automatic update

3 files changed, 19 insertions, 17 deletions

diff --git a/data/CVE/2012.list b/data/CVE/2012.list
index fc174e1595..6e40ac454b 100644
--- a/data/CVE/2012.list
+++ b/data/CVE/2012.list
@@ -4659,8 +4659,8 @@ CVE-2012-4820 (Unspecified vulnerability in the JRE component in IBM Java 7 SR2
 	- openjdk-7 <not-affected> (Vulnerabilities specific to IBM Java)
 CVE-2012-4819 (Cross-site scripting (XSS) vulnerability in InfoSphere Business Glossa ...)
 	NOT-FOR-US: IBM InfoSphere
-CVE-2012-4818
-	RESERVED
+CVE-2012-4818 (IBM InfoSphere Information Server 8.1, 8.5, and 8,7 could allow a remo ...)
+	TODO: check
 CVE-2012-4817 (The NFSv4 client implementation in IBM AIX 5.3, 6.1, and 7.1, and VIOS ...)
 	NOT-FOR-US: IBM AIX, VIOS
 CVE-2012-4816 (IBM Rational Automation Framework (RAF) 3.x through 3.0.0.5 allows rem ...)
diff --git a/data/CVE/2019.list b/data/CVE/2019.list
index 8edb6e19db..b4c33b1b27 100644
--- a/data/CVE/2019.list
+++ b/data/CVE/2019.list
@@ -188,7 +188,7 @@ CVE-2019-20840 (An issue was discovered in LibVNCServer before 0.9.13. libvncser
 	NOTE: https://github.com/LibVNC/libvncserver/commit/0cf1400c61850065de590d403f6d49e32882fd76
 	NOTE: Vulnerable code is introduced with the fix for CVE-2017-18922.
 CVE-2019-20839 (libvncclient/sockets.c in LibVNCServer before 0.9.13 has a buffer over ...)
-	{DLA-2264-1}
+	{DLA-2347-1 DLA-2264-1}
 	- libvncserver 0.9.13+dfsg-1
 	[buster] - libvncserver <no-dsa> (Minor issue; will be fixed via point release)
 	NOTE: https://github.com/LibVNC/libvncserver/commit/3fd03977c9b35800d73a865f167338cb4d05b0c1
diff --git a/data/CVE/2020.list b/data/CVE/2020.list
index b2c68113b6..0dc7d65304 100644
--- a/data/CVE/2020.list
+++ b/data/CVE/2020.list
@@ -1,3 +1,5 @@
+CVE-2020-25015
+	RESERVED
 CVE-2020-25014
 	RESERVED
 CVE-2020-25013
@@ -20277,18 +20279,18 @@ CVE-2020-15161
 	RESERVED
 CVE-2020-15160
 	RESERVED
-CVE-2020-15159
-	RESERVED
+CVE-2020-15159 (baserCMS 4.3.6 and earlier is affected by Cross Site Scripting (XSS) a ...)
+	TODO: check
 CVE-2020-15158 (In libIEC61850 before version 1.4.3, when a message with COTP message  ...)
 	NOT-FOR-US: libIEC61850
 CVE-2020-15157
 	RESERVED
 CVE-2020-15156 (In nodebb-plugin-blog-comments before version 0.7.0, a logged in user  ...)
 	NOT-FOR-US: nodebb-plugin-blog-comments
-CVE-2020-15155
-	RESERVED
-CVE-2020-15154
-	RESERVED
+CVE-2020-15155 (baserCMS 4.3.6 and earlier is affected by Cross Site Scripting (XSS) v ...)
+	TODO: check
+CVE-2020-15154 (baserCMS 4.3.6 and earlier is affected by Cross Site Scripting (XSS) v ...)
+	TODO: check
 CVE-2020-15153
 	RESERVED
 CVE-2020-15152 (ftp-srv versions 1.0.0 through 4.3.3 are vulnerable to Server-Side Req ...)
@@ -21941,37 +21943,37 @@ CVE-2020-14407
 CVE-2020-14406
 	RESERVED
 CVE-2020-14405 (An issue was discovered in LibVNCServer before 0.9.13. libvncclient/rf ...)
-	{DLA-2264-1}
+	{DLA-2347-1 DLA-2264-1}
 	- libvncserver 0.9.13+dfsg-1
 	[buster] - libvncserver <no-dsa> (Minor issue; will be fixed via point release)
 	NOTE: https://github.com/LibVNC/libvncserver/commit/8937203441ee241c4ace85da687b7d6633a12365
 CVE-2020-14404 (An issue was discovered in LibVNCServer before 0.9.13. libvncserver/rr ...)
-	{DLA-2264-1}
+	{DLA-2347-1 DLA-2264-1}
 	- libvncserver 0.9.13+dfsg-1
 	[buster] - libvncserver <no-dsa> (Minor issue; will be fixed via point release)
 	NOTE: https://github.com/LibVNC/libvncserver/commit/74e8a70f2c9a5248d6718ce443e07c7ed314dfff
 CVE-2020-14403 (An issue was discovered in LibVNCServer before 0.9.13. libvncserver/he ...)
-	{DLA-2264-1}
+	{DLA-2347-1 DLA-2264-1}
 	- libvncserver 0.9.13+dfsg-1
 	[buster] - libvncserver <no-dsa> (Minor issue; will be fixed via point release)
 	NOTE: https://github.com/LibVNC/libvncserver/commit/74e8a70f2c9a5248d6718ce443e07c7ed314dfff
 CVE-2020-14402 (An issue was discovered in LibVNCServer before 0.9.13. libvncserver/co ...)
-	{DLA-2264-1}
+	{DLA-2347-1 DLA-2264-1}
 	- libvncserver 0.9.13+dfsg-1
 	[buster] - libvncserver <no-dsa> (Minor issue; will be fixed via point release)
 	NOTE: https://github.com/LibVNC/libvncserver/commit/74e8a70f2c9a5248d6718ce443e07c7ed314dfff
 CVE-2020-14401 (An issue was discovered in LibVNCServer before 0.9.13. libvncserver/sc ...)
-	{DLA-2264-1}
+	{DLA-2347-1 DLA-2264-1}
 	- libvncserver 0.9.13+dfsg-1
 	[buster] - libvncserver <no-dsa> (Minor issue; will be fixed via point release)
 	NOTE: https://github.com/LibVNC/libvncserver/commit/a6788d1da719ae006605b78d22f5a9f170b423af
 CVE-2020-14400 (** DISPUTED ** An issue was discovered in LibVNCServer before 0.9.13.  ...)
-	{DLA-2264-1}
+	{DLA-2347-1 DLA-2264-1}
 	- libvncserver 0.9.13+dfsg-1
 	[buster] - libvncserver <no-dsa> (Minor issue; will be fixed via point release)
 	NOTE: https://github.com/LibVNC/libvncserver/commit/53073c8d7e232151ea2ecd8a1243124121e10e2d
 CVE-2020-14399 (** DISPUTED ** An issue was discovered in LibVNCServer before 0.9.13.  ...)
-	{DLA-2264-1}
+	{DLA-2347-1 DLA-2264-1}
 	- libvncserver 0.9.13+dfsg-1
 	[buster] - libvncserver <no-dsa> (Minor issue; will be fixed via point release)
 	NOTE: https://github.com/LibVNC/libvncserver/commit/23e5cbe6b090d7f22982aee909a6a618174d3c2d
@@ -21982,7 +21984,7 @@ CVE-2020-14398 (An issue was discovered in LibVNCServer before 0.9.13. An improp
 	[jessie] - libvncserver <ignored> (Proposed patch might break ABI for consumers)
 	NOTE: https://github.com/LibVNC/libvncserver/commit/57433015f856cc12753378254ce4f1c78f5d9c7b
 CVE-2020-14397 (An issue was discovered in LibVNCServer before 0.9.13. libvncserver/rf ...)
-	{DLA-2264-1}
+	{DLA-2347-1 DLA-2264-1}
 	- libvncserver 0.9.13+dfsg-1
 	[buster] - libvncserver <no-dsa> (Minor issue; will be fixed via point release)
 	NOTE: https://github.com/LibVNC/libvncserver/commit/38e98ee61d74f5f5ab4aa4c77146faad1962d6d0