From 3e4e55930462adf5c8635b231df38989cd7d3af5 Mon Sep 17 00:00:00 2001 From: Moritz Muehlenhoff Date: Thu, 20 Jan 2022 14:23:27 +0100 Subject: NFUs --- data/CVE/2021.list | 10 +++--- data/CVE/2022.list | 94 +++++++++++++++++++++++++++--------------------------- 2 files changed, 52 insertions(+), 52 deletions(-) diff --git a/data/CVE/2021.list b/data/CVE/2021.list index d430405b8e..f8f64b6e1f 100644 --- a/data/CVE/2021.list +++ b/data/CVE/2021.list @@ -9331,9 +9331,9 @@ CVE-2021-42751 CVE-2021-42750 RESERVED CVE-2021-42749 (In Beaver Themer, attackers can bypass conditional logic controls (for ...) - TODO: check + NOT-FOR-US: Beaver CVE-2021-42748 (In Beaver Builder through 2.5.0.3, attackers can bypass the visibility ...) - TODO: check + NOT-FOR-US: Beaver CVE-2021-42747 RESERVED CVE-2021-42745 @@ -10726,7 +10726,7 @@ CVE-2021-42140 CVE-2021-42139 (Deno Standard Modules before 0.107.0 allows Code Injection via an untr ...) NOT-FOR-US: Deno CVE-2021-42138 (A user of a machine protected by SafeNet Agent for Windows Logon may l ...) - TODO: check + NOT-FOR-US: SafeNet CVE-2021-42137 (An issue was discovered in Zammad before 5.0.1. In some cases, there i ...) - zammad (bug #841355) CVE-2021-42136 @@ -12186,9 +12186,9 @@ CVE-2021-41553 (** UNSUPPORTED WHEN ASSIGNED ** In ARCHIBUS Web Central 21.3.3.8 CVE-2021-41552 RESERVED CVE-2021-41551 (Leostream Connection Broker 9.0.40.17 allows administrators to conduct ...) - TODO: check + NOT-FOR-US: Leostream Connection Broker CVE-2021-41550 (Leostream Connection Broker 9.0.40.17 allows administrator to upload a ...) - TODO: check + NOT-FOR-US: Leostream Connection Broker CVE-2021-41549 RESERVED CVE-2021-41548 diff --git a/data/CVE/2022.list b/data/CVE/2022.list index 1417347696..2a60c0d0c4 100644 --- a/data/CVE/2022.list +++ b/data/CVE/2022.list @@ -1857,9 +1857,9 @@ CVE-2022-23048 CVE-2022-23047 RESERVED CVE-2022-23046 (PhpIPAM v1.4.4 allows an authenticated admin user to inject SQL senten ...) - TODO: check + NOT-FOR-US: PhpIPAM CVE-2022-23045 (PhpIPAM v1.4.4 allows an authenticated admin user to inject persistent ...) - TODO: check + NOT-FOR-US: PhpIPAM CVE-2022-23044 RESERVED CVE-2022-23043 @@ -2508,7 +2508,7 @@ CVE-2022-22771 CVE-2022-22770 RESERVED CVE-2022-22769 (The Web server component of TIBCO Software Inc.'s TIBCO EBX, TIBCO EBX ...) - TODO: check + NOT-FOR-US: TIBCO CVE-2022-22768 RESERVED CVE-2022-22767 @@ -5851,19 +5851,19 @@ CVE-2022-21377 (Vulnerability in the Primavera Portfolio Management product of O CVE-2022-21376 (Vulnerability in the Primavera Portfolio Management product of Oracle ...) NOT-FOR-US: Oracle CVE-2022-21375 (Vulnerability in the Oracle Solaris product of Oracle Systems (compone ...) - TODO: check + NOT-FOR-US: Oracle CVE-2022-21374 (Vulnerability in the MySQL Server product of Oracle MySQL (component: ...) - mysql-8.0 CVE-2022-21373 (Vulnerability in the Oracle Partner Management product of Oracle E-Bus ...) - TODO: check + NOT-FOR-US: Oracle CVE-2022-21372 (Vulnerability in the MySQL Server product of Oracle MySQL (component: ...) - mysql-8.0 CVE-2022-21371 (Vulnerability in the Oracle WebLogic Server product of Oracle Fusion M ...) - TODO: check + NOT-FOR-US: Oracle CVE-2022-21370 (Vulnerability in the MySQL Server product of Oracle MySQL (component: ...) - mysql-8.0 CVE-2022-21369 (Vulnerability in the PeopleSoft Enterprise PeopleTools product of Orac ...) - TODO: check + NOT-FOR-US: Oracle CVE-2022-21368 (Vulnerability in the MySQL Server product of Oracle MySQL (component: ...) - mysql-8.0 CVE-2022-21367 (Vulnerability in the MySQL Server product of Oracle MySQL (component: ...) @@ -5877,19 +5877,19 @@ CVE-2022-21365 (Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise E - openjdk-11 11.0.14+9-1 - openjdk-17 CVE-2022-21364 (Vulnerability in the PeopleSoft Enterprise PeopleTools product of Orac ...) - TODO: check + NOT-FOR-US: Oracle CVE-2022-21363 (Vulnerability in the MySQL Connectors product of Oracle MySQL (compone ...) - mysql-8.0 CVE-2022-21362 (Vulnerability in the MySQL Server product of Oracle MySQL (component: ...) - mysql-8.0 CVE-2022-21361 (Vulnerability in the Oracle WebLogic Server product of Oracle Fusion M ...) - TODO: check + NOT-FOR-US: Oracle CVE-2022-21360 (Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition ...) - openjdk-8 - openjdk-11 11.0.14+9-1 - openjdk-17 CVE-2022-21359 (Vulnerability in the PeopleSoft Enterprise PeopleTools product of Orac ...) - TODO: check + NOT-FOR-US: Oracle CVE-2022-21358 (Vulnerability in the MySQL Server product of Oracle MySQL (component: ...) - mysql-8.0 CVE-2022-21357 (Vulnerability in the MySQL Cluster product of Oracle MySQL (component: ...) @@ -5899,25 +5899,25 @@ CVE-2022-21356 (Vulnerability in the MySQL Cluster product of Oracle MySQL (comp CVE-2022-21355 (Vulnerability in the MySQL Cluster product of Oracle MySQL (component: ...) NOT-FOR-US: MySQL Cluster CVE-2022-21354 (Vulnerability in the Oracle iStore product of Oracle E-Business Suite ...) - TODO: check + NOT-FOR-US: Oracle CVE-2022-21353 (Vulnerability in the Oracle WebLogic Server product of Oracle Fusion M ...) - TODO: check + NOT-FOR-US: Oracle CVE-2022-21352 (Vulnerability in the MySQL Server product of Oracle MySQL (component: ...) - mysql-8.0 CVE-2022-21351 (Vulnerability in the MySQL Server product of Oracle MySQL (component: ...) - mysql-8.0 CVE-2022-21350 (Vulnerability in the Oracle WebLogic Server product of Oracle Fusion M ...) - TODO: check + NOT-FOR-US: Oracle CVE-2022-21349 (Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition ...) - openjdk-8 CVE-2022-21348 (Vulnerability in the MySQL Server product of Oracle MySQL (component: ...) - mysql-8.0 CVE-2022-21347 (Vulnerability in the Oracle WebLogic Server product of Oracle Fusion M ...) - TODO: check + NOT-FOR-US: Oracle CVE-2022-21346 (Vulnerability in the Oracle BI Publisher product of Oracle Fusion Midd ...) - TODO: check + NOT-FOR-US: Oracle CVE-2022-21345 (Vulnerability in the PeopleSoft Enterprise PeopleTools product of Orac ...) - TODO: check + NOT-FOR-US: Oracle CVE-2022-21344 (Vulnerability in the MySQL Server product of Oracle MySQL (component: ...) - mysql-5.7 - mysql-8.0 @@ -5936,7 +5936,7 @@ CVE-2022-21340 (Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise E CVE-2022-21339 (Vulnerability in the MySQL Server product of Oracle MySQL (component: ...) - mysql-8.0 CVE-2022-21338 (Vulnerability in the Oracle Communications Convergence product of Orac ...) - TODO: check + NOT-FOR-US: Oracle CVE-2022-21337 (Vulnerability in the MySQL Cluster product of Oracle MySQL (component: ...) NOT-FOR-US: MySQL Cluster CVE-2022-21336 (Vulnerability in the MySQL Cluster product of Oracle MySQL (component: ...) @@ -6000,7 +6000,7 @@ CVE-2022-21308 (Vulnerability in the MySQL Cluster product of Oracle MySQL (comp CVE-2022-21307 (Vulnerability in the MySQL Cluster product of Oracle MySQL (component: ...) NOT-FOR-US: MySQL Cluster CVE-2022-21306 (Vulnerability in the Oracle WebLogic Server product of Oracle Fusion M ...) - TODO: check + NOT-FOR-US: Oracle CVE-2022-21305 (Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition ...) - openjdk-8 - openjdk-11 11.0.14+9-1 @@ -6016,13 +6016,13 @@ CVE-2022-21302 (Vulnerability in the MySQL Server product of Oracle MySQL (compo CVE-2022-21301 (Vulnerability in the MySQL Server product of Oracle MySQL (component: ...) - mysql-8.0 CVE-2022-21300 (Vulnerability in the PeopleSoft Enterprise CS SA Integration Pack prod ...) - TODO: check + NOT-FOR-US: Oracle CVE-2022-21299 (Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition ...) - openjdk-8 - openjdk-11 11.0.14+9-1 - openjdk-17 CVE-2022-21298 (Vulnerability in the Oracle Solaris product of Oracle Systems (compone ...) - TODO: check + NOT-FOR-US: Oracle CVE-2022-21297 (Vulnerability in the MySQL Server product of Oracle MySQL (component: ...) - mysql-8.0 CVE-2022-21296 (Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition ...) @@ -6040,7 +6040,7 @@ CVE-2022-21293 (Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise E - openjdk-11 11.0.14+9-1 - openjdk-17 CVE-2022-21292 (Vulnerability in the Oracle WebLogic Server product of Oracle Fusion M ...) - TODO: check + NOT-FOR-US: Oracle CVE-2022-21291 (Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition ...) - openjdk-8 - openjdk-11 11.0.14+9-1 @@ -6067,7 +6067,7 @@ CVE-2022-21282 (Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise E - openjdk-11 11.0.14+9-1 - openjdk-17 CVE-2022-21281 (Vulnerability in the Primavera Portfolio Management product of Oracle ...) - TODO: check + NOT-FOR-US: Oracle CVE-2022-21280 (Vulnerability in the MySQL Cluster product of Oracle MySQL (component: ...) NOT-FOR-US: MySQL Cluster CVE-2022-21279 (Vulnerability in the MySQL Cluster product of Oracle MySQL (component: ...) @@ -6078,15 +6078,15 @@ CVE-2022-21277 (Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise E - openjdk-11 11.0.14+9-1 - openjdk-17 CVE-2022-21276 (Vulnerability in the Oracle Communications Billing and Revenue Managem ...) - TODO: check + NOT-FOR-US: Oracle CVE-2022-21275 (Vulnerability in the Oracle Communications Billing and Revenue Managem ...) - TODO: check + NOT-FOR-US: Oracle CVE-2022-21274 (Vulnerability in the Oracle Sourcing product of Oracle E-Business Suit ...) - TODO: check + NOT-FOR-US: Oracle CVE-2022-21273 (Vulnerability in the Oracle Project Costing product of Oracle E-Busine ...) - TODO: check + NOT-FOR-US: Oracle CVE-2022-21272 (Vulnerability in the PeopleSoft Enterprise PeopleTools product of Orac ...) - TODO: check + NOT-FOR-US: Oracle CVE-2022-21271 (Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition ...) - openjdk-8 (Seems specific to Oracle Java) - openjdk-11 (Seems specific to Oracle Java) @@ -6094,45 +6094,45 @@ CVE-2022-21270 (Vulnerability in the MySQL Server product of Oracle MySQL (compo - mysql-5.7 - mysql-8.0 CVE-2022-21269 (Vulnerability in the Primavera Portfolio Management product of Oracle ...) - TODO: check + NOT-FOR-US: Oracle CVE-2022-21268 (Vulnerability in the Oracle Communications Billing and Revenue Managem ...) - TODO: check + NOT-FOR-US: Oracle CVE-2022-21267 (Vulnerability in the Oracle Communications Billing and Revenue Managem ...) - TODO: check + NOT-FOR-US: Oracle CVE-2022-21266 (Vulnerability in the Oracle Communications Billing and Revenue Managem ...) - TODO: check + NOT-FOR-US: Oracle CVE-2022-21265 (Vulnerability in the MySQL Server product of Oracle MySQL (component: ...) - mysql-8.0 CVE-2022-21264 (Vulnerability in the MySQL Server product of Oracle MySQL (component: ...) - mysql-8.0 CVE-2022-21263 (Vulnerability in the Oracle Solaris product of Oracle Systems (compone ...) - TODO: check + NOT-FOR-US: Oracle CVE-2022-21262 (Vulnerability in the Oracle WebLogic Server product of Oracle Fusion M ...) - TODO: check + NOT-FOR-US: Oracle CVE-2022-21261 (Vulnerability in the Oracle WebLogic Server product of Oracle Fusion M ...) - TODO: check + NOT-FOR-US: Oracle CVE-2022-21260 (Vulnerability in the Oracle WebLogic Server product of Oracle Fusion M ...) - TODO: check + NOT-FOR-US: Oracle CVE-2022-21259 (Vulnerability in the Oracle WebLogic Server product of Oracle Fusion M ...) - TODO: check + NOT-FOR-US: Oracle CVE-2022-21258 (Vulnerability in the Oracle WebLogic Server product of Oracle Fusion M ...) - TODO: check + NOT-FOR-US: Oracle CVE-2022-21257 (Vulnerability in the Oracle WebLogic Server product of Oracle Fusion M ...) - TODO: check + NOT-FOR-US: Oracle CVE-2022-21256 (Vulnerability in the MySQL Server product of Oracle MySQL (component: ...) - mysql-8.0 CVE-2022-21255 (Vulnerability in the Oracle Configurator product of Oracle E-Business ...) - TODO: check + NOT-FOR-US: Oracle CVE-2022-21254 (Vulnerability in the MySQL Server product of Oracle MySQL (component: ...) - mysql-8.0 CVE-2022-21253 (Vulnerability in the MySQL Server product of Oracle MySQL (component: ...) - mysql-8.0 CVE-2022-21252 (Vulnerability in the Oracle WebLogic Server product of Oracle Fusion M ...) - TODO: check + NOT-FOR-US: Oracle CVE-2022-21251 (Vulnerability in the Oracle Installed Base product of Oracle E-Busines ...) - TODO: check + NOT-FOR-US: Oracle CVE-2022-21250 (Vulnerability in the Oracle Trade Management product of Oracle E-Busin ...) - TODO: check + NOT-FOR-US: Oracle CVE-2022-21249 (Vulnerability in the MySQL Server product of Oracle MySQL (component: ...) - mysql-8.0 CVE-2022-21248 (Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition ...) @@ -6140,18 +6140,18 @@ CVE-2022-21248 (Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise E - openjdk-11 11.0.14+9-1 - openjdk-17 CVE-2022-21247 (Vulnerability in the Core RDBMS component of Oracle Database Server. S ...) - TODO: check + NOT-FOR-US: Oracle CVE-2022-21246 (Vulnerability in the Oracle Communications Operations Monitor product ...) - TODO: check + NOT-FOR-US: Oracle CVE-2022-21245 (Vulnerability in the MySQL Server product of Oracle MySQL (component: ...) - mysql-5.7 - mysql-8.0 CVE-2022-21244 (Vulnerability in the Primavera Portfolio Management product of Oracle ...) - TODO: check + NOT-FOR-US: Oracle CVE-2022-21243 (Vulnerability in the Primavera Portfolio Management product of Oracle ...) - TODO: check + NOT-FOR-US: Oracle CVE-2022-21242 (Vulnerability in the Primavera Portfolio Management product of Oracle ...) - TODO: check + NOT-FOR-US: Oracle CVE-2022-21216 RESERVED CVE-2022-21204 -- cgit v1.2.3