diff options
| author | security tracker role <sectracker@soriano.debian.org> | 2021-10-11 20:10:19 +0000 |
|---|---|---|
| committer | security tracker role <sectracker@soriano.debian.org> | 2021-10-11 20:10:19 +0000 |
| commit | 4e754778818947ebb59e240e86de572375512102 (patch) | |
| tree | a807e8650d3a45252847702301514d289678fce1 /data | |
| parent | f091b0362bb33bfedebc236973bff7775cafe7af (diff) | |
automatic update
Diffstat (limited to 'data')
| -rw-r--r-- | data/CVE/list.2020 | 4 | ||||
| -rw-r--r-- | data/CVE/list.2021 | 440 |
2 files changed, 326 insertions, 118 deletions
diff --git a/data/CVE/list.2020 b/data/CVE/list.2020 index 7c26c69cff..3eeeb6973c 100644 --- a/data/CVE/list.2020 +++ b/data/CVE/list.2020 @@ -9004,8 +9004,8 @@ CVE-2020-27374 RESERVED CVE-2020-27373 RESERVED -CVE-2020-27372 - RESERVED +CVE-2020-27372 (A buffer overflow vulnerability exists in Brandy Basic V Interpreter 1 ...) + TODO: check CVE-2020-27371 RESERVED CVE-2020-27370 diff --git a/data/CVE/list.2021 b/data/CVE/list.2021 index 1e34061edd..b59f6662a2 100644 --- a/data/CVE/list.2021 +++ b/data/CVE/list.2021 @@ -1,3 +1,221 @@ +CVE-2021-42255 + RESERVED +CVE-2021-42254 + RESERVED +CVE-2021-42253 + RESERVED +CVE-2021-42252 (An issue was discovered in aspeed_lpc_ctrl_mmap in drivers/soc/aspeed/ ...) + TODO: check +CVE-2021-42251 + RESERVED +CVE-2021-42250 + RESERVED +CVE-2021-42249 + RESERVED +CVE-2021-42248 + RESERVED +CVE-2021-42247 + RESERVED +CVE-2021-42246 + RESERVED +CVE-2021-42245 + RESERVED +CVE-2021-42244 + RESERVED +CVE-2021-42243 + RESERVED +CVE-2021-42242 + RESERVED +CVE-2021-42241 + RESERVED +CVE-2021-42240 + RESERVED +CVE-2021-42239 + RESERVED +CVE-2021-42238 + RESERVED +CVE-2021-42237 + RESERVED +CVE-2021-42236 + RESERVED +CVE-2021-42235 + RESERVED +CVE-2021-42234 + RESERVED +CVE-2021-42233 + RESERVED +CVE-2021-42232 + RESERVED +CVE-2021-42231 + RESERVED +CVE-2021-42230 + RESERVED +CVE-2021-42229 + RESERVED +CVE-2021-42228 + RESERVED +CVE-2021-42227 + RESERVED +CVE-2021-42226 + RESERVED +CVE-2021-42225 + RESERVED +CVE-2021-42224 + RESERVED +CVE-2021-42223 + RESERVED +CVE-2021-42222 + RESERVED +CVE-2021-42221 + RESERVED +CVE-2021-42220 + RESERVED +CVE-2021-42219 + RESERVED +CVE-2021-42218 + RESERVED +CVE-2021-42217 + RESERVED +CVE-2021-42216 + RESERVED +CVE-2021-42215 + RESERVED +CVE-2021-42214 + RESERVED +CVE-2021-42213 + RESERVED +CVE-2021-42212 + RESERVED +CVE-2021-42211 + RESERVED +CVE-2021-42210 + RESERVED +CVE-2021-42209 + RESERVED +CVE-2021-42208 + RESERVED +CVE-2021-42207 + RESERVED +CVE-2021-42206 + RESERVED +CVE-2021-42205 + RESERVED +CVE-2021-42204 + RESERVED +CVE-2021-42203 + RESERVED +CVE-2021-42202 + RESERVED +CVE-2021-42201 + RESERVED +CVE-2021-42200 + RESERVED +CVE-2021-42199 + RESERVED +CVE-2021-42198 + RESERVED +CVE-2021-42197 + RESERVED +CVE-2021-42196 + RESERVED +CVE-2021-42195 + RESERVED +CVE-2021-42194 + RESERVED +CVE-2021-42193 + RESERVED +CVE-2021-42192 + RESERVED +CVE-2021-42191 + RESERVED +CVE-2021-42190 + RESERVED +CVE-2021-42189 + RESERVED +CVE-2021-42188 + RESERVED +CVE-2021-42187 + RESERVED +CVE-2021-42186 + RESERVED +CVE-2021-42185 + RESERVED +CVE-2021-42184 + RESERVED +CVE-2021-42183 + RESERVED +CVE-2021-42182 + RESERVED +CVE-2021-42181 + RESERVED +CVE-2021-42180 + RESERVED +CVE-2021-42179 + RESERVED +CVE-2021-42178 + RESERVED +CVE-2021-42177 + RESERVED +CVE-2021-42176 + RESERVED +CVE-2021-42175 + RESERVED +CVE-2021-42174 + RESERVED +CVE-2021-42173 + RESERVED +CVE-2021-42172 + RESERVED +CVE-2021-42171 + RESERVED +CVE-2021-42170 + RESERVED +CVE-2021-42169 + RESERVED +CVE-2021-42168 + RESERVED +CVE-2021-42167 + RESERVED +CVE-2021-42166 + RESERVED +CVE-2021-42165 + RESERVED +CVE-2021-42164 + RESERVED +CVE-2021-42163 + RESERVED +CVE-2021-42162 + RESERVED +CVE-2021-42161 + RESERVED +CVE-2021-42160 + RESERVED +CVE-2021-42159 + RESERVED +CVE-2021-42158 + RESERVED +CVE-2021-42157 + RESERVED +CVE-2021-42156 + RESERVED +CVE-2021-42155 + RESERVED +CVE-2021-42154 + RESERVED +CVE-2021-42153 + RESERVED +CVE-2021-42152 + RESERVED +CVE-2021-42151 + RESERVED +CVE-2021-42150 + RESERVED +CVE-2021-42149 + RESERVED +CVE-2021-42148 + RESERVED +CVE-2021-3877 + RESERVED CVE-2021-42147 RESERVED CVE-2021-42146 @@ -715,14 +933,11 @@ CVE-2021-23139 RESERVED CVE-2021-3845 RESERVED -CVE-2021-41832 - RESERVED +CVE-2021-41832 (It is possible for an attacker to manipulate documents to appear to be ...) NOT-FOR-US: Apache OpenOffice -CVE-2021-41831 - RESERVED +CVE-2021-41831 (It is possible for an attacker to manipulate the timestamp of signed d ...) NOT-FOR-US: Apache OpenOffice -CVE-2021-41830 - RESERVED +CVE-2021-41830 (It is possible for an attacker to manipulate signed documents and macr ...) NOT-FOR-US: Apache OpenOffice CVE-2021-3844 RESERVED @@ -788,29 +1003,25 @@ CVE-2021-41803 RESERVED CVE-2021-41802 (HashiCorp Vault and Vault Enterprise through 1.7.4 and 1.8.3 allowed a ...) NOT-FOR-US: HashiCorp Vault -CVE-2021-41801 - RESERVED +CVE-2021-41801 (The ReplaceText extension through 1.41 for MediaWiki has Incorrect Acc ...) {DSA-4979-1} - mediawiki 1:1.35.4-1 [stretch] - mediawiki <not-affected> (The vulnerable code was introduced later) NOTE: https://lists.wikimedia.org/hyperkitty/list/wikitech-l@lists.wikimedia.org/thread/2IFS5CM2YV4VMSODPX3J2LFHKSEWVFV5/ NOTE: https://phabricator.wikimedia.org/T279090 -CVE-2021-41800 - RESERVED +CVE-2021-41800 (MediaWiki before 1.36.2 allows a denial of service (resource consumpti ...) {DSA-4979-1} - mediawiki 1:1.35.4-1 [stretch] - mediawiki <not-affected> (The vulnerable code was introduced later) NOTE: https://lists.wikimedia.org/hyperkitty/list/wikitech-l@lists.wikimedia.org/thread/2IFS5CM2YV4VMSODPX3J2LFHKSEWVFV5/ NOTE: https://phabricator.wikimedia.org/T284419 NOTE: Fixed by https://github.com/wikimedia/mediawiki/commit/781caf83dba90c18349f930bbaaa0e89f003f874 -CVE-2021-41799 - RESERVED +CVE-2021-41799 (MediaWiki before 1.36.2 allows a denial of service (resource consumpti ...) {DSA-4979-1 DLA-2779-1} - mediawiki 1:1.35.4-1 NOTE: https://lists.wikimedia.org/hyperkitty/list/wikitech-l@lists.wikimedia.org/thread/2IFS5CM2YV4VMSODPX3J2LFHKSEWVFV5/ NOTE: https://phabricator.wikimedia.org/T290379 -CVE-2021-41798 - RESERVED +CVE-2021-41798 (MediaWiki before 1.36.2 allows XSS. Month related MediaWiki messages a ...) {DSA-4979-1 DLA-2779-1} - mediawiki 1:1.35.4-1 NOTE: https://lists.wikimedia.org/hyperkitty/list/wikitech-l@lists.wikimedia.org/thread/2IFS5CM2YV4VMSODPX3J2LFHKSEWVFV5/ @@ -972,7 +1183,7 @@ CVE-2021-41734 RESERVED CVE-2021-41733 RESERVED -CVE-2021-41732 (An issue was discovered in zeek version 4.1.0. There is a HTTP request ...) +CVE-2021-41732 (** DISPUTED ** An issue was discovered in zeek version 4.1.0. There is ...) - zeek <unfixed> (unimportant) NOTE: https://github.com/zeek/zeek/issues/1798 NOTE: Disputed validitity of the security issue @@ -2302,8 +2513,8 @@ CVE-2021-41119 RESERVED CVE-2021-41118 (The DynamicPageList3 extension is a reporting tool for MediaWiki, list ...) NOT-FOR-US: DynamicPageList3 MediaWiki Extension -CVE-2021-41117 - RESERVED +CVE-2021-41117 (keypair is a a RSA PEM key generator written in javascript. keypair im ...) + TODO: check CVE-2021-41116 (Composer is an open source dependency manager for the PHP language. In ...) - composer <not-affected> (Only affects Windows) NOTE: https://github.com/composer/composer/security/advisories/GHSA-frqg-7g38-6gcf @@ -2816,18 +3027,18 @@ CVE-2021-40891 RESERVED CVE-2021-40890 RESERVED -CVE-2021-40889 - RESERVED -CVE-2021-40888 - RESERVED -CVE-2021-40887 - RESERVED -CVE-2021-40886 - RESERVED +CVE-2021-40889 (CMSUno version 1.7.2 is affected by a PHP code execution vulnerability ...) + TODO: check +CVE-2021-40888 (Projectsend version r1295 is affected by Cross Site Scripting (XSS) du ...) + TODO: check +CVE-2021-40887 (Projectsend version r1295 is affected by a directory traversal vulnera ...) + TODO: check +CVE-2021-40886 (Projectsend version r1295 is affected by a directory traversal vulnera ...) + TODO: check CVE-2021-40885 RESERVED -CVE-2021-40884 - RESERVED +CVE-2021-40884 (Projectsend version r1295 is affected by sensitive information disclos ...) + TODO: check CVE-2021-40883 RESERVED CVE-2021-40882 @@ -3467,8 +3678,8 @@ CVE-2021-40619 RESERVED CVE-2021-40618 RESERVED -CVE-2021-40617 - RESERVED +CVE-2021-40617 (An SQL Injection vulnerability exists in openSIS Community Edition ver ...) + TODO: check CVE-2021-40616 RESERVED CVE-2021-40615 @@ -3615,12 +3826,12 @@ CVE-2021-40545 RESERVED CVE-2021-40544 RESERVED -CVE-2021-40543 - RESERVED -CVE-2021-40542 - RESERVED -CVE-2021-40541 - RESERVED +CVE-2021-40543 (Opensis-Classic Version 8.0 is affected by a SQL injection vulnerabili ...) + TODO: check +CVE-2021-40542 (Opensis-Classic Version 8.0 is affected by cross-site scripting (XSS). ...) + TODO: check +CVE-2021-40541 (PHPFusion 9.03.110 is affected by cross-site scripting (XSS) in the pr ...) + TODO: check CVE-2021-40540 (ulfius_uri_logger in Ulfius HTTP Framework before 2.7.4 omits con_info ...) - ulfius 2.7.1-2 (bug #993851) [bullseye] - ulfius 2.7.1-1+deb11u1 @@ -4384,8 +4595,8 @@ CVE-2021-40241 RESERVED CVE-2021-40240 RESERVED -CVE-2021-40239 - RESERVED +CVE-2021-40239 (A Buffer Overflow vulnerability exists in the latest version of Minift ...) + TODO: check CVE-2021-40238 (A Cross Site Scriptiong (XSS) vulnerability exists in the admin panel ...) NOT-FOR-US: Webuzo CVE-2021-40237 @@ -4480,14 +4691,14 @@ CVE-2021-40193 RESERVED CVE-2021-40192 RESERVED -CVE-2021-40191 - RESERVED +CVE-2021-40191 (Dzzoffice Version 2.02.1 is affected by cross-site scripting (XSS) due ...) + TODO: check CVE-2021-40190 RESERVED -CVE-2021-40189 - RESERVED -CVE-2021-40188 - RESERVED +CVE-2021-40189 (PHPFusion 9.03.110 is affected by a remote code execution vulnerabilit ...) + TODO: check +CVE-2021-40188 (PHPFusion 9.03.110 is affected by an arbitrary file upload vulnerabili ...) + TODO: check CVE-2021-40187 RESERVED CVE-2021-40186 @@ -4755,7 +4966,7 @@ CVE-2021-40087 (An issue was discovered in PrimeKey EJBCA before 7.6.0. When aud CVE-2021-40086 (An issue was discovered in PrimeKey EJBCA before 7.6.0. As part of the ...) NOT-FOR-US: PrimeKey CVE-2021-40085 (An issue was discovered in OpenStack Neutron before 16.4.1, 17.x befor ...) - {DSA-4983-1} + {DSA-4983-1 DLA-2781-1} - neutron 2:18.1.0-3 (bug #993398) NOTE: https://www.openwall.com/lists/oss-security/2021/08/31/2 NOTE: https://launchpad.net/bugs/1939733 @@ -6446,8 +6657,8 @@ CVE-2021-39319 RESERVED CVE-2021-39318 RESERVED -CVE-2021-39317 - RESERVED +CVE-2021-39317 (Versions up to, and including, 1.0.6, of the Access Demo Importer Word ...) + TODO: check CVE-2021-39316 (The Zoomsounds plugin <= 6.45 for WordPress allows arbitrary files, ...) NOT-FOR-US: WordPress plugin CVE-2021-39315 @@ -8435,7 +8646,7 @@ CVE-2021-38501 NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2021-45/#CVE-2021-38501 CVE-2021-38500 RESERVED - {DSA-4981-1} + {DSA-4981-1 DLA-2782-1} - firefox 93.0-1 - firefox-esr 91.2.0esr-1 NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2021-43/#CVE-2021-38500 @@ -8459,7 +8670,7 @@ CVE-2021-38497 NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2021-45/#CVE-2021-38497 CVE-2021-38496 RESERVED - {DSA-4981-1} + {DSA-4981-1 DLA-2782-1} - firefox 93.0-1 - firefox-esr 91.2.0esr-1 NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2021-43/#CVE-2021-38496 @@ -11650,8 +11861,8 @@ CVE-2021-37125 RESERVED CVE-2021-37124 RESERVED -CVE-2021-37123 - RESERVED +CVE-2021-37123 (There is an improper authentication vulnerability in Hero-CT060 before ...) + TODO: check CVE-2021-37122 RESERVED CVE-2021-37121 @@ -16281,10 +16492,10 @@ CVE-2021-35062 (A Shell Metacharacter Injection vulnerability in result.php in D NOT-FOR-US: DRK Odenwaldkreis Testerfassung CVE-2021-35061 (Multiple cross-site scripting (XSS) vulnerabilities in DRK Odenwaldkre ...) NOT-FOR-US: DRK Odenwaldkreis Testerfassung -CVE-2021-35060 - RESERVED -CVE-2021-35059 - RESERVED +CVE-2021-35060 (/way4acs/enroll in OpenWay WAY4 ACS before 1.2.278-2693 allows unauthe ...) + TODO: check +CVE-2021-35059 (OpenWay WAY4 ACS before 1.2.278-2693 allows XSS via the /way4acs/enrol ...) + TODO: check CVE-2021-35058 RESERVED CVE-2021-35057 @@ -23521,8 +23732,7 @@ CVE-2021-32029 (A flaw was found in postgresql. Using an UPDATE ... RETURNING co [stretch] - postgresql-9.6 <not-affected> (Vulnerable code introduced later) NOTE: https://www.postgresql.org/about/news/postgresql-133-127-1112-1017-and-9622-released-2210/ NOTE: https://git.postgresql.org/gitweb/?p=postgresql.git;a=commit;h=a71cfc56bf6013e3ea1d673acaf73fe7ebbd6bf3 (REL_13_3) -CVE-2021-32028 - RESERVED +CVE-2021-32028 (A flaw was found in postgresql. Using an INSERT ... ON CONFLICT ... DO ...) {DSA-4915-1 DLA-2662-1} - postgresql-13 13.3-1 - postgresql-11 <removed> @@ -31113,12 +31323,12 @@ CVE-2021-29008 (A cross-site scripting (XSS) issue in SEO Panel 4.8.0 allows rem NOT-FOR-US: SEO Panel CVE-2021-29007 RESERVED -CVE-2021-29006 - RESERVED -CVE-2021-29005 - RESERVED -CVE-2021-29004 - RESERVED +CVE-2021-29006 (rConfig 3.9.6 is affected by a Local File Disclosure vulnerability. An ...) + TODO: check +CVE-2021-29005 (Insecure permission of chmod command on rConfig server 3.9.6 exists. A ...) + TODO: check +CVE-2021-29004 (rConfig 3.9.6 is affected by SQL Injection. A user must be authenticat ...) + TODO: check CVE-2021-29003 (Genexis PLATINUM 4410 2.1 P4410-V2-1.28 devices allow remote attackers ...) NOT-FOR-US: Genexis devices CVE-2021-29002 (A stored cross-site scripting (XSS) vulnerability in Plone CMS 5.2.3 e ...) @@ -34348,10 +34558,10 @@ CVE-2021-27667 CVE-2021-27666 RESERVED NOT-FOR-US: Android -CVE-2021-27665 - RESERVED -CVE-2021-27664 - RESERVED +CVE-2021-27665 (An unauthenticated remote user could exploit a potential integer overf ...) + TODO: check +CVE-2021-27664 (Under certain configurations an unauthenticated remote user could be g ...) + TODO: check CVE-2021-27663 (A vulnerability in versions 10.1 through 10.5 of Johnson Controls CEM ...) NOT-FOR-US: Johnson Controls CVE-2021-27662 (The KT-1 door controller is susceptible to replay or man-in-the-middle ...) @@ -35802,8 +36012,8 @@ CVE-2021-27004 RESERVED CVE-2021-27003 RESERVED -CVE-2021-27002 - RESERVED +CVE-2021-27002 (NetApp Cloud Manager versions prior to 3.9.10 are susceptible to a vul ...) + TODO: check CVE-2021-27001 RESERVED CVE-2021-27000 @@ -36799,8 +37009,8 @@ CVE-2021-26590 RESERVED CVE-2021-26589 RESERVED -CVE-2021-26588 - RESERVED +CVE-2021-26588 (A potential security vulnerability has been identified in HPE 3PAR Sto ...) + TODO: check CVE-2021-26587 (A potential DOM-based Cross Site Scripting security vulnerability has ...) NOT-FOR-US: HPE StoreOnce CVE-2021-26586 (A potential security vulnerability has been identified in the HPE Edge ...) @@ -39031,8 +39241,7 @@ CVE-2021-25740 (A security issue was discovered with Kubernetes that could enabl NOTE: https://www.openwall.com/lists/oss-security/2021/07/14/1 CVE-2021-25739 RESERVED -CVE-2021-25738 - RESERVED +CVE-2021-25738 (Loading specially-crafted yaml with the Kubernetes Java Client library ...) NOT-FOR-US: Kubernetes Java client CVE-2021-25737 (A security issue was discovered in Kubernetes where a user may be able ...) - kubernetes <unfixed> (bug #990793) @@ -39299,8 +39508,7 @@ CVE-2021-25634 NOTE: Fixed by: https://github.com/LibreOffice/core/commit/94ce59dd02fcfcaa1eb4f195b45a9a2edbd58242 (7-0) NOTE: Fixed by: https://github.com/LibreOffice/core/commit/89befefb98487a27bff1003084e1200320828b3f (7-1) NOTE: Fixed by: https://github.com/LibreOffice/core/commit/b776cf1281660cf495e12824872576bb8e99d569 (7-1) -CVE-2021-25633 - RESERVED +CVE-2021-25633 (LibreOffice supports digital signatures of ODF documents and macros wi ...) - libreoffice 1:7.2.0-2 NOTE: https://www.libreoffice.org/about-us/security/advisories/CVE-2021-25633 NOTE: https://www.openwall.com/lists/oss-security/2021/10/11/1 @@ -41313,8 +41521,8 @@ CVE-2021-24739 RESERVED CVE-2021-24738 RESERVED -CVE-2021-24737 - RESERVED +CVE-2021-24737 (The Comments – wpDiscuz WordPress plugin through 7.3.0 does not ...) + TODO: check CVE-2021-24736 RESERVED CVE-2021-24735 @@ -41347,10 +41555,10 @@ CVE-2021-24722 RESERVED CVE-2021-24721 RESERVED -CVE-2021-24720 - RESERVED -CVE-2021-24719 - RESERVED +CVE-2021-24720 (The GeoDirectory Business Directory WordPress plugin before 2.1.1.3 wa ...) + TODO: check +CVE-2021-24719 (The Enfold Enfold WordPress theme before 4.8.4 was vulnerable to Refle ...) + TODO: check CVE-2021-24718 RESERVED CVE-2021-24717 @@ -41363,14 +41571,14 @@ CVE-2021-24714 RESERVED CVE-2021-24713 RESERVED -CVE-2021-24712 - RESERVED -CVE-2021-24711 - RESERVED +CVE-2021-24712 (The Appointment Hour Booking WordPress plugin before 1.3.17 does not p ...) + TODO: check +CVE-2021-24711 (The del_reistered_domains AJAX action of the Software License Manager ...) + TODO: check CVE-2021-24710 RESERVED -CVE-2021-24709 - RESERVED +CVE-2021-24709 (The Weather Effect WordPress plugin before 1.3.6 does not properly val ...) + TODO: check CVE-2021-24708 RESERVED CVE-2021-24707 @@ -41405,10 +41613,10 @@ CVE-2021-24693 RESERVED CVE-2021-24692 RESERVED -CVE-2021-24691 - RESERVED -CVE-2021-24690 - RESERVED +CVE-2021-24691 (The Quiz And Survey Master WordPress plugin before 7.3.2 does not esca ...) + TODO: check +CVE-2021-24690 (The Chained Quiz WordPress plugin before 1.2.7.2 does not properly san ...) + TODO: check CVE-2021-24689 RESERVED CVE-2021-24688 @@ -41421,12 +41629,12 @@ CVE-2021-24685 RESERVED CVE-2021-24684 RESERVED -CVE-2021-24683 - RESERVED +CVE-2021-24683 (The Weather Effect WordPress plugin before 1.3.4 does not have any CSR ...) + TODO: check CVE-2021-24682 RESERVED -CVE-2021-24681 - RESERVED +CVE-2021-24681 (The Duplicate Page WordPress plugin through 4.4.2 does not sanitise or ...) + TODO: check CVE-2021-24680 RESERVED CVE-2021-24679 (The Bitcoin / AltCoin Payment Gateway for WooCommerce WordPress plugin ...) @@ -41475,8 +41683,8 @@ CVE-2021-24658 (The Erident Custom Login and Dashboard WordPress plugin before 3 NOT-FOR-US: WordPress plugin CVE-2021-24657 (The Limit Login Attempts WordPress plugin before 4.0.50 does not escap ...) NOT-FOR-US: WordPress plugin -CVE-2021-24656 - RESERVED +CVE-2021-24656 (The Simple Social Media Share Buttons WordPress plugin before 3.2.4 do ...) + TODO: check CVE-2021-24655 RESERVED CVE-2021-24654 (The User Registration WordPress plugin before 2.0.2 does not properly ...) @@ -41485,8 +41693,8 @@ CVE-2021-24653 RESERVED CVE-2021-24652 (The PostX – Gutenberg Blocks for Post Grid WordPress plugin befo ...) NOT-FOR-US: WordPress plugin -CVE-2021-24651 - RESERVED +CVE-2021-24651 (The Poll Maker WordPress plugin before 3.4.2 allows unauthenticated us ...) + TODO: check CVE-2021-24650 RESERVED CVE-2021-24649 @@ -41633,10 +41841,10 @@ CVE-2021-24579 (The bt_bb_get_grid AJAX action of the Bold Page Builder WordPres NOT-FOR-US: WordPress plugin CVE-2021-24578 RESERVED -CVE-2021-24577 - RESERVED -CVE-2021-24576 - RESERVED +CVE-2021-24577 (The Coming soon and Maintenance mode WordPress plugin before 3.5.3 doe ...) + TODO: check +CVE-2021-24576 (The Easy Accordion WordPress plugin before 2.0.22 does not properly sa ...) + TODO: check CVE-2021-24575 RESERVED CVE-2021-24574 (The Simple Banner WordPress plugin before 2.10.4 does not sanitise and ...) @@ -41661,8 +41869,8 @@ CVE-2021-24565 (The Contact Form 7 Captcha WordPress plugin before 0.0.9 does no NOT-FOR-US: WordPress plugin CVE-2021-24564 (The WPFront Scroll Top WordPress plugin before 2.0.6.07225 does not sa ...) NOT-FOR-US: WordPress plugin -CVE-2021-24563 - RESERVED +CVE-2021-24563 (The Frontend Uploader WordPress plugin through 1.3.2 does not prevent ...) + TODO: check CVE-2021-24562 (The LMS by LifterLMS – Online Course, Membership & Learning ...) NOT-FOR-US: WordPress plugin CVE-2021-24561 (The WP SMS WordPress plugin before 5.4.13 does not sanitise the "wp_gr ...) @@ -41695,10 +41903,10 @@ CVE-2021-24548 (The Mimetic Books WordPress plugin through 0.2.13 was vulnerable NOT-FOR-US: WordPress plugin CVE-2021-24547 (The KN Fix Your Title WordPress plugin through 1.0.1 was vulnerable to ...) NOT-FOR-US: WordPress plugin -CVE-2021-24546 - RESERVED -CVE-2021-24545 - RESERVED +CVE-2021-24546 (The Gutenberg Block Editor Toolkit – EditorsKit WordPress plugin ...) + TODO: check +CVE-2021-24545 (The WP HTML Author Bio WordPress plugin through 1.2.0 does not sanitis ...) + TODO: check CVE-2021-24544 RESERVED CVE-2021-24543 @@ -46773,8 +46981,8 @@ CVE-2021-22265 RESERVED CVE-2021-22264 (An issue has been discovered in GitLab affecting all versions starting ...) TODO: check -CVE-2021-22263 - RESERVED +CVE-2021-22263 (An issue has been discovered in GitLab affecting all versions starting ...) + TODO: check CVE-2021-22262 (Missing access control in GitLab version 13.10 and above with Jira Clo ...) TODO: check CVE-2021-22261 (A stored Cross-Site Scripting vulnerability in the Jira integration in ...) @@ -52288,10 +52496,10 @@ CVE-2021-20124 RESERVED CVE-2021-20123 RESERVED -CVE-2021-20122 - RESERVED -CVE-2021-20121 - RESERVED +CVE-2021-20122 (The Telus Wi-Fi Hub (PRV65B444A-S-TS) with firmware version 3.00.20 is ...) + TODO: check +CVE-2021-20121 (The Telus Wi-Fi Hub (PRV65B444A-S-TS) with firmware version 3.00.20 is ...) + TODO: check CVE-2021-20120 RESERVED CVE-2021-20119 @@ -56582,8 +56790,8 @@ CVE-2021-0585 (In beginWrite and beginRead of MessageQueueBase.h, there is a pos NOT-FOR-US: Android CVE-2021-0584 (In verifyBufferObject of Parcel.cpp, there is a possible out of bounds ...) NOT-FOR-US: Android -CVE-2021-0583 - RESERVED +CVE-2021-0583 (In onCreate of BluetoothPairingDialog, there is a possible way to enab ...) + TODO: check CVE-2021-0582 (In wifi driver, there is a possible out of bounds read due to a missin ...) NOT-FOR-US: MediaTek components for Android CVE-2021-0581 (In wifi driver, there is a possible out of bounds read due to a missin ...) |