automatic update

1 files changed, 6 insertions, 8 deletions

diff --git a/data/CVE/2019.list b/data/CVE/2019.list
index 0914b7152b..626d806f48 100644
--- a/data/CVE/2019.list
+++ b/data/CVE/2019.list
@@ -15755,10 +15755,10 @@ CVE-2019-14759
 	RESERVED
 CVE-2019-14758
 	RESERVED
-CVE-2019-14757
-	RESERVED
-CVE-2019-14756
-	RESERVED
+CVE-2019-14757 (An issue was discovered in KaiOS 2.5 and 2.5.1. The pre-installed Cont ...)
+	TODO: check
+CVE-2019-14756 (An issue was discovered in KaiOS 1.0, 2.5, and 2.5.12.5. The pre-insta ...)
+	TODO: check
 CVE-2019-14755 (The profile photo upload feature in Leaf Admin 61.9.0212.10 f allows U ...)
 	NOT-FOR-US: Leaf Admin
 CVE-2019-14754 (Open-School 3.0, and Community Edition 2.3, allows SQL Injection via t ...)
@@ -52712,8 +52712,7 @@ CVE-2019-0235 (Apache OFBiz 17.12.01 is vulnerable to some CSRF attacks. ...)
 	NOT-FOR-US: Apache OFBiz
 CVE-2019-0234 (A Reflected Cross-site Scripting (XSS) vulnerability exists in Apache  ...)
 	NOT-FOR-US: Apache Roller
-CVE-2019-0233
-	RESERVED
+CVE-2019-0233 (An access permission override in Apache Struts 2.0.0 to 2.5.20 may cau ...)
 	- libstruts1.2-java <removed>
 CVE-2019-0232 (When running on Windows with enableCmdLineArguments enabled, the CGI S ...)
 	- tomcat9 <not-affected> (Windows-specific)
@@ -52721,8 +52720,7 @@ CVE-2019-0232 (When running on Windows with enableCmdLineArguments enabled, the
 	NOTE: https://codewhitesec.blogspot.com/2016/02/java-and-command-line-injections-in-windows.html
 CVE-2019-0231 (Handling of the close_notify SSL/TLS message does not lead to a connec ...)
 	NOT-FOR-US: Apache MINA
-CVE-2019-0230
-	RESERVED
+CVE-2019-0230 (Apache Struts 2.0.0 to 2.5.20 forced double OGNL evaluation, when eval ...)
 	- libstruts1.2-java <removed>
 CVE-2019-0229 (A number of HTTP endpoints in the Airflow webserver (both RBAC and cla ...)
 	- airflow <itp> (bug #819700)