diff options
author | Salvatore Bonaccorso <carnil@debian.org> | 2020-12-31 16:41:03 +0100 |
---|---|---|
committer | Salvatore Bonaccorso <carnil@debian.org> | 2020-12-31 16:41:03 +0100 |
commit | d1479ffc243e20404808972046313bdc81fd678a (patch) | |
tree | 5d5e29dd7c22ad62be22058c88e18469d3f845e3 /data | |
parent | 3d4992882736f63f5d15369662724d6218dbbe81 (diff) |
Process some NFUs
Diffstat (limited to 'data')
-rw-r--r-- | data/CVE/2016.list | 10 | ||||
-rw-r--r-- | data/CVE/2018.list | 4 | ||||
-rw-r--r-- | data/CVE/2019.list | 6 | ||||
-rw-r--r-- | data/CVE/2020.list | 12 |
4 files changed, 16 insertions, 16 deletions
diff --git a/data/CVE/2016.list b/data/CVE/2016.list index 7a5b484ed8..255f11c3ee 100644 --- a/data/CVE/2016.list +++ b/data/CVE/2016.list @@ -6323,17 +6323,17 @@ CVE-2016-9028 (Unauthorized redirect vulnerability in Citrix NetScaler ADC befor CVE-2016-9027 RESERVED CVE-2016-9026 (Exponent CMS before 2.6.0 has improper input validation in fileControl ...) - TODO: check + NOT-FOR-US: Exponent CMS CVE-2016-9025 (Exponent CMS before 2.6.0 has improper input validation in purchaseOrd ...) - TODO: check + NOT-FOR-US: Exponent CMS CVE-2016-9024 RESERVED CVE-2016-9023 (Exponent CMS before 2.6.0 has improper input validation in cron/find_h ...) - TODO: check + NOT-FOR-US: Exponent CMS CVE-2016-9022 (Exponent CMS before 2.6.0 has improper input validation in usersContro ...) - TODO: check + NOT-FOR-US: Exponent CMS CVE-2016-9021 (Exponent CMS before 2.6.0 has improper input validation in storeContro ...) - TODO: check + NOT-FOR-US: Exponent CMS CVE-2016-9020 (SQL injection vulnerability in framework/modules/help/controllers/help ...) NOT-FOR-US: Exponent CMS CVE-2016-9019 (SQL injection vulnerability in the activate_address function in framew ...) diff --git a/data/CVE/2018.list b/data/CVE/2018.list index e0e99e7774..72d2042f74 100644 --- a/data/CVE/2018.list +++ b/data/CVE/2018.list @@ -12127,7 +12127,7 @@ CVE-2018-16797 (A heap-based buffer overflow in PotPlayerMini.exe in PotPlayer 1 CVE-2018-16796 (HiScout GRC Suite before 3.1.5 allows Unrestricted Upload of Files wit ...) NOT-FOR-US: HiScout GRC Suite CVE-2018-16795 (OpenEMR 5.0.1.3 allows Cross-Site Request Forgery (CSRF) via library/a ...) - TODO: check + NOT-FOR-US: OpenEMR CVE-2018-16794 (Microsoft ADFS 4.0 Windows Server 2016 and previous (Active Directory ...) NOT-FOR-US: Microsoft ADFS 4.0 Windows Server CVE-2018-16793 (Rollup 18 for Microsoft Exchange Server 2010 SP3 and previous versions ...) @@ -19247,7 +19247,7 @@ CVE-2018-14069 (An issue was discovered in SRCMS V2.3.1. There is a CSRF vulnera CVE-2018-14068 (An issue was discovered in SRCMS V2.3.1. There is a CSRF vulnerability ...) NOT-FOR-US: SRCMS CVE-2018-14067 (Green Packet WiMax DV-360 2.10.14-g1.0.6.1 devices allow Command Injec ...) - TODO: check + NOT-FOR-US: Green Packet WiMax DV-360 devices CVE-2018-14066 (The content://wappush content provider in com.android.provider.telepho ...) NOT-FOR-US: Lenovo CVE-2018-14065 (XMLReader.php in PHPOffice Common before 0.2.9 allows XXE. ...) diff --git a/data/CVE/2019.list b/data/CVE/2019.list index b3787aedc4..1e88c7b895 100644 --- a/data/CVE/2019.list +++ b/data/CVE/2019.list @@ -21282,7 +21282,7 @@ CVE-2019-12770 CVE-2019-12769 (SolarWinds Serv-U Managed File Transfer (MFT) Web client before 15.1.6 ...) NOT-FOR-US: SolarWinds CVE-2019-12768 (An issue was discovered on D-Link DAP-1650 devices through v1.03b07 be ...) - TODO: check + NOT-FOR-US: D-Link CVE-2019-12767 (An issue was discovered on D-Link DAP-1650 devices before 1.04B02_J65H ...) NOT-FOR-US: D-Link CVE-2019-12766 (An issue was discovered in Joomla! before 3.9.7. The subform fieldtype ...) @@ -35783,9 +35783,9 @@ CVE-2019-7728 (An issue was discovered in the Bosch Smart Camera App before 1.3. CVE-2019-7727 (In NICE Engage through 6.5, the default configuration binds an unauthe ...) NOT-FOR-US: NICE Engage CVE-2019-7726 (modules/banners/funcs/click.php in NukeViet before 4.3.04 has a SQL IN ...) - TODO: check + NOT-FOR-US: NukeViet CVE-2019-7725 (includes/core/is_user.php in NukeViet before 4.3.04 deserializes the u ...) - TODO: check + NOT-FOR-US: NukeViet CVE-2019-7724 RESERVED CVE-2019-7723 diff --git a/data/CVE/2020.list b/data/CVE/2020.list index 3d7032026a..1af64ab32e 100644 --- a/data/CVE/2020.list +++ b/data/CVE/2020.list @@ -164,7 +164,7 @@ CVE-2020-35776 CVE-2020-35775 RESERVED CVE-2020-35774 (server/handler/HistogramQueryHandler.scala in Twitter TwitterServer (a ...) - TODO: check + NOT-FOR-US: Twitter TwitterServer CVE-2020-35773 (The site-offline plugin before 1.4.4 for WordPress lacks certain wp_cr ...) NOT-FOR-US: site-offline plugin for WordPress CVE-2020-35772 @@ -242,7 +242,7 @@ CVE-2020-35738 (WavPack 5.3.0 has an out-of-bounds write in WavpackPackSamples i NOTE: https://github.com/dbry/WavPack/issues/91 NOTE: https://github.com/dbry/WavPack/commit/89df160596132e3bd666322e1c20b2ebd4b92cd0 CVE-2020-35737 (In Correspondence Management System (corms) in Newgen eGov 12.0, an at ...) - TODO: check + NOT-FOR-US: Correspondence Management System (corms) in Newgen eGov CVE-2020-35736 (GateOne 1.1 allows arbitrary file download without authentication via ...) NOT-FOR-US: GateOne CVE-2020-35735 (Vidyo 02-09-/D allows clickjacking via the portal/ URI. ...) @@ -5170,7 +5170,7 @@ CVE-2020-28097 CVE-2020-28096 (FOSCAM FHD X1 1.14.2.4 devices allow attackers (with physical UART acc ...) NOT-FOR-US: FOSCAM FHD CVE-2020-28095 (On Tenda AC1200 (Model AC6) 15.03.06.51_multi devices, a large HTTP PO ...) - TODO: check + NOT-FOR-US: Tenda CVE-2020-28094 (On Tenda AC1200 (Model AC6) 15.03.06.51_multi devices, the default set ...) NOT-FOR-US: Tenda CVE-2020-28093 (On Tenda AC1200 (Model AC6) 15.03.06.51_multi devices, admin, support, ...) @@ -23304,7 +23304,7 @@ CVE-2020-19666 CVE-2020-19665 RESERVED CVE-2020-19664 (DrayTek Vigor2960 1.5.1 allows remote command execution via shell meta ...) - TODO: check + NOT-FOR-US: DrayTek Vigor2960 CVE-2020-19663 RESERVED CVE-2020-19662 @@ -27991,7 +27991,7 @@ CVE-2020-17365 (Improper directory permissions in the Hotspot Shield VPN client CVE-2020-17364 (USVN (aka User-friendly SVN) before 1.0.9 allows XSS via SVN logs. ...) NOT-FOR-US: User-friendly SVN CVE-2020-17363 (USVN (aka User-friendly SVN) before 1.0.9 allows remote code execution ...) - TODO: check + NOT-FOR-US: User-friendly SVN CVE-2020-17362 (search.php in the Nova Lite theme before 1.3.9 for WordPress allows Re ...) NOT-FOR-US: Nova Lite theme for WordPress CVE-2020-17361 (** UNSUPPORTED WHEN ASSIGNED ** An issue was discovered in ReadyTalk A ...) @@ -37033,7 +37033,7 @@ CVE-2020-13656 (In Morgan Stanley Hobbes through 2020-05-21, the array implement CVE-2020-13655 (An issue was discovered in Collabtive 3.0 and later. managefile.php is ...) - collabtive <removed> CVE-2020-13654 (XWiki Platform before 12.8 mishandles escaping in the property display ...) - TODO: check + NOT-FOR-US: XWiki CVE-2020-13653 (An XSS vulnerability exists in the Webmail component of Zimbra Collabo ...) NOT-FOR-US: Zimbra CVE-2020-13652 (An issue was discovered in DigDash 2018R2 before p20200528, 2019R1 bef ...) |