Process some NFUs

author: Salvatore Bonaccorso <carnil@debian.org> 2021-10-11 22:37:50 +0200
committer: Salvatore Bonaccorso <carnil@debian.org> 2021-10-11 22:37:50 +0200
commit: 8210ad1353e183c69e24516e403ea5993d1740ff (patch)
tree: c10f08f295c90b3d293c4b117189dde4c0eee11e /data
parent: 190ac2f3f48f92c71ddb35c2c0b7b77460767d75 (diff)
1 files changed, 36 insertions, 36 deletions
diff --git a/data/CVE/list.2021 b/data/CVE/list.2021
index 82eeaf0605..b91632c9e4 100644
--- a/data/CVE/list.2021
+++ b/data/CVE/list.2021
@@ -3032,17 +3032,17 @@ CVE-2021-40891
 CVE-2021-40890
 	RESERVED
 CVE-2021-40889 (CMSUno version 1.7.2 is affected by a PHP code execution vulnerability ...)
-	TODO: check
+	NOT-FOR-US: CMSUno
 CVE-2021-40888 (Projectsend version r1295 is affected by Cross Site Scripting (XSS) du ...)
-	TODO: check
+	NOT-FOR-US: Projectsend
 CVE-2021-40887 (Projectsend version r1295 is affected by a directory traversal vulnera ...)
-	TODO: check
+	NOT-FOR-US: Projectsend
 CVE-2021-40886 (Projectsend version r1295 is affected by a directory traversal vulnera ...)
-	TODO: check
+	NOT-FOR-US: Projectsend
 CVE-2021-40885
 	RESERVED
 CVE-2021-40884 (Projectsend version r1295 is affected by sensitive information disclos ...)
-	TODO: check
+	NOT-FOR-US: Projectsend
 CVE-2021-40883
 	RESERVED
 CVE-2021-40882
@@ -3835,7 +3835,7 @@ CVE-2021-40543 (Opensis-Classic Version 8.0 is affected by a SQL injection vulne
 CVE-2021-40542 (Opensis-Classic Version 8.0 is affected by cross-site scripting (XSS). ...)
 	TODO: check
 CVE-2021-40541 (PHPFusion 9.03.110 is affected by cross-site scripting (XSS) in the pr ...)
-	TODO: check
+	NOT-FOR-US: PHP-Fusion
 CVE-2021-40540 (ulfius_uri_logger in Ulfius HTTP Framework before 2.7.4 omits con_info ...)
 	- ulfius 2.7.1-2 (bug #993851)
 	[bullseye] - ulfius 2.7.1-1+deb11u1
@@ -4696,13 +4696,13 @@ CVE-2021-40193
 CVE-2021-40192
 	RESERVED
 CVE-2021-40191 (Dzzoffice Version 2.02.1 is affected by cross-site scripting (XSS) due ...)
-	TODO: check
+	NOT-FOR-US: Dzzoffice
 CVE-2021-40190
 	RESERVED
 CVE-2021-40189 (PHPFusion 9.03.110 is affected by a remote code execution vulnerabilit ...)
-	TODO: check
+	NOT-FOR-US: PHP-Fusion
 CVE-2021-40188 (PHPFusion 9.03.110 is affected by an arbitrary file upload vulnerabili ...)
-	TODO: check
+	NOT-FOR-US: PHP-Fusion
 CVE-2021-40187
 	RESERVED
 CVE-2021-40186
@@ -6662,7 +6662,7 @@ CVE-2021-39319
 CVE-2021-39318
 	RESERVED
 CVE-2021-39317 (Versions up to, and including, 1.0.6, of the Access Demo Importer Word ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2021-39316 (The Zoomsounds plugin &lt;= 6.45 for WordPress allows arbitrary files, ...)
 	NOT-FOR-US: WordPress plugin
 CVE-2021-39315
@@ -16497,9 +16497,9 @@ CVE-2021-35062 (A Shell Metacharacter Injection vulnerability in result.php in D
 CVE-2021-35061 (Multiple cross-site scripting (XSS) vulnerabilities in DRK Odenwaldkre ...)
 	NOT-FOR-US: DRK Odenwaldkreis Testerfassung
 CVE-2021-35060 (/way4acs/enroll in OpenWay WAY4 ACS before 1.2.278-2693 allows unauthe ...)
-	TODO: check
+	NOT-FOR-US: OpenWay WAY4 ACS
 CVE-2021-35059 (OpenWay WAY4 ACS before 1.2.278-2693 allows XSS via the /way4acs/enrol ...)
-	TODO: check
+	NOT-FOR-US: OpenWay WAY4 ACS
 CVE-2021-35058
 	RESERVED
 CVE-2021-35057
@@ -31328,11 +31328,11 @@ CVE-2021-29008 (A cross-site scripting (XSS) issue in SEO Panel 4.8.0 allows rem
 CVE-2021-29007
 	RESERVED
 CVE-2021-29006 (rConfig 3.9.6 is affected by a Local File Disclosure vulnerability. An ...)
-	TODO: check
+	NOT-FOR-US: rConfig
 CVE-2021-29005 (Insecure permission of chmod command on rConfig server 3.9.6 exists. A ...)
-	TODO: check
+	NOT-FOR-US: rConfig
 CVE-2021-29004 (rConfig 3.9.6 is affected by SQL Injection. A user must be authenticat ...)
-	TODO: check
+	NOT-FOR-US: rConfig
 CVE-2021-29003 (Genexis PLATINUM 4410 2.1 P4410-V2-1.28 devices allow remote attackers ...)
 	NOT-FOR-US: Genexis devices
 CVE-2021-29002 (A stored cross-site scripting (XSS) vulnerability in Plone CMS 5.2.3 e ...)
@@ -36017,7 +36017,7 @@ CVE-2021-27004
 CVE-2021-27003
 	RESERVED
 CVE-2021-27002 (NetApp Cloud Manager versions prior to 3.9.10 are susceptible to a vul ...)
-	TODO: check
+	NOT-FOR-US: NetApp Cloud Manager
 CVE-2021-27001
 	RESERVED
 CVE-2021-27000
@@ -37014,7 +37014,7 @@ CVE-2021-26590
 CVE-2021-26589
 	RESERVED
 CVE-2021-26588 (A potential security vulnerability has been identified in HPE 3PAR Sto ...)
-	TODO: check
+	NOT-FOR-US: HPE
 CVE-2021-26587 (A potential DOM-based Cross Site Scripting security vulnerability has  ...)
 	NOT-FOR-US: HPE StoreOnce
 CVE-2021-26586 (A potential security vulnerability has been identified in the HPE Edge ...)
@@ -41526,7 +41526,7 @@ CVE-2021-24739
 CVE-2021-24738
 	RESERVED
 CVE-2021-24737 (The Comments &#8211; wpDiscuz WordPress plugin through 7.3.0 does not  ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2021-24736
 	RESERVED
 CVE-2021-24735
@@ -41560,9 +41560,9 @@ CVE-2021-24722
 CVE-2021-24721
 	RESERVED
 CVE-2021-24720 (The GeoDirectory Business Directory WordPress plugin before 2.1.1.3 wa ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2021-24719 (The Enfold Enfold WordPress theme before 4.8.4 was vulnerable to Refle ...)
-	TODO: check
+	NOT-FOR-US: WordPress theme
 CVE-2021-24718
 	RESERVED
 CVE-2021-24717
@@ -41576,13 +41576,13 @@ CVE-2021-24714
 CVE-2021-24713
 	RESERVED
 CVE-2021-24712 (The Appointment Hour Booking WordPress plugin before 1.3.17 does not p ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2021-24711 (The del_reistered_domains AJAX action of the Software License Manager  ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2021-24710
 	RESERVED
 CVE-2021-24709 (The Weather Effect WordPress plugin before 1.3.6 does not properly val ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2021-24708
 	RESERVED
 CVE-2021-24707
@@ -41618,9 +41618,9 @@ CVE-2021-24693
 CVE-2021-24692
 	RESERVED
 CVE-2021-24691 (The Quiz And Survey Master WordPress plugin before 7.3.2 does not esca ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2021-24690 (The Chained Quiz WordPress plugin before 1.2.7.2 does not properly san ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2021-24689
 	RESERVED
 CVE-2021-24688
@@ -41634,11 +41634,11 @@ CVE-2021-24685
 CVE-2021-24684
 	RESERVED
 CVE-2021-24683 (The Weather Effect WordPress plugin before 1.3.4 does not have any CSR ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2021-24682
 	RESERVED
 CVE-2021-24681 (The Duplicate Page WordPress plugin through 4.4.2 does not sanitise or ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2021-24680
 	RESERVED
 CVE-2021-24679 (The Bitcoin / AltCoin Payment Gateway for WooCommerce WordPress plugin ...)
@@ -41688,7 +41688,7 @@ CVE-2021-24658 (The Erident Custom Login and Dashboard WordPress plugin before 3
 CVE-2021-24657 (The Limit Login Attempts WordPress plugin before 4.0.50 does not escap ...)
 	NOT-FOR-US: WordPress plugin
 CVE-2021-24656 (The Simple Social Media Share Buttons WordPress plugin before 3.2.4 do ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2021-24655
 	RESERVED
 CVE-2021-24654 (The User Registration WordPress plugin before 2.0.2 does not properly  ...)
@@ -41698,7 +41698,7 @@ CVE-2021-24653
 CVE-2021-24652 (The PostX &#8211; Gutenberg Blocks for Post Grid WordPress plugin befo ...)
 	NOT-FOR-US: WordPress plugin
 CVE-2021-24651 (The Poll Maker WordPress plugin before 3.4.2 allows unauthenticated us ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2021-24650
 	RESERVED
 CVE-2021-24649
@@ -41846,9 +41846,9 @@ CVE-2021-24579 (The bt_bb_get_grid AJAX action of the Bold Page Builder WordPres
 CVE-2021-24578
 	RESERVED
 CVE-2021-24577 (The Coming soon and Maintenance mode WordPress plugin before 3.5.3 doe ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2021-24576 (The Easy Accordion WordPress plugin before 2.0.22 does not properly sa ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2021-24575
 	RESERVED
 CVE-2021-24574 (The Simple Banner WordPress plugin before 2.10.4 does not sanitise and ...)
@@ -41874,7 +41874,7 @@ CVE-2021-24565 (The Contact Form 7 Captcha WordPress plugin before 0.0.9 does no
 CVE-2021-24564 (The WPFront Scroll Top WordPress plugin before 2.0.6.07225 does not sa ...)
 	NOT-FOR-US: WordPress plugin
 CVE-2021-24563 (The Frontend Uploader WordPress plugin through 1.3.2 does not prevent  ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2021-24562 (The LMS by LifterLMS &#8211; Online Course, Membership &amp; Learning  ...)
 	NOT-FOR-US: WordPress plugin
 CVE-2021-24561 (The WP SMS WordPress plugin before 5.4.13 does not sanitise the "wp_gr ...)
@@ -41908,9 +41908,9 @@ CVE-2021-24548 (The Mimetic Books WordPress plugin through 0.2.13 was vulnerable
 CVE-2021-24547 (The KN Fix Your Title WordPress plugin through 1.0.1 was vulnerable to ...)
 	NOT-FOR-US: WordPress plugin
 CVE-2021-24546 (The Gutenberg Block Editor Toolkit &#8211; EditorsKit WordPress plugin ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2021-24545 (The WP HTML Author Bio WordPress plugin through 1.2.0 does not sanitis ...)
-	TODO: check
+	NOT-FOR-US: WordPress plugin
 CVE-2021-24544
 	RESERVED
 CVE-2021-24543
@@ -52501,9 +52501,9 @@ CVE-2021-20124
 CVE-2021-20123
 	RESERVED
 CVE-2021-20122 (The Telus Wi-Fi Hub (PRV65B444A-S-TS) with firmware version 3.00.20 is ...)
-	TODO: check
+	NOT-FOR-US: Telus Wi-Fi Hub
 CVE-2021-20121 (The Telus Wi-Fi Hub (PRV65B444A-S-TS) with firmware version 3.00.20 is ...)
-	TODO: check
+	NOT-FOR-US: Telus Wi-Fi Hub
 CVE-2021-20120
 	RESERVED
 CVE-2021-20119
author	Salvatore Bonaccorso <carnil@debian.org>	2021-10-11 22:37:50 +0200
committer	Salvatore Bonaccorso <carnil@debian.org>	2021-10-11 22:37:50 +0200
commit	8210ad1353e183c69e24516e403ea5993d1740ff (patch)
tree	c10f08f295c90b3d293c4b117189dde4c0eee11e /data
parent	190ac2f3f48f92c71ddb35c2c0b7b77460767d75 (diff)