From 74b4270833cc35816c6485204cd8cc4074a97fe5 Mon Sep 17 00:00:00 2001 From: Salvatore Bonaccorso Date: Wed, 13 Oct 2021 22:47:32 +0200 Subject: Process more NFUs --- data/CVE/list | 56 ++++++++++++++++++++++++++++---------------------------- 1 file changed, 28 insertions(+), 28 deletions(-) (limited to 'data') diff --git a/data/CVE/list b/data/CVE/list index dda6cefac4..79850d7aec 100644 --- a/data/CVE/list +++ b/data/CVE/list @@ -39182,7 +39182,7 @@ CVE-2021-3332 (WPS Hide Login 1.6.1 allows remote attackers to bypass a protecti CVE-2021-3331 (WinSCP before 5.17.10 allows remote attackers to execute arbitrary pro ...) NOT-FOR-US: WinSCP CVE-2021-3330 (RCE/DOS: Linked-list corruption leading to large out-of-bounds write w ...) - TODO: check + NOT-FOR-US: Zephyr, different from src:zephyr CVE-2021-3329 RESERVED CVE-2021-3328 (An issue was discovered in Aprelium Abyss Web Server X1 2.12.1 and 2.1 ...) @@ -39261,11 +39261,11 @@ CVE-2021-3325 (Monitorix 3.13.0 allows remote attackers to bypass Basic Authenti CVE-2021-3324 RESERVED CVE-2021-3323 (Integer Underflow in 6LoWPAN IPHC Header Uncompression in Zephyr. Zeph ...) - TODO: check + NOT-FOR-US: Zephyr, different from src:zephyr CVE-2021-3322 (Unexpected Pointer Aliasing in IEEE 802154 Fragment Reassembly in Zeph ...) - TODO: check + NOT-FOR-US: Zephyr, different from src:zephyr CVE-2021-3321 (Integer Underflow in Zephyr in IEEE 802154 Fragment Reassembly Header ...) - TODO: check + NOT-FOR-US: Zephyr, different from src:zephyr CVE-2021-3320 (Type Confusion in 802154 ACK Frames Handling. Zephyr versions >= v2 ...) NOT-FOR-US: Zephyr, different from src:zephyr CVE-2021-3319 (DOS: Incorrect 802154 Frame Validation for Omitted Source / Dest Addre ...) @@ -46608,7 +46608,7 @@ CVE-2021-3059 CVE-2021-3058 RESERVED CVE-2021-3057 (A stack-based buffer overflow vulnerability exists in the Palo Alto Ne ...) - TODO: check + NOT-FOR-US: Palo Alto Networks CVE-2021-3056 RESERVED CVE-2021-3055 (An improper restriction of XML external entity (XXE) reference vulnera ...) @@ -49247,13 +49247,13 @@ CVE-2021-22038 CVE-2021-22037 RESERVED CVE-2021-22036 (VMware vRealize Orchestrator ((8.x prior to 8.6) contains an open redi ...) - TODO: check + NOT-FOR-US: VMware CVE-2021-22035 (VMware vRealize Log Insight (8.x prior to 8.6) contains a CSV(Comma Se ...) - TODO: check + NOT-FOR-US: VMware CVE-2021-22034 RESERVED CVE-2021-22033 (Releases prior to VMware vRealize Operations 8.6 contain a Server Side ...) - TODO: check + NOT-FOR-US: VMware CVE-2021-22032 RESERVED CVE-2021-22031 @@ -49455,9 +49455,9 @@ CVE-2021-21943 CVE-2021-21942 RESERVED CVE-2021-21941 (A use-after-free vulnerability exists in the pushMuxer CreatePushThrea ...) - TODO: check + NOT-FOR-US: Anker Eufy Homebase CVE-2021-21940 (A heap-based buffer overflow vulnerability exists in the pushMuxer pro ...) - TODO: check + NOT-FOR-US: Anker Eufy Homebase CVE-2021-21939 RESERVED CVE-2021-21938 @@ -53801,11 +53801,11 @@ CVE-2021-20836 CVE-2021-20835 RESERVED CVE-2021-20834 (Improper authorization in handler for custom URL scheme vulnerability ...) - TODO: check + NOT-FOR-US: Nike App CVE-2021-20833 (The SNKRDUNK Market Place App for iOS versions prior to 2.2.0 does not ...) - TODO: check + NOT-FOR-US: SNKRDUNK Market Place App CVE-2021-20832 (InBody App for iOS versions prior to 2.3.30 and InBody App for Android ...) - TODO: check + NOT-FOR-US: InBody App CVE-2021-20831 (Cross-site request forgery (CSRF) vulnerability in OG Tags versions pr ...) TODO: check CVE-2021-20830 @@ -53855,31 +53855,31 @@ CVE-2021-20809 (Cross-site scripting vulnerability in Create screens of Entry, P CVE-2021-20808 (Cross-site scripting vulnerability in Search screen of Movable Type (M ...) - movabletype-opensource CVE-2021-20807 (Cross-site scripting vulnerability in the management screen of Cybozu ...) - TODO: check + NOT-FOR-US: Cybozu CVE-2021-20806 (Open redirect vulnerability in Cybozu Remote Service 3.0.0 to 3.1.9 al ...) - TODO: check + NOT-FOR-US: Cybozu CVE-2021-20805 (Cross-site scripting vulnerability in the management screen of Cybozu ...) - TODO: check + NOT-FOR-US: Cybozu CVE-2021-20804 (Cybozu Remote Service 3.1.8 to 3.1.9 allows a remote authenticated att ...) - TODO: check + NOT-FOR-US: Cybozu CVE-2021-20803 (Operation restriction bypass in the management screen of Cybozu Remote ...) - TODO: check + NOT-FOR-US: Cybozu CVE-2021-20802 (HTTP header injection vulnerability in Cybozu Remote Service 3.1.8 to ...) - TODO: check + NOT-FOR-US: Cybozu CVE-2021-20801 (Cybozu Remote Service 3.1.8 to 3.1.9 allows a remote authenticated att ...) - TODO: check + NOT-FOR-US: Cybozu CVE-2021-20800 (Cross-site scripting vulnerability in the management screen of Cybozu ...) - TODO: check + NOT-FOR-US: Cybozu CVE-2021-20799 (Cross-site scripting vulnerability in the management screen of Cybozu ...) - TODO: check + NOT-FOR-US: Cybozu CVE-2021-20798 (Cross-site scripting vulnerability in the management screen of Cybozu ...) - TODO: check + NOT-FOR-US: Cybozu CVE-2021-20797 (Cross-site script inclusion vulnerability in the management screen of ...) - TODO: check + NOT-FOR-US: Cybozu CVE-2021-20796 (Directory traversal vulnerability in the management screen of Cybozu R ...) - TODO: check + NOT-FOR-US: Cybozu CVE-2021-20795 (Cross-site request forgery (CSRF) vulnerability in the management scre ...) - TODO: check + NOT-FOR-US: Cybozu CVE-2021-20794 RESERVED CVE-2021-20793 (Untrusted search path vulnerability in the installer of Sony Audio USB ...) @@ -55668,9 +55668,9 @@ CVE-2021-20133 CVE-2021-20132 RESERVED CVE-2021-20131 (ManageEngine ADManager Plus Build 7111 contains a post-authentication ...) - TODO: check + NOT-FOR-US: ManageEngine ADManager Plus CVE-2021-20130 (ManageEngine ADManager Plus Build 7111 contains a post-authentication ...) - TODO: check + NOT-FOR-US: ManageEngine ADManager Plus CVE-2021-20129 (An information disclosure vulnerability exists in Draytek VigorConnect ...) TODO: check CVE-2021-20128 (The Profile Name field in the floor plan (Network Menu) page in Drayte ...) -- cgit v1.2.3