From 0ac16195e687fc4bcde1eb87b51e1f987839d358 Mon Sep 17 00:00:00 2001 From: Salvatore Bonaccorso Date: Tue, 7 Dec 2021 21:25:43 +0100 Subject: Process several NFUs --- data/CVE/list | 158 +++++++++++++++++++++++++++++----------------------------- 1 file changed, 79 insertions(+), 79 deletions(-) diff --git a/data/CVE/list b/data/CVE/list index ca970800ce..d5c2105884 100644 --- a/data/CVE/list +++ b/data/CVE/list @@ -406,7 +406,7 @@ CVE-2021-41836 CVE-2021-4050 RESERVED CVE-2021-4049 (livehelperchat is vulnerable to Cross-Site Request Forgery (CSRF) ...) - TODO: check + NOT-FOR-US: livehelperchat CVE-2021-44539 RESERVED CVE-2021-44538 @@ -432,7 +432,7 @@ CVE-2021-44529 CVE-2021-44528 RESERVED CVE-2021-44527 (A vulnerability found in UniFi Switch firmware Version 5.43.35 and ear ...) - TODO: check + NOT-FOR-US: UniFi Switch firmware CVE-2021-44526 RESERVED CVE-2021-44525 @@ -1365,11 +1365,11 @@ CVE-2021-44189 CVE-2021-44188 RESERVED CVE-2021-44187 (Adobe Bridge versions 11.1.1 (and earlier) are affected by an out-of-b ...) - TODO: check + NOT-FOR-US: Adobe CVE-2021-44186 (Adobe Bridge versions 11.1.1 (and earlier) are affected by an out-of-b ...) - TODO: check + NOT-FOR-US: Adobe CVE-2021-44185 (Adobe Bridge versions 11.1.1 (and earlier) are affected by an out-of-b ...) - TODO: check + NOT-FOR-US: Adobe CVE-2021-44184 RESERVED CVE-2021-44183 @@ -2474,7 +2474,7 @@ CVE-2021-43807 CVE-2021-43806 RESERVED CVE-2021-43805 (Solidus is a free, open-source ecommerce platform built on Rails. Vers ...) - TODO: check + NOT-FOR-US: Solidus CVE-2021-43804 RESERVED CVE-2021-43803 @@ -2506,7 +2506,7 @@ CVE-2021-43791 (Zulip is an open source group chat application that combines rea CVE-2021-43790 (Lucet is a native WebAssembly compiler and runtime. There is a bug in ...) NOT-FOR-US: Lucet CVE-2021-43789 (PrestaShop is an Open Source e-commerce web application. Versions of P ...) - TODO: check + NOT-FOR-US: PrestaShop CVE-2021-43788 (Nodebb is an open source Node.js based forum software. Prior to v1.18. ...) NOT-FOR-US: Nodebb CVE-2021-43787 (Nodebb is an open source Node.js based forum software. In affected ver ...) @@ -9539,25 +9539,25 @@ CVE-2021-3875 (vim is vulnerable to Heap-based Buffer Overflow ...) NOTE: Search from cursor position introduced in: https://github.com/vim/vim/commit/04db26b36000a4677b95403ec94bd11f6cc73975 (v8.2.3110) NOTE: Fixed by: https://github.com/vim/vim/commit/35a319b77f897744eec1155b736e9372c9c5575f (v8.2.3489) CVE-2021-42133 (An exposed dangerous function vulnerability exists in Ivanti Avalanche ...) - TODO: check + NOT-FOR-US: Ivanti CVE-2021-42132 (A command Injection vulnerability exists in Ivanti Avalanche before 6. ...) - TODO: check + NOT-FOR-US: Ivanti CVE-2021-42131 (A SQL Injection vulnerability exists in Ivanti Avalance before 6.3.3 a ...) - TODO: check + NOT-FOR-US: Ivanti CVE-2021-42130 (A deserialization of untrusted data vulnerability exists in Ivanti Ava ...) - TODO: check + NOT-FOR-US: Ivanti CVE-2021-42129 (A command injection vulnerability exists in Ivanti Avalanche before 6. ...) - TODO: check + NOT-FOR-US: Ivanti CVE-2021-42128 (An exposed dangerous function vulnerability exists in Ivanti Avalanche ...) - TODO: check + NOT-FOR-US: Ivanti CVE-2021-42127 (A deserialization of untrusted data vulnerability exists in Ivanti Ava ...) - TODO: check + NOT-FOR-US: Ivanti CVE-2021-42126 (An improper authorization control vulnerability exists in Ivanti Avala ...) - TODO: check + NOT-FOR-US: Ivanti CVE-2021-42125 (An unrestricted file upload vulnerability exists in Ivanti Avalanche b ...) - TODO: check + NOT-FOR-US: Ivanti CVE-2021-42124 (An improper access control vulnerability exists in Ivanti Avalanche be ...) - TODO: check + NOT-FOR-US: Ivanti CVE-2021-42123 (Unrestricted File Upload in Web Applications operating on Business-DNA ...) NOT-FOR-US: Business-DNA Solutions CVE-2021-42122 (Insufficient Input Validation in Web Applications operating on Busines ...) @@ -10619,7 +10619,7 @@ CVE-2021-41718 CVE-2021-41717 RESERVED CVE-2021-41716 (Maharashtra State Electricity Board Mahavitara Android Application 8.2 ...) - TODO: check + NOT-FOR-US: Maharashtra State Electricity Board Mahavitara Android Application CVE-2021-41715 RESERVED CVE-2021-41714 @@ -12632,7 +12632,7 @@ CVE-2021-40861 CVE-2021-40860 RESERVED CVE-2021-40859 (Backdoors were discovered in Auerswald COMpact 5500R 7.8A and 8.0B dev ...) - TODO: check + NOT-FOR-US: Auerswald CVE-2021-40858 RESERVED CVE-2021-40857 @@ -14502,15 +14502,15 @@ CVE-2021-40098 (An issue was discovered in Concrete CMS through 8.5.5. Path Trav CVE-2021-40097 (An issue was discovered in Concrete CMS through 8.5.5. Authenticated p ...) NOT-FOR-US: Concrete CMS CVE-2021-40096 (A cross-site scripting (XSS) vulnerability in integration configuratio ...) - TODO: check + NOT-FOR-US: SquaredUp for SCOM CVE-2021-40095 (An issue was discovered in SquaredUp for SCOM 5.2.1.6654. The Download ...) - TODO: check + NOT-FOR-US: SquaredUp for SCOM CVE-2021-40094 (A DOM-based XSS vulnerability affects SquaredUp for SCOM 5.2.1.6654. I ...) - TODO: check + NOT-FOR-US: SquaredUp for SCOM CVE-2021-40093 (A cross-site scripting (XSS) vulnerability in integration configuratio ...) - TODO: check + NOT-FOR-US: SquaredUp for SCOM CVE-2021-40092 (A cross-site scripting (XSS) vulnerability in Image Tile in SquaredUp ...) - TODO: check + NOT-FOR-US: SquaredUp for SCOM CVE-2021-40091 (An SSRF issue was discovered in SquaredUp for SCOM 5.2.1.6654. ...) NOT-FOR-US: SquaredUp for SCOM CVE-2021-40090 @@ -21818,97 +21818,97 @@ CVE-2021-37102 (There is a command injection vulnerability in CMA service module CVE-2021-37101 (There is an improper authorization vulnerability in AIS-BW50-00 9.0.6. ...) NOT-FOR-US: Huawei CVE-2021-37100 (There is a Improper Authentication vulnerability in Huawei Smartphone. ...) - TODO: check + NOT-FOR-US: Huawei CVE-2021-37099 (There is a Path Traversal vulnerability in Huawei Smartphone.Successfu ...) - TODO: check + NOT-FOR-US: Huawei CVE-2021-37098 RESERVED CVE-2021-37097 RESERVED CVE-2021-37096 (There is a Improper Input Validation vulnerability in Huawei Smartphon ...) - TODO: check + NOT-FOR-US: Huawei CVE-2021-37095 (There is a Integer Overflow or Wraparound vulnerability in Huawei Smar ...) - TODO: check + NOT-FOR-US: Huawei CVE-2021-37094 (There is a Improper Input Validation vulnerability in Huawei Smartphon ...) - TODO: check + NOT-FOR-US: Huawei CVE-2021-37093 RESERVED CVE-2021-37092 RESERVED CVE-2021-37091 (There is a Permissions,Privileges,and Access Controls vulnerability in ...) - TODO: check + NOT-FOR-US: Huawei CVE-2021-37090 (There is a Out-of-bounds Read vulnerability in Huawei Smartphone.Succe ...) - TODO: check + NOT-FOR-US: Huawei CVE-2021-37089 (There is a Incomplete Cleanup vulnerability in Huawei Smartphone.Succe ...) - TODO: check + NOT-FOR-US: Huawei CVE-2021-37088 (There is a Path Traversal vulnerability in Huawei Smartphone.Successfu ...) - TODO: check + NOT-FOR-US: Huawei CVE-2021-37087 (There is a Path Traversal vulnerability in Huawei Smartphone.Successfu ...) - TODO: check + NOT-FOR-US: Huawei CVE-2021-37086 (There is a Improper Preservation of Permissions vulnerability in Huawe ...) - TODO: check + NOT-FOR-US: Huawei CVE-2021-37085 (There is a Encoding timing vulnerability in Huawei Smartphone.Successf ...) - TODO: check + NOT-FOR-US: Huawei CVE-2021-37084 (There is a Improper Input Validation vulnerability in Huawei Smartphon ...) - TODO: check + NOT-FOR-US: Huawei CVE-2021-37083 (There is a NULL Pointer Dereference vulnerability in Huawei Smartphone ...) - TODO: check + NOT-FOR-US: Huawei CVE-2021-37082 (There is a Race Condition vulnerability in Huawei Smartphone.Successfu ...) - TODO: check + NOT-FOR-US: Huawei CVE-2021-37081 (There is a Improper Input Validation vulnerability in Huawei Smartphon ...) - TODO: check + NOT-FOR-US: Huawei CVE-2021-37080 (There is a Incomplete Cleanup vulnerability in Huawei Smartphone.Succe ...) - TODO: check + NOT-FOR-US: Huawei CVE-2021-37079 (There is a Improper Input Validation vulnerability in Huawei Smartphon ...) - TODO: check + NOT-FOR-US: Huawei CVE-2021-37078 (There is a Uncaught Exception vulnerability in Huawei Smartphone.Succe ...) - TODO: check + NOT-FOR-US: Huawei CVE-2021-37077 (There is a NULL Pointer Dereference vulnerability in Huawei Smartphone ...) - TODO: check + NOT-FOR-US: Huawei CVE-2021-37076 (There is a Out-of-bounds Read vulnerability in Huawei Smartphone.Succe ...) - TODO: check + NOT-FOR-US: Huawei CVE-2021-37075 RESERVED CVE-2021-37074 RESERVED CVE-2021-37073 (There is a Race Condition vulnerability in Huawei Smartphone.Successfu ...) - TODO: check + NOT-FOR-US: Huawei CVE-2021-37072 (There is a Incorrect Calculation of Buffer Size vulnerability in Huawe ...) - TODO: check + NOT-FOR-US: Huawei CVE-2021-37071 (There is a Business Logic Errors vulnerability in Huawei Smartphone.Su ...) - TODO: check + NOT-FOR-US: Huawei CVE-2021-37070 (There is a Out-of-bounds Read vulnerability in Huawei Smartphone.Succe ...) - TODO: check + NOT-FOR-US: Huawei CVE-2021-37069 RESERVED CVE-2021-37068 (There is a Resource Management Errors vulnerability in Huawei Smartpho ...) - TODO: check + NOT-FOR-US: Huawei CVE-2021-37067 (There is a Exposure of Sensitive Information to an Unauthorized Actor ...) - TODO: check + NOT-FOR-US: Huawei CVE-2021-37066 (There is a Out-of-bounds Read vulnerability in Huawei Smartphone.Succe ...) - TODO: check + NOT-FOR-US: Huawei CVE-2021-37065 (There is a Integer Overflow or Wraparound vulnerability in Huawei Smar ...) - TODO: check + NOT-FOR-US: Huawei CVE-2021-37064 (There is a Improper Limitation of a Pathname to a Restricted Directory ...) - TODO: check + NOT-FOR-US: Huawei CVE-2021-37063 (There is a Cryptographic Issues vulnerability in Huawei Smartphone.Suc ...) - TODO: check + NOT-FOR-US: Huawei CVE-2021-37062 (There is a Improper Validation of Array Index vulnerability in Huawei ...) - TODO: check + NOT-FOR-US: Huawei CVE-2021-37061 (There is a Uncontrolled Resource Consumption vulnerability in Huawei S ...) - TODO: check + NOT-FOR-US: Huawei CVE-2021-37060 (There is a Improper Input Validation vulnerability in Huawei Smartphon ...) - TODO: check + NOT-FOR-US: Huawei CVE-2021-37059 (There is a Weaknesses Introduced During Design ...) TODO: check CVE-2021-37058 (There is a Permissions,Privileges,and Access Controls vulnerability in ...) - TODO: check + NOT-FOR-US: Huawei CVE-2021-37057 (There is a Improper Validation of Array Index vulnerability in Huawei ...) - TODO: check + NOT-FOR-US: Huawei CVE-2021-37056 (There is an Improper permission control vulnerability in Huawei Smartp ...) - TODO: check + NOT-FOR-US: Huawei CVE-2021-37055 (There is a Logic bypass vulnerability in Huawei Smartphone.Successful ...) - TODO: check + NOT-FOR-US: Huawei CVE-2021-37054 RESERVED CVE-2021-37053 @@ -21922,27 +21922,27 @@ CVE-2021-37050 CVE-2021-37049 RESERVED CVE-2021-37048 (There is a Improper Input Validation vulnerability in Huawei Smartphon ...) - TODO: check + NOT-FOR-US: Huawei CVE-2021-37047 (There is an Input verification vulnerability in Huawei Smartphone.Succ ...) - TODO: check + NOT-FOR-US: Huawei CVE-2021-37046 (There is a Memory leak vulnerability with the codec detection module i ...) - TODO: check + NOT-FOR-US: Huawei CVE-2021-37045 RESERVED CVE-2021-37044 RESERVED CVE-2021-37043 (There is a Stack-based Buffer Overflow vulnerability in Huawei Smartph ...) - TODO: check + NOT-FOR-US: Huawei CVE-2021-37042 (There is an Improper verification vulnerability in Huawei Smartphone.S ...) - TODO: check + NOT-FOR-US: Huawei CVE-2021-37041 (There is an Improper verification vulnerability in Huawei Smartphone.S ...) - TODO: check + NOT-FOR-US: Huawei CVE-2021-37040 RESERVED CVE-2021-37039 RESERVED CVE-2021-37038 (There is an Improper access control vulnerability in Huawei Smartphone ...) - TODO: check + NOT-FOR-US: Huawei CVE-2021-37037 RESERVED CVE-2021-37036 (There is an information leakage vulnerability in FusionCompute 6.5.1, ...) @@ -21976,9 +21976,9 @@ CVE-2021-37023 (There is a Improper Access Control vulnerability in Huawei Smart CVE-2021-37022 (There is a Heap-based Buffer Overflow vulnerability in Huawei Smartpho ...) NOT-FOR-US: Huawei CVE-2021-37021 (There is a Stack-based Buffer Overflow vulnerability in Huawei Smartph ...) - TODO: check + NOT-FOR-US: Huawei CVE-2021-37020 (There is a Stack-based Buffer Overflow vulnerability in Huawei Smartph ...) - TODO: check + NOT-FOR-US: Huawei CVE-2021-37019 (There is a Improper Input Validation vulnerability in Huawei Smartphon ...) NOT-FOR-US: Huawei CVE-2021-37018 (There is a Data Processing Errors vulnerability in Huawei Smartphone.S ...) @@ -21990,13 +21990,13 @@ CVE-2021-37016 (There is a Out-of-bounds Read vulnerability in Huawei Smartphone CVE-2021-37015 (There is a Out-of-bounds Read vulnerability in Huawei Smartphone.Succe ...) NOT-FOR-US: Huawei CVE-2021-37014 (There is a Stack-based Buffer Overflow vulnerability in Huawei Smartph ...) - TODO: check + NOT-FOR-US: Huawei CVE-2021-37013 (There is a Improper Input Validation vulnerability in Huawei Smartphon ...) NOT-FOR-US: Huawei CVE-2021-37012 (There is a Data Processing Errors vulnerability in Huawei Smartphone.S ...) NOT-FOR-US: Huawei CVE-2021-37011 (There is a Stack-based Buffer Overflow vulnerability in Huawei Smartph ...) - TODO: check + NOT-FOR-US: Huawei CVE-2021-37010 (There is a Exposure of Sensitive Information to an Unauthorized Actor ...) NOT-FOR-US: Huawei CVE-2021-37009 (There is a Configuration vulnerability in Huawei Smartphone.Successful ...) @@ -41743,11 +41743,11 @@ CVE-2021-29118 CVE-2021-29117 RESERVED CVE-2021-29116 (A stored Cross Site Scripting (XSS) vulnerability in Esri ArcGIS Serve ...) - TODO: check + NOT-FOR-US: Esri ArcGIS Server CVE-2021-29115 (An information disclosure vulnerability in the ArcGIS Service Director ...) - TODO: check + NOT-FOR-US: Esri ArcGIS CVE-2021-29114 (A SQL injection vulnerability in feature services provided by Esri Arc ...) - TODO: check + NOT-FOR-US: Esri ArcGIS CVE-2021-29113 (A remote file inclusion vulnerability in the ArcGIS Server help docume ...) TODO: check CVE-2021-29112 @@ -56522,9 +56522,9 @@ CVE-2021-22958 (A Server-Side Request Forgery vulnerability was found in concret CVE-2021-22957 (A Cross-Origin Resource Sharing (CORS) vulnerability found in UniFi Pr ...) NOT-FOR-US: UniFi Protect CVE-2021-22956 (An uncontrolled resource consumption vulnerability exists in Citrix AD ...) - TODO: check + NOT-FOR-US: Citrix CVE-2021-22955 (A unauthenticated denial of service vulnerability exists in Citrix ADC ...) - TODO: check + NOT-FOR-US: Citrix CVE-2021-22954 RESERVED CVE-2021-22953 (A CSRF in Concrete CMS version 8.5.5 and below allows an attacker to c ...) @@ -77471,7 +77471,7 @@ CVE-2020-27415 CVE-2020-27414 (Mahavitaran android application 7.50 and prior transmit sensitive info ...) NOT-FOR-US: Mahavitaran android application CVE-2020-27413 (An issue was discovered in Mahavitaran android application 7.50 and be ...) - TODO: check + NOT-FOR-US: Mahavitaran android application CVE-2020-27412 RESERVED CVE-2020-27411 -- cgit v1.2.3