From 7ea0348c401d2ba0dba6d62636a71b5cbbc7d045 Mon Sep 17 00:00:00 2001 From: Moritz Muehlenhoff Date: Thu, 20 Jan 2022 14:23:27 +0100 Subject: NFUs --- data/CVE/list | 104 +++++++++++++++++++++++++++++----------------------------- 1 file changed, 52 insertions(+), 52 deletions(-) (limited to 'data/CVE') diff --git a/data/CVE/list b/data/CVE/list index f873af3fdf..7e9a91db7f 100644 --- a/data/CVE/list +++ b/data/CVE/list @@ -2127,9 +2127,9 @@ CVE-2022-23048 CVE-2022-23047 RESERVED CVE-2022-23046 (PhpIPAM v1.4.4 allows an authenticated admin user to inject SQL senten ...) - TODO: check + NOT-FOR-US: PhpIPAM CVE-2022-23045 (PhpIPAM v1.4.4 allows an authenticated admin user to inject persistent ...) - TODO: check + NOT-FOR-US: PhpIPAM CVE-2022-23044 RESERVED CVE-2022-23043 @@ -3020,7 +3020,7 @@ CVE-2022-22771 CVE-2022-22770 RESERVED CVE-2022-22769 (The Web server component of TIBCO Software Inc.'s TIBCO EBX, TIBCO EBX ...) - TODO: check + NOT-FOR-US: TIBCO CVE-2022-22768 RESERVED CVE-2022-22767 @@ -12743,19 +12743,19 @@ CVE-2022-21377 (Vulnerability in the Primavera Portfolio Management product of O CVE-2022-21376 (Vulnerability in the Primavera Portfolio Management product of Oracle ...) NOT-FOR-US: Oracle CVE-2022-21375 (Vulnerability in the Oracle Solaris product of Oracle Systems (compone ...) - TODO: check + NOT-FOR-US: Oracle CVE-2022-21374 (Vulnerability in the MySQL Server product of Oracle MySQL (component: ...) - mysql-8.0 CVE-2022-21373 (Vulnerability in the Oracle Partner Management product of Oracle E-Bus ...) - TODO: check + NOT-FOR-US: Oracle CVE-2022-21372 (Vulnerability in the MySQL Server product of Oracle MySQL (component: ...) - mysql-8.0 CVE-2022-21371 (Vulnerability in the Oracle WebLogic Server product of Oracle Fusion M ...) - TODO: check + NOT-FOR-US: Oracle CVE-2022-21370 (Vulnerability in the MySQL Server product of Oracle MySQL (component: ...) - mysql-8.0 CVE-2022-21369 (Vulnerability in the PeopleSoft Enterprise PeopleTools product of Orac ...) - TODO: check + NOT-FOR-US: Oracle CVE-2022-21368 (Vulnerability in the MySQL Server product of Oracle MySQL (component: ...) - mysql-8.0 CVE-2022-21367 (Vulnerability in the MySQL Server product of Oracle MySQL (component: ...) @@ -12769,19 +12769,19 @@ CVE-2022-21365 (Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise E - openjdk-11 11.0.14+9-1 - openjdk-17 CVE-2022-21364 (Vulnerability in the PeopleSoft Enterprise PeopleTools product of Orac ...) - TODO: check + NOT-FOR-US: Oracle CVE-2022-21363 (Vulnerability in the MySQL Connectors product of Oracle MySQL (compone ...) - mysql-8.0 CVE-2022-21362 (Vulnerability in the MySQL Server product of Oracle MySQL (component: ...) - mysql-8.0 CVE-2022-21361 (Vulnerability in the Oracle WebLogic Server product of Oracle Fusion M ...) - TODO: check + NOT-FOR-US: Oracle CVE-2022-21360 (Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition ...) - openjdk-8 - openjdk-11 11.0.14+9-1 - openjdk-17 CVE-2022-21359 (Vulnerability in the PeopleSoft Enterprise PeopleTools product of Orac ...) - TODO: check + NOT-FOR-US: Oracle CVE-2022-21358 (Vulnerability in the MySQL Server product of Oracle MySQL (component: ...) - mysql-8.0 CVE-2022-21357 (Vulnerability in the MySQL Cluster product of Oracle MySQL (component: ...) @@ -12791,25 +12791,25 @@ CVE-2022-21356 (Vulnerability in the MySQL Cluster product of Oracle MySQL (comp CVE-2022-21355 (Vulnerability in the MySQL Cluster product of Oracle MySQL (component: ...) NOT-FOR-US: MySQL Cluster CVE-2022-21354 (Vulnerability in the Oracle iStore product of Oracle E-Business Suite ...) - TODO: check + NOT-FOR-US: Oracle CVE-2022-21353 (Vulnerability in the Oracle WebLogic Server product of Oracle Fusion M ...) - TODO: check + NOT-FOR-US: Oracle CVE-2022-21352 (Vulnerability in the MySQL Server product of Oracle MySQL (component: ...) - mysql-8.0 CVE-2022-21351 (Vulnerability in the MySQL Server product of Oracle MySQL (component: ...) - mysql-8.0 CVE-2022-21350 (Vulnerability in the Oracle WebLogic Server product of Oracle Fusion M ...) - TODO: check + NOT-FOR-US: Oracle CVE-2022-21349 (Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition ...) - openjdk-8 CVE-2022-21348 (Vulnerability in the MySQL Server product of Oracle MySQL (component: ...) - mysql-8.0 CVE-2022-21347 (Vulnerability in the Oracle WebLogic Server product of Oracle Fusion M ...) - TODO: check + NOT-FOR-US: Oracle CVE-2022-21346 (Vulnerability in the Oracle BI Publisher product of Oracle Fusion Midd ...) - TODO: check + NOT-FOR-US: Oracle CVE-2022-21345 (Vulnerability in the PeopleSoft Enterprise PeopleTools product of Orac ...) - TODO: check + NOT-FOR-US: Oracle CVE-2022-21344 (Vulnerability in the MySQL Server product of Oracle MySQL (component: ...) - mysql-5.7 - mysql-8.0 @@ -12828,7 +12828,7 @@ CVE-2022-21340 (Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise E CVE-2022-21339 (Vulnerability in the MySQL Server product of Oracle MySQL (component: ...) - mysql-8.0 CVE-2022-21338 (Vulnerability in the Oracle Communications Convergence product of Orac ...) - TODO: check + NOT-FOR-US: Oracle CVE-2022-21337 (Vulnerability in the MySQL Cluster product of Oracle MySQL (component: ...) NOT-FOR-US: MySQL Cluster CVE-2022-21336 (Vulnerability in the MySQL Cluster product of Oracle MySQL (component: ...) @@ -12892,7 +12892,7 @@ CVE-2022-21308 (Vulnerability in the MySQL Cluster product of Oracle MySQL (comp CVE-2022-21307 (Vulnerability in the MySQL Cluster product of Oracle MySQL (component: ...) NOT-FOR-US: MySQL Cluster CVE-2022-21306 (Vulnerability in the Oracle WebLogic Server product of Oracle Fusion M ...) - TODO: check + NOT-FOR-US: Oracle CVE-2022-21305 (Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition ...) - openjdk-8 - openjdk-11 11.0.14+9-1 @@ -12908,13 +12908,13 @@ CVE-2022-21302 (Vulnerability in the MySQL Server product of Oracle MySQL (compo CVE-2022-21301 (Vulnerability in the MySQL Server product of Oracle MySQL (component: ...) - mysql-8.0 CVE-2022-21300 (Vulnerability in the PeopleSoft Enterprise CS SA Integration Pack prod ...) - TODO: check + NOT-FOR-US: Oracle CVE-2022-21299 (Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition ...) - openjdk-8 - openjdk-11 11.0.14+9-1 - openjdk-17 CVE-2022-21298 (Vulnerability in the Oracle Solaris product of Oracle Systems (compone ...) - TODO: check + NOT-FOR-US: Oracle CVE-2022-21297 (Vulnerability in the MySQL Server product of Oracle MySQL (component: ...) - mysql-8.0 CVE-2022-21296 (Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition ...) @@ -12932,7 +12932,7 @@ CVE-2022-21293 (Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise E - openjdk-11 11.0.14+9-1 - openjdk-17 CVE-2022-21292 (Vulnerability in the Oracle WebLogic Server product of Oracle Fusion M ...) - TODO: check + NOT-FOR-US: Oracle CVE-2022-21291 (Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition ...) - openjdk-8 - openjdk-11 11.0.14+9-1 @@ -12959,7 +12959,7 @@ CVE-2022-21282 (Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise E - openjdk-11 11.0.14+9-1 - openjdk-17 CVE-2022-21281 (Vulnerability in the Primavera Portfolio Management product of Oracle ...) - TODO: check + NOT-FOR-US: Oracle CVE-2022-21280 (Vulnerability in the MySQL Cluster product of Oracle MySQL (component: ...) NOT-FOR-US: MySQL Cluster CVE-2022-21279 (Vulnerability in the MySQL Cluster product of Oracle MySQL (component: ...) @@ -12970,15 +12970,15 @@ CVE-2022-21277 (Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise E - openjdk-11 11.0.14+9-1 - openjdk-17 CVE-2022-21276 (Vulnerability in the Oracle Communications Billing and Revenue Managem ...) - TODO: check + NOT-FOR-US: Oracle CVE-2022-21275 (Vulnerability in the Oracle Communications Billing and Revenue Managem ...) - TODO: check + NOT-FOR-US: Oracle CVE-2022-21274 (Vulnerability in the Oracle Sourcing product of Oracle E-Business Suit ...) - TODO: check + NOT-FOR-US: Oracle CVE-2022-21273 (Vulnerability in the Oracle Project Costing product of Oracle E-Busine ...) - TODO: check + NOT-FOR-US: Oracle CVE-2022-21272 (Vulnerability in the PeopleSoft Enterprise PeopleTools product of Orac ...) - TODO: check + NOT-FOR-US: Oracle CVE-2022-21271 (Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition ...) - openjdk-8 (Seems specific to Oracle Java) - openjdk-11 (Seems specific to Oracle Java) @@ -12986,45 +12986,45 @@ CVE-2022-21270 (Vulnerability in the MySQL Server product of Oracle MySQL (compo - mysql-5.7 - mysql-8.0 CVE-2022-21269 (Vulnerability in the Primavera Portfolio Management product of Oracle ...) - TODO: check + NOT-FOR-US: Oracle CVE-2022-21268 (Vulnerability in the Oracle Communications Billing and Revenue Managem ...) - TODO: check + NOT-FOR-US: Oracle CVE-2022-21267 (Vulnerability in the Oracle Communications Billing and Revenue Managem ...) - TODO: check + NOT-FOR-US: Oracle CVE-2022-21266 (Vulnerability in the Oracle Communications Billing and Revenue Managem ...) - TODO: check + NOT-FOR-US: Oracle CVE-2022-21265 (Vulnerability in the MySQL Server product of Oracle MySQL (component: ...) - mysql-8.0 CVE-2022-21264 (Vulnerability in the MySQL Server product of Oracle MySQL (component: ...) - mysql-8.0 CVE-2022-21263 (Vulnerability in the Oracle Solaris product of Oracle Systems (compone ...) - TODO: check + NOT-FOR-US: Oracle CVE-2022-21262 (Vulnerability in the Oracle WebLogic Server product of Oracle Fusion M ...) - TODO: check + NOT-FOR-US: Oracle CVE-2022-21261 (Vulnerability in the Oracle WebLogic Server product of Oracle Fusion M ...) - TODO: check + NOT-FOR-US: Oracle CVE-2022-21260 (Vulnerability in the Oracle WebLogic Server product of Oracle Fusion M ...) - TODO: check + NOT-FOR-US: Oracle CVE-2022-21259 (Vulnerability in the Oracle WebLogic Server product of Oracle Fusion M ...) - TODO: check + NOT-FOR-US: Oracle CVE-2022-21258 (Vulnerability in the Oracle WebLogic Server product of Oracle Fusion M ...) - TODO: check + NOT-FOR-US: Oracle CVE-2022-21257 (Vulnerability in the Oracle WebLogic Server product of Oracle Fusion M ...) - TODO: check + NOT-FOR-US: Oracle CVE-2022-21256 (Vulnerability in the MySQL Server product of Oracle MySQL (component: ...) - mysql-8.0 CVE-2022-21255 (Vulnerability in the Oracle Configurator product of Oracle E-Business ...) - TODO: check + NOT-FOR-US: Oracle CVE-2022-21254 (Vulnerability in the MySQL Server product of Oracle MySQL (component: ...) - mysql-8.0 CVE-2022-21253 (Vulnerability in the MySQL Server product of Oracle MySQL (component: ...) - mysql-8.0 CVE-2022-21252 (Vulnerability in the Oracle WebLogic Server product of Oracle Fusion M ...) - TODO: check + NOT-FOR-US: Oracle CVE-2022-21251 (Vulnerability in the Oracle Installed Base product of Oracle E-Busines ...) - TODO: check + NOT-FOR-US: Oracle CVE-2022-21250 (Vulnerability in the Oracle Trade Management product of Oracle E-Busin ...) - TODO: check + NOT-FOR-US: Oracle CVE-2022-21249 (Vulnerability in the MySQL Server product of Oracle MySQL (component: ...) - mysql-8.0 CVE-2022-21248 (Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition ...) @@ -13032,18 +13032,18 @@ CVE-2022-21248 (Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise E - openjdk-11 11.0.14+9-1 - openjdk-17 CVE-2022-21247 (Vulnerability in the Core RDBMS component of Oracle Database Server. S ...) - TODO: check + NOT-FOR-US: Oracle CVE-2022-21246 (Vulnerability in the Oracle Communications Operations Monitor product ...) - TODO: check + NOT-FOR-US: Oracle CVE-2022-21245 (Vulnerability in the MySQL Server product of Oracle MySQL (component: ...) - mysql-5.7 - mysql-8.0 CVE-2022-21244 (Vulnerability in the Primavera Portfolio Management product of Oracle ...) - TODO: check + NOT-FOR-US: Oracle CVE-2022-21243 (Vulnerability in the Primavera Portfolio Management product of Oracle ...) - TODO: check + NOT-FOR-US: Oracle CVE-2022-21242 (Vulnerability in the Primavera Portfolio Management product of Oracle ...) - TODO: check + NOT-FOR-US: Oracle CVE-2021-43770 RESERVED CVE-2021-43769 @@ -16626,9 +16626,9 @@ CVE-2021-42751 CVE-2021-42750 RESERVED CVE-2021-42749 (In Beaver Themer, attackers can bypass conditional logic controls (for ...) - TODO: check + NOT-FOR-US: Beaver CVE-2021-42748 (In Beaver Builder through 2.5.0.3, attackers can bypass the visibility ...) - TODO: check + NOT-FOR-US: Beaver CVE-2021-42747 RESERVED CVE-2021-42745 @@ -19279,7 +19279,7 @@ CVE-2021-42140 CVE-2021-42139 (Deno Standard Modules before 0.107.0 allows Code Injection via an untr ...) NOT-FOR-US: Deno CVE-2021-42138 (A user of a machine protected by SafeNet Agent for Windows Logon may l ...) - TODO: check + NOT-FOR-US: SafeNet CVE-2021-42137 (An issue was discovered in Zammad before 5.0.1. In some cases, there i ...) - zammad (bug #841355) CVE-2021-42136 @@ -20761,9 +20761,9 @@ CVE-2021-41553 (** UNSUPPORTED WHEN ASSIGNED ** In ARCHIBUS Web Central 21.3.3.8 CVE-2021-41552 RESERVED CVE-2021-41551 (Leostream Connection Broker 9.0.40.17 allows administrators to conduct ...) - TODO: check + NOT-FOR-US: Leostream Connection Broker CVE-2021-41550 (Leostream Connection Broker 9.0.40.17 allows administrator to upload a ...) - TODO: check + NOT-FOR-US: Leostream Connection Broker CVE-2021-41549 RESERVED CVE-2021-41548 -- cgit v1.2.3