automatic update

author: security tracker role <sectracker@soriano.debian.org> 2019-10-28 20:10:27 +0000
committer: security tracker role <sectracker@soriano.debian.org> 2019-10-28 20:10:27 +0000
commit: 15e8eb406f7d21c157fb3c11ce6bac06d783cc89 (patch)
tree: d9d148ab2ba47971bf11c5f859dfbb6cbd8b088d /data
parent: 7b2784f3f9050d309802140e0d63439b105a0ab3 (diff)
9 files changed, 568 insertions, 68 deletions
diff --git a/data/CVE/2002.list b/data/CVE/2002.list
index ef12b5a165..458c1b3421 100644
--- a/data/CVE/2002.list
+++ b/data/CVE/2002.list
@@ -6,8 +6,7 @@ CVE-2002-2445 (GE Healthcare Millennium MG, NC, and MyoSIGHT has a default passw
 	NOT-FOR-US: Data pre-dating the Security Tracker
 CVE-2002-2483
 	- linux-2.6 2.4.20
-CVE-2002-2444 [snoopy: Security hole in exec cURL]
-	RESERVED
+CVE-2002-2444 (Snoopy 2.0.0-1 has a security hole in exec cURL ...)
 	- libphp-snoopy <not-affected> (affected version never was in the repo)
 	NOTE: http://www.openwall.com/lists/oss-security/2014/07/18/2
 	NOTE: http://sourceforge.net/p/snoopy/bugs/13/
diff --git a/data/CVE/2005.list b/data/CVE/2005.list
index 70dc625991..8476c5cf17 100644
--- a/data/CVE/2005.list
+++ b/data/CVE/2005.list
@@ -7325,8 +7325,7 @@ CVE-2005-1841 (The control for Adobe Reader 5.0.9 and 5.0.10 on Linux, Solaris,
 CVE-2005-1858 (FUSE 2.x before 2.3.0 does not properly clear previously used memory f ...)
 	{DSA-744-1}
 	- fuse 2.3.0-1
-CVE-2005-2349 [Directory traversal in zoo]
-	RESERVED
+CVE-2005-2349 (Zoo 2.10-27 has Directory traversal ...)
 	- zoo 2.10-4 (low; bug #309594)
 CVE-2005-2350 [Cross Site Scripting in websieve]
 	RESERVED
diff --git a/data/CVE/2009.list b/data/CVE/2009.list
index 89f760681a..dee72bd1e4 100644
--- a/data/CVE/2009.list
+++ b/data/CVE/2009.list
@@ -583,12 +583,10 @@ CVE-2009-4901 (The MSGFunctionDemarshall function in winscard_svc.c in the PC/SC
 	- pcsc-lite <not-affected> (Covered by initial CVE-2010-0407 fix)
 	NOTE: See https://bugzilla.redhat.com/show_bug.cgi?id=596426#c20 for an explanation
 	NOTE: of the weird CVE assignments on this one
-CVE-2009-4900 [pixelpost XSS]
-	RESERVED
+CVE-2009-4900 (pixelpost 1.7.1-5 has XSS ...)
 	- pixelpost <removed> (bug #597224)
 	NOTE: http://www.pixelpost.org/blog/2009/09/02/pixelpost-173-security-update/
-CVE-2009-4899 [pixelpost SQL injection]
-	RESERVED
+CVE-2009-4899 (pixelpost 1.7.1-5 has SQL injection ...)
 	- pixelpost <removed> (bug #597224)
 	NOTE: http://www.pixelpost.org/blog/2009/09/02/pixelpost-173-security-update/
 CVE-2009-4898 (Cross-site request forgery (CSRF) vulnerability in TWiki before 4.3.2  ...)
diff --git a/data/CVE/2010.list b/data/CVE/2010.list
index adb25dcb17..8f67ea5078 100644
--- a/data/CVE/2010.list
+++ b/data/CVE/2010.list
@@ -2659,8 +2659,7 @@ CVE-2010-4247 (The do_block_io_op function in (1) drivers/xen/blkback/blkback.c
 	- linux-2.6 <not-affected> (changes included since introduction of dom0 support)
 CVE-2010-4246 (Multiple cross-site scripting (XSS) vulnerabilities in graph.php in pf ...)
 	NOT-FOR-US: pfSense
-CVE-2010-4245
-	RESERVED
+CVE-2010-4245 (pootle 2.0.5-0.2 has XSS via 'match_names' parameter ...)
 	- pootle 2.0.5-0.3 (low; bug #604060)
 	[lenny] - pootle <not-affected> (Vulnerable code not present)
 CVE-2010-4244
@@ -2671,14 +2670,11 @@ CVE-2010-4243 (fs/exec.c in the Linux kernel before 2.6.37 does not enable the O
 CVE-2010-4242 (The hci_uart_tty_open function in the HCI UART driver (drivers/bluetoo ...)
 	{DSA-2153-1}
 	- linux-2.6 2.6.32-28
-CVE-2010-4241
-	RESERVED
+CVE-2010-4241 (Tiki Wiki CMS Groupware 5.2 has CSRF ...)
 	- tikiwiki <removed>
-CVE-2010-4240
-	RESERVED
+CVE-2010-4240 (Tiki Wiki CMS Groupware 5.2 has XSS ...)
 	- tikiwiki <removed>
-CVE-2010-4239
-	RESERVED
+CVE-2010-4239 (Tiki Wiki CMS Groupware 5.2 has Local File Inclusion ...)
 	- tikiwiki <removed>
 CVE-2010-4238 (The vbd_create function in Xen 3.1.2, when the Linux kernel 2.6.18 on  ...)
 	- linux-2.6 <not-affected> (RedHat-specific issue, does not affect Xen-upstream/Debian)
@@ -5199,8 +5195,7 @@ CVE-2010-3294 (Cross-site scripting (XSS) vulnerability in apc.php in the Altern
 	- php-apc <unfixed> (unimportant)
 	NOTE: vulnerable script is, mainly, for debugging purposes
 	NOTE: and is distributed gzip-compressed
-CVE-2010-3293 [mailscanner virus updates DoS]
-	RESERVED
+CVE-2010-3293 (mailscanner can allow local users to prevent virus signatures from bei ...)
 	- mailscanner <removed> (bug #596397; unimportant)
 	NOTE: or even unimportant, the script is not used by default
 CVE-2010-3292 [mailscanner may use spoofed data]
diff --git a/data/CVE/2012.list b/data/CVE/2012.list
index ab09c3744c..f2af9a2d16 100644
--- a/data/CVE/2012.list
+++ b/data/CVE/2012.list
@@ -2947,8 +2947,7 @@ CVE-2012-5578 [Python keyring insecure permissions on new databases]
 	- python-keyring 0.9.2-1.1 (bug #696736)
 	[wheezy] - python-keyring 0.7.1-1+deb7u1
 	[squeeze] - python-keyring <no-dsa> (Minor issue)
-CVE-2012-5577 [Python keyring insecure permissions on migrated files]
-	RESERVED
+CVE-2012-5577 (Python keyring lib before 0.10 created keyring files with world-readab ...)
 	- python-keyring 0.9.2-1.1 (bug #696736)
 	[wheezy] - python-keyring 0.7.1-1+deb7u1
 	[squeeze] - python-keyring <no-dsa> (Minor issue)
diff --git a/data/CVE/2017.list b/data/CVE/2017.list
index a78ac69d66..2ef3716184 100644
--- a/data/CVE/2017.list
+++ b/data/CVE/2017.list
@@ -8397,8 +8397,8 @@ CVE-2017-15727 (In phpMyFAQ before 2.9.9, there is Stored Cross-site Scripting (
 	NOT-FOR-US: phpMyFAQ
 CVE-2017-15726
 	RESERVED
-CVE-2017-15725
-	RESERVED
+CVE-2017-15725 (An XML External Entity Injection vulnerability exists in Dzone AnswerH ...)
+	TODO: check
 CVE-2017-15724
 	RESERVED
 CVE-2017-15723 (In Irssi before 1.0.5, overlong nicks or targets may result in a NULL  ...)
@@ -37498,27 +37498,27 @@ CVE-2017-5737
 CVE-2017-5736 (An elevation of privilege in Intel Software Guard Extensions Platform  ...)
 	NOT-FOR-US: Intel
 CVE-2017-5735
-	RESERVED
+	REJECTED
 	NOTE: https://bugzilla.tianocore.org/show_bug.cgi?id=686
 	NOTE: https://bugzilla.tianocore.org/attachment.cgi?id=150
 	NOTE: https://edk2-docs.gitbooks.io/security-advisory/content/edk-ii-tianocompress-bounds-checking-issues.html
 CVE-2017-5734
-	RESERVED
+	REJECTED
 	NOTE: https://bugzilla.tianocore.org/show_bug.cgi?id=686
 	NOTE: https://bugzilla.tianocore.org/attachment.cgi?id=150
 	NOTE: https://edk2-docs.gitbooks.io/security-advisory/content/edk-ii-tianocompress-bounds-checking-issues.html
 CVE-2017-5733
-	RESERVED
+	REJECTED
 	NOTE: https://bugzilla.tianocore.org/show_bug.cgi?id=686
 	NOTE: https://bugzilla.tianocore.org/attachment.cgi?id=150
 	NOTE: https://edk2-docs.gitbooks.io/security-advisory/content/edk-ii-tianocompress-bounds-checking-issues.html
 CVE-2017-5732
-	RESERVED
+	REJECTED
 	NOTE: https://bugzilla.tianocore.org/show_bug.cgi?id=686
 	NOTE: https://bugzilla.tianocore.org/attachment.cgi?id=150
 	NOTE: https://edk2-docs.gitbooks.io/security-advisory/content/edk-ii-tianocompress-bounds-checking-issues.html
 CVE-2017-5731
-	RESERVED
+	REJECTED
 	NOTE: https://bugzilla.tianocore.org/show_bug.cgi?id=686
 	NOTE: https://bugzilla.tianocore.org/attachment.cgi?id=150
 	NOTE: https://edk2-docs.gitbooks.io/security-advisory/content/edk-ii-tianocompress-bounds-checking-issues.html
@@ -37749,7 +37749,7 @@ CVE-2017-5851 (The free_options function in options_manager.c in mp3splt 2.6.2 a
 CVE-2017-5679
 	RESERVED
 CVE-2017-5678
-	RESERVED
+	REJECTED
 CVE-2017-5677 (PEAR HTML_AJAX 0.3.0 through 0.5.7 has a PHP Object Injection Vulnerab ...)
 	NOT-FOR-US: PEAR HTML_AJAX
 	NOTE: http://karmainsecurity.com/KIS-2017-01
diff --git a/data/CVE/2018.list b/data/CVE/2018.list
index 4313193883..cb3e25dab0 100644
--- a/data/CVE/2018.list
+++ b/data/CVE/2018.list
@@ -46066,7 +46066,7 @@ CVE-2018-3632 (Memory corruption in Intel Active Management Technology in Intel
 CVE-2018-3631
 	RESERVED
 CVE-2018-3630 [Logic error in FV parsing in MdeModulePkg\Core\Pei\FwVol\FwVol.c]
-	RESERVED
+	REJECTED
 	- edk2 <unfixed> (unimportant)
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1683653
 	NOTE: Non issue, no security impact
diff --git a/data/CVE/2019.list b/data/CVE/2019.list
index d17e6cb897..9bc5136700 100644
--- a/data/CVE/2019.list
+++ b/data/CVE/2019.list
@@ -1,3 +1,313 @@
+CVE-2019-18570
+	RESERVED
+CVE-2019-18569
+	RESERVED
+CVE-2019-18568
+	RESERVED
+CVE-2019-18567
+	RESERVED
+CVE-2019-18566
+	REJECTED
+	TODO: check
+CVE-2019-18565
+	REJECTED
+	TODO: check
+CVE-2019-18564
+	REJECTED
+	TODO: check
+CVE-2019-18563
+	REJECTED
+	TODO: check
+CVE-2019-18562
+	REJECTED
+	TODO: check
+CVE-2019-18561
+	REJECTED
+	TODO: check
+CVE-2019-18560
+	REJECTED
+	TODO: check
+CVE-2019-18559
+	REJECTED
+	TODO: check
+CVE-2019-18558
+	REJECTED
+	TODO: check
+CVE-2019-18557
+	REJECTED
+	TODO: check
+CVE-2019-18556
+	REJECTED
+	TODO: check
+CVE-2019-18555
+	REJECTED
+	TODO: check
+CVE-2019-18554
+	REJECTED
+	TODO: check
+CVE-2019-18553
+	REJECTED
+	TODO: check
+CVE-2019-18552
+	REJECTED
+	TODO: check
+CVE-2019-18551
+	REJECTED
+	TODO: check
+CVE-2019-18550
+	REJECTED
+	TODO: check
+CVE-2019-18549
+	REJECTED
+	TODO: check
+CVE-2019-18548
+	REJECTED
+	TODO: check
+CVE-2019-18547
+	REJECTED
+	TODO: check
+CVE-2019-18546
+	REJECTED
+	TODO: check
+CVE-2019-18545
+	REJECTED
+	TODO: check
+CVE-2019-18544
+	REJECTED
+	TODO: check
+CVE-2019-18543
+	REJECTED
+	TODO: check
+CVE-2019-18542
+	REJECTED
+	TODO: check
+CVE-2019-18541
+	REJECTED
+	TODO: check
+CVE-2019-18540
+	REJECTED
+	TODO: check
+CVE-2019-18539
+	REJECTED
+	TODO: check
+CVE-2019-18538
+	REJECTED
+	TODO: check
+CVE-2019-18537
+	REJECTED
+	TODO: check
+CVE-2019-18536
+	REJECTED
+	TODO: check
+CVE-2019-18535
+	REJECTED
+	TODO: check
+CVE-2019-18534
+	REJECTED
+	TODO: check
+CVE-2019-18533
+	REJECTED
+	TODO: check
+CVE-2019-18532
+	REJECTED
+	TODO: check
+CVE-2019-18531
+	REJECTED
+	TODO: check
+CVE-2019-18530
+	REJECTED
+	TODO: check
+CVE-2019-18529
+	REJECTED
+	TODO: check
+CVE-2019-18528
+	REJECTED
+	TODO: check
+CVE-2019-18527
+	REJECTED
+	TODO: check
+CVE-2019-18526
+	REJECTED
+	TODO: check
+CVE-2019-18525
+	REJECTED
+	TODO: check
+CVE-2019-18524
+	REJECTED
+	TODO: check
+CVE-2019-18523
+	REJECTED
+	TODO: check
+CVE-2019-18522
+	REJECTED
+	TODO: check
+CVE-2019-18521
+	REJECTED
+	TODO: check
+CVE-2019-18520
+	REJECTED
+	TODO: check
+CVE-2019-18519
+	REJECTED
+	TODO: check
+CVE-2019-18518
+	REJECTED
+	TODO: check
+CVE-2019-18517
+	REJECTED
+	TODO: check
+CVE-2019-18516
+	REJECTED
+	TODO: check
+CVE-2019-18515
+	REJECTED
+	TODO: check
+CVE-2019-18514
+	REJECTED
+	TODO: check
+CVE-2019-18513
+	REJECTED
+	TODO: check
+CVE-2019-18512
+	REJECTED
+	TODO: check
+CVE-2019-18511
+	REJECTED
+	TODO: check
+CVE-2019-18510
+	REJECTED
+	TODO: check
+CVE-2019-18509
+	REJECTED
+	TODO: check
+CVE-2019-18508
+	REJECTED
+	TODO: check
+CVE-2019-18507
+	REJECTED
+	TODO: check
+CVE-2019-18506
+	REJECTED
+	TODO: check
+CVE-2019-18505
+	REJECTED
+	TODO: check
+CVE-2019-18504
+	REJECTED
+	TODO: check
+CVE-2019-18503
+	REJECTED
+	TODO: check
+CVE-2019-18502
+	REJECTED
+	TODO: check
+CVE-2019-18501
+	REJECTED
+	TODO: check
+CVE-2019-18500
+	REJECTED
+	TODO: check
+CVE-2019-18499
+	REJECTED
+	TODO: check
+CVE-2019-18498
+	REJECTED
+	TODO: check
+CVE-2019-18497
+	REJECTED
+	TODO: check
+CVE-2019-18496
+	REJECTED
+	TODO: check
+CVE-2019-18495
+	REJECTED
+	TODO: check
+CVE-2019-18494
+	REJECTED
+	TODO: check
+CVE-2019-18493
+	REJECTED
+	TODO: check
+CVE-2019-18492
+	REJECTED
+	TODO: check
+CVE-2019-18491
+	REJECTED
+	TODO: check
+CVE-2019-18490
+	REJECTED
+	TODO: check
+CVE-2019-18489
+	REJECTED
+	TODO: check
+CVE-2019-18488
+	REJECTED
+	TODO: check
+CVE-2019-18487
+	REJECTED
+	TODO: check
+CVE-2019-18486
+	REJECTED
+	TODO: check
+CVE-2019-18485
+	REJECTED
+	TODO: check
+CVE-2019-18484
+	REJECTED
+	TODO: check
+CVE-2019-18483
+	REJECTED
+	TODO: check
+CVE-2019-18482
+	REJECTED
+	TODO: check
+CVE-2019-18481
+	REJECTED
+	TODO: check
+CVE-2019-18480
+	REJECTED
+	TODO: check
+CVE-2019-18479
+	REJECTED
+	TODO: check
+CVE-2019-18478
+	REJECTED
+	TODO: check
+CVE-2019-18477
+	REJECTED
+	TODO: check
+CVE-2019-18476
+	REJECTED
+	TODO: check
+CVE-2019-18475
+	REJECTED
+	TODO: check
+CVE-2019-18474
+	REJECTED
+	TODO: check
+CVE-2019-18473
+	REJECTED
+	TODO: check
+CVE-2019-18472
+	REJECTED
+	TODO: check
+CVE-2019-18471
+	REJECTED
+	TODO: check
+CVE-2019-18470
+	REJECTED
+	TODO: check
+CVE-2019-18469
+	REJECTED
+	TODO: check
+CVE-2019-18468
+	REJECTED
+	TODO: check
+CVE-2019-18467
+	REJECTED
+	TODO: check
+CVE-2019-18466 (An issue was discovered in Podman in libpod before 1.6.0. It resolves  ...)
+	TODO: check
 CVE-2019-XXXX [database server crash from unserialized data access]
 	- openafs 1.8.5-1 (bug #943587)
 	NOTE: http://openafs.org/pages/security/OPENAFS-SA-2019-003.txt
@@ -584,8 +894,8 @@ CVE-2019-18198 (In the Linux kernel before 5.3.4, a reference count usage error
 	- linux <not-affected> (Vulnerable code introduced later)
 	NOTE: https://git.kernel.org/linus/ca7a03c4175366a92cee0ccc4fec0038c3266e26
 	NOTE: https://launchpad.net/bugs/1847478
-CVE-2019-18195
-	RESERVED
+CVE-2019-18195 (An issue was discovered on TerraMaster FS-210 4.0.19 devices. Normal u ...)
+	TODO: check
 CVE-2019-18194
 	RESERVED
 CVE-2019-18193
@@ -2664,8 +2974,8 @@ CVE-2019-17226 (CMS Made Simple (CMSMS) 2.2.11 allows XSS via the Site Admin &gt
 	NOT-FOR-US: CMS Made Simple
 CVE-2019-17225 (Subrion 4.2.1 allows XSS via the panel/members/ Username, Full Name, o ...)
 	NOT-FOR-US: Subrion CMS
-CVE-2019-17224
-	RESERVED
+CVE-2019-17224 (The web interface of the Compal Broadband CH7465LG modem (version CH74 ...)
+	TODO: check
 CVE-2019-17223 (There is HTML Injection in the Note field in Dolibarr ERP/CRM 10.0.2 v ...)
 	- dolibarr <removed>
 CVE-2019-17222
@@ -2750,8 +3060,8 @@ CVE-2019-17183 (Foxit Reader before 9.7 allows an Access Violation and crash if
 	NOT-FOR-US: Foxit Reader
 CVE-2019-17182
 	RESERVED
-CVE-2019-17181
-	RESERVED
+CVE-2019-17181 (A remote SEH buffer overflow has been discovered in IntraSrv 1.0 (2007 ...)
+	TODO: check
 CVE-2019-17180 (Valve Steam Client before 2019-09-12 allows placing or appending parti ...)
 	NOT-FOR-US: Steam on Windows
 CVE-2019-17179 (4.1.0, 4.1.1, 4.1.2, 4.1.2.3, 4.1.2.6, 4.1.2.7, 4.2.0, 4.2.1, 4.2.2, 5 ...)
@@ -3398,8 +3708,8 @@ CVE-2019-16899 (In Advantech WebAccess/HMI Designer 2.1.9.31, Data from a Faulti
 	NOT-FOR-US: Advantech
 CVE-2019-16898
 	RESERVED
-CVE-2019-16897
-	RESERVED
+CVE-2019-16897 (In K7 Antivirus Premium 16.0.xxx through 16.0.0120; K7 Total Security  ...)
+	TODO: check
 CVE-2019-16896
 	RESERVED
 CVE-2019-16895
@@ -3931,10 +4241,10 @@ CVE-2019-16665 (An issue was discovered in ThinkSAAS 2.91. There is XSS via the
 	NOT-FOR-US: ThinkSAAS
 CVE-2019-16664 (An issue was discovered in ThinkSAAS 2.91. There is XSS via the index. ...)
 	NOT-FOR-US: ThinkSAAS
-CVE-2019-16663
-	RESERVED
-CVE-2019-16662
-	RESERVED
+CVE-2019-16663 (An issue was discovered in rConfig 3.9.2. An attacker can directly exe ...)
+	TODO: check
+CVE-2019-16662 (An issue was discovered in rConfig 3.9.2. An attacker can directly exe ...)
+	TODO: check
 CVE-2019-16661 (Ogma CMS 0.5 has XSS via creation of a new blog. ...)
 	NOT-FOR-US: Ogma CMS
 CVE-2019-16660 (joyplus-cms 1.6.0 has admin_ajax.php?action=savexml&amp;tab=vodplay CS ...)
@@ -4794,7 +5104,7 @@ CVE-2019-16267
 	RESERVED
 CVE-2019-16266
 	RESERVED
-CVE-2019-16265 (3S-Smart CODESYS V2.3 ENI server V3.2.2.23 has a Buffer Overflow. ...)
+CVE-2019-16265 (CODESYS V2.3 ENI server up to V3.2.2.24 has a Buffer Overflow. ...)
 	NOT-FOR-US: 3S-Smart CODESYS
 CVE-2019-16264 (In Escuela de Gestion Publica Plurinacional (EGPP) Sistema Integrado d ...)
 	NOT-FOR-US: Escuela de Gestion Publica Plurinacional (EGPP) Sistema Integrado de Gestion Academica (GESAC)
@@ -7994,20 +8304,20 @@ CVE-2019-14933 (Bagisto 0.1.5 allows CSRF under /admin URIs. ...)
 	NOT-FOR-US: Bagisto
 CVE-2019-14932 (The Recruitment module in Humanica Humatrix 7 1.0.0.681 and 1.0.0.203  ...)
 	NOT-FOR-US: Recruitment module in Humanica Humatrix
-CVE-2019-14931
-	RESERVED
-CVE-2019-14930
-	RESERVED
-CVE-2019-14929
-	RESERVED
-CVE-2019-14928
-	RESERVED
-CVE-2019-14927
-	RESERVED
-CVE-2019-14926
-	RESERVED
-CVE-2019-14925
-	RESERVED
+CVE-2019-14931 (An issue was discovered on Mitsubishi Electric ME-RTU devices through  ...)
+	TODO: check
+CVE-2019-14930 (An issue was discovered on Mitsubishi Electric ME-RTU devices through  ...)
+	TODO: check
+CVE-2019-14929 (An issue was discovered on Mitsubishi Electric ME-RTU devices through  ...)
+	TODO: check
+CVE-2019-14928 (An issue was discovered on Mitsubishi Electric ME-RTU devices through  ...)
+	TODO: check
+CVE-2019-14927 (An issue was discovered on Mitsubishi Electric ME-RTU devices through  ...)
+	TODO: check
+CVE-2019-14926 (An issue was discovered on Mitsubishi Electric ME-RTU devices through  ...)
+	TODO: check
+CVE-2019-14925 (An issue was discovered on Mitsubishi Electric ME-RTU devices through  ...)
+	TODO: check
 CVE-2019-14924 (An issue was discovered in GCDWebServer before 3.5.3. The method moveI ...)
 	NOT-FOR-US: GCDWebServer
 CVE-2019-14923 (EyesOfNetwork 5.1 allows Remote Command Execution via shell metacharac ...)
@@ -9310,8 +9620,8 @@ CVE-2019-14452 (Sigil before 0.9.16 is vulnerable to a directory traversal, allo
 	NOTE: https://github.com/Sigil-Ebook/Sigil/commit/369eebe936e4a8c83cc54662a3412ce8bef189e4
 CVE-2019-14451 (RepetierServer.exe in Repetier-Server 0.8 through 0.91 does not proper ...)
 	NOT-FOR-US: Repetier-Server
-CVE-2019-14450
-	RESERVED
+CVE-2019-14450 (A directory traversal vulnerability was discovered in RepetierServer.e ...)
+	TODO: check
 CVE-2019-14449
 	RESERVED
 CVE-2019-14448
@@ -18141,8 +18451,7 @@ CVE-2019-11045
 	RESERVED
 CVE-2019-11044
 	RESERVED
-CVE-2019-11043
-	RESERVED
+CVE-2019-11043 (In PHP versions 7.1.x below 7.1.33, 7.2.x below 7.2.24 and 7.3.x below ...)
 	{DLA-1970-1}
 	- php7.3 <unfixed>
 	- php7.0 <removed>
@@ -20791,6 +21100,7 @@ CVE-2019-10081 (HTTP/2 (2.4.20 through 2.4.39) very early pushes, for example co
 CVE-2019-10080
 	RESERVED
 CVE-2019-10079 (Apache Traffic Server is vulnerable to HTTP/2 setting flood attacks. E ...)
+	{DSA-4520-1}
 	- trafficserver 8.0.5+ds-1
 	NOTE: https://lists.apache.org/thread.html/ad3d01e767199c1aed8033bb6b3f5bf98c011c7c536f07a5d34b3c19@%3Cannounce.trafficserver.apache.org%3E
 CVE-2019-10078 (A carefully crafted plugin link invocation could trigger an XSS vulner ...)
@@ -33052,12 +33362,12 @@ CVE-2019-5540
 	RESERVED
 CVE-2019-5539
 	RESERVED
-CVE-2019-5538
-	RESERVED
-CVE-2019-5537
-	RESERVED
-CVE-2019-5536
-	RESERVED
+CVE-2019-5538 (Sensitive information disclosure vulnerability resulting from a lack o ...)
+	TODO: check
+CVE-2019-5537 (Sensitive information disclosure vulnerability resulting from a lack o ...)
+	TODO: check
+CVE-2019-5536 (VMware ESXi (6.7 before ESXi670-201908101-SG and 6.5 before ESXi650-20 ...)
+	TODO: check
 CVE-2019-5535 (VMware Workstation and Fusion contain a network denial-of-service vuln ...)
 	NOT-FOR-US: VMware
 CVE-2019-5534 (VMware vCenter Server (6.7.x prior to 6.7 U3, 6.5 prior to 6.5 U3 and  ...)
@@ -37317,8 +37627,8 @@ CVE-2019-3638 (Reflected Cross Site Scripting vulnerability in Administrators we
 	NOT-FOR-US: McAfee
 CVE-2019-3637 (Privilege Escalation vulnerability in McAfee FRP 5.x prior to 5.1.0.20 ...)
 	NOT-FOR-US: McAfee
-CVE-2019-3636
-	RESERVED
+CVE-2019-3636 (A File Masquerade vulnerability in McAfee Total Protection (MTP) versi ...)
+	TODO: check
 CVE-2019-3635 (Exfiltration of Data in McAfee Web Gateway (MWG) 7.8.2.x prior to 7.8. ...)
 	NOT-FOR-US: McAfee
 CVE-2019-3634 (Buffer overflow in McAfee Data Loss Prevention (DLPe) for Windows 11.x ...)
diff --git a/data/CVE/2020.list b/data/CVE/2020.list
index 04dba29325..f6013043c5 100644
--- a/data/CVE/2020.list
+++ b/data/CVE/2020.list
@@ -1,3 +1,203 @@
+CVE-2020-0600
+	RESERVED
+CVE-2020-0599
+	RESERVED
+CVE-2020-0598
+	RESERVED
+CVE-2020-0597
+	RESERVED
+CVE-2020-0596
+	RESERVED
+CVE-2020-0595
+	RESERVED
+CVE-2020-0594
+	RESERVED
+CVE-2020-0593
+	RESERVED
+CVE-2020-0592
+	RESERVED
+CVE-2020-0591
+	RESERVED
+CVE-2020-0590
+	RESERVED
+CVE-2020-0589
+	RESERVED
+CVE-2020-0588
+	RESERVED
+CVE-2020-0587
+	RESERVED
+CVE-2020-0586
+	RESERVED
+CVE-2020-0585
+	RESERVED
+CVE-2020-0584
+	RESERVED
+CVE-2020-0583
+	RESERVED
+CVE-2020-0582
+	RESERVED
+CVE-2020-0581
+	RESERVED
+CVE-2020-0580
+	RESERVED
+CVE-2020-0579
+	RESERVED
+CVE-2020-0578
+	RESERVED
+CVE-2020-0577
+	RESERVED
+CVE-2020-0576
+	RESERVED
+CVE-2020-0575
+	RESERVED
+CVE-2020-0574
+	RESERVED
+CVE-2020-0573
+	RESERVED
+CVE-2020-0572
+	RESERVED
+CVE-2020-0571
+	RESERVED
+CVE-2020-0570
+	RESERVED
+CVE-2020-0569
+	RESERVED
+CVE-2020-0568
+	RESERVED
+CVE-2020-0567
+	RESERVED
+CVE-2020-0566
+	RESERVED
+CVE-2020-0565
+	RESERVED
+CVE-2020-0564
+	RESERVED
+CVE-2020-0563
+	RESERVED
+CVE-2020-0562
+	RESERVED
+CVE-2020-0561
+	RESERVED
+CVE-2020-0560
+	RESERVED
+CVE-2020-0559
+	RESERVED
+CVE-2020-0558
+	RESERVED
+CVE-2020-0557
+	RESERVED
+CVE-2020-0556
+	RESERVED
+CVE-2020-0555
+	RESERVED
+CVE-2020-0554
+	RESERVED
+CVE-2020-0553
+	RESERVED
+CVE-2020-0552
+	RESERVED
+CVE-2020-0551
+	RESERVED
+CVE-2020-0550
+	RESERVED
+CVE-2020-0549
+	RESERVED
+CVE-2020-0548
+	RESERVED
+CVE-2020-0547
+	RESERVED
+CVE-2020-0546
+	RESERVED
+CVE-2020-0545
+	RESERVED
+CVE-2020-0544
+	RESERVED
+CVE-2020-0543
+	RESERVED
+CVE-2020-0542
+	RESERVED
+CVE-2020-0541
+	RESERVED
+CVE-2020-0540
+	RESERVED
+CVE-2020-0539
+	RESERVED
+CVE-2020-0538
+	RESERVED
+CVE-2020-0537
+	RESERVED
+CVE-2020-0536
+	RESERVED
+CVE-2020-0535
+	RESERVED
+CVE-2020-0534
+	RESERVED
+CVE-2020-0533
+	RESERVED
+CVE-2020-0532
+	RESERVED
+CVE-2020-0531
+	RESERVED
+CVE-2020-0530
+	RESERVED
+CVE-2020-0529
+	RESERVED
+CVE-2020-0528
+	RESERVED
+CVE-2020-0527
+	RESERVED
+CVE-2020-0526
+	RESERVED
+CVE-2020-0525
+	RESERVED
+CVE-2020-0524
+	RESERVED
+CVE-2020-0523
+	RESERVED
+CVE-2020-0522
+	RESERVED
+CVE-2020-0521
+	RESERVED
+CVE-2020-0520
+	RESERVED
+CVE-2020-0519
+	RESERVED
+CVE-2020-0518
+	RESERVED
+CVE-2020-0517
+	RESERVED
+CVE-2020-0516
+	RESERVED
+CVE-2020-0515
+	RESERVED
+CVE-2020-0514
+	RESERVED
+CVE-2020-0513
+	RESERVED
+CVE-2020-0512
+	RESERVED
+CVE-2020-0511
+	RESERVED
+CVE-2020-0510
+	RESERVED
+CVE-2020-0509
+	RESERVED
+CVE-2020-0508
+	RESERVED
+CVE-2020-0507
+	RESERVED
+CVE-2020-0506
+	RESERVED
+CVE-2020-0505
+	RESERVED
+CVE-2020-0504
+	RESERVED
+CVE-2020-0503
+	RESERVED
+CVE-2020-0502
+	RESERVED
+CVE-2020-0501
+	RESERVED
 CVE-2020-0500
 	RESERVED
 CVE-2020-0499
author	security tracker role <sectracker@soriano.debian.org>	2019-10-28 20:10:27 +0000
committer	security tracker role <sectracker@soriano.debian.org>	2019-10-28 20:10:27 +0000
commit	15e8eb406f7d21c157fb3c11ce6bac06d783cc89 (patch)
tree	d9d148ab2ba47971bf11c5f859dfbb6cbd8b088d /data
parent	7b2784f3f9050d309802140e0d63439b105a0ab3 (diff)