diff options
author | Salvatore Bonaccorso <carnil@debian.org> | 2021-10-22 15:41:57 +0200 |
---|---|---|
committer | Salvatore Bonaccorso <carnil@debian.org> | 2021-10-22 15:41:57 +0200 |
commit | 7d2c366beef1b178e3644a7bc07e812fc30613b4 (patch) | |
tree | 754f7695fd32806e89b51bd2a0a85ab9664c1981 | |
parent | 85d74f2782752a3497f9a3f9478b06ee873664a2 (diff) |
Process several NFUs
-rw-r--r-- | data/CVE/2011.list | 2 | ||||
-rw-r--r-- | data/CVE/2020.list | 6 | ||||
-rw-r--r-- | data/CVE/2021.list | 86 |
3 files changed, 47 insertions, 47 deletions
diff --git a/data/CVE/2011.list b/data/CVE/2011.list index b42c970f06..bedb38c43b 100644 --- a/data/CVE/2011.list +++ b/data/CVE/2011.list @@ -11298,7 +11298,7 @@ CVE-2011-1076 (net/dns_resolver/dns_key.c in the Linux kernel before 2.6.38 allo [squeeze] - linux-2.6 <not-affected> (Introduced in 2.6.36) [wheezy] - linux-2.6 <not-affected> (Introduced in 2.6.36) CVE-2011-1075 (FreeBSD's crontab calculates the MD5 sum of the previous and new cronj ...) - TODO: check + NOT-FOR-US: FreeBSD's crontab CVE-2011-1074 (crontab.c in crontab in FreeBSD allows local users to determine the ex ...) - cron <not-affected> (Debian's cron not affected) CVE-2011-1073 (crontab.c in crontab in FreeBSD and Apple Mac OS X allows local users ...) diff --git a/data/CVE/2020.list b/data/CVE/2020.list index a925ac37c9..7467cbb522 100644 --- a/data/CVE/2020.list +++ b/data/CVE/2020.list @@ -3603,7 +3603,7 @@ CVE-2020-29623 ("Clear History and Website Data" did not clear the history. The - wpewebkit 2.30.6-1 NOTE: https://webkitgtk.org/security/WSA-2021-0002.html CVE-2020-29622 (A race condition was addressed with additional validation. This issue ...) - TODO: check + NOT-FOR-US: Apple CVE-2020-29621 (This issue was addressed with improved checks. This issue is fixed in ...) NOT-FOR-US: Apple CVE-2020-29620 (This issue was addressed with improved entitlements. This issue is fix ...) @@ -38631,7 +38631,7 @@ CVE-2020-14265 CVE-2020-14264 RESERVED CVE-2020-14263 ("HCL Traveler Companion is vulnerable to an iOS weak cryptographic pro ...) - TODO: check + NOT-FOR-US: HCL CVE-2020-14262 RESERVED CVE-2020-14261 @@ -44065,7 +44065,7 @@ CVE-2020-12143 (The certificate used to identify Orchestrator to EdgeConnect dev CVE-2020-12142 (1. IPSec UDP key material can be retrieved from machine-to-machine int ...) NOT-FOR-US: EdgeConnect CVE-2020-12141 (An out-of-bounds read in the SNMP stack in Contiki-NG 4.4 and earlier ...) - TODO: check + NOT-FOR-US: SNMP stack in Contiki-NG CVE-2020-12140 RESERVED CVE-2020-12139 diff --git a/data/CVE/2021.list b/data/CVE/2021.list index 885e1cf428..a09abe8dda 100644 --- a/data/CVE/2021.list +++ b/data/CVE/2021.list @@ -16569,7 +16569,7 @@ CVE-2021-35621 (Vulnerability in the MySQL Cluster product of Oracle MySQL (comp CVE-2021-35620 (Vulnerability in the Oracle WebLogic Server product of Oracle Fusion M ...) NOT-FOR-US: Oracle CVE-2021-35619 (Vulnerability in the Java VM component of Oracle Database Server. Supp ...) - TODO: check + NOT-FOR-US: Oracle CVE-2021-35618 (Vulnerability in the MySQL Cluster product of Oracle MySQL (component: ...) - mysql-8.0 <unfixed> CVE-2021-35617 (Vulnerability in the Oracle WebLogic Server product of Oracle Fusion M ...) @@ -17309,7 +17309,7 @@ CVE-2021-35325 (A stack overflow in the checkLoginUser function of TOTOLINK A720 CVE-2021-35324 (A vulnerability in the Form_Login function of TOTOLINK A720R A720R_Fir ...) NOT-FOR-US: TOTOLINK A720R A720R_Firmware CVE-2021-35323 (Cross Site Scripting (XSS) vulnerability exists in bludit 3-13-1 via t ...) - TODO: check + NOT-FOR-US: bludit CVE-2021-35322 RESERVED CVE-2021-35321 @@ -27923,7 +27923,7 @@ CVE-2021-30871 CVE-2021-30870 REJECTED CVE-2021-30869 (A type confusion issue was addressed with improved state handling. Thi ...) - TODO: check + NOT-FOR-US: Apple CVE-2021-30868 REJECTED CVE-2021-30867 @@ -27965,57 +27965,57 @@ CVE-2021-30852 CVE-2021-30851 REJECTED CVE-2021-30850 (An access issue was addressed with improved access restrictions. This ...) - TODO: check + NOT-FOR-US: Apple CVE-2021-30849 (Multiple memory corruption issues were addressed with improved memory ...) - TODO: check + NOT-FOR-US: Apple CVE-2021-30848 (A memory corruption issue was addressed with improved memory handling. ...) - TODO: check + NOT-FOR-US: Apple CVE-2021-30847 (This issue was addressed with improved checks. This issue is fixed in ...) - TODO: check + NOT-FOR-US: Apple CVE-2021-30846 (A memory corruption issue was addressed with improved memory handling. ...) - TODO: check + NOT-FOR-US: Apple CVE-2021-30845 (An out-of-bounds read was addressed with improved bounds checking. Thi ...) - TODO: check + NOT-FOR-US: Apple CVE-2021-30844 (A logic issue was addressed with improved state management. This issue ...) - TODO: check + NOT-FOR-US: Apple CVE-2021-30843 (This issue was addressed with improved checks. This issue is fixed in ...) - TODO: check + NOT-FOR-US: Apple CVE-2021-30842 (This issue was addressed with improved checks. This issue is fixed in ...) - TODO: check + NOT-FOR-US: Apple CVE-2021-30841 (This issue was addressed with improved checks. This issue is fixed in ...) - TODO: check + NOT-FOR-US: Apple CVE-2021-30840 RESERVED CVE-2021-30839 RESERVED CVE-2021-30838 (A memory corruption issue was addressed with improved memory handling. ...) - TODO: check + NOT-FOR-US: Apple CVE-2021-30837 (A memory consumption issue was addressed with improved memory handling ...) - TODO: check + NOT-FOR-US: Apple CVE-2021-30836 RESERVED CVE-2021-30835 (This issue was addressed with improved checks. This issue is fixed in ...) - TODO: check + NOT-FOR-US: Apple CVE-2021-30834 RESERVED CVE-2021-30833 RESERVED CVE-2021-30832 (A memory corruption issue was addressed with improved state management ...) - TODO: check + NOT-FOR-US: Apple CVE-2021-30831 RESERVED CVE-2021-30830 (A memory corruption issue was addressed with improved memory handling. ...) - TODO: check + NOT-FOR-US: Apple CVE-2021-30829 (A URI parsing issue was addressed with improved parsing. This issue is ...) - TODO: check + NOT-FOR-US: Apple CVE-2021-30828 (This issue was addressed with improved checks. This issue is fixed in ...) - TODO: check + NOT-FOR-US: Apple CVE-2021-30827 (A permissions issue existed. This issue was addressed with improved pe ...) - TODO: check + NOT-FOR-US: Apple CVE-2021-30826 (A logic issue was addressed with improved state management. This issue ...) - TODO: check + NOT-FOR-US: Apple CVE-2021-30825 (This issue was addressed with improved checks. This issue is fixed in ...) - TODO: check + NOT-FOR-US: Apple CVE-2021-30824 RESERVED CVE-2021-30823 @@ -28025,9 +28025,9 @@ CVE-2021-30822 CVE-2021-30821 RESERVED CVE-2021-30820 (A logic issue was addressed with improved state management. This issue ...) - TODO: check + NOT-FOR-US: Apple CVE-2021-30819 (An out-of-bounds read was addressed with improved input validation. Th ...) - TODO: check + NOT-FOR-US: Apple CVE-2021-30818 RESERVED CVE-2021-30817 @@ -28035,7 +28035,7 @@ CVE-2021-30817 CVE-2021-30816 RESERVED CVE-2021-30815 (A lock screen issue allowed access to contacts on a locked device. Thi ...) - TODO: check + NOT-FOR-US: Apple CVE-2021-30814 RESERVED CVE-2021-30813 @@ -28043,15 +28043,15 @@ CVE-2021-30813 CVE-2021-30812 RESERVED CVE-2021-30811 (This issue was addressed with improved checks. This issue is fixed in ...) - TODO: check + NOT-FOR-US: Apple CVE-2021-30810 (An authorization issue was addressed with improved state management. T ...) - TODO: check + NOT-FOR-US: Apple CVE-2021-30809 RESERVED CVE-2021-30808 RESERVED CVE-2021-30807 (A memory corruption issue was addressed with improved memory handling. ...) - TODO: check + NOT-FOR-US: Apple CVE-2021-30806 RESERVED CVE-2021-30805 (A memory corruption issue was addressed with improved input validation ...) @@ -29426,9 +29426,9 @@ CVE-2021-30318 CVE-2021-30317 RESERVED CVE-2021-30316 (Possible out of bound memory access due to improper boundary check whi ...) - TODO: check + NOT-FOR-US: Snapdragon CVE-2021-30315 (Improper handling of sensor HAL structure in absence of sensor can lea ...) - TODO: check + NOT-FOR-US: Snapdragon CVE-2021-30314 RESERVED CVE-2021-30313 @@ -29450,7 +29450,7 @@ CVE-2021-30306 (Possible buffer over read due to improper buffer allocation for CVE-2021-30305 (Possible out of bound access due to lack of validation of page offset ...) NOT-FOR-US: Qualcomm components for Android CVE-2021-30304 (Possible buffer out of bound read can occur due to improper validation ...) - TODO: check + NOT-FOR-US: Snapdragon CVE-2021-30303 RESERVED CVE-2021-30302 (Improper authentication of EAP WAPI EAPOL frames from unauthenticated ...) @@ -32772,7 +32772,7 @@ CVE-2021-3456 RESERVED - foreman <itp> (bug #663101) CVE-2021-28975 (WP Mailster 1.6.18.0 allows XSS when a victim opens a mail server's de ...) - TODO: check + NOT-FOR-US: WP Mailster CVE-2021-28974 RESERVED CVE-2021-28973 (The XML Import functionality of the Administration console in Perforce ...) @@ -32832,9 +32832,9 @@ CVE-2021-28954 (In Chris Walz bit before 1.0.5 on Windows, attackers can run arb CVE-2021-28953 (The unofficial C/C++ Advanced Lint extension before 1.9.0 for Visual S ...) NOT-FOR-US: unofficial C/C++ Advanced Lint extension for Visual Studio Code CVE-2021-3455 (Disconnecting L2CAP channel right after invalid ATT request leads free ...) - TODO: check + NOT-FOR-US: Zephyr, different from src:zephyr CVE-2021-3454 (Truncated L2CAP K-frame causes assertion failure. Zephyr versions > ...) - TODO: check + NOT-FOR-US: Zephyr, different from src:zephyr CVE-2021-3453 (Some Lenovo Notebook, ThinkPad, and Lenovo Desktop systems have BIOS m ...) NOT-FOR-US: Lenovo CVE-2021-3452 (A potential vulnerability in the system shutdown SMI callback function ...) @@ -33982,7 +33982,7 @@ CVE-2021-28498 (In Arista's MOS (Metamako Operating System) software which is su CVE-2021-28497 (In Arista's MOS (Metamako Operating System) software which is supporte ...) NOT-FOR-US: Arista CVE-2021-28496 (On systems running Arista EOS and CloudEOS with the affected release v ...) - TODO: check + NOT-FOR-US: Arista CVE-2021-28495 (In Arista's MOS (Metamako Operating System) software which is supporte ...) NOT-FOR-US: Arista CVE-2021-28494 (In Arista's MOS (Metamako Operating System) software which is supporte ...) @@ -35755,7 +35755,7 @@ CVE-2021-27748 CVE-2021-27747 RESERVED CVE-2021-27746 ("HCL Connections Security Update for Reflected Cross-Site Scripting (X ...) - TODO: check + NOT-FOR-US: HCL CVE-2021-27745 RESERVED CVE-2021-27744 @@ -48920,7 +48920,7 @@ CVE-2021-22036 (VMware vRealize Orchestrator ((8.x prior to 8.6) contains an ope CVE-2021-22035 (VMware vRealize Log Insight (8.x prior to 8.6) contains a CSV(Comma Se ...) NOT-FOR-US: VMware CVE-2021-22034 (Releases prior to VMware vRealize Operations Tenant App 8.6 contain an ...) - TODO: check + NOT-FOR-US: VMware CVE-2021-22033 (Releases prior to VMware vRealize Operations 8.6 contain a Server Side ...) NOT-FOR-US: VMware CVE-2021-22032 @@ -53921,7 +53921,7 @@ CVE-2021-20122 (The Telus Wi-Fi Hub (PRV65B444A-S-TS) with firmware version 3.00 CVE-2021-20121 (The Telus Wi-Fi Hub (PRV65B444A-S-TS) with firmware version 3.00.20 is ...) NOT-FOR-US: Telus Wi-Fi Hub CVE-2021-20120 (The administration web interface for the Arris Surfboard SB8200 lacks ...) - TODO: check + NOT-FOR-US: Arris Surfboard SB8200 CVE-2021-20119 RESERVED CVE-2021-20118 (Nessus Agent 8.3.0 and earlier was found to contain a local privilege ...) @@ -54191,7 +54191,7 @@ CVE-2021-2473 CVE-2021-2472 RESERVED CVE-2021-2471 (Vulnerability in the MySQL Connectors product of Oracle MySQL (compone ...) - TODO: check + NOT-FOR-US: Oracle CVE-2021-2470 RESERVED CVE-2021-2469 @@ -55244,14 +55244,14 @@ CVE-2021-1982 CVE-2021-1981 RESERVED CVE-2021-1980 (Possible buffer over read due to lack of length check while parsing be ...) - TODO: check + NOT-FOR-US: Snapdragon CVE-2021-1979 RESERVED CVE-2021-1978 RESERVED NOT-FOR-US: Qualcomm components for Android CVE-2021-1977 (Possible buffer over read due to improper validation of frame length w ...) - TODO: check + NOT-FOR-US: Snapdragon CVE-2021-1976 (A use after free can occur due to improper validation of P2P device ad ...) NOT-FOR-US: Qualcomm components for Android CVE-2021-1975 @@ -56195,7 +56195,7 @@ CVE-2021-1531 (A vulnerability in the web UI of Cisco Modeling Labs could allow CVE-2021-1530 (A vulnerability in the web-based management interface of Cisco BroadWo ...) NOT-FOR-US: Cisco CVE-2021-1529 (A vulnerability in the CLI of Cisco IOS XE SD-WAN Software could allow ...) - TODO: check + NOT-FOR-US: Cisco CVE-2021-1528 (A vulnerability in the CLI of Cisco SD-WAN Software could allow an aut ...) NOT-FOR-US: Cisco CVE-2021-1527 (A vulnerability in Cisco Webex Player for Windows and MacOS could allo ...) |