automatic update

2 files changed, 70 insertions, 18 deletions

diff --git a/data/CVE/2015.list b/data/CVE/2015.list
index a43c1e2e90..07e4a81e02 100644
--- a/data/CVE/2015.list
+++ b/data/CVE/2015.list
@@ -1,3 +1,7 @@
+CVE-2015-9551 (An issue was discovered on TOTOLINK A850R-V1 through 1.0.1-B20150707.1 ...)
+	TODO: check
+CVE-2015-9550 (An issue was discovered on TOTOLINK A850R-V1 through 1.0.1-B20150707.1 ...)
+	TODO: check
 CVE-2015-9549 (A reflected Cross-site Scripting (XSS) vulnerability exists in OcPorta ...)
 	NOT-FOR-US: OcPortal
 CVE-2015-9548 (An issue was discovered in Mattermost Server before 1.2.0. It allows a ...)
diff --git a/data/CVE/2020.list b/data/CVE/2020.list
index 2b5bacc2d1..c2563dd46f 100644
--- a/data/CVE/2020.list
+++ b/data/CVE/2020.list
@@ -1,3 +1,51 @@
+CVE-2020-29073
+	RESERVED
+CVE-2020-29072 (A Cross-Site Script Inclusion vulnerability was found on LiquidFiles b ...)
+	TODO: check
+CVE-2020-29071 (An XSS issue was found in the Shares feature of LiquidFiles before 3.3 ...)
+	TODO: check
+CVE-2020-29070
+	RESERVED
+CVE-2020-29069 (_get_flag_ip_localdb in server/mhn/ui/utils.py in Modern Honey Network ...)
+	TODO: check
+CVE-2020-29068
+	RESERVED
+CVE-2020-29067
+	RESERVED
+CVE-2020-29066
+	RESERVED
+CVE-2020-29065
+	RESERVED
+CVE-2020-29064
+	RESERVED
+CVE-2020-29063 (An issue was discovered on CDATA 72408A, 9008A, 9016A, 92408A, 92416A, ...)
+	TODO: check
+CVE-2020-29062 (An issue was discovered on CDATA 72408A, 9008A, 9016A, 92408A, 92416A, ...)
+	TODO: check
+CVE-2020-29061 (An issue was discovered on CDATA 72408A, 9008A, 9016A, 92408A, 92416A, ...)
+	TODO: check
+CVE-2020-29060 (An issue was discovered on CDATA 72408A, 9008A, 9016A, 92408A, 92416A, ...)
+	TODO: check
+CVE-2020-29059 (An issue was discovered on CDATA 72408A, 9008A, 9016A, 92408A, 92416A, ...)
+	TODO: check
+CVE-2020-29058 (An issue was discovered on CDATA 72408A, 9008A, 9016A, 92408A, 92416A, ...)
+	TODO: check
+CVE-2020-29057 (An issue was discovered on CDATA 72408A, 9008A, 9016A, 92408A, 92416A, ...)
+	TODO: check
+CVE-2020-29056 (An issue was discovered on CDATA 72408A, 9008A, 9016A, 92408A, 92416A, ...)
+	TODO: check
+CVE-2020-29055 (An issue was discovered on CDATA 72408A, 9008A, 9016A, 92408A, 92416A, ...)
+	TODO: check
+CVE-2020-29054 (An issue was discovered on CDATA 72408A, 9008A, 9016A, 92408A, 92416A, ...)
+	TODO: check
+CVE-2020-29053 (HRSALE 2.0.0 allows XSS via the admin/project/projects_calendar set_da ...)
+	TODO: check
+CVE-2020-29052
+	RESERVED
+CVE-2020-29051
+	RESERVED
+CVE-2020-29050
+	RESERVED
 CVE-2020-29049
 	RESERVED
 CVE-2020-29048
@@ -149,6 +197,7 @@ CVE-2020-28977
 CVE-2020-28976
 	RESERVED
 CVE-2020-28984 (prive/formulaires/configurer_preferences.php in SPIP before 3.2.8 does ...)
+	{DSA-4798-1}
 	- spip 3.2.8-1
 	NOTE: https://git.spip.net/spip/spip/commit/ae4267eba1022dabc12831ddb021c5d6e09040f8
 CVE-2020-28975 (** DISPUTED ** svm_predict_values in svm.cpp in Libsvm v324, as used i ...)
@@ -157,8 +206,7 @@ CVE-2020-28973
 	RESERVED
 CVE-2020-28972
 	RESERVED
-CVE-2020-26235 [RUSTSEC-2020-0071: time: Potential segfault in the time crate]
-	RESERVED
+CVE-2020-26235 (In Rust time crate from version 0.2.7 and before version 0.2.23, unix- ...)
 	- rust-time <not-affected> (Vulnerable methods introduced in v0.2.7)
 	NOTE: https://github.com/time-rs/time/security/advisories/GHSA-wcg3-cvx6-7396
 	NOTE: https://rustsec.org/advisories/RUSTSEC-2020-0071.html
@@ -1534,8 +1582,8 @@ CVE-2020-28331 (Barco wePresent WiPG-1600W devices have Improper Access Control.
 	NOT-FOR-US: Barco wePresent WiPG-1600W devices
 CVE-2020-28330 (Barco wePresent WiPG-1600W devices have Unprotected Transport of Crede ...)
 	NOT-FOR-US: Barco wePresent WiPG-1600W devices
-CVE-2020-28329
-	RESERVED
+CVE-2020-28329 (Barco wePresent WiPG-1600W firmware includes a hardcoded API account a ...)
+	TODO: check
 CVE-2020-28328 (SuiteCRM before 7.11.17 is vulnerable to remote code execution via the ...)
 	NOT-FOR-US: SuiteCRM
 CVE-2020-28327 (A res_pjsip_session crash was discovered in Asterisk Open Source 13.x  ...)
@@ -6048,26 +6096,26 @@ CVE-2020-26244
 	RESERVED
 CVE-2020-26243
 	RESERVED
-CVE-2020-26242
-	RESERVED
-CVE-2020-26241
-	RESERVED
-CVE-2020-26240
-	RESERVED
+CVE-2020-26242 (Go Ethereum, or "Geth", is the official Golang implementation of the E ...)
+	TODO: check
+CVE-2020-26241 (Go Ethereum, or "Geth", is the official Golang implementation of the E ...)
+	TODO: check
+CVE-2020-26240 (Go Ethereum, or "Geth", is the official Golang implementation of the E ...)
+	TODO: check
 CVE-2020-26239 (Scratch Addons is a WebExtension that supports both Chrome and Firefox ...)
 	NOT-FOR-US: Scratch Addons
-CVE-2020-26238
-	RESERVED
-CVE-2020-26237
-	RESERVED
+CVE-2020-26238 (Cron-utils is a Java library to parse, validate, migrate crons as well ...)
+	TODO: check
+CVE-2020-26237 (Highlight.js is a syntax highlighter written in JavaScript. Highlight. ...)
+	TODO: check
 CVE-2020-26236 (In ScratchVerifier before commit a603769, an attacker can hijack the v ...)
 	NOT-FOR-US: ScratchVerifier
 CVE-2020-26234
 	RESERVED
 CVE-2020-26233
 	RESERVED
-CVE-2020-26232
-	RESERVED
+CVE-2020-26232 (Jupyter Server before version 1.0.6 has an Open redirect vulnerability ...)
+	TODO: check
 CVE-2020-26231 (October is a free, open-source, self-hosted CMS platform based on the  ...)
 	NOT-FOR-US: October CMS
 CVE-2020-26230 (Radar COVID is the official COVID-19 exposure notification app for Spa ...)
@@ -8591,8 +8639,8 @@ CVE-2020-25161
 	RESERVED
 CVE-2020-25160
 	RESERVED
-CVE-2020-25159
-	RESERVED
+CVE-2020-25159 (499ES EtherNet/IP (ENIP) Adaptor Source Code is vulnerable to a stack- ...)
+	TODO: check
 CVE-2020-25158
 	RESERVED
 CVE-2020-25157 (The R-SeeNet webpage (1.5.1 through 2.4.10) suffers from SQL injection ...)