From 591d096f5817e4f8e5251915b360d9964107faf5 Mon Sep 17 00:00:00 2001 From: Salvatore Bonaccorso Date: Wed, 26 Jan 2022 22:36:28 +0100 Subject: Process NFUs --- data/CVE/2021.list | 34 +++++++++++++++++----------------- data/CVE/2022.list | 10 +++++----- 2 files changed, 22 insertions(+), 22 deletions(-) diff --git a/data/CVE/2021.list b/data/CVE/2021.list index 750f749f22..e449df8abf 100644 --- a/data/CVE/2021.list +++ b/data/CVE/2021.list @@ -170,25 +170,25 @@ CVE-2021-46485 CVE-2021-46484 RESERVED CVE-2021-46483 (Jsish v3.5.0 was discovered to contain a heap buffer overflow via Bool ...) - TODO: check + NOT-FOR-US: Jsish CVE-2021-46482 (Jsish v3.5.0 was discovered to contain a heap buffer overflow via Numb ...) - TODO: check + NOT-FOR-US: Jsish CVE-2021-46481 (Jsish v3.5.0 was discovered to contain a memory leak via linenoise at ...) - TODO: check + NOT-FOR-US: Jsish CVE-2021-46480 (Jsish v3.5.0 was discovered to contain a heap buffer overflow via jsiV ...) - TODO: check + NOT-FOR-US: Jsish CVE-2021-46479 RESERVED CVE-2021-46478 (Jsish v3.5.0 was discovered to contain a heap buffer overflow via jsiC ...) - TODO: check + NOT-FOR-US: Jsish CVE-2021-46477 (Jsish v3.5.0 was discovered to contain a heap buffer overflow via RegE ...) - TODO: check + NOT-FOR-US: Jsish CVE-2021-46476 RESERVED CVE-2021-46475 (Jsish v3.5.0 was discovered to contain a heap buffer overflow via jsi_ ...) - TODO: check + NOT-FOR-US: Jsish CVE-2021-46474 (Jsish v3.5.0 was discovered to contain a heap buffer overflow via jsiE ...) - TODO: check + NOT-FOR-US: Jsish CVE-2021-46473 RESERVED CVE-2021-46472 @@ -371,13 +371,13 @@ CVE-2021-46388 CVE-2021-46387 RESERVED CVE-2021-46386 (https://gitee.com/mingSoft/MCMS MCMS <=5.2.5 is affected by: File U ...) - TODO: check + NOT-FOR-US: MCMS CVE-2021-46385 (https://gitee.com/mingSoft/MCMS MCMS <=5.2.5 is affected by: SQL In ...) - TODO: check + NOT-FOR-US: MCMS CVE-2021-46384 RESERVED CVE-2021-46383 (https://gitee.com/mingSoft/MCMS MCMS <=5.2.5 is affected by: SQL In ...) - TODO: check + NOT-FOR-US: MCMS CVE-2021-46382 RESERVED CVE-2021-46381 @@ -1026,15 +1026,15 @@ CVE-2021-46120 CVE-2021-46119 RESERVED CVE-2021-46118 (jpress 4.2.0 is vulnerable to remote code execution via io.jpress.modu ...) - TODO: check + NOT-FOR-US: jpress CVE-2021-46117 (jpress 4.2.0 is vulnerable to remote code execution via io.jpress.modu ...) - TODO: check + NOT-FOR-US: jpress CVE-2021-46116 (jpress 4.2.0 is vulnerable to remote code execution via io.jpress.web. ...) - TODO: check + NOT-FOR-US: jpress CVE-2021-46115 (jpress 4.2.0 is vulnerable to RCE via io.jpress.web.admin._TemplateCon ...) - TODO: check + NOT-FOR-US: jpress CVE-2021-46114 (jpress v 4.2.0 is vulnerable to RCE via io.jpress.module.product.Produ ...) - TODO: check + NOT-FOR-US: jpress CVE-2021-46113 (In MartDevelopers KEA-Hotel-ERP open source as of 12-31-2021, a remote ...) NOT-FOR-US: MartDevelopers KEA-Hotel-ERP open source CVE-2021-46112 @@ -1374,7 +1374,7 @@ CVE-2021-45977 CVE-2021-45976 RESERVED CVE-2021-45975 (In ListCheck.exe in Acer Care Center 4.x before 4.00.3038, a vulnerabi ...) - TODO: check + NOT-FOR-US: Acer CVE-2021-45974 RESERVED CVE-2021-45973 diff --git a/data/CVE/2022.list b/data/CVE/2022.list index 245d259991..13ad061ff2 100644 --- a/data/CVE/2022.list +++ b/data/CVE/2022.list @@ -1756,7 +1756,7 @@ CVE-2022-0271 CVE-2022-0270 (Prior to v0.6.1, bored-agent failed to sanitize incoming kubernetes im ...) TODO: check CVE-2022-0269 (Cross-Site Request Forgery (CSRF) in Packagist yetiforce/yetiforce-crm ...) - TODO: check + NOT-FOR-US: yetiforce-crm CVE-2022-0268 (Cross-site Scripting (XSS) - Stored in Packagist getgrav/grav prior to ...) TODO: check CVE-2022-0267 @@ -1810,7 +1810,7 @@ CVE-2022-0253 (livehelperchat is vulnerable to Improper Neutralization of Input CVE-2022-0252 RESERVED CVE-2022-0251 (Cross-site Scripting (XSS) - Stored in GitHub repository pimcore/pimco ...) - TODO: check + NOT-FOR-US: pimcore CVE-2022-0250 RESERVED CVE-2022-0249 @@ -2989,11 +2989,11 @@ CVE-2022-22854 CVE-2022-22853 RESERVED CVE-2022-22852 (A Stored Cross Site Scripting (XSS) vulnerability exists in Sourcecodt ...) - TODO: check + NOT-FOR-US: Sourcecodtester CVE-2022-22851 (A Stored Cross Site Scripting (XSS) vulnerability exists in Sourcecodt ...) - TODO: check + NOT-FOR-US: Sourcecodtester CVE-2022-22850 (A Stored Cross Site Scripting (XSS) vulnerability exists in Sourcecodt ...) - TODO: check + NOT-FOR-US: Sourcecodtester CVE-2022-22849 RESERVED CVE-2022-22149 -- cgit v1.2.3