From b41af3010e1b54b6b59f65e6a210dfea3959446c Mon Sep 17 00:00:00 2001 From: Neil Williams Date: Mon, 4 Jul 2022 12:06:48 +0100 Subject: Process some NFUs --- data/CVE/list | 26 +++++++++++++------------- 1 file changed, 13 insertions(+), 13 deletions(-) diff --git a/data/CVE/list b/data/CVE/list index 1f243f6888..0c94c1fa04 100644 --- a/data/CVE/list +++ b/data/CVE/list @@ -77544,7 +77544,7 @@ CVE-2021-32430 CVE-2021-32429 RESERVED CVE-2021-32428 (SQL Injection vulnerability in viaviwebtech Android EBook App (Books A ...) - TODO: check + NOT-FOR-US: viaviwebtech Android eBook app CVE-2021-32427 RESERVED CVE-2021-32426 (In TrendNet TW100-S4W1CA 2.3.32, it is possible to inject arbitrary Ja ...) @@ -88845,17 +88845,17 @@ CVE-2021-28153 (An issue was discovered in GNOME GLib before 2.66.8. When g_file [buster] - glib2.0 2.58.3-2+deb10u3 NOTE: https://gitlab.gnome.org/GNOME/glib/-/issues/2325 CVE-2021-3435 (Information leakage in le_ecred_conn_req(). Zephyr versions >= v2.4 ...) - TODO: check + NOT-FOR-US: zephyr-rtos CVE-2021-3434 (Stack based buffer overflow in le_ecred_conn_req(). Zephyr versions &g ...) - TODO: check + NOT-FOR-US: zephyr-rtos CVE-2021-3433 (Invalid channel map in CONNECT_IND results to Deadlock. Zephyr version ...) - TODO: check + NOT-FOR-US: zephyr-rtos CVE-2021-3432 (Invalid interval in CONNECT_IND leads to Division by Zero. Zephyr vers ...) - TODO: check + NOT-FOR-US: zephyr-rtos CVE-2021-3431 (Assertion reachable with repeated LL_FEATURE_REQ. Zephyr versions > ...) - TODO: check + NOT-FOR-US: zephyr-rtos CVE-2021-3430 (Assertion reachable with repeated LL_CONNECTION_PARAM_REQ. Zephyr vers ...) - TODO: check + NOT-FOR-US: zephyr-rtos CVE-2021-3429 RESERVED {DLA-2601-1} @@ -92496,17 +92496,17 @@ CVE-2021-26640 CVE-2021-26639 RESERVED CVE-2021-26638 (Improper Authentication vulnerability in S&D smarthome(smartcare) ...) - TODO: check + NOT-FOR-US: SmartHome Android app CVE-2021-26637 (There is no account authentication and permission check logic in the f ...) - TODO: check + NOT-FOR-US: SiHAS devices CVE-2021-26636 (Stored XSS and SQL injection vulnerability in MaxBoard could lead to o ...) - TODO: check + NOT-FOR-US: Maxboard CVE-2021-26635 (In the code that verifies the file size in the ark library, it is poss ...) - TODO: check + NOT-FOR-US: bandisoft ark library CVE-2021-26634 (SQL injection and file upload attacks are possible due to insufficient ...) - TODO: check + NOT-FOR-US: Maxboard CVE-2021-26633 (SQL injection and Local File Inclusion (LFI) vulnerabilities in MaxBoa ...) - TODO: check + NOT-FOR-US: Maxboard CVE-2021-26632 RESERVED CVE-2021-26631 (Improper input validation vulnerability in Mangboard commerce package ...) -- cgit v1.2.3