From aaf69e8547d297eddc2834d16288caaae32012b9 Mon Sep 17 00:00:00 2001 From: Salvatore Bonaccorso Date: Thu, 1 Apr 2021 23:00:24 +0200 Subject: Process several NFUs --- data/CVE/2020.list | 20 ++++++++++---------- data/CVE/2021.list | 22 +++++++++++----------- 2 files changed, 21 insertions(+), 21 deletions(-) diff --git a/data/CVE/2020.list b/data/CVE/2020.list index 054d438ecf..c6ca8f2a22 100644 --- a/data/CVE/2020.list +++ b/data/CVE/2020.list @@ -2439,7 +2439,7 @@ CVE-2020-35310 CVE-2020-35309 (Bakeshop Online Ordering System in PHP/MySQLi 1.0 is affected by cross ...) NOT-FOR-US: Bakeshop Online Ordering System in PHP/MySQLi CVE-2020-35308 (CONQUEST DICOM SERVER before 1.5.0 has a code execution vulnerability ...) - TODO: check + NOT-FOR-US: CONQUEST DICOM SERVER CVE-2020-35307 RESERVED CVE-2020-35306 @@ -24882,15 +24882,15 @@ CVE-2020-19645 CVE-2020-19644 RESERVED CVE-2020-19643 (Cross Site Scripting (XSS) vulnerability in INSMA Wifi Mini Spy 1080P ...) - TODO: check + NOT-FOR-US: INSMA Wifi Mini Spy 1080P HD Security IP Camera CVE-2020-19642 (An issue was discovered in INSMA Wifi Mini Spy 1080P HD Security IP Ca ...) - TODO: check + NOT-FOR-US: INSMA Wifi Mini Spy 1080P HD Security IP Camera CVE-2020-19641 (An issue was discovered in INSMA Wifi Mini Spy 1080P HD Security IP Ca ...) - TODO: check + NOT-FOR-US: INSMA Wifi Mini Spy 1080P HD Security IP Camera CVE-2020-19640 (An issue was discovered in INSMA Wifi Mini Spy 1080P HD Security IP Ca ...) - TODO: check + NOT-FOR-US: INSMA Wifi Mini Spy 1080P HD Security IP Camera CVE-2020-19639 (Cross Site Request Forgery (CSRF) vulnerability in INSMA Wifi Mini Spy ...) - TODO: check + NOT-FOR-US: INSMA Wifi Mini Spy 1080P HD Security IP Camera CVE-2020-19638 RESERVED CVE-2020-19637 @@ -49987,13 +49987,13 @@ CVE-2020-9151 CVE-2020-9150 RESERVED CVE-2020-9149 (An application error verification vulnerability exists in a component ...) - TODO: check + NOT-FOR-US: Huawei CVE-2020-9148 (An application bypass mechanism vulnerability exists in a component in ...) - TODO: check + NOT-FOR-US: Huawei CVE-2020-9147 (A memory buffer error vulnerability exists in a component interface of ...) - TODO: check + NOT-FOR-US: Huawei CVE-2020-9146 (A memory buffer error vulnerability exists in a component interface of ...) - TODO: check + NOT-FOR-US: Huawei CVE-2020-9145 (There is an Out-of-bounds Write vulnerability in some Huawei smartphon ...) NOT-FOR-US: Huawei CVE-2020-9144 (There is a heap overflow vulnerability in some Huawei smartphone, atta ...) diff --git a/data/CVE/2021.list b/data/CVE/2021.list index fa6096295a..11830a5b48 100644 --- a/data/CVE/2021.list +++ b/data/CVE/2021.list @@ -1832,7 +1832,7 @@ CVE-2021-29085 CVE-2021-29084 RESERVED CVE-2021-29083 (Improper neutralization of special elements used in an OS command in S ...) - TODO: check + NOT-FOR-US: Synology CVE-2021-3460 RESERVED CVE-2021-3459 @@ -3012,9 +3012,9 @@ CVE-2021-28548 CVE-2021-28547 RESERVED CVE-2021-28546 (Acrobat Reader DC versions versions 2020.013.20074 (and earlier), 2020 ...) - TODO: check + NOT-FOR-US: Adobe CVE-2021-28545 (Acrobat Reader DC versions versions 2020.013.20074 (and earlier), 2020 ...) - TODO: check + NOT-FOR-US: Adobe CVE-2021-28544 RESERVED CVE-2021-28543 (Varnish varnish-modules before 0.17.1 allows remote attackers to cause ...) @@ -5024,7 +5024,7 @@ CVE-2021-27655 CVE-2021-27654 RESERVED CVE-2021-27653 (Misconfiguration of the Pega Chat Access Group portal in Pega platform ...) - TODO: check + NOT-FOR-US: Pega CVE-2021-27652 RESERVED CVE-2021-27651 @@ -7101,7 +7101,7 @@ CVE-2021-26720 (avahi-daemon-check-dns.sh in the Debian avahi package through 0. CVE-2021-26719 (A directory traversal issue was discovered in Gradle gradle-enterprise ...) NOT-FOR-US: gradle-enterprise-test-distribution-agent CVE-2021-26718 (KIS for macOS in some use cases was vulnerable to AV bypass that poten ...) - TODO: check + NOT-FOR-US: KIS for macOS CVE-2021-26717 (An issue was discovered in Sangoma Asterisk 16.x before 16.16.1, 17.x ...) - asterisk 1:16.16.1~dfsg-1 (bug #983157) [buster] - asterisk (Introduced in 16.15.0) @@ -7422,9 +7422,9 @@ CVE-2021-26583 CVE-2021-26582 RESERVED CVE-2021-26581 (A potential security vulnerability has been identified in HPE Superdom ...) - TODO: check + NOT-FOR-US: HPE CVE-2021-26580 (A potential security vulnerability has been identified in HPE iLO Ampl ...) - TODO: check + NOT-FOR-US: HPE CVE-2021-26579 (A security vulnerability in HPE Unified Data Management (UDM) could al ...) NOT-FOR-US: HPE CVE-2021-26578 (A potential security vulnerability has been identified in HPE Network ...) @@ -8682,7 +8682,7 @@ CVE-2021-26074 CVE-2021-26073 RESERVED CVE-2021-26072 (The WidgetConnector plugin in Confluence Server and Confluence Data Ce ...) - TODO: check + NOT-FOR-US: Atlassian CVE-2021-26071 (The SetFeatureEnabled.jspa resource in Jira Server and Data Center bef ...) NOT-FOR-US: Atlassian CVE-2021-26070 (Affected versions of Atlassian Jira Server and Data Center allow remot ...) @@ -17581,7 +17581,7 @@ CVE-2021-21984 CVE-2021-21983 (Arbitrary file write vulnerability in vRealize Operations Manager API ...) NOT-FOR-US: vRealize Operations Manager API (Vmware) CVE-2021-21982 (VMware Carbon Black Cloud Workload appliance 1.0.0 and 1.01 has an aut ...) - TODO: check + NOT-FOR-US: VMware Carbon Black Cloud Workload appliance CVE-2021-21981 RESERVED CVE-2021-21980 @@ -18747,7 +18747,7 @@ CVE-2021-21420 CVE-2021-21419 RESERVED CVE-2021-21418 (ps_emailsubscription is a newsletter subscription module for the Prest ...) - TODO: check + NOT-FOR-US: PrestaShop CVE-2021-21417 RESERVED CVE-2021-21416 @@ -22046,7 +22046,7 @@ CVE-2021-20080 CVE-2021-20079 RESERVED CVE-2021-20078 (Manage Engine OpManager builds below 125346 are vulnerable to a remote ...) - TODO: check + NOT-FOR-US: Manage Engine OpManager CVE-2021-20077 (Nessus Agent versions 7.2.0 through 8.2.2 were found to inadvertently ...) NOT-FOR-US: Nessus Agent CVE-2021-20076 (Tenable.sc and Tenable.sc Core versions 5.13.0 through 5.17.0 were fou ...) -- cgit v1.2.3