From d1dd8f8bbd2f12ed362388e85f3735c9c12047c5 Mon Sep 17 00:00:00 2001 From: Neil Williams Date: Mon, 4 Jul 2022 13:40:26 +0100 Subject: Process some NFUs --- data/CVE/list | 22 +++++++++++----------- 1 file changed, 11 insertions(+), 11 deletions(-) diff --git a/data/CVE/list b/data/CVE/list index 19393f8aaa..bc6e96dc03 100644 --- a/data/CVE/list +++ b/data/CVE/list @@ -54752,7 +54752,7 @@ CVE-2021-3822 (jsoneditor is vulnerable to Inefficient Regular Expression Comple CVE-2021-41560 (OpenCATS through 0.9.6 allows remote attackers to execute arbitrary co ...) NOT-FOR-US: OpenCATS CVE-2021-41559 (Silverstripe silverstripe/framework 4.8.1 has a quadratic blowup in Co ...) - TODO: check + NOT-FOR-US: SilverStripe CMS CVE-2021-41558 (The set_user extension module before 3.0.0 for PostgreSQL allows Proce ...) NOT-FOR-US: set_user extension for Postgres CVE-2021-41557 (Sofico Miles RIA 2020.2 Build 127964T is affected by Stored Cross Site ...) @@ -54876,7 +54876,7 @@ CVE-2021-41508 CVE-2021-41507 RESERVED CVE-2021-41506 (Xiaongmai AHB7008T-MH-V2, AHB7804R-ELS, AHB7804R-MH-V2, AHB7808R-MS-V2 ...) - TODO: check + NOT-FOR-US: Xiaongmai CVE-2021-41505 RESERVED CVE-2021-41504 (** UNSUPPORTED WHEN ASSIGNED ** An Elevated Privileges issue exists in ...) @@ -57003,7 +57003,7 @@ CVE-2021-40665 CVE-2021-40664 RESERVED CVE-2021-40663 (deep.assign npm package 0.0.0-alpha.0 is vulnerable to Improperly Cont ...) - TODO: check + NOT-FOR-US: Node deep.assign CVE-2021-40662 (A Cross-Site Request Forgery (CSRF) in Chamilo LMS 1.11.14 allows atta ...) NOT-FOR-US: Chamilo LMS CVE-2021-40661 @@ -57049,9 +57049,9 @@ CVE-2021-40645 (An SQL Injection vulnerability exists in glorylion JFinalOA as o CVE-2021-40644 (An SQL Injection vulnerability exists in oasys oa_system as of 9/7/202 ...) NOT-FOR-US: oasys Office Automation system CVE-2021-40643 (EyesOfNetwork before 07-07-2021 has a Remote Code Execution vulnerabil ...) - TODO: check + NOT-FOR-US: EyesOfNetwork (EON) CVE-2021-40642 (Textpattern CMS v4.8.7 and older vulnerability exists through Sensitiv ...) - TODO: check + NOT-FOR-US: Textpattern CMS CVE-2021-40641 RESERVED CVE-2021-40640 @@ -57153,7 +57153,7 @@ CVE-2021-40599 CVE-2021-40598 RESERVED CVE-2021-40597 (The firmware of EDIMAX IC-3140W Version 3.11 is hardcoded with Adminis ...) - TODO: check + NOT-FOR-US: EDIMAX IC-3140W CVE-2021-40596 (SQL injection vulnerability in Login.php in sourcecodester Online Lear ...) NOT-FOR-US: Sourcecodester CVE-2021-40595 (SQL injection vulnerability in Sourcecodester Online Leave Management ...) @@ -64418,7 +64418,7 @@ CVE-2021-37793 CVE-2021-37792 RESERVED CVE-2021-37791 (MyAdmin v1.0 is affected by an incorrect access control vulnerability ...) - TODO: check + NOT-FOR-US: cdfan/my-admin CVE-2021-37790 RESERVED CVE-2021-37789 @@ -64444,7 +64444,7 @@ CVE-2021-37780 CVE-2021-37779 RESERVED CVE-2021-37778 (There is a buffer overflow in gps-sdr-sim v1.0 when parsing long comma ...) - TODO: check + NOT-FOR-US: osqzss/gps-sdr-sim CVE-2021-37777 (Gila CMS 2.2.0 is vulnerable to Insecure Direct Object Reference (IDOR ...) NOT-FOR-US: Gila CMS CVE-2021-37776 @@ -64460,7 +64460,7 @@ CVE-2021-37772 CVE-2021-37771 RESERVED CVE-2021-37770 (Nucleus CMS v3.71 is affected by a file upload vulnerability. In this ...) - TODO: check + NOT-FOR-US: Nucleus CMS CVE-2021-37769 RESERVED CVE-2021-37768 @@ -65122,7 +65122,7 @@ CVE-2021-37526 CVE-2021-37525 RESERVED CVE-2021-37524 (Cross Site Scripting (XSS) vulnerability in FusionPBX 4.5.26 allows re ...) - TODO: check + NOT-FOR-US: FusionPBX CVE-2021-37523 RESERVED CVE-2021-37522 @@ -74822,7 +74822,7 @@ CVE-2021-33475 CVE-2021-33474 RESERVED CVE-2021-33473 (An argument injection vulnerability in Dragonfly Ruby Gem v1.3.0 allow ...) - TODO: check + NOT-FOR-US: Dragonfly Ruby Gem CVE-2021-33472 RESERVED CVE-2021-33471 -- cgit v1.2.3