automatic update

6 files changed, 116 insertions, 116 deletions

diff --git a/data/CVE/2010.list b/data/CVE/2010.list
index 525612b5d4..718b64f2ed 100644
--- a/data/CVE/2010.list
+++ b/data/CVE/2010.list
@@ -1883,14 +1883,12 @@ CVE-2010-4534 (The administrative interface in django.contrib.admin in Django be
 	- python-django 1.2.4-1
 	[squeeze] - python-django 1.2.3-3
 	NOTE: http://www.djangoproject.com/weblog/2010/dec/22/security/
-CVE-2010-4533 [offlineimap uses SSLv2]
-	RESERVED
+CVE-2010-4533 (offlineimap before 6.3.4 added support for SSL server certificate vali ...)
 	- offlineimap 6.3.4-1 (low; bug #606962)
 	NOTE: offlineimap uses the "ssl" standard lib in Python, marking the version of offlineimap in wheezy as fixed
 	[squeeze] - offlineimap <no-dsa> (Long-standing, documented behaviour, can be updated in spu if needed)
 	[lenny] - offlineimap <no-dsa> (Long-standing, documented behaviour, can be updated in spu if needed)
-CVE-2010-4532 [no SSL cert validation]
-	RESERVED
+CVE-2010-4532 (offlineimap before 6.3.2 does not check for SSL server certificate val ...)
 	- offlineimap 6.3.2~rc3-2 (low; bug #603450)
 	[squeeze] - offlineimap <no-dsa> (Long-standing, documented behaviour, can be updated in spu if needed)
 	[lenny] - offlineimap <no-dsa> (Long-standing, documented behaviour, can be updated in spu if needed)
diff --git a/data/CVE/2011.list b/data/CVE/2011.list
index 4d96bc803b..3b17566537 100644
--- a/data/CVE/2011.list
+++ b/data/CVE/2011.list
@@ -4340,8 +4340,7 @@ CVE-2011-3587 (Unspecified vulnerability in Zope 2.12.x and 2.13.x, as used in P
 	- zope2.10 <not-affected> (Introduced in 2.12)
 	- zope2.12 2.12.20-2
 CVE-2011-3586
-	RESERVED
-	NOTE: Dupe of CVE-2011-3504, to be rejected
+	REJECTED
 CVE-2011-3585
 	RESERVED
 	- samba 2:3.4.7~dfsg-2 (low)
diff --git a/data/CVE/2012.list b/data/CVE/2012.list
index 74bb3671c7..91b4f041ac 100644
--- a/data/CVE/2012.list
+++ b/data/CVE/2012.list
@@ -5797,11 +5797,9 @@ CVE-2012-4387 (Apache Struts 2.0.0 through 2.3.4 allows remote attackers to caus
 CVE-2012-4386 (The token check mechanism in Apache Struts 2.0.0 through 2.3.4 does no ...)
 	- libstruts1.2-java <not-affected> (Only affects Struts 2)
 	NOTE: http://struts.apache.org/2.x/docs/s2-010.html
-CVE-2012-4385 [letodms CSRF]
-	RESERVED
+CVE-2012-4385 (letodms 3.3.6 has CSRF via change password ...)
 	- letodms 3.3.7+dfsg-1 (bug #689664)
-CVE-2012-4384 [letodms XSS]
-	RESERVED
+CVE-2012-4384 (letodms has multiple XSS issues: Reflected XSS in Login Page, Stored X ...)
 	- letodms 3.3.7+dfsg-1 (bug #689664)
 CVE-2012-4383
 	RESERVED
@@ -11177,8 +11175,7 @@ CVE-2012-2239 (Mahara 1.4.x before 1.4.4 and 1.5.x before 1.5.3 allows remote at
 CVE-2012-2238
 	RESERVED
 	- tryton-server <not-affected> (only affected 2.4, in experimental)
-CVE-2012-2237
-	RESERVED
+CVE-2012-2237 (Multiple cross-site scripting (XSS) vulnerabilities in Mahara 1.4.x be ...)
 	{DSA-2540-1}
 	- mahara 1.5.1-2
 CVE-2012-2236 (SQL injection vulnerability in users.php in PHP Gift Registry 1.5.5 al ...)
diff --git a/data/CVE/2013.list b/data/CVE/2013.list
index d4c9a33ac4..da2fafedd8 100644
--- a/data/CVE/2013.list
+++ b/data/CVE/2013.list
@@ -7189,14 +7189,14 @@ CVE-2013-4659 (Buffer overflow in Broadcom ACSD allows remote attackers to execu
 	NOT-FOR-US: Broadcom ACSD
 CVE-2013-4658 (Linksys EA6500 has SMB Symlink Traversal allowing symbolic links to be ...)
 	NOT-FOR-US: Linksys
-CVE-2013-4657
-	RESERVED
-CVE-2013-4656
-	RESERVED
-CVE-2013-4655
-	RESERVED
-CVE-2013-4654
-	RESERVED
+CVE-2013-4657 (Symlink Traversal vulnerability in NETGEAR WNR3500U and WNR3500L due t ...)
+	TODO: check
+CVE-2013-4656 (Symlink Traversal vulnerability in ASUS RT-AC66U and RT-N56U due to mi ...)
+	TODO: check
+CVE-2013-4655 (Symlink Traversal vulnerability in Belkin N900 due to misconfiguration ...)
+	TODO: check
+CVE-2013-4654 (Symlink Traversal vulnerability in TP-LINK TL-WDR4300 and TL-1043ND.. ...)
+	TODO: check
 CVE-2013-4653 (Multiple cross-site scripting (XSS) vulnerabilities in the signin func ...)
 	NOT-FOR-US: Alcatel-Lucent Omnitouch
 CVE-2013-4652 (Unspecified vulnerability in the command-line management interface on  ...)
@@ -10510,8 +10510,8 @@ CVE-2013-3519 (lgtosync.sys in VMware Workstation 9.x before 9.0.3, VMware Playe
 	NOT-FOR-US: VMware
 CVE-2013-3518
 	RESERVED
-CVE-2013-3517
-	RESERVED
+CVE-2013-3517 (Cross-site scripting (XSS) vulnerability in NETGEAR WNR3500U and WNR35 ...)
+	TODO: check
 CVE-2013-3516
 	RESERVED
 CVE-2013-3515 (Multiple cross-site scripting (XSS) vulnerabilities in OpenX Source 2. ...)
diff --git a/data/CVE/2014.list b/data/CVE/2014.list
index 360012d2c8..a4e5eb8355 100644
--- a/data/CVE/2014.list
+++ b/data/CVE/2014.list
@@ -6462,8 +6462,7 @@ CVE-2014-8169 (automount 5.0.8, when a program map uses certain interpreted lang
 	- autofs5 <not-affected> (Vulnerable code introduced in 5.0.8)
 CVE-2014-8168 (Red Hat Satellite 6 allows local users to access mongod and delete pul ...)
 	NOT-FOR-US: Red Hat Satellite
-CVE-2014-8167
-	RESERVED
+CVE-2014-8167 (vdsm and vdsclient does not validate certficate hostname from another  ...)
 	NOT-FOR-US: Red Hat vdms and vdsclient
 CVE-2014-8166 (The browsing feature in the server in CUPS does not filter ANSI escape ...)
 	- cups <unfixed> (unimportant)
@@ -17307,8 +17306,7 @@ CVE-2014-3657 (The virDomainListPopulate function in conf/domain_conf.c in libvi
 CVE-2014-3656
 	RESERVED
 	NOT-FOR-US: JBoss KeyCloak
-CVE-2014-3655
-	RESERVED
+CVE-2014-3655 (JBoss KeyCloak is vulnerable to soft token deletion via CSRF ...)
 	NOT-FOR-US: JBoss KeyCloak
 CVE-2014-3654 (Multiple cross-site scripting (XSS) vulnerabilities in spacewalk-java  ...)
 	NOT-FOR-US: Red Hat Satellite
@@ -17563,8 +17561,7 @@ CVE-2014-3594 (Cross-site scripting (XSS) vulnerability in the Host Aggregates i
 	NOTE: up to 2013.2.3, and 2014.1 versions up to 2014.1.2
 CVE-2014-3593 (Eval injection vulnerability in luci 0.26.0 allows remote authenticate ...)
 	NOT-FOR-US: Luci
-CVE-2014-3592
-	RESERVED
+CVE-2014-3592 (OpenShift Origin: Improperly validated team names could allow stored X ...)
 	NOT-FOR-US: OpenShift Origin
 CVE-2014-3591 [sidechannel attack on Elgamal]
 	RESERVED
diff --git a/data/CVE/2019.list b/data/CVE/2019.list
index e29f4da7d8..8f5653e9ee 100644
--- a/data/CVE/2019.list
+++ b/data/CVE/2019.list
@@ -1,9 +1,41 @@
-CVE-2019-18931
+CVE-2019-18947
 	RESERVED
-CVE-2019-18930
+CVE-2019-18946
 	RESERVED
-CVE-2019-18929
+CVE-2019-18945
 	RESERVED
+CVE-2019-18944
+	RESERVED
+CVE-2019-18943
+	RESERVED
+CVE-2019-18942
+	RESERVED
+CVE-2019-18941
+	RESERVED
+CVE-2019-18940
+	RESERVED
+CVE-2019-18939
+	RESERVED
+CVE-2019-18938
+	RESERVED
+CVE-2019-18937
+	RESERVED
+CVE-2019-18936
+	RESERVED
+CVE-2019-18935
+	RESERVED
+CVE-2019-18934
+	RESERVED
+CVE-2019-18933
+	RESERVED
+CVE-2019-18932
+	RESERVED
+CVE-2019-18931 (Western Digital My Cloud EX2 Ultra firmware 2.31.195 allows a Buffer O ...)
+	TODO: check
+CVE-2019-18930 (Western Digital My Cloud EX2 Ultra firmware 2.31.183 allows web users  ...)
+	TODO: check
+CVE-2019-18929 (Western Digital My Cloud EX2 Ultra firmware 2.31.183 allows web users  ...)
+	TODO: check
 CVE-2019-18928
 	RESERVED
 CVE-2019-18927
@@ -191,8 +223,8 @@ CVE-2019-18840 (In wolfSSL 4.1.0 through 4.2.0c, there are missing sanity checks
 	- wolfssl 4.2.0+dfsg-3
 	NOTE: https://github.com/wolfSSL/wolfssl/issues/2555
 	NOTE: https://github.com/wolfSSL/wolfssl/commit/52f28bd5149360f8e3bf8ca13d3fb9a77283df7c
-CVE-2019-18839
-	RESERVED
+CVE-2019-18839 (FUDForum 3.0.9 is vulnerable to Stored XSS via the nlogin parameter. T ...)
+	TODO: check
 CVE-2019-18838
 	RESERVED
 CVE-2019-18837
@@ -1210,8 +1242,7 @@ CVE-2019-18399
 	RESERVED
 CVE-2019-18398
 	RESERVED
-CVE-2019-18397
-	RESERVED
+CVE-2019-18397 (A buffer overflow in the fribidi_get_par_embedding_levels_ex() functio ...)
 	{DSA-4561-1}
 	- fribidi 1.0.7-1.1 (bug #944327)
 	[stretch] - fribidi <not-affected> (Vulnerable code not present)
@@ -1467,8 +1498,8 @@ CVE-2019-18281 (An out-of-bounds memory access in the generateDirectionalRuns()
 	NOTE: https://bugreports.qt.io/browse/QTBUG-77819
 CVE-2019-18280 (Sourcecodester Online Grading System 1.0 is affected by a Cross Site R ...)
 	NOT-FOR-US: Sourcecodester Online Grading System
-CVE-2019-18279
-	RESERVED
+CVE-2019-18279 (In Phoenix SCT WinFlash 1.1.12.0 through 1.5.74.0, the included driver ...)
+	TODO: check
 CVE-2019-18278 (When executing VideoLAN VLC media player 3.0.8 with libqt on Windows,  ...)
 	NOT-FOR-US: VLC on Windows
 CVE-2019-18277 (A flaw was found in HAProxy before 2.0.6. In legacy mode, messages fea ...)
@@ -3113,10 +3144,10 @@ CVE-2019-17526 (** DISPUTED ** An issue was discovered in SageMath Sage Cell Ser
 	NOT-FOR-US: Sage Cell Server (not part of SafeMath as packaged in Debian)
 CVE-2019-17525
 	RESERVED
-CVE-2019-17524
-	RESERVED
-CVE-2019-17523
-	RESERVED
+CVE-2019-17524 (An XSS vulnerability on Technicolor TC7300 STFA.51.20 devices allows r ...)
+	TODO: check
+CVE-2019-17523 (An XSS vulnerability on Technicolor TC7300 STFA.51.20 devices allows r ...)
+	TODO: check
 CVE-2019-17522 (A stored XSS vulnerability was discovered in Hotaru CMS v1.7.2 via the ...)
 	NOT-FOR-US: Hotaru CMS
 CVE-2019-17521 (An issue was discovered in Landing-CMS 0.0.6. There is a CSRF vulnerab ...)
@@ -4355,14 +4386,14 @@ CVE-2019-16953
 	RESERVED
 CVE-2019-16952
 	RESERVED
-CVE-2019-16951
-	RESERVED
-CVE-2019-16950
-	RESERVED
-CVE-2019-16949
-	RESERVED
-CVE-2019-16948
-	RESERVED
+CVE-2019-16951 (A remote file include (RFI) issue was discovered in Enghouse Web Chat  ...)
+	TODO: check
+CVE-2019-16950 (An XSS issue was discovered in Enghouse Web Chat 6.1.300.31 and 6.2.28 ...)
+	TODO: check
+CVE-2019-16949 (An issue was discovered in Enghouse Web Chat 6.1.300.31 and 6.2.284.34 ...)
+	TODO: check
+CVE-2019-16948 (An SSRF issue was discovered in Enghouse Web Chat 6.1.300.31. In any P ...)
+	TODO: check
 CVE-2019-16947
 	RESERVED
 CVE-2019-16946
@@ -6669,8 +6700,8 @@ CVE-2019-15950 (The CRM Plugin before 4.2.4 for Redmine allows XSS via crafted v
 	NOT-FOR-US: Redmine plugin
 CVE-2019-15949 (Nagios XI before 5.6.6 allows remote command execution as root. The ex ...)
 	NOT-FOR-US: Nagios XI
-CVE-2019-15948
-	RESERVED
+CVE-2019-15948 (Texas Instruments CC256x and WL18xx dual-mode Bluetooth controller dev ...)
+	TODO: check
 CVE-2019-15947 (In Bitcoin Core 0.18.0, bitcoin-qt stores wallet.dat data unencrypted  ...)
 	- bitcoin <unfixed> (bug #939608)
 CVE-2019-15946 (OpenSC before 0.20.0-rc1 has an out-of-bounds access of an ASN.1 Octet ...)
@@ -35119,22 +35150,22 @@ CVE-2019-5296 (Mate20 Huawei smartphones versions earlier than HMA-AL00C00B175 h
 	NOT-FOR-US: Huawei
 CVE-2019-5295 (Huawei Honor V10 smartphones versions earlier than Berkeley-AL20 9.0.0 ...)
 	NOT-FOR-US: Huawei
-CVE-2019-5294
-	RESERVED
-CVE-2019-5293
-	RESERVED
-CVE-2019-5292
-	RESERVED
+CVE-2019-5294 (There is an out of bound read vulnerability in some Huawei products. A ...)
+	TODO: check
+CVE-2019-5293 (Some Huawei products have a memory leak vulnerability when handling so ...)
+	TODO: check
+CVE-2019-5292 (Honor 10 Lite, Honor 8A, Huawei Y6 mobile phones with the versions bef ...)
+	TODO: check
 CVE-2019-5291
 	RESERVED
 CVE-2019-5290
 	RESERVED
-CVE-2019-5289
-	RESERVED
-CVE-2019-5288
-	RESERVED
-CVE-2019-5287
-	RESERVED
+CVE-2019-5289 (Gauss100 OLTP database in ManageOne with versions of 6.5.0 have an out ...)
+	TODO: check
+CVE-2019-5288 (P30 smart phones with versions earlier than ELLE-AL00B 9.1.0.193(C00E1 ...)
+	TODO: check
+CVE-2019-5287 (P30 smart phones with versions earlier than ELLE-AL00B 9.1.0.193(C00E1 ...)
+	TODO: check
 CVE-2019-5286 (There is a reflection XSS vulnerability in the HedEx products. Remote  ...)
 	NOT-FOR-US: HedEx / Huawei
 CVE-2019-5285 (Some Huawei S series switches have a DoS vulnerability. An unauthentic ...)
@@ -35143,14 +35174,14 @@ CVE-2019-5284 (There is a DoS vulnerability in RTSP module of Leland-AL00A Huawe
 	NOT-FOR-US: Huawei
 CVE-2019-5283 (There is Factory Reset Protection (FRP) bypass security vulnerability  ...)
 	NOT-FOR-US: Huawei
-CVE-2019-5282
-	RESERVED
+CVE-2019-5282 (Bastet module of some Huawei smartphones with Versions earlier than Em ...)
+	TODO: check
 CVE-2019-5281 (There is an information leak vulnerability in some Huawei phones, vers ...)
 	NOT-FOR-US: Huawei
 CVE-2019-5280 (The SIP TLS module of Huawei CloudLink Phone 7900 with V600R019C10 has ...)
 	NOT-FOR-US: Huawei
-CVE-2019-5279
-	RESERVED
+CVE-2019-5279 (Huawei smart phones Emily-L29C with Versions earlier than 9.1.0.311(C1 ...)
+	TODO: check
 CVE-2019-5278
 	RESERVED
 CVE-2019-5277
@@ -37475,7 +37506,7 @@ CVE-2019-4161 (IBM Security Information Queue (ISIQ) 1.0.0, 1.0.1, and 1.0.2 dis
 CVE-2019-4160
 	RESERVED
 CVE-2019-4159
-	RESERVED
+	REJECTED
 CVE-2019-4158 (IBM Security Access Manager 9.0.1 through 9.0.6 does not prove that a  ...)
 	NOT-FOR-US: IBM
 CVE-2019-4157 (IBM Security Access Manager 9.0.1 through 9.0.6 is vulnerable to cross ...)
@@ -38779,8 +38810,8 @@ CVE-2019-3650
 	RESERVED
 CVE-2019-3649
 	RESERVED
-CVE-2019-3648
-	RESERVED
+CVE-2019-3648 (A Privilege Escalation vulnerability in the Microsoft Windows client i ...)
+	TODO: check
 CVE-2019-3647
 	RESERVED
 CVE-2019-3646 (DLL Search Order Hijacking vulnerability in Microsoft Windows client i ...)
@@ -38793,8 +38824,8 @@ CVE-2019-3643 (McAfee Web Gateway (MWG) earlier than 7.8.2.13 is vulnerable to a
 	NOT-FOR-US: McAfee
 CVE-2019-3642
 	RESERVED
-CVE-2019-3641
-	RESERVED
+CVE-2019-3641 (Abuse of Authorization vulnerability in APIs exposed by TIE server in  ...)
+	TODO: check
 CVE-2019-3640
 	RESERVED
 CVE-2019-3639 (Clickjack vulnerability in Adminstrator web console in McAfee Web Gate ...)
@@ -41909,8 +41940,7 @@ CVE-2019-2235 (Buffer overflow occurs when emulated RPMB is used due to sector s
 	NOT-FOR-US: Qualcomm components for Android
 CVE-2019-2234
 	RESERVED
-CVE-2019-2233
-	RESERVED
+CVE-2019-2233 (In getUserCount and getCount of UserSwitcherController.java, there is  ...)
 	NOT-FOR-US: Android
 CVE-2019-2232
 	RESERVED
@@ -41949,59 +41979,46 @@ CVE-2019-2216
 CVE-2019-2215 (A use-after-free in binder.c allows an elevation of privilege from an  ...)
 	- linux 4.15.4-1
 	NOTE: Fixed by: https://git.kernel.org/linus/f5cb779ba16334b45ba8946d6bfa6d9834d1527f
-CVE-2019-2214
-	RESERVED
+CVE-2019-2214 (In binder_transaction of binder.c, there is a possible out of bounds w ...)
 	- linux 5.2.6-1
 	[buster] - linux <not-affected> (Vulnerability introduced later)
 	[stretch] - linux <not-affected> (Vulnerability introduced later)
 	[jessie] - linux <not-affected> (Vulnerability introduced later)
 	NOTE: https://lore.kernel.org/driverdev-devel/20190709110923.220736-1-maco@android.com/
 	NOTE: https://git.kernel.org/linus/a56587065094fd96eb4c2b5ad65571daad32156d
-CVE-2019-2213
-	RESERVED
+CVE-2019-2213 (In binder_free_transaction of binder.c, there is a possible use-after- ...)
 	- linux 5.2.6-1
 	[buster] - linux 4.19.67-1
 	NOTE: https://lore.kernel.org/patchwork/patch/1087916/
-CVE-2019-2212
-	RESERVED
+CVE-2019-2212 (In poisson_distribution of random, there is an out of bounds read. Thi ...)
 	- libc++ <removed>
 	- llvm-toolchain-6.0 <unfixed>
 	- llvm-toolchain-7.0 <unfixed>
 	NOTE: https://android.googlesource.com/platform/external/libcxx/+/4cebe6f1f01a34546b3b843b5267619a61bd7d39
 	NOTE: https://android.googlesource.com/platform/external/libcxx/+/8260b5d56f6880a29b57f73b7f4866e47e9e4818
 	NOTE: https://android.googlesource.com/platform/external/libcxx/+/a16cd9df50f22ccf65cf27eddc0403791116c75a
-CVE-2019-2211
-	RESERVED
+CVE-2019-2211 (In createProjectionMapForQuery of TvProvider.java, there is possible S ...)
 	NOT-FOR-US: Android
 CVE-2019-2210
 	RESERVED
 	NOT-FOR-US: Android
-CVE-2019-2209
-	RESERVED
+CVE-2019-2209 (In BTA_DmPinReply of bta_dm_api.cc, there is a possible out of bounds  ...)
 	NOT-FOR-US: Android
-CVE-2019-2208
-	RESERVED
+CVE-2019-2208 (There is a possible out of bounds read in v8 JIT code due to a bug in  ...)
 	NOT-FOR-US: Android
-CVE-2019-2207
-	RESERVED
+CVE-2019-2207 (In nfa_hci_handle_admin_gate_rsp of nfa_hci_act.cc, there is a possibl ...)
 	NOT-FOR-US: Android
-CVE-2019-2206
-	RESERVED
+CVE-2019-2206 (In rw_i93_sm_set_read_only of rw_i93.cc, there is a possible out of bo ...)
 	NOT-FOR-US: Android
-CVE-2019-2205
-	RESERVED
+CVE-2019-2205 (In ProxyResolverV8::SetPacScript of proxy_resolver_v8.cc, there is a p ...)
 	NOT-FOR-US: Android
-CVE-2019-2204
-	RESERVED
+CVE-2019-2204 (In FindSharedFunctionInfo of objects.cc, there is a possible out of bo ...)
 	NOT-FOR-US: Android
-CVE-2019-2203
-	RESERVED
+CVE-2019-2203 (In CryptoPlugin::decrypt of CryptoPlugin.cpp, there is a possible out  ...)
 	NOT-FOR-US: Android media framework
-CVE-2019-2202
-	RESERVED
+CVE-2019-2202 (In CryptoPlugin::decrypt of CryptoPlugin.cpp, there is a possible out  ...)
 	NOT-FOR-US: Android media framework
-CVE-2019-2201
-	RESERVED
+CVE-2019-2201 (In generate_jsimd_ycc_rgb_convert_neon of jsimd_arm64_neon.S, there is ...)
 	- libjpeg-turbo <unfixed>
 	NOTE: https://source.android.com/security/bulletin/2019-11-01
 	NOTE: https://android.googlesource.com/platform/external/libjpeg-turbo/+/d3db2a2634c422286f75c4b38af98837f3d2f0ff
@@ -42009,28 +42026,21 @@ CVE-2019-2201
 	NOTE: https://github.com/libjpeg-turbo/libjpeg-turbo/commit/2a9e3bd7430cfda1bc812d139e0609c6aca0b884
 CVE-2019-2200
 	RESERVED
-CVE-2019-2199
-	RESERVED
+CVE-2019-2199 (In createSessionInternal of PackageInstallerService.java, there is a p ...)
 	NOT-FOR-US: Android
-CVE-2019-2198
-	RESERVED
+CVE-2019-2198 (In Download Provider, there is a possible SQL injection vulnerability. ...)
 	NOT-FOR-US: Android
-CVE-2019-2197
-	RESERVED
+CVE-2019-2197 (In processPhonebookAccess of CachedBluetoothDevice.java, there is a po ...)
 	NOT-FOR-US: Android
-CVE-2019-2196
-	RESERVED
+CVE-2019-2196 (In Download Provider, there is possible SQL injection. This could lead ...)
 	NOT-FOR-US: Android
-CVE-2019-2195
-	RESERVED
+CVE-2019-2195 (In tokenize of sqlite3_android.cpp, there is a possible attacker contr ...)
 	NOT-FOR-US: Android
 CVE-2019-2194
 	RESERVED
-CVE-2019-2193
-	RESERVED
+CVE-2019-2193 (In WelcomeActivity.java and related files, there is a possible permiss ...)
 	NOT-FOR-US: Android
-CVE-2019-2192
-	RESERVED
+CVE-2019-2192 (In call of SliceProvider.java, there is a possible permissions bypass  ...)
 	NOT-FOR-US: Android
 CVE-2019-2191 (In LG's LAF component, there is a possible leak of information in a pr ...)
 	NOT-FOR-US: LG components for Android
@@ -42358,8 +42368,7 @@ CVE-2019-2038 (In rw_i93_process_sys_info of rw_i93.cc, there is a possible out-
 	NOT-FOR-US: Android
 CVE-2019-2037 (In l2cu_send_peer_config_rej of l2c_utils.cc, there is a possible out- ...)
 	NOT-FOR-US: Android
-CVE-2019-2036
-	RESERVED
+CVE-2019-2036 (In okToConnect of HidHostService.java, there is a possible permission  ...)
 	NOT-FOR-US: Android
 CVE-2019-2035 (In rw_i93_sm_update_ndef of rw_i93.cc, there is a possible out-of-boun ...)
 	NOT-FOR-US: Android