summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorSalvatore Bonaccorso <carnil@debian.org>2021-10-15 22:47:47 +0200
committerSalvatore Bonaccorso <carnil@debian.org>2021-10-15 22:47:47 +0200
commit3498f586d8de9ba9a048006e712e145d5e3cd6c9 (patch)
treef3ddd724b9eaff4e4938fe45e45e5529ebb05bb3
parent45e3dbb4b6916560d28609b4c03e8adb7445c45b (diff)
Process some NFUs
-rw-r--r--data/CVE/2018.list4
-rw-r--r--data/CVE/2021.list98
2 files changed, 51 insertions, 51 deletions
diff --git a/data/CVE/2018.list b/data/CVE/2018.list
index f38029d1c5..53262e9a75 100644
--- a/data/CVE/2018.list
+++ b/data/CVE/2018.list
@@ -14121,9 +14121,9 @@ CVE-2018-16062 (dwarf_getaranges in dwarf_getaranges.c in libdw in elfutils befo
NOTE: https://sourceware.org/bugzilla/show_bug.cgi?id=23541
NOTE: https://sourceware.org/git/?p=elfutils.git;a=commit;h=29e31978ba51c1051743a503ee325b5ebc03d7e9
CVE-2018-16061 (Mitsubishi Electric SmartRTU devices allow XSS via the username parame ...)
- TODO: check
+ NOT-FOR-US: Mitsubishi
CVE-2018-16060 (Mitsubishi Electric SmartRTU devices allow remote attackers to obtain ...)
- TODO: check
+ NOT-FOR-US: Mitsubishi
CVE-2018-16059 (Endress+Hauser WirelessHART Fieldgate SWG70 3.x devices allow Director ...)
NOT-FOR-US: Endress+Hauser WirelessHART Fieldgate SWG70 3.x devices
CVE-2018-16058 (In Wireshark 2.6.0 to 2.6.2, 2.4.0 to 2.4.8, and 2.2.0 to 2.2.16, the ...)
diff --git a/data/CVE/2021.list b/data/CVE/2021.list
index db29a99ed1..1282b1255b 100644
--- a/data/CVE/2021.list
+++ b/data/CVE/2021.list
@@ -459,21 +459,21 @@ CVE-2021-42338
CVE-2021-42337
RESERVED
CVE-2021-42336 (The learning history page of the Easytest is vulnerable by permission ...)
- TODO: check
+ NOT-FOR-US: Easytest
CVE-2021-42335 (Easytest bulletin board management function of online learning platfor ...)
- TODO: check
+ NOT-FOR-US: Easytest
CVE-2021-42334 (The Easytest contains SQL injection vulnerabilities. After obtaining a ...)
- TODO: check
+ NOT-FOR-US: Easytest
CVE-2021-42333 (The Easytest contains SQL injection vulnerabilities. After obtaining u ...)
- TODO: check
+ NOT-FOR-US: Easytest
CVE-2021-42332 (The &#8220;List View&#8221; function of ShinHer StudyOnline System is ...)
- TODO: check
+ NOT-FOR-US: ShinHer StudyOnline System
CVE-2021-42331 (The &#8220;Study Edit&#8221; function of ShinHer StudyOnline System do ...)
- TODO: check
+ NOT-FOR-US: ShinHer StudyOnline System
CVE-2021-42330 (The &#8220;Teacher Edit&#8221; function of ShinHer StudyOnline System ...)
- TODO: check
+ NOT-FOR-US: ShinHer StudyOnline System
CVE-2021-42329 (The &#8220;List_Add&#8221; function of message board of ShinHer StudyO ...)
- TODO: check
+ NOT-FOR-US: ShinHer StudyOnline System
CVE-2021-42328
RESERVED
CVE-2021-42327
@@ -942,7 +942,7 @@ CVE-2021-42111
CVE-2021-42110
RESERVED
CVE-2021-3874 (bookstack is vulnerable to Improper Limitation of a Pathname to a Rest ...)
- TODO: check
+ NOT-FOR-US: bookstack
CVE-2021-3873
RESERVED
CVE-2021-42109 (VITEC Exterity IPTV products through 2021-04-30 allow privilege escala ...)
@@ -2744,7 +2744,7 @@ CVE-2021-41322 (Polycom VVX 400/410 version 5.3.1 allows low-privileged users to
CVE-2021-41321
RESERVED
CVE-2021-41320 (A technical user has hardcoded credentials in Wallstreet Suite TRM 7.4 ...)
- TODO: check
+ NOT-FOR-US: Wallstreet Suite TRM
CVE-2021-41319
RESERVED
CVE-2021-41318 (In Progress WhatsUp Gold prior to version 21.1.0, an application endpo ...)
@@ -3126,9 +3126,9 @@ CVE-2021-41150
CVE-2021-41149
RESERVED
CVE-2021-41148 (Tuleap Open ALM is a libre and open source tool for end to end traceab ...)
- TODO: check
+ NOT-FOR-US: Tuleap
CVE-2021-41147 (Tuleap Open ALM is a libre and open source tool for end to end traceab ...)
- TODO: check
+ NOT-FOR-US: Tuleap
CVE-2021-41146
RESERVED
CVE-2021-41145
@@ -3466,33 +3466,33 @@ CVE-2021-41001
CVE-2021-41000
RESERVED
CVE-2021-40999 (A remote arbitrary command execution vulnerability was discovered in A ...)
- TODO: check
+ NOT-FOR-US: Aruba
CVE-2021-40998 (A remote arbitrary command execution vulnerability was discovered in A ...)
- TODO: check
+ NOT-FOR-US: Aruba
CVE-2021-40997 (A remote authentication bypass vulnerability was discovered in Aruba C ...)
- TODO: check
+ NOT-FOR-US: Aruba
CVE-2021-40996 (A remote authentication bypass vulnerability was discovered in Aruba C ...)
- TODO: check
+ NOT-FOR-US: Aruba
CVE-2021-40995 (A remote arbitrary command execution vulnerability was discovered in A ...)
- TODO: check
+ NOT-FOR-US: Aruba
CVE-2021-40994 (A remote arbitrary command execution vulnerability was discovered in A ...)
- TODO: check
+ NOT-FOR-US: Aruba
CVE-2021-40993 (A remote SQL injection vulnerability was discovered in Aruba ClearPass ...)
- TODO: check
+ NOT-FOR-US: Aruba
CVE-2021-40992 (A remote SQL injection vulnerability was discovered in Aruba ClearPass ...)
- TODO: check
+ NOT-FOR-US: Aruba
CVE-2021-40991 (A remote disclosure of sensitive information vulnerability was discove ...)
- TODO: check
+ NOT-FOR-US: Aruba
CVE-2021-40990 (A remote disclosure of sensitive information vulnerability was discove ...)
- TODO: check
+ NOT-FOR-US: Aruba
CVE-2021-40989 (A local escalation of privilege vulnerability was discovered in Aruba ...)
- TODO: check
+ NOT-FOR-US: Aruba
CVE-2021-40988 (A remote directory traversal vulnerability was discovered in Aruba Cle ...)
- TODO: check
+ NOT-FOR-US: Aruba
CVE-2021-40987 (A remote arbitrary command execution vulnerability was discovered in A ...)
- TODO: check
+ NOT-FOR-US: Aruba
CVE-2021-40986 (A remote arbitrary command execution vulnerability was discovered in A ...)
- TODO: check
+ NOT-FOR-US: Aruba
CVE-2021-3800
RESERVED
CVE-2021-40985
@@ -4100,13 +4100,13 @@ CVE-2021-40733
CVE-2021-40732 (XMP Toolkit version 2020.1 (and earlier) is affected by a null pointer ...)
NOT-FOR-US: Adobe
CVE-2021-40731 (Adobe Acrobat Reader DC version 21.007.20095 (and earlier), 21.007.200 ...)
- TODO: check
+ NOT-FOR-US: Adobe
CVE-2021-40730 (Adobe Acrobat Reader DC version 21.007.20095 (and earlier), 21.007.200 ...)
- TODO: check
+ NOT-FOR-US: Adobe
CVE-2021-40729 (Adobe Acrobat Reader DC version 21.007.20095 (and earlier), 21.007.200 ...)
- TODO: check
+ NOT-FOR-US: Adobe
CVE-2021-40728 (Adobe Acrobat Reader DC version 21.007.20095 (and earlier), 21.007.200 ...)
- TODO: check
+ NOT-FOR-US: Adobe
CVE-2021-40727
RESERVED
CVE-2021-40726 (Acrobat Reader DC versions 2021.005.20060 (and earlier), 2020.004.3000 ...)
@@ -4114,15 +4114,15 @@ CVE-2021-40726 (Acrobat Reader DC versions 2021.005.20060 (and earlier), 2020.00
CVE-2021-40725 (Acrobat Reader DC versions 2021.005.20060 (and earlier), 2020.004.3000 ...)
NOT-FOR-US: Adobe
CVE-2021-40724 (Acrobat Reader for Android versions 21.8.0 (and earlier) are affected ...)
- TODO: check
+ NOT-FOR-US: Adobe
CVE-2021-40723
RESERVED
CVE-2021-40722
RESERVED
CVE-2021-40721 (Adobe Connect version 11.2.2 (and earlier) is affected by a reflected ...)
- TODO: check
+ NOT-FOR-US: Adobe
CVE-2021-40720 (Ops CLI version 2.0.4 (and earlier) is affected by a Deserialization o ...)
- TODO: check
+ NOT-FOR-US: Adobe
CVE-2021-40719
RESERVED
CVE-2021-40718
@@ -6114,7 +6114,7 @@ CVE-2021-39866 (A business logic error in the project deletion process in GitLab
CVE-2021-39865 (Adobe Framemaker versions 2019 Update 8 (and earlier) and 2020 Release ...)
NOT-FOR-US: Adobe
CVE-2021-39864 (Adobe Commerce versions 2.4.2-p2 (and earlier), 2.4.3 (and earlier) an ...)
- TODO: check
+ NOT-FOR-US: Adobe
CVE-2021-39863 (Acrobat Reader DC versions 2021.005.20060 (and earlier), 2020.004.3000 ...)
NOT-FOR-US: Adobe
CVE-2021-39862 (Adobe Framemaker versions 2019 Update 8 (and earlier) and 2020 Release ...)
@@ -7276,7 +7276,7 @@ CVE-2021-39351 (The WP Bannerize WordPress plugin is vulnerable to authenticated
CVE-2021-39350 (The FV Flowplayer Video Player WordPress plugin is vulnerable to Refle ...)
NOT-FOR-US: WordPress plugin
CVE-2021-39349 (The HAL WordPress plugin is vulnerable to Stored Cross-Site Scripting ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2021-39348
RESERVED
CVE-2021-39347 (The Stripe for WooCommerce WordPress plugin is missing a capability ch ...)
@@ -7284,9 +7284,9 @@ CVE-2021-39347 (The Stripe for WooCommerce WordPress plugin is missing a capabil
CVE-2021-39346
RESERVED
CVE-2021-39345 (The HAL WordPress plugin is vulnerable to Stored Cross-Site Scripting ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2021-39344 (The KJM Admin Notices WordPress plugin is vulnerable to Stored Cross-S ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2021-39343
RESERVED
CVE-2021-39342 (The Credova_Financial WordPress plugin discloses a site's associated C ...)
@@ -7298,19 +7298,19 @@ CVE-2021-39340
CVE-2021-39339 (The Telefication WordPress plugin is vulnerable to Open Proxy and Serv ...)
NOT-FOR-US: WordPress plugin
CVE-2021-39338 (The MyBB Cross-Poster WordPress plugin is vulnerable to Stored Cross-S ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2021-39337 (The job-portal WordPress plugin is vulnerable to Stored Cross-Site Scr ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2021-39336 (The Job Manager WordPress plugin is vulnerable to Stored Cross-Site Sc ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2021-39335 (The WpGenius Job Listing WordPress plugin is vulnerable to Stored Cros ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2021-39334 (The Job Board Vanila WordPress plugin is vulnerable to Stored Cross-Si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2021-39333
RESERVED
CVE-2021-39332 (The Business Manager WordPress plugin is vulnerable to Stored Cross-Si ...)
- TODO: check
+ NOT-FOR-US: WordPress plugin
CVE-2021-39331
RESERVED
CVE-2021-39330 (The Formidable Form Builder WordPress plugin is vulnerable to Stored C ...)
@@ -9524,9 +9524,9 @@ CVE-2021-38434
CVE-2021-38433
RESERVED
CVE-2021-38432 (FATEK Automation Communication Server Versions 1.13 and prior lacks pr ...)
- TODO: check
+ NOT-FOR-US: FATEK Automation Communication Server
CVE-2021-38431 (An authenticated user using Advantech WebAccess SCADA in versions 9.0. ...)
- TODO: check
+ NOT-FOR-US: Advantech
CVE-2021-38430
RESERVED
CVE-2021-38429
@@ -11190,13 +11190,13 @@ CVE-2021-37741 (ManageEngine ADManager Plus before 7111 has Pre-authentication R
CVE-2021-37740
RESERVED
CVE-2021-37739 (A remote arbitrary command execution vulnerability was discovered in A ...)
- TODO: check
+ NOT-FOR-US: Aruba
CVE-2021-37738 (A remote disclosure of sensitive information vulnerability was discove ...)
- TODO: check
+ NOT-FOR-US: Aruba
CVE-2021-37737 (A remote SQL injection vulnerability was discovered in Aruba ClearPass ...)
- TODO: check
+ NOT-FOR-US: Aruba
CVE-2021-37736 (A remote authentication bypass vulnerability was discovered in Aruba C ...)
- TODO: check
+ NOT-FOR-US: Aruba
CVE-2021-37735 (A remote denial of service vulnerability was discovered in Aruba Insta ...)
NOT-FOR-US: Aruba
CVE-2021-37734 (A remote unauthorized read access to files vulnerability was discovere ...)

© 2014-2021 Faster IT GmbH | imprint | privacy policy