From 13068ded4ac798307eea7dfec24d5f4a6da855ca Mon Sep 17 00:00:00 2001 From: Salvatore Bonaccorso Date: Wed, 26 Jan 2022 22:25:22 +0100 Subject: Unify naming of ShowDoc NFU --- data/CVE/list.2021 | 24 ++++++++++++------------ data/CVE/list.2022 | 4 ++-- 2 files changed, 14 insertions(+), 14 deletions(-) diff --git a/data/CVE/list.2021 b/data/CVE/list.2021 index 2785ec956d..750f749f22 100644 --- a/data/CVE/list.2021 +++ b/data/CVE/list.2021 @@ -2201,7 +2201,7 @@ CVE-2021-4173 (vim is vulnerable to Use After Free ...) NOTE: Introduced after: https://github.com/vim/vim/commit/04b12697838b232b8b17c553ccc74cf1f1bdb81c (v8.2.0695) NOTE: Fixed by: https://github.com/vim/vim/commit/9c23f9bb5fe435b28245ba8ac65aa0ca6b902c04 (v8.2.3902) CVE-2021-4172 (Cross-site Scripting (XSS) - Stored in GitHub repository star7th/showd ...) - NOT-FOR-US: showdoc + NOT-FOR-US: ShowDoc CVE-2021-4171 (calibre-web is vulnerable to Business Logic Errors ...) NOT-FOR-US: calibre-web CVE-2021-45679 (Certain NETGEAR devices are affected by privilege escalation. This aff ...) @@ -2585,7 +2585,7 @@ CVE-2021-4169 (livehelperchat is vulnerable to Improper Neutralization of Input CVE-2021-45492 RESERVED CVE-2021-4168 (showdoc is vulnerable to Cross-Site Request Forgery (CSRF) ...) - NOT-FOR-US: showdoc + NOT-FOR-US: ShowDoc CVE-2021-45491 RESERVED CVE-2021-45490 @@ -6140,7 +6140,7 @@ CVE-2021-44207 (Acclaim USAHERDS through 7.4.0.1 uses hard-coded credentials. .. CVE-2021-4018 (snipe-it is vulnerable to Improper Neutralization of Input During Web ...) NOT-FOR-US: snipe-it CVE-2021-4017 (showdoc is vulnerable to Cross-Site Request Forgery (CSRF) ...) - NOT-FOR-US: showdoc + NOT-FOR-US: ShowDoc CVE-2021-44206 RESERVED CVE-2021-44205 @@ -6457,7 +6457,7 @@ CVE-2021-4001 (A race condition was found in the Linux kernel's ebpf verifier be [stretch] - linux (Vulnerable code introduced later) NOTE: https://git.kernel.org/linus/353050be4c19e102178ccc05988101887c25ae53 CVE-2021-4000 (showdoc is vulnerable to URL Redirection to Untrusted Site ...) - NOT-FOR-US: showdoc + NOT-FOR-US: ShowDoc CVE-2021-3999 [Off-by-one buffer overflow/underflow in getcwd()] RESERVED - glibc 2.33-4 @@ -6518,7 +6518,7 @@ CVE-2021-3995 CVE-2021-3994 (django-helpdesk is vulnerable to Improper Neutralization of Input Duri ...) NOT-FOR-US: django-helpdesk CVE-2021-3993 (showdoc is vulnerable to Cross-Site Request Forgery (CSRF) ...) - NOT-FOR-US: showdoc + NOT-FOR-US: ShowDoc CVE-2021-3992 (kimai2 is vulnerable to Improper Access Control ...) NOT-FOR-US: kimai2 CVE-2021-44078 (An issue was discovered in split_region in uc.c in Unicorn Engine befo ...) @@ -6528,9 +6528,9 @@ CVE-2021-44077 (Zoho ManageEngine ServiceDesk Plus before 11306, ServiceDesk Plu CVE-2021-3991 RESERVED CVE-2021-3990 (showdoc is vulnerable to Use of Cryptographically Weak Pseudo-Random N ...) - NOT-FOR-US: showdoc + NOT-FOR-US: ShowDoc CVE-2021-3989 (showdoc is vulnerable to URL Redirection to Untrusted Site ...) - NOT-FOR-US: showdoc + NOT-FOR-US: ShowDoc CVE-2021-3988 RESERVED CVE-2021-3987 @@ -15170,9 +15170,9 @@ CVE-2021-40526 (Incorrect calculation of buffer size vulnerability in Peleton TT CVE-2021-40525 (Apache James ManagedSieve implementation alongside with the file stora ...) NOT-FOR-US: Apache James CVE-2021-3776 (showdoc is vulnerable to Cross-Site Request Forgery (CSRF) ...) - NOT-FOR-US: showdoc + NOT-FOR-US: ShowDoc CVE-2021-3775 (showdoc is vulnerable to Cross-Site Request Forgery (CSRF) ...) - NOT-FOR-US: showdoc + NOT-FOR-US: ShowDoc CVE-2021-3774 (Meross Smart Wi-Fi 2 Way Wall Switch (MSS550X), on its 3.1.3 version a ...) NOT-FOR-US: Meross Smart Wi-Fi 2 Way Wall Switch CVE-2021-3773 @@ -21084,7 +21084,7 @@ CVE-2021-3685 CVE-2021-3684 RESERVED CVE-2021-3683 (showdoc is vulnerable to Cross-Site Request Forgery (CSRF) ...) - NOT-FOR-US: showdoc + NOT-FOR-US: ShowDoc CVE-2021-38113 (In addBouquet in js/bqe.js in OpenWebif (aka e2openplugin-OpenWebif) t ...) NOT-FOR-US: OpenWebif (aka e2openplugin-OpenWebif) CVE-2021-38112 (In the Amazon AWS WorkSpaces client 3.0.10 through 3.1.8 on Windows, a ...) @@ -21681,14 +21681,14 @@ CVE-2021-3681 NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1989407 TODO: check, needs verifying the affected ansible/ansible-base components CVE-2021-3680 (showdoc is vulnerable to Missing Cryptographic Step ...) - NOT-FOR-US: showdoc + NOT-FOR-US: ShowDoc CVE-2021-3679 (A lack of CPU resource in the Linux kernel tracing module functionalit ...) {DSA-4978-1 DLA-2843-1 DLA-2785-1} - linux 5.14.6-1 [buster] - linux 4.19.208-1 NOTE: https://git.kernel.org/linus/67f0d6d9883c13174669f88adac4f0ee656cc16a CVE-2021-3678 (showdoc is vulnerable to Use of Cryptographically Weak Pseudo-Random N ...) - NOT-FOR-US: showdoc + NOT-FOR-US: ShowDoc CVE-2021-37931 (Zoho ManageEngine ADManager Plus version 7110 and prior allows unrestr ...) NOT-FOR-US: Zoho ManageEngine CVE-2021-37930 (Zoho ManageEngine ADManager Plus version 7110 and prior allows unrestr ...) diff --git a/data/CVE/list.2022 b/data/CVE/list.2022 index 2241d647f4..245d259991 100644 --- a/data/CVE/list.2022 +++ b/data/CVE/list.2022 @@ -176,7 +176,7 @@ CVE-2022-0364 CVE-2022-0363 RESERVED CVE-2022-0362 (SQL Injection in Packagist showdoc/showdoc prior to 2.10.3. ...) - NOT-FOR-US: showdoc + NOT-FOR-US: ShowDoc CVE-2022-0361 (Heap-based Buffer Overflow in Conda vim prior to 8.2. ...) - vim [bullseye] - vim (Minor issue) @@ -4564,7 +4564,7 @@ CVE-2022-0080 (mruby is vulnerable to Heap-based Buffer Overflow ...) NOTE: https://huntr.dev/bounties/59a70392-4864-4ce3-8e35-6ac2111d1e2e/ NOTE: https://github.com/mruby/mruby/commit/28ccc664e5dcd3f9d55173e9afde77c4705a9ab6 CVE-2022-0079 (showdoc is vulnerable to Generation of Error Message Containing Sensit ...) - NOT-FOR-US: showdoc + NOT-FOR-US: ShowDoc CVE-2022-0078 RESERVED CVE-2022-22292 -- cgit v1.2.3