automatic update

2 files changed, 107 insertions, 32 deletions

diff --git a/data/CVE/2021.list b/data/CVE/2021.list
index ddde2e4ef4..fbe03b3bd9 100644
--- a/data/CVE/2021.list
+++ b/data/CVE/2021.list
@@ -863,8 +863,8 @@ CVE-2021-46323 (Espruino 2v11.251 was discovered to contain a SEGV vulnerability
 	NOT-FOR-US: Espruino
 CVE-2021-46322 (Duktape v2.99.99 was discovered to contain a SEGV vulnerability via th ...)
 	NOT-FOR-US: Duktape
-CVE-2021-46321
-	RESERVED
+CVE-2021-46321 (Tenda AC Series Router AC11_V02.03.01.104_CN was discovered to contain ...)
+	TODO: check
 CVE-2021-46320 (In OpenZeppelin <=v4.4.0, initializer functions that are invoked se ...)
 	NOT-FOR-US: OpenZeppelin
 CVE-2021-46319
@@ -993,14 +993,14 @@ CVE-2021-46267
 	RESERVED
 CVE-2021-46266
 	RESERVED
-CVE-2021-46265
-	RESERVED
-CVE-2021-46264
-	RESERVED
-CVE-2021-46263
-	RESERVED
-CVE-2021-46262
-	RESERVED
+CVE-2021-46265 (Tenda AC Series Router AC11_V02.03.01.104_CN was discovered to contain ...)
+	TODO: check
+CVE-2021-46264 (Tenda AC Series Router AC11_V02.03.01.104_CN was discovered to contain ...)
+	TODO: check
+CVE-2021-46263 (Tenda AC Series Router AC11_V02.03.01.104_CN was discovered to contain ...)
+	TODO: check
+CVE-2021-46262 (Tenda AC Series Router AC11_V02.03.01.104_CN was discovered to contain ...)
+	TODO: check
 CVE-2021-46261
 	RESERVED
 CVE-2021-46260
@@ -1019,14 +1019,14 @@ CVE-2021-46254
 	RESERVED
 CVE-2021-46253 (A cross-site scripting (XSS) vulnerability in the Create Post function ...)
 	NOT-FOR-US: Anchor CMS
-CVE-2021-46252
-	RESERVED
-CVE-2021-46251
-	RESERVED
-CVE-2021-46250
-	RESERVED
-CVE-2021-46249
-	RESERVED
+CVE-2021-46252 (A Cross-Site Request Forgery (CSRF) in RequirementsBypassPage.php of S ...)
+	TODO: check
+CVE-2021-46251 (A reflected cross-site scripting (XSS) in ScratchOAuth2 before commit  ...)
+	TODO: check
+CVE-2021-46250 (An issue in SOA2Login::commented of ScratchOAuth2 before commit a91879 ...)
+	TODO: check
+CVE-2021-46249 (An authorization bypass exploited by a user-controlled key in Specific ...)
+	TODO: check
 CVE-2021-46248
 	RESERVED
 CVE-2021-46247
@@ -7541,6 +7541,7 @@ CVE-2021-43860 (Flatpak is a Linux application sandboxing and distribution frame
 	NOTE: https://github.com/flatpak/flatpak/commit/93357d357119093804df05acc32ff335839c6451
 	NOTE: https://github.com/flatpak/flatpak/commit/65cbfac982cb1c83993a9e19aa424daee8e9f042
 CVE-2021-43859 (XStream is an open source java library to serialize objects to XML and ...)
+	{DLA-2924-1}
 	- libxstream-java <unfixed>
 	NOTE: https://github.com/x-stream/xstream/security/advisories/GHSA-rmr5-cpv2-vgjf
 	NOTE: https://x-stream.github.io/CVE-2021-43859.html
@@ -23586,8 +23587,8 @@ CVE-2021-37356
 	RESERVED
 CVE-2021-37355
 	RESERVED
-CVE-2021-37354
-	RESERVED
+CVE-2021-37354 (Xerox Phaser 4622 v35.013.01.000 was discovered to contain a buffer ov ...)
+	TODO: check
 CVE-2021-37353 (Nagios XI Docker Wizard before version 1.1.3 is vulnerable to SSRF due ...)
 	NOT-FOR-US: Nagios XI
 CVE-2021-37352 (An open redirect vulnerability exists in Nagios XI before version 5.8. ...)
@@ -28165,8 +28166,8 @@ CVE-2021-35382
 	RESERVED
 CVE-2021-35381
 	RESERVED
-CVE-2021-35380
-	RESERVED
+CVE-2021-35380 (A Directory Traversal vulnerability exists in Solari di Udine TermTalk ...)
+	TODO: check
 CVE-2021-35379
 	RESERVED
 CVE-2021-35378
@@ -31364,8 +31365,8 @@ CVE-2021-33947
 	RESERVED
 CVE-2021-33946
 	RESERVED
-CVE-2021-33945
-	RESERVED
+CVE-2021-33945 (RICOH Printer series SP products 320DN, SP 325DNw, SP 320SN, SP 320SFN ...)
+	TODO: check
 CVE-2021-33944
 	RESERVED
 CVE-2021-33943
diff --git a/data/CVE/2022.list b/data/CVE/2022.list
index f3d3d98b3f..945cdce0d1 100644
--- a/data/CVE/2022.list
+++ b/data/CVE/2022.list
@@ -1,3 +1,77 @@
+CVE-2022-25245
+	RESERVED
+CVE-2022-25244
+	RESERVED
+CVE-2022-25243
+	RESERVED
+CVE-2022-25242 (In FileCloud before 21.3, file upload is not protected against Cross-S ...)
+	TODO: check
+CVE-2022-25241 (In FileCloud before 21.3, the CSV user import functionality is vulnera ...)
+	TODO: check
+CVE-2022-25240
+	RESERVED
+CVE-2022-25239
+	RESERVED
+CVE-2022-25238
+	RESERVED
+CVE-2022-25237
+	RESERVED
+CVE-2022-25236 (xmlparse.c in Expat (aka libexpat) before 2.4.5 allows attackers to in ...)
+	TODO: check
+CVE-2022-25235 (xmltok_impl.c in Expat (aka libexpat) before 2.4.5 lacks certain valid ...)
+	TODO: check
+CVE-2022-25229
+	RESERVED
+CVE-2022-25228
+	RESERVED
+CVE-2022-25227
+	RESERVED
+CVE-2022-25226
+	RESERVED
+CVE-2022-25225
+	RESERVED
+CVE-2022-25224
+	RESERVED
+CVE-2022-25223
+	RESERVED
+CVE-2022-25222
+	RESERVED
+CVE-2022-25221
+	RESERVED
+CVE-2022-25220
+	RESERVED
+CVE-2022-25219
+	RESERVED
+CVE-2022-25218
+	RESERVED
+CVE-2022-25217
+	RESERVED
+CVE-2022-25216
+	RESERVED
+CVE-2022-25215
+	RESERVED
+CVE-2022-25214
+	RESERVED
+CVE-2022-25213
+	RESERVED
+CVE-2022-24915
+	RESERVED
+CVE-2022-24432
+	RESERVED
+CVE-2022-22985
+	RESERVED
+CVE-2022-21146
+	RESERVED
+CVE-2022-0623
+	RESERVED
+CVE-2022-0622
+	RESERVED
+CVE-2022-0621
+	RESERVED
+CVE-2022-0620
+	RESERVED
+CVE-2022-0619
+	RESERVED
 CVE-2022-25209 (Jenkins Chef Sinatra Plugin 1.20 and earlier does not configure its XM ...)
 	NOT-FOR-US: Jenkins Chef Sinatra Plugin
 CVE-2022-25175 (Jenkins Pipeline: Multibranch Plugin 706.vd43c65dec013 and earlier use ...)
@@ -143,10 +217,10 @@ CVE-2022-25149
 	RESERVED
 CVE-2022-25148
 	RESERVED
-CVE-2022-0612
-	RESERVED
-CVE-2022-0611
-	RESERVED
+CVE-2022-0612 (Cross-site Scripting (XSS) - Stored in Packagist remdex/livehelperchat ...)
+	TODO: check
+CVE-2022-0611 (Improper Privilege Management in Packagist snipe/snipe-it prior to 5.3 ...)
+	TODO: check
 CVE-2022-25147
 	RESERVED
 CVE-2022-0610
@@ -4221,12 +4295,12 @@ CVE-2022-23645
 	RESERVED
 CVE-2022-23644
 	RESERVED
-CVE-2022-23643
-	RESERVED
+CVE-2022-23643 (Sourcegraph is a code search and navigation engine. Sourcegraph versio ...)
+	TODO: check
 CVE-2022-23642
 	RESERVED
-CVE-2022-23641
-	RESERVED
+CVE-2022-23641 (Discourse is an open source discussion platform. In versions prior to  ...)
+	TODO: check
 CVE-2022-23640
 	RESERVED
 CVE-2022-23639 (crossbeam-utils provides atomics, synchronization primitives, scoped t ...)