From a0fd5a8c9d705f08fdae686bcb0da3f6bdf278c5 Mon Sep 17 00:00:00 2001 From: Salvatore Bonaccorso Date: Wed, 17 Nov 2021 21:28:02 +0100 Subject: Process several NFUs --- data/CVE/2020.list | 2 +- data/CVE/2021.list | 68 +++++++++++++++++++++++++++--------------------------- 2 files changed, 35 insertions(+), 35 deletions(-) diff --git a/data/CVE/2020.list b/data/CVE/2020.list index d19863922d..2f2c89c7db 100644 --- a/data/CVE/2020.list +++ b/data/CVE/2020.list @@ -41963,7 +41963,7 @@ CVE-2020-12963 (An insufficient pointer validation vulnerability in the AMD Grap CVE-2020-12962 (Escape call interface in the AMD Graphics Driver for Windows may cause ...) NOT-FOR-US: AMD CVE-2020-12961 (A potential vulnerability exists in AMD Platform Security Processor (P ...) - TODO: check + NOT-FOR-US: AMD CVE-2020-12960 (AMD Graphics Driver for Windows 10, amdfender.sys may improperly handl ...) NOT-FOR-US: AMD CVE-2020-12959 diff --git a/data/CVE/2021.list b/data/CVE/2021.list index de2064d902..ed8f8e4d38 100644 --- a/data/CVE/2021.list +++ b/data/CVE/2021.list @@ -31,11 +31,11 @@ CVE-2021-43981 CVE-2021-43980 RESERVED CVE-2021-43979 (** DISPUTED ** Styra Open Policy Agent (OPA) Gatekeeper through 3.7.0 ...) - TODO: check + NOT-FOR-US: Styra Open Policy Agent (OPA) Gatekeeper CVE-2021-43978 RESERVED CVE-2021-43977 (SmarterTools SmarterMail 16.x through 100.x before 100.0.7803 allows X ...) - TODO: check + NOT-FOR-US: SmarterTools CVE-2021-43976 (In the Linux kernel through 5.15.2, mwifiex_usb_recv in drivers/net/wi ...) - linux NOTE: https://patchwork.kernel.org/project/linux-wireless/patch/YX4CqjfRcTa6bVL+@Zekuns-MBP-16.fios-router.home/ @@ -1000,11 +1000,11 @@ CVE-2021-43555 CVE-2021-43554 RESERVED CVE-2021-43553 (PI Vision could disclose information to a user with insufficient privi ...) - TODO: check + NOT-FOR-US: OSIsoft CVE-2021-43552 RESERVED CVE-2021-43551 (A remote attacker with write access to PI Vision could inject code int ...) - TODO: check + NOT-FOR-US: OSIsoft CVE-2021-43550 RESERVED CVE-2021-43549 @@ -2371,11 +2371,11 @@ CVE-2021-42958 CVE-2021-42957 RESERVED CVE-2021-42956 (Zoho Remote Access Plus Server Windows Desktop Binary fixed in 10.1.21 ...) - TODO: check + NOT-FOR-US: Zoho CVE-2021-42955 (Zoho Remote Access Plus Server Windows Desktop binary fixed in version ...) - TODO: check + NOT-FOR-US: Zoho CVE-2021-42954 (Zoho Remote Access Plus Server Windows Desktop Binary fixed from 10.1. ...) - TODO: check + NOT-FOR-US: Zoho CVE-2021-42953 RESERVED CVE-2021-42952 @@ -3685,9 +3685,9 @@ CVE-2021-42364 CVE-2021-42363 RESERVED CVE-2021-42362 (The WordPress Popular Posts WordPress plugin is vulnerable to arbitrar ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2021-42361 (The Contact Form Email WordPress plugin is vulnerable to Stored Cross- ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2021-42360 (On sites that also had the Elementor plugin for WordPress installed, i ...) NOT-FOR-US: Elementor plugin for WordPress CVE-2021-42359 (WP DSGVO Tools (GDPR) <= 3.1.23 had an AJAX action, ‘admin-di ...) @@ -3957,7 +3957,7 @@ CVE-2021-42252 (An issue was discovered in aspeed_lpc_ctrl_mmap in drivers/soc/a CVE-2021-42251 RESERVED CVE-2021-42250 (Improper output neutralization for Logs. A specific Apache Superset HT ...) - TODO: check + NOT-FOR-US: Apache Superset CVE-2021-42249 RESERVED CVE-2021-42248 @@ -4708,7 +4708,7 @@ CVE-2021-41933 CVE-2021-41932 RESERVED CVE-2021-41931 (The Company's Recruitment Management System in id=2 of the parameter f ...) - TODO: check + NOT-FOR-US: Company's Recruitment Management System CVE-2021-41930 RESERVED CVE-2021-41929 @@ -7483,7 +7483,7 @@ CVE-2021-40747 CVE-2021-40746 RESERVED CVE-2021-40745 (Adobe Campaign version 21.2.1 (and earlier) is affected by a Path Trav ...) - TODO: check + NOT-FOR-US: Adobe CVE-2021-40744 RESERVED CVE-2021-40743 @@ -19719,7 +19719,7 @@ CVE-2021-35530 CVE-2021-35529 (Insufficiently Protected Credentials vulnerability in client environme ...) NOT-FOR-US: Hitachi CVE-2021-35528 (Improper Access Control vulnerability in the application authenticatio ...) - TODO: check + NOT-FOR-US: Hitachi CVE-2021-35527 (Password autocomplete vulnerability in the web application password fi ...) NOT-FOR-US: Hitachi ABB Power Grids eSOMS CVE-2021-35526 (Backup file without encryption vulnerability is found in Hitachi ABB P ...) @@ -26686,7 +26686,7 @@ CVE-2021-32602 (An improper neutralization of input during web page generation v CVE-2021-32601 RESERVED CVE-2021-32600 (An exposure of sensitive information to an unauthorized actor vulnerab ...) - TODO: check + NOT-FOR-US: Fortiguard CVE-2021-32599 RESERVED CVE-2021-32598 (An improper neutralization of CRLF sequences in HTTP headers ('HTTP Re ...) @@ -27585,7 +27585,7 @@ CVE-2021-32236 CVE-2021-32235 RESERVED CVE-2021-32234 (SmarterTools SmarterMail 16.x through 100.x before 100.0.7803 allows r ...) - TODO: check + NOT-FOR-US: SmarterTools CVE-2021-32233 (SmarterTools SmarterMail before Build 7776 allows XSS. ...) NOT-FOR-US: SmarterTools SmarterMail CVE-2021-32232 @@ -45687,25 +45687,25 @@ CVE-2021-24858 CVE-2021-24857 RESERVED CVE-2021-24856 (The Shared Files WordPress plugin before 1.6.61 does not sanitise and ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2021-24855 RESERVED CVE-2021-24854 (The QR Redirector WordPress plugin before 1.6.1 does not sanitise and ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2021-24853 (The QR Redirector WordPress plugin before 1.6 does not have capability ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2021-24852 (The MouseWheel Smooth Scroll WordPress plugin before 5.7 does not have ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2021-24851 (The Insert Pages WordPress plugin before 3.7.0 allows users with a rol ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2021-24850 (The Insert Pages WordPress plugin before 3.7.0 adds a shortcode that p ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2021-24849 RESERVED CVE-2021-24848 RESERVED CVE-2021-24847 (The importFromRedirection AJAX action of the SEO Redirection Plugin &# ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2021-24846 RESERVED CVE-2021-24845 @@ -45717,7 +45717,7 @@ CVE-2021-24843 CVE-2021-24842 RESERVED CVE-2021-24841 (The Helpful WordPress plugin before 4.4.59 does not sanitise and escap ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2021-24840 (The Squaretype WordPress theme before 3.0.4 allows unauthenticated use ...) NOT-FOR-US: WordPress theme CVE-2021-24839 @@ -45731,9 +45731,9 @@ CVE-2021-24836 CVE-2021-24835 (The WCFM – Frontend Manager for WooCommerce along with Bookings ...) NOT-FOR-US: WordPress plugin CVE-2021-24834 (The YOP Poll WordPress plugin before 6.3.1 is affected by a stored Cro ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2021-24833 (The YOP Poll WordPress plugin before 6.3.1 is affected by a stored Cro ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2021-24832 (The WP SEO Redirect 301 WordPress plugin before 2.3.2 does not have CS ...) NOT-FOR-US: WordPress plugin CVE-2021-24831 @@ -45769,7 +45769,7 @@ CVE-2021-24817 CVE-2021-24816 (The Phoenix Media Rename WordPress plugin before 3.4.4 does not have c ...) NOT-FOR-US: WordPress plugin CVE-2021-24815 (The Accept Donations with PayPal WordPress plugin before 1.3.2 does no ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2021-24814 RESERVED CVE-2021-24813 (The Events Made Easy WordPress plugin before 2.2.24 does not sanitise ...) @@ -45791,11 +45791,11 @@ CVE-2021-24806 (The wpDiscuz WordPress plugin before 7.3.4 does check for CSRF w CVE-2021-24805 RESERVED CVE-2021-24804 (The Simple JWT Login WordPress plugin before 3.2.1 does not have nonce ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2021-24803 RESERVED CVE-2021-24802 (The Colorful Categories WordPress plugin before 2.0.15 does not enforc ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2021-24801 (The WP Survey Plus WordPress plugin through 1.0 does not have any auth ...) NOT-FOR-US: WordPress plugin CVE-2021-24800 @@ -45807,7 +45807,7 @@ CVE-2021-24798 (The WP Header Images WordPress plugin before 2.0.1 does not sani CVE-2021-24797 RESERVED CVE-2021-24796 (The My Tickets WordPress plugin before 1.8.31 does not properly saniti ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2021-24795 RESERVED CVE-2021-24794 (The Connections Business Directory WordPress plugin before 10.4.3 does ...) @@ -45825,7 +45825,7 @@ CVE-2021-24789 (The Flat Preloader WordPress plugin before 1.5.5 does not escape CVE-2021-24788 (The Batch Cat WordPress plugin through 0.3 defines 3 custom AJAX actio ...) NOT-FOR-US: WordPress plugin CVE-2021-24787 (The Client Invoicing by Sprout Invoices WordPress plugin before 19.9.7 ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2021-24786 RESERVED CVE-2021-24785 (The Great Quotes WordPress plugin through 1.0.0 does not sanitise and ...) @@ -45847,7 +45847,7 @@ CVE-2021-24778 CVE-2021-24777 RESERVED CVE-2021-24776 (The WP Performance Score Booster WordPress plugin before 2.1 does not ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2021-24775 RESERVED CVE-2021-24774 (The Check & Log Email WordPress plugin before 1.0.3 does not valid ...) @@ -45855,7 +45855,7 @@ CVE-2021-24774 (The Check & Log Email WordPress plugin before 1.0.3 does not CVE-2021-24773 (The WordPress Download Manager WordPress plugin before 3.2.16 does not ...) NOT-FOR-US: WordPress plugin CVE-2021-24772 (The Stream WordPress plugin before 3.8.2 does not sanitise and validat ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2021-24771 RESERVED CVE-2021-24770 (The Stylish Price List WordPress plugin before 6.9.1 does not perform ...) @@ -45883,7 +45883,7 @@ CVE-2021-24760 (The Gutenberg PDF Viewer Block WordPress plugin before 1.0.1 doe CVE-2021-24759 RESERVED CVE-2021-24758 (The Email Log WordPress plugin before 2.4.7 does not properly validate ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2021-24757 (The Stylish Price List WordPress plugin before 6.9.0 does not perform ...) NOT-FOR-US: WordPress plugin CVE-2021-24756 @@ -46203,7 +46203,7 @@ CVE-2021-24600 (The WP Dialog WordPress plugin through 1.2.5.5 does not sanitise CVE-2021-24599 (The Email Encoder – Protect Email Addresses WordPress plugin bef ...) NOT-FOR-US: WordPress plugin CVE-2021-24598 (The Testimonial WordPress plugin before 1.6.0 does not escape some tes ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2021-24597 (The You Shang WordPress plugin through 1.0.1 does not escape its qrcod ...) NOT-FOR-US: WordPress plugin CVE-2021-24596 (The youForms for WordPress plugin through 1.0.5 does not sanitise esca ...) -- cgit v1.2.3