RESERVED
+CVE-2021-4145
+ RESERVED
+CVE-2021-4144
+ RESERVED
CVE-2021-45451 (In Mbed TLS before 3.1.0, psa_aead_generate_nonce allows policy bypass ...)
TODO: check
CVE-2021-45450 (In Mbed TLS before 2.28.0 and 3.x before 3.1.0, psa_cipher_generate_iv ...)
@@ -24,8 +218,7 @@ CVE-2017-20010
CVE-2017-20009
RESERVED
NOT-FOR-US: MODX Revolution
-CVE-2012-20001
- RESERVED
+CVE-2012-20001 (PrestaShop before 1.5.2 allows XSS via the "<object data='data:text ...)
NOT-FOR-US: PrestaShop
CVE-2021-45442
RESERVED
@@ -317,26 +510,26 @@ CVE-2021-45299
RESERVED
CVE-2021-45298
RESERVED
-CVE-2021-45297
- RESERVED
+CVE-2021-45297 (An infinite loop vulnerability exists in Gpac 1.0.1 in gf_get_bit_size ...)
+ TODO: check
CVE-2021-45296
RESERVED
CVE-2021-45295
RESERVED
CVE-2021-45294
RESERVED
-CVE-2021-45293
- RESERVED
-CVE-2021-45292
- RESERVED
-CVE-2021-45291
- RESERVED
-CVE-2021-45290
- RESERVED
-CVE-2021-45289
- RESERVED
-CVE-2021-45288
- RESERVED
+CVE-2021-45293 (A Denial of Service vulnerability exists in Binaryen 103 due to an Inv ...)
+ TODO: check
+CVE-2021-45292 (The gf_isom_hint_rtp_read function in GPAC 1.0.1 allows attackers to c ...)
+ TODO: check
+CVE-2021-45291 (The gf_dump_setup function in GPAC 1.0.1 allows malicoius users to cau ...)
+ TODO: check
+CVE-2021-45290 (A Denial of Service vulnerability exits in Binaryen 103 due to an asse ...)
+ TODO: check
+CVE-2021-45289 (A vulnerability exists in GPAC 1.0.1 due to an omission of security-re ...)
+ TODO: check
+CVE-2021-45288 (A Double Free vulnerability exists in filedump.c in GPAC 1.0.1, which ...)
+ TODO: check
CVE-2021-45287
RESERVED
CVE-2021-45286
@@ -401,14 +594,14 @@ CVE-2021-45257
RESERVED
CVE-2021-45256
RESERVED
-CVE-2021-45255
- RESERVED
+CVE-2021-45255 (The email parameter from ajax.php of Video Sharing Website 1.0 appears ...)
+ TODO: check
CVE-2021-45254
RESERVED
-CVE-2021-45253
- RESERVED
-CVE-2021-45252
- RESERVED
+CVE-2021-45253 (The id parameter in view_storage.php from Simple Cold Storage Manageme ...)
+ TODO: check
+CVE-2021-45252 (Multiple SQL injection vulnerabilities are found on Simple Forum-Discu ...)
+ TODO: check
CVE-2021-45251
RESERVED
CVE-2021-45250
@@ -451,8 +644,8 @@ CVE-2021-4141
RESERVED
CVE-2021-4140
RESERVED
-CVE-2021-4139
- RESERVED
+CVE-2021-4139 (pimcore is vulnerable to Improper Neutralization of Input During Web P ...)
+ TODO: check
CVE-2021-4138
RESERVED
CVE-2022-22053
@@ -1033,12 +1226,12 @@ CVE-2021-45093
RESERVED
CVE-2021-45092 (Thinfinity VirtualUI before 3.0 has functionality in /lab.html reachab ...)
NOT-FOR-US: Thinfinity VirtualUI
-CVE-2021-45091
- RESERVED
-CVE-2021-45090
- RESERVED
-CVE-2021-45089
- RESERVED
+CVE-2021-45091 (Stormshield Endpoint Security from 2.1.0 to 2.1.1 has Incorrect Access ...)
+ TODO: check
+CVE-2021-45090 (Stormshield Endpoint Security before 2.1.2 allows remote code executio ...)
+ TODO: check
+CVE-2021-45089 (Stormshield Endpoint Security 2.x before 2.1.2 has Incorrect Access Co ...)
+ TODO: check
CVE-2021-45088 (XSS can occur in GNOME Web (aka Epiphany) before 40.4 and 41.x before ...)
- epiphany-browser 41.2-1
NOTE: https://gitlab.gnome.org/GNOME/epiphany/-/issues/1612
@@ -1750,14 +1943,14 @@ CVE-2021-44879
RESERVED
CVE-2021-44878
RESERVED
-CVE-2021-44877
- RESERVED
-CVE-2021-44876
- RESERVED
-CVE-2021-44875
- RESERVED
-CVE-2021-44874
- RESERVED
+CVE-2021-44877 (Dalmark Systems Systeam 2.22.8 build 1724 is vulnerable to Incorrect A ...)
+ TODO: check
+CVE-2021-44876 (Dalmark Systems Systeam 2.22.8 build 1724 is vulnerable to User enumer ...)
+ TODO: check
+CVE-2021-44875 (Dalmark Systems Systeam 2.22.8 build 1724 is vulnerable to User enumer ...)
+ TODO: check
+CVE-2021-44874 (Dalmark Systems Systeam 2.22.8 build 1724 is vulnerable to Insecure de ...)
+ TODO: check
CVE-2021-44873
RESERVED
CVE-2021-44872
@@ -1784,10 +1977,10 @@ CVE-2021-44862
RESERVED
CVE-2021-44861
RESERVED
-CVE-2021-44860
- RESERVED
-CVE-2021-44859
- RESERVED
+CVE-2021-44860 (An out-of-bounds read vulnerability exists when reading a TIF file usi ...)
+ TODO: check
+CVE-2021-44859 (An out-of-bounds read vulnerability exists when reading a TGA file usi ...)
+ TODO: check
CVE-2021-44858 (An issue was discovered in MediaWiki before 1.35.5, 1.36.x before 1.36 ...)
{DSA-5021-1 DLA-2847-1}
- mediawiki 1:1.35.5-1
@@ -3126,10 +3319,10 @@ CVE-2021-44425
RESERVED
CVE-2021-44424
RESERVED
-CVE-2021-44423
- RESERVED
-CVE-2021-44422
- RESERVED
+CVE-2021-44423 (An out-of-bounds read vulnerability exists when reading a BMP file usi ...)
+ TODO: check
+CVE-2021-44422 (An Improper Input Validation Vulnerability exists when reading a BMP f ...)
+ TODO: check
CVE-2021-44421
RESERVED
CVE-2021-44420 (In Django 2.2 before 2.2.25, 3.1 before 3.1.14, and 3.2 before 3.2.10, ...)
@@ -3749,8 +3942,8 @@ CVE-2021-44209
RESERVED
CVE-2021-44208
RESERVED
-CVE-2021-44207
- RESERVED
+CVE-2021-44207 (Acclaim USAHERDS through 7.4.0.1 uses hard-coded credentials. ...)
+ TODO: check
CVE-2021-4018 (snipe-it is vulnerable to Improper Neutralization of Input During Web ...)
NOT-FOR-US: snipe-it
CVE-2021-4017 (showdoc is vulnerable to Cross-Site Request Forgery (CSRF) ...)
@@ -3866,22 +4059,26 @@ CVE-2021-44159 (4MOSAn GCB Doctor’s file upload function has improper user
CVE-2021-44158
RESERVED
CVE-2021-4011 (A flaw was found in xorg-x11-server in versions before 21.1.2 and befo ...)
+ {DSA-5027-1}
- xorg-server 2:1.20.13-3
- xwayland 2:21.1.4-1
NOTE: https://lists.x.org/archives/xorg-announce/2021-December/003122.html
NOTE: https://gitlab.freedesktop.org/xorg/xserver/-/commit/e56f61c79fc3cee26d83cda0f84ae56d5979f768
CVE-2021-4010 (A flaw was found in xorg-x11-server in versions before 21.1.2 and befo ...)
+ {DSA-5027-1}
- xorg-server 2:1.20.13-3
[stretch] - xorg-server <not-affected> (Vulnerable code introduced later)
- xwayland 2:21.1.4-1
NOTE: https://lists.x.org/archives/xorg-announce/2021-December/003122.html
NOTE: https://gitlab.freedesktop.org/xorg/xserver/-/commit/6c4c53010772e3cb4cb8acd54950c8eec9c00d21
CVE-2021-4009 (A flaw was found in xorg-x11-server in versions before 21.1.2 and befo ...)
+ {DSA-5027-1}
- xorg-server 2:1.20.13-3
- xwayland 2:21.1.4-1
NOTE: https://lists.x.org/archives/xorg-announce/2021-December/003122.html
NOTE: https://gitlab.freedesktop.org/xorg/xserver/-/commit/b5196750099ae6ae582e1f46bd0a6dad29550e02
CVE-2021-4008 (A flaw was found in xorg-x11-server in versions before 21.1.2 and befo ...)
+ {DSA-5027-1}
- xorg-server 2:1.20.13-3
- xwayland 2:21.1.4-1
NOTE: https://lists.x.org/archives/xorg-announce/2021-December/003122.html
@@ -4875,8 +5072,8 @@ CVE-2021-43841
RESERVED
CVE-2021-43840 (message_bus is a messaging bus for Ruby processes and web clients. In ...)
TODO: check
-CVE-2021-43839
- RESERVED
+CVE-2021-43839 (Cronos is a commercial implementation of a blockchain. In Cronos nodes ...)
+ TODO: check
CVE-2021-43838 (jsx-slack is a library for building JSON objects for Slack Block Kit s ...)
TODO: check
CVE-2021-43837 (vault-cli is a configurable command-line interface tool (and python li ...)
@@ -6259,8 +6456,8 @@ CVE-2021-43589
RESERVED
CVE-2021-43588
RESERVED
-CVE-2021-43587
- RESERVED
+CVE-2021-43587 (Dell PowerPath Management Appliance, versions 3.2, 3.1, 3.0 P01, 3.0, ...)
+ TODO: check
CVE-2021-43586
RESERVED
CVE-2021-43585
@@ -26083,8 +26280,8 @@ CVE-2021-3639 [Prevent redirect to URLs that begin with '///']
[buster] - libapache2-mod-auth-mellon <no-dsa> (Minor issue)
[stretch] - libapache2-mod-auth-mellon <no-dsa> (Minor issue)
NOTE: https://github.com/latchset/mod_auth_mellon/commit/42a11261b9dad2e48d70bdff7c53dd57a12db6f5
-CVE-2021-36350
- RESERVED
+CVE-2021-36350 (Dell PowerScale OneFS, versions 8.2.2-9.3.0.x, contain an authenticati ...)
+ TODO: check
CVE-2021-36349
RESERVED
CVE-2021-36348
@@ -26101,18 +26298,18 @@ CVE-2021-36343
RESERVED
CVE-2021-36342
RESERVED
-CVE-2021-36341
- RESERVED
+CVE-2021-36341 (Dell Wyse Device Agent version 14.5.4.1 and below contain a sensitive ...)
+ TODO: check
CVE-2021-36340 (Dell EMC SCG 5.00.00.10 and earlier, contain a sensitive information d ...)
NOT-FOR-US: EMC
CVE-2021-36339
RESERVED
CVE-2021-36338
RESERVED
-CVE-2021-36337
- RESERVED
-CVE-2021-36336
- RESERVED
+CVE-2021-36337 (Dell Wyse Management Suite version 3.3.1 and prior support insecure Tr ...)
+ TODO: check
+CVE-2021-36336 (Wyse Management Suite 3.3.1 and below versions contain a deserializati ...)
+ TODO: check
CVE-2021-36335 (Dell EMC CloudLink 7.1 and all prior versions contain an Improper Inpu ...)
NOT-FOR-US: EMC
CVE-2021-36334 (Dell EMC CloudLink 7.1 and all prior versions contain a CSV formula In ...)
@@ -26147,12 +26344,12 @@ CVE-2021-36320 (Dell Networking X-Series firmware versions prior to 3.0.1.8 cont
NOT-FOR-US: Dell
CVE-2021-36319 (Dell Networking OS10 versions 10.4.3.x, 10.5.0.x and 10.5.1.x contain ...)
NOT-FOR-US: Dell
-CVE-2021-36318
- RESERVED
-CVE-2021-36317
- RESERVED
-CVE-2021-36316
- RESERVED
+CVE-2021-36318 (Dell EMC Avamar versions 18.2,19.1,19.2,19.3,19.4 contain a plain-text ...)
+ TODO: check
+CVE-2021-36317 (Dell EMC Avamar Server version 19.4 contains a plain-text password sto ...)
+ TODO: check
+CVE-2021-36316 (Dell EMC Avamar Server versions 18.2, 19.1, 19.2, 19.3, and 19.4 conta ...)
+ TODO: check
CVE-2021-36315 (Dell EMC PowerScale Nodes contain a hardware design flaw. This may all ...)
NOT-FOR-US: EMC
CVE-2021-36314 (Dell EMC CloudLink 7.1 and all prior versions contain an Arbitrary Fil ...)
@@ -48406,24 +48603,24 @@ CVE-2021-27455 (Delta Electronics DOPSoft Versions 4.0.10.17 and prior are vulne
NOT-FOR-US: Delta Electronics
CVE-2021-27454 (The software performs an operation at a privilege level higher than th ...)
NOT-FOR-US: GE
-CVE-2021-27453
- RESERVED
+CVE-2021-27453 (Mesa Labs AmegaView Versions 3.0 uses default cookies that could be se ...)
+ TODO: check
CVE-2021-27452 (The software contains a hard-coded password that could allow an attack ...)
NOT-FOR-US: GE
-CVE-2021-27451
- RESERVED
+CVE-2021-27451 (Mesa Labs AmegaView Versions 3.0 and prior’s passcode is generat ...)
+ TODO: check
CVE-2021-27450 (SSH server configuration file does not implement some best practices. ...)
NOT-FOR-US: GE
-CVE-2021-27449
- RESERVED
+CVE-2021-27449 (Mesa Labs AmegaView Versions 3.0 and prior has a command injection vul ...)
+ TODO: check
CVE-2021-27448 (A miscommunication in the file system allows adversaries with access t ...)
NOT-FOR-US: GE
-CVE-2021-27447
- RESERVED
+CVE-2021-27447 (Mesa Labs AmegaView version 3.0 is vulnerable to a command injection, ...)
+ TODO: check
CVE-2021-27446
RESERVED
-CVE-2021-27445
- RESERVED
+CVE-2021-27445 (Mesa Labs AmegaView Versions 3.0 and prior has insecure file permissio ...)
+ TODO: check
CVE-2021-27444
RESERVED
CVE-2021-27443
@@ -54716,8 +54913,8 @@ CVE-2021-24983
RESERVED
CVE-2021-24982
RESERVED
-CVE-2021-24981
- RESERVED
+CVE-2021-24981 (The Directorist WordPress plugin before 7.0.6.2 was vulnerable to Cros ...)
+ TODO: check
CVE-2021-24980
RESERVED
CVE-2021-24979
@@ -54766,8 +54963,8 @@ CVE-2021-24958
RESERVED
CVE-2021-24957
RESERVED
-CVE-2021-24956
- RESERVED
+CVE-2021-24956 (The Blog2Social: Social Media Auto Post & Scheduler WordPress plug ...)
+ TODO: check
CVE-2021-24955 (The User Registration, Login Form, User Profile & Membership WordP ...)
NOT-FOR-US: WordPress plugin
CVE-2021-24954 (The User Registration, Login Form, User Profile & Membership WordP ...)
@@ -54796,8 +54993,8 @@ CVE-2021-24943 (The Registrations for the Events Calendar WordPress plugin befor
NOT-FOR-US: WordPress plugin
CVE-2021-24942
RESERVED
-CVE-2021-24941
- RESERVED
+CVE-2021-24941 (The Popups, Welcome Bar, Optins and Lead Generation Plugin WordPress p ...)
+ TODO: check
CVE-2021-24940
RESERVED
CVE-2021-24939 (The LoginWP (Formerly Peter's Login Redirect) WordPress plugin before ...)
@@ -54864,8 +55061,8 @@ CVE-2021-24909
RESERVED
CVE-2021-24908 (The Check & Log Email WordPress plugin before 1.0.4 does not escap ...)
NOT-FOR-US: WordPress plugin
-CVE-2021-24907
- RESERVED
+CVE-2021-24907 (The Contact Form, Drag and Drop Form Builder for WordPress plugin befo ...)
+ TODO: check
CVE-2021-24906
RESERVED
CVE-2021-24905
@@ -54980,14 +55177,14 @@ CVE-2021-24851 (The Insert Pages WordPress plugin before 3.7.0 allows users with
NOT-FOR-US: WordPress plugin
CVE-2021-24850 (The Insert Pages WordPress plugin before 3.7.0 adds a shortcode that p ...)
NOT-FOR-US: WordPress plugin
-CVE-2021-24849
- RESERVED
+CVE-2021-24849 (The wcfm_ajax_controller AJAX action of the WCFM Marketplace WordPress ...)
+ TODO: check
CVE-2021-24848 (The mediamaticAjaxRenameCategory AJAX action of the Mediamatic WordPre ...)
NOT-FOR-US: WordPress plugin
CVE-2021-24847 (The importFromRedirection AJAX action of the SEO Redirection Plugin &# ...)
NOT-FOR-US: WordPress plugin
-CVE-2021-24846
- RESERVED
+CVE-2021-24846 (The get_query() function of the Ni WooCommerce Custom Order Status Wor ...)
+ TODO: check
CVE-2021-24845 (The Improved Include Page WordPress plugin through 1.2 allows passing ...)
NOT-FOR-US: WordPress plugin
CVE-2021-24844 (The Affiliates Manager WordPress plugin before 2.8.7 does not validate ...)
@@ -55178,8 +55375,8 @@ CVE-2021-24752 (Multiple Plugins from the CatchThemes vendor do not perform capa
NOT-FOR-US: WordPress plugins
CVE-2021-24751 (The GenerateBlocks WordPress plugin before 1.4.0 does not validate the ...)
NOT-FOR-US: WordPress plugin
-CVE-2021-24750
- RESERVED
+CVE-2021-24750 (The WP Visitor Statistics (Real Time Traffic) WordPress plugin before ...)
+ TODO: check
CVE-2021-24749 (The URL Shortify WordPress plugin before 1.5.1 does not have CSRF chec ...)
NOT-FOR-US: WordPress plugin
CVE-2021-24748 (The Email Before Download WordPress plugin before 6.8 does not properl ...)
@@ -55200,10 +55397,10 @@ CVE-2021-24741 (The Support Board WordPress plugin before 3.3.4 does not escape
NOT-FOR-US: WordPress plugin
CVE-2021-24740 (The Tutor LMS WordPress plugin before 1.9.9 does not escape some of it ...)
NOT-FOR-US: WordPress plugin
-CVE-2021-24739
- RESERVED
-CVE-2021-24738
- RESERVED
+CVE-2021-24739 (The Logo Carousel WordPress plugin before 3.4.2 allows users with a ro ...)
+ TODO: check
+CVE-2021-24738 (The Logo Carousel WordPress plugin before 3.4.2 does not validate and ...)
+ TODO: check
CVE-2021-24737 (The Comments – wpDiscuz WordPress plugin through 7.3.0 does not ...)
NOT-FOR-US: WordPress plugin
CVE-2021-24736 (The Easy Download Manager and File Sharing Plugin with frontend file u ...)
@@ -55522,8 +55719,8 @@ CVE-2021-24580 (The Side Menu Lite WordPress plugin before 2.2.6 does not saniti
NOT-FOR-US: WordPress plugin
CVE-2021-24579 (The bt_bb_get_grid AJAX action of the Bold Page Builder WordPress plug ...)
NOT-FOR-US: WordPress plugin
-CVE-2021-24578
- RESERVED
+CVE-2021-24578 (The SportsPress WordPress plugin before 2.7.9 does not sanitise and es ...)
+ TODO: check
CVE-2021-24577 (The Coming soon and Maintenance mode WordPress plugin before 3.5.3 doe ...)
NOT-FOR-US: WordPress plugin
CVE-2021-24576 (The Easy Accordion WordPress plugin before 2.0.22 does not properly sa ...)
@@ -97255,8 +97452,8 @@ CVE-2020-19772
RESERVED
CVE-2020-19771
RESERVED
-CVE-2020-19770
- RESERVED
+CVE-2020-19770 (A cross-site scripting (XSS) vulnerability in the system bulletin comp ...)
+ TODO: check
CVE-2020-19769 (A lack of target address verification in the BurnMe() function of Rob ...)
NOT-FOR-US: Rob The Bank
CVE-2020-19768 (A lack of target address verification in the selfdestructs() function ...)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/3647535975637698120ea88ccb3d4a9e5f90baee
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/3647535975637698120ea88ccb3d4a9e5f90baee
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20211221/fdb7057c/attachment-0001.htm>
More information about the debian-security-tracker-commits
mailing list