automatic update

7 files changed, 173 insertions, 82 deletions

diff --git a/data/CVE/2009.list b/data/CVE/2009.list
index dee72bd1e4..f77ca77177 100644
--- a/data/CVE/2009.list
+++ b/data/CVE/2009.list
@@ -3099,8 +3099,7 @@ CVE-2009-3889 (The dbg_lvl file for the megaraid_sas driver in the Linux kernel
 CVE-2009-3888 (The do_mmap_pgoff function in mm/nommu.c in the Linux kernel before 2. ...)
 	- linux-2.6 <not-affected> (Vulnerable code not built)
 	- linux-2.6.24 <not-affected> (Vulnerable code not built)
-CVE-2009-3887 [ytnef path traversal]
-	RESERVED
+CVE-2009-3887 (ytnef has directory traversal ...)
 	- ytnef <removed> (bug #567631)
 	[lenny] - ytnef <no-dsa> (Minor issue)
 	NOTE: http://www.ocert.org/advisories/ocert-2009-013.html
@@ -3637,8 +3636,7 @@ CVE-2009-3725 (The connector layer in the Linux kernel before 2.6.31.5 does not
 CVE-2009-3724
 	RESERVED
 	NOT-FOR-US: python-markdown2 (not our markdown, different code base)
-CVE-2009-3723 [Unauthorized calls allowed on prohibited networks in asterisk]
-	RESERVED
+CVE-2009-3723 (asterisk allows calls on prohibited networks ...)
 	[etch] - asterisk <not-affected>
 	[lenny] - asterisk <not-affected>
 	- asterisk 1:1.6.2.0~rc3-2 (medium; bug #552756)
diff --git a/data/CVE/2010.list b/data/CVE/2010.list
index 8f67ea5078..9afb592776 100644
--- a/data/CVE/2010.list
+++ b/data/CVE/2010.list
@@ -3645,8 +3645,7 @@ CVE-2010-3841 (Multiple cross-site scripting (XSS) vulnerabilities in lib/TWiki.
 CVE-2010-3845 (libapache-authenhook-perl 2.00-04 stores usernames and passwords in pl ...)
 	- libapache-authenhook-perl 2.00-04+pristine-2 (low; bug #599712)
 	[lenny] - libapache-authenhook-perl 2.00-04+pristine-1+lenny1
-CVE-2010-4237
-	RESERVED
+CVE-2010-4237 (Mercurial before 1.6.4 fails to verify the Common Name field of SSL ce ...)
 	- mercurial 1.6.4-1 (low; bug #598841)
 	[lenny] - mercurial <no-dsa> (Minor issue)
 CVE-2010-3840 (The Gis_line_string::init_from_wkb function in sql/spatial.cc in MySQL ...)
@@ -4964,14 +4963,12 @@ CVE-2010-3377 (The (1) runSalome, (2) runTestMedCorba, (3) runLightSalome, and (
 CVE-2010-3376 (The (1) proofserv, (2) xrdcp, (3) xrdpwdadmin, and (4) xrd scripts in  ...)
 	- root-system 5.34.00-1 (bug #598420; bug #598419)
 	[lenny] - root-system <no-dsa> (minor issue)
-CVE-2010-3375
-	RESERVED
+CVE-2010-3375 (qtparted has insecure library loading which may allow arbitrary code e ...)
 	- qtparted 0.4.5-8 (low; bug #598301)
 	[lenny] - qtparted <no-dsa> (Minor issue)
 CVE-2010-3374 (Qt Creator before 2.0.1 places a zero-length directory name in the LD_ ...)
 	- qtcreator 1.3.1-3 (bug #598300)
-CVE-2010-3373
-	RESERVED
+CVE-2010-3373 (paxtest handles temporary files insecurely ...)
 	- paxtest 1:0.9.9-1 (unimportant; bug #598413)
 CVE-2010-3372 (Untrusted search path vulnerability in NorduGrid Advanced Resource Con ...)
 	- nordugrid-arc-nox 1.1.0~rc6-2.1 (bug #606151)
diff --git a/data/CVE/2011.list b/data/CVE/2011.list
index 776d875f69..9751b56923 100644
--- a/data/CVE/2011.list
+++ b/data/CVE/2011.list
@@ -916,8 +916,7 @@ CVE-2011-4933
 	REJECTED
 CVE-2011-4932 (Eval injection vulnerability in ip_cms/modules/standard/content_manage ...)
 	NOT-FOR-US: ImpressPages CMS not in Debian
-CVE-2011-4931
-	RESERVED
+CVE-2011-4931 (gpw generates shorter passwords than required ...)
 	- gpw <unfixed> (unimportant; bug #651510)
 	NOTE: This has only marginal security impact
 CVE-2011-4930 (Multiple format string vulnerabilities in Condor 7.2.0 through 7.6.4,  ...)
@@ -13133,8 +13132,7 @@ CVE-2011-0430 (Double free vulnerability in the Rx server process in OpenAFS 1.4
 	- openafs 1.4.14+dfsg-1
 CVE-2011-0429
 	RESERVED
-CVE-2011-0428
-	RESERVED
+CVE-2011-0428 (Cross Site Scripting (XSS) in ikiwiki before 3.20110122 could allow re ...)
 	- ikiwiki 3.20110122
 	[squeeze] - ikiwiki 3.20100815.5
 	[lenny] - ikiwiki <not-affected> (Vulnerable code not present)
diff --git a/data/CVE/2012.list b/data/CVE/2012.list
index bdf82b61c4..e3098f92dc 100644
--- a/data/CVE/2012.list
+++ b/data/CVE/2012.list
@@ -13626,8 +13626,7 @@ CVE-2012-1189 (Stack-based buffer overflow in modules/graphic/ssgraph/grsound.cp
 	- speed-dreams <itp> (bug #599884)
 CVE-2012-1188 (Multiple cross-site scripting (XSS) vulnerabilities in Fork CMS before ...)
 	NOT-FOR-US: Fork CMS
-CVE-2012-1187
-	RESERVED
+CVE-2012-1187 (Bitlbee does not drop extra group privileges correctly in unix.c ...)
 	- bitlbee 3.0.4+bzr855-1 (low)
 	[squeeze] - bitlbee <no-dsa> (Minor issue)
 CVE-2012-1186 (Integer overflow in the SyncImageProfiles function in profile.c in Ima ...)
@@ -16527,8 +16526,7 @@ CVE-2012-0048 (OpenTTD 0.3.5 through 1.1.4 allows remote attackers to cause a de
 	NOTE: contacted MITRE, will be rejected
 CVE-2012-0047 (Cross-site scripting (XSS) vulnerability in Apache Wicket 1.4.x before ...)
 	NOT-FOR-US: Apache Wicket
-CVE-2012-0046 [mediawiki info leak]
-	RESERVED
+CVE-2012-0046 (mediawiki allows deleted text to be exposed ...)
 	- mediawiki 1:1.15.5-6 (low; bug #655694)
 	[squeeze] - mediawiki 1:1.15.5-2squeeze3
 	[lenny] - mediawiki <not-affected> (Vulnerable code not present)
diff --git a/data/CVE/2016.list b/data/CVE/2016.list
index d62dec0dac..ce468b27b7 100644
--- a/data/CVE/2016.list
+++ b/data/CVE/2016.list
@@ -20484,8 +20484,8 @@ CVE-2016-4291 (When opening a Hangul HShow Document (.hpt) and processing a stru
 	NOT-FOR-US: Hancom Office
 CVE-2016-4290 (When opening a Hangul HShow Document (.hpt) and processing a structure ...)
 	NOT-FOR-US: Hancom Office
-CVE-2016-4289
-	RESERVED
+CVE-2016-4289 (A stack based buffer overflow vulnerability exists in the method recei ...)
+	TODO: check
 CVE-2016-4288 (A local privilege escalation vulnerability exists in BlueStacks App Pl ...)
 	NOT-FOR-US: BlueStacks
 CVE-2016-4287 (Integer overflow in Adobe Flash Player before 18.0.0.375 and 19.x thro ...)
diff --git a/data/CVE/2018.list b/data/CVE/2018.list
index 9bc450e112..c4f4fafa68 100644
--- a/data/CVE/2018.list
+++ b/data/CVE/2018.list
@@ -27546,8 +27546,8 @@ CVE-2018-10729 (All Phoenix Contact managed FL SWITCH 3xxx, 4xxx, 48xx products
 	NOT-FOR-US: Phoenix Contact managed FL SWITCH 3xxx, 4xxx, 48xx products
 CVE-2018-10728 (All Phoenix Contact managed FL SWITCH 3xxx, 4xxx, 48xx products runnin ...)
 	NOT-FOR-US: Phoenix Contact managed FL SWITCH 3xxx, 4xxx, 48xx products
-CVE-2018-10727
-	RESERVED
+CVE-2018-10727 (Reflected Cross-Site Scripting (XSS) vulnerability in the fabrik_refer ...)
+	TODO: check
 CVE-2018-10726 (** DISPUTED ** A stored XSS vulnerability was found in Datenstrom Yell ...)
 	NOT-FOR-US: Datenstrom Yellow
 CVE-2018-10725
diff --git a/data/CVE/2019.list b/data/CVE/2019.list
index d1b2f441b1..cb0f21ca85 100644
--- a/data/CVE/2019.list
+++ b/data/CVE/2019.list
@@ -1,3 +1,107 @@
+CVE-2019-18625
+	RESERVED
+CVE-2019-18624 (Opera Mini for Android allows attackers to bypass intended restriction ...)
+	TODO: check
+CVE-2019-18623
+	RESERVED
+CVE-2019-18622
+	RESERVED
+CVE-2019-18621
+	RESERVED
+CVE-2019-18620
+	RESERVED
+CVE-2019-18619
+	RESERVED
+CVE-2019-18618
+	RESERVED
+CVE-2019-18617
+	RESERVED
+CVE-2019-18616
+	RESERVED
+CVE-2019-18615
+	RESERVED
+CVE-2019-18614
+	RESERVED
+CVE-2019-18613
+	RESERVED
+CVE-2019-18612 (An issue was discovered in the AbuseFilter extension through 1.34 for  ...)
+	TODO: check
+CVE-2019-18611 (An issue was discovered in the CheckUser extension through 1.34 for Me ...)
+	TODO: check
+CVE-2019-18610
+	RESERVED
+CVE-2019-18609
+	RESERVED
+CVE-2019-18608 (Cezerin v0.33.0 allows unauthorized order-information modification bec ...)
+	TODO: check
+CVE-2019-18607
+	RESERVED
+CVE-2019-18606
+	RESERVED
+CVE-2019-18605
+	RESERVED
+CVE-2019-18604 (In axohelp.c before 1.3 in axohelp in axodraw2 before 2.1.1b, as distr ...)
+	TODO: check
+CVE-2019-18600
+	RESERVED
+CVE-2019-18599
+	RESERVED
+CVE-2019-18598
+	RESERVED
+CVE-2019-18597
+	RESERVED
+CVE-2019-18596
+	RESERVED
+CVE-2019-18595
+	RESERVED
+CVE-2019-18594
+	RESERVED
+CVE-2019-18593
+	RESERVED
+CVE-2019-18592
+	RESERVED
+CVE-2019-18591
+	RESERVED
+CVE-2019-18590
+	RESERVED
+CVE-2019-18589
+	RESERVED
+CVE-2019-18588
+	RESERVED
+CVE-2019-18587
+	RESERVED
+CVE-2019-18586
+	RESERVED
+CVE-2019-18585
+	RESERVED
+CVE-2019-18584
+	RESERVED
+CVE-2019-18583
+	RESERVED
+CVE-2019-18582
+	RESERVED
+CVE-2019-18581
+	RESERVED
+CVE-2019-18580
+	RESERVED
+CVE-2019-18579
+	RESERVED
+CVE-2019-18578
+	RESERVED
+CVE-2019-18577
+	RESERVED
+CVE-2019-18576
+	RESERVED
+CVE-2019-18575
+	RESERVED
+CVE-2019-18574
+	RESERVED
+CVE-2019-18573
+	RESERVED
+CVE-2019-18572
+	RESERVED
+CVE-2019-18571
+	RESERVED
 CVE-2019-18570
 	RESERVED
 CVE-2019-18569
@@ -208,13 +312,13 @@ CVE-2019-18467
 	REJECTED
 CVE-2019-18466 (An issue was discovered in Podman in libpod before 1.6.0. It resolves  ...)
 	NOT-FOR-US: libpod (podman library used to create container pods)
-CVE-2019-18601 [database server crash from unserialized data access]
+CVE-2019-18601 (OpenAFS before 1.6.24 and 1.8.x before 1.8.5 is prone to denial of ser ...)
 	- openafs 1.8.5-1 (bug #943587)
 	NOTE: http://openafs.org/pages/security/OPENAFS-SA-2019-003.txt
-CVE-2019-18602 [information leakage from uninitialized scalars]
+CVE-2019-18602 (OpenAFS before 1.6.24 and 1.8.x before 1.8.5 is prone to an informatio ...)
 	- openafs 1.8.5-1 (bug #943587)
 	NOTE: http://openafs.org/pages/security/OPENAFS-SA-2019-002.txt
-CVE-2019-18603 [information leakage in failed RPC output]
+CVE-2019-18603 (OpenAFS before 1.6.24 and 1.8.x before 1.8.5 is prone to information l ...)
 	- openafs 1.8.5-1 (bug #943587)
 	NOTE: http://openafs.org/pages/security/OPENAFS-SA-2019-001.txt
 CVE-2019-18465
@@ -4173,8 +4277,8 @@ CVE-2019-16649 (On Supermicro H11, H12, M11, X9, X10, and X11 products, a combin
 	NOT-FOR-US: Supermicro
 CVE-2019-16648
 	RESERVED
-CVE-2019-16647
-	RESERVED
+CVE-2019-16647 (Unquoted Search Path in Maxthon 5.1.0 to 5.2.7 Browser for Windows. ...)
+	TODO: check
 CVE-2019-16646
 	RESERVED
 CVE-2019-16645 (An issue was discovered in Embedthis GoAhead 2.5.0. Certain pages (suc ...)
@@ -6461,18 +6565,18 @@ CVE-2019-15685
 	RESERVED
 CVE-2019-15684
 	RESERVED
-CVE-2019-15683
-	RESERVED
+CVE-2019-15683 (TurboVNC server code contains stack buffer overflow vulnerability in c ...)
+	TODO: check
 CVE-2019-15682
 	RESERVED
-CVE-2019-15681
-	RESERVED
-CVE-2019-15680
-	RESERVED
-CVE-2019-15679
-	RESERVED
-CVE-2019-15678
-	RESERVED
+CVE-2019-15681 (LibVNC commit before d01e1bb4246323ba6fcee3b82ef1faa9b1dac82a contains ...)
+	TODO: check
+CVE-2019-15680 (TightVNC code version 1.3.10 contains null pointer dereference in Hand ...)
+	TODO: check
+CVE-2019-15679 (TightVNC code version 1.3.10 contains heap buffer overflow in Initiali ...)
+	TODO: check
+CVE-2019-15678 (TightVNC code version 1.3.10 contains heap buffer overflow in rfbServe ...)
+	TODO: check
 CVE-2019-15677
 	RESERVED
 CVE-2019-15676
@@ -13034,8 +13138,8 @@ CVE-2019-13068 (public/app/features/panel/panel_ctrl.ts in Grafana before 6.2.5
 	NOTE: https://github.com/grafana/grafana/issues/17718
 CVE-2019-13067 (njs through 0.3.3, used in NGINX, has a buffer over-read in nxt_utf8_d ...)
 	NOT-FOR-US: njs
-CVE-2019-13066
-	RESERVED
+CVE-2019-13066 (Sahi Pro 8.0.0 has a script manager arena located at _s_/dyn/pro/DBRep ...)
+	TODO: check
 CVE-2019-13065
 	RESERVED
 CVE-2019-13064
@@ -18473,7 +18577,7 @@ CVE-2019-11023 (The agroot() function in cgraph\obj.c in libcgraph.a in Graphviz
 	NOTE: Crash in CLI tool, no security impact
 CVE-2019-11022
 	RESERVED
-CVE-2019-11021 (admin/app/mediamanager in Schlix CMS 2.1.8-7 allows Authenticated Unre ...)
+CVE-2019-11021 (** DISPUTED ** admin/app/mediamanager in Schlix CMS 2.1.8-7 allows Aut ...)
 	NOT-FOR-US: Schlix CMS
 CVE-2019-11020 (Lack of authentication in file-viewing components in DDRT Dashcom Live ...)
 	NOT-FOR-US: DDRT Dashcom
@@ -19146,8 +19250,8 @@ CVE-2019-10751 (All versions of the HTTPie package prior to version 1.0.3 are vu
 	NOTE: https://github.com/jakubroztocil/httpie/commit/df36d6255df5793129b02ac82f1010171bd8a0a8
 CVE-2019-10750 (deeply is vulnerable to Prototype Pollution in versions before 3.1.0.  ...)
 	NOT-FOR-US: deeply
-CVE-2019-10749
-	RESERVED
+CVE-2019-10749 (sequelize before version 3.35.1 allows attackers to perform a SQL Inje ...)
+	TODO: check
 CVE-2019-10748 (Sequelize all versions prior to 3.35.1, 4.44.3, and 5.8.11 are vulnera ...)
 	NOT-FOR-US: sequelize
 CVE-2019-10747 (set-value is vulnerable to Prototype Pollution in versions lower than  ...)
@@ -19173,7 +19277,7 @@ CVE-2019-10744 (Versions of lodash lower than 4.17.12 are vulnerable to Prototyp
 	NOTE: https://snyk.io/vuln/SNYK-JS-LODASH-450202
 	NOTE: https://github.com/lodash/lodash/issues/4348
 	NOTE: https://github.com/lodash/lodash/pull/4336
-CVE-2019-10743 (github.com/mholt/archiver/cmd/arc package versions 3.0.0 and later are ...)
+CVE-2019-10743 (All versions of archiver allow attacker to perform a Zip Slip attack v ...)
 	NOT-FOR-US: archiver
 CVE-2019-10742 (Axios up to and including 0.18.0 allows attackers to cause a denial of ...)
 	- node-axios 0.17.1+dfsg-2 (bug #928624)
@@ -20500,21 +20604,17 @@ CVE-2019-10212 (A flaw was found in, all under 2.0.20, in the Undertow DEBUG log
 	- undertow 2.0.27-1
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1731984
 	NOTE: https://github.com/undertow-io/undertow/pull/815
-CVE-2019-10211
-	RESERVED
+CVE-2019-10211 (Postgresql Windows installer before versions 11.5, 10.10, 9.6.15, 9.5. ...)
 	NOT-FOR-US: EnterpriseDB Windows installer
-CVE-2019-10210
-	RESERVED
+CVE-2019-10210 (Postgresql Windows installer before versions 11.5, 10.10, 9.6.15, 9.5. ...)
 	NOT-FOR-US: EnterpriseDB Windows installer
-CVE-2019-10209 [postgres: Fix execution of hashed subplans that require cross-type comparison]
-	RESERVED
+CVE-2019-10209 (Postgresql, versions 11.x before 11.5, is vulnerable to a memory discl ...)
 	{DSA-4493-1}
 	- postgresql-11 11.5-1
 	- postgresql-9.6 <not-affected> (Only affects PostgreSQL 11)
 	- postgresql-9.4 <not-affected> (Only affects PostgreSQL 11)
 	NOTE: https://www.postgresql.org/about/news/1960/
-CVE-2019-10208 [postgres: Require schema qualification to cast to a temporary type when using functional cast syntax]
-	RESERVED
+CVE-2019-10208 (A flaw was discovered in postgresql where arbitrary SQL statements can ...)
 	{DSA-4493-1 DSA-4492-1 DLA-1874-1}
 	- postgresql-11 11.5-1
 	- postgresql-9.6 <removed>
@@ -21436,8 +21536,8 @@ CVE-2019-9928 (GStreamer before 1.16.0 has a heap-based buffer overflow in the R
 	NOTE: https://gitlab.freedesktop.org/gstreamer/gst-plugins-base/commit/f672277509705c4034bc92a141eefee4524d15aa (1.15.90)
 CVE-2019-9927 (Caret before 2019-02-22 allows Remote Code Execution. ...)
 	NOT-FOR-US: Caret editor
-CVE-2019-9926
-	RESERVED
+CVE-2019-9926 (An issue was discovered in LabKey Server 19.1.0. It is possible to for ...)
+	TODO: check
 CVE-2019-9925 (S-CMS PHP v1.0 has XSS in 4.edu.php via the S_id parameter. ...)
 	NOT-FOR-US: S-CMS PHP
 CVE-2019-9924 (rbash in Bash before 4.4-beta2 did not prevent the shell user from mod ...)
@@ -22773,7 +22873,7 @@ CVE-2019-9765 (In Blog_mini 1.0, XSS exists via the author name of a comment rep
 	NOT-FOR-US: Blog_mini
 CVE-2019-9764 (HashiCorp Consul 1.4.3 lacks server hostname verification for agent-to ...)
 	NOT-FOR-US: HashiCorp Consul
-CVE-2019-9763 (An issue was discovered in Openfind Mail2000 v6 Webmail. XSS can occur ...)
+CVE-2019-9763 (An issue was discovered in Openfind Mail2000 6.0 and 7.0 Webmail. XSS  ...)
 	NOT-FOR-US: Openfind Mail2000 Webmail
 CVE-2019-9762 (A SQL Injection was discovered in PHPSHE 1.7 in include/plugin/payment ...)
 	NOT-FOR-US: PHPSHE
@@ -22783,10 +22883,10 @@ CVE-2019-9760 (FTPGetter Standard v.5.97.0.177 allows remote code execution when
 	NOT-FOR-US: FTPGetter
 CVE-2019-9759 (An issue was discovered in TONGDA Office Anywhere 10.18.190121. There  ...)
 	NOT-FOR-US: TONGDA Office Anywhere
-CVE-2019-9758
-	RESERVED
-CVE-2019-9757
-	RESERVED
+CVE-2019-9758 (An issue was discovered in LabKey Server 19.1.0. The display name of a ...)
+	TODO: check
+CVE-2019-9757 (An issue was discovered in LabKey Server 19.1.0. Sending an SVG contai ...)
+	TODO: check
 CVE-2019-9756 (An issue was discovered in GitLab Community and Enterprise Edition 10. ...)
 	[experimental] - gitlab 11.8.2-1
 	- gitlab 11.8.2-2 (bug #924447)
@@ -26773,8 +26873,8 @@ CVE-2019-8289 (Vulnerability in Online Store v1.0, stored XSS in admin/user_view
 	NOT-FOR-US: Online Store System
 CVE-2019-8288 (Vulnerability in Online Store v1.0, Stored XSS in user_view.php where  ...)
 	NOT-FOR-US: Online Store System
-CVE-2019-8287
-	RESERVED
+CVE-2019-8287 (TightVNC code version 1.3.10 contains global buffer overflow in Handle ...)
+	TODO: check
 CVE-2019-8286 (Information Disclosure in Kaspersky Anti-Virus, Kaspersky Internet Sec ...)
 	NOT-FOR-US: Kaspersky
 CVE-2019-8285 (Kaspersky Lab Antivirus Engine version before 04.apr.2019 has a heap-b ...)
@@ -30154,28 +30254,28 @@ CVE-2019-6853
 	RESERVED
 CVE-2019-6852
 	RESERVED
-CVE-2019-6851
-	RESERVED
-CVE-2019-6850
-	RESERVED
-CVE-2019-6849
-	RESERVED
-CVE-2019-6848
-	RESERVED
-CVE-2019-6847
-	RESERVED
-CVE-2019-6846
-	RESERVED
-CVE-2019-6845
-	RESERVED
-CVE-2019-6844
-	RESERVED
-CVE-2019-6843
-	RESERVED
-CVE-2019-6842
-	RESERVED
-CVE-2019-6841
-	RESERVED
+CVE-2019-6851 (A CWE-538: File and Directory Information Exposure vulnerability exist ...)
+	TODO: check
+CVE-2019-6850 (A CWE-200: Information Exposure vulnerability exists in Modicon M580,  ...)
+	TODO: check
+CVE-2019-6849 (A CWE-200: Information Exposure vulnerability exists in Modicon M580,  ...)
+	TODO: check
+CVE-2019-6848 (A CWE-248: Uncaught Exception vulnerability exists in Modicon M580, Mo ...)
+	TODO: check
+CVE-2019-6847 (A CWE-248: Uncaught Exception vulnerability exists in Modicon M580, Mo ...)
+	TODO: check
+CVE-2019-6846 (A CWE-319: Cleartext Transmission of Sensitive Information vulnerabili ...)
+	TODO: check
+CVE-2019-6845 (A CWE-319: Cleartext Transmission of Sensitive Information vulnerabili ...)
+	TODO: check
+CVE-2019-6844 (A CWE-248: Uncaught Exception vulnerability exists in Modicon M580, Mo ...)
+	TODO: check
+CVE-2019-6843 (A CWE-248: Uncaught Exception vulnerability exists in Modicon M580, Mo ...)
+	TODO: check
+CVE-2019-6842 (A CWE-248: Uncaught Exception vulnerability exists in Modicon M580, Mo ...)
+	TODO: check
+CVE-2019-6841 (A CWE-248: Uncaught Exception vulnerability exists in Modicon M580, Mo ...)
+	TODO: check
 CVE-2019-6840 (A Format String: CWE-134 vulnerability exists in U.motion Server (MEG6 ...)
 	NOT-FOR-US: Schneider
 CVE-2019-6839 (An Improper Access Control: CWE-284 vulnerability exists in U.motion S ...)