[Git][security-tracker-team/security-tracker][master] automatic update
Salvatore Bonaccorso (@carnil)
carnil at debian.org
Mon Jan 3 20:10:35 GMT 2022
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
d2560dde by security tracker role at 2022-01-03T20:10:27+00:00
automatic update
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,3 +1,327 @@
+CVE-2022-22306
+ RESERVED
+CVE-2022-22305
+ RESERVED
+CVE-2022-22304
+ RESERVED
+CVE-2022-22303
+ RESERVED
+CVE-2022-22302
+ RESERVED
+CVE-2022-22301
+ RESERVED
+CVE-2022-22300
+ RESERVED
+CVE-2022-22299
+ RESERVED
+CVE-2022-22298
+ RESERVED
+CVE-2022-22297
+ RESERVED
+CVE-2022-22296
+ RESERVED
+CVE-2022-22295
+ RESERVED
+CVE-2022-22294
+ RESERVED
+CVE-2022-0086
+ RESERVED
+CVE-2022-0085
+ RESERVED
+CVE-2022-0084
+ RESERVED
+CVE-2021-46129
+ RESERVED
+CVE-2021-46128
+ RESERVED
+CVE-2021-46127
+ RESERVED
+CVE-2021-46126
+ RESERVED
+CVE-2021-46125
+ RESERVED
+CVE-2021-46124
+ RESERVED
+CVE-2021-46123
+ RESERVED
+CVE-2021-46122
+ RESERVED
+CVE-2021-46121
+ RESERVED
+CVE-2021-46120
+ RESERVED
+CVE-2021-46119
+ RESERVED
+CVE-2021-46118
+ RESERVED
+CVE-2021-46117
+ RESERVED
+CVE-2021-46116
+ RESERVED
+CVE-2021-46115
+ RESERVED
+CVE-2021-46114
+ RESERVED
+CVE-2021-46113
+ RESERVED
+CVE-2021-46112
+ RESERVED
+CVE-2021-46111
+ RESERVED
+CVE-2021-46110
+ RESERVED
+CVE-2021-46109 (Invalid input sanitizing leads to reflected Cross Site Scripting (XSS) ...)
+ TODO: check
+CVE-2021-46108
+ RESERVED
+CVE-2021-46107
+ RESERVED
+CVE-2021-46106
+ RESERVED
+CVE-2021-46105
+ RESERVED
+CVE-2021-46104
+ RESERVED
+CVE-2021-46103
+ RESERVED
+CVE-2021-46102
+ RESERVED
+CVE-2021-46101
+ RESERVED
+CVE-2021-46100
+ RESERVED
+CVE-2021-46099
+ RESERVED
+CVE-2021-46098
+ RESERVED
+CVE-2021-46097
+ RESERVED
+CVE-2021-46096
+ RESERVED
+CVE-2021-46095
+ RESERVED
+CVE-2021-46094
+ RESERVED
+CVE-2021-46093
+ RESERVED
+CVE-2021-46092
+ RESERVED
+CVE-2021-46091
+ RESERVED
+CVE-2021-46090
+ RESERVED
+CVE-2021-46089
+ RESERVED
+CVE-2021-46088
+ RESERVED
+CVE-2021-46087
+ RESERVED
+CVE-2021-46086
+ RESERVED
+CVE-2021-46085
+ RESERVED
+CVE-2021-46084
+ RESERVED
+CVE-2021-46083
+ RESERVED
+CVE-2021-46082
+ RESERVED
+CVE-2021-46081
+ RESERVED
+CVE-2021-46080
+ RESERVED
+CVE-2021-46079
+ RESERVED
+CVE-2021-46078
+ RESERVED
+CVE-2021-46077
+ RESERVED
+CVE-2021-46076
+ RESERVED
+CVE-2021-46075
+ RESERVED
+CVE-2021-46074
+ RESERVED
+CVE-2021-46073
+ RESERVED
+CVE-2021-46072
+ RESERVED
+CVE-2021-46071
+ RESERVED
+CVE-2021-46070
+ RESERVED
+CVE-2021-46069
+ RESERVED
+CVE-2021-46068
+ RESERVED
+CVE-2021-46067
+ RESERVED
+CVE-2021-46066
+ RESERVED
+CVE-2021-46065
+ RESERVED
+CVE-2021-46064
+ RESERVED
+CVE-2021-46063
+ RESERVED
+CVE-2021-46062
+ RESERVED
+CVE-2021-46061
+ RESERVED
+CVE-2021-46060
+ RESERVED
+CVE-2021-46059
+ RESERVED
+CVE-2021-46058
+ RESERVED
+CVE-2021-46057
+ RESERVED
+CVE-2021-46056
+ RESERVED
+CVE-2021-46055
+ RESERVED
+CVE-2021-46054
+ RESERVED
+CVE-2021-46053
+ RESERVED
+CVE-2021-46052
+ RESERVED
+CVE-2021-46051
+ RESERVED
+CVE-2021-46050
+ RESERVED
+CVE-2021-46049
+ RESERVED
+CVE-2021-46048
+ RESERVED
+CVE-2021-46047
+ RESERVED
+CVE-2021-46046
+ RESERVED
+CVE-2021-46045
+ RESERVED
+CVE-2021-46044
+ RESERVED
+CVE-2021-46043
+ RESERVED
+CVE-2021-46042
+ RESERVED
+CVE-2021-46041
+ RESERVED
+CVE-2021-46040
+ RESERVED
+CVE-2021-46039
+ RESERVED
+CVE-2021-46038
+ RESERVED
+CVE-2021-46037
+ RESERVED
+CVE-2021-46036
+ RESERVED
+CVE-2021-46035
+ RESERVED
+CVE-2021-46034
+ RESERVED
+CVE-2021-46033
+ RESERVED
+CVE-2021-46032
+ RESERVED
+CVE-2021-46031
+ RESERVED
+CVE-2021-46030
+ RESERVED
+CVE-2021-46029
+ RESERVED
+CVE-2021-46028
+ RESERVED
+CVE-2021-46027
+ RESERVED
+CVE-2021-46026
+ RESERVED
+CVE-2021-46025
+ RESERVED
+CVE-2021-46024
+ RESERVED
+CVE-2021-46023
+ RESERVED
+CVE-2021-46022
+ RESERVED
+CVE-2021-46021
+ RESERVED
+CVE-2021-46020
+ RESERVED
+CVE-2021-46019
+ RESERVED
+CVE-2021-46018
+ RESERVED
+CVE-2021-46017
+ RESERVED
+CVE-2021-46016
+ RESERVED
+CVE-2021-46015
+ RESERVED
+CVE-2021-46014
+ RESERVED
+CVE-2021-46013
+ RESERVED
+CVE-2021-46012
+ RESERVED
+CVE-2021-46011
+ RESERVED
+CVE-2021-46010
+ RESERVED
+CVE-2021-46009
+ RESERVED
+CVE-2021-46008
+ RESERVED
+CVE-2021-46007
+ RESERVED
+CVE-2021-46006
+ RESERVED
+CVE-2021-46005
+ RESERVED
+CVE-2021-46004
+ RESERVED
+CVE-2021-46003
+ RESERVED
+CVE-2021-46002
+ RESERVED
+CVE-2021-46001
+ RESERVED
+CVE-2021-46000
+ RESERVED
+CVE-2021-45999
+ RESERVED
+CVE-2021-45998
+ RESERVED
+CVE-2021-45997
+ RESERVED
+CVE-2021-45996
+ RESERVED
+CVE-2021-45995
+ RESERVED
+CVE-2021-45994
+ RESERVED
+CVE-2021-45993
+ RESERVED
+CVE-2021-45992
+ RESERVED
+CVE-2021-45991
+ RESERVED
+CVE-2021-45990
+ RESERVED
+CVE-2021-45989
+ RESERVED
+CVE-2021-45988
+ RESERVED
+CVE-2021-45987
+ RESERVED
+CVE-2021-45986
+ RESERVED
+CVE-2021-45985
+ RESERVED
+CVE-2021-4197
+ RESERVED
CVE-2021-XXXX [XSS vulnerability via HTML messages with malicious CSS content]
- roundcube <unfixed> (bug #1003027)
NOTE: https://github.com/roundcube/roundcubemail/commit/8894fddd59b770399eed4ef8d4da5773913b5bf0 (1.5.2)
@@ -76,7 +400,8 @@ CVE-2022-0079 (showdoc is vulnerable to Generation of Error Message Containing S
NOT-FOR-US: showdoc
CVE-2022-0078
RESERVED
-CVE-2021-45959 (** DISPUTED ** {fmt} 7.1.0 through 8.0.1 has a stack-based buffer over ...)
+CVE-2021-45959
+ REJECTED
- fmtlib <unfixed> (unimportant)
NOTE: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=36110
NOTE: https://github.com/fmtlib/fmt/issues/2685
@@ -468,10 +793,10 @@ CVE-2022-0011
RESERVED
CVE-2021-45918
RESERVED
-CVE-2021-45917
- RESERVED
-CVE-2021-45916
- RESERVED
+CVE-2021-45917 (The server-request receiver function of Shockwall system has an improp ...)
+ TODO: check
+CVE-2021-45916 (The programming function of Shockwall system has an improper input val ...)
+ TODO: check
CVE-2021-45915
RESERVED
CVE-2021-45914
@@ -728,8 +1053,8 @@ CVE-2021-45819
RESERVED
CVE-2021-45818 (SAFARI Montage 8.7.32 is affected by a CRLF injection vulnerability wh ...)
NOT-FOR-US: SAFARI Montage
-CVE-2021-45817
- RESERVED
+CVE-2021-45817 (Web Viewer for Hanwha DVR version 2.17 is affected by a Cross Site Scr ...)
+ TODO: check
CVE-2021-45816
RESERVED
CVE-2021-45815 (Quectel UC20 UMTS/HSPA+ UC20 6.3.14 is affected by a Cross Site Script ...)
@@ -2109,8 +2434,8 @@ CVE-2021-45430
RESERVED
CVE-2021-45429
RESERVED
-CVE-2021-45428
- RESERVED
+CVE-2021-45428 (TLR-2005KSH is affected by an incorrect access control vulnerability. ...)
+ TODO: check
CVE-2021-45427 (Emerson XWEB 300D EVO 3.0.7--3ee403 is affected by: unauthenticated ar ...)
TODO: check
CVE-2021-45426
@@ -4578,8 +4903,8 @@ CVE-2021-4072 (elgg is vulnerable to Improper Neutralization of Input During Web
NOT-FOR-US: elgg
CVE-2021-4071
RESERVED
-CVE-2021-44674
- RESERVED
+CVE-2021-44674 (An information exposure issue has been discovered in Opmantek Open-Aud ...)
+ TODO: check
CVE-2021-44673
RESERVED
CVE-2021-44672
@@ -5996,8 +6321,8 @@ CVE-2021-44160 (Carinal Tien Hospital Health Report System’s login page ha
NOT-FOR-US: Carinal Tien Hospital Health Report System&
CVE-2021-44159 (4MOSAn GCB Doctor’s file upload function has improper user privi ...)
NOT-FOR-US: 4MOSAn GCB Doctor
-CVE-2021-44158
- RESERVED
+CVE-2021-44158 (ASUS RT-AX56U Wi-Fi Router is vulnerable to stack-based buffer overflo ...)
+ TODO: check
CVE-2021-4011 (A flaw was found in xorg-x11-server in versions before 21.1.2 and befo ...)
{DSA-5027-1 DLA-2869-1}
- xorg-server 2:1.20.13-3
@@ -15197,8 +15522,8 @@ CVE-2021-41768
RESERVED
CVE-2021-41767
RESERVED
-CVE-2021-3837
- RESERVED
+CVE-2021-3837 (openwhyd is vulnerable to Improper Authorization ...)
+ TODO: check
CVE-2021-41766
RESERVED
CVE-2021-3836 (dbeaver is vulnerable to Improper Restriction of XML External Entity R ...)
@@ -31288,8 +31613,8 @@ CVE-2021-35095
RESERVED
CVE-2021-35094
RESERVED
-CVE-2021-35093
- RESERVED
+CVE-2021-35093 (Possible memory corruption in BT controller when it receives an oversi ...)
+ TODO: check
CVE-2021-35092
RESERVED
CVE-2021-35091
@@ -43346,15 +43671,14 @@ CVE-2021-30353
RESERVED
CVE-2021-30352
RESERVED
-CVE-2021-30351
- RESERVED
+CVE-2021-30351 (An out of bound memory access can occur due to improper validation of ...)
NOT-FOR-US: Qualcomm components for Android
CVE-2021-30350
RESERVED
CVE-2021-30349
RESERVED
-CVE-2021-30348
- RESERVED
+CVE-2021-30348 (Improper validation of LLM utility timers availability can lead to den ...)
+ TODO: check
CVE-2021-30347
RESERVED
CVE-2021-30346
@@ -43375,14 +43699,11 @@ CVE-2021-30339
RESERVED
CVE-2021-30338
RESERVED
-CVE-2021-30337
- RESERVED
+CVE-2021-30337 (Possible use after free when process shell memory is freed using IOCTL ...)
NOT-FOR-US: Qualcomm components for Android
-CVE-2021-30336
- RESERVED
+CVE-2021-30336 (Possible out of bound read due to lack of domain input validation whil ...)
NOT-FOR-US: Qualcomm components for Android
-CVE-2021-30335
- RESERVED
+CVE-2021-30335 (Possible assertion in QOS request due to improper validation when mult ...)
NOT-FOR-US: Qualcomm components for Android
CVE-2021-30334
RESERVED
@@ -43446,8 +43767,7 @@ CVE-2021-30305 (Possible out of bound access due to lack of validation of page o
NOT-FOR-US: Qualcomm components for Android
CVE-2021-30304 (Possible buffer out of bound read can occur due to improper validation ...)
NOT-FOR-US: Snapdragon
-CVE-2021-30303
- RESERVED
+CVE-2021-30303 (Possible buffer overflow due to lack of buffer length check when segme ...)
NOT-FOR-US: Qualcomm components for Android
CVE-2021-30302 (Improper authentication of EAP WAPI EAPOL frames from unauthenticated ...)
NOT-FOR-US: Qualcomm components for Android
@@ -43457,8 +43777,7 @@ CVE-2021-30300
RESERVED
CVE-2021-30299
RESERVED
-CVE-2021-30298
- RESERVED
+CVE-2021-30298 (Possible out of bound access due to improper validation of item size a ...)
NOT-FOR-US: Qualcomm components for Android
CVE-2021-30297 (Possible out of bound read due to improper validation of packet length ...)
NOT-FOR-US: Qualcomm components for Android
@@ -43468,8 +43787,7 @@ CVE-2021-30295 (Possible heap overflow due to improper validation of local varia
NOT-FOR-US: Qualcomm components for Android
CVE-2021-30294 (Potential null pointer dereference in KGSL GPU auxiliary command due t ...)
NOT-FOR-US: Qualcomm components for Android
-CVE-2021-30293
- RESERVED
+CVE-2021-30293 (Possible assertion due to lack of input validation in PUSCH configurat ...)
NOT-FOR-US: Qualcomm components for Android
CVE-2021-30292 (Possible memory corruption due to lack of validation of client data us ...)
NOT-FOR-US: Qualcomm components for Android
@@ -43477,8 +43795,7 @@ CVE-2021-30291 (Possible memory corruption due to lack of validation of client d
NOT-FOR-US: Qualcomm components for Android
CVE-2021-30290 (Possible null pointer dereference due to race condition between timeli ...)
NOT-FOR-US: Snapdragon
-CVE-2021-30289
- RESERVED
+CVE-2021-30289 (Possible buffer overflow due to lack of range check while processing a ...)
NOT-FOR-US: Qualcomm components for Android
CVE-2021-30288 (Possible stack overflow due to improper length check of TLV while copy ...)
NOT-FOR-US: Qualcomm components for Android
@@ -43490,53 +43807,39 @@ CVE-2021-30285
RESERVED
CVE-2021-30284 (Possible information exposure and denial of service due to NAS not dro ...)
NOT-FOR-US: Qualcomm components for Android
-CVE-2021-30283
- RESERVED
+CVE-2021-30283 (Possible denial of service due to improper handling of debug register ...)
NOT-FOR-US: Qualcomm components for Android
-CVE-2021-30282
- RESERVED
+CVE-2021-30282 (Possible out of bound write in RAM partition table due to improper val ...)
NOT-FOR-US: Qualcomm components for Android
CVE-2021-30281
RESERVED
CVE-2021-30280
RESERVED
-CVE-2021-30279
- RESERVED
+CVE-2021-30279 (Possible access control violation while setting current permission for ...)
NOT-FOR-US: Qualcomm components for Android
-CVE-2021-30278
- RESERVED
+CVE-2021-30278 (Improper input validation in TrustZone memory transfer interface can l ...)
NOT-FOR-US: Qualcomm components for Android
CVE-2021-30277
RESERVED
-CVE-2021-30276
- RESERVED
+CVE-2021-30276 (Improper access control while doing XPU re-configuration dynamically c ...)
NOT-FOR-US: Android
-CVE-2021-30275
- RESERVED
+CVE-2021-30275 (Possible integer overflow in page alignment interface due to lack of a ...)
NOT-FOR-US: Qualcomm components for Android
-CVE-2021-30274
- RESERVED
+CVE-2021-30274 (Possible integer overflow in access control initialization interface d ...)
NOT-FOR-US: Qualcomm components for Android
-CVE-2021-30273
- RESERVED
+CVE-2021-30273 (Possible assertion due to improper handling of IPV6 packet with invali ...)
NOT-FOR-US: Qualcomm components for Android
-CVE-2021-30272
- RESERVED
+CVE-2021-30272 (Possible null pointer dereference in thread cache operation handler du ...)
NOT-FOR-US: Qualcomm components for Android
-CVE-2021-30271
- RESERVED
+CVE-2021-30271 (Possible null pointer dereference in trap handler due to lack of threa ...)
NOT-FOR-US: Qualcomm components for Android
-CVE-2021-30270
- RESERVED
+CVE-2021-30270 (Possible null pointer dereference in thread profile trap handler due t ...)
NOT-FOR-US: Qualcomm components for Android
-CVE-2021-30269
- RESERVED
+CVE-2021-30269 (Possible null pointer dereference due to lack of TLB validation for us ...)
NOT-FOR-US: Qualcomm components for Android
-CVE-2021-30268
- RESERVED
+CVE-2021-30268 (Possible heap Memory Corruption Issue due to lack of input validation ...)
NOT-FOR-US: Qualcomm components for Android
-CVE-2021-30267
- RESERVED
+CVE-2021-30267 (Possible integer overflow to buffer overflow due to improper input val ...)
NOT-FOR-US: Qualcomm components for Android
CVE-2021-30266 (Possible use after free due to improper memory validation when initial ...)
NOT-FOR-US: Qualcomm components for Android
@@ -43546,8 +43849,7 @@ CVE-2021-30264 (Possible use after free due improper validation of reference fro
NOT-FOR-US: Qualcomm components for Android
CVE-2021-30263 (Possible race condition can occur due to lack of synchronization mecha ...)
NOT-FOR-US: Qualcomm components for Android
-CVE-2021-30262
- RESERVED
+CVE-2021-30262 (Improper validation of a socket state when socket events are being sen ...)
NOT-FOR-US: Qualcomm components for Android
CVE-2021-30261 (Possible integer and heap overflow due to lack of input command size v ...)
NOT-FOR-US: Qualcomm components for Android
@@ -56832,8 +57134,8 @@ CVE-2021-25042
RESERVED
CVE-2021-25041 (The Photo Gallery by 10Web WordPress plugin before 1.5.68 is vulnerabl ...)
NOT-FOR-US: WordPress plugin
-CVE-2021-25040
- RESERVED
+CVE-2021-25040 (The Booking Calendar WordPress plugin before 8.9.2 does not sanitise a ...)
+ TODO: check
CVE-2021-25039
RESERVED
CVE-2021-25038
@@ -56852,36 +57154,36 @@ CVE-2021-25032
RESERVED
CVE-2021-25031
RESERVED
-CVE-2021-25030
- RESERVED
+CVE-2021-25030 (The Events Made Easy WordPress plugin before 2.2.36 does not sanitise ...)
+ TODO: check
CVE-2021-25029
RESERVED
CVE-2021-25028
RESERVED
-CVE-2021-25027
- RESERVED
+CVE-2021-25027 (The PowerPack Addons for Elementor WordPress plugin before 2.6.2 does ...)
+ TODO: check
CVE-2021-25026
RESERVED
CVE-2021-25025
RESERVED
CVE-2021-25024
RESERVED
-CVE-2021-25023
- RESERVED
-CVE-2021-25022
- RESERVED
-CVE-2021-25021
- RESERVED
-CVE-2021-25020
- RESERVED
+CVE-2021-25023 (The Speed Booster Pack ⚡ PageSpeed Optimization Suite WordPress ...)
+ TODO: check
+CVE-2021-25022 (The UpdraftPlus WordPress Backup Plugin WordPress plugin before 1.16.6 ...)
+ TODO: check
+CVE-2021-25021 (The OMGF | Host Google Fonts Locally WordPress plugin before 4.5.12 do ...)
+ TODO: check
+CVE-2021-25020 (The CAOS | Host Google Analytics Locally WordPress plugin before 4.1.9 ...)
+ TODO: check
CVE-2021-25019
RESERVED
CVE-2021-25018
RESERVED
CVE-2021-25017
RESERVED
-CVE-2021-25016
- RESERVED
+CVE-2021-25016 (The Chaty WordPress plugin before 2.8.3 and Chaty Pro WordPress plugin ...)
+ TODO: check
CVE-2021-25015
RESERVED
CVE-2021-25014
@@ -56910,12 +57212,12 @@ CVE-2021-25003
RESERVED
CVE-2021-25002
RESERVED
-CVE-2021-25001
- RESERVED
-CVE-2021-25000
- RESERVED
-CVE-2021-24999
- RESERVED
+CVE-2021-25001 (The Booster for WooCommerce WordPress plugin before 5.4.9 does not san ...)
+ TODO: check
+CVE-2021-25000 (The Booster for WooCommerce WordPress plugin before 5.4.9 does not san ...)
+ TODO: check
+CVE-2021-24999 (The Booster for WooCommerce WordPress plugin before 5.4.9 does not san ...)
+ TODO: check
CVE-2021-24998 (The Simple JWT Login WordPress plugin before 3.3.0 can be used to crea ...)
NOT-FOR-US: WordPress plugin
CVE-2021-24997 (The WP Guppy WordPress plugin before 1.3 does not have any authorisati ...)
@@ -56930,8 +57232,8 @@ CVE-2021-24993
RESERVED
CVE-2021-24992 (The Smart Floating / Sticky Buttons WordPress plugin before 2.5.5 does ...)
NOT-FOR-US: WordPress plugin
-CVE-2021-24991
- RESERVED
+CVE-2021-24991 (The WooCommerce PDF Invoices & Packing Slips WordPress plugin befo ...)
+ TODO: check
CVE-2021-24990
RESERVED
CVE-2021-24989
@@ -56966,8 +57268,8 @@ CVE-2021-24975
RESERVED
CVE-2021-24974
RESERVED
-CVE-2021-24973
- RESERVED
+CVE-2021-24973 (The Site Reviews WordPress plugin before 5.17.3 does not sanitise and ...)
+ TODO: check
CVE-2021-24972 (The Pixel Cat WordPress plugin before 2.6.3 does not escape some of it ...)
NOT-FOR-US: WordPress plugin
CVE-2021-24971
@@ -56984,10 +57286,10 @@ CVE-2021-24966
RESERVED
CVE-2021-24965
RESERVED
-CVE-2021-24964
- RESERVED
-CVE-2021-24963
- RESERVED
+CVE-2021-24964 (The LiteSpeed Cache WordPress plugin before 4.4.4 does not properly ve ...)
+ TODO: check
+CVE-2021-24963 (The LiteSpeed Cache WordPress plugin before 4.4.4 does not escape the ...)
+ TODO: check
CVE-2021-24962
RESERVED
CVE-2021-24961
@@ -57126,8 +57428,8 @@ CVE-2021-24895
RESERVED
CVE-2021-24894 (The Reviews Plus WordPress plugin before 1.2.14 does not validate the ...)
NOT-FOR-US: WordPress plugin
-CVE-2021-24893
- RESERVED
+CVE-2021-24893 (The Stars Rating WordPress plugin before 3.5.1 does not validate the s ...)
+ TODO: check
CVE-2021-24892 (Insecure Direct Object Reference in edit function of Advanced Forms (F ...)
NOT-FOR-US: WordPress plugin
CVE-2021-24891 (The Elementor Website Builder WordPress plugin before 3.4.8 does not s ...)
@@ -57250,14 +57552,14 @@ CVE-2021-24833 (The YOP Poll WordPress plugin before 6.3.1 is affected by a stor
NOT-FOR-US: WordPress plugin
CVE-2021-24832 (The WP SEO Redirect 301 WordPress plugin before 2.3.2 does not have CS ...)
NOT-FOR-US: WordPress plugin
-CVE-2021-24831
- RESERVED
+CVE-2021-24831 (All AJAX actions of the Tab WordPress plugin before 1.3.2 are availabl ...)
+ TODO: check
CVE-2021-24830 (The Advanced Access Manager WordPress plugin before 6.8.0 does not esc ...)
NOT-FOR-US: WordPress plugin
CVE-2021-24829 (The Visitor Traffic Real Time Statistics WordPress plugin before 3.9 d ...)
NOT-FOR-US: WordPress plugin
-CVE-2021-24828
- RESERVED
+CVE-2021-24828 (The Mortgage Calculator / Loan Calculator WordPress plugin before 1.5. ...)
+ TODO: check
CVE-2021-24827 (The Asgaros Forum WordPress plugin before 1.15.13 does not validate an ...)
NOT-FOR-US: WordPress plugin
CVE-2021-24826
@@ -57340,8 +57642,8 @@ CVE-2021-24788 (The Batch Cat WordPress plugin through 0.3 defines 3 custom AJAX
NOT-FOR-US: WordPress plugin
CVE-2021-24787 (The Client Invoicing by Sprout Invoices WordPress plugin before 19.9.7 ...)
NOT-FOR-US: WordPress plugin
-CVE-2021-24786
- RESERVED
+CVE-2021-24786 (The Download Monitor WordPress plugin before 4.4.5 does not properly v ...)
+ TODO: check
CVE-2021-24785 (The Great Quotes WordPress plugin through 1.0.0 does not sanitise and ...)
NOT-FOR-US: WordPress plugin
CVE-2021-24784 (The WP Admin Logo Changer WordPress plugin through 1.0 does not have C ...)
@@ -57552,8 +57854,8 @@ CVE-2021-24682 (The Cool Tag Cloud WordPress plugin before 2.26 does not escape
NOT-FOR-US: WordPress plugin
CVE-2021-24681 (The Duplicate Page WordPress plugin through 4.4.2 does not sanitise or ...)
NOT-FOR-US: WordPress plugin
-CVE-2021-24680
- RESERVED
+CVE-2021-24680 (The WP Travel Engine WordPress plugin before 5.3.1 does not escape the ...)
+ TODO: check
CVE-2021-24679 (The Bitcoin / AltCoin Payment Gateway for WooCommerce WordPress plugin ...)
NOT-FOR-US: WordPress plugin
CVE-2021-24678 (The CM Tooltip Glossary WordPress plugin before 3.9.21 does not escape ...)
@@ -72749,8 +73051,7 @@ CVE-2021-1920 (Integer underflow can occur due to improper handling of incoming
NOT-FOR-US: Qualcomm components for Android
CVE-2021-1919 (Integer underflow can occur when the RTCP length is lesser than than t ...)
NOT-FOR-US: Qualcomm components for Android
-CVE-2021-1918
- RESERVED
+CVE-2021-1918 (Improper handling of resource allocation in virtual machines can lead ...)
NOT-FOR-US: Qualcomm components for Android
CVE-2021-1917 (Null pointer dereference can occur due to memory allocation failure in ...)
NOT-FOR-US: Qualcomm components for Android
@@ -72798,8 +73099,7 @@ CVE-2021-1896 (Weak configuration in WLAN could cause forwarding of unencrypted
NOT-FOR-US: Snapdragon
CVE-2021-1895 (Possible integer overflow due to improper length check while flashing ...)
NOT-FOR-US: Snapdragon
-CVE-2021-1894
- RESERVED
+CVE-2021-1894 (Improper access control in TrustZone due to improper error handling wh ...)
NOT-FOR-US: Qualcomm components for Android
CVE-2021-1893
RESERVED
@@ -121652,8 +121952,7 @@ CVE-2020-11265 (Information disclosure issue due to lack of validation of pointe
NOT-FOR-US: Qualcomm components for Android
CVE-2020-11264 (Improper authentication of Non-EAPOL/WAPI plaintext frames during four ...)
NOT-FOR-US: Qualcomm WLAN Windows Host
-CVE-2020-11263
- RESERVED
+CVE-2020-11263 (An integer overflow due to improper check performed after the address ...)
NOT-FOR-US: Qualcomm components for Android
CVE-2020-11262 (A race between command submission and destroying the context can cause ...)
NOT-FOR-US: Qualcomm components for Android
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/d2560dde20fbad56e4771029a93f042b51696650
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/d2560dde20fbad56e4771029a93f042b51696650
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20220103/e0e7a2d3/attachment-0001.htm>
More information about the debian-security-tracker-commits
mailing list