From 23b0caaa943ad1ccd66f6445badff794584a258b Mon Sep 17 00:00:00 2001 From: Moritz Muehlenhoff Date: Fri, 15 Oct 2021 13:10:26 +0200 Subject: new gitlab issues NFUs --- data/CVE/list | 24 ++++++++++++------------ 1 file changed, 12 insertions(+), 12 deletions(-) diff --git a/data/CVE/list b/data/CVE/list index 490cf38716..b316508011 100644 --- a/data/CVE/list +++ b/data/CVE/list @@ -50146,9 +50146,9 @@ CVE-2021-22264 (An issue has been discovered in GitLab affecting all versions st CVE-2021-22263 (An issue has been discovered in GitLab affecting all versions starting ...) - gitlab CVE-2021-22262 (Missing access control in GitLab version 13.10 and above with Jira Clo ...) - TODO: check + - gitlab CVE-2021-22261 (A stored Cross-Site Scripting vulnerability in the Jira integration in ...) - TODO: check + - gitlab CVE-2021-22260 RESERVED CVE-2021-22259 (A potential DOS vulnerability was discovered in GitLab EE starting wit ...) @@ -57104,19 +57104,19 @@ CVE-2021-20131 (ManageEngine ADManager Plus Build 7111 contains a post-authentic CVE-2021-20130 (ManageEngine ADManager Plus Build 7111 contains a post-authentication ...) NOT-FOR-US: ManageEngine ADManager Plus CVE-2021-20129 (An information disclosure vulnerability exists in Draytek VigorConnect ...) - TODO: check + NOT-FOR-US: Draytek CVE-2021-20128 (The Profile Name field in the floor plan (Network Menu) page in Drayte ...) - TODO: check + NOT-FOR-US: Draytek CVE-2021-20127 (An arbitrary file deletion vulnerability exists in the file delete fun ...) - TODO: check + NOT-FOR-US: Draytek CVE-2021-20126 (Draytek VigorConnect 1.6.0-B3 lacks cross-site request forgery protect ...) - TODO: check + NOT-FOR-US: Draytek CVE-2021-20125 (An arbitrary file upload and directory traversal vulnerability exists ...) - TODO: check + NOT-FOR-US: Draytek CVE-2021-20124 (A local file inclusion vulnerability exists in Draytek VigorConnect 1. ...) - TODO: check + NOT-FOR-US: Draytek CVE-2021-20123 (A local file inclusion vulnerability exists in Draytek VigorConnect 1. ...) - TODO: check + NOT-FOR-US: Draytek CVE-2021-20122 (The Telus Wi-Fi Hub (PRV65B444A-S-TS) with firmware version 3.00.20 is ...) NOT-FOR-US: Telus Wi-Fi Hub CVE-2021-20121 (The Telus Wi-Fi Hub (PRV65B444A-S-TS) with firmware version 3.00.20 is ...) @@ -65478,7 +65478,7 @@ CVE-2021-0690 (In ih264d_mark_err_slice_skip of ih264d_parse_pslice.c, there is CVE-2021-0689 (In RGB_to_BGR1_portable of SkSwizzler_opts.h, there is a possible out ...) NOT-FOR-US: Android media framework CVE-2021-0688 (In lockNow of PhoneWindowManager.java, there is a possible lock screen ...) - TODO: check + NOT-FOR-US: Android CVE-2021-0687 (In ellipsize of Layout.java, there is a possible ANR due to improper i ...) NOT-FOR-US: Android CVE-2021-0686 (In getDefaultSmsPackage of RoleManagerService.java, there is a possibl ...) @@ -65695,7 +65695,7 @@ CVE-2021-0585 (In beginWrite and beginRead of MessageQueueBase.h, there is a pos CVE-2021-0584 (In verifyBufferObject of Parcel.cpp, there is a possible out of bounds ...) NOT-FOR-US: Android CVE-2021-0583 (In onCreate of BluetoothPairingDialog, there is a possible way to enab ...) - TODO: check + NOT-FOR-US: Android CVE-2021-0582 (In wifi driver, there is a possible out of bounds read due to a missin ...) NOT-FOR-US: MediaTek components for Android CVE-2021-0581 (In wifi driver, there is a possible out of bounds read due to a missin ...) @@ -80102,7 +80102,7 @@ CVE-2020-22726 CVE-2020-22725 RESERVED CVE-2020-22724 (A remote command execution vulnerability exists in add_server_service ...) - TODO: check + NOT-FOR-US: Mercury Router MER1200 CVE-2020-22723 (A cross-site scripting (XSS) vulnerability in Beijing Liangjing Zhiche ...) NOT-FOR-US: Beijing Liangjing Zhicheng Technology Co., Ltd ljcmsshop CVE-2020-22722 (Rapid Software LLC Rapid SCADA 5.8.0 is affected by a local privilege ...) -- cgit v1.2.3