automatic update

4 files changed, 56 insertions, 9 deletions

diff --git a/data/CVE/2018.list b/data/CVE/2018.list
index f4aa2b4fd9..0f1b18d972 100644
--- a/data/CVE/2018.list
+++ b/data/CVE/2018.list
@@ -53029,7 +53029,7 @@ CVE-2018-1057 (On a Samba 4 AD DC the LDAP server in all versions of Samba from
 	NOTE: https://www.samba.org/samba/security/CVE-2018-1057.html
 	NOTE: https://wiki.samba.org/index.php/CVE-2018-1057
 CVE-2018-1056 (An out-of-bounds heap buffer read flaw was found in the way advancecom ...)
-	{DLA-1702-1 DLA-1281-1}
+	{DLA-2868-1 DLA-1702-1 DLA-1281-1}
 	- advancecomp 2.1-1 (bug #889270)
 	NOTE: https://sourceforge.net/p/advancemame/bugs/259/
 	NOTE: https://github.com/amadvance/advancecomp/commit/7deeafc02b29cc51d51079e66f4f43f986ff9cc5
diff --git a/data/CVE/2019.list b/data/CVE/2019.list
index 3de53dfc3c..1ab0ef2066 100644
--- a/data/CVE/2019.list
+++ b/data/CVE/2019.list
@@ -32416,7 +32416,7 @@ CVE-2019-9211 (There is a reachable assertion abort in the function write_long_s
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1683499
 	NOTE: Crash in CLI tool, no security impact
 CVE-2019-9210 (In AdvanceCOMP 2.1, png_compress in pngex.cc in advpng has an integer  ...)
-	{DLA-1702-1}
+	{DLA-2868-1 DLA-1702-1}
 	- advancecomp 2.1-2 (low; bug #923416)
 	NOTE: https://sourceforge.net/p/advancemame/bugs/277/
 	NOTE: Fixed by https://github.com/amadvance/advancecomp/commit/fcf71a89265c78fc26243574dda3a872574a5c02
@@ -34735,6 +34735,7 @@ CVE-2019-8385 (An issue was discovered in Thomson Reuters Desktop Extensions 1.9
 CVE-2019-8384
 	RESERVED
 CVE-2019-8383 (An issue was discovered in AdvanceCOMP through 2.1. An invalid memory  ...)
+	{DLA-2868-1}
 	- advancecomp 2.1-2.1 (bug #928730)
 	[jessie] - advancecomp <ignored> (Minor issue)
 	NOTE: https://sourceforge.net/p/advancemame/bugs/272/
@@ -34748,6 +34749,7 @@ CVE-2019-8381 (An issue was discovered in Tcpreplay 4.3.1. An invalid memory acc
 CVE-2019-8380 (An issue was discovered in Bento4 1.5.1-628. A NULL pointer dereferenc ...)
 	NOT-FOR-US: Bento4
 CVE-2019-8379 (An issue was discovered in AdvanceCOMP through 2.1. A NULL pointer der ...)
+	{DLA-2868-1}
 	- advancecomp 2.1-2.1 (bug #928729)
 	[jessie] - advancecomp <ignored> (Minor issue)
 	NOTE: https://sourceforge.net/p/advancemame/bugs/271/
diff --git a/data/CVE/2021.list b/data/CVE/2021.list
index 7d80a71144..c96c300060 100644
--- a/data/CVE/2021.list
+++ b/data/CVE/2021.list
@@ -1,3 +1,7 @@
+CVE-2021-45919
+	RESERVED
+CVE-2021-4190
+	RESERVED
 CVE-2021-4189
 	RESERVED
 CVE-2021-45918
@@ -10,8 +14,8 @@ CVE-2021-45915
 	RESERVED
 CVE-2021-45914
 	RESERVED
-CVE-2021-4188
-	RESERVED
+CVE-2021-4188 (mruby is vulnerable to NULL Pointer Dereference ...)
+	TODO: check
 CVE-2021-45913
 	RESERVED
 CVE-2021-45912
@@ -2641,6 +2645,7 @@ CVE-2021-4104 (JMSAppender in Log4j 1.2 is vulnerable to deserialization of untr
 CVE-2021-4103
 	RESERVED
 CVE-2021-44832 (Apache Log4j2 versions 2.0-beta7 through 2.17.0 (excluding security fi ...)
+	{DLA-2870-1}
 	- apache-log4j2 2.17.1-1 (bug #1002813)
 	[bullseye] - apache-log4j2 <no-dsa> (Minor issue; requires attacker with permissions to modify the logging configuration file)
 	[buster] - apache-log4j2 <no-dsa> (Minor issue; requires attacker with permissions to modify the logging configuration file)
@@ -4394,7 +4399,7 @@ CVE-2021-44159 (4MOSAn GCB Doctor&#8217;s file upload function has improper user
 CVE-2021-44158
 	RESERVED
 CVE-2021-4011 (A flaw was found in xorg-x11-server in versions before 21.1.2 and befo ...)
-	{DSA-5027-1}
+	{DSA-5027-1 DLA-2869-1}
 	- xorg-server 2:1.20.13-3
 	- xwayland 2:21.1.4-1
 	NOTE: https://lists.x.org/archives/xorg-announce/2021-December/003122.html
@@ -4407,13 +4412,13 @@ CVE-2021-4010 (A flaw was found in xorg-x11-server in versions before 21.1.2 and
 	NOTE: https://lists.x.org/archives/xorg-announce/2021-December/003122.html
 	NOTE: https://gitlab.freedesktop.org/xorg/xserver/-/commit/6c4c53010772e3cb4cb8acd54950c8eec9c00d21
 CVE-2021-4009 (A flaw was found in xorg-x11-server in versions before 21.1.2 and befo ...)
-	{DSA-5027-1}
+	{DSA-5027-1 DLA-2869-1}
 	- xorg-server 2:1.20.13-3
 	- xwayland 2:21.1.4-1
 	NOTE: https://lists.x.org/archives/xorg-announce/2021-December/003122.html
 	NOTE: https://gitlab.freedesktop.org/xorg/xserver/-/commit/b5196750099ae6ae582e1f46bd0a6dad29550e02
 CVE-2021-4008 (A flaw was found in xorg-x11-server in versions before 21.1.2 and befo ...)
-	{DSA-5027-1}
+	{DSA-5027-1 DLA-2869-1}
 	- xorg-server 2:1.20.13-3
 	- xwayland 2:21.1.4-1
 	NOTE: https://lists.x.org/archives/xorg-announce/2021-December/003122.html
@@ -5123,8 +5128,8 @@ CVE-2021-43878
 	RESERVED
 CVE-2021-43877 (ASP.NET Core and Visual Studio Elevation of Privilege Vulnerability ...)
 	NOT-FOR-US: .NET core
-CVE-2021-43876
-	RESERVED
+CVE-2021-43876 (Microsoft SharePoint Elevation of Privilege Vulnerability. ...)
+	TODO: check
 CVE-2021-43875 (Microsoft Office Graphics Remote Code Execution Vulnerability ...)
 	NOT-FOR-US: Microsoft
 CVE-2021-43874
diff --git a/data/CVE/2022.list b/data/CVE/2022.list
index bdd6f1ad11..382fe3309b 100644
--- a/data/CVE/2022.list
+++ b/data/CVE/2022.list
@@ -1,3 +1,43 @@
+CVE-2022-22282
+	RESERVED
+CVE-2022-22281
+	RESERVED
+CVE-2022-22280
+	RESERVED
+CVE-2022-22279
+	RESERVED
+CVE-2022-22278
+	RESERVED
+CVE-2022-22277
+	RESERVED
+CVE-2022-22276
+	RESERVED
+CVE-2022-22275
+	RESERVED
+CVE-2022-22274
+	RESERVED
+CVE-2022-22273
+	RESERVED
+CVE-2022-22272
+	RESERVED
+CVE-2022-22271
+	RESERVED
+CVE-2022-22270
+	RESERVED
+CVE-2022-22269
+	RESERVED
+CVE-2022-22268
+	RESERVED
+CVE-2022-22267
+	RESERVED
+CVE-2022-22266
+	RESERVED
+CVE-2022-22265
+	RESERVED
+CVE-2022-22264
+	RESERVED
+CVE-2022-22263
+	RESERVED
 CVE-2022-22262
 	RESERVED
 CVE-2022-0077