NFUs

1 files changed, 34 insertions, 34 deletions

diff --git a/data/CVE/list b/data/CVE/list
index b29326b094..0f828c20cf 100644
--- a/data/CVE/list
+++ b/data/CVE/list
@@ -89,9 +89,9 @@ CVE-2020-15602
 CVE-2020-15601
 	RESERVED
 CVE-2020-15600 (An issue was discovered in CMSUno before 1.6.1. uno.php allows CSRF to ...)
-	TODO: check
+	NOT-FOR-US: CMSUno
 CVE-2020-15599 (Victor CMS through 2019-02-28 allows XSS via the register.php user_fir ...)
-	TODO: check
+	NOT-FOR-US: Victor CMS
 CVE-2020-15598
 	RESERVED
 CVE-2020-15597
@@ -169,7 +169,7 @@ CVE-2020-15574 (SolarWinds Serv-U File Server before 15.2.1 mishandles the Same-
 CVE-2020-15573 (SolarWinds Serv-U File Server before 15.2.1 has a "Cross-script vulner ...)
 	NOT-FOR-US: SolarWinds Serv-U File Server
 CVE-2019-20896 (WebChess 1.0 allows SQL injection via the messageFrom, gameID, opponen ...)
-	TODO: check
+	NOT-FOR-US: WebChess
 CVE-2020-15572
 	RESERVED
 CVE-2020-15571
@@ -300,15 +300,15 @@ CVE-2020-15519
 CVE-2020-15518 (VeeamFSR.sys in Veeam Availability Suite before 10 and Veeam Backup &a ...)
 	NOT-FOR-US: Veeam
 CVE-2020-15517 (The ke_search (aka Faceted Search) extension through 2.8.2, and 3.x th ...)
-	TODO: check
+	NOT-FOR-US: Typo3 extension
 CVE-2020-15516 (The mm_forum extension through 1.9.5 for TYPO3 allows XSS that can be  ...)
-	TODO: check
+	NOT-FOR-US: Typo3 extension
 CVE-2020-15515 (The turn extension through 0.3.2 for TYPO3 allows Remote Code Executio ...)
-	TODO: check
+	NOT-FOR-US: Typo3 extension
 CVE-2020-15514 (The jh_captcha extension through 2.1.3, and 3.x through 3.0.2, for TYP ...)
-	TODO: check
+	NOT-FOR-US: Typo3 extension
 CVE-2020-15513 (The typo3_forum extension before 1.2.1 for TYPO3 has Incorrect Access  ...)
-	TODO: check
+	NOT-FOR-US: Typo3 extension
 CVE-2020-15512
 	RESERVED
 CVE-2020-15511
@@ -1204,7 +1204,7 @@ CVE-2020-15098
 CVE-2020-15097
 	RESERVED
 CVE-2020-15096 (In Electron before versions 6.1.1, 7.2.4, 8.2.4, and 9.0.0-beta21, the ...)
-	TODO: check
+	- electron <itp> (bug #842420)
 CVE-2020-15095 (Versions of the npm CLI prior to 6.14.6 are vulnerable to an informati ...)
 	TODO: check
 CVE-2020-15094
@@ -1331,25 +1331,25 @@ CVE-2020-15039
 CVE-2020-15038 (The SeedProd coming-soon plugin before 5.1.1 for WordPress allows XSS. ...)
 	NOT-FOR-US: WordPress plugin
 CVE-2020-15037 (NeDi 1.9C is vulnerable to cross-site scripting (XSS) attack. The appl ...)
-	TODO: check
+	NOT-FOR-US: NeDi
 CVE-2020-15036 (NeDi 1.9C is vulnerable to cross-site scripting (XSS) attack. The appl ...)
-	TODO: check
+	NOT-FOR-US: NeDi
 CVE-2020-15035 (NeDi 1.9C is vulnerable to cross-site scripting (XSS) attack. The appl ...)
-	TODO: check
+	NOT-FOR-US: NeDi
 CVE-2020-15034 (NeDi 1.9C is vulnerable to cross-site scripting (XSS) attack. The appl ...)
-	TODO: check
+	NOT-FOR-US: NeDi
 CVE-2020-15033 (NeDi 1.9C is vulnerable to cross-site scripting (XSS) attack. The appl ...)
-	TODO: check
+	NOT-FOR-US: NeDi
 CVE-2020-15032 (NeDi 1.9C is vulnerable to cross-site scripting (XSS) attack. The appl ...)
-	TODO: check
+	NOT-FOR-US: NeDi
 CVE-2020-15031 (NeDi 1.9C is vulnerable to cross-site scripting (XSS) attack. The appl ...)
-	TODO: check
+	NOT-FOR-US: NeDi
 CVE-2020-15030 (NeDi 1.9C is vulnerable to cross-site scripting (XSS) attack. The appl ...)
-	TODO: check
+	NOT-FOR-US: NeDi
 CVE-2020-15029 (NeDi 1.9C is vulnerable to cross-site scripting (XSS) attack. The appl ...)
-	TODO: check
+	NOT-FOR-US: NeDi
 CVE-2020-15028 (NeDi 1.9C is vulnerable to a cross-site scripting (XSS) attack. The ap ...)
-	TODO: check
+	NOT-FOR-US: NeDi
 CVE-2020-15027
 	RESERVED
 CVE-2020-15026 (Bludit 3.12.0 allows admins to use a /plugin-backup-download?file=../  ...)
@@ -1398,7 +1398,7 @@ CVE-2020-15010
 CVE-2020-15009
 	RESERVED
 CVE-2020-15008 (A SQLi exists in the probe code of all Connectwise Automate versions b ...)
-	TODO: check
+	NOT-FOR-US: Connectwise
 CVE-2020-15007 (A buffer overflow in the M_LoadDefaults function in m_misc.c in id Tec ...)
 	- rbdoom3bfg <unfixed> (unimportant)
 	NOTE: https://github.com/AXDOOMER/doom-vanille/commit/8a6d9a02fa991a91ff90ccdc73b5ceabaa6cb9ec
@@ -6808,7 +6808,7 @@ CVE-2020-12823 (OpenConnect 8.09 has a buffer overflow, causing a denial of serv
 CVE-2020-12822
 	RESERVED
 CVE-2020-12821 (Gossipsub 1.0 does not properly resist invalid message spam, such as a ...)
-	TODO: check
+	NOT-FOR-US: Gossipsub
 CVE-2020-12820
 	RESERVED
 CVE-2020-12819
@@ -7054,7 +7054,7 @@ CVE-2020-12738
 CVE-2020-12737 (An issue was discovered in Maxum Rumpus before 8.2.12 on macOS. Authen ...)
 	NOT-FOR-US: Maxum Rumpus
 CVE-2020-12736 (Code42 environments with on-premises server versions 7.0.4 and earlier ...)
-	TODO: check
+	NOT-FOR-US: Code42
 CVE-2020-12735 (reset.php in DomainMOD 4.13.0 uses insufficient entropy for password r ...)
 	NOT-FOR-US: DomainMOD
 CVE-2020-12734
@@ -9797,7 +9797,7 @@ CVE-2020-11884 (In the Linux kernel through 5.6.7 on the s390 platform, code exe
 CVE-2020-11883 (In Divante vue-storefront-api through 1.11.1 and storefront-api throug ...)
 	NOT-FOR-US: Divante vue-storefront-api
 CVE-2020-11882 (The O2 Business application 1.2.0 for Android exposes the canvasm.myo2 ...)
-	TODO: check
+	NOT-FOR-US: O2 Business
 CVE-2020-11881
 	RESERVED
 CVE-2020-11880 (An issue was discovered in KDE KMail before 19.12.3. By using the prop ...)
@@ -17204,9 +17204,9 @@ CVE-2020-9264 (ESET Archive Support Module before 1296 allows virus-detection by
 CVE-2020-9263
 	RESERVED
 CVE-2020-9262 (HUAWEI Mate 30 with versions earlier than 10.1.0.150(C00E136R5P3) have ...)
-	TODO: check
+	NOT-FOR-US: HUAWEI
 CVE-2020-9261 (HUAWEI Mate 30 with versions earlier than 10.1.0.150(C00E136R5P3) have ...)
-	TODO: check
+	NOT-FOR-US: HUAWEI
 CVE-2020-9260
 	RESERVED
 CVE-2020-9259
@@ -17276,7 +17276,7 @@ CVE-2020-9228
 CVE-2020-9227
 	RESERVED
 CVE-2020-9226 (HUAWEI P30 with versions earlier than 10.1.0.135(C00E135R2P11) have an ...)
-	TODO: check
+	NOT-FOR-US: HUAWEI
 CVE-2020-9225 (FusionSphere OpenStack 6.5.1 have an improper permissions management v ...)
 	TODO: check
 CVE-2020-9224
@@ -17528,7 +17528,7 @@ CVE-2020-9102
 CVE-2020-9101
 	RESERVED
 CVE-2020-9100 (Earlier than HiSuite 10.1.0.500 have a DLL hijacking vulnerability. Th ...)
-	TODO: check
+	NOT-FOR-US: Huawei
 CVE-2020-9099 (Huawei products IPS Module; NGFW Module; NIP6300; NIP6600; NIP6800; Se ...)
 	NOT-FOR-US: Huawei
 CVE-2020-9098 (Huawei OceanStor 5310 product with version of V500R007C60SPC100 has an ...)
@@ -18917,11 +18917,11 @@ CVE-2020-8523
 CVE-2020-8522
 	RESERVED
 CVE-2020-8521 (SQL injection with start and length parameters in Records.php for phpz ...)
-	TODO: check
+	NOT-FOR-US: phpzag
 CVE-2020-8520 (SQL injection in order and column parameters in Records.php for phpzag ...)
-	TODO: check
+	NOT-FOR-US: phpzag
 CVE-2020-8519 (SQL injection with the search parameter in Records.php for phpzag live ...)
-	TODO: check
+	NOT-FOR-US: phpzag
 CVE-2020-8518 (Horde Groupware Webmail Edition 5.2.22 allows injection of arbitrary P ...)
 	{DLA-2174-1}
 	- php-horde-data <unfixed> (bug #951537)
@@ -29696,13 +29696,13 @@ CVE-2020-4079
 CVE-2020-4078
 	RESERVED
 CVE-2020-4077 (In Electron before versions 7.2.4, 8.2.4, and 9.0.0-beta21, there is a ...)
-	TODO: check
+	- electron <itp> (bug #842420)
 CVE-2020-4076 (In Electron before versions 7.2.4, 8.2.4, and 9.0.0-beta21, there is a ...)
-	TODO: check
+	- electron <itp> (bug #842420)
 CVE-2020-4075 (In Electron before versions 7.2.4, 8.2.4, and 9.0.0-beta21, arbitrary  ...)
-	TODO: check
+	- electron <itp> (bug #842420)
 CVE-2020-4074 (In PrestaShop from version 1.5.0.0 and before version 1.7.6.6, the aut ...)
-	TODO: check
+	NOT-FOR-US: PrestaShop
 CVE-2020-4073
 	RESERVED
 CVE-2020-4072 (In generator-jhipster-kotlin version 1.6.0 log entries are created for ...)