web/security: Add more CVE# for 4.3 and 4.4