automatic update

4 files changed, 70 insertions, 55 deletions

diff --git a/data/CVE/2018.list b/data/CVE/2018.list
index 69f09332ce..a7198d14dd 100644
--- a/data/CVE/2018.list
+++ b/data/CVE/2018.list
@@ -1,3 +1,9 @@
+CVE-2018-25006
+	RESERVED
+CVE-2018-25005
+	RESERVED
+CVE-2018-25004
+	RESERVED
 CVE-2018-25003
 	RESERVED
 CVE-2018-25002 (uploader.php in the KCFinder integration project through 2018-06-01 fo ...)
diff --git a/data/CVE/2019.list b/data/CVE/2019.list
index c262ece6bd..e916fc64c6 100644
--- a/data/CVE/2019.list
+++ b/data/CVE/2019.list
@@ -1,4 +1,4 @@
-CVE-2019-25016 (There is an unsafe incomplete reset of PATH in OpenDoas 6.6 through 6. ...)
+CVE-2019-25016 (In OpenDoas from 6.6 to 6.8 the users PATH variable was incorrectly in ...)
 	- doas <itp> (bug #981176)
 	NOTE: https://github.com/Duncaen/OpenDoas/commit/01c658f8c45cb92a343be5f32aa6da70b2032168
 	NOTE: https://github.com/Duncaen/OpenDoas/issues/45
diff --git a/data/CVE/2020.list b/data/CVE/2020.list
index 63fd6f1672..b45414e307 100644
--- a/data/CVE/2020.list
+++ b/data/CVE/2020.list
@@ -1363,8 +1363,7 @@ CVE-2020-35653 (In Pillow before 8.1.0, PcxDecode has a buffer over-read when de
 	NOTE: https://pillow.readthedocs.io/en/stable/releasenotes/8.1.0.html#security
 	NOTE: https://github.com/python-pillow/Pillow/pull/5174
 	NOTE: https://github.com/python-pillow/Pillow/commit/2f409261eb1228e166868f8f0b5da5cda52e55bf
-CVE-2020-35652 [remote crash in res_pjsip_diversion]
-	RESERVED
+CVE-2020-35652 (An issue was discovered in res_pjsip_diversion.c in Sangoma Asterisk b ...)
 	- asterisk 1:16.15.1~dfsg-1 (bug #979372)
 	[buster] - asterisk <no-dsa> (Minor issue)
 	[stretch] - asterisk <no-dsa> (Minor issue)
@@ -3355,7 +3354,7 @@ CVE-2020-29396 (A sandboxing issue in Odoo Community 11.0 through 13.0 and Odoo
 	NOTE: https://github.com/odoo/odoo/issues/63712
 CVE-2020-29395 (The EventON plugin through 3.0.5 for WordPress allows addons/?q= XSS v ...)
 	NOT-FOR-US: EventON plugin for WordPress
-CVE-2020-29394 (A buffer overflow in the dlt_filter_load function in dlt_common.c in d ...)
+CVE-2020-29394 (A buffer overflow in the dlt_filter_load function in dlt_common.c from ...)
 	- dlt-daemon 2.18.5-0.3 (bug #976228)
 	[buster] - dlt-daemon <no-dsa> (Minor issue)
 	NOTE: https://github.com/GENIVI/dlt-daemon/issues/274
@@ -14238,20 +14237,20 @@ CVE-2020-24672
 	RESERVED
 CVE-2020-24671
 	RESERVED
-CVE-2020-24670
-	RESERVED
-CVE-2020-24669
-	RESERVED
+CVE-2020-24670 (The Dashboard Editor in Hitachi Vantara Pentaho through 7.x - 8.x cont ...)
+	TODO: check
+CVE-2020-24669 (The New Analysis Report in Hitachi Vantara Pentaho through 7.x - 8.x c ...)
+	TODO: check
 CVE-2020-24668
 	RESERVED
 CVE-2020-24667
 	RESERVED
-CVE-2020-24666
-	RESERVED
-CVE-2020-24665
-	RESERVED
-CVE-2020-24664
-	RESERVED
+CVE-2020-24666 (The Analysis Report in Hitachi Vantara Pentaho through 7.x - 8.x conta ...)
+	TODO: check
+CVE-2020-24665 (The Dashboard Editor in Hitachi Vantara Pentaho through 7.x - 8.x cont ...)
+	TODO: check
+CVE-2020-24664 (The dashboard Editor in Hitachi Vantara Pentaho through 7.x - 8.x cont ...)
+	TODO: check
 CVE-2020-24663
 	RESERVED
 CVE-2020-24662
diff --git a/data/CVE/2021.list b/data/CVE/2021.list
index 854272012f..dd1a306d59 100644
--- a/data/CVE/2021.list
+++ b/data/CVE/2021.list
@@ -1,10 +1,20 @@
+CVE-2021-3346 (Foris before 101.1.1, as used in Turris OS, lacks certain HTML escapin ...)
+	TODO: check
+CVE-2021-3345 (_gcry_md_block_write in cipher/hash-common.c in Libgcrypt before 1.9.1 ...)
+	TODO: check
+CVE-2021-3344
+	RESERVED
+CVE-2021-26310
+	RESERVED
+CVE-2021-26309
+	RESERVED
 CVE-2021-XXXX [libgcrypt heap overflow]
 	[experimental] - libgcrypt20 <unfixed>
 	- libgcrypt20 <not-affected> (Only affected 1.9)
 	NOTE: https://lists.gnupg.org/pipermail/gnupg-announce/2021q1/000456.html
 	NOTE: https://dev.gnupg.org/T5275
 	NOTE: Introduced by: https://git.gnupg.org/cgi-bin/gitweb.cgi?p=libgcrypt.git;a=commit;h=e76617cbab018dd8f41fd6b4ec6740b5303f7e13
-CVE-2021-3347 [UAF in futex]
+CVE-2021-3347 (An issue was discovered in the Linux kernel through 5.10.11. PI futexe ...)
 	- linux <unfixed>
 	NOTE: https://www.openwall.com/lists/oss-security/2021/01/29/1
 CVE-2021-3343
@@ -939,10 +949,10 @@ CVE-2021-25912
 	RESERVED
 CVE-2021-25911
 	RESERVED
-CVE-2021-25910
-	RESERVED
-CVE-2021-25909
-	RESERVED
+CVE-2021-25910 (Improper Authentication vulnerability in the cookie parameter of ZIV A ...)
+	TODO: check
+CVE-2021-25909 (ZIV Automation 4CCT-EA6-334126BF firmware version 3.23.80.27.36371, al ...)
+	TODO: check
 CVE-2021-25908 (An issue was discovered in the fil-ocl crate through 2021-01-04 for Ru ...)
 	NOT-FOR-US: Rust crate fil-ocl
 CVE-2021-25907 (An issue was discovered in the containers crate before 0.9.11 for Rust ...)
@@ -2804,38 +2814,38 @@ CVE-2021-25140
 	RESERVED
 CVE-2021-25139
 	RESERVED
-CVE-2021-25138
-	RESERVED
-CVE-2021-25137
-	RESERVED
-CVE-2021-25136
-	RESERVED
-CVE-2021-25135
-	RESERVED
-CVE-2021-25134
-	RESERVED
-CVE-2021-25133
-	RESERVED
-CVE-2021-25132
-	RESERVED
-CVE-2021-25131
-	RESERVED
-CVE-2021-25130
-	RESERVED
-CVE-2021-25129
-	RESERVED
-CVE-2021-25128
-	RESERVED
-CVE-2021-25127
-	RESERVED
-CVE-2021-25126
-	RESERVED
-CVE-2021-25125
-	RESERVED
-CVE-2021-25124
-	RESERVED
-CVE-2021-25123
-	RESERVED
+CVE-2021-25138 (The Baseboard Management Controller(BMC) in HPE Cloudline CL5800 Gen9  ...)
+	TODO: check
+CVE-2021-25137 (The Baseboard Management Controller(BMC) in HPE Cloudline CL5800 Gen9  ...)
+	TODO: check
+CVE-2021-25136 (The Baseboard Management Controller(BMC) in HPE Cloudline CL5800 Gen9  ...)
+	TODO: check
+CVE-2021-25135 (The Baseboard Management Controller(BMC) in HPE Cloudline CL5800 Gen9  ...)
+	TODO: check
+CVE-2021-25134 (The Baseboard Management Controller(BMC) in HPE Cloudline CL5800 Gen9  ...)
+	TODO: check
+CVE-2021-25133 (The Baseboard Management Controller(BMC) in HPE Cloudline CL5800 Gen9  ...)
+	TODO: check
+CVE-2021-25132 (The Baseboard Management Controller(BMC) in HPE Cloudline CL5800 Gen9  ...)
+	TODO: check
+CVE-2021-25131 (The Baseboard Management Controller(BMC) in HPE Cloudline CL5800 Gen9  ...)
+	TODO: check
+CVE-2021-25130 (The Baseboard Management Controller(BMC) in HPE Cloudline CL5800 Gen9  ...)
+	TODO: check
+CVE-2021-25129 (The Baseboard Management Controller(BMC) in HPE Cloudline CL5800 Gen9  ...)
+	TODO: check
+CVE-2021-25128 (The Baseboard Management Controller(BMC) in HPE Cloudline CL5800 Gen9  ...)
+	TODO: check
+CVE-2021-25127 (The Baseboard Management Controller(BMC) in HPE Cloudline CL5800 Gen9  ...)
+	TODO: check
+CVE-2021-25126 (The Baseboard Management Controller(BMC) in HPE Cloudline CL5800 Gen9  ...)
+	TODO: check
+CVE-2021-25125 (The Baseboard Management Controller(BMC) in HPE Cloudline CL5800 Gen9  ...)
+	TODO: check
+CVE-2021-25124 (The Baseboard Management Controller(BMC) in HPE Cloudline CL5800 Gen9  ...)
+	TODO: check
+CVE-2021-25123 (The Baseboard Management Controller(BMC) in HPE Cloudline CL5800 Gen9  ...)
+	TODO: check
 CVE-2021-25122
 	RESERVED
 CVE-2021-25121
@@ -6587,8 +6597,8 @@ CVE-2021-23330
 	RESERVED
 CVE-2021-23329
 	RESERVED
-CVE-2021-23328
-	RESERVED
+CVE-2021-23328 (This affects all versions of package iniparserjs. This vulnerability r ...)
+	TODO: check
 CVE-2021-23327
 	RESERVED
 CVE-2021-23326 (This affects the package @graphql-tools/git-loader before 6.2.6. The u ...)
@@ -12200,8 +12210,8 @@ CVE-2021-20588
 	RESERVED
 CVE-2021-20587
 	RESERVED
-CVE-2021-20586
-	RESERVED
+CVE-2021-20586 (Resource management errors vulnerability in a robot controller of MELF ...)
+	TODO: check
 CVE-2021-20585
 	RESERVED
 CVE-2021-20584