Process some new NFUs

author: Salvatore Bonaccorso <carnil@debian.org> 2021-03-29 22:14:56 +0200
committer: Salvatore Bonaccorso <carnil@debian.org> 2021-03-29 22:14:56 +0200
commit: 96819c870c690cf60d513e2563e2e0f3f9b0d068 (patch)
tree: 7d355e653325a7f98c8727fe6f55d1749d6589b1
parent: 46b7f1f6ea0548bac08a539023d96f8c4da087ef (diff)
3 files changed, 13 insertions, 13 deletions
diff --git a/data/CVE/2019.list b/data/CVE/2019.list
index dd3a53e775..7388992526 100644
--- a/data/CVE/2019.list
+++ b/data/CVE/2019.list
@@ -41887,7 +41887,7 @@ CVE-2019-5319
 CVE-2019-5318
 	RESERVED
 CVE-2019-5317 (A local authentication bypass vulnerability was discovered in some Aru ...)
-	TODO: check
+	NOT-FOR-US: Aruba
 CVE-2019-5316
 	RESERVED
 CVE-2019-5315 (A command injection vulnerability is present in the web management int ...)
diff --git a/data/CVE/2020.list b/data/CVE/2020.list
index 1a54e4ed83..5d49c7a09e 100644
--- a/data/CVE/2020.list
+++ b/data/CVE/2020.list
@@ -13396,9 +13396,9 @@ CVE-2020-25219 (url::recvline in url.cpp in libproxy 0.4.x through 0.4.15 allows
 	NOTE: https://github.com/libproxy/libproxy/issues/134
 	NOTE: https://github.com/libproxy/libproxy/commit/a83dae404feac517695c23ff43ce1e116e2bfbe0
 CVE-2020-25218 (Grandstream GRP261x VoIP phone running firmware version 1.0.3.6 (Base) ...)
-	TODO: check
+	NOT-FOR-US: Grandstream GRP261x VoIP phone
 CVE-2020-25217 (Grandstream GRP261x VoIP phone running firmware version 1.0.3.6 (Base) ...)
-	TODO: check
+	NOT-FOR-US: Grandstream GRP261x VoIP phone
 CVE-2020-25216 (yWorks yEd Desktop before 3.20.1 allows code execution via an XSL Tran ...)
 	NOT-FOR-US: yWorks yEd Desktop
 CVE-2020-25215 (yWorks yEd Desktop before 3.20.1 allows XXE attacks via an XML or Grap ...)
@@ -14694,7 +14694,7 @@ CVE-2020-24637 (Two vulnerabilities in ArubaOS GRUB2 implementation allows for a
 CVE-2020-24636
 	RESERVED
 CVE-2020-24635 (A remote execution of arbitrary commands vulnerability was discovered  ...)
-	TODO: check
+	NOT-FOR-US: Aruba
 CVE-2020-24634 (An attacker is able to remotely inject arbitrary commands by sending e ...)
 	NOT-FOR-US: Aruba
 CVE-2020-24633 (There are multiple buffer overflow vulnerabilities that could lead to  ...)
@@ -53034,7 +53034,7 @@ CVE-2020-7852 (DaviewIndy has a Heap-based overflow vulnerability, triggered whe
 CVE-2020-7851
 	RESERVED
 CVE-2020-7850 (NBBDownloader.ocx ActiveX Control in Groupware contains a vulnerabilit ...)
-	TODO: check
+	NOT-FOR-US: NBBDownloader.ocx ActiveX Control in Groupware
 CVE-2020-7849 (A vulnerability of uPrism.io CURIX(Video conferecing solution) could a ...)
 	NOT-FOR-US: uPrism.io CURIX
 CVE-2020-7848 (The EFM ipTIME C200 IP Camera is affected by a Command Injection vulne ...)
diff --git a/data/CVE/2021.list b/data/CVE/2021.list
index 8e4557c9ba..0342a84ed9 100644
--- a/data/CVE/2021.list
+++ b/data/CVE/2021.list
@@ -1062,9 +1062,9 @@ CVE-2021-28939
 CVE-2021-28938
 	RESERVED
 CVE-2021-28937 (The /password.html page of the Web management interface of the Acexy W ...)
-	TODO: check
+	NOT-FOR-US: Acexy Wireless-N WiFi Repeater
 CVE-2021-28936 (The Acexy Wireless-N WiFi Repeater REV 1.0 (28.08.06.1) Web management ...)
-	TODO: check
+	NOT-FOR-US: Acexy Wireless-N WiFi Repeater
 CVE-2021-28935
 	RESERVED
 CVE-2021-28934
@@ -1598,13 +1598,13 @@ CVE-2021-28675
 CVE-2021-28674
 	RESERVED
 CVE-2021-28673 (Xerox Phaser 6510 before 64.61.23 and 64.59.11 (Bridge), WorkCentre 65 ...)
-	TODO: check
+	NOT-FOR-US: Xerox
 CVE-2021-28672
 	RESERVED
 CVE-2021-28671
 	RESERVED
 CVE-2021-28670 (Xerox AltaLink B8045/B8090 before 103.008.030.32000, C8030/C8035 befor ...)
-	TODO: check
+	NOT-FOR-US: Xerox
 CVE-2021-28669
 	RESERVED
 CVE-2021-28668
@@ -4555,7 +4555,7 @@ CVE-2021-27354
 CVE-2021-27353
 	RESERVED
 CVE-2021-27352 (An open redirect vulnerability in Ilch CMS version 2.1.42 allows attac ...)
-	TODO: check
+	NOT-FOR-US: Ilch CMS
 CVE-2021-27351 (The Terminate Session feature in the Telegram application through 7.2. ...)
 	- telegram-desktop 2.6.1-1
 	[buster] - telegram-desktop <not-affected> (Vulnerable code not present)
@@ -9820,9 +9820,9 @@ CVE-2021-25146
 CVE-2021-25145
 	RESERVED
 CVE-2021-25144 (A remote buffer overflow vulnerability was discovered in some Aruba In ...)
-	TODO: check
+	NOT-FOR-US: Aruba
 CVE-2021-25143 (A remote denial of service (dos) vulnerability was discovered in some  ...)
-	TODO: check
+	NOT-FOR-US: Aruba
 CVE-2021-25142 (The Baseboard Management Controller (BMC) firmware in HPE Apollo 70 Sy ...)
 	NOT-FOR-US: HPE
 CVE-2021-25141 (A security vulnerability has been identified in in certain HPE and Aru ...)
@@ -16996,7 +16996,7 @@ CVE-2021-21729
 CVE-2021-21728
 	RESERVED
 CVE-2021-21727 (A ZTE product has a DoS vulnerability. A remote attacker can amplify t ...)
-	TODO: check
+	NOT-FOR-US: ZTE
 CVE-2021-21726 (Some ZTE products have an input verification vulnerability in the diag ...)
 	NOT-FOR-US: ZTE
 CVE-2021-21725 (A ZTE product has an information leak vulnerability. An attacker with  ...)
author	Salvatore Bonaccorso <carnil@debian.org>	2021-03-29 22:14:56 +0200
committer	Salvatore Bonaccorso <carnil@debian.org>	2021-03-29 22:14:56 +0200
commit	96819c870c690cf60d513e2563e2e0f3f9b0d068 (patch)
tree	7d355e653325a7f98c8727fe6f55d1749d6589b1
parent	46b7f1f6ea0548bac08a539023d96f8c4da087ef (diff)