[Git][security-tracker-team/security-tracker][master] automatic update

Salvatore Bonaccorso (@carnil) carnil at debian.org
Mon Jun 14 21:10:37 BST 2021 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
8aea1689 by security tracker role at 2021-06-14T20:10:29+00:00
automatic update

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,3 +1,13 @@
+CVE-2021-3601
+	RESERVED
+CVE-2021-34686
+	RESERVED
+CVE-2021-34685
+	RESERVED
+CVE-2021-34684
+	RESERVED
+CVE-2021-34683
+	RESERVED
 CVE-2021-34682 (Receita Federal IRPF 2021 1.7 allows a man-in-the-middle attack agains ...)
 	NOT-FOR-US: Receita Federal IRPF 2021 1.7
 CVE-2021-3600
@@ -4439,8 +4449,8 @@ CVE-2021-32684
 	RESERVED
 CVE-2021-32683
 	RESERVED
-CVE-2021-32682
-	RESERVED
+CVE-2021-32682 (elFinder is an open-source file manager for web, written in JavaScript ...)
+	TODO: check
 CVE-2021-32681
 	RESERVED
 CVE-2021-32680
@@ -24529,8 +24539,8 @@ CVE-2021-24384
 	RESERVED
 CVE-2021-24383
 	RESERVED
-CVE-2021-24382
-	RESERVED
+CVE-2021-24382 (The Smart Slider 3 Free and pro WordPress plugins before 3.5.0.9 did n ...)
+	TODO: check
 CVE-2021-24381
 	RESERVED
 CVE-2021-24380
@@ -24573,46 +24583,46 @@ CVE-2021-24362
 	RESERVED
 CVE-2021-24361
 	RESERVED
-CVE-2021-24360
-	RESERVED
-CVE-2021-24359
-	RESERVED
-CVE-2021-24358
-	RESERVED
-CVE-2021-24357
-	RESERVED
-CVE-2021-24356
-	RESERVED
-CVE-2021-24355
-	RESERVED
-CVE-2021-24354
-	RESERVED
-CVE-2021-24353
-	RESERVED
-CVE-2021-24352
-	RESERVED
-CVE-2021-24351
-	RESERVED
-CVE-2021-24350
-	RESERVED
-CVE-2021-24349
-	RESERVED
-CVE-2021-24348
-	RESERVED
-CVE-2021-24347
-	RESERVED
-CVE-2021-24346
-	RESERVED
-CVE-2021-24345
-	RESERVED
+CVE-2021-24360 (The Yes/No Chart WordPress plugin before 1.0.12 did not sanitise its s ...)
+	TODO: check
+CVE-2021-24359 (The Plus Addons for Elementor Page Builder WordPress plugin before 4.1 ...)
+	TODO: check
+CVE-2021-24358 (The Plus Addons for Elementor Page Builder WordPress plugin before 4.1 ...)
+	TODO: check
+CVE-2021-24357 (In the Best Image Gallery & Responsive Photo Gallery – FooGa ...)
+	TODO: check
+CVE-2021-24356 (In the Simple 301 Redirects by BetterLinks WordPress plugin before 2.0 ...)
+	TODO: check
+CVE-2021-24355 (In the Simple 301 Redirects by BetterLinks WordPress plugin before 2.0 ...)
+	TODO: check
+CVE-2021-24354 (A lack of capability checks and insufficient nonce check on the AJAX a ...)
+	TODO: check
+CVE-2021-24353 (The import_data function of the Simple 301 Redirects by BetterLinks Wo ...)
+	TODO: check
+CVE-2021-24352 (The export_data function of the Simple 301 Redirects by BetterLinks Wo ...)
+	TODO: check
+CVE-2021-24351 (The theplus_more_post AJAX action of The Plus Addons for Elementor Pag ...)
+	TODO: check
+CVE-2021-24350 (The Visitors WordPress plugin through 0.3 is affected by an Unauthenti ...)
+	TODO: check
+CVE-2021-24349 (This Gallery from files WordPress plugin through 1.6.0 gives the funct ...)
+	TODO: check
+CVE-2021-24348 (The menu delete functionality of the Side Menu – add fixed side  ...)
+	TODO: check
+CVE-2021-24347 (The SP Project & Document Manager WordPress plugin before 4.22 all ...)
+	TODO: check
+CVE-2021-24346 (The Stock in & out WordPress plugin through 1.0.4 has a search fun ...)
+	TODO: check
+CVE-2021-24345 (The page lists-management feature of the Sendit WP Newsletter WordPres ...)
+	TODO: check
 CVE-2021-24344 (The Easy Preloader WordPress plugin through 1.0.0 does not sanitise it ...)
 	NOT-FOR-US: WordPress plugin
 CVE-2021-24343 (The iFlyChat - WordPress Chat plugin through 4.6.4 does not sanitise i ...)
 	NOT-FOR-US: WordPress plugin
 CVE-2021-24342 (The JNews WordPress theme before 8.0.6 did not sanitise the cat_id par ...)
 	NOT-FOR-US: WordPress theme
-CVE-2021-24341
-	RESERVED
+CVE-2021-24341 (When deleting a date in the Xllentech English Islamic Calendar WordPre ...)
+	TODO: check
 CVE-2021-24340 (The WP Statistics WordPress plugin before 13.0.8 relied on using the W ...)
 	NOT-FOR-US: WordPress plugin
 CVE-2021-24339
@@ -31790,8 +31800,8 @@ CVE-2021-21441
 	RESERVED
 CVE-2021-21440
 	RESERVED
-CVE-2021-21439
-	RESERVED
+CVE-2021-21439 (DoS attack can be performed when an email contains specially designed  ...)
+	TODO: check
 CVE-2021-21438 (Agents are able to see linked FAQ articles without permissions (define ...)
 	NOT-FOR-US: OTRS FAQ addon (and OTRS 7 which is proprietary)
 CVE-2021-21437 (Agents are able to see linked Config Items without permissions, which  ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/8aea168970d7a2a54334559cf9fac5a7d9583a22

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/8aea168970d7a2a54334559cf9fac5a7d9583a22
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20210614/ed09f9c4/attachment.htm>

More information about the debian-security-tracker-commits mailing list