From 567bd0a3595a5d93e808853c644c14d52f93bb64 Mon Sep 17 00:00:00 2001 From: Salvatore Bonaccorso Date: Thu, 4 Mar 2021 21:18:02 +0100 Subject: Process some NFUs --- data/CVE/2020.list | 24 ++++++++++++------------ data/CVE/2021.list | 28 ++++++++++++++-------------- 2 files changed, 26 insertions(+), 26 deletions(-) diff --git a/data/CVE/2020.list b/data/CVE/2020.list index 20e5651e11..0faa1f6d7e 100644 --- a/data/CVE/2020.list +++ b/data/CVE/2020.list @@ -2263,11 +2263,11 @@ CVE-2020-35331 CVE-2020-35330 RESERVED CVE-2020-35329 (Courier Management System 1.0 1.0 is affected by SQL Injection via 'MU ...) - TODO: check + NOT-FOR-US: Courier Management System CVE-2020-35328 (Courier Management System 1.0 - 'First Name' Stored XSS ...) - TODO: check + NOT-FOR-US: Courier Management System CVE-2020-35327 (SQL injection vulnerability was discovered in Courier Management Syste ...) - TODO: check + NOT-FOR-US: Courier Management System CVE-2020-35326 RESERVED CVE-2020-35325 @@ -5248,7 +5248,7 @@ CVE-2020-28599 (A stack-based buffer overflow vulnerability exists in the import CVE-2020-28598 RESERVED CVE-2020-28597 (A predictable seed vulnerability exists in the password reset function ...) - TODO: check + NOT-FOR-US: Epignosis EfrontPro CVE-2020-28596 (A stack-based buffer overflow vulnerability exists in the Objparser::o ...) NOT-FOR-US: PrusaSlicer CVE-2020-28595 (An out-of-bounds write vulnerability exists in the Obj.cpp load_obj() ...) @@ -15833,7 +15833,7 @@ CVE-2020-24038 CVE-2020-24037 RESERVED CVE-2020-24036 (PHP object injection in the Ajax endpoint of the backend in ForkCMS be ...) - TODO: check + NOT-FOR-US: ForkCMS CVE-2020-24035 RESERVED CVE-2020-24034 (Sagemcom F@ST 5280 routers using firmware version 1.150.61 have insecu ...) @@ -32533,9 +32533,9 @@ CVE-2020-15940 CVE-2020-15939 RESERVED CVE-2020-15938 (When traffic other than HTTP/S (eg: SSH traffic, etc...) traverses the ...) - TODO: check + NOT-FOR-US: FortiGate FortiGuard CVE-2020-15937 (An improper neutralization of input vulnerability in FortiGate version ...) - TODO: check + NOT-FOR-US: FortiGate FortiGuard CVE-2020-15936 RESERVED CVE-2020-15935 @@ -59775,7 +59775,7 @@ CVE-2020-4977 CVE-2020-4976 RESERVED CVE-2020-4975 (IBM Engineering products are vulnerable to cross-site scripting. This ...) - TODO: check + NOT-FOR-US: IBM CVE-2020-4974 RESERVED CVE-2020-4973 @@ -59993,13 +59993,13 @@ CVE-2020-4868 CVE-2020-4867 RESERVED CVE-2020-4866 (IBM Engineering products are vulnerable to cross-site scripting. This ...) - TODO: check + NOT-FOR-US: IBM CVE-2020-4865 (IBM Jazz Foundation products is vulnerable to cross-site scripting. Th ...) NOT-FOR-US: IBM CVE-2020-4864 (IBM Resilient SOAR V38.0 could allow an attacker on the internal net w ...) NOT-FOR-US: IBM CVE-2020-4863 (IBM Engineering products are vulnerable to stored cross-site scripting ...) - TODO: check + NOT-FOR-US: IBM CVE-2020-4862 RESERVED CVE-2020-4861 @@ -60011,9 +60011,9 @@ CVE-2020-4859 CVE-2020-4858 RESERVED CVE-2020-4857 (IBM Engineering products are vulnerable to stored cross-site scripting ...) - TODO: check + NOT-FOR-US: IBM CVE-2020-4856 (IBM Engineering products are vulnerable to stored cross-site scripting ...) - TODO: check + NOT-FOR-US: IBM CVE-2020-4855 (IBM Jazz Foundation products is vulnerable to cross-site scripting. Th ...) NOT-FOR-US: IBM CVE-2020-4854 (IBM Spectrum Protect Plus 10.1.0 thorugh 10.1.6 contains hard-coded cr ...) diff --git a/data/CVE/2021.list b/data/CVE/2021.list index 2a513402d0..c40a93183b 100644 --- a/data/CVE/2021.list +++ b/data/CVE/2021.list @@ -4341,11 +4341,11 @@ CVE-2021-26031 CVE-2021-26030 RESERVED CVE-2021-26029 (An issue was discovered in Joomla! 1.6.0 through 3.9.24. Inadequate fi ...) - TODO: check + NOT-FOR-US: Joomla! CVE-2021-26028 (An issue was discovered in Joomla! 3.0.0 through 3.9.24. Extracting an ...) - TODO: check + NOT-FOR-US: Joomla! CVE-2021-26027 (An issue was discovered in Joomla! 3.0.0 through 3.9.24. Incorrect ACL ...) - TODO: check + NOT-FOR-US: Joomla! CVE-2021-3287 RESERVED CVE-2021-26026 (PlugIns\IDE_ACDStd.apl in ACDSee Professional 2021 14.0 1721 has a Use ...) @@ -10702,19 +10702,19 @@ CVE-2021-23134 CVE-2021-23133 RESERVED CVE-2021-23132 (An issue was discovered in Joomla! 3.0.0 through 3.9.24. com_media all ...) - TODO: check + NOT-FOR-US: Joomla! CVE-2021-23131 (An issue was discovered in Joomla! 3.2.0 through 3.9.24. Missing input ...) - TODO: check + NOT-FOR-US: Joomla! CVE-2021-23130 (An issue was discovered in Joomla! 2.5.0 through 3.9.24. Missing filte ...) - TODO: check + NOT-FOR-US: Joomla! CVE-2021-23129 (An issue was discovered in Joomla! 2.5.0 through 3.9.24. Missing filte ...) - TODO: check + NOT-FOR-US: Joomla! CVE-2021-23128 (An issue was discovered in Joomla! 3.2.0 through 3.9.24. The core ship ...) - TODO: check + NOT-FOR-US: Joomla! CVE-2021-23127 (An issue was discovered in Joomla! 3.2.0 through 3.9.24. Usage of an i ...) - TODO: check + NOT-FOR-US: Joomla! CVE-2021-23126 (An issue was discovered in Joomla! 3.2.0 through 3.9.24. Usage of the ...) - TODO: check + NOT-FOR-US: Joomla! CVE-2021-23125 (An issue was discovered in Joomla! 3.1.0 through 3.9.23. The lack of e ...) NOT-FOR-US: Joomla! CVE-2021-23124 (An issue was discovered in Joomla! 3.9.0 through 3.9.23. The lack of e ...) @@ -12777,7 +12777,7 @@ CVE-2021-22130 CVE-2021-22129 RESERVED CVE-2021-22128 (An improper access control vulnerability in FortiProxy SSL VPN portal ...) - TODO: check + NOT-FOR-US: FortiProxy SSL VPN portal CVE-2021-22127 RESERVED CVE-2021-22126 @@ -16609,9 +16609,9 @@ CVE-2021-20353 (IBM WebSphere Application Server 7.0, 8.0, 8.5, and 9.0 is vulne CVE-2021-20352 RESERVED CVE-2021-20351 (IBM Engineering products are vulnerable to cross-site scripting. This ...) - TODO: check + NOT-FOR-US: IBM CVE-2021-20350 (IBM Engineering products are vulnerable to cross-site scripting. This ...) - TODO: check + NOT-FOR-US: IBM CVE-2021-20349 RESERVED CVE-2021-20348 @@ -16631,7 +16631,7 @@ CVE-2021-20342 CVE-2021-20341 RESERVED CVE-2021-20340 (IBM Engineering products are vulnerable to cross-site scripting. This ...) - TODO: check + NOT-FOR-US: IBM CVE-2021-20339 RESERVED CVE-2021-20338 -- cgit v1.2.3