automatic update

1 files changed, 44 insertions, 45 deletions

diff --git a/data/CVE/list b/data/CVE/list
index d2593857dc..407b27bad3 100644
--- a/data/CVE/list
+++ b/data/CVE/list
@@ -59,10 +59,10 @@ CVE-2020-11547 (PRTG Network Monitor before 20.1.57.1745 allows remote unauthent
 	NOT-FOR-US: PRTG Network Monitor
 CVE-2020-11546
 	RESERVED
-CVE-2020-11545
-	RESERVED
-CVE-2020-11544
-	RESERVED
+CVE-2020-11545 (Project Worlds Official Car Rental System 1 is vulnerable to multiple  ...)
+	TODO: check
+CVE-2020-11544 (An issue was discovered in Project Worlds Official Car Rental System 1 ...)
+	TODO: check
 CVE-2020-11543
 	RESERVED
 CVE-2020-11542 (3xLOGIC Infinias eIDC32 2.213 devices with Web 1.107 allow Authenticat ...)
@@ -135,8 +135,8 @@ CVE-2020-11509
 	RESERVED
 CVE-2020-11508
 	RESERVED
-CVE-2020-11507
-	RESERVED
+CVE-2020-11507 (An Untrusted Search Path vulnerability in Malwarebytes AdwCleaner 8.0. ...)
+	TODO: check
 CVE-2020-11506
 	RESERVED
 CVE-2020-11505
@@ -972,8 +972,7 @@ CVE-2020-11104 (An issue was discovered in USC iLab cereal through 1.3.0. Serial
 	NOT-FOR-US: USC iLab cereal
 CVE-2020-11103
 	RESERVED
-CVE-2020-11102 [tulip: OOB access in tulip_copy_tx_buffers]
-	RESERVED
+CVE-2020-11102 (hw/net/tulip.c in QEMU 4.2.0 has a buffer overflow during the copying  ...)
 	- qemu <unfixed>
 	- qemu-kvm <removed>
 	NOTE: https://www.openwall.com/lists/oss-security/2020/04/06/1
@@ -3084,14 +3083,14 @@ CVE-2020-10269
 	RESERVED
 CVE-2020-10268
 	RESERVED
-CVE-2020-10267
-	RESERVED
-CVE-2020-10266
-	RESERVED
-CVE-2020-10265
-	RESERVED
-CVE-2020-10264
-	RESERVED
+CVE-2020-10267 (Universal Robots control box CB 3.1 across firmware versions (tested o ...)
+	TODO: check
+CVE-2020-10266 (UR+ (Universal Robots+) is a platform of hardware and software compone ...)
+	TODO: check
+CVE-2020-10265 (Universal Robots Robot Controllers Version CB2 SW Version 1.4 upwards, ...)
+	TODO: check
+CVE-2020-10264 (CB3 SW Version 3.3 and upwards, e-series SW Version 5.0 and upwards al ...)
+	TODO: check
 CVE-2019-20509
 	REJECTED
 CVE-2020-10263
@@ -4844,7 +4843,7 @@ CVE-2020-9475
 CVE-2020-9474
 	RESERVED
 CVE-2020-9473
-	RESERVED
+	REJECTED
 CVE-2020-9472 (Umbraco CMS 8.5.3 allows an authenticated file upload (and consequentl ...)
 	NOT-FOR-US: Umbraco CMS
 CVE-2020-9471 (Umbraco Cloud 8.5.3 allows an authenticated file upload (and consequen ...)
@@ -8236,8 +8235,8 @@ CVE-2020-8006
 	RESERVED
 CVE-2020-8005
 	RESERVED
-CVE-2020-8004
-	RESERVED
+CVE-2020-8004 (STMicroelectronics STM32F1 devices have Incorrect Access Control. ...)
+	TODO: check
 CVE-2019-20433 (libaspell.a in GNU Aspell before 0.60.8 has a buffer over-read for a s ...)
 	- aspell 0.60.7-3 (bug #935128)
 	[buster] - aspell <no-dsa> (Minor issue)
@@ -9144,24 +9143,24 @@ CVE-2020-7641
 	RESERVED
 CVE-2020-7640
 	RESERVED
-CVE-2020-7639
-	RESERVED
-CVE-2020-7638
-	RESERVED
-CVE-2020-7637
-	RESERVED
-CVE-2020-7636
-	RESERVED
-CVE-2020-7635
-	RESERVED
-CVE-2020-7634
-	RESERVED
-CVE-2020-7633
-	RESERVED
-CVE-2020-7632
-	RESERVED
-CVE-2020-7631
-	RESERVED
+CVE-2020-7639 (eivindfjeldstad-dot below 1.0.3 is vulnerable to Prototype Pollution.T ...)
+	TODO: check
+CVE-2020-7638 (confinit through 0.3.0 is vulnerable to Prototype Pollution.The 'setDe ...)
+	TODO: check
+CVE-2020-7637 (class-transformer through 0.2.3 is vulnerable to Prototype Pollution.  ...)
+	TODO: check
+CVE-2020-7636 (adb-driver through 0.1.8 is vulnerable to Command Injection.It allows  ...)
+	TODO: check
+CVE-2020-7635 (compass-compile through 0.0.1 is vulnerable to Command Injection.It al ...)
+	TODO: check
+CVE-2020-7634 (heroku-addonpool through 0.1.15 is vulnerable to Command Injection. ...)
+	TODO: check
+CVE-2020-7633 (apiconnect-cli-plugins through 6.0.1 is vulnerable to Command Injectio ...)
+	TODO: check
+CVE-2020-7632 (node-mpv through 1.4.3 is vulnerable to Command Injection. It allows e ...)
+	TODO: check
+CVE-2020-7631 (diskusage-ng through 0.2.4 is vulnerable to Command Injection.It allow ...)
+	TODO: check
 CVE-2020-7630 (git-add-remote through 1.0.0 is vulnerable to Command Injection. It al ...)
 	NOT-FOR-US: git-add-remote node module
 CVE-2020-7629 (install-package through 0.4.0 is vulnerable to Command Injection. It a ...)
@@ -9178,8 +9177,8 @@ CVE-2020-7624 (effect through 1.0.4 is vulnerable to Command Injection. It allow
 	NOT-FOR-US: effect node module
 CVE-2020-7623 (jscover through 1.0.0 is vulnerable to Command Injection. It allows ex ...)
 	NOT-FOR-US: Node jscover
-CVE-2020-7622
-	RESERVED
+CVE-2020-7622 (All versions before 2.2.1 are vulnerable to HTTP Response Splitting. T ...)
+	TODO: check
 CVE-2020-7621 (strong-nginx-controller through 1.0.2 is vulnerable to Command Injecti ...)
 	NOT-FOR-US: Node strong-nginx-controller
 CVE-2020-7620 (pomelo-monitor through 0.3.7 is vulnerable to Command Injection.It all ...)
@@ -14471,8 +14470,8 @@ CVE-2020-5302
 	RESERVED
 CVE-2020-5301
 	RESERVED
-CVE-2020-5300
-	RESERVED
+CVE-2020-5300 (In Hydra (an OAuth2 Server and OpenID Certified&#8482; OpenID Connect  ...)
+	TODO: check
 CVE-2020-5299
 	RESERVED
 CVE-2020-5298
@@ -22015,8 +22014,8 @@ CVE-2019-19701
 	RESERVED
 CVE-2019-19700
 	RESERVED
-CVE-2019-19699
-	RESERVED
+CVE-2019-19699 (There is Authenticated remote code execution in Centreon Infrastructur ...)
+	TODO: check
 CVE-2019-19698 (marc-q libwav through 2017-04-20 has a NULL pointer dereference in wav ...)
 	NOT-FOR-US: libwav
 CVE-2019-19697 (An arbitrary code execution vulnerability exists in the Trend Micro Se ...)
@@ -24585,8 +24584,8 @@ CVE-2020-1730
 CVE-2020-1729
 	RESERVED
 	NOT-FOR-US: SmallRye Config
-CVE-2020-1728
-	RESERVED
+CVE-2020-1728 (A vulnerability was found in all versions of Keycloak where, the pages ...)
+	TODO: check
 CVE-2020-1727
 	RESERVED
 CVE-2020-1726 (A flaw was discovered in Podman where it incorrectly allows containers ...)