diff options
| author | Salvatore Bonaccorso <carnil@debian.org> | 2021-03-01 09:33:22 +0100 |
|---|---|---|
| committer | Salvatore Bonaccorso <carnil@debian.org> | 2021-03-01 09:33:22 +0100 |
| commit | 4ba96f3423489e2307a7c7e62eeebcb4426d2e9d (patch) | |
| tree | 2a3210ef0ba886f060572daf04564faed435e54a | |
| parent | 53eda1253edcfa0f9d751bc826ed8b2586d62272 (diff) | |
Process some NFUs
| -rw-r--r-- | data/CVE/2019.list | 2 | ||||
| -rw-r--r-- | data/CVE/2020.list | 6 | ||||
| -rw-r--r-- | data/CVE/2021.list | 6 |
3 files changed, 7 insertions, 7 deletions
diff --git a/data/CVE/2019.list b/data/CVE/2019.list index 4e3dabf0c5..0aad652d50 100644 --- a/data/CVE/2019.list +++ b/data/CVE/2019.list @@ -24387,7 +24387,7 @@ CVE-2019-11686 (Western Digital SanDisk X300, X300s, X400, and X600 devices: A v CVE-2019-11685 RESERVED CVE-2019-11684 (Improper Access Control in the RCP+ server of the Bosch Video Recordin ...) - TODO: check + NOT-FOR-US: Bosch CVE-2019-11683 (udp_gro_receive_segment in net/ipv4/udp_offload.c in the Linux kernel ...) - linux <not-affected> (Vulnerable code introduced later) NOTE: Fixed by: https://git.kernel.org/linus/4dd2b82d5adfbe0b1587ccad7a8f76d826120f37 diff --git a/data/CVE/2020.list b/data/CVE/2020.list index 3ca75ef17d..06aca969ed 100644 --- a/data/CVE/2020.list +++ b/data/CVE/2020.list @@ -6133,7 +6133,7 @@ CVE-2020-28201 CVE-2020-28200 RESERVED CVE-2020-28199 (best it Amazon Pay Plugin before 9.4.2 for Shopware exposes Sensitive ...) - TODO: check + NOT-FOR-US: Amazon Pay Plugin for Shopware CVE-2020-28198 RESERVED CVE-2020-28197 @@ -10831,7 +10831,7 @@ CVE-2020-26202 CVE-2020-26201 (Askey AP5100W_Dual_SIG_1.01.097 and all prior versions use a weak pass ...) NOT-FOR-US: Askey CVE-2020-26200 (A component of Kaspersky custom boot loader allowed loading of untrust ...) - TODO: check + NOT-FOR-US: Kaspersky products CVE-2020-26199 (Dell EMC Unity, Unity XT, and UnityVSA versions prior to 5.0.4.0.5.012 ...) NOT-FOR-US: EMC CVE-2020-26198 (Dell EMC iDRAC9 versions prior to 4.32.10.00 and 4.40.00.00 contain a ...) @@ -14385,7 +14385,7 @@ CVE-2020-24688 CVE-2020-24687 RESERVED CVE-2020-24686 (The vulnerabilities can be exploited to cause the web visualization co ...) - TODO: check + NOT-FOR-US: ABB AC500 V2 products CVE-2020-24685 (An unauthenticated specially crafted packet sent by an attacker over t ...) NOT-FOR-US: ABB CVE-2020-24684 diff --git a/data/CVE/2021.list b/data/CVE/2021.list index 5414b21169..3e9abef0ce 100644 --- a/data/CVE/2021.list +++ b/data/CVE/2021.list @@ -1205,7 +1205,7 @@ CVE-2021-27227 CVE-2021-27226 RESERVED CVE-2021-27225 (In Dataiku DSS before 8.0.6, insufficient access control in the Jupyte ...) - TODO: check + NOT-FOR-US: Dataiku DSS CVE-2021-27224 (The WPG plugin before 3.1.0.0 for IrfanView 4.57 has a user-mode write ...) NOT-FOR-US: WPG plugin for IrfanView CVE-2021-27223 @@ -8905,7 +8905,7 @@ CVE-2021-23835 (An issue was discovered in flatCore before 2.0.0 build 139. A lo CVE-2021-3125 RESERVED CVE-2021-3124 (Stored cross-site scripting (XSS) in form field in robust.systems prod ...) - TODO: check + NOT-FOR-US: WordPress Plugin Custom Global Variables CVE-2021-3123 RESERVED CVE-2021-3122 (CMCAgent in NCR Command Center Agent 16.3 on Aloha POS/BOH servers per ...) @@ -12738,7 +12738,7 @@ CVE-2021-3012 CVE-2021-3011 (An electromagnetic-wave side-channel issue was discovered on NXP Smart ...) NOT-FOR-US: NXP CVE-2021-3010 (There are multiple persistent cross-site scripting (XSS) vulnerabiliti ...) - TODO: check + NOT-FOR-US: OpenText Content Server CVE-2021-3009 RESERVED CVE-2021-3008 |