diff options
| author | Salvatore Bonaccorso <carnil@debian.org> | 2021-02-03 21:49:17 +0100 |
|---|---|---|
| committer | Salvatore Bonaccorso <carnil@debian.org> | 2021-02-03 21:49:17 +0100 |
| commit | eff253a19c045d6c71777b5a9b4f093acc132182 (patch) | |
| tree | b23cc81794d46889fc1efc59d7fd5a2a62fd3593 | |
| parent | f43ef6f90ac1ecbd354c905b9b425e4230f97e2c (diff) | |
Process some NFUs
| -rw-r--r-- | data/CVE/2019.list | 2 | ||||
| -rw-r--r-- | data/CVE/2020.list | 22 | ||||
| -rw-r--r-- | data/CVE/2021.list | 6 |
3 files changed, 15 insertions, 15 deletions
diff --git a/data/CVE/2019.list b/data/CVE/2019.list index 70856db57f..78becbe43e 100644 --- a/data/CVE/2019.list +++ b/data/CVE/2019.list @@ -11800,7 +11800,7 @@ CVE-2019-16270 CVE-2019-16269 RESERVED CVE-2019-16268 (Zoho ManageEngine Remote Access Plus 10.0.259 allows HTML injection vi ...) - TODO: check + NOT-FOR-US: Zoho ManageEngine Remote Access Plus CVE-2019-16267 RESERVED CVE-2019-16266 diff --git a/data/CVE/2020.list b/data/CVE/2020.list index 49fb49195f..3db28422ca 100644 --- a/data/CVE/2020.list +++ b/data/CVE/2020.list @@ -1834,9 +1834,9 @@ CVE-2020-35484 CVE-2020-35483 (AnyDesk before 6.1.0 on Windows, when run in portable mode on a system ...) NOT-FOR-US: AnyDesk CVE-2020-35482 (SolarWinds Serv-U before 15.2.2 allows authenticated reflected XSS. ...) - TODO: check + NOT-FOR-US: SolarWinds CVE-2020-35481 (SolarWinds Serv-U before 15.2.2 allows Unauthenticated Macro Injection ...) - TODO: check + NOT-FOR-US: SolarWinds CVE-2020-35480 (An issue was discovered in MediaWiki before 1.35.1. Missing users (acc ...) {DSA-4816-1 DLA-2504-1} - mediawiki 1:1.35.1-1 @@ -4539,7 +4539,7 @@ CVE-2020-28896 (Mutt before 2.0.2 and NeoMutt before 2020-11-20 did not ensure t NOTE: https://gitlab.com/muttmua/mutt/-/commit/04b06aaa3e0cc0022b9b01dbca2863756ebbf59a NOTE: https://github.com/neomutt/neomutt/commit/9c36717a3e2af1f2c1b7242035455ec8112b4b06 CVE-2020-28895 (In Wind River VxWorks, memory allocator has a possible overflow in cal ...) - TODO: check + NOT-FOR-US: Wind River VxWorks CVE-2020-28894 RESERVED CVE-2020-28893 @@ -5030,7 +5030,7 @@ CVE-2020-28655 CVE-2020-28654 RESERVED CVE-2020-28653 (Zoho ManageEngine OpManager Stable build before 125203 (and Released b ...) - TODO: check + NOT-FOR-US: Zoho ManageEngine OpManager Stable CVE-2020-28652 RESERVED CVE-2020-28651 @@ -6133,7 +6133,7 @@ CVE-2020-28146 CVE-2020-28145 RESERVED CVE-2020-28144 (Certain Moxa Inc products are affected by an improper restriction of o ...) - TODO: check + NOT-FOR-US: Moxa CVE-2020-28143 RESERVED CVE-2020-28142 @@ -6480,7 +6480,7 @@ CVE-2020-28003 CVE-2020-28002 (In SonarQube 8.4.2.36762, an external attacker can achieve authenticat ...) NOT-FOR-US: SonarQube CVE-2020-28001 (SolarWinds Serv-U before 15.2.2 allows Authenticated Stored XSS. ...) - TODO: check + NOT-FOR-US: SolarWinds CVE-2020-28000 RESERVED CVE-2020-27999 @@ -6494,7 +6494,7 @@ CVE-2020-27996 (An issue was discovered in SmartStoreNET before 4.0.1. It does n CVE-2020-27995 (SQL Injection in Zoho ManageEngine Applications Manager 14 before 1456 ...) NOT-FOR-US: Zoho ManageEngine CVE-2020-27994 (SolarWinds Serv-U before 15.2.2 allows Authenticated Directory Travers ...) - TODO: check + NOT-FOR-US: SolarWinds CVE-2020-27993 (Hrsale 2.0.0 allows download?type=files&filename=../ directory tra ...) NOT-FOR-US: Hrsale CVE-2020-27992 (Dr.Fone 3.0.0 allows local users to gain privileges via a Trojan horse ...) @@ -50803,9 +50803,9 @@ CVE-2020-8591 (eG Manager 7.1.2 allows authentication bypass via a com.egurkha.E CVE-2020-8590 RESERVED CVE-2020-8589 (Clustered Data ONTAP versions prior to 9.3P20 and 9.5P15 are susceptib ...) - TODO: check + NOT-FOR-US: Clustered Data ONTAP CVE-2020-8588 (Clustered Data ONTAP versions prior to 9.3P20 and 9.5P15 are susceptib ...) - TODO: check + NOT-FOR-US: Clustered Data ONTAP CVE-2020-8587 RESERVED CVE-2020-8586 @@ -64807,9 +64807,9 @@ CVE-2020-2509 CVE-2020-2508 (A command injection vulnerability has been reported to affect QTS and ...) NOT-FOR-US: QNAP CVE-2020-2507 (The vulnerability have been reported to affect earlier versions of QTS ...) - TODO: check + NOT-FOR-US: QNAP CVE-2020-2506 (The vulnerability have been reported to affect earlier versions of QTS ...) - TODO: check + NOT-FOR-US: QNAP CVE-2020-2505 (If exploited, this vulnerability could allow attackers to gain sensiti ...) NOT-FOR-US: QNAP CVE-2020-2504 (If exploited, this absolute path traversal vulnerability could allow a ...) diff --git a/data/CVE/2021.list b/data/CVE/2021.list index a05b3d01eb..3882d915f8 100644 --- a/data/CVE/2021.list +++ b/data/CVE/2021.list @@ -3359,11 +3359,11 @@ CVE-2021-25278 CVE-2021-25277 RESERVED CVE-2021-25276 (In SolarWinds Serv-U before 15.2.2 Hotfix 1, there is a directory cont ...) - TODO: check + NOT-FOR-US: SolarWinds CVE-2021-25275 (SolarWinds Orion Platform before 2020.2.4, as used by various SolarWin ...) - TODO: check + NOT-FOR-US: SolarWinds CVE-2021-25274 (The Collector Service in SolarWinds Orion Platform before 2020.2.4 use ...) - TODO: check + NOT-FOR-US: SolarWinds CVE-2021-3159 RESERVED CVE-2021-25273 |