From 14042b7bf9bc01e9ca3e20b19d749a2d1bb2a44a Mon Sep 17 00:00:00 2001 From: Salvatore Bonaccorso Date: Fri, 27 Nov 2020 21:20:27 +0100 Subject: Process some NFUs --- data/CVE/list | 38 +++++++++++++++++++------------------- 1 file changed, 19 insertions(+), 19 deletions(-) diff --git a/data/CVE/list b/data/CVE/list index d17f247beb..20763773e2 100644 --- a/data/CVE/list +++ b/data/CVE/list @@ -457,7 +457,7 @@ CVE-2020-29140 CVE-2020-29139 RESERVED CVE-2020-29138 (Incorrect Access Control in the configuration backup path in SAGEMCOM ...) - TODO: check + NOT-FOR-US: SAGEMCOM CVE-2020-29137 (cPanel before 90.0.17 allows self-XSS via the WHM Transfer Tool interf ...) NOT-FOR-US: cPanel CVE-2020-29136 (In cPanel before 90.0.17, 2FA can be bypassed via a brute-force approa ...) @@ -944,9 +944,9 @@ CVE-2020-28924 (An issue was discovered in Rclone before 1.53.3. Due to the use CVE-2020-28923 RESERVED CVE-2020-28922 (An issue was discovered in Devid Espenschied PC Analyser through 4.10. ...) - TODO: check + NOT-FOR-US: Devid Espenschied PC Analyser CVE-2020-28921 (An issue was discovered in Devid Espenschied PC Analyser through 4.10. ...) - TODO: check + NOT-FOR-US: Devid Espenschied PC Analyser CVE-2020-28920 RESERVED CVE-2020-28919 @@ -13107,7 +13107,7 @@ CVE-2020-25017 (Envoy through 1.15.0 only considers the first value when multipl CVE-2020-25015 (A specific router allows changing the Wi-Fi password remotely. Genexis ...) NOT-FOR-US: Genexis Platinum 4410 V2-1.28 CVE-2020-25014 (A stack-based buffer overflow in fbwifi_continue.cgi on Zyxel UTM and ...) - TODO: check + NOT-FOR-US: Zyxel CVE-2020-25013 (JetBrains ToolBox before version 1.18 is vulnerable to a Denial of Ser ...) NOT-FOR-US: JetBrains CVE-2020-25012 @@ -65074,25 +65074,25 @@ CVE-2019-19880 (exprListAppendList in window.c in SQLite 3.30.1 allows attackers CVE-2019-19879 (HashiCorp Sentinel up to 0.10.1 incorrectly parsed negation in certain ...) NOT-FOR-US: HashiCorp Sentinel (different from Redis Sentinel) CVE-2019-19878 (An issue was discovered in B&R Industrial Automation APROL before ...) - TODO: check + NOT-FOR-US: B&R Industrial Automation APROL CVE-2019-19877 (An issue was discovered in B&R Industrial Automation APROL before ...) - TODO: check + NOT-FOR-US: B&R Industrial Automation APROL CVE-2019-19876 (An issue was discovered in B&R Industrial Automation APROL before ...) - TODO: check + NOT-FOR-US: B&R Industrial Automation APROL CVE-2019-19875 (An issue was discovered in B&R Industrial Automation APROL before ...) - TODO: check + NOT-FOR-US: B&R Industrial Automation APROL CVE-2019-19874 (An issue was discovered in B&R Industrial Automation APROL before ...) - TODO: check + NOT-FOR-US: B&R Industrial Automation APROL CVE-2019-19873 (An issue was discovered in B&R Industrial Automation APROL before ...) - TODO: check + NOT-FOR-US: B&R Industrial Automation APROL CVE-2019-19872 (An issue was discovered in B&R Industrial Automation APROL before ...) - TODO: check + NOT-FOR-US: B&R Industrial Automation APROL CVE-2019-19871 RESERVED CVE-2019-19870 RESERVED CVE-2019-19869 (An issue was discovered in B&R Industrial Automation APROL before ...) - TODO: check + NOT-FOR-US: B&R Industrial Automation APROL CVE-2019-19868 RESERVED CVE-2019-19867 @@ -190404,19 +190404,19 @@ CVE-2017-15688 CVE-2017-15687 (DOM Based Cross Site Scripting (XSS) exists in Logitech Media Server 7 ...) NOT-FOR-US: Logitech CVE-2017-15686 (Crafter CMS Crafter Studio 3.0.1 is affected by: Cross Site Scripting ...) - TODO: check + NOT-FOR-US: Crafter CMS Crafter Studio CVE-2017-15685 (Crafter CMS Crafter Studio 3.0.1 is affected by: XML External Entity ( ...) - TODO: check + NOT-FOR-US: Crafter CMS Crafter Studio CVE-2017-15684 (Crafter CMS Crafter Studio 3.0.1 has a directory traversal vulnerabili ...) - TODO: check + NOT-FOR-US: Crafter CMS Crafter Studio CVE-2017-15683 (In Crafter CMS Crafter Studio 3.0.1 an unauthenticated attacker is abl ...) - TODO: check + NOT-FOR-US: Crafter CMS Crafter Studio CVE-2017-15682 (In Crafter CMS Crafter Studio 3.0.1 an unauthenticated attacker is abl ...) - TODO: check + NOT-FOR-US: Crafter CMS Crafter Studio CVE-2017-15681 (In Crafter CMS Crafter Studio 3.0.1 a directory traversal vulnerabilit ...) - TODO: check + NOT-FOR-US: Crafter CMS Crafter Studio CVE-2017-15680 (In Crafter CMS Crafter Studio 3.0.1 an IDOR vulnerability exists which ...) - TODO: check + NOT-FOR-US: Crafter CMS Crafter Studio CVE-2017-15679 RESERVED CVE-2017-15678 -- cgit v1.2.3