automatic update

6 files changed, 147 insertions, 114 deletions

diff --git a/data/CVE/2011.list b/data/CVE/2011.list
index bb806e5f57..41d4f382e9 100644
--- a/data/CVE/2011.list
+++ b/data/CVE/2011.list
@@ -1836,8 +1836,8 @@ CVE-2011-4539 (dhcpd in ISC DHCP 4.x before 4.2.3-P1 and 4.1-ESV before 4.1-ESV-
 	{DSA-2519-2 DSA-2519-1}
 	- dhcp3 <not-affected> (Only affects DHCP 4.x)
 	- isc-dhcp 4.2.2.dfsg.1-5 (bug #652259; low)
-CVE-2011-4538
-	RESERVED
+CVE-2011-4538 (Lexmark X, W, T, E, and C devices before 2012-02-09 allow attackers to ...)
+	TODO: check
 CVE-2011-4537 (Multiple buffer overflows in 7-Technologies (7T) Interactive Graphical ...)
 	NOT-FOR-US: 7-Technologies IGSS
 CVE-2011-4536 (Heap-based buffer overflow in nettransdll.dll in HistorySvr.exe (aka H ...)
@@ -5148,8 +5148,8 @@ CVE-2011-3271 (Unspecified vulnerability in the Smart Install functionality in C
 	NOT-FOR-US: Cisco
 CVE-2011-3270 (Unspecified vulnerability in Cisco IOS 12.2SB before 12.2(33)SB10 and  ...)
 	NOT-FOR-US: Cisco
-CVE-2011-3269
-	RESERVED
+CVE-2011-3269 (Lexmark X, W, T, E, C, 6500e, and 25xxN devices before 2011-11-15 allo ...)
+	TODO: check
 CVE-2011-3268 (Buffer overflow in the crypt function in PHP before 5.3.7 allows conte ...)
 	- php5 5.3.8-1
 	[squeeze] - php5 <not-affected> (Only affected 5.3.7)
diff --git a/data/CVE/2014.list b/data/CVE/2014.list
index 6a94360370..f235d0b2c1 100644
--- a/data/CVE/2014.list
+++ b/data/CVE/2014.list
@@ -22869,8 +22869,8 @@ CVE-2014-1636 (Multiple SQL injection vulnerabilities in Command School Student
 	NOT-FOR-US: Command School Student Management System
 CVE-2014-1635 (Buffer overflow in login.cgi in MiniHttpd in Belkin N750 Router with f ...)
 	NOT-FOR-US: Belkin router
-CVE-2014-1634
-	RESERVED
+CVE-2014-1634 (SQL Injection exists in Advanced Newsletter Magento extension before 2 ...)
+	TODO: check
 CVE-2014-1633
 	RESERVED
 CVE-2014-1632 (htdocs/setup/index.php in Eventum before 2.3.5 allows remote attackers ...)
diff --git a/data/CVE/2015.list b/data/CVE/2015.list
index af3c27b2ae..a754301dfd 100644
--- a/data/CVE/2015.list
+++ b/data/CVE/2015.list
@@ -4922,8 +4922,8 @@ CVE-2015-7969 (Multiple memory leaks in Xen 4.0 through 4.6.x allow local guest
 	[squeeze] - xen <end-of-life> (not supported in squeeze-lts)
 	NOTE: http://xenbits.xen.org/xsa/advisory-149.html
 	NOTE: http://xenbits.xen.org/xsa/advisory-151.html
-CVE-2015-7968
-	RESERVED
+CVE-2015-7968 (nwbc_ext2int in SAP NetWeaver Application Server before Security Note  ...)
+	TODO: check
 CVE-2015-7967 (SafeNet Authentication Service for Citrix Web Interface Agent uses a w ...)
 	NOT-FOR-US: SafeNet Authentication Service
 CVE-2015-7966 (SafeNet Authentication Service Windows Logon Agent uses a weak ACL for ...)
@@ -6759,20 +6759,20 @@ CVE-2015-7346 (SQL injection vulnerability in ZCMS 1.1. ...)
 	NOT-FOR-US: ZCMS
 CVE-2015-7345
 	RESERVED
-CVE-2015-7344
-	RESERVED
-CVE-2015-7343
-	RESERVED
-CVE-2015-7342
-	RESERVED
-CVE-2015-7341
-	RESERVED
-CVE-2015-7340
-	RESERVED
-CVE-2015-7339
-	RESERVED
-CVE-2015-7338
-	RESERVED
+CVE-2015-7344 (HikaShop Joomla Component before 2.6.0 has XSS via an injected payload ...)
+	TODO: check
+CVE-2015-7343 (JNews Joomla Component before 8.5.0 has XSS via the mailingsearch para ...)
+	TODO: check
+CVE-2015-7342 (JNews Joomla Component before 8.5.0 allows SQL injection via upload th ...)
+	TODO: check
+CVE-2015-7341 (JNews Joomla Component before 8.5.0 allows arbitrary File Upload via S ...)
+	TODO: check
+CVE-2015-7340 (JEvents Joomla Component before 3.4.0 RC6 has SQL Injection via evid i ...)
+	TODO: check
+CVE-2015-7339 (JCE Joomla Component 2.5.0 to 2.5.2 allows arbitrary file upload via a ...)
+	TODO: check
+CVE-2015-7338 (SQL Injection exists in AcyMailing Joomla Component before 4.9.5 via e ...)
+	TODO: check
 CVE-2015-7336
 	RESERVED
 CVE-2015-7335
diff --git a/data/CVE/2016.list b/data/CVE/2016.list
index 8d9fb7c72d..559b5eb8e4 100644
--- a/data/CVE/2016.list
+++ b/data/CVE/2016.list
@@ -12025,8 +12025,8 @@ CVE-2016-6920 (Heap-based buffer overflow in the decode_block function in libavc
 	NOTE: Vulnerable code not present in any Libav version.
 CVE-2016-6919
 	RESERVED
-CVE-2016-6918
-	RESERVED
+CVE-2016-6918 (Lexmark Markvision Enterprise (MVE) before 2.4.1 allows remote attacke ...)
+	TODO: check
 CVE-2016-6917 (Buffer overflow in nvhost_job.c in the NVIDIA video driver for Android ...)
 	NOT-FOR-US: Nvidia driver for Android
 CVE-2016-6916 (Integer overflow in nvhost_job.c in the NVIDIA video driver for Androi ...)
@@ -23591,7 +23591,8 @@ CVE-2016-3182 (The color_esycc_to_rgb function in bin/common/color.c in OpenJPEG
 	[jessie] - openjpeg2 <not-affected> (Vulnerable code not yet present in 2.1.0)
 	NOTE: http://www.openwall.com/lists/oss-security/2016/03/14/13
 	NOTE: https://github.com/uclouvain/openjpeg/issues/725
-CVE-2016-3181 (DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2016-3182. Reason: T ...)
+CVE-2016-3181
+	REJECTED
 	- openjpeg2 2.1.1-1
 	[jessie] - openjpeg2 <not-affected> (Vulnerable code not yet present in 2.1.0)
 	NOTE: http://www.openwall.com/lists/oss-security/2016/03/14/12
@@ -29021,8 +29022,8 @@ CVE-2016-1489 (Lenovo SHAREit before 3.2.0 for Windows and SHAREit before 3.5.48
 	NOT-FOR-US: Lenovo
 CVE-2016-1488 (Cross-site scripting (XSS) vulnerability in the login form in the inte ...)
 	NOT-FOR-US: Siemens
-CVE-2016-1487
-	RESERVED
+CVE-2016-1487 (Lexmark Markvision Enterprise before 2.3.0 misuses the Apache Commons  ...)
+	TODO: check
 CVE-2016-1486 (A vulnerability in the email attachment scanning functionality of the  ...)
 	NOT-FOR-US: Siemens OZW OZW672
 CVE-2016-1485 (Cross-site scripting (XSS) vulnerability in Cisco Identity Services En ...)
@@ -29792,8 +29793,8 @@ CVE-2016-1161 (Cross-site request forgery (CSRF) vulnerability in ManageEngine P
 	NOT-FOR-US: ManageEngine Password Manager Pro
 CVE-2016-1160 (Cross-site scripting (XSS) vulnerability in the WP Favorite Posts plug ...)
 	NOT-FOR-US: WP Favorite Posts plugin for WordPress
-CVE-2016-1159
-	RESERVED
+CVE-2016-1159 (In ZOHO Password Manager Pro (PMP) 8.3.0 (Build 8303) and 8.4.0 (Build ...)
+	TODO: check
 CVE-2016-1158 (Cross-site request forgery (CSRF) vulnerability on Corega CG-WLBARGMH  ...)
 	NOT-FOR-US: Corega
 CVE-2016-1157 (Cross-site scripting (XSS) vulnerability in log_chat.cgi in Script* Lo ...)
diff --git a/data/CVE/2019.list b/data/CVE/2019.list
index 533969d722..56be44a207 100644
--- a/data/CVE/2019.list
+++ b/data/CVE/2019.list
@@ -2376,8 +2376,8 @@ CVE-2019-19616 (An Insecure Direct Object Reference (IDOR) vulnerability in the
 	NOT-FOR-US: Microsoft Dynamics NAV
 CVE-2019-19615
 	RESERVED
-CVE-2019-19614
-	RESERVED
+CVE-2019-19614 (An issue was discovered in Halvotec RAQuest 10.23.10801.0. The login p ...)
+	TODO: check
 CVE-2019-19613
 	RESERVED
 CVE-2019-19612
@@ -25323,8 +25323,8 @@ CVE-2019-10808
 	RESERVED
 CVE-2019-10807
 	RESERVED
-CVE-2019-10806
-	RESERVED
+CVE-2019-10806 (vega-util prior to 1.13.1 allows manipulation of object prototype. The ...)
+	TODO: check
 CVE-2019-10805 (valib through 2.0.0 allows Internal Property Tampering. A maliciously  ...)
 	NOT-FOR-US: Node valib
 CVE-2019-10804 (serial-number through 1.3.0 allows execution of arbritary commands. Th ...)
diff --git a/data/CVE/2020.list b/data/CVE/2020.list
index 8e384f1be3..e6fc17e564 100644
--- a/data/CVE/2020.list
+++ b/data/CVE/2020.list
@@ -1,3 +1,35 @@
+CVE-2020-10250 (BWA DiREX-Pro 1.2181 devices allow remote attackers to execute arbitra ...)
+	TODO: check
+CVE-2020-10249 (BWA DiREX-Pro 1.2181 devices allow full path disclosure via an invalid ...)
+	TODO: check
+CVE-2020-10248 (BWA DiREX-Pro 1.2181 devices allow remote attackers to discover passwo ...)
+	TODO: check
+CVE-2020-10247 (MISP 2.4.122 has Persistent XSS in the sighting popover tool. This is  ...)
+	TODO: check
+CVE-2020-10246 (MISP 2.4.122 has reflected XSS via unsanitized URL parameters. This is ...)
+	TODO: check
+CVE-2020-10245
+	RESERVED
+CVE-2020-10244 (JPaseto before 0.3.0 generates weak hashes when using v2.local tokens. ...)
+	TODO: check
+CVE-2020-10243
+	RESERVED
+CVE-2020-10242
+	RESERVED
+CVE-2020-10241
+	RESERVED
+CVE-2020-10240
+	RESERVED
+CVE-2020-10239
+	RESERVED
+CVE-2020-10238
+	RESERVED
+CVE-2020-10237 (An issue was discovered in Froxlor through 0.10.15. The installer wrot ...)
+	TODO: check
+CVE-2020-10236 (An issue was discovered in Froxlor before 0.10.14. It created files wi ...)
+	TODO: check
+CVE-2020-10235 (An issue was discovered in Froxlor before 0.10.14. Remote attackers wi ...)
+	TODO: check
 CVE-2020-10234
 	RESERVED
 CVE-2020-10233 (In version 4.8.0 and earlier of The Sleuth Kit (TSK), there is a heap- ...)
@@ -88,13 +120,13 @@ CVE-2020-10194
 	RESERVED
 CVE-2020-10193 (ESET Archive Support Module before 1294 allows virus-detection bypass  ...)
 	NOT-FOR-US: ESET Archive Support Module
-CVE-2020-10192
-	RESERVED
-CVE-2020-10191
-	RESERVED
-CVE-2020-10190
-	RESERVED
-CVE-2020-10189 (Zoho ManageEngine Desktop Central 10 allows remote code execution beca ...)
+CVE-2020-10192 (An issue was discovered in Munkireport before 5.3.0.3923. An unauthent ...)
+	TODO: check
+CVE-2020-10191 (An issue was discovered in MunkiReport before 5.3.0. An authenticated  ...)
+	TODO: check
+CVE-2020-10190 (An issue was discovered in MunkiReport before 5.3.0. An authenticated  ...)
+	TODO: check
+CVE-2020-10189 (Zoho ManageEngine Desktop Central before 10.0.474 allows remote code e ...)
 	NOT-FOR-US: Zoho ManageEngine
 CVE-2020-10188 (utility.c in telnetd in netkit telnet through 0.17 allows remote attac ...)
 	- netkit-telnet <unfixed>
@@ -130,7 +162,7 @@ CVE-2020-10177
 CVE-2020-10176
 	RESERVED
 CVE-2020-10175
-	RESERVED
+	REJECTED
 CVE-2020-10174 (init_tmp in TeeJee.FileSystem.vala in Timeshift before 20.03 unsafely  ...)
 	- timeshift <unfixed> (bug #953385)
 	NOTE: https://www.openwall.com/lists/oss-security/2020/03/06/3
@@ -974,8 +1006,8 @@ CVE-2020-9760
 	RESERVED
 CVE-2020-9759
 	RESERVED
-CVE-2020-9758
-	RESERVED
+CVE-2020-9758 (An issue was discovered in chat.php in LiveZilla Live Chat 8.0.1.3 (He ...)
+	TODO: check
 CVE-2020-9757 (The Seomatic component before 3.2.46 for Craft CMS allows Server-Side  ...)
 	NOT-FOR-US: Seomatic component for Craft CMS
 CVE-2020-9756 (Patriot Viper RGB Driver 1.1 and prior exposes IOCTL and allows insuff ...)
@@ -1471,8 +1503,8 @@ CVE-2020-9519
 	RESERVED
 CVE-2020-9518
 	RESERVED
-CVE-2020-9517
-	RESERVED
+CVE-2020-9517 (There is an improper restriction of rendered UI layers or frames vulne ...)
+	TODO: check
 CVE-2020-9516
 	RESERVED
 CVE-2020-9515
@@ -1765,8 +1797,8 @@ CVE-2020-9388
 	RESERVED
 CVE-2020-9387
 	RESERVED
-CVE-2020-9386
-	RESERVED
+CVE-2020-9386 (In Mahara 18.10 before 18.10.5, 19.04 before 19.04.4, and 19.10 before ...)
+	TODO: check
 CVE-2020-9391 (An issue was discovered in the Linux kernel 5.4 and 5.5 through 5.5.6  ...)
 	- linux <unfixed>
 	[buster] - linux <not-affected> (Vulnerable code not present)
@@ -2020,8 +2052,8 @@ CVE-2020-9283 (golang.org/x/crypto before v0.0.0-20200220183623-bac4c82f6975 for
 	[stretch] - golang-go.crypto <no-dsa> (Minor issue)
 	[jessie] - golang-go.crypto <no-dsa> (Minor issue)
 	NOTE: https://github.com/golang/crypto/commit/bac4c82f69751a6dd76e702d54b3ceb88adab236
-CVE-2020-9282
-	RESERVED
+CVE-2020-9282 (In Mahara 18.10 before 18.10.5, 19.04 before 19.04.4, and 19.10 before ...)
+	TODO: check
 CVE-2020-9281 (A cross-site scripting (XSS) vulnerability in the HTML Data Processor  ...)
 	TODO: check
 CVE-2020-9280
@@ -2532,6 +2564,7 @@ CVE-2020-9036
 CVE-2020-9035
 	RESERVED
 CVE-2020-9355 (danfruehauf NetworkManager-ssh before 1.2.11 allows privilege escalati ...)
+	{DSA-4637-1}
 	- network-manager-ssh 1.2.11-1
 	NOTE: https://github.com/danfruehauf/NetworkManager-ssh/pull/98
 	NOTE: https://github.com/danfruehauf/NetworkManager-ssh/commit/5d88cd89795352b5df54cc0ebb6a0076b8c89ee4
@@ -2635,8 +2668,8 @@ CVE-2020-8989 (In the Voatz application 2020-01-01 for Android, the amount of da
 	NOT-FOR-US: Voatz application for Android
 CVE-2020-8988 (The Voatz application 2020-01-01 for Android allows only 100 million d ...)
 	NOT-FOR-US: Voatz application for Android
-CVE-2020-8987
-	RESERVED
+CVE-2020-8987 (Avast AntiTrack before 1.5.1.172 and AVG Antitrack before 2.0.0.178 pr ...)
+	TODO: check
 CVE-2020-8986
 	RESERVED
 CVE-2020-8985
@@ -3676,7 +3709,7 @@ CVE-2020-8502
 	RESERVED
 CVE-2020-8501
 	RESERVED
-CVE-2020-8500 (In Artica Pandora FMS 7.42, Web Admin users can execute arbitrary code ...)
+CVE-2020-8500 (** DISPUTED ** In Artica Pandora FMS 7.42, Web Admin users can execute ...)
 	NOT-FOR-US: Artica Pandora FMS
 CVE-2020-8499
 	RESERVED
@@ -10564,8 +10597,8 @@ CVE-2020-5258
 	RESERVED
 CVE-2020-5257
 	RESERVED
-CVE-2020-5256
-	RESERVED
+CVE-2020-5256 (BookStack before version 0.25.5 has a vulnerability where a user could ...)
+	TODO: check
 CVE-2020-5255
 	RESERVED
 CVE-2020-5254
@@ -12701,8 +12734,8 @@ CVE-2020-4219
 	RESERVED
 CVE-2020-4218
 	RESERVED
-CVE-2020-4217
-	RESERVED
+CVE-2020-4217 (The IBM Spectrum Scale 4.2 and 5.0 file system component is affected b ...)
+	TODO: check
 CVE-2020-4216
 	RESERVED
 CVE-2020-4215
@@ -12967,8 +13000,8 @@ CVE-2020-4086
 	RESERVED
 CVE-2020-4085
 	RESERVED
-CVE-2020-4084
-	RESERVED
+CVE-2020-4084 (HCL Connections v5.5, v6.0, and v6.5 are vulnerable to cross-site scri ...)
+	TODO: check
 CVE-2020-4083 (HCL Connections 6.5 is vulnerable to possible information leakage. Con ...)
 	NOT-FOR-US: HCL Connections
 CVE-2020-4082 (The HCL Connections 5.5 help system is vulnerable to cross-site script ...)
@@ -16922,58 +16955,58 @@ CVE-2020-2161
 	RESERVED
 CVE-2020-2160
 	RESERVED
-CVE-2020-2159
-	RESERVED
-CVE-2020-2158
-	RESERVED
-CVE-2020-2157
-	RESERVED
-CVE-2020-2156
-	RESERVED
-CVE-2020-2155
-	RESERVED
-CVE-2020-2154
-	RESERVED
-CVE-2020-2153
-	RESERVED
-CVE-2020-2152
-	RESERVED
-CVE-2020-2151
-	RESERVED
-CVE-2020-2150
-	RESERVED
-CVE-2020-2149
-	RESERVED
-CVE-2020-2148
-	RESERVED
-CVE-2020-2147
-	RESERVED
-CVE-2020-2146
-	RESERVED
-CVE-2020-2145
-	RESERVED
-CVE-2020-2144
-	RESERVED
-CVE-2020-2143
-	RESERVED
-CVE-2020-2142
-	RESERVED
-CVE-2020-2141
-	RESERVED
-CVE-2020-2140
-	RESERVED
-CVE-2020-2139
-	RESERVED
-CVE-2020-2138
-	RESERVED
-CVE-2020-2137
-	RESERVED
-CVE-2020-2136
-	RESERVED
-CVE-2020-2135
-	RESERVED
-CVE-2020-2134
-	RESERVED
+CVE-2020-2159 (Jenkins CryptoMove Plugin 0.1.33 and earlier allows attackers with Job ...)
+	TODO: check
+CVE-2020-2158 (Jenkins Literate Plugin 1.0 and earlier does not configure its YAML pa ...)
+	TODO: check
+CVE-2020-2157 (Jenkins Skytap Cloud CI Plugin 2.07 and earlier transmits configured c ...)
+	TODO: check
+CVE-2020-2156 (Jenkins DeployHub Plugin 8.0.14 and earlier transmits configured crede ...)
+	TODO: check
+CVE-2020-2155 (Jenkins OpenShift Deployer Plugin 1.2.0 and earlier transmits configur ...)
+	TODO: check
+CVE-2020-2154 (Jenkins Zephyr for JIRA Test Management Plugin 1.5 and earlier stores  ...)
+	TODO: check
+CVE-2020-2153 (Jenkins Backlog Plugin 2.4 and earlier transmits configured credential ...)
+	TODO: check
+CVE-2020-2152 (Jenkins Subversion Release Manager Plugin 1.2 and earlier does not esc ...)
+	TODO: check
+CVE-2020-2151 (Jenkins Quality Gates Plugin 2.5 and earlier transmits configured cred ...)
+	TODO: check
+CVE-2020-2150 (Jenkins Sonar Quality Gates Plugin 1.3.1 and earlier transmits configu ...)
+	TODO: check
+CVE-2020-2149 (Jenkins Repository Connector Plugin 1.2.6 and earlier transmits config ...)
+	TODO: check
+CVE-2020-2148 (A missing permission check in Jenkins Mac Plugin 1.1.0 and earlier all ...)
+	TODO: check
+CVE-2020-2147 (A cross-site request forgery vulnerability in Jenkins Mac Plugin 1.1.0 ...)
+	TODO: check
+CVE-2020-2146 (Jenkins Mac Plugin 1.1.0 and earlier does not validate SSH host keys w ...)
+	TODO: check
+CVE-2020-2145 (Jenkins Zephyr Enterprise Test Management Plugin 1.9.1 and earlier sto ...)
+	TODO: check
+CVE-2020-2144 (Jenkins Rundeck Plugin 3.6.6 and earlier does not configure its XML pa ...)
+	TODO: check
+CVE-2020-2143 (Jenkins Logstash Plugin 2.3.1 and earlier transmits configured credent ...)
+	TODO: check
+CVE-2020-2142 (A missing permission check in Jenkins P4 Plugin 1.10.10 and earlier al ...)
+	TODO: check
+CVE-2020-2141 (A cross-site request forgery vulnerability in Jenkins P4 Plugin 1.10.1 ...)
+	TODO: check
+CVE-2020-2140 (Jenkins Audit Trail Plugin 3.2 and earlier does not escape the error m ...)
+	TODO: check
+CVE-2020-2139 (An arbitrary file write vulnerability in Jenkins Cobertura Plugin 1.15 ...)
+	TODO: check
+CVE-2020-2138 (Jenkins Cobertura Plugin 1.15 and earlier does not configure its XML p ...)
+	TODO: check
+CVE-2020-2137 (Jenkins Timestamper Plugin 1.11.1 and earlier does not sanitize HTML f ...)
+	TODO: check
+CVE-2020-2136 (Jenkins Git Plugin 4.2.0 and earlier does not escape the error message ...)
+	TODO: check
+CVE-2020-2135 (Sandbox protection in Jenkins Script Security Plugin 1.70 and earlier  ...)
+	TODO: check
+CVE-2020-2134 (Sandbox protection in Jenkins Script Security Plugin 1.70 and earlier  ...)
+	TODO: check
 CVE-2020-2133 (Jenkins Applatix Plugin 1.1 and earlier stores a password unencrypted  ...)
 	NOT-FOR-US: Jenkins plugin
 CVE-2020-2132 (Jenkins Parasoft Environment Manager Plugin 2.14 and earlier stores a  ...)
@@ -17851,8 +17884,7 @@ CVE-2020-1738 [module package can be selected by the ansible facts]
 	- ansible <unfixed>
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1802164
 	NOTE: https://github.com/ansible/ansible/issues/67796
-CVE-2020-1737 [Extract-Zip function in win_unzip module does not check extracted path]
-	RESERVED
+CVE-2020-1737 (A flaw was found in Ansible 2.7.17 and prior, 2.8.9 and prior, and 2.9 ...)
 	- ansible <unfixed>
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1802154
 	NOTE: https://github.com/ansible/ansible/issues/67795
@@ -17960,8 +17992,7 @@ CVE-2020-1708 (It has been found in openshift-enterprise version 3.11 and all op
 CVE-2020-1707
 	RESERVED
 	NOT-FOR-US: openshift
-CVE-2020-1706
-	RESERVED
+CVE-2020-1706 (It has been found that in openshift-enterprise version 3.11 and opensh ...)
 	NOT-FOR-US: openshift
 CVE-2020-1705
 	RESERVED
@@ -21385,6 +21416,7 @@ CVE-2020-0035
 	NOT-FOR-US: Android
 CVE-2020-0034
 	RESERVED
+	{DLA-2136-1}
 	- libvpx 1.7.0-3
 	[stretch] - libvpx <no-dsa> (Minor issue)
 	NOTE: https://github.com/webmproject/libvpx/commit/45daecb4f73a47ab3236a29a3a48c52324cbf19a