diff options
author | Salvatore Bonaccorso <carnil@debian.org> | 2021-08-04 06:21:35 +0200 |
---|---|---|
committer | Salvatore Bonaccorso <carnil@debian.org> | 2021-08-04 06:21:35 +0200 |
commit | 234296727b55865a60bf91368fc23f7e8c09a136 (patch) | |
tree | fc9626ae58a09cca6137613d3eb86a9ff4aa142b | |
parent | e44e7ab7db047c2cacef5d8d674cbc4e60446931 (diff) |
Process NFUs
-rw-r--r-- | data/CVE/list.2017 | 2 | ||||
-rw-r--r-- | data/CVE/list.2019 | 2 | ||||
-rw-r--r-- | data/CVE/list.2021 | 66 |
3 files changed, 35 insertions, 35 deletions
diff --git a/data/CVE/list.2017 b/data/CVE/list.2017 index 53decb571a..226c625031 100644 --- a/data/CVE/list.2017 +++ b/data/CVE/list.2017 @@ -2075,7 +2075,7 @@ CVE-2017-18115 CVE-2017-18114 RESERVED CVE-2017-18113 (The DefaultOSWorkflowConfigurator class in Jira Server and Jira Data C ...) - TODO: check + NOT-FOR-US: Atlassian CVE-2017-18112 (Affected versions of Atlassian Fisheye allow remote attackers to view ...) NOT-FOR-US: Atlassian CVE-2017-18111 (The OAuthHelper in Atlassian Application Links before version 5.0.10, ...) diff --git a/data/CVE/list.2019 b/data/CVE/list.2019 index b40648c062..cc641c5d6e 100644 --- a/data/CVE/list.2019 +++ b/data/CVE/list.2019 @@ -17071,7 +17071,7 @@ CVE-2019-14455 CVE-2019-14454 (SuiteCRM 7.11.x and 7.10.x before 7.11.8 and 7.10.20 is vulnerable to ...) NOT-FOR-US: SuiteCRM CVE-2019-14453 (An issue was discovered in Comelit "App lejos de casa (web)" 2.8.0. It ...) - TODO: check + NOT-FOR-US: Comelit "App lejos de casa (web)" CVE-2019-14452 (Sigil before 0.9.16 is vulnerable to a directory traversal, allowing a ...) - sigil 0.9.16+dfsg-1 (bug #933797) [buster] - sigil <no-dsa> (Minor issue) diff --git a/data/CVE/list.2021 b/data/CVE/list.2021 index ff11dcc8ef..f3b73b6113 100644 --- a/data/CVE/list.2021 +++ b/data/CVE/list.2021 @@ -2637,11 +2637,11 @@ CVE-2021-36705 CVE-2021-36704 RESERVED CVE-2021-36703 (The "blog title" field in the "Settings" menu "config" page of "dashbo ...) - TODO: check + NOT-FOR-US: htmly CVE-2021-36702 (The "content" field in the "regular post" page of the "add content" me ...) - TODO: check + NOT-FOR-US: htmly CVE-2021-36701 (In htmly version 2.8.1, is vulnerable to an Arbitrary File Deletion on ...) - TODO: check + NOT-FOR-US: htmly CVE-2021-36700 RESERVED CVE-2021-36699 @@ -7156,7 +7156,7 @@ CVE-2021-34639 CVE-2021-34638 RESERVED CVE-2021-34637 (The Post Index WordPress plugin is vulnerable to Cross-Site Request Fo ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2021-34636 RESERVED CVE-2021-34635 (The Poll Maker WordPress plugin is vulnerable to Reflected Cross-Site ...) @@ -11315,7 +11315,7 @@ CVE-2021-32814 (Skytable is a NoSQL database with automated snapshots and TLS. V CVE-2021-32813 RESERVED CVE-2021-32812 (Monkshu is an enterprise application server for mobile apps (iOS and A ...) - TODO: check + NOT-FOR-US: Monkshu CVE-2021-32811 (Zope is an open-source web application server. Zope versions prior to ...) TODO: check CVE-2021-32810 (crossbeam-deque is a package of work-stealing deques for building task ...) @@ -11376,7 +11376,7 @@ CVE-2021-32789 (woocommerce-gutenberg-products-block is a feature plugin for Woo CVE-2021-32788 (Discourse is an open source discussion platform. In versions prior to ...) NOT-FOR-US: Discourse CVE-2021-32787 (Sourcegraph is a code search and navigation engine. Sourcegraph before ...) - TODO: check + NOT-FOR-US: Sourcegraph CVE-2021-32786 (mod_auth_openidc is an authentication/authorization module for the Apa ...) - libapache2-mod-auth-openidc 2.4.9-1 (bug #991582) [buster] - libapache2-mod-auth-openidc <no-dsa> (Minor issue) @@ -11416,7 +11416,7 @@ CVE-2021-32773 (Racket is a general-purpose programming language and an ecosyste [stretch] - racket <no-dsa> (Minor issue) NOTE: https://github.com/racket/racket/security/advisories/GHSA-cgrw-p7p7-937c CVE-2021-32772 (Poddycast is a podcast app made with Electron. Prior to version 0.8.1, ...) - TODO: check + NOT-FOR-US: Poddycast CVE-2021-32771 RESERVED CVE-2021-32770 (Gatsby is a framework for building websites. The gatsby-source-wordpre ...) @@ -13189,13 +13189,13 @@ CVE-2021-32021 CVE-2021-32020 (The kernel in Amazon Web Services FreeRTOS before 10.4.3 has insuffici ...) NOT-FOR-US: kernel in Amazon Web Services FreeRTOS CVE-2021-32019 (There is missing input validation of host names displayed in OpenWrt b ...) - TODO: check + NOT-FOR-US: OpenWrt CVE-2021-32018 (An issue was discovered in JUMP AMS 3.6.0.04.009-2487. The JUMP SOAP A ...) - TODO: check + NOT-FOR-US: JUMP AMS CVE-2021-32017 (An issue was discovered in JUMP AMS 3.6.0.04.009-2487. A JUMP SOAP end ...) - TODO: check + NOT-FOR-US: JUMP AMS CVE-2021-32016 (An issue was discovered in JUMP AMS 3.6.0.04.009-2487. A JUMP SOAP end ...) - TODO: check + NOT-FOR-US: JUMP AMS CVE-2021-32015 (In Nuvoton NPCT75x TPM 1.2 firmware 7.4.0.0, a local authenticated mal ...) NOT-FOR-US: Nuvoton NPCT75x TPM 1.2 firmware CVE-2021-32014 (SheetJS and SheetJS Pro through 0.16.9 allows attackers to cause a den ...) @@ -14538,9 +14538,9 @@ CVE-2021-31506 (This vulnerability allows remote attackers to disclose sensitive CVE-2021-31505 (This vulnerability allows attackers with physical access to escalate p ...) NOT-FOR-US: Arlo Q Plus CVE-2021-31504 (This vulnerability allows remote attackers to execute arbitrary code o ...) - TODO: check + NOT-FOR-US: OpenText Brava! Desktop CVE-2021-31503 (This vulnerability allows remote attackers to execute arbitrary code o ...) - TODO: check + NOT-FOR-US: OpenText Brava! Desktop CVE-2021-31502 (This vulnerability allows remote attackers to execute arbitrary code o ...) NOT-FOR-US: OpenText Brava! Desktop CVE-2021-31501 (This vulnerability allows remote attackers to disclose sensitive infor ...) @@ -23152,11 +23152,11 @@ CVE-2021-27956 (Zoho ManageEngine ADSelfService Plus before 6104 allows stored X CVE-2021-27955 RESERVED CVE-2021-27954 (A heap-based buffer overflow vulnerability exists on the ecobee3 lite ...) - TODO: check + NOT-FOR-US: ecobee3 CVE-2021-27953 (A NULL pointer dereference vulnerability exists on the ecobee3 lite 4. ...) - TODO: check + NOT-FOR-US: ecobee3 CVE-2021-27952 (Hardcoded default root credentials exist on the ecobee3 lite 4.5.81.20 ...) - TODO: check + NOT-FOR-US: ecobee3 CVE-2021-27951 RESERVED CVE-2021-27950 (A SQL injection vulnerability in azurWebEngine in Sita AzurCMS through ...) @@ -23191,9 +23191,9 @@ CVE-2021-3421 (A flaw was found in the RPM package in the read functionality. Th CVE-2021-27944 RESERVED CVE-2021-27943 (The pairing procedure used by the Vizio P65-F1 6.0.31.4-2 and E50x-E1 ...) - TODO: check + NOT-FOR-US: Vizio CVE-2021-27942 (Vizio P65-F1 6.0.31.4-2 and E50x-E1 10.0.31.4-2 Smart TVs allow a thre ...) - TODO: check + NOT-FOR-US: Vizio CVE-2021-27941 (Unconstrained Web access to the device's private encryption key in the ...) NOT-FOR-US: eWeLink mobile application CVE-2021-27940 (resources/public/js/orchestrator.js in openark orchestrator before 3.2 ...) @@ -31502,7 +31502,7 @@ CVE-2021-24373 (The WP Hardening – Fix Your WordPress Security WordPress p CVE-2021-24372 (The WP Hardening – Fix Your WordPress Security WordPress plugin ...) NOT-FOR-US: WordPress plugin CVE-2021-24371 (The Import feature of the RSVPMaker WordPress plugin before 8.7.3 (/wp ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2021-24370 (The Fancy Product Designer WordPress plugin before 4.6.9 allows unauth ...) NOT-FOR-US: WordPress plugin CVE-2021-24369 (In the GetPaid WordPress plugin before 2.3.4, users with the contribut ...) @@ -35869,31 +35869,31 @@ CVE-2021-22427 (There is a Heap-based Buffer Overflow Vulnerability in Huawei Sm CVE-2021-22426 RESERVED CVE-2021-22425 (A component of the HarmonyOS has a Double Free vulnerability. Local at ...) - TODO: check + NOT-FOR-US: HarmonyOS CVE-2021-22424 (A component of the HarmonyOS has a Kernel Memory Leakage Vulnerability ...) - TODO: check + NOT-FOR-US: HarmonyOS CVE-2021-22423 (A component of the HarmonyOS has a Out-of-bounds Write Vulnerability. ...) - TODO: check + NOT-FOR-US: HarmonyOS CVE-2021-22422 (A component of the HarmonyOS has a Integer Overflow or Wraparound vuln ...) - TODO: check + NOT-FOR-US: HarmonyOS CVE-2021-22421 (A component of the HarmonyOS has a Improper Privilege Management vulne ...) - TODO: check + NOT-FOR-US: HarmonyOS CVE-2021-22420 (A component of the HarmonyOS has a External Control of System or Confi ...) - TODO: check + NOT-FOR-US: HarmonyOS CVE-2021-22419 (A component of the HarmonyOS has a Insufficient Verification of Data A ...) - TODO: check + NOT-FOR-US: HarmonyOS CVE-2021-22418 (A component of the HarmonyOS has a Integer Overflow or Wraparound vuln ...) - TODO: check + NOT-FOR-US: HarmonyOS CVE-2021-22417 (A component of the HarmonyOS has a Data Processing Errors vulnerabilit ...) - TODO: check + NOT-FOR-US: HarmonyOS CVE-2021-22416 (A component of the HarmonyOS has a Data Processing Errors vulnerabilit ...) - TODO: check + NOT-FOR-US: HarmonyOS CVE-2021-22415 (There is an Incorrect Calculation of Buffer Size Vulnerability in Huaw ...) NOT-FOR-US: Huawei CVE-2021-22414 (There is a Memory Buffer Errors Vulnerability in Huawei Smartphone.Suc ...) NOT-FOR-US: Huawei CVE-2021-22413 (There is an Integer Overflow Vulnerability in Huawei Smartphone.Succes ...) - TODO: check + NOT-FOR-US: Huawei CVE-2021-22412 (There is an Integer Overflow Vulnerability in Huawei Smartphone.Succes ...) NOT-FOR-US: Huawei CVE-2021-22411 (There is an out-of-bounds write vulnerability in some Huawei products. ...) @@ -35919,7 +35919,7 @@ CVE-2021-22402 CVE-2021-22401 RESERVED CVE-2021-22400 (Some Huawei Smartphones has an insufficient input validation vulnerabi ...) - TODO: check + NOT-FOR-US: Huawei CVE-2021-22399 (The Bluetooth function of some Huawei smartphones has a DoS vulnerabil ...) NOT-FOR-US: Huawei CVE-2021-22398 (There is a logic error vulnerability in several smartphones. The softw ...) @@ -37727,7 +37727,7 @@ CVE-2021-21567 CVE-2021-21566 RESERVED CVE-2021-21565 (Dell PowerScale OneFS versions 9.1.0.3 and earlier contain a denial of ...) - TODO: check + NOT-FOR-US: Dell CVE-2021-21564 RESERVED CVE-2021-21563 (Dell EMC PowerScale OneFS versions 8.1.2-9.1.0.x contain an Improper C ...) @@ -37751,7 +37751,7 @@ CVE-2021-21555 (Dell PowerEdge R640, R740, R740XD, R840, R940, R940xa, MX740c, M CVE-2021-21554 (Dell PowerEdge R640, R740, R740XD, R840, R940, R940xa, MX740c, MX840c, ...) NOT-FOR-US: Dell CVE-2021-21553 (Dell PowerScale OneFS versions 8.1.0-9.1.0 contain an Incorrect User M ...) - TODO: check + NOT-FOR-US: Dell CVE-2021-21552 (Dell Wyse Windows Embedded System versions WIE10 LTSC 2019 and earlier ...) NOT-FOR-US: Dell CVE-2021-21551 (Dell dbutil_2_3.sys driver contains an insufficient access control vul ...) |