diff options
| author | Salvatore Bonaccorso <carnil@debian.org> | 2021-09-23 22:33:09 +0200 |
|---|---|---|
| committer | Salvatore Bonaccorso <carnil@debian.org> | 2021-09-23 22:33:09 +0200 |
| commit | dc54ad1f11cfb0b19bf6307f1a9774dc8a1d25f2 (patch) | |
| tree | f0dea9dd562aae6bee7349f0996ced5208fa533e /data | |
| parent | 90299ca4960a956cea9bc435cb369d0e37cacb1b (diff) | |
Process more NFUs
Diffstat (limited to 'data')
| -rw-r--r-- | data/CVE/list | 58 |
1 files changed, 29 insertions, 29 deletions
diff --git a/data/CVE/list b/data/CVE/list index 699ea99241..f1734ed5dc 100644 --- a/data/CVE/list +++ b/data/CVE/list @@ -307,7 +307,7 @@ CVE-2021-41430 CVE-2021-41429 RESERVED CVE-2021-41428 (Insecure permissions in Update Manager <= 5.8.0.2300 and DFL <= ...) - TODO: check + NOT-FOR-US: DATEV CVE-2021-41427 RESERVED CVE-2021-41426 @@ -402,7 +402,7 @@ CVE-2021-41383 (setup.cgi on NETGEAR R6020 1.0.0.48 devices allows an admin to e CVE-2021-41382 (Plastic SCM before 10.0.16.5622 mishandles the WebAdmin server managem ...) NOT-FOR-US: Plastic SCM CVE-2021-41381 (Payara Micro Community 5.2021.6 and below allows Directory Traversal. ...) - TODO: check + NOT-FOR-US: Payara Micro Community CVE-2021-3816 RESERVED CVE-2021-41380 (RealVNC Viewer 6.21.406 allows remote VNC servers to cause a denial of ...) @@ -10788,9 +10788,9 @@ CVE-2021-36875 CVE-2021-36874 RESERVED CVE-2021-36873 (Authenticated Persistent Cross-Site Scripting (XSS) vulnerability in W ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2021-36872 (Authenticated Persistent Cross-Site Scripting (XSS) vulnerability in W ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2021-36871 (Multiple Authenticated Persistent Cross-Site Scripting (XSS) vulnerabi ...) NOT-FOR-US: Wordpress plugin CVE-2021-36870 (Multiple Authenticated Persistent Cross-Site Scripting (XSS) vulnerabi ...) @@ -10888,7 +10888,7 @@ CVE-2021-36825 CVE-2021-36824 RESERVED CVE-2021-36823 (Authenticated Stored Cross-Site Scripting (XSS) vulnerability in WordP ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2021-36822 RESERVED CVE-2021-36821 @@ -35641,7 +35641,7 @@ CVE-2021-26796 CVE-2021-26795 RESERVED CVE-2021-26794 (Privilege escalation in 'upload.php' in FrogCMS SentCMS v0.9.5 allows ...) - TODO: check + NOT-FOR-US: FrogCMS SentCMS CVE-2021-26793 RESERVED CVE-2021-26792 @@ -44716,15 +44716,15 @@ CVE-2021-22955 CVE-2021-22954 RESERVED CVE-2021-22953 (A CSRF in Concrete CMS version 8.5.5 and below allows an attacker to c ...) - TODO: check + NOT-FOR-US: Concrete CMS CVE-2021-22952 (A vulnerability found in UniFi Talk application V1.12.3 and earlier pe ...) TODO: check CVE-2021-22951 RESERVED CVE-2021-22950 (Concrete CMS prior to 8.5.6 had a CSFR vulnerability allowing attachme ...) - TODO: check + NOT-FOR-US: Concrete CMS CVE-2021-22949 (A CSRF in Concrete CMS version 8.5.5 and below allows an attacker to d ...) - TODO: check + NOT-FOR-US: Concrete CMS CVE-2021-22948 (Vulnerability in the generation of session IDs in revive-adserver < ...) TODO: check CVE-2021-22947 [STARTTLS protocol injection via MITM] @@ -44755,7 +44755,7 @@ CVE-2021-22942 [ossible Open Redirect in Host Authorization Middleware] [stretch] - rails <not-affected> (Vulnerable code not present) NOTE: https://www.openwall.com/lists/oss-security/2021/08/20/1 CVE-2021-22941 (Improper Access Control in Citrix ShareFile storage zones controller b ...) - TODO: check + NOT-FOR-US: Citrix CVE-2021-22940 (Node.js before 16.6.1, 14.17.5, and 12.22.5 is vulnerable to a use aft ...) - nodejs 12.22.5~dfsg-1 [bullseye] - nodejs <not-affected> (Incomplete fix for CVE-2021-22930 not applied) @@ -46348,7 +46348,7 @@ CVE-2021-22278 CVE-2021-22277 RESERVED CVE-2021-22276 (The vulnerability allows a successful attacker to bypass the integrity ...) - TODO: check + NOT-FOR-US: ABB CVE-2021-22275 RESERVED CVE-2021-22274 @@ -46939,37 +46939,37 @@ CVE-2021-22022 (The vRealize Operations Manager API (8.x prior to 8.5) contains CVE-2021-22021 (VMware vRealize Log Insight (8.x prior to 8.4) contains a Cross Site S ...) NOT-FOR-US: VMware CVE-2021-22020 (The vCenter Server contains a denial-of-service vulnerability in the A ...) - TODO: check + NOT-FOR-US: VMWare CVE-2021-22019 (The vCenter Server contains a denial-of-service vulnerability in VAPI ...) - TODO: check + NOT-FOR-US: VMWare CVE-2021-22018 (The vCenter Server contains an arbitrary file deletion vulnerability i ...) - TODO: check + NOT-FOR-US: VMWare CVE-2021-22017 (Rhttproxy as used in vCenter Server contains a vulnerability due to im ...) - TODO: check + NOT-FOR-US: VMWare CVE-2021-22016 (The vCenter Server contains a reflected cross-site scripting vulnerabi ...) - TODO: check + NOT-FOR-US: VMWare CVE-2021-22015 (The vCenter Server contains multiple local privilege escalation vulner ...) - TODO: check + NOT-FOR-US: VMWare CVE-2021-22014 (The vCenter Server contains an authenticated code execution vulnerabil ...) - TODO: check + NOT-FOR-US: VMWare CVE-2021-22013 (The vCenter Server contains a file path traversal vulnerability leadin ...) - TODO: check + NOT-FOR-US: VMWare CVE-2021-22012 (The vCenter Server contains an information disclosure vulnerability du ...) - TODO: check + NOT-FOR-US: VMWare CVE-2021-22011 (vCenter Server contains an unauthenticated API endpoint vulnerability ...) - TODO: check + NOT-FOR-US: VMWare CVE-2021-22010 (The vCenter Server contains a denial-of-service vulnerability in VPXD ...) - TODO: check + NOT-FOR-US: VMWare CVE-2021-22009 (The vCenter Server contains multiple denial-of-service vulnerabilities ...) - TODO: check + NOT-FOR-US: VMWare CVE-2021-22008 (The vCenter Server contains an information disclosure vulnerability in ...) - TODO: check + NOT-FOR-US: VMWare CVE-2021-22007 (The vCenter Server contains a local information disclosure vulnerabili ...) - TODO: check + NOT-FOR-US: VMWare CVE-2021-22006 (The vCenter Server contains a reverse proxy bypass vulnerability due t ...) - TODO: check + NOT-FOR-US: VMWare CVE-2021-22005 (The vCenter Server contains an arbitrary file upload vulnerability in ...) - TODO: check + NOT-FOR-US: VMWare CVE-2021-22004 (An issue was discovered in SaltStack Salt before 3003.3. The salt mini ...) - salt <unfixed> (bug #994016) NOTE: https://saltproject.io/security_announcements/salt-security-advisory-2021-sep-02/ @@ -46995,7 +46995,7 @@ CVE-2021-21995 (OpenSLP as used in ESXi has a denial-of-service vulnerability du CVE-2021-21994 (SFCB (Small Footprint CIM Broker) as used in ESXi has an authenticatio ...) NOT-FOR-US: VMware CVE-2021-21993 (The vCenter Server contains an SSRF (Server Side Request Forgery) vuln ...) - TODO: check + NOT-FOR-US: VMWare CVE-2021-21992 (The vCenter Server contains a denial-of-service vulnerability due to i ...) NOT-FOR-US: VMware CVE-2021-21991 (The vCenter Server contains a local privilege escalation vulnerability ...) @@ -47171,7 +47171,7 @@ CVE-2021-21915 CVE-2021-21914 RESERVED CVE-2021-21913 (An information disclosure vulnerability exists in the WiFi Smart Mesh ...) - TODO: check + NOT-FOR-US: D-LINK CVE-2021-21912 RESERVED CVE-2021-21911 |