automatic update

1 files changed, 97 insertions, 22 deletions

diff --git a/data/CVE/list.2022 b/data/CVE/list.2022
index f6db88cfdf..778c5acaa5 100644
--- a/data/CVE/list.2022
+++ b/data/CVE/list.2022
@@ -1,3 +1,75 @@
+CVE-2022-23834
+	RESERVED
+CVE-2022-23833
+	RESERVED
+CVE-2022-23832
+	RESERVED
+CVE-2022-23831
+	RESERVED
+CVE-2022-23830
+	RESERVED
+CVE-2022-23829
+	RESERVED
+CVE-2022-23828
+	RESERVED
+CVE-2022-23827
+	RESERVED
+CVE-2022-23826
+	RESERVED
+CVE-2022-23825
+	RESERVED
+CVE-2022-23824
+	RESERVED
+CVE-2022-23823
+	RESERVED
+CVE-2022-23822
+	RESERVED
+CVE-2022-23821
+	RESERVED
+CVE-2022-23820
+	RESERVED
+CVE-2022-23819
+	RESERVED
+CVE-2022-23818
+	RESERVED
+CVE-2022-23817
+	RESERVED
+CVE-2022-23816
+	RESERVED
+CVE-2022-23815
+	RESERVED
+CVE-2022-23814
+	RESERVED
+CVE-2022-23813
+	RESERVED
+CVE-2022-22146
+	RESERVED
+CVE-2022-21193
+	RESERVED
+CVE-2022-21176
+	RESERVED
+CVE-2022-21143
+	RESERVED
+CVE-2022-21141
+	RESERVED
+CVE-2022-0335
+	RESERVED
+CVE-2022-0334
+	RESERVED
+CVE-2022-0333
+	RESERVED
+CVE-2022-0332
+	RESERVED
+CVE-2022-0331
+	RESERVED
+CVE-2022-0330
+	RESERVED
+CVE-2022-0329 (Code Injection in PyPi loguru prior to and including 0.5.3. ...)
+	TODO: check
+CVE-2022-0328
+	RESERVED
+CVE-2022-0327
+	RESERVED
 CVE-2022-23809
 	RESERVED
 CVE-2022-23808
@@ -66,18 +138,18 @@ CVE-2022-23780
 	RESERVED
 CVE-2022-21147
 	RESERVED
-CVE-2022-0323
-	RESERVED
+CVE-2022-0323 (Improper Neutralization of Special Elements Used in a Template Engine  ...)
+	TODO: check
 CVE-2022-0322
 	RESERVED
 CVE-2022-0321
 	RESERVED
 CVE-2022-0320
 	RESERVED
-CVE-2022-0319
-	RESERVED
-CVE-2022-0318
-	RESERVED
+CVE-2022-0319 (Out-of-bounds Read in Conda vim prior to 8.2. ...)
+	TODO: check
+CVE-2022-0318 (Heap-based Buffer Overflow in vim/vim prior to 8.2. ...)
+	TODO: check
 CVE-2022-0317
 	RESERVED
 CVE-2022-0316
@@ -186,8 +258,8 @@ CVE-2022-23730
 	RESERVED
 CVE-2022-23729
 	RESERVED
-CVE-2022-23728
-	RESERVED
+CVE-2022-23728 (Attacker can reset the device with AT Command in the process of reboot ...)
+	TODO: check
 CVE-2022-23727
 	RESERVED
 CVE-2022-23726
@@ -1162,7 +1234,7 @@ CVE-2022-21801
 	RESERVED
 CVE-2022-21796
 	RESERVED
-CVE-2022-0274 (Cross-site Scripting (XSS) - Stored in NPM cypress-orchardcore prior t ...)
+CVE-2022-0274 (Cross-site Scripting (XSS) - Stored in NuGet OrchardCore.Application.C ...)
 	NOT-FOR-US: Orchard CMS
 CVE-2022-0273
 	RESERVED
@@ -1257,7 +1329,7 @@ CVE-2022-0245 (Cross-Site Request Forgery (CSRF) in GitHub repository livehelper
 	NOT-FOR-US: livehelperchat
 CVE-2022-0244 (An issue has been discovered in GitLab CE/EE affecting all versions st ...)
 	- gitlab <unfixed>
-CVE-2022-0243 (Cross-site Scripting (XSS) - Stored in GitHub repository orchardcms/or ...)
+CVE-2022-0243 (Cross-site Scripting (XSS) - Stored in NuGet OrchardCore.Application.C ...)
 	TODO: check
 CVE-2022-23302 (JMSSink in all versions of Log4j 1.x is vulnerable to deserialization  ...)
 	- apache-log4j1.2 <unfixed>
@@ -1436,8 +1508,8 @@ CVE-2022-23223
 	RESERVED
 CVE-2022-23221 (H2 Console before 2.1.210 allows remote attackers to execute arbitrary ...)
 	TODO: check
-CVE-2022-23220 [usbview polkit policy local root exploit]
-	RESERVED
+CVE-2022-23220 (USBView 2.1 before 2.2 allows some local users (e.g., ones logged in v ...)
+	{DSA-5052-1}
 	- usbview 2.0-21-g6fe2f4f-2.1
 	[stretch] - usbview <not-affected> (Vulnerable code introduced later)
 	NOTE: https://www.openwall.com/lists/oss-security/2022/01/21/1
@@ -1740,14 +1812,14 @@ CVE-2022-23131 (In the case of instances where the SAML SSO authentication is en
 	- zabbix <undetermined>
 	NOTE: https://support.zabbix.com/browse/ZBX-20350
 	TODO: check, possibly only affecting 5.4.0 onwards
-CVE-2022-23130
-	RESERVED
-CVE-2022-23129
-	RESERVED
-CVE-2022-23128
-	RESERVED
-CVE-2022-23127
-	RESERVED
+CVE-2022-23130 (Buffer Over-read vulnerability in Mitsubishi Electric MC Works64 versi ...)
+	TODO: check
+CVE-2022-23129 (Plaintext Storage of a Password vulnerability in Mitsubishi Electric M ...)
+	TODO: check
+CVE-2022-23128 (Incomplete List of Disallowed Inputs vulnerability in Mitsubishi Elect ...)
+	TODO: check
+CVE-2022-23127 (Cross-site Scripting vulnerability in Mitsubishi Electric MC Works64 v ...)
+	TODO: check
 CVE-2022-23126
 	RESERVED
 CVE-2022-0198 (corenlp is vulnerable to Improper Restriction of XML External Entity R ...)
@@ -2498,14 +2570,17 @@ CVE-2022-22819
 CVE-2022-22818
 	RESERVED
 CVE-2022-22817 (PIL.ImageMath.eval in Pillow before 9.0.0 allows evaluation of arbitra ...)
+	{DSA-5053-1}
 	- pillow 9.0.0-1
 	NOTE: https://pillow.readthedocs.io/en/stable/releasenotes/9.0.0.html#restrict-builtins-available-to-imagemath-eval
 	NOTE: https://github.com/python-pillow/Pillow/commit/8531b01d6cdf0b70f256f93092caa2a5d91afc11 (9.0.0)
 CVE-2022-22816 (path_getbbox in path.c in Pillow before 9.0.0 has a buffer over-read d ...)
+	{DSA-5053-1}
 	- pillow 9.0.0-1
 	NOTE: https://pillow.readthedocs.io/en/stable/releasenotes/9.0.0.html#fixed-imagepath-path-array-handling
 	NOTE: https://github.com/python-pillow/Pillow/commit/c48271ab354db49cdbd740bc45e13be4f0f7993c (9.0.0)
 CVE-2022-22815 (path_getbbox in path.c in Pillow before 9.0.0 improperly initializes I ...)
+	{DSA-5053-1}
 	- pillow 9.0.0-1
 	NOTE: https://pillow.readthedocs.io/en/stable/releasenotes/9.0.0.html#fixed-imagepath-path-array-handling
 	NOTE: https://github.com/python-pillow/Pillow/commit/1e092419b6806495c683043ab3feb6ce264f3b9c (9.0.0)
@@ -4760,8 +4835,8 @@ CVE-2022-21935
 	RESERVED
 CVE-2022-21934
 	RESERVED
-CVE-2022-21933
-	RESERVED
+CVE-2022-21933 (ASUS VivoMini/Mini PC device has an improper input validation vulnerab ...)
+	TODO: check
 CVE-2022-21932 (Microsoft Dynamics 365 Customer Engagement Cross-Site Scripting Vulner ...)
 	NOT-FOR-US: Microsoft
 CVE-2022-21931 (Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability. T ...)