automatic update

1 files changed, 90 insertions, 33 deletions

diff --git a/data/CVE/list b/data/CVE/list
index 28a4ff7905..e51ab3e431 100644
--- a/data/CVE/list
+++ b/data/CVE/list
@@ -1,3 +1,61 @@
+CVE-2022-27653
+	RESERVED
+CVE-2022-27652
+	RESERVED
+CVE-2022-27651
+	RESERVED
+CVE-2022-27650
+	RESERVED
+CVE-2022-27649
+	RESERVED
+CVE-2022-27648
+	RESERVED
+CVE-2022-27647
+	RESERVED
+CVE-2022-27646
+	RESERVED
+CVE-2022-27645
+	RESERVED
+CVE-2022-27644
+	RESERVED
+CVE-2022-27643
+	RESERVED
+CVE-2022-27642
+	RESERVED
+CVE-2022-27641
+	RESERVED
+CVE-2022-27640
+	RESERVED
+CVE-2022-1055
+	RESERVED
+CVE-2022-1054
+	RESERVED
+CVE-2022-1053
+	RESERVED
+CVE-2022-1052
+	RESERVED
+CVE-2022-1051
+	RESERVED
+CVE-2022-1050
+	RESERVED
+CVE-2022-1049
+	RESERVED
+CVE-2022-1048
+	RESERVED
+CVE-2022-1047
+	RESERVED
+CVE-2022-1046
+	RESERVED
+CVE-2022-1045
+	RESERVED
+CVE-2022-1044
+	RESERVED
+CVE-2022-1043
+	RESERVED
+CVE-2022-1042
+	RESERVED
+CVE-2022-1041
+	RESERVED
 CVE-2022-27635
 	RESERVED
 CVE-2022-27626
@@ -768,14 +826,14 @@ CVE-2022-25959
 	RESERVED
 CVE-2022-1037
 	RESERVED
-CVE-2022-1036
-	RESERVED
+CVE-2022-1036 (Able to create an account with long password leads to memory corruptio ...)
+	TODO: check
 CVE-2022-1035 (Segmentation Fault caused by MP4Box -lsr in GitHub repository gpac/gpa ...)
 	- gpac <unfixed>
 	NOTE: https://huntr.dev/bounties/851942a4-1d64-4553-8fdc-9fccd167864b
 	NOTE: https://github.com/gpac/gpac/commit/3718d583c6ade191dc7979c64f48c001ca6f0243
-CVE-2022-1034
-	RESERVED
+CVE-2022-1034 (There is a Unrestricted Upload of File vulnerability in ShowDoc v2.10. ...)
+	TODO: check
 CVE-2022-1033
 	RESERVED
 CVE-2022-1032
@@ -907,8 +965,8 @@ CVE-2022-1001
 	RESERVED
 CVE-2022-1000 (Path Traversal in GitHub repository prasathmani/tinyfilemanager prior  ...)
 	TODO: check
-CVE-2022-27228
-	RESERVED
+CVE-2022-27228 (In the vote (aka "Polls, Votes") module before 21.0.100 of Bitrix Site ...)
+	TODO: check
 CVE-2022-27227
 	RESERVED
 CVE-2022-27226 (A CSRF issue in /api/crontab on iRZ Mobile Routers through 2022-03-16  ...)
@@ -3143,7 +3201,7 @@ CVE-2022-0845 (Code Injection in GitHub repository pytorchlightning/pytorch-ligh
 	NOT-FOR-US: pytorchlightning
 CVE-2022-26387
 	RESERVED
-	{DSA-5106-1 DSA-5097-1 DLA-2942-1}
+	{DSA-5106-1 DSA-5097-1 DLA-2961-1 DLA-2942-1}
 	- firefox 98.0-1
 	- firefox-esr 91.7.0esr-1
 	- thunderbird 1:91.7.0-1
@@ -3152,7 +3210,7 @@ CVE-2022-26387
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2022-12/#CVE-2022-26387
 CVE-2022-26386
 	RESERVED
-	{DSA-5106-1 DSA-5097-1 DLA-2942-1}
+	{DSA-5106-1 DSA-5097-1 DLA-2961-1 DLA-2942-1}
 	- firefox-esr 91.7.0esr-1
 	- thunderbird 1:91.7.0-1
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2022-11/#CVE-2022-26386
@@ -3163,7 +3221,7 @@ CVE-2022-26385
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2022-10/#CVE-2022-26385
 CVE-2022-26384
 	RESERVED
-	{DSA-5106-1 DSA-5097-1 DLA-2942-1}
+	{DSA-5106-1 DSA-5097-1 DLA-2961-1 DLA-2942-1}
 	- firefox 98.0-1
 	- firefox-esr 91.7.0esr-1
 	- thunderbird 1:91.7.0-1
@@ -3172,7 +3230,7 @@ CVE-2022-26384
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2022-12/#CVE-2022-26384
 CVE-2022-26383
 	RESERVED
-	{DSA-5106-1 DSA-5097-1 DLA-2942-1}
+	{DSA-5106-1 DSA-5097-1 DLA-2961-1 DLA-2942-1}
 	- firefox 98.0-1
 	- firefox-esr 91.7.0esr-1
 	- thunderbird 1:91.7.0-1
@@ -3185,7 +3243,7 @@ CVE-2022-26382
 	NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2022-10/#CVE-2022-26382
 CVE-2022-26381
 	RESERVED
-	{DSA-5106-1 DSA-5097-1 DLA-2942-1}
+	{DSA-5106-1 DSA-5097-1 DLA-2961-1 DLA-2942-1}
 	- firefox 98.0-1
 	- firefox-esr 91.7.0esr-1
 	- thunderbird 1:91.7.0-1
@@ -3508,8 +3566,8 @@ CVE-2022-26262
 	RESERVED
 CVE-2022-26261
 	RESERVED
-CVE-2022-26260
-	RESERVED
+CVE-2022-26260 (Simple-Plist v1.3.0 was discovered to contain a prototype pollution vu ...)
+	TODO: check
 CVE-2022-26259
 	RESERVED
 CVE-2022-26258
@@ -5435,8 +5493,8 @@ CVE-2022-25519
 	RESERVED
 CVE-2022-25518
 	RESERVED
-CVE-2022-25517
-	RESERVED
+CVE-2022-25517 (MyBatis plus v3.4.3 was discovered to contain a SQL injection vulnerab ...)
+	TODO: check
 CVE-2022-25516 (stb_truetype.h v1.26 was discovered to contain a heap-buffer-overflow  ...)
 	- libstb <unfixed> (unimportant)
 	NOTE: https://github.com/nothings/stb/issues/1287
@@ -5513,8 +5571,8 @@ CVE-2022-25486 (CuppaCMS v1.0 was discovered to contain a local file inclusion v
 	NOT-FOR-US: CuppaCMS
 CVE-2022-25485 (CuppaCMS v1.0 was discovered to contain a local file inclusion via the ...)
 	NOT-FOR-US: CuppaCMS
-CVE-2022-25484
-	RESERVED
+CVE-2022-25484 (tcpprep v4.4.1 has a reachable assertion (assert(l2len &gt; 0)) in pac ...)
+	TODO: check
 CVE-2022-25483
 	RESERVED
 CVE-2022-25482
@@ -6008,8 +6066,7 @@ CVE-2022-0669
 	RESERVED
 CVE-2022-0668
 	RESERVED
-CVE-2022-0667 [Assertion failure on delayed DS lookup]
-	RESERVED
+CVE-2022-0667 (When the vulnerability is triggered the BIND process will exit. BIND 9 ...)
 	- bind9 1:9.18.1-1
 	[bullseye] - bind9 <not-affected> (Vulnerable code introduced later)
 	[buster] - bind9 <not-affected> (Vulnerable code introduced later)
@@ -7505,8 +7562,8 @@ CVE-2022-24776
 	RESERVED
 CVE-2022-24775 (guzzlehttp/psr7 is a PSR-7 HTTP message library. Versions prior to 1.8 ...)
 	TODO: check
-CVE-2022-24774
-	RESERVED
+CVE-2022-24774 (CycloneDX BOM Repository Server is a bill of materials (BOM) repositor ...)
+	TODO: check
 CVE-2022-24773 (Forge (also called `node-forge`) is a native implementation of Transpo ...)
 	- node-node-forge <unfixed>
 	NOTE: https://github.com/digitalbazaar/forge/security/advisories/GHSA-2r2c-g63r-vccr
@@ -7533,8 +7590,8 @@ CVE-2022-24766 (mitmproxy is an interactive, SSL/TLS-capable intercepting proxy.
 	NOTE: https://github.com/mitmproxy/mitmproxy/commit/b06fb6d157087d526bd02e7aadbe37c56865c71b (v8.0.0)
 CVE-2022-24765
 	RESERVED
-CVE-2022-24764
-	RESERVED
+CVE-2022-24764 (PJSIP is a free and open source multimedia communication library writt ...)
+	TODO: check
 CVE-2022-24763
 	RESERVED
 CVE-2022-24762 (sysend.js is a library that allows a user to send messages between pag ...)
@@ -17322,10 +17379,10 @@ CVE-2021-45812 (NUUO Network Video Recorder NVRsolo 3.9.1 is affected by a Cross
 	NOT-FOR-US: NUUO Network Video Recorder NVRsolo
 CVE-2021-45811
 	RESERVED
-CVE-2021-45810
-	RESERVED
-CVE-2021-45809
-	RESERVED
+CVE-2021-45810 (Multiple versions of GlobalProtect-openconnect are affected by incorre ...)
+	TODO: check
+CVE-2021-45809 (Multiple versions of GlobalProtect-openconnect are affected by incorre ...)
+	TODO: check
 CVE-2021-45808 (jpress v4.2.0 allows users to register an account by default. With the ...)
 	NOT-FOR-US: jpress
 CVE-2021-45807 (jpress v4.2.0 is vulnerable to command execution via io.jpress.web.adm ...)
@@ -23657,8 +23714,8 @@ CVE-2022-21720 (GLPI is a free asset and IT management software package. Prior t
 CVE-2022-21719 (GLPI is a free asset and IT management software package. All GLPI vers ...)
 	- glpi <removed> (unimportant)
 	NOTE: Only supported behind an authenticated HTTP zone
-CVE-2022-21718
-	RESERVED
+CVE-2022-21718 (Electron is a framework for writing cross-platform desktop application ...)
+	TODO: check
 CVE-2022-21717
 	RESERVED
 CVE-2022-21716 (Twisted is an event-based framework for internet applications, support ...)
@@ -25485,8 +25542,8 @@ CVE-2021-43652
 	RESERVED
 CVE-2021-43651
 	RESERVED
-CVE-2021-43650
-	RESERVED
+CVE-2021-43650 (WebRun 3.6.0.42 is vulnerable to SQL Injection via the P_0 parameter u ...)
+	TODO: check
 CVE-2021-43649
 	RESERVED
 CVE-2021-43648
@@ -32580,8 +32637,8 @@ CVE-2021-41738
 	RESERVED
 CVE-2021-41737
 	RESERVED
-CVE-2021-41736
-	RESERVED
+CVE-2021-41736 (Faust v2.35.0 was discovered to contain a heap-buffer overflow in the  ...)
+	TODO: check
 CVE-2021-41735
 	RESERVED
 CVE-2021-41734