diff options
author | Salvatore Bonaccorso <carnil@debian.org> | 2021-01-20 09:15:31 +0100 |
---|---|---|
committer | Salvatore Bonaccorso <carnil@debian.org> | 2021-01-20 09:22:49 +0100 |
commit | ba51a3e3fc680e0c8aa0a137ab0361e35c4b8837 (patch) | |
tree | cdd45737d12a01a76b88d5bf5a9c7427f23891e1 | |
parent | 11cffb7d79e8ab6c0f75746aea9084a8ac27ae27 (diff) |
Process some NFUs
-rw-r--r-- | data/CVE/list | 48 |
1 files changed, 24 insertions, 24 deletions
diff --git a/data/CVE/list b/data/CVE/list index 099b1ab35c..929b702523 100644 --- a/data/CVE/list +++ b/data/CVE/list @@ -3555,7 +3555,7 @@ CVE-2021-23937 CVE-2021-3138 (In Discourse 2.7.0 through beta1, a rate-limit bypass leads to a bypas ...) NOT-FOR-US: Discourse CVE-2021-3137 (XWiki 12.10.2 allows XSS via an SVG document to the upload feature of ...) - TODO: check + NOT-FOR-US: XWiki CVE-2021-3136 RESERVED CVE-2021-3135 @@ -14035,9 +14035,9 @@ CVE-2020-35131 (Cockpit before 0.6.1 allows an attacker to inject custom PHP cod CVE-2020-35130 RESERVED CVE-2020-35129 (Mautic before 3.2.4 is affected by stored XSS. An attacker with access ...) - TODO: check + NOT-FOR-US: Mautic CVE-2020-35128 (Mautic before 3.2.4 is affected by stored XSS. An attacker with permis ...) - TODO: check + NOT-FOR-US: Mautic CVE-2020-35127 (Ignite Realtime Openfire 4.6.0 has plugins/bookmarks/create-bookmark.j ...) NOT-FOR-US: Ignite Realtime Openfire CVE-2020-35126 (** DISPUTED ** Typesetter CMS 5.x through 5.1 allows admins to conduct ...) @@ -15826,7 +15826,7 @@ CVE-2020-29599 (ImageMagick before 6.9.11-40 and 7.x before 7.0.10-40 mishandles NOTE: '-authenticate' replaced by '-define authenticate=' between 8787fc6de99078fde055bd400b14e1ce3a2971f9 (6.9.8-1) and 83ec5b above NOTE: - bimodal ('-define delegate:bimodal=true' + pdf->(e)ps delegates, %a expansion) after 78c7532f3ff5424de06e5d807cbb35c041bd2990 (6.9.4-2) CVE-2020-29598 (The My AIA SG application 1.2.6 for Android allows attackers to obtain ...) - TODO: check + NOT-FOR-US: My AIA SG application for Android CVE-2020-29597 (IncomCMS 2.0 has a modules/uploader/showcase/script.php insecure file ...) NOT-FOR-US: IncomCMS CVE-2020-29596 (MiniWeb HTTP server 0.8.19 allows remote attackers to cause a denial o ...) @@ -18096,7 +18096,7 @@ CVE-2020-28709 CVE-2020-28708 RESERVED CVE-2020-28707 (The Stockdio Historical Chart plugin before 2.8.1 for WordPress is aff ...) - TODO: check + NOT-FOR-US: Stockdio Historical Chart plugin for WordPress CVE-2020-28706 RESERVED CVE-2020-28705 @@ -22821,11 +22821,11 @@ CVE-2020-27854 CVE-2020-27853 (Wire before 2020-10-16 allows remote attackers to cause a denial of se ...) NOT-FOR-US: Wire app CVE-2020-27852 (A stored Cross-Site Scripting (XSS) vulnerability in the survey featur ...) - TODO: check + NOT-FOR-US: Rocketgenius Gravity Forms CVE-2020-27851 (Multiple stored HTML injection vulnerabilities in the "poll" and "quiz ...) - TODO: check + NOT-FOR-US: Rocketgenius Gravity Forms CVE-2020-27850 (A stored Cross-Site Scripting (XSS) vulnerability in forms import feat ...) - TODO: check + NOT-FOR-US: Rocketgenius Gravity Forms CVE-2020-27849 RESERVED CVE-2020-27848 (dotCMS before 20.10.1 allows SQL injection, as demonstrated by the /ap ...) @@ -24702,7 +24702,7 @@ CVE-2020-27278 CVE-2020-27277 (Delta Electronics DOPSoft Version 4.0.8.21 and prior has a null pointe ...) NOT-FOR-US: Delta Electronics DOPSoft CVE-2020-27276 (SOOIL Developments Co Ltd DiabecareRS,AnyDana-i & AnyDana-A, the c ...) - TODO: check + NOT-FOR-US: SOOIL Developments Co., Ltd. CVE-2020-27275 (Delta Electronics DOPSoft Version 4.0.8.21 and prior is vulnerable to ...) NOT-FOR-US: Delta Electronics DOPSoft CVE-2020-27274 @@ -24710,23 +24710,23 @@ CVE-2020-27274 CVE-2020-27273 RESERVED CVE-2020-27272 (SOOIL Developments CoLtd DiabecareRS, AnyDana-i, AnyDana-A, The commun ...) - TODO: check + NOT-FOR-US: SOOIL Developments Co., Ltd. CVE-2020-27271 RESERVED CVE-2020-27270 (SOOIL Developments CoLtd DiabecareRS, AnyDana-i ,AnyDana-A, communicat ...) - TODO: check + NOT-FOR-US: SOOIL Developments Co., Ltd. CVE-2020-27269 (In SOOIL Developments Co., Ltd Diabecare RS, AnyDana-i and AnyDana-A, ...) - TODO: check + NOT-FOR-US: SOOIL Developments Co., Ltd. CVE-2020-27268 (In SOOIL Developments Co., Ltd Diabecare RS, AnyDana-i and AnyDana-A, ...) - TODO: check + NOT-FOR-US: SOOIL Developments Co., Ltd. CVE-2020-27267 (KEPServerEX v6.0 to v6.9, ThingWorx Kepware Server v6.8 and v6.9, Thin ...) NOT-FOR-US: KEPServerEX CVE-2020-27266 (In SOOIL Developments Co., Ltd Diabecare RS, AnyDana-i and AnyDana-A, ...) - TODO: check + NOT-FOR-US: SOOIL Developments Co., Ltd. CVE-2020-27265 (KEPServerEX: v6.0 to v6.9, ThingWorx Kepware Server: v6.8 and v6.9, Th ...) NOT-FOR-US: KEPServerEX CVE-2020-27264 (In SOOIL Developments Co., Ltd Diabecare RS, AnyDana-i and AnyDana-A, ...) - TODO: check + NOT-FOR-US: SOOIL Developments Co., Ltd. CVE-2020-27263 (KEPServerEX: v6.0 to v6.9, ThingWorx Kepware Server: v6.8 and v6.9, Th ...) NOT-FOR-US: KEPServerEX CVE-2020-27262 (Innokas Yhtymä Oy Vital Signs Monitor VC150 prior to Version 1.7. ...) @@ -24738,11 +24738,11 @@ CVE-2020-27260 (Innokas Yhtymä Oy Vital Signs Monitor VC150 prior to Versio CVE-2020-27259 RESERVED CVE-2020-27258 (In SOOIL Developments Co., Ltd Diabecare RS, AnyDana-i and AnyDana-A, ...) - TODO: check + NOT-FOR-US: SOOIL Developments Co., Ltd. CVE-2020-27257 RESERVED CVE-2020-27256 (In SOOIL Developments Co., Ltd Diabecare RS, AnyDana-i and AnyDana-A, ...) - TODO: check + NOT-FOR-US: SOOIL Developments Co., Ltd. CVE-2020-27255 (A heap overflow vulnerability exists within FactoryTalk Linx Version 6 ...) NOT-FOR-US: FactoryTalk CVE-2020-27254 (Emerson Rosemount X-STREAM Gas AnalyzerX-STREAM enhanced XEGP, XEGK, X ...) @@ -41588,15 +41588,15 @@ CVE-2020-19366 CVE-2020-19365 RESERVED CVE-2020-19364 (OpenEMR 5.0.1 allows an authenticated attacker to upload and execute m ...) - TODO: check + NOT-FOR-US: OpenEMR CVE-2020-19363 (Vtiger CRM v7.2.0 allows an attacker to display hidden files, list dir ...) - TODO: check + NOT-FOR-US: Vtiger CRM CVE-2020-19362 (Reflected XSS in Vtiger CRM v7.2.0 in vtigercrm/index.php? through the ...) - TODO: check + NOT-FOR-US: Vtiger CRM CVE-2020-19361 (Reflected XSS in Medintux v2.16.000 CCAM.php by manipulating the mot1 ...) - TODO: check + NOT-FOR-US: Medintux CVE-2020-19360 (Local file inclusion in FHEM 6.0 allows in fhem/FileLog_logWrapper fil ...) - TODO: check + NOT-FOR-US: FHEM CVE-2020-19359 RESERVED CVE-2020-19358 @@ -56560,9 +56560,9 @@ CVE-2020-13136 (D-Link DSP-W215 1.26b03 devices send an obfuscated hash that can CVE-2020-13135 (D-Link DSP-W215 1.26b03 devices allow information disclosure by interc ...) NOT-FOR-US: D-Link CVE-2020-13134 (Tufin SecureChange prior to R19.3 HF3 and R20-1 HF1 are vulnerable to ...) - TODO: check + NOT-FOR-US: Tufin SecureChange CVE-2020-13133 (Tufin SecureChange prior to R19.3 HF3 and R20-1 HF1 are vulnerable to ...) - TODO: check + NOT-FOR-US: Tufin SecureChange CVE-2020-13132 (An issue was discovered in Yubico libykpiv before 2.1.0. An attacker c ...) - yubico-piv-tool 2.1.1-1 (bug #972644) [stretch] - yubico-piv-tool <not-affected> (Vulnerable code not present) |