From c81ebaed142362b714897bfa00740990f72a97d3 Mon Sep 17 00:00:00 2001 From: Moritz Muehlenhoff Date: Wed, 13 Oct 2021 10:00:45 +0200 Subject: NFUs (concludes external check) --- data/CVE/list.2021 | 26 +++++++++++++------------- 1 file changed, 13 insertions(+), 13 deletions(-) (limited to 'data') diff --git a/data/CVE/list.2021 b/data/CVE/list.2021 index 7da679f679..ffac31dad2 100644 --- a/data/CVE/list.2021 +++ b/data/CVE/list.2021 @@ -175,7 +175,7 @@ CVE-2021-42259 CVE-2021-42258 RESERVED CVE-2021-42257 (check_smart before 6.9.1 allows unintended drive access by an unprivil ...) - TODO: check + NOT-FOR-US: check_smart Icinga plugin CVE-2021-42256 RESERVED CVE-2021-3878 @@ -420,7 +420,7 @@ CVE-2021-42141 CVE-2021-42140 RESERVED CVE-2021-42139 (Deno before 0.107.0 allows Code Injection via an untrusted YAML file i ...) - TODO: check + NOT-FOR-US: Deno CVE-2021-42138 RESERVED CVE-2021-42137 (An issue was discovered in Zammad before 5.0.1. In some cases, there i ...) @@ -2211,7 +2211,7 @@ CVE-2021-41357 (Win32k Elevation of Privilege Vulnerability This CVE ID is uniqu CVE-2021-41356 RESERVED CVE-2021-41355 (.NET Core and Visual Studio Information Disclosure Vulnerability ...) - TODO: check + NOT-FOR-US: Microsoft .NET CVE-2021-41354 (Microsoft Dynamics 365 (on-premises) Cross-site Scripting Vulnerabilit ...) NOT-FOR-US: Microsoft CVE-2021-41353 (Microsoft Dynamics 365 (on-premises) Spoofing Vulnerability ...) @@ -2724,7 +2724,7 @@ CVE-2021-41119 CVE-2021-41118 (The DynamicPageList3 extension is a reporting tool for MediaWiki, list ...) NOT-FOR-US: DynamicPageList3 MediaWiki Extension CVE-2021-41117 (keypair is a a RSA PEM key generator written in javascript. keypair im ...) - TODO: check + NOT-FOR-US: keypair CVE-2021-41116 (Composer is an open source dependency manager for the PHP language. In ...) - composer (Only affects Windows) NOTE: https://github.com/composer/composer/security/advisories/GHSA-frqg-7g38-6gcf @@ -15778,13 +15778,13 @@ CVE-2021-35499 CVE-2021-35498 RESERVED CVE-2021-35497 (The FTL Server (tibftlserver) and Docker images containing tibftlserve ...) - TODO: check + NOT-FOR-US: TIBCO CVE-2021-35496 (The XMLA Connections component of TIBCO Software Inc.'s TIBCO JasperRe ...) - TODO: check + NOT-FOR-US: TIBCO CVE-2021-35495 (The Scheduler Connection component of TIBCO Software Inc.'s TIBCO Jasp ...) - TODO: check + NOT-FOR-US: TIBCO CVE-2021-35494 (The Rest API component of TIBCO Software Inc.'s TIBCO JasperReports Se ...) - TODO: check + NOT-FOR-US: TIBCO CVE-2021-35493 (The WebFOCUS Reporting Server and WebFOCUS Client components of TIBCO ...) NOT-FOR-US: WebFOCUS CVE-2021-3619 (Rapid7 Velociraptor 0.5.9 and prior is vulnerable to a post-authentica ...) @@ -19354,7 +19354,7 @@ CVE-2021-33905 CVE-2021-33904 (** DISPUTED ** In Accela Civic Platform through 21.1, the security/hos ...) NOT-FOR-US: Accela Civic Platform CVE-2021-33903 (In LCOS 10.40 to 10.42.0473-RU3 with SNMPv3 enabled on LANCOM devices, ...) - TODO: check + NOT-FOR-US: LANCOM CVE-2021-33902 RESERVED CVE-2021-33901 @@ -19470,7 +19470,7 @@ CVE-2021-33851 CVE-2021-33850 RESERVED CVE-2021-33849 (A Cross-Site Scripting (XSS) attack can cause arbitrary code (JavaScri ...) - TODO: check + NOT-FOR-US: Zoho CVE-2021-3581 (Buffer Access with Incorrect Length Value in zephyr. Zephyr versions & ...) NOT-FOR-US: Zephyr, different from src:zephyr CVE-2021-3580 (A flaw was found in the way nettle's RSA decryption functions handled ...) @@ -24116,11 +24116,11 @@ CVE-2021-31990 CVE-2021-31989 (A user with permission to log on to the machine hosting the AXIS Devic ...) NOT-FOR-US: AXIS CVE-2021-31988 (A user controlled parameter related to SMTP test functionality is not ...) - TODO: check + NOT-FOR-US: AXIS CVE-2021-31987 (A user controlled parameter related to SMTP test functionality is not ...) - TODO: check + NOT-FOR-US: AXIS CVE-2021-31986 (User controlled parameters related to SMTP notifications are not corre ...) - TODO: check + NOT-FOR-US: AXIS CVE-2021-31985 (Microsoft Defender Remote Code Execution Vulnerability ...) NOT-FOR-US: Microsoft CVE-2021-31984 (Power BI Remote Code Execution Vulnerability ...) -- cgit v1.2.3