automatic update

7 files changed, 512 insertions, 79 deletions

diff --git a/data/CVE/2011.list b/data/CVE/2011.list
index 8214c62af3..6cf388d753 100644
--- a/data/CVE/2011.list
+++ b/data/CVE/2011.list
@@ -119,8 +119,8 @@ CVE-2011-5284 (Cross-site request forgery (CSRF) vulnerability in the web manage
 	NOT-FOR-US: Smoothwall
 CVE-2011-5283 (Cross-site scripting (XSS) vulnerability in the web management interfa ...)
 	NOT-FOR-US: Smoothwall
-CVE-2011-5282
-	RESERVED
+CVE-2011-5282 (mIRC prior to 7.22 has a message leak because chopping of outbound mes ...)
+	TODO: check
 CVE-2011-5374
 	RESERVED
 CVE-2011-5281
@@ -2344,8 +2344,7 @@ CVE-2011-4324 (The encode_share_access function in fs/nfs/nfs4xdr.c in the Linux
 	- linux-2.6 <not-affected> (RHEL5-specific backport error)
 CVE-2011-4323
 	REJECTED
-CVE-2011-4322
-	RESERVED
+CVE-2011-4322 (websitebaker prior to and including 2.8.1 has an authentication error  ...)
 	NOT-FOR-US: websitebaker
 CVE-2011-4321 (The password reset functionality in Joomla! 1.5.x through 1.5.24 uses  ...)
 	NOT-FOR-US: Joomla!
@@ -2894,11 +2893,9 @@ CVE-2011-4096 (The idnsGrokReply function in Squid before 3.1.16 does not proper
 	{DSA-2381-1}
 	- squid3 3.1.16-1
 	[lenny] - squid3 <not-affected> (no IPv6 support)
-CVE-2011-4095
-	RESERVED
+CVE-2011-4095 (Jara 1.6 has an XSS vulnerability ...)
 	NOT-FOR-US: Jara
-CVE-2011-4094
-	RESERVED
+CVE-2011-4094 (Jara 1.6 has a SQL injection vulnerability. ...)
 	NOT-FOR-US: Jara
 CVE-2011-4093 (Integer overflow in inc/server.hpp in libnet6 (aka net6) before 1.3.14 ...)
 	- net6 1:1.3.14-1 (low; bug #647318)
@@ -7055,10 +7052,10 @@ CVE-2011-2671 (Unspecified vulnerability in Megalith 12th edition through 27th e
 CVE-2011-2670 (Mozilla Firefox before 3.6 is vulnerable to XSS via the rendering of C ...)
 	- firefox <not-affected> (Fixed before initial upload renamed as src:firefox)
 	- firefox-esr <not-affected> (Fixed before initial upload renamed as src:firefox-esr)
-CVE-2011-2669
-	RESERVED
-CVE-2011-2668
-	RESERVED
+CVE-2011-2669 (Mozilla Firefox prior to 3.6 has a DoS vulnerability due to an issue i ...)
+	TODO: check
+CVE-2011-2668 (Mozilla Firefox through 1.5.0.3 has a vulnerability in processing the  ...)
+	TODO: check
 CVE-2011-2667 (Icihttp.exe in CA Gateway Security for HTTP, as used in CA Gateway Sec ...)
 	NOT-FOR-US: CA Gateway Security for HTTP
 CVE-2011-2666 (The default configuration of the SIP channel driver in Asterisk Open S ...)
diff --git a/data/CVE/2012.list b/data/CVE/2012.list
index fc2f2fb7ab..fac8a83e0e 100644
--- a/data/CVE/2012.list
+++ b/data/CVE/2012.list
@@ -3828,8 +3828,8 @@ CVE-2012-5192 (Directory traversal vulnerability in gmap/view_overlay.php in Bit
 	NOT-FOR-US: Bitweaver
 CVE-2012-5191
 	RESERVED
-CVE-2012-5190
-	RESERVED
+CVE-2012-5190 (Prizm Content Connect 5.1 has an Arbitrary File Upload Vulnerability ...)
+	TODO: check
 CVE-2012-5189
 	REJECTED
 CVE-2012-5188 (Untrusted search path vulnerability in mora Downloader before 1.0.0.1  ...)
diff --git a/data/CVE/2014.list b/data/CVE/2014.list
index f0f6e8595b..3039349a58 100644
--- a/data/CVE/2014.list
+++ b/data/CVE/2014.list
@@ -20129,8 +20129,8 @@ CVE-2014-2706 (Race condition in the mac80211 subsystem in the Linux kernel befo
 	NOTE: http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=1d147bfa64293b2723c4fec50922168658e613ba
 CVE-2014-2686 (Ansible prior to 1.5.4 mishandles the evaluation of some strings. ...)
 	- ansible 1.5.4+dfsg-1
-CVE-2014-2680
-	RESERVED
+CVE-2014-2680 (The update process in Xmind 3.4.1 and earlier allow remote attackers t ...)
+	TODO: check
 CVE-2014-2679
 	RESERVED
 CVE-2014-2677
diff --git a/data/CVE/2015.list b/data/CVE/2015.list
index ae098ac39b..5c0ad42189 100644
--- a/data/CVE/2015.list
+++ b/data/CVE/2015.list
@@ -7840,7 +7840,7 @@ CVE-2015-6910 (SQL injection vulnerability in Synology Video Station before 1.5-
 CVE-2015-6909 (Cross-site scripting (XSS) vulnerability in the "Create download task  ...)
 	NOT-FOR-US: Synology Download Station
 CVE-2015-6907
-	RESERVED
+	REJECTED
 CVE-2015-6906
 	REJECTED
 CVE-2015-6905
@@ -19313,8 +19313,8 @@ CVE-2015-2942 (MediaWiki before 1.19.24, 1.2x before 1.23.9, and 1.24.x before 1
 	NOTE: http://www.openwall.com/lists/oss-security/2015/04/01/1
 CVE-2015-2786 (Unspecified vulnerability in MyBB (aka MyBulletinBoard) before 1.8.4 h ...)
 	NOT-FOR-US: MyBB
-CVE-2015-2784
-	RESERVED
+CVE-2015-2784 (The papercrop gem before 0.3.0 for Ruby on Rails does not properly han ...)
+	TODO: check
 CVE-2015-2783 (ext/phar/phar.c in PHP before 5.4.40, 5.5.x before 5.5.24, and 5.6.x b ...)
 	{DSA-3280-1 DLA-212-1}
 	- php5 5.6.9+dfsg-1
@@ -21927,7 +21927,7 @@ CVE-2015-1863 (Heap-based buffer overflow in wpa_supplicant 1.0 through 2.4 allo
 CVE-2015-1862 (The crash reporting feature in Abrt allows local users to gain privile ...)
 	NOT-FOR-US: abrt is Red Hat / Fedora specific
 CVE-2015-1861
-	RESERVED
+	REJECTED
 CVE-2015-1860 (Multiple buffer overflows in gui/image/qgifhandler.cpp in the QtBase m ...)
 	{DLA-210-1}
 	- qt4-x11 4:4.8.6+git155-g716fbae+dfsg-2 (bug #783133)
diff --git a/data/CVE/2016.list b/data/CVE/2016.list
index ab614bb7bb..118a1faeee 100644
--- a/data/CVE/2016.list
+++ b/data/CVE/2016.list
@@ -1,5 +1,5 @@
-CVE-2016-11018
-	RESERVED
+CVE-2016-11018 (An issue was discovered in the Huge-IT gallery-images plugin before 1. ...)
+	TODO: check
 CVE-2016-11017 (The application login page in AKIPS Network Monitor 15.37 through 16.5 ...)
 	NOT-FOR-US: AKIPS Network Monitor
 CVE-2016-11016 (NETGEAR JNR1010 devices before 1.0.0.32 allow webproc?getpage= XSS. ...)
diff --git a/data/CVE/2019.list b/data/CVE/2019.list
index 3cb4cd7004..3aae0f43d8 100644
--- a/data/CVE/2019.list
+++ b/data/CVE/2019.list
@@ -2063,8 +2063,8 @@ CVE-2019-19594 (reset/modules/fotoliaFoto/multi_upload.php in the RESET.PRO Adob
 	NOT-FOR-US: Adobe Stock API integration for PrestaShop
 CVE-2019-19593
 	RESERVED
-CVE-2019-19592
-	RESERVED
+CVE-2019-19592 (Jama Connect 8.44.0 has XSS via the "Import File and Destination" tab  ...)
+	TODO: check
 CVE-2019-19591
 	RESERVED
 CVE-2019-19590 (In radare2 through 4.0, there is an integer overflow for the variable  ...)
@@ -2524,8 +2524,8 @@ CVE-2019-19413
 	RESERVED
 CVE-2019-19412
 	RESERVED
-CVE-2019-19411
-	RESERVED
+CVE-2019-19411 (USG9500 with versions of V500R001C30SPC100, V500R001C30SPC200, V500R00 ...)
+	TODO: check
 CVE-2019-19410
 	RESERVED
 CVE-2019-19409
@@ -2562,8 +2562,8 @@ CVE-2019-19394
 	RESERVED
 CVE-2019-19393
 	RESERVED
-CVE-2019-19392
-	RESERVED
+CVE-2019-19392 (The forDNN.UsersExportImport module before 1.2.0 for DNN (formerly Dot ...)
+	TODO: check
 CVE-2019-19391 (** DISPUTED ** In LuaJIT through 2.0.5, as used in Moonjit before 2.1. ...)
 	- luajit <unfixed> (bug #946053; unimportant)
 	NOTE: https://github.com/LuaJIT/LuaJIT/pull/526
@@ -2661,8 +2661,7 @@ CVE-2019-19346
 	RESERVED
 CVE-2019-19345
 	RESERVED
-CVE-2019-19344 [Use after free during DNS zone scavenging in Samba AD DC]
-	RESERVED
+CVE-2019-19344 (There is a use-after-free issue in all samba 4.9.x versions before 4.9 ...)
 	- samba <unfixed>
 	[buster] - samba <no-dsa> (Minor issue)
 	[stretch] - samba <not-affected> (Only affects Samba 4.9 onwards)
@@ -3758,8 +3757,7 @@ CVE-2019-18934 (Unbound 1.6.4 through 1.9.4 contain a vulnerability in the ipsec
 	NOTE: https://nlnetlabs.nl/downloads/unbound/CVE-2019-18934.txt
 CVE-2019-18933 (In Zulip Server versions from 1.7.0 to before 2.0.7, a bug in the new  ...)
 	NOT-FOR-US: Zulip
-CVE-2019-18932 [sarg: insecure usage of /tmp/sarg allows privilege escalation / DoS attack vector]
-	RESERVED
+CVE-2019-18932 (log.c in Squid Analysis Report Generator (sarg) through 2.3.11 allows  ...)
 	- sarg <unfixed>
 	NOTE: https://www.openwall.com/lists/oss-security/2020/01/20/6
 	NOTE: The sarg-reports as shipped in Debian has already safe use of mktemp for
@@ -7414,7 +7412,7 @@ CVE-2019-17362 (In LibTomCrypt through 1.18.2, the der_decode_utf8_string functi
 	[stretch] - libtomcrypt <no-dsa> (Minor issue)
 	NOTE: https://github.com/libtom/libtomcrypt/issues/507
 	NOTE: https://github.com/libtom/libtomcrypt/pull/508
-CVE-2019-17361 (In SaltStack Salt through 2019.2.0, the salt-api NEST API with the ssh ...)
+CVE-2019-17361 (In SaltStack Salt through 2019.2.0, the salt-api NET API with the ssh  ...)
 	- salt <unfixed> (bug #949222)
 	NOTE: https://github.com/saltstack/salt/commit/bca115f3f00fbde564dd2f12bf036b5d2fd08387
 CVE-2019-17360 (A vulnerability in Hitachi Command Suite 7.x and 8.x before 8.7.0-00 a ...)
@@ -7428,8 +7426,7 @@ CVE-2019-17358 (Cacti through 1.2.7 is affected by multiple instances of lib/fun
 	- cacti 1.2.8+ds1-1 (bug #947375)
 	NOTE: https://github.com/Cacti/cacti/issues/3026
 	NOTE: https://github.com/Cacti/cacti/commit/adf221344359f5b02b8aed43dfb6b33ae5d708c8
-CVE-2019-17357
-	RESERVED
+CVE-2019-17357 (Cacti through 1.2.7 is affected by a graphs.php?template_id= SQL injec ...)
 	- cacti 1.2.8+ds1-1 (bug #947374)
 	[buster] - cacti 1.2.2+ds1-2+deb10u2
 	[stretch] - cacti <not-affected> (Vulnerable code not present)
@@ -13369,8 +13366,7 @@ CVE-2019-14909 (A vulnerability was found in Keycloak 7.x where the user federat
 	NOT-FOR-US: Keycloak
 CVE-2019-14908
 	RESERVED
-CVE-2019-14907 [Crash after failed character conversion at log level 3 or above]
-	RESERVED
+CVE-2019-14907 (All samba versions 4.9.x before 4.9.18, 4.10.x before 4.10.12 and 4.11 ...)
 	- samba <unfixed>
 	[buster] - samba <no-dsa> (Minor issue)
 	[stretch] - samba <no-dsa> (Minor issue)
@@ -13393,8 +13389,7 @@ CVE-2019-14904 [vulnerability in solaris_zone module via crafted solaris zone]
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1776944
 CVE-2019-14903
 	RESERVED
-CVE-2019-14902 [Replication of ACLs set to inherit down a subtree on AD Directory not automatic]
-	RESERVED
+CVE-2019-14902 (There is an issue in all samba 4.11.x versions before 4.11.5, all samb ...)
 	- samba <unfixed>
 	[buster] - samba <no-dsa> (Minor issue)
 	[stretch] - samba <no-dsa> (Minor issue)
@@ -13926,14 +13921,14 @@ CVE-2019-14770 (In Backdrop CMS 1.12.x before 1.12.8 and 1.13.x before 1.13.3, s
 	- backdrop <itp> (bug #914257)
 CVE-2019-14769 (Backdrop CMS 1.12.x before 1.12.8 and 1.13.x before 1.13.3 doesn't suf ...)
 	- backdrop <itp> (bug #914257)
-CVE-2019-14768
-	RESERVED
-CVE-2019-14767
-	RESERVED
-CVE-2019-14766
-	RESERVED
-CVE-2019-14765
-	RESERVED
+CVE-2019-14768 (An Arbitrary File Upload issue in the file browser of DIMO YellowBox C ...)
+	TODO: check
+CVE-2019-14767 (In DIMO YellowBox CRM before 6.3.4, Path Traversal in images/Apparence ...)
+	TODO: check
+CVE-2019-14766 (Path Traversal in the file browser of DIMO YellowBox CRM before 6.3.4  ...)
+	TODO: check
+CVE-2019-14765 (Incorrect Access Control in AfficheExplorateurParam() in DIMO YellowBo ...)
+	TODO: check
 CVE-2019-14764
 	RESERVED
 CVE-2019-14763 (In the Linux kernel before 4.16.4, a double-locking error in drivers/u ...)
@@ -38502,29 +38497,29 @@ CVE-2019-5716 (In Wireshark 2.6.0 to 2.6.5, the 6LoWPAN dissector could crash. T
 CVE-2019-5715 (All versions of SilverStripe 3 prior to 3.6.7 and 3.7.3, and all versi ...)
 	NOT-FOR-US: SilverStripe
 CVE-2019-5714
-	RESERVED
+	REJECTED
 CVE-2019-5713
-	RESERVED
+	REJECTED
 CVE-2019-5712
-	RESERVED
+	REJECTED
 CVE-2019-5711
-	RESERVED
+	REJECTED
 CVE-2019-5710
-	RESERVED
+	REJECTED
 CVE-2019-5709
-	RESERVED
+	REJECTED
 CVE-2019-5708
-	RESERVED
+	REJECTED
 CVE-2019-5707
-	RESERVED
+	REJECTED
 CVE-2019-5706
-	RESERVED
+	REJECTED
 CVE-2019-5705
-	RESERVED
+	REJECTED
 CVE-2019-5704
-	RESERVED
+	REJECTED
 CVE-2019-5703
-	RESERVED
+	REJECTED
 CVE-2019-5702 (NVIDIA GeForce Experience, all versions prior to 3.20.2, contains a vu ...)
 	NOT-FOR-US: NVIDIA
 CVE-2019-5701 (NVIDIA GeForce Experience, all versions prior to 3.20.1, contains a vu ...)
@@ -42551,8 +42546,7 @@ CVE-2019-3866 (An information-exposure vulnerability was discovered where openst
 CVE-2019-3865
 	RESERVED
 	NOT-FOR-US: Quay
-CVE-2019-3864
-	RESERVED
+CVE-2019-3864 (A vulnerability was discovered in all quay-2 versions before quay-3.0. ...)
 	NOT-FOR-US: Quay
 CVE-2019-3863 (A flaw was found in libssh2 before 1.8.1. A server could send a multip ...)
 	{DSA-4431-1 DLA-1730-1}
@@ -44550,7 +44544,7 @@ CVE-2019-2991 (Vulnerability in the MySQL Server product of Oracle MySQL (compon
 	- mysql-5.7 <not-affected> (Only affects MySQL 8)
 CVE-2019-2990 (Vulnerability in the Oracle iStore product of Oracle E-Business Suite  ...)
 	NOT-FOR-US: Oracle
-CVE-2019-2989 (Vulnerability in the Oracle GraalVM Enterprise Edition product of Orac ...)
+CVE-2019-2989 (Vulnerability in the Java SE, Java SE Embedded product of Oracle Java  ...)
 	{DSA-4548-1 DSA-4546-1 DLA-2023-1}
 	- openjdk-11 11.0.5+10-1
 	- openjdk-8 8u232-b09-1
diff --git a/data/CVE/2020.list b/data/CVE/2020.list
index 12e7273ea8..49a304ff56 100644
--- a/data/CVE/2020.list
+++ b/data/CVE/2020.list
@@ -1,11 +1,455 @@
+CVE-2020-7471
+	RESERVED
+CVE-2020-7470 (Sonoff TH 10 and 16 devices with firmware 6.6.0.21 allows XSS via the  ...)
+	TODO: check
+CVE-2020-7469
+	RESERVED
+CVE-2020-7468
+	RESERVED
+CVE-2020-7467
+	RESERVED
+CVE-2020-7466
+	RESERVED
+CVE-2020-7465
+	RESERVED
+CVE-2020-7464
+	RESERVED
+CVE-2020-7463
+	RESERVED
+CVE-2020-7462
+	RESERVED
+CVE-2020-7461
+	RESERVED
+CVE-2020-7460
+	RESERVED
+CVE-2020-7459
+	RESERVED
+CVE-2020-7458
+	RESERVED
+CVE-2020-7457
+	RESERVED
+CVE-2020-7456
+	RESERVED
+CVE-2020-7455
+	RESERVED
+CVE-2020-7454
+	RESERVED
+CVE-2020-7453
+	RESERVED
+CVE-2020-7452
+	RESERVED
+CVE-2020-7451
+	RESERVED
+CVE-2020-7450
+	RESERVED
+CVE-2020-7449
+	RESERVED
+CVE-2020-7448
+	RESERVED
+CVE-2020-7447
+	RESERVED
+CVE-2020-7446
+	RESERVED
+CVE-2020-7445
+	RESERVED
+CVE-2020-7444
+	RESERVED
+CVE-2020-7443
+	RESERVED
+CVE-2020-7442
+	RESERVED
+CVE-2020-7441
+	RESERVED
+CVE-2020-7440
+	RESERVED
+CVE-2020-7439
+	RESERVED
+CVE-2020-7438
+	RESERVED
+CVE-2020-7437
+	RESERVED
+CVE-2020-7436
+	RESERVED
+CVE-2020-7435
+	RESERVED
+CVE-2020-7434
+	RESERVED
+CVE-2020-7433
+	RESERVED
+CVE-2020-7432
+	RESERVED
+CVE-2020-7431
+	RESERVED
+CVE-2020-7430
+	RESERVED
+CVE-2020-7429
+	RESERVED
+CVE-2020-7428
+	RESERVED
+CVE-2020-7427
+	RESERVED
+CVE-2020-7426
+	RESERVED
+CVE-2020-7425
+	RESERVED
+CVE-2020-7424
+	RESERVED
+CVE-2020-7423
+	RESERVED
+CVE-2020-7422
+	RESERVED
+CVE-2020-7421
+	RESERVED
+CVE-2020-7420
+	RESERVED
+CVE-2020-7419
+	RESERVED
+CVE-2020-7418
+	RESERVED
+CVE-2020-7417
+	RESERVED
+CVE-2020-7416
+	RESERVED
+CVE-2020-7415
+	RESERVED
+CVE-2020-7414
+	RESERVED
+CVE-2020-7413
+	RESERVED
+CVE-2020-7412
+	RESERVED
+CVE-2020-7411
+	RESERVED
+CVE-2020-7410
+	RESERVED
+CVE-2020-7409
+	RESERVED
+CVE-2020-7408
+	RESERVED
+CVE-2020-7407
+	RESERVED
+CVE-2020-7406
+	RESERVED
+CVE-2020-7405
+	RESERVED
+CVE-2020-7404
+	RESERVED
+CVE-2020-7403
+	RESERVED
+CVE-2020-7402
+	RESERVED
+CVE-2020-7401
+	RESERVED
+CVE-2020-7400
+	RESERVED
+CVE-2020-7399
+	RESERVED
+CVE-2020-7398
+	RESERVED
+CVE-2020-7397
+	RESERVED
+CVE-2020-7396
+	RESERVED
+CVE-2020-7395
+	RESERVED
+CVE-2020-7394
+	RESERVED
+CVE-2020-7393
+	RESERVED
+CVE-2020-7392
+	RESERVED
+CVE-2020-7391
+	RESERVED
+CVE-2020-7390
+	RESERVED
+CVE-2020-7389
+	RESERVED
+CVE-2020-7388
+	RESERVED
+CVE-2020-7387
+	RESERVED
+CVE-2020-7386
+	RESERVED
+CVE-2020-7385
+	RESERVED
+CVE-2020-7384
+	RESERVED
+CVE-2020-7383
+	RESERVED
+CVE-2020-7382
+	RESERVED
+CVE-2020-7381
+	RESERVED
+CVE-2020-7380
+	RESERVED
+CVE-2020-7379
+	RESERVED
+CVE-2020-7378
+	RESERVED
+CVE-2020-7377
+	RESERVED
+CVE-2020-7376
+	RESERVED
+CVE-2020-7375
+	RESERVED
+CVE-2020-7374
+	RESERVED
+CVE-2020-7373
+	RESERVED
+CVE-2020-7372
+	RESERVED
+CVE-2020-7371
+	RESERVED
+CVE-2020-7370
+	RESERVED
+CVE-2020-7369
+	RESERVED
+CVE-2020-7368
+	RESERVED
+CVE-2020-7367
+	RESERVED
+CVE-2020-7366
+	RESERVED
+CVE-2020-7365
+	RESERVED
+CVE-2020-7364
+	RESERVED
+CVE-2020-7363
+	RESERVED
+CVE-2020-7362
+	RESERVED
+CVE-2020-7361
+	RESERVED
+CVE-2020-7360
+	RESERVED
+CVE-2020-7359
+	RESERVED
+CVE-2020-7358
+	RESERVED
+CVE-2020-7357
+	RESERVED
+CVE-2020-7356
+	RESERVED
+CVE-2020-7355
+	RESERVED
+CVE-2020-7354
+	RESERVED
+CVE-2020-7353
+	RESERVED
+CVE-2020-7352
+	RESERVED
+CVE-2020-7351
+	RESERVED
+CVE-2020-7350
+	RESERVED
+CVE-2020-7349
+	RESERVED
+CVE-2020-7348
+	RESERVED
+CVE-2020-7347
+	RESERVED
+CVE-2020-7346
+	RESERVED
+CVE-2020-7345
+	RESERVED
+CVE-2020-7344
+	RESERVED
+CVE-2020-7343
+	RESERVED
+CVE-2020-7342
+	RESERVED
+CVE-2020-7341
+	RESERVED
+CVE-2020-7340
+	RESERVED
+CVE-2020-7339
+	RESERVED
+CVE-2020-7338
+	RESERVED
+CVE-2020-7337
+	RESERVED
+CVE-2020-7336
+	RESERVED
+CVE-2020-7335
+	RESERVED
+CVE-2020-7334
+	RESERVED
+CVE-2020-7333
+	RESERVED
+CVE-2020-7332
+	RESERVED
+CVE-2020-7331
+	RESERVED
+CVE-2020-7330
+	RESERVED
+CVE-2020-7329
+	RESERVED
+CVE-2020-7328
+	RESERVED
+CVE-2020-7327
+	RESERVED
+CVE-2020-7326
+	RESERVED
+CVE-2020-7325
+	RESERVED
+CVE-2020-7324
+	RESERVED
+CVE-2020-7323
+	RESERVED
+CVE-2020-7322
+	RESERVED
+CVE-2020-7321
+	RESERVED
+CVE-2020-7320
+	RESERVED
+CVE-2020-7319
+	RESERVED
+CVE-2020-7318
+	RESERVED
+CVE-2020-7317
+	RESERVED
+CVE-2020-7316
+	RESERVED
+CVE-2020-7315
+	RESERVED
+CVE-2020-7314
+	RESERVED
+CVE-2020-7313
+	RESERVED
+CVE-2020-7312
+	RESERVED
+CVE-2020-7311
+	RESERVED
+CVE-2020-7310
+	RESERVED
+CVE-2020-7309
+	RESERVED
+CVE-2020-7308
+	RESERVED
+CVE-2020-7307
+	RESERVED
+CVE-2020-7306
+	RESERVED
+CVE-2020-7305
+	RESERVED
+CVE-2020-7304
+	RESERVED
+CVE-2020-7303
+	RESERVED
+CVE-2020-7302
+	RESERVED
+CVE-2020-7301
+	RESERVED
+CVE-2020-7300
+	RESERVED
+CVE-2020-7299
+	RESERVED
+CVE-2020-7298
+	RESERVED
+CVE-2020-7297
+	RESERVED
+CVE-2020-7296
+	RESERVED
+CVE-2020-7295
+	RESERVED
+CVE-2020-7294
+	RESERVED
+CVE-2020-7293
+	RESERVED
+CVE-2020-7292
+	RESERVED
+CVE-2020-7291
+	RESERVED
+CVE-2020-7290
+	RESERVED
+CVE-2020-7289
+	RESERVED
+CVE-2020-7288
+	RESERVED
+CVE-2020-7287
+	RESERVED
+CVE-2020-7286
+	RESERVED
+CVE-2020-7285
+	RESERVED
+CVE-2020-7284
+	RESERVED
+CVE-2020-7283
+	RESERVED
+CVE-2020-7282
+	RESERVED
+CVE-2020-7281
+	RESERVED
+CVE-2020-7280
+	RESERVED
+CVE-2020-7279
+	RESERVED
+CVE-2020-7278
+	RESERVED
+CVE-2020-7277
+	RESERVED
+CVE-2020-7276
+	RESERVED
+CVE-2020-7275
+	RESERVED
+CVE-2020-7274
+	RESERVED
+CVE-2020-7273
+	RESERVED
+CVE-2020-7272
+	RESERVED
+CVE-2020-7271
+	RESERVED
+CVE-2020-7270
+	RESERVED
+CVE-2020-7269
+	RESERVED
+CVE-2020-7268
+	RESERVED
+CVE-2020-7267
+	RESERVED
+CVE-2020-7266
+	RESERVED
+CVE-2020-7265
+	RESERVED
+CVE-2020-7264
+	RESERVED
+CVE-2020-7263
+	RESERVED
+CVE-2020-7262
+	RESERVED
+CVE-2020-7261
+	RESERVED
+CVE-2020-7260
+	RESERVED
+CVE-2020-7259
+	RESERVED
+CVE-2020-7258
+	RESERVED
+CVE-2020-7257
+	RESERVED
+CVE-2020-7256
+	RESERVED
+CVE-2020-7255
+	RESERVED
+CVE-2020-7254
+	RESERVED
+CVE-2020-7253
+	RESERVED
+CVE-2020-7252
+	RESERVED
+CVE-2020-7251
+	RESERVED
+CVE-2020-7250
+	RESERVED
 CVE-2020-7249 (SMC D3G0804W 3.5.2.5-LAT_GA devices allow XSS via the SSID field on th ...)
 	NOT-FOR-US: SMC D3G0804W devices
 CVE-2020-7248
 	RESERVED
 CVE-2020-7247
 	RESERVED
-CVE-2020-7246
-	RESERVED
+CVE-2020-7246 (A remote code execution (RCE) vulnerability exists in qdPM 9.1 and ear ...)
+	TODO: check
 CVE-2020-7245
 	RESERVED
 CVE-2020-7244 (Comtech Stampede FX-1010 7.4.3 devices allow remote authenticated admi ...)
@@ -40,8 +484,8 @@ CVE-2020-7231 (Evoko Home 1.31 devices provide different error messages for fail
 	NOT-FOR-US: Evoko Home devices
 CVE-2020-7230
 	RESERVED
-CVE-2020-7229
-	RESERVED
+CVE-2020-7229 (An issue was discovered in Simplejobscript.com SJS before 1.65. There  ...)
+	TODO: check
 CVE-2020-7228
 	RESERVED
 CVE-2020-7227 (Westermo MRD-315 1.7.3 and 1.7.4 devices have an information disclosur ...)
@@ -72,12 +516,11 @@ CVE-2020-7215 (An issue was discovered in Gallagher Command Centre 7.x before 7.
 	NOT-FOR-US: Gallagher Command Centre
 CVE-2020-7214
 	RESERVED
-CVE-2020-7213
-	RESERVED
+CVE-2020-7213 (Parallels 13 uses cleartext HTTP as part of the update process, allowi ...)
+	TODO: check
 CVE-2020-7212
 	RESERVED
-CVE-2020-7211
-	RESERVED
+CVE-2020-7211 (tftp.c in libslirp 4.1.0, as used in QEMU 4.2.0, does not prevent ..\  ...)
 	- libslirp <unfixed> (unimportant)
 	NOTE: https://bugs.launchpad.net/qemu/+bug/1812451
 	NOTE: https://gitlab.freedesktop.org/slirp/libslirp/commit/14ec36e107a8c9af7d0a80c3571fe39b291ff1d4
@@ -829,8 +1272,8 @@ CVE-2020-6859 (Multiple Insecure Direct Object Reference vulnerabilities in incl
 	NOT-FOR-US: Ultimate Member plugin for WordPress
 CVE-2020-6858
 	RESERVED
-CVE-2020-6857
-	RESERVED
+CVE-2020-6857 (CarbonFTP v1.4 uses insecure proprietary password encryption with a ha ...)
+	TODO: check
 CVE-2020-6856
 	RESERVED
 CVE-2020-6855
@@ -846,8 +1289,8 @@ CVE-2020-6851 (OpenJPEG through 2.3.1 has a heap-based buffer overflow in opj_t1
 	NOTE: https://github.com/uclouvain/openjpeg/issues/1228
 CVE-2020-6850
 	RESERVED
-CVE-2020-6849
-	RESERVED
+CVE-2020-6849 (The marketo-forms-and-tracking plugin through 1.0.2 for WordPress allo ...)
+	TODO: check
 CVE-2020-6848 (Axper Vision II 4 devices allow XSS via the DEVICE_NAME (aka Device Na ...)
 	NOT-FOR-US: Axper Vision II 4 devices
 CVE-2020-6847 (OpenTrade through 0.2.0 has a DOM-based XSS vulnerability that is exec ...)
@@ -4220,8 +4663,7 @@ CVE-2020-5204 (In uftpd before 2.11, there is a buffer overflow vulnerability in
 	NOT-FOR-US: uftpd
 CVE-2020-5203
 	RESERVED
-CVE-2020-5202
-	RESERVED
+CVE-2020-5202 (apt-cacher-ng through 3.3 allows local users to obtain sensitive infor ...)
 	- apt-cacher-ng 3.3.1-1
 	[buster] - apt-cacher-ng <no-dsa> (Minor issue)
 	[stretch] - apt-cacher-ng <no-dsa> (Minor issue)
@@ -9453,7 +9895,7 @@ CVE-2020-2606 (Vulnerability in the PeopleSoft Enterprise PeopleTools product of
 	NOT-FOR-US: Oracle
 CVE-2020-2605 (Vulnerability in the Oracle Solaris product of Oracle Systems (compone ...)
 	NOT-FOR-US: Oracle
-CVE-2020-2604 (Vulnerability in the Oracle GraalVM Enterprise Edition product of Orac ...)
+CVE-2020-2604 (Vulnerability in the Java SE, Java SE Embedded product of Oracle Java  ...)
 	{DSA-4605-1}
 	- openjdk-13 13.0.2+8-1
 	- openjdk-11 11.0.6+10-1
@@ -11011,8 +11453,8 @@ CVE-2020-1842
 	RESERVED
 CVE-2020-1841
 	RESERVED
-CVE-2020-1840
-	RESERVED
+CVE-2020-1840 (HUAWEI Mate 20 smart phones with versions earlier than 10.0.0.175(C00E ...)
+	TODO: check
 CVE-2020-1839
 	RESERVED
 CVE-2020-1838