automatic update

author: security tracker role <sectracker@soriano.debian.org> 2022-02-10 08:10:10 +0000
committer: security tracker role <sectracker@soriano.debian.org> 2022-02-10 08:10:10 +0000
commit: 07d03276937eb257bca4306c7a33bef5110a80ba (patch)
tree: c69bcfcc7e1b14eb32fa51157e114d76d5cbee7f /data
parent: 5d3facfa8733748693dac2874fac70287e6db17b (diff)
3 files changed, 370 insertions, 359 deletions
diff --git a/data/CVE/list.2020 b/data/CVE/list.2020
index ac7f8fc503..39f7e557f7 100644
--- a/data/CVE/list.2020
+++ b/data/CVE/list.2020
@@ -42059,8 +42059,8 @@ CVE-2020-12990
 	REJECTED
 CVE-2020-12989
 	REJECTED
-CVE-2020-12988
-	REJECTED
+CVE-2020-12988 (A potential denial of service (DoS) vulnerability exists in the integr ...)
+	TODO: check
 CVE-2020-12987 (A heap information leak/kernel pool address disclosure vulnerability i ...)
 	NOT-FOR-US: AMD
 CVE-2020-12986 (An insufficient pointer validation vulnerability in the AMD Graphics D ...)
diff --git a/data/CVE/list.2021 b/data/CVE/list.2021
index cc96db0fb2..e45a6417d8 100644
--- a/data/CVE/list.2021
+++ b/data/CVE/list.2021
@@ -3551,8 +3551,8 @@ CVE-2021-45288 (A Double Free vulnerability exists in filedump.c in GPAC 1.0.1,
 	NOTE: https://github.com/gpac/gpac/commit/9bbce9634cba1128aa4b96d590be578ae3ce80b3
 CVE-2021-45287
 	RESERVED
-CVE-2021-45286
-	RESERVED
+CVE-2021-45286 (Directory Traversal vulnerability exists in ZZCMS 2021 via the skin pa ...)
+	TODO: check
 CVE-2021-45285
 	RESERVED
 CVE-2021-45284
@@ -5042,8 +5042,8 @@ CVE-2021-44545
 	RESERVED
 CVE-2021-44457
 	RESERVED
-CVE-2021-44454
-	RESERVED
+CVE-2021-44454 (Improper input validation in a third-party component for Intel(R) Quar ...)
+	TODO: check
 CVE-2021-43351
 	RESERVED
 CVE-2021-4080 (crater is vulnerable to Unrestricted Upload of File with Dangerous Typ ...)
@@ -5056,8 +5056,8 @@ CVE-2021-23188
 	RESERVED
 CVE-2021-23168
 	RESERVED
-CVE-2021-23152
-	RESERVED
+CVE-2021-23152 (Improper access control in the Intel(R) Advisor software before versio ...)
+	TODO: check
 CVE-2021-23145
 	RESERVED
 CVE-2021-XXXX [Rainloop stores passwords in cleartext in logfile]
@@ -15177,7 +15177,7 @@ CVE-2021-40698
 CVE-2021-40697 (Adobe Framemaker versions 2019 Update 8 (and earlier) and 2020 Release ...)
 	NOT-FOR-US: Adobe
 CVE-2021-40696
-	RESERVED
+	REJECTED
 CVE-2021-40695 (It was possible for a student to view their quiz grade before it had b ...)
 	- moodle <removed>
 CVE-2021-40694 (Insufficient escaping of the LaTeX preamble made it possible for site  ...)
@@ -16849,10 +16849,10 @@ CVE-2021-40047
 	RESERVED
 CVE-2021-40046
 	RESERVED
-CVE-2021-40045
-	RESERVED
-CVE-2021-40044
-	RESERVED
+CVE-2021-40045 (There is a vulnerability of signature verification mechanism failure i ...)
+	TODO: check
+CVE-2021-40044 (There is a permission verification vulnerability in the Bluetooth modu ...)
+	TODO: check
 CVE-2021-40043
 	RESERVED
 CVE-2021-40042 (There is a release of invalid pointer vulnerability in some Huawei pro ...)
@@ -16909,8 +16909,8 @@ CVE-2021-40017
 	RESERVED
 CVE-2021-40016
 	RESERVED
-CVE-2021-40015
-	RESERVED
+CVE-2021-40015 (There is a race condition vulnerability in the binder driver subsystem ...)
+	TODO: check
 CVE-2021-40014 (The bone voice ID trusted application (TA) has a heap overflow vulnera ...)
 	NOT-FOR-US: Huawei
 CVE-2021-40013
@@ -16945,20 +16945,20 @@ CVE-2021-39999
 	RESERVED
 CVE-2021-39998 (There is Vulnerability of APIs being concurrently called for multiple  ...)
 	NOT-FOR-US: Huawei
-CVE-2021-39997
-	RESERVED
+CVE-2021-39997 (There is a vulnerability of unstrict input parameter verification in t ...)
+	TODO: check
 CVE-2021-39996 (There is a Heap-based buffer overflow vulnerability with the NFC modul ...)
 	NOT-FOR-US: Huawei
 CVE-2021-39995 (Some Huawei products use the OpenHpi software for hardware management. ...)
 	NOT-FOR-US: Huawei
-CVE-2021-39994
-	RESERVED
+CVE-2021-39994 (There is an arbitrary address access vulnerability with the product li ...)
+	TODO: check
 CVE-2021-39993 (There is an Integer overflow vulnerability with ACPU in smartphones. S ...)
 	NOT-FOR-US: Huawei
-CVE-2021-39992
-	RESERVED
-CVE-2021-39991
-	RESERVED
+CVE-2021-39992 (There is an improper security permission configuration vulnerability o ...)
+	TODO: check
+CVE-2021-39991 (There is an unauthorized rewriting vulnerability with the memory acces ...)
+	TODO: check
 CVE-2021-39990 (The screen lock module has a Stack-based Buffer Overflow vulnerability ...)
 	NOT-FOR-US: Huawei
 CVE-2021-39989 (The HwNearbyMain module has a Exposure of Sensitive Information to an  ...)
@@ -16967,8 +16967,8 @@ CVE-2021-39988 (The HwNearbyMain module has a NULL Pointer Dereference vulnerabi
 	NOT-FOR-US: Huawei
 CVE-2021-39987 (The HwNearbyMain module has a Data Processing Errors vulnerability.Suc ...)
 	NOT-FOR-US: Huawei
-CVE-2021-39986
-	RESERVED
+CVE-2021-39986 (There is an unauthorized rewriting vulnerability with the memory acces ...)
+	TODO: check
 CVE-2021-39985 (The HwNearbyMain module has a Improper Validation of Array Index vulne ...)
 	NOT-FOR-US: Huawei
 CVE-2021-39984 (Huawei idap module has a Out-of-bounds Read vulnerability.Successful e ...)
@@ -17053,8 +17053,8 @@ CVE-2021-39945 (Improper access control in the GitLab CE/EE API affecting all ve
 	- gitlab <unfixed>
 CVE-2021-39944 (An issue has been discovered in GitLab CE/EE affecting all versions st ...)
 	- gitlab <unfixed>
-CVE-2021-39943
-	RESERVED
+CVE-2021-39943 (An authorization logic error in the External Status Check API in GitLa ...)
+	TODO: check
 CVE-2021-39942 (A denial of service vulnerability in GitLab CE/EE affecting all versio ...)
 	- gitlab <unfixed>
 CVE-2021-39941 (An information disclosure vulnerability in GitLab CE/EE versions 12.0  ...)
@@ -24078,8 +24078,8 @@ CVE-2021-37117 (There is a Service logic vulnerability in Smartphone.Successful
 	NOT-FOR-US: Huawei
 CVE-2021-37116 (PCManager has a Weaknesses Introduced During Design vulnerability .Suc ...)
 	NOT-FOR-US: Huawei
-CVE-2021-37115
-	RESERVED
+CVE-2021-37115 (There is an unauthorized rewriting vulnerability with the memory acces ...)
+	TODO: check
 CVE-2021-37114 (There is an Out-of-bounds read vulnerability in Smartphone.Successful  ...)
 	NOT-FOR-US: Huawei
 CVE-2021-37113 (There is a Privilege escalation vulnerability with the file system com ...)
@@ -24090,12 +24090,12 @@ CVE-2021-37111 (There is a Memory leakage vulnerability in Smartphone.Successful
 	NOT-FOR-US: Huawei
 CVE-2021-37110 (There is a Timing design defects in Smartphone.Successful exploitation ...)
 	NOT-FOR-US: Huawei
-CVE-2021-37109
-	RESERVED
+CVE-2021-37109 (There is a security protection bypass vulnerability with the modem.Suc ...)
+	TODO: check
 CVE-2021-37108
 	RESERVED
-CVE-2021-37107
-	RESERVED
+CVE-2021-37107 (There is an improper memory access permission configuration on ACPU.Su ...)
+	TODO: check
 CVE-2021-37106 (There is a command injection vulnerability in CMA service module of Fu ...)
 	NOT-FOR-US: FusionCompute (Huawei)
 CVE-2021-37105 (There is an improper file upload control vulnerability in FusionComput ...)
@@ -25889,8 +25889,8 @@ CVE-2021-36304
 	RESERVED
 CVE-2021-36303
 	RESERVED
-CVE-2021-36302
-	RESERVED
+CVE-2021-36302 (All Dell EMC Integrated System for Microsoft Azure Stack Hub versions  ...)
+	TODO: check
 CVE-2021-36301 (Dell iDRAC 9 prior to version 4.40.40.00 and iDRAC 8 prior to version  ...)
 	NOT-FOR-US: Dell
 CVE-2021-36300 (iDRAC9 versions prior to 5.00.00.00 contain an improper input validati ...)
@@ -33241,8 +33241,8 @@ CVE-2021-33168
 	RESERVED
 CVE-2021-33167
 	RESERVED
-CVE-2021-33166
-	RESERVED
+CVE-2021-33166 (Incorrect default permissions for the Intel(R) RXT for Chromebook appl ...)
+	TODO: check
 CVE-2021-33165
 	RESERVED
 CVE-2021-33164
@@ -33263,8 +33263,8 @@ CVE-2021-33157
 	RESERVED
 CVE-2021-33156
 	RESERVED
-CVE-2021-33155
-	RESERVED
+CVE-2021-33155 (Improper input validation in firmware for some Intel(R) Wireless Bluet ...)
+	TODO: check
 CVE-2021-33154
 	RESERVED
 CVE-2021-33153
@@ -33279,8 +33279,8 @@ CVE-2021-33149
 	RESERVED
 CVE-2021-33148
 	RESERVED
-CVE-2021-33147
-	RESERVED
+CVE-2021-33147 (Improper conditions check in the Intel(R) IPP Crypto library before ve ...)
+	TODO: check
 CVE-2021-33146
 	RESERVED
 CVE-2021-33145
@@ -33295,12 +33295,12 @@ CVE-2021-33141
 	RESERVED
 CVE-2021-33140
 	RESERVED
-CVE-2021-33139
-	RESERVED
+CVE-2021-33139 (Improper conditions check in firmware for some Intel(R) Wireless Bluet ...)
+	TODO: check
 CVE-2021-33138
 	RESERVED
-CVE-2021-33137
-	RESERVED
+CVE-2021-33137 (Out-of-bounds write in the Intel(R) Kernelflinger project may allow an ...)
+	TODO: check
 CVE-2021-33136
 	RESERVED
 CVE-2021-33135
@@ -33315,8 +33315,8 @@ CVE-2021-33131
 	RESERVED
 CVE-2021-33130
 	RESERVED
-CVE-2021-33129
-	RESERVED
+CVE-2021-33129 (Incorrect default permissions in the software installer for the Intel( ...)
+	TODO: check
 CVE-2021-33128
 	RESERVED
 CVE-2021-33127
@@ -33333,40 +33333,38 @@ CVE-2021-33122
 	RESERVED
 CVE-2021-33121
 	RESERVED
-CVE-2021-33120
-	RESERVED
+CVE-2021-33120 (Out of bounds read under complex microarchitectural condition in memor ...)
 	- intel-microcode <unfixed>
 	NOTE: https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00589.html
-CVE-2021-33119
-	RESERVED
+CVE-2021-33119 (Improper access control in the Intel(R) RealSense(TM) DCM before versi ...)
+	TODO: check
 CVE-2021-33118 (Improper access control in the software installer for the Intel(R) Ser ...)
 	NOT-FOR-US: Intel
 CVE-2021-33117
 	RESERVED
 CVE-2021-33116
 	RESERVED
-CVE-2021-33115
-	RESERVED
-CVE-2021-33114
-	RESERVED
-CVE-2021-33113
-	RESERVED
+CVE-2021-33115 (Improper input validation for some Intel(R) PROSet/Wireless WiFi in UE ...)
+	TODO: check
+CVE-2021-33114 (Improper input validation for some Intel(R) PROSet/Wireless WiFi in mu ...)
+	TODO: check
+CVE-2021-33113 (Improper input validation for some Intel(R) PROSet/Wireless WiFi in mu ...)
+	TODO: check
 CVE-2021-33112
 	RESERVED
 CVE-2021-33111
 	RESERVED
-CVE-2021-33110
-	RESERVED
+CVE-2021-33110 (Improper input validation for some Intel(R) Wireless Bluetooth(R) prod ...)
+	TODO: check
 CVE-2021-33109
 	RESERVED
 CVE-2021-33108
 	RESERVED
-CVE-2021-33107
-	RESERVED
+CVE-2021-33107 (Insufficiently protected credentials in USB provisioning for Intel(R)  ...)
+	TODO: check
 CVE-2021-33106 (Integer overflow in the Safestring library maintained by Intel(R) may  ...)
 	NOT-FOR-US: Intel
-CVE-2021-33105
-	RESERVED
+CVE-2021-33105 (Out-of-bounds read in some Intel(R) Core(TM) processors with Radeon(TM ...)
 	NOT-FOR-US: Intel
 CVE-2021-33104
 	RESERVED
@@ -33374,8 +33372,8 @@ CVE-2021-33103
 	RESERVED
 CVE-2021-33102
 	RESERVED
-CVE-2021-33101
-	RESERVED
+CVE-2021-33101 (Uncontrolled search path in the Intel(R) GPA software before version 2 ...)
+	TODO: check
 CVE-2021-33100
 	RESERVED
 CVE-2021-33099
@@ -33387,8 +33385,8 @@ CVE-2021-33098 (Improper input validation in the Intel(R) Ethernet ixgbe driver
 	NOTE: https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00555.html
 CVE-2021-33097 (Time-of-check time-of-use vulnerability in the Crypto API Toolkit for  ...)
 	NOT-FOR-US: Intel
-CVE-2021-33096
-	RESERVED
+CVE-2021-33096 (Improper isolation of shared resources in network on chip for the Inte ...)
+	TODO: check
 CVE-2021-33095 (Unquoted search path in the installer for the Intel(R) NUC M15 Laptop  ...)
 	NOT-FOR-US: Intel
 CVE-2021-33094 (Insecure inherited permissions in the installer for the Intel(R) NUC M ...)
@@ -33443,8 +33441,8 @@ CVE-2021-33070
 	RESERVED
 CVE-2021-33069
 	RESERVED
-CVE-2021-33068
-	RESERVED
+CVE-2021-33068 (Null pointer dereference in subsystem for Intel(R) AMT before versions ...)
+	TODO: check
 CVE-2021-33067
 	RESERVED
 CVE-2021-33066
@@ -33457,8 +33455,8 @@ CVE-2021-33063 (Uncontrolled search path in the Intel(R) RealSense(TM) D400 Seri
 	NOT-FOR-US: Intel
 CVE-2021-33062 (Incorrect default permissions in the software installer for the Intel( ...)
 	NOT-FOR-US: Intel
-CVE-2021-33061
-	RESERVED
+CVE-2021-33061 (Insufficient control flow management for the Intel(R) 82599 Ethernet C ...)
+	TODO: check
 CVE-2021-33060
 	RESERVED
 CVE-2021-33059 (Improper input validation in the Intel(R) Administrative Tools for Int ...)
@@ -49562,14 +49560,14 @@ CVE-2021-26618
 	RESERVED
 CVE-2021-26617
 	RESERVED
-CVE-2021-26616
-	RESERVED
+CVE-2021-26616 (An OS command injection was found in SecuwaySSL, when special characte ...)
+	TODO: check
 CVE-2021-26615 (ARK library allows attackers to execute remote code via the parameter( ...)
 	NOT-FOR-US: ARK library
 CVE-2021-26614 (ius_get.cgi in IpTime C200 camera allows remote code execution. A remo ...)
 	NOT-FOR-US: IpTime C200 camera
-CVE-2021-26613
-	RESERVED
+CVE-2021-26613 (improper input validation vulnerability in nexacro permits copying fil ...)
+	TODO: check
 CVE-2021-26612 (An improper input validation leading to arbitrary file creation was di ...)
 	NOT-FOR-US: Tobesoft Nexacro
 CVE-2021-26611 (HejHome GKW-IC052 IP Camera contained a hard-coded credentials vulnera ...)
@@ -58171,8 +58169,8 @@ CVE-2021-22956 (An uncontrolled resource consumption vulnerability exists in Cit
 	NOT-FOR-US: Citrix
 CVE-2021-22955 (A unauthenticated denial of service vulnerability exists in Citrix ADC ...)
 	NOT-FOR-US: Citrix
-CVE-2021-22954
-	RESERVED
+CVE-2021-22954 (A cross-site request forgery vulnerability exists in Concrete CMS &lt; ...)
+	TODO: check
 CVE-2021-22953 (A CSRF in Concrete CMS version 8.5.5 and below allows an attacker to c ...)
 	NOT-FOR-US: Concrete CMS
 CVE-2021-22952 (A vulnerability found in UniFi Talk application V1.12.3 and earlier pe ...)
@@ -58568,8 +58566,8 @@ CVE-2021-22819 (A CWE-1021 Improper Restriction of Rendered UI Layers or Frames
 	NOT-FOR-US: Schneider Electric
 CVE-2021-22818 (A CWE-307 Improper Restriction of Excessive Authentication Attempts vu ...)
 	NOT-FOR-US: Schneider Electric
-CVE-2021-22817
-	RESERVED
+CVE-2021-22817 (A CWE-276: Incorrect Default Permissions vulnerability exists that cou ...)
+	TODO: check
 CVE-2021-22816 (A CWE-754: Improper Check for Unusual or Exceptional Conditions vulner ...)
 	NOT-FOR-US: Schneider Electric
 CVE-2021-22815 (A CWE-200: Information Exposure vulnerability exists which could cause ...)
@@ -70440,52 +70438,52 @@ CVE-2021-0185
 	RESERVED
 CVE-2021-0184
 	RESERVED
-CVE-2021-0183
-	RESERVED
+CVE-2021-0183 (Improper Validation of Specified Index, Position, or Offset in Input i ...)
+	TODO: check
 CVE-2021-0182 (Uncontrolled resource consumption in the Intel(R) HAXM software before ...)
 	NOT-FOR-US: Intel Hardware Accelerated Execution Manager
 CVE-2021-0181
 	RESERVED
 CVE-2021-0180 (Uncontrolled resource consumption in the Intel(R) HAXM software before ...)
 	NOT-FOR-US: Intel Hardware Accelerated Execution Manager
-CVE-2021-0179
-	RESERVED
-CVE-2021-0178
-	RESERVED
-CVE-2021-0177
-	RESERVED
-CVE-2021-0176
-	RESERVED
-CVE-2021-0175
-	RESERVED
-CVE-2021-0174
-	RESERVED
-CVE-2021-0173
-	RESERVED
-CVE-2021-0172
-	RESERVED
-CVE-2021-0171
-	RESERVED
-CVE-2021-0170
-	RESERVED
-CVE-2021-0169
-	RESERVED
-CVE-2021-0168
-	RESERVED
-CVE-2021-0167
-	RESERVED
-CVE-2021-0166
-	RESERVED
-CVE-2021-0165
-	RESERVED
-CVE-2021-0164
-	RESERVED
-CVE-2021-0163
-	RESERVED
-CVE-2021-0162
-	RESERVED
-CVE-2021-0161
-	RESERVED
+CVE-2021-0179 (Improper Use of Validation Framework in software for Intel(R) PROSet/W ...)
+	TODO: check
+CVE-2021-0178 (Improper input validation in software for Intel(R) PROSet/Wireless Wi- ...)
+	TODO: check
+CVE-2021-0177 (Improper Validation of Consistency within input in software for Intel( ...)
+	TODO: check
+CVE-2021-0176 (Improper input validation in firmware for some Intel(R) PROSet/Wireles ...)
+	TODO: check
+CVE-2021-0175 (Improper Validation of Specified Index, Position, or Offset in Input i ...)
+	TODO: check
+CVE-2021-0174 (Improper Use of Validation Framework in firmware for some Intel(R) PRO ...)
+	TODO: check
+CVE-2021-0173 (Improper Validation of Consistency within input in firmware for some I ...)
+	TODO: check
+CVE-2021-0172 (Improper input validation in firmware for some Intel(R) PROSet/Wireles ...)
+	TODO: check
+CVE-2021-0171 (Improper access control in software for Intel(R) PROSet/Wireless Wi-Fi ...)
+	TODO: check
+CVE-2021-0170 (Exposure of Sensitive Information to an Unauthorized Actor in firmware ...)
+	TODO: check
+CVE-2021-0169 (Uncontrolled Search Path Element in software for Intel(R) PROSet/Wirel ...)
+	TODO: check
+CVE-2021-0168 (Improper input validation in firmware for some Intel(R) PROSet/Wireles ...)
+	TODO: check
+CVE-2021-0167 (Improper access control in software for Intel(R) PROSet/Wireless Wi-Fi ...)
+	TODO: check
+CVE-2021-0166 (Exposure of Sensitive Information to an Unauthorized Actor in firmware ...)
+	TODO: check
+CVE-2021-0165 (Improper input validation in firmware for Intel(R) PROSet/Wireless Wi- ...)
+	TODO: check
+CVE-2021-0164 (Improper access control in firmware for Intel(R) PROSet/Wireless Wi-Fi ...)
+	TODO: check
+CVE-2021-0163 (Improper Validation of Consistency within input in software for Intel( ...)
+	TODO: check
+CVE-2021-0162 (Improper input validation in software for Intel(R) PROSet/Wireless Wi- ...)
+	TODO: check
+CVE-2021-0161 (Improper input validation in firmware for Intel(R) PROSet/Wireless Wi- ...)
+	TODO: check
 CVE-2021-0160 (Uncontrolled search path in some Intel(R) NUC Pro Chassis Element Aver ...)
 	NOT-FOR-US: Intel
 CVE-2021-0159
@@ -70494,8 +70492,8 @@ CVE-2021-0158 (Improper input validation in the BIOS firmware for some Intel(R)
 	NOT-FOR-US: Intel
 CVE-2021-0157 (Insufficient control flow management in the BIOS firmware for some Int ...)
 	NOT-FOR-US: Intel
-CVE-2021-0156
-	RESERVED
+CVE-2021-0156 (Improper input validation in the firmware for some Intel(R) Processors ...)
+	TODO: check
 CVE-2021-0155
 	RESERVED
 CVE-2021-0154
@@ -70512,14 +70510,14 @@ CVE-2021-0149
 	RESERVED
 CVE-2021-0148 (Insertion of information into log file in firmware for some Intel(R) S ...)
 	NOT-FOR-US: Intel
-CVE-2021-0147
-	RESERVED
+CVE-2021-0147 (Improper locking in the Power Management Controller (PMC) for some Int ...)
+	TODO: check
 CVE-2021-0146 (Hardware allows activation of test or debug logic at runtime for some  ...)
 	- intel-microcode <unfixed>
 	NOTE: https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00528.html
 	NOTE: https://github.com/intel/Intel-Linux-Processor-Microcode-Data-Files/releases/tag/microcode-20220207
-CVE-2021-0145
-	RESERVED
+CVE-2021-0145 (Improper initialization of shared resources in some Intel(R) Processor ...)
+	TODO: check
 CVE-2021-0144 (Insecure default variable initialization for the Intel BSSA DFT featur ...)
 	NOT-FOR-US: Intel
 CVE-2021-0143 (Improper permissions in the installer for the Intel(R) Brand Verificat ...)
@@ -70560,17 +70558,16 @@ CVE-2021-0129 (Improper access control in BlueZ may allow an authenticated user
 	NOTE: https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00517.html
 CVE-2021-0128
 	RESERVED
-CVE-2021-0127
-	RESERVED
+CVE-2021-0127 (Insufficient control flow management in some Intel(R) Processors may a ...)
 	- intel-microcode <unfixed>
 	NOTE: https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00532.html
 	NOTE: https://github.com/intel/Intel-Linux-Processor-Microcode-Data-Files/releases/tag/microcode-20220207
 CVE-2021-0126
 	RESERVED
-CVE-2021-0125
-	RESERVED
-CVE-2021-0124
-	RESERVED
+CVE-2021-0125 (Improper initialization in the firmware for some Intel(R) Processors m ...)
+	TODO: check
+CVE-2021-0124 (Improper access control in the firmware for some Intel(R) Processors m ...)
+	TODO: check
 CVE-2021-0123
 	RESERVED
 CVE-2021-0122
@@ -70579,48 +70576,48 @@ CVE-2021-0121 (Improper access control in the installer for some Intel(R) Iris(R
 	NOT-FOR-US: Intel
 CVE-2021-0120 (Improper initialization in the installer for some Intel(R) Graphics DC ...)
 	NOT-FOR-US: Intel
-CVE-2021-0119
-	RESERVED
-CVE-2021-0118
-	RESERVED
-CVE-2021-0117
-	RESERVED
-CVE-2021-0116
-	RESERVED
-CVE-2021-0115
-	RESERVED
-CVE-2021-0114 (Insecure default variable initialization for the Intel BSSA DFT featur ...)
+CVE-2021-0119 (Improper initialization in the firmware for some Intel(R) Processors m ...)
+	TODO: check
+CVE-2021-0118 (Out-of-bounds read in the firmware for some Intel(R) Processors may al ...)
+	TODO: check
+CVE-2021-0117 (Pointer issues in the firmware for some Intel(R) Processors may allow  ...)
+	TODO: check
+CVE-2021-0116 (Out-of-bounds write in the firmware for some Intel(R) Processors may a ...)
+	TODO: check
+CVE-2021-0115 (Buffer overflow in the firmware for some Intel(R) Processors may allow ...)
+	TODO: check
+CVE-2021-0114 (Unchecked return value in the firmware for some Intel(R) Processors ma ...)
 	NOT-FOR-US: Intel
 CVE-2021-0113 (Out of bounds write in the BMC firmware for Intel(R) Server Board M10J ...)
 	NOT-FOR-US: Intel
 CVE-2021-0112 (Unquoted service path in the Intel Unite(R) Client for Windows before  ...)
 	NOT-FOR-US: Intel
-CVE-2021-0111
-	RESERVED
+CVE-2021-0111 (NULL pointer dereference in the firmware for some Intel(R) Processors  ...)
+	TODO: check
 CVE-2021-0110 (Improper access control in some Intel(R) Thunderbolt(TM) Windows DCH D ...)
 	NOT-FOR-US: Intel
 CVE-2021-0109 (Insecure inherited permissions for the Intel(R) SOC driver package for ...)
 	NOT-FOR-US: Intel
 CVE-2021-0108 (Uncontrolled search path in the Intel Unite(R) Client for Windows befo ...)
 	NOT-FOR-US: Intel
-CVE-2021-0107
-	RESERVED
+CVE-2021-0107 (Unchecked return value in the firmware for some Intel(R) Processors ma ...)
+	TODO: check
 CVE-2021-0106 (Incorrect default permissions in the Intel(R) Optane(TM) DC Persistent ...)
 	NOT-FOR-US: Intel
 CVE-2021-0105 (Insecure inherited permissions in some Intel(R) ProSet/Wireless WiFi d ...)
 	NOT-FOR-US: Intel
 CVE-2021-0104 (Uncontrolled search path element in the installer for the Intel(R) Rap ...)
 	NOT-FOR-US: Intel
-CVE-2021-0103
-	RESERVED
+CVE-2021-0103 (Insufficient control flow management in the firmware for some Intel(R) ...)
+	TODO: check
 CVE-2021-0102 (Insecure inherited permissions in the Intel Unite(R) Client for Window ...)
 	NOT-FOR-US: Intel
 CVE-2021-0101 (Buffer overflow in the BMC firmware for Intel(R) Server BoardM10JNP2SB ...)
 	NOT-FOR-US: Intel
 CVE-2021-0100 (Incorrect default permissions in the installer for the Intel(R) SSD Da ...)
 	NOT-FOR-US: Intel
-CVE-2021-0099
-	RESERVED
+CVE-2021-0099 (Insufficient control flow management in the firmware for some Intel(R) ...)
+	TODO: check
 CVE-2021-0098 (Improper access control in the Intel Unite(R) Client for Windows befor ...)
 	NOT-FOR-US: Intel
 CVE-2021-0097 (Path traversal in the BMC firmware for Intel(R) Server Board M10JNP2SB ...)
@@ -70631,12 +70628,12 @@ CVE-2021-0095 (Improper initialization in the firmware for some Intel(R) Process
 	NOT-FOR-US: Intel
 CVE-2021-0094 (Improper link resolution before file access in Intel(R) DSA before ver ...)
 	NOT-FOR-US: Intel
-CVE-2021-0093
-	RESERVED
-CVE-2021-0092
-	RESERVED
-CVE-2021-0091
-	RESERVED
+CVE-2021-0093 (Incorrect default permissions in the firmware for some Intel(R) Proces ...)
+	TODO: check
+CVE-2021-0092 (Improper access control in the firmware for some Intel(R) Processors m ...)
+	TODO: check
+CVE-2021-0091 (Improper access control in the firmware for some Intel(R) Processors m ...)
+	TODO: check
 CVE-2021-0090 (Uncontrolled search path element in Intel(R) DSA before version 20.11. ...)
 	NOT-FOR-US: Intel
 CVE-2021-0089 (Observable response discrepancy in some Intel(R) Processors may allow  ...)
@@ -70672,16 +70669,16 @@ CVE-2021-0078 (Improper input validation in software for some Intel(R) PROSet/Wi
 	NOT-FOR-US: Intel
 CVE-2021-0077 (Insecure inherited permissions in the installer for the Intel(R) VTune ...)
 	NOT-FOR-US: Intel
-CVE-2021-0076
-	RESERVED
+CVE-2021-0076 (Improper Validation of Specified Index, Position, or Offset in Input i ...)
+	TODO: check
 CVE-2021-0075 (Out-of-bounds write in firmware for some Intel(R) PROSet/Wireless WiFi ...)
 	NOT-FOR-US: Intel
 CVE-2021-0074 (Improper permissions in the installer for the Intel(R) Computing Impro ...)
 	NOT-FOR-US: Intel
 CVE-2021-0073 (Insufficient control flow management in Intel(R) DSA before version 20 ...)
 	NOT-FOR-US: Intel
-CVE-2021-0072
-	RESERVED
+CVE-2021-0072 (Improper input validation in firmware for some Intel(R) PROSet/Wireles ...)
+	TODO: check
 CVE-2021-0071 (Improper input validation in firmware for some Intel(R) PROSet/Wireles ...)
 	NOT-FOR-US: Intel
 CVE-2021-0070 (Improper input validation in the BMC firmware for Intel(R) Server Boar ...)
@@ -70692,8 +70689,8 @@ CVE-2021-0068
 	RESERVED
 CVE-2021-0067 (&amp;nbsp;Improper access control in system firmware for some Intel(R) ...)
 	NOT-FOR-US: Intel
-CVE-2021-0066
-	RESERVED
+CVE-2021-0066 (Improper input validation in firmware for Intel(R) PROSet/Wireless Wi- ...)
+	TODO: check
 CVE-2021-0065 (Incorrect default permissions in the Intel(R) PROSet/Wireless WiFi sof ...)
 	NOT-FOR-US: Intel
 CVE-2021-0064 (Insecure inherited permissions in the Intel(R) PROSet/Wireless WiFi so ...)
@@ -70704,8 +70701,8 @@ CVE-2021-0062 (Improper input validation in some Intel(R) Graphics Drivers befor
 	NOT-FOR-US: Intel drivers for Windows
 CVE-2021-0061 (Improper initialization in some Intel(R) Graphics Driver before versio ...)
 	NOT-FOR-US: Intel drivers for Windows
-CVE-2021-0060
-	RESERVED
+CVE-2021-0060 (Insufficient compartmentalization in HECI subsystem for the Intel(R) S ...)
+	TODO: check
 CVE-2021-0059
 	RESERVED
 CVE-2021-0058 (Incorrect default permissions in the Intel(R) NUC M15 Laptop Kit Drive ...)
diff --git a/data/CVE/list.2022 b/data/CVE/list.2022
index 9425ef268f..28f2332407 100644
--- a/data/CVE/list.2022
+++ b/data/CVE/list.2022
@@ -1,3 +1,21 @@
+CVE-2022-24703
+	RESERVED
+CVE-2022-24702
+	RESERVED
+CVE-2022-24701
+	RESERVED
+CVE-2022-24700
+	RESERVED
+CVE-2022-0556
+	RESERVED
+CVE-2022-0555
+	RESERVED
+CVE-2022-0554
+	RESERVED
+CVE-2022-0553
+	RESERVED
+CVE-2022-0552
+	RESERVED
 CVE-2022-24699
 	RESERVED
 CVE-2022-24698
@@ -104,31 +122,28 @@ CVE-2022-0536 (Exposure of Sensitive Information to an Unauthorized Actor in NPM
 	TODO: check
 CVE-2022-0535
 	RESERVED
-CVE-2022-0534
-	RESERVED
+CVE-2022-0534 (A vulnerability was found in htmldoc version 1.9.15 where the stack ou ...)
+	TODO: check
 CVE-2022-0533
 	RESERVED
-CVE-2022-0532
-	RESERVED
+CVE-2022-0532 (An incorrect sysctls validation vulnerability was found in CRI-O 1.18  ...)
 	NOT-FOR-US: cri-o
 CVE-2022-0531
 	RESERVED
-CVE-2022-0530
-	RESERVED
+CVE-2022-0530 (A flaw was found in unzip 6.0. The vulnerability occurs during the con ...)
 	- unzip <undetermined>
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=2051395
 	TODO: clarify details
-CVE-2022-0529
-	RESERVED
+CVE-2022-0529 (A flaw was found in unzip 6.0. The vulnerability occurs during the con ...)
 	- unzip <undetermined>
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=2051402
 	TODO: clarify details
-CVE-2022-24668
-	RESERVED
-CVE-2022-24667
-	RESERVED
-CVE-2022-24666
-	RESERVED
+CVE-2022-24668 (A program using swift-nio-http2 is vulnerable to a denial of service a ...)
+	TODO: check
+CVE-2022-24667 (A program using swift-nio-http2 is vulnerable to a denial of service a ...)
+	TODO: check
+CVE-2022-24666 (A program using swift-nio-http2 is vulnerable to a denial of service a ...)
+	TODO: check
 CVE-2022-0528
 	RESERVED
 CVE-2022-0527 (Cross-site Scripting (XSS) - Stored in GitHub repository chatwoot/chat ...)
@@ -941,30 +956,30 @@ CVE-2022-24323
 	RESERVED
 CVE-2022-24322
 	RESERVED
-CVE-2022-24321
-	RESERVED
-CVE-2022-24320
-	RESERVED
-CVE-2022-24319
-	RESERVED
-CVE-2022-24318
-	RESERVED
-CVE-2022-24317
-	RESERVED
-CVE-2022-24316
-	RESERVED
-CVE-2022-24315
-	RESERVED
-CVE-2022-24314
-	RESERVED
-CVE-2022-24313
-	RESERVED
-CVE-2022-24312
-	RESERVED
-CVE-2022-24311
-	RESERVED
-CVE-2022-24310
-	RESERVED
+CVE-2022-24321 (A CWE-754: Improper Check for Unusual or Exceptional Conditions vulner ...)
+	TODO: check
+CVE-2022-24320 (A CWE-295: Improper Certificate Validation vulnerability exists that c ...)
+	TODO: check
+CVE-2022-24319 (A CWE-295: Improper Certificate Validation vulnerability exists that c ...)
+	TODO: check
+CVE-2022-24318 (A CWE-326: Inadequate Encryption Strength vulnerability exists that co ...)
+	TODO: check
+CVE-2022-24317 (A CWE-862: Missing Authorization vulnerability exists that could cause ...)
+	TODO: check
+CVE-2022-24316 (A CWE-665: Improper Initialization vulnerability exists that could cau ...)
+	TODO: check
+CVE-2022-24315 (A CWE-125: Out-of-bounds Read vulnerability exists that could cause de ...)
+	TODO: check
+CVE-2022-24314 (A CWE-125: Out-of-bounds Read vulnerability exists that could cause me ...)
+	TODO: check
+CVE-2022-24313 (A CWE-120: Buffer Copy without Checking Size of Input vulnerability ex ...)
+	TODO: check
+CVE-2022-24312 (A CWE-22: Improper Limitation of a Pathname to a Restricted Directory  ...)
+	TODO: check
+CVE-2022-24311 (A CWE-22: Improper Limitation of a Pathname to a Restricted Directory  ...)
+	TODO: check
+CVE-2022-24310 (A CWE-190: Integer Overflow or Wraparound vulnerability exists that co ...)
+	TODO: check
 CVE-2022-24309
 	RESERVED
 CVE-2022-0480
@@ -1504,7 +1519,7 @@ CVE-2022-24145 (Tenda AX3 v16.03.12.10_CN was discovered to contain a stack over
 	NOT-FOR-US: Tenda routers
 CVE-2022-24144 (Tenda AX3 v16.03.12.10_CN was discovered to contain a command injectio ...)
 	NOT-FOR-US: Tenda routers
-CVE-2022-24143 (Tenda AX3 v16.03.12.10_CN was discovered to contain a stack overflow i ...)
+CVE-2022-24143 (Tenda AX3 v16.03.12.10_CN and AX12 22.03.01.2_CN was discovered to con ...)
 	NOT-FOR-US: Tenda routers
 CVE-2022-24142 (Tenda AX3 v16.03.12.10_CN was discovered to contain a stack overflow i ...)
 	NOT-FOR-US: Tenda routers
@@ -1835,8 +1850,7 @@ CVE-2022-0392 (Heap-based Buffer Overflow in GitHub repository vim/vim prior to
 	[buster] - vim <no-dsa> (Minor issue)
 	NOTE: https://huntr.dev/bounties/d00a2acd-1935-4195-9d5b-4115ef6b3126
 	NOTE: https://github.com/vim/vim/commit/806d037671e133bd28a7864248763f643967973a (v8.2.4218)
-CVE-2022-0391 [urllib.parse does not sanitize URLs containing ASCII newline and tabs]
-	RESERVED
+CVE-2022-0391 (A flaw was found in Python, specifically within the urllib.parse modul ...)
 	- python3.9 3.9.7-1
 	[bullseye] - python3.9 <no-dsa> (Minor issue)
 	- python3.7 <removed>
@@ -2919,14 +2933,14 @@ CVE-2022-23633
 	RESERVED
 CVE-2022-23632
 	RESERVED
-CVE-2022-23631
-	RESERVED
+CVE-2022-23631 (superjson is a program to allow JavaScript expressions to be serialize ...)
+	TODO: check
 CVE-2022-23630
 	RESERVED
 CVE-2022-23629
 	RESERVED
-CVE-2022-23628
-	RESERVED
+CVE-2022-23628 (OPA is an open source, general-purpose policy engine. Under certain co ...)
+	TODO: check
 CVE-2022-23627 (ArchiSteamFarm (ASF) is a C# application with primary purpose of idlin ...)
 	NOT-FOR-US: ArchiSteamFarm
 CVE-2022-23626 (m1k1o/blog is a lightweight self-hosted facebook-styled PHP blog. Erro ...)
@@ -2937,22 +2951,22 @@ CVE-2022-23624 (Frourio-express is a minimal full stack framework, for TypeScrip
 	NOT-FOR-US: Frourio-express
 CVE-2022-23623 (Frourio is a full stack framework, for TypeScript. Frourio users who u ...)
 	NOT-FOR-US: Frourio
-CVE-2022-23622
-	RESERVED
-CVE-2022-23621
-	RESERVED
-CVE-2022-23620
-	RESERVED
-CVE-2022-23619
-	RESERVED
-CVE-2022-23618
-	RESERVED
-CVE-2022-23617
-	RESERVED
-CVE-2022-23616
-	RESERVED
-CVE-2022-23615
-	RESERVED
+CVE-2022-23622 (XWiki Platform is a generic wiki platform offering runtime services fo ...)
+	TODO: check
+CVE-2022-23621 (XWiki Platform is a generic wiki platform offering runtime services fo ...)
+	TODO: check
+CVE-2022-23620 (XWiki Platform is a generic wiki platform offering runtime services fo ...)
+	TODO: check
+CVE-2022-23619 (XWiki Platform is a generic wiki platform offering runtime services fo ...)
+	TODO: check
+CVE-2022-23618 (XWiki Platform is a generic wiki platform offering runtime services fo ...)
+	TODO: check
+CVE-2022-23617 (XWiki Platform is a generic wiki platform offering runtime services fo ...)
+	TODO: check
+CVE-2022-23616 (XWiki Platform is a generic wiki platform offering runtime services fo ...)
+	TODO: check
+CVE-2022-23615 (XWiki Platform is a generic wiki platform offering runtime services fo ...)
+	TODO: check
 CVE-2022-23614 (Twig is an open source template language for PHP. When in a sandbox mo ...)
 	- php-twig 3.3.8-1
 	NOTE: https://github.com/twigphp/Twig/security/advisories/GHSA-5mv2-rx3q-4w2v
@@ -4604,12 +4618,12 @@ CVE-2022-23051
 	RESERVED
 CVE-2022-23050
 	RESERVED
-CVE-2022-23049
-	RESERVED
-CVE-2022-23048
-	RESERVED
-CVE-2022-23047
-	RESERVED
+CVE-2022-23049 (Exponent CMS 2.6.0patch2 allows an authenticated user to inject persis ...)
+	TODO: check
+CVE-2022-23048 (Exponent CMS 2.6.0patch2 allows an authenticated admin user to upload  ...)
+	TODO: check
+CVE-2022-23047 (Exponent CMS 2.6.0patch2 allows an authenticated admin user to inject  ...)
+	TODO: check
 CVE-2022-23046 (PhpIPAM v1.4.4 allows an authenticated admin user to inject SQL senten ...)
 	NOT-FOR-US: PhpIPAM
 CVE-2022-23045 (PhpIPAM v1.4.4 allows an authenticated admin user to inject persistent ...)
@@ -5099,8 +5113,8 @@ CVE-2022-0164
 	RESERVED
 CVE-2022-0163
 	RESERVED
-CVE-2022-0162
-	RESERVED
+CVE-2022-0162 (The vulnerability exists in TP-Link TL-WR841N V11 3.16.9 Build 160325  ...)
+	TODO: check
 CVE-2022-0161
 	RESERVED
 CVE-2022-0160
@@ -5243,20 +5257,20 @@ CVE-2022-0155 (follow-redirects is vulnerable to Exposure of Private Personal In
 	NOTE: https://huntr.dev/bounties/fc524e4b-ebb6-427d-ab67-a64181020406
 	NOTE: https://github.com/follow-redirects/follow-redirects/issues/183
 	NOTE: https://github.com/follow-redirects/follow-redirects/commit/8b347cbcef7c7b72a6e9be20f5710c17d6163c22 (v1.14.7)
-CVE-2022-22813
-	RESERVED
-CVE-2022-22812
-	RESERVED
-CVE-2022-22811
-	RESERVED
-CVE-2022-22810
-	RESERVED
-CVE-2022-22809
-	RESERVED
-CVE-2022-22808
-	RESERVED
-CVE-2022-22807
-	RESERVED
+CVE-2022-22813 (A CWE-798: Use of Hard-coded Credentials vulnerability exists. If an a ...)
+	TODO: check
+CVE-2022-22812 (A CWE-79: Improper Neutralization of Input During Web Page Generation  ...)
+	TODO: check
+CVE-2022-22811 (A CWE-352: Cross-Site Request Forgery (CSRF) vulnerability exists that ...)
+	TODO: check
+CVE-2022-22810 (A CWE-307: Improper Restriction of Excessive Authentication Attempts v ...)
+	TODO: check
+CVE-2022-22809 (A CWE-306: Missing Authentication for Critical Function vulnerability  ...)
+	TODO: check
+CVE-2022-22808 (A CWE-942: Permissive Cross-domain Policy with Untrusted Domains vulne ...)
+	TODO: check
+CVE-2022-22807 (A CWE-1021 Improper Restriction of Rendered UI Layers or Frames vulner ...)
+	TODO: check
 CVE-2022-22806
 	RESERVED
 CVE-2022-22805
@@ -5309,10 +5323,10 @@ CVE-2022-22782
 	RESERVED
 CVE-2022-22781
 	RESERVED
-CVE-2022-22780
-	RESERVED
-CVE-2022-22779
-	RESERVED
+CVE-2022-22780 (The Zoom Client for Meetings chat functionality was susceptible to Zip ...)
+	TODO: check
+CVE-2022-22779 (The Keybase Clients for macOS and Windows before version 5.9.0 fails t ...)
+	TODO: check
 CVE-2022-22778
 	RESERVED
 CVE-2022-22777
@@ -5981,10 +5995,10 @@ CVE-2022-0122 (forge is vulnerable to URL Redirection to Untrusted Site ...)
 	NOT-FOR-US: forge
 CVE-2022-0121 (hoppscotch is vulnerable to Exposure of Sensitive Information to an Un ...)
 	NOT-FOR-US: hoppscotch
-CVE-2022-22567
-	RESERVED
-CVE-2022-22566
-	RESERVED
+CVE-2022-22567 (Select Dell Client Commercial and Consumer platforms are vulnerable to ...)
+	TODO: check
+CVE-2022-22566 (Select Dell Client Commercial and Consumer platforms contain a pre-boo ...)
+	TODO: check
 CVE-2022-22565
 	RESERVED
 CVE-2022-22564
@@ -6023,44 +6037,44 @@ CVE-2022-22548
 	RESERVED
 CVE-2022-22547
 	RESERVED
-CVE-2022-22546
-	RESERVED
-CVE-2022-22545
-	RESERVED
-CVE-2022-22544
-	RESERVED
-CVE-2022-22543
-	RESERVED
-CVE-2022-22542
-	RESERVED
+CVE-2022-22546 (Due to improper HTML encoding in input control summary, an authorized  ...)
+	TODO: check
+CVE-2022-22545 (A high privileged user who has access to transaction SM59 can read con ...)
+	TODO: check
+CVE-2022-22544 (Solution Manager (Diagnostics Root Cause Analysis Tools) - version 720 ...)
+	TODO: check
+CVE-2022-22543 (SAP NetWeaver Application Server for ABAP (Kernel) and ABAP Platform ( ...)
+	TODO: check
+CVE-2022-22542 (S/4HANA Supplier Factsheet exposes the private address and bank detail ...)
+	TODO: check
 CVE-2022-22541
 	RESERVED
-CVE-2022-22540
-	RESERVED
-CVE-2022-22539
-	RESERVED
-CVE-2022-22538
-	RESERVED
-CVE-2022-22537
-	RESERVED
-CVE-2022-22536
-	RESERVED
-CVE-2022-22535
-	RESERVED
-CVE-2022-22534
-	RESERVED
-CVE-2022-22533
-	RESERVED
-CVE-2022-22532
-	RESERVED
+CVE-2022-22540 (SAP NetWeaver AS ABAP (Workplace Server) - versions 700, 701, 702, 731 ...)
+	TODO: check
+CVE-2022-22539 (When a user opens a manipulated JPEG file format (.jpg, 2d.x3d) receiv ...)
+	TODO: check
+CVE-2022-22538 (When a user opens a manipulated Adobe Illustrator file format (.ai, ai ...)
+	TODO: check
+CVE-2022-22537 (When a user opens a manipulated Tagged Image File Format (.tiff, 2d.x3 ...)
+	TODO: check
+CVE-2022-22536 (SAP NetWeaver Application Server ABAP, SAP NetWeaver Application Serve ...)
+	TODO: check
+CVE-2022-22535 (SAP ERP HCM Portugal - versions 600, 604, 608, does not perform necess ...)
+	TODO: check
+CVE-2022-22534 (Due to insufficient encoding of user input, SAP NetWeaver allows an un ...)
+	TODO: check
+CVE-2022-22533 (Due to improper error handling in SAP NetWeaver Application Server Jav ...)
+	TODO: check
+CVE-2022-22532 (In SAP NetWeaver Application Server Java - versions KRNL64NUC 7.22, 7. ...)
+	TODO: check
 CVE-2022-22531 (The F0743 Create Single Payment application of SAP S/4HANA - versions  ...)
 	NOT-FOR-US: SAP
 CVE-2022-22530 (The F0743 Create Single Payment application of SAP S/4HANA - versions  ...)
 	NOT-FOR-US: SAP
 CVE-2022-22529 (SAP Enterprise Threat Detection (ETD) - version 2.0, does not sufficie ...)
 	NOT-FOR-US: SAP
-CVE-2022-22528
-	RESERVED
+CVE-2022-22528 (SAP Adaptive Server Enterprise (ASE) - version 16.0, installation make ...)
+	TODO: check
 CVE-2022-22527
 	RESERVED
 CVE-2022-0120
@@ -7768,8 +7782,8 @@ CVE-2022-21827
 	RESERVED
 CVE-2022-21826
 	RESERVED
-CVE-2022-21825
-	RESERVED
+CVE-2022-21825 (An Improper Access Control vulnerability exists in Citrix Workspace Ap ...)
+	TODO: check
 CVE-2022-21823 (A insecure storage of sensitive information vulnerability exists in Iv ...)
 	NOT-FOR-US: Ivanti
 CVE-2022-21822
@@ -7834,8 +7848,8 @@ CVE-2022-21239
 	RESERVED
 CVE-2022-21229
 	RESERVED
-CVE-2022-21226
-	RESERVED
+CVE-2022-21226 (Out-of-bounds read in the Intel(R) Trace Analyzer and Collector before ...)
+	TODO: check
 CVE-2022-21206
 	RESERVED
 CVE-2022-21188
@@ -7852,8 +7866,8 @@ CVE-2022-21162
 	RESERVED
 CVE-2022-21161
 	RESERVED
-CVE-2022-21156
-	RESERVED
+CVE-2022-21156 (Access of uninitialized pointer in the Intel(R) Trace Analyzer and Col ...)
+	TODO: check
 CVE-2022-21152
 	RESERVED
 CVE-2022-21150
@@ -7872,8 +7886,8 @@ CVE-2022-21240
 	RESERVED
 CVE-2022-21237
 	RESERVED
-CVE-2022-21218
-	RESERVED
+CVE-2022-21218 (Uncaught exception in the Intel(R) Trace Analyzer and Collector before ...)
+	TODO: check
 CVE-2022-21212
 	RESERVED
 CVE-2022-21197
@@ -7886,8 +7900,8 @@ CVE-2022-21140
 	RESERVED
 CVE-2022-21139
 	RESERVED
-CVE-2022-21133
-	RESERVED
+CVE-2022-21133 (Out-of-bounds read in the Intel(R) Trace Analyzer and Collector before ...)
+	TODO: check
 CVE-2022-21792
 	RESERVED
 CVE-2022-21791
@@ -8241,8 +8255,8 @@ CVE-2022-21661 (WordPress is a free and open-source content management system wr
 	NOTE: https://github.com/WordPress/wordpress-develop/commit/17efac8c8ec64555eff5cf51a3eff81e06317214
 	NOTE: https://hackerone.com/reports/1378209
 	NOTE: https://www.zerodayinitiative.com/blog/2022/1/18/cve-2021-21661-exposing-database-info-via-wordpress-sql-injection
-CVE-2022-21660
-	RESERVED
+CVE-2022-21660 (Gin-vue-admin is a backstage management system based on vue and gin. I ...)
+	TODO: check
 CVE-2022-21659 (Flask-AppBuilder is an application development framework, built on top ...)
 	TODO: check
 CVE-2022-21658 (Rust is a multi-paradigm, general-purpose programming language designe ...)
@@ -9141,16 +9155,16 @@ CVE-2022-21242 (Vulnerability in the Primavera Portfolio Management product of O
 	NOT-FOR-US: Oracle
 CVE-2022-21216
 	RESERVED
-CVE-2022-21204
-	RESERVED
+CVE-2022-21204 (Improper permissions for Intel(R) Quartus(R) Prime Pro Edition before  ...)
+	TODO: check
 CVE-2022-21200
 	RESERVED
-CVE-2022-21174
-	RESERVED
-CVE-2022-21157
-	RESERVED
-CVE-2022-21153
-	RESERVED
+CVE-2022-21174 (Improper access control in a third-party component of Intel(R) Quartus ...)
+	TODO: check
+CVE-2022-21157 (Improper access control in the Intel(R) Smart Campus Android applicati ...)
+	TODO: check
+CVE-2022-21153 (Improper access control in the Intel(R) Capital Global Summit Android  ...)
+	TODO: check
 CVE-2022-21151
 	RESERVED
 CVE-2022-21138
@@ -9159,14 +9173,14 @@ CVE-2022-21136
 	RESERVED
 CVE-2022-21131
 	RESERVED
-CVE-2022-21220
-	RESERVED
+CVE-2022-21220 (Improper restriction of XML external entity for Intel(R) Quartus(R) Pr ...)
+	TODO: check
 CVE-2022-21207
 	RESERVED
-CVE-2022-21205
-	RESERVED
-CVE-2022-21203
-	RESERVED
+CVE-2022-21205 (Improper restriction of XML external entity reference in DSP Builder P ...)
+	TODO: check
+CVE-2022-21203 (Improper permissions in the SafeNet Sentinel driver for Intel(R) Quart ...)
+	TODO: check
 CVE-2022-21181
 	RESERVED
 CVE-2022-21180
@@ -11344,52 +11358,52 @@ CVE-2022-20048
 	RESERVED
 CVE-2022-20047
 	RESERVED
-CVE-2022-20046
-	RESERVED
-CVE-2022-20045
-	RESERVED
-CVE-2022-20044
-	RESERVED
-CVE-2022-20043
-	RESERVED
-CVE-2022-20042
-	RESERVED
-CVE-2022-20041
-	RESERVED
-CVE-2022-20040
-	RESERVED
-CVE-2022-20039
-	RESERVED
-CVE-2022-20038
-	RESERVED
-CVE-2022-20037
-	RESERVED
-CVE-2022-20036
-	RESERVED
-CVE-2022-20035
-	RESERVED
-CVE-2022-20034
-	RESERVED
-CVE-2022-20033
-	RESERVED
-CVE-2022-20032
-	RESERVED
-CVE-2022-20031
-	RESERVED
-CVE-2022-20030
-	RESERVED
-CVE-2022-20029
-	RESERVED
-CVE-2022-20028
-	RESERVED
-CVE-2022-20027
-	RESERVED
-CVE-2022-20026
-	RESERVED
-CVE-2022-20025
-	RESERVED
-CVE-2022-20024
-	RESERVED
+CVE-2022-20046 (In Bluetooth, there is a possible memory corruption due to a logic err ...)
+	TODO: check
+CVE-2022-20045 (In Bluetooth, there is a possible service crash due to a use after fre ...)
+	TODO: check
+CVE-2022-20044 (In Bluetooth, there is a possible service crash due to a use after fre ...)
+	TODO: check
+CVE-2022-20043 (In Bluetooth, there is a possible escalation of privilege due to a mis ...)
+	TODO: check
+CVE-2022-20042 (In Bluetooth, there is a possible information disclosure due to incorr ...)
+	TODO: check
+CVE-2022-20041 (In Bluetooth, there is a possible escalation of privilege due to a mis ...)
+	TODO: check
+CVE-2022-20040 (In power_hal_manager_service, there is a possible permission bypass du ...)
+	TODO: check
+CVE-2022-20039 (In ccu driver, there is a possible memory corruption due to an integer ...)
+	TODO: check
+CVE-2022-20038 (In ccu driver, there is a possible memory corruption due to an incorre ...)
+	TODO: check
+CVE-2022-20037 (In ion driver, there is a possible information disclosure due to an in ...)
+	TODO: check
+CVE-2022-20036 (In ion driver, there is a possible information disclosure due to an in ...)
+	TODO: check
+CVE-2022-20035 (In vcu driver, there is a possible information disclosure due to a use ...)
+	TODO: check
+CVE-2022-20034 (In Preloader XFLASH, there is a possible escalation of privilege due t ...)
+	TODO: check
+CVE-2022-20033 (In camera driver, there is a possible out of bounds read due to an inc ...)
+	TODO: check
+CVE-2022-20032 (In vow driver, there is a possible memory corruption due to a race con ...)
+	TODO: check
+CVE-2022-20031 (In fb driver, there is a possible memory corruption due to a use after ...)
+	TODO: check
+CVE-2022-20030 (In vow driver, there is a possible out of bounds write due to a stack- ...)
+	TODO: check
+CVE-2022-20029 (In cmdq driver, there is a possible out of bounds read due to an incor ...)
+	TODO: check
+CVE-2022-20028 (In Bluetooth, there is a possible out of bounds write due to a missing ...)
+	TODO: check
+CVE-2022-20027 (In Bluetooth, there is a possible out of bounds write due to a missing ...)
+	TODO: check
+CVE-2022-20026 (In Bluetooth, there is a possible out of bounds write due to a missing ...)
+	TODO: check
+CVE-2022-20025 (In Bluetooth, there is a possible out of bounds write due to a missing ...)
+	TODO: check
+CVE-2022-20024 (In system service, there is a possible permission bypass due to a miss ...)
+	TODO: check
 CVE-2022-20023 (In Bluetooth, there is a possible application crash due to bluetooth f ...)
 	NOT-FOR-US: MediaTek
 CVE-2022-20022 (In Bluetooth, there is a possible link disconnection due to bluetooth  ...)
@@ -11402,8 +11416,8 @@ CVE-2022-20019 (In libMtkOmxGsmDec, there is a possible information disclosure d
 	NOT-FOR-US: MediaTek
 CVE-2022-20018 (In seninf driver, there is a possible information disclosure due to un ...)
 	NOT-FOR-US: MediaTek
-CVE-2022-20017
-	RESERVED
+CVE-2022-20017 (In ion driver, there is a possible information disclosure due to an in ...)
+	TODO: check
 CVE-2022-20016 (In vow driver, there is a possible memory corruption due to improper l ...)
 	NOT-FOR-US: MediaTek
 CVE-2022-20015 (In kd_camera_hw driver, there is a possible information disclosure due ...)
author	security tracker role <sectracker@soriano.debian.org>	2022-02-10 08:10:10 +0000
committer	security tracker role <sectracker@soriano.debian.org>	2022-02-10 08:10:10 +0000
commit	07d03276937eb257bca4306c7a33bef5110a80ba (patch)
tree	c69bcfcc7e1b14eb32fa51157e114d76d5cbee7f /data
parent	5d3facfa8733748693dac2874fac70287e6db17b (diff)