From 2c412ffa34ec7e89a25ec4ff115338dd28b4a684 Mon Sep 17 00:00:00 2001 From: Neil Williams Date: Fri, 3 Dec 2021 11:32:39 +0000 Subject: NFUs and two ITPs libredwg and libretime --- data/CVE/2021.list | 20 ++++++++++---------- 1 file changed, 10 insertions(+), 10 deletions(-) diff --git a/data/CVE/2021.list b/data/CVE/2021.list index 227575c971..16c32597f8 100644 --- a/data/CVE/2021.list +++ b/data/CVE/2021.list @@ -1969,13 +1969,13 @@ CVE-2021-43687 (chamilo-lms v1.11.14 is affected by a Cross Site Scripting (XSS) CVE-2021-43686 (nZEDb v0.4.20 is affected by a Cross Site Scripting (XSS) vulnerabilit ...) NOT-FOR-US: nZEDb CVE-2021-43685 (libretime hv3.0.0-alpha.10 is affected by a path manipulation vulnerab ...) - TODO: check + - libretime (bug #888687) CVE-2021-43684 RESERVED CVE-2021-43683 (pictshare v1.5 is affected by a Cross Site Scripting (XSS) vulnerabili ...) - TODO: check + NOT-FOR-US: pictshare CVE-2021-43682 (thinkphp-bjyblog (last update Jun 4 2021) is affected by a Cross Site ...) - TODO: check + NOT-FOR-US: ThinkPHP BJY Blog CVE-2021-43681 (SakuraPanel v1.0.1.1 is affected by a Cross Site Scripting (XSS) vulne ...) NOT-FOR-US: SakuraPanel CVE-2021-43680 @@ -2867,7 +2867,7 @@ CVE-2021-43329 CVE-2021-43328 RESERVED CVE-2021-43327 (An issue was discovered on Renesas RX65 and RX65N devices. With a VCC ...) - TODO: check + NOT-FOR-US: Renesas CVE-2021-43326 RESERVED CVE-2021-43325 @@ -4268,7 +4268,7 @@ CVE-2021-42713 CVE-2021-42712 RESERVED CVE-2021-42711 (Barracuda Network Access Client before 5.2.2 creates a Temporary File ...) - TODO: check + NOT-FOR-US: Barracuda Network Access Client CVE-2021-42710 RESERVED CVE-2021-42709 @@ -4566,7 +4566,7 @@ CVE-2021-42566 (myfactory.FMS before 7.1-912 allows XSS via the Error parameter. CVE-2021-42565 (myfactory.FMS before 7.1-912 allows XSS via the UID parameter. ...) NOT-FOR-US: myfactory.FMS CVE-2021-42564 (An open redirect through HTML injection in confidential messages in Cr ...) - TODO: check + NOT-FOR-US: Cryptshare Server CVE-2021-42563 (There is an Unquoted Service Path in NI Service Locator (nisvcloc.exe) ...) NOT-FOR-US: NI Service Locator CVE-2021-3893 @@ -39007,9 +39007,9 @@ CVE-2021-28239 CVE-2021-28238 RESERVED CVE-2021-28237 (LibreDWG v0.12.3 was discovered to contain a heap-buffer overflow via ...) - TODO: check + - libredwg (bug #595191) CVE-2021-28236 (LibreDWG v0.12.3 was discovered to contain a NULL pointer dereference ...) - TODO: check + - libredwg (bug #595191) CVE-2021-28235 RESERVED CVE-2021-28234 @@ -42819,7 +42819,7 @@ CVE-2021-26614 (ius_get.cgi in IpTime C200 camera allows remote code execution. CVE-2021-26613 RESERVED CVE-2021-26612 (An improper input validation leading to arbitrary file creation was di ...) - TODO: check + NOT-FOR-US: Tobesoft Nexacro CVE-2021-26611 (HejHome GKW-IC052 IP Camera contained a hard-coded credentials vulnera ...) NOT-FOR-US: HejHome GKW-IC052 IP Camera CVE-2021-26610 (The move_uploaded_file function in godomall5 does not perform an integ ...) @@ -43485,7 +43485,7 @@ CVE-2021-26336 (Insufficient bounds checking in System Management Unit (SMU) may CVE-2021-26335 (Improper input and range checking in the Platform Security Processor ( ...) NOT-FOR-US: AMD CVE-2021-26334 (The AMDPowerProfiler.sys driver of AMD μProf tool may allow lower ...) - TODO: check + NOT-FOR-US: AMD CVE-2021-26333 (An information disclosure vulnerability exists in AMD Platform Securit ...) NOT-FOR-US: AMD CVE-2021-26332 -- cgit v1.2.3