automatic update

1 files changed, 276 insertions, 89 deletions

diff --git a/data/CVE/list.2021 b/data/CVE/list.2021
index 249d5bcb3a..7875af9985 100644
--- a/data/CVE/list.2021
+++ b/data/CVE/list.2021
@@ -1,3 +1,193 @@
+CVE-2021-46399
+	RESERVED
+CVE-2021-46398
+	RESERVED
+CVE-2021-46397
+	RESERVED
+CVE-2021-46396
+	RESERVED
+CVE-2021-46395
+	RESERVED
+CVE-2021-46394
+	RESERVED
+CVE-2021-46393
+	RESERVED
+CVE-2021-46392
+	RESERVED
+CVE-2021-46391
+	RESERVED
+CVE-2021-46390
+	RESERVED
+CVE-2021-46389
+	RESERVED
+CVE-2021-46388
+	RESERVED
+CVE-2021-46387
+	RESERVED
+CVE-2021-46386
+	RESERVED
+CVE-2021-46385
+	RESERVED
+CVE-2021-46384
+	RESERVED
+CVE-2021-46383
+	RESERVED
+CVE-2021-46382
+	RESERVED
+CVE-2021-46381
+	RESERVED
+CVE-2021-46380
+	RESERVED
+CVE-2021-46379
+	RESERVED
+CVE-2021-46378
+	RESERVED
+CVE-2021-46377
+	RESERVED
+CVE-2021-46376
+	RESERVED
+CVE-2021-46375
+	RESERVED
+CVE-2021-46374
+	RESERVED
+CVE-2021-46373
+	RESERVED
+CVE-2021-46372
+	RESERVED
+CVE-2021-46371
+	RESERVED
+CVE-2021-46370
+	RESERVED
+CVE-2021-46369
+	RESERVED
+CVE-2021-46368
+	RESERVED
+CVE-2021-46367
+	RESERVED
+CVE-2021-46366
+	RESERVED
+CVE-2021-46365
+	RESERVED
+CVE-2021-46364
+	RESERVED
+CVE-2021-46363
+	RESERVED
+CVE-2021-46362
+	RESERVED
+CVE-2021-46361
+	RESERVED
+CVE-2021-46360
+	RESERVED
+CVE-2021-46359
+	RESERVED
+CVE-2021-46358
+	RESERVED
+CVE-2021-46357
+	RESERVED
+CVE-2021-46356
+	RESERVED
+CVE-2021-46355
+	RESERVED
+CVE-2021-46354
+	RESERVED
+CVE-2021-46353
+	RESERVED
+CVE-2021-46352
+	RESERVED
+CVE-2021-46351
+	RESERVED
+CVE-2021-46350
+	RESERVED
+CVE-2021-46349
+	RESERVED
+CVE-2021-46348
+	RESERVED
+CVE-2021-46347
+	RESERVED
+CVE-2021-46346
+	RESERVED
+CVE-2021-46345
+	RESERVED
+CVE-2021-46344
+	RESERVED
+CVE-2021-46343
+	RESERVED
+CVE-2021-46342
+	RESERVED
+CVE-2021-46341
+	RESERVED
+CVE-2021-46340
+	RESERVED
+CVE-2021-46339
+	RESERVED
+CVE-2021-46338
+	RESERVED
+CVE-2021-46337
+	RESERVED
+CVE-2021-46336
+	RESERVED
+CVE-2021-46335
+	RESERVED
+CVE-2021-46334
+	RESERVED
+CVE-2021-46333
+	RESERVED
+CVE-2021-46332
+	RESERVED
+CVE-2021-46331
+	RESERVED
+CVE-2021-46330
+	RESERVED
+CVE-2021-46329
+	RESERVED
+CVE-2021-46328
+	RESERVED
+CVE-2021-46327
+	RESERVED
+CVE-2021-46326
+	RESERVED
+CVE-2021-46325
+	RESERVED
+CVE-2021-46324
+	RESERVED
+CVE-2021-46323
+	RESERVED
+CVE-2021-46322
+	RESERVED
+CVE-2021-46321
+	RESERVED
+CVE-2021-46320
+	RESERVED
+CVE-2021-46319
+	RESERVED
+CVE-2021-46318
+	RESERVED
+CVE-2021-46317
+	RESERVED
+CVE-2021-46316
+	RESERVED
+CVE-2021-46315
+	RESERVED
+CVE-2021-46314
+	RESERVED
+CVE-2021-46313
+	RESERVED
+CVE-2021-46312
+	RESERVED
+CVE-2021-46311
+	RESERVED
+CVE-2021-46310
+	RESERVED
+CVE-2021-46309
+	RESERVED
+CVE-2021-46308
+	RESERVED
+CVE-2021-46307
+	RESERVED
+CVE-2021-46306
+	RESERVED
+CVE-2021-46305
+	RESERVED
 CVE-2021-46304
 	RESERVED
 CVE-2021-46303
@@ -699,10 +889,10 @@ CVE-2021-46015
 	RESERVED
 CVE-2021-46014
 	RESERVED
-CVE-2021-46013
-	RESERVED
+CVE-2021-46013 (An unrestricted file upload vulnerability exists in Sourcecodester Fre ...)
+	TODO: check
 CVE-2021-46012
-	RESERVED
+	REJECTED
 CVE-2021-46011
 	RESERVED
 CVE-2021-46010
@@ -715,8 +905,8 @@ CVE-2021-46007
 	RESERVED
 CVE-2021-46006
 	RESERVED
-CVE-2021-46005
-	RESERVED
+CVE-2021-46005 (Sourcecodester Car Rental Management System 1.0 is vulnerable to Cross ...)
+	TODO: check
 CVE-2021-46004
 	RESERVED
 CVE-2021-46003
@@ -2193,8 +2383,8 @@ CVE-2021-4147 [deadlock and crash in libxl driver]
 	NOTE: https://gitlab.com/libvirt/libvirt/-/commit/b9a5faea49b7412e26d7389af4c32fc2b3ee80e5
 	NOTE: https://gitlab.com/libvirt/libvirt/-/commit/5c5df5310f72be4878a71ace47074c54e0d1a27d
 	NOTE: https://gitlab.com/libvirt/libvirt/-/commit/a7a03324d86e111f81687b5315b8f296dde84340
-CVE-2021-4146
-	RESERVED
+CVE-2021-4146 (Business Logic Errors in GitHub repository pimcore/pimcore prior to 10 ...)
+	TODO: check
 CVE-2021-4145 [NULL pointer dereference in mirror_wait_on_conflicts() in block/mirror.c]
 	RESERVED
 	- qemu 1:6.2+dfsg-1
@@ -2324,8 +2514,8 @@ CVE-2021-45396
 	RESERVED
 CVE-2021-45395
 	RESERVED
-CVE-2021-45394
-	RESERVED
+CVE-2021-45394 (An issue was discovered in Spipu HTML2PDF before 5.2.4. Attackers can  ...)
+	TODO: check
 CVE-2021-45393
 	RESERVED
 CVE-2021-45392
@@ -3739,12 +3929,12 @@ CVE-2021-44842
 	RESERVED
 CVE-2021-44841
 	RESERVED
-CVE-2021-44840
-	RESERVED
+CVE-2021-44840 (An issue was discovered in Delta RM 1.2. Using an privileged account,  ...)
+	TODO: check
 CVE-2021-44839
 	RESERVED
-CVE-2021-44838
-	RESERVED
+CVE-2021-44838 (An issue was discovered in Delta RM 1.2. Using the /risque/risque/ajax ...)
+	TODO: check
 CVE-2021-44837
 	RESERVED
 CVE-2021-44836
@@ -3985,8 +4175,7 @@ CVE-2021-4085
 	RESERVED
 CVE-2021-4084 (pimcore is vulnerable to Improper Neutralization of Input During Web P ...)
 	NOT-FOR-US: Pimcore
-CVE-2021-4083
-	RESERVED
+CVE-2021-4083 (A read-after-free memory flaw was found in the Linux kernel's garbage  ...)
 	- linux 5.15.5-2
 	[bullseye] - linux 5.10.84-1
 	NOTE: https://git.kernel.org/linus/054aa8d439b9185d4f5eb9a90282d1ce74772969 (5.16-rc4)
@@ -3996,8 +4185,8 @@ CVE-2021-4081 (pimcore is vulnerable to Improper Neutralization of Input During
 	NOT-FOR-US: Pimcore
 CVE-2021-44758
 	RESERVED
-CVE-2021-44757
-	RESERVED
+CVE-2021-44757 (Zoho ManageEngine Desktop Central before 10.1.2137.9 and Desktop Centr ...)
+	TODO: check
 CVE-2021-44756
 	RESERVED
 CVE-2021-44755
@@ -4243,8 +4432,8 @@ CVE-2021-44675 (Zoho ManageEngine ServiceDesk Plus MSP before 10.5 Build 10534 i
 	NOT-FOR-US: Zoho ManageEngine
 CVE-2021-4075 (snipe-it is vulnerable to Server-Side Request Forgery (SSRF) ...)
 	NOT-FOR-US: snipe-it
-CVE-2021-4074
-	RESERVED
+CVE-2021-4074 (The WHMCS Bridge WordPress plugin is vulnerable to Stored Cross-Site S ...)
+	TODO: check
 CVE-2021-4073 (The RegistrationMagic WordPress plugin made it possible for unauthenti ...)
 	NOT-FOR-US: WordPress plugin
 CVE-2021-4072 (elgg is vulnerable to Improper Neutralization of Input During Web Page ...)
@@ -4631,8 +4820,8 @@ CVE-2021-44540 (A vulnerability was found in Privoxy which was fixed in get_url_
 	[buster] - privoxy <no-dsa> (Minor issue)
 	NOTE: https://www.openwall.com/lists/oss-security/2021/12/09/1
 	NOTE: https://www.privoxy.org/gitweb/?p=privoxy.git;a=commit;h=652b4b7cb07592c0912cf938a50fcd009fa29a0a (v_3_0_33)
-CVE-2021-43353
-	RESERVED
+CVE-2021-43353 (The Crisp Live Chat WordPress plugin is vulnerable to Cross-Site Reque ...)
+	TODO: check
 CVE-2021-41836 (The Fathom Analytics WordPress plugin is vulnerable to Stored Cross-Si ...)
 	NOT-FOR-US: WordPress plugin
 CVE-2021-4050 (livehelperchat is vulnerable to Improper Neutralization of Input Durin ...)
@@ -5465,8 +5654,8 @@ CVE-2021-44219 (Gin-Vue-Admin before 2.4.6 mishandles a SQL database. ...)
 	NOT-FOR-US: Gin-Vue-Admin
 CVE-2021-44218
 	RESERVED
-CVE-2021-44217
-	RESERVED
+CVE-2021-44217 (In Ericsson CodeChecker through 6.18.0, a Stored Cross-site scripting  ...)
+	TODO: check
 CVE-2021-44216
 	RESERVED
 CVE-2021-44215
@@ -11356,12 +11545,12 @@ CVE-2021-41811
 	RESERVED
 CVE-2021-41810
 	RESERVED
-CVE-2021-41809
-	RESERVED
-CVE-2021-41808
-	RESERVED
-CVE-2021-41807
-	RESERVED
+CVE-2021-41809 (SSRF vulnerability in M-Files Server products with versions before 22. ...)
+	TODO: check
+CVE-2021-41808 (In M-Files Server product with versions before 21.11.10775.0, enabling ...)
+	TODO: check
+CVE-2021-41807 (Lack of rate limiting in M-Files Server and M-Files Web products with  ...)
+	TODO: check
 CVE-2021-41806
 	RESERVED
 CVE-2021-41805 (HashiCorp Consul Enterprise before 1.8.17, 1.9.x before 1.9.11, and 1. ...)
@@ -11979,10 +12168,10 @@ CVE-2021-41553 (** UNSUPPORTED WHEN ASSIGNED ** In ARCHIBUS Web Central 21.3.3.8
 	NOT-FOR-US: ARCHIBUS Web Central
 CVE-2021-41552
 	RESERVED
-CVE-2021-41551
-	RESERVED
-CVE-2021-41550
-	RESERVED
+CVE-2021-41551 (Leostream Connection Broker 9.0.40.17 allows administrators to conduct ...)
+	TODO: check
+CVE-2021-41550 (Leostream Connection Broker 9.0.40.17 allows administrator to upload a ...)
+	TODO: check
 CVE-2021-41549
 	RESERVED
 CVE-2021-41548
@@ -15873,8 +16062,7 @@ CVE-2021-39948
 	RESERVED
 CVE-2021-39947
 	RESERVED
-CVE-2021-39946
-	RESERVED
+CVE-2021-39946 (Improper neutralization of user input in GitLab CE/EE versions 14.3 to ...)
 	- gitlab <unfixed>
 CVE-2021-39945 (Improper access control in the GitLab CE/EE API affecting all versions ...)
 	- gitlab <unfixed>
@@ -15882,8 +16070,7 @@ CVE-2021-39944 (An issue has been discovered in GitLab CE/EE affecting all versi
 	- gitlab <unfixed>
 CVE-2021-39943
 	RESERVED
-CVE-2021-39942
-	RESERVED
+CVE-2021-39942 (A denial of service vulnerability in GitLab CE/EE affecting all versio ...)
 	- gitlab <unfixed>
 CVE-2021-39941 (An information disclosure vulnerability in GitLab CE/EE versions 12.0  ...)
 	- gitlab <unfixed>
@@ -15921,8 +16108,7 @@ CVE-2021-39928 (NULL pointer exception in the IEEE 802.11 dissector in Wireshark
 	[buster] - wireshark <no-dsa> (Minor issue)
 	NOTE: https://gitlab.com/wireshark/wireshark/-/issues/17704
 	NOTE: https://www.wireshark.org/security/wnpa-sec-2021-13.html
-CVE-2021-39927
-	RESERVED
+CVE-2021-39927 (Server side request forgery protections in GitLab CE/EE versions betwe ...)
 	- gitlab <unfixed>
 CVE-2021-39926 (Buffer overflow in the Bluetooth HCI_ISO dissector in Wireshark 3.4.0  ...)
 	{DSA-5019-1}
@@ -16022,8 +16208,8 @@ CVE-2021-39894 (In all versions of GitLab CE/EE since version 8.0, a DNS rebindi
 	- gitlab <unfixed>
 CVE-2021-39893 (A potential DOS vulnerability was discovered in GitLab starting with v ...)
 	- gitlab <unfixed>
-CVE-2021-39892
-	RESERVED
+CVE-2021-39892 (In all versions of GitLab CE/EE since version 12.0, a lower privileged ...)
+	TODO: check
 CVE-2021-39891 (In all versions of GitLab CE/EE since version 8.0, access tokens creat ...)
 	- gitlab <unfixed>
 CVE-2021-39890 (It was possible to bypass 2FA for LDAP users and access some specific  ...)
@@ -18663,12 +18849,12 @@ CVE-2021-38787
 	RESERVED
 CVE-2021-38786
 	RESERVED
-CVE-2021-38785
-	RESERVED
-CVE-2021-38784
-	RESERVED
-CVE-2021-38783
-	RESERVED
+CVE-2021-38785 (There is a NULL pointer deference in the Allwinner R818 SoC Android Q  ...)
+	TODO: check
+CVE-2021-38784 (There is a NULL pointer dereference in the syscall open_exec function  ...)
+	TODO: check
+CVE-2021-38783 (There is a Out-of-Bound Write in the Allwinner R818 SoC Android Q SDK  ...)
+	TODO: check
 CVE-2021-38782
 	RESERVED
 CVE-2021-38781
@@ -18857,14 +19043,14 @@ CVE-2021-38698 (HashiCorp Consul and Consul Enterprise 1.10.1 Txn.Apply endpoint
 	- consul <unfixed>
 	NOTE: https://discuss.hashicorp.com/t/hcsec-2021-24-consul-missing-authorization-check-on-txn-apply-endpoint/29026
 	NOTE: https://github.com/hashicorp/consul/commit/747844bad6410091f2c6e961216c0c5fc285a44d (v1.8.15)
-CVE-2021-38697
-	RESERVED
-CVE-2021-38696
-	RESERVED
-CVE-2021-38695
-	RESERVED
-CVE-2021-38694
-	RESERVED
+CVE-2021-38697 (SoftVibe SARABAN for INFOMA 1.1 allows Unauthenticated unrestricted Fi ...)
+	TODO: check
+CVE-2021-38696 (SoftVibe SARABAN for INFOMA 1.1 has Incorrect Access Control vulnerabi ...)
+	TODO: check
+CVE-2021-38695 (SoftVibe SARABAN for INFOMA 1.1 is vulnerable to stored cross-site scr ...)
+	TODO: check
+CVE-2021-38694 (SoftVibe SARABAN for INFOMA 1.1 allows SQL Injection. ...)
+	TODO: check
 CVE-2021-38693
 	RESERVED
 CVE-2021-38692 (A stack buffer overflow vulnerability has been reported to affect QNAP ...)
@@ -21090,14 +21276,14 @@ CVE-2021-37869
 	RESERVED
 CVE-2021-37868
 	RESERVED
-CVE-2021-37867
-	RESERVED
-CVE-2021-37866
-	RESERVED
-CVE-2021-37865
-	RESERVED
-CVE-2021-37864
-	RESERVED
+CVE-2021-37867 (Mattermost Boards plugin v0.10.0 and earlier fails to protect email ad ...)
+	TODO: check
+CVE-2021-37866 (Mattermost Boards plugin v0.10.0 and earlier fails to invalidate a ses ...)
+	TODO: check
+CVE-2021-37865 (Mattermost 6.2 and earlier fails to sufficiently process a specificall ...)
+	TODO: check
+CVE-2021-37864 (Mattermost 6.1 and earlier fails to sufficiently validate permissions  ...)
+	TODO: check
 CVE-2021-37863 (Mattermost 6.0 and earlier fails to sufficiently validate parameters d ...)
 	TODO: check
 CVE-2021-37862 (Mattermost 6.0 and earlier fails to sufficiently validate the email ad ...)
@@ -27165,7 +27351,7 @@ CVE-2021-35249
 	RESERVED
 CVE-2021-35248 (It has been reported that any Orion user, e.g. guest accounts can quer ...)
 	NOT-FOR-US: SolarWinds
-CVE-2021-35247 (Serv-U web login screen was allowing characters that were not sanitize ...)
+CVE-2021-35247 (Serv-U web login screen to LDAP authentication was allowing characters ...)
 	NOT-FOR-US: SolarWinds
 CVE-2021-35246
 	RESERVED
@@ -29089,18 +29275,18 @@ CVE-2021-34408 (The Zoom Client for Meetings for Windows in all versions before
 	NOT-FOR-US: Zoom Client for Meetings for Windows
 CVE-2021-34407
 	REJECTED
-CVE-2021-34406
-	RESERVED
-CVE-2021-34405
-	RESERVED
-CVE-2021-34404
-	RESERVED
-CVE-2021-34403
-	RESERVED
-CVE-2021-34402
-	RESERVED
-CVE-2021-34401
-	RESERVED
+CVE-2021-34406 (NVIDIA Tegra kernel driver contains a vulnerability in NVHost, where a ...)
+	TODO: check
+CVE-2021-34405 (NVIDIA Linux distributions contain a vulnerability in TrustZone&#8217; ...)
+	TODO: check
+CVE-2021-34404 (Android images for T210 provided by NVIDIA contain a vulnerability in  ...)
+	TODO: check
+CVE-2021-34403 (NVIDIA Linux distributions contain a vulnerability in nvmap ioctl, whi ...)
+	TODO: check
+CVE-2021-34402 (NVIDIA Tegra kernel driver contains a vulnerability in NVIDIA NVDEC, w ...)
+	TODO: check
+CVE-2021-34401 (NVIDIA Linux kernel distributions contain a vulnerability in nvmap NVG ...)
+	TODO: check
 CVE-2021-34400 (NVIDIA GPU and Tegra hardware contain a vulnerability in the internal  ...)
 	NOT-FOR-US: NVIDIA
 CVE-2021-34399 (NVIDIA GPU and Tegra hardware contain a vulnerability in the internal  ...)
@@ -30017,10 +30203,10 @@ CVE-2021-33967
 	RESERVED
 CVE-2021-33966
 	RESERVED
-CVE-2021-33965
-	RESERVED
-CVE-2021-33964
-	RESERVED
+CVE-2021-33965 (China Mobile An Lianbao WF-1 V1.0.1 router provides a web interface /a ...)
+	TODO: check
+CVE-2021-33964 (China Mobile An Lianbao WF-1 V1.0.1 router provides a web interface /a ...)
+	TODO: check
 CVE-2021-33963 (China Mobile An Lianbao WF-1 v1.0.1 router web interface through /api/ ...)
 	NOT-FOR-US: China Mobile An Lianbao WF-1 router web interface
 CVE-2021-33962 (China Mobile An Lianbao WF-1 router v1.0.1 is affected by an OS comman ...)
@@ -35593,7 +35779,8 @@ CVE-2021-31773
 	RESERVED
 CVE-2021-31772
 	RESERVED
-CVE-2021-31771 (** DISPUTED ** Splinterware System Scheduler Professional version 5.30 ...)
+CVE-2021-31771
+	REJECTED
 	NOT-FOR-US: Splinterware
 CVE-2021-31770
 	RESERVED
@@ -40555,8 +40742,8 @@ CVE-2021-29874
 	RESERVED
 CVE-2021-29873 (IBM Flash System 900 could allow an authenticated attacker to obtain s ...)
 	NOT-FOR-US: IBM
-CVE-2021-29872
-	RESERVED
+CVE-2021-29872 (IBM Cloud Pak for Automation 21.0.1 and 21.0.2 - Business Automation S ...)
+	TODO: check
 CVE-2021-29871
 	RESERVED
 CVE-2021-29870
@@ -41081,8 +41268,8 @@ CVE-2021-29634
 	RESERVED
 CVE-2021-29633
 	RESERVED
-CVE-2021-29632
-	RESERVED
+CVE-2021-29632 (In FreeBSD 13.0-STABLE before n247428-9352de39c3dc, 12.2-STABLE before ...)
+	TODO: check
 CVE-2021-29631 (In FreeBSD 13.0-STABLE before n246941-20f96f215562, 12.2-STABLE before ...)
 	NOT-FOR-US: FreeBSD
 CVE-2021-29630 (In FreeBSD 13.0-STABLE before n246938-0729ba2f49c9, 12.2-STABLE before ...)
@@ -42144,8 +42331,8 @@ CVE-2021-29217
 	RESERVED
 CVE-2021-29216
 	RESERVED
-CVE-2021-29215
-	RESERVED
+CVE-2021-29215 (A potential security vulnerability in HPE Ezmeral Data Fabric that may ...)
+	TODO: check
 CVE-2021-29214 (A security vulnerability has been identified in HPE StoreServ Manageme ...)
 	NOT-FOR-US: HPE
 CVE-2021-29213 (A potential local bypass of security restrictions vulnerability has be ...)
@@ -57799,8 +57986,8 @@ CVE-2021-22568 (When using the dart pub publish command to publish a package to
 	TODO: check
 CVE-2021-22567 (Bidirectional Unicode text can be interpreted and compiled differently ...)
 	TODO: check
-CVE-2021-22566
-	RESERVED
+CVE-2021-22566 (An incorrect setting of UXN bits within mmu_flags_to_s1_pte_attr lead  ...)
+	TODO: check
 CVE-2021-22565 (An attacker could prematurely expire a verification code, making it un ...)
 	TODO: check
 CVE-2021-22564 (For certain valid JPEG XL images with a size slightly larger than an i ...)