Process NFUs

5 files changed, 37 insertions, 37 deletions

diff --git a/data/CVE/2012.list b/data/CVE/2012.list
index 92ef83dc8e..bdd025e7d0 100644
--- a/data/CVE/2012.list
+++ b/data/CVE/2012.list
@@ -6652,7 +6652,7 @@ CVE-2012-4031 (Multiple directory traversal vulnerabilities in src/acloglogin.ph
 CVE-2012-4030 (Chamilo before 1.8.8.6 does not adequately handle user supplied input  ...)
 	NOT-FOR-US: Chamilo LMS
 CVE-2012-4029 (Cross-site scripting (XSS) vulnerability in main/dropbox/index.php in  ...)
-	TODO: check
+	NOT-FOR-US: Chamilo LMS
 CVE-2012-4028 (Tridium Niagara AX Framework does not properly store credential data,  ...)
 	NOT-FOR-US: Tridium Niagara AX Framework
 CVE-2012-4027 (Directory traversal vulnerability in Tridium Niagara AX Framework allo ...)
@@ -10252,7 +10252,7 @@ CVE-2012-2595 (Multiple cross-site scripting (XSS) vulnerabilities in unspecifie
 CVE-2012-2594
 	RESERVED
 CVE-2012-2593 (Cross-site scripting (XSS) vulnerability in the administrative interfa ...)
-	TODO: check
+	NOT-FOR-US: Atmail Webmail Server
 CVE-2012-2592 (Cross-site scripting (XSS) vulnerability in Axigen Mail Server 8.0.1 a ...)
 	NOT-FOR-US: AXIGEN Mail Server
 CVE-2012-2591 (Multiple cross-site scripting (XSS) vulnerabilities in EmailArchitect  ...)
diff --git a/data/CVE/2013.list b/data/CVE/2013.list
index 36110a0979..ba6a72475e 100644
--- a/data/CVE/2013.list
+++ b/data/CVE/2013.list
@@ -10193,7 +10193,7 @@ CVE-2013-3630 (Moodle through 2.5.2 allows remote authenticated administrators t
 	NOTE: https://tracker.moodle.org/browse/MDL-41449
 	NOTE: https://community.rapid7.com/community/metasploit/blog/2013/10/30/seven-tricks-and-treats
 CVE-2013-3629 (ISPConfig 3.0.5.2 has Arbitrary PHP Code Execution ...)
-	TODO: check
+	NOT-FOR-US: ISPConfig
 CVE-2013-3628 (Zabbix 2.0.9 has an Arbitrary Command Execution Vulnerability ...)
 	TODO: check
 CVE-2013-3627 (FrameworkService.exe in McAfee Framework Service in McAfee Managed Age ...)
@@ -10269,7 +10269,7 @@ CVE-2013-3593 (Baramundi Management Suite 7.5 through 8.9 uses cleartext for (1)
 CVE-2013-3592
 	RESERVED
 CVE-2013-3591 (vTiger CRM 5.3 and 5.4: 'files' Upload Folder Arbitrary PHP Code Execu ...)
-	TODO: check
+	NOT-FOR-US: vTiger CRM
 CVE-2013-3590 (Unrestricted file upload vulnerability in admin/uploadImage.html in Se ...)
 	NOT-FOR-US: SearchBlox
 CVE-2013-3589 (Cross-site scripting (XSS) vulnerability in the login page in the Admi ...)
@@ -11365,7 +11365,7 @@ CVE-2013-3098 (Multiple cross-site request forgery (CSRF) vulnerabilities in TRE
 CVE-2013-3097 (Unspecified Cross-site scripting (XSS) vulnerability in the Verizon FI ...)
 	NOT-FOR-US: Verizon
 CVE-2013-3096 (D-Link DIR865L v1.03 suffers from an "Unauthenticated Hardware Linking ...)
-	TODO: check
+	NOT-FOR-US: D-Link
 CVE-2013-3095 (Multiple cross-site request forgery (CSRF) vulnerabilities in D-Link D ...)
 	NOT-FOR-US: D-Link
 CVE-2013-3094
@@ -11375,7 +11375,7 @@ CVE-2013-3093 (ASUS RT-N56U devices allow CSRF. ...)
 CVE-2013-3092 (The Belkin N300 (F7D7301v1) router allows remote attackers to bypass a ...)
 	NOT-FOR-US: Belkin router
 CVE-2013-3091 (An Authentication Bypass vulnerability in Belkin N300 (F7D7301v1) rout ...)
-	TODO: check
+	NOT-FOR-US: Belkin N300 router
 CVE-2013-3090 (Multiple cross-site scripting (XSS) vulnerabilities in Belkin N300 rou ...)
 	NOT-FOR-US: Belkin N300 router
 CVE-2013-3089 (Cross-site request forgery (CSRF) vulnerability in apply.cgi in Belkin ...)
@@ -11430,7 +11430,7 @@ CVE-2013-3069 (Multiple cross-site scripting (XSS) vulnerabilities in NETGEAR WN
 CVE-2013-3068 (Cross-site request forgery (CSRF) vulnerability in apply.cgi in Linksy ...)
 	NOT-FOR-US: Linksys
 CVE-2013-3067 (Linksys WRT310Nv2 2.0.0.1 is vulnerable to XSS. ...)
-	TODO: check
+	NOT-FOR-US: Linksys
 CVE-2013-3066 (Linksys EA6500 with firmware 1.1.28.147876 does not properly restrict  ...)
 	NOT-FOR-US: Linksys
 CVE-2013-3065 (Cross-site scripting (XSS) vulnerability in the Parental Controls sect ...)
@@ -16894,7 +16894,7 @@ CVE-2013-1204 (Memory leak in the SNMP process in Cisco IOS XR allows remote att
 CVE-2013-1203 (Cisco ASA CX Context-Aware Security Software allows remote attackers t ...)
 	NOT-FOR-US: Cisco ASA
 CVE-2013-1202 (Cisco ACE A2(3.6) allows log retention DoS. ...)
-	TODO: check
+	NOT-FOR-US: Cisco
 CVE-2013-1201
 	RESERVED
 CVE-2013-1200 (Session fixation vulnerability in Cisco Secure Access Control System ( ...)
diff --git a/data/CVE/2014.list b/data/CVE/2014.list
index 0473fc6b1c..6ce4f68aeb 100644
--- a/data/CVE/2014.list
+++ b/data/CVE/2014.list
@@ -2908,7 +2908,7 @@ CVE-2014-9472 (The email gateway in RT (aka Request Tracker) 3.0.0 through 4.x b
 	- request-tracker4 4.2.8-3
 	- request-tracker3.8 <removed> (unimportant)
 CVE-2014-9470 (Cross-site scripting (XSS) vulnerability in the loadForm function in F ...)
-	TODO: check
+	NOT-FOR-US: Fork CMS
 CVE-2014-9469 (Cross-site scripting (XSS) vulnerability in vBulletin 3.5.4, 3.6.0, 3. ...)
 	NOT-FOR-US: vBulletin
 CVE-2014-9468 (Multiple cross-site scripting (XSS) vulnerabilities in InstantASP Inst ...)
@@ -3883,9 +3883,9 @@ CVE-2014-9131
 CVE-2014-9128
 	RESERVED
 CVE-2014-9127 (Open-School Community Edition 2.2 does not properly restrict access to ...)
-	TODO: check
+	NOT-FOR-US: Open-School Community Edition
 CVE-2014-9126 (Multiple cross-site scripting (XSS) vulnerabilities in Open-School Com ...)
-	TODO: check
+	NOT-FOR-US: Open-School Community Edition
 CVE-2014-9125
 	RESERVED
 CVE-2014-9124
@@ -7425,7 +7425,7 @@ CVE-2014-7865
 CVE-2014-7864 (Multiple SQL injection vulnerabilities in the FailOverHelperServlet (a ...)
 	NOT-FOR-US: ZOHO ManageEngine OpManager
 CVE-2014-7863 (The FailOverHelperServlet (aka FailServlet) servlet in ZOHO ManageEngi ...)
-	TODO: check
+	NOT-FOR-US: ZOHO ManageEngine
 CVE-2014-7862 (The DCPluginServelet servlet in ManageEngine Desktop Central and Deskt ...)
 	NOT-FOR-US: ManageEngine
 CVE-2014-7861 (The IOHIDSecurePromptClient function in Apple OS X does not properly v ...)
@@ -13255,7 +13255,7 @@ CVE-2014-5290
 CVE-2014-5289 (Buffer overflow in Senkas Kolibri 2.0 allows remote attackers to execu ...)
 	NOT-FOR-US: Senkas Kolibri
 CVE-2014-5288 (A CSRF Vulnerability exists in Kemp Load Master before 7.0-18a via uns ...)
-	TODO: check
+	NOT-FOR-US: Kemp Load Master
 CVE-2014-5287 (A Bash script injection vulnerability exists in Kemp Load Master 7.1-1 ...)
 	NOT-FOR-US: Kemp Load Master
 CVE-2014-5286 (The ActiveMatrix Policy Manager Authentication module in TIBCO ActiveM ...)
@@ -13797,7 +13797,7 @@ CVE-2014-5093 (Status2k does not remove the install directory allowing credentia
 CVE-2014-5092 (Status2k allows Remote Command Execution in admin/options/editpl.php. ...)
 	NOT-FOR-US: Status2k
 CVE-2014-5091 (A vulnerability exits in Status2K 2.5 Server Monitoring Software via t ...)
-	TODO: check
+	NOT-FOR-US: Status2K Server Monitoring Software
 CVE-2014-5090 (admin/options/logs.php in Status2k allows remote authenticated adminis ...)
 	NOT-FOR-US: Status2k
 CVE-2014-5089 (SQL injection vulnerability in admin/options/logs.php in Status2k allo ...)
diff --git a/data/CVE/2015.list b/data/CVE/2015.list
index 90b2b49182..873dcb4c02 100644
--- a/data/CVE/2015.list
+++ b/data/CVE/2015.list
@@ -17299,7 +17299,7 @@ CVE-2015-3425 (Cross-site scripting (XSS) vulnerability in Accentis Content Reso
 CVE-2015-3424 (SQL injection vulnerability in Accentis Content Resource Management Sy ...)
 	NOT-FOR-US: Accentis Content Resource Management System
 CVE-2015-3423 (Multiple SQL injection vulnerabilities in NetCracker Resource Manageme ...)
-	TODO: check
+	NOT-FOR-US: NetCracker Resource Management System
 CVE-2015-3422 (Cross-site scripting (XSS) vulnerability in SearchBlox before 8.2.1 al ...)
 	NOT-FOR-US: SearchBlox
 CVE-2015-3421 (The eshop_checkout function in checkout.php in the Wordpress Eshop plu ...)
@@ -18886,7 +18886,7 @@ CVE-2015-2911
 CVE-2015-2910
 	RESERVED
 CVE-2015-2909 (Dedicated Micros DV-IP Express, SD Advanced, SD, EcoSense, and DS2 dev ...)
-	TODO: check
+	NOT-FOR-US: Dedicated Micros DVR products
 CVE-2015-2908 (** DISPUTED ** Mobile Devices (aka MDI) C4 OBD-II dongles with firmwar ...)
 	NOT-FOR-US: Mobile Devices (aka MDI) C4 OBD-II dongles
 CVE-2015-2907 (** DISPUTED ** Mobile Devices (aka MDI) C4 OBD-II dongles with firmwar ...)
@@ -21041,7 +21041,7 @@ CVE-2015-2209 (DLGuard 4.5 allows remote attackers to obtain the installation pa
 CVE-2015-2208 (The saveObject function in moadmin.php in phpMoAdmin 1.1.2 allows remo ...)
 	NOT-FOR-US: phpMoAdmin
 CVE-2015-2207 (Multiple cross-site scripting (XSS) vulnerabilities in NetCracker Reso ...)
-	TODO: check
+	NOT-FOR-US: NetCracker Resource Management System
 CVE-2015-2206 (libraries/select_lang.lib.php in phpMyAdmin 4.0.x before 4.0.10.9, 4.2 ...)
 	{DSA-3382-1 DLA-336-1}
 	- phpmyadmin 4:4.4.4-1 (unimportant)
@@ -21455,7 +21455,7 @@ CVE-2015-2080 (The exception handling code in Eclipse Jetty before 9.2.9.v201502
 	NOTE: https://github.com/eclipse/jetty.project/blob/master/advisories/2015-02-24-httpparser-error-buffer-bleed.md
 	NOTE: http://blog.gdssecurity.com/labs/2015/2/25/jetleak-vulnerability-remote-leakage-of-shared-buffers-in-je.html
 CVE-2015-2062 (Multiple SQL injection vulnerabilities in the Huge-IT Slider (slider-i ...)
-	TODO: check
+	NOT-FOR-US: Huge-IT Slider (slider- image) plugin for WordPress
 CVE-2015-2061 (Heap-based buffer overflow in the browser plugin for PTC Creo View all ...)
 	NOT-FOR-US: PTC Creo View
 CVE-2015-2057
diff --git a/data/CVE/2019.list b/data/CVE/2019.list
index 73789594cd..92f72c11ba 100644
--- a/data/CVE/2019.list
+++ b/data/CVE/2019.list
@@ -8187,9 +8187,9 @@ CVE-2019-17138 (This vulnerability allows remote attackers to disclose sensitive
 CVE-2019-17137
 	RESERVED
 CVE-2019-17136 (This vulnerability allows remote attackers to execute arbitrary code o ...)
-	TODO: check
+	NOT-FOR-US: Foxit PhantomPDF
 CVE-2019-17135 (This vulnerability allows remote attackers to execute arbitrary code o ...)
-	TODO: check
+	NOT-FOR-US: Foxit PhantomPDF
 CVE-2019-17134 (Amphora Images in OpenStack Octavia &gt;=0.10.0 &lt;2.1.2, &gt;=3.0.0  ...)
 	- octavia 4.0.0-6 (bug #941897)
 	[buster] - octavia <no-dsa> (Minor issue in regular setups, can be fixed via point release)
@@ -10665,7 +10665,7 @@ CVE-2019-16157
 CVE-2019-16156
 	RESERVED
 CVE-2019-16155 (A privilege escalation vulnerability in FortiClient for Linux 6.2.1 an ...)
-	TODO: check
+	NOT-FOR-US: Fortiguard FortiClient
 CVE-2019-16154 (An improper neutralization of input during web page generation in Fort ...)
 	NOT-FOR-US: FortiAuthenticator WEB UI
 CVE-2019-16153 (A hard-coded password vulnerability in the Fortinet FortiSIEM database ...)
@@ -16186,7 +16186,7 @@ CVE-2019-14090
 CVE-2019-14089
 	RESERVED
 CVE-2019-14088 (Possible use after free issue while CRM is accessing the link pointer  ...)
-	TODO: check
+	NOT-FOR-US: Snapdragon
 CVE-2019-14087
 	RESERVED
 CVE-2019-14086
@@ -16236,23 +16236,23 @@ CVE-2019-14065
 CVE-2019-14064
 	RESERVED
 CVE-2019-14063 (Out of bound access due to Invalid inputs to dapm mux settings which r ...)
-	TODO: check
+	NOT-FOR-US: Snapdragon
 CVE-2019-14062
 	RESERVED
 CVE-2019-14061
 	RESERVED
 CVE-2019-14060 (Uninitialized stack data gets used If memory is not allocated for blob ...)
-	TODO: check
+	NOT-FOR-US: Snapdragon
 CVE-2019-14059
 	RESERVED
 CVE-2019-14058
 	RESERVED
 CVE-2019-14057 (Buffer Over read of codec private data while parsing an mkv file due t ...)
-	TODO: check
+	NOT-FOR-US: Snapdragon
 CVE-2019-14056
 	RESERVED
 CVE-2019-14055 (Possibility of use-after-free and double free because of not marking b ...)
-	TODO: check
+	NOT-FOR-US: Snapdragon
 CVE-2019-14054
 	RESERVED
 CVE-2019-14053
@@ -16260,29 +16260,29 @@ CVE-2019-14053
 CVE-2019-14052
 	RESERVED
 CVE-2019-14051 (Subsequent additions performed during Module loading while allocating  ...)
-	TODO: check
+	NOT-FOR-US: Snapdragon
 CVE-2019-14050
 	RESERVED
 CVE-2019-14049 (Stage-2 fault will occur while writing to an ION system allocation whi ...)
-	TODO: check
+	NOT-FOR-US: Snapdragon
 CVE-2019-14048
 	RESERVED
 CVE-2019-14047
 	RESERVED
 CVE-2019-14046 (Out of bound access while allocating memory for an array in camera due ...)
-	TODO: check
+	NOT-FOR-US: Snapdragon
 CVE-2019-14045
 	RESERVED
 CVE-2019-14044 (Out of bound access due to access of uninitialized memory segment in a ...)
-	TODO: check
+	NOT-FOR-US: Snapdragon
 CVE-2019-14043
 	RESERVED
 CVE-2019-14042
 	RESERVED
 CVE-2019-14041 (During listener modified response processing, a buffer overrun occurs  ...)
-	TODO: check
+	NOT-FOR-US: Snapdragon
 CVE-2019-14040 (Using memory after being freed in qsee due to wrong implementation can ...)
-	TODO: check
+	NOT-FOR-US: Snapdragon
 CVE-2019-14039
 	RESERVED
 CVE-2019-14038
@@ -18136,9 +18136,9 @@ CVE-2019-13336 (The dbell Wi-Fi Smart Video Doorbell DB01-S Gen 1 allows remote
 CVE-2019-13335 (SalesAgility SuiteCRM 7.10.x 7.10.19 and 7.11.x before and 7.11.7 has  ...)
 	NOT-FOR-US: SalesAgility SuiteCRM
 CVE-2019-13334 (This vulnerability allows remote attackers to execute arbitrary code o ...)
-	TODO: check
+	NOT-FOR-US: Foxit PhantomPDF
 CVE-2019-13333 (This vulnerability allows remote attackers to execute arbitrary code o ...)
-	TODO: check
+	NOT-FOR-US: Foxit PhantomPDF
 CVE-2019-13332 (This vulnerability allows remote attackers to execute arbitrary code o ...)
 	NOT-FOR-US: Foxit Reader
 CVE-2019-13331 (This vulnerability allows remote attackers to execute arbitrary code o ...)
@@ -18631,7 +18631,7 @@ CVE-2019-13164 (qemu-bridge-helper.c in QEMU 4.0.0 does not ensure that a networ
 	NOTE: https://lists.gnu.org/archive/html/qemu-devel/2019-07/msg00245.html
 	NOTE: https://git.qemu.org/?p=qemu.git;a=commitdiff;h=6f5d8671225dc77190647f18a27a0d156d4ca97a
 CVE-2019-13163 (The Fujitsu TLS library allows a man-in-the-middle attack. This affect ...)
-	TODO: check
+	NOT-FOR-US: Fujitsu
 CVE-2019-13162
 	RESERVED
 CVE-2019-13161 (An issue was discovered in Asterisk Open Source through 13.27.0, 14.x  ...)
@@ -25673,7 +25673,7 @@ CVE-2019-10592 (Possible integer overflow while multiplying two integers of 32 b
 CVE-2019-10591
 	RESERVED
 CVE-2019-10590 (Out of bound access while parsing dts atom, which is non-standard as i ...)
-	TODO: check
+	NOT-FOR-US: Snapdragon
 CVE-2019-10589
 	RESERVED
 CVE-2019-10588
@@ -25719,7 +25719,7 @@ CVE-2019-10569
 CVE-2019-10568
 	RESERVED
 CVE-2019-10567 (There is a way to deceive the GPU kernel driver into thinking there is ...)
-	TODO: check
+	NOT-FOR-US: Snapdragon
 CVE-2019-10566 (Buffer overflow can occur in wlan module if supported rates or extende ...)
 	NOT-FOR-US: Snapdragon
 CVE-2019-10565 (Double free issue can happen when sensor power settings is freed by so ...)