Process several NFUs

3 files changed, 47 insertions, 47 deletions

diff --git a/data/CVE/2011.list b/data/CVE/2011.list
index b42c970f06..bedb38c43b 100644
--- a/data/CVE/2011.list
+++ b/data/CVE/2011.list
@@ -11298,7 +11298,7 @@ CVE-2011-1076 (net/dns_resolver/dns_key.c in the Linux kernel before 2.6.38 allo
 	[squeeze] - linux-2.6 <not-affected> (Introduced in 2.6.36)
 	[wheezy] - linux-2.6 <not-affected> (Introduced in 2.6.36)
 CVE-2011-1075 (FreeBSD's crontab calculates the MD5 sum of the previous and new cronj ...)
-	TODO: check
+	NOT-FOR-US: FreeBSD's crontab
 CVE-2011-1074 (crontab.c in crontab in FreeBSD allows local users to determine the ex ...)
 	- cron <not-affected> (Debian's cron not affected)
 CVE-2011-1073 (crontab.c in crontab in FreeBSD and Apple Mac OS X allows local users  ...)
diff --git a/data/CVE/2020.list b/data/CVE/2020.list
index a925ac37c9..7467cbb522 100644
--- a/data/CVE/2020.list
+++ b/data/CVE/2020.list
@@ -3603,7 +3603,7 @@ CVE-2020-29623 ("Clear History and Website Data" did not clear the history. The
 	- wpewebkit 2.30.6-1
 	NOTE: https://webkitgtk.org/security/WSA-2021-0002.html
 CVE-2020-29622 (A race condition was addressed with additional validation. This issue  ...)
-	TODO: check
+	NOT-FOR-US: Apple
 CVE-2020-29621 (This issue was addressed with improved checks. This issue is fixed in  ...)
 	NOT-FOR-US: Apple
 CVE-2020-29620 (This issue was addressed with improved entitlements. This issue is fix ...)
@@ -38631,7 +38631,7 @@ CVE-2020-14265
 CVE-2020-14264
 	RESERVED
 CVE-2020-14263 ("HCL Traveler Companion is vulnerable to an iOS weak cryptographic pro ...)
-	TODO: check
+	NOT-FOR-US: HCL
 CVE-2020-14262
 	RESERVED
 CVE-2020-14261
@@ -44065,7 +44065,7 @@ CVE-2020-12143 (The certificate used to identify Orchestrator to EdgeConnect dev
 CVE-2020-12142 (1. IPSec UDP key material can be retrieved from machine-to-machine int ...)
 	NOT-FOR-US: EdgeConnect
 CVE-2020-12141 (An out-of-bounds read in the SNMP stack in Contiki-NG 4.4 and earlier  ...)
-	TODO: check
+	NOT-FOR-US: SNMP stack in Contiki-NG
 CVE-2020-12140
 	RESERVED
 CVE-2020-12139
diff --git a/data/CVE/2021.list b/data/CVE/2021.list
index 885e1cf428..a09abe8dda 100644
--- a/data/CVE/2021.list
+++ b/data/CVE/2021.list
@@ -16569,7 +16569,7 @@ CVE-2021-35621 (Vulnerability in the MySQL Cluster product of Oracle MySQL (comp
 CVE-2021-35620 (Vulnerability in the Oracle WebLogic Server product of Oracle Fusion M ...)
 	NOT-FOR-US: Oracle
 CVE-2021-35619 (Vulnerability in the Java VM component of Oracle Database Server. Supp ...)
-	TODO: check
+	NOT-FOR-US: Oracle
 CVE-2021-35618 (Vulnerability in the MySQL Cluster product of Oracle MySQL (component: ...)
 	- mysql-8.0 <unfixed>
 CVE-2021-35617 (Vulnerability in the Oracle WebLogic Server product of Oracle Fusion M ...)
@@ -17309,7 +17309,7 @@ CVE-2021-35325 (A stack overflow in the checkLoginUser function of TOTOLINK A720
 CVE-2021-35324 (A vulnerability in the Form_Login function of TOTOLINK A720R A720R_Fir ...)
 	NOT-FOR-US: TOTOLINK A720R A720R_Firmware
 CVE-2021-35323 (Cross Site Scripting (XSS) vulnerability exists in bludit 3-13-1 via t ...)
-	TODO: check
+	NOT-FOR-US: bludit
 CVE-2021-35322
 	RESERVED
 CVE-2021-35321
@@ -27923,7 +27923,7 @@ CVE-2021-30871
 CVE-2021-30870
 	REJECTED
 CVE-2021-30869 (A type confusion issue was addressed with improved state handling. Thi ...)
-	TODO: check
+	NOT-FOR-US: Apple
 CVE-2021-30868
 	REJECTED
 CVE-2021-30867
@@ -27965,57 +27965,57 @@ CVE-2021-30852
 CVE-2021-30851
 	REJECTED
 CVE-2021-30850 (An access issue was addressed with improved access restrictions. This  ...)
-	TODO: check
+	NOT-FOR-US: Apple
 CVE-2021-30849 (Multiple memory corruption issues were addressed with improved memory  ...)
-	TODO: check
+	NOT-FOR-US: Apple
 CVE-2021-30848 (A memory corruption issue was addressed with improved memory handling. ...)
-	TODO: check
+	NOT-FOR-US: Apple
 CVE-2021-30847 (This issue was addressed with improved checks. This issue is fixed in  ...)
-	TODO: check
+	NOT-FOR-US: Apple
 CVE-2021-30846 (A memory corruption issue was addressed with improved memory handling. ...)
-	TODO: check
+	NOT-FOR-US: Apple
 CVE-2021-30845 (An out-of-bounds read was addressed with improved bounds checking. Thi ...)
-	TODO: check
+	NOT-FOR-US: Apple
 CVE-2021-30844 (A logic issue was addressed with improved state management. This issue ...)
-	TODO: check
+	NOT-FOR-US: Apple
 CVE-2021-30843 (This issue was addressed with improved checks. This issue is fixed in  ...)
-	TODO: check
+	NOT-FOR-US: Apple
 CVE-2021-30842 (This issue was addressed with improved checks. This issue is fixed in  ...)
-	TODO: check
+	NOT-FOR-US: Apple
 CVE-2021-30841 (This issue was addressed with improved checks. This issue is fixed in  ...)
-	TODO: check
+	NOT-FOR-US: Apple
 CVE-2021-30840
 	RESERVED
 CVE-2021-30839
 	RESERVED
 CVE-2021-30838 (A memory corruption issue was addressed with improved memory handling. ...)
-	TODO: check
+	NOT-FOR-US: Apple
 CVE-2021-30837 (A memory consumption issue was addressed with improved memory handling ...)
-	TODO: check
+	NOT-FOR-US: Apple
 CVE-2021-30836
 	RESERVED
 CVE-2021-30835 (This issue was addressed with improved checks. This issue is fixed in  ...)
-	TODO: check
+	NOT-FOR-US: Apple
 CVE-2021-30834
 	RESERVED
 CVE-2021-30833
 	RESERVED
 CVE-2021-30832 (A memory corruption issue was addressed with improved state management ...)
-	TODO: check
+	NOT-FOR-US: Apple
 CVE-2021-30831
 	RESERVED
 CVE-2021-30830 (A memory corruption issue was addressed with improved memory handling. ...)
-	TODO: check
+	NOT-FOR-US: Apple
 CVE-2021-30829 (A URI parsing issue was addressed with improved parsing. This issue is ...)
-	TODO: check
+	NOT-FOR-US: Apple
 CVE-2021-30828 (This issue was addressed with improved checks. This issue is fixed in  ...)
-	TODO: check
+	NOT-FOR-US: Apple
 CVE-2021-30827 (A permissions issue existed. This issue was addressed with improved pe ...)
-	TODO: check
+	NOT-FOR-US: Apple
 CVE-2021-30826 (A logic issue was addressed with improved state management. This issue ...)
-	TODO: check
+	NOT-FOR-US: Apple
 CVE-2021-30825 (This issue was addressed with improved checks. This issue is fixed in  ...)
-	TODO: check
+	NOT-FOR-US: Apple
 CVE-2021-30824
 	RESERVED
 CVE-2021-30823
@@ -28025,9 +28025,9 @@ CVE-2021-30822
 CVE-2021-30821
 	RESERVED
 CVE-2021-30820 (A logic issue was addressed with improved state management. This issue ...)
-	TODO: check
+	NOT-FOR-US: Apple
 CVE-2021-30819 (An out-of-bounds read was addressed with improved input validation. Th ...)
-	TODO: check
+	NOT-FOR-US: Apple
 CVE-2021-30818
 	RESERVED
 CVE-2021-30817
@@ -28035,7 +28035,7 @@ CVE-2021-30817
 CVE-2021-30816
 	RESERVED
 CVE-2021-30815 (A lock screen issue allowed access to contacts on a locked device. Thi ...)
-	TODO: check
+	NOT-FOR-US: Apple
 CVE-2021-30814
 	RESERVED
 CVE-2021-30813
@@ -28043,15 +28043,15 @@ CVE-2021-30813
 CVE-2021-30812
 	RESERVED
 CVE-2021-30811 (This issue was addressed with improved checks. This issue is fixed in  ...)
-	TODO: check
+	NOT-FOR-US: Apple
 CVE-2021-30810 (An authorization issue was addressed with improved state management. T ...)
-	TODO: check
+	NOT-FOR-US: Apple
 CVE-2021-30809
 	RESERVED
 CVE-2021-30808
 	RESERVED
 CVE-2021-30807 (A memory corruption issue was addressed with improved memory handling. ...)
-	TODO: check
+	NOT-FOR-US: Apple
 CVE-2021-30806
 	RESERVED
 CVE-2021-30805 (A memory corruption issue was addressed with improved input validation ...)
@@ -29426,9 +29426,9 @@ CVE-2021-30318
 CVE-2021-30317
 	RESERVED
 CVE-2021-30316 (Possible out of bound memory access due to improper boundary check whi ...)
-	TODO: check
+	NOT-FOR-US: Snapdragon
 CVE-2021-30315 (Improper handling of sensor HAL structure in absence of sensor can lea ...)
-	TODO: check
+	NOT-FOR-US: Snapdragon
 CVE-2021-30314
 	RESERVED
 CVE-2021-30313
@@ -29450,7 +29450,7 @@ CVE-2021-30306 (Possible buffer over read due to improper buffer allocation for
 CVE-2021-30305 (Possible out of bound access due to lack of validation of page offset  ...)
 	NOT-FOR-US: Qualcomm components for Android
 CVE-2021-30304 (Possible buffer out of bound read can occur due to improper validation ...)
-	TODO: check
+	NOT-FOR-US: Snapdragon
 CVE-2021-30303
 	RESERVED
 CVE-2021-30302 (Improper authentication of EAP WAPI EAPOL frames from unauthenticated  ...)
@@ -32772,7 +32772,7 @@ CVE-2021-3456
 	RESERVED
 	- foreman <itp> (bug #663101)
 CVE-2021-28975 (WP Mailster 1.6.18.0 allows XSS when a victim opens a mail server's de ...)
-	TODO: check
+	NOT-FOR-US: WP Mailster
 CVE-2021-28974
 	RESERVED
 CVE-2021-28973 (The XML Import functionality of the Administration console in Perforce ...)
@@ -32832,9 +32832,9 @@ CVE-2021-28954 (In Chris Walz bit before 1.0.5 on Windows, attackers can run arb
 CVE-2021-28953 (The unofficial C/C++ Advanced Lint extension before 1.9.0 for Visual S ...)
 	NOT-FOR-US: unofficial C/C++ Advanced Lint extension for Visual Studio Code
 CVE-2021-3455 (Disconnecting L2CAP channel right after invalid ATT request leads free ...)
-	TODO: check
+	NOT-FOR-US: Zephyr, different from src:zephyr
 CVE-2021-3454 (Truncated L2CAP K-frame causes assertion failure. Zephyr versions &gt; ...)
-	TODO: check
+	NOT-FOR-US: Zephyr, different from src:zephyr
 CVE-2021-3453 (Some Lenovo Notebook, ThinkPad, and Lenovo Desktop systems have BIOS m ...)
 	NOT-FOR-US: Lenovo
 CVE-2021-3452 (A potential vulnerability in the system shutdown SMI callback function ...)
@@ -33982,7 +33982,7 @@ CVE-2021-28498 (In Arista's MOS (Metamako Operating System) software which is su
 CVE-2021-28497 (In Arista's MOS (Metamako Operating System) software which is supporte ...)
 	NOT-FOR-US: Arista
 CVE-2021-28496 (On systems running Arista EOS and CloudEOS with the affected release v ...)
-	TODO: check
+	NOT-FOR-US: Arista
 CVE-2021-28495 (In Arista's MOS (Metamako Operating System) software which is supporte ...)
 	NOT-FOR-US: Arista
 CVE-2021-28494 (In Arista's MOS (Metamako Operating System) software which is supporte ...)
@@ -35755,7 +35755,7 @@ CVE-2021-27748
 CVE-2021-27747
 	RESERVED
 CVE-2021-27746 ("HCL Connections Security Update for Reflected Cross-Site Scripting (X ...)
-	TODO: check
+	NOT-FOR-US: HCL
 CVE-2021-27745
 	RESERVED
 CVE-2021-27744
@@ -48920,7 +48920,7 @@ CVE-2021-22036 (VMware vRealize Orchestrator ((8.x prior to 8.6) contains an ope
 CVE-2021-22035 (VMware vRealize Log Insight (8.x prior to 8.6) contains a CSV(Comma Se ...)
 	NOT-FOR-US: VMware
 CVE-2021-22034 (Releases prior to VMware vRealize Operations Tenant App 8.6 contain an ...)
-	TODO: check
+	NOT-FOR-US: VMware
 CVE-2021-22033 (Releases prior to VMware vRealize Operations 8.6 contain a Server Side ...)
 	NOT-FOR-US: VMware
 CVE-2021-22032
@@ -53921,7 +53921,7 @@ CVE-2021-20122 (The Telus Wi-Fi Hub (PRV65B444A-S-TS) with firmware version 3.00
 CVE-2021-20121 (The Telus Wi-Fi Hub (PRV65B444A-S-TS) with firmware version 3.00.20 is ...)
 	NOT-FOR-US: Telus Wi-Fi Hub
 CVE-2021-20120 (The administration web interface for the Arris Surfboard SB8200 lacks  ...)
-	TODO: check
+	NOT-FOR-US: Arris Surfboard SB8200
 CVE-2021-20119
 	RESERVED
 CVE-2021-20118 (Nessus Agent 8.3.0 and earlier was found to contain a local privilege  ...)
@@ -54191,7 +54191,7 @@ CVE-2021-2473
 CVE-2021-2472
 	RESERVED
 CVE-2021-2471 (Vulnerability in the MySQL Connectors product of Oracle MySQL (compone ...)
-	TODO: check
+	NOT-FOR-US: Oracle
 CVE-2021-2470
 	RESERVED
 CVE-2021-2469
@@ -55244,14 +55244,14 @@ CVE-2021-1982
 CVE-2021-1981
 	RESERVED
 CVE-2021-1980 (Possible buffer over read due to lack of length check while parsing be ...)
-	TODO: check
+	NOT-FOR-US: Snapdragon
 CVE-2021-1979
 	RESERVED
 CVE-2021-1978
 	RESERVED
 	NOT-FOR-US: Qualcomm components for Android
 CVE-2021-1977 (Possible buffer over read due to improper validation of frame length w ...)
-	TODO: check
+	NOT-FOR-US: Snapdragon
 CVE-2021-1976 (A use after free can occur due to improper validation of P2P device ad ...)
 	NOT-FOR-US: Qualcomm components for Android
 CVE-2021-1975
@@ -56195,7 +56195,7 @@ CVE-2021-1531 (A vulnerability in the web UI of Cisco Modeling Labs could allow
 CVE-2021-1530 (A vulnerability in the web-based management interface of Cisco BroadWo ...)
 	NOT-FOR-US: Cisco
 CVE-2021-1529 (A vulnerability in the CLI of Cisco IOS XE SD-WAN Software could allow ...)
-	TODO: check
+	NOT-FOR-US: Cisco
 CVE-2021-1528 (A vulnerability in the CLI of Cisco SD-WAN Software could allow an aut ...)
 	NOT-FOR-US: Cisco
 CVE-2021-1527 (A vulnerability in Cisco Webex Player for Windows and MacOS could allo ...)