automatic update

1 files changed, 42 insertions, 44 deletions

diff --git a/data/CVE/2021.list b/data/CVE/2021.list
index 5903cd9c3a..24d7abb1e9 100644
--- a/data/CVE/2021.list
+++ b/data/CVE/2021.list
@@ -680,8 +680,8 @@ CVE-2021-4209
 	RESERVED
 CVE-2021-46403
 	RESERVED
-CVE-2021-4208
-	RESERVED
+CVE-2021-4208 (The ExportFeed WordPress plugin through 2.0.1.0 does not sanitise and  ...)
+	TODO: check
 CVE-2021-46402
 	RESERVED
 CVE-2021-46401
@@ -984,8 +984,8 @@ CVE-2021-4205
 	RESERVED
 CVE-2021-31567 (Authenticated (admin+) Arbitrary File Download vulnerability discovere ...)
 	NOT-FOR-US: WordPress plugin
-CVE-2021-26256
-	RESERVED
+CVE-2021-26256 (Unauthenticated Stored Cross-Site Scripting (XSS) vulnerability discov ...)
+	TODO: check
 CVE-2021-23227 (Cross-Site Request Forgery (CSRF) vulnerability discovered in PHP Ever ...)
 	NOT-FOR-US: WordPress plugin
 CVE-2021-23209
@@ -4434,8 +4434,8 @@ CVE-2021-45010
 	RESERVED
 CVE-2021-45009
 	RESERVED
-CVE-2021-45008
-	RESERVED
+CVE-2021-45008 (Plesk CMS 18.0.37 is affected by an insecure permissions vulnerability ...)
+	TODO: check
 CVE-2021-45007 (Plesk 18.0.37 is affected by a Cross Site Request Forgery (CSRF) vulne ...)
 	NOT-FOR-US: Plesk
 CVE-2021-45006
@@ -5586,8 +5586,8 @@ CVE-2021-44570
 	RESERVED
 CVE-2021-44569
 	RESERVED
-CVE-2021-44568
-	RESERVED
+CVE-2021-44568 (Two heap-overflow vulnerabilities exist in openSUSE/libsolv libsolv th ...)
+	TODO: check
 CVE-2021-44567
 	RESERVED
 CVE-2021-44566
@@ -6806,8 +6806,7 @@ CVE-2021-44143 (A flaw was found in mbsync in isync 1.4.0 through 1.4.3. Due to
 	[buster] - isync <not-affected> (Vulnerable code introduced later)
 	[stretch] - isync <not-affected> (Vulnerable code introduced later)
 	NOTE: https://www.openwall.com/lists/oss-security/2021/12/03/2
-CVE-2021-44142 [Out-of-bounds heap read/write vulnerability in VFS module vfs_fruit allows code execution]
-	RESERVED
+CVE-2021-44142 (The Samba vfs_fruit module uses extended file attributes (EA, xattr) t ...)
 	{DSA-5071-1}
 	- samba <unfixed> (bug #1004693)
 	NOTE: https://www.samba.org/samba/security/CVE-2021-44142.html
@@ -6815,8 +6814,7 @@ CVE-2021-44142 [Out-of-bounds heap read/write vulnerability in VFS module vfs_fr
 	NOTE: https://www.zerodayinitiative.com/advisories/ZDI-22-244/
 	NOTE: https://www.zerodayinitiative.com/advisories/ZDI-22-245/
 	NOTE: https://www.zerodayinitiative.com/advisories/ZDI-22-246/
-CVE-2021-44141 [Information leak via symlinks of existance of files or directories outside of the exported share]
-	RESERVED
+CVE-2021-44141 (All versions of Samba prior to 4.15.5 are vulnerable to a malicious cl ...)
 	- samba <unfixed> (bug #1004692)
 	[bullseye] - samba <ignored> (Minor issue; no backport to older versions, mitigations exists)
 	[buster] - samba <ignored> (Minor issue; no backport to older versions, mitigations exists)
@@ -47055,10 +47053,10 @@ CVE-2021-27799 (ean_leading_zeroes in backend/upcean.c in Zint Barcode Generator
 	NOTE: https://sourceforge.net/p/zint/code/ci/7f8c8114f31c09a986597e0ba63a49f96150368a/
 CVE-2021-27798
 	RESERVED
-CVE-2021-27797
-	RESERVED
-CVE-2021-27796
-	RESERVED
+CVE-2021-27797 (Brocade Fabric OS before Brocade Fabric OS v8.2.1c, v8.1.2h, and all v ...)
+	TODO: check
+CVE-2021-27796 (A vulnerability in Brocade Fabric OS versions before Brocade Fabric OS ...)
+	TODO: check
 CVE-2021-27795
 	RESERVED
 CVE-2021-27794 (A vulnerability in the authentication mechanism of Brocade Fabric OS v ...)
@@ -47139,12 +47137,12 @@ CVE-2021-27757
 	RESERVED
 CVE-2021-27756
 	RESERVED
-CVE-2021-27755
-	RESERVED
+CVE-2021-27755 ("Sametime Android potential path traversal vulnerability when using Fi ...)
+	TODO: check
 CVE-2021-27754
 	RESERVED
-CVE-2021-27753
-	RESERVED
+CVE-2021-27753 ("Sametime Android PathTraversal Vulnerability" ...)
+	TODO: check
 CVE-2021-27752
 	RESERVED
 CVE-2021-27751
@@ -53648,12 +53646,12 @@ CVE-2021-25103 (The Translate WordPress with GTranslate WordPress plugin before
 	NOT-FOR-US: WordPress plugin
 CVE-2021-25102
 	RESERVED
-CVE-2021-25101
-	RESERVED
-CVE-2021-25100
-	RESERVED
-CVE-2021-25099
-	RESERVED
+CVE-2021-25101 (The Anti-Malware Security and Brute-Force Firewall WordPress plugin be ...)
+	TODO: check
+CVE-2021-25100 (The GiveWP WordPress plugin before 2.17.3 does not escape the s parame ...)
+	TODO: check
+CVE-2021-25099 (The GiveWP WordPress plugin before 2.17.3 does not sanitise and escape ...)
+	TODO: check
 CVE-2021-25098
 	RESERVED
 CVE-2021-25097 (The LabTools WordPress plugin through 1.0 does not have proper authori ...)
@@ -53686,8 +53684,8 @@ CVE-2021-25084 (The Advanced Cron Manager WordPress plugin before 2.4.2 and Adva
 	NOT-FOR-US: WordPress plugin
 CVE-2021-25083 (The Registrations for the Events Calendar WordPress plugin before 2.7. ...)
 	NOT-FOR-US: WordPress plugin
-CVE-2021-25082
-	RESERVED
+CVE-2021-25082 (The Popup Builder WordPress plugin before 4.0.7 does not validate and  ...)
+	TODO: check
 CVE-2021-25081
 	RESERVED
 CVE-2021-25080 (The Contact Form Entries WordPress plugin before 1.1.7 does not valida ...)
@@ -53700,8 +53698,8 @@ CVE-2021-25077 (The Store Toolkit for WooCommerce WordPress plugin before 2.3.2
 	NOT-FOR-US: WordPress plugin
 CVE-2021-25076 (The WP User Frontend WordPress plugin before 3.5.26 does not validate  ...)
 	NOT-FOR-US: WordPress plugin
-CVE-2021-25075
-	RESERVED
+CVE-2021-25075 (The Duplicate Page or Post WordPress plugin before 1.5.1 does not have ...)
+	TODO: check
 CVE-2021-25074 (The WebP Converter for Media WordPress plugin before 4.0.3 contains a  ...)
 	NOT-FOR-US: WordPress plugin
 CVE-2021-25073 (The WP125 WordPress plugin before 1.5.5 does not have CSRF checks in v ...)
@@ -53712,8 +53710,8 @@ CVE-2021-25071
 	RESERVED
 CVE-2021-25070
 	RESERVED
-CVE-2021-25069
-	RESERVED
+CVE-2021-25069 (The Download Manager WordPress plugin before 3.2.34 does not sanitise  ...)
+	TODO: check
 CVE-2021-25068
 	RESERVED
 CVE-2021-25067 (The Landing Page Builder WordPress plugin before 1.4.9.6 was affected  ...)
@@ -53730,18 +53728,18 @@ CVE-2021-25062 (The Orders Tracking for WooCommerce WordPress plugin before 1.1.
 	NOT-FOR-US: WordPress plugin
 CVE-2021-25061 (The WP Booking System WordPress plugin before 2.0.15 was affected by a ...)
 	NOT-FOR-US: WordPress plugin
-CVE-2021-25060
-	RESERVED
+CVE-2021-25060 (The Five Star Business Profile and Schema WordPress plugin before 2.1. ...)
+	TODO: check
 CVE-2021-25059
 	RESERVED
-CVE-2021-25058
-	RESERVED
-CVE-2021-25057
-	RESERVED
+CVE-2021-25058 (The Buffer Button WordPress plugin through 1.0 was vulnerable to Authe ...)
+	TODO: check
+CVE-2021-25057 (The Translation Exchange WordPress plugin through 1.0.14 was vulnerabl ...)
+	TODO: check
 CVE-2021-25056
 	RESERVED
-CVE-2021-25055
-	RESERVED
+CVE-2021-25055 (The FeedWordPress plugin before 2022.0123 is affected by a Reflected C ...)
+	TODO: check
 CVE-2021-25054 (The WPcalc WordPress plugin through 2.1 does not sanitize user input i ...)
 	NOT-FOR-US: WordPress plugin
 CVE-2021-25053 (The WP Coder WordPress plugin before 2.5.2 within the wow-company admi ...)
@@ -54008,8 +54006,8 @@ CVE-2021-24923 (The Newsletter, SMTP, Email marketing and Subscribe forms by Sen
 	NOT-FOR-US: WordPress plugin
 CVE-2021-24922 (The Pixel Cat WordPress plugin before 2.6.2 does not have CSRF check w ...)
 	NOT-FOR-US: WordPress plugin
-CVE-2021-24921
-	RESERVED
+CVE-2021-24921 (The Advanced Database Cleaner WordPress plugin before 3.0.4 does not s ...)
+	TODO: check
 CVE-2021-24920
 	RESERVED
 CVE-2021-24919 (The Wicked Folders WordPress plugin before 2.8.10 does not sanitise an ...)
@@ -54116,8 +54114,8 @@ CVE-2021-24869
 	RESERVED
 CVE-2021-24868 (The Document Embedder WordPress plugin before 1.7.9 contains a AJAX ac ...)
 	NOT-FOR-US: WordPress plugin
-CVE-2021-24867
-	RESERVED
+CVE-2021-24867 (Numerous Plugins and Themes from the AccessPress Themes (aka Access Ke ...)
+	TODO: check
 CVE-2021-24866 (The WP Data Access WordPress plugin before 5.0.0 does not properly san ...)
 	NOT-FOR-US: WordPress plugin
 CVE-2021-24865 (The Advanced Custom Fields: Extended WordPress plugin before 0.8.8.7 d ...)