automatic update

author: security tracker role <sectracker@soriano.debian.org> 2021-11-23 08:10:14 +0000
committer: security tracker role <sectracker@soriano.debian.org> 2021-11-23 08:10:14 +0000
commit: 3f3f5e964ce0939b24bbad45164f85d1fab2c290 (patch)
tree: 4dd7ae9f8650748160d8d8e96b73752909eaf359
parent: 907b4e51b42689f73a429ae4f7fc408a9014a1da (diff)
3 files changed, 58 insertions, 16 deletions
diff --git a/data/CVE/2020.list b/data/CVE/2020.list
index 06cf4505f1..2565f01158 100644
--- a/data/CVE/2020.list
+++ b/data/CVE/2020.list
@@ -19782,8 +19782,8 @@ CVE-2020-22721 (A File Upload Vulnerability in PNotes - Andrey Gruber PNotes.NET
 	NOT-FOR-US: PNotes - Andrey Gruber PNotes.NET
 CVE-2020-22720
 	REJECTED
-CVE-2020-22719
-	RESERVED
+CVE-2020-22719 (Shimo Document v2.0.1 contains a cross-site scripting (XSS) vulnerabil ...)
+	TODO: check
 CVE-2020-22718
 	RESERVED
 CVE-2020-22717
diff --git a/data/CVE/2021.list b/data/CVE/2021.list
index a219b55e88..b36db62362 100644
--- a/data/CVE/2021.list
+++ b/data/CVE/2021.list
@@ -1,4 +1,38 @@
-CVE-2021-44143 [malicious or compromised IMAP server could use a crafted mail message that lacks headers to provoke a heap overflow]
+CVE-2021-44157
+	RESERVED
+CVE-2021-44156
+	RESERVED
+CVE-2021-44155
+	RESERVED
+CVE-2021-44154
+	RESERVED
+CVE-2021-44153
+	RESERVED
+CVE-2021-44152
+	RESERVED
+CVE-2021-44151
+	RESERVED
+CVE-2021-44150 (The client in tusdotnet through 2.5.0 relies on SHA-1 to prevent spoof ...)
+	TODO: check
+CVE-2021-44149
+	RESERVED
+CVE-2021-44148
+	RESERVED
+CVE-2021-44147 (An XML External Entity issue in Claris FileMaker Pro and Server (inclu ...)
+	TODO: check
+CVE-2021-44146
+	RESERVED
+CVE-2021-44145
+	RESERVED
+CVE-2021-44144 (Croatia Control Asterix 2.8.1 has a heap-based buffer over-read, with  ...)
+	TODO: check
+CVE-2021-4004
+	RESERVED
+CVE-2021-4003
+	RESERVED
+CVE-2021-4002
+	RESERVED
+CVE-2021-44143 (A flaw was found in mbsync in isync 1.4.0 through 1.4.3. Due to an unc ...)
 	- isync <unfixed> (bug #999804)
 CVE-2021-44142
 	RESERVED
@@ -1705,9 +1739,9 @@ CVE-2021-43410
 	RESERVED
 CVE-2021-3932 (twill is vulnerable to Cross-Site Request Forgery (CSRF) ...)
 	NOT-FOR-US: twill
-CVE-2021-43409 (The "WPO365 | LOGIN" WordPress plugin (up to and including version 15. ...)
+CVE-2021-43409 (The &#8220;WPO365 | LOGIN&#8221; WordPress plugin (up to and including ...)
 	NOT-FOR-US: WordPress plugin
-CVE-2021-43408 (The Duplicate Post WordPress plugin up to and including version 1.1.9  ...)
+CVE-2021-43408 (The "Duplicate Post" WordPress plugin up to and including version 1.1. ...)
 	NOT-FOR-US: WordPress plugin
 CVE-2021-43407
 	RESERVED
@@ -7665,14 +7699,14 @@ CVE-2021-40833
 	RESERVED
 CVE-2021-40832 (A Denial-of-Service (DoS) vulnerability was discovered in F-Secure Atl ...)
 	NOT-FOR-US: F-Secure
-CVE-2021-40831
-	RESERVED
-CVE-2021-40830
-	RESERVED
-CVE-2021-40829
-	RESERVED
-CVE-2021-40828
-	RESERVED
+CVE-2021-40831 (The AWS IoT Device SDK v2 for Java, Python, C++ and Node.js appends a  ...)
+	TODO: check
+CVE-2021-40830 (The AWS IoT Device SDK v2 for Java, Python, C++ and Node.js appends a  ...)
+	TODO: check
+CVE-2021-40829 (Connections initialized by the AWS IoT Device SDK v2 for Java (version ...)
+	TODO: check
+CVE-2021-40828 (Connections initialized by the AWS IoT Device SDK v2 for Java (version ...)
+	TODO: check
 CVE-2021-40827
 	RESERVED
 CVE-2021-40826
@@ -16061,7 +16095,7 @@ CVE-2021-37336
 	RESERVED
 CVE-2021-37335
 	RESERVED
-CVE-2021-37334 (A security issue in Umbraco Forms 4.0.0 to and including 8.7.5 could l ...)
+CVE-2021-37334 (Umbraco Forms version 4.0.0 up to and including 8.7.5 and below are vu ...)
 	NOT-FOR-US: Umbraco Forms
 CVE-2021-37333 (Laravel Booking System Booking Core 2.0 is vulnerable to Session Manag ...)
 	NOT-FOR-US: Laravel Booking System Booking Core
@@ -28610,8 +28644,8 @@ CVE-2021-32006
 	RESERVED
 CVE-2021-32005
 	RESERVED
-CVE-2021-32004
-	RESERVED
+CVE-2021-32004 (This issue affects: Secomea GateManager All versions prior to 9.6. Imp ...)
+	TODO: check
 CVE-2021-32003 (Unprotected Transport of Credentials vulnerability in SiteManager prov ...)
 	NOT-FOR-US: Secomea SiteManager
 CVE-2021-32002 (Improper Access Control vulnerability in web service of Secomea SiteMa ...)
diff --git a/data/CVE/2022.list b/data/CVE/2022.list
index 9494e22796..475dec0f4e 100644
--- a/data/CVE/2022.list
+++ b/data/CVE/2022.list
@@ -1,3 +1,11 @@
+CVE-2022-0009
+	RESERVED
+CVE-2022-0008
+	RESERVED
+CVE-2022-0007
+	RESERVED
+CVE-2022-0006
+	RESERVED
 CVE-2022-21742
 	RESERVED
 CVE-2022-21741
author	security tracker role <sectracker@soriano.debian.org>	2021-11-23 08:10:14 +0000
committer	security tracker role <sectracker@soriano.debian.org>	2021-11-23 08:10:14 +0000
commit	3f3f5e964ce0939b24bbad45164f85d1fab2c290 (patch)
tree	4dd7ae9f8650748160d8d8e96b73752909eaf359
parent	907b4e51b42689f73a429ae4f7fc408a9014a1da (diff)