automatic update

1 files changed, 82 insertions, 58 deletions

diff --git a/data/CVE/2021.list b/data/CVE/2021.list
index fe4f277c2b..9a6c99d6c7 100644
--- a/data/CVE/2021.list
+++ b/data/CVE/2021.list
@@ -1,3 +1,27 @@
+CVE-2021-44470
+	RESERVED
+CVE-2021-4037
+	RESERVED
+CVE-2021-4036
+	RESERVED
+CVE-2021-37409
+	RESERVED
+CVE-2021-37405
+	RESERVED
+CVE-2021-33847
+	RESERVED
+CVE-2021-26950
+	RESERVED
+CVE-2021-26258
+	RESERVED
+CVE-2021-26257
+	RESERVED
+CVE-2021-26251
+	RESERVED
+CVE-2021-23223
+	RESERVED
+CVE-2021-23179
+	RESERVED
 CVE-2021-44464
 	RESERVED
 CVE-2021-44453
@@ -476,8 +500,8 @@ CVE-2021-4028 [use-after-free in RDMA listen()]
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=2027201
 CVE-2021-4027
 	RESERVED
-CVE-2021-4026
-	RESERVED
+CVE-2021-4026 (bookstack is vulnerable to Improper Access Control ...)
+	TODO: check
 CVE-2021-4025
 	RESERVED
 CVE-2021-44235
@@ -2584,12 +2608,12 @@ CVE-2021-43362
 	RESERVED
 CVE-2021-43361
 	RESERVED
-CVE-2021-43360
-	RESERVED
-CVE-2021-43359
-	RESERVED
-CVE-2021-43358
-	RESERVED
+CVE-2021-43360 (Sunnet eHRD e-mail delivery task schedule’s serialization functi ...)
+	TODO: check
+CVE-2021-43359 (Sunnet eHRD has broken access control vulnerability, which allows a re ...)
+	TODO: check
+CVE-2021-43358 (Sunnet eHRD has inadequate filtering for special characters in URLs, w ...)
+	TODO: check
 CVE-2021-3928 (vim is vulnerable to Stack-based Buffer Overflow ...)
 	- vim <unfixed>
 	[stretch] - vim <no-dsa> (Minor issue)
@@ -2686,7 +2710,7 @@ CVE-2021-43322
 CVE-2021-43321
 	RESERVED
 CVE-2021-43320
-	RESERVED
+	REJECTED
 CVE-2021-43319 (Zoho ManageEngine Network Configuration Manager before 125488 is vulne ...)
 	NOT-FOR-US: Zoho ManageEngine
 CVE-2021-43318
@@ -4370,8 +4394,8 @@ CVE-2021-42566 (myfactory.FMS before 7.1-912 allows XSS via the Error parameter.
 	NOT-FOR-US: myfactory.FMS
 CVE-2021-42565 (myfactory.FMS before 7.1-912 allows XSS via the UID parameter. ...)
 	NOT-FOR-US: myfactory.FMS
-CVE-2021-42564
-	RESERVED
+CVE-2021-42564 (An open redirect through HTML injection in confidential messages in Cr ...)
+	TODO: check
 CVE-2021-42563 (There is an Unquoted Service Path in NI Service Locator (nisvcloc.exe) ...)
 	NOT-FOR-US: NI Service Locator
 CVE-2021-3893
@@ -7467,8 +7491,8 @@ CVE-2021-41258 (Kirby is an open source file structured CMS. In affected version
 	NOT-FOR-US: Kirby
 CVE-2021-41257
 	RESERVED
-CVE-2021-41256
-	RESERVED
+CVE-2021-41256 (nextcloud news-android is an Android client for the Nextcloud news/fee ...)
+	TODO: check
 CVE-2021-41255
 	RESERVED
 CVE-2021-41254 (kustomize-controller is a Kubernetes operator, specialized in running  ...)
@@ -8566,8 +8590,8 @@ CVE-2021-40811
 	RESERVED
 CVE-2021-40810
 	RESERVED
-CVE-2021-40809
-	RESERVED
+CVE-2021-40809 (An issue was discovered in Jamf Pro before 10.32.0, aka PI-009921. An  ...)
+	TODO: check
 CVE-2021-40808
 	RESERVED
 CVE-2021-40807
@@ -10276,8 +10300,8 @@ CVE-2021-40103 (An issue was discovered in Concrete CMS through 8.5.5. Path Trav
 	NOT-FOR-US: Concrete CMS
 CVE-2021-40102 (An issue was discovered in Concrete CMS through 8.5.5. Arbitrary File  ...)
 	NOT-FOR-US: Concrete CMS
-CVE-2021-40101
-	RESERVED
+CVE-2021-40101 (An issue was discovered in Concrete CMS before 8.5.7. The Dashboard al ...)
+	TODO: check
 CVE-2021-40100 (An issue was discovered in Concrete CMS through 8.5.5. Stored XSS can  ...)
 	NOT-FOR-US: Concrete CMS
 CVE-2021-40099 (An issue was discovered in Concrete CMS through 8.5.5. Fetching the up ...)
@@ -12053,7 +12077,7 @@ CVE-2021-3729 (firefly-iii is vulnerable to Cross-Site Request Forgery (CSRF) ..
 	NOT-FOR-US: firefly-iii
 CVE-2021-3728 (firefly-iii is vulnerable to Cross-Site Request Forgery (CSRF) ...)
 	NOT-FOR-US: firefly-iii
-CVE-2021-39303 (The server in Jamf Pro before 10.32.0 has a vulnerability affecting in ...)
+CVE-2021-39303 (The server in Jamf Pro before 10.32.0 has an SSRF vulnerability, aka P ...)
 	NOT-FOR-US: Jamf Pro
 CVE-2021-39302 (MISP 2.4.148, in certain configurations, allows SQL injection via the  ...)
 	NOT-FOR-US: MISP
@@ -19130,16 +19154,16 @@ CVE-2021-36332 (Dell EMC CloudLink 7.1 and all prior versions contain a HTML and
 	NOT-FOR-US: EMC
 CVE-2021-36331
 	RESERVED
-CVE-2021-36330
-	RESERVED
-CVE-2021-36329
-	RESERVED
-CVE-2021-36328
-	RESERVED
-CVE-2021-36327
-	RESERVED
-CVE-2021-36326
-	RESERVED
+CVE-2021-36330 (Dell EMC Streaming Data Platform versions before 1.3 contain an Insuff ...)
+	TODO: check
+CVE-2021-36329 (Dell EMC Streaming Data Platform versions before 1.3 contain an Indire ...)
+	TODO: check
+CVE-2021-36328 (Dell EMC Streaming Data Platform versions before 1.3 contain a SQL Inj ...)
+	TODO: check
+CVE-2021-36327 (Dell EMC Streaming Data Platform versions before 1.3 contain a Server  ...)
+	TODO: check
+CVE-2021-36326 (Dell EMC Streaming Data Platform, versions prior to 1.3 contain an SSL ...)
+	TODO: check
 CVE-2021-36325 (Dell BIOS contains an improper input validation vulnerability. A local ...)
 	NOT-FOR-US: Dell
 CVE-2021-36324 (Dell BIOS contains an improper input validation vulnerability. A local ...)
@@ -56315,42 +56339,42 @@ CVE-2021-20866
 	RESERVED
 CVE-2021-20865
 	RESERVED
-CVE-2021-20864
-	RESERVED
-CVE-2021-20863
-	RESERVED
-CVE-2021-20862
-	RESERVED
-CVE-2021-20861
-	RESERVED
-CVE-2021-20860
-	RESERVED
-CVE-2021-20859
-	RESERVED
-CVE-2021-20858
-	RESERVED
-CVE-2021-20857
-	RESERVED
-CVE-2021-20856
-	RESERVED
-CVE-2021-20855
-	RESERVED
-CVE-2021-20854
-	RESERVED
-CVE-2021-20853
-	RESERVED
-CVE-2021-20852
-	RESERVED
-CVE-2021-20851
-	RESERVED
+CVE-2021-20864 (Improper access control vulnerability in ELECOM routers (WRC-1167GST2  ...)
+	TODO: check
+CVE-2021-20863 (OS command injection vulnerability in ELECOM routers (WRC-1167GST2 fir ...)
+	TODO: check
+CVE-2021-20862 (Improper access control vulnerability in ELECOM routers (WRC-1167GST2  ...)
+	TODO: check
+CVE-2021-20861 (Improper access control vulnerability in ELECOM LAN routers (WRC-1167G ...)
+	TODO: check
+CVE-2021-20860 (Cross-site request forgery (CSRF) vulnerability in ELECOM LAN routers  ...)
+	TODO: check
+CVE-2021-20859 (ELECOM LAN routers (WRC-1167GST2 firmware v1.25 and prior, WRC-1167GST ...)
+	TODO: check
+CVE-2021-20858 (Cross-site scripting vulnerability in ELECOM LAN router WRC-2533GHBK-I ...)
+	TODO: check
+CVE-2021-20857 (Cross-site scripting vulnerability in ELECOM LAN router WRC-2533GHBK-I ...)
+	TODO: check
+CVE-2021-20856 (Cross-site scripting vulnerability in ELECOM LAN routers (WRH-733GBK f ...)
+	TODO: check
+CVE-2021-20855 (Cross-site scripting vulnerability in ELECOM LAN routers (WRH-733GBK f ...)
+	TODO: check
+CVE-2021-20854 (ELECOM LAN routers (WRH-733GBK firmware v1.02.9 and prior and WRH-733G ...)
+	TODO: check
+CVE-2021-20853 (ELECOM LAN routers (WRH-733GBK firmware v1.02.9 and prior and WRH-733G ...)
+	TODO: check
+CVE-2021-20852 (Buffer overflow vulnerability in ELECOM LAN routers (WRH-733GBK firmwa ...)
+	TODO: check
+CVE-2021-20851 (Cross-site request forgery (CSRF) vulnerability in Browser and Operati ...)
+	TODO: check
 CVE-2021-20850 (PowerCMS XMLRPC API of PowerCMS 5.19 and earlier, PowerCMS 4.49 and ea ...)
 	NOT-FOR-US: PowerCMS
 CVE-2021-20849
 	RESERVED
 CVE-2021-20848 (Cross-site scripting vulnerability in rwtxt versions prior to v1.8.6 a ...)
 	NOT-FOR-US: rwtxt
-CVE-2021-20847
-	RESERVED
+CVE-2021-20847 (Cross-site scripting vulnerability in Wi-Fi STATION SH-52A (38JP_1_11G ...)
+	TODO: check
 CVE-2021-20846 (Cross-site request forgery (CSRF) vulnerability in Push Notifications  ...)
 	NOT-FOR-US: WordPress plugin
 CVE-2021-20845 (Cross-site request forgery (CSRF) vulnerability in Unlimited Sitemap G ...)