Process NFUs

3 files changed, 35 insertions, 35 deletions

diff --git a/data/CVE/list.2017 b/data/CVE/list.2017
index 53decb571a..226c625031 100644
--- a/data/CVE/list.2017
+++ b/data/CVE/list.2017
@@ -2075,7 +2075,7 @@ CVE-2017-18115
 CVE-2017-18114
 	RESERVED
 CVE-2017-18113 (The DefaultOSWorkflowConfigurator class in Jira Server and Jira Data C ...)
-	TODO: check
+	NOT-FOR-US: Atlassian
 CVE-2017-18112 (Affected versions of Atlassian Fisheye allow remote attackers to view  ...)
 	NOT-FOR-US: Atlassian
 CVE-2017-18111 (The OAuthHelper in Atlassian Application Links before version 5.0.10,  ...)
diff --git a/data/CVE/list.2019 b/data/CVE/list.2019
index b40648c062..cc641c5d6e 100644
--- a/data/CVE/list.2019
+++ b/data/CVE/list.2019
@@ -17071,7 +17071,7 @@ CVE-2019-14455
 CVE-2019-14454 (SuiteCRM 7.11.x and 7.10.x before 7.11.8 and 7.10.20 is vulnerable to  ...)
 	NOT-FOR-US: SuiteCRM
 CVE-2019-14453 (An issue was discovered in Comelit "App lejos de casa (web)" 2.8.0. It ...)
-	TODO: check
+	NOT-FOR-US: Comelit "App lejos de casa (web)"
 CVE-2019-14452 (Sigil before 0.9.16 is vulnerable to a directory traversal, allowing a ...)
 	- sigil 0.9.16+dfsg-1 (bug #933797)
 	[buster] - sigil <no-dsa> (Minor issue)
diff --git a/data/CVE/list.2021 b/data/CVE/list.2021
index ff11dcc8ef..f3b73b6113 100644
--- a/data/CVE/list.2021
+++ b/data/CVE/list.2021
@@ -2637,11 +2637,11 @@ CVE-2021-36705
 CVE-2021-36704
 	RESERVED
 CVE-2021-36703 (The "blog title" field in the "Settings" menu "config" page of "dashbo ...)
-	TODO: check
+	NOT-FOR-US: htmly
 CVE-2021-36702 (The "content" field in the "regular post" page of the "add content" me ...)
-	TODO: check
+	NOT-FOR-US: htmly
 CVE-2021-36701 (In htmly version 2.8.1, is vulnerable to an Arbitrary File Deletion on ...)
-	TODO: check
+	NOT-FOR-US: htmly
 CVE-2021-36700
 	RESERVED
 CVE-2021-36699
@@ -7156,7 +7156,7 @@ CVE-2021-34639
 CVE-2021-34638
 	RESERVED
 CVE-2021-34637 (The Post Index WordPress plugin is vulnerable to Cross-Site Request Fo ...)
-	TODO: check
+	NOT-FOR-US:  WordPress plugin
 CVE-2021-34636
 	RESERVED
 CVE-2021-34635 (The Poll Maker WordPress plugin is vulnerable to Reflected Cross-Site  ...)
@@ -11315,7 +11315,7 @@ CVE-2021-32814 (Skytable is a NoSQL database with automated snapshots and TLS. V
 CVE-2021-32813
 	RESERVED
 CVE-2021-32812 (Monkshu is an enterprise application server for mobile apps (iOS and A ...)
-	TODO: check
+	NOT-FOR-US: Monkshu
 CVE-2021-32811 (Zope is an open-source web application server. Zope versions prior to  ...)
 	TODO: check
 CVE-2021-32810 (crossbeam-deque is a package of work-stealing deques for building task ...)
@@ -11376,7 +11376,7 @@ CVE-2021-32789 (woocommerce-gutenberg-products-block is a feature plugin for Woo
 CVE-2021-32788 (Discourse is an open source discussion platform. In versions prior to  ...)
 	NOT-FOR-US: Discourse
 CVE-2021-32787 (Sourcegraph is a code search and navigation engine. Sourcegraph before ...)
-	TODO: check
+	NOT-FOR-US: Sourcegraph
 CVE-2021-32786 (mod_auth_openidc is an authentication/authorization module for the Apa ...)
 	- libapache2-mod-auth-openidc 2.4.9-1 (bug #991582)
 	[buster] - libapache2-mod-auth-openidc <no-dsa> (Minor issue)
@@ -11416,7 +11416,7 @@ CVE-2021-32773 (Racket is a general-purpose programming language and an ecosyste
 	[stretch] - racket <no-dsa> (Minor issue)
 	NOTE: https://github.com/racket/racket/security/advisories/GHSA-cgrw-p7p7-937c
 CVE-2021-32772 (Poddycast is a podcast app made with Electron. Prior to version 0.8.1, ...)
-	TODO: check
+	NOT-FOR-US: Poddycast
 CVE-2021-32771
 	RESERVED
 CVE-2021-32770 (Gatsby is a framework for building websites. The gatsby-source-wordpre ...)
@@ -13189,13 +13189,13 @@ CVE-2021-32021
 CVE-2021-32020 (The kernel in Amazon Web Services FreeRTOS before 10.4.3 has insuffici ...)
 	NOT-FOR-US: kernel in Amazon Web Services FreeRTOS
 CVE-2021-32019 (There is missing input validation of host names displayed in OpenWrt b ...)
-	TODO: check
+	NOT-FOR-US: OpenWrt
 CVE-2021-32018 (An issue was discovered in JUMP AMS 3.6.0.04.009-2487. The JUMP SOAP A ...)
-	TODO: check
+	NOT-FOR-US: JUMP AMS
 CVE-2021-32017 (An issue was discovered in JUMP AMS 3.6.0.04.009-2487. A JUMP SOAP end ...)
-	TODO: check
+	NOT-FOR-US: JUMP AMS
 CVE-2021-32016 (An issue was discovered in JUMP AMS 3.6.0.04.009-2487. A JUMP SOAP end ...)
-	TODO: check
+	NOT-FOR-US: JUMP AMS
 CVE-2021-32015 (In Nuvoton NPCT75x TPM 1.2 firmware 7.4.0.0, a local authenticated mal ...)
 	NOT-FOR-US: Nuvoton NPCT75x TPM 1.2 firmware
 CVE-2021-32014 (SheetJS and SheetJS Pro through 0.16.9 allows attackers to cause a den ...)
@@ -14538,9 +14538,9 @@ CVE-2021-31506 (This vulnerability allows remote attackers to disclose sensitive
 CVE-2021-31505 (This vulnerability allows attackers with physical access to escalate p ...)
 	NOT-FOR-US: Arlo Q Plus
 CVE-2021-31504 (This vulnerability allows remote attackers to execute arbitrary code o ...)
-	TODO: check
+	NOT-FOR-US: OpenText Brava! Desktop
 CVE-2021-31503 (This vulnerability allows remote attackers to execute arbitrary code o ...)
-	TODO: check
+	NOT-FOR-US: OpenText Brava! Desktop
 CVE-2021-31502 (This vulnerability allows remote attackers to execute arbitrary code o ...)
 	NOT-FOR-US: OpenText Brava! Desktop
 CVE-2021-31501 (This vulnerability allows remote attackers to disclose sensitive infor ...)
@@ -23152,11 +23152,11 @@ CVE-2021-27956 (Zoho ManageEngine ADSelfService Plus before 6104 allows stored X
 CVE-2021-27955
 	RESERVED
 CVE-2021-27954 (A heap-based buffer overflow vulnerability exists on the ecobee3 lite  ...)
-	TODO: check
+	NOT-FOR-US: ecobee3
 CVE-2021-27953 (A NULL pointer dereference vulnerability exists on the ecobee3 lite 4. ...)
-	TODO: check
+	NOT-FOR-US: ecobee3
 CVE-2021-27952 (Hardcoded default root credentials exist on the ecobee3 lite 4.5.81.20 ...)
-	TODO: check
+	NOT-FOR-US: ecobee3
 CVE-2021-27951
 	RESERVED
 CVE-2021-27950 (A SQL injection vulnerability in azurWebEngine in Sita AzurCMS through ...)
@@ -23191,9 +23191,9 @@ CVE-2021-3421 (A flaw was found in the RPM package in the read functionality. Th
 CVE-2021-27944
 	RESERVED
 CVE-2021-27943 (The pairing procedure used by the Vizio P65-F1 6.0.31.4-2 and E50x-E1  ...)
-	TODO: check
+	NOT-FOR-US: Vizio
 CVE-2021-27942 (Vizio P65-F1 6.0.31.4-2 and E50x-E1 10.0.31.4-2 Smart TVs allow a thre ...)
-	TODO: check
+	NOT-FOR-US: Vizio
 CVE-2021-27941 (Unconstrained Web access to the device's private encryption key in the ...)
 	NOT-FOR-US: eWeLink mobile application
 CVE-2021-27940 (resources/public/js/orchestrator.js in openark orchestrator before 3.2 ...)
@@ -31502,7 +31502,7 @@ CVE-2021-24373 (The WP Hardening &#8211; Fix Your WordPress Security WordPress p
 CVE-2021-24372 (The WP Hardening &#8211; Fix Your WordPress Security WordPress plugin  ...)
 	NOT-FOR-US: WordPress plugin
 CVE-2021-24371 (The Import feature of the RSVPMaker WordPress plugin before 8.7.3 (/wp ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2021-24370 (The Fancy Product Designer WordPress plugin before 4.6.9 allows unauth ...)
 	NOT-FOR-US: WordPress plugin
 CVE-2021-24369 (In the GetPaid WordPress plugin before 2.3.4, users with the contribut ...)
@@ -35869,31 +35869,31 @@ CVE-2021-22427 (There is a Heap-based Buffer Overflow Vulnerability in Huawei Sm
 CVE-2021-22426
 	RESERVED
 CVE-2021-22425 (A component of the HarmonyOS has a Double Free vulnerability. Local at ...)
-	TODO: check
+	NOT-FOR-US: HarmonyOS
 CVE-2021-22424 (A component of the HarmonyOS has a Kernel Memory Leakage Vulnerability ...)
-	TODO: check
+	NOT-FOR-US: HarmonyOS
 CVE-2021-22423 (A component of the HarmonyOS has a Out-of-bounds Write Vulnerability.  ...)
-	TODO: check
+	NOT-FOR-US: HarmonyOS
 CVE-2021-22422 (A component of the HarmonyOS has a Integer Overflow or Wraparound vuln ...)
-	TODO: check
+	NOT-FOR-US: HarmonyOS
 CVE-2021-22421 (A component of the HarmonyOS has a Improper Privilege Management vulne ...)
-	TODO: check
+	NOT-FOR-US: HarmonyOS
 CVE-2021-22420 (A component of the HarmonyOS has a External Control of System or Confi ...)
-	TODO: check
+	NOT-FOR-US: HarmonyOS
 CVE-2021-22419 (A component of the HarmonyOS has a Insufficient Verification of Data A ...)
-	TODO: check
+	NOT-FOR-US: HarmonyOS
 CVE-2021-22418 (A component of the HarmonyOS has a Integer Overflow or Wraparound vuln ...)
-	TODO: check
+	NOT-FOR-US: HarmonyOS
 CVE-2021-22417 (A component of the HarmonyOS has a Data Processing Errors vulnerabilit ...)
-	TODO: check
+	NOT-FOR-US: HarmonyOS
 CVE-2021-22416 (A component of the HarmonyOS has a Data Processing Errors vulnerabilit ...)
-	TODO: check
+	NOT-FOR-US: HarmonyOS
 CVE-2021-22415 (There is an Incorrect Calculation of Buffer Size Vulnerability in Huaw ...)
 	NOT-FOR-US: Huawei
 CVE-2021-22414 (There is a Memory Buffer Errors Vulnerability in Huawei Smartphone.Suc ...)
 	NOT-FOR-US: Huawei
 CVE-2021-22413 (There is an Integer Overflow Vulnerability in Huawei Smartphone.Succes ...)
-	TODO: check
+	NOT-FOR-US: Huawei
 CVE-2021-22412 (There is an Integer Overflow Vulnerability in Huawei Smartphone.Succes ...)
 	NOT-FOR-US: Huawei
 CVE-2021-22411 (There is an out-of-bounds write vulnerability in some Huawei products. ...)
@@ -35919,7 +35919,7 @@ CVE-2021-22402
 CVE-2021-22401
 	RESERVED
 CVE-2021-22400 (Some Huawei Smartphones has an insufficient input validation vulnerabi ...)
-	TODO: check
+	NOT-FOR-US: Huawei
 CVE-2021-22399 (The Bluetooth function of some Huawei smartphones has a DoS vulnerabil ...)
 	NOT-FOR-US: Huawei
 CVE-2021-22398 (There is a logic error vulnerability in several smartphones. The softw ...)
@@ -37727,7 +37727,7 @@ CVE-2021-21567
 CVE-2021-21566
 	RESERVED
 CVE-2021-21565 (Dell PowerScale OneFS versions 9.1.0.3 and earlier contain a denial of ...)
-	TODO: check
+	NOT-FOR-US: Dell
 CVE-2021-21564
 	RESERVED
 CVE-2021-21563 (Dell EMC PowerScale OneFS versions 8.1.2-9.1.0.x contain an Improper C ...)
@@ -37751,7 +37751,7 @@ CVE-2021-21555 (Dell PowerEdge R640, R740, R740XD, R840, R940, R940xa, MX740c, M
 CVE-2021-21554 (Dell PowerEdge R640, R740, R740XD, R840, R940, R940xa, MX740c, MX840c, ...)
 	NOT-FOR-US: Dell
 CVE-2021-21553 (Dell PowerScale OneFS versions 8.1.0-9.1.0 contain an Incorrect User M ...)
-	TODO: check
+	NOT-FOR-US: Dell
 CVE-2021-21552 (Dell Wyse Windows Embedded System versions WIE10 LTSC 2019 and earlier ...)
 	NOT-FOR-US: Dell
 CVE-2021-21551 (Dell dbutil_2_3.sys driver contains an insufficient access control vul ...)