From 71a3811f72924077e456876289b65ce04627d5b2 Mon Sep 17 00:00:00 2001 From: Salvatore Bonaccorso Date: Wed, 8 Dec 2021 09:34:18 +0100 Subject: Process some NFUs --- data/CVE/2020.list | 2 +- data/CVE/2021.list | 50 +++++++++++++++++++++++++------------------------- 2 files changed, 26 insertions(+), 26 deletions(-) diff --git a/data/CVE/2020.list b/data/CVE/2020.list index 54f5baf7dd..ad87a6f23c 100644 --- a/data/CVE/2020.list +++ b/data/CVE/2020.list @@ -9158,7 +9158,7 @@ CVE-2020-27358 (An issue was discovered in REDCap 8.11.6 through 9.x before 10. CVE-2020-27357 RESERVED CVE-2020-27356 (The debug-meta-data plugin 1.1.2 for WordPress allows XSS. ...) - TODO: check + NOT-FOR-US: debug-meta-data plugin for WordPress CVE-2020-27355 RESERVED CVE-2020-27354 diff --git a/data/CVE/2021.list b/data/CVE/2021.list index f05b195ef2..4de8b924ea 100644 --- a/data/CVE/2021.list +++ b/data/CVE/2021.list @@ -23,9 +23,9 @@ CVE-2021-44728 CVE-2021-44727 RESERVED CVE-2021-44726 (KNIME Server before 4.13.4 allows XSS via the old WebPortal login page ...) - TODO: check + NOT-FOR-US: KNIME Server CVE-2021-44725 (KNIME Server before 4.13.4 allows directory traversal in a request for ...) - TODO: check + NOT-FOR-US: KNIME Server CVE-2021-44724 RESERVED CVE-2021-44723 @@ -1415,7 +1415,7 @@ CVE-2021-44150 (The client in tusdotnet through 2.5.0 relies on SHA-1 to prevent CVE-2021-44149 (An issue was discovered in Trusted Firmware OP-TEE Trusted OS through ...) TODO: check CVE-2021-44148 (GL.iNet GL-AR150 2.x before 3.x devices, configured as repeaters, allo ...) - TODO: check + NOT-FOR-US: GL.iNet CVE-2021-44147 (An XML External Entity issue in Claris FileMaker Pro and Server (inclu ...) NOT-FOR-US: Claris CVE-2021-44146 @@ -2583,9 +2583,9 @@ CVE-2021-43640 CVE-2021-43639 RESERVED CVE-2021-43638 (Amazon Amazon WorkSpaces agent is affected by Integer Overflow. IOCTL ...) - TODO: check + NOT-FOR-US: Amazon CVE-2021-43637 (Amazon WorkSpaces agent is affected by Buffer Overflow. IOCTL Handler ...) - TODO: check + NOT-FOR-US: Amazon CVE-2021-43636 RESERVED CVE-2021-43635 @@ -4201,19 +4201,19 @@ CVE-2021-43008 CVE-2021-43007 RESERVED CVE-2021-43006 (AmZetta Amzetta zPortal DVM Tools is affected by Integer Overflow. IOC ...) - TODO: check + NOT-FOR-US: AmZetta Amzetta zPortal DVM Tools CVE-2021-43005 RESERVED CVE-2021-43004 RESERVED CVE-2021-43003 (Amzetta zPortal Windows zClient is affected by Integer Overflow. IOCTL ...) - TODO: check + NOT-FOR-US: Amzetta CVE-2021-43002 (Amzetta zPortal DVM Tools is affected by Buffer Overflow. IOCTL Handle ...) - TODO: check + NOT-FOR-US: Amzetta CVE-2021-43001 RESERVED CVE-2021-43000 (Amzetta zPortal Windows zClient is affected by Buffer Overflow. IOCTL ...) - TODO: check + NOT-FOR-US: Amzetta CVE-2021-42999 RESERVED CVE-2021-42998 @@ -4227,19 +4227,19 @@ CVE-2021-42995 CVE-2021-42994 (Donglify is affected by Buffer Overflow. IOCTL Handler 0x22001B in the ...) TODO: check CVE-2021-42993 (FlexiHub For Windows is affected by Integer Overflow. IOCTL Handler 0x ...) - TODO: check + NOT-FOR-US: FlexiHub For Windows CVE-2021-42992 RESERVED CVE-2021-42991 RESERVED CVE-2021-42990 (FlexiHub For Windows is affected by Buffer Overflow. IOCTL Handler 0x2 ...) - TODO: check + NOT-FOR-US: FlexiHub For Windows CVE-2021-42989 RESERVED CVE-2021-42988 (Eltima USB Network Gate is affected by Buffer Overflow. IOCTL Handler ...) - TODO: check + NOT-FOR-US: Eltima USB Network Gate CVE-2021-42987 (Eltima USB Network Gate is affected by Integer Overflow. IOCTL Handler ...) - TODO: check + NOT-FOR-US: Eltima USB Network Gate CVE-2021-42986 (NoMachine Enterprise Client is affected by Integer Overflow. IOCTL Han ...) TODO: check CVE-2021-42985 @@ -4898,21 +4898,21 @@ CVE-2021-42690 CVE-2021-42689 RESERVED CVE-2021-42688 (An Integer Overflow vulnerability exists in Accops HyWorks Windows Cli ...) - TODO: check + NOT-FOR-US: Accops HyWorks Windows Client CVE-2021-42687 (A Buffer Overflow vulnerability exists in Accops HyWorks Windows Clien ...) - TODO: check + NOT-FOR-US: Accops HyWorks Windows Client CVE-2021-42686 (An Integer Overflow exists in Accops HyWorks Windows Client prior to v ...) - TODO: check + NOT-FOR-US: Accops HyWorks Windows Client CVE-2021-42685 (An Integer Overflow vulnerability exists in Accops HyWorks DVM Tools p ...) - TODO: check + NOT-FOR-US: Accops HyWorks DVM Tools CVE-2021-42684 RESERVED CVE-2021-42683 (A Buffer Overflow vulnerability exists in Accops HyWorks Windows Clien ...) - TODO: check + NOT-FOR-US: Accops HyWorks Windows Client CVE-2021-42682 (An Integer Overflow vulnerability exists in Accops HyWorks DVM Tools p ...) - TODO: check + NOT-FOR-US: Accops HyWorks DVM Tools CVE-2021-42681 (A Buffer Overflow vulnerability exists in Accops HyWorks DVM Tools pri ...) - TODO: check + NOT-FOR-US: Accops HyWorks DVM Tools CVE-2021-42680 RESERVED CVE-2021-42679 @@ -5145,7 +5145,7 @@ CVE-2021-42569 CVE-2021-42568 (Sonatype Nexus Repository Manager 3.x through 3.35.0 allows attackers ...) NOT-FOR-US: Sonatype CVE-2021-42567 (Apereo CAS through 6.4.1 allows XSS via POST requests sent to the REST ...) - TODO: check + NOT-FOR-US: Apereo CAS CVE-2021-42566 (myfactory.FMS before 7.1-912 allows XSS via the Error parameter. ...) NOT-FOR-US: myfactory.FMS CVE-2021-42565 (myfactory.FMS before 7.1-912 allows XSS via the UID parameter. ...) @@ -8098,11 +8098,11 @@ CVE-2021-41313 (Affected versions of Atlassian Jira Server and Data Center allow CVE-2021-41312 (Affected versions of Atlassian Jira Server and Data Center allow a rem ...) NOT-FOR-US: Atlassian CVE-2021-41311 (Affected versions of Atlassian Jira Server and Data Center allow attac ...) - TODO: check + NOT-FOR-US: Atlassian CVE-2021-41310 (Affected versions of Atlassian Jira Server and Data Center allow anony ...) NOT-FOR-US: Atlassian CVE-2021-41309 (Affected versions of Atlassian Jira Server and Data Center allow a use ...) - TODO: check + NOT-FOR-US: Atlassian CVE-2021-41308 (Affected versions of Atlassian Jira Server and Data Center allow authe ...) NOT-FOR-US: Atlassian CVE-2021-41307 (Affected versions of Atlassian Jira Server and Data Center allow unaut ...) @@ -10627,7 +10627,7 @@ CVE-2021-40290 CVE-2021-40289 RESERVED CVE-2021-40288 (A denial-of-service attack in WPA2, and WPA3-SAE authentication method ...) - TODO: check + NOT-FOR-US: TP-Link CVE-2021-40287 RESERVED CVE-2021-40286 @@ -14258,7 +14258,7 @@ CVE-2021-38761 CVE-2021-38760 RESERVED CVE-2021-38759 (Raspberry Pi OS through 5.10 has the raspberry default password for th ...) - TODO: check + NOT-FOR-US: Raspberry Pi OS CVE-2021-38758 (Directory traversal vulnerability in Online Catering Reservation Syste ...) NOT-FOR-US: Directory traversal in Online Catering Reservation System CVE-2021-38757 (Persistent cross-site scripting (XSS) in Hospital Management System ta ...) -- cgit v1.2.3