automatic update

4 files changed, 92 insertions, 36 deletions

diff --git a/data/CVE/2010.list b/data/CVE/2010.list
index 93fab11d2f..96dbc2f9e1 100644
--- a/data/CVE/2010.list
+++ b/data/CVE/2010.list
@@ -1,3 +1,17 @@
+CVE-2010-5340 (IceWarp Webclient before 10.2.1 has XSS via an HTTP POST request: webm ...)
+	TODO: check
+CVE-2010-5339 (IceWarp Webclient before 10.2.1 has XSS via an HTTP POST request: webm ...)
+	TODO: check
+CVE-2010-5338 (IceWarp Webclient before 10.2.1 has XSS via an HTTP POST request: webm ...)
+	TODO: check
+CVE-2010-5337 (IceWarp Webclient before 10.2.1 has XSS via an HTTP POST request: webm ...)
+	TODO: check
+CVE-2010-5336 (IceWarp Webclient before 10.2.1 has XSS via an HTTP POST request: admi ...)
+	TODO: check
+CVE-2010-5335 (IceWarp Webclient before 10.2.1 has a directory traversal vulnerabilit ...)
+	TODO: check
+CVE-2010-5334 (IceWarp Webclient before 10.2.1 has a directory traversal vulnerabilit ...)
+	TODO: check
 CVE-2010-5333 (The web server in Integard Pro and Home before 2.0.0.9037 and 2.2.x be ...)
 	NOT-FOR-US: Integard
 CVE-2010-5332 (In the Linux kernel before 2.6.37, an out of bounds array access happe ...)
diff --git a/data/CVE/2015.list b/data/CVE/2015.list
index f8e6805b12..9a748730d4 100644
--- a/data/CVE/2015.list
+++ b/data/CVE/2015.list
@@ -1,3 +1,27 @@
+CVE-2015-9492 (The ThemeMakers SmartIT Premium Responsive theme through 2015-05-15 fo ...)
+	TODO: check
+CVE-2015-9491 (The ThemeMakers Blessing Premium Responsive theme through 2015-05-15 f ...)
+	TODO: check
+CVE-2015-9490 (The ThemeMakers GamesTheme Premium theme through 2015-05-15 for WordPr ...)
+	TODO: check
+CVE-2015-9489 (The ThemeMakers Goodnex Premium Responsive theme through 2015-05-15 fo ...)
+	TODO: check
+CVE-2015-9488 (The ThemeMakers Almera Responsive Portfolio Site Template component th ...)
+	TODO: check
+CVE-2015-9487 (The ThemeMakers Almera Responsive Portfolio theme through 2015-05-15 f ...)
+	TODO: check
+CVE-2015-9486 (The ThemeMakers Axioma Premium Responsive theme through 2015-05-15 for ...)
+	TODO: check
+CVE-2015-9485 (The ThemeMakers Accio Responsive Parallax One Page Site Template compo ...)
+	TODO: check
+CVE-2015-9484 (The ThemeMakers Accio One Page Parallax Responsive theme through 2015- ...)
+	TODO: check
+CVE-2015-9483 (The ThemeMakers Invento Responsive Gallery/Architecture Template compo ...)
+	TODO: check
+CVE-2015-9482 (The ThemeMakers Car Dealer / Auto Dealer Responsive theme through 2015 ...)
+	TODO: check
+CVE-2015-9481 (The ThemeMakers Diplomat | Political theme through 2015-05-15 for Word ...)
+	TODO: check
 CVE-2015-9480 (The RobotCPA plugin 5 for WordPress has directory traversal via the f. ...)
 	NOT-FOR-US: RobotCPA plugin for WordPress
 CVE-2015-9479 (The ACF-Frontend-Display plugin through 2015-07-03 for WordPress has a ...)
diff --git a/data/CVE/2018.list b/data/CVE/2018.list
index 9789979bf0..0ed9fa1147 100644
--- a/data/CVE/2018.list
+++ b/data/CVE/2018.list
@@ -1,3 +1,7 @@
+CVE-2018-21028
+	RESERVED
+CVE-2018-21027
+	RESERVED
 CVE-2018-21026
 	RESERVED
 CVE-2018-21025 (In Centreon VM through 19.04.3, centreon-backup.pl allows attackers to ...)
diff --git a/data/CVE/2019.list b/data/CVE/2019.list
index 8fdb414b00..ac3ceede95 100644
--- a/data/CVE/2019.list
+++ b/data/CVE/2019.list
@@ -1,3 +1,17 @@
+CVE-2019-17504 (An issue was discovered in Kirona Dynamic Resource Scheduling (DRS) 5. ...)
+	TODO: check
+CVE-2019-17503 (An issue was discovered in Kirona Dynamic Resource Scheduling (DRS) 5. ...)
+	TODO: check
+CVE-2019-17502
+	RESERVED
+CVE-2019-17501
+	RESERVED
+CVE-2019-17500
+	RESERVED
+CVE-2019-17499 (The setter.xml component of the Common Gateway Interface on Compal CH7 ...)
+	TODO: check
+CVE-2019-17498
+	RESERVED
 CVE-2019-17497 (Tracker PDF-XChange Editor before 8.0.330.0 has an NTLM SSO hash theft ...)
 	NOT-FOR-US: Tracker PDF-XChange Editor
 CVE-2019-17496 (Craft CMS before 3.3.8 has stored XSS via a name field. This field is  ...)
@@ -907,8 +921,8 @@ CVE-2019-17061
 	RESERVED
 CVE-2019-17060
 	RESERVED
-CVE-2019-17059
-	RESERVED
+CVE-2019-17059 (A shell injection vulnerability on the Sophos Cyberoam firewall applia ...)
+	TODO: check
 CVE-2019-17058
 	RESERVED
 CVE-2019-17057
@@ -6746,10 +6760,10 @@ CVE-2019-14572
 	RESERVED
 CVE-2019-14571
 	RESERVED
-CVE-2019-14570
-	RESERVED
-CVE-2019-14569
-	RESERVED
+CVE-2019-14570 (Memory corruption in system firmware for Intel(R) NUC may allow a priv ...)
+	TODO: check
+CVE-2019-14569 (Pointer corruption in system firmware for Intel(R) NUC may allow a pri ...)
+	TODO: check
 CVE-2019-14568
 	RESERVED
 CVE-2019-14567
@@ -6917,8 +6931,8 @@ CVE-2019-14511 (Sphinx Technologies Sphinx 3.1.1 by default has no authenticatio
 	NOTE: sphinxsearch should ideally update the defaults in sample configs to bind
 	NOTE: listeners to localhost.
 	NOTE: This is not treated as a vulnerability, subject to design choices for deployment
-CVE-2019-14510
-	RESERVED
+CVE-2019-14510 (An issue was discovered in Kaseya VSA RMM through 9.5.0.22. When using ...)
+	TODO: check
 CVE-2019-14509
 	RESERVED
 CVE-2019-14508
@@ -15539,8 +15553,8 @@ CVE-2019-11169
 	RESERVED
 CVE-2019-11168
 	RESERVED
-CVE-2019-11167
-	RESERVED
+CVE-2019-11167 (Improper file permission in software installer for Intel(R) Smart Conn ...)
+	TODO: check
 CVE-2019-11166 (Improper file permissions in the installer for Intel(R) Easy Streaming ...)
 	NOT-FOR-US: Intel
 CVE-2019-11165
@@ -15633,8 +15647,8 @@ CVE-2019-11122
 	RESERVED
 CVE-2019-11121
 	RESERVED
-CVE-2019-11120
-	RESERVED
+CVE-2019-11120 (Insufficient path checking in the installer for Intel(R) Active System ...)
+	TODO: check
 CVE-2019-11119 (Insufficient session validation in the service API for Intel(R) RWC3 v ...)
 	NOT-FOR-US: Intel
 CVE-2019-11118
@@ -28755,12 +28769,12 @@ CVE-2019-6337
 	RESERVED
 CVE-2019-6336
 	RESERVED
-CVE-2019-6335
-	RESERVED
+CVE-2019-6335 (A potential security vulnerability has been identified with Samsung La ...)
+	TODO: check
 CVE-2019-6334
 	RESERVED
-CVE-2019-6333
-	RESERVED
+CVE-2019-6333 (A potential security vulnerability has been identified with certain ve ...)
+	TODO: check
 CVE-2019-6332
 	RESERVED
 CVE-2019-6331
@@ -31031,7 +31045,7 @@ CVE-2019-5419 (There is a possible denial of service vulnerability in Action Vie
 	- rails 2:5.2.2.1+dfsg-1 (bug #924520)
 	[stretch] - rails 2:4.2.7.1-1+deb9u1
 	NOTE: https://www.openwall.com/lists/oss-security/2019/03/13/4
-CVE-2019-5418 (There is a File Content Disclosure vulnerability in Action View (Rails ...)
+CVE-2019-5418 (There is a File Content Disclosure vulnerability in Action View <5. ...)
 	{DLA-1739-1}
 	- rails 2:5.2.2.1+dfsg-1 (bug #924520)
 	[stretch] - rails 2:4.2.7.1-1+deb9u1
@@ -38015,8 +38029,8 @@ CVE-2019-2217
 	RESERVED
 CVE-2019-2216
 	RESERVED
-CVE-2019-2215
-	RESERVED
+CVE-2019-2215 (A use-after-free in binder.c allows an elevation of privilege from an  ...)
+	TODO: check
 CVE-2019-2214
 	RESERVED
 CVE-2019-2213
@@ -38071,16 +38085,16 @@ CVE-2019-2189 (In the Easel driver, there is possible memory corruption due to r
 	NOT-FOR-US: Android
 CVE-2019-2188 (In the Easel driver, there is possible memory corruption due to race c ...)
 	NOT-FOR-US: Android
-CVE-2019-2187
-	RESERVED
-CVE-2019-2186
-	RESERVED
-CVE-2019-2185
-	RESERVED
-CVE-2019-2184
-	RESERVED
-CVE-2019-2183
-	RESERVED
+CVE-2019-2187 (In nfc_ncif_decode_rf_params of nfc_ncif.cc, there is a possible out o ...)
+	TODO: check
+CVE-2019-2186 (In GetMBheader of combined_decode.cpp, there is a possible out of boun ...)
+	TODO: check
+CVE-2019-2185 (In VlcDequantH263IntraBlock_SH of vlc_dequant.cpp, there is a possible ...)
+	TODO: check
+CVE-2019-2184 (In PV_DecodePredictedIntraDC of dec_pred_intra_dc.cpp, there is a poss ...)
+	TODO: check
+CVE-2019-2183 (In generateServicesMap of RegisteredServicesCache.java, there is a pos ...)
+	TODO: check
 CVE-2019-2182 (In the Android kernel in the kernel MMU code there is a possible execu ...)
 	- linux 4.16.5-1
 	[jessie] - linux <not-affected> (Vulnerable code not present)
@@ -38110,8 +38124,8 @@ CVE-2019-2175 (In checkAccess of SliceManagerService.java in Android 9, there is
 	NOT-FOR-US: Android
 CVE-2019-2174 (In SensorManager::assertStateLocked of SensorManager.cpp in Android 7. ...)
 	NOT-FOR-US: Android
-CVE-2019-2173
-	RESERVED
+CVE-2019-2173 (In startActivityMayWait of ActivityStarter.java, there is a possible i ...)
+	TODO: check
 CVE-2019-2172 (In libxaac there is a possible information disclosure due to uninitial ...)
 	NOT-FOR-US: Android
 CVE-2019-2171 (In libxaac there is a possible information disclosure due to uninitial ...)
@@ -38228,16 +38242,16 @@ CVE-2019-2116 (In save_attr_seq of sdp_discovery.cc, there is a possible out-of-
 	NOT-FOR-US: Android
 CVE-2019-2115 (In GateKeeper::MintAuthToken of gatekeeper.cpp in Android 7.1.1, 7.1.2 ...)
 	NOT-FOR-US: Android
-CVE-2019-2114
-	RESERVED
+CVE-2019-2114 (In the default privileges of NFC, there is a possible local bypass of  ...)
+	TODO: check
 CVE-2019-2113 (In setup wizard there is a bypass of some checks when wifi connection  ...)
 	NOT-FOR-US: Android
 CVE-2019-2112 (In several functions of alarm.cc, there is possible memory corruption  ...)
 	NOT-FOR-US: Android
 CVE-2019-2111 (In loop of DnsTlsSocket.cpp, there is a possible heap memory corruptio ...)
 	NOT-FOR-US: Android
-CVE-2019-2110
-	RESERVED
+CVE-2019-2110 (In ScreenRotationAnimation of ScreenRotationAnimation.java, there is a ...)
+	TODO: check
 CVE-2019-2109 (In MakeMPEG4VideoCodecSpecificData of AVIExtractor.cpp, there is a pos ...)
 	NOT-FOR-US: Android media framework
 CVE-2019-2108 (In ihevcd_ref_list of ihevcd_ref_list.c in Android 10, there is a poss ...)
@@ -41788,7 +41802,7 @@ CVE-2019-0381 (A binary planting in SAP SQL Anywhere, before version 17.0, SAP I
 	NOT-FOR-US: SAP
 CVE-2019-0380 (Under certain conditions, SAP Landscape Management enterprise edition, ...)
 	NOT-FOR-US: SAP
-CVE-2019-0379 (In SAP NetWeaver Process Integration (AS2 Adapter), before versions 1. ...)
+CVE-2019-0379 (SAP Process Integration, business-to-business add-on, versions 1.0, 2. ...)
 	NOT-FOR-US: SAP
 CVE-2019-0378 (SAP BusinessObjects Business Intelligence Platform (Web Intelligence H ...)
 	NOT-FOR-US: SAP