automatic update

author: security tracker role <sectracker@soriano.debian.org> 2020-02-11 20:10:22 +0000
committer: security tracker role <sectracker@soriano.debian.org> 2020-02-11 20:10:22 +0000
commit: 309bd12ff0a5de9faf94be75cf7a4ed573a55771 (patch)
tree: 8a97e0be4b03074d169c8b98d6d8855ff13ccaec
parent: c7191eeec48d58a434428d3686aa83c0ce007a33 (diff)
11 files changed, 263 insertions, 217 deletions
diff --git a/data/CVE/2009.list b/data/CVE/2009.list
index f1fdc1297f..40adf14735 100644
--- a/data/CVE/2009.list
+++ b/data/CVE/2009.list
@@ -2546,8 +2546,7 @@ CVE-2009-4069 (Multiple cross-site scripting (XSS) vulnerabilities in GForge 4.5
 	- gforge 4.7.3-2
 CVE-2009-4068
 	RESERVED
-CVE-2009-4067
-	RESERVED
+CVE-2009-4067 (Buffer overflow in the auerswald_probe function in the Auerswald Linux ...)
 	{DSA-2310-1}
 	- linux-2.6 2.6.28-1 (low)
 	NOTE: Driver was removed in 2.6.27
diff --git a/data/CVE/2011.list b/data/CVE/2011.list
index 5dbfe54f32..98b257cac9 100644
--- a/data/CVE/2011.list
+++ b/data/CVE/2011.list
@@ -9787,7 +9787,7 @@ CVE-2011-1598 (The bcm_release function in net/can/bcm.c in the Linux kernel bef
 CVE-2011-1597 (OpenVAS Manager v2.0.3 allows plugin remote code execution. ...)
 	NOT-FOR-US: OpenVAS Manager
 CVE-2011-1596
-	RESERVED
+	REJECTED
 	NOT-FOR-US: ** REJECT ** (regular bug in gnome-screensaver-dialog)
 CVE-2011-1595 (Directory traversal vulnerability in the disk_create function in disk. ...)
 	- rdesktop 1.7.0-1 (low; bug #623552)
diff --git a/data/CVE/2012.list b/data/CVE/2012.list
index e7f90fac54..05409377e6 100644
--- a/data/CVE/2012.list
+++ b/data/CVE/2012.list
@@ -5335,8 +5335,7 @@ CVE-2012-4521 [rejected dupe assignment]
 CVE-2012-4520 (The django.http.HttpRequest.get_host function in Django 1.3.x before 1 ...)
 	{DSA-2634-1}
 	- python-django 1.4.2-1 (bug #691145)
-CVE-2012-4519
-	RESERVED
+CVE-2012-4519 (Zenphoto before 1.4.3.4 admin-news-articles.php date parameter XSS. ...)
 	NOT-FOR-US: Zenphoto
 CVE-2012-4518 (ibacm 1.0.7 creates files with world-writable permissions, which allow ...)
 	NOT-FOR-US: ibacm
diff --git a/data/CVE/2013.list b/data/CVE/2013.list
index c8a989b92c..95443f5fde 100644
--- a/data/CVE/2013.list
+++ b/data/CVE/2013.list
@@ -2722,7 +2722,7 @@ CVE-2013-6501 (The default soap.wsdl_cache_dir setting in (1) php.ini-production
 CVE-2013-6500
 	REJECTED
 CVE-2013-6499 [loading a module relative to the cwd]
-	RESERVED
+	REJECTED
 	- libmp3-info-perl <unfixed> (bug #777230; unimportant)
 	[jessie] - libmp3-info-perl <no-dsa> (Minor issue)
 	[wheezy] - libmp3-info-perl <no-dsa> (Minor issue)
@@ -4069,8 +4069,8 @@ CVE-2013-5990 (Unspecified vulnerability in JustSystems Ichitaro 2006 through 20
 	NOT-FOR-US: JustSystems Ichitaro
 CVE-2013-5989
 	REJECTED
-CVE-2013-5988
-	RESERVED
+CVE-2013-5988 (A Cross-site Scripting (XSS) vulnerability exists in the All in One SE ...)
+	TODO: check
 CVE-2013-5987 (Unspecified vulnerability in NVIDIA graphics driver Release 331, 325,  ...)
 	- nvidia-graphics-drivers 304.117-1 (bug #735271)
 	[squeeze] - nvidia-graphics-drivers <no-dsa> (Non-free not supported)
@@ -4159,8 +4159,8 @@ CVE-2013-5947
 	RESERVED
 CVE-2013-5946 (The runShellCmd function in systemCheck.htm in D-Link DSR-150 with fir ...)
 	NOT-FOR-US: D-Link
-CVE-2013-5945
-	RESERVED
+CVE-2013-5945 (Multiple SQL injection vulnerabilities in D-Link DSR-150 with firmware ...)
+	TODO: check
 CVE-2013-5944 (The integrated web server on Siemens SCALANCE X-200 switches with firm ...)
 	NOT-FOR-US: web server on Siemens switches
 CVE-2013-5959 (Blue Coat ProxySG before 6.2.14.1, 6.3.x, 6.4.x, and 6.5 before 6.5.2  ...)
@@ -5183,8 +5183,7 @@ CVE-2013-5584
 	RESERVED
 CVE-2013-5583 (Cross-site scripting (XSS) vulnerability in libraries/idna_convert/exa ...)
 	NOT-FOR-US: Joomla!
-CVE-2013-5582
-	RESERVED
+CVE-2013-5582 (Ammyy Admin 3.2 and earlier stores the client ID at a fixed memory loc ...)
 	NOT-FOR-US: Ammyy Admin
 CVE-2013-5581
 	RESERVED
@@ -7540,8 +7539,7 @@ CVE-2013-4536
 	[wheezy] - qemu-kvm <no-dsa> (Minor issue, hardly exploitable in practice)
 	- qemu-kvm <removed> (low)
 	[squeeze] - qemu-kvm <no-dsa> (Minor issue, hardly exploitable in practice)
-CVE-2013-4535
-	RESERVED
+CVE-2013-4535 (The virtqueue_map_sg function in hw/virtio/virtio.c in QEMU before 1.7 ...)
 	- qemu 2.1+dfsg-1 (low; bug #739589)
 	[wheezy] - qemu <no-dsa> (Minor issue, hardly exploitable in practice)
 	[squeeze] - qemu <no-dsa> (Minor issue, hardly exploitable in practice)
@@ -7893,8 +7891,8 @@ CVE-2013-4449 (The rwm overlay in OpenLDAP 2.4.23, 2.4.36, and earlier does not
 	[squeeze] - openldap <no-dsa> (Minor issue)
 	NOTE: http://www.openldap.org/its/index.cgi/Incoming?id=7723
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1019490
-CVE-2013-4448
-	RESERVED
+CVE-2013-4448 (echoping through 6.0.2 has buffer overflow vulnerabilities ...)
+	TODO: check
 CVE-2013-4447 (Cross-site scripting (XSS) vulnerability in the API in the Simplenews  ...)
 	NOT-FOR-US: Simplenews Drupal contributed module
 CVE-2013-4446 (The _json_decode function in plugins/context_reaction_block.inc in the ...)
@@ -8527,13 +8525,12 @@ CVE-2013-4270 (The net_ctl_permissions function in net/sysctl_net.c in the Linux
 	NOTE: Introduced with http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=cff109768b2d9c03095848f4cd4b0754117262aa
 	NOTE: Fixed by http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=2433c8f094a008895e66f25bd1773cdb01c91d01
 CVE-2013-4269
-	RESERVED
+	REJECTED
 	- ajaxplorer <itp> (bug #668381)
 CVE-2013-4268
-	RESERVED
+	REJECTED
 	- ajaxplorer <itp> (bug #668381)
-CVE-2013-4267
-	RESERVED
+CVE-2013-4267 (Ajaxeplorer before 5.0.1 allows remote attackers to execute arbitrary  ...)
 	- ajaxplorer <itp> (bug #668381)
 CVE-2013-4266
 	REJECTED
@@ -9463,8 +9460,8 @@ CVE-2013-3944 (Stack-based buffer overflow in the MrSID plugin (MrSID.dll) befor
 	NOT-FOR-US: MrSID plugin (MrSID.dll) for IrfanView
 CVE-2013-3943 (Cross-site scripting (XSS) vulnerability in DotNetNuke (DNN) before 6. ...)
 	NOT-FOR-US: DotNetNukeDot
-CVE-2013-3942
-	RESERVED
+CVE-2013-3942 (Potplayer prior to 1.5.39659: DLL Loading Arbitrary Code Execution Vul ...)
+	TODO: check
 CVE-2013-3941 (Xjp2.dll in XnView before 2.13 allows remote attackers to execute arbi ...)
 	NOT-FOR-US: XnView
 CVE-2013-3940 (Integer overflow in the Graphics Device Interface (GDI) in Microsoft W ...)
@@ -10063,8 +10060,8 @@ CVE-2013-3686 (cgi-bin/operator/param in AirLive WL2600CAM and possibly other ca
 CVE-2013-3685
 	RESERVED
 	NOT-FOR-US: Sprite Software's backup softare for Android
-CVE-2013-3684
-	RESERVED
+CVE-2013-3684 (NextGEN Gallery plugin before 1.9.13 for WordPress: ngggallery.php fil ...)
+	TODO: check
 CVE-2013-3683
 	RESERVED
 CVE-2013-3682
@@ -13976,8 +13973,7 @@ CVE-2013-2122 (The Edit Limit module 7.x-1.x before 7.x-1.3 for Drupal does not
 	NOT-FOR-US: Edit Limit Drupal contributed module
 CVE-2013-2121 (Eval injection vulnerability in the create method in the Bookmarks con ...)
 	- foreman <itp> (bug #663101)
-CVE-2013-2120 [weak generated passwords]
-	RESERVED
+CVE-2013-2120 (The %{password(...)} macro in pastemacroexpander.cpp in the KDE Paste  ...)
 	- kdeplasma-addons 4:5.3.2-2 (low; bug #710497)
 	[jessie] - kdeplasma-addons <no-dsa> (Minor issue)
 	[wheezy] - kdeplasma-addons <no-dsa> (Minor issue)
@@ -14207,8 +14203,7 @@ CVE-2013-2058 (The host_start function in drivers/usb/chipidea/host.c in the Lin
 	- linux 3.8-1
 	[wheezy] - linux <not-affected> (Vulnerable code not present)
 	NOTE: http://www.openwall.com/lists/oss-security/2013/05/03/2
-CVE-2013-2057
-	RESERVED
+CVE-2013-2057 (YaBB through 2.5.2: 'guestlanguage' Cookie Parameter Local File Includ ...)
 	NOT-FOR-US: YaBB
 CVE-2013-2056 (The Inter-Satellite Sync (ISS) operation in Red Hat Network (RHN) Sate ...)
 	NOT-FOR-US: RHN Satellite
@@ -15180,8 +15175,8 @@ CVE-2013-1762 (stunnel 4.21 through 4.54, when CONNECT protocol negotiation and
 	- stunnel4 3:4.53-1.1 (bug #702267)
 CVE-2013-1761
 	RESERVED
-CVE-2013-1760
-	RESERVED
+CVE-2013-1760 (The Bug Genie before 3.2.6 has Multiple XSS and HTML Injection Vulnera ...)
+	TODO: check
 CVE-2013-1759 (Cross-site scripting (XSS) vulnerability in the Responsive Logo Slides ...)
 	NOT-FOR-US: WordPress plugin responsive-logo-slideshow
 CVE-2013-1758 (Cross-site scripting (XSS) vulnerability in the Marekkis Watermark plu ...)
@@ -15839,8 +15834,8 @@ CVE-2013-1609 (Multiple unquoted Windows search path vulnerabilities in the (1)
 	NOT-FOR-US: Symantec
 CVE-2013-1608 (Directory traversal vulnerability in the Management Console on the Sym ...)
 	NOT-FOR-US: Symantec
-CVE-2013-1607
-	RESERVED
+CVE-2013-1607 (Ruby PDFKit gem prior to 0.5.3 has a Code Execution Vulnerability ...)
+	TODO: check
 CVE-2013-1606 (Buffer overflow in the ubnt-streamer RTSP service on the Ubiquiti UBNT ...)
 	NOT-FOR-US: Ubiquiti UBNT AirCam
 CVE-2013-1605 (Buffer overflow in MayGion IP Cameras with firmware before 2013.04.22  ...)
@@ -16575,10 +16570,10 @@ CVE-2013-1362 (Incomplete blacklist vulnerability in nrpc.c in Nagios Remote Plu
 	[squeeze] - nagios-nrpe <no-dsa> (Minor issue)
 CVE-2013-1361 (Untrusted search path vulnerability in Lenovo Thinkpad Bluetooth with  ...)
 	NOT-FOR-US: Lenovo Thinkpad Bluetooth with Enhanced Data Rate Software
-CVE-2013-1360
-	RESERVED
-CVE-2013-1359
-	RESERVED
+CVE-2013-1360 (An Authentication Bypass vulnerability exists in DELL SonicWALL Global ...)
+	TODO: check
+CVE-2013-1359 (An Authentication Bypass Vulnerability exists in DELL SonicWALL Analyz ...)
+	TODO: check
 CVE-2013-1358
 	RESERVED
 CVE-2013-1357
@@ -17898,8 +17893,8 @@ CVE-2013-0805 (Multiple cross-site scripting (XSS) vulnerabilities in the search
 	NOT-FOR-US: IT Operations Portal
 CVE-2013-0804 (The client in Novell GroupWise 8.0 before 8.0.3 HP2 and 2012 before SP ...)
 	NOT-FOR-US: GroupWise
-CVE-2013-0803
-	RESERVED
+CVE-2013-0803 (A PHP File Upload Vulnerability exists in PolarBear CMS 2.5 via upload ...)
+	TODO: check
 CVE-2013-0802
 	RESERVED
 CVE-2013-0801 (Multiple unspecified vulnerabilities in the browser engine in Mozilla  ...)
@@ -18691,8 +18686,8 @@ CVE-2013-0519 (IBM Sterling Secure Proxy 3.2.0 and 3.3.01 before 3.3.01.23 Inter
 	NOT-FOR-US: IBM
 CVE-2013-0518 (IBM Sterling Secure Proxy 3.2.0 and 3.3.01 before 3.3.01.23 Interim Fi ...)
 	NOT-FOR-US: IBM
-CVE-2013-0517
-	RESERVED
+CVE-2013-0517 (A Command Execution Vulnerability exists in IBM Sterling External Auth ...)
+	TODO: check
 CVE-2013-0516
 	REJECTED
 CVE-2013-0515
diff --git a/data/CVE/2014.list b/data/CVE/2014.list
index 4353ec75e4..fabcdf60cb 100644
--- a/data/CVE/2014.list
+++ b/data/CVE/2014.list
@@ -1790,8 +1790,8 @@ CVE-2014-9756 (The psf_fwrite function in file_io.c in libsndfile allows attacke
 	- libsndfile 1.0.25-10 (bug #804447)
 	[jessie] - libsndfile 1.0.25-9.1+deb8u1
 	NOTE: https://github.com/erikd/libsndfile/commit/725c7dbb95bfaf8b4bb7b04820e3a00cceea9ce6
-CVE-2014-9753
-	RESERVED
+CVE-2014-9753 (confirm.php in ATutor 2.2 and earlier allows remote attackers to bypas ...)
+	TODO: check
 CVE-2014-9752 (Unrestricted file upload vulnerability in mods/_core/properties/lib/co ...)
 	NOT-FOR-US: ATutor
 CVE-2014-9751 (The read_network_packet function in ntp_io.c in ntpd in NTP 4.x before ...)
@@ -1810,8 +1810,7 @@ CVE-2014-9749 (Squid 3.4.4 through 3.4.11 and 3.5.0.1 through 3.5.1, when Digest
 	NOTE: http://bugs.squid-cache.org/show_bug.cgi?id=4066
 	NOTE: http://bazaar.launchpad.net/~squid/squid/3.4/revision/13211 (Squid 3.4)
 	NOTE: http://bazaar.launchpad.net/~squid/squid/3.5/revision/13735 (Squid 3.5)
-CVE-2014-9748
-	RESERVED
+CVE-2014-9748 (The uv_rwlock_t fallback implementation for Windows XP and Server 2003 ...)
 	- libuv 1.7.4-1 (unimportant)
 	- nodejs 4.0.0~dfsg-1 (unimportant)
 	NOTE: Only affects Windows
@@ -5966,8 +5965,8 @@ CVE-2014-8349 (Cross-site scripting (XSS) vulnerability in Liferay Portal Enterp
 	NOT-FOR-US: Liferay Portal
 CVE-2014-8348
 	RESERVED
-CVE-2014-8347
-	RESERVED
+CVE-2014-8347 (An Authentication Bypass vulnerability exists in the MatchPasswordData ...)
+	TODO: check
 CVE-2014-8346 (The Remote Controls feature on Samsung mobile devices does not validat ...)
 	NOT-FOR-US: Samsung mobile devices
 CVE-2014-8345
@@ -7095,7 +7094,7 @@ CVE-2014-7972
 CVE-2014-7971
 	RESERVED
 CVE-2014-7969
-	RESERVED
+	REJECTED
 CVE-2014-7966
 	RESERVED
 CVE-2014-7965
@@ -10673,8 +10672,8 @@ CVE-2014-6449 (Juniper Junos OS before 12.1X44-D50, 12.1X46 before 12.1X46-D35,
 	NOT-FOR-US: Juniper Junos OS
 CVE-2014-6448 (Juniper Junos OS 13.2 before 13.2R5, 13.2X51, 13.2X52, and 13.3 before ...)
 	NOT-FOR-US: Juniper
-CVE-2014-6447
-	RESERVED
+CVE-2014-6447 (Multiple vulnerabilities exist in Juniper Junos J-Web error handling t ...)
+	TODO: check
 CVE-2014-6446 (The Infusionsoft Gravity Forms plugin 1.5.3 through 1.5.10 for WordPre ...)
 	NOT-FOR-US: WordPress plugin Infusionsoft Gravity Forms
 CVE-2014-6445 (Multiple cross-site scripting (XSS) vulnerabilities in includes/toAdmi ...)
@@ -16867,10 +16866,10 @@ CVE-2014-3829 (displayServiceStatus.php in Centreon 2.5.1 and Centreon Enterpris
 	- centreon-web <itp> (bug #913903)
 CVE-2014-3828 (Multiple SQL injection vulnerabilities in Centreon 2.5.1 and Centreon  ...)
 	- centreon-web <itp> (bug #913903)
-CVE-2014-3827
-	RESERVED
-CVE-2014-3826
-	RESERVED
+CVE-2014-3827 (Multiple cross-site scripting (XSS) vulnerabilities in the MyBB (aka M ...)
+	TODO: check
+CVE-2014-3826 (Cross-site scripting (XSS) vulnerability in MyBB before 1.6.13 allows  ...)
+	TODO: check
 CVE-2014-3825 (The Juniper SRX Series devices with Junos 11.4 before 11.4R12-S4, 12.1 ...)
 	NOT-FOR-US: Juniper Junos
 CVE-2014-3824 (Cross-site scripting (XSS) vulnerability in the web server in the Juni ...)
@@ -21734,8 +21733,7 @@ CVE-2014-2053 (getID3() before 1.9.8, as used in ownCloud Server before 5.0.15 a
 	NOTE: http://owncloud.org/about/security/advisories/oC-SA-2014-006/
 	- wordpress 3.9.2+dfsg-1 (bug #757312)
 	NOTE: https://core.trac.wordpress.org/changeset/29390
-CVE-2014-2052
-	RESERVED
+CVE-2014-2052 (Zend Framework, as used in ownCloud Server before 5.0.15 and 6.0.x bef ...)
 	- owncloud 6.0.2+dfsg-1
 	NOTE: owncloud advisory does not mention details for ZendFramework
 	NOTE: http://owncloud.org/about/security/advisories/oC-SA-2014-006/
@@ -26251,14 +26249,12 @@ CVE-2014-0150 (Integer overflow in the virtio_net_handle_mac function in hw/net/
 	- qemu-kvm <removed>
 CVE-2014-0149 (Multiple cross-site scripting (XSS) vulnerabilities in Red Hat JBoss W ...)
 	NOT-FOR-US: JBoss Seam
-CVE-2014-0148
-	RESERVED
+CVE-2014-0148 (Qemu before 2.0 block driver for Hyper-V VHDX Images is vulnerable to  ...)
 	- qemu 2.0.0+dfsg-1 (bug #742730)
 	[squeeze] - qemu <not-affected> (vhdx support introduced in 1.5)
 	[wheezy] - qemu <not-affected> (vhdx support introduced in 1.5)
 	- qemu-kvm <not-affected> (vhdx support introduced in 1.5)
-CVE-2014-0147
-	RESERVED
+CVE-2014-0147 (Qemu before 1.6.2 block diver for the various disk image formats used  ...)
 	{DSA-3045-1 DSA-3044-1}
 	- qemu 2.0.0+dfsg-1 (bug #742730)
 	- qemu-kvm <removed>
@@ -26277,8 +26273,7 @@ CVE-2014-0145 (Multiple buffer overflows in QEMU before 1.7.2 and 2.x before 2.0
 	- qemu-kvm <removed>
 	[squeeze] - qemu <end-of-life> (Unsupported in squeeze-lts)
 	[squeeze] - qemu-kvm <end-of-life> (Unsupported in squeeze-lts)
-CVE-2014-0144
-	RESERVED
+CVE-2014-0144 (QEMU before 2.0.0 block drivers for CLOOP, QCOW2 version 2 and various ...)
 	{DSA-3045-1 DSA-3044-1}
 	- qemu 2.0.0+dfsg-1 (bug #742730)
 	- qemu-kvm <removed>
diff --git a/data/CVE/2015.list b/data/CVE/2015.list
index ae921ec735..7351df43cb 100644
--- a/data/CVE/2015.list
+++ b/data/CVE/2015.list
@@ -1,3 +1,5 @@
+CVE-2015-9542
+	RESERVED
 CVE-2015-9541 (Qt through 5.14 allows an exponential XML entity expansion attack via  ...)
 	- qtbase-opensource-src <unfixed> (low; bug #951066)
 	[buster] - qtbase-opensource-src <no-dsa> (Minor issue)
@@ -20822,7 +20824,7 @@ CVE-2015-2296 (The resolve_redirects function in sessions.py in requests 2.1.0 t
 CVE-2015-2289 (Cross-site scripting (XSS) vulnerability in templates/2k11/admin/entri ...)
 	- serendipity <removed>
 CVE-2015-2287
-	RESERVED
+	REJECTED
 CVE-2015-2286 (lms/templates/footer-edx-new.html in Open edX edx-platform before 2015 ...)
 	NOT-FOR-US: Open edX
 CVE-2015-2285 (The logrotation script (/etc/cron.daily/upstart) in the Ubuntu Upstart ...)
diff --git a/data/CVE/2016.list b/data/CVE/2016.list
index 39199f98e4..edbe86c345 100644
--- a/data/CVE/2016.list
+++ b/data/CVE/2016.list
@@ -15975,8 +15975,8 @@ CVE-2016-5712
 	RESERVED
 CVE-2016-5711 (NetApp Virtual Storage Console for VMware vSphere before 6.2.1 uses a  ...)
 	NOT-FOR-US: NetApp
-CVE-2016-5710
-	RESERVED
+CVE-2016-5710 (NetApp Snap Creator Framework before 4.3P1 allows remote authenticated ...)
+	TODO: check
 CVE-2016-5709 (SolarWinds Virtualization Manager 6.3.1 and earlier uses weak encrypti ...)
 	NOT-FOR-US: SolarWinds
 CVE-2016-5708
diff --git a/data/CVE/2017.list b/data/CVE/2017.list
index a479b7ce39..056c8be5d3 100644
--- a/data/CVE/2017.list
+++ b/data/CVE/2017.list
@@ -1,5 +1,5 @@
-CVE-2017-18642
-	RESERVED
+CVE-2017-18642 (Syska Smart Bulb devices through 2017-08-06 receive RGB parameters ove ...)
+	TODO: check
 CVE-2017-18641 (In LXC 2.0, many template scripts download code over cleartext HTTP, a ...)
 	- lxc-templates <unfixed>
 	- lxc 1:3.0.3-1
diff --git a/data/CVE/2018.list b/data/CVE/2018.list
index c377eb5678..d2a1d4d2b0 100644
--- a/data/CVE/2018.list
+++ b/data/CVE/2018.list
@@ -17416,8 +17416,8 @@ CVE-2018-14555
 	RESERVED
 CVE-2018-14554
 	RESERVED
-CVE-2018-14553
-	RESERVED
+CVE-2018-14553 (gdImageClone in gd.c in libgd 2.1.0-rc2 through 2.2.5 has a NULL point ...)
+	TODO: check
 CVE-2018-14552
 	RESERVED
 CVE-2018-14551 (The ReadMATImageV4 function in coders/mat.c in ImageMagick 7.0.8-7 use ...)
diff --git a/data/CVE/2019.list b/data/CVE/2019.list
index bbf4966088..c0cb7aac68 100644
--- a/data/CVE/2019.list
+++ b/data/CVE/2019.list
@@ -3342,12 +3342,12 @@ CVE-2019-19197 (IOCTL Handling in the kyrld.sys driver in Kyrol Internet Securit
 	NOT-FOR-US: Kyrol Internet Security
 CVE-2019-19196
 	RESERVED
-CVE-2019-19195
-	RESERVED
+CVE-2019-19195 (The Bluetooth Low Energy implementation on Microchip Technology BluSDK ...)
+	TODO: check
 CVE-2019-19194
 	RESERVED
-CVE-2019-19193
-	RESERVED
+CVE-2019-19193 (The Bluetooth Low Energy peripheral implementation on Texas Instrument ...)
+	TODO: check
 CVE-2019-19192
 	RESERVED
 CVE-2019-19191 (Shibboleth Service Provider (SP) 3.x before 3.1.0 shipped a spec file  ...)
@@ -5796,8 +5796,8 @@ CVE-2019-18212 (XMLLanguageService.java in XML Language Server (aka lsp4xml) bef
 	NOT-FOR-US: XML Language Server (aka lsp4xml)
 CVE-2019-18211 (An issue was discovered in Orckestra C1 CMS through 6.6. The EntityTok ...)
 	NOT-FOR-US: Orckestra C1 CMS
-CVE-2019-18210
-	RESERVED
+CVE-2019-18210 (** DISPUTED ** Persistent XSS in /course/modedit.php of Moodle through ...)
+	TODO: check
 CVE-2019-18209 (templates/pad.html in Etherpad-Lite 1.7.5 has XSS when the browser doe ...)
 	- etherpad-lite <itp> (bug #576998)
 CVE-2019-18208
@@ -7354,14 +7354,14 @@ CVE-2019-17522 (A stored XSS vulnerability was discovered in Hotaru CMS v1.7.2 v
 	NOT-FOR-US: Hotaru CMS
 CVE-2019-17521 (An issue was discovered in Landing-CMS 0.0.6. There is a CSRF vulnerab ...)
 	NOT-FOR-US: Landing-CMS
-CVE-2019-17520
-	RESERVED
+CVE-2019-17520 (The Bluetooth Low Energy implementation on Texas Instruments SDK throu ...)
+	TODO: check
 CVE-2019-17519
 	RESERVED
-CVE-2019-17518
-	RESERVED
-CVE-2019-17517
-	RESERVED
+CVE-2019-17518 (The Bluetooth Low Energy implementation on Dialog Semiconductor SDK th ...)
+	TODO: check
+CVE-2019-17517 (The Bluetooth Low Energy implementation on Dialog Semiconductor SDK th ...)
+	TODO: check
 CVE-2019-17516
 	RESERVED
 CVE-2019-17515 (The CleanTalk cleantalk-spam-protect plugin before 5.127.4 for WordPre ...)
@@ -8186,8 +8186,8 @@ CVE-2019-17139 (This vulnerability allows remote attackers to execute arbitrary
 	NOT-FOR-US: Foxit
 CVE-2019-17138 (This vulnerability allows remote attackers to disclose sensitive infor ...)
 	NOT-FOR-US: Foxit
-CVE-2019-17137
-	RESERVED
+CVE-2019-17137 (This vulnerability allows network-adjacent attackers to bypass authent ...)
+	TODO: check
 CVE-2019-17136 (This vulnerability allows remote attackers to execute arbitrary code o ...)
 	NOT-FOR-US: Foxit PhantomPDF
 CVE-2019-17135 (This vulnerability allows remote attackers to execute arbitrary code o ...)
@@ -8362,10 +8362,10 @@ CVE-2019-17063 (In Snowtide PDFxStream before 3.7.1 (for Java), a crafted PDF fi
 	NOT-FOR-US: Snowtide PDFxStream
 CVE-2019-17062 (An issue was discovered in OXID eShop 6.x before 6.0.6 and 6.1.x befor ...)
 	NOT-FOR-US: OXID eShop
-CVE-2019-17061
-	RESERVED
-CVE-2019-17060
-	RESERVED
+CVE-2019-17061 (The Bluetooth Low Energy (BLE) stack implementation on Cypress PSoC 4  ...)
+	TODO: check
+CVE-2019-17060 (The Bluetooth Low Energy (BLE) stack implementation on the NXP KW41Z ( ...)
+	TODO: check
 CVE-2019-17059 (A shell injection vulnerability on the Sophos Cyberoam firewall applia ...)
 	NOT-FOR-US: Sophos
 CVE-2019-17058 (Footy Tipping Software AFL Web Edition 2019 allows arbitrary file uplo ...)
@@ -14986,8 +14986,8 @@ CVE-2019-14516 (The mAadhaar application 1.2.7 for Android lacks SSL Certificate
 	NOT-FOR-US: mAadhaar application for Android
 CVE-2019-14515
 	RESERVED
-CVE-2019-14514
-	RESERVED
+CVE-2019-14514 (An issue was discovered in Microvirt MEmu all versions prior to 7.0.2. ...)
+	TODO: check
 CVE-2019-14513 (Improper bounds checking in Dnsmasq before 2.76 allows an attacker con ...)
 	{DLA-1921-1}
 	- dnsmasq 2.76-1
@@ -16501,8 +16501,8 @@ CVE-2019-13948 (SyGuestBook A5 Version 1.2 allows stored XSS because the isValid
 	NOT-FOR-US: SyGuestBook A5
 CVE-2019-13947 (A vulnerability has been identified in SiNVR 3 Central Control Server  ...)
 	NOT-FOR-US: Siemens
-CVE-2019-13946
-	RESERVED
+CVE-2019-13946 (A vulnerability has been identified in Development/Evaluation Kits for ...)
+	TODO: check
 CVE-2019-13945 (A vulnerability has been identified in SIMATIC S7-1200 CPU family (inc ...)
 	NOT-FOR-US: Siemens
 CVE-2019-13944 (A vulnerability has been identified in EN100 Ethernet module DNP3 vari ...)
@@ -16511,10 +16511,10 @@ CVE-2019-13943 (A vulnerability has been identified in EN100 Ethernet module DNP
 	NOT-FOR-US: Siemens
 CVE-2019-13942 (A vulnerability has been identified in EN100 Ethernet module DNP3 vari ...)
 	NOT-FOR-US: Siemens
-CVE-2019-13941
-	RESERVED
-CVE-2019-13940
-	RESERVED
+CVE-2019-13941 (A vulnerability has been identified in OZW672 (All versions &lt; V10.0 ...)
+	TODO: check
+CVE-2019-13940 (A vulnerability has been identified in SIMATIC S7-1200 CPU family (inc ...)
+	TODO: check
 CVE-2019-13939 (A vulnerability has been identified in Nucleus NET (All versions), Nuc ...)
 	NOT-FOR-US: Nucleus
 CVE-2019-13938
@@ -16541,12 +16541,12 @@ CVE-2019-13928
 	RESERVED
 CVE-2019-13927 (A vulnerability has been identified in Desigo PX automation controller ...)
 	NOT-FOR-US: Siemens
-CVE-2019-13926
-	RESERVED
-CVE-2019-13925
-	RESERVED
-CVE-2019-13924
-	RESERVED
+CVE-2019-13926 (A vulnerability has been identified in SCALANCE S602 (All versions &gt ...)
+	TODO: check
+CVE-2019-13925 (A vulnerability has been identified in SCALANCE S602 (All versions &gt ...)
+	TODO: check
+CVE-2019-13924 (A vulnerability has been identified in SCALANCE X-200 switch family (i ...)
+	TODO: check
 CVE-2019-13923 (A vulnerability has been identified in IE/WSN-PA Link WirelessHART Gat ...)
 	NOT-FOR-US: Siemens
 CVE-2019-13922 (A vulnerability has been identified in SINEMA Remote Connect Server (A ...)
@@ -18169,10 +18169,10 @@ CVE-2019-13324 (This vulnerability allows remote attackers to execute arbitrary
 	NOT-FOR-US: Foxit Studio Photo
 CVE-2019-13323 (This vulnerability allows remote attackers to execute arbitrary code o ...)
 	NOT-FOR-US: Foxit Studio Photo
-CVE-2019-13322
-	RESERVED
-CVE-2019-13321
-	RESERVED
+CVE-2019-13322 (This vulnerability allows remote attackers to execute arbitrary code o ...)
+	TODO: check
+CVE-2019-13321 (This vulnerability allows network adjacent attackers to execute arbitr ...)
+	TODO: check
 CVE-2019-13320 (This vulnerability allows remote attackers to execute arbitrary code o ...)
 	NOT-FOR-US: Foxit Reader
 CVE-2019-13319 (This vulnerability allows remote attackers to execute arbitrary code o ...)
@@ -36625,8 +36625,8 @@ CVE-2019-6746 (This vulnerability allows remote attackers to disclose sensitive
 	NOT-FOR-US: Foxit Studio Photo
 CVE-2019-6745
 	REJECTED
-CVE-2019-6744
-	RESERVED
+CVE-2019-6744 (This vulnerability allows local attackers to disclose sensitive inform ...)
+	TODO: check
 CVE-2019-6743 (This vulnerability allows remote attackers to execute arbitrary code o ...)
 	NOT-FOR-US: Xiaomi Mi6 Browser
 CVE-2019-6742 (This vulnerability allows remote attackers to execute arbitrary code o ...)
@@ -36976,7 +36976,7 @@ CVE-2019-6577 (A vulnerability has been identified in SIMATIC HMI Comfort Panels
 	NOT-FOR-US: Siemens
 CVE-2019-6576 (A vulnerability has been identified in SIMATIC HMI Comfort Panels 4" - ...)
 	NOT-FOR-US: Siemens
-CVE-2019-6575 (A vulnerability has been identified in SIMATIC CP443-1 OPC UA (incl. S ...)
+CVE-2019-6575 (A vulnerability has been identified in SIMATIC CP 443-1 OPC UA (All ve ...)
 	NOT-FOR-US: Siemens
 CVE-2019-6574 (A vulnerability has been identified in SINAMICS PERFECT HARMONY GH180  ...)
 	NOT-FOR-US: Siemens
diff --git a/data/CVE/2020.list b/data/CVE/2020.list
index e36f40df31..ab0bba1739 100644
--- a/data/CVE/2020.list
+++ b/data/CVE/2020.list
@@ -1,3 +1,95 @@
+CVE-2020-8884
+	RESERVED
+CVE-2020-8883
+	RESERVED
+CVE-2020-8882
+	RESERVED
+CVE-2020-8881
+	RESERVED
+CVE-2020-8880
+	RESERVED
+CVE-2020-8879
+	RESERVED
+CVE-2020-8878
+	RESERVED
+CVE-2020-8877
+	RESERVED
+CVE-2020-8876
+	RESERVED
+CVE-2020-8875
+	RESERVED
+CVE-2020-8874
+	RESERVED
+CVE-2020-8873
+	RESERVED
+CVE-2020-8872
+	RESERVED
+CVE-2020-8871
+	RESERVED
+CVE-2020-8870
+	RESERVED
+CVE-2020-8869
+	RESERVED
+CVE-2020-8868
+	RESERVED
+CVE-2020-8867
+	RESERVED
+CVE-2020-8866
+	RESERVED
+CVE-2020-8865
+	RESERVED
+CVE-2020-8864
+	RESERVED
+CVE-2020-8863
+	RESERVED
+CVE-2020-8862
+	RESERVED
+CVE-2020-8861
+	RESERVED
+CVE-2020-8860
+	RESERVED
+CVE-2020-8859
+	RESERVED
+CVE-2020-8858
+	RESERVED
+CVE-2020-8857
+	RESERVED
+CVE-2020-8856
+	RESERVED
+CVE-2020-8855
+	RESERVED
+CVE-2020-8854
+	RESERVED
+CVE-2020-8853
+	RESERVED
+CVE-2020-8852
+	RESERVED
+CVE-2020-8851
+	RESERVED
+CVE-2020-8850
+	RESERVED
+CVE-2020-8849
+	RESERVED
+CVE-2020-8848
+	RESERVED
+CVE-2020-8847
+	RESERVED
+CVE-2020-8846
+	RESERVED
+CVE-2020-8845
+	RESERVED
+CVE-2020-8844
+	RESERVED
+CVE-2020-8843
+	RESERVED
+CVE-2020-8842
+	RESERVED
+CVE-2020-8841 (An issue was discovered in TestLink 1.9.19. The relation_type paramete ...)
+	TODO: check
+CVE-2020-8840 (FasterXML jackson-databind 2.0.0 through 2.9.10.2 lacks certain xbean- ...)
+	TODO: check
+CVE-2020-8839
+	RESERVED
 CVE-2020-8838
 	RESERVED
 CVE-2020-8837
@@ -494,8 +586,8 @@ CVE-2020-8597 (eap.c in pppd in ppp 2.4.2 through 2.4.8 has an rhostname buffer
 	{DLA-2097-1}
 	- ppp <unfixed> (bug #950618)
 	NOTE: https://github.com/paulusmack/ppp/commit/8d7970b8f3db727fe798b65f3377fe6787575426
-CVE-2020-8596
-	RESERVED
+CVE-2020-8596 (participants-database.php in the Participants Database plugin 1.9.5.5  ...)
+	TODO: check
 CVE-2020-8595
 	RESERVED
 CVE-2020-8594
@@ -859,8 +951,8 @@ CVE-2020-8431
 	RESERVED
 CVE-2020-8430
 	RESERVED
-CVE-2020-8429
-	RESERVED
+CVE-2020-8429 (The Admin web application in Kinetica 7.0.9.2.20191118151947 does not  ...)
+	TODO: check
 CVE-2020-8427
 	RESERVED
 CVE-2020-8426 (The Elementor plugin before 2.8.5 for WordPress suffers from a reflect ...)
@@ -3361,8 +3453,8 @@ CVE-2020-7219 (HashiCorp Consul and Consul Enterprise up to 1.6.2 HTTP/RPC servi
 CVE-2020-7218 (HashiCorp Nomad and Nomad Enterprise before 0.10.3 allow unbounded res ...)
 	- nomad 0.10.3+dfsg1-1
 	NOTE: https://github.com/hashicorp/nomad/issues/7002
-CVE-2020-7217
-	RESERVED
+CVE-2020-7217 (An ni_dhcp4_fsm_process_dhcp4_packet memory leak in openSUSE wicked 0. ...)
+	TODO: check
 CVE-2020-7216 (An ni_dhcp4_parse_response memory leak in openSUSE wicked 0.6.55 and e ...)
 	NOT-FOR-US: openSUSE wicked
 CVE-2020-7215 (An issue was discovered in Gallagher Command Centre 7.x before 7.90.99 ...)
@@ -5108,160 +5200,124 @@ CVE-2020-6419
 	RESERVED
 CVE-2020-6418
 	RESERVED
-CVE-2020-6417
-	RESERVED
+CVE-2020-6417 (Inappropriate implementation in installer in Google Chrome prior to 80 ...)
 	- chromium <unfixed>
 	[stretch] - chromium <end-of-life> (see DSA 4562)
-CVE-2020-6416
-	RESERVED
+CVE-2020-6416 (Insufficient data validation in streams in Google Chrome prior to 80.0 ...)
 	- chromium <unfixed>
 	[stretch] - chromium <end-of-life> (see DSA 4562)
-CVE-2020-6415
-	RESERVED
+CVE-2020-6415 (Inappropriate implementation in JavaScript in Google Chrome prior to 8 ...)
 	- chromium <unfixed>
 	[stretch] - chromium <end-of-life> (see DSA 4562)
-CVE-2020-6414
-	RESERVED
+CVE-2020-6414 (Insufficient policy enforcement in Safe Browsing in Google Chrome prio ...)
 	- chromium <unfixed>
 	[stretch] - chromium <end-of-life> (see DSA 4562)
-CVE-2020-6413
-	RESERVED
+CVE-2020-6413 (Inappropriate implementation in Blink in Google Chrome prior to 80.0.3 ...)
 	- chromium <unfixed>
 	[stretch] - chromium <end-of-life> (see DSA 4562)
-CVE-2020-6412
-	RESERVED
+CVE-2020-6412 (Insufficient validation of untrusted input in Omnibox in Google Chrome ...)
 	- chromium <unfixed>
 	[stretch] - chromium <end-of-life> (see DSA 4562)
 	- chromium <unfixed>
 	[stretch] - chromium <end-of-life> (see DSA 4562)
-CVE-2020-6411
-	RESERVED
+CVE-2020-6411 (Insufficient validation of untrusted input in Omnibox in Google Chrome ...)
 	- chromium <unfixed>
 	[stretch] - chromium <end-of-life> (see DSA 4562)
-CVE-2020-6410
-	RESERVED
+CVE-2020-6410 (Insufficient policy enforcement in navigation in Google Chrome prior t ...)
 	- chromium <unfixed>
 	[stretch] - chromium <end-of-life> (see DSA 4562)
-CVE-2020-6409
-	RESERVED
+CVE-2020-6409 (Inappropriate implementation in Omnibox in Google Chrome prior to 80.0 ...)
 	- chromium <unfixed>
 	[stretch] - chromium <end-of-life> (see DSA 4562)
-CVE-2020-6408
-	RESERVED
+CVE-2020-6408 (Insufficient policy enforcement in CORS in Google Chrome prior to 80.0 ...)
 	- chromium <unfixed>
 	[stretch] - chromium <end-of-life> (see DSA 4562)
 CVE-2020-6407
 	RESERVED
-CVE-2020-6406
-	RESERVED
+CVE-2020-6406 (Use after free in audio in Google Chrome prior to 80.0.3987.87 allowed ...)
 	- chromium <unfixed>
 	[stretch] - chromium <end-of-life> (see DSA 4562)
-CVE-2020-6405
-	RESERVED
+CVE-2020-6405 (Out of bounds read in SQLite in Google Chrome prior to 80.0.3987.87 al ...)
 	- chromium <unfixed>
 	[stretch] - chromium <end-of-life> (see DSA 4562)
-CVE-2020-6404
-	RESERVED
+CVE-2020-6404 (Inappropriate implementation in Blink in Google Chrome prior to 80.0.3 ...)
 	- chromium <unfixed>
 	[stretch] - chromium <end-of-life> (see DSA 4562)
-CVE-2020-6403
-	RESERVED
+CVE-2020-6403 (Incorrect implementation in Omnibox in Google Chrome on iOS prior to 8 ...)
 	- chromium <unfixed>
 	[stretch] - chromium <end-of-life> (see DSA 4562)
-CVE-2020-6402
-	RESERVED
+CVE-2020-6402 (Insufficient policy enforcement in downloads in Google Chrome on OS X  ...)
 	- chromium <unfixed>
 	[stretch] - chromium <end-of-life> (see DSA 4562)
-CVE-2020-6401
-	RESERVED
+CVE-2020-6401 (Insufficient validation of untrusted input in Omnibox in Google Chrome ...)
 	- chromium <unfixed>
 	[stretch] - chromium <end-of-life> (see DSA 4562)
-CVE-2020-6400
-	RESERVED
+CVE-2020-6400 (Inappropriate implementation in CORS in Google Chrome prior to 80.0.39 ...)
 	- chromium <unfixed>
 	[stretch] - chromium <end-of-life> (see DSA 4562)
-CVE-2020-6399
-	RESERVED
+CVE-2020-6399 (Insufficient policy enforcement in AppCache in Google Chrome prior to  ...)
 	- chromium <unfixed>
 	[stretch] - chromium <end-of-life> (see DSA 4562)
-CVE-2020-6398
-	RESERVED
+CVE-2020-6398 (Use of uninitialized data in PDFium in Google Chrome prior to 80.0.398 ...)
 	- chromium <unfixed>
 	[stretch] - chromium <end-of-life> (see DSA 4562)
-CVE-2020-6397
-	RESERVED
+CVE-2020-6397 (Inappropriate implementation in sharing in Google Chrome prior to 80.0 ...)
 	- chromium <unfixed>
 	[stretch] - chromium <end-of-life> (see DSA 4562)
-CVE-2020-6396
-	RESERVED
+CVE-2020-6396 (Inappropriate implementation in Skia in Google Chrome prior to 80.0.39 ...)
 	- chromium <unfixed>
 	[stretch] - chromium <end-of-life> (see DSA 4562)
-CVE-2020-6395
-	RESERVED
+CVE-2020-6395 (Out of bounds read in JavaScript in Google Chrome prior to 80.0.3987.8 ...)
 	- chromium <unfixed>
 	[stretch] - chromium <end-of-life> (see DSA 4562)
-CVE-2020-6394
-	RESERVED
+CVE-2020-6394 (Insufficient policy enforcement in Blink in Google Chrome prior to 80. ...)
 	- chromium <unfixed>
 	[stretch] - chromium <end-of-life> (see DSA 4562)
-CVE-2020-6393
-	RESERVED
+CVE-2020-6393 (Insufficient policy enforcement in Blink in Google Chrome prior to 80. ...)
 	- chromium <unfixed>
 	[stretch] - chromium <end-of-life> (see DSA 4562)
-CVE-2020-6392
-	RESERVED
+CVE-2020-6392 (Insufficient policy enforcement in extensions in Google Chrome prior t ...)
 	- chromium <unfixed>
 	[stretch] - chromium <end-of-life> (see DSA 4562)
-CVE-2020-6391
-	RESERVED
+CVE-2020-6391 (Insufficient validation of untrusted input in Blink in Google Chrome p ...)
 	- chromium <unfixed>
 	[stretch] - chromium <end-of-life> (see DSA 4562)
-CVE-2020-6390
-	RESERVED
+CVE-2020-6390 (Out of bounds memory access in streams in Google Chrome prior to 80.0. ...)
 	- chromium <unfixed>
 	[stretch] - chromium <end-of-life> (see DSA 4562)
-CVE-2020-6389
-	RESERVED
+CVE-2020-6389 (Out of bounds write in WebRTC in Google Chrome prior to 80.0.3987.87 a ...)
 	- chromium <unfixed>
 	[stretch] - chromium <end-of-life> (see DSA 4562)
-CVE-2020-6388
-	RESERVED
+CVE-2020-6388 (Out of bounds access in WebAudio in Google Chrome prior to 80.0.3987.8 ...)
 	- chromium <unfixed>
 	[stretch] - chromium <end-of-life> (see DSA 4562)
-CVE-2020-6387
-	RESERVED
+CVE-2020-6387 (Out of bounds write in WebRTC in Google Chrome prior to 80.0.3987.87 a ...)
 	- chromium <unfixed>
 	[stretch] - chromium <end-of-life> (see DSA 4562)
 CVE-2020-6386
 	RESERVED
-CVE-2020-6385
-	RESERVED
+CVE-2020-6385 (Insufficient policy enforcement in storage in Google Chrome prior to 8 ...)
 	- chromium <unfixed>
 	[stretch] - chromium <end-of-life> (see DSA 4562)
 CVE-2020-6384
 	RESERVED
 CVE-2020-6383
 	RESERVED
-CVE-2020-6382
-	RESERVED
+CVE-2020-6382 (Type confusion in JavaScript in Google Chrome prior to 80.0.3987.87 al ...)
 	- chromium <unfixed>
 	[stretch] - chromium <end-of-life> (see DSA 4562)
-CVE-2020-6381
-	RESERVED
+CVE-2020-6381 (Integer overflow in JavaScript in Google Chrome on ChromeOS and Androi ...)
 	- chromium <unfixed>
 	[stretch] - chromium <end-of-life> (see DSA 4562)
-CVE-2020-6380
-	RESERVED
+CVE-2020-6380 (Insufficient policy enforcement in extensions in Google Chrome prior t ...)
 	{DSA-4606-1}
 	- chromium 79.0.3945.130-1
 	[stretch] - chromium <end-of-life> (see DSA 4562)
-CVE-2020-6379
-	RESERVED
+CVE-2020-6379 (Use after free in V8 in Google Chrome prior to 79.0.3945.130 allowed a ...)
 	{DSA-4606-1}
 	- chromium 79.0.3945.130-1
 	[stretch] - chromium <end-of-life> (see DSA 4562)
-CVE-2020-6378
-	RESERVED
+CVE-2020-6378 (Use after free in speech in Google Chrome prior to 79.0.3945.130 allow ...)
 	{DSA-4606-1}
 	- chromium 79.0.3945.130-1
 	[stretch] - chromium <end-of-life> (see DSA 4562)
@@ -6359,30 +6415,30 @@ CVE-2020-5833
 	RESERVED
 CVE-2020-5832
 	RESERVED
-CVE-2020-5831
-	RESERVED
-CVE-2020-5830
-	RESERVED
-CVE-2020-5829
-	RESERVED
-CVE-2020-5828
-	RESERVED
-CVE-2020-5827
-	RESERVED
-CVE-2020-5826
-	RESERVED
-CVE-2020-5825
-	RESERVED
-CVE-2020-5824
-	RESERVED
-CVE-2020-5823
-	RESERVED
-CVE-2020-5822
-	RESERVED
-CVE-2020-5821
-	RESERVED
-CVE-2020-5820
-	RESERVED
+CVE-2020-5831 (Symantec Endpoint Protection Manager (SEPM), prior to 14.2 RU2 MP1, ma ...)
+	TODO: check
+CVE-2020-5830 (Symantec Endpoint Protection Manager (SEPM), prior to 14.2 RU2 MP1, ma ...)
+	TODO: check
+CVE-2020-5829 (Symantec Endpoint Protection Manager (SEPM), prior to 14.2 RU2 MP1, ma ...)
+	TODO: check
+CVE-2020-5828 (Symantec Endpoint Protection Manager (SEPM), prior to 14.2 RU2 MP1, ma ...)
+	TODO: check
+CVE-2020-5827 (Symantec Endpoint Protection Manager (SEPM), prior to 14.2 RU2 MP1, ma ...)
+	TODO: check
+CVE-2020-5826 (Symantec Endpoint Protection (SEP) and Symantec Endpoint Protection Sm ...)
+	TODO: check
+CVE-2020-5825 (Symantec Endpoint Protection (SEP) and Symantec Endpoint Protection Sm ...)
+	TODO: check
+CVE-2020-5824 (Symantec Endpoint Protection (SEP) and Symantec Endpoint Protection Sm ...)
+	TODO: check
+CVE-2020-5823 (Symantec Endpoint Protection (SEP) and Symantec Endpoint Protection Sm ...)
+	TODO: check
+CVE-2020-5822 (Symantec Endpoint Protection (SEP) and Symantec Endpoint Protection Sm ...)
+	TODO: check
+CVE-2020-5821 (Symantec Endpoint Protection (SEP) and Symantec Endpoint Protection Sm ...)
+	TODO: check
+CVE-2020-5820 (Symantec Endpoint Protection (SEP) and Symantec Endpoint Protection Sm ...)
+	TODO: check
 CVE-2020-5819
 	RESERVED
 CVE-2020-5818
@@ -6963,8 +7019,8 @@ CVE-2020-5531
 	RESERVED
 CVE-2020-5530
 	RESERVED
-CVE-2020-5529
-	RESERVED
+CVE-2020-5529 (HtmlUnit prior to 2.37.0 contains code execution vulnerabilities. Html ...)
+	TODO: check
 CVE-2020-5528 (Cross-site scripting vulnerability in Movable Type series (Movable Typ ...)
 	- movabletype-opensource <removed>
 CVE-2020-5527
@@ -10224,12 +10280,12 @@ CVE-2020-3937 (SQL Injection in SysJust Syuan-Gu-Da-Shih, versions before 201912
 	NOT-FOR-US: SysJust Syuan-Gu-Da-Shih
 CVE-2020-3936
 	RESERVED
-CVE-2020-3935
-	RESERVED
-CVE-2020-3934
-	RESERVED
-CVE-2020-3933
-	RESERVED
+CVE-2020-3935 (Secom Co. Dr.ID, a Door Access Control and Personnel Attendance Manage ...)
+	TODO: check
+CVE-2020-3934 (Secom Co. Dr.ID, a Door Access Control and Personnel Attendance Manage ...)
+	TODO: check
+CVE-2020-3933 (Secom Co. Dr.ID, a Door Access Control and Personnel Attendance Manage ...)
+	TODO: check
 CVE-2020-3932
 	RESERVED
 CVE-2020-3931
author	security tracker role <sectracker@soriano.debian.org>	2020-02-11 20:10:22 +0000
committer	security tracker role <sectracker@soriano.debian.org>	2020-02-11 20:10:22 +0000
commit	309bd12ff0a5de9faf94be75cf7a4ed573a55771 (patch)
tree	8a97e0be4b03074d169c8b98d6d8855ff13ccaec
parent	c7191eeec48d58a434428d3686aa83c0ce007a33 (diff)