[Git][security-tracker-team/security-tracker][master] Process NFUs
Salvatore Bonaccorso (@carnil)
carnil at debian.org
Mon Sep 13 21:31:35 BST 2021
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
8bdc0b11 by Salvatore Bonaccorso at 2021-09-13T22:31:11+02:00
Process NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -27108,7 +27108,7 @@ CVE-2021-29645
CVE-2021-29644
RESERVED
CVE-2021-29643 (PRTG Network Monitor before 21.3.69.1333 allows stored XSS via an unsa ...)
- TODO: check
+ NOT-FOR-US: PRTG Network Monitor
CVE-2021-29642 (GistPad before 0.2.7 allows a crafted workspace folder to change the U ...)
NOT-FOR-US: GistPad
CVE-2021-29641 (Directus 8 before 8.8.2 allows remote authenticated users to execute a ...)
@@ -39148,15 +39148,15 @@ CVE-2021-24730
CVE-2021-24729
RESERVED
CVE-2021-24728 (The Membership & Content Restriction – Paid Member Subscript ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2021-24727 (The StopBadBots WordPress plugin before 6.60 did not validate or escap ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2021-24726 (The WP Simple Booking Calendar WordPress plugin before 2.0.6 did not e ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2021-24725 (The Comment Link Remove and Other Comment Tools WordPress plugin befor ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2021-24724 (The Timetable and Event Schedule by MotoPress WordPress plugin before ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2021-24723
RESERVED
CVE-2021-24722
@@ -39358,15 +39358,15 @@ CVE-2021-24625
CVE-2021-24624
RESERVED
CVE-2021-24623 (The WordPress Advanced Ticket System, Elite Support Helpdesk WordPress ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2021-24622
RESERVED
CVE-2021-24621 (The WP Courses LMS WordPress plugin before 2.0.44 does not sanitise it ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2021-24620 (The WordPress Simple Ecommerce Shopping Cart Plugin- Sell products thr ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2021-24619 (The Per page add to head WordPress plugin through 1.4.4 does not prope ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2021-24618
RESERVED
CVE-2021-24617
@@ -39376,7 +39376,7 @@ CVE-2021-24616
CVE-2021-24615
RESERVED
CVE-2021-24614 (The Book appointment online WordPress plugin before 1.39 does not sani ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2021-24613
RESERVED
CVE-2021-24612
@@ -39394,7 +39394,7 @@ CVE-2021-24607
CVE-2021-24606
RESERVED
CVE-2021-24605 (The create_post_page AJAX action of the Custom Post View Generator Wor ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2021-24604
RESERVED
CVE-2021-24603 (The Site Reviews WordPress plugin before 5.13.1 does not sanitise some ...)
@@ -39432,7 +39432,7 @@ CVE-2021-24588 (The SMS Alert Order Notifications WordPress plugin before 3.4.7
CVE-2021-24587
RESERVED
CVE-2021-24586 (The Per page add to head WordPress plugin before 1.4.4 is lacking any ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2021-24585
RESERVED
CVE-2021-24584
@@ -39484,7 +39484,7 @@ CVE-2021-24562 (The LMS by LifterLMS – Online Course, Membership & Lea
CVE-2021-24561 (The WP SMS WordPress plugin before 5.4.13 does not sanitise the "wp_gr ...)
NOT-FOR-US: WordPress plugin
CVE-2021-24560 (The Software License Manager WordPress plugin before 4.4.8 does not sa ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2021-24559
RESERVED
CVE-2021-24558 (The pspin_duplicate_post_save_as_new_post function of the Project Stat ...)
@@ -39558,7 +39558,7 @@ CVE-2021-24525
CVE-2021-24524 (The GiveWP – Donation Plugin and Fundraising Platform WordPress ...)
NOT-FOR-US: WordPress plugin
CVE-2021-24523 (The Daily Prayer Time WordPress plugin before 2021.08.10 does not sani ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2021-24522 (The User Registration, User Profile, Login & Membership – Pr ...)
NOT-FOR-US: Wordpress plugin
CVE-2021-24521 (The Side Menu Lite – add sticky fixed buttons WordPress plugin b ...)
@@ -39584,11 +39584,11 @@ CVE-2021-24512 (The Video Posts Webcam Recorder WordPress plugin before 3.2.4 ha
CVE-2021-24511
RESERVED
CVE-2021-24510 (The MF Gig Calendar WordPress plugin through 1.1 does not sanitise or ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2021-24509 (The Page View Count WordPress plugin before 2.4.9 does not escape the ...)
NOT-FOR-US: Wordpress plugin
CVE-2021-24508 (The Smash Balloon Social Post Feed WordPress plugin before 2.19.2 does ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2021-24507 (The Astra Pro Addon WordPress plugin before 3.5.2 did not properly san ...)
NOT-FOR-US: Wordpress plugin
CVE-2021-24506 (The Slider Hero with Animation, Video Background & Intro Maker Wor ...)
@@ -39618,13 +39618,13 @@ CVE-2021-24495 (The Marmoset Viewer WordPress plugin before 1.9.3 does not prope
CVE-2021-24494 (The WP Offload SES Lite WordPress plugin before 1.4.5 did not escape s ...)
NOT-FOR-US: Wordpress plugin
CVE-2021-24493 (The shopp_upload_file AJAX action of the Shopp WordPress plugin throug ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2021-24492 (The hndtst_action_instance_callback AJAX call of the Handsome Testimon ...)
NOT-FOR-US: WordPress plugin
CVE-2021-24491 (The Fileviewer WordPress plugin through 2.2 does not have CSRF checks ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2021-24490 (The Email Artillery (MASS EMAIL) WordPress plugin through 4.1 does not ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2021-24489
RESERVED
CVE-2021-24488 (The slider import search feature and tab parameter of the Post Grid Wo ...)
@@ -39742,7 +39742,7 @@ CVE-2021-24433
CVE-2021-24432
RESERVED
CVE-2021-24431 (The Language Bar Flags WordPress plugin through 1.0.8 does not have an ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2021-24430 (The Speed Booster Pack ⚡ PageSpeed Optimization Suite WordPress ...)
NOT-FOR-US: Wordpress plugin
CVE-2021-24429 (The Salon booking system WordPress plugin before 6.3.1 does not proper ...)
@@ -44175,15 +44175,15 @@ CVE-2021-22530
CVE-2021-22529
RESERVED
CVE-2021-22528 (Reflected Cross Site Scripting (XSS) vulnerability in NetIQ Access Man ...)
- TODO: check
+ NOT-FOR-US: NetIQ Access Manager
CVE-2021-22527 (Information leakage vulnerability in NetIQ Access Manager prior to 5.0 ...)
- TODO: check
+ NOT-FOR-US: NetIQ Access Manager
CVE-2021-22526 (Open Redirection vulnerability in NetIQ Access Manager prior to 5.0.1 ...)
- TODO: check
+ NOT-FOR-US: NetIQ Access Manager
CVE-2021-22525 (This release addresses a potential information leakage vulnerability i ...)
NOT-FOR-US: Microfocus
CVE-2021-22524 (Injection attack caused the denial of service vulnerability in NetIQ A ...)
- TODO: check
+ NOT-FOR-US: NetIQ Access Manager
CVE-2021-22523 (XML External Entity vulnerability in Micro Focus Verastream Host Integ ...)
NOT-FOR-US: Micro Focus
CVE-2021-22522 (Reflected Cross-Site Scripting vulnerability in Micro Focus Verastream ...)
@@ -61648,9 +61648,9 @@ CVE-2020-27972
CVE-2020-27971
RESERVED
CVE-2020-27970 (Yandex Browser before 20.10.0 allows remote attackers to spoof the add ...)
- TODO: check
+ NOT-FOR-US: Yandex Browser
CVE-2020-27969 (Yandex Browser for Android 20.8.4 allows remote attackers to perform S ...)
- TODO: check
+ NOT-FOR-US: Yandex Browser
CVE-2020-27968
RESERVED
CVE-2020-27967
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/8bdc0b11df64ccb2d3d2f371c97de90543d74a2f
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/8bdc0b11df64ccb2d3d2f371c97de90543d74a2f
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20210913/88ae5110/attachment.htm>
More information about the debian-security-tracker-commits
mailing list