From 9b97ac20dfaa3560f1dffb1586a5410566ed5cf9 Mon Sep 17 00:00:00 2001 From: Neil Williams Date: Fri, 20 May 2022 09:46:13 +0100 Subject: Process some NFUs --- data/CVE/list | 18 +++++++++--------- 1 file changed, 9 insertions(+), 9 deletions(-) diff --git a/data/CVE/list b/data/CVE/list index 29fe53980d..653c506db0 100644 --- a/data/CVE/list +++ b/data/CVE/list @@ -54672,7 +54672,7 @@ CVE-2021-37415 (Zoho ManageEngine ServiceDesk Plus before 11302 is vulnerable to CVE-2021-37414 (Zoho ManageEngine DesktopCentral before 10.0.709 allows anyone to get ...) NOT-FOR-US: Zoho ManageEngine CVE-2021-37413 (GRANDCOM DynWEB before 4.2 contains a SQL Injection vulnerability in t ...) - TODO: check + NOT-FOR-US: GRANDCOM DynWEB CVE-2021-37412 (The TechRadar app 1.1 for Confluence Server allows XSS via the Title f ...) NOT-FOR-US: TechRadar app for Confluence Server CVE-2021-37411 @@ -62499,7 +62499,7 @@ CVE-2021-34113 CVE-2021-34112 RESERVED CVE-2021-34111 (Thecus 4800Eco was discovered to contain a command injection vulnerabi ...) - TODO: check + NOT-FOR-US: Thecus NAS server N4800Eco CVE-2021-34110 (WinWaste.NET version 1.0.6183.16475 has incorrect permissions, allowin ...) NOT-FOR-US: WinWaste.NET CVE-2021-34109 @@ -65418,7 +65418,7 @@ CVE-2021-32936 (An out-of-bounds write issue exists in the DXF file-recovering p CVE-2021-32935 RESERVED CVE-2021-32934 (The affected ThroughTek P2P products (SDKs using versions before 3.1.5 ...) - TODO: check + NOT-FOR-US: ThroughTek P2P SDK CVE-2021-32933 (An attacker could leverage an API to pass along a malicious file that ...) NOT-FOR-US: Auvesy-MDT CVE-2021-32932 (The affected product is vulnerable to a SQL injection, which may allow ...) @@ -79819,7 +79819,7 @@ CVE-2021-27448 (A miscommunication in the file system allows adversaries with ac CVE-2021-27447 (Mesa Labs AmegaView version 3.0 is vulnerable to a command injection, ...) NOT-FOR-US: Mesa Labs CVE-2021-27446 (The Weintek cMT product line is vulnerable to code injection, which ma ...) - TODO: check + NOT-FOR-US: Weintek cMT gateway CVE-2021-27445 (Mesa Labs AmegaView Versions 3.0 and prior has insecure file permissio ...) NOT-FOR-US: Mesa Labs CVE-2021-27444 (The Weintek cMT product line is vulnerable to various improper access ...) @@ -136524,7 +136524,7 @@ CVE-2020-16237 (Philips SureSigns VS4, A.07.107 and prior. The product receives CVE-2020-16236 (FPWIN Pro is vulnerable to an out-of-bounds read vulnerability when a ...) NOT-FOR-US: FPWIN Pro CVE-2020-16235 (Inadequate encryption may allow the credentials used by Emerson OpenEn ...) - TODO: check + NOT-FOR-US: Emerson CVE-2020-16234 (In PLC WinProladder Version 3.28 and prior, a stack-based buffer overf ...) NOT-FOR-US: PLC WinProladder CVE-2020-16233 (An attacker could send a specially crafted packet that could have Code ...) @@ -136532,7 +136532,7 @@ CVE-2020-16233 (An attacker could send a specially crafted packet that could hav CVE-2020-16232 (In Yokogawa WideField3 R1.01 - R4.03, a buffer overflow could be cause ...) NOT-FOR-US: Yokogawa WideField3 CVE-2020-16231 (The affected Bachmann Electronic M-Base Controllers of version MSYS v1 ...) - TODO: check + NOT-FOR-US: Bachmann Electronic CVE-2020-16230 (All version of Ewon Flexy and Cosy prior to 14.1 use wildcards such as ...) NOT-FOR-US: HMS Networks CVE-2020-16229 (Advantech WebAccess HMI Designer, Versions 2.1.9.31 and prior. Process ...) @@ -136576,7 +136576,7 @@ CVE-2020-16211 (Advantech WebAccess HMI Designer, Versions 2.1.9.31 and prior. A CVE-2020-16210 (The affected product is vulnerable to reflected cross-site scripting, ...) NOT-FOR-US: N-Tron CVE-2020-16209 (A malicious attacker could exploit the interface of the Fieldcomm Grou ...) - TODO: check + NOT-FOR-US: Fieldcomm Group CVE-2020-16208 (The affected product is vulnerable to cross-site request forgery, whic ...) NOT-FOR-US: N-Tron CVE-2020-16207 (Advantech WebAccess HMI Designer, Versions 2.1.9.31 and prior. Multipl ...) @@ -141060,7 +141060,7 @@ CVE-2020-14498 (HMS Industrial Networks AB eCatcher all versions prior to 6.5.5. CVE-2020-14497 (Advantech iView, versions 5.6 and prior, contains multiple SQL injecti ...) NOT-FOR-US: Advantech CVE-2020-14496 (Successful exploitation of this vulnerability for multiple Mitsubishi ...) - TODO: check + NOT-FOR-US: Mitsubishi Electric CVE-2020-14495 REJECTED CVE-2020-14494 (OpenClinic GA versions 5.09.02 and 5.89.05b contain an authentication ...) @@ -169765,7 +169765,7 @@ CVE-2020-4109 CVE-2020-4108 RESERVED CVE-2020-4107 (HCL Domino is affected by an Insufficient Access Control vulnerability ...) - TODO: check + NOT-FOR-US: HCL Domino CVE-2020-4106 RESERVED CVE-2020-4105 -- cgit v1.2.3