automatic update

1 files changed, 16 insertions, 20 deletions

diff --git a/data/CVE/2021.list b/data/CVE/2021.list
index 6bdc38e0c9..98000e62fb 100644
--- a/data/CVE/2021.list
+++ b/data/CVE/2021.list
@@ -869,18 +869,18 @@ CVE-2021-46321 (Tenda AC Series Router AC11_V02.03.01.104_CN was discovered to c
 	NOT-FOR-US: Tenda
 CVE-2021-46320 (In OpenZeppelin <=v4.4.0, initializer functions that are invoked se ...)
 	NOT-FOR-US: OpenZeppelin
-CVE-2021-46319
-	RESERVED
+CVE-2021-46319 (Remote Code Execution (RCE) vulnerability exists in D-Link Router DIR- ...)
+	TODO: check
 CVE-2021-46318
 	RESERVED
 CVE-2021-46317
 	RESERVED
 CVE-2021-46316
 	RESERVED
-CVE-2021-46315
-	RESERVED
-CVE-2021-46314
-	RESERVED
+CVE-2021-46315 (Remote Command Execution (RCE) vulnerability exists in HNAP1/control/S ...)
+	TODO: check
+CVE-2021-46314 (A Remote Command Execution (RCE) vulnerability exists in HNAP1/control ...)
+	TODO: check
 CVE-2021-46313 (The binary MP4Box in GPAC v1.0.1 was discovered to contain a segmentat ...)
 	- gpac <unfixed>
 	[bullseye] - gpac <ignored> (Minor issue)
@@ -1402,8 +1402,8 @@ CVE-2021-46110
 	RESERVED
 CVE-2021-46109 (Invalid input sanitizing leads to reflected Cross Site Scripting (XSS) ...)
 	NOT-FOR-US: ASUS
-CVE-2021-46108
-	RESERVED
+CVE-2021-46108 (D-Link DSL-2730E CT-20131125 devices allow XSS via the username parame ...)
+	TODO: check
 CVE-2021-46107
 	RESERVED
 CVE-2021-46106
@@ -3377,8 +3377,8 @@ CVE-2021-45384
 	RESERVED
 CVE-2021-45383
 	RESERVED
-CVE-2021-45382
-	RESERVED
+CVE-2021-45382 (A Remote Command Execution (RCE) vulnerability exists in all series H/ ...)
+	TODO: check
 CVE-2021-45381
 	RESERVED
 CVE-2021-45380 (AppCMS 2.0.101 has a XSS injection vulnerability in \templates\m\inc_h ...)
@@ -4250,8 +4250,7 @@ CVE-2021-45052 (Adobe Bridge version 11.1.2 (and earlier) and version 12.0 (and
 	NOT-FOR-US: Adobe
 CVE-2021-45051 (Adobe Bridge version 11.1.2 (and earlier) and version 12.0 (and earlie ...)
 	NOT-FOR-US: Adobe
-CVE-2021-4120
-	RESERVED
+CVE-2021-4120 (snapd 2.54.2 fails to perform sufficient validation of snap content in ...)
 	- snapd <unfixed>
 	NOTE: https://bugs.launchpad.net/snapd/+bug/1949368
 CVE-2021-45050
@@ -5151,12 +5150,10 @@ CVE-2021-44732 (Mbed TLS before 3.0.1 has a double free in certain out-of-memory
 	- mbedtls 2.28.0-0.3 (bug #1002631)
 	NOTE: https://tls.mbed.org/tech-updates/security-advisories/mbedtls-security-advisory-2021-12
 	NOTE: https://github.com/ARMmbed/mbedtls/commit/eb490aabf6a9f47c074ec476d0d4997c2362cdbc (mbedtls-2.16.12)
-CVE-2021-44731
-	RESERVED
+CVE-2021-44731 (A race condition existed in the snapd 2.54.2 snap-confine binary when  ...)
 	- snapd <unfixed>
 	NOTE: https://www.openwall.com/lists/oss-security/2022/02/17/2
-CVE-2021-44730
-	RESERVED
+CVE-2021-44730 (snapd 2.54.2 did not properly validate the location of the snap-confin ...)
 	- snapd <unfixed>
 	NOTE: https://www.openwall.com/lists/oss-security/2022/02/17/2
 CVE-2021-44729
@@ -13057,8 +13054,8 @@ CVE-2021-41601
 	RESERVED
 CVE-2021-41600
 	RESERVED
-CVE-2021-41599
-	RESERVED
+CVE-2021-41599 (A remote code execution vulnerability was identified in GitHub Enterpr ...)
+	TODO: check
 CVE-2021-41598 (A UI misrepresentation vulnerability was identified in GitHub Enterpri ...)
 	NOT-FOR-US: GitHub Enterprise Server
 CVE-2021-41597 (SuiteCRM through 7.11.21 is vulnerable to CSRF, with resultant remote  ...)
@@ -53367,8 +53364,7 @@ CVE-2021-3156 (Sudo before 1.9.5p2 contains an off-by-one error that can result
 	NOTE: https://www.sudo.ws/repos/sudo/rev/09f98816fc89
 	NOTE: https://www.sudo.ws/repos/sudo/rev/c125fbe68783
 	NOTE: https://www.openwall.com/lists/oss-security/2021/01/26/3
-CVE-2021-3155
-	RESERVED
+CVE-2021-3155 (snapd 2.54.2 and earlier created ~/snap directories in user home direc ...)
 	- snapd 2.54-1
 	NOTE: https://github.com/snapcore/snapd/pull/9841
 	NOTE: https://github.com/snapcore/snapd/commit/6bcaeeccd16ed8298a301dd92f6907f88c24cc85 (2.52)