[Git][security-tracker-team/security-tracker][master] automatic update

Tue Oct 11 21:10:37 BST 2022


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
bc70e37d by security tracker role at 2022-10-11T20:10:26+00:00
automatic update

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,3 +1,183 @@
+CVE-2022-42867
+	RESERVED
+CVE-2022-42866
+	RESERVED
+CVE-2022-42865
+	RESERVED
+CVE-2022-42864
+	RESERVED
+CVE-2022-42863
+	RESERVED
+CVE-2022-42862
+	RESERVED
+CVE-2022-42861
+	RESERVED
+CVE-2022-42860
+	RESERVED
+CVE-2022-42859
+	RESERVED
+CVE-2022-42858
+	RESERVED
+CVE-2022-42857
+	RESERVED
+CVE-2022-42856
+	RESERVED
+CVE-2022-42855
+	RESERVED
+CVE-2022-42854
+	RESERVED
+CVE-2022-42853
+	RESERVED
+CVE-2022-42852
+	RESERVED
+CVE-2022-42851
+	RESERVED
+CVE-2022-42850
+	RESERVED
+CVE-2022-42849
+	RESERVED
+CVE-2022-42848
+	RESERVED
+CVE-2022-42847
+	RESERVED
+CVE-2022-42846
+	RESERVED
+CVE-2022-42845
+	RESERVED
+CVE-2022-42844
+	RESERVED
+CVE-2022-42843
+	RESERVED
+CVE-2022-42842
+	RESERVED
+CVE-2022-42841
+	RESERVED
+CVE-2022-42840
+	RESERVED
+CVE-2022-42839
+	RESERVED
+CVE-2022-42838
+	RESERVED
+CVE-2022-42837
+	RESERVED
+CVE-2022-42836
+	RESERVED
+CVE-2022-42835
+	RESERVED
+CVE-2022-42834
+	RESERVED
+CVE-2022-42833
+	RESERVED
+CVE-2022-42832
+	RESERVED
+CVE-2022-42831
+	RESERVED
+CVE-2022-42830
+	RESERVED
+CVE-2022-42829
+	RESERVED
+CVE-2022-42828
+	RESERVED
+CVE-2022-42827
+	RESERVED
+CVE-2022-42826
+	RESERVED
+CVE-2022-42825
+	RESERVED
+CVE-2022-42824
+	RESERVED
+CVE-2022-42823
+	RESERVED
+CVE-2022-42822
+	RESERVED
+CVE-2022-42821
+	RESERVED
+CVE-2022-42820
+	RESERVED
+CVE-2022-42819
+	RESERVED
+CVE-2022-42818
+	RESERVED
+CVE-2022-42817
+	RESERVED
+CVE-2022-42816
+	RESERVED
+CVE-2022-42815
+	RESERVED
+CVE-2022-42814
+	RESERVED
+CVE-2022-42813
+	RESERVED
+CVE-2022-42812
+	RESERVED
+CVE-2022-42811
+	RESERVED
+CVE-2022-42810
+	RESERVED
+CVE-2022-42809
+	RESERVED
+CVE-2022-42808
+	RESERVED
+CVE-2022-42807
+	RESERVED
+CVE-2022-42806
+	RESERVED
+CVE-2022-42805
+	RESERVED
+CVE-2022-42804
+	RESERVED
+CVE-2022-42803
+	RESERVED
+CVE-2022-42802
+	RESERVED
+CVE-2022-42801
+	RESERVED
+CVE-2022-42800
+	RESERVED
+CVE-2022-42799
+	RESERVED
+CVE-2022-42798
+	RESERVED
+CVE-2022-42797
+	RESERVED
+CVE-2022-42796
+	RESERVED
+CVE-2022-42795
+	RESERVED
+CVE-2022-42794
+	RESERVED
+CVE-2022-42793
+	RESERVED
+CVE-2022-42792
+	RESERVED
+CVE-2022-42791
+	RESERVED
+CVE-2022-42790
+	RESERVED
+CVE-2022-42789
+	RESERVED
+CVE-2022-42788
+	RESERVED
+CVE-2022-42787
+	RESERVED
+CVE-2022-42786
+	RESERVED
+CVE-2022-42785
+	RESERVED
+CVE-2022-42784
+	RESERVED
+CVE-2022-3457
+	RESERVED
+CVE-2022-3456
+	RESERVED
+CVE-2022-3455
+	RESERVED
+CVE-2022-3454
+	RESERVED
+CVE-2022-3453 (A vulnerability was found in SourceCodester Book Store Management Syst ...)
+	TODO: check
+CVE-2022-3452 (A vulnerability was found in SourceCodester Book Store Management Syst ...)
+	TODO: check
 CVE-2022-42783
 	RESERVED
 CVE-2022-42782
@@ -132,8 +312,8 @@ CVE-2022-3439
 	RESERVED
 CVE-2022-3438 (Open Redirect in GitHub repository ikus060/rdiffweb prior to 2.5.0a4. ...)
 	- rdiffweb <itp> (bug #969974)
-CVE-2022-42731
-	RESERVED
+CVE-2022-42731 (mfa/FIDO2.py in django-mfa2 before 2.5.1 and 2.6.x before 2.6.1 allows ...)
+	TODO: check
 CVE-2022-42730
 	RESERVED
 CVE-2022-42729
@@ -760,7 +940,7 @@ CVE-2022-3408
 	RESERVED
 CVE-2022-3407
 	RESERVED
-CVE-2022-42457 (Generex CS141 before 2.08 allows remote command execution by administr ...)
+CVE-2022-42457 (Generex CS141 through 2.10 allows remote command execution by administ ...)
 	NOT-FOR-US: Generex CS141
 CVE-2022-42456
 	RESERVED
@@ -1228,14 +1408,14 @@ CVE-2022-42240
 	RESERVED
 CVE-2022-42239
 	RESERVED
-CVE-2022-42238
-	RESERVED
+CVE-2022-42238 (A Vertical Privilege Escalation issue in Merchandise Online Store v.1. ...)
+	TODO: check
 CVE-2022-42237
 	RESERVED
-CVE-2022-42236
-	RESERVED
-CVE-2022-42235
-	RESERVED
+CVE-2022-42236 (A Stored XSS issue in Merchandise Online Store v.1.0 allows to injecti ...)
+	TODO: check
+CVE-2022-42235 (A Stored XSS issue in Student Clearance System v.1.0 allows the inject ...)
+	TODO: check
 CVE-2022-42234
 	RESERVED
 CVE-2022-42233
@@ -1244,10 +1424,10 @@ CVE-2022-42232
 	RESERVED
 CVE-2022-42231
 	RESERVED
-CVE-2022-42230
-	RESERVED
-CVE-2022-42229
-	RESERVED
+CVE-2022-42230 (Simple Cold Storage Management System v1.0 is vulnerable to SQL Inject ...)
+	TODO: check
+CVE-2022-42229 (Wedding Planner v1.0 is vulnerable to Arbitrary code execution via pac ...)
+	TODO: check
 CVE-2022-42228
 	RESERVED
 CVE-2022-42227
@@ -1554,7 +1734,7 @@ CVE-2022-42077
 	RESERVED
 CVE-2022-42076
 	RESERVED
-CVE-2022-42075 (Wedding Planner v1.0 is vulnerable to has arbitrary code execution. ...)
+CVE-2022-42075 (Wedding Planner v1.0 is vulnerable to arbitrary code execution. ...)
 	NOT-FOR-US: Wedding Planner
 CVE-2022-42074 (Online Diagnostic Lab Management System v1.0 is vulnerable to SQL Inje ...)
 	NOT-FOR-US: Online Diagnostic Lab Management System
@@ -1636,8 +1816,8 @@ CVE-2022-42036
 	RESERVED
 CVE-2022-42035
 	RESERVED
-CVE-2022-42034
-	RESERVED
+CVE-2022-42034 (Wedding Planner v1.0 is vulnerable to arbitrary code execution via use ...)
+	TODO: check
 CVE-2022-42033
 	RESERVED
 CVE-2022-42032
@@ -2006,8 +2186,8 @@ CVE-2022-41853 (Those using java.sql.Statement or java.sql.PreparedStatement in
 CVE-2022-41852 (Those using JXPath to interpret untrusted XPath expressions may be vul ...)
 	- libcommons-jxpath-java <unfixed>
 	NOTE: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=47133
-CVE-2022-41851
-	RESERVED
+CVE-2022-41851 (A vulnerability has been identified in JTTK (All versions < V11.1.1 ...)
+	TODO: check
 CVE-2022-41836
 	RESERVED
 CVE-2022-41835
@@ -2247,8 +2427,7 @@ CVE-2022-3360
 	RESERVED
 CVE-2022-3359
 	RESERVED
-CVE-2022-3358
-	RESERVED
+CVE-2022-3358 (OpenSSL supports creating a custom cipher via the legacy EVP_CIPHER_me ...)
 	- openssl <unfixed>
 	[bullseye] - openssl <not-affected> (Only affects 3.x)
 	[buster] - openssl <not-affected> (Only affects 3.x)
@@ -2502,8 +2681,8 @@ CVE-2022-41667
 	RESERVED
 CVE-2022-41666
 	RESERVED
-CVE-2022-41665
-	RESERVED
+CVE-2022-41665 (A vulnerability has been identified in SICAM P850 (All versions < V ...)
+	TODO: check
 CVE-2022-41664
 	RESERVED
 CVE-2022-41663
@@ -3257,8 +3436,8 @@ CVE-2022-41378 (Online Pet Shop We App v1.0 was discovered to contain a SQL inje
 	NOT-FOR-US: Online Pet Shop We App
 CVE-2022-41377 (Online Pet Shop We App v1.0 was discovered to contain a SQL injection  ...)
 	NOT-FOR-US: Online Pet Shop We App
-CVE-2022-41376
-	RESERVED
+CVE-2022-41376 (Metro UI v4.4.0 to v4.5.0 was discovered to contain a reflected cross- ...)
+	TODO: check
 CVE-2022-41375
 	RESERVED
 CVE-2022-41374
@@ -4027,12 +4206,12 @@ CVE-2022-41085
 	RESERVED
 CVE-2022-41084
 	RESERVED
-CVE-2022-41083
-	RESERVED
+CVE-2022-41083 (Visual Studio Code Elevation of Privilege Vulnerability. ...)
+	TODO: check
 CVE-2022-41082 (Microsoft Exchange Server Remote Code Execution Vulnerability. ...)
 	NOT-FOR-US: Microsoft
-CVE-2022-41081
-	RESERVED
+CVE-2022-41081 (Windows Point-to-Point Tunneling Protocol Remote Code Execution Vulner ...)
+	TODO: check
 CVE-2022-41080
 	RESERVED
 CVE-2022-41079
@@ -4107,32 +4286,32 @@ CVE-2022-41045
 	RESERVED
 CVE-2022-41044
 	RESERVED
-CVE-2022-41043
-	RESERVED
-CVE-2022-41042
-	RESERVED
+CVE-2022-41043 (Microsoft Office Information Disclosure Vulnerability. ...)
+	TODO: check
+CVE-2022-41042 (Visual Studio Code Information Disclosure Vulnerability. ...)
+	TODO: check
 CVE-2022-41041
 	RESERVED
 CVE-2022-41040 (Microsoft Exchange Server Elevation of Privilege Vulnerability. ...)
 	NOT-FOR-US: Microsoft
 CVE-2022-41039
 	RESERVED
-CVE-2022-41038
-	RESERVED
-CVE-2022-41037
-	RESERVED
-CVE-2022-41036
-	RESERVED
-CVE-2022-41035
-	RESERVED
-CVE-2022-41034
-	RESERVED
-CVE-2022-41033
-	RESERVED
-CVE-2022-41032
-	RESERVED
-CVE-2022-41031
-	RESERVED
+CVE-2022-41038 (Microsoft SharePoint Server Remote Code Execution Vulnerability. This  ...)
+	TODO: check
+CVE-2022-41037 (Microsoft SharePoint Server Remote Code Execution Vulnerability. This  ...)
+	TODO: check
+CVE-2022-41036 (Microsoft SharePoint Server Remote Code Execution Vulnerability. This  ...)
+	TODO: check
+CVE-2022-41035 (Microsoft Edge (Chromium-based) Spoofing Vulnerability. ...)
+	TODO: check
+CVE-2022-41034 (Visual Studio Code Remote Code Execution Vulnerability. ...)
+	TODO: check
+CVE-2022-41033 (Windows COM+ Event System Service Elevation of Privilege Vulnerability ...)
+	TODO: check
+CVE-2022-41032 (NuGet Client Elevation of Privilege Vulnerability. ...)
+	TODO: check
+CVE-2022-41031 (Microsoft Word Remote Code Execution Vulnerability. ...)
+	TODO: check
 CVE-2022-40129
 	RESERVED
 CVE-2022-41030
@@ -4957,8 +5136,8 @@ CVE-2022-36404
 	RESERVED
 CVE-2022-35238 (Unauthenticated Plugin Settings Change vulnerability in Awesome Filter ...)
 	NOT-FOR-US: WordPress plugin
-CVE-2022-33978
-	RESERVED
+CVE-2022-33978 (Reflected Cross-Site Scripting (XSS) vulnerability FontMeister plugin  ...)
+	TODO: check
 CVE-2022-3216 (A vulnerability has been found in Nintendo Game Boy Color and classifi ...)
 	NOT-FOR-US: Nintendo Game Boy Color
 CVE-2022-3215 (NIOHTTP1 and projects using it for generating HTTP responses can be su ...)
@@ -5067,8 +5246,8 @@ CVE-2022-40635 (Improper Control of Dynamically-Managed Code Resources vulnerabi
 	NOT-FOR-US: Crafter Studio of Crafter CMS
 CVE-2022-40634 (Improper Control of Dynamically-Managed Code Resources vulnerability i ...)
 	NOT-FOR-US: Crafter Studio of Crafter CMS
-CVE-2022-40631
-	RESERVED
+CVE-2022-40631 (A vulnerability has been identified in SCALANCE X200-4P IRT (All versi ...)
+	TODO: check
 CVE-2022-38097
 	RESERVED
 CVE-2022-37332
@@ -6033,10 +6212,10 @@ CVE-2022-40229
 	RESERVED
 CVE-2022-40228
 	RESERVED
-CVE-2022-40227
-	RESERVED
-CVE-2022-40226
-	RESERVED
+CVE-2022-40227 (A vulnerability has been identified in SIMATIC HMI Comfort Panels (inc ...)
+	TODO: check
+CVE-2022-40226 (A vulnerability has been identified in SICAM P850 (All versions < V ...)
+	TODO: check
 CVE-2022-40225
 	RESERVED
 CVE-2022-40200
@@ -6133,20 +6312,20 @@ CVE-2022-40184
 	RESERVED
 CVE-2022-40183
 	RESERVED
-CVE-2022-40182
-	RESERVED
-CVE-2022-40181
-	RESERVED
-CVE-2022-40180
-	RESERVED
-CVE-2022-40179
-	RESERVED
-CVE-2022-40178
-	RESERVED
-CVE-2022-40177
-	RESERVED
-CVE-2022-40176
-	RESERVED
+CVE-2022-40182 (A vulnerability has been identified in Desigo PXM30-1 (All versions &l ...)
+	TODO: check
+CVE-2022-40181 (A vulnerability has been identified in Desigo PXM30-1 (All versions &l ...)
+	TODO: check
+CVE-2022-40180 (A vulnerability has been identified in Desigo PXM30-1 (All versions &l ...)
+	TODO: check
+CVE-2022-40179 (A vulnerability has been identified in Desigo PXM30-1 (All versions &l ...)
+	TODO: check
+CVE-2022-40178 (A vulnerability has been identified in Desigo PXM30-1 (All versions &l ...)
+	TODO: check
+CVE-2022-40177 (A vulnerability has been identified in Desigo PXM30-1 (All versions &l ...)
+	TODO: check
+CVE-2022-40176 (A vulnerability has been identified in Desigo PXM30-1 (All versions &l ...)
+	TODO: check
 CVE-2022-3162
 	RESERVED
 CVE-2022-3161
@@ -6222,8 +6401,8 @@ CVE-2022-40149 (Those using Jettison to parse untrusted XML or JSON data may be
 	TODO: check
 CVE-2022-40148
 	RESERVED
-CVE-2022-40147
-	RESERVED
+CVE-2022-40147 (A vulnerability has been identified in Industrial Edge Management (All ...)
+	TODO: check
 CVE-2022-40146 (Server-Side Request Forgery (SSRF) vulnerability in Batik of Apache XM ...)
 	- batik 1.15+dfsg-1 (bug #1020589)
 	[bullseye] - batik <no-dsa> (Minor issue)
@@ -6480,8 +6659,8 @@ CVE-2022-40049
 	RESERVED
 CVE-2022-40048 (Flatpress v1.2.1 was discovered to contain a remote code execution (RC ...)
 	NOT-FOR-US: Flatpress
-CVE-2022-40047
-	RESERVED
+CVE-2022-40047 (Flatpress v1.2.1 was discovered to contain a reflected cross-site scri ...)
+	TODO: check
 CVE-2022-40046
 	RESERVED
 CVE-2022-40045
@@ -8102,8 +8281,8 @@ CVE-2022-39298
 	RESERVED
 CVE-2022-39297
 	RESERVED
-CVE-2022-39296
-	RESERVED
+CVE-2022-39296 (MelisAssetManager provides deliveries of Melis Platform's assets locat ...)
+	TODO: check
 CVE-2022-39295
 	RESERVED
 CVE-2022-39294
@@ -8168,8 +8347,8 @@ CVE-2022-39273 (FlyteAdmin is the control plane for the data processing platform
 	NOT-FOR-US: FlyteAdmin
 CVE-2022-39272
 	RESERVED
-CVE-2022-39271
-	RESERVED
+CVE-2022-39271 (Traefik (pronounced traffic) is a modern HTTP reverse proxy and load b ...)
+	TODO: check
 CVE-2022-39270 (DiscoTOC is a Discourse theme component that generates a table of cont ...)
 	NOT-FOR-US: DiscoTOC Discourse theme
 CVE-2022-39269 (PJSIP is a free and open source multimedia communication library writt ...)
@@ -8195,7 +8374,7 @@ CVE-2022-39263 (`@next-auth/upstash-redis-adapter` is the Upstash Redis adapter
 CVE-2022-39262
 	RESERVED
 CVE-2022-39261 (Twig is a template language for PHP. Versions 1.x prior to 1.44.7, 2.x ...)
-	{DSA-5248-1}
+	{DSA-5248-1 DLA-3147-1}
 	- php-twig 3.4.3-1 (bug #1020991)
 	- twig <removed>
 	NOTE: https://github.com/twigphp/Twig/security/advisories/GHSA-52m2-vc4m-jj33
@@ -10554,8 +10733,8 @@ CVE-2022-2909 (A vulnerability was found in SourceCodester Simple and Nice Shopp
 	NOT-FOR-US: SourceCodester Simple and Nice Shopping Cart Script
 CVE-2022-38466 (A vulnerability has been identified in CoreShield One-Way Gateway (OWG ...)
 	NOT-FOR-US: CoreShield One-Way Gateway (OWG)
-CVE-2022-38465
-	RESERVED
+CVE-2022-38465 (A vulnerability has been identified in SIMATIC Drive Controller family ...)
+	TODO: check
 CVE-2022-38089 (Stored cross-site scripting vulnerability in Exment ((PHP8) exceedone/ ...)
 	NOT-FOR-US: Exment
 CVE-2022-38080 (Reflected cross-site scripting vulnerability in Exment ((PHP8) exceedo ...)
@@ -10865,8 +11044,8 @@ CVE-2022-38390
 	RESERVED
 CVE-2022-38389
 	RESERVED
-CVE-2022-38388
-	RESERVED
+CVE-2022-38388 (IBM Navigator Mobile Android 3.4.1.1 and 3.4.1.2 app could allow a loc ...)
+	TODO: check
 CVE-2022-38387
 	RESERVED
 CVE-2022-38386
@@ -10978,8 +11157,8 @@ CVE-2022-38373
 	RESERVED
 CVE-2022-38372
 	RESERVED
-CVE-2022-38371
-	RESERVED
+CVE-2022-38371 (A vulnerability has been identified in Nucleus NET (All versions), Nuc ...)
+	TODO: check
 CVE-2022-38370 (Apache IoTDB grafana-connector version 0.13.0 contains an interface wi ...)
 	NOT-FOR-US: Apache IoTDB
 CVE-2022-38369 (Apache IoTDB version 0.13.0 is vulnerable by session id attack. Users  ...)
@@ -11953,82 +12132,82 @@ CVE-2022-2727 (A vulnerability was found in SourceCodester Gym Management System
 	NOT-FOR-US: SourceCodester Gym Management System
 CVE-2022-2726 (A vulnerability classified as critical has been found in SEMCMS. This  ...)
 	NOT-FOR-US: SEMCMS
-CVE-2022-38053
-	RESERVED
+CVE-2022-38053 (Microsoft SharePoint Server Remote Code Execution Vulnerability. This  ...)
+	TODO: check
 CVE-2022-38052
 	RESERVED
-CVE-2022-38051
-	RESERVED
-CVE-2022-38050
-	RESERVED
-CVE-2022-38049
-	RESERVED
-CVE-2022-38048
-	RESERVED
-CVE-2022-38047
-	RESERVED
-CVE-2022-38046
-	RESERVED
-CVE-2022-38045
-	RESERVED
-CVE-2022-38044
-	RESERVED
-CVE-2022-38043
-	RESERVED
-CVE-2022-38042
-	RESERVED
-CVE-2022-38041
-	RESERVED
-CVE-2022-38040
-	RESERVED
-CVE-2022-38039
-	RESERVED
-CVE-2022-38038
-	RESERVED
-CVE-2022-38037
-	RESERVED
-CVE-2022-38036
-	RESERVED
+CVE-2022-38051 (Windows Graphics Component Elevation of Privilege Vulnerability. This  ...)
+	TODO: check
+CVE-2022-38050 (Win32k Elevation of Privilege Vulnerability. ...)
+	TODO: check
+CVE-2022-38049 (Microsoft Office Graphics Remote Code Execution Vulnerability. ...)
+	TODO: check
+CVE-2022-38048 (Microsoft Office Remote Code Execution Vulnerability. ...)
+	TODO: check
+CVE-2022-38047 (Windows Point-to-Point Tunneling Protocol Remote Code Execution Vulner ...)
+	TODO: check
+CVE-2022-38046 (Web Account Manager Information Disclosure Vulnerability. ...)
+	TODO: check
+CVE-2022-38045 (Server Service Remote Protocol Elevation of Privilege Vulnerability. ...)
+	TODO: check
+CVE-2022-38044 (Windows CD-ROM File System Driver Remote Code Execution Vulnerability. ...)
+	TODO: check
+CVE-2022-38043 (Windows Security Support Provider Interface Information Disclosure Vul ...)
+	TODO: check
+CVE-2022-38042 (Active Directory Domain Services Elevation of Privilege Vulnerability. ...)
+	TODO: check
+CVE-2022-38041 (Windows Secure Channel Denial of Service Vulnerability. ...)
+	TODO: check
+CVE-2022-38040 (Microsoft ODBC Driver Remote Code Execution Vulnerability. ...)
+	TODO: check
+CVE-2022-38039 (Windows Kernel Elevation of Privilege Vulnerability. This CVE ID is un ...)
+	TODO: check
+CVE-2022-38038 (Windows Kernel Elevation of Privilege Vulnerability. This CVE ID is un ...)
+	TODO: check
+CVE-2022-38037 (Windows Kernel Elevation of Privilege Vulnerability. This CVE ID is un ...)
+	TODO: check
+CVE-2022-38036 (Internet Key Exchange (IKE) Protocol Denial of Service Vulnerability. ...)
+	TODO: check
 CVE-2022-38035
 	RESERVED
-CVE-2022-38034
-	RESERVED
-CVE-2022-38033
-	RESERVED
-CVE-2022-38032
-	RESERVED
-CVE-2022-38031
-	RESERVED
-CVE-2022-38030
-	RESERVED
-CVE-2022-38029
-	RESERVED
-CVE-2022-38028
-	RESERVED
-CVE-2022-38027
-	RESERVED
-CVE-2022-38026
-	RESERVED
-CVE-2022-38025
-	RESERVED
+CVE-2022-38034 (Windows Workstation Service Elevation of Privilege Vulnerability. ...)
+	TODO: check
+CVE-2022-38033 (Windows Server Remotely Accessible Registry Keys Information Disclosur ...)
+	TODO: check
+CVE-2022-38032 (Windows Portable Device Enumerator Service Security Feature Bypass Vul ...)
+	TODO: check
+CVE-2022-38031 (Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vu ...)
+	TODO: check
+CVE-2022-38030 (Windows USB Serial Driver Information Disclosure Vulnerability. ...)
+	TODO: check
+CVE-2022-38029 (Windows ALPC Elevation of Privilege Vulnerability. ...)
+	TODO: check
+CVE-2022-38028 (Windows Print Spooler Elevation of Privilege Vulnerability. ...)
+	TODO: check
+CVE-2022-38027 (Windows Storage Elevation of Privilege Vulnerability. ...)
+	TODO: check
+CVE-2022-38026 (Windows DHCP Client Information Disclosure Vulnerability. ...)
+	TODO: check
+CVE-2022-38025 (Windows Distributed File System (DFS) Information Disclosure Vulnerabi ...)
+	TODO: check
 CVE-2022-38024
 	RESERVED
 CVE-2022-38023
 	RESERVED
-CVE-2022-38022
-	RESERVED
-CVE-2022-38021
-	RESERVED
+CVE-2022-38022 (Windows Kernel Elevation of Privilege Vulnerability. This CVE ID is un ...)
+	TODO: check
+CVE-2022-38021 (Connected User Experiences and Telemetry Elevation of Privilege Vulner ...)
+	TODO: check
 CVE-2022-38020 (Visual Studio Code Elevation of Privilege Vulnerability. ...)
 	NOT-FOR-US: Microsoft
 CVE-2022-38019 (AV1 Video Extension Remote Code Execution Vulnerability. ...)
 	NOT-FOR-US: Microsoft
 CVE-2022-38018
 	RESERVED
-CVE-2022-38017
-	RESERVED
-CVE-2022-38016
-	RESERVED
+CVE-2022-38017 (StorSimple 8000 Series Elevation of Privilege Vulnerability. ...)
+	TODO: check
+CVE-2022-38016 (Windows Local Security Authority (LSA) Elevation of Privilege Vulnerab ...)
+	TODO: check
 CVE-2022-38015
 	RESERVED
 CVE-2022-38014
@@ -12053,84 +12232,84 @@ CVE-2022-38005 (Windows Print Spooler Elevation of Privilege Vulnerability. ...)
 	NOT-FOR-US: Microsoft
 CVE-2022-38004 (Windows Fax Service Remote Code Execution Vulnerability. ...)
 	NOT-FOR-US: Microsoft
-CVE-2022-38003
-	RESERVED
+CVE-2022-38003 (Windows Resilient File System Elevation of Privilege. ...)
+	TODO: check
 CVE-2022-38002
 	RESERVED
-CVE-2022-38001
-	RESERVED
-CVE-2022-38000
-	RESERVED
-CVE-2022-37999
-	RESERVED
-CVE-2022-37998
-	RESERVED
-CVE-2022-37997
-	RESERVED
-CVE-2022-37996
-	RESERVED
-CVE-2022-37995
-	RESERVED
-CVE-2022-37994
-	RESERVED
-CVE-2022-37993
-	RESERVED
+CVE-2022-38001 (Microsoft Office Spoofing Vulnerability. ...)
+	TODO: check
+CVE-2022-38000 (Windows Point-to-Point Tunneling Protocol Remote Code Execution Vulner ...)
+	TODO: check
+CVE-2022-37999 (Windows Group Policy Preference Client Elevation of Privilege Vulnerab ...)
+	TODO: check
+CVE-2022-37998 (Windows Local Session Manager (LSM) Denial of Service Vulnerability. T ...)
+	TODO: check
+CVE-2022-37997 (Windows Graphics Component Elevation of Privilege Vulnerability. This  ...)
+	TODO: check
+CVE-2022-37996 (Windows Kernel Memory Information Disclosure Vulnerability. ...)
+	TODO: check
+CVE-2022-37995 (Windows Kernel Elevation of Privilege Vulnerability. This CVE ID is un ...)
+	TODO: check
+CVE-2022-37994 (Windows Group Policy Preference Client Elevation of Privilege Vulnerab ...)
+	TODO: check
+CVE-2022-37993 (Windows Group Policy Preference Client Elevation of Privilege Vulnerab ...)
+	TODO: check
 CVE-2022-37992
 	RESERVED
-CVE-2022-37991
-	RESERVED
-CVE-2022-37990
-	RESERVED
-CVE-2022-37989
-	RESERVED
-CVE-2022-37988
-	RESERVED
-CVE-2022-37987
-	RESERVED
-CVE-2022-37986
-	RESERVED
-CVE-2022-37985
-	RESERVED
-CVE-2022-37984
-	RESERVED
-CVE-2022-37983
-	RESERVED
-CVE-2022-37982
-	RESERVED
-CVE-2022-37981
-	RESERVED
-CVE-2022-37980
-	RESERVED
-CVE-2022-37979
-	RESERVED
-CVE-2022-37978
-	RESERVED
-CVE-2022-37977
-	RESERVED
-CVE-2022-37976
-	RESERVED
-CVE-2022-37975
-	RESERVED
-CVE-2022-37974
-	RESERVED
-CVE-2022-37973
-	RESERVED
+CVE-2022-37991 (Windows Kernel Elevation of Privilege Vulnerability. This CVE ID is un ...)
+	TODO: check
+CVE-2022-37990 (Windows Kernel Elevation of Privilege Vulnerability. This CVE ID is un ...)
+	TODO: check
+CVE-2022-37989 (Windows Client Server Run-time Subsystem (CSRSS) Elevation of Privileg ...)
+	TODO: check
+CVE-2022-37988 (Windows Kernel Elevation of Privilege Vulnerability. This CVE ID is un ...)
+	TODO: check
+CVE-2022-37987 (Windows Client Server Run-time Subsystem (CSRSS) Elevation of Privileg ...)
+	TODO: check
+CVE-2022-37986 (Windows Win32k Elevation of Privilege Vulnerability. ...)
+	TODO: check
+CVE-2022-37985 (Windows Graphics Component Information Disclosure Vulnerability. ...)
+	TODO: check
+CVE-2022-37984 (Windows WLAN Service Elevation of Privilege Vulnerability. ...)
+	TODO: check
+CVE-2022-37983 (Microsoft DWM Core Library Elevation of Privilege Vulnerability. ...)
+	TODO: check
+CVE-2022-37982 (Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vu ...)
+	TODO: check
+CVE-2022-37981 (Windows Event Logging Service Denial of Service Vulnerability. ...)
+	TODO: check
+CVE-2022-37980 (Windows DHCP Client Elevation of Privilege Vulnerability. ...)
+	TODO: check
+CVE-2022-37979 (Windows Hyper-V Elevation of Privilege Vulnerability. ...)
+	TODO: check
+CVE-2022-37978 (Windows Active Directory Certificate Services Security Feature Bypass. ...)
+	TODO: check
+CVE-2022-37977 (Local Security Authority Subsystem Service (LSASS) Denial of Service V ...)
+	TODO: check
+CVE-2022-37976 (Active Directory Certificate Services Elevation of Privilege Vulnerabi ...)
+	TODO: check
+CVE-2022-37975 (Windows Group Policy Elevation of Privilege Vulnerability. ...)
+	TODO: check
+CVE-2022-37974 (Windows Mixed Reality Developer Tools Information Disclosure Vulnerabi ...)
+	TODO: check
+CVE-2022-37973 (Windows Local Session Manager (LSM) Denial of Service Vulnerability. T ...)
+	TODO: check
 CVE-2022-37972 (Microsoft Endpoint Configuration Manager Spoofing Vulnerability. ...)
 	NOT-FOR-US: Microsoft
-CVE-2022-37971
-	RESERVED
-CVE-2022-37970
-	RESERVED
+CVE-2022-37971 (Microsoft Windows Defender Elevation of Privilege Vulnerability. ...)
+	TODO: check
+CVE-2022-37970 (Windows DWM Core Library Elevation of Privilege Vulnerability. ...)
+	TODO: check
 CVE-2022-37969 (Windows Common Log File System Driver Elevation of Privilege Vulnerabi ...)
 	NOT-FOR-US: Microsoft
-CVE-2022-37968
-	RESERVED
+CVE-2022-37968 (Azure Arc-enabled Kubernetes cluster Connect Elevation of Privilege Vu ...)
+	TODO: check
 CVE-2022-37967
 	RESERVED
 CVE-2022-37966
 	RESERVED
-CVE-2022-37965
-	RESERVED
+CVE-2022-37965 (Windows Point-to-Point Tunneling Protocol Denial of Service Vulnerabil ...)
+	TODO: check
 CVE-2022-37964 (Windows Kernel Elevation of Privilege Vulnerability. This CVE ID is un ...)
 	NOT-FOR-US: Microsoft
 CVE-2022-37963 (Microsoft Office Visio Remote Code Execution Vulnerability. This CVE I ...)
@@ -12347,8 +12526,8 @@ CVE-2022-37866
 	RESERVED
 CVE-2022-37865
 	RESERVED
-CVE-2022-37864
-	RESERVED
+CVE-2022-37864 (A vulnerability has been identified in Solid Edge (All Versions < S ...)
+	TODO: check
 CVE-2022-35733 (Missing authentication for critical function vulnerability in UNIMO Te ...)
 	NOT-FOR-US: Technology digital video recorders firmware
 CVE-2022-2719 (In ImageMagick, a crafted file could trigger an assertion failure when ...)
@@ -12908,8 +13087,8 @@ CVE-2022-37611
 	RESERVED
 CVE-2022-37610
 	RESERVED
-CVE-2022-37609
-	RESERVED
+CVE-2022-37609 (Prototype pollution vulnerability in beautify-web js-beautify 1.13.7 v ...)
+	TODO: check
 CVE-2022-37608
 	RESERVED
 CVE-2022-37607
@@ -12928,8 +13107,8 @@ CVE-2022-37601
 	RESERVED
 CVE-2022-37600
 	RESERVED
-CVE-2022-37599
-	RESERVED
+CVE-2022-37599 (A Regular expression denial of service (ReDoS) flaw was found in Funct ...)
+	TODO: check
 CVE-2022-37598
 	RESERVED
 CVE-2022-37597
@@ -16129,14 +16308,14 @@ CVE-2022-2507
 	RESERVED
 CVE-2022-2506
 	RESERVED
-CVE-2022-36363
-	RESERVED
-CVE-2022-36362
-	RESERVED
-CVE-2022-36361
-	RESERVED
-CVE-2022-36360
-	RESERVED
+CVE-2022-36363 (A vulnerability has been identified in LOGO! 8 BM (incl. SIPLUS varian ...)
+	TODO: check
+CVE-2022-36362 (A vulnerability has been identified in LOGO! 8 BM (incl. SIPLUS varian ...)
+	TODO: check
+CVE-2022-36361 (A vulnerability has been identified in LOGO! 8 BM (incl. SIPLUS varian ...)
+	TODO: check
+CVE-2022-36360 (A vulnerability has been identified in LOGO! 8 BM (incl. SIPLUS varian ...)
+	TODO: check
 CVE-2022-35239 (The image file management page of SolarView Compact SV-CPT-MC310 Ver.7 ...)
 	NOT-FOR-US: SolarView Compact SV-CPT-MC310
 CVE-2022-2505
@@ -17611,8 +17790,8 @@ CVE-2022-35831 (Windows Remote Access Connection Manager Information Disclosure
 	NOT-FOR-US: Microsoft
 CVE-2022-35830 (Remote Procedure Call Runtime Remote Code Execution Vulnerability. ...)
 	NOT-FOR-US: Microsoft
-CVE-2022-35829
-	RESERVED
+CVE-2022-35829 (Service Fabric Explorer Spoofing Vulnerability. ...)
+	TODO: check
 CVE-2022-35828 (Microsoft Defender for Endpoint for Mac Elevation of Privilege Vulnera ...)
 	NOT-FOR-US: Microsoft
 CVE-2022-35827 (Visual Studio Remote Code Execution Vulnerability. This CVE ID is uniq ...)
@@ -17729,8 +17908,8 @@ CVE-2022-35772 (Azure Site Recovery Remote Code Execution Vulnerability. This CV
 	NOT-FOR-US: Microsoft
 CVE-2022-35771 (Windows Defender Credential Guard Elevation of Privilege Vulnerability ...)
 	NOT-FOR-US: Microsoft
-CVE-2022-35770
-	RESERVED
+CVE-2022-35770 (Windows NTLM Spoofing Vulnerability. ...)
+	TODO: check
 CVE-2022-35769 (Windows Point-to-Point Protocol (PPP) Denial of Service Vulnerability. ...)
 	NOT-FOR-US: Microsoft
 CVE-2022-35768 (Windows Kernel Elevation of Privilege Vulnerability. This CVE ID is un ...)
@@ -20737,8 +20916,8 @@ CVE-2022-34691 (Active Directory Domain Services Elevation of Privilege Vulnerab
 	NOT-FOR-US: Microsoft
 CVE-2022-34690 (Windows Fax Service Elevation of Privilege Vulnerability. ...)
 	NOT-FOR-US: Microsoft
-CVE-2022-34689
-	RESERVED
+CVE-2022-34689 (Windows CryptoAPI Spoofing Vulnerability. ...)
+	TODO: check
 CVE-2022-34688
 	RESERVED
 CVE-2022-34687 (Azure RTOS GUIX Studio Remote Code Execution Vulnerability. This CVE I ...)
@@ -21491,24 +21670,24 @@ CVE-2022-34436
 	RESERVED
 CVE-2022-34435
 	RESERVED
-CVE-2022-34434
-	RESERVED
+CVE-2022-34434 (Cloud Mobility for Dell Storage versions 1.3.0 and earlier contains an ...)
+	TODO: check
 CVE-2022-34433
 	RESERVED
-CVE-2022-34432
-	RESERVED
-CVE-2022-34431
-	RESERVED
-CVE-2022-34430
-	RESERVED
+CVE-2022-34432 (Dell Hybrid Client below 1.8 version contains a gedit vulnerability. A ...)
+	TODO: check
+CVE-2022-34431 (Dell Hybrid Client below 1.8 version contains a guest user profile cor ...)
+	TODO: check
+CVE-2022-34430 (Dell Hybrid Client below 1.8 version contains a Zip Bomb Vulnerability ...)
+	TODO: check
 CVE-2022-34429 (Dell Hybrid Client below 1.8 version contains a Zip Slip Vulnerability ...)
 	NOT-FOR-US: Dell
 CVE-2022-34428 (Dell Hybrid Client prior to version 1.8 contains a Regular Expression  ...)
 	NOT-FOR-US: Dell
-CVE-2022-34427
-	RESERVED
-CVE-2022-34426
-	RESERVED
+CVE-2022-34427 (Dell Container Storage Modules 1.2 contains an OS Command Injection in ...)
+	TODO: check
+CVE-2022-34426 (Dell Container Storage Modules 1.2 contains an Improper Limitation of  ...)
+	TODO: check
 CVE-2022-34425 (Dell Enterprise SONiC OS, 4.0.0, 4.0.1, contain a cryptographic key vu ...)
 	NOT-FOR-US: Dell
 CVE-2022-34424 (Networking OS10, versions 10.5.1.x, 10.5.2.x, and 10.5.3.x contain a v ...)
@@ -23396,23 +23575,19 @@ CVE-2022-33751 (CA Automic Automation 12.2 and 12.3 contain an insecure memory h
 	NOT-FOR-US: CA Automic Automation
 CVE-2022-33750 (CA Automic Automation 12.2 and 12.3 contain an authentication error vu ...)
 	NOT-FOR-US: CA Automic Automation
-CVE-2022-33749
-	RESERVED
+CVE-2022-33749 (XAPI open file limit DoS It is possible for an unauthenticated client  ...)
 	- xen <unfixed>
 	[buster] - xen <end-of-life> (DSA 4677-1)
 	NOTE: https://xenbits.xen.org/xsa/advisory-413.html
-CVE-2022-33748
-	RESERVED
+CVE-2022-33748 (lock order inversion in transitive grant copy handling As part of XSA- ...)
 	- xen <unfixed>
 	[buster] - xen <end-of-life> (DSA 4677-1)
 	NOTE: https://xenbits.xen.org/xsa/advisory-411.html
-CVE-2022-33747
-	RESERVED
+CVE-2022-33747 (Arm: unbounded memory consumption for 2nd-level page tables Certain ac ...)
 	- xen <unfixed>
 	[buster] - xen <end-of-life> (DSA 4677-1)
 	NOTE: https://xenbits.xen.org/xsa/advisory-409.html
-CVE-2022-33746
-	RESERVED
+CVE-2022-33746 (P2M pool freeing may take excessively long The P2M pool backing second ...)
 	- xen <unfixed>
 	[buster] - xen <end-of-life> (DSA 4677-1)
 	NOTE: https://xenbits.xen.org/xsa/advisory-410.html
@@ -23650,8 +23825,8 @@ CVE-2022-33647 (Windows Kerberos Elevation of Privilege Vulnerability. This CVE
 	NOT-FOR-US: Microsoft
 CVE-2022-33646 (Azure Batch Node Agent Elevation of Privilege Vulnerability. ...)
 	NOT-FOR-US: Microsoft
-CVE-2022-33645
-	RESERVED
+CVE-2022-33645 (Windows TCP/IP Driver Denial of Service Vulnerability. ...)
+	TODO: check
 CVE-2022-33644 (Xbox Live Save Service Elevation of Privilege Vulnerability. ...)
 	NOT-FOR-US: Microsoft
 CVE-2022-33643 (Azure Site Recovery Elevation of Privilege Vulnerability. This CVE ID  ...)
@@ -23670,10 +23845,10 @@ CVE-2022-33637 (Microsoft Defender for Endpoint Tampering Vulnerability. ...)
 	NOT-FOR-US: Microsoft
 CVE-2022-33636 (Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability. ...)
 	NOT-FOR-US: Microsoft
-CVE-2022-33635
-	RESERVED
-CVE-2022-33634
-	RESERVED
+CVE-2022-33635 (Windows GDI+ Remote Code Execution Vulnerability. ...)
+	TODO: check
+CVE-2022-33634 (Windows Point-to-Point Tunneling Protocol Remote Code Execution Vulner ...)
+	TODO: check
 CVE-2022-33633 (Skype for Business and Lync Remote Code Execution Vulnerability. ...)
 	NOT-FOR-US: Skype for Business and Lync
 CVE-2022-33632 (Microsoft Office Security Feature Bypass Vulnerability. ...)
@@ -24685,7 +24860,7 @@ CVE-2022-33147 (A sql injection vulnerability exists in the ObjectYPT functional
 	NOT-FOR-US: WWBN AVideo
 CVE-2022-33140 (The optional ShellUserGroupProvider in Apache NiFi 1.10.0 to 1.16.2 an ...)
 	NOT-FOR-US: Apache NiFi
-CVE-2022-33139 (A vulnerability has been identified in SIMATIC WinCC OA V3.16 (All ver ...)
+CVE-2022-33139 (A vulnerability has been identified in Cerberus DMS (All versions), De ...)
 	NOT-FOR-US: Siemens
 CVE-2022-33138 (A vulnerability has been identified in SIMATIC MV540 H (All versions & ...)
 	NOT-FOR-US: Siemens
@@ -26349,8 +26524,8 @@ CVE-2022-32494
 	RESERVED
 CVE-2022-32493
 	RESERVED
-CVE-2022-32492
-	RESERVED
+CVE-2022-32492 (Dell BIOS contains an improper input validation vulnerability. A local ...)
+	TODO: check
 CVE-2022-32491
 	RESERVED
 CVE-2022-32490
@@ -26361,8 +26536,8 @@ CVE-2022-32488
 	RESERVED
 CVE-2022-32487
 	RESERVED
-CVE-2022-32486
-	RESERVED
+CVE-2022-32486 (Dell BIOS contains an improper input validation vulnerability. A local ...)
+	TODO: check
 CVE-2022-32485
 	RESERVED
 CVE-2022-32484
@@ -27344,10 +27519,10 @@ CVE-2022-32177
 	RESERVED
 CVE-2022-32176
 	RESERVED
-CVE-2022-32175
-	RESERVED
-CVE-2022-32174
-	RESERVED
+CVE-2022-32175 (In AdGuardHome, versions v0.95 through v0.108.0-b.13 are vulnerable to ...)
+	TODO: check
+CVE-2022-32174 (In Gogs, versions v0.6.5 through v0.12.10 are vulnerable to Stored Cro ...)
+	TODO: check
 CVE-2022-32173 (In OrchardCore rc1-11259 to v1.2.2 vulnerable to HTML injection, allow ...)
 	NOT-FOR-US: Orchard CMS
 CVE-2022-32172 (In Zinc, versions v0.1.9 through v0.3.1 are vulnerable to Stored Cross ...)
@@ -28385,10 +28560,10 @@ CVE-2022-31768 (IBM InfoSphere Information Server 11.7 is vulnerable to SQL inje
 	NOT-FOR-US: IBM
 CVE-2022-31767 (IBM CICS TX Standard and Advanced 11.1 could allow a remote attacker t ...)
 	NOT-FOR-US: IBM
-CVE-2022-31766
-	RESERVED
-CVE-2022-31765
-	RESERVED
+CVE-2022-31766 (A vulnerability has been identified in RUGGEDCOM RM1224 LTE(4G) EU (Al ...)
+	TODO: check
+CVE-2022-31765 (Affected devices do not properly authorize the change password functio ...)
+	TODO: check
 CVE-2022-31764
 	RESERVED
 CVE-2022-1925 (DOS / potential heap overwrite in mkv demuxing using HEADERSTRIP decom ...)
@@ -33290,8 +33465,8 @@ CVE-2022-30200 (Windows Lightweight Directory Access Protocol (LDAP) Remote Code
 	NOT-FOR-US: Microsoft
 CVE-2022-30199
 	RESERVED
-CVE-2022-30198
-	RESERVED
+CVE-2022-30198 (Windows Point-to-Point Tunneling Protocol Remote Code Execution Vulner ...)
+	TODO: check
 CVE-2022-30197 (Windows Kernel Information Disclosure Vulnerability. This CVE ID is un ...)
 	NOT-FOR-US: Microsoft
 CVE-2022-30196 (Windows Secure Channel Denial of Service Vulnerability. This CVE ID is ...)
@@ -46577,7 +46752,7 @@ CVE-2022-25636 (net/netfilter/nf_dup_netdev.c in the Linux kernel 5.4 through 5.
 	[stretch] - linux <not-affected> (Vulnerable code not present)
 	NOTE: https://www.openwall.com/lists/oss-security/2022/02/21/2
 	NOTE: https://nickgregory.me/linux/security/2022/03/12/cve-2022-25636/
-CVE-2022-25622 (A vulnerability has been identified in SIMATIC CFU DIQ (All versions), ...)
+CVE-2022-25622 (A vulnerability has been identified in SIMATIC CFU DIQ, SIMATIC CFU PA ...)
 	NOT-FOR-US: Siemens
 CVE-2022-25621 (UUNIVERGE WA 1020 Ver8.2.11 and prior, UNIVERGE WA 1510 Ver8.2.11 and  ...)
 	NOT-FOR-US: UUNIVERGE
@@ -47384,7 +47559,7 @@ CVE-2022-25313 (In Expat (aka libexpat) before 2.4.5, an attacker can trigger st
 	- expat 2.4.5-1
 	NOTE: https://github.com/libexpat/libexpat/pull/558
 	NOTE: https://github.com/libexpat/libexpat/commit/9b4ce651b26557f16103c3a366c91934ecd439ab
-CVE-2022-25311 (A vulnerability has been identified in SINEC NMS (All versions). The a ...)
+CVE-2022-25311 (A vulnerability has been identified in SINEC NMS (All versions < V1 ...)
 	NOT-FOR-US: Siemens
 CVE-2022-25310 (A segmentation fault (SEGV) flaw was found in the Fribidi package and  ...)
 	{DLA-2974-1}
@@ -50041,8 +50216,8 @@ CVE-2022-24506 (Azure Site Recovery Elevation of Privilege Vulnerability. This C
 	NOT-FOR-US: Microsoft
 CVE-2022-24505 (Windows ALPC Elevation of Privilege Vulnerability. This CVE ID is uniq ...)
 	NOT-FOR-US: Microsoft
-CVE-2022-24504
-	RESERVED
+CVE-2022-24504 (Windows Point-to-Point Tunneling Protocol Remote Code Execution Vulner ...)
+	TODO: check
 CVE-2022-24503 (Remote Desktop Protocol Client Information Disclosure Vulnerability. ...)
 	NOT-FOR-US: Microsoft
 CVE-2022-24502 (Windows HTML Platforms Security Feature Bypass Vulnerability. ...)
@@ -50882,9 +51057,9 @@ CVE-2021-4218 (A flaw was found in the Linux kernel’s implementation of re
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=2048359
 	NOTE: Issue is specific to CentOS/RHEL. In mainline, xprtrdma always used copy_to_user()
 	NOTE: until the general conversion of sysctls to use a kernel buffer.
-CVE-2022-24282 (A vulnerability has been identified in SINEC NMS (All versions). The a ...)
+CVE-2022-24282 (A vulnerability has been identified in SINEC NMS (All versions < V1 ...)
 	NOT-FOR-US: Siemens
-CVE-2022-24281 (A vulnerability has been identified in SINEC NMS (All versions). A pri ...)
+CVE-2022-24281 (A vulnerability has been identified in SINEC NMS (All versions < V1 ...)
 	NOT-FOR-US: Siemens
 CVE-2022-24280 (Improper Input Validation vulnerability in Proxy component of Apache P ...)
 	NOT-FOR-US: Apache Pulsar
@@ -61285,8 +61460,8 @@ CVE-2022-22037 (Windows Advanced Local Procedure Call Elevation of Privilege Vul
 	NOT-FOR-US: Microsoft
 CVE-2022-22036 (Performance Counters for Windows Elevation of Privilege Vulnerability. ...)
 	NOT-FOR-US: Microsoft
-CVE-2022-22035
-	RESERVED
+CVE-2022-22035 (Windows Point-to-Point Tunneling Protocol Remote Code Execution Vulner ...)
+	TODO: check
 CVE-2022-22034 (Windows Graphics Component Elevation of Privilege Vulnerability. ...)
 	NOT-FOR-US: Microsoft
 CVE-2022-22033
@@ -87419,8 +87594,8 @@ CVE-2021-36915
 	RESERVED
 CVE-2021-36914 (Cross-Site Request Forgery (CSRF) vulnerability leading to Reflected C ...)
 	NOT-FOR-US: WordPress plugin
-CVE-2021-36913
-	RESERVED
+CVE-2021-36913 (Unauthenticated Options Change and Content Injection vulnerability in  ...)
+	TODO: check
 CVE-2021-36912 (Stored Cross-Site Scripting (XSS) vulnerability in Andrea Pernici News ...)
 	NOT-FOR-US: WordPress plugin
 CVE-2021-36911 (Stored Cross-Site Scripting (XSS) vulnerability discovered in WordPres ...)
@@ -87447,8 +87622,8 @@ CVE-2021-36901 (Unauthenticated Stored Cross-Site Scripting (XSS) vulnerability
 	NOT-FOR-US: WordPress plugin
 CVE-2021-36900
 	RESERVED
-CVE-2021-36899
-	RESERVED
+CVE-2021-36899 (Authenticated (admin+) Reflected Cross-Site Scripting (XSS) vulnerabil ...)
+	TODO: check
 CVE-2021-36898
 	RESERVED
 CVE-2021-36897



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/bc70e37ddf6180ec114d322d65ddb4cab91dc7bc

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/bc70e37ddf6180ec114d322d65ddb4cab91dc7bc
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20221011/2f31ecc0/attachment-0001.htm>
