automatic update

1 files changed, 147 insertions, 66 deletions

diff --git a/data/CVE/2022.list b/data/CVE/2022.list
index 180564c1b4..17a3013011 100644
--- a/data/CVE/2022.list
+++ b/data/CVE/2022.list
@@ -1,3 +1,85 @@
+CVE-2022-25257
+	RESERVED
+CVE-2022-25256
+	RESERVED
+CVE-2022-25255 (In Qt 5.9.x through 5.15.x before 5.15.9 and 6.x before 6.2.4 on Linux ...)
+	TODO: check
+CVE-2022-25254
+	RESERVED
+CVE-2022-25253
+	RESERVED
+CVE-2022-25252
+	RESERVED
+CVE-2022-25251
+	RESERVED
+CVE-2022-25250
+	RESERVED
+CVE-2022-25249
+	RESERVED
+CVE-2022-25248
+	RESERVED
+CVE-2022-25247
+	RESERVED
+CVE-2022-25246
+	RESERVED
+CVE-2022-24374
+	RESERVED
+CVE-2022-23916
+	RESERVED
+CVE-2022-23810
+	RESERVED
+CVE-2022-21142
+	RESERVED
+CVE-2022-0648
+	RESERVED
+CVE-2022-0647
+	RESERVED
+CVE-2022-0646
+	RESERVED
+CVE-2022-0645
+	RESERVED
+CVE-2022-0644
+	RESERVED
+CVE-2022-0643
+	RESERVED
+CVE-2022-0642
+	RESERVED
+CVE-2022-0641
+	RESERVED
+CVE-2022-0640
+	RESERVED
+CVE-2022-0639
+	RESERVED
+CVE-2022-0638
+	RESERVED
+CVE-2022-0637
+	RESERVED
+CVE-2022-0636
+	RESERVED
+CVE-2022-0635
+	RESERVED
+CVE-2022-0634
+	RESERVED
+CVE-2022-0633
+	RESERVED
+CVE-2022-0632
+	RESERVED
+CVE-2022-0631
+	RESERVED
+CVE-2022-0630
+	RESERVED
+CVE-2022-0629
+	RESERVED
+CVE-2022-0628
+	RESERVED
+CVE-2022-0627
+	RESERVED
+CVE-2022-0626
+	RESERVED
+CVE-2022-0625
+	RESERVED
+CVE-2022-0624
+	RESERVED
 CVE-2022-XXXX [Improper input validation - SA-CORE-2022-003]
 	- drupal7 <removed>
 	[stretch] - drupal7 7.52-2+deb9u18
@@ -97,8 +179,7 @@ CVE-2022-21159
 	RESERVED
 CVE-2022-0618
 	RESERVED
-CVE-2022-0617 [Null pointer dereference can be triggered when write to an ICB inode]
-	RESERVED
+CVE-2022-0617 (A flaw null pointer dereference in the Linux kernel UDF file system fu ...)
 	- linux 5.16.7-1
 	NOTE: https://git.kernel.org/linus/7fc3b7c2981bbd1047916ade327beccb90994eee
 	NOTE: https://git.kernel.org/linus/ea8569194b43f0f01f0a84c689388542c7254a1f
@@ -106,10 +187,10 @@ CVE-2022-0616
 	RESERVED
 CVE-2022-0615
 	RESERVED
-CVE-2022-0614
-	RESERVED
-CVE-2022-0613
-	RESERVED
+CVE-2022-0614 (Use of Out-of-range Pointer Offset in Homebrew mruby prior to 3.2. ...)
+	TODO: check
+CVE-2022-0613 (Authorization Bypass Through User-Controlled Key in NPM urijs prior to ...)
+	TODO: check
 CVE-2022-25212 (A cross-site request forgery (CSRF) vulnerability in Jenkins SWAMP Plu ...)
 	NOT-FOR-US: Jenkins plugin
 CVE-2022-25211 (A missing permission check in Jenkins SWAMP Plugin 1.2.6 and earlier a ...)
@@ -1304,8 +1385,8 @@ CVE-2022-0561 (Null source pointer passed as an argument to memcpy() function wi
 	NOTE: Fixed by: https://gitlab.com/libtiff/libtiff/-/commit/eecb0712f4c3a5b449f70c57988260a667ddbdef
 CVE-2022-0560 (Open Redirect in Packagist microweber/microweber prior to 1.2.11. ...)
 	NOT-FOR-US: microweber
-CVE-2022-0559
-	RESERVED
+CVE-2022-0559 (Use After Free in GitHub repository radareorg/radare2 prior to 5.6.2. ...)
+	TODO: check
 CVE-2022-0558 (Cross-site Scripting (XSS) - Stored in Packagist microweber/microweber ...)
 	NOT-FOR-US: microweber
 CVE-2022-0557 (OS Command Injection in Packagist microweber/microweber prior to 1.2.1 ...)
@@ -1511,12 +1592,12 @@ CVE-2022-0516 [KVM: s390: Return error on SIDA memop on normal guest]
 	[stretch] - linux <not-affected> (Vulnerable code not present)
 	NOTE: Fixed by: https://git.kernel.org/linus/2c212e1baedcd782b2535a3f86bc491977677c0e
 	NOTE: https://www.openwall.com/lists/oss-security/2022/02/11/2
-CVE-2022-24665
-	RESERVED
-CVE-2022-24664
-	RESERVED
-CVE-2022-24663
-	RESERVED
+CVE-2022-24665 (PHP Everywhere &lt;= 2.0.3 included functionality that allowed executi ...)
+	TODO: check
+CVE-2022-24664 (PHP Everywhere &lt;= 2.0.3 included functionality that allowed executi ...)
+	TODO: check
+CVE-2022-24663 (PHP Everywhere &lt;= 2.0.3 included functionality that allowed executi ...)
+	TODO: check
 CVE-2022-24662
 	RESERVED
 CVE-2022-24661
@@ -2016,8 +2097,8 @@ CVE-2022-0515
 	RESERVED
 CVE-2022-0514
 	RESERVED
-CVE-2022-0513
-	RESERVED
+CVE-2022-0513 (The WP Statistics WordPress plugin is vulnerable to SQL Injection due  ...)
+	TODO: check
 CVE-2022-0512 (Authorization Bypass Through User-Controlled Key in NPM url-parse prio ...)
 	TODO: check
 CVE-2022-0511
@@ -3071,8 +3152,8 @@ CVE-2022-24088
 	RESERVED
 CVE-2022-24087
 	RESERVED
-CVE-2022-24086
-	RESERVED
+CVE-2022-24086 (Adobe Commerce versions 2.4.3-p1 (and earlier) and 2.3.7-p2 (and earli ...)
+	TODO: check
 CVE-2022-24085
 	RESERVED
 CVE-2022-24084
@@ -3922,10 +4003,10 @@ CVE-2022-23806 (Curve.IsOnCurve in crypto/elliptic in Go before 1.16.14 and 1.17
 	NOTE: https://github.com/golang/go/commit/e16331902340c02bdf1831b5508df2307b871ef6 (go1.17.7)
 CVE-2022-23805 (A security out-of-bounds read information disclosure vulnerability in  ...)
 	NOT-FOR-US: Trend Micro
-CVE-2022-23804
-	RESERVED
-CVE-2022-23803
-	RESERVED
+CVE-2022-23804 (A stack-based buffer overflow vulnerability exists in the Gerber Viewe ...)
+	TODO: check
+CVE-2022-23803 (A stack-based buffer overflow vulnerability exists in the Gerber Viewe ...)
+	TODO: check
 CVE-2022-23802
 	RESERVED
 CVE-2022-23801
@@ -4302,8 +4383,8 @@ CVE-2022-23646
 	RESERVED
 CVE-2022-23645
 	RESERVED
-CVE-2022-23644
-	RESERVED
+CVE-2022-23644 (BookWyrm is a decentralized social network for tracking reading habits ...)
+	TODO: check
 CVE-2022-23643 (Sourcegraph is a code search and navigation engine. Sourcegraph versio ...)
 	TODO: check
 CVE-2022-23642
@@ -5063,8 +5144,8 @@ CVE-2022-23360
 	RESERVED
 CVE-2022-23359
 	RESERVED
-CVE-2022-23358
-	RESERVED
+CVE-2022-23358 (EasyCMS v1.6 allows for SQL injection via ArticlemAction.class.php. In ...)
+	TODO: check
 CVE-2022-23357 (mozilo2.0 was discovered to be vulnerable to directory traversal attac ...)
 	TODO: check
 CVE-2022-23356
@@ -5572,44 +5653,44 @@ CVE-2022-23206 (In Apache Traffic Control Traffic Ops prior to 6.1.0 or 5.1.6, a
 	NOT-FOR-US: Apache Traffic Control
 CVE-2022-23205
 	RESERVED
-CVE-2022-23204
-	RESERVED
-CVE-2022-23203
-	RESERVED
-CVE-2022-23202
-	RESERVED
+CVE-2022-23204 (Adobe Premiere Rush versions 2.0 and earlier are affected by an out-of ...)
+	TODO: check
+CVE-2022-23203 (Adobe Photoshop versions 22.5.4 (and earlier) and 23.1 (and earlier) a ...)
+	TODO: check
+CVE-2022-23202 (Adobe Creative Cloud Desktop version 2.7.0.13 (and earlier) is affecte ...)
+	TODO: check
 CVE-2022-23201
 	RESERVED
-CVE-2022-23200
-	RESERVED
-CVE-2022-23199
-	RESERVED
-CVE-2022-23198
-	RESERVED
-CVE-2022-23197
-	RESERVED
-CVE-2022-23196
-	RESERVED
-CVE-2022-23195
-	RESERVED
-CVE-2022-23194
-	RESERVED
-CVE-2022-23193
-	RESERVED
-CVE-2022-23192
-	RESERVED
-CVE-2022-23191
-	RESERVED
-CVE-2022-23190
-	RESERVED
-CVE-2022-23189
-	RESERVED
-CVE-2022-23188
-	RESERVED
+CVE-2022-23200 (Adobe After Effects versions 22.1.1 (and earlier) and 18.4.3 (and earl ...)
+	TODO: check
+CVE-2022-23199 (Adobe Illustrator versions 25.4.3 (and earlier) and 26.0.2 (and earlie ...)
+	TODO: check
+CVE-2022-23198 (Adobe Illustrator versions 25.4.3 (and earlier) and 26.0.2 (and earlie ...)
+	TODO: check
+CVE-2022-23197 (Adobe Illustrator versions 25.4.3 (and earlier) and 26.0.2 (and earlie ...)
+	TODO: check
+CVE-2022-23196 (Adobe Illustrator versions 25.4.3 (and earlier) and 26.0.2 (and earlie ...)
+	TODO: check
+CVE-2022-23195 (Adobe Illustrator versions 25.4.3 (and earlier) and 26.0.2 (and earlie ...)
+	TODO: check
+CVE-2022-23194 (Adobe Illustrator versions 25.4.3 (and earlier) and 26.0.2 (and earlie ...)
+	TODO: check
+CVE-2022-23193 (Adobe Illustrator versions 25.4.3 (and earlier) and 26.0.2 (and earlie ...)
+	TODO: check
+CVE-2022-23192 (Adobe Illustrator versions 25.4.3 (and earlier) and 26.0.2 (and earlie ...)
+	TODO: check
+CVE-2022-23191 (Adobe Illustrator versions 25.4.3 (and earlier) and 26.0.2 (and earlie ...)
+	TODO: check
+CVE-2022-23190 (Adobe Illustrator versions 25.4.3 (and earlier) and 26.0.2 (and earlie ...)
+	TODO: check
+CVE-2022-23189 (Adobe Illustrator versions 25.4.3 (and earlier) and 26.0.2 (and earlie ...)
+	TODO: check
+CVE-2022-23188 (Adobe Illustrator versions 25.4.3 (and earlier) and 26.0.2 (and earlie ...)
+	TODO: check
 CVE-2022-23187
 	RESERVED
-CVE-2022-23186
-	RESERVED
+CVE-2022-23186 (Adobe Illustrator versions 25.4.3 (and earlier) and 26.0.2 (and earlie ...)
+	TODO: check
 CVE-2022-23185
 	RESERVED
 CVE-2022-23184 (In affected Octopus Server versions when the server HTTP and HTTPS bin ...)
@@ -6240,8 +6321,8 @@ CVE-2022-22947
 	RESERVED
 CVE-2022-22946
 	RESERVED
-CVE-2022-22945
-	RESERVED
+CVE-2022-22945 (VMware NSX Edge contains a CLI shell injection vulnerability. A malici ...)
+	TODO: check
 CVE-2022-22944
 	RESERVED
 CVE-2022-22943
@@ -6457,8 +6538,8 @@ CVE-2022-22855
 	RESERVED
 CVE-2022-22854 (An access control issue in hprms/admin/?page=user/list of Hospital Pat ...)
 	NOT-FOR-US: Hospital Patient Record Management System
-CVE-2022-22853
-	RESERVED
+CVE-2022-22853 (A stored cross-site scripting (XSS) vulnerability in Hospital Patient  ...)
+	TODO: check
 CVE-2022-22852 (A Stored Cross Site Scripting (XSS) vulnerability exists in Sourcecodt ...)
 	NOT-FOR-US: Sourcecodtester
 CVE-2022-22851 (A Stored Cross Site Scripting (XSS) vulnerability exists in Sourcecodt ...)
@@ -6692,8 +6773,8 @@ CVE-2022-22794
 	RESERVED
 CVE-2022-22793
 	RESERVED
-CVE-2022-22792
-	RESERVED
+CVE-2022-22792 (MobiSoft - MobiPlus User Take Over and Improper Handling of url Parame ...)
+	TODO: check
 CVE-2022-22791 (SYNEL - eharmony Authenticated Blind &amp; Stored XSS. Inject JS code  ...)
 	NOT-FOR-US: SYNEL
 CVE-2022-22790 (SYNEL - eharmony Directory Traversal. Directory Traversal - is an atta ...)