automatic update

author: security tracker role <sectracker@soriano.debian.org> 2021-11-24 08:10:17 +0000
committer: security tracker role <sectracker@soriano.debian.org> 2021-11-24 08:10:17 +0000
commit: 21ade62fae7684637d7cf649ff0fc231e3cb0b5e (patch)
tree: 0857c636dc13c0324401886b904ac4ddf73d5bb5
parent: 2023a0650d420795286457775579bc8c37df1284 (diff)
4 files changed, 252 insertions, 260 deletions
diff --git a/data/CVE/2015.list b/data/CVE/2015.list
index 7d6b0836b4..7ea1ae1d23 100644
--- a/data/CVE/2015.list
+++ b/data/CVE/2015.list
@@ -728,7 +728,7 @@ CVE-2015-9227 (PHP remote file inclusion vulnerability in the get_file function
 CVE-2015-9226 (Multiple SQL injection vulnerabilities in AlegroCart 1.2.8 allow remot ...)
 	NOT-FOR-US: AlegroCart
 CVE-2015-9225
-	RESERVED
+	REJECTED
 CVE-2015-9224 (In Android before 2018-04-05 or earlier security patch level on Qualco ...)
 	NOT-FOR-US: Qualcomm components for Android
 CVE-2015-9223 (In Android before 2018-04-05 or earlier security patch level on Qualco ...)
@@ -750,7 +750,7 @@ CVE-2015-9216 (In Android before 2018-04-05 or earlier security patch level on Q
 CVE-2015-9215 (In Android before 2018-04-05 or earlier security patch level on Qualco ...)
 	NOT-FOR-US: Qualcomm components for Android
 CVE-2015-9214
-	RESERVED
+	REJECTED
 CVE-2015-9213 (In Android before 2018-04-05 or earlier security patch level on Qualco ...)
 	NOT-FOR-US: Qualcomm components for Android
 CVE-2015-9212 (In Android before 2018-04-05 or earlier security patch level on Qualco ...)
@@ -842,7 +842,7 @@ CVE-2015-9170 (In Android before 2018-04-05 or earlier security patch level on Q
 CVE-2015-9169 (In Android before 2018-04-05 or earlier security patch level on Qualco ...)
 	NOT-FOR-US: Qualcomm components for Android
 CVE-2015-9168
-	RESERVED
+	REJECTED
 CVE-2015-9167 (In Android before 2018-04-05 or earlier security patch level on Qualco ...)
 	NOT-FOR-US: Qualcomm components for Android
 CVE-2015-9166 (In Android before 2018-04-05 or earlier security patch level on Qualco ...)
@@ -868,9 +868,9 @@ CVE-2015-9157 (In Android before 2018-04-05 or earlier security patch level on Q
 CVE-2015-9156 (In Android before 2018-04-05 or earlier security patch level on Qualco ...)
 	NOT-FOR-US: Qualcomm components for Android
 CVE-2015-9155
-	RESERVED
+	REJECTED
 CVE-2015-9154
-	RESERVED
+	REJECTED
 CVE-2015-9153 (In Android before 2018-04-05 or earlier security patch level on Qualco ...)
 	NOT-FOR-US: Qualcomm components for Android
 CVE-2015-9152 (In Android before 2018-04-05 or earlier security patch level on Qualco ...)
@@ -928,7 +928,7 @@ CVE-2015-9127 (In Android before 2018-04-05 or earlier security patch level on Q
 CVE-2015-9126 (In Android before 2018-04-05 or earlier security patch level on Qualco ...)
 	NOT-FOR-US: Qualcomm components for Android
 CVE-2015-9125
-	RESERVED
+	REJECTED
 CVE-2015-9124 (In Android before 2018-04-05 or earlier security patch level on Qualco ...)
 	NOT-FOR-US: Qualcomm components for Android
 CVE-2015-9123 (In Android before 2018-04-05 or earlier security patch level on Qualco ...)
@@ -936,7 +936,7 @@ CVE-2015-9123 (In Android before 2018-04-05 or earlier security patch level on Q
 CVE-2015-9122 (In Android before 2018-04-05 or earlier security patch level on Qualco ...)
 	NOT-FOR-US: Qualcomm components for Android
 CVE-2015-9121
-	RESERVED
+	REJECTED
 CVE-2015-9120 (In Android before 2018-04-05 or earlier security patch level on Qualco ...)
 	NOT-FOR-US: Qualcomm components for Android
 CVE-2015-9119 (In Android before 2018-04-05 or earlier security patch level on Qualco ...)
@@ -944,7 +944,7 @@ CVE-2015-9119 (In Android before 2018-04-05 or earlier security patch level on Q
 CVE-2015-9118 (In Android before 2018-04-05 or earlier security patch level on Qualco ...)
 	NOT-FOR-US: Qualcomm components for Android
 CVE-2015-9117
-	RESERVED
+	REJECTED
 CVE-2015-9116 (In Android before 2018-04-05 or earlier security patch level on Qualco ...)
 	NOT-FOR-US: Qualcomm components for Android
 CVE-2015-9115 (In Android before 2018-04-05 or earlier security patch level on Qualco ...)
@@ -989,49 +989,49 @@ CVE-2015-9096 (Net::SMTP in Ruby before 2.4.0 is vulnerable to SMTP command inje
 	NOTE: https://github.com/ruby/ruby/commit/0827a7e52ba3d957a634b063bf5a391239b9ffee
 	NOTE: https://github.com/rubysec/ruby-advisory-db/issues/215
 CVE-2015-9095
-	RESERVED
+	REJECTED
 CVE-2015-9094
-	RESERVED
+	REJECTED
 CVE-2015-9093
-	RESERVED
+	REJECTED
 CVE-2015-9092
-	RESERVED
+	REJECTED
 CVE-2015-9091
-	RESERVED
+	REJECTED
 CVE-2015-9090
-	RESERVED
+	REJECTED
 CVE-2015-9089
-	RESERVED
+	REJECTED
 CVE-2015-9088
-	RESERVED
+	REJECTED
 CVE-2015-9087
-	RESERVED
+	REJECTED
 CVE-2015-9086
-	RESERVED
+	REJECTED
 CVE-2015-9085
-	RESERVED
+	REJECTED
 CVE-2015-9084
-	RESERVED
+	REJECTED
 CVE-2015-9083
-	RESERVED
+	REJECTED
 CVE-2015-9082
-	RESERVED
+	REJECTED
 CVE-2015-9081
-	RESERVED
+	REJECTED
 CVE-2015-9080
-	RESERVED
+	REJECTED
 CVE-2015-9079
-	RESERVED
+	REJECTED
 CVE-2015-9078
-	RESERVED
+	REJECTED
 CVE-2015-9077
-	RESERVED
+	REJECTED
 CVE-2015-9076
-	RESERVED
+	REJECTED
 CVE-2015-9075
-	RESERVED
+	REJECTED
 CVE-2015-9074
-	RESERVED
+	REJECTED
 CVE-2015-9073 (In all Qualcomm products with Android releases from CAF using the Linu ...)
 	NOT-FOR-US: Qualcomm driver for Android
 CVE-2015-9072 (In all Qualcomm products with Android releases from CAF using the Linu ...)
diff --git a/data/CVE/2017.list b/data/CVE/2017.list
index e2e5cd0b2a..7087be7f8c 100644
--- a/data/CVE/2017.list
+++ b/data/CVE/2017.list
@@ -11740,7 +11740,7 @@ CVE-2017-14876 (In msm_ispif_config_stereo() in Android for MSM, Firefox OS for
 CVE-2017-14875 (In the handler for the ioctl command VIDIOC_MSM_ISP_DUAL_HW_LPM_MODE i ...)
 	NOT-FOR-US: Qualcomm component for Android
 CVE-2017-14874
-	RESERVED
+	REJECTED
 CVE-2017-14873 (In Android for MSM, Firefox OS for MSM, QRD Android, with all Android  ...)
 	NOT-FOR-US: Qualcomm components for Android
 CVE-2017-14872 (While flashing a meta image, a buffer over-read can potentially occur  ...)
@@ -30678,7 +30678,7 @@ CVE-2017-8251 (In all Qualcomm products with Android releases from CAF using the
 CVE-2017-8250 (In all Qualcomm products with Android releases from CAF using the Linu ...)
 	NOT-FOR-US: Qualcomm driver for Android
 CVE-2017-8249
-	RESERVED
+	REJECTED
 CVE-2017-8248 (A buffer overflow may occur in the processing of a downlink NAS messag ...)
 	NOT-FOR-US: Qualcomm Telephony
 CVE-2017-8247 (In all Qualcomm products with Android releases from CAF using the Linu ...)
@@ -30714,7 +30714,7 @@ CVE-2017-8234 (In all Android releases from CAF using the Linux kernel, an out o
 CVE-2017-8233 (In a camera driver function in all Android releases from CAF using the ...)
 	NOT-FOR-US: Android driver
 CVE-2017-8232
-	RESERVED
+	REJECTED
 CVE-2017-8231
 	RESERVED
 CVE-2017-8230 (On Amcrest IPM-721S V2.420.AC00.16.R.20160909 devices, the users on th ...)
diff --git a/data/CVE/2018.list b/data/CVE/2018.list
index 4d1c984100..63aa75498e 100644
--- a/data/CVE/2018.list
+++ b/data/CVE/2018.list
@@ -19660,103 +19660,103 @@ CVE-2018-13971
 CVE-2018-13970
 	RESERVED
 CVE-2018-13969
-	RESERVED
+	REJECTED
 CVE-2018-13968
-	RESERVED
+	REJECTED
 CVE-2018-13967
-	RESERVED
+	REJECTED
 CVE-2018-13966
-	RESERVED
+	REJECTED
 CVE-2018-13965
-	RESERVED
+	REJECTED
 CVE-2018-13964
-	RESERVED
+	REJECTED
 CVE-2018-13963
-	RESERVED
+	REJECTED
 CVE-2018-13962
-	RESERVED
+	REJECTED
 CVE-2018-13961
-	RESERVED
+	REJECTED
 CVE-2018-13960
-	RESERVED
+	REJECTED
 CVE-2018-13959
-	RESERVED
+	REJECTED
 CVE-2018-13958
-	RESERVED
+	REJECTED
 CVE-2018-13957
-	RESERVED
+	REJECTED
 CVE-2018-13956
-	RESERVED
+	REJECTED
 CVE-2018-13955
-	RESERVED
+	REJECTED
 CVE-2018-13954
-	RESERVED
+	REJECTED
 CVE-2018-13953
-	RESERVED
+	REJECTED
 CVE-2018-13952
-	RESERVED
+	REJECTED
 CVE-2018-13951
-	RESERVED
+	REJECTED
 CVE-2018-13950
-	RESERVED
+	REJECTED
 CVE-2018-13949
-	RESERVED
+	REJECTED
 CVE-2018-13948
-	RESERVED
+	REJECTED
 CVE-2018-13947
-	RESERVED
+	REJECTED
 CVE-2018-13946
-	RESERVED
+	REJECTED
 CVE-2018-13945
-	RESERVED
+	REJECTED
 CVE-2018-13944
-	RESERVED
+	REJECTED
 CVE-2018-13943
-	RESERVED
+	REJECTED
 CVE-2018-13942
-	RESERVED
+	REJECTED
 CVE-2018-13941
-	RESERVED
+	REJECTED
 CVE-2018-13940
-	RESERVED
+	REJECTED
 CVE-2018-13939
-	RESERVED
+	REJECTED
 CVE-2018-13938
-	RESERVED
+	REJECTED
 CVE-2018-13937
-	RESERVED
+	REJECTED
 CVE-2018-13936
-	RESERVED
+	REJECTED
 CVE-2018-13935
-	RESERVED
+	REJECTED
 CVE-2018-13934
-	RESERVED
+	REJECTED
 CVE-2018-13933
-	RESERVED
+	REJECTED
 CVE-2018-13932
-	RESERVED
+	REJECTED
 CVE-2018-13931
-	RESERVED
+	REJECTED
 CVE-2018-13930
-	RESERVED
+	REJECTED
 CVE-2018-13929
-	RESERVED
+	REJECTED
 CVE-2018-13928
-	RESERVED
+	REJECTED
 CVE-2018-13927 (Debug policy with invalid signature can be loaded when the debug polic ...)
 	NOT-FOR-US: Snapdragon
 CVE-2018-13926
-	RESERVED
+	REJECTED
 CVE-2018-13925 (Error in parsing PMT table frees the memory allocated for the map sect ...)
 	NOT-FOR-US: Qualcomm components for Android
 CVE-2018-13924 (Lack of check to prevent the buffer length taking negative values can  ...)
 	NOT-FOR-US: Snapdragon
 CVE-2018-13923
-	RESERVED
+	REJECTED
 CVE-2018-13922
-	RESERVED
+	REJECTED
 CVE-2018-13921
-	RESERVED
+	REJECTED
 CVE-2018-13920 (Use-after-free condition due to Improper handling of hrtimers when the ...)
 	NOT-FOR-US: Qualcomm components for Android
 CVE-2018-13919 (Use-after-free vulnerability will occur if reset of the routing table  ...)
@@ -19769,7 +19769,7 @@ CVE-2018-13917
 CVE-2018-13916 (Out-of-bounds memory access in Qurt kernel function when using the ide ...)
 	NOT-FOR-US: Snapdragon
 CVE-2018-13915
-	RESERVED
+	REJECTED
 CVE-2018-13914 (Lack of input validation for data received from user space can lead to ...)
 	NOT-FOR-US: CodeAurora components for Android
 CVE-2018-13913 (Improper validation of array index can lead to unauthorized access whi ...)
@@ -19815,11 +19815,11 @@ CVE-2018-13894
 CVE-2018-13893 (In all android releases(Android for MSM, Firefox OS for MSM, QRD Andro ...)
 	NOT-FOR-US: CodeAurora components for Android
 CVE-2018-13892
-	RESERVED
+	REJECTED
 CVE-2018-13891
-	RESERVED
+	REJECTED
 CVE-2018-13890
-	RESERVED
+	REJECTED
 CVE-2018-13889 (In all android releases(Android for MSM, Firefox OS for MSM, QRD Andro ...)
 	NOT-FOR-US: CodeAurora components for Android
 CVE-2018-13888 (There is potential for memory corruption in the RIL daemon due to de r ...)
@@ -19833,13 +19833,13 @@ CVE-2018-13885 (Possible memory overread may be lead to access of sensitive data
 CVE-2018-13884
 	REJECTED
 CVE-2018-13883
-	RESERVED
+	REJECTED
 CVE-2018-13882
-	RESERVED
+	REJECTED
 CVE-2018-13881
-	RESERVED
+	REJECTED
 CVE-2018-13880
-	RESERVED
+	REJECTED
 CVE-2018-13879 (A reflected XSS issue was discovered in the registration form in Rocke ...)
 	NOT-FOR-US: Rocket.Chat
 CVE-2018-13878 (An XSS issue was discovered in packages/rocketchat-mentions/Mentions.j ...)
@@ -24692,11 +24692,11 @@ CVE-2018-12011 (In all android releases(Android for MSM, Firefox OS for MSM, QRD
 CVE-2018-12010 (In all android releases(Android for MSM, Firefox OS for MSM, QRD Andro ...)
 	NOT-FOR-US: CodeAurora components for Android
 CVE-2018-12009
-	RESERVED
+	REJECTED
 CVE-2018-12008
-	RESERVED
+	REJECTED
 CVE-2018-12007
-	RESERVED
+	REJECTED
 CVE-2018-12006 (In all android releases(Android for MSM, Firefox OS for MSM, QRD Andro ...)
 	NOT-FOR-US: CodeAurora components for Android
 CVE-2018-12005 (An unprivileged user can issue a binder call and cause a system halt i ...)
@@ -24704,19 +24704,19 @@ CVE-2018-12005 (An unprivileged user can issue a binder call and cause a system
 CVE-2018-12004 (Secure keypad is unlocked with secure display still intact in Snapdrag ...)
 	NOT-FOR-US: Qualcomm components for Android
 CVE-2018-12003
-	RESERVED
+	REJECTED
 CVE-2018-12002
-	RESERVED
+	REJECTED
 CVE-2018-12001
-	RESERVED
+	REJECTED
 CVE-2018-12000
-	RESERVED
+	REJECTED
 CVE-2018-11999 (Improper input validation in trustzone can lead to denial of service i ...)
 	NOT-FOR-US: Qualcomm components for Android
 CVE-2018-11998 (While processing a packet decode request in MQTT, Race condition can o ...)
 	NOT-FOR-US: Qualcomm components for Android
 CVE-2018-11997
-	RESERVED
+	REJECTED
 CVE-2018-11996 (When a malformed command is sent to the device programmer, an out-of-b ...)
 	NOT-FOR-US: Snapdragon
 CVE-2018-11995 (In all android releases(Android for MSM, Firefox OS for MSM, QRD Andro ...)
@@ -24726,11 +24726,11 @@ CVE-2018-11994 (SMMU secure camera logic allows secure camera controllers to acc
 CVE-2018-11993 (Improper check while accessing the local memory stack on MQTT connecti ...)
 	NOT-FOR-US: Qualcomm components for Android
 CVE-2018-11992
-	RESERVED
+	REJECTED
 CVE-2018-11991
-	RESERVED
+	REJECTED
 CVE-2018-11990
-	RESERVED
+	REJECTED
 CVE-2018-11989
 	REJECTED
 CVE-2018-11988 (In all android releases(Android for MSM, Firefox OS for MSM, QRD Andro ...)
@@ -24755,7 +24755,7 @@ CVE-2018-11981
 CVE-2018-11980 (When a fake broadcast/multicast 11w rmf without mmie received, since n ...)
 	NOT-FOR-US: Qualcomm components for Android
 CVE-2018-11979
-	RESERVED
+	REJECTED
 CVE-2018-11978
 	REJECTED
 CVE-2018-11977
@@ -24799,7 +24799,7 @@ CVE-2018-11959
 CVE-2018-11958 (Insufficient protection of keys in keypad can lead HLOS to gain access ...)
 	NOT-FOR-US: Qualcomm components for Android
 CVE-2018-11957
-	RESERVED
+	REJECTED
 CVE-2018-11956 (In all android releases(Android for MSM, Firefox OS for MSM, QRD Andro ...)
 	NOT-FOR-US: Android
 CVE-2018-11955 (Lack of check on length of reason-code fetched from payload may lead d ...)
@@ -24826,7 +24826,7 @@ CVE-2018-11946 (In all android releases(Android for MSM, Firefox OS for MSM, QRD
 CVE-2018-11945 (Improper input validation in wireless service messaging module for dat ...)
 	NOT-FOR-US: Qualcomm components for Android
 CVE-2018-11944
-	RESERVED
+	REJECTED
 CVE-2018-11943 (In all android releases(Android for MSM, Firefox OS for MSM, QRD Andro ...)
 	NOT-FOR-US: Qualcomm components for Android
 CVE-2018-11942 (Failure to initialize the reserved memory which is sent to the firmwar ...)
@@ -24862,7 +24862,7 @@ CVE-2018-11928 (Lack of check on length parameter may cause buffer overflow whil
 CVE-2018-11927 (Improper input validation on input which is used as an array index wil ...)
 	NOT-FOR-US: Qualcomm components for Android
 CVE-2018-11926
-	RESERVED
+	REJECTED
 CVE-2018-11925 (Data length received from firmware is not validated against the max al ...)
 	NOT-FOR-US: Qualcomm components for Android
 CVE-2018-11924 (Improper buffer length validation in WLAN function can lead to a poten ...)
@@ -24884,7 +24884,7 @@ CVE-2018-11917
 CVE-2018-11916
 	RESERVED
 CVE-2018-11915
-	RESERVED
+	REJECTED
 CVE-2018-11914 (In all android releases(Android for MSM, Firefox OS for MSM, QRD Andro ...)
 	NOT-FOR-US: Qualcomm components for Android
 CVE-2018-11913 (In all android releases(Android for MSM, Firefox OS for MSM, QRD Andro ...)
@@ -24912,9 +24912,9 @@ CVE-2018-11903 (In all android releases (Android for MSM, Firefox OS for MSM, QR
 CVE-2018-11902 (In all android releases (Android for MSM, Firefox OS for MSM, QRD Andr ...)
 	NOT-FOR-US: Qualcomm components for Android
 CVE-2018-11901
-	RESERVED
+	REJECTED
 CVE-2018-11900
-	RESERVED
+	REJECTED
 CVE-2018-11899 (While processing radio connection status change events, Radio index is ...)
 	NOT-FOR-US: Qualcomm components for Android
 CVE-2018-11898 (In all android releases (Android for MSM, Firefox OS for MSM, QRD Andr ...)
@@ -24922,7 +24922,7 @@ CVE-2018-11898 (In all android releases (Android for MSM, Firefox OS for MSM, QR
 CVE-2018-11897 (In all android releases (Android for MSM, Firefox OS for MSM, QRD Andr ...)
 	NOT-FOR-US: Qualcomm components for Android
 CVE-2018-11896
-	RESERVED
+	REJECTED
 CVE-2018-11895 (In all android releases (Android for MSM, Firefox OS for MSM, QRD Andr ...)
 	NOT-FOR-US: Qualcomm components for Android
 CVE-2018-11894 (In all android releases (Android for MSM, Firefox OS for MSM, QRD Andr ...)
@@ -24934,17 +24934,17 @@ CVE-2018-11892
 CVE-2018-11891 (In all android releases (Android for MSM, Firefox OS for MSM, QRD Andr ...)
 	NOT-FOR-US: Qualcomm components for Android
 CVE-2018-11890
-	RESERVED
+	REJECTED
 CVE-2018-11889 (In all android releases (Android for MSM, Firefox OS for MSM, QRD Andr ...)
 	NOT-FOR-US: Qualcomm components for Android
 CVE-2018-11888 (Unauthorized access may be allowed by the SCP11 Crypto Services TA wil ...)
 	NOT-FOR-US: Qualcomm components for Android
 CVE-2018-11887
-	RESERVED
+	REJECTED
 CVE-2018-11886 (In all android releases (Android for MSM, Firefox OS for MSM, QRD Andr ...)
 	NOT-FOR-US: Qualcomm components for Android
 CVE-2018-11885
-	RESERVED
+	REJECTED
 CVE-2018-11884 (Improper input validation leads to buffer overflow while processing ne ...)
 	NOT-FOR-US: Qualcomm components for Android
 CVE-2018-11883 (In all android releases (Android for MSM, Firefox OS for MSM, QRD Andr ...)
@@ -25018,7 +25018,7 @@ CVE-2018-11850 (Lack of check on remaining length parameter When processing scan
 CVE-2018-11849 (Lack of check on out of range of bssid parameter When processing scan  ...)
 	NOT-FOR-US: Qualcomm components for Android
 CVE-2018-11848
-	RESERVED
+	REJECTED
 CVE-2018-11847 (Malicious TA can tag QSEE kernel memory and map to EL0, there by corru ...)
 	NOT-FOR-US: Qualcomm components for Android
 CVE-2018-11846 (The use of a non-time-constant memory comparison operation can lead to ...)
@@ -25026,17 +25026,17 @@ CVE-2018-11846 (The use of a non-time-constant memory comparison operation can l
 CVE-2018-11845 (Usage of non-time-constant comparison functions can lead to informatio ...)
 	NOT-FOR-US: Qualcomm components for Android
 CVE-2018-11844
-	RESERVED
+	REJECTED
 CVE-2018-11843 (In all android releases (Android for MSM, Firefox OS for MSM, QRD Andr ...)
 	NOT-FOR-US: Qualcomm components for Android
 CVE-2018-11842 (In all android releases (Android for MSM, Firefox OS for MSM, QRD Andr ...)
 	NOT-FOR-US: Qualcomm components for Android
 CVE-2018-11841
-	RESERVED
+	REJECTED
 CVE-2018-11840 (In all android releases (Android for MSM, Firefox OS for MSM, QRD Andr ...)
 	NOT-FOR-US: Qualcomm components for Android
 CVE-2018-11839
-	RESERVED
+	REJECTED
 CVE-2018-11838 (Possible double free issue in WLAN due to lack of checking memory free ...)
 	NOT-FOR-US: Qualcomm components for Android
 CVE-2018-11837
@@ -25044,19 +25044,19 @@ CVE-2018-11837
 CVE-2018-11836 (In all android releases (Android for MSM, Firefox OS for MSM, QRD Andr ...)
 	NOT-FOR-US: Qualcomm components for Android
 CVE-2018-11835
-	RESERVED
+	REJECTED
 CVE-2018-11834
-	RESERVED
+	REJECTED
 CVE-2018-11833
-	RESERVED
+	REJECTED
 CVE-2018-11832 (In all android releases (Android for MSM, Firefox OS for MSM, QRD Andr ...)
 	NOT-FOR-US: Android kernel, code not in mainline
 CVE-2018-11831
-	RESERVED
+	REJECTED
 CVE-2018-11830 (Improper input validation in QCPE create function may lead to integer  ...)
 	NOT-FOR-US: Snapdragon
 CVE-2018-11829
-	RESERVED
+	REJECTED
 CVE-2018-11828 (When FW tries to get random mac address generated from new SW RNG and  ...)
 	NOT-FOR-US: Qualcomm components for Android
 CVE-2018-11827 (In all android releases (Android for MSM, Firefox OS for MSM, QRD Andr ...)
@@ -26626,13 +26626,13 @@ CVE-2018-11307 (An issue was discovered in FasterXML jackson-databind 2.0.0 thro
 	NOTE: https://github.com/FasterXML/jackson-databind/issues/2032
 	NOTE: https://github.com/FasterXML/jackson-databind/commit/27b4defc270454dea6842bd9279f17387eceb737
 CVE-2018-11306
-	RESERVED
+	REJECTED
 CVE-2018-11305 (When a series of FDAL messages are sent to the modem, a Use After Free ...)
 	NOT-FOR-US: Qualcomm components for Android
 CVE-2018-11304 (Possible buffer overflow in msm_adsp_stream_callback_put due to lack o ...)
 	NOT-FOR-US: Qualcomm components for Android
 CVE-2018-11303
-	RESERVED
+	REJECTED
 CVE-2018-11302 (In all android releases (Android for MSM, Firefox OS for MSM, QRD Andr ...)
 	NOT-FOR-US: Qualcomm components for Android
 CVE-2018-11301 (In all android releases (Android for MSM, Firefox OS for MSM, QRD Andr ...)
diff --git a/data/CVE/2021.list b/data/CVE/2021.list
index 92472d05a9..c5d80515c0 100644
--- a/data/CVE/2021.list
+++ b/data/CVE/2021.list
@@ -1,3 +1,9 @@
+CVE-2021-4014
+	RESERVED
+CVE-2021-4013
+	RESERVED
+CVE-2021-4012
+	RESERVED
 CVE-2021-44195
 	RESERVED
 CVE-2021-44194
@@ -949,18 +955,18 @@ CVE-2021-43782
 	RESERVED
 CVE-2021-43781
 	RESERVED
-CVE-2021-43780
-	RESERVED
+CVE-2021-43780 (Redash is a package for data visualization and sharing. In versions 10 ...)
+	TODO: check
 CVE-2021-43779
 	RESERVED
 CVE-2021-43778
 	RESERVED
-CVE-2021-43777
-	RESERVED
+CVE-2021-43777 (Redash is a package for data visualization and sharing. In Redash vers ...)
+	TODO: check
 CVE-2021-43776
 	RESERVED
-CVE-2021-43775
-	RESERVED
+CVE-2021-43775 (Aim is an open-source, self-hosted machine learning experiment trackin ...)
+	TODO: check
 CVE-2021-3967
 	RESERVED
 CVE-2021-3966
@@ -2277,10 +2283,10 @@ CVE-2021-43223
 	RESERVED
 CVE-2021-43222
 	RESERVED
-CVE-2021-43221
-	RESERVED
-CVE-2021-43220
-	RESERVED
+CVE-2021-43221 (Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability ...)
+	TODO: check
+CVE-2021-43220 (Microsoft Edge for iOS Spoofing Vulnerability ...)
+	TODO: check
 CVE-2021-43219
 	RESERVED
 CVE-2021-43218
@@ -2297,8 +2303,8 @@ CVE-2021-43213
 	RESERVED
 CVE-2021-43212
 	RESERVED
-CVE-2021-43211
-	RESERVED
+CVE-2021-43211 (Windows 10 Update Assistant Elevation of Privilege Vulnerability This  ...)
+	TODO: check
 CVE-2021-43210
 	RESERVED
 CVE-2021-43209 (3D Viewer Remote Code Execution Vulnerability This CVE ID is unique fr ...)
@@ -3253,12 +3259,12 @@ CVE-2021-42787
 	RESERVED
 CVE-2021-42786
 	RESERVED
-CVE-2021-42785
-	RESERVED
-CVE-2021-42784
-	RESERVED
-CVE-2021-42783
-	RESERVED
+CVE-2021-42785 (Buffer Overflow vulnerability in tvnviewer.exe of TightVNC Viewer allo ...)
+	TODO: check
+CVE-2021-42784 (OS Command Injection vulnerability in debug_fcgi of D-Link DWR-932C E1 ...)
+	TODO: check
+CVE-2021-42783 (Missing Authentication for Critical Function vulnerability in debug_po ...)
+	TODO: check
 CVE-2021-42782
 	RESERVED
 CVE-2021-42781
@@ -4347,12 +4353,12 @@ CVE-2021-42310
 	RESERVED
 CVE-2021-42309
 	RESERVED
-CVE-2021-42308
-	RESERVED
+CVE-2021-42308 (Microsoft Edge (Chromium-based) Spoofing Vulnerability ...)
+	TODO: check
 CVE-2021-42307
 	RESERVED
-CVE-2021-42306
-	RESERVED
+CVE-2021-42306 (Azure Active Directory Information Disclosure Vulnerability ...)
+	TODO: check
 CVE-2021-42305 (Microsoft Exchange Server Spoofing Vulnerability This CVE ID is unique ...)
 	NOT-FOR-US: Microsoft
 CVE-2021-42304 (Azure RTOS Elevation of Privilege Vulnerability This CVE ID is unique  ...)
@@ -4369,8 +4375,8 @@ CVE-2021-42299 (Microsoft Surface Pro 3 Security Feature Bypass Vulnerability ..
 	NOT-FOR-US: Microsoft
 CVE-2021-42298 (Microsoft Defender Remote Code Execution Vulnerability ...)
 	NOT-FOR-US: Microsoft
-CVE-2021-42297
-	RESERVED
+CVE-2021-42297 (Windows 10 Update Assistant Elevation of Privilege Vulnerability This  ...)
+	TODO: check
 CVE-2021-42296 (Microsoft Word Remote Code Execution Vulnerability ...)
 	NOT-FOR-US: Microsoft
 CVE-2021-42295
@@ -6738,8 +6744,7 @@ CVE-2021-41283
 	RESERVED
 CVE-2021-41282
 	RESERVED
-CVE-2021-41281 [Path traversal when downloading remote media]
-	RESERVED
+CVE-2021-41281 (Synapse is a package for Matrix homeservers written in Python 3/Twiste ...)
 	- matrix-synapse 1.47.1-1 (bug #1000451)
 	NOTE: https://github.com/matrix-org/synapse/security/advisories/GHSA-3hfw-x7gx-437c
 	NOTE: https://github.com/matrix-org/synapse/commit/91f2bd0907f1d05af67166846988e49644eb650c
@@ -6932,8 +6937,8 @@ CVE-2021-41194 (FirstUseAuthenticator is a JupyterHub authenticator that helps n
 	NOT-FOR-US: FirstUseAuthenticator for JupyterHub
 CVE-2021-41193
 	RESERVED
-CVE-2021-41192
-	RESERVED
+CVE-2021-41192 (Redash is a package for data visualization and sharing. If an admin se ...)
+	TODO: check
 CVE-2021-41191 (Roblox-Purchasing-Hub is an open source Roblox product purchasing hub. ...)
 	NOT-FOR-US: Roblox-Purchasing-Hub
 CVE-2021-41190 (The OCI Distribution Spec project defines an API protocol to facilitat ...)
@@ -12256,8 +12261,8 @@ CVE-2021-38982 (IBM Tivoli Key Lifecycle Manager 3.0, 3.0.1, 4.0, and 4.1 is vul
 	NOT-FOR-US: IBM
 CVE-2021-38981 (IBM Tivoli Key Lifecycle Manager 3.0, 3.0.1, 4.0, and 4.1 could allow  ...)
 	NOT-FOR-US: IBM
-CVE-2021-38980
-	RESERVED
+CVE-2021-38980 (IBM Tivoli Key Lifecycle Manager (IBM Security Guardium Key Lifecycle  ...)
+	TODO: check
 CVE-2021-38979 (IBM Tivoli Key Lifecycle Manager 3.0, 3.0.1, 4.0, and 4.1 uses a one-w ...)
 	NOT-FOR-US: IBM
 CVE-2021-38978 (IBM Tivoli Key Lifecycle Manager 3.0, 3.0.1, 4.0, and 4.1 could allow  ...)
@@ -12434,10 +12439,10 @@ CVE-2021-38893
 	RESERVED
 CVE-2021-38892
 	RESERVED
-CVE-2021-38891
-	RESERVED
-CVE-2021-38890
-	RESERVED
+CVE-2021-38891 (IBM Sterling Connect:Direct Web Services 1.0 and 6.0 uses weaker than  ...)
+	TODO: check
+CVE-2021-38890 (IBM Sterling Connect:Direct Web Services 1.0 and 6.0 uses an inadequat ...)
+	TODO: check
 CVE-2021-38889
 	RESERVED
 CVE-2021-38888
@@ -12466,8 +12471,8 @@ CVE-2021-38877 (IBM Jazz for Service Management 1.1.3.10 is vulnerable to stored
 	NOT-FOR-US: IBM
 CVE-2021-38876
 	RESERVED
-CVE-2021-38875
-	RESERVED
+CVE-2021-38875 (IBM MQ 8.0, 9.0 LTS, 9.1 LTS, 9.2 LTS, 9.1 CD, and 9.2 CD is vulnerabl ...)
+	TODO: check
 CVE-2021-38874
 	RESERVED
 CVE-2021-38873
@@ -14612,34 +14617,27 @@ CVE-2021-38006
 	RESERVED
 CVE-2021-38005
 	RESERVED
-CVE-2021-38004
-	RESERVED
-CVE-2021-38003
-	RESERVED
+CVE-2021-38004 (Insufficient policy enforcement in Autofill in Google Chrome prior to  ...)
+	TODO: check
+CVE-2021-38003 (Inappropriate implementation in V8 in Google Chrome prior to 95.0.4638 ...)
 	- chromium <unfixed>
 	[stretch] - chromium <end-of-life> (see DSA 4562)
-CVE-2021-38002
-	RESERVED
+CVE-2021-38002 (Use after free in Web Transport in Google Chrome prior to 95.0.4638.69 ...)
 	- chromium <unfixed>
 	[stretch] - chromium <end-of-life> (see DSA 4562)
-CVE-2021-38001
-	RESERVED
+CVE-2021-38001 (Type confusion in V8 in Google Chrome prior to 95.0.4638.69 allowed a  ...)
 	- chromium <unfixed>
 	[stretch] - chromium <end-of-life> (see DSA 4562)
-CVE-2021-38000
-	RESERVED
+CVE-2021-38000 (Insufficient validation of untrusted input in Intents in Google Chrome ...)
 	- chromium <unfixed>
 	[stretch] - chromium <end-of-life> (see DSA 4562)
-CVE-2021-37999
-	RESERVED
+CVE-2021-37999 (Insufficient data validation in New Tab Page in Google Chrome prior to ...)
 	- chromium <unfixed>
 	[stretch] - chromium <end-of-life> (see DSA 4562)
-CVE-2021-37998
-	RESERVED
+CVE-2021-37998 (Use after free in Garbage Collection in Google Chrome prior to 95.0.46 ...)
 	- chromium <unfixed>
 	[stretch] - chromium <end-of-life> (see DSA 4562)
-CVE-2021-37997
-	RESERVED
+CVE-2021-37997 (Use after free in Sign-In in Google Chrome prior to 95.0.4638.69 allow ...)
 	- chromium <unfixed>
 	[stretch] - chromium <end-of-life> (see DSA 4562)
 CVE-2021-37996 (Insufficient validation of untrusted input Downloads in Google Chrome  ...)
@@ -18442,14 +18440,14 @@ CVE-2021-36337
 	RESERVED
 CVE-2021-36336
 	RESERVED
-CVE-2021-36335
-	RESERVED
-CVE-2021-36334
-	RESERVED
-CVE-2021-36333
-	RESERVED
-CVE-2021-36332
-	RESERVED
+CVE-2021-36335 (Dell EMC CloudLink 7.1 and all prior versions contain an Improper Inpu ...)
+	TODO: check
+CVE-2021-36334 (Dell EMC CloudLink 7.1 and all prior versions contain a CSV formula In ...)
+	TODO: check
+CVE-2021-36333 (Dell EMC CloudLink 7.1 and all prior versions contain a Buffer Overflo ...)
+	TODO: check
+CVE-2021-36332 (Dell EMC CloudLink 7.1 and all prior versions contain a HTML and Javas ...)
+	TODO: check
 CVE-2021-36331
 	RESERVED
 CVE-2021-36330
@@ -18484,14 +18482,14 @@ CVE-2021-36316
 	RESERVED
 CVE-2021-36315 (Dell EMC PowerScale Nodes contain a hardware design flaw. This may all ...)
 	NOT-FOR-US: EMC
-CVE-2021-36314
-	RESERVED
-CVE-2021-36313
-	RESERVED
-CVE-2021-36312
-	RESERVED
-CVE-2021-36311
-	RESERVED
+CVE-2021-36314 (Dell EMC CloudLink 7.1 and all prior versions contain an Arbitrary Fil ...)
+	TODO: check
+CVE-2021-36313 (Dell EMC CloudLink 7.1 and all prior versions contain an OS command in ...)
+	TODO: check
+CVE-2021-36312 (Dell EMC CloudLink 7.1 and all prior versions contain a Hard-coded Pas ...)
+	TODO: check
+CVE-2021-36311 (Dell EMC Networker versions prior to 19.5 contain an Improper Authoriz ...)
+	TODO: check
 CVE-2021-36310 (Dell Networking OS10, versions 10.4.3.x, 10.5.0.x, 10.5.1.x &amp; 10.5 ...)
 	NOT-FOR-US: Dell
 CVE-2021-36309 (Dell Enterprise SONiC OS, versions 3.3.0 and earlier, contains a sensi ...)
@@ -18510,12 +18508,12 @@ CVE-2021-36303
 	RESERVED
 CVE-2021-36302
 	RESERVED
-CVE-2021-36301
-	RESERVED
-CVE-2021-36300
-	RESERVED
-CVE-2021-36299
-	RESERVED
+CVE-2021-36301 (Dell iDRAC 9 prior to version 4.40.40.00 and iDRAC 8 prior to version  ...)
+	TODO: check
+CVE-2021-36300 (iDRAC9 versions prior to 5.00.00.00 contain an improper input validati ...)
+	TODO: check
+CVE-2021-36299 (Dell iDRAC9 versions 4.40.00.00 and later, but prior to 4.40.29.00 and ...)
+	TODO: check
 CVE-2021-36298 (Dell EMC InsightIQ, versions prior to 4.1.4, contain risky cryptograph ...)
 	NOT-FOR-US: EMC
 CVE-2021-36297 (SupportAssist Client version 3.8 and 3.9 contains an Untrusted search  ...)
@@ -20107,7 +20105,7 @@ CVE-2021-35604 (Vulnerability in the MySQL Server product of Oracle MySQL (compo
 	NOTE: Fixed in MariaDB: 10.5.13, 10.3.32
 	TODO: clarify MariaDB 10.6 status
 CVE-2021-35603 (Vulnerability in the Java SE, Oracle GraalVM Enterprise Edition produc ...)
-	{DSA-5000-1 DLA-2814-1}
+	{DSA-5012-1 DSA-5000-1 DLA-2814-1}
 	- openjdk-17 17.0.1+12-1
 	- openjdk-11 11.0.13+8-1
 	- openjdk-8 8u312-b07-1
@@ -20145,7 +20143,7 @@ CVE-2021-35588 (Vulnerability in the Java SE, Oracle GraalVM Enterprise Edition
 CVE-2021-35587
 	RESERVED
 CVE-2021-35586 (Vulnerability in the Java SE, Oracle GraalVM Enterprise Edition produc ...)
-	{DSA-5000-1 DLA-2814-1}
+	{DSA-5012-1 DSA-5000-1 DLA-2814-1}
 	- openjdk-17 17.0.1+12-1
 	- openjdk-11 11.0.13+8-1
 	- openjdk-8 8u312-b07-1
@@ -20164,7 +20162,7 @@ CVE-2021-35580 (Vulnerability in the Oracle Applications Manager product of Orac
 CVE-2021-35579
 	RESERVED
 CVE-2021-35578 (Vulnerability in the Java SE, Oracle GraalVM Enterprise Edition produc ...)
-	{DSA-5000-1 DLA-2814-1}
+	{DSA-5012-1 DSA-5000-1 DLA-2814-1}
 	- openjdk-17 17.0.1+12-1
 	- openjdk-11 11.0.13+8-1
 	- openjdk-8 8u312-b07-1
@@ -20189,7 +20187,7 @@ CVE-2021-35569 (Vulnerability in the Oracle Applications Manager product of Orac
 CVE-2021-35568 (Vulnerability in the PeopleSoft Enterprise PeopleTools product of Orac ...)
 	NOT-FOR-US: Oracle
 CVE-2021-35567 (Vulnerability in the Java SE, Oracle GraalVM Enterprise Edition produc ...)
-	{DSA-5000-1 DLA-2814-1}
+	{DSA-5012-1 DSA-5000-1 DLA-2814-1}
 	- openjdk-17 17.0.1+12-1
 	- openjdk-11 11.0.13+8-1
 	- openjdk-8 8u312-b07-1
@@ -20200,7 +20198,7 @@ CVE-2021-35565 (Vulnerability in the Java SE, Oracle GraalVM Enterprise Edition
 	- openjdk-11 11.0.13+8-1
 	- openjdk-8 8u312-b07-1
 CVE-2021-35564 (Vulnerability in the Java SE, Oracle GraalVM Enterprise Edition produc ...)
-	{DSA-5000-1 DLA-2814-1}
+	{DSA-5012-1 DSA-5000-1 DLA-2814-1}
 	- openjdk-17 17.0.1+12-1
 	- openjdk-11 11.0.13+8-1
 	- openjdk-8 8u312-b07-1
@@ -20209,14 +20207,14 @@ CVE-2021-35563 (Vulnerability in the Oracle Shipping Execution product of Oracle
 CVE-2021-35562 (Vulnerability in the Oracle Universal Work Queue product of Oracle E-B ...)
 	NOT-FOR-US: Oracle
 CVE-2021-35561 (Vulnerability in the Java SE, Oracle GraalVM Enterprise Edition produc ...)
-	{DSA-5000-1 DLA-2814-1}
+	{DSA-5012-1 DSA-5000-1 DLA-2814-1}
 	- openjdk-17 17.0.1+12-1
 	- openjdk-11 11.0.13+8-1
 	- openjdk-8 8u312-b07-1
 CVE-2021-35560 (Vulnerability in the Java SE product of Oracle Java SE (component: Dep ...)
 	- openjdk-8 <not-affected> (Deployment components not part of OpenJDK, only present in Oracle Java)
 CVE-2021-35559 (Vulnerability in the Java SE, Oracle GraalVM Enterprise Edition produc ...)
-	{DSA-5000-1 DLA-2814-1}
+	{DSA-5012-1 DSA-5000-1 DLA-2814-1}
 	- openjdk-17 17.0.1+12-1
 	- openjdk-11 11.0.13+8-1
 	- openjdk-8 8u312-b07-1
@@ -20225,7 +20223,7 @@ CVE-2021-35558 (Vulnerability in the Core RDBMS component of Oracle Database Ser
 CVE-2021-35557 (Vulnerability in the Core RDBMS component of Oracle Database Server. S ...)
 	NOT-FOR-US: Oracle
 CVE-2021-35556 (Vulnerability in the Java SE, Oracle GraalVM Enterprise Edition produc ...)
-	{DSA-5000-1 DLA-2814-1}
+	{DSA-5012-1 DSA-5000-1 DLA-2814-1}
 	- openjdk-17 17.0.1+12-1
 	- openjdk-11 11.0.13+8-1
 	- openjdk-8 8u312-b07-1
@@ -21462,8 +21460,8 @@ CVE-2021-35035
 	RESERVED
 CVE-2021-35034
 	RESERVED
-CVE-2021-35033
-	RESERVED
+CVE-2021-35033 (A vulnerability in specific versions of Zyxel NBG6818, NBG7815, WSQ20, ...)
+	TODO: check
 CVE-2021-35032
 	RESERVED
 CVE-2021-35031
@@ -29140,10 +29138,10 @@ CVE-2021-31854
 	RESERVED
 CVE-2021-31853 (DLL Search Order Hijacking Vulnerability in McAfee Drive Encryption (M ...)
 	NOT-FOR-US: McAfee
-CVE-2021-31852
-	RESERVED
-CVE-2021-31851
-	RESERVED
+CVE-2021-31852 (A Reflected Cross-Site Scripting vulnerability in McAfee Policy Audito ...)
+	TODO: check
+CVE-2021-31851 (A Reflected Cross-Site Scripting vulnerability in McAfee Policy Audito ...)
+	TODO: check
 CVE-2021-31850
 	RESERVED
 CVE-2021-31849 (SQL injection vulnerability in McAfee Data Loss Prevention (DLP) ePO e ...)
@@ -29229,8 +29227,8 @@ CVE-2021-31824
 	RESERVED
 CVE-2021-31823
 	RESERVED
-CVE-2021-31822
-	RESERVED
+CVE-2021-31822 (When Octopus Tentacle is installed on a Linux operating system, the sy ...)
+	TODO: check
 CVE-2021-31821
 	RESERVED
 CVE-2021-31820 (In Octopus Server after version 2018.8.2 if the Octopus Server Web Req ...)
@@ -36972,38 +36970,32 @@ CVE-2021-28710 (certain VT-d IOMMUs may not work in shared page table mode For e
 	- xen <not-affected> (Only affects 4.15 series)
 	NOTE: https://www.openwall.com/lists/oss-security/2021/11/19/9
 	NOTE: https://xenbits.xen.org/xsa/advisory-390.html
-CVE-2021-28709
-	RESERVED
+CVE-2021-28709 (issues with partially successful P2M updates on x86 T[his CNA informat ...)
 	- xen <unfixed>
 	[buster] - xen <end-of-life> (DSA 4677-1)
 	[stretch] - xen <end-of-life> (DSA 4602-1)
 	NOTE: https://xenbits.xen.org/xsa/advisory-389.html
-CVE-2021-28708
-	RESERVED
+CVE-2021-28708 (PoD operations on misaligned GFNs T[his CNA information record relates ...)
 	- xen <unfixed>
 	[buster] - xen <end-of-life> (DSA 4677-1)
 	[stretch] - xen <end-of-life> (DSA 4602-1)
 	NOTE: https://xenbits.xen.org/xsa/advisory-388.html
-CVE-2021-28707
-	RESERVED
+CVE-2021-28707 (PoD operations on misaligned GFNs T[his CNA information record relates ...)
 	- xen <unfixed>
 	[buster] - xen <end-of-life> (DSA 4677-1)
 	[stretch] - xen <end-of-life> (DSA 4602-1)
 	NOTE: https://xenbits.xen.org/xsa/advisory-388.html
-CVE-2021-28706
-	RESERVED
+CVE-2021-28706 (guests may exceed their designated memory limit When a guest is permit ...)
 	- xen <unfixed>
 	[buster] - xen <end-of-life> (DSA 4677-1)
 	[stretch] - xen <end-of-life> (DSA 4602-1)
 	NOTE: https://xenbits.xen.org/xsa/advisory-385.html
-CVE-2021-28705
-	RESERVED
+CVE-2021-28705 (issues with partially successful P2M updates on x86 T[his CNA informat ...)
 	- xen <unfixed>
 	[buster] - xen <end-of-life> (DSA 4677-1)
 	[stretch] - xen <end-of-life> (DSA 4602-1)
 	NOTE: https://xenbits.xen.org/xsa/advisory-389.html
-CVE-2021-28704
-	RESERVED
+CVE-2021-28704 (PoD operations on misaligned GFNs T[his CNA information record relates ...)
 	- xen <unfixed>
 	[buster] - xen <end-of-life> (DSA 4677-1)
 	[stretch] - xen <end-of-life> (DSA 4602-1)
@@ -43544,8 +43536,8 @@ CVE-2021-25988
 	RESERVED
 CVE-2021-25987
 	RESERVED
-CVE-2021-25986
-	RESERVED
+CVE-2021-25986 (In Django-wiki, versions 0.0.20 to 0.7.8 are vulnerable to Stored Cros ...)
+	TODO: check
 CVE-2021-25985 (In Factor (App Framework &amp; Headless CMS) v1.0.4 to v1.8.30, improp ...)
 	NOT-FOR-US: Factor (App Framework & Headless CMS)
 CVE-2021-25984 (In Factor (App Framework &amp; Headless CMS) forum plugin, versions v1 ...)
@@ -46214,20 +46206,20 @@ CVE-2021-24896
 	RESERVED
 CVE-2021-24895
 	RESERVED
-CVE-2021-24894
-	RESERVED
+CVE-2021-24894 (The Reviews Plus WordPress plugin before 1.2.14 does not validate the  ...)
+	TODO: check
 CVE-2021-24893
 	RESERVED
-CVE-2021-24892
-	RESERVED
-CVE-2021-24891
-	RESERVED
+CVE-2021-24892 (Insecure Direct Object Reference in edit function of Advanced Forms (F ...)
+	TODO: check
+CVE-2021-24891 (The Elementor Website Builder WordPress plugin before 3.1.4 does not s ...)
+	TODO: check
 CVE-2021-24890
 	RESERVED
 CVE-2021-24889
 	RESERVED
-CVE-2021-24888
-	RESERVED
+CVE-2021-24888 (The ImageBoss WordPress plugin before 3.0.6 does not sanitise and esca ...)
+	TODO: check
 CVE-2021-24887
 	RESERVED
 CVE-2021-24886
@@ -46238,8 +46230,8 @@ CVE-2021-24884 (The Formidable Form Builder WordPress plugin before 4.09.05 allo
 	NOT-FOR-US: WordPress plugin
 CVE-2021-24883
 	RESERVED
-CVE-2021-24882
-	RESERVED
+CVE-2021-24882 (The Slideshow Gallery WordPress plugin before 1.7.4 does not sanitise  ...)
+	TODO: check
 CVE-2021-24881
 	RESERVED
 CVE-2021-24880
@@ -46248,16 +46240,16 @@ CVE-2021-24879
 	RESERVED
 CVE-2021-24878
 	RESERVED
-CVE-2021-24877
-	RESERVED
+CVE-2021-24877 (The MainWP Child WordPress plugin before 4.1.8 does not validate the o ...)
+	TODO: check
 CVE-2021-24876
 	RESERVED
-CVE-2021-24875
-	RESERVED
+CVE-2021-24875 (The eCommerce Product Catalog Plugin for WordPress plugin before 3.0.3 ...)
+	TODO: check
 CVE-2021-24874
 	RESERVED
-CVE-2021-24873
-	RESERVED
+CVE-2021-24873 (The Tutor LMS WordPress plugin before 1.9.11 does not sanitise and esc ...)
+	TODO: check
 CVE-2021-24872
 	RESERVED
 CVE-2021-24871
@@ -46342,8 +46334,8 @@ CVE-2021-24832 (The WP SEO Redirect 301 WordPress plugin before 2.3.2 does not h
 	NOT-FOR-US: WordPress plugin
 CVE-2021-24831
 	RESERVED
-CVE-2021-24830
-	RESERVED
+CVE-2021-24830 (The Advanced Access Manager WordPress plugin before 6.8.0 does not esc ...)
+	TODO: check
 CVE-2021-24829 (The Visitor Traffic Real Time Statistics WordPress plugin before 3.9 d ...)
 	NOT-FOR-US: WordPress plugin
 CVE-2021-24828
@@ -46378,8 +46370,8 @@ CVE-2021-24814
 	RESERVED
 CVE-2021-24813 (The Events Made Easy WordPress plugin before 2.2.24 does not sanitise  ...)
 	NOT-FOR-US: WordPress plugin
-CVE-2021-24812
-	RESERVED
+CVE-2021-24812 (The BetterLinks WordPress plugin before 1.2.6 does not sanitise and es ...)
+	TODO: check
 CVE-2021-24811
 	RESERVED
 CVE-2021-24810
@@ -46544,8 +46536,8 @@ CVE-2021-24731 (The Registration Forms &#8211; User profile, Content Restriction
 	NOT-FOR-US: WordPress plugin
 CVE-2021-24730
 	RESERVED
-CVE-2021-24729
-	RESERVED
+CVE-2021-24729 (The Logo Showcase with Slick Slider WordPress plugin before 1.2.4 does ...)
+	TODO: check
 CVE-2021-24728 (The Membership &amp; Content Restriction &#8211; Paid Member Subscript ...)
 	NOT-FOR-US: WordPress plugin
 CVE-2021-24727 (The StopBadBots WordPress plugin before 6.60 did not validate or escap ...)
@@ -46576,8 +46568,8 @@ CVE-2021-24715 (The WP Sitemap Page WordPress plugin before 1.7.0 does not prope
 	NOT-FOR-US: WordPress plugin
 CVE-2021-24714
 	RESERVED
-CVE-2021-24713
-	RESERVED
+CVE-2021-24713 (The Video Lessons Manager WordPress plugin before 1.7.2 and Video Less ...)
+	TODO: check
 CVE-2021-24712 (The Appointment Hour Booking WordPress plugin before 1.3.17 does not p ...)
 	NOT-FOR-US: WordPress plugin
 CVE-2021-24711 (The del_reistered_domains AJAX action of the Software License Manager  ...)
@@ -46596,14 +46588,14 @@ CVE-2021-24705
 	RESERVED
 CVE-2021-24704
 	RESERVED
-CVE-2021-24703
-	RESERVED
+CVE-2021-24703 (The Download Plugin WordPress plugin before 1.6.1 does not have capabi ...)
+	TODO: check
 CVE-2021-24702 (The LearnPress WordPress plugin before 4.1.3.1 does not properly sanit ...)
 	NOT-FOR-US: WordPress plugin
 CVE-2021-24701 (The Quiz Tool Lite WordPress plugin through 2.3.15 does not sanitize m ...)
 	NOT-FOR-US: WordPress plugin
-CVE-2021-24700
-	RESERVED
+CVE-2021-24700 (The Forminator WordPress plugin before 1.15.4 does not sanitize and es ...)
+	TODO: check
 CVE-2021-24699 (The Easy Media Download WordPress plugin before 1.1.7 does not escape  ...)
 	NOT-FOR-US: WordPress plugin
 CVE-2021-24698 (The Simple Download Monitor WordPress plugin before 3.9.6 allows users ...)
@@ -46666,8 +46658,8 @@ CVE-2021-24670 (The CoolClock WordPress plugin before 4.3.5 does not escape some
 	NOT-FOR-US: WordPress plugin
 CVE-2021-24669 (The MAZ Loader &#8211; Preloader Builder for WordPress plugin before 1 ...)
 	NOT-FOR-US: WordPress plugin
-CVE-2021-24668
-	RESERVED
+CVE-2021-24668 (The MAZ Loader WordPress plugin through 1.3.4 does not enforce nonce c ...)
+	TODO: check
 CVE-2021-24667 (A stored cross-site scripting vulnerability has been discovered in : S ...)
 	NOT-FOR-US: FortiGuard
 CVE-2021-24666 (The Podlove Podcast Publisher WordPress plugin before 3.5.6 contains a ...)
@@ -46714,14 +46706,14 @@ CVE-2021-24646 (The Booking.com Banner Creator WordPress plugin through 1.4.2 do
 	NOT-FOR-US: WordPress plugin
 CVE-2021-24645 (The Booking.com Product Helper WordPress plugin through 1.0.1 does not ...)
 	NOT-FOR-US: WordPress plugin
-CVE-2021-24644
-	RESERVED
+CVE-2021-24644 (The Images to WebP WordPress plugin before 1.9 does not validate or sa ...)
+	TODO: check
 CVE-2021-24643 (The WP Map Block WordPress plugin before 1.2.3 does not escape some at ...)
 	NOT-FOR-US: WordPress plugin
 CVE-2021-24642 (The Scroll Baner WordPress plugin through 1.0 does not have CSRF check ...)
 	NOT-FOR-US: WordPress plugin
-CVE-2021-24641
-	RESERVED
+CVE-2021-24641 (The Images to WebP WordPress plugin before 1.9 does not have CSRF chec ...)
+	TODO: check
 CVE-2021-24640 (The WordPress Slider Block Gutenslider plugin before 5.2.0 does not es ...)
 	NOT-FOR-US: WordPress plugin
 CVE-2021-24639 (The OMGF WordPress plugin before 4.5.4 does not enforce path validatio ...)
@@ -53754,8 +53746,8 @@ CVE-2021-21563 (Dell EMC PowerScale OneFS versions 8.1.2-9.1.0.x contain an Impr
 	NOT-FOR-US: EMC
 CVE-2021-21562 (Dell EMC PowerScale OneFS contains an untrusted search path vulnerabil ...)
 	NOT-FOR-US: EMC
-CVE-2021-21561
-	RESERVED
+CVE-2021-21561 (Dell PowerScale OneFS version 8.1.2 contains a sensitive information e ...)
+	TODO: check
 CVE-2021-21560
 	RESERVED
 CVE-2021-21559 (Dell EMC NetWorker, versions 18.x, 19.1.x, 19.2.x 19.3.x, 19.4, and 19 ...)
author	security tracker role <sectracker@soriano.debian.org>	2021-11-24 08:10:17 +0000
committer	security tracker role <sectracker@soriano.debian.org>	2021-11-24 08:10:17 +0000
commit	21ade62fae7684637d7cf649ff0fc231e3cb0b5e (patch)
tree	0857c636dc13c0324401886b904ac4ddf73d5bb5
parent	2023a0650d420795286457775579bc8c37df1284 (diff)