summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorSalvatore Bonaccorso <carnil@debian.org>2021-12-02 21:17:35 +0100
committerSalvatore Bonaccorso <carnil@debian.org>2021-12-02 21:17:35 +0100
commit976870281f2907e7b74e541f45bbec785ab4170f (patch)
tree3529c73774c827211480603d2861f3c91d313765
parentbc96bb8d72a17687611a33628b2e3b211b407263 (diff)
Process NFUs
-rw-r--r--data/CVE/2015.list4
-rw-r--r--data/CVE/2020.list2
-rw-r--r--data/CVE/2021.list36
3 files changed, 21 insertions, 21 deletions
diff --git a/data/CVE/2015.list b/data/CVE/2015.list
index 2d038fb128..4094dbaff7 100644
--- a/data/CVE/2015.list
+++ b/data/CVE/2015.list
@@ -1,7 +1,7 @@
CVE-2015-20106 (The ClickBank Affiliate Ads WordPress plugin through 1.20 does not esc ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2015-20105 (The ClickBank Affiliate Ads WordPress plugin through 1.20 does not hav ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2015-10001 (The WP-Stats WordPress plugin before 2.52 does not have CSRF check whe ...)
NOT-FOR-US: WordPress plugin
CVE-2015-20067 (The WP Attachment Export WordPress plugin before 0.2.4 does not have p ...)
diff --git a/data/CVE/2020.list b/data/CVE/2020.list
index 4ba70bea6d..e65887ca97 100644
--- a/data/CVE/2020.list
+++ b/data/CVE/2020.list
@@ -9010,7 +9010,7 @@ CVE-2020-27416
CVE-2020-27415
RESERVED
CVE-2020-27414 (Mahavitaran android application 7.50 and prior transmit sensitive info ...)
- TODO: check
+ NOT-FOR-US: Mahavitaran android application
CVE-2020-27413
RESERVED
CVE-2020-27412
diff --git a/data/CVE/2021.list b/data/CVE/2021.list
index e7649d972f..6e11c163e6 100644
--- a/data/CVE/2021.list
+++ b/data/CVE/2021.list
@@ -21,7 +21,7 @@ CVE-2021-44520
CVE-2021-44519
RESERVED
CVE-2021-44518 (An issue was discovered in the eGeeTouch 3rd Generation Travel Padlock ...)
- TODO: check
+ NOT-FOR-US: eGeeTouch 3rd Generation Travel Padlock application for Android
CVE-2021-44517
RESERVED
CVE-2021-44516
@@ -1098,7 +1098,7 @@ CVE-2021-44052
CVE-2021-44051
RESERVED
CVE-2021-44050 (CA Network Flow Analysis (NFA) 21.2.1 and earlier contain a SQL inject ...)
- TODO: check
+ NOT-FOR-US: CA Network Flow Analysis (NFA)
CVE-2021-44049
RESERVED
CVE-2021-44048
@@ -1680,7 +1680,7 @@ CVE-2021-43797
CVE-2021-43796
RESERVED
CVE-2021-43795 (Armeria is an open source microservice framework. In affected versions ...)
- TODO: check
+ NOT-FOR-US: Armeria
CVE-2021-43794 (Discourse is an open source discussion platform. In affected versions ...)
NOT-FOR-US: Discourse
CVE-2021-43793 (Discourse is an open source discussion platform. In affected versions ...)
@@ -1920,7 +1920,7 @@ CVE-2021-43688
CVE-2021-43687 (chamilo-lms v1.11.14 is affected by a Cross Site Scripting (XSS) vulne ...)
NOT-FOR-US: Chamilo-lms
CVE-2021-43686 (nZEDb v0.4.20 is affected by a Cross Site Scripting (XSS) vulnerabilit ...)
- TODO: check
+ NOT-FOR-US: nZEDb
CVE-2021-43685 (libretime hv3.0.0-alpha.10 is affected by a path manipulation vulnerab ...)
TODO: check
CVE-2021-43684
@@ -1930,11 +1930,11 @@ CVE-2021-43683 (pictshare v1.5 is affected by a Cross Site Scripting (XSS) vulne
CVE-2021-43682 (thinkphp-bjyblog (last update Jun 4 2021) is affected by a Cross Site ...)
TODO: check
CVE-2021-43681 (SakuraPanel v1.0.1.1 is affected by a Cross Site Scripting (XSS) vulne ...)
- TODO: check
+ NOT-FOR-US: SakuraPanel
CVE-2021-43680
RESERVED
CVE-2021-43679 (ecshop v2.7.3 is affected by a SQL injection vulnerability in shopex\e ...)
- TODO: check
+ NOT-FOR-US: ecshop
CVE-2021-43678
RESERVED
CVE-2021-43677
@@ -2204,7 +2204,7 @@ CVE-2021-3946
CVE-2021-3945 (django-helpdesk is vulnerable to Improper Neutralization of Input Duri ...)
NOT-FOR-US: django-helpdesk
CVE-2021-3944 (bookstack is vulnerable to Cross-Site Request Forgery (CSRF) ...)
- TODO: check
+ NOT-FOR-US: bookstack
CVE-2021-3943 (A flaw was found in Moodle in versions 3.11 to 3.11.3, 3.10 to 3.10.7, ...)
- moodle <removed>
CVE-2021-43575 (** DISPUTED ** KNX ETS6 through 6.0.0 uses the hard-coded password ETS ...)
@@ -9826,9 +9826,9 @@ CVE-2021-40336
CVE-2021-40335
RESERVED
CVE-2021-40334 (Missing Handler vulnerability in the proprietary management protocol ( ...)
- TODO: check
+ NOT-FOR-US: Hitachi
CVE-2021-40333 (Weak Password Requirements vulnerability in Hitachi Energy FOX61x, XCM ...)
- TODO: check
+ NOT-FOR-US: Hitachi
CVE-2021-40332
RESERVED
CVE-2021-3759 [unaccounted ipc objects in Linux kernel lead to breaking memcg limits and DoS attacks]
@@ -12223,7 +12223,7 @@ CVE-2021-3727 (# Vulnerability in `rand-quote` and `hitokoto` plugins **Descript
CVE-2021-3726 (# Vulnerability in `title` function **Description**: the `title` funct ...)
TODO: check
CVE-2021-3725 (Vulnerability in dirhistory plugin Description: the widgets that go ba ...)
- TODO: check
+ NOT-FOR-US: ohmyzsh
CVE-2021-3724
RESERVED
NOT-FOR-US: Red Hat Serverless
@@ -42393,7 +42393,7 @@ CVE-2021-26779
CVE-2021-26778
RESERVED
CVE-2021-26777 (Buffer overflow vulnerability in function SetFirewall in index.cgi in ...)
- TODO: check
+ NOT-FOR-US: CIRCUTOR COMPACT DC-S BASIC smart metering concentrator Firwmare
CVE-2021-26776 (CSZ CMS 1.2.9 is affected by a cross-site scripting (XSS) vulnerabilit ...)
NOT-FOR-US: CSZ CMS
CVE-2021-26775
@@ -44420,7 +44420,7 @@ CVE-2021-25969 (In Camaleon CMS application, versions 0.0.1 to 2.6.0 are vulnera
CVE-2021-25968 (In &#8220;OpenCMS&#8221;, versions 10.5.0 to 11.0.2 are affected by a ...)
NOT-FOR-US: OpenCMS
CVE-2021-25967 (In CKAN, versions 2.9.0 to 2.9.3 are affected by a stored XSS vulnerab ...)
- TODO: check
+ NOT-FOR-US: CKAN
CVE-2021-25966 (In &#8220;Orchard core CMS&#8221; application, versions 1.0.0-beta1-33 ...)
NOT-FOR-US: Orchard CMS
CVE-2021-25965 (In Calibre-web, versions 0.6.0 to 0.6.13 are vulnerable to Cross-Site ...)
@@ -50698,17 +50698,17 @@ CVE-2021-23265
CVE-2021-23264 (Installations, where crafter-search is not protected, allow unauthenti ...)
TODO: check
CVE-2021-23263 (Unauthenticated remote attackers can read textual content via FreeMark ...)
- TODO: check
+ NOT-FOR-US: Crafter CMS
CVE-2021-23262 (Authenticated administrators may modify the main YAML configuration fi ...)
- TODO: check
+ NOT-FOR-US: Crafter CMS
CVE-2021-23261 (Authenticated administrators may override the system configuration fil ...)
- TODO: check
+ NOT-FOR-US: Crafter CMS
CVE-2021-23260 (Authenticated users with Site roles may inject XSS scripts via file na ...)
- TODO: check
+ NOT-FOR-US: Crafter CMS
CVE-2021-23259 (Authenticated users with Administrator or Developer roles may execute ...)
- TODO: check
+ NOT-FOR-US: Crafter CMS
CVE-2021-23258 (Authenticated users with Administrator or Developer roles may execute ...)
- TODO: check
+ NOT-FOR-US: Crafter CMS
CVE-2021-23257
RESERVED
CVE-2021-23256

© 2014-2022 Faster IT GmbH | imprint | privacy policy