Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits: 7b832322 by Salvatore Bonaccorso at 2021-05-17T22:24:09+02:00 Process some more NFUs - - - - - 1 changed file: - data/CVE/list Changes: ===================================== data/CVE/list ===================================== @@ -18530,7 +18530,7 @@ CVE-2021-25266 CVE-2021-25265 (A malicious website could execute code remotely in Sophos Connect Clie ...) NOT-FOR-US: Sophos Connect Client CVE-2021-25264 (In multiple versions of Sophos Endpoint products for MacOS, a local at ...) - TODO: check + NOT-FOR-US: Sophos CVE-2021-25263 RESERVED CVE-2021-25262 @@ -20461,13 +20461,13 @@ CVE-2021-24329 CVE-2021-24328 RESERVED CVE-2021-24327 (The SEO Redirection Plugin – 301 Redirect Manager WordPress plug ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2021-24326 (The tab parameter of the settings page of the All 404 Redirect to Home ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2021-24325 (The tab parameter of the settings page of the 404 SEO Redirection Word ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2021-24324 (The 404 SEO Redirection WordPress plugin through 1.3 is lacking CSRF c ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2021-24323 (When taxes are enabled, the "Additional tax classes" field was not pro ...) TODO: check CVE-2021-24322 @@ -20485,9 +20485,9 @@ CVE-2021-24317 CVE-2021-24316 RESERVED CVE-2021-24315 (The GiveWP – Donation Plugin and Fundraising Platform WordPress ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2021-24314 (The Goto WordPress theme before 2.1 did not sanitise, validate of esca ...) - TODO: check + NOT-FOR-US: WordPress theme CVE-2021-24313 RESERVED CVE-2021-24312 @@ -20517,7 +20517,7 @@ CVE-2021-24301 CVE-2021-24300 RESERVED CVE-2021-24299 (The ReDi Restaurant Reservation WordPress plugin before 21.0426 provid ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2021-24298 RESERVED CVE-2021-24297 @@ -20525,19 +20525,19 @@ CVE-2021-24297 CVE-2021-24296 RESERVED CVE-2021-24295 (It was possible to exploit an Unauthenticated Time-Based Blind SQL Inj ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2021-24294 RESERVED CVE-2021-24293 (In the eCommerce module of the NextGEN Gallery Pro WordPress plugin be ...) NOT-FOR-US: NextGEN Gallery Pro WordPress plugin CVE-2021-24292 (The Happy Addons for Elementor WordPress plugin before 2.24.0, Happy A ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2021-24291 (The Photo Gallery by 10Web – Mobile-Friendly Image Gallery WordP ...) NOT-FOR-US: Photo Gallery by 10Web / Mobile-Friendly Image Gallery WordPress plugin CVE-2021-24290 (There are several endpoints in the Store Locator Plus for WordPress pl ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2021-24289 (There is functionality in the Store Locator Plus for WordPress plugin ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2021-24288 (When subscribing using AcyMailing, the 'redirect' parameter isn't prop ...) TODO: check CVE-2021-24287 (The settings page of the Select All Categories and Taxonomies, Change ...) @@ -24313,7 +24313,7 @@ CVE-2021-22670 (An uninitialized pointer may be exploited in Fatek FvDesigner Ve CVE-2021-22669 (Incorrect permissions are set to default on the ‘Project Managem ...) NOT-FOR-US: WebAccess/SCADA CVE-2021-22668 (Delta Industrial Automation CNCSoft ScreenEditor Versions 1.01.28 (wit ...) - TODO: check + NOT-FOR-US: Delta Industrial Automation CVE-2021-22667 (BB-ESWGP506-2SFP-T versions 1.01.09 and prior is vulnerable due to the ...) NOT-FOR-US: BB-ESWGP506-2SFP-T CVE-2021-22666 (Fatek FvDesigner Version 1.5.76 and prior is vulnerable to a stack-bas ...) @@ -36049,7 +36049,7 @@ CVE-2020-29207 CVE-2020-29206 RESERVED CVE-2020-29205 (XSS in signup form in Project Worlds Online Examination System 1.0 all ...) - TODO: check + NOT-FOR-US: Project Worlds Online Examination System CVE-2020-29204 (XXL-JOB 2.2.0 allows Stored XSS (in Add User) to bypass the 20-charact ...) NOT-FOR-US: XXL-JOB CVE-2020-29203 (struct2json before 2020-11-18 is affected by a Buffer Overflow because ...) @@ -49567,9 +49567,9 @@ CVE-2020-24994 (Stack overflow in the parse_tag function in libass/ass_parse.c i NOTE: https://github.com/libass/libass/issues/423 NOTE: https://github.com/libass/libass/commit/6835731c2fe4164a0c50bc91d12c43b2a2b4e799 (0.15.0) CVE-2020-24993 (There is a cross site scripting vulnerability on CmsWing 1.3.7. This v ...) - TODO: check + NOT-FOR-US: CmsWing CVE-2020-24992 (There is a cross site scripting vulnerability on CmsWing 1.3.7. This v ...) - TODO: check + NOT-FOR-US: CmsWing CVE-2020-24991 RESERVED CVE-2020-24990 (An issue was discovered in QSC Q-SYS Core Manager 8.2.1. By utilizing ...) View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/7b83232279359181e32cd5e8e8de2292689ebebb -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/7b83232279359181e32cd5e8e8de2292689ebebb You're receiving this email because of your account on salsa.debian.org.
_______________________________________________ debian-security-tracker-commits mailing list debian-security-tracker-commits@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits