diff options
author | Salvatore Bonaccorso <carnil@debian.org> | 2021-10-28 22:41:10 +0200 |
---|---|---|
committer | Salvatore Bonaccorso <carnil@debian.org> | 2021-10-28 22:41:10 +0200 |
commit | cbee15e32eef0c7cf9d398fc5992667b9ce22ae4 (patch) | |
tree | cab37667463189fbb3dc696e6be58c101dd92209 | |
parent | d5ef8b3ee65b884986855861c922f300fed2207d (diff) |
Process several NFUs
-rw-r--r-- | data/CVE/list.2019 | 2 | ||||
-rw-r--r-- | data/CVE/list.2020 | 4 | ||||
-rw-r--r-- | data/CVE/list.2021 | 146 |
3 files changed, 76 insertions, 76 deletions
diff --git a/data/CVE/list.2019 b/data/CVE/list.2019 index 749ea5533e..2587524b3a 100644 --- a/data/CVE/list.2019 +++ b/data/CVE/list.2019 @@ -3266,7 +3266,7 @@ CVE-2019-19812 CVE-2019-19811 RESERVED CVE-2019-19810 (Zoom Call Recording 6.3.1 from ZOOM International is vulnerable to Jav ...) - TODO: check + NOT-FOR-US: Zoom CVE-2019-19809 RESERVED CVE-2019-3467 (Debian-edu-config all versions < 2.11.10, a set of configuration fi ...) diff --git a/data/CVE/list.2020 b/data/CVE/list.2020 index 6497496180..a7acd94c3f 100644 --- a/data/CVE/list.2020 +++ b/data/CVE/list.2020 @@ -20557,7 +20557,7 @@ CVE-2020-22314 CVE-2020-22313 RESERVED CVE-2020-22312 (A cross-site scripting (XSS) vulnerability was discovered in the OJ/ad ...) - TODO: check + NOT-FOR-US: HZNUOJ CVE-2020-22311 RESERVED CVE-2020-22310 @@ -54655,7 +54655,7 @@ CVE-2020-7877 (A buffer overflow issue was discovered in ZOOK solution(remote ad CVE-2020-7876 RESERVED CVE-2020-7875 (DEXT5 Upload 5.0.0.117 and earlier versions contain a vulnerability, w ...) - TODO: check + NOT-FOR-US: DEXT5 Upload CVE-2020-7874 (Download of code without integrity check vulnerability in NEXACRO14 Ru ...) NOT-FOR-US: NEXACRO14 Runtime ActiveX control of tobesoft CVE-2020-7873 (Download of code without integrity check vulnerability in ActiveX cont ...) diff --git a/data/CVE/list.2021 b/data/CVE/list.2021 index 6d6124e107..d9300823ca 100644 --- a/data/CVE/list.2021 +++ b/data/CVE/list.2021 @@ -2988,7 +2988,7 @@ CVE-2021-41730 CVE-2021-41729 (BaiCloud-cms v2.5.7 is affected by an arbitrary file deletion vulnerab ...) NOT-FOR-US: BaiCloud-cms CVE-2021-41728 (Cross Site Scripting (XSS) vulnerability exists in Sourcecodester News ...) - TODO: check + NOT-FOR-US: Sourcecodester CVE-2021-41727 RESERVED CVE-2021-41726 @@ -3208,7 +3208,7 @@ CVE-2021-41621 CVE-2021-41620 RESERVED CVE-2021-41619 (An issue was discovered in Gradle Enterprise before 2021.1.2. There is ...) - TODO: check + NOT-FOR-US: Gradle Enterprise CVE-2021-41618 RESERVED CVE-2021-41616 (Apache DB DdlUtils 1.0 included a BinaryObjectsHelper that was intende ...) @@ -3279,9 +3279,9 @@ CVE-2021-41592 (Blockstream c-lightning through 0.10.1 allows loss of funds beca CVE-2021-41591 (ACINQ Eclair before 0.6.3 allows loss of funds because of dust HTLC ex ...) NOT-FOR-US: ACINQ Eclair CVE-2021-41590 (In Gradle Enterprise through 2021.3, probing of the server-side networ ...) - TODO: check + NOT-FOR-US: Gradle Enterprise CVE-2021-41589 (In Gradle Enterprise before 2021.3 (and Enterprise Build Cache Node be ...) - TODO: check + NOT-FOR-US: Gradle Enterprise CVE-2021-41588 (In Gradle Enterprise before 2021.1.3, a crafted request can trigger de ...) NOT-FOR-US: Gradle Enterprise CVE-2021-41587 (In Gradle Enterprise before 2021.1.3, an attacker with the ability to ...) @@ -3356,7 +3356,7 @@ CVE-2021-3825 (On 2.1.15 version and below of Lider module in LiderAhenk softwar CVE-2021-3824 (OpenVPN Access Server 2.9.0 through 2.9.4 allow remote attackers to in ...) NOT-FOR-US: OpenVPN Access Server CVE-2021-3823 (Improper Limitation of a Pathname to a Restricted Directory ('Path Tra ...) - TODO: check + NOT-FOR-US: Bitdefender CVE-2021-3822 (jsoneditor is vulnerable to Inefficient Regular Expression Complexity ...) NOT-FOR-US: jsoneditor CVE-2021-41560 @@ -6624,7 +6624,7 @@ CVE-2021-3746 (A flaw was found in the libtpms code that may cause access beyond NOTE: https://github.com/stefanberger/libtpms/commit/ea62fd9679f8c6fc5e79471b33cfbd8227bfed72 (v0.6.6) TODO: check, might only affect the upstream stable-0.6 branch and not an issue in src:libtpms in any released version in Debian CVE-2021-3745 (flatcore-cms is vulnerable to Unrestricted Upload of File with Dangero ...) - TODO: check + NOT-FOR-US: flatcore-cms CVE-2021-3744 [crypto: ccp - fix resource leaks in ccp_run_aes_gcm_cmd()] RESERVED - linux 5.14.12-1 @@ -11988,7 +11988,7 @@ CVE-2021-37917 CVE-2021-37916 (Joplin before 2.0.9 allows XSS via button and form in the note body. ...) NOT-FOR-US: Joplin CVE-2021-37915 (An issue was discovered on the Grandstream HT801 Analog Telephone Adap ...) - TODO: check + NOT-FOR-US: Grandstream CVE-2021-37914 (In Argo Workflows through 3.1.3, if EXPRESSION_TEMPLATES is enabled an ...) NOT-FOR-US: Argo Workflows CVE-2021-37913 (The HGiga OAKlouds mobile portal does not filter special characters of ...) @@ -12357,7 +12357,7 @@ CVE-2021-37750 (The Key Distribution Center (KDC) in MIT Kerberos 5 (aka krb5) b CVE-2021-37749 (MapService.svc in Hexagon GeoMedia WebMap 2020 before Update 2 (aka 16 ...) NOT-FOR-US: Hexagon GeoMedia WebMap CVE-2021-37748 (Multiple buffer overflows in the limited configuration shell (/sbin/gs ...) - TODO: check + NOT-FOR-US: Grandstream CVE-2021-37747 RESERVED CVE-2021-37746 (textview_uri_security_check in textview.c in Claws Mail before 3.18.0, ...) @@ -13468,7 +13468,7 @@ CVE-2021-37256 CVE-2021-37255 RESERVED CVE-2021-37254 (In M-Files Web product with versions before 20.10.9524.1 and 20.10.944 ...) - TODO: check + NOT-FOR-US: M-Files CVE-2021-37253 RESERVED CVE-2021-37252 @@ -14047,41 +14047,41 @@ CVE-2021-37004 CVE-2021-37003 RESERVED CVE-2021-37002 (There is a Memory out-of-bounds access vulnerability in Huawei Smartph ...) - TODO: check + NOT-FOR-US: Huawei CVE-2021-37001 (There is a Register tampering vulnerability in Huawei Smartphone.Succe ...) - TODO: check + NOT-FOR-US: Huawei CVE-2021-37000 RESERVED CVE-2021-36999 (There is a Buffer overflow vulnerability in Huawei Smartphone.Successf ...) - TODO: check + NOT-FOR-US: Huawei CVE-2021-36998 (There is an Improper verification vulnerability in Huawei Smartphone.S ...) - TODO: check + NOT-FOR-US: Huawei CVE-2021-36997 (There is a Low memory error in Huawei Smartphone due to the unlimited ...) - TODO: check + NOT-FOR-US: Huawei CVE-2021-36996 (There is an Improper verification vulnerability in Huawei Smartphone.S ...) - TODO: check + NOT-FOR-US: Huawei CVE-2021-36995 (There is an Unauthorized file access vulnerability in Huawei Smartphon ...) - TODO: check + NOT-FOR-US: Huawei CVE-2021-36994 (There is a issue that trustlist strings being repeatedly inserted into ...) - TODO: check + NOT-FOR-US: Huawei CVE-2021-36993 (There is a Memory leaks vulnerability in Huawei Smartphone.Successful ...) - TODO: check + NOT-FOR-US: Huawei CVE-2021-36992 (There is a Public key verification vulnerability in Huawei Smartphone. ...) - TODO: check + NOT-FOR-US: Huawei CVE-2021-36991 (There is an Unauthorized file access vulnerability in Huawei Smartphon ...) - TODO: check + NOT-FOR-US: Huawei CVE-2021-36990 (There is a vulnerability of tampering with the kernel in Huawei Smartp ...) - TODO: check + NOT-FOR-US: Huawei CVE-2021-36989 (There is a Kernel crash vulnerability in Huawei Smartphone.Successful ...) - TODO: check + NOT-FOR-US: Huawei CVE-2021-36988 (There is a Parameter verification issue in Huawei Smartphone.Successfu ...) - TODO: check + NOT-FOR-US: Huawei CVE-2021-36987 (There is a issue that nodes in the linked list being freed for multipl ...) - TODO: check + NOT-FOR-US: Huawei CVE-2021-36986 (There is a vulnerability of tampering with the kernel in Huawei Smartp ...) - TODO: check + NOT-FOR-US: Huawei CVE-2021-36985 (There is a Code injection vulnerability in Huawei Smartphone.Successfu ...) - TODO: check + NOT-FOR-US: Huawei CVE-2021-36984 RESERVED CVE-2021-36983 (replay-sorcery-kms in Replay Sorcery 0.6.0 allows a local attacker to ...) @@ -21302,7 +21302,7 @@ CVE-2021-33808 CVE-2021-33807 (Cartadis Gespage through 8.2.1 allows Directory Traversal in gespage/d ...) NOT-FOR-US: Cartadis Gespage CVE-2021-3579 (Incorrect Default Permissions vulnerability in the bdservicehost.exe a ...) - TODO: check + NOT-FOR-US: Bitdefender CVE-2021-3578 [possible remote code execution in isync/mbsync] RESERVED - isync 1.3.0-2.2 (bug #989564) @@ -21316,7 +21316,7 @@ CVE-2021-33805 CVE-2021-3577 RESERVED CVE-2021-3576 (Execution with Unnecessary Privileges vulnerability in Bitdefender End ...) - TODO: check + NOT-FOR-US: Bitdefender CVE-2021-3575 [heap-buffer-overflow in color.c may lead to DoS] RESERVED - openjpeg2 <unfixed> (bug #989775) @@ -28423,7 +28423,7 @@ CVE-2021-30922 CVE-2021-30921 REJECTED CVE-2021-30920 (A permissions issue was addressed with improved validation. This issue ...) - TODO: check + NOT-FOR-US: Apple CVE-2021-30919 (An out-of-bounds write was addressed with improved input validation. T ...) TODO: check CVE-2021-30918 (A Lock Screen issue was addressed with improved state management. This ...) @@ -48554,27 +48554,27 @@ CVE-2021-22493 CVE-2021-22492 (An issue was discovered on Samsung mobile devices with O(8.x), P(9.0), ...) NOT-FOR-US: Samsung mobile devices CVE-2021-22491 (There is an Input verification vulnerability in Huawei Smartphone.Succ ...) - TODO: check + NOT-FOR-US: Huawei CVE-2021-22490 (There is a Permission verification vulnerability in Huawei Smartphone. ...) - TODO: check + NOT-FOR-US: Huawei CVE-2021-22489 RESERVED CVE-2021-22488 (There is an Unauthorized file access vulnerability in Huawei Smartphon ...) - TODO: check + NOT-FOR-US: Huawei CVE-2021-22487 (There is an Out-of-bounds read vulnerability in Huawei Smartphone. Suc ...) - TODO: check + NOT-FOR-US: Huawei CVE-2021-22486 (There is a issue of Unstandardized field names in Huawei Smartphone. S ...) - TODO: check + NOT-FOR-US: Huawei CVE-2021-22485 (There is a SSID vulnerability with Wi-Fi network connections in Huawei ...) - TODO: check + NOT-FOR-US: Huawei CVE-2021-22484 RESERVED CVE-2021-22483 (There is a issue of IP address spoofing in Huawei Smartphone. Successf ...) - TODO: check + NOT-FOR-US: Huawei CVE-2021-22482 (There is an Uninitialized variable vulnerability in Huawei Smartphone. ...) - TODO: check + NOT-FOR-US: Huawei CVE-2021-22481 (There is a Verification errors vulnerability in Huawei Smartphone.Succ ...) - TODO: check + NOT-FOR-US: Huawei CVE-2021-22480 RESERVED CVE-2021-22479 @@ -48586,57 +48586,57 @@ CVE-2021-22477 CVE-2021-22476 RESERVED CVE-2021-22475 (There is an Improper permission management vulnerability in Huawei Sma ...) - TODO: check + NOT-FOR-US: Huawei CVE-2021-22474 (There is an Out-of-bounds memory access in Huawei Smartphone.Successfu ...) - TODO: check + NOT-FOR-US: Huawei CVE-2021-22473 (There is an Authentication vulnerability in Huawei Smartphone.Successf ...) - TODO: check + NOT-FOR-US: Huawei CVE-2021-22472 (There is an Improper verification vulnerability in Huawei Smartphone.S ...) - TODO: check + NOT-FOR-US: Huawei CVE-2021-22471 (A component of the HarmonyOS has a NULL Pointer Dereference vulnerabil ...) - TODO: check + NOT-FOR-US: HarmonyOS CVE-2021-22470 (A component of the HarmonyOS has a Privileges Controls vulnerability. ...) - TODO: check + NOT-FOR-US: HarmonyOS CVE-2021-22469 (A component of the HarmonyOS has a Out-of-bounds Read vulnerability. L ...) - TODO: check + NOT-FOR-US: HarmonyOS CVE-2021-22468 (A component of the HarmonyOS has a Exposure of Sensitive Information t ...) - TODO: check + NOT-FOR-US: HarmonyOS CVE-2021-22467 (A component of the HarmonyOS has a Improper Input Validation vulnerabi ...) - TODO: check + NOT-FOR-US: HarmonyOS CVE-2021-22466 (A component of the HarmonyOS has a Use After Free vulnerability. Local ...) - TODO: check + NOT-FOR-US: HarmonyOS CVE-2021-22465 (A component of the HarmonyOS has a Heap-based Buffer Overflow vulnerab ...) - TODO: check + NOT-FOR-US: HarmonyOS CVE-2021-22464 (A component of the HarmonyOS has a Out-of-bounds Read vulnerability. L ...) - TODO: check + NOT-FOR-US: HarmonyOS CVE-2021-22463 (A component of the HarmonyOS has a Use After Free vulnerability . Loca ...) - TODO: check + NOT-FOR-US: HarmonyOS CVE-2021-22462 (A component of the HarmonyOS has a NULL Pointer Dereference vulnerabil ...) - TODO: check + NOT-FOR-US: HarmonyOS CVE-2021-22461 (A component of the HarmonyOS has a Allocation of Resources Without Lim ...) - TODO: check + NOT-FOR-US: HarmonyOS CVE-2021-22460 (A component of the HarmonyOS has a Insufficient Verification of Data A ...) - TODO: check + NOT-FOR-US: HarmonyOS CVE-2021-22459 (A component of the HarmonyOS has a NULL Pointer Dereference vulnerabil ...) - TODO: check + NOT-FOR-US: HarmonyOS CVE-2021-22458 (A component of the HarmonyOS has a Improper Restriction of Operations ...) - TODO: check + NOT-FOR-US: HarmonyOS CVE-2021-22457 (A component of the HarmonyOS has a Improper Input Validation vulnerabi ...) - TODO: check + NOT-FOR-US: HarmonyOS CVE-2021-22456 (A component of the HarmonyOS has a Data Processing Errors vulnerabilit ...) - TODO: check + NOT-FOR-US: HarmonyOS CVE-2021-22455 (A component of the HarmonyOS has a Integer Overflow or Wraparound vuln ...) - TODO: check + NOT-FOR-US: HarmonyOS CVE-2021-22454 (A component of the HarmonyOS has a External Control of System or Confi ...) - TODO: check + NOT-FOR-US: HarmonyOS CVE-2021-22453 (A component of the HarmonyOS has a Improper Input Validation vulnerabi ...) - TODO: check + NOT-FOR-US: HarmonyOS CVE-2021-22452 (A component of the HarmonyOS has a Improper Input Validation vulnerabi ...) - TODO: check + NOT-FOR-US: HarmonyOS CVE-2021-22451 (A component of the HarmonyOS has a Integer Overflow or Wraparound vuln ...) - TODO: check + NOT-FOR-US: HarmonyOS CVE-2021-22450 (A component of the HarmonyOS has a Incomplete Cleanup vulnerability. L ...) - TODO: check + NOT-FOR-US: HarmonyOS CVE-2021-22449 (There is a logic vulnerability in Elf-G10HN 1.0.0.608. An unauthentica ...) NOT-FOR-US: Elf-G10HN (Huawei) CVE-2021-22448 @@ -48664,7 +48664,7 @@ CVE-2021-22438 (There is a Memory Buffer Improper Operation Limit Vulnerability CVE-2021-22437 RESERVED CVE-2021-22436 (There is a Logic Bypass vulnerability in Huawei Smartphone.Successful ...) - TODO: check + NOT-FOR-US: Huawei CVE-2021-22435 (There is a Configuration Defect Vulnerability in Huawei Smartphone.Suc ...) NOT-FOR-US: Huawei CVE-2021-22434 @@ -48722,19 +48722,19 @@ CVE-2021-22409 (There is a denial of service vulnerability in some versions of M CVE-2021-22408 RESERVED CVE-2021-22407 (There is a Configuration defects in Huawei Smartphone.Successful explo ...) - TODO: check + NOT-FOR-US: Huawei CVE-2021-22406 (There is an Uncaught Exception vulnerability in Huawei Smartphone.Succ ...) - TODO: check + NOT-FOR-US: Huawei CVE-2021-22405 (There is a Configuration defects in Huawei Smartphone.Successful explo ...) - TODO: check + NOT-FOR-US: Huawei CVE-2021-22404 (There is a Directory traversal vulnerability in Huawei Smartphone.Succ ...) - TODO: check + NOT-FOR-US: Huawei CVE-2021-22403 (There is a vulnerability of hijacking unverified providers in Huawei S ...) - TODO: check + NOT-FOR-US: Huawei CVE-2021-22402 (There is a DoS vulnerability in Huawei Smartphone.Successful exploitat ...) - TODO: check + NOT-FOR-US: Huawei CVE-2021-22401 (There is a Remote DoS vulnerability in Huawei Smartphone.Successful ex ...) - TODO: check + NOT-FOR-US: Huawei CVE-2021-22400 (Some Huawei Smartphones has an insufficient input validation vulnerabi ...) NOT-FOR-US: Huawei CVE-2021-22399 (The Bluetooth function of some Huawei smartphones has a DoS vulnerabil ...) @@ -48980,7 +48980,7 @@ CVE-2021-22280 CVE-2021-22279 RESERVED CVE-2021-22278 (A certificate validation vulnerability in PCM600 Update Manager allows ...) - TODO: check + NOT-FOR-US: PCM600 Update Manager CVE-2021-22277 RESERVED CVE-2021-22276 (The vulnerability allows a successful attacker to bypass the integrity ...) |