[Git][security-tracker-team/security-tracker][master] Process NFUs
Salvatore Bonaccorso (@carnil)
carnil at debian.org
Tue Jun 22 21:27:56 BST 2021
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
1dbda634 by Salvatore Bonaccorso at 2021-06-22T22:27:33+02:00
Process NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -357,9 +357,9 @@ CVE-2021-35048
CVE-2021-35047
RESERVED
CVE-2021-35046 (A session fixation vulnerability was discovered in Ice Hrm 29.0.0 OS w ...)
- TODO: check
+ NOT-FOR-US: Ice Hrm
CVE-2021-35045 (Cross site scripting (XSS) vulnerability in Ice Hrm 29.0.0.OS, allows ...)
- TODO: check
+ NOT-FOR-US: Ice Hrm
CVE-2021-35044
RESERVED
CVE-2021-35043
@@ -2131,9 +2131,9 @@ CVE-2021-34246
CVE-2021-34245
RESERVED
CVE-2021-34244 (A cross site request forgery (CSRF) vulnerability was discovered in Ic ...)
- TODO: check
+ NOT-FOR-US: Ice Hrm
CVE-2021-34243 (A stored cross site scripting (XSS) vulnerability was discovered in Ic ...)
- TODO: check
+ NOT-FOR-US: Ice Hrm
CVE-2021-34242
RESERVED
CVE-2021-34241
@@ -25806,7 +25806,7 @@ CVE-2021-24385
CVE-2021-24384
RESERVED
CVE-2021-24383 (The WP Google Maps WordPress plugin before 8.1.12 did not sanitise, va ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2021-24382 (The Smart Slider 3 Free and pro WordPress plugins before 3.5.0.9 did n ...)
NOT-FOR-US: WordPress plugin
CVE-2021-24381
@@ -25814,43 +25814,43 @@ CVE-2021-24381
CVE-2021-24380
RESERVED
CVE-2021-24379 (The Comments Like Dislike WordPress plugin before 1.1.4 allows users t ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2021-24378 (The Autoptimize WordPress plugin before 2.7.8 does not check for malic ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2021-24377 (The Autoptimize WordPress plugin before 2.7.8 attempts to remove poten ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2021-24376 (The Autoptimize WordPress plugin before 2.7.8 attempts to delete malic ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2021-24375
RESERVED
CVE-2021-24374 (The Jetpack Carousel module of the JetPack WordPress plugin before 9.8 ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2021-24373 (The WP Hardening – Fix Your WordPress Security WordPress plugin ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2021-24372 (The WP Hardening – Fix Your WordPress Security WordPress plugin ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2021-24371
RESERVED
CVE-2021-24370 (The Fancy Product Designer WordPress plugin before 4.6.9 allows unauth ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2021-24369 (In the GetPaid WordPress plugin before 2.3.4, users with the contribut ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2021-24368 (The Quiz And Survey Master – Best Quiz, Exam and Survey Plugin W ...)
NOT-FOR-US: WordPress plugin
CVE-2021-24367 (The WP Config File Editor WordPress plugin through 1.7.1 was affected ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2021-24366 (The Admin Columns Free WordPress plugin before 4.3 and Admin Columns P ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2021-24365
RESERVED
CVE-2021-24364 (The Jannah WordPress theme before 5.4.4 did not properly sanitize the ...)
- TODO: check
+ NOT-FOR-US: WordPress theme
CVE-2021-24363
RESERVED
CVE-2021-24362
RESERVED
CVE-2021-24361 (In the Location Manager WordPress plugin before 2.1.0.10, the AJAX act ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2021-24360 (The Yes/No Chart WordPress plugin before 1.0.12 did not sanitise its s ...)
NOT-FOR-US: WordPress plugin
CVE-2021-24359 (The Plus Addons for Elementor Page Builder WordPress plugin before 4.1 ...)
@@ -25894,9 +25894,9 @@ CVE-2021-24341 (When deleting a date in the Xllentech English Islamic Calendar W
CVE-2021-24340 (The WP Statistics WordPress plugin before 13.0.8 relied on using the W ...)
NOT-FOR-US: WordPress plugin
CVE-2021-24339 (The Pods – Custom Content Types and Fields WordPress plugin befo ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2021-24338 (The Pods – Custom Content Types and Fields WordPress plugin befo ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2021-24337 (The id GET parameter of one of the Video Embed WordPress plugin throug ...)
NOT-FOR-US: WordPress plugin
CVE-2021-24336 (The FlightLog WordPress plugin through 3.0.2 does not sanitise, valida ...)
@@ -28597,7 +28597,7 @@ CVE-2021-3046
CVE-2021-3045
RESERVED
CVE-2021-3044 (An improper authorization vulnerability in Palo Alto Networks Cortex X ...)
- TODO: check
+ NOT-FOR-US: Palo Alto Networks
CVE-2021-3043
RESERVED
CVE-2021-3042
@@ -30363,7 +30363,7 @@ CVE-2021-22384
CVE-2021-22383 (There is an out-of-bounds read vulnerability in eCNS280_TD V100R005C10 ...)
TODO: check
CVE-2021-22382 (Huawei LTE USB Dongle products have an improper permission assignment ...)
- TODO: check
+ NOT-FOR-US: Huawei
CVE-2021-22381
RESERVED
CVE-2021-22380
@@ -30443,7 +30443,7 @@ CVE-2021-22344
CVE-2021-22343
RESERVED
CVE-2021-22342 (There is an information leak vulnerability in Huawei products. A modul ...)
- TODO: check
+ NOT-FOR-US: Huawei
CVE-2021-22341
RESERVED
CVE-2021-22340
@@ -35602,13 +35602,13 @@ CVE-2021-20746
CVE-2021-20745
RESERVED
CVE-2021-20744 (Cross-site scripting vulnerability in EC-CUBE Category contents plugin ...)
- TODO: check
+ NOT-FOR-US: EC-CUBE Category contents plugin
CVE-2021-20743 (Cross-site scripting vulnerability in EC-CUBE Email newsletters manage ...)
- TODO: check
+ NOT-FOR-US: EC-CUBE Email newsletters management plugin
CVE-2021-20742 (Cross-site scripting vulnerability in EC-CUBE Business form output plu ...)
- TODO: check
+ NOT-FOR-US: EC-CUBE Business form output plugin
CVE-2021-20741 (Cross-site scripting vulnerability in Hitachi Application Server Help ...)
- TODO: check
+ NOT-FOR-US: Hitachi
CVE-2021-20740
RESERVED
CVE-2021-20739
@@ -35620,9 +35620,9 @@ CVE-2021-20737 (Improper authentication vulnerability in GROWI versions prior to
CVE-2021-20736 (NoSQL injection vulnerability in GROWI versions prior to v4.2.20 allow ...)
TODO: check
CVE-2021-20735 (Cross-site scripting vulnerability in ETUNA EC-CUBE plugins (Delivery ...)
- TODO: check
+ NOT-FOR-US: ETUNA EC-CUBE plugins
CVE-2021-20734 (Cross-site scripting vulnerability in Welcart e-Commerce versions prio ...)
- TODO: check
+ NOT-FOR-US: Welcart e-Commerce
CVE-2021-20733 (Improper authorization in handler for custom URL scheme vulnerability ...)
TODO: check
CVE-2021-20732 (The ATOM (ATOM - Smart life App for Android versions prior to 1.8.1 an ...)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/1dbda634526b63f6749346b1bdb5f74eb90f6435
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/1dbda634526b63f6749346b1bdb5f74eb90f6435
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20210622/c1503197/attachment.htm>
More information about the debian-security-tracker-commits
mailing list