summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorSalvatore Bonaccorso <carnil@debian.org>2022-01-21 21:34:28 +0100
committerSalvatore Bonaccorso <carnil@debian.org>2022-01-21 21:34:28 +0100
commitd76878347c4e453ec3e53cecbff8ed0d2ea655d4 (patch)
tree2719269392abd4d4baab8806f7750c3ae54a6207
parent4f2c13164a8bd377f207cc0054bf08f75d56dd07 (diff)
Process some NFUs
-rw-r--r--data/CVE/list.202150
-rw-r--r--data/CVE/list.202212
2 files changed, 31 insertions, 31 deletions
diff --git a/data/CVE/list.2021 b/data/CVE/list.2021
index 9d91971c3a..1df1feea8a 100644
--- a/data/CVE/list.2021
+++ b/data/CVE/list.2021
@@ -189,11 +189,11 @@ CVE-2021-46311
CVE-2021-46310
RESERVED
CVE-2021-46309 (An SQL Injection vulnerability exists in Sourcecodester Employee and V ...)
- TODO: check
+ NOT-FOR-US: Sourcecodester
CVE-2021-46308 (An SQL Injection vulnerability exists in Sourcecodester Online Railway ...)
- TODO: check
+ NOT-FOR-US: Sourcecodester
CVE-2021-46307 (An SQL Injection vulnerability exists in Projectworlds Online Examinat ...)
- TODO: check
+ NOT-FOR-US: Projectworlds Online Examination System
CVE-2021-46306
RESERVED
CVE-2021-46305
@@ -415,13 +415,13 @@ CVE-2021-46203 (Taocms v3.0.2 was discovered to contain an arbitrary file read v
CVE-2021-46202
RESERVED
CVE-2021-46201 (An SQL Injection vulnerability exists in Sourcecodester Online Resort ...)
- TODO: check
+ NOT-FOR-US: Sourcecodester Online Resort Management System
CVE-2021-46200 (An SQL Injection vulnerability exists in Sourcecodester Simple Music C ...)
- TODO: check
+ NOT-FOR-US: Sourcecodester
CVE-2021-46199
RESERVED
CVE-2021-46198 (An SQL Injection vulnerability exists in Sourceodester Courier Managem ...)
- TODO: check
+ NOT-FOR-US: Sourcecodester
CVE-2021-46197
RESERVED
CVE-2021-46196
@@ -2406,7 +2406,7 @@ CVE-2021-4147 [deadlock and crash in libxl driver]
NOTE: https://gitlab.com/libvirt/libvirt/-/commit/5c5df5310f72be4878a71ace47074c54e0d1a27d
NOTE: https://gitlab.com/libvirt/libvirt/-/commit/a7a03324d86e111f81687b5315b8f296dde84340
CVE-2021-4146 (Business Logic Errors in GitHub repository pimcore/pimcore prior to 10 ...)
- TODO: check
+ NOT-FOR-US: pimcore
CVE-2021-4145 [NULL pointer dereference in mirror_wait_on_conflicts() in block/mirror.c]
RESERVED
- qemu 1:6.2+dfsg-1
@@ -2439,7 +2439,7 @@ CVE-2021-45444
CVE-2021-45443
RESERVED
CVE-2021-4143 (Cross-site Scripting (XSS) - Generic in GitHub repository bigbluebutto ...)
- TODO: check
+ NOT-FOR-US: BigBlueButton
CVE-2021-45442 (A link following denial-of-service vulnerability in Trend Micro Worry- ...)
NOT-FOR-US: Trend Micro
CVE-2021-45441 (A origin validation error vulnerability in Trend Micro Apex One (on-pr ...)
@@ -4637,7 +4637,7 @@ CVE-2021-44595
CVE-2021-44594
RESERVED
CVE-2021-44593 (Simple College Website 1.0 is vulnerable to unauthenticated file uploa ...)
- TODO: check
+ NOT-FOR-US: Simple College Website
CVE-2021-44592
RESERVED
CVE-2021-44591 (In libming 0.4.8, the parseSWF_DEFINELOSSLESS2 function in util/parser ...)
@@ -5093,7 +5093,7 @@ CVE-2021-23223
CVE-2021-23179
RESERVED
CVE-2021-44464 (Vigilant Software Suite (Mastermed Dashboard) version 2.0.1.3 contains ...)
- TODO: check
+ NOT-FOR-US: Vigilant Software Suite (Mastermed Dashboard)
CVE-2021-44453 (mySCADA myPRO: Versions 8.20.0 and prior has a vulnerable debug interf ...)
NOT-FOR-US: mySCADA myPRO
CVE-2021-44451
@@ -5141,29 +5141,29 @@ CVE-2021-44431 (A vulnerability has been identified in JT Utilities (All version
CVE-2021-44430 (A vulnerability has been identified in JT Utilities (All versions &lt; ...)
NOT-FOR-US: Siemens
CVE-2021-43355 (Fresenius Kabi Vigilant Software Suite (Mastermed Dashboard) version 2 ...)
- TODO: check
+ NOT-FOR-US: Fresenius Kabi Vigilant Software Suite (Mastermed Dashboard)
CVE-2021-41835 (Fresenius Kabi Agilia Link + version 3.0 does not enforce transport la ...)
- TODO: check
+ NOT-FOR-US: Fresenius Kabi Agilia Link
CVE-2021-4035
RESERVED
CVE-2021-33848 (Fresenius Kabi Vigilant Software Suite (Mastermed Dashboard) version 2 ...)
- TODO: check
+ NOT-FOR-US: Fresenius Kabi Vigilant Software Suite (Mastermed Dashboard)
CVE-2021-33846 (Fresenius Kabi Vigilant Software Suite (Mastermed Dashboard) version 2 ...)
- TODO: check
+ NOT-FOR-US: Fresenius Kabi Vigilant Software Suite (Mastermed Dashboard)
CVE-2021-33843 (Fresenius Kabi Agilia Link + version 3.0 has a default configuration p ...)
- TODO: check
+ NOT-FOR-US: Fresenius Kabi Agilia Link
CVE-2021-31562 (The SSL/TLS configuration of Fresenius Kabi Agilia Link + version 3.0 ...)
- TODO: check
+ NOT-FOR-US: Fresenius Kabi Agilia Link
CVE-2021-23236 (Requests may be used to interrupt the normal operation of the device. ...)
TODO: check
CVE-2021-23233 (Sensitive endpoints in Fresenius Kabi Agilia Link+ v3.0 and prior can ...)
- TODO: check
+ NOT-FOR-US: Fresenius Kabi Agilia Link
CVE-2021-23207 (An attacker with physical access to the host can extract the secrets f ...)
- TODO: check
+ NOT-FOR-US: Fresenius Kabi Vigilant MasterMed
CVE-2021-23196 (The web application on Agilia Link+ version 3.0 implements authenticat ...)
- TODO: check
+ NOT-FOR-US: Agilia Link+
CVE-2021-23195 (Fresenius Kabi Vigilant Software Suite (Mastermed Dashboard) version 2 ...)
- TODO: check
+ NOT-FOR-US: Fresenius Kabi Vigilant Software Suite (Mastermed Dashboard)
CVE-2021-44429 (Serva 4.4.0 allows remote attackers to cause a denial of service (daem ...)
NOT-FOR-US: Serva
CVE-2021-44428 (Pinkie 2.15 allows remote attackers to cause a denial of service (daem ...)
@@ -5732,7 +5732,7 @@ CVE-2021-44197
CVE-2021-44196
RESERVED
CVE-2021-4016 (Rapid7 Insight Agent, versions prior to 3.1.3, suffer from an improper ...)
- TODO: check
+ NOT-FOR-US: Rapid7 Insight Agent
CVE-2021-4015 (firefly-iii is vulnerable to Cross-Site Request Forgery (CSRF) ...)
NOT-FOR-US: firefly-iii
CVE-2021-4014
@@ -13891,7 +13891,7 @@ CVE-2021-40857 (Auerswald COMpact 5500R devices before 8.2B allow Privilege Esca
CVE-2021-40856 (Auerswald COMfortel 1400 IP and 2600 IP before 2.8G devices allow Auth ...)
NOT-FOR-US: Auerswald
CVE-2021-40855 (The EU Technical Specifications for Digital COVID Certificates before ...)
- TODO: check
+ NOT-FOR-US: EU Technical Specifications for Digital COVID Certificates
CVE-2021-40854 (AnyDesk before 6.2.6 and 6.3.x before 6.3.3 allows a local user to obt ...)
NOT-FOR-US: AnyDesk
CVE-2021-40853 (TCMAN GIM does not perform an authorization check when trying to acces ...)
@@ -14498,7 +14498,7 @@ CVE-2021-40597
CVE-2021-40596
RESERVED
CVE-2021-40595 (SQL injection vulnerability in Sourcecodester Online Leave Management ...)
- TODO: check
+ NOT-FOR-US: Sourcecodester
CVE-2021-40594
RESERVED
CVE-2021-40593
@@ -15399,7 +15399,7 @@ CVE-2021-40249
CVE-2021-40248
RESERVED
CVE-2021-40247 (SQL injection vulnerability in Sourcecodester Budget and Expense Track ...)
- TODO: check
+ NOT-FOR-US: Sourcecodester
CVE-2021-40246
RESERVED
CVE-2021-40245
@@ -27927,7 +27927,7 @@ CVE-2021-35005
CVE-2021-35004 (This vulnerability allows remote attackers to execute arbitrary code o ...)
TODO: check
CVE-2021-35003 (This vulnerability allows remote attackers to execute arbitrary code o ...)
- TODO: check
+ NOT-FOR-US: TP-Link
CVE-2021-35002
RESERVED
CVE-2021-35001
diff --git a/data/CVE/list.2022 b/data/CVE/list.2022
index 778c5acaa5..41d2c2dec1 100644
--- a/data/CVE/list.2022
+++ b/data/CVE/list.2022
@@ -259,7 +259,7 @@ CVE-2022-23730
CVE-2022-23729
RESERVED
CVE-2022-23728 (Attacker can reset the device with AT Command in the process of reboot ...)
- TODO: check
+ NOT-FOR-US: LG
CVE-2022-23727
RESERVED
CVE-2022-23726
@@ -1813,13 +1813,13 @@ CVE-2022-23131 (In the case of instances where the SAML SSO authentication is en
NOTE: https://support.zabbix.com/browse/ZBX-20350
TODO: check, possibly only affecting 5.4.0 onwards
CVE-2022-23130 (Buffer Over-read vulnerability in Mitsubishi Electric MC Works64 versi ...)
- TODO: check
+ NOT-FOR-US: Mitsubishi
CVE-2022-23129 (Plaintext Storage of a Password vulnerability in Mitsubishi Electric M ...)
- TODO: check
+ NOT-FOR-US: Mitsubishi
CVE-2022-23128 (Incomplete List of Disallowed Inputs vulnerability in Mitsubishi Elect ...)
- TODO: check
+ NOT-FOR-US: Mitsubishi
CVE-2022-23127 (Cross-site Scripting vulnerability in Mitsubishi Electric MC Works64 v ...)
- TODO: check
+ NOT-FOR-US: Mitsubishi
CVE-2022-23126
RESERVED
CVE-2022-0198 (corenlp is vulnerable to Improper Restriction of XML External Entity R ...)
@@ -4836,7 +4836,7 @@ CVE-2022-21935
CVE-2022-21934
RESERVED
CVE-2022-21933 (ASUS VivoMini/Mini PC device has an improper input validation vulnerab ...)
- TODO: check
+ NOT-FOR-US: ASUS
CVE-2022-21932 (Microsoft Dynamics 365 Customer Engagement Cross-Site Scripting Vulner ...)
NOT-FOR-US: Microsoft
CVE-2022-21931 (Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability. T ...)

© 2014-2022 Faster IT GmbH | imprint | privacy policy