From 2f3676786c52622c7e6bd2d1527b83d016613919 Mon Sep 17 00:00:00 2001 From: Salvatore Bonaccorso Date: Fri, 5 Mar 2021 09:23:12 +0100 Subject: Process more NFUs --- data/CVE/2020.list | 2 +- data/CVE/2021.list | 22 +++++++++++----------- 2 files changed, 12 insertions(+), 12 deletions(-) diff --git a/data/CVE/2020.list b/data/CVE/2020.list index cf23d7f2fd..cdb0da2dea 100644 --- a/data/CVE/2020.list +++ b/data/CVE/2020.list @@ -1,5 +1,5 @@ CVE-2020-36255 (An issue was discovered in IdentityModel (aka ScottBrady.IdentityModel ...) - TODO: check + NOT-FOR-US: ScottBrady.IdentityModel CVE-2020-35358 RESERVED CVE-2020-36254 (scp.c in Dropbear before 2020.79 mishandles the filename of . or an em ...) diff --git a/data/CVE/2021.list b/data/CVE/2021.list index d7bbbd67d1..2f9546bba6 100644 --- a/data/CVE/2021.list +++ b/data/CVE/2021.list @@ -1,9 +1,9 @@ CVE-2021-27965 (The MsIo64.sys driver before 1.1.19.1016 in MSI Dragon Center before 2 ...) - TODO: check + NOT-FOR-US: MSI Dragon Center CVE-2021-27964 (SonLogger before 6.4.1 is affected by Unauthenticated Arbitrary File U ...) - TODO: check + NOT-FOR-US: SonLogger CVE-2021-27963 (SonLogger before 6.4.1 is affected by user creation with any user perm ...) - TODO: check + NOT-FOR-US: SonLogger CVE-2021-27962 RESERVED CVE-2021-27961 @@ -1373,7 +1373,7 @@ CVE-2021-27316 CVE-2021-27315 RESERVED CVE-2021-27314 (SQL injection in admin.php in doctor appointment system 1.0 allows an ...) - TODO: check + NOT-FOR-US: doctor appointment system CVE-2021-27313 RESERVED CVE-2021-27312 @@ -2068,9 +2068,9 @@ CVE-2021-26991 CVE-2021-26990 RESERVED CVE-2021-26989 (Clustered Data ONTAP versions prior to 9.3P21, 9.5P16, 9.6P12, 9.7P9 a ...) - TODO: check + NOT-FOR-US: Clustered Data ONTAP CVE-2021-26988 (Clustered Data ONTAP versions prior to 9.3P21, 9.5P16, 9.6P12, 9.7P8 a ...) - TODO: check + NOT-FOR-US: Clustered Data ONTAP CVE-2021-26987 RESERVED CVE-2021-26986 @@ -5944,9 +5944,9 @@ CVE-2021-25350 CVE-2021-25349 RESERVED CVE-2021-25348 (Improper permission grant check in Samsung Internet prior to version 1 ...) - TODO: check + NOT-FOR-US: Samsung Internet CVE-2021-25347 (Hijacking vulnerability in Samsung Email application version prior to ...) - TODO: check + NOT-FOR-US: Samsung Email application CVE-2021-25346 (A possible arbitrary memory overwrite vulnerabilities in quram library ...) TODO: check CVE-2021-25345 (Graphic format mismatch while converting video format in hwcomposer pr ...) @@ -5974,11 +5974,11 @@ CVE-2021-25335 (Improper lockscreen status check in cocktailbar service in Samsu CVE-2021-25334 (Improper input check in wallpaper service in Samsung mobile devices pr ...) NOT-FOR-US: Samsung mobile devices CVE-2021-25333 (Improper access control in Samsung Pay mini application prior to v4.0. ...) - TODO: check + NOT-FOR-US: Samsung Pay mini application CVE-2021-25332 (Improper access control in Samsung Pay mini application prior to v4.0. ...) - TODO: check + NOT-FOR-US: Samsung Pay mini application CVE-2021-25331 (Improper access control in Samsung Pay mini application prior to v4.0. ...) - TODO: check + NOT-FOR-US: Samsung Pay mini application CVE-2021-25330 (Calling of non-existent provider in MobileWips application prior to SM ...) NOT-FOR-US: MobileWips application CVE-2021-3184 (MISP 2.4.136 has XSS via a crafted URL to the app/View/Elements/global ...) -- cgit v1.2.3