From deade0a7dea417b7660c8585e67a738333fb1502 Mon Sep 17 00:00:00 2001 From: Salvatore Bonaccorso Date: Wed, 16 Feb 2022 06:42:15 +0100 Subject: Process some NFUs --- data/CVE/2021.list | 10 +++++----- data/CVE/2022.list | 10 +++++----- 2 files changed, 10 insertions(+), 10 deletions(-) diff --git a/data/CVE/2021.list b/data/CVE/2021.list index 5922ebafbb..f098cda643 100644 --- a/data/CVE/2021.list +++ b/data/CVE/2021.list @@ -346,9 +346,9 @@ CVE-2021-4211 CVE-2021-4210 RESERVED CVE-2021-46558 (Multiple cross-site scripting (XSS) vulnerabilities in the Add User mo ...) - TODO: check + NOT-FOR-US: Issabel CVE-2021-46557 (Vicidial 2.14-783a was discovered to contain a cross-site scripting (X ...) - TODO: check + NOT-FOR-US: Vicidial CVE-2021-46556 (Cesanta MJS v2.20.0 was discovered to contain a SEGV vulnerability via ...) NOT-FOR-US: Cesanta MJS CVE-2021-46555 @@ -536,11 +536,11 @@ CVE-2021-46465 CVE-2021-46464 RESERVED CVE-2021-46463 (njs through 0.7.1, used in NGINX, was discovered to contain a control ...) - TODO: check + NOT-FOR-US: njs CVE-2021-46462 (njs through 0.7.1, used in NGINX, was discovered to contain a segmenta ...) - TODO: check + NOT-FOR-US: njs CVE-2021-46461 (njs through 0.7.0, used in NGINX, was discovered to contain an out-of- ...) - TODO: check + NOT-FOR-US: njs CVE-2021-46460 RESERVED CVE-2021-46459 (Victor CMS v1.0 was discovered to contain multiple SQL injection vulne ...) diff --git a/data/CVE/2022.list b/data/CVE/2022.list index 68cbb71a24..13612f1eb9 100644 --- a/data/CVE/2022.list +++ b/data/CVE/2022.list @@ -4216,7 +4216,7 @@ CVE-2022-23639 (crossbeam-utils provides atomics, synchronization primitives, sc CVE-2022-23638 (svg-sanitizer is a SVG/XML sanitizer written in PHP. A cross-site scri ...) TODO: check CVE-2022-23637 (K-Box is a web-based application to manage documents, images, videos a ...) - TODO: check + NOT-FOR-US: K-Box CVE-2022-23636 RESERVED CVE-2022-23635 @@ -4305,7 +4305,7 @@ CVE-2022-23606 CVE-2022-23605 (Wire webapp is a web client for the wire messaging protocol. In versio ...) NOT-FOR-US: Wire webapp CVE-2022-23604 (x26-Cogs is a repository of cogs made by Twentysix for the Red Discord ...) - TODO: check + NOT-FOR-US: x26-Cogs CVE-2022-23603 (iTunesRPC-Remastered is a discord rich presence application for use wi ...) NOT-FOR-US: iTunesRPC-Remastered CVE-2022-23602 (Nimforum is a lightweight alternative to Discourse written in Nim. In ...) @@ -4911,7 +4911,7 @@ CVE-2022-23386 CVE-2022-23385 RESERVED CVE-2022-23384 (YzmCMS v6.3 is affected by Cross Site Request Forgery (CSRF) in /admin ...) - TODO: check + NOT-FOR-US: YzmCMS CVE-2022-23383 RESERVED CVE-2022-23382 @@ -5045,7 +5045,7 @@ CVE-2022-23319 CVE-2022-23318 RESERVED CVE-2022-23317 (CobaltStrike <=4.5 HTTP(S) listener does not determine whether the ...) - TODO: check + NOT-FOR-US: CobaltStrike CVE-2022-23316 (An issue was discovered in taoCMS v3.0.2. There is an arbitrary file r ...) NOT-FOR-US: taocms CVE-2022-23315 (MCMS v5.2.4 was discovered to contain an arbitrary file upload vulnera ...) @@ -6636,7 +6636,7 @@ CVE-2022-22772 CVE-2022-22771 RESERVED CVE-2022-22770 (The Web Server component of TIBCO Software Inc.'s TIBCO AuditSafe cont ...) - TODO: check + NOT-FOR-US: TIBCO CVE-2022-22769 (The Web server component of TIBCO Software Inc.'s TIBCO EBX, TIBCO EBX ...) NOT-FOR-US: TIBCO CVE-2022-22768 -- cgit v1.2.3