automatic update

5 files changed, 292 insertions, 142 deletions

diff --git a/data/CVE/2002.list b/data/CVE/2002.list
index 2b0f691bc5..ef12b5a165 100644
--- a/data/CVE/2002.list
+++ b/data/CVE/2002.list
@@ -22,8 +22,7 @@ CVE-2002-2441
 	RESERVED
 CVE-2002-2440
 	RESERVED
-CVE-2002-2439
-	RESERVED
+CVE-2002-2439 (Integer overflow in the new[] operator in gcc before 4.8.0 allows atta ...)
 	- gcc-4.1 <removed>
 	[squeeze] - gcc-4.1 <no-dsa> (Potentially affected apps need to be recompiled, if such issues are spotted in apps, these cases can be fixed on a case-by-case basis)
 	- gcc-4.3 <removed>
diff --git a/data/CVE/2013.list b/data/CVE/2013.list
index 0d5fc34e35..655b937618 100644
--- a/data/CVE/2013.list
+++ b/data/CVE/2013.list
@@ -488,8 +488,8 @@ CVE-2013-7335 (Open redirect vulnerability in DotNetNuke (DNN) before 6.2.9 and
 	NOT-FOR-US: DotNetNuke
 CVE-2013-7334 (Cross-site request forgery (CSRF) vulnerability in ImageCMS before 4.2 ...)
 	NOT-FOR-US: ImageCMS
-CVE-2013-7333
-	RESERVED
+CVE-2013-7333 (A vulnerability in version 0.90 of the Open Floodlight SDN controller  ...)
+	TODO: check
 CVE-2013-7332 (The Microsoft.XMLDOM ActiveX control in Microsoft Windows 8.1 and earl ...)
 	NOT-FOR-US: Microsoft Windows
 CVE-2013-7331 (The Microsoft.XMLDOM ActiveX control in Microsoft Windows 8.1 and earl ...)
diff --git a/data/CVE/2014.list b/data/CVE/2014.list
index 10cd94fefe..f5032f2cbf 100644
--- a/data/CVE/2014.list
+++ b/data/CVE/2014.list
@@ -21156,8 +21156,8 @@ CVE-2014-2306
 	RESERVED
 CVE-2014-2305
 	RESERVED
-CVE-2014-2304
-	RESERVED
+CVE-2014-2304 (A vulnerability in version 0.90 of the Open Floodlight SDN controller  ...)
+	TODO: check
 CVE-2014-2303 (Multiple SQL injection vulnerabilities in the file browser component ( ...)
 	NOT-FOR-US: webEdition CMS
 CVE-2014-2302 (The installer script in webEdition CMS before 6.2.7-s1 and 6.3.x befor ...)
diff --git a/data/CVE/2015.list b/data/CVE/2015.list
index 2b31c2c623..ec56df0df2 100644
--- a/data/CVE/2015.list
+++ b/data/CVE/2015.list
@@ -1,73 +1,73 @@
-CVE-2015-9536
-	RESERVED
-CVE-2015-9535
-	RESERVED
-CVE-2015-9534
-	RESERVED
-CVE-2015-9533
-	RESERVED
-CVE-2015-9532
-	RESERVED
-CVE-2015-9531
-	RESERVED
-CVE-2015-9530
-	RESERVED
-CVE-2015-9529
-	RESERVED
-CVE-2015-9528
-	RESERVED
-CVE-2015-9527
-	RESERVED
-CVE-2015-9526
-	RESERVED
-CVE-2015-9525
-	RESERVED
-CVE-2015-9524
-	RESERVED
-CVE-2015-9523
-	RESERVED
-CVE-2015-9522
-	RESERVED
-CVE-2015-9521
-	RESERVED
-CVE-2015-9520
-	RESERVED
-CVE-2015-9519
-	RESERVED
-CVE-2015-9518
-	RESERVED
-CVE-2015-9517
-	RESERVED
-CVE-2015-9516
-	RESERVED
-CVE-2015-9515
-	RESERVED
-CVE-2015-9514
-	RESERVED
-CVE-2015-9513
-	RESERVED
-CVE-2015-9512
-	RESERVED
-CVE-2015-9511
-	RESERVED
-CVE-2015-9510
-	RESERVED
-CVE-2015-9509
-	RESERVED
-CVE-2015-9508
-	RESERVED
-CVE-2015-9507
-	RESERVED
-CVE-2015-9506
-	RESERVED
-CVE-2015-9505
-	RESERVED
-CVE-2015-9504
-	RESERVED
-CVE-2015-9503
-	RESERVED
-CVE-2015-9502
-	RESERVED
+CVE-2015-9536 (The Easy Digital Downloads (EDD) Twenty-Twelve theme for WordPress, as ...)
+	TODO: check
+CVE-2015-9535 (The Easy Digital Downloads (EDD) Shoppette theme for WordPress, as use ...)
+	TODO: check
+CVE-2015-9534 (The Easy Digital Downloads (EDD) Quota theme for WordPress, as used wi ...)
+	TODO: check
+CVE-2015-9533 (The Easy Digital Downloads (EDD) Lattice theme for WordPress, as used  ...)
+	TODO: check
+CVE-2015-9532 (The Easy Digital Downloads (EDD) Digital Store theme for WordPress, as ...)
+	TODO: check
+CVE-2015-9531 (The Easy Digital Downloads (EDD) Wish Lists extension for WordPress, a ...)
+	TODO: check
+CVE-2015-9530 (The Easy Digital Downloads (EDD) Upload File extension for WordPress,  ...)
+	TODO: check
+CVE-2015-9529 (The Easy Digital Downloads (EDD) Stripe extension for WordPress, as us ...)
+	TODO: check
+CVE-2015-9528 (The Easy Digital Downloads (EDD) Software Licensing extension for Word ...)
+	TODO: check
+CVE-2015-9527 (The Easy Digital Downloads (EDD) Simple Shipping extension for WordPre ...)
+	TODO: check
+CVE-2015-9526 (The Easy Digital Downloads (EDD) Reviews extension for WordPress, as u ...)
+	TODO: check
+CVE-2015-9525 (The Easy Digital Downloads (EDD) Recurring Payments extension for Word ...)
+	TODO: check
+CVE-2015-9524 (The Easy Digital Downloads (EDD) Recount Earnings extension for WordPr ...)
+	TODO: check
+CVE-2015-9523 (The Easy Digital Downloads (EDD) Recommended Products extension for Wo ...)
+	TODO: check
+CVE-2015-9522 (The Easy Digital Downloads (EDD) QR Code extension for WordPress, as u ...)
+	TODO: check
+CVE-2015-9521 (The Easy Digital Downloads (EDD) Pushover Notifications extension for  ...)
+	TODO: check
+CVE-2015-9520 (The Easy Digital Downloads (EDD) Per Product Emails extension for Word ...)
+	TODO: check
+CVE-2015-9519 (The Easy Digital Downloads (EDD) PDF Stamper extension for WordPress,  ...)
+	TODO: check
+CVE-2015-9518 (The Easy Digital Downloads (EDD) PDF Invoices extension for WordPress, ...)
+	TODO: check
+CVE-2015-9517 (The Easy Digital Downloads (EDD) Manual Purchases extension for WordPr ...)
+	TODO: check
+CVE-2015-9516 (The Easy Digital Downloads (EDD) Invoices extension for WordPress, as  ...)
+	TODO: check
+CVE-2015-9515 (The Easy Digital Downloads (EDD) htaccess Editor extension for WordPre ...)
+	TODO: check
+CVE-2015-9514 (The Easy Digital Downloads (EDD) Free Downloads extension for WordPres ...)
+	TODO: check
+CVE-2015-9513 (The Easy Digital Downloads (EDD) Favorites extension for WordPress, as ...)
+	TODO: check
+CVE-2015-9512 (The Easy Digital Downloads (EDD) CSV Manager extension for WordPress,  ...)
+	TODO: check
+CVE-2015-9511 (The Easy Digital Downloads (EDD) Conditional Success Redirects extensi ...)
+	TODO: check
+CVE-2015-9510 (The Easy Digital Downloads (EDD) Cross-sell Upsell extension for WordP ...)
+	TODO: check
+CVE-2015-9509 (The Easy Digital Downloads (EDD) Content Restriction extension for Wor ...)
+	TODO: check
+CVE-2015-9508 (The Easy Digital Downloads (EDD) Commissions extension for WordPress,  ...)
+	TODO: check
+CVE-2015-9507 (The Easy Digital Downloads (EDD) Attach Accounts to Orders extension f ...)
+	TODO: check
+CVE-2015-9506 (The Easy Digital Downloads (EDD) Amazon S3 extension for WordPress, as ...)
+	TODO: check
+CVE-2015-9505 (The Easy Digital Downloads (EDD) core component 1.8.x before 1.8.7, 1. ...)
+	TODO: check
+CVE-2015-9504 (The weeklynews theme before 2.2.9 for WordPress has XSS via the s para ...)
+	TODO: check
+CVE-2015-9503 (The Modern theme before 1.4.2 for WordPress has XSS via the genericons ...)
+	TODO: check
+CVE-2015-9502 (The Auberge theme before 1.4.5 for WordPress has XSS via the genericon ...)
+	TODO: check
 CVE-2015-9501 (The Artificial Intelligence theme before 1.2.4 for WordPress has XSS b ...)
 	NOT-FOR-US: Wordpress plugin
 CVE-2015-9500 (The Exquisite Ultimate Newspaper theme 1.3.3 for WordPress has XSS via ...)
diff --git a/data/CVE/2019.list b/data/CVE/2019.list
index 394ae3d967..cdbac6f866 100644
--- a/data/CVE/2019.list
+++ b/data/CVE/2019.list
@@ -1,3 +1,171 @@
+CVE-2019-18359 (A buffer over-read was discovered in ReadMP3APETag in apetag.c in MP3G ...)
+	TODO: check
+CVE-2019-18358
+	RESERVED
+CVE-2019-18357 (An XSS issue was discovered in Thycotic Secret Server before 10.7 (iss ...)
+	TODO: check
+CVE-2019-18356 (An XSS issue was discovered in Thycotic Secret Server before 10.7 (iss ...)
+	TODO: check
+CVE-2019-18355 (An SSRF issue was discovered in the legacy Web launcher in Thycotic Se ...)
+	TODO: check
+CVE-2019-18354
+	RESERVED
+CVE-2019-18353
+	RESERVED
+CVE-2019-18352
+	RESERVED
+CVE-2019-18351
+	RESERVED
+CVE-2019-18350 (In Ant Design Pro 4.0.0, reflected XSS in the user/login redirect GET  ...)
+	TODO: check
+CVE-2019-18349
+	RESERVED
+CVE-2019-18348 (An issue was discovered in urllib2 in Python 2.x through 2.7.17 and ur ...)
+	TODO: check
+CVE-2019-18347
+	RESERVED
+CVE-2019-18346
+	RESERVED
+CVE-2019-18345
+	RESERVED
+CVE-2019-18344 (Sourcecodester Online Grading System 1.0 is vulnerable to unauthentica ...)
+	TODO: check
+CVE-2019-18343
+	RESERVED
+CVE-2019-18342
+	RESERVED
+CVE-2019-18341
+	RESERVED
+CVE-2019-18340
+	RESERVED
+CVE-2019-18339
+	RESERVED
+CVE-2019-18338
+	RESERVED
+CVE-2019-18337
+	RESERVED
+CVE-2019-18336
+	RESERVED
+CVE-2019-18335
+	RESERVED
+CVE-2019-18334
+	RESERVED
+CVE-2019-18333
+	RESERVED
+CVE-2019-18332
+	RESERVED
+CVE-2019-18331
+	RESERVED
+CVE-2019-18330
+	RESERVED
+CVE-2019-18329
+	RESERVED
+CVE-2019-18328
+	RESERVED
+CVE-2019-18327
+	RESERVED
+CVE-2019-18326
+	RESERVED
+CVE-2019-18325
+	RESERVED
+CVE-2019-18324
+	RESERVED
+CVE-2019-18323
+	RESERVED
+CVE-2019-18322
+	RESERVED
+CVE-2019-18321
+	RESERVED
+CVE-2019-18320
+	RESERVED
+CVE-2019-18319
+	RESERVED
+CVE-2019-18318
+	RESERVED
+CVE-2019-18317
+	RESERVED
+CVE-2019-18316
+	RESERVED
+CVE-2019-18315
+	RESERVED
+CVE-2019-18314
+	RESERVED
+CVE-2019-18313
+	RESERVED
+CVE-2019-18312
+	RESERVED
+CVE-2019-18311
+	RESERVED
+CVE-2019-18310
+	RESERVED
+CVE-2019-18309
+	RESERVED
+CVE-2019-18308
+	RESERVED
+CVE-2019-18307
+	RESERVED
+CVE-2019-18306
+	RESERVED
+CVE-2019-18305
+	RESERVED
+CVE-2019-18304
+	RESERVED
+CVE-2019-18303
+	RESERVED
+CVE-2019-18302
+	RESERVED
+CVE-2019-18301
+	RESERVED
+CVE-2019-18300
+	RESERVED
+CVE-2019-18299
+	RESERVED
+CVE-2019-18298
+	RESERVED
+CVE-2019-18297
+	RESERVED
+CVE-2019-18296
+	RESERVED
+CVE-2019-18295
+	RESERVED
+CVE-2019-18294
+	RESERVED
+CVE-2019-18293
+	RESERVED
+CVE-2019-18292
+	RESERVED
+CVE-2019-18291
+	RESERVED
+CVE-2019-18290
+	RESERVED
+CVE-2019-18289
+	RESERVED
+CVE-2019-18288
+	RESERVED
+CVE-2019-18287
+	RESERVED
+CVE-2019-18286
+	RESERVED
+CVE-2019-18285
+	RESERVED
+CVE-2019-18284
+	RESERVED
+CVE-2019-18283
+	RESERVED
+CVE-2019-18282
+	RESERVED
+CVE-2019-18281 (An out-of-bounds memory access in the generateDirectionalRuns() functi ...)
+	TODO: check
+CVE-2019-18280 (Sourcecodester Online Grading System 1.0 is affected by a Cross Site R ...)
+	TODO: check
+CVE-2019-18279
+	RESERVED
+CVE-2019-18278 (When executing VideoLAN VLC media player 3.0.8 with libqt on Windows,  ...)
+	TODO: check
+CVE-2019-18277 (A flaw was found in HAProxy before 2.0.6. In legacy mode, messages fea ...)
+	TODO: check
+CVE-2019-18276
+	RESERVED
 CVE-2019-18275
 	RESERVED
 CVE-2019-18274
@@ -112,10 +280,10 @@ CVE-2019-18222
 	RESERVED
 CVE-2019-18221
 	RESERVED
-CVE-2019-18220
-	RESERVED
-CVE-2019-18219
-	RESERVED
+CVE-2019-18220 (Sitemagic CMS 4.4.1 is affected by a Cross-Site-Request-Forgery (CSRF) ...)
+	TODO: check
+CVE-2019-18219 (Sitemagic CMS 4.4.1 is affected by a Cross-Site-Scripting (XSS) vulner ...)
+	TODO: check
 CVE-2019-18218 (cdf_read_property_info in cdf.c in file through 5.37 does not restrict ...)
 	- file 1:5.37-6 (bug #942830)
 	NOTE: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=16780
@@ -1376,8 +1544,8 @@ CVE-2019-17608 (HongCMS 3.0.0 has XSS via the install/index.php dbname parameter
 	NOT-FOR-US: HongCMS
 CVE-2019-17607 (HongCMS 3.0.0 has XSS via the install/index.php servername parameter. ...)
 	NOT-FOR-US: HongCMS
-CVE-2019-17606
-	RESERVED
+CVE-2019-17606 (The Post editor functionality in the hexo-admin plugin versions 2.3.0  ...)
+	TODO: check
 CVE-2019-17605
 	RESERVED
 CVE-2019-17604
@@ -2506,8 +2674,8 @@ CVE-2019-17095
 	RESERVED
 CVE-2019-17094
 	RESERVED
-CVE-2019-17093
-	RESERVED
+CVE-2019-17093 (An issue was discovered in Avast antivirus before 19.8 and AVG antivir ...)
+	TODO: check
 CVE-2019-17092 (An XSS vulnerability in project list in OpenProject before 9.0.4 and 1 ...)
 	NOT-FOR-US: OpenProject
 CVE-2019-17091 (faces/context/PartialViewContextImpl.java in Eclipse Mojarra, as used  ...)
@@ -2775,12 +2943,12 @@ CVE-2019-16979 (In FusionPBX up to v4.5.7, the file app\contacts\contact_urls.ph
 	NOT-FOR-US: FusionPBX
 CVE-2019-16978 (In FusionPBX up to v4.5.7, the file app\devices\device_settings.php us ...)
 	NOT-FOR-US: FusionPBX
-CVE-2019-16977
-	RESERVED
-CVE-2019-16976
-	RESERVED
-CVE-2019-16975
-	RESERVED
+CVE-2019-16977 (In FusionPBX up to 4.5.7, the file app\extensions\extension_imports.ph ...)
+	TODO: check
+CVE-2019-16976 (In FusionPBX up to 4.5.7, the file app\destinations\destination_import ...)
+	TODO: check
+CVE-2019-16975 (In FusionPBX up to 4.5.7, the file app\contacts\contact_notes.php uses ...)
+	TODO: check
 CVE-2019-16974 (In FusionPBX up to 4.5.7, the file app\contacts\contact_times.php uses ...)
 	NOT-FOR-US: FusionPBX
 CVE-2019-16973 (In FusionPBX up to 4.5.7, the file app\contacts\contact_edit.php uses  ...)
@@ -9351,8 +9519,8 @@ CVE-2019-14278 (In Knowage through 6.1.1, an unauthenticated user can enumerated
 	NOT-FOR-US: Knowage
 CVE-2019-14277 (** DISPUTED ** Axway SecureTransport 5.x through 5.3 (or 5.x through 5 ...)
 	NOT-FOR-US: Axway SecureTransport
-CVE-2019-14276
-	RESERVED
+CVE-2019-14276 (WUSTL XNAT 1.7.5.3 allows XXE attacks via a POST request body. ...)
+	TODO: check
 CVE-2019-14275 (Xfig fig2dev 3.2.7a has a stack-based buffer overflow in the calc_arro ...)
 	- fig2dev 1:3.2.7a-7 (unimportant; bug #933075)
 	[buster] - fig2dev 1:3.2.7a-5+deb10u1
@@ -15242,8 +15410,8 @@ CVE-2019-11935
 	RESERVED
 CVE-2019-11934
 	RESERVED
-CVE-2019-11933
-	RESERVED
+CVE-2019-11933 (A heap buffer overflow bug in libpl_droidsonroids_gif before 1.2.19, a ...)
+	TODO: check
 CVE-2019-11932 (A double free vulnerability in the DDGifSlurp function in decoding.c i ...)
 	NOT-FOR-US: libpl_droidsonroids_gif
 CVE-2019-11931
@@ -17086,10 +17254,10 @@ CVE-2019-11285
 	RESERVED
 CVE-2019-11284 (Pivotal Reactor Netty, versions prior to 0.8.11, passes headers throug ...)
 	NOT-FOR-US: Pivotal
-CVE-2019-11283
-	RESERVED
-CVE-2019-11282
-	RESERVED
+CVE-2019-11283 (Cloud Foundry SMB Volume, versions prior to v2.0.3, accidentally outpu ...)
+	TODO: check
+CVE-2019-11282 (Cloud Foundry UAA, versions prior to v74.3.0, contains an endpoint tha ...)
+	TODO: check
 CVE-2019-11281 (Pivotal RabbitMQ, versions prior to v3.7.18, and RabbitMQ for PCF, ver ...)
 	- rabbitmq-server 3.7.18-1 (low)
 	[jessie] - rabbitmq-server <no-dsa> (Minor issue; one plugin not vulnerable, the other only exploitable by malicious admin)
@@ -19170,58 +19338,41 @@ CVE-2019-10478 (An issue was discovered on Glory RBW-100 devices with firmware I
 	NOT-FOR-US: Glory RBW-100 devices
 CVE-2019-10477 (The FusionInventory plugin before 1.4 for GLPI 9.3.x and before 1.1 fo ...)
 	NOT-FOR-US: GLPI plugin
-CVE-2019-10476
-	RESERVED
-CVE-2019-10475
-	RESERVED
+CVE-2019-10476 (Jenkins Zulip Plugin 1.1.0 and earlier stored credentials unencrypted  ...)
+	TODO: check
+CVE-2019-10475 (A reflected cross-site scripting vulnerability in Jenkins build-metric ...)
 	NOT-FOR-US: Jenkins plugin
-CVE-2019-10474
-	RESERVED
+CVE-2019-10474 (A missing permission check in Jenkins Global Post Script Plugin in all ...)
 	NOT-FOR-US: Jenkins plugin
-CVE-2019-10473
-	RESERVED
+CVE-2019-10473 (A missing permission check in Jenkins Libvirt Slaves Plugin in form-re ...)
 	NOT-FOR-US: Jenkins plugin
-CVE-2019-10472
-	RESERVED
+CVE-2019-10472 (A missing permission check in Jenkins Libvirt Slaves Plugin allows att ...)
 	NOT-FOR-US: Jenkins plugin
-CVE-2019-10471
-	RESERVED
+CVE-2019-10471 (A cross-site request forgery vulnerability in Jenkins Libvirt Slaves P ...)
 	NOT-FOR-US: Jenkins plugin
-CVE-2019-10470
-	RESERVED
+CVE-2019-10470 (A missing permission check in Jenkins ElasticBox Jenkins Kubernetes CI ...)
 	NOT-FOR-US: Jenkins plugin
-CVE-2019-10469
-	RESERVED
+CVE-2019-10469 (A missing permission check in Jenkins ElasticBox Jenkins Kubernetes CI ...)
 	NOT-FOR-US: Jenkins plugin
-CVE-2019-10468
-	RESERVED
+CVE-2019-10468 (A cross-site request forgery vulnerability in Jenkins ElasticBox Jenki ...)
 	NOT-FOR-US: Jenkins plugin
-CVE-2019-10467
-	RESERVED
+CVE-2019-10467 (Jenkins Sonar Gerrit Plugin stores credentials unencrypted in job conf ...)
 	NOT-FOR-US: Jenkins plugin
-CVE-2019-10466
-	RESERVED
+CVE-2019-10466 (An XML external entities (XXE) vulnerability in Jenkins 360 FireLine P ...)
 	NOT-FOR-US: Jenkins plugin
-CVE-2019-10465
-	RESERVED
+CVE-2019-10465 (A missing permission check in Jenkins Deploy WebLogic Plugin allows at ...)
 	NOT-FOR-US: Jenkins plugin
-CVE-2019-10464
-	RESERVED
+CVE-2019-10464 (A cross-site request forgery vulnerability in Jenkins Deploy WebLogic  ...)
 	NOT-FOR-US: Jenkins plugin
-CVE-2019-10463
-	RESERVED
+CVE-2019-10463 (A missing permission check in Jenkins Dynatrace Application Monitoring ...)
 	NOT-FOR-US: Jenkins plugin
-CVE-2019-10462
-	RESERVED
+CVE-2019-10462 (A cross-site request forgery vulnerability in Jenkins Dynatrace Applic ...)
 	NOT-FOR-US: Jenkins plugin
-CVE-2019-10461
-	RESERVED
+CVE-2019-10461 (Jenkins Dynatrace Application Monitoring Plugin 2.1.3 and earlier stor ...)
 	NOT-FOR-US: Jenkins plugin
-CVE-2019-10460
-	RESERVED
+CVE-2019-10460 (Jenkins Bitbucket OAuth Plugin 0.9 and earlier stored credentials unen ...)
 	NOT-FOR-US: Jenkins plugin
-CVE-2019-10459
-	RESERVED
+CVE-2019-10459 (Jenkins Mattermost Notification Plugin 2.7.0 and earlier stored webhoo ...)
 	NOT-FOR-US: Jenkins plugin
 CVE-2019-10458 (Jenkins Puppet Enterprise Pipeline 1.3.1 and earlier specifies unsafe  ...)
 	NOT-FOR-US: Jenkins plugin
@@ -22589,10 +22740,10 @@ CVE-2019-9599 (The AirDroid application through 4.2.1.6 for Android allows remot
 	NOT-FOR-US: AirDroid application for Android
 CVE-2019-9598 (An issue was discovered in Cscms 4.1.0. There is an admin.php/pay CSRF ...)
 	NOT-FOR-US: Cscms
-CVE-2019-9597
-	RESERVED
-CVE-2019-9596
-	RESERVED
+CVE-2019-9597 (Darktrace Enterprise Immune System before 3.1 allows CSRF via the /con ...)
+	TODO: check
+CVE-2019-9596 (Darktrace Enterprise Immune System before 3.1 allows CSRF via the /whi ...)
+	TODO: check
 CVE-2019-9595 (AppCMS 2.0.101 allows XSS via the upload/callback.php params parameter ...)
 	NOT-FOR-US: AppCMS
 CVE-2019-9594 (BlueCMS 1.6 allows SQL Injection via the user_id parameter in an uploa ...)
@@ -31099,8 +31250,8 @@ CVE-2019-6146
 	RESERVED
 CVE-2019-6145 (Forcepoint VPN Client for Windows versions lower than 6.6.1 have an un ...)
 	NOT-FOR-US: Forcepoint
-CVE-2019-6144
-	RESERVED
+CVE-2019-6144 (This vulnerability allows a normal (non-admin) user to disable the For ...)
+	TODO: check
 CVE-2019-6143 (Forcepoint Next Generation Firewall (Forcepoint NGFW) 6.4.x before 6.4 ...)
 	NOT-FOR-US: Forcepoint Next Generation Firewall (Forcepoint NGFW)
 CVE-2019-6142
@@ -35883,8 +36034,8 @@ CVE-2019-3984
 	RESERVED
 CVE-2019-3983
 	RESERVED
-CVE-2019-3982
-	RESERVED
+CVE-2019-3982 (Nessus versions 8.6.0 and earlier were found to contain a Denial of Se ...)
+	TODO: check
 CVE-2019-3981
 	RESERVED
 CVE-2019-3980 (The Solarwinds Dameware Mini Remote Client agent v12.1.0.89 supports s ...)