Process NFUs

4 files changed, 47 insertions, 47 deletions

diff --git a/data/CVE/2019.list b/data/CVE/2019.list
index 10ff12d5d4..e81f6bdfa9 100644
--- a/data/CVE/2019.list
+++ b/data/CVE/2019.list
@@ -10736,7 +10736,7 @@ CVE-2019-16865 (An issue was discovered in Pillow before 6.2.0. When reading spe
 	NOTE: https://github.com/python-pillow/Pillow/commit/b9693a51c99c260bd66d1affeeab4a226cf7e5a5
 	NOTE: https://github.com/python-pillow/Pillow/commit/cc16025e234b7a7a4dd3a86d2fdc0980698db9cc
 CVE-2019-16864 (CompleteFTPService.exe in the server in EnterpriseDT CompleteFTP befor ...)
-	TODO: check
+	NOT-FOR-US: EnterpriseDT CompleteFTP
 CVE-2019-16863 (STMicroelectronics ST33TPHF2ESPI TPM devices before 2019-09-12 allow a ...)
 	NOT-FOR-US: STMicroelectronics
 CVE-2019-16862 (Reflected XSS in interface/forms/eye_mag/view.php in OpenEMR 5.x befor ...)
diff --git a/data/CVE/2020.list b/data/CVE/2020.list
index 9586b3dc9c..3c7b9765c4 100644
--- a/data/CVE/2020.list
+++ b/data/CVE/2020.list
@@ -57071,17 +57071,17 @@ CVE-2020-6924
 CVE-2020-6923
 	RESERVED
 CVE-2020-6922 (Potential security vulnerabilities including compromise of integrity,  ...)
-	TODO: check
+	NOT-FOR-US: HP
 CVE-2020-6921 (Potential security vulnerabilities including compromise of integrity,  ...)
-	TODO: check
+	NOT-FOR-US: HP
 CVE-2020-6920 (Potential security vulnerabilities including compromise of integrity,  ...)
-	TODO: check
+	NOT-FOR-US: HP
 CVE-2020-6919 (Potential security vulnerabilities including compromise of integrity,  ...)
-	TODO: check
+	NOT-FOR-US: HP
 CVE-2020-6918 (Potential security vulnerabilities including compromise of integrity,  ...)
-	TODO: check
+	NOT-FOR-US: HP
 CVE-2020-6917 (Potential security vulnerabilities including compromise of integrity,  ...)
-	TODO: check
+	NOT-FOR-US: HP
 CVE-2020-6916
 	RESERVED
 CVE-2020-6915
diff --git a/data/CVE/2021.list b/data/CVE/2021.list
index 2aa2249428..7167fb8466 100644
--- a/data/CVE/2021.list
+++ b/data/CVE/2021.list
@@ -690,7 +690,7 @@ CVE-2021-46390
 CVE-2021-46389 (IIPImage High Resolution Streaming Image Server prior to commit 882925 ...)
 	NOT-FOR-US: IIPImage High Resolution Streaming Image Server
 CVE-2021-46388 (WAGO 750-8212 PFC200 G2 2ETH RS Firmware version 03.05.10(17) is affec ...)
-	TODO: check
+	NOT-FOR-US: WAGO
 CVE-2021-46387
 	RESERVED
 CVE-2021-46386 (https://gitee.com/mingSoft/MCMS MCMS <=5.2.5 is affected by: File U ...)
@@ -3352,7 +3352,7 @@ CVE-2021-45393
 CVE-2021-45392 (A Buffer Overflow vulnerability exists in Tenda Router AX12 V22.03.01. ...)
 	NOT-FOR-US: Tenda
 CVE-2021-45391 (A Buffer Overflow vulnerability exists in Tenda Router AX12 V22.03.01. ...)
-	TODO: check
+	NOT-FOR-US: Tenda
 CVE-2021-45390
 	RESERVED
 CVE-2021-45389 (StarWind SAN & NAS build 1578 and StarWind Command Center Build 68 ...)
@@ -18625,15 +18625,15 @@ CVE-2021-39303 (The server in Jamf Pro before 10.32.0 has an SSRF vulnerability,
 CVE-2021-39302 (MISP 2.4.148, in certain configurations, allows SQL injection via the  ...)
 	NOT-FOR-US: MISP
 CVE-2021-39301 (Potential vulnerabilities have been identified in UEFI firmware (BIOS) ...)
-	TODO: check
+	NOT-FOR-US: HP
 CVE-2021-39300 (Potential vulnerabilities have been identified in UEFI firmware (BIOS) ...)
-	TODO: check
+	NOT-FOR-US: HP
 CVE-2021-39299 (Potential vulnerabilities have been identified in UEFI firmware (BIOS) ...)
-	TODO: check
+	NOT-FOR-US: HP
 CVE-2021-39298 (Potential vulnerabilities have been identified in UEFI firmware (BIOS) ...)
-	TODO: check
+	NOT-FOR-US: HP
 CVE-2021-39297 (Potential vulnerabilities have been identified in UEFI firmware (BIOS) ...)
-	TODO: check
+	NOT-FOR-US: HP
 CVE-2021-39296 (In OpenBMC 2.9, crafted IPMI messages allow an attacker to bypass auth ...)
 	NOT-FOR-US: OpenBMC
 CVE-2021-39295
@@ -60344,7 +60344,7 @@ CVE-2021-22052
 CVE-2021-22051 (Applications using Spring Cloud Gateway are vulnerable to specifically ...)
 	NOT-FOR-US: Spring Cloud Gateway
 CVE-2021-22050 (ESXi contains a slow HTTP POST denial-of-service vulnerability in rhtt ...)
-	TODO: check
+	NOT-FOR-US: VMware
 CVE-2021-22049 (The vSphere Web Client (FLEX/Flash) contains an SSRF (Server Side Requ ...)
 	NOT-FOR-US: VMware
 CVE-2021-22048 (The vCenter Server contains a privilege escalation vulnerability in th ...)
@@ -60358,13 +60358,13 @@ CVE-2021-22045 (VMware ESXi (7.0, 6.7 before ESXi670-202111101-SG and 6.5 before
 CVE-2021-22044 (In Spring Cloud OpenFeign 3.0.0 to 3.0.4, 2.2.0.RELEASE to 2.2.9.RELEA ...)
 	NOT-FOR-US: Spring Cloud OpenFeign
 CVE-2021-22043 (VMware ESXi contains a TOCTOU (Time-of-check Time-of-use) vulnerabilit ...)
-	TODO: check
+	NOT-FOR-US: VMware
 CVE-2021-22042 (VMware ESXi contains an unauthorized access vulnerability due to VMX h ...)
-	TODO: check
+	NOT-FOR-US: VMware
 CVE-2021-22041 (VMware ESXi, Workstation, and Fusion contain a double-fetch vulnerabil ...)
-	TODO: check
+	NOT-FOR-US: VMware
 CVE-2021-22040 (VMware ESXi, Workstation, and Fusion contain a use-after-free vulnerab ...)
-	TODO: check
+	NOT-FOR-US: VMware
 CVE-2021-22039
 	RESERVED
 CVE-2021-22038 (On Windows, the uninstaller binary copies itself to a fixed temporary  ...)
@@ -60534,7 +60534,7 @@ CVE-2021-21968 (A file write vulnerability exists in the OTA update task functio
 CVE-2021-21967
 	RESERVED
 CVE-2021-21966 (An information disclosure vulnerability exists in the HTTP Server /pin ...)
-	TODO: check
+	NOT-FOR-US: Texas Instruments
 CVE-2021-21965 (A denial of service vulnerability exists in the SeaMax remote configur ...)
 	NOT-FOR-US: Sealevel Systems
 CVE-2021-21964 (A denial of service vulnerability exists in the Modbus configuration f ...)
@@ -60550,7 +60550,7 @@ CVE-2021-21960 (A stack-based buffer overflow vulnerability exists in both the L
 CVE-2021-21959 (A misconfiguration exists in the MQTTS functionality of Sealevel Syste ...)
 	NOT-FOR-US: Sealevel Systems
 CVE-2021-21958 (A heap-based buffer overflow vulnerability exists in the Hword HwordAp ...)
-	TODO: check
+	NOT-FOR-US: Hancom Office 2020
 CVE-2021-21957 (A privilege escalation vulnerability exists in the Remote Server funct ...)
 	NOT-FOR-US: Dream Report ODS Remote Connector
 CVE-2021-21956
diff --git a/data/CVE/2022.list b/data/CVE/2022.list
index 2cb8c3aefd..5cfec9e8fc 100644
--- a/data/CVE/2022.list
+++ b/data/CVE/2022.list
@@ -1595,11 +1595,11 @@ CVE-2022-0516 [KVM: s390: Return error on SIDA memop on normal guest]
 	NOTE: Fixed by: https://git.kernel.org/linus/2c212e1baedcd782b2535a3f86bc491977677c0e
 	NOTE: https://www.openwall.com/lists/oss-security/2022/02/11/2
 CVE-2022-24665 (PHP Everywhere <= 2.0.3 included functionality that allowed executi ...)
-	TODO: check
+	NOT-FOR-US: PHP Everywhere
 CVE-2022-24664 (PHP Everywhere <= 2.0.3 included functionality that allowed executi ...)
-	TODO: check
+	NOT-FOR-US: PHP Everywhere
 CVE-2022-24663 (PHP Everywhere <= 2.0.3 included functionality that allowed executi ...)
-	TODO: check
+	NOT-FOR-US: PHP Everywhere
 CVE-2022-24662
 	RESERVED
 CVE-2022-24661
@@ -3155,7 +3155,7 @@ CVE-2022-24088
 CVE-2022-24087
 	RESERVED
 CVE-2022-24086 (Adobe Commerce versions 2.4.3-p1 (and earlier) and 2.3.7-p2 (and earli ...)
-	TODO: check
+	NOT-FOR-US: Adobe
 CVE-2022-24085
 	RESERVED
 CVE-2022-24084
@@ -4386,7 +4386,7 @@ CVE-2022-23646
 CVE-2022-23645
 	RESERVED
 CVE-2022-23644 (BookWyrm is a decentralized social network for tracking reading habits ...)
-	TODO: check
+	NOT-FOR-US: BookWyrm
 CVE-2022-23643 (Sourcegraph is a code search and navigation engine. Sourcegraph versio ...)
 	TODO: check
 CVE-2022-23642
@@ -5147,7 +5147,7 @@ CVE-2022-23360
 CVE-2022-23359
 	RESERVED
 CVE-2022-23358 (EasyCMS v1.6 allows for SQL injection via ArticlemAction.class.php. In ...)
-	TODO: check
+	NOT-FOR-US: EasyCMS
 CVE-2022-23357 (mozilo2.0 was discovered to be vulnerable to directory traversal attac ...)
 	TODO: check
 CVE-2022-23356
@@ -5656,43 +5656,43 @@ CVE-2022-23206 (In Apache Traffic Control Traffic Ops prior to 6.1.0 or 5.1.6, a
 CVE-2022-23205
 	RESERVED
 CVE-2022-23204 (Adobe Premiere Rush versions 2.0 and earlier are affected by an out-of ...)
-	TODO: check
+	NOT-FOR-US: Adobe
 CVE-2022-23203 (Adobe Photoshop versions 22.5.4 (and earlier) and 23.1 (and earlier) a ...)
-	TODO: check
+	NOT-FOR-US: Adobe
 CVE-2022-23202 (Adobe Creative Cloud Desktop version 2.7.0.13 (and earlier) is affecte ...)
-	TODO: check
+	NOT-FOR-US: Adobe
 CVE-2022-23201
 	RESERVED
 CVE-2022-23200 (Adobe After Effects versions 22.1.1 (and earlier) and 18.4.3 (and earl ...)
-	TODO: check
+	NOT-FOR-US: Adobe
 CVE-2022-23199 (Adobe Illustrator versions 25.4.3 (and earlier) and 26.0.2 (and earlie ...)
-	TODO: check
+	NOT-FOR-US: Adobe
 CVE-2022-23198 (Adobe Illustrator versions 25.4.3 (and earlier) and 26.0.2 (and earlie ...)
-	TODO: check
+	NOT-FOR-US: Adobe
 CVE-2022-23197 (Adobe Illustrator versions 25.4.3 (and earlier) and 26.0.2 (and earlie ...)
-	TODO: check
+	NOT-FOR-US: Adobe
 CVE-2022-23196 (Adobe Illustrator versions 25.4.3 (and earlier) and 26.0.2 (and earlie ...)
-	TODO: check
+	NOT-FOR-US: Adobe
 CVE-2022-23195 (Adobe Illustrator versions 25.4.3 (and earlier) and 26.0.2 (and earlie ...)
-	TODO: check
+	NOT-FOR-US: Adobe
 CVE-2022-23194 (Adobe Illustrator versions 25.4.3 (and earlier) and 26.0.2 (and earlie ...)
-	TODO: check
+	NOT-FOR-US: Adobe
 CVE-2022-23193 (Adobe Illustrator versions 25.4.3 (and earlier) and 26.0.2 (and earlie ...)
-	TODO: check
+	NOT-FOR-US: Adobe
 CVE-2022-23192 (Adobe Illustrator versions 25.4.3 (and earlier) and 26.0.2 (and earlie ...)
-	TODO: check
+	NOT-FOR-US: Adobe
 CVE-2022-23191 (Adobe Illustrator versions 25.4.3 (and earlier) and 26.0.2 (and earlie ...)
-	TODO: check
+	NOT-FOR-US: Adobe
 CVE-2022-23190 (Adobe Illustrator versions 25.4.3 (and earlier) and 26.0.2 (and earlie ...)
-	TODO: check
+	NOT-FOR-US: Adobe
 CVE-2022-23189 (Adobe Illustrator versions 25.4.3 (and earlier) and 26.0.2 (and earlie ...)
-	TODO: check
+	NOT-FOR-US: Adobe
 CVE-2022-23188 (Adobe Illustrator versions 25.4.3 (and earlier) and 26.0.2 (and earlie ...)
-	TODO: check
+	NOT-FOR-US: Adobe
 CVE-2022-23187
 	RESERVED
 CVE-2022-23186 (Adobe Illustrator versions 25.4.3 (and earlier) and 26.0.2 (and earlie ...)
-	TODO: check
+	NOT-FOR-US: Adobe
 CVE-2022-23185
 	RESERVED
 CVE-2022-23184 (In affected Octopus Server versions when the server HTTP and HTTPS bin ...)
@@ -6324,7 +6324,7 @@ CVE-2022-22947
 CVE-2022-22946
 	RESERVED
 CVE-2022-22945 (VMware NSX Edge contains a CLI shell injection vulnerability. A malici ...)
-	TODO: check
+	NOT-FOR-US: VMware
 CVE-2022-22944
 	RESERVED
 CVE-2022-22943
@@ -6541,7 +6541,7 @@ CVE-2022-22855
 CVE-2022-22854 (An access control issue in hprms/admin/?page=user/list of Hospital Pat ...)
 	NOT-FOR-US: Hospital Patient Record Management System
 CVE-2022-22853 (A stored cross-site scripting (XSS) vulnerability in Hospital Patient  ...)
-	TODO: check
+	NOT-FOR-US: Hospital Patient Record Management System
 CVE-2022-22852 (A Stored Cross Site Scripting (XSS) vulnerability exists in Sourcecodt ...)
 	NOT-FOR-US: Sourcecodtester
 CVE-2022-22851 (A Stored Cross Site Scripting (XSS) vulnerability exists in Sourcecodt ...)
@@ -6776,7 +6776,7 @@ CVE-2022-22794
 CVE-2022-22793
 	RESERVED
 CVE-2022-22792 (MobiSoft - MobiPlus User Take Over and Improper Handling of url Parame ...)
-	TODO: check
+	NOT-FOR-US: MobiSoft
 CVE-2022-22791 (SYNEL - eharmony Authenticated Blind & Stored XSS. Inject JS code  ...)
 	NOT-FOR-US: SYNEL
 CVE-2022-22790 (SYNEL - eharmony Directory Traversal. Directory Traversal - is an atta ...)