From 08ad23c63d78a81b5875e7638b49044f82fe56f9 Mon Sep 17 00:00:00 2001 From: Salvatore Bonaccorso Date: Wed, 27 Oct 2021 10:48:55 +0200 Subject: Process NFUs --- data/CVE/list | 24 ++++++++++++------------ 1 file changed, 12 insertions(+), 12 deletions(-) diff --git a/data/CVE/list b/data/CVE/list index 946095ed44..5707dd4f77 100644 --- a/data/CVE/list +++ b/data/CVE/list @@ -3874,7 +3874,7 @@ CVE-2021-41867 (An information disclosure vulnerability in OnionShare 2.3 before - onionshare TODO: check details, exact fixing commits unclear CVE-2021-41866 (MyBB before 1.8.28 allows stored XSS because the displayed Template Na ...) - TODO: check + NOT-FOR-US: MyBB CVE-2021-3853 RESERVED CVE-2021-3852 @@ -15128,25 +15128,25 @@ CVE-2021-37133 CVE-2021-37132 RESERVED CVE-2021-37131 (There is a CSV injection vulnerability in ManageOne, iManager NetEco a ...) - TODO: check + NOT-FOR-US: Huawei CVE-2021-37130 (There is a path traversal vulnerability in Huawei FusionCube 6.0.2.The ...) - TODO: check + NOT-FOR-US: Huawei CVE-2021-37129 (There is an out of bounds write vulnerability in some Huawei products. ...) - TODO: check + NOT-FOR-US: Huawei CVE-2021-37128 RESERVED CVE-2021-37127 (There is a signature management vulnerability in some huawei products. ...) - TODO: check + NOT-FOR-US: Huawei CVE-2021-37126 RESERVED CVE-2021-37125 RESERVED CVE-2021-37124 (There is a path traversal vulnerability in Huawei PC product. Because ...) - TODO: check + NOT-FOR-US: Huawei CVE-2021-37123 (There is an improper authentication vulnerability in Hero-CT060 before ...) NOT-FOR-US: Hero-CT060 CVE-2021-37122 (There is a use-after-free (UAF) vulnerability in Huawei products. An a ...) - TODO: check + NOT-FOR-US: Huawei CVE-2021-37121 RESERVED CVE-2021-37120 @@ -19596,7 +19596,7 @@ CVE-2021-35238 (User with Orion Platform Admin Rights could store XSS through UR CVE-2021-35237 RESERVED CVE-2021-35236 (The Secure flag is not set in the SSL Cookie of Kiwi Syslog Server 9.7 ...) - TODO: check + NOT-FOR-US: SolarWinds CVE-2021-35235 (The ASP.NET debug feature is enabled by default in Kiwi Syslog Server ...) TODO: check CVE-2021-35234 @@ -24981,7 +24981,7 @@ CVE-2021-32953 CVE-2021-32952 (An out-of-bounds write issue exists in the DGN file-reading procedure ...) NOT-FOR-US: Open Design Alliance CVE-2021-32951 (WebAccess/NMS (Versions prior to v3.0.3_Build6299) has an improper aut ...) - TODO: check + NOT-FOR-US: WebAccess/NMS CVE-2021-32950 (An out-of-bounds read issue exists within the parsing of DXF files in ...) NOT-FOR-US: Open Design Alliance CVE-2021-32949 @@ -47791,7 +47791,7 @@ CVE-2021-23879 (Unquoted service path vulnerability in McAfee Endpoint Product R CVE-2021-23878 (Clear text storage of sensitive Information in memory vulnerability in ...) NOT-FOR-US: McAfee CVE-2021-23877 (Privilege escalation vulnerability in the Windows trial installer of M ...) - TODO: check + NOT-FOR-US: McAfee CVE-2021-23876 (Bypass Remote Procedure call in McAfee Total Protection (MTP) prior to ...) NOT-FOR-US: McAfee CVE-2021-23875 @@ -81104,7 +81104,7 @@ CVE-2020-22866 CVE-2020-22865 RESERVED CVE-2020-22864 (A cross site scripting (XSS) vulnerability in the Insert Video functio ...) - TODO: check + NOT-FOR-US: Froala WYSIWYG Editor CVE-2020-22863 RESERVED CVE-2020-22862 @@ -118903,7 +118903,7 @@ CVE-2020-7869 (An improper input validation vulnerability of ZOOK software (remo CVE-2020-7868 (A remote code execution vulnerability exists in helpUS(remote administ ...) NOT-FOR-US: helpUS(remote administration tool) CVE-2020-7867 (An improper input validation vulnerability in Helpu solution could all ...) - TODO: check + NOT-FOR-US: Helpu CVE-2020-7866 (When using XPLATFORM 9.2.2.270 or earlier versions ActiveX component, ...) NOT-FOR-US: XPLATFORM CVE-2020-7865 (A vulnerability(improper input validation) in the ExECM CoreB2B soluti ...) -- cgit v1.2.3