automatic update

1 files changed, 42 insertions, 38 deletions

diff --git a/data/CVE/list.2021 b/data/CVE/list.2021
index 4b8f47bf53..34f4f56ee4 100644
--- a/data/CVE/list.2021
+++ b/data/CVE/list.2021
@@ -1,3 +1,7 @@
+CVE-2021-46401
+	RESERVED
+CVE-2021-46400
+	RESERVED
 CVE-2021-46399
 	RESERVED
 CVE-2021-46398
@@ -398,10 +402,10 @@ CVE-2021-46206
 	RESERVED
 CVE-2021-46205
 	RESERVED
-CVE-2021-46204
-	RESERVED
-CVE-2021-46203
-	RESERVED
+CVE-2021-46204 (Taocms v3.0.2 was discovered to contain an arbitrary file read vulnera ...)
+	TODO: check
+CVE-2021-46203 (Taocms v3.0.2 was discovered to contain an arbitrary file read vulnera ...)
+	TODO: check
 CVE-2021-46202
 	RESERVED
 CVE-2021-46201
@@ -657,8 +661,8 @@ CVE-2021-46106
 	RESERVED
 CVE-2021-46105
 	RESERVED
-CVE-2021-46104
-	RESERVED
+CVE-2021-46104 (An issue was discovered in webp_server_go 0.4.0. There is a directory  ...)
+	TODO: check
 CVE-2021-46103
 	RESERVED
 CVE-2021-46102
@@ -847,8 +851,8 @@ CVE-2021-46032
 	RESERVED
 CVE-2021-46031
 	RESERVED
-CVE-2021-46030
-	RESERVED
+CVE-2021-46030 (There is a Cross Site Scripting attack (XSS) vulnerability in JavaQuar ...)
+	TODO: check
 CVE-2021-46029
 	RESERVED
 CVE-2021-46028
@@ -1500,8 +1504,8 @@ CVE-2021-45810
 	RESERVED
 CVE-2021-45809
 	RESERVED
-CVE-2021-45808
-	RESERVED
+CVE-2021-45808 (jpress v4.2.0 allows users to register an account by default. With the ...)
+	TODO: check
 CVE-2021-45807 (jpress v4.2.0 is vulnerable to command execution via io.jpress.web.adm ...)
 	NOT-FOR-US: jpress
 CVE-2021-45806 (jpress v4.2.0 admin panel provides a function through which attackers  ...)
@@ -3935,8 +3939,8 @@ CVE-2021-44839 (An issue was discovered in Delta RM 1.2. It is possible to reque
 	TODO: check
 CVE-2021-44838 (An issue was discovered in Delta RM 1.2. Using the /risque/risque/ajax ...)
 	NOT-FOR-US: Delta RM
-CVE-2021-44837
-	RESERVED
+CVE-2021-44837 (An issue was discovered in Delta RM 1.2. It is possible for an unprivi ...)
+	TODO: check
 CVE-2021-44836 (An issue was discovered in Delta RM 1.2. The /risque/risque/workflow/r ...)
 	TODO: check
 CVE-2021-44835
@@ -5405,8 +5409,8 @@ CVE-2021-44301
 	RESERVED
 CVE-2021-44300
 	RESERVED
-CVE-2021-44299
-	RESERVED
+CVE-2021-44299 (A reflected cross-site scripting (XSS) vulnerability in \lib\packages\ ...)
+	TODO: check
 CVE-2021-44298
 	RESERVED
 CVE-2021-44297
@@ -9183,8 +9187,8 @@ CVE-2021-42812
 	RESERVED
 CVE-2021-42811
 	RESERVED
-CVE-2021-42810
-	RESERVED
+CVE-2021-42810 (A flaw in the previous versions of the product may allow an authentica ...)
+	TODO: check
 CVE-2021-42809 (Improper Access Control of Dynamically-Managed Code Resources (DLL) in ...)
 	NOT-FOR-US: ThalesThales Sentinel Protection Installer
 CVE-2021-42808 (Improper Access Control in Thales Sentinel Protection Installer could  ...)
@@ -18841,14 +18845,14 @@ CVE-2021-38791
 	RESERVED
 CVE-2021-38790
 	RESERVED
-CVE-2021-38789
-	RESERVED
-CVE-2021-38788
-	RESERVED
-CVE-2021-38787
-	RESERVED
-CVE-2021-38786
-	RESERVED
+CVE-2021-38789 (Allwinner R818 SoC Android Q SDK V1.0 is affected by an incorrect acce ...)
+	TODO: check
+CVE-2021-38788 (The Background service in Allwinner R818 SoC Android Q SDK V1.0 is use ...)
+	TODO: check
+CVE-2021-38787 (There is an integer overflow in the ION driver "/dev/ion" of Allwinner ...)
+	TODO: check
+CVE-2021-38786 (There is a NULL pointer dereference in media/libcedarc/vdecoder of All ...)
+	TODO: check
 CVE-2021-38785 (There is a NULL pointer deference in the Allwinner R818 SoC Android Q  ...)
 	TODO: check
 CVE-2021-38784 (There is a NULL pointer dereference in the syscall open_exec function  ...)
@@ -26293,16 +26297,16 @@ CVE-2021-35689
 	RESERVED
 CVE-2021-35688
 	RESERVED
-CVE-2021-35687
-	RESERVED
-CVE-2021-35686
-	RESERVED
+CVE-2021-35687 (Vulnerability in the Oracle Financial Services Analytical Applications ...)
+	TODO: check
+CVE-2021-35686 (Vulnerability in the Oracle Financial Services Analytical Applications ...)
+	TODO: check
 CVE-2021-35685
 	RESERVED
 CVE-2021-35684
 	RESERVED
-CVE-2021-35683
-	RESERVED
+CVE-2021-35683 (Vulnerability in the Oracle Essbase Administration Services product of ...)
+	TODO: check
 CVE-2021-35682
 	RESERVED
 CVE-2021-35681
@@ -26504,8 +26508,8 @@ CVE-2021-35589 (Vulnerability in the Oracle Solaris product of Oracle Systems (c
 CVE-2021-35588 (Vulnerability in the Java SE, Oracle GraalVM Enterprise Edition produc ...)
 	{DLA-2814-1}
 	- openjdk-8 8u312-b07-1
-CVE-2021-35587
-	RESERVED
+CVE-2021-35587 (Vulnerability in the Oracle Access Manager product of Oracle Fusion Mi ...)
+	TODO: check
 CVE-2021-35586 (Vulnerability in the Java SE, Oracle GraalVM Enterprise Edition produc ...)
 	{DSA-5000-2 DSA-5012-1 DSA-5000-1 DLA-2814-1}
 	- openjdk-17 17.0.1+12-1
@@ -30323,10 +30327,10 @@ CVE-2021-33915
 	RESERVED
 CVE-2021-33914
 	RESERVED
-CVE-2021-33913
-	RESERVED
-CVE-2021-33912
-	RESERVED
+CVE-2021-33913 (libspf2 before 1.2.11 has a heap-based buffer overflow that might allo ...)
+	TODO: check
+CVE-2021-33912 (libspf2 before 1.2.11 has a four-byte heap-based buffer overflow that  ...)
+	TODO: check
 CVE-2021-33911 (Zoho ManageEngine ADManager Plus before 7110 allows remote code execut ...)
 	NOT-FOR-US: Zoho
 CVE-2021-33910 (basic/unit-name.c in systemd prior to 246.15, 247.8, 248.5, and 249.1  ...)
@@ -35521,8 +35525,8 @@ CVE-2021-31855 (KDE Messagelib through 5.17.0 reveals cleartext of encrypted mes
 	[stretch] - kdepim4 <no-dsa> (Minor issue)
 	NOTE: https://kde.org/info/security/advisory-20210429-1.txt
 	NOTE: https://commits.kde.org/messagelib/3b5b171e91ce78b966c98b1292a1bcbc8d984799
-CVE-2021-31854
-	RESERVED
+CVE-2021-31854 (A command Injection Vulnerability in McAfee Agent (MA) for Windows pri ...)
+	TODO: check
 CVE-2021-31853 (DLL Search Order Hijacking Vulnerability in McAfee Drive Encryption (M ...)
 	NOT-FOR-US: McAfee
 CVE-2021-31852 (A Reflected Cross-Site Scripting vulnerability in McAfee Policy Audito ...)