automatic update

4 files changed, 165 insertions, 135 deletions

diff --git a/data/CVE/2017.list b/data/CVE/2017.list
index 420b509d91..4081f83d74 100644
--- a/data/CVE/2017.list
+++ b/data/CVE/2017.list
@@ -17681,9 +17681,9 @@ CVE-2017-12737 (An issue was discovered on Siemens SICAM RTUs SM-2556 COM Module
 	NOT-FOR-US: Siemens
 CVE-2017-12736 (A vulnerability has been identified in RUGGEDCOM ROS for RSL910 device ...)
 	NOT-FOR-US: Siemens
-CVE-2017-12735 (A vulnerability has been identified in Siemens LOGO! devices. An attac ...)
+CVE-2017-12735 (A vulnerability has been identified in LOGO! 8 BM (incl. SIPLUS varian ...)
 	NOT-FOR-US: Siemens
-CVE-2017-12734 (A vulnerability has been identified in Siemens LOGO! devices before V1 ...)
+CVE-2017-12734 (A vulnerability has been identified in LOGO! 8 BM (incl. SIPLUS varian ...)
 	NOT-FOR-US: Siemens
 CVE-2017-12733 (A Missing Authentication for Critical Function issue was discovered in ...)
 	NOT-FOR-US: SiteSentinel
diff --git a/data/CVE/2018.list b/data/CVE/2018.list
index d58ddb72e8..54c6869b0a 100644
--- a/data/CVE/2018.list
+++ b/data/CVE/2018.list
@@ -43965,7 +43965,7 @@ CVE-2018-4835 (A vulnerability has been identified in TeleControl Server Basic &
 	NOT-FOR-US: Siemens / TeleControl Server Basic
 CVE-2018-4834 (A vulnerability has been identified in Desigo Automation Controllers P ...)
 	NOT-FOR-US: Desigo
-CVE-2018-4833 (A vulnerability has been identified in RFID 181-EIP (All versions), RU ...)
+CVE-2018-4833 (A vulnerability has been identified in RFID 181EIP (All versions), RUG ...)
 	NOT-FOR-US: Siemens
 CVE-2018-4832 (A vulnerability has been identified in OpenPCS 7 V7.1 and earlier (All ...)
 	NOT-FOR-US: Siemens
diff --git a/data/CVE/2019.list b/data/CVE/2019.list
index 1cb6865131..2a3eb3e26e 100644
--- a/data/CVE/2019.list
+++ b/data/CVE/2019.list
@@ -4324,20 +4324,20 @@ CVE-2019-19291 (A vulnerability has been identified in SiNVR 3 Central Control S
 	NOT-FOR-US: SiNVR 3 Central Control Server (CCS)
 CVE-2019-19290 (A vulnerability has been identified in SiNVR 3 Central Control Server  ...)
 	NOT-FOR-US: SiNVR 3 Central Control Server (CCS)
-CVE-2019-19289
-	RESERVED
-CVE-2019-19288
-	RESERVED
-CVE-2019-19287
-	RESERVED
-CVE-2019-19286
-	RESERVED
-CVE-2019-19285
-	RESERVED
-CVE-2019-19284
-	RESERVED
-CVE-2019-19283
-	RESERVED
+CVE-2019-19289 (A vulnerability has been identified in XHQ (All Versions < 6.1). Th ...)
+	TODO: check
+CVE-2019-19288 (A vulnerability has been identified in XHQ (All Versions < 6.1). Th ...)
+	TODO: check
+CVE-2019-19287 (A vulnerability has been identified in XHQ (All Versions < 6.1). Th ...)
+	TODO: check
+CVE-2019-19286 (A vulnerability has been identified in XHQ (All Versions < 6.1). Th ...)
+	TODO: check
+CVE-2019-19285 (A vulnerability has been identified in XHQ (All Versions < 6.1). Th ...)
+	TODO: check
+CVE-2019-19284 (A vulnerability has been identified in XHQ (All Versions < 6.1). Th ...)
+	TODO: check
+CVE-2019-19283 (A vulnerability has been identified in XHQ (All Versions < 6.1). Th ...)
+	TODO: check
 CVE-2019-19282 (A vulnerability has been identified in OpenPCS 7 V8.1 (All versions),  ...)
 	NOT-FOR-US: Siemens
 CVE-2019-19281 (A vulnerability has been identified in SIMATIC ET 200SP Open Controlle ...)
@@ -26302,11 +26302,11 @@ CVE-2019-10923 (A vulnerability has been identified in Development/Evaluation Ki
 	NOT-FOR-US: Siemens
 CVE-2019-10922 (A vulnerability has been identified in SIMATIC PCS 7 V8.0 and earlier  ...)
 	NOT-FOR-US: Siemens
-CVE-2019-10921 (A vulnerability has been identified in LOGO!8 BM (All versions). Unenc ...)
+CVE-2019-10921 (A vulnerability has been identified in LOGO! 8 BM (incl. SIPLUS varian ...)
 	NOT-FOR-US: Siemens
-CVE-2019-10920 (A vulnerability has been identified in LOGO!8 BM (All versions). Proje ...)
+CVE-2019-10920 (A vulnerability has been identified in LOGO! 8 BM (incl. SIPLUS varian ...)
 	NOT-FOR-US: Siemens
-CVE-2019-10919 (A vulnerability has been identified in LOGO!8 BM (All versions). Attac ...)
+CVE-2019-10919 (A vulnerability has been identified in LOGO! 8 BM (incl. SIPLUS varian ...)
 	NOT-FOR-US: Siemens
 CVE-2019-10918 (A vulnerability has been identified in SIMATIC PCS 7 V8.0 and earlier  ...)
 	NOT-FOR-US: Siemens
diff --git a/data/CVE/2020.list b/data/CVE/2020.list
index 2bde7de1a3..c1becc93ac 100644
--- a/data/CVE/2020.list
+++ b/data/CVE/2020.list
@@ -1,3 +1,43 @@
+CVE-2020-35472
+	RESERVED
+CVE-2020-35471 (Envoy before 1.16.1 mishandles dropped and truncated datagrams, as dem ...)
+	TODO: check
+CVE-2020-35470 (Envoy before 1.16.1 logs an incorrect downstream address because it co ...)
+	TODO: check
+CVE-2020-35469
+	RESERVED
+CVE-2020-35468
+	RESERVED
+CVE-2020-35467
+	RESERVED
+CVE-2020-35466
+	RESERVED
+CVE-2020-35465
+	RESERVED
+CVE-2020-35464
+	RESERVED
+CVE-2020-35463
+	RESERVED
+CVE-2020-35462
+	RESERVED
+CVE-2020-35461
+	RESERVED
+CVE-2020-35460 (common/InputStreamHelper.java in Packwood MPXJ before 8.3.5 allows dir ...)
+	TODO: check
+CVE-2020-35459
+	RESERVED
+CVE-2020-35458
+	RESERVED
+CVE-2020-35457 (** DISPUTED ** GNOME GLib before 2.65.3 has an integer overflow, that  ...)
+	TODO: check
+CVE-2020-35456
+	RESERVED
+CVE-2020-35455
+	RESERVED
+CVE-2020-35454
+	RESERVED
+CVE-2020-35453
+	RESERVED
 CVE-2020-35452
 	RESERVED
 CVE-2020-35451
@@ -1095,12 +1135,12 @@ CVE-2020-29513
 	RESERVED
 CVE-2020-29512
 	RESERVED
-CVE-2020-29511
-	RESERVED
-CVE-2020-29510
-	RESERVED
-CVE-2020-29509
-	RESERVED
+CVE-2020-29511 (The encoding/xml package in Go (all versions) does not correctly prese ...)
+	TODO: check
+CVE-2020-29510 (The encoding/xml package in Go versions 1.15 and earlier does not corr ...)
+	TODO: check
+CVE-2020-29509 (The encoding/xml package in Go (all versions) does not correctly prese ...)
+	TODO: check
 CVE-2020-29508
 	RESERVED
 CVE-2020-29507
@@ -1557,10 +1597,10 @@ CVE-2020-29306
 	RESERVED
 CVE-2020-29305
 	RESERVED
-CVE-2020-29304
-	RESERVED
-CVE-2020-29303
-	RESERVED
+CVE-2020-29304 (A cross-site scripting (XSS) vulnerability exists in the SabaiApps Wor ...)
+	TODO: check
+CVE-2020-29303 (A cross-site scripting (XSS) vulnerability in the SabaiApp Directories ...)
+	TODO: check
 CVE-2020-29302
 	RESERVED
 CVE-2020-29301
@@ -2525,10 +2565,10 @@ CVE-2020-28863
 	RESERVED
 CVE-2020-28862
 	RESERVED
-CVE-2020-28861
-	RESERVED
-CVE-2020-28860
-	RESERVED
+CVE-2020-28861 (OpenAsset Digital Asset Management (DAM) 12.0.19 and earlier failed to ...)
+	TODO: check
+CVE-2020-28860 (OpenAssetDigital Asset Management (DAM) through 12.0.19 does not corre ...)
+	TODO: check
 CVE-2020-28859 (OpenAsset Digital Asset Management (DAM) through 12.0.19 does not corr ...)
 	NOT-FOR-US: OpenAsset Digital Asset Management (DAM)
 CVE-2020-28858 (OpenAsset Digital Asset Management (DAM) through 12.0.19 does not corr ...)
@@ -3481,8 +3521,8 @@ CVE-2020-28398
 	RESERVED
 CVE-2020-28397
 	RESERVED
-CVE-2020-28396
-	RESERVED
+CVE-2020-28396 (A vulnerability has been identified in SICAM A8000 CP-8000 (All versio ...)
+	TODO: check
 CVE-2020-28395
 	RESERVED
 CVE-2020-28394
@@ -6161,8 +6201,8 @@ CVE-2020-27254
 	RESERVED
 CVE-2020-27253 (A flaw exists in the Ingress/Egress checks routine of FactoryTalk Linx ...)
 	NOT-FOR-US: FactoryTalk
-CVE-2020-27252
-	RESERVED
+CVE-2020-27252 (Medtronic MyCareLink Smart 25000 all versions are vulnerable to a race ...)
+	TODO: check
 CVE-2020-27251 (A heap overflow vulnerability exists within FactoryTalk Linx Version 6 ...)
 	NOT-FOR-US: FactoryTalk
 CVE-2020-27250
@@ -10773,22 +10813,22 @@ CVE-2020-25237
 	RESERVED
 CVE-2020-25236
 	RESERVED
-CVE-2020-25235
-	RESERVED
-CVE-2020-25234
-	RESERVED
-CVE-2020-25233
-	RESERVED
-CVE-2020-25232
-	RESERVED
-CVE-2020-25231
-	RESERVED
-CVE-2020-25230
-	RESERVED
-CVE-2020-25229
-	RESERVED
-CVE-2020-25228
-	RESERVED
+CVE-2020-25235 (A vulnerability has been identified in LOGO! 8 BM (incl. SIPLUS varian ...)
+	TODO: check
+CVE-2020-25234 (A vulnerability has been identified in LOGO! 8 BM (incl. SIPLUS varian ...)
+	TODO: check
+CVE-2020-25233 (A vulnerability has been identified in LOGO! 8 BM (incl. SIPLUS varian ...)
+	TODO: check
+CVE-2020-25232 (A vulnerability has been identified in LOGO! 8 BM (incl. SIPLUS varian ...)
+	TODO: check
+CVE-2020-25231 (A vulnerability has been identified in LOGO! 8 BM (incl. SIPLUS varian ...)
+	TODO: check
+CVE-2020-25230 (A vulnerability has been identified in LOGO! 8 BM (incl. SIPLUS varian ...)
+	TODO: check
+CVE-2020-25229 (A vulnerability has been identified in LOGO! 8 BM (incl. SIPLUS varian ...)
+	TODO: check
+CVE-2020-25228 (A vulnerability has been identified in LOGO! 8 BM (incl. SIPLUS varian ...)
+	TODO: check
 CVE-2020-25227
 	RESERVED
 CVE-2020-25226
@@ -10904,16 +10944,16 @@ CVE-2020-25189 (The affected product is vulnerable to three stack-based buffer o
 	NOT-FOR-US: Paradox IP150
 CVE-2020-25188 (An attacker who convinces a valid user to open a specially crafted pro ...)
 	NOT-FOR-US: LAquis SCADA
-CVE-2020-25187
-	RESERVED
+CVE-2020-25187 (Medtronic MyCareLink Smart 25000 all versions are vulnerable when an a ...)
+	TODO: check
 CVE-2020-25186 (An XXE vulnerability exists within LeviStudioU Release Build 2019-09-2 ...)
 	NOT-FOR-US: LeviStudioU Release
 CVE-2020-25185 (The affected product is vulnerable to five post-authentication buffer  ...)
 	NOT-FOR-US: Paradox IP150
 CVE-2020-25184
 	RESERVED
-CVE-2020-25183
-	RESERVED
+CVE-2020-25183 (Medtronic MyCareLink Smart 25000 all versions contain an authenticatio ...)
+	TODO: check
 CVE-2020-25182
 	RESERVED
 CVE-2020-25181 (WECON PLC Editor Versions 1.3.8 and prior has a heap-based buffer over ...)
@@ -21105,8 +21145,8 @@ CVE-2020-20191
 	RESERVED
 CVE-2020-20190
 	RESERVED
-CVE-2020-20189
-	RESERVED
+CVE-2020-20189 (SQL Injection vulnerability in NewPK 1.1 via the title parameter to ad ...)
+	TODO: check
 CVE-2020-20188
 	RESERVED
 CVE-2020-20187
@@ -21115,10 +21155,10 @@ CVE-2020-20186
 	RESERVED
 CVE-2020-20185
 	RESERVED
-CVE-2020-20184
-	RESERVED
-CVE-2020-20183
-	RESERVED
+CVE-2020-20184 (GateOne allows remote attackers to execute arbitrary commands via shel ...)
+	TODO: check
+CVE-2020-20183 (Insecure direct object reference vulnerability in Zyxel’s P1302- ...)
+	TODO: check
 CVE-2020-20182
 	RESERVED
 CVE-2020-20181
@@ -29530,12 +29570,12 @@ CVE-2020-16106
 	RESERVED
 CVE-2020-16105
 	RESERVED
-CVE-2020-16104
-	RESERVED
-CVE-2020-16103
-	RESERVED
-CVE-2020-16102
-	RESERVED
+CVE-2020-16104 (SQL Injection vulnerability in Enterprise Data Interface of Gallagher  ...)
+	TODO: check
+CVE-2020-16103 (Type confusion in Gallagher Command Centre Server allows a remote atta ...)
+	TODO: check
+CVE-2020-16102 (Improper Authentication vulnerability in Gallagher Command Centre Serv ...)
+	TODO: check
 CVE-2020-16101 (It is possible for an unauthenticated remote DCOM websocket connection ...)
 	NOT-FOR-US: Gallagher Command Centre Server
 CVE-2020-16100 (It is possible for an unauthenticated remote DCOM websocket connection ...)
@@ -30380,8 +30420,8 @@ CVE-2020-15798
 	RESERVED
 CVE-2020-15797 (A vulnerability has been identified in DCA Vantage Analyzer (All versi ...)
 	NOT-FOR-US: DCA Vantage Analyzer
-CVE-2020-15796
-	RESERVED
+CVE-2020-15796 (A vulnerability has been identified in SIMATIC ET 200SP Open Controlle ...)
+	TODO: check
 CVE-2020-15795
 	RESERVED
 CVE-2020-15794 (A vulnerability has been identified in Desigo Insight (All versions).  ...)
@@ -30398,7 +30438,7 @@ CVE-2020-15789 (A vulnerability has been identified in Polarion Subversion Webcl
 	NOT-FOR-US: Siemens
 CVE-2020-15788 (A vulnerability has been identified in Polarion Subversion Webclient ( ...)
 	NOT-FOR-US: Siemens
-CVE-2020-15787 (A vulnerability has been identified in SIMATIC HMI United Comfort Pane ...)
+CVE-2020-15787 (A vulnerability has been identified in SIMATIC HMI Unified Comfort Pan ...)
 	NOT-FOR-US: Siemens
 CVE-2020-15786 (A vulnerability has been identified in SIMATIC HMI Basic Panels 2nd Ge ...)
 	NOT-FOR-US: Siemens
@@ -33899,8 +33939,7 @@ CVE-2020-14370 (An information disclosure vulnerability was found in containers/
 	NOTE: https://github.com/containers/podman/commit/a7e864e6e7de894d4edde4fff00e53dc6a0b5074
 CVE-2020-14369 (This release fixes a Cross Site Request Forgery vulnerability was foun ...)
 	NOT-FOR-US: Red Hat CloudForm
-CVE-2020-14368
-	RESERVED
+CVE-2020-14368 (A flaw was found in Eclipse Che in versions prior to 7.14.0 that impac ...)
 	NOT-FOR-US: Eclipse Che
 CVE-2020-14367 (A flaw was found in chrony versions before 3.5.1 when creating the PID ...)
 	- chrony 3.5.1-1 (unimportant)
@@ -49066,26 +49105,23 @@ CVE-2020-8288
 	RESERVED
 CVE-2020-8287
 	RESERVED
-CVE-2020-8286 [Inferior OCSP verification]
-	RESERVED
+CVE-2020-8286 (curl 7.41.0 through 7.73.0 is vulnerable to an improper check for cert ...)
 	- curl <unfixed> (bug #977161)
 	NOTE: https://curl.se/docs/CVE-2020-8286.html
 	NOTE: https://github.com/curl/curl/commit/d9d01672785b8ac04aab1abb6de95fe3072ae199 (curl-7_74_0)
-CVE-2020-8285 [FTP wildcard stack overflow]
-	RESERVED
+CVE-2020-8285 (curl 7.21.0 to and including 7.73.0 is vulnerable to uncontrolled recu ...)
 	- curl <unfixed> (bug #977162)
 	NOTE: https://curl.se/docs/CVE-2020-8285.html
 	NOTE: https://github.com/curl/curl/issues/6255
 	NOTE: https://github.com/curl/curl/commit/69a358f2186e04cf44698b5100332cbf1ee7f01d (curl-7_74_0)
-CVE-2020-8284 [trusting FTP PASV responses]
-	RESERVED
+CVE-2020-8284 (A malicious server can use the FTP PASV response to trick curl 7.73.0  ...)
 	- curl <unfixed> (bug #977163)
 	NOTE: https://curl.se/docs/CVE-2020-8284.html
 	NOTE: https://github.com/curl/curl/commit/ec9cc725d598ac77de7b6df8afeec292b3c8ad46 (curl-7_74_0)
-CVE-2020-8283
-	RESERVED
-CVE-2020-8282
-	RESERVED
+CVE-2020-8283 (An authorised user on a Windows host running Citrix Universal Print Se ...)
+	TODO: check
+CVE-2020-8282 (A security issue was found in EdgePower 24V/54V firmware v1.7.0 and ea ...)
+	TODO: check
 CVE-2020-8281
 	RESERVED
 CVE-2020-8280
@@ -49141,10 +49177,10 @@ CVE-2020-8260 (A vulnerability in the Pulse Connect Secure &lt; 9.1R9 admin web
 	NOT-FOR-US: Pulse Secure Pulse Connect Secure
 CVE-2020-8259 (Insufficient protection of the server-side encryption keys in Nextclou ...)
 	- nextcloud-server <itp> (bug #941708)
-CVE-2020-8258
-	RESERVED
-CVE-2020-8257
-	RESERVED
+CVE-2020-8258 (Improper privilege management on services run by Citrix Gateway Plug-i ...)
+	TODO: check
+CVE-2020-8257 (Improper privilege management on services run by Citrix Gateway Plug-i ...)
+	TODO: check
 CVE-2020-8256 (A vulnerability in the Pulse Connect Secure &lt; 9.1R8.2 admin web int ...)
 	NOT-FOR-US: Pulse Connect Secure
 CVE-2020-8255 (A vulnerability in the Pulse Connect Secure &lt; 9.1R9 admin web inter ...)
@@ -49210,8 +49246,7 @@ CVE-2020-8233 (A command injection vulnerability exists in EdgeSwitch firmware &
 	NOT-FOR-US: Edgeswitch
 CVE-2020-8232 (An information disclosure vulnerability exists in EdgeMax EdgeSwitch f ...)
 	NOT-FOR-US: Edgeswitch
-CVE-2020-8231
-	RESERVED
+CVE-2020-8231 (Due to use of a dangling pointer, libcurl 7.29.0 through 7.71.1 can us ...)
 	{DLA-2382-1}
 	- curl 7.72.0-1 (bug #968831)
 	[buster] - curl <no-dsa> (Minor issue)
@@ -49350,8 +49385,7 @@ CVE-2020-8178 (Insufficient input validation in npm package `jison` &lt;= 0.4.18
 	- node-jison <not-affected> (Vulnerable code not included in Debian source)
 	NOTE: https://hackerone.com/reports/690010
 	NOTE: ports/ is stripped/excluded in the src:node-jison source package.
-CVE-2020-8177
-	RESERVED
+CVE-2020-8177 (curl 7.20.0 through 7.70.0 is vulnerable to improper restriction of na ...)
 	{DLA-2295-1}
 	- curl 7.72.0-1 (bug #965281)
 	[buster] - curl <no-dsa> (Minor issue)
@@ -49376,8 +49410,7 @@ CVE-2020-8171 (We have recently released new version of AirMax AirOS firmware v6
 	NOT-FOR-US: AirMax AirOS
 CVE-2020-8170 (We have recently released new version of AirMax AirOS firmware v6.3.0  ...)
 	NOT-FOR-US: AirMax AirOS
-CVE-2020-8169
-	RESERVED
+CVE-2020-8169 (curl 7.62.0 through 7.70.0 is vulnerable to an information disclosure  ...)
 	- curl 7.72.0-1 (bug #965280)
 	[buster] - curl <no-dsa> (Minor issue)
 	[stretch] - curl <not-affected> (Vulnerable code introduced later)
@@ -50768,7 +50801,7 @@ CVE-2020-7591 (A vulnerability has been identified in SIPORT MP (All versions &l
 	NOT-FOR-US: Siemens
 CVE-2020-7590 (A vulnerability has been identified in DCA Vantage Analyzer (All versi ...)
 	NOT-FOR-US: DCA Vantage Analyzer
-CVE-2020-7589 (A vulnerability has been identified in LOGO!8 BM (incl. SIPLUS variant ...)
+CVE-2020-7589 (A vulnerability has been identified in LOGO! 8 BM (incl. SIPLUS varian ...)
 	NOT-FOR-US: Siemens
 CVE-2020-7588 (A vulnerability has been identified in Opcenter Execution Discrete (Al ...)
 	NOT-FOR-US: Siemens
@@ -66751,48 +66784,46 @@ CVE-2020-0472
 	RESERVED
 CVE-2020-0471
 	RESERVED
-CVE-2020-0470
-	RESERVED
-CVE-2020-0469
-	RESERVED
-CVE-2020-0468
-	RESERVED
-CVE-2020-0467
-	RESERVED
-CVE-2020-0466
-	RESERVED
+CVE-2020-0470 (In extend_frame_highbd of restoration.c, there is a possible out of bo ...)
+	TODO: check
+CVE-2020-0469 (In addEscrowToken of LockSettingsService.java, there is a possible los ...)
+	TODO: check
+CVE-2020-0468 (In listen() and related functions of TelephonyRegistry.java, there is  ...)
+	TODO: check
+CVE-2020-0467 (In onUserStopped of Vpn.java, there is a possible resetting of user pr ...)
+	TODO: check
+CVE-2020-0466 (In do_epoll_ctl and ep_loop_check_proc of eventpoll.c, there is a poss ...)
 	- linux 5.8.7-1
 	[buster] - linux 4.19.146-1
 	[stretch] - linux 4.9.240-1
 	NOTE: https://git.kernel.org/linus/52c479697c9b73f628140dcdfcd39ea302d05482
 	NOTE: https://git.kernel.org/linus/a9ed4a6560b8562b7e2e2bed9527e88001f7b682
-CVE-2020-0465
-	RESERVED
+CVE-2020-0465 (In various methods of hid-multitouch.c, there is a possible out of bou ...)
 	- linux 5.8.7-1
 	[buster] - linux 4.19.146-1
 	[stretch] - linux 4.9.240-1
 	NOTE: https://git.kernel.org/linus/35556bed836f8dc07ac55f69c8d17dce3e7f0e25
 	NOTE: https://git.kernel.org/linus/bce1305c0ece3dc549663605e567655dd701752c
-CVE-2020-0464
-	RESERVED
-CVE-2020-0463
-	RESERVED
+CVE-2020-0464 (In resolv_cache_lookup of res_cache.cpp, there is a possible side chan ...)
+	TODO: check
+CVE-2020-0463 (In sdp_server_handle_client_req of sdp_server.cc, there is a possible  ...)
+	TODO: check
 CVE-2020-0462
 	RESERVED
 CVE-2020-0461
 	RESERVED
-CVE-2020-0460
-	RESERVED
-CVE-2020-0459
-	RESERVED
-CVE-2020-0458
-	RESERVED
-CVE-2020-0457
-	RESERVED
-CVE-2020-0456
-	RESERVED
-CVE-2020-0455
-	RESERVED
+CVE-2020-0460 (In createNameCredentialDialog of CertInstaller.java, there exists the  ...)
+	TODO: check
+CVE-2020-0459 (In sendConfiguredNetworkChangedBroadcast of WifiConfigManager.java, th ...)
+	TODO: check
+CVE-2020-0458 (In SPDIFEncoder::writeBurstBufferBytes and related methods of SPDIFEnc ...)
+	TODO: check
+CVE-2020-0457 (There is a possible out of bounds write due to a missing bounds check. ...)
+	TODO: check
+CVE-2020-0456 (There is a possible out of bounds write due to a missing bounds check. ...)
+	TODO: check
+CVE-2020-0455 (There is a possible out of bounds write due to a missing bounds check. ...)
+	TODO: check
 CVE-2020-0454 (In callCallbackForRequest of ConnectivityService.java, there is a poss ...)
 	NOT-FOR-US: Android
 CVE-2020-0453 (In updateNotification of BeamTransferManager.java, there is a possible ...)
@@ -66815,8 +66846,7 @@ CVE-2020-0446 (There is a possible out of bounds write due to a missing bounds c
 	NOT-FOR-US: MediaTek components for Android
 CVE-2020-0445 (There is a possible out of bounds write due to a missing bounds check. ...)
 	NOT-FOR-US: MediaTek components for Android
-CVE-2020-0444
-	RESERVED
+CVE-2020-0444 (In audit_free_lsm_field of auditfilter.c, there is a possible bad kfre ...)
 	- linux 5.5.13-1
 	[buster] - linux 4.19.118-1
 	[stretch] - linux 4.9.228-1
@@ -66827,8 +66857,8 @@ CVE-2020-0442 (In Message and toBundle of Notification.java, there is a possible
 	NOT-FOR-US: Android
 CVE-2020-0441 (In Message and toBundle of Notification.java, there is a possible reso ...)
 	NOT-FOR-US: Android
-CVE-2020-0440
-	RESERVED
+CVE-2020-0440 (In createVirtualDisplay of DisplayManagerService.java, there is a poss ...)
+	TODO: check
 CVE-2020-0439 (In generatePackageInfo of PackageManagerService.java, there is a possi ...)
 	NOT-FOR-US: Android
 CVE-2020-0438 (In the AIBinder_Class constructor of ibinder.cpp, there is a possible  ...)
@@ -67153,7 +67183,7 @@ CVE-2020-0296 (In ADB server and USB server, there is a possible permission bypa
 	NOT-FOR-US: Android
 CVE-2020-0295 (In Telecom, there is a possible permission bypass due to an unsafe Pen ...)
 	NOT-FOR-US: Android
-CVE-2020-0294 (In the wallpaper manager, there is a possible permission bypass due to ...)
+CVE-2020-0294 (In bindWallpaperComponentLocked of WallpaperManagerService.java, there ...)
 	NOT-FOR-US: Android
 CVE-2020-0293 (In Java network APIs, there is possible access to sensitive network st ...)
 	NOT-FOR-US: Android
@@ -67560,8 +67590,8 @@ CVE-2020-0101 (In BnCrypto::onTransact of ICrypto.cpp, there is a possible infor
 	NOT-FOR-US: Android media framework
 CVE-2020-0100 (In onTransact of IHDCP.cpp, there is a possible out of bounds read due ...)
 	NOT-FOR-US: Android media framework
-CVE-2020-0099
-	RESERVED
+CVE-2020-0099 (In addWindow of WindowManagerService.java, there is a possible window  ...)
+	TODO: check
 CVE-2020-0098 (In navigateUpToLocked of ActivityStack.java, there is a possible permi ...)
 	NOT-FOR-US: Android
 CVE-2020-0097 (In various methods of PackageManagerService.java, there is a possible  ...)
@@ -67740,14 +67770,14 @@ CVE-2020-0021 (In removeUnusedPackagesLPw of PackageManagerService.java, there i
 	NOT-FOR-US: Android
 CVE-2020-0020 (In getAttributeRange of ExifInterface.java, there is a possible failur ...)
 	NOT-FOR-US: Android
-CVE-2020-0019
-	RESERVED
+CVE-2020-0019 (In the Broadcom Nexus firmware, there is an insecure default password. ...)
+	TODO: check
 CVE-2020-0018 (In MotionEntry::appendDescription of InputDispatcher.cpp, there is a p ...)
 	NOT-FOR-US: Android
 CVE-2020-0017 (In multiple places, it was possible for the primary user&#8217;s dicti ...)
 	NOT-FOR-US: Android
-CVE-2020-0016
-	RESERVED
+CVE-2020-0016 (In the Broadcom Nexus firmware, there is an insecure default password. ...)
+	TODO: check
 CVE-2020-0015 (In onCreate of CertInstaller.java, there is a possible way to overlay  ...)
 	NOT-FOR-US: Android
 CVE-2020-0014 (It is possible for a malicious application to construct a TYPE_TOAST w ...)