From 5c250dbac1f968edb30f47182ad6c2444c0c7cb1 Mon Sep 17 00:00:00 2001 From: Moritz Muehlenhoff Date: Fri, 15 Oct 2021 13:10:26 +0200 Subject: new gitlab issues NFUs --- data/CVE/2020.list | 2 +- data/CVE/2021.list | 22 +++++++++++----------- 2 files changed, 12 insertions(+), 12 deletions(-) diff --git a/data/CVE/2020.list b/data/CVE/2020.list index 56931c400e..11f818aeac 100644 --- a/data/CVE/2020.list +++ b/data/CVE/2020.list @@ -19675,7 +19675,7 @@ CVE-2020-22726 CVE-2020-22725 RESERVED CVE-2020-22724 (A remote command execution vulnerability exists in add_server_service ...) - TODO: check + NOT-FOR-US: Mercury Router MER1200 CVE-2020-22723 (A cross-site scripting (XSS) vulnerability in Beijing Liangjing Zhiche ...) NOT-FOR-US: Beijing Liangjing Zhicheng Technology Co., Ltd ljcmsshop CVE-2020-22722 (Rapid Software LLC Rapid SCADA 5.8.0 is affected by a local privilege ...) diff --git a/data/CVE/2021.list b/data/CVE/2021.list index 004d383ed1..98f8c74b4d 100644 --- a/data/CVE/2021.list +++ b/data/CVE/2021.list @@ -47699,9 +47699,9 @@ CVE-2021-22264 (An issue has been discovered in GitLab affecting all versions st CVE-2021-22263 (An issue has been discovered in GitLab affecting all versions starting ...) - gitlab CVE-2021-22262 (Missing access control in GitLab version 13.10 and above with Jira Clo ...) - TODO: check + - gitlab CVE-2021-22261 (A stored Cross-Site Scripting vulnerability in the Jira integration in ...) - TODO: check + - gitlab CVE-2021-22260 RESERVED CVE-2021-22259 (A potential DOS vulnerability was discovered in GitLab EE starting wit ...) @@ -53206,19 +53206,19 @@ CVE-2021-20131 (ManageEngine ADManager Plus Build 7111 contains a post-authentic CVE-2021-20130 (ManageEngine ADManager Plus Build 7111 contains a post-authentication ...) NOT-FOR-US: ManageEngine ADManager Plus CVE-2021-20129 (An information disclosure vulnerability exists in Draytek VigorConnect ...) - TODO: check + NOT-FOR-US: Draytek CVE-2021-20128 (The Profile Name field in the floor plan (Network Menu) page in Drayte ...) - TODO: check + NOT-FOR-US: Draytek CVE-2021-20127 (An arbitrary file deletion vulnerability exists in the file delete fun ...) - TODO: check + NOT-FOR-US: Draytek CVE-2021-20126 (Draytek VigorConnect 1.6.0-B3 lacks cross-site request forgery protect ...) - TODO: check + NOT-FOR-US: Draytek CVE-2021-20125 (An arbitrary file upload and directory traversal vulnerability exists ...) - TODO: check + NOT-FOR-US: Draytek CVE-2021-20124 (A local file inclusion vulnerability exists in Draytek VigorConnect 1. ...) - TODO: check + NOT-FOR-US: Draytek CVE-2021-20123 (A local file inclusion vulnerability exists in Draytek VigorConnect 1. ...) - TODO: check + NOT-FOR-US: Draytek CVE-2021-20122 (The Telus Wi-Fi Hub (PRV65B444A-S-TS) with firmware version 3.00.20 is ...) NOT-FOR-US: Telus Wi-Fi Hub CVE-2021-20121 (The Telus Wi-Fi Hub (PRV65B444A-S-TS) with firmware version 3.00.20 is ...) @@ -57297,7 +57297,7 @@ CVE-2021-0690 (In ih264d_mark_err_slice_skip of ih264d_parse_pslice.c, there is CVE-2021-0689 (In RGB_to_BGR1_portable of SkSwizzler_opts.h, there is a possible out ...) NOT-FOR-US: Android media framework CVE-2021-0688 (In lockNow of PhoneWindowManager.java, there is a possible lock screen ...) - TODO: check + NOT-FOR-US: Android CVE-2021-0687 (In ellipsize of Layout.java, there is a possible ANR due to improper i ...) NOT-FOR-US: Android CVE-2021-0686 (In getDefaultSmsPackage of RoleManagerService.java, there is a possibl ...) @@ -57514,7 +57514,7 @@ CVE-2021-0585 (In beginWrite and beginRead of MessageQueueBase.h, there is a pos CVE-2021-0584 (In verifyBufferObject of Parcel.cpp, there is a possible out of bounds ...) NOT-FOR-US: Android CVE-2021-0583 (In onCreate of BluetoothPairingDialog, there is a possible way to enab ...) - TODO: check + NOT-FOR-US: Android CVE-2021-0582 (In wifi driver, there is a possible out of bounds read due to a missin ...) NOT-FOR-US: MediaTek components for Android CVE-2021-0581 (In wifi driver, there is a possible out of bounds read due to a missin ...) -- cgit v1.2.3