summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorSalvatore Bonaccorso <carnil@debian.org>2022-01-21 21:34:28 +0100
committerSalvatore Bonaccorso <carnil@debian.org>2022-01-21 21:34:28 +0100
commitc5dc006663a8169309899a6930c82372a740dba8 (patch)
treed2a0777117423f66b02f35debb4e1cce18d0f699
parent7428287ab693ac858b151469652c8128de6e5e2d (diff)
Process some NFUs
-rw-r--r--data/CVE/list62
1 files changed, 31 insertions, 31 deletions
diff --git a/data/CVE/list b/data/CVE/list
index 32a2727087..c447674dcd 100644
--- a/data/CVE/list
+++ b/data/CVE/list
@@ -265,7 +265,7 @@ CVE-2022-23730
CVE-2022-23729
RESERVED
CVE-2022-23728 (Attacker can reset the device with AT Command in the process of reboot ...)
- TODO: check
+ NOT-FOR-US: LG
CVE-2022-23727
RESERVED
CVE-2022-23726
@@ -1441,11 +1441,11 @@ CVE-2021-46311
CVE-2021-46310
RESERVED
CVE-2021-46309 (An SQL Injection vulnerability exists in Sourcecodester Employee and V ...)
- TODO: check
+ NOT-FOR-US: Sourcecodester
CVE-2021-46308 (An SQL Injection vulnerability exists in Sourcecodester Online Railway ...)
- TODO: check
+ NOT-FOR-US: Sourcecodester
CVE-2021-46307 (An SQL Injection vulnerability exists in Projectworlds Online Examinat ...)
- TODO: check
+ NOT-FOR-US: Projectworlds Online Examination System
CVE-2021-46306
RESERVED
CVE-2021-46305
@@ -2081,13 +2081,13 @@ CVE-2022-23131 (In the case of instances where the SAML SSO authentication is en
NOTE: https://support.zabbix.com/browse/ZBX-20350
TODO: check, possibly only affecting 5.4.0 onwards
CVE-2022-23130 (Buffer Over-read vulnerability in Mitsubishi Electric MC Works64 versi ...)
- TODO: check
+ NOT-FOR-US: Mitsubishi
CVE-2022-23129 (Plaintext Storage of a Password vulnerability in Mitsubishi Electric M ...)
- TODO: check
+ NOT-FOR-US: Mitsubishi
CVE-2022-23128 (Incomplete List of Disallowed Inputs vulnerability in Mitsubishi Elect ...)
- TODO: check
+ NOT-FOR-US: Mitsubishi
CVE-2022-23127 (Cross-site Scripting vulnerability in Mitsubishi Electric MC Works64 v ...)
- TODO: check
+ NOT-FOR-US: Mitsubishi
CVE-2022-23126
RESERVED
CVE-2022-0198 (corenlp is vulnerable to Improper Restriction of XML External Entity R ...)
@@ -2889,13 +2889,13 @@ CVE-2021-46203 (Taocms v3.0.2 was discovered to contain an arbitrary file read v
CVE-2021-46202
RESERVED
CVE-2021-46201 (An SQL Injection vulnerability exists in Sourcecodester Online Resort ...)
- TODO: check
+ NOT-FOR-US: Sourcecodester Online Resort Management System
CVE-2021-46200 (An SQL Injection vulnerability exists in Sourcecodester Simple Music C ...)
- TODO: check
+ NOT-FOR-US: Sourcecodester
CVE-2021-46199
RESERVED
CVE-2021-46198 (An SQL Injection vulnerability exists in Sourceodester Courier Managem ...)
- TODO: check
+ NOT-FOR-US: Sourcecodester
CVE-2021-46197
RESERVED
CVE-2021-46196
@@ -7034,7 +7034,7 @@ CVE-2021-4147 [deadlock and crash in libxl driver]
NOTE: https://gitlab.com/libvirt/libvirt/-/commit/5c5df5310f72be4878a71ace47074c54e0d1a27d
NOTE: https://gitlab.com/libvirt/libvirt/-/commit/a7a03324d86e111f81687b5315b8f296dde84340
CVE-2021-4146 (Business Logic Errors in GitHub repository pimcore/pimcore prior to 10 ...)
- TODO: check
+ NOT-FOR-US: pimcore
CVE-2021-4145 [NULL pointer dereference in mirror_wait_on_conflicts() in block/mirror.c]
RESERVED
- qemu 1:6.2+dfsg-1
@@ -7067,7 +7067,7 @@ CVE-2021-45444
CVE-2021-45443
RESERVED
CVE-2021-4143 (Cross-site Scripting (XSS) - Generic in GitHub repository bigbluebutto ...)
- TODO: check
+ NOT-FOR-US: BigBlueButton
CVE-2017-20010
RESERVED
NOT-FOR-US: MODX Revolution
@@ -8349,7 +8349,7 @@ CVE-2021-31558 (DIAEnergie Version 1.7.5 and prior is vulnerable to stored cross
CVE-2021-23228 (DIAEnergie Version 1.7.5 and prior is vulnerable to a reflected cross- ...)
NOT-FOR-US: DIAEnergie
CVE-2022-21933 (ASUS VivoMini/Mini PC device has an improper input validation vulnerab ...)
- TODO: check
+ NOT-FOR-US: ASUS
CVE-2022-21932 (Microsoft Dynamics 365 Customer Engagement Cross-Site Scripting Vulner ...)
NOT-FOR-US: Microsoft
CVE-2022-21931 (Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability. T ...)
@@ -9805,7 +9805,7 @@ CVE-2021-44595
CVE-2021-44594
RESERVED
CVE-2021-44593 (Simple College Website 1.0 is vulnerable to unauthenticated file uploa ...)
- TODO: check
+ NOT-FOR-US: Simple College Website
CVE-2021-44592
RESERVED
CVE-2021-44591 (In libming 0.4.8, the parseSWF_DEFINELOSSLESS2 function in util/parser ...)
@@ -10291,7 +10291,7 @@ CVE-2021-23223
CVE-2021-23179
RESERVED
CVE-2021-44464 (Vigilant Software Suite (Mastermed Dashboard) version 2.0.1.3 contains ...)
- TODO: check
+ NOT-FOR-US: Vigilant Software Suite (Mastermed Dashboard)
CVE-2021-44453 (mySCADA myPRO: Versions 8.20.0 and prior has a vulnerable debug interf ...)
NOT-FOR-US: mySCADA myPRO
CVE-2021-44451
@@ -10339,29 +10339,29 @@ CVE-2021-44431 (A vulnerability has been identified in JT Utilities (All version
CVE-2021-44430 (A vulnerability has been identified in JT Utilities (All versions &lt; ...)
NOT-FOR-US: Siemens
CVE-2021-43355 (Fresenius Kabi Vigilant Software Suite (Mastermed Dashboard) version 2 ...)
- TODO: check
+ NOT-FOR-US: Fresenius Kabi Vigilant Software Suite (Mastermed Dashboard)
CVE-2021-41835 (Fresenius Kabi Agilia Link + version 3.0 does not enforce transport la ...)
- TODO: check
+ NOT-FOR-US: Fresenius Kabi Agilia Link
CVE-2021-4035
RESERVED
CVE-2021-33848 (Fresenius Kabi Vigilant Software Suite (Mastermed Dashboard) version 2 ...)
- TODO: check
+ NOT-FOR-US: Fresenius Kabi Vigilant Software Suite (Mastermed Dashboard)
CVE-2021-33846 (Fresenius Kabi Vigilant Software Suite (Mastermed Dashboard) version 2 ...)
- TODO: check
+ NOT-FOR-US: Fresenius Kabi Vigilant Software Suite (Mastermed Dashboard)
CVE-2021-33843 (Fresenius Kabi Agilia Link + version 3.0 has a default configuration p ...)
- TODO: check
+ NOT-FOR-US: Fresenius Kabi Agilia Link
CVE-2021-31562 (The SSL/TLS configuration of Fresenius Kabi Agilia Link + version 3.0 ...)
- TODO: check
+ NOT-FOR-US: Fresenius Kabi Agilia Link
CVE-2021-23236 (Requests may be used to interrupt the normal operation of the device. ...)
TODO: check
CVE-2021-23233 (Sensitive endpoints in Fresenius Kabi Agilia Link+ v3.0 and prior can ...)
- TODO: check
+ NOT-FOR-US: Fresenius Kabi Agilia Link
CVE-2021-23207 (An attacker with physical access to the host can extract the secrets f ...)
- TODO: check
+ NOT-FOR-US: Fresenius Kabi Vigilant MasterMed
CVE-2021-23196 (The web application on Agilia Link+ version 3.0 implements authenticat ...)
- TODO: check
+ NOT-FOR-US: Agilia Link+
CVE-2021-23195 (Fresenius Kabi Vigilant Software Suite (Mastermed Dashboard) version 2 ...)
- TODO: check
+ NOT-FOR-US: Fresenius Kabi Vigilant Software Suite (Mastermed Dashboard)
CVE-2021-44429 (Serva 4.4.0 allows remote attackers to cause a denial of service (daem ...)
NOT-FOR-US: Serva
CVE-2021-44428 (Pinkie 2.15 allows remote attackers to cause a denial of service (daem ...)
@@ -11032,7 +11032,7 @@ CVE-2021-44197
CVE-2021-44196
RESERVED
CVE-2021-4016 (Rapid7 Insight Agent, versions prior to 3.1.3, suffer from an improper ...)
- TODO: check
+ NOT-FOR-US: Rapid7 Insight Agent
CVE-2021-4015 (firefly-iii is vulnerable to Cross-Site Request Forgery (CSRF) ...)
NOT-FOR-US: firefly-iii
CVE-2017-20008 (The myCred WordPress plugin before 1.7.8 does not sanitise and escape ...)
@@ -22650,7 +22650,7 @@ CVE-2021-40857 (Auerswald COMpact 5500R devices before 8.2B allow Privilege Esca
CVE-2021-40856 (Auerswald COMfortel 1400 IP and 2600 IP before 2.8G devices allow Auth ...)
NOT-FOR-US: Auerswald
CVE-2021-40855 (The EU Technical Specifications for Digital COVID Certificates before ...)
- TODO: check
+ NOT-FOR-US: EU Technical Specifications for Digital COVID Certificates
CVE-2021-40854 (AnyDesk before 6.2.6 and 6.3.x before 6.3.3 allows a local user to obt ...)
NOT-FOR-US: AnyDesk
CVE-2021-40853 (TCMAN GIM does not perform an authorization check when trying to acces ...)
@@ -23257,7 +23257,7 @@ CVE-2021-40597
CVE-2021-40596
RESERVED
CVE-2021-40595 (SQL injection vulnerability in Sourcecodester Online Leave Management ...)
- TODO: check
+ NOT-FOR-US: Sourcecodester
CVE-2021-40594
RESERVED
CVE-2021-40593
@@ -24158,7 +24158,7 @@ CVE-2021-40249
CVE-2021-40248
RESERVED
CVE-2021-40247 (SQL injection vulnerability in Sourcecodester Budget and Expense Track ...)
- TODO: check
+ NOT-FOR-US: Sourcecodester
CVE-2021-40246
RESERVED
CVE-2021-40245
@@ -36977,7 +36977,7 @@ CVE-2021-35005
CVE-2021-35004 (This vulnerability allows remote attackers to execute arbitrary code o ...)
TODO: check
CVE-2021-35003 (This vulnerability allows remote attackers to execute arbitrary code o ...)
- TODO: check
+ NOT-FOR-US: TP-Link
CVE-2021-35002
RESERVED
CVE-2021-35001

© 2014-2022 Faster IT GmbH | imprint | privacy policy