From 4fc537f3159f3e331ab4e0acd8b0d4595524bde2 Mon Sep 17 00:00:00 2001 From: Salvatore Bonaccorso Date: Wed, 24 Nov 2021 21:17:46 +0100 Subject: Process some NFUs --- data/CVE/list.2021 | 38 +++++++++++++++++++------------------- 1 file changed, 19 insertions(+), 19 deletions(-) diff --git a/data/CVE/list.2021 b/data/CVE/list.2021 index adf2dcb8e8..62ea056c6d 100644 --- a/data/CVE/list.2021 +++ b/data/CVE/list.2021 @@ -985,7 +985,7 @@ CVE-2021-43780 (Redash is a package for data visualization and sharing. In versi CVE-2021-43779 RESERVED CVE-2021-43778 (Barcode is a GLPI plugin for printing barcodes and QR codes. GLPI inst ...) - TODO: check + NOT-FOR-US: GLPI plugin CVE-2021-43777 (Redash is a package for data visualization and sharing. In Redash vers ...) NOT-FOR-US: Redash CVE-2021-43776 @@ -2209,7 +2209,7 @@ CVE-2021-43270 (Datalust Seq.App.EmailPlus (aka seq-app-htmlemail) 3.1.0-dev-001 CVE-2021-43269 RESERVED CVE-2021-43268 (An issue was discovered in VxWorks 6.9 through 7. In the IKE component ...) - TODO: check + NOT-FOR-US: Wind River VxWorks CVE-2021-43266 (In Mahara before 20.04.5, 20.10.3, 21.04.2, and 21.10.0, exporting col ...) - mahara CVE-2021-43265 (In Mahara before 20.04.5, 20.10.3, 21.04.2, and 21.10.0, certain tag s ...) @@ -17192,9 +17192,9 @@ CVE-2021-36919 CVE-2021-36918 RESERVED CVE-2021-36917 (WordPress Hide My WP plugin (versions <= 6.2.3) can be deactivated ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2021-36916 (The SQL injection vulnerability in the Hide My WP WordPress plugin (ve ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2021-36915 RESERVED CVE-2021-36914 @@ -22907,9 +22907,9 @@ CVE-2021-34426 CVE-2021-34425 RESERVED CVE-2021-34424 (A vulnerability was discovered in the Zoom Client for Meetings (for An ...) - TODO: check + NOT-FOR-US: Zoom CVE-2021-34423 (A buffer overflow vulnerability was discovered in Zoom Client for Meet ...) - TODO: check + NOT-FOR-US: Zoom CVE-2021-34422 (The Keybase Client for Windows before version 5.7.0 contains a path tr ...) NOT-FOR-US: Keybase Client for Windows CVE-2021-34421 (The Keybase Client for Android before version 5.8.0 and the Keybase Cl ...) @@ -26112,11 +26112,11 @@ CVE-2021-33045 (The identity authentication bypass vulnerability found in some D CVE-2021-33044 (The identity authentication bypass vulnerability found in some Dahua p ...) NOT-FOR-US: Dahua CVE-2021-3554 (Improper Access Control vulnerability in the patchesUpdate API as impl ...) - TODO: check + NOT-FOR-US: Bitdefender CVE-2021-3553 (A Server-Side Request Forgery (SSRF) vulnerability in the EPPUpdateSer ...) - TODO: check + NOT-FOR-US: Bitdefender CVE-2021-3552 (A Server-Side Request Forgery (SSRF) vulnerability in the EPPUpdateSer ...) - TODO: check + NOT-FOR-US: Bitdefender CVE-2021-33043 RESERVED CVE-2021-33042 @@ -50483,7 +50483,7 @@ CVE-2021-22959 (The parser in accepts requests with a space (SP) right after the CVE-2021-22958 (A Server-Side Request Forgery vulnerability was found in concrete5 < ...) NOT-FOR-US: Concrete CMS CVE-2021-22957 (A Cross-Origin Resource Sharing (CORS) vulnerability found in UniFi Pr ...) - TODO: check + NOT-FOR-US: UniFi Protect CVE-2021-22956 RESERVED CVE-2021-22955 @@ -52534,7 +52534,7 @@ CVE-2021-22051 (Applications using Spring Cloud Gateway are vulnerable to specif CVE-2021-22050 RESERVED CVE-2021-22049 (The vSphere Web Client (FLEX/Flash) contains an SSRF (Server Side Requ ...) - TODO: check + NOT-FOR-US: VMware CVE-2021-22048 (The vCenter Server contains a privilege escalation vulnerability in th ...) NOT-FOR-US: VMware CVE-2021-22047 (In Spring Data REST versions 3.4.0 - 3.4.13, 3.5.0 - 3.5.5, and older ...) @@ -52677,7 +52677,7 @@ CVE-2021-21982 (VMware Carbon Black Cloud Workload appliance 1.0.0 and 1.01 has CVE-2021-21981 (VMware NSX-T contains a privilege escalation vulnerability due to an i ...) NOT-FOR-US: VMware CVE-2021-21980 (The vSphere Web Client (FLEX/Flash) contains an unauthorized arbitrary ...) - TODO: check + NOT-FOR-US: VMware CVE-2021-21979 (In Bitnami Containers, all Laravel container versions prior to: 6.20.0 ...) NOT-FOR-US: Bitnami Containers CVE-2021-21978 (VMware View Planner 4.x prior to 4.6 Security Patch 1 contains a remot ...) @@ -55665,7 +55665,7 @@ CVE-2021-20852 CVE-2021-20851 RESERVED CVE-2021-20850 (PowerCMS XMLRPC API of PowerCMS 5.19 and earlier, PowerCMS 4.49 and ea ...) - TODO: check + NOT-FOR-US: PowerCMS CVE-2021-20849 RESERVED CVE-2021-20848 (Cross-site scripting vulnerability in rwtxt versions prior to v1.8.6 a ...) @@ -55673,19 +55673,19 @@ CVE-2021-20848 (Cross-site scripting vulnerability in rwtxt versions prior to v1 CVE-2021-20847 RESERVED CVE-2021-20846 (Cross-site request forgery (CSRF) vulnerability in Push Notifications ...) - TODO: check + NOT-FOR-US: WordPress plugin CVE-2021-20845 (Cross-site request forgery (CSRF) vulnerability in Unlimited Sitemap G ...) TODO: check CVE-2021-20844 (Improper neutralization of HTTP request headers for scripting syntax v ...) - TODO: check + NOT-FOR-US: RTX830 CVE-2021-20843 (Cross-site script inclusion vulnerability in the Web GUI of RTX830 Rev ...) - TODO: check + NOT-FOR-US: RTX830 CVE-2021-20842 (Cross-site request forgery (CSRF) vulnerability in EC-CUBE 2 series 2. ...) - TODO: check + NOT-FOR-US: EC-CUBE CVE-2021-20841 (Improper access control in Management screen of EC-CUBE 2 series 2.11. ...) - TODO: check + NOT-FOR-US: EC-CUBE CVE-2021-20840 (Cross-site scripting vulnerability in Booking Package - Appointment Bo ...) - TODO: check + NOT-FOR-US: Booking Package - Appointment Booking Calendar System CVE-2021-20839 (Office Server Document Converter V7.2MR4 and earlier and V7.1MR7 and e ...) NOT-FOR-US: Office Server Document Converter CVE-2021-20838 (Office Server Document Converter V7.2MR4 and earlier and V7.1MR7 and e ...) -- cgit v1.2.3