automatic update

9 files changed, 112 insertions, 91 deletions

diff --git a/data/CVE/2008.list b/data/CVE/2008.list
index d0b9017dcc..f1ba0df1e4 100644
--- a/data/CVE/2008.list
+++ b/data/CVE/2008.list
@@ -8173,7 +8173,7 @@ CVE-2008-3796 (Swfdec 0.6 before 0.6.8 allows remote attackers to cause a denial
 CVE-2008-3795 (Buffer overflow in Ipswitch WS_FTP Home client allows remote FTP serve ...)
 	NOT-FOR-US: WS_FTP Home
 CVE-2008-3793
-	RESERVED
+	REJECTED
 	NOT-FOR-US: Adobe Flash Player
 CVE-2008-3792 (net/sctp/socket.c in the Stream Control Transmission Protocol (sctp) i ...)
 	{DSA-1636-1}
diff --git a/data/CVE/2010.list b/data/CVE/2010.list
index f90e975f8d..d993c4ec1b 100644
--- a/data/CVE/2010.list
+++ b/data/CVE/2010.list
@@ -1529,8 +1529,7 @@ CVE-2010-4660 (Unspecified vulnerability in statusnet through 2010 due to the wa
 	- statusnet <itp> (bug #491723)
 CVE-2010-4659 (Cross-site scripting (XSS) vulnerability in statusnet through 2010 in  ...)
 	- statusnet <itp> (bug #491723)
-CVE-2010-4658
-	RESERVED
+CVE-2010-4658 (statusnet through 2010 allows attackers to spoof syslog messages via n ...)
 	- statusnet <itp> (bug #491723)
 CVE-2010-4657 (PHP5 before 5.4.4 allows passing invalid utf-8 strings via the xmlText ...)
 	- php5 5.4.4-1 (low)
diff --git a/data/CVE/2012.list b/data/CVE/2012.list
index df4140f52f..33114bd9b4 100644
--- a/data/CVE/2012.list
+++ b/data/CVE/2012.list
@@ -12744,11 +12744,9 @@ CVE-2012-1569 (The asn1_get_length_der function in decoding.c in GNU Libtasn1 be
 	- libtasn1-3 2.12-1 (high)
 CVE-2012-1568 (The ExecShield feature in a certain Red Hat patch for the Linux kernel ...)
 	- linux-2.6 <not-affected> (execshield issue)
-CVE-2012-1567
-	RESERVED
+CVE-2012-1567 (LinuxMint as of 2012-03-19 has temporary file creation vulnerabilities ...)
 	NOT-FOR-US: LinuxMint
-CVE-2012-1566
-	RESERVED
+CVE-2012-1566 (LinuxMint as of 2012-03-19 has temporary file creation vulnerabilities ...)
 	NOT-FOR-US: LinuxMint
 CVE-2012-1565 (Unspecified vulnerability in ez Publish 4.1.4, 4.2, 4.3, 4.4, 4.5, and ...)
 	NOT-FOR-US: eZ Publish
diff --git a/data/CVE/2013.list b/data/CVE/2013.list
index e30cdb449d..36110a0979 100644
--- a/data/CVE/2013.list
+++ b/data/CVE/2013.list
@@ -8305,11 +8305,9 @@ CVE-2013-4337
 	REJECTED
 CVE-2013-4336
 	REJECTED
-CVE-2013-4335
-	RESERVED
+CVE-2013-4335 (opOpenSocialPlugin 0.8.2.1, &gt; 0.9.9.2, 0.9.13, 1.2.6: Multiple XML  ...)
 	NOT-FOR-US: opOpenSocialPlugin
-CVE-2013-4334
-	RESERVED
+CVE-2013-4334 (opWebAPIPlugin 0.5.1, 0.4.0, and 0.1.0: XXE Vulnerabilities ...)
 	NOT-FOR-US: opWebAPIPlugin
 CVE-2013-4333 (OpenPNE 3 versions 3.8.7, 3.6.11, 3.4.21.1, 3.2.7.6, 3.0.8.5 has an Ex ...)
 	NOT-FOR-US: OpenPNE
@@ -10176,12 +10174,12 @@ CVE-2013-3639 (Multiple cross-site scripting (XSS) vulnerabilities in Xaraya 2.4
 	NOT-FOR-US: Xaraya
 CVE-2013-3638 (SQL injection vulnerability in Boonex Dolphin before 7.1.3 allows remo ...)
 	TODO: check
-CVE-2013-3637
-	RESERVED
-CVE-2013-3636
-	RESERVED
-CVE-2013-3635
-	RESERVED
+CVE-2013-3637 (ProjectPier 0.8.8 does not use the Secure flag for cookies ...)
+	TODO: check
+CVE-2013-3636 (ProjectPier 0.8.8 has a Remote Information Disclosure Weakness because ...)
+	TODO: check
+CVE-2013-3635 (ProjectPier 0.8.8 has stored XSS ...)
+	TODO: check
 CVE-2013-3634 (A vulnerability has been identified in SCALANCE X-200 switch family (i ...)
 	NOT-FOR-US: Siemens switches
 CVE-2013-3633 (A vulnerability has been identified in SCALANCE X-200 switch family (i ...)
@@ -10194,10 +10192,10 @@ CVE-2013-3630 (Moodle through 2.5.2 allows remote authenticated administrators t
 	NOTE: For Moodle: Not a securiy issue according to upstream, only applicable to administrators, see bug #775842
 	NOTE: https://tracker.moodle.org/browse/MDL-41449
 	NOTE: https://community.rapid7.com/community/metasploit/blog/2013/10/30/seven-tricks-and-treats
-CVE-2013-3629
-	RESERVED
-CVE-2013-3628
-	RESERVED
+CVE-2013-3629 (ISPConfig 3.0.5.2 has Arbitrary PHP Code Execution ...)
+	TODO: check
+CVE-2013-3628 (Zabbix 2.0.9 has an Arbitrary Command Execution Vulnerability ...)
+	TODO: check
 CVE-2013-3627 (FrameworkService.exe in McAfee Framework Service in McAfee Managed Age ...)
 	NOT-FOR-US: McAfee
 CVE-2013-3626 (Directory traversal vulnerability in the Session Server in Attachmate  ...)
@@ -10270,8 +10268,8 @@ CVE-2013-3593 (Baramundi Management Suite 7.5 through 8.9 uses cleartext for (1)
 	NOT-FOR-US: Baramundi Management Suite
 CVE-2013-3592
 	RESERVED
-CVE-2013-3591
-	RESERVED
+CVE-2013-3591 (vTiger CRM 5.3 and 5.4: 'files' Upload Folder Arbitrary PHP Code Execu ...)
+	TODO: check
 CVE-2013-3590 (Unrestricted file upload vulnerability in admin/uploadImage.html in Se ...)
 	NOT-FOR-US: SearchBlox
 CVE-2013-3589 (Cross-site scripting (XSS) vulnerability in the login page in the Admi ...)
@@ -11366,8 +11364,8 @@ CVE-2013-3098 (Multiple cross-site request forgery (CSRF) vulnerabilities in TRE
 	NOT-FOR-US: TRENDnet TEW-812DRU router
 CVE-2013-3097 (Unspecified Cross-site scripting (XSS) vulnerability in the Verizon FI ...)
 	NOT-FOR-US: Verizon
-CVE-2013-3096
-	RESERVED
+CVE-2013-3096 (D-Link DIR865L v1.03 suffers from an "Unauthenticated Hardware Linking ...)
+	TODO: check
 CVE-2013-3095 (Multiple cross-site request forgery (CSRF) vulnerabilities in D-Link D ...)
 	NOT-FOR-US: D-Link
 CVE-2013-3094
@@ -11376,8 +11374,8 @@ CVE-2013-3093 (ASUS RT-N56U devices allow CSRF. ...)
 	NOT-FOR-US: ASUS RT-N56U devices
 CVE-2013-3092 (The Belkin N300 (F7D7301v1) router allows remote attackers to bypass a ...)
 	NOT-FOR-US: Belkin router
-CVE-2013-3091
-	RESERVED
+CVE-2013-3091 (An Authentication Bypass vulnerability in Belkin N300 (F7D7301v1) rout ...)
+	TODO: check
 CVE-2013-3090 (Multiple cross-site scripting (XSS) vulnerabilities in Belkin N300 rou ...)
 	NOT-FOR-US: Belkin N300 router
 CVE-2013-3089 (Cross-site request forgery (CSRF) vulnerability in apply.cgi in Belkin ...)
@@ -11431,8 +11429,8 @@ CVE-2013-3069 (Multiple cross-site scripting (XSS) vulnerabilities in NETGEAR WN
 	NOT-FOR-US: NETGEAR devices
 CVE-2013-3068 (Cross-site request forgery (CSRF) vulnerability in apply.cgi in Linksy ...)
 	NOT-FOR-US: Linksys
-CVE-2013-3067
-	RESERVED
+CVE-2013-3067 (Linksys WRT310Nv2 2.0.0.1 is vulnerable to XSS. ...)
+	TODO: check
 CVE-2013-3066 (Linksys EA6500 with firmware 1.1.28.147876 does not properly restrict  ...)
 	NOT-FOR-US: Linksys
 CVE-2013-3065 (Cross-site scripting (XSS) vulnerability in the Parental Controls sect ...)
@@ -14374,11 +14372,9 @@ CVE-2013-2011 (WordPress W3 Super Cache Plugin before 1.3.2 contains a PHP code-
 CVE-2013-2010
 	RESERVED
 	NOT-FOR-US: W3 Total Cache
-CVE-2013-2009
-	RESERVED
+CVE-2013-2009 (WordPress WP Super Cache Plugin 1.2 has Remote PHP Code Execution ...)
 	NOT-FOR-US: WP Super Cache
-CVE-2013-2008
-	RESERVED
+CVE-2013-2008 (WordPress Super Cache Plugin 1.3 has XSS. ...)
 	NOT-FOR-US: WP Super Cache
 CVE-2013-2007 (The qemu guest agent in Qemu 1.4.1 and earlier, as used by Xen, when s ...)
 	- qemu <not-affected> (qemu guest agent introduced in 1.4, vulnerable versions were only in experimental)
@@ -16897,8 +16893,8 @@ CVE-2013-1204 (Memory leak in the SNMP process in Cisco IOS XR allows remote att
 	NOT-FOR-US: Cisco IOS XR
 CVE-2013-1203 (Cisco ASA CX Context-Aware Security Software allows remote attackers t ...)
 	NOT-FOR-US: Cisco ASA
-CVE-2013-1202
-	RESERVED
+CVE-2013-1202 (Cisco ACE A2(3.6) allows log retention DoS. ...)
+	TODO: check
 CVE-2013-1201
 	RESERVED
 CVE-2013-1200 (Session fixation vulnerability in Cisco Secure Access Control System ( ...)
@@ -19586,8 +19582,7 @@ CVE-2013-0194 (Cross-site Scripting (XSS) in Piwik before 1.10.1 allows remote a
 CVE-2013-0193 (Cross-site Scripting (XSS) in Piwik before 1.10.1 allows remote attack ...)
 	- piwik <itp> (bug #506933)
 	NOTE: http://piwik.org/blog/2013/01/piwik-1-10/
-CVE-2013-0192
-	RESERVED
+CVE-2013-0192 (File Disclosure in SMF (SimpleMachines Forum) &lt;= 2.0.3: Forum admin ...)
 	NOT-FOR-US: Simple Machines Forum
 CVE-2013-0188
 	REJECTED
diff --git a/data/CVE/2014.list b/data/CVE/2014.list
index 22e6d7422e..0695cf4da3 100644
--- a/data/CVE/2014.list
+++ b/data/CVE/2014.list
@@ -2813,8 +2813,8 @@ CVE-2014-9532
 	RESERVED
 CVE-2014-9531
 	RESERVED
-CVE-2014-9530
-	RESERVED
+CVE-2014-9530 (A vulnerability exists in nw.js before 0.11.3 when calling nw methods  ...)
+	TODO: check
 CVE-2014-9528 (SQL injection vulnerability in the actionIndex function in protected/m ...)
 	NOT-FOR-US: HumHub
 CVE-2014-9527 (HSLFSlideShow in Apache POI before 3.11 allows remote attackers to cau ...)
@@ -8851,8 +8851,7 @@ CVE-2014-7226 (The file comment feature in Rejetto HTTP File Server (hfs) 2.3c a
 	NOT-FOR-US: Rejetto HTTP File Server
 CVE-2014-7225
 	RESERVED
-CVE-2014-7224
-	RESERVED
+CVE-2014-7224 (A Code Execution vulnerability exists in Android prior to 4.4.0 relate ...)
 	NOT-FOR-US: Android addJavascriptInterface
 CVE-2014-7223
 	RESERVED
@@ -10719,8 +10718,8 @@ CVE-2014-6419
 	RESERVED
 CVE-2014-6415
 	RESERVED
-CVE-2014-6413
-	RESERVED
+CVE-2014-6413 (A Cross-site Scripting (XSS) vulnerability exists in WatchGuard XTM 11 ...)
+	TODO: check
 CVE-2014-6412 (WordPress before 4.4 makes it easier for remote attackers to predict p ...)
 	- wordpress <not-affected> (Affects only Wordpress on Windows systems)
 CVE-2014-6411
@@ -12790,8 +12789,8 @@ CVE-2014-5470
 	RESERVED
 CVE-2014-5469
 	RESERVED
-CVE-2014-5468
-	RESERVED
+CVE-2014-5468 (A File Inclusion vulnerability exists in Railo 4.2.1 and earlier via a ...)
+	TODO: check
 CVE-2014-5467
 	RESERVED
 CVE-2014-5466 (Cross-site scripting (XSS) vulnerability in the Dashboard in Splunk We ...)
@@ -12869,7 +12868,7 @@ CVE-2014-5441 (Multiple cross-site scripting (XSS) vulnerabilities in app/views/
 	NOT-FOR-US: Fat Free CRM
 CVE-2014-5440 (SQL injection vulnerability in Login.aspx in MPEX Business Solutions M ...)
 	NOT-FOR-US: MX-SmartTimer
-CVE-2014-5439 (sniffit 0.3.7 and prior: A configuration file can be leveraged to exec ...)
+CVE-2014-5439 (Multiple Stack-based Buffer Overflow vulnerabilities exists in Sniffit ...)
 	{DLA-713-1}
 	- sniffit 0.3.7.beta-20 (bug #845122)
 	[jessie] - sniffit 0.3.7.beta-17+deb8u1
@@ -13255,8 +13254,8 @@ CVE-2014-5290
 	RESERVED
 CVE-2014-5289 (Buffer overflow in Senkas Kolibri 2.0 allows remote attackers to execu ...)
 	NOT-FOR-US: Senkas Kolibri
-CVE-2014-5288
-	RESERVED
+CVE-2014-5288 (A CSRF Vulnerability exists in Kemp Load Master before 7.0-18a via uns ...)
+	TODO: check
 CVE-2014-5287 (A Bash script injection vulnerability exists in Kemp Load Master 7.1-1 ...)
 	NOT-FOR-US: Kemp Load Master
 CVE-2014-5286 (The ActiveMatrix Policy Manager Authentication module in TIBCO ActiveM ...)
@@ -13275,8 +13274,8 @@ CVE-2014-5280 (boot2docker 1.2 and earlier allows attackers to conduct cross-sit
 	NOT-FOR-US: boot2docker
 CVE-2014-5279 (The Docker daemon managed by boot2docker 1.2 and earlier improperly en ...)
 	NOT-FOR-US: boot2docker
-CVE-2014-5278
-	RESERVED
+CVE-2014-5278 (A vulnerability exists in Docker before 1.2 via container names, which ...)
+	TODO: check
 CVE-2014-5277 (Docker before 1.3.1 and docker-py before 0.5.3 fall back to HTTP when  ...)
 	- docker.io 1.3.1~dfsg1-1
 	NOTE: https://groups.google.com/d/topic/docker-user/oYm0i3xShJU/discussion
@@ -13797,16 +13796,16 @@ CVE-2014-5093 (Status2k does not remove the install directory allowing credentia
 	NOT-FOR-US: Status2k
 CVE-2014-5092 (Status2k allows Remote Command Execution in admin/options/editpl.php. ...)
 	NOT-FOR-US: Status2k
-CVE-2014-5091
-	RESERVED
+CVE-2014-5091 (A vulnerability exits in Status2K 2.5 Server Monitoring Software via t ...)
+	TODO: check
 CVE-2014-5090 (admin/options/logs.php in Status2k allows remote authenticated adminis ...)
 	NOT-FOR-US: Status2k
 CVE-2014-5089 (SQL injection vulnerability in admin/options/logs.php in Status2k allo ...)
 	NOT-FOR-US: Status2k
 CVE-2014-5088 (Cross-site scripting (XSS) vulnerability in Status2k allows remote att ...)
 	NOT-FOR-US: Status2k
-CVE-2014-5087
-	RESERVED
+CVE-2014-5087 (A vulnerability exists in Sphider Search Engine prior to 1.3.6 due to  ...)
+	TODO: check
 CVE-2014-5086
 	RESERVED
 CVE-2014-5085
diff --git a/data/CVE/2017.list b/data/CVE/2017.list
index 43953bcfb2..e4979ae6f2 100644
--- a/data/CVE/2017.list
+++ b/data/CVE/2017.list
@@ -44270,13 +44270,13 @@ CVE-2017-3151 (Apache Atlas versions 0.6.0-incubating and 0.7.0-incubating were
 CVE-2017-3150 (Apache Atlas versions 0.6.0-incubating and 0.7.0-incubating use cookie ...)
 	NOT-FOR-US: Apache Atlas
 CVE-2017-3149
-	RESERVED
+	REJECTED
 CVE-2017-3148
-	RESERVED
+	REJECTED
 CVE-2017-3147
-	RESERVED
+	REJECTED
 CVE-2017-3146
-	RESERVED
+	REJECTED
 CVE-2017-3145 (BIND was improperly sequencing cleanup operations on upstream recursio ...)
 	{DSA-4089-1 DLA-1255-1}
 	- bind9 1:9.11.2.P1-1
diff --git a/data/CVE/2018.list b/data/CVE/2018.list
index 961b7c3161..40ca08a360 100644
--- a/data/CVE/2018.list
+++ b/data/CVE/2018.list
@@ -40972,7 +40972,7 @@ CVE-2018-5747 (In Long Range Zip (aka lrzip) 0.631, there is a use-after-free in
 	[wheezy] - lrzip <no-dsa> (Minor issue)
 	NOTE: https://github.com/ckolivas/lrzip/issues/90
 CVE-2018-5746
-	RESERVED
+	REJECTED
 CVE-2018-5745 ("managed-keys" is a feature which allows a BIND resolver to automatica ...)
 	{DSA-4440-1 DLA-1697-1}
 	- bind9 1:9.11.5.P4+dfsg-1 (low; bug #922954)
diff --git a/data/CVE/2019.list b/data/CVE/2019.list
index 6ff744ec3e..1250660fe9 100644
--- a/data/CVE/2019.list
+++ b/data/CVE/2019.list
@@ -1,3 +1,9 @@
+CVE-2019-20450
+	RESERVED
+CVE-2019-20449
+	RESERVED
+CVE-2019-20448
+	RESERVED
 CVE-2019-20447 (Jobberbase 2.0 has SQL injection via the PATH_INFO to the jobs-in endp ...)
 	NOT-FOR-US: Jobberbase CMS
 CVE-2019-20446 (In xml.rs in GNOME librsvg before 2.46.2, a crafted SVG file with nest ...)
@@ -3835,8 +3841,8 @@ CVE-2019-18990
 	RESERVED
 CVE-2019-18989
 	RESERVED
-CVE-2019-18988
-	RESERVED
+CVE-2019-18988 (TeamViewer Desktop through 14.7.1965 allows a bypass of remote-login a ...)
+	TODO: check
 CVE-2019-18987 (An issue was discovered in the AbuseFilter extension through 1.34 for  ...)
 	NOT-FOR-US: AbuseFilter MediaWiki extension
 CVE-2019-18986 (Pimcore before 6.2.2 allow attackers to brute-force (guess) valid user ...)
@@ -7808,8 +7814,8 @@ CVE-2019-17270 (Yachtcontrol through 2019-10-06: It's possible to perform direct
 	NOT-FOR-US: Yachtcontrol
 CVE-2019-17269 (Intellian Remote Access 3.18 allows remote attackers to execute arbitr ...)
 	NOT-FOR-US: Intellian Remote Access
-CVE-2019-17268
-	RESERVED
+CVE-2019-17268 (The omniauth-weibo-oauth2 gem 0.4.6 for Ruby, as distributed on RubyGe ...)
+	TODO: check
 CVE-2019-17267 (A Polymorphic Typing issue was discovered in FasterXML jackson-databin ...)
 	{DLA-2030-1}
 	- jackson-databind 2.10.0-1
@@ -10556,8 +10562,8 @@ CVE-2019-16157
 	RESERVED
 CVE-2019-16156
 	RESERVED
-CVE-2019-16155
-	RESERVED
+CVE-2019-16155 (A privilege escalation vulnerability in FortiClient for Linux 6.2.1 an ...)
+	TODO: check
 CVE-2019-16154 (An improper neutralization of input during web page generation in Fort ...)
 	NOT-FOR-US: FortiAuthenticator WEB UI
 CVE-2019-16153 (A hard-coded password vulnerability in the Fortinet FortiSIEM database ...)
@@ -11950,12 +11956,12 @@ CVE-2019-15608
 	RESERVED
 CVE-2019-15607 (A stored XSS vulnerability is present within node-red (version: &lt;=  ...)
 	TODO: check
-CVE-2019-15606
-	RESERVED
-CVE-2019-15605
-	RESERVED
-CVE-2019-15604
-	RESERVED
+CVE-2019-15606 (Including trailing white space in HTTP header values in Nodejs 10, 12, ...)
+	TODO: check
+CVE-2019-15605 (HTTP request smuggling in Node.js 10, 12, and 13 causes malicious payl ...)
+	TODO: check
+CVE-2019-15604 (Improper Certificate Validation in Node.js 10, 12, and 13 causes the p ...)
+	TODO: check
 CVE-2019-15603 (The seefl package v0.1.1 is vulnerable to a stored Cross-Site Scriptin ...)
 	NOT-FOR-US: seefl
 CVE-2019-15602 (The fileview package v0.1.6 has inadequate output encoding and escapin ...)
@@ -37118,7 +37124,7 @@ CVE-2019-6467 (A programming error in the nxdomain-redirect feature can cause an
 	- bind9 <not-affected> (Vulnerable code only present in 9.12 onwards)
 	NOTE: https://kb.isc.org/docs/cve-2019-6467
 CVE-2019-6466
-	RESERVED
+	REJECTED
 CVE-2019-6465 (Controls for zone transfers may not be properly applied to Dynamically ...)
 	{DSA-4440-1 DLA-1697-1}
 	- bind9 1:9.11.5.P4+dfsg-1 (low; bug #922955)
@@ -39065,35 +39071,35 @@ CVE-2019-5666 (NVIDIA Windows GPU Display Driver contains a vulnerability in the
 CVE-2019-5665 (NVIDIA Windows GPU Display driver contains a vulnerability in the 3D v ...)
 	NOT-FOR-US: Nvidia drivers on Windows
 CVE-2019-5664
-	RESERVED
+	REJECTED
 CVE-2019-5663
-	RESERVED
+	REJECTED
 CVE-2019-5662
-	RESERVED
+	REJECTED
 CVE-2019-5661
-	RESERVED
+	REJECTED
 CVE-2019-5660
-	RESERVED
+	REJECTED
 CVE-2019-5659
-	RESERVED
+	REJECTED
 CVE-2019-5658
-	RESERVED
+	REJECTED
 CVE-2019-5657
-	RESERVED
+	REJECTED
 CVE-2019-5656
-	RESERVED
+	REJECTED
 CVE-2019-5655
-	RESERVED
+	REJECTED
 CVE-2019-5654
-	RESERVED
+	REJECTED
 CVE-2019-5653
-	RESERVED
+	REJECTED
 CVE-2019-5652
-	RESERVED
+	REJECTED
 CVE-2019-5651
-	RESERVED
+	REJECTED
 CVE-2019-5650
-	RESERVED
+	REJECTED
 CVE-2019-5649
 	RESERVED
 CVE-2019-5648
diff --git a/data/CVE/2020.list b/data/CVE/2020.list
index b41b742cf5..ab611646be 100644
--- a/data/CVE/2020.list
+++ b/data/CVE/2020.list
@@ -1,3 +1,27 @@
+CVE-2020-8794
+	RESERVED
+CVE-2020-8793
+	RESERVED
+CVE-2020-8792
+	RESERVED
+CVE-2020-8791
+	RESERVED
+CVE-2020-8790
+	RESERVED
+CVE-2020-8789
+	RESERVED
+CVE-2020-8788 (Synaptive Medical ClearCanvas ImageServer 3.0 Alpha allows XSS (and HT ...)
+	TODO: check
+CVE-2020-8787
+	RESERVED
+CVE-2020-8786
+	RESERVED
+CVE-2020-8785
+	RESERVED
+CVE-2020-8784
+	RESERVED
+CVE-2020-8783
+	RESERVED
 CVE-2020-8782
 	RESERVED
 CVE-2020-8781
@@ -1356,8 +1380,8 @@ CVE-2020-8128
 	RESERVED
 CVE-2020-8127
 	RESERVED
-CVE-2020-8126
-	RESERVED
+CVE-2020-8126 (A privilege escalation in the EdgeSwitch prior to version 1.7.1, an CG ...)
+	TODO: check
 CVE-2020-8125 (Flaw in input validation in npm package klona version 1.1.0 and earlie ...)
 	NOT-FOR-US: klona node module
 CVE-2020-8124 (Insufficient validation and sanitization of user input exists in url-p ...)
@@ -14475,8 +14499,8 @@ CVE-2020-1770
 	RESERVED
 CVE-2020-1769
 	RESERVED
-CVE-2020-1768
-	RESERVED
+CVE-2020-1768 (The external frontend system uses numerous background calls to the bac ...)
+	TODO: check
 CVE-2020-1767 (Agent A is able to save a draft (i.e. for customer reply). Then Agent  ...)
 	{DLA-2079-1}
 	- otrs2 6.0.25-1