Process several NFUs

author: Salvatore Bonaccorso <carnil@debian.org> 2021-01-01 21:20:32 +0100
committer: Salvatore Bonaccorso <carnil@debian.org> 2021-01-01 21:20:32 +0100
commit: 15a1b8d2bc5c9fe96ea2500ef8e5927701d91766 (patch)
tree: 9e0829cedb1884345df0f4af70a3d76fa2ce7d66
parent: 1de6dc3e63bd30131889bfc17a30a6c80d54faf5 (diff)
4 files changed, 15 insertions, 15 deletions
diff --git a/data/CVE/2018.list b/data/CVE/2018.list
index 342961205b..7a04e084ee 100644
--- a/data/CVE/2018.list
+++ b/data/CVE/2018.list
@@ -3893,15 +3893,15 @@ CVE-2018-19947 (The vulnerability have been reported to affect earlier versions
 CVE-2018-19946 (The vulnerability have been reported to affect earlier versions of Hel ...)
 	NOT-FOR-US: QNAP
 CVE-2018-19945 (A vulnerability has been reported to affect earlier QNAP devices runni ...)
-	TODO: check
+	NOT-FOR-US: QNAP
 CVE-2018-19944 (A cleartext transmission of sensitive information vulnerability has be ...)
-	TODO: check
+	NOT-FOR-US: QNAP
 CVE-2018-19943 (If exploited, this cross-site scripting vulnerability could allow remo ...)
 	NOT-FOR-US: QNAP
 CVE-2018-19942
 	RESERVED
 CVE-2018-19941 (A vulnerability has been reported to affect QNAP NAS. If exploited, th ...)
-	TODO: check
+	NOT-FOR-US: QNAP
 CVE-2018-19940
 	RESERVED
 CVE-2018-19939 (The Goodix GT9xx touchscreen driver for custom Linux kernels on Xiaomi ...)
diff --git a/data/CVE/2019.list b/data/CVE/2019.list
index 6aa10af09d..1154ea7222 100644
--- a/data/CVE/2019.list
+++ b/data/CVE/2019.list
@@ -1,7 +1,7 @@
 CVE-2019-25012 (The Webform Report project 7.x-1.x-dev for Drupal allows remote attack ...)
 	NOT-FOR-US: Webform Report project for Drupal
 CVE-2019-25011 (NetBox through 2.6.2 allows an Authenticated User to conduct an XSS at ...)
-	TODO: check
+	NOT-FOR-US: NetBox
 CVE-2019-25010 (An issue was discovered in the failure crate through 2019-11-13 for Ru ...)
 	- rust-failure <unfixed>
 	NOTE: https://rustsec.org/advisories/RUSTSEC-2019-0036.html
diff --git a/data/CVE/2020.list b/data/CVE/2020.list
index 49c868492c..2ab35b2034 100644
--- a/data/CVE/2020.list
+++ b/data/CVE/2020.list
@@ -9877,7 +9877,7 @@ CVE-2020-26167 (In FUEL CMS 11.4.12 and before, the page preview feature allows
 CVE-2020-26166 (The file upload functionality in qdPM 9.1 doesn't check the file descr ...)
 	NOT-FOR-US: qdPM
 CVE-2020-26165 (qdPM through 9.1 allows PHP Object Injection via timeReportActions::ex ...)
-	TODO: check
+	NOT-FOR-US: qdPM
 CVE-2020-26164 (In kdeconnect-kde (aka KDE Connect) before 20.08.2, an attacker on the ...)
 	- kdeconnect 20.08.2-1 (bug #971736)
 	[buster] - kdeconnect <no-dsa> (Minor issue)
@@ -10588,15 +10588,15 @@ CVE-2020-25848 (HGiga MailSherlock contains weak authentication flaw that attack
 CVE-2020-25847 (This command injection vulnerability allows attackers to execute arbit ...)
 	NOT-FOR-US: QNAP
 CVE-2020-25846 (The digest generation function of NHIServiSignAdapter has not been ver ...)
-	TODO: check
+	NOT-FOR-US: NHIServiSignAdapter
 CVE-2020-25845 (Multiple functions of NHIServiSignAdapter failed to verify the users&# ...)
-	TODO: check
+	NOT-FOR-US: NHIServiSignAdapter
 CVE-2020-25844 (The digest generation function of NHIServiSignAdapter has not been ver ...)
-	TODO: check
+	NOT-FOR-US: NHIServiSignAdapter
 CVE-2020-25843 (NHIServiSignAdapter fails to verify the length of digital credential f ...)
-	TODO: check
+	NOT-FOR-US: NHIServiSignAdapter
 CVE-2020-25842 (The encryption function of NHIServiSignAdapter fail to verify the file ...)
-	TODO: check
+	NOT-FOR-US: NHIServiSignAdapter
 CVE-2020-25841
 	RESERVED
 CVE-2020-25840
@@ -41844,13 +41844,13 @@ CVE-2020-11837
 CVE-2020-11836
 	RESERVED
 CVE-2020-11835 (In /SM8250_Q_Master/android/vendor/oppo_charger/oppo/charger_ic/oppo_d ...)
-	TODO: check
+	NOT-FOR-US: oppo
 CVE-2020-11834 (In /SM8250_Q_Master/android/vendor/oppo_charger/oppo/oppo_vooc.c, the  ...)
-	TODO: check
+	NOT-FOR-US: oppo
 CVE-2020-11833 (In /SM8250_Q_Master/android/vendor/oppo_charger/oppo/charger_ic/oppo_m ...)
-	TODO: check
+	NOT-FOR-US: oppo
 CVE-2020-11832 (In functions charging_limit_current_write and charging_limit_time_writ ...)
-	TODO: check
+	NOT-FOR-US: oppo
 CVE-2020-11831 (OvoiceManager has system permission to write vulnerability reports for ...)
 	NOT-FOR-US: OvoiceManager
 CVE-2020-11830 (QualityProtect has a vulnerability to execute arbitrary system command ...)
diff --git a/data/CVE/2021.list b/data/CVE/2021.list
index a137ff9576..958ff46bac 100644
--- a/data/CVE/2021.list
+++ b/data/CVE/2021.list
@@ -1,7 +1,7 @@
 CVE-2021-3003
 	RESERVED
 CVE-2021-3002 (Seo Panel 4.8.0 allows reflected XSS via the seo/seopanel/login.php?se ...)
-	TODO: check
+	NOT-FOR-US: Seo Panel
 CVE-2021-3001
 	RESERVED
 CVE-2021-21493
author	Salvatore Bonaccorso <carnil@debian.org>	2021-01-01 21:20:32 +0100
committer	Salvatore Bonaccorso <carnil@debian.org>	2021-01-01 21:20:32 +0100
commit	15a1b8d2bc5c9fe96ea2500ef8e5927701d91766 (patch)
tree	9e0829cedb1884345df0f4af70a3d76fa2ce7d66
parent	1de6dc3e63bd30131889bfc17a30a6c80d54faf5 (diff)