automatic update

1 files changed, 142 insertions, 137 deletions

diff --git a/data/CVE/list b/data/CVE/list
index 6163c58690..95285b6854 100644
--- a/data/CVE/list
+++ b/data/CVE/list
@@ -1,86 +1,92 @@
-CVE-2022-30972
+CVE-2022-30973
 	RESERVED
-	NOT-FOR-US: Jenkins plugin
-CVE-2022-30971
+CVE-2022-1770
 	RESERVED
-	NOT-FOR-US: Jenkins plugin
-CVE-2022-30970
+CVE-2022-1769 (Buffer Over-read in GitHub repository vim/vim prior to 8.2. ...)
+	TODO: check
+CVE-2022-1768
 	RESERVED
-	NOT-FOR-US: Jenkins plugin
-CVE-2022-30969
+CVE-2022-1767
 	RESERVED
-	NOT-FOR-US: Jenkins plugin
-CVE-2022-30968
+CVE-2022-1766
 	RESERVED
-	NOT-FOR-US: Jenkins plugin
-CVE-2022-30967
+CVE-2022-1765
 	RESERVED
-	NOT-FOR-US: Jenkins plugin
-CVE-2022-30966
+CVE-2022-1764
 	RESERVED
-	NOT-FOR-US: Jenkins plugin
-CVE-2022-30965
+CVE-2022-1763
 	RESERVED
-	NOT-FOR-US: Jenkins plugin
-CVE-2022-30964
+CVE-2022-1762
 	RESERVED
-	NOT-FOR-US: Jenkins plugin
-CVE-2022-30963
+CVE-2022-1761
 	RESERVED
-	NOT-FOR-US: Jenkins plugin
-CVE-2022-30962
+CVE-2022-1760
 	RESERVED
-	NOT-FOR-US: Jenkins plugin
-CVE-2022-30961
+CVE-2022-1759
 	RESERVED
-	NOT-FOR-US: Jenkins plugin
-CVE-2022-30960
+CVE-2022-1758
 	RESERVED
-	NOT-FOR-US: Jenkins plugin
-CVE-2022-30959
+CVE-2022-1757
 	RESERVED
-	NOT-FOR-US: Jenkins plugin
-CVE-2022-30958
+CVE-2022-1756
 	RESERVED
-	NOT-FOR-US: Jenkins plugin
-CVE-2022-30957
+CVE-2022-1755
 	RESERVED
+CVE-2022-30972 (A cross-site request forgery (CSRF) vulnerability in Jenkins Storable  ...)
 	NOT-FOR-US: Jenkins plugin
-CVE-2022-30956
-	RESERVED
+CVE-2022-30971 (Jenkins Storable Configs Plugin 1.0 and earlier does not configure its ...)
 	NOT-FOR-US: Jenkins plugin
-CVE-2022-30955
-	RESERVED
+CVE-2022-30970 (Jenkins Autocomplete Parameter Plugin 1.1 and earlier references Dropd ...)
 	NOT-FOR-US: Jenkins plugin
-CVE-2022-30954
-	RESERVED
+CVE-2022-30969 (A cross-site request forgery (CSRF) vulnerability in Jenkins Autocompl ...)
 	NOT-FOR-US: Jenkins plugin
-CVE-2022-30953
-	RESERVED
+CVE-2022-30968 (Jenkins vboxwrapper Plugin 1.3 and earlier does not escape the name an ...)
 	NOT-FOR-US: Jenkins plugin
-CVE-2022-30952
-	RESERVED
+CVE-2022-30967 (Jenkins Selection tasks Plugin 1.0 and earlier does not escape the nam ...)
 	NOT-FOR-US: Jenkins plugin
-CVE-2022-30951
-	RESERVED
+CVE-2022-30966 (Jenkins Random String Parameter Plugin 1.0 and earlier does not escape ...)
 	NOT-FOR-US: Jenkins plugin
-CVE-2022-30950
-	RESERVED
+CVE-2022-30965 (Jenkins Promoted Builds (Simple) Plugin 1.9 and earlier does not escap ...)
 	NOT-FOR-US: Jenkins plugin
-CVE-2022-30949
-	RESERVED
+CVE-2022-30964 (Jenkins Multiselect parameter Plugin 1.3 and earlier does not escape t ...)
 	NOT-FOR-US: Jenkins plugin
-CVE-2022-30948
-	RESERVED
+CVE-2022-30963 (Jenkins JDK Parameter Plugin 1.0 and earlier does not escape the name  ...)
 	NOT-FOR-US: Jenkins plugin
-CVE-2022-30947
-	RESERVED
+CVE-2022-30962 (Jenkins Global Variable String Parameter Plugin 1.2 and earlier does n ...)
 	NOT-FOR-US: Jenkins plugin
-CVE-2022-30946
-	RESERVED
+CVE-2022-30961 (Jenkins Autocomplete Parameter Plugin 1.1 and earlier does not escape  ...)
 	NOT-FOR-US: Jenkins plugin
-CVE-2022-30945
-	RESERVED
+CVE-2022-30960 (Jenkins Application Detector Plugin 1.0.8 and earlier does not escape  ...)
+	NOT-FOR-US: Jenkins plugin
+CVE-2022-30959 (A missing permission check in Jenkins SSH Plugin 2.6.1 and earlier all ...)
+	NOT-FOR-US: Jenkins plugin
+CVE-2022-30958 (A cross-site request forgery (CSRF) vulnerability in Jenkins SSH Plugi ...)
+	NOT-FOR-US: Jenkins plugin
+CVE-2022-30957 (A missing permission check in Jenkins SSH Plugin 2.6.1 and earlier all ...)
+	NOT-FOR-US: Jenkins plugin
+CVE-2022-30956 (Jenkins Rundeck Plugin 3.6.10 and earlier does not restrict URL scheme ...)
+	NOT-FOR-US: Jenkins plugin
+CVE-2022-30955 (Jenkins GitLab Plugin 1.5.31 and earlier does not perform a permission ...)
+	NOT-FOR-US: Jenkins plugin
+CVE-2022-30954 (Jenkins Blue Ocean Plugin 1.25.3 and earlier does not perform a permis ...)
+	NOT-FOR-US: Jenkins plugin
+CVE-2022-30953 (A cross-site request forgery (CSRF) vulnerability in Jenkins Blue Ocea ...)
+	NOT-FOR-US: Jenkins plugin
+CVE-2022-30952 (Jenkins Pipeline SCM API for Blue Ocean Plugin 1.25.3 and earlier allo ...)
+	NOT-FOR-US: Jenkins plugin
+CVE-2022-30951 (Jenkins WMI Windows Agents Plugin 1.8 and earlier includes the Windows ...)
+	NOT-FOR-US: Jenkins plugin
+CVE-2022-30950 (Jenkins WMI Windows Agents Plugin 1.8 and earlier includes the Windows ...)
+	NOT-FOR-US: Jenkins plugin
+CVE-2022-30949 (Jenkins REPO Plugin 1.14.0 and earlier allows attackers able to config ...)
+	NOT-FOR-US: Jenkins plugin
+CVE-2022-30948 (Jenkins Mercurial Plugin 2.16 and earlier allows attackers able to con ...)
+	NOT-FOR-US: Jenkins plugin
+CVE-2022-30947 (Jenkins Git Plugin 4.11.1 and earlier allows attackers able to configu ...)
+	NOT-FOR-US: Jenkins plugin
+CVE-2022-30946 (A cross-site request forgery (CSRF) vulnerability in Jenkins Script Se ...)
+	NOT-FOR-US: Jenkins plugin
+CVE-2022-30945 (Jenkins Pipeline: Groovy Plugin 2689.v434009a_31b_f1 and earlier allow ...)
 	NOT-FOR-US: Jenkins plugin
 CVE-2022-1754
 	RESERVED
@@ -118,8 +124,8 @@ CVE-2022-1738
 	RESERVED
 CVE-2022-1737
 	RESERVED
-CVE-2013-10001
-	RESERVED
+CVE-2013-10001 (A vulnerability was found in HTC One/Sense 4.x. It has been rated as p ...)
+	TODO: check
 CVE-2022-30942
 	RESERVED
 CVE-2022-30941
@@ -248,15 +254,15 @@ CVE-2022-1736
 	NOTE: default (https://wiki.ubuntu.com/Security/Features#ports) and the fact that the user
 	NOTE: service was enabled by default (and not automatically enabled anymore since 42.1.1-2)
 	TODO: check, if we want to threat this as unimportant severity issue
-CVE-2022-1735
-	RESERVED
+CVE-2022-1735 (Classic Buffer Overflow in GitHub repository vim/vim prior to 8.2. ...)
+	TODO: check
 CVE-2022-1734
 	RESERVED
 	- linux <unfixed> (unimportant)
 	NOTE: https://git.kernel.org/linus/d270453a0d9ec10bb8a802a142fb1b3601a83098 (5.18-rc6)
 	NOTE: Support for Marvell NFC devices (CONFIG_NFC_MRVL) not enabled
-CVE-2022-1733
-	RESERVED
+CVE-2022-1733 (Heap-based Buffer Overflow in GitHub repository vim/vim prior to 8.2. ...)
+	TODO: check
 CVE-2022-1732
 	RESERVED
 CVE-2022-1731 (Metasonic Doc WebClient 7.0.14.0 / 7.0.12.0 / 7.0.3.0 is vulnerable to ...)
@@ -278,8 +284,8 @@ CVE-2022-1725 (NULL Pointer Dereference in GitHub repository vim/vim prior to 8.
 	NOTE: Negligible security impact; crash in CLI tool
 CVE-2022-1724
 	RESERVED
-CVE-2022-1723
-	RESERVED
+CVE-2022-1723 (Server-Side Request Forgery (SSRF) in GitHub repository jgraph/drawio  ...)
+	TODO: check
 CVE-2022-1722 (SSRF in editor's proxy via IPv6 link-local address in GitHub repositor ...)
 	NOT-FOR-US: jgraph/drawio
 CVE-2022-1721 (Path Traversal in WellKnownServlet in GitHub repository jgraph/drawio  ...)
@@ -700,8 +706,8 @@ CVE-2022-1713 (SSRF on /proxy in GitHub repository jgraph/drawio prior to 18.0.4
 	NOT-FOR-US: jgraph/drawio
 CVE-2022-1712
 	RESERVED
-CVE-2022-1711
-	RESERVED
+CVE-2022-1711 (Server-Side Request Forgery (SSRF) in GitHub repository jgraph/drawio  ...)
+	TODO: check
 CVE-2022-1710
 	RESERVED
 CVE-2022-1709
@@ -710,8 +716,7 @@ CVE-2022-1708
 	RESERVED
 CVE-2022-1707
 	RESERVED
-CVE-2022-1706
-	RESERVED
+CVE-2022-1706 (A vulnerability was found in Ignition where ignition configs are acces ...)
 	- ignition <unfixed>
 	NOTE: https://github.com/coreos/ignition/issues/1300
 	NOTE: https://github.com/coreos/ignition/pull/1350
@@ -727,10 +732,10 @@ CVE-2021-44467
 	RESERVED
 CVE-2021-4228
 	RESERVED
-CVE-2022-30689
-	RESERVED
-CVE-2022-30688 [local privilege escalation]
-	RESERVED
+CVE-2022-30689 (HashiCorp Vault and Vault Enterprise from 1.10.0 to 1.10.2 did not cor ...)
+	TODO: check
+CVE-2022-30688 (needrestart 0.8 through 3.5 before 3.6 is prone to local privilege esc ...)
+	{DSA-5137-1}
 	- needrestart 3.6-1 (bug #1011154)
 	NOTE: https://github.com/liske/needrestart/commit/e6e58136e1e3c92296e2e810cb8372a5fe0dbd30 (v3.6)
 	NOTE: https://www.openwall.com/lists/oss-security/2022/05/17/9
@@ -2415,8 +2420,8 @@ CVE-2022-30112
 	RESERVED
 CVE-2022-30111
 	RESERVED
-CVE-2022-30110
-	RESERVED
+CVE-2022-30110 (The file preview functionality in Jirafeau &lt; 4.4.0, which is enable ...)
+	TODO: check
 CVE-2022-30109
 	RESERVED
 CVE-2022-30108
@@ -2489,10 +2494,10 @@ CVE-2022-30075
 	RESERVED
 CVE-2022-30074
 	RESERVED
-CVE-2022-30073
-	RESERVED
-CVE-2022-30072
-	RESERVED
+CVE-2022-30073 (WBCE CMS 1.5.2 is vulnerable to Cross Site Scripting (XSS) via /admin/ ...)
+	TODO: check
+CVE-2022-30072 (WBCE CMS 1.5.2 is vulnerable to Cross Site Scripting (XSS) via \admin\ ...)
+	TODO: check
 CVE-2022-30071
 	RESERVED
 CVE-2022-30070
@@ -2501,8 +2506,8 @@ CVE-2022-30069
 	RESERVED
 CVE-2022-30068
 	RESERVED
-CVE-2022-30067
-	RESERVED
+CVE-2022-30067 (GIMP 2.10.30 and 2.99.10 are vulnerable to Buffer Overflow. Through a  ...)
+	TODO: check
 CVE-2022-30066
 	RESERVED
 CVE-2022-30065
@@ -2621,8 +2626,8 @@ CVE-2022-30009
 	RESERVED
 CVE-2022-30008
 	RESERVED
-CVE-2022-30007
-	RESERVED
+CVE-2022-30007 (GXCMS V1.5 has a file upload vulnerability in the background. The vuln ...)
+	TODO: check
 CVE-2022-30006
 	RESERVED
 CVE-2022-30005
@@ -3930,8 +3935,8 @@ CVE-2022-29584 (Mahara before 20.10.5, 21.04.4, 21.10.2, and 22.04.0 allows stor
 CVE-2022-29583 (service_windows.go in the kardianos service package for Go omits quoti ...)
 	- golang-github-kardianos-service <not-affected> (Windows-specific issue)
 	NOTE: https://github.com/kardianos/service/pull/290
-CVE-2022-29581
-	RESERVED
+CVE-2022-29581 (Improper Update of Reference Count vulnerability in net/sched of Linux ...)
+	TODO: check
 CVE-2022-29580
 	RESERVED
 CVE-2022-29579
@@ -4407,8 +4412,8 @@ CVE-2022-29431
 	RESERVED
 CVE-2022-29430
 	RESERVED
-CVE-2022-29429
-	RESERVED
+CVE-2022-29429 (Remote Code Execution (RCE) in Alexander Stokmann's Code Snippets Exte ...)
+	TODO: check
 CVE-2022-29428
 	RESERVED
 CVE-2022-29427
@@ -4636,8 +4641,8 @@ CVE-2022-29334
 	RESERVED
 CVE-2022-29333
 	RESERVED
-CVE-2022-29332
-	RESERVED
+CVE-2022-29332 (D-LINK DIR-825 AC1200 R2 is vulnerable to Directory Traversal. An atta ...)
+	TODO: check
 CVE-2022-29331
 	RESERVED
 CVE-2022-29330
@@ -5549,7 +5554,7 @@ CVE-2022-1294
 CVE-2022-1293
 	RESERVED
 CVE-2022-1292 (The c_rehash script does not properly sanitise shell metacharacters to ...)
-	{DLA-3008-1}
+	{DSA-5139-1 DLA-3008-1}
 	- openssl 1.1.1o-1
 	NOTE: https://www.openssl.org/news/secadv/20220503.txt
 	NOTE: https://git.openssl.org/gitweb/?p=openssl.git;a=commit;h=1ad73b4d27bd8c1b369a3cd453681d3a4f1bb9b2 (openssl-3.0.3)
@@ -8242,8 +8247,8 @@ CVE-2022-1118
 CVE-2022-1117
 	RESERVED
 	NOT-FOR-US: fapolicyd
-CVE-2022-1116
-	RESERVED
+CVE-2022-1116 (Integer Overflow or Wraparound vulnerability in io_uring of Linux Kern ...)
+	TODO: check
 CVE-2022-1115
 	RESERVED
 	- imagemagick <unfixed>
@@ -12279,8 +12284,8 @@ CVE-2022-25943 (The installer of WPS Office for Windows versions prior to v11.2.
 	NOT-FOR-US: WPS Office for Windows
 CVE-2022-0880 (Cross-site Scripting (XSS) - Stored in GitHub repository star7th/showd ...)
 	NOT-FOR-US: ShowDoc
-CVE-2022-26650
-	RESERVED
+CVE-2022-26650 (In Apache ShenYui, ShenYu-Bootstrap, RegexPredicateJudge.java uses Pat ...)
+	TODO: check
 CVE-2022-26649
 	RESERVED
 CVE-2022-26648
@@ -17188,8 +17193,8 @@ CVE-2022-24891 (ESAPI (The OWASP Enterprise Security API) is a free, open source
 	NOTE: https://github.com/ESAPI/esapi-java-legacy/security/advisories/GHSA-q77q-vx4q-xx6q
 	NOTE: https://github.com/ESAPI/esapi-java-legacy/blob/develop/documentation/ESAPI-security-bulletin8.pdf
 	NOTE: https://github.com/ESAPI/esapi-java-legacy/blob/develop/documentation/esapi4java-core-2.3.0.0-release-notes.txt
-CVE-2022-24890
-	RESERVED
+CVE-2022-24890 (Nextcloud Talk is a video and audio conferencing app for Nextcloud. In ...)
+	TODO: check
 CVE-2022-24889 (Nextcloud Server is the file server software for Nextcloud, a self-hos ...)
 	- nextcloud-server <itp> (bug #941708)
 CVE-2022-24888 (Nextcloud Server is the file server software for Nextcloud, a self-hos ...)
@@ -17273,8 +17278,8 @@ CVE-2022-24858 (next-auth v3 users before version 3.29.2 are impacted. next-auth
 	NOT-FOR-US: NextAuth.js
 CVE-2022-24857 (django-mfa3 is a library that implements multi factor authentication f ...)
 	NOT-FOR-US: django-mfa3
-CVE-2022-24856
-	RESERVED
+CVE-2022-24856 (FlyteConsole is the web user interface for the Flyte platform. FlyteCo ...)
+	TODO: check
 CVE-2022-24855 (Metabase is an open source business intelligence and analytics applica ...)
 	NOT-FOR-US: Metabase
 CVE-2022-24854 (Metabase is an open source business intelligence and analytics applica ...)
@@ -17568,7 +17573,7 @@ CVE-2022-24763 (PJSIP is a free and open source multimedia communication library
 CVE-2022-24762 (sysend.js is a library that allows a user to send messages between pag ...)
 	NOT-FOR-US: sysend.js
 CVE-2022-24761 (Waitress is a Web Server Gateway Interface server for Python 2 and 3.  ...)
-	{DLA-3000-1}
+	{DSA-5138-1 DLA-3000-1}
 	- waitress 2.1.1-1 (bug #1008013)
 	NOTE: https://github.com/Pylons/waitress/security/advisories/GHSA-4f7p-27jc-3c36
 	NOTE: https://github.com/Pylons/waitress/commit/9e0b8c801e4d505c2ffc91b891af4ba48af715e0 (v2.1.1)
@@ -18156,8 +18161,8 @@ CVE-2022-24613 (metadata-extractor up to 2.16.0 can throw various uncaught excep
 	NOTE: https://github.com/drewnoakes/metadata-extractor/issues/561
 CVE-2022-24612 (An authenticated user can upload an XML file containing an XSS via the ...)
 	NOT-FOR-US: EyesOfNetwork (EON) eonweb
-CVE-2022-24611
-	RESERVED
+CVE-2022-24611 (Denial of Service (DoS) in the Z-Wave S0 NonceGet protocol specificati ...)
+	TODO: check
 CVE-2022-24610 (Settings/network settings/wireless settings on the Alecto DVC-215IP ca ...)
 	NOT-FOR-US: Alecto
 CVE-2022-24609 (Luocms v2.0 is affected by an incorrect access control vulnerability.  ...)
@@ -19765,8 +19770,8 @@ CVE-2022-24110 (Kiteworks MFT 7.5 may allow an unauthorized user to reset other
 	NOT-FOR-US: Kiteworks managed file transfer
 CVE-2022-24109
 	RESERVED
-CVE-2022-24108
-	RESERVED
+CVE-2022-24108 (The Skyoftech So Listing Tabs module 2.2.0 for OpenCart allows a remot ...)
+	TODO: check
 CVE-2022-24107
 	RESERVED
 CVE-2022-24106
@@ -21609,20 +21614,20 @@ CVE-2022-23677 (A remote execution of arbitrary code vulnerability was discovere
 	NOT-FOR-US: Aruba
 CVE-2022-23676 (A remote execution of arbitrary code vulnerability was discovered in A ...)
 	NOT-FOR-US: Aruba
-CVE-2022-23675
-	RESERVED
-CVE-2022-23674
-	RESERVED
-CVE-2022-23673
-	RESERVED
-CVE-2022-23672
-	RESERVED
-CVE-2022-23671
-	RESERVED
+CVE-2022-23675 (A remote authenticated stored cross-site scripting (xss) vulnerability ...)
+	TODO: check
+CVE-2022-23674 (A remote authenticated stored cross-site scripting (xss) vulnerability ...)
+	TODO: check
+CVE-2022-23673 (A authenticated remote command injection vulnerability was discovered  ...)
+	TODO: check
+CVE-2022-23672 (A authenticated remote command injection vulnerability was discovered  ...)
+	TODO: check
+CVE-2022-23671 (A remote authenticated information disclosure vulnerability was discov ...)
+	TODO: check
 CVE-2022-23670 (A remote authenticated information disclosure vulnerability was discov ...)
 	TODO: check
-CVE-2022-23669
-	RESERVED
+CVE-2022-23669 (A remote authorization bypass vulnerability was discovered in Aruba Cl ...)
+	TODO: check
 CVE-2022-23668 (A remote authenticated server-side request forgery (ssrf) vulnerabilit ...)
 	TODO: check
 CVE-2022-23667 (A authenticated remote command injection vulnerability was discovered  ...)
@@ -24817,12 +24822,12 @@ CVE-2022-22777
 	RESERVED
 CVE-2022-22776
 	RESERVED
-CVE-2022-22775
-	RESERVED
+CVE-2022-22775 (The Workspace client component of TIBCO Software Inc.'s TIBCO BPM Ente ...)
+	TODO: check
 CVE-2022-22774 (The DOM XML parser and SAX XML parser components of TIBCO Software Inc ...)
 	NOT-FOR-US: TIBCO
-CVE-2022-22773
-	RESERVED
+CVE-2022-22773 (The REST API component of TIBCO Software Inc.'s TIBCO JasperReports Se ...)
+	TODO: check
 CVE-2022-22772 (The cfsend, cfrecv, and CyberResp components of TIBCO Software Inc.'s  ...)
 	NOT-FOR-US: TIBCO Managed File Transfer Platform
 CVE-2022-22771 (The Server component of TIBCO Software Inc.'s TIBCO JasperReports Libr ...)
@@ -25939,12 +25944,12 @@ CVE-2022-22486
 	RESERVED
 CVE-2022-22485
 	RESERVED
-CVE-2022-22484
-	RESERVED
+CVE-2022-22484 (IBM Spectrum Protect Operations Center 8.1.12 and 8.1.13 could allow a ...)
+	TODO: check
 CVE-2022-22483
 	RESERVED
-CVE-2022-22482
-	RESERVED
+CVE-2022-22482 (IBM Sterling B2B Integrator Standard Edition 6.0.0.0 through 6.0.3.5 a ...)
+	TODO: check
 CVE-2022-22481 (IBM Navigator for i 7.2, 7.3, and 7.4 (heritage version) could allow a ...)
 	NOT-FOR-US: IBM
 CVE-2022-22480
@@ -25957,8 +25962,8 @@ CVE-2022-22477
 	RESERVED
 CVE-2022-22476
 	RESERVED
-CVE-2022-22475
-	RESERVED
+CVE-2022-22475 (IBM WebSphere Application Server Liberty 17.0.0.3 through 22.0.0.5 and ...)
+	TODO: check
 CVE-2022-22474
 	RESERVED
 CVE-2022-22473
@@ -38798,8 +38803,8 @@ CVE-2021-42945 (A SQL Injection vulnerability exists in ZZCMS 2021 via the askbi
 	NOT-FOR-US: ZZCMS
 CVE-2021-42944
 	RESERVED
-CVE-2021-42943
-	RESERVED
+CVE-2021-42943 (Stored cross-site scripting (XSS) in admin/usermanager.php over IPPlan ...)
+	TODO: check
 CVE-2021-42942
 	RESERVED
 CVE-2021-42941
@@ -39533,10 +39538,10 @@ CVE-2021-42646 (XML External Entity (XXE) vulnerability in the file based servic
 	NOT-FOR-US: carbon-identity-framework
 CVE-2021-42645 (CMSimple_XH 1.7.4 is affected by a remote code execution (RCE) vulnera ...)
 	NOT-FOR-US: CMSimple
-CVE-2021-42644
-	RESERVED
-CVE-2021-42643
-	RESERVED
+CVE-2021-42644 (cmseasy V7.7.5_20211012 is affected by an arbitrary file read vulnerab ...)
+	TODO: check
+CVE-2021-42643 (cmseasy V7.7.5_20211012 is affected by an arbitrary file write vulnera ...)
+	TODO: check
 CVE-2021-42642 (PrinterLogic Web Stack versions 19.1.1.13 SP9 and below are vulnerable ...)
 	NOT-FOR-US: PrinterLogic Web Stack
 CVE-2021-42641 (PrinterLogic Web Stack versions 19.1.1.13 SP9 and below are vulnerable ...)
@@ -50156,8 +50161,8 @@ CVE-2021-38874 (IBM QRadar SIEM 7.3, 7.4, and 7.5 allows for users to access inf
 	NOT-FOR-US: IBM
 CVE-2021-38873 (IBM Planning Analytics 2.0 is potentially vulnerable to CSV Injection. ...)
 	NOT-FOR-US: IBM
-CVE-2021-38872
-	RESERVED
+CVE-2021-38872 (IBM DataPower Gateway 10.0.2.0, 10.0.3.0, 10.0.1.0 through 10.0.1.4, a ...)
+	TODO: check
 CVE-2021-38871
 	RESERVED
 CVE-2021-38870 (IBM Aspera Cloud is vulnerable to stored cross-site scripting. This vu ...)
@@ -73473,8 +73478,8 @@ CVE-2021-29728 (IBM Sterling Secure Proxy 6.0.1, 6.0.2, 2.4.3.2, and 3.4.3.2 con
 	NOT-FOR-US: IBM
 CVE-2021-29727 (IBM AIX 7.1, 7.2, and VIOS 3.1 could allow a local user to exploit a v ...)
 	NOT-FOR-US: IBM
-CVE-2021-29726
-	RESERVED
+CVE-2021-29726 (IBM Sterling Secure Proxy 6.0.3 and IBM Secure External Authentication ...)
+	TODO: check
 CVE-2021-29725 (IBM Secure External Authentication Server 2.4.3.2, 6.0.1, 6.0.2 and IB ...)
 	NOT-FOR-US: IBM
 CVE-2021-29724
@@ -167320,8 +167325,8 @@ CVE-2020-4996 (IBM Security Identity Governance and Intelligence 5.2.6 could all
 	NOT-FOR-US: IBM
 CVE-2020-4995 (IBM Security Identity Governance and Intelligence 5.2.6 does not inval ...)
 	NOT-FOR-US: IBM
-CVE-2020-4994
-	RESERVED
+CVE-2020-4994 (IBM DataPower Gateway 10.0.1.0 through 10.0.1.4 and 2018.4.1.0 through ...)
+	TODO: check
 CVE-2020-4993 (IBM QRadar SIEM 7.3 and 7.4 when decompressing or verifying signature  ...)
 	NOT-FOR-US: IBM
 CVE-2020-4992 (IBM DataPower Gateway 2018.4.1.0 through 2018.4.1.16 is vulnerable to  ...)
@@ -167394,8 +167399,8 @@ CVE-2020-4959
 	RESERVED
 CVE-2020-4958 (IBM Security Identity Governance and Intelligence 5.2.6 does not perfo ...)
 	NOT-FOR-US: IBM
-CVE-2020-4957
-	RESERVED
+CVE-2020-4957 (IBM Security Identity Governance and Intelligence 5.2.6 could disclose ...)
+	TODO: check
 CVE-2020-4956 (IBM Spectrum Protect Operations Center 7.1 and 8.1 is vulnerable to a  ...)
 	NOT-FOR-US: IBM
 CVE-2020-4955 (IBM Spectrum Protect Operations Center 7.1 and 8.1could allow a remote ...)